fix: audit fixes — async restart_verify, locale caching, panic safety (v0.5.0) · 09e0d47a38 - moonlock

fix: audit fixes — async restart_verify, locale caching, panic safety (v0.5.0)

- restart_verify() now async via spawn_future_local (was blocking main thread)
- stop() uses 3s timeout instead of unbounded
- load_strings() caches locale detection in OnceLock (was reading /etc/locale.conf on every call)
- child_get() replaced with child_value().get() for graceful D-Bus type mismatch handling
- Eliminate redundant password clone in auth path (direct move into spawn_blocking)
- Add on_exhausted callback: hides fp_label after MAX_FP_ATTEMPTS
- Set running=false before on_success callback (prevent double-unlock)
- Add 4 unit tests for on_verify_status state machine
- Document GLib-GString/CString zeroize limitation in CLAUDE.md

This commit is contained in:

nevaforget

2026-03-28 10:16:06 +01:00

parent 13b329cd98

commit 09e0d47a38

6 changed files with 137 additions and 44 deletions

									
										Cargo.toml
									
		+1
		-1
	
												View File
												
				@@ -1,6 +1,6 @@

				[package]

				name = "moonlock"

				version = "0.4.2"

				version = "0.5.0"

				edition = "2024"

				description = "A secure Wayland lockscreen with GTK4, PAM and fingerprint support"

				license = "MIT"