From c5cf99dd4d4ce4ebcf3563d91386c5b3b8e5e4c1 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Mon, 12 Apr 2010 04:06:13 +0000 Subject: [PATCH] move getpassphrase inside tool_bind; make sure password is always malloc'd and freed --- clients/tools/common.c | 23 +++++++++++++++++++++-- clients/tools/ldapcompare.c | 10 ---------- clients/tools/ldapdelete.c | 16 +--------------- clients/tools/ldapexop.c | 10 ---------- clients/tools/ldapmodify.c | 12 ------------ clients/tools/ldapmodrdn.c | 13 ------------- clients/tools/ldappasswd.c | 12 ------------ clients/tools/ldapsearch.c | 10 ---------- clients/tools/ldapwhoami.c | 10 ---------- 9 files changed, 22 insertions(+), 94 deletions(-) diff --git a/clients/tools/common.c b/clients/tools/common.c index aa7a0babab..51e4edc414 100644 --- a/clients/tools/common.c +++ b/clients/tools/common.c @@ -261,11 +261,13 @@ tool_destroy( void ) ber_memfree( binddn ); } -#if 0 /* not yet */ if ( passwd.bv_val != NULL ) { ber_memfree( passwd.bv_val ); } -#endif + + if ( infile != NULL ) { + ber_memfree( infile ); + } } void @@ -1381,6 +1383,23 @@ tool_bind( LDAP *ld ) assert( nsctrls < (int) (sizeof(sctrls)/sizeof(sctrls[0])) ); + if ( pw_file || want_bindpw ) { + assert( passwd.bv_val == NULL && passwd.bv_len == 0 ); + + if ( pw_file ) { + if ( lutil_get_filed_password( pw_file, &passwd ) ) { + exit( EXIT_FAILURE ); + } + + } else { + char *pw = getpassphrase( _("Enter LDAP Password: ") ); + if ( pw ) { + passwd.bv_val = ber_strdup( pw ); + passwd.bv_len = strlen( passwd.bv_val ); + } + } + } + if ( authmethod == LDAP_AUTH_SASL ) { #ifdef HAVE_CYRUS_SASL void *defaults; diff --git a/clients/tools/ldapcompare.c b/clients/tools/ldapcompare.c index 412ad85932..3b9d72626b 100644 --- a/clients/tools/ldapcompare.c +++ b/clients/tools/ldapcompare.c @@ -230,16 +230,6 @@ main( int argc, char **argv ) ld = tool_conn_setup( 0, 0 ); - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) return EXIT_FAILURE; - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - tool_bind( ld ); if ( 0 diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index 359a5c541d..1332f9ee99 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -184,24 +184,10 @@ main( int argc, char **argv ) if ( optind >= argc ) { fp = stdin; } - } + } ld = tool_conn_setup( 0, &private_conn_setup ); - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) { - if ( fp && fp != stdin ) - fclose( fp ); - return EXIT_FAILURE; - } - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - tool_bind( ld ); tool_server_controls( ld, NULL, 0 ); diff --git a/clients/tools/ldapexop.c b/clients/tools/ldapexop.c index e9f5d285de..b69a4dfe64 100644 --- a/clients/tools/ldapexop.c +++ b/clients/tools/ldapexop.c @@ -89,16 +89,6 @@ main( int argc, char *argv[] ) usage(); } - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) return EXIT_FAILURE; - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index 4e2a10f923..afbff968bc 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -262,18 +262,6 @@ main( int argc, char **argv ) ld = tool_conn_setup( dont, 0 ); if ( !dont ) { - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if ( rc ) { - retval = EXIT_FAILURE; - goto fail; - } - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } tool_bind( ld ); } diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index 93570f701e..74cbf0ba24 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -194,19 +194,6 @@ main(int argc, char **argv) ld = tool_conn_setup( 0, 0 ); - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) { - retval = EXIT_FAILURE; - goto fail; - } - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - tool_bind( ld ); tool_server_controls( ld, NULL, 0 ); diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index d163850054..6b772a4de2 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -245,18 +245,6 @@ main( int argc, char *argv[] ) newpw.bv_len = strlen( newpw.bv_val ); } - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) { - rc = EXIT_FAILURE; - goto done; - } - - } else if ( want_bindpw ) { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index b1b3bf72aa..c1f76f719a 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -909,16 +909,6 @@ main( int argc, char **argv ) ld = tool_conn_setup( 0, &private_conn_setup ); - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) return EXIT_FAILURE; - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - tool_bind( ld ); getNextPage: diff --git a/clients/tools/ldapwhoami.c b/clients/tools/ldapwhoami.c index 006d401245..5942fec16a 100644 --- a/clients/tools/ldapwhoami.c +++ b/clients/tools/ldapwhoami.c @@ -129,16 +129,6 @@ main( int argc, char *argv[] ) usage(); } - if ( pw_file || want_bindpw ) { - if ( pw_file ) { - rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) return EXIT_FAILURE; - } else { - passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); - passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; - } - } - ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); -- 2.39.5