2 * CDE - Common Desktop Environment
4 * Copyright (c) 1993-2012, The Open Group. All rights reserved.
6 * These libraries and programs are free software; you can
7 * redistribute them and/or modify them under the terms of the GNU
8 * Lesser General Public License as published by the Free Software
9 * Foundation; either version 2 of the License, or (at your option)
12 * These libraries and programs are distributed in the hope that
13 * they will be useful, but WITHOUT ANY WARRANTY; without even the
14 * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
15 * PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with these librararies and programs; if not, write
20 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
21 * Floor, Boston, MA 02110-1301 USA
23 /* $XConsortium: SmLock.c /main/8 1996/10/30 11:13:55 drk $ */
25 * (c) Copyright 1993, 1994 Hewlett-Packard Company *
26 * (c) Copyright 1993, 1994 International Business Machines Corp. *
27 * (c) Copyright 1993, 1994 Sun Microsystems, Inc. *
28 * (c) Copyright 1993, 1994 Novell, Inc. *
30 /*************************************<+>*************************************
31 *****************************************************************************
35 ** Project: HP DT Session Manager (dtsession)
39 ** In charge of locking and unlocking the display in response from
40 ** the front panel to so.
44 *******************************************************************
45 ** (c) Copyright Hewlett-Packard Company, 1990. All rights are
46 ** reserved. Copying or other reproduction of this program
47 ** except for archival purposes is prohibited without prior
48 ** written consent of Hewlett-Packard Company.
49 ********************************************************************
53 *****************************************************************************
54 *************************************<+>*************************************/
67 #ifdef USE_HP_SPECIFIC_XLIB
68 #include <X11/XHPlib.h>
69 #endif /* USE_HP_SPECIFIC_XLIB */
71 #include <X11/Intrinsic.h>
73 #include <Dt/UserMsg.h>
74 #include <Dt/Indicator.h>
79 # include <sys/types.h>
92 * Variables global to this module only
98 static XtIntervalId timerId, lockTimeId, lockDelayId, cycleId, flash_id;
103 static Widget grabWidget;
106 * Lock dialog visibility
108 static Boolean lockDlgVisible;
110 #ifdef LOCK_SERVER_ACCESS
112 * Server Access Control Information
114 static Boolean RestrictingAccess = False;
115 static XHostAddress *hostList;
116 static Bool hostListActive;
117 static int hostListLen;
124 static void FinishLocking(Widget, XtPointer, XEvent *, Boolean *);
125 static void RecolorCursor( void ) ;
126 static void EventDetected( Widget, XtPointer, XEvent *, Boolean *) ;
127 static void CheckString( char *, int ) ;
128 static Boolean CheckPassword( char * ) ;
129 #if defined (_AIX) && defined (_POWER)
130 static Boolean Authenticate( char *, uid_t, char * ) ;
132 #define Authenticate(A,B,C) localAuthenticate(A,B,C)
134 static Boolean localAuthenticate( char *, uid_t, char * ) ;
135 static void UnlockDisplay( Boolean, Boolean ) ;
136 static void TakeDownLogin( XtPointer, XtIntervalId * ) ;
137 static void PutUpLogin( Boolean, Boolean ) ;
138 static void LockAttemptFailed( XtPointer, XtIntervalId *) ;
139 static void RequirePassword( XtPointer, XtIntervalId *) ;
140 static void CycleSaver( XtPointer, XtIntervalId *) ;
141 static void BlinkCaret( XtPointer, XtIntervalId *) ;
146 /*************************************<->*************************************
153 * Calls the routines that are in charge of locking the display.
158 * lockNow - request to lock the display immediately
166 *************************************<->***********************************/
168 * Place holders for the lock position
170 static Position visibleY;
171 static Position hiddenY;
179 Widget parent = NULL, lockDlg;
186 timerId = lockTimeId = lockDelayId = cycleId = flash_id = (XtIntervalId)0;
188 #if defined (SMGETTIMEOUTS)
189 /*D*/ getTimeouts(&lockNow, NULL, NULL, NULL, NULL);
192 FILE *fp = fopen("/tmp/session", "a");
193 if (fp) fprintf(fp, "lockNow=%d saverTimeout=%d "
194 "lockTimeout=%d cycleTimeout=%d"
196 lockNow, smSaverRes.saverTimeout,
197 smSaverRes.lockTimeout, smSaverRes.cycleTimeout,
205 * 0 - screen will not be covered, nor will external screen saver run
206 * 1 - screen will be covered, external screen saver may be run
209 * -1 = no password required to unlock display
210 * 0 = password always required to unlock display
211 * N = password required to unlock display after N seconds
213 if (smSaverRes.saverTimeout == 0)
215 smGD.coverScreen = 0;
218 else if (lockNow || smSaverRes.lockTimeout > 0)
220 smGD.coverScreen = 1;
223 else if (smSaverRes.lockTimeout == 0)
225 else if (smSaverRes.lockTimeout <= smSaverRes.saverTimeout)
228 lockDelay = smSaverRes.lockTimeout - smSaverRes.saverTimeout;
232 smGD.coverScreen = 1;
237 * Before anything is done make sure we can unlock if we lock.
239 if (localAuthenticate(NULL, getuid(), NULL) == False)
242 PrintError(DtError, smNLS.trustedSystemErrorString);
244 XBell(smGD.display, 100);
247 * Tell the Workspace Manager to quit blinking
249 msg = tttk_message_create( 0, TT_NOTICE, TT_SESSION, 0,
250 "DtActivity_Began", 0 );
251 tt_message_send( msg );
252 tt_message_destroy( msg );
258 if(((smDD.lockCoverDialog == NULL) && (smGD.coverScreen == True)) ||
259 ((smDD.lockDialog == NULL) && (smGD.coverScreen == False)))
262 * Set up the grab widget in here
267 * If the user has specified cover - create the cover dialog
269 screenNum = DefaultScreen(smGD.display);
270 if(smGD.coverScreen == True)
272 for(i = (smGD.numSavedScreens - 1);i >= 0;i--)
276 smDD.coverDialog[i] = CreateCoverDialog(i, True);
277 parent = smDD.coverDrawing[i];
281 smDD.coverDialog[i] = CreateCoverDialog(i, False);
284 smDD.lockCoverDialog = CreateLockDialogWithCover(parent);
288 * Create the lock dialog if the user has specified that
290 if((smDD.lockDialog == NULL) && (smGD.coverScreen == False))
292 smDD.lockDialog = CreateLockDialog();
295 * Get colors for the password cursor
298 XtSetArg(uiArgs[i], XmNtopShadowColor, &(xcolors[0]));i++;
299 XtSetArg(uiArgs[i], XmNbottomShadowColor, &(xcolors[1]));i++;
300 XtGetValues(smDD.lockDialog, uiArgs, i);
302 smGD.backgroundPix = xcolors[0].pixel;
303 smGD.foregroundPix = xcolors[1].pixel;
304 if (smGD.backgroundPix == smGD.foregroundPix)
306 smGD.backgroundPix = smGD.whitePixel;
307 smGD.foregroundPix = smGD.blackPixel;
313 * Wait for a visibility event to occur on the window so that
316 if(smGD.coverScreen == True)
318 smGD.lockCursor = smGD.blankCursor;
319 grabWidget = smDD.coverDialog[0];
320 lockDlg = smDD.lockCoverDialog;
321 lockDlgVisible = False; /* mappedWhenManaged False */
325 smGD.lockCursor = smGD.padlockCursor;
326 grabWidget = smDD.lockDialog;
327 lockDlg = smDD.lockDialog;
328 visibleY = hiddenY = -1;
332 * Note: grabWidget must be mapped in order to grab it. This means
333 * that if coverScreen is True, smDD.coverDialog[0] must be mapped
334 * immediately and if coverScreen is False, smDD.lockDialog must be
335 * mapped immediately. Also, if a grabWidget is unmapped, the grab
338 XtAddEventHandler(grabWidget, VisibilityChangeMask,
339 False, FinishLocking, NULL);
341 XtManageChild(lockDlg);
343 if(smGD.coverScreen == True) {
344 flash_id = XtAppAddTimeOut(smGD.appCon,
345 1000, BlinkCaret,smDD.indLabel[1]);
348 flash_id = XtAppAddTimeOut(smGD.appCon,
349 1000, BlinkCaret,smDD.indLabel[0]);
355 * Wait for 'lockDelay' seconds before requiring a password.
357 lockDelayId = XtAppAddTimeOut(smGD.appCon,
358 lockDelay*1000, RequirePassword, NULL);
361 else if (lockDelay == 0)
364 * Immediately require a password to unlock the display.
366 smGD.lockedState = LOCKED;
367 PutUpLogin(True, False); /* map, but don't set timeout */
370 if (smGD.coverScreen == True && smSaverRes.cycleTimeout > 0)
373 * Cycle to next saver in 'cycleTimeout' seconds.
375 cycleId = XtAppAddTimeOut(smGD.appCon,
376 smSaverRes.cycleTimeout*1000, CycleSaver, NULL);
379 if(smGD.coverScreen == True)
381 for(i = (smGD.numSavedScreens - 1);i >= 0;i--)
383 XtPopup(smDD.coverDialog[i], XtGrabNone);
388 * Add an event handler for when the keyboard and pointer are grabbed
390 XtAddEventHandler(grabWidget,
391 (KeyPressMask | ButtonPressMask | PointerMotionMask),
392 False, EventDetected, NULL);
394 /** wait 90 seconds for lock dialog to come up **/
395 lockTimeId = XtAppAddTimeOut(smGD.appCon,
396 90000, LockAttemptFailed, lockDlg);
402 /*************************************<->*************************************
409 * After the lock dialog is up - do the grab and lock the display
421 *************************************<->***********************************/
423 FinishLocking(Widget wid,
429 Boolean kbdGrabbed, pointerGrabbed;
432 if (lockTimeId == (XtIntervalId)0)
435 XtRemoveTimeOut(lockTimeId);
436 lockTimeId = (XtIntervalId)0;
437 XtRemoveEventHandler(wid, VisibilityChangeMask,
438 False, FinishLocking, NULL);
439 XSync(smGD.display, 0);
442 XtSetArg(uiArgs[i], XmNy, &visibleY);i++;
443 XtGetValues(wid, uiArgs, i);
445 hiddenY = (Position) DisplayHeight(smGD.display, smGD.screen) + 15;
448 * Color the cursor for this color scheme
452 XSync(smGD.display, 0);
455 * grab control of the keyboard for the entire display
457 rc = XtGrabKeyboard(grabWidget, False,
458 GrabModeAsync, GrabModeAsync,
460 kbdGrabbed = (rc == GrabSuccess);
462 #ifdef USE_HP_SPECIFIC_XLIB
463 XHPDisableReset(smGD.display);
464 #endif /* USE_HP_SPECIFIC_XLIB */
466 #if defined (AIXV3) && !defined(_POWER)
467 if(smGD.secureSystem)
469 SM_SETEUID(smGD.unLockUID);
471 SM_SETEUID(smGD.runningUID);
475 pointerGrabbed = (XtGrabPointer(grabWidget, False,
476 ButtonPressMask|PointerMotionMask,
477 GrabModeAsync, GrabModeAsync,
478 None, smGD.lockCursor, CurrentTime)
482 pointerGrabbed = (XtGrabPointer(grabWidget, False,
483 ButtonPressMask|PointerMotionMask,
484 GrabModeAsync, GrabModeAsync,
485 None, smGD.lockCursor, CurrentTime)
491 * If the grab failed - try 3 more times and give up
493 if((kbdGrabbed == False) || (pointerGrabbed == False))
495 for(j = 0;(j < 3) && ((pointerGrabbed == False) ||
496 (kbdGrabbed == False));j++)
499 * If a grab fails try one more time and then give up
501 if(kbdGrabbed == False)
504 kbdGrabbed = (XtGrabKeyboard(grabWidget, False,
505 GrabModeAsync, GrabModeAsync,
506 CurrentTime) == GrabSuccess);
509 if(pointerGrabbed == False)
512 pointerGrabbed = (XtGrabPointer(grabWidget, False,
517 None, smGD.lockCursor,
526 * Set status variable to lock if the lock has succeeded
528 if((pointerGrabbed != True) || (kbdGrabbed != True))
530 PrintError(DtError, smNLS.cantLockErrorString);
531 smGD.lockedState = UNLOCKED;
532 UnlockDisplay(pointerGrabbed, kbdGrabbed);
537 #ifdef LOCK_SERVER_ACCESS
539 * Wipe & enable X server access control list
541 hostList = XListHosts(smGD.display,
542 &hostListLen, (Bool *) &hostListActive);
543 XRemoveHosts(smGD.display, hostList, hostListLen);
544 XEnableAccessControl(smGD.display);
545 RestrictingAccess = True;
548 PutUpLogin(False, True); /* already mapped, but set timeout */
551 * Start external screen saver.
553 if (smGD.coverScreen)
563 /*************************************<->*************************************
565 * CreateLockCursor ()
570 * Creates a padlock cursor if the user has specified lock. Creates a
571 * blank cursor if the user has specified cover. Both are specified in the
572 * users resource file.
578 * buttonForm = widget from which cursor gets its color
579 * smGD.coverScreen = (global) cover screen or put up a padlock
585 * smGD.lockCursor = (global) cursor when lock is active (blank or padlock)
590 *************************************<->***********************************/
591 #define lock_m_hot_x 16
592 #define lock_m_hot_y 16
593 #define lock_m_bm_width 32
594 #define lock_m_bm_height 32
595 static unsigned char lock_m_bm_bits[] = {
596 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf8, 0x0f, 0x00,
597 0x00, 0xfc, 0x9f, 0x00, 0x00, 0x0e, 0x90, 0x01, 0x00, 0x06, 0x80, 0x01,
598 0x00, 0x06, 0x80, 0x01, 0x00, 0x06, 0x80, 0x01, 0x00, 0x06, 0x80, 0x01,
599 0x00, 0x06, 0x80, 0x01, 0x00, 0x06, 0x80, 0x01, 0x00, 0x06, 0x80, 0x01,
600 0x00, 0x06, 0x80, 0x01, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x0c,
601 0x80, 0xaa, 0xaa, 0x0e, 0x00, 0x55, 0x55, 0x0f, 0x80, 0xaa, 0xaa, 0x0e,
602 0x00, 0x55, 0x55, 0x0f, 0x80, 0xaa, 0xaa, 0x0e, 0x00, 0x55, 0x55, 0x0f,
603 0x80, 0xaa, 0xaa, 0x0e, 0x00, 0x55, 0x55, 0x0f, 0x80, 0xaa, 0xaa, 0x0e,
604 0x00, 0x55, 0x55, 0x0f, 0x80, 0xaa, 0xaa, 0x0e, 0x00, 0x55, 0x55, 0x0f,
605 0x80, 0xaa, 0xaa, 0x0e, 0x00, 0x55, 0x55, 0x0f, 0x80, 0xaa, 0xaa, 0x0e,
606 0xc0, 0xff, 0xff, 0x0f, 0xe0, 0xff, 0xff, 0x0f};
608 #define lock_m_m_bm_width 32
609 #define lock_m_m_bm_height 32
610 static unsigned char lock_m_m_bm_bits[] = {
611 0x00, 0xf8, 0x1f, 0x00, 0x00, 0xfe, 0x7f, 0x00, 0x00, 0xff, 0xff, 0x00,
612 0x00, 0xff, 0xff, 0x00, 0x80, 0x0f, 0xf0, 0x01, 0x80, 0x07, 0xe0, 0x01,
613 0x80, 0x07, 0xe0, 0x01, 0x80, 0x07, 0xe0, 0x01, 0x80, 0x07, 0xe0, 0x01,
614 0x80, 0x07, 0xe0, 0x01, 0x80, 0x07, 0xe0, 0x01, 0x80, 0x07, 0xe0, 0x01,
615 0x80, 0x07, 0xe0, 0x01, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
616 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
617 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
618 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
619 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
620 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f,
621 0xf0, 0xff, 0xff, 0x0f, 0xf0, 0xff, 0xff, 0x0f};
623 #define lock_s_hot_x 7
624 #define lock_s_hot_y 8
625 #define lock_s_bm_width 13
626 #define lock_s_bm_height 16
627 static unsigned char lock_s_bm_bits[] = {
628 0x00, 0x02, 0x00, 0x04, 0xf0, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
629 0x00, 0x00, 0xa8, 0x1a, 0x54, 0x1d, 0xa8, 0x1a, 0x54, 0x1d, 0xa8, 0x1a,
630 0x54, 0x1d, 0xa8, 0x1a, 0x54, 0x1d, 0xfe, 0x1f};
632 #define lock_s_m_bm_width 13
633 #define lock_s_m_bm_height 16
634 static unsigned char lock_s_m_bm_bits[] = {
635 0xf8, 0x03, 0xfc, 0x07, 0xfe, 0x0f, 0x0e, 0x0e, 0x0e, 0x0e, 0x0e, 0x0e,
636 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f,
637 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f, 0xff, 0x1f};
640 CreateLockCursor( void )
643 Colormap cmap = XDefaultColormap(smGD.display, smGD.screen);
645 char noCursorBits = 0x1;
647 if(InitCursorInfo() == False)
650 * Create the SMALL padlock cursor
652 source = XCreateBitmapFromData(smGD.display,
653 XRootWindow(smGD.display,
655 (char *) lock_s_bm_bits,
658 mask = XCreateBitmapFromData(smGD.display,
659 XRootWindow(smGD.display,
661 (char *) lock_s_m_bm_bits,
665 /* translate the Pixels into XColors */
666 xcolors[0].pixel = smGD.blackPixel;
667 xcolors[1].pixel = smGD.whitePixel;
668 XQueryColors(smGD.display, cmap, xcolors, 2);
670 /* create the padlock cursor */
671 smGD.padlockCursor = XCreatePixmapCursor(smGD.display, source, mask,
672 &(xcolors[0]), &(xcolors[1]),
675 XFreePixmap(smGD.display, source);
676 XFreePixmap(smGD.display, mask);
681 * Create the LARGE padlock cursor
683 source = XCreateBitmapFromData(smGD.display,
684 XRootWindow(smGD.display,
686 (char *) lock_m_bm_bits,
689 mask = XCreateBitmapFromData(smGD.display,
690 XRootWindow(smGD.display,
692 (char *) lock_m_m_bm_bits,
696 /* translate the Pixels into XColors */
697 xcolors[0].pixel = smGD.blackPixel;
698 xcolors[1].pixel = smGD.whitePixel;
699 XQueryColors(smGD.display, cmap, xcolors, 2);
701 /* create the padlock cursor */
702 smGD.padlockCursor = XCreatePixmapCursor(smGD.display, source, mask,
703 &(xcolors[0]), &(xcolors[1]),
706 XFreePixmap(smGD.display, source);
707 XFreePixmap(smGD.display, mask);
712 * create the blank cursor
714 source = XCreateBitmapFromData(smGD.display,
715 XRootWindow(smGD.display, smGD.screen),
716 &noCursorBits, 1, 1);
718 xcolors[0].pixel = smGD.blackPixel;
719 XQueryColor(smGD.display, cmap, &(xcolors[0]));
720 smGD.blankCursor = XCreatePixmapCursor(smGD.display, source, source,
721 &(xcolors[0]), &(xcolors[0]),
723 XFreePixmap(smGD.display, source);
728 /*************************************<->*************************************
735 * Recolors the padlock cursor to be the current color scheme. This has
736 * to be done because XCreatePixmapCursor allocates colors instead of jusst
737 * using a pixel value.
743 * smGD.backgroundPix = Pixel value to use for background color
744 * smGD.foregroundPix = Pixel value to use for foreground color
749 * smGD.lockCursor = (global) cursor when lock is active (padlock)
754 *************************************<->***********************************/
756 RecolorCursor( void )
758 Colormap cmap = XDefaultColormap(smGD.display, smGD.screen);
762 * translate the Pixels into XColors
764 xcolors[0].pixel = smGD.foregroundPix;
765 xcolors[1].pixel = smGD.backgroundPix;
766 XQueryColors(smGD.display, cmap, xcolors, 2);
769 * recolor the padlock cursor
771 XRecolorCursor(smGD.display, smGD.lockCursor, &(xcolors[0]),
777 /*************************************<->*************************************
779 * EventDetected (w, client_data, event)
784 * Callback routine that detects an event when the display is locked.
785 * If it's a correct password, it unlocks the display. Otherwise, it
786 * just displays status. The event is detected by the popup login dialog.
791 * w = widget where event occured
792 * client_data = client specific data sent to callback
793 * event = event that triggered callback
802 *************************************<->***********************************/
806 XtPointer client_data,
812 XKeyEvent *event = (XKeyEvent *) ev;
814 if (smGD.lockedState == LOCKED)
816 if (lockDlgVisible == False)
819 * Anytime input is received - show the passwd dialog and
820 * discard event. This is so a keypress event that causes
821 * the passwd dialog to appear will not be used in the password.
824 PutUpLogin(True, True); /* map, and reset timeout */
827 PutUpLogin(False, True); /* already mapped, but reset timeout */
831 UnlockDisplay(True, True);
836 * If the detected event is anything but a keypress, processing is
837 * complete after refreshing the status string.
839 if (event->type != KeyPress)
843 * If XLookupString() returns anything (which it won't in the case of, say,
844 * pressing the shift key or an arrow key), process it.
846 #ifdef USE_HP_SPECIFIC_XLIB
847 if (len = XHPConvertLookup(event, str, sizeof(str), NULL, NULL,
848 XHPGetEurasianCvt(smGD.display)))
849 #else /* USE_HP_SPECIFIC_XLIB */
850 if (len = XLookupString (event, str, sizeof(str), NULL, NULL))
851 #endif /* USE_HP_SPECIFIC_XLIB */
853 if (smGD.lockedState == LOCKED)
854 CheckString(str, len);
860 /*************************************<->*************************************
867 * Check string entered by user. If it is a valid password, call routine to
868 * unlock the display. Otherwise, just keep track of what we have until
869 * the password is valid
874 * s = string passed in for checking
875 * i = length of string
884 *************************************<->***********************************/
892 * - Only the first eight characters are used.
893 * - If pw_length > 8, we've gone over eight characters and won't
895 * - An ESC kills the line.
898 static char passwd[82]; /* password space */
900 static char passwd[10]; /* password space */
902 static int pw_length = 0; /* password length */
919 pw_length--; /* back up one character */
923 pw_length = 0; /* kill the character string */
939 passwd[pw_length] = '\0'; /* terminate string */
940 pw_length = 0; /* reset length */
941 if (CheckPassword(passwd))
943 UpdatePasswdField(0);
944 UnlockDisplay(True, True);
947 XBell(smGD.display, 100); /* wrong, laserbreath */
956 passwd[pw_length] = *s; /* store character */
958 * The length is incremented no matter what, so the user can
959 * think the program handles multi-thousand-character
960 * passwords. If the user types twenty characters and eighteen
961 * erases (#), the result will be the first two characters
962 * entered, as expected. Up to a point -- 65536 is long
965 if (pw_length < 65535)
973 UpdatePasswdField(8);
977 UpdatePasswdField(pw_length);
983 /*************************************<->*************************************
985 * CheckPassword (passwd)
990 * Check the password to see if it is the user's, roots, or one of the
991 * users specified in the host string
996 * passwd = password passed in
1001 * True if it is a valid password, false otherwise.
1006 *************************************<->***********************************/
1014 if (Authenticate(NULL, getuid(), passwd) == True)
1016 return(True); /* user password ok */
1019 if (Authenticate(NULL, 0, passwd) == True)
1021 return(True); /* root password ok */
1024 /* check passwords of users specified as keyholders */
1025 if (smGD.keyholders == NULL)
1027 return(False); /* no keyholders */
1030 /* since strtok() is destructive, copy the keyholders string */
1031 keyholderbuf = (char *) SM_MALLOC(strlen(smGD.keyholders)+1);
1032 if(keyholderbuf == NULL)
1034 PrintErrnoError(DtError, smNLS.cantMallocErrorString);
1035 return(False); /* no memory */
1038 strcpy(keyholderbuf, smGD.keyholders);
1039 for (p = keyholderbuf; (q = strtok(p, ", \t")) != NULL; p = NULL)
1041 if (Authenticate(q, -1, passwd) == True)
1043 SM_FREE(keyholderbuf);
1044 return(True); /* keyholder password ok */
1047 SM_FREE(keyholderbuf);
1049 return(False); /* no matches */
1054 /*************************************<->*************************************
1061 * If the user has entered a correct password, unlock the display and
1062 * uncover the root window.
1067 * pointerGrabbed - Boolean tells if pointer is currently grabbed
1068 * kbdGrabbed - Boolean tells if keyboard is currently grabbed
1078 *************************************<->***********************************/
1081 Boolean pointerGrabbed,
1087 #ifdef LOCK_SERVER_ACCESS
1089 * Restore X server access state
1091 if (RestrictingAccess) {
1092 XAddHosts(smGD.display, hostList, hostListLen);
1093 if (!hostListActive) XDisableAccessControl(smGD.display);
1094 RestrictingAccess = False;
1095 XFree((void *) hostList);
1100 * Stop external screen saver.
1105 * Remove the event handler to grab the events
1107 XtRemoveEventHandler(grabWidget,
1108 (KeyPressMask | ButtonPressMask | PointerMotionMask),
1109 False, EventDetected, NULL);
1114 if(lockDelayId != (XtIntervalId)0)
1116 XtRemoveTimeOut(lockDelayId);
1119 if(cycleId != (XtIntervalId)0)
1121 XtRemoveTimeOut(cycleId);
1124 if(timerId != (XtIntervalId)0)
1126 XtRemoveTimeOut(timerId);
1129 if(flash_id != (XtIntervalId)0)
1131 XtRemoveTimeOut(flash_id);
1134 if(pointerGrabbed == True)
1136 XtUngrabPointer(grabWidget, CurrentTime);
1139 if(kbdGrabbed == True)
1141 XtUngrabKeyboard(grabWidget, CurrentTime);
1144 #ifdef USE_HP_SPECIFIC_XLIB
1145 XHPEnableReset(smGD.display);
1146 #endif /* USE_HP_SPECIFIC_XLIB */
1148 #if defined (AIXV3) && !defined(_POWER)
1149 if(smGD.secureSystem)
1151 SM_SETEUID(smGD.unLockUID);
1152 AixEnableHftRing(1);
1153 SM_SETEUID(smGD.runningUID);
1157 XSync(smGD.display, 0);
1160 * Unmanage session lock dialogs. If LOCKDLG_PERSIST is undefined,
1161 * destroy them. This is so the passwd dialog icon colors get freed
1162 * since currently it uses a lot of colors.
1164 if(smGD.coverScreen == False)
1166 #if defined (LOCKDLG_PERSIST)
1167 if (XtIsManaged(smDD.lockDialog))
1169 XtUnmanageChild(smDD.lockDialog);
1172 XtDestroyWidget(smDD.lockDialog);
1173 smDD.lockDialog = NULL;
1178 #if defined (LOCKDLG_PERSIST)
1179 if(!XtIsManaged(smDD.lockCoverDialog))
1181 XtManageChild(smDD.lockCoverDialog);
1184 for(i = (smGD.numSavedScreens - 1);i >= 0;i--)
1186 XtPopdown(smDD.coverDialog[i]);
1189 for(i = (smGD.numSavedScreens - 1);i >= 0;i--)
1191 XtDestroyWidget(smDD.coverDialog[i]);
1192 smDD.coverDialog[i] = NULL;
1194 smDD.lockCoverDialog = NULL;
1198 smGD.lockedState = UNLOCKED;
1200 XSync(smGD.display, 0);
1203 * Tell the Workspace Manager to unlock the display (depress the lock
1205 if(smGD.bmsDead == False)
1207 msg = tttk_message_create(0, TT_REQUEST, TT_SESSION, 0,
1208 "Display_Unlock", 0);
1209 tt_message_send(msg);
1210 tt_message_destroy(msg);
1218 static Position visibleY = -1;
1219 static Position hiddenY = -1;
1222 /*************************************<->*************************************
1229 * When a timeout occurs - take down the login screen by unmanaging it.
1243 *************************************<->***********************************/
1246 XtPointer client_data,
1249 if (lockDlgVisible == True)
1251 if (smGD.coverScreen == True)
1253 XtUnmapWidget(smDD.lockCoverDialog);
1260 XtSetArg(uiArgs[i], XmNy, hiddenY);i++;
1261 XtSetValues(smDD.lockDialog, uiArgs, i);
1265 timerId = (XtIntervalId)0;
1268 * Clear partially entered password if any.
1270 CheckString(NULL, 0);
1271 lockDlgVisible = False;
1273 XSync(smGD.display, 0);
1278 /*************************************<->*************************************
1285 * Redisplays the cover and the login when neccessary.
1299 *************************************<->***********************************/
1305 if (map == True && lockDlgVisible == False)
1307 if (smGD.coverScreen == True)
1309 XtMapWidget(smDD.lockCoverDialog);
1316 XtSetArg(uiArgs[i], XmNy, visibleY);i++;
1317 XtSetValues(smDD.lockDialog, uiArgs, i);
1320 lockDlgVisible = True;
1323 if (timeout == True)
1325 if(timerId != (XtIntervalId)0)
1327 XtRemoveTimeOut(timerId);
1330 if(smRes.alarmTime > 0)
1332 timerId = XtAppAddTimeOut(smGD.appCon,
1333 (smRes.alarmTime * 1000),
1334 TakeDownLogin,NULL);
1337 XSync(smGD.display, 0);
1341 /*************************************<->*************************************
1343 * LockAttemptFailed ()
1348 * Timed out trying to get a visibilitynotify on the lock
1362 *************************************<->***********************************/
1364 LockAttemptFailed(XtPointer ptr,
1365 XtIntervalId *invId)
1367 Widget lockWid = (Widget) ptr;
1369 PrintError(DtError, smNLS.cantLockErrorString);
1370 smGD.lockedState = UNLOCKED;
1371 XtRemoveEventHandler(lockWid, VisibilityChangeMask,
1372 False, FinishLocking, NULL);
1373 UnlockDisplay(False, False);
1374 XSync(smGD.display, 0);
1380 /*************************************<->*************************************
1382 * RequirePassword ()
1387 * Callback indicating a password is now required to unlock display.
1401 *************************************<->***********************************/
1403 RequirePassword(XtPointer ptr,
1404 XtIntervalId *invId)
1406 smGD.lockedState = LOCKED;
1410 /*************************************<->*************************************
1417 * blinks the caret in the password field
1431 *************************************<->***********************************/
1433 BlinkCaret(XtPointer ptr,
1434 XtIntervalId *invId)
1436 static int flag = 1;
1441 * Blink cursor to show the focus ..
1444 tmpString = XmStringCreateLocalized (" " );
1446 XtSetArg(uiArgs[i], XmNlabelString, tmpString); i++;
1447 XtSetValues(ptr, uiArgs, i);
1451 tmpString = XmStringCreateLocalized ("|");
1453 XtSetArg(uiArgs[i], XmNlabelString, tmpString); i++;
1454 XtSetValues(ptr, uiArgs, i);
1458 XmStringFree(tmpString);
1459 flash_id = XtAppAddTimeOut(smGD.appCon, 1000,
1465 /*************************************<->*************************************
1472 * Callback indicating we should cycle to next screen saver
1486 *************************************<->***********************************/
1488 CycleSaver(XtPointer ptr,
1489 XtIntervalId *invId)
1492 * Stop running screen saver, start a new one and reset timer.
1496 cycleId = XtAppAddTimeOut(smGD.appCon, smSaverRes.cycleTimeout*1000,
1502 /*************************************<->*************************************
1504 * localAuthenticate (name, uid, passwd)
1521 *************************************<->***********************************/
1532 char *Argv[2] = { "dtsession", NULL };
1534 SIAENTITY *se = NULL;
1540 real_uid = getuid();
1542 if (-1 == seteuid(0))
1549 * Caller just checking if it is possible to access
1550 * password file (ie is dtsession suid bit set properly).
1555 if (name && name[0])
1560 pw_name = getlogin();
1563 if ( sia_ses_init(&se, 1, Argv, (char *)NULL,
1564 pw_name, NULL, 0 /* don't collect info */,
1565 NULL) != SIASUCCESS)
1571 se->password = (char *)malloc(strlen(passwd) + 1);
1572 if ( se->password == (char *)NULL )
1574 sia_ses_release(&se);
1579 strcpy(se->password, passwd);
1581 code = sia_ses_reauthent (NULL, se);
1582 sia_ses_release(&se);
1586 if ( code == SIASUCCESS )
1596 register struct passwd *pwent;
1600 Boolean done = False;
1606 char *upasswd, *newname = NULL;
1608 struct spwd *sp=NULL;
1612 if(smGD.secureSystem)
1614 SM_SETEUID(smGD.unLockUID);
1619 * Get shadow password entry for 'name' or 'uid'.
1623 pwent = getpwuid(uid);
1627 name = newname = strdup(pwent->pw_name);
1629 name = pwent->pw_name;
1636 ia_openinfo(name, &uinfo)
1638 (sp = getspnam(name)) == NULL
1650 * Get password entry for 'name' or 'uid'.
1652 if ((pwent = (name == NULL ? getpwuid(uid) : getpwnam(name))) == NULL)
1662 if(smGD.secureSystem)
1664 SM_SETEUID(smGD.runningUID);
1670 ia_get_logpwd(uinfo, &upasswd);
1673 pwent->pw_passwd == NULL
1674 || pwent->pw_passwd[0] == '*'
1685 * Could not read password.
1697 * Caller just checking if it is possible to access
1698 * password file (ie is dtsession suid bit set properly).
1712 if (strcmp(crypt(passwd, upasswd), upasswd) != 0)
1714 if (strcmp(crypt(passwd,sp->sp_pwdp),sp->sp_pwdp) != 0)
1717 if (strcmp(pwent->pw_passwd, crypt(passwd, pwent->pw_passwd)) != 0)
1721 * Password incorrect.
1731 ia_closeinfo(uinfo);
1732 if (newname) free(newname);
1743 /*************************************<->*************************************
1745 * Authenticate (name, uid, passwd)
1762 *************************************<->***********************************/
1764 #if defined (_AIX) && defined(_POWER)
1772 register struct passwd *pwent;
1776 Boolean done = False;
1780 char *newname = NULL;
1783 if(smGD.secureSystem)
1785 SM_SETEUID(smGD.unLockUID);
1793 pwent = getpwuid(uid);
1796 name = newname = strdup(pwent->pw_name);
1802 * Authenticate user. Note: normally, we should check 'reenter' to
1803 * see if the user has another challenge. Since the dtsession screen
1804 * lock i/f does not yet have the support, our policy is to let the
1805 * user back in if they pass the first (password) challenge.
1807 arc = authenticate(name, passwd, &reenter, &msg);
1809 if(smGD.secureSystem)
1811 SM_SETEUID(smGD.runningUID);
1815 if (newname) free(newname);
1817 return(arc == 0 ? True : False);
1819 #endif /* _AIX && _POWER */