Return-Path: Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 15277 invoked by uid 500); 24 Nov 2001 20:15:08 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 15260 invoked from network); 24 Nov 2001 20:15:05 -0000 Message-ID: <004101c17524$a63bbd90$8094bfd5@armada> From: "Mladen Turk" To: Subject: [PATCH] htdbm - group management support Date: Sat, 24 Nov 2001 21:14:23 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_003E_01C1752C.FDB73E20" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - ns.promo-grupa.com X-AntiAbuse: Original Domain - httpd.apache.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [0 0] X-AntiAbuse: Sender Address Domain - mappingsoft.com X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N This is a multi-part message in MIME format. ------=_NextPart_000_003E_01C1752C.FDB73E20 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit Hi, The patch enables htdbm utility to manage the groups. The group management enables that both passwords and groups exists in the same database or in different ones. for example: htdbm -cmbgt .htdbm username password group1,group2 "Some comment" will create the record with key=username and value=encryptedpassword:group1,group2:Some comment there is other addon switch that enables one to modify the record without the need to retype the password (switch u). htdbm -gtu .htdbm username group1,group3 "The user moved from group2" will preserve the old username password and the record will look like key=username and value=oldencryptedpassword:group1,group3:Some comment MT. ------=_NextPart_000_003E_01C1752C.FDB73E20 Content-Type: text/plain; name="htdbm.c.txt" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="htdbm.c.txt" Index: htdbm.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A= RCS file: /home/cvspublic/httpd-2.0/support/htdbm.c,v=0A= retrieving revision 1.3=0A= diff -u -r1.3 htdbm.c=0A= --- htdbm.c 2001/11/06 21:11:45 1.3=0A= +++ htdbm.c 2001/11/24 19:41:13=0A= @@ -103,12 +103,12 @@=0A= #endif /*APR_CHARSET_EBCDIC*/=0A= =0A= #define MAX_STRING_LEN 256=0A= -#define ALG_PLAIN 0=0A= -#define ALG_APMD5 1=0A= -#define ALG_APSHA 2=0A= +#define ALG_PLAIN 1=0A= +#define ALG_APMD5 2=0A= +#define ALG_APSHA 3=0A= =0A= #if APR_HAVE_CRYPT_H=0A= -#define ALG_CRYPT 3=0A= +#define ALG_CRYPT 4=0A= #endif=0A= =0A= =0A= @@ -133,6 +133,7 @@=0A= char *username;=0A= char *userpass;=0A= char *comment;=0A= + char *groups;=0A= int create;=0A= int rdonly;=0A= int alg;=0A= @@ -234,23 +235,45 @@=0A= static apr_status_t htdbm_save(htdbm_t *htdbm, int *changed) =0A= {=0A= apr_datum_t key, val;=0A= + char *record, *old =3D NULL;=0A= =0A= if (!htdbm->username)=0A= return APR_SUCCESS;=0A= =0A= key.dptr =3D htdbm->username;=0A= key.dsize =3D strlen(htdbm->username);=0A= - if (apr_dbm_exists(htdbm->dbm, key))=0A= + if (apr_dbm_exists(htdbm->dbm, key)) {=0A= + if (!htdbm->userpass) {=0A= + if (apr_dbm_fetch(htdbm->dbm, key, &val) !=3D APR_SUCCESS)=0A= + return APR_ENOENT;=0A= + old =3D apr_pstrndup(htdbm->pool, val.dptr, val.dsize);=0A= + record =3D strchr(old, ':');=0A= + if (record) {=0A= + *record =3D '\0';=0A= + htdbm->userpass =3D old;=0A= + }=0A= + }=0A= *changed =3D 1;=0A= -=0A= - val.dsize =3D strlen(htdbm->userpass);=0A= - if (!htdbm->comment)=0A= - val.dptr =3D htdbm->userpass;=0A= + }=0A= + if (!htdbm->userpass)=0A= + htdbm->userpass =3D "";=0A= + if (htdbm->groups) {=0A= + if (htdbm->comment)=0A= + record =3D apr_pstrcat(htdbm->pool, htdbm->userpass, ":",=0A= + htdbm->groups, ":", htdbm->comment, = NULL);=0A= + else=0A= + record =3D apr_pstrcat(htdbm->pool, htdbm->userpass, ":",=0A= + htdbm->groups, NULL);=0A= + }=0A= else {=0A= - val.dptr =3D apr_pstrcat(htdbm->pool, htdbm->userpass, ";",=0A= + if (htdbm->comment)=0A= + record =3D apr_pstrcat(htdbm->pool, htdbm->userpass, ";",=0A= htdbm->comment, NULL);=0A= - val.dsize +=3D (strlen(htdbm->comment) + 1);=0A= + else=0A= + record =3D htdbm->userpass;=0A= }=0A= + val.dptr =3D record;=0A= + val.dsize =3D strlen(record);=0A= return apr_dbm_store(htdbm->dbm, key, val);=0A= }=0A= =0A= @@ -280,6 +303,9 @@=0A= return APR_ENOENT;=0A= rec =3D apr_pstrndup(htdbm->pool, val.dptr, val.dsize);=0A= cmnt =3D strchr(rec, ';');=0A= + if (!cmnt)=0A= + cmnt =3D strchr(rec, ';');=0A= +=0A= if (cmnt)=0A= strncpy(pwd, rec, cmnt - rec);=0A= else=0A= @@ -291,7 +317,7 @@=0A= {=0A= apr_status_t rv;=0A= apr_datum_t key, val;=0A= - char *rec, *cmnt;=0A= + char *rec, *cmnt, *grp;=0A= char kb[MAX_STRING_LEN];=0A= int i =3D 0;=0A= =0A= @@ -303,7 +329,7 @@=0A= rec =3D apr_pcalloc(htdbm->pool, HUGE_STRING_LEN);=0A= =0A= fprintf(stderr, "Dumping records from database -- %s\n", = htdbm->filename); =0A= - fprintf(stderr, " %-32sComment\n", "Username"); =0A= + fprintf(stderr, " %-25s%-25sComment\n", "Username", "Group(s)"); = =0A= while (key.dptr !=3D NULL) {=0A= rv =3D apr_dbm_fetch(htdbm->dbm, key, &val);=0A= if (rv !=3D APR_SUCCESS) {=0A= @@ -312,10 +338,16 @@=0A= }=0A= strncpy(kb, key.dptr, key.dsize);=0A= kb[key.dsize] =3D '\0';=0A= - fprintf(stderr, " %-32s", kb);=0A= + fprintf(stderr, " %-25s", kb);=0A= strncpy(rec, val.dptr, val.dsize);=0A= rec[val.dsize] =3D '\0';=0A= - cmnt =3D strchr(rec, ';');=0A= + grp =3D strchr(rec, ':');=0A= + if (grp)=0A= + cmnt =3D strchr(grp+1, ':');=0A= + else=0A= + cmnt =3D strchr(rec, ';');=0A= + *cmnt =3D '\0';=0A= + fprintf(stderr, "%-25s", grp ? grp + 1 : " ");=0A= if (cmnt)=0A= fprintf(stderr, cmnt + 1);=0A= fprintf(stderr, "\n");=0A= @@ -345,6 +377,9 @@=0A= char cpw[MAX_STRING_LEN];=0A= char salt[9];=0A= =0A= + if (!htdbm->userpass)=0A= + return APR_SUCCESS;=0A= +=0A= switch (htdbm->alg) {=0A= case ALG_APSHA:=0A= /* XXX cpw >=3D 28 + strlen(sha1) chars - fixed len SHA */=0A= @@ -371,6 +406,7 @@=0A= fprintf(stderr, "CRYPT is now depriciated, use MD5 instead = !\n");=0A= #endif=0A= default:=0A= + cpw[0] =3D '\0';=0A= break;=0A= }=0A= htdbm->userpass =3D apr_pstrdup(htdbm->pool, cpw);=0A= @@ -395,8 +431,10 @@=0A= =0A= #if APR_HAVE_CRYPT_H=0A= #define CRYPT_OPTION "d"=0A= +#define IDENT_OPTION " "=0A= #else=0A= #define CRYPT_OPTION ""=0A= +#define IDENT_OPTION ""=0A= #endif=0A= fprintf(stderr, "htdbm -- program for manipulating DBM password = databases.\n\n");=0A= fprintf(stderr, "Usage: htdbm [-cm"CRYPT_OPTION"pstvx] database = username\n");=0A= @@ -406,9 +444,10 @@=0A= fprintf(stderr, " -v[m"CRYPT_OPTION"ps] database = username\n");=0A= fprintf(stderr, " -vb[m"CRYPT_OPTION"ps] database = username password\n");=0A= fprintf(stderr, " -x[m"CRYPT_OPTION"ps] database = username\n");=0A= - fprintf(stderr, " -l = database\n");=0A= + fprintf(stderr, " -g[u]"IDENT_OPTION" database = username group(s)\n");=0A= + fprintf(stderr, " -l"IDENT_OPTION" = database\n");=0A= fprintf(stderr, "Options:\n");=0A= - fprintf(stderr, " -b Use the password from the command line = rather"=0A= + fprintf(stderr, " -b Use the password from the command line = rather "=0A= "than prompting for it.\n");=0A= fprintf(stderr, " -c Create a new database.\n");=0A= fprintf(stderr, " -n Don't update database; display results on = stdout.\n");=0A= @@ -419,9 +458,11 @@=0A= fprintf(stderr, " -p Do not encrypt the password = (plaintext).\n");=0A= fprintf(stderr, " -s Force SHA encryption of the password.\n");=0A= fprintf(stderr, " -l Display usernames from database on = stdout.\n");=0A= - fprintf(stderr, " -t The last param is username comment.\n");=0A= + fprintf(stderr, " -t The last param is the record comment.\n");=0A= fprintf(stderr, " -v Verify the username/password.\n");=0A= fprintf(stderr, " -x Remove the username record from = database.\n");=0A= + fprintf(stderr, " -g Add the username to specified = group(s).\n");=0A= + fprintf(stderr, " -u Update the username record if exists.\n");=0A= exit(ERR_SYNTAX);=0A= =0A= }=0A= @@ -440,6 +481,7 @@=0A= int need_user =3D 1;=0A= int need_pwd =3D 1;=0A= int need_cmnt =3D 0;=0A= + int need_grp =3D 0;=0A= int pwd_supplied =3D 0;=0A= int changed;=0A= int cmd =3D HTDBM_MAKE;=0A= @@ -474,6 +516,9 @@=0A= need_pwd =3D 0;=0A= args_left++;=0A= break;=0A= + case 'u':=0A= + need_pwd =3D 0;=0A= + break;=0A= case 'c':=0A= h->create =3D 1;=0A= break;=0A= @@ -493,6 +538,10 @@=0A= need_cmnt =3D 1;=0A= args_left++;=0A= break;=0A= + case 'g':=0A= + need_grp =3D 1;=0A= + args_left++;=0A= + break;=0A= case 'v':=0A= h->rdonly =3D 1;=0A= cmd =3D HTDBM_VERIFY;=0A= @@ -539,13 +588,14 @@=0A= exit(ERR_FILEPERM);=0A= }=0A= }=0A= + ++i;=0A= if (need_user) {=0A= - h->username =3D apr_pstrdup(pool, argv[i+1]);=0A= + h->username =3D apr_pstrdup(pool, argv[i++]);=0A= if (htdbm_valid_username(h) !=3D APR_SUCCESS)=0A= exit(ERR_BADUSER);=0A= }=0A= if (pwd_supplied)=0A= - h->userpass =3D apr_pstrdup(pool, argv[i+2]);=0A= + h->userpass =3D apr_pstrdup(pool, argv[i++]);=0A= =0A= if (need_pwd) {=0A= l =3D sizeof(pwc);=0A= @@ -565,10 +615,12 @@=0A= =0A= h->userpass =3D apr_pstrdup(pool, pwi);=0A= }=0A= - if (need_cmnt && pwd_supplied)=0A= - h->comment =3D apr_pstrdup(pool, argv[i+3]);=0A= - else if (need_cmnt)=0A= - h->comment =3D apr_pstrdup(pool, argv[i+2]);=0A= +=0A= + if (need_grp)=0A= + h->groups =3D apr_pstrdup(pool, argv[i++]);=0A= + =0A= + if (need_cmnt)=0A= + h->comment =3D apr_pstrdup(pool, argv[i]);=0A= =0A= switch (cmd) {=0A= case HTDBM_VERIFY:=0A= ------=_NextPart_000_003E_01C1752C.FDB73E20--