Add -y passfile support

author Kurt Zeilenga <kurt@openldap.org>

Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)
diff --git a/clients/tools/ldapcompare.c b/clients/tools/ldapcompare.c

index 3b731f9346cc5e7aaf23a2ad2c0ec7321d582daf..c47f609ea4f7ceac6dfa6e9bd5f348fea9498553 100644 (file)
--- a/clients/tools/ldapcompare.c
+++ b/clients/tools/ldapcompare.c
@@ -66,6 +66,7 @@ usage( const char *s )
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
  , s );
@@ -109,6 +110,7 @@ main( int argc, char **argv )
         int             authmethod, version, want_bindpw;
         LDAP    *ld = NULL;
         struct berval bvalue = { 0, NULL };
+       char    *pw_file = NULL;
  
         debug = verbose = not = referrals =
                 manageDSAit = want_bindpw = quiet = 0;
@@ -120,7 +122,7 @@ main( int argc, char **argv )
         prog = lutil_progname( "ldapcompare", argc, argv );
  
         while (( i = getopt( argc, argv,
-               "Cd:D:h:H:IkKMnO:p:P:qQR:U:vw:WxX:Y:zZ")) != EOF )
+               "Cd:D:h:H:IkKMnO:p:P:qQR:U:vw:WxX:y:Y:zZ")) != EOF )
         {
                 switch( i ) {
  
@@ -385,6 +387,9 @@ main( int argc, char **argv )
                 case 'W':
                         want_bindpw++;
                         break;
+               case 'y':
+                       pw_file = optarg;
+                       break;
                 case 'Y':
  #ifdef HAVE_CYRUS_SASL
                         if( sasl_mech != NULL ) {
@@ -587,9 +592,14 @@ main( int argc, char **argv )
                 }
         }
  
-       if (want_bindpw) {
-               passwd.bv_val = getpassphrase("Enter LDAP Password: ");
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+               }
         }
  
         if ( authmethod == LDAP_AUTH_SASL ) {
diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c

index bc04de2b5b0462e3ff33f41b5a3647ee778c5e18..35e3d9f8b7f32903ce00a32afb9cca08e22922b9 100644 (file)
--- a/clients/tools/ldapdelete.c
+++ b/clients/tools/ldapdelete.c
@@ -81,6 +81,7 @@ usage( const char *s )
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
  ,              s );
@@ -95,16 +96,18 @@ main( int argc, char **argv )
         char            buf[ 4096 ];
         FILE            *fp;
         int             i, rc, authmethod, referrals, want_bindpw, version, debug, manageDSAit;
+       char    *pw_file;
  
      not = verbose = contoper = want_bindpw = debug = manageDSAit = referrals = 0;
      fp = NULL;
      authmethod = -1;
         version = -1;
+       pw_file = NULL;
  
      prog = lutil_progname( "ldapdelete", argc, argv );
  
      while (( i = getopt( argc, argv, "cf:r"
-               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z" )) != EOF )
+               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z" )) != EOF )
         {
         switch( i ) {
         /* Delete Specific Options */
@@ -386,6 +389,9 @@ main( int argc, char **argv )
         case 'W':
                 want_bindpw++;
                 break;
+       case 'y':
+               pw_file = optarg;
+               break;
         case 'Y':
  #ifdef HAVE_CYRUS_SASL
                 if( sasl_mech != NULL ) {
@@ -553,9 +559,14 @@ main( int argc, char **argv )
                 }
         }
  
-       if (want_bindpw) {
-               passwd.bv_val = getpassphrase("Enter LDAP Password: ");
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+               }
         }
  
         if ( authmethod == LDAP_AUTH_SASL ) {
diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c

index c00f542546e54d50b56311093863df4a1bb85557..17ad97179a03282487289eb8483ddf5716331622 100644 (file)
--- a/clients/tools/ldapmodify.c
+++ b/clients/tools/ldapmodify.c
@@ -130,6 +130,7 @@ usage( const char *prog )
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
              , prog, (strcmp( prog, "ldapadd" ) ? " is to replace" : "") );
@@ -146,6 +147,7 @@ main( int argc, char **argv )
         char            *matched_msg = NULL, *error_msg = NULL;
         int             rc, i, authmethod, version, want_bindpw, debug, manageDSAit, referrals;
         int count, len;
+       char    *pw_file = NULL;
  
      prog = lutil_progname( "ldapmodify", argc, argv );
  
@@ -162,7 +164,7 @@ main( int argc, char **argv )
         version = -1;
  
      while (( i = getopt( argc, argv, "acrf:F"
-               "Cd:D:h:H:IkKMnO:p:P:QR:S:U:vw:WxX:Y:Z" )) != EOF )
+               "Cd:D:h:H:IkKMnO:p:P:QR:S:U:vw:WxX:y:Y:Z" )) != EOF )
         {
         switch( i ) {
         /* Modify Options */
@@ -454,6 +456,9 @@ main( int argc, char **argv )
         case 'W':
                 want_bindpw++;
                 break;
+       case 'y':
+               pw_file = optarg;
+               break;
         case 'Y':
  #ifdef HAVE_CYRUS_SASL
                 if( sasl_mech != NULL ) {
@@ -636,9 +641,14 @@ main( int argc, char **argv )
                 }
         }
  
-       if (want_bindpw) {
-               passwd.bv_val = getpassphrase("Enter LDAP Password: ");
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+               }
         }
  
         if ( authmethod == LDAP_AUTH_SASL ) {
diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c

index b5d2d5928388694bc56d83837f6c464dc4dc7cb1..5e69273144d89bcde3178a529a0951019c57b7ab 100644 (file)
--- a/clients/tools/ldapmodrdn.c
+++ b/clients/tools/ldapmodrdn.c
@@ -95,6 +95,7 @@ usage( const char *s )
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
  ,              s );
@@ -110,6 +111,7 @@ main(int argc, char **argv)
         int             rc, i, remove, havedn, authmethod, version, want_bindpw, debug, manageDSAit;
         int             referrals;
      char       *newSuperior=NULL;
+       char    *pw_file = NULL;
  
      infile = NULL;
      not = contoper = verbose = remove = want_bindpw =
@@ -120,7 +122,7 @@ main(int argc, char **argv)
      prog = lutil_progname( "ldapmodrdn", argc, argv );
  
      while (( i = getopt( argc, argv, "cf:rs:"
-               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z" )) != EOF )
+               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z" )) != EOF )
         {
         switch( i ) {
         /* Modrdn Options */
@@ -408,6 +410,9 @@ main(int argc, char **argv)
         case 'W':
                 want_bindpw++;
                 break;
+       case 'y':
+               pw_file = optarg;
+               break;
         case 'Y':
  #ifdef HAVE_CYRUS_SASL
                 if( sasl_mech != NULL ) {
@@ -590,9 +595,14 @@ main(int argc, char **argv)
                 }
         }
  
-       if (want_bindpw) {
-               passwd.bv_val = getpassphrase("Enter LDAP Password: ");
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+               }
         }
  
         if ( authmethod == LDAP_AUTH_SASL ) {
diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c

index d991a9a97dfcd117b401d947c39fa1e87a4afab7..2dd5615eb7a96c1c78c5e196b6f5c0deeb65a76f 100644 (file)
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -90,6 +90,7 @@ usage( const char *s )
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
  , s, def_urlpre, def_tmpdir );
@@ -188,6 +189,7 @@ main( int argc, char **argv )
         BerElement      *ber = NULL;
         struct berval   *bvalp = NULL;
         char    *vrFilter  = NULL, *control  = NULL, *s;
+       char    *pw_file = NULL;
  
  
         infile = NULL;
@@ -226,7 +228,7 @@ main( int argc, char **argv )
         urlize( def_urlpre );
  
         while (( i = getopt( argc, argv, "Aa:b:E:F:f:Ll:S:s:T:tuz:"
-               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z")) != EOF )
+               "Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:y:Y:Z")) != EOF )
         {
         switch( i ) {
         /* Search Options */
@@ -603,6 +605,9 @@ main( int argc, char **argv )
         case 'W':
                 want_bindpw++;
                 break;
+       case 'y':
+               pw_file = optarg;
+               break;
         case 'Y':
  #ifdef HAVE_CYRUS_SASL
                 if( sasl_mech != NULL ) {
@@ -824,9 +829,14 @@ main( int argc, char **argv )
                 }
         }
  
-       if (want_bindpw) {
-               passwd.bv_val = getpassphrase("Enter LDAP Password: ");
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+               }
         }
  
         if ( authmethod == LDAP_AUTH_SASL ) {
diff --git a/clients/tools/ldapwhoami.c b/clients/tools/ldapwhoami.c

index 58d926fb343083b7376fe1fca49b3f17b86064a8..3a894ceb4ee81f1e980c85e0f3ff14440ed11673 100644 (file)
--- a/clients/tools/ldapwhoami.c
+++ b/clients/tools/ldapwhoami.c
@@ -49,6 +49,7 @@ usage(const char *s)
  "  -W         prompt for bind passwd\n"
  "  -x         Simple authentication\n"
  "  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -y file    Read passwd from file\n"
  "  -Y mech    SASL mechanism\n"
  "  -Z         Start TLS request (-ZZ to require successful response)\n"
                 , s );
@@ -68,12 +69,9 @@ main( int argc, char *argv[] )
         char    *binddn = NULL;
  
         struct berval passwd = { 0, NULL };
-       char    *newpw = NULL;
-       char    *oldpw = NULL;
  
+       char    *pw_file = NULL;
         int             want_bindpw = 0;
-       int             want_newpw = 0;
-       int             want_oldpw = 0;
  
         int             not = 0;
         int             i;
@@ -81,7 +79,6 @@ main( int argc, char *argv[] )
         int             debug = 0;
         int             version = -1;
         int             authmethod = -1;
-       int             manageDSAit = 0;
  #ifdef HAVE_CYRUS_SASL
         unsigned        sasl_flags = LDAP_SASL_AUTOMATIC;
         char            *sasl_realm = NULL;
@@ -102,42 +99,10 @@ main( int argc, char *argv[] )
  
         prog = lutil_progname( "ldapwhoami", argc, argv );
  
-       while( (i = getopt( argc, argv, "Aa:Ss:"
-               "Cd:D:h:H:InO:p:QR:U:vw:WxX:Y:Z" )) != EOF )
+       while( (i = getopt( argc, argv, 
+               "Cd:D:h:H:InO:p:QR:U:vw:WxX:y:Y:Z" )) != EOF )
         {
                 switch (i) {
-               /* Password Options */
-               case 'A':       /* prompt for old password */
-                       want_oldpw++;
-                       break;
-
-               case 'a':       /* old password (secret) */
-                       oldpw = strdup (optarg);
-
-                       {
-                               char* p;
-
-                               for( p = optarg; *p != '\0'; p++ ) {
-                                       *p = '\0';
-                               }
-                       }
-                       break;
-
-               case 'S':       /* prompt for user password */
-                       want_newpw++;
-                       break;
-
-               case 's':       /* new password (secret) */
-                       newpw = strdup (optarg);
-                       {
-                               char* p;
-
-                               for( p = optarg; *p != '\0'; p++ ) {
-                                       *p = '\0';
-                               }
-                       }
-                       break;
-
         /* Common Options (including options we don't use) */
         case 'C':
                 referrals++;
@@ -239,16 +204,6 @@ main( int argc, char *argv[] )
                 return( EXIT_FAILURE );
  #endif
             break;
-       case 'M':
-               /* enable Manage DSA IT */
-               if( version == LDAP_VERSION2 ) {
-                       fprintf( stderr, "%s: -M incompatible with LDAPv%d\n",
-                               prog, version );
-                       return EXIT_FAILURE;
-               }
-               manageDSAit++;
-               version = LDAP_VERSION3;
-               break;
         case 'n':       /* print deletes, don't actually do them */
             ++not;
             break;
@@ -399,6 +354,9 @@ main( int argc, char *argv[] )
         case 'W':
                 want_bindpw++;
                 break;
+       case 'y':
+               pw_file = optarg;
+               break;
         case 'Y':
  #ifdef HAVE_CYRUS_SASL
                 if( sasl_mech != NULL ) {
@@ -496,40 +454,16 @@ main( int argc, char *argv[] )
                 user = NULL;
         }
  
-       if( want_oldpw && oldpw == NULL ) {
-               /* prompt for old password */
-               char *ckoldpw;
-               oldpw = strdup(getpassphrase("Old password: "));
-               ckoldpw = getpassphrase("Re-enter old password: ");
-
-               if( oldpw== NULL || ckoldpw == NULL ||
-                       strcmp( oldpw, ckoldpw ))
-               {
-                       fprintf( stderr, "passwords do not match\n" );
-                       return EXIT_FAILURE;
-               }
-       }
-
-       if( want_newpw && newpw == NULL ) {
-               /* prompt for new password */
-               char *cknewpw;
-               newpw = strdup(getpassphrase("New password: "));
-               cknewpw = getpassphrase("Re-enter new password: ");
-
-               if( newpw== NULL || cknewpw == NULL ||
-                       strcmp( newpw, cknewpw ))
-               {
-                       fprintf( stderr, "passwords do not match\n" );
-                       return EXIT_FAILURE;
+       if ( pw_file || want_bindpw ) {
+               if ( pw_file ) {
+                       rc = lutil_get_filed_password( pw_file, &passwd );
+                       if( rc ) return EXIT_FAILURE;
+               } else {
+                       passwd.bv_val = getpassphrase( "Enter LDAP Password: " );
+                       passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
                 }
         }
  
-       if (want_bindpw && passwd.bv_val == NULL ) {
-               /* handle bind password */
-               passwd.bv_val = strdup( getpassphrase("Enter bind password: "));
-               passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-       }
-
         if ( debug ) {
                 if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
                         fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
author	Kurt Zeilenga <kurt@openldap.org>
	Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Thu, 29 Aug 2002 03:31:00 +0000 (03:31 +0000)
clients/tools/ldapcompare.c		patch \| blob \| history
clients/tools/ldapdelete.c		patch \| blob \| history
clients/tools/ldapmodify.c		patch \| blob \| history
clients/tools/ldapmodrdn.c		patch \| blob \| history
clients/tools/ldapsearch.c		patch \| blob \| history
clients/tools/ldapwhoami.c		patch \| blob \| history