Commit 0f1eb4fe authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add -y passfile support

parent 6b20dad8
......@@ -66,6 +66,7 @@ usage( const char *s )
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, s );
......@@ -109,6 +110,7 @@ main( int argc, char **argv )
int authmethod, version, want_bindpw;
LDAP *ld = NULL;
struct berval bvalue = { 0, NULL };
char *pw_file = NULL;
debug = verbose = not = referrals =
manageDSAit = want_bindpw = quiet = 0;
......@@ -120,7 +122,7 @@ main( int argc, char **argv )
prog = lutil_progname( "ldapcompare", argc, argv );
while (( i = getopt( argc, argv,
"Cd:D:h:H:IkKMnO:p:P:qQR:U:vw:WxX:Y:zZ")) != EOF )
"Cd:D:h:H:IkKMnO:p:P:qQR:U:vw:WxX:y:Y:zZ")) != EOF )
{
switch( i ) {
......@@ -385,6 +387,9 @@ main( int argc, char **argv )
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -587,9 +592,14 @@ main( int argc, char **argv )
}
}
if (want_bindpw) {
passwd.bv_val = getpassphrase("Enter LDAP Password: ");
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if ( authmethod == LDAP_AUTH_SASL ) {
......
......@@ -81,6 +81,7 @@ usage( const char *s )
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, s );
......@@ -95,16 +96,18 @@ main( int argc, char **argv )
char buf[ 4096 ];
FILE *fp;
int i, rc, authmethod, referrals, want_bindpw, version, debug, manageDSAit;
char *pw_file;
not = verbose = contoper = want_bindpw = debug = manageDSAit = referrals = 0;
fp = NULL;
authmethod = -1;
version = -1;
pw_file = NULL;
prog = lutil_progname( "ldapdelete", argc, argv );
while (( i = getopt( argc, argv, "cf:r"
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z" )) != EOF )
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z" )) != EOF )
{
switch( i ) {
/* Delete Specific Options */
......@@ -386,6 +389,9 @@ main( int argc, char **argv )
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -553,9 +559,14 @@ main( int argc, char **argv )
}
}
if (want_bindpw) {
passwd.bv_val = getpassphrase("Enter LDAP Password: ");
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if ( authmethod == LDAP_AUTH_SASL ) {
......
......@@ -130,6 +130,7 @@ usage( const char *prog )
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, prog, (strcmp( prog, "ldapadd" ) ? " is to replace" : "") );
......@@ -146,6 +147,7 @@ main( int argc, char **argv )
char *matched_msg = NULL, *error_msg = NULL;
int rc, i, authmethod, version, want_bindpw, debug, manageDSAit, referrals;
int count, len;
char *pw_file = NULL;
prog = lutil_progname( "ldapmodify", argc, argv );
......@@ -162,7 +164,7 @@ main( int argc, char **argv )
version = -1;
while (( i = getopt( argc, argv, "acrf:F"
"Cd:D:h:H:IkKMnO:p:P:QR:S:U:vw:WxX:Y:Z" )) != EOF )
"Cd:D:h:H:IkKMnO:p:P:QR:S:U:vw:WxX:y:Y:Z" )) != EOF )
{
switch( i ) {
/* Modify Options */
......@@ -454,6 +456,9 @@ main( int argc, char **argv )
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -636,9 +641,14 @@ main( int argc, char **argv )
}
}
if (want_bindpw) {
passwd.bv_val = getpassphrase("Enter LDAP Password: ");
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if ( authmethod == LDAP_AUTH_SASL ) {
......
......@@ -95,6 +95,7 @@ usage( const char *s )
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, s );
......@@ -110,6 +111,7 @@ main(int argc, char **argv)
int rc, i, remove, havedn, authmethod, version, want_bindpw, debug, manageDSAit;
int referrals;
char *newSuperior=NULL;
char *pw_file = NULL;
infile = NULL;
not = contoper = verbose = remove = want_bindpw =
......@@ -120,7 +122,7 @@ main(int argc, char **argv)
prog = lutil_progname( "ldapmodrdn", argc, argv );
while (( i = getopt( argc, argv, "cf:rs:"
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z" )) != EOF )
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z" )) != EOF )
{
switch( i ) {
/* Modrdn Options */
......@@ -408,6 +410,9 @@ main(int argc, char **argv)
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -590,9 +595,14 @@ main(int argc, char **argv)
}
}
if (want_bindpw) {
passwd.bv_val = getpassphrase("Enter LDAP Password: ");
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if ( authmethod == LDAP_AUTH_SASL ) {
......
......@@ -90,6 +90,7 @@ usage( const char *s )
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, s, def_urlpre, def_tmpdir );
......@@ -188,6 +189,7 @@ main( int argc, char **argv )
BerElement *ber = NULL;
struct berval *bvalp = NULL;
char *vrFilter = NULL, *control = NULL, *s;
char *pw_file = NULL;
infile = NULL;
......@@ -226,7 +228,7 @@ main( int argc, char **argv )
urlize( def_urlpre );
while (( i = getopt( argc, argv, "Aa:b:E:F:f:Ll:S:s:T:tuz:"
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z")) != EOF )
"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z")) != EOF )
{
switch( i ) {
/* Search Options */
......@@ -603,6 +605,9 @@ main( int argc, char **argv )
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -824,9 +829,14 @@ main( int argc, char **argv )
}
}
if (want_bindpw) {
passwd.bv_val = getpassphrase("Enter LDAP Password: ");
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if ( authmethod == LDAP_AUTH_SASL ) {
......
......@@ -49,6 +49,7 @@ usage(const char *s)
" -W prompt for bind passwd\n"
" -x Simple authentication\n"
" -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
" -y file Read passwd from file\n"
" -Y mech SASL mechanism\n"
" -Z Start TLS request (-ZZ to require successful response)\n"
, s );
......@@ -68,12 +69,9 @@ main( int argc, char *argv[] )
char *binddn = NULL;
struct berval passwd = { 0, NULL };
char *newpw = NULL;
char *oldpw = NULL;
char *pw_file = NULL;
int want_bindpw = 0;
int want_newpw = 0;
int want_oldpw = 0;
int not = 0;
int i;
......@@ -81,7 +79,6 @@ main( int argc, char *argv[] )
int debug = 0;
int version = -1;
int authmethod = -1;
int manageDSAit = 0;
#ifdef HAVE_CYRUS_SASL
unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
char *sasl_realm = NULL;
......@@ -102,42 +99,10 @@ main( int argc, char *argv[] )
prog = lutil_progname( "ldapwhoami", argc, argv );
while( (i = getopt( argc, argv, "Aa:Ss:"
"Cd:D:h:H:InO:p:QR:U:vw:WxX:Y:Z" )) != EOF )
while( (i = getopt( argc, argv,
"Cd:D:h:H:InO:p:QR:U:vw:WxX:y:Y:Z" )) != EOF )
{
switch (i) {
/* Password Options */
case 'A': /* prompt for old password */
want_oldpw++;
break;
case 'a': /* old password (secret) */
oldpw = strdup (optarg);
{
char* p;
for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';
}
}
break;
case 'S': /* prompt for user password */
want_newpw++;
break;
case 's': /* new password (secret) */
newpw = strdup (optarg);
{
char* p;
for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';
}
}
break;
/* Common Options (including options we don't use) */
case 'C':
referrals++;
......@@ -239,16 +204,6 @@ main( int argc, char *argv[] )
return( EXIT_FAILURE );
#endif
break;
case 'M':
/* enable Manage DSA IT */
if( version == LDAP_VERSION2 ) {
fprintf( stderr, "%s: -M incompatible with LDAPv%d\n",
prog, version );
return EXIT_FAILURE;
}
manageDSAit++;
version = LDAP_VERSION3;
break;
case 'n': /* print deletes, don't actually do them */
++not;
break;
......@@ -399,6 +354,9 @@ main( int argc, char *argv[] )
case 'W':
want_bindpw++;
break;
case 'y':
pw_file = optarg;
break;
case 'Y':
#ifdef HAVE_CYRUS_SASL
if( sasl_mech != NULL ) {
......@@ -496,40 +454,16 @@ main( int argc, char *argv[] )
user = NULL;
}
if( want_oldpw && oldpw == NULL ) {
/* prompt for old password */
char *ckoldpw;
oldpw = strdup(getpassphrase("Old password: "));
ckoldpw = getpassphrase("Re-enter old password: ");
if( oldpw== NULL || ckoldpw == NULL ||
strcmp( oldpw, ckoldpw ))
{
fprintf( stderr, "passwords do not match\n" );
return EXIT_FAILURE;
}
}
if( want_newpw && newpw == NULL ) {
/* prompt for new password */
char *cknewpw;
newpw = strdup(getpassphrase("New password: "));
cknewpw = getpassphrase("Re-enter new password: ");
if( newpw== NULL || cknewpw == NULL ||
strcmp( newpw, cknewpw ))
{
fprintf( stderr, "passwords do not match\n" );
return EXIT_FAILURE;
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
if (want_bindpw && passwd.bv_val == NULL ) {
/* handle bind password */
passwd.bv_val = strdup( getpassphrase("Enter bind password: "));
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
if ( debug ) {
if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment