1From 17e5c8d32abc214aea408f0837be41e88bce7eb2 Mon Sep 17 00:00:00 2001 2From: Jackie Huang <jackie.huang@windriver.com> 3Date: Wed, 16 Aug 2017 13:37:40 +0800 4Subject: [PATCH] vlock: add new recipe 5 6Upstream-Status: Pending 7 8written by: Jeff Polk <jeff.polk@windriver.com> 9Signed-off-by: Jackie Huang <jackie.huang@windriver.com> 10 11--- 12 Makefile | 4 ++++ 13 configure | 9 +++++++++ 14 src/vlock-main.c | 8 ++++++++ 15 3 files changed, 21 insertions(+) 16 17diff --git a/Makefile b/Makefile 18index 4eeb42a..834cd2c 100644 19--- a/Makefile 20+++ b/Makefile 21@@ -126,6 +126,10 @@ ifeq ($(AUTH_METHOD),shadow) 22 vlock-main : override LDLIBS += $(CRYPT_LIB) 23 endif 24 25+ifneq ($(ENABLE_FAIL_COUNT),yes) 26+vlock-main.o : override CFLAGS += -DNO_FAIL_COUNT 27+endif 28+ 29 ifeq ($(ENABLE_PLUGINS),yes) 30 vlock-main: plugins.o plugin.o module.o process.o script.o tsort.o list.o 31 # -rdynamic is needed so that the all plugin can access the symbols from console_switch.o 32diff --git a/configure b/configure 33index d5d84d6..1303598 100755 34--- a/configure 35+++ b/configure 36@@ -44,6 +44,7 @@ Optional Features: 37 --enable-shadow enable shadow authentication [disabled] 38 --enable-root-password enable unlogging with root password [enabled] 39 --enable-debug enable debugging 40+ --enable-fail-count enable failed login attempt summary [enabled] 41 42 Additional configuration: 43 --with-scripts=SCRIPTS enable the named scripts [] 44@@ -78,6 +79,9 @@ enable_feature() { 45 root-password) 46 ENABLE_ROOT_PASSWORD="$2" 47 ;; 48+ fail-count) 49+ ENABLE_FAIL_COUNT="$2" 50+ ;; 51 pam|shadow) 52 if [ "$2" = "yes" ] ; then 53 if [ -n "$auth_method" ] && [ "$auth_method" != "$1" ] ; then 54@@ -228,6 +232,7 @@ set_defaults() { 55 AUTH_METHOD="pam" 56 ENABLE_ROOT_PASSWORD="yes" 57 ENABLE_PLUGINS="yes" 58+ ENABLE_FAIL_COUNT="yes" 59 SCRIPTS="" 60 61 VLOCK_GROUP="vlock" 62@@ -353,6 +358,10 @@ MODULES = ${MODULES} 63 # which scripts should be installed 64 SCRIPTS = ${SCRIPTS} 65 66+# display a summary of failed authentication attempts after successfully 67+# unlocking? 68+ENABLE_FAIL_COUNT = ${ENABLE_FAIL_COUNT} 69+ 70 # root's group 71 ROOT_GROUP = ${ROOT_GROUP} 72 73diff --git a/src/vlock-main.c b/src/vlock-main.c 74index 008f6f0..108ce8b 100644 75--- a/src/vlock-main.c 76+++ b/src/vlock-main.c 77@@ -112,7 +112,9 @@ static void restore_terminal(void) 78 (void) tcsetattr(STDIN_FILENO, TCSANOW, &old_term); 79 } 80 81+#ifdef ENABLE_FAIL_COUNT 82 static int auth_tries; 83+#endif /* ENABLE_FAIL_COUNT */ 84 85 static void auth_loop(const char *username) 86 { 87@@ -182,7 +184,9 @@ static void auth_loop(const char *username) 88 } 89 #endif 90 91+#ifdef ENABLE_FAIL_COUNT 92 auth_tries++; 93+#endif /* ENABLE_FAIL_COUNT */ 94 } 95 96 /* Free timeouts memory. */ 97@@ -190,11 +194,13 @@ static void auth_loop(const char *username) 98 free(prompt_timeout); 99 } 100 101+#ifdef ENABLE_FAIL_COUNT 102 void display_auth_tries(void) 103 { 104 if (auth_tries > 0) 105 fprintf(stderr, "%d failed authentication %s.\n", auth_tries, auth_tries > 1 ? "tries" : "try"); 106 } 107+#endif /* ENABLE_FAIL_COUNT */ 108 109 #ifdef USE_PLUGINS 110 static void call_end_hook(void) 111@@ -217,7 +223,9 @@ int main(int argc, char *const argv[]) 112 if (username == NULL) 113 fatal_perror("vlock: could not get username"); 114 115+#ifdef ENABLE_FAIL_COUNT 116 ensure_atexit(display_auth_tries); 117+#endif /* ENABLE_FAIL_COUNT */ 118 119 #ifdef USE_PLUGINS 120 for (int i = 1; i < argc; i++) 121