By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,372 Members | 1,950 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,372 IT Pros & Developers. It's quick & easy.

How to make an automated password file for perl script

P: 4
Hi All,
Im new to perl programming and currently using a automation code written in perl by someone else.
My script uses an openssl client to perform some handshake operation using the client certificate, for the handshake to be successful it prompts for a passphrase. So I thought of keeping the passphrase in a file and at run time my ssl client should pick from the file. But I'm nt sure hw to go abt with it any suggestions guys??
Thanks.
Aug 4 '09 #1
Share this Question
Share on Google+
8 Replies


numberwhun
Expert Mod 2.5K+
P: 3,503
@newperluser
Its not really recommended to keep such things in a file because its a password (phrase... semantics). But, in the interest of automation, I can see the need. So, what I would do is put it into a configuration file with the following structure (just my suggestion):

Expand|Select|Wrap|Line Numbers
  1. name     value
  2.  
You can have as many name/value pairs as you like. Then, you just read in the configuration file as such:

Expand|Select|Wrap|Line Numbers
  1. use strict;
  2. use warnings;
  3.  
  4. # Open the config file into a file handle
  5. open(CFGFILE, "<test1.cfg");
  6.  
  7. # Initialize the variables you will be using in the code
  8. my $key;
  9. my $value;
  10. my %config;
  11.  
  12. # Read each line in the config file, then split each line on the
  13. # spaces and into the two variables $key and $value. Then, take
  14. # each and use it to create the entries in the hash
  15. while(<CFGFILE>)
  16. {
  17.     ($key, $value) = split(/\s+/, $_);
  18.     $config{ $key } = $value;
  19. }
  20.  
Now, you have a hash that contains key value pairs. Say you used a config file like the following:

Expand|Select|Wrap|Line Numbers
  1. sslPass     mypass
  2.  
Then you would simply reference your key in the code, where you need it, like so:

Expand|Select|Wrap|Line Numbers
  1. $config{sslPass}
  2.  
That will input the value of mypass where needed. I hope this helps you. My only other suggestion is to make sure that that configuration file is ONLY readable by the user executing the script, that way nobody else can just open it and read it without root.

If you are on windows, then the security is definitely an issue.

Regards,

Jeff
Aug 4 '09 #2

P: 4
Hi Jeff,

Thanks for your reply,

But even after trying out your code My code is not picking the passphrase from the file It stil prompts me for the passphrase

Expand|Select|Wrap|Line Numbers
  1.  
  2. open(CFGFILE, "<../phrase.cfg");
  3. while (<CFGFILE>)
  4. {
  5.   ($key,$value)=split(/\s+/,$_);
  6.    $config{$key}=$value;
  7. }
  8. #My client code , following which it will prompt for passphrase
  9. system("../client -cert ../pfx.pem  -host $ip_address -port $port -verbose -batch 1 >./tls/$ip_address/clientcerttest.log 2>&1");
  10.  
  11. $config{sslPass};
  12. #close(CFGFILE) or die "Could not close file";
  13.  
Can u pls point out whr im going wrong?
Aug 4 '09 #3

numberwhun
Expert Mod 2.5K+
P: 3,503
@newperluser
Well, the first thing you need to do is to please learn to use the code tags that are required to surround code you post in the forums. You can read about it here.

Unfortunately, seeing as how I didn't have any code before, I can now see what is going on and what I gave you isn't going to work. The reason: you are running a system command that is going to prompt for information. One of the few ways to plan for that event is to use something like expect. There is an Expect module in Perl, but it is quite complicated and not very easy to understand, especially if you don't know what expect is.

I guess my only question would be, is does the client you are using have an option that can be added to provide the passphrase at execution? If so, you can add it and put in the variable sequence as the pass phrase and it would be interpolated into its value. That would be the only option I see, but I don't know how the client is coded and what it is using.

If the client is written wholly in Perl, then this might be an opportunity for you to extend it to accept a pass phrase, but again, I don't know what the code is using to do all of this.

Regards,

Jeff
Aug 4 '09 #4

KevinADC
Expert 2.5K+
P: 4,059
And if you are on Windows it can only work if you install cygwin as well and run in the cygwin environment. See the Expect modules documentation.
Aug 4 '09 #5

P: 4
I know using expect in my code is going to be really very complex. Unfortunately the client does not have an option to provide the passphrase and the client is coded in C and we dont want to make any changes to it now. So the question nw is hw can this be implemented using perl in the automation script.
Aug 5 '09 #6

numberwhun
Expert Mod 2.5K+
P: 3,503
@newperluser
Since it is a client run from the system command, the only way I can imagine is via the Expect module. I would go to the link I provided and see if you can fashion a solution.

Regards,

Jeff
Aug 5 '09 #7

P: 4
So this would mean I need to seperately install the expect module on every machine that I run this program on.... I run this on multiple platforms and this is going to be a time consuming thing for me :(
Aug 5 '09 #8

KevinADC
Expert 2.5K+
P: 4,059
@newperluser
You might want to ask on a forum that discusses the operating system you are running, there might be an application you can use that has nothing to do with perl. But as far as perl goes, the only thing that I know of that sounds like it has a chance is Expect.
Aug 5 '09 #9

Post your reply

Sign in to post your reply or Sign up for a free account.