1 files changed, 135 insertions, 0 deletions

diff --git a/usr.bin/csup/cpasswd.sh b/usr.bin/csup/cpasswd.sh
new file mode 100755
index 000000000000..71e17c5d8150
--- /dev/null
+++ b/usr.bin/csup/cpasswd.sh
@@ -0,0 +1,135 @@
+#! /bin/sh
+#
+# Copyright 2007. Petar Zhivkov Petrov 
+# pesho.petrov@gmail.com
+#
+# $FreeBSD$
+
+usage() {
+	echo "Usage: $0 clientName serverName"
+	echo "       $0 -v"
+}
+
+countChars() {
+    _count="`echo "$1" | sed -e "s/[^$2]//g" | tr -d "\n" | wc -c`"
+	return 0
+}
+
+readPassword() {
+	while [ true ]; do
+		stty -echo
+		read -p "$1" _password
+		stty echo
+		echo ""
+		countChars "$_password" ":"
+		if [ $_count != 0 ]; then
+			echo "Sorry, password must not contain \":\" characters"
+			echo ""
+		else
+			break
+		fi
+	done
+	return 0
+}
+
+makeSecret() {
+	local clientLower="`echo "$1" | tr "[:upper:]" "[:lower:]"`"
+	local serverLower="`echo "$2" | tr "[:upper:]" "[:lower:]"`"
+	local secret="`md5 -qs "$clientLower:$serverLower:$3"`"
+	_secret="\$md5\$$secret"
+}
+
+if [ $# -eq 1 -a "X$1" = "X-v" ]; then
+	echo "Csup authentication key generator"
+	usage
+	exit
+elif [ $# -ne 2 ]; then
+	usage
+	exit
+fi
+
+clientName=$1
+serverName=$2
+
+#
+# Client name must contain exactly one '@' and at least one '.'.
+# It must not contain a ':'.
+#
+
+countChars "$clientName" "@"
+aCount=$_count
+
+countChars "$clientName" "."
+dotCount=$_count
+if [ $aCount -ne 1 -o $dotCount -eq 0 ]; then
+	echo "Client name must have the form of an e-mail address,"
+	echo "e.g., \"user@domain.com\""
+	exit
+fi
+
+countChars "$clientName" ":"
+colonCount=$_count
+if [ $colonCount -gt 0 ]; then
+	echo "Client name must not contain \":\" characters"
+	exit
+fi
+
+#
+# Server name must not contain '@' and must have at least one '.'.
+# It also must not contain a ':'.
+#
+
+countChars "$serverName" "@"
+aCount=$_count
+
+countChars "$serverName" "."
+dotCount=$_count
+if [ $aCount != 0 -o $dotCount = 0 ]; then
+	echo "Server name must be a fully-qualified domain name."
+	echo "e.g., \"host.domain.com\""
+	exit
+fi
+
+countChars "$serverName" ":"
+colonCount=$_count
+if [ $colonCount -gt 0 ]; then
+	echo "Server name must not contain \":\" characters"
+	exit
+fi
+
+#
+# Ask for password and generate secret.
+#
+
+while [ true ]; do
+	readPassword "Enter password: "
+	makeSecret "$clientName" "$serverName" "$_password"
+	secret=$_secret
+
+	readPassword "Enter same password again: "
+	makeSecret "$clientName" "$serverName" "$_password"
+	secret2=$_secret
+
+	if [ "X$secret" = "X$secret2" ]; then
+		break
+	else
+		echo "Passwords did not match.  Try again."
+		echo ""
+	fi
+done
+
+echo ""
+echo "Send this line to the server administrator at $serverName:"
+echo "-------------------------------------------------------------------------------"
+echo "$clientName:$secret::"
+echo "-------------------------------------------------------------------------------"
+echo "Be sure to send it using a secure channel!"
+echo ""
+echo "Add this line to your file \"$HOME/.csup/auth\", replacing \"XXX\""
+echo "with the password you typed in:"
+echo "-------------------------------------------------------------------------------"
+echo "$serverName:$clientName:XXX:"
+echo "-------------------------------------------------------------------------------"
+echo "Make sure the file is readable and writable only by you!"
+echo ""
+