hyprwm/hyprlock
1
0
Fork 0
mirror of https://github.com/hyprwm/hyprlock.git synced 2026-05-04 20:07:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge 83ed5112c2 into d7079a1248

Browse source
This commit is contained in:
John Taylor 2026-03-23 15:39:15 +00:00 committed by GitHub
commit 2866f175a7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 42 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
src/auth/Pam.cpp
View file

@ -6,7 +6,6 @@
#include <filesystem>
#include <unistd.h>
#include <pwd.h>
#include <security/pam_appl.h>
#if __has_include(<security/pam_misc.h>)
#include <security/pam_misc.h>
#endif
@ -106,34 +105,27 @@ void CPam::init() {
}
bool CPam::auth() {
const pam_conv localConv = {.conv = conv, .appdata_ptr = (void*)&m_sConversationState};
pam_handle_t* handle = nullptr;
auto uidPassword = getpwuid(getuid());
RASSERT(uidPassword && uidPassword->pw_name, "Failed to get username (getpwuid)");
m_iRet = pam_authenticate(m_pHandle, 0);
int ret = pam_start(m_sPamModule.c_str(), uidPassword->pw_name, &localConv, &handle);
if (ret != PAM_SUCCESS) {
m_sConversationState.failText = "pam_start failed";
Debug::log(ERR, "auth: pam_start failed for {}", m_sPamModule);
return false;
}
ret = pam_authenticate(handle, 0);
pam_end(handle, ret);
handle = nullptr;
m_sConversationState.waitingForPamAuth = false;
if (ret != PAM_SUCCESS) {
if (m_iRet != PAM_SUCCESS) {
if (!m_sConversationState.failTextFromPam)
m_sConversationState.failText = ret == PAM_AUTH_ERR ? "Authentication failed" : "pam_authenticate failed";
m_sConversationState.failText = "Authentication failed";
Debug::log(ERR, "auth: {} for {}", m_sConversationState.failText, m_sPamModule);
return false;
}
m_iRet = pam_setcred(m_pHandle, PAM_REFRESH_CRED);
if (m_iRet != PAM_SUCCESS) {
if (!m_sConversationState.failTextFromPam)
m_sConversationState.failText = "Setting credentials failed";
Debug::log(ERR, "auth: {} for {}", m_sConversationState.failText, m_sPamModule);
return false;
}
m_sConversationState.waitingForPamAuth = false;
m_sConversationState.failText = "Successfully authenticated";
Debug::log(LOG, "auth: authenticated for {}", m_sPamModule);
Debug::log(LOG, "auth: {} for {}", m_sConversationState.failText, m_sPamModule);
return true;
}
@ -171,15 +163,39 @@ bool CPam::checkWaiting() {
return m_bBlockInput || m_sConversationState.waitingForPamAuth;
}
void CPam::clearHandle() {
if (m_pHandle != nullptr) {
pam_end(m_pHandle, m_iRet);
}
m_iRet = -1;
m_pHandle = nullptr;
}
void CPam::terminate() {
clearHandle();
m_sConversationState.inputSubmittedCondition.notify_all();
if (m_thread.joinable())
m_thread.join();
}
void CPam::resetConversation() {
clearHandle();
m_sConversationState.input = "";
m_sConversationState.waitingForPamAuth = false;
m_sConversationState.inputRequested = false;
m_sConversationState.failTextFromPam = false;
auto uidPassword = getpwuid(getuid());
RASSERT(uidPassword && uidPassword->pw_name, "Failed to get username (getpwuid)");
const pam_conv localConv = {.conv = conv, .appdata_ptr = (void*)&m_sConversationState};
m_iRet = pam_start(m_sPamModule.c_str(), uidPassword->pw_name, &localConv, &m_pHandle);
if (m_iRet != PAM_SUCCESS) {
m_sConversationState.failText = "pam_start failed";
Debug::log(ERR, "auth: {} for {}", m_sConversationState.failText, m_sPamModule);
}
}

4
src/auth/Pam.hpp
View file

@ -8,6 +8,7 @@
#include <condition_variable>
#include <functional>
#include <thread>
#include <security/pam_appl.h>
class CPam : public IAuthImplementation {
public:
@ -38,6 +39,7 @@ class CPam : public IAuthImplementation {
virtual bool checkWaiting();
virtual std::optional<std::string> getLastFailText();
virtual std::optional<std::string> getLastPrompt();
virtual void clearHandle();
virtual void terminate();
private:
@ -47,6 +49,8 @@ class CPam : public IAuthImplementation {
bool m_bBlockInput = true;
std::string m_sPamModule;
int m_iRet = -1;
pam_handle_t* m_pHandle = nullptr;
bool auth();
void resetConversation();