--- makepasswd-1.10.orig/makepasswd +++ makepasswd-1.10/makepasswd @@ -4,7 +4,7 @@ # Program information. # -$Program = 'mkpasswd'; +$Program = 'makepasswd'; $Version = '1.10'; $Author = 'Rob Levin '; $Date = "Monday, 7 April 1999 at 22:56 (UCT)"; @@ -19,6 +19,7 @@ use Getopt::Long; use FileHandle; use integer; +use bytes; # # Set default values for options ("" to indicate not-specified). @@ -28,6 +29,7 @@ $Clear = ""; $Count = ""; $Crypt = 0; +$CryptMd5 = 0; $CryptSalt = ""; $MaxChars = ""; $MinChars = ""; @@ -91,9 +93,11 @@ &GetOptions ( 'chars=i' => \$Chars, + 'clear=s' => \$OldClear, 'clearfrom=s' => \$Clear, 'count=i' => \$Count, 'crypt!' => \$Crypt, + 'crypt-md5!' => \$CryptMd5, 'cryptsalt=i' => \$CryptSalt, 'help' => \$ShowHelp, 'maxchars=i' => \$MaxChars, @@ -115,6 +119,17 @@ }; # +# If password generation option was specified with the old --clear, +# warn the user and exit +# +$OldClear ne "" and do +{ + print STDERR "$Program: Option --clear is no longer present \n". + "please use --clearfrom and supply a file for it.\n"; + $Error = 1; +}; + +# # If password generation option was specified with --clearfrom, flag it. # @@ -134,10 +149,10 @@ "--chars --minchars --maxchars --count --string.\n"; $Error = 1; }; - $Crypt or do + $Crypt or $CryptMd5 or do { print STDERR "$Program: Option --clearfrom may not be specified ". - "without option --crypt.\n"; + "without option --crypt or --crypt-md5.\n"; $Error = 1; }; open CLEARFROM, "$Clear" or do @@ -256,9 +271,9 @@ # If --crypt is not set or --cryptsalt is set, disallow this parameter. # - $Crypt or do + $Crypt or $CryptMd5 or do { - print STDERR "$Program: To use --repeatpass, --crypt must also be set.\n"; + print STDERR "$Program: To use --repeatpass, --crypt or --crypt-md5 must also be set.\n"; $Error = 1; }; $CryptSalt and do @@ -450,12 +465,14 @@ --chars=N Generate passwords with exactly N characters (do not use with options --minchars and --maxchars). --clearfrom=FILE Use a clear password from FILE instead of generating passwords. - Requires the --crypt option; may not be used with options - --chars, --maxchars, --minchars, --count, --string, - --nocrypt. Trailing newlines are ignored, other - whitespace is not. + Requires the --crypt or --crypt-md5 option; may not be + used with options --chars, --maxchars, --minchars, + --count, --string, --nocrypt. Trailing newlines are + ignored, other whitespace is not. --count=N Produce a total of N passwords (the default is one). --crypt Produce encrypted passwords. +--crypt-md5 Produce encrypted passwords using the MD5 digest (hash) + algorithm. --cryptsalt=N Use crypt() salt N, a positive number <= 4096. If random seeds are desired, specify a zero value (the default). --help Ignore other operands and produce only this help display. @@ -469,8 +486,8 @@ to use a single seed value (the default). Specify one to get true-random passwords, but plan on hitting the CONTROL key a lot while it's running. ;) ---repeatpass=N Use each password N times (4096 maximum, --crypt must be set - and --cryptsalt may not be set). +--repeatpass=N Use each password N times (4096 maximum, --crypt or + --crypt-md5 must be set and --cryptsalt may not be set). --string=STRING Use the characters in STRING to generate random passwords. --verbose Display labelling information on output. "; @@ -588,6 +605,82 @@ } # +# sub Md5Base64Char(A): Base-64-encode a character from an MD5 digest. +# + +sub Md5Base64Char +{ + my $map64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; + my $char = shift; + $char = 0 if $char < 0; + $char = 63 if $char > 63; + substr($map64, $char, 1); +} + +# +# sub MakeMd5Salt(A, B): Generate a crypt salt string from a number from 0 +# through 4095. +# + +sub MakeMd5Salt +{ + my $md5 = Digest::MD5->new(); + $md5->add(time); + $md5->add($$); + $md5->add($_[0]); + $md5->add($_[1]); + my $digest = $md5->digest; + $digest = substr($digest, 0, 8); + my $salt; + for my $char (map { ord($_) & 077 } split //, $digest) + { + $salt .= Md5Base64Char($char); + } + $salt; +} + +# +# sub CryptMd5Password(A, B): Encrypt the password provided using the +# MD5 digest algorithm; keep a running list of codes used as long as B is +# true. +# + +sub CryptMd5Password +{ + my $password = $_[0]; + eval "use Crypt::PasswdMD5"; + if ($@) + { + print STDERR "$Program: Could not load the Crypt::PasswdMD5 library, cannot use --crypt-md5\n". + "This may be due to an invalid or incomplete Perl installation\n."; + exit 1; + }; + + my $ThisSeed = $SeedValue; + if ($ThisSeed) + { + $ThisSeed--; + } + else + { + $_[1] or do + { + %UsedSeed = (); + }; + $ThisSeed = Random(0, 4095); + do + { + $ThisSeed = Random(0, 4095); + } + until not exists $UsedSeed{$ThisSeed}; + $UsedSeed{$ThisSeed} = $ThisSeed; + } + + my $salt = MakeMd5Salt($password, $ThisSeed); + unix_md5_crypt($password, $salt); +} + +# # sub ProcessPassword(A): Process the password provided. # @@ -600,6 +693,7 @@ $Password = MakePassword(); $Crypt and $PaddedPass = sprintf "%-$CharFormat"."s", $Password; + $CryptMd5 and $PaddedPass = sprintf "%-$CharFormat"."s", $Password; $Verbose and do { $PassLabel="Password="; @@ -616,6 +710,12 @@ print "$PassLabel"."$PaddedPass"."$CryptLabel"."$CryptedPass\n"; $Verbose and $PaddedPass = $EmptyPassword; } + elsif ($CryptMd5) + { + $CryptedPass = CryptMd5Password($Password); + print "$PassLabel"."$PaddedPass"."$CryptLabel"."$CryptedPass\n"; + $Verbose and $PaddedPass = $EmptyPassword; + } else { print "$PassLabel"."$Password\n"; --- makepasswd-1.10.orig/makepasswd.1 +++ makepasswd-1.10/makepasswd.1 @@ -1,4 +1,4 @@ -.\" Copyright (C) 1997 Johnie Ingram (johnie@debian.org). +.\" Copyright (C) 1997-1998 Johnie Ingram (johnie@debian.org). .\" .\" This is free documentation; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License as @@ -33,7 +33,7 @@ .I N ] [ -.B \--crypt | --nocrypt +.B \--crypt | --nocrypt | --crypt-md5 ] [ .B \--cryptsalt @@ -83,8 +83,8 @@ .TP .B --clearfrom FILE Use password from FILE instead of generating passwords. Requires -the --crypt -option; may not be used with these options: --chars, --maxchars, --minchars, +the --crypt or the --crypt-md5 +options; may not be used with these options: --chars, --maxchars, --minchars, --count, --string, --nocrypt. Trailing newlines are removed but other white space is not. .TP @@ -94,6 +94,9 @@ .B --crypt Produce encrypted passwords. .TP +.B --crypt-md5 +Produce encrypted passwords using the MD5 digest (hash) algorithm. +.TP .B --cryptsalt N Use crypt() salt N, a positive number <= 4096. If random seeds are desired, specify a zero value (the default). @@ -144,7 +147,7 @@ humans. .SH COPYRIGHT .LP -Copyright (c) 1997 by lilo . All rights are +Copyright (c) 1997-1998 by lilo . All rights are reserved by the author. This program may be used under the terms of version 2 of the GNU Public License. .SH "SEE ALSO" --- makepasswd-1.10.orig/debian/control +++ makepasswd-1.10/debian/control @@ -0,0 +1,14 @@ +Source: makepasswd +Section: admin +Priority: optional +Maintainer: Colin Watson +Build-Depends: debhelper (>= 3.0.18) +Standards-Version: 3.6.1 + +Package: makepasswd +Architecture: all +Depends: ${perl:Depends}, libcrypt-passwdmd5-perl +Description: Generate and encrypt passwords + Generates true random passwords by using the /dev/random feature of + Linux, with the emphasis on security over pronounceability. It can + also encrypt plaintext passwords given in a temporary file. --- makepasswd-1.10.orig/debian/rules +++ makepasswd-1.10/debian/rules @@ -0,0 +1,38 @@ +#!/usr/bin/make -f +# -*- makefile -*- made with the aid of debmake, by Christoph Lameter, +# based on the sample debian/rules file for GNU hello by Ian Jackson. + +SHELL = /bin/bash + +build: + +clean: + dh_testdir + rm -rf build $$(find . -name "*~") $$(find debian/* -type d) + rm -rf debian/files* core debian/*substvars* + dh_clean + +binary-indep: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + dh_installdocs README + dh_installchangelogs CHANGES + dh_installmanpages + install makepasswd debian/tmp/usr/bin/makepasswd + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_perl + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-arch: + +binary: binary-indep binary-arch + +.PHONY: build binary binary-arch binary-indep clean --- makepasswd-1.10.orig/debian/changelog +++ makepasswd-1.10/debian/changelog @@ -0,0 +1,98 @@ +makepasswd (1.10-2) unstable; urgency=low + + * New maintainer (closes: #192660). + * Acknowledge Javier's NMU; thanks! + * makepasswd: Fix --crypt-md5 passwords so that PAM actually accepts them, + using Crypt::PasswdMD5 (closes: #44788). --crypt-md5 can now be used + with --repeatpass. + * makepasswd: Document --crypt-md5 in --help output. + * debian/control (Description): Change "on the command line" (--clear) to + "in a temporary file" (--clearfrom). + * debian/control: Build-depend on debhelper (>= 3.0.18), per the Perl + policy. Move this from Build-Depends-Indep to Build-Depends since + Build-Depends-Indep doesn't have to be satisfied during clean. + * debian/rules: Modernize a bit. + * debian/control (Standards-Version): Bump to 3.6.1. + + -- Colin Watson Mon, 25 Aug 2003 05:05:43 +0100 + +makepasswd (1.10-1.1) unstable; urgency=low + + * Non-maintainer upload. + Since the rules have changed and this package has not + (since potato) I'm uploading to 0-delay. This upload will + not fix any RC bugs but at least will (almost) remove all + the bugs open for this package, and it didn't take me + much time to figure these out... + - Change program name so that the help text is displayed + properly (Closes: #147808) + - Now Build-Depends-Indep from debhelper (Closes: #190485) + (I'm not bumping up the Standards Version since this should + be revised by the maintainer) + - Using --clear now exits with error warning the user that + the option is no longer valid (Closes: #50885) + - Added 'use bytes' as suggested by reporter to be UTF-8 clean + (although I'm not sure if this bug applies any longer since + I cannot reproduce it, in any case, using that module + shouldn't, hopefully, break anything. (Closes: #168492) + - Generate MD5 passwords with the --crypt-md5 option (Closes: #44788) + + -- Javier Fernandez-Sanguino Pen~a Wed, 20 Aug 2003 02:40:37 +0200 + +makepasswd (1.10-1) unstable; urgency=low + + * New upstream version, now possible to pass the cleartext in a file, + closes: #31059. + * Corrected maintainer address (should be johnie@debian.org). + + -- Johnie Ingram Sat, 18 Sep 1999 03:23:37 -0500 + +makepasswd (1.07-3) unstable; urgency=low + + * Updated to Standards-Version: 3.0.1.0, closes: #41502. + + -- Johnie Ingram Mon, 30 Aug 1999 10:36:28 -0500 + +makepasswd (1.07-2.1) unstable; urgency=low + + * NMU for the perl upgrade. Closes: #41502 + * Changed the dependency: s/perl/perl5/ + * Upgraded standards-version to 2.5.1 + * Corrected the location of the GPL in the copyright file. + * Installed the man page instead of the undocumented link. + + -- Raphael Hertzog Wed, 21 Jul 1999 19:05:00 +0200 + +makepasswd (1.07-2) unstable; urgency=low + + * Correct debian/rules target (binary-indep) used. + * Switched from debmake to debhelper packaging technology. + * Updated to Standards-Version 2.5.0.0. + + -- Johnie Ingram Mon, 21 Dec 1998 15:55:46 -0500 + +makepasswd (1.07-1) unstable; urgency=low + + * New upstream version (which includes --string fix, cf. #15759) + * Added upstream changelog file and README. + * Now has pristine source archive. + + -- Johnie Ingram Mon, 9 Feb 1998 11:53:26 -0500 + +makepasswd (1.06-2) unstable; urgency=low, closes=15759 + + * Updated year and other details in copyright file. + * Patched makepasswd so --string support works (#15759). + * Updated to Standards-Version 2.4.0.0. + + -- Johnie Ingram Mon, 9 Feb 1998 10:59:50 -0500 + +makepasswd (1.06-1) unstable; urgency=low + + * Initial Release. + + -- Johnie Ingram Sun, 9 Nov 1997 04:30:59 -0500 + +Local variables: +mode: debian-changelog +End: --- makepasswd-1.10.orig/debian/dirs +++ makepasswd-1.10/debian/dirs @@ -0,0 +1,2 @@ +usr/bin + --- makepasswd-1.10.orig/debian/copyright +++ makepasswd-1.10/debian/copyright @@ -0,0 +1,37 @@ +This package was debianized by Johnie Ingram (johnie@debian.org) +on Sun Nov 9 04:38:12 EST 1997. + +It was obtained from the author via IRC at irc.linpeople.org, but can +also be downloaded from: + + ftp://ftp.linpeople.org/pub/People/lilo/source/makepasswd-1.07.tar.gz + + + +Copyright: + + Copyright (c) 1997-1998 by lilo . All rights are + reserved by the author. This program may be used under the terms of + version 2 of the GNU Public License. + +As has been my custom of late, this program is released under the terms of +GNU COPYING-2. Don't apply any other version of the GNU license to it. If +some legal precedent ends up biting us in the nose, write me and I'll tweak +the license accordingly. + +In that case, or in case you want to laud or castigate me for some imagined +slight, feel free to email me at lilo@linpeople.org. + + +lilo + + + + +Packaging for Debian is copyright (C) 1997-1999 Johnie Ingram, and +also released under the terms of the GPL -- version 2, or any later +version. + +On Debian GNU/Linux systems, the text of the GPL can be found in +/usr/share/common-licenses/GPL. +