1 /* $OpenBSD: readpass.c,v 1.47 2006/08/03 03:34:42 deraadt Exp $ */ 2 /* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include "includes.h" 27 28 #include <sys/types.h> 29 #include <sys/wait.h> 30 31 #include <errno.h> 32 #include <fcntl.h> 33 #ifdef HAVE_PATHS_H 34 # include <paths.h> 35 #endif 36 #include <stdarg.h> 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include <string.h> 40 #include <unistd.h> 41 42 #include "xmalloc.h" 43 #include "misc.h" 44 #include "pathnames.h" 45 #include "log.h" 46 #include "ssh.h" 47 #include "uidswap.h" 48 49 static char * 50 ssh_askpass(char *askpass, const char *msg) 51 { 52 pid_t pid; 53 size_t len; 54 char *pass; 55 int p[2], status, ret; 56 char buf[1024]; 57 58 if (fflush(stdout) != 0) 59 error("ssh_askpass: fflush: %s", strerror(errno)); 60 if (askpass == NULL) 61 fatal("internal error: askpass undefined"); 62 if (pipe(p) < 0) { 63 error("ssh_askpass: pipe: %s", strerror(errno)); 64 return NULL; 65 } 66 if ((pid = fork()) < 0) { 67 error("ssh_askpass: fork: %s", strerror(errno)); 68 return NULL; 69 } 70 if (pid == 0) { 71 permanently_drop_suid(getuid()); 72 close(p[0]); 73 if (dup2(p[1], STDOUT_FILENO) < 0) 74 fatal("ssh_askpass: dup2: %s", strerror(errno)); 75 execlp(askpass, askpass, msg, (char *) 0); 76 fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); 77 } 78 close(p[1]); 79 80 len = ret = 0; 81 do { 82 ret = read(p[0], buf + len, sizeof(buf) - 1 - len); 83 if (ret == -1 && errno == EINTR) 84 continue; 85 if (ret <= 0) 86 break; 87 len += ret; 88 } while (sizeof(buf) - 1 - len > 0); 89 buf[len] = '\0'; 90 91 close(p[0]); 92 while (waitpid(pid, &status, 0) < 0) 93 if (errno != EINTR) 94 break; 95 96 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { 97 memset(buf, 0, sizeof(buf)); 98 return NULL; 99 } 100 101 buf[strcspn(buf, "\r\n")] = '\0'; 102 pass = xstrdup(buf); 103 memset(buf, 0, sizeof(buf)); 104 return pass; 105 } 106 107 /* 108 * Reads a passphrase from /dev/tty with echo turned off/on. Returns the 109 * passphrase (allocated with xmalloc). Exits if EOF is encountered. If 110 * RP_ALLOW_STDIN is set, the passphrase will be read from stdin if no 111 * tty is available 112 */ 113 char * 114 read_passphrase(const char *prompt, int flags) 115 { 116 char *askpass = NULL, *ret, buf[1024]; 117 int rppflags, use_askpass = 0, ttyfd; 118 119 rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; 120 if (flags & RP_USE_ASKPASS) 121 use_askpass = 1; 122 else if (flags & RP_ALLOW_STDIN) { 123 if (!isatty(STDIN_FILENO)) { 124 debug("read_passphrase: stdin is not a tty"); 125 use_askpass = 1; 126 } 127 } else { 128 rppflags |= RPP_REQUIRE_TTY; 129 ttyfd = open(_PATH_TTY, O_RDWR); 130 if (ttyfd >= 0) 131 close(ttyfd); 132 else { 133 debug("read_passphrase: can't open %s: %s", _PATH_TTY, 134 strerror(errno)); 135 use_askpass = 1; 136 } 137 } 138 139 if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL) 140 return (flags & RP_ALLOW_EOF) ? NULL : xstrdup(""); 141 142 if (use_askpass && getenv("DISPLAY")) { 143 if (getenv(SSH_ASKPASS_ENV)) 144 askpass = getenv(SSH_ASKPASS_ENV); 145 else 146 askpass = _PATH_SSH_ASKPASS_DEFAULT; 147 if ((ret = ssh_askpass(askpass, prompt)) == NULL) 148 if (!(flags & RP_ALLOW_EOF)) 149 return xstrdup(""); 150 return ret; 151 } 152 153 if (readpassphrase(prompt, buf, sizeof buf, rppflags) == NULL) { 154 if (flags & RP_ALLOW_EOF) 155 return NULL; 156 return xstrdup(""); 157 } 158 159 ret = xstrdup(buf); 160 memset(buf, 'x', sizeof buf); 161 return ret; 162 } 163 164 int 165 ask_permission(const char *fmt, ...) 166 { 167 va_list args; 168 char *p, prompt[1024]; 169 int allowed = 0; 170 171 va_start(args, fmt); 172 vsnprintf(prompt, sizeof(prompt), fmt, args); 173 va_end(args); 174 175 p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF); 176 if (p != NULL) { 177 /* 178 * Accept empty responses and responses consisting 179 * of the word "yes" as affirmative. 180 */ 181 if (*p == '\0' || *p == '\n' || 182 strcasecmp(p, "yes") == 0) 183 allowed = 1; 184 xfree(p); 185 } 186 187 return (allowed); 188 } 189