http://www.jwz.org/xscreensaver/xscreensaver-5.08.tar.gz

[xscreensaver] / driver / passwd.c

diff --git a/driver/passwd.c b/driver/passwd.c
index 066bc81f9c608d6a0178c5be12605b30556efaaf..fd42c5521351da99fa65a2584e8debe429bd7789 100644 (file)
--- a/driver/passwd.c
+++ b/driver/passwd.c
@@ -249,6 +249,8 @@ xss_authenticate(saver_info *si, Bool verbose_p)
 {
   int i, j;
 
+  si->unlock_state = ul_read;
+
   for (i = 0; i < countof(methods); i++)
     {
       if (!methods[i].initted_p)
@@ -267,6 +269,20 @@ xss_authenticate(saver_info *si, Bool verbose_p)
 
       check_for_leaks (methods[i].name);
 
+      /* If password authentication failed, but the password was NULL
+         (meaning the user just hit RET) then treat that as "cancel".
+         This means that if the password is literally NULL, it will
+         work; but if not, then NULL passwords are treated as cancel.
+       */
+      if (si->unlock_state == ul_fail &&
+          si->cached_passwd &&
+          !*si->cached_passwd)
+        {
+          fprintf (stderr, "%s: assuming null password means cancel.\n",
+                   blurb());
+          si->unlock_state = ul_cancel;
+        }
+
       if (si->unlock_state == ul_success)
         {
           /* If we successfully authenticated by method N, but attempting
@@ -287,6 +303,18 @@ xss_authenticate(saver_info *si, Bool verbose_p)
             }
           goto DONE;           /* Successfully authenticated! */
         }
+      else if (si->unlock_state == ul_cancel ||
+               si->unlock_state == ul_time)
+        {
+          /* If any auth method gets a cancel or timeout, don't try the
+             next auth method!  We're done! */
+          fprintf (stderr,
+                   "%s: authentication via %s %s.\n",
+                       blurb(), methods[i].name,
+                   (si->unlock_state == ul_cancel
+                    ? "cancelled" : "timed out"));
+          goto DONE;
+        }
     }
 
   if (verbose_p)