fix: audit fixes — async restart_verify, locale caching, panic safety (v0.5.0)
- restart_verify() now async via spawn_future_local (was blocking main thread) - stop() uses 3s timeout instead of unbounded - load_strings() caches locale detection in OnceLock (was reading /etc/locale.conf on every call) - child_get() replaced with child_value().get() for graceful D-Bus type mismatch handling - Eliminate redundant password clone in auth path (direct move into spawn_blocking) - Add on_exhausted callback: hides fp_label after MAX_FP_ATTEMPTS - Set running=false before on_success callback (prevent double-unlock) - Add 4 unit tests for on_verify_status state machine - Document GLib-GString/CString zeroize limitation in CLAUDE.md
This commit is contained in:
@@ -7,8 +7,8 @@ Part of the Moonarch ecosystem.
|
||||
|
||||
- **ext-session-lock-v1** — Protocol-guaranteed screen locking (compositor keeps screen locked on crash)
|
||||
- **PAM authentication** — Uses system PAM stack (`/etc/pam.d/moonlock`)
|
||||
- **Fingerprint unlock** — fprintd D-Bus integration (optional)
|
||||
- **Multi-monitor** — Lockscreen on every monitor
|
||||
- **Fingerprint unlock** — fprintd D-Bus integration, async init (optional, window appears instantly)
|
||||
- **Multi-monitor** — Lockscreen on every monitor, single shared fingerprint listener
|
||||
- **i18n** — German and English (auto-detected)
|
||||
- **Faillock warning** — UI counter + system pam_faillock
|
||||
- **Panic safety** — Panic hook logs but never unlocks
|
||||
|
||||
Reference in New Issue
Block a user