github.com/krum110487/go-htaccess@v0.0.0-20240316004156-60641c8e7598/tests/data/apache_2_4_58/bin/dbmmanage.pl (about) 1 # 2 # Licensed to the Apache Software Foundation (ASF) under one or more 3 # contributor license agreements. See the NOTICE file distributed with 4 # this work for additional information regarding copyright ownership. 5 # The ASF licenses this file to You under the Apache License, Version 2.0 6 # (the "License"); you may not use this file except in compliance with 7 # the License. You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 17 #for more functionality see the HTTPD::UserAdmin module: 18 # http://www.perl.com/CPAN/modules/by-module/HTTPD/HTTPD-Tools-x.xx.tar.gz 19 # 20 # usage: dbmmanage <DBMfile> <command> <user> <password> <groups> <comment> 21 22 package dbmmanage; 23 # -ldb -lndbm -lgdbm -lsdbm 24 BEGIN { @AnyDBM_File::ISA = qw(SDBM_File) } 25 use strict; 26 use Fcntl; 27 use AnyDBM_File (); 28 29 sub usage { 30 my $cmds = join "|", sort keys %dbmc::; 31 die <<SYNTAX; 32 Usage: dbmmanage [enc] dbname command [username [pw [group[,group] [comment]]]] 33 34 where enc is -d for crypt encryption (default except on Win32, Netware) 35 -m for MD5 encryption (default on Win32, Netware) 36 -s for SHA1 encryption 37 -p for plaintext 38 39 command is one of: $cmds 40 41 pw of . for update command retains the old password 42 pw of - (or blank) for update command prompts for the password 43 44 groups or comment of . (or blank) for update command retains old values 45 groups or comment of - for update command clears the existing value 46 groups or comment of - for add and adduser commands is the empty value 47 SYNTAX 48 } 49 50 sub need_sha1_crypt { 51 if (!eval ('require "Digest/SHA1.pm";')) { 52 print STDERR <<SHAERR; 53 dbmmanage SHA1 passwords require the interface or the module Digest::SHA1 54 available from CPAN: 55 56 http://www.cpan.org/modules/by-module/Digest/Digest-MD5-2.12.tar.gz 57 58 Please install Digest::SHA1 and try again, or use a different crypt option: 59 60 SHAERR 61 usage(); 62 } 63 } 64 65 sub need_md5_crypt { 66 if (!eval ('require "Crypt/PasswdMD5.pm";')) { 67 print STDERR <<MD5ERR; 68 dbmmanage MD5 passwords require the module Crypt::PasswdMD5 available from CPAN 69 70 http://www.cpan.org/modules/by-module/Crypt/Crypt-PasswdMD5-1.1.tar.gz 71 72 Please install Crypt::PasswdMD5 and try again, or use a different crypt option: 73 74 MD5ERR 75 usage(); 76 } 77 } 78 79 # if your osname is in $newstyle_salt, then use new style salt (starts with '_' and contains 80 # four bytes of iteration count and four bytes of salt). Otherwise, just use 81 # the traditional two-byte salt. 82 # see the man page on your system to decide if you have a newer crypt() lib. 83 # I believe that 4.4BSD derived systems do (at least BSD/OS 2.0 does). 84 # The new style crypt() allows up to 20 characters of the password to be 85 # significant rather than only 8. 86 # 87 my $newstyle_salt_platforms = join '|', qw{bsdos}; #others? 88 my $newstyle_salt = $^O =~ /(?:$newstyle_salt_platforms)/; 89 90 # Some platforms just can't crypt() for Apache 91 # 92 my $crypt_not_supported_platforms = join '|', qw{MSWin32 NetWare}; #others? 93 my $crypt_not_supported = $^O =~ /(?:$crypt_not_supported_platforms)/; 94 95 my $crypt_method = "crypt"; 96 97 if ($crypt_not_supported) { 98 $crypt_method = "md5"; 99 } 100 101 # Some platforms won't jump through our favorite hoops 102 # 103 my $not_unix_platforms = join '|', qw{MSWin32 NetWare}; #others? 104 my $not_unix = $^O =~ /(?:$not_unix_platforms)/; 105 106 if ($crypt_not_supported) { 107 $crypt_method = "md5"; 108 } 109 110 if (@ARGV[0] eq "-d") { 111 shift @ARGV; 112 if ($crypt_not_supported) { 113 print STDERR 114 "Warning: Apache/$^O does not support crypt()ed passwords!\n\n"; 115 } 116 $crypt_method = "crypt"; 117 } 118 119 if (@ARGV[0] eq "-m") { 120 shift @ARGV; 121 $crypt_method = "md5"; 122 } 123 124 if (@ARGV[0] eq "-p") { 125 shift @ARGV; 126 if (!$crypt_not_supported) { 127 print STDERR 128 "Warning: Apache/$^O does not support plaintext passwords!\n\n"; 129 } 130 $crypt_method = "plain"; 131 } 132 133 if (@ARGV[0] eq "-s") { 134 shift @ARGV; 135 need_sha1_crypt(); 136 $crypt_method = "sha1"; 137 } 138 139 if ($crypt_method eq "md5") { 140 need_md5_crypt(); 141 } 142 143 my($file,$command,$key,$crypted_pwd,$groups,$comment) = @ARGV; 144 145 usage() unless $file and $command and defined &{$dbmc::{$command}}; 146 147 # remove extension if any 148 my $chop = join '|', qw{db.? pag dir}; 149 $file =~ s/\.($chop)$//; 150 151 my $is_update = $command eq "update"; 152 my %DB = (); 153 my @range = (); 154 my($mode, $flags) = $command =~ 155 /^(?:view|check)$/ ? (0644, O_RDONLY) : (0644, O_RDWR|O_CREAT); 156 157 tie (%DB, "AnyDBM_File", $file, $flags, $mode) || die "Can't tie $file: $!"; 158 dbmc->$command(); 159 untie %DB; 160 161 162 my $x; 163 sub genseed { 164 my $psf; 165 if ($not_unix) { 166 srand (time ^ $$ or time ^ ($$ + ($$ << 15))); 167 } 168 else { 169 for (qw(-xlwwa -le)) { 170 `ps $_ 2>/dev/null`; 171 $psf = $_, last unless $?; 172 } 173 srand (time ^ $$ ^ unpack("%L*", `ps $psf | gzip -f`)); 174 } 175 @range = (qw(. /), '0'..'9','a'..'z','A'..'Z'); 176 $x = int scalar @range; 177 } 178 179 sub randchar { 180 join '', map $range[rand $x], 1..shift||1; 181 } 182 183 sub saltpw_crypt { 184 genseed() unless @range; 185 return $newstyle_salt ? 186 join '', "_", randchar, "a..", randchar(4) : 187 randchar(2); 188 } 189 190 sub cryptpw_crypt { 191 my ($pw, $salt) = @_; 192 $salt = saltpw_crypt unless $salt; 193 crypt $pw, $salt; 194 } 195 196 sub saltpw_md5 { 197 genseed() unless @range; 198 randchar(8); 199 } 200 201 sub cryptpw_md5 { 202 my($pw, $salt) = @_; 203 $salt = saltpw_md5 unless $salt; 204 Crypt::PasswdMD5::apache_md5_crypt($pw, $salt); 205 } 206 207 sub cryptpw_sha1 { 208 my($pw, $salt) = @_; 209 '{SHA}' . Digest::SHA1::sha1_base64($pw) . "="; 210 } 211 212 sub cryptpw { 213 if ($crypt_method eq "md5") { 214 return cryptpw_md5(@_); 215 } elsif ($crypt_method eq "sha1") { 216 return cryptpw_sha1(@_); 217 } elsif ($crypt_method eq "crypt") { 218 return cryptpw_crypt(@_); 219 } 220 @_[0]; # otherwise return plaintext 221 } 222 223 sub getpass { 224 my $prompt = shift || "Enter password:"; 225 226 unless($not_unix) { 227 open STDIN, "/dev/tty" or warn "couldn't open /dev/tty $!\n"; 228 system "stty -echo;"; 229 } 230 231 my($c,$pwd); 232 print STDERR $prompt; 233 while (($c = getc(STDIN)) ne '' and $c ne "\n" and $c ne "\r") { 234 $pwd .= $c; 235 } 236 237 system "stty echo" unless $not_unix; 238 print STDERR "\n"; 239 die "Can't use empty password!\n" unless length $pwd; 240 return $pwd; 241 } 242 243 sub dbmc::update { 244 die "Sorry, user `$key' doesn't exist!\n" unless $DB{$key}; 245 $crypted_pwd = (split /:/, $DB{$key}, 3)[0] if $crypted_pwd eq '.'; 246 $groups = (split /:/, $DB{$key}, 3)[1] if !$groups || $groups eq '.'; 247 $comment = (split /:/, $DB{$key}, 3)[2] if !$comment || $comment eq '.'; 248 if (!$crypted_pwd || $crypted_pwd eq '-') { 249 dbmc->adduser; 250 } 251 else { 252 dbmc->add; 253 } 254 } 255 256 sub dbmc::add { 257 die "Can't use empty password!\n" unless $crypted_pwd; 258 unless($is_update) { 259 die "Sorry, user `$key' already exists!\n" if $DB{$key}; 260 } 261 $groups = '' if $groups eq '-'; 262 $comment = '' if $comment eq '-'; 263 $groups .= ":" . $comment if $comment; 264 $crypted_pwd .= ":" . $groups if $groups; 265 $DB{$key} = $crypted_pwd; 266 my $action = $is_update ? "updated" : "added"; 267 print "User $key $action with password encrypted to $DB{$key} using $crypt_method\n"; 268 } 269 270 sub dbmc::adduser { 271 my $value = getpass "New password:"; 272 die "They don't match, sorry.\n" unless getpass("Re-type new password:") eq $value; 273 $crypted_pwd = cryptpw $value; 274 dbmc->add; 275 } 276 277 sub dbmc::delete { 278 die "Sorry, user `$key' doesn't exist!\n" unless $DB{$key}; 279 delete $DB{$key}, print "`$key' deleted\n"; 280 } 281 282 sub dbmc::view { 283 print $key ? "$key:$DB{$key}\n" : map { "$_:$DB{$_}\n" if $DB{$_} } keys %DB; 284 } 285 286 sub dbmc::check { 287 die "Sorry, user `$key' doesn't exist!\n" unless $DB{$key}; 288 my $chkpass = (split /:/, $DB{$key}, 3)[0]; 289 my $testpass = getpass(); 290 if (substr($chkpass, 0, 6) eq '$apr1$') { 291 need_md5_crypt; 292 $crypt_method = "md5"; 293 } elsif (substr($chkpass, 0, 5) eq '{SHA}') { 294 need_sha1_crypt; 295 $crypt_method = "sha1"; 296 } elsif (length($chkpass) == 13 && $chkpass ne $testpass) { 297 $crypt_method = "crypt"; 298 } else { 299 $crypt_method = "plain"; 300 } 301 print $crypt_method . (cryptpw($testpass, $chkpass) eq $chkpass 302 ? " password ok\n" : " password mismatch\n"); 303 } 304 305 sub dbmc::import { 306 while(defined($_ = <STDIN>) and chomp) { 307 ($key,$crypted_pwd,$groups,$comment) = split /:/, $_, 4; 308 dbmc->add; 309 } 310 } 311