1. fix formatting. come on guys. formatting!
2. do pam auth in forked child - this way pam cant screw any signal etc. settings of the parent process. use exit code for error detection or auth success etc. SVN revision: 22187
This commit is contained in:
parent
793638413e
commit
624b88dda7
|
|
@ -1,9 +1,9 @@
|
||||||
#include "e.h"
|
#include "e.h"
|
||||||
|
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
#include <security/pam_appl.h>
|
# include <security/pam_appl.h>
|
||||||
#include <pwd.h>
|
# include <pwd.h>
|
||||||
#include <limits.h>
|
# include <limits.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define ELOCK_POPUP_LAYER 10000
|
#define ELOCK_POPUP_LAYER 10000
|
||||||
|
|
@ -14,8 +14,7 @@
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
struct _Desklock_Auth
|
struct _Desklock_Auth
|
||||||
{
|
{
|
||||||
struct
|
struct {
|
||||||
{
|
|
||||||
struct pam_conv conv;
|
struct pam_conv conv;
|
||||||
pam_handle_t *handle;
|
pam_handle_t *handle;
|
||||||
} pam;
|
} pam;
|
||||||
|
|
@ -24,12 +23,15 @@ struct _Desklock_Auth
|
||||||
char passwd[PATH_MAX];
|
char passwd[PATH_MAX];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static int _e_desklock_cb_exit(void *data, int type, void *event);
|
||||||
static int _desklock_auth(const char *passwd);
|
static int _desklock_auth(const char *passwd);
|
||||||
static int _desklock_pam_init(struct _Desklock_Auth *da);
|
static int _desklock_pam_init(struct _Desklock_Auth *da);
|
||||||
static int _desklock_auth_pam_conv(int num_msg, const struct pam_message **msg,
|
static int _desklock_auth_pam_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr);
|
||||||
struct pam_response **resp, void *appdata_ptr);
|
static char *_desklock_auth_get_current_user(void);
|
||||||
static char *_desklock_auth_get_current_user();
|
static char *_desklock_auth_get_current_host(void);
|
||||||
static char *_desklock_auth_get_current_host();
|
|
||||||
|
static Ecore_Event_Handler *_e_desklock_exit_handler = NULL;
|
||||||
|
static pid_t _e_desklock_child_pid = -1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**************************** private data ******************************/
|
/**************************** private data ******************************/
|
||||||
|
|
@ -62,7 +64,6 @@ static int _e_desklock_cb_mouse_down(void *data, int type, void *event);
|
||||||
static int _e_desklock_cb_mouse_up(void *data, int type, void *event);
|
static int _e_desklock_cb_mouse_up(void *data, int type, void *event);
|
||||||
static int _e_desklock_cb_mouse_wheel(void *data, int type, void *event);
|
static int _e_desklock_cb_mouse_wheel(void *data, int type, void *event);
|
||||||
static int _e_desklock_cb_mouse_move(void *data, int type, void *event);
|
static int _e_desklock_cb_mouse_move(void *data, int type, void *event);
|
||||||
//static int _e_desklock_idler(void *data);
|
|
||||||
|
|
||||||
static void _e_desklock_passwd_update();
|
static void _e_desklock_passwd_update();
|
||||||
static void _e_desklock_backspace();
|
static void _e_desklock_backspace();
|
||||||
|
|
@ -84,7 +85,7 @@ e_desklock_show(void)
|
||||||
if (edd) return 0;
|
if (edd) return 0;
|
||||||
|
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
if (e_config->desklock_auth_method == 1 )
|
if (e_config->desklock_auth_method == 1)
|
||||||
{
|
{
|
||||||
#endif
|
#endif
|
||||||
if (!e_config->desklock_personal_passwd)
|
if (!e_config->desklock_personal_passwd)
|
||||||
|
|
@ -284,8 +285,6 @@ e_desklock_show(void)
|
||||||
ecore_event_handler_add(ECORE_X_EVENT_MOUSE_MOVE,
|
ecore_event_handler_add(ECORE_X_EVENT_MOUSE_MOVE,
|
||||||
_e_desklock_cb_mouse_move,
|
_e_desklock_cb_mouse_move,
|
||||||
NULL));
|
NULL));
|
||||||
//elock_wnd_idler = ecore_idler_add(_e_desklock_idler, NULL);
|
|
||||||
|
|
||||||
_e_desklock_passwd_update();
|
_e_desklock_passwd_update();
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
@ -341,35 +340,9 @@ _e_desklock_cb_key_down(void *data, int type, void *event)
|
||||||
if (!strcmp(ev->keysymbol, "Escape"))
|
if (!strcmp(ev->keysymbol, "Escape"))
|
||||||
;
|
;
|
||||||
else if (!strcmp(ev->keysymbol, "KP_Enter"))
|
else if (!strcmp(ev->keysymbol, "KP_Enter"))
|
||||||
{
|
_e_desklock_check_auth();
|
||||||
// here we have to go to auth
|
|
||||||
if (_e_desklock_check_auth())
|
|
||||||
{
|
|
||||||
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
|
||||||
e_desklock_hide();
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
; // report about invalid password
|
|
||||||
|
|
||||||
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
|
||||||
_e_desklock_passwd_update();
|
|
||||||
}
|
|
||||||
else if (!strcmp(ev->keysymbol, "Return"))
|
else if (!strcmp(ev->keysymbol, "Return"))
|
||||||
{
|
_e_desklock_check_auth();
|
||||||
// here we have to go to auth
|
|
||||||
if (_e_desklock_check_auth())
|
|
||||||
{
|
|
||||||
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
|
||||||
e_desklock_hide();
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
; // report about invalid password
|
|
||||||
|
|
||||||
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
|
||||||
_e_desklock_passwd_update();
|
|
||||||
}
|
|
||||||
else if (!strcmp(ev->keysymbol, "BackSpace"))
|
else if (!strcmp(ev->keysymbol, "BackSpace"))
|
||||||
_e_desklock_backspace();
|
_e_desklock_backspace();
|
||||||
else if (!strcmp(ev->keysymbol, "Delete"))
|
else if (!strcmp(ev->keysymbol, "Delete"))
|
||||||
|
|
@ -395,16 +368,19 @@ _e_desklock_cb_mouse_down(void *data, int type, void *event)
|
||||||
{
|
{
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
_e_desklock_cb_mouse_up(void *data, int type, void *event)
|
_e_desklock_cb_mouse_up(void *data, int type, void *event)
|
||||||
{
|
{
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
_e_desklock_cb_mouse_wheel(void *data, int type, void *event)
|
_e_desklock_cb_mouse_wheel(void *data, int type, void *event)
|
||||||
{
|
{
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
_e_desklock_cb_mouse_move(void *data, int type, void *event)
|
_e_desklock_cb_mouse_move(void *data, int type, void *event)
|
||||||
{
|
{
|
||||||
|
|
@ -431,11 +407,6 @@ _e_desklock_cb_mouse_move(void *data, int type, void *event)
|
||||||
last_active_zone = current_zone;
|
last_active_zone = current_zone;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
static int
|
|
||||||
_e_desklock_idler(void *data)
|
|
||||||
{
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
EAPI int
|
EAPI int
|
||||||
e_desklock_init(void)
|
e_desklock_init(void)
|
||||||
|
|
@ -527,14 +498,13 @@ _e_desklock_zone_num_get()
|
||||||
return num;
|
return num;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _e_desklock_check_auth()
|
static int
|
||||||
|
_e_desklock_check_auth()
|
||||||
{
|
{
|
||||||
if (!edd) return 0;
|
if (!edd) return 0;
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
if (e_config->desklock_auth_method == 0)
|
if (e_config->desklock_auth_method == 0)
|
||||||
{
|
|
||||||
return _desklock_auth(edd->passwd);
|
return _desklock_auth(edd->passwd);
|
||||||
}
|
|
||||||
else if (e_config->desklock_auth_method == 1)
|
else if (e_config->desklock_auth_method == 1)
|
||||||
{
|
{
|
||||||
#endif // HAVE_PAM
|
#endif // HAVE_PAM
|
||||||
|
|
@ -543,18 +513,71 @@ static int _e_desklock_check_auth()
|
||||||
e_config->desklock_personal_passwd == NULL ? "" :
|
e_config->desklock_personal_passwd == NULL ? "" :
|
||||||
e_config->desklock_personal_passwd)))
|
e_config->desklock_personal_passwd)))
|
||||||
{
|
{
|
||||||
|
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
||||||
|
e_desklock_hide();
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
/* passowrd is definitely wrong */
|
||||||
|
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
||||||
|
_e_desklock_passwd_update();
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
static int _desklock_auth(const char *passwd)
|
static int
|
||||||
|
_e_desklock_cb_exit(void *data, int type, void *event)
|
||||||
{
|
{
|
||||||
|
Ecore_Exe_Event_Del *ev;
|
||||||
|
|
||||||
|
ev = event;
|
||||||
|
if (ev->pid == _e_desklock_child_pid)
|
||||||
|
{
|
||||||
|
_e_desklock_child_pid = -1;
|
||||||
|
/* ok */
|
||||||
|
if (ev->exit_code == 0)
|
||||||
|
{
|
||||||
|
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
||||||
|
e_desklock_hide();
|
||||||
|
}
|
||||||
|
/* error */
|
||||||
|
else if (ev->exit_code < 128)
|
||||||
|
{
|
||||||
|
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
||||||
|
e_desklock_hide();
|
||||||
|
e_util_dialog_show(_("Authentication System Error"),
|
||||||
|
_("Authentication via PAM had errors setting up the<br>"
|
||||||
|
"authentication session. The error code was <hilight>%i</hilight>.<br>"
|
||||||
|
"This is bad and should not be happening. Please report this bug.")
|
||||||
|
, ev->exit_code);
|
||||||
|
}
|
||||||
|
/* failed auth */
|
||||||
|
else
|
||||||
|
{
|
||||||
|
memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
|
||||||
|
_e_desklock_passwd_update();
|
||||||
|
}
|
||||||
|
ecore_event_handler_del(_e_desklock_exit_handler);
|
||||||
|
_e_desklock_exit_handler = NULL;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
_desklock_auth(const char *passwd)
|
||||||
|
{
|
||||||
|
if ((_e_desklock_child_pid = fork()))
|
||||||
|
{
|
||||||
|
/* parent */
|
||||||
|
_e_desklock_exit_handler =
|
||||||
|
ecore_event_handler_add(ECORE_EXE_EVENT_DEL, _e_desklock_cb_exit,
|
||||||
|
NULL);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* child */
|
||||||
int pamerr;
|
int pamerr;
|
||||||
struct _Desklock_Auth da;
|
struct _Desklock_Auth da;
|
||||||
|
|
||||||
|
|
@ -564,18 +587,18 @@ static int _desklock_auth(const char *passwd)
|
||||||
da.pam.conv.conv = NULL;
|
da.pam.conv.conv = NULL;
|
||||||
da.pam.conv.appdata_ptr = NULL;
|
da.pam.conv.appdata_ptr = NULL;
|
||||||
|
|
||||||
if (!_desklock_pam_init(&da))
|
pamerr = _desklock_pam_init(&da);
|
||||||
return 0;
|
if (pamerr != PAM_SUCCESS) exit(pamerr);
|
||||||
|
|
||||||
pamerr = pam_authenticate(da.pam.handle, 0);
|
pamerr = pam_authenticate(da.pam.handle, 0);
|
||||||
|
|
||||||
pam_end(da.pam.handle, pamerr);
|
pam_end(da.pam.handle, pamerr);
|
||||||
memset(da.passwd, 0 , sizeof(da.passwd));
|
memset(da.passwd, 0, sizeof(da.passwd));
|
||||||
|
if (pamerr == PAM_SUCCESS) exit(0);
|
||||||
return pamerr == PAM_SUCCESS ? 1 : 0;
|
exit(-1);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static char *_desklock_auth_get_current_user()
|
static char *
|
||||||
|
_desklock_auth_get_current_user(void)
|
||||||
{
|
{
|
||||||
char *user;
|
char *user;
|
||||||
struct passwd *pwent = NULL;
|
struct passwd *pwent = NULL;
|
||||||
|
|
@ -585,11 +608,12 @@ static char *_desklock_auth_get_current_user()
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _desklock_pam_init(struct _Desklock_Auth *da)
|
static int
|
||||||
|
_desklock_pam_init(struct _Desklock_Auth *da)
|
||||||
{
|
{
|
||||||
int pamerr;
|
int pamerr;
|
||||||
|
|
||||||
if (!da) return 0;
|
if (!da) return -1;
|
||||||
|
|
||||||
da->pam.conv.conv = _desklock_auth_pam_conv;
|
da->pam.conv.conv = _desklock_auth_pam_conv;
|
||||||
da->pam.conv.appdata_ptr = da;
|
da->pam.conv.appdata_ptr = da;
|
||||||
|
|
@ -597,21 +621,21 @@ static int _desklock_pam_init(struct _Desklock_Auth *da)
|
||||||
|
|
||||||
if ((pamerr = pam_start("system-auth", da->user, &(da->pam.conv),
|
if ((pamerr = pam_start("system-auth", da->user, &(da->pam.conv),
|
||||||
&(da->pam.handle))) != PAM_SUCCESS)
|
&(da->pam.handle))) != PAM_SUCCESS)
|
||||||
return 0;
|
return pamerr;
|
||||||
|
|
||||||
if ((pamerr = pam_set_item(da->pam.handle, PAM_USER,
|
if ((pamerr = pam_set_item(da->pam.handle, PAM_USER,
|
||||||
_desklock_auth_get_current_user())) != PAM_SUCCESS)
|
_desklock_auth_get_current_user())) != PAM_SUCCESS)
|
||||||
return 0;
|
return pamerr;
|
||||||
|
|
||||||
if ((pamerr = pam_set_item(da->pam.handle, PAM_RHOST,
|
if ((pamerr = pam_set_item(da->pam.handle, PAM_RHOST,
|
||||||
_desklock_auth_get_current_host())) != PAM_SUCCESS)
|
_desklock_auth_get_current_host())) != PAM_SUCCESS)
|
||||||
return 0;
|
return pamerr;
|
||||||
|
|
||||||
return 1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _desklock_auth_pam_conv(int num_msg, const struct pam_message **msg,
|
static int
|
||||||
struct pam_response **resp, void *appdata_ptr)
|
_desklock_auth_pam_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
|
||||||
{
|
{
|
||||||
int replies = 0;
|
int replies = 0;
|
||||||
struct _Desklock_Auth *da = (struct _Desklock_Auth *)appdata_ptr;
|
struct _Desklock_Auth *da = (struct _Desklock_Auth *)appdata_ptr;
|
||||||
|
|
@ -648,7 +672,8 @@ static int _desklock_auth_pam_conv(int num_msg, const struct pam_message **msg,
|
||||||
return PAM_SUCCESS;
|
return PAM_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
static char *_desklock_auth_get_current_host()
|
static char *
|
||||||
|
_desklock_auth_get_current_host(void)
|
||||||
{
|
{
|
||||||
return strdup("localhost");
|
return strdup("localhost");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue