Merged revisions 76017 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r76017 | gregory.p.smith | 2009-11-01 10:42:17 -0800 (Sun, 01 Nov 2009) | 18 lines Merged revisions 76000,76016 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r76000 | gregory.p.smith | 2009-10-31 14:26:08 -0700 (Sat, 31 Oct 2009) | 7 lines Fixes issue7208 - getpass would still allow the password to be echoed on Solaris due to not flushing the input buffer. This change also incorporates some additional getpass implementation suggestions for security based on an analysis of getpass.c linked to from the issue. ........ r76016 | gregory.p.smith | 2009-11-01 10:33:55 -0800 (Sun, 01 Nov 2009) | 2 lines news entry for r76000 ........ ................
author: Gregory P. Smith <greg@mad-scientist.com> 2009-11-01 18:48:31 (GMT)
committer: Gregory P. Smith <greg@mad-scientist.com> 2009-11-01 18:48:31 (GMT)
commit: fc1c75d93f1fa1b911542afec46edd31506ff47c (patch)
tree: 32346d9c4e92fbe794086615931ff20a569ac59c
parent: 344ec44be1290434254b58e8e8aae157d8bc1159 (diff)
download: cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.zip
cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.tar.gz
cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.tar.bz2
2 files changed, 14 insertions, 3 deletions
diff --git a/Lib/getpass.py b/Lib/getpass.py
index d0030ae..2eb01fa 100644
--- a/Lib/getpass.py
+++ b/Lib/getpass.py
@@ -62,12 +62,16 @@ def unix_getpass(prompt='Password: ', stream=None):
         try:
             old = termios.tcgetattr(fd)     # a copy to save
             new = old[:]
-            new[3] &= ~termios.ECHO  # 3 == 'lflags'
+            new[3] &= ~(termios.ECHO|termios.ISIG)  # 3 == 'lflags'
+            tcsetattr_flags = termios.TCSAFLUSH
+            if hasattr(termios, 'TCSASOFT'):
+                tcsetattr_flags |= termios.TCSASOFT
             try:
-                termios.tcsetattr(fd, termios.TCSADRAIN, new)
+                termios.tcsetattr(fd, tcsetattr_flags, new)
                 passwd = _raw_input(prompt, stream, input=input)
             finally:
-                termios.tcsetattr(fd, termios.TCSADRAIN, old)
+                termios.tcsetattr(fd, tcsetattr_flags, old)
+                stream.flush()  # issue7208
         except termios.error as e:
             if passwd is not None:
                 # _raw_input succeeded.  The final tcsetattr failed.  Reraise
@@ -124,6 +128,7 @@ def _raw_input(prompt="", stream=None, input=None):
     if prompt:
         stream.write(prompt)
         stream.flush()
+    # NOTE: The Python C API calls flockfile() (and unlock) during readline.
     line = input.readline()
     if not line:
         raise EOFError
diff --git a/Misc/NEWS b/Misc/NEWS
index 3593e3e..03600de 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -37,6 +37,12 @@ Core and Builtins
 Library
 -------
 
+- Issue #7246 & Issue #7208: getpass now properly flushes input before
+  reading from stdin so that existing input does not confuse it and
+  lead to incorrect entry or an IOError.  It also properly flushes it
+  afterwards to avoid the terminal echoing the input afterwards on
+  OSes such as Solaris.
+
 - Issue #7233: Fix a number of two-argument Decimal methods to make
   sure that they accept an int or long as the second argument.  Also
   fix buggy handling of large arguments (those with coefficient longer
author	Gregory P. Smith <greg@mad-scientist.com>	2009-11-01 18:48:31 (GMT)
committer	Gregory P. Smith <greg@mad-scientist.com>	2009-11-01 18:48:31 (GMT)
commit	fc1c75d93f1fa1b911542afec46edd31506ff47c (patch)
tree	32346d9c4e92fbe794086615931ff20a569ac59c
parent	344ec44be1290434254b58e8e8aae157d8bc1159 (diff)
download	cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.zip cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.tar.gz cpython-fc1c75d93f1fa1b911542afec46edd31506ff47c.tar.bz2