[src/netbsd-8]: src/sbin/cgdconfig Pull up following revision(s) (requested b...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-8]: src/sbin/cgdconfig Pull up following revision(s) (requested b...
From: martin <martin%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 15:21:43 +0000

details:   https://anonhg.NetBSD.org/src/rev/1027defd57d3
branches:  netbsd-8
changeset: 851914:1027defd57d3
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Aug 07 13:19:51 2018 +0000

description:
Pull up following revision(s) (requested by alnsn in ticket #958):

        sbin/cgdconfig/cgdconfig.c: revision 1.46
        sbin/cgdconfig/cgdconfig.c: revision 1.47
        sbin/cgdconfig/cgdconfig.c: revision 1.48
        sbin/cgdconfig/cgdconfig.8: revision 1.39
        sbin/cgdconfig/cgdconfig.8: revision 1.40

Add '-e' option (echo the passphrase) and wipe the passphrase after use.
XXX Using memset for wiping isn't a good idea because memset is likely
optimised away by gcc. This should be revisited.

Missed one change when doing a manual merge of my patch with kre's commit.

use explicit_memset(3)

With the change to use getpass_r the 128 byte passphrase limit no
longer applies, so update the BUGS section here to reflect that change.
The limit now is 1023 whichever method is used to fetch the passphrase.

diffstat:

 sbin/cgdconfig/cgdconfig.8 |  22 +++++++---------------
 sbin/cgdconfig/cgdconfig.c |  46 +++++++++++++++++++++++++++++++---------------
 2 files changed, 38 insertions(+), 30 deletions(-)

diffs (183 lines):

diff -r 489b94d6da86 -r 1027defd57d3 sbin/cgdconfig/cgdconfig.8
--- a/sbin/cgdconfig/cgdconfig.8        Tue Aug 07 13:11:12 2018 +0000
+++ b/sbin/cgdconfig/cgdconfig.8        Tue Aug 07 13:19:51 2018 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: cgdconfig.8,v 1.36.6.1 2018/07/31 16:01:12 martin Exp $
+.\" $NetBSD: cgdconfig.8,v 1.36.6.2 2018/08/07 13:19:51 martin Exp $
 .\"
 .\" Copyright (c) 2002, The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -35,17 +35,17 @@
 .Nd configuration utility for the cryptographic disk driver
 .Sh SYNOPSIS
 .Nm
-.Op Fl npv
+.Op Fl enpv
 .Op Fl V Ar vmeth
 .Ar cgd dev
 .Op Ar paramsfile
 .Nm
 .Fl C
-.Op Fl npv
+.Op Fl enpv
 .Op Fl f Ar configfile
 .Nm
 .Fl G
-.Op Fl npv
+.Op Fl enpv
 .Op Fl i Ar ivmeth
 .Op Fl k Ar kgmeth
 .Op Fl o Ar outfile
@@ -89,6 +89,8 @@
 .Bl -tag -width configfilexxxx
 .It Fl C
 Configure all the devices listed in the cgd configuration file.
+.It Fl e
+Echo the passphase.
 .It Fl f Ar configfile
 Specify the configuration file explicitly, rather than using the default
 configuration file
@@ -447,14 +449,4 @@
 utility appeared in
 .Nx 2.0 .
 .Sh BUGS
-Since
-.Nm
-without
-.Fl p
-uses
-.Xr getpass 3
-to read in the passphrase,
-it is limited to sysconf(_SC_PASS_MAX) (128) characters.
-With
-.Fl p
-the limit is 1023 characters.
+Pass phrases are limited to 1023 bytes.
diff -r 489b94d6da86 -r 1027defd57d3 sbin/cgdconfig/cgdconfig.c
--- a/sbin/cgdconfig/cgdconfig.c        Tue Aug 07 13:11:12 2018 +0000
+++ b/sbin/cgdconfig/cgdconfig.c        Tue Aug 07 13:19:51 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgdconfig.c,v 1.41.6.1 2018/07/31 16:01:12 martin Exp $ */
+/* $NetBSD: cgdconfig.c,v 1.41.6.2 2018/08/07 13:19:51 martin Exp $ */
 
 /*-
  * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 2002, 2003\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: cgdconfig.c,v 1.41.6.1 2018/07/31 16:01:12 martin Exp $");
+__RCSID("$NetBSD: cgdconfig.c,v 1.41.6.2 2018/08/07 13:19:51 martin Exp $");
 #endif
 
 #include <err.h>
@@ -89,8 +89,10 @@
 
 /* if pflag is set to PFLAG_STDIN read from stdin rather than getpass(3) */
 
-#define        PFLAG_GETPASS   0x01
-#define        PFLAG_STDIN     0x02
+#define        PFLAG_GETPASS           0x01
+#define        PFLAG_GETPASS_ECHO      0x02
+#define        PFLAG_GETPASS_MASK      0x03
+#define        PFLAG_STDIN             0x04
 int    pflag = PFLAG_GETPASS;
 
 static int     configure(int, char **, struct params *, int);
@@ -136,11 +138,11 @@
 usage(void)
 {
 
-       (void)fprintf(stderr, "usage: %s [-npv] [-V vmeth] cgd dev "
+       (void)fprintf(stderr, "usage: %s [-enpv] [-V vmeth] cgd dev "
            "[paramsfile]\n", getprogname());
-       (void)fprintf(stderr, "       %s -C [-npv] [-f configfile]\n",
+       (void)fprintf(stderr, "       %s -C [-enpv] [-f configfile]\n",
            getprogname());
-       (void)fprintf(stderr, "       %s -G [-npv] [-i ivmeth] [-k kgmeth] "
+       (void)fprintf(stderr, "       %s -G [-enpv] [-i ivmeth] [-k kgmeth] "
            "[-o outfile] paramsfile\n", getprogname());
        (void)fprintf(stderr, "       %s -g [-nv] [-i ivmeth] [-k kgmeth] "
            "[-o outfile] alg [keylen]\n", getprogname());
@@ -201,7 +203,7 @@
        p = params_new();
        kg = NULL;
 
-       while ((ch = getopt(argc, argv, "CGUV:b:f:gi:k:lno:spuv")) != -1)
+       while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:spuv")) != -1)
                switch (ch) {
                case 'C':
                        set_action(&action, ACTION_CONFIGALL);
@@ -230,6 +232,9 @@
                                p = params_combine(p, tp);
                        }
                        break;
+               case 'e':
+                       pflag = PFLAG_GETPASS_ECHO;
+                       break;
                case 'f':
                        if (cfile)
                                usage();
@@ -377,12 +382,17 @@
 maybe_getpass(char *prompt)
 {
        char     buf[1024];
-       char    *p = buf;
-       char    *tmp;
+       char    *p = NULL;
+       char    *tmp, *pass;
 
        switch (pflag) {
        case PFLAG_GETPASS:
-               p = getpass(prompt);
+               p = getpass_r(prompt, buf, sizeof(buf));
+               break;
+
+       case PFLAG_GETPASS_ECHO:
+               p = getpassfd(prompt, buf, sizeof(buf), NULL,
+                   GETPASS_ECHO|GETPASS_ECHO_NL|GETPASS_NEED_TTY, 0);
                break;
 
        case PFLAG_STDIN:
@@ -401,7 +411,10 @@
        if (!p)
                err(EXIT_FAILURE, "failed to read passphrase");
 
-       return estrdup(p);
+       pass = estrdup(p);
+       explicit_memset(buf, 0, sizeof(buf));
+
+       return pass;
 }
 
 /*ARGSUSED*/
@@ -422,7 +435,8 @@
        char             buf[1024];
        u_int8_t        *tmp;
 
-       snprintf(buf, sizeof(buf), "%s's passphrase:", target);
+       snprintf(buf, sizeof(buf), "%s's passphrase%s:", target,
+           pflag & PFLAG_GETPASS_ECHO ? " (echo)" : "");
        passp = maybe_getpass(buf);
        if (pkcs5_pbkdf2(&tmp, BITS2BYTES(keylen), (uint8_t *)passp,
            strlen(passp),
@@ -434,7 +448,7 @@
 
        ret = bits_new(tmp, keylen);
        kg->kg_key = bits_dup(ret);
-       memset(passp, 0, strlen(passp));
+       explicit_memset(passp, 0, strlen(passp));
        free(passp);
        free(tmp);
        return ret;
@@ -585,7 +599,9 @@
         * a password.
         */
 
-       for (kg = p->keygen; pflag == PFLAG_GETPASS && kg; kg = kg->next)
+       for (kg = p->keygen;
+           (pflag & PFLAG_GETPASS_MASK) && kg;
+           kg = kg->next)
                if ((kg->kg_method == KEYGEN_PKCS5_PBKDF2_SHA1) ||
                    (kg->kg_method == KEYGEN_PKCS5_PBKDF2_OLD )) {
                        loop = 1;

Prev by Date: [src/netbsd-8]: src/usr.bin/m4 Pull up following revision(s) (requested by kr...
Next by Date: [src/netbsd-8]: src/external/bsd/cron/dist Pull up following revision(s) (req...
Previous by Thread: [src/netbsd-8]: src/usr.bin/m4 Pull up following revision(s) (requested by kr...
Next by Thread: [src/netbsd-8]: src/external/bsd/cron/dist Pull up following revision(s) (req...
Indexes:

Home | Main Index | Thread Index | Old Index