make grub_password_get work in userland

This commit is contained in:
Vladimir 'phcoder' Serbinenko 2011-04-22 21:46:00 +02:00
parent 84a411c0c3
commit 2cb55e6f73
2 changed files with 53 additions and 67 deletions

View file

@ -23,6 +23,13 @@
#include <grub/term.h> #include <grub/term.h>
#include <grub/dl.h> #include <grub/dl.h>
#ifdef GRUB_UTIL
#include <termios.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#endif
GRUB_MOD_LICENSE ("GPLv3+"); GRUB_MOD_LICENSE ("GPLv3+");
struct grub_crypto_hmac_handle struct grub_crypto_hmac_handle
@ -414,10 +421,43 @@ grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
return !!counter; return !!counter;
} }
#ifndef GRUB_MKPASSWD
int int
grub_password_get (char buf[], unsigned buf_size) grub_password_get (char buf[], unsigned buf_size)
{ {
#ifdef GRUB_UTIL
FILE *in;
struct termios s, t;
int tty_changed = 0;
char *ptr;
/* Disable echoing. Based on glibc. */
in = fopen ("/dev/tty", "w+c");
if (in == NULL)
in = stdin;
if (tcgetattr (fileno (in), &t) == 0)
{
/* Save the old one. */
s = t;
/* Tricky, tricky. */
t.c_lflag &= ~(ECHO|ISIG);
tty_changed = (tcsetattr (fileno (in), TCSAFLUSH, &t) == 0);
}
else
tty_changed = 0;
fgets (buf, buf_size, stdin);
ptr = buf + strlen (buf) - 1;
while (buf <= ptr && (*ptr == '\n' || *ptr == '\r'))
*ptr-- = 0;
/* Restore the original setting. */
if (tty_changed)
(void) tcsetattr (fileno (in), TCSAFLUSH, &s);
grub_xputs ("\n");
grub_refresh ();
return 1;
#else
unsigned cur_len = 0; unsigned cur_len = 0;
int key; int key;
@ -452,5 +492,5 @@ grub_password_get (char buf[], unsigned buf_size)
grub_refresh (); grub_refresh ();
return (key != '\e'); return (key != '\e');
}
#endif #endif
}

View file

@ -20,6 +20,7 @@
#include <grub/types.h> #include <grub/types.h>
#include <grub/crypto.h> #include <grub/crypto.h>
#include <grub/auth.h>
#include <grub/emu/misc.h> #include <grub/emu/misc.h>
#include <grub/util/misc.h> #include <grub/util/misc.h>
#include <grub/i18n.h> #include <grub/i18n.h>
@ -29,7 +30,6 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <getopt.h> #include <getopt.h>
#include <termios.h>
#include "progname.h" #include "progname.h"
@ -85,14 +85,12 @@ int
main (int argc, char *argv[]) main (int argc, char *argv[])
{ {
unsigned int count = 10000, buflen = 64, saltlen = 64; unsigned int count = 10000, buflen = 64, saltlen = 64;
char *pass1, *pass2;
char *bufhex, *salthex; char *bufhex, *salthex;
gcry_err_code_t gcry_err; gcry_err_code_t gcry_err;
grub_uint8_t *buf, *salt; grub_uint8_t *buf, *salt;
ssize_t nr; ssize_t nr;
FILE *in, *out; char pass1[GRUB_AUTH_MAX_PASSLEN];
struct termios s, t; char pass2[GRUB_AUTH_MAX_PASSLEN];
int tty_changed;
set_program_name (argv[0]); set_program_name (argv[0]);
@ -161,85 +159,36 @@ main (int argc, char *argv[])
grub_util_error ("out of memory"); grub_util_error ("out of memory");
} }
/* Disable echoing. Based on glibc. */
in = fopen ("/dev/tty", "w+c");
if (in == NULL)
{
in = stdin;
out = stderr;
}
else
out = in;
if (tcgetattr (fileno (in), &t) == 0)
{
/* Save the old one. */
s = t;
/* Tricky, tricky. */
t.c_lflag &= ~(ECHO|ISIG);
tty_changed = (tcsetattr (fileno (in), TCSAFLUSH, &t) == 0);
}
else
tty_changed = 0;
printf ("Enter password: "); printf ("Enter password: ");
pass1 = NULL; if (!grub_password_get (pass1, GRUB_AUTH_MAX_PASSLEN))
{
grub_size_t n;
nr = getline (&pass1, &n, stdin);
}
if (nr < 0 || !pass1)
{ {
free (buf); free (buf);
free (bufhex); free (bufhex);
free (salthex); free (salthex);
free (salt); free (salt);
/* Restore the original setting. */
if (tty_changed)
(void) tcsetattr (fileno (in), TCSAFLUSH, &s);
grub_util_error ("failure to read password"); grub_util_error ("failure to read password");
} }
if (nr >= 1 && pass1[nr-1] == '\n')
pass1[nr-1] = 0;
printf ("\nReenter password: "); printf ("\nReenter password: ");
pass2 = NULL; if (!grub_password_get (pass2, GRUB_AUTH_MAX_PASSLEN))
{
grub_size_t n;
nr = getline (&pass2, &n, stdin);
}
/* Restore the original setting. */
if (tty_changed)
(void) tcsetattr (fileno (in), TCSAFLUSH, &s);
printf ("\n");
if (nr < 0 || !pass2)
{ {
memset (pass1, 0, strlen (pass1));
free (pass1);
free (buf); free (buf);
free (bufhex); free (bufhex);
free (salthex); free (salthex);
free (salt); free (salt);
grub_util_error ("failure to read password"); grub_util_error ("failure to read password");
} }
if (nr >= 1 && pass2[nr-1] == '\n')
pass2[nr-1] = 0;
if (strcmp (pass1, pass2) != 0) if (strcmp (pass1, pass2) != 0)
{ {
memset (pass1, 0, strlen (pass1)); memset (pass1, 0, sizeof (pass1));
memset (pass2, 0, strlen (pass2)); memset (pass2, 0, sizeof (pass2));
free (pass1);
free (pass2);
free (buf); free (buf);
free (bufhex); free (bufhex);
free (salthex); free (salthex);
free (salt); free (salt);
grub_util_error ("passwords don't match"); grub_util_error ("passwords don't match");
} }
memset (pass2, 0, strlen (pass2)); memset (pass2, 0, sizeof (pass2));
free (pass2);
#if ! defined (__linux__) && ! defined (__FreeBSD__) #if ! defined (__linux__) && ! defined (__FreeBSD__)
printf ("WARNING: your random generator isn't known to be secure\n"); printf ("WARNING: your random generator isn't known to be secure\n");
@ -251,8 +200,7 @@ main (int argc, char *argv[])
f = fopen ("/dev/random", "rb"); f = fopen ("/dev/random", "rb");
if (!f) if (!f)
{ {
memset (pass1, 0, strlen (pass1)); memset (pass1, 0, sizeof (pass1));
free (pass1);
free (buf); free (buf);
free (bufhex); free (bufhex);
free (salthex); free (salthex);
@ -264,8 +212,7 @@ main (int argc, char *argv[])
if (rd != saltlen) if (rd != saltlen)
{ {
fclose (f); fclose (f);
memset (pass1, 0, strlen (pass1)); memset (pass1, 0, sizeof (pass1));
free (pass1);
free (buf); free (buf);
free (bufhex); free (bufhex);
free (salthex); free (salthex);
@ -280,8 +227,7 @@ main (int argc, char *argv[])
(grub_uint8_t *) pass1, strlen (pass1), (grub_uint8_t *) pass1, strlen (pass1),
salt, saltlen, salt, saltlen,
count, buf, buflen); count, buf, buflen);
memset (pass1, 0, strlen (pass1)); memset (pass1, 0, sizeof (pass1));
free (pass1);
if (gcry_err) if (gcry_err)
{ {