Commit Graph

100 Commits

Author SHA1 Message Date
Markus Teich 9698224090 make error message prefix consistent 2016-09-07 10:04:06 +02:00
Markus Teich a55594fdd6 increasing for loops are idiomatic 2016-09-02 11:49:02 +02:00
Quentin Rameau 03a8717991 Localize running and failure inside readpw()
They are only needed there, so don't make them global.
2016-09-02 10:50:32 +02:00
Quentin Rameau 39fb855aa1 Move screen unlocking inside cleanup() 2016-09-02 10:50:32 +02:00
Quentin Rameau e378f735d8 Re-introduce the waiting loop for input grabbing
We actually “need” to wait a little for input to be released before
locking for cases where slock is spawned from other graphical
applications using keybindings.
This undoes the misbehaviour I introduced in c2f9757, sorry for the mess.
2016-09-02 10:50:32 +02:00
Quentin Rameau 1f66885fbf Add cleanup() to do free(locks) + XCloseDisplay() 2016-09-02 10:50:32 +02:00
FRIGN 137f0076c2 Refactor dontkillme()
- Use file pointers instead of raw I/O, inspired by Kernel code.
- Use OOM_SCORE_ADJ_MIN from linux/oom.h instead of working with
  magic values.
- Stricter error checking and descriptive error messages.

The reasoning for using the constant rather than magic values lies
in the fact that this ensures people get the message.
With "-1000", a code reviewer would question if that is really the
lowest possible number or just an arbitrary value.
The kernel ABI probably won't change, but even in the case, we wouldn't
have to modify the code. The OOM killer only is guaranteed to not
kill you if you have OOM_SCORE_ADJ_MIN.
2016-08-31 01:06:44 +02:00
FRIGN a9eddbd94f Convert manpage to mandoc and fix usage
In all honor, the previous usage was formally more correct, but for the
sake of consistency across all the tools having the v-flag, I separated
it from the command-string.

Also, make use of the mandoc macros for the manpage. This makes it
easier to maintain, extend and change in the future.
2016-08-31 01:04:11 +02:00
Markus Teich d8bec0f6fd fix CVE-2016-6866 2016-08-31 00:59:06 +02:00
Markus Teich b87bfa2343 Update bsd-auth string.
Thanks to Hiltjo for discovering this.
2016-08-31 00:56:13 +02:00
Quentin Rameau c2f975773d Exit as soon as possible on input grabbing error
We want to know at once if slock failed or not to lock the screen, not
seing a black screen for a whole second (or two) and then die.
Thanks to ^7heo for reporting this.
2016-08-30 19:54:26 +02:00
FRIGN 3bb868e408 Refactor main()
- Add arg.h and fix usage
	Given slock is suid we don't want to have half-measures in place to
	parse the arguments in case the code is changed in the future with
	somebody not paying enough attention.

	Also, fix the usage string output to be more consistent across the
	suckless toolbase and make it reflect the manpage entry.

- Comments
	Use proper block comments and add/change them where necessary
	to help in studying the code.

- Error messages
	Consistently prepend them with "slock:" and fix wording and
	do a proper cleanup before quitting (XCloseDisplay and free
	the locks), making the die() semantics consistent with st's.

- getpwuid() error reporting
	Properly present an error message if getpwuid() fails.

- fork() error reporting
	Properly present an error message if fork() fails. If we cannot
	close the connection within the fork context we abort the
	operation and report an error.

- execvp() error handling
	If execvp fails, we cannot call die() afterwards as this implies
	calling exit(). We must use _exit() to prevent the libc from
	doing now "illegal" cleanup-work.
2016-08-22 23:22:20 +02:00
Hiltjo Posthuma a7afade170 clear passwords with explicit_bzero
Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.

Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero

Changes:

- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
  these platforms.
2016-08-13 09:58:00 +02:00
Markus Teich 65b8d52788 Revert "No need for usage()"
This reverts most of commit a6dc051e37 and fixes
some related stuff:

- keep spelling fixes from original commit
- make -h and -v also work when followed by more arguments
- any unknown flag prints usage
- fix output of -v to display "slock: version 1.3" instead of "slock: slock-1.3"
2016-02-15 14:25:17 +01:00
Markus Teich ec46680fe1 revert using argv0 and minor fixup
- use hardcoded "slock" instead of argv[0]
- add "slock: " to fprintf calls, where it was missing
- revert `argc--, argv++` shifting
2016-02-15 14:00:56 +01:00
FRIGN b02c4d452a Use argv0 instead of passing "slock:" to die every time 2016-02-14 02:13:54 +01:00
FRIGN a6dc051e37 No need for usage()
There are 2 arguments why -v and -h are broken:

	1) if you are running off git, -v will show the last stable
           release, effectively making this option useless.
           people running stable versions leave open an attack surface
           this way in case there are vulnerabilities found.
           99% of the people are also using package managers to keep
           their software up to date, instead of running $TOOL -v to
           check how old it is.
        2) -h is a sad excuse for not just looking at the manual page
           (man 1 slock). Given we accept a post_lock_command, we can't
           be as liberal and just intercept certain flags.

I changed the manpage to reflect this change.
2016-02-14 02:00:14 +01:00
FRIGN bdcbeab0d8 Clarify config.def.h
Clear up the wording a bit and explain what failonclear means.
2016-02-14 01:33:18 +01:00
FRIGN 3abbffa493 Simplify the oom-taming-function
There really is no need to source a defined variable from a linux
header. The OOM-rank ranges from -1000 to 1000, so we can safely
hardcode -1000, which is a sane thing to do given slock is suid and
we don't want to play around too much here anyway.

On another notice, let's not forget that this still is a shitty
heuristic. The OOM-killer still can kill us (thus I also changed
the wording in the error-message. We do not disable the OOM-killer,
we're just hiding.
2016-02-14 01:28:37 +01:00
Markus Teich 6a52a85a1a add slock.1 man page 2016-02-11 16:51:12 +01:00
FRIGN c28ac1ebf1 Update license year
It actually was 2014 and not 2015.
2016-02-11 16:30:52 +01:00
FRIGN aa6a385341 Don't forget the E-Mail 2016-02-11 16:29:26 +01:00
FRIGN 6adeb1281e Add myself to License
forgot that a while ago
2016-02-11 16:28:41 +01:00
Markus Teich f6582b68b0 update copyright year in -v output 2016-02-11 16:26:12 +01:00
Markus Teich bfafc91da7 prepare 1.3 release 2016-02-11 16:23:48 +01:00
Markus Teich 32149e4043 remove .hgtags 2016-02-11 16:22:34 +01:00
Markus Teich 1766ecdfd4 add hint for suid to oom error message 2016-01-29 22:11:18 +01:00
Markus Teich 9dfe0ce531 error messages on grab failure 2016-01-18 16:49:15 +01:00
Markus Teich 55e827af0f code style fix 2016-01-18 16:47:41 +01:00
Markus Teich e867c38123 add option to run command after screen is locked 2015-12-26 19:27:01 +01:00
David Phillips b95ee111c7 Don't change to failure colour on success 2015-08-27 06:16:25 +02:00
David Phillips 0edbd2e016 Slightly safer OOM killer disablement in linux 2015-07-06 11:15:07 +02:00
Markus Teich 754195f8d7 rework setting window color 2015-05-08 18:07:05 +02:00
Markus Teich 10d4e479c5 consistently use () with sizeof 2015-05-08 16:44:18 +02:00
Nick Currier b1289f30b7 Option to not show failure color on clear 2015-05-08 16:44:06 +02:00
Markus Teich f5ef1b8eb5 resize lockscreen window after Xrandr resize 2015-04-01 23:25:47 +02:00
David Phillips f2ea92c3dd Blank the screen with color 0, add third color for failed logins
- Adds another color in config.def.h, COLOR_INIT
- Renames the colours from numerical ones to ones with meaningful names;
  COLOR_INPUT for when there is content in the input buffer and COLOR_EMPTY
  for when the input buffer has been cleared (backspaced or a failed attempt).
- Ensures XFreeColors frees the right number of colours. This is now derived
  from the size of `Lock->colors` rather than being an integer literal.
- Makes slock exhibit the behaviour described by Markus

The default colours are the same as the ones slock currently uses, with the
exception of the new color, which I have set to red, as it indicates someone
has either failed an attempt to unlock, or that they have entered input and
erased it all.
2015-04-01 23:13:11 +02:00
Anselm R Garbe a31b919111 applied Dimitris' style patch from Dec'14, with some minor modifications 2015-01-27 22:16:52 +01:00
Anselm R Garbe 66e31556db fixed usage string 2014-12-22 11:17:45 +01:00
Anselm R Garbe 44ce161c13 applied sin's patch and prepared new release 2014-12-22 11:16:26 +01:00
sin 4339b507af end{pw,sp}ent() can only be called after get{pw,sp}ent()
Calling them unconditionally can result in memory corruption.
2014-11-09 13:10:02 +00:00
sin 8745098fa4 Only check errno if getpwuid() fails
Checking errno otherwise is unspecified.
2014-07-09 14:41:32 +01:00
FRIGN 9db14b10dd Add /etc/passwd support
Fix slock to work with /etc/passwd without /etc/shadow.
while we're at it, remove an occurence of trailing whitespace.
2014-06-09 19:14:31 +01:00
sin 6a55128354 Set errno to 0 before getpwuid() and check it afterwards 2014-01-29 14:19:35 +00:00
Anselm R Garbe ba3acfc0dc applied Robert Schneider's Linux suggestions, also bumped version and updated LICENSE file's copyright notice 2013-08-02 22:11:18 +02:00
anselm@garbe.us 3092d3b314 prepared 1.1 2012-10-25 20:59:50 +02:00
garbeam@gmail.com d276b9b0e0 applied andres' multi-slock fix, thanks for spotting this issue 2012-08-02 21:54:18 +02:00
anselm@garbe.us 4b4fcca1bc added Ben's password placeholder entry kludge 2012-04-15 11:58:16 +02:00
anselm@garbe.us c1507cd225 applied Eckehard Bern's dualcolor patch to slock 2012-03-17 18:03:25 +01:00
anselm@garbe.us 88d9684966 Added tag 1.0 for changeset 05b949016e85 2012-02-11 10:51:31 +01:00