Re: [dev] [slock] [PATCH] Add option to show the password on the screen

From: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
Date: Sat, 1 Apr 2017 10:54:05 +0200

On Sat, Apr 01, 2017 at 05:41:39PM +1300, David Phillips wrote:
> With slock's current behaviour, the user can become frustrated when they
> suspect that they have made a typo in their password and are unable to
> remember how many times to hit the backspace key to correct it. This patch
> adds a configuration option for such users (I'm sure we've all been there)
> so that their password is shown on the screen as they are entering it into
> slock. Thusly, they can see whether they have made a mistake or typo entering
> their password and can easily correct it.
> ---
> config.def.h | 7 +++++++
> slock.c | 23 +++++++++++++++++++++--
> 2 files changed, 28 insertions(+), 2 deletions(-)
>
> diff --git a/config.def.h b/config.def.h
> index 9855e21..f250db7 100644
> --- a/config.def.h
> +++ b/config.def.h
> _AT_@ -2,11 +2,18 @@
> static const char *user = "nobody";
> static const char *group = "nogroup";
>
> +/* font used to display password */
> +static const char *fontname = "9x15";
> +
> static const char *colorname[NUMCOLS] = {
> [INIT] = "black", /* after initialization */
> [INPUT] = "#005577", /* during input */
> [FAILED] = "#CC3333", /* wrong password */
> + [TEXT] = "black", /* password on screen */
> };
>
> /* treat a cleared input like a wrong password (color) */
> static const int failonclear = 1;
> +
> +/* show the password on the screen as it is typed */
> +static const int showpassword = 1;
> diff --git a/slock.c b/slock.c
> index d55eb3d..49133fa 100644
> --- a/slock.c
> +++ b/slock.c
> _AT_@ -23,17 +23,20 @@
> #include "util.h"
>
> char *argv0;
> +XFontStruct *font;
>
> enum {
> INIT,
> INPUT,
> FAILED,
> + TEXT,
> NUMCOLS
> };
>
> struct lock {
> int screen;
> Window root, win;
> + GC gc;
> Pixmap pmap;
> unsigned long colors[NUMCOLS];
> };
> _AT_@ -130,7 +133,7 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
> {
> XRRScreenChangeNotifyEvent *rre;
> char buf[32], passwd[256], *inputhash;
> - int num, screen, running, failure, oldc;
> + int num, screen, running, failure, oldc, tw, dpyw, dpyh;
> unsigned int len, color;
> KeySym ksym;
> XEvent ev;
> _AT_@ -187,13 +190,24 @@ readpw(Display *dpy, struct xrandr *rr, struct lock **locks, int nscreens,
> }
> break;
> }
> + tw = XTextWidth(font, passwd, len);
> color = len ? INPUT : ((failure || failonclear) ? FAILED : INIT);
> - if (running && oldc != color) {
> + if (running && (showpassword || (!showpassword && oldc != color))) {
> for (screen = 0; screen < nscreens; screen++) {
> XSetWindowBackground(dpy,
> locks[screen]->win,
> locks[screen]->colors[color]);
> XClearWindow(dpy, locks[screen]->win);
> + if (showpassword) {
> + XSetForeground(dpy, locks[screen]->gc,
> + locks[screen]->colors[TEXT]);
> + dpyw = DisplayWidth(dpy, locks[screen]->screen);
> + dpyh = DisplayHeight(dpy, locks[screen]->screen);
> + XDrawString(dpy, locks[screen]->win,
> + locks[screen]->gc,
> + (dpyw-tw)/2, dpyh/2,
> + passwd, len);
> + }
> }
> oldc = color;
> }
> _AT_@ -255,6 +269,7 @@ lockscreen(Display *dpy, struct xrandr *rr, int screen)
> invisible = XCreatePixmapCursor(dpy, lock->pmap, lock->pmap,
> &color, &color, 0, 0);
> XDefineCursor(dpy, lock->win, invisible);
> + lock->gc = XCreateGC(dpy, lock->win, 0, NULL);
>
> /* Try to grab mouse pointer *and* keyboard for 600ms, else fail the lock */
> for (i = 0, ptgrab = kbgrab = -1; i < 6; i++) {
> _AT_@ -358,6 +373,10 @@ main(int argc, char **argv) {
> /* check for Xrandr support */
> rr.active = XRRQueryExtension(dpy, &rr.evbase, &rr.errbase);
>
> + /* load font ready for drawing */
> + if (NULL == (font = XLoadQueryFont(dpy, fontname)))
> + die("Failed to load font\n");
> +
> /* get number of screens in display "dpy" and blank them */
> nscreens = ScreenCount(dpy);
> if (!(locks = calloc(nscreens, sizeof(struct lock *))))
> --
> 2.12.0
>
>

Hi,

This sounds like a non-issue to me. Just press enter and retype the password.

Showing the password in plain-text is a really bad idea for obvious reasons.

-- 
Kind regards,
Hiltjo
Received on Sat Apr 01 2017 - 10:54:05 CEST

This archive was generated by hypermail 2.3.0 : Sat Apr 01 2017 - 11:00:13 CEST