[systemd-devel] crypto: to show stars or not to show them
Jan Engelhardt
jengelh at medozas.de
Sun Mar 27 14:52:11 PDT 2011
On Friday 2011-03-18 01:41, Lennart Poettering wrote:
>On Fri, 18.03.11 00:18, Jan Engelhardt (jengelh at medozas.de) wrote:
>
>> Meanwhile, I have two new suggestions.
>
>I have one too (or actually Kay came up with it), and I think you are
>going to like it:
>
>Start with showing input feedback as we currently do. If the user then
>presses TAB the stars disappear, and instead we show "(no echo)" or
>so. Then, the user can proceed with typing his password without
>asterisks.
>[...]
Incorporating Graham's suggestion to use BKSP instead:
The following changes since commit 65c9e467528daa438167853cc91d37bfcb875836:
tainted: don't check if /usr is a mount point, only if it's not already mounted at startup (2011-03-24 22:32:21 +0100)
are available in the git repository at:
git://dev.medozas.de/systemd master
Jan Engelhardt (1):
ask-password: provide a way to activate a silent prompt
src/ask-password-api.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
---
parent 65c9e467528daa438167853cc91d37bfcb875836 (v20-104-g65c9e46)
commit 4a7cc0d8c01dcbbaf50f04e33d43ef6b62a4f24e
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Fri Mar 18 00:18:50 2011 +0100
ask-password: provide a way to activate a silent prompt
Quoting Lennart:
"Start with showing input feedback as we currently do. If the user
then presses TAB the stars disappear, and instead we show "(no echo)"
or so. Then, the user can proceed with typing his password without
asterisks.
This should be strictly one way however: you can enter the no-echo
mode but not leave it anymore. For two reasons: so that people cannot
take over your machine and make visible what you explicitly wanted to
hide: the length of your password. And secondly, there might be weird
folks with Tabs in their passphrases (though they are probably going
through hell if they do), and by pressing TAB twice they thus have a
way to enter a single TAB."
---
src/ask-password-api.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/ask-password-api.c b/src/ask-password-api.c
index 9c3dad9..8c958e5 100644
--- a/src/ask-password-api.c
+++ b/src/ask-password-api.c
@@ -18,7 +18,7 @@
You should have received a copy of the GNU General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-
+#include <stdbool.h>
#include <termios.h>
#include <unistd.h>
#include <sys/poll.h>
@@ -48,6 +48,7 @@ int ask_password_tty(
int r, ttyfd = -1, notify = -1;
struct pollfd pollfd[2];
bool reset_tty = false;
+ bool silent_mode = false;
enum {
POLL_TTY,
POLL_INOTIFY
@@ -156,7 +157,6 @@ int ask_password_tty(
if (c == '\n')
break;
else if (c == 21) {
-
while (p > 0) {
p--;
@@ -165,7 +165,10 @@ int ask_password_tty(
}
} else if (c == '\b' || c == 127) {
- if (p > 0) {
+ if (p == 0 && !silent_mode) {
+ silent_mode = true;
+ loop_write(ttyfd, "(no echo) ", 10, false);
+ } else if (p > 0) {
p--;
if (ttyfd >= 0)
@@ -174,7 +177,7 @@ int ask_password_tty(
} else {
passphrase[p++] = c;
- if (ttyfd >= 0)
+ if (!silent_mode && ttyfd >= 0)
loop_write(ttyfd, "*", 1, false);
}
}
--
# Created with git-export-patch
More information about the systemd-devel
mailing list