svn commit: r280383 - head/sys/boot/forth
Devin Teske
dteske at FreeBSD.org
Mon Mar 23 16:31:28 UTC 2015
Author: dteske
Date: Mon Mar 23 16:31:27 2015
New Revision: 280383
URL: https://svnweb.freebsd.org/changeset/base/280383
Log:
Prevent password/bootlock_password features of loader.conf(5) from
locking out everyone in the case of setting a password longer than
the maximum (currently 16 characters). Now the required password is
truncated to the maximum input that can be read from the user.
PR: kern/198760
MFC after: 3 days
MFH: stable/10 stable/9
Modified:
head/sys/boot/forth/check-password.4th
Modified: head/sys/boot/forth/check-password.4th
==============================================================================
--- head/sys/boot/forth/check-password.4th Mon Mar 23 16:22:56 2015 (r280382)
+++ head/sys/boot/forth/check-password.4th Mon Mar 23 16:31:27 2015 (r280383)
@@ -28,15 +28,15 @@ marker task-check-password.4th
include /boot/screen.4th
-13 constant enter_key \ The decimal ASCII value for Enter key
-8 constant bs_key \ The decimal ASCII value for Backspace key
-16 constant readmax \ Maximum number of characters for the password
+13 constant enter_key \ The decimal ASCII value for Enter key
+8 constant bs_key \ The decimal ASCII value for Backspace key
+16 constant readmax \ Maximum number of characters for the password
-variable readX \ Current X offset (column)(used by read)
-variable read-start \ Starting X offset (column)(used by read)
+variable readX \ Current X offset (column)(used by read)
+variable read-start \ Starting X offset (column)(used by read)
-create readval 16 allot \ input obtained (maximum 16 characters)
-variable readlen \ input length
+create readval readmax allot \ input obtained (up to readmax characters)
+variable readlen \ input length
\ This function blocks program flow (loops forever) until a key is pressed.
\ The key that was pressed is added to the top of the stack in the form of its
@@ -132,6 +132,7 @@ variable readlen \ input length
\ Do not allow the user to proceed beyond this point if a boot-lock
\ password has been set (preventing even boot from proceeding)
s" bootlock_password" getenv dup -1 <> if
+ dup readmax > if drop readmax then
begin
s" Boot Password: " read ( prompt -- )
2dup readval readlen @ compare 0<>
@@ -154,7 +155,7 @@ variable readlen \ input length
\ Only reached if autoboot fails for any reason (including if/when
\ the user aborts/escapes the countdown sequence leading to boot).
- s" password" getenv
+ s" password" getenv dup readmax > if drop readmax then
begin
s" Password: " read ( prompt -- )
2dup readval readlen @ compare 0= if
More information about the svn-src-head
mailing list