View | Details | Raw Unified | Return to bug 52313
Collapse All | Expand All

(-)support/htdbm.c (-11 / +30 lines)
Lines 68-73 Link Here
68
    char                    *comment;
68
    char                    *comment;
69
    char                    *type;
69
    char                    *type;
70
    int                     create;
70
    int                     create;
71
    int                     allowcolon;
72
    int                     keep;
73
    int                     writevalue;
71
    int                     rdonly;
74
    int                     rdonly;
72
};
75
};
73
76
Lines 161-168 Link Here
161
164
162
    key.dptr = htdbm->username;
165
    key.dptr = htdbm->username;
163
    key.dsize = strlen(htdbm->username);
166
    key.dsize = strlen(htdbm->username);
164
    if (apr_dbm_exists(htdbm->dbm, key))
167
    if (apr_dbm_exists(htdbm->dbm, key)) {
168
        if (htdbm->keep)
169
            return APR_EEXIST;
165
        *changed = 1;
170
        *changed = 1;
171
    }
166
172
167
    val.dsize = strlen(htdbm->ctx.passwd);
173
    val.dsize = strlen(htdbm->ctx.passwd);
168
    if (!htdbm->comment)
174
    if (!htdbm->comment)
Lines 205-210 Link Here
205
        pwd = apr_pstrndup(htdbm->ctx.pool, rec, cmnt - rec);
211
        pwd = apr_pstrndup(htdbm->ctx.pool, rec, cmnt - rec);
206
    else
212
    else
207
        pwd = apr_pstrdup(htdbm->ctx.pool, rec);
213
        pwd = apr_pstrdup(htdbm->ctx.pool, rec);
214
    if (htdbm->writevalue) fwrite(val.dptr, 1, val.dsize, stdout);
208
    return apr_password_validate(htdbm->ctx.passwd, pwd);
215
    return apr_password_validate(htdbm->ctx.passwd, pwd);
209
}
216
}
210
217
Lines 266-272 Link Here
266
        fprintf(stderr, "Invalid username length\n");
273
        fprintf(stderr, "Invalid username length\n");
267
        return APR_EINVAL;
274
        return APR_EINVAL;
268
    }
275
    }
269
    if (strchr(htdbm->username, ':')) {
276
    if (!htdbm->allowcolon && strchr(htdbm->username, ':')) {
270
        fprintf(stderr, "Username contains invalid characters\n");
277
        fprintf(stderr, "Username contains invalid characters\n");
271
        return APR_EINVAL;
278
        return APR_EINVAL;
272
    }
279
    }
Lines 277-290 Link Here
277
{
284
{
278
    fprintf(stderr,
285
    fprintf(stderr,
279
        "htdbm -- program for manipulating DBM password databases.\n\n"
286
        "htdbm -- program for manipulating DBM password databases.\n\n"
280
        "Usage: htdbm   [-cimBdpstvx] [-C cost] [-TDBTYPE] database username\n"
287
        "Usage: htdbm   [-cimBdpstvxak] [-C cost] [-TDBTYPE] database username\n"
281
        "                -b[cmBdptsv] [-C cost] [-TDBTYPE] database username password\n"
288
        "                -b[cmBdptsvak] [-C cost] [-TDBTYPE] database username password\n"
282
        "                -n[imBdpst]  [-C cost] username\n"
289
        "                -n[imBdpst]    [-C cost] username\n"
283
        "                -nb[mBdpst]  [-C cost] username password\n"
290
        "                -nb[mBdpst]    [-C cost] username password\n"
284
        "                -v[imBdps]   [-C cost] [-TDBTYPE] database username\n"
291
        "                -v[imBdpsw]    [-C cost] [-TDBTYPE] database username\n"
285
        "                -vb[mBdps]   [-C cost] [-TDBTYPE] database username password\n"
292
        "                -vb[mBdpsw]    [-C cost] [-TDBTYPE] database username password\n"
286
        "                -x                     [-TDBTYPE] database username\n"
293
        "                -x                       [-TDBTYPE] database username\n"
287
        "                -l                     [-TDBTYPE] database\n"
294
        "                -l                       [-TDBTYPE] database\n"
288
        "Options:\n"
295
        "Options:\n"
289
        "   -c   Create a new database.\n"
296
        "   -c   Create a new database.\n"
290
        "   -n   Don't update database; display results on stdout.\n"
297
        "   -n   Don't update database; display results on stdout.\n"
Lines 302-307 Link Here
302
        "   -v   Verify the username/password.\n"
309
        "   -v   Verify the username/password.\n"
303
        "   -x   Remove the username record from database.\n"
310
        "   -x   Remove the username record from database.\n"
304
        "   -t   The last param is username comment.\n"
311
        "   -t   The last param is username comment.\n"
312
        "   -a   Allow colons in username.\n"
313
        "   -k   Keep existing entries; only new entries may be added.\n"
314
        "   -w   Write database value to stdout (when verifying).\n"
305
        "The SHA algorithm does not use a salt and is less secure than the "
315
        "The SHA algorithm does not use a salt and is less secure than the "
306
        "MD5 algorithm.\n",
316
        "MD5 algorithm.\n",
307
        BCRYPT_DEFAULT_COST);
317
        BCRYPT_DEFAULT_COST);
Lines 337-343 Link Here
337
    if (rv != APR_SUCCESS)
347
    if (rv != APR_SUCCESS)
338
        exit(ERR_SYNTAX);
348
        exit(ERR_SYNTAX);
339
349
340
    while ((rv = apr_getopt(state, "cnmspdBbtivxlC:T:", &opt, &opt_arg)) == APR_SUCCESS) {
350
    while ((rv = apr_getopt(state, "acknmspdBbtivwxlC:T:", &opt, &opt_arg)) == APR_SUCCESS) {
341
        switch (opt) {
351
        switch (opt) {
342
        case 'c':
352
        case 'c':
343
            h->create = 1;
353
            h->create = 1;
Lines 369-374 Link Here
369
            need_pwd = 0;
379
            need_pwd = 0;
370
            cmd = HTDBM_DELETE;
380
            cmd = HTDBM_DELETE;
371
            break;
381
            break;
382
        case 'a':
383
            h->allowcolon = 1;
384
            break;
385
        case 'k':
386
            h->keep = 1;
387
            break;
388
        case 'w':
389
            h->writevalue = 1;
390
            break;
372
        default:
391
        default:
373
            ret = parse_common_options(&h->ctx, opt, opt_arg);
392
            ret = parse_common_options(&h->ctx, opt, opt_arg);
374
            if (ret) {
393
            if (ret) {

Return to bug 52313