[tor/master] Add a tor_getpass to read passphrases. Needs better backend. - tor-commits

17 Jun 2015

commit cbdf2c5d8f6fcce432e2355f406ca9e3c2340a5b
Author: Nick Mathewson nickm@torproject.org
Date:   Sun Mar 1 15:35:36 2015 +0100
Add a tor_getpass to read passphrases. Needs better backend.
---
 configure.ac        |    3 +++
 src/common/compat.c |   33 +++++++++++++++++++++++++++++++++
 src/common/compat.h |    2 ++
 3 files changed, 38 insertions(+)

diff --git a/configure.ac b/configure.ac
index 952fc9f..6010172 100644
--- a/configure.ac
+++ b/configure.ac
@@ -386,6 +386,7 @@ AC_CHECK_FUNCS(
         ftime \
         getaddrinfo \
         getifaddrs \
+        getpass \
         getrlimit \
         gettimeofday \
         gmtime_r \
@@ -399,6 +400,7 @@ AC_CHECK_FUNCS(
    pipe \
    pipe2 \
         prctl \
+	readpassphrase \
         rint \
         sigaction \
         socketpair \
@@ -926,6 +928,7 @@ AC_CHECK_HEADERS(
         netinet/in.h \
         netinet/in6.h \
         pwd.h \
+	readpassphrase.h \
         stdint.h \
    sys/eventfd.h \
         sys/file.h \
diff --git a/src/common/compat.c b/src/common/compat.c
index 8da7ef3..7010275 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -67,6 +67,9 @@
 #ifdef HAVE_CRT_EXTERNS_H
 #include <crt_externs.h>
 #endif
+#ifdef HAVE_READPASSPHRASE_H
+#include <readpassphrase.h>
+#endif
#ifndef HAVE_GETTIMEOFDAY
 #ifdef HAVE_FTIME
@@ -3242,3 +3245,33 @@ tor_sleep_msec(int msec)
 }
 #endif
+/** Emit the password prompt <b>prompt</b>, then read up to <b>buflen</b>
+ * characters of passphrase into <b>output</b>. */
+ssize_t
+tor_getpass(const char *prompt, char *output, size_t buflen)
+{
+  tor_assert(buflen <= SSIZE_MAX);
+#if defined(HAVE_READPASSPHRASE)
+  char *pwd = readpassphrase(prompt, output, buflen, RPP_ECHO_OFF);
+  if (pwd == NULL)
+    return -1;
+  return strlen(pwd);
+#elif defined(HAVE_GETPASS)
+  /* XXX We shouldn't actually use this; it's deprecated to hell and back */
+  memset(output, 0, buflen);
+  char *pwd = getpass(prompt);
+  if (pwd == NULL)
+    return -1;
+  ssize_t len = (ssize_t)strlen(pwd);
+  strlcpy(output, pwd, buflen);
+  memset(pwd, 0, len);
+  return len;
+#else
+  /* XXX This is even worse. */
+  puts(prompt);
+  ssize_t n = read(STDIN_FILENO, output, buflen);
+  if (n < 0)
+    return -1;
+  return n;
+#endif
+}
diff --git a/src/common/compat.h b/src/common/compat.h
index 5189b7e..549ed82 100644
--- a/src/common/compat.h
+++ b/src/common/compat.h
@@ -708,6 +708,8 @@ STATIC int tor_ersatz_socketpair(int family, int type, int protocol,
 #endif
 #endif
+ssize_t tor_getpass(const char *prompt, char *output, size_t buflen);
+
 /* This needs some of the declarations above so we include it here. */
 #include "compat_threads.h"

    