257 lines
6.8 KiB
C
257 lines
6.8 KiB
C
/* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
* contributor license agreements. See the NOTICE file distributed with
|
|
* this work for additional information regarding copyright ownership.
|
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
|
* (the "License"); you may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
/* apr_password_get.c: abstraction to provide for obtaining a password from the
|
|
* command line in whatever way the OS supports. In the best case, it's a
|
|
* wrapper for the system library's getpass() routine; otherwise, we
|
|
* use one we define ourselves.
|
|
*/
|
|
#include "apr_private.h"
|
|
#include "apr_strings.h"
|
|
#include "apr_lib.h"
|
|
#include "apr_errno.h"
|
|
#if APR_HAVE_SYS_TYPES_H
|
|
#include <sys/types.h>
|
|
#endif
|
|
#if APR_HAVE_ERRNO_H
|
|
#include <errno.h>
|
|
#endif
|
|
|
|
#if APR_HAVE_UNISTD_H
|
|
#include <unistd.h>
|
|
#endif
|
|
#if APR_HAVE_CONIO_H
|
|
#ifdef _MSC_VER
|
|
#pragma warning(disable: 4032)
|
|
#include <conio.h>
|
|
#pragma warning(default: 4032)
|
|
#else
|
|
#include <conio.h>
|
|
#endif
|
|
#endif
|
|
#if APR_HAVE_STDLIB_H
|
|
#include <stdlib.h>
|
|
#endif
|
|
#if APR_HAVE_STRING_H
|
|
#include <string.h>
|
|
#endif
|
|
#if APR_HAVE_STRINGS_H
|
|
#include <strings.h>
|
|
#endif
|
|
#if APR_HAVE_STDIO_H
|
|
#include <stdio.h>
|
|
#endif
|
|
|
|
/* Disable getpass() support when PASS_MAX is defined and is "small",
|
|
* for an arbitrary definition of "small".
|
|
* HP-UX truncates passwords (PR49496) so we disable getpass() for
|
|
* this platform too.
|
|
*/
|
|
#if defined(HAVE_GETPASS) && \
|
|
(defined(PASS_MAX) && PASS_MAX < 32) || defined(__hpux) || defined(__hpux__)
|
|
#undef HAVE_GETPASS
|
|
#endif
|
|
|
|
#if defined(HAVE_TERMIOS_H) && !defined(HAVE_GETPASS)
|
|
#include <termios.h>
|
|
#endif
|
|
|
|
#if !APR_CHARSET_EBCDIC
|
|
#define LF 10
|
|
#define CR 13
|
|
#else /* APR_CHARSET_EBCDIC */
|
|
#define LF '\n'
|
|
#define CR '\r'
|
|
#endif /* APR_CHARSET_EBCDIC */
|
|
|
|
#define MAX_STRING_LEN 256
|
|
|
|
#define ERR_OVERFLOW 5
|
|
|
|
#if !defined(HAVE_GETPASS) && !defined(HAVE_GETPASSPHRASE) && !defined(HAVE_GETPASS_R)
|
|
|
|
/* MPE, Win32, and BeOS all lack a native getpass() */
|
|
|
|
#if !defined(HAVE_TERMIOS_H) && !defined(WIN32)
|
|
/*
|
|
* MPE lacks getpass() and a way to suppress stdin echo. So for now, just
|
|
* issue the prompt and read the results with echo. (Ugh).
|
|
*/
|
|
|
|
static char *get_password(const char *prompt)
|
|
{
|
|
static char password[MAX_STRING_LEN];
|
|
|
|
fputs(prompt, stderr);
|
|
fgets((char *) &password, sizeof(password), stdin);
|
|
|
|
return (char *) &password;
|
|
}
|
|
|
|
#elif defined(WIN32)
|
|
|
|
/*
|
|
* Windows lacks getpass(). So we'll re-implement it here.
|
|
*/
|
|
|
|
static char *get_password(const char *prompt)
|
|
{
|
|
/* WCE lacks console. So the getpass is unsuported
|
|
* The only way is to use the GUI so the getpass should be implemented
|
|
* on per-application basis.
|
|
*/
|
|
#ifdef _WIN32_WCE
|
|
return NULL;
|
|
#else
|
|
static char password[128];
|
|
int n = 0;
|
|
int ch;
|
|
|
|
fputs(prompt, stderr);
|
|
|
|
while ((ch = _getch()) != '\r') {
|
|
if (ch == EOF) /* EOF */ {
|
|
fputs("[EOF]\n", stderr);
|
|
return NULL;
|
|
}
|
|
else if (ch == 0 || ch == 0xE0) {
|
|
/* FN Keys (0 or E0) are a sentinal for a FN code */
|
|
ch = (ch << 4) | _getch();
|
|
/* Catch {DELETE}, {<--}, Num{DEL} and Num{<--} */
|
|
if ((ch == 0xE53 || ch == 0xE4B || ch == 0x053 || ch == 0x04b) && n) {
|
|
password[--n] = '\0';
|
|
fputs("\b \b", stderr);
|
|
}
|
|
else {
|
|
fputc('\a', stderr);
|
|
}
|
|
}
|
|
else if ((ch == '\b' || ch == 127) && n) /* BS/DEL */ {
|
|
password[--n] = '\0';
|
|
fputs("\b \b", stderr);
|
|
}
|
|
else if (ch == 3) /* CTRL+C */ {
|
|
/* _getch() bypasses Ctrl+C but not Ctrl+Break detection! */
|
|
fputs("^C\n", stderr);
|
|
exit(-1);
|
|
}
|
|
else if (ch == 26) /* CTRL+Z */ {
|
|
fputs("^Z\n", stderr);
|
|
return NULL;
|
|
}
|
|
else if (ch == 27) /* ESC */ {
|
|
fputc('\n', stderr);
|
|
fputs(prompt, stderr);
|
|
n = 0;
|
|
}
|
|
else if ((n < sizeof(password) - 1) && !apr_iscntrl(ch)) {
|
|
password[n++] = ch;
|
|
fputc('*', stderr);
|
|
}
|
|
else {
|
|
fputc('\a', stderr);
|
|
}
|
|
}
|
|
|
|
fputc('\n', stderr);
|
|
password[n] = '\0';
|
|
return password;
|
|
#endif
|
|
}
|
|
|
|
#elif defined (HAVE_TERMIOS_H)
|
|
|
|
static char *get_password(const char *prompt)
|
|
{
|
|
struct termios attr;
|
|
static char password[MAX_STRING_LEN];
|
|
int n=0;
|
|
fputs(prompt, stderr);
|
|
fflush(stderr);
|
|
|
|
if (tcgetattr(STDIN_FILENO, &attr) != 0)
|
|
return NULL;
|
|
attr.c_lflag &= ~(ECHO);
|
|
|
|
if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &attr) != 0)
|
|
return NULL;
|
|
while ((password[n] = getchar()) != '\n') {
|
|
if (n < sizeof(password) - 1 && password[n] >= ' ' && password[n] <= '~') {
|
|
n++;
|
|
} else {
|
|
fprintf(stderr,"\n");
|
|
fputs(prompt, stderr);
|
|
fflush(stderr);
|
|
n = 0;
|
|
}
|
|
}
|
|
|
|
password[n] = '\0';
|
|
printf("\n");
|
|
if (n > (MAX_STRING_LEN - 1)) {
|
|
password[MAX_STRING_LEN - 1] = '\0';
|
|
}
|
|
|
|
attr.c_lflag |= ECHO;
|
|
tcsetattr(STDIN_FILENO, TCSANOW, &attr);
|
|
return (char*) &password;
|
|
}
|
|
|
|
#endif /* no getchar or _getch */
|
|
|
|
#endif /* no getpass or getpassphrase or getpass_r */
|
|
|
|
/*
|
|
* Use the OS getpass() routine (or our own) to obtain a password from
|
|
* the input stream.
|
|
*
|
|
* Exit values:
|
|
* 0: Success
|
|
* 5: Partial success; entered text truncated to the size of the
|
|
* destination buffer
|
|
*
|
|
* Restrictions: Truncation also occurs according to the host system's
|
|
* getpass() semantics, or at position 255 if our own version is used,
|
|
* but the caller is *not* made aware of it unless their own buffer is
|
|
* smaller than our own.
|
|
*/
|
|
|
|
APR_DECLARE(apr_status_t) apr_password_get(const char *prompt, char *pwbuf, apr_size_t *bufsiz)
|
|
{
|
|
apr_status_t rv = APR_SUCCESS;
|
|
#if defined(HAVE_GETPASS_R)
|
|
if (getpass_r(prompt, pwbuf, *bufsiz) == NULL)
|
|
return APR_EINVAL;
|
|
#else
|
|
#if defined(HAVE_GETPASSPHRASE)
|
|
char *pw_got = getpassphrase(prompt);
|
|
#elif defined(HAVE_GETPASS)
|
|
char *pw_got = getpass(prompt);
|
|
#else /* use the replacement implementation above */
|
|
char *pw_got = get_password(prompt);
|
|
#endif
|
|
|
|
if (!pw_got)
|
|
return APR_EINVAL;
|
|
if (strlen(pw_got) >= *bufsiz) {
|
|
rv = APR_ENAMETOOLONG;
|
|
}
|
|
apr_cpystrn(pwbuf, pw_got, *bufsiz);
|
|
memset(pw_got, 0, strlen(pw_got));
|
|
#endif /* HAVE_GETPASS_R */
|
|
return rv;
|
|
}
|