Include patch (modified) from Leigh Wedding for reading

username/password from a file git-svn-id: https://proxytunnel.svn.sourceforge.net/svnroot/proxytunnel/trunk/proxytunnel@163 bc163920-b10d-0410-b2c5-a5491ca2ceef
2026-01-23 02:34:59 +00:00 · 2007-07-30 09:41:34 +00:00 · 2007-07-30 09:41:34 +00:00 · a22c01cb27
commit a22c01cb27
parent d7d62ee6a4
4 changed files with 118 additions and 24 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+Changes to proxytunnel version 1.8.0 -- TBD
+
+- Added passfile options to read username/password from a file
+- Moved manual-page from debian/ to / in source-tree
+
 Changes to proxytunnel version 1.7.2 -- Mon Jul 30 10:18:26 CEST 2007

 - Fixed buffer/malloc issue
--- a/1
+++ b/1
@ -12,6 +12,7 @@ people.
 	Andrew Griffiths <nullptr@tasmail.com>	- String format fixes
 	Dieter Heiliger <dieter.heiliger@gmx.de>- User-agent header idea
 	Fred Donck <fd0@donck.com>		- User/Pass Env Vars
+	Leigh.Wedding @ telstra.com		- User/Pass from file
 	Paul Solomon <psolomon@tpg.com.au>	- NTLM support
 	Joerg Wunsch <j@uriah.heep.sax.de>	- Password prompt suggestion
 	Roberto Veldhoven at atosorigin.com	- Tandem compile fix
--- a/cmdline.c
+++ b/cmdline.c
@ -20,6 +20,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 #include <unistd.h>
 #include "config.h"
 #include "proxytunnel.h"
@ -31,6 +35,7 @@
 #endif

 #include "cmdline.h"
+static char *getCredentialsFromFile( const char* filename, char **user, char **pwd);

 void
 cmdline_parser_print_version (void)
@ -71,6 +76,7 @@ cmdline_parser_print_help (void)
 "   -s STRING  --pass=STRING       Password to send to HTTPS proxy for auth\n"
 "   -U STRING  --uservar=STRING    Env var with Username for HTTPS proxy auth\n"
 "   -S STRING  --passvar=STRING    Env var with Password for HTTPS proxy auth\n"
+"   -F STRING  --passfile=STRING   File with credentials for proxy auth\n"
 "   -N         --ntlm              Use NTLM Based Authentication\n"
 "   -t STRING  --domain=STRING     NTLM Domain (default: autodetect)\n"
 "   -r STRING  --remproxy=STRING   Use a remote proxy to tunnel over (2 proxies)\n"
@ -174,33 +180,34 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar

      /* Struct option: Name, Has_arg, Flag, Value */
      static struct option long_options[] = {
-        { "help",		0, NULL, 'h' },
-        { "version",		0, NULL, 'V' },
-        { "user",		1, NULL, 'u' },
-        { "pass",		1, NULL, 's' },
-        { "domain",		1, NULL, 't' },
-        { "uservar",		1, NULL, 'U' },
-        { "passvar",		1, NULL, 'S' },
-	{ "proxy",      	1, NULL, 'p' },
-        { "proxyhost",		1, NULL, 'g' },
-        { "proxyport",		1, NULL, 'G' },
-        { "dest",		1, NULL, 'd' },
-	{ "remproxy",   	1, NULL, 'r' },
-	{ "proctitle",  	1, NULL, 'x' },
-	{ "header",     	1, NULL, 'H' },
-        { "verbose",		0, NULL, 'v' },
-        { "ntlm",		0, NULL, 'N' },
+	{ "help",		0, NULL, 'h' },
+	{ "version",		0, NULL, 'V' },
+	{ "user",		1, NULL, 'u' },
+	{ "pass",		1, NULL, 's' },
+	{ "domain",		1, NULL, 't' },
+	{ "uservar",		1, NULL, 'U' },
+	{ "passvar",		1, NULL, 'S' },
+	{ "passfile",		1, NULL, 'F' },
+	{ "proxy",		1, NULL, 'p' },
+	{ "proxyhost",		1, NULL, 'g' },
+	{ "proxyport",		1, NULL, 'G' },
+	{ "dest",		1, NULL, 'd' },
+	{ "remproxy",		1, NULL, 'r' },
+	{ "proctitle",		1, NULL, 'x' },
+	{ "header",		1, NULL, 'H' },
+	{ "verbose",		0, NULL, 'v' },
+	{ "ntlm",		0, NULL, 'N' },
 	{ "inetd",		0, NULL, 'i' },
 	{ "standalone", 	1, NULL, 'a' },
 	{ "quiet",		0, NULL, 'q' },
-	{ "encrypt",    	0, NULL, 'e' },
+	{ "encrypt",		0, NULL, 'e' },
 	{ "encrypt-proxy",	0, NULL, 'E' },
-        { NULL,	0, NULL, 0 }
+	{ NULL,	0, NULL, 0 }
      };

-      c = getopt_long (argc, argv, "hVia:u:s:t:U:S:p:r:d:H:x:nvNeEq", long_options, &option_index);
+      c = getopt_long (argc, argv, "hVia:u:s:t:U:S:F:p:r:d:H:x:nvNeEq", long_options, &option_index);
 #else
-      c = getopt( argc, argv, "hVia:u:s:t:U:S:p:r:d:H:x:nvNeEq" );
+      c = getopt( argc, argv, "hVia:u:s:t:U:S:F:p:r:d:H:x:nvNeEq" );
 #endif

      if (c == -1) break;	/* Exit from `while (1)' loop.  */
@ -262,7 +269,7 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
        case 'u':	/* Username to send to HTTPS proxy for authentication.  */
          if (args_info->user_given)
            {
-              fprintf (stderr, "%s: `--user' (`-u') or `--uservar' (`-U') option given more than once\n", PACKAGE);
+              fprintf (stderr, "%s: `--user' (`-u'), `--uservar' (`-U') or `--passfile' (`-F') option given more than once\n", PACKAGE);
              clear_args ();
              exit (1);
            }
@ -273,7 +280,7 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
        case 'U':	/* Env Var with Username to send to HTTPS proxy for authentication.  */
          if (args_info->user_given)
            {
-              fprintf (stderr, "%s: `--user' (`-u') or `--uservar' (`-U') option given more than once\n", PACKAGE);
+              fprintf (stderr, "%s: `--user' (`-u'), `--uservar' (`-U') or `--passfile' (`-F') option given more than once\n", PACKAGE);
              clear_args ();
              exit (1);
            }
@ -290,7 +297,7 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
        case 's':	/* Password to send to HTTPS proxy for authentication.  */
          if (args_info->pass_given)
            {
-              fprintf (stderr, "%s: `--pass' (`-s') or `--passvar' (`-S') option given more than once\n", PACKAGE);
+              fprintf (stderr, "%s: `--pass' (`-s'), `--passvar' (`-S') or `--passfile' (`-F') option given more than once\n", PACKAGE);
              clear_args ();
              exit (1);
            }
@ -326,6 +333,33 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
          args_info->pass_arg = gengetopt_strdup (tmp_env_var);
          break;

+	case 'F':  /* File containing Username & Password to send to
+			   HTTPS proxy for authentication.  */
+          if (args_info->user_given)
+            {
+              fprintf (stderr, "%s: `--user' (`-u'), `--uservar' (`-U') or  `--passfile' (`-F') option given more than once\n", PACKAGE);
+              clear_args ();
+              exit (1);
+            }
+          if (args_info->pass_given)
+            {
+              fprintf (stderr, "%s: `--pass' (`-s'), `--passvar' (`-S') or `--passfile' (`-F') option given more than once\n", PACKAGE);
+              clear_args ();
+              exit (1);
+            }
+          args_info->user_given = 1;
+          args_info->pass_given = 1;
+          char *result = getCredentialsFromFile(optarg, &(args_info->user_arg),
+						&(args_info->pass_arg) );
+
+          if( result != NULL ) {
+	      fprintf( stderr, "%s: Bad password file for `--passfile' (`-F')\n%s\n",
+		       PACKAGE, result);
+	      exit (1);
+          }
+          break;
+
+
        case 'g':	/* HTTPS Proxy host to connect to.  */
          fprintf (stderr, "%s: `-g option is obsolete, use -p\n", PACKAGE);
          clear_args ();
@ -439,3 +473,42 @@ if (args_info->proxy_given )

  return 0;
 }
+
+static char *getCredentialsFromFile( const char* filename, char **user, char **pwd )
+{
+    /* Check file permissions, must have '0' for group and other */
+    struct stat statbuf;
+    if ( stat( filename, &statbuf ) == 0 ) {
+	if ( statbuf.st_mode & (S_IRWXG|S_IRWXO) ) {
+	    return strdup( "Stricter permissions required for password file" );
+	}
+    } else {
+	return strdup( strerror(errno) );
+    }
+
+    FILE* pwfile = fopen( filename, "r" );
+    char line[80], buf[80];
+
+    *user = NULL;
+    *pwd = NULL;
+
+    if( pwfile )
+    {
+	// Read a line
+	while (fgets( line, 80, pwfile ) != NULL ) {
+	    if ( sscanf( line, "proxy_user = %s", buf ) == 1 ) {
+		*user = strdup( buf );
+	    } else if ( sscanf( line, "proxy_passwd = %s", buf ) == 1 ) {
+		*pwd = strdup( buf );
+	    }
+	    if ( *user != NULL && *pwd != NULL ) {
+		fclose( pwfile );
+		return NULL;
+	    }
+	}
+        fclose( pwfile );
+	return strdup( "proxy_user & proxy_passwd not found in password file" );
+    }
+
+    return strdup( "Error opening password file" );
+}
--- a/proxytunnel.1
+++ b/proxytunnel.1
@ -2,7 +2,7 @@
 .\" First parameter, NAME, should be all caps
 .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
 .\" other parameters are allowed: see man(7), man(1)
-.TH PROXYTUNNEL 1 "november 20, 2002"
+.TH PROXYTUNNEL 1 "august  1, 2007"
 .\" Please adjust this date whenever revising the manpage.
 .\"
 .\" Some roff macros, for reference:
@ -48,6 +48,21 @@ The username to send to HTTPS proxy for authentification.
 .B \-s STRING, \-\-pass=STRING
 The password to send to HTTPS proxy for authentification.
 .TP
+.B \-U STRING, \-\-uservar=STRING
+Environment variable containing the username to send to HTTPS proxy
+for authentification.
+.TP
+.B \-S STRING, \-\-passvar=STRING
+Environment variable containing the password to send to HTTPS proxy
+for authentification.
+.TP
+.B \-F STRING, \-\-passfile=STRING
+The file containing Username & Password to send to HTTPS proxy for
+authentification.  This file uses the same format as .wgetrc, and so
+can use the credentials in common with wget.  This option can be used
+to at least hide the password from anyone clever enough to use the
+`ps' command.
+.TP
 .B \-g STRING, \-\-proxyhost=STRING
 The HTTPS Proxy host:port combo to connect to.
 .TP