diff options
Diffstat (limited to 'swaylock/password.c')
-rw-r--r-- | swaylock/password.c | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/swaylock/password.c b/swaylock/password.c index 7c686b34..6a956bcb 100644 --- a/swaylock/password.c +++ b/swaylock/password.c | |||
@@ -1,7 +1,6 @@ | |||
1 | #define _XOPEN_SOURCE 500 | 1 | #define _XOPEN_SOURCE 500 |
2 | #include <assert.h> | 2 | #include <assert.h> |
3 | #include <pwd.h> | 3 | #include <pwd.h> |
4 | #include <security/pam_appl.h> | ||
5 | #include <stdlib.h> | 4 | #include <stdlib.h> |
6 | #include <string.h> | 5 | #include <string.h> |
7 | #include <unistd.h> | 6 | #include <unistd.h> |
@@ -11,27 +10,6 @@ | |||
11 | #include "swaylock/seat.h" | 10 | #include "swaylock/seat.h" |
12 | #include "unicode.h" | 11 | #include "unicode.h" |
13 | 12 | ||
14 | static int function_conversation(int num_msg, const struct pam_message **msg, | ||
15 | struct pam_response **resp, void *data) { | ||
16 | struct swaylock_password *pw = data; | ||
17 | /* PAM expects an array of responses, one for each message */ | ||
18 | struct pam_response *pam_reply = calloc( | ||
19 | num_msg, sizeof(struct pam_response)); | ||
20 | *resp = pam_reply; | ||
21 | for (int i = 0; i < num_msg; ++i) { | ||
22 | switch (msg[i]->msg_style) { | ||
23 | case PAM_PROMPT_ECHO_OFF: | ||
24 | case PAM_PROMPT_ECHO_ON: | ||
25 | pam_reply[i].resp = strdup(pw->buffer); // PAM clears and frees this | ||
26 | break; | ||
27 | case PAM_ERROR_MSG: | ||
28 | case PAM_TEXT_INFO: | ||
29 | break; | ||
30 | } | ||
31 | } | ||
32 | return PAM_SUCCESS; | ||
33 | } | ||
34 | |||
35 | void clear_password_buffer(struct swaylock_password *pw) { | 13 | void clear_password_buffer(struct swaylock_password *pw) { |
36 | // Use volatile keyword so so compiler can't optimize this out. | 14 | // Use volatile keyword so so compiler can't optimize this out. |
37 | volatile char *buffer = pw->buffer; | 15 | volatile char *buffer = pw->buffer; |
@@ -42,35 +20,6 @@ void clear_password_buffer(struct swaylock_password *pw) { | |||
42 | pw->len = 0; | 20 | pw->len = 0; |
43 | } | 21 | } |
44 | 22 | ||
45 | static bool attempt_password(struct swaylock_password *pw) { | ||
46 | struct passwd *passwd = getpwuid(getuid()); | ||
47 | char *username = passwd->pw_name; | ||
48 | const struct pam_conv local_conversation = { | ||
49 | function_conversation, pw | ||
50 | }; | ||
51 | pam_handle_t *local_auth_handle = NULL; | ||
52 | int pam_err; | ||
53 | // TODO: only call pam_start once. keep the same handle the whole time | ||
54 | if ((pam_err = pam_start("swaylock", username, | ||
55 | &local_conversation, &local_auth_handle)) != PAM_SUCCESS) { | ||
56 | wlr_log(WLR_ERROR, "PAM returned error %d", pam_err); | ||
57 | } | ||
58 | if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { | ||
59 | wlr_log(WLR_ERROR, "pam_authenticate failed"); | ||
60 | goto fail; | ||
61 | } | ||
62 | // TODO: only call pam_end once we succeed at authing. refresh tokens beforehand | ||
63 | if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { | ||
64 | wlr_log(WLR_ERROR, "pam_end failed"); | ||
65 | goto fail; | ||
66 | } | ||
67 | clear_password_buffer(pw); | ||
68 | return true; | ||
69 | fail: | ||
70 | clear_password_buffer(pw); | ||
71 | return false; | ||
72 | } | ||
73 | |||
74 | static bool backspace(struct swaylock_password *pw) { | 23 | static bool backspace(struct swaylock_password *pw) { |
75 | if (pw->len != 0) { | 24 | if (pw->len != 0) { |
76 | pw->buffer[--pw->len] = 0; | 25 | pw->buffer[--pw->len] = 0; |