diff options
Diffstat (limited to 'common/password.c')
-rw-r--r-- | common/password.c | 31 |
1 files changed, 11 insertions, 20 deletions
diff --git a/common/password.c b/common/password.c index 74d328f4b2..55b2d1093a 100644 --- a/common/password.c +++ b/common/password.c @@ -1,18 +1,6 @@ +// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> - * - * See file CREDITS for list of people who contributed to this - * project. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * */ #include <common.h> @@ -30,6 +18,7 @@ #include <init.h> #include <stdlib.h> #include <globalvar.h> +#include <crypto.h> #include <generated/passwd.h> #include <crypto/pbkdf2.h> @@ -159,14 +148,17 @@ static unsigned char to_hexa(unsigned char c) static int read_default_passwd(unsigned char *sum, size_t length) { - int i = 0; - int len = strlen(default_passwd); + int len, i = 0; unsigned char *buf = (unsigned char *)default_passwd; unsigned char c; + if (ARRAY_SIZE(default_passwd) == 1) + return -ENOSYS; + if (!sum || length < 1) return -EINVAL; + len = strlen(default_passwd); for (i = 0; i < len && length > 0; i++) { c = buf[i]; i++; @@ -182,7 +174,6 @@ static int read_default_passwd(unsigned char *sum, size_t length) return 0; } -EXPORT_SYMBOL(read_default_passwd); static int read_env_passwd(unsigned char *sum, size_t length) { @@ -321,7 +312,7 @@ static int check_passwd(unsigned char *passwd, size_t length) if (ret) goto err; - if (strncmp(passwd1_sum, key, keylen) == 0) + if (!crypto_memneq(passwd1_sum, key, keylen)) ret = 1; } else { ret = digest_digest(d, passwd, length, passwd1_sum); @@ -329,7 +320,7 @@ static int check_passwd(unsigned char *passwd, size_t length) if (ret) goto err; - if (strncmp(passwd1_sum, passwd2_sum, hash_len) == 0) + if (!crypto_memneq(passwd1_sum, passwd2_sum, hash_len)) ret = 1; } @@ -450,7 +441,7 @@ static int login_global_init(void) } late_initcall(login_global_init); -BAREBOX_MAGICVAR_NAMED(global_login_fail_command, global.login.fail_command, +BAREBOX_MAGICVAR(global.login.fail_command, "command to run when password entry failed"); -BAREBOX_MAGICVAR_NAMED(global_login_timeout, global.login.timeout, +BAREBOX_MAGICVAR(global.login.timeout, "timeout to type the password"); |