From ff4ae8633e0ca7c1e679870600830ee4d9f1cd71 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 21 Sep 2010 08:53:44 +0100 Subject: [PATCH] fish: Add --echo-keys option to allow passphrases/keys to be echoed. See also: http://catless.ncl.ac.uk/Risks/26.17.html#subj13.3 --- fish/fish.c | 23 +++++++++++++++-------- fish/guestfish.pod | 7 +++++++ 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/fish/fish.c b/fish/fish.c index 8851831..9ca57be 100644 --- a/fish/fish.c +++ b/fish/fish.c @@ -97,6 +97,7 @@ int remote_control = 0; int exit_on_error = 1; int command_num = 0; int keys_from_stdin = 0; +int echo_keys = 0; const char *libvirt_uri = NULL; int inspector = 0; int utf8_mode = 0; @@ -132,6 +133,7 @@ usage (int status) " -c|--connect uri Specify libvirt URI for -d option\n" " -d|--domain guest Add disks from libvirt guest\n" " -D|--no-dest-paths Don't tab-complete paths from guest fs\n" + " --echo-keys Don't turn off echo for passphrases\n" " -f|--file file Read commands from file\n" " -i|--inspector Automatically mount filesystems\n" " --keys-from-stdin Read passphrases from stdin\n" @@ -177,6 +179,7 @@ main (int argc, char *argv[]) { "cmd-help", 2, 0, 'h' }, { "connect", 1, 0, 'c' }, { "domain", 1, 0, 'd' }, + { "echo-keys", 0, 0, 0 }, { "file", 1, 0, 'f' }, { "help", 0, 0, HELP_OPTION }, { "inspector", 0, 0, 'i' }, @@ -277,6 +280,8 @@ main (int argc, char *argv[]) override_progress_bars = 1; } else if (STREQ (long_options[option_index].name, "no-progress-bars")) { override_progress_bars = 0; + } else if (STREQ (long_options[option_index].name, "echo-keys")) { + echo_keys = 1; } else { fprintf (stderr, _("%s: unknown long option: %s (%d)\n"), program_name, long_options[option_index].name, option_index); @@ -1638,15 +1643,17 @@ read_key (const char *param) if (tty) { fprintf (outfp, _("Enter key or passphrase (\"%s\"): "), param); - if (tcgetattr (fileno (infp), &orig) == -1) { - perror ("tcgetattr"); - goto error; - } - memcpy (&temp, &orig, sizeof temp); - temp.c_lflag &= ~ECHO; + if (!echo_keys) { + if (tcgetattr (fileno (infp), &orig) == -1) { + perror ("tcgetattr"); + goto error; + } + memcpy (&temp, &orig, sizeof temp); + temp.c_lflag &= ~ECHO; - tcsetattr (fileno (infp), TCSAFLUSH, &temp); - tcset = 1; + tcsetattr (fileno (infp), TCSAFLUSH, &temp); + tcset = 1; + } } size_t n = 0; diff --git a/fish/guestfish.pod b/fish/guestfish.pod index ed2e798..4e0ff13 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -162,6 +162,13 @@ able to hit the tab key to complete paths on the guest filesystem, but this causes extra "hidden" guestfs calls to be made, so this option is here to allow this feature to be disabled. +=item B<--echo-keys> + +When prompting for keys and passphrases, guestfish normally turns +echoing off so you cannot see what you are typing. If you are not +worried about Tempest attacks and there is no one else in the room +you can specify this flag to see what you are typing. + =item B<-f file> | B<--file file> Read commands from C. To write pure guestfish -- 1.8.3.1