nshlib:add platform challenge function for nsh login

Signed-off-by: huangjian <huangjian@xiaomi.com>
2022-11-04 20:35:07 +08:00 · 2022-11-04 20:35:07 +08:00 · 5a623cc9e3
commit 5a623cc9e3
parent 05eadd1bd6
4 changed files with 73 additions and 2 deletions
--- a/include/nshlib/nshlib.h
+++ b/include/nshlib/nshlib.h
@ -192,6 +192,26 @@ int nsh_telnetstart(sa_family_t family);
 void platform_motd(FAR char *buffer, size_t buflen);
 #endif

+/****************************************************************************
+ * Name: platform_challenge
+ *
+ * Description:
+ *   If CONFIG_NSH_PLATFORM_CHALLENGE is defined, then platform-specific
+ *   logic must provide this function in order get the challenge.
+ *
+ * Input Parameters:
+ *   buffer - A caller allocated buffer in which to receive the challenge
+ *   buflen - The length in bytes of the caller allocated buffer
+ *
+ * Returned value:
+ *   None
+ *
+ ****************************************************************************/
+
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+void platform_challenge(FAR char *buffer, size_t buflen);
+#endif
+
 /****************************************************************************
 * Name: platform_user_verify
 *
@ -211,8 +231,13 @@ void platform_motd(FAR char *buffer, size_t buflen);
 ****************************************************************************/

 #ifdef CONFIG_NSH_LOGIN_PLATFORM
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+int platform_user_verify(FAR const char *username, FAR const char *challenge,
+                         FAR const char *password);
+#else
 int platform_user_verify(FAR const char *username, FAR const char *password);
 #endif
+#endif

 /****************************************************************************
 * Name: nsh_system
--- a/nshlib/Kconfig
+++ b/nshlib/Kconfig
@ -1263,6 +1263,28 @@ config NSH_LOGIN_FAILCOUNT
 	---help---
 		Number of login retry attempts.

+config NSH_PLATFORM_CHALLENGE
+        bool "Platform challenge"
+        default n
+        depends on NSH_LOGIN_PLATFORM
+        ---help---
+                If this option is selected, the NSH will call into platform-specific
+                logic in order to get the challenge.  The function prototype for this
+                call is:
+
+                        void platform_challenge(FAR char *buffer, size_t buflen);
+
+                Where buffer is the location to return the challenge and buflen is the
+                length of that buffer.  The maximum size of the buffer is determined
+                by NSH_FILEIOSIZE.  An appropriate location for the
+                implementation of platform_challenge would be within apps/platform/<board>.
+
+                One newline will be inserted after the platform-supplied message.
+
+                platform_challenge() is prototyped and described in apps/include/nshlib/nshlib.h
+                which may be included like:
+
+                        #include "nshlib/nshlib.h"
 endif # NSH_LOGIN
 endif # NSH_LIBRARY
 endmenu # NSH Library
--- a/nshlib/nsh_login.c
+++ b/nshlib/nsh_login.c
@ -143,7 +143,10 @@ static void nsh_token(FAR struct console_stdio_s *pstate,
 int nsh_login(FAR struct console_stdio_s *pstate)
 {
  char username[16];
-  char password[16];
+  char password[128];
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+  char challenge[128];
+#endif
  int ret;
  int i;

@ -168,6 +171,12 @@ int nsh_login(FAR struct console_stdio_s *pstate)
          nsh_token(pstate, username, sizeof(username));
        }

+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+      platform_challenge(challenge, sizeof(challenge));
+      fputs(challenge, pstate->cn_outstream);
+      fflush(pstate->cn_outstream);
+#endif
+
      /* Ask for the login password */

      fputs(g_passwordprompt, pstate->cn_outstream);
@ -188,7 +197,11 @@ int nsh_login(FAR struct console_stdio_s *pstate)
          if (PASSWORD_VERIFY_MATCH(ret))

 #elif defined(CONFIG_NSH_LOGIN_PLATFORM)
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+          ret = platform_user_verify(username, challenge, password);
+#else
          ret = platform_user_verify(username, password);
+#endif
          if (PASSWORD_VERIFY_MATCH(ret))

 #elif defined(CONFIG_NSH_LOGIN_FIXED)
--- a/nshlib/nsh_stdlogin.c
+++ b/nshlib/nsh_stdlogin.c
@ -143,7 +143,10 @@ static void nsh_stdtoken(FAR struct console_stdio_s *pstate,
 int nsh_stdlogin(FAR struct console_stdio_s *pstate)
 {
  char username[16];
-  char password[16];
+  char password[128];
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+  char challenge[128];
+#endif
  int ret;
  int i;

@ -177,6 +180,10 @@ int nsh_stdlogin(FAR struct console_stdio_s *pstate)
          nsh_stdtoken(pstate, username, sizeof(username));
        }

+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+      platform_challenge(challenge, sizeof(challenge));
+      printf("%s", challenge);
+#endif
      /* Ask for the login password */

      printf("%s", g_passwordprompt);
@ -195,7 +202,11 @@ int nsh_stdlogin(FAR struct console_stdio_s *pstate)
          if (PASSWORD_VERIFY_MATCH(ret))

 #elif defined(CONFIG_NSH_LOGIN_PLATFORM)
+#ifdef CONFIG_NSH_PLATFORM_CHALLENGE
+          ret = platform_user_verify(username, challenge, password);
+#else
          ret = platform_user_verify(username, password);
+#endif
          if (PASSWORD_VERIFY_MATCH(ret))

 #elif defined(CONFIG_NSH_LOGIN_FIXED)