Merged revisions 76017 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r76017 | gregory.p.smith | 2009-11-01 10:42:17 -0800 (Sun, 01 Nov 2009) | 18 lines
Merged revisions 76000,76016 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r76000 | gregory.p.smith | 2009-10-31 14:26:08 -0700 (Sat, 31 Oct 2009) | 7 lines
Fixes issue7208 - getpass would still allow the password to be echoed on
Solaris due to not flushing the input buffer.
This change also incorporates some additional getpass implementation
suggestions for security based on an analysis of getpass.c linked to from the
issue.
........
r76016 | gregory.p.smith | 2009-11-01 10:33:55 -0800 (Sun, 01 Nov 2009) | 2 lines
news entry for r76000
........
................
diff --git a/Lib/getpass.py b/Lib/getpass.py
index d0030ae..2eb01fa 100644
--- a/Lib/getpass.py
+++ b/Lib/getpass.py
@@ -62,12 +62,16 @@
try:
old = termios.tcgetattr(fd) # a copy to save
new = old[:]
- new[3] &= ~termios.ECHO # 3 == 'lflags'
+ new[3] &= ~(termios.ECHO|termios.ISIG) # 3 == 'lflags'
+ tcsetattr_flags = termios.TCSAFLUSH
+ if hasattr(termios, 'TCSASOFT'):
+ tcsetattr_flags |= termios.TCSASOFT
try:
- termios.tcsetattr(fd, termios.TCSADRAIN, new)
+ termios.tcsetattr(fd, tcsetattr_flags, new)
passwd = _raw_input(prompt, stream, input=input)
finally:
- termios.tcsetattr(fd, termios.TCSADRAIN, old)
+ termios.tcsetattr(fd, tcsetattr_flags, old)
+ stream.flush() # issue7208
except termios.error as e:
if passwd is not None:
# _raw_input succeeded. The final tcsetattr failed. Reraise
@@ -124,6 +128,7 @@
if prompt:
stream.write(prompt)
stream.flush()
+ # NOTE: The Python C API calls flockfile() (and unlock) during readline.
line = input.readline()
if not line:
raise EOFError