+/* SPDX-License-Identifier: LGPL-2.1+ */
/***
This file is part of systemd.
#include "ask-password-api.h"
#include "fd-util.h"
#include "fileio.h"
-#include "formats-util.h"
+#include "format-util.h"
#include "io-util.h"
#include "log.h"
#include "macro.h"
#include "missing.h"
#include "mkdir.h"
+#include "process-util.h"
#include "random-util.h"
#include "signal-util.h"
#include "socket-util.h"
if (n < m)
break;
- memory_erase(p, n);
+ explicit_bzero(p, n);
free(p);
m *= 2;
}
if (!l)
return -ENOMEM;
- memory_erase(p, n);
+ explicit_bzero(p, n);
*ret = l;
return 0;
if (r < 0)
return r;
- /* Truncate trailing NUL */
- assert(n > 0);
- assert(p[n-1] == 0);
-
- serial = add_key("user", keyname, p, n-1, KEY_SPEC_USER_KEYRING);
- memory_erase(p, n);
+ serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING);
+ explicit_bzero(p, n);
if (serial == -1)
return -errno;
goto finish;
}
- loop_write(ttyfd, ANSI_HIGHLIGHT, strlen(ANSI_HIGHLIGHT), false);
+ if (colors_enabled())
+ loop_write(ttyfd, ANSI_HIGHLIGHT, strlen(ANSI_HIGHLIGHT), false);
loop_write(ttyfd, message, strlen(message), false);
loop_write(ttyfd, " ", 1, false);
- loop_write(ttyfd, ANSI_NORMAL, strlen(ANSI_NORMAL), false);
+ if (colors_enabled())
+ loop_write(ttyfd, ANSI_NORMAL, strlen(ANSI_NORMAL), false);
new_termios = old_termios;
new_termios.c_lflag &= ~(ICANON|ECHO);
n = read(ttyfd >= 0 ? ttyfd : STDIN_FILENO, &c, 1);
if (n < 0) {
- if (errno == EINTR || errno == EAGAIN)
+ if (IN_SET(errno, EINTR, EAGAIN))
continue;
r = -errno;
backspace_chars(ttyfd, p);
p = 0;
- } else if (c == '\b' || c == 127) {
+ } else if (IN_SET(c, '\b', 127)) {
if (p > 0) {
}
x = strndup(passphrase, p);
- memory_erase(passphrase, p);
+ explicit_bzero(passphrase, p);
if (!x) {
r = -ENOMEM;
goto finish;
(void) mkdir_p_label("/run/systemd/ask-password", 0755);
- fd = mkostemp_safe(temp, O_WRONLY|O_CLOEXEC);
+ fd = mkostemp_safe(temp);
if (fd < 0) {
r = fd;
goto finish;
"AcceptCached=%i\n"
"Echo=%i\n"
"NotAfter="USEC_FMT"\n",
- getpid(),
+ getpid_cached(),
socket_name,
(flags & ASK_PASSWORD_ACCEPT_CACHED) ? 1 : 0,
(flags & ASK_PASSWORD_ECHO) ? 1 : 0,
n = recvmsg(socket_fd, &msghdr, 0);
if (n < 0) {
- if (errno == EAGAIN ||
- errno == EINTR)
+ if (IN_SET(errno, EAGAIN, EINTR))
continue;
r = -errno;
l = strv_new("", NULL);
else
l = strv_parse_nulstr(passphrase+1, n-1);
- memory_erase(passphrase, n);
+ explicit_bzero(passphrase, n);
if (!l) {
r = -ENOMEM;
goto finish;