summaryrefslogtreecommitdiffstats
path: root/common/password.c
Commit message (Collapse)AuthorAgeFilesLines
* password: avoid static analyzer false positiveAhmad Fatoum2022-09-121-2/+2
| | | | | | | | | | | default_passwd is a compile-time constant. In case, where it's unset, the function will early-return and the static analyzer will warn about len being initialized, but never used, move the length calculation later to avoid this false positive. Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Link: https://lore.barebox.org/20220905095557.596891-18-a.fatoum@pengutronix.de Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: Use crypto_memneq() to compare hashesSascha Hauer2021-07-301-2/+3
| | | | | | | | Cryptographic verifications should be time-constant so that an attacker cannot get information about the secrets used by observing the system, so use crypto_memneq() rather than memcmp() to compare password hashes. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* common: replace license statements with SPDX-License-IdentifiersAhmad Fatoum2020-11-271-10/+1
| | | | | | | | | | | | | For all files in common/ that already have a license text: - Replace with appropriate SPDX-License-Identifier - Remove empty comment lines around replacement - remove comment completely if only thing remaining is name of file without description Reviewed-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* magicvar: Replace BAREBOX_MAGICVAR_NAMED with BAREBOX_MAGICVARSascha Hauer2020-10-021-2/+2
| | | | | | | | BAREBOX_MAGICVAR now generates a unique identifier automatically, so we can convert users of BAREBOX_MAGICVAR_NAMED to the simpler BAREBOX_MAGICVAR macro. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: Fix warning with empty default passwordDavid Dgien2020-06-031-0/+3
| | | | | | | | | | | | | | | | | | | | When CONFIG_PASSWORD_DEFAULT is unset, the default_passwd buffer is set to the empty string. The read_default_passwd() function wants to read at least two characters from that buffer, causing GCC to generate an array bounds warning: barebox/common/password.c: In function 'login': barebox/common/password.c:173:5: warning: array subscript [1, 2147483647] is outside array bounds of 'const char[1]' [-Warray-bounds] In file included from barebox/common/password.c:30: include/generated/passwd.h:1:19: note: while referencing 'default_passwd' Add an ARRAY_SIZE check to default_passwd so that the loop is optimized away and the warning is no longer generated. Since the read_default_passwd() function is only called when default_passwd is not the empty string, this is not a functional change. Signed-off-by: David Dgien <dgienda125@gmail.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: don't export read_default_passwd()Uwe Kleine-König2020-06-031-1/+0
| | | | | | | | This function is used only in common/password.c itself, so it doesn't need to be exported. Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* treewide: remove references to CREDITSUwe Kleine-König2020-04-271-3/+0
| | | | | | | | The CREDITS file was removed from barebox in 2015 by commit 6570288f2d97 ("Remove the CREDITS file"). Remove references to it from several files. Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* Revert "globalvar: make globalvar functions more consistent"Sascha Hauer2017-06-131-1/+1
| | | | This reverts commit 1b4a05c9263ae26083526acfabdea1ef96531a1d.
* globalvar: make globalvar functions more consistentSascha Hauer2017-04-111-1/+1
| | | | | | | | | Similar to the device parameter functions also make the globalvar functions more consistent. This also adds support for readonly globalvars and changes several existing globalvars which should really be readonly to readonly. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* common: password: make use of get_crypto_bytesOleksij Rempel2017-03-301-1/+5
| | | | | | | | get_random_bytes is providing prng, if we have HWRNG we should be able to use it over get_crypto_bytes Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* stdio: rename getc to getcharSascha Hauer2016-04-151-1/+1
| | | | | | | The function we have implemented as getc has the semantics of the standard function getchar, so rename it accorgingly. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* include: move run_command prototype to command.hSascha Hauer2016-04-151-0/+1
| | | | | | run_command fits much better into command.h, move it there. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login: make some locally used functions staticSergey Koshechkin2015-11-021-6/+3
| | | | | | | | | | | | | This patch continues cleanup password code from commit 40596b856f61c281fb34f804bf42550c099f26c3 Author: Sascha Hauer <s.hauer@pengutronix.de> Date: Thu Aug 27 15:58:50 2015 +0200 login: cleanup password code Signed-off-by: Sergey Koshechkin <tritel59@gmail.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* passwd: avoid NULL ptr usageLucas Stach2015-09-141-1/+2
| | | | | | | | | | | | Fixes common/password.c: In function 'check_passwd': common/password.c:292:4: warning: reading through null pointer (argument 3) pr_err("No such digest: %s\n", PASSWD_SUM); if no algo is enabled in which case PASSWD_SUM is defined to NULL. Signed-off-by: Lucas Stach <l.stach@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login: check return value of digest_allocSascha Hauer2015-08-281-0/+4
| | | | | | digest_alloc can fail, check the return value. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login: cleanup password codeSascha Hauer2015-08-281-39/+9
| | | | | | | | - make some locally used functions static - remove read_passwd which is unused - some refactoring to make code pathes clearer Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login: rework login mechanismSascha Hauer2015-08-281-2/+73
| | | | | | | | | | | | | | We used to have the login functionality in the /env/bin/init script. This is hard to review and it's too easy to break the login functionality with changes to this script. Move the places to ask for a password to C code where we have only a few places where we have to ask for a password. Mainly these are run_shell() and the menutree command. This patch introduces a login() function which will only return if the correct password has been entered. Following calls will return immediately without asking for a password again. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: add pbkdf2 supportJean-Christophe PLAGNIOL-VILLARD2015-03-201-30/+66
| | | | | | | | We will use random 32 bytes salt and 10000 round to generate a 32 bytes key. Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: add support for sha512Jean-Christophe PLAGNIOL-VILLARD2015-03-121-0/+2
| | | | | Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* digest: make it multi-instanceJean-Christophe PLAGNIOL-VILLARD2015-03-121-2/+3
| | | | | | | | | | Now you need to call digest_alloc and when you finish to use it digest_free. We need this for upcomming aes encryption support and secure boot as we will need multiple instance of the same digest. Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* digest: introduce digest_{init/update/final/length}Jean-Christophe PLAGNIOL-VILLARD2015-03-121-13/+13
| | | | | | | | This will allow to move from a one at a time digest to a multi-instance with too much impact on the code using it Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* input: Add BB_ prefix to KEY_ definesSascha Hauer2014-02-171-2/+2
| | | | | | | Our KEY_ defines conflict with the standard Linux KEY_ defines, so add a BB_ prefix to them. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login/passwd: add default password supportJean-Christophe PLAGNIOL-VILLARD2013-09-191-13/+81
| | | | | | | even if the env is broken you will have a password Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: fixed underflow on <backspace>Enrico Scholz2012-12-051-5/+8
| | | | | | | | due to missing/misplaced boundary check, deleting characters could underflow the password buffer. Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* Treewide: remove address of the Free Software FoundationSascha Hauer2012-09-171-3/+0
| | | | | | | The FSF address has changed in the past. Instead of updating it each time the address changes, just drop it completely treewide. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: remove not used variable 'second'Jean-Christophe PLAGNIOL-VILLARD2011-11-221-2/+1
| | | | | Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* login: add timeout supportJean-Christophe PLAGNIOL-VILLARD2011-08-111-39/+48
| | | | | | | | If a timeout is specified and expired the command will be executed by default boot Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* password: fix command support as moduleJean-Christophe PLAGNIOL-VILLARD2011-07-051-0/+7
| | | | | | | add missing EXPORT_SYMBOL for nan static function Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* add password frameworkJean-Christophe PLAGNIOL-VILLARD2010-09-201-0/+286
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>