diff options
author | Vadim Bendebury <vbendeb@google.com> | 2017-12-06 17:11:41 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2017-12-11 18:52:17 +0000 |
commit | a8423fb9e90376313a5b8594f9dfb56ac475d20b (patch) | |
tree | ba2d78e30f67371f6acc625e407893aa95771764 | |
parent | d96560bb68f6a5d8db3f1ef828016e699a1f66cf (diff) | |
download | chrome-ec-a8423fb9e90376313a5b8594f9dfb56ac475d20b.tar.gz |
ccd: require password to change or clear it
Let's not allow the user to clear or change CCD password without
specifying the old password.
To keep things simple, two changes are being made:
- do not allow setting password if password is already set
- when clearing the password require user to enter
'clear:<password>' instead of just 'clear'
BRANCH=cr50
BUG=b:70029808
TEST=verified that setting password is possible only if there is no
password set currently, and that invoking 'ccd password
clear:<old password>' indeed clears the password.
Change-Id: I3753c2701e224ef89b25ad68c1b47b54eef9cdb1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/813098
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 91c21643a9bcca03c34fef015576b10329e80d44)
Reviewed-on: https://chromium-review.googlesource.com/820412
-rw-r--r-- | common/ccd_config.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index 4eba2096a3..01e363486f 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -772,13 +772,23 @@ static int do_ccd_password(char *password) if (ccd_state == CCD_STATE_LOCKED) return EC_ERROR_ACCESS_DENIED; - /* If password was set from Opened, can't change if just Unlocked */ - if (raw_has_password() && ccd_state == CCD_STATE_UNLOCKED && - !ccd_get_flag(CCD_FLAG_PASSWORD_SET_WHEN_UNLOCKED)) - return EC_ERROR_ACCESS_DENIED; + if (raw_has_password()) { + const char clear_prefix[] = {'c', 'l', 'e', 'a', 'r', ':'}; + + /* + * The only allowed action at this point is to clear the + * password. To do it the user is supposed to enter + * 'clear:<passwd>' + */ + if (strncasecmp(password, clear_prefix, sizeof(clear_prefix))) + return EC_ERROR_ACCESS_DENIED; + + if (raw_check_password(password + sizeof(clear_prefix)) != + EC_SUCCESS) + return EC_ERROR_ACCESS_DENIED; - if (!strcasecmp(password, "clear")) return ccd_reset_password(); + } /* Set new password */ return ccd_set_password(password); |