1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
18
* htdbm.c: simple program for manipulating DBM
19
* password databases for the Apache HTTP server
21
* Contributed by Mladen Turk <mturk mappingsoft.com>
27
#include "apr_strings.h"
28
#include "apr_file_io.h"
29
#include "apr_file_info.h"
30
#include "apr_pools.h"
31
#include "apr_signal.h"
42
#if APR_HAVE_STRINGS_H
47
#if APR_CHARSET_EBCDIC
48
#include "apr_xlate.h"
49
#endif /*APR_CHARSET_EBCDIC*/
59
#if !APR_CHARSET_EBCDIC
62
#else /*APR_CHARSET_EBCDIC*/
65
#endif /*APR_CHARSET_EBCDIC*/
67
#define MAX_STRING_LEN 256
77
#define ERR_FILEPERM 1
79
#define ERR_PWMISMATCH 3
80
#define ERR_INTERRUPTED 4
81
#define ERR_OVERFLOW 5
86
typedef struct htdbm_t htdbm_t;
91
#if APR_CHARSET_EBCDIC
92
apr_xlate_t *to_ascii;
106
#define HTDBM_DELETE 1
107
#define HTDBM_VERIFY 2
109
#define HTDBM_NOFILE 4
110
#define HTDBM_STDIN 5
112
static void terminate(void)
120
static void htdbm_terminate(htdbm_t *htdbm)
123
apr_dbm_close(htdbm->dbm);
129
static void htdbm_interrupted(void)
132
fprintf(stderr, "htdbm Interrupted !\n");
133
exit(ERR_INTERRUPTED);
136
static apr_status_t htdbm_init(apr_pool_t **pool, htdbm_t **hdbm)
139
#if APR_CHARSET_EBCDIC
143
apr_pool_create( pool, NULL);
144
apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted);
146
(*hdbm) = (htdbm_t *)apr_pcalloc(*pool, sizeof(htdbm_t));
147
(*hdbm)->pool = *pool;
149
#if APR_CHARSET_EBCDIC
150
rv = apr_xlate_open(&((*hdbm)->to_ascii), "ISO-8859-1", APR_DEFAULT_CHARSET, (*hdbm)->pool);
152
fprintf(stderr, "apr_xlate_open(to ASCII)->%d\n", rv);
155
rv = apr_SHA1InitEBCDIC((*hdbm)->to_ascii);
157
fprintf(stderr, "apr_SHA1InitEBCDIC()->%d\n", rv);
160
rv = apr_MD5InitEBCDIC((*hdbm)->to_ascii);
162
fprintf(stderr, "apr_MD5InitEBCDIC()->%d\n", rv);
165
#endif /*APR_CHARSET_EBCDIC*/
167
/* Set MD5 as default */
168
(*hdbm)->alg = ALG_APMD5;
169
(*hdbm)->type = "default";
173
static apr_status_t htdbm_open(htdbm_t *htdbm)
176
return apr_dbm_open_ex(&htdbm->dbm, htdbm->type, htdbm->filename, APR_DBM_RWCREATE,
177
APR_OS_DEFAULT, htdbm->pool);
179
return apr_dbm_open_ex(&htdbm->dbm, htdbm->type, htdbm->filename,
180
htdbm->rdonly ? APR_DBM_READONLY : APR_DBM_READWRITE,
181
APR_OS_DEFAULT, htdbm->pool);
184
static apr_status_t htdbm_save(htdbm_t *htdbm, int *changed)
186
apr_datum_t key, val;
188
if (!htdbm->username)
191
key.dptr = htdbm->username;
192
key.dsize = strlen(htdbm->username);
193
if (apr_dbm_exists(htdbm->dbm, key))
196
val.dsize = strlen(htdbm->userpass);
198
val.dptr = htdbm->userpass;
200
val.dptr = apr_pstrcat(htdbm->pool, htdbm->userpass, ":",
201
htdbm->comment, NULL);
202
val.dsize += (strlen(htdbm->comment) + 1);
204
return apr_dbm_store(htdbm->dbm, key, val);
207
static apr_status_t htdbm_del(htdbm_t *htdbm)
211
key.dptr = htdbm->username;
212
key.dsize = strlen(htdbm->username);
213
if (!apr_dbm_exists(htdbm->dbm, key))
216
return apr_dbm_delete(htdbm->dbm, key);
219
static apr_status_t htdbm_verify(htdbm_t *htdbm)
221
apr_datum_t key, val;
222
char pwd[MAX_STRING_LEN] = {0};
225
key.dptr = htdbm->username;
226
key.dsize = strlen(htdbm->username);
227
if (!apr_dbm_exists(htdbm->dbm, key))
229
if (apr_dbm_fetch(htdbm->dbm, key, &val) != APR_SUCCESS)
231
rec = apr_pstrndup(htdbm->pool, val.dptr, val.dsize);
232
cmnt = strchr(rec, ':');
234
strncpy(pwd, rec, cmnt - rec);
237
return apr_password_validate(htdbm->userpass, pwd);
240
static apr_status_t htdbm_list(htdbm_t *htdbm)
243
apr_datum_t key, val;
245
char kb[MAX_STRING_LEN];
248
rv = apr_dbm_firstkey(htdbm->dbm, &key);
249
if (rv != APR_SUCCESS) {
250
fprintf(stderr, "Empty database -- %s\n", htdbm->filename);
253
rec = apr_pcalloc(htdbm->pool, HUGE_STRING_LEN);
255
fprintf(stderr, "Dumping records from database -- %s\n", htdbm->filename);
256
fprintf(stderr, " %-32sComment\n", "Username");
257
while (key.dptr != NULL) {
258
rv = apr_dbm_fetch(htdbm->dbm, key, &val);
259
if (rv != APR_SUCCESS) {
260
fprintf(stderr, "Failed getting data from %s\n", htdbm->filename);
263
strncpy(kb, key.dptr, key.dsize);
264
kb[key.dsize] = '\0';
265
fprintf(stderr, " %-32s", kb);
266
strncpy(rec, val.dptr, val.dsize);
267
rec[val.dsize] = '\0';
268
cmnt = strchr(rec, ':');
270
fprintf(stderr, "%s", cmnt + 1);
271
fprintf(stderr, "\n");
272
rv = apr_dbm_nextkey(htdbm->dbm, &key);
273
if (rv != APR_SUCCESS)
274
fprintf(stderr, "Failed getting NextKey\n");
278
fprintf(stderr, "Total #records : %d\n", i);
282
static void to64(char *s, unsigned long v, int n)
284
static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
285
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
288
*s++ = itoa64[v&0x3f];
293
static apr_status_t htdbm_make(htdbm_t *htdbm)
295
char cpw[MAX_STRING_LEN];
298
switch (htdbm->alg) {
300
/* XXX cpw >= 28 + strlen(sha1) chars - fixed len SHA */
301
apr_sha1_base64(htdbm->userpass,strlen(htdbm->userpass),cpw);
305
(void) srand((int) time((time_t *) NULL));
306
to64(&salt[0], rand(), 8);
308
apr_md5_encode((const char *)htdbm->userpass, (const char *)salt,
312
/* XXX this len limitation is not in sync with any HTTPd len. */
313
apr_cpystrn(cpw,htdbm->userpass,sizeof(cpw));
315
fprintf(stderr, "Warning: Plain text passwords aren't supported by the "
316
"server on this platform!\n");
321
(void) srand((int) time((time_t *) NULL));
322
to64(&salt[0], rand(), 8);
324
apr_cpystrn(cpw, (char *)crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
325
fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
330
htdbm->userpass = apr_pstrdup(htdbm->pool, cpw);
334
static apr_status_t htdbm_valid_username(htdbm_t *htdbm)
336
if (!htdbm->username || (strlen(htdbm->username) > 64) || (strlen(htdbm->username) < 1)) {
337
fprintf(stderr, "Invalid username length\n");
340
if (strchr(htdbm->username, ':')) {
341
fprintf(stderr, "Username contains invalid characters\n");
347
static void htdbm_usage(void)
351
#define CRYPT_OPTION "d"
353
#define CRYPT_OPTION ""
355
fprintf(stderr, "htdbm -- program for manipulating DBM password databases.\n\n");
356
fprintf(stderr, "Usage: htdbm [-cm"CRYPT_OPTION"pstvx] [-TDBTYPE] database username\n");
357
fprintf(stderr, " -b[cm"CRYPT_OPTION"ptsv] [-TDBTYPE] database username password\n");
358
fprintf(stderr, " -n[m"CRYPT_OPTION"pst] username\n");
359
fprintf(stderr, " -nb[m"CRYPT_OPTION"pst] username password\n");
360
fprintf(stderr, " -v[m"CRYPT_OPTION"ps] [-TDBTYPE] database username\n");
361
fprintf(stderr, " -vb[m"CRYPT_OPTION"ps] [-TDBTYPE] database username password\n");
362
fprintf(stderr, " -x[m"CRYPT_OPTION"ps] [-TDBTYPE] database username\n");
363
fprintf(stderr, " -l [-TDBTYPE] database\n");
364
fprintf(stderr, "Options:\n");
365
fprintf(stderr, " -b Use the password from the command line rather "
366
"than prompting for it.\n");
367
fprintf(stderr, " -c Create a new database.\n");
368
fprintf(stderr, " -n Don't update database; display results on stdout.\n");
369
fprintf(stderr, " -m Force MD5 encryption of the password (default).\n");
371
fprintf(stderr, " -d Force CRYPT encryption of the password (now deprecated).\n");
373
fprintf(stderr, " -p Do not encrypt the password (plaintext).\n");
374
fprintf(stderr, " -s Force SHA encryption of the password.\n");
375
fprintf(stderr, " -T DBM Type (SDBM|GDBM|DB|default).\n");
376
fprintf(stderr, " -l Display usernames from database on stdout.\n");
377
fprintf(stderr, " -t The last param is username comment.\n");
378
fprintf(stderr, " -v Verify the username/password.\n");
379
fprintf(stderr, " -x Remove the username record from database.\n");
385
int main(int argc, const char * const argv[])
390
char pwi[MAX_STRING_LEN];
391
char pwc[MAX_STRING_LEN];
392
char errbuf[MAX_STRING_LEN];
398
int pwd_supplied = 0;
400
int cmd = HTDBM_MAKE;
404
apr_app_initialize(&argc, &argv, NULL);
407
if ((rv = htdbm_init(&pool, &h)) != APR_SUCCESS) {
408
fprintf(stderr, "Unable to initialize htdbm terminating!\n");
409
apr_strerror(rv, errbuf, sizeof(errbuf));
413
* Preliminary check to make sure they provided at least
414
* three arguments, we'll do better argument checking as
415
* we parse the command line.
420
* Go through the argument list and pick out any options. They
421
* have to precede any other arguments.
423
for (i = 1; i < argc; i++) {
428
while (*++arg != '\0') {
455
h->type = apr_pstrdup(h->pool, ++arg);
458
--arg; /* so incrementing this in the loop with find a null */
489
* Make sure we still have exactly the right number of arguments left
490
* (the filename, the username, and possibly the password if -b was
493
if ((argc - i) != args_left)
499
h->filename = apr_pstrdup(h->pool, argv[i]);
500
if ((rv = htdbm_open(h)) != APR_SUCCESS) {
501
fprintf(stderr, "Error opening database %s\n", argv[i]);
502
apr_strerror(rv, errbuf, sizeof(errbuf));
503
fprintf(stderr,"%s\n",errbuf);
508
h->username = apr_pstrdup(pool, argv[i+1]);
509
if (htdbm_valid_username(h) != APR_SUCCESS)
513
h->userpass = apr_pstrdup(pool, argv[i+2]);
517
if (apr_password_get("Enter password : ", pwi, &l) != APR_SUCCESS) {
518
fprintf(stderr, "Password too long\n");
522
if (apr_password_get("Re-type password : ", pwc, &l) != APR_SUCCESS) {
523
fprintf(stderr, "Password too long\n");
526
if (strcmp(pwi, pwc) != 0) {
527
fprintf(stderr, "Password verification error\n");
528
exit(ERR_PWMISMATCH);
531
h->userpass = apr_pstrdup(pool, pwi);
533
if (need_cmnt && pwd_supplied)
534
h->comment = apr_pstrdup(pool, argv[i+3]);
536
h->comment = apr_pstrdup(pool, argv[i+2]);
540
if ((rv = htdbm_verify(h)) != APR_SUCCESS) {
541
if(rv == APR_ENOENT) {
542
fprintf(stderr, "The user '%s' could not be found in database\n", h->username);
546
fprintf(stderr, "Password mismatch for user '%s'\n", h->username);
547
exit(ERR_PWMISMATCH);
551
fprintf(stderr, "Password validated for user '%s'\n", h->username);
554
if (htdbm_del(h) != APR_SUCCESS) {
555
fprintf(stderr, "Cannot find user '%s' in database\n", h->username);
569
if (need_file && !h->rdonly) {
570
if ((rv = htdbm_save(h, &changed)) != APR_SUCCESS) {
571
apr_strerror(rv, errbuf, sizeof(errbuf));
574
fprintf(stdout, "Database %s %s.\n", h->filename,
575
h->create ? "created" : (changed ? "modified" : "updated"));
577
if (cmd == HTDBM_NOFILE) {
579
fprintf(stderr, "%s:%s\n", h->username, h->userpass);
582
fprintf(stderr, "%s:%s:%s\n", h->username, h->userpass,
588
return 0; /* Suppress compiler warning. */