New SCP reply type needed to suppress echoing password

[Fish-Git]

SECURITY ISSUE!

Right now, when one brings up a guest that uses the HMC for its communication (as opposed to connecting via e.g. PuTTY) and you go to login and it prompts for a password (and you enter one), Hercules ends up echoing that password to the Hercules HMC and resulting logfile.

08:35:19.528 Ubuntu 18.04.6 LTS s390x sclp_line0
08:35:19.638 s390x login:
08:56:15.453 HHC00160I SCP command: hercules
08:56:15.556 hercules
08:56:15.776 Password:
08:56:17.357 HHC00160I SCP command: hercules
08:56:18.367 Last login: Sat Jan 28 11:31:16 EST 2023 on sclp_line0
08:56:48.327 Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-200-generic s390x)
08:56:48.327  * Documentation:  https://help.ubuntu.com
08:56:48.327  * Management:     https://landscape.canonical.com
08:56:48.327  * Support:        https://ubuntu.com/advantage
08:56:48.327   System information as of Sat Jan 28 11:56:22 EST 2023
08:56:48.328   System load:  0.35              Processes:             102
08:56:48.328   Usage of /:   45.9% of 6.68GB   Users logged in:       0
08:56:48.328   Memory usage: 2%                IP address for slca00: 192.168.1.111
08:56:48.328   Swap usage:   0%
08:56:48.328 74 updates can be applied immediately.
08:56:48.328 57 of these updates are standard security updates.
08:56:48.328 To see these additional updates run: apt list --upgradable
08:56:48.328 New release '20.04.5 LTS' available.
08:56:48.328 Run 'do-release-upgrade' to upgrade to it.
08:56:54.737 Setting environment variables for Hercules
08:56:54.847 hercules@s390x:~$

This is NOT good and needs to be fixed!

Right now we support prefixing commands with either '.' (dot/period) for normal SCP replies or '!' (exclamation point) for Priority (unsolicted?) SCP commands:

09:08:32.311 HHC01603I help .reply
09:08:32.311 HHC01603I
09:08:32.311 HHC01602I Command               Description
09:08:32.311 HHC01602I ----------------      -------------------------------------------------------
09:08:32.312 HHC01602I .reply               *SCP command
09:08:32.312 HHC01603I
09:08:32.312 HHC01603I To reply to a system control program (i.e. guest operating system)
09:08:32.312 HHC01603I message that gets issued to the hercules console, prefix the reply
09:08:32.312 HHC01603I with a period.
09:08:32.312 HHC01603I
09:08:55.719 HHC01603I help !message
09:08:55.719 HHC01603I
09:08:55.719 HHC01602I Command               Description
09:08:55.719 HHC01602I ----------------      -------------------------------------------------------
09:08:55.719 HHC01602I !message             *SCP priority message
09:08:55.719 HHC01603I
09:08:55.720 HHC01603I To enter a system control program (i.e. guest operating system)
09:08:55.720 HHC01603I priority command on the hercules console, simply prefix the command
09:08:55.720 HHC01603I with an exclamation point '!'.
09:08:55.720 HHC01603I

We need to come up with a new SCP reply prefix (such as $ (dollar sign) perhaps?) to cause Hercules to either suppress echoing the reply to the Hercules console, or else mask it with * (asterisk) characters instead.

[Fish-Git]

We need to come up with a new SCP reply prefix (such as '$' (dollar sign) perhaps?) to cause Hercules to either suppress echoing the reply to the Hercules console, or else mask it with '*' asterisks instead.

I decided to go with \ (backslash) instead. We can't use a $ (dollar sign) because that would make it impossible to enter any command that starts with a dollar sign, such as $test or $locate.

And I also decided to use a generic "(suppressed)" message too (rather than masking the reply with * (asterisk) characters), since the simple act of masking would give away the password's length.

Currently testing and hope to commit the fix in the next hour or so.

[Fish-Git]

Fixed by commit f26318a. Closing.