1
/* -*- coding: utf-8 -*- */
3
* Password-prompt - Read a password from the terminal and print it
5
* Copyright © 2008,2009 Teddy Hogeborn
6
* Copyright © 2008,2009 Björn Påhlsson
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
22
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
23
* <https://www.fukt.bsnet.se/~teddy/>.
1
26
#define _GNU_SOURCE /* getline() */
2
#define _FORTIFY_SOURCE 2
3
28
#include <termios.h> /* struct termios, tcsetattr(),
4
29
TCSAFLUSH, tcgetattr(), ECHO */
5
30
#include <unistd.h> /* struct termios, tcsetattr(),
39
70
struct sigaction old_action,
40
71
new_action = { .sa_handler = termination_handler,
44
static struct option long_options[] = {
45
{"debug", no_argument, (int *)&debug, 1},
46
{"prefix", required_argument, 0, 'p'},
50
ret = getopt_long (argc, argv, "p:", long_options, &option_index);
74
struct argp_option options[] = {
75
{ .name = "prefix", .key = 'p',
76
.arg = "PREFIX", .flags = 0,
77
.doc = "Prefix shown before the prompt", .group = 2 },
78
{ .name = "debug", .key = 128,
79
.doc = "Debug mode", .group = 3 },
83
error_t parse_opt (int key, char *arg, struct argp_state *state) {
97
return ARGP_ERR_UNKNOWN;
63
fprintf(stderr, "bad arguments\n");
102
struct argp argp = { .options = options, .parser = parse_opt,
104
.doc = "Mandos password-prompt -- Read and"
105
" output a password" };
106
ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
107
if(ret == ARGP_ERR_UNKNOWN){
108
fprintf(stderr, "Unknown error while parsing arguments\n");
69
114
fprintf(stderr, "Starting %s\n", argv[0]);
72
117
fprintf(stderr, "Storing current terminal attributes\n");
75
if (tcgetattr(STDIN_FILENO, &t_old) != 0){
120
if(tcgetattr(STDIN_FILENO, &t_old) != 0){
76
122
return EXIT_FAILURE;
79
125
sigemptyset(&new_action.sa_mask);
80
126
sigaddset(&new_action.sa_mask, SIGINT);
81
sigaddset(&new_action.sa_mask, SIGQUIT);
82
127
sigaddset(&new_action.sa_mask, SIGHUP);
83
128
sigaddset(&new_action.sa_mask, SIGTERM);
84
sigaction(SIGINT, NULL, &old_action);
85
if (old_action.sa_handler != SIG_IGN)
86
sigaction(SIGINT, &new_action, NULL);
87
sigaction(SIGQUIT, NULL, &old_action);
88
if (old_action.sa_handler != SIG_IGN)
89
sigaction(SIGQUIT, &new_action, NULL);
90
sigaction(SIGHUP, NULL, &old_action);
91
if (old_action.sa_handler != SIG_IGN)
92
sigaction(SIGHUP, &new_action, NULL);
93
sigaction(SIGTERM, NULL, &old_action);
94
if (old_action.sa_handler != SIG_IGN)
95
sigaction(SIGTERM, &new_action, NULL);
129
ret = sigaction(SIGINT, NULL, &old_action);
134
if(old_action.sa_handler != SIG_IGN){
135
ret = sigaction(SIGINT, &new_action, NULL);
141
ret = sigaction(SIGHUP, NULL, &old_action);
146
if(old_action.sa_handler != SIG_IGN){
147
ret = sigaction(SIGHUP, &new_action, NULL);
153
ret = sigaction(SIGTERM, NULL, &old_action);
158
if(old_action.sa_handler != SIG_IGN){
159
ret = sigaction(SIGTERM, &new_action, NULL);
99
168
fprintf(stderr, "Removing echo flag from terminal attributes\n");
103
172
t_new.c_lflag &= ~ECHO;
104
if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_new) != 0){
173
if(tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_new) != 0){
105
174
perror("tcsetattr-echo");
106
175
return EXIT_FAILURE;
110
179
fprintf(stderr, "Waiting for input from stdin \n");
184
fprintf(stderr, "Interrupted by signal, exiting.\n");
114
186
status = EXIT_FAILURE;
119
fprintf(stderr, "%s Password: ", prefix);
121
fprintf(stderr, "Password: ");
191
fprintf(stderr, "%s ", prefix);
194
const char *cryptsource = getenv("cryptsource");
195
const char *crypttarget = getenv("crypttarget");
196
const char *const prompt
197
= "Enter passphrase to unlock the disk";
198
if(cryptsource == NULL){
199
if(crypttarget == NULL){
200
fprintf(stderr, "%s: ", prompt);
202
fprintf(stderr, "%s (%s): ", prompt, crypttarget);
205
if(crypttarget == NULL){
206
fprintf(stderr, "%s %s: ", prompt, cryptsource);
208
fprintf(stderr, "%s %s (%s): ", prompt, cryptsource,
123
213
ret = getline(&buffer, &n, stdin);
125
fprintf(stdout, "%s", buffer);
126
215
status = EXIT_SUCCESS;
216
/* Make n = data size instead of allocated buffer size */
218
/* Strip final newline */
219
if(n>0 and buffer[n-1] == '\n'){
220
buffer[n-1] = '\0'; /* not strictly necessary */
225
ret = write(STDOUT_FILENO, buffer + written, n - written);
228
status = EXIT_FAILURE;
231
written += (size_t)ret;
129
// ret == 0 makes no other sence than to retry to read from stdin
131
if (errno != EINTR and not feof(stdin)){
236
if(errno != EINTR and not feof(stdin)){
132
237
perror("getline");
133
238
status = EXIT_FAILURE;
242
/* if(ret == 0), then the only sensible thing to do is to retry to
137
244
fputc('\n', stderr);
245
if(debug and not quit_now){
246
/* If quit_now is true, we were interrupted by a signal, and
247
will print that later, so no need to show this too. */
248
fprintf(stderr, "getline() returned 0, retrying.\n");
141
255
fprintf(stderr, "Restoring terminal attributes\n");
143
if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_old) != 0){
257
if(tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_old) != 0){
144
258
perror("tcsetattr+echo");
148
fprintf(stderr, "%s is exiting\n", argv[0]);
262
fprintf(stderr, "%s is exiting with status %d\n", argv[0],
265
if(status == EXIT_SUCCESS){