Patch: 'ldapmodify -y file' reads password from file (ITS#2031)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are
marked with enclosed with square brackets (e.g. [Kurt's comment] below.
================
If I run ldapmodify & co from a script, I don't want to use '-W password'
because the password shows up in the output of 'ps' for everyone,
and I can't pipe the password to 'ldapmodify -w' because -w uses
getpassphrase() which reads from the tty instead of stdin.
So I added '-y file' which reads the password from file. The programs
exit if the file cannot be read.
[Complete contents of file is used as password. Use:
echo -n "secret" > password
to create a file with "secret" as the password. The -n avoids
adding a newline (which would invalidate the password). Note
that echo is a builtin and hence its arguments are not visible
to 'ps'.]
I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare.
I did not bother to change ldappasswd and ldapwhoami, because they
prompt for many passwords. [I fixed up ldapwhoami.]
Rerun autoconf after applying this patch. [Done.]
Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to
undef in portable.nt. (fstat() is used to warn if the file is publicly
readable or writeable.) [I used fstat() to set the buffer size to
read.]
[Note: using the contents of a file extends the tools to support
passwords which could not normally be provided using getpassphrase()
or via the command line.]
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
[Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
|
|
|
/* $OpenLDAP$ */
|
|
|
|
/*
|
2003-01-04 04:20:47 +08:00
|
|
|
* Copyright 2002-2003 The OpenLDAP Foundation, All Rights Reserved.
|
Patch: 'ldapmodify -y file' reads password from file (ITS#2031)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are
marked with enclosed with square brackets (e.g. [Kurt's comment] below.
================
If I run ldapmodify & co from a script, I don't want to use '-W password'
because the password shows up in the output of 'ps' for everyone,
and I can't pipe the password to 'ldapmodify -w' because -w uses
getpassphrase() which reads from the tty instead of stdin.
So I added '-y file' which reads the password from file. The programs
exit if the file cannot be read.
[Complete contents of file is used as password. Use:
echo -n "secret" > password
to create a file with "secret" as the password. The -n avoids
adding a newline (which would invalidate the password). Note
that echo is a builtin and hence its arguments are not visible
to 'ps'.]
I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare.
I did not bother to change ldappasswd and ldapwhoami, because they
prompt for many passwords. [I fixed up ldapwhoami.]
Rerun autoconf after applying this patch. [Done.]
Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to
undef in portable.nt. (fstat() is used to warn if the file is publicly
readable or writeable.) [I used fstat() to set the buffer size to
read.]
[Note: using the contents of a file extends the tools to support
passwords which could not normally be provided using getpassphrase()
or via the command line.]
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
[Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
|
|
|
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "portable.h"
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
2002-08-31 18:54:58 +08:00
|
|
|
#include <ac/stdlib.h>
|
Patch: 'ldapmodify -y file' reads password from file (ITS#2031)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are
marked with enclosed with square brackets (e.g. [Kurt's comment] below.
================
If I run ldapmodify & co from a script, I don't want to use '-W password'
because the password shows up in the output of 'ps' for everyone,
and I can't pipe the password to 'ldapmodify -w' because -w uses
getpassphrase() which reads from the tty instead of stdin.
So I added '-y file' which reads the password from file. The programs
exit if the file cannot be read.
[Complete contents of file is used as password. Use:
echo -n "secret" > password
to create a file with "secret" as the password. The -n avoids
adding a newline (which would invalidate the password). Note
that echo is a builtin and hence its arguments are not visible
to 'ps'.]
I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare.
I did not bother to change ldappasswd and ldapwhoami, because they
prompt for many passwords. [I fixed up ldapwhoami.]
Rerun autoconf after applying this patch. [Done.]
Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to
undef in portable.nt. (fstat() is used to warn if the file is publicly
readable or writeable.) [I used fstat() to set the buffer size to
read.]
[Note: using the contents of a file extends the tools to support
passwords which could not normally be provided using getpassphrase()
or via the command line.]
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
[Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
|
|
|
#include <ac/ctype.h>
|
|
|
|
#include <ac/string.h>
|
|
|
|
|
|
|
|
#ifdef HAVE_FSTAT
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#endif /* HAVE_FSTAT */
|
|
|
|
|
|
|
|
#include <lber.h>
|
|
|
|
#include <lutil.h>
|
|
|
|
|
|
|
|
/* Get a password from a file. */
|
|
|
|
int
|
|
|
|
lutil_get_filed_password(
|
|
|
|
const char *filename,
|
|
|
|
struct berval *passwd )
|
|
|
|
{
|
|
|
|
size_t nread, nleft, nr;
|
|
|
|
FILE *f = fopen( filename, "r" );
|
|
|
|
|
|
|
|
if( f == NULL ) {
|
|
|
|
perror( filename );
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
passwd->bv_val = NULL;
|
|
|
|
passwd->bv_len = 4196;
|
|
|
|
|
|
|
|
#ifdef HAVE_FSTAT
|
|
|
|
{
|
|
|
|
struct stat sb;
|
|
|
|
if ( fstat( fileno( f ), &sb ) == 0 ) {
|
|
|
|
if( sb.st_mode & 006 ) {
|
|
|
|
fprintf( stderr,
|
|
|
|
"Warning: Password file %s is publicly readable/writeable\n",
|
|
|
|
filename );
|
|
|
|
}
|
|
|
|
|
|
|
|
passwd->bv_len = sb.st_size;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif /* HAVE_FSTAT */
|
|
|
|
|
|
|
|
passwd->bv_val = (char *) malloc( passwd->bv_len + 1 );
|
|
|
|
if( passwd->bv_val == NULL ) {
|
|
|
|
perror( filename );
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
nread = 0;
|
|
|
|
nleft = passwd->bv_len;
|
|
|
|
do {
|
|
|
|
if( nleft == 0 ) {
|
|
|
|
/* double the buffer size */
|
|
|
|
char *p = (char *) realloc( passwd->bv_val,
|
|
|
|
2 * passwd->bv_len + 1 );
|
|
|
|
if( p == NULL ) {
|
|
|
|
free( passwd->bv_val );
|
|
|
|
passwd->bv_val = NULL;
|
|
|
|
passwd->bv_len = 0;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
nleft = passwd->bv_len;
|
|
|
|
passwd->bv_len *= 2;
|
|
|
|
passwd->bv_val = p;
|
|
|
|
}
|
|
|
|
|
|
|
|
nr = fread( &passwd->bv_val[nread], 1, nleft, f );
|
|
|
|
|
|
|
|
if( nr < nleft && ferror( f ) ) {
|
|
|
|
free( passwd->bv_val );
|
|
|
|
passwd->bv_val = NULL;
|
|
|
|
passwd->bv_len = 0;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
nread += nr;
|
|
|
|
nleft -= nr;
|
|
|
|
} while ( !feof(f) );
|
|
|
|
|
|
|
|
passwd->bv_len = nread;
|
|
|
|
passwd->bv_val[nread] = '\0';
|
|
|
|
|
|
|
|
fclose( f );
|
|
|
|
return 0;
|
|
|
|
}
|