passwd readpassphrase

Ted Unangst Wed, 31 Aug 2016 03:14:06 -0700

The getpass function was in posix, but then it was removed. I'd like to stop
using it in base. We already have a superior replacement available,
readpassphrase. This diff converts passwd.


Index: local_passwd.c
===================================================================
RCS file: /cvs/src/usr.bin/passwd/local_passwd.c,v
retrieving revision 1.49
diff -u -p -r1.49 local_passwd.c
--- local_passwd.c      31 Aug 2016 10:06:41 -0000      1.49
+++ local_passwd.c      31 Aug 2016 10:12:06 -0000
@@ -44,6 +44,7 @@
 #include <unistd.h>
 #include <util.h>
 #include <login_cap.h>
+#include <readpassphrase.h>
 
 #define UNCHANGED_MSG  "Password unchanged."
 
@@ -151,9 +152,9 @@ char *
 getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated)
 {
        static char hash[_PASSWORD_LEN];
+       char newpass[_PASSWORD_LEN + 1];
        char *p, *pref;
        int tries, pwd_tries;
-       char buf[1024];
        sig_t saveint, savequit;
 
        saveint = signal(SIGINT, kbintr);
@@ -162,7 +163,10 @@ getnewpasswd(struct passwd *pw, login_ca
        if (!authenticated) {
                (void)printf("Changing password for %s.\n", pw->pw_name);
                if (uid != 0 && pw->pw_passwd[0] != '\0') {
-                       p = getpass("Old password:");
+                       char oldpass[_PASSWORD_LEN + 1];
+
+                       p = readpassphrase("Old password:", oldpass,
+                           sizeof(oldpass), RPP_ECHO_OFF);
                        if (p == NULL || *p == '\0') {
                                (void)printf("%s\n", UNCHANGED_MSG);
                                pw_abort();
@@ -177,8 +181,11 @@ getnewpasswd(struct passwd *pw, login_ca
 
        pwd_tries = pwd_gettries(lc);
 
-       for (buf[0] = '\0', tries = 0;;) {
-               p = getpass("New password:");
+       for (newpass[0] = '\0', tries = 0;;) {
+               char repeat[_PASSWORD_LEN + 1];
+
+               p = readpassphrase("New password:", newpass, sizeof(newpass),
+                   RPP_ECHO_OFF);
                if (p == NULL || *p == '\0') {
                        (void)printf("%s\n", UNCHANGED_MSG);
                        pw_abort();
@@ -192,9 +199,9 @@ getnewpasswd(struct passwd *pw, login_ca
                if ((tries++ < pwd_tries || pwd_tries == 0) &&
                    pwd_check(lc, p) == 0)
                        continue;
-               strlcpy(buf, p, sizeof(buf));
-               p = getpass("Retype new password:");
-               if (p != NULL && strcmp(buf, p) == 0)
+               p = readpassphrase("Retype new password:", repeat, 
sizeof(repeat),
+                   RPP_ECHO_OFF);
+               if (p != NULL && strcmp(newpass, p) == 0)
                        break;
                (void)printf("Mismatch; try again, EOF to quit.\n");
        }
@@ -203,7 +210,7 @@ getnewpasswd(struct passwd *pw, login_ca
        (void)signal(SIGQUIT, savequit);
 
        pref = login_getcapstr(lc, "localcipher", NULL, NULL);
-       if (crypt_newhash(buf, pref, hash, sizeof(hash)) != 0) {
+       if (crypt_newhash(newpass, pref, hash, sizeof(hash)) != 0) {
                (void)printf("Couldn't generate hash.\n");
                pw_error(NULL, 0, 0);
        }

passwd readpassphrase

Reply via email to