We want to know at once if slock failed or not to lock the screen, not
seing a black screen for a whole second (or two) and then die.
Thanks to ^7heo for reporting this.
- Add arg.h and fix usage
Given slock is suid we don't want to have half-measures in place to
parse the arguments in case the code is changed in the future with
somebody not paying enough attention.
Also, fix the usage string output to be more consistent across the
suckless toolbase and make it reflect the manpage entry.
- Comments
Use proper block comments and add/change them where necessary
to help in studying the code.
- Error messages
Consistently prepend them with "slock:" and fix wording and
do a proper cleanup before quitting (XCloseDisplay and free
the locks), making the die() semantics consistent with st's.
- getpwuid() error reporting
Properly present an error message if getpwuid() fails.
- fork() error reporting
Properly present an error message if fork() fails. If we cannot
close the connection within the fork context we abort the
operation and report an error.
- execvp() error handling
If execvp fails, we cannot call die() afterwards as this implies
calling exit(). We must use _exit() to prevent the libc from
doing now "illegal" cleanup-work.
Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.
Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero
Changes:
- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
these platforms.
This reverts most of commit a6dc051e3744ce5b14c54d2d246d3e8258207e76 and fixes
some related stuff:
- keep spelling fixes from original commit
- make -h and -v also work when followed by more arguments
- any unknown flag prints usage
- fix output of -v to display "slock: version 1.3" instead of "slock: slock-1.3"
There are 2 arguments why -v and -h are broken:
1) if you are running off git, -v will show the last stable
release, effectively making this option useless.
people running stable versions leave open an attack surface
this way in case there are vulnerabilities found.
99% of the people are also using package managers to keep
their software up to date, instead of running $TOOL -v to
check how old it is.
2) -h is a sad excuse for not just looking at the manual page
(man 1 slock). Given we accept a post_lock_command, we can't
be as liberal and just intercept certain flags.
I changed the manpage to reflect this change.
There really is no need to source a defined variable from a linux
header. The OOM-rank ranges from -1000 to 1000, so we can safely
hardcode -1000, which is a sane thing to do given slock is suid and
we don't want to play around too much here anyway.
On another notice, let's not forget that this still is a shitty
heuristic. The OOM-killer still can kill us (thus I also changed
the wording in the error-message. We do not disable the OOM-killer,
we're just hiding.
- Adds another color in config.def.h, COLOR_INIT
- Renames the colours from numerical ones to ones with meaningful names;
COLOR_INPUT for when there is content in the input buffer and COLOR_EMPTY
for when the input buffer has been cleared (backspaced or a failed attempt).
- Ensures XFreeColors frees the right number of colours. This is now derived
from the size of `Lock->colors` rather than being an integer literal.
- Makes slock exhibit the behaviour described by Markus
The default colours are the same as the ones slock currently uses, with the
exception of the new color, which I have set to red, as it indicates someone
has either failed an attempt to unlock, or that they have entered input and
erased it all.