loginlib.c

VxWorks BSP框架源代码包含头文件和驱动

    int   timeOutInSecond = 15;
    long  bytesToRead;
    ULONG   secondPassed;
    ULONG  startTick;

    while (name == NULL || name[0] == EOS)
	{
	printf ("\n%s",loginString);

	secondPassed = 0;
	bytesToRead  = 0;
	startTick    = tickGet ();

	while (secondPassed < timeOutInSecond && bytesToRead == 0)
	    {
	    if (ioctl (STD_IN, FIONREAD, (int)&bytesToRead) == ERROR)
		return (ERROR);

	    taskDelay (sysClkRateGet () /4);
	    secondPassed = (tickGet () - startTick) / sysClkRateGet ();
	    }

	if (secondPassed >= timeOutInSecond)
	    {
	    printf ("\n");
	    name[0] = EOS;
	    return (OK);
	    }

	if (bytesToRead > 0)
	   nbytes = read (STD_IN, name, MAX_LOGIN_NAME_LEN);

	if (nbytes > 0)
	    {
	    name [nbytes - 1] = EOS;

	    if (nbytes > 1)
		return (OK);
	    }
	else
	    {
	    return (ERROR);
	    }
	}

    return (ERROR);	/* just in case, should never reach here */
    }
/*******************************************************************************
*
* loginPasswdGet - get password from user
*
* RETURNS: OK if the user types in the password within the time limit,
* or ERROR otherwise.
*/

LOCAL STATUS loginPasswdGet
    (
    char *passwd        /* buffer for passwd field up  */
                        /* to MAX_LOGIN_NAME_LEN bytes */
    )
    {
    STATUS status;
    int    nbytes = 0;
    int    timeOutInSecond = 15;
    long   bytesToRead;
    int    secondPassed;
    ULONG   startTick;
    int    oldoptions;		/* original OPT_TERM options */
    int    newoptions;		/* new OPT_TERM options during login */

    oldoptions = ioctl (STD_IN, FIOGETOPTIONS, 0);
    newoptions = oldoptions & ~OPT_ECHO;

    printf ("Password: ");	/* ask for password */

    /* don't want to echo the password */
    ioctl (STD_IN, FIOSETOPTIONS, newoptions);

    bytesToRead  = 0;
    secondPassed = 0;
    startTick    = tickGet();

    while (secondPassed < timeOutInSecond &&
	   bytesToRead == 0)
	{
	if (ioctl (STD_IN, FIONREAD, (int)&bytesToRead) == ERROR)
	    return (ERROR);

	taskDelay (sysClkRateGet() /4);
	secondPassed = (tickGet() - startTick) /sysClkRateGet();
	}

    if (bytesToRead > 0)
	nbytes = read (STD_IN, passwd, MAX_LOGIN_NAME_LEN);

    if (nbytes > 0)
	{
	passwd [nbytes - 1] = EOS;
	status = OK;
	}
    else
	status = ERROR;

    ioctl (STD_IN, FIOSETOPTIONS, oldoptions); 		/* restore options */
    return (status);
    }
/*****************************************************************************
*
* loginPrompt - display a login prompt and validate a user entry
*
* This routine displays a login prompt and validates a user entry.  If both
* user name and password match with an entry in the login table, the user is
* then given access to the VxWorks system.  Otherwise, it prompts the user
* again.
*
* All control characters are disabled during authentication except CTRL-D,
* which will terminate the remote login session.
*
* INTERNAL
* This routine should be called when starting (not a restart) the shell,
* during rlogin, or login via telnet.
*
* RETURNS: OK if the name and password are valid, or ERROR if there is an
* EOF or the routine times out.
*/

STATUS loginPrompt
    (
    char  *userName     /* user name, ask if NULL or not provided */
    )
    {
    char    name [MAX_LOGIN_NAME_LEN];	    /* buffer to hold user name */
    char    passwd [MAX_LOGIN_NAME_LEN];    /* buffer to hold user password */
    int     minTimeOutInSecond 	= 60;
    long    maxTimeOutInSecond 	= 60 * 60;  /* 1 hour */
    STATUS  status           	= OK;
    int     ix                 	= 0;
    int	    secondPassed 	= 0;
    long    totalTicks;		/* ticks equivalent to loginTimeOutInSecond */
    ULONG   startTick;
    ULONG   tickUsed;
    int     oldoptions = ioctl (STD_IN, FIOGETOPTIONS, 0);
    int     newoptions = (oldoptions & ~(OPT_ABORT) & ~(OPT_MON_TRAP));

    /* disable interrupt or reboot from the terminal during network login */

    (void)ioctl (STD_IN, FIOSETOPTIONS, newoptions);

    /* each loginPrompt session cannot be more than 60 minutes
     * or less than 60 seconds */

    if (loginTimeOutInSecond < minTimeOutInSecond)
	loginTimeOutInSecond = minTimeOutInSecond;
    else if (loginTimeOutInSecond > maxTimeOutInSecond)
	loginTimeOutInSecond = maxTimeOutInSecond;

    startTick  = tickGet();
    totalTicks = loginTimeOutInSecond * sysClkRateGet();

    if (userName == NULL)
	name[0] = EOS;
    else
	strcpy (name, userName);	/* user name provided */

    while (secondPassed < loginTimeOutInSecond)
	{
	(void)ioctl (STD_IN, FIOFLUSH, 0);

	if (strlen (name) == 0)
	    {
	    if (loginNameGet (name) == ERROR)	/* get user name */
		{
		/* the remote site will disconnect from the VxWorks shell */

		status = ERROR;
		break;
		}
  	    }

	if (loginUserVerify (name, "") == OK) 	/* no password needed */
	    break;

	if (strlen (name) > 0)
	    {
	    if (loginPasswdGet (passwd) == ERROR)
		{
		status = ERROR;
		break;
		}
	    else if (loginUserVerify (name, passwd) == OK)   /* correct login */
		{
		status = OK;
		break;
		}
	    else
		{
		printf ("\nLogin incorrect\n");
		ix++;		/* keep count of failed login try */
		}
	    }

	name[0] = EOS; 			/* reset user name */

	tickUsed = tickGet() - startTick;
        secondPassed = tickUsed / sysClkRateGet ();

	/* delay increases linearly as to the number of failed login attempts */
	if ((totalTicks - tickUsed) > (sysClkRateGet () * ix))
	    taskDelay (sysClkRateGet() * ix);
	}

    if (secondPassed >= loginTimeOutInSecond)
	{
	printf ("\nLogin timed out after %d seconds!\n", loginTimeOutInSecond);
	status = ERROR;
	}

    taskDelay (sysClkRateGet ()/2);

    (void) ioctl (STD_IN, FIOSETOPTIONS, oldoptions);	/* restore terminal */

    /* set user name to new user if correctly rlogin'd */

    if (status == OK)
	{
	/* passwd also set */

	remCurIdSet (name, passwd); /* restored by shellLogout */
	}

    return (status);
    }
/*****************************************************************************
*
* loginStringSet - change the login string
*
* This routine changes the login prompt string to <newString>.
* The maximum string length is 80 characters.
*
* RETURNS: N/A
*/

void loginStringSet
    (
    char  *newString            /* string to become new login prompt */
    )
    {
    strncpy (loginString, newString, MAX_LOGIN_NAME_LEN);
    }

/*****************************************************************************
*
* loginEncryptInstall - install an encryption routine
*
* This routine allows the user to install a custom encryption routine.
* The custom routine <rtn> must be of the following form: 
* .CS
* STATUS encryptRoutine
*        (
*        char *password,               /@ string to encrypt    @/
*        char *encryptedPassword       /@ resulting encryption @/
*        )
* .CE
* When a custom encryption routine is installed, a host version of
* this routine must be written to replace the tool vxencrypt
* in \f3host/<hostOs>/bin\fP.
*
* EXAMPLE
* The custom example above could be installed as follows:
* .CS
* #ifdef INCLUDE_SECURITY
*     loginInit ();                               /@ initialize login table   @/
*     shellLoginInstall (loginPrompt, NULL);      /@ install shell security   @/
*     loginEncryptInstall (encryptRoutine, NULL); /@ install encrypt. routine @/
* #endif
* .CE
*
* RETURNS: N/A
*
* SEE ALSO: loginDefaultEncrypt(), vxencrypt
*/

void loginEncryptInstall
    (
    FUNCPTR rtn,        /* function pointer to encryption routine */
    int     var         /* argument to the encryption routine (unused) */
    )
    {
    encryptRtn = rtn;
    encryptVar = var;
    }
/*****************************************************************************
*
* loginEncrypt - invoke the encryption routine installed by loginEncryptInstall
*
* RETURNS: OK or ERROR.
*/

LOCAL STATUS loginEncrypt
    (
    char *in,           /* argument to be passed to encryption routine */
    char *out           /* argument to be passed to encryption routine */
    )
    {
    if ((encryptRtn != NULL) && ((*encryptRtn) (in, out) != OK))
	return (ERROR);

    return (OK);
    }
/******************************************************************************
*
* loginDefaultEncrypt - default password encryption routine
*
* This routine provides default encryption for login passwords.  It employs
* a simple encryption algorithm.  It takes as arguments a string <in> and a
* pointer to a buffer <out>.  The encrypted string is then stored in the
* buffer.
*
* The input strings must be at least 8 characters and no more than 40
* characters.
*
* If a more sophisticated encryption algorithm is needed, this routine can
* be replaced, as long as the new encryption routine retains the same
* declarations as the default routine.  The routine vxencrypt
* in \f3host/<hostOs>/bin\fP
* should also be replaced by a host version of <encryptionRoutine>.  For more
* information, see the manual entry for loginEncryptInstall().
*
* RETURNS: OK, or ERROR if the password is invalid.
*
* SEE ALSO: loginEncryptInstall(), vxencrypt
*
* INTERNAL
* The encryption is done by summing the password and multiplying it by
* a magic number.
*/

STATUS loginDefaultEncrypt
    (
    char *in,                           /* input string */
    char *out                           /* encrypted string */
    )
    {
    int            ix;
    unsigned long  magic     = 31695317;
    unsigned long  passwdInt = 0;

   if (strlen (in) < 8 || strlen (in) > 40)
        {
	errnoSet (S_loginLib_INVALID_PASSWORD);
        return (ERROR);
        }

    for (ix = 0; ix < strlen(in); ix++)         /* sum the string */
        passwdInt += (in[ix]) * (ix+1) ^ (ix+1);

    sprintf (out, "%u", (long) (passwdInt * magic)); /* convert interger
							to string */
    /* make encrypted passwd printable */

    for (ix = 0; ix < strlen (out); ix++)
        {
        if (out[ix] < '3')
            out[ix] = out[ix] + '!';    /* arbitrary */

        if (out[ix] < '7')
            out[ix] = out[ix] + '/';    /* arbitrary */

        if (out[ix] < '9')
            out[ix] = out[ix] + 'B';    /* arbitrary */
        }

    return (OK);
    }