Add LL command to lock screen ##visual

* Clear terminal backbuffer * Password not saved in command history * Show timestamp of last attempt * Do a random sleep after every read to avoid time attacks * ^Z is disabled * Can be used from shell `r2 -qcLL --`
2024-11-24 05:40:10 +00:00 · 2018-10-31 01:52:08 +01:00 · 2018-10-31 01:52:08 +01:00 · 35a5c42a52
commit 35a5c42a52
parent b9d2da86a2
11 changed files with 144 additions and 20 deletions
--- a/libr/cons/cons.c
+++ b/libr/cons/cons.c
@ -1263,17 +1263,10 @@ R_API void r_cons_invert(int set, int color) {
 */
 R_API void r_cons_set_cup(int enable) {
 #if __UNIX__ || __CYGWIN__
-	if (enable) {
-		const char *code =
-			"\x1b[?1049h" // xterm
-			"\x1b" "7\x1b[?47h"; // xterm-color
-		write (2, code, strlen (code));
-	} else {
-		const char *code =
-			"\x1b[?1049l" // xterm
-			"\x1b[?47l""\x1b""8"; // xterm-color
-		write (2, code, strlen (code));
-	}
+	const char *code = enable
+		? "\x1b[?1049h" "\x1b" "7\x1b[?47h"
+		: "\x1b[?1049l" "\x1b[?47l" "\x1b" "8";
+	write (2, code, strlen (code));
 	fflush (stdout);
 #elif __WINDOWS__ && !__CYGWIN__
 	if (I.ansicon) {
@ -1557,3 +1550,9 @@ R_API void r_cons_cmd_help(const char *help[], bool use_color) {
 		}
 	}
 }
+
+R_API void r_cons_clear_buffer(void) {
+#if __UNIX__ || __CYGWIN__
+	write (1, "\x1b" "c\x1b[3J",  6);
+#endif
+}
--- a/libr/cons/dietline.c
+++ b/libr/cons/dietline.c
@ -170,7 +170,7 @@ static int r_line_readchar_utf8(ut8 *s, int slen) {
 	} else {
 		return -1;
 	}
-	if (slen < len) {
+	if (len > slen) {
 		return -1;
 	}
 	for (i = 1; i < len; i++) {
--- a/libr/cons/input.c
+++ b/libr/cons/input.c
@ -546,14 +546,51 @@ R_API int r_cons_yesno(int def, const char *fmt, ...) {
 	return key == 'y';
 }

+R_API char *r_cons_password(const char *msg) {
+	int i = 0;
+	char buf[256] = {0};
+	printf ("\r%s", msg);
+	fflush (stdout);
+	r_cons_set_raw (1);
+#if __UNIX__
+	RCons *a = r_cons_singleton();
+	a->term_raw.c_lflag &= ~(ECHO | ECHONL);
+	// //  required to make therm/iterm show the key
+	// // cannot read when enabled in this way
+	// a->term_raw.c_lflag |= ICANON;
+	tcsetattr (0, TCSADRAIN, &a->term_raw);
+	signal (SIGTSTP, SIG_IGN);
+#endif
+	while (i < sizeof (buf)) {
+		int ch = r_cons_readchar ();
+		if (ch == 127) { // backspace
+			if (i < 1) {
+				break;
+			}
+			i--;
+			continue;
+		}
+		if (ch == '\r' || ch == '\n') {
+			break;
+		}
+		buf[i++] = ch;
+	}
+	buf[i] = 0;
+	r_cons_set_raw (0);
+	printf ("\n");
+#if __UNIX__
+	signal (SIGTSTP, SIG_DFL);
+#endif
+	return strdup (buf);
+}
+
 R_API char *r_cons_input(const char *msg) {
-	char *oprompt = r_line_get_prompt (); //r_cons_singleton ()->line->prompt);
+	char *oprompt = r_line_get_prompt ();
 	if (!oprompt) {
 		return NULL;
 	}
 	char buf[1024];
 	if (msg) {
-		//r_cons_printf ("%s\n", msg);
 		r_line_set_prompt (msg);
 	} else {
 		r_line_set_prompt ("");
--- a/libr/core/cbin.c
+++ b/libr/core/cbin.c
@ -2249,7 +2249,9 @@ static int bin_sections(RCore *r, int mode, ut64 laddr, int va, ut64 at, const c
 	int fd = -1;
 	bool printHere = false;
 	sections = r_bin_get_sections (r->bin);
+#if LOAD_BSS_MALLOC
 	bool inDebugger = r_config_get_i (r->config, "cfg.debug");
+#endif
 	SdbHt *dup_chk_ht = ht_new (NULL, dup_chk_free_kv, NULL);
 	bool ret = false;
 	const char *type = print_segments ? "segment" : "section";
--- a/libr/core/cmd_log.c
+++ b/libr/core/cmd_log.c
@ -11,6 +11,7 @@ static const char *help_msg_L[] = {
 	"L",  "", "show this help",
 	"L", " blah."R_LIB_EXT, "load plugin file",
 	"L-", "duk", "unload core plugin by name",
+	"LL", "", "lock screen",
 	"La", "", "list asm/anal plugins (aL, e asm.arch=" "??" ")",
 	"Lc", "", "list core plugins",
 	"Ld", "", "list debug plugins (same as dL)",
@ -43,6 +44,51 @@ static void cmd_log_init(RCore *core) {
 	DEFINE_CMD_DESCRIPTOR (core, T);
 }

+static void screenlock(RCore *core) {
+	//  char *pass = r_cons_input ("Enter new password: ");
+	char *pass = r_cons_password (Color_INVERT "Enter new password:"Color_INVERT_RESET);
+	if (!pass || !*pass) {
+		return;
+	}
+	char *again = r_cons_password (Color_INVERT "Type it again:"Color_INVERT_RESET);
+	if (!again || !*again) {
+		return;
+	}
+	if (strcmp (pass, again)) {
+		eprintf ("Password mismatch!\n");
+		return;
+	}
+	bool running = true;
+	r_cons_clear_buffer ();
+	ut64 begin = r_sys_now ();
+	ut64 last = UT64_MAX;
+	ut64 tries = 0;
+	do {
+		r_cons_clear00 ();
+		r_cons_printf ("Retries: %d\n", tries);
+		r_cons_printf ("Locked ts: %s\n", r_time_to_string (begin));
+		if (last != UT64_MAX) {
+			r_cons_printf ("Last try: %s\n", r_time_to_string (last));
+		}
+		r_cons_newline ();
+		r_cons_flush ();
+		char *msg = r_cons_password ("radare2 password: ");
+		if (msg && !strcmp (msg, pass)) {
+			running = false;
+		} else {
+			eprintf ("\nInvalid password.\n");
+			last = r_sys_now ();
+			tries++;
+		}
+		free (msg);
+		int n = r_num_rand (10) + 1;
+		r_sys_usleep (n * 100000);
+	} while (running);
+	r_cons_set_cup (true);
+	free (pass);
+	eprintf ("Unlocked!\n");
+}
+
 static int textlog_chat(RCore *core) {
 	char prompt[64];
 	char buf[1024];
@ -189,6 +235,9 @@ static int cmd_plugins(void *data, const char *input) {
 	case 'a': // "La"
 		r_core_cmd0 (core, "e asm.arch=??");
 		break;
+	case 'L': // "LL"
+		screenlock (core);
+		break;
 	case 'o': // "Lo"
 	case 'i': // "Li"
 		r_core_cmdf (core, "%cL", input[0]);
--- a/libr/core/panels.c
+++ b/libr/core/panels.c
@ -1860,7 +1860,7 @@ static void addMenu(RCore *core, const char *parent, const char *name, RPanelsMe
 		return;
 	}
 	if (parent) {
-		ut64 addr = ht_find (panels->mht, parent, NULL);
+		void *addr = ht_find (panels->mht, parent, NULL);
 		p_item = (RPanelsMenuItem *)addr;
 		ht_insert (panels->mht, sdb_fmt ("%s.%s", parent, name), item);
 	} else {
--- a/libr/include/r_cons.h
+++ b/libr/include/r_cons.h
@ -707,6 +707,7 @@ R_API void r_cons_print_clear(void);
 R_API void r_cons_zero(void);
 R_API void r_cons_highlight(const char *word);
 R_API void r_cons_clear(void);
+R_API void r_cons_clear_buffer(void);
 R_API void r_cons_clear00(void);
 R_API void r_cons_clear_line(int err);
 R_API void r_cons_fill_line(void);
@ -802,6 +803,7 @@ R_API RColor r_cons_color_random(ut8 alpha);
 R_API void r_cons_invert(int set, int color);
 R_API int r_cons_yesno(int def, const char *fmt, ...);
 R_API char *r_cons_input(const char *msg);
+R_API char *r_cons_password(const char *msg);
 R_API void r_cons_set_cup(int enable);
 R_API void r_cons_column(int c);
 R_API int r_cons_get_column(void);
--- a/libr/include/r_util/r_num.h
+++ b/libr/include/r_util/r_num.h
@ -49,9 +49,6 @@ typedef struct r_num_t {
 typedef ut64 (*RNumCallback)(struct r_num_t *self, const char *str, int *ok);
 typedef const char *(*RNumCallback2)(struct r_num_t *self, ut64, int *ok);

-void r_srand(int seed);
-int r_rand(int mod);
-
 R_API RNum *r_num_new(RNumCallback cb, RNumCallback2 cb2, void *ptr);
 R_API void r_num_free(RNum *num);
 R_API char *r_num_units(char *buf, ut64 num);
--- a/libr/include/r_util/r_sys.h
+++ b/libr/include/r_util/r_sys.h
@ -29,6 +29,7 @@ enum {
 R_API char **r_sys_get_environ(void);
 R_API void r_sys_set_environ(char **e);
 R_API ut64 r_sys_now(void);
+R_API const char *r_time_to_string (ut64 ts);
 R_API int r_sys_fork(void);
 R_API bool r_sys_stop(void);
 R_API char *r_sys_pid_to_path(int pid);
--- a/libr/util/date.c
+++ b/libr/util/date.c
@ -142,3 +142,39 @@ R_API int r_print_date_w32(RPrint *p, const ut8 *buf, int len) {

 	return ret;
 }
+
+R_API const char *r_time_to_string (ut64 ts) {
+	static char str[128];
+#if __UNIX__
+        struct tm curt; /* current time */
+        time_t l;
+        char *week_str[7]= {
+		"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" };
+        char *month_str[12]= {
+		"Jan", "Feb", "Mar", "Apr", "May", "Jun",
+		"Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+        *str = 0;
+        l = ts >> 20;
+        localtime_r (&l, &curt);
+	// XXX localtime is affected by the timezone. 
+
+        if ((curt.tm_wday >= 0 && curt.tm_wday < 7)
+        &&  (curt.tm_mon >= 0 && curt.tm_mon < 12)) {
+		sprintf (str, "%s, %02d %s %d %02d:%02d:%02d GMT + %d",
+			week_str[curt.tm_wday],
+			curt.tm_mday,
+			month_str[curt.tm_mon],
+			curt.tm_year + 1900, curt.tm_hour,
+			curt.tm_min, curt.tm_sec, curt.tm_isdst);
+	}
+#else
+        *str = 0;
+#ifdef _MSC_VER
+#pragma message ("r_time_to_string NOT IMPLEMENTED FOR THIS PLATFORM")
+#else
+#warning r_time_to_string NOT IMPLEMENTED FOR THIS PLATFORM
+#endif
+#endif
+	return str;
+}
--- a/libr/util/unum.c
+++ b/libr/util/unum.c
@ -9,7 +9,8 @@

 static ut64 r_num_tailff(RNum *num, const char *hex);

-void r_srand (int seed) {
+//  TODO: rename to r_num_srand()
+static void r_srand (int seed) {
 #if HAVE_ARC4RANDOM_UNIFORM
 	// no-op
 	(void)seed;
@ -18,7 +19,7 @@ void r_srand (int seed) {
 #endif
 }

-int r_rand (int mod) {
+static int r_rand (int mod) {
 #if HAVE_ARC4RANDOM_UNIFORM
 	return (int)arc4random_uniform (mod);
 #else