Fix misleading crypt vs hash terminology in ht* and dbmmanage tools.

What the htpasswd, htdbm and dbmmanage tools do is hashing passwords, not encrypting them, so fix the terminology in manpages, docs, --help, comments and function names. Submitted by: Michele Preziuso <mpreziuso kaosdynamics.com> Reviewed by: ylavic Github: closes #153 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1884207 13f79535-47bb-0310-9956-ffa450edef68
author: Yann Ylavic <ylavic@apache.org> 2020-12-08 14:06:16 +0000
committer: Yann Ylavic <ylavic@apache.org> 2020-12-08 14:06:16 +0000
commit: 542f66501b547cc8a03908323e891a31b6f2a6f5 (patch)
tree: 35e877a1c3fe66b80e5d3ed3295bb352fb98c2d3 /support
parent: 7bb1b3dbd6e7872ca49c9c6f47a35a6114828c45 (diff)
download: httpd-542f66501b547cc8a03908323e891a31b6f2a6f5.tar.gz
3 files changed, 56 insertions, 56 deletions
diff --git a/support/dbmmanage.in b/support/dbmmanage.in
index 2dd8c8679b..881d2301ad 100644
--- a/support/dbmmanage.in
+++ b/support/dbmmanage.in
@@ -32,9 +32,9 @@ sub usage {
     die <<SYNTAX;
 Usage: dbmmanage [enc] dbname command [username [pw [group[,group] [comment]]]]
 
-    where enc is  -d for crypt encryption (default except on Win32, Netware)
-                  -m for MD5 encryption (default on Win32, Netware)
-                  -s for SHA1 encryption
+    where enc is  -d for crypt hashing (default except on Win32, Netware)
+                  -m for MD5 hashing (default on Win32, Netware)
+                  -s for SHA1 hashing
                   -p for plaintext
 
     command is one of: $cmds
@@ -48,7 +48,7 @@ Usage: dbmmanage [enc] dbname command [username [pw [group[,group] [comment]]]]
 SYNTAX
 }
 
-sub need_sha1_crypt {
+sub need_sha1_hash {
     if (!eval ('require "Digest/SHA1.pm";')) {
         print STDERR <<SHAERR;
 dbmmanage SHA1 passwords require the interface or the module Digest::SHA1
@@ -56,21 +56,21 @@ available from CPAN:
 
     http://www.cpan.org/modules/by-module/Digest/Digest-MD5-2.12.tar.gz
 
-Please install Digest::SHA1 and try again, or use a different crypt option:
+Please install Digest::SHA1 and try again, or use a different hashing option:
 
 SHAERR
         usage();
     }
 }
 
-sub need_md5_crypt {
+sub need_md5_hash {
     if (!eval ('require "Crypt/PasswdMD5.pm";')) {
         print STDERR <<MD5ERR;
 dbmmanage MD5 passwords require the module Crypt::PasswdMD5 available from CPAN
 
     http://www.cpan.org/modules/by-module/Crypt/Crypt-PasswdMD5-1.1.tar.gz
 
-Please install Crypt::PasswdMD5 and try again, or use a different crypt option:
+Please install Crypt::PasswdMD5 and try again, or use a different hashing option:
 
 MD5ERR
         usage();
@@ -93,10 +93,10 @@ my $newstyle_salt = $^O =~ /(?:$newstyle_salt_platforms)/;
 my $crypt_not_supported_platforms = join '|', qw{MSWin32 NetWare}; #others?
 my $crypt_not_supported = $^O =~ /(?:$crypt_not_supported_platforms)/;
 
-my $crypt_method = "crypt";
+my $hash_method = "crypt";
 
 if ($crypt_not_supported) {
-    $crypt_method = "md5";
+    $hash_method = "md5";
 }
 
 # Some platforms won't jump through our favorite hoops
@@ -105,7 +105,7 @@ my $not_unix_platforms = join '|', qw{MSWin32 NetWare}; #others?
 my $not_unix = $^O =~ /(?:$not_unix_platforms)/;
 
 if ($crypt_not_supported) {
-    $crypt_method = "md5";
+    $hash_method = "md5";
 }
 
 if (@ARGV[0] eq "-d") {
@@ -114,12 +114,12 @@ if (@ARGV[0] eq "-d") {
         print STDERR
               "Warning: Apache/$^O does not support crypt()ed passwords!\n\n";
     }
-    $crypt_method = "crypt";
+    $hash_method = "crypt";
 }
 
 if (@ARGV[0] eq "-m") {
     shift @ARGV;
-    $crypt_method = "md5";
+    $hash_method = "md5";
 }
 
 if (@ARGV[0] eq "-p") {
@@ -128,20 +128,20 @@ if (@ARGV[0] eq "-p") {
         print STDERR
               "Warning: Apache/$^O does not support plaintext passwords!\n\n";
     }
-    $crypt_method = "plain";
+    $hash_method = "plain";
 }
 
 if (@ARGV[0] eq "-s") {
     shift @ARGV;
-    need_sha1_crypt();
-    $crypt_method = "sha1";
+    need_sha1_hash();
+    $hash_method = "sha1";
 }
 
-if ($crypt_method eq "md5") {
-    need_md5_crypt();
+if ($hash_method eq "md5") {
+    need_md5_hash();
 }
 
-my($file,$command,$key,$crypted_pwd,$groups,$comment) = @ARGV;
+my($file,$command,$key,$hashed_pwd,$groups,$comment) = @ARGV;
 
 usage() unless $file and $command and defined &{$dbmc::{$command}};
 
@@ -188,7 +188,7 @@ sub saltpw_crypt {
         randchar(2);
 }
 
-sub cryptpw_crypt {
+sub hashpw_crypt {
     my ($pw, $salt) = @_;
     $salt = saltpw_crypt unless $salt;
     crypt $pw, $salt;
@@ -199,24 +199,24 @@ sub saltpw_md5 {
     randchar(8);
 }
 
-sub cryptpw_md5 {
+sub hashpw_md5 {
     my($pw, $salt) = @_;
     $salt = saltpw_md5 unless $salt;
     Crypt::PasswdMD5::apache_md5_crypt($pw, $salt);
 }
 
-sub cryptpw_sha1 {
+sub hashpw_sha1 {
     my($pw, $salt) = @_;
     '{SHA}' . Digest::SHA1::sha1_base64($pw) . "=";
 }
 
-sub cryptpw {
-    if ($crypt_method eq "md5") {
-        return cryptpw_md5(@_);
-    } elsif ($crypt_method eq "sha1") {
-        return cryptpw_sha1(@_);
-    } elsif ($crypt_method eq "crypt") {
-        return cryptpw_crypt(@_);
+sub hashpw {
+    if ($hash_method eq "md5") {
+        return hashpw_md5(@_);
+    } elsif ($hash_method eq "sha1") {
+        return hashpw_sha1(@_);
+    } elsif ($hash_method eq "crypt") {
+        return hashpw_crypt(@_);
     }
     @_[0]; # otherwise return plaintext
 }
@@ -243,10 +243,10 @@ sub getpass {
 
 sub dbmc::update {
     die "Sorry, user `$key' doesn't exist!\n" unless $DB{$key};
-    $crypted_pwd = (split /:/, $DB{$key}, 3)[0] if $crypted_pwd eq '.';
+    $hashed_pwd = (split /:/, $DB{$key}, 3)[0] if $hashed_pwd eq '.';
     $groups = (split /:/, $DB{$key}, 3)[1] if !$groups || $groups eq '.';
     $comment = (split /:/, $DB{$key}, 3)[2] if !$comment || $comment eq '.';
-    if (!$crypted_pwd || $crypted_pwd eq '-') {
+    if (!$hashed_pwd || $hashed_pwd eq '-') {
         dbmc->adduser;
     }
     else {
@@ -255,23 +255,23 @@ sub dbmc::update {
 }
 
 sub dbmc::add {
-    die "Can't use empty password!\n" unless $crypted_pwd;
+    die "Can't use empty password!\n" unless $hashed_pwd;
     unless($is_update) {
         die "Sorry, user `$key' already exists!\n" if $DB{$key};
     }
     $groups = '' if $groups eq '-';
     $comment = '' if $comment eq '-';
     $groups .= ":" . $comment if $comment;
-    $crypted_pwd .= ":" . $groups if $groups;
-    $DB{$key} = $crypted_pwd;
+    $hashed_pwd .= ":" . $groups if $groups;
+    $DB{$key} = $hashed_pwd;
     my $action = $is_update ? "updated" : "added";
-    print "User $key $action with password encrypted to $DB{$key} using $crypt_method\n";
+    print "User $key $action with password hashed to $DB{$key} using $hash_method\n";
 }
 
 sub dbmc::adduser {
     my $value = getpass "New password:";
     die "They don't match, sorry.\n" unless getpass("Re-type new password:") eq $value;
-    $crypted_pwd = cryptpw $value;
+    $hashed_pwd = hashpw $value;
     dbmc->add;
 }
 
@@ -289,23 +289,23 @@ sub dbmc::check {
     my $chkpass = (split /:/, $DB{$key}, 3)[0];
     my $testpass = getpass();
     if (substr($chkpass, 0, 6) eq '$apr1$') {
-        need_md5_crypt;
-        $crypt_method = "md5";
+        need_md5_hash;
+        $hash_method = "md5";
     } elsif (substr($chkpass, 0, 5) eq '{SHA}') {
-        need_sha1_crypt;
-        $crypt_method = "sha1";
+        need_sha1_hash;
+        $hash_method = "sha1";
     } elsif (length($chkpass) == 13 && $chkpass ne $testpass) {
-        $crypt_method = "crypt";
+        $hash_method = "crypt";
     } else {
-        $crypt_method = "plain";
+        $hash_method = "plain";
     }
-    print $crypt_method . (cryptpw($testpass, $chkpass) eq $chkpass
-                           ? " password ok\n" : " password mismatch\n");
+    print $hash_method . (hashpw($testpass, $chkpass) eq $chkpass
+                          ? " password ok\n" : " password mismatch\n");
 }
 
 sub dbmc::import {
     while(defined($_ = <STDIN>) and chomp) {
-        ($key,$crypted_pwd,$groups,$comment) = split /:/, $_, 4;
+        ($key,$hashed_pwd,$groups,$comment) = split /:/, $_, 4;
         dbmc->add;
     }
 }
diff --git a/support/htdbm.c b/support/htdbm.c
index 40a3d23293..c2f8f3f01a 100644
--- a/support/htdbm.c
+++ b/support/htdbm.c
@@ -290,13 +290,13 @@ static void htdbm_usage(void)
         "   -n   Don't update database; display results on stdout.\n"
         "   -b   Use the password from the command line rather than prompting for it.\n"
         "   -i   Read password from stdin without verification (for script usage).\n"
-        "   -m   Force MD5 encryption of the password (default).\n"
-        "   -B   Force BCRYPT encryption of the password (very secure).\n"
+        "   -m   Force MD5 hashing of the password (default).\n"
+        "   -B   Force BCRYPT hashing of the password (very secure).\n"
         "   -C   Set the computing time used for the bcrypt algorithm\n"
         "        (higher is more secure but slower, default: %d, valid: 4 to 31).\n"
-        "   -d   Force CRYPT encryption of the password (8 chars max, insecure).\n"
-        "   -s   Force SHA encryption of the password (insecure).\n"
-        "   -p   Do not encrypt the password (plaintext, insecure).\n"
+        "   -d   Force CRYPT hashing of the password (8 chars max, insecure).\n"
+        "   -s   Force SHA hashing of the password (insecure).\n"
+        "   -p   Do not hash the password (plaintext, insecure).\n"
         "   -T   DBM Type (SDBM|GDBM|DB|default).\n"
         "   -l   Display usernames from database on stdout.\n"
         "   -v   Verify the username/password.\n"
diff --git a/support/htpasswd.c b/support/htpasswd.c
index f17d9923e1..2bb6d08247 100644
--- a/support/htpasswd.c
+++ b/support/htpasswd.c
@@ -108,17 +108,17 @@ static void usage(void)
         " -b  Use the password from the command line rather than prompting "
             "for it." NL
         " -i  Read password from stdin without verification (for script usage)." NL
-        " -m  Force MD5 encryption of the password (default)." NL
-        " -2  Force SHA-256 crypt() hash of the password (secure)." NL
-        " -5  Force SHA-512 crypt() hash of the password (secure)." NL
-        " -B  Force bcrypt encryption of the password (very secure)." NL
+        " -m  Force MD5 hashing of the password (default)." NL
+        " -2  Force SHA-256 hashing of the password (secure)." NL
+        " -5  Force SHA-512 hashing of the password (secure)." NL
+        " -B  Force bcrypt hashing of the password (very secure)." NL
         " -C  Set the computing time used for the bcrypt algorithm" NL
         "     (higher is more secure but slower, default: %d, valid: 4 to 17)." NL
         " -r  Set the number of rounds used for the SHA-256, SHA-512 algorithms" NL
         "     (higher is more secure but slower, default: 5000)." NL
-        " -d  Force CRYPT encryption of the password (8 chars max, insecure)." NL
-        " -s  Force SHA-1 encryption of the password (insecure)." NL
-        " -p  Do not encrypt the password (plaintext, insecure)." NL
+        " -d  Force CRYPT hashing of the password (8 chars max, insecure)." NL
+        " -s  Force SHA-1 hashing of the password (insecure)." NL
+        " -p  Do not hash the password (plaintext, insecure)." NL
         " -D  Delete the specified user." NL
         " -v  Verify password for the specified user." NL
         "On other systems than Windows and NetWare the '-p' flag will "
author	Yann Ylavic <ylavic@apache.org>	2020-12-08 14:06:16 +0000
committer	Yann Ylavic <ylavic@apache.org>	2020-12-08 14:06:16 +0000
commit	542f66501b547cc8a03908323e891a31b6f2a6f5 (patch)
tree	35e877a1c3fe66b80e5d3ed3295bb352fb98c2d3 /support
parent	7bb1b3dbd6e7872ca49c9c6f47a35a6114828c45 (diff)
download	httpd-542f66501b547cc8a03908323e891a31b6f2a6f5.tar.gz