[openssh.git] / readpass.c

/*
 * Copyright (c) 1988, 1993
 *      The Regents of the University of California.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *      This product includes software developed by the University of
 *      California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include "includes.h"
RCSID("$Id$");

#include "xmalloc.h"
#include "ssh.h"

/*
 * Reads a passphrase from /dev/tty with echo turned off.  Returns the
 * passphrase (allocated with xmalloc), being very careful to ensure that
 * no other userland buffer is storing the password.
 */
char *
read_passphrase(const char *prompt, int from_stdin)
{
	char buf[1024], *p, ch;
	struct termios tio, saved_tio;
	sigset_t oset, nset;
	int input, output, echo = 0;
  
	if (from_stdin) {
		input = STDIN_FILENO;
		output = STDERR_FILENO;
	} else
		input = output = open("/dev/tty", O_RDWR);

	if (input == -1)
		fatal("You have no controlling tty.  Cannot read passphrase.\n");

	/* block signals, get terminal modes and turn off echo */
	sigemptyset(&nset);
	sigaddset(&nset, SIGINT);
	sigaddset(&nset, SIGTSTP);
	(void) sigprocmask(SIG_BLOCK, &nset, &oset);

	if (tcgetattr(input, &tio) == 0 && (tio.c_lflag & ECHO)) {
		echo = 1;
		saved_tio = tio;
		tio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
		(void) tcsetattr(input, TCSANOW, &tio);
	}

	fflush(stdout);

	(void)write(output, prompt, strlen(prompt));
	for (p = buf; read(input, &ch, 1) == 1 && ch != '\n';)
		if (p < buf + sizeof(buf) - 1)
			*p++ = ch;
	*p = '\0';
	(void)write(output, "\n", 1);

	/* restore terminal modes and allow signals */
	if (echo)
		tcsetattr(input, TCSANOW, &saved_tio);
	(void) sigprocmask(SIG_SETMASK, &oset, NULL);

	if (!from_stdin)
		(void)close(input);
	p = xstrdup(buf);
	memset(buf, 0, sizeof(buf));
	return (p);
}
Commit	Line	Data
8efc0c15	1	/*
2d86a6cc	2	* Copyright (c) 1988, 1993
	3	* The Regents of the University of California. All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. All advertising materials mentioning features or use of this software
	14	* must display the following acknowledgement:
	15	* This product includes software developed by the University of
	16	* California, Berkeley and its contributors.
	17	* 4. Neither the name of the University nor the names of its contributors
	18	* may be used to endorse or promote products derived from this software
	19	* without specific prior written permission.
	20	*
	21	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	24	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	31	* SUCH DAMAGE.
5260325f	32	*/
8efc0c15	33
	34	#include "includes.h"
	35	RCSID("$Id$");
	36
	37	#include "xmalloc.h"
	38	#include "ssh.h"
	39
aa3378df	40	/*
aa3378df	41	* Reads a passphrase from /dev/tty with echo turned off. Returns the
2d86a6cc	42	* passphrase (allocated with xmalloc), being very careful to ensure that
2d86a6cc	43	* no other userland buffer is storing the password.
aa3378df	44	*/
5260325f	45	char *
5260325f	46	read_passphrase(const char *prompt, int from_stdin)
8efc0c15	47	{
2d86a6cc	48	char buf[1024], *p, ch;
	49	struct termios tio, saved_tio;
	50	sigset_t oset, nset;
	51	int input, output, echo = 0;
	52
	53	if (from_stdin) {
	54	input = STDIN_FILENO;
	55	output = STDERR_FILENO;
	56	} else
	57	input = output = open("/dev/tty", O_RDWR);
	58
	59	if (input == -1)
	60	fatal("You have no controlling tty. Cannot read passphrase.\n");
5260325f	61
2d86a6cc	62	/* block signals, get terminal modes and turn off echo */
	63	sigemptyset(&nset);
	64	sigaddset(&nset, SIGINT);
	65	sigaddset(&nset, SIGTSTP);
	66	(void) sigprocmask(SIG_BLOCK, &nset, &oset);
	67
	68	if (tcgetattr(input, &tio) == 0 && (tio.c_lflag & ECHO)) {
	69	echo = 1;
	70	saved_tio = tio;
	71	tio.c_lflag &= ~(ECHO \| ECHOE \| ECHOK \| ECHONL);
	72	(void) tcsetattr(input, TCSANOW, &tio);
8efc0c15	73	}
8efc0c15	74
5260325f	75	fflush(stdout);
5260325f	76
2d86a6cc	77	(void)write(output, prompt, strlen(prompt));
	78	for (p = buf; read(input, &ch, 1) == 1 && ch != '\n';)
	79	if (p < buf + sizeof(buf) - 1)
	80	*p++ = ch;
	81	*p = '\0';
	82	(void)write(output, "\n", 1);
5260325f	83
2d86a6cc	84	/* restore terminal modes and allow signals */
	85	if (echo)
	86	tcsetattr(input, TCSANOW, &saved_tio);
	87	(void) sigprocmask(SIG_SETMASK, &oset, NULL);
5260325f	88
2d86a6cc	89	if (!from_stdin)
	90	(void)close(input);
	91	p = xstrdup(buf);
5260325f	92	memset(buf, 0, sizeof(buf));
2d86a6cc	93	return (p);
8efc0c15	94	}