A small screenlocker for Wayland compositors
This is the final waylock release that will be announced on github. Future development will happen at the new codeberg repository, https://codeberg.org/ifreund/waylock. This release and all past releases may be found there as well.
Github is a proprietary platform with interests increasingly misaligned with my values. Free and open source software like waylock belongs on an open, community-driven platform such as codeberg.
This release contains a bugfix that prevents waylock from committing a protocol error if, e.g. a monitor is unplugged while the session is locked. Due to the design of the ext-session-lock-v1 protocol, this is not a security issue.
Full changelog:
Isaac Freund (4):
build: bump version to 0.6.4-dev
Output: don't destroy surface before role object
docs: migrate to codeberg
build: bump version to 0.6.4
This release contains a few small usability improvements and updates the required Zig version to 0.11.
Full changelog:
Daniel Lublin (1):
Seat: don't set input color if no character input
Isaac Freund (5):
build: bump version to 0.6.3-dev
build: clean up after Zig 0.11.0 update
Lock: add -ignore-empty-password option
docs: mention existence and usefulness of swayidle
build: bump version to 0.6.3
Soc Virnyl Estela (1):
build: update to Zig 0.11.0
This release fixes a few minor issues. In particular waylock should now work correctly on FreeBSD.
Full changelog:
Isaac Freund (6):
build: bump version to 0.6.2-dev
ci: update Zig to 0.10.0 to fix build
deps: update zig-wayland to fix aarch64 build
Lock: ignore password submission before locked event
auth: fix getting username on FreeBSD
build: bump version to 0.6.2
This release updates the Zig version required to 0.10. Other than that, there are no changes since version 0.6.0.
Full changelog:
Isaac Freund (3):
build: bump version to 0.6.1-dev
deps: update to Zig 0.10
build: bump to version 0.6.1
This release requires the compositor to support the single-pixel-buffer-v1 protocol for even lower resource usage.
Full changelog:
Isaac Freund (5):
build: bump version to 0.6.0-dev
Lock: handle keyboard input before the locked event
Lock: require and use single-pixel-buffer-v1
docs: add repology packaging status to readme
build: bump version to 0.6.0
This release makes a few small changes to allow for even tighter security:
The new -fork-on-lock command line flag allows for race-condition-free suspend
after the screen has been locked.
Furthermore, all sensitive memory used by waylock is now better protected from paging to disk or inclusion in core dumps with hints to the operating system.
Full changelog:
Abdullah Khabir (1):
docs: fix typo in man page
Isaac Freund (16):
build: bump version to 0.5.0-dev
docs: Expand on -Dcpu in PACKAGING.md
docs: Add note on compositor ext-session-lock-v1 support
Lock: simplify poll usage
Lock: work around race in libwayland-server
Lock: update comment, it's not a workaround
auth: fix error handling edge case in conversation
Lock: fix overly tight assertion
Lock: add -fork-on-lock option
Lock: Better protect password buffer memory
Lock: wait to mlock until after fork
Lock: Fix crash if session is already locked
Lock: exit immediately on finished event if locked
docs: remove outdated ext-session-lock support info
docs: remove outdated setsid(1) references
build: bump to version 0.5.0
Jordan Isaacs (1):
docs: fix tabs in man page
This release fixes two small issues that could cause waylock to crash under certain circumstances.
One of these issues is an invalid free that can occur with certain PAM configurations/modules including the pam_systemd_home module. I do not believe this bug to be exploitable.
Abdullah Khabir (1):
docs: fix typo in man page
Isaac Freund (5):
build: bump version to 0.4.2-dev
Lock: update comment, it's not a workaround
auth: fix error handling edge case in conversation
Lock: fix overly tight assertion
build: bump version to 0.4.2
waylock 0.4.1
This patch release adds a workaround for a race condition in libwayland-server that can lead to the session remaining locked after the password has been entered correctly and waylock has exited.
I've sent a patch to upstream libwayland to fix this issue, but it likely will be a while before it lands in a wayland release and makes its way into distro repositories.
See https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/262
Isaac Freund (6):
build: bump version to 0.4.1-dev
docs: Expand on -Dcpu in PACKAGING.md
docs: Add note on compositor ext-session-lock-v1 support
Lock: simplify poll usage
Lock: work around race in libwayland-server
build: bump version to 0.4.1
Waylock now uses the ext-session-lock-v1 protocol which is significantly more robust than previous client-side Wayland screen locking approaches. Importantly, the screenlocker crashing does not cause the session to be unlocked.
This means that waylock is now only compatible with compositors implementing ext-session-lock-v1.
In addition, waylock has been entirely rewritten since version 0.3.5 for security and simplicity. It now benefits from everything I've learned about Wayland and programming in general over the past few years working on river.
Waylock 0.4.0 will also use less memory than the previous version thanks to an optimization for solid color buffers using the viewporter protocol.
This release is highly breaking, there is no longer any config file and the command line interface has been changed as well. However, there is now better documentation including a man page.
The new feature set of waylock is one I am comfortable maintaining indefinitely and I intend the next major release to be a stable 1.0.
Full changelog:
Isaac Freund (37):
Delete all code
Implement barebones wayland side of things
Implement password authentication using PAM
Move authentication to a child process
Improve event loop robustness
Clean up initialization of output structs
Implement color transitions
docs: Add README.md
pam: Use a proper PAM service name
docs: Improve README
deps: update zig-wayland
docs: Add PAM to listed dependencies
output: clean up buffer handling
cli: implement -h, -version, -log-level
Lock: clean up all memory leaks
cli: Implement color configuration
docs: Update usage section in readme
docs: add a man page
deps: update to latest zig-wayland version
Seat: clean up TODO in keyboard event handling
ci: add Alpine, Archlinux, and FreeBSD builds
freebsd: add support
Lock: remove uneeded TODOs
auth: make success a debug log
Lock: handle wl_seat removal
style: improve consistency of error messages
build: follow semantic versioning for -dev versions
docs: document setsid(1) usage to daemonize
docs: fix typos in previous commits
docs: Make minor clarification in readme
deps: update to latest zig-wayland version
build: add -Dstrip and -Dpie build options
docs: Create PACKAGING.md
docs: Fix typo in README
docs: Add note on source tarballs to PACKAGING.md
docs: Add link to PACKAGING.md in readme
build: bump version to 0.4.0
Leon Henrik Plickat (1):
output: use viewporter to save memory
Peter Kaplan (1):
UI: Clear password with Ctrl-U
Isaac Freund (2):
Bind wl_output at version 3
Bump version