From c6e7baa7e14dc440e478108167c2256c9aee913e Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Mon, 25 Aug 1997 20:00:03 +0000 Subject: [PATCH] pg_passwd cleanup --- README | 69 --------------------- src/bin/Makefile | 4 +- src/bin/pg_passwd/Makefile | 20 ++++++ src/bin/pg_passwd/README | 111 ++++++++++++++++++++++++++++++++++ src/bin/pg_passwd/pg_passwd.c | 74 +++++++++++++++++++++++ 5 files changed, 207 insertions(+), 71 deletions(-) create mode 100644 src/bin/pg_passwd/Makefile create mode 100644 src/bin/pg_passwd/README create mode 100644 src/bin/pg_passwd/pg_passwd.c diff --git a/README b/README index b411a74b00..189cc994ae 100644 --- a/README +++ b/README @@ -1,72 +1,3 @@ -The pathces and a prototype tool to manipulate the ``flat password file -'' functionality of PostgreSQL6.1 -1. File -Makefile -pg_passwd.c the source file of the tool. -2. How to specify pasword files and their format. -Specify the password file in the same style of Ident authentication in -$PGDATA/pg_hba.conf -host unv 133.65.96.250 255.255.255.255 password passwd -The above line allows access from 133.65.96.250 using the passwords listed -in $PGDATA/passwd. -The format of the password files follows those of /etc/passwd and -/etc/shadow: the first field is the user name, and the second field -is the encrypted password. The rest is completely ignored. Thus -the following three sample lines specify the same user and password pair:. -pg_guest:/nB7.w5Auq.BY:10031:::::: -pg_guest:/nB7.w5Auq.BY:93001:930::/home/guest:/bin/tcsh -pg_guest:/nB7.w5Auq.BY:93001 -Note that the original src/backend/libpq/password.c has a bug, which -disallows the first and the second format. If you want to use these -formats, please make sure you've applied the patch accompanied with -this tool. -3. Usage of pg_passwd -Supply the password file to the pg_passwd command. In the case described -above, after ``cd'ing to $PGDATA, the following command execution specify -the new password for pg_guest: -% pg_passwd passwd -Username: pg_guest -Password: -Re-enter password: -where the Password: and Re-enter password: prompts require the same -password input which are not displayed on the terminal. -The original password file is renamed to ``passwd.bk''. -4. How to specify pasasword authentication -You can use the password authentication fro psq, perl, or pg{tcl,tk}sh. -4.1 psql -Use the -u option. Note that the original distribution includes a bug. -Please make sure you've applied the patch distributed with this tool. -The following lines show the sample usage of the option: -% psql -h hyalos -u unv -Username: pg_guest -Password: -Welcome to the POSTGRESQL interactive sql monitor: - Please read the file COPYRIGHT for copyright terms of POSTGRESQL - type \? for help on slash commands - type \q to quit - type \g or terminate with semicolon to execute query - You are currently connected to the database: unv -unv=> -4.2 perl5 -Use the new style of the Pg.pm like this -$conn = Pg::connectdb("host=hyalos authtype=password dbname=unv - user=pg_guest password=xxxxxxx"); -For more details, the users refer to to ``src/pgsql_perl5/Pg.pm''. -4.3 pg{tcl,tk}sh -Use the pg_connect comamnd with -conninfo option thus -% set conn [pg_connect -conninfo \ - "host=hyalos authtype=password dbname=unv \ - user=pg_guest password=xxxxxxx "] -Use can list all of the keys for the option by executing the following -command: -% puts [ pg_conndefaults] -5. Acknowledgment -Mr. Ishii, SRA, pointed out the original bugs in the tool. He also -supplied the Makefile for this distribution. -------------------------------------------------------------------------- -July 2, 1997 -Yoshihiko Ichikawa, Dept of Info Sci, Fac of Sci, Ochanomizu University -E-mail: ichikawa@is.ocha.ac.jp PostgreSQL Data Base Management System (formerly known as Postgres, then as Postgres95). diff --git a/src/bin/Makefile b/src/bin/Makefile index ecf926c6fc..5ab4cd2f1a 100644 --- a/src/bin/Makefile +++ b/src/bin/Makefile @@ -7,7 +7,7 @@ # # # IDENTIFICATION -# $Header: /cvsroot/pgsql/src/bin/Makefile,v 1.8 1997/08/25 19:41:39 momjian Exp $ +# $Header: /cvsroot/pgsql/src/bin/Makefile,v 1.9 1997/08/25 19:59:52 momjian Exp $ # #------------------------------------------------------------------------- @@ -21,7 +21,7 @@ $(MAKE) -C pg_version $@ $(MAKE) -C psql $@ $(MAKE) -C pg_dump $@ - $(MAKE) -C pg_passwd $@ + $(MAKE) -C pg_passwd $@ # # Shell scripts # diff --git a/src/bin/pg_passwd/Makefile b/src/bin/pg_passwd/Makefile new file mode 100644 index 0000000000..5a5463acf9 --- /dev/null +++ b/src/bin/pg_passwd/Makefile @@ -0,0 +1,20 @@ +#------------------------------------------------------------------------- +# +# Makefile +# Makefile for bin/pg_passwd +#------------------------------------------------------------------------- +SRCDIR= ../.. +include ../../Makefile.global +OBJS= pg_passwd.o +all: pg_passwd +pg_passwd: $(OBJS) + $(CC) -o pg_passwd $(OBJS) $(LDFLAGS) +install: pg_passwd + $(INSTALL) $(INSTL_EXE_OPTS) pg_passwd $(DESTDIR)$(BINDIR)/pg_passwd +depend dep: + $(CC) -MM $(INCLUDE_OPT) *.c >depend +clean: + rm -f pg_passwd $(OBJS) +ifeq (depend,$(wildcard depend)) +include depend +endif diff --git a/src/bin/pg_passwd/README b/src/bin/pg_passwd/README new file mode 100644 index 0000000000..b411a74b00 --- /dev/null +++ b/src/bin/pg_passwd/README @@ -0,0 +1,111 @@ +The pathces and a prototype tool to manipulate the ``flat password file +'' functionality of PostgreSQL6.1 +1. File +Makefile +pg_passwd.c the source file of the tool. +2. How to specify pasword files and their format. +Specify the password file in the same style of Ident authentication in +$PGDATA/pg_hba.conf +host unv 133.65.96.250 255.255.255.255 password passwd +The above line allows access from 133.65.96.250 using the passwords listed +in $PGDATA/passwd. +The format of the password files follows those of /etc/passwd and +/etc/shadow: the first field is the user name, and the second field +is the encrypted password. The rest is completely ignored. Thus +the following three sample lines specify the same user and password pair:. +pg_guest:/nB7.w5Auq.BY:10031:::::: +pg_guest:/nB7.w5Auq.BY:93001:930::/home/guest:/bin/tcsh +pg_guest:/nB7.w5Auq.BY:93001 +Note that the original src/backend/libpq/password.c has a bug, which +disallows the first and the second format. If you want to use these +formats, please make sure you've applied the patch accompanied with +this tool. +3. Usage of pg_passwd +Supply the password file to the pg_passwd command. In the case described +above, after ``cd'ing to $PGDATA, the following command execution specify +the new password for pg_guest: +% pg_passwd passwd +Username: pg_guest +Password: +Re-enter password: +where the Password: and Re-enter password: prompts require the same +password input which are not displayed on the terminal. +The original password file is renamed to ``passwd.bk''. +4. How to specify pasasword authentication +You can use the password authentication fro psq, perl, or pg{tcl,tk}sh. +4.1 psql +Use the -u option. Note that the original distribution includes a bug. +Please make sure you've applied the patch distributed with this tool. +The following lines show the sample usage of the option: +% psql -h hyalos -u unv +Username: pg_guest +Password: +Welcome to the POSTGRESQL interactive sql monitor: + Please read the file COPYRIGHT for copyright terms of POSTGRESQL + type \? for help on slash commands + type \q to quit + type \g or terminate with semicolon to execute query + You are currently connected to the database: unv +unv=> +4.2 perl5 +Use the new style of the Pg.pm like this +$conn = Pg::connectdb("host=hyalos authtype=password dbname=unv + user=pg_guest password=xxxxxxx"); +For more details, the users refer to to ``src/pgsql_perl5/Pg.pm''. +4.3 pg{tcl,tk}sh +Use the pg_connect comamnd with -conninfo option thus +% set conn [pg_connect -conninfo \ + "host=hyalos authtype=password dbname=unv \ + user=pg_guest password=xxxxxxx "] +Use can list all of the keys for the option by executing the following +command: +% puts [ pg_conndefaults] +5. Acknowledgment +Mr. Ishii, SRA, pointed out the original bugs in the tool. He also +supplied the Makefile for this distribution. +------------------------------------------------------------------------- +July 2, 1997 +Yoshihiko Ichikawa, Dept of Info Sci, Fac of Sci, Ochanomizu University +E-mail: ichikawa@is.ocha.ac.jp + +PostgreSQL Data Base Management System (formerly known as Postgres, then +as Postgres95). + +This directory contains the version 6.1 release of the PostgreSQL +database server. The server is not ANSI SQL compliant, but it gets +closer with every release. After you unzip and untar the distribution +file, look at file INSTALL for the installation notes and file HISTORY +for the changes. + +The latest version of this software may be obtained at +ftp://ftp.postgresql.org/pub/. For more information look at our WWW +home page located at http://www.postgreSQL.org/. + +PostgreSQL is not public domain software. It is copyrighted by the +University of California but may be used according to the licensing +terms of the the copyright below: + +------------------------------------------------------------------------ + +POSTGRES95 Data Base Management System (formerly known as Postgres, then +as Postgres95). + +Copyright (c) 1994-7 Regents of the University of California + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose, without fee, and without a written agreement +is hereby granted, provided that the above copyright notice and this +paragraph and the following two paragraphs appear in all copies. + +IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR +DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING +LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS +DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS +ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO +PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. + diff --git a/src/bin/pg_passwd/pg_passwd.c b/src/bin/pg_passwd/pg_passwd.c new file mode 100644 index 0000000000..e68146a805 --- /dev/null +++ b/src/bin/pg_passwd/pg_passwd.c @@ -0,0 +1,74 @@ +/* + * @(#) pg_passwd.c 1.8 09:13:16 97/07/02 Y. Ichikawa + */ +#include +#include +#include +#include +#include +#include +#include +#include +#define issaltchar(c) (isalnum(c) || (c) == '.' || (c) == '/') +#include "postgres.h" +#ifdef HAVE_TERMIOS_H +#include +#endif +#ifdef HAVE_CRYPT_H +#include +#else +extern char *crypt(const char *, const char *); +#endif +char *comname; +void usage(FILE *stream); +void read_pwd_file(char *filename); +void write_pwd_file(char *filename, char *bkname); +void encrypt_pwd(char key[9], char salt[3], char passwd[14]); +int check_pwd(char key[9], char passwd[14]); +void prompt_for_username(char *username); +void prompt_for_password(char *prompt, char *password); +void usage(FILE *stream) +{ + fprintf(stream, "Usage: %s \n", comname); +} +typedef struct { + char *uname; + char *pwd; + char *rest; +} pg_pwd; +#define MAXPWDS 1024 +pg_pwd pwds[MAXPWDS]; +int npwds = 0; +void read_pwd_file(char *filename) +{ + FILE *fp; + static char line[512]; + static char ans[128]; + int i; + try_again: + fp = fopen(filename, "r"); + if (fp == NULL) { + if (errno == ENOENT) { + printf("File \"%s\" does not exist. Create? (y/n): ", filename); + fflush(stdout); + fgets(ans, 128, stdin); + switch (ans[0]) { + case 'y': case 'Y': + fp = fopen(filename, "w"); + if (fp == NULL) { + perror(filename); + exit(1); + } + fclose(fp); + goto try_again; + default: + /* cannot continue */ + exit(1); + } + } else { + perror(filename); + exit(1); + } + } + /* read all the entries */ + for (npwds = 0; npwds < MAXPWDS && fgets(line, 512, fp) != NULL; ++npwds) -- 2.40.0