mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-24 02:42:25 +00:00
- markus@cvs.openbsd.org 2001/04/18 21:57:42
[readpass.c ssh-add.c] call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
This commit is contained in:
parent
f73e05eca8
commit
5eb97b6f3d
@ -3,6 +3,9 @@
|
||||
- ian@cvs.openbsd.org 2001/04/18 16:21:05
|
||||
[ssh-keyscan.1]
|
||||
Fix typo reported in PR/1779
|
||||
- markus@cvs.openbsd.org 2001/04/18 21:57:42
|
||||
[readpass.c ssh-add.c]
|
||||
call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
||||
|
||||
20010418
|
||||
- OpenBSD CVS Sync
|
||||
@ -5165,4 +5168,4 @@
|
||||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1140 2001/04/19 20:31:02 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1141 2001/04/19 20:33:07 mouring Exp $
|
||||
|
71
readpass.c
71
readpass.c
@ -32,11 +32,58 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: readpass.c,v 1.14 2001/02/08 19:30:52 itojun Exp $");
|
||||
RCSID("$OpenBSD: readpass.c,v 1.15 2001/04/18 21:57:41 markus Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "cli.h"
|
||||
#include "readpass.h"
|
||||
#include "pathnames.h"
|
||||
#include "log.h"
|
||||
#include "atomicio.h"
|
||||
#include "ssh.h"
|
||||
|
||||
char *
|
||||
ssh_askpass(char *askpass, char *msg)
|
||||
{
|
||||
pid_t pid;
|
||||
size_t len;
|
||||
char *nl, *pass;
|
||||
int p[2], status;
|
||||
char buf[1024];
|
||||
|
||||
if (fflush(stdout) != 0)
|
||||
error("ssh_askpass: fflush: %s", strerror(errno));
|
||||
if (askpass == NULL)
|
||||
fatal("internal error: askpass undefined");
|
||||
if (pipe(p) < 0)
|
||||
fatal("ssh_askpass: pipe: %s", strerror(errno));
|
||||
if ((pid = fork()) < 0)
|
||||
fatal("ssh_askpass: fork: %s", strerror(errno));
|
||||
if (pid == 0) {
|
||||
seteuid(getuid());
|
||||
setuid(getuid());
|
||||
close(p[0]);
|
||||
if (dup2(p[1], STDOUT_FILENO) < 0)
|
||||
fatal("ssh_askpass: dup2: %s", strerror(errno));
|
||||
execlp(askpass, askpass, msg, (char *) 0);
|
||||
fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
|
||||
}
|
||||
close(p[1]);
|
||||
len = read(p[0], buf, sizeof buf);
|
||||
close(p[0]);
|
||||
while (waitpid(pid, &status, 0) < 0)
|
||||
if (errno != EINTR)
|
||||
break;
|
||||
if (len <= 1)
|
||||
return xstrdup("");
|
||||
nl = strchr(buf, '\n');
|
||||
if (nl)
|
||||
*nl = '\0';
|
||||
pass = xstrdup(buf);
|
||||
memset(buf, 0, sizeof(buf));
|
||||
return pass;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Reads a passphrase from /dev/tty with echo turned off. Returns the
|
||||
@ -51,5 +98,27 @@ RCSID("$OpenBSD: readpass.c,v 1.14 2001/02/08 19:30:52 itojun Exp $");
|
||||
char *
|
||||
read_passphrase(const char *prompt, int from_stdin)
|
||||
{
|
||||
char *askpass = NULL;
|
||||
int use_askpass = 0, ttyfd;
|
||||
|
||||
if (from_stdin) {
|
||||
if (!isatty(STDIN_FILENO))
|
||||
use_askpass = 1;
|
||||
} else {
|
||||
ttyfd = open("/dev/tty", O_RDWR);
|
||||
if (ttyfd >= 0)
|
||||
close(ttyfd);
|
||||
else
|
||||
use_askpass = 1;
|
||||
}
|
||||
|
||||
if (use_askpass && getenv("DISPLAY")) {
|
||||
if (getenv(SSH_ASKPASS_ENV))
|
||||
askpass = getenv(SSH_ASKPASS_ENV);
|
||||
else
|
||||
askpass = _PATH_SSH_ASKPASS_DEFAULT;
|
||||
return ssh_askpass(askpass, prompt);
|
||||
}
|
||||
|
||||
return cli_read_passphrase(prompt, from_stdin, 0);
|
||||
}
|
||||
|
70
ssh-add.c
70
ssh-add.c
@ -35,7 +35,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: ssh-add.c,v 1.35 2001/04/14 16:27:57 markus Exp $");
|
||||
RCSID("$OpenBSD: ssh-add.c,v 1.36 2001/04/18 21:57:42 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
@ -103,66 +103,18 @@ delete_all(AuthenticationConnection *ac)
|
||||
fprintf(stderr, "Failed to remove all identities.\n");
|
||||
}
|
||||
|
||||
char *
|
||||
ssh_askpass(char *askpass, char *msg)
|
||||
{
|
||||
pid_t pid;
|
||||
size_t len;
|
||||
char *nl, *pass;
|
||||
int p[2], status;
|
||||
char buf[1024];
|
||||
|
||||
if (fflush(stdout) != 0)
|
||||
error("ssh_askpass: fflush: %s", strerror(errno));
|
||||
if (askpass == NULL)
|
||||
fatal("internal error: askpass undefined");
|
||||
if (pipe(p) < 0)
|
||||
fatal("ssh_askpass: pipe: %s", strerror(errno));
|
||||
if ((pid = fork()) < 0)
|
||||
fatal("ssh_askpass: fork: %s", strerror(errno));
|
||||
if (pid == 0) {
|
||||
close(p[0]);
|
||||
if (dup2(p[1], STDOUT_FILENO) < 0)
|
||||
fatal("ssh_askpass: dup2: %s", strerror(errno));
|
||||
execlp(askpass, askpass, msg, (char *) 0);
|
||||
fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
|
||||
}
|
||||
close(p[1]);
|
||||
len = read(p[0], buf, sizeof buf);
|
||||
close(p[0]);
|
||||
while (waitpid(pid, &status, 0) < 0)
|
||||
if (errno != EINTR)
|
||||
break;
|
||||
if (len <= 1)
|
||||
return xstrdup("");
|
||||
nl = strchr(buf, '\n');
|
||||
if (nl)
|
||||
*nl = '\0';
|
||||
pass = xstrdup(buf);
|
||||
memset(buf, 0, sizeof(buf));
|
||||
return pass;
|
||||
}
|
||||
|
||||
void
|
||||
add_file(AuthenticationConnection *ac, const char *filename)
|
||||
{
|
||||
struct stat st;
|
||||
Key *private;
|
||||
char *comment = NULL, *askpass = NULL;
|
||||
char buf[1024], msg[1024];
|
||||
int interactive = isatty(STDIN_FILENO);
|
||||
char *comment = NULL;
|
||||
char msg[1024];
|
||||
|
||||
if (stat(filename, &st) < 0) {
|
||||
perror(filename);
|
||||
exit(1);
|
||||
}
|
||||
if (!interactive && getenv("DISPLAY")) {
|
||||
if (getenv(SSH_ASKPASS_ENV))
|
||||
askpass = getenv(SSH_ASKPASS_ENV);
|
||||
else
|
||||
askpass = _PATH_SSH_ASKPASS_DEFAULT;
|
||||
}
|
||||
|
||||
/* At first, try empty passphrase */
|
||||
private = key_load_private(filename, "", &comment);
|
||||
if (comment == NULL)
|
||||
@ -174,18 +126,10 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
/* clear passphrase since it did not work */
|
||||
clear_pass();
|
||||
printf("Need passphrase for %.200s\n", filename);
|
||||
if (!interactive && askpass == NULL) {
|
||||
xfree(comment);
|
||||
return;
|
||||
}
|
||||
snprintf(msg, sizeof msg, "Enter passphrase for %.200s", comment);
|
||||
snprintf(msg, sizeof msg, "Enter passphrase for %.200s ",
|
||||
comment);
|
||||
for (;;) {
|
||||
if (interactive) {
|
||||
snprintf(buf, sizeof buf, "%s: ", msg);
|
||||
pass = read_passphrase(buf, 1);
|
||||
} else {
|
||||
pass = ssh_askpass(askpass, msg);
|
||||
}
|
||||
pass = read_passphrase(msg, 1);
|
||||
if (strcmp(pass, "") == 0) {
|
||||
clear_pass();
|
||||
xfree(comment);
|
||||
@ -195,7 +139,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
if (private != NULL)
|
||||
break;
|
||||
clear_pass();
|
||||
strlcpy(msg, "Bad passphrase, try again", sizeof msg);
|
||||
strlcpy(msg, "Bad passphrase, try again ", sizeof msg);
|
||||
}
|
||||
}
|
||||
if (ssh_add_identity(ac, private, comment))
|
||||
|
Loading…
Reference in New Issue
Block a user