Attachment 722 Details for Bug 69 – Patch to make use of SSH_ASKPASS more configurable

[patch] Patch to make use of SSH_ASKPASS more configurable

ssh.diff (text/plain), 5.07 KB, created by Sebastian Schmidt on 2004-10-05 00:57:41 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Sebastian Schmidt

Created: 2004-10-05 00:57:41 AEST

Size: 5.07 KB

patch

obsolete

>? .ssh-add.1.swp
>Index: readpass.c
>===================================================================
>RCS file: /cvs/openssh/readpass.c,v
>retrieving revision 1.28
>diff -u -r1.28 readpass.c
>--- readpass.c	17 Jun 2004 15:19:03 -0000	1.28
>+++ readpass.c	3 Oct 2004 14:31:41 -0000
>@@ -99,28 +99,48 @@
> char *
> read_passphrase(const char *prompt, int flags)
> {
>-	char *askpass = NULL, *ret, buf[1024];
>-	int rppflags, use_askpass = 0, ttyfd;
>-
>+	char *askpass = NULL, *ret, buf[1024], *env_askpass;
>+	enum {
>+		NEVER,
>+		IFAVAILABLE,
>+		ALWAYS
>+	};
>+	int rppflags, use_askpass = NEVER, ttyfd;
>+	
> 	rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
>-	if (flags & RP_USE_ASKPASS)
>-		use_askpass = 1;
>-	else if (flags & RP_ALLOW_STDIN) {
>-		if (!isatty(STDIN_FILENO))
>-			use_askpass = 1;
>-	} else {
>-		rppflags |= RPP_REQUIRE_TTY;
>-		ttyfd = open(_PATH_TTY, O_RDWR);
>-		if (ttyfd >= 0)
>-			close(ttyfd);
>-		else
>-			use_askpass = 1;
>+
>+	env_askpass = getenv("SSH_USE_ASKPASS");
>+
>+	if (env_askpass && !strcasecmp(env_askpass, "always"))
>+		use_askpass = ALWAYS;
>+	else if (env_askpass && !strcasecmp(env_askpass, "never"))
>+		use_askpass = NEVER;
>+	else if (env_askpass && !strcasecmp(env_askpass, "prefer") &&
>+			!(flags & RP_ECHO))
>+		use_askpass = IFAVAILABLE;
>+	if (!env_askpass) {
>+		if (flags & RP_USE_ASKPASS)
>+			use_askpass = IFAVAILABLE;
>+		else if (flags & RP_ALLOW_STDIN) {
>+			if (!isatty(STDIN_FILENO))
>+				use_askpass = IFAVAILABLE;
>+		} else {
>+			rppflags |= RPP_REQUIRE_TTY;
>+			ttyfd = open(_PATH_TTY, O_RDWR);
>+			if (ttyfd >= 0)
>+				close(ttyfd);
>+			else
>+				use_askpass = IFAVAILABLE;
>+		}
> 	}
> 
>-	if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL)
>+	if ((flags & RP_USE_ASKPASS) && (use_askpass == NEVER ||
>+			(use_askpass == IFAVAILABLE
>+				&& getenv("DISPLAY") == NULL)))
> 		return (flags & RP_ALLOW_EOF) ? NULL : xstrdup("");
> 
>-	if (use_askpass && getenv("DISPLAY")) {
>+	if (use_askpass == ALWAYS || (use_askpass == IFAVAILABLE
>+				&& getenv("DISPLAY"))) {
> 		if (getenv(SSH_ASKPASS_ENV))
> 			askpass = getenv(SSH_ASKPASS_ENV);
> 		else
>Index: ssh-add.1
>===================================================================
>RCS file: /cvs/openssh/ssh-add.1,v
>retrieving revision 1.41
>diff -u -r1.41 ssh-add.1
>--- ssh-add.1	9 Dec 2003 08:01:52 -0000	1.41
>+++ ssh-add.1	3 Oct 2004 14:31:41 -0000
>@@ -138,6 +138,25 @@
> .It Ev SSH_AUTH_SOCK
> Identifies the path of a unix-domain socket used to communicate with the
> agent.
>+.It Ev SSH_USE_ASKPASS
>+If set to
>+.Dq always ,
>+.Nm
>+will always try to read passwords and passphrases via the program specified in
>+.Ev SSH_ASKPASS ,
>+regardless of whether
>+.Ev DISPLAY
>+is set.
>+If set to
>+.Dq no ,
>+.Nm
>+will always try to read from the current terminal. If set to
>+.Dq prefer ,
>+passwords and passphrases will be read using
>+.Ev SSH_ASKPASS
>+only, when
>+.Ev DISPLAY
>+is set.
> .El
> .Sh FILES
> .Bl -tag -width Ds
>Index: ssh-keygen.1
>===================================================================
>RCS file: /cvs/openssh/ssh-keygen.1,v
>retrieving revision 1.59
>diff -u -r1.59 ssh-keygen.1
>--- ssh-keygen.1	13 Aug 2004 11:23:25 -0000	1.59
>+++ ssh-keygen.1	3 Oct 2004 14:31:42 -0000
>@@ -397,6 +397,51 @@
> The file format is described in
> .Xr moduli 5 .
> .El
>+.Sh ENVIRONMENT
>+.Bl -tag -width Ds
>+.It Ev "DISPLAY" and "SSH_ASKPASS"
>+If
>+.Nm
>+needs a passphrase, it will read the passphrase from the current
>+terminal if it was run from a terminal.
>+If
>+.Nm
>+does not have a terminal associated with it but
>+.Ev DISPLAY
>+and
>+.Ev SSH_ASKPASS
>+are set, it will execute the program specified by
>+.Ev SSH_ASKPASS
>+and open an X11 window to read the passphrase.
>+This is particularly useful when calling
>+.Nm
>+from a
>+.Pa .Xsession
>+or related script.
>+(Note that on some machines it
>+may be necessary to redirect the input from
>+.Pa /dev/null
>+to make this work.)
>+.It Ev SSH_USE_ASKPASS
>+If set to
>+.Dq always ,
>+.Nm
>+will always try to read passwords and passphrases via the program specified in
>+.Ev SSH_ASKPASS ,
>+regardless of whether
>+.Ev DISPLAY
>+is set.
>+If set to
>+.Dq no ,
>+.Nm
>+will always try to read from the current terminal. If set to
>+.Dq prefer ,
>+passwords and passphrases will be read using
>+.Ev SSH_ASKPASS
>+only, when
>+.Ev DISPLAY
>+is set.
>+.El
> .Sh SEE ALSO
> .Xr ssh 1 ,
> .Xr ssh-add 1 ,
>Index: ssh.1
>===================================================================
>RCS file: /cvs/openssh/ssh.1,v
>retrieving revision 1.154
>diff -u -r1.154 ssh.1
>--- ssh.1	29 Aug 2004 06:37:24 -0000	1.154
>+++ ssh.1	3 Oct 2004 14:31:45 -0000
>@@ -869,6 +869,25 @@
> with the current shell or command.
> If the current session has no tty,
> this variable is not set.
>+.It Ev SSH_USE_ASKPASS
>+If set to
>+.Dq always ,
>+.Nm
>+will always try to read passwords and passphrases via the program specified in
>+.Ev SSH_ASKPASS ,
>+regardless of whether
>+.Ev DISPLAY
>+is set.
>+If set to
>+.Dq no ,
>+.Nm
>+will always try to read from the current terminal. If set to
>+.Dq prefer ,
>+passwords and passphrases will be read using
>+.Ev SSH_ASKPASS
>+only, when
>+.Ev DISPLAY
>+is set.
> .It Ev TZ
> The timezone variable is set to indicate the present timezone if it
> was set when the daemon was started (i.e., the daemon passes the value

Actions: View | Diff

Attachments on bug 69: 12 | 722 | 1599 | 3347