Module Name: src Committed By: alnsn Date: Wed May 9 18:11:56 UTC 2018
Modified Files: src/sbin/cgdconfig: cgdconfig.8 cgdconfig.c Log Message: Add '-e' option (echo the passphrase) and wipe the passphrase after use. XXX Using memset for wiping isn't a good idea because memset is likely optimised away by gcc. This should be revisited. To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 src/sbin/cgdconfig/cgdconfig.8 cvs rdiff -u -r1.45 -r1.46 src/sbin/cgdconfig/cgdconfig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sbin/cgdconfig/cgdconfig.8 diff -u src/sbin/cgdconfig/cgdconfig.8:1.38 src/sbin/cgdconfig/cgdconfig.8:1.39 --- src/sbin/cgdconfig/cgdconfig.8:1.38 Wed May 9 17:35:03 2018 +++ src/sbin/cgdconfig/cgdconfig.8 Wed May 9 18:11:56 2018 @@ -1,4 +1,4 @@ -.\" $NetBSD: cgdconfig.8,v 1.38 2018/05/09 17:35:03 wiz Exp $ +.\" $NetBSD: cgdconfig.8,v 1.39 2018/05/09 18:11:56 alnsn Exp $ .\" .\" Copyright (c) 2002, The NetBSD Foundation, Inc. .\" All rights reserved. @@ -35,17 +35,17 @@ .Nd configuration utility for the cryptographic disk driver .Sh SYNOPSIS .Nm -.Op Fl npv +.Op Fl enpv .Op Fl V Ar vmeth .Ar cgd dev .Op Ar paramsfile .Nm .Fl C -.Op Fl npv +.Op Fl enpv .Op Fl f Ar configfile .Nm .Fl G -.Op Fl npv +.Op Fl enpv .Op Fl i Ar ivmeth .Op Fl k Ar kgmeth .Op Fl o Ar outfile @@ -89,6 +89,8 @@ The options are as follows: .Bl -tag -width configfilexxxx .It Fl C Configure all the devices listed in the cgd configuration file. +.It Fl e +Echo the passphase. .It Fl f Ar configfile Specify the configuration file explicitly, rather than using the default configuration file Index: src/sbin/cgdconfig/cgdconfig.c diff -u src/sbin/cgdconfig/cgdconfig.c:1.45 src/sbin/cgdconfig/cgdconfig.c:1.46 --- src/sbin/cgdconfig/cgdconfig.c:1.45 Wed May 9 14:27:41 2018 +++ src/sbin/cgdconfig/cgdconfig.c Wed May 9 18:11:56 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: cgdconfig.c,v 1.45 2018/05/09 14:27:41 kre Exp $ */ +/* $NetBSD: cgdconfig.c,v 1.46 2018/05/09 18:11:56 alnsn Exp $ */ /*- * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #ifndef lint __COPYRIGHT("@(#) Copyright (c) 2002, 2003\ The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: cgdconfig.c,v 1.45 2018/05/09 14:27:41 kre Exp $"); +__RCSID("$NetBSD: cgdconfig.c,v 1.46 2018/05/09 18:11:56 alnsn Exp $"); #endif #include <err.h> @@ -89,8 +89,10 @@ int nflag = 0; /* if pflag is set to PFLAG_STDIN read from stdin rather than getpass(3) */ -#define PFLAG_GETPASS 0x01 -#define PFLAG_STDIN 0x02 +#define PFLAG_GETPASS 0x01 +#define PFLAG_GETPASS_ECHO 0x02 +#define PFLAG_GETPASS_MASK 0x03 +#define PFLAG_STDIN 0x04 int pflag = PFLAG_GETPASS; static int configure(int, char **, struct params *, int); @@ -136,11 +138,11 @@ static void usage(void) { - (void)fprintf(stderr, "usage: %s [-npv] [-V vmeth] cgd dev " + (void)fprintf(stderr, "usage: %s [-enpv] [-V vmeth] cgd dev " "[paramsfile]\n", getprogname()); - (void)fprintf(stderr, " %s -C [-npv] [-f configfile]\n", + (void)fprintf(stderr, " %s -C [-enpv] [-f configfile]\n", getprogname()); - (void)fprintf(stderr, " %s -G [-npv] [-i ivmeth] [-k kgmeth] " + (void)fprintf(stderr, " %s -G [-enpv] [-i ivmeth] [-k kgmeth] " "[-o outfile] paramsfile\n", getprogname()); (void)fprintf(stderr, " %s -g [-nv] [-i ivmeth] [-k kgmeth] " "[-o outfile] alg [keylen]\n", getprogname()); @@ -201,7 +203,7 @@ main(int argc, char **argv) p = params_new(); kg = NULL; - while ((ch = getopt(argc, argv, "CGUV:b:f:gi:k:lno:spuv")) != -1) + while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:spuv")) != -1) switch (ch) { case 'C': set_action(&action, ACTION_CONFIGALL); @@ -230,6 +232,9 @@ main(int argc, char **argv) p = params_combine(p, tp); } break; + case 'e': + pflag = PFLAG_GETPASS_ECHO; + break; case 'f': if (cfile) usage(); @@ -377,12 +382,17 @@ static char * maybe_getpass(char *prompt) { char buf[1024]; - char *p = buf; - char *tmp; + char *p = NULL; + char *tmp, *pass; switch (pflag) { case PFLAG_GETPASS: - p = getpass(prompt); + p = getpass_r(prompt, buf, sizeof(buf)); + break; + + case PFLAG_GETPASS_ECHO: + p = getpassfd(prompt, buf, sizeof(buf), NULL, + GETPASS_ECHO|GETPASS_ECHO_NL|GETPASS_NEED_TTY, 0); break; case PFLAG_STDIN: @@ -401,7 +411,10 @@ maybe_getpass(char *prompt) if (!p) err(EXIT_FAILURE, "failed to read passphrase"); - return estrdup(p); + pass = estrdup(p); + memset(buf, 0, sizeof(buf)); + + return pass; } /*ARGSUSED*/ @@ -422,7 +435,8 @@ getkey_pkcs5_pbkdf2(const char *target, char buf[1024]; u_int8_t *tmp; - snprintf(buf, sizeof(buf), "%s's passphrase:", target); + snprintf(buf, sizeof(buf), "%s's passphrase%s:", target, + pflag & PFLAG_GETPASS_ECHO ? " (echo)" : ""); passp = maybe_getpass(buf); if (pkcs5_pbkdf2(&tmp, BITS2BYTES(keylen), (uint8_t *)passp, strlen(passp),