From 29b7f9116558d4e3c22889a5824ce4b7bb195c50 Mon Sep 17 00:00:00 2001
From: Joachim Nilsson <troglobit@gmail.com>
Date: Wed, 25 Jun 2014 03:05:53 +0200
Subject: [PATCH] Fix el_no_echo bug leaking secrets to screen and history

This patch makes el_no_echo actually work:

- Don't echo to screen
- Don't save to history

Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
---
 src/editline.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/editline.c b/src/editline.c
index 9187fa3..dee283d 100644
--- a/src/editline.c
+++ b/src/editline.c
@@ -167,6 +167,9 @@ static void tty_flush(void)
 
 static void tty_put(const char c)
 {
+    if (el_no_echo)
+	return;
+
     Screen[ScreenCount] = c;
     if (++ScreenCount >= ScreenSize - 1) {
         ScreenSize += SCREEN_INC;
@@ -1180,9 +1183,11 @@ char *readline(const char *prompt)
     free(Screen);
     free(H.Lines[--H.Size]);
 
-    /* Always add history, if it's a sane line. */
-    if (line != NULL && *line != '\0')
-        hist_add(line);
+    /* Add to history, unless no-echo mode ... */
+    if (!el_no_echo) {
+	if (line != NULL && *line != '\0')
+	    hist_add(line);
+    }
 
     if (el_intr_pending > 0) {
 	int s = el_intr_pending;