Insecure password handling

[Per Kristian Hove <Per.Hove@xxxxxxxxxxxx>]

Typing the password on the command line (using "-p foobar") is a
security risk on multiuser systems. Your password may be spotted
by other users using ps(1) and similar tools.

The attached patch modifies rdesktop's behaviour:

When using "-" as password ("-p -"), the password will be read
from standard input. If standard input is connected to a
terminal, the user will be promted for the password (which will
not be echoed to the screen).

This enables me to do

  echo foobar | rdesktop -p -  ....

which is safer ("echo" is a builtin in most shells, and won't
show up in ps(1)).

This patch also makes it possible to start programs like
C:\Program Files\Microsoft Office\Office\winword.exe (32 bytes
is too short for those kind of filenames).

Autologon doesn't work for me, by the way (w2k server).


-- 
Per Kristian Hove <Per.Hove@math.ntnu.no>
Principal engineer
Dept. of Mathematical Sciences
Norwegian University of Science and Technology
--- rdesktop.c.orig	Thu Jan 11 21:32:33 2001
+++ rdesktop.c	Thu Jan 11 21:30:22 2001
@@ -93,7 +93,7 @@
   uint32 flags;
   char domain[16];
   char password[16];
-  char shell[32];
+  char shell[64];
   char directory[32];
   char title[32];
   int c;
@@ -116,7 +116,26 @@
 	  break;
 	case 'p':
 	  flags |= RDP_LOGON_AUTO;
-	  strncpy (password, optarg, sizeof (password));
+	  if (strcmp (optarg, "-") != 0)
+	  {
+	    strncpy (password, optarg, sizeof (password));
+	  } else {
+	    /* Read password from terminal or stdin */
+	    if (isatty (fileno (stdin)))
+	    {
+	      char *pw;
+	      pw = getpass("Password: ");
+	      strncpy (password, pw, sizeof (password));
+	    } else {
+	      if (fgets ((char *)&password, sizeof (password), stdin) == NULL)
+	      {
+		ERROR("fgets\n");
+		exit(1);
+	      }
+	    }
+	    if (password[strlen(password)-1] == '\n')
+	      password[strlen(password)-1] = '\0'; /* Chop newline */
+	  }
 	  break;
 	case 's':
 	  strncpy (shell, optarg, sizeof (shell));