cgdconfig

Alexander Nasonov Wed, 09 May 2018 11:12:41 -0700

Module Name:    src
Committed By:   alnsn
Date:           Wed May  9 18:11:56 UTC 2018


Modified Files:
        src/sbin/cgdconfig: cgdconfig.8 cgdconfig.c

Log Message:
Add '-e' option (echo the passphrase) and wipe the passphrase after use.

XXX Using memset for wiping isn't a good idea because memset is likely
optimised away by gcc. This should be revisited.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 src/sbin/cgdconfig/cgdconfig.8
cvs rdiff -u -r1.45 -r1.46 src/sbin/cgdconfig/cgdconfig.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sbin/cgdconfig/cgdconfig.8
diff -u src/sbin/cgdconfig/cgdconfig.8:1.38 src/sbin/cgdconfig/cgdconfig.8:1.39
--- src/sbin/cgdconfig/cgdconfig.8:1.38	Wed May  9 17:35:03 2018
+++ src/sbin/cgdconfig/cgdconfig.8	Wed May  9 18:11:56 2018
@@ -1,4 +1,4 @@
-.\" $NetBSD: cgdconfig.8,v 1.38 2018/05/09 17:35:03 wiz Exp $
+.\" $NetBSD: cgdconfig.8,v 1.39 2018/05/09 18:11:56 alnsn Exp $
 .\"
 .\" Copyright (c) 2002, The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -35,17 +35,17 @@
 .Nd configuration utility for the cryptographic disk driver
 .Sh SYNOPSIS
 .Nm
-.Op Fl npv
+.Op Fl enpv
 .Op Fl V Ar vmeth
 .Ar cgd dev
 .Op Ar paramsfile
 .Nm
 .Fl C
-.Op Fl npv
+.Op Fl enpv
 .Op Fl f Ar configfile
 .Nm
 .Fl G
-.Op Fl npv
+.Op Fl enpv
 .Op Fl i Ar ivmeth
 .Op Fl k Ar kgmeth
 .Op Fl o Ar outfile
@@ -89,6 +89,8 @@ The options are as follows:
 .Bl -tag -width configfilexxxx
 .It Fl C
 Configure all the devices listed in the cgd configuration file.
+.It Fl e
+Echo the passphase.
 .It Fl f Ar configfile
 Specify the configuration file explicitly, rather than using the default
 configuration file

Index: src/sbin/cgdconfig/cgdconfig.c
diff -u src/sbin/cgdconfig/cgdconfig.c:1.45 src/sbin/cgdconfig/cgdconfig.c:1.46
--- src/sbin/cgdconfig/cgdconfig.c:1.45	Wed May  9 14:27:41 2018
+++ src/sbin/cgdconfig/cgdconfig.c	Wed May  9 18:11:56 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: cgdconfig.c,v 1.45 2018/05/09 14:27:41 kre Exp $ */
+/* $NetBSD: cgdconfig.c,v 1.46 2018/05/09 18:11:56 alnsn Exp $ */
 
 /*-
  * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 2002, 2003\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: cgdconfig.c,v 1.45 2018/05/09 14:27:41 kre Exp $");
+__RCSID("$NetBSD: cgdconfig.c,v 1.46 2018/05/09 18:11:56 alnsn Exp $");
 #endif
 
 #include <err.h>
@@ -89,8 +89,10 @@ int	nflag = 0;
 
 /* if pflag is set to PFLAG_STDIN read from stdin rather than getpass(3) */
 
-#define	PFLAG_GETPASS	0x01
-#define	PFLAG_STDIN	0x02
+#define	PFLAG_GETPASS		0x01
+#define	PFLAG_GETPASS_ECHO	0x02
+#define	PFLAG_GETPASS_MASK	0x03
+#define	PFLAG_STDIN		0x04
 int	pflag = PFLAG_GETPASS;
 
 static int	configure(int, char **, struct params *, int);
@@ -136,11 +138,11 @@ static void
 usage(void)
 {
 
-	(void)fprintf(stderr, "usage: %s [-npv] [-V vmeth] cgd dev "
+	(void)fprintf(stderr, "usage: %s [-enpv] [-V vmeth] cgd dev "
 	    "[paramsfile]\n", getprogname());
-	(void)fprintf(stderr, "       %s -C [-npv] [-f configfile]\n",
+	(void)fprintf(stderr, "       %s -C [-enpv] [-f configfile]\n",
 	    getprogname());
-	(void)fprintf(stderr, "       %s -G [-npv] [-i ivmeth] [-k kgmeth] "
+	(void)fprintf(stderr, "       %s -G [-enpv] [-i ivmeth] [-k kgmeth] "
 	    "[-o outfile] paramsfile\n", getprogname());
 	(void)fprintf(stderr, "       %s -g [-nv] [-i ivmeth] [-k kgmeth] "
 	    "[-o outfile] alg [keylen]\n", getprogname());
@@ -201,7 +203,7 @@ main(int argc, char **argv)
 	p = params_new();
 	kg = NULL;
 
-	while ((ch = getopt(argc, argv, "CGUV:b:f:gi:k:lno:spuv")) != -1)
+	while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:spuv")) != -1)
 		switch (ch) {
 		case 'C':
 			set_action(&action, ACTION_CONFIGALL);
@@ -230,6 +232,9 @@ main(int argc, char **argv)
 				p = params_combine(p, tp);
 			}
 			break;
+		case 'e':
+			pflag = PFLAG_GETPASS_ECHO;
+			break;
 		case 'f':
 			if (cfile)
 				usage();
@@ -377,12 +382,17 @@ static char *
 maybe_getpass(char *prompt)
 {
 	char	 buf[1024];
-	char	*p = buf;
-	char	*tmp;
+	char	*p = NULL;
+	char	*tmp, *pass;
 
 	switch (pflag) {
 	case PFLAG_GETPASS:
-		p = getpass(prompt);
+		p = getpass_r(prompt, buf, sizeof(buf));
+		break;
+
+	case PFLAG_GETPASS_ECHO:
+		p = getpassfd(prompt, buf, sizeof(buf), NULL,
+		    GETPASS_ECHO|GETPASS_ECHO_NL|GETPASS_NEED_TTY, 0);
 		break;
 
 	case PFLAG_STDIN:
@@ -401,7 +411,10 @@ maybe_getpass(char *prompt)
 	if (!p)
 		err(EXIT_FAILURE, "failed to read passphrase");
 
-	return estrdup(p);
+	pass = estrdup(p);
+	memset(buf, 0, sizeof(buf));
+
+	return pass;
 }
 
 /*ARGSUSED*/
@@ -422,7 +435,8 @@ getkey_pkcs5_pbkdf2(const char *target, 
 	char		 buf[1024];
 	u_int8_t	*tmp;
 
-	snprintf(buf, sizeof(buf), "%s's passphrase:", target);
+	snprintf(buf, sizeof(buf), "%s's passphrase%s:", target,
+	    pflag & PFLAG_GETPASS_ECHO ? " (echo)" : "");
 	passp = maybe_getpass(buf);
 	if (pkcs5_pbkdf2(&tmp, BITS2BYTES(keylen), (uint8_t *)passp,
 	    strlen(passp),

CVS commit: src/sbin/cgdconfig

Reply via email to