Programs such as OpenVPN may use ask-password for not only retrieving passwords, but also usernames. Masking usernames with * seems just silly.
v2 - Don't mess with termios flags, instead print the input instead of an asterix. Resolves issues with backspace and TAB input. v3 - Renamed 'do_echo' variables and argument to 'echo'. Also modified the ask_password_{tty,agent,auto} API instead of additional wrapper functions. --- man/systemd-ask-password.xml | 9 +++++++++ src/ask-password/ask-password.c | 12 ++++++++++-- src/cryptsetup/cryptsetup.c | 4 ++-- src/firstboot/firstboot.c | 4 ++-- src/shared/ask-password-api.c | 12 ++++++++---- src/shared/ask-password-api.h | 6 +++--- src/tty-ask-password-agent/tty-ask-password-agent.c | 5 +++-- 7 files changed, 37 insertions(+), 15 deletions(-) diff --git a/man/systemd-ask-password.xml b/man/systemd-ask-password.xml index ce0ac3d..bfe646f 100644 --- a/man/systemd-ask-password.xml +++ b/man/systemd-ask-password.xml @@ -127,6 +127,15 @@ </varlistentry> <varlistentry> + <term><option>--echo</option></term> + + <listitem><para>Echo the user input + instead of masking it. This is useful + when using systemd-ask-password to + query for usernames.</para></listitem> + </varlistentry> + + <varlistentry> <term><option>--no-tty</option></term> <listitem><para>Never ask for password diff --git a/src/ask-password/ask-password.c b/src/ask-password/ask-password.c index 5c37cff..54acace 100644 --- a/src/ask-password/ask-password.c +++ b/src/ask-password/ask-password.c @@ -45,6 +45,7 @@ static const char *arg_icon = NULL; static const char *arg_id = NULL; static const char *arg_message = NULL; +static bool arg_echo = false; static bool arg_use_tty = true; static usec_t arg_timeout = DEFAULT_TIMEOUT_USEC; static bool arg_accept_cached = false; @@ -56,6 +57,7 @@ static void help(void) { " -h --help Show this help\n" " --icon=NAME Icon name\n" " --timeout=SEC Timeout in sec\n" + " --echo Do not mask the user input. Used when asking for usernames\n" " --no-tty Ask question via agent even on TTY\n" " --accept-cached Accept cached passwords\n" " --multiple List multiple passwords if available\n" @@ -68,6 +70,7 @@ static int parse_argv(int argc, char *argv[]) { enum { ARG_ICON = 0x100, ARG_TIMEOUT, + ARG_ECHO, ARG_NO_TTY, ARG_ACCEPT_CACHED, ARG_MULTIPLE, @@ -78,6 +81,7 @@ static int parse_argv(int argc, char *argv[]) { { "help", no_argument, NULL, 'h' }, { "icon", required_argument, NULL, ARG_ICON }, { "timeout", required_argument, NULL, ARG_TIMEOUT }, + { "echo", no_argument, NULL, ARG_ECHO }, { "no-tty", no_argument, NULL, ARG_NO_TTY }, { "accept-cached", no_argument, NULL, ARG_ACCEPT_CACHED }, { "multiple", no_argument, NULL, ARG_MULTIPLE }, @@ -109,6 +113,10 @@ static int parse_argv(int argc, char *argv[]) { } break; + case ARG_ECHO: + arg_echo = true; + break; + case ARG_NO_TTY: arg_use_tty = false; break; @@ -160,7 +168,7 @@ int main(int argc, char *argv[]) { if (arg_use_tty && isatty(STDIN_FILENO)) { char *password = NULL; - if ((r = ask_password_tty(arg_message, timeout, NULL, &password)) >= 0) { + if ((r = ask_password_tty(arg_message, timeout, arg_echo, NULL, &password)) >= 0) { puts(password); free(password); } @@ -168,7 +176,7 @@ int main(int argc, char *argv[]) { } else { char **l; - if ((r = ask_password_agent(arg_message, arg_icon, arg_id, timeout, arg_accept_cached, &l)) >= 0) { + if ((r = ask_password_agent(arg_message, arg_icon, arg_id, timeout, arg_echo, arg_accept_cached, &l)) >= 0) { char **p; STRV_FOREACH(p, l) { diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 94570eb..ed4866e 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -279,7 +279,7 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char id = strappenda("cryptsetup:", escaped_name); - r = ask_password_auto(text, "drive-harddisk", id, until, accept_cached, passwords); + r = ask_password_auto(text, "drive-harddisk", id, until, false, accept_cached, passwords); if (r < 0) { log_error("Failed to query password: %s", strerror(-r)); return r; @@ -295,7 +295,7 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char id = strappenda("cryptsetup-verification:", escaped_name); - r = ask_password_auto(text, "drive-harddisk", id, until, false, &passwords2); + r = ask_password_auto(text, "drive-harddisk", id, until, false, false, &passwords2); if (r < 0) { log_error("Failed to query verification password: %s", strerror(-r)); return r; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index f586c2e..6b0d2fc 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -491,7 +491,7 @@ static int prompt_root_password(void) { for (;;) { _cleanup_free_ char *a = NULL, *b = NULL; - r = ask_password_tty(msg1, 0, NULL, &a); + r = ask_password_tty(msg1, 0, false, NULL, &a); if (r < 0) { log_error("Failed to query root password: %s", strerror(-r)); return r; @@ -502,7 +502,7 @@ static int prompt_root_password(void) { break; } - r = ask_password_tty(msg2, 0, NULL, &b); + r = ask_password_tty(msg2, 0, false, NULL, &b); if (r < 0) { log_error("Failed to query root password: %s", strerror(-r)); clear_string(a); diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 8d03f4a..123f8d9 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -52,6 +52,7 @@ static void backspace_chars(int ttyfd, size_t p) { int ask_password_tty( const char *message, usec_t until, + bool echo, const char *flag_file, char **_passphrase) { @@ -218,7 +219,7 @@ int ask_password_tty( passphrase[p++] = c; if (!silent_mode && ttyfd >= 0) - loop_write(ttyfd, "*", 1, false); + loop_write(ttyfd, (echo ? passphrase+(p-1) : "*"), 1, false); dirty = true; } @@ -300,6 +301,7 @@ int ask_password_agent( const char *icon, const char *id, usec_t until, + bool echo, bool accept_cached, char ***_passphrases) { @@ -362,10 +364,12 @@ int ask_password_agent( "PID="PID_FMT"\n" "Socket=%s\n" "AcceptCached=%i\n" + "Echo=%i\n" "NotAfter="USEC_FMT"\n", getpid(), socket_name, accept_cached ? 1 : 0, + echo ? 1 : 0, until); if (message) @@ -542,7 +546,7 @@ finish: } int ask_password_auto(const char *message, const char *icon, const char *id, - usec_t until, bool accept_cached, char ***_passphrases) { + usec_t until, bool echo, bool accept_cached, char ***_passphrases) { assert(message); assert(_passphrases); @@ -550,7 +554,7 @@ int ask_password_auto(const char *message, const char *icon, const char *id, int r; char *s = NULL, **l = NULL; - r = ask_password_tty(message, until, NULL, &s); + r = ask_password_tty(message, until, false, NULL, &s); if (r < 0) return r; @@ -561,5 +565,5 @@ int ask_password_auto(const char *message, const char *icon, const char *id, *_passphrases = l; return r; } else - return ask_password_agent(message, icon, id, until, accept_cached, _passphrases); + return ask_password_agent(message, icon, id, until, echo, accept_cached, _passphrases); } diff --git a/src/shared/ask-password-api.h b/src/shared/ask-password-api.h index 3839a2d..3541253 100644 --- a/src/shared/ask-password-api.h +++ b/src/shared/ask-password-api.h @@ -23,10 +23,10 @@ #include "util.h" -int ask_password_tty(const char *message, usec_t until, const char *flag_file, char **_passphrase); +int ask_password_tty(const char *message, usec_t until, bool echo, const char *flag_file, char **_passphrase); int ask_password_agent(const char *message, const char *icon, const char *id, - usec_t until, bool accept_cached, char ***_passphrases); + usec_t until, bool echo, bool accept_cached, char ***_passphrases); int ask_password_auto(const char *message, const char *icon, const char *id, - usec_t until, bool accept_cached, char ***_passphrases); + usec_t until, bool echo, bool accept_cached, char ***_passphrases); diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index e7cbde2..e6dc84b 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -214,7 +214,7 @@ static int parse_password(const char *filename, char **wall) { _cleanup_free_ char *socket_name = NULL, *message = NULL, *packet = NULL; uint64_t not_after = 0; unsigned pid = 0; - bool accept_cached = false; + bool accept_cached = false, echo = false; const ConfigTableItem items[] = { { "Ask", "Socket", config_parse_string, 0, &socket_name }, @@ -222,6 +222,7 @@ static int parse_password(const char *filename, char **wall) { { "Ask", "Message", config_parse_string, 0, &message }, { "Ask", "PID", config_parse_unsigned, 0, &pid }, { "Ask", "AcceptCached", config_parse_bool, 0, &accept_cached }, + { "Ask", "Echo", config_parse_bool, 0, &echo }, {} }; @@ -314,7 +315,7 @@ static int parse_password(const char *filename, char **wall) { return tty_fd; } - r = ask_password_tty(message, not_after, filename, &password); + r = ask_password_tty(message, not_after, echo, filename, &password); if (arg_console) { safe_close(tty_fd); -- 1.8.3.1 _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel