2 * Copyright 2009 Colin Percival
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 #include "scrypt_platform.h"
38 #define MAXPASSLEN 2048
41 * tarsnap_getpass(passwd, prompt, confirmprompt, devtty)
42 * If ${devtty} is non-zero, read a password from /dev/tty if possible; if
43 * not, read from stdin. If reading from a tty (either /dev/tty or stdin),
44 * disable echo and prompt the user by printing ${prompt} to stderr. If
45 * ${confirmprompt} is non-NULL, read a second password (prompting if a
46 * terminal is being used) and repeat until the user enters the same password
47 * twice. Return the password as a malloced NUL-terminated string via
48 * ${passwd}. The obscure name is to avoid namespace collisions due to the
49 * getpass / readpass / readpassphrase / etc. functions in various libraries.
52 tarsnap_readpass(char ** passwd, const char * prompt,
53 const char * confirmprompt, int devtty)
56 char passbuf[MAXPASSLEN];
57 char confpassbuf[MAXPASSLEN];
58 struct termios term, term_old;
62 * If devtty != 0, try to open /dev/tty; if that fails, or if devtty
63 * is zero, we'll read the password from stdin instead.
65 if ((devtty == 0) || ((readfrom = fopen("/dev/tty", "r")) == NULL))
68 /* If we're reading from a terminal, try to disable echo. */
69 if ((usingtty = isatty(fileno(readfrom))) != 0) {
70 if (tcgetattr(fileno(readfrom), &term_old)) {
71 warn("Cannot read terminal settings");
74 memcpy(&term, &term_old, sizeof(struct termios));
75 term.c_lflag = (term.c_lflag & ~ECHO) | ECHONL;
76 if (tcsetattr(fileno(readfrom), TCSANOW, &term)) {
77 warn("Cannot set terminal settings");
83 /* If we have a terminal, prompt the user to enter the password. */
85 fprintf(stderr, "%s: ", prompt);
87 /* Read the password. */
88 if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) {
89 warn("Cannot read password");
93 /* Confirm the password if necessary. */
94 if (confirmprompt != NULL) {
96 fprintf(stderr, "%s: ", confirmprompt);
97 if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) {
98 warn("Cannot read password");
101 if (strcmp(passbuf, confpassbuf)) {
103 "Passwords mismatch, please try again\n");
108 /* Terminate the string at the first "\r" or "\n" (if any). */
109 passbuf[strcspn(passbuf, "\r\n")] = '\0';
111 /* If we changed terminal settings, reset them. */
113 tcsetattr(fileno(readfrom), TCSANOW, &term_old);
115 /* Close /dev/tty if we opened it. */
116 if (readfrom != stdin)
119 /* Copy the password out. */
120 if ((*passwd = strdup(passbuf)) == NULL) {
121 warn("Cannot allocate memory");
125 /* Zero any stored passwords. */
126 memset(passbuf, 0, MAXPASSLEN);
127 memset(confpassbuf, 0, MAXPASSLEN);
133 /* Reset terminal settings if necessary. */
135 tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old);
137 /* Close /dev/tty if we opened it. */
138 if (readfrom != stdin)