diff options
Diffstat (limited to 'readpass.c')
-rw-r--r-- | readpass.c | 46 |
1 files changed, 33 insertions, 13 deletions
diff --git a/readpass.c b/readpass.c index 974d67f0b..122d2a87c 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readpass.c,v 1.61 2020/01/23 07:10:22 dtucker Exp $ */ | 1 | /* $OpenBSD: readpass.c,v 1.63 2020/08/11 09:45:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -123,11 +123,26 @@ char * | |||
123 | read_passphrase(const char *prompt, int flags) | 123 | read_passphrase(const char *prompt, int flags) |
124 | { | 124 | { |
125 | char cr = '\r', *askpass = NULL, *ret, buf[1024]; | 125 | char cr = '\r', *askpass = NULL, *ret, buf[1024]; |
126 | int rppflags, use_askpass = 0, ttyfd; | 126 | int rppflags, ttyfd, use_askpass = 0, allow_askpass = 0; |
127 | const char *askpass_hint = NULL; | 127 | const char *askpass_hint = NULL; |
128 | const char *s; | ||
129 | |||
130 | if ((s = getenv("DISPLAY")) != NULL) | ||
131 | allow_askpass = *s != '\0'; | ||
132 | if ((s = getenv(SSH_ASKPASS_REQUIRE_ENV)) != NULL) { | ||
133 | if (strcasecmp(s, "force") == 0) { | ||
134 | use_askpass = 1; | ||
135 | allow_askpass = 1; | ||
136 | } else if (strcasecmp(s, "prefer") == 0) | ||
137 | use_askpass = allow_askpass; | ||
138 | else if (strcasecmp(s, "never") == 0) | ||
139 | allow_askpass = 0; | ||
140 | } | ||
128 | 141 | ||
129 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; | 142 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; |
130 | if (flags & RP_USE_ASKPASS) | 143 | if (use_askpass) |
144 | debug("%s: requested to askpass", __func__); | ||
145 | else if (flags & RP_USE_ASKPASS) | ||
131 | use_askpass = 1; | 146 | use_askpass = 1; |
132 | else if (flags & RP_ALLOW_STDIN) { | 147 | else if (flags & RP_ALLOW_STDIN) { |
133 | if (!isatty(STDIN_FILENO)) { | 148 | if (!isatty(STDIN_FILENO)) { |
@@ -153,10 +168,10 @@ read_passphrase(const char *prompt, int flags) | |||
153 | } | 168 | } |
154 | } | 169 | } |
155 | 170 | ||
156 | if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL) | 171 | if ((flags & RP_USE_ASKPASS) && !allow_askpass) |
157 | return (flags & RP_ALLOW_EOF) ? NULL : xstrdup(""); | 172 | return (flags & RP_ALLOW_EOF) ? NULL : xstrdup(""); |
158 | 173 | ||
159 | if (use_askpass && getenv("DISPLAY")) { | 174 | if (use_askpass && allow_askpass) { |
160 | if (getenv(SSH_ASKPASS_ENV)) | 175 | if (getenv(SSH_ASKPASS_ENV)) |
161 | askpass = getenv(SSH_ASKPASS_ENV); | 176 | askpass = getenv(SSH_ASKPASS_ENV); |
162 | else | 177 | else |
@@ -220,8 +235,8 @@ notify_start(int force_askpass, const char *fmt, ...) | |||
220 | int devnull; | 235 | int devnull; |
221 | pid_t pid; | 236 | pid_t pid; |
222 | void (*osigchld)(int); | 237 | void (*osigchld)(int); |
223 | const char *askpass; | 238 | const char *askpass, *s; |
224 | struct notifier_ctx *ret; | 239 | struct notifier_ctx *ret = NULL; |
225 | 240 | ||
226 | va_start(args, fmt); | 241 | va_start(args, fmt); |
227 | xvasprintf(&prompt, fmt, args); | 242 | xvasprintf(&prompt, fmt, args); |
@@ -233,15 +248,19 @@ notify_start(int force_askpass, const char *fmt, ...) | |||
233 | (void)write(STDERR_FILENO, "\r", 1); | 248 | (void)write(STDERR_FILENO, "\r", 1); |
234 | (void)write(STDERR_FILENO, prompt, strlen(prompt)); | 249 | (void)write(STDERR_FILENO, prompt, strlen(prompt)); |
235 | (void)write(STDERR_FILENO, "\r\n", 2); | 250 | (void)write(STDERR_FILENO, "\r\n", 2); |
236 | free(prompt); | 251 | goto out; |
237 | return NULL; | ||
238 | } | 252 | } |
239 | if ((askpass = getenv("SSH_ASKPASS")) == NULL) | 253 | if ((askpass = getenv("SSH_ASKPASS")) == NULL) |
240 | askpass = _PATH_SSH_ASKPASS_DEFAULT; | 254 | askpass = _PATH_SSH_ASKPASS_DEFAULT; |
241 | if (getenv("DISPLAY") == NULL || *askpass == '\0') { | 255 | if (*askpass == '\0') { |
242 | debug3("%s: cannot notify", __func__); | 256 | debug3("%s: cannot notify: no askpass", __func__); |
243 | free(prompt); | 257 | goto out; |
244 | return NULL; | 258 | } |
259 | if (getenv("DISPLAY") == NULL && | ||
260 | ((s = getenv(SSH_ASKPASS_REQUIRE_ENV)) == NULL || | ||
261 | strcmp(s, "force") != 0)) { | ||
262 | debug3("%s: cannot notify: no display", __func__); | ||
263 | goto out; | ||
245 | } | 264 | } |
246 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); | 265 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
247 | if ((pid = fork()) == -1) { | 266 | if ((pid = fork()) == -1) { |
@@ -269,6 +288,7 @@ notify_start(int force_askpass, const char *fmt, ...) | |||
269 | } | 288 | } |
270 | ret->pid = pid; | 289 | ret->pid = pid; |
271 | ret->osigchld = osigchld; | 290 | ret->osigchld = osigchld; |
291 | out: | ||
272 | free(prompt); | 292 | free(prompt); |
273 | return ret; | 293 | return ret; |
274 | } | 294 | } |