summaryrefslogtreecommitdiff
path: root/desktop/slock/patches
diff options
context:
space:
mode:
authorRobby Workman <rworkman@slackbuilds.org>2017-05-14 20:43:17 -0500
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2017-05-20 06:52:19 +0700
commitcddf5d65df49860476aeb1decbbdeaf512c575ab (patch)
treebb2037d25803b9f2e4d814598256970eb65afd7a /desktop/slock/patches
parentb3120d1f3bdb200ba98df85c855ccfd10eb31d15 (diff)
downloadslackbuilds-cddf5d65df49860476aeb1decbbdeaf512c575ab.tar.gz
desktop/slock: Updated for version 1.4.
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
Diffstat (limited to 'desktop/slock/patches')
-rw-r--r--desktop/slock/patches/0001-Simplify-the-oom-taming-function.patch60
-rw-r--r--desktop/slock/patches/0002-Clarify-config.def.h.patch28
-rw-r--r--desktop/slock/patches/0003-No-need-for-usage.patch102
-rw-r--r--desktop/slock/patches/0004-Use-argv0-instead-of-passing-slock-to-die-every-time.patch125
-rw-r--r--desktop/slock/patches/0005-revert-using-argv0-and-minor-fixup.patch78
-rw-r--r--desktop/slock/patches/0006-Revert-No-need-for-usage.patch90
-rw-r--r--desktop/slock/patches/0007-clear-passwords-with-explicit_bzero.patch146
-rw-r--r--desktop/slock/patches/config.mk.patch11
8 files changed, 6 insertions, 634 deletions
diff --git a/desktop/slock/patches/0001-Simplify-the-oom-taming-function.patch b/desktop/slock/patches/0001-Simplify-the-oom-taming-function.patch
deleted file mode 100644
index 993cab2491..0000000000
--- a/desktop/slock/patches/0001-Simplify-the-oom-taming-function.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 3abbffa4934a62146e995ee7c2cf3ba50991b4ad Mon Sep 17 00:00:00 2001
-From: FRIGN <dev@frign.de>
-Date: Sun, 14 Feb 2016 01:28:37 +0100
-Subject: [PATCH 1/7] Simplify the oom-taming-function
-
-There really is no need to source a defined variable from a linux
-header. The OOM-rank ranges from -1000 to 1000, so we can safely
-hardcode -1000, which is a sane thing to do given slock is suid and
-we don't want to play around too much here anyway.
-
-On another notice, let's not forget that this still is a shitty
-heuristic. The OOM-killer still can kill us (thus I also changed
-the wording in the error-message. We do not disable the OOM-killer,
-we're just hiding.
----
- slock.c | 20 ++++++--------------
- 1 file changed, 6 insertions(+), 14 deletions(-)
-
-diff --git a/slock.c b/slock.c
-index cf49555..3188ff7 100644
---- a/slock.c
-+++ b/slock.c
-@@ -60,28 +60,20 @@ die(const char *errstr, ...)
-
- #ifdef __linux__
- #include <fcntl.h>
--#include <linux/oom.h>
-
- static void
- dontkillme(void)
- {
- int fd;
-- int length;
-- char value[64];
-
- fd = open("/proc/self/oom_score_adj", O_WRONLY);
-- if (fd < 0 && errno == ENOENT)
-+ if (fd < 0 && errno == ENOENT) {
- return;
--
-- /* convert OOM_SCORE_ADJ_MIN to string for writing */
-- length = snprintf(value, sizeof(value), "%d\n", OOM_SCORE_ADJ_MIN);
--
-- /* bail on truncation */
-- if (length >= sizeof(value))
-- die("buffer too small\n");
--
-- if (fd < 0 || write(fd, value, length) != length || close(fd) != 0)
-- die("cannot disable the out-of-memory killer for this process (make sure to suid or sgid slock)\n");
-+ }
-+ if (fd < 0 || write(fd, "-1000\n", (sizeof("-1000\n") - 1)) !=
-+ (sizeof("-1000\n") - 1) || close(fd) != 0) {
-+ die("can't tame the oom-killer. is suid or sgid set?\n");
-+ }
- }
- #endif
-
---
-2.9.2
-
diff --git a/desktop/slock/patches/0002-Clarify-config.def.h.patch b/desktop/slock/patches/0002-Clarify-config.def.h.patch
deleted file mode 100644
index c5d05a892b..0000000000
--- a/desktop/slock/patches/0002-Clarify-config.def.h.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From bdcbeab0d8ac0963c61ae1d9d1ed57d3effb8ec3 Mon Sep 17 00:00:00 2001
-From: FRIGN <dev@frign.de>
-Date: Sun, 14 Feb 2016 01:32:02 +0100
-Subject: [PATCH 2/7] Clarify config.def.h
-
-Clear up the wording a bit and explain what failonclear means.
----
- config.def.h | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/config.def.h b/config.def.h
-index fca0ae0..eae2d9a 100644
---- a/config.def.h
-+++ b/config.def.h
-@@ -1,6 +1,8 @@
- static const char *colorname[NUMCOLS] = {
- "black", /* after initialization */
- "#005577", /* during input */
-- "#CC3333", /* failed/cleared the input */
-+ "#CC3333", /* wrong password */
- };
--static const Bool failonclear = True;
-+
-+/* treat a cleared input like a wrong password */
-+static const int failonclear = 1;
---
-2.9.2
-
diff --git a/desktop/slock/patches/0003-No-need-for-usage.patch b/desktop/slock/patches/0003-No-need-for-usage.patch
deleted file mode 100644
index 9eb7b4b256..0000000000
--- a/desktop/slock/patches/0003-No-need-for-usage.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From a6dc051e3744ce5b14c54d2d246d3e8258207e76 Mon Sep 17 00:00:00 2001
-From: FRIGN <dev@frign.de>
-Date: Sun, 14 Feb 2016 01:48:48 +0100
-Subject: [PATCH 3/7] No need for usage()
-
-There are 2 arguments why -v and -h are broken:
-
- 1) if you are running off git, -v will show the last stable
- release, effectively making this option useless.
- people running stable versions leave open an attack surface
- this way in case there are vulnerabilities found.
- 99% of the people are also using package managers to keep
- their software up to date, instead of running $TOOL -v to
- check how old it is.
- 2) -h is a sad excuse for not just looking at the manual page
- (man 1 slock). Given we accept a post_lock_command, we can't
- be as liberal and just intercept certain flags.
-
-I changed the manpage to reflect this change.
----
- slock.1 | 24 +++++++-----------------
- slock.c | 16 ++--------------
- 2 files changed, 9 insertions(+), 31 deletions(-)
-
-diff --git a/slock.1 b/slock.1
-index 1f946d9..467194d 100644
---- a/slock.1
-+++ b/slock.1
-@@ -1,29 +1,19 @@
- .TH SLOCK 1 slock\-VERSION
- .SH NAME
--slock \- simple X display locker
-+slock \- simple X screen locker
- .SH SYNOPSIS
- .B slock
--.RB [ \-v
--|
--.IR post_lock_command ]
-+.RB [
-+.IR cmd
-+]
- .SH DESCRIPTION
- .B slock
--is a screen locker for X. If provided, the
--.IR post_lock_command
--will be executed when the screen is locked.
--.SH OPTIONS
--.TP
--.B \-v
--prints version information to stdout, then exits.
-+is an X screen locker. If provided,
-+.IR cmd
-+is executed after the screen has been locked.
- .SH EXAMPLES
- $ slock /usr/sbin/s2ram
- .SH CUSTOMIZATION
- .B slock
- can be customized by creating a custom config.h and (re)compiling the source
- code. This keeps it fast, secure and simple.
--.SH AUTHORS
--See the LICENSE file for the authors.
--.SH LICENSE
--See the LICENSE file for the terms of redistribution.
--.SH BUGS
--Please report them.
-diff --git a/slock.c b/slock.c
-index 3188ff7..4531f95 100644
---- a/slock.c
-+++ b/slock.c
-@@ -272,27 +272,15 @@ lockscreen(Display *dpy, int screen)
- return NULL;
- }
-
--static void
--usage(void)
--{
-- fprintf(stderr, "usage: slock [-v|POST_LOCK_CMD]\n");
-- exit(1);
--}
--
- int
--main(int argc, char **argv) {
-+main(int argc, char **argv)
-+{
- #ifndef HAVE_BSD_AUTH
- const char *pws;
- #endif
- Display *dpy;
- int screen;
-
-- if ((argc == 2) && !strcmp("-v", argv[1]))
-- die("slock-%s, © 2006-2016 slock engineers\n", VERSION);
--
-- if ((argc == 2) && !strcmp("-h", argv[1]))
-- usage();
--
- #ifdef __linux__
- dontkillme();
- #endif
---
-2.9.2
-
diff --git a/desktop/slock/patches/0004-Use-argv0-instead-of-passing-slock-to-die-every-time.patch b/desktop/slock/patches/0004-Use-argv0-instead-of-passing-slock-to-die-every-time.patch
deleted file mode 100644
index 954df8f8d3..0000000000
--- a/desktop/slock/patches/0004-Use-argv0-instead-of-passing-slock-to-die-every-time.patch
+++ /dev/null
@@ -1,125 +0,0 @@
-From b02c4d452a7942d4be3c69e6f98dafd35a2e4e78 Mon Sep 17 00:00:00 2001
-From: FRIGN <dev@frign.de>
-Date: Sun, 14 Feb 2016 02:13:54 +0100
-Subject: [PATCH 4/7] Use argv0 instead of passing "slock:" to die every time
-
----
- slock.c | 28 ++++++++++++++++------------
- 1 file changed, 16 insertions(+), 12 deletions(-)
-
-diff --git a/slock.c b/slock.c
-index 4531f95..a0ffed0 100644
---- a/slock.c
-+++ b/slock.c
-@@ -46,6 +46,7 @@ static Bool failure = False;
- static Bool rr;
- static int rrevbase;
- static int rrerrbase;
-+static char *argv0;
-
- static void
- die(const char *errstr, ...)
-@@ -53,6 +54,7 @@ die(const char *errstr, ...)
- va_list ap;
-
- va_start(ap, errstr);
-+ fprintf(stderr, "%s: ", argv0);
- vfprintf(stderr, errstr, ap);
- va_end(ap);
- exit(1);
-@@ -88,9 +90,9 @@ getpw(void)
- errno = 0;
- if (!(pw = getpwuid(getuid()))) {
- if (errno)
-- die("slock: getpwuid: %s\n", strerror(errno));
-+ die("getpwuid: %s\n", strerror(errno));
- else
-- die("slock: cannot retrieve password entry\n");
-+ die("cannot retrieve password entry\n");
- }
- rval = pw->pw_passwd;
-
-@@ -98,7 +100,7 @@ getpw(void)
- if (rval[0] == 'x' && rval[1] == '\0') {
- struct spwd *sp;
- if (!(sp = getspnam(getenv("USER"))))
-- die("slock: cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
-+ die("cannot retrieve shadow entry (make sure to suid or sgid slock)\n");
- rval = sp->sp_pwdp;
- }
- #endif
-@@ -106,7 +108,7 @@ getpw(void)
- /* drop privileges */
- if (geteuid() == 0 &&
- ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0))
-- die("slock: cannot drop privileges\n");
-+ die("cannot drop privileges\n");
- return rval;
- }
- #endif
-@@ -254,7 +256,7 @@ lockscreen(Display *dpy, int screen)
- usleep(1000);
- }
- if (!len) {
-- fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", screen);
-+ fprintf(stderr, "unable to grab mouse pointer for screen %d\n", screen);
- } else {
- for (len = 1000; len; len--) {
- if (XGrabKeyboard(dpy, lock->root, True, GrabModeAsync, GrabModeAsync, CurrentTime) == GrabSuccess) {
-@@ -264,7 +266,7 @@ lockscreen(Display *dpy, int screen)
- }
- usleep(1000);
- }
-- fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", screen);
-+ fprintf(stderr, "unable to grab keyboard for screen %d\n", screen);
- }
- /* grabbing one of the inputs failed */
- running = 0;
-@@ -281,24 +283,26 @@ main(int argc, char **argv)
- Display *dpy;
- int screen;
-
-+ argv0 = argv[0], argc--, argv++;
-+
- #ifdef __linux__
- dontkillme();
- #endif
-
- if (!getpwuid(getuid()))
-- die("slock: no passwd entry for you\n");
-+ die("no passwd entry for you\n");
-
- #ifndef HAVE_BSD_AUTH
- pws = getpw();
- #endif
-
- if (!(dpy = XOpenDisplay(0)))
-- die("slock: cannot open display\n");
-+ die("cannot open display\n");
- rr = XRRQueryExtension(dpy, &rrevbase, &rrerrbase);
- /* Get the number of screens in display "dpy" and blank them all. */
- nscreens = ScreenCount(dpy);
- if (!(locks = malloc(sizeof(Lock*) * nscreens)))
-- die("slock: malloc: %s\n", strerror(errno));
-+ die("Out of memory.\n");
- int nlocks = 0;
- for (screen = 0; screen < nscreens; screen++) {
- if ((locks[screen] = lockscreen(dpy, screen)) != NULL)
-@@ -313,11 +317,11 @@ main(int argc, char **argv)
- return 1;
- }
-
-- if (argc >= 2 && fork() == 0) {
-+ if (argc >= 1 && fork() == 0) {
- if (dpy)
- close(ConnectionNumber(dpy));
-- execvp(argv[1], argv+1);
-- die("slock: execvp %s failed: %s\n", argv[1], strerror(errno));
-+ execvp(argv[0], argv);
-+ die("execvp %s failed: %s\n", argv[0], strerror(errno));
- }
-
- /* Everything is now blank. Now wait for the correct password. */
---
-2.9.2
-
diff --git a/desktop/slock/patches/0005-revert-using-argv0-and-minor-fixup.patch b/desktop/slock/patches/0005-revert-using-argv0-and-minor-fixup.patch
deleted file mode 100644
index d1ae1e9dfa..0000000000
--- a/desktop/slock/patches/0005-revert-using-argv0-and-minor-fixup.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From ec46680fe10ffc69007b0a8b29d9e69c72704053 Mon Sep 17 00:00:00 2001
-From: Markus Teich <markus.teich@stusta.mhn.de>
-Date: Mon, 15 Feb 2016 14:00:56 +0100
-Subject: [PATCH 5/7] revert using argv0 and minor fixup
-
-- use hardcoded "slock" instead of argv[0]
-- add "slock: " to fprintf calls, where it was missing
-- revert `argc--, argv++` shifting
----
- slock.c | 15 ++++++---------
- 1 file changed, 6 insertions(+), 9 deletions(-)
-
-diff --git a/slock.c b/slock.c
-index a0ffed0..2aa395e 100644
---- a/slock.c
-+++ b/slock.c
-@@ -46,15 +46,14 @@ static Bool failure = False;
- static Bool rr;
- static int rrevbase;
- static int rrerrbase;
--static char *argv0;
-
- static void
- die(const char *errstr, ...)
- {
- va_list ap;
-
-+ fputs("slock: ", stderr);
- va_start(ap, errstr);
-- fprintf(stderr, "%s: ", argv0);
- vfprintf(stderr, errstr, ap);
- va_end(ap);
- exit(1);
-@@ -256,7 +255,7 @@ lockscreen(Display *dpy, int screen)
- usleep(1000);
- }
- if (!len) {
-- fprintf(stderr, "unable to grab mouse pointer for screen %d\n", screen);
-+ fprintf(stderr, "slock: unable to grab mouse pointer for screen %d\n", screen);
- } else {
- for (len = 1000; len; len--) {
- if (XGrabKeyboard(dpy, lock->root, True, GrabModeAsync, GrabModeAsync, CurrentTime) == GrabSuccess) {
-@@ -266,7 +265,7 @@ lockscreen(Display *dpy, int screen)
- }
- usleep(1000);
- }
-- fprintf(stderr, "unable to grab keyboard for screen %d\n", screen);
-+ fprintf(stderr, "slock: unable to grab keyboard for screen %d\n", screen);
- }
- /* grabbing one of the inputs failed */
- running = 0;
-@@ -283,8 +282,6 @@ main(int argc, char **argv)
- Display *dpy;
- int screen;
-
-- argv0 = argv[0], argc--, argv++;
--
- #ifdef __linux__
- dontkillme();
- #endif
-@@ -317,11 +314,11 @@ main(int argc, char **argv)
- return 1;
- }
-
-- if (argc >= 1 && fork() == 0) {
-+ if (argc >= 2 && fork() == 0) {
- if (dpy)
- close(ConnectionNumber(dpy));
-- execvp(argv[0], argv);
-- die("execvp %s failed: %s\n", argv[0], strerror(errno));
-+ execvp(argv[1], argv+1);
-+ die("execvp %s failed: %s\n", argv[1], strerror(errno));
- }
-
- /* Everything is now blank. Now wait for the correct password. */
---
-2.9.2
-
diff --git a/desktop/slock/patches/0006-Revert-No-need-for-usage.patch b/desktop/slock/patches/0006-Revert-No-need-for-usage.patch
deleted file mode 100644
index 659685bc5d..0000000000
--- a/desktop/slock/patches/0006-Revert-No-need-for-usage.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From 65b8d5278882310eed758e6fbfd6ab9676db883c Mon Sep 17 00:00:00 2001
-From: Markus Teich <markus.teich@stusta.mhn.de>
-Date: Mon, 15 Feb 2016 14:15:45 +0100
-Subject: [PATCH 6/7] Revert "No need for usage()"
-
-This reverts most of commit a6dc051e3744ce5b14c54d2d246d3e8258207e76 and fixes
-some related stuff:
-
-- keep spelling fixes from original commit
-- make -h and -v also work when followed by more arguments
-- any unknown flag prints usage
-- fix output of -v to display "slock: version 1.3" instead of "slock: slock-1.3"
----
- slock.1 | 16 +++++++++++++---
- slock.c | 17 +++++++++++++++--
- 2 files changed, 28 insertions(+), 5 deletions(-)
-
-diff --git a/slock.1 b/slock.1
-index 467194d..0ef3e15 100644
---- a/slock.1
-+++ b/slock.1
-@@ -3,17 +3,27 @@
- slock \- simple X screen locker
- .SH SYNOPSIS
- .B slock
--.RB [
--.IR cmd
--]
-+.RB [ \-v
-+|
-+.IR cmd ]
- .SH DESCRIPTION
- .B slock
- is an X screen locker. If provided,
- .IR cmd
- is executed after the screen has been locked.
-+.SH OPTIONS
-+.TP
-+.B \-v
-+prints version information to stdout, then exits.
- .SH EXAMPLES
- $ slock /usr/sbin/s2ram
- .SH CUSTOMIZATION
- .B slock
- can be customized by creating a custom config.h and (re)compiling the source
- code. This keeps it fast, secure and simple.
-+.SH AUTHORS
-+See the LICENSE file for the authors.
-+.SH LICENSE
-+See the LICENSE file for the terms of redistribution.
-+.SH BUGS
-+Please report them.
-diff --git a/slock.c b/slock.c
-index 2aa395e..c9cdee2 100644
---- a/slock.c
-+++ b/slock.c
-@@ -273,15 +273,28 @@ lockscreen(Display *dpy, int screen)
- return NULL;
- }
-
--int
--main(int argc, char **argv)
-+static void
-+usage(void)
- {
-+ fprintf(stderr, "usage: slock [-v|POST_LOCK_CMD]\n");
-+ exit(1);
-+}
-+
-+int
-+main(int argc, char **argv) {
- #ifndef HAVE_BSD_AUTH
- const char *pws;
- #endif
- Display *dpy;
- int screen;
-
-+ if ((argc >= 2) && !strcmp("-v", argv[1]))
-+ die("version %s, © 2006-2016 slock engineers\n", VERSION);
-+
-+ /* treat first argument starting with a '-' as option */
-+ if ((argc >= 2) && argv[1][0] == '-')
-+ usage();
-+
- #ifdef __linux__
- dontkillme();
- #endif
---
-2.9.2
-
diff --git a/desktop/slock/patches/0007-clear-passwords-with-explicit_bzero.patch b/desktop/slock/patches/0007-clear-passwords-with-explicit_bzero.patch
deleted file mode 100644
index 3d43e9a9bf..0000000000
--- a/desktop/slock/patches/0007-clear-passwords-with-explicit_bzero.patch
+++ /dev/null
@@ -1,146 +0,0 @@
-From a7afade1701a809f6a33b53525d59dd29b38d381 Mon Sep 17 00:00:00 2001
-From: Hiltjo Posthuma <hiltjo@codemadness.org>
-Date: Sun, 31 Jul 2016 13:43:00 +0200
-Subject: [PATCH 7/7] clear passwords with explicit_bzero
-
-Make sure to explicitly clear memory that is used for password input. memset
-is often optimized out by the compiler.
-
-Brought to attention by the OpenBSD community, see:
-https://marc.info/?t=146989502600003&r=1&w=2
-Thread subject: x11/slock: clear passwords with explicit_bzero
-
-Changes:
-
-- explicit_bzero.c import from libressl-portable.
-- Makefile: add COMPATSRC for compatibility src.
-- config.mk: add separate *BSD section in config.mk to simply uncomment it on
- these platforms.
----
- Makefile | 6 +++---
- config.mk | 4 ++++
- explicit_bzero.c | 19 +++++++++++++++++++
- slock.c | 8 ++++++--
- util.h | 2 ++
- 5 files changed, 34 insertions(+), 5 deletions(-)
- create mode 100644 explicit_bzero.c
- create mode 100644 util.h
-
-diff --git a/Makefile b/Makefile
-index 86b3437..8b3e248 100644
---- a/Makefile
-+++ b/Makefile
-@@ -3,7 +3,7 @@
-
- include config.mk
-
--SRC = slock.c
-+SRC = slock.c ${COMPATSRC}
- OBJ = ${SRC:.c=.o}
-
- all: options slock
-@@ -35,8 +35,8 @@ clean:
- dist: clean
- @echo creating dist tarball
- @mkdir -p slock-${VERSION}
-- @cp -R LICENSE Makefile README config.def.h config.mk ${SRC} slock.1 \
-- slock-${VERSION}
-+ @cp -R LICENSE Makefile README config.def.h config.mk ${SRC} \
-+ explicit_bzero.c slock.1 slock-${VERSION}
- @tar -cf slock-${VERSION}.tar slock-${VERSION}
- @gzip slock-${VERSION}.tar
- @rm -rf slock-${VERSION}
-diff --git a/config.mk b/config.mk
-index f93879e..3afc061 100644
---- a/config.mk
-+++ b/config.mk
-@@ -18,9 +18,13 @@ LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr
- CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
- CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
- LDFLAGS = -s ${LIBS}
-+COMPATSRC = explicit_bzero.c
-
- # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
- # On OpenBSD and Darwin remove -lcrypt from LIBS
-+#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr
-+#CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_BSD_AUTH -D_BSD_SOURCE
-+#COMPATSRC =
-
- # compiler and linker
- CC = cc
-diff --git a/explicit_bzero.c b/explicit_bzero.c
-new file mode 100644
-index 0000000..3e33ca8
---- /dev/null
-+++ b/explicit_bzero.c
-@@ -0,0 +1,19 @@
-+/* $OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */
-+/*
-+ * Public domain.
-+ * Written by Matthew Dempsky.
-+ */
-+
-+#include <string.h>
-+
-+__attribute__((weak)) void
-+__explicit_bzero_hook(void *buf, size_t len)
-+{
-+}
-+
-+void
-+explicit_bzero(void *buf, size_t len)
-+{
-+ memset(buf, 0, len);
-+ __explicit_bzero_hook(buf, len);
-+}
-diff --git a/slock.c b/slock.c
-index c9cdee2..a00fbb9 100644
---- a/slock.c
-+++ b/slock.c
-@@ -23,6 +23,8 @@
- #include <bsd_auth.h>
- #endif
-
-+#include "util.h"
-+
- enum {
- INIT,
- INPUT,
-@@ -135,7 +137,7 @@ readpw(Display *dpy, const char *pws)
- * timeout. */
- while (running && !XNextEvent(dpy, &ev)) {
- if (ev.type == KeyPress) {
-- buf[0] = 0;
-+ explicit_bzero(&buf, sizeof(buf));
- num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
- if (IsKeypadKey(ksym)) {
- if (ksym == XK_KP_Enter)
-@@ -161,14 +163,16 @@ readpw(Display *dpy, const char *pws)
- XBell(dpy, 100);
- failure = True;
- }
-+ explicit_bzero(&passwd, sizeof(passwd));
- len = 0;
- break;
- case XK_Escape:
-+ explicit_bzero(&passwd, sizeof(passwd));
- len = 0;
- break;
- case XK_BackSpace:
- if (len)
-- --len;
-+ passwd[len--] = 0;
- break;
- default:
- if (num && !iscntrl((int)buf[0]) && (len + num < sizeof(passwd))) {
-diff --git a/util.h b/util.h
-new file mode 100644
-index 0000000..6f748b8
---- /dev/null
-+++ b/util.h
-@@ -0,0 +1,2 @@
-+#undef explicit_bzero
-+void explicit_bzero(void *, size_t);
---
-2.9.2
-
diff --git a/desktop/slock/patches/config.mk.patch b/desktop/slock/patches/config.mk.patch
index b1c5821101..3e74412295 100644
--- a/desktop/slock/patches/config.mk.patch
+++ b/desktop/slock/patches/config.mk.patch
@@ -1,11 +1,12 @@
---- slock-1.2/config.mk.orig 2014-12-22 11:18:07.000000000 +0100
-+++ slock-1.2/config.mk 2015-03-01 16:50:44.945646629 +0100
-@@ -15,7 +15,7 @@
+diff -Nur slock-1.4.orig/config.mk slock-1.4/config.mk
+--- slock-1.4.orig/config.mk 2016-11-19 18:31:23.000000000 -0600
++++ slock-1.4/config.mk 2017-05-14 20:23:33.114633934 -0500
+@@ -16,7 +16,7 @@
# flags
- CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
+ CPPFLAGS = -DVERSION=\"${VERSION}\" -D_DEFAULT_SOURCE -DHAVE_SHADOW_H
-CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
+CFLAGS = @SLACKCFLAGS@ -std=c99 -pedantic -Wall ${INCS} ${CPPFLAGS}
LDFLAGS = -s ${LIBS}
+ COMPATSRC = explicit_bzero.c
- # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH