aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJoursoir <chat@joursoir.net>2021-03-03 20:10:05 +0000
committerJoursoir <chat@joursoir.net>2021-03-03 20:10:05 +0000
commit8a48afccb97462b0dc261e8c99c0825295ebc019 (patch)
tree5efa557df3969708d4ce052713033d9e57df84b7 /src
parentce7c8411d7af66904da5e852f01fd95426ccf5c0 (diff)
downloadlock-password-8a48afccb97462b0dc261e8c99c0825295ebc019.tar.gz
lock-password-8a48afccb97462b0dc261e8c99c0825295ebc019.tar.bz2
lock-password-8a48afccb97462b0dc261e8c99c0825295ebc019.zip
cmd 'edit' has become more secure
Diffstat (limited to 'src')
-rw-r--r--src/constants.h1
-rw-r--r--src/easydir.c34
-rw-r--r--src/easydir.h1
-rw-r--r--src/main.c114
4 files changed, 66 insertions, 84 deletions
diff --git a/src/constants.h b/src/constants.h
index 1df4898..2168883 100644
--- a/src/constants.h
+++ b/src/constants.h
@@ -24,6 +24,7 @@
#define LOCKPASS_DIR ".lock-password/"
#define GPGKEY_FILE ".gpg-key"
+#define STD_TEXT_EDITOR "vi"
#define errprint(RET, ...) \
do { \
diff --git a/src/easydir.c b/src/easydir.c
index c94b944..cf10110 100644
--- a/src/easydir.c
+++ b/src/easydir.c
@@ -54,37 +54,3 @@ int count_dir_entries(const char *path)
closedir(dir);
return counter;
}
-
-char *fileCropLineFeed(char *path, char *text, int maxlen)
-{
- FILE *file = fopen(path, "r+");
- if(file == NULL) callError(130);
-
- int symbol;
- int pos = 0;
- char *str = (char *) malloc(sizeof(char) * maxlen);
- while((symbol = fgetc(file)))
- {
- switch(symbol)
- {
- case '\n':
- case EOF: {
- str[pos] = '\0';
- pos = -1; // for break while
- break;
- }
- default: {
- str[pos] = symbol;
- pos++;
- break;
- }
- }
- if(pos == -1) break;
- if(pos > maxlen-1) { str[pos-1] = '\0'; break; }
- }
- fclose(file);
-
- strcpy(text, str);
- free(str);
- return text;
-}
diff --git a/src/easydir.h b/src/easydir.h
index cfd4494..292002e 100644
--- a/src/easydir.h
+++ b/src/easydir.h
@@ -27,6 +27,5 @@ enum status_file {
int file_exist(const char *path);
int count_dir_entries(const char *path);
-char *fileCropLineFeed(char *path, char *text, int maxlen);
#endif \ No newline at end of file
diff --git a/src/main.c b/src/main.c
index d38b84a..4b19e82 100644
--- a/src/main.c
+++ b/src/main.c
@@ -26,6 +26,8 @@
#include <stdarg.h>
#include <errno.h>
#include <sys/stat.h>
+#include <sys/wait.h>
+#include <fcntl.h>
#include "constants.h"
#include "easydir.h"
@@ -159,71 +161,85 @@ int cmd_insert(int argc, char *argv[])
int cmd_edit(int argc, char *argv[])
{
- usageprint("Temporarily unavailable :(\n");
-
-/*
const char description[] = "edit passname\n";
- int result;
+ int result, fd, pid, len_pass, save_errno;
+ /* We expect tmpfs to be mounted at /dev/shm */
+ char path_tmpfile[] = "/dev/shm/lpass.XXXXXX";
+ char *editor, *password;
char *path = argv[2];
if(!path)
usageprint("%s", description);
- dbgprint("passname: %s\n", path);
result = check_sneaky_paths(path);
if(result)
errprint(1, "You have used forbidden paths\n");
- result = file_exist(path);
- if(result == F_NOEXIST)
- errprint(1, "No such file exists\n");
- else if(result == F_ISDIR)
- errprint(1, "It is a directory\n");
-
- // configure text editor file
- char text_editor[MAXLEN_TEXTEDITOR];
- FILE *f_texteditor = fopen(TEXTEDITOR_FILE, "r");
- if(f_texteditor == NULL) {
- f_texteditor = fopen(TEXTEDITOR_FILE, "w");
- if(f_texteditor == NULL)
- errprint(1, "fopen() failed");
- fputs(STANDARD_TEXTEDITOR, f_texteditor); // in file
- strcpy(text_editor, STANDARD_TEXTEDITOR); // in variable
- }
- else {
- if(!fgets(text_editor, sizeof(char)*MAXLEN_TEXTEDITOR, f_texteditor))
- errprint(1, "fgets() failed");
- }
- fclose(f_texteditor);
-
- dbgprint("text editor: %s\n", text_editor);
- // end configure
+ editor = getenv("EDITOR");
+ if(!editor)
+ editor = STD_TEXT_EDITOR;
- // decryption
- char *public_gpgkey = get_pubkey();
+ password = get_password(path);
+ if(password == NULL)
+ errprint(1, "Decrypt password failed\n");
- char *decrypt_arg[] = {"gpg", "-d", "--quiet", "-r", public_gpgkey, "-o", path, gPath_pass, NULL};
- easyFork("gpg", decrypt_arg);
+ fd = mkstemp(path_tmpfile);
+ if(fd == -1) {
+ free(password);
+ errprint(1, "mkstemp() failed\n");
+ }
+ dbgprint("tmp file: %s\n", path_tmpfile);
+
+ len_pass = strlen(password);
+ result = write(fd, password, len_pass);
+ free(password);
+ close(fd);
+ if(result != len_pass) {
+ unlink(path_tmpfile);
+ errprint(1, "Write password to temporary file failed\n");
+ }
- // start vim/etc for edit passowrd
- char *editor_arg[] = {text_editor, path, NULL};
- easyFork(text_editor, editor_arg);
+ // fork for text editor
+ char *editor_arg[] = {editor, path_tmpfile, NULL};
+ pid = fork();
+ if(pid == -1) {
+ unlink(path_tmpfile);
+ errprint(1, "%s fork() failed\n", editor);
+ }
+ if(pid == 0) { /* new process */
+ execvp(editor, editor_arg);
+ perror(editor);
+ exit(1);
+ }
+ wait(&pid);
- // delete '\n' and paste good pass
- char password[maxlen_pass];
- fileCropLineFeed(path, password, maxlen_pass);
+ fd = open(path_tmpfile, O_RDONLY);
+ if(fd == -1) {
+ unlink(path_tmpfile);
+ perror("open");
+ return 1;
+ }
- FILE *file = fopen(path, "w");
- if(file == NULL) callError(108);
- fputs(password, file);
- fclose(file);
+ password = malloc(sizeof(char) * (maxlen_pass + 1));
+ len_pass = read(fd, password, maxlen_pass);
+ save_errno = errno;
+ close(fd);
+ unlink(path_tmpfile);
+ if(len_pass < minlen_pass) {
+ free(password);
+ if(len_pass == -1)
+ errprint(1, "Read temporary file: %s\n", strerror(save_errno));
+ else
+ errprint(1, "Min. password length is %d\n", minlen_pass);
+ }
+ password[len_pass-1] = '\0';
+ dbgprint("new pass: %s\n", password);
- // encryption
- char *encrypt_arg[] = {"gpg", "--quiet", "--yes", "-r", public_gpgkey, "-e", path, NULL};
- easyFork("gpg", encrypt_arg);
+ // encrypt
+ result = insert_pass(path, password);
+ free(password);
+ if(result)
+ errprint(1, "Can't add password to LockPassword\n");
- remove(path);
- free(public_gpgkey);
-*/
return 0;
}