2
* Copyright (c) 1996, 1998-2005, 2007-2010
3
* Todd C. Miller <Todd.Miller@courtesan.com>
5
* Permission to use, copy, modify, and distribute this software for any
6
* purpose with or without fee is hereby granted, provided that the above
7
* copyright notice and this permission notice appear in all copies.
9
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
* Sponsored in part by the Defense Advanced Research Projects
18
* Agency (DARPA) and Air Force Research Laboratory, Air Force
19
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
28
#include <sys/types.h>
29
#include <sys/param.h>
38
#endif /* STDC_HEADERS */
40
# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
44
#endif /* HAVE_STRING_H */
47
#endif /* HAVE_STRINGS_H */
50
#endif /* HAVE_UNISTD_H */
58
static volatile sig_atomic_t signo[NSIG];
60
static void handler __P((int));
61
static char *getln __P((int, char *, size_t, int));
62
static char *sudo_askpass __P((const char *));
65
* Like getpass(3) but with timeout and echo flags.
68
tgetpass(prompt, timeout, flags)
73
sigaction_t sa, savealrm, saveint, savehup, savequit, saveterm;
74
sigaction_t savetstp, savettin, savettou, savepipe;
76
static char buf[SUDO_PASS_MAX + 1];
77
int i, input, output, save_errno, neednl = 0, need_restart;
79
(void) fflush(stdout);
81
/* If using a helper program to get the password, run it instead. */
82
if (ISSET(flags, TGP_ASKPASS) && user_askpass)
83
return(sudo_askpass(prompt));
86
for (i = 0; i < NSIG; i++)
91
/* Open /dev/tty for reading/writing if possible else use stdin/stderr. */
92
if (ISSET(flags, TGP_STDIN) ||
93
(input = output = open(_PATH_TTY, O_RDWR|O_NOCTTY)) == -1) {
95
output = STDERR_FILENO;
99
* If we are using a tty but are not the foreground pgrp this will
100
* generate SIGTTOU, so do it *before* installing the signal handlers.
102
if (!ISSET(flags, TGP_ECHO)) {
104
neednl = term_cbreak(input);
106
neednl = term_noecho(input);
110
* Catch signals that would otherwise cause the user to end
111
* up with echo turned off in the shell.
113
zero_bytes(&sa, sizeof(sa));
114
sigemptyset(&sa.sa_mask);
115
sa.sa_flags = SA_INTERRUPT; /* don't restart system calls */
116
sa.sa_handler = handler;
117
(void) sigaction(SIGALRM, &sa, &savealrm);
118
(void) sigaction(SIGINT, &sa, &saveint);
119
(void) sigaction(SIGHUP, &sa, &savehup);
120
(void) sigaction(SIGQUIT, &sa, &savequit);
121
(void) sigaction(SIGTERM, &sa, &saveterm);
122
(void) sigaction(SIGTSTP, &sa, &savetstp);
123
(void) sigaction(SIGTTIN, &sa, &savettin);
124
(void) sigaction(SIGTTOU, &sa, &savettou);
126
/* Ignore SIGPIPE in case stdin is a pipe and TGP_STDIN is set */
127
sa.sa_handler = SIG_IGN;
128
(void) sigaction(SIGPIPE, &sa, &savepipe);
131
(void) write(output, prompt, strlen(prompt));
135
pass = getln(input, buf, sizeof(buf), def_pwfeedback);
139
if (neednl || pass == NULL)
140
(void) write(output, "\n", 1);
142
/* Restore old tty settings and signals. */
143
if (!ISSET(flags, TGP_ECHO))
144
term_restore(input, 1);
145
(void) sigaction(SIGALRM, &savealrm, NULL);
146
(void) sigaction(SIGINT, &saveint, NULL);
147
(void) sigaction(SIGHUP, &savehup, NULL);
148
(void) sigaction(SIGQUIT, &savequit, NULL);
149
(void) sigaction(SIGTERM, &saveterm, NULL);
150
(void) sigaction(SIGTSTP, &savetstp, NULL);
151
(void) sigaction(SIGTTIN, &savettin, NULL);
152
(void) sigaction(SIGTTOU, &savettou, NULL);
153
(void) sigaction(SIGTTOU, &savepipe, NULL);
154
if (input != STDIN_FILENO)
158
* If we were interrupted by a signal, resend it to ourselves
159
* now that we have restored the signal handlers.
161
for (i = 0; i < NSIG; i++) {
182
* Fork a child and exec sudo-askpass to get the password from the user.
188
static char buf[SUDO_PASS_MAX + 1], *pass;
189
sigaction_t sa, saved_sa_pipe;
194
error(1, "unable to create pipe");
196
if ((pid = fork()) == -1)
197
error(1, "unable to fork");
200
/* child, point stdout to output side of the pipe and exec askpass */
201
if (dup2(pfd[1], STDOUT_FILENO) == -1) {
205
(void) dup2(pfd[1], STDOUT_FILENO);
206
set_perms(PERM_FULL_USER);
207
closefrom(STDERR_FILENO + 1);
208
execl(user_askpass, user_askpass, prompt, (char *)NULL);
209
warning("unable to run %s", user_askpass);
213
/* Ignore SIGPIPE in case child exits prematurely */
214
zero_bytes(&sa, sizeof(sa));
215
sigemptyset(&sa.sa_mask);
216
sa.sa_flags = SA_INTERRUPT;
217
sa.sa_handler = SIG_IGN;
218
(void) sigaction(SIGPIPE, &sa, &saved_sa_pipe);
220
/* Get response from child (askpass) and restore SIGPIPE handler */
221
(void) close(pfd[1]);
222
pass = getln(pfd[0], buf, sizeof(buf), 0);
223
(void) close(pfd[0]);
224
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL);
229
extern int term_erase, term_kill;
232
getln(fd, buf, bufsiz, feedback)
238
size_t left = bufsiz;
245
return(NULL); /* sanity */
249
nr = read(fd, &c, 1);
250
if (nr != 1 || c == '\n' || c == '\r')
253
if (c == term_kill) {
255
(void) write(fd, "\b \b", 3);
260
} else if (c == term_erase) {
262
(void) write(fd, "\b \b", 3);
268
(void) write(fd, "*", 1);
276
(void) write(fd, "\b \b", 3);
281
return(nr == 1 ? buf : NULL);
297
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1)