vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
grub/commands/password.c
phcoder e7e1f93ff6 2009-08-25 Vladimir Serbinenko <phcoder@gmail.com> 
Authentication support.

	* commands/password.c: New file.
	* conf/common.rmk (pkglib_MODULES): Add password.mod.
	(password_mod_SOURCES): New variable.
	(password_mod_CFLAGS): Likewise.
	(password_mod_LDFLAGS): Likewise.
	(normal_mod_SOURCES): Add normal/auth.c.
	* conf/i386-coreboot.rmk (grub_emu_SOURCES): Add commands/password.c and
	normal/auth.c.
	* conf/i386-efi.rmk (grub_emu_SOURCES): Likewise.
	* conf/i386-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/i386-pc.rmk (grub_emu_SOURCES): Likewise.
	* conf/powerpc-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/sparc64-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/x86_64-efi.rmk (grub_emu_SOURCES): Likewise.
	* include/grub/auth.h: New file.
	* include/grub/err.h (grub_err_t): New enum value
	GRUB_ERR_ACCESS_DENIED.
	* include/grub/menu.h (grub_menu_entry): New fields 'restricted' and
	'users'.
	* include/grub/normal.h (grub_cmdline_get): New argument 'history'.
	* normal/cmdline.c (grub_cmdline_get): New argument 'history'. All
	users updated.
	* normal/auth.c: New file.
	* normal/main.c (grub_normal_add_menu_entry): Handle --users option.
	(grub_cmdline_run): Don't allow to go to command line without
	authentication.
	* normal/menu.c (grub_menu_execute_entry): Handle restricted entries.
	* normal/menu_entry.c (grub_menu_entry_run): Don't allow editing
	menuentry without superuser rights.
	* normal/menu_viewer.c (grub_menu_viewer_show_menu): Don't exit if
	user isn't a superuser.
2009-08-24 23:55:06 +00:00

86 lines
2.1 KiB
C
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
* GRUB -- GRand Unified Bootloader
* Copyright (C) 2009 Free Software Foundation, Inc.
*
* GRUB is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* GRUB is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
#include <grub/auth.h>
#include <grub/list.h>
#include <grub/mm.h>
#include <grub/misc.h>
#include <grub/env.h>
#include <grub/normal.h>
#include <grub/dl.h>
static grub_dl_t my_mod;
static grub_err_t
check_password (const char *user,
void *password)
{
char entered[1024];
grub_memset (entered, 0, sizeof (entered));
if (!GRUB_GET_PASSWORD (entered, sizeof (entered) - 1))
return GRUB_ACCESS_DENIED;
if (grub_auth_strcmp (entered, password) != 0)
return GRUB_ACCESS_DENIED;
grub_auth_authenticate (user);
return GRUB_ERR_NONE;
}
static grub_err_t
grub_cmd_password (grub_command_t cmd __attribute__ ((unused)),
int argc, char **args)
{
grub_err_t err;
char *pass;
if (argc != 2)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Two arguments expected.");
pass = grub_strdup (args[1]);
if (!pass)
return grub_errno;
err = grub_auth_register_authentication (args[0], check_password, pass);
if (err)
{
grub_free (pass);
return err;
}
grub_dl_ref (my_mod);
return GRUB_ERR_NONE;
}
static grub_command_t cmd;
GRUB_MOD_INIT(password)
{
my_mod = mod;
cmd = grub_register_command ("password", grub_cmd_password,
"password USER PASSWORD",
"Set user password (plaintext). "
"Unrecommended and insecure.");
}
GRUB_MOD_FINI(password)
{
grub_unregister_command (cmd);
}
Reference in a new issue View git blame Copy permalink