[SCM] Samba Shared Repository - branch master updated

Thu, 08 Nov 2012 12:27:42 -0800 

The branch, master has been updated
       via  50d47fc s3fs-client: Burn commandline password of client utils.
       via  c51abb3 s3fs-popt: Add function to burn the commandline password.
      from  d236709 Remove two unused variables

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 50d47fc0816c842717a5c0bfb3c0863d99eed78c
Author: Andreas Schneider <a...@samba.org>
Date:   Tue Nov 6 09:27:43 2012 +0100

    s3fs-client: Burn commandline password of client utils.
    
    Signed-off-by: Andreas Schneider <a...@samba.org>
    Reviewed by: Jeremy Allison <j...@samba.org>
    
    Autobuild-User(master): Jeremy Allison <j...@samba.org>
    Autobuild-Date(master): Thu Nov  8 21:24:21 CET 2012 on sn-devel-104

commit c51abb35dfff86cb503d36a844184f7a95f29cdb
Author: Andreas Schneider <a...@samba.org>
Date:   Tue Nov 6 09:27:42 2012 +0100

    s3fs-popt: Add function to burn the commandline password.
    
    Signed-off-by: Andreas Schneider <a...@samba.org>
    Reviewed by: Jeremy Allison <j...@samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/client/client.c       |    2 +
 source3/include/popt_common.h |    1 +
 source3/lib/popt_common.c     |   47 +++++++++++++++++++++++++++++++++++++++++
 source3/rpcclient/rpcclient.c |    1 +
 source3/utils/net.c           |    2 +
 source3/utils/smbcacls.c      |    2 +
 source3/utils/smbcquotas.c    |    2 +
 source3/utils/smbtree.c       |    1 +
 8 files changed, 58 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/client/client.c b/source3/client/client.c
index ab0e77f..f8cc27d 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -5408,6 +5408,7 @@ static int do_message_op(struct user_auth_info *a_info)
                                                       poptGetArg(pc));
                }
 
+
                switch (opt) {
                case 'M':
                        /* Messages are sent to NetBIOS name type 0x3
@@ -5555,6 +5556,7 @@ static int do_message_op(struct user_auth_info *a_info)
        }
 
        poptFreeContext(pc);
+       popt_burn_cmdline_password(argc, argv);
 
        DEBUG(3,("Client started (version %s).\n", samba_version_string()));
 
diff --git a/source3/include/popt_common.h b/source3/include/popt_common.h
index 2125ed6..5266f36 100644
--- a/source3/include/popt_common.h
+++ b/source3/include/popt_common.h
@@ -49,5 +49,6 @@ extern const struct poptOption popt_common_dynconfig[];
 #define POPT_COMMON_OPTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, 
popt_common_option, 0, "Common samba commandline config:", NULL },
 
 void popt_common_set_auth_info(struct user_auth_info *auth_info);
+void popt_burn_cmdline_password(int argc, char *argv[]);
 
 #endif /* _POPT_COMMON_H */
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index 94e551d..c072839 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -605,6 +605,53 @@ void popt_common_set_auth_info(struct user_auth_info 
*auth_info)
        global_auth_info = auth_info;
 }
 
+/**
+ * @brief Burn the commandline password.
+ *
+ * This function removes the password from the command line so we
+ * don't leak the password e.g. in 'ps aux'.
+ *
+ * It should be called after processing the options and you should pass down
+ * argv from main().
+ *
+ * @param[in]  argc     The number of arguments.
+ *
+ * @param[in]  argv[]   The argument array we will find the array.
+ */
+void popt_burn_cmdline_password(int argc, char *argv[])
+{
+       bool found = false;
+       char *p = NULL;
+       int i, ulen = 0;
+
+       for (i = 0; i < argc; i++) {
+               p = argv[i];
+               if (strncmp(p, "-U", 2) == 0) {
+                       ulen = 2;
+                       found = true;
+               } else if (strncmp(p, "--user", 6) == 0) {
+                       ulen = 6;
+                       found = true;
+               }
+
+               if (found) {
+                       if (p == NULL) {
+                               return;
+                       }
+
+                       if (strlen(p) == ulen) {
+                               continue;
+                       }
+
+                       p = strchr_m(p, '%');
+                       if (p != NULL) {
+                               memset(p, '\0', strlen(p));
+                       }
+                       found = false;
+               }
+       }
+}
+
 struct poptOption popt_common_credentials[] = {
        { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE,
          (void *)popt_common_credentials_callback, 0,
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 0dad971..d204d7f 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -960,6 +960,7 @@ out_free:
        }
 
        poptFreeContext(pc);
+       popt_burn_cmdline_password(argc, argv);
 
        if (!init_names()) {
                result = 1;
diff --git a/source3/utils/net.c b/source3/utils/net.c
index 85fe2f6..465d2a0 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -945,6 +945,8 @@ static struct functable net_func[] = {
                c->opt_password = getenv("PASSWD");
        }
 
+       popt_burn_cmdline_password(argc, argv);
+
        /* Failing to init the msg_ctx isn't a fatal error. Only
           root-level things (joining/leaving domains etc.) will be denied. */
 
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 7df4e48..d22e2f3 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -1371,6 +1371,7 @@ static struct cli_state *connect_one(struct 
user_auth_info *auth_info,
        popt_common_set_auth_info(auth_info);
 
        pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
+       popt_burn_cmdline_password(argc, argv);
 
        poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: "
                "'ACL:user:[ALLOWED|DENIED]/flags/permissions'");
@@ -1436,6 +1437,7 @@ static struct cli_state *connect_one(struct 
user_auth_info *auth_info,
        }
 
        poptFreeContext(pc);
+       popt_burn_cmdline_password(argc, argv);
 
        string_replace(path,'/','\\');
 
diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c
index b962103..d248bbe 100644
--- a/source3/utils/smbcquotas.c
+++ b/source3/utils/smbcquotas.c
@@ -608,6 +608,7 @@ 
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
        popt_common_set_auth_info(smbcquotas_auth_info);
 
        pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
+       popt_burn_cmdline_password(argc, argv);
 
        poptSetOtherOptionHelp(pc, "//server1/share1");
 
@@ -689,6 +690,7 @@ 
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
        }
 
        poptFreeContext(pc);
+       popt_burn_cmdline_password(argc, argv);
 
        string_replace(path, '/', '\\');
 
diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c
index e2f109e..40b1f09 100644
--- a/source3/utils/smbtree.c
+++ b/source3/utils/smbtree.c
@@ -317,6 +317,7 @@ static bool print_tree(struct user_auth_info *user_info)
                                                POPT_CONTEXT_KEEP_FIRST);
        while(poptGetNextOpt(pc) != -1);
        poptFreeContext(pc);
+       popt_burn_cmdline_password(argc, argv);
 
        lp_load_global(get_dyn_CONFIGFILE());
        load_interfaces();


-- 
Samba Shared Repository

Reply via email to