hide sudo passwords in the debugger

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
author: Sean Whitton <spwhitton@spwhitton.name> 2021-03-19 19:44:43 -0700
committer: Sean Whitton <spwhitton@spwhitton.name> 2021-03-19 19:44:43 -0700
commit: fac6720737e25688760621dfc0e1e5d483ef2f1f (patch)
tree: b538b53d35c72d7d3c24e7e9f9ac7cffce5316a3 /src/connection/sudo.lisp
parent: 81ee52dd850fa606d78757ce8e4b1fdbd66a9d21 (diff)
download: consfigurator-fac6720737e25688760621dfc0e1e5d483ef2f1f.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/src/connection/sudo.lisp b/src/connection/sudo.lisp
index 6612414..935fc5b 100644
--- a/src/connection/sudo.lisp
+++ b/src/connection/sudo.lisp
@@ -52,7 +52,8 @@
 		   as
 		   (destructuring-bind (user host)
 		       (split-string as :separator "@")
-		     (get-data-string (strcat "--user-passwd--" host) user)))))
+		     (get-data-protected-string
+		      (strcat "--user-passwd--" host) user)))))
 
 (defmethod establish-connection ((type (eql :sudo))
 				 remaining
@@ -66,7 +67,9 @@
 		 ;; we'll send the password followed by ^M, then the real
 		 ;; stdin.  use CODE-CHAR in this way so that we can be sure
 		 ;; ASCII ^M is what will get emitted.
-		 :password (strcat password (string (code-char 13)))))
+		 :password (and password
+				(strcat (passphrase password)
+					(string (code-char 13))))))
 
 (defclass sudo-connection (shell-wrap-connection)
   ((user
author	Sean Whitton <spwhitton@spwhitton.name>	2021-03-19 19:44:43 -0700
committer	Sean Whitton <spwhitton@spwhitton.name>	2021-03-19 19:44:43 -0700
commit	fac6720737e25688760621dfc0e1e5d483ef2f1f (patch)
tree	b538b53d35c72d7d3c24e7e9f9ac7cffce5316a3 /src/connection/sudo.lisp
parent	81ee52dd850fa606d78757ce8e4b1fdbd66a9d21 (diff)
download	consfigurator-fac6720737e25688760621dfc0e1e5d483ef2f1f.tar.gz