diff options
| author | Werner Koch <[email protected]> | 2023-11-14 14:08:20 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-11-14 14:09:27 +0000 |
| commit | def8f5f3d28bd5b19fd68e9fbd2eeb1d04c08db1 (patch) | |
| tree | 6f4d85c392511644f13f518504bad1ec09a23b2b | |
| parent | gpgsm: Re-introduce the bad passphrase hint for pkcs#12. (diff) | |
| download | gnupg-def8f5f3d28bd5b19fd68e9fbd2eeb1d04c08db1.tar.gz gnupg-def8f5f3d28bd5b19fd68e9fbd2eeb1d04c08db1.zip | |
gpg,gpgsm: Hide password in debug output also for asked passwords.
* g10/call-agent.c (agent_get_passphrase): Call
assuan_begin_confidential and assuan_end_confidential.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--
GnuPG-bug-id: 6654
The drawback of this solution is that we don't see any IPC lines from
the assuan_transact. Everything else would require larger changes to
libassuan.
| -rw-r--r-- | g10/call-agent.c | 6 | ||||
| -rw-r--r-- | sm/call-agent.c | 5 |
2 files changed, 10 insertions, 1 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index 4defa7990..c90cdfda5 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1995,7 +1995,7 @@ agent_get_passphrase (const char *cache_id, char *arg4 = NULL; membuf_t data; struct default_inq_parm_s dfltparm; - int have_newsymkey; + int have_newsymkey, wasconf; memset (&dfltparm, 0, sizeof dfltparm); @@ -2047,10 +2047,14 @@ agent_get_passphrase (const char *cache_id, xfree (arg4); init_membuf_secure (&data, 64); + wasconf = assuan_get_flag (agent_ctx, ASSUAN_CONFIDENTIAL); + assuan_begin_confidential (agent_ctx); rc = assuan_transact (agent_ctx, line, put_membuf_cb, &data, default_inq_cb, &dfltparm, NULL, NULL); + if (!wasconf) + assuan_end_confidential (agent_ctx); if (rc) xfree (get_membuf (&data, NULL)); diff --git a/sm/call-agent.c b/sm/call-agent.c index 71768910f..eb6671692 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -1322,6 +1322,7 @@ gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg, int repeat, char *arg4 = NULL; membuf_t data; struct default_inq_parm_s inq_parm; + int wasconf; *r_passphrase = NULL; @@ -1340,9 +1341,13 @@ gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg, int repeat, xfree (arg4); init_membuf_secure (&data, 64); + wasconf = assuan_get_flag (agent_ctx, ASSUAN_CONFIDENTIAL); + assuan_begin_confidential (agent_ctx); err = assuan_transact (agent_ctx, line, put_membuf_cb, &data, default_inq_cb, &inq_parm, NULL, NULL); + if (!wasconf) + assuan_end_confidential (agent_ctx); if (err) xfree (get_membuf (&data, NULL)); |