commit cbdf2c5d8f6fcce432e2355f406ca9e3c2340a5b Author: Nick Mathewson <nickm@torproject.org> Date: Sun Mar 1 15:35:36 2015 +0100 Add a tor_getpass to read passphrases. Needs better backend. --- configure.ac | 3 +++ src/common/compat.c | 33 +++++++++++++++++++++++++++++++++ src/common/compat.h | 2 ++ 3 files changed, 38 insertions(+) diff --git a/configure.ac b/configure.ac index 952fc9f..6010172 100644 --- a/configure.ac +++ b/configure.ac @@ -386,6 +386,7 @@ AC_CHECK_FUNCS( ftime \ getaddrinfo \ getifaddrs \ + getpass \ getrlimit \ gettimeofday \ gmtime_r \ @@ -399,6 +400,7 @@ AC_CHECK_FUNCS( pipe \ pipe2 \ prctl \ + readpassphrase \ rint \ sigaction \ socketpair \ @@ -926,6 +928,7 @@ AC_CHECK_HEADERS( netinet/in.h \ netinet/in6.h \ pwd.h \ + readpassphrase.h \ stdint.h \ sys/eventfd.h \ sys/file.h \ diff --git a/src/common/compat.c b/src/common/compat.c index 8da7ef3..7010275 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -67,6 +67,9 @@ #ifdef HAVE_CRT_EXTERNS_H #include <crt_externs.h> #endif +#ifdef HAVE_READPASSPHRASE_H +#include <readpassphrase.h> +#endif #ifndef HAVE_GETTIMEOFDAY #ifdef HAVE_FTIME @@ -3242,3 +3245,33 @@ tor_sleep_msec(int msec) } #endif +/** Emit the password prompt <b>prompt</b>, then read up to <b>buflen</b> + * characters of passphrase into <b>output</b>. */ +ssize_t +tor_getpass(const char *prompt, char *output, size_t buflen) +{ + tor_assert(buflen <= SSIZE_MAX); +#if defined(HAVE_READPASSPHRASE) + char *pwd = readpassphrase(prompt, output, buflen, RPP_ECHO_OFF); + if (pwd == NULL) + return -1; + return strlen(pwd); +#elif defined(HAVE_GETPASS) + /* XXX We shouldn't actually use this; it's deprecated to hell and back */ + memset(output, 0, buflen); + char *pwd = getpass(prompt); + if (pwd == NULL) + return -1; + ssize_t len = (ssize_t)strlen(pwd); + strlcpy(output, pwd, buflen); + memset(pwd, 0, len); + return len; +#else + /* XXX This is even worse. */ + puts(prompt); + ssize_t n = read(STDIN_FILENO, output, buflen); + if (n < 0) + return -1; + return n; +#endif +} diff --git a/src/common/compat.h b/src/common/compat.h index 5189b7e..549ed82 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -708,6 +708,8 @@ STATIC int tor_ersatz_socketpair(int family, int type, int protocol, #endif #endif +ssize_t tor_getpass(const char *prompt, char *output, size_t buflen); + /* This needs some of the declarations above so we include it here. */ #include "compat_threads.h"