ref: a75f4de5c9f1782b3a7e0a9648e24b360031a0d5
parent: ae5fb4ab78d7dd776a056045f673129f5a1cc779
author: cinap_lenrek <[email protected]>
date: Sun Jul 31 16:09:47 EDT 2016
auth/secstore: use common readcons() routine from libauthsrv
--- a/sys/src/cmd/auth/secstore/SConn.c
+++ b/sys/src/cmd/auth/secstore/SConn.c
@@ -68,7 +68,7 @@
sha1(secret, SHA1dlen, nil, &sha);
sha1(data, len, nil, &sha);
sha1(seq, 4, digest, &sha);
- return memcmp(d, digest, SHA1dlen);
+ return tsmemcmp(d, digest, SHA1dlen);
}
static int
--- a/sys/src/cmd/auth/secstore/aescbc.c
+++ b/sys/src/cmd/auth/secstore/aescbc.c
@@ -7,12 +7,9 @@
#include <u.h>
#include <libc.h>
#include <bio.h>
-#include <mp.h>
#include <libsec.h>
#include <authsrv.h>
-extern char* getpassm(char*);
-
enum{ CHK = 16, BUF = 4096 };
uchar v2hdr[AESbsize+1] = "AES CBC SHA1 2\n";
@@ -43,7 +40,6 @@
uchar buf[BUF+SHA1dlen]; /* assumption: CHK <= SHA1dlen */
AESstate aes;
DigestState *dstate;
- Nvrsafe nvr;
ARGBEGIN{
case 'e':
@@ -67,20 +63,25 @@
if(pass_stdin){
n = readn(3, buf, (sizeof buf)-1);
if(n < 1)
- exits("usage: echo password |[3=1] auth/aescbc -i ...");
+ sysfatal("usage: echo password |[3=1] auth/aescbc -i ...");
buf[n] = 0;
while(buf[n-1] == '\n')
buf[--n] = 0;
}else if(pass_nvram){
+ Nvrsafe nvr;
+
if(readnvram(&nvr, 0) < 0)
- exits("readnvram: %r");
+ sysfatal("readnvram: %r");
strecpy((char*)buf, (char*)buf+sizeof buf, (char*)nvr.config);
+ memset(&nvr, 0, sizeof nvr);
n = strlen((char*)buf);
}else{
- pass = getpassm("aescbc key:");
+ pass = readcons("aescbc key", nil, 1);
+ if(pass == nil)
+ sysfatal("key input aborted");
n = strlen(pass);
if(n >= BUF)
- exits("key too long");
+ sysfatal("key too long");
strcpy((char*)buf, pass);
memset(pass, 0, n);
free(pass);
--- a/sys/src/cmd/auth/secstore/mkfile
+++ b/sys/src/cmd/auth/secstore/mkfile
@@ -25,7 +25,7 @@
default:V: all
-$O.aescbc: aescbc.$O util.$O
+$O.aescbc: aescbc.$O
$LD -o $target $prereq
$O.descbc: descbc.$O util.$O
$LD -o $target $prereq
--- a/sys/src/cmd/auth/secstore/secstore.c
+++ b/sys/src/cmd/auth/secstore/secstore.c
@@ -16,7 +16,6 @@
} AuthConn;
int verbose;
-Nvrsafe nvr;
void
usage(void)
@@ -311,29 +310,32 @@
Hi = mpnew(0);
/* changing our password is vulnerable to connection failure */
for(;;){
- snprint(prompt, sizeof(prompt), "new password for %s: ", id);
- newpass = getpassm(prompt);
+ snprint(prompt, sizeof(prompt), "new password for %s", id);
+ newpass = readcons(prompt, nil, 1);
if(newpass == nil)
goto Out;
- if(strlen(newpass) >= 7)
+ newpasslen = strlen(newpass);
+ if(newpasslen >= 7)
break;
- else if(strlen(newpass) == 0){
+ else if(newpasslen == 0){
fprint(2, "!password change aborted\n");
goto Out;
}
print("!password must be at least 7 characters\n");
}
- newpasslen = strlen(newpass);
- snprint(prompt, sizeof(prompt), "retype password: ");
- passck = getpassm(prompt);
+ passck = readcons("retype password", nil, 1);
if(passck == nil){
- fprint(2, "secstore: getpassm failed\n");
+ fprint(2, "secstore: input aborted\n");
goto Out;
}
if(strcmp(passck, newpass) != 0){
fprint(2, "secstore: passwords didn't match\n");
+ memset(passck, 0, strlen(passck));
+ free(passck);
goto Out;
}
+ memset(passck, 0, newpasslen);
+ free(passck);
c->conn->write(c->conn, (uchar*)"CHPASS", strlen("CHPASS"));
hexHi = PAK_Hi(id, newpass, H, Hi);
@@ -387,6 +389,8 @@
sysfatal("tried to login with nil dest");
c = emalloc(sizeof(*c));
if(pass_nvram){
+ Nvrsafe nvr;
+
if(readnvram(&nvr, 0) < 0){
if(verbose)
fprint(2, "secstore: readnvram: %r\n");
@@ -393,6 +397,7 @@
exits("readnvram failed");
}
strecpy(c->pass, c->pass+sizeof c->pass, nvr.config);
+ memset(&nvr, 0, sizeof nvr);
}
if(pass_stdin){
n = readn(0, s, Maxmsg-2); /* so len(PINSTA)<Maxmsg-3 */
@@ -424,7 +429,11 @@
c->conn = newSConn(fd);
ntry++;
if(!pass_stdin && !pass_nvram){
- pass = getpassm("secstore password: ");
+ pass = readcons("secstore password", nil, 1);
+ if(pass == nil){
+ fprint(2, "secstore: password input aborted\n");
+ exits("password input aborted");
+ }
if(strlen(pass) >= sizeof c->pass){
fprint(2, "secstore: password too long, skipping secstore login\n");
exits("password too long");
@@ -466,7 +475,7 @@
exits("missing PIN+SecureID on standard input");
free(PINSTA);
}else{
- pass = getpassm("STA PIN+SecureID: ");
+ pass = readcons("STA PIN+SecureID", nil, 1);
strncpy(s+3, pass, sizeof s - 4);
memset(pass, 0, strlen(pass));
free(pass);
--- a/sys/src/cmd/auth/secstore/secstore.h
+++ b/sys/src/cmd/auth/secstore/secstore.h
@@ -22,7 +22,6 @@
void freePW(PW*);
PW *getPW(char*, int);
-char *getpassm(char*);
int putPW(PW*);
char *validatefile(char*f);
--- a/sys/src/cmd/auth/secstore/secuser.c
+++ b/sys/src/cmd/auth/secstore/secuser.c
@@ -2,6 +2,7 @@
#include <libc.h>
#include <mp.h>
#include <libsec.h>
+#include <authsrv.h>
#include "SConn.h"
#include "secstore.h"
@@ -71,12 +72,12 @@
/* get main password for id */
for(;;){
if(isnew)
- snprint(prompt, sizeof(prompt), "%s password: ", id);
+ snprint(prompt, sizeof(prompt), "%s password", id);
else
- snprint(prompt, sizeof(prompt), "%s password [default = don't change]: ", id);
- pass = getpassm(prompt);
+ snprint(prompt, sizeof(prompt), "%s password [default = don't change]", id);
+ pass = readcons(prompt, nil, 1);
if(pass == nil)
- sysfatal("getpassm failed");
+ sysfatal("password input aborted");
if(verbose)
print("%ld characters\n", strlen(pass));
if(pass[0] == '\0' && isnew == 0)
@@ -83,16 +84,17 @@
break;
if(strlen(pass) >= 7)
break;
+ memset(pass, 0, strlen(pass));
+ free(pass);
print("password must be at least 7 characters\n");
}
if(pass[0] != '\0'){
- snprint(prompt, sizeof(prompt), "retype password: ");
if(verbose)
print("confirming...\n");
- passck = getpassm(prompt);
+ passck = readcons("retype password", nil, 1);
if(passck == nil)
- sysfatal("getpassm failed");
+ sysfatal("password input aborted");
if(strcmp(pass, passck) != 0)
sysfatal("passwords didn't match");
memset(passck, 0, strlen(passck));
--- a/sys/src/cmd/auth/secstore/util.c
+++ b/sys/src/cmd/auth/secstore/util.c
@@ -32,61 +32,6 @@
return s;
}
-char*
-getpassm(char *prompt)
-{
- char *p, line[4096];
- int n, nr;
- static int cons, consctl; /* closing & reopening fails in ssh environment */
-
- if(cons == 0){ /* first time? */
- cons = open("/dev/cons", ORDWR);
- if(cons < 0)
- sysfatal("couldn't open cons");
- consctl = open("/dev/consctl", OWRITE);
- if(consctl < 0)
- sysfatal("couldn't set raw mode via consctl");
- }
- fprint(consctl, "rawon");
- fprint(cons, "%s", prompt);
- nr = 0;
- p = line;
- for(;;){
- n = read(cons, p, 1);
- if(n < 0){
- fprint(consctl, "rawoff");
- fprint(cons, "\n");
- return nil;
- }
- if(n == 0 || *p == '\n' || *p == '\r' || *p == 0x7f){
- *p = '\0';
- fprint(consctl, "rawoff");
- fprint(cons, "\n");
- p = strdup(line);
- memset(line, 0, nr);
- return p;
- }
- if(*p == '\b'){
- if(nr > 0){
- nr--;
- p--;
- }
- }else if(*p == ('u' & 037)){ /* cntrl-u */
- fprint(cons, "\n%s", prompt);
- nr = 0;
- p = line;
- }else{
- nr++;
- p++;
- }
- if(nr+1 == sizeof line){
- fprint(cons, "line too long; try again\n%s", prompt);
- nr = 0;
- p = line;
- }
- }
-}
-
static char *
illegal(char *f)
{