1 /* Copyright 2001-2004 The Apache Software Foundation
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * htdbm.c: simple program for manipulating DBM
18 * password databases for the Apache HTTP server
20 * Contributed by Mladen Turk <mturk mappingsoft.com>
26 #include "apr_strings.h"
27 #include "apr_file_io.h"
28 #include "apr_file_info.h"
29 #include "apr_pools.h"
30 #include "apr_signal.h"
41 #if APR_HAVE_STRINGS_H
46 #if APR_CHARSET_EBCDIC
47 #include "apr_xlate.h"
48 #endif /*APR_CHARSET_EBCDIC*/
55 #if !APR_CHARSET_EBCDIC
58 #else /*APR_CHARSET_EBCDIC*/
61 #endif /*APR_CHARSET_EBCDIC*/
63 #define MAX_STRING_LEN 256
73 #define ERR_FILEPERM 1
75 #define ERR_PWMISMATCH 3
76 #define ERR_INTERRUPTED 4
77 #define ERR_OVERFLOW 5
82 typedef struct htdbm_t htdbm_t;
87 #if APR_CHARSET_EBCDIC
88 apr_xlate_t *to_ascii;
102 #define HTDBM_DELETE 1
103 #define HTDBM_VERIFY 2
105 #define HTDBM_NOFILE 4
106 #define HTDBM_STDIN 5
108 static void terminate(void)
116 static void htdbm_terminate(htdbm_t *htdbm)
119 apr_dbm_close(htdbm->dbm);
125 static void htdbm_interrupted(void)
128 fprintf(stderr, "htdbm Interrupted !\n");
129 exit(ERR_INTERRUPTED);
132 static apr_status_t htdbm_init(apr_pool_t **pool, htdbm_t **hdbm)
135 #if APR_CHARSET_EBCDIC
139 apr_pool_create( pool, NULL);
140 apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted);
142 (*hdbm) = (htdbm_t *)apr_pcalloc(*pool, sizeof(htdbm_t));
143 (*hdbm)->pool = *pool;
145 #if APR_CHARSET_EBCDIC
146 rv = apr_xlate_open(&((*hdbm)->to_ascii), "ISO-8859-1", APR_DEFAULT_CHARSET, (*hdbm)->pool);
148 fprintf(stderr, "apr_xlate_open(to ASCII)->%d\n", rv);
151 rv = apr_SHA1InitEBCDIC((*hdbm)->to_ascii);
153 fprintf(stderr, "apr_SHA1InitEBCDIC()->%d\n", rv);
156 rv = apr_MD5InitEBCDIC((*hdbm)->to_ascii);
158 fprintf(stderr, "apr_MD5InitEBCDIC()->%d\n", rv);
161 #endif /*APR_CHARSET_EBCDIC*/
163 /* Set MD5 as default */
164 (*hdbm)->alg = ALG_APMD5;
165 (*hdbm)->type = "default";
169 static apr_status_t htdbm_open(htdbm_t *htdbm)
172 return apr_dbm_open_ex(&htdbm->dbm, htdbm->type, htdbm->filename, APR_DBM_RWCREATE,
173 APR_OS_DEFAULT, htdbm->pool);
175 return apr_dbm_open_ex(&htdbm->dbm, htdbm->type, htdbm->filename,
176 htdbm->rdonly ? APR_DBM_READONLY : APR_DBM_READWRITE,
177 APR_OS_DEFAULT, htdbm->pool);
180 static apr_status_t htdbm_save(htdbm_t *htdbm, int *changed)
182 apr_datum_t key, val;
184 if (!htdbm->username)
187 key.dptr = htdbm->username;
188 key.dsize = strlen(htdbm->username);
189 if (apr_dbm_exists(htdbm->dbm, key))
192 val.dsize = strlen(htdbm->userpass);
194 val.dptr = htdbm->userpass;
196 val.dptr = apr_pstrcat(htdbm->pool, htdbm->userpass, ":",
197 htdbm->comment, NULL);
198 val.dsize += (strlen(htdbm->comment) + 1);
200 return apr_dbm_store(htdbm->dbm, key, val);
203 static apr_status_t htdbm_del(htdbm_t *htdbm)
207 key.dptr = htdbm->username;
208 key.dsize = strlen(htdbm->username);
209 if (!apr_dbm_exists(htdbm->dbm, key))
212 return apr_dbm_delete(htdbm->dbm, key);
215 static apr_status_t htdbm_verify(htdbm_t *htdbm)
217 apr_datum_t key, val;
218 char pwd[MAX_STRING_LEN] = {0};
221 key.dptr = htdbm->username;
222 key.dsize = strlen(htdbm->username);
223 if (!apr_dbm_exists(htdbm->dbm, key))
225 if (apr_dbm_fetch(htdbm->dbm, key, &val) != APR_SUCCESS)
227 rec = apr_pstrndup(htdbm->pool, val.dptr, val.dsize);
228 cmnt = strchr(rec, ';');
230 strncpy(pwd, rec, cmnt - rec);
233 return apr_password_validate(htdbm->userpass, pwd);
236 static apr_status_t htdbm_list(htdbm_t *htdbm)
239 apr_datum_t key, val;
241 char kb[MAX_STRING_LEN];
244 rv = apr_dbm_firstkey(htdbm->dbm, &key);
245 if (rv != APR_SUCCESS) {
246 fprintf(stderr, "Empty database -- %s\n", htdbm->filename);
249 rec = apr_pcalloc(htdbm->pool, HUGE_STRING_LEN);
251 fprintf(stderr, "Dumping records from database -- %s\n", htdbm->filename);
252 fprintf(stderr, " %-32sComment\n", "Username");
253 while (key.dptr != NULL) {
254 rv = apr_dbm_fetch(htdbm->dbm, key, &val);
255 if (rv != APR_SUCCESS) {
256 fprintf(stderr, "Failed getting data from %s\n", htdbm->filename);
259 strncpy(kb, key.dptr, key.dsize);
260 kb[key.dsize] = '\0';
261 fprintf(stderr, " %-32s", kb);
262 strncpy(rec, val.dptr, val.dsize);
263 rec[val.dsize] = '\0';
264 cmnt = strchr(rec, ':');
266 fprintf(stderr, "%s", cmnt + 1);
267 fprintf(stderr, "\n");
268 rv = apr_dbm_nextkey(htdbm->dbm, &key);
269 if (rv != APR_SUCCESS)
270 fprintf(stderr, "Failed getting NextKey\n");
274 fprintf(stderr, "Total #records : %d\n", i);
278 static void to64(char *s, unsigned long v, int n)
280 static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
281 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
284 *s++ = itoa64[v&0x3f];
289 static apr_status_t htdbm_make(htdbm_t *htdbm)
291 char cpw[MAX_STRING_LEN];
294 switch (htdbm->alg) {
296 /* XXX cpw >= 28 + strlen(sha1) chars - fixed len SHA */
297 apr_sha1_base64(htdbm->userpass,strlen(htdbm->userpass),cpw);
301 (void) srand((int) time((time_t *) NULL));
302 to64(&salt[0], rand(), 8);
304 apr_md5_encode((const char *)htdbm->userpass, (const char *)salt,
308 /* XXX this len limitation is not in sync with any HTTPd len. */
309 apr_cpystrn(cpw,htdbm->userpass,sizeof(cpw));
313 (void) srand((int) time((time_t *) NULL));
314 to64(&salt[0], rand(), 8);
316 apr_cpystrn(cpw, (char *)crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
317 fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
322 htdbm->userpass = apr_pstrdup(htdbm->pool, cpw);
326 static apr_status_t htdbm_valid_username(htdbm_t *htdbm)
328 if (!htdbm->username || (strlen(htdbm->username) > 64) || (strlen(htdbm->username) < 1)) {
329 fprintf(stderr, "Invalid username length\n");
332 if (strchr(htdbm->username, ':')) {
333 fprintf(stderr, "Username contains invalid characters\n");
339 static void htdbm_usage(void)
343 #define CRYPT_OPTION "d"
345 #define CRYPT_OPTION ""
347 fprintf(stderr, "htdbm -- program for manipulating DBM password databases.\n\n");
348 fprintf(stderr, "Usage: htdbm [-cm"CRYPT_OPTION"pstvx] [-TDBTYPE] database username\n");
349 fprintf(stderr, " -b[cm"CRYPT_OPTION"ptsv] [-TDBTYPE] database username password\n");
350 fprintf(stderr, " -n[m"CRYPT_OPTION"pst] username\n");
351 fprintf(stderr, " -nb[m"CRYPT_OPTION"pst] username password\n");
352 fprintf(stderr, " -v[m"CRYPT_OPTION"ps] [-TDBTYPE] database username\n");
353 fprintf(stderr, " -vb[m"CRYPT_OPTION"ps] [-TDBTYPE] database username password\n");
354 fprintf(stderr, " -x[m"CRYPT_OPTION"ps] [-TDBTYPE] database username\n");
355 fprintf(stderr, " -l [-TDBTYPE] database\n");
356 fprintf(stderr, "Options:\n");
357 fprintf(stderr, " -b Use the password from the command line rather "
358 "than prompting for it.\n");
359 fprintf(stderr, " -c Create a new database.\n");
360 fprintf(stderr, " -n Don't update database; display results on stdout.\n");
361 fprintf(stderr, " -m Force MD5 encryption of the password (default).\n");
363 fprintf(stderr, " -d Force CRYPT encryption of the password (now deprecated).\n");
365 fprintf(stderr, " -p Do not encrypt the password (plaintext).\n");
366 fprintf(stderr, " -s Force SHA encryption of the password.\n");
367 fprintf(stderr, " -T DBM Type (SDBM|GDBM|DB|default).\n");
368 fprintf(stderr, " -l Display usernames from database on stdout.\n");
369 fprintf(stderr, " -t The last param is username comment.\n");
370 fprintf(stderr, " -v Verify the username/password.\n");
371 fprintf(stderr, " -x Remove the username record from database.\n");
377 int main(int argc, const char * const argv[])
382 char pwi[MAX_STRING_LEN];
383 char pwc[MAX_STRING_LEN];
384 char errbuf[MAX_STRING_LEN];
390 int pwd_supplied = 0;
392 int cmd = HTDBM_MAKE;
396 apr_app_initialize(&argc, &argv, NULL);
399 if ((rv = htdbm_init(&pool, &h)) != APR_SUCCESS) {
400 fprintf(stderr, "Unable to initialize htdbm terminating!\n");
401 apr_strerror(rv, errbuf, sizeof(errbuf));
405 * Preliminary check to make sure they provided at least
406 * three arguments, we'll do better argument checking as
407 * we parse the command line.
412 * Go through the argument list and pick out any options. They
413 * have to precede any other arguments.
415 for (i = 1; i < argc; i++) {
420 while (*++arg != '\0') {
447 h->type = apr_pstrdup(h->pool, ++arg);
450 --arg; /* so incrementing this in the loop with find a null */
481 * Make sure we still have exactly the right number of arguments left
482 * (the filename, the username, and possibly the password if -b was
485 if ((argc - i) != args_left)
491 h->filename = apr_pstrdup(h->pool, argv[i]);
492 if ((rv = htdbm_open(h)) != APR_SUCCESS) {
493 fprintf(stderr, "Error opening database %s\n", argv[i]);
494 apr_strerror(rv, errbuf, sizeof(errbuf));
495 fprintf(stderr,"%s\n",errbuf);
500 h->username = apr_pstrdup(pool, argv[i+1]);
501 if (htdbm_valid_username(h) != APR_SUCCESS)
505 h->userpass = apr_pstrdup(pool, argv[i+2]);
509 if (apr_password_get("Enter password : ", pwi, &l) != APR_SUCCESS) {
510 fprintf(stderr, "Password too long\n");
514 if (apr_password_get("Re-type password : ", pwc, &l) != APR_SUCCESS) {
515 fprintf(stderr, "Password too long\n");
518 if (strcmp(pwi, pwc) != 0) {
519 fprintf(stderr, "Password verification error\n");
520 exit(ERR_PWMISMATCH);
523 h->userpass = apr_pstrdup(pool, pwi);
525 if (need_cmnt && pwd_supplied)
526 h->comment = apr_pstrdup(pool, argv[i+3]);
528 h->comment = apr_pstrdup(pool, argv[i+2]);
532 if ((rv = htdbm_verify(h)) != APR_SUCCESS) {
533 if(rv == APR_ENOENT) {
534 fprintf(stderr, "The user '%s' could not be found in database\n", h->username);
538 fprintf(stderr, "Password mismatch for user '%s'\n", h->username);
539 exit(ERR_PWMISMATCH);
543 fprintf(stderr, "Password validated for user '%s'\n", h->username);
546 if (htdbm_del(h) != APR_SUCCESS) {
547 fprintf(stderr, "Cannot find user '%s' in database\n", h->username);
561 if (need_file && !h->rdonly) {
562 if ((rv = htdbm_save(h, &changed)) != APR_SUCCESS) {
563 apr_strerror(rv, errbuf, sizeof(errbuf));
566 fprintf(stdout, "Database %s %s.\n", h->filename,
567 h->create ? "created" : (changed ? "modified" : "updated"));
569 if (cmd == HTDBM_NOFILE) {
571 fprintf(stderr, "%s:%s\n", h->username, h->userpass);
574 fprintf(stderr, "%s:%s:%s\n", h->username, h->userpass,
580 return 0; /* Suppress compiler warning. */