src/lib/util/readpass.c - chromiumos/third_party/libscrypt - Git at Google

 /*-
  * Copyright 2009 Colin Percival
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #include "scrypt_platform.h"

 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <termios.h>
 #include <unistd.h>

 #include "warn.h"

 #include "readpass.h"

 #define MAXPASSLEN 2048

 /**
  * tarsnap_getpass(passwd, prompt, confirmprompt, devtty)
  * If ${devtty} is non-zero, read a password from /dev/tty if possible; if
  * not, read from stdin.  If reading from a tty (either /dev/tty or stdin),
  * disable echo and prompt the user by printing ${prompt} to stderr.  If
  * ${confirmprompt} is non-NULL, read a second password (prompting if a
  * terminal is being used) and repeat until the user enters the same password
  * twice.  Return the password as a malloced NUL-terminated string via
  * ${passwd}.  The obscure name is to avoid namespace collisions due to the
  * getpass / readpass / readpassphrase / etc. functions in various libraries.
  */
 int
 tarsnap_readpass(char ** passwd, const char * prompt,
     const char * confirmprompt, int devtty)
 {
 	FILE * readfrom;
 	char passbuf[MAXPASSLEN];
 	char confpassbuf[MAXPASSLEN];
 	struct termios term, term_old;
 	int usingtty;

 	/*
 	 * If devtty != 0, try to open /dev/tty; if that fails, or if devtty
 	 * is zero, we'll read the password from stdin instead.
 	 */
 	if ((devtty == 0) || ((readfrom = fopen("/dev/tty", "r")) == NULL))
 		readfrom = stdin;

 	/* If we're reading from a terminal, try to disable echo. */
 	if ((usingtty = isatty(fileno(readfrom))) != 0) {
 		if (tcgetattr(fileno(readfrom), &term_old)) {
 			warn("Cannot read terminal settings");
 			goto err1;
 		}
 		memcpy(&term, &term_old, sizeof(struct termios));
 		term.c_lflag = (term.c_lflag & ~ECHO) | ECHONL;
 		if (tcsetattr(fileno(readfrom), TCSANOW, &term)) {
 			warn("Cannot set terminal settings");
 			goto err1;
 		}
 	}

 retry:
 	/* If we have a terminal, prompt the user to enter the password. */
 	if (usingtty)
 		fprintf(stderr, "%s: ", prompt);

 	/* Read the password. */
 	if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) {
 		warn("Cannot read password");
 		goto err2;
 	}

 	/* Confirm the password if necessary. */
 	if (confirmprompt != NULL) {
 		if (usingtty)
 			fprintf(stderr, "%s: ", confirmprompt);
 		if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) {
 			warn("Cannot read password");
 			goto err2;
 		}
 		if (strcmp(passbuf, confpassbuf)) {
 			fprintf(stderr,
 			    "Passwords mismatch, please try again\n");
 			goto retry;
 		}
 	}

 	/* Terminate the string at the first "\r" or "\n" (if any). */
 	passbuf[strcspn(passbuf, "\r\n")] = '\0';

 	/* If we changed terminal settings, reset them. */
 	if (usingtty)
 		tcsetattr(fileno(readfrom), TCSANOW, &term_old);

 	/* Close /dev/tty if we opened it. */
 	if (readfrom != stdin)
 		fclose(readfrom);

 	/* Copy the password out. */
 	if ((*passwd = strdup(passbuf)) == NULL) {
 		warn("Cannot allocate memory");
 		goto err1;
 	}

 	/* Zero any stored passwords. */
 	memset(passbuf, 0, MAXPASSLEN);
 	memset(confpassbuf, 0, MAXPASSLEN);

 	/* Success! */
 	return (0);

 err2:
 	/* Reset terminal settings if necessary. */
 	if (usingtty)
 		tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old);
 err1:
 	/* Close /dev/tty if we opened it. */
 	if (readfrom != stdin)
 		fclose(readfrom);

 	/* Failure! */
 	return (-1);
 }
	/*-
	* Copyright 2009 Colin Percival
	* All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in the
	* documentation and/or other materials provided with the distribution.
	*
	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	* SUCH DAMAGE.
	*/
	#include "scrypt_platform.h"

	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <termios.h>
	#include <unistd.h>

	#include "warn.h"

	#include "readpass.h"

	#define MAXPASSLEN 2048

	/**
	* tarsnap_getpass(passwd, prompt, confirmprompt, devtty)
	* If ${devtty} is non-zero, read a password from /dev/tty if possible; if
	* not, read from stdin. If reading from a tty (either /dev/tty or stdin),
	* disable echo and prompt the user by printing ${prompt} to stderr. If
	* ${confirmprompt} is non-NULL, read a second password (prompting if a
	* terminal is being used) and repeat until the user enters the same password
	* twice. Return the password as a malloced NUL-terminated string via
	* ${passwd}. The obscure name is to avoid namespace collisions due to the
	* getpass / readpass / readpassphrase / etc. functions in various libraries.
	*/
	int
	tarsnap_readpass(char ** passwd, const char * prompt,
	const char * confirmprompt, int devtty)
	{
	FILE * readfrom;
	char passbuf[MAXPASSLEN];
	char confpassbuf[MAXPASSLEN];
	struct termios term, term_old;
	int usingtty;

	/*
	* If devtty != 0, try to open /dev/tty; if that fails, or if devtty
	* is zero, we'll read the password from stdin instead.
	*/
	if ((devtty == 0) \|\| ((readfrom = fopen("/dev/tty", "r")) == NULL))
	readfrom = stdin;

	/* If we're reading from a terminal, try to disable echo. */
	if ((usingtty = isatty(fileno(readfrom))) != 0) {
	if (tcgetattr(fileno(readfrom), &term_old)) {
	warn("Cannot read terminal settings");
	goto err1;
	}
	memcpy(&term, &term_old, sizeof(struct termios));
	term.c_lflag = (term.c_lflag & ~ECHO) \| ECHONL;
	if (tcsetattr(fileno(readfrom), TCSANOW, &term)) {
	warn("Cannot set terminal settings");
	goto err1;
	}
	}

	retry:
	/* If we have a terminal, prompt the user to enter the password. */
	if (usingtty)
	fprintf(stderr, "%s: ", prompt);

	/* Read the password. */
	if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) {
	warn("Cannot read password");
	goto err2;
	}

	/* Confirm the password if necessary. */
	if (confirmprompt != NULL) {
	if (usingtty)
	fprintf(stderr, "%s: ", confirmprompt);
	if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) {
	warn("Cannot read password");
	goto err2;
	}
	if (strcmp(passbuf, confpassbuf)) {
	fprintf(stderr,
	"Passwords mismatch, please try again\n");
	goto retry;
	}
	}

	/* Terminate the string at the first "\r" or "\n" (if any). */
	passbuf[strcspn(passbuf, "\r\n")] = '\0';

	/* If we changed terminal settings, reset them. */
	if (usingtty)
	tcsetattr(fileno(readfrom), TCSANOW, &term_old);

	/* Close /dev/tty if we opened it. */
	if (readfrom != stdin)
	fclose(readfrom);

	/* Copy the password out. */
	if ((*passwd = strdup(passbuf)) == NULL) {
	warn("Cannot allocate memory");
	goto err1;
	}

	/* Zero any stored passwords. */
	memset(passbuf, 0, MAXPASSLEN);
	memset(confpassbuf, 0, MAXPASSLEN);

	/* Success! */
	return (0);

	err2:
	/* Reset terminal settings if necessary. */
	if (usingtty)
	tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old);
	err1:
	/* Close /dev/tty if we opened it. */
	if (readfrom != stdin)
	fclose(readfrom);

	/* Failure! */
	return (-1);
	}