Re: [Linux-decnet-user] dnprogs password security

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Though it would be easy...try this patch. Entering a password of "-" will then
prompt you.

eg:

dncopy 'trisha"patrick -"::login.com' mylogin.com


patrick


Index: libdap/connection.cc
===================================================================
RCS file: /cvsroot/linux-decnet/dnprogs/libdap/connection.cc,v
retrieving revision 1.4
diff -u -r1.4 connection.cc

--- libdap/connection.cc	2001/01/21 13:36:58	1.4
+++ libdap/connection.cc	2001/03/14 09:36:30
@@ -230,6 +230,20 @@
 	return false;
     }
 
+    /* If the password is "-" and fd 0 is a tty then 
+       prompt for a password */
+    if (password[0] == '-' && password[1] == '\0' && isatty(0))
+    {
+	password = getpass("Password: ");
+	if (password == NULL || strlen(password) > (unsigned int)MAX_PASSWORD)
+	{
+	    strcpy(errstring, "Password input cancelled");
+	    lasterror = errstring;
+	    return false;
+	}
+	
+    }
+
     memcpy(accessdata.acc_user, user, strlen(user));
     memcpy(accessdata.acc_pass, password, strlen(password));
     memcpy(s.sdn_add.a_addr, binadr->n_addr, sizeof(s.sdn_add.a_addr));
@@ -248,7 +262,7 @@
     }
     else
         accessdata.acc_acc[0] = '\0';
-    
+
 
     accessdata.acc_userl = strlen(user);
     accessdata.acc_passl = strlen(password);



