Site Navigation

Date:      Tue, 10 Jul 2001 03:45:34 -0400 (EDT)
From:      Jim Weeks <jim@siteplus.net>
To:        Gregory Bond <gnb@itga.com.au>
Cc:        stable@FreeBSD.ORG
Subject:   Re: Generating encrypted passwords
Message-ID:  <Pine.BSF.4.21.0107100336560.1040-100000@veager.siteplus.net>
In-Reply-To: <200107100306.NAA21657@lightning.itga.com.au>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Here is one I wrote some time ago to allow clients to create a simple
.htpasswd file.  I feed it Username: $Form{'login'},
NewPass: $Form{'np'}, and VerifyPass: $Form{'vp'} from a web
form.

Maybe it will give you some ideas ;-)

--
Jim Weeks

#!/usr/bin/perl

if ($ENV{'REQUEST_METHOD'} eq   "GET") {
    $buffer = $ENV{'QUERY_STRING'};
}
elsif ($ENV{'REQUEST_METHOD'} eq  "POST") {
    read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'});
}
@cgiPairs = split(/&/,$buffer);

foreach $cgiPair (@cgiPairs){
    ($name,$value) = split(/=/,$cgiPair);
    $value =~ s/\+/ /g;
    $value =~ s/%(..)/pack("c",hex($1))/ge;
    $Form{$name} .= "\0" if (defined($Form{$name}));
    $Form{$name} .= "$value";
}
undef $name; undef $value;

print "Content-Type: text/html\n\n"; # Start HTML output.

unless ($Form{'login'}) {
print "No user name was entered";
exit;
}
unless ($Form{'np'} && $Form{'vp'}) {
print "Please enter your password in both boxes";
exit;
}
if ($Form{'np'} ne $Form{'vp'}) {
print "Passwords do not match";
exit;
        }
else {

@passset = ('a'..'z');
        for ($i = 0; $i < 2; $i++) {
                $randum_num = int(rand($#passset + 1));
                $salt .= @passset[$randum_num];
        }
$htpass = crypt($Form{'np'}, "$salt");

print "$Form{'login'}:";
print "$htpass\n";
}


On Tue, 10 Jul 2001, Gregory Bond wrote:

> I need to generate some encrypted passwords in a config file for an 
> application (i.e. not in /etc/master.passwd).
> 
> AFAICT there are no utilities in FreeBSD 4 that will do this. So I whipped up a
> 10-line perl script to build a random salt, get the password and call crypt().
> This is OK, but uglier and harder than it needs to be (as I had to fossick
> around a bit to find the right way to generate a salt.)
> 
> Is this something worth adding to (e.g.) pw(8)?  If so, I can whip up some 
> patches.....
> 
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107100336560.1040-100000>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact