+/* A basic auth driver that simply prompts for a password then runs it through
+ * valid_p to determine whether the password is correct.
+ */
+static void
+try_unlock_password(saver_info *si,
+ Bool verbose_p,
+ Bool (*valid_p)(const char *typed_passwd, Bool verbose_p))
+{
+ struct auth_message message;
+ struct auth_response *response = NULL;
+
+ memset(&message, 0, sizeof(message));
+
+ if (verbose_p)
+ fprintf(stderr, "%s: non-PAM password auth.\n", blurb());
+
+ /* Call the auth_conv function with "Password:", then feed
+ * the result into valid_p()
+ */
+ message.type = AUTH_MSGTYPE_PROMPT_NOECHO;
+ message.msg = "Password:";
+
+ si->unlock_cb(1, &message, &response, si);
+
+ if (!response)
+ return;
+
+ if (valid_p (response->response, verbose_p))
+ si->unlock_state = ul_success; /* yay */
+ else if (si->unlock_state == ul_cancel ||
+ si->unlock_state == ul_time)
+ ; /* more specific failures ok */
+ else
+ si->unlock_state = ul_fail; /* generic failure */
+
+ if (response->response)
+ free(response->response);
+ free(response);
+}
+
+
+/* Write a password failure to the system log.
+ */
+static void
+do_syslog (saver_info *si, Bool verbose_p)
+{
+# ifdef HAVE_SYSLOG
+ struct passwd *pw = getpwuid (getuid ());
+ char *d = DisplayString (si->dpy);
+ char *u = (pw && pw->pw_name ? pw->pw_name : "???");
+ int opt = 0;
+ int fac = 0;
+
+# ifdef LOG_PID
+ opt = LOG_PID;
+# endif
+
+# if defined(LOG_AUTHPRIV)
+ fac = LOG_AUTHPRIV;
+# elif defined(LOG_AUTH)
+ fac = LOG_AUTH;
+# else
+ fac = LOG_DAEMON;
+# endif
+
+ if (!d) d = "";
+
+# undef FMT
+# define FMT "FAILED LOGIN %d ON DISPLAY \"%s\", FOR \"%s\""
+
+ if (verbose_p)
+ fprintf (stderr, "%s: syslog: " FMT "\n", blurb(),
+ si->unlock_failures, d, u);
+
+ openlog (progname, opt, fac);
+ syslog (LOG_NOTICE, FMT, si->unlock_failures, d, u);
+ closelog ();
+
+# endif /* HAVE_SYSLOG */
+}
+
+
+
+/**
+ * Runs through each authentication driver calling its try_unlock function.
+ * Called xss_authenticate() because AIX beat us to the name authenticate().
+ */
+void
+xss_authenticate(saver_info *si, Bool verbose_p)