return cmdline_creds;
}
+void samba_cmdline_burn(int argc, char *argv[])
+{
+ bool found = false;
+ bool is_user = false;
+ char *p = NULL;
+ int i, ulen = 0;
+
+ for (i = 0; i < argc; i++) {
+ p = argv[i];
+ if (p == NULL) {
+ return;
+ }
+
+ if (strncmp(p, "-U", 2) == 0) {
+ ulen = 2;
+ found = true;
+ is_user = true;
+ } else if (strncmp(p, "--user", 6) == 0) {
+ ulen = 6;
+ found = true;
+ is_user = true;
+ } else if (strncmp(p, "--password", 10) == 0) {
+ ulen = 10;
+ found = true;
+ }
+
+ if (found) {
+ char *q = NULL;
+
+ if (strlen(p) == ulen) {
+ continue;
+ }
+
+ if (is_user) {
+ q = strchr_m(p, '%');
+ if (q != NULL) {
+ p = q;
+ }
+ } else {
+ p += ulen;
+ }
+
+ memset_s(p, strlen(p), '\0', strlen(p));
+ found = false;
+ is_user = false;
+ }
+ }
+}
+
/**********************************************************
* COMMON SAMBA POPT
**********************************************************/
*/
struct poptOption *samba_cmdline_get_popt(enum smb_cmdline_popt_options opt);
+/**
+ * @brief Burn secrets on the command line.
+ *
+ * This function removes secrets from the command line so we don't leak e.g.
+ * passwords on 'ps aux' output.
+ *
+ * It should be called after processing the options and you should pass down
+ * argv from main().
+ *
+ * @param[in] argc The number of arguments.
+ *
+ * @param[in] argv[] The argument array we will find the array.
+ */
+void samba_cmdline_burn(int argc, char *argv[]);
+
/**
* @brief A popt structure for common samba options.
*/
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * Copyright (C) 2018-2019 Andreas Schneider <asn@samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include "lib/cmdline/cmdline.h"
+
+static void torture_cmdline_burn(void **state)
+{
+ char arg1[] = "-U Administrator%secret";
+ char arg2[] = "--user=Administrator%secret";
+ char arg3[] = "--user=Administrator%super%secret";
+ char arg4[] = "--password=super%secret";
+
+ char *argv[] = { arg1, arg2, arg3, arg4, NULL };
+ int argc = 4;
+
+ samba_cmdline_burn(argc, argv);
+
+ assert_string_equal(arg1, "-U Administrator");
+ assert_string_equal(arg2, "--user=Administrator");
+ assert_string_equal(arg3, "--user=Administrator");
+ assert_string_equal(arg4, "--password");
+}
+
+int main(int argc, char *argv[])
+{
+ int rc;
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(torture_cmdline_burn),
+ };
+
+ if (argc == 2) {
+ cmocka_set_test_filter(argv[1]);
+ }
+ cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+
+ rc = cmocka_run_group_tests(tests, NULL, NULL);
+
+ return rc;
+}
git.samba.org / samba.git / commitdiff