Allow to read the password from a file with -y

Pointed out by Tim Chase

OK rob@ gsoares@ jmc@

2 files changed, 50 insertions, 11 deletions

diff --git a/usr.bin/ldap/ldap.1 b/usr.bin/ldap/ldap.1
index a24aa5bff9f..ae9d169b569 100644
--- a/usr.bin/ldap/ldap.1
+++ b/usr.bin/ldap/ldap.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ldap.1,v 1.5 2018/06/17 23:12:48 jmc Exp $
+.\" $OpenBSD: ldap.1,v 1.6 2018/06/26 09:47:20 reyk Exp $
 .\"
 .\" Copyright (c) 2018 Reyk Floeter <reyk@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 17 2018 $
+.Dd $Mdocdate: June 26 2018 $
 .Dt LDAP 1
 .Os
 .Sh NAME
@@ -31,6 +31,7 @@
 .Op Fl l Ar timelimit
 .Op Fl s Ar scope
 .Op Fl w Ar secret
+.Op Fl y Ar secretfile
 .Op Fl z Ar sizelimit
 .Op Ar arguments ...
 .Sh DESCRIPTION
@@ -82,9 +83,11 @@ The LDAP URL is described in RFC 4516 with the following format:
 .Op Ar protocol No ://
 .Ar host Op : Ar port
 .Oo / basedn
-.Op ? Ar attribute , ...
-.Op ? Ar scope
-.Op ? Ar filter
+.Oo ? Op Ar attribute , ...
+.Oo ? Op Ar scope
+.Op ? Op Ar filter
+.Oc
+.Oc
 .Oc
 .Sm on
 .Pp
@@ -152,6 +155,13 @@ Use simple authentication.
 This is the default as
 .Nm
 does not support SASL authentication.
+.It Fl y Ar secretfile
+Read the bind secret from the first line of the specified file or from
+standard input if the
+.Ar secretfile
+argument is
+.Sq - .
+The file must not be world-readable if it is a regular file.
 .It Fl Z
 Enable TLS using the StartTLS operation.
 .It Fl z Ar sizelimit
diff --git a/usr.bin/ldap/ldapclient.c b/usr.bin/ldap/ldapclient.c
index 4058d3d7242..c203461bc82 100644
--- a/usr.bin/ldap/ldapclient.c
+++ b/usr.bin/ldap/ldapclient.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ldapclient.c,v 1.1 2018/06/13 15:45:58 reyk Exp $	*/
+/*	$OpenBSD: ldapclient.c,v 1.2 2018/06/26 09:47:20 reyk Exp $	*/
 
 /*
  * Copyright (c) 2018 Reyk Floeter <reyk@openbsd.org>
@@ -19,6 +19,7 @@
 #include <sys/param.h>
 #include <sys/queue.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/tree.h>
 #include <sys/un.h>
 
@@ -55,6 +56,7 @@
 #define LDAPHOST	"localhost"
 #define LDAPFILTER	"(objectClass=*)"
 #define LDIF_LINELENGTH	79
+#define LDAPPASSMAX	1024
 
 struct ldapc {
 	struct aldap		*ldap_al;
@@ -95,8 +97,8 @@ usage(void)
 
 	fprintf(stderr,
 "usage: %s search [-LvxZ] [-b basedn] [-c capath] [-D binddn] [-H host]\n"
-"                   [-l timelimit] [-s scope] [-w secret|-W] [-z sizelimit]\n"
-"                   [filter] [attributes ...]\n",
+"                   [-l timelimit] [-s scope] [-w secret|-W] [-y secretfile]\n"
+"                   [-z sizelimit] [filter] [attributes ...]\n",
 	    __progname);
 
 	exit(1);
@@ -105,12 +107,14 @@ usage(void)
 int
 main(int argc, char *argv[])
 {
-	char			 passbuf[BUFSIZ];
-	const char		*errstr, *url = NULL;
+	char			 passbuf[LDAPPASSMAX];
+	const char		*errstr, *url = NULL, *secretfile = NULL;
+	struct stat		 st;
 	struct ldapc		 ldap;
 	struct ldapc_search	 ls;
 	int			 ch;
 	int			 verbose = 1;
+	FILE			*fp;
 
 	if (pledge("stdio inet unix tty rpath dns", NULL) == -1)
 		err(1, "pledge");
@@ -135,7 +139,7 @@ main(int argc, char *argv[])
 	argc--;
 	argv++;
 
-	while ((ch = getopt(argc, argv, "b:c:D:H:Ll:s:vWw:xZz:")) != -1) {
+	while ((ch = getopt(argc, argv, "b:c:D:H:Ll:s:vWw:xy:Zz:")) != -1) {
 		switch (ch) {
 		case 'b':
 			ls.ls_basedn = optarg;
@@ -182,6 +186,10 @@ main(int argc, char *argv[])
 		case 'x':
 			/* provided for compatibility */
 			break;
+		case 'y':
+			secretfile = optarg;
+			ldap.ldap_flags |= F_NEEDAUTH;
+			break;
 		case 'Z':
 			ldap.ldap_flags |= F_STARTTLS;
 			break;
@@ -225,6 +233,27 @@ main(int argc, char *argv[])
 			log_warnx("missing -D binddn");
 			usage();
 		}
+		if (secretfile != NULL) {
+			if (ldap.ldap_secret != NULL)
+				errx(1, "conflicting -w/-y options");
+
+			/* read password from stdin or file (first line) */
+			if (strcmp(secretfile, "-") == 0)
+				fp = stdin;
+			else if (stat(secretfile, &st) == -1)
+				err(1, "failed to access %s", secretfile);
+			else if (S_ISREG(st.st_mode) && (st.st_mode & S_IROTH))
+				errx(1, "%s is world-readable", secretfile);
+			else if ((fp = fopen(secretfile, "r")) == NULL)
+				err(1, "failed to open %s", secretfile);
+			if (fgets(passbuf, sizeof(passbuf), fp) == NULL)
+				err(1, "failed to read %s", secretfile);
+			if (fp != stdin)
+				fclose(fp);
+
+			passbuf[strcspn(passbuf, "\n")] = '\0';
+			ldap.ldap_secret = passbuf;
+		}
 		if (ldap.ldap_secret == NULL) {
 			if (readpassphrase("Password: ",
 			    passbuf, sizeof(passbuf), RPP_REQUIRE_TTY) == NULL)