oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT

Browse Source
This commit is contained in:
Luke Howard
2018-12-30 21:24:59 +11:00
committed by Nico Williams
parent 7e0ff63b38
commit 014f16883c
9 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
admin/add.c
View File

@@ -94,7 +94,8 @@ kt_add(struct add_options *opt, int argc, char **argv)
goto out; goto out;
} }
if(opt->password_string == NULL && opt->random_flag == 0) { if(opt->password_string == NULL && opt->random_flag == 0) {
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1)) { if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ",
UI_UTIL_FLAG_VERIFY)) {
ret = 1; ret = 1;
goto out; goto out;
} }

3
appl/otp/otp.c
View File

@@ -153,7 +153,8 @@ set (int argc, char **argv, OtpAlgorithm *alg, char *inuser)
strlcpy (ctx.seed, argv[1], sizeof(ctx.seed)); strlcpy (ctx.seed, argv[1], sizeof(ctx.seed));
strlwr(ctx.seed); strlwr(ctx.seed);
do { do {
if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 1)) if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ",
UI_UTIL_FLAG_VERIFY))
return 1; return 1;
if (strlen (pw) < OTP_MIN_PASSPHRASE) if (strlen (pw) < OTP_MIN_PASSPHRASE)
printf ("Too short pass-phrase. Use at least %d characters\n", printf ("Too short pass-phrase. Use at least %d characters\n",

4
kadmin/ank.c
View File

@@ -138,7 +138,9 @@ add_one_principal (const char *name,
krb5_set_error_message(context, ret, "out of memory"); krb5_set_error_message(context, ret, "out of memory");
goto out; goto out;
} }
ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), prompt, 1); ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), prompt,
UI_UTIL_FLAG_VERIFY |
UI_UTIL_FLAG_VERIFY_SILENT);
free (prompt); free (prompt);
if (ret) { if (ret) {
ret = KRB5_LIBOS_BADPWDMATCH; ret = KRB5_LIBOS_BADPWDMATCH;

4
kadmin/cpw.c
View File

@@ -98,7 +98,9 @@ set_password (krb5_principal principal, char *password, int keepold)
free (princ_name); free (princ_name);
if (aret == -1) if (aret == -1)
return ENOMEM; return ENOMEM;
ret = UI_UTIL_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1); ret = UI_UTIL_read_pw_string(pwbuf, sizeof(pwbuf), prompt,
UI_UTIL_FLAG_VERIFY |
UI_UTIL_FLAG_VERIFY_SILENT);
free (prompt); free (prompt);
if(ret){ if(ret){
return KRB5_LIBOS_BADPWDMATCH; return KRB5_LIBOS_BADPWDMATCH;

3
kadmin/stash.c
View File

@@ -99,7 +99,8 @@ stash(struct stash_options *opt, int argc, char **argv)
random_password (buf, sizeof(buf)); random_password (buf, sizeof(buf));
printf("Using random master stash password: %s\n", buf); printf("Using random master stash password: %s\n", buf);
} else { } else {
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) { if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ",
UI_UTIL_FLAG_VERIFY)) {
hdb_free_master_key(context, mkey); hdb_free_master_key(context, mkey);
return 0; return 0;
} }

3
kdc/kstash.c
View File

@@ -124,7 +124,8 @@ main(int argc, char **argv)
buf[strcspn(buf, "\r\n")] = '\0'; buf[strcspn(buf, "\r\n")] = '\0';
} else { } else {
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ",
UI_UTIL_FLAG_VERIFY))
exit(1); exit(1);
} }
krb5_string_to_key_salt(context, enctype, buf, salt, &key); krb5_string_to_key_salt(context, enctype, buf, salt, &key);

3
kpasswd/kpasswd.c
View File

@@ -83,7 +83,8 @@ change_password(krb5_context context,
if (aret == -1 || msg == NULL) if (aret == -1 || msg == NULL)
krb5_errx (context, 1, "out of memory"); krb5_errx (context, 1, "out of memory");
ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), msg, 1); ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), msg,
UI_UTIL_FLAG_VERIFY);
free(msg); free(msg);
if (name) if (name)
free(name); free(name);

8
lib/hcrypto/ui.c
View File

@@ -194,7 +194,7 @@ UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
if (ret) if (ret)
return ret; return ret;
if (verify) { if (verify & UI_UTIL_FLAG_VERIFY) {
char *buf2; char *buf2;
buf2 = malloc(length); buf2 = malloc(length);
if (buf2 == NULL) if (buf2 == NULL)
@@ -206,8 +206,10 @@ UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
return ret; return ret;
} }
if (strcmp(buf2, buf) != 0) { if (strcmp(buf2, buf) != 0) {
fprintf(stderr, "Verify failure\n"); if (!(verify & UI_UTIL_FLAG_VERIFY_SILENT)) {
fflush(stderr); fprintf(stderr, "Verify failure\n");
fflush(stderr);
}
ret = 1; ret = 1;
} }
free(buf2); free(buf2);

4
lib/hcrypto/ui.h
View File

@@ -39,6 +39,10 @@
/* symbol renaming */ /* symbol renaming */
#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string #define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string
/* OpenSSL API extensions */
#define UI_UTIL_FLAG_VERIFY 0x1 /* ask to verify password */
#define UI_UTIL_FLAG_VERIFY_SILENT 0x2 /* silence on verify failure */
int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */ int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
#endif /* _HEIM_UI_H */ #endif /* _HEIM_UI_H */