sulogin: allow system maintenance login if root password is empty

The current password checking is unable to distinguish between the user
entering an empty password or pressing Control-D. As a result, an empty
password always results in normal startup.

We modify bb_ask to return NULL if Control-D is pressed without entering
a password. The sulogin applet is then modified to only proceed to
normal startup if bb_ask returns NULL. This covers EOF with no password,
interrupt by timeout and ^C.

Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

libbb/bb_askpass.c

@@ -65,7 +65,9 @@ char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt)
 	i = 0;
 	while (1) {
 		int r = read(fd, &ret[i], 1);
-		if (r < 0) {
+		if ((i == 0 && r == 0) /* EOF (^D) with no password */
+		 || r < 0
+		) {
 			/* read is interrupted by timeout or ^C */
 			ret = NULL;
 			break;

loginutils/sulogin.c

@@ -83,8 +83,8 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
 		cp = bb_ask(STDIN_FILENO, timeout,
 				"Give root password for system maintenance\n"
 				"(or type Control-D for normal startup):");
-
-		if (!cp || !*cp) {
+		if (!cp) {
+			/* ^D, ^C, timeout, or read error */
 			bb_info_msg("Normal startup");
 			return 0;
 		}