/*
* Instead of polling the X connection socket we leave this to
* xcb_poll_for_event() which knows better than we can ever know.
*
*/
static void xcb_check_cb(EV_P_ ev_check *w, int revents) {
xcb_generic_event_t *event;
while ((event = xcb_poll_for_event(conn)) != NULL) {
if (event->response_type == 0) {
xcb_generic_error_t *error = (xcb_generic_error_t*)event;
if (debug_mode)
fprintf(stderr, "X11 Error received! sequence 0x%x, error_code = %d\n",
error->sequence, error->error_code);
free(event);
continue;
}
/* Strip off the highest bit (set if the event is generated) */
int type = (event->response_type & 0x7F);
switch (type) {
case XCB_KEY_PRESS:
handle_key_press((xcb_key_press_event_t*)event);
break;
case XCB_KEY_RELEASE:
/* If this was the backspace or escape key we are back at an
* empty input, so turn off the screen if DPMS is enabled, but
* only do that after some timeout: maybe user mistyped and
* will type again right away */
START_TIMER(dpms_timeout, TSTAMP_N_SECS(inactivity_timeout),
turn_off_monitors_cb);
break;
case XCB_VISIBILITY_NOTIFY:
handle_visibility_notify(conn, (xcb_visibility_notify_event_t*)event);
break;
case XCB_MAP_NOTIFY:
if (!dont_fork) {
/* After the first MapNotify, we never fork again. We don’t
* expect to get another MapNotify, but better be sure… */
dont_fork = true;
/* In the parent process, we exit */
if (fork() != 0)
exit(0);
ev_loop_fork(EV_DEFAULT);
}
break;
case XCB_CONFIGURE_NOTIFY:
handle_screen_resize();
break;
default:
if (type == xkb_base_event)
process_xkb_event(event);
}
free(event);
}
}
static void input_done(void) {
STOP_TIMER(clear_pam_wrong_timeout);
pam_state = STATE_PAM_VERIFY;
redraw_screen();
if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) {
DEBUG("successfully authenticated\n");
clear_password_memory();
/* Turn the screen on, as it may have been turned off
* on release of the 'enter' key. */
turn_monitors_on();
/* PAM credentials should be refreshed, this will for example update any kerberos tickets.
* Related to credentials pam_end() needs to be called to cleanup any temporary
* credentials like kerberos /tmp/krb5cc_pam_* files which may of been left behind if the
* refresh of the credentials failed. */
pam_setcred(pam_handle, PAM_REFRESH_CRED);
pam_end(pam_handle, PAM_SUCCESS);
exit(0);
}
if (debug_mode)
fprintf(stderr, "Authentication failure\n");
pam_state = STATE_PAM_WRONG;
failed_attempts += 1;
clear_input();
if (unlock_indicator)
redraw_screen();
/* Clear this state after 2 seconds (unless the user enters another
* password during that time). */
ev_now_update(main_loop);
START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong);
/* Cancel the clear_indicator_timeout, it would hide the unlock indicator
* too early. */
STOP_TIMER(clear_indicator_timeout);
/* beep on authentication failure, if enabled */
if (beep) {
xcb_bell(conn, 100);
xcb_flush(conn);
}
}
static void input_done(void) {
STOP_TIMER(clear_pam_wrong_timeout);
pam_state = STATE_PAM_VERIFY;
redraw_screen();
if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) {
DEBUG("successfully authenticated\n");
clear_password_memory();
/* Turn the screen on, as it may have been turned off
* on release of the 'enter' key. */
turn_monitors_on();
exit(0);
}
if (debug_mode)
fprintf(stderr, "Authentication failure\n");
pam_state = STATE_PAM_WRONG;
clear_input();
redraw_screen();
/* Clear this state after 2 seconds (unless the user enters another
* password during that time). */
ev_now_update(main_loop);
START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong);
/* Cancel the clear_indicator_timeout, it would hide the unlock indicator
* too early. */
STOP_TIMER(clear_indicator_timeout);
/* beep on authentication failure, if enabled */
if (beep) {
xcb_bell(conn, 100);
xcb_flush(conn);
}
}
/*
* Handle key presses. Fixes state, then looks up the key symbol for the
* given keycode, then looks up the key symbol (as UCS-2), converts it to
* UTF-8 and stores it in the password array.
*
*/
static void handle_key_press(xcb_key_press_event_t *event) {
xkb_keysym_t ksym;
char buffer[128];
int n;
bool ctrl;
bool composed = false;
ksym = xkb_state_key_get_one_sym(xkb_state, event->detail);
ctrl = xkb_state_mod_name_is_active(xkb_state, XKB_MOD_NAME_CTRL, XKB_STATE_MODS_DEPRESSED);
/* The buffer will be null-terminated, so n >= 2 for 1 actual character. */
memset(buffer, '\0', sizeof(buffer));
if (xkb_compose_state && xkb_compose_state_feed(xkb_compose_state, ksym) == XKB_COMPOSE_FEED_ACCEPTED) {
switch (xkb_compose_state_get_status(xkb_compose_state)) {
case XKB_COMPOSE_NOTHING:
break;
case XKB_COMPOSE_COMPOSING:
return;
case XKB_COMPOSE_COMPOSED:
/* xkb_compose_state_get_utf8 doesn't include the terminating byte in the return value
* as xkb_keysym_to_utf8 does. Adding one makes the variable n consistent. */
n = xkb_compose_state_get_utf8(xkb_compose_state, buffer, sizeof(buffer)) + 1;
ksym = xkb_compose_state_get_one_sym(xkb_compose_state);
composed = true;
break;
case XKB_COMPOSE_CANCELLED:
xkb_compose_state_reset(xkb_compose_state);
return;
}
}
if (!composed) {
n = xkb_keysym_to_utf8(ksym, buffer, sizeof(buffer));
}
switch (ksym) {
case XKB_KEY_Return:
case XKB_KEY_KP_Enter:
case XKB_KEY_XF86ScreenSaver:
if (pam_state == STATE_PAM_WRONG)
return;
if (skip_without_validation()) {
clear_input();
return;
}
password[input_position] = '\0';
unlock_state = STATE_KEY_PRESSED;
redraw_screen();
input_done();
skip_repeated_empty_password = true;
return;
default:
skip_repeated_empty_password = false;
}
switch (ksym) {
case XKB_KEY_u:
if (ctrl) {
DEBUG("C-u pressed\n");
clear_input();
return;
}
break;
case XKB_KEY_Escape:
clear_input();
return;
case XKB_KEY_BackSpace:
if (input_position == 0)
return;
/* decrement input_position to point to the previous glyph */
u8_dec(password, &input_position);
password[input_position] = '\0';
/* Hide the unlock indicator after a bit if the password buffer is
* empty. */
START_TIMER(clear_indicator_timeout, 1.0, clear_indicator_cb);
unlock_state = STATE_BACKSPACE_ACTIVE;
redraw_screen();
unlock_state = STATE_KEY_PRESSED;
return;
}
if ((input_position + 8) >= sizeof(password))
return;
#if 0
/* FIXME: handle all of these? */
printf("is_keypad_key = %d\n", xcb_is_keypad_key(sym));
printf("is_private_keypad_key = %d\n", xcb_is_private_keypad_key(sym));
printf("xcb_is_cursor_key = %d\n", xcb_is_cursor_key(sym));
printf("xcb_is_pf_key = %d\n", xcb_is_pf_key(sym));
printf("xcb_is_function_key = %d\n", xcb_is_function_key(sym));
printf("xcb_is_misc_function_key = %d\n", xcb_is_misc_function_key(sym));
printf("xcb_is_modifier_key = %d\n", xcb_is_modifier_key(sym));
#endif
if (n < 2)
return;
/* store it in the password array as UTF-8 */
memcpy(password + input_position, buffer, n - 1);
input_position += n - 1;
DEBUG("current password = %.*s\n", input_position, password);
if (unlock_indicator) {
unlock_state = STATE_KEY_ACTIVE;
redraw_screen();
unlock_state = STATE_KEY_PRESSED;
struct ev_timer *timeout = NULL;
START_TIMER(timeout, TSTAMP_N_SECS(0.25), redraw_timeout);
STOP_TIMER(clear_indicator_timeout);
}
START_TIMER(discard_passwd_timeout, TSTAMP_N_MINS(3), discard_passwd_cb);
}
static void input_done(void) {
STOP_TIMER(clear_pam_wrong_timeout);
pam_state = STATE_PAM_VERIFY;
redraw_screen();
if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) {
DEBUG("successfully authenticated\n");
clear_password_memory();
/* PAM credentials should be refreshed, this will for example update any kerberos tickets.
* Related to credentials pam_end() needs to be called to cleanup any temporary
* credentials like kerberos /tmp/krb5cc_pam_* files which may of been left behind if the
* refresh of the credentials failed. */
pam_setcred(pam_handle, PAM_REFRESH_CRED);
pam_end(pam_handle, PAM_SUCCESS);
exit(0);
}
if (debug_mode)
fprintf(stderr, "Authentication failure\n");
/* Get state of Caps and Num lock modifiers, to be displayed in
* STATE_PAM_WRONG state */
xkb_mod_index_t idx, num_mods;
const char *mod_name;
num_mods = xkb_keymap_num_mods(xkb_keymap);
for (idx = 0; idx < num_mods; idx++) {
if (!xkb_state_mod_index_is_active(xkb_state, idx, XKB_STATE_MODS_EFFECTIVE))
continue;
mod_name = xkb_keymap_mod_get_name(xkb_keymap, idx);
if (mod_name == NULL)
continue;
/* Replace certain xkb names with nicer, human-readable ones. */
if (strcmp(mod_name, XKB_MOD_NAME_CAPS) == 0)
mod_name = "Caps Lock";
else if (strcmp(mod_name, XKB_MOD_NAME_ALT) == 0)
mod_name = "Alt";
else if (strcmp(mod_name, XKB_MOD_NAME_NUM) == 0)
mod_name = "Num Lock";
else if (strcmp(mod_name, XKB_MOD_NAME_LOGO) == 0)
mod_name = "Win";
char *tmp;
if (modifier_string == NULL) {
if (asprintf(&tmp, "%s", mod_name) != -1)
modifier_string = tmp;
} else if (asprintf(&tmp, "%s, %s", modifier_string, mod_name) != -1) {
free(modifier_string);
modifier_string = tmp;
}
}
pam_state = STATE_PAM_WRONG;
failed_attempts += 1;
clear_input();
if (unlock_indicator)
redraw_screen();
/* Skip all the events during the pam verification to avoid bad people
* spamming keys and locking pam in an endless validation loop */
xcb_generic_event_t *ev = xcb_poll_for_event(conn);
free(ev);
while (ev != NULL)
{
ev = xcb_poll_for_queued_event(conn);
free(ev);
}
/* Clear this state after 2 seconds (unless the user enters another
* password during that time). */
ev_now_update(main_loop);
START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong);
/* Cancel the clear_indicator_timeout, it would hide the unlock indicator
* too early. */
STOP_TIMER(clear_indicator_timeout);
/* beep on authentication failure, if enabled */
if (beep) {
xcb_bell(conn, 100);
xcb_flush(conn);
}
}
/*
* Handle key presses. Fixes state, then looks up the key symbol for the
* given keycode, then looks up the key symbol (as UCS-2), converts it to
* UTF-8 and stores it in the password array.
*
*/
static void handle_key_press(xcb_key_press_event_t *event) {
xkb_keysym_t ksym;
char buffer[128];
int n;
bool ctrl;
ksym = xkb_state_key_get_one_sym(xkb_state, event->detail);
ctrl = xkb_state_mod_name_is_active(xkb_state, "Control", XKB_STATE_MODS_DEPRESSED);
/* The buffer will be null-terminated, so n >= 2 for 1 actual character. */
memset(buffer, '\0', sizeof(buffer));
n = xkb_keysym_to_utf8(ksym, buffer, sizeof(buffer));
switch (ksym) {
case XKB_KEY_Return:
case XKB_KEY_KP_Enter:
case XKB_KEY_XF86ScreenSaver:
if (skip_without_validation()) {
clear_input();
return;
}
password[input_position] = '\0';
unlock_state = STATE_KEY_PRESSED;
redraw_screen();
input_done();
skip_repeated_empty_password = true;
return;
default:
skip_repeated_empty_password = false;
}
switch (ksym) {
case XKB_KEY_u:
if (ctrl) {
DEBUG("C-u pressed\n");
clear_input();
return;
}
break;
case XKB_KEY_Escape:
clear_input();
return;
case XKB_KEY_BackSpace:
if (input_position == 0)
return;
/* decrement input_position to point to the previous glyph */
u8_dec(password, &input_position);
password[input_position] = '\0';
/* Hide the unlock indicator after a bit if the password buffer is
* empty. */
START_TIMER(clear_indicator_timeout, 1.0, clear_indicator_cb);
unlock_state = STATE_BACKSPACE_ACTIVE;
redraw_screen();
unlock_state = STATE_KEY_PRESSED;
return;
}
if ((input_position + 8) >= sizeof(password))
return;
#if 0
/* FIXME: handle all of these? */
printf("is_keypad_key = %d\n", xcb_is_keypad_key(sym));
printf("is_private_keypad_key = %d\n", xcb_is_private_keypad_key(sym));
printf("xcb_is_cursor_key = %d\n", xcb_is_cursor_key(sym));
printf("xcb_is_pf_key = %d\n", xcb_is_pf_key(sym));
printf("xcb_is_function_key = %d\n", xcb_is_function_key(sym));
printf("xcb_is_misc_function_key = %d\n", xcb_is_misc_function_key(sym));
printf("xcb_is_modifier_key = %d\n", xcb_is_modifier_key(sym));
#endif
if (n < 2)
return;
/* store it in the password array as UTF-8 */
memcpy(password+input_position, buffer, n-1);
input_position += n-1;
DEBUG("current password = %.*s\n", input_position, password);
unlock_state = STATE_KEY_ACTIVE;
redraw_screen();
unlock_state = STATE_KEY_PRESSED;
struct ev_timer *timeout = NULL;
START_TIMER(timeout, TSTAMP_N_SECS(0.25), redraw_timeout);
STOP_TIMER(clear_indicator_timeout);
START_TIMER(discard_passwd_timeout, TSTAMP_N_MINS(3), discard_passwd_cb);
}
