2020-01-18 01:31:25 +01:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2020 Freie Universität Berlin
|
|
|
|
*
|
|
|
|
* This file is subject to the terms and conditions of the GNU Lesser
|
|
|
|
* General Public License v2.1. See the file LICENSE in the top level
|
|
|
|
* directory for more details.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @defgroup sys_shell_lock Shell lock
|
|
|
|
* @ingroup sys
|
|
|
|
* @brief Simple module to provide a password protection for the shell.
|
|
|
|
* @experimental This module is an experimental feature and only shows as a proof of concept how
|
|
|
|
* the shell could be protected with a password. Do not expect relevant security from
|
|
|
|
* it for production, since Man-in-the-Middle attacks are possible depending on the
|
|
|
|
* used connection method!
|
|
|
|
*
|
|
|
|
* @{
|
|
|
|
*
|
|
|
|
* @file
|
|
|
|
* @brief Shell interface definition
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef SHELL_LOCK_H
|
|
|
|
#define SHELL_LOCK_H
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include "shell.h"
|
|
|
|
|
|
|
|
#ifdef MODULE_SHELL_LOCK
|
|
|
|
#ifndef CONFIG_SHELL_LOCK_PASSWORD
|
|
|
|
#error Using MODULE_SHELL_LOCK requires defining CONFIG_SHELL_LOCK_PASSWORD
|
|
|
|
#endif /* CONFIG_SHELL_LOCK_PASSWORD */
|
|
|
|
#endif /* MODULE_SHELL_LOCK */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Lock the login process after given attempts of failed logins for
|
|
|
|
* a few seconds
|
|
|
|
*/
|
|
|
|
#define CONFIG_SHELL_LOCK_ATTEMPTS_BEFORE_TIME_LOCK 3
|
|
|
|
|
2020-01-18 01:33:55 +01:00
|
|
|
#ifndef CONFIG_SHELL_LOCK_AUTO_LOCK_TIMEOUT_MS
|
|
|
|
/**
|
|
|
|
* @brief Lock the shell after this time span without user input
|
|
|
|
* Defaults to 5 minutes but can be overwritten in the applications
|
|
|
|
* Makefile.
|
|
|
|
*/
|
|
|
|
#define CONFIG_SHELL_LOCK_AUTO_LOCK_TIMEOUT_MS (5 * 60 * 1000)
|
|
|
|
#endif
|
|
|
|
|
2020-01-18 01:31:25 +01:00
|
|
|
/**
|
|
|
|
* @brief Entry point for the lock mechanism. If locked, the user will
|
|
|
|
* be asked for a password. This function won't return until the
|
|
|
|
* correct password has been entered.
|
|
|
|
*
|
|
|
|
* @param[in] line_buf Buffer for reading in the password from stdin
|
|
|
|
* @param[in] buf_size Buffer size
|
|
|
|
*/
|
|
|
|
void shell_lock_checkpoint(char *line_buf, int buf_size);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Returns true, if the shell is in the locked state.
|
|
|
|
*
|
|
|
|
* @return Whether the shell is locked or not.
|
|
|
|
*/
|
|
|
|
bool shell_lock_is_locked(void);
|
|
|
|
|
|
|
|
#ifdef MODULE_SHELL_LOCK_AUTO_LOCKING
|
|
|
|
/**
|
|
|
|
* @brief Restart the timeout interval before the shell is locked
|
|
|
|
* automatically.
|
|
|
|
*/
|
|
|
|
void shell_lock_auto_lock_refresh(void);
|
|
|
|
#endif /* MODULE_SHELL_LOCK_AUTO_LOCKING */
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#endif /* SHELL_LOCK_H */
|
|
|
|
/** @} */
|