From 4bcb073f3aa1609674b5d144d2244273ad77c9b5 Mon Sep 17 00:00:00 2001 From: Pietro Cerutti Date: Tue, 17 Jan 2017 08:18:15 +0000 Subject: [PATCH] Add support for sensitive config options Add a `-S` option to `mutt -D` to hide the value of sensitive config, such as passwords. Closes: #236 Closes: #302 --- init.c | 7 ++++++- init.h | 25 +++++++++++++++---------- main.c | 16 +++++++++++----- protos.h | 2 +- 4 files changed, 33 insertions(+), 17 deletions(-) diff --git a/init.c b/init.c index 58e465b03..c500e182b 100644 --- a/init.c +++ b/init.c @@ -3317,7 +3317,7 @@ int mutt_query_variables (LIST *queries) } /* dump out the value of all the variables we have */ -int mutt_dump_variables (void) +int mutt_dump_variables (int hide_sensitive) { int i; @@ -3336,6 +3336,11 @@ int mutt_dump_variables (void) if (MuttVars[i].type == DT_SYN) continue; + if (hide_sensitive && IS_SENSITIVE(MuttVars[i])) + { + printf("%s='***'\n", MuttVars[i].option); + continue; + } snprintf (command, sizeof (command), "set ?%s\n", MuttVars[i].option); if (mutt_parse_rc_line (command, &token, &err) == -1) { diff --git a/init.h b/init.h index c191c5042..e3a8ad754 100644 --- a/init.h +++ b/init.h @@ -56,7 +56,7 @@ #define MUTT_SET_UNSET (1<<1) /* default is to unset all vars */ #define MUTT_SET_RESET (1<<2) /* default is to reset all vars to default */ -/* forced redraw/resort types */ +/* forced redraw/resort types + other flags */ #define R_NONE 0 #define R_INDEX (1<<0) #define R_PAGER (1<<1) @@ -69,6 +69,11 @@ #define R_BOTH (R_INDEX | R_PAGER) #define R_RESORT_BOTH (R_RESORT | R_RESORT_SUB) +/* general flags, to be OR'd with the R_ flags above (so keep shifting..) */ +#define F_SENSITIVE (1<<8) + +#define IS_SENSITIVE(x) (((x).flags & F_SENSITIVE) == F_SENSITIVE) + struct option_t { char *option; @@ -1338,14 +1343,14 @@ struct option_t MuttVars[] = { ** only subscribed folders or all folders. This can be toggled in the ** IMAP browser with the \fC\fP function. */ - { "imap_login", DT_STR, R_NONE, UL &ImapLogin, UL 0 }, + { "imap_login", DT_STR, R_NONE|F_SENSITIVE, UL &ImapLogin, UL 0 }, /* ** .pp ** Your login name on the IMAP server. ** .pp ** This variable defaults to the value of $$imap_user. */ - { "imap_pass", DT_STR, R_NONE, UL &ImapPass, UL 0 }, + { "imap_pass", DT_STR, R_NONE|F_SENSITIVE, UL &ImapPass, UL 0 }, /* ** .pp ** Specifies the password for your IMAP account. If \fIunset\fP, Mutt will @@ -1393,7 +1398,7 @@ struct option_t MuttVars[] = { ** server which are out of the users' hands, you may wish to suppress ** them at some point. */ - { "imap_user", DT_STR, R_NONE, UL &ImapUser, UL 0 }, + { "imap_user", DT_STR, R_NONE|F_SENSITIVE, UL &ImapUser, UL 0 }, /* ** .pp ** The name of the user whose mail you intend to access on the IMAP @@ -1975,14 +1980,14 @@ struct option_t MuttVars[] = { ** must be loaded when newsgroup is added to list (first time list ** loading or new newsgroup adding). */ - { "nntp_user", DT_STR, R_NONE, UL &NntpUser, UL "" }, + { "nntp_user", DT_STR, R_NONE|F_SENSITIVE, UL &NntpUser, UL "" }, /* ** .pp ** Your login name on the NNTP server. If \fIunset\fP and NNTP server requires ** authentication, Mutt will prompt you for your account name when you ** connect to news server. */ - { "nntp_pass", DT_STR, R_NONE, UL &NntpPass, UL "" }, + { "nntp_pass", DT_STR, R_NONE|F_SENSITIVE, UL &NntpPass, UL "" }, /* ** .pp ** Your password for NNTP account. @@ -2567,7 +2572,7 @@ struct option_t MuttVars[] = { ** for retrieving only unread messages from the POP server when using ** the \fC$\fP function. */ - { "pop_pass", DT_STR, R_NONE, UL &PopPass, UL "" }, + { "pop_pass", DT_STR, R_NONE|F_SENSITIVE, UL &PopPass, UL "" }, /* ** .pp ** Specifies the password for your POP account. If \fIunset\fP, Mutt will @@ -2583,7 +2588,7 @@ struct option_t MuttVars[] = { ** Controls whether or not Mutt will try to reconnect to the POP server if ** the connection is lost. */ - { "pop_user", DT_STR, R_NONE, UL &PopUser, 0 }, + { "pop_user", DT_STR, R_NONE|F_SENSITIVE, UL &PopUser, 0 }, /* ** .pp ** Your login name on the POP server. @@ -3568,7 +3573,7 @@ struct option_t MuttVars[] = { ** .te */ # endif /* USE_SASL */ - { "smtp_pass", DT_STR, R_NONE, UL &SmtpPass, UL 0 }, + { "smtp_pass", DT_STR, R_NONE|F_SENSITIVE, UL &SmtpPass, UL 0 }, /* ** .pp ** Specifies the password for your SMTP account. If \fIunset\fP, Mutt will @@ -3579,7 +3584,7 @@ struct option_t MuttVars[] = { ** fairly secure machine, because the superuser can read your muttrc even ** if you are the only one who can read the file. */ - { "smtp_url", DT_STR, R_NONE, UL &SmtpUrl, UL 0 }, + { "smtp_url", DT_STR, R_NONE|F_SENSITIVE, UL &SmtpUrl, UL 0 }, /* ** .pp ** Defines the SMTP smarthost where sent messages should relayed for diff --git a/main.c b/main.c index 1958c98f8..472c318b6 100644 --- a/main.c +++ b/main.c @@ -89,7 +89,7 @@ static void mutt_usage (void) mutt [] -p\n\ mutt [] -A [...]\n\ mutt [] -Q [...]\n\ - mutt [] -D\n\ + mutt [] -D [-S]\n\ mutt -v[v]\n"); puts _("\ @@ -99,7 +99,8 @@ options:\n\ \t\tthe list of files must be terminated with the \"--\" sequence\n\ -b
\tspecify a blind carbon-copy (BCC) address\n\ -c
\tspecify a carbon-copy (CC) address\n\ - -D\t\tprint the value of all variables to stdout"); + -D\t\tprint the value of all variables to stdout\n\ + -D -S\t\tlike -D, but hide the value of sensitive variables"); #if DEBUG puts _(" -d \tlog debugging output to ~/.muttdebug0"); #endif @@ -197,6 +198,7 @@ int main (int argc, char **argv, char **environ) int i; int explicit_folder = 0; int dump_variables = 0; + int hide_sensitive = 0; int edit_infile = 0; extern char *optarg; extern int optind; @@ -262,9 +264,9 @@ int main (int argc, char **argv, char **environ) } #ifdef USE_NNTP - if ((i = getopt (argc, argv, "+A:a:b:F:f:c:Dd:Ee:g:GH:s:i:hm:npQ:RvxyzZ")) != EOF) + if ((i = getopt (argc, argv, "+A:a:b:F:f:c:Dd:Ee:g:GH:s:i:hm:npQ:RSvxyzZ")) != EOF) #else - if ((i = getopt (argc, argv, "+A:a:b:F:f:c:Dd:Ee:H:s:i:hm:npQ:RvxyzZ")) != EOF) + if ((i = getopt (argc, argv, "+A:a:b:F:f:c:Dd:Ee:H:s:i:hm:npQ:RSvxyzZ")) != EOF) #endif switch (i) { @@ -350,6 +352,10 @@ int main (int argc, char **argv, char **environ) flags |= MUTT_RO; /* read-only mode */ break; + case 'S': + hide_sensitive = 1; + break; + case 's': subject = optarg; break; @@ -449,7 +455,7 @@ int main (int argc, char **argv, char **environ) return mutt_query_variables (queries); } if (dump_variables) - return mutt_dump_variables(); + return mutt_dump_variables(hide_sensitive); if (alias_queries) { diff --git a/protos.h b/protos.h index 4c636b1d1..9fb5a1afb 100644 --- a/protos.h +++ b/protos.h @@ -317,7 +317,7 @@ int mutt_compose_attachment (BODY *a); int mutt_copy_body (FILE *, BODY **, BODY *); int mutt_decode_save_attachment (FILE *, BODY *, char *, int, int); int mutt_display_message (HEADER *h); -int mutt_dump_variables (void); +int mutt_dump_variables (int hide_sensitive); int mutt_edit_attachment(BODY *); int mutt_edit_message (CONTEXT *, HEADER *); int mutt_fetch_recips (ENVELOPE *out, ENVELOPE *in, int flags); -- 2.40.0