*/
#include <termios.h>
-//#include <sys/ioctl.h>
#include "libbb.h"
char *bb_askpass(int timeout, const char * prompt)
{
- static char passwd[64];
+ /* Was static char[BIGNUM] */
+ enum { sizeof_passwd = 128 };
+ static char *passwd;
char *ret;
int i;
struct sigaction sa;
struct termios old, new;
+ if (!passwd)
+ passwd = xmalloc(sizeof_passwd);
+ memset(passwd, 0, sizeof_passwd);
+
tcgetattr(STDIN_FILENO, &old);
tcflush(STDIN_FILENO, TCIFLUSH);
- memset(passwd, 0, sizeof(passwd));
-
fputs(prompt, stdout);
fflush(stdout);
}
ret = NULL;
- if (read(STDIN_FILENO, passwd, sizeof(passwd)-1) > 0) {
+ /* On timeout, read will hopefully be interrupted by SIGALRM,
+ * and we return NULL */
+ if (read(STDIN_FILENO, passwd, sizeof_passwd-1) > 0) {
ret = passwd;
i = 0;
/* Last byte is guaranteed to be 0
}
tcsetattr(STDIN_FILENO, TCSANOW, &old);
- puts("");
+ putchar('\n');
fflush(stdout);
return ret;
}
char *pw_encrypt(const char *clear, const char *salt)
{
- static char cipher[128];
- char *cp;
+ /* Was static char[BIGNUM]. Malloced thing works as well */
+ static char *cipher;
#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
if (strncmp(salt, "$2$", 3) == 0) {
return sha1_crypt(clear);
}
#endif
- cp = (char *) crypt(clear, salt);
- /* if crypt (a nonstandard crypt) returns a string too large,
- truncate it so we don't overrun buffers and hope there is
- enough security in what's left */
- safe_strncpy(cipher, cp, sizeof(cipher));
+
+ free(cipher);
+ cipher = xstrdup(crypt(clear, salt));
return cipher;
}