meta-openembedded/meta-oe/recipes-graphics/lxdm/lxdm/0007-greeter.c-support-to-update-expired-password.patch - openbmc/openbmc - Gitiles

 From bae6a2b3a2232abd16a8d8558dda542d4970f1bb Mon Sep 17 00:00:00 2001
 From: Kai Kang <kai.kang@windriver.com>
 Date: Tue, 12 Jan 2021 09:23:05 +0800
 Subject: [PATCH 7/8] greeter.c: support to update expired password

 Update greeter to work with ui to handle expired password. It checks
 whether password is expired after input user and password. If expired,
 force user to update password immediately. It allows 3 times to try. If
 exceeds, reset to input user.

 Upstream-Status: Submitted [https://sourceforge.net/p/lxdm/code/merge-requests/1/]

 Signed-off-by: Kai Kang <kai.kang@windriver.com>
 ---
  src/greeter.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++++--
  1 file changed, 81 insertions(+), 2 deletions(-)

 diff --git a/src/greeter.c b/src/greeter.c
 index f100c72..804fca0 100644
 --- a/src/greeter.c
 +++ b/src/greeter.c
 @@ -77,6 +77,8 @@ static GtkWidget *lang_menu;

  static char* user = NULL;
  static char* pass = NULL;
 +static char* new_pass = NULL;
 +static gboolean pass_expired = FALSE;

  static char* ui_file = NULL;
  static char *ui_nobody = NULL;
 @@ -167,10 +169,19 @@ static void switch_to_input_passwd(void)
  		else
  			gtk_widget_hide(user_list);
  	}
 -	gtk_label_set_text( GTK_LABEL(prompt), _("Password:") );
 +	if (pass_expired) {
 +		if (!new_pass) {
 +			gtk_label_set_text(GTK_LABEL(prompt), _("New password:"));
 +		} else {
 +			gtk_label_set_text(GTK_LABEL(prompt), _("Retype new password:"));
 +		}
 +	} else {
 +		gtk_label_set_text( GTK_LABEL(prompt), _("Password:") );
 +	}
  	gtk_entry_set_text(GTK_ENTRY(login_entry), "");
  	gtk_entry_set_visibility(GTK_ENTRY(login_entry), FALSE);
  	gtk_widget_show(login_entry);
 +	gtk_widget_show(prompt);
  	gtk_widget_grab_focus(login_entry);
  }

 @@ -189,6 +200,8 @@ static void try_login_user(const char *user)

  static void on_entry_activate(GtkEntry* entry)
  {
 +	static int count = 0;
 +
  	char* tmp;
  	if( !user )
  	{
 @@ -217,6 +230,46 @@ static void on_entry_activate(GtkEntry* entry)
  	}
  	else
  	{
 +		if (pass_expired) {
 +			if (!new_pass) {
 +				new_pass = g_strdup(gtk_entry_get_text(entry));
 +				switch_to_input_passwd();
 +			} else {
 +				tmp = g_strdup(gtk_entry_get_text(entry));
 +				if (strcmp(new_pass, tmp)) {
 +					g_free(new_pass);
 +					new_pass = NULL;
 +					// if new passwords not match, retry for 3 times at most
 +					if (++count < 3) {
 +						switch_to_input_passwd();
 +					} else {
 +						count = 0;
 +						pass_expired = FALSE;
 +						switch_to_input_user();
 +					}
 +				} else if (!strcmp(pass, g_base64_encode((guchar*)new_pass, strlen(new_pass) + 1))) {
 +					// if new password is same as old one
 +					g_free(new_pass);
 +					new_pass = NULL;
 +					if (++count < 3) {
 +						switch_to_input_passwd();
 +					} else {
 +						count = 0;
 +						pass_expired = FALSE;
 +						switch_to_input_user();
 +					}
 +				} else {
 +					char *session_exec=get_session_exec();
 +					char *session_lang=get_session_lang();
 +
 +					printf("update-new-password user=%s newpass=%s session=%s lang=%s\n",
 +						user, new_pass, session_exec, session_lang);
 +				}
 +			}
 +
 +			return ;
 +		}
 +
  		char *session_exec=get_session_exec();
  		char *session_lang=get_session_lang();

 @@ -227,6 +280,7 @@ static void on_entry_activate(GtkEntry* entry)
  		printf("login user=%s pass=%s session=%s lang=%s\n",
  			user, pass, session_exec, session_lang);

 +#if 0
  		/* password check failed */
  		g_free(user);
  		user = NULL;
 @@ -241,6 +295,7 @@ static void on_entry_activate(GtkEntry* entry)
  		gtk_label_set_text( GTK_LABEL(prompt), _("User:") );
  		gtk_entry_set_text(GTK_ENTRY(entry), "");
  		gtk_entry_set_visibility(GTK_ENTRY(entry), TRUE);
 +#endif
  	}
  }

 @@ -1091,8 +1146,12 @@ static void on_screen_size_changed(GdkScreen *screen,GtkWidget *win)

  static gint login_entry_on_key_press (GtkWidget *widget,GdkEventKey *event)
  {
 -	if(event->keyval == GDK_Escape)
 +	if(event->keyval == GDK_Escape) {
 +		g_free(new_pass);
 +		new_pass = NULL;
 +		pass_expired = FALSE;
  		switch_to_input_user();
 +	}
  	return FALSE;
  }

 @@ -1285,8 +1344,10 @@ static void create_win()

  static gboolean on_lxdm_command(GIOChannel *source, GIOCondition condition, gpointer data)
  {
 +
  	GIOStatus ret;
  	char *str;
 +	static int count = 0;

  	if( !(G_IO_IN & condition) )
  		return FALSE;
 @@ -1300,10 +1361,28 @@ static gboolean on_lxdm_command(GIOChannel *source, GIOCondition condition, gpoi
  	{
  		switch_to_input_user();
  	}
 +	else if (!strncmp(str, "password-expire", 15))
 +	{
 +		pass_expired = TRUE;
 +		switch_to_input_passwd();
 +	}
  	else if( !strncmp(str, "password", 8))
  	{
  		switch_to_input_passwd();
  	}
 +	else if (!strncmp(str, "invalid-new-password", 20))
 +	{
 +		g_free(new_pass);
 +		new_pass = NULL;
 +
 +		if (count++ < 3) {
 +			switch_to_input_passwd();
 +		} else {
 +			count = 0;
 +			pass_expired = FALSE;
 +			switch_to_input_user();
 +		}
 +	}
  	g_free(str);
  	return TRUE;
  }
 --
 2.25.1
	From bae6a2b3a2232abd16a8d8558dda542d4970f1bb Mon Sep 17 00:00:00 2001
	From: Kai Kang <kai.kang@windriver.com>
	Date: Tue, 12 Jan 2021 09:23:05 +0800
	Subject: [PATCH 7/8] greeter.c: support to update expired password

	Update greeter to work with ui to handle expired password. It checks
	whether password is expired after input user and password. If expired,
	force user to update password immediately. It allows 3 times to try. If
	exceeds, reset to input user.

	Upstream-Status: Submitted [https://sourceforge.net/p/lxdm/code/merge-requests/1/]

	Signed-off-by: Kai Kang <kai.kang@windriver.com>
	---
	src/greeter.c \| 83 +++++++++++++++++++++++++++++++++++++++++++++++++--
	1 file changed, 81 insertions(+), 2 deletions(-)

	diff --git a/src/greeter.c b/src/greeter.c
	index f100c72..804fca0 100644
	--- a/src/greeter.c
	+++ b/src/greeter.c
	@@ -77,6 +77,8 @@ static GtkWidget *lang_menu;

	static char* user = NULL;
	static char* pass = NULL;
	+static char* new_pass = NULL;
	+static gboolean pass_expired = FALSE;

	static char* ui_file = NULL;
	static char *ui_nobody = NULL;
	@@ -167,10 +169,19 @@ static void switch_to_input_passwd(void)
	else
	gtk_widget_hide(user_list);
	}
	- gtk_label_set_text( GTK_LABEL(prompt), _("Password:") );
	+ if (pass_expired) {
	+ if (!new_pass) {
	+ gtk_label_set_text(GTK_LABEL(prompt), _("New password:"));
	+ } else {
	+ gtk_label_set_text(GTK_LABEL(prompt), _("Retype new password:"));
	+ }
	+ } else {
	+ gtk_label_set_text( GTK_LABEL(prompt), _("Password:") );
	+ }
	gtk_entry_set_text(GTK_ENTRY(login_entry), "");
	gtk_entry_set_visibility(GTK_ENTRY(login_entry), FALSE);
	gtk_widget_show(login_entry);
	+ gtk_widget_show(prompt);
	gtk_widget_grab_focus(login_entry);
	}

	@@ -189,6 +200,8 @@ static void try_login_user(const char *user)

	static void on_entry_activate(GtkEntry* entry)
	{
	+ static int count = 0;
	+
	char* tmp;
	if( !user )
	{
	@@ -217,6 +230,46 @@ static void on_entry_activate(GtkEntry* entry)
	}
	else
	{
	+ if (pass_expired) {
	+ if (!new_pass) {
	+ new_pass = g_strdup(gtk_entry_get_text(entry));
	+ switch_to_input_passwd();
	+ } else {
	+ tmp = g_strdup(gtk_entry_get_text(entry));
	+ if (strcmp(new_pass, tmp)) {
	+ g_free(new_pass);
	+ new_pass = NULL;
	+ // if new passwords not match, retry for 3 times at most
	+ if (++count < 3) {
	+ switch_to_input_passwd();
	+ } else {
	+ count = 0;
	+ pass_expired = FALSE;
	+ switch_to_input_user();
	+ }
	+ } else if (!strcmp(pass, g_base64_encode((guchar*)new_pass, strlen(new_pass) + 1))) {
	+ // if new password is same as old one
	+ g_free(new_pass);
	+ new_pass = NULL;
	+ if (++count < 3) {
	+ switch_to_input_passwd();
	+ } else {
	+ count = 0;
	+ pass_expired = FALSE;
	+ switch_to_input_user();
	+ }
	+ } else {
	+ char *session_exec=get_session_exec();
	+ char *session_lang=get_session_lang();
	+
	+ printf("update-new-password user=%s newpass=%s session=%s lang=%s\n",
	+ user, new_pass, session_exec, session_lang);
	+ }
	+ }
	+
	+ return ;
	+ }
	+
	char *session_exec=get_session_exec();
	char *session_lang=get_session_lang();

	@@ -227,6 +280,7 @@ static void on_entry_activate(GtkEntry* entry)
	printf("login user=%s pass=%s session=%s lang=%s\n",
	user, pass, session_exec, session_lang);

	+#if 0
	/* password check failed */
	g_free(user);
	user = NULL;
	@@ -241,6 +295,7 @@ static void on_entry_activate(GtkEntry* entry)
	gtk_label_set_text( GTK_LABEL(prompt), _("User:") );
	gtk_entry_set_text(GTK_ENTRY(entry), "");
	gtk_entry_set_visibility(GTK_ENTRY(entry), TRUE);
	+#endif
	}
	}

	@@ -1091,8 +1146,12 @@ static void on_screen_size_changed(GdkScreen screen,GtkWidget win)

	static gint login_entry_on_key_press (GtkWidget widget,GdkEventKey event)
	{
	- if(event->keyval == GDK_Escape)
	+ if(event->keyval == GDK_Escape) {
	+ g_free(new_pass);
	+ new_pass = NULL;
	+ pass_expired = FALSE;
	switch_to_input_user();
	+ }
	return FALSE;
	}

	@@ -1285,8 +1344,10 @@ static void create_win()

	static gboolean on_lxdm_command(GIOChannel *source, GIOCondition condition, gpointer data)
	{
	+
	GIOStatus ret;
	char *str;
	+ static int count = 0;

	if( !(G_IO_IN & condition) )
	return FALSE;
	@@ -1300,10 +1361,28 @@ static gboolean on_lxdm_command(GIOChannel *source, GIOCondition condition, gpoi
	{
	switch_to_input_user();
	}
	+ else if (!strncmp(str, "password-expire", 15))
	+ {
	+ pass_expired = TRUE;
	+ switch_to_input_passwd();
	+ }
	else if( !strncmp(str, "password", 8))
	{
	switch_to_input_passwd();
	}
	+ else if (!strncmp(str, "invalid-new-password", 20))
	+ {
	+ g_free(new_pass);
	+ new_pass = NULL;
	+
	+ if (count++ < 3) {
	+ switch_to_input_passwd();
	+ } else {
	+ count = 0;
	+ pass_expired = FALSE;
	+ switch_to_input_user();
	+ }
	+ }
	g_free(str);
	return TRUE;
	}
	--
	2.25.1