aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Properly clear the last entered characterTobias Stoeckmann2017-03-251-1/+1
| | | | | | | | | | | | | When enter is pressed, passwd[len] will be set to '\0'. Pressing backspace is supposed to remove the last entered character. But currently, the clearing has an off-by-one, as in setting passwd[len] to '\0' just like enter would do. You can also verify it by imagining len=1 and that it's impossible to clear passwd[0] by pressing backspace with the current code. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* rm trailing whitespace in READMEMarkus Teich2016-11-231-1/+1
|
* syntax fixMarkus Teich2016-11-231-2/+4
|
* there can only be one window in the eventMarkus Teich2016-11-231-0/+1
|
* Fix resize with multiple monitors and portrait modeBob Uhl2016-11-231-2/+7
| | | | | | When connecting/disconnecting a portrait monitor, the XRRScreenChangeNotifyEvent height & width are reversed due to the XRandR rotation; detect this and DTRT.
* bump versionMarkus Teich2016-11-201-1/+1
|
* add arg.h and util.h to MakefileMarkus Teich2016-11-201-3/+3
|
* clarify colors in config.def.hMarkus Teich2016-11-201-4/+4
|
* move config.h inclusion after type declarationsMarkus Teich2016-11-201-2/+2
|
* Unboolify slock.cLaslo Hunhold2016-10-181-1/+1
|
* Use explicit strcmp() instead of inlining itFRIGN2016-10-101-2/+2
| | | | | Makes it a tad more readable; the previous "optimization" will be done by the compiler anyway.
* No need for oldc to be staticFRIGN2016-10-101-2/+2
|
* Use NUL character constant explicitlyFRIGN2016-10-101-2/+2
|
* Keep the line-lengths at bayFRIGN2016-10-101-28/+42
| | | | | This makes the code more readable and prevents wraparounds in the editor.
* Add a section on security considerationsFRIGN2016-09-281-0/+12
| | | | | The section on security considerations sheds some light on the problems that we can't solve within slock but which the user has to solve in his X configuration.
* remove confusing DPMS commentMarkus Teich2016-09-261-4/+0
| | | | | | | | | FRIGN on hackers@suckless.org: What has been bugging me for quite a while is this DPMS comment that was added there for no reason. Every sane mind would agree that fiddling with DPMS makes no sense whatsoever. When I slock, my screen turns off after 10 minutes. So, if I don't like that, I disable DPMS. If I do, I just fiddle around with my mouse a bit and get the slock promt.
* error out early on crypt() failMarkus Teich2016-09-231-2/+3
|
* Stop using $USER for shadow entriesFRIGN2016-09-231-2/+2
| | | | | | | | | | | | | | | | This was extremely bad practice, effectively making the program behave different depending on which architecture you are running it on. OpenBSD offers getpwuid_shadow, but there is no getspuid for getspnam, so we resort to using the pw_name entry in the struct passwd we filled earlier. This prevents slock from crashing when $USER is empty (easy to do). If you want to run slock as a different user, don't use $ USER="tom" slock but doas or sudo which were designed for this purpose.
* Rename getpw() and pws to gethash() and hashFRIGN2016-09-231-16/+16
|
* Remove cleanup and deglobalize and rework data structuresFRIGN2016-09-231-55/+23
| | | | | | | | | | | | | | | | | | | | | The cleanup removal is a joint-venture with Markus. We assume the X server does the cleanup, so we don't need it. The idea is that the fds are closed at exit and thus already indicate to the X server that the client has quit. Analogously the same applies to freeing memory sections previously allocated for the X server. We love XXXXXL burgers and therefore removed XUngrabPointer XUngrabKeyboard XFreeColors XFreePixmap XDestroyWindow Lines of Code. For a project like slock there is no need to carry around global state. By moving the three structures to main() it is now clear which functions modify which state, greatly improving the readability of the code, especially given slock is a suid program.
* config.mk: be more explicative about FLAGSQuentin Rameau2016-09-081-2/+4
| | | | Group each *FLAG with its description and add a NetBSD specific.
* Ensure Polyphemus-Mitigation and properly drop privilegesFRIGN2016-09-083-6/+30
| | | | | | | | | | | | | | | | | | | | | | | | | Don't hide privilege drops inside readpw() and actually make it configurable what you are dropping to in config.h. The privilege drop comes after opening the Display because the user "nobody" with "nogroup" can't do that. So why do I call this strategy the Polyphemus-Mitigation? """ After the giant returns in the evening and eats two more of the men, Odysseus offers Polyphemus some strong and undiluted wine given to him earlier on his journey. Drunk and unwary, the giant asks Odysseus his name, promising him a guest-gift if he answers. Odysseus tells him "Οὖτις", which means "nobody" and Polyphemus promises to eat this "Nobody" last of all. With that, he falls into a drunken sleep. Odysseus had meanwhile hardened a wooden stake in the fire and now drives it into Polyphemus' eye. When Polyphemus shouts for help from his fellow giants, saying that "Nobody" has hurt him, they think Polyphemus is being afflicted by divine power and recommend prayer as the answer. """ (source: https://en.wikipedia.org/wiki/Polyphemus)
* Unify how we check passwords between different OSesQuentin Rameau2016-09-072-41/+15
|
* make error message prefix consistentMarkus Teich2016-09-071-4/+4
|
* increasing for loops are idiomaticMarkus Teich2016-09-021-1/+1
|
* Localize running and failure inside readpw()Quentin Rameau2016-09-021-6/+4
| | | | They are only needed there, so don't make them global.
* Move screen unlocking inside cleanup()Quentin Rameau2016-09-021-9/+11
|
* Re-introduce the waiting loop for input grabbingQuentin Rameau2016-09-021-22/+38
| | | | | | | We actually “need” to wait a little for input to be released before locking for cases where slock is spawned from other graphical applications using keybindings. This undoes the misbehaviour I introduced in c2f9757, sorry for the mess.
* Add cleanup() to do free(locks) + XCloseDisplay()Quentin Rameau2016-09-021-6/+10
|
* Refactor dontkillme()FRIGN2016-08-311-7/+15
| | | | | | | | | | | | | | | - Use file pointers instead of raw I/O, inspired by Kernel code. - Use OOM_SCORE_ADJ_MIN from linux/oom.h instead of working with magic values. - Stricter error checking and descriptive error messages. The reasoning for using the constant rather than magic values lies in the fact that this ensures people get the message. With "-1000", a code reviewer would question if that is really the lowest possible number or just an arbitrary value. The kernel ABI probably won't change, but even in the case, we wouldn't have to modify the code. The OOM killer only is guaranteed to not kill you if you have OOM_SCORE_ADJ_MIN.
* Convert manpage to mandoc and fix usageFRIGN2016-08-312-29/+27
| | | | | | | | | In all honor, the previous usage was formally more correct, but for the sake of consistency across all the tools having the v-flag, I separated it from the command-string. Also, make use of the mandoc macros for the manpage. This makes it easier to maintain, extend and change in the future.
* fix CVE-2016-6866Markus Teich2016-08-311-2/+8
|
* Update bsd-auth string.Markus Teich2016-08-311-1/+1
| | | | Thanks to Hiltjo for discovering this.
* Exit as soon as possible on input grabbing errorQuentin Rameau2016-08-301-24/+20
| | | | | | We want to know at once if slock failed or not to lock the screen, not seing a black screen for a whole second (or two) and then die. Thanks to ^7heo for reporting this.
* Refactor main()FRIGN2016-08-222-31/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add arg.h and fix usage Given slock is suid we don't want to have half-measures in place to parse the arguments in case the code is changed in the future with somebody not paying enough attention. Also, fix the usage string output to be more consistent across the suckless toolbase and make it reflect the manpage entry. - Comments Use proper block comments and add/change them where necessary to help in studying the code. - Error messages Consistently prepend them with "slock:" and fix wording and do a proper cleanup before quitting (XCloseDisplay and free the locks), making the die() semantics consistent with st's. - getpwuid() error reporting Properly present an error message if getpwuid() fails. - fork() error reporting Properly present an error message if fork() fails. If we cannot close the connection within the fork context we abort the operation and report an error. - execvp() error handling If execvp fails, we cannot call die() afterwards as this implies calling exit(). We must use _exit() to prevent the libc from doing now "illegal" cleanup-work.
* clear passwords with explicit_bzeroHiltjo Posthuma2016-08-135-5/+34
| | | | | | | | | | | | | | | | Make sure to explicitly clear memory that is used for password input. memset is often optimized out by the compiler. Brought to attention by the OpenBSD community, see: https://marc.info/?t=146989502600003&r=1&w=2 Thread subject: x11/slock: clear passwords with explicit_bzero Changes: - explicit_bzero.c import from libressl-portable. - Makefile: add COMPATSRC for compatibility src. - config.mk: add separate *BSD section in config.mk to simply uncomment it on these platforms.
* Revert "No need for usage()"Markus Teich2016-02-152-5/+28
| | | | | | | | | | This reverts most of commit a6dc051e3744ce5b14c54d2d246d3e8258207e76 and fixes some related stuff: - keep spelling fixes from original commit - make -h and -v also work when followed by more arguments - any unknown flag prints usage - fix output of -v to display "slock: version 1.3" instead of "slock: slock-1.3"
* revert using argv0 and minor fixupMarkus Teich2016-02-151-9/+6
| | | | | | - use hardcoded "slock" instead of argv[0] - add "slock: " to fprintf calls, where it was missing - revert `argc--, argv++` shifting
* Use argv0 instead of passing "slock:" to die every timeFRIGN2016-02-141-12/+16
|
* No need for usage()FRIGN2016-02-142-31/+9
| | | | | | | | | | | | | | | | | There are 2 arguments why -v and -h are broken: 1) if you are running off git, -v will show the last stable release, effectively making this option useless. people running stable versions leave open an attack surface this way in case there are vulnerabilities found. 99% of the people are also using package managers to keep their software up to date, instead of running $TOOL -v to check how old it is. 2) -h is a sad excuse for not just looking at the manual page (man 1 slock). Given we accept a post_lock_command, we can't be as liberal and just intercept certain flags. I changed the manpage to reflect this change.
* Clarify config.def.hFRIGN2016-02-141-2/+4
| | | | Clear up the wording a bit and explain what failonclear means.
* Simplify the oom-taming-functionFRIGN2016-02-141-14/+6
| | | | | | | | | | | | There really is no need to source a defined variable from a linux header. The OOM-rank ranges from -1000 to 1000, so we can safely hardcode -1000, which is a sane thing to do given slock is suid and we don't want to play around too much here anyway. On another notice, let's not forget that this still is a shitty heuristic. The OOM-killer still can kill us (thus I also changed the wording in the error-message. We do not disable the OOM-killer, we're just hiding.
* add slock.1 man pageMarkus Teich2016-02-113-1/+38
|
* Update license yearFRIGN2016-02-111-1/+1
| | | | It actually was 2014 and not 2015.
* Don't forget the E-MailFRIGN2016-02-111-1/+1
|
* Add myself to LicenseFRIGN2016-02-111-0/+1
| | | | forgot that a while ago
* update copyright year in -v outputMarkus Teich2016-02-111-1/+1
|
* prepare 1.3 releaseMarkus Teich2016-02-112-1/+2
|
* remove .hgtagsMarkus Teich2016-02-111-10/+0
|
* add hint for suid to oom error messageMarkus Teich2016-01-291-1/+1
|