ITS#2906: report invalid userPassword schemes, clarify documentation

c8408d3c · Kurt Zeilenga · 14da72a9 · c8408d3c · c8408d3c · c8408d3c
Commit c8408d3c authored 21 years ago by Kurt Zeilenga
--- a/doc/man/man8/slappasswd.8
+++ b/doc/man/man8/slappasswd.8
@@ -64,6 +64,12 @@ be specified:
 The default is 
 .IR {SSHA} .

+Note that scheme names may need to be protected, due to
+.B {
+and
+.BR } ,
+from expansion by the user's command interpreter.
+
 .B {SHA}
 and
 .B {SSHA}

--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -377,9 +377,17 @@ struct berval * lutil_passwd_hash(
 {
 	const struct pw_scheme *sc = get_scheme( method );

+	if( sc == NULL ) {
+		*text = "scheme not recognized";
+		return NULL;
+	}
+
+	if( ! sc->hash_fn ) {
+		*text = "scheme provided no hash function";
+		return NULL;
+	}
+
 	if( text ) *text = NULL;
-	if( sc == NULL ) return NULL;
-	if( ! sc->hash_fn ) return NULL;

 	return (sc->hash_fn)( &sc->name, passwd, text );
 }

--- a/servers/slapd/tools/slappasswd.c
+++ b/servers/slapd/tools/slappasswd.c
@@ -131,10 +131,10 @@ main( int argc, char *argv[] )
 	}

 	hash = lutil_passwd_hash( &passwd, scheme, &text );
-
 	if( hash == NULL || hash->bv_val == NULL ) {
-		fprintf( stderr, "Password generation failed. %s\n",
-			text ? text : "" );
+		fprintf( stderr,
+			"Password generation failed for scheme %s: %s\n",
+			scheme, text ? text : "" );
 		return EXIT_FAILURE;
 	}