aboutsummaryrefslogtreecommitdiff
path: root/toys/pending
diff options
context:
space:
mode:
Diffstat (limited to 'toys/pending')
-rw-r--r--toys/pending/mkpasswd.c83
1 files changed, 29 insertions, 54 deletions
diff --git a/toys/pending/mkpasswd.c b/toys/pending/mkpasswd.c
index a46c514c..4e6f063e 100644
--- a/toys/pending/mkpasswd.c
+++ b/toys/pending/mkpasswd.c
@@ -11,12 +11,12 @@ config MKPASSWD
bool "mkpasswd"
default n
help
- usage: mkpasswd [OPTIONS] [PASSWORD] [SALT]
+ usage: mkpasswd [-P FD] [-m TYPE] [-S SALT] [PASSWORD] [SALT]
Crypt PASSWORD using crypt(3)
- -P N Read password from fd N
- -m TYPE Encryption method, when TYPE='help', then show the methods available
+ -P FD Read password from file descriptor FD
+ -m TYPE Encryption method (des, md5, sha256, or sha512; default is des)
-S SALT
*/
@@ -29,74 +29,49 @@ GLOBALS(
char *salt;
)
-
-/*
- * validate the salt provided by user.
- * the allowed character set for salt is [./A-Za-z0-9]
- */
-static void is_salt_valid(char *salt)
-{
- regex_t rp;
- regmatch_t rm[1];
- char *regex = "[./A-Za-z0-9]*"; //salt REGEX
-
- xregcomp(&rp, regex, REG_NEWLINE);
-
- /* compare string against pattern -- remember that patterns
- are anchored to the beginning of the line */
- if (regexec(&rp, salt, 1, rm, 0) == 0 && rm[0].rm_so == 0
- && rm[0].rm_eo == strlen(salt))
- return;
-
- error_exit("salt should be in character set [./A-Za-z0-9]");
-}
-
void mkpasswd_main(void)
{
- int offset = 0;
char salt[MAX_SALT_LEN] = {0,};
+ int i;
- if (!(toys.optflags & FLAG_m)) TT.method = "des";
- else if (!strcmp(TT.method, "help")) {
- xprintf("Available encryption methods are:\n"
- " des\n md5\n sha256\n sha512\n");
- return;
+ if (!TT.method) TT.method = "des";
+ if (toys.optc == 2) {
+ if (TT.salt) error_exit("duplicate salt");
+ TT.salt = toys.optargs[1];
}
- // If arguments are there, then the second argument is Salt, can be NULL also
- if ((toys.optc == 2) && !(toys.optflags & FLAG_S)) TT.salt = toys.optargs[1];
- offset= get_salt(salt, TT.method);
- if (offset == -1) error_exit("unknown encryption method");
+ if (-1 == (i = get_salt(salt, TT.method))) error_exit("bad -m");
if (TT.salt) {
- is_salt_valid(TT.salt);
- snprintf(salt + offset, MAX_SALT_LEN - offset, "%s", TT.salt);
+ char *s = TT.salt;
+
+ // In C locale, isalnum() means [A-Za-Z0-0]
+ while (isalnum(*s) || *s == '.' || *s == '/') s++;
+ if (*s) error_exit("salt not in [./A-Za-z0-9]");
+
+ snprintf(salt+i, sizeof(salt)-i, "%s", TT.salt);
}
- if (toys.optflags & FLAG_P) {
- if (dup2(TT.pfd, STDIN_FILENO) == -1) perror_exit("fd");
+ // Because read_password() doesn't have an fd argument
+ if (TT.pfd) {
+ if (dup2(TT.pfd, 0) == -1) perror_exit("fd");
close(TT.pfd);
}
- if (!toys.optc) {
- if (isatty(STDIN_FILENO)) {
+ // If we haven't got a password on the command line, read it from tty or FD
+ if (!*toys.optargs) {
+ // Prompt and read interactively?
+ if (isatty(0)) {
if (read_password(toybuf, sizeof(toybuf), "Password: "))
perror_exit("password read failed");
} else {
- // read from the given FD
- int i = 0;
- while (1) {
- int ret = read(0, &toybuf[i], 1);
- if ( ret < 0 ) perror_exit("password read failed");
- else if (ret == 0 || toybuf[i] == '\n' || toybuf[i] == '\r' ||
- sizeof(toybuf) == i+1) {
- toybuf[i] = '\0';
- break;
- }
- i++;
+ for (i = 0; i<sizeof(toybuf)-1; i++) {
+ if (!xread(0, toybuf+i, 1)) break;
+ if (toybuf[i] == '\n' || toybuf[i] == '\r') break;
}
+ toybuf[i] = 0;
}
- } else snprintf(toybuf, sizeof(toybuf), "%s", toys.optargs[0]);
+ }
// encrypt & print the password
- xprintf("%s\n",crypt(toybuf, salt));
+ xprintf("%s\n",crypt(*toys.optargs ? *toys.optargs : toybuf, salt));
}