DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
Files
f3a02b5d2d48005be87ee82ca16615ac14f86cb2
fwknop/client/getpasswd.c
Michael Rash bfdbb8f260 Updated authorship and copyright information 
This commit updates all authorship and copyright information to include a
standard header that references the AUTHORS and CREDITS file. This standard
header was written by the Debian legal team at the request of Franck Joncourt.
2014-03-04 17:53:10 -05:00

297 lines
8.5 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
*****************************************************************************
*
* File: getpasswd.c
*
* Purpose: Routines for obtaining a password from a user.
*
* Fwknop is developed primarily by the people listed in the file 'AUTHORS'.
* Copyright (C) 20092014 fwknop developers and contributors. For a full
* list of contributors, see the file 'CREDITS'.
*
* License (GNU General Public License):
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
*
*****************************************************************************
*/
#include <stdio.h>
#include <signal.h>
#ifdef WIN32
#include <conio.h>
#else
#include <termios.h>
#endif
#include "fwknop_common.h"
#include "getpasswd.h"
#include "utils.h"
#define PW_BUFSIZE 128 /*!< Maximum number of chars an encryption key or a password can contain */
#define PW_BREAK_CHAR 0x03 /*!< Ascii code for the Ctrl-C char */
#define PW_BS_CHAR 0x08 /*!< Ascii code for the backspace char */
#define PW_LF_CHAR 0x0A /*!< Ascii code for the \n char */
#define PW_CR_CHAR 0x0D /*!< Ascii code for the \r char */
#define PW_CLEAR_CHAR 0x15 /*!< Ascii code for the Ctrl-U char */
#define ARRAY_FIRST_ELT_ADR(t) &((t)[0]) /*!< Macro to get the first element of an array */
#define ARRAY_LAST_ELT_ADR(t) &((t)[sizeof(t)-1]) /*!< Macro to get the last element of an array */
/**
* @brief Read a password from a stream object
*
* @param stream Pointer to a FILE object that identifies an input stream.
*
* @return The password buffer or NULL if not set
*/
static char *
read_passwd_from_stream(FILE *stream)
{
static char password[PW_BUFSIZE] = {0};
int c;
char *ptr;
ptr = ARRAY_FIRST_ELT_ADR(password);
if(stream == NULL)
return password;
#ifdef WIN32
while((c = _getch()) != PW_CR_CHAR)
#else
while( ((c = getc(stream)) != EOF) && (c != PW_LF_CHAR) && (c != PW_BREAK_CHAR) )
#endif
{
/* Handle a backspace without backing up too far. */
if (c == PW_BS_CHAR)
{
if (ptr != ARRAY_FIRST_ELT_ADR(password))
ptr--;
}
/* Handle a Ctrl-U to clear the password entry and start over */
else if (c == PW_CLEAR_CHAR)
ptr = ARRAY_FIRST_ELT_ADR(password);
/* Fill in the password buffer until it reaches the last -1 char.
* The last char is used to NULL terminate the string. */
else if (ptr < ARRAY_LAST_ELT_ADR(password))
{
*ptr++ = c;
}
/* Discard char */
else;
}
/* A CTRL-C char has been detected, we discard the password */
if (c == PW_BREAK_CHAR)
password[0] = '\0';
/* Otherwise we NULL terminate the string here. Overflows are handled
* previously, so we can add the char without worrying */
else
*ptr = '\0';
return password;
}
/**
* @brief Function for accepting password input from users
*
* The functions reads chars from a buffered stream and store them in a buffer of
* chars. If a file descriptor is supplied then, the password is read from
* the associated stream, otherwise a new buffered stream is created and a
* prompt is displayed to the user.
*
* @param prompt String displayed on the terminal to prompt the user for a
* password or an encryption key
* @param fd File descriptor to use to read the pasword from. If fd is set
* to FD_INVALID, then a new stream is opened.
*
* @return NULL if a problem occured or the user killed the terminal (Ctrl-C)\n
* otherwise the password - empty password is accepted.
*/
char*
getpasswd(const char *prompt, int fd)
{
char *ptr = NULL;
FILE *fp = NULL;
#ifndef WIN32
sigset_t sig, old_sig;
struct termios ts;
tcflag_t old_c_lflag = 0;
#else
/* Force stdin on windows. */
fd = 0;
#endif
/* If a valid file descriptor is supplied, we try to open a stream from it */
if (FD_IS_VALID(fd))
{
fp = fdopen(fd, "r");
if (fp == NULL)
{
log_msg(LOG_VERBOSITY_ERROR, "getpasswd() - "
"Unable to create a stream from the file descriptor : %s",
strerror(errno));
return(NULL);
}
}
#ifndef WIN32
/* Otherwise we are going to open a new stream */
else
{
if((fp = fopen(ctermid(NULL), "r+")) == NULL)
return(NULL);
setbuf(fp, NULL);
/* Setup blocks for SIGINT and SIGTSTP and save the original signal
* mask.
*/
sigemptyset(&sig);
sigaddset(&sig, SIGINT);
sigaddset(&sig, SIGTSTP);
sigprocmask(SIG_BLOCK, &sig, &old_sig);
/*
* Save current tty state for later restoration after we :
* - disable echo of characters to the tty
* - disable signal generation
* - disable cannonical mode (input read line by line mode)
*/
tcgetattr(fileno(fp), &ts);
old_c_lflag = ts.c_lflag;
ts.c_lflag &= ~(ECHO | ICANON | ISIG);
tcsetattr(fileno(fp), TCSAFLUSH, &ts);
fputs(prompt, fp);
}
#else
_cputs(prompt);
#endif
/* Read the password */
ptr = read_passwd_from_stream(fp);
#ifdef WIN32
/* In Windows, it would be a CR-LF
*/
_putch(PW_CR_CHAR);
_putch(PW_LF_CHAR);
#else
if(! FD_IS_VALID(fd))
{
/* Reset terminal settings
*/
fputs("\n", fp);
ts.c_lflag = old_c_lflag;
tcsetattr(fileno(fp), TCSAFLUSH, &ts);
}
#endif
fclose(fp);
return (ptr);
}
/* Function for accepting password input from a file
*/
int
get_key_file(char *key, int *key_len, const char *key_file,
fko_ctx_t ctx, const fko_cli_options_t *options)
{
FILE *pwfile_ptr;
unsigned int numLines = 0, i = 0, found_dst;
char conf_line_buf[MAX_LINE_LEN] = {0};
char tmp_char_buf[MAX_LINE_LEN] = {0};
char *lptr;
memset(key, 0x00, MAX_KEY_LEN+1);
if ((pwfile_ptr = fopen(key_file, "r")) == NULL)
{
log_msg(LOG_VERBOSITY_ERROR, "Could not open config file: %s", key_file);
return 0;
}
while ((fgets(conf_line_buf, MAX_LINE_LEN, pwfile_ptr)) != NULL)
{
numLines++;
conf_line_buf[MAX_LINE_LEN-1] = '\0';
lptr = conf_line_buf;
memset(tmp_char_buf, 0x0, MAX_LINE_LEN);
while (*lptr == ' ' || *lptr == '\t' || *lptr == '=')
lptr++;
/* Get past comments and empty lines.
*/
if (*lptr == '#' || *lptr == '\n' || *lptr == '\r' || *lptr == '\0' || *lptr == ';')
continue;
/* Look for a line like "<SPA destination IP>: <password>" - this allows
* multiple keys to be placed within the same file, and the client will
* reference the matching one for the SPA server we are contacting
*/
found_dst = 1;
for (i=0; i < strlen(options->spa_server_str); i++)
if (*lptr++ != options->spa_server_str[i])
found_dst = 0;
if (! found_dst)
continue;
if (*lptr == ':')
lptr++;
else
continue;
/* Skip whitespace until we get to the password
*/
while (*lptr == ' ' || *lptr == '\t' || *lptr == '=')
lptr++;
i = 0;
while (*lptr != '\0' && *lptr != '\n') {
key[i] = *lptr;
lptr++;
i++;
}
key[i] = '\0';
}
fclose(pwfile_ptr);
if (key[0] == '\0') {
log_msg(LOG_VERBOSITY_ERROR, "Could not get key for IP: %s from: %s",
options->spa_server_str, key_file);
return 0;
}
*key_len = strlen(key);
return 1;
}
/***EOF***/
View Git Blame Copy Permalink