Lines 68-73
Link Here
|
68 |
char *comment; |
68 |
char *comment; |
69 |
char *type; |
69 |
char *type; |
70 |
int create; |
70 |
int create; |
|
|
71 |
int allowcolon; |
72 |
int keep; |
73 |
int writevalue; |
71 |
int rdonly; |
74 |
int rdonly; |
72 |
}; |
75 |
}; |
73 |
|
76 |
|
Lines 161-168
Link Here
|
161 |
|
164 |
|
162 |
key.dptr = htdbm->username; |
165 |
key.dptr = htdbm->username; |
163 |
key.dsize = strlen(htdbm->username); |
166 |
key.dsize = strlen(htdbm->username); |
164 |
if (apr_dbm_exists(htdbm->dbm, key)) |
167 |
if (apr_dbm_exists(htdbm->dbm, key)) { |
|
|
168 |
if (htdbm->keep) |
169 |
return APR_EEXIST; |
165 |
*changed = 1; |
170 |
*changed = 1; |
|
|
171 |
} |
166 |
|
172 |
|
167 |
val.dsize = strlen(htdbm->ctx.passwd); |
173 |
val.dsize = strlen(htdbm->ctx.passwd); |
168 |
if (!htdbm->comment) |
174 |
if (!htdbm->comment) |
Lines 205-210
Link Here
|
205 |
pwd = apr_pstrndup(htdbm->ctx.pool, rec, cmnt - rec); |
211 |
pwd = apr_pstrndup(htdbm->ctx.pool, rec, cmnt - rec); |
206 |
else |
212 |
else |
207 |
pwd = apr_pstrdup(htdbm->ctx.pool, rec); |
213 |
pwd = apr_pstrdup(htdbm->ctx.pool, rec); |
|
|
214 |
if (htdbm->writevalue) fwrite(val.dptr, 1, val.dsize, stdout); |
208 |
return apr_password_validate(htdbm->ctx.passwd, pwd); |
215 |
return apr_password_validate(htdbm->ctx.passwd, pwd); |
209 |
} |
216 |
} |
210 |
|
217 |
|
Lines 266-272
Link Here
|
266 |
fprintf(stderr, "Invalid username length\n"); |
273 |
fprintf(stderr, "Invalid username length\n"); |
267 |
return APR_EINVAL; |
274 |
return APR_EINVAL; |
268 |
} |
275 |
} |
269 |
if (strchr(htdbm->username, ':')) { |
276 |
if (!htdbm->allowcolon && strchr(htdbm->username, ':')) { |
270 |
fprintf(stderr, "Username contains invalid characters\n"); |
277 |
fprintf(stderr, "Username contains invalid characters\n"); |
271 |
return APR_EINVAL; |
278 |
return APR_EINVAL; |
272 |
} |
279 |
} |
Lines 277-290
Link Here
|
277 |
{ |
284 |
{ |
278 |
fprintf(stderr, |
285 |
fprintf(stderr, |
279 |
"htdbm -- program for manipulating DBM password databases.\n\n" |
286 |
"htdbm -- program for manipulating DBM password databases.\n\n" |
280 |
"Usage: htdbm [-cimBdpstvx] [-C cost] [-TDBTYPE] database username\n" |
287 |
"Usage: htdbm [-cimBdpstvxak] [-C cost] [-TDBTYPE] database username\n" |
281 |
" -b[cmBdptsv] [-C cost] [-TDBTYPE] database username password\n" |
288 |
" -b[cmBdptsvak] [-C cost] [-TDBTYPE] database username password\n" |
282 |
" -n[imBdpst] [-C cost] username\n" |
289 |
" -n[imBdpst] [-C cost] username\n" |
283 |
" -nb[mBdpst] [-C cost] username password\n" |
290 |
" -nb[mBdpst] [-C cost] username password\n" |
284 |
" -v[imBdps] [-C cost] [-TDBTYPE] database username\n" |
291 |
" -v[imBdpsw] [-C cost] [-TDBTYPE] database username\n" |
285 |
" -vb[mBdps] [-C cost] [-TDBTYPE] database username password\n" |
292 |
" -vb[mBdpsw] [-C cost] [-TDBTYPE] database username password\n" |
286 |
" -x [-TDBTYPE] database username\n" |
293 |
" -x [-TDBTYPE] database username\n" |
287 |
" -l [-TDBTYPE] database\n" |
294 |
" -l [-TDBTYPE] database\n" |
288 |
"Options:\n" |
295 |
"Options:\n" |
289 |
" -c Create a new database.\n" |
296 |
" -c Create a new database.\n" |
290 |
" -n Don't update database; display results on stdout.\n" |
297 |
" -n Don't update database; display results on stdout.\n" |
Lines 302-307
Link Here
|
302 |
" -v Verify the username/password.\n" |
309 |
" -v Verify the username/password.\n" |
303 |
" -x Remove the username record from database.\n" |
310 |
" -x Remove the username record from database.\n" |
304 |
" -t The last param is username comment.\n" |
311 |
" -t The last param is username comment.\n" |
|
|
312 |
" -a Allow colons in username.\n" |
313 |
" -k Keep existing entries; only new entries may be added.\n" |
314 |
" -w Write database value to stdout (when verifying).\n" |
305 |
"The SHA algorithm does not use a salt and is less secure than the " |
315 |
"The SHA algorithm does not use a salt and is less secure than the " |
306 |
"MD5 algorithm.\n", |
316 |
"MD5 algorithm.\n", |
307 |
BCRYPT_DEFAULT_COST); |
317 |
BCRYPT_DEFAULT_COST); |
Lines 337-343
Link Here
|
337 |
if (rv != APR_SUCCESS) |
347 |
if (rv != APR_SUCCESS) |
338 |
exit(ERR_SYNTAX); |
348 |
exit(ERR_SYNTAX); |
339 |
|
349 |
|
340 |
while ((rv = apr_getopt(state, "cnmspdBbDivxlC:T:", &opt, &opt_arg)) == APR_SUCCESS) { |
350 |
while ((rv = apr_getopt(state, "akwtcnmspdBbDivxlC:T:", &opt, &opt_arg)) == APR_SUCCESS) { |
341 |
switch (opt) { |
351 |
switch (opt) { |
342 |
case 'c': |
352 |
case 'c': |
343 |
h->create = 1; |
353 |
h->create = 1; |
Lines 369-374
Link Here
|
369 |
need_pwd = 0; |
379 |
need_pwd = 0; |
370 |
cmd = HTDBM_DELETE; |
380 |
cmd = HTDBM_DELETE; |
371 |
break; |
381 |
break; |
|
|
382 |
case 'a': |
383 |
h->allowcolon = 1; |
384 |
break; |
385 |
case 'k': |
386 |
h->keep = 1; |
387 |
break; |
388 |
case 'w': |
389 |
h->writevalue = 1; |
390 |
break; |
372 |
default: |
391 |
default: |
373 |
ret = parse_common_options(&h->ctx, opt, opt_arg); |
392 |
ret = parse_common_options(&h->ctx, opt, opt_arg); |
374 |
if (ret) { |
393 |
if (ret) { |