It probably does not work across linefeed, but hopefully user names are not
that long (and nobody is using terminal that small).

This patch fixes two integer underflows at:
  * grub-core/lib/crypto.c
  * grub-core/normal/auth.c

CVE-2015-8370
Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
Also-By: Andrey Borzenkov <arvidjaar@gmail.com>

	on it.

	compact and more efficient code.

	* grub-core/kern/list.c (grub_list_push): Moved from here ...
	* include/grub/list.h (grub_list_push): ... to here. Set prev.
	(grub_list_remove): Moved from here ...
	* include/grub/list.h (grub_list_remove): ... here. Use and set prev.
	(grub_prio_list_insert): Set prev.
	* include/grub/list.h (grub_list): Add prev. All users updated.

	* grub-core/bus/usb/usbhub.c (hubs): Likewise.
	* grub-core/commands/hashsum.c (aliases): Likewise.
	* grub-core/commands/setpci.c (pci_registers): Likewise.
	* grub-core/disk/usbms.c (attach_hook): Likewise.
	* grub-core/fs/zfs/zfs.c (decomp_table): Likewise.
	(zio_checksum_table): Likewise.
	* grub-core/gettext/gettext.c (grub_gettext_msg_list): Likewise.
	* grub-core/gfxmenu/gfxmenu.c (cached_view): Likewise.
	* grub-core/lib/legacy_parse.c (legacy_commands): Likewise.
	* grub-core/lib/relocator.c (leftovers): Likewise.
	(extra_blocks): Likewise.
	* grub-core/loader/i386/bsd.c (relocator): Likewise.
	* grub-core/loader/i386/multiboot_mbi.c (modules): Likewise.
	(modules_last): Likewise.
	* grub-core/loader/i386/xnu.c (table_aliases): Likewise.
	(devices): Likewise.
	* grub-core/loader/multiboot_mbi2.c (modules): Likewise.
	(modules_last): Likewise.
	* grub-core/normal/auth.c (users): Likewise.
	* grub-core/normal/context.c (initial_menu): Likewise.
	(current_menu): Likewise.
	* grub-core/normal/crypto.c (crypto_specs): Likewise.
	* grub-core/term/serial.c (grub_serial_ports): Likewise.
	(grub_serial_terminfo_input_template): Likewise.
	(grub_serial_terminfo_output_template): Likewise.
	(grub_serial_terminfo_input): Likewise.
	(grub_serial_terminfo_output): Likewise.
	(registered): Likewise.
	* grub-core/term/usb_keyboard.c (attach_hook): Likewise.

	Set-but-not-used variable removed.

 
	* include/grub/auth.h: Include `<grub/i18n.h>'.
	(GRUB_GET_PASSWORD): Gettextizze string.
	* include/grub/normal.h (STANDARD_MARGIN): New macro, moved from
	menu_text.c.
	(grub_utf8_to_ucs4_alloc): Fix indentation.
	(grub_print_ucs4): Likewise.
	(grub_getstringwidth): Likewise.
	(print_message_indented): New declaration.
	* normal/auth.c: Include `<grub/i18n.h>'.
	(grub_auth_check_authentication): Gettexttize string.
	* normal/cmdline.c: Include `<grub/i18n.h>'.
	(grub_cmdline_get): Gettextizze.
	* normal/color.c: Include `<grub/i18n.h>'.
	(grub_parse_color_name_pair): Gettexttize strings.
	* normal/main.c (grub_normal_reader_init): Cleanup gettexttized
	string (use `print_message_indented').
	* normal/menu_text.c (STANDARD_MARGIN): Moved from here to
	`include/grub/normal.h'.
	(print_message_indented): Renamed to ...
	(grub_print_message_indented): ... this. Remove `static' qualifer (now
	used in normal/main.c).
	(print_message): Use `grub_print_message_indented' instead of
	`print_message_indented'.
	(print_timeout): Likewise.
	* normal/misc.c: Include `<grub/term.h>' and `<grub/i18n.h>'.
	(grub_normal_print_device_info): Gettexttize strings.
	* po/POTFILES: Add `auth.c', `color.c' and `misc.c'.

Use dedicated simple password retriever for size of future crypto disks modules and simplify entering passwords routines

        * normal/auth.c (punishment_delay): Moved from here ...
        (grub_auth_strcmp): ... to here (inside function).

        * normal/auth.c: Include `<grub/time.h>'.
        (grub_auth_strcmp): Replace `strcmp' with `grub_strcmp'.

        * normal/auth.c (punishment_delay): New variable.
        (grub_auth_strcmp): Rewrite using grub_get_time_ms ().
        (grub_auth_check_authentication): Punish failed login attempts with  
        an incremental (2^N) delay.

	* normal/auth.c (grub_auth_strcmp): Fixed incorrect variable usage.

	* normal/auth.c (grub_auth_strcmp): Fix bug which resulted in function
	being insecure.

	Fix breakage in normal/auth.c.

	* normal/auth.c (grub_iswordseparator): New function.

	Authentication support.

	* commands/password.c: New file.
	* conf/common.rmk (pkglib_MODULES): Add password.mod.
	(password_mod_SOURCES): New variable.
	(password_mod_CFLAGS): Likewise.
	(password_mod_LDFLAGS): Likewise.
	(normal_mod_SOURCES): Add normal/auth.c.
	* conf/i386-coreboot.rmk (grub_emu_SOURCES): Add commands/password.c and
	normal/auth.c.
	* conf/i386-efi.rmk (grub_emu_SOURCES): Likewise.
	* conf/i386-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/i386-pc.rmk (grub_emu_SOURCES): Likewise.
	* conf/powerpc-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/sparc64-ieee1275.rmk (grub_emu_SOURCES): Likewise.
	* conf/x86_64-efi.rmk (grub_emu_SOURCES): Likewise.
	* include/grub/auth.h: New file.
	* include/grub/err.h (grub_err_t): New enum value
	GRUB_ERR_ACCESS_DENIED.
	* include/grub/menu.h (grub_menu_entry): New fields 'restricted' and
	'users'.
	* include/grub/normal.h (grub_cmdline_get): New argument 'history'.
	* normal/cmdline.c (grub_cmdline_get): New argument 'history'. All
	users updated.
	* normal/auth.c: New file.
	* normal/main.c (grub_normal_add_menu_entry): Handle --users option.
	(grub_cmdline_run): Don't allow to go to command line without
	authentication.
	* normal/menu.c (grub_menu_execute_entry): Handle restricted entries.
	* normal/menu_entry.c (grub_menu_entry_run): Don't allow editing
	menuentry without superuser rights.
	* normal/menu_viewer.c (grub_menu_viewer_show_menu): Don't exit if
	user isn't a superuser.