1#! /bin/sh 2# 3# Copyright 2007. Petar Zhivkov Petrov 4# pesho.petrov@gmail.com 5# 6# $FreeBSD: releng/10.3/usr.bin/csup/cpasswd.sh 204556 2010-03-02 07:26:07Z lulf $ 7 8usage() { 9 echo "Usage: $0 clientName serverName" 10 echo " $0 -v" 11} 12 13countChars() { 14 _count="`echo "$1" | sed -e "s/[^$2]//g" | tr -d "\n" | wc -c`" 15 return 0 16} 17 18readPassword() { 19 while [ true ]; do 20 stty -echo 21 read -p "$1" _password 22 stty echo 23 echo "" 24 countChars "$_password" ":" 25 if [ $_count != 0 ]; then 26 echo "Sorry, password must not contain \":\" characters" 27 echo "" 28 else 29 break 30 fi 31 done 32 return 0 33} 34 35makeSecret() { 36 local clientLower="`echo "$1" | tr "[:upper:]" "[:lower:]"`" 37 local serverLower="`echo "$2" | tr "[:upper:]" "[:lower:]"`" 38 local secret="`md5 -qs "$clientLower:$serverLower:$3"`" 39 _secret="\$md5\$$secret" 40} 41 42if [ $# -eq 1 -a "X$1" = "X-v" ]; then 43 echo "Csup authentication key generator" 44 usage 45 exit 46elif [ $# -ne 2 ]; then 47 usage 48 exit 49fi 50 51clientName=$1 52serverName=$2 53 54# 55# Client name must contain exactly one '@' and at least one '.'. 56# It must not contain a ':'. 57# 58 59countChars "$clientName" "@" 60aCount=$_count 61 62countChars "$clientName" "." 63dotCount=$_count 64if [ $aCount -ne 1 -o $dotCount -eq 0 ]; then 65 echo "Client name must have the form of an e-mail address," 66 echo "e.g., \"user@domain.com\"" 67 exit 68fi 69 70countChars "$clientName" ":" 71colonCount=$_count 72if [ $colonCount -gt 0 ]; then 73 echo "Client name must not contain \":\" characters" 74 exit 75fi 76 77# 78# Server name must not contain '@' and must have at least one '.'. 79# It also must not contain a ':'. 80# 81 82countChars "$serverName" "@" 83aCount=$_count 84 85countChars "$serverName" "." 86dotCount=$_count 87if [ $aCount != 0 -o $dotCount = 0 ]; then 88 echo "Server name must be a fully-qualified domain name." 89 echo "e.g., \"host.domain.com\"" 90 exit 91fi 92 93countChars "$serverName" ":" 94colonCount=$_count 95if [ $colonCount -gt 0 ]; then 96 echo "Server name must not contain \":\" characters" 97 exit 98fi 99 100# 101# Ask for password and generate secret. 102# 103 104while [ true ]; do 105 readPassword "Enter password: " 106 makeSecret "$clientName" "$serverName" "$_password" 107 secret=$_secret 108 109 readPassword "Enter same password again: " 110 makeSecret "$clientName" "$serverName" "$_password" 111 secret2=$_secret 112 113 if [ "X$secret" = "X$secret2" ]; then 114 break 115 else 116 echo "Passwords did not match. Try again." 117 echo "" 118 fi 119done 120 121echo "" 122echo "Send this line to the server administrator at $serverName:" 123echo "-------------------------------------------------------------------------------" 124echo "$clientName:$secret::" 125echo "-------------------------------------------------------------------------------" 126echo "Be sure to send it using a secure channel!" 127echo "" 128echo "Add this line to your file \"$HOME/.csup/auth\", replacing \"XXX\"" 129echo "with the password you typed in:" 130echo "-------------------------------------------------------------------------------" 131echo "$serverName:$clientName:XXX:" 132echo "-------------------------------------------------------------------------------" 133echo "Make sure the file is readable and writable only by you!" 134echo "" 135 136