CMD Fileless equivalent of < redirection

Question

I have a batch that wraps AnyConnect Mobility Client CLI (vpncli.exe) and asks username and password to later handle them to vpncli.

Simplified code:

set /p user_id=Username:
set /p pwd=Password:
echo %user_id%> c:\temp\configvpn.txt
echo %pwd%>> c:\temp\configvpn.txt

set install_dir="C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client"

%install_dir%\vpncli.exe connect myvpn.mydomain.TLD -s < c:\temp\configvpn.txt

net use h: \\fileserver\sharename /user:domain\%user_id% %pwd%

The last line it's why we do it this way: to not prompt user password twice (first for connecting VPN and second to map network drive)

For security reasons I'm improving the script to not write password to disk. I need a fileless equivalent of this "< c:\temp\configvpn.txt"

I tried :

(
    @echo %user_id%
    @echo %pwd% 
) | %install_dir%\vpncli.exe connect myvpn.mydomain.TLD -s

Not success so far. The output is this loop:

  >> Please enter your username and password.
Group: VPN-TESTGROUP

Username: [myUsername] Password:
  >> Login failed.
Group: VPN-TESTGROUP

Username: [myUsername] Password:
  >> Login failed.

(repeats indefinitely)

Is there a way to do this?

Send the output of your command to a file, i.e. `(echo ...; echo ...) > a.txt` then `diff` your `configvpn.txt` with `a.txt` to see what gives. — Mark Setchell, Dec 11 '18 at 18:15
There may also be a race condition with the two `echo`s (at least there was in my testing). If you consistently provide the username but not the password, try putting `timeout /t 1 >nul` in between the two commands. — SomethingDark, Dec 11 '18 at 19:03
@Stephan i wasn't aware. Now fixed, but the problem persists. — Filipe, Dec 11 '18 at 20:32
Stephan and Mark Setchell signify a problem of `echo` inside a pipe block, see [SO: Windows cmd echo / pipe is adding extra space at the end - how to trim it?](https://stackoverflow.com/q/29747539/463115) — jeb, Dec 11 '18 at 20:35

score 3 · Accepted Answer · answered Dec 11 '18 at 20:40

3

It's probably a problem of the piped block, as there are spaces added at the end of each command.

This code avoids the spaces and should solve your problem

(SET LF=^
%=empty=%
)

(
    echo %user_id%%%LF%%rem.
    echo %pwd%%%LF%%rem.
) |  %install_dir%\vpncli.exe connect myvpn.mydomain.TLD -s

But you should test it without any special characters in you user_id or password!

answered Dec 11 '18 at 20:40

jeb

78,592
17
171
225

You are awesome. It's working now. One more thing: my test password doesn't have special characters, but users passwords might have. Since my skills won't by itself rewrite that block to be special chars safe, could you please suggest any changes to the code that would provide a (sort of) robust handling to this case? – Filipe Dec 11 '18 at 21:24
@Filipe You should use the [answer of sst](https://stackoverflow.com/a/53733840/463115), it looks complex, but it can address the problem of special characters very easy by using delayed expansion. `echo !pwd!` solves the problems with problematic characters – jeb Dec 12 '18 at 09:02

score 2 · Answer 2 · answered Dec 11 '18 at 23:20

As you already find out, the problems is trailing spaces inside the pipe, And as you can see in jeb's answer getting ride of the trailing spaces requires special handling.

One aspect of pipes that leads to confusion is that the piped commands are not executed in batch file context with batch syntax rules, but they are executed in command line context with command line syntax rules in a child cmd instance.

One needs to thoroughly understand the mechanics of the CMD/Batch pipes to be able to construct and maintain a working solution this way, and it is not a straightforward task for slightly more complex piped blocks.

Here is an alternate way which enables piping of any complex blocks of commands with the same level of flexibility as you have in normal batch codes.

@echo off
if "%~1"=="/LPipe" goto :/LPipe
if "%~1"=="/RPipe" goto :/RPipe

set /p user_id=Username:
set /p pwd=Password:

"%~f0" /LPipe | "%~f0" /RPipe
exit /b


:/LPipe
REM This will be executed inside a pipe but in batch context

REM Enable delayed expansion to be able to send any special characters
setlocal EnableDelayedExpansion

REM It's easy to take care of trailing spaces, no special hacks needed.
echo !user_id!
echo !pwd!
goto :EOF


:/RPipe
REM This will be executed inside a pipe but in batch context

%install_dir%\vpncli.exe connect myvpn.mydomain.TLD -s
goto :EOF

Hello there. I still get the loop. I'm using version 4.5.02033. — Tom, Jul 25 '19 at 10:51
@Tom, I don't have vpncli at hand to test, but a delay between the two `echo`s should fix it. Put `>nul timeout /t 1` in a new line just after `echo !user_id!` and before `echo !pwd!` and see if it solves the problem. Also make sure the `echo` commands does not have any trailing white spaces in them as they are invisible in text editor but will become part the output, if there are any. — sst, Jul 25 '19 at 12:03
Thanks for your quick answer. I got it to work! The problem was that before username and password I had to choose the group to connect to. So i just added echo !group! following your template. And it worked, no timeout was needed. Thanks again @sst — Tom, Jul 25 '19 at 12:39

CMD Fileless equivalent of < redirection

2 Answers2