Package: apache2
Version: 2.0.53-5
Severity: wishlist
Tags: patch
The attached patch adds a man page and web documentation for the "htdbm"
program from the apache2-utils package. Like the other Apache docs, it
includes an XML source file as well as generated HTML and man pages.
This patch was created against httpd-trunk from SVN and has been
submitted upstream for Apache 2.1, but it also applies to Apache 2.0.53
and is suitable for inclusion in Debian.
Index: docs/man/htdbm.1
===================================================================
--- docs/man/htdbm.1 (revision 0)
+++ docs/man/htdbm.1 (revision 0)
@@ -0,0 +1,169 @@
+.\" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+.\" DO NOT EDIT! Generated from XML source.
+.\" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "HTDBM" 1 "2005-03-12" "Apache HTTP Server" "htdbm"
+
+.SH NAME
+htdbm \- Manipulate DBM password databases
+
+.SH "SYNOPSIS"
+
+.PP
+\fBhtdbm\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBd\fR |
-\fBp\fR | -\fBs\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBx\fR ] \fIfilename\fR
\fIusername\fR
+
+.PP
+\fBhtdbm\fR -\fBb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR |
-\fBd\fR | -\fBp\fR | -\fBs\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR
\fIusername\fR \fIpassword\fR
+
+.PP
+\fBhtdbm\fR -\fBn\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBd\fR | -\fBp\fR | -\fBs\fR
] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR
+
+.PP
+\fBhtdbm\fR -\fBnb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBd\fR | -\fBp\fR | -\fBs\fR
] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR \fIpassword\fR
+
+.PP
+\fBhtdbm\fR -\fBv\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR |
-\fBd\fR | -\fBp\fR | -\fBs\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR
\fIusername\fR
+
+.PP
+\fBhtdbm\fR -\fBvb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR |
-\fBd\fR | -\fBp\fR | -\fBs\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR
\fIusername\fR \fIpassword\fR
+
+.PP
+\fBhtdbm\fR -\fBx\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBm\fR | -\fBd\fR | -\fBp\fR
| -\fBs\fR ] \fIfilename\fR \fIusername\fR
+
+.PP
+\fBhtdbm\fR -\fBl\fR [ -\fBT\fR\fIDBTYPE\fR ]
+
+
+.SH "SUMMARY"
+
+.PP
+htdbm is used to manipulate the DBM format files used to store usernames and
password for basic authentication of HTTP users via mod_auth_dbm\&. See the
dbmmanage documentation for more information about these DBM files\&.
+
+
+.SH "OPTIONS"
+
+
+.TP
+-b
+Use batch mode; \fIi\&.e\&.\fR, get the password from the command line rather
than prompting for it\&. This option should be used with extreme care, since
\fBthe password is clearly visible\fR on the command line\&.
+.TP
+-c
+Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is
rewritten and truncated\&. This option cannot be combined with the -n option\&.
+.TP
+-n
+Display the results on standard output rather than updating a database\&. This
option changes the syntax of the command line, since the \fIpasswdfile\fR
argument (usually the first one) is omitted\&. It cannot be combined with the
-c option\&.
+.TP
+-m
+Use MD5 encryption for passwords\&. On Windows, Netware and TPF, this is the
default\&.
+.TP
+-d
+Use crypt() encryption for passwords\&. The default on all platforms but
Windows, Netware and TPF\&. Though possibly supported by htdbm on all
platforms, it is not supported by the httpd server on Windows, Netware and
TPF\&.
+.TP
+-s
+Use SHA encryption for passwords\&. Facilitates migration from/to Netscape
servers using the LDAP Directory Interchange Format (ldif)\&.
+.TP
+-p
+Use plaintext passwords\&. Though htdbm will support creation on all
platforms, the httpd daemon will only accept plain text passwords on Windows,
Netware and TPF\&.
+.TP
+-l
+Print each of the usernames and comments from the database on stdout\&.
+.TP
+-t
+Interpret the final parameter as a comment\&. When this option is specified,
an additional string can be appended to the command line; this string will be
stored in the "Comment" field of the database, associated with the specified
username\&.
+.TP
+-v
+Verify the username and password\&. The program will print a message
indicating whether the supplied password is valid\&. If the password is
invalid, the program exits with error code 3\&.
+.TP
+-x
+Delete user\&. If the username exists in the specified DBM file, it will be
deleted\&.
+.TP
+\fIfilename\fR
+The filename of the DBM format file\&. Usually without the extension \&.db,
\&.pag, or \&.dir\&. If -c is given, the DBM file is created if it does not
already exist, or updated if it does exist\&.
+.TP
+\fIusername\fR
+The username to create or update in \fIpasswdfile\fR\&. If \fIusername\fR does
not exist in this file, an entry is added\&. If it does exist, the password is
changed\&.
+.TP
+\fIpassword\fR
+The plaintext password to be encrypted and stored in the DBM file\&. Used only
with the -b flag\&.
+.TP
+-T\fIDBTYPE\fR
+Type of DBM file (SDBM, GDBM, DB, or "default")\&.
+
+.SH "BUGS"
+
+.PP
+One should be aware that there are a number of different DBM file formats in
existence, and with all likelihood, libraries for more than one format may
exist on your system\&. The three primary examples are SDBM, NDBM, the GNU
project's GDBM, and Berkeley DB 2\&. Unfortunately, all these libraries use
different file formats, and you must make sure that the file format used by
\fIfilename\fR is the same format that htdbm expects to see\&. htdbm currently
has no way of determining what type of DBM file it is looking at\&. If used
against the wrong format, will simply return nothing, or may create a different
DBM file with a different name, or at worst, it may corrupt the DBM file if you
were attempting to write to it\&.
+
+.PP
+One can usually use the file program supplied with most Unix systems to see
what format a DBM file is in\&.
+
+.SH "EXIT STATUS"
+
+.PP
+htdbm returns a zero status ("true") if the username and password have been
successfully added or updated in the DBM File\&. htdbm returns 1 if it
encounters some problem accessing files, 2 if there was a syntax problem with
the command line, 3 if the password was entered interactively and the
verification entry didn't match, 4 if its operation was interrupted, 5 if a
value is too long (username, filename, password, or final computed record), 6
if the username contains illegal characters (see the Restrictions section), and
7 if the file is not a valid DBM password file\&.
+
+.SH "EXAMPLES"
+
+.nf
+
+ htdbm /usr/local/etc/apache/\&.htdbm-users jsmith
+
+.fi
+
+.PP
+Adds or modifies the password for user jsmith\&. The user is prompted for the
password\&. If executed on a Windows system, the password will be encrypted
using the modified Apache MD5 algorithm; otherwise, the system's crypt()
routine will be used\&. If the file does not exist, htdbm will do nothing
except return an error\&.
+
+.nf
+
+ htdbm -c /home/doe/public_html/\&.htdbm jane
+
+.fi
+
+.PP
+Creates a new file and stores a record in it for user jane\&. The user is
prompted for the password\&. If the file exists and cannot be read, or cannot
be written, it is not altered and htdbm will display a message and return an
error status\&.
+
+.nf
+
+ htdbm -mb /usr/web/\&.htdbm-all jones Pwd4Steve
+
+.fi
+
+.PP
+Encrypts the password from the command line (Pwd4Steve) using the MD5
algorithm, and stores it in the specified file\&.
+
+.SH "SECURITY CONSIDERATIONS"
+
+.PP
+Web password files such as those managed by htdbm should \fInot\fR be within
the Web server's URI space -- that is, they should not be fetchable with a
browser\&.
+
+.PP
+The use of the -b option is discouraged, since when it is used the unencrypted
password appears on the command line\&.
+
+.SH "RESTRICTIONS"
+
+.PP
+On the Windows and MPE platforms, passwords encrypted with htdbm are limited
to no more than 255 characters in length\&. Longer passwords will be truncated
to 255 characters\&.
+
+.PP
+The MD5 algorithm used by htdbm is specific to the Apache software; passwords
encrypted using it will not be usable with other Web servers\&.
+
+.PP
+Usernames are limited to 255 bytes and may not include the character :\&.
+
Index: docs/manual/programs/configure.html.en
===================================================================
--- docs/manual/programs/configure.html.en (revision 157179)
+++ docs/manual/programs/configure.html.en (working copy)
@@ -831,7 +831,6 @@
<dt><code>--enable-static-checkgid</code></dt>
<dd>Build a statically linked version of <code>checkgid</code>.</dd>
-
<dt><code>--enable-static-htdbm</code></dt>
<dd>Build a statically linked version of <code>htdbm</code>.</dd>
Index: docs/manual/programs/htdbm.html.en
===================================================================
--- docs/manual/programs/htdbm.html.en (revision 0)
+++ docs/manual/programs/htdbm.html.en (revision 0)
@@ -0,0 +1,281 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml"; lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ -->
+<title>htdbm - Manipulate DBM password databases - Apache HTTP Server</title>
+<link href="../style/css/manual.css" rel="stylesheet" media="all"
type="text/css" title="Main stylesheet" />
+<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet"
media="all" type="text/css" title="No Sidebar - Default font size" />
+<link href="../style/css/manual-print.css" rel="stylesheet" media="print"
type="text/css" />
+<link href="../images/favicon.ico" rel="shortcut icon" /></head>
+<body id="manual-page"><div id="page-header">
+<p class="menu"><a href="../mod/">Modules</a> | <a
href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a
href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
+<p class="apache">Apache HTTP Server Version 2.1</p>
+<img alt="" src="../images/feather.gif" /></div>
+<div class="up"><a href="./"><img title="<-" alt="<-"
src="../images/left.gif" /></a></div>
+<div id="path">
+<a href="http://www.apache.org/";>Apache</a> > <a
href="http://httpd.apache.org/";>HTTP Server</a> > <a
href="http://httpd.apache.org/docs-project/";>Documentation</a> > <a
href="../">Version 2.1</a> > <a href="./">Programs</a></div><div
id="page-content"><div id="preamble"><h1>htdbm - Manipulate DBM password
databases</h1>
+<div class="toplang">
+<p><span>Available Languages: </span><a href="../en/programs/htdbm.html"
title="English"> en </a></p>
+</div>
+
+ <p><code>htdbm</code> is used to manipulate the DBM format files used to
+ store usernames and password for basic authentication of HTTP users via
+ <code class="module"><a
href="../mod/mod_auth_dbm.html">mod_auth_dbm</a></code>. See the <code
class="program"><a href="../programs/dbmmanage.html">dbmmanage</a></code>
+ documentation for more information about these DBM files.</p>
+</div>
+<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" />
<a href="#synopsis">Synopsis</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#options">Options</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#bugs">Bugs</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#exit">Exit
Status</a></li>
+<li><img alt="" src="../images/down.gif" /> <a
href="#examples">Examples</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#security">Security
Considerations</a></li>
+<li><img alt="" src="../images/down.gif" /> <a
href="#restrictions">Restrictions</a></li>
+</ul><h3>See also</h3><ul class="seealso"><li><code class="program"><a
href="../programs/httpd.html">httpd</a></code></li><li><code class="program"><a
href="../programs/dbmmanage.html">dbmmanage</a></code></li><li><code
class="module"><a
href="../mod/mod_auth_dbm.html">mod_auth_dbm</a></code></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
+<div class="section">
+<h2><a name="synopsis" id="synopsis">Synopsis</a></h2>
+ <p><code><strong>htdbm</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ [ -<strong>x</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>b</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>n</strong>
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>nb</strong>
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>v</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>vb</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>x</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>l</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ </code></p>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="options" id="options">Options</a></h2>
+ <dl>
+ <dt><code>-b</code></dt>
+ <dd>Use batch mode; <em>i.e.</em>, get the password from the command line
+ rather than prompting for it. This option should be used with extreme care,
+ since <strong>the password is clearly visible</strong> on the command
+ line.</dd>
+
+ <dt><code>-c</code></dt>
+ <dd>Create the <var>passwdfile</var>. If <var>passwdfile</var> already
+ exists, it is rewritten and truncated. This option cannot be combined with
+ the <code>-n</code> option.</dd>
+
+ <dt><code>-n</code></dt>
+ <dd>Display the results on standard output rather than updating a
+ database. This option changes the syntax of the command line, since the
+ <var>passwdfile</var> argument (usually the first one) is omitted. It
+ cannot be combined with the <code>-c</code> option.</dd>
+
+ <dt><code>-m</code></dt>
+ <dd>Use MD5 encryption for passwords. On Windows, Netware and TPF, this is
+ the default.</dd>
+
+ <dt><code>-d</code></dt>
+ <dd>Use <code>crypt()</code> encryption for passwords. The default on all
+ platforms but Windows, Netware and TPF. Though possibly supported by
+ <code>htdbm</code> on all platforms, it is not supported by the
+ <code class="program"><a href="../programs/httpd.html">httpd</a></code>
server on Windows, Netware and TPF.</dd>
+
+ <dt><code>-s</code></dt>
+ <dd>Use SHA encryption for passwords. Facilitates migration from/to
Netscape
+ servers using the LDAP Directory Interchange Format (ldif).</dd>
+
+ <dt><code>-p</code></dt>
+ <dd>Use plaintext passwords. Though <code>htdbm</code> will support
+ creation on all platforms, the <code class="program"><a
href="../programs/httpd.html">httpd</a></code> daemon will
+ only accept plain text passwords on Windows, Netware and TPF.</dd>
+
+ <dt><code>-l</code></dt>
+ <dd>Print each of the usernames and comments from the database on
+ stdout.</dd>
+
+ <dt><code>-t</code></dt>
+ <dd>Interpret the final parameter as a comment. When this option is
+ specified, an additional string can be appended to the command line; this
+ string will be stored in the "Comment" field of the database, associated
+ with the specified username.</dd>
+
+ <dt><code>-v</code></dt>
+ <dd>Verify the username and password. The program will print a message
+ indicating whether the supplied password is valid. If the password is
+ invalid, the program exits with error code 3.</dd>
+
+ <dt><code>-x</code></dt>
+ <dd>Delete user. If the username exists in the specified DBM file, it
+ will be deleted.</dd>
+
+ <dt><code><var>filename</var></code></dt>
+ <dd>The filename of the DBM format file. Usually without the extension
+ <code>.db</code>, <code>.pag</code>, or <code>.dir</code>. If
+ <code>-c</code> is given, the DBM file is created if it does not already
+ exist, or updated if it does exist.</dd>
+
+ <dt><code><var>username</var></code></dt>
+ <dd>The username to create or update in <var>passwdfile</var>. If
+ <var>username</var> does not exist in this file, an entry is added. If it
+ does exist, the password is changed.</dd>
+
+ <dt><code><var>password</var></code></dt>
+ <dd>The plaintext password to be encrypted and stored in the DBM file.
+ Used only with the <code>-b</code> flag.</dd>
+
+ <dt><code>-T<var>DBTYPE</var></code></dt>
+ <dd>Type of DBM file (SDBM, GDBM, DB, or "default").</dd>
+ </dl>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="bugs" id="bugs">Bugs</a></h2>
+ <p>One should be aware that there are a number of different DBM file
+ formats in existence, and with all likelihood, libraries for more than one
+ format may exist on your system. The three primary examples are SDBM,
+ NDBM, the GNU project's GDBM, and Berkeley DB 2. Unfortunately, all these
+ libraries use different file formats, and you must make sure that the file
+ format used by <var>filename</var> is the same format that
+ <code>htdbm</code> expects to see. <code>htdbm</code> currently
+ has no way of determining what type of DBM file it is looking at. If used
+ against the wrong format, will simply return nothing, or may create a
+ different DBM file with a different name, or at worst, it may corrupt the
+ DBM file if you were attempting to write to it.</p>
+
+ <p>One can usually use the <code>file</code> program supplied with most
+ Unix systems to see what format a DBM file is in.</p>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="exit" id="exit">Exit Status</a></h2>
+ <p><code>htdbm</code> returns a zero status ("true") if the username and
+ password have been successfully added or updated in the DBM File.
+ <code>htdbm</code> returns <code>1</code> if it encounters some problem
+ accessing files, <code>2</code> if there was a syntax problem with the
+ command line, <code>3</code> if the password was entered interactively and
+ the verification entry didn't match, <code>4</code> if its operation was
+ interrupted, <code>5</code> if a value is too long (username, filename,
+ password, or final computed record), <code>6</code> if the username
+ contains illegal characters (see the <a href="#restrictions">Restrictions
+ section</a>), and <code>7</code> if the file is not a valid DBM password
+ file.</p>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+ <div class="example"><p><code>
+ htdbm /usr/local/etc/apache/.htdbm-users jsmith
+ </code></p></div>
+
+ <p>Adds or modifies the password for user <code>jsmith</code>. The user
+ is prompted for the password. If executed on a Windows system, the password
+ will be encrypted using the modified Apache MD5 algorithm; otherwise, the
+ system's <code>crypt()</code> routine will be used. If the file does not
+ exist, <code>htdbm</code> will do nothing except return an error.</p>
+
+ <div class="example"><p><code>
+ htdbm -c /home/doe/public_html/.htdbm jane
+ </code></p></div>
+
+ <p>Creates a new file and stores a record in it for user <code>jane</code>.
+ The user is prompted for the password. If the file exists and cannot be
+ read, or cannot be written, it is not altered and <code>htdbm</code>
+ will display a message and return an error status.</p>
+
+ <div class="example"><p><code>
+ htdbm -mb /usr/web/.htdbm-all jones Pwd4Steve
+ </code></p></div>
+
+ <p>Encrypts the password from the command line (<code>Pwd4Steve</code>)
+ using the MD5 algorithm, and stores it in the specified file.</p>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="security" id="security">Security Considerations</a></h2>
+ <p>Web password files such as those managed by <code>htdbm</code> should
+ <em>not</em> be within the Web server's URI space -- that is, they should
+ not be fetchable with a browser.</p>
+
+ <p>The use of the <code>-b</code> option is discouraged, since when it is
+ used the unencrypted password appears on the command line.</p>
+</div><div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="restrictions" id="restrictions">Restrictions</a></h2>
+ <p>On the Windows and MPE platforms, passwords encrypted with
+ <code>htdbm</code> are limited to no more than <code>255</code>
+ characters in length. Longer passwords will be truncated to 255
+ characters.</p>
+
+ <p>The MD5 algorithm used by <code>htdbm</code> is specific to the Apache
+ software; passwords encrypted using it will not be usable with other Web
+ servers.</p>
+
+ <p>Usernames are limited to <code>255</code> bytes and may not include the
+ character <code>:</code>.</p>
+</div></div>
+<div class="bottomlang">
+<p><span>Available Languages: </span><a href="../en/programs/htdbm.html"
title="English"> en </a></p>
+</div><div id="footer">
+<p class="apache">Copyright 1995-2005 The Apache Software Foundation or its
licensors, as applicable.<br />Licensed under the <a
href="http://www.apache.org/licenses/LICENSE-2.0";>Apache License, Version
2.0</a>.</p>
+<p class="menu"><a href="../mod/">Modules</a> | <a
href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a
href="../glossary.html">Glossary</a> | <a
href="../sitemap.html">Sitemap</a></p></div>
+</body></html>
\ No newline at end of file
Index: docs/manual/programs/configure.xml
===================================================================
--- docs/manual/programs/configure.xml (revision 157179)
+++ docs/manual/programs/configure.xml (working copy)
@@ -842,7 +842,6 @@
<dt><code>--enable-static-checkgid</code></dt>
<dd>Build a statically linked version of <code>checkgid</code>.</dd>
- <!-- missing documentation for htdbm -->
<dt><code>--enable-static-htdbm</code></dt>
<dd>Build a statically linked version of <code>htdbm</code>.</dd>
Index: docs/manual/programs/htdbm.xml
===================================================================
--- docs/manual/programs/htdbm.xml (revision 0)
+++ docs/manual/programs/htdbm.xml (revision 0)
@@ -0,0 +1,276 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<!-- $LastChangedRevision: 151405 $ -->
+
+<!--
+ Copyright 2003-2005 The Apache Software Foundation or its licensors, as
+ applicable.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<manualpage metafile="htdbm.xml.meta">
+<parentdocument href="./">Programs</parentdocument>
+
+<title>htdbm - Manipulate DBM password databases</title>
+
+<summary>
+ <p><code>htdbm</code> is used to manipulate the DBM format files used to
+ store usernames and password for basic authentication of HTTP users via
+ <module>mod_auth_dbm</module>. See the <program>dbmmanage</program>
+ documentation for more information about these DBM files.</p>
+</summary>
+<seealso><program>httpd</program></seealso>
+<seealso><program>dbmmanage</program></seealso>
+<seealso><module>mod_auth_dbm</module></seealso>
+
+<section id="synopsis"><title>Synopsis</title>
+ <p><code><strong>htdbm</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ [ -<strong>x</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>b</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>n</strong>
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>nb</strong>
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>v</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>vb</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>c</strong> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ [ -<strong>t</strong> ]
+ [ -<strong>v</strong> ]
+ <var>filename</var> <var>username</var> <var>password</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>x</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ [ -<strong>m</strong> |
+ -<strong>d</strong> |
+ -<strong>p</strong> |
+ -<strong>s</strong> ]
+ <var>filename</var> <var>username</var></code></p>
+
+ <p><code><strong>htdbm</strong> -<strong>l</strong>
+ [ -<strong>T</strong><var>DBTYPE</var> ]
+ </code></p>
+</section>
+
+<section id="options"><title>Options</title>
+ <dl>
+ <dt><code>-b</code></dt>
+ <dd>Use batch mode; <em>i.e.</em>, get the password from the command line
+ rather than prompting for it. This option should be used with extreme care,
+ since <strong>the password is clearly visible</strong> on the command
+ line.</dd>
+
+ <dt><code>-c</code></dt>
+ <dd>Create the <var>passwdfile</var>. If <var>passwdfile</var> already
+ exists, it is rewritten and truncated. This option cannot be combined with
+ the <code>-n</code> option.</dd>
+
+ <dt><code>-n</code></dt>
+ <dd>Display the results on standard output rather than updating a
+ database. This option changes the syntax of the command line, since the
+ <var>passwdfile</var> argument (usually the first one) is omitted. It
+ cannot be combined with the <code>-c</code> option.</dd>
+
+ <dt><code>-m</code></dt>
+ <dd>Use MD5 encryption for passwords. On Windows, Netware and TPF, this is
+ the default.</dd>
+
+ <dt><code>-d</code></dt>
+ <dd>Use <code>crypt()</code> encryption for passwords. The default on all
+ platforms but Windows, Netware and TPF. Though possibly supported by
+ <code>htdbm</code> on all platforms, it is not supported by the
+ <program>httpd</program> server on Windows, Netware and TPF.</dd>
+
+ <dt><code>-s</code></dt>
+ <dd>Use SHA encryption for passwords. Facilitates migration from/to
Netscape
+ servers using the LDAP Directory Interchange Format (ldif).</dd>
+
+ <dt><code>-p</code></dt>
+ <dd>Use plaintext passwords. Though <code>htdbm</code> will support
+ creation on all platforms, the <program>httpd</program> daemon will
+ only accept plain text passwords on Windows, Netware and TPF.</dd>
+
+ <dt><code>-l</code></dt>
+ <dd>Print each of the usernames and comments from the database on
+ stdout.</dd>
+
+ <dt><code>-t</code></dt>
+ <dd>Interpret the final parameter as a comment. When this option is
+ specified, an additional string can be appended to the command line; this
+ string will be stored in the "Comment" field of the database, associated
+ with the specified username.</dd>
+
+ <dt><code>-v</code></dt>
+ <dd>Verify the username and password. The program will print a message
+ indicating whether the supplied password is valid. If the password is
+ invalid, the program exits with error code 3.</dd>
+
+ <dt><code>-x</code></dt>
+ <dd>Delete user. If the username exists in the specified DBM file, it
+ will be deleted.</dd>
+
+ <dt><code><var>filename</var></code></dt>
+ <dd>The filename of the DBM format file. Usually without the extension
+ <code>.db</code>, <code>.pag</code>, or <code>.dir</code>. If
+ <code>-c</code> is given, the DBM file is created if it does not already
+ exist, or updated if it does exist.</dd>
+
+ <dt><code><var>username</var></code></dt>
+ <dd>The username to create or update in <var>passwdfile</var>. If
+ <var>username</var> does not exist in this file, an entry is added. If it
+ does exist, the password is changed.</dd>
+
+ <dt><code><var>password</var></code></dt>
+ <dd>The plaintext password to be encrypted and stored in the DBM file.
+ Used only with the <code>-b</code> flag.</dd>
+
+ <dt><code>-T<var>DBTYPE</var></code></dt>
+ <dd>Type of DBM file (SDBM, GDBM, DB, or "default").</dd>
+ </dl>
+</section>
+
+<section id="bugs"><title>Bugs</title>
+ <p>One should be aware that there are a number of different DBM file
+ formats in existence, and with all likelihood, libraries for more than one
+ format may exist on your system. The three primary examples are SDBM,
+ NDBM, the GNU project's GDBM, and Berkeley DB 2. Unfortunately, all these
+ libraries use different file formats, and you must make sure that the file
+ format used by <var>filename</var> is the same format that
+ <code>htdbm</code> expects to see. <code>htdbm</code> currently
+ has no way of determining what type of DBM file it is looking at. If used
+ against the wrong format, will simply return nothing, or may create a
+ different DBM file with a different name, or at worst, it may corrupt the
+ DBM file if you were attempting to write to it.</p>
+
+ <p>One can usually use the <code>file</code> program supplied with most
+ Unix systems to see what format a DBM file is in.</p>
+</section>
+
+<section id="exit"><title>Exit Status</title>
+ <p><code>htdbm</code> returns a zero status ("true") if the username and
+ password have been successfully added or updated in the DBM File.
+ <code>htdbm</code> returns <code>1</code> if it encounters some problem
+ accessing files, <code>2</code> if there was a syntax problem with the
+ command line, <code>3</code> if the password was entered interactively and
+ the verification entry didn't match, <code>4</code> if its operation was
+ interrupted, <code>5</code> if a value is too long (username, filename,
+ password, or final computed record), <code>6</code> if the username
+ contains illegal characters (see the <a href="#restrictions">Restrictions
+ section</a>), and <code>7</code> if the file is not a valid DBM password
+ file.</p>
+</section>
+
+<section id="examples"><title>Examples</title>
+ <example>
+ htdbm /usr/local/etc/apache/.htdbm-users jsmith
+ </example>
+
+ <p>Adds or modifies the password for user <code>jsmith</code>. The user
+ is prompted for the password. If executed on a Windows system, the password
+ will be encrypted using the modified Apache MD5 algorithm; otherwise, the
+ system's <code>crypt()</code> routine will be used. If the file does not
+ exist, <code>htdbm</code> will do nothing except return an error.</p>
+
+ <example>
+ htdbm -c /home/doe/public_html/.htdbm jane
+ </example>
+
+ <p>Creates a new file and stores a record in it for user <code>jane</code>.
+ The user is prompted for the password. If the file exists and cannot be
+ read, or cannot be written, it is not altered and <code>htdbm</code>
+ will display a message and return an error status.</p>
+
+ <example>
+ htdbm -mb /usr/web/.htdbm-all jones Pwd4Steve
+ </example>
+
+ <p>Encrypts the password from the command line (<code>Pwd4Steve</code>)
+ using the MD5 algorithm, and stores it in the specified file.</p>
+</section>
+
+<section id="security"><title>Security Considerations</title>
+ <p>Web password files such as those managed by <code>htdbm</code> should
+ <em>not</em> be within the Web server's URI space -- that is, they should
+ not be fetchable with a browser.</p>
+
+ <p>The use of the <code>-b</code> option is discouraged, since when it is
+ used the unencrypted password appears on the command line.</p>
+</section>
+
+<section id="restrictions"><title>Restrictions</title>
+ <p>On the Windows and MPE platforms, passwords encrypted with
+ <code>htdbm</code> are limited to no more than <code>255</code>
+ characters in length. Longer passwords will be truncated to 255
+ characters.</p>
+
+ <p>The MD5 algorithm used by <code>htdbm</code> is specific to the Apache
+ software; passwords encrypted using it will not be usable with other Web
+ servers.</p>
+
+ <p>Usernames are limited to <code>255</code> bytes and may not include the
+ character <code>:</code>.</p>
+</section>
+
+</manualpage>
Index: docs/manual/programs/htdbm.html
===================================================================
--- docs/manual/programs/htdbm.html (revision 0)
+++ docs/manual/programs/htdbm.html (revision 0)
@@ -0,0 +1,3 @@
+URI: htdbm.html.en
+Content-Language: en
+Content-type: text/html; charset=ISO-8859-1
Index: docs/manual/programs/index.html.en
===================================================================
--- docs/manual/programs/index.html.en (revision 157179)
+++ docs/manual/programs/index.html.en (working copy)
@@ -64,6 +64,10 @@
<dd>Create and update user authentication files for digest
authentication</dd>
+ <dt><code class="program"><a
href="../programs/htdbm.html">htdbm</a></code></dt>
+
+ <dd>Manipulate DBM password databases.</dd>
+
<dt><code class="program"><a
href="../programs/htpasswd.html">htpasswd</a></code></dt>
<dd>Create and update user authentication files for basic
Index: docs/manual/programs/index.xml
===================================================================
--- docs/manual/programs/index.xml (revision 157179)
+++ docs/manual/programs/index.xml (working copy)
@@ -66,6 +66,10 @@
<dd>Create and update user authentication files for digest
authentication</dd>
+ <dt><program>htdbm</program></dt>
+
+ <dd>Manipulate DBM password databases.</dd>
+
<dt><program>htpasswd</program></dt>
<dd>Create and update user authentication files for basic
Index: docs/manual/programs/htdbm.xml.meta
===================================================================
--- docs/manual/programs/htdbm.xml.meta (revision 0)
+++ docs/manual/programs/htdbm.xml.meta (revision 0)
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<metafile>
+ <basename>htdbm</basename>
+ <path>/programs/</path>
+ <relpath>..</relpath>
+
+ <variants>
+ <variant>en</variant>
+ </variants>
+</metafile>
