/*
* vim:ts=4:sw=4:expandtab
*
- * © 2010-2011 Michael Stapelberg
+ * © 2010-2012 Michael Stapelberg
*
* See LICENSE for licensing information
*
#include <X11/keysym.h>
#include <getopt.h>
#include <string.h>
+#include <ev.h>
+#include <sys/mman.h>
+
#ifndef NOLIBCAIRO
#include <cairo.h>
#include "ucs2_to_utf8.h"
#include "xcb.h"
#include "cursors.h"
+#include "unlock_indicator.h"
+#include "xinerama.h"
-static xcb_connection_t *conn;
+char color[7] = "ffffff";
+uint32_t last_resolution[2];
+xcb_window_t win;
static xcb_cursor_t cursor;
static xcb_key_symbols_t *symbols;
-static xcb_screen_t *scr;
static pam_handle_t *pam_handle;
-static int input_position = 0;
-/* holds the password you enter (in UTF-8) */
+int input_position = 0;
+/* Holds the password you enter (in UTF-8). */
static char password[512];
static bool modeswitch_active = false;
static bool iso_level3_shift_active = false;
-static int modeswitchmask;
+static bool iso_level5_shift_active = false;
static int numlockmask;
static bool beep = false;
static bool debug_mode = false;
+static bool dpms = false;
+bool unlock_indicator = true;
+static bool dont_fork = false;
+struct ev_loop *main_loop;
+static struct ev_timer *clear_pam_wrong_timeout;
+extern unlock_state_t unlock_state;
+extern pam_state_t pam_state;
#define DEBUG(fmt, ...) do { \
if (debug_mode) \
} while (0)
#ifndef NOLIBCAIRO
-static cairo_surface_t *img = NULL;
-static bool tile = false;
+cairo_surface_t *img = NULL;
+bool tile = false;
#endif
/*
- * Draws global image with fill color onto a pixmap with the given
- * resolution and returns it.
+ * Clears the memory which stored the password to be a bit safer against
+ * cold-boot attacks.
*
*/
-xcb_pixmap_t draw_image(xcb_visualtype_t *vistype, u_int32_t* resolution, char* color) {
- xcb_pixmap_t bg_pixmap = XCB_NONE;
+static void clear_password_memory() {
+ /* A volatile pointer to the password buffer to prevent the compiler from
+ * optimizing this out. */
+ volatile char *vpassword = password;
+ for (int c = 0; c < sizeof(password); c++)
+ /* We store a non-random pattern which consists of the (irrelevant)
+ * index plus (!) the value of the beep variable. This prevents the
+ * compiler from optimizing the calls away, since the value of 'beep'
+ * is not known at compile-time. */
+ vpassword[c] = c + (int)beep;
+}
-#ifndef NOLIBCAIRO
- if (!img)
- return bg_pixmap;
-
- bg_pixmap = create_bg_pixmap(conn, scr, resolution, color);
- /* Initialize cairo */
- cairo_surface_t *output;
- output = cairo_xcb_surface_create(conn, bg_pixmap, vistype,
- resolution[0], resolution[1]);
- cairo_t *ctx = cairo_create(output);
- if (!tile) {
- cairo_set_source_surface(ctx, img, 0, 0);
- cairo_paint(ctx);
- } else {
- /* create a pattern and fill a rectangle as big as the screen */
- cairo_pattern_t *pattern;
- pattern = cairo_pattern_create_for_surface(img);
- cairo_set_source(ctx, pattern);
- cairo_pattern_set_extend(pattern, CAIRO_EXTEND_REPEAT);
- cairo_rectangle(ctx, 0, 0, resolution[0], resolution[1]);
- cairo_fill(ctx);
- cairo_pattern_destroy(pattern);
- }
- cairo_surface_destroy(output);
- cairo_destroy(ctx);
-#endif
- return bg_pixmap;
+
+/*
+ * Resets pam_state to STATE_PAM_IDLE 2 seconds after an unsuccesful
+ * authentication event.
+ *
+ */
+static void clear_pam_wrong(EV_P_ ev_timer *w, int revents) {
+ DEBUG("clearing pam wrong\n");
+ pam_state = STATE_PAM_IDLE;
+ unlock_state = STATE_STARTED;
+ redraw_screen();
+
+ /* Now free this timeout. */
+ ev_timer_stop(main_loop, clear_pam_wrong_timeout);
+ free(clear_pam_wrong_timeout);
+ clear_pam_wrong_timeout = NULL;
}
static void input_done() {
if (input_position == 0)
return;
- /* TODO: change cursor during authentication? */
+ if (clear_pam_wrong_timeout) {
+ ev_timer_stop(main_loop, clear_pam_wrong_timeout);
+ free(clear_pam_wrong_timeout);
+ clear_pam_wrong_timeout = NULL;
+ }
+
+ pam_state = STATE_PAM_VERIFY;
+ redraw_screen();
+
if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) {
printf("successfully authenticated\n");
+ clear_password_memory();
exit(0);
}
fprintf(stderr, "Authentication failure\n");
+ pam_state = STATE_PAM_WRONG;
+ redraw_screen();
+
+ /* Clear this state after 2 seconds (unless the user enters another
+ * password during that time). */
+ ev_now_update(main_loop);
+ if ((clear_pam_wrong_timeout = calloc(sizeof(struct ev_timer), 1))) {
+ ev_timer_init(clear_pam_wrong_timeout, clear_pam_wrong, 2.0, 0.);
+ ev_timer_start(main_loop, clear_pam_wrong_timeout);
+ }
+
+ /* Cancel the clear_indicator_timeout, it would hide the unlock indicator
+ * too early. */
+ stop_clear_indicator_timeout();
+
/* beep on authentication failure, if enabled */
if (beep) {
xcb_bell(conn, 100);
*
*/
static void handle_key_release(xcb_key_release_event_t *event) {
- DEBUG("releasing key %d, state raw = %d, modeswitch_active = %d, iso_level3_shift_active = %d\n",
- event->detail, event->state, modeswitch_active, iso_level3_shift_active);
+ DEBUG("releasing key %d, state raw = %d, modeswitch_active = %d, iso_level3_shift_active = %d, iso_level5_shift_active = %d\n",
+ event->detail, event->state, modeswitch_active, iso_level3_shift_active, iso_level5_shift_active);
/* We don’t care about the column here and just use the first symbol. Since
* we only check for Mode_switch and ISO_Level3_Shift, this *should* work.
modeswitch_active = false;
} else if (sym == XK_ISO_Level3_Shift) {
iso_level3_shift_active = false;
+ } else if (sym == XK_ISO_Level5_Shift) {
+ iso_level5_shift_active = false;
}
- DEBUG("release done. modeswitch_active = %d, iso_level3_shift_active = %d\n",
- modeswitch_active, iso_level3_shift_active);
+ DEBUG("release done. modeswitch_active = %d, iso_level3_shift_active = %d, iso_level5_shift_active = %d\n",
+ modeswitch_active, iso_level3_shift_active, iso_level5_shift_active);
+}
+
+static void redraw_timeout(EV_P_ ev_timer *w, int revents) {
+ redraw_screen();
+
+ ev_timer_stop(main_loop, w);
+ free(w);
}
/*
base_column = 2;
if (iso_level3_shift_active)
base_column = 4;
+ if (iso_level5_shift_active)
+ base_column = 6;
sym0 = xcb_key_press_lookup_keysym(symbols, event, base_column);
sym1 = xcb_key_press_lookup_keysym(symbols, event, base_column + 1);
switch (sym0) {
DEBUG("ISO_Level3_Shift enabled\n");
iso_level3_shift_active = true;
return;
+ case XK_ISO_Level5_Shift:
+ DEBUG("ISO_Level5_Shift enabled\n");
+ iso_level5_shift_active = true;
+ return;
case XK_Return:
case XK_KP_Enter:
input_done();
case XK_Escape:
input_position = 0;
+ clear_password_memory();
password[input_position] = '\0';
return;
/* decrement input_position to point to the previous glyph */
u8_dec(password, &input_position);
password[input_position] = '\0';
+
+ /* Clear this state after 2 seconds (unless the user enters another
+ * password during that time). */
+ start_clear_indicator_timeout();
+ unlock_state = STATE_BACKSPACE_ACTIVE;
+ redraw_screen();
+ unlock_state = STATE_KEY_PRESSED;
//printf("new input position = %d, new password = %s\n", input_position, password);
return;
}
input_position += convert_ucs_to_utf8((char*)inp, password + input_position);
password[input_position] = '\0';
DEBUG("current password = %s\n", password);
+
+ unlock_state = STATE_KEY_ACTIVE;
+ redraw_screen();
+ unlock_state = STATE_KEY_PRESSED;
+
+ struct ev_timer *timeout = calloc(sizeof(struct ev_timer), 1);
+ if (timeout) {
+ ev_timer_init(timeout, redraw_timeout, 0.25, 0.);
+ ev_timer_start(main_loop, timeout);
+ }
+
+ stop_clear_indicator_timeout();
}
/*
static void handle_mapping_notify(xcb_mapping_notify_event_t *event) {
xcb_refresh_keyboard_mapping(symbols, event);
- modeswitchmask = get_mod_mask(conn, symbols, XK_Mode_switch);
numlockmask = get_mod_mask(conn, symbols, XK_Num_Lock);
}
* and also redraw the image, if any.
*
*/
-void handle_screen_resize(xcb_visualtype_t *vistype, xcb_window_t win, uint32_t* last_resolution, char* color) {
+void handle_screen_resize() {
xcb_get_geometry_cookie_t geomc;
xcb_get_geometry_reply_t *geom;
- geomc = xcb_get_geometry(conn, scr->root);
- if ((geom = xcb_get_geometry_reply(conn, geomc, 0)) == NULL) {
- return;
- }
+ geomc = xcb_get_geometry(conn, screen->root);
+ if ((geom = xcb_get_geometry_reply(conn, geomc, 0)) == NULL)
+ return;
- if (last_resolution[0] == geom->width && last_resolution[1] == geom->height)
- return;
+ if (last_resolution[0] == geom->width &&
+ last_resolution[1] == geom->height) {
+ free(geom);
+ return;
+ }
last_resolution[0] = geom->width;
last_resolution[1] = geom->height;
+ free(geom);
+
#ifndef NOLIBCAIRO
- if (img) {
- xcb_pixmap_t bg_pixmap = draw_image(vistype, last_resolution, color);
- xcb_change_window_attributes(conn, win, XCB_CW_BACK_PIXMAP, (uint32_t[1]){ bg_pixmap });
- }
+ redraw_screen();
#endif
uint32_t mask = XCB_CONFIG_WINDOW_WIDTH | XCB_CONFIG_WINDOW_HEIGHT;
return 0;
}
+/*
+ * This callback is only a dummy, see xcb_prepare_cb and xcb_check_cb.
+ * See also man libev(3): "ev_prepare" and "ev_check" - customise your event loop
+ *
+ */
+static void xcb_got_event(EV_P_ struct ev_io *w, int revents) {
+ /* empty, because xcb_prepare_cb and xcb_check_cb are used */
+}
+
+/*
+ * Flush before blocking (and waiting for new events)
+ *
+ */
+static void xcb_prepare_cb(EV_P_ ev_prepare *w, int revents) {
+ xcb_flush(conn);
+}
+
+/*
+ * Instead of polling the X connection socket we leave this to
+ * xcb_poll_for_event() which knows better than we can ever know.
+ *
+ */
+static void xcb_check_cb(EV_P_ ev_check *w, int revents) {
+ xcb_generic_event_t *event;
+
+ while ((event = xcb_poll_for_event(conn)) != NULL) {
+ if (event->response_type == 0) {
+ xcb_generic_error_t *error = (xcb_generic_error_t*)event;
+ fprintf(stderr, "X11 Error received! sequence 0x%x, error_code = %d\n",
+ error->sequence, error->error_code);
+ free(event);
+ continue;
+ }
+
+ /* Strip off the highest bit (set if the event is generated) */
+ int type = (event->response_type & 0x7F);
+ switch (type) {
+ case XCB_KEY_PRESS:
+ handle_key_press((xcb_key_press_event_t*)event);
+ break;
+
+ case XCB_KEY_RELEASE:
+ handle_key_release((xcb_key_release_event_t*)event);
+
+ /* If this was the backspace or escape key we are back at an
+ * empty input, so turn off the screen if DPMS is enabled */
+ if (dpms && input_position == 0)
+ dpms_turn_off_screen(conn);
+
+ break;
+
+ case XCB_VISIBILITY_NOTIFY:
+ handle_visibility_notify((xcb_visibility_notify_event_t*)event);
+ break;
+
+ case XCB_MAP_NOTIFY:
+ if (!dont_fork) {
+ /* After the first MapNotify, we never fork again. We don’t
+ * expect to get another MapNotify, but better be sure… */
+ dont_fork = true;
+
+ /* In the parent process, we exit */
+ if (fork() != 0)
+ exit(0);
+ }
+ break;
+
+ case XCB_MAPPING_NOTIFY:
+ handle_mapping_notify((xcb_mapping_notify_event_t*)event);
+ break;
+
+ case XCB_CONFIGURE_NOTIFY:
+ handle_screen_resize();
+ break;
+ }
+
+ free(event);
+ }
+}
+
int main(int argc, char *argv[]) {
- bool dont_fork = false;
- bool dpms = false;
- char color[7] = "ffffff";
char *username;
#ifndef NOLIBCAIRO
char *image_path = NULL;
#endif
int ret;
struct pam_conv conv = {conv_callback, NULL};
- int screen;
- xcb_visualtype_t *vistype;
- xcb_generic_event_t *event;
- xcb_window_t win;
+ int nscreen;
int curs_choice = CURS_NONE;
char o;
int optind = 0;
{"color", required_argument, NULL, 'c'},
{"pointer", required_argument, NULL , 'p'},
{"debug", no_argument, NULL, 0},
+ {"help", no_argument, NULL, 'h'},
+ {"no-unlock-indicator", no_argument, NULL, 'u'},
#ifndef NOLIBCAIRO
{"image", required_argument, NULL, 'i'},
{"tiling", no_argument, NULL, 't'},
if ((username = getenv("USER")) == NULL)
errx(1, "USER environment variable not set, please set it.\n");
- while ((o = getopt_long(argc, argv, "vnbdc:p:"
+ while ((o = getopt_long(argc, argv, "hvnbdc:p:u"
#ifndef NOLIBCAIRO
"i:t"
#endif
, longopts, &optind)) != -1) {
switch (o) {
case 'v':
- errx(EXIT_SUCCESS, "version " VERSION " © 2010-2011 Michael Stapelberg");
+ errx(EXIT_SUCCESS, "version " VERSION " © 2010-2012 Michael Stapelberg");
case 'n':
dont_fork = true;
break;
break;
}
+ case 'u':
+ unlock_indicator = false;
+ break;
#ifndef NOLIBCAIRO
case 'i':
image_path = strdup(optarg);
debug_mode = true;
break;
default:
- errx(1, "i3lock: Unknown option. Syntax: i3lock [-v] [-n] [-b] [-d] [-c color] [-p win|default]"
+ errx(1, "Syntax: i3lock [-v] [-n] [-b] [-d] [-c color] [-u] [-p win|default]"
#ifndef NOLIBCAIRO
" [-i image.png] [-t]"
#else
" (compiled with NOLIBCAIRO)"
#endif
- "\n");
+ );
}
}
+ /* We need (relatively) random numbers for highlighting a random part of
+ * the unlock indicator upon keypresses. */
+ srand(time(NULL));
+
/* Initialize PAM */
ret = pam_start("i3lock", username, &conv, &pam_handle);
if (ret != PAM_SUCCESS)
- errx(EXIT_FAILURE, "PAM: %s\n", pam_strerror(pam_handle, ret));
+ errx(EXIT_FAILURE, "PAM: %s", pam_strerror(pam_handle, ret));
+
+ /* Lock the area where we store the password in memory, we don’t want it to
+ * be swapped to disk. Since Linux 2.6.9, this does not require any
+ * privileges, just enough bytes in the RLIMIT_MEMLOCK limit. */
+ if (mlock(password, sizeof(password)) != 0)
+ err(EXIT_FAILURE, "Could not lock page in memory, check RLIMIT_MEMLOCK");
/* Initialize connection to X11 */
- if ((conn = xcb_connect(NULL, &screen)) == NULL ||
+ if ((conn = xcb_connect(NULL, &nscreen)) == NULL ||
xcb_connection_has_error(conn))
errx(EXIT_FAILURE, "Could not connect to X11, maybe you need to set DISPLAY?");
- if (!dont_fork) {
- /* In the parent process, we exit */
- if (fork() != 0)
- return 0;
- }
+ xinerama_init();
+ xinerama_query_screens();
/* if DPMS is enabled, check if the X server really supports it */
if (dpms) {
xcb_dpms_capable_cookie_t dpmsc = xcb_dpms_capable(conn);
xcb_dpms_capable_reply_t *dpmsr;
- if ((dpmsr = xcb_dpms_capable_reply(conn, dpmsc, NULL)) && !dpmsr->capable) {
- fprintf(stderr, "Disabling DPMS, X server not DPMS capable\n");
- dpms = false;
+ if ((dpmsr = xcb_dpms_capable_reply(conn, dpmsc, NULL))) {
+ if (!dpmsr->capable) {
+ fprintf(stderr, "Disabling DPMS, X server not DPMS capable\n");
+ dpms = false;
+ }
+ free(dpmsr);
}
}
- scr = xcb_setup_roots_iterator(xcb_get_setup(conn)).data;
- vistype = get_root_visual_type(scr);
-
- uint32_t last_resolution[2] = {scr->width_in_pixels, scr->height_in_pixels};
+ screen = xcb_setup_roots_iterator(xcb_get_setup(conn)).data;
+ last_resolution[0] = screen->width_in_pixels;
+ last_resolution[1] = screen->height_in_pixels;
#ifndef NOLIBCAIRO
#endif
/* Pixmap on which the image is rendered to (if any) */
- xcb_pixmap_t bg_pixmap = draw_image(vistype, last_resolution, color);
+ xcb_pixmap_t bg_pixmap = draw_image(last_resolution);
/* open the fullscreen window, already with the correct pixmap in place */
- win = open_fullscreen_window(conn, scr, color, bg_pixmap);
+ win = open_fullscreen_window(conn, screen, color, bg_pixmap);
+ xcb_free_pixmap(conn, bg_pixmap);
- cursor = create_cursor(conn, scr, win, curs_choice);
+ cursor = create_cursor(conn, screen, win, curs_choice);
- grab_pointer_and_keyboard(conn, scr, cursor);
+ grab_pointer_and_keyboard(conn, screen, cursor);
symbols = xcb_key_symbols_alloc(conn);
- modeswitchmask = get_mod_mask(conn, symbols, XK_Mode_switch);
numlockmask = get_mod_mask(conn, symbols, XK_Num_Lock);
if (dpms)
dpms_turn_off_screen(conn);
- while ((event = xcb_wait_for_event(conn))) {
- if (event->response_type == 0)
- errx(1, "XCB: Invalid event received");
-
- /* Strip off the highest bit (set if the event is generated) */
- int type = (event->response_type & 0x7F);
+ /* Initialize the libev event loop. */
+ main_loop = EV_DEFAULT;
+ if (main_loop == NULL)
+ errx(EXIT_FAILURE, "Could not initialize libev. Bad LIBEV_FLAGS?\n");
- if (type == XCB_KEY_PRESS) {
- handle_key_press((xcb_key_press_event_t*)event);
- continue;
- }
+ struct ev_io *xcb_watcher = calloc(sizeof(struct ev_io), 1);
+ struct ev_check *xcb_check = calloc(sizeof(struct ev_check), 1);
+ struct ev_prepare *xcb_prepare = calloc(sizeof(struct ev_prepare), 1);
- if (type == XCB_KEY_RELEASE) {
- handle_key_release((xcb_key_release_event_t*)event);
+ ev_io_init(xcb_watcher, xcb_got_event, xcb_get_file_descriptor(conn), EV_READ);
+ ev_io_start(main_loop, xcb_watcher);
- /* If this was the backspace or escape key we are back at an
- * empty input, so turn off the screen if DPMS is enabled */
- if (dpms && input_position == 0)
- dpms_turn_off_screen(conn);
+ ev_check_init(xcb_check, xcb_check_cb);
+ ev_check_start(main_loop, xcb_check);
- continue;
- }
-
- if (type == XCB_VISIBILITY_NOTIFY) {
- handle_visibility_notify((xcb_visibility_notify_event_t*)event);
- continue;
- }
+ ev_prepare_init(xcb_prepare, xcb_prepare_cb);
+ ev_prepare_start(main_loop, xcb_prepare);
- if (type == XCB_MAPPING_NOTIFY) {
- handle_mapping_notify((xcb_mapping_notify_event_t*)event);
- continue;
- }
-
- if (type == XCB_CONFIGURE_NOTIFY) {
- handle_screen_resize(vistype, win, last_resolution, color);
- continue;
- }
-
- printf("WARNING: unhandled event of type %d\n", type);
- }
-
- return 0;
+ xcb_flush(conn);
+ ev_loop(main_loop, 0);
}