Add options to read password from tty or environment.

ipmitool/configure.in

@@ -50,6 +50,7 @@ AC_FUNC_STAT
 AC_FUNC_STRTOD
 AC_CHECK_FUNCS([alarm gethostbyname socket select])
 AC_CHECK_FUNCS([memmove memset strchr strdup strerror])
+AC_CHECK_FUNCS([getpassphrase])
 
 dnl check for byteswap functionality
 AC_CHECK_HEADERS([sys/byteorder.h byteswap.h])

ipmitool/doc/ipmitool.1

@@ -4,7 +4,7 @@
 ipmitool \- utility for controlling IPMI-enabled devices
 .SH "SYNTAX"
 .LP 
-ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIlan\fP \fB\-H\fR \fIhostname\fP [\fB\-P\fR \fIpassword\fP] <\fIexpression\fP>
+ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIlan\fP \fB\-H\fR \fIhostname\fP [\fB\-a\fR|\fB\-E\fR|\fB\-P\fR \fIpassword\fP] <\fIexpression\fP>
 .br 
 ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIopen\fP <\fIexpression\fP>
 .SH "DESCRIPTION"
@@ -34,11 +34,17 @@ Selects IPMI interface to use.  Possible interfaces are \fIlan\fP or \fIopen\fP.
 \fB\-H\fR <\fIaddress\fP>
 Remote server address, can be IP address or hostname.  This option is required for the LAN interface connection.
 .TP 
-\fB\-P\fR <\fIpassword\fP>
-Remote server password, 16 character maximum.  This is optional for the LAN interface, if it is not provided the session will not be authenticated.
-.TP
 \fB\-U\fR <\fIusername\fP>
 Remote username, default is NULL user.
+.TP 
+\fB\-a\fR
+Promt for the remote server password, 16 character maximum. This is optional for the LAN interface, if a password is not provided the session will not be authenticated.
+.TP 
+\fB\-E\fR
+The remote server password is specified by the environment variable \fBIPMITOOL_PASSWORD\fR. This option is intended for shell scripts.
+.TP 
+\fB\-P\fR <\fIpassword\fP>
+Remote server password. \fBNote!\fR Specifying the password as a commandline option is not recommended since it will be visible in the process list.
 .SH "EXPRESSIONS"
 .LP
 .TP

ipmitool/src/ipmitool.c

@@ -76,7 +76,10 @@ void usage(void)
 	printf("       -g            Attempt to be extra robust in LAN communications\n");
 	printf("       -H hostname   Remote host name for LAN interface\n");
 	printf("       -p port       Remote RMCP port (default is 623)\n");
-	printf("       -P password   Remote administrator password\n");
+	printf("       -U username   Remote username\n");
+	printf("       -a            Prompt for remote password\n");
+	printf("       -E            Read remote password from environment\n");
+	printf("       -P password   Remote password\n");
 	printf("       -I intf       Inteface to use\n");
 	printf("\n\n");
 
@@ -255,14 +258,14 @@ int main(int argc, char ** argv)
 {
 	int (*submain)(struct ipmi_intf *, int, char **);
 	struct ipmi_intf * intf = NULL;
-	char * hostname = NULL, * password = NULL, * username = NULL;
+	char * hostname = NULL, * password = NULL, * username = NULL, * tmp;
 	int argflag, i, rc=0, port = 623, pedantic = 0;
 	char intfname[32];
 
 	if (ipmi_intf_init() < 0)
 		exit(EXIT_FAILURE);
 
-	while ((argflag = getopt(argc, (char **)argv, "hVvcgI:H:P:U:p:")) != -1)
+	while ((argflag = getopt(argc, (char **)argv, "hVvcgEaI:H:P:U:p:")) != -1)
 	{
 		switch (argflag) {
 		case 'h':
@@ -294,6 +297,9 @@ int main(int argc, char ** argv)
 			hostname = strdup(optarg);
 			break;
 		case 'P':
+			if (password)
+				free (password);
+
 			password = strdup(optarg);
 
 			/* Prevent password snooping with ps */
@@ -301,6 +307,31 @@ int main(int argc, char ** argv)
 			memset (optarg, 'X', i);
 
 			break;
+
+		case 'E':
+			if ((tmp = getenv ("IPMITOOL_PASSWORD")))
+			{
+				if (password)
+					free (password);
+
+				password = strdup (tmp);
+			}
+			break;
+
+		case 'a':
+#ifdef HAVE_GETPASSPHRASE
+			if ((tmp = getpassphrase ("Password: ")))
+#else
+			if ((tmp = getpass ("Password: ")))
+#endif
+			{
+				if (password)
+					free (password);
+
+				password = strdup (tmp);
+			}
+			break;
+
 		case 'U':
 			username = strdup(optarg);
 			break;