Attachment #167125 for bug #207289

Lines 2-9 Link Here

(-)slock/Makefile (-2 / +1 lines)
2	# $FreeBSD$	2	# $FreeBSD$
3		3
4	PORTNAME= slock	4	PORTNAME= slock
5	PORTVERSION= 1.2	5	PORTVERSION= 1.3
6	PORTREVISION= 1
7	CATEGORIES= x11	6	CATEGORIES= x11
8	MASTER_SITES= http://dl.suckless.org/tools/	7	MASTER_SITES= http://dl.suckless.org/tools/
9		8

Lines 1-2 Link Here

(-)slock/distinfo (-2 / +2 lines)
1	SHA256 (slock-1.2.tar.gz) = 3402658f890a88da3f34db04fca1783ed549ade45c2ebb8d8f0cd2b549f633b3	1	SHA256 (slock-1.3.tar.gz) = bab4a3aea4046aa0fd0361c3649b79b90ca531bc5dfae3c4a6c0fe436152bd18
2	SIZE (slock-1.2.tar.gz) = 4853	2	SIZE (slock-1.3.tar.gz) = 5943

Line 0 Link Here

(-)slock/files/patch-config.mk (+11 lines)
	1	--- config.mk.orig 2013-10-09 16:23:24.000000000 +0200
	2	+++ config.mk 2013-10-09 16:25:18.000000000 +0200
	3	@@ -18,6 +18,9 @@
	4	CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
	5	LDFLAGS = -s ${LIBS}
	6
	7	+# To enable PAM-based authentication, remove -DHAVE_SHADOW_H from CPPFLAGS
	8	+# and add -DHAVE_PAM instead. Also, add -lpam to LDFLAGS.
	9	+#
	10	# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
	11	# On OpenBSD and Darwin remove -lcrypt from LIBS




--- config.mk.orig	2013-10-09 16:23:24.000000000 +0200
+++ config.mk	2013-10-09 16:25:18.000000000 +0200
@@ -18,6 +18,9 @@
 CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
 LDFLAGS = -s ${LIBS}
 
+# To enable PAM-based authentication, remove -DHAVE_SHADOW_H from CPPFLAGS
+# and add -DHAVE_PAM instead. Also, add -lpam to LDFLAGS.
+#
 # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
 # On OpenBSD and Darwin remove -lcrypt from LIBS
 
--- slock.c.orig	2013-10-09 16:23:14.000000000 +0200
+++ slock.c	2013-10-09 16:23:18.000000000 +0200
@@ -23,6 +23,10 @@
 #include <bsd_auth.h>
 #endif
 
+#if HAVE_PAM
+#include <security/pam_appl.h>
+#endif
+
 typedef struct {
 	int screen;
 	Window root, win;
@@ -44,7 +48,7 @@
 	exit(EXIT_FAILURE);
 }
 
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 static const char *
 getpw(void) { /* only run as root */
 	const char *rval;
@@ -74,8 +78,41 @@
 }
 #endif
 
+#ifdef HAVE_PAM
+static int
+slock_conv (int nof_msg, const struct pam_message **msg, struct pam_response **resp, void *data) {
+	struct pam_response *r = calloc (nof_msg, sizeof **resp);
+	if (r == NULL) {
+		die("slock: malloc: %s", strerror(errno));
+	}
+
+	while (nof_msg--) {
+		r[nof_msg].resp_retcode = 0;
+		r[nof_msg].resp = strdup (data);
+	}
+
+	*resp = r;
+
+	return PAM_SUCCESS;
+}
+
+static int
+auth_pam (const char *user, char *pass) {
+	static struct pam_conv conv = {slock_conv, NULL};
+	pam_handle_t *ph;
+
+	conv.appdata_ptr = pass;
+
+	if (pam_start("slock", user, &conv, &ph) != PAM_SUCCESS) {
+		die("slock: pam_start");
+	}
+
+	return (pam_authenticate(ph, 0) == PAM_SUCCESS);
+}
+#endif
+
 static void
-#ifdef HAVE_BSD_AUTH
+#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
 readpw(Display *dpy)
 #else
 readpw(Display *dpy, const char *pws)
@@ -111,8 +148,10 @@
 			switch(ksym) {
 			case XK_Return:
 				passwd[len] = 0;
-#ifdef HAVE_BSD_AUTH
+#if defined (HAVE_BSD_AUTH)
 				running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
+#elif defined (HAVE_PAM)
+				running = !auth_pam(getlogin(), passwd);
 #else
 				running = strcmp(crypt(passwd, pws), pws);
 #endif
@@ -233,7 +272,7 @@
 
 int
 main(int argc, char **argv) {
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 	const char *pws;
 #endif
 	Display *dpy;
@@ -247,7 +286,7 @@
 	if(!getpwuid(getuid()))
 		die("slock: no passwd entry for you");
 
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 	pws = getpw();
 #endif
 
@@ -273,7 +312,7 @@
 	}
 
 	/* Everything is now blank. Now wait for the correct password. */
-#ifdef HAVE_BSD_AUTH
+#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
 	readpw(dpy);
 #else
 	readpw(dpy, pws);




--- slock.c.orig	2016-02-17 12:36:44.640577000 -0800
+++ slock.c	2016-02-17 12:48:20.966625000 -0800
@@ -23,6 +23,10 @@
 #include <bsd_auth.h>
 #endif
 
+#if HAVE_PAM
+#include <security/pam_appl.h>
+#endif
+
 enum {
 	INIT,
 	INPUT,
@@ -85,7 +89,7 @@
 }
 #endif
 
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 /* only run as root */
 static const char *
 getpw(void)
@@ -119,8 +123,41 @@
 }
 #endif
 
+#ifdef HAVE_PAM
+static int
+slock_conv (int nof_msg, const struct pam_message **msg, struct pam_response **resp, void *data) {
+	struct pam_response *r = calloc (nof_msg, sizeof **resp);
+	if (r == NULL) {
+		die("slock: malloc: %s", strerror(errno));
+	}
+
+	while (nof_msg--) {
+		r[nof_msg].resp_retcode = 0;
+		r[nof_msg].resp = strdup (data);
+	}
+
+	*resp = r;
+
+	return PAM_SUCCESS;
+}
+
+static int
+auth_pam (const char *user, char *pass) {
+	static struct pam_conv conv = {slock_conv, NULL};
+	pam_handle_t *ph;
+
+	conv.appdata_ptr = pass;
+
+	if (pam_start("slock", user, &conv, &ph) != PAM_SUCCESS) {
+		die("slock: pam_start");
+	}
+
+	return (pam_authenticate(ph, 0) == PAM_SUCCESS);
+}
+#endif
+
 static void
-#ifdef HAVE_BSD_AUTH
+#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
 readpw(Display *dpy)
 #else
 readpw(Display *dpy, const char *pws)
@@ -159,8 +196,10 @@
 			switch (ksym) {
 			case XK_Return:
 				passwd[len] = 0;
-#ifdef HAVE_BSD_AUTH
+#if defined (HAVE_BSD_AUTH)
 				running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
+#elif defined (HAVE_PAM)
+				running = !auth_pam(getlogin(), passwd);
 #else
 				running = !!strcmp(crypt(passwd, pws), pws);
 #endif
@@ -289,7 +328,7 @@
 
 int
 main(int argc, char **argv) {
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 	const char *pws;
 #endif
 	Display *dpy;
@@ -308,7 +347,7 @@
 	if (!getpwuid(getuid()))
 		die("slock: no passwd entry for you\n");
 
-#ifndef HAVE_BSD_AUTH
+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
 	pws = getpw();
 #endif
 
@@ -341,7 +380,7 @@
 	}
 
 	/* Everything is now blank. Now wait for the correct password. */
-#ifdef HAVE_BSD_AUTH
+#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
 	readpw(dpy);
 #else
 	readpw(dpy, pws);

Line 1 Link Here

(-)slock/pkg-plist (+1 lines)
1	@(,,4755) bin/slock	1	@(,,4755) bin/slock
		2	man/man1/slock.1.gz

Return to bug 207289

Lines 1-116 Link Here

(-)slock/files/patch-pam (-116 lines)
1	--- config.mk.orig 2013-10-09 16:23:24.000000000 +0200
2	+++ config.mk 2013-10-09 16:25:18.000000000 +0200
3	@@ -18,6 +18,9 @@
4	CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
5	LDFLAGS = -s ${LIBS}
6
7	+# To enable PAM-based authentication, remove -DHAVE_SHADOW_H from CPPFLAGS
8	+# and add -DHAVE_PAM instead. Also, add -lpam to LDFLAGS.
9	+#
10	# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
11	# On OpenBSD and Darwin remove -lcrypt from LIBS
12
13	--- slock.c.orig 2013-10-09 16:23:14.000000000 +0200
14	+++ slock.c 2013-10-09 16:23:18.000000000 +0200
15	@@ -23,6 +23,10 @@
16	#include <bsd_auth.h>
17	#endif
18
19	+#if HAVE_PAM
20	+#include <security/pam_appl.h>
21	+#endif
22	+
23	typedef struct {
24	int screen;
25	Window root, win;
26	@@ -44,7 +48,7 @@
27	exit(EXIT_FAILURE);
28	}
29
30	-#ifndef HAVE_BSD_AUTH
31	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
32	static const char *
33	getpw(void) { /* only run as root */
34	const char *rval;
35	@@ -74,8 +78,41 @@
36	}
37	#endif
38
39	+#ifdef HAVE_PAM
40	+static int
41	+slock_conv (int nof_msg, const struct pam_message msg, struct pam_response resp, void *data) {
42	+ struct pam_response r = calloc (nof_msg, sizeof *resp);
43	+ if (r == NULL) {
44	+ die("slock: malloc: %s", strerror(errno));
45	+ }
46	+
47	+ while (nof_msg--) {
48	+ r[nof_msg].resp_retcode = 0;
49	+ r[nof_msg].resp = strdup (data);
50	+ }
51	+
52	+ *resp = r;
53	+
54	+ return PAM_SUCCESS;
55	+}
56	+
57	+static int
58	+auth_pam (const char user, char pass) {
59	+ static struct pam_conv conv = {slock_conv, NULL};
60	+ pam_handle_t *ph;
61	+
62	+ conv.appdata_ptr = pass;
63	+
64	+ if (pam_start("slock", user, &conv, &ph) != PAM_SUCCESS) {
65	+ die("slock: pam_start");
66	+ }
67	+
68	+ return (pam_authenticate(ph, 0) == PAM_SUCCESS);
69	+}
70	+#endif
71	+
72	static void
73	-#ifdef HAVE_BSD_AUTH
74	+#if defined(HAVE_BSD_AUTH) \|\| defined(HAVE_PAM)
75	readpw(Display *dpy)
76	#else
77	readpw(Display dpy, const char pws)
78	@@ -111,8 +148,10 @@
79	switch(ksym) {
80	case XK_Return:
81	passwd[len] = 0;
82	-#ifdef HAVE_BSD_AUTH
83	+#if defined (HAVE_BSD_AUTH)
84	running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
85	+#elif defined (HAVE_PAM)
86	+ running = !auth_pam(getlogin(), passwd);
87	#else
88	running = strcmp(crypt(passwd, pws), pws);
89	#endif
90	@@ -233,7 +272,7 @@
91
92	int
93	main(int argc, char **argv) {
94	-#ifndef HAVE_BSD_AUTH
95	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
96	const char *pws;
97	#endif
98	Display *dpy;
99	@@ -247,7 +286,7 @@
100	if(!getpwuid(getuid()))
101	die("slock: no passwd entry for you");
102
103	-#ifndef HAVE_BSD_AUTH
104	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
105	pws = getpw();
106	#endif
107
108	@@ -273,7 +312,7 @@
109	}
110
111	/* Everything is now blank. Now wait for the correct password. */
112	-#ifdef HAVE_BSD_AUTH
113	+#if defined(HAVE_BSD_AUTH) \|\| defined(HAVE_PAM)
114	readpw(dpy);
115	#else
116	readpw(dpy, pws);

Line 0 Link Here

(-)slock/files/patch-slock.c (+104 lines)
		1	--- slock.c.orig 2016-02-17 12:36:44.640577000 -0800
		2	+++ slock.c 2016-02-17 12:48:20.966625000 -0800
		3	@@ -23,6 +23,10 @@
		4	#include <bsd_auth.h>
		5	#endif
		6
		7	+#if HAVE_PAM
		8	+#include <security/pam_appl.h>
		9	+#endif
		10	+
		11	enum {
		12	INIT,
		13	INPUT,
		14	@@ -85,7 +89,7 @@
		15	}
		16	#endif
		17
		18	-#ifndef HAVE_BSD_AUTH
		19	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
		20	/* only run as root */
		21	static const char *
		22	getpw(void)
		23	@@ -119,8 +123,41 @@
		24	}
		25	#endif
		26
		27	+#ifdef HAVE_PAM
		28	+static int
		29	+slock_conv (int nof_msg, const struct pam_message msg, struct pam_response resp, void *data) {
		30	+ struct pam_response r = calloc (nof_msg, sizeof *resp);
		31	+ if (r == NULL) {
		32	+ die("slock: malloc: %s", strerror(errno));
		33	+ }
		34	+
		35	+ while (nof_msg--) {
		36	+ r[nof_msg].resp_retcode = 0;
		37	+ r[nof_msg].resp = strdup (data);
		38	+ }
		39	+
		40	+ *resp = r;
		41	+
		42	+ return PAM_SUCCESS;
		43	+}
		44	+
		45	+static int
		46	+auth_pam (const char user, char pass) {
		47	+ static struct pam_conv conv = {slock_conv, NULL};
		48	+ pam_handle_t *ph;
		49	+
		50	+ conv.appdata_ptr = pass;
		51	+
		52	+ if (pam_start("slock", user, &conv, &ph) != PAM_SUCCESS) {
		53	+ die("slock: pam_start");
		54	+ }
		55	+
		56	+ return (pam_authenticate(ph, 0) == PAM_SUCCESS);
		57	+}
		58	+#endif
		59	+
		60	static void
		61	-#ifdef HAVE_BSD_AUTH
		62	+#if defined(HAVE_BSD_AUTH) \|\| defined(HAVE_PAM)
		63	readpw(Display *dpy)
		64	#else
65	readpw(Display dpy, const char pws)
66	@@ -159,8 +196,10 @@
67	switch (ksym) {
68	case XK_Return:
69	passwd[len] = 0;
70	-#ifdef HAVE_BSD_AUTH
71	+#if defined (HAVE_BSD_AUTH)
72	running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
73	+#elif defined (HAVE_PAM)
74	+ running = !auth_pam(getlogin(), passwd);
75	#else
76	running = !!strcmp(crypt(passwd, pws), pws);
77	#endif
78	@@ -289,7 +328,7 @@
79
80	int
81	main(int argc, char **argv) {
82	-#ifndef HAVE_BSD_AUTH
83	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
84	const char *pws;
85	#endif
86	Display *dpy;
87	@@ -308,7 +347,7 @@
88	if (!getpwuid(getuid()))
89	die("slock: no passwd entry for you\n");
90
91	-#ifndef HAVE_BSD_AUTH
92	+#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
93	pws = getpw();
94	#endif
95
96	@@ -341,7 +380,7 @@
97	}
98
99	/* Everything is now blank. Now wait for the correct password. */
100	-#ifdef HAVE_BSD_AUTH
101	+#if defined(HAVE_BSD_AUTH) \|\| defined(HAVE_PAM)
102	readpw(dpy);
103	#else
104	readpw(dpy, pws);