Browse files

[OS-62] get started with root passwords in the live image.

  • Loading branch information...
1 parent 5ece7bd commit c41aec5f674739a9c2eaac45a9d57f338159f9ac @joshwilsdon joshwilsdon committed Jan 6, 2011
View
2 .gitignore
@@ -10,5 +10,7 @@
/tools/builder/builder
/tools/builder/*.o
/tools/builder/users.c
+/tools/cryptpass
+/tools/pwgen
/0-*-stamp
/manifest.new
View
9 Makefile
@@ -7,6 +7,7 @@ PATH=/opt/local/bin:/opt/local/sbin:/opt/local/gcc34/bin:/usr/xpg4/bin:/usr/bin:
world: 0-illumos-stamp 0-extra-stamp 0-livesrc-stamp 0-local-stamp 0-tools-stamp
live: world
+ mkdir -p ${ROOT}/log
(cd $(ROOT) && pfexec ./tools/build_live $(ROOT)/manifest $(ROOT)/output $(ROOT)/overlay $(ROOT)/proto $(ROOT)/projects/opensolaris-man /)
update:
@@ -30,12 +31,18 @@ update:
(cd $(ROOT)/src && gmake DESTDIR=$(PROTO) && gmake DESTDIR=$(PROTO) install)
touch 0-livesrc-stamp
-0-tools-stamp: tools/builder/builder
+0-tools-stamp: tools/builder/builder tools/pwgen tools/cryptpass
touch 0-tools-stamp
tools/builder/builder:
(cd $(ROOT)/tools/builder && gmake builder)
+tools/pwgen:
+ (cd ${ROOT}/tools/pwgen-* && ./configure && make && cp pwgen ${ROOT}/tools)
+
+tools/cryptpass: tools/cryptpass.c
+ (cd ${ROOT}/tools && gcc -Wall -W -O2 -o cryptpass cryptpass.c)
+
clean:
(cd $(ROOT)/src && gmake clean)
(cd $(ROOT)/projects/illumos-extra && gmake clean)
View
2 overlay/lib/svc/method/fs-joyent
@@ -67,7 +67,7 @@ if [[ -f "${USBMOUNTPOINT}/.joyliveusb" ]]; then
zpool list | grep zones
if [[ $? == 0 ]]; then
rm -rf ${COPYINPOINT}/*;
- cp -r ${USBMOUNTPOINT}/* ${COPYINPOINT}
+ cp -r $(ls -d ${USBMOUNTPOINT}/* | grep -v '/private$') ${COPYINPOINT}
return $?
fi
return 0;
View
26 tools/build_live
@@ -30,6 +30,7 @@ CUSTOMIZE_SCRIPT=${ROOT}/tools/customize
SMF_IMPORTER=${ROOT}/tools/smf_import
BUILDER=${ROOT}/tools/builder/builder
SCANNER=${ROOT}/tools/scanner
+PWGEN=${ROOT}/tools/pwgen
BUILDSTAMP=`TZ=UTC date "+%Y%m%dT%H%M%SZ"`; export BUILDSTAMP
LOGFILE="${ROOT}/log/build_live.${BUILDSTAMP}.log"
ERROR=0
@@ -127,7 +128,10 @@ function create_ufs
${CUSTOMIZE_SCRIPT} ${rdmnt}
${SMF_IMPORTER} ${rdmnt}
- echo "Writing md5sum manifest.."
+ echo "Setting root password..."
+ create_password "${rdmnt}"
+
+ echo "Writing md5sum manifest..."
(cd ${rdmnt} && find . -type f | sort | xargs md5sum) > ${rdmnt}/var/log/manifest
#INCLUDE_MD5SUM=1 ${SCANNER} ${rdmnt} . | tee ${rdmnt}/var/log/manifest >/dev/null
cp ${rdmnt}/var/log/manifest ${archive}.manifest
@@ -191,6 +195,26 @@ function create_archive
}
+function create_password
+{
+ rdmnt=$1
+
+ password="$(${PWGEN} -B -c -n 16 1)"
+ if [[ -z ${password} ]]; then
+ fatal_error "Unable to generate password."
+ fi
+
+ # actually write password into ${rdmnt}/etc/shadow
+ enc_password="$(${ROOT}/tools/cryptpass "${password}")"
+ if [[ -z ${enc_password} ]]; then
+ fatal_error "Unable to generate encrypted password."
+ fi
+ gsed -i -e "s|^root:[^\:]*:|root:${enc_password}:|" ${rdmnt}/etc/shadow
+
+ # write in plaintext to platform so we can find it later if we need it
+ echo "${password}" > ${OUT_DIR}/${PREFIX}/root.password
+}
+
function fatal_error
{
print -u2 $*
View
48 tools/cryptpass.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2010 Joyent Inc., All rights reserved.
+ *
+ * Summary:
+ *
+ * Takes plain-text password as cmdline arg and outputs a crypt() version.
+ *
+ */
+
+#include <crypt.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+void usage()
+{
+ printf("Usage: cryptpass <password>\n");
+ exit(1);
+}
+
+int main(int argc, char *argv[])
+{
+ char *salt, *enc;
+
+ if ((argc != 2) || (strlen(argv[1]) < 1)) {
+ usage();
+ }
+
+ errno=0;
+ salt=crypt_gensalt(NULL, NULL);
+ if (salt == NULL) {
+ printf("FATAL: crypt_gensalt() errno=%d\n", errno);
+ exit(1);
+ }
+
+ enc = crypt(argv[1], salt);
+ if (enc == NULL) {
+ printf("FATAL: crypt() errno=%d\n", errno);
+ free(salt);
+ exit(1);
+ }
+
+ printf("%s\n", enc);
+
+ free(salt);
+ exit(0);
+}
View
8 tools/pwgen-2.06/.cvsignore
@@ -0,0 +1,8 @@
+config.status
+pwgen
+configure
+config.log
+config.cache
+.depend
+build
+Makefile
View
7 tools/pwgen-2.06/.gitignore
@@ -0,0 +1,7 @@
+Makefile
+config.cache
+config.log
+config.status
+configure
+pwgen
+*.o
View
114 tools/pwgen-2.06/ChangeLog
@@ -0,0 +1,114 @@
+2006-01-15 Theodore Ts'o <tytso@mit.edu>
+
+ * Release of pwgen 2.05
+
+ * pwgen.1: Fix spelling mistakes in the man page (Addresses Debian
+ Bug: #323538)
+
+ * pwgen.c (main): Fix bug which would cause pwgen to loop forever
+ if the password length specified is 1.
+
+2005-06-15 Theodore Ts'o <tytso@mit.edu>
+
+ * pw_phonemes.c (pw_phonemes): Allow one or more capital letters
+ and one or more digits in the generated passwords.
+ (Addresses Debian Bug: #182595)
+
+2005-06-14 Theodore Ts'o <tytso@mit.edu>
+
+ * pwgen.1: Explain that human-memorable passwords are vulnerable
+ to off-line brute force attacks. (Addresses Debian Bug:
+ #276976)
+
+ * pwgen.c, pwgen.h, pw_rand.c, pwgen.1: Make -A and -0 aliases to
+ --no-capitalize and --no-numerals, and make those options
+ work when --secure is specified.
+
+ * pwgen.c, pwgen.h, pw_rand.c, pw_phonemes.c, pwgen.c: Add support
+ for the --symbols/-y option, which adds special characters
+ to the generated password. (Addresses Debian Bug: #154561)
+
+ * pwgen.c: Add -H, --sha1 option, to allow computing reproducible
+ passwords, given a known file, and a known seed.
+ (ie: pwgen -H ~/my_favourite.mp3#olivier@guerrier.com gives me
+ a list of possibles passwords for my pop3 account, and I can
+ ask this list again and again). Feature suggested and
+ implemented by Olivier Guerrier <olivier@guerrier.com>.
+
+2005-06-13 Theodore Ts'o <tytso@mit.edu>
+
+ * Fix obvious spelling typo in pwgen.1. (Addresses Debian Bug
+ #311461)
+
+2003-01-15 Theodore Ts'o <tytso@mit.edu>
+
+ * Release of pwgen 2.03
+
+ * randnum.c: Fix #ifdef to use HAVE_DRAND48 instead of just
+ RAND48. This caused random() to be called without first
+ initializing the right random number generator. This
+ apparently caused pwgen to core dump under AIX, which
+ seems surprising.
+
+ * pw_rand.c (pw_rand): Use a list of acceptable characters instead
+ of a list of unacceptable characters. This is slightly
+ faster, and the code is cleaner and easier to understand.
+
+ * randnum.c (get_random_fd): Use random() instead of rand() since
+ we initialize the random number generator using srandom() if
+ /dev/urandom and drand48() are not present.
+
+ * Makefile.in (pwgen): Use LDFLAGS when linking pwgen.
+
+ * pw_phonemes.c (pw_phonemes): Fix bug in how we call
+ pw_random_number() so that we generate passwords that
+ start with vowels, and insert numbers from 0-9, not just
+ 0-8. (Oops!) Addresses Debian bug #176688.
+
+2002-07-16 Theodore Ts'o <tytso@mit.edu>
+
+ * Makefile.in (install): Create the directory using $mandir, and
+ not $(prefix)/man.
+
+ * pw_phonemes.c: Add missing #include of string.h
+
+2002-07-15 Theodore Ts'o <tytso@mit.edu>
+
+ * Release of pwgen 2.02
+
+ * pwgen.c (main): If the number of characters is less than 5,
+ force the use of the fully random generator, since the
+ quality of phonetic generator is really bad if the lengths
+ are small --- and if the length is less than or equal to
+ 2, pwgen will loop forever. (Addresses Debian bug #117137)
+
+ * pw_rand.c: Add most punctuation characters to the "bad
+ characters list", so that the random passwords are much
+ more usable.
+
+ * pwgen.1: Fix e-mail address in man page. (Addresses Debian bug
+ #150579)
+
+ * Makefile.in (WALL_OPTS): Add gcc options to do lots of nit-picky
+ checking.
+
+ * pwgen.c, pw_phonemes.c, pw_rand.c, pwgen.c, pwgen.h, randnum.c:
+ Add const declarations and other code cleanups for
+ avoidining -Wall warnings.
+
+ * pwgen.c, pw_rand.c: #include the appropriate header files to
+ avoid -Wall warnings. (Addresses Debian bug #126774).
+
+ * pwgen.c (main): Fix floating point exception errors if the
+ password is longer than terminal width. Addresses Debian
+ bug #113571.
+
+ * pwgen.c (main): Return an exit value of 0 when pwgen on
+ success. (Addresses Debian bugs #118181 and #102063).
+
+2001-06-19 Theodore Tso <tytso@valinux.com>
+
+ * Release of pwgen 2.01
+
+ * pwgen.c (usage): Add help/usage message
+
View
131 tools/pwgen-2.06/Makefile.in
@@ -0,0 +1,131 @@
+PWGEN_VERSION=2.05
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+top_builddir = .
+my_dir = .
+prefix = @prefix@
+mandir = @mandir@
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+
+WALL_OPTS = -Wall -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes \
+ -Wshadow -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align \
+ -pedantic
+CC = @CC@
+DEFS = @DEFS@
+CFLAGS = @CFLAGS@ $(WALL_OPTS)
+CPPFLAGS = @CPPFLAGS@
+ALL_CFLAGS = $(CPPFLAGS) $(DEFS) $(USE_WFLAGS) $(CFLAGS) $(XTRA_CFLAGS)
+LDFLAGS = @LDFLAGS@
+RM = @RM@
+MV = @MV@
+SED = @SED@
+PERL = @PERL@
+TAR = tar
+
+all:: pwgen
+
+.c.o:
+ $(CC) -c $(ALL_CFLAGS) $< -o $@
+
+OBJS= pwgen.o pw_phonemes.o pw_rand.o randnum.o sha1.o sha1num.o
+
+SRCS= pwgen.c pw_phonemes.c pw_rand.c randnum.c sha1.c sha1num.c
+
+
+pwgen: $(OBJS)
+ $(CC) $(LDFLAGS) -o pwgen $(OBJS)
+
+install: pwgen pwgen.1
+ mkdir -p $(DESTDIR)$(prefix)/bin $(DESTDIR)$(mandir)/man1
+ $(INSTALL_PROGRAM) pwgen $(DESTDIR)$(prefix)/bin/pwgen
+ $(INSTALL_DATA) $(srcdir)/pwgen.1 $(DESTDIR)$(mandir)/man1/pwgen.1
+
+clean:
+ $(RM) -f $(OBJS) pwgen *~
+
+distclean: clean
+ $(RM) -rf config.status config.log config.cache Makefile \
+ $(srcdir)/Makefile.in.old $(srcdir)/.exclude-file \
+ $(srcdir)/autom4te.cache
+
+#
+# Build source tar ball...
+#
+
+SRCROOT = pwgen-$(PWGEN_VERSION)
+
+$(srcdir)/.exclude-file:
+ a=$(SRCROOT); \
+ (cd $(srcdir)/.. && find src \( -name \*~ -o -name \*.orig \
+ -o -name CVS -o -name \*.rej \
+ -o -name TAGS -o -name \*.old -o -name \*.gmo \
+ -o -name changed-files -o -name .#\* \) \
+ -print) | sed -e "s/src/$$a/" > $(srcdir)/.exclude-file
+ echo "$(SRCROOT)/build" >> $(srcdir)/.exclude-file
+ echo "$(SRCROOT)/rpm.log" >> $(srcdir)/.exclude-file
+ echo "$(SRCROOT)/TODO" >> $(srcdir)/.exclude-file
+ echo "$(SRCROOT)/.exclude-file" >> $(srcdir)/.exclude-file
+ >> $(srcdir)/.exclude-file
+
+source_tar_file: $(srcdir)/.exclude-file
+ cd $(srcdir)/.. && a=$(SRCROOT); rm -f $$a ; ln -sf src $$a ; \
+ $(TAR) -c -h -v -f - \
+ -X $$a/.exclude-file $$a | \
+ gzip -9 > pwgen-$(PWGEN_VERSION).tar.gz
+ rm -f $(srcdir)/.exclude-file
+#
+# Autoconf magic...
+#
+
+$(top_builddir)/config.status: $(top_srcdir)/configure
+ cd $(top_builddir); ./config.status --recheck
+
+Makefile: $(srcdir)/Makefile.in $(DEP_MAKEFILE) $(top_builddir)/config.status
+ cd $(top_builddir); CONFIG_FILES=$(my_dir)/Makefile ./config.status
+
+$(top_srcdir)/configure: $(top_srcdir)/configure.in
+ cd $(top_srcdir) && autoconf
+
+#
+# Make depend magic...
+#
+
+.depend: Makefile $(SRCS) $(top_srcdir)/depfix.sed $(top_srcdir)/wordwrap.pl
+ if test -n "$(SRCS)" ; then \
+ $(CC) -M $(ALL_CFLAGS) $(SRCS) | \
+ $(SED) -f $(top_srcdir)/depfix.sed \
+ -e 's; $(srcdir)/; $$(srcdir)/;g' \
+ -e 's; $(top_srcdir)/; $$(top_srcdir)/;g' \
+ -e 's; $(top_builddir)/; $$(top_builddir)/;g' \
+ -e 's; \./; ;g' \
+ -e '/^ *\\$$/d' | \
+ $(PERL) $(top_srcdir)/wordwrap.pl > .depend; \
+ else :; fi
+
+depend:: .depend
+ if test -n "$(SRCS)" ; then \
+ sed -e '/^# +++ Dependency line eater +++/,$$d' \
+ < $(srcdir)/Makefile.in | cat - .depend \
+ > $(srcdir)/Makefile.in.new; \
+ if cmp -s $(srcdir)/Makefile.in $(srcdir)/Makefile.in.new ; then \
+ $(RM) $(srcdir)/Makefile.in.new ; \
+ else \
+ $(MV) $(srcdir)/Makefile.in $(srcdir)/Makefile.in.old; \
+ $(MV) $(srcdir)/Makefile.in.new $(srcdir)/Makefile.in; \
+ fi ; else :; fi
+
+# +++ Dependency line eater +++
+#
+# Makefile dependencies follow. This must be the last section in
+# the Makefile.in file
+#
+pwgen.o: pwgen.c pwgen.h
+pw_phonemes.o: pw_phonemes.c pwgen.h
+pw_rand.o: pw_rand.c pwgen.h
+randnum.o: randnum.c pwgen.h
+sha1.o: sha1.c sha1.h
+sha1num.o: sha1num.c sha1.h pwgen.h
View
11 tools/pwgen-2.06/configure.in
@@ -0,0 +1,11 @@
+AC_INIT(pwgen.c)
+AC_PREREQ(2.12)
+AC_PROG_CC
+AC_PROG_INSTALL
+AC_PATH_PROG(MV, mv, mv)
+AC_PATH_PROG(RM, rm, rm)
+AC_PATH_PROG(SED, sed, sed)
+AC_PATH_PROG(PERL, perl, perl)
+AC_CHECK_FUNCS(drand48 getopt_long)
+AC_CHECK_HEADERS(getopt.h)
+AC_OUTPUT(Makefile)
View
251 tools/pwgen-2.06/debian/changelog
@@ -0,0 +1,251 @@
+pwgen (2.06-1) unstable; urgency=low
+
+ * New upstream version
+ * Fix pwgen -Bs so that this option combination works correctly
+ (Closes: #368010)
+ * Fix the pwgen -Bc option combination (Closes: #355153)
+ * Fix typo in pwgen man page (Closes: #376147)
+ * Make the -s option imply the -nc options (Closes: #427969)
+ * Add -v option to generate passwords without vowels (Closes: #387461)
+
+ -- Theodore Y. Ts'o <tytso@mit.edu> Wed, 4 Jul 2007 19:19:26 -0400
+
+pwgen (2.05-1) unstable; urgency=low
+
+ * Add a udeb for debian-installer. Thanks to Martin Michlmayr for the
+ patch. (Closes: #271115)
+ * Fix bug which would cause pwgen to loop forever if the password length
+ is 1.
+ * Fix spelling errors in the man page. (Closes: #323538)
+
+ -- Theodore Y. Ts'o <tytso@mit.edu> Sun, 15 Jan 2006 23:16:59 -0500
+
+pwgen (2.04-1) unstable; urgency=low
+
+ * New upstream version.
+ * Adopt maintainership of pwgen. (Closes: #282076)
+ * Fix minor bug in man page. (Closes: #311461)
+ * Convert from debmake to debhelper
+ * Add the --sha1 option so that pwgen uses the SHA1 hash to generate
+ (not so) random passwords.
+ * Add --symbols option which adds special symbols to the password.
+ (Closes: #154561)
+ * Add short options for --no-capitalize and --no-numerals and make those
+ options work when --secure is specified.
+ * Add --ambiguous option which avoids characters that can be confused by
+ the user. (Closes: #51307)
+ * Fix bug where --no-capitalized and --no-numerals were ignored for short
+ passwords. (Closes: #276307)
+ * In the pwgen man page, explain that human-memorable passwords are
+ subject to off-line brute force attacks. (Closes: #276976)
+ * Allow one or more capital letters and digits in human-friendly
+ passwords (Closes: #182595)
+
+ -- Theodore Y. Ts'o <tytso@mit.edu> Wed, 15 Jun 2005 00:39:10 -0400
+
+pwgen (2.03-1) unstable; urgency=high
+
+ * New upstream release (Thanks Ted for the quick release! :-)
+ (Closes: #170312, #176688).
+ * Bugs fixed in previous release
+ (Closes: #166959, #167485)
+
+ -- Vincent Renardias <vincent@debian.org> Thu, 16 Jan 2003 11:07:14 +0100
+
+pwgen (2.02-2) unstable; urgency=low
+
+ * Apply small fix from Matthew J Backes (Closes: #176082).
+
+ -- Vincent Renardias <vincent@debian.org> Mon, 13 Jan 2003 16:09:17 +0100
+
+pwgen (2.02-1) unstable; urgency=low
+
+ * new upstream release; fixes the following bugs (Thanks Ted!):
+ - If the number of characters is less than 5, force the use
+ of the fully random generator, since the quality of phonetic
+ generator is really bad if the lengths are small --- and if
+ the length is less than or equal to 2, pwgen will loop
+ forever (Closes: #117137).
+ - Fix e-mail address in man page (Closes: #150579).
+ - #include the appropriate header files to avoid -Wall warnings
+ (Closes: #126774).
+ - Fix floating point exception errors if the password is longer
+ than terminal width (Closes: #113571).
+ - Return an exit value of 0 when pwgen on success
+ (Closes: #118181, #102063).
+
+ -- Vincent Renardias <vincent@debian.org> Tue, 16 Jul 2002 11:32:40 +0200
+
+pwgen (2.01-3) unstable; urgency=low
+
+ * Package is not native anymore (Closes: #44169).
+ * pwgen now accept to generate passwords longer than 16 chars
+ (Closes: #54957).
+ * pwgen now really honors the password length (Closes: #70580).
+ * The /usr/doc symlink is created (Closes: #102452).
+
+ -- Vincent Renardias <vincent@debian.org> Thu, 6 Dec 2001 17:38:58 +0100
+
+pwgen (2.01-2) unstable; urgency=low
+
+ * Fix copyright file (Closes: #104207).
+ The very purpose of having the /usr/share/licences directory is
+ precisely to avoid to duplicate the GPL text in every package.
+ This is explicitely allowed by the Debian policy unless it changed recently.
+
+ -- Vincent Renardias <vincent@debian.org> Tue, 10 Jul 2001 20:46:25 +0200
+
+pwgen (2.01-1) unstable; urgency=low
+
+ * Now using new GPL'd code from Ted T'so.
+
+ -- Vincent Renardias <vincent@debian.org> Thu, 21 Jun 2001 11:57:22 +0200
+
+pwgen (1-17) unstable; urgency=low
+
+ * Brandon has put is code under the BSD licence.
+ Closes: #39130.
+ * Remove extra junk files in source archive (yo, *~).
+ * Ack NMU fixed bugs (Closes: 80763, #89985).
+ * Really add /usr/doc/pwgen (NOT sntop!) link (Closes: #90335).
+
+ -- Vincent Renardias <vincent@debian.org> Wed, 13 Jun 2001 11:34:10 +0200
+
+pwgen (1-16) unstable; urgency=low
+
+ * Fixed debian/rules
+ manpages moved from /usr/man to /usr/share/man closes: #80763
+ docs in /usr/doc moved to /usr/share/doc closes: #89985
+ * lintian clean
+
+ -- Fredrik Steen <stone@debian.org> Sat, 17 Mar 2001 13:23:11 +0100
+
+pwgen (1-15) unstable; urgency=low
+
+ * Fix debian/rules;
+ closes: #54001: can not build from source.
+
+ -- Vincent Renardias <vincent@debian.org> Tue, 4 Jan 2000 14:53:58 +0100
+
+pwgen (1-14) unstable; urgency=low
+
+ * Fix bug #38630.
+
+ -- Vincent Renardias <vincent@waw.com> Wed, 2 Jun 1999 14:55:04 +0200
+
+pwgen (1-13) unstable; urgency=low
+
+ * install pwgen in mode 755, not 555.
+
+ -- Vincent Renardias <vincent@waw.com> Mon, 25 Jan 1999 05:51:20 +0100
+
+pwgen (1-12) unstable; urgency=low
+
+ * Plenty of good stuff contributed by Jim Lynch <jim@laney.edu>:
+ * added -h and --help to the list of supported options.
+ == pwgen (1-11.4) unstable; urgency=low
+ * Cleaned up options parser. Now:
+ - all options exclude repetition of themselves
+ - -acn excludes -s
+ - -s excludes -acn
+ - -h in a future release.
+ Note: this finshes fixes of Bug#25525.
+ == pwgen (1-11.3) unstable; urgency=low
+ * Made the function header for pwgen() be ANSI-compatible
+ * Note: I just discovered that 1-11.1 fixes Bug#25525, and
+ the parser will be fixed in .4, when I tighten up the parser.
+ == pwgen (1-11.2) unstable; urgency=low
+ * Modified manpage to combine the descriptions for short options with
+ their equivalent long options.
+ == pwgen (1-11.1) unstable; urgency=low
+ * Added command-line arg handling (-a, -c, -n, -s) which implement
+ the old preprocessor definitions ALTPHON, CAPITALIZE, NUMERALS and
+ an unhooked secure password generator, respectively. Define ALLBYOPTS
+ in the preprocessor to activate. When defined, ALTPHON, CAPITALIZE and
+ NUMERALS have no effect. When not defined, is practically identical to
+ version 1-11. The default for 1-11.1 will have ALLBYOPTS defined. Now,
+ one copy of the pwgen binary will suffice when 16 would have been needed
+ before to provide the same functionality. Also, the long options
+ --alt-phonics, --capitalize, --numerals and --secure are identical
+ aliases to -a, -c, -n and -s, respectively.
+ * updated man page pwgen.1 to reflect all new functionality.
+ * updated Makefile so it defines ALLBYOPTS and no longer defines ALTPHON,
+ CAPITALIZE and NUMERALS when compiling pwgen (and spwgen; this
+ has no effect, the secure option in pwgen is identical to the
+ implementation in spwgen. So, I have arranged for the Makefile to
+ not build or install spwgen.)
+
+ -- Vincent Renardias <vincent@waw.com> Fri, 24 Apr 1998 19:37:50 +0200
+
+pwgen (1-11) unstable; urgency=low
+
+ * Corrected usage string (Bug #21612).
+
+ -- Vincent Renardias <vincent@waw.com> Fri, 24 Apr 1998 19:37:50 +0200
+
+pwgen (1-10) unstable; urgency=low
+
+ * Corrected typo. in manpage (Bug #15027).
+
+ -- Vincent Renardias <vincent@waw.com> Thu, 18 Dec 1997 05:08:06 +0100
+
+pwgen (1-9) unstable; urgency=low
+
+ * Added a 'spwgen' command to get more 'secure' passwords.
+ Fixes bug #13162.
+
+ -- Vincent Renardias <vincent@waw.com> Mon, 10 Nov 1997 06:14:12 +0100
+
+pwgen (1-8) unstable; urgency=low
+
+ * Documented bug #10192 so that it becomes a feature. _(;
+
+ -- Vincent Renardias <vincent@waw.com> Wed, 28 May 1997 21:06:38 +0200
+
+pwgen (1-7) unstable; urgency=low
+
+ * Rebuilt with libc6.
+
+ -- Vincent Renardias <vincent@waw.com> Thu, 1 May 1997 21:45:05 +0200
+
+pwgen (1-6) unstable; urgency=low
+
+ * Changed architecture from control file (i386 => any).
+
+ -- Vincent Renardias <vincent@waw.com> Sat, 19 Apr 1997 10:42:34 +0200
+
+pwgen (1-5) unstable; urgency=low
+
+ * Modified usage info (Fixes bug #8227).
+
+ -- Vincent Renardias <vincent@waw.com> Mon, 24 Mar 1997 23:33:11 +0100
+
+pwgen (1-4) unstable; urgency=low
+
+ * Modified RNG initialisation (Fixes Bug #6508).
+
+ -- Vincent Renardias <vincent@waw.com> Sat, 11 Jan 1997 22:58:24 +0100
+
+pwgen (1-3) unstable; urgency=low
+
+ * Maintainer changed
+ * Tuned Makefile
+
+ -- Vincent Renardias <vincent@waw.com> Sat, 19 Oct 1996 04:32:26 +0200
+
+pwgen (1-2) unstable; urgency=low
+
+ * Binary not stripped
+ * More documentation regarding the origin of the package
+
+ -- Christoph Lameter <clameter@debian.org> Thu, 26 Sep 1996 14:51:46 +0800
+
+pwgen (1-1) unstable; urgency=low
+
+ * Initial Release
+
+ -- Christoph Lameter <clameter@debian.org> Fri, 20 Sep 1996 14:51:46 +0800
+
+Local variables:
+mode: debian-changelog
+End:
View
1 tools/pwgen-2.06/debian/compat
@@ -0,0 +1 @@
+4
View
31 tools/pwgen-2.06/debian/control
@@ -0,0 +1,31 @@
+Source: pwgen
+Section: admin
+Priority: optional
+Build-Depends: debhelper (>= 4)
+Maintainer: Theodore Y. Ts'o <tytso@mit.edu>
+Standards-Version: 3.7.2.2
+
+Package: pwgen
+Architecture: any
+Depends: ${shlibs:Depends}
+Description: Automatic Password generation
+ pwgen generates random, meaningless but pronounceable passwords.
+ These passwords contain either only lowercase letters, or upper
+ and lower case mixed, or digits thrown in.
+ Uppercase letters and digits are placed in a way that eases
+ remembering their position when memorizing only the word.
+
+Package: pwgen-udeb
+Architecture: any
+Depends: ${shlibs:Depends}
+Section: debian-installer
+XC-Package-Type: udeb
+Description: Automatic Password generation
+ pwgen generates random, meaningless but pronounceable passwords.
+ These passwords contain either only lowercase letters, or upper
+ and lower case mixed, or digits thrown in.
+ Uppercase letters and digits are placed in a way that eases
+ remembering their position when memorizing only the word.
+ .
+ pwgen-udeb is a minimal package used by debian-installer.
+
View
31 tools/pwgen-2.06/debian/control~
@@ -0,0 +1,31 @@
+Source: pwgen
+Section: admin
+Priority: optional
+Build-Depends: debhelper (>= 4)
+Maintainer: Theodore Y. Ts'o <tytso@mit.edu>
+Standards-Version: 3.6.1.1
+
+Package: pwgen
+Architecture: any
+Depends: ${shlibs:Depends}
+Description: Automatic Password generation
+ pwgen generates random, meaningless but pronounceable passwords.
+ These passwords contain either only lowercase letters, or upper
+ and lower case mixed, or digits thrown in.
+ Uppercase letters and digits are placed in a way that eases
+ remembering their position when memorizing only the word.
+
+Package: pwgen-udeb
+Architecture: any
+Depends: ${shlibs:Depends}
+Section: debian-installer
+XC-Package-Type: udeb
+Description: Automatic Password generation
+ pwgen generates random, meaningless but pronounceable passwords.
+ These passwords contain either only lowercase letters, or upper
+ and lower case mixed, or digits thrown in.
+ Uppercase letters and digits are placed in a way that eases
+ remembering their position when memorizing only the word.
+ .
+ pwgen-udeb is a minimal package used by debian-installer.
+
View
10 tools/pwgen-2.06/debian/copyright
@@ -0,0 +1,10 @@
+This package was debianized by Vincent Renardias <vincent@debian.org> on
+Tue, 19 Jun 2001 10:59:51 +0200.
+
+It was downloaded from http://sourceforge.net/projects/pwgen/
+
+Copyright:
+
+GPL v2
+A version of it is available in the file /usr/share/common-licenses/GPL
+
View
2 tools/pwgen-2.06/debian/dirs
@@ -0,0 +1,2 @@
+usr/bin
+usr/sbin
View
1 tools/pwgen-2.06/debian/pwgen-udeb.dirs
@@ -0,0 +1 @@
+usr/bin
View
70 tools/pwgen-2.06/debian/rules
@@ -0,0 +1,70 @@
+#!/usr/bin/make -f
+# Made with the aid of debmake, by Christoph Lameter,
+# based on the sample debian/rules file for GNU hello by Ian Jackson.
+
+package=pwgen
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+ ./configure --prefix=/usr --mandir=/usr/share/man
+ $(MAKE) CFLAGS="-O2 -g -Wall"
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ if test -f Makefile ; then $(MAKE) distclean ; fi
+ -rm -f `find . -name "*~"` pwgen *.o
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ $(MAKE) install DESTDIR=`pwd`/debian/pwgen
+ dh_install -ppwgen-udeb pwgen /usr/bin
+
+binary-indep: build install
+ dh_testdir
+ dh_testroot
+# There are no architecture-independent files to be uploaded
+# generated by this package. If there were any they would be
+# made here.
+
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+# dh_installdebconf
+ dh_installdocs
+ dh_installexamples
+ dh_installmenu
+# dh_installemacsen
+# dh_installpam
+# dh_installinit
+# dh_installcron
+ dh_installman
+# dh_installinfo
+# dh_undocumented
+ dh_installchangelogs ChangeLog
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+ # You may want to make some executables suid here.
+# dh_makeshlibs
+ dh_installdeb
+# dh_perl
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+
+.PHONY: binary binary-arch binary-indep clean
View
70 tools/pwgen-2.06/debian/rules~
@@ -0,0 +1,70 @@
+#!/usr/bin/make -f
+# Made with the aid of debmake, by Christoph Lameter,
+# based on the sample debian/rules file for GNU hello by Ian Jackson.
+
+package=pwgen
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+ ./configure --prefix=/usr --mandir=/usr/share/man
+ $(MAKE) CFLAGS="-O2 -g -Wall"
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ $(MAKE) distclean
+ -rm -f `find . -name "*~"` pwgen *.o
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ $(MAKE) install DESTDIR=`pwd`/debian/pwgen
+ dh_install -ppwgen-udeb pwgen /usr/bin
+
+binary-indep: build install
+ dh_testdir
+ dh_testroot
+# There are no architecture-independent files to be uploaded
+# generated by this package. If there were any they would be
+# made here.
+
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+# dh_installdebconf
+ dh_installdocs
+ dh_installexamples
+ dh_installmenu
+# dh_installemacsen
+# dh_installpam
+# dh_installinit
+# dh_installcron
+ dh_installman
+# dh_installinfo
+# dh_undocumented
+ dh_installchangelogs ChangeLog
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+ # You may want to make some executables suid here.
+# dh_makeshlibs
+ dh_installdeb
+# dh_perl
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+
+.PHONY: binary binary-arch binary-indep clean
View
33 tools/pwgen-2.06/depfix.sed
@@ -0,0 +1,33 @@
+#
+# Insert the header.....
+#
+1i\
+# +++ Dependency line eater +++\
+# \
+# Makefile dependencies follow. This must be the last section in\
+# the Makefile.in file\
+#
+
+#
+# Remove line continuations....
+#
+:FIRST
+y/ / /
+s/^ *//
+/\\$/{
+N
+y/ / /
+s/\\\n */ /
+bFIRST
+}
+s/ */ /g
+
+s;/usr/include/[^ ]* *;;g
+s;/usr/lib/[^ ]* *;;g
+s;/mit/cygnus[^ ]* *;;g
+
+#
+# Now insert a trailing newline...
+#
+$a\
+
View
238 tools/pwgen-2.06/install-sh
@@ -0,0 +1,238 @@
+#! /bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+tranformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -d) dir_arg=true
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ -t=*) transformarg=`echo $1 | sed 's/-t=//'`
+ shift
+ continue;;
+
+ -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ # this colon is to work around a 386BSD /bin/sh bug
+ :
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+else
+ true
+fi
+
+if [ x"$dir_arg" != x ]; then
+ dst=$src
+ src=""
+
+ if [ -d $dst ]; then
+ instcmd=:
+ else
+ instcmd=mkdir
+ fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad
+# if $src (and thus $dsttmp) contains '*'.
+
+ if [ -f $src -o -d $src ]
+ then
+ true
+ else
+ echo "install: $src does not exist"
+ exit 1
+ fi
+
+ if [ x"$dst" = x ]
+ then
+ echo "install: no destination specified"
+ exit 1
+ else
+ true
+ fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+ if [ -d $dst ]
+ then
+ dst="$dst"/`basename $src`
+ else
+ true
+ fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+# this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+ pathcomp="${pathcomp}${1}"
+ shift
+
+ if [ ! -d "${pathcomp}" ] ;
+ then
+ $mkdirprog "${pathcomp}"
+ else
+ true
+ fi
+
+ pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+ $doit $instcmd $dst &&
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+ if [ x"$transformarg" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ dstfile=`basename $dst $transformbasename |
+ sed $transformarg`$transformbasename
+ fi
+
+# don't allow the sed command to completely eliminate the filename
+
+ if [ x"$dstfile" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ true
+ fi
+
+# Make a temp file name in the proper directory.
+
+ dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+ $doit $instcmd $src $dsttmp &&
+
+ trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing. If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+ $doit $rmcmd -f $dstdir/$dstfile &&
+ $doit $mvcmd $dsttmp $dstdir/$dstfile
+
+fi &&
+
+
+exit 0
View
175 tools/pwgen-2.06/pw_phonemes.c
@@ -0,0 +1,175 @@
+/*
+ * pw_phonemes.c --- generate secure passwords using phoneme rules
+ *
+ * Copyright (C) 2001,2002 by Theodore Ts'o
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+#include <ctype.h>
+#include <string.h>
+#include "pwgen.h"
+
+struct pw_element elements[] = {
+ { "a", VOWEL },
+ { "ae", VOWEL | DIPTHONG },
+ { "ah", VOWEL | DIPTHONG },
+ { "ai", VOWEL | DIPTHONG },
+ { "b", CONSONANT },
+ { "c", CONSONANT },
+ { "ch", CONSONANT | DIPTHONG },
+ { "d", CONSONANT },
+ { "e", VOWEL },
+ { "ee", VOWEL | DIPTHONG },
+ { "ei", VOWEL | DIPTHONG },
+ { "f", CONSONANT },
+ { "g", CONSONANT },
+ { "gh", CONSONANT | DIPTHONG | NOT_FIRST },
+ { "h", CONSONANT },
+ { "i", VOWEL },
+ { "ie", VOWEL | DIPTHONG },
+ { "j", CONSONANT },
+ { "k", CONSONANT },
+ { "l", CONSONANT },
+ { "m", CONSONANT },
+ { "n", CONSONANT },
+ { "ng", CONSONANT | DIPTHONG | NOT_FIRST },
+ { "o", VOWEL },
+ { "oh", VOWEL | DIPTHONG },
+ { "oo", VOWEL | DIPTHONG},
+ { "p", CONSONANT },
+ { "ph", CONSONANT | DIPTHONG },
+ { "qu", CONSONANT | DIPTHONG},
+ { "r", CONSONANT },
+ { "s", CONSONANT },
+ { "sh", CONSONANT | DIPTHONG},
+ { "t", CONSONANT },
+ { "th", CONSONANT | DIPTHONG},
+ { "u", VOWEL },
+ { "v", CONSONANT },
+ { "w", CONSONANT },
+ { "x", CONSONANT },
+ { "y", CONSONANT },
+ { "z", CONSONANT }
+};
+
+#define NUM_ELEMENTS (sizeof(elements) / sizeof (struct pw_element))
+
+void pw_phonemes(char *buf, int size, int pw_flags)
+{
+ int c, i, len, flags, feature_flags;
+ int prev, should_be, first;
+ const char *str;
+ char ch, *cp;
+
+try_again:
+ feature_flags = pw_flags;
+ c = 0;
+ prev = 0;
+ should_be = 0;
+ first = 1;
+
+ should_be = pw_number(2) ? VOWEL : CONSONANT;
+
+ while (c < size) {
+ i = pw_number(NUM_ELEMENTS);
+ str = elements[i].str;
+ len = strlen(str);
+ flags = elements[i].flags;
+ /* Filter on the basic type of the next element */
+ if ((flags & should_be) == 0)
+ continue;
+ /* Handle the NOT_FIRST flag */
+ if (first && (flags & NOT_FIRST))
+ continue;
+ /* Don't allow VOWEL followed a Vowel/Dipthong pair */
+ if ((prev & VOWEL) && (flags & VOWEL) &&
+ (flags & DIPTHONG))
+ continue;
+ /* Don't allow us to overflow the buffer */
+ if (len > size-c)
+ continue;
+
+ /* Handle the AMBIGUOUS flag */
+ if (pw_flags & PW_AMBIGUOUS) {
+ cp = strpbrk(str, pw_ambiguous);
+ if (cp)
+ continue;
+ }
+
+ /*
+ * OK, we found an element which matches our criteria,
+ * let's do it!
+ */
+ strcpy(buf+c, str);
+
+ /* Handle PW_UPPERS */
+ if (pw_flags & PW_UPPERS) {
+ if ((first || flags & CONSONANT) &&
+ (pw_number(10) < 2)) {
+ buf[c] = toupper(buf[c]);
+ feature_flags &= ~PW_UPPERS;
+ }
+ }
+
+ c += len;
+
+ /* Time to stop? */
+ if (c >= size)
+ break;
+
+ /*
+ * Handle PW_DIGITS
+ */
+ if (pw_flags & PW_DIGITS) {
+ if (!first && (pw_number(10) < 3)) {
+ do {
+ ch = pw_number(10)+'0';
+ } while ((pw_flags & PW_AMBIGUOUS)
+ && strchr(pw_ambiguous, ch));
+ buf[c++] = ch;
+ buf[c] = 0;
+ feature_flags &= ~PW_DIGITS;
+
+ first = 1;
+ prev = 0;
+ should_be = pw_number(2) ?
+ VOWEL : CONSONANT;
+ continue;
+ }
+ }
+
+ /* Handle PW_SYMBOLS */
+ if (pw_flags & PW_SYMBOLS) {
+ if (!first && (pw_number(10) < 2)) {
+ do {
+ ch = pw_symbols[
+ pw_number(strlen(pw_symbols))];
+ } while ((pw_flags & PW_AMBIGUOUS)
+ && strchr(pw_ambiguous, ch));
+ buf[c++] = ch;
+ buf[c] = 0;
+ feature_flags &= ~PW_SYMBOLS;
+ }
+ }
+
+ /*
+ * OK, figure out what the next element should be
+ */
+ if (should_be == CONSONANT) {
+ should_be = VOWEL;
+ } else { /* should_be == VOWEL */
+ if ((prev & VOWEL) ||
+ (flags & DIPTHONG) ||
+ (pw_number(10) > 3))
+ should_be = CONSONANT;
+ else
+ should_be = VOWEL;
+ }
+ prev = flags;
+ first = 0;
+ }
+ if (feature_flags & (PW_UPPERS | PW_DIGITS | PW_SYMBOLS))
+ goto try_again;
+}
View
81 tools/pwgen-2.06/pw_rand.c
@@ -0,0 +1,81 @@
+/*
+ * pw_rand.c --- generate completely random (and hard to remember)
+ * passwords
+ *
+ * Copyright (C) 2001,2002 by Theodore Ts'o
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "pwgen.h"
+
+const char *pw_digits = "0123456789";
+const char *pw_uppers = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+const char *pw_lowers = "abcdefghijklmnopqrstuvwxyz";
+const char *pw_symbols = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
+const char *pw_ambiguous = "B8G6I1l0OQDS5Z2";
+const char *pw_vowels = "01aeiouyAEIOUY";
+
+void pw_rand(char *buf, int size, int pw_flags)
+{
+ char ch, *chars, *wchars;
+ int i, len, feature_flags;
+
+ len = 0;
+ if (pw_flags & PW_DIGITS) {
+ len += strlen(pw_digits);
+ }
+ if (pw_flags & PW_UPPERS) {
+ len += strlen(pw_uppers);
+ }
+ len += strlen(pw_lowers);
+ if (pw_flags & PW_SYMBOLS) {
+ len += strlen(pw_symbols);
+ }
+ chars = malloc(len+1);
+ if (!chars) {
+ fprintf(stderr, "Couldn't malloc pw_rand buffer.\n");
+ exit(1);
+ }
+ wchars = chars;
+ if (pw_flags & PW_DIGITS) {
+ strcpy(wchars, pw_digits);
+ wchars += strlen(pw_digits);
+ }
+ if (pw_flags & PW_UPPERS) {
+ strcpy(wchars, pw_uppers);
+ wchars += strlen(pw_uppers);
+ }
+ strcpy(wchars, pw_lowers);
+ wchars += strlen(pw_lowers);
+ if (pw_flags & PW_SYMBOLS) {
+ strcpy(wchars, pw_symbols);
+ }
+try_again:
+ len = strlen(chars);
+ feature_flags = pw_flags;
+ i = 0;
+ while (i < size) {
+ ch = chars[pw_number(len)];
+ if ((pw_flags & PW_AMBIGUOUS) && strchr(pw_ambiguous,ch))
+ continue;
+ if ((pw_flags & PW_NO_VOWELS) && strchr(pw_vowels, ch))
+ continue;
+ buf[i++] = ch;
+ if (strchr(pw_digits, ch))
+ feature_flags &= ~PW_DIGITS;
+ if (strchr(pw_uppers, ch))
+ feature_flags &= ~PW_UPPERS;
+ if (strchr(pw_symbols, ch))
+ feature_flags &= ~PW_SYMBOLS;
+ }
+ if (feature_flags & (PW_UPPERS | PW_DIGITS | PW_SYMBOLS))
+ goto try_again;
+ buf[size] = 0;
+ free(chars);
+ return;
+}
View
149 tools/pwgen-2.06/pwgen.1
@@ -0,0 +1,149 @@
+.TH PWGEN 1 "January 2006" "pwgen version 2.05"
+.SH NAME
+pwgen \- generate pronounceable passwords
+.SH SYNOPSIS
+.B pwgen
+[
+.I OPTION
+]
+[
+.I pw_length
+]
+[
+.I num_pw
+]
+.SH DESCRIPTION
+The
+.B pwgen
+program generates passwords which are designed to be easily memorized by
+humans, while being as secure as possible. Human-memorable passwords
+are never going to be as secure as completely completely random
+passwords. In particular, passwords generated by
+.B pwgen
+without the
+.B \-s
+option should not be used in places where the password could be attacked
+via an off-line brute-force attack. On the other hand, completely
+randomly generated passwords have a tendency to be written down,
+and are subject to being compromised in that fashion.
+.PP
+The
+.B pwgen
+program is designed
+to be used both interactively, and in shell scripts. Hence,
+its default behavior differs depending on whether the standard output
+is a tty device or a pipe to another program. Used interactively,
+.B pwgen
+will display a screenful of passwords, allowing the user to pick a single
+password, and then quickly erase the screen. This prevents someone from
+being able to "shoulder surf" the user's chosen password.
+.PP
+When standard output (stdout) is not a tty,
+.B pwgen
+will only generate one password, as this tends to be much more convenient
+for shell scripts, and in order to be
+compatible with previous versions of this program.
+.PP
+In addition, for
+backwards compatibility reasons, when stdout is not a tty and secure
+password generation mode has not been requested,
+.B pwgen
+will generate less secure passwords, as
+if the
+.B \-0A
+options had been passed to it on the command line. This can be
+overriden using the
+.B \-nc
+options. In the future, the behavior when stdout is a tty may change, so
+shell scripts using
+.B pwgen
+should explicitly specify the
+.B \-nc
+or
+.B \-0A
+options. The latter is not recommended for security reasons, since
+such passwords are far too easy to guess.
+.B
+.SH OPTIONS
+.TP
+.B \-0, \--no-numerals
+Don't include numbers in the generated passwords.
+.TP
+.B \-1
+Print the generated passwords one per line.
+.TP
+.B \-A, \--no-capitalize
+Don't bother to include any capital letters in the generated passwords.
+.TP
+.B \-a, --alt-phonics
+This option doesn't do anything special; it is present only for
+backwards compatibility.
+.TP
+.B \-B, --ambiguous
+Don't use characters that could be confused by the user when printed,
+such as 'l' and '1', or '0' or 'O'. This reduces the number of possible
+passwords significantly, and as such reduces the quality of the
+passwords. It may be useful for users who have bad vision, but in
+general use of this option is not recommended.
+.TP
+.B \-c, --capitalize
+Include at least one capital letter in the password. This is the default
+if the standard output is a tty device.
+.TP
+.B \-C
+Print the generated passwords in columns. This is the default if the
+standard output is a tty device.
+.TP
+.B \-N, --num-passwords=\fInum
+Generate
+.I num
+passwords. This defaults to a screenful if passwords are
+printed by columns, and one password.
+.TP
+.B \-n, --numerals
+Include at least one number in the password. This is the default
+if the standard output is a tty device.
+.TP
+.B \-H, --sha1=\fI/path/to/file[#seed]
+Will use the sha1's hash of given file and the optional seed to create
+password. It will allow you to compute the same password later,
+if you remember the file, seed, and pwgen's options used.
+ie: pwgen -H ~/your_favorite.mp3#your@email.com gives
+a list of possibles passwords for your pop3 account, and you can
+ask this list again and again.
+.IP
+.B WARNING:
+The passwords generated using this option are not very random. If you use
+this option, make sure the attacker can not obtain a copy of the file.
+Also, note that the name of the file may be easily available from the
+~/.history or ~/.bash_history file.
+.TP
+.B \-h, --help
+Print a help message.
+.TP
+.B \-s, --secure
+Generate completely random, hard-to-memorize passwords. These should
+only be used for machine passwords, since otherwise it's almost
+guaranteed that users will simply write the password on a piece of
+paper taped to the monitor...
+.TP
+.B \-v, --no-vowels
+Generate random passwords that do not contain vowels or numbers that
+might be mistaken for vowels. It provides less secure passwords to
+allow system administrators to not have to worry with random passwords
+accidentally contain offensive substrings.
+.TP
+.B \-y, --symbols
+Include at least one special character in the password.
+.SH AUTHOR
+This version of
+.B pwgen
+was written by Theodore Ts'o <tytso@alum.mit.edu>.
+It is modelled after a program
+originally written by Brandon S. Allbery, and then
+later extensively modified by Olaf Titz, Jim Lynch, and others.
+It was rewritten from scratch by Theodore Ts'o because the original program
+was somewhat of a hack, and thus hard to maintain, and because
+the licensing status of the program was unclear.
+.SH SEE ALSO
+.BR passwd (1)
View
215 tools/pwgen-2.06/pwgen.c
@@ -0,0 +1,215 @@
+/*
+ * pwgen.c --- generate secure passwords
+ *
+ * Copyright (C) 2001,2002 by Theodore Ts'o
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#ifdef HAVE_GETOPT_H
+#include <getopt.h>
+#endif
+
+#include "pwgen.h"
+
+/* Globals variables */
+int (*pw_number)(int max_num);
+
+/* Program parameters set via getopt */
+
+int pw_length = 8;
+int num_pw = -1;
+int pwgen_flags = 0;
+int do_columns = 0;
+
+#ifdef HAVE_GETOPT_LONG
+struct option pwgen_options[] = {
+ { "alt-phonics", no_argument, 0, 'a' },
+ { "capitalize", no_argument, 0, 'c' },
+ { "numerals", no_argument, 0, 'n'},
+ { "symbols", no_argument, 0, 'y'},
+ { "num-passwords", required_argument, 0, 'N'},
+ { "secure", no_argument, 0, 's' },
+ { "help", no_argument, 0, 'h'},
+ { "no-numerals", no_argument, 0, '0' },
+ { "no-capitalize", no_argument, 0, 'A' },
+ { "sha1", required_argument, 0, 'H' },
+ { "ambiguous", no_argument, 0, 'B' },
+ { "no-vowels", no_argument, 0, 'v' },
+ { 0, 0, 0, 0}
+};
+#endif
+
+const char *pw_options = "01AaBCcnN:shH:vy";
+
+static void usage(void)
+{
+ fputs("Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]\n\n", stderr);
+ fputs("Options supported by pwgen:\n", stderr);
+ fputs(" -c or --capitalize\n", stderr);
+ fputs("\tInclude at least one capital letter in the password\n",
+ stderr);
+ fputs(" -A or --no-capitalize\n", stderr);
+ fputs("\tDon't include capital letters in the password\n",
+ stderr);
+ fputs(" -n or --numerals\n", stderr);
+ fputs("\tInclude at least one number in the password\n", stderr);
+ fputs(" -0 or --no-numerals\n", stderr);
+ fputs("\tDon't include numbers in the password\n",
+ stderr);
+ fputs(" -y or --symbols\n", stderr);
+ fputs("\tInclude at least one special symbol in the password\n",
+ stderr);
+ fputs(" -s or --secure\n", stderr);
+ fputs("\tGenerate completely random passwords\n", stderr);
+ fputs(" -B or --ambiguous\n", stderr);
+ fputs("\tDon't include ambiguous characters in the password\n",
+ stderr);
+ fputs(" -h or --help\n", stderr);
+ fputs("\tPrint a help message\n", stderr);
+ fputs(" -H or --sha1=path/to/file[#seed]\n", stderr);
+ fputs("\tUse sha1 hash of given file as a (not so) random generator\n",
+ stderr);
+ fputs(" -C\n\tPrint the generated passwords in columns\n", stderr);
+ fputs(" -1\n\tDon't print the generated passwords in columns\n",
+ stderr);
+ fputs(" -v or --no-vowels\n", stderr);
+ fputs("\tDo not use any vowels so as to avoid accidental nasty words\n",
+ stderr);
+ exit(1);
+}
+
+
+int main(int argc, char **argv)
+{
+ int term_width = 80;
+ int c, i;
+ int num_cols = -1;
+ char *buf, *tmp;
+ void (*pwgen)(char *inbuf, int size, int pw_flags);
+
+ pwgen = pw_phonemes;
+ pw_number = pw_random_number;
+ if (isatty(1)) {
+ do_columns = 1;
+ pwgen_flags |= PW_DIGITS | PW_UPPERS;
+ }
+
+ while (1) {
+#ifdef HAVE_GETOPT_LONG
+ c = getopt_long(argc, argv, pw_options, pwgen_options, 0);
+#else
+ c = getopt(argc, argv, pw_options);
+#endif
+ if (c == -1)
+ break;
+ switch (c) {
+ case '0':
+ pwgen_flags &= ~PW_DIGITS;
+ break;
+ case 'A':
+ pwgen_flags &= ~PW_UPPERS;
+ break;
+ case 'a':
+ break;
+ case 'B':
+ pwgen_flags |= PW_AMBIGUOUS;
+ break;
+ case 'c':
+ pwgen_flags |= PW_UPPERS;
+ break;
+ case 'n':
+ pwgen_flags |= PW_DIGITS;
+ break;
+ case 'N':
+ num_pw = strtol(optarg, &tmp, 0);
+ if (*tmp) {
+ fprintf(stderr,
+ "Invalid number of passwords: %s\n",
+ optarg);
+ exit(1);
+ }
+ break;
+ case 's':
+ pwgen = pw_rand;
+ pwgen_flags = PW_DIGITS | PW_UPPERS;
+ break;
+ case 'C':
+ do_columns = 1;
+ break;
+ case '1':
+ do_columns = 0;
+ break;
+ case 'H':
+ pw_sha1_init(optarg);
+ pw_number = pw_sha1_number;
+ break;
+ case 'y':
+ pwgen_flags |= PW_SYMBOLS;
+ break;
+ case 'v':
+ pwgen = pw_rand;
+ pwgen_flags |= PW_NO_VOWELS | PW_DIGITS | PW_UPPERS;
+ break;
+ case 'h':
+ case '?':
+ usage();
+ break;
+ }
+ }
+ if (optind < argc) {
+ pw_length = strtol(argv[optind], &tmp, 0);
+ if (pw_length < 5)
+ pwgen = pw_rand;
+ if (pw_length <= 2)
+ pwgen_flags &= ~PW_UPPERS;
+ if (pw_length <= 1)
+ pwgen_flags &= ~PW_DIGITS;
+ if (*tmp) {
+ fprintf(stderr, "Invalid password length: %s\n",
+ argv[optind]);
+ exit(1);
+ }
+ optind++;
+ }
+
+ if (optind < argc) {
+ num_pw = strtol(argv[optind], &tmp, 0);
+ if (*tmp) {
+ fprintf(stderr, "Invalid number of passwords: %s\n",
+ argv[optind]);
+ exit(1);
+ }
+ }
+
+ if (do_columns) {
+ num_cols = term_width / (pw_length+1);
+ if (num_cols == 0)
+ num_cols = 1;
+ }
+ if (num_pw < 0)
+ num_pw = do_columns ? num_cols * 20 : 1;
+
+ buf = malloc(pw_length+1);
+ if (!buf) {
+ fprintf(stderr, "Couldn't malloc password buffer.\n");
+ exit(1);
+ }
+ for (i=0; i < num_pw; i++) {
+ pwgen(buf, pw_length, pwgen_flags);
+ if (!do_columns || ((i % num_cols) == (num_cols-1)))
+ printf("%s\n", buf);
+ else
+ printf("%s ", buf);
+ }
+ if ((num_cols > 1) && ((i % num_cols) != 0))
+ fputc('\n', stdout);
+ free(buf);
+ return 0;
+}
View
51 tools/pwgen-2.06/pwgen.h
@@ -0,0 +1,51 @@
+/*
+ * pwgen.h --- header file for password generator
+ *
+ * Copyright (C) 2001,2002 by Theodore Ts'o
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+struct pw_element {
+ const char *str;
+ int flags;
+};
+
+/*
+ * Flags for the pw_element
+ */
+#define CONSONANT 0x0001
+#define VOWEL 0x0002
+#define DIPTHONG 0x0004
+#define NOT_FIRST 0x0008
+
+/*
+ * Flags for the pwgen function
+ */
+#define PW_DIGITS 0x0001 /* At least one digit */
+#define PW_UPPERS 0x0002 /* At least one upper letter */
+#define PW_SYMBOLS 0x0004
+#define PW_AMBIGUOUS 0x0008
+#define PW_NO_VOWELS 0x0010
+
+/* pointer to choose between random or sha1 pseudo random number generator */
+extern int (*pw_number)(int max_num);
+
+extern const char *pw_symbols;
+extern const char *pw_ambiguous;
+
+/* Function prototypes */
+
+/* pw_phonemes.c */
+extern void pw_phonemes(char *buf, int size, int pw_flags);
+
+/* pw_rand.c */
+extern void pw_rand(char *buf, int size, int pw_flags);
+
+/* randnum.c */
+extern int pw_random_number(int max_num);
+
+/* sha1num.c */
+extern void pw_sha1_init(char *sha1);
+extern int pw_sha1_number(int max_num);
View
95 tools/pwgen-2.06/randnum.c
@@ -0,0 +1,95 @@
+/*
+ * randnum.c -- generate (good) randum numbers.
+ *
+ * Copyright (C) 2001,2002 by Theodore Ts'o
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "pwgen.h"
+
+#ifdef HAVE_DRAND48
+extern double drand48(void);
+#endif
+
+static int get_random_fd(void);
+
+/* Borrowed/adapted from e2fsprogs's UUID generation code */
+static int get_random_fd()
+{
+ struct timeval tv;
+ static int fd = -2;
+ int i;
+
+ if (fd == -2) {
+ gettimeofday(&tv, 0);
+ fd = open("/dev/urandom", O_RDONLY);
+ if (fd == -1)
+ fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
+#ifdef HAVE_DRAND48
+ srand48((tv.tv_sec<<9) ^ (getpgrp()<<15) ^
+ (getpid()) ^ (tv.tv_usec>>11));
+#else
+ srandom((getpid() << 16) ^ (getpgrp() << 8) ^ getuid()
+ ^ tv.tv_sec ^ tv.tv_usec);
+#endif
+ }
+ /* Crank the random number generator a few times */
+ gettimeofday(&tv, 0);
+ for (i = (tv.tv_sec ^ tv.tv_usec) & 0x1F; i > 0; i--)
+#ifdef HAVE_DRAND48
+ drand48();
+#else
+ random();
+#endif
+ return fd;
+}
+
+/*
+ * Generate a random number n, where 0 <= n < max_num, using
+ * /dev/urandom if possible.
+ */
+int pw_random_number(max_num)
+ int max_num;
+{
+ int i, fd = get_random_fd();
+ int lose_counter = 0, nbytes=4;
+ unsigned int rand_num;
+ char *cp = (char *) &rand_num;
+
+ if (fd >= 0) {
+ while (nbytes > 0) {
+ i = read(fd, cp, nbytes);
+ if ((i < 0) &&
+ ((errno == EINTR) || (errno == EAGAIN)))
+ continue;
+ if (i <= 0) {
+ if (lose_counter++ == 8)
+ break;
+ continue;
+ }
+ nbytes -= i;
+ cp += i;
+ lose_counter = 0;
+ }
+ }
+ if (nbytes == 0)
+ return (rand_num % max_num);
+
+ /* OK, we weren't able to use /dev/random, fall back to rand/rand48 */
+
+#ifdef HAVE_DRAND48
+ return ((int) ((drand48() * max_num)));
+#else
+ return ((int) (random() / ((float) RAND_MAX) * max_num));
+#endif
+}
View
399 tools/pwgen-2.06/sha1.c
@@ -0,0 +1,399 @@
+/*
+ * FIPS-180-1 compliant SHA-1 implementation
+ *
+ * Copyright (C) 2001-2003 Christophe Devine
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include <string.h>
+
+#include "sha1.h"
+
+
+void sha1_process(sha1_context *ctx, uint8 data[64]);
+
+
+#define GET_UINT32(n,b,i) \
+{ \
+ (n) = ( (uint32) (b)[(i) ] << 24 ) \
+ | ( (uint32) (b)[(i) + 1] << 16 ) \
+ | ( (uint32) (b)[(i) + 2] << 8 ) \
+ | ( (uint32) (b)[(i) + 3] ); \
+}
+
+#define PUT_UINT32(n,b,i) \
+{ \
+ (b)[(i) ] = (uint8) ( (n) >> 24 ); \
+ (b)[(i) + 1] = (uint8) ( (n) >> 16 ); \
+ (b)[(i) + 2] = (uint8) ( (n) >> 8 ); \
+ (b)[(i) + 3] = (uint8) ( (n) ); \
+}
+
+void sha1_starts(ctx)
+ sha1_context *ctx;
+{
+ ctx->total[0] = 0;
+ ctx->total[1] = 0;
+
+ ctx->state[0] = 0x67452301;
+ ctx->state[1] = 0xEFCDAB89;
+ ctx->state[2] = 0x98BADCFE;
+ ctx->state[3] = 0x10325476;
+ ctx->state[4] = 0xC3D2E1F0;
+}
+
+void sha1_process(ctx, data)
+ sha1_context *ctx;
+ uint8 data[64];
+{
+ uint32 temp, W[16], A, B, C, D, E;
+
+ GET_UINT32( W[0], data, 0 );
+ GET_UINT32( W[1], data, 4 );
+ GET_UINT32( W[2], data, 8 );
+ GET_UINT32( W[3], data, 12 );
+ GET_UINT32( W[4], data, 16 );
+ GET_UINT32( W[5], data, 20 );
+ GET_UINT32( W[6], data, 24 );
+ GET_UINT32( W[7], data, 28 );
+ GET_UINT32( W[8], data, 32 );
+ GET_UINT32( W[9], data, 36 );
+ GET_UINT32( W[10], data, 40 );
+ GET_UINT32( W[11], data, 44 );
+ GET_UINT32( W[12], data, 48 );
+ GET_UINT32( W[13], data, 52 );
+ GET_UINT32( W[14], data, 56 );
+ GET_UINT32( W[15], data, 60 );
+
+#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+#define R(t) \
+( \
+ temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
+ W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
+ ( W[t & 0x0F] = S(temp,1) ) \
+)
+
+#define P(a,b,c,d,e,x) \
+{ \
+ e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
+}
+
+ A = ctx->state[0];
+ B = ctx->state[1];
+ C = ctx->state[2];
+ D = ctx->state[3];
+ E = ctx->state[4];
+
+#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define K 0x5A827999
+
+ P( A, B, C, D, E, W[0] );
+ P( E, A, B, C, D, W[1] );
+ P( D, E, A, B, C, W[2] );
+ P( C, D, E, A, B, W[3] );
+ P( B, C, D, E, A, W[4] );
+ P( A, B, C, D, E, W[5] );
+ P( E, A, B, C, D, W[6] );
+ P( D, E, A, B, C, W[7] );
+ P( C, D, E, A, B, W[8] );
+ P( B, C, D, E, A, W[9] );
+ P( A, B, C, D, E, W[10] );
+ P( E, A, B, C, D, W[11] );
+ P( D, E, A, B, C, W[12] );
+ P( C, D, E, A, B, W[13] );
+ P( B, C, D, E, A, W[14] );
+ P( A, B, C, D, E, W[15] );
+ P( E, A, B, C, D, R(16) );
+ P( D, E, A, B, C, R(17) );
+ P( C, D, E, A, B, R(18) );
+ P( B, C, D, E, A, R(19) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0x6ED9EBA1
+
+ P( A, B, C, D, E, R(20) );
+ P( E, A, B, C, D, R(21) );
+ P( D, E, A, B, C, R(22) );
+ P( C, D, E, A, B, R(23) );
+ P( B, C, D, E, A, R(24) );
+ P( A, B, C, D, E, R(25) );
+ P( E, A, B, C, D, R(26) );
+ P( D, E, A, B, C, R(27) );
+ P( C, D, E, A, B, R(28) );
+ P( B, C, D, E, A, R(29) );
+ P( A, B, C, D, E, R(30) );
+ P( E, A, B, C, D, R(31) );
+ P( D, E, A, B, C, R(32) );
+ P( C, D, E, A, B, R(33) );
+ P( B, C, D, E, A, R(34) );
+ P( A, B, C, D, E, R(35) );
+ P( E, A, B, C, D, R(36) );
+ P( D, E, A, B, C, R(37) );
+ P( C, D, E, A, B, R(38) );
+ P( B, C, D, E, A, R(39) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) ((x & y) | (z & (x | y)))
+#define K 0x8F1BBCDC
+
+ P( A, B, C, D, E, R(40) );
+ P( E, A, B, C, D, R(41) );
+ P( D, E, A, B, C, R(42) );
+ P( C, D, E, A, B, R(43) );
+ P( B, C, D, E, A, R(44) );
+ P( A, B, C, D, E, R(45) );
+ P( E, A, B, C, D, R(46) );
+ P( D, E, A, B, C, R(47) );
+ P( C, D, E, A, B, R(48) );
+ P( B, C, D, E, A, R(49) );
+ P( A, B, C, D, E, R(50) );
+ P( E, A, B, C, D, R(51) );
+ P( D, E, A, B, C, R(52) );
+ P( C, D, E, A, B, R(53) );
+ P( B, C, D, E, A, R(54) );
+ P( A, B, C, D, E, R(55) );
+ P( E, A, B, C, D, R(56) );
+ P( D, E, A, B, C, R(57) );
+ P( C, D, E, A, B, R(58) );
+ P( B, C, D, E, A, R(59) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0xCA62C1D6
+
+ P( A, B, C, D, E, R(60) );
+ P( E, A, B, C, D, R(61) );
+ P( D, E, A, B, C, R(62) );
+ P( C, D, E, A, B, R(63) );
+ P( B, C, D, E, A, R(64) );
+ P( A, B, C, D, E, R(65) );
+ P( E, A, B, C, D, R(66) );
+ P( D, E, A, B, C, R(67) );
+ P( C, D, E, A, B, R(68) );
+ P( B, C, D, E, A, R(69) );
+ P( A, B, C, D, E, R(70) );
+ P( E, A, B, C, D, R(71) );
+ P( D, E, A, B, C, R(72) );
+ P( C, D, E, A, B, R(73) );
+ P( B, C, D, E, A, R(74) );
+ P( A, B, C, D, E, R(75) );
+ P( E, A, B, C, D, R(76) );
+ P( D, E, A, B, C, R(77) );
+ P( C, D, E, A, B, R(78) );
+ P( B, C, D, E, A, R(79) );
+
+#undef K
+#undef F
+
+ ctx->state[0] += A;
+ ctx->state[1] += B;
+ ctx->state[2] += C;
+ ctx->state[3] += D;
+ ctx->state[4] += E;
+}
+
+void sha1_update(ctx, input, length )
+ sha1_context *ctx;
+ uint8 *input;
+ uint32 length;
+{
+ uint32 left, fill;
+
+ if( ! length ) return;
+
+ left = ctx->total[0] & 0x3F;
+ fill = 64 - left;
+
+ ctx->total[0] += length;
+ ctx->total[0] &= 0xFFFFFFFF;
+
+ if( ctx->total[0] < length )
+ ctx->total[1]++;
+
+ if( left && length >= fill )
+ {
+ memcpy( (void *) (ctx->buffer + left),
+ (void *) input, fill );
+ sha1_process( ctx, ctx->buffer );
+ length -= fill;
+ input += fill;
+ left = 0;
+ }
+
+ while( length >= 64 )
+ {
+ sha1_process( ctx, input );
+ length -= 64;
+ input += 64;
+ }
+
+ if( length )
+ {
+ memcpy( (void *) (ctx->buffer + left),
+ (void *) input, length );
+ }
+}
+
+static uint8 sha1_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+void sha1_finish( ctx, digest )
+ sha1_context *ctx;
+ uint8 digest[20];
+{
+ uint32 last, padn;
+ uint32 high, low;
+ uint8 msglen[8];
+
+ high = ( ctx->total[0] >> 29 )
+ | ( ctx->total[1] << 3 );
+ low = ( ctx->total[0] << 3 );
+
+ PUT_UINT32( high, msglen, 0 );
+ PUT_UINT32( low, msglen, 4 );
+
+ last = ctx->total[0] & 0x3F;
+ padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+ sha1_update( ctx, sha1_padding, padn );
+ sha1_update( ctx, msglen, 8 );
+
+ PUT_UINT32( ctx->state[0], digest, 0 );
+ PUT_UINT32( ctx->state[1], digest, 4 );
+ PUT_UINT32( ctx->state[2], digest, 8 );
+ PUT_UINT32( ctx->state[3], digest, 12 );
+ PUT_UINT32( ctx->state[4], digest, 16 );
+}
+
+#ifdef TEST
+
+#include <stdlib.h>
+#include <stdio.h>
+
+/*
+ * those are the standard FIPS-180-1 test vectors
+ */
+
+static char *msg[] =
+{
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL
+};
+
+static char *val[] =
+{
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f"
+};
+
+int main( argc, argv )
+ int argc;
+ char **argv;
+{
+ FILE *f;
+ int i, j;
+ char output[41];
+ sha1_context ctx;
+ unsigned char buf[1000];
+ unsigned char sha1sum[20];
+
+ if( argc < 2 )
+ {
+ printf( "\n SHA-1 Validation Tests:\n\n" );
+
+ for( i = 0; i < 3; i++ )
+ {
+ printf( " Test %d ", i + 1 );
+
+ sha1_starts( &ctx );
+
+ if( i < 2 )
+ {
+ sha1_update( &ctx, (uint8 *) msg[i],
+ strlen( msg[i] ) );
+ }
+ else
+ {
+ memset( buf, 'a', 1000 );
+
+ for( j = 0; j < 1000; j++ )
+ {
+ sha1_update( &ctx, (uint8 *) buf, 1000 );
+ }
+ }
+
+ sha1_finish( &ctx, sha1sum );
+
+ for( j = 0; j < 20; j++ )
+ {
+ sprintf( output + j * 2, "%02x", sha1sum[j] );
+ }
+
+ if( memcmp( output, val[i], 40 ) )
+ {
+ printf( "failed!\n" );
+ return( 1 );
+ }
+
+ printf( "passed.\n" );
+ }
+
+ printf( "\n" );
+ }
+ else
+ {
+ if( ! ( f = fopen( argv[1], "rb" ) ) )
+ {
+ perror( "fopen" );
+ return( 1 );
+ }
+
+ sha1_starts( &ctx );
+
+ while( ( i = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
+ {
+ sha1_update( &ctx, buf, i );
+ }
+
+ sha1_finish( &ctx, sha1sum );
+
+ for( j = 0; j < 20; j++ )
+ {
+ printf( "%02x", sha1sum[j] );
+ }
+
+ printf( " %s\n", argv[1] );
+ }
+
+ return( 0 );
+}
+
+#endif
View
24 tools/pwgen-2.06/sha1.h
@@ -0,0 +1,24 @@
+#ifndef _SHA1_H
+#define _SHA1_H
+
+#ifndef uint8
+#define uint8 unsigned char
+#endif
+
+#ifndef uint32
+#define uint32 unsigned long int
+#endif
+
+typedef struct
+{
+ uint32 total[2];
+ uint32 state[5];
+ uint8 buffer[64];
+}
+sha1_context;
+
+void sha1_starts( sha1_context *ctx );
+void sha1_update( sha1_context *ctx, uint8 *input, uint32 length );
+void sha1_finish( sha1_context *ctx, uint8 digest[20] );
+
+#endif /* sha1.h */
View
75 tools/pwgen-2.06/sha1num.c
@@ -0,0 +1,75 @@
+/*
+ * sha1num.c --- generate sha1 hash based, pseudo random numbers
+ *
+ * Copyright (C) 2005 by Olivier Guerrier
+ *
+ * This file may be distributed under the terms of the GNU Public
+ * License.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "pwgen.h"
+#include "sha1.h"
+
+sha1_context sha1_ctx;
+char *sha1_seed;
+const char *sha1_magic="pwgen";
+unsigned char sha1sum[20];
+int sha1sum_idx=20;
+
+void pw_sha1_init(char *sha1)
+{
+ int i = 0;
+ char *seed;
+ FILE *f;
+ unsigned char buf[1024];
+
+ if ((seed = strchr(sha1,'#'))) {
+ *(seed++) = 0;
+ sha1_seed = malloc(strlen(seed)+1);
+ if (!sha1_seed) {
+ fprintf(stderr, "Couldn't malloc sha1_seed buffer.\n");
+ exit(1);
+ }
+ strcpy(sha1_seed, seed);
+ }
+ else {
+ sha1_seed = malloc(strlen(sha1_magic)+1);
+ if (!sha1_seed) {
+ fprintf(stderr, "Couldn't malloc sha1_seed buffer.\n");
+ exit(1);
+ }
+ strcpy(sha1_seed, sha1_magic);
+ }
+
+ if( ! ( f = fopen( sha1, "rb" ) ) ) {