Re: doas password prompt

2015-12-03 Thread Marc Espie 
On Wed, Dec 02, 2015 at 04:40:33AM -0500, Ted Unangst wrote:
> henning points out that if you are seven levels deep when doas asks for a
> password, it can be hard to tell who is asking for what password.
> 
> modify the prompt to include the program name and user@host.
> - if (pledge("stdio rpath getpw proc exec id", NULL) == -1)
> + if (pledge("stdio rpath getpw tty proc exec id", NULL) == -1)
>   err(1, "pledge");
I'm slightly surprised about this. Seems weird that the simpler function
doesn't twiddle the tty knob as well.

Re: doas password prompt

2015-12-02 Thread Ted Unangst 
Vadim Zhukov wrote:
> 2015-12-02 12:40 GMT+03:00 Ted Unangst :
> > henning points out that if you are seven levels deep when doas asks for a
> > password, it can be hard to tell who is asking for what password.
> >
> > modify the prompt to include the program name and user@host.
> 
> The patch itself looks like fine for me, but why not just add '\u@\h'
> to PS1 instead?

If you run "ssh host doas -u user ssh host doas reboot" you don't get a
prompt. :)

Re: doas password prompt

2015-12-02 Thread Vadim Zhukov 
2015-12-02 12:40 GMT+03:00 Ted Unangst :
> henning points out that if you are seven levels deep when doas asks for a
> password, it can be hard to tell who is asking for what password.
>
> modify the prompt to include the program name and user@host.

The patch itself looks like fine for me, but why not just add '\u@\h'
to PS1 instead?

--
  WBR,
  Vadim Zhukov

doas password prompt

2015-12-02 Thread Ted Unangst 
henning points out that if you are seven levels deep when doas asks for a
password, it can be hard to tell who is asking for what password.

modify the prompt to include the program name and user@host.

Index: doas.c
===
RCS file: /cvs/src/usr.bin/doas/doas.c,v
retrieving revision 1.45
diff -u -p -r1.45 doas.c
--- doas.c  24 Oct 2015 19:23:48 -  1.45
+++ doas.c  2 Dec 2015 09:36:05 -
@@ -21,6 +21,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -323,7 +324,7 @@ main(int argc, char **argv, char **envp)
char cwdpath[PATH_MAX];
const char *cwd;
 
-   if (pledge("stdio rpath getpw proc exec id", NULL) == -1)
+   if (pledge("stdio rpath getpw tty proc exec id", NULL) == -1)
err(1, "pledge");
 
closefrom(STDERR_FILENO + 1);
@@ -405,11 +406,27 @@ main(int argc, char **argv, char **envp)
}
 
if (!(rule->options & NOPASS)) {
+   char *challenge = NULL, *response, rbuf[1024], cbuf[128];
+   auth_session_t *as;
+
if (nflag)
errx(1, "Authorization required");
-   if (!auth_userokay(myname, NULL, "auth-doas", NULL)) {
+
+   if (!(as = auth_userchallenge(myname, NULL, "auth-doas",
+   )))
+   err(1, "auth challenge failed");
+   if (!challenge) {
+   char host[HOST_NAME_MAX + 1];
+   if (gethostname(host, sizeof(host)))
+   snprintf(host, sizeof(host), "?");
+   snprintf(cbuf, sizeof(cbuf),
+   "doas (%.32s@%.32s) password: ", myname, host);
+   challenge = cbuf;
+   }
+   response = readpassphrase(challenge, rbuf, sizeof(rbuf), 0);
+   if (!auth_userresponse(as, response, 0)) {
syslog(LOG_AUTHPRIV | LOG_NOTICE,
-   "failed password for %s", myname);
+   "failed auth for %s", myname);
errc(1, EPERM, NULL);
}
}