FreeBSD Bugzilla – Attachment 15619 Details for
Bug 28885
[patch] enhance makekey to check/generate MD5 passwords
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 4.87 KB, created by
Gregory Bond
on 2001-07-11 01:30:02 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Gregory Bond
Created:
2001-07-11 01:30:02 UTC
Size:
4.87 KB
patch
obsolete
>Index: makekey/makekey.8 >=================================================================== >RCS file: /usr/ncvs/src/libexec/makekey/makekey.8,v >retrieving revision 1.9.2.1 >diff -u -r1.9.2.1 makekey.8 >--- makekey/makekey.8 2000/12/08 13:52:29 1.9.2.1 >+++ makekey/makekey.8 2001/07/11 00:09:05 >@@ -37,24 +37,97 @@ > .Os > .Sh NAME > .Nm makekey >-.Nd make encrypted keys or passwords >+.Nd make and check encrypted keys or passwords > .Sh SYNOPSIS > .Nm >+.Op Fl m | Fl d | Fl u >+.Op Fl p Ar password >+.Op Fl s Ar salt >+.Op Fl n > .Sh DESCRIPTION >-.Nm Makekey >-encrypts a key and salt which it reads from the standard input >-and writes the result to the standard output. >-The key is expected to be >-eight bytes; the salt is expected to be two bytes. >+When called with no arguments, >+.Nm >+runs in compatibility mode. It reads exactly 8 bytes of key and 2 >+bytes of salt from standard input, and produces exactly 13 bytes of >+DES encrypted password on standard out (with no trailing newline). >+.Pp >+When called with arguments, >+.Nm >+encrypts a password and prints it on standard >+output, followed by a newline. >+.Pp > See > .Xr crypt 3 > for more information on what characters the key and salt can contain > and how the encrypted value is calculated. >+.Sh OPTIONS >+.Bl -tag -width indent >+.It Fl m >+Encrypt the password using the MD5 password algorithm. >+.Pp >+.It Fl d >+Encrypt the password using the DES password algorithm (if available). >+.Pp >+.It Fl u >+Encrypt the password using the default algorithm as specified by the >+.Cm crypt_default >+entry in the >+.Pa /etc/auth.conf >+file. This is the default if neither >+.Fl m >+nor >+.Fl d >+are specified. >+.Pp >+.It Fl s Ar salt >+Use the supplied salt rather than a new randomly-generated salt. >+.Pp >+.It Fl n >+Rather than print the encrypted password on standard out, compare it >+to the version passed in via the >+.Fl s Ar salt >+argument, and exit with return status of 0 if they compare equal, else >+1. >+.Pp >+.It Fl p Ar password >+Use >+.Ar password >+as the plaintext password. If >+.Fl p >+is not specified, >+.Nm >+will prompt for a passord using the >+.Xr getpass 3 >+function. >+.Sh EXAMPLES >+.Bd -literal -offset indent >+$ makekey -p secret -m >+$1$V6VfDBZZ$GM2ZBo0c5bh1HG0etveAq. >+$ makekey -p secret -d -s 3D >+3DzkIA460ybsA >+$ makekey -p secret -s 3DzkIA460ybsA -n >+$ echo $? >+0 >+$ makekey -p wrong -s 3DzkIA460ybsA -n >+$ echo $? >+1 >+$ makekey -u >+Enter password: <password> >+l9hDu91z3G1rY >+$ >+.Ed >+.Sh FILES >+.Bl -tag -compact >+.It Pa /etc/auth.conf > .Sh SEE ALSO > .Xr login 1 , >-.Xr crypt 3 >+.Xr crypt 3 , >+.Xr getpass 3 , >+.Xr auth.conf 5 > .Sh HISTORY > A > .Nm > command appeared in > .At v7 . >+The handling of arguments was added in >+.Fx 4.4 . >Index: makekey/makekey.c >=================================================================== >RCS file: /usr/ncvs/src/libexec/makekey/makekey.c,v >retrieving revision 1.8 >diff -u -r1.8 makekey.c >--- makekey/makekey.c 1999/08/28 00:09:39 1.8 >+++ makekey/makekey.c 2001/07/10 23:31:33 >@@ -55,9 +55,111 @@ > #include <unistd.h> > > static void get __P((char *, int)); >+static void olddes __P((void)); >+static void usage __P((void)); > >+static char const saltchars[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."; >+ > int >-main() >+main(argc, argv) >+ int argc; >+ char *argv[]; >+{ >+ int c; >+ int opt_d = 0; >+ int opt_m = 0; >+ int opt_n = 0; >+ int opt_u = 0; >+ char *sp = 0; >+ char *pass = 0; >+ char salt[256]; >+ >+ if (argc == 1) >+ olddes(); >+ >+ while ((c = getopt(argc, argv, "dmnp:s:u")) != -1) { >+ switch (c) { >+ case 'd': >+ opt_d = 1; >+ break; >+ case 'm': >+ opt_m = 1; >+ break; >+ case 'n': >+ opt_n = 1; >+ break; >+ case 'p': >+ pass = optarg; >+ break; >+ case 's': >+ sp = optarg; >+ break; >+ case 'u': >+ opt_u = 1; >+ break; >+ case '?': >+ default: >+ warn("Unrecognised option %c\n", c); >+ usage(); >+ } >+ } >+ if (optind != argc) >+ usage(); >+ if (opt_m + opt_d + opt_u > 1) >+ usage(); >+ >+ if (sp) { >+ char *p, *q; >+ >+ for (p = sp, q = salt; *p; p++, q++) { >+ if (*p != '$' && strchr(saltchars, *p) == NULL) >+ errx(2, "Illegal character in salt"); >+ if (q >= salt + sizeof(salt)) >+ errx(2, "Salt too long"); >+ *q = *p; >+ } >+ *q = 0; >+ } else { >+ int i; >+ >+ srandomdev(); >+ >+ for (i = 0; i < 8; i++) >+ salt[i] = saltchars[random() % 64]; >+ salt[8] = 0; >+ } >+ >+ if (pass == 0) >+ pass = getpass("Enter password:"); >+ >+ if (opt_d || opt_m) >+ if (!crypt_set_format(opt_m ? "md5" : "des")) >+ warn("setting crypt(3) format"); >+ >+ if (opt_n) { >+ if (!sp) >+ errx(2, "No salt provided with -n"); >+ exit(strcmp(salt, crypt(pass, salt)) != 0); >+ } else { >+ printf("%s\n", crypt(pass, salt)); >+ exit(0); >+ } >+} >+ >+static void >+usage() >+{ >+ fprintf(stderr, "usage: makekey [-m|-d|-u] [-s salt] [-p passwd] [-n]\n"); >+ exit(1); >+} >+ >+/* >+ * Old behaviour for DES passwords >+ * read exactly 8 bytes of passwd and 2 bytes of salt and print the crypt >+ * output >+ */ >+static void >+olddes() > { > int len; > char *r, key[9], salt[3];
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=15619">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 28885
: 15619