2020-11-09 07:23:58 +03:00
/* SPDX-License-Identifier: LGPL-2.1-or-later */
2010-09-17 03:26:29 +04:00
# include <errno.h>
# include <getopt.h>
2010-10-07 04:34:17 +04:00
# include <stddef.h>
2015-10-06 17:27:24 +03:00
# include <unistd.h>
2010-09-17 03:26:29 +04:00
2015-10-06 17:27:24 +03:00
# include "ask-password-api.h"
# include "def.h"
2010-09-17 03:26:29 +04:00
# include "log.h"
# include "macro.h"
2018-11-20 09:14:16 +03:00
# include "main-func.h"
2021-05-26 23:38:30 +03:00
# include "parse-argument.h"
2018-11-20 17:42:57 +03:00
# include "pretty-print.h"
2011-02-23 03:12:07 +03:00
# include "strv.h"
2021-03-11 22:17:10 +03:00
# include "terminal-util.h"
2010-09-17 03:26:29 +04:00
static const char * arg_icon = NULL ;
2021-03-11 22:17:10 +03:00
static const char * arg_id = NULL ; /* identifier for 'ask-password' protocol */
static const char * arg_key_name = NULL ; /* name in kernel keyring */
static const char * arg_credential_name = NULL ; /* name in $CREDENTIALS_DIRECTORY directory */
2015-10-07 12:26:10 +03:00
static char * arg_message = NULL ;
2011-04-14 04:30:43 +04:00
static usec_t arg_timeout = DEFAULT_TIMEOUT_USEC ;
2011-02-23 03:12:07 +03:00
static bool arg_multiple = false ;
2016-02-29 23:04:02 +03:00
static bool arg_no_output = false ;
2015-10-07 12:26:10 +03:00
static AskPasswordFlags arg_flags = ASK_PASSWORD_PUSH_CACHE ;
2021-06-23 14:45:31 +03:00
static bool arg_newline = true ;
2010-09-17 03:26:29 +04:00
2018-11-20 09:14:16 +03:00
STATIC_DESTRUCTOR_REGISTER ( arg_message , freep ) ;
2018-08-09 11:32:31 +03:00
static int help ( void ) {
_cleanup_free_ char * link = NULL ;
int r ;
r = terminal_urlify_man ( " systemd-ask-password " , " 1 " , & link ) ;
if ( r < 0 )
return log_oom ( ) ;
2021-03-11 22:17:10 +03:00
printf ( " %1$s [OPTIONS...] MESSAGE \n \n "
" %3$sQuery the user for a system passphrase, via the TTY or an UI agent.%4$s \n \n "
2015-10-07 12:26:10 +03:00
" -h --help Show this help \n "
" --icon=NAME Icon name \n "
" --id=ID Query identifier (e.g. \" cryptsetup:/dev/sda5 \" ) \n "
" --keyname=NAME Kernel key name for caching passwords (e.g. \" cryptsetup \" ) \n "
2021-03-11 22:17:10 +03:00
" --credential=NAME \n "
" Credential name for LoadCredential=/SetCredential= \n "
" credentials \n "
2015-10-07 12:26:10 +03:00
" --timeout=SEC Timeout in seconds \n "
2021-06-03 11:41:05 +03:00
" --echo=yes|no|masked \n "
" Control whether to show password while typing (echo) \n "
" -e --echo Equivalent to --echo=yes \n "
2021-05-26 23:38:30 +03:00
" --emoji=yes|no|auto \n "
" Show a lock and key emoji \n "
2015-10-07 12:26:10 +03:00
" --no-tty Ask question via agent even on TTY \n "
" --accept-cached Accept cached passwords \n "
" --multiple List multiple passwords if available \n "
2016-02-29 23:04:02 +03:00
" --no-output Do not print password to standard output \n "
2021-06-23 14:45:31 +03:00
" -n Do not suffix password written to standard output with \n "
" newline \n "
2021-03-11 22:17:10 +03:00
" \n See the %2$s for details. \n " ,
2021-01-30 17:13:04 +03:00
program_invocation_short_name ,
2021-03-11 22:17:10 +03:00
link ,
ansi_highlight ( ) ,
ansi_normal ( ) ) ;
2018-08-09 11:32:31 +03:00
return 0 ;
2010-09-17 03:26:29 +04:00
}
static int parse_argv ( int argc , char * argv [ ] ) {
enum {
ARG_ICON = 0x100 ,
2010-09-17 04:10:08 +04:00
ARG_TIMEOUT ,
2021-05-26 23:38:30 +03:00
ARG_EMOJI ,
2011-02-23 03:12:07 +03:00
ARG_NO_TTY ,
ARG_ACCEPT_CACHED ,
2014-03-25 14:05:23 +04:00
ARG_MULTIPLE ,
2015-10-07 12:26:10 +03:00
ARG_ID ,
ARG_KEYNAME ,
2016-02-29 23:04:02 +03:00
ARG_NO_OUTPUT ,
2018-08-09 11:32:31 +03:00
ARG_VERSION ,
2021-03-11 22:17:10 +03:00
ARG_CREDENTIAL ,
2010-09-17 03:26:29 +04:00
} ;
static const struct option options [ ] = {
2011-02-23 03:12:07 +03:00
{ " help " , no_argument , NULL , ' h ' } ,
2018-08-09 11:32:31 +03:00
{ " version " , no_argument , NULL , ARG_VERSION } ,
2011-02-23 03:12:07 +03:00
{ " icon " , required_argument , NULL , ARG_ICON } ,
{ " timeout " , required_argument , NULL , ARG_TIMEOUT } ,
2021-06-03 11:41:05 +03:00
{ " echo " , optional_argument , NULL , ' e ' } ,
2021-05-26 23:38:30 +03:00
{ " emoji " , required_argument , NULL , ARG_EMOJI } ,
2011-02-23 03:12:07 +03:00
{ " no-tty " , no_argument , NULL , ARG_NO_TTY } ,
{ " accept-cached " , no_argument , NULL , ARG_ACCEPT_CACHED } ,
{ " multiple " , no_argument , NULL , ARG_MULTIPLE } ,
2014-03-25 14:05:23 +04:00
{ " id " , required_argument , NULL , ARG_ID } ,
2015-10-07 12:26:10 +03:00
{ " keyname " , required_argument , NULL , ARG_KEYNAME } ,
2016-02-29 23:04:02 +03:00
{ " no-output " , no_argument , NULL , ARG_NO_OUTPUT } ,
2021-03-11 22:17:10 +03:00
{ " credential " , required_argument , NULL , ARG_CREDENTIAL } ,
2013-11-06 21:28:39 +04:00
{ }
2010-09-17 03:26:29 +04:00
} ;
2021-05-26 23:38:30 +03:00
const char * emoji = NULL ;
2021-06-03 11:41:05 +03:00
int c , r ;
2010-09-17 03:26:29 +04:00
assert ( argc > = 0 ) ;
assert ( argv ) ;
2021-06-03 11:41:05 +03:00
/* Note the asymmetry: the long option --echo= allows an optional argument, the short option does
* not . */
2021-06-23 14:45:31 +03:00
while ( ( c = getopt_long ( argc , argv , " +hen " , options , NULL ) ) > = 0 )
2010-09-17 03:26:29 +04:00
switch ( c ) {
case ' h ' :
2018-08-09 11:32:31 +03:00
return help ( ) ;
case ARG_VERSION :
return version ( ) ;
2010-09-17 03:26:29 +04:00
case ARG_ICON :
arg_icon = optarg ;
break ;
case ARG_TIMEOUT :
2021-06-03 11:41:05 +03:00
r = parse_sec ( optarg , & arg_timeout ) ;
if ( r < 0 )
return log_error_errno ( r , " Failed to parse --timeout= parameter: %s " , optarg ) ;
2010-09-17 03:26:29 +04:00
break ;
2021-06-03 11:41:05 +03:00
case ' e ' :
if ( ! optarg ) {
/* Short option -e is used, or no argument to long option --echo= */
arg_flags | = ASK_PASSWORD_ECHO ;
arg_flags & = ~ ASK_PASSWORD_SILENT ;
} else if ( isempty ( optarg ) | | streq ( optarg , " masked " ) )
/* Empty argument or explicit string "masked" for default behaviour. */
arg_flags & = ~ ( ASK_PASSWORD_ECHO | ASK_PASSWORD_SILENT ) ;
else {
bool b ;
r = parse_boolean_argument ( " --echo= " , optarg , & b ) ;
if ( r < 0 )
return r ;
SET_FLAG ( arg_flags , ASK_PASSWORD_ECHO , b ) ;
SET_FLAG ( arg_flags , ASK_PASSWORD_SILENT , ! b ) ;
}
2014-10-03 17:53:45 +04:00
break ;
2021-05-26 23:38:30 +03:00
case ARG_EMOJI :
emoji = optarg ;
break ;
2010-09-17 04:10:08 +04:00
case ARG_NO_TTY :
2015-10-07 12:26:10 +03:00
arg_flags | = ASK_PASSWORD_NO_TTY ;
2010-09-17 04:10:08 +04:00
break ;
2011-02-23 03:12:07 +03:00
case ARG_ACCEPT_CACHED :
2015-10-07 12:26:10 +03:00
arg_flags | = ASK_PASSWORD_ACCEPT_CACHED ;
2011-02-23 03:12:07 +03:00
break ;
case ARG_MULTIPLE :
arg_multiple = true ;
break ;
2014-03-25 14:05:23 +04:00
case ARG_ID :
arg_id = optarg ;
break ;
2015-10-07 12:26:10 +03:00
case ARG_KEYNAME :
2021-03-11 22:17:10 +03:00
arg_key_name = optarg ;
2015-10-07 12:26:10 +03:00
break ;
2016-02-29 23:04:02 +03:00
case ARG_NO_OUTPUT :
arg_no_output = true ;
break ;
2021-03-11 22:17:10 +03:00
case ARG_CREDENTIAL :
arg_credential_name = optarg ;
break ;
2021-06-23 14:45:31 +03:00
case ' n ' :
arg_newline = false ;
break ;
2010-09-17 03:26:29 +04:00
case ' ? ' :
return - EINVAL ;
default :
Drop the text argument from assert_not_reached()
In general we almost never hit those asserts in production code, so users see
them very rarely, if ever. But either way, we just need something that users
can pass to the developers.
We have quite a few of those asserts, and some have fairly nice messages, but
many are like "WTF?" or "???" or "unexpected something". The error that is
printed includes the file location, and function name. In almost all functions
there's at most one assert, so the function name alone is enough to identify
the failure for a developer. So we don't get much extra from the message, and
we might just as well drop them.
Dropping them makes our code a tiny bit smaller, and most importantly, improves
development experience by making it easy to insert such an assert in the code
without thinking how to phrase the argument.
2021-07-27 13:27:28 +03:00
assert_not_reached ( ) ;
2010-09-17 03:26:29 +04:00
}
2021-05-26 23:38:30 +03:00
if ( isempty ( emoji ) | | streq ( emoji , " auto " ) )
SET_FLAG ( arg_flags , ASK_PASSWORD_HIDE_EMOJI , FLAGS_SET ( arg_flags , ASK_PASSWORD_ECHO ) ) ;
else {
bool b ;
r = parse_boolean_argument ( " --emoji= " , emoji , & b ) ;
if ( r < 0 )
return r ;
2021-06-03 11:41:05 +03:00
2021-05-26 23:38:30 +03:00
SET_FLAG ( arg_flags , ASK_PASSWORD_HIDE_EMOJI , ! b ) ;
}
2015-10-07 12:26:10 +03:00
if ( argc > optind ) {
arg_message = strv_join ( argv + optind , " " ) ;
2021-06-03 11:42:55 +03:00
if ( ! arg_message )
return log_oom ( ) ;
} else if ( FLAGS_SET ( arg_flags , ASK_PASSWORD_ECHO ) ) {
/* By default ask_password_auto() will query with the string "Password: ", which is not right
* when full echo is on , since then it ' s unlikely a password . Let ' s hence default to a less
* confusing string in that case . */
arg_message = strdup ( " Input: " ) ;
2015-10-07 12:26:10 +03:00
if ( ! arg_message )
return log_oom ( ) ;
2010-09-17 03:26:29 +04:00
}
2010-09-17 04:10:08 +04:00
return 1 ;
2010-09-17 03:26:29 +04:00
}
2018-11-20 09:14:16 +03:00
static int run ( int argc , char * argv [ ] ) {
2015-10-15 17:02:35 +03:00
_cleanup_strv_free_erase_ char * * l = NULL ;
2011-04-13 23:42:46 +04:00
usec_t timeout ;
2015-10-07 12:26:10 +03:00
char * * p ;
int r ;
2010-09-17 04:10:08 +04:00
2019-04-26 13:28:25 +03:00
log_show_color ( true ) ;
2010-09-17 04:10:08 +04:00
log_parse_environment ( ) ;
log_open ( ) ;
2014-08-02 19:12:21 +04:00
r = parse_argv ( argc , argv ) ;
if ( r < = 0 )
2018-11-20 09:14:16 +03:00
return r ;
2010-09-17 04:10:08 +04:00
2011-04-13 23:42:46 +04:00
if ( arg_timeout > 0 )
2021-03-03 06:56:52 +03:00
timeout = usec_add ( now ( CLOCK_MONOTONIC ) , arg_timeout ) ;
2011-04-13 23:42:46 +04:00
else
timeout = 0 ;
2021-03-11 22:17:10 +03:00
r = ask_password_auto ( arg_message , arg_icon , arg_id , arg_key_name , arg_credential_name ? : " password " , timeout , arg_flags , & l ) ;
2018-11-20 09:14:16 +03:00
if ( r < 0 )
return log_error_errno ( r , " Failed to query password: %m " ) ;
2011-02-23 03:12:07 +03:00
2015-10-07 12:26:10 +03:00
STRV_FOREACH ( p , l ) {
2021-06-23 14:45:31 +03:00
if ( ! arg_no_output ) {
if ( arg_newline )
puts ( * p ) ;
else
fputs ( * p , stdout ) ;
}
fflush ( stdout ) ;
2010-10-25 22:35:17 +04:00
2015-10-07 12:26:10 +03:00
if ( ! arg_multiple )
break ;
2010-11-12 02:39:17 +03:00
}
2010-09-17 04:10:08 +04:00
2018-11-20 09:14:16 +03:00
return 0 ;
2010-09-17 04:10:08 +04:00
}
2018-11-20 09:14:16 +03:00
DEFINE_MAIN_FUNCTION ( run ) ;