cvs commit: apache-1.3/src/support htpasswd.c
coar99/08/12 05:10:39 Modified:src/support htpasswd.c Log: Fix a typo and some line-wraps. (All cosmetic.) Revision ChangesPath 1.34 +8 -6 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- htpasswd.c1999/08/07 20:34:14 1.33 +++ htpasswd.c1999/08/12 12:10:38 1.34 @@ -242,15 +242,17 @@ .\n); fprintf(stderr, -d Force CRYPT encryption of the password #if (!(defined(WIN32) || defined(TPF))) - (default) + (default) #endif - .\n); + .\n); fprintf(stderr, -p Force NO encryption of the password.\n); fprintf(stderr, -s Force SHA encryption of the password.\n); -fprintf(stderr, -b Use the password from the command line rather ); -fprintf(stderr, than prompting for it.\n); -fprintf(stderr, On Windows and TPF systems the '-m' flag is used by default.\n); -fprintf(stderr, On all other systems, the '-p' will propably not work.\n); +fprintf(stderr, -b Use the password from the command line rather + than prompting for it.\n); +fprintf(stderr, + On Windows and TPF systems the '-m' flag is used by default.\n); +fprintf(stderr, + On all other systems, the '-p' flag will probably not work.\n); return ERR_SYNTAX; }
cvs commit: apache-1.3/src/support htpasswd.c
coar99/08/12 07:15:23 Modified:src/support htpasswd.c Log: 'Force NO encryption' alongside 'Force SHA' made it sound like NO was another algorithm. Revision ChangesPath 1.35 +1 -1 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- htpasswd.c1999/08/12 12:10:38 1.34 +++ htpasswd.c1999/08/12 14:15:22 1.35 @@ -245,7 +245,7 @@ (default) #endif .\n); -fprintf(stderr, -p Force NO encryption of the password.\n); +fprintf(stderr, -p Do not encrypt the password (plaintext).\n); fprintf(stderr, -s Force SHA encryption of the password.\n); fprintf(stderr, -b Use the password from the command line rather than prompting for it.\n);
cvs commit: apache-1.3/src/support htpasswd.c htpasswd.mak
randy 99/08/07 13:34:14
Modified:src ApacheCore.def
src/ap ap.mak
src/support htpasswd.c htpasswd.mak
Log:
Fix build on Win32
Revision ChangesPath
1.17 +1 -1 apache-1.3/src/ApacheCore.def
Index: ApacheCore.def
===
RCS file: /home/cvs/apache-1.3/src/ApacheCore.def,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- ApacheCore.def1999/07/29 17:53:43 1.16
+++ ApacheCore.def1999/08/07 20:34:03 1.17
@@ -343,4 +343,4 @@
ap_standalone @337
ap_server_confname @338
ap_sub_req_method_uri @339
-
+ ap_sha1_base64 @340
1.6 +86 -2 apache-1.3/src/ap/ap.mak
Index: ap.mak
===
RCS file: /home/cvs/apache-1.3/src/ap/ap.mak,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ap.mak1999/01/19 14:20:40 1.5
+++ ap.mak1999/08/07 20:34:09 1.6
@@ -50,6 +50,8 @@
[EMAIL PROTECTED] $(INTDIR)\ap_signal.obj
[EMAIL PROTECTED] $(INTDIR)\ap_slack.obj
[EMAIL PROTECTED] $(INTDIR)\ap_snprintf.obj
+ [EMAIL PROTECTED] $(INTDIR)\ap_sha1.obj
+ [EMAIL PROTECTED] $(INTDIR)\ap_checkpass.obj
[EMAIL PROTECTED] $(INTDIR)\vc50.idb
[EMAIL PROTECTED] $(OUTDIR)\ap.lib
@@ -104,7 +106,9 @@
$(INTDIR)\ap_md5c.obj \
$(INTDIR)\ap_signal.obj \
$(INTDIR)\ap_slack.obj \
- $(INTDIR)\ap_snprintf.obj
+ $(INTDIR)\ap_snprintf.obj \
+ $(INTDIR)\ap_sha1.obj \
+ $(INTDIR)\ap_checkpass.obj
$(OUTDIR)\ap.lib : $(OUTDIR) $(DEF_FILE) $(LIB32_OBJS)
$(LIB32) @
@@ -136,6 +140,8 @@
[EMAIL PROTECTED] $(INTDIR)\ap_signal.obj
[EMAIL PROTECTED] $(INTDIR)\ap_slack.obj
[EMAIL PROTECTED] $(INTDIR)\ap_snprintf.obj
+ [EMAIL PROTECTED] $(INTDIR)\ap_sha1.obj
+ [EMAIL PROTECTED] $(INTDIR)\ap_checkpass.obj
[EMAIL PROTECTED] $(INTDIR)\vc50.idb
[EMAIL PROTECTED] $(OUTDIR)\ap.lib
@@ -190,7 +196,9 @@
$(INTDIR)\ap_md5c.obj \
$(INTDIR)\ap_signal.obj \
$(INTDIR)\ap_slack.obj \
- $(INTDIR)\ap_snprintf.obj
+ $(INTDIR)\ap_snprintf.obj \
+ $(INTDIR)\ap_sha1.obj \
+ $(INTDIR)\ap_checkpass.obj
$(OUTDIR)\ap.lib : $(OUTDIR) $(DEF_FILE) $(LIB32_OBJS)
$(LIB32) @
@@ -480,6 +488,82 @@
!ENDIF
+
+SOURCE=.\ap_checkpass.c
+
+!IF $(CFG) == ap - Win32 Release
+
+DEP_CPP_AP_CH=\
+ ..\include\ap_config.h\
+ ..\include\ap_ctype.h\
+ ..\include\ap_mmn.h\
+ ..\include\hsregex.h\
+ ..\os\win32\os.h\
+ {$(INCLUDE)}sys\stat.h\
+ {$(INCLUDE)}sys\types.h\
+
+NODEP_CPP_AP_CH=\
+ ..\include\ap_config_auto.h\
+ ..\include\os.h\
+ .\ebcdic.h\
+
+
+$(INTDIR)\ap_checkpass.obj : $(SOURCE) $(DEP_CPP_AP_CH) $(INTDIR)
+
+
+!ELSEIF $(CFG) == ap - Win32 Debug
+
+DEP_CPP_AP_CH=\
+ ..\include\ap_config.h\
+ ..\include\ap_ctype.h\
+ ..\include\ap_mmn.h\
+ ..\include\hsregex.h\
+ ..\os\win32\os.h\
+
+
+$(INTDIR)\ap_checkpass.obj : $(SOURCE) $(DEP_CPP_AP_CH) $(INTDIR)
+
+
+!ENDIF
+
+SOURCE=.\ap_sha1.c
+
+!IF $(CFG) == ap - Win32 Release
+
+DEP_CPP_AP_SH=\
+ ..\include\ap_config.h\
+ ..\include\ap_ctype.h\
+ ..\include\ap_sha1.h\
+ ..\include\ap_mmn.h\
+ ..\include\hsregex.h\
+ ..\os\win32\os.h\
+ {$(INCLUDE)}sys\stat.h\
+ {$(INCLUDE)}sys\types.h\
+
+NODEP_CPP_AP_SH=\
+ ..\include\ap_config_auto.h\
+ ..\include\os.h\
+ .\ebcdic.h\
+
+
+$(INTDIR)\ap_sha1.obj : $(SOURCE) $(DEP_CPP_AP_SH) $(INTDIR)
+
+
+!ELSEIF $(CFG) == ap - Win32 Debug
+
+DEP_CPP_AP_SH=\
+ ..\include\ap_config.h\
+ ..\include\ap_ctype.h\
+ ..\include\ap_sha1.h\
+ ..\include\ap_mmn.h\
+ ..\include\hsregex.h\
+ ..\os\win32\os.h\
+
+
+$(INTDIR)\ap_sha1.obj : $(SOURCE) $(DEP_CPP_AP_SH) $(INTDIR)
+
+
+!ENDIF
!ENDIF
1.33 +2 -2 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- htpasswd.c1999/08/02 10:13:48 1.32
+++ htpasswd.c1999/08/07 20:34:14 1.33
@@ -181,7 +181,7 @@
return ERR_PWMISMATCH;
}
pw = pwin;
-bzero(pwv,sizeof(pwin));
+memset(pwv, '\0', sizeof(pwin));
}
switch (alg) {
@@ -213,7 +213,7 @@
ap_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1);
break;
}
-
cvs commit: apache-1.3/src/support htpasswd.c
coar99/05/31 10:10:19
Modified:src/support htpasswd.c
Log:
Oops. Too much Perl coding at the time, I guess. :-*
Revision ChangesPath
1.29 +2 -2 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- htpasswd.c1999/04/10 15:08:45 1.28
+++ htpasswd.c1999/05/31 17:10:19 1.29
@@ -431,8 +431,8 @@
/*
* Make sure we still have exactly the right number of arguments left
- # (the filename, the username, and possibly the password if -b was
- # specified).
+ * (the filename, the username, and possibly the password if -b was
+ * specified).
*/
if ((argc - i) != args_left) {
return usage();
cvs commit: apache-1.3/src/support htpasswd.c
coar99/04/09 20:46:00
Modified:src/support htpasswd.c
Log:
free() some malloc()ed memory on error exit -- and remove a
stray debugging message (d'oh!).
Revision ChangesPath
1.27 +2 -1 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- htpasswd.c1999/04/08 22:17:53 1.26
+++ htpasswd.c1999/04/10 03:45:59 1.27
@@ -244,6 +244,7 @@
pw = strd((char *) getpass(New password: ));
if (strcmp(pw, (char *) getpass(Re-type new password: ))) {
ap_cpystrn(record, password verification error, (rlen - 1));
+ free(pw);
return ERR_PWMISMATCH;
}
}
@@ -260,7 +261,7 @@
ap_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1);
break;
}
-fprintf(stderr, Yow!\n);
+
/*
* Now that we have the smashed password, we don't need the
* plaintext one any more.
cvs commit: apache-1.3/src/support htpasswd.c
coar99/04/08 13:56:44
Modified:src CHANGES
src/ap ap_md5c.c
src/include ap_md5.h
src/main http_core.c util_md5.c
src/support htpasswd.c
Log:
Passwords, as user input, may not be 7-bit ASCII -- so we need
to treat them as unsigned char*'s. No surprises there; this
just regularises the usage so we don't get compilation messages.
Revision ChangesPath
1.1300+4 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1299
retrieving revision 1.1300
diff -u -r1.1299 -r1.1300
--- CHANGES 1999/04/08 11:36:37 1.1299
+++ CHANGES 1999/04/08 20:56:34 1.1300
@@ -1,4 +1,8 @@
Changes with Apache 1.3.7
+ *) Correct the signed/unsigned character handling for the MD5 routines;
+ mismatches were causing compilation problems with gcc -pedantic and
+ in the TPF cross-compilation. [Ken Coar]
+
*) OS/2: Rework CGI handling to use spawn*() instead of fork/exec,
achieving
a roughly 5 fold speed up. [Brian Havard]
1.25 +35 -25apache-1.3/src/ap/ap_md5c.c
Index: ap_md5c.c
===
RCS file: /home/cvs/apache-1.3/src/ap/ap_md5c.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- ap_md5c.c 1999/03/25 16:43:21 1.24
+++ ap_md5c.c 1999/04/08 20:56:38 1.25
@@ -181,7 +181,7 @@
/* MD5 initialization. Begins an MD5 operation, writing a new context.
*/
-API_EXPORT(void) ap_MD5Init(AP_MD5_CTX * context)
+API_EXPORT(void) ap_MD5Init(AP_MD5_CTX *context)
{
context-count[0] = context-count[1] = 0;
/* Load magic initialization constants. */
@@ -195,8 +195,8 @@
operation, processing another message block, and updating the
context.
*/
-API_EXPORT(void) ap_MD5Update(AP_MD5_CTX * context, const unsigned char
*input,
-unsigned int inputLen)
+API_EXPORT(void) ap_MD5Update(AP_MD5_CTX *context, const unsigned char
*input,
+ unsigned int inputLen)
{
unsigned int i, idx, partLen;
@@ -204,8 +204,10 @@
idx = (unsigned int) ((context-count[0] 3) 0x3F);
/* Update number of bits */
-if ((context-count[0] += ((UINT4) inputLen 3)) ((UINT4) inputLen
3))
+if ((context-count[0] += ((UINT4) inputLen 3))
+ ((UINT4) inputLen 3)) {
context-count[1]++;
+}
context-count[1] += (UINT4) inputLen 29;
partLen = 64 - idx;
@@ -216,13 +218,15 @@
memcpy(context-buffer[idx], input, partLen);
MD5Transform(context-state, context-buffer);
- for (i = partLen; i + 63 inputLen; i += 64)
+ for (i = partLen; i + 63 inputLen; i += 64) {
MD5Transform(context-state, input[i]);
+ }
idx = 0;
}
-else
+else {
i = 0;
+}
/* Buffer remaining input */
memcpy(context-buffer[idx], input[i], inputLen - i);
@@ -239,8 +243,9 @@
idx = 0;
}
-else
+else {
i = 0;
+}
/* Buffer remaining input */
ebcdic2ascii_strictly(context-buffer[idx], input[i], inputLen - i);
@@ -250,7 +255,7 @@
/* MD5 finalization. Ends an MD5 message-digest operation, writing the
the message digest and zeroizing the context.
*/
-API_EXPORT(void) ap_MD5Final(unsigned char digest[16], AP_MD5_CTX * context)
+API_EXPORT(void) ap_MD5Final(unsigned char digest[16], AP_MD5_CTX *context)
{
unsigned char bits[8];
unsigned int idx, padLen;
@@ -277,10 +282,10 @@
/* Pad out to 56 mod 64. */
idx = (unsigned int) ((context-count[0] 3) 0x3f);
padLen = (idx 56) ? (56 - idx) : (120 - idx);
-ap_MD5Update(context, PADDING, padLen);
+ap_MD5Update(context, (const unsigned char *)PADDING, padLen);
/* Append length (before padding) */
-ap_MD5Update(context, bits, 8);
+ap_MD5Update(context, (const unsigned char *)bits, 8);
/* Store state in digest */
Encode(digest, context-state, 16);
@@ -429,7 +434,8 @@
}
}
-API_EXPORT(void) ap_MD5Encode(const char *pw, const char *salt,
+API_EXPORT(void) ap_MD5Encode(const unsigned char *pw,
+ const unsigned char *salt,
char *result, size_t nbytes)
{
/*
@@ -439,9 +445,11 @@
*/
char passwd[120], *p;
-const char *sp, *ep;
+const unsigned char *sp, *ep;
unsigned char final[16];
-int sl, pl, i;
+int i;
+unsigned int sl, pl;
+unsigned int pwlen;
AP_MD5_CTX ctx, ctx1;
unsigned long l;
@@ -455,7 +463,7 @@
/*
* If
cvs commit: apache-1.3/src/support htpasswd.c
lars99/03/19 13:20:49
Modified:src/support htpasswd.c
Log:
make functions static, fix missing prototype warning
Revision ChangesPath
1.24 +5 -5 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- htpasswd.c1999/03/10 20:58:23 1.23
+++ htpasswd.c1999/03/19 21:20:48 1.24
@@ -294,7 +294,7 @@
* Check to see if the specified file can be opened for the given
* access.
*/
-int accessible(char *fname, char *mode)
+static int accessible(char *fname, char *mode)
{
FILE *s;
@@ -309,7 +309,7 @@
/*
* Return true if a file is readable.
*/
-int readable(char *fname)
+static int readable(char *fname)
{
return accessible(fname, r);
}
@@ -317,7 +317,7 @@
/*
* Return true if the specified file can be opened for write access.
*/
-int writable(char *fname)
+static int writable(char *fname)
{
return accessible(fname, a);
}
@@ -325,7 +325,7 @@
/*
* Return true if the named file exists, regardless of permissions.
*/
-int exists(char *fname)
+static int exists(char *fname)
{
#ifdef WIN32
struct _stat sbuf;
@@ -346,7 +346,7 @@
* Copy from the current position of one file to the current position
* of another.
*/
-void copy_file(FILE *target, FILE *source)
+static void copy_file(FILE *target, FILE *source)
{
static char line[MAX_STRING_LEN];
cvs commit: apache-1.3/src/support htpasswd.c
coar99/03/10 12:36:47 Modified:src/support htpasswd.c Log: Add licence, change argumbnt handling to alway recognise '-' as a flag prefix, make a little easier to expand to other algorithms in the future, and change file handling. Previously a misspelt passphrase could destroy existing security data (i.e., '-c' would leave an empty file rather than whatever had been there before). Also distinguish between failure causes in the exit status. Revision ChangesPath 1.22 +374 -142 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- htpasswd.c1999/03/08 20:14:05 1.21 +++ htpasswd.c1999/03/10 20:36:46 1.22 @@ -1,3 +1,60 @@ +/* + * Copyright (c) 1995-1999 The Apache Group. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in + *the documentation and/or other materials provided with the + *distribution. + * + * 3. All advertising materials mentioning features or use of this + *software must display the following acknowledgment: + *This product includes software developed by the Apache Group + *for use in the Apache HTTP server project (http://www.apache.org/). + * + * 4. The names Apache Server and Apache Group must not be used to + *endorse or promote products derived from this software without + *prior written permission. For written permission, please contact + *[EMAIL PROTECTED] + * + * 5. Products derived from this software may not be called Apache + *nor may Apache appear in their names without prior written + *permission of the Apache Group. + * + * 6. Redistributions of any form whatsoever must retain the following + *acknowledgment: + *This product includes software developed by the Apache Group + *for use in the Apache HTTP server project (http://www.apache.org/). + * + * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Group and was originally based + * on public domain software written at the National Center for + * Supercomputing Applications, University of Illinois, Urbana-Champaign. + * For more information on the Apache Group and the Apache HTTP server + * project, please see http://www.apache.org/. + * + */ + /** ** * NOTE! This program is not safe as a setuid executable! Do not make it @@ -5,14 +62,23 @@ ** */ /* - * htpasswd.c: simple program for manipulating password file for NCSA httpd + * htpasswd.c: simple program for manipulating password file for + * the Apache HTTP server * - * Rob McCool + * Originally by Rob McCool + * + * Exit values: + * 0: Success + * 1: Failure; file permission problem + * 2: Failure; command line syntax problem (usage message issued) + * 3: Failure; password verification failure + * 4: Failure; operation interrupted (such as with CTRL/C) */ #include ap_config.h #include sys/types.h #include signal.h +#include
cvs commit: apache-1.3/src/support htpasswd.c
coar99/03/10 12:58:27
Modified:src/support htpasswd.c
Log:
Argh.. what happens when you've got too many patches going
at once..
Revision ChangesPath
1.23 +12 -9 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- htpasswd.c1999/03/10 20:36:46 1.22
+++ htpasswd.c1999/03/10 20:58:23 1.23
@@ -69,10 +69,12 @@
*
* Exit values:
* 0: Success
- * 1: Failure; file permission problem
+ * 1: Failure; file access/permission problem
* 2: Failure; command line syntax problem (usage message issued)
* 3: Failure; password verification failure
* 4: Failure; operation interrupted (such as with CTRL/C)
+ * 5: Failure; buffer would overflow (username, filename, or computed
+ * record too long)
*/
#include ap_config.h
@@ -104,6 +106,7 @@
#define ERR_SYNTAX 2
#define ERR_PWMISMATCH 3
#define ERR_INTERRUPTED 4
+#define ERR_OVERFLOW 5
/*
* This needs to be declared statically so the signal handler can
@@ -223,7 +226,7 @@
#endif
/*
- * Make a password record from the given information. A true return
+ * Make a password record from the given information. A zero return
* indicates success; failure means that the output buffer contains an
* error message instead.
*/
@@ -236,7 +239,7 @@
pw = strd((char *) getpass(New password: ));
if (strcmp(pw, (char *) getpass(Re-type new password: ))) {
ap_cpystrn(record, password verification error, (rlen - 1));
- return 0;
+ return ERR_PWMISMATCH;
}
(void) srand((int) time((time_t *) NULL));
to64(salt[0], rand(), 8);
@@ -261,12 +264,12 @@
*/
if ((strlen(user) + 1 + strlen(cpw)) (rlen - 1)) {
ap_cpystrn(record, resultant record too long, (rlen - 1));
- return 0;
+ return ERR_OVERFLOW;
}
strcpy(record, user);
strcat(record, :);
strcat(record, cpw);
-return 1;
+return 0;
}
static int usage(void)
@@ -413,12 +416,12 @@
}
if (strlen(argv[i]) (sizeof(pwfilename) - 1)) {
fprintf(stderr, %s: filename too long\n, argv[0]);
- return 1;
+ return ERR_OVERFLOW;
}
strcpy(pwfilename, argv[i]);
if (strlen(argv[i + 1]) (sizeof(user) - 1)) {
fprintf(stderr, %s: username too long\n, argv[0]);
- return 1;
+ return ERR_OVERFLOW;
}
strcpy(user, argv[i + 1]);
@@ -477,9 +480,9 @@
* Any error message text is returned in the record buffer, since
* the mkrecord() routine doesn't have access to argv[].
*/
-if (! mkrecord(user, record, sizeof(record) - 1, alg)) {
+if ((i = mkrecord(user, record, sizeof(record) - 1, alg)) != 0) {
fprintf(stderr, %s: %s\n, argv[0], record);
- exit(ERR_PWMISMATCH);
+ exit(i);
}
/*
cvs commit: apache-1.3/src/support htpasswd.c
stoddard99/03/08 12:14:06
Modified:src/support htpasswd.c
Log:
Fix for argument math in htpasswd.
Submitted by: Ryan Bloom
Revision ChangesPath
1.21 +17 -8 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- htpasswd.c1999/02/03 16:22:34 1.20
+++ htpasswd.c1999/03/08 20:14:05 1.21
@@ -214,6 +214,8 @@
int found;
int use_md5 = 0;
int newfile = 0;
+int currarg = 1;
+int filearg;
tn = NULL;
signal(SIGINT, (void (*)(int)) interrupted);
@@ -225,9 +227,6 @@
if (argc 3) {
usage();
}
-else {
-strcpy(filename, argv[argc - 2]);
-}
/* I would rather use getopt, but Windows and UNIX seem to handle getopt
* differently, so I am doing the argument checking by hand.
@@ -235,14 +234,24 @@
if (!strcmp(argv[1],-c) || !strcmp(argv[2],-c)) {
newfile = 1;
+currarg++;
}
if (!strcmp(argv[1],-m) || !strcmp(argv[2],-m)) {
use_md5 = 1;
+currarg++;
}
if (!strcmp(argv[1], -cm) || !strcmp(argv[2], -mc)) {
use_md5 = 1;
newfile = 1;
+currarg++;
+}
+
+strcpy(filename, argv[currarg]);
+filearg = currarg++;
+
+if (argc = filearg + 1) {
+usage();
}
#ifdef WIN32
@@ -258,8 +267,8 @@
perror(fopen);
exit(1);
}
- printf(Adding password for %s.\n, argv[argc-1]);
- add_password(argv[argc - 1], tfp, use_md5);
+ printf(Adding password for %s.\n, argv[currarg]);
+ add_password(argv[currarg], tfp, use_md5);
fclose(tfp);
return(0);
}
@@ -270,15 +279,15 @@
exit(1);
}
-if (!(f = fopen(argv[argc - 2], r+))) {
+if (!(f = fopen(argv[filearg], r+))) {
fprintf(stderr, Could not open password file %s for reading.\n,
-argv[argc - 2]);
+argv[filearg]);
fprintf(stderr, Use -c option to create a new one\n);
fclose(tfp);
unlink(tn);
exit(1);
}
-strcpy(user, argv[argc - 1]);
+strcpy(user, argv[currarg]);
found = 0;
while (!(getline(line, MAX_STRING_LEN, f))) {
cvs commit: apache-1.3/src/support htpasswd.c httpd.exp
coar99/02/03 08:22:34
Modified:.STATUS
src ApacheCore.def CHANGES
src/ap ap_md5c.c
src/include ap_md5.h ap_mmn.h
src/modules/standard mod_auth.c mod_auth_db.c mod_auth_dbm.c
src/support htpasswd.c httpd.exp
Log:
Rework the ap_MD5Encode() routine to use FreeBSD's algorithm
and a private significator ($apr1); also make it reentrant.
Abstract the password checking into a new routine,
ap_validate_password(plaintext, hashed), and modify mod_auth*.c
to use it instead of each doing the algorithm check.
Obtained from:FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c (MD5)
Revision ChangesPath
1.610 +1 -2 apache-1.3/STATUS
Index: STATUS
===
RCS file: /home/cvs/apache-1.3/STATUS,v
retrieving revision 1.609
retrieving revision 1.610
diff -u -r1.609 -r1.610
--- STATUS1999/02/02 16:15:50 1.609
+++ STATUS1999/02/03 16:22:25 1.610
@@ -1,5 +1,5 @@
1.3 STATUS:
- Last modified at [$Date: 1999/02/02 16:15:50 $]
+ Last modified at [$Date: 1999/02/03 16:22:25 $]
Release:
@@ -15,7 +15,6 @@
RELEASE SHOWSTOPPERS:
-* md5 passwd stuff incompatible with FreeBSD implementation.
RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
1.9 +1 -0 apache-1.3/src/ApacheCore.def
Index: ApacheCore.def
===
RCS file: /home/cvs/apache-1.3/src/ApacheCore.def,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- ApacheCore.def1999/01/29 14:28:53 1.8
+++ ApacheCore.def1999/02/03 16:22:27 1.9
@@ -326,4 +326,5 @@
ap_os_is_filename_valid @319
ap_find_opaque_token @320
ap_MD5Encode @321
+ ap_validate_password @322
1.1229+5 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1228
retrieving revision 1.1229
diff -u -r1.1228 -r1.1229
--- CHANGES 1999/01/30 19:19:23 1.1228
+++ CHANGES 1999/02/03 16:22:28 1.1229
@@ -1,5 +1,10 @@
Changes with Apache 1.3.5
+ *) Rework the MD5 authentication scheme to use FreeBSD's algorithm,
+ and use a private significator ('$apr1$') to mark passwords as
+ being smashed with our own algorithm. Also abstract the password
+ checking into a new ap_validate_password() routine. [Ken Coar]
+
*) Win32: The filename validity checker now allows COM but refuses
access to COM1 through COM4. This allows filenames such
as com.name to be served. [Paul Sutton] PR#3769.
1.19 +217 -43 apache-1.3/src/ap/ap_md5c.c
Index: ap_md5c.c
===
RCS file: /home/cvs/apache-1.3/src/ap/ap_md5c.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- ap_md5c.c 1999/01/25 22:55:36 1.18
+++ ap_md5c.c 1999/02/03 16:22:30 1.19
@@ -88,6 +88,17 @@
*
*/
+/*
+ * The ap_MD5Encode() routine uses much code obtained from the FreeBSD 3.0
+ * MD5 crypt() function, which is licenced as follows:
+ *
+ * THE BEER-WARE LICENSE (Revision 42):
+ * [EMAIL PROTECTED] wrote this file. As long as you retain this notice
you
+ * can do whatever you want with this stuff. If we meet some day, and you
think
+ * this stuff is worth it, you can buy me a beer in return. Poul-Henning
Kamp
+ *
+ */
+
#include string.h
#include ap_config.h
@@ -381,7 +392,7 @@
}
/* Decodes input (unsigned char) into output (UINT4). Assumes len is
- a multiple of 4.
+ * a multiple of 4.
*/
static void Decode(UINT4 *output, const unsigned char *input, unsigned int
len)
{
@@ -391,47 +402,210 @@
output[i] = ((UINT4) input[j]) | (((UINT4) input[j + 1]) 8) |
(((UINT4) input[j + 2]) 16) | (((UINT4) input[j + 3]) 24);
}
+
+/*
+ * Define the Magic String prefix that identifies a password as being
+ * hashed using our algorithm.
+ */
+static const char *apr1_id = $apr1$;
+
+/*
+ * The following MD5 password encryption code was largely borrowed from
+ * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is
+ * licenced as stated at the top of this file.
+ */
+
+static void to64 __P((char *, unsigned long, int));
+
+static void to64(char *s, unsigned long v, int n)
+{
+static void to64 __P((char *, unsigned long, int));
+static unsigned char
cvs commit: apache-1.3/src/support htpasswd.c
dgaudet 98/06/04 13:28:31
Modified:src CHANGES
src/support htpasswd.c
Log:
remove the system() call...
PR: 2332
Submitted by: M.D.Parker [EMAIL PROTECTED]
Revision ChangesPath
1.886 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.885
retrieving revision 1.886
diff -u -r1.885 -r1.886
--- CHANGES 1998/06/04 20:13:11 1.885
+++ CHANGES 1998/06/04 20:28:29 1.886
@@ -1,5 +1,8 @@
Changes with Apache 1.3.1
+ *) Remove the system() call from htpasswd.c, which eliminates a system
+ dependancy. [M.D.Parker [EMAIL PROTECTED]] PR#2332
+
*) PORT: Fix compilation failures on NEXTSTEP.
[Rex Dieter [EMAIL PROTECTED]] PR#2293, 2316
1.16 +13 -9 apache-1.3/src/support/htpasswd.c
Index: htpasswd.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- htpasswd.c1998/04/21 20:14:06 1.15
+++ htpasswd.c1998/06/04 20:28:31 1.16
@@ -161,7 +161,7 @@
if (argc == 4) {
if (strcmp(argv[1], -c))
usage();
- if (!(tfp = fopen(argv[2], w))) {
+ if (!(tfp = fopen(argv[2], w+))) {
fprintf(stderr, Could not open passwd file %s for writing.\n,
argv[2]);
perror(fopen);
@@ -176,12 +176,12 @@
usage();
tn = tmpnam(NULL);
-if (!(tfp = fopen(tn, w))) {
+if (!(tfp = fopen(tn, w+))) {
fprintf(stderr, Could not open temp file.\n);
exit(1);
}
-if (!(f = fopen(argv[1], r))) {
+if (!(f = fopen(argv[1], r+))) {
fprintf(stderr,
Could not open passwd file %s for reading.\n, argv[1]);
fprintf(stderr, Use -c option to create new one.\n);
@@ -211,14 +211,18 @@
printf(Adding user %s\n, user);
add_password(user, tfp);
}
+/*
+* make a copy from the tmp file to the actual file
+*/
+rewind(f);
+rewind(tfp);
+while ( fgets(command,MAX_STRING_LEN,tfp) != NULL)
+{
+fputs(command,f);
+}
+
fclose(f);
fclose(tfp);
-#if defined(__EMX__) || defined(WIN32)
-sprintf(command, copy \%s\ \%s\, tn, argv[1]);
-#else
-sprintf(command, cp %s %s, tn, argv[1]);
-#endif
-system(command);
unlink(tn);
exit(0);
}
cvs commit: apache-1.3/src/support htpasswd.c
marc98/03/17 16:58:35 Modified:src/support htpasswd.c Log: Why should we include sys/signal.h? That is bogus. Also, explicitly cast crypt() return to char*. We should include the right header file (ie. crypt.h), but that is painful right now. These both follow existing practice in other parts of the code. Revision ChangesPath 1.13 +1 -5 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- htpasswd.c1998/03/13 21:52:30 1.12 +++ htpasswd.c1998/03/18 00:58:34 1.13 @@ -13,11 +13,7 @@ #include sys/types.h #include stdio.h #include string.h -#ifdef MPE #include signal.h -#else -#include sys/signal.h -#endif #include stdlib.h #include time.h #include unistd.h @@ -134,7 +130,7 @@ (void) srand((int) time((time_t *) NULL)); to64(salt[0], rand(), 2); salt[2] = '\0'; -cpw = crypt(pw, salt); +cpw = (char *)crypt(pw, salt); free(pw); fprintf(f, %s:%s\n, user, cpw); }
cvs commit: apache-1.3/src/support htpasswd.c
marc98/03/13 13:52:31 Modified:src/support htpasswd.c Log: Properly terminate the salt. PR: 1946 Submitted by: Matthew Reimer [EMAIL PROTECTED] Revision ChangesPath 1.12 +1 -0 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- htpasswd.c1998/02/22 21:39:34 1.11 +++ htpasswd.c1998/03/13 21:52:30 1.12 @@ -133,6 +133,7 @@ } (void) srand((int) time((time_t *) NULL)); to64(salt[0], rand(), 2); +salt[2] = '\0'; cpw = crypt(pw, salt); free(pw); fprintf(f, %s:%s\n, user, cpw);
cvs commit: apache-1.3/src/support htpasswd.c
martin 98/02/22 13:39:35 Modified:src/support htpasswd.c Log: [Port]: minor changes to ease EBCDIC port Revision ChangesPath 1.11 +5 -0 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.10 retrieving revision 1.11 diff -u -u -r1.10 -r1.11 --- htpasswd.c1998/01/21 22:05:45 1.10 +++ htpasswd.c1998/02/22 21:39:34 1.11 @@ -22,8 +22,13 @@ #include time.h #include unistd.h +#ifndef CHARSET_EBCDIC #define LF 10 #define CR 13 +#else /*CHARSET_EBCDIC*/ +#define LF '\n' +#define CR '\r' +#endif /*CHARSET_EBCDIC*/ #define MAX_STRING_LEN 256
