bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30190: 27.0.50; term run in line mode shows user passwords


From: Tino Calancha
Subject: bug#30190: 27.0.50; term run in line mode shows user passwords
Date: Sun, 4 Feb 2018 12:40:07 +0900 (JST)
User-agent: Alpine 2.20 (DEB 67 2015-01-07)



On Sat, 3 Feb 2018, Eli Zaretskii wrote:

My feedback is that such a radical solution with so many lines of code
is a no-no for the release branch.  Please look for a simpler
solution, perhaps don't create a new file?
A suitable patch for the next release for discussion below:

--8<-----------------------------cut here---------------start------------->8---
commit 2a0f243ff63772bb16ce4e3666b5fd5e696ea68f
Author: tino calancha <address@hidden>
Date:   Sun Feb 4 12:32:04 2018 +0900

    Prevent term run in line mode from showing user passwords

    For buffers whose mode derive from comint-mode, the user
    password is read from the minibuffer and it's hidden.
    A buffer in term-mode and line submode, instead shows
    the passwords.
    This commit forces buffers in line term-mode to hide
    passwords (Bug#30190).

    * lisp/term.el (term-password-prompt-regexp): New user option.
    (term-watch-for-password-prompt): New function.

    (term-send-input, term-emulate-terminal): Call it.
    (term-output-filter-hook): New hook.  Add term-watch-for-password-prompt
    to it.

    (term-send-input, term-emulate-terminal): Call the new hook each time
    we receive output.

diff --git a/lisp/term.el b/lisp/term.el
index 3970e93cf1..49fbc58cf3 100644
--- a/lisp/term.el
+++ b/lisp/term.el
@@ -558,6 +558,27 @@ term-suppress-hard-newline
 ;; indications of the current pc.
 (defvar term-pending-frame nil)

+;; Stolen from comint.el
+(defcustom term-password-prompt-regexp
+  (concat
+   "\\(^ *\\|"
+   (regexp-opt
+    '("Enter" "enter" "Enter same" "enter same" "Enter the" "enter the"
+      "Old" "old" "New" "new" "'s" "login"
+      "Kerberos" "CVS" "UNIX" " SMB" "LDAP" "PEM" "SUDO"
+      "[sudo]" "Repeat" "Bad" "Retype")
+    t)
+   " +\\)"
+   "\\(?:" (regexp-opt password-word-equivalents) "\\|Response\\)"
+   "\\(?:\\(?:, try\\)? *again\\| (empty for no passphrase)\\| (again)\\)?"
+   ;; "[[:alpha:]]" used to be "for", which fails to match non-English.
+   "\\(?: [[:alpha:]]+ .+\\)?[\\s  ]*[::៖][\\s  ]*\\'")
+  "Regexp matching prompts for passwords in the inferior process.
+This is used by `term-watch-for-password-prompt'."
+  :version "27.1"
+  :type 'regexp
+  :group 'comint)
+
 ;;; Here are the per-interpreter hooks.
 (defvar term-get-old-input (function term-get-old-input-default)
   "Function that submits old text in term mode.
@@ -586,6 +607,17 @@ term-input-filter-functions

 This variable is buffer-local.")

+;;; Stolen from comint.el
+;;;###autoload
+(defvar term-output-filter-hook '(term-watch-for-password-prompt)
+  "Functions to call after output is inserted into the buffer.
+One possible function is `term-watch-for-password-prompt'.
+These functions get one argument, a string containing the text as originally
+inserted.
+
+You can use `add-hook' to add functions to this list
+either globally or locally.")
+
 (defvar term-input-sender (function term-simple-send)
   "Function to actually send to PROCESS the STRING submitted by user.
 Usually this is just `term-simple-send', but if your mode needs to
@@ -2134,7 +2166,8 @@ term-send-input
          (set-marker term-pending-delete-marker pmark-val)
          (set-marker (process-mark proc) (point)))
        (goto-char pmark)
-       (funcall term-input-sender proc input)))))
+       (funcall term-input-sender proc input)
+        (run-hook-with-args 'term-output-filter-hook "")))))

 (defun term-get-old-input-default ()
   "Default for `term-get-old-input'.
@@ -2264,6 +2297,21 @@ term-send-invisible
     (term-send-string proc str)
     (term-send-string proc "\n")))

+;;; Stolen from comint.el
+;; TODO: This file share plenty of code with comint.el; it might be worth
+;; to extract the common functionality into a new file.
+(defun term-watch-for-password-prompt (string)
+  "Prompt in the minibuffer for password and send without echoing.
+This function uses `term-send-invisible' to read and send a password to the 
buffer's
+process if STRING contains a password prompt defined by
+`term-password-prompt-regexp'.
+
+This function could be in the list `term-emulate-terminal'."
+  (when (term-in-line-mode)
+    (when (let ((case-fold-search t))
+           (string-match term-password-prompt-regexp string))
+      (term-send-invisible nil))))
+

 ;;; Low-level process communication

@@ -3121,6 +3169,8 @@ term-emulate-terminal
          (term-handle-deferred-scroll))

        (set-marker (process-mark proc) (point))
+        ;; Run these hooks with point where the user had it.
+        (run-hook-with-args 'term-output-filter-hook str)
        (when save-point
          (goto-char save-point)
          (set-marker save-point nil))
--8<-----------------------------cut here---------------end--------------->8---
In GNU Emacs 26.0.91 (build 8, x86_64-pc-linux-gnu, GTK+ Version 3.22.11)
 of 2018-02-04 built on calancha-pc
Repository revision: aafcd12eebff1549b3d4b4f8f8d0f24498c1aedf

reply via email to

[Prev in Thread] Current Thread [Next in Thread]