diff options
author | Gordon Ross <gwr@racktopsystems.com> | 2021-12-02 11:39:55 -0500 |
---|---|---|
committer | Toomas Soome <tsoome@me.com> | 2022-10-12 22:04:20 +0300 |
commit | de00d88e2173bf36f19125d522e5590c0f53cff0 (patch) | |
tree | 49d18c4d4223974f05b759e90bdf34375ecfd031 | |
parent | 374973c21804baf7ee038f3b1c3ee81a3613e0b3 (diff) | |
download | illumos-joyent-de00d88e2173bf36f19125d522e5590c0f53cff0.tar.gz |
15043 smbadm - need ability to read credentials from stdin
Reviewed by: Matt Barden <mbarden@tintri.com>
Approved by: Dan McDonald <danmcd@mnx.io>
-rw-r--r-- | usr/src/cmd/smbsrv/smbadm/smbadm.c | 90 |
1 files changed, 59 insertions, 31 deletions
diff --git a/usr/src/cmd/smbsrv/smbadm/smbadm.c b/usr/src/cmd/smbsrv/smbadm/smbadm.c index e55ea8633b..adf27b301f 100644 --- a/usr/src/cmd/smbsrv/smbadm/smbadm.c +++ b/usr/src/cmd/smbsrv/smbadm/smbadm.c @@ -21,6 +21,7 @@ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright 2019 Nexenta by DDN, Inc. All rights reserved. + * Copyright 2021 RackTop Systems, Inc. */ /* @@ -424,7 +425,7 @@ smbadm_confirm(const char *prompt, const char *dflt) } static boolean_t -smbadm_join_prompt(const char *domain) +smbadm_join_confirm(const char *domain) { (void) printf(gettext("After joining %s the smb service will be " "restarted automatically.\n"), domain); @@ -472,7 +473,7 @@ smbadm_join(int argc, char **argv) char *username = NULL; char *container = NULL; uint32_t mode = 0; - boolean_t do_prompt = B_TRUE; + boolean_t confirm = B_TRUE; char option; while ((option = getopt(argc, argv, "c:pu:wy")) != -1) { @@ -500,7 +501,7 @@ smbadm_join(int argc, char **argv) break; case 'y': - do_prompt = B_FALSE; + confirm = B_FALSE; break; default: @@ -528,9 +529,9 @@ smbadm_join(int argc, char **argv) } if (mode == SMB_SECMODE_WORKGRP) { - return (smbadm_join_workgroup(domain, do_prompt)); + return (smbadm_join_workgroup(domain, confirm)); } - return (smbadm_join_domain(domain, container, username, do_prompt)); + return (smbadm_join_domain(domain, container, username, confirm)); } /* @@ -539,7 +540,7 @@ smbadm_join(int argc, char **argv) * with no formal membership mechanism. */ static int -smbadm_join_workgroup(const char *workgroup, boolean_t prompt) +smbadm_join_workgroup(const char *workgroup, boolean_t confirm) { smb_joininfo_t jdi; smb_joinres_t jdres; @@ -556,7 +557,7 @@ smbadm_join_workgroup(const char *workgroup, boolean_t prompt) smbadm_usage(B_FALSE); } - if (prompt && !smbadm_join_prompt(jdi.domain_name)) + if (confirm && !smbadm_join_confirm(jdi.domain_name)) return (0); if ((status = smb_join(&jdi, &jdres)) != NT_STATUS_SUCCESS) { @@ -578,10 +579,11 @@ smbadm_join_workgroup(const char *workgroup, boolean_t prompt) * * The '+' character is invalid within a username. We allow the password * to be appended to the username using '+' as a scripting convenience. + * See details above smbadm_join() */ static int smbadm_join_domain(const char *domain, const char *container, - const char *username, boolean_t prompt) + const char *username, boolean_t confirm) { smb_joininfo_t jdi; smb_joinres_t jdres; @@ -609,40 +611,48 @@ smbadm_join_domain(const char *domain, const char *container, smbadm_usage(B_FALSE); } - if (prompt && !smbadm_join_prompt(jdi.domain_name)) + if (confirm && !smbadm_join_confirm(jdi.domain_name)) return (0); /* * Note: username is null for "unsecure join" * (join using a pre-created computer account) - * No password either. + * Not implemented. */ - if (username != NULL) { - if ((p = strchr(username, '+')) != NULL) { - ++p; + if (username == NULL) { + (void) fprintf(stderr, + gettext("username missing\n")); + smbadm_usage(B_FALSE); + } - len = (int)(p - username); - if (len > sizeof (jdi.domain_name)) - len = sizeof (jdi.domain_name); + /* + * Check for "username+password" as described above. + */ + if ((p = strchr(username, '+')) != NULL) { + ++p; - (void) strlcpy(jdi.domain_username, username, len); - (void) strlcpy(jdi.domain_passwd, p, - sizeof (jdi.domain_passwd)); - } else { - (void) strlcpy(jdi.domain_username, username, - sizeof (jdi.domain_username)); - } + len = (int)(p - username); + if (len > sizeof (jdi.domain_name)) + len = sizeof (jdi.domain_name); - if (smb_name_validate_account(jdi.domain_username) - != ERROR_SUCCESS) { - (void) fprintf(stderr, - gettext("username contains invalid characters\n")); - smbadm_usage(B_FALSE); - } + (void) strlcpy(jdi.domain_username, username, len); + (void) strlcpy(jdi.domain_passwd, p, + sizeof (jdi.domain_passwd)); + } else { + (void) strlcpy(jdi.domain_username, username, + sizeof (jdi.domain_username)); + } - if (*jdi.domain_passwd == '\0') { - passwd_prompt = gettext("Enter domain password: "); + if (smb_name_validate_account(jdi.domain_username) + != ERROR_SUCCESS) { + (void) fprintf(stderr, + gettext("username contains invalid characters\n")); + smbadm_usage(B_FALSE); + } + if (*jdi.domain_passwd == '\0') { + if (isatty(fileno(stdin))) { + passwd_prompt = gettext("Enter domain password: "); if ((p = getpassphrase(passwd_prompt)) == NULL) { (void) fprintf(stderr, gettext( "missing password\n")); @@ -651,6 +661,24 @@ smbadm_join_domain(const char *domain, const char *container, (void) strlcpy(jdi.domain_passwd, p, sizeof (jdi.domain_passwd)); + } else { + /* Just read from stdin, no prompt. */ + char *pbuf = NULL; + size_t pblen = 0; + len = getline(&pbuf, &pblen, stdin); + + /* trim the ending newline if it exists */ + if (len > 0 && pbuf[len - 1] == '\n') { + pbuf[len - 1] = '\0'; + len--; + } + if (len <= 0) { + (void) fprintf(stderr, gettext( + "missing password\n")); + smbadm_usage(B_FALSE); + } + (void) strlcpy(jdi.domain_passwd, pbuf, + sizeof (jdi.domain_passwd)); } } |