-static gboolean verbose = FALSE;

-static gboolean show_version = FALSE;

-static gboolean enable_logout = FALSE;

-static gboolean enable_switch = FALSE;

-static char *logout_command = NULL;

-static char *status_message = NULL;

-static char *away_message = NULL;

-

-static GOptionEntry entries [] =

-{

- {

- "verbose", 0, 0, G_OPTION_ARG_NONE, &verbose,

- N_("Show debugging output"), NULL

- },

- {

- "version", 0, 0, G_OPTION_ARG_NONE, &show_version,

- N_("Version of this application"), NULL

- },

- {

- "enable-logout", 0, 0, G_OPTION_ARG_NONE, &enable_logout,

- N_("Show the logout button"), NULL

- },

- {

- "logout-command", 0, 0, G_OPTION_ARG_STRING, &logout_command,

- N_("Command to invoke from the logout button"), NULL

- },

- {

- "enable-switch", 0, 0, G_OPTION_ARG_NONE, &enable_switch,

- N_("Show the switch user button"), NULL

- },

- {

- "status-message", 0, 0, G_OPTION_ARG_STRING, &status_message,

- N_("Message to show in the dialog"), N_("MESSAGE")

- },

- {

- "away-message", 0, 0, G_OPTION_ARG_STRING, &away_message,

- N_("Not used"), N_("MESSAGE")

- },

- { NULL }

-static char *

-get_id_string (GtkWidget *widget)

- char *id = NULL;

- g_return_val_if_fail (widget != NULL, NULL);

- g_return_val_if_fail (GTK_IS_WIDGET (widget), NULL);

- id = g_strdup_printf ("%" G_GUINT32_FORMAT,

- (guint32) GDK_WINDOW_XID (widget->window));

-static gboolean

-print_id (GtkWidget *widget)

- char *id;

- gs_profile_start (NULL);

- id = get_id_string (widget);

- printf ("WINDOW ID=%s\n", id);

- fflush (stdout);

- gs_profile_end (NULL);

- g_free (id);

-static void

-response_cancel (void)

- printf ("RESPONSE=CANCEL\n");

- fflush (stdout);

-static void

-response_ok (void)

- printf ("RESPONSE=OK\n");

- fflush (stdout);

-static gboolean

-quit_response_ok (void)

- response_ok ();

- gtk_main_quit ();

-static gboolean

-quit_response_cancel (void)

- response_cancel ();

- gtk_main_quit ();

-static void

-response_lock_init_failed (void)

- response_ok ();

-static char *

-request_response (GSLockPlug *plug,

- const char *prompt,

- gboolean visible)

- int response;

- char *text;

- gs_lock_plug_set_sensitive (plug, TRUE);

- gs_lock_plug_enable_prompt (plug, prompt, visible);

- response = gs_lock_plug_run (plug);

- gs_lock_plug_get_text (plug, &text);

- gs_lock_plug_disable_prompt (plug);

-static const char *

-maybe_translate_message (const char *msg)

- char *s;

- const char *ret;

- static GHashTable *hash = NULL;

- g_hash_table_insert (hash, "login:", _("Username:"));

- g_hash_table_insert (hash, "Username:", _("Username:"));

- g_hash_table_insert (hash, "username:", _("Username:"));

- g_hash_table_insert (hash, "Password:", _("Password:"));

- g_hash_table_insert (hash, "password:", _("Password:"));

- g_hash_table_insert (hash, "You are required to change your password immediately (password aged)", _("You are required to change your password immediately (password aged)"));

- g_hash_table_insert (hash, "You are required to change your password immediately (root enforced)", _("You are required to change your password immediately (root enforced)"));

- g_hash_table_insert (hash, "Your account has expired; please contact your system administrator", _("Your account has expired; please contact your system administrator"));

- g_hash_table_insert (hash, "No password supplied", _("No password supplied"));

- g_hash_table_insert (hash, "Password unchanged", _("Password unchanged"));

- g_hash_table_insert (hash, "Can not get username", _("Can not get username"));

- g_hash_table_insert (hash, "Retype new UNIX password:", _("Retype new UNIX password:"));

- g_hash_table_insert (hash, "Enter new UNIX password:", _("Enter new UNIX password:"));

- g_hash_table_insert (hash, "(current) UNIX password:", _("(current) UNIX password:"));

- g_hash_table_insert (hash, "Error while changing NIS password.", _("Error while changing NIS password."));

- g_hash_table_insert (hash, "You must choose a longer password", _("You must choose a longer password"));

- g_hash_table_insert (hash, "Password has been already used. Choose another.", _("Password has been already used. Choose another."));

- g_hash_table_insert (hash, "You must wait longer to change your password", _("You must wait longer to change your password"));

- g_hash_table_insert (hash, "Sorry, passwords do not match", _("Sorry, passwords do not match"));

- s = g_strstrip (g_strdup (msg));

- ret = g_hash_table_lookup (hash, s);

- g_free (s);

-static gboolean

-auth_message_handler (GSAuthMessageStyle style,

- const char *msg,

- char **response,

- gpointer data)

- gboolean ret;

- GSLockPlug *plug;

- const char *message;

- plug = GS_LOCK_PLUG (data);

- gs_profile_start (NULL);

- gs_debug ("Got message style %d: '%s'", style, msg);

- gtk_widget_show (GTK_WIDGET (plug));

- gs_lock_plug_set_ready (plug);

- message = maybe_translate_message (msg);

- case GS_AUTH_MESSAGE_PROMPT_ECHO_ON:

- if (msg != NULL)

- {

- char *resp;

- resp = request_response (plug, message, TRUE);

- *response = resp;

- }

- break;

- case GS_AUTH_MESSAGE_PROMPT_ECHO_OFF:

- if (msg != NULL)

- {

- char *resp;

- resp = request_response (plug, message, FALSE);

- *response = resp;

- }

- break;

- case GS_AUTH_MESSAGE_ERROR_MSG:

- gs_lock_plug_show_message (plug, message);

- break;

- case GS_AUTH_MESSAGE_TEXT_INFO:

- gs_lock_plug_show_message (plug, message);

- break;

- default:

- g_assert_not_reached ();

- gs_debug ("Got no response");

- gs_lock_plug_show_message (plug, _("Checking..."));

- gs_lock_plug_set_sensitive (plug, FALSE);

- while (gtk_events_pending ())

- gtk_main_iteration ();

- gs_lock_plug_set_busy (plug);

- gs_profile_end (NULL);

-static gboolean

-reset_idle_cb (GSLockPlug *plug)

- gs_lock_plug_set_sensitive (plug, TRUE);

- gs_lock_plug_show_message (plug, NULL);

-static gboolean

-do_auth_check (GSLockPlug *plug)

- GError *error;

- gs_lock_plug_disable_prompt (plug);

- gs_lock_plug_set_busy (plug);

- res = gs_auth_verify_user (g_get_user_name (), g_getenv ("DISPLAY"), auth_message_handler, plug, &error);

- gs_debug ("Verify user returned: %s", res ? "TRUE" : "FALSE");

- gs_debug ("Verify user returned error: %s", error->message);

- gs_lock_plug_show_message (plug, error->message);

- gs_lock_plug_show_message (plug, _("Authentication failed."));

- printf ("NOTICE=AUTH FAILED\n");

- fflush (stdout);

- g_error_free (error);

-static void

-response_cb (GSLockPlug *plug,

- gint response_id)

- if ((response_id == GS_LOCK_PLUG_RESPONSE_CANCEL) ||

- (response_id == GTK_RESPONSE_DELETE_EVENT))

- quit_response_cancel ();

-static gboolean

-response_request_quit (void)

- printf ("REQUEST QUIT\n");

- fflush (stdout);

-static gboolean

-quit_timeout_cb (gpointer data)

- gtk_main_quit ();

-static gboolean

-auth_check_idle (GSLockPlug *plug)

- gboolean res;

- gboolean again;

- res = do_auth_check (plug);

- g_idle_add ((GSourceFunc)quit_response_ok, NULL);

- g_timeout_add (3000, (GSourceFunc)reset_idle_cb, plug);

- g_idle_add ((GSourceFunc)response_request_quit, NULL);

- g_timeout_add (5000, (GSourceFunc)quit_timeout_cb, NULL);

-static void

-show_cb (GtkWidget *widget,

- gpointer data)

- print_id (widget);

-static gboolean

-popup_dialog_idle (void)

- GtkWidget *widget;

- gs_profile_start (NULL);

- widget = gs_lock_plug_new ();

- g_object_set (widget, "logout-enabled", TRUE, NULL);

- g_object_set (widget, "logout-command", logout_command, NULL);

- g_object_set (widget, "switch-enabled", TRUE, NULL);

- g_object_set (widget, "status-message", status_message, NULL);

- g_signal_connect (GS_LOCK_PLUG (widget), "response", G_CALLBACK (response_cb), NULL);

- g_signal_connect (widget, "show", G_CALLBACK (show_cb), NULL);

- gtk_widget_realize (widget);

- g_idle_add ((GSourceFunc)auth_check_idle, widget);

- gs_profile_end (NULL);

-static gboolean

-privileged_initialization (int *argc,

- char **argv,

- gboolean verbose)

- char *nolock_reason;

- char *orig_uid;

- char *uid_message;

- gs_profile_start (NULL);

-#ifndef NO_LOCKING

- /* before hack_uid () for proper permissions */

- gs_auth_priv_init ();

-#endif /* NO_LOCKING */

- ret = hack_uid (&nolock_reason,

- &orig_uid,

- &uid_message);

- g_debug ("Locking disabled: %s", nolock_reason);

- g_print ("Modified UID: %s", uid_message);

- g_free (nolock_reason);

- g_free (orig_uid);

- g_free (uid_message);

- gs_profile_end (NULL);

-static gboolean

-lock_initialization (int *argc,

- char **argv,

- char **nolock_reason,

- gboolean verbose)

-#ifdef NO_LOCKING

- if (nolock_reason != NULL)

- {

- *nolock_reason = g_strdup ("not compiled with locking support");

- }

- return FALSE;

-#else /* !NO_LOCKING */

-

- /* Finish initializing locking, now that we're out of privileged code. */

- if (! gs_auth_init ())

- {

- *nolock_reason = g_strdup ("error getting password");

- }

- /* If locking is currently enabled, but the environment indicates that

- we have been launched as MDM's "Background" program, then disable

- locking just in case.

- */

- if (getenv ("RUNNING_UNDER_MDM"))

- {

- if (nolock_reason != NULL)

- *nolock_reason = g_strdup ("running under MDM");

- }

- return FALSE;

- }

- /* If the server is XDarwin (MacOS X) then disable locking.

- (X grabs only affect X programs, so you can use Command-Tab

- to bring any other Mac program to the front, e.g., Terminal.)

- */

- {

- gboolean macos = FALSE;

-

-#ifdef __APPLE__

- /* Disable locking if *running* on Apple hardware, since we have no

- reliable way to determine whether the server is running on MacOS.

- Hopefully __APPLE__ means "MacOS" and not "Linux on Mac hardware"

- but I'm not really sure about that.

- */

- macos = TRUE;

-#endif

-

- if (macos)

- *nolock_reason = g_strdup ("Cannot lock securely on MacOS X");

- }

-#endif /* NO_LOCKING */

-int

-main (int argc,

- char **argv)

- GError *error = NULL;

- char *nolock_reason = NULL;

-

-#ifdef ENABLE_NLS

- bindtextdomain (GETTEXT_PACKAGE, MATELOCALEDIR);

-# ifdef HAVE_BIND_TEXTDOMAIN_CODESET

- bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");

-# endif

- textdomain (GETTEXT_PACKAGE);

-#endif

-

- if (! g_thread_supported ())

- g_thread_init (NULL);

- g_type_init ();

- gs_profile_start (NULL);

- if (! privileged_initialization (&argc, argv, verbose))

- response_lock_init_failed ();

- exit (1);

- if (! gtk_init_with_args (&argc, &argv, NULL, entries, NULL, &error))

- fprintf (stderr, "%s", error->message);

- g_error_free (error);

- exit (1);

- g_print ("%s %s\n", argv [0], VERSION);

- exit (1);

- if (! lock_initialization (&argc, argv, &nolock_reason, verbose))

- response_lock_init_failed ();

- gs_debug_init (verbose, FALSE);

- g_idle_add ((GSourceFunc)popup_dialog_idle, NULL);

- gtk_main ();

- gs_profile_end (NULL);

- gs_debug_shutdown ();