upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-11 23:06:12 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/stand/lua/password.lua

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

147 lines
4.2 KiB
Lua
Raw Normal View History

Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
--
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix
2023-05-10 11:40:58 -04:00
-- SPDX-License-Identifier: BSD-2-Clause
Add SPDX tags to lua files
2018-02-22 21:51:35 -05:00
--
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
-- Copyright (c) 2015 Pedro Souza <pedrosouza@freebsd.org>
Further normalize copyright notices - s/C/c/ where I've been inconsistent about it - +SPDX tags - Remove "All rights reserved" where possible Requested by: rgrimes (all rights reserved)
2019-09-26 12:19:22 -04:00
-- Copyright (c) 2018 Kyle Evans <kevans@FreeBSD.org>
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
-- All rights reserved.
--
-- Redistribution and use in source and binary forms, with or without
-- modification, are permitted provided that the following conditions
-- are met:
-- 1. Redistributions of source code must retain the above copyright
-- notice, this list of conditions and the following disclaimer.
-- 2. Redistributions in binary form must reproduce the above copyright
-- notice, this list of conditions and the following disclaimer in the
-- documentation and/or other materials provided with the distribution.
--
-- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-- SUCH DAMAGE.
--
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local core = require("core")
local screen = require("screen")
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local password = {}
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
local INCORRECT_PASSWORD = "loader: incorrect password"
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
-- Asterisks as a password mask
local show_password_mask = false
local twiddle_chars = {"/", "-", "\\", "|"}
lualoader: only clear the screen before first password prompt This was previously an unconditional screen clear, regardless of whether or not we would be prompting for any passwords. This is pointless, given that the screen clear is only there to put our screen into a consistent state before we draw the prompts and do cursor manipulation. This is also the only screen clear besides that to draw the menu. One can now see early pre-loader and loader output with the menu disabled, which may be useful for diagnostics. Reported by: ian MFC after: 3 days
2019-02-17 21:59:47 -05:00
local screen_setup = false
stand/lua: Re-order locals after copyright notice; require comes first
2018-02-19 12:54:22 -05:00
lualoader: Clear the screen before prompting for password Assuming that the autoboot sequence was interrupted, we've done enough cursor manipulation that the prompt for the password will be sufficiently obscured a couple of lines up. Clear the screen and reset the cursor position here, too. MFC after: 1 week
2019-03-25 22:33:27 -04:00
local function setup_screen()
screen.clear()
screen.defcursor()
screen_setup = true
end
stand/lua: Consistently organize modules We follow pretty closely the following structure of a module: 1. Copyright notice 2. Module requires 3. Module local declarations 4. Module local definitions 5. Module exports 6. return Re-organize the one-offs (config/drawer) and denote the start of module exports with a comment.
2018-02-20 09:45:58 -05:00
-- Module exports
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
function password.read(prompt_length)
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local str = ""
lualoader: Remove remnants of testing... twiddle_pos didn't need to be a module-scope local, since it's going to get reset with every read anyways- it was left-over from other things. screen.movecursor with a y=-1 setting was from a test of movecursor, resulting in the twiddle characters being drawn going up the console and looking quite funky.
2018-02-27 16:30:24 -05:00
local twiddle_pos = 1
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
local function draw_twiddle()
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
printc(twiddle_chars[twiddle_pos])
lualoader: Further screen cleanup - Add screen.default_x and screen.default_y to determine where screen.defcursor resets the cursor to. - Use screen.setcursor in screen.defcursor instead of rewriting the escape sequence. - Use screen.default_y when resetting the cursor after writing the new twiddle character, add a comment verbally describing the position just in case.
2018-02-27 23:31:19 -05:00
-- Reset cursor to just after the password prompt
screen.setcursor(prompt_length + 2, screen.default_y)
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
twiddle_pos = (twiddle_pos % #twiddle_chars) + 1
end
-- Space between the prompt and any on-screen feedback
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc(" ")
lualoader: Drop password length restrictions This seems to have been arbitrary; bootlock_password and password don't seem to have any documented length restrictions, and loader(8) probably shouldn't care about whatever GELI passphrase length restrictions might exist. Reported by: Kalle Carlbark <kalle.carlbark+freebsd@kcbark.net>
2018-02-21 15:17:08 -05:00
while true do
lualoader: Address some 'luacheck' concerns luacheck pointed out an assortment of issues, ranging from non-standard globals being created as well as unused parameters, variables, and redundant assignments. Using '_' as a placeholder for values unused (whether it be parameters unused or return values unused, assuming multiple return values) feels clean and gets the point across, so I've adopted it. It also helps flag candidates for cleanup later in some of the lambdas I've created, giving me an easy way to re-evaluate later if we're still not using some of these features.
2018-02-21 23:15:02 -05:00
local ch = io.getchar()
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if ch == core.KEY_ENTER then
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
break
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if ch == core.KEY_BACKSPACE or ch == core.KEY_DELETE then
lualoader: Use #str instead of tracking length with 'n' We really gain almost nothing by tracking length separately, especially when it's as easy as "#str", so reduce complexity.
2018-03-01 21:39:41 -05:00
if #str > 0 then
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
if show_password_mask then
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc("\008 \008")
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
else
draw_twiddle()
end
lualoader: Use #str instead of tracking length with 'n' We really gain almost nothing by tracking length separately, especially when it's as easy as "#str", so reduce complexity.
2018-03-01 21:39:41 -05:00
str = str:sub(1, #str - 1)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
else
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
if show_password_mask then
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc("*")
lualoader: Add a twiddle at password prompt This gives some form of feedback while typing, and matches-(ish*) Forth behavior. The cursor generally rests two column after the password prompt, then the twiddle is drawn three columns later and the cursor reset to resting position after being drawn. I've removed the note about re-evaluating it for security considerations and instead set it up as a module-local variable that we can set later depending on environment or something. It's set to false with no chance of changing at the moment. *As close as I can tell from reading check-password.4th, because I don't have an easy test (or deployed) setup for forth loader to check how close it is. Please do mention if it's not close enough.
2018-02-27 16:22:57 -05:00
else
draw_twiddle()
end
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
str = str .. string.char(ch)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
lualoader: Drop password length restrictions This seems to have been arbitrary; bootlock_password and password don't seem to have any documented length restrictions, and loader(8) probably shouldn't care about whatever GELI passphrase length restrictions might exist. Reported by: Kalle Carlbark <kalle.carlbark+freebsd@kcbark.net>
2018-02-21 15:17:08 -05:00
end
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
return str
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
function password.check()
stand/lua: Add optional GELI passphrase prompt Prompt for GELI passphrase when geom_eli_passphrase_prompt has been set to "YES" in loader.conf(5). This entailed breaking out the password prompt into its own function that can be reused between the password compare bits and this prompt that simply takes the entered password and passes it along in the environment as kern.geom.eli.passphrase. I've also added a TODO to re-evaluate later if we want the "password masking" -- it is currently not functional, so one still can't observe the length of the password typed at the prompt.
2018-02-17 00:26:28 -05:00
-- pwd is optionally supplied if we want to check it
lualoader: Clean up naming conventions a little bit We mostly use camel case for function names, but some local functions got mixed in using internal underscores. Doubles down on camel case.
2018-02-24 15:21:21 -05:00
local function doPrompt(prompt, pwd)
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
local attempts = 1
local function clear_incorrect_text_prompt()
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
printc("\r" .. string.rep(" ", #INCORRECT_PASSWORD))
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
end
lualoader: only clear the screen before first password prompt This was previously an unconditional screen clear, regardless of whether or not we would be prompting for any passwords. This is pointless, given that the screen clear is only there to put our screen into a consistent state before we draw the prompts and do cursor manipulation. This is also the only screen clear besides that to draw the menu. One can now see early pre-loader and loader output with the menu disabled, which may be useful for diagnostics. Reported by: ian MFC after: 3 days
2019-02-17 21:59:47 -05:00
if not screen_setup then
lualoader: Clear the screen before prompting for password Assuming that the autoboot sequence was interrupted, we've done enough cursor manipulation that the prompt for the password will be sufficiently obscured a couple of lines up. Clear the screen and reset the cursor position here, too. MFC after: 1 week
2019-03-25 22:33:27 -04:00
setup_screen()
lualoader: only clear the screen before first password prompt This was previously an unconditional screen clear, regardless of whether or not we would be prompting for any passwords. This is pointless, given that the screen clear is only there to put our screen into a consistent state before we draw the prompts and do cursor manipulation. This is also the only screen clear besides that to draw the menu. One can now see early pre-loader and loader output with the menu disabled, which may be useful for diagnostics. Reported by: ian MFC after: 3 days
2019-02-17 21:59:47 -05:00
end
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
while true do
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
if attempts > 1 then
clear_incorrect_text_prompt()
end
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
screen.defcursor()
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc(prompt)
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
local read_pwd = password.read(#prompt)
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if pwd == nil or pwd == read_pwd then
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
-- Clear the prompt + twiddle
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc(string.rep(" ", #prompt + 5))
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
return read_pwd
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
lualoader: Use global printc instead of loader.printc r330282 registered loader.printc as printc, so use it instead. This makes sense for a couple reasons, the major point being that it reads a little bit easier and pairs nicely with the global 'print'. Similar cases can not really be made for other loader.* functions as most of them are either highly specific to our use-case or usually available in other modules, such as `os`. printc does not have a standard implementation in the Lua world(*), so we have a little more leeway with it, and it's kind of a special case of the globally available 'print'. (*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 11:06:20 -05:00
printc("\n" .. INCORRECT_PASSWORD)
lualoader: Re-do twiddle It worked on my test setup, but is clearly non-functional on others. Further examination of check-password.4th showed that it actually reset the cursor to 0,25 every time and overwrote the previous password prompt. Do that, and also clear the "Incorrect Password" text if the correct password gets entered.
2018-02-27 23:23:28 -05:00
attempts = attempts + 1
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
loader.delay(3*1000*1000)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
stand/lua: Add optional GELI passphrase prompt Prompt for GELI passphrase when geom_eli_passphrase_prompt has been set to "YES" in loader.conf(5). This entailed breaking out the password prompt into its own function that can be reused between the password compare bits and this prompt that simply takes the entered password and passes it along in the environment as kern.geom.eli.passphrase. I've also added a TODO to re-evaluate later if we want the "password masking" -- it is currently not functional, so one still can't observe the length of the password typed at the prompt.
2018-02-17 00:26:28 -05:00
end
local function compare(prompt, pwd)
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if pwd == nil then
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
return
stand/lua: Add optional GELI passphrase prompt Prompt for GELI passphrase when geom_eli_passphrase_prompt has been set to "YES" in loader.conf(5). This entailed breaking out the password prompt into its own function that can be reused between the password compare bits and this prompt that simply takes the entered password and passes it along in the environment as kern.geom.eli.passphrase. I've also added a TODO to re-evaluate later if we want the "password masking" -- it is currently not functional, so one still can't observe the length of the password typed at the prompt.
2018-02-17 00:26:28 -05:00
end
lualoader: Clean up naming conventions a little bit We mostly use camel case for function names, but some local functions got mixed in using internal underscores. Doubles down on camel case.
2018-02-24 15:21:21 -05:00
doPrompt(prompt, pwd)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local boot_pwd = loader.getenv("bootlock_password")
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
compare("Bootlock password:", boot_pwd)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local geli_prompt = loader.getenv("geom_eli_passphrase_prompt")
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if geli_prompt ~= nil and geli_prompt:lower() == "yes" then
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
local passphrase = doPrompt("GELI Passphrase:")
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
loader.setenv("kern.geom.eli.passphrase", passphrase)
stand/lua: Add optional GELI passphrase prompt Prompt for GELI passphrase when geom_eli_passphrase_prompt has been set to "YES" in loader.conf(5). This entailed breaking out the password prompt into its own function that can be reused between the password compare bits and this prompt that simply takes the entered password and passes it along in the environment as kern.geom.eli.passphrase. I've also added a TODO to re-evaluate later if we want the "password masking" -- it is currently not functional, so one still can't observe the length of the password typed at the prompt.
2018-02-17 00:26:28 -05:00
end
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
local pwd = loader.getenv("password")
lualoader: Drop excessive parenthesizing This was also a convenience convention (for me) that is not very lua-tic. Drop it. I've maintained some parentheses where I'd prefer them, for example, 'if x or y or (z and w) then', but these situations are far and few between.
2018-02-20 20:35:19 -05:00
if pwd ~= nil then
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
core.autoboot()
loader: lua: disable autoboot timer after password entry In the lua loader, if one sets a password in loader.conf, the autoboot_delay timer will start before the menu is displayed. One can interrupt the autoboot and bring up the menu by entering a keyboard character before the timer expires. If this is done a prompt for the password is displayed. Entering the password will bring up the menu, but the timer will again start and another keyboard character must be entered or autoboot will abort the menu and boot the system. PR: 265472 Reviewed by: kevans MFC after: 3 days
2023-04-15 22:30:41 -04:00
loader.setenv("autoboot_delay", "NO")
lualoader: Clear the screen before prompting for password Assuming that the autoboot sequence was interrupted, we've done enough cursor manipulation that the prompt for the password will be sufficiently obscured a couple of lines up. Clear the screen and reset the cursor position here, too. MFC after: 1 week
2019-03-25 22:33:27 -04:00
-- The autoboot sequence was interrupted, so we'll need to
-- prompt for a password. Put the screen back into a known
-- good state, otherwise we're drawing back a couple lines
-- in the middle of other text.
setup_screen()
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
Improve loader passwords: 1. Be clear about which password is being requested 2. Remove extraneous whitespace between the prompt and the cursor 3. Move the twiddle to where the prompt is, instead of two characters to the right 4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially 5. Remove the unneeded exclamation mark Reviewed by: kevans Approved by: re (gjb) MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D17236
2018-09-22 09:14:44 -04:00
compare("Loader password:", pwd)
Add the lua scripts from the lua-bootloader SoC These are the .lua files from from Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also contributed. Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader Sponsored by: Google Summer of Code Improve the SoC lua menu code to bring it in line with forth menu functionality Submitted by: Zakary Nafziger Sponsored by: FreeBSD Foundation Use loader.setenv and loader.unsetenv instead of loader.perform Convert from include("/boot/foo.lua") to foo = require("foo"); to bring in line with latest lua module conventions. Enforce a uniform style for the new .lua files: o hard tab indenation for 8 spaces o don't have if foo then bar; else bas; end on one line MFC After: 1 month Relnotes: yes Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 10:32:00 -05:00
end
lualoader: Drop terminating semicolons This was previously chosen out of convenience, as we had a mixed style and needed to be consistent. I started learning Lua on Friday, so I switched everything over. It is not a very lua-nic convention, though, so drop it. Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-20 20:10:03 -05:00
return password
Reference in a new issue Copy permalink