changeset 441:fdf06a5a54e4

Allow reading dbclient password from an environment var
author Matt Johnston <matt@ucc.asn.au>
date Sat, 17 Mar 2007 06:30:11 +0000
parents 91939c8c2572
children d82a2a44c684
files cli-auth.c options.h
diffstat 2 files changed, 17 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/cli-auth.c	Sun Feb 25 09:48:13 2007 +0000
+++ b/cli-auth.c	Sat Mar 17 06:30:11 2007 +0000
@@ -284,6 +284,15 @@
 char* getpass_or_cancel(char* prompt)
 {
 	char* password = NULL;
+	
+#ifdef DROPBEAR_PASSWORD_ENV
+    /* Password provided in an environment var */
+    password = getenv(DROPBEAR_PASSWORD_ENV);
+    if (password)
+    {
+        return password;
+    }
+#endif
 
 	password = getpass(prompt);
 
--- a/options.h	Sun Feb 25 09:48:13 2007 +0000
+++ b/options.h	Sat Mar 17 06:30:11 2007 +0000
@@ -140,6 +140,14 @@
 #define ENABLE_CLI_PUBKEY_AUTH
 #define ENABLE_CLI_INTERACT_AUTH
 
+/* This variable can be used to set a password for client
+ * authentication on the commandline. Beware of platforms
+ * that don't protect environment variables of processes etc. Also
+ * note that it will be provided for all "hidden" client-interactive
+ * style prompts - if you want something more sophisticated, use 
+ * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
+#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
+
 /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
  * a helper program for the ssh client. The helper program should be
  * specified in the SSH_ASKPASS environment variable, and dbclient