aboutsummaryrefslogtreecommitdiff
path: root/swaylock/password.c
diff options
context:
space:
mode:
Diffstat (limited to 'swaylock/password.c')
-rw-r--r--swaylock/password.c126
1 files changed, 126 insertions, 0 deletions
diff --git a/swaylock/password.c b/swaylock/password.c
new file mode 100644
index 00000000..1839f991
--- /dev/null
+++ b/swaylock/password.c
@@ -0,0 +1,126 @@
+#include <assert.h>
+#include <pwd.h>
+#include <security/pam_appl.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <wlr/util/log.h>
+#include <xkbcommon/xkbcommon.h>
+#include "swaylock/swaylock.h"
+#include "swaylock/seat.h"
+#include "unicode.h"
+
+static int function_conversation(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *data) {
+ struct swaylock_password *pw = data;
+ /* PAM expects an array of responses, one for each message */
+ struct pam_response *pam_reply = calloc(
+ num_msg, sizeof(struct pam_response));
+ *resp = pam_reply;
+ for (int i = 0; i < num_msg; ++i) {
+ switch (msg[i]->msg_style) {
+ case PAM_PROMPT_ECHO_OFF:
+ case PAM_PROMPT_ECHO_ON:
+ pam_reply[i].resp = pw->buffer;
+ break;
+ case PAM_ERROR_MSG:
+ case PAM_TEXT_INFO:
+ break;
+ }
+ }
+ return PAM_SUCCESS;
+}
+
+static bool attempt_password(struct swaylock_password *pw) {
+ struct passwd *passwd = getpwuid(getuid());
+ char *username = passwd->pw_name;
+ const struct pam_conv local_conversation = {
+ function_conversation, pw
+ };
+ pam_handle_t *local_auth_handle = NULL;
+ int pam_err;
+ if ((pam_err = pam_start("swaylock", username,
+ &local_conversation, &local_auth_handle)) != PAM_SUCCESS) {
+ wlr_log(L_ERROR, "PAM returned error %d", pam_err);
+ }
+ if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) {
+ wlr_log(L_ERROR, "pam_authenticate failed");
+ goto fail;
+ }
+ if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) {
+ wlr_log(L_ERROR, "pam_end failed");
+ goto fail;
+ }
+ // PAM frees this
+ pw->buffer = NULL;
+ pw->len = pw->size = 0;
+ return true;
+fail:
+ // PAM frees this
+ pw->buffer = NULL;
+ pw->len = pw->size = 0;
+ return false;
+}
+
+static bool backspace(struct swaylock_password *pw) {
+ if (pw->len != 0) {
+ pw->buffer[--pw->len] = 0;
+ return true;
+ }
+ return false;
+}
+
+static void append_ch(struct swaylock_password *pw, uint32_t codepoint) {
+ if (!pw->buffer) {
+ pw->size = 8;
+ if (!(pw->buffer = malloc(pw->size))) {
+ // TODO: Display error
+ return;
+ }
+ pw->buffer[0] = 0;
+ }
+ size_t utf8_size = utf8_chsize(codepoint);
+ if (pw->len + utf8_size + 1 >= pw->size) {
+ size_t size = pw->size * 2;
+ char *buffer = realloc(pw->buffer, size);
+ if (!buffer) {
+ // TODO: Display error
+ return;
+ }
+ pw->size = size;
+ pw->buffer = buffer;
+ }
+ utf8_encode(&pw->buffer[pw->len], codepoint);
+ pw->buffer[pw->len + utf8_size] = 0;
+ pw->len += utf8_size;
+}
+
+void swaylock_handle_key(struct swaylock_state *state,
+ xkb_keysym_t keysym, uint32_t codepoint) {
+ switch (keysym) {
+ case XKB_KEY_KP_Enter: /* fallthrough */
+ case XKB_KEY_Return:
+ state->auth_state = AUTH_STATE_VALIDATING;
+ render_frames(state);
+ wl_display_roundtrip(state->display);
+ if (attempt_password(&state->password)) {
+ state->run_display = false;
+ break;
+ }
+ state->auth_state = AUTH_STATE_INVALID;
+ render_frames(state);
+ break;
+ case XKB_KEY_BackSpace:
+ if (backspace(&state->password)) {
+ state->auth_state = AUTH_STATE_BACKSPACE;
+ render_frames(state);
+ }
+ break;
+ default:
+ if (codepoint) {
+ append_ch(&state->password, codepoint);
+ state->auth_state = AUTH_STATE_INPUT;
+ render_frames(state);
+ }
+ break;
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 07:52:39 +0000