2013-10-28 22:50:05 +01:00
|
|
|
/*-
|
|
|
|
|
* Copyright 2009 Colin Percival
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#include "readpass.h"
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* tarsnap_getpass(passwd, prompt, confirmprompt, devtty)
|
|
|
|
|
* If ${devtty} is non-zero, read a password from /dev/tty if possible; if
|
|
|
|
|
* not, read from stdin. If reading from a tty (either /dev/tty or stdin),
|
|
|
|
|
* disable echo and prompt the user by printing ${prompt} to stderr. If
|
|
|
|
|
* ${confirmprompt} is non-NULL, read a second password (prompting if a
|
|
|
|
|
* terminal is being used) and repeat until the user enters the same password
|
|
|
|
|
* twice. Return the password as a malloced NUL-terminated string via
|
|
|
|
|
* ${passwd}. The obscure name is to avoid namespace collisions due to the
|
|
|
|
|
* getpass / readpass / readpassphrase / etc. functions in various libraries.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
pcp_readpass(char ** passwd, const char * prompt,
|
2015-05-30 11:11:20 +02:00
|
|
|
const char * confirmprompt, int devtty, char *readfromfile)
|
2013-10-28 22:50:05 +01:00
|
|
|
{
|
|
|
|
|
FILE * readfrom;
|
|
|
|
|
char passbuf[MAXPASSLEN];
|
|
|
|
|
char confpassbuf[MAXPASSLEN];
|
|
|
|
|
struct termios term, term_old;
|
|
|
|
|
int usingtty;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If devtty != 0, try to open /dev/tty; if that fails, or if devtty
|
|
|
|
|
* is zero, we'll read the password from stdin instead.
|
2015-05-30 11:11:20 +02:00
|
|
|
*
|
|
|
|
|
* Added by tlinden: however, if readfromfile is defined, we'll
|
|
|
|
|
* read the password from there, but if it is '-' we'll use stdin
|
|
|
|
|
* as well.
|
2013-10-28 22:50:05 +01:00
|
|
|
*/
|
2015-05-30 11:11:20 +02:00
|
|
|
if ((devtty == 0) || ((readfrom = fopen("/dev/tty", "r")) == NULL)) {
|
|
|
|
|
if(readfromfile != NULL) {
|
|
|
|
|
if(readfromfile[0] == '-') {
|
|
|
|
|
readfrom = stdin;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if((readfrom = fopen(readfromfile, "r")) == NULL) {
|
|
|
|
|
fatal(ptx, "Could not open password file '%s'\n", readfromfile);
|
|
|
|
|
goto err1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
readfrom = stdin;
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-10-28 22:50:05 +01:00
|
|
|
|
|
|
|
|
/* If we're reading from a terminal, try to disable echo. */
|
|
|
|
|
if ((usingtty = isatty(fileno(readfrom))) != 0) {
|
|
|
|
|
if (tcgetattr(fileno(readfrom), &term_old)) {
|
2014-05-05 12:01:55 +02:00
|
|
|
fatal(ptx, "Cannot read terminal settings\n");
|
2013-10-28 22:50:05 +01:00
|
|
|
goto err1;
|
|
|
|
|
}
|
|
|
|
|
memcpy(&term, &term_old, sizeof(struct termios));
|
|
|
|
|
term.c_lflag = (term.c_lflag & ~ECHO) | ECHONL;
|
|
|
|
|
if (tcsetattr(fileno(readfrom), TCSANOW, &term)) {
|
2014-05-05 12:01:55 +02:00
|
|
|
fatal(ptx, "Cannot set terminal settings\n");
|
2013-10-28 22:50:05 +01:00
|
|
|
goto err1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
retry:
|
|
|
|
|
/* If we have a terminal, prompt the user to enter the password. */
|
|
|
|
|
if (usingtty)
|
|
|
|
|
fprintf(stderr, "%s: ", prompt);
|
|
|
|
|
|
|
|
|
|
/* Read the password. */
|
|
|
|
|
if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) {
|
2014-05-05 12:01:55 +02:00
|
|
|
fatal(ptx, "Cannot read password\n");
|
2013-10-28 22:50:05 +01:00
|
|
|
goto err2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Confirm the password if necessary. */
|
|
|
|
|
if (confirmprompt != NULL) {
|
|
|
|
|
if (usingtty)
|
|
|
|
|
fprintf(stderr, "%s: ", confirmprompt);
|
|
|
|
|
if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) {
|
2014-05-05 12:01:55 +02:00
|
|
|
fatal(ptx, "Cannot read password\n");
|
2013-10-28 22:50:05 +01:00
|
|
|
goto err2;
|
|
|
|
|
}
|
|
|
|
|
if (strcmp(passbuf, confpassbuf)) {
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"Passwords mismatch, please try again\n");
|
|
|
|
|
goto retry;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Terminate the string at the first "\r" or "\n" (if any). */
|
|
|
|
|
passbuf[strcspn(passbuf, "\r\n")] = '\0';
|
|
|
|
|
|
|
|
|
|
/* If we changed terminal settings, reset them. */
|
|
|
|
|
if (usingtty)
|
|
|
|
|
tcsetattr(fileno(readfrom), TCSANOW, &term_old);
|
|
|
|
|
|
2015-05-30 11:11:20 +02:00
|
|
|
/* Close /dev/tty if we opened it.
|
|
|
|
|
if readfromfile is defined and set to -, disable stdin */
|
|
|
|
|
if (readfrom != stdin) {
|
|
|
|
|
fclose(readfrom);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if(readfromfile != NULL)
|
|
|
|
|
stdin = NULL;
|
|
|
|
|
}
|
2013-10-28 22:50:05 +01:00
|
|
|
|
|
|
|
|
/* Copy the password out. */
|
2015-01-13 13:07:32 +01:00
|
|
|
char *p = smalloc(strlen(passbuf) + 1);
|
|
|
|
|
memcpy(p, passbuf, strlen(passbuf) + 1 );
|
|
|
|
|
*passwd = p;
|
2013-10-28 22:50:05 +01:00
|
|
|
|
|
|
|
|
/* Zero any stored passwords. */
|
|
|
|
|
memset(passbuf, 0, MAXPASSLEN);
|
|
|
|
|
memset(confpassbuf, 0, MAXPASSLEN);
|
|
|
|
|
|
|
|
|
|
/* Success! */
|
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
|
|
err2:
|
|
|
|
|
/* Reset terminal settings if necessary. */
|
|
|
|
|
if (usingtty)
|
|
|
|
|
tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old);
|
|
|
|
|
err1:
|
|
|
|
|
/* Close /dev/tty if we opened it. */
|
|
|
|
|
if (readfrom != stdin)
|
|
|
|
|
fclose(readfrom);
|
|
|
|
|
|
|
|
|
|
/* Failure! */
|
|
|
|
|
return (-1);
|
|
|
|
|
}
|
