diff --git a/src/daemon.c b/src/daemon.c
index ff88210..d66dd50 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -917,10 +917,6 @@ do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
 	free(pollfds);
 }
 
-/* GCC -fanalyzer has trouble with realloc
- * https://bugzilla.redhat.com/show_bug.cgi?id=2047926 */
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wanalyzer-use-of-uninitialized-value"
 static int
 handle_events(context *ctx)
 {
@@ -999,7 +995,6 @@ handle_events(context *ctx)
 	}
 	return 0;
 }
-#pragma GCC diagnostic pop
 
 static int
 get_uid_and_gid(context *ctx, char **homedir)
diff --git a/src/password.c b/src/password.c
index 18c32ed..ac1866e 100644
--- a/src/password.c
+++ b/src/password.c
@@ -79,6 +79,7 @@ read_password(FILE *in, FILE *out, char *buf, size_t bufsz)
 	int infd = fileno(in);
 	struct termios tio;
 	char *ret;
+	int len;
 
 	ingress();
 	ret = fgets(buf, bufsz, in);
@@ -96,7 +97,14 @@ read_password(FILE *in, FILE *out, char *buf, size_t bufsz)
 	if (ret == NULL)
 		return -1;
 
-	buf[strlen(buf)-1] = '\0';
+	len = strlen(buf);
+	while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) {
+		buf[len-1] = '\0';
+		len--;
+	}
+	if (len == 0)
+		return -1;
+
 	egress();
 	return 0;
 }
@@ -365,13 +373,23 @@ SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
 }
 
 char *
-get_password_passthrough(PK11SlotInfo *slot UNUSED,
-			 PRBool retry, void *arg)
+get_password_passthrough(PK11SlotInfo *slot UNUSED, PRBool retry, void *arg)
 {
+	cms_context *cms;
+	secuPWData *pwdata;
+
+	dbgprintf("ctx:%p", arg);
+
 	if (retry || !arg)
 		return NULL;
 
-	char *ret = strdup(arg);
+	cms = (cms_context *)arg;
+	pwdata = &cms->pwdata;
+
+	if (pwdata->source != PW_PLAINTEXT)
+		return NULL;
+
+	char *ret = strdup(pwdata->data);
 	if (!ret)
 		err(1, "Could not allocate memory");