blob: 9f5f406860357c672c52713ed200e51b5ae6cb8b
1 | /* vi: set sw=4 ts=4: */ |
2 | /* |
3 | * cryptpw.c - output a crypt(3)ed password to stdout. |
4 | * |
5 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. |
6 | * |
7 | * Cooked from passwd.c by Thomas Lundquist <thomasez@zelow.no> |
8 | * mkpasswd compatible options added by Bernhard Reutner-Fischer |
9 | * |
10 | * Licensed under GPLv2, see file LICENSE in this source tree. |
11 | */ |
12 | //config:config CRYPTPW |
13 | //config: bool "cryptpw" |
14 | //config: default y |
15 | //config: help |
16 | //config: Encrypts the given password with the crypt(3) libc function |
17 | //config: using the given salt. |
18 | //config: |
19 | //config:config MKPASSWD |
20 | //config: bool "mkpasswd" |
21 | //config: default y |
22 | //config: help |
23 | //config: Encrypts the given password with the crypt(3) libc function |
24 | //config: using the given salt. Debian has this utility under mkpasswd |
25 | //config: name. Busybox provides mkpasswd as an alias for cryptpw. |
26 | |
27 | //applet:IF_CRYPTPW(APPLET(cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP)) |
28 | // APPLET_ODDNAME:name main location suid_type help |
29 | //applet:IF_MKPASSWD(APPLET_ODDNAME(mkpasswd, cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP, cryptpw)) |
30 | |
31 | //kbuild:lib-$(CONFIG_CRYPTPW) += cryptpw.o |
32 | //kbuild:lib-$(CONFIG_MKPASSWD) += cryptpw.o |
33 | |
34 | //usage:#define cryptpw_trivial_usage |
35 | //usage: "[OPTIONS] [PASSWORD] [SALT]" |
36 | /* We do support -s, we just don't mention it */ |
37 | //usage:#define cryptpw_full_usage "\n\n" |
38 | //usage: "Crypt PASSWORD using crypt(3)\n" |
39 | //usage: IF_LONG_OPTS( |
40 | //usage: "\n -P,--password-fd=N Read password from fd N" |
41 | /* //usage: "\n -s,--stdin Use stdin; like -P0" */ |
42 | //usage: "\n -m,--method=TYPE Encryption method" |
43 | //usage: "\n -S,--salt=SALT" |
44 | //usage: ) |
45 | //usage: IF_NOT_LONG_OPTS( |
46 | //usage: "\n -P N Read password from fd N" |
47 | /* //usage: "\n -s Use stdin; like -P0" */ |
48 | //usage: "\n -m TYPE Encryption method TYPE" |
49 | //usage: "\n -S SALT" |
50 | //usage: ) |
51 | |
52 | #include "libbb.h" |
53 | |
54 | /* Debian has 'mkpasswd' utility, manpage says: |
55 | |
56 | NAME |
57 | mkpasswd - Overfeatured front end to crypt(3) |
58 | SYNOPSIS |
59 | mkpasswd PASSWORD SALT |
60 | ... |
61 | OPTIONS |
62 | -S, --salt=STRING |
63 | Use the STRING as salt. It must not contain prefixes such as |
64 | $1$. |
65 | -R, --rounds=NUMBER |
66 | Use NUMBER rounds. This argument is ignored if the method |
67 | choosen does not support variable rounds. For the OpenBSD Blowfish |
68 | method this is the logarithm of the number of rounds. |
69 | -m, --method=TYPE |
70 | Compute the password using the TYPE method. If TYPE is 'help' |
71 | then the available methods are printed. |
72 | -P, --password-fd=NUM |
73 | Read the password from file descriptor NUM instead of using getpass(3). |
74 | If the file descriptor is not connected to a tty then |
75 | no other message than the hashed password is printed on stdout. |
76 | -s, --stdin |
77 | Like --password-fd=0. |
78 | ENVIRONMENT |
79 | $MKPASSWD_OPTIONS |
80 | A list of options which will be evaluated before the ones |
81 | specified on the command line. |
82 | BUGS |
83 | This programs suffers of a bad case of featuritis. |
84 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
85 | |
86 | Very true... |
87 | |
88 | cryptpw was in bbox before this gem, so we retain it, and alias mkpasswd |
89 | to cryptpw. -a option (alias for -m) came from cryptpw. |
90 | */ |
91 | |
92 | int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; |
93 | int cryptpw_main(int argc UNUSED_PARAM, char **argv) |
94 | { |
95 | char salt[MAX_PW_SALT_LEN]; |
96 | char *salt_ptr; |
97 | char *password; |
98 | const char *opt_m, *opt_S; |
99 | int fd; |
100 | |
101 | #if ENABLE_LONG_OPTS |
102 | static const char mkpasswd_longopts[] ALIGN1 = |
103 | "stdin\0" No_argument "s" |
104 | "password-fd\0" Required_argument "P" |
105 | "salt\0" Required_argument "S" |
106 | "method\0" Required_argument "m" |
107 | ; |
108 | applet_long_options = mkpasswd_longopts; |
109 | #endif |
110 | fd = STDIN_FILENO; |
111 | opt_m = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO; |
112 | opt_S = NULL; |
113 | /* at most two non-option arguments; -P NUM */ |
114 | opt_complementary = "?2"; |
115 | getopt32(argv, "sP:+S:m:a:", &fd, &opt_S, &opt_m, &opt_m); |
116 | argv += optind; |
117 | |
118 | /* have no idea how to handle -s... */ |
119 | |
120 | if (argv[0] && !opt_S) |
121 | opt_S = argv[1]; |
122 | |
123 | salt_ptr = crypt_make_pw_salt(salt, opt_m); |
124 | if (opt_S) |
125 | safe_strncpy(salt_ptr, opt_S, sizeof(salt) - (sizeof("$N$")-1)); |
126 | |
127 | xmove_fd(fd, STDIN_FILENO); |
128 | |
129 | password = argv[0]; |
130 | if (!password) { |
131 | /* Only mkpasswd, and only from tty, prompts. |
132 | * Otherwise it is a plain read. */ |
133 | password = (ENABLE_MKPASSWD && isatty(STDIN_FILENO) && applet_name[0] == 'm') |
134 | ? bb_ask_stdin("Password: ") |
135 | : xmalloc_fgetline(stdin) |
136 | ; |
137 | /* may still be NULL on EOF/error */ |
138 | } |
139 | |
140 | if (password) |
141 | puts(pw_encrypt(password, salt, 1)); |
142 | |
143 | return EXIT_SUCCESS; |
144 | } |
145 |