fa115895 — Markus Teich 4 years ago 1.4
bump version
d5da84cf — Markus Teich 4 years ago
add arg.h and util.h to Makefile
ae96836f — Markus Teich 4 years ago
clarify colors in config.def.h
7d31ff65 — Markus Teich 4 years ago
move config.h inclusion after type declarations
59746954 — Laslo Hunhold 4 years ago
Unboolify slock.c
c96e725d — FRIGN 4 years ago
Use explicit strcmp() instead of inlining it

Makes it a tad more readable; the previous "optimization" will be done
by the compiler anyway.
6a1bd896 — FRIGN 4 years ago
No need for oldc to be static
b099d2fd — FRIGN 4 years ago
Use NUL character constant explicitly
0a43b78d — FRIGN 4 years ago
Keep the line-lengths at bay

This makes the code more readable and prevents wraparounds in the
bd069b08 — FRIGN 4 years ago
Add a section on security considerations

The section on security considerations sheds some light on the problems that we
can't solve within slock but which the user has to solve in his X configuration.
2d85c5ba — Markus Teich 4 years ago
remove confusing DPMS comment

FRIGN on hackers@suckless.org:
What has been bugging me for quite a while is this DPMS comment that was added
there for no reason. Every sane mind would agree that fiddling with DPMS makes
no sense whatsoever. When I slock, my screen turns off after 10 minutes. So, if
I don't like that, I disable DPMS. If I do, I just fiddle around with my mouse a
bit and get the slock promt.
a98fba89 — Markus Teich 4 years ago
error out early on crypt() fail
dc2e8e83 — FRIGN 4 years ago
Stop using $USER for shadow entries

This was extremely bad practice, effectively making the program behave
different depending on which architecture you are running it on.

OpenBSD offers getpwuid_shadow, but there is no getspuid for getspnam,
so we resort to using the pw_name entry in the struct passwd we filled

This prevents slock from crashing when $USER is empty (easy to do). If
you want to run slock as a different user, don't use

	$ USER="tom" slock

but doas or sudo which were designed for this purpose.
9a617db7 — FRIGN 4 years ago
Rename getpw() and pws to gethash() and hash
b00f444a — FRIGN 4 years ago
Remove cleanup and deglobalize and rework data structures

The cleanup removal is a joint-venture with Markus. We assume the X server does
the cleanup, so we don't need it. The idea is that the fds are closed at exit
and thus already indicate to the X server that the client has quit. Analogously
the same applies to freeing memory sections previously allocated for the X

We love XXXXXL burgers and therefore removed
Lines of Code.

For a project like slock there is no need to carry around global state. By
moving the three structures to main() it is now clear which functions modify
which state, greatly improving the readability of the code, especially given
slock is a suid program.
cd3c546c — Quentin Rameau 4 years ago
config.mk: be more explicative about FLAGS

Group each *FLAG with its description and add a NetBSD specific.
22eba05f — FRIGN 4 years ago
Ensure Polyphemus-Mitigation and properly drop privileges

Don't hide privilege drops inside readpw() and actually make it
configurable what you are dropping to in config.h.

The privilege drop comes after opening the Display because the
user "nobody" with "nogroup" can't do that.

So why do I call this strategy the Polyphemus-Mitigation?

After the giant returns in the evening and eats two more of the men,
Odysseus offers Polyphemus some strong and undiluted wine given to him
earlier on his journey. Drunk and unwary, the giant asks Odysseus his
name, promising him a guest-gift if he answers. Odysseus tells him
"Οὖτις", which means "nobody" and Polyphemus promises to eat this
"Nobody" last of all. With that, he falls into a drunken sleep. Odysseus
had meanwhile hardened a wooden stake in the fire and now drives it into
Polyphemus' eye. When Polyphemus shouts for help from his fellow giants,
saying that "Nobody" has hurt him, they think Polyphemus is being
afflicted by divine power and recommend prayer as the answer.

(source: https://en.wikipedia.org/wiki/Polyphemus)
04143fd6 — Quentin Rameau 4 years ago
Unify how we check passwords between different OSes
96982240 — Markus Teich 4 years ago
make error message prefix consistent
a55594fd — Markus Teich 4 years ago
increasing for loops are idiomatic