diff options
| author | Klemens Nanni <kn@cvs.openbsd.org> | 2021-11-02 16:54:02 +0000 |
|---|---|---|
| committer | Klemens Nanni <kn@cvs.openbsd.org> | 2021-11-02 16:54:02 +0000 |
| commit | 620454c8ccc5fd3f6cd80f219cb568ea339a8d21 (patch) | |
| tree | 95bde66d9c691919024bd9180526c22f378e33e4 /distrib | |
| parent | 11c4764bc9bbb70ebd8118c2582f702746088730 (diff) | |
Remove "!" escape handling from WEP/WPA passphrase questions
Answering any question (except user password prompts) with "!" drops to
the shell ("!foo" executes "foo" immediately), but this is an obviously
bad idea for the wifi passphrase questions in case the magic words start
with... an "!":
WPA passphrase? (will echo) !2345678
/install: 2345678: not found
WPA passphrase? (will echo)
Adapt the existing password prompt code into a new self-contained
ask_passphrase() which prompts only once and echos its input (like the
passphrase question has been doing all the time), doing no input parsing
whatsoever (as with user passwords):
WPA passphrase? (will echo) !2345678
IPv4 address for bwfm0? (or 'autoconf' or 'none') [autoconf]
Reported by Pasi-Pekka Karppinen <ppkarppi AT icloud DOT com>, thanks!
Feedback tb (wifi passphrases should still be printed)
OK deraadt
Diffstat (limited to 'distrib')
| -rw-r--r-- | distrib/miniroot/install.sub | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index 16d3b6e3420..4a8a2e74991 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: install.sub,v 1.1183 2021/10/24 12:32:42 kn Exp $ +# $OpenBSD: install.sub,v 1.1184 2021/11/02 16:54:01 kn Exp $ # # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback # Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org> @@ -885,6 +885,27 @@ ask_password() { done } +# Ask for a passphrase once showing prompt $1. Ensure input is not empty +# save it in $_passphrase. +ask_passphrase() { + local _q=$1 + + if $AI; then + echo -n "$_q " + _autorespond "$_q" + echo '<provided>' + _passphrase=$resp + return + fi + + while :; do + IFS= read -r _passphrase?"$_q (will echo) " + + [[ -n $_passphrase ]] && break + + echo "Empty passphrase, try again." + done +} # ------------------------------------------------------------------------------ # Support functions for donetconfig() @@ -1245,19 +1266,19 @@ ieee80211_config() { quote join "$_nwid" >>$_hn break ;; - ?-[Ww]) ask_until "WEP key? (will echo)" + ?-[Ww]) ask_passphrase "WEP key?" # Make sure ifconfig accepts the key. - if _err=$(ifconfig $_if join "$_nwid" nwkey "$resp" 2>&1) && + if _err=$(ifconfig $_if join "$_nwid" nwkey "$_passphrase" 2>&1) && [[ -z $_err ]]; then - quote join "$_nwid" nwkey "$resp" >>$_hn + quote join "$_nwid" nwkey "$_passphrase" >>$_hn break fi echo "$_err" ;; - 1-[Pp]) ask_until "WPA passphrase? (will echo)" + 1-[Pp]) ask_passphrase "WPA passphrase?" # Make sure ifconfig accepts the key. - if ifconfig $_if join "$_nwid" wpakey "$resp"; then - quote join "$_nwid" wpakey "$resp" >>$_hn + if ifconfig $_if join "$_nwid" wpakey "$_passphrase"; then + quote join "$_nwid" wpakey "$_passphrase" >>$_hn break fi ;; |