summaryrefslogtreecommitdiffstats
path: root/udev/ykfde.c
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2017-03-02 15:57:01 +0100
committerGravatar Christian Hesse <mail@eworm.de>2017-03-02 15:57:01 +0100
commit29e7a206cd70c72823d27c2e5f5db3b55a41e28d (patch)
treee435b4f52822171f135e4e40da754bb336eaa59a /udev/ykfde.c
parent5036728dec8af27827d5f399b0ebb1039476c283 (diff)
downloadmkinitcpio-ykfde-29e7a206cd70c72823d27c2e5f5db3b55a41e28d.tar.gz
mkinitcpio-ykfde-29e7a206cd70c72823d27c2e5f5db3b55a41e28d.tar.zst
share memory for passphrase and askpass answer
Diffstat (limited to 'udev/ykfde.c')
-rw-r--r--udev/ykfde.c16
1 files changed, 7 insertions, 9 deletions
diff --git a/udev/ykfde.c b/udev/ykfde.c
index 1e1061f..98ca946 100644
--- a/udev/ykfde.c
+++ b/udev/ykfde.c
@@ -116,16 +116,17 @@ static int try_answer(const unsigned int serial, uint8_t slot, const char * ask_
const char * ask_message, * ask_socket;
int fd_askpass;
char response[RESPONSELEN],
- passphrase[PASSPHRASELEN + 1],
- passphrase_askpass[PASSPHRASELEN + 2];
+ askpass[PASSPHRASELEN + 2];
+ char * passphrase = askpass + 1;
/* keyutils */
key_serial_t key;
void * payload = NULL;
size_t plen;
memset(response, 0, RESPONSELEN);
- memset(passphrase, 0, PASSPHRASELEN + 1);
- memset(passphrase_askpass, 0, PASSPHRASELEN + 2);
+ memset(askpass, 0, PASSPHRASELEN + 2);
+
+ *askpass = '+';
/* get second factor from key store
* if this fails it is not critical... possibly we just do not
@@ -197,14 +198,12 @@ static int try_answer(const unsigned int serial, uint8_t slot, const char * ask_
goto out3;
}
- sprintf(passphrase_askpass, "+%s", passphrase);
-
if ((fd_askpass = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) < 0) {
perror("socket() failed");
goto out3;
}
- if (send_on_socket(fd_askpass, ask_socket, passphrase_askpass, PASSPHRASELEN + 1) < 0) {
+ if (send_on_socket(fd_askpass, ask_socket, askpass, PASSPHRASELEN + 1) < 0) {
perror("send_on_socket() failed");
goto out4;
}
@@ -226,8 +225,7 @@ out2:
out1:
/* wipe response (cleartext password!) from memory */
memset(response, 0, RESPONSELEN);
- memset(passphrase, 0, PASSPHRASELEN + 1);
- memset(passphrase_askpass, 0, PASSPHRASELEN + 2);
+ memset(askpass, 0, PASSPHRASELEN + 2);
return rc;
}