Ticket #1389: login_v1.patch

cpukit/telnetd/check_passwd.c

@@ -1 +1 @@
 /* $Id: check_passwd.c,v 1.2 2008/10/15 17:37:15 joel Exp $ */
 
-/* Read a password, encrypt it and compare to the encrypted 
- * password in the TELNETD_PASSWD environment variable.
- * No password is required if TELNETD_PASSWD is unset
- */
-
-/* 
+/*
  * Authorship
  * ----------
  * This software was created by
  *     Till Straumann <strauman@slac.stanford.edu>, 2003-2007
  *         Stanford Linear Accelerator Center, Stanford University.
- * 
+ *
  * Acknowledgement of sponsorship
  * ------------------------------
  * This software was produced by
  *     the Stanford Linear Accelerator Center, Stanford University,
  *         under Contract DE-AC03-76SFO0515 with the Department of Energy.
- * 
+ *
  * Government disclaimer of liability
  * ----------------------------------
  * Neither the United States nor the United States Department of Energy,
@@ -26 +21 @@
  * completeness, or usefulness of any data, apparatus, product, or process
  * disclosed, or represents that its use would not infringe privately owned
  * rights.
- * 
+ *
  * Stanford disclaimer of liability
  * --------------------------------
  * Stanford University makes no representations or warranties, express or
  * implied, nor assumes any liability for the use of this software.
- * 
+ *
  * Stanford disclaimer of copyright
  * --------------------------------
  * Stanford University, owner of the copyright, hereby disclaims its
  * copyright and all other rights in this software.  Hence, anyone may
- * freely use it for any purpose without restriction.  
- * 
+ * freely use it for any purpose without restriction.
+ *
  * Maintenance of notices
  * ----------------------
  * In the interest of clarity regarding the origin and status of this
@@ -46 +41 @@
  * or distributed by the recipient and are to be affixed to any copy of
  * software made or distributed by the recipient that contains a copy or
  * derivative of this software.
- * 
+ *
  * ------------------ SLAC Software Notices, Set 4 OTT.002a, 2004 FEB 03
- */ 
+ *
+ * Modified by Sebastian Huber (2009).
+ */
 
-#if !defined(INSIDE_TELNETD) && !defined(__rtems__)
-#include <crypt.h>
-#endif
 #include <termios.h>
 #include <errno.h>
 #include <stdio.h>
@@ -61 +55 @@
 #include <string.h>
 #include <syslog.h>
 
-#include "passwd.h"
+#include <rtems/telnetd.h>
 
-/* rtems has global filedescriptors but per-thread stdio streams... */
-#define STDI_FD fileno(stdin)
-#define MAXPASSRETRY    3
-
-extern char *__des_crypt_r(char *, char*, char*, int);
-
-#if !defined(INSIDE_TELNETD)
-#define sockpeername(s,b,sz) (-1)
-#endif
-
-#if defined(INSIDE_TELNETD)
-static
-#endif
-int check_passwd(char *peername)
-{
-  char                  *pw;
-  int                   rval = -1, tmp, retries;
-  struct termios        t,told;
-  int                   restore_flags = 0;
-  char                  buf[30], cryptbuf[21];
-  char                  salt[3];
-
-  if ( !(pw=getenv("TELNETD_PASSWD")) || 0 == strlen(pw) )
-#ifdef TELNETD_DEFAULT_PASSWD
-    pw = TELNETD_DEFAULT_PASSWD;
-#else
-    return 0;
-#endif
-
-  if ( tcgetattr(STDI_FD, &t) ) {
-    perror("check_passwd(): tcgetattr");
-    goto done;  
-  }
-  told = t;
-  t.c_lflag &= ~ECHO;
-  t.c_lflag &= ~ICANON;
-  t.c_cc[VTIME] = 255;
-  t.c_cc[VMIN]  = 0;
-
-  strncpy(salt,pw,2);
-  salt[2]=0;
-
-  if ( tcsetattr(STDI_FD, TCSANOW, &t) ) {
-    perror("check_passwd(): tcsetattr");
-    goto done;  
-  }
-  restore_flags = 1;
-
-  /* Here we ask for the password... */
-  for ( retries = MAXPASSRETRY; retries > 0; retries-- ) {
-    fflush(stdin);
-    fprintf(stderr,"Password:");
-    fflush(stderr);
-    if ( 0 == fgets(buf,sizeof(buf),stdin) ) {
-      /* Here comes an ugly hack:
-       * The termios driver's 'read()' handler
-       * returns 0 to the c library's fgets if
-       * it times out. 'fgets' interprets this
-       * (correctly) as EOF, a condition we want
-       * to undo since it's not really true since
-       * we really have a read error (termios bug??)
-       *
-       * As a workaround we push something back and
-       * read it again. This should simply reset the
-       * EOF condition.
-       */
-      if (ungetc('?',stdin) >= 0)
-        fgetc(stdin);
-      goto done;
-    }
-    fputc('\n',stderr);
-    tmp = strlen(buf);
-    while ( tmp > 0 && ('\n' == buf[tmp-1] || '\r' == buf[tmp-1]) ) {
-      buf[--tmp]=0;
-    }
-    if ( !strcmp(__des_crypt_r(buf, salt, cryptbuf, sizeof(cryptbuf)), pw) ) {
-      rval = 0;
-      break;
-    }
-    fprintf(stderr,"Incorrect Password.\n");
-    sleep(2);
-  }
-
-  if ( 0 == retries ) {
-    syslog( LOG_AUTHPRIV | LOG_WARNING,
-      "telnetd: %i wrong passwords entered from %s",
-      MAXPASSRETRY,
-      peername ? peername : "<UNKNOWN>");
-  }
+#include "passwd.h"
 
-done:
-  /* what to do if restoring the flags fails?? */
-  if (restore_flags)
-    tcsetattr(STDI_FD, TCSANOW, &told);
-  
-  if (rval) {
-    sleep(2);
-  }
-  return rval;
-}
+char *__des_crypt_r( const char *, const char *, char *, int);
 
-#if !defined(INSIDE_TELNETD) && !defined(__rtems__)
-int
-main(int argc, char **argv)
+/**
+ * @brief Standard Telnet login check that uses DES to encrypt the passphrase.
+ *
+ * Takes a @a passphrase, encrypts it and compares it to the encrypted
+ * passphrase in the @c TELNETD_PASSWD environment variable.  No password is
+ * required if @c TELNETD_PASSWD is unset.  The argument @a user is ignored.
+ */
+bool rtems_telnetd_login_check(
+  const char *user,
+  const char *passphrase
+)
 {
-char *str, *enc=0;
-int   ch;
-
-while ( (ch=getopt(argc, argv, "g:")) > 0 ) {
-  switch (ch) {
-    default:
-      fprintf(stderr,"Unknown option\n");
-    return(1);
-
-    case 'g':
-      printf("Generated encrypted password: '%s'\n", (enc=crypt(optarg,"td")));
-    break;
-      
-  }
+  char *pw = getenv( "TELNETD_PASSWD");
+  char cryptbuf [21];
+  char salt [3];
+
+  if (pw == NULL || strlen( pw) == 0) {
+    #ifdef TELNETD_DEFAULT_PASSWD
+      pw = TELNETD_DEFAULT_PASSWD;
+    #else
+      return true;
+    #endif
+  }
+
+  strncpy( salt, pw, 2);
+  salt [2] = '\0';
+
+  return strcmp(
+    __des_crypt_r( passphrase, salt, cryptbuf, sizeof( cryptbuf)),
+    pw
+  ) == 0;
 }
-if (argc>optind && !enc) {
-  enc=argv[optind];
-}
-if (enc) {
-  str = malloc(strlen(enc) + 30);
-  sprintf(str,"TELNETD_PASSWD=%s",enc);
-  putenv(str);
-}
-if (check_passwd(-1)) {
-  fprintf(stderr,"check_passwd() failed\n");
-}
-return 0;
-}
-
-#endif

cpukit/telnetd/telnetd.c

@@ -5 +5 @@
  *
  *  Author: 17,may 2001
  *
- *   WORK: fernando.ruiz@ctv.es 
+ *   WORK: fernando.ruiz@ctv.es
  *   HOME: correo@fernando-ruiz.com
  *
  * After start the net you can start this daemon.
@@ -15 +15 @@
  *
  * With register_telnetd() you add a new command in the shell to start
  * this daemon interactively. (Login in /dev/console of course)
- * 
+ *
  * Sorry but OOB is not still implemented. (This is the first version)
  *
  * Till Straumann <strauman@slac.stanford.edu>
@@ -23 +23 @@
  *    possible to have 'telnetd' run an arbitrary 'shell'
  *    program.
  *
+ * Modified by Sebastian Huber (2009).
+ *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- * 
+ *
  *  $Id: telnetd.c,v 1.13 2008/10/15 17:37:15 joel Exp $
  */
 
@@ -73 +75 @@
 
 static int sockpeername(int sock, char *buf, int bufsz);
 
-static int initialize_telnetd(void);
-static int telnetd_askForPassword;
-
-void * telnetd_dflt_spawn(
+void *telnetd_dflt_spawn(
   const char *name,
   unsigned priority,
   unsigned stackSize,
@@ -85 +84 @@
 );
 
 /***********************************************************/
-rtems_id            telnetd_task_id                 = 0;
-uint32_t            telnetd_stack_size              = 32000;
-rtems_task_priority telnetd_task_priority           = 0;
-bool                telnetd_remain_on_caller_stdio  = false;
-void                (*telnetd_shell)(char *, void*) = 0;
-void                *telnetd_shell_arg              = NULL;
-void *              (*telnetd_spawn_task)(
+static rtems_id telnetd_task_id = RTEMS_ID_NONE;
+
+void *(*telnetd_spawn_task)(
   const char *,
   unsigned,
   unsigned,
   void (*)(void*),
-  void *) = telnetd_dflt_spawn;
+  void *
+) = telnetd_dflt_spawn;
 
 static char *grab_a_Connection(
   int des_socket,
@@ -178 +174 @@
   return rval;
 }
 
-#if 1
-#define INSIDE_TELNETD
-#include "check_passwd.c"
-#else
-#define check_passwd(arg) 0
-#endif
-
-
 static void
 spawned_shell(void *arg);
 
@@ -203 +191 @@
 
   if ((des_socket=socket(PF_INET,SOCK_STREAM,0))<0) {
     perror("telnetd:socket");
-    telnetd_task_id=0;
+    telnetd_task_id = RTEMS_ID_NONE;
     rtems_task_delete(RTEMS_SELF);
   };
   setsockopt(des_socket,SOL_SOCKET,SO_KEEPALIVE,&i,sizeof(i));
@@ -215 +203 @@
   if ((bind(des_socket,&srv.sa,size_adr))<0) {
     perror("telnetd:bind");
     close(des_socket);
-    telnetd_task_id=0;
+    telnetd_task_id = RTEMS_ID_NONE;
     rtems_task_delete(RTEMS_SELF);
   };
   if ((listen(des_socket,5))<0) {
     perror("telnetd:listen");
           close(des_socket);
-    telnetd_task_id=0;
+    telnetd_task_id = RTEMS_ID_NONE;
     rtems_task_delete(RTEMS_SELF);
   };
 
@@ -229 +217 @@
    * was started from the console anyways..
    */
   do {
-    if ( telnetd_remain_on_caller_stdio ) {
-      char device_name[32];
-      ttyname_r( 1, device_name, sizeof(device_name) );
-      if ( !telnetd_askForPassword || (0 == check_passwd(arg->peername)) )
-        telnetd_shell(device_name, telnetd_shell_arg);
+    if (rtems_telnetd_config.keep_stdio) {
+      bool start = true;
+      char device_name [32];
+
+      ttyname_r( 1, device_name, sizeof( device_name));
+      if (rtems_telnetd_config.login_check != NULL) {
+        start = rtems_shell_login_prompt(
+          stdin,
+          stderr,
+          device_name,
+          rtems_telnetd_config.login_check
+        );
+      }
+      if (start) {
+        rtems_telnetd_config.command( device_name, arg->arg);
+      } else {
+        syslog(
+          LOG_AUTHPRIV | LOG_WARNING,
+          "telnetd: to many wrong passwords entered from %s",
+          device_name
+        );
+      }
     } else {
       devname = grab_a_Connection(des_socket, &srv, peername, sizeof(peername));
 
       if ( !devname ) {
-        /* if something went wrong, sleep for some time */
-        sleep(10);
-        continue;
+        /* if something went wrong, sleep for some time */
+        sleep(10);
+        continue;
       }
 
       arg = malloc( sizeof(*arg) );
 
       arg->devname = devname;
-      arg->arg = telnetd_shell_arg;
+      arg->arg = rtems_telnetd_config.arg;
       strncpy(arg->peername, peername, sizeof(arg->peername));
 
-      if ( !telnetd_spawn_task( &devname[5], telnetd_task_priority,
-               telnetd_stack_size, spawned_shell, arg) ) {
+      telnetd_task_id = (rtems_id) telnetd_spawn_task(
+        devname,
+        rtems_telnetd_config.priority,
+        rtems_telnetd_config.stack_size,
+        spawned_shell,
+        arg
+      );
+      if (telnetd_task_id == RTEMS_ID_NONE) {
         FILE *dummy;
 
         if ( telnetd_spawn_task != telnetd_dflt_spawn ) {
@@ -273 +284 @@
     }
   } while(1);
 
-  /* TODO: how to free the connection semaphore? But then - 
+  /* TODO: how to free the connection semaphore? But then -
    *       stopping the daemon is probably only needed during
    *       development/debugging.
    *       Finalizer code should collect all the connection semaphore
    *       counts and eventually clean up...
    */
   close(des_socket);
-  telnetd_task_id=0;
+  telnetd_task_id = RTEMS_ID_NONE;
 }
 
-/***********************************************************/
-static int initialize_telnetd(void) {
-  
-  if (telnetd_task_id         ) return RTEMS_RESOURCE_IN_USE;
-  if (telnetd_stack_size<=0   ) telnetd_stack_size   =32000;
-
-  if ( !telnetd_spawn_task("TNTD", telnetd_task_priority,
-          RTEMS_MINIMUM_STACK_SIZE, rtems_task_telnetd, 0) ) {
-    return -1;
+rtems_status_code rtems_telnetd_initialize( void)
+{
+  rtems_status_code sc = RTEMS_SUCCESSFUL;
+
+  if (telnetd_task_id != RTEMS_ID_NONE) {
+    fprintf(stderr, "telnetd already started\n");
+    return RTEMS_RESOURCE_IN_USE;
   }
-  return 0;
-}
 
-/***********************************************************/
-int rtems_telnetd_initialize(
-  void               (*cmd)(char *, void *),
-  void                *arg,
-  bool                 remainOnCallerSTDIO,
-  size_t               stack,
-  rtems_task_priority  priority,
-  bool                 askForPassword
-)
-{
-  rtems_status_code sc;
+  if (rtems_telnetd_config.command == NULL) {
+    fprintf(stderr, "telnetd setup with invalid command\n");
+    return RTEMS_IO_ERROR;
+  }
 
-#if 0
-  printf("This is rtems-telnetd (modified by Till Straumann)\n");
-  printf("$Id: telnetd.c,v 1.13 2008/10/15 17:37:15 joel Exp $\n");
-  printf("Release $Name:  $\n");
-#endif
+  if ( !telnet_pty_initialize() ) {
+    fprintf(stderr, "telnetd cannot initialize PTY driver\n");
+    return RTEMS_IO_ERROR;
+  }
 
-  if ( !telnetd_shell && !cmd ) {
-    fprintf(stderr,"startTelnetd(): setup error - NO SHELL; bailing out\n");
-    return 1;
+  /* Check priority */
+  if (rtems_telnetd_config.priority <= 0) {
+    rtems_telnetd_config.priority = rtems_bsdnet_config.network_task_priority;
+  }
+  if (rtems_telnetd_config.priority < 2) {
+    rtems_telnetd_config.priority = 100;
   }
 
-  if (telnetd_task_id) {
-    fprintf(stderr,"ERROR:telnetd already started\n");
-    return 1;
-  };
+  /* Check stack size */
+  if (rtems_telnetd_config.stack_size <= 0) {
+    rtems_telnetd_config.stack_size = 32 * 1024;
+  }
 
-  if ( !telnet_pty_initialize() ) {
-    fprintf(stderr,"PTY driver probably not properly registered\n");
-    return 1;
+  /* Spawn task */
+  telnetd_task_id = (rtems_id) telnetd_spawn_task(
+    "TNTD",
+    rtems_telnetd_config.priority,
+    RTEMS_MINIMUM_STACK_SIZE,
+    rtems_task_telnetd,
+    0
+  );
+  if (telnetd_task_id == RTEMS_ID_NONE) {
+    return RTEMS_IO_ERROR;
   }
 
-  telnetd_askForPassword = askForPassword;
+  /* Print status */
+  if (!rtems_telnetd_config.keep_stdio) {
+    fprintf(
+      stderr,
+      "telnetd started with stacksize = %u and priority = %d\n",
+      (unsigned) rtems_telnetd_config.stack_size,
+      (unsigned) rtems_telnetd_config.priority
+    );
+  }
 
-  if (cmd)
-    telnetd_shell = cmd;
-  telnetd_shell_arg     = arg;
-  telnetd_stack_size    = stack;
-  if ( !priority ) {
-    priority = rtems_bsdnet_config.network_task_priority;
-  }
-  if ( priority < 2 )
-    priority = 100;
-  telnetd_task_priority          = priority;
-  telnetd_remain_on_caller_stdio = remainOnCallerSTDIO;
-
-  sc = initialize_telnetd();
-  if (sc != RTEMS_SUCCESSFUL) return sc;
-
-  if ( !telnetd_remain_on_caller_stdio )
-    fprintf(stderr, "rtems_telnetd() started with stacksize=%u,priority=%d\n",
-      (unsigned)telnetd_stack_size,(int)telnetd_task_priority);
-  return 0;
+  return RTEMS_SUCCESSFUL;
 }
 
 /* utility wrapper */
@@ -361 +360 @@
   FILE                *ostd[3]={ stdin, stdout, stderr };
   int                  i=0;
   struct shell_args  *arg = targ;
+  bool login_failed = false;
+  bool start = true;
 
   sc=rtems_libio_set_private_env();
 
@@ -397 +398 @@
   #endif
 
   /* call their routine */
-  if ( !telnetd_askForPassword || (0 == check_passwd(arg->peername)) )
-    telnetd_shell(arg->devname, arg->arg);
+  if (rtems_telnetd_config.login_check != NULL) {
+    start = rtems_shell_login_prompt(
+      stdin,
+      stderr,
+      arg->devname,
+      rtems_telnetd_config.login_check
+    );
+    login_failed = !start;
+  }
+  if (start) {
+    rtems_telnetd_config.command( arg->devname, arg->arg);
+  }
 
   stdin  = ostd[0];
   stdout = ostd[1];
   stderr = ostd[2];
 
+  if (login_failed) {
+    syslog(
+      LOG_AUTHPRIV | LOG_WARNING,
+      "telnetd: to many wrong passwords entered from %s",
+      arg->peername
+    );
+  }
+
 cleanup:
   release_a_Connection(arg->devname, arg->peername, nstd, i);
   free(arg);
@@ -433 +452 @@
 telnetd_dflt_spawn(const char *name, unsigned int priority, unsigned int stackSize, void (*fn)(void *), void* fnarg)
 {
   rtems_status_code        sc;
-  rtems_id                 task_id;
+  rtems_id                 task_id = RTEMS_ID_NONE;
   char                     nm[4] = {'X','X','X','X' };
   struct wrap_delete_args *pwa = malloc(sizeof(*pwa));
 
@@ -441 +460 @@
 
   if ( !pwa ) {
     perror("Telnetd: no memory\n");
-    return 0;
+    return (void *) RTEMS_ID_NONE;
   }
 
   pwa->t = fn;
@@ -460 +479 @@
       (rtems_task_argument)pwa))) {
         free(pwa);
         rtems_error(sc,"Telnetd: spawning task failed");
-        return 0;
+        return (void *) RTEMS_ID_NONE;
   }
-  return (void*)task_id;
+  return (void *) task_id;
 }
 
 /* convenience routines for CEXP (retrieve stdio descriptors

cpukit/telnetd/telnetd.h

@@ -3 +3 @@
  *  May 2001
  *  Reworked by Till Straumann and .h overhauled by Joel Sherrill.
  *
+ *  Modified by Sebastian Huber (2009).
+ *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -13 +15 @@
 #ifndef _RTEMS_TELNETD_H
 #define _RTEMS_TELNETD_H
 
+#include <rtems.h>
+#include <rtems/login.h>
+
 #ifdef __cplusplus
 extern "C" {
-#endif  
+#endif
+
+bool rtems_telnetd_login_check(
+  const char *user,
+  const char *passphrase
+);
+
+/**
+ * @brief Telnet command type.
+ */
+typedef void (*rtems_telnetd_command)(char * /* device name */, void * /* arg */);
+
+/**
+ * @brief Telnet configuration structure.
+ */
+typedef struct {
+  /**
+   * @brief Function invoked for each Telnet connection.
+   *
+   * The first parameter contains the device name.  The second parameter
+   * contains the argument pointer of this configuration table.
+   */
+  rtems_telnetd_command command;
+
+  /**
+   * @brief Argument for command function.
+   */
+  void *arg;
+
+  /**
+   * @brief Task priority.
+   *
+   * If this parameter is equal to zero, then the priority of network task is
+   * used or 100 if this priority is less than two.
+   */
+  rtems_task_priority priority;
+
+  /**
+   * @brief Task stack size.
+   */
+  size_t stack_size;
+
+  /**
+   * @brief Login check function.
+   *
+   * Method used for login checks.  Use @c NULL to disable a login check.
+   */
+  rtems_login_check login_check;
+
+  /**
+   * @brief Keep standard IO of the caller.
+   *
+   * Telnet takes over the standard input, output and error associated with
+   * task, if this parameter is set to @c true.  In this case, it will @b not
+   * listen on any sockets.  When this parameter is @c false, Telnet will
+   * create other tasks for the shell which listen on sockets.
+   */
+  bool keep_stdio;
+} rtems_telnetd_config_table;
 
 /**
- *  This method initializes the telnetd subsystem.
+ * @brief Telnet configuration.
  *
- *  @param[in] cmd is the function which is the "shell" telnetd invokes
- *  @param[in] arg is the context pointer to cmd
- *  @param[in] remainOnCallerSTDIO is set to TRUE if telnetd takes over the
- *    standard in, out and error associated with task.  In this case,
- *    it will be NOT be listening on any sockets.  When this parameters
- *    is FALSE the telnetd will create other tasks for the shell
- *    which listen on sockets.
- *  @param[in] stack is stack size of spawned task.
- *  @param[in] priority is the initial priority of spawned task(s).  If
- *    this parameter is less than 2, then the default priority of 100 is used.
- *  @param[in] askForPassword is set to TRUE if telnetd is to ask for a
- *    password. This is set to FALSE to invoke "cmd" with no password check.
- *    This may be OK if "cmd" includes its own check and indeed the RTEMS Shell
- *    uses a login with a user name and password so this is the usual case.
+ * The application must provide this configuration table.  It is used by
+ * rtems_telnetd_initialize() to configure the Telnet subsystem.  Do not modify
+ * the entries after the intialization since it is used internally.
  */
-int rtems_telnetd_initialize(
-  void               (*cmd)(char *, void *),
-  void                *arg,
-  bool                 remainOnCallerSTDIO,
-  size_t               stack,
-  rtems_task_priority  priority,
-  bool                 askForPassword
-);
+extern rtems_telnetd_config_table rtems_telnetd_config;
+
+/**
+ * @brief Initializes the Telnet subsystem.
+ *
+ * Uses the application provided @ref rtems_telnetd_config configuration table.
+ */
+rtems_status_code rtems_telnetd_initialize( void);
 
 #ifdef __cplusplus
 }
-#endif  
+#endif
 
 #endif

cpukit/libmisc/Makefile.am

@@ -85 +85 @@
     shell/err.c shell/errx.c shell/verr.c shell/vis.c \
     shell/verrx.c shell/vwarn.c shell/vwarnx.c shell/warn.c shell/warnx.c \
     shell/fts.c shell/print_heapinfo.c shell/main_wkspaceinfo.c \
-    shell/shell_script.c
+    shell/shell_script.c shell/login_prompt.c shell/login_check.c
 if LIBNETWORKING
 libshell_a_SOURCES += shell/main_mount_ftp.c shell/main_mount_tftp.c \
     shell/main_ifconfig.c shell/main_route.c shell/main_netstats.c \

new file cpukit/libmisc/shell/login.h

@@ +1 @@
+/**
+ * @file
+ *
+ * @author Sebastian Huber <sebastian.huber@embedded-brains.de>
+ *
+ * @brief Login types and functions.
+ */
+
+/*
+ * Copyright (c) 2009
+ * Embedded Brains GmbH
+ * Obere Lagerstr. 30
+ * D-82178 Puchheim
+ * Germany
+ * rtems@embedded-brains.de
+ *
+ * Based on work from Chris Johns, Fernando Ruiz and Till Straumann.
+ *
+ * The license and distribution terms for this file may be
+ * found in the file LICENSE in this distribution or at
+ * http://www.rtems.com/license/LICENSE.
+ */
+
+#ifndef RTEMS_LOGIN_H
+#define RTEMS_LOGIN_H
+
+#include <stdio.h>
+
+#include <rtems.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+typedef bool (*rtems_login_check)(
+  const char * /* user */,
+  const char * /* passphrase */
+);
+
+bool rtems_shell_login_prompt(
+  FILE *in,
+  FILE *out,
+  const char *device,
+  rtems_login_check check
+);
+
+bool rtems_shell_login_check(
+  const char *user,
+  const char *passphrase
+);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* RTEMS_LOGIN_H */

new file cpukit/libmisc/shell/login_check.c

@@ +1 @@
+/**
+ * @file
+ *
+ * @author Sebastian Huber <sebastian.huber@embedded-brains.de>
+ *
+ * @brief Shell login check function.
+ */
+
+/*
+ * Copyright (c) 2009
+ * Embedded Brains GmbH
+ * Obere Lagerstr. 30
+ * D-82178 Puchheim
+ * Germany
+ * rtems@embedded-brains.de
+ *
+ * Based on work from Chris Johns, Fernando Ruiz and Till Straumann.
+ *
+ * The license and distribution terms for this file may be
+ * found in the file LICENSE in this distribution or at
+ * http://www.rtems.com/license/LICENSE.
+ */
+
+#include <sys/types.h>
+#include <unistd.h>
+#include <pwd.h>
+
+#include <rtems/login.h>
+#include <rtems/shell.h>
+#include <rtems/userenv.h>
+
+bool rtems_shell_login_check(
+  const char *user,
+  const char *passphrase
+)
+{
+  struct passwd *pw = getpwnam( user);
+
+  /* Valid user? */
+  if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) {
+    setuid( pw->pw_uid);
+    setgid( pw->pw_gid);
+    rtems_current_user_env->euid = 0;
+    rtems_current_user_env->egid = 0;
+    chown( rtems_current_shell_env->devname, pw->pw_uid, 0);
+    rtems_current_user_env->euid = pw->pw_uid;
+    rtems_current_user_env->egid = pw->pw_gid;
+    if (strcmp( pw->pw_passwd, "*") == 0) {
+      /* TODO: /etc/shadow */
+      return true;
+    } else {
+      /* TODO: crypt() */
+      return true;
+    }
+  }
+
+  return false;
+}

new file cpukit/libmisc/shell/login_prompt.c

@@ +1 @@
+/**
+ * @file
+ *
+ * @author Sebastian Huber <sebastian.huber@embedded-brains.de>
+ *
+ * @brief Shell login prompt functions.
+ */
+
+/*
+ * Copyright (c) 2009
+ * Embedded Brains GmbH
+ * Obere Lagerstr. 30
+ * D-82178 Puchheim
+ * Germany
+ * rtems@embedded-brains.de
+ *
+ * Based on work from Chris Johns, Fernando Ruiz and Till Straumann.
+ *
+ * The license and distribution terms for this file may be
+ * found in the file LICENSE in this distribution or at
+ * http://www.rtems.com/license/LICENSE.
+ */
+
+#include <stdio.h>
+#include <termios.h>
+#include <unistd.h>
+#include <ctype.h>
+
+#include <rtems/login.h>
+
+static int rtems_shell_discard( int c, FILE *stream)
+{
+  return c;
+}
+
+static void rtems_shell_get_text(
+  FILE *in,
+  FILE *out,
+  char *line,
+  size_t size
+)
+{
+  int fd_in = fileno( in);
+  int (*put)( int, FILE *) =
+    out != NULL && isatty( fd_in)
+      ? fputc
+      : rtems_shell_discard;
+  size_t i = 0;
+
+  if (size < 1) {
+    return;
+  }
+
+  tcdrain( fd_in);
+  if (out != NULL){
+    tcdrain( fileno( out));
+  }
+
+  while (true) {
+    int c = fgetc( in);
+
+    switch (c) {
+      case EOF:
+        /* Here comes an ugly hack: The Termios driver's read() handler returns
+         * 0 to the C library's fgets() if it times out.  fgets() interprets
+         * this (correctly) as EOF, a condition we want to undo since it's not
+         * really true since we really have a read error (Termios bug?).
+         *
+         * As a workaround we push something back and read it again.  This
+         * should simply reset the EOF condition.
+         */
+        if (ungetc( '?', in) == '?') {
+          fgetc( in);
+        }
+        break;
+      case '\n':
+      case '\r':
+        put( '\n', out);
+        line [i] = '\0';
+        return;
+      case  127:
+      case '\b':
+        if (i > 0) {
+          put( '\b', out);
+          put( ' ', out);
+          put( '\b', out);
+          --i;
+        } else {
+          put( '\a', out);
+        }
+        break;
+      default:
+        if (!iscntrl( c)) {
+          if (i < size - 1) {
+            line [i] = (char) c;
+            ++i;
+            put( c, out);
+          } else {
+            put( '\a', out);
+          }
+        } else {
+          put( '\a', out);
+        }
+        break;
+    }
+  }
+}
+
+bool rtems_shell_login_prompt(
+  FILE *in,
+  FILE *out,
+  const char *device,
+  rtems_login_check check
+)
+{
+  int fd_in = fileno( in);
+  struct termios termios_previous;
+  bool restore_termios = false;
+  int i = 0;
+  bool result = false;
+
+  if (tcgetattr( fd_in, &termios_previous) == 0) {
+    struct termios termios_new = termios_previous;
+
+    termios_new.c_lflag &= ~ECHO;
+    termios_new.c_lflag &= ~ICANON;
+    termios_new.c_cc [VTIME] = 255;
+    termios_new.c_cc [VMIN] = 0;
+
+    restore_termios = tcsetattr( fd_in, TCSANOW, &termios_new) == 0;
+  }
+
+  for (i = 0; i < 3; ++i) {
+    char user [32];
+    char passphrase [128];
+
+    fprintf( out, "%s login: ", device);
+    fflush( out);
+    rtems_shell_get_text( in, out, user, sizeof( user));
+
+    fflush( in);
+    fprintf( out, "Password: ");
+    fflush( out);
+    rtems_shell_get_text( in, NULL, passphrase, sizeof( passphrase));
+    fputc( '\n', out);
+
+    result = check( user, passphrase);
+    if (result) {
+      break;
+    }
+
+    fprintf( out, "Login incorrect\n\n");
+    sleep( 2);
+  }
+
+  if (restore_termios) {
+    /* What to do if restoring the flags fails? */
+    tcsetattr( fd_in, TCSANOW, &termios_previous);
+  }
+
+  return result;
+}

cpukit/libmisc/shell/shell.c

@@ -7 +7 @@
  *   WORK: fernando.ruiz@ctv.es
  *   HOME: correo@fernando-ruiz.com
  *
+ *  Modified by Sebastian Huber (2009).
+ *
  *  The license and distribution terms for this file may be
  *  found in the file LICENSE in this distribution or at
  *  http://www.rtems.com/license/LICENSE.
@@ -40 +42 @@
 #include <errno.h>
 #include <pwd.h>
 
-rtems_shell_env_t  rtems_global_shell_env = {
+rtems_shell_env_t rtems_global_shell_env = {
   .magic         = rtems_build_name('S', 'E', 'N', 'V'),
   .devname       = CONSOLE_DEVICE_NAME,
   .taskname      = "SHGL",
@@ -53 +55 @@
   .output        = NULL,
   .output_append = false,
   .wake_on_end   = RTEMS_ID_NONE,
-  .login         = true
+  .login_check   = NULL
 };
 
 rtems_shell_env_t *rtems_current_shell_env = &rtems_global_shell_env;
@@ -118 +120 @@
   int          up;
   int          cmd = -1;
   int          inserting = 1;
-  
+
   output = (out && isatty(fileno(in)));
 
   col = last_col = 0;
-  
+
   tcdrain(fileno(in));
   if (out)
     tcdrain(fileno(out));
 
   if (output && prompt)
     fprintf(out, "\r%s", prompt);
-  
+
   line[0] = 0;
   new_line[0] = 0;
-  
+
   for (;;) {
-    
+
     if (output)
       fflush(out);
 
@@ -142 +144 @@
 
     if (extended_key == EOF)
       return -2;
-    
+
     c = extended_key & RTEMS_SHELL_KEYS_NORMAL_MASK;
-    
+
     /*
      * Make the extended_key usable as a boolean.
      */
     extended_key &= ~RTEMS_SHELL_KEYS_NORMAL_MASK;
-    
+
     up = 0;
-    
+
     if (extended_key)
     {
       switch (c)
@@ -199 +201 @@
 
           /* drop through */
         case RTEMS_SHELL_KEYS_DARROW:
-          
+
         {
           int last_cmd = cmd;
           int clen = strlen (line);
 
           if (prompt)
             clen += strlen(prompt);
-          
+
           if (up) {
             cmd++;
           } else {
@@ -226 +228 @@
             memcpy (line, new_line, size);
           else
             memcpy (line, cmds[cmd], size);
-          
+
           col = strlen (line);
-          
+
           if (output) {
             fprintf(out,"\r%*c", clen, ' ');
             fprintf(out,"\r%s%s", prompt, line);
@@ -271 +273 @@
           }
           col = 0;
           break;
-          
+
         case 5:/*Control-e*/
           if (output)
             fprintf(out,line + col);
@@ -290 +292 @@
             line[col] = '\0';
           }
           break;
-          
+
         case 0x04:/*Control-d*/
           if (strlen(line))
             break;
@@ -298 +300 @@
           if (output)
             fputc('\n', out);
           return -2;
-        
+
         case '\f':
           if (output) {
             int end;
@@ -334 +336 @@
            */
           if (output)
             fprintf(out,"\n");
-          
+
           /*
            * Only process the command if we have a command and it is not
            * repeated in the history.
@@ -378 +380 @@
   return -2;
 }
 
-int rtems_shell_scanline(
-  char *line,
-  int   size,
-  FILE *in,
-  FILE *out
-)
-{
-  int c;
-  int col;
-  int doEcho;
-
-  doEcho = (out && isatty(fileno(in)));
-
-  col = 0;
-  if (*line) {
-    col = strlen(line);
-    if (doEcho) fprintf(out,"%s",line);
-  }
-  tcdrain(fileno(in));
-  if (out)
-    tcdrain(fileno(out));
-  for (;;) {
-    line[col] = 0;
-    c = fgetc(in);
-    switch (c) {
-      case EOF:
-        return 0;
-      case '\n':
-      case '\r':
-        if (doEcho)
-          fputc('\n',out);
-        return 1;
-      case  127:
-      case '\b':
-        if (col) {
-          if (doEcho) {
-            fputc('\b',out);
-            fputc(' ',out);
-            fputc('\b',out);
-          }
-          col--;
-        } else {
-          if (doEcho) fputc('\a',out);
-        }
-        break;
-     default:
-       if (!iscntrl(c)) {
-         if (col<size-1) {
-            line[col++] = c;
-            if (doEcho) fputc(c,out);
-          } else {
-            if (doEcho) fputc('\a',out);
-          }
-       } else {
-        if (doEcho)
-          if (c=='\a') fputc('\a',out);
-       }
-       break;
-     }
-  }
-}
-  
 /* ----------------------------------------------- *
  * - The shell TASK
  * Poor but enough..
@@ -473 +413 @@
   }
 }
 
-int rtems_shell_login(FILE * in,FILE * out) {
+static bool rtems_shell_login(FILE * in,FILE * out) {
   FILE          *fd;
   int            c;
   time_t         t;
@@ -584 +524 @@
     }
   }
 
-  times=0;
-  strcpy(name,"");
-  strcpy(pass,"");
-  for (;;) {
-    times++;
-    if (times>3) break;
-    if (out) fprintf(out,"\nlogin: ");
-    if (!rtems_shell_scanline(name,sizeof(name),in,out )) break;
-    if (out) fprintf(out,"Password: ");
-    if (!rtems_shell_scanline(pass,sizeof(pass),in,NULL)) break;
-    if (out) fprintf(out,"\n");
-    if ((passwd=getpwnam(name))) {
-      if (strcmp(passwd->pw_passwd,"!")) { /* valid user */
-        setuid(passwd->pw_uid);
-        setgid(passwd->pw_gid);
-        rtems_current_user_env->euid =
-        rtems_current_user_env->egid = 0;
-        chown(rtems_current_shell_env->devname,passwd->pw_uid,0);
-        rtems_current_user_env->euid = passwd->pw_uid;
-        rtems_current_user_env->egid = passwd->pw_gid;
-        if (!strcmp(passwd->pw_passwd,"*")) {
-          /* /etc/shadow */
-          return 0;
-        } else {
-          /* crypt() */
-          return 0;
-        }
-      }
-    }
-    if (out)
-      fprintf(out,"Login incorrect\n");
-    strcpy(name,"");
-    strcpy(pass,"");
-  }
-  return -1;
+  return rtems_shell_login_prompt(
+    in,
+    out,
+    rtems_current_shell_env->devname,
+    rtems_current_shell_env->login_check
+  );
 }
 
 #if defined(SHELL_DEBUG)
@@ -686 +597 @@
 
   shell_env =
   rtems_current_shell_env = rtems_shell_init_env( shell_env_arg );
- 
+
   /*
    * @todo chrisj
    * Remove the use of task variables. Change to have a single
@@ -711 +622 @@
 
   fileno(stdout);
 
-  /* fprintf( stderr, 
+  /* fprintf( stderr,
      "-%s-%s-\n", shell_env->input, shell_env->output );
   */
 
@@ -732 +643 @@
       stdoutToClose = output;
     }
   }
-  
+
   if (shell_env->input && strcmp(shell_env_arg->input, "stdin") != 0) {
     FILE *input = fopen(shell_env_arg->input, "r");
     if (!input) {
@@ -772 +683 @@
   setvbuf(stdout,NULL,_IONBF,0); /* Not buffered*/
 
   rtems_shell_initialize_command_set();
-  
+
   /*
    * Allocate the command line buffers.
    */
@@ -780 +691 @@
   if (!cmd_argv) {
     fprintf(stderr, "no memory for command line buffers\n" );
   }
-  
+
   cmds[0] = calloc (cmd_count, RTEMS_SHELL_CMD_SIZE);
   if (!cmds[0]) {
     fprintf(stderr, "no memory for command line buffers\n" );
@@ -793 +704 @@
     for (cmd = 1; cmd < cmd_count; cmd++) {
       cmds[cmd] = cmds[cmd - 1] + RTEMS_SHELL_CMD_SIZE;
     }
-    
+
     do {
       /* Set again root user and root filesystem, side effect of set_priv..*/
       sc = rtems_libio_set_private_env();
@@ -808 +719 @@
        *  loop when the connection is dropped during login and
        *  keep on trucking.
        */
-      if (shell_env->login) {
-        result = rtems_shell_login(stdin,stdout) == 0;
+      if (shell_env->login_check != NULL) {
+        result = rtems_shell_login(stdin,stdout);
       } else {
         result = true;
       }
@@ -829 +740 @@
           chdir(shell_env->cwd);
         else
           chdir("/"); /* XXX: chdir to getpwent homedir */
-        
+
         shell_env->exit_shell = false;
 
         for (;;) {
           int cmd;
-          
+
           /* Prompt section */
           if (prompt) {
             rtems_shell_get_prompt(shell_env, prompt,
                                    RTEMS_SHELL_PROMPT_SIZE);
           }
-        
+
           /* getcmd section */
           cmd = rtems_shell_line_editor(cmds, cmd_count,
                                         RTEMS_SHELL_CMD_SIZE, prompt,
@@ -848 +759 @@
 
           if (cmd == -1)
             continue; /* empty line */
-          
+
           if (cmd == -2)
             break; /*EOF*/
 
@@ -856 +767 @@
 
           if (shell_env->echo)
             fprintf(stdout, "%d: %s\n", line, cmds[cmd]);
-          
+
           /* evaluate cmd section */
           c = cmds[cmd];
           while (*c) {
@@ -944 +855 @@
   const char          *devname,
   bool                 forever,
   bool                 wait,
-  const char*          input,
-  const char*          output,
+  const char          *input,
+  const char          *output,
   bool                 output_append,
   rtems_id             wake_on_end,
   bool                 echo,
-  bool                 login
+  rtems_login_check    login_check
 )
 {
   rtems_id           task_id;
@@ -991 +902 @@
   shell_env->output        = strdup (output);
   shell_env->output_append = output_append;
   shell_env->wake_on_end   = wake_on_end;
-  shell_env->login         = login;
+  shell_env->login_check   = login_check;
 
   getcwd(shell_env->cwd, sizeof(shell_env->cwd));
 
@@ -1017 +928 @@
   const char          *devname,
   bool                 forever,
   bool                 wait,
-  bool                 login
+  rtems_login_check    login_check
 )
 {
   rtems_id to_wake = RTEMS_ID_NONE;
@@ -1037 +948 @@
     false,                   /* output_append */
     to_wake,                 /* wake_on_end */
     false,                   /* echo */
-    login                    /* login */
+    login_check              /* login check */
   );
 }
 
@@ -1060 +971 @@
     if (sc != RTEMS_SUCCESSFUL)
       return sc;
   }
-  
+
   sc = rtems_shell_run(
     task_name,       /* task_name */
     task_stacksize,  /* task_stacksize */
@@ -1073 +984 @@
     output_append,   /* output_append */
     current_task,    /* wake_on_end */
     echo,            /* echo */
-    false            /* login */
+    NULL             /* login check */
   );
   if (sc != RTEMS_SUCCESSFUL)
     return sc;

cpukit/libmisc/shell/shell.h

@@ -24 +24 @@
 #include <termios.h>
 #include <rtems/fs.h>
 #include <rtems/libio.h>
+#include <rtems/login.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -99 +100 @@
 
 int rtems_shell_make_args(
   char  *commandLine,
-  int   *argc_p, 
-  char **argv_p, 
+  int   *argc_p,
+  char **argv_p,
   int    max_args
 );
 
-int rtems_shell_scanline(
-  char *line,
-  int   size,
-  FILE *in,
-  FILE *out
-);
-
 int rtems_shell_cat_file(
   FILE *out,
   const char *name
@@ -135 +129 @@
  * @param task_priority The priority the shell runs at.
  * @param forever Repeat logins.
  * @param wait Caller should block until shell exits.
- * @param login Demand user login.
+ * @param login_check User login check function, NULL disables login checks.
  *
  */
 rtems_status_code rtems_shell_init(
@@ -145 +139 @@
   const char          *devname,
   bool                 forever,
   bool                 wait,
-  bool                 login
+  rtems_login_check    login_check
 );
 
 /**
@@ -179 +173 @@
 int rtems_shell_str2int(const char * s);
 
 typedef struct  {
-  rtems_name  magic; /* 'S','E','N','V': Shell Environment */
-  const char *devname;
-  const char *taskname;
+  rtems_name         magic; /* 'S','E','N','V': Shell Environment */
+  const char        *devname;
+  const char        *taskname;
   /* user extensions */
-  bool        exit_shell; /* logout */
-  bool        forever   ; /* repeat login */
-  int         errorlevel;
-  bool        echo;
-  char        cwd[256];
-  const char* input;
-  const char* output;
-  bool        output_append;
-  rtems_id    wake_on_end;
-  bool        login;
+  bool               exit_shell; /* logout */
+  bool               forever; /* repeat login */
+  int                errorlevel;
+  bool               echo;
+  char               cwd[256];
+  const char        *input;
+  const char        *output;
+  bool               output_append;
+  rtems_id           wake_on_end;
+  rtems_login_check  login_check;
 } rtems_shell_env_t;
 
 bool rtems_shell_main_loop(
@@ -210 +204 @@
  * all possible file systems being included it would force the
  * networking stack into the applcation and this may not be
  * required.
- */ 
+ */
 struct rtems_shell_filesystems_tt;
 typedef struct rtems_shell_filesystems_tt rtems_shell_filesystems_t;