timeout = arg_timeout > 0 ? usec_add(now(CLOCK_MONOTONIC), arg_timeout) : 0;
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = arg_message,
.icon = arg_icon,
.id = arg_id,
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "bootctl-private-key-pin",
.keyring = arg_private_key,
.credential = "bootctl.private-key-pin",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = question,
.icon = "drive-harddisk",
.id = id,
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.icon = "drive-harddisk",
.id = id,
.keyring = "cryptenroll",
SYNTHETIC_ERRNO(ENOKEY), "Too many attempts, giving up.");
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Please enter TPM2 PIN:",
.icon = "drive-harddisk",
.keyring = "tpm2-pin",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = text,
.icon = "drive-harddisk",
.id = id,
pins = strv_free_erase(pins);
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = message,
.icon = "drive-harddisk",
.keyring = keyring,
_cleanup_free_ char *error = NULL;
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = msg1,
};
- r = ask_password_tty(-EBADF, &req, /* until= */ 0, /* flags= */ 0, &a);
+ r = ask_password_tty(&req, /* until= */ 0, /* flags= */ 0, &a);
if (r < 0)
return log_error_errno(r, "Failed to query root password: %m");
if (strv_length(a) != 1)
req.message = msg2;
- r = ask_password_tty(-EBADF, &req, /* until= */ 0, /* flags= */ 0, &b);
+ r = ask_password_tty(&req, /* until= */ 0, /* flags= */ 0, &b);
if (r < 0)
return log_error_errno(r, "Failed to query root password: %m");
if (strv_length(b) != 1)
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = question,
.icon = "user-home",
.keyring = "home-password",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = question,
.icon = "user-home",
.keyring = "home-recovery-key",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = question,
.icon = "user-home",
.keyring = "token-pin",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = question,
.icon = "user-home",
.keyring = "home-password",
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "keyutil-private-key-pin",
.keyring = arg_private_key,
.credential = "keyutil.private-key-pin",
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "keyutil-private-key-pin",
.keyring = arg_private_key,
.credential = "keyutil.private-key-pin",
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "measure-private-key-pin",
.keyring = arg_private_key,
.credential = "measure.private-key-pin",
_cleanup_(strv_free_erasep) char **l = NULL;
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Recovery PIN",
.id = "pcrlock-recovery-pin",
.credential = "pcrlock.recovery-pin",
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "repart-private-key-pin",
.keyring = arg_private_key,
.credential = "repart.private-key-pin",
arg_private_key_source,
arg_private_key,
&(AskPasswordRequest) {
+ .tty_fd = -EBADF,
.id = "sbsign-private-key-pin",
.keyring = arg_private_key,
.credential = "sbsign.private-key-pin",
#define SKIPPED "(skipped)"
int ask_password_tty(
- int ttyfd,
const AskPasswordRequest *req,
usec_t until,
AskPasswordFlags flags,
CLEANUP_ERASE(passphrase);
/* If the caller didn't specify a TTY, then use the controlling tty, if we can. */
- if (ttyfd < 0)
+ int ttyfd;
+ if (req->tty_fd < 0)
ttyfd = cttyfd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC);
+ else
+ ttyfd = req->tty_fd;
if (ttyfd >= 0) {
if (tcgetattr(ttyfd, &old_termios) < 0)
}
if (!FLAGS_SET(flags, ASK_PASSWORD_NO_TTY) && isatty_safe(STDIN_FILENO))
- return ask_password_tty(-EBADF, req, until, flags, ret);
+ return ask_password_tty(req, until, flags, ret);
if (!FLAGS_SET(flags, ASK_PASSWORD_NO_AGENT))
return ask_password_agent(req, until, flags, ret);
const char *id; /* some identifier used for this prompt for the "ask-password" protocol */
const char *credential; /* $CREDENTIALS_DIRECTORY credential name */
const char *flag_file; /* Once this flag file disappears abort the query */
+ int tty_fd; /* If querying on a TTY, the TTY to query on (or -EBADF) */
} AskPasswordRequest;
-int ask_password_tty(int tty_fd, const AskPasswordRequest *req, usec_t until, AskPasswordFlags flags, char ***ret);
+int ask_password_tty(const AskPasswordRequest *req, usec_t until, AskPasswordFlags flags, char ***ret);
int ask_password_plymouth(const AskPasswordRequest *req, usec_t until, AskPasswordFlags flags, char ***ret);
int ask_password_agent(const AskPasswordRequest *req, usec_t until, AskPasswordFlags flag, char ***ret);
int ask_password_auto(const AskPasswordRequest *req, usec_t until, AskPasswordFlags flag, char ***ret);
return log_error_errno(SYNTHETIC_ERRNO(ENOPKG), "PIN querying disabled via 'headless' option. Use the '$PIN' environment variable.");
static const AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Please enter security token PIN:",
.icon = "drive-harddisk",
.keyring = "fido2-pin",
"Use the '$PIN' environment variable.");
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Please enter TPM2 PIN:",
.icon = "drive-harddisk",
.keyring = "tpm2-pin",
z = strv_free_erase(z);
static const AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Please enter image passphrase:",
.id = "dissect",
.keyring = "dissect",
for (;;) {
_cleanup_strv_free_erase_ char **pin = NULL;
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "Please enter security token PIN:",
.icon = askpw_icon,
.keyring = "fido2-pin",
return log_oom();
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = text,
.icon = askpw_icon,
.id = id,
int r;
static const AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = "hello?",
.keyring = "da key",
};
- r = ask_password_tty(-EBADF, &req, /* until= */ 0, /* flags= */ ASK_PASSWORD_CONSOLE_COLOR, &ret);
+ r = ask_password_tty(&req, /* until= */ 0, /* flags= */ ASK_PASSWORD_CONSOLE_COLOR, &ret);
if (r == -ECANCELED)
ASSERT_NULL(ret);
else {
}
AskPasswordRequest req = {
+ .tty_fd = tty_fd,
.message = message,
.flag_file = flag_file,
};
- r = ask_password_tty(tty_fd, &req, until, flags, ret);
+ r = ask_password_tty(&req, until, flags, ret);
if (arg_console) {
assert(tty_fd >= 0);
} else {
if (arg_plymouth) {
AskPasswordRequest req = {
+ .tty_fd = -EBADF,
.message = message,
.flag_file = filename,
};
projects / thirdparty / systemd.git / commitdiff
