From e39cf86d33966fbbaa7e52530263d9f11370a00b Mon Sep 17 00:00:00 2001
From: Animesh Sahu <animeshsahu19@yahoo.com>
Date: Fri, 20 May 2022 14:39:27 +0530
Subject: [PATCH 1/3] bump 1.94.2

---
 meson.build       |  4 ++--
 pam/pam_fprintd.c | 12 +++++++++---
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/meson.build b/meson.build
index 64b8297..9062a0a 100644
--- a/meson.build
+++ b/meson.build
@@ -1,5 +1,5 @@
 project('fprintd', 'c',
-    version: '1.94.1',
+    version: '1.94.2',
     license: 'GPLv2+',
     default_options: [
         'buildtype=debugoptimized',
@@ -154,7 +154,7 @@ python3_available_modules = []
 
 foreach module, required : python3_test_modules
     if required and run_command(python3, '-c', 'import @0@'.format(module)).returncode() != 0
-        error('Python3 module \'' + module + '\' required by test suite not found')
+        warning('Python3 module \'' + module + '\' required by test suite not found')
     endif
 endforeach
 
diff --git a/pam/pam_fprintd.c b/pam/pam_fprintd.c
index 06b1cf3..3978bce 100644
--- a/pam/pam_fprintd.c
+++ b/pam/pam_fprintd.c
@@ -22,6 +22,7 @@
 #include <security/_pam_types.h>
 
 #define _GNU_SOURCE
+#include <limits.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdint.h>
@@ -460,7 +461,10 @@ do_verify (sd_bus *bus, verify_data *data)
 
   while (data->max_tries > 0)
     {
-      uint64_t verification_end = now () + (timeout * USEC_PER_SEC);
+      uint64_t verification_end = ULONG_MAX;
+
+      if (timeout != UINT_MAX)
+        verification_end = now () + (timeout * USEC_PER_SEC);
 
       data->timed_out = false;
       data->verify_started = false;
@@ -874,7 +878,8 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc,
             }
           else if (str_has_prefix (argv[i], MAX_TRIES_MATCH) && strlen (argv[i]) > strlen (MAX_TRIES_MATCH))
             {
-              max_tries = atoi (argv[i] + strlen (MAX_TRIES_MATCH));
+              int opt_max_tries = atoi (argv[i] + strlen (MAX_TRIES_MATCH));
+              max_tries = (opt_max_tries < 0 ? UINT_MAX : (unsigned) opt_max_tries);
               if (max_tries < 1)
                 {
                   if (debug)
@@ -887,7 +892,8 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc,
             }
           else if (str_has_prefix (argv[i], TIMEOUT_MATCH) && strlen (argv[i]) <= strlen (TIMEOUT_MATCH) + 2)
             {
-              timeout = atoi (argv[i] + strlen (TIMEOUT_MATCH));
+              int opt_timeout = atoi (argv[i] + strlen (TIMEOUT_MATCH));
+              timeout = (opt_timeout < 0 ? UINT_MAX : (unsigned) opt_timeout);
               if (timeout < MIN_TIMEOUT)
                 {
                   if (debug)

From 0832c9f973d40e40061b1506a06f1adc1f2d5fe6 Mon Sep 17 00:00:00 2001
From: Animesh Sahu <animeshsahu19@yahoo.com>
Date: Fri, 20 May 2022 15:49:48 +0530
Subject: [PATCH 2/3] Write a \n by default, instead of triple astericks, which
 alot of times printed in newline and inconsistent

---
 pam/pam_fprintd.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/pam/pam_fprintd.c b/pam/pam_fprintd.c
index 3978bce..a4278f7 100644
--- a/pam/pam_fprintd.c
+++ b/pam/pam_fprintd.c
@@ -738,7 +738,7 @@ prompt_pw (void *d)
 {
   verify_data *data = d;
   char *pw;
-  pam_prompt (data->pamh, PAM_PROMPT_ECHO_OFF, &pw, "Enter Password or Place finger on fingerprint reader: ");
+  pam_prompt (data->pamh, PAM_PROMPT_ECHO_OFF, &pw, "Enter Password or Place finger on fingerprint reader: \n");
   pam_set_item (data->pamh, PAM_AUTHTOK, pw);
   data->stop_got_pw = true;
   if (debug)
@@ -792,7 +792,6 @@ do_auth (pam_handle_t *pamh, const char *username)
 
       int ret = do_verify(bus, data);
       pthread_cancel (pw_prompt_thread);
-      pam_prompt(data->pamh, PAM_TEXT_INFO, NULL, "***");
 
       /* Simply disconnect from bus if we return PAM_SUCCESS */
       if (ret != PAM_SUCCESS)

From 9107e1c09c2f48e8a3b57a2d12a71ae2cf330dfc Mon Sep 17 00:00:00 2001
From: Animesh Sahu <animeshsahu19@yahoo.com>
Date: Fri, 20 May 2022 17:13:32 +0530
Subject: [PATCH 3/3] Add signal handler before starting process to verify
 using password prompt, fixing #3

---
 pam/pam_fprintd.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pam/pam_fprintd.c b/pam/pam_fprintd.c
index a4278f7..5dd7e98 100644
--- a/pam/pam_fprintd.c
+++ b/pam/pam_fprintd.c
@@ -455,7 +455,6 @@ do_verify (sd_bus *bus, verify_data *data)
 
   sigemptyset (&signals);
   sigaddset (&signals, SIGINT);
-  signal (SIGUSR1, handle_sigusr1);
   sigaddset (&signals, SIGUSR1);
   signal_fd = signalfd (signal_fd, &signals, SFD_NONBLOCK);
 
@@ -786,6 +785,8 @@ do_auth (pam_handle_t *pamh, const char *username)
       data->stop_got_pw = false;
       data->ppid = getpid();
 
+      signal (SIGUSR1, handle_sigusr1);
+
       pthread_t pw_prompt_thread;
       if (pthread_create (&pw_prompt_thread, NULL, (void*) &prompt_pw, data) != 0)
         send_err_msg (pamh, _("Failed to create thread"));