Merging upstream version 256.6.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-16 18:28:16 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-16 18:28:16 +0000
commit: 6341b7a467c18d6e03bf56e32d516ed3dca6e80c (patch)
tree: 84262c0a568a2d869b75c0cf165969b6b0e6ca27 /src/shared/ask-password-api.c
parent: Adding debian version 256.5-2. (diff)
download: systemd-6341b7a467c18d6e03bf56e32d516ed3dca6e80c.tar.xz
systemd-6341b7a467c18d6e03bf56e32d516ed3dca6e80c.zip
1 files changed, 21 insertions, 8 deletions
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index bf79dc2..042c0ad 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -167,7 +167,16 @@ static int ask_password_keyring(const AskPasswordRequest *req, AskPasswordFlags
         if (r < 0)
                 return r;
 
-        return retrieve_key(serial, ret);
+        _cleanup_strv_free_erase_ char **l = NULL;
+        r = retrieve_key(serial, &l);
+        if (r < 0)
+                return r;
+
+        if (strv_isempty(l))
+                return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password from keyring.");
+
+        *ret = TAKE_PTR(l);
+        return 0;
 }
 
 static int backspace_chars(int ttyfd, size_t p) {
@@ -322,8 +331,8 @@ int ask_password_plymouth(
                         return -ENOENT;
 
                 } else if (IN_SET(buffer[0], 2, 9)) {
+                        _cleanup_strv_free_erase_ char **l = NULL;
                         uint32_t size;
-                        char **l;
 
                         /* One or more answers */
                         if (p < 5)
@@ -341,15 +350,16 @@ int ask_password_plymouth(
                         if (!l)
                                 return -ENOMEM;
 
-                        *ret = l;
-                        break;
+                        if (strv_isempty(l))
+                                return log_debug_errno(SYNTHETIC_ERRNO(ECANCELED), "Received an empty password.");
+
+                        *ret = TAKE_PTR(l);
+                        return 0;
 
                 } else
                         /* Unknown packet */
                         return -EIO;
         }
-
-        return 0;
 }
 
 #define NO_ECHO "(no echo) "
@@ -949,8 +959,8 @@ finish:
 
 static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFlags flags, char ***ret) {
         _cleanup_(erase_and_freep) char *buffer = NULL;
+        _cleanup_strv_free_erase_ char **l = NULL;
         size_t size;
-        char **l;
         int r;
 
         assert(req);
@@ -965,7 +975,10 @@ static int ask_password_credential(const AskPasswordRequest *req, AskPasswordFla
         if (!l)
                 return -ENOMEM;
 
-        *ret = l;
+        if (strv_isempty(l))
+                return log_debug_errno(SYNTHETIC_ERRNO(ENOKEY), "Found an empty password in credential.");
+
+        *ret = TAKE_PTR(l);
         return 0;
 }
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-16 18:28:16 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-16 18:28:16 +0000
commit	6341b7a467c18d6e03bf56e32d516ed3dca6e80c (patch)
tree	84262c0a568a2d869b75c0cf165969b6b0e6ca27 /src/shared/ask-password-api.c
parent	Adding debian version 256.5-2. (diff)
download	systemd-6341b7a467c18d6e03bf56e32d516ed3dca6e80c.tar.xz systemd-6341b7a467c18d6e03bf56e32d516ed3dca6e80c.zip