From 3fc76b2f36e1bdebf2bd7a91af5469aff18ce852 Mon Sep 17 00:00:00 2001
From: kotontrion <141950090+kotontrion@users.noreply.github.com>
Date: Sun, 19 May 2024 11:46:44 +0200
Subject: Initial commit
---
LICENSE | 674 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 674 insertions(+)
create mode 100644 LICENSE
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..f288702
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,674 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc.
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+
+ Copyright (C)
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ Copyright (C)
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+.
--
cgit v1.2.3
From d8802b1fa2c586d05c73e53fb541e1ef482a527e Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 12:04:34 +0200
Subject: init 0.1.0
---
examples/full_example.c | 67 +++++++
examples/meson.build | 24 +++
examples/simple_example.c | 36 ++++
include/meson.build | 4 +
include/pam.h | 102 +++++++++++
meson.build | 28 +++
meson_options.txt | 3 +
pam/astal-auth | 5 +
src/meson.build | 53 ++++++
src/pam.c | 438 ++++++++++++++++++++++++++++++++++++++++++++++
10 files changed, 760 insertions(+)
create mode 100644 examples/full_example.c
create mode 100644 examples/meson.build
create mode 100644 examples/simple_example.c
create mode 100644 include/meson.build
create mode 100644 include/pam.h
create mode 100644 meson.build
create mode 100644 meson_options.txt
create mode 100644 pam/astal-auth
create mode 100644 src/meson.build
create mode 100644 src/pam.c
diff --git a/examples/full_example.c b/examples/full_example.c
new file mode 100644
index 0000000..5174edd
--- /dev/null
+++ b/examples/full_example.c
@@ -0,0 +1,67 @@
+#include "pam.h"
+#include
+
+GMainLoop *loop;
+
+static void authenticate(AstalAuthPam *pam) {
+ if(!astal_auth_pam_start_authenticate(pam)) {
+ g_print("could not start authentication process\n");
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+ }
+}
+
+static void on_visible(AstalAuthPam *pam, const gchar *data) {
+ gchar passbuf[1024];
+ readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_ON);
+ astal_auth_pam_supply_secret(pam, passbuf);
+}
+
+static void on_hidden(AstalAuthPam *pam, const gchar *data) {
+ gchar passbuf[1024];
+ readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_OFF);
+ astal_auth_pam_supply_secret(pam, passbuf);
+}
+
+static void on_info(AstalAuthPam *pam, const gchar *data) {
+ g_print("info: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_error(AstalAuthPam *pam, const gchar *data) {
+ g_print("error: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_success(AstalAuthPam *pam) {
+ g_print("success\n");
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+}
+
+static void on_fail(AstalAuthPam *pam, const gchar *data) {
+ g_print("fail: %s\n", data);
+ authenticate(pam);
+}
+
+
+int main(void) {
+
+ GMainContext *loopctx = NULL;
+
+ loop = g_main_loop_new(loopctx, FALSE);
+
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+
+ g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), NULL);
+ g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
+ g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
+
+ g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), NULL);
+
+ authenticate(pam);
+
+ g_main_loop_run(loop);
+}
diff --git a/examples/meson.build b/examples/meson.build
new file mode 100644
index 0000000..b02ed55
--- /dev/null
+++ b/examples/meson.build
@@ -0,0 +1,24 @@
+astal_auth = declare_dependency(
+ link_with : astal_auth_lib,
+ include_directories : astal_auth_inc)
+
+
+deps_example = [
+ dependency('gobject-2.0'),
+ dependency('libbsd'),
+ astal_auth
+]
+
+astal_auth_full_exmple = executable(
+ 'astal_auth_full_example',
+ files('full_example.c'),
+ build_by_default : get_option('examples'),
+ dependencies : deps_example,
+ install : false)
+
+astal_auth_simple_example = executable(
+ 'astal_auth_simple_example',
+ files('simple_example.c'),
+ build_by_default : get_option('examples'),
+ dependencies : deps_example,
+ install : false)
diff --git a/examples/simple_example.c b/examples/simple_example.c
new file mode 100644
index 0000000..e48bc78
--- /dev/null
+++ b/examples/simple_example.c
@@ -0,0 +1,36 @@
+#include
+#include "pam.h"
+
+GMainLoop *loop;
+
+void ready_callback(AstalAuthPam *pam,
+ GAsyncResult *res,
+ gpointer user_data) {
+ GError *error = NULL;
+ astal_auth_pam_authenticate_finish(res, &error);
+ if (error == NULL) {
+ g_print("success\n");
+ } else {
+ g_print("failure: %s\n", error->message);
+ g_error_free(error);
+ }
+
+ g_main_loop_quit(loop);
+}
+
+int main(void) {
+
+ GMainContext *loopctx = NULL;
+ loop = g_main_loop_new(loopctx, FALSE);
+
+ gchar *passbuf = calloc(1024, sizeof(gchar));
+ readpassphrase("Password: ", passbuf, 1024, RPP_ECHO_OFF);
+ astal_auth_pam_authenticate(passbuf,
+ (GAsyncReadyCallback) ready_callback,
+ NULL
+ );
+ g_free(passbuf);
+
+ g_main_loop_run(loop);
+ exit(EXIT_SUCCESS);
+}
diff --git a/include/meson.build b/include/meson.build
new file mode 100644
index 0000000..59db862
--- /dev/null
+++ b/include/meson.build
@@ -0,0 +1,4 @@
+astal_auth_inc = include_directories('.')
+astal_auth_headers = files('pam.h')
+
+install_headers('pam.h', subdir : 'astal')
diff --git a/include/pam.h b/include/pam.h
new file mode 100644
index 0000000..bc1c28c
--- /dev/null
+++ b/include/pam.h
@@ -0,0 +1,102 @@
+#ifndef ASTAL_AUTH_PAM_H
+#define ASTAL_AUTH_PAM_H
+
+#include
+#include
+
+G_BEGIN_DECLS
+
+#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
+
+G_DECLARE_FINAL_TYPE (AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
+
+/**
+ * astal_auth_pam_set_username
+ * @self: a AstalAuthPam object
+ * @username: the new username
+ *
+ * Sets the username to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to the owner of the process.
+ *
+ */
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
+
+/**
+ * astal_auth_pam_get_username
+ * @self: a AstalAuthPam object
+ *
+ * Fetches the username from AsalAuthPam object.
+ *
+ * Returns: the username of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_set_service
+ * @self: a AstalAuthPam object
+ * @service: the pam service used for authentication
+ *
+ * Sets the service to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to `astal-auth`.
+ *
+ */
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
+
+/**
+ * astal_auth_pam_get_service
+ * @self: a AstalAuthPam
+ *
+ * Fetches the service from AsalAuthPam object.
+ *
+ * Returns: the service of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
+
+
+/**
+ * astal_auth_pam_start_authentication:
+ * @self: a AstalAuthPam Object
+ *
+ * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
+ * Note that this will cancel an already running authentication process
+ * associated with this AstalAuthPam object.
+ */
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_supply_secret
+ * @self: a AstalAuthPam Object
+ * @secret: (nullable) the secret to be provided to pam. Can be NULL.
+ *
+ * provides pam with a secret. This method must be called exactly once after a
+ * auth-* signal is emitted.
+ */
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
+
+/**
+ * astal_auth_pam_authenticate:
+ * @password: the password to be authenticated
+ * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
+ * to call when the request is satisfied
+ * @user_data: the data to pass to callback function
+ *
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules) system.
+ */
+gboolean astal_auth_pam_authenticate(const gchar *password,
+ GAsyncReadyCallback result_callback,
+ gpointer user_data);
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
+ GError **error);
+
+G_END_DECLS
+
+#endif // !ASTAL_AUTH_PAM_H
diff --git a/meson.build b/meson.build
new file mode 100644
index 0000000..34ab7c8
--- /dev/null
+++ b/meson.build
@@ -0,0 +1,28 @@
+project('astal_auth',
+ 'c',
+ version : '0.1.0',
+ default_options : [
+ 'c_std=gnu11',
+ 'warning_level=3',
+ 'prefix=/usr'
+ ]
+)
+
+add_project_arguments(
+ ['-Wno-pedantic'],
+ language : 'c')
+
+lib_so_version = 0
+
+pkg_config = import('pkgconfig')
+gnome = import('gnome')
+
+subdir('include')
+subdir('src')
+subdir('examples')
+
+
+install_data(
+ 'pam/astal-auth',
+ install_dir : get_option('sysconfdir') / 'pam.d'
+)
\ No newline at end of file
diff --git a/meson_options.txt b/meson_options.txt
new file mode 100644
index 0000000..e28447e
--- /dev/null
+++ b/meson_options.txt
@@ -0,0 +1,3 @@
+option('examples', type : 'boolean', value : false, description : 'Build example applications')
+option('introspection', type : 'boolean', value : true, description : 'Build gobject-introspection data')
+option('vapi', type : 'boolean', value : true, description : 'Generate vapi data (needs vapigen & introspection option)')
diff --git a/pam/astal-auth b/pam/astal-auth
new file mode 100644
index 0000000..41f79d7
--- /dev/null
+++ b/pam/astal-auth
@@ -0,0 +1,5 @@
+# PAM configuration file for the astal-auth library.
+# By default, it only includes the 'login'
+# configuration file (see /etc/pam.d/login)
+
+auth include login
diff --git a/src/meson.build b/src/meson.build
new file mode 100644
index 0000000..4c14897
--- /dev/null
+++ b/src/meson.build
@@ -0,0 +1,53 @@
+srcs = files(
+ 'pam.c',
+)
+
+deps = [
+ dependency('gobject-2.0'),
+ dependency('gio-2.0'),
+ dependency('pam')
+]
+
+astal_auth_lib = library(
+ 'astal-auth',
+ sources : srcs,
+ include_directories : astal_auth_inc,
+ dependencies : deps,
+ version : meson.project_version(),
+ soversion : lib_so_version,
+ install : true
+)
+
+pkg_config_name = 'astal-auth-' + lib_so_version.to_string()
+
+if get_option('introspection')
+ gir = gnome.generate_gir(
+ astal_auth_lib,
+ sources : srcs + astal_auth_headers,
+ nsversion : '1.0',
+ namespace : 'AstalAuth',
+ symbol_prefix : 'astal_auth',
+ identifier_prefix : 'AstalAuth',
+ includes : ['GObject-2.0', 'Gio-2.0'],
+ header : 'astal/astal-auth.h',
+ export_packages : pkg_config_name,
+ install : true
+ )
+
+ if get_option('vapi')
+ gnome.generate_vapi(
+ pkg_config_name,
+ sources : [gir[0]],
+ packages : ['gobject-2.0', 'gio-2.0'],
+ install : true)
+ endif
+endif
+
+pkg_config.generate(
+ name : 'astal-auth',
+ version : meson.project_version(),
+ libraries : [astal_auth_lib],
+ filebase : pkg_config_name,
+ subdirs : 'astal',
+ description : 'astal authentication module',
+ url : 'https://github.com/kotontrion/astal-auth')
diff --git a/src/pam.c b/src/pam.c
new file mode 100644
index 0000000..de32531
--- /dev/null
+++ b/src/pam.c
@@ -0,0 +1,438 @@
+#include "pam.h"
+#include
+#include
+#include
+
+
+struct _AstalAuthPam {
+ GObject parent_instance;
+
+ gchar *username;
+ gchar *service;
+};
+
+typedef struct {
+ GTask *task;
+ GMainContext *context;
+ GMutex data_mutex;
+ GCond data_cond;
+
+ gchar *secret;
+ gboolean secret_set;
+} AstalAuthPamPrivate;
+
+typedef struct {
+ AstalAuthPam *pam;
+ guint signal_id;
+ gchar *msg;
+} AstalAuthPamSignalEmitData;
+
+static void astal_auth_pam_signal_emit_data_free(AstalAuthPamSignalEmitData *data) {
+ g_free(data->msg);
+ g_free(data);
+}
+
+typedef enum {
+ ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE,
+ ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN,
+ ASTAL_AUTH_PAM_SIGNAL_INFO,
+ ASTAL_AUTH_PAM_SIGNAL_ERROR,
+ ASTAL_AUTH_PAM_SIGNAL_SUCCESS,
+ ASTAL_AUTH_PAM_SIGNAL_FAIL,
+ ASTAL_AUTH_PAM_N_SIGNALS
+} AstalAuthPamSignals;
+
+typedef enum {
+ ASTAL_AUTH_PAM_PROP_USERNAME = 1,
+ ASTAL_AUTH_PAM_PROP_SERVICE,
+ ASTAL_AUTH_PAM_N_PROPERTIES
+} AstalAuthPamProperties;
+
+
+static guint astal_auth_pam_signals[ASTAL_AUTH_PAM_N_SIGNALS] = {0,};
+static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {NULL,};
+
+G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
+
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
+
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ g_return_if_fail(username != NULL);
+
+ g_free(self->username);
+ self->username = g_strdup(username);
+ g_object_notify(G_OBJECT(self), "username");
+}
+
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
+
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ g_mutex_lock(&priv->data_mutex);
+ g_free(priv->secret);
+ priv->secret = g_strdup(secret);
+ priv->secret_set = TRUE;
+ g_cond_signal(&priv->data_cond);
+ g_mutex_unlock(&priv->data_mutex);
+}
+
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
+
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ g_return_if_fail(service != NULL);
+
+ g_free(self->service);
+ self->service = g_strdup(service);
+ g_object_notify(G_OBJECT(self), "service");
+}
+
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self) {
+
+ g_return_val_if_fail (ASTAL_AUTH_IS_PAM(self), NULL);
+ return self->username;
+}
+
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self) {
+
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
+ return self->service;
+}
+
+static void astal_auth_pam_set_property(GObject *object, guint property_id, const GValue *value, GParamSpec *pspec) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+
+ switch (property_id) {
+ case ASTAL_AUTH_PAM_PROP_USERNAME:
+ astal_auth_pam_set_username(self, g_value_get_string(value));
+ break;
+ case ASTAL_AUTH_PAM_PROP_SERVICE:
+ astal_auth_pam_set_service(self, g_value_get_string(value));
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+ break;
+ }
+}
+
+static void astal_auth_pam_get_property(GObject *object, guint property_id, GValue *value, GParamSpec *pspec) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+
+ switch (property_id) {
+ case ASTAL_AUTH_PAM_PROP_USERNAME:
+ g_value_set_string(value, self->username);
+ break;
+ case ASTAL_AUTH_PAM_PROP_SERVICE:
+ g_value_set_string(value, self->service);
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+ break;
+ }
+}
+
+static void astal_auth_pam_callback(GObject *object, GAsyncResult *res, gpointer user_data) {
+
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ GTask *task = g_steal_pointer(&priv->task);
+
+ GError *error = NULL;
+ g_task_propagate_int(task, &error);
+
+ if (error == NULL) {
+ g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS], 0);
+ } else {
+ g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL], 0, error->message);
+ g_error_free(error);
+ }
+ g_object_unref(task);
+}
+
+static gboolean astal_auth_pam_emit_signal_in_context(gpointer user_data) {
+ AstalAuthPamSignalEmitData *data = user_data;
+ g_signal_emit(data->pam, data->signal_id, 0, data->msg);
+ return G_SOURCE_REMOVE;
+}
+
+static void astal_auth_pam_emit_signal(AstalAuthPam *pam, guint signal, const gchar *msg) {
+ GSource *emit_source;
+ AstalAuthPamSignalEmitData *data;
+
+ data = g_new0 (AstalAuthPamSignalEmitData, 1);
+ data->pam = pam;
+ data->signal_id = astal_auth_pam_signals[signal];
+ data->msg = g_strdup(msg);
+
+ emit_source = g_idle_source_new();
+ g_source_set_callback(emit_source, astal_auth_pam_emit_signal_in_context, data,
+ (GDestroyNotify) astal_auth_pam_signal_emit_data_free);
+ g_source_set_priority(emit_source, G_PRIORITY_DEFAULT);
+ g_source_attach(emit_source, ((AstalAuthPamPrivate *) astal_auth_pam_get_instance_private(pam))->context);
+ g_source_unref(emit_source);
+
+}
+
+
+int astal_auth_pam_handle_conversation(int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void *appdata_ptr) {
+ AstalAuthPam *self = appdata_ptr;
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ struct pam_response *replies = NULL;
+ if (num_msg <= 0 || num_msg > PAM_MAX_NUM_MSG) {
+ return PAM_CONV_ERR;
+ }
+ replies = (struct pam_response *) calloc(num_msg, sizeof(struct pam_response));
+ if (replies == NULL) {
+ return PAM_BUF_ERR;
+ }
+ for (int i = 0; i < num_msg; ++i) {
+ guint signal;
+ switch (msg[i]->msg_style) {
+ case PAM_PROMPT_ECHO_OFF:
+ signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN;
+ break;
+ case PAM_PROMPT_ECHO_ON:
+ signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE;
+ break;
+ case PAM_ERROR_MSG:
+ signal = ASTAL_AUTH_PAM_SIGNAL_ERROR;;
+ break;
+ case PAM_TEXT_INFO:
+ signal = ASTAL_AUTH_PAM_SIGNAL_INFO;
+ break;
+ default:
+ g_free(replies);
+ return PAM_CONV_ERR;
+ break;
+ }
+ guint signal_id = astal_auth_pam_signals[signal];
+ if (g_signal_has_handler_pending(
+ self,
+ signal_id,
+ 0,
+ FALSE)
+ ) {
+ astal_auth_pam_emit_signal(self, signal, msg[i]->msg);
+ g_mutex_lock(&priv->data_mutex);
+ while (!priv->secret_set) {
+ g_cond_wait(&priv->data_cond, &priv->data_mutex);
+ }
+ replies[i].resp_retcode = 0;
+ replies[i].resp = g_strdup(priv->secret);
+ g_free(priv->secret);
+ priv->secret = NULL;
+ priv->secret_set = FALSE;
+ g_mutex_unlock(&priv->data_mutex);
+ }
+ }
+ *resp = replies;
+ return PAM_SUCCESS;
+}
+
+static void astal_auth_pam_thread(GTask *task,
+ gpointer object,
+ gpointer task_data,
+ GCancellable *cancellable) {
+
+ AstalAuthPam *self = g_task_get_source_object(task);
+
+ pam_handle_t *pamh = NULL;
+ const struct pam_conv conv = {
+ .conv = astal_auth_pam_handle_conversation,
+ .appdata_ptr = self,
+ };
+
+ int retval;
+ retval = pam_start(self->service, self->username, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_authenticate(pamh, 0);
+ pam_end(pamh, retval);
+ }
+ if (retval != PAM_SUCCESS) {
+ g_task_return_new_error(task, G_IO_ERROR, G_IO_ERROR_FAILED, "%s", pam_strerror(pamh, retval));
+ } else {
+ g_task_return_int(task, retval);
+ }
+}
+
+gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
+ GAsyncReadyCallback result_callback,
+ gpointer user_data) {
+
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), FALSE);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+ g_return_val_if_fail(priv->task == NULL, FALSE);
+
+ priv->task = g_task_new(self, NULL, result_callback, user_data);
+ g_task_set_priority(priv->task, 0);
+ g_task_set_name(priv->task, "[AstalAuth] authenticate");
+ g_task_run_in_thread(priv->task, astal_auth_pam_thread);
+
+ return TRUE;
+}
+
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self) {
+ return astal_auth_pam_start_authenticate_with_callback(self, (GAsyncReadyCallback) astal_auth_pam_callback, NULL);
+}
+
+static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar *password) {
+ astal_auth_pam_supply_secret(pam, password);
+ g_free(password);
+}
+
+gboolean astal_auth_pam_authenticate(const gchar *password,
+ GAsyncReadyCallback result_callback,
+ gpointer user_data) {
+
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(astal_auth_pam_on_hidden), (void *) g_strdup(password));
+
+ gboolean started = astal_auth_pam_start_authenticate_with_callback(pam, result_callback, user_data);
+ g_object_unref(pam);
+ return started;
+}
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
+ GError **error) {
+ return g_task_propagate_int(G_TASK(res), error);
+}
+
+static void astal_auth_pam_init(AstalAuthPam *self) {
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ priv->secret = NULL;
+
+ g_cond_init(&priv->data_cond);
+ g_mutex_init(&priv->data_mutex);
+
+ priv->context = g_main_context_get_thread_default();
+
+}
+
+static void astal_auth_pam_finalize(GObject *gobject) {
+
+ AstalAuthPam *self = ASTAL_AUTH_PAM(gobject);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ g_free(self->username);
+ g_free(self->service);
+
+ g_free(priv->secret);
+
+ g_cond_clear(&priv->data_cond);
+ g_mutex_clear(&priv->data_mutex);
+
+ G_OBJECT_CLASS (astal_auth_pam_parent_class)->finalize(gobject);
+}
+
+static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
+
+ GObjectClass *object_class = G_OBJECT_CLASS (class);
+
+ object_class->get_property = astal_auth_pam_get_property;
+ object_class->set_property = astal_auth_pam_set_property;
+
+ object_class->finalize = astal_auth_pam_finalize;
+
+ struct passwd *passwd = getpwuid(getuid());
+
+ astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_USERNAME] =
+ g_param_spec_string("username",
+ "username",
+ "username used for authentication",
+ passwd->pw_name,
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+
+ astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_SERVICE] =
+ g_param_spec_string("service",
+ "service",
+ "the pam service to use",
+ "astal-auth",
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+
+ g_object_class_install_properties(object_class,
+ ASTAL_AUTH_PAM_N_PROPERTIES, astal_auth_pam_properties);
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] = g_signal_new(
+ "auth-prompt-visible",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING
+ );
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] = g_signal_new(
+ "auth-prompt-hidden",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING
+ );
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] = g_signal_new(
+ "auth-info",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING
+ );
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] = g_signal_new(
+ "auth-error",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING
+ );
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] = g_signal_new(
+ "success",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 0
+ );
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] = g_signal_new(
+ "fail",
+ G_TYPE_FROM_CLASS (class),
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING
+ );
+}
+
+
+
--
cgit v1.2.3
From 30b7ccfe9048560989c37bd3e00ff81d16919d55 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 13:15:36 +0200
Subject: fix header paths
---
examples/full_example.c | 2 +-
examples/simple_example.c | 2 +-
include/auth.h | 102 ++++++++++++++++++++++++++++++++++++++++++++++
include/meson.build | 4 +-
include/pam.h | 102 ----------------------------------------------
meson.build | 3 +-
src/meson.build | 4 +-
src/pam.c | 2 +-
8 files changed, 111 insertions(+), 110 deletions(-)
create mode 100644 include/auth.h
delete mode 100644 include/pam.h
diff --git a/examples/full_example.c b/examples/full_example.c
index 5174edd..844f423 100644
--- a/examples/full_example.c
+++ b/examples/full_example.c
@@ -1,4 +1,4 @@
-#include "pam.h"
+#include "auth.h"
#include
GMainLoop *loop;
diff --git a/examples/simple_example.c b/examples/simple_example.c
index e48bc78..257c2fe 100644
--- a/examples/simple_example.c
+++ b/examples/simple_example.c
@@ -1,5 +1,5 @@
#include
-#include "pam.h"
+#include "auth.h"
GMainLoop *loop;
diff --git a/include/auth.h b/include/auth.h
new file mode 100644
index 0000000..bc1c28c
--- /dev/null
+++ b/include/auth.h
@@ -0,0 +1,102 @@
+#ifndef ASTAL_AUTH_PAM_H
+#define ASTAL_AUTH_PAM_H
+
+#include
+#include
+
+G_BEGIN_DECLS
+
+#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
+
+G_DECLARE_FINAL_TYPE (AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
+
+/**
+ * astal_auth_pam_set_username
+ * @self: a AstalAuthPam object
+ * @username: the new username
+ *
+ * Sets the username to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to the owner of the process.
+ *
+ */
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
+
+/**
+ * astal_auth_pam_get_username
+ * @self: a AstalAuthPam object
+ *
+ * Fetches the username from AsalAuthPam object.
+ *
+ * Returns: the username of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_set_service
+ * @self: a AstalAuthPam object
+ * @service: the pam service used for authentication
+ *
+ * Sets the service to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to `astal-auth`.
+ *
+ */
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
+
+/**
+ * astal_auth_pam_get_service
+ * @self: a AstalAuthPam
+ *
+ * Fetches the service from AsalAuthPam object.
+ *
+ * Returns: the service of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
+
+
+/**
+ * astal_auth_pam_start_authentication:
+ * @self: a AstalAuthPam Object
+ *
+ * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
+ * Note that this will cancel an already running authentication process
+ * associated with this AstalAuthPam object.
+ */
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_supply_secret
+ * @self: a AstalAuthPam Object
+ * @secret: (nullable) the secret to be provided to pam. Can be NULL.
+ *
+ * provides pam with a secret. This method must be called exactly once after a
+ * auth-* signal is emitted.
+ */
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
+
+/**
+ * astal_auth_pam_authenticate:
+ * @password: the password to be authenticated
+ * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
+ * to call when the request is satisfied
+ * @user_data: the data to pass to callback function
+ *
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules) system.
+ */
+gboolean astal_auth_pam_authenticate(const gchar *password,
+ GAsyncReadyCallback result_callback,
+ gpointer user_data);
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
+ GError **error);
+
+G_END_DECLS
+
+#endif // !ASTAL_AUTH_PAM_H
diff --git a/include/meson.build b/include/meson.build
index 59db862..3db00c1 100644
--- a/include/meson.build
+++ b/include/meson.build
@@ -1,4 +1,4 @@
astal_auth_inc = include_directories('.')
-astal_auth_headers = files('pam.h')
+astal_auth_headers = files('auth.h')
-install_headers('pam.h', subdir : 'astal')
+install_headers('auth.h', subdir : 'astal')
diff --git a/include/pam.h b/include/pam.h
deleted file mode 100644
index bc1c28c..0000000
--- a/include/pam.h
+++ /dev/null
@@ -1,102 +0,0 @@
-#ifndef ASTAL_AUTH_PAM_H
-#define ASTAL_AUTH_PAM_H
-
-#include
-#include
-
-G_BEGIN_DECLS
-
-#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
-
-G_DECLARE_FINAL_TYPE (AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
-
-/**
- * astal_auth_pam_set_username
- * @self: a AstalAuthPam object
- * @username: the new username
- *
- * Sets the username to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to the owner of the process.
- *
- */
-void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
-
-/**
- * astal_auth_pam_get_username
- * @self: a AstalAuthPam object
- *
- * Fetches the username from AsalAuthPam object.
- *
- * Returns: the username of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
-
-/**
- * astal_auth_pam_set_service
- * @self: a AstalAuthPam object
- * @service: the pam service used for authentication
- *
- * Sets the service to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to `astal-auth`.
- *
- */
-void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
-
-/**
- * astal_auth_pam_get_service
- * @self: a AstalAuthPam
- *
- * Fetches the service from AsalAuthPam object.
- *
- * Returns: the service of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
-
-
-/**
- * astal_auth_pam_start_authentication:
- * @self: a AstalAuthPam Object
- *
- * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
- * Note that this will cancel an already running authentication process
- * associated with this AstalAuthPam object.
- */
-gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
-
-/**
- * astal_auth_pam_supply_secret
- * @self: a AstalAuthPam Object
- * @secret: (nullable) the secret to be provided to pam. Can be NULL.
- *
- * provides pam with a secret. This method must be called exactly once after a
- * auth-* signal is emitted.
- */
-void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
-
-/**
- * astal_auth_pam_authenticate:
- * @password: the password to be authenticated
- * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
- * to call when the request is satisfied
- * @user_data: the data to pass to callback function
- *
- * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules) system.
- */
-gboolean astal_auth_pam_authenticate(const gchar *password,
- GAsyncReadyCallback result_callback,
- gpointer user_data);
-
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
- GError **error);
-
-G_END_DECLS
-
-#endif // !ASTAL_AUTH_PAM_H
diff --git a/meson.build b/meson.build
index 34ab7c8..7d8fcd2 100644
--- a/meson.build
+++ b/meson.build
@@ -12,7 +12,8 @@ add_project_arguments(
['-Wno-pedantic'],
language : 'c')
-lib_so_version = 0
+version_split = meson.project_version().split('.')
+lib_so_version = version_split[0] + '.' + version_split[1]
pkg_config = import('pkgconfig')
gnome = import('gnome')
diff --git a/src/meson.build b/src/meson.build
index 4c14897..6f41487 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -18,7 +18,7 @@ astal_auth_lib = library(
install : true
)
-pkg_config_name = 'astal-auth-' + lib_so_version.to_string()
+pkg_config_name = 'astal-auth-' + lib_so_version
if get_option('introspection')
gir = gnome.generate_gir(
@@ -29,7 +29,7 @@ if get_option('introspection')
symbol_prefix : 'astal_auth',
identifier_prefix : 'AstalAuth',
includes : ['GObject-2.0', 'Gio-2.0'],
- header : 'astal/astal-auth.h',
+ header : 'astal/auth.h',
export_packages : pkg_config_name,
install : true
)
diff --git a/src/pam.c b/src/pam.c
index de32531..760680e 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -1,4 +1,4 @@
-#include "pam.h"
+#include "auth.h"
#include
#include
#include
--
cgit v1.2.3
From 29b88078f8426f8a7cf0a19cde3d906f4e4e1913 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 13:18:08 +0200
Subject: fix gir version
---
src/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/meson.build b/src/meson.build
index 6f41487..4f7fca8 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -24,7 +24,7 @@ if get_option('introspection')
gir = gnome.generate_gir(
astal_auth_lib,
sources : srcs + astal_auth_headers,
- nsversion : '1.0',
+ nsversion : '0.1',
namespace : 'AstalAuth',
symbol_prefix : 'astal_auth',
identifier_prefix : 'AstalAuth',
--
cgit v1.2.3
From ba9562c80315bf368edce14301d28522f0977bfa Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 13:37:19 +0200
Subject: fix: build example
---
examples/meson.build | 2 --
meson.build | 6 +++++-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/examples/meson.build b/examples/meson.build
index b02ed55..3a2faf4 100644
--- a/examples/meson.build
+++ b/examples/meson.build
@@ -12,13 +12,11 @@ deps_example = [
astal_auth_full_exmple = executable(
'astal_auth_full_example',
files('full_example.c'),
- build_by_default : get_option('examples'),
dependencies : deps_example,
install : false)
astal_auth_simple_example = executable(
'astal_auth_simple_example',
files('simple_example.c'),
- build_by_default : get_option('examples'),
dependencies : deps_example,
install : false)
diff --git a/meson.build b/meson.build
index 7d8fcd2..cfca691 100644
--- a/meson.build
+++ b/meson.build
@@ -20,7 +20,11 @@ gnome = import('gnome')
subdir('include')
subdir('src')
-subdir('examples')
+
+
+if get_option('examples')
+ subdir('examples')
+endif
install_data(
--
cgit v1.2.3
From df48cbd0695f1145fde13da10dbe596f8a09822e Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 13:47:17 +0200
Subject: fix: so version
---
src/meson.build | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/meson.build b/src/meson.build
index 4f7fca8..78f1f2c 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -14,7 +14,6 @@ astal_auth_lib = library(
include_directories : astal_auth_inc,
dependencies : deps,
version : meson.project_version(),
- soversion : lib_so_version,
install : true
)
--
cgit v1.2.3
From 2308e485ec479dd120baf4496b839612eb96aaa0 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 19 May 2024 19:15:09 +0200
Subject: add: Readme and gjs examples
---
README.md | 67 ++++++++++++++++++++++++++++++++++++++++++++++
examples/full_example.js | 38 ++++++++++++++++++++++++++
examples/simple_example.js | 9 +++++++
3 files changed, 114 insertions(+)
create mode 100644 README.md
create mode 100644 examples/full_example.js
create mode 100644 examples/simple_example.js
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..dff3ccc
--- /dev/null
+++ b/README.md
@@ -0,0 +1,67 @@
+# libastal-auth
+This library provides a way for authentication using pam for the libastal suite.
+
+## Build from source
+### Dependencies
+
+- meson
+- glib
+- gobject-introspection
+- pam
+- vala (only required for the vapi option)
+
+### Meson options
+
+* `-Dintrospection` (default: `true`): build GObject Introspection data (needed for language bindings)
+* `-Dvapi` (default: `true`): build VAPI data (required to make this lib usable in vala). Requires `-Dintrospection=true`
+* `-Dexamples` (default: `false`): build examples
+
+```sh
+# Clone the repository
+git clone https://github.com/astal-sh/libastal-auth
+cd libastal-auth
+
+# Setup and build
+meson setup build
+meson compile -C build
+
+# Install
+meson install -C build
+```
+
+## Usage
+This library can be used from any language supporting GObject Introspection.
+Have a look at the [examples](examples) for how it can be used in C and gjs.
+
+The authentication is done asynchronously in its own thread, therefore the GLib mainloop is required to run.
+This is already given in all gtk application, but has to be started manually in some cases like in the small examples in this repo.
+
+Until there are better docs, please refer to the [auth.h](include/auth.h) file for detailed usage.
+
+For simple authentication using only a password, using the `Pam.authenticate()` method is recommended.
+Look at the simple examples for how to use it.
+
+There is also a way to get access to the pam conversation, to allow for a more complex authentication process, like using multiple factor authentication.
+The full examples show how this can be achieved.
+Generally it can be used like this:
+
+1. create the Pam object.
+2. set username and service if so required. It has sane defaults, so in most cases you can skip this.
+3. connect to the signals
+ - `auth-prompt-hidden`: is emitted when user input is required, and the input should be hidden (eg, passwords)
+ - `auth-prompt-visible`: is emitted when user input is required, and the input should be visible (eg, OTP)
+ - `auth-info`: an information message should be displayed (eg, tell the user to touch his security key)
+ - `auth-error`: an error message should be displayed
+ - `sucess`: emitted on successful authentication
+ - `fail`: emitted on failed authentication
+
+ all signals except the `success` signal have a string containing the message as a parameter.
+ After an `auth-*` signal is emitted, it hs to be responded with exactly one `pam.supply_secret(secret)` call. The secret is a string containing the user input. For `auth-info` and `auth-error` it can be `NULL`.
+ Not connecting those signals, is equivalent to calling `pam.supply_secret(NULL)` immediately after the signal is emitted.
+4. start authentication process using `Pam.start_authentication()`. This function will return whether the authentication was started or not.
+5. it is possible to reuse the same Pam object for multiple sequential authentication attempts. Just call `pam.start_authentication()` again after the `success` or `fail` signal was emitted.
+
+## License
+
+This project is licensed under the GPL-3 License - see the LICENSE file for details.
+
diff --git a/examples/full_example.js b/examples/full_example.js
new file mode 100644
index 0000000..7359784
--- /dev/null
+++ b/examples/full_example.js
@@ -0,0 +1,38 @@
+#!/usr/bin/env -S gjs -m
+
+import Auth from "gi://AstalAuth";
+import GLib from "gi://GLib";
+
+const loop = GLib.MainLoop.new(null, false);
+
+const pam = new Auth.Pam();
+pam.connect("auth-prompt-visible", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+pam.connect("auth-prompt-hidden", (p, msg) => {
+ print(msg);
+ p.supply_secret("password");
+});
+pam.connect("auth-info", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+pam.connect("auth-error", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+
+pam.connect("success", p => {
+ print("authentication sucessful");
+ loop.quit();
+});
+pam.connect("fail", (p, msg) => {
+ print(msg);
+ loop.quit();
+});
+
+pam.start_authenticate();
+
+loop.runAsync()
+
diff --git a/examples/simple_example.js b/examples/simple_example.js
new file mode 100644
index 0000000..2bf38c1
--- /dev/null
+++ b/examples/simple_example.js
@@ -0,0 +1,9 @@
+#!/usr/bin/env -S gjs -m
+import Auth from "gi://AstalAuth";
+import Gio from "gi://Gio";
+
+Gio._promisify(Auth.Pam, "authenticate");
+
+await Auth.Pam.authenticate("password")
+ .then(_ => print("authentication sucessful"))
+ .catch(logError);
\ No newline at end of file
--
cgit v1.2.3
From 6bfba4314162baa0cc7093132d66ea9b8b5370d7 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Mon, 20 May 2024 18:52:34 +0200
Subject: add: astal-auth executable
---
examples/meson.build | 6 +-
include/auth.h | 2 +-
src/astal-auth.c | 156 +++++++++++++++++++++++++++++++++++++++++++++++++++
src/meson.build | 15 ++++-
4 files changed, 172 insertions(+), 7 deletions(-)
create mode 100644 src/astal-auth.c
diff --git a/examples/meson.build b/examples/meson.build
index 3a2faf4..cf23d3f 100644
--- a/examples/meson.build
+++ b/examples/meson.build
@@ -1,12 +1,8 @@
-astal_auth = declare_dependency(
- link_with : astal_auth_lib,
- include_directories : astal_auth_inc)
-
deps_example = [
dependency('gobject-2.0'),
dependency('libbsd'),
- astal_auth
+ libastal_auth
]
astal_auth_full_exmple = executable(
diff --git a/include/auth.h b/include/auth.h
index bc1c28c..9224dde 100644
--- a/include/auth.h
+++ b/include/auth.h
@@ -74,7 +74,7 @@ gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
/**
* astal_auth_pam_supply_secret
* @self: a AstalAuthPam Object
- * @secret: (nullable) the secret to be provided to pam. Can be NULL.
+ * @secret: (nullable): the secret to be provided to pam. Can be NULL.
*
* provides pam with a secret. This method must be called exactly once after a
* auth-* signal is emitted.
diff --git a/src/astal-auth.c b/src/astal-auth.c
new file mode 100644
index 0000000..6f0a73b
--- /dev/null
+++ b/src/astal-auth.c
@@ -0,0 +1,156 @@
+#include "auth.h"
+#include
+#include
+#include
+
+GMainLoop *loop;
+
+static void cleanup_and_quit(AstalAuthPam *pam, int status) {
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+ exit(status);
+}
+
+static char *read_secret(const char *msg, gboolean echo) {
+ struct termios oldt, newt;
+ char *password = NULL;
+ size_t size = 0;
+ ssize_t len;
+
+ if (tcgetattr(STDIN_FILENO, &oldt) != 0) {
+ return NULL;
+ }
+ newt = oldt;
+ if(echo) {
+ newt.c_lflag |= ECHO;
+ }
+ else {
+ newt.c_lflag &= ~(ECHO);
+ }
+ if (tcsetattr(STDIN_FILENO, TCSANOW, &newt) != 0) {
+ return NULL;
+ }
+ g_print("%s", msg);
+ if ((len = getline(&password, &size, stdin)) == -1) {
+ g_free(password);
+ return NULL;
+ }
+
+ if (password[len - 1] == '\n') {
+ password[len - 1] = '\0';
+ }
+
+ printf("\n");
+
+ if (tcsetattr(STDIN_FILENO, TCSANOW, &oldt) != 0) {
+ return NULL;
+ }
+
+ return password;
+}
+
+static void authenticate(AstalAuthPam *pam) {
+ static int attempts = 0;
+ if (attempts >= 3) {
+ g_print("%d failed attempts.\n", attempts);
+ cleanup_and_quit(pam, EXIT_FAILURE);
+ }
+ if (!astal_auth_pam_start_authenticate(pam)) {
+ g_print("could not start authentication process\n");
+ cleanup_and_quit(pam, EXIT_FAILURE);
+ }
+ attempts++;
+}
+
+static void on_visible(AstalAuthPam *pam, const gchar *data) {
+ char* secret = read_secret(data, TRUE);
+ if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
+ astal_auth_pam_supply_secret(pam, secret);
+ g_free(secret);
+}
+
+static void on_hidden(AstalAuthPam *pam, const gchar *data, gchar *secret) {
+ if (!secret) secret = read_secret(data, FALSE);
+ if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
+ astal_auth_pam_supply_secret(pam, secret);
+ g_free(secret);
+}
+
+static void on_info(AstalAuthPam *pam, const gchar *data) {
+ g_print("info: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_error(AstalAuthPam *pam, const gchar *data) {
+ g_print("error: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_success(AstalAuthPam *pam) {
+ g_print("Authentication successful\n");
+ cleanup_and_quit(pam, EXIT_SUCCESS);
+}
+
+static void on_fail(AstalAuthPam *pam, const gchar *data, gboolean retry) {
+ g_print("%s\n", data);
+ if (retry) authenticate(pam);
+ else cleanup_and_quit(pam, EXIT_FAILURE);
+}
+
+
+int main(int argc, char **argv) {
+
+ char* password = NULL;
+ char* username = NULL;
+ char* service = NULL;
+
+ int opt;
+ const char *optstring = "p:u:s:";
+
+ static struct option long_options[] = {
+ {"password", required_argument, NULL, 'p'},
+ {"username", required_argument, NULL, 'u'},
+ {"service", required_argument, NULL, 's'},
+ {NULL, 0, NULL, 0}
+ };
+
+ while ((opt = getopt_long(argc, argv, optstring, long_options, NULL)) != -1) {
+ switch (opt) {
+ case 'p':
+ password = optarg;
+ break;
+ case 'u':
+ username = optarg;
+ break;
+ case 's':
+ service = optarg;
+ break;
+ default:
+ g_print("Usage: %s [-p password] [-u username] [-s service]\n", argv[0]);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ loop = g_main_loop_new(NULL, FALSE);
+
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+
+ if (username) astal_auth_pam_set_username(pam, username);
+ if (service) astal_auth_pam_set_service(pam, service);
+ if (password) {
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void*)FALSE);
+ }
+ else {
+ g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
+ g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
+ g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void*)TRUE);
+ }
+
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), g_strdup(password));
+ g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
+
+ authenticate(pam);
+
+ g_main_loop_run(loop);
+}
diff --git a/src/meson.build b/src/meson.build
index 78f1f2c..9f02aae 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -17,6 +17,19 @@ astal_auth_lib = library(
install : true
)
+libastal_auth = declare_dependency(
+ link_with : astal_auth_lib,
+ include_directories : astal_auth_inc)
+
+astal_auth_executable = executable(
+ 'astal-auth',
+ files('astal-auth.c'),
+ dependencies : [
+ dependency('gobject-2.0'),
+ libastal_auth
+ ],
+ install : true)
+
pkg_config_name = 'astal-auth-' + lib_so_version
if get_option('introspection')
@@ -49,4 +62,4 @@ pkg_config.generate(
filebase : pkg_config_name,
subdirs : 'astal',
description : 'astal authentication module',
- url : 'https://github.com/kotontrion/astal-auth')
+ url : 'https://github.com/astal-sh/libastal-auth')
--
cgit v1.2.3
From 611f7ec8154869c4dc131feb6b082d3a890c369e Mon Sep 17 00:00:00 2001
From: kotontrion <141950090+kotontrion@users.noreply.github.com>
Date: Mon, 20 May 2024 18:55:10 +0200
Subject: fix: pkgconfig url
---
src/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/meson.build b/src/meson.build
index 9f02aae..d8eb796 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -62,4 +62,4 @@ pkg_config.generate(
filebase : pkg_config_name,
subdirs : 'astal',
description : 'astal authentication module',
- url : 'https://github.com/astal-sh/libastal-auth')
+ url : 'https://github.com/astal-sh/auth')
--
cgit v1.2.3
From 0a209680c532bab47e99e07bc090240bf851c218 Mon Sep 17 00:00:00 2001
From: Aylur
Date: Tue, 21 May 2024 12:35:23 +0200
Subject: add flake.nix
---
.gitignore | 2 ++
README.md | 3 +++
flake.lock | 27 +++++++++++++++++++++++++++
flake.nix | 42 ++++++++++++++++++++++++++++++++++++++++++
meson.build | 4 ++--
version | 1 +
6 files changed, 77 insertions(+), 2 deletions(-)
create mode 100644 .gitignore
create mode 100644 flake.lock
create mode 100644 flake.nix
create mode 100644 version
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a2f80a3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+build/
+result/
diff --git a/README.md b/README.md
index dff3ccc..da32bad 100644
--- a/README.md
+++ b/README.md
@@ -29,6 +29,9 @@ meson compile -C build
meson install -C build
```
+> [!NOTE]
+> on NixOS you will have to add `security.pam.services.astal-auth = {}` in `configuration.nix`
+
## Usage
This library can be used from any language supporting GObject Introspection.
Have a look at the [examples](examples) for how it can be used in C and gjs.
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..13f566b
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,27 @@
+{
+ "nodes": {
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1716137900,
+ "narHash": "sha256-sowPU+tLQv8GlqtVtsXioTKeaQvlMz/pefcdwg8MvfM=",
+ "owner": "nixos",
+ "repo": "nixpkgs",
+ "rev": "6c0b7a92c30122196a761b440ac0d46d3d9954f1",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nixos",
+ "ref": "nixos-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "root": {
+ "inputs": {
+ "nixpkgs": "nixpkgs"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..39b0289
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,42 @@
+{
+ description = "Authentication library and cli tool";
+
+ inputs.nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
+
+ outputs = { self, nixpkgs }:
+ let
+ version = builtins.replaceStrings ["\n"] [""] (builtins.readFile ./version);
+ system = "x86_64-linux";
+ pkgs = import nixpkgs { inherit system; };
+
+ nativeBuildInputs = with pkgs; [
+ gobject-introspection
+ meson
+ pkg-config
+ ninja
+ vala
+ ];
+
+ buildInputs = with pkgs; [
+ glib
+ pam
+ ];
+ in {
+ packages.${system} = rec {
+ default = auth;
+ auth = pkgs.stdenv.mkDerivation {
+ inherit nativeBuildInputs buildInputs;
+ pname = "astal-auth";
+ version = version;
+ src = ./.;
+ outputs = ["out" "dev"];
+ };
+ };
+
+ devShells.${system} = {
+ default = pkgs.mkShell {
+ inherit nativeBuildInputs buildInputs;
+ };
+ };
+ };
+}
diff --git a/meson.build b/meson.build
index cfca691..e9facb1 100644
--- a/meson.build
+++ b/meson.build
@@ -1,6 +1,6 @@
project('astal_auth',
'c',
- version : '0.1.0',
+ version : run_command('cat', join_paths(meson.project_source_root(), 'version')).stdout().strip(),
default_options : [
'c_std=gnu11',
'warning_level=3',
@@ -30,4 +30,4 @@ endif
install_data(
'pam/astal-auth',
install_dir : get_option('sysconfdir') / 'pam.d'
-)
\ No newline at end of file
+)
diff --git a/version b/version
new file mode 100644
index 0000000..6e8bf73
--- /dev/null
+++ b/version
@@ -0,0 +1 @@
+0.1.0
--
cgit v1.2.3
From b35a38aa93670f6be06202f2ad3066a227f0a1b9 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Sun, 16 Jun 2024 18:50:09 +0200
Subject: fix code style
---
.gitignore | 1 +
examples/full_example.c | 7 +-
examples/simple_example.c | 11 +--
include/auth.h | 16 ++--
src/astal-auth.c | 45 +++++-----
src/pam.c | 218 +++++++++++++++-------------------------------
6 files changed, 106 insertions(+), 192 deletions(-)
diff --git a/.gitignore b/.gitignore
index a2f80a3..6bf41b5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
build/
result/
+.cache/
diff --git a/examples/full_example.c b/examples/full_example.c
index 844f423..73096a6 100644
--- a/examples/full_example.c
+++ b/examples/full_example.c
@@ -1,10 +1,11 @@
-#include "auth.h"
#include
+#include "auth.h"
+
GMainLoop *loop;
static void authenticate(AstalAuthPam *pam) {
- if(!astal_auth_pam_start_authenticate(pam)) {
+ if (!astal_auth_pam_start_authenticate(pam)) {
g_print("could not start authentication process\n");
g_object_unref(pam);
g_main_loop_quit(loop);
@@ -44,9 +45,7 @@ static void on_fail(AstalAuthPam *pam, const gchar *data) {
authenticate(pam);
}
-
int main(void) {
-
GMainContext *loopctx = NULL;
loop = g_main_loop_new(loopctx, FALSE);
diff --git a/examples/simple_example.c b/examples/simple_example.c
index 257c2fe..e11b5f9 100644
--- a/examples/simple_example.c
+++ b/examples/simple_example.c
@@ -1,11 +1,10 @@
#include
+
#include "auth.h"
GMainLoop *loop;
-void ready_callback(AstalAuthPam *pam,
- GAsyncResult *res,
- gpointer user_data) {
+void ready_callback(AstalAuthPam *pam, GAsyncResult *res, gpointer user_data) {
GError *error = NULL;
astal_auth_pam_authenticate_finish(res, &error);
if (error == NULL) {
@@ -19,16 +18,12 @@ void ready_callback(AstalAuthPam *pam,
}
int main(void) {
-
GMainContext *loopctx = NULL;
loop = g_main_loop_new(loopctx, FALSE);
gchar *passbuf = calloc(1024, sizeof(gchar));
readpassphrase("Password: ", passbuf, 1024, RPP_ECHO_OFF);
- astal_auth_pam_authenticate(passbuf,
- (GAsyncReadyCallback) ready_callback,
- NULL
- );
+ astal_auth_pam_authenticate(passbuf, (GAsyncReadyCallback)ready_callback, NULL);
g_free(passbuf);
g_main_loop_run(loop);
diff --git a/include/auth.h b/include/auth.h
index 9224dde..e1f4b3d 100644
--- a/include/auth.h
+++ b/include/auth.h
@@ -1,14 +1,14 @@
#ifndef ASTAL_AUTH_PAM_H
#define ASTAL_AUTH_PAM_H
-#include
#include
+#include
G_BEGIN_DECLS
#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
-G_DECLARE_FINAL_TYPE (AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
+G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
/**
* astal_auth_pam_set_username
@@ -60,7 +60,6 @@ void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
*/
const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
-
/**
* astal_auth_pam_start_authentication:
* @self: a AstalAuthPam Object
@@ -88,15 +87,14 @@ void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
* to call when the request is satisfied
* @user_data: the data to pass to callback function
*
- * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules) system.
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
+ * system.
*/
-gboolean astal_auth_pam_authenticate(const gchar *password,
- GAsyncReadyCallback result_callback,
+gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
gpointer user_data);
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
- GError **error);
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error);
G_END_DECLS
-#endif // !ASTAL_AUTH_PAM_H
+#endif // !ASTAL_AUTH_PAM_H
diff --git a/src/astal-auth.c b/src/astal-auth.c
index 6f0a73b..ebacbb3 100644
--- a/src/astal-auth.c
+++ b/src/astal-auth.c
@@ -1,7 +1,8 @@
-#include "auth.h"
-#include
-#include
#include
+#include
+#include
+
+#include "auth.h"
GMainLoop *loop;
@@ -21,10 +22,9 @@ static char *read_secret(const char *msg, gboolean echo) {
return NULL;
}
newt = oldt;
- if(echo) {
+ if (echo) {
newt.c_lflag |= ECHO;
- }
- else {
+ } else {
newt.c_lflag &= ~(ECHO);
}
if (tcsetattr(STDIN_FILENO, TCSANOW, &newt) != 0) {
@@ -63,7 +63,7 @@ static void authenticate(AstalAuthPam *pam) {
}
static void on_visible(AstalAuthPam *pam, const gchar *data) {
- char* secret = read_secret(data, TRUE);
+ char *secret = read_secret(data, TRUE);
if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
astal_auth_pam_supply_secret(pam, secret);
g_free(secret);
@@ -93,26 +93,24 @@ static void on_success(AstalAuthPam *pam) {
static void on_fail(AstalAuthPam *pam, const gchar *data, gboolean retry) {
g_print("%s\n", data);
- if (retry) authenticate(pam);
- else cleanup_and_quit(pam, EXIT_FAILURE);
+ if (retry)
+ authenticate(pam);
+ else
+ cleanup_and_quit(pam, EXIT_FAILURE);
}
-
int main(int argc, char **argv) {
-
- char* password = NULL;
- char* username = NULL;
- char* service = NULL;
+ char *password = NULL;
+ char *username = NULL;
+ char *service = NULL;
int opt;
const char *optstring = "p:u:s:";
- static struct option long_options[] = {
- {"password", required_argument, NULL, 'p'},
- {"username", required_argument, NULL, 'u'},
- {"service", required_argument, NULL, 's'},
- {NULL, 0, NULL, 0}
- };
+ static struct option long_options[] = {{"password", required_argument, NULL, 'p'},
+ {"username", required_argument, NULL, 'u'},
+ {"service", required_argument, NULL, 's'},
+ {NULL, 0, NULL, 0}};
while ((opt = getopt_long(argc, argv, optstring, long_options, NULL)) != -1) {
switch (opt) {
@@ -138,13 +136,12 @@ int main(int argc, char **argv) {
if (username) astal_auth_pam_set_username(pam, username);
if (service) astal_auth_pam_set_service(pam, service);
if (password) {
- g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void*)FALSE);
- }
- else {
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)FALSE);
+ } else {
g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
- g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void*)TRUE);
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)TRUE);
}
g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), g_strdup(password));
diff --git a/src/pam.c b/src/pam.c
index 760680e..a11d768 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -1,8 +1,8 @@
-#include "auth.h"
#include
#include
#include
+#include "auth.h"
struct _AstalAuthPam {
GObject parent_instance;
@@ -48,14 +48,16 @@ typedef enum {
ASTAL_AUTH_PAM_N_PROPERTIES
} AstalAuthPamProperties;
-
-static guint astal_auth_pam_signals[ASTAL_AUTH_PAM_N_SIGNALS] = {0,};
-static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {NULL,};
+static guint astal_auth_pam_signals[ASTAL_AUTH_PAM_N_SIGNALS] = {
+ 0,
+};
+static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {
+ NULL,
+};
G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
-
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
g_return_if_fail(username != NULL);
@@ -65,7 +67,6 @@ void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
}
void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
-
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
@@ -78,7 +79,6 @@ void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
}
void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
-
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
g_return_if_fail(service != NULL);
@@ -88,18 +88,17 @@ void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
}
const gchar *astal_auth_pam_get_username(AstalAuthPam *self) {
-
- g_return_val_if_fail (ASTAL_AUTH_IS_PAM(self), NULL);
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
return self->username;
}
const gchar *astal_auth_pam_get_service(AstalAuthPam *self) {
-
g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
return self->service;
}
-static void astal_auth_pam_set_property(GObject *object, guint property_id, const GValue *value, GParamSpec *pspec) {
+static void astal_auth_pam_set_property(GObject *object, guint property_id, const GValue *value,
+ GParamSpec *pspec) {
AstalAuthPam *self = ASTAL_AUTH_PAM(object);
switch (property_id) {
@@ -110,12 +109,13 @@ static void astal_auth_pam_set_property(GObject *object, guint property_id, cons
astal_auth_pam_set_service(self, g_value_get_string(value));
break;
default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+ G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
break;
}
}
-static void astal_auth_pam_get_property(GObject *object, guint property_id, GValue *value, GParamSpec *pspec) {
+static void astal_auth_pam_get_property(GObject *object, guint property_id, GValue *value,
+ GParamSpec *pspec) {
AstalAuthPam *self = ASTAL_AUTH_PAM(object);
switch (property_id) {
@@ -126,13 +126,12 @@ static void astal_auth_pam_get_property(GObject *object, guint property_id, GVal
g_value_set_string(value, self->service);
break;
default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+ G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
break;
}
}
static void astal_auth_pam_callback(GObject *object, GAsyncResult *res, gpointer user_data) {
-
AstalAuthPam *self = ASTAL_AUTH_PAM(object);
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
@@ -160,25 +159,22 @@ static void astal_auth_pam_emit_signal(AstalAuthPam *pam, guint signal, const gc
GSource *emit_source;
AstalAuthPamSignalEmitData *data;
- data = g_new0 (AstalAuthPamSignalEmitData, 1);
+ data = g_new0(AstalAuthPamSignalEmitData, 1);
data->pam = pam;
data->signal_id = astal_auth_pam_signals[signal];
data->msg = g_strdup(msg);
emit_source = g_idle_source_new();
g_source_set_callback(emit_source, astal_auth_pam_emit_signal_in_context, data,
- (GDestroyNotify) astal_auth_pam_signal_emit_data_free);
+ (GDestroyNotify)astal_auth_pam_signal_emit_data_free);
g_source_set_priority(emit_source, G_PRIORITY_DEFAULT);
- g_source_attach(emit_source, ((AstalAuthPamPrivate *) astal_auth_pam_get_instance_private(pam))->context);
+ g_source_attach(emit_source,
+ ((AstalAuthPamPrivate *)astal_auth_pam_get_instance_private(pam))->context);
g_source_unref(emit_source);
-
}
-
-int astal_auth_pam_handle_conversation(int num_msg,
- const struct pam_message **msg,
- struct pam_response **resp,
- void *appdata_ptr) {
+int astal_auth_pam_handle_conversation(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr) {
AstalAuthPam *self = appdata_ptr;
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
@@ -186,7 +182,7 @@ int astal_auth_pam_handle_conversation(int num_msg,
if (num_msg <= 0 || num_msg > PAM_MAX_NUM_MSG) {
return PAM_CONV_ERR;
}
- replies = (struct pam_response *) calloc(num_msg, sizeof(struct pam_response));
+ replies = (struct pam_response *)calloc(num_msg, sizeof(struct pam_response));
if (replies == NULL) {
return PAM_BUF_ERR;
}
@@ -200,23 +196,19 @@ int astal_auth_pam_handle_conversation(int num_msg,
signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE;
break;
case PAM_ERROR_MSG:
- signal = ASTAL_AUTH_PAM_SIGNAL_ERROR;;
+ signal = ASTAL_AUTH_PAM_SIGNAL_ERROR;
+ ;
break;
case PAM_TEXT_INFO:
signal = ASTAL_AUTH_PAM_SIGNAL_INFO;
break;
default:
- g_free(replies);
- return PAM_CONV_ERR;
- break;
+ g_free(replies);
+ return PAM_CONV_ERR;
+ break;
}
guint signal_id = astal_auth_pam_signals[signal];
- if (g_signal_has_handler_pending(
- self,
- signal_id,
- 0,
- FALSE)
- ) {
+ if (g_signal_has_handler_pending(self, signal_id, 0, FALSE)) {
astal_auth_pam_emit_signal(self, signal, msg[i]->msg);
g_mutex_lock(&priv->data_mutex);
while (!priv->secret_set) {
@@ -234,17 +226,14 @@ int astal_auth_pam_handle_conversation(int num_msg,
return PAM_SUCCESS;
}
-static void astal_auth_pam_thread(GTask *task,
- gpointer object,
- gpointer task_data,
+static void astal_auth_pam_thread(GTask *task, gpointer object, gpointer task_data,
GCancellable *cancellable) {
-
AstalAuthPam *self = g_task_get_source_object(task);
pam_handle_t *pamh = NULL;
const struct pam_conv conv = {
- .conv = astal_auth_pam_handle_conversation,
- .appdata_ptr = self,
+ .conv = astal_auth_pam_handle_conversation,
+ .appdata_ptr = self,
};
int retval;
@@ -254,7 +243,8 @@ static void astal_auth_pam_thread(GTask *task,
pam_end(pamh, retval);
}
if (retval != PAM_SUCCESS) {
- g_task_return_new_error(task, G_IO_ERROR, G_IO_ERROR_FAILED, "%s", pam_strerror(pamh, retval));
+ g_task_return_new_error(task, G_IO_ERROR, G_IO_ERROR_FAILED, "%s",
+ pam_strerror(pamh, retval));
} else {
g_task_return_int(task, retval);
}
@@ -263,7 +253,6 @@ static void astal_auth_pam_thread(GTask *task,
gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
GAsyncReadyCallback result_callback,
gpointer user_data) {
-
g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), FALSE);
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
g_return_val_if_fail(priv->task == NULL, FALSE);
@@ -277,7 +266,8 @@ gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
}
gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self) {
- return astal_auth_pam_start_authenticate_with_callback(self, (GAsyncReadyCallback) astal_auth_pam_callback, NULL);
+ return astal_auth_pam_start_authenticate_with_callback(
+ self, (GAsyncReadyCallback)astal_auth_pam_callback, NULL);
}
static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar *password) {
@@ -285,20 +275,19 @@ static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar
g_free(password);
}
-gboolean astal_auth_pam_authenticate(const gchar *password,
- GAsyncReadyCallback result_callback,
+gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
gpointer user_data) {
-
AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
- g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(astal_auth_pam_on_hidden), (void *) g_strdup(password));
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(astal_auth_pam_on_hidden),
+ (void *)g_strdup(password));
- gboolean started = astal_auth_pam_start_authenticate_with_callback(pam, result_callback, user_data);
+ gboolean started =
+ astal_auth_pam_start_authenticate_with_callback(pam, result_callback, user_data);
g_object_unref(pam);
return started;
}
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res,
- GError **error) {
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error) {
return g_task_propagate_int(G_TASK(res), error);
}
@@ -311,11 +300,9 @@ static void astal_auth_pam_init(AstalAuthPam *self) {
g_mutex_init(&priv->data_mutex);
priv->context = g_main_context_get_thread_default();
-
}
static void astal_auth_pam_finalize(GObject *gobject) {
-
AstalAuthPam *self = ASTAL_AUTH_PAM(gobject);
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
@@ -327,12 +314,11 @@ static void astal_auth_pam_finalize(GObject *gobject) {
g_cond_clear(&priv->data_cond);
g_mutex_clear(&priv->data_mutex);
- G_OBJECT_CLASS (astal_auth_pam_parent_class)->finalize(gobject);
+ G_OBJECT_CLASS(astal_auth_pam_parent_class)->finalize(gobject);
}
static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
-
- GObjectClass *object_class = G_OBJECT_CLASS (class);
+ GObjectClass *object_class = G_OBJECT_CLASS(class);
object_class->get_property = astal_auth_pam_get_property;
object_class->set_property = astal_auth_pam_set_property;
@@ -342,97 +328,35 @@ static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
struct passwd *passwd = getpwuid(getuid());
astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_USERNAME] =
- g_param_spec_string("username",
- "username",
- "username used for authentication",
- passwd->pw_name,
- G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+ g_param_spec_string("username", "username", "username used for authentication",
+ passwd->pw_name, G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_SERVICE] =
- g_param_spec_string("service",
- "service",
- "the pam service to use",
- "astal-auth",
- G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
-
- g_object_class_install_properties(object_class,
- ASTAL_AUTH_PAM_N_PROPERTIES, astal_auth_pam_properties);
-
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] = g_signal_new(
- "auth-prompt-visible",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING
- );
-
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] = g_signal_new(
- "auth-prompt-hidden",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING
- );
-
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] = g_signal_new(
- "auth-info",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING
- );
-
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] = g_signal_new(
- "auth-error",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING
- );
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] = g_signal_new(
- "success",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 0
- );
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] = g_signal_new(
- "fail",
- G_TYPE_FROM_CLASS (class),
- G_SIGNAL_RUN_FIRST,
- 0,
- NULL,
- NULL,
- NULL,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING
- );
+ g_param_spec_string("service", "service", "the pam service to use", "astal-auth",
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+
+ g_object_class_install_properties(object_class, ASTAL_AUTH_PAM_N_PROPERTIES,
+ astal_auth_pam_properties);
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] =
+ g_signal_new("auth-prompt-visible", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
+ NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] =
+ g_signal_new("auth-prompt-hidden", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
+ NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] =
+ g_signal_new("auth-info", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1, G_TYPE_STRING);
+
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] =
+ g_signal_new("auth-error", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL,
+ NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] =
+ g_signal_new("success", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 0);
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] =
+ g_signal_new("fail", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1, G_TYPE_STRING);
}
-
-
-
--
cgit v1.2.3
From 3e9d84ad529bda7f295b5b981fbc3a470772bd0d Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Wed, 17 Jul 2024 08:33:53 +0200
Subject: move header to astal-auth.h
---
examples/full_example.c | 2 +-
examples/simple_example.c | 2 +-
include/astal-auth.h | 100 ++++++++++++++++++++++++++++++++++++++++++++++
include/auth.h | 100 ----------------------------------------------
include/meson.build | 4 +-
src/astal-auth.c | 2 +-
src/meson.build | 2 +-
src/pam.c | 2 +-
8 files changed, 107 insertions(+), 107 deletions(-)
create mode 100644 include/astal-auth.h
delete mode 100644 include/auth.h
diff --git a/examples/full_example.c b/examples/full_example.c
index 73096a6..a20c02b 100644
--- a/examples/full_example.c
+++ b/examples/full_example.c
@@ -1,6 +1,6 @@
#include
-#include "auth.h"
+#include "astal-auth.h"
GMainLoop *loop;
diff --git a/examples/simple_example.c b/examples/simple_example.c
index e11b5f9..d00bad2 100644
--- a/examples/simple_example.c
+++ b/examples/simple_example.c
@@ -1,6 +1,6 @@
#include
-#include "auth.h"
+#include "astal-auth.h"
GMainLoop *loop;
diff --git a/include/astal-auth.h b/include/astal-auth.h
new file mode 100644
index 0000000..e1f4b3d
--- /dev/null
+++ b/include/astal-auth.h
@@ -0,0 +1,100 @@
+#ifndef ASTAL_AUTH_PAM_H
+#define ASTAL_AUTH_PAM_H
+
+#include
+#include
+
+G_BEGIN_DECLS
+
+#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
+
+G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
+
+/**
+ * astal_auth_pam_set_username
+ * @self: a AstalAuthPam object
+ * @username: the new username
+ *
+ * Sets the username to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to the owner of the process.
+ *
+ */
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
+
+/**
+ * astal_auth_pam_get_username
+ * @self: a AstalAuthPam object
+ *
+ * Fetches the username from AsalAuthPam object.
+ *
+ * Returns: the username of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_set_service
+ * @self: a AstalAuthPam object
+ * @service: the pam service used for authentication
+ *
+ * Sets the service to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to `astal-auth`.
+ *
+ */
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
+
+/**
+ * astal_auth_pam_get_service
+ * @self: a AstalAuthPam
+ *
+ * Fetches the service from AsalAuthPam object.
+ *
+ * Returns: the service of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_start_authentication:
+ * @self: a AstalAuthPam Object
+ *
+ * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
+ * Note that this will cancel an already running authentication process
+ * associated with this AstalAuthPam object.
+ */
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
+
+/**
+ * astal_auth_pam_supply_secret
+ * @self: a AstalAuthPam Object
+ * @secret: (nullable): the secret to be provided to pam. Can be NULL.
+ *
+ * provides pam with a secret. This method must be called exactly once after a
+ * auth-* signal is emitted.
+ */
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
+
+/**
+ * astal_auth_pam_authenticate:
+ * @password: the password to be authenticated
+ * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
+ * to call when the request is satisfied
+ * @user_data: the data to pass to callback function
+ *
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
+ * system.
+ */
+gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
+ gpointer user_data);
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error);
+
+G_END_DECLS
+
+#endif // !ASTAL_AUTH_PAM_H
diff --git a/include/auth.h b/include/auth.h
deleted file mode 100644
index e1f4b3d..0000000
--- a/include/auth.h
+++ /dev/null
@@ -1,100 +0,0 @@
-#ifndef ASTAL_AUTH_PAM_H
-#define ASTAL_AUTH_PAM_H
-
-#include
-#include
-
-G_BEGIN_DECLS
-
-#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
-
-G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
-
-/**
- * astal_auth_pam_set_username
- * @self: a AstalAuthPam object
- * @username: the new username
- *
- * Sets the username to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to the owner of the process.
- *
- */
-void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
-
-/**
- * astal_auth_pam_get_username
- * @self: a AstalAuthPam object
- *
- * Fetches the username from AsalAuthPam object.
- *
- * Returns: the username of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
-
-/**
- * astal_auth_pam_set_service
- * @self: a AstalAuthPam object
- * @service: the pam service used for authentication
- *
- * Sets the service to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to `astal-auth`.
- *
- */
-void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
-
-/**
- * astal_auth_pam_get_service
- * @self: a AstalAuthPam
- *
- * Fetches the service from AsalAuthPam object.
- *
- * Returns: the service of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
-
-/**
- * astal_auth_pam_start_authentication:
- * @self: a AstalAuthPam Object
- *
- * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
- * Note that this will cancel an already running authentication process
- * associated with this AstalAuthPam object.
- */
-gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
-
-/**
- * astal_auth_pam_supply_secret
- * @self: a AstalAuthPam Object
- * @secret: (nullable): the secret to be provided to pam. Can be NULL.
- *
- * provides pam with a secret. This method must be called exactly once after a
- * auth-* signal is emitted.
- */
-void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
-
-/**
- * astal_auth_pam_authenticate:
- * @password: the password to be authenticated
- * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
- * to call when the request is satisfied
- * @user_data: the data to pass to callback function
- *
- * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
- * system.
- */
-gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
- gpointer user_data);
-
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error);
-
-G_END_DECLS
-
-#endif // !ASTAL_AUTH_PAM_H
diff --git a/include/meson.build b/include/meson.build
index 3db00c1..0575998 100644
--- a/include/meson.build
+++ b/include/meson.build
@@ -1,4 +1,4 @@
astal_auth_inc = include_directories('.')
-astal_auth_headers = files('auth.h')
+astal_auth_headers = files('astal-auth.h')
-install_headers('auth.h', subdir : 'astal')
+install_headers('astal-auth.h')
diff --git a/src/astal-auth.c b/src/astal-auth.c
index ebacbb3..1c435ae 100644
--- a/src/astal-auth.c
+++ b/src/astal-auth.c
@@ -2,7 +2,7 @@
#include
#include
-#include "auth.h"
+#include "astal-auth.h"
GMainLoop *loop;
diff --git a/src/meson.build b/src/meson.build
index d8eb796..6a34ae0 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -41,7 +41,7 @@ if get_option('introspection')
symbol_prefix : 'astal_auth',
identifier_prefix : 'AstalAuth',
includes : ['GObject-2.0', 'Gio-2.0'],
- header : 'astal/auth.h',
+ header : 'astal-auth.h',
export_packages : pkg_config_name,
install : true
)
diff --git a/src/pam.c b/src/pam.c
index a11d768..90d950e 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -2,7 +2,7 @@
#include
#include
-#include "auth.h"
+#include "astal-auth.h"
struct _AstalAuthPam {
GObject parent_instance;
--
cgit v1.2.3
From bf95e1044172c23a71e8b2e0a823c2fe9593a131 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Wed, 17 Jul 2024 17:07:18 +0200
Subject: improve docs
---
include/astal-auth.h | 68 ------------------------
src/astal-auth.c | 4 +-
src/pam.c | 145 +++++++++++++++++++++++++++++++++++++++++++++++++--
3 files changed, 142 insertions(+), 75 deletions(-)
diff --git a/include/astal-auth.h b/include/astal-auth.h
index e1f4b3d..a3073ff 100644
--- a/include/astal-auth.h
+++ b/include/astal-auth.h
@@ -10,86 +10,18 @@ G_BEGIN_DECLS
G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
-/**
- * astal_auth_pam_set_username
- * @self: a AstalAuthPam object
- * @username: the new username
- *
- * Sets the username to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to the owner of the process.
- *
- */
void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
-/**
- * astal_auth_pam_get_username
- * @self: a AstalAuthPam object
- *
- * Fetches the username from AsalAuthPam object.
- *
- * Returns: the username of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
-/**
- * astal_auth_pam_set_service
- * @self: a AstalAuthPam object
- * @service: the pam service used for authentication
- *
- * Sets the service to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to `astal-auth`.
- *
- */
void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
-/**
- * astal_auth_pam_get_service
- * @self: a AstalAuthPam
- *
- * Fetches the service from AsalAuthPam object.
- *
- * Returns: the service of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
-/**
- * astal_auth_pam_start_authentication:
- * @self: a AstalAuthPam Object
- *
- * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
- * Note that this will cancel an already running authentication process
- * associated with this AstalAuthPam object.
- */
gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
-/**
- * astal_auth_pam_supply_secret
- * @self: a AstalAuthPam Object
- * @secret: (nullable): the secret to be provided to pam. Can be NULL.
- *
- * provides pam with a secret. This method must be called exactly once after a
- * auth-* signal is emitted.
- */
void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
-/**
- * astal_auth_pam_authenticate:
- * @password: the password to be authenticated
- * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
- * to call when the request is satisfied
- * @user_data: the data to pass to callback function
- *
- * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
- * system.
- */
gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
gpointer user_data);
diff --git a/src/astal-auth.c b/src/astal-auth.c
index 1c435ae..1ac2bd7 100644
--- a/src/astal-auth.c
+++ b/src/astal-auth.c
@@ -1,9 +1,9 @@
+#include "astal-auth.h"
+
#include
#include
#include
-#include "astal-auth.h"
-
GMainLoop *loop;
static void cleanup_and_quit(AstalAuthPam *pam, int status) {
diff --git a/src/pam.c b/src/pam.c
index 90d950e..ecf6994 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -57,6 +57,18 @@ static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {
G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
+/**
+ * astal_auth_pam_set_username
+ * @self: a AstalAuthPam object
+ * @username: the new username
+ *
+ * Sets the username to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to the owner of the process.
+ *
+ */
void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
g_return_if_fail(username != NULL);
@@ -66,6 +78,14 @@ void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
g_object_notify(G_OBJECT(self), "username");
}
+/**
+ * astal_auth_pam_supply_secret
+ * @self: a AstalAuthPam Object
+ * @secret: (nullable): the secret to be provided to pam. Can be NULL.
+ *
+ * provides pam with a secret. This method must be called exactly once after a
+ * auth-* signal is emitted.
+ */
void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
@@ -78,6 +98,18 @@ void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
g_mutex_unlock(&priv->data_mutex);
}
+/**
+ * astal_auth_pam_set_service
+ * @self: a AstalAuthPam object
+ * @service: the pam service used for authentication
+ *
+ * Sets the service to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to `astal-auth`.
+ *
+ */
void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
g_return_if_fail(service != NULL);
@@ -87,11 +119,30 @@ void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
g_object_notify(G_OBJECT(self), "service");
}
+/**
+ * astal_auth_pam_get_username
+ * @self: a AstalAuthPam object
+ *
+ * Fetches the username from AsalAuthPam object.
+ *
+ * Returns: the username of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+
const gchar *astal_auth_pam_get_username(AstalAuthPam *self) {
g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
return self->username;
}
+/**
+ * astal_auth_pam_get_service
+ * @self: a AstalAuthPam
+ *
+ * Fetches the service from AsalAuthPam object.
+ *
+ * Returns: the service of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
const gchar *astal_auth_pam_get_service(AstalAuthPam *self) {
g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
return self->service;
@@ -265,6 +316,14 @@ gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
return TRUE;
}
+/**
+ * astal_auth_pam_start_authentication:
+ * @self: a AstalAuthPam Object
+ *
+ * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
+ * Note that this will cancel an already running authentication process
+ * associated with this AstalAuthPam object.
+ */
gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self) {
return astal_auth_pam_start_authenticate_with_callback(
self, (GAsyncReadyCallback)astal_auth_pam_callback, NULL);
@@ -275,6 +334,16 @@ static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar
g_free(password);
}
+/**
+ * astal_auth_pam_authenticate:
+ * @password: the password to be authenticated
+ * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
+ * to call when the request is satisfied
+ * @user_data: the data to pass to callback function
+ *
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
+ * system.
+ */
gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
gpointer user_data) {
AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
@@ -327,35 +396,101 @@ static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
struct passwd *passwd = getpwuid(getuid());
+ /**
+ * AstalAuthPam:username:
+ *
+ * The username used for authentication.
+ * Changing the value of this property has no affect on an already started authentication
+ * process.
+ *
+ * Defaults to the user that owns this process.
+ */
astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_USERNAME] =
g_param_spec_string("username", "username", "username used for authentication",
passwd->pw_name, G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
-
+ /**
+ * AstalAuthPam:service:
+ *
+ * The pam service used for authentication.
+ * Changing the value of this property has no affect on an already started authentication
+ * process.
+ *
+ * Defaults to the astal-auth pam service.
+ */
astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_SERVICE] =
g_param_spec_string("service", "service", "the pam service to use", "astal-auth",
G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
g_object_class_install_properties(object_class, ASTAL_AUTH_PAM_N_PROPERTIES,
astal_auth_pam_properties);
-
+ /**
+ * AstalAuthPam::auth-prompt-visible:
+ * @pam: the object which received the signal.
+ * @msg: the prompt to be shown to the user
+ *
+ * This signal is emitted when user input is required. The input should be visible
+ * when entered (e.g., for One-Time Passwords (OTP)).
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] =
g_signal_new("auth-prompt-visible", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
-
+ /**
+ * AstalAuthPam::auth-prompt-hidden:
+ * @pam: the object which received the signal.
+ * @msg: the prompt to be shown to the user
+ *
+ * This signal is emitted when user input is required. The input should be hidden
+ * when entered (e.g., for passwords).
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] =
g_signal_new("auth-prompt-hidden", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
-
+ /**
+ * AstalAuthPam::auth-info:
+ * @pam: the object which received the signal.
+ * @msg: the info mssage to be shown to the user
+ *
+ * This signal is emitted when the user should receive an information (e.g., tell the user to
+ * touch a security key, or the remaining time pam has been locked after multiple failed
+ * attempts)
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] =
g_signal_new("auth-info", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
G_TYPE_NONE, 1, G_TYPE_STRING);
-
+ /**
+ * AstalAuthPam::auth-error:
+ * @pam: the object which received the signal.
+ * @msg: the error message
+ *
+ * This signal is emitted when an authentication error has occured.
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] =
g_signal_new("auth-error", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL,
NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+ /**
+ * AstalAuthPam::success:
+ * @pam: the object which received the signal.
+ *
+ * This signal is emitted after successful authentication
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] =
g_signal_new("success", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
G_TYPE_NONE, 0);
+ /**
+ * AstalAuthPam::fail:
+ * @pam: the object which received the signal.
+ * @msg: the authentication failure message
+ *
+ * This signal is emitted when authentication failed.
+ */
astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] =
g_signal_new("fail", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
G_TYPE_NONE, 1, G_TYPE_STRING);
--
cgit v1.2.3
From 573f5b18ac51760876307c1e69f6eb0958eb39f2 Mon Sep 17 00:00:00 2001
From: Aylur
Date: Fri, 26 Jul 2024 15:09:06 +0200
Subject: switch to LGPLv2.1
---
LICENSE | 1131 +++++++++++++++++++++++++++------------------------------------
1 file changed, 480 insertions(+), 651 deletions(-)
diff --git a/LICENSE b/LICENSE
index f288702..67cd97b 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,674 +1,503 @@
- GNU GENERAL PUBLIC LICENSE
- Version 3, 29 June 2007
+ GNU LESSER GENERAL PUBLIC LICENSE
+ Version 2.1, February 1999
- Copyright (C) 2007 Free Software Foundation, Inc.
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
+[This is the first released version of the Lesser GPL. It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
Preamble
- The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
- The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works. By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users. We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors. You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
- To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights. Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received. You must make sure that they, too, receive
-or can get the source code. And you must show them these terms so they
-know their rights.
-
- Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
- For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software. For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
- Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so. This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software. The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable. Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products. If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
- Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary. To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+ This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it. You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+ When we speak of free software, we are referring to freedom of use,
+not price. Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+ To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights. These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+ For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you. You must make sure that they, too, receive or can get the source
+code. If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it. And you must show them these terms so they know their rights.
+
+ We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+ To protect each distributor, we want to make it very clear that
+there is no warranty for the free library. Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+�
+ Finally, software patents pose a constant threat to the existence of
+any free program. We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder. Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+ Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License. This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License. We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+ When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library. The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom. The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+ We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License. It also provides other free software developers Less
+of an advantage over competing non-free programs. These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries. However, the Lesser license provides advantages in certain
+special circumstances.
+
+ For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard. To achieve this, non-free programs must be
+allowed to use the library. A more frequent case is that a free
+library does the same job as widely used non-free libraries. In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+ In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software. For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+ Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
-modification follow.
-
- TERMS AND CONDITIONS
-
- 0. Definitions.
-
- "This License" refers to version 3 of the GNU General Public License.
-
- "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
- "The Program" refers to any copyrightable work licensed under this
-License. Each licensee is addressed as "you". "Licensees" and
-"recipients" may be individuals or organizations.
-
- To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy. The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
- A "covered work" means either the unmodified Program or a work based
-on the Program.
-
- To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy. Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
- To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies. Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
- An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License. If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
- 1. Source Code.
-
- The "source code" for a work means the preferred form of the work
-for making modifications to it. "Object code" means any non-source
-form of a work.
-
- A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
- The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form. A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
- The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities. However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work. For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
- The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
- The Corresponding Source for a work in source code form is that
-same work.
-
- 2. Basic Permissions.
-
- All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met. This License explicitly affirms your unlimited
-permission to run the unmodified Program. The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work. This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
- You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force. You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright. Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
- Conveying under any other circumstances is permitted solely under
-the conditions stated below. Sublicensing is not allowed; section 10
-makes it unnecessary.
-
- 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
- No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
- When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
- 4. Conveying Verbatim Copies.
-
- You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
- You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
- 5. Conveying Modified Source Versions.
-
- You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
- a) The work must carry prominent notices stating that you modified
- it, and giving a relevant date.
-
- b) The work must carry prominent notices stating that it is
- released under this License and any conditions added under section
- 7. This requirement modifies the requirement in section 4 to
- "keep intact all notices".
-
- c) You must license the entire work, as a whole, under this
- License to anyone who comes into possession of a copy. This
- License will therefore apply, along with any applicable section 7
- additional terms, to the whole of the work, and all its parts,
- regardless of how they are packaged. This License gives no
- permission to license the work in any other way, but it does not
- invalidate such permission if you have separately received it.
-
- d) If the work has interactive user interfaces, each must display
- Appropriate Legal Notices; however, if the Program has interactive
- interfaces that do not display Appropriate Legal Notices, your
- work need not make them do so.
-
- A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit. Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
- 6. Conveying Non-Source Forms.
-
- You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
- a) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by the
- Corresponding Source fixed on a durable physical medium
- customarily used for software interchange.
-
- b) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by a
- written offer, valid for at least three years and valid for as
- long as you offer spare parts or customer support for that product
- model, to give anyone who possesses the object code either (1) a
- copy of the Corresponding Source for all the software in the
- product that is covered by this License, on a durable physical
- medium customarily used for software interchange, for a price no
- more than your reasonable cost of physically performing this
- conveying of source, or (2) access to copy the
- Corresponding Source from a network server at no charge.
-
- c) Convey individual copies of the object code with a copy of the
- written offer to provide the Corresponding Source. This
- alternative is allowed only occasionally and noncommercially, and
- only if you received the object code with such an offer, in accord
- with subsection 6b.
-
- d) Convey the object code by offering access from a designated
- place (gratis or for a charge), and offer equivalent access to the
- Corresponding Source in the same way through the same place at no
- further charge. You need not require recipients to copy the
- Corresponding Source along with the object code. If the place to
- copy the object code is a network server, the Corresponding Source
- may be on a different server (operated by you or a third party)
- that supports equivalent copying facilities, provided you maintain
- clear directions next to the object code saying where to find the
- Corresponding Source. Regardless of what server hosts the
- Corresponding Source, you remain obligated to ensure that it is
- available for as long as needed to satisfy these requirements.
-
- e) Convey the object code using peer-to-peer transmission, provided
- you inform other peers where the object code and Corresponding
- Source of the work are being offered to the general public at no
- charge under subsection 6d.
-
- A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
- A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling. In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage. For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product. A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
- "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source. The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
- If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information. But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
- The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed. Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
- Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
- 7. Additional Terms.
-
- "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law. If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
- When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it. (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.) You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
- Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
- a) Disclaiming warranty or limiting liability differently from the
- terms of sections 15 and 16 of this License; or
-
- b) Requiring preservation of specified reasonable legal notices or
- author attributions in that material or in the Appropriate Legal
- Notices displayed by works containing it; or
-
- c) Prohibiting misrepresentation of the origin of that material, or
- requiring that modified versions of such material be marked in
- reasonable ways as different from the original version; or
-
- d) Limiting the use for publicity purposes of names of licensors or
- authors of the material; or
-
- e) Declining to grant rights under trademark law for use of some
- trade names, trademarks, or service marks; or
-
- f) Requiring indemnification of licensors and authors of that
- material by anyone who conveys the material (or modified versions of
- it) with contractual assumptions of liability to the recipient, for
- any liability that these contractual assumptions directly impose on
- those licensors and authors.
-
- All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10. If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term. If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
- If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
- Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
- 8. Termination.
-
- You may not propagate or modify a covered work except as expressly
-provided under this License. Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
- However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
- Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
- Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License. If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
- 9. Acceptance Not Required for Having Copies.
-
- You are not required to accept this License in order to receive or
-run a copy of the Program. Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance. However,
-nothing other than this License grants you permission to propagate or
-modify any covered work. These actions infringe copyright if you do
-not accept this License. Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
- 10. Automatic Licensing of Downstream Recipients.
-
- Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License. You are not responsible
-for enforcing compliance by third parties with this License.
-
- An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations. If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
- You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License. For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
- 11. Patents.
-
- A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based. The
-work thus licensed is called the contributor's "contributor version".
-
- A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version. For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
+modification follow. Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library". The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+�
+ GNU LESSER GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+ A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+ The "Library", below, refers to any such software library or work
+which has been distributed under these terms. A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language. (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+ "Source code" for a work means the preferred form of the work for
+making modifications to it. For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+ Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it). Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+ 1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+ You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+�
+ 2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) The modified work must itself be a software library.
+
+ b) You must cause the files modified to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ c) You must cause the whole of the work to be licensed at no
+ charge to all third parties under the terms of this License.
+
+ d) If a facility in the modified Library refers to a function or a
+ table of data to be supplied by an application program that uses
+ the facility, other than as an argument passed when the facility
+ is invoked, then you must make a good faith effort to ensure that,
+ in the event an application does not supply such function or
+ table, the facility still operates, and performs whatever part of
+ its purpose remains meaningful.
+
+ (For example, a function in a library to compute square roots has
+ a purpose that is entirely well-defined independent of the
+ application. Therefore, Subsection 2d requires that any
+ application-supplied function or table used by this function must
+ be optional: if the application does not supply it, the square
+ root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library. To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License. (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.) Do not make any other change in
+these notices.
+�
+ Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+ This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+ 4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+ If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library". Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+ However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library". The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+ When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library. The
+threshold for this to be true is not precisely defined by law.
+
+ If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work. (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+ Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+�
+ 6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+ You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License. You must supply a copy of this License. If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License. Also, you must do one
+of these things:
+
+ a) Accompany the work with the complete corresponding
+ machine-readable source code for the Library including whatever
+ changes were used in the work (which must be distributed under
+ Sections 1 and 2 above); and, if the work is an executable linked
+ with the Library, with the complete machine-readable "work that
+ uses the Library", as object code and/or source code, so that the
+ user can modify the Library and then relink to produce a modified
+ executable containing the modified Library. (It is understood
+ that the user who changes the contents of definitions files in the
+ Library will not necessarily be able to recompile the application
+ to use the modified definitions.)
+
+ b) Use a suitable shared library mechanism for linking with the
+ Library. A suitable mechanism is one that (1) uses at run time a
+ copy of the library already present on the user's computer system,
+ rather than copying library functions into the executable, and (2)
+ will operate properly with a modified version of the library, if
+ the user installs one, as long as the modified version is
+ interface-compatible with the version that the work was made with.
+
+ c) Accompany the work with a written offer, valid for at
+ least three years, to give the same user the materials
+ specified in Subsection 6a, above, for a charge no more
+ than the cost of performing this distribution.
+
+ d) If distribution of the work is made by offering access to copy
+ from a designated place, offer equivalent access to copy the above
+ specified materials from the same place.
+
+ e) Verify that the user has already received a copy of these
+ materials or that you have already sent this user a copy.
+
+ For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it. However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+ It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system. Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+�
+ 7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+ a) Accompany the combined library with a copy of the same work
+ based on the Library, uncombined with any other library
+ facilities. This must be distributed under the terms of the
+ Sections above.
+
+ b) Give prominent notice with the combined library of the fact
+ that part of it is a work based on the Library, and explaining
+ where to find the accompanying uncombined form of the same work.
+
+ 8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License. Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License. However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+ 9. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Library or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+ 10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
this License.
-
- Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
- In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement). To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
- If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients. "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
- If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
- A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License. You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
- Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
- 12. No Surrender of Others' Freedom.
-
- If conditions are imposed on you (whether by court order, agreement or
+�
+ 11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all. For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
- 13. Use with the GNU Affero General Public License.
-
- Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work. The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
- 14. Revised Versions of this License.
-
- The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
- Each version is given a distinguishing version number. If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation. If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
- If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
- Later license versions may give you additional or different
-permissions. However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
- 15. Disclaimer of Warranty.
-
- THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 16. Limitation of Liability.
-
- IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
- 17. Interpretation of Sections 15 and 16.
-
- If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all. For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded. In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+ 13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation. If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+�
+ 14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission. For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this. Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+ NO WARRANTY
+
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
END OF TERMS AND CONDITIONS
+�
+ How to Apply These Terms to Your New Libraries
- How to Apply These Terms to Your New Programs
+ If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change. You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
+ To apply these terms, attach the following notices to the library. It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-
+
Copyright (C)
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
- This program is distributed in the hope that it will be useful,
+ This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program. If not, see .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
- If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
- Copyright (C)
- This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
- You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-.
-
- The GNU General Public License does not permit incorporating your program
-into proprietary programs. If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License. But first, please read
-.
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+ , 1 April 1990
+ Ty Coon, President of Vice
+
+That's all there is to it!
+
--
cgit v1.2.3
From 0722cfa509b73c23dbff658b3555cea820997477 Mon Sep 17 00:00:00 2001
From: kotontrion
Date: Fri, 16 Aug 2024 17:24:48 +0200
Subject: improve docs
---
src/pam.c | 29 ++++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/src/pam.c b/src/pam.c
index ecf6994..d0afec4 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -57,6 +57,33 @@ static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {
G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
+/**
+ *
+ * AstalAuthPam
+ *
+ * For simple authentication using only a password, using the [func@AstalAuth.Pam.authenticate]
+ * method is recommended. Look at the simple examples for how to use it.
+ *
+ * There is also a way to get access to the pam conversation, to allow for a more complex
+ * authentication process, like using multiple factor authentication. Generally it can be used like
+ * this:
+ *
+ * 1. create the Pam object.
+ * 2. set username and service if so required. It has sane defaults, so in most cases you can skip
+ * this.
+ * 3. connect to the signals.
+ * After an `auth-*` signal is emitted, it has to be responded with exactly one
+ * [method@AstalAuth.Pam.supply_secret] call. The secret is a string containing the user input. For
+ * [auth-info][signal@AstalAuth.Pam::auth-info:] and [auth-error][signal@AstalAuth.Pam::auth-error:]
+ * it should be `NULL`. Not connecting those signals, is equivalent to calling
+ * [method@AstalAuth.Pam.supply_secret] with `NULL` immediately after the signal is emitted.
+ * 4. start authentication process using [method@AstalAuth.Pam.start_authenticate].
+ * 5. it is possible to reuse the same Pam object for multiple sequential authentication attempts.
+ * Just call [method@AstalAuth.Pam.start_authenticate] again after the `success` or `fail` signal
+ * was emitted.
+ *
+ */
+
/**
* astal_auth_pam_set_username
* @self: a AstalAuthPam object
@@ -317,7 +344,7 @@ gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
}
/**
- * astal_auth_pam_start_authentication:
+ * astal_auth_pam_start_authenticate:
* @self: a AstalAuthPam Object
*
* starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
--
cgit v1.2.3
From 43e6bd47863c45b9232f0f74e973b83b8354bd3a Mon Sep 17 00:00:00 2001
From: kotontrion <141950090+kotontrion@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:00:30 +0200
Subject: removed old license from readme
---
README.md | 4 ----
1 file changed, 4 deletions(-)
diff --git a/README.md b/README.md
index da32bad..f5d52a3 100644
--- a/README.md
+++ b/README.md
@@ -63,8 +63,4 @@ Generally it can be used like this:
Not connecting those signals, is equivalent to calling `pam.supply_secret(NULL)` immediately after the signal is emitted.
4. start authentication process using `Pam.start_authentication()`. This function will return whether the authentication was started or not.
5. it is possible to reuse the same Pam object for multiple sequential authentication attempts. Just call `pam.start_authentication()` again after the `success` or `fail` signal was emitted.
-
-## License
-
-This project is licensed under the GPL-3 License - see the LICENSE file for details.
--
cgit v1.2.3
From 6adcd2884ee48ec0b1c8b7486e42b2eeffc48159 Mon Sep 17 00:00:00 2001
From: Aylur
Date: Sun, 1 Sep 2024 03:19:31 +0200
Subject: move to monorepo
---
.gitignore | 3 -
LICENSE | 503 --------------------------------------
README.md | 66 -----
auth/.gitignore | 3 +
auth/LICENSE | 503 ++++++++++++++++++++++++++++++++++++++
auth/README.md | 66 +++++
auth/examples/full_example.c | 66 +++++
auth/examples/full_example.js | 38 +++
auth/examples/meson.build | 18 ++
auth/examples/simple_example.c | 31 +++
auth/examples/simple_example.js | 9 +
auth/flake.lock | 27 +++
auth/flake.nix | 42 ++++
auth/include/astal-auth.h | 32 +++
auth/include/meson.build | 4 +
auth/meson.build | 33 +++
auth/meson_options.txt | 3 +
auth/pam/astal-auth | 5 +
auth/src/astal-auth.c | 153 ++++++++++++
auth/src/meson.build | 65 +++++
auth/src/pam.c | 524 ++++++++++++++++++++++++++++++++++++++++
auth/version | 1 +
examples/full_example.c | 66 -----
examples/full_example.js | 38 ---
examples/meson.build | 18 --
examples/simple_example.c | 31 ---
examples/simple_example.js | 9 -
flake.lock | 27 ---
flake.nix | 42 ----
include/astal-auth.h | 32 ---
include/meson.build | 4 -
meson.build | 33 ---
meson_options.txt | 3 -
pam/astal-auth | 5 -
src/astal-auth.c | 153 ------------
src/meson.build | 65 -----
src/pam.c | 524 ----------------------------------------
version | 1 -
38 files changed, 1623 insertions(+), 1623 deletions(-)
delete mode 100644 .gitignore
delete mode 100644 LICENSE
delete mode 100644 README.md
create mode 100644 auth/.gitignore
create mode 100644 auth/LICENSE
create mode 100644 auth/README.md
create mode 100644 auth/examples/full_example.c
create mode 100644 auth/examples/full_example.js
create mode 100644 auth/examples/meson.build
create mode 100644 auth/examples/simple_example.c
create mode 100644 auth/examples/simple_example.js
create mode 100644 auth/flake.lock
create mode 100644 auth/flake.nix
create mode 100644 auth/include/astal-auth.h
create mode 100644 auth/include/meson.build
create mode 100644 auth/meson.build
create mode 100644 auth/meson_options.txt
create mode 100644 auth/pam/astal-auth
create mode 100644 auth/src/astal-auth.c
create mode 100644 auth/src/meson.build
create mode 100644 auth/src/pam.c
create mode 100644 auth/version
delete mode 100644 examples/full_example.c
delete mode 100644 examples/full_example.js
delete mode 100644 examples/meson.build
delete mode 100644 examples/simple_example.c
delete mode 100644 examples/simple_example.js
delete mode 100644 flake.lock
delete mode 100644 flake.nix
delete mode 100644 include/astal-auth.h
delete mode 100644 include/meson.build
delete mode 100644 meson.build
delete mode 100644 meson_options.txt
delete mode 100644 pam/astal-auth
delete mode 100644 src/astal-auth.c
delete mode 100644 src/meson.build
delete mode 100644 src/pam.c
delete mode 100644 version
diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index 6bf41b5..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-build/
-result/
-.cache/
diff --git a/LICENSE b/LICENSE
deleted file mode 100644
index 67cd97b..0000000
--- a/LICENSE
+++ /dev/null
@@ -1,503 +0,0 @@
- GNU LESSER GENERAL PUBLIC LICENSE
- Version 2.1, February 1999
-
- Copyright (C) 1991, 1999 Free Software Foundation, Inc.
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-[This is the first released version of the Lesser GPL. It also counts
- as the successor of the GNU Library Public License, version 2, hence
- the version number 2.1.]
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-Licenses are intended to guarantee your freedom to share and change
-free software--to make sure the software is free for all its users.
-
- This license, the Lesser General Public License, applies to some
-specially designated software packages--typically libraries--of the
-Free Software Foundation and other authors who decide to use it. You
-can use it too, but we suggest you first think carefully about whether
-this license or the ordinary General Public License is the better
-strategy to use in any particular case, based on the explanations below.
-
- When we speak of free software, we are referring to freedom of use,
-not price. Our General Public Licenses are designed to make sure that
-you have the freedom to distribute copies of free software (and charge
-for this service if you wish); that you receive source code or can get
-it if you want it; that you can change the software and use pieces of
-it in new free programs; and that you are informed that you can do
-these things.
-
- To protect your rights, we need to make restrictions that forbid
-distributors to deny you these rights or to ask you to surrender these
-rights. These restrictions translate to certain responsibilities for
-you if you distribute copies of the library or if you modify it.
-
- For example, if you distribute copies of the library, whether gratis
-or for a fee, you must give the recipients all the rights that we gave
-you. You must make sure that they, too, receive or can get the source
-code. If you link other code with the library, you must provide
-complete object files to the recipients, so that they can relink them
-with the library after making changes to the library and recompiling
-it. And you must show them these terms so they know their rights.
-
- We protect your rights with a two-step method: (1) we copyright the
-library, and (2) we offer you this license, which gives you legal
-permission to copy, distribute and/or modify the library.
-
- To protect each distributor, we want to make it very clear that
-there is no warranty for the free library. Also, if the library is
-modified by someone else and passed on, the recipients should know
-that what they have is not the original version, so that the original
-author's reputation will not be affected by problems that might be
-introduced by others.
-�
- Finally, software patents pose a constant threat to the existence of
-any free program. We wish to make sure that a company cannot
-effectively restrict the users of a free program by obtaining a
-restrictive license from a patent holder. Therefore, we insist that
-any patent license obtained for a version of the library must be
-consistent with the full freedom of use specified in this license.
-
- Most GNU software, including some libraries, is covered by the
-ordinary GNU General Public License. This license, the GNU Lesser
-General Public License, applies to certain designated libraries, and
-is quite different from the ordinary General Public License. We use
-this license for certain libraries in order to permit linking those
-libraries into non-free programs.
-
- When a program is linked with a library, whether statically or using
-a shared library, the combination of the two is legally speaking a
-combined work, a derivative of the original library. The ordinary
-General Public License therefore permits such linking only if the
-entire combination fits its criteria of freedom. The Lesser General
-Public License permits more lax criteria for linking other code with
-the library.
-
- We call this license the "Lesser" General Public License because it
-does Less to protect the user's freedom than the ordinary General
-Public License. It also provides other free software developers Less
-of an advantage over competing non-free programs. These disadvantages
-are the reason we use the ordinary General Public License for many
-libraries. However, the Lesser license provides advantages in certain
-special circumstances.
-
- For example, on rare occasions, there may be a special need to
-encourage the widest possible use of a certain library, so that it becomes
-a de-facto standard. To achieve this, non-free programs must be
-allowed to use the library. A more frequent case is that a free
-library does the same job as widely used non-free libraries. In this
-case, there is little to gain by limiting the free library to free
-software only, so we use the Lesser General Public License.
-
- In other cases, permission to use a particular library in non-free
-programs enables a greater number of people to use a large body of
-free software. For example, permission to use the GNU C Library in
-non-free programs enables many more people to use the whole GNU
-operating system, as well as its variant, the GNU/Linux operating
-system.
-
- Although the Lesser General Public License is Less protective of the
-users' freedom, it does ensure that the user of a program that is
-linked with the Library has the freedom and the wherewithal to run
-that program using a modified version of the Library.
-
- The precise terms and conditions for copying, distribution and
-modification follow. Pay close attention to the difference between a
-"work based on the library" and a "work that uses the library". The
-former contains code derived from the library, whereas the latter must
-be combined with the library in order to run.
-�
- GNU LESSER GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License Agreement applies to any software library or other
-program which contains a notice placed by the copyright holder or
-other authorized party saying it may be distributed under the terms of
-this Lesser General Public License (also called "this License").
-Each licensee is addressed as "you".
-
- A "library" means a collection of software functions and/or data
-prepared so as to be conveniently linked with application programs
-(which use some of those functions and data) to form executables.
-
- The "Library", below, refers to any such software library or work
-which has been distributed under these terms. A "work based on the
-Library" means either the Library or any derivative work under
-copyright law: that is to say, a work containing the Library or a
-portion of it, either verbatim or with modifications and/or translated
-straightforwardly into another language. (Hereinafter, translation is
-included without limitation in the term "modification".)
-
- "Source code" for a work means the preferred form of the work for
-making modifications to it. For a library, complete source code means
-all the source code for all modules it contains, plus any associated
-interface definition files, plus the scripts used to control compilation
-and installation of the library.
-
- Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running a program using the Library is not restricted, and output from
-such a program is covered only if its contents constitute a work based
-on the Library (independent of the use of the Library in a tool for
-writing it). Whether that is true depends on what the Library does
-and what the program that uses the Library does.
-
- 1. You may copy and distribute verbatim copies of the Library's
-complete source code as you receive it, in any medium, provided that
-you conspicuously and appropriately publish on each copy an
-appropriate copyright notice and disclaimer of warranty; keep intact
-all the notices that refer to this License and to the absence of any
-warranty; and distribute a copy of this License along with the
-Library.
-
- You may charge a fee for the physical act of transferring a copy,
-and you may at your option offer warranty protection in exchange for a
-fee.
-�
- 2. You may modify your copy or copies of the Library or any portion
-of it, thus forming a work based on the Library, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) The modified work must itself be a software library.
-
- b) You must cause the files modified to carry prominent notices
- stating that you changed the files and the date of any change.
-
- c) You must cause the whole of the work to be licensed at no
- charge to all third parties under the terms of this License.
-
- d) If a facility in the modified Library refers to a function or a
- table of data to be supplied by an application program that uses
- the facility, other than as an argument passed when the facility
- is invoked, then you must make a good faith effort to ensure that,
- in the event an application does not supply such function or
- table, the facility still operates, and performs whatever part of
- its purpose remains meaningful.
-
- (For example, a function in a library to compute square roots has
- a purpose that is entirely well-defined independent of the
- application. Therefore, Subsection 2d requires that any
- application-supplied function or table used by this function must
- be optional: if the application does not supply it, the square
- root function must still compute square roots.)
-
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Library,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Library, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote
-it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Library.
-
-In addition, mere aggregation of another work not based on the Library
-with the Library (or with a work based on the Library) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may opt to apply the terms of the ordinary GNU General Public
-License instead of this License to a given copy of the Library. To do
-this, you must alter all the notices that refer to this License, so
-that they refer to the ordinary GNU General Public License, version 2,
-instead of to this License. (If a newer version than version 2 of the
-ordinary GNU General Public License has appeared, then you can specify
-that version instead if you wish.) Do not make any other change in
-these notices.
-�
- Once this change is made in a given copy, it is irreversible for
-that copy, so the ordinary GNU General Public License applies to all
-subsequent copies and derivative works made from that copy.
-
- This option is useful when you wish to copy part of the code of
-the Library into a program that is not a library.
-
- 4. You may copy and distribute the Library (or a portion or
-derivative of it, under Section 2) in object code or executable form
-under the terms of Sections 1 and 2 above provided that you accompany
-it with the complete corresponding machine-readable source code, which
-must be distributed under the terms of Sections 1 and 2 above on a
-medium customarily used for software interchange.
-
- If distribution of object code is made by offering access to copy
-from a designated place, then offering equivalent access to copy the
-source code from the same place satisfies the requirement to
-distribute the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
- 5. A program that contains no derivative of any portion of the
-Library, but is designed to work with the Library by being compiled or
-linked with it, is called a "work that uses the Library". Such a
-work, in isolation, is not a derivative work of the Library, and
-therefore falls outside the scope of this License.
-
- However, linking a "work that uses the Library" with the Library
-creates an executable that is a derivative of the Library (because it
-contains portions of the Library), rather than a "work that uses the
-library". The executable is therefore covered by this License.
-Section 6 states terms for distribution of such executables.
-
- When a "work that uses the Library" uses material from a header file
-that is part of the Library, the object code for the work may be a
-derivative work of the Library even though the source code is not.
-Whether this is true is especially significant if the work can be
-linked without the Library, or if the work is itself a library. The
-threshold for this to be true is not precisely defined by law.
-
- If such an object file uses only numerical parameters, data
-structure layouts and accessors, and small macros and small inline
-functions (ten lines or less in length), then the use of the object
-file is unrestricted, regardless of whether it is legally a derivative
-work. (Executables containing this object code plus portions of the
-Library will still fall under Section 6.)
-
- Otherwise, if the work is a derivative of the Library, you may
-distribute the object code for the work under the terms of Section 6.
-Any executables containing that work also fall under Section 6,
-whether or not they are linked directly with the Library itself.
-�
- 6. As an exception to the Sections above, you may also combine or
-link a "work that uses the Library" with the Library to produce a
-work containing portions of the Library, and distribute that work
-under terms of your choice, provided that the terms permit
-modification of the work for the customer's own use and reverse
-engineering for debugging such modifications.
-
- You must give prominent notice with each copy of the work that the
-Library is used in it and that the Library and its use are covered by
-this License. You must supply a copy of this License. If the work
-during execution displays copyright notices, you must include the
-copyright notice for the Library among them, as well as a reference
-directing the user to the copy of this License. Also, you must do one
-of these things:
-
- a) Accompany the work with the complete corresponding
- machine-readable source code for the Library including whatever
- changes were used in the work (which must be distributed under
- Sections 1 and 2 above); and, if the work is an executable linked
- with the Library, with the complete machine-readable "work that
- uses the Library", as object code and/or source code, so that the
- user can modify the Library and then relink to produce a modified
- executable containing the modified Library. (It is understood
- that the user who changes the contents of definitions files in the
- Library will not necessarily be able to recompile the application
- to use the modified definitions.)
-
- b) Use a suitable shared library mechanism for linking with the
- Library. A suitable mechanism is one that (1) uses at run time a
- copy of the library already present on the user's computer system,
- rather than copying library functions into the executable, and (2)
- will operate properly with a modified version of the library, if
- the user installs one, as long as the modified version is
- interface-compatible with the version that the work was made with.
-
- c) Accompany the work with a written offer, valid for at
- least three years, to give the same user the materials
- specified in Subsection 6a, above, for a charge no more
- than the cost of performing this distribution.
-
- d) If distribution of the work is made by offering access to copy
- from a designated place, offer equivalent access to copy the above
- specified materials from the same place.
-
- e) Verify that the user has already received a copy of these
- materials or that you have already sent this user a copy.
-
- For an executable, the required form of the "work that uses the
-Library" must include any data and utility programs needed for
-reproducing the executable from it. However, as a special exception,
-the materials to be distributed need not include anything that is
-normally distributed (in either source or binary form) with the major
-components (compiler, kernel, and so on) of the operating system on
-which the executable runs, unless that component itself accompanies
-the executable.
-
- It may happen that this requirement contradicts the license
-restrictions of other proprietary libraries that do not normally
-accompany the operating system. Such a contradiction means you cannot
-use both them and the Library together in an executable that you
-distribute.
-�
- 7. You may place library facilities that are a work based on the
-Library side-by-side in a single library together with other library
-facilities not covered by this License, and distribute such a combined
-library, provided that the separate distribution of the work based on
-the Library and of the other library facilities is otherwise
-permitted, and provided that you do these two things:
-
- a) Accompany the combined library with a copy of the same work
- based on the Library, uncombined with any other library
- facilities. This must be distributed under the terms of the
- Sections above.
-
- b) Give prominent notice with the combined library of the fact
- that part of it is a work based on the Library, and explaining
- where to find the accompanying uncombined form of the same work.
-
- 8. You may not copy, modify, sublicense, link with, or distribute
-the Library except as expressly provided under this License. Any
-attempt otherwise to copy, modify, sublicense, link with, or
-distribute the Library is void, and will automatically terminate your
-rights under this License. However, parties who have received copies,
-or rights, from you under this License will not have their licenses
-terminated so long as such parties remain in full compliance.
-
- 9. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Library or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Library (or any work based on the
-Library), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Library or works based on it.
-
- 10. Each time you redistribute the Library (or any work based on the
-Library), the recipient automatically receives a license from the
-original licensor to copy, distribute, link with or modify the Library
-subject to these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties with
-this License.
-�
- 11. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Library at all. For example, if a patent
-license would not permit royalty-free redistribution of the Library by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Library.
-
-If any portion of this section is held invalid or unenforceable under any
-particular circumstance, the balance of the section is intended to apply,
-and the section as a whole is intended to apply in other circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
- 12. If the distribution and/or use of the Library is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Library under this License may add
-an explicit geographical distribution limitation excluding those countries,
-so that distribution is permitted only in or among countries not thus
-excluded. In such case, this License incorporates the limitation as if
-written in the body of this License.
-
- 13. The Free Software Foundation may publish revised and/or new
-versions of the Lesser General Public License from time to time.
-Such new versions will be similar in spirit to the present version,
-but may differ in detail to address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Library
-specifies a version number of this License which applies to it and
-"any later version", you have the option of following the terms and
-conditions either of that version or of any later version published by
-the Free Software Foundation. If the Library does not specify a
-license version number, you may choose any version ever published by
-the Free Software Foundation.
-�
- 14. If you wish to incorporate parts of the Library into other free
-programs whose distribution conditions are incompatible with these,
-write to the author to ask for permission. For software which is
-copyrighted by the Free Software Foundation, write to the Free
-Software Foundation; we sometimes make exceptions for this. Our
-decision will be guided by the two goals of preserving the free status
-of all derivatives of our free software and of promoting the sharing
-and reuse of software generally.
-
- NO WARRANTY
-
- 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
-WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
-EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
-OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
-KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
-LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
-THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
-WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
-AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
-FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
-CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
-LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
-RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
-FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
-SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGES.
-
- END OF TERMS AND CONDITIONS
-�
- How to Apply These Terms to Your New Libraries
-
- If you develop a new library, and you want it to be of the greatest
-possible use to the public, we recommend making it free software that
-everyone can redistribute and change. You can do so by permitting
-redistribution under these terms (or, alternatively, under the terms of the
-ordinary General Public License).
-
- To apply these terms, attach the following notices to the library. It is
-safest to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least the
-"copyright" line and a pointer to where the full notice is found.
-
-
- Copyright (C)
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-
-Also add information on how to contact you by electronic and paper mail.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the library, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the
- library `Frob' (a library for tweaking knobs) written by James Random Hacker.
-
- , 1 April 1990
- Ty Coon, President of Vice
-
-That's all there is to it!
-
diff --git a/README.md b/README.md
deleted file mode 100644
index f5d52a3..0000000
--- a/README.md
+++ /dev/null
@@ -1,66 +0,0 @@
-# libastal-auth
-This library provides a way for authentication using pam for the libastal suite.
-
-## Build from source
-### Dependencies
-
-- meson
-- glib
-- gobject-introspection
-- pam
-- vala (only required for the vapi option)
-
-### Meson options
-
-* `-Dintrospection` (default: `true`): build GObject Introspection data (needed for language bindings)
-* `-Dvapi` (default: `true`): build VAPI data (required to make this lib usable in vala). Requires `-Dintrospection=true`
-* `-Dexamples` (default: `false`): build examples
-
-```sh
-# Clone the repository
-git clone https://github.com/astal-sh/libastal-auth
-cd libastal-auth
-
-# Setup and build
-meson setup build
-meson compile -C build
-
-# Install
-meson install -C build
-```
-
-> [!NOTE]
-> on NixOS you will have to add `security.pam.services.astal-auth = {}` in `configuration.nix`
-
-## Usage
-This library can be used from any language supporting GObject Introspection.
-Have a look at the [examples](examples) for how it can be used in C and gjs.
-
-The authentication is done asynchronously in its own thread, therefore the GLib mainloop is required to run.
-This is already given in all gtk application, but has to be started manually in some cases like in the small examples in this repo.
-
-Until there are better docs, please refer to the [auth.h](include/auth.h) file for detailed usage.
-
-For simple authentication using only a password, using the `Pam.authenticate()` method is recommended.
-Look at the simple examples for how to use it.
-
-There is also a way to get access to the pam conversation, to allow for a more complex authentication process, like using multiple factor authentication.
-The full examples show how this can be achieved.
-Generally it can be used like this:
-
-1. create the Pam object.
-2. set username and service if so required. It has sane defaults, so in most cases you can skip this.
-3. connect to the signals
- - `auth-prompt-hidden`: is emitted when user input is required, and the input should be hidden (eg, passwords)
- - `auth-prompt-visible`: is emitted when user input is required, and the input should be visible (eg, OTP)
- - `auth-info`: an information message should be displayed (eg, tell the user to touch his security key)
- - `auth-error`: an error message should be displayed
- - `sucess`: emitted on successful authentication
- - `fail`: emitted on failed authentication
-
- all signals except the `success` signal have a string containing the message as a parameter.
- After an `auth-*` signal is emitted, it hs to be responded with exactly one `pam.supply_secret(secret)` call. The secret is a string containing the user input. For `auth-info` and `auth-error` it can be `NULL`.
- Not connecting those signals, is equivalent to calling `pam.supply_secret(NULL)` immediately after the signal is emitted.
-4. start authentication process using `Pam.start_authentication()`. This function will return whether the authentication was started or not.
-5. it is possible to reuse the same Pam object for multiple sequential authentication attempts. Just call `pam.start_authentication()` again after the `success` or `fail` signal was emitted.
-
diff --git a/auth/.gitignore b/auth/.gitignore
new file mode 100644
index 0000000..6bf41b5
--- /dev/null
+++ b/auth/.gitignore
@@ -0,0 +1,3 @@
+build/
+result/
+.cache/
diff --git a/auth/LICENSE b/auth/LICENSE
new file mode 100644
index 0000000..67cd97b
--- /dev/null
+++ b/auth/LICENSE
@@ -0,0 +1,503 @@
+ GNU LESSER GENERAL PUBLIC LICENSE
+ Version 2.1, February 1999
+
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the Lesser GPL. It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+ This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it. You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+ When we speak of free software, we are referring to freedom of use,
+not price. Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+ To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights. These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+ For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you. You must make sure that they, too, receive or can get the source
+code. If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it. And you must show them these terms so they know their rights.
+
+ We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+ To protect each distributor, we want to make it very clear that
+there is no warranty for the free library. Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+�
+ Finally, software patents pose a constant threat to the existence of
+any free program. We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder. Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+ Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License. This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License. We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+ When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library. The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom. The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+ We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License. It also provides other free software developers Less
+of an advantage over competing non-free programs. These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries. However, the Lesser license provides advantages in certain
+special circumstances.
+
+ For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard. To achieve this, non-free programs must be
+allowed to use the library. A more frequent case is that a free
+library does the same job as widely used non-free libraries. In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+ In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software. For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+ Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
+
+ The precise terms and conditions for copying, distribution and
+modification follow. Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library". The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+�
+ GNU LESSER GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+ A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+ The "Library", below, refers to any such software library or work
+which has been distributed under these terms. A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language. (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+ "Source code" for a work means the preferred form of the work for
+making modifications to it. For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+ Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it). Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+ 1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+ You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+�
+ 2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) The modified work must itself be a software library.
+
+ b) You must cause the files modified to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ c) You must cause the whole of the work to be licensed at no
+ charge to all third parties under the terms of this License.
+
+ d) If a facility in the modified Library refers to a function or a
+ table of data to be supplied by an application program that uses
+ the facility, other than as an argument passed when the facility
+ is invoked, then you must make a good faith effort to ensure that,
+ in the event an application does not supply such function or
+ table, the facility still operates, and performs whatever part of
+ its purpose remains meaningful.
+
+ (For example, a function in a library to compute square roots has
+ a purpose that is entirely well-defined independent of the
+ application. Therefore, Subsection 2d requires that any
+ application-supplied function or table used by this function must
+ be optional: if the application does not supply it, the square
+ root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library. To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License. (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.) Do not make any other change in
+these notices.
+�
+ Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+ This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+ 4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+ If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library". Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+ However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library". The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+ When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library. The
+threshold for this to be true is not precisely defined by law.
+
+ If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work. (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+ Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+�
+ 6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+ You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License. You must supply a copy of this License. If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License. Also, you must do one
+of these things:
+
+ a) Accompany the work with the complete corresponding
+ machine-readable source code for the Library including whatever
+ changes were used in the work (which must be distributed under
+ Sections 1 and 2 above); and, if the work is an executable linked
+ with the Library, with the complete machine-readable "work that
+ uses the Library", as object code and/or source code, so that the
+ user can modify the Library and then relink to produce a modified
+ executable containing the modified Library. (It is understood
+ that the user who changes the contents of definitions files in the
+ Library will not necessarily be able to recompile the application
+ to use the modified definitions.)
+
+ b) Use a suitable shared library mechanism for linking with the
+ Library. A suitable mechanism is one that (1) uses at run time a
+ copy of the library already present on the user's computer system,
+ rather than copying library functions into the executable, and (2)
+ will operate properly with a modified version of the library, if
+ the user installs one, as long as the modified version is
+ interface-compatible with the version that the work was made with.
+
+ c) Accompany the work with a written offer, valid for at
+ least three years, to give the same user the materials
+ specified in Subsection 6a, above, for a charge no more
+ than the cost of performing this distribution.
+
+ d) If distribution of the work is made by offering access to copy
+ from a designated place, offer equivalent access to copy the above
+ specified materials from the same place.
+
+ e) Verify that the user has already received a copy of these
+ materials or that you have already sent this user a copy.
+
+ For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it. However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+ It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system. Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+�
+ 7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+ a) Accompany the combined library with a copy of the same work
+ based on the Library, uncombined with any other library
+ facilities. This must be distributed under the terms of the
+ Sections above.
+
+ b) Give prominent notice with the combined library of the fact
+ that part of it is a work based on the Library, and explaining
+ where to find the accompanying uncombined form of the same work.
+
+ 8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License. Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License. However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+ 9. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Library or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+ 10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
+this License.
+�
+ 11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all. For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded. In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+ 13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation. If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+�
+ 14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission. For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this. Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+ NO WARRANTY
+
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+�
+ How to Apply These Terms to Your New Libraries
+
+ If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change. You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+ To apply these terms, attach the following notices to the library. It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+
+ Copyright (C)
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+ , 1 April 1990
+ Ty Coon, President of Vice
+
+That's all there is to it!
+
diff --git a/auth/README.md b/auth/README.md
new file mode 100644
index 0000000..f5d52a3
--- /dev/null
+++ b/auth/README.md
@@ -0,0 +1,66 @@
+# libastal-auth
+This library provides a way for authentication using pam for the libastal suite.
+
+## Build from source
+### Dependencies
+
+- meson
+- glib
+- gobject-introspection
+- pam
+- vala (only required for the vapi option)
+
+### Meson options
+
+* `-Dintrospection` (default: `true`): build GObject Introspection data (needed for language bindings)
+* `-Dvapi` (default: `true`): build VAPI data (required to make this lib usable in vala). Requires `-Dintrospection=true`
+* `-Dexamples` (default: `false`): build examples
+
+```sh
+# Clone the repository
+git clone https://github.com/astal-sh/libastal-auth
+cd libastal-auth
+
+# Setup and build
+meson setup build
+meson compile -C build
+
+# Install
+meson install -C build
+```
+
+> [!NOTE]
+> on NixOS you will have to add `security.pam.services.astal-auth = {}` in `configuration.nix`
+
+## Usage
+This library can be used from any language supporting GObject Introspection.
+Have a look at the [examples](examples) for how it can be used in C and gjs.
+
+The authentication is done asynchronously in its own thread, therefore the GLib mainloop is required to run.
+This is already given in all gtk application, but has to be started manually in some cases like in the small examples in this repo.
+
+Until there are better docs, please refer to the [auth.h](include/auth.h) file for detailed usage.
+
+For simple authentication using only a password, using the `Pam.authenticate()` method is recommended.
+Look at the simple examples for how to use it.
+
+There is also a way to get access to the pam conversation, to allow for a more complex authentication process, like using multiple factor authentication.
+The full examples show how this can be achieved.
+Generally it can be used like this:
+
+1. create the Pam object.
+2. set username and service if so required. It has sane defaults, so in most cases you can skip this.
+3. connect to the signals
+ - `auth-prompt-hidden`: is emitted when user input is required, and the input should be hidden (eg, passwords)
+ - `auth-prompt-visible`: is emitted when user input is required, and the input should be visible (eg, OTP)
+ - `auth-info`: an information message should be displayed (eg, tell the user to touch his security key)
+ - `auth-error`: an error message should be displayed
+ - `sucess`: emitted on successful authentication
+ - `fail`: emitted on failed authentication
+
+ all signals except the `success` signal have a string containing the message as a parameter.
+ After an `auth-*` signal is emitted, it hs to be responded with exactly one `pam.supply_secret(secret)` call. The secret is a string containing the user input. For `auth-info` and `auth-error` it can be `NULL`.
+ Not connecting those signals, is equivalent to calling `pam.supply_secret(NULL)` immediately after the signal is emitted.
+4. start authentication process using `Pam.start_authentication()`. This function will return whether the authentication was started or not.
+5. it is possible to reuse the same Pam object for multiple sequential authentication attempts. Just call `pam.start_authentication()` again after the `success` or `fail` signal was emitted.
+
diff --git a/auth/examples/full_example.c b/auth/examples/full_example.c
new file mode 100644
index 0000000..a20c02b
--- /dev/null
+++ b/auth/examples/full_example.c
@@ -0,0 +1,66 @@
+#include
+
+#include "astal-auth.h"
+
+GMainLoop *loop;
+
+static void authenticate(AstalAuthPam *pam) {
+ if (!astal_auth_pam_start_authenticate(pam)) {
+ g_print("could not start authentication process\n");
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+ }
+}
+
+static void on_visible(AstalAuthPam *pam, const gchar *data) {
+ gchar passbuf[1024];
+ readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_ON);
+ astal_auth_pam_supply_secret(pam, passbuf);
+}
+
+static void on_hidden(AstalAuthPam *pam, const gchar *data) {
+ gchar passbuf[1024];
+ readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_OFF);
+ astal_auth_pam_supply_secret(pam, passbuf);
+}
+
+static void on_info(AstalAuthPam *pam, const gchar *data) {
+ g_print("info: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_error(AstalAuthPam *pam, const gchar *data) {
+ g_print("error: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_success(AstalAuthPam *pam) {
+ g_print("success\n");
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+}
+
+static void on_fail(AstalAuthPam *pam, const gchar *data) {
+ g_print("fail: %s\n", data);
+ authenticate(pam);
+}
+
+int main(void) {
+ GMainContext *loopctx = NULL;
+
+ loop = g_main_loop_new(loopctx, FALSE);
+
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+
+ g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), NULL);
+ g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
+ g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
+
+ g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), NULL);
+
+ authenticate(pam);
+
+ g_main_loop_run(loop);
+}
diff --git a/auth/examples/full_example.js b/auth/examples/full_example.js
new file mode 100644
index 0000000..7359784
--- /dev/null
+++ b/auth/examples/full_example.js
@@ -0,0 +1,38 @@
+#!/usr/bin/env -S gjs -m
+
+import Auth from "gi://AstalAuth";
+import GLib from "gi://GLib";
+
+const loop = GLib.MainLoop.new(null, false);
+
+const pam = new Auth.Pam();
+pam.connect("auth-prompt-visible", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+pam.connect("auth-prompt-hidden", (p, msg) => {
+ print(msg);
+ p.supply_secret("password");
+});
+pam.connect("auth-info", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+pam.connect("auth-error", (p, msg) => {
+ print(msg);
+ p.supply_secret("");
+});
+
+pam.connect("success", p => {
+ print("authentication sucessful");
+ loop.quit();
+});
+pam.connect("fail", (p, msg) => {
+ print(msg);
+ loop.quit();
+});
+
+pam.start_authenticate();
+
+loop.runAsync()
+
diff --git a/auth/examples/meson.build b/auth/examples/meson.build
new file mode 100644
index 0000000..cf23d3f
--- /dev/null
+++ b/auth/examples/meson.build
@@ -0,0 +1,18 @@
+
+deps_example = [
+ dependency('gobject-2.0'),
+ dependency('libbsd'),
+ libastal_auth
+]
+
+astal_auth_full_exmple = executable(
+ 'astal_auth_full_example',
+ files('full_example.c'),
+ dependencies : deps_example,
+ install : false)
+
+astal_auth_simple_example = executable(
+ 'astal_auth_simple_example',
+ files('simple_example.c'),
+ dependencies : deps_example,
+ install : false)
diff --git a/auth/examples/simple_example.c b/auth/examples/simple_example.c
new file mode 100644
index 0000000..d00bad2
--- /dev/null
+++ b/auth/examples/simple_example.c
@@ -0,0 +1,31 @@
+#include
+
+#include "astal-auth.h"
+
+GMainLoop *loop;
+
+void ready_callback(AstalAuthPam *pam, GAsyncResult *res, gpointer user_data) {
+ GError *error = NULL;
+ astal_auth_pam_authenticate_finish(res, &error);
+ if (error == NULL) {
+ g_print("success\n");
+ } else {
+ g_print("failure: %s\n", error->message);
+ g_error_free(error);
+ }
+
+ g_main_loop_quit(loop);
+}
+
+int main(void) {
+ GMainContext *loopctx = NULL;
+ loop = g_main_loop_new(loopctx, FALSE);
+
+ gchar *passbuf = calloc(1024, sizeof(gchar));
+ readpassphrase("Password: ", passbuf, 1024, RPP_ECHO_OFF);
+ astal_auth_pam_authenticate(passbuf, (GAsyncReadyCallback)ready_callback, NULL);
+ g_free(passbuf);
+
+ g_main_loop_run(loop);
+ exit(EXIT_SUCCESS);
+}
diff --git a/auth/examples/simple_example.js b/auth/examples/simple_example.js
new file mode 100644
index 0000000..2bf38c1
--- /dev/null
+++ b/auth/examples/simple_example.js
@@ -0,0 +1,9 @@
+#!/usr/bin/env -S gjs -m
+import Auth from "gi://AstalAuth";
+import Gio from "gi://Gio";
+
+Gio._promisify(Auth.Pam, "authenticate");
+
+await Auth.Pam.authenticate("password")
+ .then(_ => print("authentication sucessful"))
+ .catch(logError);
\ No newline at end of file
diff --git a/auth/flake.lock b/auth/flake.lock
new file mode 100644
index 0000000..13f566b
--- /dev/null
+++ b/auth/flake.lock
@@ -0,0 +1,27 @@
+{
+ "nodes": {
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1716137900,
+ "narHash": "sha256-sowPU+tLQv8GlqtVtsXioTKeaQvlMz/pefcdwg8MvfM=",
+ "owner": "nixos",
+ "repo": "nixpkgs",
+ "rev": "6c0b7a92c30122196a761b440ac0d46d3d9954f1",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nixos",
+ "ref": "nixos-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "root": {
+ "inputs": {
+ "nixpkgs": "nixpkgs"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
diff --git a/auth/flake.nix b/auth/flake.nix
new file mode 100644
index 0000000..39b0289
--- /dev/null
+++ b/auth/flake.nix
@@ -0,0 +1,42 @@
+{
+ description = "Authentication library and cli tool";
+
+ inputs.nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
+
+ outputs = { self, nixpkgs }:
+ let
+ version = builtins.replaceStrings ["\n"] [""] (builtins.readFile ./version);
+ system = "x86_64-linux";
+ pkgs = import nixpkgs { inherit system; };
+
+ nativeBuildInputs = with pkgs; [
+ gobject-introspection
+ meson
+ pkg-config
+ ninja
+ vala
+ ];
+
+ buildInputs = with pkgs; [
+ glib
+ pam
+ ];
+ in {
+ packages.${system} = rec {
+ default = auth;
+ auth = pkgs.stdenv.mkDerivation {
+ inherit nativeBuildInputs buildInputs;
+ pname = "astal-auth";
+ version = version;
+ src = ./.;
+ outputs = ["out" "dev"];
+ };
+ };
+
+ devShells.${system} = {
+ default = pkgs.mkShell {
+ inherit nativeBuildInputs buildInputs;
+ };
+ };
+ };
+}
diff --git a/auth/include/astal-auth.h b/auth/include/astal-auth.h
new file mode 100644
index 0000000..a3073ff
--- /dev/null
+++ b/auth/include/astal-auth.h
@@ -0,0 +1,32 @@
+#ifndef ASTAL_AUTH_PAM_H
+#define ASTAL_AUTH_PAM_H
+
+#include
+#include
+
+G_BEGIN_DECLS
+
+#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
+
+G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
+
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
+
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
+
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
+
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
+
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
+
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
+
+gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
+ gpointer user_data);
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error);
+
+G_END_DECLS
+
+#endif // !ASTAL_AUTH_PAM_H
diff --git a/auth/include/meson.build b/auth/include/meson.build
new file mode 100644
index 0000000..0575998
--- /dev/null
+++ b/auth/include/meson.build
@@ -0,0 +1,4 @@
+astal_auth_inc = include_directories('.')
+astal_auth_headers = files('astal-auth.h')
+
+install_headers('astal-auth.h')
diff --git a/auth/meson.build b/auth/meson.build
new file mode 100644
index 0000000..e9facb1
--- /dev/null
+++ b/auth/meson.build
@@ -0,0 +1,33 @@
+project('astal_auth',
+ 'c',
+ version : run_command('cat', join_paths(meson.project_source_root(), 'version')).stdout().strip(),
+ default_options : [
+ 'c_std=gnu11',
+ 'warning_level=3',
+ 'prefix=/usr'
+ ]
+)
+
+add_project_arguments(
+ ['-Wno-pedantic'],
+ language : 'c')
+
+version_split = meson.project_version().split('.')
+lib_so_version = version_split[0] + '.' + version_split[1]
+
+pkg_config = import('pkgconfig')
+gnome = import('gnome')
+
+subdir('include')
+subdir('src')
+
+
+if get_option('examples')
+ subdir('examples')
+endif
+
+
+install_data(
+ 'pam/astal-auth',
+ install_dir : get_option('sysconfdir') / 'pam.d'
+)
diff --git a/auth/meson_options.txt b/auth/meson_options.txt
new file mode 100644
index 0000000..e28447e
--- /dev/null
+++ b/auth/meson_options.txt
@@ -0,0 +1,3 @@
+option('examples', type : 'boolean', value : false, description : 'Build example applications')
+option('introspection', type : 'boolean', value : true, description : 'Build gobject-introspection data')
+option('vapi', type : 'boolean', value : true, description : 'Generate vapi data (needs vapigen & introspection option)')
diff --git a/auth/pam/astal-auth b/auth/pam/astal-auth
new file mode 100644
index 0000000..41f79d7
--- /dev/null
+++ b/auth/pam/astal-auth
@@ -0,0 +1,5 @@
+# PAM configuration file for the astal-auth library.
+# By default, it only includes the 'login'
+# configuration file (see /etc/pam.d/login)
+
+auth include login
diff --git a/auth/src/astal-auth.c b/auth/src/astal-auth.c
new file mode 100644
index 0000000..1ac2bd7
--- /dev/null
+++ b/auth/src/astal-auth.c
@@ -0,0 +1,153 @@
+#include "astal-auth.h"
+
+#include
+#include
+#include
+
+GMainLoop *loop;
+
+static void cleanup_and_quit(AstalAuthPam *pam, int status) {
+ g_object_unref(pam);
+ g_main_loop_quit(loop);
+ exit(status);
+}
+
+static char *read_secret(const char *msg, gboolean echo) {
+ struct termios oldt, newt;
+ char *password = NULL;
+ size_t size = 0;
+ ssize_t len;
+
+ if (tcgetattr(STDIN_FILENO, &oldt) != 0) {
+ return NULL;
+ }
+ newt = oldt;
+ if (echo) {
+ newt.c_lflag |= ECHO;
+ } else {
+ newt.c_lflag &= ~(ECHO);
+ }
+ if (tcsetattr(STDIN_FILENO, TCSANOW, &newt) != 0) {
+ return NULL;
+ }
+ g_print("%s", msg);
+ if ((len = getline(&password, &size, stdin)) == -1) {
+ g_free(password);
+ return NULL;
+ }
+
+ if (password[len - 1] == '\n') {
+ password[len - 1] = '\0';
+ }
+
+ printf("\n");
+
+ if (tcsetattr(STDIN_FILENO, TCSANOW, &oldt) != 0) {
+ return NULL;
+ }
+
+ return password;
+}
+
+static void authenticate(AstalAuthPam *pam) {
+ static int attempts = 0;
+ if (attempts >= 3) {
+ g_print("%d failed attempts.\n", attempts);
+ cleanup_and_quit(pam, EXIT_FAILURE);
+ }
+ if (!astal_auth_pam_start_authenticate(pam)) {
+ g_print("could not start authentication process\n");
+ cleanup_and_quit(pam, EXIT_FAILURE);
+ }
+ attempts++;
+}
+
+static void on_visible(AstalAuthPam *pam, const gchar *data) {
+ char *secret = read_secret(data, TRUE);
+ if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
+ astal_auth_pam_supply_secret(pam, secret);
+ g_free(secret);
+}
+
+static void on_hidden(AstalAuthPam *pam, const gchar *data, gchar *secret) {
+ if (!secret) secret = read_secret(data, FALSE);
+ if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
+ astal_auth_pam_supply_secret(pam, secret);
+ g_free(secret);
+}
+
+static void on_info(AstalAuthPam *pam, const gchar *data) {
+ g_print("info: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_error(AstalAuthPam *pam, const gchar *data) {
+ g_print("error: %s\n", data);
+ astal_auth_pam_supply_secret(pam, NULL);
+}
+
+static void on_success(AstalAuthPam *pam) {
+ g_print("Authentication successful\n");
+ cleanup_and_quit(pam, EXIT_SUCCESS);
+}
+
+static void on_fail(AstalAuthPam *pam, const gchar *data, gboolean retry) {
+ g_print("%s\n", data);
+ if (retry)
+ authenticate(pam);
+ else
+ cleanup_and_quit(pam, EXIT_FAILURE);
+}
+
+int main(int argc, char **argv) {
+ char *password = NULL;
+ char *username = NULL;
+ char *service = NULL;
+
+ int opt;
+ const char *optstring = "p:u:s:";
+
+ static struct option long_options[] = {{"password", required_argument, NULL, 'p'},
+ {"username", required_argument, NULL, 'u'},
+ {"service", required_argument, NULL, 's'},
+ {NULL, 0, NULL, 0}};
+
+ while ((opt = getopt_long(argc, argv, optstring, long_options, NULL)) != -1) {
+ switch (opt) {
+ case 'p':
+ password = optarg;
+ break;
+ case 'u':
+ username = optarg;
+ break;
+ case 's':
+ service = optarg;
+ break;
+ default:
+ g_print("Usage: %s [-p password] [-u username] [-s service]\n", argv[0]);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ loop = g_main_loop_new(NULL, FALSE);
+
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+
+ if (username) astal_auth_pam_set_username(pam, username);
+ if (service) astal_auth_pam_set_service(pam, service);
+ if (password) {
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)FALSE);
+ } else {
+ g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
+ g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
+ g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
+ g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)TRUE);
+ }
+
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), g_strdup(password));
+ g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
+
+ authenticate(pam);
+
+ g_main_loop_run(loop);
+}
diff --git a/auth/src/meson.build b/auth/src/meson.build
new file mode 100644
index 0000000..6a34ae0
--- /dev/null
+++ b/auth/src/meson.build
@@ -0,0 +1,65 @@
+srcs = files(
+ 'pam.c',
+)
+
+deps = [
+ dependency('gobject-2.0'),
+ dependency('gio-2.0'),
+ dependency('pam')
+]
+
+astal_auth_lib = library(
+ 'astal-auth',
+ sources : srcs,
+ include_directories : astal_auth_inc,
+ dependencies : deps,
+ version : meson.project_version(),
+ install : true
+)
+
+libastal_auth = declare_dependency(
+ link_with : astal_auth_lib,
+ include_directories : astal_auth_inc)
+
+astal_auth_executable = executable(
+ 'astal-auth',
+ files('astal-auth.c'),
+ dependencies : [
+ dependency('gobject-2.0'),
+ libastal_auth
+ ],
+ install : true)
+
+pkg_config_name = 'astal-auth-' + lib_so_version
+
+if get_option('introspection')
+ gir = gnome.generate_gir(
+ astal_auth_lib,
+ sources : srcs + astal_auth_headers,
+ nsversion : '0.1',
+ namespace : 'AstalAuth',
+ symbol_prefix : 'astal_auth',
+ identifier_prefix : 'AstalAuth',
+ includes : ['GObject-2.0', 'Gio-2.0'],
+ header : 'astal-auth.h',
+ export_packages : pkg_config_name,
+ install : true
+ )
+
+ if get_option('vapi')
+ gnome.generate_vapi(
+ pkg_config_name,
+ sources : [gir[0]],
+ packages : ['gobject-2.0', 'gio-2.0'],
+ install : true)
+ endif
+endif
+
+pkg_config.generate(
+ name : 'astal-auth',
+ version : meson.project_version(),
+ libraries : [astal_auth_lib],
+ filebase : pkg_config_name,
+ subdirs : 'astal',
+ description : 'astal authentication module',
+ url : 'https://github.com/astal-sh/auth')
diff --git a/auth/src/pam.c b/auth/src/pam.c
new file mode 100644
index 0000000..d0afec4
--- /dev/null
+++ b/auth/src/pam.c
@@ -0,0 +1,524 @@
+#include
+#include
+#include
+
+#include "astal-auth.h"
+
+struct _AstalAuthPam {
+ GObject parent_instance;
+
+ gchar *username;
+ gchar *service;
+};
+
+typedef struct {
+ GTask *task;
+ GMainContext *context;
+ GMutex data_mutex;
+ GCond data_cond;
+
+ gchar *secret;
+ gboolean secret_set;
+} AstalAuthPamPrivate;
+
+typedef struct {
+ AstalAuthPam *pam;
+ guint signal_id;
+ gchar *msg;
+} AstalAuthPamSignalEmitData;
+
+static void astal_auth_pam_signal_emit_data_free(AstalAuthPamSignalEmitData *data) {
+ g_free(data->msg);
+ g_free(data);
+}
+
+typedef enum {
+ ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE,
+ ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN,
+ ASTAL_AUTH_PAM_SIGNAL_INFO,
+ ASTAL_AUTH_PAM_SIGNAL_ERROR,
+ ASTAL_AUTH_PAM_SIGNAL_SUCCESS,
+ ASTAL_AUTH_PAM_SIGNAL_FAIL,
+ ASTAL_AUTH_PAM_N_SIGNALS
+} AstalAuthPamSignals;
+
+typedef enum {
+ ASTAL_AUTH_PAM_PROP_USERNAME = 1,
+ ASTAL_AUTH_PAM_PROP_SERVICE,
+ ASTAL_AUTH_PAM_N_PROPERTIES
+} AstalAuthPamProperties;
+
+static guint astal_auth_pam_signals[ASTAL_AUTH_PAM_N_SIGNALS] = {
+ 0,
+};
+static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {
+ NULL,
+};
+
+G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
+
+/**
+ *
+ * AstalAuthPam
+ *
+ * For simple authentication using only a password, using the [func@AstalAuth.Pam.authenticate]
+ * method is recommended. Look at the simple examples for how to use it.
+ *
+ * There is also a way to get access to the pam conversation, to allow for a more complex
+ * authentication process, like using multiple factor authentication. Generally it can be used like
+ * this:
+ *
+ * 1. create the Pam object.
+ * 2. set username and service if so required. It has sane defaults, so in most cases you can skip
+ * this.
+ * 3. connect to the signals.
+ * After an `auth-*` signal is emitted, it has to be responded with exactly one
+ * [method@AstalAuth.Pam.supply_secret] call. The secret is a string containing the user input. For
+ * [auth-info][signal@AstalAuth.Pam::auth-info:] and [auth-error][signal@AstalAuth.Pam::auth-error:]
+ * it should be `NULL`. Not connecting those signals, is equivalent to calling
+ * [method@AstalAuth.Pam.supply_secret] with `NULL` immediately after the signal is emitted.
+ * 4. start authentication process using [method@AstalAuth.Pam.start_authenticate].
+ * 5. it is possible to reuse the same Pam object for multiple sequential authentication attempts.
+ * Just call [method@AstalAuth.Pam.start_authenticate] again after the `success` or `fail` signal
+ * was emitted.
+ *
+ */
+
+/**
+ * astal_auth_pam_set_username
+ * @self: a AstalAuthPam object
+ * @username: the new username
+ *
+ * Sets the username to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to the owner of the process.
+ *
+ */
+void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ g_return_if_fail(username != NULL);
+
+ g_free(self->username);
+ self->username = g_strdup(username);
+ g_object_notify(G_OBJECT(self), "username");
+}
+
+/**
+ * astal_auth_pam_supply_secret
+ * @self: a AstalAuthPam Object
+ * @secret: (nullable): the secret to be provided to pam. Can be NULL.
+ *
+ * provides pam with a secret. This method must be called exactly once after a
+ * auth-* signal is emitted.
+ */
+void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ g_mutex_lock(&priv->data_mutex);
+ g_free(priv->secret);
+ priv->secret = g_strdup(secret);
+ priv->secret_set = TRUE;
+ g_cond_signal(&priv->data_cond);
+ g_mutex_unlock(&priv->data_mutex);
+}
+
+/**
+ * astal_auth_pam_set_service
+ * @self: a AstalAuthPam object
+ * @service: the pam service used for authentication
+ *
+ * Sets the service to be used for authentication. This must be set to
+ * before calling start_authenticate.
+ * Changing it afterwards has no effect on the authentication process.
+ *
+ * Defaults to `astal-auth`.
+ *
+ */
+void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
+ g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
+ g_return_if_fail(service != NULL);
+
+ g_free(self->service);
+ self->service = g_strdup(service);
+ g_object_notify(G_OBJECT(self), "service");
+}
+
+/**
+ * astal_auth_pam_get_username
+ * @self: a AstalAuthPam object
+ *
+ * Fetches the username from AsalAuthPam object.
+ *
+ * Returns: the username of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+
+const gchar *astal_auth_pam_get_username(AstalAuthPam *self) {
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
+ return self->username;
+}
+
+/**
+ * astal_auth_pam_get_service
+ * @self: a AstalAuthPam
+ *
+ * Fetches the service from AsalAuthPam object.
+ *
+ * Returns: the service of the AsalAuthPam object. This string is
+ * owned by the object and must not be modified or freed.
+ */
+const gchar *astal_auth_pam_get_service(AstalAuthPam *self) {
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
+ return self->service;
+}
+
+static void astal_auth_pam_set_property(GObject *object, guint property_id, const GValue *value,
+ GParamSpec *pspec) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+
+ switch (property_id) {
+ case ASTAL_AUTH_PAM_PROP_USERNAME:
+ astal_auth_pam_set_username(self, g_value_get_string(value));
+ break;
+ case ASTAL_AUTH_PAM_PROP_SERVICE:
+ astal_auth_pam_set_service(self, g_value_get_string(value));
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
+ break;
+ }
+}
+
+static void astal_auth_pam_get_property(GObject *object, guint property_id, GValue *value,
+ GParamSpec *pspec) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+
+ switch (property_id) {
+ case ASTAL_AUTH_PAM_PROP_USERNAME:
+ g_value_set_string(value, self->username);
+ break;
+ case ASTAL_AUTH_PAM_PROP_SERVICE:
+ g_value_set_string(value, self->service);
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
+ break;
+ }
+}
+
+static void astal_auth_pam_callback(GObject *object, GAsyncResult *res, gpointer user_data) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(object);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ GTask *task = g_steal_pointer(&priv->task);
+
+ GError *error = NULL;
+ g_task_propagate_int(task, &error);
+
+ if (error == NULL) {
+ g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS], 0);
+ } else {
+ g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL], 0, error->message);
+ g_error_free(error);
+ }
+ g_object_unref(task);
+}
+
+static gboolean astal_auth_pam_emit_signal_in_context(gpointer user_data) {
+ AstalAuthPamSignalEmitData *data = user_data;
+ g_signal_emit(data->pam, data->signal_id, 0, data->msg);
+ return G_SOURCE_REMOVE;
+}
+
+static void astal_auth_pam_emit_signal(AstalAuthPam *pam, guint signal, const gchar *msg) {
+ GSource *emit_source;
+ AstalAuthPamSignalEmitData *data;
+
+ data = g_new0(AstalAuthPamSignalEmitData, 1);
+ data->pam = pam;
+ data->signal_id = astal_auth_pam_signals[signal];
+ data->msg = g_strdup(msg);
+
+ emit_source = g_idle_source_new();
+ g_source_set_callback(emit_source, astal_auth_pam_emit_signal_in_context, data,
+ (GDestroyNotify)astal_auth_pam_signal_emit_data_free);
+ g_source_set_priority(emit_source, G_PRIORITY_DEFAULT);
+ g_source_attach(emit_source,
+ ((AstalAuthPamPrivate *)astal_auth_pam_get_instance_private(pam))->context);
+ g_source_unref(emit_source);
+}
+
+int astal_auth_pam_handle_conversation(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr) {
+ AstalAuthPam *self = appdata_ptr;
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ struct pam_response *replies = NULL;
+ if (num_msg <= 0 || num_msg > PAM_MAX_NUM_MSG) {
+ return PAM_CONV_ERR;
+ }
+ replies = (struct pam_response *)calloc(num_msg, sizeof(struct pam_response));
+ if (replies == NULL) {
+ return PAM_BUF_ERR;
+ }
+ for (int i = 0; i < num_msg; ++i) {
+ guint signal;
+ switch (msg[i]->msg_style) {
+ case PAM_PROMPT_ECHO_OFF:
+ signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN;
+ break;
+ case PAM_PROMPT_ECHO_ON:
+ signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE;
+ break;
+ case PAM_ERROR_MSG:
+ signal = ASTAL_AUTH_PAM_SIGNAL_ERROR;
+ ;
+ break;
+ case PAM_TEXT_INFO:
+ signal = ASTAL_AUTH_PAM_SIGNAL_INFO;
+ break;
+ default:
+ g_free(replies);
+ return PAM_CONV_ERR;
+ break;
+ }
+ guint signal_id = astal_auth_pam_signals[signal];
+ if (g_signal_has_handler_pending(self, signal_id, 0, FALSE)) {
+ astal_auth_pam_emit_signal(self, signal, msg[i]->msg);
+ g_mutex_lock(&priv->data_mutex);
+ while (!priv->secret_set) {
+ g_cond_wait(&priv->data_cond, &priv->data_mutex);
+ }
+ replies[i].resp_retcode = 0;
+ replies[i].resp = g_strdup(priv->secret);
+ g_free(priv->secret);
+ priv->secret = NULL;
+ priv->secret_set = FALSE;
+ g_mutex_unlock(&priv->data_mutex);
+ }
+ }
+ *resp = replies;
+ return PAM_SUCCESS;
+}
+
+static void astal_auth_pam_thread(GTask *task, gpointer object, gpointer task_data,
+ GCancellable *cancellable) {
+ AstalAuthPam *self = g_task_get_source_object(task);
+
+ pam_handle_t *pamh = NULL;
+ const struct pam_conv conv = {
+ .conv = astal_auth_pam_handle_conversation,
+ .appdata_ptr = self,
+ };
+
+ int retval;
+ retval = pam_start(self->service, self->username, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_authenticate(pamh, 0);
+ pam_end(pamh, retval);
+ }
+ if (retval != PAM_SUCCESS) {
+ g_task_return_new_error(task, G_IO_ERROR, G_IO_ERROR_FAILED, "%s",
+ pam_strerror(pamh, retval));
+ } else {
+ g_task_return_int(task, retval);
+ }
+}
+
+gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
+ GAsyncReadyCallback result_callback,
+ gpointer user_data) {
+ g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), FALSE);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+ g_return_val_if_fail(priv->task == NULL, FALSE);
+
+ priv->task = g_task_new(self, NULL, result_callback, user_data);
+ g_task_set_priority(priv->task, 0);
+ g_task_set_name(priv->task, "[AstalAuth] authenticate");
+ g_task_run_in_thread(priv->task, astal_auth_pam_thread);
+
+ return TRUE;
+}
+
+/**
+ * astal_auth_pam_start_authenticate:
+ * @self: a AstalAuthPam Object
+ *
+ * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
+ * Note that this will cancel an already running authentication process
+ * associated with this AstalAuthPam object.
+ */
+gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self) {
+ return astal_auth_pam_start_authenticate_with_callback(
+ self, (GAsyncReadyCallback)astal_auth_pam_callback, NULL);
+}
+
+static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar *password) {
+ astal_auth_pam_supply_secret(pam, password);
+ g_free(password);
+}
+
+/**
+ * astal_auth_pam_authenticate:
+ * @password: the password to be authenticated
+ * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
+ * to call when the request is satisfied
+ * @user_data: the data to pass to callback function
+ *
+ * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
+ * system.
+ */
+gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
+ gpointer user_data) {
+ AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
+ g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(astal_auth_pam_on_hidden),
+ (void *)g_strdup(password));
+
+ gboolean started =
+ astal_auth_pam_start_authenticate_with_callback(pam, result_callback, user_data);
+ g_object_unref(pam);
+ return started;
+}
+
+gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error) {
+ return g_task_propagate_int(G_TASK(res), error);
+}
+
+static void astal_auth_pam_init(AstalAuthPam *self) {
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ priv->secret = NULL;
+
+ g_cond_init(&priv->data_cond);
+ g_mutex_init(&priv->data_mutex);
+
+ priv->context = g_main_context_get_thread_default();
+}
+
+static void astal_auth_pam_finalize(GObject *gobject) {
+ AstalAuthPam *self = ASTAL_AUTH_PAM(gobject);
+ AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
+
+ g_free(self->username);
+ g_free(self->service);
+
+ g_free(priv->secret);
+
+ g_cond_clear(&priv->data_cond);
+ g_mutex_clear(&priv->data_mutex);
+
+ G_OBJECT_CLASS(astal_auth_pam_parent_class)->finalize(gobject);
+}
+
+static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
+ GObjectClass *object_class = G_OBJECT_CLASS(class);
+
+ object_class->get_property = astal_auth_pam_get_property;
+ object_class->set_property = astal_auth_pam_set_property;
+
+ object_class->finalize = astal_auth_pam_finalize;
+
+ struct passwd *passwd = getpwuid(getuid());
+
+ /**
+ * AstalAuthPam:username:
+ *
+ * The username used for authentication.
+ * Changing the value of this property has no affect on an already started authentication
+ * process.
+ *
+ * Defaults to the user that owns this process.
+ */
+ astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_USERNAME] =
+ g_param_spec_string("username", "username", "username used for authentication",
+ passwd->pw_name, G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+ /**
+ * AstalAuthPam:service:
+ *
+ * The pam service used for authentication.
+ * Changing the value of this property has no affect on an already started authentication
+ * process.
+ *
+ * Defaults to the astal-auth pam service.
+ */
+ astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_SERVICE] =
+ g_param_spec_string("service", "service", "the pam service to use", "astal-auth",
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+
+ g_object_class_install_properties(object_class, ASTAL_AUTH_PAM_N_PROPERTIES,
+ astal_auth_pam_properties);
+ /**
+ * AstalAuthPam::auth-prompt-visible:
+ * @pam: the object which received the signal.
+ * @msg: the prompt to be shown to the user
+ *
+ * This signal is emitted when user input is required. The input should be visible
+ * when entered (e.g., for One-Time Passwords (OTP)).
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] =
+ g_signal_new("auth-prompt-visible", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
+ NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+ /**
+ * AstalAuthPam::auth-prompt-hidden:
+ * @pam: the object which received the signal.
+ * @msg: the prompt to be shown to the user
+ *
+ * This signal is emitted when user input is required. The input should be hidden
+ * when entered (e.g., for passwords).
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] =
+ g_signal_new("auth-prompt-hidden", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
+ NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+ /**
+ * AstalAuthPam::auth-info:
+ * @pam: the object which received the signal.
+ * @msg: the info mssage to be shown to the user
+ *
+ * This signal is emitted when the user should receive an information (e.g., tell the user to
+ * touch a security key, or the remaining time pam has been locked after multiple failed
+ * attempts)
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] =
+ g_signal_new("auth-info", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1, G_TYPE_STRING);
+ /**
+ * AstalAuthPam::auth-error:
+ * @pam: the object which received the signal.
+ * @msg: the error message
+ *
+ * This signal is emitted when an authentication error has occured.
+ *
+ * This signal has to be matched with exaclty one supply_secret call.
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] =
+ g_signal_new("auth-error", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL,
+ NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
+ /**
+ * AstalAuthPam::success:
+ * @pam: the object which received the signal.
+ *
+ * This signal is emitted after successful authentication
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] =
+ g_signal_new("success", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 0);
+ /**
+ * AstalAuthPam::fail:
+ * @pam: the object which received the signal.
+ * @msg: the authentication failure message
+ *
+ * This signal is emitted when authentication failed.
+ */
+ astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] =
+ g_signal_new("fail", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1, G_TYPE_STRING);
+}
diff --git a/auth/version b/auth/version
new file mode 100644
index 0000000..6e8bf73
--- /dev/null
+++ b/auth/version
@@ -0,0 +1 @@
+0.1.0
diff --git a/examples/full_example.c b/examples/full_example.c
deleted file mode 100644
index a20c02b..0000000
--- a/examples/full_example.c
+++ /dev/null
@@ -1,66 +0,0 @@
-#include
-
-#include "astal-auth.h"
-
-GMainLoop *loop;
-
-static void authenticate(AstalAuthPam *pam) {
- if (!astal_auth_pam_start_authenticate(pam)) {
- g_print("could not start authentication process\n");
- g_object_unref(pam);
- g_main_loop_quit(loop);
- }
-}
-
-static void on_visible(AstalAuthPam *pam, const gchar *data) {
- gchar passbuf[1024];
- readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_ON);
- astal_auth_pam_supply_secret(pam, passbuf);
-}
-
-static void on_hidden(AstalAuthPam *pam, const gchar *data) {
- gchar passbuf[1024];
- readpassphrase(data, passbuf, sizeof(passbuf), RPP_ECHO_OFF);
- astal_auth_pam_supply_secret(pam, passbuf);
-}
-
-static void on_info(AstalAuthPam *pam, const gchar *data) {
- g_print("info: %s\n", data);
- astal_auth_pam_supply_secret(pam, NULL);
-}
-
-static void on_error(AstalAuthPam *pam, const gchar *data) {
- g_print("error: %s\n", data);
- astal_auth_pam_supply_secret(pam, NULL);
-}
-
-static void on_success(AstalAuthPam *pam) {
- g_print("success\n");
- g_object_unref(pam);
- g_main_loop_quit(loop);
-}
-
-static void on_fail(AstalAuthPam *pam, const gchar *data) {
- g_print("fail: %s\n", data);
- authenticate(pam);
-}
-
-int main(void) {
- GMainContext *loopctx = NULL;
-
- loop = g_main_loop_new(loopctx, FALSE);
-
- AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
-
- g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
- g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), NULL);
- g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
- g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
-
- g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
- g_signal_connect(pam, "fail", G_CALLBACK(on_fail), NULL);
-
- authenticate(pam);
-
- g_main_loop_run(loop);
-}
diff --git a/examples/full_example.js b/examples/full_example.js
deleted file mode 100644
index 7359784..0000000
--- a/examples/full_example.js
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/env -S gjs -m
-
-import Auth from "gi://AstalAuth";
-import GLib from "gi://GLib";
-
-const loop = GLib.MainLoop.new(null, false);
-
-const pam = new Auth.Pam();
-pam.connect("auth-prompt-visible", (p, msg) => {
- print(msg);
- p.supply_secret("");
-});
-pam.connect("auth-prompt-hidden", (p, msg) => {
- print(msg);
- p.supply_secret("password");
-});
-pam.connect("auth-info", (p, msg) => {
- print(msg);
- p.supply_secret("");
-});
-pam.connect("auth-error", (p, msg) => {
- print(msg);
- p.supply_secret("");
-});
-
-pam.connect("success", p => {
- print("authentication sucessful");
- loop.quit();
-});
-pam.connect("fail", (p, msg) => {
- print(msg);
- loop.quit();
-});
-
-pam.start_authenticate();
-
-loop.runAsync()
-
diff --git a/examples/meson.build b/examples/meson.build
deleted file mode 100644
index cf23d3f..0000000
--- a/examples/meson.build
+++ /dev/null
@@ -1,18 +0,0 @@
-
-deps_example = [
- dependency('gobject-2.0'),
- dependency('libbsd'),
- libastal_auth
-]
-
-astal_auth_full_exmple = executable(
- 'astal_auth_full_example',
- files('full_example.c'),
- dependencies : deps_example,
- install : false)
-
-astal_auth_simple_example = executable(
- 'astal_auth_simple_example',
- files('simple_example.c'),
- dependencies : deps_example,
- install : false)
diff --git a/examples/simple_example.c b/examples/simple_example.c
deleted file mode 100644
index d00bad2..0000000
--- a/examples/simple_example.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include
-
-#include "astal-auth.h"
-
-GMainLoop *loop;
-
-void ready_callback(AstalAuthPam *pam, GAsyncResult *res, gpointer user_data) {
- GError *error = NULL;
- astal_auth_pam_authenticate_finish(res, &error);
- if (error == NULL) {
- g_print("success\n");
- } else {
- g_print("failure: %s\n", error->message);
- g_error_free(error);
- }
-
- g_main_loop_quit(loop);
-}
-
-int main(void) {
- GMainContext *loopctx = NULL;
- loop = g_main_loop_new(loopctx, FALSE);
-
- gchar *passbuf = calloc(1024, sizeof(gchar));
- readpassphrase("Password: ", passbuf, 1024, RPP_ECHO_OFF);
- astal_auth_pam_authenticate(passbuf, (GAsyncReadyCallback)ready_callback, NULL);
- g_free(passbuf);
-
- g_main_loop_run(loop);
- exit(EXIT_SUCCESS);
-}
diff --git a/examples/simple_example.js b/examples/simple_example.js
deleted file mode 100644
index 2bf38c1..0000000
--- a/examples/simple_example.js
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env -S gjs -m
-import Auth from "gi://AstalAuth";
-import Gio from "gi://Gio";
-
-Gio._promisify(Auth.Pam, "authenticate");
-
-await Auth.Pam.authenticate("password")
- .then(_ => print("authentication sucessful"))
- .catch(logError);
\ No newline at end of file
diff --git a/flake.lock b/flake.lock
deleted file mode 100644
index 13f566b..0000000
--- a/flake.lock
+++ /dev/null
@@ -1,27 +0,0 @@
-{
- "nodes": {
- "nixpkgs": {
- "locked": {
- "lastModified": 1716137900,
- "narHash": "sha256-sowPU+tLQv8GlqtVtsXioTKeaQvlMz/pefcdwg8MvfM=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "6c0b7a92c30122196a761b440ac0d46d3d9954f1",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "root": {
- "inputs": {
- "nixpkgs": "nixpkgs"
- }
- }
- },
- "root": "root",
- "version": 7
-}
diff --git a/flake.nix b/flake.nix
deleted file mode 100644
index 39b0289..0000000
--- a/flake.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{
- description = "Authentication library and cli tool";
-
- inputs.nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
-
- outputs = { self, nixpkgs }:
- let
- version = builtins.replaceStrings ["\n"] [""] (builtins.readFile ./version);
- system = "x86_64-linux";
- pkgs = import nixpkgs { inherit system; };
-
- nativeBuildInputs = with pkgs; [
- gobject-introspection
- meson
- pkg-config
- ninja
- vala
- ];
-
- buildInputs = with pkgs; [
- glib
- pam
- ];
- in {
- packages.${system} = rec {
- default = auth;
- auth = pkgs.stdenv.mkDerivation {
- inherit nativeBuildInputs buildInputs;
- pname = "astal-auth";
- version = version;
- src = ./.;
- outputs = ["out" "dev"];
- };
- };
-
- devShells.${system} = {
- default = pkgs.mkShell {
- inherit nativeBuildInputs buildInputs;
- };
- };
- };
-}
diff --git a/include/astal-auth.h b/include/astal-auth.h
deleted file mode 100644
index a3073ff..0000000
--- a/include/astal-auth.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef ASTAL_AUTH_PAM_H
-#define ASTAL_AUTH_PAM_H
-
-#include
-#include
-
-G_BEGIN_DECLS
-
-#define ASTAL_AUTH_TYPE_PAM (astal_auth_pam_get_type())
-
-G_DECLARE_FINAL_TYPE(AstalAuthPam, astal_auth_pam, ASTAL_AUTH, PAM, GObject)
-
-void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username);
-
-const gchar *astal_auth_pam_get_username(AstalAuthPam *self);
-
-void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service);
-
-const gchar *astal_auth_pam_get_service(AstalAuthPam *self);
-
-gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self);
-
-void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret);
-
-gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
- gpointer user_data);
-
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error);
-
-G_END_DECLS
-
-#endif // !ASTAL_AUTH_PAM_H
diff --git a/include/meson.build b/include/meson.build
deleted file mode 100644
index 0575998..0000000
--- a/include/meson.build
+++ /dev/null
@@ -1,4 +0,0 @@
-astal_auth_inc = include_directories('.')
-astal_auth_headers = files('astal-auth.h')
-
-install_headers('astal-auth.h')
diff --git a/meson.build b/meson.build
deleted file mode 100644
index e9facb1..0000000
--- a/meson.build
+++ /dev/null
@@ -1,33 +0,0 @@
-project('astal_auth',
- 'c',
- version : run_command('cat', join_paths(meson.project_source_root(), 'version')).stdout().strip(),
- default_options : [
- 'c_std=gnu11',
- 'warning_level=3',
- 'prefix=/usr'
- ]
-)
-
-add_project_arguments(
- ['-Wno-pedantic'],
- language : 'c')
-
-version_split = meson.project_version().split('.')
-lib_so_version = version_split[0] + '.' + version_split[1]
-
-pkg_config = import('pkgconfig')
-gnome = import('gnome')
-
-subdir('include')
-subdir('src')
-
-
-if get_option('examples')
- subdir('examples')
-endif
-
-
-install_data(
- 'pam/astal-auth',
- install_dir : get_option('sysconfdir') / 'pam.d'
-)
diff --git a/meson_options.txt b/meson_options.txt
deleted file mode 100644
index e28447e..0000000
--- a/meson_options.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-option('examples', type : 'boolean', value : false, description : 'Build example applications')
-option('introspection', type : 'boolean', value : true, description : 'Build gobject-introspection data')
-option('vapi', type : 'boolean', value : true, description : 'Generate vapi data (needs vapigen & introspection option)')
diff --git a/pam/astal-auth b/pam/astal-auth
deleted file mode 100644
index 41f79d7..0000000
--- a/pam/astal-auth
+++ /dev/null
@@ -1,5 +0,0 @@
-# PAM configuration file for the astal-auth library.
-# By default, it only includes the 'login'
-# configuration file (see /etc/pam.d/login)
-
-auth include login
diff --git a/src/astal-auth.c b/src/astal-auth.c
deleted file mode 100644
index 1ac2bd7..0000000
--- a/src/astal-auth.c
+++ /dev/null
@@ -1,153 +0,0 @@
-#include "astal-auth.h"
-
-#include
-#include
-#include
-
-GMainLoop *loop;
-
-static void cleanup_and_quit(AstalAuthPam *pam, int status) {
- g_object_unref(pam);
- g_main_loop_quit(loop);
- exit(status);
-}
-
-static char *read_secret(const char *msg, gboolean echo) {
- struct termios oldt, newt;
- char *password = NULL;
- size_t size = 0;
- ssize_t len;
-
- if (tcgetattr(STDIN_FILENO, &oldt) != 0) {
- return NULL;
- }
- newt = oldt;
- if (echo) {
- newt.c_lflag |= ECHO;
- } else {
- newt.c_lflag &= ~(ECHO);
- }
- if (tcsetattr(STDIN_FILENO, TCSANOW, &newt) != 0) {
- return NULL;
- }
- g_print("%s", msg);
- if ((len = getline(&password, &size, stdin)) == -1) {
- g_free(password);
- return NULL;
- }
-
- if (password[len - 1] == '\n') {
- password[len - 1] = '\0';
- }
-
- printf("\n");
-
- if (tcsetattr(STDIN_FILENO, TCSANOW, &oldt) != 0) {
- return NULL;
- }
-
- return password;
-}
-
-static void authenticate(AstalAuthPam *pam) {
- static int attempts = 0;
- if (attempts >= 3) {
- g_print("%d failed attempts.\n", attempts);
- cleanup_and_quit(pam, EXIT_FAILURE);
- }
- if (!astal_auth_pam_start_authenticate(pam)) {
- g_print("could not start authentication process\n");
- cleanup_and_quit(pam, EXIT_FAILURE);
- }
- attempts++;
-}
-
-static void on_visible(AstalAuthPam *pam, const gchar *data) {
- char *secret = read_secret(data, TRUE);
- if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
- astal_auth_pam_supply_secret(pam, secret);
- g_free(secret);
-}
-
-static void on_hidden(AstalAuthPam *pam, const gchar *data, gchar *secret) {
- if (!secret) secret = read_secret(data, FALSE);
- if (secret == NULL) cleanup_and_quit(pam, EXIT_FAILURE);
- astal_auth_pam_supply_secret(pam, secret);
- g_free(secret);
-}
-
-static void on_info(AstalAuthPam *pam, const gchar *data) {
- g_print("info: %s\n", data);
- astal_auth_pam_supply_secret(pam, NULL);
-}
-
-static void on_error(AstalAuthPam *pam, const gchar *data) {
- g_print("error: %s\n", data);
- astal_auth_pam_supply_secret(pam, NULL);
-}
-
-static void on_success(AstalAuthPam *pam) {
- g_print("Authentication successful\n");
- cleanup_and_quit(pam, EXIT_SUCCESS);
-}
-
-static void on_fail(AstalAuthPam *pam, const gchar *data, gboolean retry) {
- g_print("%s\n", data);
- if (retry)
- authenticate(pam);
- else
- cleanup_and_quit(pam, EXIT_FAILURE);
-}
-
-int main(int argc, char **argv) {
- char *password = NULL;
- char *username = NULL;
- char *service = NULL;
-
- int opt;
- const char *optstring = "p:u:s:";
-
- static struct option long_options[] = {{"password", required_argument, NULL, 'p'},
- {"username", required_argument, NULL, 'u'},
- {"service", required_argument, NULL, 's'},
- {NULL, 0, NULL, 0}};
-
- while ((opt = getopt_long(argc, argv, optstring, long_options, NULL)) != -1) {
- switch (opt) {
- case 'p':
- password = optarg;
- break;
- case 'u':
- username = optarg;
- break;
- case 's':
- service = optarg;
- break;
- default:
- g_print("Usage: %s [-p password] [-u username] [-s service]\n", argv[0]);
- exit(EXIT_FAILURE);
- }
- }
-
- loop = g_main_loop_new(NULL, FALSE);
-
- AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
-
- if (username) astal_auth_pam_set_username(pam, username);
- if (service) astal_auth_pam_set_service(pam, service);
- if (password) {
- g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)FALSE);
- } else {
- g_signal_connect(pam, "auth-prompt-visible", G_CALLBACK(on_visible), NULL);
- g_signal_connect(pam, "auth-info", G_CALLBACK(on_info), NULL);
- g_signal_connect(pam, "auth-error", G_CALLBACK(on_error), NULL);
- g_signal_connect(pam, "fail", G_CALLBACK(on_fail), (void *)TRUE);
- }
-
- g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(on_hidden), g_strdup(password));
- g_signal_connect(pam, "success", G_CALLBACK(on_success), NULL);
-
- authenticate(pam);
-
- g_main_loop_run(loop);
-}
diff --git a/src/meson.build b/src/meson.build
deleted file mode 100644
index 6a34ae0..0000000
--- a/src/meson.build
+++ /dev/null
@@ -1,65 +0,0 @@
-srcs = files(
- 'pam.c',
-)
-
-deps = [
- dependency('gobject-2.0'),
- dependency('gio-2.0'),
- dependency('pam')
-]
-
-astal_auth_lib = library(
- 'astal-auth',
- sources : srcs,
- include_directories : astal_auth_inc,
- dependencies : deps,
- version : meson.project_version(),
- install : true
-)
-
-libastal_auth = declare_dependency(
- link_with : astal_auth_lib,
- include_directories : astal_auth_inc)
-
-astal_auth_executable = executable(
- 'astal-auth',
- files('astal-auth.c'),
- dependencies : [
- dependency('gobject-2.0'),
- libastal_auth
- ],
- install : true)
-
-pkg_config_name = 'astal-auth-' + lib_so_version
-
-if get_option('introspection')
- gir = gnome.generate_gir(
- astal_auth_lib,
- sources : srcs + astal_auth_headers,
- nsversion : '0.1',
- namespace : 'AstalAuth',
- symbol_prefix : 'astal_auth',
- identifier_prefix : 'AstalAuth',
- includes : ['GObject-2.0', 'Gio-2.0'],
- header : 'astal-auth.h',
- export_packages : pkg_config_name,
- install : true
- )
-
- if get_option('vapi')
- gnome.generate_vapi(
- pkg_config_name,
- sources : [gir[0]],
- packages : ['gobject-2.0', 'gio-2.0'],
- install : true)
- endif
-endif
-
-pkg_config.generate(
- name : 'astal-auth',
- version : meson.project_version(),
- libraries : [astal_auth_lib],
- filebase : pkg_config_name,
- subdirs : 'astal',
- description : 'astal authentication module',
- url : 'https://github.com/astal-sh/auth')
diff --git a/src/pam.c b/src/pam.c
deleted file mode 100644
index d0afec4..0000000
--- a/src/pam.c
+++ /dev/null
@@ -1,524 +0,0 @@
-#include
-#include
-#include
-
-#include "astal-auth.h"
-
-struct _AstalAuthPam {
- GObject parent_instance;
-
- gchar *username;
- gchar *service;
-};
-
-typedef struct {
- GTask *task;
- GMainContext *context;
- GMutex data_mutex;
- GCond data_cond;
-
- gchar *secret;
- gboolean secret_set;
-} AstalAuthPamPrivate;
-
-typedef struct {
- AstalAuthPam *pam;
- guint signal_id;
- gchar *msg;
-} AstalAuthPamSignalEmitData;
-
-static void astal_auth_pam_signal_emit_data_free(AstalAuthPamSignalEmitData *data) {
- g_free(data->msg);
- g_free(data);
-}
-
-typedef enum {
- ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE,
- ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN,
- ASTAL_AUTH_PAM_SIGNAL_INFO,
- ASTAL_AUTH_PAM_SIGNAL_ERROR,
- ASTAL_AUTH_PAM_SIGNAL_SUCCESS,
- ASTAL_AUTH_PAM_SIGNAL_FAIL,
- ASTAL_AUTH_PAM_N_SIGNALS
-} AstalAuthPamSignals;
-
-typedef enum {
- ASTAL_AUTH_PAM_PROP_USERNAME = 1,
- ASTAL_AUTH_PAM_PROP_SERVICE,
- ASTAL_AUTH_PAM_N_PROPERTIES
-} AstalAuthPamProperties;
-
-static guint astal_auth_pam_signals[ASTAL_AUTH_PAM_N_SIGNALS] = {
- 0,
-};
-static GParamSpec *astal_auth_pam_properties[ASTAL_AUTH_PAM_N_PROPERTIES] = {
- NULL,
-};
-
-G_DEFINE_TYPE_WITH_PRIVATE(AstalAuthPam, astal_auth_pam, G_TYPE_OBJECT);
-
-/**
- *
- * AstalAuthPam
- *
- * For simple authentication using only a password, using the [func@AstalAuth.Pam.authenticate]
- * method is recommended. Look at the simple examples for how to use it.
- *
- * There is also a way to get access to the pam conversation, to allow for a more complex
- * authentication process, like using multiple factor authentication. Generally it can be used like
- * this:
- *
- * 1. create the Pam object.
- * 2. set username and service if so required. It has sane defaults, so in most cases you can skip
- * this.
- * 3. connect to the signals.
- * After an `auth-*` signal is emitted, it has to be responded with exactly one
- * [method@AstalAuth.Pam.supply_secret] call. The secret is a string containing the user input. For
- * [auth-info][signal@AstalAuth.Pam::auth-info:] and [auth-error][signal@AstalAuth.Pam::auth-error:]
- * it should be `NULL`. Not connecting those signals, is equivalent to calling
- * [method@AstalAuth.Pam.supply_secret] with `NULL` immediately after the signal is emitted.
- * 4. start authentication process using [method@AstalAuth.Pam.start_authenticate].
- * 5. it is possible to reuse the same Pam object for multiple sequential authentication attempts.
- * Just call [method@AstalAuth.Pam.start_authenticate] again after the `success` or `fail` signal
- * was emitted.
- *
- */
-
-/**
- * astal_auth_pam_set_username
- * @self: a AstalAuthPam object
- * @username: the new username
- *
- * Sets the username to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to the owner of the process.
- *
- */
-void astal_auth_pam_set_username(AstalAuthPam *self, const gchar *username) {
- g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
- g_return_if_fail(username != NULL);
-
- g_free(self->username);
- self->username = g_strdup(username);
- g_object_notify(G_OBJECT(self), "username");
-}
-
-/**
- * astal_auth_pam_supply_secret
- * @self: a AstalAuthPam Object
- * @secret: (nullable): the secret to be provided to pam. Can be NULL.
- *
- * provides pam with a secret. This method must be called exactly once after a
- * auth-* signal is emitted.
- */
-void astal_auth_pam_supply_secret(AstalAuthPam *self, const gchar *secret) {
- g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
-
- g_mutex_lock(&priv->data_mutex);
- g_free(priv->secret);
- priv->secret = g_strdup(secret);
- priv->secret_set = TRUE;
- g_cond_signal(&priv->data_cond);
- g_mutex_unlock(&priv->data_mutex);
-}
-
-/**
- * astal_auth_pam_set_service
- * @self: a AstalAuthPam object
- * @service: the pam service used for authentication
- *
- * Sets the service to be used for authentication. This must be set to
- * before calling start_authenticate.
- * Changing it afterwards has no effect on the authentication process.
- *
- * Defaults to `astal-auth`.
- *
- */
-void astal_auth_pam_set_service(AstalAuthPam *self, const gchar *service) {
- g_return_if_fail(ASTAL_AUTH_IS_PAM(self));
- g_return_if_fail(service != NULL);
-
- g_free(self->service);
- self->service = g_strdup(service);
- g_object_notify(G_OBJECT(self), "service");
-}
-
-/**
- * astal_auth_pam_get_username
- * @self: a AstalAuthPam object
- *
- * Fetches the username from AsalAuthPam object.
- *
- * Returns: the username of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-
-const gchar *astal_auth_pam_get_username(AstalAuthPam *self) {
- g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
- return self->username;
-}
-
-/**
- * astal_auth_pam_get_service
- * @self: a AstalAuthPam
- *
- * Fetches the service from AsalAuthPam object.
- *
- * Returns: the service of the AsalAuthPam object. This string is
- * owned by the object and must not be modified or freed.
- */
-const gchar *astal_auth_pam_get_service(AstalAuthPam *self) {
- g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), NULL);
- return self->service;
-}
-
-static void astal_auth_pam_set_property(GObject *object, guint property_id, const GValue *value,
- GParamSpec *pspec) {
- AstalAuthPam *self = ASTAL_AUTH_PAM(object);
-
- switch (property_id) {
- case ASTAL_AUTH_PAM_PROP_USERNAME:
- astal_auth_pam_set_username(self, g_value_get_string(value));
- break;
- case ASTAL_AUTH_PAM_PROP_SERVICE:
- astal_auth_pam_set_service(self, g_value_get_string(value));
- break;
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
- break;
- }
-}
-
-static void astal_auth_pam_get_property(GObject *object, guint property_id, GValue *value,
- GParamSpec *pspec) {
- AstalAuthPam *self = ASTAL_AUTH_PAM(object);
-
- switch (property_id) {
- case ASTAL_AUTH_PAM_PROP_USERNAME:
- g_value_set_string(value, self->username);
- break;
- case ASTAL_AUTH_PAM_PROP_SERVICE:
- g_value_set_string(value, self->service);
- break;
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID(object, property_id, pspec);
- break;
- }
-}
-
-static void astal_auth_pam_callback(GObject *object, GAsyncResult *res, gpointer user_data) {
- AstalAuthPam *self = ASTAL_AUTH_PAM(object);
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
-
- GTask *task = g_steal_pointer(&priv->task);
-
- GError *error = NULL;
- g_task_propagate_int(task, &error);
-
- if (error == NULL) {
- g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS], 0);
- } else {
- g_signal_emit(self, astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL], 0, error->message);
- g_error_free(error);
- }
- g_object_unref(task);
-}
-
-static gboolean astal_auth_pam_emit_signal_in_context(gpointer user_data) {
- AstalAuthPamSignalEmitData *data = user_data;
- g_signal_emit(data->pam, data->signal_id, 0, data->msg);
- return G_SOURCE_REMOVE;
-}
-
-static void astal_auth_pam_emit_signal(AstalAuthPam *pam, guint signal, const gchar *msg) {
- GSource *emit_source;
- AstalAuthPamSignalEmitData *data;
-
- data = g_new0(AstalAuthPamSignalEmitData, 1);
- data->pam = pam;
- data->signal_id = astal_auth_pam_signals[signal];
- data->msg = g_strdup(msg);
-
- emit_source = g_idle_source_new();
- g_source_set_callback(emit_source, astal_auth_pam_emit_signal_in_context, data,
- (GDestroyNotify)astal_auth_pam_signal_emit_data_free);
- g_source_set_priority(emit_source, G_PRIORITY_DEFAULT);
- g_source_attach(emit_source,
- ((AstalAuthPamPrivate *)astal_auth_pam_get_instance_private(pam))->context);
- g_source_unref(emit_source);
-}
-
-int astal_auth_pam_handle_conversation(int num_msg, const struct pam_message **msg,
- struct pam_response **resp, void *appdata_ptr) {
- AstalAuthPam *self = appdata_ptr;
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
-
- struct pam_response *replies = NULL;
- if (num_msg <= 0 || num_msg > PAM_MAX_NUM_MSG) {
- return PAM_CONV_ERR;
- }
- replies = (struct pam_response *)calloc(num_msg, sizeof(struct pam_response));
- if (replies == NULL) {
- return PAM_BUF_ERR;
- }
- for (int i = 0; i < num_msg; ++i) {
- guint signal;
- switch (msg[i]->msg_style) {
- case PAM_PROMPT_ECHO_OFF:
- signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN;
- break;
- case PAM_PROMPT_ECHO_ON:
- signal = ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE;
- break;
- case PAM_ERROR_MSG:
- signal = ASTAL_AUTH_PAM_SIGNAL_ERROR;
- ;
- break;
- case PAM_TEXT_INFO:
- signal = ASTAL_AUTH_PAM_SIGNAL_INFO;
- break;
- default:
- g_free(replies);
- return PAM_CONV_ERR;
- break;
- }
- guint signal_id = astal_auth_pam_signals[signal];
- if (g_signal_has_handler_pending(self, signal_id, 0, FALSE)) {
- astal_auth_pam_emit_signal(self, signal, msg[i]->msg);
- g_mutex_lock(&priv->data_mutex);
- while (!priv->secret_set) {
- g_cond_wait(&priv->data_cond, &priv->data_mutex);
- }
- replies[i].resp_retcode = 0;
- replies[i].resp = g_strdup(priv->secret);
- g_free(priv->secret);
- priv->secret = NULL;
- priv->secret_set = FALSE;
- g_mutex_unlock(&priv->data_mutex);
- }
- }
- *resp = replies;
- return PAM_SUCCESS;
-}
-
-static void astal_auth_pam_thread(GTask *task, gpointer object, gpointer task_data,
- GCancellable *cancellable) {
- AstalAuthPam *self = g_task_get_source_object(task);
-
- pam_handle_t *pamh = NULL;
- const struct pam_conv conv = {
- .conv = astal_auth_pam_handle_conversation,
- .appdata_ptr = self,
- };
-
- int retval;
- retval = pam_start(self->service, self->username, &conv, &pamh);
- if (retval == PAM_SUCCESS) {
- retval = pam_authenticate(pamh, 0);
- pam_end(pamh, retval);
- }
- if (retval != PAM_SUCCESS) {
- g_task_return_new_error(task, G_IO_ERROR, G_IO_ERROR_FAILED, "%s",
- pam_strerror(pamh, retval));
- } else {
- g_task_return_int(task, retval);
- }
-}
-
-gboolean astal_auth_pam_start_authenticate_with_callback(AstalAuthPam *self,
- GAsyncReadyCallback result_callback,
- gpointer user_data) {
- g_return_val_if_fail(ASTAL_AUTH_IS_PAM(self), FALSE);
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
- g_return_val_if_fail(priv->task == NULL, FALSE);
-
- priv->task = g_task_new(self, NULL, result_callback, user_data);
- g_task_set_priority(priv->task, 0);
- g_task_set_name(priv->task, "[AstalAuth] authenticate");
- g_task_run_in_thread(priv->task, astal_auth_pam_thread);
-
- return TRUE;
-}
-
-/**
- * astal_auth_pam_start_authenticate:
- * @self: a AstalAuthPam Object
- *
- * starts a new authentication process using the PAM (Pluggable Authentication Modules) system.
- * Note that this will cancel an already running authentication process
- * associated with this AstalAuthPam object.
- */
-gboolean astal_auth_pam_start_authenticate(AstalAuthPam *self) {
- return astal_auth_pam_start_authenticate_with_callback(
- self, (GAsyncReadyCallback)astal_auth_pam_callback, NULL);
-}
-
-static void astal_auth_pam_on_hidden(AstalAuthPam *pam, const gchar *msg, gchar *password) {
- astal_auth_pam_supply_secret(pam, password);
- g_free(password);
-}
-
-/**
- * astal_auth_pam_authenticate:
- * @password: the password to be authenticated
- * @result_callback: (scope async) (closure user_data): a GAsyncReadyCallback
- * to call when the request is satisfied
- * @user_data: the data to pass to callback function
- *
- * Requests authentication of the provided password using the PAM (Pluggable Authentication Modules)
- * system.
- */
-gboolean astal_auth_pam_authenticate(const gchar *password, GAsyncReadyCallback result_callback,
- gpointer user_data) {
- AstalAuthPam *pam = g_object_new(ASTAL_AUTH_TYPE_PAM, NULL);
- g_signal_connect(pam, "auth-prompt-hidden", G_CALLBACK(astal_auth_pam_on_hidden),
- (void *)g_strdup(password));
-
- gboolean started =
- astal_auth_pam_start_authenticate_with_callback(pam, result_callback, user_data);
- g_object_unref(pam);
- return started;
-}
-
-gssize astal_auth_pam_authenticate_finish(GAsyncResult *res, GError **error) {
- return g_task_propagate_int(G_TASK(res), error);
-}
-
-static void astal_auth_pam_init(AstalAuthPam *self) {
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
-
- priv->secret = NULL;
-
- g_cond_init(&priv->data_cond);
- g_mutex_init(&priv->data_mutex);
-
- priv->context = g_main_context_get_thread_default();
-}
-
-static void astal_auth_pam_finalize(GObject *gobject) {
- AstalAuthPam *self = ASTAL_AUTH_PAM(gobject);
- AstalAuthPamPrivate *priv = astal_auth_pam_get_instance_private(self);
-
- g_free(self->username);
- g_free(self->service);
-
- g_free(priv->secret);
-
- g_cond_clear(&priv->data_cond);
- g_mutex_clear(&priv->data_mutex);
-
- G_OBJECT_CLASS(astal_auth_pam_parent_class)->finalize(gobject);
-}
-
-static void astal_auth_pam_class_init(AstalAuthPamClass *class) {
- GObjectClass *object_class = G_OBJECT_CLASS(class);
-
- object_class->get_property = astal_auth_pam_get_property;
- object_class->set_property = astal_auth_pam_set_property;
-
- object_class->finalize = astal_auth_pam_finalize;
-
- struct passwd *passwd = getpwuid(getuid());
-
- /**
- * AstalAuthPam:username:
- *
- * The username used for authentication.
- * Changing the value of this property has no affect on an already started authentication
- * process.
- *
- * Defaults to the user that owns this process.
- */
- astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_USERNAME] =
- g_param_spec_string("username", "username", "username used for authentication",
- passwd->pw_name, G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
- /**
- * AstalAuthPam:service:
- *
- * The pam service used for authentication.
- * Changing the value of this property has no affect on an already started authentication
- * process.
- *
- * Defaults to the astal-auth pam service.
- */
- astal_auth_pam_properties[ASTAL_AUTH_PAM_PROP_SERVICE] =
- g_param_spec_string("service", "service", "the pam service to use", "astal-auth",
- G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
-
- g_object_class_install_properties(object_class, ASTAL_AUTH_PAM_N_PROPERTIES,
- astal_auth_pam_properties);
- /**
- * AstalAuthPam::auth-prompt-visible:
- * @pam: the object which received the signal.
- * @msg: the prompt to be shown to the user
- *
- * This signal is emitted when user input is required. The input should be visible
- * when entered (e.g., for One-Time Passwords (OTP)).
- *
- * This signal has to be matched with exaclty one supply_secret call.
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_VISIBLE] =
- g_signal_new("auth-prompt-visible", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
- NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
- /**
- * AstalAuthPam::auth-prompt-hidden:
- * @pam: the object which received the signal.
- * @msg: the prompt to be shown to the user
- *
- * This signal is emitted when user input is required. The input should be hidden
- * when entered (e.g., for passwords).
- *
- * This signal has to be matched with exaclty one supply_secret call.
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_PROMPT_HIDDEN] =
- g_signal_new("auth-prompt-hidden", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL,
- NULL, NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
- /**
- * AstalAuthPam::auth-info:
- * @pam: the object which received the signal.
- * @msg: the info mssage to be shown to the user
- *
- * This signal is emitted when the user should receive an information (e.g., tell the user to
- * touch a security key, or the remaining time pam has been locked after multiple failed
- * attempts)
- *
- * This signal has to be matched with exaclty one supply_secret call.
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_INFO] =
- g_signal_new("auth-info", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
- G_TYPE_NONE, 1, G_TYPE_STRING);
- /**
- * AstalAuthPam::auth-error:
- * @pam: the object which received the signal.
- * @msg: the error message
- *
- * This signal is emitted when an authentication error has occured.
- *
- * This signal has to be matched with exaclty one supply_secret call.
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_ERROR] =
- g_signal_new("auth-error", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL,
- NULL, G_TYPE_NONE, 1, G_TYPE_STRING);
- /**
- * AstalAuthPam::success:
- * @pam: the object which received the signal.
- *
- * This signal is emitted after successful authentication
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_SUCCESS] =
- g_signal_new("success", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
- G_TYPE_NONE, 0);
- /**
- * AstalAuthPam::fail:
- * @pam: the object which received the signal.
- * @msg: the authentication failure message
- *
- * This signal is emitted when authentication failed.
- */
- astal_auth_pam_signals[ASTAL_AUTH_PAM_SIGNAL_FAIL] =
- g_signal_new("fail", G_TYPE_FROM_CLASS(class), G_SIGNAL_RUN_FIRST, 0, NULL, NULL, NULL,
- G_TYPE_NONE, 1, G_TYPE_STRING);
-}
diff --git a/version b/version
deleted file mode 100644
index 6e8bf73..0000000
--- a/version
+++ /dev/null
@@ -1 +0,0 @@
-0.1.0
--
cgit v1.2.3