readpassphrase.c revision 86669 
186669Sgreen/*
286669Sgreen * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
386669Sgreen * All rights reserved.
486669Sgreen *
586669Sgreen * Redistribution and use in source and binary forms, with or without
686669Sgreen * modification, are permitted provided that the following conditions
786669Sgreen * are met:
886669Sgreen * 1. Redistributions of source code must retain the above copyright
986669Sgreen *    notice, this list of conditions and the following disclaimer.
1086669Sgreen * 2. Redistributions in binary form must reproduce the above copyright
1186669Sgreen *    notice, this list of conditions and the following disclaimer in the
1286669Sgreen *    documentation and/or other materials provided with the distribution.
1386669Sgreen * 3. The name of the author may not be used to endorse or promote products
1486669Sgreen *    derived from this software without specific prior written permission.
1586669Sgreen *
1686669Sgreen * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
1786669Sgreen * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
1886669Sgreen * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
1986669Sgreen * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
2086669Sgreen * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
2186669Sgreen * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
2286669Sgreen * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
2386669Sgreen * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
2486669Sgreen * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
2586669Sgreen * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2686669Sgreen */
2786669Sgreen
2886669Sgreen#if defined(LIBC_SCCS) && !defined(lint)
2986669Sgreenstatic const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.7 2001/08/07 19:34:11 millert Exp $";
3086669Sgreen#endif /* LIBC_SCCS and not lint */
3186669Sgreen#include <sys/cdefs.h>
3286669Sgreen__FBSDID("$FreeBSD: head/lib/libc/gen/readpassphrase.c 86669 2001-11-20 15:15:42Z green $");
3386669Sgreen
3486669Sgreen#include <ctype.h>
3586669Sgreen#include <errno.h>
3686669Sgreen#include <fcntl.h>
3786669Sgreen#include <paths.h>
3886669Sgreen#include <pwd.h>
3986669Sgreen#include <signal.h>
4086669Sgreen#include <string.h>
4186669Sgreen#include <termios.h>
4286669Sgreen#include <unistd.h>
4386669Sgreen#include <readpassphrase.h>
4486669Sgreen
4586669Sgreenchar *
4686669Sgreenreadpassphrase(prompt, buf, bufsiz, flags)
4786669Sgreen	const char *prompt;
4886669Sgreen	char *buf;
4986669Sgreen	size_t bufsiz;
5086669Sgreen	int flags;
5186669Sgreen{
5286669Sgreen	struct termios term, oterm;
5386669Sgreen	char ch, *p, *end;
5486669Sgreen	int input, output;
5586669Sgreen	sigset_t oset, nset;
5686669Sgreen
5786669Sgreen	/* I suppose we could alloc on demand in this case (XXX). */
5886669Sgreen	if (bufsiz == 0) {
5986669Sgreen		errno = EINVAL;
6086669Sgreen		return(NULL);
6186669Sgreen	}
6286669Sgreen
6386669Sgreen	/*
6486669Sgreen	 * Read and write to /dev/tty if available.  If not, read from
6586669Sgreen	 * stdin and write to stderr unless a tty is required.
6686669Sgreen	 */
6786669Sgreen	if ((input = output = open(_PATH_TTY, O_RDWR)) == -1) {
6886669Sgreen		if (flags & RPP_REQUIRE_TTY) {
6986669Sgreen			errno = ENOTTY;
7086669Sgreen			return(NULL);
7186669Sgreen		}
7286669Sgreen		input = STDIN_FILENO;
7386669Sgreen		output = STDERR_FILENO;
7486669Sgreen	}
7586669Sgreen
7686669Sgreen	/*
7786669Sgreen	 * We block SIGINT and SIGTSTP so the terminal is not left
7886669Sgreen	 * in an inconsistent state (ie: no echo).  It would probably
7986669Sgreen	 * be better to simply catch these though.
8086669Sgreen	 */
8186669Sgreen	sigemptyset(&nset);
8286669Sgreen	sigaddset(&nset, SIGINT);
8386669Sgreen	sigaddset(&nset, SIGTSTP);
8486669Sgreen	(void)sigprocmask(SIG_BLOCK, &nset, &oset);
8586669Sgreen
8686669Sgreen	/* Turn off echo if possible. */
8786669Sgreen	if (tcgetattr(input, &oterm) == 0) {
8886669Sgreen		memcpy(&term, &oterm, sizeof(term));
8986669Sgreen		if (!(flags & RPP_ECHO_ON) && (term.c_lflag & ECHO))
9086669Sgreen			term.c_lflag &= ~ECHO;
9186669Sgreen		if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
9286669Sgreen			term.c_cc[VSTATUS] = _POSIX_VDISABLE;
9386669Sgreen		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
9486669Sgreen	} else {
9586669Sgreen		memset(&term, 0, sizeof(term));
9686669Sgreen		memset(&oterm, 0, sizeof(oterm));
9786669Sgreen	}
9886669Sgreen
9986669Sgreen	(void)write(output, prompt, strlen(prompt));
10086669Sgreen	end = buf + bufsiz - 1;
10186669Sgreen	for (p = buf; read(input, &ch, 1) == 1 && ch != '\n' && ch != '\r';) {
10286669Sgreen		if (p < end) {
10386669Sgreen			if ((flags & RPP_SEVENBIT))
10486669Sgreen				ch &= 0x7f;
10586669Sgreen			if (isalpha(ch)) {
10686669Sgreen				if ((flags & RPP_FORCELOWER))
10786669Sgreen					ch = tolower(ch);
10886669Sgreen				if ((flags & RPP_FORCEUPPER))
10986669Sgreen					ch = toupper(ch);
11086669Sgreen			}
11186669Sgreen			*p++ = ch;
11286669Sgreen		}
11386669Sgreen	}
11486669Sgreen	*p = '\0';
11586669Sgreen	if (!(term.c_lflag & ECHO))
11686669Sgreen		(void)write(output, "\n", 1);
11786669Sgreen
11886669Sgreen	/* Restore old terminal settings and signal mask. */
11986669Sgreen	if (memcmp(&term, &oterm, sizeof(term)) != 0)
12086669Sgreen		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm);
12186669Sgreen	(void)sigprocmask(SIG_SETMASK, &oset, NULL);
12286669Sgreen	if (input != STDIN_FILENO)
12386669Sgreen		(void)close(input);
12486669Sgreen	return(buf);
12586669Sgreen}
12686669Sgreen
12786669Sgreenchar *
12886669Sgreengetpass(prompt)
12986669Sgreen        const char *prompt;
13086669Sgreen{
13186669Sgreen	static char buf[_PASSWORD_LEN + 1];
13286669Sgreen
13386669Sgreen	return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
13486669Sgreen}
135