Xinqi Bao's Git

projects / slock.git / blob
summary | log | commit | diff | tree
history | raw | HEAD
fix CVE-2016-6866
[slock.git] / slock.c
1 /* See LICENSE file for license details. */
2 #define _XOPEN_SOURCE 500
3 #if HAVE_SHADOW_H
4 #include <shadow.h>
5 #endif
6
7 #include <ctype.h>
8 #include <errno.h>
9 #include <pwd.h>
10 #include <stdarg.h>
11 #include <stdlib.h>
12 #include <stdio.h>
13 #include <string.h>
14 #include <unistd.h>
15 #include <sys/types.h>
16 #include <X11/extensions/Xrandr.h>
17 #include <X11/keysym.h>
18 #include <X11/Xlib.h>
19 #include <X11/Xutil.h>
20
21 #if HAVE_BSD_AUTH
22 #include <login_cap.h>
23 #include <bsd_auth.h>
24 #endif
25
26 #include "arg.h"
27 #include "util.h"
28
29 char *argv0;
30
31 enum {
32 INIT,
33 INPUT,
34 FAILED,
35 NUMCOLS
36 };
37
38 #include "config.h"
39
40 typedef struct {
41 int screen;
42 Window root, win;
43 Pixmap pmap;
44 unsigned long colors[NUMCOLS];
45 } Lock;
46
47 static Lock **locks;
48 static int nscreens;
49 static Bool running = True;
50 static Bool failure = False;
51 static Bool rr;
52 static int rrevbase;
53 static int rrerrbase;
54
55 static void
56 die(const char *errstr, ...)
57 {
58 va_list ap;
59
60 va_start(ap, errstr);
61 vfprintf(stderr, errstr, ap);
62 va_end(ap);
63 exit(1);
64 }
65
66 #ifdef __linux__
67 #include <fcntl.h>
68
69 static void
70 dontkillme(void)
71 {
72 int fd;
73
74 fd = open("/proc/self/oom_score_adj", O_WRONLY);
75 if (fd < 0 && errno == ENOENT) {
76 return;
77 }
78 if (fd < 0 || write(fd, "-1000\n", (sizeof("-1000\n") - 1)) !=
79 (sizeof("-1000\n") - 1) || close(fd) != 0) {
80 die("can't tame the oom-killer. is suid or sgid set?\n");
81 }
82 }
83 #endif
84
85 #ifndef HAVE_BSD_AUTH
86 /* only run as root */
87 static const char *
88 getpw(void)
89 {
90 const char *rval;
91 struct passwd *pw;
92
93 errno = 0;
94 if (!(pw = getpwuid(getuid()))) {
95 if (errno)
96 die("getpwuid: %s\n", strerror(errno));
97 else
98 die("cannot retrieve password entry\n");
99 }
100 rval = pw->pw_passwd;
101
102 #if HAVE_SHADOW_H
103 if (rval[0] == 'x' && rval[1] == '\0') {
104 struct spwd *sp;
105 if (!(sp = getspnam(getenv("USER"))))
106 die("cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
107 rval = sp->sp_pwdp;
108 }
109 #endif
110
111 /* drop privileges */
112 if (geteuid() == 0 &&
113 ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0))
114 die("cannot drop privileges\n");
115 return rval;
116 }
117 #endif
118
119 static void
120 #ifdef HAVE_BSD_AUTH
121 readpw(Display *dpy)
122 #else
123 readpw(Display *dpy, const char *pws)
124 #endif
125 {
126 char buf[32], passwd[256], *encrypted;
127 int num, screen;
128 unsigned int len, color;
129 KeySym ksym;
130 XEvent ev;
131 static int oldc = INIT;
132
133 len = 0;
134 running = True;
135
136 /* As "slock" stands for "Simple X display locker", the DPMS settings
137 * had been removed and you can set it with "xset" or some other
138 * utility. This way the user can easily set a customized DPMS
139 * timeout. */
140 while (running && !XNextEvent(dpy, &ev)) {
141 if (ev.type == KeyPress) {
142 explicit_bzero(&buf, sizeof(buf));
143 num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
144 if (IsKeypadKey(ksym)) {
145 if (ksym == XK_KP_Enter)
146 ksym = XK_Return;
147 else if (ksym >= XK_KP_0 && ksym <= XK_KP_9)
148 ksym = (ksym - XK_KP_0) + XK_0;
149 }
150 if (IsFunctionKey(ksym) ||
151 IsKeypadKey(ksym) ||
152 IsMiscFunctionKey(ksym) ||
153 IsPFKey(ksym) ||
154 IsPrivateKeypadKey(ksym))
155 continue;
156 switch (ksym) {
157 case XK_Return:
158 passwd[len] = 0;
159 #ifdef HAVE_BSD_AUTH
160 running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
161 #else
162 errno = 0;
163 if (!(encrypted = crypt(passwd, pws)))
164 fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
165 else
166 running = !!strcmp(encrypted, pws);
167 #endif
168 if (running) {
169 XBell(dpy, 100);
170 failure = True;
171 }
172 explicit_bzero(&passwd, sizeof(passwd));
173 len = 0;
174 break;
175 case XK_Escape:
176 explicit_bzero(&passwd, sizeof(passwd));
177 len = 0;
178 break;
179 case XK_BackSpace:
180 if (len)
181 passwd[len--] = 0;
182 break;
183 default:
184 if (num && !iscntrl((int)buf[0]) && (len + num < sizeof(passwd))) {
185 memcpy(passwd + len, buf, num);
186 len += num;
187 }
188 break;
189 }
190 color = len ? INPUT : (failure || failonclear ? FAILED : INIT);
191 if (running && oldc != color) {
192 for (screen = 0; screen < nscreens; screen++) {
193 XSetWindowBackground(dpy, locks[screen]->win, locks[screen]->colors[color]);
194 XClearWindow(dpy, locks[screen]->win);
195 }
196 oldc = color;
197 }
198 } else if (rr && ev.type == rrevbase + RRScreenChangeNotify) {
199 XRRScreenChangeNotifyEvent *rre = (XRRScreenChangeNotifyEvent*)&ev;
200 for (screen = 0; screen < nscreens; screen++) {
201 if (locks[screen]->win == rre->window) {
202 XResizeWindow(dpy, locks[screen]->win, rre->width, rre->height);
203 XClearWindow(dpy, locks[screen]->win);
204 }
205 }
206 } else for (screen = 0; screen < nscreens; screen++)
207 XRaiseWindow(dpy, locks[screen]->win);
208 }
209 }
210
211 static void
212 unlockscreen(Display *dpy, Lock *lock)
213 {
214 if(dpy == NULL || lock == NULL)
215 return;
216
217 XUngrabPointer(dpy, CurrentTime);
218 XFreeColors(dpy, DefaultColormap(dpy, lock->screen), lock->colors, NUMCOLS, 0);
219 XFreePixmap(dpy, lock->pmap);
220 XDestroyWindow(dpy, lock->win);
221
222 free(lock);
223 }
224
225 static Lock *
226 lockscreen(Display *dpy, int screen)
227 {
228 char curs[] = {0, 0, 0, 0, 0, 0, 0, 0};
229 int i;
230 Lock *lock;
231 XColor color, dummy;
232 XSetWindowAttributes wa;
233 Cursor invisible;
234
235 if (!running || dpy == NULL || screen < 0 || !(lock = malloc(sizeof(Lock))))
236 return NULL;
237
238 lock->screen = screen;
239 lock->root = RootWindow(dpy, lock->screen);
240
241 for (i = 0; i < NUMCOLS; i++) {
242 XAllocNamedColor(dpy, DefaultColormap(dpy, lock->screen), colorname[i], &color, &dummy);
243 lock->colors[i] = color.pixel;
244 }
245
246 /* init */
247 wa.override_redirect = 1;
248 wa.background_pixel = lock->colors[INIT];
249 lock->win = XCreateWindow(dpy, lock->root, 0, 0, DisplayWidth(dpy, lock->screen), DisplayHeight(dpy, lock->screen),
250 0, DefaultDepth(dpy, lock->screen), CopyFromParent,
251 DefaultVisual(dpy, lock->screen), CWOverrideRedirect | CWBackPixel, &wa);
252 lock->pmap = XCreateBitmapFromData(dpy, lock->win, curs, 8, 8);
253 invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap, &color, &color, 0, 0);
254 XDefineCursor(dpy, lock->win, invisible);
255
256 /* Try to grab mouse pointer *and* keyboard, else fail the lock */
257 if (XGrabPointer(dpy, lock->root, False, ButtonPressMask |
258 ButtonReleaseMask | PointerMotionMask, GrabModeAsync, GrabModeAsync,
259 None, invisible, CurrentTime) != GrabSuccess) {
260 fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", screen);
261 running = 0;
262 unlockscreen(dpy, lock);
263 return NULL;
264 }
265
266 if (XGrabKeyboard(dpy, lock->root, True, GrabModeAsync, GrabModeAsync,
267 CurrentTime) != GrabSuccess) {
268 fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", screen);
269 running = 0;
270 unlockscreen(dpy, lock);
271 return NULL;
272 }
273
274 XMapRaised(dpy, lock->win);
275 if (rr)
276 XRRSelectInput(dpy, lock->win, RRScreenChangeNotifyMask);
277
278 XSelectInput(dpy, lock->root, SubstructureNotifyMask);
279 return lock;
280 }
281
282 static void
283 usage(void)
284 {
285 die("usage: slock [-v | cmd [arg ...]]\n");
286 }
287
288 int
289 main(int argc, char **argv) {
290 #ifndef HAVE_BSD_AUTH
291 const char *pws;
292 #endif
293 Display *dpy;
294 int s, nlocks;
295
296 ARGBEGIN {
297 case 'v':
298 fprintf(stderr, "slock-"VERSION"\n");
299 return 0;
300 default:
301 usage();
302 } ARGEND
303
304 #ifdef __linux__
305 dontkillme();
306 #endif
307
308 /* Check if the current user has a password entry */
309 errno = 0;
310 if (!getpwuid(getuid())) {
311 if (errno == 0)
312 die("slock: no password entry for current user\n");
313 else
314 die("slock: getpwuid: %s\n", strerror(errno));
315 }
316
317 #ifndef HAVE_BSD_AUTH
318 pws = getpw();
319 if (strlen(pws) < 2)
320 die("slock: failed to get user password hash.\n");
321 #endif
322
323 if (!(dpy = XOpenDisplay(NULL)))
324 die("slock: cannot open display\n");
325
326 /* check for Xrandr support */
327 rr = XRRQueryExtension(dpy, &rrevbase, &rrerrbase);
328
329 /* get number of screens in display "dpy" and blank them */
330 nscreens = ScreenCount(dpy);
331 if (!(locks = malloc(sizeof(Lock *) * nscreens))) {
332 XCloseDisplay(dpy);
333 die("slock: out of memory\n");
334 }
335 for (nlocks = 0, s = 0; s < nscreens; s++) {
336 if ((locks[s] = lockscreen(dpy, s)) != NULL)
337 nlocks++;
338 }
339 XSync(dpy, 0);
340
341 /* did we actually manage to lock anything? */
342 if (nlocks == 0) {
343 /* nothing to protect */
344 free(locks);
345 XCloseDisplay(dpy);
346 return 1;
347 }
348
349 /* run post-lock command */
350 if (argc > 0) {
351 switch (fork()) {
352 case -1:
353 free(locks);
354 XCloseDisplay(dpy);
355 die("slock: fork failed: %s\n", strerror(errno));
356 case 0:
357 if (close(ConnectionNumber(dpy)) < 0)
358 die("slock: close: %s\n", strerror(errno));
359 execvp(argv[0], argv);
360 fprintf(stderr, "slock: execvp %s: %s\n", argv[0],
361 strerror(errno));
362 _exit(1);
363 }
364 }
365
366 /* everything is now blank. Wait for the correct password */
367 #ifdef HAVE_BSD_AUTH
368 readpw(dpy);
369 #else
370 readpw(dpy, pws);
371 #endif
372
373 /* password ok, unlock everything and quit */
374 for (s = 0; s < nscreens; s++)
375 unlockscreen(dpy, locks[s]);
376
377 free(locks);
378 XCloseDisplay(dpy);
379
380 return 0;
381 }