Author: Antonio Borneo
Date: Tue Feb 18 06:09:39 2014
New Revision: 542
Log:
Replace obsolete getpass()
Function getpass(3) is reported as obsolete.
Replace it with new vpnc_getpass().
Differences with original implementation:
- output prompt on stdout, instead of /dev/tty;
- input from stdin, instead of /dev/tty;
- password length limited by vpnc_getline() to 200 chars.
Functions tcgetattr()/tcsetattr() return error if stdin
is not a terminal but, e.g., a pipe or a file. I simply
ignore the error, since no need to disable ECHO on them.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Modified:
trunk/config.c
trunk/config.h
trunk/sysdep.h
trunk/vpnc.c
Modified: trunk/config.c
==============================================================================
--- trunk/config.c (original)
+++ trunk/config.c Tue Feb 18 06:09:39 2014
@@ -158,6 +158,26 @@
if (buf_allocated)
free(buf);
return -1;
+}
+
+char *vpnc_getpass(const char *prompt)
+{
+ struct termios t;
+ char *buf = NULL;
+ size_t len = 0;
+
+ printf("%s", prompt);
+ tcgetattr(STDIN_FILENO, &t);
+ t.c_lflag &= ~ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+
+ vpnc_getline(&buf, &len, stdin);
+
+ t.c_lflag |= ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+ printf("\n");
+
+ return buf;
}
static void config_deobfuscate(int obfuscated, int clear)
@@ -879,7 +899,9 @@
switch (i) {
case CONFIG_IPSEC_SECRET:
case CONFIG_XAUTH_PASSWORD:
- s = strdup(getpass(""));
+ s = vpnc_getpass("");
+ if (s == NULL)
+ error(1, 0, "unable to get password");
break;
case CONFIG_IPSEC_GATEWAY:
case CONFIG_IPSEC_ID:
Modified: trunk/config.h
==============================================================================
--- trunk/config.h (original)
+++ trunk/config.h Tue Feb 18 06:09:39 2014
@@ -131,6 +131,7 @@
extern void hex_dump(const char *str, const void *data, ssize_t len, const struct debug_strings *decode);
extern void do_config(int argc, char **argv);
+extern char *vpnc_getpass(const char *prompt);
extern void (*logmsg)(int priority, const char *format, ...)
__attribute__ ((__format__ (__printf__, 2, 3)));
Modified: trunk/sysdep.h
==============================================================================
--- trunk/sysdep.h (original)
+++ trunk/sysdep.h Tue Feb 18 06:09:39 2014
@@ -115,8 +115,6 @@
#define IPPROTO_ESP 50
#endif
-#define getpass(prompt) getpassphrase(prompt)
-
/* where is this defined? */
#include <sys/socket.h>
const char *inet_ntop(int af, const void *src, char *dst, size_t cnt);
Modified: trunk/vpnc.c
==============================================================================
--- trunk/vpnc.c (original)
+++ trunk/vpnc.c Tue Feb 18 06:09:39 2014
@@ -2335,14 +2335,17 @@
(ap->type == ISAKMP_XAUTH_06_ATTRIB_USER_PASSWORD) ?
"Password" : "Passcode",
config[CONFIG_XAUTH_USERNAME], ntop_buf);
- pass = getpass(prompt);
+ pass = vpnc_getpass(prompt);
free(prompt);
+ if (pass == NULL)
+ error(2, 0, "unable to get password");
na = new_isakmp_attribute(ap->type, NULL);
na->u.lots.length = strlen(pass);
na->u.lots.data = xallocc(na->u.lots.length);
memcpy(na->u.lots.data, pass, na->u.lots.length);
memset(pass, 0, na->u.lots.length);
+ free(pass);
} else {
na = new_isakmp_attribute(ap->type, NULL);
na->u.lots.length = strlen(config[CONFIG_XAUTH_PASSWORD]);
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
Date: Tue Feb 18 06:09:39 2014
New Revision: 542
Log:
Replace obsolete getpass()
Function getpass(3) is reported as obsolete.
Replace it with new vpnc_getpass().
Differences with original implementation:
- output prompt on stdout, instead of /dev/tty;
- input from stdin, instead of /dev/tty;
- password length limited by vpnc_getline() to 200 chars.
Functions tcgetattr()/tcsetattr() return error if stdin
is not a terminal but, e.g., a pipe or a file. I simply
ignore the error, since no need to disable ECHO on them.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Modified:
trunk/config.c
trunk/config.h
trunk/sysdep.h
trunk/vpnc.c
Modified: trunk/config.c
==============================================================================
--- trunk/config.c (original)
+++ trunk/config.c Tue Feb 18 06:09:39 2014
@@ -158,6 +158,26 @@
if (buf_allocated)
free(buf);
return -1;
+}
+
+char *vpnc_getpass(const char *prompt)
+{
+ struct termios t;
+ char *buf = NULL;
+ size_t len = 0;
+
+ printf("%s", prompt);
+ tcgetattr(STDIN_FILENO, &t);
+ t.c_lflag &= ~ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+
+ vpnc_getline(&buf, &len, stdin);
+
+ t.c_lflag |= ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+ printf("\n");
+
+ return buf;
}
static void config_deobfuscate(int obfuscated, int clear)
@@ -879,7 +899,9 @@
switch (i) {
case CONFIG_IPSEC_SECRET:
case CONFIG_XAUTH_PASSWORD:
- s = strdup(getpass(""));
+ s = vpnc_getpass("");
+ if (s == NULL)
+ error(1, 0, "unable to get password");
break;
case CONFIG_IPSEC_GATEWAY:
case CONFIG_IPSEC_ID:
Modified: trunk/config.h
==============================================================================
--- trunk/config.h (original)
+++ trunk/config.h Tue Feb 18 06:09:39 2014
@@ -131,6 +131,7 @@
extern void hex_dump(const char *str, const void *data, ssize_t len, const struct debug_strings *decode);
extern void do_config(int argc, char **argv);
+extern char *vpnc_getpass(const char *prompt);
extern void (*logmsg)(int priority, const char *format, ...)
__attribute__ ((__format__ (__printf__, 2, 3)));
Modified: trunk/sysdep.h
==============================================================================
--- trunk/sysdep.h (original)
+++ trunk/sysdep.h Tue Feb 18 06:09:39 2014
@@ -115,8 +115,6 @@
#define IPPROTO_ESP 50
#endif
-#define getpass(prompt) getpassphrase(prompt)
-
/* where is this defined? */
#include <sys/socket.h>
const char *inet_ntop(int af, const void *src, char *dst, size_t cnt);
Modified: trunk/vpnc.c
==============================================================================
--- trunk/vpnc.c (original)
+++ trunk/vpnc.c Tue Feb 18 06:09:39 2014
@@ -2335,14 +2335,17 @@
(ap->type == ISAKMP_XAUTH_06_ATTRIB_USER_PASSWORD) ?
"Password" : "Passcode",
config[CONFIG_XAUTH_USERNAME], ntop_buf);
- pass = getpass(prompt);
+ pass = vpnc_getpass(prompt);
free(prompt);
+ if (pass == NULL)
+ error(2, 0, "unable to get password");
na = new_isakmp_attribute(ap->type, NULL);
na->u.lots.length = strlen(pass);
na->u.lots.data = xallocc(na->u.lots.length);
memcpy(na->u.lots.data, pass, na->u.lots.length);
memset(pass, 0, na->u.lots.length);
+ free(pass);
} else {
na = new_isakmp_attribute(ap->type, NULL);
na->u.lots.length = strlen(config[CONFIG_XAUTH_PASSWORD]);
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/