diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-11-04 00:06:16 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-11-04 00:10:08 +0100 |
commit | ce78f890174b107cec69d7388b9279b84f2b0a39 (patch) | |
tree | df901bc5868604f484d6f79e00861d55a3185744 /src/Core/Unix | |
parent | 54c7e1cfd3a98368352028def5faaedc017edc17 (diff) | |
download | VeraCrypt-ce78f890174b107cec69d7388b9279b84f2b0a39.tar.gz VeraCrypt-ce78f890174b107cec69d7388b9279b84f2b0a39.zip |
Linux/FreeBSD: Add CLI switch to force use of old sudo behavior of sending a dummy password
The new switch is --use-dummy-sudo-password
Diffstat (limited to 'src/Core/Unix')
-rw-r--r-- | src/Core/Unix/CoreService.cpp | 50 |
1 files changed, 27 insertions, 23 deletions
diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp index b02bd211..2a77c90a 100644 --- a/src/Core/Unix/CoreService.cpp +++ b/src/Core/Unix/CoreService.cpp @@ -300,39 +300,43 @@ namespace VeraCrypt // See : https://superuser.com/questions/902826/why-does-sudo-n-on-mac-os-x-always-return-0 // // If for some reason we are getting empty output from pipe, we revert to old behavior + // We also use the old way if the user is forcing the use of dummy password for sudo #if defined(TC_LINUX ) || defined (TC_FREEBSD) - std::vector<char> buffer(128, 0); - std::string result; - bool authCheckDone = false; - - FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command - if (pipe) + if (!Core->GetUseDummySudoPassword ()) { - while (!feof(pipe)) + std::vector<char> buffer(128, 0); + std::string result; + bool authCheckDone = false; + + FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command + if (pipe) { - if (fgets(buffer.data(), 128, pipe) != nullptr) - result += buffer.data(); + while (!feof(pipe)) + { + if (fgets(buffer.data(), 128, pipe) != nullptr) + result += buffer.data(); + } + + fflush(pipe); + pclose(pipe); + pipe = NULL; + + if (!result.empty() && strlen(result.c_str()) != 0) + { + authCheckDone = true; + if (result[0] == '0') // no line found with "load average" text, rerquest admin password + (*AdminPasswordCallback) (request.AdminPassword); + } } - fflush(pipe); - pclose(pipe); - pipe = NULL; - - if (!result.empty() && strlen(result.c_str()) != 0) + if (authCheckDone) { - authCheckDone = true; - if (result[0] == '0') // no line found with "load average" text, rerquest admin password - (*AdminPasswordCallback) (request.AdminPassword); + // Set to false to force the 'WarningEvent' to be raised in case of and elevation exception. + request.FastElevation = false; } } - - if (authCheckDone) - { - // Set to false to force the 'WarningEvent' to be raised in case of and elevation exception. - request.FastElevation = false; - } #endif try { |