tAdd -k flag to ask external program for pass - safe - password protected secret keeper
(HTM) git clone git://git.z3bra.org/safe.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 51673ba1810eacc7b5a297b6690896a45280bbba
(DIR) parent 7958db741782dcf11e3eae3b0b45efe69b81fa82
(HTM) Author: Tudor Roman <tudurom@gmail.com>
Date: Mon, 16 Sep 2019 07:39:04 +0200
Add -k flag to ask external program for pass
Diffstat:
M safe.1 | 2 ++
M safe.c | 29 +++++++++++++++++------------
2 files changed, 19 insertions(+), 12 deletions(-)
---
(DIR) diff --git a/safe.1 b/safe.1
t@@ -42,6 +42,8 @@ Set the path to your safe as
.It Fl a Ar secret
Encrypt stdin to your safe as
.Ar secret .
+.It Fl k
+Prompt user for password using an external program (see: SAFE_ASKPASS).
.Sh AGENT
When the agent is started,
(DIR) diff --git a/safe.c b/safe.c
t@@ -168,16 +168,10 @@ spawn_askpass(const char *askpass, const char *msg, char *buf, size_t bufsiz)
}
int
-readpass(const char *prompt, uint8_t **target, size_t *len)
+readpass(const char *prompt, uint8_t **target, size_t *len, int askflag)
{
- int ttyfd;
char pass[BUFSIZ], *askpass, *p;
-
- /*
- * read passphrase from an ASKPASS program stdout if there is
- * no tty available
- */
- if ((ttyfd = open(_PATH_TTY, O_RDWR)) < 0) {
+ if (askflag) {
askpass = ASKPASS;
if (getenv("SAFE_ASKPASS"))
askpass = getenv("SAFE_ASKPASS");
t@@ -185,7 +179,6 @@ readpass(const char *prompt, uint8_t **target, size_t *len)
if (!p)
err(1, "askpass:");
} else {
- close(ttyfd);
p = readpassphrase(prompt, pass, sizeof(pass), RPP_ECHO_OFF|RPP_REQUIRE_TTY);
if (!p)
err(1, "readpassphrase:");
t@@ -381,7 +374,7 @@ readsecret(struct safe *s, int in, int out)
int
main(int argc, char *argv[])
{
- int fd, haskey = 0, hasmaster = 1, aflag = 0, rflag = 0;
+ int fd, haskey = 0, hasmaster = 1, aflag = 0, rflag = 0, kflag = 0, ttyfd;
char *prompt, *secret, *sockp, *safe = SAFE;
struct safe s;
struct rlimit rlim;
t@@ -403,6 +396,9 @@ main(int argc, char *argv[])
case 's':
safe = EARGF(usage());
break;
+ case 'k':
+ kflag = 1;
+ break;
default:
usage();
} ARGEND
t@@ -438,8 +434,17 @@ main(int argc, char *argv[])
if (sockp && !readkey(&s, sockp))
haskey = 1;
+ /*
+ * read passphrase from an ASKPASS program stdout if there is
+ * no tty available
+ */
+ if ((ttyfd = open(_PATH_TTY, O_RDWR)) < 0)
+ kflag = 1;
+ else
+ close(ttyfd);
+
if (!haskey) {
- if (readpass(prompt, &passphrase, &pplen) < 0)
+ if (readpass(prompt, &passphrase, &pplen, kflag) < 0)
return -1;
sodium_mlock(passphrase, pplen);
t@@ -450,7 +455,7 @@ main(int argc, char *argv[])
size_t pplen2 = 0;
/* input for master password again to check */
- if (readpass("verify:", &passphrase2, &pplen2) < 0)
+ if (readpass("verify:", &passphrase2, &pplen2, kflag) < 0)
return -1;
sodium_mlock(passphrase2, pplen2);