From e437b906b57fb1d16afc90bd505277e484208d71 Mon Sep 17 00:00:00 2001
From: Bartek Stalewski <ftpd@insomniac.pl>
Date: Wed, 21 Jul 2021 15:20:09 +0200
Subject: [PATCH] I don't want fingerprint in slock.

---
 _suckless/slock/config.def.h                  |   8 +-
 _suckless/slock/config.h                      |   8 +-
 _suckless/slock/config.mk                     |   2 +-
 .../02-slock-pam_auth-20190207-35633d4.diff   | 154 ------------------
 _suckless/slock/slock.c                       |  63 +------
 5 files changed, 12 insertions(+), 223 deletions(-)
 delete mode 100644 _suckless/slock/patches/02-slock-pam_auth-20190207-35633d4.diff

diff --git a/_suckless/slock/config.def.h b/_suckless/slock/config.def.h
index 43588aa..0940fb8 100644
--- a/_suckless/slock/config.def.h
+++ b/_suckless/slock/config.def.h
@@ -1,21 +1,17 @@
 /* user and group to drop privileges to */
-static const char *user  = "f";
-static const char *group = "users";
+static const char *user  = "nobody";
+static const char *group = "nogroup";
 
 static const char *colorname[NUMCOLS] = {
 	[BACKGROUND] =   "black",     /* after initialization */
 	[INIT] =   "#2d2d2d",     /* after initialization */
 	[INPUT] =  "#005577",   /* during input */
 	[FAILED] = "#CC3333",   /* wrong password */
-	[PAM] =    "#005577",   /* waiting for PAM */
 };
 
 /* treat a cleared input like a wrong password (color) */
 static const int failonclear = 1;
 
-/* PAM service that's used for authentication */
-static const char* pam_service = "login";
-
 /* insert grid pattern with scale 1:1, the size can be changed with logosize */
 static const int logosize = 75;
 static const int logow = 12;	/* grid width and height for right center alignment*/
diff --git a/_suckless/slock/config.h b/_suckless/slock/config.h
index 43588aa..0940fb8 100644
--- a/_suckless/slock/config.h
+++ b/_suckless/slock/config.h
@@ -1,21 +1,17 @@
 /* user and group to drop privileges to */
-static const char *user  = "f";
-static const char *group = "users";
+static const char *user  = "nobody";
+static const char *group = "nogroup";
 
 static const char *colorname[NUMCOLS] = {
 	[BACKGROUND] =   "black",     /* after initialization */
 	[INIT] =   "#2d2d2d",     /* after initialization */
 	[INPUT] =  "#005577",   /* during input */
 	[FAILED] = "#CC3333",   /* wrong password */
-	[PAM] =    "#005577",   /* waiting for PAM */
 };
 
 /* treat a cleared input like a wrong password (color) */
 static const int failonclear = 1;
 
-/* PAM service that's used for authentication */
-static const char* pam_service = "login";
-
 /* insert grid pattern with scale 1:1, the size can be changed with logosize */
 static const int logosize = 75;
 static const int logow = 12;	/* grid width and height for right center alignment*/
diff --git a/_suckless/slock/config.mk b/_suckless/slock/config.mk
index 1826ca1..08356e8 100644
--- a/_suckless/slock/config.mk
+++ b/_suckless/slock/config.mk
@@ -20,7 +20,7 @@ FREETYPEINC = /usr/include/freetype2
 
 # includes and libs
 INCS = -I. -I/usr/include -I${X11INC} -I${FREETYPEINC}
-LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 ${XINERAMALIBS} ${FREETYPELIBS} -lXext -lXrandr -lpam
+LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 ${XINERAMALIBS} ${FREETYPELIBS} -lXext -lXrandr
 
 # flags
 CPPFLAGS = -DVERSION=\"${VERSION}\" -D_DEFAULT_SOURCE -DHAVE_SHADOW_H ${XINERAMAFLAGS}
diff --git a/_suckless/slock/patches/02-slock-pam_auth-20190207-35633d4.diff b/_suckless/slock/patches/02-slock-pam_auth-20190207-35633d4.diff
deleted file mode 100644
index 136f4b5..0000000
--- a/_suckless/slock/patches/02-slock-pam_auth-20190207-35633d4.diff
+++ /dev/null
@@ -1,154 +0,0 @@
-diff --git a/config.def.h b/config.def.h
-index 9855e21..19e7f62 100644
---- a/config.def.h
-+++ b/config.def.h
-@@ -6,7 +6,11 @@ static const char *colorname[NUMCOLS] = {
- 	[INIT] =   "black",     /* after initialization */
- 	[INPUT] =  "#005577",   /* during input */
- 	[FAILED] = "#CC3333",   /* wrong password */
-+	[PAM] =    "#9400D3",   /* waiting for PAM */
- };
- 
- /* treat a cleared input like a wrong password (color) */
- static const int failonclear = 1;
-+
-+/* PAM service that's used for authentication */
-+static const char* pam_service = "login";
-diff --git a/config.mk b/config.mk
-index 74429ae..6e82074 100644
---- a/config.mk
-+++ b/config.mk
-@@ -12,7 +12,7 @@ X11LIB = /usr/X11R6/lib
- 
- # includes and libs
- INCS = -I. -I/usr/include -I${X11INC}
--LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr
-+LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr -lpam
- 
- # flags
- CPPFLAGS = -DVERSION=\"${VERSION}\" -D_DEFAULT_SOURCE -DHAVE_SHADOW_H
-diff --git a/slock.c b/slock.c
-index 5ae738c..3a8da42 100644
---- a/slock.c
-+++ b/slock.c
-@@ -18,16 +18,22 @@
- #include <X11/keysym.h>
- #include <X11/Xlib.h>
- #include <X11/Xutil.h>
-+#include <security/pam_appl.h>
-+#include <security/pam_misc.h>
- 
- #include "arg.h"
- #include "util.h"
- 
- char *argv0;
-+static int pam_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr);
-+struct pam_conv pamc = {pam_conv, NULL};
-+char passwd[256];
- 
- enum {
- 	INIT,
- 	INPUT,
- 	FAILED,
-+	PAM,
- 	NUMCOLS
- };
- 
-@@ -57,6 +63,31 @@ die(const char *errstr, ...)
- 	exit(1);
- }
- 
-+static int
-+pam_conv(int num_msg, const struct pam_message **msg,
-+		struct pam_response **resp, void *appdata_ptr)
-+{
-+	int retval = PAM_CONV_ERR;
-+	for(int i=0; i<num_msg; i++) {
-+		if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF &&
-+				strncmp(msg[i]->msg, "Password: ", 10) == 0) {
-+			struct pam_response *resp_msg = malloc(sizeof(struct pam_response));
-+			if (!resp_msg)
-+				die("malloc failed\n");
-+			char *password = malloc(strlen(passwd) + 1);
-+			if (!password)
-+				die("malloc failed\n");
-+			memset(password, 0, strlen(passwd) + 1);
-+			strcpy(password, passwd);
-+			resp_msg->resp_retcode = 0;
-+			resp_msg->resp = password;
-+			resp[i] = resp_msg;
-+			retval = PAM_SUCCESS;
-+		}
-+	}
-+	return retval;
-+}
-+
- #ifdef __linux__
- #include <fcntl.h>
- #include <linux/oom.h>
-@@ -121,6 +152,8 @@ gethash(void)
- 	}
- #endif /* HAVE_SHADOW_H */
- 
-+	/* pam, store user name */
-+	hash = pw->pw_name;
- 	return hash;
- }
- 
-@@ -129,11 +162,12 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
-        const char *hash)
- {
- 	XRRScreenChangeNotifyEvent *rre;
--	char buf[32], passwd[256], *inputhash;
--	int num, screen, running, failure, oldc;
-+	char buf[32];
-+	int num, screen, running, failure, oldc, retval;
- 	unsigned int len, color;
- 	KeySym ksym;
- 	XEvent ev;
-+	pam_handle_t *pamh;
- 
- 	len = 0;
- 	running = 1;
-@@ -160,10 +194,26 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
- 			case XK_Return:
- 				passwd[len] = '\0';
- 				errno = 0;
--				if (!(inputhash = crypt(passwd, hash)))
--					fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
-+				retval = pam_start(pam_service, hash, &pamc, &pamh);
-+				color = PAM;
-+				for (screen = 0; screen < nscreens; screen++) {
-+					XSetWindowBackground(dpy, locks[screen]->win, locks[screen]->colors[color]);
-+					XClearWindow(dpy, locks[screen]->win);
-+					XRaiseWindow(dpy, locks[screen]->win);
-+				}
-+				XSync(dpy, False);
-+
-+				if (retval == PAM_SUCCESS)
-+					retval = pam_authenticate(pamh, 0);
-+				if (retval == PAM_SUCCESS)
-+					retval = pam_acct_mgmt(pamh, 0);
-+
-+				running = 1;
-+				if (retval == PAM_SUCCESS)
-+					running = 0;
- 				else
--					running = !!strcmp(inputhash, hash);
-+					fprintf(stderr, "slock: %s\n", pam_strerror(pamh, retval));
-+				pam_end(pamh, retval);
- 				if (running) {
- 					XBell(dpy, 100);
- 					failure = 1;
-@@ -339,10 +389,9 @@ main(int argc, char **argv) {
- 	dontkillme();
- #endif
- 
-+	/* the contents of hash are used to transport the current user name */
- 	hash = gethash();
- 	errno = 0;
--	if (!crypt("", hash))
--		die("slock: crypt: %s\n", strerror(errno));
- 
- 	if (!(dpy = XOpenDisplay(NULL)))
- 		die("slock: cannot open display\n");
diff --git a/_suckless/slock/slock.c b/_suckless/slock/slock.c
index 37d3154..3ea9b7f 100644
--- a/_suckless/slock/slock.c
+++ b/_suckless/slock/slock.c
@@ -23,23 +23,17 @@
 #include <X11/Xlib.h>
 #include <X11/Xutil.h>
 #include <X11/Xft/Xft.h>
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
 
 #include "arg.h"
 #include "util.h"
 
 char *argv0;
-static int pam_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr);
-struct pam_conv pamc = {pam_conv, NULL};
-char passwd[256];
 
 enum {
 	BACKGROUND,
 	INIT,
 	INPUT,
 	FAILED,
-  PAM,
 	NUMCOLS
 };
 
@@ -74,31 +68,6 @@ die(const char *errstr, ...)
 	exit(1);
 }
 
-static int
-pam_conv(int num_msg, const struct pam_message **msg,
-		struct pam_response **resp, void *appdata_ptr)
-{
-	int retval = PAM_CONV_ERR;
-	for(int i=0; i<num_msg; i++) {
-		if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF &&
-				strncmp(msg[i]->msg, "Password: ", 10) == 0) {
-			struct pam_response *resp_msg = malloc(sizeof(struct pam_response));
-			if (!resp_msg)
-				die("malloc failed\n");
-			char *password = malloc(strlen(passwd) + 1);
-			if (!password)
-				die("malloc failed\n");
-			memset(password, 0, strlen(passwd) + 1);
-			strcpy(password, passwd);
-			resp_msg->resp_retcode = 0;
-			resp_msg->resp = password;
-			resp[i] = resp_msg;
-			retval = PAM_SUCCESS;
-		}
-	}
-	return retval;
-}
-
 #ifdef __linux__
 #include <fcntl.h>
 #include <linux/oom.h>
@@ -163,8 +132,6 @@ gethash(void)
 	}
 #endif /* HAVE_SHADOW_H */
 
-	/* pam, store user name */
-	hash = pw->pw_name;
 	return hash;
 }
 
@@ -199,12 +166,11 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
        const char *hash)
 {
 	XRRScreenChangeNotifyEvent *rre;
-	char buf[32];
-	int num, screen, running, failure, oldc, retval;
+	char buf[32], passwd[256], *inputhash;
+	int num, screen, running, failure, oldc;
 	unsigned int len, color;
 	KeySym ksym;
 	XEvent ev;
-	pam_handle_t *pamh;
 
 	len = 0;
 	running = 1;
@@ -231,26 +197,10 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
 			case XK_Return:
 				passwd[len] = '\0';
 				errno = 0;
-				retval = pam_start(pam_service, hash, &pamc, &pamh);
-				color = PAM;
-				for (screen = 0; screen < nscreens; screen++) {
-					XSetWindowBackground(dpy, locks[screen]->win, locks[screen]->colors[color]);
-					XClearWindow(dpy, locks[screen]->win);
-					XRaiseWindow(dpy, locks[screen]->win);
-				}
-				XSync(dpy, False);
-
-				if (retval == PAM_SUCCESS)
-					retval = pam_authenticate(pamh, 0);
-				if (retval == PAM_SUCCESS)
-					retval = pam_acct_mgmt(pamh, 0);
-
-				running = 1;
-				if (retval == PAM_SUCCESS)
-					running = 0;
+				if (!(inputhash = crypt(passwd, hash)))
+					fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
 				else
-					fprintf(stderr, "slock: %s\n", pam_strerror(pamh, retval));
-				pam_end(pamh, retval);
+					running = !!strcmp(inputhash, hash);
 				if (running) {
 					XBell(dpy, 100);
 					failure = 1;
@@ -449,9 +399,10 @@ main(int argc, char **argv) {
 	dontkillme();
 #endif
 
-	/* the contents of hash are used to transport the current user name */
 	hash = gethash();
 	errno = 0;
+	if (!crypt("", hash))
+		die("slock: crypt: %s\n", strerror(errno));
 
 	if (!(dpy = XOpenDisplay(NULL)))
 		die("slock: cannot open display\n");