When enter is pressed, passwd[len] will be set to '\0'. Pressing
backspace is supposed to remove the last entered character.
But currently, the clearing has an off-by-one, as in setting
passwd[len] to '\0' just like enter would do.
You can also verify it by imagining len=1 and that it's impossible to
clear passwd[0] by pressing backspace with the current code.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
When connecting/disconnecting a portrait monitor, the
XRRScreenChangeNotifyEvent height & width are reversed due to the XRandR
rotation; detect this and DTRT.
The section on security considerations sheds some light on the problems that we
can't solve within slock but which the user has to solve in his X configuration.
FRIGN on hackers@suckless.org:
What has been bugging me for quite a while is this DPMS comment that was added
there for no reason. Every sane mind would agree that fiddling with DPMS makes
no sense whatsoever. When I slock, my screen turns off after 10 minutes. So, if
I don't like that, I disable DPMS. If I do, I just fiddle around with my mouse a
bit and get the slock promt.
This was extremely bad practice, effectively making the program behave
different depending on which architecture you are running it on.
OpenBSD offers getpwuid_shadow, but there is no getspuid for getspnam,
so we resort to using the pw_name entry in the struct passwd we filled
earlier.
This prevents slock from crashing when $USER is empty (easy to do). If
you want to run slock as a different user, don't use
$ USER="tom" slock
but doas or sudo which were designed for this purpose.
The cleanup removal is a joint-venture with Markus. We assume the X server does
the cleanup, so we don't need it. The idea is that the fds are closed at exit
and thus already indicate to the X server that the client has quit. Analogously
the same applies to freeing memory sections previously allocated for the X
server.
We love XXXXXL burgers and therefore removed
XUngrabPointer
XUngrabKeyboard
XFreeColors
XFreePixmap
XDestroyWindow
Lines of Code.
For a project like slock there is no need to carry around global state. By
moving the three structures to main() it is now clear which functions modify
which state, greatly improving the readability of the code, especially given
slock is a suid program.
