diff --git a/CHANGES b/CHANGES
index 7afabffd2d2fb18478188eb514ab603a9d9c403f..47931e5fcb40b837787d60dcccc5d964ac5f56c6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,7 @@ OpenLDAP 2.4 Change Log
OpenLDAP 2.4.18 Engineering
Fixed liblber speed and other problems (ITS#6215)
Fixed libldap error parsing (ITS#6197)
+ Fixed libldap native getpass usage (ITS#4643)
Fixed libldap tls_check_hostname for OpenSSL and MozNSS (ITS#6239)
Fixed slapd allow mirrormode to be set to FALSE (ITS#5946)
Fixed slapd dncachesize behavior to unlimited by default (ITS#6222)
diff --git a/configure.in b/configure.in
index 86d7c4fc30d5bc3a533d4766c980dd5ed8c2c2bf..7e75537db54e8b167404a3a681fbf8a4a8471f8e 100644
--- a/configure.in
+++ b/configure.in
@@ -2397,7 +2397,6 @@ AC_CHECK_FUNCS( \
geteuid \
getgrgid \
gethostname \
- getpass \
getpassphrase \
getpwuid \
getpwnam \
diff --git a/include/ac/unistd.h b/include/ac/unistd.h
index a60d0194020ac95f5cfa0658c8ef475a41afdd84..2b198e0c31bc76dc456e42982ece208799015b73 100644
--- a/include/ac/unistd.h
+++ b/include/ac/unistd.h
@@ -34,12 +34,7 @@
#if defined(HAVE_GETPASSPHRASE)
LDAP_LIBC_F(char*)(getpassphrase)();
-#elif defined(HAVE_GETPASS)
-#define getpassphrase(p) getpass(p)
-LDAP_LIBC_F(char*)(getpass)();
-
#else
-#define NEED_GETPASSPHRASE 1
#define getpassphrase(p) lutil_getpass(p)
LDAP_LUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass));
#endif
diff --git a/include/portable.hin b/include/portable.hin
index 53631699f8da54be69ff6eb994c6a34978659ebe..a0dce3a163eaa58d37d2e1dfe05ef380a3409eac 100644
--- a/include/portable.hin
+++ b/include/portable.hin
@@ -48,6 +48,9 @@
/* end of portable.h.pre */
+/* Define if building universal (internal helper macro) */
+#undef AC_APPLE_UNIVERSAL_BUILD
+
/* define to use both <string.h> and <strings.h> */
#undef BOTH_STRINGS_H
@@ -214,9 +217,6 @@
/* Define to 1 if you have the <getopt.h> header file. */
#undef HAVE_GETOPT_H
-/* Define to 1 if you have the `getpass' function. */
-#undef HAVE_GETPASS
-
/* Define to 1 if you have the `getpassphrase' function. */
#undef HAVE_GETPASSPHRASE
@@ -253,18 +253,6 @@
/* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H
-/* define if you have GSSAPI */
-#undef HAVE_GSSAPI
-
-/* Define to 1 if you have the <gssapi/gssapi.h> header file. */
-#undef HAVE_GSSAPI_GSSAPI_H
-
-/* Define to 1 if you have the <gssapi.h> header file. */
-#undef HAVE_GSSAPI_H
-
-/* Define to 1 if you have the `gss_oid_to_str' function. */
-#undef HAVE_GSS_OID_TO_STR
-
/* Define to 1 if you have the `hstrerror' function. */
#undef HAVE_HSTRERROR
@@ -376,6 +364,9 @@
/* define this if you have mkversion */
#undef HAVE_MKVERSION
+/* define if you have MozNSS */
+#undef HAVE_MOZNSS
+
/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
#undef HAVE_NDIR_H
@@ -385,6 +376,9 @@
/* define if strerror_r returns char* instead of int */
#undef HAVE_NONPOSIX_STRERROR_R
+/* Define to 1 if you have the <nssutil.h> header file. */
+#undef HAVE_NSSUTIL_H
+
/* if you have NT Event Log */
#undef HAVE_NT_EVENT_LOG
@@ -397,9 +391,6 @@
/* define if you have OpenSSL */
#undef HAVE_OPENSSL
-/* define if you have MozNSS */
-#undef HAVE_MOZNSS
-
/* Define to 1 if you have the <openssl/bn.h> header file. */
#undef HAVE_OPENSSL_BN_H
@@ -813,6 +804,9 @@
/* define if select implicitly yields */
#undef HAVE_YIELDING_SELECT
+/* Define to 1 if you have the `_vsnprintf' function. */
+#undef HAVE__VSNPRINTF
+
/* define to 32-bit or greater integer type */
#undef LBER_INT_T
@@ -909,19 +903,19 @@
/* Define to the type of arg 5 for `select'. */
#undef SELECT_TYPE_ARG5
-/* The size of a `int', as computed by sizeof. */
+/* The size of `int', as computed by sizeof. */
#undef SIZEOF_INT
-/* The size of a `long', as computed by sizeof. */
+/* The size of `long', as computed by sizeof. */
#undef SIZEOF_LONG
-/* The size of a `long long', as computed by sizeof. */
+/* The size of `long long', as computed by sizeof. */
#undef SIZEOF_LONG_LONG
-/* The size of a `short', as computed by sizeof. */
+/* The size of `short', as computed by sizeof. */
#undef SIZEOF_SHORT
-/* The size of a `wchar_t', as computed by sizeof. */
+/* The size of `wchar_t', as computed by sizeof. */
#undef SIZEOF_WCHAR_T
/* define to support per-object ACIs */
@@ -1080,9 +1074,17 @@
/* define to use 'long long' for MP */
#undef USE_MP_LONG_LONG
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+ significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+# define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+# undef WORDS_BIGENDIAN
+# endif
+#endif
/* Define to the type of arg 3 for `accept'. */
#undef ber_socklen_t
diff --git a/libraries/liblutil/getpass.c b/libraries/liblutil/getpass.c
index 0481a13f567995a1c07e2ab69bf04d39a4dd03c7..696b06e6e55b3e2c545686b818bcf877700e4c41 100644
--- a/libraries/liblutil/getpass.c
+++ b/libraries/liblutil/getpass.c
@@ -26,7 +26,7 @@
*/
/* This work was originally developed by the University of Michigan
* and distributed as part of U-MICH LDAP. It was adapted for use in
- * -llutil by Kurt D. Zeilenga.
+ * -llutil by Kurt D. Zeilenga and subsequently rewritten by Howard Chu.
*/
#include "portable.h"
@@ -42,7 +42,7 @@
#include <ac/time.h>
#include <ac/unistd.h>
-#ifdef NEED_GETPASSPHRASE
+#ifndef HAVE_GETPASSPHRASE
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
@@ -57,38 +57,25 @@
#include "ldap_defaults.h"
+#define PBUF 512
+
+#ifdef HAVE_WINSOCK
+#define TTY "con:"
+#else
+#define TTY "/dev/tty"
+#endif
+
char *
lutil_getpass( const char *prompt )
{
-#if !defined(HAVE_TERMIOS_H) && !defined(HAVE_SGTTY_H)
- static char buf[256];
+ static char pbuf[PBUF];
+ FILE *fi;
int i, c;
-
- if( prompt == NULL ) prompt = _("Password: ");
-
-#ifdef DEBUG
- if (debug & D_TRACE)
- printf("->getpass(%s)\n", prompt);
-#endif
-
- printf("%s", prompt);
- i = 0;
- while ( (c = getch()) != EOF && c != '\n' && c != '\r' )
- buf[i++] = c;
- if ( c == EOF )
- return( NULL );
- buf[i] = '\0';
- return (buf);
-#else
- int no_pass = 0;
- char i, j, k;
+#if defined(HAVE_TERMIOS_H) || defined(HAVE_SGTTY_H)
TERMIO_TYPE ttyb;
TERMFLAG_TYPE flags;
- static char pbuf[513];
- register char *p;
- register int c;
- FILE *fi;
RETSIGTYPE (*sig)( int sig );
+#endif
if( prompt == NULL ) prompt = _("Password: ");
@@ -96,82 +83,46 @@ lutil_getpass( const char *prompt )
if (debug & D_TRACE)
printf("->getpass(%s)\n", prompt);
#endif
- /*
- * Stolen from the getpass() routine. Can't use the plain
- * getpass() for two reasons. One is that LDAP passwords
- * can be really, really long - much longer than 8 chars.
- * The second is that we like to make this client available
- * out of inetd via a Merit asynch port, and we need to be
- * able to do telnet control codes to turn on and off line
- * blanking.
- */
- if ((fi = fdopen(open("/dev/tty", 2), "r")) == NULL)
+
+#if defined(HAVE_TERMIOS_H) || defined(HAVE_SGTTY_H)
+ if ((fi = fopen(TTY, "r")) == NULL)
fi = stdin;
else
setbuf(fi, (char *)NULL);
- sig = SIGNAL (SIGINT, SIG_IGN);
if (fi != stdin) {
if (GETATTR(fileno(fi), &ttyb) < 0)
perror("GETATTR");
- }
- flags = GETFLAGS( ttyb );
- SETFLAGS( ttyb, flags & ~ECHO );
- if (fi != stdin) {
+ sig = SIGNAL (SIGINT, SIG_IGN);
+ flags = GETFLAGS( ttyb );
+ SETFLAGS( ttyb, flags & ~ECHO );
if (SETATTR(fileno(fi), &ttyb) < 0)
perror("SETATTR");
}
-
- /* blank the line if through Merit */
- if (fi == stdin) {
- printf("%c%c%c", 255, 251, 1);
- fflush(stdout);
- (void) scanf("%c%c%c", &i, &j, &k);
- fflush(stdin);
- }
-
- /* fetch the password */
+#else
+ fi = stdin;
+#endif
fprintf(stdout, "%s", prompt);
fflush(stdout);
- for (p=pbuf; (c = getc(fi))!='\n' && c!=EOF;) {
- if (c == '\r')
- break;
- if (p < &pbuf[512])
- *p++ = c;
- }
- if (c == EOF)
- no_pass = 1;
- else {
- *p = '\0';
- if (*(p - 1) == '\r')
- *(p - 1) = '\0';
- }
-
- /* unblank the line if through Merit */
- if (fi == stdin) {
- printf("%c%c%c", 255, 252, 1);
- fflush(stdout);
- (void) scanf("%c%c%c", &i, &j, &k);
- fflush(stdin);
- printf("\n"); fflush(stdout);
- }
- fprintf(stdout, "\n");
- fflush(stdout);
-
+ i = 0;
+ while ( (c = getc(fi)) != EOF && c != '\n' && c != '\r' )
+ if ( i < (sizeof(pbuf)-1) )
+ pbuf[i++] = c;
+#if defined(HAVE_TERMIOS_H) || defined(HAVE_SGTTY_H)
/* tidy up */
- SETFLAGS( ttyb, flags );
if (fi != stdin) {
+ fprintf(stdout, "\n");
+ fflush(stdout);
+ SETFLAGS( ttyb, flags );
if (SETATTR(fileno(fi), &ttyb) < 0)
perror("SETATTR");
- }
- (void) SIGNAL (SIGINT, sig);
- if (fi != stdin)
+ (void) SIGNAL (SIGINT, sig);
(void) fclose(fi);
- else
- i = getchar();
- if (no_pass)
- return(NULL);
- return(pbuf);
+ }
#endif
+ if ( c == EOF )
+ return( NULL );
+ pbuf[i] = '\0';
+ return (pbuf);
}
#endif /* !NEED_GETPASSPHRASE */