2 -- SPDX-License-Identifier: BSD-2-Clause
4 -- Copyright (c) 2015 Pedro Souza <pedrosouza@freebsd.org>
5 -- Copyright (c) 2018 Kyle Evans <kevans@FreeBSD.org>
6 -- All rights reserved.
8 -- Redistribution and use in source and binary forms, with or without
9 -- modification, are permitted provided that the following conditions
11 -- 1. Redistributions of source code must retain the above copyright
12 -- notice, this list of conditions and the following disclaimer.
13 -- 2. Redistributions in binary form must reproduce the above copyright
14 -- notice, this list of conditions and the following disclaimer in the
15 -- documentation and/or other materials provided with the distribution.
17 -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 local core = require("core")
31 local screen = require("screen")
35 local INCORRECT_PASSWORD = "loader: incorrect password"
36 -- Asterisks as a password mask
37 local show_password_mask = false
38 local twiddle_chars = {"/", "-", "\\", "|"}
39 local screen_setup = false
41 local function setup_screen()
48 function password.read(prompt_length)
52 local function draw_twiddle()
53 printc(twiddle_chars[twiddle_pos])
54 -- Reset cursor to just after the password prompt
55 screen.setcursor(prompt_length + 2, screen.default_y)
56 twiddle_pos = (twiddle_pos % #twiddle_chars) + 1
59 -- Space between the prompt and any on-screen feedback
62 local ch = io.getchar()
63 if ch == core.KEY_ENTER then
66 if ch == core.KEY_BACKSPACE or ch == core.KEY_DELETE then
68 if show_password_mask then
73 str = str:sub(1, #str - 1)
76 if show_password_mask then
81 str = str .. string.char(ch)
87 function password.check()
88 -- pwd is optionally supplied if we want to check it
89 local function doPrompt(prompt, pwd)
92 local function clear_incorrect_text_prompt()
93 printc("\r" .. string.rep(" ", #INCORRECT_PASSWORD))
96 if not screen_setup then
102 clear_incorrect_text_prompt()
106 local read_pwd = password.read(#prompt)
107 if pwd == nil or pwd == read_pwd then
108 -- Clear the prompt + twiddle
109 printc(string.rep(" ", #prompt + 5))
112 printc("\n" .. INCORRECT_PASSWORD)
113 attempts = attempts + 1
114 loader.delay(3*1000*1000)
117 local function compare(prompt, pwd)
121 doPrompt(prompt, pwd)
124 local boot_pwd = loader.getenv("bootlock_password")
125 compare("Bootlock password:", boot_pwd)
127 local geli_prompt = loader.getenv("geom_eli_passphrase_prompt")
128 if geli_prompt ~= nil and geli_prompt:lower() == "yes" then
129 local passphrase = doPrompt("GELI Passphrase:")
130 loader.setenv("kern.geom.eli.passphrase", passphrase)
133 local pwd = loader.getenv("password")
136 loader.setenv("autoboot_delay", "NO")
137 -- The autoboot sequence was interrupted, so we'll need to
138 -- prompt for a password. Put the screen back into a known
139 -- good state, otherwise we're drawing back a couple lines
140 -- in the middle of other text.
143 compare("Loader password:", pwd)