spsf/HyperionOS
1
0
Fork 0
forked from Hyperion/HyperionOS
Code Pull Requests Activity

vfs rewrite lol fml

Browse Source
This commit is contained in:
Astronand
2026-01-29 20:29:06 -05:00
parent 9bd9cdaba4
commit 1c3d2c8b48
25 changed files with 980 additions and 633 deletions
Download Patch File Download Diff File Expand all files Collapse all files

302
Src/Hyperion-kernel/lib/modules/Hyperion/40_pam.kmod
View File

@@ -1,66 +1,238 @@
--:Minify:--
local kernel = ...
local pam = {}
kernel.pam = pam
local loggedIn = {}
local function getFile(path)
local file = kernel.vfs.open(path, "r")
if not file then error("Failed to open file: "..path) end
local content = kernel.vfs.read(file, 1024000)
kernel.vfs.close(file)
return content
end
local blake2s = require("crypto.blake2s")
if not blake2s then error("Failed to load blake2s") end
if not kernel.vfs.exists("/etc/pam.d/secret") then
local key = ""
for i=1, 256 do
key=key..string.char(math.random(1,255))
end
local handle = kernel.vfs.open("/etc/pam.d/secret", "w")
kernel.vfs.write(handle, key)
kernel.vfs.close(handle)
end
local pepper = getFile("/etc/pam.d/secret")
function pam.authenticate(username, password)
local fpasswd = getFile("/etc/passwd")
local fshadow = getFile("/etc/shadow")
local passwdLines = string.split(fpasswd, "\n")
local shadowLines = string.split(fshadow, "\n")
local passwd = {}
local shadow = {}
for _, line in ipairs(passwdLines) do
local fields = string.split(line, ":")
passwd[fields[1]] = fields
end
for _, line in ipairs(shadowLines) do
local fields = string.split(line, ":")
shadow[fields[1]] = fields
end
for user, fields in pairs(passwd) do
if user == username then
local shadowPasswd = string.split(shadow[user][2], "$")
local salt = shadowPasswd[2]
local hashedPassword = blake2s(password .. salt, pepper)
if hashedPassword == shadowPasswd[3] then
loggedIn[username] = kernel.newUUID()
return loggedIn[username]
else
return false
end
end
end
end
function pam.authToken(username, token)
return loggedIn[username] == token
end
--local kernel = ...
--local pam = {}
--kernel.pam = pam
--local loggedIn = {}
--
--local function getFile(path)
-- local file = kernel.vfs.open(path, "r")
-- if not file then error("Failed to open file: "..path) end
-- local content = kernel.vfs.read(file, 1024000)
-- kernel.vfs.close(file)
-- return content
--end
--
--local blake2s
--
--do
-- local MOD32 = 2^32
-- local function norm(x)
-- return x % MOD32
-- end
--
-- local function tobits(x)
-- x = norm(x)
-- local t = {}
-- for i = 0, 31 do
-- local b = x % 2
-- t[i] = b
-- x = (x - b) / 2
-- end
-- return t
-- end
--
-- local function frombits(t)
-- local x = 0
-- local p = 1
-- for i = 0, 31 do
-- if t[i] == 1 then
-- x = x + p
-- end
-- p = p * 2
-- end
-- return norm(x)
-- end
--
-- local function bor(...)
-- local args = {...}
-- if #args == 0 then return 0 end
-- local bits = tobits(args[1])
-- for i = 2, #args do
-- local b = tobits(args[i])
-- for j = 0, 31 do
-- bits[j] = (bits[j] == 1 or b[j] == 1) and 1 or 0
-- end
-- end
-- return frombits(bits)
-- end
--
-- local function bxor(...)
-- local args = {...}
-- if #args == 0 then return 0 end
-- local bits = tobits(args[1])
-- for i = 2, #args do
-- local b = tobits(args[i])
-- for j = 0, 31 do
-- bits[j] = (bits[j] ~= b[j]) and 1 or 0
-- end
-- end
-- return frombits(bits)
-- end
--
-- local function lshift(x, n)
-- return norm(norm(x) * 2^n)
-- end
--
-- local function rshift(x, n)
-- return math.floor(norm(x) / 2^n)
-- end
--
-- local function rotr(x, n)
-- return bor(rshift(x, n), lshift(x, 32 - n))
-- end
--
-- local IV = {
-- 0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A,
-- 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19
-- }
--
-- local SIGMA = {
-- {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15},
-- {14,10,4,8,9,15,13,6,1,12,0,2,11,7,5,3},
-- {11,8,12,0,5,2,15,13,10,14,3,6,7,1,9,4},
-- {7,9,3,1,13,12,11,14,2,6,5,10,4,0,15,8},
-- {9,0,5,7,2,4,10,15,14,1,11,12,6,8,3,13},
-- {2,12,6,10,0,11,8,3,4,13,7,5,15,14,1,9},
-- {12,5,1,15,14,13,4,10,0,7,6,3,9,2,8,11},
-- {13,11,7,14,12,1,3,9,5,0,15,4,8,6,2,10},
-- {6,15,14,9,11,3,0,8,12,2,13,7,1,4,10,5},
-- {10,2,8,4,7,6,1,5,15,11,9,14,3,12,13,0}
-- }
--
-- local function G(v, a, b, c, d, x, y)
-- v[a] = (v[a] + v[b] + x) % MOD32
-- v[d] = rotr(bxor(v[d], v[a]), 16)
-- v[c] = (v[c] + v[d]) % MOD32
-- v[b] = rotr(bxor(v[b], v[c]), 12)
-- v[a] = (v[a] + v[b] + y) % MOD32
-- v[d] = rotr(bxor(v[d], v[a]), 8)
-- v[c] = (v[c] + v[d]) % MOD32
-- v[b] = rotr(bxor(v[b], v[c]), 7)
-- end
--
-- local function compress(h, block, t, last)
-- local v = {}
-- for i = 1, 8 do v[i] = h[i] end
-- for i = 1, 8 do v[i + 8] = IV[i] end
--
-- v[13] = bxor(v[13], t)
-- if last then
-- v[15] = bxor(v[15], 0xFFFFFFFF)
-- end
--
-- local m = {}
-- for i = 0, 15 do
-- local p = i * 4 + 1
-- m[i] =
-- (block:byte(p) or 0) +
-- ((block:byte(p + 1) or 0) * 0x100) +
-- ((block:byte(p + 2) or 0) * 0x10000) +
-- ((block:byte(p + 3) or 0) * 0x1000000)
-- end
--
-- for r = 1, 10 do
-- local s = SIGMA[r]
-- G(v,1,5,9,13, m[s[1]], m[s[2]])
-- G(v,2,6,10,14, m[s[3]], m[s[4]])
-- G(v,3,7,11,15, m[s[5]], m[s[6]])
-- G(v,4,8,12,16, m[s[7]], m[s[8]])
-- G(v,1,6,11,16, m[s[9]], m[s[10]])
-- G(v,2,7,12,13, m[s[11]], m[s[12]])
-- G(v,3,8,9,14, m[s[13]], m[s[14]])
-- G(v,4,5,10,15, m[s[15]], m[s[16]])
-- end
--
-- for i = 1, 8 do
-- h[i] = bxor(h[i], v[i], v[i + 8])
-- end
-- end
--
-- function blake2s(msg, key)
-- key = key or ""
--
-- local h = {}
-- for i = 1, 8 do h[i] = IV[i] end
--
-- local outlen = 32 -- bytes
-- h[1] = bxor(
-- h[1],
-- 0x01010000 + lshift(#key, 8) + outlen
-- )
--
-- local t = 0
--
-- if #key > 0 then
-- local block = key .. string.rep("\0", 64 - #key)
-- t = #key
-- compress(h, block, t, false)
-- end
--
-- for i = 1, #msg, 64 do
-- local block = msg:sub(i, i + 63)
-- if #block < 64 then
-- block = block .. string.rep("\0", 64 - #block)
-- end
-- t = t + math.min(64, #msg - i + 1)
-- compress(h, block, t, i + 64 > #msg)
-- end
--
-- local out = ""
-- for i = 1, 8 do
-- out = out .. string.format("%08x", h[i])
-- end
-- return out
-- end
--end
--
--if not blake2s then error("Failed to load blake2s") end
--
--if not kernel.vfs.exists("/etc/pam.d/secret") then
-- local key = ""
-- for i=1, 256 do
-- key=key..string.char(math.random(1,255))
-- end
-- local handle = kernel.vfs.open("/etc/pam.d/secret", "w")
-- kernel.vfs.write(handle, key)
-- kernel.vfs.close(handle)
--end
--
--local pepper = getFile("/etc/pam.d/secret")
--
--function pam.authenticate(username, password)
-- local fpasswd = getFile("/etc/passwd")
-- local fshadow = getFile("/etc/shadow")
--
-- local passwdLines = string.split(fpasswd, "\n")
-- local shadowLines = string.split(fshadow, "\n")
--
-- local passwd = {}
-- local shadow = {}
-- for _, line in ipairs(passwdLines) do
-- local fields = string.split(line, ":")
-- passwd[fields[1]] = fields
-- end
-- for _, line in ipairs(shadowLines) do
-- local fields = string.split(line, ":")
-- shadow[fields[1]] = fields
-- end
--
-- for user, fields in pairs(passwd) do
-- if user == username then
-- local shadowPasswd = string.split(shadow[user][2], "$")
-- local salt = shadowPasswd[2]
-- local hashedPassword = blake2s(password .. salt, pepper)
-- if hashedPassword == shadowPasswd[3] then
-- loggedIn[username] = kernel.newUUID()
-- return loggedIn[username]
-- else
-- return false
-- end
-- end
-- end
--end
--
--function pam.authToken(username, token)
-- return loggedIn[username] == token
--end
--
--