src/ask-password/ask-password.c

   1 /* SPDX-License-Identifier: LGPL-2.1+ */
   2 /***
   3   Copyright 2010 Lennart Poettering
   4 ***/
   5
   6 #include <errno.h>
   7 #include <getopt.h>
   8 #include <stddef.h>
   9 #include <unistd.h>
  10
  11 #include "ask-password-api.h"
  12 #include "def.h"
  13 #include "log.h"
  14 #include "macro.h"
  15 #include "strv.h"
  16
  17 static const char *arg_icon = NULL;
  18 static const char *arg_id = NULL;
  19 static const char *arg_keyname = NULL;
  20 static char *arg_message = NULL;
  21 static usec_t arg_timeout = DEFAULT_TIMEOUT_USEC;
  22 static bool arg_multiple = false;
  23 static bool arg_no_output = false;
  24 static AskPasswordFlags arg_flags = ASK_PASSWORD_PUSH_CACHE;
  25
  26 static void help(void) {
  27         printf("%s [OPTIONS...] MESSAGE\n\n"
  28                "Query the user for a system passphrase, via the TTY or an UI agent.\n\n"
  29                "  -h --help           Show this help\n"
  30                "     --icon=NAME      Icon name\n"
  31                "     --id=ID          Query identifier (e.g. \"cryptsetup:/dev/sda5\")\n"
  32                "     --keyname=NAME   Kernel key name for caching passwords (e.g. \"cryptsetup\")\n"
  33                "     --timeout=SEC    Timeout in seconds\n"
  34                "     --echo           Do not mask input (useful for usernames)\n"
  35                "     --no-tty         Ask question via agent even on TTY\n"
  36                "     --accept-cached  Accept cached passwords\n"
  37                "     --multiple       List multiple passwords if available\n"
  38                "     --no-output      Do not print password to standard output\n"
  39                , program_invocation_short_name);
  40 }
  41
  42 static int parse_argv(int argc, char *argv[]) {
  43
  44         enum {
  45                 ARG_ICON = 0x100,
  46                 ARG_TIMEOUT,
  47                 ARG_ECHO,
  48                 ARG_NO_TTY,
  49                 ARG_ACCEPT_CACHED,
  50                 ARG_MULTIPLE,
  51                 ARG_ID,
  52                 ARG_KEYNAME,
  53                 ARG_NO_OUTPUT,
  54         };
  55
  56         static const struct option options[] = {
  57                 { "help",          no_argument,       NULL, 'h'               },
  58                 { "icon",          required_argument, NULL, ARG_ICON          },
  59                 { "timeout",       required_argument, NULL, ARG_TIMEOUT       },
  60                 { "echo",          no_argument,       NULL, ARG_ECHO          },
  61                 { "no-tty",        no_argument,       NULL, ARG_NO_TTY        },
  62                 { "accept-cached", no_argument,       NULL, ARG_ACCEPT_CACHED },
  63                 { "multiple",      no_argument,       NULL, ARG_MULTIPLE      },
  64                 { "id",            required_argument, NULL, ARG_ID            },
  65                 { "keyname",       required_argument, NULL, ARG_KEYNAME       },
  66                 { "no-output",     no_argument,       NULL, ARG_NO_OUTPUT     },
  67                 {}
  68         };
  69
  70         int c;
  71
  72         assert(argc >= 0);
  73         assert(argv);
  74
  75         while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
  76
  77                 switch (c) {
  78
  79                 case 'h':
  80                         help();
  81                         return 0;
  82
  83                 case ARG_ICON:
  84                         arg_icon = optarg;
  85                         break;
  86
  87                 case ARG_TIMEOUT:
  88                         if (parse_sec(optarg, &arg_timeout) < 0) {
  89                                 log_error("Failed to parse --timeout parameter %s", optarg);
  90                                 return -EINVAL;
  91                         }
  92                         break;
  93
  94                 case ARG_ECHO:
  95                         arg_flags |= ASK_PASSWORD_ECHO;
  96                         break;
  97
  98                 case ARG_NO_TTY:
  99                         arg_flags |= ASK_PASSWORD_NO_TTY;
 100                         break;
 101
 102                 case ARG_ACCEPT_CACHED:
 103                         arg_flags |= ASK_PASSWORD_ACCEPT_CACHED;
 104                         break;
 105
 106                 case ARG_MULTIPLE:
 107                         arg_multiple = true;
 108                         break;
 109
 110                 case ARG_ID:
 111                         arg_id = optarg;
 112                         break;
 113
 114                 case ARG_KEYNAME:
 115                         arg_keyname = optarg;
 116                         break;
 117
 118                 case ARG_NO_OUTPUT:
 119                         arg_no_output = true;
 120                         break;
 121
 122                 case '?':
 123                         return -EINVAL;
 124
 125                 default:
 126                         assert_not_reached("Unhandled option");
 127                 }
 128
 129         if (argc > optind) {
 130                 arg_message = strv_join(argv + optind, " ");
 131                 if (!arg_message)
 132                         return log_oom();
 133         }
 134
 135         return 1;
 136 }
 137
 138 int main(int argc, char *argv[]) {
 139         _cleanup_strv_free_erase_ char **l = NULL;
 140         usec_t timeout;
 141         char **p;
 142         int r;
 143
 144         log_parse_environment();
 145         log_open();
 146
 147         r = parse_argv(argc, argv);
 148         if (r <= 0)
 149                 goto finish;
 150
 151         if (arg_timeout > 0)
 152                 timeout = now(CLOCK_MONOTONIC) + arg_timeout;
 153         else
 154                 timeout = 0;
 155
 156         r = ask_password_auto(arg_message, arg_icon, arg_id, arg_keyname, timeout, arg_flags, &l);
 157         if (r < 0) {
 158                 log_error_errno(r, "Failed to query password: %m");
 159                 goto finish;
 160         }
 161
 162         STRV_FOREACH(p, l) {
 163                 if (!arg_no_output)
 164                         puts(*p);
 165
 166                 if (!arg_multiple)
 167                         break;
 168         }
 169
 170 finish:
 171         free(arg_message);
 172
 173         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 174 }