From owner-dev-commits-src-branches@freebsd.org Sat Oct 2 11:58:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CBB7167A624; Sat, 2 Oct 2021 11:58:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HM58X5MPCz3mgS; Sat, 2 Oct 2021 11:58:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 98D5312DA0; Sat, 2 Oct 2021 11:58:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 192Bw4Oc024822; Sat, 2 Oct 2021 11:58:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 192Bw4PD024821; Sat, 2 Oct 2021 11:58:04 GMT (envelope-from git) Date: Sat, 2 Oct 2021 11:58:04 GMT Message-Id: <202110021158.192Bw4PD024821@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Yoshihiro Takahashi Subject: git: 970c3982cd6a - stable/12 - unzip: sync with NetBSD upstream to add passphrase support MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: nyan X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 970c3982cd6a05efe9b4666a8a7f98670f18f36e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Oct 2021 11:58:04 -0000 The branch stable/12 has been updated by nyan: URL: https://cgit.FreeBSD.org/src/commit/?id=970c3982cd6a05efe9b4666a8a7f98670f18f36e commit 970c3982cd6a05efe9b4666a8a7f98670f18f36e Author: Yoshihiro Takahashi AuthorDate: 2021-09-25 16:32:42 +0000 Commit: Yoshihiro Takahashi CommitDate: 2021-10-02 11:57:24 +0000 unzip: sync with NetBSD upstream to add passphrase support - Add support for password protected zip archives. We use memset_s() rather than explicit_bzero() for more portable (See PR). - Use success/failure macro in exit() - Mention ZIPX format in unzip(1) Submitted by: Mingye Wang and Alex Kozlov (ak@) PR: 244181 Reviewed by: mizhka Obtained from: NetBSD Differential Revision: https://reviews.freebsd.org/D28892 (cherry picked from commit a4724ff48108840416c83f10e15d666ac8d78937) --- usr.bin/unzip/unzip.1 | 10 ++++++-- usr.bin/unzip/unzip.c | 66 ++++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 66 insertions(+), 10 deletions(-) diff --git a/usr.bin/unzip/unzip.1 b/usr.bin/unzip/unzip.1 index b7c2d858f012..bb43abf43a85 100644 --- a/usr.bin/unzip/unzip.1 +++ b/usr.bin/unzip/unzip.1 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 12, 2015 +.Dd September 25, 2021 .Dt UNZIP 1 .Os .Sh NAME @@ -35,6 +35,8 @@ .Nm .Op Fl aCcfjLlnopqtuvy .Op Fl d Ar dir +.Op Fl x Ar pattern +.Op Fl P Ar password .Ar zipfile .Sh DESCRIPTION .\" ... @@ -81,6 +83,10 @@ When extracting files from the zipfile, they are written to stdout. The normal output is suppressed as if .Fl q was specified. +.It Fl P Ar password +Extract encrypted files using a password. +Putting a password on the command line using this option can be +insecure. .It Fl q Quiet: print less information while extracting. .It Fl t @@ -172,7 +178,7 @@ utility is only able to process ZIP archives handled by .Xr libarchive 3 . Depending on the installed version of .Xr libarchive 3 , -this may or may not include self-extracting archives. +this may or may not include self-extracting or ZIPX archives. .Sh SEE ALSO .Xr libarchive 3 .Sh HISTORY diff --git a/usr.bin/unzip/unzip.c b/usr.bin/unzip/unzip.c index 937176111a02..e5ca1ff2c939 100644 --- a/usr.bin/unzip/unzip.c +++ b/usr.bin/unzip/unzip.c @@ -51,6 +51,7 @@ #include #include +#include /* command-line options */ static int a_opt; /* convert EOL */ @@ -63,6 +64,7 @@ static int L_opt; /* lowercase names */ static int n_opt; /* never overwrite */ static int o_opt; /* always overwrite */ static int p_opt; /* extract to stdout, quiet */ +static char *P_arg; /* passphrase */ static int q_opt; /* quiet */ static int t_opt; /* test */ static int u_opt; /* update */ @@ -95,6 +97,9 @@ static int tty; */ static int noeol; +/* for an interactive passphrase input */ +static char *passphrase_buf; + /* fatal error message + errno */ static void error(const char *fmt, ...) @@ -109,7 +114,7 @@ error(const char *fmt, ...) vfprintf(stderr, fmt, ap); va_end(ap); fprintf(stderr, ": %s\n", strerror(errno)); - exit(1); + exit(EXIT_FAILURE); } /* fatal error message, no errno */ @@ -126,7 +131,7 @@ errorx(const char *fmt, ...) vfprintf(stderr, fmt, ap); va_end(ap); fprintf(stderr, "\n"); - exit(1); + exit(EXIT_FAILURE); } /* non-fatal error message + errno */ @@ -854,6 +859,36 @@ test(struct archive *a, struct archive_entry *e) return error_count; } +/* + * Callback function for reading passphrase. + * Originally from cpio.c and passphrase.c, libarchive. + */ +#define PPBUFF_SIZE 1024 +static const char * +passphrase_callback(struct archive *a, void *_client_data) +{ + char *p; + + (void)a; /* UNUSED */ + (void)_client_data; /* UNUSED */ + + if (passphrase_buf == NULL) { + passphrase_buf = malloc(PPBUFF_SIZE); + if (passphrase_buf == NULL) { + errno = ENOMEM; + error("malloc()"); + } + } + + p = readpassphrase("\nEnter password: ", passphrase_buf, + PPBUFF_SIZE, RPP_ECHO_OFF); + + if (p == NULL && errno != EINTR) + error("Error reading password"); + + return p; +} + /* * Main loop: open the zipfile, iterate over its contents and decide what * to do with each entry. @@ -870,6 +905,13 @@ unzip(const char *fn) error("archive_read_new failed"); ac(archive_read_support_format_zip(a)); + + if (P_arg) + archive_read_add_passphrase(a, P_arg); + else + archive_read_set_passphrase_callback(a, NULL, + &passphrase_callback); + ac(archive_read_open_filename(a, fn, 8192)); if (!zipinfo_mode) { @@ -925,6 +967,11 @@ unzip(const char *fn) ac(archive_read_free(a)); + if (passphrase_buf != NULL) { + memset_s(passphrase_buf, PPBUFF_SIZE, 0, PPBUFF_SIZE); + free(passphrase_buf); + } + if (t_opt) { if (error_count > 0) { errorx("%ju checksum error(s) found.", error_count); @@ -940,9 +987,9 @@ static void usage(void) { - fprintf(stderr, "Usage: unzip [-aCcfjLlnopqtuvyZ1] [-d dir] [-x pattern] " - "zipfile\n"); - exit(1); + fprintf(stderr, "Usage: unzip [-aCcfjLlnopqtuvyZ1] [-d dir] " + "[-x pattern] [-P password] zipfile\n"); + exit(EXIT_FAILURE); } static int @@ -951,7 +998,7 @@ getopts(int argc, char *argv[]) int opt; optreset = optind = 1; - while ((opt = getopt(argc, argv, "aCcd:fjLlnopqtuvx:yZ1")) != -1) + while ((opt = getopt(argc, argv, "aCcd:fjLlnopP:qtuvx:yZ1")) != -1) switch (opt) { case '1': Z1_opt = 1; @@ -991,6 +1038,9 @@ getopts(int argc, char *argv[]) case 'p': p_opt = 1; break; + case 'P': + P_arg = optarg; + break; case 'q': q_opt = 1; break; @@ -1047,7 +1097,7 @@ main(int argc, char *argv[]) */ if (zipinfo_mode && !Z1_opt) { printf("Zipinfo mode needs additional options\n"); - exit(1); + exit(EXIT_FAILURE); } if (argc <= nopts) @@ -1068,5 +1118,5 @@ main(int argc, char *argv[]) unzip(zipfile); - exit(0); + exit(EXIT_SUCCESS); }