git.ipfire.org Git - thirdparty/libarchive.git/commit

author	Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
	Sat, 13 Apr 2024 05:44:51 +0000 (05:44 +0000)
committer	GitHub <noreply@github.com>
	Sat, 13 Apr 2024 05:44:51 +0000 (22:44 -0700)
commit	1a2fd29f6de7decd097dc4e30629ff96a068f72e
tree	b552eab5bb161d2a7bf4e19484d12ac1bd0ef11f	tree \| snapshot
parent	46818684c3dfcb8ace2721491b9e15aff5341725	commit \| diff

Never allow empty passwords (#2116)

Passwords for encryption must not be empty. Neither through command line
option nor through interactive input.

With this PR applied:
```
$ bsdtar --format zip --options zip:encryption -cf archive.zip input.txt
Enter passphrase: <press enter>
bsdtar: Encryption needs passphrase
```

Output with command line argument (unaffected by this PR):
```
$ bsdtar --format zip --options zip:encryption --passphrase '' -cf archive.zip input.txt
bsdtar: Empty passphrase is unacceptable
```

The outputs differ due to internal difference in handling the results.

It is still possible to supply a passphrase through command line
argument which cannot be entered interactively, i.e. $'\r\n'. See
https://github.com/libarchive/libarchive/pull/2115 for more details.