moonlock

nevaforget/moonlock

Fork 0

Commit Graph

Author	SHA1	Message	Date
nevaforget	17f8930ff7	fix: security and correctness audit fixes (v0.4.1) PAM conv callback: check msg_style (password only for ECHO_OFF), handle strdup OOM with proper cleanup, null-check PAM handle. Fingerprint: self-wire D-Bus g-signal in start() via Rc<RefCell<>> and connect_local — VerifyStatus signals are now actually dispatched. VerifyStop before VerifyStart in restart_verify. Lockscreen: password entry stays active after faillock threshold (PAM decides lockout, not UI), use Zeroizing<String> from GTK entry. Release builds exit(1) without ext-session-lock-v1 support. Config: fingerprint_enabled as Option<bool> so empty user config does not override system config. Dead code: remove unused i18n strings and fingerprint accessors, parameterize faillock_warning max_attempts.	2026-03-28 00:06:27 +01:00
nevaforget	817a9547ad	Rewrite moonlock from Python to Rust (v0.4.0) Complete rewrite of the Wayland lockscreen from Python/PyGObject to Rust/gtk4-rs for memory safety in security-critical PAM code and consistency with the moonset/moongreet Rust ecosystem. Modules: main, lockscreen, auth (PAM FFI), fingerprint (fprintd D-Bus), config, i18n, users, power. 37 unit tests. Security: PAM conversation callback with Zeroizing password, panic hook that never unlocks, root check, ext-session-lock-v1 compositor policy, absolute loginctl path, avatar symlink rejection.	2026-03-27 23:09:54 +01:00
nevaforget	d1c0b741fa	Initial project setup with core modules Moonlock lockscreen scaffolding: PAM auth (ctypes), fprintd D-Bus listener, i18n (DE/EN), user detection, power actions. 33 tests passing.	2026-03-26 12:28:17 +01:00

Author

SHA1

Message

Date

nevaforget

17f8930ff7

fix: security and correctness audit fixes (v0.4.1)

PAM conv callback: check msg_style (password only for ECHO_OFF),
handle strdup OOM with proper cleanup, null-check PAM handle.

Fingerprint: self-wire D-Bus g-signal in start() via Rc<RefCell<>>
and connect_local — VerifyStatus signals are now actually dispatched.
VerifyStop before VerifyStart in restart_verify.

Lockscreen: password entry stays active after faillock threshold
(PAM decides lockout, not UI), use Zeroizing<String> from GTK entry.

Release builds exit(1) without ext-session-lock-v1 support.

Config: fingerprint_enabled as Option<bool> so empty user config
does not override system config.

Dead code: remove unused i18n strings and fingerprint accessors,
parameterize faillock_warning max_attempts.

2026-03-28 00:06:27 +01:00

nevaforget

817a9547ad

Rewrite moonlock from Python to Rust (v0.4.0)

Complete rewrite of the Wayland lockscreen from Python/PyGObject to
Rust/gtk4-rs for memory safety in security-critical PAM code and
consistency with the moonset/moongreet Rust ecosystem.

Modules: main, lockscreen, auth (PAM FFI), fingerprint (fprintd D-Bus),
config, i18n, users, power. 37 unit tests.

Security: PAM conversation callback with Zeroizing password, panic hook
that never unlocks, root check, ext-session-lock-v1 compositor policy,
absolute loginctl path, avatar symlink rejection.

2026-03-27 23:09:54 +01:00

nevaforget

d1c0b741fa

Initial project setup with core modules

Moonlock lockscreen scaffolding: PAM auth (ctypes), fprintd D-Bus
listener, i18n (DE/EN), user detection, power actions.
33 tests passing.

2026-03-26 12:28:17 +01:00

3 Commits