Replace the deprecated getpass(3) by our agetpass()

getpass(3) is broken in all implementations; in some, more than others, but somewhat broken in all of them. Check the immediate previous commit, which added the functions, for more details. Check also the Linux man-pages commit that marked it as deprecated, for more details: 7ca189099d73bde954eed2d7fc21732bcc8ddc6b. Link: <https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/commit?id=7ca189099d73bde954eed2d7fc21732bcc8ddc6b> Reported-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-09-27 21:21:35 +02:00 · 2022-09-27 21:21:35 +02:00 · 554f86bafa
commit 554f86bafa
parent 155c9421b9
4 changed files with 21 additions and 18 deletions
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@ -887,24 +887,24 @@ static void change_passwd (struct group *gr)
 	printf (_("Changing the password for group %s\n"), group);

 	for (retries = 0; retries < RETRIES; retries++) {
-		cp = getpass (_("New Password: "));
+		cp = agetpass (_("New Password: "));
 		if (NULL == cp) {
 			exit (1);
 		}

 		STRFCPY (pass, cp);
-		strzero (cp);
-		cp = getpass (_("Re-enter new password: "));
+		erase_pass (cp);
+		cp = agetpass (_("Re-enter new password: "));
 		if (NULL == cp) {
 			exit (1);
 		}

 		if (strcmp (pass, cp) == 0) {
-			strzero (cp);
+			erase_pass (cp);
 			break;
 		}

-		strzero (cp);
+		erase_pass (cp);
 		memzero (pass, sizeof pass);

 		if (retries + 1 < RETRIES) {
--- a/src/newgrp.c
+++ b/src/newgrp.c
@ -158,7 +158,7 @@ static void check_perms (const struct group *grp,
 		 * get the password from her, and set the salt for
 		 * the decryption from the group file.
 		 */
-		cp = getpass (_("Password: "));
+		cp = agetpass (_("Password: "));
 		if (NULL == cp) {
 			goto failure;
 		}
@ -169,7 +169,7 @@ static void check_perms (const struct group *grp,
 		 * must match the previously encrypted value in the file.
 		 */
 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
-		strzero (cp);
+		erase_pass (cp);

 		if (NULL == cpasswd) {
 			fprintf (stderr,
--- a/src/passwd.c
+++ b/src/passwd.c
@ -186,7 +186,7 @@ static int new_password (const struct passwd *pw)
 	char *clear;		/* Pointer to clear text */
 	char *cipher;		/* Pointer to cipher text */
 	const char *salt;	/* Pointer to new salt */
-	char *cp;		/* Pointer to getpass() response */
+	char *cp;		/* Pointer to agetpass() response */
 	char orig[200];		/* Original password */
 	char pass[200];		/* New password */
 	int i;			/* Counter for retries */
@ -204,7 +204,7 @@ static int new_password (const struct passwd *pw)
 	 */

 	if (!amroot && ('\0' != crypt_passwd[0])) {
-		clear = getpass (_("Old password: "));
+		clear = agetpass (_("Old password: "));
 		if (NULL == clear) {
 			return -1;
 		}
@ -212,7 +212,7 @@ static int new_password (const struct passwd *pw)
 		cipher = pw_encrypt (clear, crypt_passwd);

 		if (NULL == cipher) {
-			strzero (clear);
+			erase_pass (clear);
 			fprintf (stderr,
 			         _("%s: failed to crypt password with previous salt: %s\n"),
 			         Prog, strerror (errno));
@ -223,7 +223,7 @@ static int new_password (const struct passwd *pw)
 		}

 		if (strcmp (cipher, crypt_passwd) != 0) {
-			strzero (clear);
+			erase_pass (clear);
 			strzero (cipher);
 			SYSLOG ((LOG_WARN, "incorrect password for %s",
 			         pw->pw_name));
@ -234,7 +234,7 @@ static int new_password (const struct passwd *pw)
 			return -1;
 		}
 		STRFCPY (orig, clear);
-		strzero (clear);
+		erase_pass (clear);
 		strzero (cipher);
 	} else {
 		orig[0] = '\0';
@ -286,7 +286,7 @@ static int new_password (const struct passwd *pw)

 	warned = false;
 	for (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i--) {
-		cp = getpass (_("New password: "));
+		cp = agetpass (_("New password: "));
 		if (NULL == cp) {
 			memzero (orig, sizeof orig);
 			memzero (pass, sizeof pass);
@ -296,7 +296,7 @@ static int new_password (const struct passwd *pw)
 			warned = false;
 		}
 		STRFCPY (pass, cp);
-		strzero (cp);
+		erase_pass (cp);

 		if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
 			(void) puts (_("Try again."));
@ -314,16 +314,17 @@ static int new_password (const struct passwd *pw)
 			warned = true;
 			continue;
 		}
-		cp = getpass (_("Re-enter new password: "));
+		cp = agetpass (_("Re-enter new password: "));
 		if (NULL == cp) {
 			memzero (orig, sizeof orig);
 			memzero (pass, sizeof pass);
 			return -1;
 		}
 		if (strcmp (cp, pass) != 0) {
+			erase_pass (cp);
 			(void) fputs (_("They don't match; try again.\n"), stderr);
 		} else {
-			strzero (cp);
+			erase_pass (cp);
 			break;
 		}
 	}
--- a/src/sulogin.c
+++ b/src/sulogin.c
@ -182,7 +182,7 @@ static void catch_signals (unused int sig)
 		 */

 		/* get a password for root */
-		cp = getpass (_(
+		cp = agetpass (_(
 "\n"
 "Type control-d to proceed with normal startup,\n"
 "(or give root password for system maintenance):"));
@ -193,6 +193,7 @@ static void catch_signals (unused int sig)
 		 * --marekm
 		 */
 		if ((NULL == cp) || ('\0' == *cp)) {
+			erase_pass (cp);
 #ifdef	USE_SYSLOG
 			SYSLOG (LOG_INFO, "Normal startup\n");
 			closelog ();
@ -204,7 +205,8 @@ static void catch_signals (unused int sig)
 			exit (0);
 		}
 		STRFCPY (pass, cp);
-		strzero (cp);
+		erase_pass (cp);
+
 		if (valid (pass, &pwent)) {	/* check encrypted passwords ... */
 			break;	/* ... encrypted passwords matched */
 		}