Debian Bug report logs -
#378316
vpnc cannot retrieve user password from stdin
Reported by: ftronel@irisa.fr
Date: Sat, 15 Jul 2006 09:18:04 UTC
Severity: normal
Tags: patch
Merged with 377713
Fixed in version kvpnc/0.8.8-2
Done: Mark Purcell <msp@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Christoph Thielecke <christoph.thielecke@gmx.de>, Eduard Bloch <blade@debian.org>:
Bug#378316; Package vpnc.
(full text, mbox, link).
Acknowledgement sent to ftronel@irisa.fr:
New Bug report received and forwarded. Copy sent to Christoph Thielecke <christoph.thielecke@gmx.de>, Eduard Bloch <blade@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: vpnc
Version: 0.3.3+SVN20051028-3
Severity: normal
Tags: patch
vpnc is using the "obsolete" getpass function (cf getpass manpage) to retrieve the user password.
This funtion directly manipulates /dev/tty to turn off echoing of the password on the tty (which is ok).
However, when the standard input is not a terminal, but a pipe (e.g. for an automatic connexion), it makes
vpnc unable to get the password. This prevents kvpnc to work. Indeed this latter is forking a vpnc process
and connects its standard input to a pipe, to fed it with the password provided by the user. I have reported
this bug to kvpnc (cf Bug#377713: kvpnc: Cisco connection does not work). But after having furtherly explored
the problem, it turns out to be a bug in vpnc. I provide a small patch (config.c) that fixes the problem on my system (it is
inspired after what is done in ssh). Before calling getpass, I test if the standard input is a tty or not. In the
first case I call getpass, otherwise stdin is connected through a pipe, I use instead getline (the password is anyway
invisible).
665a666
> int stdinfd;
788c789,793
< s = strdup(getpass(""));
---
> stdinfd = fileno(stdin);
> if(isatty(stdinfd))
> s = strdup(getpass(""));
> else
> getline(&s,&s_len,stdin);
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.20
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1) (ignored: LC_ALL set to fr_FR)
Versions of packages vpnc depends on:
ii iproute 20051007-4 Professional tools to control the
ii libc6 2.3.6-15 GNU C Library: Shared libraries
ii libgcrypt11 1.2.2-1 LGPL Crypto library - runtime libr
ii libgpg-error0 1.2-1 library for common error values an
vpnc recommends no packages.
-- no debconf information
Bug reassigned from package `vpnc' to `kvpnc'.
Request was from Eduard Bloch <edi@gmx.de>
to control@bugs.debian.org.
(full text, mbox, link).
Bug reassigned from package `kvpnc' to `kvpnc'.
Request was from Eduard Bloch <edi@gmx.de>
to control@bugs.debian.org.
(full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 24 Jun 2007 15:53:24 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Tue Jul 16 08:34:14 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.