1From 17e5c8d32abc214aea408f0837be41e88bce7eb2 Mon Sep 17 00:00:00 2001
2From: Jackie Huang <jackie.huang@windriver.com>
3Date: Wed, 16 Aug 2017 13:37:40 +0800
4Subject: [PATCH] vlock: add new recipe
5
6Upstream-Status: Pending
7
8written by: Jeff Polk <jeff.polk@windriver.com>
9Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
10
11---
12 Makefile         | 4 ++++
13 configure        | 9 +++++++++
14 src/vlock-main.c | 8 ++++++++
15 3 files changed, 21 insertions(+)
16
17diff --git a/Makefile b/Makefile
18index 4eeb42a..834cd2c 100644
19--- a/Makefile
20+++ b/Makefile
21@@ -126,6 +126,10 @@ ifeq ($(AUTH_METHOD),shadow)
22 vlock-main : override LDLIBS += $(CRYPT_LIB)
23 endif
24
25+ifneq ($(ENABLE_FAIL_COUNT),yes)
26+vlock-main.o : override CFLAGS += -DNO_FAIL_COUNT
27+endif
28+
29 ifeq ($(ENABLE_PLUGINS),yes)
30 vlock-main: plugins.o plugin.o module.o process.o script.o tsort.o list.o
31 # -rdynamic is needed so that the all plugin can access the symbols from console_switch.o
32diff --git a/configure b/configure
33index d5d84d6..1303598 100755
34--- a/configure
35+++ b/configure
36@@ -44,6 +44,7 @@ Optional Features:
37   --enable-shadow         enable shadow authentication [disabled]
38   --enable-root-password  enable unlogging with root password [enabled]
39   --enable-debug          enable debugging
40+  --enable-fail-count     enable failed login attempt summary [enabled]
41
42 Additional configuration:
43   --with-scripts=SCRIPTS  enable the named scripts []
44@@ -78,6 +79,9 @@ enable_feature() {
45     root-password)
46       ENABLE_ROOT_PASSWORD="$2"
47     ;;
48+    fail-count)
49+      ENABLE_FAIL_COUNT="$2"
50+    ;;
51     pam|shadow)
52       if [ "$2" = "yes" ] ; then
53         if [ -n "$auth_method" ] && [ "$auth_method" != "$1" ] ; then
54@@ -228,6 +232,7 @@ set_defaults() {
55   AUTH_METHOD="pam"
56   ENABLE_ROOT_PASSWORD="yes"
57   ENABLE_PLUGINS="yes"
58+  ENABLE_FAIL_COUNT="yes"
59   SCRIPTS=""
60
61   VLOCK_GROUP="vlock"
62@@ -353,6 +358,10 @@ MODULES = ${MODULES}
63 # which scripts should be installed
64 SCRIPTS = ${SCRIPTS}
65
66+# display a summary of failed authentication attempts after successfully
67+# unlocking?
68+ENABLE_FAIL_COUNT = ${ENABLE_FAIL_COUNT}
69+
70 # root's group
71 ROOT_GROUP = ${ROOT_GROUP}
72
73diff --git a/src/vlock-main.c b/src/vlock-main.c
74index 008f6f0..108ce8b 100644
75--- a/src/vlock-main.c
76+++ b/src/vlock-main.c
77@@ -112,7 +112,9 @@ static void restore_terminal(void)
78   (void) tcsetattr(STDIN_FILENO, TCSANOW, &old_term);
79 }
80
81+#ifdef ENABLE_FAIL_COUNT
82 static int auth_tries;
83+#endif /* ENABLE_FAIL_COUNT */
84
85 static void auth_loop(const char *username)
86 {
87@@ -182,7 +184,9 @@ static void auth_loop(const char *username)
88     }
89 #endif
90
91+#ifdef ENABLE_FAIL_COUNT
92     auth_tries++;
93+#endif /* ENABLE_FAIL_COUNT */
94   }
95
96   /* Free timeouts memory. */
97@@ -190,11 +194,13 @@ static void auth_loop(const char *username)
98   free(prompt_timeout);
99 }
100
101+#ifdef ENABLE_FAIL_COUNT
102 void display_auth_tries(void)
103 {
104   if (auth_tries > 0)
105     fprintf(stderr, "%d failed authentication %s.\n", auth_tries, auth_tries > 1 ? "tries" : "try");
106 }
107+#endif /* ENABLE_FAIL_COUNT */
108
109 #ifdef USE_PLUGINS
110 static void call_end_hook(void)
111@@ -217,7 +223,9 @@ int main(int argc, char *const argv[])
112   if (username == NULL)
113     fatal_perror("vlock: could not get username");
114
115+#ifdef ENABLE_FAIL_COUNT
116   ensure_atexit(display_auth_tries);
117+#endif /* ENABLE_FAIL_COUNT */
118
119 #ifdef USE_PLUGINS
120   for (int i = 1; i < argc; i++)
121