add askpass named pipe support (GSUDO_ASKPASS_NAMED_PIPE)

gerardog · Jan 10, 2025 · 49b9402 · 49b9402
1 parent de30051
commit 49b9402
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 1 deletion.
diff --git a/src/gsudo/Helpers/ConsoleHelper.cs b/src/gsudo/Helpers/ConsoleHelper.cs
@@ -1,8 +1,10 @@
 using gsudo.Native;
 using System;
 using System.IO;
+using System.IO.Pipes;
 using System.Runtime.InteropServices;
 using System.Security;
+using System.Text;
 using static gsudo.Native.ConsoleApi;
 
 namespace gsudo.Helpers
@@ -122,6 +124,37 @@ internal static SecureString ReadConsolePassword(string userName)
             return pass;
         }
 
+        internal static SecureString ReadPasswordFromNamedPipe(string pipeName)
+        {
+            string pipePath = @"\\.\pipe\" + pipeName;
+
+            try
+            {
+                using (var pipeClient = new NamedPipeClientStream(".", pipePath, PipeDirection.In))
+                {
+                    pipeClient.Connect();
+
+                    using (var reader = new StreamReader(pipeClient, Encoding.UTF8))
+                    {
+                        string data = reader.ReadToEnd();
+                        data = data.TrimEnd('\r', '\n');
+
+                        SecureString securePassword = new SecureString();
+                        foreach (char c in data)
+                        {
+                            securePassword.AppendChar(c);
+                        }
+
+                        return securePassword;
+                    }
+                }
+            }
+            catch (IOException)
+            {
+                return null;
+            }
+        }
+
         internal static void SetPrompt(ElevationRequest elevationRequest)
         {
             if (!string.IsNullOrEmpty(elevationRequest.Prompt))

diff --git a/src/gsudo/Helpers/ServiceHelper.cs b/src/gsudo/Helpers/ServiceHelper.cs
@@ -170,7 +170,19 @@ internal static SafeProcessHandle StartService(int? allowedPid, TimeSpan? cacheD
             {
                 if (InputArguments.UserName != WindowsIdentity.GetCurrent().Name)
                 {
-                    var password = ConsoleHelper.ReadConsolePassword(InputArguments.UserName);
+                    SecureString password;
+
+                    string pipeName = Environment.GetEnvironmentVariable("GSUDO_ASKPASS_NAMED_PIPE");
+
+                    if (!string.IsNullOrEmpty(pipeName))
+                    {
+                        password = ConsoleHelper.ReadPasswordFromNamedPipe(pipeName);
+                    }
+                    else
+                    {
+                        password = ConsoleHelper.ReadConsolePassword(InputArguments.UserName);
+                    }
+
                     ret = ProcessFactory.StartWithCredentials(ownExe, commandLine, InputArguments.UserName, password).GetSafeProcessHandle();
                 }
                 else