mid-kid
/
i3lock-color
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

Implement PAM support (and retab! the file)

master
Michael Stapelberg 16 years ago
parent
ded5d6eed4
commit
715e46b45e
2 changed files with 171 additions and 157 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      config.mk
  2. 326
      i3lock.c

2
config.mk
View File

@ -13,7 +13,7 @@ MANDIR = $(DESTDIR)$(PREFIX)/share/man
# includes and libs # includes and libs
INCS = -I. -I/usr/include -I${X11INC} INCS = -I. -I/usr/include -I${X11INC}
LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 LIBS = -L/usr/lib -L${X11LIB} -lX11 -lpam
# flags # flags
CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H

326
i3lock.c
View File

@ -1,11 +1,22 @@
/* See LICENSE file for license details. */ /*
* vim:ts=8:expandtab
*
* i3lock - an improved version of slock
*
* i3lock © 2009 Michael Stapelberg and contributors
* slock © 2006-2008 Anselm R Garbe
*
* See file LICENSE for license information.
*
* Note that on any error (calloc is out of memory for example)
* we do not do anything so that the user can fix the error by
* himself (kill X to get more free memory or stop some other
* program using SSH/console).
*
*/
#define _XOPEN_SOURCE 500 #define _XOPEN_SOURCE 500
#if HAVE_SHADOW_H
#include <shadow.h>
#endif
#include <ctype.h> #include <ctype.h>
#include <pwd.h>
#include <stdarg.h> #include <stdarg.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
@ -15,161 +26,164 @@
#include <X11/keysym.h> #include <X11/keysym.h>
#include <X11/Xlib.h> #include <X11/Xlib.h>
#include <X11/Xutil.h> #include <X11/Xutil.h>
#include <stdbool.h>
#if HAVE_BSD_AUTH #include <security/pam_appl.h>
#include <login_cap.h>
#include <bsd_auth.h>
#endif
static void static char passwd[256];
die(const char *errstr, ...) {
va_list ap;
va_start(ap, errstr); static void die(const char *errstr, ...) {
vfprintf(stderr, errstr, ap); va_list ap;
va_end(ap);
exit(EXIT_FAILURE); va_start(ap, errstr);
vfprintf(stderr, errstr, ap);
va_end(ap);
exit(EXIT_FAILURE);
} }
#ifndef HAVE_BSD_AUTH /*
static const char * * Callback function for PAM. We only react on password request callbacks.
get_password() { /* only run as root */ *
const char *rval; */
struct passwd *pw; static int conv_callback(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr) {
if(geteuid() != 0) if (num_msg == 0)
die("slock: cannot retrieve password entry (make sure to suid slock)\n"); return 1;
pw = getpwuid(getuid());
endpwent(); /* PAM expects an arry of responses, one for each message */
rval = pw->pw_passwd; if ((*resp = calloc(num_msg, sizeof(struct pam_message))) == NULL) {
perror("calloc");
#if HAVE_SHADOW_H return 1;
{ }
struct spwd *sp;
sp = getspnam(getenv("USER")); for (int c = 0; c < num_msg; c++) {
endspent(); if (msg[c]->msg_style != PAM_PROMPT_ECHO_OFF &&
rval = sp->sp_pwdp; msg[c]->msg_style != PAM_PROMPT_ECHO_ON)
} continue;
#endif
/* return code is currently not used but should be set to zero */
/* drop privileges */ resp[c]->resp_retcode = 0;
if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) if ((resp[c]->resp = strdup(passwd)) == NULL) {
die("slock: cannot drop privileges\n"); perror("strdup");
return rval; return 1;
}
}
return 0;
} }
#endif
int main(int argc, char *argv[]) {
int char curs[] = {0, 0, 0, 0, 0, 0, 0, 0};
main(int argc, char **argv) { char buf[32];
char curs[] = {0, 0, 0, 0, 0, 0, 0, 0}; int num, screen;
char buf[32], passwd[256];
int num, screen; unsigned int len;
bool running = true;
#ifndef HAVE_BSD_AUTH Cursor invisible;
const char *pws; Display *dpy;
#endif KeySym ksym;
unsigned int len; Pixmap pmap;
Bool running = True; Window root, w;
Cursor invisible; XColor black, dummy;
Display *dpy; XEvent ev;
KeySym ksym; XSetWindowAttributes wa;
Pixmap pmap;
Window root, w; /* TODO: use getopt */
XColor black, dummy; if((argc == 2) && !strcmp("-v", argv[1]))
XEvent ev; die("i3lock-"VERSION", © 2009 Michael Stapelberg\n"
XSetWindowAttributes wa; "based on slock, which is © 2006-2008 Anselm R Garbe\n");
else if(argc != 1)
if((argc == 2) && !strcmp("-v", argv[1])) die("usage: i3lock [-v]\n");
die("i3lock-"VERSION", © 2009 Michael Stapelberg\n"
"based on slock, which is © 2006-2008 Anselm R Garbe\n"); pam_handle_t *handle;
else if(argc != 1)
die("usage: slock [-v]\n"); struct pam_conv conv;
conv.conv = conv_callback;
#ifndef HAVE_BSD_AUTH
pws = get_password(); int ret = pam_start("i3lock", getenv("USER"), &conv, &handle);
#endif printf("pam_start = %d\n", ret);
if (ret != PAM_SUCCESS)
if(!(dpy = XOpenDisplay(0))) die("error = %s\n", pam_strerror(handle, ret));
die("slock: cannot open display\n");
screen = DefaultScreen(dpy); if(!(dpy = XOpenDisplay(0)))
root = RootWindow(dpy, screen); die("slock: cannot open display\n");
screen = DefaultScreen(dpy);
if (fork() != 0) root = RootWindow(dpy, screen);
return 0;
if (fork() != 0)
/* init */ return 0;
wa.override_redirect = 1;
wa.background_pixel = WhitePixel(dpy, screen); /* init */
w = XCreateWindow(dpy, root, 0, 0, DisplayWidth(dpy, screen), DisplayHeight(dpy, screen), wa.override_redirect = 1;
0, DefaultDepth(dpy, screen), CopyFromParent, wa.background_pixel = WhitePixel(dpy, screen);
DefaultVisual(dpy, screen), CWOverrideRedirect | CWBackPixel, &wa); w = XCreateWindow(dpy, root, 0, 0, DisplayWidth(dpy, screen), DisplayHeight(dpy, screen),
XAllocNamedColor(dpy, DefaultColormap(dpy, screen), "black", &black, &dummy); 0, DefaultDepth(dpy, screen), CopyFromParent,
pmap = XCreateBitmapFromData(dpy, w, curs, 8, 8); DefaultVisual(dpy, screen), CWOverrideRedirect | CWBackPixel, &wa);
invisible = XCreatePixmapCursor(dpy, pmap, pmap, &black, &black, 0, 0); XAllocNamedColor(dpy, DefaultColormap(dpy, screen), "black", &black, &dummy);
XDefineCursor(dpy, w, invisible); pmap = XCreateBitmapFromData(dpy, w, curs, 8, 8);
XMapRaised(dpy, w); invisible = XCreatePixmapCursor(dpy, pmap, pmap, &black, &black, 0, 0);
for(len = 1000; len; len--) { XDefineCursor(dpy, w, invisible);
if(XGrabPointer(dpy, root, False, ButtonPressMask | ButtonReleaseMask | PointerMotionMask, XMapRaised(dpy, w);
GrabModeAsync, GrabModeAsync, None, invisible, CurrentTime) == GrabSuccess) for(len = 1000; len; len--) {
break; if(XGrabPointer(dpy, root, False, ButtonPressMask | ButtonReleaseMask | PointerMotionMask,
usleep(1000); GrabModeAsync, GrabModeAsync, None, invisible, CurrentTime) == GrabSuccess)
} break;
if((running = running && (len > 0))) { usleep(1000);
for(len = 1000; len; len--) { }
if(XGrabKeyboard(dpy, root, True, GrabModeAsync, GrabModeAsync, CurrentTime) if((running = running && (len > 0))) {
== GrabSuccess) for(len = 1000; len; len--) {
break; if(XGrabKeyboard(dpy, root, True, GrabModeAsync, GrabModeAsync, CurrentTime)
usleep(1000); == GrabSuccess)
} break;
running = (len > 0); usleep(1000);
} }
len = 0; running = (len > 0);
XSync(dpy, False); }
len = 0;
/* main event loop */ XSync(dpy, False);
while(running && !XNextEvent(dpy, &ev)) {
if(ev.type == KeyPress) { /* main event loop */
buf[0] = 0; while(running && !XNextEvent(dpy, &ev)) {
num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0); if(ev.type == KeyPress) {
if(IsKeypadKey(ksym)) { buf[0] = 0;
if(ksym == XK_KP_Enter) num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
ksym = XK_Return; if(IsKeypadKey(ksym)) {
else if(ksym >= XK_KP_0 && ksym <= XK_KP_9) if(ksym == XK_KP_Enter)
ksym = (ksym - XK_KP_0) + XK_0; ksym = XK_Return;
} else if(ksym >= XK_KP_0 && ksym <= XK_KP_9)
if(IsFunctionKey(ksym) || IsKeypadKey(ksym) ksym = (ksym - XK_KP_0) + XK_0;
|| IsMiscFunctionKey(ksym) || IsPFKey(ksym) }
|| IsPrivateKeypadKey(ksym)) if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
continue; || IsMiscFunctionKey(ksym) || IsPFKey(ksym)
switch(ksym) { || IsPrivateKeypadKey(ksym))
case XK_Return: continue;
passwd[len] = 0; switch(ksym) {
#ifdef HAVE_BSD_AUTH case XK_Return:
running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd); passwd[len] = 0;
#else if ((ret = pam_authenticate(handle, 0)) == PAM_SUCCESS)
running = strcmp(crypt(passwd, pws), pws); running = false;
#endif else fprintf(stderr, "PAM: %s\n", pam_strerror(handle, ret));
len = 0; len = 0;
break; break;
case XK_Escape: case XK_Escape:
len = 0; len = 0;
break; break;
case XK_BackSpace: case XK_BackSpace:
if(len) if (len > 0)
--len; len--;
break; break;
default: default:
if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) {
memcpy(passwd + len, buf, num); memcpy(passwd + len, buf, num);
len += num; len += num;
} }
break; break;
} }
} }
} }
XUngrabPointer(dpy, CurrentTime); XUngrabPointer(dpy, CurrentTime);
XFreePixmap(dpy, pmap); XFreePixmap(dpy, pmap);
XDestroyWindow(dpy, w); XDestroyWindow(dpy, w);
XCloseDisplay(dpy); XCloseDisplay(dpy);
return 0; return 0;
} }

Write Preview
Loading…
Cancel
Save