pam: fallback auth to su

This commit is contained in:
Vaxry 2024-03-03 02:27:32 +00:00
parent ada7ce8e56
commit f9fe60c7eb

View file

@ -1,5 +1,6 @@
#include "Password.hpp" #include "Password.hpp"
#include "hyprlock.hpp" #include "hyprlock.hpp"
#include "../helpers/Log.hpp"
#include <unistd.h> #include <unistd.h>
#include <security/pam_appl.h> #include <security/pam_appl.h>
@ -27,17 +28,17 @@ std::shared_ptr<CPassword::SVerificationResult> CPassword::verify(const std::str
std::shared_ptr<CPassword::SVerificationResult> result = std::make_shared<CPassword::SVerificationResult>(false); std::shared_ptr<CPassword::SVerificationResult> result = std::make_shared<CPassword::SVerificationResult>(false);
std::thread([this, result, pass]() { std::thread([this, result, pass]() {
auto auth = [&](std::string auth) -> bool {
const pam_conv localConv = {conv, NULL}; const pam_conv localConv = {conv, NULL};
pam_handle_t* handle = NULL; pam_handle_t* handle = NULL;
int ret = pam_start("hyprlock", getlogin(), &localConv, &handle); int ret = pam_start(auth.c_str(), getlogin(), &localConv, &handle);
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
result->success = false; result->success = false;
result->failReason = "pam_start failed"; result->failReason = "pam_start failed";
result->realized = true; Debug::log(ERR, "auth: pam_start failed for {}", auth);
g_pHyprlock->addTimer(std::chrono::milliseconds(1), passwordCheckTimerCallback, nullptr); return false;
return;
} }
reply = (struct pam_response*)malloc(sizeof(struct pam_response)); reply = (struct pam_response*)malloc(sizeof(struct pam_response));
@ -49,16 +50,20 @@ std::shared_ptr<CPassword::SVerificationResult> CPassword::verify(const std::str
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
result->success = false; result->success = false;
result->failReason = ret == PAM_AUTH_ERR ? "Authentication failed" : "pam_authenticate failed"; result->failReason = ret == PAM_AUTH_ERR ? "Authentication failed" : "pam_authenticate failed";
result->realized = true; Debug::log(ERR, "auth: {} for {}", result->failReason, auth);
g_pHyprlock->addTimer(std::chrono::milliseconds(1), passwordCheckTimerCallback, nullptr); return false;
return;
} }
ret = pam_end(handle, ret); ret = pam_end(handle, ret);
result->success = true; result->success = true;
result->failReason = "Successfully authenticated"; result->failReason = "Successfully authenticated";
result->realized = true; Debug::log(LOG, "auth: authenticated for {}", auth);
return true;
};
result->realized = auth("hyprlock") || auth("su") || true;
g_pHyprlock->addTimer(std::chrono::milliseconds(1), passwordCheckTimerCallback, nullptr); g_pHyprlock->addTimer(std::chrono::milliseconds(1), passwordCheckTimerCallback, nullptr);
}).detach(); }).detach();