diff options
author | Matt Johnston <matt@ucc.asn.au> | 2007-03-17 06:30:11 +0000 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2007-03-17 06:30:11 +0000 |
commit | def7bde7740e97fd2284e7ea09dd7975e0f2b716 (patch) | |
tree | 718b3ea053c4c40ccba3d8138787487af236b1aa | |
parent | 59b28281014476a6090c770b858e25ccbe4a86ab (diff) | |
download | dropbear-def7bde7740e97fd2284e7ea09dd7975e0f2b716.tar.gz |
Allow reading dbclient password from an environment var
-rw-r--r-- | cli-auth.c | 9 | ||||
-rw-r--r-- | options.h | 8 |
2 files changed, 17 insertions, 0 deletions
@@ -284,6 +284,15 @@ void cli_auth_try() { char* getpass_or_cancel(char* prompt) { char* password = NULL; + +#ifdef DROPBEAR_PASSWORD_ENV + /* Password provided in an environment var */ + password = getenv(DROPBEAR_PASSWORD_ENV); + if (password) + { + return password; + } +#endif password = getpass(prompt); @@ -140,6 +140,14 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */ #define ENABLE_CLI_PUBKEY_AUTH #define ENABLE_CLI_INTERACT_AUTH +/* This variable can be used to set a password for client + * authentication on the commandline. Beware of platforms + * that don't protect environment variables of processes etc. Also + * note that it will be provided for all "hidden" client-interactive + * style prompts - if you want something more sophisticated, use + * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ +#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD" + /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of * a helper program for the ssh client. The helper program should be * specified in the SSH_ASKPASS environment variable, and dbclient |