readpassphrase.c revision 86750
186669Sgreen/* 286669Sgreen * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> 386669Sgreen * All rights reserved. 486669Sgreen * 586669Sgreen * Redistribution and use in source and binary forms, with or without 686669Sgreen * modification, are permitted provided that the following conditions 786669Sgreen * are met: 886669Sgreen * 1. Redistributions of source code must retain the above copyright 986669Sgreen * notice, this list of conditions and the following disclaimer. 1086669Sgreen * 2. Redistributions in binary form must reproduce the above copyright 1186669Sgreen * notice, this list of conditions and the following disclaimer in the 1286669Sgreen * documentation and/or other materials provided with the distribution. 1386669Sgreen * 3. The name of the author may not be used to endorse or promote products 1486669Sgreen * derived from this software without specific prior written permission. 1586669Sgreen * 1686669Sgreen * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 1786669Sgreen * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 1886669Sgreen * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 1986669Sgreen * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 2086669Sgreen * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 2186669Sgreen * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 2286669Sgreen * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 2386669Sgreen * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 2486669Sgreen * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 2586669Sgreen * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2686669Sgreen */ 2786669Sgreen 2886669Sgreen#if defined(LIBC_SCCS) && !defined(lint) 2986669Sgreenstatic const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.7 2001/08/07 19:34:11 millert Exp $"; 3086669Sgreen#endif /* LIBC_SCCS and not lint */ 3186750Sfjoe#include <sys/cdefs.h> 3286669Sgreen__FBSDID("$FreeBSD: head/lib/libc/gen/readpassphrase.c 86750 2001-11-21 20:40:21Z fjoe $"); 3386669Sgreen 3486733Sgreen#include "namespace.h" 3586669Sgreen#include <ctype.h> 3686669Sgreen#include <errno.h> 3786669Sgreen#include <fcntl.h> 3886669Sgreen#include <paths.h> 3986669Sgreen#include <pwd.h> 4086669Sgreen#include <signal.h> 4186669Sgreen#include <string.h> 4286669Sgreen#include <termios.h> 4386669Sgreen#include <unistd.h> 4486669Sgreen#include <readpassphrase.h> 4586733Sgreen#include "un-namespace.h" 4686669Sgreen 4786669Sgreenchar * 4886669Sgreenreadpassphrase(prompt, buf, bufsiz, flags) 4986669Sgreen const char *prompt; 5086669Sgreen char *buf; 5186669Sgreen size_t bufsiz; 5286669Sgreen int flags; 5386669Sgreen{ 5486669Sgreen struct termios term, oterm; 5586669Sgreen char ch, *p, *end; 5686669Sgreen int input, output; 5786669Sgreen sigset_t oset, nset; 5886669Sgreen 5986669Sgreen /* I suppose we could alloc on demand in this case (XXX). */ 6086669Sgreen if (bufsiz == 0) { 6186669Sgreen errno = EINVAL; 6286669Sgreen return(NULL); 6386669Sgreen } 6486669Sgreen 6586669Sgreen /* 6686669Sgreen * Read and write to /dev/tty if available. If not, read from 6786669Sgreen * stdin and write to stderr unless a tty is required. 6886669Sgreen */ 6986732Sgreen if ((input = output = _open(_PATH_TTY, O_RDWR)) == -1) { 7086669Sgreen if (flags & RPP_REQUIRE_TTY) { 7186669Sgreen errno = ENOTTY; 7286669Sgreen return(NULL); 7386669Sgreen } 7486669Sgreen input = STDIN_FILENO; 7586669Sgreen output = STDERR_FILENO; 7686669Sgreen } 7786669Sgreen 7886669Sgreen /* 7986669Sgreen * We block SIGINT and SIGTSTP so the terminal is not left 8086669Sgreen * in an inconsistent state (ie: no echo). It would probably 8186669Sgreen * be better to simply catch these though. 8286669Sgreen */ 8386669Sgreen sigemptyset(&nset); 8486669Sgreen sigaddset(&nset, SIGINT); 8586669Sgreen sigaddset(&nset, SIGTSTP); 8686732Sgreen (void)_sigprocmask(SIG_BLOCK, &nset, &oset); 8786669Sgreen 8886669Sgreen /* Turn off echo if possible. */ 8986669Sgreen if (tcgetattr(input, &oterm) == 0) { 9086669Sgreen memcpy(&term, &oterm, sizeof(term)); 9186669Sgreen if (!(flags & RPP_ECHO_ON) && (term.c_lflag & ECHO)) 9286669Sgreen term.c_lflag &= ~ECHO; 9386669Sgreen if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) 9486669Sgreen term.c_cc[VSTATUS] = _POSIX_VDISABLE; 9586669Sgreen (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term); 9686669Sgreen } else { 9786669Sgreen memset(&term, 0, sizeof(term)); 9886669Sgreen memset(&oterm, 0, sizeof(oterm)); 9986669Sgreen } 10086669Sgreen 10186732Sgreen (void)_write(output, prompt, strlen(prompt)); 10286669Sgreen end = buf + bufsiz - 1; 10386732Sgreen for (p = buf; _read(input, &ch, 1) == 1 && ch != '\n' && ch != '\r';) { 10486669Sgreen if (p < end) { 10586669Sgreen if ((flags & RPP_SEVENBIT)) 10686669Sgreen ch &= 0x7f; 10786669Sgreen if (isalpha(ch)) { 10886669Sgreen if ((flags & RPP_FORCELOWER)) 10986669Sgreen ch = tolower(ch); 11086669Sgreen if ((flags & RPP_FORCEUPPER)) 11186669Sgreen ch = toupper(ch); 11286669Sgreen } 11386669Sgreen *p++ = ch; 11486669Sgreen } 11586669Sgreen } 11686669Sgreen *p = '\0'; 11786669Sgreen if (!(term.c_lflag & ECHO)) 11886732Sgreen (void)_write(output, "\n", 1); 11986669Sgreen 12086669Sgreen /* Restore old terminal settings and signal mask. */ 12186669Sgreen if (memcmp(&term, &oterm, sizeof(term)) != 0) 12286669Sgreen (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm); 12386732Sgreen (void)_sigprocmask(SIG_SETMASK, &oset, NULL); 12486669Sgreen if (input != STDIN_FILENO) 12586732Sgreen (void)_close(input); 12686669Sgreen return(buf); 12786669Sgreen} 12886669Sgreen 12986669Sgreenchar * 13086669Sgreengetpass(prompt) 13186669Sgreen const char *prompt; 13286669Sgreen{ 13386669Sgreen static char buf[_PASSWORD_LEN + 1]; 13486669Sgreen 13586669Sgreen return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF)); 13686669Sgreen} 137