shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-09 01:18:19 +03:00
Code

Merge pull request #34279 from yuwata/ask-password

Browse Source 
ask-password: refuse empty password strv
This commit is contained in:
Lennart Poettering 2024-09-06 13:30:15 +02:00 committed by GitHub
commit b9ea646808
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/home/homectl.c
View File

@ -1244,6 +1244,8 @@ static int acquire_new_password(
if (r < 0)
return log_error_errno(r, "Failed to acquire password: %m");
assert(!strv_isempty(first));
question = mfree(question);
if (asprintf(&question, "Please enter new password for user %s (repeat):", user_name) < 0)
return log_oom();

29
src/shared/ask-password-api.c
View File

@ -168,7 +168,16 @@ static int ask_password_keyring(const AskPasswordRequest *req, AskPasswordFlags
if (r < 0)
return r;
return retrieve_key(serial, ret);
_cleanup_strv_free_erase_ char **l = NULL;
r = retrieve_key(serial, &l);
if (r < 0)
return r;
if (strv_isempty(l))
return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password from keyring.");
*ret = TAKE_PTR(l);
return 0;
}
static int backspace_chars(int ttyfd, size_t p) {
@ -323,8 +332,8 @@ int ask_password_plymouth(
return -ENOENT;
} else if (IN_SET(buffer[0], 2, 9)) {
_cleanup_strv_free_erase_ char **l = NULL;
uint32_t size;
char **l;
/* One or more answers */
if (p < 5)
@ -342,15 +351,16 @@ int ask_password_plymouth(
if (!l)
return -ENOMEM;
*ret = l;
break;
if (strv_isempty(l))
return log_debug_errno(SYNTHETIC_ERRNO(ECANCELED), "Received an empty password.");
*ret = TAKE_PTR(l);
return 0;
} else
/* Unknown packet */
return -EIO;
}
return 0;
}
#define NO_ECHO "(no echo) "
@ -955,8 +965,8 @@ finish:
static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFlags flags, char ***ret) {
_cleanup_(erase_and_freep) char *buffer = NULL;
_cleanup_strv_free_erase_ char **l = NULL;
size_t size;
char **l;
int r;
assert(req);
@ -971,7 +981,10 @@ static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFla
if (!l)
return -ENOMEM;
*ret = l;
if (strv_isempty(l))
return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password in credential.");
*ret = TAKE_PTR(l);
return 0;
}

1
src/shared/dissect-image.c
View File

@ -3079,6 +3079,7 @@ int dissected_image_decrypt_interactively(
if (r < 0)
return log_error_errno(r, "Failed to query for passphrase: %m");
assert(!strv_isempty(z));
passphrase = z[0];
}
}

4
src/tty-ask-password-agent/tty-ask-password-agent.c
View File

@ -263,9 +263,7 @@ static int process_one_password_file(const char *filename) {
return log_error_errno(r, "Failed to query password: %m");
}
if (strv_isempty(passwords))
return -ECANCELED;
assert(!strv_isempty(passwords));
r = send_passwords(socket_name, passwords);
if (r < 0)
return log_error_errno(r, "Failed to send: %m");