root/source4/lib/cmdline/popt_credentials.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. popt_common_dont_ask
  2. popt_common_credentials_callback

   1 /* 
   2    Unix SMB/CIFS implementation.
   3    Credentials popt routines
   4 
   5    Copyright (C) Jelmer Vernooij 2002,2003,2005
   6 
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11    
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16    
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20 
  21 #include "includes.h"
  22 #include "lib/cmdline/popt_common.h"
  23 #include "lib/cmdline/credentials.h"
  24 #include "auth/credentials/credentials.h"
  25 #include "auth/gensec/gensec.h"
  26 #include "param/param.h"
  27 
  28 /* Handle command line options:
  29  *              -U,--user
  30  *              -A,--authentication-file
  31  *              -k,--use-kerberos
  32  *              -N,--no-pass
  33  *              -S,--signing
  34  *              -P --machine-pass
  35  *                 --simple-bind-dn
  36  *                 --password
  37  */
  38 
  39 
  40 static bool dont_ask;
  41 
  42 enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS };
  43 
  44 /*
  45   disable asking for a password
  46 */
  47 void popt_common_dont_ask(void)
     /* [<][>][^][v][top][bottom][index][help] */
  48 {
  49         dont_ask = true;
  50 }
  51 
  52 static void popt_common_credentials_callback(poptContext con, 
     /* [<][>][^][v][top][bottom][index][help] */
  53                                                 enum poptCallbackReason reason,
  54                                                 const struct poptOption *opt,
  55                                                 const char *arg, const void *data)
  56 {
  57         if (reason == POPT_CALLBACK_REASON_PRE) {
  58                 cmdline_credentials = cli_credentials_init(talloc_autofree_context());
  59                 return;
  60         }
  61         
  62         if (reason == POPT_CALLBACK_REASON_POST) {
  63                 cli_credentials_guess(cmdline_credentials, cmdline_lp_ctx);
  64 
  65                 if (!dont_ask) {
  66                         cli_credentials_set_cmdline_callbacks(cmdline_credentials);
  67                 }
  68                 return;
  69         }
  70 
  71         switch(opt->val) {
  72         case 'U':
  73         {
  74                 char *lp;
  75                 
  76                 cli_credentials_parse_string(cmdline_credentials, arg, CRED_SPECIFIED);
  77                 /* This breaks the abstraction, including the const above */
  78                 if ((lp=strchr_m(arg,'%'))) {
  79                         lp[0]='\0';
  80                         lp++;
  81                         /* Try to prevent this showing up in ps */
  82                         memset(lp,0,strlen(lp));
  83                 }
  84         }
  85         break;
  86 
  87         case OPT_PASSWORD:
  88                 cli_credentials_set_password(cmdline_credentials, arg, CRED_SPECIFIED);
  89                 /* Try to prevent this showing up in ps */
  90                 memset(discard_const(arg),0,strlen(arg));
  91                 break;
  92 
  93         case 'A':
  94                 cli_credentials_parse_file(cmdline_credentials, arg, CRED_SPECIFIED);
  95                 break;
  96 
  97         case 'P':
  98                 /* Later, after this is all over, get the machine account details from the secrets.ldb */
  99                 cli_credentials_set_machine_account_pending(cmdline_credentials, cmdline_lp_ctx);
 100                 break;
 101 
 102         case OPT_KERBEROS:
 103         {
 104                 bool use_kerberos = true;
 105                 /* Force us to only use kerberos */
 106                 if (arg) {
 107                         if (!set_boolean(arg, &use_kerberos)) {
 108                                 fprintf(stderr, "Error parsing -k %s\n", arg);
 109                                 exit(1);
 110                                 break;
 111                         }
 112                 }
 113                 
 114                 cli_credentials_set_kerberos_state(cmdline_credentials, 
 115                                                    use_kerberos 
 116                                                    ? CRED_MUST_USE_KERBEROS
 117                                                    : CRED_DONT_USE_KERBEROS);
 118                 break;
 119         }
 120                 
 121         case OPT_SIMPLE_BIND_DN:
 122                 cli_credentials_set_bind_dn(cmdline_credentials, arg);
 123                 break;
 124         }
 125 }
 126 
 127 
 128 
 129 struct poptOption popt_common_credentials[] = {
 130         { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_credentials_callback },
 131         { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "[DOMAIN/]USERNAME[%PASSWORD]" },
 132         { "no-pass", 'N', POPT_ARG_NONE, &dont_ask, 'N', "Don't ask for a password" },
 133         { "password", 0, POPT_ARG_STRING, NULL, OPT_PASSWORD, "Password" },
 134         { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
 135         { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password (implies -k)" },
 136         { "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" },
 137         { "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos" },
 138         { NULL }
 139 };

/* [<][>][^][v][top][bottom][index][help] */