diff options
author | delphij <delphij@FreeBSD.org> | 2010-11-13 10:38:06 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2010-11-13 10:38:06 +0000 |
commit | e0a2d4f15ed9e93fcb62544ed65f7a98e2339c3b (patch) | |
tree | e40b0175bd6d903492622ca230830331bb3b3a9d /lib | |
parent | 2b1dea9bfc97c67898a6be457bf8a0d422046fbf (diff) | |
download | FreeBSD-src-e0a2d4f15ed9e93fcb62544ed65f7a98e2339c3b.zip FreeBSD-src-e0a2d4f15ed9e93fcb62544ed65f7a98e2339c3b.tar.gz |
Sync with OpenBSD, primarily better signal and terminal handling.
Obtained from: OpenBSD
MFC after: 2 weeks
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/gen/readpassphrase.3 | 112 | ||||
-rw-r--r-- | lib/libc/gen/readpassphrase.c | 142 |
2 files changed, 130 insertions, 124 deletions
diff --git a/lib/libc/gen/readpassphrase.3 b/lib/libc/gen/readpassphrase.3 index 0d6a7ff..3bcee6f 100644 --- a/lib/libc/gen/readpassphrase.3 +++ b/lib/libc/gen/readpassphrase.3 @@ -1,33 +1,26 @@ -.\" $OpenBSD: readpassphrase.3,v 1.7 2001/12/15 15:37:51 millert Exp $ +.\" $OpenBSD: readpassphrase.3,v 1.17 2007/05/31 19:19:28 jmc Exp $ .\" -.\" Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> -.\" All rights reserved. +.\" Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com> .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. .\" -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -.\" AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL -.\" THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -.\" EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -.\" PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -.\" OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -.\" OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.\" Sponsored in part by the Defense Advanced Research Projects +.\" Agency (DARPA) and Air Force Research Laboratory, Air Force +.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" .\" $FreeBSD$ .\" -.Dd December 7, 2001 +.Dd May 31, 2007 .Dt READPASSPHRASE 3 .Os .Sh NAME @@ -79,6 +72,8 @@ force input to lower case force input to upper case .It Dv RPP_SEVENBIT strip the high bit from input +.It Dv RPP_STDIN +force read of passphrase from stdin .El .Pp The calling process should zero the passphrase as soon as possible to @@ -87,7 +82,7 @@ space. .Sh RETURN VALUES Upon successful completion, .Fn readpassphrase -returns a pointer to the null-terminated passphrase. +returns a pointer to the NUL-terminated passphrase. If an error is encountered, the terminal state is restored and a .Dv NULL @@ -117,40 +112,6 @@ if (compare(transform(passbuf), epass) != 0) memset(passbuf, 0, sizeof(passbuf)); .Ed -.Sh SIGNALS -The -.Fn readpassphrase -function -will catch the following signals: -.Pp -.Bl -tag -compact -.It Dv SIGINT -.It Dv SIGHUP -.It Dv SIGQUIT -.It Dv SIGTERM -.It Dv SIGTSTP -.It Dv SIGTTIN -.It Dv SIGTTOU -.El -.Pp -When one of the above signals is intercepted, terminal echo will -be restored if it had previously been turned off. -If a signal handler was installed for the signal when -.Fn readpassphrase -was called that handler is then executed. -If no handler was previously installed for the signal then the -default action is taken as per -.Xr sigaction 2 . -.Pp -The -.Dv SIGTSTP , SIGTTIN , -and -.Dv SIGTTOU -signals (stop signal generated from keyboard or due to terminal I/O -from a background process) are treated specially. -When the process is resumed after it has been stopped, -.Fn readpassphrase -will reprint the prompt and the user may then enter a passphrase. .Sh ERRORS .Bl -tag -width Er .It Bq Er EINTR @@ -159,14 +120,14 @@ The function was interrupted by a signal. .It Bq Er EINVAL The -.Fa bufsiz +.Ar bufsiz argument was zero. .It Bq Er EIO The process is a member of a background process attempting to read from its controlling terminal, the process is ignoring or blocking the .Dv SIGTTIN -signal or the process group is orphaned. +signal, or the process group is orphaned. .It Bq Er EMFILE The process has already reached its limit for open file descriptors. .It Bq Er ENFILE @@ -176,6 +137,35 @@ There is no controlling terminal and the .Dv RPP_REQUIRE_TTY flag was specified. .El +.Sh SIGNALS +The +.Fn readpassphrase +function +will catch the following signals: +.Bd -literal -offset indent +SIGALRM SIGHUP SIGINT +SIGPIPE SIGQUIT SIGTERM +SIGTSTP SIGTTIN SIGTTOU +.Ed +.Pp +When one of the above signals is intercepted, terminal echo will +be restored if it had previously been turned off. +If a signal handler was installed for the signal when +.Fn readpassphrase +was called, that handler is then executed. +If no handler was previously installed for the signal then the +default action is taken as per +.Xr sigaction 2 . +.Pp +The +.Dv SIGTSTP , SIGTTIN +and +.Dv SIGTTOU +signals (stop signals generated from keyboard or due to terminal I/O +from a background process) are treated specially. +When the process is resumed after it has been stopped, +.Fn readpassphrase +will reprint the prompt and the user may then enter a passphrase. .Sh SEE ALSO .Xr sigaction 2 , .Xr getpass 3 diff --git a/lib/libc/gen/readpassphrase.c b/lib/libc/gen/readpassphrase.c index 983e01d..d57e703 100644 --- a/lib/libc/gen/readpassphrase.c +++ b/lib/libc/gen/readpassphrase.c @@ -1,35 +1,26 @@ -/* $OpenBSD: readpassphrase.c,v 1.12 2001/12/15 05:41:00 millert Exp $ */ +/* $OpenBSD: readpassphrase.c,v 1.23 2010/05/14 13:30:34 millert Exp $ */ /* - * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> - * All rights reserved. + * Copyright (c) 2000-2002, 2007, 2010 + * Todd C. Miller <Todd.Miller@courtesan.com> * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL - * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. */ -#if defined(LIBC_SCCS) && !defined(lint) -static const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.12 2001/12/15 05:41:00 millert Exp $"; -#endif /* LIBC_SCCS and not lint */ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -46,7 +37,7 @@ __FBSDID("$FreeBSD$"); #include <readpassphrase.h> #include "un-namespace.h" -static volatile sig_atomic_t signo; +static volatile sig_atomic_t signo[NSIG]; static void handler(int); @@ -54,11 +45,11 @@ char * readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) { ssize_t nr; - int input, output, save_errno; + int input, output, save_errno, i, need_restart; char ch, *p, *end; struct termios term, oterm; - struct sigaction sa, saveint, savehup, savequit, saveterm; - struct sigaction savetstp, savettin, savettou; + struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; + struct sigaction savetstp, savettin, savettou, savepipe; /* I suppose we could alloc on demand in this case (XXX). */ if (bufsiz == 0) { @@ -67,11 +58,17 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) } restart: + for (i = 0; i < NSIG; i++) + signo[i] = 0; + nr = -1; + save_errno = 0; + need_restart = 0; /* * Read and write to /dev/tty if available. If not, read from * stdin and write to stderr unless a tty is required. */ - if ((input = output = _open(_PATH_TTY, O_RDWR)) == -1) { + if ((flags & RPP_STDIN) || + (input = output = _open(_PATH_TTY, O_RDWR)) == -1) { if (flags & RPP_REQUIRE_TTY) { errno = ENOTTY; return(NULL); @@ -81,45 +78,55 @@ restart: } /* + * Turn off echo if possible. + * If we are using a tty but are not the foreground pgrp this will + * generate SIGTTOU, so do it *before* installing the signal handlers. + */ + if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { + memcpy(&term, &oterm, sizeof(term)); + if (!(flags & RPP_ECHO_ON)) + term.c_lflag &= ~(ECHO | ECHONL); + if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) + term.c_cc[VSTATUS] = _POSIX_VDISABLE; + (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term); + } else { + memset(&term, 0, sizeof(term)); + term.c_lflag |= ECHO; + memset(&oterm, 0, sizeof(oterm)); + oterm.c_lflag |= ECHO; + } + + /* * Catch signals that would otherwise cause the user to end * up with echo turned off in the shell. Don't worry about - * things like SIGALRM and SIGPIPE for now. + * things like SIGXCPU and SIGVTALRM for now. */ sigemptyset(&sa.sa_mask); sa.sa_flags = 0; /* don't restart system calls */ sa.sa_handler = handler; - (void)_sigaction(SIGINT, &sa, &saveint); + (void)_sigaction(SIGALRM, &sa, &savealrm); (void)_sigaction(SIGHUP, &sa, &savehup); + (void)_sigaction(SIGINT, &sa, &saveint); + (void)_sigaction(SIGPIPE, &sa, &savepipe); (void)_sigaction(SIGQUIT, &sa, &savequit); (void)_sigaction(SIGTERM, &sa, &saveterm); (void)_sigaction(SIGTSTP, &sa, &savetstp); (void)_sigaction(SIGTTIN, &sa, &savettin); (void)_sigaction(SIGTTOU, &sa, &savettou); - /* Turn off echo if possible. */ - if (tcgetattr(input, &oterm) == 0) { - memcpy(&term, &oterm, sizeof(term)); - if (!(flags & RPP_ECHO_ON)) - term.c_lflag &= ~(ECHO | ECHONL); - if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) - term.c_cc[VSTATUS] = _POSIX_VDISABLE; - (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term); - } else { - memset(&term, 0, sizeof(term)); - memset(&oterm, 0, sizeof(oterm)); - } - - (void)_write(output, prompt, strlen(prompt)); + if (!(flags & RPP_STDIN)) + (void)_write(output, prompt, strlen(prompt)); end = buf + bufsiz - 1; - for (p = buf; (nr = _read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r';) { + p = buf; + while ((nr = _read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { if (p < end) { if ((flags & RPP_SEVENBIT)) ch &= 0x7f; if (isalpha(ch)) { if ((flags & RPP_FORCELOWER)) - ch = tolower(ch); + ch = (char)tolower(ch); if ((flags & RPP_FORCEUPPER)) - ch = toupper(ch); + ch = (char)toupper(ch); } *p++ = ch; } @@ -130,11 +137,16 @@ restart: (void)_write(output, "\n", 1); /* Restore old terminal settings and signals. */ - if (memcmp(&term, &oterm, sizeof(term)) != 0) - (void)tcsetattr(input, TCSANOW|TCSASOFT, &oterm); - (void)_sigaction(SIGINT, &saveint, NULL); + if (memcmp(&term, &oterm, sizeof(term)) != 0) { + while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 && + errno == EINTR && !signo[SIGTTOU]) + continue; + } + (void)_sigaction(SIGALRM, &savealrm, NULL); (void)_sigaction(SIGHUP, &savehup, NULL); + (void)_sigaction(SIGINT, &saveint, NULL); (void)_sigaction(SIGQUIT, &savequit, NULL); + (void)_sigaction(SIGPIPE, &savepipe, NULL); (void)_sigaction(SIGTERM, &saveterm, NULL); (void)_sigaction(SIGTSTP, &savetstp, NULL); (void)_sigaction(SIGTTIN, &savettin, NULL); @@ -146,18 +158,22 @@ restart: * If we were interrupted by a signal, resend it to ourselves * now that we have restored the signal handlers. */ - if (signo) { - kill(getpid(), signo); - switch (signo) { - case SIGTSTP: - case SIGTTIN: - case SIGTTOU: - signo = 0; - goto restart; + for (i = 0; i < NSIG; i++) { + if (signo[i]) { + kill(getpid(), i); + switch (i) { + case SIGTSTP: + case SIGTTIN: + case SIGTTOU: + need_restart = 1; + } } } + if (need_restart) + goto restart; - errno = save_errno; + if (save_errno) + errno = save_errno; return(nr == -1 ? NULL : buf); } @@ -174,5 +190,5 @@ getpass(const char *prompt) static void handler(int s) { - signo = s; + signo[s] = 1; } |