From patchwork Sun Mar 28 06:11:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?T=C3=B5ivo_Leedj=C3=A4rv?= X-Patchwork-Id: 1674 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id YA+QN1+5YGD5DQAAIUCqbw (envelope-from ) for ; Sun, 28 Mar 2021 13:14:07 -0400 Received: from proxy7.mail.ord1d.rsapps.net ([172.30.191.6]) by director10.mail.ord1d.rsapps.net with LMTP id KDCTN1+5YGCTcgAApN4f7A (envelope-from ) for ; Sun, 28 Mar 2021 13:14:07 -0400 Received: from smtp37.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy7.mail.ord1d.rsapps.net with LMTPS id CF6uNl+5YGCzOgAAMe1Fpw (envelope-from ) for ; Sun, 28 Mar 2021 13:14:07 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp37.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 00f8b3ec-8fe9-11eb-a3fa-525400a11cf3-1-1 Received: from [216.105.38.7] ([216.105.38.7:36962] helo=lists.sourceforge.net) by smtp37.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id DA/29-21536-F59B0606; Sun, 28 Mar 2021 13:14:07 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lQYyQ-0002xE-CK; Sun, 28 Mar 2021 17:13:14 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lQYyC-0002w9-0v for openvpn-devel@lists.sourceforge.net; Sun, 28 Mar 2021 17:13:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=evrb80hOpBHT7MY6ndqBPL/hTEel3TUJTJgbgyE7A3s=; b=Yojti3drxA1wA04v6oAUmKJGf4 zDOQqkZ3qH5woJsMz0u96A/KeNEdM7GW6aSy3g0xVYc+e7l8d7E+xN5UQ8T3XaxBg2syRjJecAtmF dUtTf3h89b/zzjH0+PH+7lZPoP075dNRJTTe4IzMds8mhyj7e7klNfBluJkegNOTfR14=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=evrb80hOpBHT7MY6ndqBPL/hTEel3TUJTJgbgyE7A3s=; b=gApe/yUGGmmLd8u8HTE+aa4BLT cTT/jWSkM/On3qh/lns8IFh3T3HaaElWtJxbW/OloJN+Zc1wZi3gMBXkn3ENBhg0ABhPM/0RO39Eu 5viMP1+X1gzxjZea804ex62ABlcIDz1/zo2n0MPJvBXptnzT9faQ0AFICipPqZDh1rRo=; Received: from mail-lj1-f173.google.com ([209.85.208.173]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.2) id 1lQYy2-0059qo-MF for openvpn-devel@lists.sourceforge.net; Sun, 28 Mar 2021 17:12:59 +0000 Received: by mail-lj1-f173.google.com with SMTP id u10so13309015lju.7 for ; Sun, 28 Mar 2021 10:12:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=evrb80hOpBHT7MY6ndqBPL/hTEel3TUJTJgbgyE7A3s=; b=e2pIMZQ5zKwTmrIp89swvLUjfFdB1COa+iiTaqyNphl/qQF/Ob/ih0Angbj8gZV3gK s/T8duT9iglZ9rVptFrRSUe0OX7RQXvF3A4kvOwXKEKZGgatZ2hTpf8CWZBKAs8zUC49 MIzUqhbH/wtgg5rfGrri6RahEHT6UX/8mtvHogUaRz4/3voFA5CY2tjc1aPpjdZrSafN SXjMWEgKo3Ubm4/K6av4+UF45i9/43YxCA9nqEhfSF7KWDhSlxyVXLs1JxyaPL41rEX9 piXJ+27f/fEZQ2vDAHFdF0LwAWwmsjKbmiVRIF1L5nkOkoeNb8J5QMqpcR1f54u/UNRD GYWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=evrb80hOpBHT7MY6ndqBPL/hTEel3TUJTJgbgyE7A3s=; b=RvijpzBfCKyw5cUwWePARC/moGHdIkb269kgNSWQ2p/kwvc+1o8iIa3OB/UsrdAAdY akfc3mx3mk1jbKnX2YN2K5OZnweQ2oE5QZyh8tjdTXiFEi3jdxHQCR5t1k2LV4iR/TUQ DYQIbCDJfE06y5iuHXpuiJrJJLTutVS55yJ336W0BiK0vAdSrNaU90YomBVqvGRr5xYy 1leD4tiN5bIX01kwD7ccxmmIaUQ3wtnQO1zVxY4TBENuyGd7i9pOMgisV7SxDaypK+h8 7MRTDkSP45hLd4u1dfkeGFmEuRyZ+U0780edFudfBkS0y6hoAAHhErtJAvrH/QzFg/lx Qsmw== X-Gm-Message-State: AOAM530EjY5TapynMsbqTuiIbWoLFtKP5fAd68hRG5wyMac31Fky/TP9 UKVLRtyPtowgxD1ZfMXOSdT5OALJ6Xw= X-Google-Smtp-Source: ABdhPJxC5hw5h/r/aWyDcV1WF03sQFTtp9PdgNeq1HZM/EQz83p3zfZNxiCQZmB07oEKXBLprzUdGQ== X-Received: by 2002:a2e:b80a:: with SMTP id u10mr15495371ljo.475.1616951564062; Sun, 28 Mar 2021 10:12:44 -0700 (PDT) Received: from localhost.localdomain (c188-151-208-222.bredband.comhem.se. [188.151.208.222]) by smtp.gmail.com with ESMTPSA id l7sm2115506lje.30.2021.03.28.10.12.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 28 Mar 2021 10:12:43 -0700 (PDT) From: =?utf-8?q?T=C3=B5ivo_Leedj=C3=A4rv?= To: openvpn-devel@lists.sourceforge.net Date: Sun, 28 Mar 2021 17:11:51 +0000 Message-Id: <20210328171151.12056-1-toivol@gmail.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20210328155748.GF976@greenie.muc.de> References: <20210328155748.GF976@greenie.muc.de> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (toivol[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.173 listed in list.dnswl.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: configure.ac] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.173 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lQYy2-0059qo-MF Subject: [Openvpn-devel] [PATCH v2] Stop using deprecated getpass() X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The getpass() function is present in SUSv2, but marked LEGACY. It is removed in POSIX.1-2001. Additionally, on Solaris getpass() returns maximum 9 bytes. This will make longer passwords fail with no possibility for user to know what is happening. This patch removes usage of getpass() completely and replaces it with direct implementation of what getpass() does: opens tty (existing code), outputs the prompt (existing code), turns off echoing (new code), reads one line (existing code shared with echoed mode), restores tty state (new code) and closes tty (existing code). Patch v2: incorporate review feedback, incl. style fixes, merge termios.h check in configure.ac with an existing AC_CHECK_HEADERS, add error check and logging after tcsettattr() when restoring tty settings Signed-off-by: Tõivo Leedjärv Acked-by: Antonio Quartulli --- configure.ac | 4 +-- src/openvpn/console_builtin.c | 60 +++++++++++++++++++++-------------- 2 files changed, 39 insertions(+), 25 deletions(-) diff --git a/configure.ac b/configure.ac index 428bebed..6668bbcf 100644 --- a/configure.ac +++ b/configure.ac @@ -438,7 +438,7 @@ AC_CHECK_HEADERS([ \ sys/time.h sys/ioctl.h sys/stat.h \ sys/mman.h sys/file.h sys/wait.h \ unistd.h signal.h libgen.h stropts.h \ - syslog.h pwd.h grp.h \ + syslog.h pwd.h grp.h termios.h \ sys/sockio.h sys/uio.h linux/sockios.h \ linux/types.h poll.h sys/epoll.h err.h \ ]) @@ -652,7 +652,7 @@ AC_FUNC_FORK AC_CHECK_FUNCS([ \ daemon chroot getpwnam setuid nice system getpid dup dup2 \ - getpass syslog openlog mlockall getrlimit getgrnam setgid \ + syslog openlog mlockall getrlimit getgrnam setgid \ setgroups stat flock readv writev time gettimeofday \ ctime memset vsnprintf strdup \ setsid chdir putenv getpeername unlink \ diff --git a/src/openvpn/console_builtin.c b/src/openvpn/console_builtin.c index 445928bf..22ac9f79 100644 --- a/src/openvpn/console_builtin.c +++ b/src/openvpn/console_builtin.c @@ -40,6 +40,10 @@ #include "buffer.h" #include "misc.h" +#ifdef HAVE_TERMIOS_H +#include +#endif + #ifdef _WIN32 #include "win32.h" @@ -138,7 +142,7 @@ get_console_input_win32(const char *prompt, const bool echo, char *input, const #endif /* _WIN32 */ -#ifdef HAVE_GETPASS +#ifdef HAVE_TERMIOS_H /** * Open the current console TTY for read/write operations @@ -177,7 +181,7 @@ close_tty(FILE *fp) } } -#endif /* HAVE_GETPASS */ +#endif /* HAVE_TERMIOS_H */ /** @@ -201,7 +205,9 @@ get_console_input(const char *prompt, const bool echo, char *input, const int ca #if defined(_WIN32) return get_console_input_win32(prompt, echo, input, capacity); -#elif defined(HAVE_GETPASS) +#elif defined(HAVE_TERMIOS_H) + bool restore_tty = false; + struct termios tty_tmp, tty_save; /* did we --daemon'ize before asking for passwords? * (in which case neither stdin or stderr are connected to a tty and @@ -220,33 +226,41 @@ get_console_input(const char *prompt, const bool echo, char *input, const int ca close(fd); } - if (echo) - { - FILE *fp; + FILE *fp = open_tty(true); + fprintf(fp, "%s", prompt); + fflush(fp); + close_tty(fp); - fp = open_tty(true); - fprintf(fp, "%s", prompt); - fflush(fp); - close_tty(fp); + fp = open_tty(false); - fp = open_tty(false); - if (fgets(input, capacity, fp) != NULL) - { - chomp(input); - ret = true; - } - close_tty(fp); + if (!echo && (tcgetattr(fileno(fp), &tty_tmp) == 0)) + { + tty_save = tty_tmp; + tty_tmp.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL | ISIG); + restore_tty = (tcsetattr(fileno(fp), TCSAFLUSH, &tty_tmp) == 0); } - else + + if (fgets(input, capacity, fp) != NULL) + { + chomp(input); + ret = true; + } + + if (restore_tty) { - char *gp = getpass(prompt); - if (gp) + if (tcsetattr(fileno(fp), TCSAFLUSH, &tty_save) == -1) { - strncpynt(input, gp, capacity); - secure_memzero(gp, strlen(gp)); - ret = true; + msg(M_WARN | M_ERRNO, "tcsetattr() failed to restore tty settings"); } + + /* Echo the non-echoed newline */ + close_tty(fp); + fp = open_tty(true); + fprintf(fp, "\n"); + fflush(fp); } + + close_tty(fp); #else /* if defined(_WIN32) */ msg(M_FATAL, "Sorry, but I can't get console input on this OS (%s)", prompt); #endif /* if defined(_WIN32) */