apio/Luna
1
1
Fork 0
Code Issues Pull Requests Actions Projects Releases 8 Wiki Activity

gui+su+base: Store hashed passwords and use those to log in
All checks were successful
Build and test / build (push) Successful in 1m34s
Details

Browse Source 
Unsalted SHA256 passwords are still a long way from being secure, but at least we're not storing plaintext anymore.
This commit is contained in:
apio 2024-12-14 12:48:13 +01:00
parent 00382421b2
commit 6dcdc43dc2
Signed by: apio
GPG Key ID: B8A7D06E42258954
3 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
base/etc/shadow
View File

@ -1,3 +1,3 @@
root:toor:0:0:99999:7::: root:ce5ca673d13b36118d54a7cf13aeb0ca012383bf771e713421b4d1fd841f539a:0:0:99999:7:::
wind:!:0:0:99999:7::: wind:!:0:0:99999:7:::
selene:moon:0:0:99999:7::: selene:9e78b43ea00edcac8299e0cc8df7f6f913078171335f733a21d5d911b6999132:0:0:99999:7:::

13
gui/loginui.cpp
View File

@ -8,6 +8,7 @@
*/ */
#include <luna/RefString.h> #include <luna/RefString.h>
#include <luna/SHA.h>
#include <os/ArgumentParser.h> #include <os/ArgumentParser.h>
#include <os/Config.h> #include <os/Config.h>
#include <os/File.h> #include <os/File.h>
@ -33,6 +34,14 @@ enum Stage
static constexpr ui::Color BACKGROUND_COLOR = ui::Color::from_rgb(89, 89, 89); static constexpr ui::Color BACKGROUND_COLOR = ui::Color::from_rgb(89, 89, 89);
Result<String> hash_password(StringView& view)
{
SHA256 sha;
sha.append((const u8*)view.chars(), view.length());
auto digest = TRY(sha.digest());
return digest.to_string();
}
Result<int> luna_main(int argc, char** argv) Result<int> luna_main(int argc, char** argv)
{ {
os::ArgumentParser parser; os::ArgumentParser parser;
@ -156,7 +165,9 @@ Result<int> luna_main(int argc, char** argv)
return; return;
} }
if (strcmp(data.chars(), passwd)) auto result = hash_password(data).release_value();
if (strcmp(result.chars(), passwd))
{ {
error.set_text("Incorrect password."); error.set_text("Incorrect password.");
input.clear(); input.clear();

13
utils/su.cpp
View File

@ -1,6 +1,7 @@
#include <errno.h> #include <errno.h>
#include <fcntl.h> #include <fcntl.h>
#include <grp.h> #include <grp.h>
#include <luna/SHA.h>
#include <os/ArgumentParser.h> #include <os/ArgumentParser.h>
#include <pwd.h> #include <pwd.h>
#include <shadow.h> #include <shadow.h>
@ -13,6 +14,14 @@
static struct termios orig; static struct termios orig;
static int fd = -1; static int fd = -1;
Result<String> hash_password(const char* pw)
{
SHA256 sha;
sha.append((const u8*)pw, strlen(pw));
auto digest = TRY(sha.digest());
return digest.to_string();
}
void restore_terminal() void restore_terminal()
{ {
tcsetattr(fd, TCSANOW, &orig); tcsetattr(fd, TCSANOW, &orig);
@ -176,7 +185,9 @@ Result<int> luna_main(int argc, char** argv)
char* pass = getpass(); char* pass = getpass();
if (!pass) return 1; if (!pass) return 1;
if (strcmp(pass, passwd)) auto result = hash_password(pass).release_value();
if (strcmp(result.chars(), passwd))
{ {
fprintf(stderr, "%s: wrong password!\n", argv[0]); fprintf(stderr, "%s: wrong password!\n", argv[0]);
return 1; return 1;