Skip Menu |
 

Download (untitled) / with headers
text/plain 3.4KiB
From fcusack@ratbert.iconnet.net Mon Dec 28 13:16:25 1998
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id NAA22212 for <bugs@RT-11.MIT.EDU>; Mon, 28 Dec 1998 13:16:25 -0500
Received: from ratbert.iconnet.net by MIT.EDU with SMTP
id AA08756; Mon, 28 Dec 98 13:16:14 EST
Received: (from fcusack@localhost)
by ratbert.iconnet.net (8.9.1/8.9.1) id NAA25987;
Mon, 28 Dec 1998 13:17:43 -0500 (EST)
Message-Id: <199812281817.NAA25987@ratbert.iconnet.net>
Date: Mon, 28 Dec 1998 13:17:43 -0500 (EST)
From: fcusack@iconnet.net
Reply-To: fcusack@iconnet.net
To: krb5-bugs@MIT.EDU
Cc: fcusack@iconnet.net
Subject: prompter_posix() does not reset terminal on interrupt
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 680
>Category: krb5-libs
>Synopsis: krb5_prompter_posix does not restore terms setting on interrupt
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Dec 28 13:17:00 EST 1998
>Last-Modified:
>Originator: Frank Cusack
>Organization:
Icon CMT Corp.
Show quoted text
>Release: krb5-current-19981119
>Environment:
Unix
System: SunOS ratbert 5.6 Generic_105181-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4

Show quoted text
>Description:
Signal handler used in krb5_prompter_posix() does not restore
terminal echo settings. This will leave the terminal in a
"non-echo" state if user sends an interrupt while the
library is reading a hidden password.
Show quoted text
>How-To-Repeat:
Run kinit (using the new creds API) and type ^C when asked
for the password.
Show quoted text
>Fix:
fd and save_control are declared volatile b/c of setjmp()/longjmp()
semantics.

Index: prompter.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/os/prompter.c,v
retrieving revision 1.3
diff -u -r1.3 prompter.c
--- prompter.c 1998/12/28 17:44:50 1.3
+++ prompter.c 1998/12/28 18:10:57
@@ -38,8 +38,9 @@
krb5_error_code errcode;
int i;
#ifndef ECHO_PASSWORD
- struct termios echo_control, save_control;
- int fd;
+ struct termios echo_control;
+ volatile struct termios save_control;
+ volatile int fd;
#endif

if (name) {
@@ -52,8 +53,23 @@
fputs("\n", stdout);
}

+#ifndef ECHO_PASSWORD
+ fd = fileno(stdin);
+
+ if (isatty(fd) == 1) {
+ if (tcgetattr(fd, &echo_control) == -1)
+ return errno;
+
+ save_control = echo_control;
+ echo_control.c_lflag &= ~(ECHO|ECHONL);
+ }
+#endif /* ECHO_PASSWORD */
+
if (setjmp(pwd_jump)) {
errcode = KRB5_LIBOS_PWDINTR; /* we were interrupted... */
+#ifndef ECHO_PASSWORD
+ (void) tcsetattr(fd, TCSANOW, &save_control);
+#endif /* ECHO_PASSWORD */
goto cleanup;
}
/* save intrfunc */
@@ -62,16 +78,7 @@
for (i=0; i<num_prompts; i++) {
#ifndef ECHO_PASSWORD
if (prompts[i].hidden) {
- /* get the file descriptor associated with stdin */
- fd = fileno(stdin);
-
if (isatty(fd) == 1) {
- if (tcgetattr(fd, &echo_control) == -1)
- return errno;
-
- save_control = echo_control;
- echo_control.c_lflag &= ~(ECHO|ECHONL);
-
if (tcsetattr(fd, TCSANOW, &echo_control) == -1)
return errno;
}
@@ -110,7 +117,7 @@
if ((tcsetattr(fd, TCSANOW, &save_control) == -1) &&
(errcode == 0))
return errno;
-#endif
+#endif /* ECHO_PASSWORD */
}

errcode = 0;
Show quoted text
>Audit-Trail:
>Unformatted:
From: tlyu@mit.edu
Subject: CVS Commit
* prompter.c (krb5_prompter_posix): Rewrite to no longer use
longjmp(), as well as to get a non-buffered stdio stream on stdin
to avoid passwords staying around in stdio buffers. This does
have the side effect of possibly losing pre-buffered input from an
application that reads from stdin using stdio functions prior to
calling the prompter, but hopefully those are rare.


To generate a diff of this commit:



cvs diff -r5.89 -r5.90 krb5/src/lib/krb5/ChangeLog
cvs diff -r1.50 -r1.51 krb5/src/lib/krb5/configure.in
cvs diff -r5.337 -r5.338 krb5/src/lib/krb5/os/ChangeLog
cvs diff -r5.13 -r5.14 krb5/src/lib/krb5/os/prompter.c