From e889185acac79a050216134a665c7924725adf9c Mon Sep 17 00:00:00 2001
From: Bjorn Andersson <flex@kryo.se>
Date: Thu, 12 Jul 2007 13:36:24 +0000
Subject: [PATCH] nasty hack hides password on commandline

---
 src/common.c  | 10 ++++------
 src/iodine.c  | 26 ++++++++++++++------------
 src/iodined.c |  3 ++-
 3 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/src/common.c b/src/common.c
index 521d2e6..302bb74 100644
--- a/src/common.c
+++ b/src/common.c
@@ -71,13 +71,11 @@ close_dns(int fd)
 void
 do_chroot(char *newroot)
 {
-	if (newroot) {
-		if (chroot(newroot) != 0 || chdir("/") != 0)
-			err(1, "%s", newroot);
+	if (chroot(newroot) != 0 || chdir("/") != 0)
+		err(1, "%s", newroot);
 
-		seteuid(geteuid());
-		setuid(getuid());
-	}
+	seteuid(geteuid());
+	setuid(getuid());
 }
 
 void
diff --git a/src/iodine.c b/src/iodine.c
index 366c79d..1622e82 100644
--- a/src/iodine.c
+++ b/src/iodine.c
@@ -681,6 +681,9 @@ main(int argc, char **argv)
 		case 'P':
 			strncpy(password, optarg, 32);
 			password[32] = 0;
+			
+			/* XXX: find better way of cleaning up ps(1) */
+			memset(optarg, 0, strlen(optarg)); 
 			break;
 		default:
 			usage();
@@ -689,7 +692,7 @@ main(int argc, char **argv)
 	}
 	
 	if (geteuid() != 0) {
-		printf("Run as root and you'll be happy.\n");
+		warnx("Run as root and you'll be happy.\n");
 		usage();
 	}
 
@@ -713,14 +716,13 @@ main(int argc, char **argv)
 	set_nameserver(nameserv_addr);
 
 	if (strlen(topdomain) > 128 || topdomain[0] == '.') {
-		printf("Use a topdomain max 128 chars long. Do not start it with a dot.\n");
+		warnx("Use a topdomain max 128 chars long. Do not start it with a dot.\n");
 		usage();
 	}
 
-	if(username) {
-		pw = getpwnam(username);
-		if (!pw) {
-			printf("User %s does not exist!\n", username);
+	if (username != NULL) {
+		if ((pw = getpwnam(username)) == NULL) {
+			warnx("User %s does not exist!\n", username);
 			usage();
 		}
 	}
@@ -739,20 +741,20 @@ main(int argc, char **argv)
 	if(handshake(dns_fd))
 		goto cleanup2;
 	
-	printf("Sending queries for %s to %s\n", topdomain, nameserv_addr);
+	printf("Sending queries for %s to %s\n", argv[1], argv[0]);
 
-	do_chroot(newroot);
+	if (newroot != NULL)
+		do_chroot(newroot);
 	
-	if (username) {
+	if (username != NULL) {
 		if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
-			printf("Could not switch to user %s!\n", username);
+			warnx("Could not switch to user %s!\n", username);
 			usage();
 		}
 	}
 	
-	if (!foreground) {
+	if (foreground == 0) 
 		do_detach();
-	}
 
 	tunnel(tun_fd, dns_fd);
 
diff --git a/src/iodined.c b/src/iodined.c
index d929fe4..2045548 100644
--- a/src/iodined.c
+++ b/src/iodined.c
@@ -573,7 +573,8 @@ main(int argc, char **argv)
 
 	printf("Listening to dns for domain %s\n", argv[1]);
 
-	do_chroot(newroot);
+	if (newroot != NULL)
+		do_chroot(newroot);
 
 	signal(SIGINT, sigint);
 	if (username) {