Hello ports@,
This updates x11/i3lock from some commmit to 2.9.1. All of jasper@'s
patches were accepted upstream, so there is no need for them.
They did revert an old commit which ended up readding -lpam in the
Makefile, unconditionally, so we still have to patch that out. I will
submit a PR upstream and hopefully the next release will be
patch-free.
OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/i3lock/Makefile,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 Makefile
--- Makefile 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ Makefile 9 Jul 2017 15:17:58 -0000
@@ -2,11 +2,11 @@
COMMENT = improved screen locker
+VERSION = 2.9.1
GH_ACCOUNT = i3
GH_PROJECT = i3lock
-# XXX: Remove when upgrading
-GH_COMMIT = 80d4452ec680bcb0e57418f69d44d88ded82047c
-DISTNAME = i3lock-2.9
+GH_TAGNAME = ${VERSION}
+DISTNAME = i3lock-${VERSION}
CATEGORIES = x11
Index: distinfo
===================================================================
RCS file: /cvs/ports/x11/i3lock/distinfo,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 distinfo
--- distinfo 6 May 2017 15:10:18 -0000 1.2
+++ distinfo 9 Jul 2017 15:17:58 -0000
@@ -1,2 +1,2 @@
-SHA256 (i3lock-2.9-80d4452e.tar.gz) =
IrR9TeilPaU6myyezcWpbQhB3iQHNGAR+ycutlEBZRE=
-SIZE (i3lock-2.9-80d4452e.tar.gz) = 23692
+SHA256 (i3lock-2.9.1.tar.gz) = mY50R3gTvJxti9V6lFVBQA996Ny4mE8U1Lb4pSje7/c=
+SIZE (i3lock-2.9.1.tar.gz) = 24108
Index: patches/patch-Makefile
===================================================================
RCS file: /cvs/ports/x11/i3lock/patches/patch-Makefile,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 patch-Makefile
--- patches/patch-Makefile 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ patches/patch-Makefile 9 Jul 2017 15:17:58 -0000
@@ -1,29 +1,11 @@
-$OpenBSD: patch-Makefile,v 1.1.1.1 2017/04/15 12:53:02 jasper Exp $
-
-Add bsd_auth(3) support.
-
---- Makefile.orig Sun Mar 26 15:01:23 2017
-+++ Makefile Fri Apr 14 19:44:10 2017
-@@ -1,4 +1,5 @@
- TOPDIR=$(shell pwd)
-+UNAME=$(shell uname)
-
- INSTALL=install
- PREFIX=/usr
-@@ -16,9 +17,15 @@ CFLAGS += -Wall
+$OpenBSD$
+--- Makefile.orig Sun Jul 9 16:45:41 2017
++++ Makefile Sun Jul 9 16:45:53 2017
+@@ -17,7 +17,6 @@ CFLAGS += -Wall
CPPFLAGS += -D_GNU_SOURCE
- CFLAGS += $(shell $(PKG_CONFIG) --cflags cairo xcb-composite xcb-dpms
xcb-xinerama xcb-atom xcb-image xcb-xkb xkbcommon xkbcommon-x11)
- LIBS += $(shell $(PKG_CONFIG) --libs cairo xcb-composite xcb-dpms
xcb-xinerama xcb-atom xcb-image xcb-xkb xkbcommon xkbcommon-x11)
+ CFLAGS += $(shell $(PKG_CONFIG) --cflags cairo xcb-xinerama xcb-atom
xcb-image xcb-xkb xkbcommon xkbcommon-x11)
+ LIBS += $(shell $(PKG_CONFIG) --libs cairo xcb-xinerama xcb-atom xcb-image
xcb-xkb xkbcommon xkbcommon-x11)
-LIBS += -lpam
LIBS += -lev
LIBS += -lm
-+
-+# OpenBSD lacks PAM, use bsd_auth(3) instead.
-+ifeq ($(UNAME),OpenBSD)
-+ CPPFLAGS += -DUSE_BSDAUTH
-+else
-+ LIBS += -lpam
-+endif
- FILES:=$(wildcard *.c)
- FILES:=$(FILES:.c=.o)
Index: patches/patch-i3lock_c
===================================================================
RCS file: patches/patch-i3lock_c
diff -N patches/patch-i3lock_c
--- patches/patch-i3lock_c 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,231 +0,0 @@
-$OpenBSD: patch-i3lock_c,v 1.1.1.1 2017/04/15 12:53:02 jasper Exp $
-
-Add bsd_auth(3) support.
-
---- i3lock.c.orig Sun Mar 26 15:01:23 2017
-+++ i3lock.c Fri Apr 14 19:42:14 2017
-@@ -18,7 +18,12 @@
- #include <xcb/xkb.h>
- #include <err.h>
- #include <assert.h>
-+#ifdef USE_BSDAUTH
-+#include <login_cap.h>
-+#include <bsd_auth.h>
-+#else
- #include <security/pam_appl.h>
-+#endif
- #include <getopt.h>
- #include <string.h>
- #include <ev.h>
-@@ -29,6 +34,9 @@
- #include <cairo.h>
- #include <cairo/cairo-xcb.h>
-
-+#ifdef __OpenBSD__
-+#include <strings.h> /* explicit_bzero(3) */
-+#endif
- #include "i3lock.h"
- #include "xcb.h"
- #include "cursors.h"
-@@ -49,7 +57,9 @@ char color[7] = "ffffff";
- uint32_t last_resolution[2];
- xcb_window_t win;
- static xcb_cursor_t cursor;
-+#ifndef USE_BSDAUTH
- static pam_handle_t *pam_handle;
-+#endif /* !USE_BSDAUTH */
- int input_position = 0;
- /* Holds the password you enter (in UTF-8). */
- static char password[512];
-@@ -59,11 +69,11 @@ bool unlock_indicator = true;
- char *modifier_string = NULL;
- static bool dont_fork = false;
- struct ev_loop *main_loop;
--static struct ev_timer *clear_pam_wrong_timeout;
-+static struct ev_timer *clear_auth_wrong_timeout;
- static struct ev_timer *clear_indicator_timeout;
- static struct ev_timer *discard_passwd_timeout;
- extern unlock_state_t unlock_state;
--extern pam_state_t pam_state;
-+extern auth_state_t auth_state;
- int failed_attempts = 0;
- bool show_failed_attempts = false;
- bool retry_verification = false;
-@@ -158,6 +168,9 @@ static bool load_compose_table(const char *locale) {
- *
- */
- static void clear_password_memory(void) {
-+#ifdef __OpenBSD__
-+ explicit_bzero(password, strlen(password));
-+#else
- /* A volatile pointer to the password buffer to prevent the compiler from
- * optimizing this out. */
- volatile char *vpassword = password;
-@@ -167,6 +180,7 @@ static void clear_password_memory(void) {
- * compiler from optimizing the calls away, since the value of 'beep'
- * is not known at compile-time. */
- vpassword[c] = c + (int)beep;
-+#endif
- }
-
- ev_timer *start_timer(ev_timer *timer_obj, ev_tstamp timeout, ev_callback_t
callback) {
-@@ -206,13 +220,13 @@ static void finish_input(void) {
- }
-
- /*
-- * Resets pam_state to STATE_PAM_IDLE 2 seconds after an unsuccessful
-+ * Resets auth_state to STATE_AUTH_IDLE 2 seconds after an unsuccessful
- * authentication event.
- *
- */
- static void clear_pam_wrong(EV_P_ ev_timer *w, int revents) {
- DEBUG("clearing pam wrong\n");
-- pam_state = STATE_PAM_IDLE;
-+ auth_state = STATE_AUTH_IDLE;
- redraw_screen();
-
- /* Clear modifier string. */
-@@ -222,7 +236,7 @@ static void clear_pam_wrong(EV_P_ ev_timer *w, int rev
- }
-
- /* Now free this timeout. */
-- STOP_TIMER(clear_pam_wrong_timeout);
-+ STOP_TIMER(clear_auth_wrong_timeout);
-
- /* retry with input done during pam verification */
- if (retry_verification) {
-@@ -248,11 +262,24 @@ static void discard_passwd_cb(EV_P_ ev_timer *w, int r
- }
-
- static void input_done(void) {
-- STOP_TIMER(clear_pam_wrong_timeout);
-- pam_state = STATE_PAM_VERIFY;
-+ STOP_TIMER(clear_auth_wrong_timeout);
-+ auth_state = STATE_AUTH_VERIFY;
- unlock_state = STATE_STARTED;
- redraw_screen();
-
-+#ifdef USE_BSDAUTH
-+ struct passwd *pw;
-+
-+ if (!(pw = getpwuid(getuid())))
-+ errx(1, "unknown uid %u.", getuid());
-+
-+ if (auth_userokay(pw->pw_name, NULL, NULL, password) != 0) {
-+ DEBUG("successfully authenticated\n");
-+ clear_password_memory();
-+
-+ exit(0);
-+ }
-+#else
- if (pam_authenticate(pam_handle, 0) == PAM_SUCCESS) {
- DEBUG("successfully authenticated\n");
- clear_password_memory();
-@@ -266,12 +293,13 @@ static void input_done(void) {
-
- exit(0);
- }
-+#endif
-
- if (debug_mode)
- fprintf(stderr, "Authentication failure\n");
-
- /* Get state of Caps and Num lock modifiers, to be displayed in
-- * STATE_PAM_WRONG state */
-+ * STATE_AUTH_WRONG state */
- xkb_mod_index_t idx, num_mods;
- const char *mod_name;
-
-@@ -305,7 +333,7 @@ static void input_done(void) {
- }
- }
-
-- pam_state = STATE_PAM_WRONG;
-+ auth_state = STATE_AUTH_WRONG;
- failed_attempts += 1;
- clear_input();
- if (unlock_indicator)
-@@ -314,7 +342,7 @@ static void input_done(void) {
- /* Clear this state after 2 seconds (unless the user enters another
- * password during that time). */
- ev_now_update(main_loop);
-- START_TIMER(clear_pam_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong);
-+ START_TIMER(clear_auth_wrong_timeout, TSTAMP_N_SECS(2), clear_pam_wrong);
-
- /* Cancel the clear_indicator_timeout, it would hide the unlock indicator
- * too early. */
-@@ -393,7 +421,7 @@ static void handle_key_press(xcb_key_press_event_t *ev
- if ((ksym == XKB_KEY_j || ksym == XKB_KEY_m) && !ctrl)
- break;
-
-- if (pam_state == STATE_PAM_WRONG) {
-+ if (auth_state == STATE_AUTH_WRONG) {
- retry_verification = true;
- return;
- }
-@@ -601,6 +629,7 @@ void handle_screen_resize(void) {
- * Callback function for PAM. We only react on password request callbacks.
- *
- */
-+#ifndef USE_BSDAUTH
- static int conv_callback(int num_msg, const struct pam_message **msg,
- struct pam_response **resp, void *appdata_ptr) {
- if (num_msg == 0)
-@@ -627,6 +656,7 @@ static int conv_callback(int num_msg, const struct pam
-
- return 0;
- }
-+#endif /* !USE_BSDAUTH */
-
- /*
- * This callback is only a dummy, see xcb_prepare_cb and xcb_check_cb.
-@@ -782,8 +812,10 @@ int main(int argc, char *argv[]) {
- struct passwd *pw;
- char *username;
- char *image_path = NULL;
-+#ifndef USE_BSDAUTH
- int ret;
- struct pam_conv conv = {conv_callback, NULL};
-+#endif /* !USE_BSDAUTH */
- int curs_choice = CURS_NONE;
- int o;
- int optind = 0;
-@@ -877,17 +909,19 @@ int main(int argc, char *argv[]) {
- * the unlock indicator upon keypresses. */
- srand(time(NULL));
-
-+#ifndef USE_BSDAUTH
- /* Initialize PAM */
- if ((ret = pam_start("i3lock", username, &conv, &pam_handle)) !=
PAM_SUCCESS)
- errx(EXIT_FAILURE, "PAM: %s", pam_strerror(pam_handle, ret));
-
- if ((ret = pam_set_item(pam_handle, PAM_TTY, getenv("DISPLAY"))) !=
PAM_SUCCESS)
- errx(EXIT_FAILURE, "PAM: %s", pam_strerror(pam_handle, ret));
-+#endif /* !USE_BSDAUTH */
-
- /* Using mlock() as non-super-user seems only possible in Linux. Users of
other
- * operating systems should use encrypted swap/no swap (or remove the ifdef
and
- * run i3lock as super-user). */
--#if defined(__linux__)
-+#if defined(__linux__) || defined(__OpenBSD__)
- /* Lock the area where we store the password in memory, we don’t want it
to
- * be swapped to disk. Since Linux 2.6.9, this does not require any
- * privileges, just enough bytes in the RLIMIT_MEMLOCK limit. */
-@@ -985,7 +1019,7 @@ int main(int argc, char *argv[]) {
- cursor = create_cursor(conn, screen, win, curs_choice);
-
- /* Display the "locking…" message while trying to grab the
pointer/keyboard. */
-- pam_state = STATE_PAM_LOCK;
-+ auth_state = STATE_AUTH_LOCK;
- grab_pointer_and_keyboard(conn, screen, cursor);
-
- pid_t pid = fork();
-@@ -1012,7 +1046,7 @@ int main(int argc, char *argv[]) {
- errx(EXIT_FAILURE, "Could not initialize libev. Bad LIBEV_FLAGS?\n");
-
- /* Explicitly call the screen redraw in case "locking…" message was
displayed */
-- pam_state = STATE_PAM_IDLE;
-+ auth_state = STATE_AUTH_IDLE;
- redraw_screen();
-
- struct ev_io *xcb_watcher = calloc(sizeof(struct ev_io), 1);
Index: patches/patch-unlock_indicator_c
===================================================================
RCS file: patches/patch-unlock_indicator_c
diff -N patches/patch-unlock_indicator_c
--- patches/patch-unlock_indicator_c 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,100 +0,0 @@
-$OpenBSD: patch-unlock_indicator_c,v 1.1.1.1 2017/04/15 12:53:02 jasper Exp $
-
-Add bsd_auth(3) support.
-
---- unlock_indicator.c.orig Sun Mar 26 15:01:23 2017
-+++ unlock_indicator.c Fri Apr 14 19:42:14 2017
-@@ -78,7 +78,7 @@ static xcb_visualtype_t *vistype;
- /* Maintain the current unlock/PAM state to draw the appropriate unlock
- * indicator. */
- unlock_state_t unlock_state;
--pam_state_t pam_state;
-+auth_state_t auth_state;
-
- /*
- * Returns the scaling factor of the current screen. E.g., on a 227 DPI
MacBook
-@@ -141,7 +141,7 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
- }
-
- if (unlock_indicator &&
-- (unlock_state >= STATE_KEY_PRESSED || pam_state > STATE_PAM_IDLE)) {
-+ (unlock_state >= STATE_KEY_PRESSED || auth_state > STATE_AUTH_IDLE)) {
- cairo_scale(ctx, scaling_factor(), scaling_factor());
- /* Draw a (centered) circle with transparent background. */
- cairo_set_line_width(ctx, 10.0);
-@@ -154,12 +154,12 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
-
- /* Use the appropriate color for the different PAM states
- * (currently verifying, wrong password, or default) */
-- switch (pam_state) {
-- case STATE_PAM_VERIFY:
-- case STATE_PAM_LOCK:
-+ switch (auth_state) {
-+ case STATE_AUTH_VERIFY:
-+ case STATE_AUTH_LOCK:
- cairo_set_source_rgba(ctx, 0, 114.0 / 255, 255.0 / 255, 0.75);
- break;
-- case STATE_PAM_WRONG:
-+ case STATE_AUTH_WRONG:
- case STATE_I3LOCK_LOCK_FAILED:
- cairo_set_source_rgba(ctx, 250.0 / 255, 0, 0, 0.75);
- break;
-@@ -169,16 +169,16 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
- }
- cairo_fill_preserve(ctx);
-
-- switch (pam_state) {
-- case STATE_PAM_VERIFY:
-- case STATE_PAM_LOCK:
-+ switch (auth_state) {
-+ case STATE_AUTH_VERIFY:
-+ case STATE_AUTH_LOCK:
- cairo_set_source_rgb(ctx, 51.0 / 255, 0, 250.0 / 255);
- break;
-- case STATE_PAM_WRONG:
-+ case STATE_AUTH_WRONG:
- case STATE_I3LOCK_LOCK_FAILED:
- cairo_set_source_rgb(ctx, 125.0 / 255, 51.0 / 255, 0);
- break;
-- case STATE_PAM_IDLE:
-+ case STATE_AUTH_IDLE:
- cairo_set_source_rgb(ctx, 51.0 / 255, 125.0 / 255, 0);
- break;
- }
-@@ -205,14 +205,14 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
- cairo_set_source_rgb(ctx, 0, 0, 0);
- cairo_select_font_face(ctx, "sans-serif", CAIRO_FONT_SLANT_NORMAL,
CAIRO_FONT_WEIGHT_NORMAL);
- cairo_set_font_size(ctx, 28.0);
-- switch (pam_state) {
-- case STATE_PAM_VERIFY:
-+ switch (auth_state) {
-+ case STATE_AUTH_VERIFY:
- text = "verifying…";
- break;
-- case STATE_PAM_LOCK:
-+ case STATE_AUTH_LOCK:
- text = "locking…";
- break;
-- case STATE_PAM_WRONG:
-+ case STATE_AUTH_WRONG:
- text = "wrong!";
- break;
- case STATE_I3LOCK_LOCK_FAILED:
-@@ -245,7 +245,7 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
- cairo_close_path(ctx);
- }
-
-- if (pam_state == STATE_PAM_WRONG && (modifier_string != NULL)) {
-+ if (auth_state == STATE_AUTH_WRONG && (modifier_string != NULL)) {
- cairo_text_extents_t extents;
- double x, y;
-
-@@ -334,7 +334,7 @@ xcb_pixmap_t draw_image(uint32_t *resolution) {
- *
- */
- void redraw_screen(void) {
-- DEBUG("redraw_screen(unlock_state = %d, pam_state = %d)\n", unlock_state,
pam_state);
-+ DEBUG("redraw_screen(unlock_state = %d, auth_state = %d)\n",
unlock_state, auth_state);
- xcb_pixmap_t bg_pixmap = draw_image(last_resolution);
- xcb_change_window_attributes(conn, win, XCB_CW_BACK_PIXMAP,
(uint32_t[1]){bg_pixmap});
- /* XXX: Possible optimization: Only update the area in the middle of the
Index: patches/patch-unlock_indicator_h
===================================================================
RCS file: patches/patch-unlock_indicator_h
diff -N patches/patch-unlock_indicator_h
--- patches/patch-unlock_indicator_h 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,24 +0,0 @@
-$OpenBSD: patch-unlock_indicator_h,v 1.1.1.1 2017/04/15 12:53:02 jasper Exp $
-
-Add bsd_auth(3) support.
-
---- unlock_indicator.h.orig Sun Mar 26 15:01:23 2017
-+++ unlock_indicator.h Fri Apr 14 19:42:14 2017
-@@ -11,12 +11,12 @@ typedef enum {
- } unlock_state_t;
-
- typedef enum {
-- STATE_PAM_IDLE = 0, /* no PAM interaction at the moment */
-- STATE_PAM_VERIFY = 1, /* currently verifying the password via PAM
*/
-- STATE_PAM_LOCK = 2, /* currently locking the screen */
-- STATE_PAM_WRONG = 3, /* the password was wrong */
-+ STATE_AUTH_IDLE = 0, /* no authenticator interaction at the
moment */
-+ STATE_AUTH_VERIFY = 1, /* currently verifying the password via
authenticator */
-+ STATE_AUTH_LOCK = 2, /* currently locking the screen */
-+ STATE_AUTH_WRONG = 3, /* the password was wrong */
- STATE_I3LOCK_LOCK_FAILED = 4 /* i3lock failed to load */
--} pam_state_t;
-+} auth_state_t;
-
- xcb_pixmap_t draw_image(uint32_t* resolution);
- void redraw_screen(void);
Index: patches/patch-xcb_c
===================================================================
RCS file: patches/patch-xcb_c
diff -N patches/patch-xcb_c
--- patches/patch-xcb_c 15 Apr 2017 12:53:02 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,24 +0,0 @@
-$OpenBSD: patch-xcb_c,v 1.1.1.1 2017/04/15 12:53:02 jasper Exp $
-
-Add bsd_auth(3) support.
-
---- xcb.c.orig Sun Mar 26 15:01:23 2017
-+++ xcb.c Fri Apr 14 19:42:14 2017
-@@ -24,7 +24,7 @@
- #include "cursors.h"
- #include "unlock_indicator.h"
-
--extern pam_state_t pam_state;
-+extern auth_state_t auth_state;
-
- xcb_connection_t *conn;
- xcb_screen_t *screen;
-@@ -262,7 +262,7 @@ void grab_pointer_and_keyboard(xcb_connection_t *conn,
- /* After trying for 10000 times, i3lock will display an error message
- * for 2 sec prior to terminate. */
- if (tries <= 0) {
-- pam_state = STATE_I3LOCK_LOCK_FAILED;
-+ auth_state = STATE_I3LOCK_LOCK_FAILED;
- redraw_screen();
- sleep(1);
- errx(EXIT_FAILURE, "Cannot grab pointer/keyboard");
