* subshell.c (do_subshell_chdir): Filter out a possible password from

warning dialog.

        * command.c (do_cd_command): Likewise.

        * screen.c (panel_callback): Likewise.

        * util.c (path_trunc): Add function. path_trunc() is the same as
        name_trunc(), but it deletes possible password from path for security
        reasons.

        * util.h: Add functions path_trunc().

        * filegui.c (file_progress_show_target): Filter out a possible password
        from dialog.
        (file_progress_show_deleting): Likewise.
        (file_mask_dialog): Likewise.

        * file.c (move_file_file): Likewise.
        (move_dir_dir): Likewise.
        (file_error): Likewise.
        (files_error): Likewise.
        (real_query_recursive): Likewise.

        * hotlist.c (add2hotlist): Typo fix.
This commit is contained in:
Andrew V. Samoilov 2004-11-03 19:43:17 +00:00
parent 52fc211ac8
commit cee8133838
9 changed files with 79 additions and 17 deletions

View File

@ -1,3 +1,31 @@
2004-11-03 Jindrich Novy <jnovy@redhat.com>
* subshell.c (do_subshell_chdir): Filter out a possible password from
warning dialog.
* command.c (do_cd_command): Likewise.
* screen.c (panel_callback): Likewise.
* util.c (path_trunc): Add function. path_trunc() is the same as
name_trunc(), but it deletes possible password from path for security
reasons.
* util.h: Add functions path_trunc().
* filegui.c (file_progress_show_target): Filter out a possible password
from dialog.
(file_progress_show_deleting): Likewise.
(file_mask_dialog): Likewise.
* file.c (move_file_file): Likewise.
(move_dir_dir): Likewise.
(file_error): Likewise.
(files_error): Likewise.
(real_query_recursive): Likewise.
* hotlist.c (add2hotlist): Typo fix.
2004-11-02 Pavel Tsekov <ptsekov@gmx.net>
* dialog.c (do_select_widget): Walk the whole widgets list looking

View File

@ -179,8 +179,10 @@ void do_cd_command (char *cmd)
}
} else
if (!examine_cd (&cmd [3])) {
char *d = strip_password (g_strdup (&cmd [3]), 1);
message (1, MSG_ERROR, _(" Cannot chdir to \"%s\" \n %s "),
&cmd [3], unix_error_string (errno));
d, unix_error_string (errno));
g_free (d);
return;
}
}

View File

@ -1111,8 +1111,8 @@ move_file_file (FileOpContext *ctx, const char *s, const char *d,
msize = 40;
msize /= 2;
strcpy (st, name_trunc (s, msize));
strcpy (dt, name_trunc (d, msize));
strcpy (st, path_trunc (s, msize));
strcpy (dt, path_trunc (d, msize));
message (1, MSG_ERROR,
_(" `%s' and `%s' are the same file "), st, dt);
do_refresh ();
@ -1229,8 +1229,8 @@ move_dir_dir (FileOpContext *ctx, const char *s, const char *d,
msize = 40;
msize /= 2;
strcpy (st, name_trunc (s, msize));
strcpy (dt, name_trunc (d, msize));
strcpy (st, path_trunc (s, msize));
strcpy (dt, path_trunc (d, msize));
message (1, MSG_ERROR,
_(" `%s' and `%s' are the same directory "), st, dt);
do_refresh ();
@ -2157,7 +2157,7 @@ int
file_error (const char *format, const char *file)
{
g_snprintf (cmd_buf, sizeof (cmd_buf), format,
name_trunc (file, 30), unix_error_string (errno));
path_trunc (file, 30), unix_error_string (errno));
return do_file_error (cmd_buf);
}
@ -2169,8 +2169,8 @@ files_error (const char *format, const char *file1, const char *file2)
char nfile1[16];
char nfile2[16];
strcpy (nfile1, name_trunc (file1, 15));
strcpy (nfile2, name_trunc (file2, 15));
strcpy (nfile1, path_trunc (file1, 15));
strcpy (nfile2, path_trunc (file2, 15));
g_snprintf (cmd_buf, sizeof (cmd_buf), format, nfile1, nfile2,
unix_error_string (errno));
@ -2191,7 +2191,7 @@ real_query_recursive (FileOpContext *ctx, enum OperationMode mode, const char *s
" Delete it recursively? ")
: _("\n Background process: Directory not empty \n"
" Delete it recursively? ");
text = g_strconcat (_(" Delete: "), name_trunc (s, 30), " ", (char *) NULL);
text = g_strconcat (_(" Delete: "), path_trunc (s, 30), " ", (char *) NULL);
if (safe_delete)
query_set_sel (1);

View File

@ -68,6 +68,7 @@
#include "fileopctx.h" /* FILE_CONT */
#include "filegui.h"
#include "key.h" /* get_event */
#include "util.h" /* strip_password() */
/* }}} */
@ -424,6 +425,7 @@ file_progress_show_bytes (FileOpContext *ctx, double done, double total)
/* }}} */
#define truncFileString(ui, s) name_trunc (s, ui->eta_extra + 47)
#define truncFileStringSecure(ui, s) path_trunc (s, ui->eta_extra + 47)
FileProgressStatus
file_progress_show_source (FileOpContext *ctx, const char *s)
@ -472,7 +474,7 @@ file_progress_show_target (FileOpContext *ctx, const char *s)
if (s != NULL) {
label_set_text (ui->file_label[1], _("Target"));
label_set_text (ui->file_string[1], truncFileString (ui, s));
label_set_text (ui->file_string[1], truncFileStringSecure (ui, s));
return check_progress_buttons (ctx);
} else {
label_set_text (ui->file_label[1], "");
@ -494,7 +496,7 @@ file_progress_show_deleting (FileOpContext *ctx, const char *s)
ui = ctx->ui;
label_set_text (ui->file_label[0], _("Deleting"));
label_set_text (ui->file_label[0], truncFileString (ui, s));
label_set_text (ui->file_label[0], truncFileStringSecure (ui, s));
return check_progress_buttons (ctx);
}
@ -854,6 +856,7 @@ file_mask_dialog (FileOpContext *ctx, FileOperation operation, const char *text,
int source_easy_patterns = easy_patterns;
char *source_mask, *orig_mask, *dest_dir, *tmpdest;
const char *error;
char *def_text_secure;
struct stat buf;
int val;
QuickDialog Quick_input;
@ -872,6 +875,9 @@ file_mask_dialog (FileOpContext *ctx, FileOperation operation, const char *text,
fmd_widgets[FMCB22].result = &ctx->stable_symlinks;
fmd_widgets[FMCB21].result = &ctx->dive_into_subdirs;
/* filter out a possible password from def_text */
def_text_secure = strip_password (g_strdup (def_text), 1);
/* Create the dialog */
ctx->stable_symlinks = 0;
@ -885,7 +891,7 @@ file_mask_dialog (FileOpContext *ctx, FileOperation operation, const char *text,
Quick_input.i18n = 1;
Quick_input.widgets = fmd_widgets;
fmd_widgets[FMDI0].text = text;
fmd_widgets[FMDI2].text = def_text;
fmd_widgets[FMDI2].text = def_text_secure;
fmd_widgets[FMDI2].str_result = &dest_dir;
fmd_widgets[FMDI1].str_result = &source_mask;

View File

@ -761,7 +761,7 @@ add2hotlist (char *label, char *directory, enum HotListType type, int pos)
/* should be inserted before first item */
new->next = current;
current_group->head = new;
} else if (pos == 1) { /* befor current */
} else if (pos == 1) { /* before current */
struct hotlist *p = current_group->head;
while (p->next != current)

View File

@ -2182,8 +2182,10 @@ panel_callback (WPanel *panel, widget_msg_t msg, int parm)
current_panel = panel;
panel->active = 1;
if (mc_chdir (panel->cwd) != 0) {
char *cwd = strip_password (g_strdup (panel->cwd), 1);
message (1, MSG_ERROR, _(" Cannot chdir to \"%s\" \n %s "),
panel->cwd, unix_error_string (errno));
cwd, unix_error_string (errno));
g_free(cwd);
} else
subshell_chdir (panel->cwd);

View File

@ -788,9 +788,12 @@ do_subshell_chdir (const char *directory, int do_update, int reset_prompt)
feed_subshell (QUIETLY, FALSE);
if (subshell_alive && strcmp (subshell_cwd, current_panel->cwd)
&& strcmp (current_panel->cwd, "."))
&& strcmp (current_panel->cwd, ".")) {
char *cwd = strip_password (g_strdup (current_panel->cwd), 1);
fprintf (stderr, _("Warning: Cannot change to %s.\n"),
current_panel->cwd);
cwd);
g_free (cwd);
}
if (reset_prompt)
prompt_pos = 0;

View File

@ -244,6 +244,22 @@ name_trunc (const char *txt, int trunc_len)
return x;
}
/*
* path_trunc() is the same as name_trunc() above but
* it deletes possible password from path for security
* reasons.
*/
const char *
path_trunc (const char *path, int trunc_len) {
const char *ret;
char *secure_path = strip_password (g_strdup (path), 1);
ret = name_trunc (secure_path, trunc_len);
g_free (secure_path);
return ret;
}
const char *size_trunc (double size)
{
static char x [BUF_TINY];

View File

@ -28,6 +28,11 @@ char *fake_name_quote (const char *c, int quote_percent);
* Return static buffer, no need to free() it. */
const char *name_trunc (const char *txt, int trunc_len);
/* path_trunc() is the same as name_trunc() above but
* it deletes possible password from path for security
* reasons. */
const char *path_trunc (const char *path, int trunc_len);
/* return a static string representing size, appending "K" or "M" for
* big sizes.
* NOTE: uses the same static buffer as size_trunc_sep. */