int main () { struct crypt_context context; char plaintext[] = "password"; strcpy(context.salt, "$6$ksdfjsoigh$asdf"); crypt_password(&context, (unsigned char *) plaintext, strlen(plaintext)); printf("%s\n", crypt_to_string(&context)); crypt_from_string(&context, "endeavormac:$6$ksdfjsoigh$Dm7i1XyX1wno8dHD.TtBO7An4227mETbw4ilH5sOM3FL3FgHGpzMfmQormRGKtUE/lxCPrgCcmslJ.KueUezF/"); printf("%s\n", context.hash); printf("to_string: %s\n", crypt_to_string(&context)); int i; double johnny_bench_called; johnny_bench_called = (double) clock(); for (i = 0; i < 100; i++) { crypt_password(&context, (unsigned char *) plaintext, strlen(plaintext)); } johnny_bench_called = ((double) clock()) - johnny_bench_called; johnny_bench_called /= (double) CLOCKS_PER_SEC; johnny_bench_called = 100 / johnny_bench_called; printf("%f crypts per second\n", johnny_bench_called); return 0; }
static void ns_cmd_sendpass(struct sourceinfo *si, int parc, char *parv[]) { struct myuser *mu; char *name = parv[0]; char *key; enum specialoperation op = op_none; bool ismarked = false; if (!name) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "SENDPASS"); command_fail(si, fault_needmoreparams, _("Syntax: SENDPASS <account>")); return; } if (parc > 1) { if (!has_priv(si, PRIV_USER_SENDPASS)) { command_fail(si, fault_noprivs, STR_NOT_AUTHORIZED); return; } else if (!strcasecmp(parv[1], "FORCE")) op = op_force; else if (!strcasecmp(parv[1], "CLEAR")) op = op_clear; else { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SENDPASS"); command_fail(si, fault_badparams, _("Syntax: SENDPASS <account> [FORCE|CLEAR]")); return; } } if (!(mu = myuser_find_by_nick(name))) { command_fail(si, fault_nosuch_target, STR_IS_NOT_REGISTERED, name); return; } if (mu->flags & MU_WAITAUTH) { command_fail(si, fault_badparams, _("\2%s\2 is not verified."), entity(mu)->name); return; } if (metadata_find(mu, "private:mark:setter")) { ismarked = true; // don't want to disclose this, so just go ahead... } if (op == op_clear) { if (metadata_find(mu, "private:setpass:key")) { logcommand(si, CMDLOG_ADMIN, "SENDPASS:CLEAR: \2%s\2", entity(mu)->name); metadata_delete(mu, "private:setpass:key"); metadata_delete(mu, "private:sendpass:sender"); metadata_delete(mu, "private:sendpass:timestamp"); command_success_nodata(si, _("The password change key for \2%s\2 has been cleared."), entity(mu)->name); } else command_fail(si, fault_nochange, _("\2%s\2 did not have a password change key outstanding."), entity(mu)->name); return; } if (MOWGLI_LIST_LENGTH(&mu->logins) > 0) { if (si->smu == mu) command_fail(si, fault_already_authed, _("You are logged in and can change your password using the SET PASSWORD command.")); else command_fail(si, fault_noprivs, _("This operation cannot be performed on %s, because someone is logged in to it."), entity(mu)->name); return; } if (metadata_find(mu, "private:freeze:freezer")) { command_fail(si, fault_noprivs, _("%s has been frozen by the %s administration."), entity(mu)->name, me.netname); return; } if (metadata_find(mu, "private:setpass:key")) { command_fail(si, fault_alreadyexists, _("\2%s\2 already has a password change key outstanding."), entity(mu)->name); if (has_priv(si, PRIV_USER_SENDPASS)) command_fail(si, fault_alreadyexists, _("Use SENDPASS %s CLEAR to clear it so that a new one can be sent."), entity(mu)->name); return; } key = random_string(12); const char *const hash = crypt_password(key); if (!hash) { command_fail(si, fault_internalerror, _("Hash generation for password change key failed.")); sfree(key); return; } if (sendemail(si->su != NULL ? si->su : si->service->me, mu, EMAIL_SETPASS, mu->email, key)) { if (ismarked) wallops("%s sent the password for the \2MARKED\2 account %s.", get_oper_name(si), entity(mu)->name); logcommand(si, CMDLOG_ADMIN, "SENDPASS: \2%s\2 (change key)", name); metadata_add(mu, "private:sendpass:sender", get_oper_name(si)); metadata_add(mu, "private:sendpass:timestamp", number_to_string(time(NULL))); metadata_add(mu, "private:setpass:key", hash); command_success_nodata(si, _("The password change key for \2%s\2 has been sent to the corresponding email address."), entity(mu)->name); } else command_fail(si, fault_emailfail, _("Email send failed.")); sfree(key); }
int passwd (int argc, char **argv) { int c; int err = 0; char *typed_password = NULL, *typed_password2 = NULL; const char *username, *user; passwd_entry *passnode; char *linebuf = NULL; char *real_user = NULL; char *password_domain = NULL; int adduser=0,deluser=0,disableuser=0,realuser=0,remove_realuser=0,use_domain=0; int arg_specified = 0; if (argc == -1) usage (passwd_usage); optind = 0; while ((c = getopt (argc, argv, "axXr:RD:")) != -1) { switch (c) { case 'a': if(arg_specified) usage (passwd_usage); arg_specified = 1; adduser = 1; break; case 'x': if(arg_specified) usage (passwd_usage); arg_specified = 1; disableuser = 1; break; case 'X': if(arg_specified) usage (passwd_usage); arg_specified = 1; deluser = 1; break; case 'r': realuser = 1; real_user = xstrdup(optarg); break; case 'R': remove_realuser = 1; break; case 'D': use_domain = 1; password_domain = xstrdup(optarg); break; case '?': default: usage (passwd_usage); break; } } argc -= optind; argv += optind; if(!argc) user = NULL; else user=argv[0]; #ifdef CLIENT_SUPPORT if (current_parsed_root->isremote) { if (argc > 1) usage (passwd_usage); if (!supported_request ("passwd")) error (1, 0, "server does not support passwd"); if(!user && adduser) { error(1,0,"You cannot add yourself"); } if(!user && deluser) { error(1,0,"You cannot delete yourself"); } if(user || current_parsed_root->username || current_parsed_root->hostname) { printf ("%s %s@%s\n", (adduser) ? "Adding user" : (deluser) ? "Deleting user" : "Changing repository password for", user?user:current_parsed_root->username?current_parsed_root->username:getcaller(),current_parsed_root->hostname); } else { printf ("Changing repository password for %s\n",getcaller()); } fflush (stdout); if(!use_domain && !deluser && !disableuser) { typed_password = getpass ("New password: "******"Verify password: "******"Passwords do not match, try again"); } memset (typed_password2, 0, strlen (typed_password2)); typed_password = xrealloc(typed_password, strlen(typed_password) +32); if(strlen(typed_password)) crypt_password(typed_password); } if (adduser) send_arg ("-a"); if (disableuser) send_arg ("-x"); if (deluser) send_arg ("-X"); if (realuser) { send_arg ("-r"); send_arg (real_user); } if (remove_realuser) send_arg ("-R"); if(use_domain) { send_arg ("-D"); send_arg (password_domain); } if (argc == 1) send_arg(user); else send_arg("*"); if(typed_password) { send_arg (typed_password); /* Send the new password */ memset (typed_password, 0, strlen (typed_password)); xfree (typed_password); } send_to_server ("passwd\012", 0); return get_responses_and_close (); } if(!server_active) #endif { if(argc!=0 && argc!=1) usage (passwd_usage); if(!user && adduser) { error(1,0,"You cannot add yourself"); } if(!user && deluser) { error(1,0,"You cannot delete yourself"); } if(user || current_parsed_root->username) { printf ("%s %s\n", (adduser) ? "Adding user" : (deluser) ? "Deleting user" : "Changing password for", user?user:current_parsed_root->username); } else { printf ("Changing repository password for %s\n",getcaller()); } fflush (stdout); if (argc == 0) username = CVS_Username; else { username = user; } if(!use_domain && !deluser && !disableuser) { typed_password = getpass ("New password: "******"Verify password: "******"Passwords do not match, try again"); } memset (typed_password2, 0, strlen (typed_password2)); typed_password = xrealloc(typed_password, strlen(typed_password) +32); if(strlen(typed_password)) crypt_password(typed_password); } } #ifdef SERVER_SUPPORT if(server_active) { if ((argc != 1) && (argc != 2)) usage (passwd_usage); if(!strcmp(user,"*")) username = CVS_Username; else { username = user; #if defined(_WIN32) #ifdef SJIS if(_mbschr(username,'\\') && !isDomainMember()) #else if(strchr(username,'\\') && !isDomainMember()) #endif { error(1,0,"CVS server is not acting as a domain member - cannot specify domains"); } #endif } if(argc==2) typed_password = argv[1]; } #endif if (typed_password && (strcmp(username, CVS_Username) != 0) && (! verify_admin ())) error (1, 0, "Only administrators can add or change another's password"); read_passwd_list(); passnode = find_passwd_entry(username); if (passnode == NULL) { if (!adduser) error (1, 0, "Could not find %s in password file", username); if (! verify_admin()) { error (1, 0, "Only administrators can add users" ); } passnode = new_passwd_entry(); passnode->username=xstrdup(username); passnode->password=xstrdup(typed_password); passnode->real_username=NULL; } if(deluser) { if (! verify_admin()) { error (1, 0, "Only administrators can delete users" ); } xfree(passnode->username); passnode->username = NULL; } else if(disableuser) { if (! verify_admin()) { error (1, 0, "Only administrators can disable users" ); } xfree(passnode->password); passnode->password=xstrdup("#DISABLED#"); } else { xfree(passnode->password); #ifdef _WIN32 /* Unix servers can't make any sense of this */ if(use_domain) { passnode->password = xmalloc(strlen(password_domain)+2); strcpy(passnode->password,"!"); strcat(passnode->password,password_domain); } else #endif passnode->password = xstrdup(typed_password); if(realuser) { if(!getpwnam(real_user)) error(1, 0, "User '%s' is not a real user on the system.",real_user); xfree(passnode->real_username); passnode->real_username = xstrdup(real_user); } else if (remove_realuser) { xfree(passnode->real_username); passnode->real_username=NULL; } if((passnode->real_username && !getpwnam(passnode->real_username)) || (!passnode->real_username && passnode->username && !getpwnam(passnode->username))) { error(0,0,"*WARNING* CVS user '%s' will not be able to log in until they are aliased to a valid system user.",username); } } write_passwd_list(); free_passwd_list(); xfree(real_user); xfree(password_domain); return (err); }