From: Mathieu Othacehe <m.othacehe@gmail.com>
To: "pelzflorian (Florian Pelz)" <pelzflorian@pelzflorian.de>
Cc: 35540@debbugs.gnu.org
Subject: bug#35540: Installer displays encrypted partition password entry in cleartext
Date: Sun, 05 May 2019 13:04:03 +0200 [thread overview]
Message-ID: <877eb5duxo.fsf@gmail.com> (raw)
In-Reply-To: <20190504210632.i3tyhzisfw6anpyb@pelzflorian.localdomain>
[-- Attachment #1: Type: text/plain, Size: 329 bytes --]
Hello,
> #2 would please everybody, but I do not know what widgets Newt
> provides for this. Mathieu, would you know if changing the
> visibility with e.g. a checkbox is doable?
You'll find a patch attached that adds a checkbox to toggle password
hiding. Every password input now has such a checkbox, WDYT?
Thanks,
Mathieu
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-installer-Add-password-hide-checkbox.patch --]
[-- Type: text/x-diff, Size: 8017 bytes --]
From fba1d82b2e27917a5efef339b326fe2d98e62bc0 Mon Sep 17 00:00:00 2001
From: Mathieu Othacehe <m.othacehe@gmail.com>
Date: Sun, 5 May 2019 12:54:40 +0200
Subject: [PATCH] installer: Add password 'hide' checkbox.
* gnu/installer/newt/page.scm (run-input-page)[input-hide-checkbox?]: New
parameter adding a checkbox to toggle password hiding. By default, the
checkbox is active and the password is hence hided.
* gnu/installer/newt/partition.scm (prompt-luks-passwords): Enable the
previous parameter on both password input pages.
* gnu/installer/newt/user.scm (run-root-password-page): Enable the previous
parameter,
(confirm-password): ditto,
(run-user-add-page): add a checkbox to toggle password hiding.
---
gnu/installer/newt/page.scm | 34 +++++++++++++++++++++++---------
gnu/installer/newt/partition.scm | 9 +++------
gnu/installer/newt/user.scm | 22 ++++++++++++++++++---
3 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/gnu/installer/newt/page.scm b/gnu/installer/newt/page.scm
index 8a32c403df..4645486ff7 100644
--- a/gnu/installer/newt/page.scm
+++ b/gnu/installer/newt/page.scm
@@ -75,6 +75,7 @@ this page to TITLE."
#:key
(allow-empty-input? #f)
(default-text #f)
+ (input-hide-checkbox? #f)
(input-field-width 40)
(input-flags 0))
"Run a page to prompt user for an input. The given TEXT will be displayed
@@ -86,22 +87,37 @@ input box, such as FLAG-PASSWORD."
(make-reflowed-textbox -1 -1 text
input-field-width
#:flags FLAG-BORDER))
- (grid (make-grid 1 3))
+ (input-visible-cb
+ (make-checkbox -1 -1 (G_ "Hide") #\x "x "))
+ (input-flags* (if input-hide-checkbox?
+ (logior FLAG-PASSWORD input-flags)
+ input-flags))
(input-entry (make-entry -1 -1 20
- #:flags input-flags))
+ #:flags input-flags*))
(ok-button (make-button -1 -1 (G_ "OK")))
+ (grid (vertically-stacked-grid
+ GRID-ELEMENT-COMPONENT text-box
+ GRID-ELEMENT-SUBGRID
+ (apply
+ horizontal-stacked-grid
+ GRID-ELEMENT-COMPONENT input-entry
+ `(,@(if input-hide-checkbox?
+ (list GRID-ELEMENT-COMPONENT input-visible-cb)
+ '())))
+ GRID-ELEMENT-COMPONENT ok-button))
(form (make-form)))
+ (add-component-callback
+ input-visible-cb
+ (lambda (component)
+ (set-entry-flags input-entry
+ FLAG-PASSWORD
+ FLAG-ROLE-TOGGLE)))
+
(when default-text
(set-entry-text input-entry default-text))
- (set-grid-field grid 0 0 GRID-ELEMENT-COMPONENT text-box)
- (set-grid-field grid 0 1 GRID-ELEMENT-COMPONENT input-entry
- #:pad-top 1)
- (set-grid-field grid 0 2 GRID-ELEMENT-COMPONENT ok-button
- #:pad-top 1)
-
- (add-components-to-form form text-box input-entry ok-button)
+ (add-form-to-grid grid form #t)
(make-wrapped-grid-window grid title)
(let ((error-page (lambda ()
(run-error-page (G_ "Please enter a non empty input.")
diff --git a/gnu/installer/newt/partition.scm b/gnu/installer/newt/partition.scm
index 3fb6c5079e..ecf241b8e2 100644
--- a/gnu/installer/newt/partition.scm
+++ b/gnu/installer/newt/partition.scm
@@ -153,21 +153,18 @@ USER-PARTITIONS list. Return this list with password fields filled-in."
(file-name (user-partition-file-name user-part))
(password-page
(lambda ()
- ;; Note: Don't use FLAG-PASSWORD here because this is the
- ;; first bit of text that the user types in, so it's
- ;; probably safer if they can see that the keyboard layout
- ;; they chose is in effect.
(run-input-page
(format #f (G_ "Please enter the password for the \
encryption of partition ~a (label: ~a).") file-name crypt-label)
- (G_ "Password required"))))
+ (G_ "Password required")
+ #:input-hide-checkbox? #t)))
(password-confirm-page
(lambda ()
(run-input-page
(format #f (G_ "Please confirm the password for the \
encryption of partition ~a (label: ~a).") file-name crypt-label)
(G_ "Password confirmation required")
- #:input-flags FLAG-PASSWORD))))
+ #:input-hide-checkbox? #t))))
(if crypt-label
(let loop ()
(let ((password (password-page))
diff --git a/gnu/installer/newt/user.scm b/gnu/installer/newt/user.scm
index deab056e0c..6aa103aa5a 100644
--- a/gnu/installer/newt/user.scm
+++ b/gnu/installer/newt/user.scm
@@ -51,9 +51,11 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form."
#:initial-value real-name))
(entry-home-directory (make-entry -1 -1 entry-width
#:initial-value home-directory))
+ (password-visible-cb
+ (make-checkbox -1 -1 (G_ "Hide") #\x "x "))
(entry-password (make-entry -1 -1 entry-width
#:flags FLAG-PASSWORD))
- (entry-grid (make-grid 2 5))
+ (entry-grid (make-grid 3 5))
(button-grid (make-grid 1 1))
(ok-button (make-button -1 -1 (G_ "OK")))
(grid (make-grid 1 2))
@@ -71,6 +73,12 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form."
(set-entry-grid-field 0 3 label-password)
(set-entry-grid-field 1 3 entry-password)
+ (set-grid-field entry-grid
+ 2 3
+ GRID-ELEMENT-COMPONENT
+ password-visible-cb
+ #:pad-left 1)
+
(set-grid-field button-grid 0 0 GRID-ELEMENT-COMPONENT ok-button)
(add-component-callback
@@ -83,11 +91,19 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form."
(set-entry-text entry-real-name
(string-titlecase (entry-value entry-name))))))
+ (add-component-callback
+ password-visible-cb
+ (lambda (component)
+ (set-entry-flags entry-password
+ FLAG-PASSWORD
+ FLAG-ROLE-TOGGLE)))
+
(add-components-to-form form
label-name label-real-name
label-home-directory label-password
entry-name entry-real-name
entry-home-directory entry-password
+ password-visible-cb
ok-button)
(make-wrapped-grid-window (vertically-stacked-grid
@@ -136,7 +152,7 @@ a thunk, if the confirmation doesn't match PASSWORD, and return its result."
(run-input-page (G_ "Please confirm the password.")
(G_ "Password confirmation required")
#:allow-empty-input? #t
- #:input-flags FLAG-PASSWORD))
+ #:input-hide-checkbox? #t))
(if (string=? password confirmation)
password
@@ -153,7 +169,7 @@ a thunk, if the confirmation doesn't match PASSWORD, and return its result."
(run-input-page (G_ "Please choose a password for the system \
administrator (\"root\").")
(G_ "System administrator password")
- #:input-flags FLAG-PASSWORD))
+ #:input-hide-checkbox? #t))
(confirm-password password run-root-password-page))
--
2.17.1
next prev parent reply other threads:[~2019-05-05 11:05 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-03 8:54 bug#35540: Installer displays encrypted partition password entry in cleartext pelzflorian (Florian Pelz)
2019-05-03 9:30 ` Danny Milosavljevic
2019-05-03 9:50 ` Julien Lepiller
2019-05-03 13:50 ` Ludovic Courtès
2019-05-04 21:06 ` pelzflorian (Florian Pelz)
2019-05-05 11:04 ` Mathieu Othacehe [this message]
2019-05-05 14:36 ` pelzflorian (Florian Pelz)
2019-05-06 10:02 ` Ludovic Courtès
2019-05-06 12:15 ` Mathieu Othacehe
2019-05-06 13:41 ` Ludovic Courtès
2019-05-06 18:14 ` pelzflorian (Florian Pelz)
2019-05-06 19:29 ` pelzflorian (Florian Pelz)
2019-05-06 19:43 ` Ludovic Courtès
2019-05-07 8:13 ` pelzflorian (Florian Pelz)
2019-05-06 19:45 ` Ludovic Courtès
2019-05-07 7:27 ` Mathieu Othacehe
2019-05-03 10:07 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877eb5duxo.fsf@gmail.com \
--to=m.othacehe@gmail.com \
--cc=35540@debbugs.gnu.org \
--cc=pelzflorian@pelzflorian.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).