+ char *askpass = NULL, *ret, buf[1024];
+ int rppflags, use_askpass = 0, ttyfd;
+
+ rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
+ if (flags & RP_USE_ASKPASS)
+ use_askpass = 1;
+ else if (flags & RP_ALLOW_STDIN) {
+ if (!isatty(STDIN_FILENO)) {
+ debug("read_passphrase: stdin is not a tty");
+ use_askpass = 1;
+ }
+ } else {
+ rppflags |= RPP_REQUIRE_TTY;
+ ttyfd = open(_PATH_TTY, O_RDWR);
+ if (ttyfd >= 0)
+ close(ttyfd);
+ else {
+ debug("read_passphrase: can't open %s: %s", _PATH_TTY,
+ strerror(errno));
+ use_askpass = 1;
+ }
+ }
+
+ if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL)
+ return (flags & RP_ALLOW_EOF) ? NULL : xstrdup("");
+
+ if (use_askpass && getenv("DISPLAY")) {
+ if (getenv(SSH_ASKPASS_ENV))
+ askpass = getenv(SSH_ASKPASS_ENV);
+ else
+ askpass = _PATH_SSH_ASKPASS_DEFAULT;
+ if ((ret = ssh_askpass(askpass, prompt)) == NULL)
+ if (!(flags & RP_ALLOW_EOF))
+ return xstrdup("");
+ return ret;
+ }
+
+ if (readpassphrase(prompt, buf, sizeof buf, rppflags) == NULL) {
+ if (flags & RP_ALLOW_EOF)
+ return NULL;
+ return xstrdup("");
+ }
+
+ ret = xstrdup(buf);
+ memset(buf, 'x', sizeof buf);
+ return ret;
+}
+
+int
+ask_permission(const char *fmt, ...)
+{
+ va_list args;
+ char *p, prompt[1024];
+ int allowed = 0;
+
+ va_start(args, fmt);
+ vsnprintf(prompt, sizeof(prompt), fmt, args);
+ va_end(args);
+
+ p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF);
+ if (p != NULL) {
+ /*
+ * Accept empty responses and responses consisting
+ * of the word "yes" as affirmative.
+ */
+ if (*p == '\0' || *p == '\n' ||
+ strcasecmp(p, "yes") == 0)
+ allowed = 1;
+ xfree(p);
+ }
+
+ return (allowed);