summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Drew DeVault <sir@cmpwn.com>2016-01-25 13:28:39 -0500
committerLibravatar Drew DeVault <sir@cmpwn.com>2016-01-25 13:28:39 -0500
commitbbd6c5be91a91b827084683f38796d0dca4106ac (patch)
treeaacdaa4239c24a8bd4c0bb313b43dfd157007e45
parentswaybar: Fix plaintext handling. (diff)
parentswaylock: don't memset memory that has been freed (diff)
downloadsway-bbd6c5be91a91b827084683f38796d0dca4106ac.tar.gz
sway-bbd6c5be91a91b827084683f38796d0dca4106ac.tar.zst
sway-bbd6c5be91a91b827084683f38796d0dca4106ac.zip
Merge pull request #474 from christophgysin/swaylock_pam
swaylock pam fixes
Diffstat
-rw-r--r--swaylock/main.c42
1 files changed, 33 insertions, 9 deletions
diff --git a/swaylock/main.c b/swaylock/main.c
index c01445e7..9530b6dc 100644
--- a/swaylock/main.c
+++ b/swaylock/main.c
@@ -36,18 +36,46 @@ void sway_terminate(void) {
36} 36}
37 37
38char *password; 38char *password;
39struct pam_response *pam_reply;
40 39
41int function_conversation(int num_msg, const struct pam_message **msg, 40int function_conversation(int num_msg, const struct pam_message **msg,
42 struct pam_response **resp, void *appdata_ptr) { 41 struct pam_response **resp, void *appdata_ptr) {
42
43 const char* msg_style_names[] = {
44 NULL,
45 "PAM_PROMPT_ECHO_OFF",
46 "PAM_PROMPT_ECHO_ON",
47 "PAM_ERROR_MSG",
48 "PAM_TEXT_INFO",
49 };
50
51 /* PAM expects an array of responses, one for each message */
52 struct pam_response *pam_reply = calloc(num_msg, sizeof(struct pam_response));
43 *resp = pam_reply; 53 *resp = pam_reply;
54
55 for(int i=0; i<num_msg; ++i) {
56 sway_log(L_DEBUG, "msg[%d]: (%s) %s", i,
57 msg_style_names[msg[i]->msg_style],
58 msg[i]->msg);
59
60 switch (msg[i]->msg_style) {
61 case PAM_PROMPT_ECHO_OFF:
62 case PAM_PROMPT_ECHO_ON:
63 pam_reply[i].resp = password;
64 break;
65
66 case PAM_ERROR_MSG:
67 case PAM_TEXT_INFO:
68 break;
69 }
70 }
71
44 return PAM_SUCCESS; 72 return PAM_SUCCESS;
45} 73}
46 74
47/** 75/**
48 * password will be zeroed out. 76 * password will be zeroed out.
49 */ 77 */
50bool verify_password(char *password) { 78bool verify_password() {
51 struct passwd *passwd = getpwuid(getuid()); 79 struct passwd *passwd = getpwuid(getuid());
52 char *username = passwd->pw_name; 80 char *username = passwd->pw_name;
53 81
@@ -57,18 +85,12 @@ bool verify_password(char *password) {
57 if ((pam_err = pam_start("swaylock", username, &local_conversation, &local_auth_handle)) != PAM_SUCCESS) { 85 if ((pam_err = pam_start("swaylock", username, &local_conversation, &local_auth_handle)) != PAM_SUCCESS) {
58 sway_abort("PAM returned %d\n", pam_err); 86 sway_abort("PAM returned %d\n", pam_err);
59 } 87 }
60 pam_reply = (struct pam_response *)malloc(sizeof(struct pam_response));
61 pam_reply[0].resp = password;
62 pam_reply[0].resp_retcode = 0;
63 if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { 88 if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) {
64 memset(password, 0, strlen(password));
65 return false; 89 return false;
66 } 90 }
67 if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { 91 if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) {
68 memset(password, 0, strlen(password));
69 return false; 92 return false;
70 } 93 }
71 memset(password, 0, strlen(password));
72 return true; 94 return true;
73} 95}
74 96
@@ -76,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod
76 if (state == WL_KEYBOARD_KEY_STATE_PRESSED) { 98 if (state == WL_KEYBOARD_KEY_STATE_PRESSED) {
77 switch (sym) { 99 switch (sym) {
78 case XKB_KEY_Return: 100 case XKB_KEY_Return:
79 if (verify_password(password)) { 101 if (verify_password()) {
80 exit(0); 102 exit(0);
81 } 103 }
104 password = malloc(1024); // TODO: Let this grow
105 password[0] = '\0';
82 break; 106 break;
83 default: 107 default:
84 { 108 {
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 12:04:58 +0000