Merge pull request #34279 from yuwata/ask-password

ask-password: refuse empty password strv
author: Lennart Poettering <lennart@poettering.net> 2024-09-06 13:30:15 +0200
committer: GitHub <noreply@github.com> 2024-09-06 13:30:15 +0200
commit: b9ea64680875ca33490f7ab5b24fa1a01b2a42c5 (patch)
tree: a214f175ebf0ccb920e8278000ebdaeba3230585
parent: Merge pull request #34285 from poettering/boot-measure-profile (diff)
parent: tree-wide: check if non-empty password is acquired (diff)
download: systemd-b9ea64680875ca33490f7ab5b24fa1a01b2a42c5.tar.xz
systemd-b9ea64680875ca33490f7ab5b24fa1a01b2a42c5.zip
4 files changed, 25 insertions, 11 deletions
diff --git a/src/home/homectl.c b/src/home/homectl.c
index a71548439e..cbb1c79f40 100644
--- a/src/home/homectl.c
+++ b/src/home/homectl.c
@@ -1244,6 +1244,8 @@ static int acquire_new_password(
                 if (r < 0)
                         return log_error_errno(r, "Failed to acquire password: %m");
 
+                assert(!strv_isempty(first));
+
                 question = mfree(question);
                 if (asprintf(&question, "Please enter new password for user %s (repeat):", user_name) < 0)
                         return log_oom();
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 135f19706e..0bb6611c64 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -168,7 +168,16 @@ static int ask_password_keyring(const AskPasswordRequest *req, AskPasswordFlags
         if (r < 0)
                 return r;
 
-        return retrieve_key(serial, ret);
+        _cleanup_strv_free_erase_ char **l = NULL;
+        r = retrieve_key(serial, &l);
+        if (r < 0)
+                return r;
+
+        if (strv_isempty(l))
+                return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password from keyring.");
+
+        *ret = TAKE_PTR(l);
+        return 0;
 }
 
 static int backspace_chars(int ttyfd, size_t p) {
@@ -323,8 +332,8 @@ int ask_password_plymouth(
                         return -ENOENT;
 
                 } else if (IN_SET(buffer[0], 2, 9)) {
+                        _cleanup_strv_free_erase_ char **l = NULL;
                         uint32_t size;
-                        char **l;
 
                         /* One or more answers */
                         if (p < 5)
@@ -342,15 +351,16 @@ int ask_password_plymouth(
                         if (!l)
                                 return -ENOMEM;
 
-                        *ret = l;
-                        break;
+                        if (strv_isempty(l))
+                                return log_debug_errno(SYNTHETIC_ERRNO(ECANCELED), "Received an empty password.");
+
+                        *ret = TAKE_PTR(l);
+                        return 0;
 
                 } else
                         /* Unknown packet */
                         return -EIO;
         }
-
-        return 0;
 }
 
 #define NO_ECHO "(no echo) "
@@ -955,8 +965,8 @@ finish:
 
 static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFlags flags, char ***ret) {
         _cleanup_(erase_and_freep) char *buffer = NULL;
+        _cleanup_strv_free_erase_ char **l = NULL;
         size_t size;
-        char **l;
         int r;
 
         assert(req);
@@ -971,7 +981,10 @@ static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFla
         if (!l)
                 return -ENOMEM;
 
-        *ret = l;
+        if (strv_isempty(l))
+                return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password in credential.");
+
+        *ret = TAKE_PTR(l);
         return 0;
 }
 
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index b84924ad8d..a538425c1f 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -3079,6 +3079,7 @@ int dissected_image_decrypt_interactively(
                 if (r < 0)
                         return log_error_errno(r, "Failed to query for passphrase: %m");
 
+                assert(!strv_isempty(z));
                 passphrase = z[0];
         }
 }
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c
index 4b1e848749..df21f3d28f 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -263,9 +263,7 @@ static int process_one_password_file(const char *filename) {
                         return log_error_errno(r, "Failed to query password: %m");
                 }
 
-                if (strv_isempty(passwords))
-                        return -ECANCELED;
-
+                assert(!strv_isempty(passwords));
                 r = send_passwords(socket_name, passwords);
                 if (r < 0)
                         return log_error_errno(r, "Failed to send: %m");
author	Lennart Poettering <lennart@poettering.net>	2024-09-06 13:30:15 +0200
committer	GitHub <noreply@github.com>	2024-09-06 13:30:15 +0200
commit	b9ea64680875ca33490f7ab5b24fa1a01b2a42c5 (patch)
tree	a214f175ebf0ccb920e8278000ebdaeba3230585
parent	Merge pull request #34285 from poettering/boot-measure-profile (diff)
parent	tree-wide: check if non-empty password is acquired (diff)
download	systemd-b9ea64680875ca33490f7ab5b24fa1a01b2a42c5.tar.xz systemd-b9ea64680875ca33490f7ab5b24fa1a01b2a42c5.zip