X-Git-Url: https://git.armaanb.net/?p=slock.git;a=blobdiff_plain;f=slock.c;h=2b06ca2a9c3b79c6ef7b9fe6fa2686edab91be7f;hp=210d5c85fabbffb7659cf95081d595a49fe8c449;hb=HEAD;hpb=3bb868e40873c568acdec74f7783c77f063aa396 diff --git a/slock.c b/slock.c index 210d5c8..2b06ca2 100644 --- a/slock.c +++ b/slock.c @@ -6,28 +6,28 @@ #include #include +#include #include #include #include #include #include #include +#include #include #include +#include #include #include #include -#if HAVE_BSD_AUTH -#include -#include -#endif - #include "arg.h" #include "util.h" char *argv0; +static time_t locktime; + enum { INIT, INPUT, @@ -35,22 +35,20 @@ enum { NUMCOLS }; -#include "config.h" - -typedef struct { +struct lock { int screen; Window root, win; Pixmap pmap; unsigned long colors[NUMCOLS]; -} Lock; +}; + +struct xrandr { + int active; + int evbase; + int errbase; +}; -static Lock **locks; -static int nscreens; -static Bool running = True; -static Bool failure = False; -static Bool rr; -static int rrevbase; -static int rrerrbase; +#include "config.h" static void die(const char *errstr, ...) @@ -65,79 +63,89 @@ die(const char *errstr, ...) #ifdef __linux__ #include +#include static void dontkillme(void) { - int fd; + FILE *f; + const char oomfile[] = "/proc/self/oom_score_adj"; - fd = open("/proc/self/oom_score_adj", O_WRONLY); - if (fd < 0 && errno == ENOENT) { - return; + if (!(f = fopen(oomfile, "w"))) { + if (errno == ENOENT) + return; + die("slock: fopen %s: %s\n", oomfile, strerror(errno)); } - if (fd < 0 || write(fd, "-1000\n", (sizeof("-1000\n") - 1)) != - (sizeof("-1000\n") - 1) || close(fd) != 0) { - die("can't tame the oom-killer. is suid or sgid set?\n"); + fprintf(f, "%d", OOM_SCORE_ADJ_MIN); + if (fclose(f)) { + if (errno == EACCES) + die("slock: unable to disable OOM killer. " + "Make sure to suid or sgid slock.\n"); + else + die("slock: fclose %s: %s\n", oomfile, strerror(errno)); } } #endif -#ifndef HAVE_BSD_AUTH -/* only run as root */ static const char * -getpw(void) +gethash(void) { - const char *rval; + const char *hash; struct passwd *pw; + /* Check if the current user has a password entry */ errno = 0; if (!(pw = getpwuid(getuid()))) { if (errno) - die("getpwuid: %s\n", strerror(errno)); + die("slock: getpwuid: %s\n", strerror(errno)); else - die("cannot retrieve password entry\n"); + die("slock: cannot retrieve password entry\n"); } - rval = pw->pw_passwd; + hash = pw->pw_passwd; #if HAVE_SHADOW_H - if (rval[0] == 'x' && rval[1] == '\0') { + if (!strcmp(hash, "x")) { struct spwd *sp; - if (!(sp = getspnam(getenv("USER")))) - die("cannot retrieve shadow entry (make sure to suid or sgid slock)\n"); - rval = sp->sp_pwdp; + if (!(sp = getspnam(pw->pw_name))) + die("slock: getspnam: cannot retrieve shadow entry. " + "Make sure to suid or sgid slock.\n"); + hash = sp->sp_pwdp; } -#endif +#else + if (!strcmp(hash, "*")) { +#ifdef __OpenBSD__ + if (!(pw = getpwuid_shadow(getuid()))) + die("slock: getpwnam_shadow: cannot retrieve shadow entry. " + "Make sure to suid or sgid slock.\n"); + hash = pw->pw_passwd; +#else + die("slock: getpwuid: cannot retrieve shadow entry. " + "Make sure to suid or sgid slock.\n"); +#endif /* __OpenBSD__ */ + } +#endif /* HAVE_SHADOW_H */ - /* drop privileges */ - if (geteuid() == 0 && - ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0)) - die("cannot drop privileges\n"); - return rval; + return hash; } -#endif static void -#ifdef HAVE_BSD_AUTH -readpw(Display *dpy) -#else -readpw(Display *dpy, const char *pws) -#endif +readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens, + const char *hash) { - char buf[32], passwd[256]; - int num, screen; + XRRScreenChangeNotifyEvent *rre; + char buf[32], passwd[256], *inputhash; + int num, screen, running, failure, oldc; unsigned int len, color; KeySym ksym; XEvent ev; - static int oldc = INIT; len = 0; - running = True; + running = 1; + failure = 0; + oldc = INIT; - /* As "slock" stands for "Simple X display locker", the DPMS settings - * had been removed and you can set it with "xset" or some other - * utility. This way the user can easily set a customized DPMS - * timeout. */ while (running && !XNextEvent(dpy, &ev)) { + running = !((time(NULL) - locktime < timetocancel) && (ev.type == MotionNotify)); if (ev.type == KeyPress) { explicit_bzero(&buf, sizeof(buf)); num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0); @@ -153,17 +161,33 @@ readpw(Display *dpy, const char *pws) IsPFKey(ksym) || IsPrivateKeypadKey(ksym)) continue; + if (ev.xkey.state & ControlMask) { + switch (ksym) { + case XK_u: + ksym = XK_Escape; + break; + case XK_m: + ksym = XK_Return; + break; + case XK_j: + ksym = XK_Return; + break; + case XK_h: + ksym = XK_BackSpace; + break; + } + } switch (ksym) { case XK_Return: - passwd[len] = 0; -#ifdef HAVE_BSD_AUTH - running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd); -#else - running = !!strcmp(crypt(passwd, pws), pws); -#endif + passwd[len] = '\0'; + errno = 0; + if (!(inputhash = crypt(passwd, hash))) + fprintf(stderr, "slock: crypt: %s\n", strerror(errno)); + else + running = !!strcmp(inputhash, hash); if (running) { XBell(dpy, 100); - failure = True; + failure = 1; } explicit_bzero(&passwd, sizeof(passwd)); len = 0; @@ -174,124 +198,145 @@ readpw(Display *dpy, const char *pws) break; case XK_BackSpace: if (len) - passwd[len--] = 0; + passwd[--len] = '\0'; break; default: - if (num && !iscntrl((int)buf[0]) && (len + num < sizeof(passwd))) { + if (num && !iscntrl((int)buf[0]) && + (len + num < sizeof(passwd))) { memcpy(passwd + len, buf, num); len += num; } break; } - color = len ? INPUT : (failure || failonclear ? FAILED : INIT); + color = len ? INPUT : ((failure || failonclear) ? FAILED : INIT); if (running && oldc != color) { for (screen = 0; screen < nscreens; screen++) { - XSetWindowBackground(dpy, locks[screen]->win, locks[screen]->colors[color]); + XSetWindowBackground(dpy, + locks[screen]->win, + locks[screen]->colors[color]); XClearWindow(dpy, locks[screen]->win); } oldc = color; } - } else if (rr && ev.type == rrevbase + RRScreenChangeNotify) { - XRRScreenChangeNotifyEvent *rre = (XRRScreenChangeNotifyEvent*)&ev; + } else if (rr->active && ev.type == rr->evbase + RRScreenChangeNotify) { + rre = (XRRScreenChangeNotifyEvent*)&ev; for (screen = 0; screen < nscreens; screen++) { if (locks[screen]->win == rre->window) { - XResizeWindow(dpy, locks[screen]->win, rre->width, rre->height); + if (rre->rotation == RR_Rotate_90 || + rre->rotation == RR_Rotate_270) + XResizeWindow(dpy, locks[screen]->win, + rre->height, rre->width); + else + XResizeWindow(dpy, locks[screen]->win, + rre->width, rre->height); XClearWindow(dpy, locks[screen]->win); + break; } } - } else for (screen = 0; screen < nscreens; screen++) - XRaiseWindow(dpy, locks[screen]->win); + } else { + for (screen = 0; screen < nscreens; screen++) + XRaiseWindow(dpy, locks[screen]->win); + } } } -static void -unlockscreen(Display *dpy, Lock *lock) -{ - if(dpy == NULL || lock == NULL) - return; - - XUngrabPointer(dpy, CurrentTime); - XFreeColors(dpy, DefaultColormap(dpy, lock->screen), lock->colors, NUMCOLS, 0); - XFreePixmap(dpy, lock->pmap); - XDestroyWindow(dpy, lock->win); - - free(lock); -} - -static Lock * -lockscreen(Display *dpy, int screen) +static struct lock * +lockscreen(Display *dpy, struct xrandr *rr, int screen) { char curs[] = {0, 0, 0, 0, 0, 0, 0, 0}; - unsigned int len; - int i; - Lock *lock; + int i, ptgrab, kbgrab; + struct lock *lock; XColor color, dummy; XSetWindowAttributes wa; Cursor invisible; - if (!running || dpy == NULL || screen < 0 || !(lock = malloc(sizeof(Lock)))) + if (dpy == NULL || screen < 0 || !(lock = malloc(sizeof(struct lock)))) return NULL; lock->screen = screen; lock->root = RootWindow(dpy, lock->screen); for (i = 0; i < NUMCOLS; i++) { - XAllocNamedColor(dpy, DefaultColormap(dpy, lock->screen), colorname[i], &color, &dummy); + XAllocNamedColor(dpy, DefaultColormap(dpy, lock->screen), + colorname[i], &color, &dummy); lock->colors[i] = color.pixel; } /* init */ wa.override_redirect = 1; wa.background_pixel = lock->colors[INIT]; - lock->win = XCreateWindow(dpy, lock->root, 0, 0, DisplayWidth(dpy, lock->screen), DisplayHeight(dpy, lock->screen), - 0, DefaultDepth(dpy, lock->screen), CopyFromParent, - DefaultVisual(dpy, lock->screen), CWOverrideRedirect | CWBackPixel, &wa); + lock->win = XCreateWindow(dpy, lock->root, 0, 0, + DisplayWidth(dpy, lock->screen), + DisplayHeight(dpy, lock->screen), + 0, DefaultDepth(dpy, lock->screen), + CopyFromParent, + DefaultVisual(dpy, lock->screen), + CWOverrideRedirect | CWBackPixel, &wa); lock->pmap = XCreateBitmapFromData(dpy, lock->win, curs, 8, 8); - invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap, &color, &color, 0, 0); + invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap, + &color, &color, 0, 0); XDefineCursor(dpy, lock->win, invisible); - XMapRaised(dpy, lock->win); - if (rr) - XRRSelectInput(dpy, lock->win, RRScreenChangeNotifyMask); - - /* Try to grab mouse pointer *and* keyboard, else fail the lock */ - for (len = 1000; len; len--) { - if (XGrabPointer(dpy, lock->root, False, ButtonPressMask | ButtonReleaseMask | PointerMotionMask, - GrabModeAsync, GrabModeAsync, None, invisible, CurrentTime) == GrabSuccess) - break; - usleep(1000); - } - if (!len) { - fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", screen); - } else { - for (len = 1000; len; len--) { - if (XGrabKeyboard(dpy, lock->root, True, GrabModeAsync, GrabModeAsync, CurrentTime) == GrabSuccess) { - /* everything fine, we grabbed both inputs */ - XSelectInput(dpy, lock->root, SubstructureNotifyMask); - return lock; - } - usleep(1000); + + /* Try to grab mouse pointer *and* keyboard for 600ms, else fail the lock */ + for (i = 0, ptgrab = kbgrab = -1; i < 6; i++) { + if (ptgrab != GrabSuccess) { + ptgrab = XGrabPointer(dpy, lock->root, False, + ButtonPressMask | ButtonReleaseMask | + PointerMotionMask, GrabModeAsync, + GrabModeAsync, None, invisible, CurrentTime); } - fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", screen); + if (kbgrab != GrabSuccess) { + kbgrab = XGrabKeyboard(dpy, lock->root, True, + GrabModeAsync, GrabModeAsync, CurrentTime); + } + + /* input is grabbed: we can lock the screen */ + if (ptgrab == GrabSuccess && kbgrab == GrabSuccess) { + XMapRaised(dpy, lock->win); + if (rr->active) + XRRSelectInput(dpy, lock->win, RRScreenChangeNotifyMask); + + XSelectInput(dpy, lock->root, SubstructureNotifyMask); + locktime = time(NULL); + return lock; + } + + /* retry on AlreadyGrabbed but fail on other errors */ + if ((ptgrab != AlreadyGrabbed && ptgrab != GrabSuccess) || + (kbgrab != AlreadyGrabbed && kbgrab != GrabSuccess)) + break; + + usleep(100000); } - /* grabbing one of the inputs failed */ - running = 0; - unlockscreen(dpy, lock); + + /* we couldn't grab all input: fail out */ + if (ptgrab != GrabSuccess) + fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", + screen); + if (kbgrab != GrabSuccess) + fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", + screen); return NULL; } static void usage(void) { - die("usage: slock [-v | cmd [arg ...]]\n"); + die("usage: slock [-v] [cmd [arg ...]]\n"); } int main(int argc, char **argv) { -#ifndef HAVE_BSD_AUTH - const char *pws; -#endif + struct xrandr rr; + struct lock **locks; + struct passwd *pwd; + struct group *grp; + uid_t duid; + gid_t dgid; + const char *hash; Display *dpy; - int s, nlocks; + int s, nlocks, nscreens; + CARD16 standby, suspend, off; ARGBEGIN { case 'v': @@ -301,79 +346,91 @@ main(int argc, char **argv) { usage(); } ARGEND + /* validate drop-user and -group */ + errno = 0; + if (!(pwd = getpwnam(user))) + die("slock: getpwnam %s: %s\n", user, + errno ? strerror(errno) : "user entry not found"); + duid = pwd->pw_uid; + errno = 0; + if (!(grp = getgrnam(group))) + die("slock: getgrnam %s: %s\n", group, + errno ? strerror(errno) : "group entry not found"); + dgid = grp->gr_gid; + #ifdef __linux__ dontkillme(); #endif - /* Check if the current user has a password entry */ + hash = gethash(); errno = 0; - if (!getpwuid(getuid())) { - if (errno == 0) - die("slock: no password entry for current user\n"); - else - die("slock: getpwuid: %s\n", strerror(errno)); - } - -#ifndef HAVE_BSD_AUTH - pws = getpw(); -#endif + if (!crypt("", hash)) + die("slock: crypt: %s\n", strerror(errno)); if (!(dpy = XOpenDisplay(NULL))) die("slock: cannot open display\n"); + /* drop privileges */ + if (setgroups(0, NULL) < 0) + die("slock: setgroups: %s\n", strerror(errno)); + if (setgid(dgid) < 0) + die("slock: setgid: %s\n", strerror(errno)); + if (setuid(duid) < 0) + die("slock: setuid: %s\n", strerror(errno)); + /* check for Xrandr support */ - rr = XRRQueryExtension(dpy, &rrevbase, &rrerrbase); + rr.active = XRRQueryExtension(dpy, &rr.evbase, &rr.errbase); /* get number of screens in display "dpy" and blank them */ nscreens = ScreenCount(dpy); - if (!(locks = malloc(sizeof(Lock *) * nscreens))) { - XCloseDisplay(dpy); + if (!(locks = calloc(nscreens, sizeof(struct lock *)))) die("slock: out of memory\n"); - } for (nlocks = 0, s = 0; s < nscreens; s++) { - if ((locks[s] = lockscreen(dpy, s)) != NULL) + if ((locks[s] = lockscreen(dpy, &rr, s)) != NULL) nlocks++; + else + break; } XSync(dpy, 0); - /* did we actually manage to lock anything? */ - if (nlocks == 0) { - /* nothing to protect */ - free(locks); - XCloseDisplay(dpy); + /* did we manage to lock everything? */ + if (nlocks != nscreens) return 1; - } + + /* DPMS magic to disable the monitor */ + if (!DPMSCapable(dpy)) + die("slock: DPMSCapable failed\n"); + if (!DPMSEnable(dpy)) + die("slock: DPMSEnable failed\n"); + if (!DPMSGetTimeouts(dpy, &standby, &suspend, &off)) + die("slock: DPMSGetTimeouts failed\n"); + if (!standby || !suspend || !off) + die("slock: at least one DPMS variable is zero\n"); + if (!DPMSSetTimeouts(dpy, monitortime, monitortime, monitortime)) + die("slock: DPMSSetTimeouts failed\n"); + + XSync(dpy, 0); /* run post-lock command */ if (argc > 0) { switch (fork()) { case -1: - free(locks); - XCloseDisplay(dpy); die("slock: fork failed: %s\n", strerror(errno)); case 0: if (close(ConnectionNumber(dpy)) < 0) die("slock: close: %s\n", strerror(errno)); execvp(argv[0], argv); - fprintf(stderr, "slock: execvp %s: %s\n", argv[0], - strerror(errno)); + fprintf(stderr, "slock: execvp %s: %s\n", argv[0], strerror(errno)); _exit(1); } } /* everything is now blank. Wait for the correct password */ -#ifdef HAVE_BSD_AUTH - readpw(dpy); -#else - readpw(dpy, pws); -#endif + readpw(dpy, &rr, locks, nscreens, hash); - /* password ok, unlock everything and quit */ - for (s = 0; s < nscreens; s++) - unlockscreen(dpy, locks[s]); - - free(locks); - XCloseDisplay(dpy); + /* reset DPMS values to inital ones */ + DPMSSetTimeouts(dpy, standby, suspend, off); + XSync(dpy, 0); return 0; }