grub-core/commands/password.c

   1 /*
   2  *  GRUB  --  GRand Unified Bootloader
   3  *  Copyright (C) 2009  Free Software Foundation, Inc.
   4  *
   5  *  GRUB is free software: you can redistribute it and/or modify
   6  *  it under the terms of the GNU General Public License as published by
   7  *  the Free Software Foundation, either version 3 of the License, or
   8  *  (at your option) any later version.
   9  *
  10  *  GRUB is distributed in the hope that it will be useful,
  11  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  *  GNU General Public License for more details.
  14  *
  15  *  You should have received a copy of the GNU General Public License
  16  *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
  17  */
  18
  19 #include <grub/auth.h>
  20 #include <grub/crypto.h>
  21 #include <grub/list.h>
  22 #include <grub/mm.h>
  23 #include <grub/misc.h>
  24 #include <grub/env.h>
  25 #include <grub/normal.h>
  26 #include <grub/dl.h>
  27 #include <grub/i18n.h>
  28
  29 GRUB_MOD_LICENSE ("GPLv3+");
  30
  31 static grub_dl_t my_mod;
  32
  33 static grub_err_t
  34 check_password (const char *user, const char *entered,
  35                 void *password)
  36 {
  37   if (grub_crypto_memcmp (entered, password, GRUB_AUTH_MAX_PASSLEN) != 0)
  38     return GRUB_ACCESS_DENIED;
  39
  40   grub_auth_authenticate (user);
  41
  42   return GRUB_ERR_NONE;
  43 }
  44
  45 grub_err_t
  46 grub_normal_set_password (const char *user, const char *password)
  47 {
  48   grub_err_t err;
  49   char *pass;
  50   int copylen;
  51
  52   pass = grub_zalloc (GRUB_AUTH_MAX_PASSLEN);
  53   if (!pass)
  54     return grub_errno;
  55   copylen = grub_strlen (password);
  56   if (copylen >= GRUB_AUTH_MAX_PASSLEN)
  57     copylen = GRUB_AUTH_MAX_PASSLEN - 1;
  58   grub_memcpy (pass, password, copylen);
  59
  60   err = grub_auth_register_authentication (user, check_password, pass);
  61   if (err)
  62     {
  63       grub_free (pass);
  64       return err;
  65     }
  66   grub_dl_ref (my_mod);
  67   return GRUB_ERR_NONE;
  68 }
  69
  70 static grub_err_t
  71 grub_cmd_password (grub_command_t cmd __attribute__ ((unused)),
  72                    int argc, char **args)
  73 {
  74   if (argc != 2)
  75     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("two arguments expected"));
  76   return grub_normal_set_password (args[0], args[1]);
  77 }
  78
  79 static grub_command_t cmd;
  80 \f
  81 GRUB_MOD_INIT(password)
  82 {
  83   my_mod = mod;
  84   cmd = grub_register_command ("password", grub_cmd_password,
  85                                N_("USER PASSWORD"),
  86                                N_("Set user password (plaintext). "
  87                                "Unrecommended and insecure."));
  88 }
  89
  90 GRUB_MOD_FINI(password)
  91 {
  92   grub_unregister_command (cmd);
  93 }