From 4011d4de7123b9cf392537939c66728d7b2915ba Mon Sep 17 00:00:00 2001 From: Gav Wood Date: Mon, 11 May 2015 17:46:28 +0300 Subject: [PATCH] Don't echo passwords. --- eth/main.cpp | 11 ++++------- libdevcore/CommonIO.cpp | 14 +++++++++++++- libdevcore/CommonIO.h | 2 ++ 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/eth/main.cpp b/eth/main.cpp index 04ac5bc7e..2514a2a1b 100644 --- a/eth/main.cpp +++ b/eth/main.cpp @@ -1093,8 +1093,7 @@ int main(int argc, char** argv) { while (masterPassword.empty()) { - cout << "Please enter your MASTER password:" << flush; - getline(cin, masterPassword); + masterPassword = getPassword("Please enter your MASTER password: "); if (!keyManager.load(masterPassword)) { cout << "Password invalid. Try again." << endl; @@ -1106,10 +1105,8 @@ int main(int argc, char** argv) { while (masterPassword.empty()) { - cout << "Please enter a MASTER password to protect your key store. Make it strong." << flush; - getline(cin, masterPassword); - string confirm; - cout << "Please confirm the password by entering it again." << flush; + masterPassword = getPassword("Please enter a MASTER password to protect your key store (make it strong!): "); + string confirm = getPassword("Please confirm the password by entering it again: "); getline(cin, confirm); if (masterPassword != confirm) { @@ -1126,7 +1123,7 @@ int main(int argc, char** argv) g_logPost = [&](std::string const& a, char const*) { if (silence) logbuf += a + "\n"; else cout << "\r \r" << a << endl << additional << flush; }; // TODO: give hints &c. - auto getPassword = [&](Address const& a){ auto s = silence; silence = true; string ret; cout << endl << "Enter password for address " << a.abridged() << ": " << flush; std::getline(cin, ret); silence = s; return ret; }; + auto getPassword = [&](Address const& a){ auto s = silence; silence = true; cout << endl; string ret = dev::getPassword("Enter password for address " + a.abridged() + ": "); silence = s; return ret; }; #if ETH_JSONRPC || !ETH_TRUE shared_ptr jsonrpcServer; diff --git a/libdevcore/CommonIO.cpp b/libdevcore/CommonIO.cpp index a1a1056cb..80ad7ecf9 100644 --- a/libdevcore/CommonIO.cpp +++ b/libdevcore/CommonIO.cpp @@ -20,7 +20,8 @@ */ #include "CommonIO.h" - +#include +#include #include #include "Exceptions.h" using namespace std; @@ -117,3 +118,14 @@ void dev::writeFile(std::string const& _file, bytesConstRef _data) ofstream(_file, ios::trunc|ios::binary).write((char const*)_data.data(), _data.size()); } +std::string dev::getPassword(std::string const& _prompt) +{ +#if WIN32 + cout << _prompt << flush; + std::string ret; + std::getline(cin, ret); + return ret; +#else + return getpass(_prompt.c_str()); +#endif +} diff --git a/libdevcore/CommonIO.h b/libdevcore/CommonIO.h index 80334fa31..46a8b80bc 100644 --- a/libdevcore/CommonIO.h +++ b/libdevcore/CommonIO.h @@ -42,6 +42,8 @@ namespace dev { +std::string getPassword(std::string const& _prompt); + /// Retrieve and returns the contents of the given file. If the file doesn't exist or isn't readable, returns an empty bytes. bytes contents(std::string const& _file); std::string contentsString(std::string const& _file);