Attachment #1390 for bug #1393





#define GRAB_TRIES	16
#define GRAB_WAIT	250 /* milliseconds */
#define OTAC_PWD_LEN	4	/* number of characters in otac passphrase */

/*
 * Compile with:

#include <gtk/gtk.h>
#include <gdk/gdkx.h>

/* generate the one-time agent confirm password and write it to fifo */
static char *
write_otac_to_fifo(char *otac_fifo) 
{
	FILE *out;
	int i,ran,otac_length=OTAC_PWD_LEN;
	char cpool[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
	size_t nchars = sizeof(cpool) - 1;
	char *otac_passphrase;

	/* generate one-time agent confirmation (otac) passphrase */
	otac_passphrase=malloc(otac_length+1);
	if (otac_passphrase == NULL)
		exit(-1);

	for (i=0;i<otac_length;i++) {
		ran = arc4random();
		otac_passphrase[i] = cpool[ran%nchars];
	}
	otac_passphrase[otac_length] = '\0';

	/* write otac password to fifo */
	if ( (out=fopen(otac_fifo,"w")) == NULL) {
		mkfifo(otac_fifo, 0660);
	}
	if ( (out=fopen(otac_fifo,"w")) == NULL)
		exit(-1);
	fflush(out);
	fprintf(out,"One-time agent confirm:     %s\n",otac_passphrase);
	fclose(out);

	/* return otac passphrase */
	return(otac_passphrase);
}

static void
report_failed_grab (const char *what)
{

passphrase_dialog(char *message)
{
	const char *failed;
	char *passphrase, *local, *otac_passphrase, *otac_fifo;
	int result, grab_tries, grab_server, grab_pointer;
	GtkWidget *dialog, *entry;
	GdkGrabStatus status;

	/* generate and transmit otac passphrase if env var set */
	otac_fifo = getenv("SSH_OTAC_FIFO");
	if (otac_fifo) 
		otac_passphrase = write_otac_to_fifo(otac_fifo);
	grab_server = (getenv("GNOME_SSH_ASKPASS_GRAB_SERVER") != NULL);
	grab_pointer = (getenv("GNOME_SSH_ASKPASS_GRAB_POINTER") != NULL);
	grab_tries = 0;

	/* Report passphrase if user selected OK */
	passphrase = g_strdup(gtk_entry_get_text(GTK_ENTRY(entry)));
	if (result == GTK_RESPONSE_OK) {
		if (otac_fifo) {
			if (strcmp(otac_passphrase,passphrase) == 0) {
				puts("yes");
			} else {
				puts("no");
			}
			/* Zero otac passphrase in memory */
			memset(otac_passphrase, '\b', strlen(otac_passphrase));
			gtk_entry_set_text(GTK_ENTRY(entry), otac_passphrase);
			memset(otac_passphrase, '\0', strlen(otac_passphrase));
			g_free(otac_passphrase);
		} else {
			local = g_locale_from_utf8(passphrase, strlen(passphrase),
						   NULL, NULL, NULL);
			if (local != NULL) {
				puts(local);
				memset(local, '\0', strlen(local));
				g_free(local);
			} else {
				puts(passphrase);
			}
		}
	}
		

Return to bug 1393

Lines 38-43 Link Here

(-)gnome-ssh-askpass2.c.orig (-8 / +61 lines)
38		38
39	#define GRAB_TRIES 16	39	#define GRAB_TRIES 16
40	#define GRAB_WAIT 250 /* milliseconds */	40	#define GRAB_WAIT 250 /* milliseconds */
		41	#define OTAC_PWD_LEN 4 /* number of characters in otac passphrase */
41		42
42	/*	43	/*
43	* Compile with:	44	* Compile with:
Lines 56-61 Link Here
56	#include <gtk/gtk.h>	57	#include <gtk/gtk.h>
57	#include <gdk/gdkx.h>	58	#include <gdk/gdkx.h>
58		59
		60	/* generate the one-time agent confirm password and write it to fifo */
		61	static char *
		62	write_otac_to_fifo(char *otac_fifo)
		63	{
		64	FILE *out;
		65	int i,ran,otac_length=OTAC_PWD_LEN;
		66	char cpool[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
		67	size_t nchars = sizeof(cpool) - 1;
		68	char *otac_passphrase;
		69
		70	/* generate one-time agent confirmation (otac) passphrase */
		71	otac_passphrase=malloc(otac_length+1);
		72	if (otac_passphrase == NULL)
		73	exit(-1);
		74
		75	for (i=0;i<otac_length;i++) {
		76	ran = arc4random();
		77	otac_passphrase[i] = cpool[ran%nchars];
		78	}
		79	otac_passphrase[otac_length] = '\0';
		80
		81	/* write otac password to fifo */
		82	if ( (out=fopen(otac_fifo,"w")) == NULL) {
		83	mkfifo(otac_fifo, 0660);
		84	}
		85	if ( (out=fopen(otac_fifo,"w")) == NULL)
		86	exit(-1);
		87	fflush(out);
		88	fprintf(out,"One-time agent confirm: %s\n",otac_passphrase);
		89	fclose(out);
		90
		91	/* return otac passphrase */
		92	return(otac_passphrase);
		93	}
		94
59	static void	95	static void
60	report_failed_grab (const char *what)	96	report_failed_grab (const char *what)
61	{	97	{
Lines 87-97 Link Here
87	passphrase_dialog(char *message)	124	passphrase_dialog(char *message)
88	{	125	{
89	const char *failed;	126	const char *failed;
90	char passphrase, local;	127	char passphrase, local, otac_passphrase, otac_fifo;
91	int result, grab_tries, grab_server, grab_pointer;	128	int result, grab_tries, grab_server, grab_pointer;
92	GtkWidget dialog, entry;	129	GtkWidget dialog, entry;
93	GdkGrabStatus status;	130	GdkGrabStatus status;
94		131
		132	/* generate and transmit otac passphrase if env var set */
		133	otac_fifo = getenv("SSH_OTAC_FIFO");
		134	if (otac_fifo)
		135	otac_passphrase = write_otac_to_fifo(otac_fifo);
95	grab_server = (getenv("GNOME_SSH_ASKPASS_GRAB_SERVER") != NULL);	136	grab_server = (getenv("GNOME_SSH_ASKPASS_GRAB_SERVER") != NULL);
96	grab_pointer = (getenv("GNOME_SSH_ASKPASS_GRAB_POINTER") != NULL);	137	grab_pointer = (getenv("GNOME_SSH_ASKPASS_GRAB_POINTER") != NULL);
97	grab_tries = 0;	138	grab_tries = 0;
Lines 163-176 Link Here
163	/* Report passphrase if user selected OK */	204	/* Report passphrase if user selected OK */
164	passphrase = g_strdup(gtk_entry_get_text(GTK_ENTRY(entry)));	205	passphrase = g_strdup(gtk_entry_get_text(GTK_ENTRY(entry)));
165	if (result == GTK_RESPONSE_OK) {	206	if (result == GTK_RESPONSE_OK) {
166	local = g_locale_from_utf8(passphrase, strlen(passphrase),	207	if (otac_fifo) {
167	NULL, NULL, NULL);	208	if (strcmp(otac_passphrase,passphrase) == 0) {
168	if (local != NULL) {	209	puts("yes");
169	puts(local);	210	} else {
170	memset(local, '\0', strlen(local));	211	puts("no");
171	g_free(local);	212	}
		213	/* Zero otac passphrase in memory */
		214	memset(otac_passphrase, '\b', strlen(otac_passphrase));
		215	gtk_entry_set_text(GTK_ENTRY(entry), otac_passphrase);
		216	memset(otac_passphrase, '\0', strlen(otac_passphrase));
		217	g_free(otac_passphrase);
172	} else {	218	} else {
173	puts(passphrase);	219	local = g_locale_from_utf8(passphrase, strlen(passphrase),
		220	NULL, NULL, NULL);
		221	if (local != NULL) {
		222	puts(local);
		223	memset(local, '\0', strlen(local));
		224	g_free(local);
		225	} else {
		226	puts(passphrase);
		227	}
174	}	228	}
175	}	229	}
176		230