+++ /dev/null
-/* -*-c-*-
- *
- * $Id$
- *
- * Reading of passphrases (Unix-specific)
- *
- * (c) 1999 Straylight/Edgeware
- */
-
-/*----- Licensing notice --------------------------------------------------*
- *
- * This file is part of Catacomb.
- *
- * Catacomb is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Library General Public License as
- * published by the Free Software Foundation; either version 2 of the
- * License, or (at your option) any later version.
- *
- * Catacomb is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Library General Public License for more details.
- *
- * You should have received a copy of the GNU Library General Public
- * License along with Catacomb; if not, write to the Free
- * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-/*----- Header files ------------------------------------------------------*/
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <unistd.h>
-
-#include <mLib/dstr.h>
-
-#include "passphrase.h"
-#include "pixie.h"
-
-/*----- Static variables --------------------------------------------------*/
-
-static int fd = -1;
-static unsigned flags = 0;
-
-#define f_fail 1u
-
-/*----- Main code ---------------------------------------------------------*/
-
-/* --- @passphrase_connect@ ---
- *
- * Arguments: @const char *sock@ = socket name to connect to, or null for
- * default
- *
- * Returns: Zero if OK, nonzero if it failed
- *
- * Use: Attempts to connect to the passphrase pixie.
- */
-
-int passphrase_connect(const char *sock)
-{
- if (fd != -1)
- close(fd);
- if ((fd = pixie_open(sock)) < 0) {
- flags |= f_fail;
- return (-1);
- }
- flags &= ~f_fail;
- return (0);
-}
-
-static int pconn(void)
-{
- if (fd != -1)
- return (0);
- if (flags & f_fail)
- return (-1);
- return (passphrase_connect(0));
-}
-
-/* --- @passphrase_read@ --- *
- *
- * Arguments: @const char *tag@ = pointer to passphrase tag string
- * @unsigned mode@ = reading mode
- * @char *buf@ = pointer to destination buffer
- * @size_t sz@ = size of destination buffer
- *
- * Returns: Zero if successful, nonzero on failure.
- *
- * Use: Reads a passphrase from the user, using some system-specific
- * secure mechanism. The mechanism may keep a cache of
- * passphrases, so the user may not necessarily be prompted.
- */
-
-int passphrase_read(const char *tag, unsigned mode, char *buf, size_t sz)
-{
- dstr d = DSTR_INIT;
- int rc = 1;
-
- /* --- Try talking to the pixie --- */
-
- if (!pconn()) {
- rc = pixie_read(fd, tag, mode, buf, sz);
- if (rc < 0) {
- close(fd);
- fd = -1;
- return (-1);
- }
- if (rc == 0)
- return (0);
- }
-
- /* --- Read from the terminal --- */
-
- dstr_putf(&d, "%s %s: ",
- mode == PMODE_READ ? "Passphrase" : "New passphrase",
- tag);
- if (pixie_getpass(d.buf, buf, sz))
- goto fail;
- if (mode == PMODE_VERIFY) {
- char b[1024];
- DRESET(&d);
- dstr_putf(&d, "Verify passphrase %s: ", tag);
- if (pixie_getpass(d.buf, b, sizeof(b)) || strcmp(b, buf) != 0) {
- memset(b, 0, sizeof(b));
- goto fail;
- }
- }
- dstr_destroy(&d);
-
- /* --- If the pixie is interested, tell it the new passphrase --- */
-
- if (fd >= 0)
- pixie_set(fd, tag, buf);
- return (0);
-
- /* --- Tidy up after a failure --- */
-
-fail:
- dstr_destroy(&d);
- memset(buf, 0, sz);
- return (-1);
-}
-
-/* --- @passphrase_cancel@ --- *
- *
- * Arguments: @const char *tag@ = pointer to passphrase tag string
- *
- * Returns: ---
- *
- * Use: Attempts to make the passphrase cache forget about a
- * particular passphrase. This may be useful if the passphrase
- * turns out to be wrong, or if the user is attempting to change
- * the passphrase.
- */
-
-void passphrase_cancel(const char *tag)
-{
- if (!pconn())
- pixie_cancel(fd, tag);
-}
-
-/*----- That's all, folks -------------------------------------------------*/