From 2396cf7d5d8d9aaa624dce4821ed214e74287b17 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Fri, 16 Apr 2010 00:16:49 +0000
Subject: [PATCH] move getpassphrase inside tool_bind; make sure password is
 always malloc'd and freed

---
 clients/tools/common.c      | 23 +++++++++++++++++++++--
 clients/tools/ldapcompare.c | 10 ----------
 clients/tools/ldapdelete.c  | 16 +---------------
 clients/tools/ldapexop.c    | 10 ----------
 clients/tools/ldapmodify.c  |  9 ---------
 clients/tools/ldapmodrdn.c  | 13 -------------
 clients/tools/ldappasswd.c  | 12 ------------
 clients/tools/ldapsearch.c  | 10 ----------
 clients/tools/ldapwhoami.c  | 10 ----------
 9 files changed, 22 insertions(+), 91 deletions(-)

diff --git a/clients/tools/common.c b/clients/tools/common.c
index 6f79e8804d..bd6df55328 100644
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@@ -260,11 +260,13 @@ tool_destroy( void )
 		ber_memfree( binddn );
 	}
 
-#if 0	/* not yet */
 	if ( passwd.bv_val != NULL ) {
 		ber_memfree( passwd.bv_val );
 	}
-#endif
+
+	if ( infile != NULL ) {
+		ber_memfree( infile );
+	}
 }
 
 void
@@ -1357,6 +1359,23 @@ tool_bind( LDAP *ld )
 
 	assert( nsctrls < (int) (sizeof(sctrls)/sizeof(sctrls[0])) );
 
+	if ( pw_file || want_bindpw ) {
+		assert( passwd.bv_val == NULL && passwd.bv_len == 0 );
+
+		if ( pw_file ) {
+			if ( lutil_get_filed_password( pw_file, &passwd ) ) {
+				exit( EXIT_FAILURE );
+			}
+
+		} else {
+			char *pw = getpassphrase( _("Enter LDAP Password: ") );
+			if ( pw ) {
+				passwd.bv_val = ber_strdup( pw );
+				passwd.bv_len = strlen( passwd.bv_val );
+			}
+		}
+	}
+
 	if ( authmethod == LDAP_AUTH_SASL ) {
 #ifdef HAVE_CYRUS_SASL
 		void *defaults;
diff --git a/clients/tools/ldapcompare.c b/clients/tools/ldapcompare.c
index 1160105cbc..460d7e9ae4 100644
--- a/clients/tools/ldapcompare.c
+++ b/clients/tools/ldapcompare.c
@@ -230,16 +230,6 @@ main( int argc, char **argv )
 
 	ld = tool_conn_setup( 0, 0 );
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );
 
 	if ( 0
diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c
index 24f297e6f2..c7e1552e91 100644
--- a/clients/tools/ldapdelete.c
+++ b/clients/tools/ldapdelete.c
@@ -184,24 +184,10 @@ main( int argc, char **argv )
 		if ( optind >= argc ) {
 			fp = stdin;
 		}
-    }
+	}
 
 	ld = tool_conn_setup( 0, &private_conn_setup );
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) {
-				if ( fp && fp != stdin )
-					fclose( fp );
-				return EXIT_FAILURE;
-			}
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );
 
 	tool_server_controls( ld, NULL, 0 );
diff --git a/clients/tools/ldapexop.c b/clients/tools/ldapexop.c
index 3125bb1c80..095d5e3376 100644
--- a/clients/tools/ldapexop.c
+++ b/clients/tools/ldapexop.c
@@ -89,16 +89,6 @@ main( int argc, char *argv[] )
 		usage();
 	}
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	ld = tool_conn_setup( 0, 0 );
 
 	tool_bind( ld );
diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c
index 728d96cb41..9b20b6667b 100644
--- a/clients/tools/ldapmodify.c
+++ b/clients/tools/ldapmodify.c
@@ -285,15 +285,6 @@ main( int argc, char **argv )
 	ld = tool_conn_setup( dont, 0 );
 
 	if ( !dont ) {
-		if ( pw_file || want_bindpw ) {
-			if ( pw_file ) {
-				rc = lutil_get_filed_password( pw_file, &passwd );
-				if( rc ) return EXIT_FAILURE;
-			} else {
-				passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-				passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-			}
-		}
 		tool_bind( ld );
 	}
 
diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c
index 673e2e3f62..a9ccfe87f0 100644
--- a/clients/tools/ldapmodrdn.c
+++ b/clients/tools/ldapmodrdn.c
@@ -194,19 +194,6 @@ main(int argc, char **argv)
 
 	ld = tool_conn_setup( 0, 0 );
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) {
-				retval = EXIT_FAILURE;
-				goto fail;
-			}
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );
 
 	tool_server_controls( ld, NULL, 0 );
diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c
index b29f50250c..d526d7677b 100644
--- a/clients/tools/ldappasswd.c
+++ b/clients/tools/ldappasswd.c
@@ -245,18 +245,6 @@ main( int argc, char *argv[] )
 		newpw.bv_len = strlen( newpw.bv_val );
 	}
 
-	if ( pw_file ) {
-		rc = lutil_get_filed_password( pw_file, &passwd );
-		if( rc ) {
-			rc = EXIT_FAILURE;
-			goto done;
-		}
-
-	} else if ( want_bindpw ) {
-		passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-		passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-	}
-
 	ld = tool_conn_setup( 0, 0 );
 
 	tool_bind( ld );
diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index f4e352467d..f06af7f570 100644
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -899,16 +899,6 @@ main( int argc, char **argv )
 
 	ld = tool_conn_setup( 0, &private_conn_setup );
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );
 
 getNextPage:
diff --git a/clients/tools/ldapwhoami.c b/clients/tools/ldapwhoami.c
index 34fab8034c..ea312c61b2 100644
--- a/clients/tools/ldapwhoami.c
+++ b/clients/tools/ldapwhoami.c
@@ -129,16 +129,6 @@ main( int argc, char *argv[] )
 		usage();
 	}
 
-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	ld = tool_conn_setup( 0, 0 );
 
 	tool_bind( ld );
-- 
GitLab