Fixes
common/password.c: In function 'check_passwd':
common/password.c:292:4: warning: reading through null pointer (argument 3)
pr_err("No such digest: %s\n", PASSWD_SUM);
if no algo is enabled in which case PASSWD_SUM is defined to NULL.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
- make some locally used functions static
- remove read_passwd which is unused
- some refactoring to make code pathes clearer
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
We used to have the login functionality in the /env/bin/init script.
This is hard to review and it's too easy to break the login functionality
with changes to this script. Move the places to ask for a password to
C code where we have only a few places where we have to ask for a password.
Mainly these are run_shell() and the menutree command.
This patch introduces a login() function which will only return if the correct
password has been entered. Following calls will return immediately without
asking for a password again.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
We will use random 32 bytes salt and 10000 round to generate a
32 bytes key.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Now you need to call digest_alloc and when you finish to use it digest_free.
We need this for upcomming aes encryption support and secure boot
as we will need multiple instance of the same digest.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This will allow to move from a one at a time digest to a multi-instance
with too much impact on the code using it
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
even if the env is broken you will have a password
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
due to missing/misplaced boundary check, deleting characters could
underflow the password buffer.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
The FSF address has changed in the past. Instead of updating it
each time the address changes, just drop it completely treewide.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
If a timeout is specified and expired the command will be executed
by default boot
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
add missing EXPORT_SYMBOL for nan static function
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>