#!/usr/bin/env python #################### __doc__="""\ This script expects a mandatory plain passwd, and an optional MD5-encoded passwd If both are provided, we check that they match Otherwise we return an encrypted passwd """ __author__="Thierry Parmentelat, INRIA Sophia Antipolis" #################### import getopt import sys import re from crypt import crypt import random import string #################### md5 passwds syntax magic='$1$' re_magic='\$1\$' # $ needs \ in regular expression #################### def usage(): print "Usage: %s plain [encrypted]"%sys.argv[0] print __doc__ #################### #################### def getsalt(chars = string.letters + string.digits): # generate a random 8-character 'salt' return (random.choice(chars) + random.choice(chars) + random.choice(chars) + random.choice(chars) + random.choice(chars) + random.choice(chars) + random.choice(chars) + random.choice(chars)) ########## # returns a string def compute_encrypted (plain): return crypt(plain,magic+getsalt()+'$') #################### #################### # returns a boolean def check_encrypted (plain,passwd): no_dollar="[^\$]+" re_passwd=(re_magic +"(%s)"%no_dollar +'\$' + "(%s)"%no_dollar) # print "in="+passwd # print "re="+re_passwd m_passwd=re.compile(re_passwd) r=m_passwd.match(passwd) if not r: print 'passwd wrong syntax %s'%passwd ok= False else: salt=r.group(1) checked=crypt(plain,magic+salt+'$') ok = (checked==passwd) return ok #################### def main (): (opts, argv) = getopt.getopt(sys.argv[1:], "h") for (opt, optval) in opts: if opt == '-h': usage() return 1 args=len(argv) if args==1: [plain]=argv try: encrypted=compute_encrypted(plain) print encrypted return 0 except: return 1 elif args==2: [plain,passwd]=argv try: ok = check_encrypted (plain,passwd) if ok: return 0 else: return 1 except: return 1 else: usage() return 1 print "END should not occur" #################### if __name__ == '__main__': sys.exit(main())