Bug 759116 – [review] cli: do not echo passwords on terminal when asking for them

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 759116 - [review] cli: do not echo passwords on terminal when asking for them


Summary:	[review] cli: do not echo passwords on terminal when asking for them


Status:	RESOLVED FIXED

Product:	NetworkManager
Classification:	Platform
Component:	nmcli
Version:	git master
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	NetworkManager maintainer(s)
QA Contact:	NetworkManager maintainer(s)

URL:
Whiteboard:

Duplicates:	745012 766702 (view as bug list)
Depends on:
Blocks:

Reported:	2015-12-07 12:02 UTC by Jiri Klimes
Modified:	2016-05-20 10:00 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Jiri Klimes 2015-12-07 12:02:29 UTC

Do not display passwords when user is asked for one and types it on the command line.

E.g.
nmcli -a con up pub-wifi
Passwords or encryption keys are required to access the wireless network 'Pub Wi-Fi'.
Password (802-11-wireless-security.psk):

Comment 1 Jiri Klimes 2015-12-07 12:07:53 UTC

Done in branch jk/nmcli-show-secrets-rh759116

It hides passwords on terminal by default and also adds global --show-secrets option. The option
 - can be used for turning on displaying passwords input on terminal
 - replaces --show-secrets in 'nmcli connection show', which is deprecated now
 - replaces --show-password in 'nmcli device wifi hotspot', which is deprecated now

Comment 2 Thomas Haller 2015-12-07 12:17:12 UTC

+
+    str = nmc_readline_helper (prompt);
+
+    g_free (prompt);
+
+    /* Restore original terminal settings */
+    if (!echo_on)
+         tcsetattr (STDIN_FILENO, TCSADRAIN, &termios_orig);


what happens if you CTRL+C nmcli during password request? Is the terminal afterwards broken (until you do `reset` in shell)? Can that be avoided?


Otherwise, LGTM.

Comment 3 Jiri Klimes 2015-12-07 13:29:52 UTC

(In reply to Thomas Haller from comment #2)
> +
> +    str = nmc_readline_helper (prompt);
> +
> +    g_free (prompt);
> +
> +    /* Restore original terminal settings */
> +    if (!echo_on)
> +         tcsetattr (STDIN_FILENO, TCSADRAIN, &termios_orig);
> 
> 
> what happens if you CTRL+C nmcli during password request? Is the terminal
> afterwards broken (until you do `reset` in shell)? Can that be avoided?
> 
> 
> Otherwise, LGTM.

The terminal is not broken, the situation is handled correctly. nmcli gets terminal attributes on startup and then restores them in signal handler. The code has already been in.

Committed to master:
c52b204 merge: nmcli: don't show password by default, add --show-secrets (rh #759116)
629de4e cli: add global --show-secrets option
23aff47 cli: use nmc_readline_echo() for asking password in 'nmcli con add'
1056408 cli: use nmc_readline_echo() for asking password in 'nmcli dev wifi connect'
0238806 cli: use new nmc_readline_echo() in polkit agent
a14306c cli: do not echo passwords on terminal when asking for them

Comment 4 Beniamino Galvani 2016-03-18 08:28:46 UTC

*** Bug 745012 has been marked as a duplicate of this bug. ***

Comment 5 Thomas Haller 2016-05-20 10:00:53 UTC

*** Bug 766702 has been marked as a duplicate of this bug. ***