login: rework login mechanism

We used to have the login functionality in the /env/bin/init script.
This is hard to review and it's too easy to break the login functionality
with changes to this script. Move the places to ask for a password to
C code where we have only a few places where we have to ask for a password.
Mainly these are run_shell() and the menutree command.

This patch introduces a login() function which will only return if the correct
password has been entered. Following calls will return immediately without
asking for a password again.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>

2 files changed, 5 insertions, 68 deletions

diff --git a/commands/login.c b/commands/login.c
index bf5085c854..58bb592900 100644
--- a/commands/login.c
+++ b/commands/login.c
@@ -19,89 +19,23 @@
 #include <command.h>
 #include <complete.h>
 #include <password.h>
-#include <getopt.h>
-#include <environment.h>
-#include <globalvar.h>
-#include <magicvar.h>
-#include <init.h>
-#include <console.h>
-
-#define PASSWD_MAX_LENGTH	(128 + 1)
-
-#if defined(CONFIG_PASSWD_MODE_STAR)
-#define LOGIN_MODE STAR
-#elif defined(CONFIG_PASSWD_MODE_CLEAR)
-#define LOGIN_MODE CLEAR
-#else
-#define LOGIN_MODE HIDE
-#endif
-
-static int login_timeout = 0;
 
 static int do_login(int argc, char *argv[])
 {
-	unsigned char passwd[PASSWD_MAX_LENGTH];
-	int passwd_len, opt;
-	int timeout = login_timeout;
-	char *timeout_cmd = "boot";
-
-	console_allow_input(true);
-	if (!is_passwd_enable()) {
-		puts("login: password not set\n");
-		return 0;
-	}
-
-	while((opt = getopt(argc, argv, "t:")) > 0) {
-		switch(opt) {
-		case 't':
-			timeout = simple_strtoul(optarg, NULL, 10);
-			break;
-		}
-	}
-
-	if (optind != argc)
-		timeout_cmd = argv[optind];
-
-	do {
-		puts("Password: ");
-		passwd_len = password(passwd, PASSWD_MAX_LENGTH, LOGIN_MODE, timeout);
-
-		if (passwd_len < 0) {
-			console_allow_input(false);
-			run_command(timeout_cmd);
-		}
-
-		if (check_passwd(passwd, passwd_len) == 1)
-			return 0;
-	} while(1);
+	login();
 
 	return 0;
 }
 
 BAREBOX_CMD_HELP_START(login)
 BAREBOX_CMD_HELP_TEXT("Asks for a password from the console before script execution continues.")
-BAREBOX_CMD_HELP_TEXT("The password can be set with the 'passwd' command. Instead of specifying")
-BAREBOX_CMD_HELP_TEXT("a TIMEOUT the magic variable 'global.login.timeout' could be set.")
-BAREBOX_CMD_HELP_TEXT("")
-BAREBOX_CMD_HELP_TEXT("Options:")
-BAREBOX_CMD_HELP_OPT("-t TIMEOUT", "Execute COMMAND if no login withing TIMEOUT seconds")
+BAREBOX_CMD_HELP_TEXT("The password can be set with the 'passwd' command.")
 BAREBOX_CMD_HELP_END
 
 BAREBOX_CMD_START(login)
 	.cmd		= do_login,
 	BAREBOX_CMD_DESC("ask for a password")
-	BAREBOX_CMD_OPTS("[-t TIMEOUT] COMMAND")
 	BAREBOX_CMD_GROUP(CMD_GRP_CONSOLE)
 	BAREBOX_CMD_HELP(cmd_login_help)
 	BAREBOX_CMD_COMPLETE(empty_complete)
 BAREBOX_CMD_END
-
-static int login_global_init(void)
-{
-	globalvar_add_simple_int("login.timeout", &login_timeout, "%d");
-
-	return 0;
-}
-late_initcall(login_global_init);
-
-BAREBOX_MAGICVAR_NAMED(global_login_timeout, global.login.timeout, "timeout to type the password");
diff --git a/commands/menutree.c b/commands/menutree.c
index 5d30b67ee5..ea5f65f3a1 100644
--- a/commands/menutree.c
+++ b/commands/menutree.c
@@ -12,12 +12,15 @@
 #include <common.h>
 #include <getopt.h>
 #include <menu.h>
+#include <password.h>
 
 static int do_menutree(int argc, char *argv[])
 {
 	int opt, ret;
 	char *path = "/env/menu";
 
+	login();
+
 	while ((opt = getopt(argc, argv, "m:")) > 0) {
 		switch (opt) {
 		case 'm':