diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 2e4419b..0000000 --- a/LICENSE +++ /dev/null @@ -1,24 +0,0 @@ -MIT/X Consortium License - -© 2015-2016 Markus Teich -© 2014 Dimitris Papastamos -© 2006-2014 Anselm R Garbe -© 2014-2016 Laslo Hunhold - -Permission is hereby granted, free of charge, to any person obtaining a -copy of this software and associated documentation files (the "Software"), -to deal in the Software without restriction, including without limitation -the rights to use, copy, modify, merge, publish, distribute, sublicense, -and/or sell copies of the Software, and to permit persons to whom the -Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL -THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/Makefile b/Makefile deleted file mode 100644 index f4ffbb7..0000000 --- a/Makefile +++ /dev/null @@ -1,61 +0,0 @@ -# slock - simple screen locker -# See LICENSE file for copyright and license details. - -include config.mk - -SRC = slock.c ${COMPATSRC} -OBJ = ${SRC:.c=.o} - -all: options slock - -options: - @echo slock build options: - @echo "CFLAGS = ${CFLAGS}" - @echo "LDFLAGS = ${LDFLAGS}" - @echo "CC = ${CC}" - -.c.o: - @echo CC $< - @${CC} -c ${CFLAGS} $< - -${OBJ}: config.h config.mk arg.h util.h - -config.h: - @echo creating $@ from config.def.h - @cp config.def.h $@ - -slock: ${OBJ} - @echo CC -o $@ - @${CC} -o $@ ${OBJ} ${LDFLAGS} - -clean: - @echo cleaning - @rm -f slock ${OBJ} slock-${VERSION}.tar.gz - -dist: clean - @echo creating dist tarball - @mkdir -p slock-${VERSION} - @cp -R LICENSE Makefile README slock.1 config.mk \ - ${SRC} explicit_bzero.c config.def.h arg.h util.h slock-${VERSION} - @tar -cf slock-${VERSION}.tar slock-${VERSION} - @gzip slock-${VERSION}.tar - @rm -rf slock-${VERSION} - -install: all - @echo installing executable file to ${DESTDIR}${PREFIX}/bin - @mkdir -p ${DESTDIR}${PREFIX}/bin - @cp -f slock ${DESTDIR}${PREFIX}/bin - @chmod 755 ${DESTDIR}${PREFIX}/bin/slock - @chmod u+s ${DESTDIR}${PREFIX}/bin/slock - @echo installing manual page to ${DESTDIR}${MANPREFIX}/man1 - @mkdir -p ${DESTDIR}${MANPREFIX}/man1 - @sed "s/VERSION/${VERSION}/g" ${DESTDIR}${MANPREFIX}/man1/slock.1 - @chmod 644 ${DESTDIR}${MANPREFIX}/man1/slock.1 - -uninstall: - @echo removing executable file from ${DESTDIR}${PREFIX}/bin - @rm -f ${DESTDIR}${PREFIX}/bin/slock - @echo removing manual page from ${DESTDIR}${MANPREFIX}/man1 - @rm -f ${DESTDIR}${MANPREFIX}/man1/slock.1 - -.PHONY: all options clean dist install uninstall diff --git a/README.md b/README.md deleted file mode 100644 index eb90766..0000000 --- a/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# slock -This is my patched version of slock. -This belongs to my larbs installation script, meaning it's supposed to work in the environment of the larbs-base-installation. - -## Patches -The list below shows the currently applied patches to this build. diff --git a/arg.h b/arg.h deleted file mode 100644 index 0b23c53..0000000 --- a/arg.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copy me if you can. - * by 20h - */ - -#ifndef ARG_H__ -#define ARG_H__ - -extern char *argv0; - -/* use main(int argc, char *argv[]) */ -#define ARGBEGIN for (argv0 = *argv, argv++, argc--;\ - argv[0] && argv[0][0] == '-'\ - && argv[0][1];\ - argc--, argv++) {\ - char argc_;\ - char **argv_;\ - int brk_;\ - if (argv[0][1] == '-' && argv[0][2] == '\0') {\ - argv++;\ - argc--;\ - break;\ - }\ - for (brk_ = 0, argv[0]++, argv_ = argv;\ - argv[0][0] && !brk_;\ - argv[0]++) {\ - if (argv_ != argv)\ - break;\ - argc_ = argv[0][0];\ - switch (argc_) - -/* Handles obsolete -NUM syntax */ -#define ARGNUM case '0':\ - case '1':\ - case '2':\ - case '3':\ - case '4':\ - case '5':\ - case '6':\ - case '7':\ - case '8':\ - case '9' - -#define ARGEND }\ - } - -#define ARGC() argc_ - -#define ARGNUMF() (brk_ = 1, estrtonum(argv[0], 0, INT_MAX)) - -#define EARGF(x) ((argv[0][1] == '\0' && argv[1] == NULL)?\ - ((x), abort(), (char *)0) :\ - (brk_ = 1, (argv[0][1] != '\0')?\ - (&argv[0][1]) :\ - (argc--, argv++, argv[0]))) - -#define ARGF() ((argv[0][1] == '\0' && argv[1] == NULL)?\ - (char *)0 :\ - (brk_ = 1, (argv[0][1] != '\0')?\ - (&argv[0][1]) :\ - (argc--, argv++, argv[0]))) - -#define LNGARG() &argv[0][0] - -#endif diff --git a/config.def.h b/config.def.h deleted file mode 100644 index 9855e21..0000000 --- a/config.def.h +++ /dev/null @@ -1,12 +0,0 @@ -/* user and group to drop privileges to */ -static const char *user = "nobody"; -static const char *group = "nogroup"; - -static const char *colorname[NUMCOLS] = { - [INIT] = "black", /* after initialization */ - [INPUT] = "#005577", /* during input */ - [FAILED] = "#CC3333", /* wrong password */ -}; - -/* treat a cleared input like a wrong password (color) */ -static const int failonclear = 1; diff --git a/config.h b/config.h deleted file mode 100644 index 27cc2d0..0000000 --- a/config.h +++ /dev/null @@ -1,12 +0,0 @@ -/* user and group to drop privileges to */ -static const char *user = "nobody"; -static const char *group = "nobody"; - -static const char *colorname[NUMCOLS] = { - [INIT] = "black", /* after initialization */ - [INPUT] = "#005577", /* during input */ - [FAILED] = "#CC3333", /* wrong password */ -}; - -/* treat a cleared input like a wrong password (color) */ -static const int failonclear = 1; diff --git a/config.mk b/config.mk deleted file mode 100644 index 74429ae..0000000 --- a/config.mk +++ /dev/null @@ -1,32 +0,0 @@ -# slock version -VERSION = 1.4 - -# Customize below to fit your system - -# paths -PREFIX = /usr/local -MANPREFIX = ${PREFIX}/share/man - -X11INC = /usr/X11R6/include -X11LIB = /usr/X11R6/lib - -# includes and libs -INCS = -I. -I/usr/include -I${X11INC} -LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr - -# flags -CPPFLAGS = -DVERSION=\"${VERSION}\" -D_DEFAULT_SOURCE -DHAVE_SHADOW_H -CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS} -LDFLAGS = -s ${LIBS} -COMPATSRC = explicit_bzero.c - -# On OpenBSD and Darwin remove -lcrypt from LIBS -#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr -# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS -# On NetBSD add -D_NETBSD_SOURCE to CPPFLAGS -#CPPFLAGS = -DVERSION=\"${VERSION}\" -D_BSD_SOURCE -D_NETBSD_SOURCE -# On OpenBSD set COMPATSRC to empty -#COMPATSRC = - -# compiler and linker -CC = cc diff --git a/explicit_bzero.c b/explicit_bzero.c deleted file mode 100644 index 3e33ca8..0000000 --- a/explicit_bzero.c +++ /dev/null @@ -1,19 +0,0 @@ -/* $OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */ -/* - * Public domain. - * Written by Matthew Dempsky. - */ - -#include - -__attribute__((weak)) void -__explicit_bzero_hook(void *buf, size_t len) -{ -} - -void -explicit_bzero(void *buf, size_t len) -{ - memset(buf, 0, len); - __explicit_bzero_hook(buf, len); -} diff --git a/slock.1 b/slock.1 deleted file mode 100644 index 82cdcd6..0000000 --- a/slock.1 +++ /dev/null @@ -1,39 +0,0 @@ -.Dd 2016-08-23 -.Dt SLOCK 1 -.Sh NAME -.Nm slock -.Nd simple X screen locker -.Sh SYNOPSIS -.Nm -.Op Fl v -.Op Ar cmd Op Ar arg ... -.Sh DESCRIPTION -.Nm -is a simple X screen locker. If provided, -.Ar cmd Op Ar arg ... -is executed after the screen has been locked. -.Sh OPTIONS -.Bl -tag -width Ds -.It Fl v -Print version information to stdout and exit. -.El -.Sh SECURITY CONSIDERATIONS -To make sure a locked screen can not be bypassed by switching VTs -or killing the X server with Ctrl+Alt+Backspace, it is recommended -to disable both in -.Xr xorg.conf 5 -for maximum security: -.Bd -literal -offset left -Section "ServerFlags" - Option "DontVTSwitch" "True" - Option "DontZap" "True" -EndSection -.Ed -.Sh EXAMPLES -$ -.Nm -/usr/sbin/s2ram -.Sh CUSTOMIZATION -.Nm -can be customized by creating a custom config.h from config.def.h and -(re)compiling the source code. This keeps it fast, secure and simple. diff --git a/slock.c b/slock.c deleted file mode 100644 index 5ae738c..0000000 --- a/slock.c +++ /dev/null @@ -1,395 +0,0 @@ -/* See LICENSE file for license details. */ -#define _XOPEN_SOURCE 500 -#if HAVE_SHADOW_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "arg.h" -#include "util.h" - -char *argv0; - -enum { - INIT, - INPUT, - FAILED, - NUMCOLS -}; - -struct lock { - int screen; - Window root, win; - Pixmap pmap; - unsigned long colors[NUMCOLS]; -}; - -struct xrandr { - int active; - int evbase; - int errbase; -}; - -#include "config.h" - -static void -die(const char *errstr, ...) -{ - va_list ap; - - va_start(ap, errstr); - vfprintf(stderr, errstr, ap); - va_end(ap); - exit(1); -} - -#ifdef __linux__ -#include -#include - -static void -dontkillme(void) -{ - FILE *f; - const char oomfile[] = "/proc/self/oom_score_adj"; - - if (!(f = fopen(oomfile, "w"))) { - if (errno == ENOENT) - return; - die("slock: fopen %s: %s\n", oomfile, strerror(errno)); - } - fprintf(f, "%d", OOM_SCORE_ADJ_MIN); - if (fclose(f)) { - if (errno == EACCES) - die("slock: unable to disable OOM killer. " - "Make sure to suid or sgid slock.\n"); - else - die("slock: fclose %s: %s\n", oomfile, strerror(errno)); - } -} -#endif - -static const char * -gethash(void) -{ - const char *hash; - struct passwd *pw; - - /* Check if the current user has a password entry */ - errno = 0; - if (!(pw = getpwuid(getuid()))) { - if (errno) - die("slock: getpwuid: %s\n", strerror(errno)); - else - die("slock: cannot retrieve password entry\n"); - } - hash = pw->pw_passwd; - -#if HAVE_SHADOW_H - if (!strcmp(hash, "x")) { - struct spwd *sp; - if (!(sp = getspnam(pw->pw_name))) - die("slock: getspnam: cannot retrieve shadow entry. " - "Make sure to suid or sgid slock.\n"); - hash = sp->sp_pwdp; - } -#else - if (!strcmp(hash, "*")) { -#ifdef __OpenBSD__ - if (!(pw = getpwuid_shadow(getuid()))) - die("slock: getpwnam_shadow: cannot retrieve shadow entry. " - "Make sure to suid or sgid slock.\n"); - hash = pw->pw_passwd; -#else - die("slock: getpwuid: cannot retrieve shadow entry. " - "Make sure to suid or sgid slock.\n"); -#endif /* __OpenBSD__ */ - } -#endif /* HAVE_SHADOW_H */ - - return hash; -} - -static void -readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens, - const char *hash) -{ - XRRScreenChangeNotifyEvent *rre; - char buf[32], passwd[256], *inputhash; - int num, screen, running, failure, oldc; - unsigned int len, color; - KeySym ksym; - XEvent ev; - - len = 0; - running = 1; - failure = 0; - oldc = INIT; - - while (running && !XNextEvent(dpy, &ev)) { - if (ev.type == KeyPress) { - explicit_bzero(&buf, sizeof(buf)); - num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0); - if (IsKeypadKey(ksym)) { - if (ksym == XK_KP_Enter) - ksym = XK_Return; - else if (ksym >= XK_KP_0 && ksym <= XK_KP_9) - ksym = (ksym - XK_KP_0) + XK_0; - } - if (IsFunctionKey(ksym) || - IsKeypadKey(ksym) || - IsMiscFunctionKey(ksym) || - IsPFKey(ksym) || - IsPrivateKeypadKey(ksym)) - continue; - switch (ksym) { - case XK_Return: - passwd[len] = '\0'; - errno = 0; - if (!(inputhash = crypt(passwd, hash))) - fprintf(stderr, "slock: crypt: %s\n", strerror(errno)); - else - running = !!strcmp(inputhash, hash); - if (running) { - XBell(dpy, 100); - failure = 1; - } - explicit_bzero(&passwd, sizeof(passwd)); - len = 0; - break; - case XK_Escape: - explicit_bzero(&passwd, sizeof(passwd)); - len = 0; - break; - case XK_BackSpace: - if (len) - passwd[--len] = '\0'; - break; - default: - if (num && !iscntrl((int)buf[0]) && - (len + num < sizeof(passwd))) { - memcpy(passwd + len, buf, num); - len += num; - } - break; - } - color = len ? INPUT : ((failure || failonclear) ? FAILED : INIT); - if (running && oldc != color) { - for (screen = 0; screen < nscreens; screen++) { - XSetWindowBackground(dpy, - locks[screen]->win, - locks[screen]->colors[color]); - XClearWindow(dpy, locks[screen]->win); - } - oldc = color; - } - } else if (rr->active && ev.type == rr->evbase + RRScreenChangeNotify) { - rre = (XRRScreenChangeNotifyEvent*)&ev; - for (screen = 0; screen < nscreens; screen++) { - if (locks[screen]->win == rre->window) { - if (rre->rotation == RR_Rotate_90 || - rre->rotation == RR_Rotate_270) - XResizeWindow(dpy, locks[screen]->win, - rre->height, rre->width); - else - XResizeWindow(dpy, locks[screen]->win, - rre->width, rre->height); - XClearWindow(dpy, locks[screen]->win); - break; - } - } - } else { - for (screen = 0; screen < nscreens; screen++) - XRaiseWindow(dpy, locks[screen]->win); - } - } -} - -static struct lock * -lockscreen(Display *dpy, struct xrandr *rr, int screen) -{ - char curs[] = {0, 0, 0, 0, 0, 0, 0, 0}; - int i, ptgrab, kbgrab; - struct lock *lock; - XColor color, dummy; - XSetWindowAttributes wa; - Cursor invisible; - - if (dpy == NULL || screen < 0 || !(lock = malloc(sizeof(struct lock)))) - return NULL; - - lock->screen = screen; - lock->root = RootWindow(dpy, lock->screen); - - for (i = 0; i < NUMCOLS; i++) { - XAllocNamedColor(dpy, DefaultColormap(dpy, lock->screen), - colorname[i], &color, &dummy); - lock->colors[i] = color.pixel; - } - - /* init */ - wa.override_redirect = 1; - wa.background_pixel = lock->colors[INIT]; - lock->win = XCreateWindow(dpy, lock->root, 0, 0, - DisplayWidth(dpy, lock->screen), - DisplayHeight(dpy, lock->screen), - 0, DefaultDepth(dpy, lock->screen), - CopyFromParent, - DefaultVisual(dpy, lock->screen), - CWOverrideRedirect | CWBackPixel, &wa); - lock->pmap = XCreateBitmapFromData(dpy, lock->win, curs, 8, 8); - invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap, - &color, &color, 0, 0); - XDefineCursor(dpy, lock->win, invisible); - - /* Try to grab mouse pointer *and* keyboard for 600ms, else fail the lock */ - for (i = 0, ptgrab = kbgrab = -1; i < 6; i++) { - if (ptgrab != GrabSuccess) { - ptgrab = XGrabPointer(dpy, lock->root, False, - ButtonPressMask | ButtonReleaseMask | - PointerMotionMask, GrabModeAsync, - GrabModeAsync, None, invisible, CurrentTime); - } - if (kbgrab != GrabSuccess) { - kbgrab = XGrabKeyboard(dpy, lock->root, True, - GrabModeAsync, GrabModeAsync, CurrentTime); - } - - /* input is grabbed: we can lock the screen */ - if (ptgrab == GrabSuccess && kbgrab == GrabSuccess) { - XMapRaised(dpy, lock->win); - if (rr->active) - XRRSelectInput(dpy, lock->win, RRScreenChangeNotifyMask); - - XSelectInput(dpy, lock->root, SubstructureNotifyMask); - return lock; - } - - /* retry on AlreadyGrabbed but fail on other errors */ - if ((ptgrab != AlreadyGrabbed && ptgrab != GrabSuccess) || - (kbgrab != AlreadyGrabbed && kbgrab != GrabSuccess)) - break; - - usleep(100000); - } - - /* we couldn't grab all input: fail out */ - if (ptgrab != GrabSuccess) - fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", - screen); - if (kbgrab != GrabSuccess) - fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", - screen); - return NULL; -} - -static void -usage(void) -{ - die("usage: slock [-v] [cmd [arg ...]]\n"); -} - -int -main(int argc, char **argv) { - struct xrandr rr; - struct lock **locks; - struct passwd *pwd; - struct group *grp; - uid_t duid; - gid_t dgid; - const char *hash; - Display *dpy; - int s, nlocks, nscreens; - - ARGBEGIN { - case 'v': - fprintf(stderr, "slock-"VERSION"\n"); - return 0; - default: - usage(); - } ARGEND - - /* validate drop-user and -group */ - errno = 0; - if (!(pwd = getpwnam(user))) - die("slock: getpwnam %s: %s\n", user, - errno ? strerror(errno) : "user entry not found"); - duid = pwd->pw_uid; - errno = 0; - if (!(grp = getgrnam(group))) - die("slock: getgrnam %s: %s\n", group, - errno ? strerror(errno) : "group entry not found"); - dgid = grp->gr_gid; - -#ifdef __linux__ - dontkillme(); -#endif - - hash = gethash(); - errno = 0; - if (!crypt("", hash)) - die("slock: crypt: %s\n", strerror(errno)); - - if (!(dpy = XOpenDisplay(NULL))) - die("slock: cannot open display\n"); - - /* drop privileges */ - if (setgroups(0, NULL) < 0) - die("slock: setgroups: %s\n", strerror(errno)); - if (setgid(dgid) < 0) - die("slock: setgid: %s\n", strerror(errno)); - if (setuid(duid) < 0) - die("slock: setuid: %s\n", strerror(errno)); - - /* check for Xrandr support */ - rr.active = XRRQueryExtension(dpy, &rr.evbase, &rr.errbase); - - /* get number of screens in display "dpy" and blank them */ - nscreens = ScreenCount(dpy); - if (!(locks = calloc(nscreens, sizeof(struct lock *)))) - die("slock: out of memory\n"); - for (nlocks = 0, s = 0; s < nscreens; s++) { - if ((locks[s] = lockscreen(dpy, &rr, s)) != NULL) - nlocks++; - else - break; - } - XSync(dpy, 0); - - /* did we manage to lock everything? */ - if (nlocks != nscreens) - return 1; - - /* run post-lock command */ - if (argc > 0) { - switch (fork()) { - case -1: - die("slock: fork failed: %s\n", strerror(errno)); - case 0: - if (close(ConnectionNumber(dpy)) < 0) - die("slock: close: %s\n", strerror(errno)); - execvp(argv[0], argv); - fprintf(stderr, "slock: execvp %s: %s\n", argv[0], strerror(errno)); - _exit(1); - } - } - - /* everything is now blank. Wait for the correct password */ - readpw(dpy, &rr, locks, nscreens, hash); - - return 0; -} diff --git a/util.h b/util.h deleted file mode 100644 index 6f748b8..0000000 --- a/util.h +++ /dev/null @@ -1,2 +0,0 @@ -#undef explicit_bzero -void explicit_bzero(void *, size_t);