From 9769e6f7d5683d79511b40c84fb1c60291e1b72d Mon Sep 17 00:00:00 2001 From: Michihiro NAKAJIMA Date: Sun, 21 Sep 2014 17:45:59 +0900 Subject: [PATCH] Implement reading a passphrase from ttys. --- CMakeLists.txt | 2 + Makefile.am | 4 +- build/cmake/config.h.in | 6 + configure.ac | 4 +- cpio/CMakeLists.txt | 2 + cpio/cpio.c | 33 +++++ cpio/cpio.h | 1 + libarchive_fe/passphrase.c | 273 +++++++++++++++++++++++++++++++++++++ libarchive_fe/passphrase.h | 31 +++++ tar/CMakeLists.txt | 2 + tar/bsdtar.c | 1 + tar/bsdtar.h | 3 + tar/read.c | 1 + tar/util.c | 26 ++++ tar/write.c | 2 + 15 files changed, 389 insertions(+), 2 deletions(-) create mode 100644 libarchive_fe/passphrase.c create mode 100644 libarchive_fe/passphrase.h diff --git a/CMakeLists.txt b/CMakeLists.txt index aaa7ea634..e8d2159ba 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -540,6 +540,7 @@ LA_CHECK_INCLUDE_FILE("poll.h" HAVE_POLL_H) LA_CHECK_INCLUDE_FILE("process.h" HAVE_PROCESS_H) LA_CHECK_INCLUDE_FILE("pthread.h" HAVE_PTHREAD_H) LA_CHECK_INCLUDE_FILE("pwd.h" HAVE_PWD_H) +LA_CHECK_INCLUDE_FILE("readpassphrase.h" HAVE_READPASSPHRASE_H) LA_CHECK_INCLUDE_FILE("regex.h" HAVE_REGEX_H) LA_CHECK_INCLUDE_FILE("signal.h" HAVE_SIGNAL_H) LA_CHECK_INCLUDE_FILE("spawn.h" HAVE_SPAWN_H) @@ -1162,6 +1163,7 @@ CHECK_FUNCTION_EXISTS_GLIBC(pipe HAVE_PIPE) CHECK_FUNCTION_EXISTS_GLIBC(poll HAVE_POLL) CHECK_FUNCTION_EXISTS_GLIBC(posix_spawnp HAVE_POSIX_SPAWNP) CHECK_FUNCTION_EXISTS_GLIBC(readlink HAVE_READLINK) +CHECK_FUNCTION_EXISTS_GLIBC(readpassphrase HAVE_READPASSPHRASE) CHECK_FUNCTION_EXISTS_GLIBC(select HAVE_SELECT) CHECK_FUNCTION_EXISTS_GLIBC(setenv HAVE_SETENV) CHECK_FUNCTION_EXISTS_GLIBC(setlocale HAVE_SETLOCALE) diff --git a/Makefile.am b/Makefile.am index d098b76b7..76267d530 100644 --- a/Makefile.am +++ b/Makefile.am @@ -807,7 +807,9 @@ libarchive_fe_la_SOURCES= \ libarchive_fe/err.h \ libarchive_fe/lafe_platform.h \ libarchive_fe/line_reader.c \ - libarchive_fe/line_reader.h + libarchive_fe/line_reader.h \ + libarchive_fe/passphrase.c \ + libarchive_fe/passphrase.h libarchive_fe_la_CPPFLAGS= -I$(top_srcdir)/libarchive # diff --git a/build/cmake/config.h.in b/build/cmake/config.h.in index baca049dd..ee48de87a 100644 --- a/build/cmake/config.h.in +++ b/build/cmake/config.h.in @@ -781,6 +781,12 @@ typedef uint64_t uintmax_t; /* Define to 1 if you have the `readlinkat' function. */ #cmakedefine HAVE_READLINKAT 1 +/* Define to 1 if you have the `readpassphrase' function. */ +#cmakedefine HAVE_READPASSPHRASE 1 + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_READPASSPHRASE_H 1 + /* Define to 1 if you have the header file. */ #cmakedefine HAVE_REGEX_H 1 diff --git a/configure.ac b/configure.ac index dd57a6b38..216ab76fa 100644 --- a/configure.ac +++ b/configure.ac @@ -267,7 +267,8 @@ AS_VAR_IF([ac_cv_have_decl_EXT2_IOC_GETFLAGS], [yes], AC_CHECK_HEADERS([inttypes.h io.h langinfo.h limits.h]) AC_CHECK_HEADERS([linux/fiemap.h linux/fs.h linux/magic.h linux/types.h]) -AC_CHECK_HEADERS([locale.h paths.h poll.h pthread.h pwd.h signal.h spawn.h]) +AC_CHECK_HEADERS([locale.h paths.h poll.h pthread.h pwd.h]) +AC_CHECK_HEADERS([readpassphrase.h signal.h spawn.h]) AC_CHECK_HEADERS([stdarg.h stdint.h stdlib.h string.h]) AC_CHECK_HEADERS([sys/acl.h sys/cdefs.h sys/extattr.h]) AC_CHECK_HEADERS([sys/ioctl.h sys/mkdev.h sys/mount.h]) @@ -579,6 +580,7 @@ AC_CHECK_FUNCS([lchflags lchmod lchown link localtime_r lstat lutimes]) AC_CHECK_FUNCS([mbrtowc memmove memset]) AC_CHECK_FUNCS([mkdir mkfifo mknod mkstemp]) AC_CHECK_FUNCS([nl_langinfo openat pipe poll posix_spawnp readlink readlinkat]) +AC_CHECK_FUNCS([readpassphrase]) AC_CHECK_FUNCS([select setenv setlocale sigaction statfs statvfs]) AC_CHECK_FUNCS([strchr strdup strerror strncpy_s strrchr symlink timegm]) AC_CHECK_FUNCS([tzset unsetenv utime utimensat utimes vfork]) diff --git a/cpio/CMakeLists.txt b/cpio/CMakeLists.txt index 135d0893b..443099719 100644 --- a/cpio/CMakeLists.txt +++ b/cpio/CMakeLists.txt @@ -15,6 +15,8 @@ IF(ENABLE_CPIO) ../libarchive_fe/lafe_platform.h ../libarchive_fe/line_reader.c ../libarchive_fe/line_reader.h + ../libarchive_fe/passphrase.c + ../libarchive_fe/passphrase.h ) INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/test_utils) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/../libarchive_fe) diff --git a/cpio/cpio.c b/cpio/cpio.c index 569e4edd4..6dc22378f 100644 --- a/cpio/cpio.c +++ b/cpio/cpio.c @@ -82,6 +82,7 @@ __FBSDID("$FreeBSD: src/usr.bin/cpio/cpio.c,v 1.15 2008/12/06 07:30:40 kientzle #include "cpio.h" #include "err.h" #include "line_reader.h" +#include "passphrase.h" /* Fixed size of uname/gname caches. */ #define name_cache_size 101 @@ -123,6 +124,8 @@ static int restore_time(struct cpio *, struct archive_entry *, const char *, int fd); static void usage(void); static void version(void); +static const char * passphrase_callback(struct archive *, void *); +static void passphrase_free(char *); int main(int argc, char *argv[]) @@ -422,6 +425,7 @@ main(int argc, char *argv[]) free_cache(cpio->gname_cache); free_cache(cpio->uname_cache); free(cpio->destdir); + passphrase_free(cpio->ppbuff); return (cpio->return_value); } @@ -580,6 +584,8 @@ mode_out(struct cpio *cpio) lafe_errc(1, 0, "%s", archive_error_string(cpio->archive)); } + archive_write_set_passphrase_callback(cpio->archive, cpio, + &passphrase_callback); /* * The main loop: Copy each file into the output archive. @@ -951,6 +957,7 @@ mode_in(struct cpio *cpio) cpio->passphrase) != ARCHIVE_OK) lafe_errc(1, 0, "%s", archive_error_string(a)); } + archive_read_set_passphrase_callback(a, cpio, &passphrase_callback); if (archive_read_open_filename(a, cpio->filename, cpio->bytes_per_block)) @@ -1059,6 +1066,7 @@ mode_list(struct cpio *cpio) cpio->passphrase) != ARCHIVE_OK) lafe_errc(1, 0, "%s", archive_error_string(a)); } + archive_read_set_passphrase_callback(a, cpio, &passphrase_callback); if (archive_read_open_filename(a, cpio->filename, cpio->bytes_per_block)) @@ -1430,3 +1438,28 @@ cpio_i64toa(int64_t n0) *--p = '-'; return p; } + +#define PPBUFF_SIZE 1024 +static const char * +passphrase_callback(struct archive *a, void *_client_data) +{ + struct cpio *cpio = (struct cpio *)_client_data; + (void)a; /* UNUSED */ + + if (cpio->ppbuff == NULL) { + cpio->ppbuff = malloc(PPBUFF_SIZE); + if (cpio->ppbuff == NULL) + lafe_errc(1, errno, "Out of memory"); + } + return lafe_readpassphrase("Enter passphrase:", + cpio->ppbuff, PPBUFF_SIZE); +} + +static void +passphrase_free(char *ppbuff) +{ + if (ppbuff != NULL) { + memset(ppbuff, 0, PPBUFF_SIZE); + free(ppbuff); + } +} diff --git a/cpio/cpio.h b/cpio/cpio.h index 227ba53fe..1036dece9 100644 --- a/cpio/cpio.h +++ b/cpio/cpio.h @@ -91,6 +91,7 @@ struct cpio { struct archive *matching; char *buff; size_t buff_size; + char *ppbuff; }; const char *owner_parse(const char *, int *, int *); diff --git a/libarchive_fe/passphrase.c b/libarchive_fe/passphrase.c new file mode 100644 index 000000000..5e18b7f73 --- /dev/null +++ b/libarchive_fe/passphrase.c @@ -0,0 +1,273 @@ +/*- + * Copyright (c) 2014 Michihiro NAKAJIMA + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer + * in this position and unchanged. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* $OpenBSD: readpassphrase.c,v 1.22 2010/01/13 10:20:54 dtucker Exp $ */ +/* + * Copyright (c) 2000-2002, 2007 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. + */ + +/* OPENBSD ORIGINAL: lib/libc/gen/readpassphrase.c */ + + +#include "lafe_platform.h" +__FBSDID("$FreeBSD$"); + +#include +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_READPASSPHRASE_H +#include +#endif + +#include "err.h" +#include "passphrase.h" + +#ifndef HAVE_READPASSPHRASE + +#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ +#define RPP_ECHO_ON 0x01 /* Leave echo on. */ +#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ +#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ +#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ +#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ +#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */ + + +#if defined(_WIN32) && !defined(__CYGWIN__) + +static char * +readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) +{ + (void)prompt; + (void)buf; + (void)bufsiz; + (void)flags; + errno = EINVAL; + return (NULL); +} + +#else /* _WIN32 && !__CYGWIN__ */ + +#include +#include +#include +#include +#include +#include + +#ifdef TCSASOFT +# define _T_FLUSH (TCSAFLUSH|TCSASOFT) +#else +# define _T_FLUSH (TCSAFLUSH) +#endif + +/* SunOS 4.x which lacks _POSIX_VDISABLE, but has VDISABLE */ +#if !defined(_POSIX_VDISABLE) && defined(VDISABLE) +# define _POSIX_VDISABLE VDISABLE +#endif + +static volatile sig_atomic_t signo[_NSIG]; + +static void +handler(int s) +{ + + signo[s] = 1; +} + +static char * +readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) +{ + ssize_t nr; + int input, output, save_errno, i, need_restart; + char ch, *p, *end; + struct termios term, oterm; + struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; + struct sigaction savetstp, savettin, savettou, savepipe; + + /* I suppose we could alloc on demand in this case (XXX). */ + if (bufsiz == 0) { + errno = EINVAL; + return(NULL); + } + +restart: + for (i = 0; i < _NSIG; i++) + signo[i] = 0; + nr = -1; + save_errno = 0; + need_restart = 0; + /* + * Read and write to /dev/tty if available. If not, read from + * stdin and write to stderr unless a tty is required. + */ + if ((flags & RPP_STDIN) || + (input = output = open(_PATH_TTY, O_RDWR)) == -1) { + if (flags & RPP_REQUIRE_TTY) { + errno = ENOTTY; + return(NULL); + } + input = STDIN_FILENO; + output = STDERR_FILENO; + } + + /* + * Catch signals that would otherwise cause the user to end + * up with echo turned off in the shell. Don't worry about + * things like SIGXCPU and SIGVTALRM for now. + */ + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; /* don't restart system calls */ + sa.sa_handler = handler; + (void)sigaction(SIGALRM, &sa, &savealrm); + (void)sigaction(SIGHUP, &sa, &savehup); + (void)sigaction(SIGINT, &sa, &saveint); + (void)sigaction(SIGPIPE, &sa, &savepipe); + (void)sigaction(SIGQUIT, &sa, &savequit); + (void)sigaction(SIGTERM, &sa, &saveterm); + (void)sigaction(SIGTSTP, &sa, &savetstp); + (void)sigaction(SIGTTIN, &sa, &savettin); + (void)sigaction(SIGTTOU, &sa, &savettou); + + /* Turn off echo if possible. */ + if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { + memcpy(&term, &oterm, sizeof(term)); + if (!(flags & RPP_ECHO_ON)) + term.c_lflag &= ~(ECHO | ECHONL); +#ifdef VSTATUS + if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) + term.c_cc[VSTATUS] = _POSIX_VDISABLE; +#endif + (void)tcsetattr(input, _T_FLUSH, &term); + } else { + memset(&term, 0, sizeof(term)); + term.c_lflag |= ECHO; + memset(&oterm, 0, sizeof(oterm)); + oterm.c_lflag |= ECHO; + } + + /* No I/O if we are already backgrounded. */ + if (signo[SIGTTOU] != 1 && signo[SIGTTIN] != 1) { + if (!(flags & RPP_STDIN)) + (void)write(output, prompt, strlen(prompt)); + end = buf + bufsiz - 1; + p = buf; + while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { + if (p < end) { + if ((flags & RPP_SEVENBIT)) + ch &= 0x7f; + if (isalpha(ch)) { + if ((flags & RPP_FORCELOWER)) + ch = (char)tolower(ch); + if ((flags & RPP_FORCEUPPER)) + ch = (char)toupper(ch); + } + *p++ = ch; + } + } + *p = '\0'; + save_errno = errno; + if (!(term.c_lflag & ECHO)) + (void)write(output, "\n", 1); + } + + /* Restore old terminal settings and signals. */ + if (memcmp(&term, &oterm, sizeof(term)) != 0) { + while (tcsetattr(input, _T_FLUSH, &oterm) == -1 && + errno == EINTR) + continue; + } + (void)sigaction(SIGALRM, &savealrm, NULL); + (void)sigaction(SIGHUP, &savehup, NULL); + (void)sigaction(SIGINT, &saveint, NULL); + (void)sigaction(SIGQUIT, &savequit, NULL); + (void)sigaction(SIGPIPE, &savepipe, NULL); + (void)sigaction(SIGTERM, &saveterm, NULL); + (void)sigaction(SIGTSTP, &savetstp, NULL); + (void)sigaction(SIGTTIN, &savettin, NULL); + (void)sigaction(SIGTTOU, &savettou, NULL); + if (input != STDIN_FILENO) + (void)close(input); + + /* + * If we were interrupted by a signal, resend it to ourselves + * now that we have restored the signal handlers. + */ + for (i = 0; i < _NSIG; i++) { + if (signo[i]) { + kill(getpid(), i); + switch (i) { + case SIGTSTP: + case SIGTTIN: + case SIGTTOU: + need_restart = 1; + } + } + } + if (need_restart) + goto restart; + + if (save_errno) + errno = save_errno; + return(nr == -1 ? NULL : buf); +} +#endif /* _WIN32 && !__CYGWIN__ */ +#endif /* HAVE_READPASSPHRASE */ + +char * +lafe_readpassphrase(const char *prompt, char *buf, size_t bufsiz) +{ + char *p; + + p = readpassphrase(prompt, buf, bufsiz, RPP_ECHO_OFF); + if (p == NULL) { + switch (errno) { + case EINTR: + break; + default: + lafe_errc(1, errno, "Couldn't read passphrase"); + break; + } + } + return (p); +} + diff --git a/libarchive_fe/passphrase.h b/libarchive_fe/passphrase.h new file mode 100644 index 000000000..ac7a50636 --- /dev/null +++ b/libarchive_fe/passphrase.h @@ -0,0 +1,31 @@ +/*- + * Copyright (c) 2014 Michihiro NAKAJIMA + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef LAFE_PASSPHRASE_H +#define LAFE_PASSPHRASE_H + +char *lafe_readpassphrase(const char *prompt, char *buf, size_t bufsiz); + +#endif diff --git a/tar/CMakeLists.txt b/tar/CMakeLists.txt index 46ce58b02..a449ed405 100644 --- a/tar/CMakeLists.txt +++ b/tar/CMakeLists.txt @@ -20,6 +20,8 @@ IF(ENABLE_TAR) ../libarchive_fe/lafe_platform.h ../libarchive_fe/line_reader.c ../libarchive_fe/line_reader.h + ../libarchive_fe/passphrase.c + ../libarchive_fe/passphrase.h ) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/../libarchive_fe) IF(WIN32 AND NOT CYGWIN) diff --git a/tar/bsdtar.c b/tar/bsdtar.c index 68c36579c..4b4a5824b 100644 --- a/tar/bsdtar.c +++ b/tar/bsdtar.c @@ -805,6 +805,7 @@ main(int argc, char **argv) cleanup_substitution(bsdtar); #endif cset_free(bsdtar->cset); + passphrase_free(bsdtar->ppbuff); if (bsdtar->return_value != 0) lafe_warnc(0, diff --git a/tar/bsdtar.h b/tar/bsdtar.h index 43893ca21..4050a81a7 100644 --- a/tar/bsdtar.h +++ b/tar/bsdtar.h @@ -111,6 +111,7 @@ struct bsdtar { struct name_cache *uname_cache; /* for write.c */ struct siginfo_data *siginfo; /* for siginfo.c */ struct substitution *substitution; /* for subst.c */ + char *ppbuff; /* for util.c */ }; /* Fake short equivalents for long options that otherwise lack them. */ @@ -196,3 +197,5 @@ void cset_set_format(struct creation_set *, const char *); int cset_write_add_filters(struct creation_set *, struct archive *, const void **); +const char * passphrase_callback(struct archive *, void *); +void passphrase_free(char *); diff --git a/tar/read.c b/tar/read.c index 9ae33a645..1085771d4 100644 --- a/tar/read.c +++ b/tar/read.c @@ -210,6 +210,7 @@ read_archive(struct bsdtar *bsdtar, char mode, struct archive *writer) bsdtar->passphrase) != ARCHIVE_OK) lafe_errc(1, 0, "%s", archive_error_string(a)); } + archive_read_set_passphrase_callback(a, bsdtar, &passphrase_callback); if (archive_read_open_filename(a, bsdtar->filename, bsdtar->bytes_per_block)) lafe_errc(1, 0, "Error opening archive: %s", diff --git a/tar/util.c b/tar/util.c index b1b9b93d0..45a912a89 100644 --- a/tar/util.c +++ b/tar/util.c @@ -61,6 +61,7 @@ __FBSDID("$FreeBSD: src/usr.bin/tar/util.c,v 1.23 2008/12/15 06:00:25 kientzle E #include "bsdtar.h" #include "err.h" +#include "passphrase.h" static size_t bsdtar_expand_char(char *, size_t, char); static const char *strip_components(const char *path, int elements); @@ -581,3 +582,28 @@ pathcmp(const char *a, const char *b) /* They're really different, return the correct sign. */ return (*(const unsigned char *)a - *(const unsigned char *)b); } + +#define PPBUFF_SIZE 1024 +const char * +passphrase_callback(struct archive *a, void *_client_data) +{ + struct bsdtar *bsdtar = (struct bsdtar *)_client_data; + (void)a; /* UNUSED */ + + if (bsdtar->ppbuff == NULL) { + bsdtar->ppbuff = malloc(PPBUFF_SIZE); + if (bsdtar->ppbuff == NULL) + lafe_errc(1, errno, "Out of memory"); + } + return lafe_readpassphrase("Enter passphrase:", + bsdtar->ppbuff, PPBUFF_SIZE); +} + +void +passphrase_free(char *ppbuff) +{ + if (ppbuff != NULL) { + memset(ppbuff, 0, PPBUFF_SIZE); + free(ppbuff); + } +} diff --git a/tar/write.c b/tar/write.c index dd326bd70..606ec9410 100644 --- a/tar/write.c +++ b/tar/write.c @@ -241,6 +241,7 @@ tar_mode_c(struct bsdtar *bsdtar) bsdtar->passphrase) != ARCHIVE_OK) lafe_errc(1, 0, "%s", archive_error_string(a)); } + archive_write_set_passphrase_callback(a, bsdtar, &passphrase_callback); if (ARCHIVE_OK != archive_write_open_filename(a, bsdtar->filename)) lafe_errc(1, 0, "%s", archive_error_string(a)); write_archive(a, bsdtar); @@ -659,6 +660,7 @@ append_archive_filename(struct bsdtar *bsdtar, struct archive *a, bsdtar->passphrase) != ARCHIVE_OK) lafe_errc(1, 0, "%s", archive_error_string(a)); } + archive_read_set_passphrase_callback(ina, bsdtar, &passphrase_callback); if (archive_read_open_filename(ina, filename, bsdtar->bytes_per_block)) { lafe_warnc(0, "%s", archive_error_string(ina)); -- 2.47.2