/mandos/trunk : revision 1239

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-prompt.c

Committer: Teddy Hogeborn
Date: 2021-02-04 17:59:45 UTC
Revision ID: teddy@recompile.se-20210204175945-8druo6d88ipc1z58

Fix issue with french translation

Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw key id, and therefore did not need
translation, so this was never a user-visible issue.

* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " ${key_id}".

files added:
bugs.xml

debian/mandos-client.examples

debian/mandos-client.templates

debian/mandos.templates

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/sv.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

initramfs-unpack

mandos-to-cryptroot-unlock

mandos.service

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

intro.xml

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

network-hooks.d/bridge

network-hooks.d/openvpn

network-hooks.d/wireless

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

plugins.d/password-prompt.c

* Password-prompt - Read a password from the terminal and print it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* This file is part of Mandos.

* Mandos is free software: you can redistribute it and/or modify it

* under the terms of the GNU General Public License as published by

* the Free Software Foundation, either version 3 of the License, or

* (at your option) any later version.

* Mandos is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* along with Mandos. If not, see <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@recompile.se>.

#define _GNU_SOURCE /* getline(), asprintf() */

#include <termios.h> /* struct termios, tcsetattr(),

TCSAFLUSH, tcgetattr(), ECHO */

#include <unistd.h> /* struct termios, tcsetattr(),

STDIN_FILENO, TCSAFLUSH,

tcgetattr(), ECHO, readlink() */

#include <signal.h> /* sig_atomic_t, raise(), struct

sigaction, sigemptyset(),

sigaction(), sigaddset(), SIGINT,

SIGQUIT, SIGHUP, SIGTERM,

#define _GNU_SOURCE /* vasprintf(),

program_invocation_short_name,

asprintf(), getline() */

#include <sys/types.h> /* sig_atomic_t, pid_t */

#include <stdbool.h> /* bool, false, true */

#include <argp.h> /* argp_program_version,

argp_program_bug_address,

struct argp_option,

struct argp_state, argp_state_help,

ARGP_HELP_STD_HELP,

ARGP_HELP_EXIT_ERR,

ARGP_HELP_EXIT_OK, ARGP_HELP_USAGE,

argp_err_exit_status,

ARGP_ERR_UNKNOWN, argp_parse(),

ARGP_IN_ORDER, ARGP_NO_HELP */

#include <stdarg.h> /* va_list, va_start(), vfprintf() */

#include <stdio.h> /* vasprintf(), fprintf(), stderr,

vfprintf(), asprintf(), getline(),

stdin, feof(), clearerr(),

fputc() */

#include <errno.h> /* program_invocation_short_name,

errno, ENOENT, error_t, ENOMEM,

EINVAL, EBADF, ENOTTY, EFAULT,

EFBIG, EIO, ENOSPC, EINTR */

#include <string.h> /* strerror(), strrchr(), strcmp() */

#include <error.h> /* error() */

#include <stdlib.h> /* free(), realloc(), EXIT_SUCCESS,

EXIT_FAILURE, getenv() */

#include <unistd.h> /* access(), R_OK, ssize_t, close(),

read(), STDIN_FILENO, write(),

STDOUT_FILENO */

#include <dirent.h> /* struct dirent, scandir(),

alphasort() */

#include <inttypes.h> /* uintmax_t, strtoumax() */

#include <iso646.h> /* or, and, not */

#include <fcntl.h> /* open(), O_RDONLY */

#include <stddef.h> /* NULL, size_t */

#include <termios.h> /* struct termios, tcgetattr(),

tcflag_t, ECHO, tcsetattr(),

TCSAFLUSH */

#include <signal.h> /* struct sigaction, sigemptyset(),

sigaddset(), SIGINT, SIGHUP,

SIGTERM, SIG_IGN, SIG_DFL,

raise() */

#include <stddef.h> /* NULL, size_t, ssize_t */

#include <sys/types.h> /* ssize_t, struct dirent, pid_t,

ssize_t, open() */

#include <stdlib.h> /* EXIT_SUCCESS, EXIT_FAILURE,

getenv(), free() */

#include <dirent.h> /* scandir(), alphasort() */

#include <stdio.h> /* fprintf(), stderr, getline(),

stdin, feof(), fputc(), vfprintf(),

vasprintf() */

#include <errno.h> /* errno, EBADF, ENOTTY, EINVAL,

EFAULT, EFBIG, EIO, ENOSPC, EINTR

#include <error.h> /* error() */

#include <iso646.h> /* or, not */

#include <stdbool.h> /* bool, false, true */

#include <inttypes.h> /* strtoumax() */

#include <sys/stat.h> /* struct stat, lstat(), open() */

#include <string.h> /* strlen, rindex, memcmp, strerror()

#include <argp.h> /* struct argp_option, struct

argp_state, struct argp,

argp_parse(), error_t,

ARGP_KEY_ARG, ARGP_KEY_END,

ARGP_ERR_UNKNOWN */

#include <sysexits.h> /* EX_SOFTWARE, EX_OSERR,

EX_UNAVAILABLE, EX_IOERR, EX_OK */

#include <fcntl.h> /* open() */

#include <stdarg.h> /* va_list, va_start(), ... */

#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,

EX_IOERR, EX_OSFILE, EX_OK */

volatile sig_atomic_t quit_now = 0;

int signal_received;

/* Needed for conflict resolution */

const char plymouth_name[] = "plymouthd";

__attribute__((format (gnu_printf, 2, 3), nonnull(1)))

int fprintf_plus(FILE *stream, const char *format, ...){

va_list ap;

va_start (ap, format);

TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",

program_invocation_short_name));

return TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));

}

/* Function to use when printing errors */

__attribute__((format (gnu_printf, 3, 4)))

void error_plus(int status, int errnum, const char *formatstring,

va_start(ap, formatstring);

ret = vasprintf(&text, formatstring, ap);

if (ret == -1){

if(ret == -1){

fprintf(stderr, "Mandos plugin %s: ",

program_invocation_short_name);

vfprintf(stderr, formatstring, ap);

119

116

from the terminal. Password-prompt will exit if it detects

120

117

plymouth since plymouth performs the same functionality.

121

118

119

if(access("/run/plymouth/pid", R_OK) == 0){

120

return true;

121

}

122

123

__attribute__((nonnull))

123

124

int is_plymouth(const struct dirent *proc_entry){

124

125

int ret;

125

126

int cl_fd;

126

127

{

127

uintmax_t maxvalue;

128

uintmax_t proc_id;

128

129

char *tmp;

129

130

errno = 0;

130

maxvalue = strtoumax(proc_entry->d_name, &tmp, 10);

131

proc_id = strtoumax(proc_entry->d_name, &tmp, 10);

131

132

133

if(errno != 0 or *tmp != '\0'

133

or maxvalue != (uintmax_t)((pid_t)maxvalue)){

134

or proc_id != (uintmax_t)((pid_t)proc_id)){

134

135

return 0;

135

136

}

136

137

}

222

223

struct dirent **direntries = NULL;

223

224

int ret;

224

225

ret = scandir("/proc", &direntries, is_plymouth, alphasort);

225

if (ret == -1){

226

if(ret == -1){

226

227

error_plus(1, errno, "scandir");

227

228

}

229

{

230

int i = ret;

231

while(i--){

232

free(direntries[i]);

233

}

234

}

228

235

free(direntries);

229

236

return ret > 0;

230

237

}

237

244

struct termios t_new, t_old;

238

245

char *buffer = NULL;

239

246

char *prefix = NULL;

247

char *prompt = NULL;

240

248

int status = EXIT_SUCCESS;

241

249

struct sigaction old_action,

242

250

new_action = { .sa_handler = termination_handler,

246

254

{ .name = "prefix", .key = 'p',

247

255

.arg = "PREFIX", .flags = 0,

248

256

.doc = "Prefix shown before the prompt", .group = 2 },

257

{ .name = "prompt", .key = 129,

258

.arg = "PROMPT", .flags = 0,

259

.doc = "The prompt to show", .group = 2 },

249

260

{ .name = "debug", .key = 128,

250

261

.doc = "Debug mode", .group = 3 },

251

262

264

275

error_t parse_opt (int key, char *arg, struct argp_state *state){

265

276

errno = 0;

266

277

switch (key){

267

case 'p':

278

case 'p': /* --prefix */

268

279

prefix = arg;

269

280

break;

270

case 128:

281

case 128: /* --debug */

271

282

debug = true;

272

283

break;

284

case 129: /* --prompt */

285

prompt = arg;

286

break;

273

287

274

288

* These reproduce what we would get without ARGP_NO_HELP

275

289

277

291

argp_state_help(state, state->out_stream,

278

292

(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)

279

293

& ~(unsigned int)ARGP_HELP_EXIT_OK);

294

__builtin_unreachable();

280

295

case -3: /* --usage */

281

296

argp_state_help(state, state->out_stream,

282

297

ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);

298

__builtin_unreachable();

283

299

case 'V': /* --version */

284

300

fprintf(state->out_stream, "%s\n", argp_program_version);

285

301

exit(argp_err_exit_status);

313

329

fprintf(stderr, "Starting %s\n", argv[0]);

314

330

}

315

331

316

if (conflict_detection()){

332

if(conflict_detection()){

317

333

if(debug){

318

334

fprintf(stderr, "Stopping %s because of conflict\n", argv[0]);

319

335

}

428

444

if(prefix){

429

445

fprintf(stderr, "%s ", prefix);

430

446

}

431

{

447

if(prompt != NULL){

448

fprintf(stderr, "%s: ", prompt);

449

} else {

432

450

const char *cryptsource = getenv("CRYPTTAB_SOURCE");

433

451

const char *crypttarget = getenv("CRYPTTAB_NAME");

434

452

/* Before cryptsetup 1.1.0~rc2 */

509

527

}

510

528

if(sret < 0){

511

529

int e = errno;

512

if(errno != EINTR and not feof(stdin)){

513

error_plus(0, errno, "getline");

514

switch(e){

515

case EBADF:

516

status = EX_UNAVAILABLE;

517

case EIO:

518

case EINVAL:

519

default:

520

status = EX_IOERR;

530

if(errno != EINTR){

531

if(not feof(stdin)){

532

error_plus(0, errno, "getline");

533

switch(e){

534

case EBADF:

535

status = EX_UNAVAILABLE;

536

break;

537

case EIO:

538

case EINVAL:

539

default:

540

status = EX_IOERR;

541

break;

542

}

521

543

break;

544

} else {

545

clearerr(stdin);

522

546

}

523

break;

524

547

}

525

548

}

526

549

/* if(sret == 0), then the only sensible thing to do is to retry

Older »