diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-11-25 14:50:15 +0000 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-11-27 22:25:57 +0000 |
commit | 3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch) | |
tree | 5559bcf502288a62f34e17902de92fcc2c60f110 /src/common | |
parent | utils: initialize easylogging++ in on_startup (diff) | |
download | monero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz |
new wipeable_string class to replace std::string passphrases
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/password.cpp | 36 | ||||
-rw-r--r-- | src/common/password.h | 6 | ||||
-rw-r--r-- | src/common/util.cpp | 4 |
3 files changed, 20 insertions, 26 deletions
diff --git a/src/common/password.cpp b/src/common/password.cpp index 01eaf62e1..98a49eb80 100644 --- a/src/common/password.cpp +++ b/src/common/password.cpp @@ -56,7 +56,7 @@ namespace return 0 != _isatty(_fileno(stdin)); } - bool read_from_tty(std::string& pass) + bool read_from_tty(epee::wipeable_string& pass) { static constexpr const char BACKSPACE = 8; @@ -88,8 +88,7 @@ namespace { if (!pass.empty()) { - pass.back() = '\0'; - pass.resize(pass.size() - 1); + pass.pop_back(); } } else @@ -127,7 +126,7 @@ namespace return ch; } - bool read_from_tty(std::string& aPass) + bool read_from_tty(epee::wipeable_string& aPass) { static constexpr const char BACKSPACE = 127; @@ -148,8 +147,7 @@ namespace { if (!aPass.empty()) { - aPass.back() = '\0'; - aPass.resize(aPass.size() - 1); + aPass.pop_back(); } } else @@ -163,15 +161,7 @@ namespace #endif // end !WIN32 - void clear(std::string& pass) noexcept - { - // technically, the std::string documentation says the data should not be modified, - // but there seems to be no way to get a non const raw pointer to the data - memwipe((void*)pass.data(), pass.size()); - pass.clear(); - } - - bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2) + bool read_from_tty(const bool verify, const char *message, epee::wipeable_string& pass1, epee::wipeable_string& pass2) { while (true) { @@ -187,8 +177,8 @@ namespace if(pass1!=pass2) { std::cout << "Passwords do not match! Please try again." << std::endl; - clear(pass1); - clear(pass2); + pass1.clear(); + pass2.clear(); } else //new password matches return true; @@ -201,7 +191,7 @@ namespace return false; } - bool read_from_file(std::string& pass) + bool read_from_file(epee::wipeable_string& pass) { pass.reserve(tools::password_container::max_password_size); for (size_t i = 0; i < tools::password_container::max_password_size; ++i) @@ -236,7 +226,7 @@ namespace tools password_container::~password_container() noexcept { - clear(m_password); + m_password.clear(); } boost::optional<password_container> password_container::prompt(const bool verify, const char *message) @@ -252,9 +242,8 @@ namespace tools boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt) { login out{}; - password_container wipe{std::move(userpass)}; - const auto loc = wipe.password().find(':'); + const auto loc = userpass.find(':'); if (loc == std::string::npos) { auto result = prompt(verify); @@ -265,10 +254,11 @@ namespace tools } else { - out.password = password_container{wipe.password().substr(loc + 1)}; + out.password = password_container{userpass.substr(loc + 1)}; } - out.username = wipe.password().substr(0, loc); + out.username = userpass.substr(0, loc); + password_container wipe{std::move(userpass)}; return {std::move(out)}; } } diff --git a/src/common/password.h b/src/common/password.h index ba1c30a28..01c6bf05a 100644 --- a/src/common/password.h +++ b/src/common/password.h @@ -32,6 +32,7 @@ #include <string> #include <boost/optional/optional.hpp> +#include "wipeable_string.h" namespace tools { @@ -58,11 +59,10 @@ namespace tools password_container& operator=(const password_container&) = delete; password_container& operator=(password_container&&) = default; - const std::string& password() const noexcept { return m_password; } + const epee::wipeable_string &password() const noexcept { return m_password; } private: - //! TODO Custom allocator that locks to RAM? - std::string m_password; + epee::wipeable_string m_password; }; struct login diff --git a/src/common/util.cpp b/src/common/util.cpp index 0d56e5eb7..eac5a67cf 100644 --- a/src/common/util.cpp +++ b/src/common/util.cpp @@ -36,9 +36,11 @@ #include "include_base_utils.h" #include "file_io_utils.h" +#include "wipeable_string.h" using namespace epee; #include "util.h" +#include "memwipe.h" #include "cryptonote_config.h" #include "net/http_client.h" // epee::net_utils::... @@ -542,6 +544,8 @@ std::string get_nix_version_display_string() } bool on_startup() { + wipeable_string::set_wipe(&memwipe); + mlog_configure("", true); sanitize_locale(); |