diff options
| author |   tedu <tedu@openbsd.org> | 2016-02-07 20:01:58 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2016-02-07 20:01:58 +0000 |
| commit | b9df47fe76cd2b1c3950592826e13681aacb622b (patch) | |
| tree | ee37c6af21253b1c87a21a0355bd6a41c481eea7 | |
| parent | Comment. (diff) | |
| download | wireguard-openbsd-b9df47fe76cd2b1c3950592826e13681aacb622b.tar.xz wireguard-openbsd-b9df47fe76cd2b1c3950592826e13681aacb622b.zip | |
require a tty for the password.
sudo regression noted by miod, fix by millert
| -rw-r--r-- | usr.bin/doas/doas.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/usr.bin/doas/doas.c b/usr.bin/doas/doas.c index d3dfe9bb414..c25e96e6229 100644 --- a/usr.bin/doas/doas.c +++ b/usr.bin/doas/doas.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.c,v 1.49 2016/01/24 13:19:21 gsoares Exp $ */ +/* $OpenBSD: doas.c,v 1.50 2016/02/07 20:01:58 tedu Exp $ */ /* * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org> * @@ -428,7 +428,13 @@ main(int argc, char **argv, char **envp) "doas (%.32s@%.32s) password: ", myname, host); challenge = cbuf; } - response = readpassphrase(challenge, rbuf, sizeof(rbuf), 0); + response = readpassphrase(challenge, rbuf, sizeof(rbuf), + RPP_REQUIRE_TTY); + if (response == NULL && errno == ENOTTY) { + syslog(LOG_AUTHPRIV | LOG_NOTICE, + "tty required for %s", myname); + errx(1, "a tty is required"); + } if (!auth_userresponse(as, response, 0)) { syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname); |