1/* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements.  See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License.  You may obtain a copy of the License at
7 *
8 *     http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/* apr_password_get.c: abstraction to provide for obtaining a password from the
18 * command line in whatever way the OS supports.  In the best case, it's a
19 * wrapper for the system library's getpass() routine; otherwise, we
20 * use one we define ourselves.
21 */
22#include "apr_private.h"
23#include "apr_strings.h"
24#include "apr_lib.h"
25#include "apr_errno.h"
26#if APR_HAVE_SYS_TYPES_H
27#include <sys/types.h>
28#endif
29#if APR_HAVE_ERRNO_H
30#include <errno.h>
31#endif
32
33#if APR_HAVE_UNISTD_H
34#include <unistd.h>
35#endif
36#if APR_HAVE_CONIO_H
37#ifdef _MSC_VER
38#pragma warning(disable: 4032)
39#include <conio.h>
40#pragma warning(default: 4032)
41#else
42#include <conio.h>
43#endif
44#endif
45#if APR_HAVE_STDLIB_H
46#include <stdlib.h>
47#endif
48#if APR_HAVE_STRING_H
49#include <string.h>
50#endif
51#if APR_HAVE_STRINGS_H
52#include <strings.h>
53#endif
54
55/* Disable getpass() support when PASS_MAX is defined and is "small",
56 * for an arbitrary definition of "small".
57 * HP-UX truncates passwords (PR49496) so we disable getpass() for
58 * this platform too.
59 */
60#if defined(HAVE_GETPASS) && \
61    (defined(PASS_MAX) && PASS_MAX < 32) || defined(__hpux) || defined(__hpux__)
62#undef HAVE_GETPASS
63#endif
64
65#if defined(HAVE_TERMIOS_H) && !defined(HAVE_GETPASS)
66#include <termios.h>
67#endif
68
69#if !APR_CHARSET_EBCDIC
70#define LF 10
71#define CR 13
72#else /* APR_CHARSET_EBCDIC */
73#define LF '\n'
74#define CR '\r'
75#endif /* APR_CHARSET_EBCDIC */
76
77#define MAX_STRING_LEN 256
78
79#define ERR_OVERFLOW 5
80
81#if !defined(HAVE_GETPASS) && !defined(HAVE_GETPASSPHRASE) && !defined(HAVE_GETPASS_R)
82
83/* MPE, Win32, NetWare and BeOS all lack a native getpass() */
84
85#if !defined(HAVE_TERMIOS_H) && !defined(WIN32) && !defined(NETWARE)
86/*
87 * MPE lacks getpass() and a way to suppress stdin echo.  So for now, just
88 * issue the prompt and read the results with echo.  (Ugh).
89 */
90
91static char *get_password(const char *prompt)
92{
93    static char password[MAX_STRING_LEN];
94
95    fputs(prompt, stderr);
96    fgets((char *) &password, sizeof(password), stdin);
97
98    return (char *) &password;
99}
100
101#elif defined (HAVE_TERMIOS_H)
102#include <stdio.h>
103
104static char *get_password(const char *prompt)
105{
106    struct termios attr;
107    static char password[MAX_STRING_LEN];
108    int n=0;
109    fputs(prompt, stderr);
110    fflush(stderr);
111
112    if (tcgetattr(STDIN_FILENO, &attr) != 0)
113        return NULL;
114    attr.c_lflag &= ~(ECHO);
115
116    if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &attr) != 0)
117        return NULL;
118    while ((password[n] = getchar()) != '\n') {
119        if (n < sizeof(password) - 1 && password[n] >= ' ' && password[n] <= '~') {
120            n++;
121        } else {
122            fprintf(stderr,"\n");
123            fputs(prompt, stderr);
124            fflush(stderr);
125            n = 0;
126        }
127    }
128
129    password[n] = '\0';
130    printf("\n");
131    if (n > (MAX_STRING_LEN - 1)) {
132        password[MAX_STRING_LEN - 1] = '\0';
133    }
134
135    attr.c_lflag |= ECHO;
136    tcsetattr(STDIN_FILENO, TCSANOW, &attr);
137    return (char*) &password;
138}
139
140#else
141
142/*
143 * Windows lacks getpass().  So we'll re-implement it here.
144 */
145
146static char *get_password(const char *prompt)
147{
148/* WCE lacks console. So the getpass is unsuported
149 * The only way is to use the GUI so the getpass should be implemented
150 * on per-application basis.
151 */
152#ifdef _WIN32_WCE
153    return NULL;
154#else
155    static char password[128];
156    int n = 0;
157    int ch;
158
159    fputs(prompt, stderr);
160
161    while ((ch = _getch()) != '\r') {
162        if (ch == EOF) /* EOF */ {
163            fputs("[EOF]\n", stderr);
164            return NULL;
165        }
166        else if (ch == 0 || ch == 0xE0) {
167            /* FN Keys (0 or E0) are a sentinal for a FN code */
168            ch = (ch << 4) | _getch();
169            /* Catch {DELETE}, {<--}, Num{DEL} and Num{<--} */
170            if ((ch == 0xE53 || ch == 0xE4B || ch == 0x053 || ch == 0x04b) && n) {
171                password[--n] = '\0';
172                fputs("\b \b", stderr);
173            }
174            else {
175                fputc('\a', stderr);
176            }
177        }
178        else if ((ch == '\b' || ch == 127) && n) /* BS/DEL */ {
179            password[--n] = '\0';
180            fputs("\b \b", stderr);
181        }
182        else if (ch == 3) /* CTRL+C */ {
183            /* _getch() bypasses Ctrl+C but not Ctrl+Break detection! */
184            fputs("^C\n", stderr);
185            exit(-1);
186        }
187        else if (ch == 26) /* CTRL+Z */ {
188            fputs("^Z\n", stderr);
189            return NULL;
190        }
191        else if (ch == 27) /* ESC */ {
192            fputc('\n', stderr);
193            fputs(prompt, stderr);
194            n = 0;
195        }
196        else if ((n < sizeof(password) - 1) && !apr_iscntrl(ch)) {
197            password[n++] = ch;
198            fputc('*', stderr);
199        }
200        else {
201            fputc('\a', stderr);
202        }
203    }
204
205    fputc('\n', stderr);
206    password[n] = '\0';
207    return password;
208#endif
209}
210
211#endif /* no getchar or _getch */
212
213#endif /* no getpass or getpassphrase or getpass_r */
214
215/*
216 * Use the OS getpass() routine (or our own) to obtain a password from
217 * the input stream.
218 *
219 * Exit values:
220 *  0: Success
221 *  5: Partial success; entered text truncated to the size of the
222 *     destination buffer
223 *
224 * Restrictions: Truncation also occurs according to the host system's
225 * getpass() semantics, or at position 255 if our own version is used,
226 * but the caller is *not* made aware of it unless their own buffer is
227 * smaller than our own.
228 */
229
230APR_DECLARE(apr_status_t) apr_password_get(const char *prompt, char *pwbuf, apr_size_t *bufsiz)
231{
232    apr_status_t rv = APR_SUCCESS;
233#if defined(HAVE_GETPASS_R)
234    if (getpass_r(prompt, pwbuf, *bufsiz) == NULL)
235        return APR_EINVAL;
236#else
237#if defined(HAVE_GETPASSPHRASE)
238    char *pw_got = getpassphrase(prompt);
239#elif defined(HAVE_GETPASS)
240    char *pw_got = getpass(prompt);
241#else /* use the replacement implementation above */
242    char *pw_got = get_password(prompt);
243#endif
244
245    if (!pw_got)
246        return APR_EINVAL;
247    if (strlen(pw_got) >= *bufsiz) {
248        rv = APR_ENAMETOOLONG;
249    }
250    apr_cpystrn(pwbuf, pw_got, *bufsiz);
251    memset(pw_got, 0, strlen(pw_got));
252#endif /* HAVE_GETPASS_R */
253    return rv;
254}
255