add slock.1 man page

It actually was 2014 and not 2015.

.hgtags

@@ -1,3 +0,0 @@
-0a95c73c7374fbc2342b6040d9f35ddf597729e1 0.1
-da5cb1f0a685258d5315ea109860bacbc2871a57 0.2
-f9157b1864388ad8f1920e5fde7c5849e73d8327 0.3

LICENSE

@@ -1,21 +1,24 @@
 MIT/X Consortium License
 
-(C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
+© 2015-2016 Markus Teich <markus.teich@stusta.mhn.de>
+© 2014 Dimitris Papastamos <sin@2f30.org>
+© 2006-2014 Anselm R Garbe <anselm@garbe.us>
+© 2014-2016 Laslo Hunhold <dev@frign.de>
 
 Permission is hereby granted, free of charge, to any person obtaining a
 copy of this software and associated documentation files (the "Software"),
 to deal in the Software without restriction, including without limitation
 the rights to use, copy, modify, merge, publish, distribute, sublicense,
-and/or sell copies of the Software, and to permit persons to whom the 
+and/or sell copies of the Software, and to permit persons to whom the
 Software is furnished to do so, subject to the following conditions:
 
-The above copyright notice and this permission notice shall be included in 
-all copies or substantial portions of the Software. 
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL 
-THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
-FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
+THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 DEALINGS IN THE SOFTWARE.

Makefile

@@ -1,5 +1,5 @@
 # slock - simple screen locker
-#   (C)opyright MMVI-MMVII Anselm R. Garbe
+# See LICENSE file for copyright and license details.
 
 include config.mk
 
@@ -13,18 +13,20 @@ options:
 	@echo "CFLAGS   = ${CFLAGS}"
 	@echo "LDFLAGS  = ${LDFLAGS}"
 	@echo "CC       = ${CC}"
-	@echo "LD       = ${LD}"
 
 .c.o:
 	@echo CC $<
 	@${CC} -c ${CFLAGS} $<
 
-${OBJ}: config.mk
+${OBJ}: config.h config.mk
+
+config.h:
+	@echo creating $@ from config.def.h
+	@cp config.def.h $@
 
 slock: ${OBJ}
-	@echo LD $@
-	@${LD} -o $@ ${OBJ} ${LDFLAGS}
-	@strip $@
+	@echo CC -o $@
+	@${CC} -o $@ ${OBJ} ${LDFLAGS}
 
 clean:
 	@echo cleaning
@@ -33,7 +35,8 @@ clean:
 dist: clean
 	@echo creating dist tarball
 	@mkdir -p slock-${VERSION}
-	@cp -R LICENSE Makefile README config.mk ${SRC} slock-${VERSION}
+	@cp -R LICENSE Makefile README config.def.h config.mk ${SRC} slock.1 \
+		slock-${VERSION}
 	@tar -cf slock-${VERSION}.tar slock-${VERSION}
 	@gzip slock-${VERSION}.tar
 	@rm -rf slock-${VERSION}
@@ -44,9 +47,15 @@ install: all
 	@cp -f slock ${DESTDIR}${PREFIX}/bin
 	@chmod 755 ${DESTDIR}${PREFIX}/bin/slock
 	@chmod u+s ${DESTDIR}${PREFIX}/bin/slock
+	@echo installing manual page to ${DESTDIR}${MANPREFIX}/man1
+	@mkdir -p ${DESTDIR}${MANPREFIX}/man1
+	@sed "s/VERSION/${VERSION}/g" <slock.1 >${DESTDIR}${MANPREFIX}/man1/slock.1
+	@chmod 644 ${DESTDIR}${MANPREFIX}/man1/slock.1
 
 uninstall:
 	@echo removing executable file from ${DESTDIR}${PREFIX}/bin
 	@rm -f ${DESTDIR}${PREFIX}/bin/slock
+	@echo removing manual page from ${DESTDIR}${MANPREFIX}/man1
+	@rm -f ${DESTDIR}${MANPREFIX}/man1/slock.1
 
 .PHONY: all options clean dist install uninstall

README

@@ -13,12 +13,12 @@ Installation
 Edit config.mk to match your local setup (slock is installed into
 the /usr/local namespace by default).
 
-Afterwards enter the following command to build and install slock (if
-necessary as root):
+Afterwards enter the following command to build and install slock
+(if necessary as root):
 
     make clean install
 
 
 Running slock
 -------------
-Simply invoke the 'slock' command.
+Simply invoke the 'slock' command. To get out of it, enter your password.

config.def.h

@@ -0,0 +1,6 @@
+static const char *colorname[NUMCOLS] = {
+	"black",     /* after initialization */
+	"#005577",   /* during input */
+	"#CC3333",   /* failed/cleared the input */
+};
+static const Bool failonclear = True;

config.mk

@@ -1,5 +1,5 @@
 # slock version
-VERSION = 0.4
+VERSION = 1.3
 
 # Customize below to fit your system
 
@@ -12,17 +12,20 @@ X11LIB = /usr/X11R6/lib
 
 # includes and libs
 INCS = -I. -I/usr/include -I${X11INC}
-LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11
+LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr
 
 # flags
-CFLAGS = -Os ${INCS} -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
-LDFLAGS = ${LIBS}
-#CFLAGS = -g -Wall -O2 ${INCS} -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
-#LDFLAGS = -g ${LIBS}
+CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
+CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
+LDFLAGS = -s ${LIBS}
 
-# On *BSD remove -DHAVE_SHADOW_H from CFLAGS
+# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
 # On OpenBSD and Darwin remove -lcrypt from LIBS
 
 # compiler and linker
 CC = cc
-LD = ${CC}
+
+# Install mode. On BSD systems MODE=2755 and GROUP=auth
+# On others MODE=4755 and GROUP=root
+#MODE=2755
+#GROUP=auth

slock.1

@@ -0,0 +1,29 @@
+.TH SLOCK 1 slock\-VERSION
+.SH NAME
+slock \- simple X display locker
+.SH SYNOPSIS
+.B slock
+.RB [ \-v
+|
+.IR post_lock_command ]
+.SH DESCRIPTION
+.B slock
+is a screen locker for X. If provided, the
+.IR post_lock_command
+will be executed when the screen is locked.
+.SH OPTIONS
+.TP
+.B \-v
+prints version information to stdout, then exits.
+.SH EXAMPLES
+$ slock /usr/sbin/s2ram
+.SH CUSTOMIZATION
+.B slock
+can be customized by creating a custom config.h and (re)compiling the source
+code. This keeps it fast, secure and simple.
+.SH AUTHORS
+See the LICENSE file for the authors.
+.SH LICENSE
+See the LICENSE file for the terms of redistribution.
+.SH BUGS
+Please report them.

slock.c

@@ -1,137 +1,358 @@
-/* (C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
- * See LICENSE file for license details.
- */
+/* See LICENSE file for license details. */
 #define _XOPEN_SOURCE 500
 #if HAVE_SHADOW_H
 #include <shadow.h>
 #endif
 
 #include <ctype.h>
+#include <errno.h>
 #include <pwd.h>
+#include <stdarg.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
+#include <X11/extensions/Xrandr.h>
 #include <X11/keysym.h>
 #include <X11/Xlib.h>
 #include <X11/Xutil.h>
 
-const char *
-get_password() { /* only run as root */
+#if HAVE_BSD_AUTH
+#include <login_cap.h>
+#include <bsd_auth.h>
+#endif
+
+enum {
+	INIT,
+	INPUT,
+	FAILED,
+	NUMCOLS
+};
+
+#include "config.h"
+
+typedef struct {
+	int screen;
+	Window root, win;
+	Pixmap pmap;
+	unsigned long colors[NUMCOLS];
+} Lock;
+
+static Lock **locks;
+static int nscreens;
+static Bool running = True;
+static Bool failure = False;
+static Bool rr;
+static int rrevbase;
+static int rrerrbase;
+
+static void
+die(const char *errstr, ...)
+{
+	va_list ap;
+
+	va_start(ap, errstr);
+	vfprintf(stderr, errstr, ap);
+	va_end(ap);
+	exit(1);
+}
+
+#ifdef __linux__
+#include <fcntl.h>
+#include <linux/oom.h>
+
+static void
+dontkillme(void)
+{
+	int fd;
+	int length;
+	char value[64];
+
+	fd = open("/proc/self/oom_score_adj", O_WRONLY);
+	if (fd < 0 && errno == ENOENT)
+		return;
+
+	/* convert OOM_SCORE_ADJ_MIN to string for writing */
+	length = snprintf(value, sizeof(value), "%d\n", OOM_SCORE_ADJ_MIN);
+
+	/* bail on truncation */
+	if (length >= sizeof(value))
+		die("buffer too small\n");
+
+	if (fd < 0 || write(fd, value, length) != length || close(fd) != 0)
+		die("cannot disable the out-of-memory killer for this process (make sure to suid or sgid slock)\n");
+}
+#endif
+
+#ifndef HAVE_BSD_AUTH
+/* only run as root */
+static const char *
+getpw(void)
+{
 	const char *rval;
 	struct passwd *pw;
 
-	if(geteuid() != 0) {
-		fputs("slock: cannot retrieve password entry (make sure to suid slock)\n", stderr);
-		exit(EXIT_FAILURE);
+	errno = 0;
+	if (!(pw = getpwuid(getuid()))) {
+		if (errno)
+			die("slock: getpwuid: %s\n", strerror(errno));
+		else
+			die("slock: cannot retrieve password entry\n");
 	}
-	pw = getpwuid(getuid());
-	endpwent();
-	rval =  pw->pw_passwd;
+	rval = pw->pw_passwd;
 
 #if HAVE_SHADOW_H
-	{
+	if (rval[0] == 'x' && rval[1] == '\0') {
 		struct spwd *sp;
-		sp = getspnam(getenv("USER"));
-		endspent();
+		if (!(sp = getspnam(getenv("USER"))))
+			die("slock: cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
 		rval = sp->sp_pwdp;
 	}
 #endif
+
 	/* drop privileges */
-	if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
-		fputs("slock: cannot drop privileges\n",stdout);
-		exit(EXIT_FAILURE);
-	}
+	if (geteuid() == 0 &&
+	    ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0))
+		die("slock: cannot drop privileges\n");
 	return rval;
 }
+#endif
 
-int
-main(int argc, char **argv) {
-	char curs[] = {0, 0, 0, 0, 0, 0, 0, 0};
+static void
+#ifdef HAVE_BSD_AUTH
+readpw(Display *dpy)
+#else
+readpw(Display *dpy, const char *pws)
+#endif
+{
 	char buf[32], passwd[256];
 	int num, screen;
-	const char *pws;
-	unsigned int len;
-	Bool running = True;
-	Cursor invisible;
-	Display *dpy;
+	unsigned int len, color;
 	KeySym ksym;
-	Pixmap pmap;
-	Window w;
-	XColor black, dummy;
 	XEvent ev;
-	XSetWindowAttributes wa;
+	static int oldc = INIT;
 
-	if((argc > 1) && !strncmp(argv[1], "-v", 3)) {
-		fputs("slock-"VERSION", (C)opyright MMVI Anselm R. Garbe\n", stdout);
-		exit(EXIT_SUCCESS);
-	}
-	pws = get_password();
-	if(!(dpy = XOpenDisplay(0))) {
-		fputs("slock: cannot open display\n", stderr);
-		exit(EXIT_FAILURE);
-	}
-	screen = DefaultScreen(dpy);
-
-	/* init */
-	wa.override_redirect = 1;
-	wa.background_pixel = BlackPixel(dpy, screen);
-	w = XCreateWindow(dpy, RootWindow(dpy, screen), 0, 0,
-			DisplayWidth(dpy, screen), DisplayHeight(dpy, screen),
-			0, DefaultDepth(dpy, screen), CopyFromParent,
-			DefaultVisual(dpy, screen), CWOverrideRedirect | CWBackPixel, &wa);
-
-	XAllocNamedColor(dpy, DefaultColormap(dpy, screen), "black", &black, &dummy);
-	pmap = XCreateBitmapFromData(dpy, w, curs, 8, 8);
-	invisible = XCreatePixmapCursor(dpy, pmap, pmap, &black, &black, 0, 0);
-	XDefineCursor(dpy, w, invisible);
-	running = XGrabPointer(dpy, RootWindow(dpy, screen), False,
-			ButtonPressMask | ButtonReleaseMask | PointerMotionMask,
-			GrabModeAsync, GrabModeSync, None, invisible, CurrentTime) == GrabSuccess;
-	len = 10;
-	for(len = 10; len && (XGrabKeyboard(dpy, RootWindow(dpy, screen), True, GrabModeAsync,
-		GrabModeAsync, CurrentTime) != GrabSuccess); len--)
-		usleep(1000);
-	running = running && (len > 0);
 	len = 0;
-	XMapRaised(dpy, w);
-	XSync(dpy, False);
+	running = True;
 
-	/* main event loop */
-	while(running && !XNextEvent(dpy, &ev))
-		if(ev.type == KeyPress) {
+	/* As "slock" stands for "Simple X display locker", the DPMS settings
+	 * had been removed and you can set it with "xset" or some other
+	 * utility. This way the user can easily set a customized DPMS
+	 * timeout. */
+	while (running && !XNextEvent(dpy, &ev)) {
+		if (ev.type == KeyPress) {
 			buf[0] = 0;
-			num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
-			if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
-					|| IsMiscFunctionKey(ksym) || IsPFKey(ksym)
-					|| IsPrivateKeypadKey(ksym))
+			num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
+			if (IsKeypadKey(ksym)) {
+				if (ksym == XK_KP_Enter)
+					ksym = XK_Return;
+				else if (ksym >= XK_KP_0 && ksym <= XK_KP_9)
+					ksym = (ksym - XK_KP_0) + XK_0;
+			}
+			if (IsFunctionKey(ksym) ||
+			    IsKeypadKey(ksym) ||
+			    IsMiscFunctionKey(ksym) ||
+			    IsPFKey(ksym) ||
+			    IsPrivateKeypadKey(ksym))
 				continue;
-			switch(ksym) {
+			switch (ksym) {
 			case XK_Return:
 				passwd[len] = 0;
-				if((running = strcmp(crypt(passwd, pws), pws)) != 0)
+#ifdef HAVE_BSD_AUTH
+				running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
+#else
+				running = !!strcmp(crypt(passwd, pws), pws);
+#endif
+				if (running) {
 					XBell(dpy, 100);
+					failure = True;
+				}
 				len = 0;
 				break;
 			case XK_Escape:
 				len = 0;
 				break;
 			case XK_BackSpace:
-				if(len)
+				if (len)
 					--len;
 				break;
 			default:
-				if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { 
+				if (num && !iscntrl((int)buf[0]) && (len + num < sizeof(passwd))) {
 					memcpy(passwd + len, buf, num);
 					len += num;
 				}
 				break;
 			}
-		}
+			color = len ? INPUT : (failure || failonclear ? FAILED : INIT);
+			if (running && oldc != color) {
+				for (screen = 0; screen < nscreens; screen++) {
+					XSetWindowBackground(dpy, locks[screen]->win, locks[screen]->colors[color]);
+					XClearWindow(dpy, locks[screen]->win);
+				}
+				oldc = color;
+			}
+		} else if (rr && ev.type == rrevbase + RRScreenChangeNotify) {
+			XRRScreenChangeNotifyEvent *rre = (XRRScreenChangeNotifyEvent*)&ev;
+			for (screen = 0; screen < nscreens; screen++) {
+				if (locks[screen]->win == rre->window) {
+					XResizeWindow(dpy, locks[screen]->win, rre->width, rre->height);
+					XClearWindow(dpy, locks[screen]->win);
+				}
+			}
+		} else for (screen = 0; screen < nscreens; screen++)
+			XRaiseWindow(dpy, locks[screen]->win);
+	}
+}
+
+static void
+unlockscreen(Display *dpy, Lock *lock)
+{
+	if(dpy == NULL || lock == NULL)
+		return;
+
 	XUngrabPointer(dpy, CurrentTime);
-	XFreePixmap(dpy, pmap);
-	XDestroyWindow(dpy, w);
+	XFreeColors(dpy, DefaultColormap(dpy, lock->screen), lock->colors, NUMCOLS, 0);
+	XFreePixmap(dpy, lock->pmap);
+	XDestroyWindow(dpy, lock->win);
+
+	free(lock);
+}
+
+static Lock *
+lockscreen(Display *dpy, int screen)
+{
+	char curs[] = {0, 0, 0, 0, 0, 0, 0, 0};
+	unsigned int len;
+	int i;
+	Lock *lock;
+	XColor color, dummy;
+	XSetWindowAttributes wa;
+	Cursor invisible;
+
+	if (!running || dpy == NULL || screen < 0 || !(lock = malloc(sizeof(Lock))))
+		return NULL;
+
+	lock->screen = screen;
+	lock->root = RootWindow(dpy, lock->screen);
+
+	for (i = 0; i < NUMCOLS; i++) {
+		XAllocNamedColor(dpy, DefaultColormap(dpy, lock->screen), colorname[i], &color, &dummy);
+		lock->colors[i] = color.pixel;
+	}
+
+	/* init */
+	wa.override_redirect = 1;
+	wa.background_pixel = lock->colors[INIT];
+	lock->win = XCreateWindow(dpy, lock->root, 0, 0, DisplayWidth(dpy, lock->screen), DisplayHeight(dpy, lock->screen),
+	                          0, DefaultDepth(dpy, lock->screen), CopyFromParent,
+	                          DefaultVisual(dpy, lock->screen), CWOverrideRedirect | CWBackPixel, &wa);
+	lock->pmap = XCreateBitmapFromData(dpy, lock->win, curs, 8, 8);
+	invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap, &color, &color, 0, 0);
+	XDefineCursor(dpy, lock->win, invisible);
+	XMapRaised(dpy, lock->win);
+	if (rr)
+		XRRSelectInput(dpy, lock->win, RRScreenChangeNotifyMask);
+
+	/* Try to grab mouse pointer *and* keyboard, else fail the lock */
+	for (len = 1000; len; len--) {
+		if (XGrabPointer(dpy, lock->root, False, ButtonPressMask | ButtonReleaseMask | PointerMotionMask,
+		    GrabModeAsync, GrabModeAsync, None, invisible, CurrentTime) == GrabSuccess)
+			break;
+		usleep(1000);
+	}
+	if (!len) {
+		fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", screen);
+	} else {
+		for (len = 1000; len; len--) {
+			if (XGrabKeyboard(dpy, lock->root, True, GrabModeAsync, GrabModeAsync, CurrentTime) == GrabSuccess) {
+				/* everything fine, we grabbed both inputs */
+				XSelectInput(dpy, lock->root, SubstructureNotifyMask);
+				return lock;
+			}
+			usleep(1000);
+		}
+		fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", screen);
+	}
+	/* grabbing one of the inputs failed */
+	running = 0;
+	unlockscreen(dpy, lock);
+	return NULL;
+}
+
+static void
+usage(void)
+{
+	fprintf(stderr, "usage: slock [-v|POST_LOCK_CMD]\n");
+	exit(1);
+}
+
+int
+main(int argc, char **argv) {
+#ifndef HAVE_BSD_AUTH
+	const char *pws;
+#endif
+	Display *dpy;
+	int screen;
+
+	if ((argc == 2) && !strcmp("-v", argv[1]))
+		die("slock-%s, © 2006-2016 slock engineers\n", VERSION);
+
+	if ((argc == 2) && !strcmp("-h", argv[1]))
+		usage();
+
+#ifdef __linux__
+	dontkillme();
+#endif
+
+	if (!getpwuid(getuid()))
+		die("slock: no passwd entry for you\n");
+
+#ifndef HAVE_BSD_AUTH
+	pws = getpw();
+#endif
+
+	if (!(dpy = XOpenDisplay(0)))
+		die("slock: cannot open display\n");
+	rr = XRRQueryExtension(dpy, &rrevbase, &rrerrbase);
+	/* Get the number of screens in display "dpy" and blank them all. */
+	nscreens = ScreenCount(dpy);
+	if (!(locks = malloc(sizeof(Lock*) * nscreens)))
+		die("slock: malloc: %s\n", strerror(errno));
+	int nlocks = 0;
+	for (screen = 0; screen < nscreens; screen++) {
+		if ((locks[screen] = lockscreen(dpy, screen)) != NULL)
+			nlocks++;
+	}
+	XSync(dpy, False);
+
+	/* Did we actually manage to lock something? */
+	if (nlocks == 0) { /* nothing to protect */
+		free(locks);
+		XCloseDisplay(dpy);
+		return 1;
+	}
+
+	if (argc >= 2 && fork() == 0) {
+		if (dpy)
+			close(ConnectionNumber(dpy));
+		execvp(argv[1], argv+1);
+		die("slock: execvp %s failed: %s\n", argv[1], strerror(errno));
+	}
+
+	/* Everything is now blank. Now wait for the correct password. */
+#ifdef HAVE_BSD_AUTH
+	readpw(dpy);
+#else
+	readpw(dpy, pws);
+#endif
+
+	/* Password ok, unlock everything and quit. */
+	for (screen = 0; screen < nscreens; screen++)
+		unlockscreen(dpy, locks[screen]);
+
+	free(locks);
 	XCloseDisplay(dpy);
+
 	return 0;
 }