From 8bdd74cfe6509b0a646ff09443bf6d81924a0956 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=9E=C3=B3rhallur=20Sverrisson?= Date: Wed, 12 Dec 2018 20:06:10 +0000 Subject: [PATCH] Remove DEL characters from password input (#5837) * Remove DEL characters from password input iTerm password manager sends \x03\0x7f before sending a password from its password manager to make sure the password is not being echoed to the screen. Unfortunately, vault login does not handle the Space DEL sequence, causing the login to fail when using the password manager. This patch uses a simple method to delete the sequence if present anywhere in the string, although it is strictly only needed at the start of input. * Simplify iTerm handling to only remove iTerm prefix The logic now only removes the two byte prefix sent in by iTerm instead of trying to remove all deletes in the string. This has been tested to work with the iTerm password manager. As a small correction, the byte sequence is \x20\x7f. The earlier commit message incorrectly stated it was \x03\x7f. --- helper/password/password.go | 7 ++++++- helper/password/password_test.go | 27 +++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 helper/password/password_test.go diff --git a/helper/password/password.go b/helper/password/password.go index 102fbe802332..641da8239e74 100644 --- a/helper/password/password.go +++ b/helper/password/password.go @@ -8,6 +8,7 @@ import ( "io" "os" "os/signal" + "strings" ) var ErrInterrupted = errors.New("interrupted") @@ -34,7 +35,7 @@ func Read(f *os.File) (string, error) { case <-ch: return "", ErrInterrupted case <-doneCh: - return result, resultErr + return removeiTermDelete(result), resultErr } } @@ -62,3 +63,7 @@ func readline(f *os.File) (string, error) { return string(resultBuf), nil } + +func removeiTermDelete(input string) string { + return strings.TrimPrefix(input, "\x20\x7f") +} diff --git a/helper/password/password_test.go b/helper/password/password_test.go new file mode 100644 index 000000000000..c44526d7ab21 --- /dev/null +++ b/helper/password/password_test.go @@ -0,0 +1,27 @@ +package password + +import "testing" + +type testCase struct { + name string + input string + expected string +} + +func TestRemoveiTermDelete(t *testing.T) { + var tests = []testCase{ + {"NoDelete", "TestingStuff", "TestingStuff"}, + {"SingleDelete", "Testing\x7fStuff", "Testing\x7fStuff"}, + {"DeleteFirst", "\x7fTestingStuff", "\x7fTestingStuff"}, + {"DoubleDelete", "\x7f\x7fTestingStuff", "\x7f\x7fTestingStuff"}, + {"SpaceFirst", "\x20TestingStuff", "\x20TestingStuff"}, + {"iTermDelete", "\x20\x7fTestingStuff", "TestingStuff"}, + } + + for _, test := range tests { + result := removeiTermDelete(test.input) + if result != test.expected { + t.Errorf("Test %s failed, input: '%s', expected: '%s', output: '%s'", test.name, test.input, test.expected, result) + } + } +}