static void clear_input(void) { input_position = 0; clear_password_memory(); password[input_position] = '\0'; /* Hide the unlock indicator after a bit if the password buffer is * empty. */ start_clear_indicator_timeout(); unlock_state = STATE_BACKSPACE_ACTIVE; redraw_screen(); unlock_state = STATE_KEY_PRESSED; }
static void clear_input(void) { input_position = 0; clear_password_memory(); password[input_position] = '\0'; /* Hide the unlock indicator after a bit if the password buffer is * empty. */ if (unlock_indicator) { START_TIMER(clear_indicator_timeout, 1.0, clear_indicator_cb); unlock_state = STATE_BACKSPACE_ACTIVE; redraw_unlock_indicator(); unlock_state = STATE_KEY_PRESSED; } }
static void input_done(void) { if (clear_pam_wrong_timeout) { ev_timer_stop(main_loop, clear_pam_wrong_timeout); free(clear_pam_wrong_timeout); clear_pam_wrong_timeout = NULL; } pam_state = STATE_PAM_VERIFY; redraw_screen(); if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) { DEBUG("successfully authenticated\n"); clear_password_memory(); if (shell_auth_done_command) { system(shell_auth_done_command); } exit(0); } else { if (shell_auth_fail_command) { system(shell_auth_fail_command); } } if (debug_mode) fprintf(stderr, "Authentication failure\n"); pam_state = STATE_PAM_WRONG; clear_input(); redraw_screen(); /* Clear this state after 2 seconds (unless the user enters another * password during that time). */ ev_now_update(main_loop); if ((clear_pam_wrong_timeout = calloc(sizeof(struct ev_timer), 1))) { ev_timer_init(clear_pam_wrong_timeout, clear_pam_wrong, 2.0, 0.); ev_timer_start(main_loop, clear_pam_wrong_timeout); } /* Cancel the clear_indicator_timeout, it would hide the unlock indicator * too early. */ stop_clear_indicator_timeout(); /* beep on authentication failure, if enabled */ if (beep) { xcb_bell(conn, 100); xcb_flush(conn); } }
static void input_done(void) { STOP_TIMER(clear_pam_wrong_timeout); pam_state = STATE_PAM_VERIFY; redraw_screen(); if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) { DEBUG("successfully authenticated\n"); clear_password_memory(); /* Turn the screen on, as it may have been turned off * on release of the 'enter' key. */ turn_monitors_on(); /* PAM credentials should be refreshed, this will for example update any kerberos tickets. * Related to credentials pam_end() needs to be called to cleanup any temporary * credentials like kerberos /tmp/krb5cc_pam_* files which may of been left behind if the * refresh of the credentials failed. */ pam_setcred(pam_handle, PAM_REFRESH_CRED); pam_end(pam_handle, PAM_SUCCESS); exit(0); } if (debug_mode) fprintf(stderr, "Authentication failure\n"); pam_state = STATE_PAM_WRONG; failed_attempts += 1; clear_input(); if (unlock_indicator) redraw_screen(); /* Clear this state after 2 seconds (unless the user enters another * password during that time). */ ev_now_update(main_loop); START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong); /* Cancel the clear_indicator_timeout, it would hide the unlock indicator * too early. */ STOP_TIMER(clear_indicator_timeout); /* beep on authentication failure, if enabled */ if (beep) { xcb_bell(conn, 100); xcb_flush(conn); } }
static void input_done(void) { STOP_TIMER(clear_pam_wrong_timeout); pam_state = STATE_PAM_VERIFY; redraw_screen(); if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) { DEBUG("successfully authenticated\n"); clear_password_memory(); /* Turn the screen on, as it may have been turned off * on release of the 'enter' key. */ turn_monitors_on(); exit(0); } if (debug_mode) fprintf(stderr, "Authentication failure\n"); pam_state = STATE_PAM_WRONG; clear_input(); redraw_screen(); /* Clear this state after 2 seconds (unless the user enters another * password during that time). */ ev_now_update(main_loop); START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong); /* Cancel the clear_indicator_timeout, it would hide the unlock indicator * too early. */ STOP_TIMER(clear_indicator_timeout); /* beep on authentication failure, if enabled */ if (beep) { xcb_bell(conn, 100); xcb_flush(conn); } }
static void input_done(void) { STOP_TIMER(clear_pam_wrong_timeout); pam_state = STATE_PAM_VERIFY; redraw_screen(); if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) { DEBUG("successfully authenticated\n"); clear_password_memory(); /* PAM credentials should be refreshed, this will for example update any kerberos tickets. * Related to credentials pam_end() needs to be called to cleanup any temporary * credentials like kerberos /tmp/krb5cc_pam_* files which may of been left behind if the * refresh of the credentials failed. */ pam_setcred(pam_handle, PAM_REFRESH_CRED); pam_end(pam_handle, PAM_SUCCESS); exit(0); } if (debug_mode) fprintf(stderr, "Authentication failure\n"); /* Get state of Caps and Num lock modifiers, to be displayed in * STATE_PAM_WRONG state */ xkb_mod_index_t idx, num_mods; const char *mod_name; num_mods = xkb_keymap_num_mods(xkb_keymap); for (idx = 0; idx < num_mods; idx++) { if (!xkb_state_mod_index_is_active(xkb_state, idx, XKB_STATE_MODS_EFFECTIVE)) continue; mod_name = xkb_keymap_mod_get_name(xkb_keymap, idx); if (mod_name == NULL) continue; /* Replace certain xkb names with nicer, human-readable ones. */ if (strcmp(mod_name, XKB_MOD_NAME_CAPS) == 0) mod_name = "Caps Lock"; else if (strcmp(mod_name, XKB_MOD_NAME_ALT) == 0) mod_name = "Alt"; else if (strcmp(mod_name, XKB_MOD_NAME_NUM) == 0) mod_name = "Num Lock"; else if (strcmp(mod_name, XKB_MOD_NAME_LOGO) == 0) mod_name = "Win"; char *tmp; if (modifier_string == NULL) { if (asprintf(&tmp, "%s", mod_name) != -1) modifier_string = tmp; } else if (asprintf(&tmp, "%s, %s", modifier_string, mod_name) != -1) { free(modifier_string); modifier_string = tmp; } } pam_state = STATE_PAM_WRONG; failed_attempts += 1; clear_input(); if (unlock_indicator) redraw_screen(); /* Skip all the events during the pam verification to avoid bad people * spamming keys and locking pam in an endless validation loop */ xcb_generic_event_t *ev = xcb_poll_for_event(conn); free(ev); while (ev != NULL) { ev = xcb_poll_for_queued_event(conn); free(ev); } /* Clear this state after 2 seconds (unless the user enters another * password during that time). */ ev_now_update(main_loop); START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong); /* Cancel the clear_indicator_timeout, it would hide the unlock indicator * too early. */ STOP_TIMER(clear_indicator_timeout); /* beep on authentication failure, if enabled */ if (beep) { xcb_bell(conn, 100); xcb_flush(conn); } }
static void clear_input(void) { input_position = 0; clear_password_memory(); password[input_position] = '\0'; }