From 64845bdc829d6a6179d0762b7e97ef23828562a3 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 3 Oct 2014 15:53:45 +0200 Subject: [PATCH] ask-password: Add --echo to enable echoing the user input Programs such as OpenVPN may use ask-password for not only retrieving passwords, but also usernames. Masking usernames with * seems just silly. v2 - Don't mess with termios flags, instead print the input instead of an asterix. Resolves issues with backspace and TAB input. v3 - Renamed 'do_echo' variables and argument to 'echo'. Also modified the ask_password_{tty,agent,auto} API instead of additional wrapper functions. [zj: undo changes to ask_password_auto, since no callers were using the new argument.] --- man/systemd-ask-password.xml | 11 +++++++++++ src/ask-password/ask-password.c | 12 ++++++++++-- src/firstboot/firstboot.c | 4 ++-- src/shared/ask-password-api.c | 10 +++++++--- src/shared/ask-password-api.h | 4 ++-- src/tty-ask-password-agent/tty-ask-password-agent.c | 5 +++-- 6 files changed, 35 insertions(+), 11 deletions(-) diff --git a/man/systemd-ask-password.xml b/man/systemd-ask-password.xml index ce0ac3d1a..448df6210 100644 --- a/man/systemd-ask-password.xml +++ b/man/systemd-ask-password.xml @@ -126,6 +126,17 @@ + + + + Echo the user input + instead of masking it. This is useful + when using + systemd-ask-password + to query for usernames. + + + diff --git a/src/ask-password/ask-password.c b/src/ask-password/ask-password.c index 5c37cffc2..1ce8776d8 100644 --- a/src/ask-password/ask-password.c +++ b/src/ask-password/ask-password.c @@ -45,6 +45,7 @@ static const char *arg_icon = NULL; static const char *arg_id = NULL; static const char *arg_message = NULL; +static bool arg_echo = false; static bool arg_use_tty = true; static usec_t arg_timeout = DEFAULT_TIMEOUT_USEC; static bool arg_accept_cached = false; @@ -56,6 +57,7 @@ static void help(void) { " -h --help Show this help\n" " --icon=NAME Icon name\n" " --timeout=SEC Timeout in sec\n" + " --echo Do not mask input (useful for usernames)\n" " --no-tty Ask question via agent even on TTY\n" " --accept-cached Accept cached passwords\n" " --multiple List multiple passwords if available\n" @@ -68,6 +70,7 @@ static int parse_argv(int argc, char *argv[]) { enum { ARG_ICON = 0x100, ARG_TIMEOUT, + ARG_ECHO, ARG_NO_TTY, ARG_ACCEPT_CACHED, ARG_MULTIPLE, @@ -78,6 +81,7 @@ static int parse_argv(int argc, char *argv[]) { { "help", no_argument, NULL, 'h' }, { "icon", required_argument, NULL, ARG_ICON }, { "timeout", required_argument, NULL, ARG_TIMEOUT }, + { "echo", no_argument, NULL, ARG_ECHO }, { "no-tty", no_argument, NULL, ARG_NO_TTY }, { "accept-cached", no_argument, NULL, ARG_ACCEPT_CACHED }, { "multiple", no_argument, NULL, ARG_MULTIPLE }, @@ -109,6 +113,10 @@ static int parse_argv(int argc, char *argv[]) { } break; + case ARG_ECHO: + arg_echo = true; + break; + case ARG_NO_TTY: arg_use_tty = false; break; @@ -160,7 +168,7 @@ int main(int argc, char *argv[]) { if (arg_use_tty && isatty(STDIN_FILENO)) { char *password = NULL; - if ((r = ask_password_tty(arg_message, timeout, NULL, &password)) >= 0) { + if ((r = ask_password_tty(arg_message, timeout, arg_echo, NULL, &password)) >= 0) { puts(password); free(password); } @@ -168,7 +176,7 @@ int main(int argc, char *argv[]) { } else { char **l; - if ((r = ask_password_agent(arg_message, arg_icon, arg_id, timeout, arg_accept_cached, &l)) >= 0) { + if ((r = ask_password_agent(arg_message, arg_icon, arg_id, timeout, arg_echo, arg_accept_cached, &l)) >= 0) { char **p; STRV_FOREACH(p, l) { diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index f586c2ef7..6b0d2fc86 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -491,7 +491,7 @@ static int prompt_root_password(void) { for (;;) { _cleanup_free_ char *a = NULL, *b = NULL; - r = ask_password_tty(msg1, 0, NULL, &a); + r = ask_password_tty(msg1, 0, false, NULL, &a); if (r < 0) { log_error("Failed to query root password: %s", strerror(-r)); return r; @@ -502,7 +502,7 @@ static int prompt_root_password(void) { break; } - r = ask_password_tty(msg2, 0, NULL, &b); + r = ask_password_tty(msg2, 0, false, NULL, &b); if (r < 0) { log_error("Failed to query root password: %s", strerror(-r)); clear_string(a); diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 8d03f4ad0..94a27f901 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -52,6 +52,7 @@ static void backspace_chars(int ttyfd, size_t p) { int ask_password_tty( const char *message, usec_t until, + bool echo, const char *flag_file, char **_passphrase) { @@ -218,7 +219,7 @@ int ask_password_tty( passphrase[p++] = c; if (!silent_mode && ttyfd >= 0) - loop_write(ttyfd, "*", 1, false); + loop_write(ttyfd, echo ? &c : "*", 1, false); dirty = true; } @@ -300,6 +301,7 @@ int ask_password_agent( const char *icon, const char *id, usec_t until, + bool echo, bool accept_cached, char ***_passphrases) { @@ -362,10 +364,12 @@ int ask_password_agent( "PID="PID_FMT"\n" "Socket=%s\n" "AcceptCached=%i\n" + "Echo=%i\n" "NotAfter="USEC_FMT"\n", getpid(), socket_name, accept_cached ? 1 : 0, + echo ? 1 : 0, until); if (message) @@ -550,7 +554,7 @@ int ask_password_auto(const char *message, const char *icon, const char *id, int r; char *s = NULL, **l = NULL; - r = ask_password_tty(message, until, NULL, &s); + r = ask_password_tty(message, until, false, NULL, &s); if (r < 0) return r; @@ -561,5 +565,5 @@ int ask_password_auto(const char *message, const char *icon, const char *id, *_passphrases = l; return r; } else - return ask_password_agent(message, icon, id, until, accept_cached, _passphrases); + return ask_password_agent(message, icon, id, until, false, accept_cached, _passphrases); } diff --git a/src/shared/ask-password-api.h b/src/shared/ask-password-api.h index 3839a2df0..704ee6e1b 100644 --- a/src/shared/ask-password-api.h +++ b/src/shared/ask-password-api.h @@ -23,10 +23,10 @@ #include "util.h" -int ask_password_tty(const char *message, usec_t until, const char *flag_file, char **_passphrase); +int ask_password_tty(const char *message, usec_t until, bool echo, const char *flag_file, char **_passphrase); int ask_password_agent(const char *message, const char *icon, const char *id, - usec_t until, bool accept_cached, char ***_passphrases); + usec_t until, bool echo, bool accept_cached, char ***_passphrases); int ask_password_auto(const char *message, const char *icon, const char *id, usec_t until, bool accept_cached, char ***_passphrases); diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index e7cbde285..e6dc84b44 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -214,7 +214,7 @@ static int parse_password(const char *filename, char **wall) { _cleanup_free_ char *socket_name = NULL, *message = NULL, *packet = NULL; uint64_t not_after = 0; unsigned pid = 0; - bool accept_cached = false; + bool accept_cached = false, echo = false; const ConfigTableItem items[] = { { "Ask", "Socket", config_parse_string, 0, &socket_name }, @@ -222,6 +222,7 @@ static int parse_password(const char *filename, char **wall) { { "Ask", "Message", config_parse_string, 0, &message }, { "Ask", "PID", config_parse_unsigned, 0, &pid }, { "Ask", "AcceptCached", config_parse_bool, 0, &accept_cached }, + { "Ask", "Echo", config_parse_bool, 0, &echo }, {} }; @@ -314,7 +315,7 @@ static int parse_password(const char *filename, char **wall) { return tty_fd; } - r = ask_password_tty(message, not_after, filename, &password); + r = ask_password_tty(message, not_after, echo, filename, &password); if (arg_console) { safe_close(tty_fd); -- 2.30.2