Document the new -x flag in one useful location and make it a bit better at

argument checking to avoid ugly (even though harmless) segfaults. Also skip
any md5: prefix that may be present when checking hashes.

2 files changed, 6 insertions, 5 deletions

diff --git a/bitlbee.conf b/bitlbee.conf
index 5fce2820..4a3bbddf 100644
--- a/bitlbee.conf
+++ b/bitlbee.conf
@@ -54,9 +54,8 @@
 ## AuthPassword
 ##
 ## Password the user should enter when logging into a closed BitlBee server.
-## You can also have an MD5-encrypted password here. Format: "md5:", followed
-## by a hash as generated for the <user password=""> attribute in a BitlBee
-## XML file (for now there's no easier way to generate the hash).
+## You can also have a BitlBee-style MD5 hash here. Format: "md5:", followed
+## by a hash as generated by "bitlbee -x hash <password>".
 ##
 # AuthPassword = ItllBeBitlBee   ## Heh.. Our slogan. ;-)
 ## or
diff --git a/unix.c b/unix.c
index 00bea6c8..7088d0f8 100644
--- a/unix.c
+++ b/unix.c
@@ -172,7 +172,8 @@ static int crypt_main( int argc, char *argv[] )
 	int pass_len;
 	unsigned char *pass_cr, *pass_cl;
 	
-	if( argc < 3 )
+	if( argc < 4 || ( strcmp( argv[2], "hash" ) != 0 &&
+	                  strcmp( argv[2], "unhash" ) != 0 && argc < 5 ) )
 	{
 		printf( "Supported:\n"
 		        "  %s -x enc <key> <cleartext password>\n"
@@ -213,7 +214,8 @@ static int crypt_main( int argc, char *argv[] )
 	}
 	else if( strcmp( argv[2], "chkhash" ) == 0 )
 	{
-		int st = md5_verify_password( argv[4], argv[3] );
+		char *hash = strncmp( argv[3], "md5:", 4 ) == 0 ? argv[3] + 4 : argv[3];
+		int st = md5_verify_password( argv[4], hash );
 		
 		printf( "Hash %s given password.\n", st == 0 ? "matches" : "does not match" );