How to make an automated password file for perl script

4 New Member

Hi All,
Im new to perl programming and currently using a automation code written in perl by someone else.
My script uses an openssl client to perform some handshake operation using the client certificate, for the handshake to be successful it prompts for a passphrase. So I thought of keeping the passphrase in a file and at run time my ssl client should pick from the file. But I'm nt sure hw to go abt with it any suggestions guys??
Thanks.

Aug 4 '09 #1

Subscribe Reply

3054

numberwhun

3,509

Recognized Expert Moderator Specialist

@newperluser
Its not really recommended to keep such things in a file because its a password (phrase... semantics). But, in the interest of automation, I can see the need. So, what I would do is put it into a configuration file with the following structure (just my suggestion):

Expand|Select|Wrap|Line Numbers

name value

You can have as many name/value pairs as you like. Then, you just read in the configuration file as such:

Expand|Select|Wrap|Line Numbers

 
use strict;

use warnings;
 
# Open the config file into a file handle

open(CFGFILE, "<test1.cfg");
 
# Initialize the variables you will be using in the code

my $key;

my $value;

my %config;
 
# Read each line in the config file, then split each line on the

# spaces and into the two variables $key and $value. Then, take

# each and use it to create the entries in the hash

while(<CFGFILE>)

{

    ($key, $value) = split(/\s+/, $_);

    $config{ $key } = $value;

}

Now, you have a hash that contains key value pairs. Say you used a config file like the following:

Expand|Select|Wrap|Line Numbers

sslPass mypass

Then you would simply reference your key in the code, where you need it, like so:

Expand|Select|Wrap|Line Numbers

$config{sslPass}

That will input the value of mypass where needed. I hope this helps you. My only other suggestion is to make sure that that configuration file is ONLY readable by the user executing the script, that way nobody else can just open it and read it without root.

If you are on windows, then the security is definitely an issue.

Regards,

Jeff

Aug 4 '09 #2

newperluser

New Member

Hi Jeff,

Thanks for your reply,

But even after trying out your code My code is not picking the passphrase from the file It stil prompts me for the passphrase

Expand|Select|Wrap|Line Numbers

  
open(CFGFILE, "<../phrase.cfg");

while (<CFGFILE>)

{

  ($key,$value)=split(/\s+/,$_);

   $config{$key}=$value;

}

#My client code , following which it will prompt for passphrase

system("../client -cert ../pfx.pem  -host $ip_address -port $port -verbose -batch 1 >./tls/$ip_address/clientcerttest.log 2>&1");
 
$config{sslPass};

#close(CFGFILE) or die "Could not close file";

Can u pls point out whr im going wrong?

Aug 4 '09 #3

numberwhun

3,509

Recognized Expert Moderator Specialist

@newperluser
Well, the first thing you need to do is to please learn to use the code tags that are required to surround code you post in the forums. You can read about it here.

Unfortunately, seeing as how I didn't have any code before, I can now see what is going on and what I gave you isn't going to work. The reason: you are running a system command that is going to prompt for information. One of the few ways to plan for that event is to use something like expect. There is an Expect module in Perl, but it is quite complicated and not very easy to understand, especially if you don't know what expect is.

I guess my only question would be, is does the client you are using have an option that can be added to provide the passphrase at execution? If so, you can add it and put in the variable sequence as the pass phrase and it would be interpolated into its value. That would be the only option I see, but I don't know how the client is coded and what it is using.

If the client is written wholly in Perl, then this might be an opportunity for you to extend it to accept a pass phrase, but again, I don't know what the code is using to do all of this.

Regards,

Jeff

Aug 4 '09 #4

KevinADC

4,059

Recognized Expert Specialist

And if you are on Windows it can only work if you install cygwin as well and run in the cygwin environment. See the Expect modules documentation.

Aug 4 '09 #5

newperluser

New Member

I know using expect in my code is going to be really very complex. Unfortunately the client does not have an option to provide the passphrase and the client is coded in C and we dont want to make any changes to it now. So the question nw is hw can this be implemented using perl in the automation script.

Aug 5 '09 #6

numberwhun

3,509

Recognized Expert Moderator Specialist

@newperluser
Since it is a client run from the system command, the only way I can imagine is via the Expect module. I would go to the link I provided and see if you can fashion a solution.

Regards,

Jeff

Aug 5 '09 #7

newperluser

New Member

So this would mean I need to seperately install the expect module on every machine that I run this program on.... I run this on multiple platforms and this is going to be a time consuming thing for me :(

Aug 5 '09 #8

KevinADC

4,059

Recognized Expert Specialist

@newperluser
You might want to ask on a forum that discusses the operating system you are running, there might be an application you can use that has nothing to do with perl. But as far as perl goes, the only thing that I know of that sounds like it has a chance is Expect.

Aug 5 '09 #9

by: john brown | last post by:

There is a web page that I access frequently and would like to automate the authentication of the username and password. I would like to user a perl script but I'm not really sure about the steps....

How to make an automated password file for perl script

Similar topics