diff options
| author | Ian Moffett <ian@osmora.org> | 2025-07-10 02:41:17 -0400 |
|---|---|---|
| committer | Ian Moffett <ian@osmora.org> | 2025-07-10 02:42:46 -0400 |
| commit | 0a400811f9c85584e7897a822dc70b5c9c38192d (patch) | |
| tree | 676e044cf7d6cb3c45492eef5699d703220ffb9f | |
| parent | caae25854d3e93dbef5bab45cda9d52f82a94333 (diff) | |
usr: login: Implement 'password' input/hashing
- Update /etc/passwd to contain the hash for 'root'
- Implement password checking login in the 'login' program
- Add information about default credentials in the README
Signed-off-by: Ian Moffett <ian@osmora.org>
| -rw-r--r-- | README.md | 6 | ||||
| -rw-r--r-- | etc/passwd | 2 | ||||
| -rw-r--r-- | usr.bin/login/login.c | 42 |
3 files changed, 42 insertions, 8 deletions
@@ -23,6 +23,12 @@ After running the configure script, you can now actually build Hyra: This will generate a new `Hyra.iso` file. + +Default User: +---------------- +Upon booting, the `login` program will ask for user credentials. The default username is `root` and the default +password is also `root`. + Documentation: -------------- Documentation will be in the form of comments throughout the codebase and can also be found in the share/ directory within the project root. @@ -1 +1 @@ -root:x:0:0:Not a ruler:/root:/usr/bin/osh +root:4813494d137e1631bba301d5acab6e7bb7aa74ce1185d456565ef51d737677b2:0:0:Not a ruler:/root:/usr/bin/osh diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index c5af6c0..d4c4562 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -30,6 +30,7 @@ #include <sys/spawn.h> #include <sys/types.h> #include <sys/errno.h> +#include <crypto/sha256.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -51,6 +52,7 @@ static char buf[64]; static uint8_t buf_i; +static short echo_chars = 1; /* * Verify a UID is valid @@ -83,13 +85,14 @@ check_uid(const char *uid) * (username) * * @alias: Alias to lookup + * @hash: Password hash * @entry: /etc/passwd entry * * Returns -1 on failure * Returns 0 if the entry matches */ static int -check_user(char *alias, char *entry) +check_user(char *alias, char *hash, char *entry) { const char *p, *shell; char *shell_argv[] = { DEFAULT_SHELL, NULL }; @@ -118,6 +121,11 @@ check_user(char *alias, char *entry) retval = 0; } break; /* UNREACHABLE */ + case ROW_HASH: + if (strcmp(p, hash) == 0) { + retval = 0; + } + break; case ROW_USERID: if (check_uid(p) != 0) { printf("bad uid @ line %d\n", line); @@ -155,12 +163,11 @@ check_user(char *alias, char *entry) static char * getstr(void) { - char c; + char c, printc; int input; buf_i = 0; - for (;;) { if ((input = getchar()) < 0) { continue; @@ -171,6 +178,13 @@ getstr(void) continue; } + /* + * If we want to echo characters, 'printc' becomes + * exactly the character we got. Otherwise, just + * print little stars to redact it. + */ + printc = echo_chars ? c : '*'; + /* return on newline */ if (c == '\n') { buf[buf_i] = '\0'; @@ -187,7 +201,7 @@ getstr(void) } else if (is_ascii(c) && buf_i < sizeof(buf) - 1) { /* write to fd and add to buffer */ buf[buf_i++] = c; - putchar(c); + putchar(printc); } } } @@ -195,21 +209,36 @@ getstr(void) static int getuser(FILE *fp) { + char *pwtmp; char *alias; char entry[256]; + char pwhash[SHA256_HEX_SIZE]; int retval; printf("username: "); alias = getstr(); + + /* Grab the password now */ + echo_chars = 0; + printf("password: "); + pwtmp = getstr(); + sha256_hex(pwtmp, strlen(pwtmp), pwhash); + + /* Paranoia */ + pwtmp = NULL; + buf_i = 0; + memset(buf, 0, sizeof(buf)); + + /* See if anything matches */ while (fgets(entry, sizeof(entry), fp) != NULL) { - retval = check_user(alias, entry); + retval = check_user(alias, pwhash, entry); if (retval == 0) { printf("login: successful\n"); return 0; } } - printf("bad username \"%s\"\n", alias); + printf("bad username or password\n"); fseek(fp, 0, SEEK_SET); memset(buf, 0, sizeof(buf)); buf_i = 0; @@ -228,7 +257,6 @@ main(void) } printf("- Please authenticate yourself -\n"); - printf("Default user 'root'\n"); for (;;) { if (getuser(fp) == 0) { break; |