From 8067d9bace148a254528fdf752f083d2a0debada Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:26 -0400
Subject: [PATCH 38/42] Add support to read the pin from stdin in client.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/client.c      | 10 +++++++---
 src/password.c    | 41 +++++++++++++++++++++++++++++++++++++++++
 src/password.h    |  1 +
 src/signer_info.c | 45 +--------------------------------------------
 4 files changed, 50 insertions(+), 47 deletions(-)

diff --git a/src/client.c b/src/client.c
index 777197a..1ec582b 100644
--- a/src/client.c
+++ b/src/client.c
@@ -212,10 +212,14 @@ get_token_pin(int pinfd, char *pinfile, char *envname)
 
 		fclose(pinf);
 		return pin;
-	} else
-		return strdup(getenv(envname));
+	} else {
+		pin = getenv(envname);
+		if (pin)
+			return strdup(pin);
+	}
 
-	return NULL;
+	pin = readpw(NULL, PR_FALSE, NULL);
+	return pin;
 }
 
 static void
diff --git a/src/password.c b/src/password.c
index 100c584..c663955 100644
--- a/src/password.c
+++ b/src/password.c
@@ -17,6 +17,7 @@
  * Author(s): Peter Jones <pjones@redhat.com>
  */
 
+#include <limits.h>
 #include <stdlib.h>
 #include <termios.h>
 #include <unistd.h>
@@ -289,4 +290,44 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
     return NULL;
 }
 
+#if 0
+#warning investigate killing readpw
+#endif
+char *
+readpw(PK11SlotInfo *slot, PRBool retry, void *arg)
+{
+	struct termios sio, tio;
+	char line[LINE_MAX], *p;
 
+	if (tcgetattr(fileno(stdin), &sio) < 0) {
+		fprintf(stderr, "Could not read password from standard input.\n");
+		return NULL;
+	}
+	tio = sio;
+	tio.c_lflag &= ~ECHO;
+	if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
+		fprintf(stderr, "Could not read password from standard input.\n");
+		return NULL;
+	}
+
+	fprintf(stdout, "Enter passphrase for private key: ");
+	if (fgets(line, sizeof(line), stdin) == NULL) {
+		fprintf(stdout, "\n");
+		tcsetattr(fileno(stdin), 0, &sio);
+		return NULL;
+	}
+	fprintf(stdout, "\n");
+	tcsetattr(fileno(stdin), 0, &sio);
+
+	p = line + strcspn(line, "\r\n");
+	if (p != NULL)
+		*p = '\0';
+
+	char *ret = strdup(line);
+	memset(line, '\0', sizeof (line));
+	if (!ret) {
+		fprintf(stderr, "Could not read passphrase.\n");
+		return NULL;
+	}
+	return ret;
+}
diff --git a/src/password.h b/src/password.h
index 853bd5a..bcbac44 100644
--- a/src/password.h
+++ b/src/password.h
@@ -22,5 +22,6 @@
 extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
 extern char *get_password_passthrough(PK11SlotInfo *slot, PRBool retry, void *arg);
 extern char *get_password_fail(PK11SlotInfo *slot, PRBool retry, void *arg);
+extern char *readpw(PK11SlotInfo *slot, PRBool retry, void *arg);
 
 #endif /* PASSWORD_H */
diff --git a/src/signer_info.c b/src/signer_info.c
index 932b896..f755bf6 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -19,10 +19,8 @@
 
 #include "pesign.h"
 
-#include <limits.h>
 #include <string.h>
 #include <syslog.h>
-#include <termios.h>
 #include <time.h>
 #include <unistd.h>
 
@@ -159,47 +157,6 @@ err:
 	return -1;
 }
 
-#if 0
-#warning investigate killing getpw
-#endif
-static char *getpw(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-	struct termios sio, tio;
-	char line[LINE_MAX], *p;
-
-	if (tcgetattr(fileno(stdin), &sio) < 0) {
-		fprintf(stderr, "Could not read password from standard input.\n");
-		return NULL;
-	}
-	tio = sio;
-	tio.c_lflag &= ~ECHO;
-	if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
-		fprintf(stderr, "Could not read password from standard input.\n");
-		return NULL;
-	}
-
-	fprintf(stdout, "Enter passphrase for private key: ");
-	if (fgets(line, sizeof(line), stdin) == NULL) {
-		fprintf(stdout, "\n");
-		tcsetattr(fileno(stdin), 0, &sio);
-		return NULL;
-	}
-	fprintf(stdout, "\n");
-	tcsetattr(fileno(stdin), 0, &sio);
-
-	p = line + strcspn(line, "\r\n");
-	if (p != NULL)
-		*p = '\0';
-
-	char *ret = strdup(line);
-	memset(line, '\0', sizeof (line));
-	if (!ret) {
-		fprintf(stderr, "Could not read passphrase.\n");
-		return NULL;
-	}
-	return ret;
-}
-
 static int
 sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
 {
@@ -216,7 +173,7 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
 	if (!oid)
 		goto err;
 
-	PK11_SetPasswordFunc(cms->func ? cms->func : getpw);
+	PK11_SetPasswordFunc(cms->func ? cms->func : readpw);
 	SECKEYPrivateKey *privkey = PK11_FindKeyByAnyCert(cms->cert,
 				cms->pwdata ? cms->pwdata : NULL);
 	if (!privkey) {
-- 
1.7.12.1