diff options
| author |  Drew DeVault <sir@cmpwn.com> | 2015-12-17 08:44:30 -0500 |
|---|---|---|
| committer | Drew DeVault <sir@cmpwn.com> | 2015-12-17 08:44:30 -0500 |
| commit | 9c141f0bf1f70e284d6bac1679d4bc56ebb93f5a (patch) | |
| tree | 18aa17139dd2aa66fd89002d1f186d755379ded5 /swaylock | |
| parent | Fix null dereference in swaybar (diff) | |
| download | sway-9c141f0bf1f70e284d6bac1679d4bc56ebb93f5a.tar.gz sway-9c141f0bf1f70e284d6bac1679d4bc56ebb93f5a.tar.zst sway-9c141f0bf1f70e284d6bac1679d4bc56ebb93f5a.zip | |
Implement PAM password verification in swaylock
Diffstat (limited to 'swaylock')
| -rw-r--r-- | swaylock/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | swaylock/main.c | 34 |
2 files changed, 36 insertions, 0 deletions
diff --git a/swaylock/CMakeLists.txt b/swaylock/CMakeLists.txt index 977cc2f7..306be80e 100644 --- a/swaylock/CMakeLists.txt +++ b/swaylock/CMakeLists.txt | |||
| @@ -4,6 +4,7 @@ include_directories( | |||
| 4 | ${CAIRO_INCLUDE_DIRS} | 4 | ${CAIRO_INCLUDE_DIRS} |
| 5 | ${GDK_PIXBUF_INCLUDE_DIRS} | 5 | ${GDK_PIXBUF_INCLUDE_DIRS} |
| 6 | ${PANGO_INCLUDE_DIRS} | 6 | ${PANGO_INCLUDE_DIRS} |
| 7 | ${PAM_INCLUDE_DIRS} | ||
| 7 | ) | 8 | ) |
| 8 | 9 | ||
| 9 | add_executable(swaylock | 10 | add_executable(swaylock |
| @@ -18,6 +19,7 @@ target_link_libraries(swaylock | |||
| 18 | ${CAIRO_LIBRARIES} | 19 | ${CAIRO_LIBRARIES} |
| 19 | ${GDK_PIXBUF_LIBRARIES} | 20 | ${GDK_PIXBUF_LIBRARIES} |
| 20 | ${PANGO_LIBRARIES} | 21 | ${PANGO_LIBRARIES} |
| 22 | ${PAM_LIBRARIES} | ||
| 21 | m | 23 | m |
| 22 | ) | 24 | ) |
| 23 | 25 | ||
diff --git a/swaylock/main.c b/swaylock/main.c index 95921d53..19993ce6 100644 --- a/swaylock/main.c +++ b/swaylock/main.c | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | #include "wayland-swaylock-client-protocol.h" | 1 | #include "wayland-swaylock-client-protocol.h" |
| 2 | #include <security/pam_appl.h> | ||
| 2 | #include <stdio.h> | 3 | #include <stdio.h> |
| 3 | #include <stdlib.h> | 4 | #include <stdlib.h> |
| 4 | #include <string.h> | 5 | #include <string.h> |
| @@ -29,6 +30,39 @@ void sway_terminate(void) { | |||
| 29 | exit(EXIT_FAILURE); | 30 | exit(EXIT_FAILURE); |
| 30 | } | 31 | } |
| 31 | 32 | ||
| 33 | struct pam_response *pam_reply; | ||
| 34 | |||
| 35 | int function_conversation(int num_msg, const struct pam_message **msg, | ||
| 36 | struct pam_response **resp, void *appdata_ptr) { | ||
| 37 | *resp = pam_reply; | ||
| 38 | return PAM_SUCCESS; | ||
| 39 | } | ||
| 40 | |||
| 41 | /** | ||
| 42 | * password will be zeroed out. | ||
| 43 | */ | ||
| 44 | bool verify_password(const char *username, char *password) { | ||
| 45 | const struct pam_conv local_conversation = { function_conversation, NULL }; | ||
| 46 | pam_handle_t *local_auth_handle = NULL; | ||
| 47 | int pam_err; | ||
| 48 | if ((pam_err = pam_start("swaylock", username, &local_conversation, &local_auth_handle)) != PAM_SUCCESS) { | ||
| 49 | sway_abort("PAM returned %d\n", pam_err); | ||
| 50 | } | ||
| 51 | pam_reply = (struct pam_response *)malloc(sizeof(struct pam_response)); | ||
| 52 | pam_reply[0].resp = password; | ||
| 53 | pam_reply[0].resp_retcode = 0; | ||
| 54 | if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { | ||
| 55 | memset(password, 0, strlen(password)); | ||
| 56 | return false; | ||
| 57 | } | ||
| 58 | if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { | ||
| 59 | memset(password, 0, strlen(password)); | ||
| 60 | return false; | ||
| 61 | } | ||
| 62 | memset(password, 0, strlen(password)); | ||
| 63 | return true; | ||
| 64 | } | ||
| 65 | |||
| 32 | void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t code, uint32_t codepoint) { | 66 | void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t code, uint32_t codepoint) { |
| 33 | sway_log(L_INFO, "notified of key %c", (char)codepoint); | 67 | sway_log(L_INFO, "notified of key %c", (char)codepoint); |
| 34 | } | 68 | } |