cvs commit: apache-1.3/src/support htpasswd.c
coar99/08/12 05:10:39 Modified:src/support htpasswd.c Log: Fix a typo and some line-wraps. (All cosmetic.) Revision ChangesPath 1.34 +8 -6 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- htpasswd.c1999/08/07 20:34:14 1.33 +++ htpasswd.c1999/08/12 12:10:38 1.34 @@ -242,15 +242,17 @@ .\n); fprintf(stderr, -d Force CRYPT encryption of the password #if (!(defined(WIN32) || defined(TPF))) - (default) + (default) #endif - .\n); + .\n); fprintf(stderr, -p Force NO encryption of the password.\n); fprintf(stderr, -s Force SHA encryption of the password.\n); -fprintf(stderr, -b Use the password from the command line rather ); -fprintf(stderr, than prompting for it.\n); -fprintf(stderr, On Windows and TPF systems the '-m' flag is used by default.\n); -fprintf(stderr, On all other systems, the '-p' will propably not work.\n); +fprintf(stderr, -b Use the password from the command line rather + than prompting for it.\n); +fprintf(stderr, + On Windows and TPF systems the '-m' flag is used by default.\n); +fprintf(stderr, + On all other systems, the '-p' flag will probably not work.\n); return ERR_SYNTAX; }
cvs commit: apache-1.3/src/support htpasswd.c
coar99/08/12 07:15:23 Modified:src/support htpasswd.c Log: 'Force NO encryption' alongside 'Force SHA' made it sound like NO was another algorithm. Revision ChangesPath 1.35 +1 -1 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- htpasswd.c1999/08/12 12:10:38 1.34 +++ htpasswd.c1999/08/12 14:15:22 1.35 @@ -245,7 +245,7 @@ (default) #endif .\n); -fprintf(stderr, -p Force NO encryption of the password.\n); +fprintf(stderr, -p Do not encrypt the password (plaintext).\n); fprintf(stderr, -s Force SHA encryption of the password.\n); fprintf(stderr, -b Use the password from the command line rather than prompting for it.\n);
cvs commit: apache-1.3/src/support htpasswd.c htpasswd.mak
randy 99/08/07 13:34:14 Modified:src ApacheCore.def src/ap ap.mak src/support htpasswd.c htpasswd.mak Log: Fix build on Win32 Revision ChangesPath 1.17 +1 -1 apache-1.3/src/ApacheCore.def Index: ApacheCore.def === RCS file: /home/cvs/apache-1.3/src/ApacheCore.def,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- ApacheCore.def1999/07/29 17:53:43 1.16 +++ ApacheCore.def1999/08/07 20:34:03 1.17 @@ -343,4 +343,4 @@ ap_standalone @337 ap_server_confname @338 ap_sub_req_method_uri @339 - + ap_sha1_base64 @340 1.6 +86 -2 apache-1.3/src/ap/ap.mak Index: ap.mak === RCS file: /home/cvs/apache-1.3/src/ap/ap.mak,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- ap.mak1999/01/19 14:20:40 1.5 +++ ap.mak1999/08/07 20:34:09 1.6 @@ -50,6 +50,8 @@ [EMAIL PROTECTED] $(INTDIR)\ap_signal.obj [EMAIL PROTECTED] $(INTDIR)\ap_slack.obj [EMAIL PROTECTED] $(INTDIR)\ap_snprintf.obj + [EMAIL PROTECTED] $(INTDIR)\ap_sha1.obj + [EMAIL PROTECTED] $(INTDIR)\ap_checkpass.obj [EMAIL PROTECTED] $(INTDIR)\vc50.idb [EMAIL PROTECTED] $(OUTDIR)\ap.lib @@ -104,7 +106,9 @@ $(INTDIR)\ap_md5c.obj \ $(INTDIR)\ap_signal.obj \ $(INTDIR)\ap_slack.obj \ - $(INTDIR)\ap_snprintf.obj + $(INTDIR)\ap_snprintf.obj \ + $(INTDIR)\ap_sha1.obj \ + $(INTDIR)\ap_checkpass.obj $(OUTDIR)\ap.lib : $(OUTDIR) $(DEF_FILE) $(LIB32_OBJS) $(LIB32) @ @@ -136,6 +140,8 @@ [EMAIL PROTECTED] $(INTDIR)\ap_signal.obj [EMAIL PROTECTED] $(INTDIR)\ap_slack.obj [EMAIL PROTECTED] $(INTDIR)\ap_snprintf.obj + [EMAIL PROTECTED] $(INTDIR)\ap_sha1.obj + [EMAIL PROTECTED] $(INTDIR)\ap_checkpass.obj [EMAIL PROTECTED] $(INTDIR)\vc50.idb [EMAIL PROTECTED] $(OUTDIR)\ap.lib @@ -190,7 +196,9 @@ $(INTDIR)\ap_md5c.obj \ $(INTDIR)\ap_signal.obj \ $(INTDIR)\ap_slack.obj \ - $(INTDIR)\ap_snprintf.obj + $(INTDIR)\ap_snprintf.obj \ + $(INTDIR)\ap_sha1.obj \ + $(INTDIR)\ap_checkpass.obj $(OUTDIR)\ap.lib : $(OUTDIR) $(DEF_FILE) $(LIB32_OBJS) $(LIB32) @ @@ -480,6 +488,82 @@ !ENDIF + +SOURCE=.\ap_checkpass.c + +!IF $(CFG) == ap - Win32 Release + +DEP_CPP_AP_CH=\ + ..\include\ap_config.h\ + ..\include\ap_ctype.h\ + ..\include\ap_mmn.h\ + ..\include\hsregex.h\ + ..\os\win32\os.h\ + {$(INCLUDE)}sys\stat.h\ + {$(INCLUDE)}sys\types.h\ + +NODEP_CPP_AP_CH=\ + ..\include\ap_config_auto.h\ + ..\include\os.h\ + .\ebcdic.h\ + + +$(INTDIR)\ap_checkpass.obj : $(SOURCE) $(DEP_CPP_AP_CH) $(INTDIR) + + +!ELSEIF $(CFG) == ap - Win32 Debug + +DEP_CPP_AP_CH=\ + ..\include\ap_config.h\ + ..\include\ap_ctype.h\ + ..\include\ap_mmn.h\ + ..\include\hsregex.h\ + ..\os\win32\os.h\ + + +$(INTDIR)\ap_checkpass.obj : $(SOURCE) $(DEP_CPP_AP_CH) $(INTDIR) + + +!ENDIF + +SOURCE=.\ap_sha1.c + +!IF $(CFG) == ap - Win32 Release + +DEP_CPP_AP_SH=\ + ..\include\ap_config.h\ + ..\include\ap_ctype.h\ + ..\include\ap_sha1.h\ + ..\include\ap_mmn.h\ + ..\include\hsregex.h\ + ..\os\win32\os.h\ + {$(INCLUDE)}sys\stat.h\ + {$(INCLUDE)}sys\types.h\ + +NODEP_CPP_AP_SH=\ + ..\include\ap_config_auto.h\ + ..\include\os.h\ + .\ebcdic.h\ + + +$(INTDIR)\ap_sha1.obj : $(SOURCE) $(DEP_CPP_AP_SH) $(INTDIR) + + +!ELSEIF $(CFG) == ap - Win32 Debug + +DEP_CPP_AP_SH=\ + ..\include\ap_config.h\ + ..\include\ap_ctype.h\ + ..\include\ap_sha1.h\ + ..\include\ap_mmn.h\ + ..\include\hsregex.h\ + ..\os\win32\os.h\ + + +$(INTDIR)\ap_sha1.obj : $(SOURCE) $(DEP_CPP_AP_SH) $(INTDIR) + + +!ENDIF !ENDIF 1.33 +2 -2 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- htpasswd.c1999/08/02 10:13:48 1.32 +++ htpasswd.c1999/08/07 20:34:14 1.33 @@ -181,7 +181,7 @@ return ERR_PWMISMATCH; } pw = pwin; -bzero(pwv,sizeof(pwin)); +memset(pwv, '\0', sizeof(pwin)); } switch (alg) { @@ -213,7 +213,7 @@ ap_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1); break; } -
cvs commit: apache-1.3/src/support htpasswd.c
coar99/05/31 10:10:19 Modified:src/support htpasswd.c Log: Oops. Too much Perl coding at the time, I guess. :-* Revision ChangesPath 1.29 +2 -2 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.28 retrieving revision 1.29 diff -u -r1.28 -r1.29 --- htpasswd.c1999/04/10 15:08:45 1.28 +++ htpasswd.c1999/05/31 17:10:19 1.29 @@ -431,8 +431,8 @@ /* * Make sure we still have exactly the right number of arguments left - # (the filename, the username, and possibly the password if -b was - # specified). + * (the filename, the username, and possibly the password if -b was + * specified). */ if ((argc - i) != args_left) { return usage();
cvs commit: apache-1.3/src/support htpasswd.c
coar99/04/09 20:46:00 Modified:src/support htpasswd.c Log: free() some malloc()ed memory on error exit -- and remove a stray debugging message (d'oh!). Revision ChangesPath 1.27 +2 -1 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.26 retrieving revision 1.27 diff -u -r1.26 -r1.27 --- htpasswd.c1999/04/08 22:17:53 1.26 +++ htpasswd.c1999/04/10 03:45:59 1.27 @@ -244,6 +244,7 @@ pw = strd((char *) getpass(New password: )); if (strcmp(pw, (char *) getpass(Re-type new password: ))) { ap_cpystrn(record, password verification error, (rlen - 1)); + free(pw); return ERR_PWMISMATCH; } } @@ -260,7 +261,7 @@ ap_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1); break; } -fprintf(stderr, Yow!\n); + /* * Now that we have the smashed password, we don't need the * plaintext one any more.
cvs commit: apache-1.3/src/support htpasswd.c
coar99/04/08 13:56:44 Modified:src CHANGES src/ap ap_md5c.c src/include ap_md5.h src/main http_core.c util_md5.c src/support htpasswd.c Log: Passwords, as user input, may not be 7-bit ASCII -- so we need to treat them as unsigned char*'s. No surprises there; this just regularises the usage so we don't get compilation messages. Revision ChangesPath 1.1300+4 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1299 retrieving revision 1.1300 diff -u -r1.1299 -r1.1300 --- CHANGES 1999/04/08 11:36:37 1.1299 +++ CHANGES 1999/04/08 20:56:34 1.1300 @@ -1,4 +1,8 @@ Changes with Apache 1.3.7 + *) Correct the signed/unsigned character handling for the MD5 routines; + mismatches were causing compilation problems with gcc -pedantic and + in the TPF cross-compilation. [Ken Coar] + *) OS/2: Rework CGI handling to use spawn*() instead of fork/exec, achieving a roughly 5 fold speed up. [Brian Havard] 1.25 +35 -25apache-1.3/src/ap/ap_md5c.c Index: ap_md5c.c === RCS file: /home/cvs/apache-1.3/src/ap/ap_md5c.c,v retrieving revision 1.24 retrieving revision 1.25 diff -u -r1.24 -r1.25 --- ap_md5c.c 1999/03/25 16:43:21 1.24 +++ ap_md5c.c 1999/04/08 20:56:38 1.25 @@ -181,7 +181,7 @@ /* MD5 initialization. Begins an MD5 operation, writing a new context. */ -API_EXPORT(void) ap_MD5Init(AP_MD5_CTX * context) +API_EXPORT(void) ap_MD5Init(AP_MD5_CTX *context) { context-count[0] = context-count[1] = 0; /* Load magic initialization constants. */ @@ -195,8 +195,8 @@ operation, processing another message block, and updating the context. */ -API_EXPORT(void) ap_MD5Update(AP_MD5_CTX * context, const unsigned char *input, -unsigned int inputLen) +API_EXPORT(void) ap_MD5Update(AP_MD5_CTX *context, const unsigned char *input, + unsigned int inputLen) { unsigned int i, idx, partLen; @@ -204,8 +204,10 @@ idx = (unsigned int) ((context-count[0] 3) 0x3F); /* Update number of bits */ -if ((context-count[0] += ((UINT4) inputLen 3)) ((UINT4) inputLen 3)) +if ((context-count[0] += ((UINT4) inputLen 3)) + ((UINT4) inputLen 3)) { context-count[1]++; +} context-count[1] += (UINT4) inputLen 29; partLen = 64 - idx; @@ -216,13 +218,15 @@ memcpy(context-buffer[idx], input, partLen); MD5Transform(context-state, context-buffer); - for (i = partLen; i + 63 inputLen; i += 64) + for (i = partLen; i + 63 inputLen; i += 64) { MD5Transform(context-state, input[i]); + } idx = 0; } -else +else { i = 0; +} /* Buffer remaining input */ memcpy(context-buffer[idx], input[i], inputLen - i); @@ -239,8 +243,9 @@ idx = 0; } -else +else { i = 0; +} /* Buffer remaining input */ ebcdic2ascii_strictly(context-buffer[idx], input[i], inputLen - i); @@ -250,7 +255,7 @@ /* MD5 finalization. Ends an MD5 message-digest operation, writing the the message digest and zeroizing the context. */ -API_EXPORT(void) ap_MD5Final(unsigned char digest[16], AP_MD5_CTX * context) +API_EXPORT(void) ap_MD5Final(unsigned char digest[16], AP_MD5_CTX *context) { unsigned char bits[8]; unsigned int idx, padLen; @@ -277,10 +282,10 @@ /* Pad out to 56 mod 64. */ idx = (unsigned int) ((context-count[0] 3) 0x3f); padLen = (idx 56) ? (56 - idx) : (120 - idx); -ap_MD5Update(context, PADDING, padLen); +ap_MD5Update(context, (const unsigned char *)PADDING, padLen); /* Append length (before padding) */ -ap_MD5Update(context, bits, 8); +ap_MD5Update(context, (const unsigned char *)bits, 8); /* Store state in digest */ Encode(digest, context-state, 16); @@ -429,7 +434,8 @@ } } -API_EXPORT(void) ap_MD5Encode(const char *pw, const char *salt, +API_EXPORT(void) ap_MD5Encode(const unsigned char *pw, + const unsigned char *salt, char *result, size_t nbytes) { /* @@ -439,9 +445,11 @@ */ char passwd[120], *p; -const char *sp, *ep; +const unsigned char *sp, *ep; unsigned char final[16]; -int sl, pl, i; +int i; +unsigned int sl, pl; +unsigned int pwlen; AP_MD5_CTX ctx, ctx1; unsigned long l; @@ -455,7 +463,7 @@ /* * If
cvs commit: apache-1.3/src/support htpasswd.c
lars99/03/19 13:20:49 Modified:src/support htpasswd.c Log: make functions static, fix missing prototype warning Revision ChangesPath 1.24 +5 -5 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.23 retrieving revision 1.24 diff -u -r1.23 -r1.24 --- htpasswd.c1999/03/10 20:58:23 1.23 +++ htpasswd.c1999/03/19 21:20:48 1.24 @@ -294,7 +294,7 @@ * Check to see if the specified file can be opened for the given * access. */ -int accessible(char *fname, char *mode) +static int accessible(char *fname, char *mode) { FILE *s; @@ -309,7 +309,7 @@ /* * Return true if a file is readable. */ -int readable(char *fname) +static int readable(char *fname) { return accessible(fname, r); } @@ -317,7 +317,7 @@ /* * Return true if the specified file can be opened for write access. */ -int writable(char *fname) +static int writable(char *fname) { return accessible(fname, a); } @@ -325,7 +325,7 @@ /* * Return true if the named file exists, regardless of permissions. */ -int exists(char *fname) +static int exists(char *fname) { #ifdef WIN32 struct _stat sbuf; @@ -346,7 +346,7 @@ * Copy from the current position of one file to the current position * of another. */ -void copy_file(FILE *target, FILE *source) +static void copy_file(FILE *target, FILE *source) { static char line[MAX_STRING_LEN];
cvs commit: apache-1.3/src/support htpasswd.c
coar99/03/10 12:36:47 Modified:src/support htpasswd.c Log: Add licence, change argumbnt handling to alway recognise '-' as a flag prefix, make a little easier to expand to other algorithms in the future, and change file handling. Previously a misspelt passphrase could destroy existing security data (i.e., '-c' would leave an empty file rather than whatever had been there before). Also distinguish between failure causes in the exit status. Revision ChangesPath 1.22 +374 -142 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- htpasswd.c1999/03/08 20:14:05 1.21 +++ htpasswd.c1999/03/10 20:36:46 1.22 @@ -1,3 +1,60 @@ +/* + * Copyright (c) 1995-1999 The Apache Group. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in + *the documentation and/or other materials provided with the + *distribution. + * + * 3. All advertising materials mentioning features or use of this + *software must display the following acknowledgment: + *This product includes software developed by the Apache Group + *for use in the Apache HTTP server project (http://www.apache.org/). + * + * 4. The names Apache Server and Apache Group must not be used to + *endorse or promote products derived from this software without + *prior written permission. For written permission, please contact + *[EMAIL PROTECTED] + * + * 5. Products derived from this software may not be called Apache + *nor may Apache appear in their names without prior written + *permission of the Apache Group. + * + * 6. Redistributions of any form whatsoever must retain the following + *acknowledgment: + *This product includes software developed by the Apache Group + *for use in the Apache HTTP server project (http://www.apache.org/). + * + * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Group and was originally based + * on public domain software written at the National Center for + * Supercomputing Applications, University of Illinois, Urbana-Champaign. + * For more information on the Apache Group and the Apache HTTP server + * project, please see http://www.apache.org/. + * + */ + /** ** * NOTE! This program is not safe as a setuid executable! Do not make it @@ -5,14 +62,23 @@ ** */ /* - * htpasswd.c: simple program for manipulating password file for NCSA httpd + * htpasswd.c: simple program for manipulating password file for + * the Apache HTTP server * - * Rob McCool + * Originally by Rob McCool + * + * Exit values: + * 0: Success + * 1: Failure; file permission problem + * 2: Failure; command line syntax problem (usage message issued) + * 3: Failure; password verification failure + * 4: Failure; operation interrupted (such as with CTRL/C) */ #include ap_config.h #include sys/types.h #include signal.h +#include
cvs commit: apache-1.3/src/support htpasswd.c
coar99/03/10 12:58:27 Modified:src/support htpasswd.c Log: Argh.. what happens when you've got too many patches going at once.. Revision ChangesPath 1.23 +12 -9 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.22 retrieving revision 1.23 diff -u -r1.22 -r1.23 --- htpasswd.c1999/03/10 20:36:46 1.22 +++ htpasswd.c1999/03/10 20:58:23 1.23 @@ -69,10 +69,12 @@ * * Exit values: * 0: Success - * 1: Failure; file permission problem + * 1: Failure; file access/permission problem * 2: Failure; command line syntax problem (usage message issued) * 3: Failure; password verification failure * 4: Failure; operation interrupted (such as with CTRL/C) + * 5: Failure; buffer would overflow (username, filename, or computed + * record too long) */ #include ap_config.h @@ -104,6 +106,7 @@ #define ERR_SYNTAX 2 #define ERR_PWMISMATCH 3 #define ERR_INTERRUPTED 4 +#define ERR_OVERFLOW 5 /* * This needs to be declared statically so the signal handler can @@ -223,7 +226,7 @@ #endif /* - * Make a password record from the given information. A true return + * Make a password record from the given information. A zero return * indicates success; failure means that the output buffer contains an * error message instead. */ @@ -236,7 +239,7 @@ pw = strd((char *) getpass(New password: )); if (strcmp(pw, (char *) getpass(Re-type new password: ))) { ap_cpystrn(record, password verification error, (rlen - 1)); - return 0; + return ERR_PWMISMATCH; } (void) srand((int) time((time_t *) NULL)); to64(salt[0], rand(), 8); @@ -261,12 +264,12 @@ */ if ((strlen(user) + 1 + strlen(cpw)) (rlen - 1)) { ap_cpystrn(record, resultant record too long, (rlen - 1)); - return 0; + return ERR_OVERFLOW; } strcpy(record, user); strcat(record, :); strcat(record, cpw); -return 1; +return 0; } static int usage(void) @@ -413,12 +416,12 @@ } if (strlen(argv[i]) (sizeof(pwfilename) - 1)) { fprintf(stderr, %s: filename too long\n, argv[0]); - return 1; + return ERR_OVERFLOW; } strcpy(pwfilename, argv[i]); if (strlen(argv[i + 1]) (sizeof(user) - 1)) { fprintf(stderr, %s: username too long\n, argv[0]); - return 1; + return ERR_OVERFLOW; } strcpy(user, argv[i + 1]); @@ -477,9 +480,9 @@ * Any error message text is returned in the record buffer, since * the mkrecord() routine doesn't have access to argv[]. */ -if (! mkrecord(user, record, sizeof(record) - 1, alg)) { +if ((i = mkrecord(user, record, sizeof(record) - 1, alg)) != 0) { fprintf(stderr, %s: %s\n, argv[0], record); - exit(ERR_PWMISMATCH); + exit(i); } /*
cvs commit: apache-1.3/src/support htpasswd.c
stoddard99/03/08 12:14:06 Modified:src/support htpasswd.c Log: Fix for argument math in htpasswd. Submitted by: Ryan Bloom Revision ChangesPath 1.21 +17 -8 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.20 retrieving revision 1.21 diff -u -r1.20 -r1.21 --- htpasswd.c1999/02/03 16:22:34 1.20 +++ htpasswd.c1999/03/08 20:14:05 1.21 @@ -214,6 +214,8 @@ int found; int use_md5 = 0; int newfile = 0; +int currarg = 1; +int filearg; tn = NULL; signal(SIGINT, (void (*)(int)) interrupted); @@ -225,9 +227,6 @@ if (argc 3) { usage(); } -else { -strcpy(filename, argv[argc - 2]); -} /* I would rather use getopt, but Windows and UNIX seem to handle getopt * differently, so I am doing the argument checking by hand. @@ -235,14 +234,24 @@ if (!strcmp(argv[1],-c) || !strcmp(argv[2],-c)) { newfile = 1; +currarg++; } if (!strcmp(argv[1],-m) || !strcmp(argv[2],-m)) { use_md5 = 1; +currarg++; } if (!strcmp(argv[1], -cm) || !strcmp(argv[2], -mc)) { use_md5 = 1; newfile = 1; +currarg++; +} + +strcpy(filename, argv[currarg]); +filearg = currarg++; + +if (argc = filearg + 1) { +usage(); } #ifdef WIN32 @@ -258,8 +267,8 @@ perror(fopen); exit(1); } - printf(Adding password for %s.\n, argv[argc-1]); - add_password(argv[argc - 1], tfp, use_md5); + printf(Adding password for %s.\n, argv[currarg]); + add_password(argv[currarg], tfp, use_md5); fclose(tfp); return(0); } @@ -270,15 +279,15 @@ exit(1); } -if (!(f = fopen(argv[argc - 2], r+))) { +if (!(f = fopen(argv[filearg], r+))) { fprintf(stderr, Could not open password file %s for reading.\n, -argv[argc - 2]); +argv[filearg]); fprintf(stderr, Use -c option to create a new one\n); fclose(tfp); unlink(tn); exit(1); } -strcpy(user, argv[argc - 1]); +strcpy(user, argv[currarg]); found = 0; while (!(getline(line, MAX_STRING_LEN, f))) {
cvs commit: apache-1.3/src/support htpasswd.c httpd.exp
coar99/02/03 08:22:34 Modified:.STATUS src ApacheCore.def CHANGES src/ap ap_md5c.c src/include ap_md5.h ap_mmn.h src/modules/standard mod_auth.c mod_auth_db.c mod_auth_dbm.c src/support htpasswd.c httpd.exp Log: Rework the ap_MD5Encode() routine to use FreeBSD's algorithm and a private significator ($apr1); also make it reentrant. Abstract the password checking into a new routine, ap_validate_password(plaintext, hashed), and modify mod_auth*.c to use it instead of each doing the algorithm check. Obtained from:FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c (MD5) Revision ChangesPath 1.610 +1 -2 apache-1.3/STATUS Index: STATUS === RCS file: /home/cvs/apache-1.3/STATUS,v retrieving revision 1.609 retrieving revision 1.610 diff -u -r1.609 -r1.610 --- STATUS1999/02/02 16:15:50 1.609 +++ STATUS1999/02/03 16:22:25 1.610 @@ -1,5 +1,5 @@ 1.3 STATUS: - Last modified at [$Date: 1999/02/02 16:15:50 $] + Last modified at [$Date: 1999/02/03 16:22:25 $] Release: @@ -15,7 +15,6 @@ RELEASE SHOWSTOPPERS: -* md5 passwd stuff incompatible with FreeBSD implementation. RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: 1.9 +1 -0 apache-1.3/src/ApacheCore.def Index: ApacheCore.def === RCS file: /home/cvs/apache-1.3/src/ApacheCore.def,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- ApacheCore.def1999/01/29 14:28:53 1.8 +++ ApacheCore.def1999/02/03 16:22:27 1.9 @@ -326,4 +326,5 @@ ap_os_is_filename_valid @319 ap_find_opaque_token @320 ap_MD5Encode @321 + ap_validate_password @322 1.1229+5 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1228 retrieving revision 1.1229 diff -u -r1.1228 -r1.1229 --- CHANGES 1999/01/30 19:19:23 1.1228 +++ CHANGES 1999/02/03 16:22:28 1.1229 @@ -1,5 +1,10 @@ Changes with Apache 1.3.5 + *) Rework the MD5 authentication scheme to use FreeBSD's algorithm, + and use a private significator ('$apr1$') to mark passwords as + being smashed with our own algorithm. Also abstract the password + checking into a new ap_validate_password() routine. [Ken Coar] + *) Win32: The filename validity checker now allows COM but refuses access to COM1 through COM4. This allows filenames such as com.name to be served. [Paul Sutton] PR#3769. 1.19 +217 -43 apache-1.3/src/ap/ap_md5c.c Index: ap_md5c.c === RCS file: /home/cvs/apache-1.3/src/ap/ap_md5c.c,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- ap_md5c.c 1999/01/25 22:55:36 1.18 +++ ap_md5c.c 1999/02/03 16:22:30 1.19 @@ -88,6 +88,17 @@ * */ +/* + * The ap_MD5Encode() routine uses much code obtained from the FreeBSD 3.0 + * MD5 crypt() function, which is licenced as follows: + * + * THE BEER-WARE LICENSE (Revision 42): + * [EMAIL PROTECTED] wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp + * + */ + #include string.h #include ap_config.h @@ -381,7 +392,7 @@ } /* Decodes input (unsigned char) into output (UINT4). Assumes len is - a multiple of 4. + * a multiple of 4. */ static void Decode(UINT4 *output, const unsigned char *input, unsigned int len) { @@ -391,47 +402,210 @@ output[i] = ((UINT4) input[j]) | (((UINT4) input[j + 1]) 8) | (((UINT4) input[j + 2]) 16) | (((UINT4) input[j + 3]) 24); } + +/* + * Define the Magic String prefix that identifies a password as being + * hashed using our algorithm. + */ +static const char *apr1_id = $apr1$; + +/* + * The following MD5 password encryption code was largely borrowed from + * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is + * licenced as stated at the top of this file. + */ + +static void to64 __P((char *, unsigned long, int)); + +static void to64(char *s, unsigned long v, int n) +{ +static void to64 __P((char *, unsigned long, int)); +static unsigned char
cvs commit: apache-1.3/src/support htpasswd.c
dgaudet 98/06/04 13:28:31 Modified:src CHANGES src/support htpasswd.c Log: remove the system() call... PR: 2332 Submitted by: M.D.Parker [EMAIL PROTECTED] Revision ChangesPath 1.886 +3 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.885 retrieving revision 1.886 diff -u -r1.885 -r1.886 --- CHANGES 1998/06/04 20:13:11 1.885 +++ CHANGES 1998/06/04 20:28:29 1.886 @@ -1,5 +1,8 @@ Changes with Apache 1.3.1 + *) Remove the system() call from htpasswd.c, which eliminates a system + dependancy. [M.D.Parker [EMAIL PROTECTED]] PR#2332 + *) PORT: Fix compilation failures on NEXTSTEP. [Rex Dieter [EMAIL PROTECTED]] PR#2293, 2316 1.16 +13 -9 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- htpasswd.c1998/04/21 20:14:06 1.15 +++ htpasswd.c1998/06/04 20:28:31 1.16 @@ -161,7 +161,7 @@ if (argc == 4) { if (strcmp(argv[1], -c)) usage(); - if (!(tfp = fopen(argv[2], w))) { + if (!(tfp = fopen(argv[2], w+))) { fprintf(stderr, Could not open passwd file %s for writing.\n, argv[2]); perror(fopen); @@ -176,12 +176,12 @@ usage(); tn = tmpnam(NULL); -if (!(tfp = fopen(tn, w))) { +if (!(tfp = fopen(tn, w+))) { fprintf(stderr, Could not open temp file.\n); exit(1); } -if (!(f = fopen(argv[1], r))) { +if (!(f = fopen(argv[1], r+))) { fprintf(stderr, Could not open passwd file %s for reading.\n, argv[1]); fprintf(stderr, Use -c option to create new one.\n); @@ -211,14 +211,18 @@ printf(Adding user %s\n, user); add_password(user, tfp); } +/* +* make a copy from the tmp file to the actual file +*/ +rewind(f); +rewind(tfp); +while ( fgets(command,MAX_STRING_LEN,tfp) != NULL) +{ +fputs(command,f); +} + fclose(f); fclose(tfp); -#if defined(__EMX__) || defined(WIN32) -sprintf(command, copy \%s\ \%s\, tn, argv[1]); -#else -sprintf(command, cp %s %s, tn, argv[1]); -#endif -system(command); unlink(tn); exit(0); }
cvs commit: apache-1.3/src/support htpasswd.c
marc98/03/17 16:58:35 Modified:src/support htpasswd.c Log: Why should we include sys/signal.h? That is bogus. Also, explicitly cast crypt() return to char*. We should include the right header file (ie. crypt.h), but that is painful right now. These both follow existing practice in other parts of the code. Revision ChangesPath 1.13 +1 -5 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- htpasswd.c1998/03/13 21:52:30 1.12 +++ htpasswd.c1998/03/18 00:58:34 1.13 @@ -13,11 +13,7 @@ #include sys/types.h #include stdio.h #include string.h -#ifdef MPE #include signal.h -#else -#include sys/signal.h -#endif #include stdlib.h #include time.h #include unistd.h @@ -134,7 +130,7 @@ (void) srand((int) time((time_t *) NULL)); to64(salt[0], rand(), 2); salt[2] = '\0'; -cpw = crypt(pw, salt); +cpw = (char *)crypt(pw, salt); free(pw); fprintf(f, %s:%s\n, user, cpw); }
cvs commit: apache-1.3/src/support htpasswd.c
marc98/03/13 13:52:31 Modified:src/support htpasswd.c Log: Properly terminate the salt. PR: 1946 Submitted by: Matthew Reimer [EMAIL PROTECTED] Revision ChangesPath 1.12 +1 -0 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /export/home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- htpasswd.c1998/02/22 21:39:34 1.11 +++ htpasswd.c1998/03/13 21:52:30 1.12 @@ -133,6 +133,7 @@ } (void) srand((int) time((time_t *) NULL)); to64(salt[0], rand(), 2); +salt[2] = '\0'; cpw = crypt(pw, salt); free(pw); fprintf(f, %s:%s\n, user, cpw);
cvs commit: apache-1.3/src/support htpasswd.c
martin 98/02/22 13:39:35 Modified:src/support htpasswd.c Log: [Port]: minor changes to ease EBCDIC port Revision ChangesPath 1.11 +5 -0 apache-1.3/src/support/htpasswd.c Index: htpasswd.c === RCS file: /home/cvs/apache-1.3/src/support/htpasswd.c,v retrieving revision 1.10 retrieving revision 1.11 diff -u -u -r1.10 -r1.11 --- htpasswd.c1998/01/21 22:05:45 1.10 +++ htpasswd.c1998/02/22 21:39:34 1.11 @@ -22,8 +22,13 @@ #include time.h #include unistd.h +#ifndef CHARSET_EBCDIC #define LF 10 #define CR 13 +#else /*CHARSET_EBCDIC*/ +#define LF '\n' +#define CR '\r' +#endif /*CHARSET_EBCDIC*/ #define MAX_STRING_LEN 256