1 |
|
|
/* $OpenBSD: readpassphrase.c,v 1.26 2016/10/18 12:47:18 millert Exp $ */ |
2 |
|
|
|
3 |
|
|
/* |
4 |
|
|
* Copyright (c) 2000-2002, 2007, 2010 |
5 |
|
|
* Todd C. Miller <Todd.Miller@courtesan.com> |
6 |
|
|
* |
7 |
|
|
* Permission to use, copy, modify, and distribute this software for any |
8 |
|
|
* purpose with or without fee is hereby granted, provided that the above |
9 |
|
|
* copyright notice and this permission notice appear in all copies. |
10 |
|
|
* |
11 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
12 |
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
13 |
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
14 |
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
15 |
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
16 |
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
17 |
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
18 |
|
|
* |
19 |
|
|
* Sponsored in part by the Defense Advanced Research Projects |
20 |
|
|
* Agency (DARPA) and Air Force Research Laboratory, Air Force |
21 |
|
|
* Materiel Command, USAF, under agreement number F39502-99-1-0512. |
22 |
|
|
*/ |
23 |
|
|
|
24 |
|
|
#include <ctype.h> |
25 |
|
|
#include <errno.h> |
26 |
|
|
#include <fcntl.h> |
27 |
|
|
#include <paths.h> |
28 |
|
|
#include <pwd.h> |
29 |
|
|
#include <signal.h> |
30 |
|
|
#include <string.h> |
31 |
|
|
#include <termios.h> |
32 |
|
|
#include <unistd.h> |
33 |
|
|
#include <readpassphrase.h> |
34 |
|
|
|
35 |
|
|
static volatile sig_atomic_t signo[_NSIG]; |
36 |
|
|
|
37 |
|
|
static void handler(int); |
38 |
|
|
|
39 |
|
|
char * |
40 |
|
|
readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) |
41 |
|
|
{ |
42 |
|
|
ssize_t nr; |
43 |
|
|
int input, output, save_errno, i, need_restart; |
44 |
|
|
char ch, *p, *end; |
45 |
|
|
struct termios term, oterm; |
46 |
|
|
struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; |
47 |
|
|
struct sigaction savetstp, savettin, savettou, savepipe; |
48 |
|
|
|
49 |
|
|
/* I suppose we could alloc on demand in this case (XXX). */ |
50 |
|
|
if (bufsiz == 0) { |
51 |
|
|
errno = EINVAL; |
52 |
|
|
return(NULL); |
53 |
|
|
} |
54 |
|
|
|
55 |
|
|
restart: |
56 |
|
|
for (i = 0; i < _NSIG; i++) |
57 |
|
|
signo[i] = 0; |
58 |
|
|
nr = -1; |
59 |
|
|
save_errno = 0; |
60 |
|
|
need_restart = 0; |
61 |
|
|
/* |
62 |
|
|
* Read and write to /dev/tty if available. If not, read from |
63 |
|
|
* stdin and write to stderr unless a tty is required. |
64 |
|
|
*/ |
65 |
|
|
if ((flags & RPP_STDIN) || |
66 |
|
|
(input = output = open(_PATH_TTY, O_RDWR)) == -1) { |
67 |
|
|
if (flags & RPP_REQUIRE_TTY) { |
68 |
|
|
errno = ENOTTY; |
69 |
|
|
return(NULL); |
70 |
|
|
} |
71 |
|
|
input = STDIN_FILENO; |
72 |
|
|
output = STDERR_FILENO; |
73 |
|
|
} |
74 |
|
|
|
75 |
|
|
/* |
76 |
|
|
* Turn off echo if possible. |
77 |
|
|
* If we are using a tty but are not the foreground pgrp this will |
78 |
|
|
* generate SIGTTOU, so do it *before* installing the signal handlers. |
79 |
|
|
*/ |
80 |
|
|
if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { |
81 |
|
|
memcpy(&term, &oterm, sizeof(term)); |
82 |
|
|
if (!(flags & RPP_ECHO_ON)) |
83 |
|
|
term.c_lflag &= ~(ECHO | ECHONL); |
84 |
|
|
if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) |
85 |
|
|
term.c_cc[VSTATUS] = _POSIX_VDISABLE; |
86 |
|
|
(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term); |
87 |
|
|
} else { |
88 |
|
|
memset(&term, 0, sizeof(term)); |
89 |
|
|
term.c_lflag |= ECHO; |
90 |
|
|
memset(&oterm, 0, sizeof(oterm)); |
91 |
|
|
oterm.c_lflag |= ECHO; |
92 |
|
|
} |
93 |
|
|
|
94 |
|
|
/* |
95 |
|
|
* Catch signals that would otherwise cause the user to end |
96 |
|
|
* up with echo turned off in the shell. Don't worry about |
97 |
|
|
* things like SIGXCPU and SIGVTALRM for now. |
98 |
|
|
*/ |
99 |
|
|
sigemptyset(&sa.sa_mask); |
100 |
|
|
sa.sa_flags = 0; /* don't restart system calls */ |
101 |
|
|
sa.sa_handler = handler; |
102 |
|
|
(void)sigaction(SIGALRM, &sa, &savealrm); |
103 |
|
|
(void)sigaction(SIGHUP, &sa, &savehup); |
104 |
|
|
(void)sigaction(SIGINT, &sa, &saveint); |
105 |
|
|
(void)sigaction(SIGPIPE, &sa, &savepipe); |
106 |
|
|
(void)sigaction(SIGQUIT, &sa, &savequit); |
107 |
|
|
(void)sigaction(SIGTERM, &sa, &saveterm); |
108 |
|
|
(void)sigaction(SIGTSTP, &sa, &savetstp); |
109 |
|
|
(void)sigaction(SIGTTIN, &sa, &savettin); |
110 |
|
|
(void)sigaction(SIGTTOU, &sa, &savettou); |
111 |
|
|
|
112 |
|
|
if (!(flags & RPP_STDIN)) |
113 |
|
|
(void)write(output, prompt, strlen(prompt)); |
114 |
|
|
end = buf + bufsiz - 1; |
115 |
|
|
p = buf; |
116 |
|
|
while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { |
117 |
|
|
if (p < end) { |
118 |
|
|
if ((flags & RPP_SEVENBIT)) |
119 |
|
|
ch &= 0x7f; |
120 |
|
|
if (isalpha((unsigned char)ch)) { |
121 |
|
|
if ((flags & RPP_FORCELOWER)) |
122 |
|
|
ch = (char)tolower((unsigned char)ch); |
123 |
|
|
if ((flags & RPP_FORCEUPPER)) |
124 |
|
|
ch = (char)toupper((unsigned char)ch); |
125 |
|
|
} |
126 |
|
|
*p++ = ch; |
127 |
|
|
} |
128 |
|
|
} |
129 |
|
|
*p = '\0'; |
130 |
|
|
save_errno = errno; |
131 |
|
|
if (!(term.c_lflag & ECHO)) |
132 |
|
|
(void)write(output, "\n", 1); |
133 |
|
|
|
134 |
|
|
/* Restore old terminal settings and signals. */ |
135 |
|
|
if (memcmp(&term, &oterm, sizeof(term)) != 0) { |
136 |
|
|
const int sigttou = signo[SIGTTOU]; |
137 |
|
|
|
138 |
|
|
/* Ignore SIGTTOU generated when we are not the fg pgrp. */ |
139 |
|
|
while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 && |
140 |
|
|
errno == EINTR && !signo[SIGTTOU]) |
141 |
|
|
continue; |
142 |
|
|
signo[SIGTTOU] = sigttou; |
143 |
|
|
} |
144 |
|
|
(void)sigaction(SIGALRM, &savealrm, NULL); |
145 |
|
|
(void)sigaction(SIGHUP, &savehup, NULL); |
146 |
|
|
(void)sigaction(SIGINT, &saveint, NULL); |
147 |
|
|
(void)sigaction(SIGQUIT, &savequit, NULL); |
148 |
|
|
(void)sigaction(SIGPIPE, &savepipe, NULL); |
149 |
|
|
(void)sigaction(SIGTERM, &saveterm, NULL); |
150 |
|
|
(void)sigaction(SIGTSTP, &savetstp, NULL); |
151 |
|
|
(void)sigaction(SIGTTIN, &savettin, NULL); |
152 |
|
|
(void)sigaction(SIGTTOU, &savettou, NULL); |
153 |
|
|
if (input != STDIN_FILENO) |
154 |
|
|
(void)close(input); |
155 |
|
|
|
156 |
|
|
/* |
157 |
|
|
* If we were interrupted by a signal, resend it to ourselves |
158 |
|
|
* now that we have restored the signal handlers. |
159 |
|
|
*/ |
160 |
|
|
for (i = 0; i < _NSIG; i++) { |
161 |
|
|
if (signo[i]) { |
162 |
|
|
kill(getpid(), i); |
163 |
|
|
switch (i) { |
164 |
|
|
case SIGTSTP: |
165 |
|
|
case SIGTTIN: |
166 |
|
|
case SIGTTOU: |
167 |
|
|
need_restart = 1; |
168 |
|
|
} |
169 |
|
|
} |
170 |
|
|
} |
171 |
|
|
if (need_restart) |
172 |
|
|
goto restart; |
173 |
|
|
|
174 |
|
|
if (save_errno) |
175 |
|
|
errno = save_errno; |
176 |
|
|
return(nr == -1 ? NULL : buf); |
177 |
|
|
} |
178 |
|
|
DEF_WEAK(readpassphrase); |
179 |
|
|
|
180 |
|
|
char * |
181 |
|
|
getpass(const char *prompt) |
182 |
|
|
{ |
183 |
|
|
static char buf[_PASSWORD_LEN + 1]; |
184 |
|
|
|
185 |
|
|
return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF)); |
186 |
|
|
} |
187 |
|
|
|
188 |
|
|
static void handler(int s) |
189 |
|
|
{ |
190 |
|
|
|
191 |
|
|
signo[s] = 1; |
192 |
|
|
} |