1 /* ====================================================================
2 * Copyright (c) 1995-1999 The Apache Group. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the Apache Group
19 * for use in the Apache HTTP server project (http://www.apache.org/)."
21 * 4. The names "Apache Server" and "Apache Group" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
26 * 5. Products derived from this software may not be called "Apache"
27 * nor may "Apache" appear in their names without prior written
28 * permission of the Apache Group.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the Apache Group
33 * for use in the Apache HTTP server project (http://www.apache.org/)."
35 * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Group and was originally based
51 * on public domain software written at the National Center for
52 * Supercomputing Applications, University of Illinois, Urbana-Champaign.
53 * For more information on the Apache Group and the Apache HTTP server
54 * project, please see <http://www.apache.org/>.
57 /******************************************************************************
58 ******************************************************************************
59 * NOTE! This program is not safe as a setuid executable! Do not make it
61 ******************************************************************************
62 *****************************************************************************/
64 * htdigest.c: simple program for manipulating digest passwd file for Apache
66 * by Alexei Kosut, based on htpasswd.c, by Rob McCool
69 #include "ap_config.h"
70 #include <sys/types.h>
73 #if defined(MPE) || defined(QNX) || defined(WIN32) || defined(__TANDEM)
76 #include <sys/signal.h>
81 #define unlink _unlink
90 #endif /* CHARSET_EBCDIC */
92 #define MAX_STRING_LEN 256
96 static void getword(char *word, char *line, char stop)
100 for (x = 0; ((line[x]) && (line[x] != stop)); x++)
108 while ((line[y++] = line[x++]));
111 static int getline(char *s, int n, FILE *f)
116 s[i] = (char) fgetc(f);
121 if ((s[i] == 0x4) || (s[i] == LF) || (i == (n - 1))) {
123 return (feof(f) ? 1 : 0);
129 static void putline(FILE *f, char *l)
133 for (x = 0; l[x]; x++)
139 static void add_password(char *user, char *realm, FILE *f)
143 unsigned char digest[16];
144 char string[MAX_STRING_LEN];
145 char pwin[MAX_STRING_LEN];
146 char pwv[MAX_STRING_LEN];
149 if (ap_getpass("New password: ", pwin, sizeof(pwin)) != 0) {
150 fprintf(stderr, "password too long");
153 ap_getpass("Re-type new password: ", pwv, sizeof(pwv));
154 if (strcmp(pwin, pwv) != 0) {
155 fprintf(stderr, "They don't match, sorry.\n");
162 fprintf(f, "%s:%s:", user, realm);
165 sprintf(string, "%s:%s:%s", user, realm, pw);
167 ap_MD5Init(&context);
168 ap_MD5Update(&context, (unsigned char *) string, strlen(string));
169 ap_MD5Final(digest, &context);
171 for (i = 0; i < 16; i++)
172 fprintf(f, "%02x", digest[i]);
177 static void usage(void)
179 fprintf(stderr, "Usage: htdigest [-c] passwordfile realm username\n");
180 fprintf(stderr, "The -c flag creates a new file.\n");
184 static void interrupted(void)
186 fprintf(stderr, "Interrupted.\n");
192 int main(int argc, char *argv[])
195 char user[MAX_STRING_LEN];
196 char realm[MAX_STRING_LEN];
197 char line[MAX_STRING_LEN];
198 char l[MAX_STRING_LEN];
199 char w[MAX_STRING_LEN];
200 char x[MAX_STRING_LEN];
201 char command[MAX_STRING_LEN];
205 signal(SIGINT, (void (*)(int)) interrupted);
207 if (strcmp(argv[1], "-c"))
209 if (!(tfp = fopen(argv[2], "w"))) {
210 fprintf(stderr, "Could not open passwd file %s for writing.\n",
215 printf("Adding password for %s in realm %s.\n", argv[4], argv[3]);
216 add_password(argv[4], argv[3], tfp);
224 if (!(tfp = fopen(tn, "w"))) {
225 fprintf(stderr, "Could not open temp file.\n");
229 if (!(f = fopen(argv[1], "r"))) {
231 "Could not open passwd file %s for reading.\n", argv[1]);
232 fprintf(stderr, "Use -c option to create new one.\n");
235 strcpy(user, argv[3]);
236 strcpy(realm, argv[2]);
239 while (!(getline(line, MAX_STRING_LEN, f))) {
240 if (found || (line[0] == '#') || (!line[0])) {
247 if (strcmp(user, w) || strcmp(realm, x)) {
252 printf("Changing password for user %s in realm %s\n", user, realm);
253 add_password(user, realm, tfp);
258 printf("Adding user %s in realm %s\n", user, realm);
259 add_password(user, realm, tfp);
263 #if defined(OS2) || defined(WIN32)
264 sprintf(command, "copy \"%s\" \"%s\"", tn, argv[1]);
266 sprintf(command, "cp %s %s", tn, argv[1]);