git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Tõivo Leedjärv <toivol@gmail.com>
	Sun, 28 Mar 2021 17:11:51 +0000 (17:11 +0000)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 1 Apr 2021 06:10:00 +0000 (08:10 +0200)
commit	76ccc62d4884721b6ecc11078abef747ea60d8d0
tree	c2a04dc9d09e02e2df898f585a28c4e1799e84cc	tree
parent	2d5c437f7cf5b4f7d43c297373827d2c3597e955	commit \| diff

Stop using deprecated getpass()

The getpass() function is present in SUSv2, but marked LEGACY. It is
removed in POSIX.1-2001. Additionally, on Solaris getpass() returns
maximum 9 bytes. This will make longer passwords fail with no
possibility for user to know what is happening.

This patch removes usage of getpass() completely and replaces it with
direct implementation of what getpass() does: opens tty (existing code),
outputs the prompt (existing code), turns off echoing (new code), reads
one line (existing code shared with echoed mode), restores tty state
(new code) and closes tty (existing code).

Patch v2: incorporate review feedback, incl. style fixes, merge
          termios.h check in configure.ac with an existing
          AC_CHECK_HEADERS, add error check and logging after
          tcsettattr() when restoring tty settings

Signed-off-by: Tõivo Leedjärv <toivol@gmail.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20210328171151.12056-1-toivol@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21889.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

configure.ac		diff \| blob \| blame \| history
src/openvpn/console_builtin.c		diff \| blob \| blame \| history