- Take maintainership [1]

- Add PAM support ("slock" service)

Approved by:	bapt (former maintainer) [1]

2 files changed, 119 insertions, 2 deletions

diff --git a/x11/slock/Makefile b/x11/slock/Makefile
index f3f7097d5891..ffb0da1565d1 100644
--- a/x11/slock/Makefile
+++ b/x11/slock/Makefile
@@ -6,7 +6,7 @@ PORTVERSION=	1.1
 CATEGORIES=	x11
 MASTER_SITES=	http://dl.suckless.org/tools/
 
-MAINTAINER=	bapt@FreeBSD.org
+MAINTAINER=	gahr@FreeBSD.org
 COMMENT=	Simple X screen locker
 
 MAKE_ARGS=	PREFIX="${PREFIX}" X11LIB="${LOCALBASE}/lib" \
@@ -21,6 +21,7 @@ USE_XORG=	x11 xt xproto xext
 
 post-patch:
 	@${REINPLACE_CMD} -e 's|-I/usr/include||;s|-L/usr/lib||;s|= -Os|+=|'\
-		-e 's|-DHAVE_SHADOW_H||' ${WRKSRC}/config.mk
+		-e 's|-DHAVE_SHADOW_H|-DHAVE_PAM|' -e '/^LDFLAGS/s|$$| -lpam|' \
+		${WRKSRC}/config.mk
 
 .include <bsd.port.mk>
diff --git a/x11/slock/files/patch-pam b/x11/slock/files/patch-pam
new file mode 100644
index 000000000000..333b0350be4e
--- /dev/null
+++ b/x11/slock/files/patch-pam
@@ -0,0 +1,116 @@
+--- config.mk.orig	2013-10-09 16:23:24.000000000 +0200
++++ config.mk	2013-10-09 16:25:18.000000000 +0200
+@@ -18,6 +18,9 @@
+ CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
+ LDFLAGS = -s ${LIBS}
+ 
++# To enable PAM-based authentication, remove -DHAVE_SHADOW_H from CPPFLAGS
++# and add -DHAVE_PAM instead. Also, add -lpam to LDFLAGS.
++#
+ # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
+ # On OpenBSD and Darwin remove -lcrypt from LIBS
+ 
+--- slock.c.orig	2013-10-09 16:23:14.000000000 +0200
++++ slock.c	2013-10-09 16:23:18.000000000 +0200
+@@ -23,6 +23,10 @@
+ #include <bsd_auth.h>
+ #endif
+ 
++#if HAVE_PAM
++#include <security/pam_appl.h>
++#endif
++
+ typedef struct {
+ 	int screen;
+ 	Window root, win;
+@@ -44,7 +48,7 @@
+ 	exit(EXIT_FAILURE);
+ }
+ 
+-#ifndef HAVE_BSD_AUTH
++#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
+ static const char *
+ getpw(void) { /* only run as root */
+ 	const char *rval;
+@@ -74,8 +78,41 @@
+ }
+ #endif
+ 
++#ifdef HAVE_PAM
++static int
++slock_conv (int nof_msg, const struct pam_message **msg, struct pam_response **resp, void *data) {
++	struct pam_response *r = calloc (nof_msg, sizeof **resp);
++	if (r == NULL) {
++		die("slock: malloc: %s", strerror(errno));
++	}
++
++	while (nof_msg--) {
++		r[nof_msg].resp_retcode = 0;
++		r[nof_msg].resp = strdup (data);
++	}
++
++	*resp = r;
++
++	return PAM_SUCCESS;
++}
++
++static int
++auth_pam (const char *user, char *pass) {
++	static struct pam_conv conv = {slock_conv, NULL};
++	pam_handle_t *ph;
++
++	conv.appdata_ptr = pass;
++
++	if (pam_start("slock", user, &conv, &ph) != PAM_SUCCESS) {
++		die("slock: pam_start");
++	}
++
++	return (pam_authenticate(ph, 0) == PAM_SUCCESS);
++}
++#endif
++
+ static void
+-#ifdef HAVE_BSD_AUTH
++#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
+ readpw(Display *dpy)
+ #else
+ readpw(Display *dpy, const char *pws)
+@@ -111,8 +148,10 @@
+ 			switch(ksym) {
+ 			case XK_Return:
+ 				passwd[len] = 0;
+-#ifdef HAVE_BSD_AUTH
++#if defined (HAVE_BSD_AUTH)
+ 				running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
++#elif defined (HAVE_PAM)
++				running = !auth_pam(getlogin(), passwd);
+ #else
+ 				running = strcmp(crypt(passwd, pws), pws);
+ #endif
+@@ -233,7 +272,7 @@
+ 
+ int
+ main(int argc, char **argv) {
+-#ifndef HAVE_BSD_AUTH
++#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
+ 	const char *pws;
+ #endif
+ 	Display *dpy;
+@@ -247,7 +286,7 @@
+ 	if(!getpwuid(getuid()))
+ 		die("slock: no passwd entry for you");
+ 
+-#ifndef HAVE_BSD_AUTH
++#if !defined(HAVE_BSD_AUTH) && !defined(HAVE_PAM)
+ 	pws = getpw();
+ #endif
+ 
+@@ -273,7 +312,7 @@
+ 	}
+ 
+ 	/* Everything is now blank. Now wait for the correct password. */
+-#ifdef HAVE_BSD_AUTH
++#if defined(HAVE_BSD_AUTH) || defined(HAVE_PAM)
+ 	readpw(dpy);
+ #else
+ 	readpw(dpy, pws);