diff options
author | lulf <lulf@FreeBSD.org> | 2010-02-02 05:57:42 +0000 |
---|---|---|
committer | lulf <lulf@FreeBSD.org> | 2010-02-02 05:57:42 +0000 |
commit | 261160bd72e886fafa189eea83e951826443c722 (patch) | |
tree | 92768e0d706894d7a40649884888d7c43c8ace45 /contrib/csup/cpasswd.sh | |
parent | 4bbdc41fe9f4d06b09d1a7d03aa1521cb317007c (diff) | |
download | FreeBSD-src-261160bd72e886fafa189eea83e951826443c722.zip FreeBSD-src-261160bd72e886fafa189eea83e951826443c722.tar.gz |
- Add support for CVSup authentication mechanisms to csup.
- Include a cpasswd script performing the same mechanisms as the cvpasswd
utility from CVSup.
PR: bin/114129
Submitted by: Petar Zhivkov Petrov <pesho.petrov -at- gmail.com>
MFC after: 1 month
Diffstat (limited to 'contrib/csup/cpasswd.sh')
-rwxr-xr-x | contrib/csup/cpasswd.sh | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/contrib/csup/cpasswd.sh b/contrib/csup/cpasswd.sh new file mode 100755 index 0000000..71e17c5 --- /dev/null +++ b/contrib/csup/cpasswd.sh @@ -0,0 +1,135 @@ +#! /bin/sh +# +# Copyright 2007. Petar Zhivkov Petrov +# pesho.petrov@gmail.com +# +# $FreeBSD$ + +usage() { + echo "Usage: $0 clientName serverName" + echo " $0 -v" +} + +countChars() { + _count="`echo "$1" | sed -e "s/[^$2]//g" | tr -d "\n" | wc -c`" + return 0 +} + +readPassword() { + while [ true ]; do + stty -echo + read -p "$1" _password + stty echo + echo "" + countChars "$_password" ":" + if [ $_count != 0 ]; then + echo "Sorry, password must not contain \":\" characters" + echo "" + else + break + fi + done + return 0 +} + +makeSecret() { + local clientLower="`echo "$1" | tr "[:upper:]" "[:lower:]"`" + local serverLower="`echo "$2" | tr "[:upper:]" "[:lower:]"`" + local secret="`md5 -qs "$clientLower:$serverLower:$3"`" + _secret="\$md5\$$secret" +} + +if [ $# -eq 1 -a "X$1" = "X-v" ]; then + echo "Csup authentication key generator" + usage + exit +elif [ $# -ne 2 ]; then + usage + exit +fi + +clientName=$1 +serverName=$2 + +# +# Client name must contain exactly one '@' and at least one '.'. +# It must not contain a ':'. +# + +countChars "$clientName" "@" +aCount=$_count + +countChars "$clientName" "." +dotCount=$_count +if [ $aCount -ne 1 -o $dotCount -eq 0 ]; then + echo "Client name must have the form of an e-mail address," + echo "e.g., \"user@domain.com\"" + exit +fi + +countChars "$clientName" ":" +colonCount=$_count +if [ $colonCount -gt 0 ]; then + echo "Client name must not contain \":\" characters" + exit +fi + +# +# Server name must not contain '@' and must have at least one '.'. +# It also must not contain a ':'. +# + +countChars "$serverName" "@" +aCount=$_count + +countChars "$serverName" "." +dotCount=$_count +if [ $aCount != 0 -o $dotCount = 0 ]; then + echo "Server name must be a fully-qualified domain name." + echo "e.g., \"host.domain.com\"" + exit +fi + +countChars "$serverName" ":" +colonCount=$_count +if [ $colonCount -gt 0 ]; then + echo "Server name must not contain \":\" characters" + exit +fi + +# +# Ask for password and generate secret. +# + +while [ true ]; do + readPassword "Enter password: " + makeSecret "$clientName" "$serverName" "$_password" + secret=$_secret + + readPassword "Enter same password again: " + makeSecret "$clientName" "$serverName" "$_password" + secret2=$_secret + + if [ "X$secret" = "X$secret2" ]; then + break + else + echo "Passwords did not match. Try again." + echo "" + fi +done + +echo "" +echo "Send this line to the server administrator at $serverName:" +echo "-------------------------------------------------------------------------------" +echo "$clientName:$secret::" +echo "-------------------------------------------------------------------------------" +echo "Be sure to send it using a secure channel!" +echo "" +echo "Add this line to your file \"$HOME/.csup/auth\", replacing \"XXX\"" +echo "with the password you typed in:" +echo "-------------------------------------------------------------------------------" +echo "$serverName:$clientName:XXX:" +echo "-------------------------------------------------------------------------------" +echo "Make sure the file is readable and writable only by you!" +echo "" + |