From f87f40956f9347ee8632b1851dfa0521437f446c Mon Sep 17 00:00:00 2001 From: Curtis McEnroe Date: Sat, 26 Oct 2019 01:17:16 -0400 Subject: Allow reading sensitive information from files --- bounce.c | 30 ++++++++++++++++++++++-------- pounce.1 | 22 ++++++++++++++++++++-- 2 files changed, 42 insertions(+), 10 deletions(-) diff --git a/bounce.c b/bounce.c index a167cea..1257b93 100644 --- a/bounce.c +++ b/bounce.c @@ -55,12 +55,26 @@ static void eventRemove(size_t i) { event.clients[i] = event.clients[event.len]; } -static char *censor(char *arg) { - char *dup = strdup(arg); - if (!dup) err(EX_OSERR, "strdup"); - memset(arg, '\0', strlen(dup)); +static char *sensitive(char *arg) { + char *value = NULL; + if (arg[0] == '@') { + FILE *file = fopen(&arg[1], "r"); + if (!file) err(EX_NOINPUT, "%s", &arg[1]); + + size_t cap = 0; + ssize_t len = getline(&value, &cap, file); + if (len < 0) err(EX_IOERR, "%s", &arg[1]); + + if (len && value[len - 1] == '\n') value[len - 1] = '\0'; + fclose(file); + + } else { + value = strdup(arg); + if (!value) err(EX_OSERR, "strdup"); + } + memset(arg, '\0', strlen(arg)); arg[0] = '*'; - return dup; + return value; } int main(int argc, char *argv[]) { @@ -85,8 +99,8 @@ int main(int argc, char *argv[]) { break; case 'H': localHost = optarg; break; case 'K': strlcpy(privPath, optarg, sizeof(privPath)); break; case 'P': localPort = optarg; - break; case 'W': clientPass = censor(optarg); - break; case 'a': auth = censor(optarg); + break; case 'W': clientPass = sensitive(optarg); + break; case 'a': auth = sensitive(optarg); break; case 'h': host = optarg; break; case 'j': join = optarg; break; case 'n': nick = optarg; @@ -94,7 +108,7 @@ int main(int argc, char *argv[]) { break; case 'r': real = optarg; break; case 'u': user = optarg; break; case 'v': verbose = true; - break; case 'w': pass = censor(optarg); + break; case 'w': pass = sensitive(optarg); break; default: return EX_USAGE; } } diff --git a/pounce.1 b/pounce.1 index 156a511..72ee806 100644 --- a/pounce.1 +++ b/pounce.1 @@ -38,7 +38,7 @@ and uniquely identify themselves by username. .Pp The arguments are as follows: . -.Bl -tag -width "-C cert" +.Bl -tag -width "-W @file" .It Fl C Ar cert Load TLS certificate from .Ar cert . @@ -74,11 +74,23 @@ Require the password .Ar pass to connect. . +.It Fl W Cm @ Ns Ar file +Set +.Fl W Ar pass +to the first line read from +.Ar file . +. .It Fl a Ar auth Authenticate with SASL PLAIN. .Ar auth is a colon-separated username and password. . +.It Fl a Cm @ Ns Ar file +Set +.Fl a Ar auth +to the first line read from +.Ar file . +. .It Fl h Ar host Connect to .Ar host . @@ -117,6 +129,12 @@ and blue to clients. .It Fl w Ar pass Log in with the password .Ar pass . +. +.It Fl w Cm @ Ns Ar file +Set +.Fl w Ar pass +to the first line read from +.Ar file . .El . .Pp @@ -133,7 +151,7 @@ The default nickname. .El . .Sh EXAMPLES -.Bd -literal -offset indent +.Bd -literal .Nm Fl H Li pounce.example.org Fl h Li chat.freenode.net Fl j Li '#ascii.town' .Ed . -- cgit 1.4.1