Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/sbin/cgdconfig Pull up following revision(s) (requested b...



details:   https://anonhg.NetBSD.org/src/rev/fae231e20a26
branches:  netbsd-8
changeset: 435178:fae231e20a26
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Aug 07 13:19:51 2018 +0000

description:
Pull up following revision(s) (requested by alnsn in ticket #958):

        sbin/cgdconfig/cgdconfig.c: revision 1.46
        sbin/cgdconfig/cgdconfig.c: revision 1.47
        sbin/cgdconfig/cgdconfig.c: revision 1.48
        sbin/cgdconfig/cgdconfig.8: revision 1.39
        sbin/cgdconfig/cgdconfig.8: revision 1.40

Add '-e' option (echo the passphrase) and wipe the passphrase after use.
XXX Using memset for wiping isn't a good idea because memset is likely
optimised away by gcc. This should be revisited.

Missed one change when doing a manual merge of my patch with kre's commit.

use explicit_memset(3)

With the change to use getpass_r the 128 byte passphrase limit no
longer applies, so update the BUGS section here to reflect that change.
The limit now is 1023 whichever method is used to fetch the passphrase.

diffstat:

 sbin/cgdconfig/cgdconfig.8 |  22 +++++++---------------
 sbin/cgdconfig/cgdconfig.c |  46 +++++++++++++++++++++++++++++++---------------
 2 files changed, 38 insertions(+), 30 deletions(-)

diffs (183 lines):

diff -r b0fe455435e4 -r fae231e20a26 sbin/cgdconfig/cgdconfig.8
--- a/sbin/cgdconfig/cgdconfig.8        Tue Aug 07 13:11:12 2018 +0000
+++ b/sbin/cgdconfig/cgdconfig.8        Tue Aug 07 13:19:51 2018 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: cgdconfig.8,v 1.36.6.1 2018/07/31 16:01:12 martin Exp $
+.\" $NetBSD: cgdconfig.8,v 1.36.6.2 2018/08/07 13:19:51 martin Exp $
 .\"
 .\" Copyright (c) 2002, The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -35,17 +35,17 @@
 .Nd configuration utility for the cryptographic disk driver
 .Sh SYNOPSIS
 .Nm
-.Op Fl npv
+.Op Fl enpv
 .Op Fl V Ar vmeth
 .Ar cgd dev
 .Op Ar paramsfile
 .Nm
 .Fl C
-.Op Fl npv
+.Op Fl enpv
 .Op Fl f Ar configfile
 .Nm
 .Fl G
-.Op Fl npv
+.Op Fl enpv
 .Op Fl i Ar ivmeth
 .Op Fl k Ar kgmeth
 .Op Fl o Ar outfile
@@ -89,6 +89,8 @@
 .Bl -tag -width configfilexxxx
 .It Fl C
 Configure all the devices listed in the cgd configuration file.
+.It Fl e
+Echo the passphase.
 .It Fl f Ar configfile
 Specify the configuration file explicitly, rather than using the default
 configuration file
@@ -447,14 +449,4 @@
 utility appeared in
 .Nx 2.0 .
 .Sh BUGS
-Since
-.Nm
-without
-.Fl p
-uses
-.Xr getpass 3
-to read in the passphrase,
-it is limited to sysconf(_SC_PASS_MAX) (128) characters.
-With
-.Fl p
-the limit is 1023 characters.
+Pass phrases are limited to 1023 bytes.
diff -r b0fe455435e4 -r fae231e20a26 sbin/cgdconfig/cgdconfig.c
--- a/sbin/cgdconfig/cgdconfig.c        Tue Aug 07 13:11:12 2018 +0000
+++ b/sbin/cgdconfig/cgdconfig.c        Tue Aug 07 13:19:51 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgdconfig.c,v 1.41.6.1 2018/07/31 16:01:12 martin Exp $ */
+/* $NetBSD: cgdconfig.c,v 1.41.6.2 2018/08/07 13:19:51 martin Exp $ */
 
 /*-
  * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 2002, 2003\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: cgdconfig.c,v 1.41.6.1 2018/07/31 16:01:12 martin Exp $");
+__RCSID("$NetBSD: cgdconfig.c,v 1.41.6.2 2018/08/07 13:19:51 martin Exp $");
 #endif
 
 #include <err.h>
@@ -89,8 +89,10 @@
 
 /* if pflag is set to PFLAG_STDIN read from stdin rather than getpass(3) */
 
-#define        PFLAG_GETPASS   0x01
-#define        PFLAG_STDIN     0x02
+#define        PFLAG_GETPASS           0x01
+#define        PFLAG_GETPASS_ECHO      0x02
+#define        PFLAG_GETPASS_MASK      0x03
+#define        PFLAG_STDIN             0x04
 int    pflag = PFLAG_GETPASS;
 
 static int     configure(int, char **, struct params *, int);
@@ -136,11 +138,11 @@
 usage(void)
 {
 
-       (void)fprintf(stderr, "usage: %s [-npv] [-V vmeth] cgd dev "
+       (void)fprintf(stderr, "usage: %s [-enpv] [-V vmeth] cgd dev "
            "[paramsfile]\n", getprogname());
-       (void)fprintf(stderr, "       %s -C [-npv] [-f configfile]\n",
+       (void)fprintf(stderr, "       %s -C [-enpv] [-f configfile]\n",
            getprogname());
-       (void)fprintf(stderr, "       %s -G [-npv] [-i ivmeth] [-k kgmeth] "
+       (void)fprintf(stderr, "       %s -G [-enpv] [-i ivmeth] [-k kgmeth] "
            "[-o outfile] paramsfile\n", getprogname());
        (void)fprintf(stderr, "       %s -g [-nv] [-i ivmeth] [-k kgmeth] "
            "[-o outfile] alg [keylen]\n", getprogname());
@@ -201,7 +203,7 @@
        p = params_new();
        kg = NULL;
 
-       while ((ch = getopt(argc, argv, "CGUV:b:f:gi:k:lno:spuv")) != -1)
+       while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:spuv")) != -1)
                switch (ch) {
                case 'C':
                        set_action(&action, ACTION_CONFIGALL);
@@ -230,6 +232,9 @@
                                p = params_combine(p, tp);
                        }
                        break;
+               case 'e':
+                       pflag = PFLAG_GETPASS_ECHO;
+                       break;
                case 'f':
                        if (cfile)
                                usage();
@@ -377,12 +382,17 @@
 maybe_getpass(char *prompt)
 {
        char     buf[1024];
-       char    *p = buf;
-       char    *tmp;
+       char    *p = NULL;
+       char    *tmp, *pass;
 
        switch (pflag) {
        case PFLAG_GETPASS:
-               p = getpass(prompt);
+               p = getpass_r(prompt, buf, sizeof(buf));
+               break;
+
+       case PFLAG_GETPASS_ECHO:
+               p = getpassfd(prompt, buf, sizeof(buf), NULL,
+                   GETPASS_ECHO|GETPASS_ECHO_NL|GETPASS_NEED_TTY, 0);
                break;
 
        case PFLAG_STDIN:
@@ -401,7 +411,10 @@
        if (!p)
                err(EXIT_FAILURE, "failed to read passphrase");
 
-       return estrdup(p);
+       pass = estrdup(p);
+       explicit_memset(buf, 0, sizeof(buf));
+
+       return pass;
 }
 
 /*ARGSUSED*/
@@ -422,7 +435,8 @@
        char             buf[1024];
        u_int8_t        *tmp;
 
-       snprintf(buf, sizeof(buf), "%s's passphrase:", target);
+       snprintf(buf, sizeof(buf), "%s's passphrase%s:", target,
+           pflag & PFLAG_GETPASS_ECHO ? " (echo)" : "");
        passp = maybe_getpass(buf);
        if (pkcs5_pbkdf2(&tmp, BITS2BYTES(keylen), (uint8_t *)passp,
            strlen(passp),
@@ -434,7 +448,7 @@
 
        ret = bits_new(tmp, keylen);
        kg->kg_key = bits_dup(ret);
-       memset(passp, 0, strlen(passp));
+       explicit_memset(passp, 0, strlen(passp));
        free(passp);
        free(tmp);
        return ret;
@@ -585,7 +599,9 @@
         * a password.
         */
 
-       for (kg = p->keygen; pflag == PFLAG_GETPASS && kg; kg = kg->next)
+       for (kg = p->keygen;
+           (pflag & PFLAG_GETPASS_MASK) && kg;
+           kg = kg->next)
                if ((kg->kg_method == KEYGEN_PKCS5_PBKDF2_SHA1) ||
                    (kg->kg_method == KEYGEN_PKCS5_PBKDF2_OLD )) {
                        loop = 1;



Home | Main Index | Thread Index | Old Index