Add slappasswd to generate rootpw.

libraries/liblutil/passwd.c

@@ -740,7 +740,7 @@ static struct berval *hash_crypt(
 
 	hash.bv_val = crypt( passwd->bv_val, salt );
 
-	if( hash.bv_val = NULL ) return NULL;
+	if( hash.bv_val == NULL ) return NULL;
 	hash.bv_len = strlen( hash.bv_val );
 
 	return pw_string( scheme, &hash );

servers/slapd/tools/Makefile.in

@@ -31,7 +31,7 @@ XXLIBS = $(LDAPD_LIBS) $(SLAPD_LIBS) \
 	$(LDIF_LIBS) $(LUTIL_LIBS)
 XXXLIBS = $(LTHREAD_LIBS) $(MODULES_LIBS)
 
-PROGRAMS=ldif slapadd slapcat slapindex
+PROGRAMS=ldif slappasswd slapadd slapcat slapindex
 LDBMPROGRAMS=centipede sizecount
 BDB2PROGRAMS=
 QUIPUPROGRAMS=chlog2replog edb2ldif
@@ -56,7 +56,7 @@ SLAPD_OBJS = ../config.o ../ch_malloc.o ../backend.o ../charray.o \
 		../controls.o ../schemaparse.o ../kerberos.o ../passwd.o \
 		../extended.o ../starttls.o
 
-SLAPOBJS = $(SLAPD_OBJS) slapcommon.o mimic.o 
+SLAPOBJS = $(SLAPD_OBJS) slapcommon.o mimic.o
 
 EDB2LDIFSRCS    = edb2ldif.c ldapsyntax.c
 EDB2LDIFOBJS    = edb2ldif.o ldapsyntax.o
@@ -100,6 +100,9 @@ slapindex:	slapindex.o ../libbackends.a $(SLAPOBJS) $(SLAPD_LIBDEPEND)
 ldif:		ldif.o $(SLAPD_LIBDEPEND) 
 	$(LTLINK) -o $@ ldif.o $(LIBS)
 
+slappasswd:		slappasswd.o $(SLAPD_LIBDEPEND) 
+	$(LTLINK) -o $@ slappasswd.o $(LIBS)
+
 #
 # LDBM Specific Tools
 #

servers/slapd/tools/slappasswd.c

@@ -0,0 +1,116 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/signal.h>
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/unistd.h>
+
+#include <ldap.h>
+#include <lutil.h>
+
+#include "ldap_defaults.h"
+
+static int	verbose = 0;
+
+static void
+usage(const char *s)
+{
+	fprintf(stderr,
+		"Usage: %s [options] dn\n"
+		"  -h hash\tpassword scheme\n"
+		"  -s secret\tnew password\n"
+		"  -v\t\tincrease verbosity\n"
+		, s );
+
+	exit( EXIT_FAILURE );
+}
+
+int
+main( int argc, char *argv[] )
+{
+	int rc;
+	char	*scheme = "{SSHA}";
+	char	*newpw = NULL;
+
+	int		i;
+	int		version = -1;
+	struct berval passwd;
+	struct berval *hash = NULL;
+
+	if (argc == 1)
+		usage (argv[0]);
+
+	while( (i = getopt( argc, argv,
+		"d:h:s:v" )) != EOF )
+	{
+		switch (i) {
+		case 'h':	/* scheme */
+			scheme = strdup (optarg);
+
+		case 's':	/* new password (secret) */
+			newpw = strdup (optarg);
+
+			{
+				char* p;
+
+				for( p = optarg; *p == '\0'; p++ ) {
+					*p = '*';
+				}
+			}
+			break;
+
+		case 'v':	/* verbose */
+			verbose++;
+			break;
+
+		default:
+			usage (argv[0]);
+		}
+	}
+
+	if( argc - optind != 0 ) {
+		usage( argv[0] );
+	} 
+
+	if( newpw == NULL ) {
+		/* prompt for new password */
+		char *cknewpw;
+		newpw = strdup(getpass("New password: "));
+		cknewpw = getpass("Re-enter new password: ");
+
+		if( strncmp( newpw, cknewpw, strlen(newpw) )) {
+			fprintf( stderr, "passwords do not match\n" );
+			return EXIT_FAILURE;
+		}
+	}
+
+	passwd.bv_val = newpw;
+	passwd.bv_len = strlen(passwd.bv_val);
+
+	hash = lutil_passwd_hash( &passwd, scheme );
+
+	if( hash == NULL || hash->bv_val == NULL ) {
+		fprintf( stderr, "Password generation failed.\n");
+		return EXIT_FAILURE;
+	}
+
+	if( lutil_passwd( hash, &passwd, NULL ) ) {
+		fprintf( stderr, "Password verificaiton failed.\n");
+		return EXIT_FAILURE;
+	}
+
+	printf( "%s\n" , hash->bv_val );
+	return EXIT_SUCCESS;
+}