upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-03 20:40:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix password handling for SASL

Browse source
This commit is contained in:
Kurt Zeilenga 2000-05-16 02:16:54 +00:00
parent ebfe58344c
commit 9267700fb9
4 changed files with 57 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
clients/tools/ldapdelete.c
View file

@ -20,7 +20,7 @@
#include <ldap.h>
static char *binddn = NULL;
static char *passwd = NULL;
static struct berval passwd = { 0, NULL};
static char *ldaphost = NULL;
static int ldapport = 0;
static int prune = 0;
@ -119,7 +119,7 @@ main( int argc, char **argv )
binddn = strdup( optarg );
break;
case 'w': /* password */
passwd = strdup( optarg );
passwd.bv_val = strdup( optarg );
{
char* p;
@ -127,6 +127,7 @@ main( int argc, char **argv )
*p = '*';
}
}
passwd.bv_len = strlen( passwd.bv_val );
break;
case 'f': /* read DNs from a file */
if (( fp = fopen( optarg, "r" )) == NULL ) {
@ -317,7 +318,8 @@ main( int argc, char **argv )
}
if (want_bindpw)
passwd = getpass("Enter LDAP Password: ");
passwd.bv_val = getpass("Enter LDAP Password: ");
passwd.bv_len = strlen( passwd.bv_val );
if ( authmethod == LDAP_AUTH_SASL ) {
#ifdef HAVE_CYRUS_SASL
@ -345,10 +347,13 @@ main( int argc, char **argv )
return( EXIT_FAILURE );
}
if ( ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech, NULL, NULL, NULL )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_sasl_bind" );
rc = ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech,
passwd.bv_len ? &passwd : NULL,
NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_negotiated_sasl_bind_s" );
return( EXIT_FAILURE );
}
#else
@ -358,7 +363,7 @@ main( int argc, char **argv )
#endif
}
else {
if ( ldap_bind_s( ld, binddn, passwd, authmethod )
if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
return( EXIT_FAILURE );

21
clients/tools/ldapmodify.c
View file

@ -35,7 +35,7 @@
static char *prog;
static char *binddn = NULL;
static char *passwd = NULL;
static struct berval passwd = { 0, NULL};
static char *ldaphost = NULL;
static int ldapport = 0;
#ifdef HAVE_CYRUS_SASL
@ -184,7 +184,7 @@ main( int argc, char **argv )
binddn = strdup( optarg );
break;
case 'w': /* password */
passwd = strdup( optarg );
passwd.bv_val = strdup( optarg );
{
char* p;
@ -192,6 +192,7 @@ main( int argc, char **argv )
*p = '*';
}
}
passwd.bv_len = strlen( passwd.bv_val );
break;
case 'd':
debug |= atoi( optarg );
@ -381,7 +382,8 @@ main( int argc, char **argv )
}
if (want_bindpw)
passwd = getpass("Enter LDAP Password: ");
passwd.bv_val = getpass("Enter LDAP Password: ");
passwd.bv_len = strlen( passwd.bv_val );
if ( authmethod == LDAP_AUTH_SASL ) {
#ifdef HAVE_CYRUS_SASL
@ -409,10 +411,13 @@ main( int argc, char **argv )
return( EXIT_FAILURE );
}
if ( ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech, NULL, NULL, NULL )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_sasl_bind" );
rc = ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech,
passwd.bv_len ? &passwd : NULL,
NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_negotiated_sasl_bind_s" );
return( EXIT_FAILURE );
}
#else
@ -422,7 +427,7 @@ main( int argc, char **argv )
#endif
}
else {
if ( ldap_bind_s( ld, binddn, passwd, authmethod )
if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
return( EXIT_FAILURE );

21
clients/tools/ldapmodrdn.c
View file

@ -32,7 +32,7 @@
#include <ldap.h>
static char *binddn = NULL;
static char *passwd = NULL;
static struct berval passwd = { 0, NULL};
static char *ldaphost = NULL;
static int ldapport = 0;
#ifdef HAVE_CYRUS_SASL
@ -138,7 +138,7 @@ main(int argc, char **argv)
version = LDAP_VERSION3; /* This option => force V3 */
break;
case 'w': /* password */
passwd = strdup( optarg );
passwd.bv_val = strdup( optarg );
{
char* p;
@ -146,6 +146,7 @@ main(int argc, char **argv)
*p = '*';
}
}
passwd.bv_len = strlen( passwd.bv_val );
break;
case 'd':
debug |= atoi( optarg );
@ -364,7 +365,8 @@ main(int argc, char **argv)
}
if (want_bindpw)
passwd = getpass("Enter LDAP Password: ");
passwd.bv_val = getpass("Enter LDAP Password: ");
passwd.bv_len = strlen( passwd.bv_val );
if ( authmethod == LDAP_AUTH_SASL ) {
#ifdef HAVE_CYRUS_SASL
@ -392,10 +394,13 @@ main(int argc, char **argv)
return( EXIT_FAILURE );
}
if ( ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech, NULL, NULL, NULL )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_sasl_bind" );
rc = ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech,
passwd.bv_len ? &passwd : NULL,
NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_negotiated_sasl_bind_s" );
return( EXIT_FAILURE );
}
#else
@ -405,7 +410,7 @@ main(int argc, char **argv)
#endif
}
else {
if ( ldap_bind_s( ld, binddn, passwd, authmethod )
if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
return( EXIT_FAILURE );

29
clients/tools/ldappasswd.c
View file

@ -64,7 +64,7 @@ main( int argc, char *argv[] )
char *dn = NULL;
char *binddn = NULL;
char *bindpw = NULL;
struct berval passwd = { 0, NULL};
char *newpw = NULL;
char *oldpw = NULL;
@ -158,8 +158,7 @@ main( int argc, char *argv[] )
break;
case 'w': /* bind password */
bindpw = strdup (optarg);
passwd.bv_val = strdup (optarg);
{
char* p;
@ -167,6 +166,7 @@ main( int argc, char *argv[] )
*p = '*';
}
}
passwd.bv_len = strlen( passwd.bv_val );
break;
case 'I':
@ -271,13 +271,17 @@ main( int argc, char *argv[] )
binddn = dn;
dn = NULL;
if( bindpw == NULL ) bindpw = oldpw;
if( passwd.bv_val == NULL ) {
passwd.bv_val = oldpw;
passwd.bv_len = oldpw == NULL ? 0 : strlen( oldpw );
}
}
if (want_bindpw && bindpw == NULL ) {
if (want_bindpw && passwd.bv_val == NULL ) {
/* handle bind password */
fprintf( stderr, "Bind DN: %s\n", binddn );
bindpw = strdup( getpass("Enter bind password: "));
passwd.bv_val = strdup( getpass("Enter bind password: "));
passwd.bv_len = strlen( passwd.bv_val );
}
if ( debug ) {
@ -343,10 +347,13 @@ main( int argc, char *argv[] )
return( EXIT_FAILURE );
}
if ( ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech, NULL, NULL, NULL )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_sasl_bind" );
rc = ldap_negotiated_sasl_bind_s( ld, binddn, sasl_authc_id,
sasl_authz_id, sasl_mech,
bindpw.bv_len ? &bindpw : NULL,
NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_negotiated_sasl_bind_s" );
return( EXIT_FAILURE );
}
#else
@ -356,7 +363,7 @@ main( int argc, char *argv[] )
#endif
}
else {
if ( ldap_bind_s( ld, binddn, bindpw, authmethod )
if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod )
!= LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
return( EXIT_FAILURE );