[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slappasswd: read password from stdin (ITS#2411)
Given that if you leave off the -s, slappasswd will
gladly prompt for a password, why is this needed?
In looking at the code, I noticed it didn't support
password files like the LDAP client tools (-y). I've
added support for this.
Kurt
At 12:57 PM 3/30/2003, rb@debian.org wrote:
>Full_Name: Roland Bauerschmidt
>Version: 2.1.16
>OS: Debian GNU/Linux unstable
>URL:
>Submission from: (NULL) (213.183.162.243)
>
>
>The following patch adds the -S option to slappasswd so that passwords can be
>passed through stdin. In comparison with -s, the password will not be exposed in
>the process list this way.
>
>--- slappasswd.c.orig 2003-03-30 22:23:20.000000000 +0200
>+++ slappasswd.c 2003-03-30 22:52:57.000000000 +0200
>@@ -31,6 +31,7 @@
> "Usage: %s [options]\n"
> " -h hash\tpassword scheme\n"
> " -s secret\tnew password\n"
>+ " -S\t\tread password from stdin\n"
> " -c format\tcrypt(3) salt format\n"
> " -u\t\tgenerate RFC2307 values (default)\n"
> " -v\t\tincrease verbosity\n"
>@@ -50,7 +51,7 @@
> struct berval *hash = NULL;
>
> while( (i = getopt( argc, argv,
>- "c:d:h:s:vu" )) != EOF )
>+ "c:d:h:s:Svu" )) != EOF )
> {
> switch (i) {
> case 'c': /* crypt salt format */
>@@ -73,6 +74,24 @@
>
> } break;
>
>+ case 'S': /* read password from stdin */
>+ {
>+ char* p;
>+ size_t pos;
>+
>+ newpw = malloc(256);
>+ if( newpw == NULL ) {
>+ fprintf( stderr, "Memory allocation
>failed.\n" );
>+ return EXIT_FAILURE;
>+ }
>+ newpw = fgets( newpw, 256, stdin );
>+
>+ /* chop newline */
>+ pos = strlen( newpw ) - 1;
>+ if( newpw[pos] == '\n' )
>+ newpw[pos] = '\0';
>+ } break;
>+
> case 'u': /* RFC2307 userPassword */
> break;