diff options
Diffstat (limited to 'support/htpasswd.c')
-rw-r--r-- | support/htpasswd.c | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/support/htpasswd.c b/support/htpasswd.c index 2eadc78e..3aa9e184 100644 --- a/support/htpasswd.c +++ b/support/htpasswd.c @@ -141,7 +141,15 @@ static apr_status_t seed_rand(void) static void putline(apr_file_t *f, const char *l) { - apr_file_puts(l, f); + apr_status_t rc; + rc = apr_file_puts(l, f); + if (rc != APR_SUCCESS) { + char errstr[MAX_STRING_LEN]; + apr_strerror(rc, errstr, MAX_STRING_LEN); + apr_file_printf(errfile, "Error writing temp file: %s" NL, errstr); + apr_file_close(f); + exit(ERR_FILEPERM); + } } /* @@ -201,7 +209,7 @@ static int mkrecord(char *user, char *record, apr_size_t rlen, char *passwd, apr_cpystrn(cpw,pw,sizeof(cpw)); break; -#if !(defined(WIN32) || defined(NETWARE)) +#if (!(defined(WIN32) || defined(NETWARE))) case ALG_CRYPT: default: if (seed_rand()) { @@ -210,7 +218,16 @@ static int mkrecord(char *user, char *record, apr_size_t rlen, char *passwd, to64(&salt[0], rand(), 8); salt[8] = '\0'; - apr_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1); + apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1); + if (strlen(pw) > 8) { + char *truncpw = strdup(pw); + truncpw[8] = '\0'; + if (!strcmp(cpw, crypt(truncpw, salt))) { + apr_file_printf(errfile, "Warning: Password truncated to 8 characters " + "by CRYPT algorithm." NL); + } + free(truncpw); + } break; #endif } @@ -243,14 +260,9 @@ static void usage(void) apr_file_printf(errfile, " -n Don't update file; display results on " "stdout." NL); apr_file_printf(errfile, " -m Force MD5 encryption of the password" -#if defined(WIN32) || defined(TPF) || defined(NETWARE) " (default)" -#endif "." NL); apr_file_printf(errfile, " -d Force CRYPT encryption of the password" -#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE))) - " (default)" -#endif "." NL); apr_file_printf(errfile, " -p Do not encrypt the password (plaintext)." NL); apr_file_printf(errfile, " -s Force SHA encryption of the password." NL); @@ -258,10 +270,11 @@ static void usage(void) "rather than prompting for it." NL); apr_file_printf(errfile, " -D Delete the specified user." NL); apr_file_printf(errfile, - "On Windows, NetWare and TPF systems the '-m' flag is used by " - "default." NL); + "On other systems than Windows, NetWare and TPF the '-p' flag will " + "probably not work." NL); apr_file_printf(errfile, - "On all other systems, the '-p' flag will probably not work." NL); + "The SHA algorithm does not use a salt and is less secure than " + "the MD5 algorithm." NL); exit(ERR_SYNTAX); } @@ -428,7 +441,7 @@ int main(int argc, const char * const argv[]) char *scratch, cp[MAX_STRING_LEN]; int found = 0; int i; - int alg = ALG_CRYPT; + int alg = ALG_APMD5; int mask = 0; apr_pool_t *pool; int existing_file = 0; |