auth/secstore: use common readcons() routine from libauthsrv

2016-07-31 20:09:47 +02:00 · 2016-07-31 20:09:47 +02:00 · a75f4de5c9
commit a75f4de5c9
parent ae5fb4ab78
7 changed files with 40 additions and 84 deletions
--- a/sys/src/cmd/auth/secstore/SConn.c
+++ b/sys/src/cmd/auth/secstore/SConn.c
@ -68,7 +68,7 @@ verify(uchar secret[SHA1dlen], uchar *data, int len, int seqno, uchar d[SHA1dlen
 	sha1(secret, SHA1dlen, nil, &sha);
 	sha1(data, len, nil, &sha);
 	sha1(seq, 4, digest, &sha);
-	return memcmp(d, digest, SHA1dlen);
+	return tsmemcmp(d, digest, SHA1dlen);
 }

 static int
--- a/sys/src/cmd/auth/secstore/aescbc.c
+++ b/sys/src/cmd/auth/secstore/aescbc.c
@ -7,12 +7,9 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
-#include <mp.h>
 #include <libsec.h>
 #include <authsrv.h>

-extern char* getpassm(char*);
-
 enum{ CHK = 16, BUF = 4096 };

 uchar v2hdr[AESbsize+1] = "AES CBC SHA1  2\n";
@ -43,7 +40,6 @@ main(int argc, char **argv)
 	uchar buf[BUF+SHA1dlen];    /* assumption: CHK <= SHA1dlen */
 	AESstate aes;
 	DigestState *dstate;
-	Nvrsafe nvr;

 	ARGBEGIN{
 	case 'e':
@ -67,20 +63,25 @@ main(int argc, char **argv)
 	if(pass_stdin){
 		n = readn(3, buf, (sizeof buf)-1);
 		if(n < 1)
-			exits("usage: echo password |[3=1] auth/aescbc -i ...");
+			sysfatal("usage: echo password |[3=1] auth/aescbc -i ...");
 		buf[n] = 0;
 		while(buf[n-1] == '\n')
 			buf[--n] = 0;
 	}else if(pass_nvram){
+		Nvrsafe nvr;
+
 		if(readnvram(&nvr, 0) < 0)
-			exits("readnvram: %r");
+			sysfatal("readnvram: %r");
 		strecpy((char*)buf, (char*)buf+sizeof buf, (char*)nvr.config);
+		memset(&nvr, 0, sizeof nvr);
 		n = strlen((char*)buf);
 	}else{
-		pass = getpassm("aescbc key:");
+		pass = readcons("aescbc key", nil, 1);
+		if(pass == nil)
+			sysfatal("key input aborted");
 		n = strlen(pass);
 		if(n >= BUF)
-			exits("key too long");
+			sysfatal("key too long");
 		strcpy((char*)buf, pass);
 		memset(pass, 0, n);
 		free(pass);
--- a/sys/src/cmd/auth/secstore/mkfile
+++ b/sys/src/cmd/auth/secstore/mkfile
@ -25,7 +25,7 @@ UPDATE=\

 default:V: all

-$O.aescbc: aescbc.$O util.$O
+$O.aescbc: aescbc.$O
 	$LD -o $target $prereq
 $O.descbc: descbc.$O util.$O
 	$LD -o $target $prereq
--- a/sys/src/cmd/auth/secstore/secstore.c
+++ b/sys/src/cmd/auth/secstore/secstore.c
@ -16,7 +16,6 @@ typedef struct AuthConn{
 } AuthConn;

 int verbose;
-Nvrsafe nvr;

 void
 usage(void)
@ -311,29 +310,32 @@ chpasswd(AuthConn *c, char *id)
 	Hi = mpnew(0);
 	/* changing our password is vulnerable to connection failure */
 	for(;;){
-		snprint(prompt, sizeof(prompt), "new password for %s: ", id);
-		newpass = getpassm(prompt);
+		snprint(prompt, sizeof(prompt), "new password for %s", id);
+		newpass = readcons(prompt, nil, 1);
 		if(newpass == nil)
 			goto Out;
-		if(strlen(newpass) >= 7)
+		newpasslen = strlen(newpass);
+		if(newpasslen >= 7)
 			break;
-		else if(strlen(newpass) == 0){
+		else if(newpasslen == 0){
 			fprint(2, "!password change aborted\n");
 			goto Out;
 		}
 		print("!password must be at least 7 characters\n");
 	}
-	newpasslen = strlen(newpass);
-	snprint(prompt, sizeof(prompt), "retype password: ");
-	passck = getpassm(prompt);
+	passck = readcons("retype password", nil, 1);
 	if(passck == nil){
-		fprint(2, "secstore: getpassm failed\n");
+		fprint(2, "secstore: input aborted\n");
 		goto Out;
 	}
 	if(strcmp(passck, newpass) != 0){
 		fprint(2, "secstore: passwords didn't match\n");
+		memset(passck, 0, strlen(passck));
+		free(passck);
 		goto Out;
 	}
+	memset(passck, 0, newpasslen);
+	free(passck);

 	c->conn->write(c->conn, (uchar*)"CHPASS", strlen("CHPASS"));
 	hexHi = PAK_Hi(id, newpass, H, Hi);
@ -387,12 +389,15 @@ login(char *id, char **dest, int pass_stdin, int pass_nvram)
 		sysfatal("tried to login with nil dest");
 	c = emalloc(sizeof(*c));
 	if(pass_nvram){
+		Nvrsafe nvr;
+
 		if(readnvram(&nvr, 0) < 0){
 			if(verbose)
 				fprint(2, "secstore: readnvram: %r\n");
 			exits("readnvram failed");
 		}
 		strecpy(c->pass, c->pass+sizeof c->pass, nvr.config);
+		memset(&nvr, 0, sizeof nvr);
 	}
 	if(pass_stdin){
 		n = readn(0, s, Maxmsg-2);	/* so len(PINSTA)<Maxmsg-3 */
@ -424,7 +429,11 @@ login(char *id, char **dest, int pass_stdin, int pass_nvram)
 		c->conn = newSConn(fd);
 		ntry++;
 		if(!pass_stdin && !pass_nvram){
-			pass = getpassm("secstore password: ");
+			pass = readcons("secstore password", nil, 1);
+			if(pass == nil){
+				fprint(2, "secstore: password input aborted\n");
+				exits("password input aborted");
+			}
 			if(strlen(pass) >= sizeof c->pass){
 				fprint(2, "secstore: password too long, skipping secstore login\n");
 				exits("password too long");
@ -466,7 +475,7 @@ login(char *id, char **dest, int pass_stdin, int pass_nvram)
 				exits("missing PIN+SecureID on standard input");
 			free(PINSTA);
 		}else{
-			pass = getpassm("STA PIN+SecureID: ");
+			pass = readcons("STA PIN+SecureID", nil, 1);
 			strncpy(s+3, pass, sizeof s - 4);
 			memset(pass, 0, strlen(pass));
 			free(pass);
--- a/sys/src/cmd/auth/secstore/secstore.h
+++ b/sys/src/cmd/auth/secstore/secstore.h
@ -22,7 +22,6 @@ typedef struct PW {

 void	freePW(PW*);
 PW	*getPW(char*, int);
-char	*getpassm(char*);
 int	putPW(PW*);
 char	*validatefile(char*f);

--- a/sys/src/cmd/auth/secstore/secuser.c
+++ b/sys/src/cmd/auth/secstore/secuser.c
@ -2,6 +2,7 @@
 #include <libc.h>
 #include <mp.h>
 #include <libsec.h>
+#include <authsrv.h>
 #include "SConn.h"
 #include "secstore.h"

@ -71,28 +72,29 @@ main(int argc, char **argv)
 	/* get main password for id */
 	for(;;){
 		if(isnew)
-			snprint(prompt, sizeof(prompt), "%s password: ", id);
+			snprint(prompt, sizeof(prompt), "%s password", id);
 		else
-			snprint(prompt, sizeof(prompt), "%s password [default = don't change]: ", id);
-		pass = getpassm(prompt);
+			snprint(prompt, sizeof(prompt), "%s password [default = don't change]", id);
+		pass = readcons(prompt, nil, 1);
 		if(pass == nil)
-			sysfatal("getpassm failed");
+			sysfatal("password input aborted");
 		if(verbose)
 			print("%ld characters\n", strlen(pass));
 		if(pass[0] == '\0' && isnew == 0)
 			break;
 		if(strlen(pass) >= 7)
 			break;
+		memset(pass, 0, strlen(pass));
+		free(pass);
 		print("password must be at least 7 characters\n");
 	}

 	if(pass[0] != '\0'){
-		snprint(prompt, sizeof(prompt), "retype password: ");
 		if(verbose)
 			print("confirming...\n");
-		passck = getpassm(prompt);
+		passck = readcons("retype password", nil, 1);
 		if(passck == nil)
-			sysfatal("getpassm failed");
+			sysfatal("password input aborted");
 		if(strcmp(pass, passck) != 0)
 			sysfatal("passwords didn't match");
 		memset(passck, 0, strlen(passck));
--- a/sys/src/cmd/auth/secstore/util.c
+++ b/sys/src/cmd/auth/secstore/util.c
@ -32,61 +32,6 @@ estrdup(char *s)
 	return s;
 }

-char*
-getpassm(char *prompt)
-{
-	char *p, line[4096];
-	int n, nr;
-	static int cons, consctl; /* closing & reopening fails in ssh environment */
-
-	if(cons == 0){			/* first time? */
-		cons = open("/dev/cons", ORDWR);
-		if(cons < 0)
-			sysfatal("couldn't open cons");
-		consctl = open("/dev/consctl", OWRITE);
-		if(consctl < 0)
-			sysfatal("couldn't set raw mode via consctl");
-	}
-	fprint(consctl, "rawon");
-	fprint(cons, "%s", prompt);
-	nr = 0;
-	p = line;
-	for(;;){
-		n = read(cons, p, 1);
-		if(n < 0){
-			fprint(consctl, "rawoff");
-			fprint(cons, "\n");
-			return nil;
-		}
-		if(n == 0 || *p == '\n' || *p == '\r' || *p == 0x7f){
-			*p = '\0';
-			fprint(consctl, "rawoff");
-			fprint(cons, "\n");
-			p = strdup(line);
-			memset(line, 0, nr);
-			return p;
-		}
-		if(*p == '\b'){
-			if(nr > 0){
-				nr--;
-				p--;
-			}
-		}else if(*p == ('u' & 037)){		/* cntrl-u */
-			fprint(cons, "\n%s", prompt);
-			nr = 0;
-			p = line;
-		}else{
-			nr++;
-			p++;
-		}
-		if(nr+1 == sizeof line){
-			fprint(cons, "line too long; try again\n%s", prompt);
-			nr = 0;
-			p = line;
-		}
-	}
-}
-
 static char *
 illegal(char *f)
 {