summaryrefslogtreecommitdiff
path: root/internal/readpassword
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 14:26:54 +0100
committerJakob Unterwurzacher2018-02-18 14:26:54 +0100
commit3b8f5cbb17c964224456bb36b096feafb0e24f44 (patch)
tree1caae8dbf736510b971790b94c1975b325dfe377 /internal/readpassword
parent14c063428dcded6a1060395bb45bf7bd5d185738 (diff)
readpassword: convert from string to []byte
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
Diffstat (limited to 'internal/readpassword')
-rw-r--r--internal/readpassword/extpass_test.go8
-rw-r--r--internal/readpassword/read.go19
-rw-r--r--internal/readpassword/stdin_test.go4
3 files changed, 17 insertions, 14 deletions
diff --git a/internal/readpassword/extpass_test.go b/internal/readpassword/extpass_test.go
index 4af775a..cdfea4e 100644
--- a/internal/readpassword/extpass_test.go
+++ b/internal/readpassword/extpass_test.go
@@ -8,6 +8,8 @@ import (
"github.com/rfjakob/gocryptfs/internal/tlog"
)
+var testPw = []byte("test")
+
func TestMain(m *testing.M) {
// Shut up info output
tlog.Info.Enabled = false
@@ -16,7 +18,7 @@ func TestMain(m *testing.M) {
func TestExtpass(t *testing.T) {
p1 := "ads2q4tw41reg52"
- p2 := readPasswordExtpass("echo " + p1)
+ p2 := string(readPasswordExtpass("echo " + p1))
if p1 != p2 {
t.Errorf("p1=%q != p2=%q", p1, p2)
}
@@ -24,7 +26,7 @@ func TestExtpass(t *testing.T) {
func TestOnceExtpass(t *testing.T) {
p1 := "lkadsf0923rdfi48rqwhdsf"
- p2 := Once("echo " + p1)
+ p2 := string(Once("echo " + p1))
if p1 != p2 {
t.Errorf("p1=%q != p2=%q", p1, p2)
}
@@ -32,7 +34,7 @@ func TestOnceExtpass(t *testing.T) {
func TestTwiceExtpass(t *testing.T) {
p1 := "w5w44t3wfe45srz434"
- p2 := Once("echo " + p1)
+ p2 := string(Once("echo " + p1))
if p1 != p2 {
t.Errorf("p1=%q != p2=%q", p1, p2)
}
diff --git a/internal/readpassword/read.go b/internal/readpassword/read.go
index 481911b..047eba9 100644
--- a/internal/readpassword/read.go
+++ b/internal/readpassword/read.go
@@ -2,6 +2,7 @@
package readpassword
import (
+ "bytes"
"fmt"
"io"
"os"
@@ -23,7 +24,7 @@ const (
// Once tries to get a password from the user, either from the terminal, extpass
// or stdin.
-func Once(extpass string) string {
+func Once(extpass string) []byte {
if extpass != "" {
return readPasswordExtpass(extpass)
}
@@ -35,7 +36,7 @@ func Once(extpass string) string {
// Twice is the same as Once but will prompt twice if we get the password from
// the terminal.
-func Twice(extpass string) string {
+func Twice(extpass string) []byte {
if extpass != "" {
return readPasswordExtpass(extpass)
}
@@ -44,7 +45,7 @@ func Twice(extpass string) string {
}
p1 := readPasswordTerminal("Password: ")
p2 := readPasswordTerminal("Repeat: ")
- if p1 != p2 {
+ if !bytes.Equal(p1, p2) {
tlog.Fatal.Println("Passwords do not match")
os.Exit(exitcodes.ReadPassword)
}
@@ -53,7 +54,7 @@ func Twice(extpass string) string {
// readPasswordTerminal reads a line from the terminal.
// Exits on read error or empty result.
-func readPasswordTerminal(prompt string) string {
+func readPasswordTerminal(prompt string) []byte {
fd := int(os.Stdin.Fd())
fmt.Fprintf(os.Stderr, prompt)
// terminal.ReadPassword removes the trailing newline
@@ -67,12 +68,12 @@ func readPasswordTerminal(prompt string) string {
tlog.Fatal.Println("Password is empty")
os.Exit(exitcodes.PasswordEmpty)
}
- return string(p)
+ return p
}
// readPasswordStdin reads a line from stdin.
// It exits with a fatal error on read error or empty result.
-func readPasswordStdin() string {
+func readPasswordStdin() []byte {
tlog.Info.Println("Reading password from stdin")
p := readLineUnbuffered(os.Stdin)
if len(p) == 0 {
@@ -85,7 +86,7 @@ func readPasswordStdin() string {
// readPasswordExtpass executes the "extpass" program and returns the first line
// of the output.
// Exits on read error or empty result.
-func readPasswordExtpass(extpass string) string {
+func readPasswordExtpass(extpass string) []byte {
tlog.Info.Println("Reading password from extpass program")
var parts []string
// The option "-passfile=FILE" gets transformed to
@@ -125,7 +126,7 @@ func readPasswordExtpass(extpass string) string {
// readLineUnbuffered reads single bytes from "r" util it gets "\n" or EOF.
// The returned string does NOT contain the trailing "\n".
-func readLineUnbuffered(r io.Reader) (l string) {
+func readLineUnbuffered(r io.Reader) (l []byte) {
b := make([]byte, 1)
for {
if len(l) > maxPasswordLen {
@@ -146,7 +147,7 @@ func readLineUnbuffered(r io.Reader) (l string) {
if b[0] == '\n' {
return l
}
- l = l + string(b)
+ l = append(l, b...)
}
}
diff --git a/internal/readpassword/stdin_test.go b/internal/readpassword/stdin_test.go
index 2d9f93f..8cf9954 100644
--- a/internal/readpassword/stdin_test.go
+++ b/internal/readpassword/stdin_test.go
@@ -11,7 +11,7 @@ import (
func TestStdin(t *testing.T) {
p1 := "g55434t55wef"
if os.Getenv("TEST_SLAVE") == "1" {
- p2 := readPasswordStdin()
+ p2 := string(readPasswordStdin())
if p1 != p2 {
fmt.Fprintf(os.Stderr, "%q != %q", p1, p2)
os.Exit(1)
@@ -44,7 +44,7 @@ func TestStdin(t *testing.T) {
func TestStdinEof(t *testing.T) {
p1 := "asd45as5f4a36"
if os.Getenv("TEST_SLAVE") == "1" {
- p2 := readPasswordStdin()
+ p2 := string(readPasswordStdin())
if p1 != p2 {
fmt.Fprintf(os.Stderr, "%q != %q", p1, p2)
os.Exit(1)