aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--config.mk9
-rw-r--r--slock.c47
2 files changed, 15 insertions, 41 deletions
diff --git a/config.mk b/config.mk
index 3afc061..049305c 100644
--- a/config.mk
+++ b/config.mk
@@ -20,16 +20,11 @@ CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
20LDFLAGS = -s ${LIBS} 20LDFLAGS = -s ${LIBS}
21COMPATSRC = explicit_bzero.c 21COMPATSRC = explicit_bzero.c
22 22
23# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH 23# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS
24# On OpenBSD and Darwin remove -lcrypt from LIBS 24# On OpenBSD and Darwin remove -lcrypt from LIBS
25#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr 25#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr
26#CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_BSD_AUTH -D_BSD_SOURCE 26#CPPFLAGS = -DVERSION=\"${VERSION}\" -D_BSD_SOURCE
27#COMPATSRC = 27#COMPATSRC =
28 28
29# compiler and linker 29# compiler and linker
30CC = cc 30CC = cc
31
32# Install mode. On BSD systems MODE=2755 and GROUP=auth
33# On others MODE=4755 and GROUP=root
34#MODE=2755
35#GROUP=auth
diff --git a/slock.c b/slock.c
index 62a9841..da4b099 100644
--- a/slock.c
+++ b/slock.c
@@ -18,11 +18,6 @@
18#include <X11/Xlib.h> 18#include <X11/Xlib.h>
19#include <X11/Xutil.h> 19#include <X11/Xutil.h>
20 20
21#if HAVE_BSD_AUTH
22#include <login_cap.h>
23#include <bsd_auth.h>
24#endif
25
26#include "arg.h" 21#include "arg.h"
27#include "util.h" 22#include "util.h"
28 23
@@ -88,7 +83,6 @@ dontkillme(void)
88} 83}
89#endif 84#endif
90 85
91#ifndef HAVE_BSD_AUTH
92/* only run as root */ 86/* only run as root */
93static const char * 87static const char *
94getpw(void) 88getpw(void)
@@ -96,6 +90,7 @@ getpw(void)
96 const char *rval; 90 const char *rval;
97 struct passwd *pw; 91 struct passwd *pw;
98 92
93 /* Check if the current user has a password entry */
99 errno = 0; 94 errno = 0;
100 if (!(pw = getpwuid(getuid()))) { 95 if (!(pw = getpwuid(getuid()))) {
101 if (errno) 96 if (errno)
@@ -109,10 +104,20 @@ getpw(void)
109 if (rval[0] == 'x' && rval[1] == '\0') { 104 if (rval[0] == 'x' && rval[1] == '\0') {
110 struct spwd *sp; 105 struct spwd *sp;
111 if (!(sp = getspnam(getenv("USER")))) 106 if (!(sp = getspnam(getenv("USER"))))
112 die("slock: cannot retrieve shadow entry (make sure to suid or sgid slock)\n"); 107 die("slock: getspnam: cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
113 rval = sp->sp_pwdp; 108 rval = sp->sp_pwdp;
114 } 109 }
115#endif 110#else
111 if (rval[0] == '*' && rval[1] == '\0') {
112#ifdef __OpenBSD__
113 if (!(pw = getpwnam_shadow(getenv("USER"))))
114 die("slock: getpwnam_shadow: cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
115 rval = pw->pw_passwd;
116#else
117 die("slock: getpwuid: cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
118#endif /* __OpenBSD__ */
119 }
120#endif /* HAVE_SHADOW_H */
116 121
117 /* drop privileges */ 122 /* drop privileges */
118 if (geteuid() == 0 && 123 if (geteuid() == 0 &&
@@ -120,14 +125,9 @@ getpw(void)
120 die("slock: cannot drop privileges\n"); 125 die("slock: cannot drop privileges\n");
121 return rval; 126 return rval;
122} 127}
123#endif
124 128
125static void 129static void
126#ifdef HAVE_BSD_AUTH
127readpw(Display *dpy)
128#else
129readpw(Display *dpy, const char *pws) 130readpw(Display *dpy, const char *pws)
130#endif
131{ 131{
132 char buf[32], passwd[256], *encrypted; 132 char buf[32], passwd[256], *encrypted;
133 int num, screen, running, failure; 133 int num, screen, running, failure;
@@ -163,15 +163,11 @@ readpw(Display *dpy, const char *pws)
163 switch (ksym) { 163 switch (ksym) {
164 case XK_Return: 164 case XK_Return:
165 passwd[len] = 0; 165 passwd[len] = 0;
166#ifdef HAVE_BSD_AUTH
167 running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
168#else
169 errno = 0; 166 errno = 0;
170 if (!(encrypted = crypt(passwd, pws))) 167 if (!(encrypted = crypt(passwd, pws)))
171 fprintf(stderr, "slock: crypt: %s\n", strerror(errno)); 168 fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
172 else 169 else
173 running = !!strcmp(encrypted, pws); 170 running = !!strcmp(encrypted, pws);
174#endif
175 if (running) { 171 if (running) {
176 XBell(dpy, 100); 172 XBell(dpy, 100);
177 failure = True; 173 failure = True;
@@ -320,9 +316,7 @@ usage(void)
320 316
321int 317int
322main(int argc, char **argv) { 318main(int argc, char **argv) {
323#ifndef HAVE_BSD_AUTH
324 const char *pws; 319 const char *pws;
325#endif
326 Display *dpy; 320 Display *dpy;
327 int s, nlocks; 321 int s, nlocks;
328 322
@@ -338,20 +332,9 @@ main(int argc, char **argv) {
338 dontkillme(); 332 dontkillme();
339#endif 333#endif
340 334
341 /* Check if the current user has a password entry */
342 errno = 0;
343 if (!getpwuid(getuid())) {
344 if (errno == 0)
345 die("slock: no password entry for current user\n");
346 else
347 die("slock: getpwuid: %s\n", strerror(errno));
348 }
349
350#ifndef HAVE_BSD_AUTH
351 pws = getpw(); 335 pws = getpw();
352 if (strlen(pws) < 2) 336 if (strlen(pws) < 2)
353 die("slock: failed to get user password hash.\n"); 337 die("slock: failed to get user password hash.\n");
354#endif
355 338
356 if (!(dpy = XOpenDisplay(NULL))) 339 if (!(dpy = XOpenDisplay(NULL)))
357 die("slock: cannot open display\n"); 340 die("slock: cannot open display\n");
@@ -396,11 +379,7 @@ main(int argc, char **argv) {
396 } 379 }
397 380
398 /* everything is now blank. Wait for the correct password */ 381 /* everything is now blank. Wait for the correct password */
399#ifdef HAVE_BSD_AUTH
400 readpw(dpy);
401#else
402 readpw(dpy, pws); 382 readpw(dpy, pws);
403#endif
404 383
405 /* password ok, unlock everything and quit */ 384 /* password ok, unlock everything and quit */
406 cleanup(dpy); 385 cleanup(dpy);