From 490dcdac4ac398fea79a9c6212a65beaef4008af Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sat, 21 May 2016 14:41:48 +0100
Subject: [PATCH] blog password hash
---
man/freedombone-sec.1.gz | Bin 727 -> 778 bytes
src/freedombone-sec | 24 ++++++++++++++++++++++++
2 files changed, 24 insertions(+)
diff --git a/man/freedombone-sec.1.gz b/man/freedombone-sec.1.gz
index 4399ee90c0a7d39f84e75c51f95d4553a53c1b5d..ae48ed4402e0e8dd90ab7f544b9a2fe7df6e3794 100644
GIT binary patch
literal 778
zcmV+l1NHnLiwFQ4Wk6Q|1C>-=kJ?BOeD|+t`6W-7?4C|aP;@$z5Ljhd(As3B<W8rt
zr?KZ4&sg)p$G=a{V3f^@ND1NrwX3_Ts|#o40=5Q`>#ouYM;2?if%Nqae8dWFU*G(h
zLQ3C{-!ZVUXkJ-ZGUb^}lO!t^kUr$gS(>~Y_0I@$>Ck{{5vbsea3}iVoKTGgt>S}c
z!-r`fX2tu*yLEZDdPtM9#Uz`)l$q4J>zLxu8@(4CEika6>m|a0oxo{e{C{uVSA
zf4-GHS%+N)h3|W9k=mF8t2>0A87FElnSuJ$x3rD0uv7Y=0!xKZF%Ch=Nqgc}E|d*+
zdXFGn24zcl?}Q8jn3VcpBa~2FpLq_#wc0ySq=)2%M?!Hydy&QR1XOh(wTrqfk|O31
zwnC!K2FvaqiZZ{y&(EISZ6ig?_81M|SP7<Rm3qgTSW*#CQ!%(SNfMwB?{^K1#B;Cz
zJ7&jYM*T^$G9;g_shAUcBw3dUoV<{lTnJQ>q>=5l<``WO$~syiSaBw?p4Mi)8#U;_
z_nh#tekolV8rqo)CUpaq7m|<AT2ziI5gs1bGMuh;uD6r%m@2KWG784HVzxE)_}Lz@
zr{?go)Uh32C<iMyMLwr6C#62`dnG<GS;n99J0x-N@MTVuWnc(6g*C0f%n9n2sU}30
z{IMvpc95=iDH${z?h+#kv^MUFfUVITwQCphSZlQvji*ou`b&jaT-O4l(J=7qxg}y1
z>+s)rUGXD19wRnL$D^=;_==M7Px~DO!_+GZqWSB*D4tf2A7GIei&=3#gF)xb+3c1s
z3wtI#<zG`Ep$Y-%nY9OPesTk14XD`q^#Z*RPB(L6dBmuy^0X0i;eGQ<sTvDwJ=$SZ
zz9|>0$26Jh3YOYA!#a3Z>FRHzD^2eZoB3Vl^j}F<nPfd*kLT<81ZMf$H@CAt-o)xu
zxGsdG!3j*4quct)x7~FAnQzUaz1Lq#Zu|GUPbf-lHfW3c*!6_fBnl?IKXN7C0Ctz1
IuHpp%0QozCDF6Tf
literal 727
zcmV;|0x10-iwFR}3}03N1C>+JZreBzeCJmz^wKBGO^O0Nqd1(MrcQ8i9K>=1++9&n
z;#y)Ykpj7N?7zPyE#uO_1$u@ajOFak>~NSDH?VPt%66qSIPzG*1!Qk8;4_wR`S#*{
z1{r^!|HHuAqkH3FAx)5NCPcovf$V;|xX#4uQU8o!+7ddT27wE~X*%#9B5i69)}(_M
z!-r{~u2)x&w-3eb@;(zqgCd{3mMJRRb<!y4o!x1L9wd0(^)14)JOEjc>U;3?GwKcF
zUvA|Op0LYd75d(K<Tgp*ZHLfHN4g5FbWk1ohPTlkw#Gi2$WkJdQbAO5uz|S^#j?ZB
z?hrKPP&AAWq}wP!wyk~k3CbvCk37$s8XE`<>tT8ENE@YjFSfWn09OfGOG&p!RwM~w
zqg(X(VA<{cs+iv0O^=@4ZW2W!cbE)NSZZl_m1-;NR5A%raWT3y5d!$9`fUv({nG1i
z`+UF8xnGE-WBGiWMv~qk%Q{U^>_uzYg-F%1G`7963X?0^c;Y3Z6-N>ucx~C!s78X&
zE5@h#sdQ?nd1s|%YilTjZq*3AM?+jm@OWIc@#-3)-cQD3t~8;{IT+(o`o>k`7ki|h
zO2O+=C%1T_9IRZgrgILnDC}|HGx15ua^aZYA&G;BuX8FEks;y?R=k3A2dElp>KIw}
z$772XLAKmxY|wCVrx<adt)nvnHqLh3ZYk!mvSy>}z@gCmq+%@2Yk|>d82I<GC1H*1
z@N2qV{UbT<6E;f6z4np#jFR}${*QuT>KO&e{MmZG%ETikP#Ks&Qhffubjf4weLz2q
zny!nR<zpshwuFTxa<YSur7iz(wzT}DeIB+s+22K8I`J@n7|$Q(6S$uK_TlpS-G@}2
zY3kyg)i{CKVsu$Og{GVBzNn46Y3}S_h4TH?_D|G>b!+siyVUiB<s=Day+3k^e*xy=
Jit}*=0001ectijI
diff --git a/src/freedombone-sec b/src/freedombone-sec
index 145f27a15..b10629ac2 100755
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@@ -959,6 +959,23 @@ function monkeysphere_sign_server_keys {
exit 0
}
+function blog_hash {
+ # produces a hash corresponding to a blog password
+ pass="$1"
+ BLOGHASH_FILENAME=/usr/bin/bloghash
+
+ echo '<?php' > $BLOGHASH_FILENAME
+ echo 'parse_str(implode("&", array_slice($argv, 1)), $_GET);' >> $BLOGHASH_FILENAME
+ echo '$password = $_GET["password"];' >> $BLOGHASH_FILENAME
+ echo '$hash = password_hash($password, PASSWORD_BCRYPT);' >> $BLOGHASH_FILENAME
+ echo 'if (password_verify($password, $hash)) {' >> $BLOGHASH_FILENAME
+ echo ' echo $hash;' >> $BLOGHASH_FILENAME
+ echo '}' >> $BLOGHASH_FILENAME
+ echo '?>' >> $BLOGHASH_FILENAME
+
+ php $BLOGHASH_FILENAME password="$pass"
+}
+
function show_help {
echo ''
echo "${PROJECT_NAME}-sec"
@@ -972,6 +989,7 @@ function show_help {
echo $' -r --refresh Refresh GPG keys for all users'
echo $' -s --sign Sign monkeysphere server keys'
echo $' --register [domain] Register a https domain with monkeysphere'
+ echo $' -b --bloghash [password] Returns the hash of a password for the blog'
echo ''
exit 0
}
@@ -1011,6 +1029,12 @@ case $key in
shift
monkeysphere_sign_server_keys
;;
+ # get a hash of the given blog password
+ -b|--bloghash)
+ shift
+ blog_hash "$1"
+ exit 0
+ ;;
*)
# unknown option
;;
--
GitLab