htdigest.c revision 5df5e943f377522b19786f126097da3a7288e2f0
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb/* Licensed to the Apache Software Foundation (ASF) under one or more
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * contributor license agreements. See the NOTICE file distributed with
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * this work for additional information regarding copyright ownership.
bc8fd1b0b1afdf89b8d28eefa8cd74e26ba97986fielding * The ASF licenses this file to You under the Apache License, Version 2.0
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * (the "License"); you may not use this file except in compliance with
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * the License. You may obtain a copy of the License at
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * Unless required by applicable law or agreed to in writing, software
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * distributed under the License is distributed on an "AS IS" BASIS,
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * See the License for the specific language governing permissions and
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * limitations under the License.
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb/******************************************************************************
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb ******************************************************************************
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * NOTE! This program is not safe as a setuid executable! Do not make it
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb ******************************************************************************
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *****************************************************************************/
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * htdigest.c: simple program for manipulating digest passwd file for Apache
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb * by Alexei Kosut, based on htpasswd.c, by Rob McCool
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb#endif /* APR_CHARSET_EBCDIC */
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb int x = 0, y;
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb int i = 0;
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz /* we need 2 remaining bytes in buffer */
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz while (i < (n - 2) &&
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz ((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz /* First remaining byte potentially used here */
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb /* Second remaining byte used here */
4f9c22c4f27571d54197be9674e1fc0d528192aestriker s[i] = '\0';
4f9c22c4f27571d54197be9674e1fc0d528192aestriker for (x = 0; l[x]; x++)
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowestatic void add_password(const char *user, const char *realm, apr_file_t *f)
c2cf53a40a9814eb91db2cdf820f97d943f21628coar char string[3 * MAX_STRING_LEN]; /* this includes room for 2 * ':' + '\0' */
731344ed8f3677d1661c261ca5fcdd2ee3dbc74ccoar unsigned int i;
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe if (apr_password_get("New password: ", pwin, &len) != APR_SUCCESS) {
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe apr_password_get("Re-type new password: ", pwv, &len);
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe apr_file_printf(errfile, "They don't match, sorry.\n");
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe /* Do MD5 stuff */
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz apr_snprintf(string, sizeof(string), "%s:%s:%s", user, realm, pw);
2a6e98ba4ffa30ded5d8831664c5cb2a170a56b6coar apr_md5_update(&context, (unsigned char *) string, strlen(string));
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz for (i = 0; i < 16; i++)
4f9c22c4f27571d54197be9674e1fc0d528192aestrikerstatic void usage(void)
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe apr_file_printf(errfile, "Usage: htdigest [-c] passwordfile realm username\n");
731344ed8f3677d1661c261ca5fcdd2ee3dbc74ccoar apr_file_printf(errfile, "The -c flag creates a new file.\n");
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowestatic void interrupted(void)
4f9c22c4f27571d54197be9674e1fc0d528192aestrikerstatic void terminate(void)
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe apr_file_printf(errfile, "apr_xlate_open(): %pm (%d)\n",
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
c2cf53a40a9814eb91db2cdf820f97d943f21628coar apr_file_printf(errfile, "Adding password for %s in realm %s.\n",
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe if (apr_temp_dir_get((const char**)&dirname, cntxt) != APR_SUCCESS) {
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz apr_file_printf(errfile, "%s: could not determine temp dir\n",
4f9c22c4f27571d54197be9674e1fc0d528192aestriker if (apr_file_mktemp(&tfp, dirname, 0, cntxt) != APR_SUCCESS) {
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe apr_file_printf(errfile, "Could not open temp file %s.\n", dirname);
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe if (apr_file_open(&f, argv[1], APR_READ, APR_OS_DEFAULT, cntxt) != APR_SUCCESS) {
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz "Could not open passwd file %s for reading.\n", argv[1]);
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz apr_file_printf(errfile, "Use -c option to create new one.\n");
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe apr_file_printf(errfile, "Changing password for user %s in realm %s\n",
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz apr_file_printf(errfile, "Adding user %s in realm %s\n", user, realm);
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe /* The temporary file has all the data, just copy it to the new location.
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe if (apr_file_copy(dirname, argv[1], APR_FILE_SOURCE_PERMS, cntxt) !=
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe apr_file_printf(errfile, "%s: unable to update file %s\n",