#include "common.h"
-static char *newpw = NULL;
-static char *oldpw = NULL;
+static struct berval newpw = { 0, NULL };
+static struct berval oldpw = { 0, NULL };
+
static int want_newpw = 0;
static int want_oldpw = 0;
+static char *oldpwfile = NULL;
+static char *newpwfile = NULL;
void
usage( void )
"Password change options:\n"
" -a secret old password\n"
" -A prompt for old password\n"
+" -t file read file for old password\n"
" -s secret new password\n"
" -S prompt for new password\n"
+" -T file read file for new password\n"
, prog );
tool_common_usage();
exit( EXIT_FAILURE );
}
-const char options[] = "a:As:S"
+const char options[] = "a:As:St:T:"
"Cd:D:e:h:H:InO:p:QR:U:vVw:WxX:y:Y:Z";
int
{
switch ( i ) {
#if 0
+ case 'E': /* passwd controls */ {
int crit;
char *control, *cvalue;
- case 'E': /* passwd controls */
if( protocol == LDAP_VERSION2 ) {
fprintf( stderr, "%s: -E incompatible with LDAPv%d\n",
prog, protocol );
if ( (cvalue = strchr( control, '=' )) != NULL ) {
*cvalue++ = '\0';
}
+
fprintf( stderr, "Invalid passwd control name: %s\n", control );
usage();
+ }
#endif
case 'a': /* old password (secret) */
- oldpw = strdup (optarg);
-
+ oldpw.bv_val = strdup( optarg );
{
char* p;
for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';
}
}
+ oldpw.bv_len = strlen( oldpw.bv_val );
break;
case 'A': /* prompt for old password */
break;
case 's': /* new password (secret) */
- newpw = strdup (optarg);
+ newpw.bv_val = strdup (optarg);
{
char* p;
for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';
}
}
+ newpw.bv_len = strlen( newpw.bv_val );
break;
case 'S': /* prompt for user password */
want_newpw++;
break;
+ case 't':
+ oldpwfile = optarg;
+ break;
+
+ case 'T':
+ newpwfile = optarg;
+ break;
+
default:
return 0;
}
user = NULL;
}
- if( want_oldpw && oldpw == NULL ) {
+ if( oldpwfile ) {
+ rc = lutil_get_filed_password( prog, &oldpw );
+ if( rc ) return EXIT_FAILURE;
+ }
+
+ if( want_oldpw && oldpw.bv_val == NULL ) {
/* prompt for old password */
char *ckoldpw;
- oldpw = strdup(getpassphrase("Old password: "));
+ oldpw.bv_val = strdup(getpassphrase("Old password: "));
ckoldpw = getpassphrase("Re-enter old password: ");
- if( oldpw== NULL || ckoldpw == NULL ||
- strcmp( oldpw, ckoldpw ))
+ if( oldpw.bv_val == NULL || ckoldpw == NULL ||
+ strcmp( oldpw.bv_val, ckoldpw ))
{
fprintf( stderr, "passwords do not match\n" );
return EXIT_FAILURE;
}
+
+ oldpw.bv_len = strlen( oldpw.bv_val );
+ }
+
+ if( newpwfile ) {
+ rc = lutil_get_filed_password( prog, &newpw );
+ if( rc ) return EXIT_FAILURE;
}
- if( want_newpw && newpw == NULL ) {
+ if( want_newpw && newpw.bv_val == NULL ) {
/* prompt for new password */
char *cknewpw;
- newpw = strdup(getpassphrase("New password: "));
+ newpw.bv_val = strdup(getpassphrase("New password: "));
cknewpw = getpassphrase("Re-enter new password: ");
- if( newpw== NULL || cknewpw == NULL ||
- strcmp( newpw, cknewpw ))
+ if( newpw.bv_val == NULL || cknewpw == NULL ||
+ strcmp( newpw.bv_val, cknewpw ))
{
fprintf( stderr, "passwords do not match\n" );
return EXIT_FAILURE;
}
+
+ newpw.bv_len = strlen( newpw.bv_val );
}
- if (want_bindpw && passwd.bv_val == NULL ) {
+ if( want_bindpw && passwd.bv_val == NULL ) {
/* handle bind password */
passwd.bv_val = strdup( getpassphrase("Enter bind password: "));
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
if ( authzid || manageDSAit || noop )
tool_server_controls( ld, NULL, 0 );
- if( user != NULL || oldpw != NULL || newpw != NULL ) {
+ if( user != NULL || oldpw.bv_val != NULL || newpw.bv_val != NULL ) {
/* build change password control */
ber = ber_alloc_t( LBER_USE_DER );
free(user);
}
- if( oldpw != NULL ) {
- ber_printf( ber, "ts",
- LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, oldpw );
- free(oldpw);
+ if( oldpw.bv_val != NULL ) {
+ ber_printf( ber, "tO",
+ LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &oldpw );
+ free(oldpw.bv_val);
}
- if( newpw != NULL ) {
- ber_printf( ber, "ts",
- LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, newpw );
- free(newpw);
+ if( newpw.bv_val != NULL ) {
+ ber_printf( ber, "tO",
+ LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &newpw );
+ free(newpw.bv_val);
}
ber_printf( ber, /*{*/ "N}" );
return rc;
}
- rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, NULL, 0 );
+ rc = ldap_parse_result( ld, res,
+ &code, &matcheddn, &text, &refs, NULL, 0 );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_parse_result" );
Tools ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
-ldapcompare * DE *HI*K M*OPQR UVWXYZ de *h**k *n*p* vwx z
-ldapdelete *CDE *HI*K M*OPQR UVWXYZ cdef*h**k *n*p* vwxy
-ldapmodify *CDEF*HI*K M*OPQRS UVWXYZabcdef*h**k *n*p*r t vwxy
-ldapmodrdn *CDE *HI*K M*OPQR UVWXYZ cdef*h**k *n*p*rs vwxy
-ldappasswd A*CDE *HI* *O QRS UVWXYZa de *h** * * * s vwxy
-ldapsearch A*CDE *HI*KLM*OPQRSTUVWXYZab*def*h**kl*n*p* stuvwxyz
-ldapwhoami * DE *HI* *O QR UVWXYZ def*h** *n*p* vwx
+ldapcompare * DE**HI*K M*OPQR UVWXYZ de *h**k *n*p* vwxyz
+ldapdelete *CDE**HI*K M*OPQR UVWXYZ cdef*h**k *n*p* vwxy
+ldapmodify *CDE**HI*K M*OPQRS UVWXYZabcde *h**k *n*p*r t vwxy
+ldapmodrdn *CDE**HI*K M*OPQR UVWXYZ cdef*h**k *n*p*rs vwxy
+ldappasswd A*CDE**HI* *O QRS UVWXYZa def*h** * * * s vwxy
+ldapsearch A*CDE**HI*KLM*OPQRSTUVWXYZab*def*h**kl*n*p* stuvwxyz
+ldapwhoami * DE**HI* *O QR UVWXYZ def*h** *n*p* vwxy
* reserved
- GJNgijmoqy01235789
+ BFGJNgijmoq01235789
* General flags:
-C Chase Referrals
-D Bind DN
-E Tool-specific Extensions (e.g., -E <[!]oid[=options]>*)
-e General Extensions (e.g., -e <[!]oid[=options]>*)
+ -f file
-H URI
-P protocol version
-V version information
" -c format\tcrypt(3) salt format\n"
" -u\t\tgenerate RFC2307 values (default)\n"
" -v\t\tincrease verbosity\n"
+ " -T file\tread password from verbosity\n"
, s );
exit( EXIT_FAILURE );
{
char *scheme = "{SSHA}";
char *newpw = NULL;
+ char *pwfile = NULL;
int i;
struct berval passwd;
struct berval *hash = NULL;
while( (i = getopt( argc, argv,
- "c:d:h:s:vu" )) != EOF )
+ "c:d:h:s:T:vu" )) != EOF )
{
switch (i) {
case 'c': /* crypt salt format */
for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';
}
-
} break;
+ case 'T': /* password file */
+ pwfile = optarg;
+ break;
+
case 'u': /* RFC2307 userPassword */
break;
usage( argv[0] );
}
- if( newpw == NULL ) {
- /* prompt for new password */
- char *cknewpw;
- newpw = strdup(getpassphrase("New password: "));
- cknewpw = getpassphrase("Re-enter new password: ");
-
- if( strcmp( newpw, cknewpw )) {
- fprintf( stderr, "Password values do not match\n" );
+ if( pwfile != NULL ) {
+ if( lutil_get_filed_password( pwfile, &passwd )) {
return EXIT_FAILURE;
}
- }
+ } else {
+ if( newpw == NULL ) {
+ /* prompt for new password */
+ char *cknewpw;
+ newpw = strdup(getpassphrase("New password: "));
+ cknewpw = getpassphrase("Re-enter new password: ");
+
+ if( strcmp( newpw, cknewpw )) {
+ fprintf( stderr, "Password values do not match\n" );
+ return EXIT_FAILURE;
+ }
+ }
- passwd.bv_val = newpw;
- passwd.bv_len = strlen(passwd.bv_val);
+ passwd.bv_val = newpw;
+ passwd.bv_len = strlen(passwd.bv_val);
+ }
hash = lutil_passwd_hash( &passwd, scheme );
projects / openldap / commitdiff