[Python-checkins] r76015 - in python/branches/release26-maint: Lib/getpass.py Misc/NEWS

gregory.p.smith python-checkins at python.org
Sun Nov 1 19:31:13 CET 2009 

Author: gregory.p.smith
Date: Sun Nov  1 19:31:13 2009
New Revision: 76015

Log:
Merged revisions 76000 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r76000 | gregory.p.smith | 2009-10-31 14:26:08 -0700 (Sat, 31 Oct 2009) | 7 lines
  
  Fixes issue7208 - getpass would still allow the password to be echoed on
  Solaris due to not flushing the input buffer.
  
  This change also incorporates some additional getpass implementation
  suggestions for security based on an analysis of getpass.c linked to from the
  issue.
........


Modified:
   python/branches/release26-maint/   (props changed)
   python/branches/release26-maint/Lib/getpass.py
   python/branches/release26-maint/Misc/NEWS

Modified: python/branches/release26-maint/Lib/getpass.py
==============================================================================
--- python/branches/release26-maint/Lib/getpass.py	(original)
+++ python/branches/release26-maint/Lib/getpass.py	Sun Nov  1 19:31:13 2009
@@ -62,12 +62,16 @@
         try:
             old = termios.tcgetattr(fd)     # a copy to save
             new = old[:]
-            new[3] &= ~termios.ECHO  # 3 == 'lflags'
+            new[3] &= ~(termios.ECHO|termios.ISIG)  # 3 == 'lflags'
+            tcsetattr_flags = termios.TCSAFLUSH
+            if hasattr(termios, 'TCSASOFT'):
+                tcsetattr_flags |= termios.TCSASOFT
             try:
-                termios.tcsetattr(fd, termios.TCSADRAIN, new)
+                termios.tcsetattr(fd, tcsetattr_flags, new)
                 passwd = _raw_input(prompt, stream, input=input)
             finally:
-                termios.tcsetattr(fd, termios.TCSADRAIN, old)
+                termios.tcsetattr(fd, tcsetattr_flags, old)
+                stream.flush()  # issue7208
         except termios.error, e:
             if passwd is not None:
                 # _raw_input succeeded.  The final tcsetattr failed.  Reraise
@@ -125,6 +129,7 @@
     if prompt:
         stream.write(prompt)
         stream.flush()
+    # NOTE: The Python C API calls flockfile() (and unlock) during readline.
     line = input.readline()
     if not line:
         raise EOFError

Modified: python/branches/release26-maint/Misc/NEWS
==============================================================================
--- python/branches/release26-maint/Misc/NEWS	(original)
+++ python/branches/release26-maint/Misc/NEWS	Sun Nov  1 19:31:13 2009
@@ -24,6 +24,12 @@
 Library
 -------
 
+- Issue #7246 & Issue #7208: getpass now properly flushes input before
+  reading from stdin so that existing input does not confuse it and
+  lead to incorrect entry or an IOError.  It also properly flushes it
+  afterwards to avoid the terminal echoing the input afterwards on
+  OSes such as Solaris.
+
 - Issue #7244: itertools.izip_longest() no longer ignores exceptions
   raised during the formation of an output tuple.

More information about the Python-checkins mailing list