summaryrefslogtreecommitdiff
path: root/slock.c
Commit message (Collapse)AuthorAgeFilesLines
* fix CVE-2016-6866Markus Teich2016-08-311-2/+8
|
* Update bsd-auth string.Markus Teich2016-08-311-1/+1
| | | | Thanks to Hiltjo for discovering this.
* Exit as soon as possible on input grabbing errorQuentin Rameau2016-08-301-24/+20
| | | | | | We want to know at once if slock failed or not to lock the screen, not seing a black screen for a whole second (or two) and then die. Thanks to ^7heo for reporting this.
* Refactor main()FRIGN2016-08-221-31/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add arg.h and fix usage Given slock is suid we don't want to have half-measures in place to parse the arguments in case the code is changed in the future with somebody not paying enough attention. Also, fix the usage string output to be more consistent across the suckless toolbase and make it reflect the manpage entry. - Comments Use proper block comments and add/change them where necessary to help in studying the code. - Error messages Consistently prepend them with "slock:" and fix wording and do a proper cleanup before quitting (XCloseDisplay and free the locks), making the die() semantics consistent with st's. - getpwuid() error reporting Properly present an error message if getpwuid() fails. - fork() error reporting Properly present an error message if fork() fails. If we cannot close the connection within the fork context we abort the operation and report an error. - execvp() error handling If execvp fails, we cannot call die() afterwards as this implies calling exit(). We must use _exit() to prevent the libc from doing now "illegal" cleanup-work.
* clear passwords with explicit_bzeroHiltjo Posthuma2016-08-131-2/+6
| | | | | | | | | | | | | | | | Make sure to explicitly clear memory that is used for password input. memset is often optimized out by the compiler. Brought to attention by the OpenBSD community, see: https://marc.info/?t=146989502600003&r=1&w=2 Thread subject: x11/slock: clear passwords with explicit_bzero Changes: - explicit_bzero.c import from libressl-portable. - Makefile: add COMPATSRC for compatibility src. - config.mk: add separate *BSD section in config.mk to simply uncomment it on these platforms.
* Revert "No need for usage()"Markus Teich2016-02-151-2/+15
| | | | | | | | | | This reverts most of commit a6dc051e3744ce5b14c54d2d246d3e8258207e76 and fixes some related stuff: - keep spelling fixes from original commit - make -h and -v also work when followed by more arguments - any unknown flag prints usage - fix output of -v to display "slock: version 1.3" instead of "slock: slock-1.3"
* revert using argv0 and minor fixupMarkus Teich2016-02-151-9/+6
| | | | | | - use hardcoded "slock" instead of argv[0] - add "slock: " to fprintf calls, where it was missing - revert `argc--, argv++` shifting
* Use argv0 instead of passing "slock:" to die every timeFRIGN2016-02-141-12/+16
|
* No need for usage()FRIGN2016-02-141-14/+2
| | | | | | | | | | | | | | | | | There are 2 arguments why -v and -h are broken: 1) if you are running off git, -v will show the last stable release, effectively making this option useless. people running stable versions leave open an attack surface this way in case there are vulnerabilities found. 99% of the people are also using package managers to keep their software up to date, instead of running $TOOL -v to check how old it is. 2) -h is a sad excuse for not just looking at the manual page (man 1 slock). Given we accept a post_lock_command, we can't be as liberal and just intercept certain flags. I changed the manpage to reflect this change.
* Simplify the oom-taming-functionFRIGN2016-02-141-14/+6
| | | | | | | | | | | | There really is no need to source a defined variable from a linux header. The OOM-rank ranges from -1000 to 1000, so we can safely hardcode -1000, which is a sane thing to do given slock is suid and we don't want to play around too much here anyway. On another notice, let's not forget that this still is a shitty heuristic. The OOM-killer still can kill us (thus I also changed the wording in the error-message. We do not disable the OOM-killer, we're just hiding.
* update copyright year in -v outputMarkus Teich2016-02-111-1/+1
|
* add hint for suid to oom error messageMarkus Teich2016-01-291-1/+1
|
* error messages on grab failureMarkus Teich2016-01-181-14/+16
|
* code style fixMarkus Teich2016-01-181-18/+9
|
* add option to run command after screen is lockedMarkus Teich2015-12-261-2/+10
|
* Don't change to failure colour on successDavid Phillips2015-08-271-1/+1
|
* Slightly safer OOM killer disablement in linuxDavid Phillips2015-07-061-1/+12
|
* rework setting window colorMarkus Teich2015-05-081-10/+7
|
* consistently use () with sizeofMarkus Teich2015-05-081-2/+2
|
* Option to not show failure color on clearNick Currier2015-05-081-3/+6
|
* resize lockscreen window after Xrandr resizeMarkus Teich2015-04-011-2/+16
|
* Blank the screen with color 0, add third color for failed loginsDavid Phillips2015-04-011-9/+18
| | | | | | | | | | | | | | | - Adds another color in config.def.h, COLOR_INIT - Renames the colours from numerical ones to ones with meaningful names; COLOR_INPUT for when there is content in the input buffer and COLOR_EMPTY for when the input buffer has been cleared (backspaced or a failed attempt). - Ensures XFreeColors frees the right number of colours. This is now derived from the size of `Lock->colors` rather than being an integer literal. - Makes slock exhibit the behaviour described by Markus The default colours are the same as the ones slock currently uses, with the exception of the new color, which I have set to red, as it indicates someone has either failed an attempt to unlock, or that they have entered input and erased it all.
* applied Dimitris' style patch from Dec'14, with some minor modificationsAnselm R Garbe2015-01-271-52/+60
|
* fixed usage string1.2Anselm R Garbe2014-12-221-1/+1
|
* applied sin's patch and prepared new releaseAnselm R Garbe2014-12-221-0/+2
|
* end{pw,sp}ent() can only be called after get{pw,sp}ent()sin2014-11-091-2/+0
| | | | Calling them unconditionally can result in memory corruption.
* Only check errno if getpwuid() failssin2014-07-091-4/+6
| | | | Checking errno otherwise is unspecified.
* Add /etc/passwd supportFRIGN2014-06-091-2/+2
| | | | | Fix slock to work with /etc/passwd without /etc/shadow. while we're at it, remove an occurence of trailing whitespace.
* Set errno to 0 before getpwuid() and check it afterwardssin2014-01-291-1/+4
|
* applied Robert Schneider's Linux suggestions, also bumped version and ↵Anselm R Garbe2013-08-021-8/+28
| | | | updated LICENSE file's copyright notice
* applied andres' multi-slock fix, thanks for spotting this issuegarbeam@gmail.com2012-08-021-3/+14
|
* added Ben's password placeholder entry kludgeanselm@garbe.us2012-04-151-1/+1
|
* applied Eckehard Bern's dualcolor patch to slockanselm@garbe.us2012-03-171-5/+22
|
* select for SubstructureRedirectMask as wellanselm@garbe.us2012-02-091-0/+2
|
* fixed missing new linesanselm@garbe.us2012-02-091-2/+2
|
* typo fixanselm@garbe.us2012-02-051-1/+1
|
* added XRaiseWindow workaround when new clients are launchedanselm@garbe.us2012-02-051-51/+35
|
* applied Michaels patchgarbeam@gmail.com2012-01-241-2/+4
|
* added dummy error handler to prevent X from terminating slock just in caseanselm@garbe.us2012-01-221-8/+14
|
* applied Markus' patch to die in case /etc/passwd is unavailableAnselm R Garbe2011-04-211-0/+3
|
* applied Fernando Silveira's multiscreen patch for old style multihead setupsAnselm R Garbe2009-11-261-69/+151
|
* applied Ali Gholami Rudi's patch regarding DPMS timeout customization and ↵a@null2008-12-121-4/+9
| | | | persistence
* prepared releaseAnselm R Garbe2008-07-291-3/+4
|
* removed useless chars, prepared releaseAnselm R Garbe2008-07-291-8/+6
|
* s/d//Anselm R Garbe2008-04-091-1/+1
|
* yet another DPMS fix, still trying to prevent the error handlerAnselm R Garbe2008-04-091-1/+3
|
* fixed DPMS crashing issueAnselm R Garbe2008-04-081-3/+7
|
* applied two patches, BSD_AUTH patch and Gottox' DPMS support patch0.8Anselm R Garbe2008-02-221-4/+30
|
* removed Sander from -v by requestAnselm R. Garbe2007-11-251-1/+1
|
* next version will be 0.8Anselm R. Garbe2007-11-241-1/+3
|