[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Thu Nov 8 13:25:02 MST 2012 

The branch, master has been updated
       via  50d47fc s3fs-client: Burn commandline password of client utils.
       via  c51abb3 s3fs-popt: Add function to burn the commandline password.
      from  d236709 Remove two unused variables

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 50d47fc0816c842717a5c0bfb3c0863d99eed78c
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Nov 6 09:27:43 2012 +0100

    s3fs-client: Burn commandline password of client utils.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Thu Nov  8 21:24:21 CET 2012 on sn-devel-104

commit c51abb35dfff86cb503d36a844184f7a95f29cdb
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Nov 6 09:27:42 2012 +0100

    s3fs-popt: Add function to burn the commandline password.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/client/client.c       |    2 +
 source3/include/popt_common.h |    1 +
 source3/lib/popt_common.c     |   47 +++++++++++++++++++++++++++++++++++++++++
 source3/rpcclient/rpcclient.c |    1 +
 source3/utils/net.c           |    2 +
 source3/utils/smbcacls.c      |    2 +
 source3/utils/smbcquotas.c    |    2 +
 source3/utils/smbtree.c       |    1 +
 8 files changed, 58 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/client/client.c b/source3/client/client.c
index ab0e77f..f8cc27d 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -5408,6 +5408,7 @@ static int do_message_op(struct user_auth_info *a_info)
 						       poptGetArg(pc));
 		}
 
+
 		switch (opt) {
 		case 'M':
 			/* Messages are sent to NetBIOS name type 0x3
@@ -5555,6 +5556,7 @@ static int do_message_op(struct user_auth_info *a_info)
 	}
 
 	poptFreeContext(pc);
+	popt_burn_cmdline_password(argc, argv);
 
 	DEBUG(3,("Client started (version %s).\n", samba_version_string()));
 
diff --git a/source3/include/popt_common.h b/source3/include/popt_common.h
index 2125ed6..5266f36 100644
--- a/source3/include/popt_common.h
+++ b/source3/include/popt_common.h
@@ -49,5 +49,6 @@ extern const struct poptOption popt_common_dynconfig[];
 #define POPT_COMMON_OPTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_option, 0, "Common samba commandline config:", NULL },
 
 void popt_common_set_auth_info(struct user_auth_info *auth_info);
+void popt_burn_cmdline_password(int argc, char *argv[]);
 
 #endif /* _POPT_COMMON_H */
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index 94e551d..c072839 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -605,6 +605,53 @@ void popt_common_set_auth_info(struct user_auth_info *auth_info)
 	global_auth_info = auth_info;
 }
 
+/**
+ * @brief Burn the commandline password.
+ *
+ * This function removes the password from the command line so we
+ * don't leak the password e.g. in 'ps aux'.
+ *
+ * It should be called after processing the options and you should pass down
+ * argv from main().
+ *
+ * @param[in]  argc     The number of arguments.
+ *
+ * @param[in]  argv[]   The argument array we will find the array.
+ */
+void popt_burn_cmdline_password(int argc, char *argv[])
+{
+	bool found = false;
+	char *p = NULL;
+	int i, ulen = 0;
+
+	for (i = 0; i < argc; i++) {
+		p = argv[i];
+		if (strncmp(p, "-U", 2) == 0) {
+			ulen = 2;
+			found = true;
+		} else if (strncmp(p, "--user", 6) == 0) {
+			ulen = 6;
+			found = true;
+		}
+
+		if (found) {
+			if (p == NULL) {
+				return;
+			}
+
+			if (strlen(p) == ulen) {
+				continue;
+			}
+
+			p = strchr_m(p, '%');
+			if (p != NULL) {
+				memset(p, '\0', strlen(p));
+			}
+			found = false;
+		}
+	}
+}
+
 struct poptOption popt_common_credentials[] = {
 	{ NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE,
 	  (void *)popt_common_credentials_callback, 0,
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 0dad971..d204d7f 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -960,6 +960,7 @@ out_free:
 	}
 
 	poptFreeContext(pc);
+	popt_burn_cmdline_password(argc, argv);
 
 	if (!init_names()) {
 		result = 1;
diff --git a/source3/utils/net.c b/source3/utils/net.c
index 85fe2f6..465d2a0 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -945,6 +945,8 @@ static struct functable net_func[] = {
 		c->opt_password = getenv("PASSWD");
 	}
 
+	popt_burn_cmdline_password(argc, argv);
+
 	/* Failing to init the msg_ctx isn't a fatal error. Only
 	   root-level things (joining/leaving domains etc.) will be denied. */
 
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 7df4e48..d22e2f3 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -1371,6 +1371,7 @@ static struct cli_state *connect_one(struct user_auth_info *auth_info,
 	popt_common_set_auth_info(auth_info);
 
 	pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
+	popt_burn_cmdline_password(argc, argv);
 
 	poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: "
 		"'ACL:user:[ALLOWED|DENIED]/flags/permissions'");
@@ -1436,6 +1437,7 @@ static struct cli_state *connect_one(struct user_auth_info *auth_info,
 	}
 
 	poptFreeContext(pc);
+	popt_burn_cmdline_password(argc, argv);
 
 	string_replace(path,'/','\\');
 
diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c
index b962103..d248bbe 100644
--- a/source3/utils/smbcquotas.c
+++ b/source3/utils/smbcquotas.c
@@ -608,6 +608,7 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
 	popt_common_set_auth_info(smbcquotas_auth_info);
 
 	pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
+	popt_burn_cmdline_password(argc, argv);
 
 	poptSetOtherOptionHelp(pc, "//server1/share1");
 
@@ -689,6 +690,7 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
 	}
 
 	poptFreeContext(pc);
+	popt_burn_cmdline_password(argc, argv);
 
 	string_replace(path, '/', '\\');
 
diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c
index e2f109e..40b1f09 100644
--- a/source3/utils/smbtree.c
+++ b/source3/utils/smbtree.c
@@ -317,6 +317,7 @@ static bool print_tree(struct user_auth_info *user_info)
 						POPT_CONTEXT_KEEP_FIRST);
 	while(poptGetNextOpt(pc) != -1);
 	poptFreeContext(pc);
+	popt_burn_cmdline_password(argc, argv);
 
 	lp_load_global(get_dyn_CONFIGFILE());
 	load_interfaces();


-- 
Samba Shared Repository

More information about the samba-cvs mailing list