4b251f3ce1
This allows cleanups to happen in the caller, like removing the control socket. Fixes https://github.com/rfjakob/gocryptfs/issues/634
161 lines
4.0 KiB
Go
161 lines
4.0 KiB
Go
// Package readpassword reads a password from the terminal of from stdin.
|
|
package readpassword
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
"io"
|
|
"os"
|
|
"os/exec"
|
|
"strings"
|
|
|
|
"golang.org/x/crypto/ssh/terminal"
|
|
|
|
"github.com/rfjakob/gocryptfs/v2/internal/tlog"
|
|
)
|
|
|
|
const (
|
|
// 2kB limit like EncFS
|
|
maxPasswordLen = 2048
|
|
)
|
|
|
|
// Once tries to get a password from the user, either from the terminal, extpass, passfile
|
|
// or stdin. Leave "prompt" empty to use the default "Password: " prompt.
|
|
func Once(extpass []string, passfile []string, prompt string) ([]byte, error) {
|
|
if len(passfile) != 0 {
|
|
return readPassFileConcatenate(passfile)
|
|
}
|
|
if len(extpass) != 0 {
|
|
return readPasswordExtpass(extpass)
|
|
}
|
|
if prompt == "" {
|
|
prompt = "Password"
|
|
}
|
|
if !terminal.IsTerminal(int(os.Stdin.Fd())) {
|
|
return readPasswordStdin(prompt)
|
|
}
|
|
return readPasswordTerminal(prompt + ": ")
|
|
}
|
|
|
|
// Twice is the same as Once but will prompt twice if we get the password from
|
|
// the terminal.
|
|
func Twice(extpass []string, passfile []string) ([]byte, error) {
|
|
if len(passfile) != 0 {
|
|
return readPassFileConcatenate(passfile)
|
|
}
|
|
if len(extpass) != 0 {
|
|
return readPasswordExtpass(extpass)
|
|
}
|
|
if !terminal.IsTerminal(int(os.Stdin.Fd())) {
|
|
return readPasswordStdin("Password")
|
|
}
|
|
p1, err := readPasswordTerminal("Password: ")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
p2, err := readPasswordTerminal("Repeat: ")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if !bytes.Equal(p1, p2) {
|
|
return nil, fmt.Errorf("Passwords do not match")
|
|
}
|
|
// Wipe the password duplicate from memory
|
|
for i := range p2 {
|
|
p2[i] = 0
|
|
}
|
|
return p1, nil
|
|
}
|
|
|
|
// readPasswordTerminal reads a line from the terminal.
|
|
// Exits on read error or empty result.
|
|
func readPasswordTerminal(prompt string) ([]byte, error) {
|
|
fd := int(os.Stdin.Fd())
|
|
fmt.Fprintf(os.Stderr, prompt)
|
|
// terminal.ReadPassword removes the trailing newline
|
|
p, err := terminal.ReadPassword(fd)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("Could not read password from terminal: %v\n", err)
|
|
}
|
|
fmt.Fprintf(os.Stderr, "\n")
|
|
if len(p) == 0 {
|
|
return nil, fmt.Errorf("Password is empty")
|
|
}
|
|
return p, nil
|
|
}
|
|
|
|
// readPasswordStdin reads a line from stdin.
|
|
// It exits with a fatal error on read error or empty result.
|
|
func readPasswordStdin(prompt string) ([]byte, error) {
|
|
tlog.Info.Printf("Reading %s from stdin", prompt)
|
|
p, err := readLineUnbuffered(os.Stdin)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(p) == 0 {
|
|
return nil, fmt.Errorf("Got empty %s from stdin", prompt)
|
|
}
|
|
return p, nil
|
|
}
|
|
|
|
// readPasswordExtpass executes the "extpass" program and returns the first line
|
|
// of the output.
|
|
// Exits on read error or empty result.
|
|
func readPasswordExtpass(extpass []string) ([]byte, error) {
|
|
var parts []string
|
|
if len(extpass) == 1 {
|
|
parts = strings.Split(extpass[0], " ")
|
|
} else {
|
|
parts = extpass
|
|
}
|
|
tlog.Info.Printf("Reading password from extpass program %q, arguments: %q\n", parts[0], parts[1:])
|
|
cmd := exec.Command(parts[0], parts[1:]...)
|
|
cmd.Stderr = os.Stderr
|
|
pipe, err := cmd.StdoutPipe()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("extpass pipe setup failed: %v", err)
|
|
}
|
|
err = cmd.Start()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("extpass cmd start failed: %v", err)
|
|
}
|
|
p, err := readLineUnbuffered(pipe)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
pipe.Close()
|
|
err = cmd.Wait()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("extpass program returned an error: %v", err)
|
|
}
|
|
if len(p) == 0 {
|
|
return nil, fmt.Errorf("extpass: password is empty")
|
|
}
|
|
return p, nil
|
|
}
|
|
|
|
// readLineUnbuffered reads single bytes from "r" util it gets "\n" or EOF.
|
|
// The returned string does NOT contain the trailing "\n".
|
|
func readLineUnbuffered(r io.Reader) (l []byte, err error) {
|
|
b := make([]byte, 1)
|
|
for {
|
|
if len(l) > maxPasswordLen {
|
|
return nil, fmt.Errorf("fatal: maximum password length of %d bytes exceeded", maxPasswordLen)
|
|
}
|
|
n, err := r.Read(b)
|
|
if err == io.EOF {
|
|
return l, nil
|
|
}
|
|
if err != nil {
|
|
return nil, fmt.Errorf("readLineUnbuffered: %v", err)
|
|
}
|
|
if n == 0 {
|
|
continue
|
|
}
|
|
if b[0] == '\n' {
|
|
return l, nil
|
|
}
|
|
l = append(l, b...)
|
|
}
|
|
}
|