VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Core/Unix
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-11-04 00:06:16 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-11-04 00:10:08 +0100
commitce78f890174b107cec69d7388b9279b84f2b0a39 (patch)
treedf901bc5868604f484d6f79e00861d55a3185744 /src/Core/Unix
parent54c7e1cfd3a98368352028def5faaedc017edc17 (diff)
downloadVeraCrypt-ce78f890174b107cec69d7388b9279b84f2b0a39.tar.gz
VeraCrypt-ce78f890174b107cec69d7388b9279b84f2b0a39.zip
Linux/FreeBSD: Add CLI switch to force use of old sudo behavior of sending a dummy password
The new switch is --use-dummy-sudo-password
Diffstat (limited to 'src/Core/Unix')
-rw-r--r--src/Core/Unix/CoreService.cpp50
1 files changed, 27 insertions, 23 deletions
diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp
index b02bd211..2a77c90a 100644
--- a/src/Core/Unix/CoreService.cpp
+++ b/src/Core/Unix/CoreService.cpp
@@ -300,39 +300,43 @@ namespace VeraCrypt
// See : https://superuser.com/questions/902826/why-does-sudo-n-on-mac-os-x-always-return-0
//
// If for some reason we are getting empty output from pipe, we revert to old behavior
+ // We also use the old way if the user is forcing the use of dummy password for sudo
#if defined(TC_LINUX ) || defined (TC_FREEBSD)
- std::vector<char> buffer(128, 0);
- std::string result;
- bool authCheckDone = false;
-
- FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command
- if (pipe)
+ if (!Core->GetUseDummySudoPassword ())
{
- while (!feof(pipe))
+ std::vector<char> buffer(128, 0);
+ std::string result;
+ bool authCheckDone = false;
+
+ FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command
+ if (pipe)
{
- if (fgets(buffer.data(), 128, pipe) != nullptr)
- result += buffer.data();
+ while (!feof(pipe))
+ {
+ if (fgets(buffer.data(), 128, pipe) != nullptr)
+ result += buffer.data();
+ }
+
+ fflush(pipe);
+ pclose(pipe);
+ pipe = NULL;
+
+ if (!result.empty() && strlen(result.c_str()) != 0)
+ {
+ authCheckDone = true;
+ if (result[0] == '0') // no line found with "load average" text, rerquest admin password
+ (*AdminPasswordCallback) (request.AdminPassword);
+ }
}
- fflush(pipe);
- pclose(pipe);
- pipe = NULL;
-
- if (!result.empty() && strlen(result.c_str()) != 0)
+ if (authCheckDone)
{
- authCheckDone = true;
- if (result[0] == '0') // no line found with "load average" text, rerquest admin password
- (*AdminPasswordCallback) (request.AdminPassword);
+ // Set to false to force the 'WarningEvent' to be raised in case of and elevation exception.
+ request.FastElevation = false;
}
}
-
- if (authCheckDone)
- {
- // Set to false to force the 'WarningEvent' to be raised in case of and elevation exception.
- request.FastElevation = false;
- }
#endif
try
{