nevaforget/moonlock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: audit fixes — fprintd path validation, progressive faillock warning (v0.6.7)
Update PKGBUILD version / update-pkgver (push) Successful in 1s
Details

Browse Source 
- Validate fprintd device path prefix (/net/reactivated/Fprint/Device/) before
  creating D-Bus proxy (prevents use of unexpected object paths)
- faillock_warning now warns at remaining <= 2 attempts (not just == 1), improving
  UX for higher max_attempts configurations
This commit is contained in:
nevaforget
2026-03-30 16:08:59 +02:00
parent af5b7c8912
commit 59c509dcbb
4 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/i18n.rs
+19 -5
View File
@@ -100,11 +100,13 @@ pub fn load_strings(locale: Option<&str>) -> &'static Strings {
match locale { "de" => &STRINGS_DE, _ => &STRINGS_EN }
}
/// Returns a warning when the user is one attempt away from lockout.
/// Returns a warning when the user is close to lockout (2 or fewer attempts remaining).
/// Caller is responsible for handling the locked state (count >= max_attempts).
pub fn faillock_warning(attempt_count: u32, max_attempts: u32, strings: &Strings) -> Option<String> {
let remaining = max_attempts.saturating_sub(attempt_count);
if remaining == 1 { return Some(strings.faillock_attempts_remaining.replace("{n}", &remaining.to_string())); }
if remaining > 0 && remaining <= 2 {
return Some(strings.faillock_attempts_remaining.replace("{n}", &remaining.to_string()));
}
None
}
@@ -138,7 +140,7 @@ mod tests {
}
#[test] fn faillock_zero() { assert!(faillock_warning(0, 3, load_strings(Some("en"))).is_none()); }
#[test] fn faillock_one() { assert!(faillock_warning(1, 3, load_strings(Some("en"))).is_none()); }
#[test] fn faillock_one() { assert!(faillock_warning(1, 3, load_strings(Some("en"))).is_some()); }
#[test] fn faillock_two() { assert!(faillock_warning(2, 3, load_strings(Some("en"))).is_some()); }
#[test] fn faillock_three() { assert!(faillock_warning(3, 3, load_strings(Some("en"))).is_none()); }
@@ -150,11 +152,23 @@ mod tests {
let strings = load_strings(Some("en"));
for count in 0..max {
let result = faillock_warning(count, max, strings);
if max - count == 1 {
assert!(result.is_some(), "should warn at count={count}");
let remaining = max - count;
if remaining <= 2 {
assert!(result.is_some(), "should warn at count={count} (remaining={remaining})");
} else {
assert!(result.is_none(), "should not warn at count={count}");
}
}
}
#[test]
fn faillock_warns_progressively_with_higher_max() {
let strings = load_strings(Some("en"));
// With max=5: warn at count 3 (rem=2) and count 4 (rem=1), not at 0-2
assert!(faillock_warning(0, 5, strings).is_none());
assert!(faillock_warning(2, 5, strings).is_none());
assert!(faillock_warning(3, 5, strings).is_some());
assert!(faillock_warning(4, 5, strings).is_some());
assert!(faillock_warning(5, 5, strings).is_none()); // at max, caller handles lockout
}
}