22592978 Move xscreensaver to the Userland gate
authorAlan Coopersmith <Alan.Coopersmith@Oracle.COM>
Sun, 31 Jan 2016 19:31:13 -0800
changeset 5400 1199f8e91f50
parent 5399 88010dbde9bb
child 5401 f2be11bc1430
22592978 Move xscreensaver to the Userland gate
components/desktop/xscreensaver/Makefile
components/desktop/xscreensaver/files/unlock-logo.png
components/desktop/xscreensaver/files/xscreensaver-hacks-gl.license.txt
components/desktop/xscreensaver/files/xscreensaver-hacks.license.txt
components/desktop/xscreensaver/files/xscreensaver.desktop
components/desktop/xscreensaver/files/xscreensaver.license.txt
components/desktop/xscreensaver/history
components/desktop/xscreensaver/patches/01-intltool.patch
components/desktop/xscreensaver/patches/02-Solaris.app-defaults.patch
components/desktop/xscreensaver/patches/03-GNOME-desktop.patch
components/desktop/xscreensaver/patches/04-solaris-paths.patch
components/desktop/xscreensaver/patches/05-atoms.patch
components/desktop/xscreensaver/patches/06-gtk-lock.patch
components/desktop/xscreensaver/patches/07-allow-root.patch
components/desktop/xscreensaver/patches/08-passwdTimeout-pref.patch
components/desktop/xscreensaver/patches/09-dpms.patch
components/desktop/xscreensaver/patches/10-security_policy.patch
components/desktop/xscreensaver/patches/11-pam_audit.patch
components/desktop/xscreensaver/patches/12-barcode-hack.patch
components/desktop/xscreensaver/patches/13-glsnake.patch
components/desktop/xscreensaver/patches/14-bug-15426641.patch
components/desktop/xscreensaver/patches/15-bug-15411287.patch
components/desktop/xscreensaver/patches/16-bug-15412661.patch
components/desktop/xscreensaver/patches/17-bug-15411306.patch
components/desktop/xscreensaver/patches/18-bug-15141135.patch
components/desktop/xscreensaver/patches/19-bug-15574928.patch
components/desktop/xscreensaver/patches/20-bug-15652522.patch
components/desktop/xscreensaver/patches/21-verbose.patch
components/desktop/xscreensaver/patches/22-bug-15706879.patch
components/desktop/xscreensaver/patches/23-bug-15769303.patch
components/desktop/xscreensaver/patches/24-bug-15772119.patch
components/desktop/xscreensaver/patches/25-bug-15700093.patch
components/desktop/xscreensaver/patches/26-forkpty.patch
components/desktop/xscreensaver/xscreensaver-hacks-gl.p5m
components/desktop/xscreensaver/xscreensaver-hacks.p5m
components/desktop/xscreensaver/xscreensaver.p5m
make-rules/shared-macros.mk
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/Makefile	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,175 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+#
+
+include ../../../make-rules/shared-macros.mk
+
+COMPONENT_NAME=		xscreensaver
+COMPONENT_VERSION=	5.15
+COMPONENT_PROJECT_URL=	https://www.jwz.org/xscreensaver/
+COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
+COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
+COMPONENT_ARCHIVE_HASH=	\
+    sha256:4f6d1f1e4c15dbb74e2296f8fe57a73d47d602515178c248bbc838f779d5082d
+#COMPONENT_ARCHIVE_URL=	https://www.jwz.org/xscreensaver/$(COMPONENT_ARCHIVE)
+# jwz removes older tarballs, and 5.15 is no longer on his site, so borrow
+# Fedora's archive until we update
+COMPONENT_ARCHIVE_URL=	http://pkgs.fedoraproject.org/repo/pkgs/xscreensaver/xscreensaver-5.15.tar.gz/c0b8b2c817a9a7371f51a82e80602d10/$(COMPONENT_ARCHIVE)
+COMPONENT_BUGDB=        gnome/screensaver
+
+TPNO=			9370
+
+include $(WS_MAKE_RULES)/prep.mk
+include $(WS_MAKE_RULES)/configure-64.mk
+include $(WS_MAKE_RULES)/ips.mk
+
+# While the tree currently builds with Studio, we need to make sure it also
+# builds with gcc when submitting patches upstream, and having both sets of
+# options in the CFLAGS below makes it easy to switch when needed.
+# COMPILER=gcc
+CC += $(CC_BITS)
+
+# Enable additional warnings, since we've modified this code a lot
+CFLAGS.studio += -v
+CFLAGS.gcc    += -Wall
+
+# Additional optimization flags, to make the hacks show off the hardware
+# better and because for just a screensaver display we can get away with
+# using optimizations that may change strict correctness of floating point ops.
+CFLAGS.studio += -fsimple=2 -nofstore -xlibmil -xprefetch
+CFLAGS.gcc    += -funsafe-math-optimizations
+
+# Regenerate configure after patches modify configure.in
+COMPONENT_PREP_ACTION += ( cd $(@D); autoreconf -fiv);
+
+# Need to pick up the GNU version of xgettext.
+PATH=$(GNUBIN):/usr/bin
+
+# Libraries & programs to depend on
+CONFIGURE_OPTIONS += --with-gl=$(USRDIR)
+CONFIGURE_OPTIONS += --with-gtk=$(USRDIR)
+CONFIGURE_OPTIONS += --with-jpeg=$(USRDIR)
+CONFIGURE_OPTIONS += --without-motif
+CONFIGURE_OPTIONS += --with-pixbuf=$(USRDIR)
+CONFIGURE_OPTIONS += --with-xft=$(USRDIR)
+CONFIGURE_OPTIONS += PTHREAD_CFLAGS="-D_POSIX_PTHREAD_SEMANTICS"
+CONFIGURE_OPTIONS += PTHREAD_LIBS="-lc"
+CONFIGURE_OPTIONS += PERL=$(PERL)
+CONFIGURE_OPTIONS += INTLTOOL_PERL=$(PERL)
+
+# X extensions to support
+CONFIGURE_OPTIONS += --with-dpms-ext
+CONFIGURE_OPTIONS += --with-randr-ext
+CONFIGURE_OPTIONS += --with-xinerama-ext
+CONFIGURE_OPTIONS += --with-xinput-ext  # required for accessibility
+
+# Support locking the screen by normal users and by root
+CONFIGURE_OPTIONS += --enable-locking
+CONFIGURE_OPTIONS += --enable-root-passwd
+# and allow user switching from the lock screen with gdmflexiserver
+CONFIGURE_OPTIONS += --with-login-manager
+
+# Use only PAM, not direct /etc/shadow or kerberos access
+CONFIGURE_OPTIONS += --with-pam=$(USRDIR)
+CONFIGURE_OPTIONS += --without-shadow
+CONFIGURE_OPTIONS += --without-kerberos
+
+# Paths to install to
+APP_DEFAULTS_DIR  = $(CONFIGURE_PREFIX)/share/X11/app-defaults
+XSS_LIBDIR 	  = $(CONFIGURE_PREFIX)/lib/xscreensaver
+CONFIGURE_OPTIONS += --bindir=$(CONFIGURE_BINDIR.32)
+CONFIGURE_OPTIONS += --libexecdir=$(XSS_LIBDIR)/bin
+CONFIGURE_OPTIONS += --with-hackdir=$(XSS_LIBDIR)/hacks
+CONFIGURE_OPTIONS += --with-configdir=$(XSS_LIBDIR)/config/control-center-2.0
+CONFIGURE_OPTIONS += --with-x-app-defaults=$(APP_DEFAULTS_DIR)
+
+# Data sources for images & text in hacks
+CONFIGURE_OPTIONS += --with-image-directory=$(USRSHAREDIR)/pixmaps/backgrounds
+CONFIGURE_OPTIONS += --with-text-file=/etc/motd
+
+# Do not install setuid hacks
+CONFIGURE_OPTIONS += --without-setuid-hacks
+
+# The potfiles.in updates don't work unless source is cloned to build dir
+COMPONENT_PRE_CONFIGURE_ACTION += ($(CLONEY) $(SOURCE_DIR) $(@D));
+
+# Update potfiles.in to pick up our added sources like lock-Gtk.c
+# The "-o Makefile" & touch stamp-it is needed to avoid infinite looping.
+COMPONENT_POST_CONFIGURE_ACTION += ( \
+    cd $(@D)/po ; \
+    $(MAKE) -o Makefile generate_potfiles_in ; \
+    $(MAKE) -o Makefile POTFILES ; \
+    $(MAKE) -o Makefile xscreensaver.pot ; \
+    touch stamp-it )
+
+# Recognizing DESTDIR as most autotools packages do would be too easy,
+# so xscreensaver makes us override install_prefix instead for the same effect.
+COMPONENT_INSTALL_ARGS += install_prefix=$(PROTO_DIR)
+
+# Remove hacks we've chosen not to ship at all for various reasons
+REMOVED_HACKS="extrusion flyingtoasters ljlatest sonar webcollage"
+COMPONENT_POST_INSTALL_ACTION += ( \
+for h in $(REMOVED_HACKS) ; do \
+    rm -f $(PROTO_DIR)$(XSS_LIBDIR)/hacks/$${h} \
+          $(PROTO_DIR)$(CONFIGURE_MANDIR)/man6/$${h}.6 \
+          $(PROTO_DIR)$(XSS_LIBDIR)/config/control-center-2.0/$${h}.xml ;\
+done ; \
+rm -f $(PROTO_DIR)$(XSS_LIBDIR)/hacks/webcollage-helper );
+
+
+ASLR_MODE = $(ASLR_ENABLE)
+
+configure:      $(CONFIGURE_64)
+build:          $(BUILD_64)
+install:        $(INSTALL_64)
+test:           $(NO_TESTS)
+system-test:    $(NO_TESTS)
+
+
+REQUIRED_PACKAGES += gnome/accessibility/gnome-a11y-libs
+REQUIRED_PACKAGES += gnome/config/gconf
+REQUIRED_PACKAGES += image/library/libjpeg
+REQUIRED_PACKAGES += library/desktop/atk
+REQUIRED_PACKAGES += library/desktop/gdk-pixbuf
+REQUIRED_PACKAGES += library/desktop/gtk2
+REQUIRED_PACKAGES += library/desktop/libglade
+REQUIRED_PACKAGES += library/desktop/pango
+REQUIRED_PACKAGES += library/glib2
+REQUIRED_PACKAGES += library/gnome/gnome-component
+REQUIRED_PACKAGES += library/libxml2
+REQUIRED_PACKAGES += library/perl-5/xml-parser
+REQUIRED_PACKAGES += $(PERL_PKG)
+REQUIRED_PACKAGES += system/library
+REQUIRED_PACKAGES += system/library/math
+REQUIRED_PACKAGES += x11/library/libx11
+REQUIRED_PACKAGES += x11/library/libxext
+REQUIRED_PACKAGES += x11/library/libxft
+REQUIRED_PACKAGES += x11/library/libxi
+REQUIRED_PACKAGES += x11/library/libxinerama
+REQUIRED_PACKAGES += x11/library/libxmu
+REQUIRED_PACKAGES += x11/library/libxrandr
+REQUIRED_PACKAGES += x11/library/libxxf86misc
+REQUIRED_PACKAGES += x11/library/libxxf86vm
+REQUIRED_PACKAGES += x11/library/mesa
+REQUIRED_PACKAGES += x11/library/toolkit/libxt
Binary file components/desktop/xscreensaver/files/unlock-logo.png has changed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/files/xscreensaver-hacks-gl.license.txt	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,415 @@
+Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
+
+Xscreensaver core software:
+
+Copyright 1991-2015 by Jamie Zawinski.
+
+Permission to use, copy, modify, distribute, and sell this software
+and its documentation for any purpose is hereby granted without fee,
+provided that the above copyright notice appear in all copies and that
+both that copyright notice and this permission notice appear in
+supporting documentation.  No representations are made about the
+suitability of this software for any purpose.  It is provided "as is"
+without express or implied warranty.
+
+Individual hack modules & utilties:
+
+MIT-style license used on most hacks (with various copyright holders):
+
+ Copyright (c) <year> <copyright holder>
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted,
+ provided that the above copyright notice appear in all copies and that
+ both that copyright notice and this permission notice appear in
+ supporting documentation.
+
+ This file is provided AS IS with no warranties of any kind.  The author
+ shall have no liability with respect to the infringement of copyrights,
+ trade secrets or any patents by this file or any part thereof.  In no
+ event will the author be liable for any lost revenue or profits or
+ other special, indirect and consequential damages.
+
+Alternate forms of MIT/BSD license used on some hacks:
+
+ifs, kumppa, xrayswarm:
+
+ Copyright (c) 2000 by Chris Leger ([email protected])
+
+ Permission is hereby granted, free of charge, to any person obtaining
+ a copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+
+ Except as contained in this notice, the name of the X Consortium shall
+ not be used in advertising or otherwise to promote the sale, use or
+ other dealings in this Software without prior written authorization
+ from the X Consortium.
+
+lockward:
+
+ Copyright (c) 2007 Leo L. Schwab
+
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to permit
+ persons to whom the Software is furnished to do so, subject to the
+ following conditions:
+
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+ NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+ USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+flurry:
+
+Copyright (c) 2002, Calum Robinson
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of the author nor the names of its contributors may be used
+  to endorse or promote products derived from this software without specific
+  prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+sphere:
+
+ Copyright 1988 by Sun Microsystems, Inc. Mountain View, CA.
+
+ All Rights Reserved
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the names of Sun or MIT not be used in advertising
+ or publicity pertaining to distribution of the software without specific
+ prior written permission. Sun and M.I.T. make no representations about the
+ suitability of this software for any purpose. It is provided "as is"
+ without any express or implied warranty.
+
+ SUN DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ IN NO EVENT SHALL SUN BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ SOFTWARE.
+
+cynosure:
+
+   COPYRIGHT NOTICE
+
+   Copyright 1996 ozymandias G desiderata. Title, ownership rights, and
+   intellectual property rights in and to this software remain with
+   ozymandias G desiderata. This software may be copied, modified,
+   or used as long as this copyright is retained. Use this code at your
+   own risk.
+
+polyhedra:
+
+      Copyright (c) 1991-2002 Dr. Zvi Har'El <[email protected]>
+
+      Redistribution and use in source and binary forms, with or without
+      modification, are permitted provided that the following conditions
+      are met:
+
+      1. Redistributions of source code must retain the above copyright
+         notice, this list of conditions and the following disclaimer.
+
+      2. Redistributions in binary form must reproduce the above copyright
+         notice, this list of conditions and the following disclaimer in
+         the documentation and/or other materials provided with the
+         distribution.
+
+      3. The end-user documentation included with the redistribution,
+         if any, must include the following acknowledgment:
+              "This product includes software developed by
+               Dr. Zvi Har'El (http://www.math.technion.ac.il/~rl/)."
+         Alternately, this acknowledgment may appear in the software itself,
+         if and wherever such third-party acknowledgments normally appear.
+
+      This software is provided 'as-is', without any express or implied
+      warranty.  In no event will the author be held liable for any
+      damages arising from the use of this software.
+
+munch:
+
+ Portions Copyright 1997, Tim Showalter
+
+   Permission is granted to copy, modify, and use this as long
+   as this notice remains intact.  No warranties are expressed or
+   implied.  CMU Sucks.
+
+utils/erase.c:
+
+   Portions (c) 1997 by Johannes Keukelaar <[email protected]>:
+   Permission to use in any way granted. Provided "as is" without expressed
+   or implied warranty. NO WARRANTY, NO EXPRESSION OF SUITABILITY FOR ANY
+   PURPOSE. (I.e.: Use in any way, but at your own risk!)
+
+utils/spline.c:
+
+ Copyright (c) 1987, 1988, 1989 Stanford University
+
+ Permission to use, copy, modify, distribute, and sell this software and its
+ documentation for any purpose is hereby granted without fee, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the name of Stanford not be used in advertising or
+ publicity pertaining to distribution of the software without specific,
+ written prior permission.  Stanford makes no representations about
+ the suitability of this software for any purpose.  It is provided "as is"
+ without express or implied warranty.
+
+ STANFORD DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS.
+ IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+ CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
+ DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+utils/vroot.h:
+
+                 Copyright 1991 by Andreas Stolcke
+             Copyright 1990 by Solbourne Computer Inc.
+                        Longmont, Colorado
+
+                         All Rights Reserved
+
+  Permission to use, copy, modify, and distribute this software and
+  its documentation  for  any  purpose  and  without  fee is hereby
+  granted, provided that the above copyright notice appear  in  all
+  copies and that both  that  copyright  notice  and  this  permis-
+  sion  notice appear in supporting  documentation,  and  that  the
+  name of Solbourne not be used in advertising
+  in publicity pertaining to distribution of the  software  without
+  specific, written prior permission.
+
+  ANDREAS STOLCKE AND SOLBOURNE COMPUTER INC. DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY  AND  FITNESS,  IN  NO  EVENT SHALL ANDREAS STOLCKE
+  OR SOLBOURNE BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+  DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA
+  OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
+  TORTIOUS ACTION, ARISING OUT OF OR IN  CONNECTION  WITH  THE  USE
+  OR PERFORMANCE OF THIS SOFTWARE.
+
+
+atlantis, glx utility functions:
+
+(c) Copyright 1993, Silicon Graphics, Inc.
+
+ALL RIGHTS RESERVED
+
+Permission to use, copy, modify, and distribute this software
+for any purpose and without fee is hereby granted, provided
+that the above copyright notice appear in all copies and that
+both the copyright notice and this permission notice appear in
+supporting documentation, and that the name of Silicon
+Graphics, Inc. not be used in advertising or publicity
+pertaining to distribution of the software without specific,
+written prior permission.
+
+THE MATERIAL EMBODIED ON THIS SOFTWARE IS PROVIDED TO YOU
+"AS-IS" AND WITHOUT WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR
+OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF
+MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  IN NO
+EVENT SHALL SILICON GRAPHICS, INC.  BE LIABLE TO YOU OR ANYONE
+ELSE FOR ANY DIRECT, SPECIAL, INCIDENTAL, INDIRECT OR
+CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER,
+INCLUDING WITHOUT LIMITATION, LOSS OF PROFIT, LOSS OF USE,
+SAVINGS OR REVENUE, OR THE CLAIMS OF THIRD PARTIES, WHETHER OR
+NOT SILICON GRAPHICS, INC.  HAS BEEN ADVISED OF THE POSSIBILITY
+OF SUCH LOSS, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ARISING OUT OF OR IN CONNECTION WITH THE POSSESSION, USE OR
+PERFORMANCE OF THIS SOFTWARE.
+
+US Government Users Restricted Rights
+
+Use, duplication, or disclosure by the Government is subject to
+restrictions set forth in FAR 52.227.19(c)(2) or subparagraph
+(c)(1)(ii) of the Rights in Technical Data and Computer
+Software clause at DFARS 252.227-7013 and/or in similar or
+successor clauses in the FAR or the DOD or NASA FAR
+Supplement.  Unpublished-- rights reserved under the copyright
+laws of the United States.  Contractor/manufacturer is Silicon
+Graphics, Inc., 2011 N.  Shoreline Blvd., Mountain View, CA
+94039-7311.
+
+OpenGL(TM) is a trademark of Silicon Graphics, Inc.
+
+utils/xmu.c:
+
+ Copyright 1989 Massachusetts Institute of Technology
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the name of M.I.T. not be used in advertising
+ or publicity pertaining to distribution of the software without specific,
+ written prior permission.  M.I.T. makes no representations about the
+ suitability of this software for any purpose.  It is provided "as is"
+ without express or implied warranty.
+
+ M.I.T. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL M.I.T.
+ BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+driver/xdpyinfo.c:
+
+Copyright 1988, 1998  The Open Group
+
+All Rights Reserved.
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall not be
+used in advertising or otherwise to promote the sale, use or other dealings
+in this Software without prior written authorization from The Open Group.
+
+
+Other licenses used on specific hacks:
+
+glchess:
+
+ Copyright (C) 2006  John-Paul Gignac <[email protected]>
+
+ Copyright (C) 2002  Robert  Ancell <[email protected]>
+                     Michael Duelli <[email protected]>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+glsnake:
+
+ (c) 2001-2005 Jamie Wilkinson <[email protected]>
+ (c) 2001-2003 Andrew Bennetts <[email protected]>
+ (c) 2001-2003 Peter Aylett <[email protected]>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+t3d:
+
+  t3d -- Flying Balls Clock Demo
+  by Bernd Paysan , [email protected]
+
+  Copy, modify, and distribute T3D either under GPL  version 2 or newer,
+  or under the standard MIT/X license notice.
+
+  partly based on flying balls demo by Georg Acher,
+  [email protected]
+  (developed on HP9000/720 (55 MIPS,20 MFLOPS) )
+  NO warranty at all ! Complaints to /dev/null !
+
+Other notices regarding IP:
+
+flyingtoasters:
+
+ Draws 3D flying toasters, and toast.  Inspired by the ancient
+ Berkeley Systems / After Dark hack, but now updated to the wide
+ wonderful workd of OpenGL and 3D!
+
+ Code by jwz; object models by Baconmonkey.
+
+ The original After Dark flying toasters, with the fluffy white wings,
+ were a trademark of Berkeley Systems.  Berkeley Systems ceased to exist
+ some time in 1998, having been gobbled up by Sierra Online, who were
+ subsequently gobbled up by Flipside and/or Vivendi (it's hard to tell
+ exactly what happened when.)
+
+ I doubt anyone even cares any more, but if they do, hopefully this homage,
+ with the space-age 3D jet-plane toasters, will be considered different
+ enough that whoever still owns the trademark to the fluffy-winged 2D
+ bitmapped toasters won't get all huffy at us.
+
+Further reference:   http://en.wikipedia.org/wiki/After_Dark_(software)
+
+lavalite:
+
+ lavalite --- 3D Simulation of a Lava Lite, written by jwz.
+
+ LAVA?, LAVA LITE?, LAVA WORLD INTERNATIONAL? and the configuration of the
+ LAVA? brand motion lamp are registered trademarks of Haggerty Enterprises,
+ Inc.  The configuration of the globe and base of the motion lamp are
+ registered trademarks of Haggerty Enterprises, Inc. in the U.S.A. and in
+ other countries around the world.
+
+ Official Lava Lite web site: http://www.lavaworld.com/
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/files/xscreensaver-hacks.license.txt	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,413 @@
+Xscreensaver core software:
+
+Copyright 1991-2015 by Jamie Zawinski.
+
+Permission to use, copy, modify, distribute, and sell this software
+and its documentation for any purpose is hereby granted without fee,
+provided that the above copyright notice appear in all copies and that
+both that copyright notice and this permission notice appear in
+supporting documentation.  No representations are made about the
+suitability of this software for any purpose.  It is provided "as is"
+without express or implied warranty.
+
+Individual hack modules & utilties:
+
+MIT-style license used on most hacks (with various copyright holders):
+
+ Copyright (c) <year> <copyright holder>
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted,
+ provided that the above copyright notice appear in all copies and that
+ both that copyright notice and this permission notice appear in
+ supporting documentation.
+
+ This file is provided AS IS with no warranties of any kind.  The author
+ shall have no liability with respect to the infringement of copyrights,
+ trade secrets or any patents by this file or any part thereof.  In no
+ event will the author be liable for any lost revenue or profits or
+ other special, indirect and consequential damages.
+
+Alternate forms of MIT/BSD license used on some hacks:
+
+ifs, kumppa, xrayswarm:
+
+ Copyright (c) 2000 by Chris Leger ([email protected])
+
+ Permission is hereby granted, free of charge, to any person obtaining
+ a copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+
+ Except as contained in this notice, the name of the X Consortium shall
+ not be used in advertising or otherwise to promote the sale, use or
+ other dealings in this Software without prior written authorization
+ from the X Consortium.
+
+lockward:
+
+ Copyright (c) 2007 Leo L. Schwab
+
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to permit
+ persons to whom the Software is furnished to do so, subject to the
+ following conditions:
+
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+ NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+ USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+flurry:
+
+Copyright (c) 2002, Calum Robinson
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of the author nor the names of its contributors may be used
+  to endorse or promote products derived from this software without specific
+  prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+sphere:
+
+ Copyright 1988 by Sun Microsystems, Inc. Mountain View, CA.
+
+ All Rights Reserved
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the names of Sun or MIT not be used in advertising
+ or publicity pertaining to distribution of the software without specific
+ prior written permission. Sun and M.I.T. make no representations about the
+ suitability of this software for any purpose. It is provided "as is"
+ without any express or implied warranty.
+
+ SUN DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ IN NO EVENT SHALL SUN BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ SOFTWARE.
+
+cynosure:
+
+   COPYRIGHT NOTICE
+
+   Copyright 1996 ozymandias G desiderata. Title, ownership rights, and
+   intellectual property rights in and to this software remain with
+   ozymandias G desiderata. This software may be copied, modified,
+   or used as long as this copyright is retained. Use this code at your
+   own risk.
+
+polyhedra:
+
+      Copyright (c) 1991-2002 Dr. Zvi Har'El <[email protected]>
+
+      Redistribution and use in source and binary forms, with or without
+      modification, are permitted provided that the following conditions
+      are met:
+
+      1. Redistributions of source code must retain the above copyright
+         notice, this list of conditions and the following disclaimer.
+
+      2. Redistributions in binary form must reproduce the above copyright
+         notice, this list of conditions and the following disclaimer in
+         the documentation and/or other materials provided with the
+         distribution.
+
+      3. The end-user documentation included with the redistribution,
+         if any, must include the following acknowledgment:
+              "This product includes software developed by
+               Dr. Zvi Har'El (http://www.math.technion.ac.il/~rl/)."
+         Alternately, this acknowledgment may appear in the software itself,
+         if and wherever such third-party acknowledgments normally appear.
+
+      This software is provided 'as-is', without any express or implied
+      warranty.  In no event will the author be held liable for any
+      damages arising from the use of this software.
+
+munch:
+
+ Portions Copyright 1997, Tim Showalter
+
+   Permission is granted to copy, modify, and use this as long
+   as this notice remains intact.  No warranties are expressed or
+   implied.  CMU Sucks.
+
+utils/erase.c:
+
+   Portions (c) 1997 by Johannes Keukelaar <[email protected]>:
+   Permission to use in any way granted. Provided "as is" without expressed
+   or implied warranty. NO WARRANTY, NO EXPRESSION OF SUITABILITY FOR ANY
+   PURPOSE. (I.e.: Use in any way, but at your own risk!)
+
+utils/spline.c:
+
+ Copyright (c) 1987, 1988, 1989 Stanford University
+
+ Permission to use, copy, modify, distribute, and sell this software and its
+ documentation for any purpose is hereby granted without fee, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the name of Stanford not be used in advertising or
+ publicity pertaining to distribution of the software without specific,
+ written prior permission.  Stanford makes no representations about
+ the suitability of this software for any purpose.  It is provided "as is"
+ without express or implied warranty.
+
+ STANFORD DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS.
+ IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+ CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
+ DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+utils/vroot.h:
+
+                 Copyright 1991 by Andreas Stolcke
+             Copyright 1990 by Solbourne Computer Inc.
+                        Longmont, Colorado
+
+                         All Rights Reserved
+
+  Permission to use, copy, modify, and distribute this software and
+  its documentation  for  any  purpose  and  without  fee is hereby
+  granted, provided that the above copyright notice appear  in  all
+  copies and that both  that  copyright  notice  and  this  permis-
+  sion  notice appear in supporting  documentation,  and  that  the
+  name of Solbourne not be used in advertising
+  in publicity pertaining to distribution of the  software  without
+  specific, written prior permission.
+
+  ANDREAS STOLCKE AND SOLBOURNE COMPUTER INC. DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY  AND  FITNESS,  IN  NO  EVENT SHALL ANDREAS STOLCKE
+  OR SOLBOURNE BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+  DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA
+  OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
+  TORTIOUS ACTION, ARISING OUT OF OR IN  CONNECTION  WITH  THE  USE
+  OR PERFORMANCE OF THIS SOFTWARE.
+
+
+atlantis, glx utility functions:
+
+(c) Copyright 1993, Silicon Graphics, Inc.
+
+ALL RIGHTS RESERVED
+
+Permission to use, copy, modify, and distribute this software
+for any purpose and without fee is hereby granted, provided
+that the above copyright notice appear in all copies and that
+both the copyright notice and this permission notice appear in
+supporting documentation, and that the name of Silicon
+Graphics, Inc. not be used in advertising or publicity
+pertaining to distribution of the software without specific,
+written prior permission.
+
+THE MATERIAL EMBODIED ON THIS SOFTWARE IS PROVIDED TO YOU
+"AS-IS" AND WITHOUT WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR
+OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF
+MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  IN NO
+EVENT SHALL SILICON GRAPHICS, INC.  BE LIABLE TO YOU OR ANYONE
+ELSE FOR ANY DIRECT, SPECIAL, INCIDENTAL, INDIRECT OR
+CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER,
+INCLUDING WITHOUT LIMITATION, LOSS OF PROFIT, LOSS OF USE,
+SAVINGS OR REVENUE, OR THE CLAIMS OF THIRD PARTIES, WHETHER OR
+NOT SILICON GRAPHICS, INC.  HAS BEEN ADVISED OF THE POSSIBILITY
+OF SUCH LOSS, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ARISING OUT OF OR IN CONNECTION WITH THE POSSESSION, USE OR
+PERFORMANCE OF THIS SOFTWARE.
+
+US Government Users Restricted Rights
+
+Use, duplication, or disclosure by the Government is subject to
+restrictions set forth in FAR 52.227.19(c)(2) or subparagraph
+(c)(1)(ii) of the Rights in Technical Data and Computer
+Software clause at DFARS 252.227-7013 and/or in similar or
+successor clauses in the FAR or the DOD or NASA FAR
+Supplement.  Unpublished-- rights reserved under the copyright
+laws of the United States.  Contractor/manufacturer is Silicon
+Graphics, Inc., 2011 N.  Shoreline Blvd., Mountain View, CA
+94039-7311.
+
+OpenGL(TM) is a trademark of Silicon Graphics, Inc.
+
+utils/xmu.c:
+
+ Copyright 1989 Massachusetts Institute of Technology
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted, provided
+ that the above copyright notice appear in all copies and that both that
+ copyright notice and this permission notice appear in supporting
+ documentation, and that the name of M.I.T. not be used in advertising
+ or publicity pertaining to distribution of the software without specific,
+ written prior permission.  M.I.T. makes no representations about the
+ suitability of this software for any purpose.  It is provided "as is"
+ without express or implied warranty.
+
+ M.I.T. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL M.I.T.
+ BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+driver/xdpyinfo.c:
+
+Copyright 1988, 1998  The Open Group
+
+All Rights Reserved.
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall not be
+used in advertising or otherwise to promote the sale, use or other dealings
+in this Software without prior written authorization from The Open Group.
+
+
+Other licenses used on specific hacks:
+
+glchess:
+
+ Copyright (C) 2006  John-Paul Gignac <[email protected]>
+
+ Copyright (C) 2002  Robert  Ancell <[email protected]>
+                     Michael Duelli <[email protected]>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+glsnake:
+
+ (c) 2001-2005 Jamie Wilkinson <[email protected]>
+ (c) 2001-2003 Andrew Bennetts <[email protected]>
+ (c) 2001-2003 Peter Aylett <[email protected]>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+t3d:
+
+  t3d -- Flying Balls Clock Demo
+  by Bernd Paysan , [email protected]
+
+  Copy, modify, and distribute T3D either under GPL  version 2 or newer,
+  or under the standard MIT/X license notice.
+
+  partly based on flying balls demo by Georg Acher,
+  [email protected]
+  (developed on HP9000/720 (55 MIPS,20 MFLOPS) )
+  NO warranty at all ! Complaints to /dev/null !
+
+Other notices regarding IP:
+
+flyingtoasters:
+
+ Draws 3D flying toasters, and toast.  Inspired by the ancient
+ Berkeley Systems / After Dark hack, but now updated to the wide
+ wonderful workd of OpenGL and 3D!
+
+ Code by jwz; object models by Baconmonkey.
+
+ The original After Dark flying toasters, with the fluffy white wings,
+ were a trademark of Berkeley Systems.  Berkeley Systems ceased to exist
+ some time in 1998, having been gobbled up by Sierra Online, who were
+ subsequently gobbled up by Flipside and/or Vivendi (it's hard to tell
+ exactly what happened when.)
+
+ I doubt anyone even cares any more, but if they do, hopefully this homage,
+ with the space-age 3D jet-plane toasters, will be considered different
+ enough that whoever still owns the trademark to the fluffy-winged 2D
+ bitmapped toasters won't get all huffy at us.
+
+Further reference:   http://en.wikipedia.org/wiki/After_Dark_(software)
+
+lavalite:
+
+ lavalite --- 3D Simulation of a Lava Lite, written by jwz.
+
+ LAVA?, LAVA LITE?, LAVA WORLD INTERNATIONAL? and the configuration of the
+ LAVA? brand motion lamp are registered trademarks of Haggerty Enterprises,
+ Inc.  The configuration of the globe and base of the motion lamp are
+ registered trademarks of Haggerty Enterprises, Inc. in the U.S.A. and in
+ other countries around the world.
+
+ Official Lava Lite web site: http://www.lavaworld.com/
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/files/xscreensaver.desktop	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,9 @@
+[Desktop Entry]
+Type=Application
+Encoding=UTF-8
+Name=Screensaver
+Exec=/usr/bin/xscreensaver -nosplash
+NoDisplay=true
+X-GNOME-Autostart-Phase=Application
+X-GNOME-Autostart-Notify=false
+X-GNOME-AutoRestart=true
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/files/xscreensaver.license.txt	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,11 @@
+Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
+
+Copyright 1991-2015 by Jamie Zawinski.
+
+Permission to use, copy, modify, distribute, and sell this software
+and its documentation for any purpose is hereby granted without fee,
+provided that the above copyright notice appear in all copies and that
+both that copyright notice and this permission notice appear in
+supporting documentation.  No representations are made about the
+suitability of this software for any purpose.  It is provided "as is"
+without express or implied warranty.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/history	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,5 @@
[email protected] desktop/[email protected]
[email protected] desktop/xscreensaver/[email protected]
[email protected] desktop/xscreensaver/hacks/[email protected]
[email protected]
+desktop/xscreensaver/hacks/[email protected]
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/01-intltool.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,31 @@
+Fix old Makefile.in.in to work with newer intltool
+
+Already upstream in later releases
+
+---
+ po/Makefile.in.in |    6 ++++++
+ 1 files changed, 6 insertions(+), 0 deletions(-)
+
+diff --git a/po/Makefile.in.in b/po/Makefile.in.in
+--- a/po/Makefile.in.in
++++ b/po/Makefile.in.in
[email protected]@ -84,6 +84,9 @@
+ #       refering to $(srcdir) anyway.  So I just commented (my half-fixed
+ #       version of) this rule out.
+ #
++# The following line is needed to keep the intltool.m4 autoconf macros from
++# throwing an error message:
++# INTLTOOL_MAKEFILE
+ 
+ GETTEXT_PACKAGE = @[email protected]
+ PACKAGE = @[email protected]
[email protected]@ -149,6 +152,9 @@ TARFILES = $(DISTFILES_1) $(POFILES) $(SOURCES)
+ 
+ POTFILES = \
+ 
++# Don't delete this line!
++# Need to keep a non-blank line after POTFILES for sed commands from
++# aclocal.m4 to generate Makefile from Makefile.in without losing CATALOGS
+ CATALOGS = @[email protected]
+ CATOBJEXT = @[email protected]
+ INSTOBJEXT = @[email protected]
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/02-Solaris.app-defaults.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,224 @@
+Various settings to meet Solaris policies/preferences, including:
+
+   -     enable screen lock by default, disable splash screen
+   -     disable using screen grabs in hacks to avoid security leaks
+   -     set default mode to screen blank
+   -     disable bsod by default to avoid confusion in shops with real NT boxes
+   -     enable & disable various hacks by default for branding reasons
+   -     branding changes for various hacks & defaults (like RSS feed)
+15162280 SUNBT4871833 DPMS settings should be consistent between CDE and Gnome
+15305084 SUNBT6368607 increase unlock dialog box timeout to 2 minutes
+15379785 SUNBT6526791 xscreensaver and Xorg need to change timeouts for MOU4
+15451768 SUNBT6652454 xscreensaver does not invoke after IDLE time expires
+
+Not suitable for upstream as these represent our differences of opinion or
+differences of requirements with upstreams.
+
+---
+ driver/XScreenSaver.ad.in |   68 ++++++++++++++++++++++-----------------------
+ 1 files changed, 33 insertions(+), 35 deletions(-)
+
+diff --git a/driver/XScreenSaver.ad.in b/driver/XScreenSaver.ad.in
+--- a/driver/XScreenSaver.ad.in
++++ b/driver/XScreenSaver.ad.in
[email protected]@ -28,42 +28,43 @@
+ 
+ ! /* (xrdb prevention kludge: whole file)
+ 
+-*mode:			random
++! We want the default mode to be just blank the screen
++*mode:	      	      	blank
+ *timeout:		0:10:00
+ *cycle:			0:10:00
+ *lockTimeout:		0:00:00
+-*passwdTimeout:		0:00:30
+-*dpmsEnabled:		False
++*passwdTimeout:		0:02:00
++*dpmsEnabled:		True
+ *dpmsQuickoffEnabled:	False
+-*dpmsStandby:		2:00:00
+-*dpmsSuspend:		2:00:00
+-*dpmsOff:		4:00:00
+-*grabDesktopImages:	True
++*dpmsStandby:		0:10:00
++*dpmsSuspend:		0:10:00
++*dpmsOff:		0:10:00
++*grabDesktopImages:	False
+ *grabVideoFrames:	False
+ *chooseRandomImages:	@[email protected]
+ ! This can be a local directory name, or the URL of an RSS or Atom feed.
+ *imageDirectory:	@[email protected]
+-*nice:			10
++*nice:			19
+ *memoryLimit:		0
+-*lock:			False
++*lock:			True
+ *verbose:		False
+ *timestamp:		True
+ *fade:			True
+ *unfade:		False
+ *fadeSeconds:		0:00:03
+ *fadeTicks:		20
+-*splash:		True
++*splash:		False
+ *splashDuration:	0:00:05
+ *visualID:		default
+ *captureStderr: 	True
+ *ignoreUninstalledPrograms: False
+ 
+-*textMode:		file
++*textMode:		date
+ *textLiteral:		XScreenSaver
+ *textFile:		@[email protected]
+-*textProgram:		fortune
+-*textURL:		http://twitter.com/statuses/public_timeline.atom
+-!*textURL:		http://www.livejournal.com/stats/latest-rss.bml
++*textProgram:		date
++*textURL:		http://blogs.oracle.com/observatory/en_US/feed/entries/atom
++!*textURL:		http://twitter.com/statuses/public_timeline.atom
+ 
+ *overlayTextForeground:	#FFFF00
+ *overlayTextBackground:	#000000
[email protected]@ -76,7 +77,7 @@
+ *procInterrupts:	True
+ 
+ ! Turning this on makes pointerHysteresis not work.
+-*xinputExtensionDev:	False
++*xinputExtensionDev:	True
+ 
+ ! Set this to True if you are experiencing longstanding XFree86 bug #421
+ ! (xscreensaver not covering the whole screen)
[email protected]@ -160,23 +161,23 @@ GetViewPortIsFullOfLies: False
+ @[email protected] GL: 				superquadrics -root			    \n\
+ 				attraction -root			    \n\
+ 				blitspin -root				    \n\
+-				greynetic -root				    \n\
+-				helix -root				    \n\
++-				greynetic -root				    \n\
++-				helix -root				    \n\
+ 				hopalong -root				    \n\
+ 				imsmap -root				    \n\
+ -				noseguy -root				    \n\
+ -				pyro -root				    \n\
+ 				qix -root				    \n\
+ -				rocks -root				    \n\
+-				rorschach -root				    \n\
++-				rorschach -root				    \n\
+ 				decayscreen -root			    \n\
+-				flame -root				    \n\
++-				flame -root				    \n\
+ 				halo -root				    \n\
+ 				slidescreen -root			    \n\
+-				pedal -root				    \n\
++-				pedal -root				    \n\
+ 				bouboule -root				    \n\
+ -				braid -root				    \n\
+-				coral -root				    \n\
++-				coral -root				    \n\
+ 				deco -root				    \n\
+ 				drift -root				    \n\
+ -				fadeplot -root				    \n\
[email protected]@ -185,13 +186,13 @@ GetViewPortIsFullOfLies: False
+ 				grav -root				    \n\
+ 				ifs -root				    \n\
+ @[email protected] GL: 				jigsaw -root				    \n\
+-				julia -root				    \n\
++-				julia -root				    \n\
+ -				kaleidescope -root			    \n\
+ @[email protected] GL: 				moebius -root				    \n\
+-				moire -root				    \n\
++-				moire -root				    \n\
+ @[email protected] GL: 				morph3d -root				    \n\
+ 				mountain -root				    \n\
+-				munch -root				    \n\
++-				munch -root				    \n\
+ 				penrose -root				    \n\
+ @[email protected] GL: 				pipes -root				    \n\
+ 				rd-bomb -root				    \n\
[email protected]@ -206,7 +207,7 @@ GetViewPortIsFullOfLies: False
+ 				xjack -root				    \n\
+ 				xlyap -root				    \n\
+ @[email protected] GL: 				atlantis -root				    \n\
+-				bsod -root				    \n\
++-				bsod -root				    \n\
+ @[email protected] GL: 				bubble3d -root				    \n\
+ @[email protected] GL: 				cage -root				    \n\
+ -				crystal -root				    \n\
[email protected]@ -219,7 +220,7 @@ GetViewPortIsFullOfLies: False
+ 				interference -root			    \n\
+ 				kumppa -root				    \n\
+ @[email protected] GL: 				lament -root				    \n\
+-				moire2 -root				    \n\
++-				moire2 -root				    \n\
+ @[email protected] GL: 				sonar -root				    \n\
+ @[email protected] GL: 				stairs -root				    \n\
+ 				truchet -root				    \n\
[email protected]@ -227,9 +228,9 @@ GetViewPortIsFullOfLies: False
+ 				blaster -root				    \n\
+ 				bumps -root				    \n\
+ 				ccurve -root				    \n\
+-				compass -root				    \n\
++-				compass -root				    \n\
+ 				deluxe -root				    \n\
+--				demon -root				    \n\
++				demon -root				    \n\
+ @[email protected] GL: 				extrusion -root				    \n\
+ -				loop -root				    \n\
+ 				penetrate -root				    \n\
[email protected]@ -243,7 +244,7 @@ GetViewPortIsFullOfLies: False
+ 				squiral -root				    \n\
+ 				wander -root				    \n\
+ -				webcollage -root			    \n\
+-				xflame -root				    \n\
++				xflame -root -bitmap /usr/lib/xscreensaver/config/unlock-logo.png \n\
+ 				xmatrix -root				    \n\
+ @[email protected] GL: 				gflux -root				    \n\
+ -				nerverot -root				    \n\
[email protected]@ -258,14 +259,14 @@ GetViewPortIsFullOfLies: False
+ @[email protected] GL: 				menger -root				    \n\
+ @[email protected] GL: 				molecule -root				    \n\
+ 				rotzoomer -root				    \n\
+-				speedmine -root				    \n\
++-				speedmine -root				    \n\
+ @[email protected] GL: 				starwars -root				    \n\
+ @[email protected] GL: 				stonerview -root			    \n\
+ 				vermiculate -root			    \n\
+ 				whirlwindwarp -root			    \n\
+ 				zoom -root				    \n\
+ 				anemone -root				    \n\
+-				apollonian -root			    \n\
++-				apollonian -root			    \n\
+ @[email protected] GL: 				boxed -root				    \n\
+ @[email protected] GL: 				cubenetic -root				    \n\
+ @[email protected] GL: 				endgame -root				    \n\
[email protected]@ -294,12 +295,11 @@ GetViewPortIsFullOfLies: False
+ @[email protected] GL: 				cubestorm -root				    \n\
+ 				eruption -root				    \n\
+ @[email protected] GL: 				flipflop -root				    \n\
[email protected][email protected] GL: 				flyingtoasters -root			    \n\
+ 				fontglide -root				    \n\
+ @[email protected] GL: 				gleidescope -root			    \n\
+ @[email protected] GL: 				glknots -root				    \n\
+ @[email protected] GL: 				glmatrix -root				    \n\
+-- GL: 				glslideshow -root			    \n\
[email protected][email protected] GL: 				glslideshow -root			    \n\
+ @[email protected] GL: 				hypertorus -root			    \n\
+ - GL: 				jigglypuff -root			    \n\
+ 				metaballs -root				    \n\
[email protected]@ -319,7 +319,6 @@ GetViewPortIsFullOfLies: False
+ 				intermomentary -root			    \n\
+ 				memscroller -root			    \n\
+ @[email protected] GL: 				noof -root				    \n\
+-				pacman -root				    \n\
+ @[email protected] GL: 				pinion -root				    \n\
+ @[email protected] GL: 				polyhedra -root				    \n\
+ - GL: 				providence -root			    \n\
[email protected]@ -451,7 +450,6 @@ XScreenSaver.bourneShell:		/bin/sh
+ *hacks.flipscreen3d.name:   FlipScreen3D
+ *hacks.fliptext.name:       FlipText
+ *hacks.fluidballs.name:     FluidBalls
+-*hacks.flyingtoasters.name: FlyingToasters
+ *hacks.fontglide.name:      FontGlide
+ *hacks.fuzzyflakes.name:    FuzzyFlakes
+ *hacks.gflux.name:          GFlux
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/03-GNOME-desktop.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,52 @@
+Changes needed for integration into GNOME desktop menus on Solaris.
+Localized name & tooltips (Sun bug 5103358 / Oracle bug 15227916)
+
+Unknown why this differs from upstream - need to find out someday.
+
+---
+ driver/screensaver-properties.desktop.in |   34 ++++++++++++++++++++++++++---
+ 1 files changed, 30 insertions(+), 4 deletions(-)
+
+diff --git a/driver/screensaver-properties.desktop.in b/driver/screensaver-properties.desktop.in
+--- a/driver/screensaver-properties.desktop.in
++++ b/driver/screensaver-properties.desktop.in
[email protected]@ -1,8 +1,34 @@
+ [Desktop Entry]
+ Exec=xscreensaver-demo
+-Icon=xscreensaver
++Icon=gnome-ccscreensaver.png
+ Terminal=false
+-_Name=Screensaver
+-_Comment=Change screensaver properties
++Name=Screensaver
++Name[cs]=Spořič obrazovky
++Name[de]=Bildschirmschoner
++Name[es]=Salvapantallas
++Name[fr]=Économiseur d'écran
++Name[hu]=Képernyővédő
++Name[it]=Salvaschermo
++Name[ja]=スクリーンセーバー
++Name[ko]=화면 보호기
++Name[pt_BR]=Protetor de tela
++Name[sv]=Skärmsläckare
++Name[zh_CN]=屏幕保护程序
++Name[zh_HK]=螢幕保護程式
++Name[zh_TW]=螢幕保護程式
++Comment=Choose screensaver delay and appearance.
++Comment[cs]=Konfigurace nastavení spořiče obrazovky.
++Comment[de]=Bildschirmschonereinstellungen konfigurieren
++Comment[es]=Configura los valores del salvapantallas.
++Comment[fr]=Configurer les paramètres de l'économiseur d'écran.
++Comment[hu]=A képernyővédő beállításainak megváltoztatása
++Comment[it]=Configura le impostazioni del salvaschermo.
++Comment[ja]=スクリーンセーバーを設定
++Comment[ko]=화면 보호기 설정 구성
++Comment[pt_BR]=Definir as configurações do protetor de tela.
++Comment[sv]=Konfigurera inställningarna för skärmsläckaren.
++Comment[zh_CN]=配置屏幕保护程序的设置。
++Comment[zh_HK]=配置螢幕保護程式設定。
++Comment[zh_TW]=配置螢幕保護程式設定。
+ Type=Application
+-Categories=Settings;DesktopSettings;Security;X-XFCE;
++Categories=GNOME;Settings;Appearance;
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/04-solaris-paths.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,309 @@
+Various fixes to deal with how & where we install things on Solaris:
+
+- Only run hacks from the hacks dir, not $PATH
+
+- Find helper programs even though they are not in $PATH
+
+- Show author names when reading RSS feeds from sites like blogs.sun.com
+
+- Show Solaris package names in demo app when hacks are not installed
+
+- Use gnome-help to display man pages nicely, without requiring internet
+  access (which some customers at secure sites won't have configured),
+  instead of opening a web browser to view the man page at jwz.org or
+  opening a gnome-terminal to run the man command.
+
+Mostly not acceptable upstream.
+
+Backport notes: this change relies on the gnome-help version delivered in
+Nevada that supports "man:xscreensaver" style URL's to display man pages.
+When backporting to older releases you will probably want to uncomment the
+lines shown for GNOME 2.4/2.6.
+
+Also, you'll need to fix the package names shown when the hacks are not
+installed to be the older SUNWxscreensaver-* for Solaris 10 & older.
+---
+ driver/Makefile.in              |    9 ++++--
+ driver/XScreenSaver.ad.in       |   14 +++++++---
+ driver/demo-Gtk.c               |    4 +-
+ driver/subprocs.c               |   54 +++++++++++++++++++++++++++++++++++++-
+ driver/xscreensaver-demo.glade2 |    8 +++--
+ driver/xscreensaver-text        |    6 +++-
+ driver/xscreensaver.man         |    5 +--
+ hacks/glx/Makefile.in           |    4 +-
+ 8 files changed, 84 insertions(+), 20 deletions(-)
+
+diff --git a/driver/Makefile.in b/driver/Makefile.in
+--- a/driver/Makefile.in
++++ b/driver/Makefile.in
[email protected]@ -27,7 +27,7 @@ INTLTOOL_MERGE	= @[email protected]
+ GTK_DATADIR	= @[email protected]
+ GTK_APPDIR	= $(GTK_DATADIR)/applications
+ GTK_ICONDIR	= $(GTK_DATADIR)/pixmaps
+-GTK_GLADEDIR	= $(GTK_DATADIR)/xscreensaver/glade
++GTK_GLADEDIR	= $(prefix)/lib/xscreensaver/config
+ HACK_CONF_DIR	= @[email protected]
+ 
+ CC		= @[email protected]
[email protected]@ -36,8 +36,11 @@ CFLAGS		= @[email protected]
+ LDFLAGS		= @[email protected]
+ DEFS		= @[email protected]
+ INTL_DEFS	= -DLOCALEDIR=\"$(localedir)\"
+-SUBP_DEFS	= $(DEFS) -DDEFAULT_PATH_PREFIX='"@[email protected]"'
+-GTK_DEFS	= $(DEFS) -DDEFAULT_ICONDIR='"$(GTK_GLADEDIR)"'
++SUBP_DEFS	= $(DEFS) -DHACK_PATH='"@[email protected]"' \
++	-DDEFAULT_PATH_PREFIX='"@[email protected]:$(libexecdir)"' \
++	-DHELPER_PATH='"$(libexecdir)"'
++GTK_DEFS	= $(DEFS) -DDEFAULT_ICONDIR='"$(GTK_GLADEDIR)"' \
++			-DBINDIR='"$(bindir)"'
+ CONF_DEFS	= -DHACK_CONFIGURATION_PATH='"$(HACK_CONF_DIR)"'
+ 
+ LIBS		= @[email protected]
+diff --git a/driver/XScreenSaver.ad.in b/driver/XScreenSaver.ad.in
+--- a/driver/XScreenSaver.ad.in
++++ b/driver/XScreenSaver.ad.in
[email protected]@ -91,18 +91,24 @@ GetViewPortIsFullOfLies: False
+ 
+ ! This is the URL loaded by the "Help" button on the splash screen,
+ ! and by the "Documentation" menu item in xscreensaver-demo.
+-*helpURL: http://www.jwz.org/xscreensaver/man.html
++*helpURL: man:xscreensaver
+ 
+ ! loadURL       -- how the "Help" buttons load the helpURL (/bin/sh syntax.)
+ ! manualCommand -- how the "Documentation" buttons display man pages.
+ !
+ ! And there are so very many options to choose from!
+ !
++!   Modern GNOME:
++!
++*loadURL: gnome-help '%s'
++*manualCommand: gnome-help 'man:%s'
++!
+ !   Gnome 2.4, 2.6: (yelp can't display man pages, as of 2.6.3)
+ !
[email protected]@*loadURL: @[email protected] '%s'
[email protected]@*manualCommand: gnome-terminal --title '%s manual' \
[email protected]@		--command '/bin/sh -c "man %s; read foo"'
++!*loadURL: gnome-terminal --title 'xscreensaver manual' \
++!		--command '/bin/ksh -c "man xscreensaver; read foo"'
++!*manualCommand: gnome-terminal --title '%s manual' \
++!		--command '/bin/ksh -c "man %s; read foo"'
+ !
+ !   Gnome 2.2:
+ !
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -991,7 +991,7 @@ restart_menu_cb (GtkWidget *widget, gpointer user_data)
+   flush_dialog_changes_and_save (s);
+   xscreensaver_command (GDK_DISPLAY(), XA_EXIT, 0, False, NULL);
+   sleep (1);
+-  if (system ("xscreensaver -nosplash &") < 0)
++  if (system (BINDIR "/xscreensaver -nosplash &") < 0)
+     fprintf (stderr, "%s: fork error\n", blurb());
+ 
+   await_xscreensaver (s);
[email protected]@ -4951,7 +4951,7 @@ main (int argc, char **argv)
+ 
+       if (init_results == 1)
+ 	{
+-	  system ("xscreensaver -nosplash &");
++	  system (BINDIR "/xscreensaver -nosplash &");
+ 	  return 0;
+ 	}
+ 
+diff --git a/driver/subprocs.c b/driver/subprocs.c
+--- a/driver/subprocs.c
++++ b/driver/subprocs.c
[email protected]@ -14,6 +14,7 @@
+ # include "config.h"
+ #endif
+ 
++#include <sys/stat.h>
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <string.h>
[email protected]@ -791,6 +792,8 @@ print_path_error (const char *program)
+   free (cmd);
+   perror (buf);
+ 
++/* mali - security issue do not want to display user's path */
++#ifdef EXPOSE_USER_PATH
+   if (errno == ENOENT &&
+       (token = getenv("PATH")))
+     {
[email protected]@ -821,6 +824,7 @@ print_path_error (const char *program)
+         }
+       fprintf (stderr, "\n");
+     }
++#endif
+ }
+ 
+ 
[email protected]@ -877,12 +881,42 @@ fork_and_exec (saver_screen_info *ssi, const char *command)
+   return forked;
+ }
+ 
++static Bool
++check_if_hacks_dir_exists(Bool verbose_p)
++{
++  const char hackdir[] = HACK_PATH;
++
++  int status;
++  struct stat st;
++
++  status = stat (hackdir, &st);
++
++  if (status == 0 && S_ISDIR(st.st_mode))
++    {
++      return True;
++    }
++   else
++    {
++      if (verbose_p)
++       {
++         fprintf(stderr,
++                 "%s: Warning: dir: %s missing. Will not run hacks\n",
++                 blurb(), hackdir);
++       }
++      return False;
++    }
++}
+ 
+ void
+ spawn_screenhack (saver_screen_info *ssi)
+ {
+   saver_info *si = ssi->global;
+   saver_preferences *p = &si->prefs;
++  char* complete_hack_command;
++
++  if (si->prefs.verbose_p)
++   fprintf(stderr, "--> spawn_screenhack()\n");
++
+   XFlush (si->dpy);
+ 
+   if (!monitor_powered_on_p (si))
[email protected]@ -962,6 +996,12 @@ spawn_screenhack (saver_screen_info *ssi)
+ 	    ;
+ 	}
+ 
++      if ((new_hack >= 0) &&
++         (check_if_hacks_dir_exists(p->verbose_p) == False))
++      {
++         new_hack = -1;
++      }
++
+       if (new_hack < 0)   /* don't run a hack */
+         {
+           ssi->current_hack = -1;
[email protected]@ -1009,7 +1049,17 @@ spawn_screenhack (saver_screen_info *ssi)
+       if (si->selection_mode < 0)
+ 	si->selection_mode = 0;
+ 
+-      forked = fork_and_exec (ssi, hack->command);
++      /* We need complete path to hack command else any executable
++       * with the same name in the path gets executed.
++       */
++      complete_hack_command = malloc (10 + strlen(hack->command) +
++                                             strlen (HACK_PATH));
++      sprintf(complete_hack_command, HACK_PATH"/%s", hack->command);
++
++
++      forked = fork_and_exec (ssi, complete_hack_command);
++      free (complete_hack_command);
++
+       switch ((int) forked)
+ 	{
+ 	case -1: /* fork failed */
[email protected]@ -1186,7 +1236,7 @@ get_best_gl_visual (saver_info *si, Screen *screen)
+   char *av[10];
+   int ac = 0;
+ 
+-  av[ac++] = "xscreensaver-gl-helper";
++  av[ac++] = HELPER_PATH "/xscreensaver-gl-helper";
+   av[ac] = 0;
+ 
+   if (pipe (fds))
+diff --git a/driver/xscreensaver-demo.glade2 b/driver/xscreensaver-demo.glade2
+--- a/driver/xscreensaver-demo.glade2
++++ b/driver/xscreensaver-demo.glade2
[email protected]@ -927,6 +927,6 @@ Installed</property>
+ 			      <property name="visible">True</property>
+ 			      <property name="label" translatable="yes">Very few (or no) screen savers appear to be available.
+ 
+-This probably means that the &quot;xscreensaver-extras&quot; and
+-&quot;xscreensaver-gl-extras&quot; packages are not installed.</property>
++This probably means that the “desktop/xscreensaver/hacks” and
++“desktop/xscreensaver/hacks/hacks-gl” packages are not installed.</property>
+ 			      <property name="use_underline">False</property>
+			      <property name="use_markup">False</property>
+ 			      <property name="justify">GTK_JUSTIFY_CENTER</property>
+diff --git a/driver/xscreensaver-text b/driver/xscreensaver-text
+--- a/driver/xscreensaver-text
++++ b/driver/xscreensaver-text
[email protected]@ -698,12 +698,15 @@ sub reformat_rss($) {
+     $i++;
+ 
+     my ($title, $body1, $body2, $body3);
++    my $author;
+     
+     $title = $3 if ([email protected]<((TITLE)       [^<>\s]*)[^<>]*>\s*(.*?)\s*</\1>@xsi);
+     $body1 = $3 if ([email protected]<((DESCRIPTION) [^<>\s]*)[^<>]*>\s*(.*?)\s*</\1>@xsi);
+     $body2 = $3 if ([email protected]<((CONTENT)     [^<>\s]*)[^<>]*>\s*(.*?)\s*</\1>@xsi);
+     $body3 = $3 if ([email protected]<((SUMMARY)     [^<>\s]*)[^<>]*>\s*(.*?)\s*</\1>@xsi);
+ 
++    $author = $3 if ([email protected]<((DC:CREATOR) [^<>\s]*)[^<>]*>\s*(.*?)\s*</\1>@xsi);
++
+     # If there are both <description> and <content> or <content:encoded>,
+     # use whichever one contains more text.
+     #
[email protected]@ -727,10 +730,11 @@ sub reformat_rss($) {
+ 
+     $title = rss_field_to_html ($title || '');
+     $body1 = rss_field_to_html ($body1 || '');
++    $author = rss_field_to_html ($author || '');
+ 
+     $title = '' if ($body1 eq $title);  # Identical in Twitter's atom feed.
+ 
+-    reformat_html ("$title<P>$body1", 1);
++    reformat_html ("$title<BR>$author<P>$body1", 1);
+     print "\n";
+   }
+ }
+diff --git a/driver/xscreensaver.man b/driver/xscreensaver.man
+--- a/driver/xscreensaver.man
++++ b/driver/xscreensaver.man
[email protected]@ -97,9 +97,8 @@ xscreensaver-command -restart
+ If you want to set the system-wide defaults, then make your edits to
+ the xscreensaver app-defaults file, which should have been installed
+ when xscreensaver itself was installed.  The app-defaults file will
+-usually be named /usr/lib/X11/app-defaults/XScreenSaver, but different
+-systems might keep it in a different place (for example,
+-/usr/openwin/lib/app-defaults/XScreenSaver on Solaris.)
++usually be named /usr/share/X11/app-defaults/XScreenSaver, but different
++systems might keep it in a different place.
+ 
+ When settings are changed in the Preferences dialog box (see above)
+ the current settings will be written to the \fI.xscreensaver\fP file.
+diff --git a/hacks/glx/Makefile.in b/hacks/glx/Makefile.in
+--- a/hacks/glx/Makefile.in
++++ b/hacks/glx/Makefile.in
[email protected]@ -278,7 +278,7 @@ install-program:: $(EXES)
+ # the xscreensaver-gl-helper program, in $bindir
+ install-program:: $(EXES)
+ 	@exes="@[email protected]" ;					\
+-	 idir="$(install_prefix)$(bindir)" ;				\
++	 idir="$(install_prefix)$(libexecdir)" ;			\
+ 	 if [ "$$exes" != "" ]; then					\
+ 	   if [ ! -d $$idir ]; then					\
+ 	     $(INSTALL_DIRS) $$idir ;					\
[email protected]@ -347,7 +347,7 @@ uninstall-program::
+ # the xscreensaver-gl-helper program, in $bindir
+ uninstall-program::
+ 	@exes="$(GL_UTIL_EXES)" ;					\
+-	 idir="$(install_prefix)$(bindir)" ;				\
++	 idir="$(install_prefix)$(libexecdir)" ;			\
+ 	 for program in $$exes; do					\
+ 	   echo rm -f $$idir/$$program ;				\
+ 		rm -f $$idir/$$program ;				\
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/05-atoms.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,498 @@
+Centralize atom handling and use XInternAtoms to get the atoms from
+the server in one round trip instead of a separate synchronous/blocking
+round trip for each XInternAtom individual call.
+
+Was offered upstream in 2011 - jwz responded with:
+  I'd sure like to see some kind of performance metrics -- like, any -- before
+  making a big change to something so central. When it comes to the xscreensaver
+  driver I'm a firm believer in "don't fix what ain't broke"...
+
+Need to find some time to actually measure that someday (dtrace?).
+
+---
+ driver/Makefile.in            |   14 +++---
+ driver/atoms.c                |  113 +++++++++++++++++++++++++++++++++++++++++
+ driver/atoms.h                |   33 ++++++++++++
+ driver/demo-Gtk.c             |   26 ++-------
+ driver/demo-Xm.c              |   25 ++-------
+ driver/remote.c               |    4 +-
+ driver/windows.c              |    4 +-
+ driver/xscreensaver-command.c |   35 ++-----------
+ driver/xscreensaver.c         |   45 ++++++-----------
+ driver/xscreensaver.h         |    3 -
+ 10 files changed, 188 insertions(+), 114 deletions(-)
+ create mode 100644 driver/atoms.c
+ create mode 100644 driver/atoms.h
+
+diff --git a/driver/Makefile.in b/driver/Makefile.in
+--- a/driver/Makefile.in
++++ b/driver/Makefile.in
[email protected]@ -190,18 +190,18 @@ SAVER_OBJS_1	= xscreensaver.o windows.o screens.o timers.o subprocs.o \
+ 		  exec.o xset.o splash.o setuid.o stderr.o mlstring.o
+ 
+ SAVER_SRCS	= $(SAVER_SRCS_1) prefs.c dpms.c $(LOCK_SRCS) \
+-		  $(SAVER_UTIL_SRCS) $(GL_SRCS)
++		  $(SAVER_UTIL_SRCS) $(GL_SRCS) atoms.c
+ SAVER_OBJS	= $(SAVER_OBJS_1) prefs.o dpms.o $(LOCK_OBJS) \
+-		  $(SAVER_UTIL_OBJS) $(GL_OBJS)
++		  $(SAVER_UTIL_OBJS) $(GL_OBJS) atoms.o
+ 
+-CMD_SRCS	= remote.c xscreensaver-command.c
+-CMD_OBJS	= remote.o xscreensaver-command.o
++CMD_SRCS	= remote.c atoms.c xscreensaver-command.c
++CMD_OBJS	= remote.o atoms.o xscreensaver-command.o
+ 
+ DEMO_SRCS_1	= prefs.c dpms.c
+ DEMO_OBJS_1	= prefs.o dpms.o
+ 
+-DEMO_SRCS	= $(DEMO_SRCS_1) remote.c exec.c $(DEMO_UTIL_SRCS)
+-DEMO_OBJS	= $(DEMO_OBJS_1) remote.o exec.o $(DEMO_UTIL_OBJS)
++DEMO_SRCS	= $(DEMO_SRCS_1) remote.c atoms.c exec.c $(DEMO_UTIL_SRCS)
++DEMO_OBJS	= $(DEMO_OBJS_1) remote.o atoms.o exec.o $(DEMO_UTIL_OBJS)
+ 
+ PDF2JPEG_SRCS	= pdf2jpeg.m
+ PDF2JPEG_OBJS	= pdf2jpeg.o
[email protected]@ -231,7 +231,7 @@ SCRIPTS		= $(SCRIPTS_1) @[email protected]
+ HDRS		= XScreenSaver_ad.h XScreenSaver_Xm_ad.h \
+ 		  xscreensaver.h prefs.h remote.h exec.h \
+ 		  demo-Gtk-widgets.h demo-Gtk-stubs.h demo-Gtk-support.h \
+-		  demo-Gtk-conf.h auth.h mlstring.h types.h
++		  demo-Gtk-conf.h auth.h mlstring.h types.h atoms.h
+ MEN_1		= xscreensaver.man xscreensaver-demo.man \
+ 		  xscreensaver-command.man \
+ 		  xscreensaver-text.man \
+diff --git a/driver/atoms.c b/driver/atoms.c
+new file mode 100644
+--- /dev/null
++++ b/driver/atoms.c
[email protected]@ -0,0 +1,113 @@
++/* xscreensaver, Copyright (c) 1991-2010 Jamie Zawinski <[email protected]>
++ *
++ * Permission to use, copy, modify, distribute, and sell this software and its
++ * documentation for any purpose is hereby granted without fee, provided that
++ * the above copyright notice appear in all copies and that both that
++ * copyright notice and this permission notice appear in supporting
++ * documentation.  No representations are made about the suitability of this
++ * software for any purpose.  It is provided "as is" without express or
++ * implied warranty.
++ */
++
++#ifdef HAVE_CONFIG_H
++# include "config.h"
++#endif
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <sys/types.h>
++
++#include <X11/Xproto.h>		/* for CARD32 */
++#include <X11/Xlib.h>
++#include <X11/Xos.h>
++
++#include "atoms.h"
++
++/* Atoms to retrieve info from remote daemon */
++Atom XA_SCREENSAVER, XA_SCREENSAVER_ID, XA_SCREENSAVER_VERSION,
++   XA_SCREENSAVER_RESPONSE, XA_SCREENSAVER_STATUS;
++
++/* Atoms to send commands to remote daemon */
++Atom XA_ACTIVATE, XA_BLANK, XA_CYCLE, XA_DEACTIVATE, XA_DEMO,
++  XA_EXIT, XA_LOCK, XA_NEXT, XA_PREFS, XA_PREV, XA_RESTART,
++  XA_SELECT, XA_THROTTLE, XA_UNTHROTTLE;
++
++static const struct atom_request remote_control_atom_list[] =
++{
++    { &XA_SCREENSAVER, "SCREENSAVER" },
++    { &XA_SCREENSAVER_ID, "_SCREENSAVER_ID" },
++    { &XA_SCREENSAVER_VERSION, "_SCREENSAVER_VERSION" },
++    { &XA_SCREENSAVER_RESPONSE, "_SCREENSAVER_RESPONSE" },
++    { &XA_SCREENSAVER_STATUS, "_SCREENSAVER_STATUS" },
++    { &XA_ACTIVATE, "ACTIVATE" },
++    { &XA_BLANK, "BLANK" },
++    { &XA_CYCLE, "CYCLE" },
++    { &XA_DEACTIVATE, "DEACTIVATE" },
++    { &XA_DEMO, "DEMO" },
++    { &XA_EXIT, "EXIT" },
++    { &XA_LOCK, "LOCK" },
++    { &XA_NEXT, "NEXT" },
++    { &XA_PREFS, "PREFS" },
++    { &XA_PREV, "PREV" },
++    { &XA_RESTART, "RESTART" },
++    { &XA_SELECT, "SELECT" },
++    { &XA_THROTTLE, "THROTTLE" },
++    { &XA_UNTHROTTLE, "UNTHROTTLE" },
++    { NULL, NULL } /* Must be last to terminate list */
++};
++
++const struct atom_request *remote_control_atoms = remote_control_atom_list;
++
++/* Load a list of atoms in a single round trip to the X server instead of
++   waiting for a synchronous round trip for each and every atom */
++Status request_atoms ( Display *dpy,
++		       const struct atom_request **request_lists )
++{
++  int atom_count, n;
++  Status result;
++  const struct atom_request **l, *r;
++  Atom *atoms;
++  const char **names;
++
++  /* Count the number of items across all the lists passed in */
++  atom_count = 0;
++  for (l = request_lists; l != NULL && *l != NULL; l++)
++    {
++      for (r = *l; r != NULL && r->name != NULL; r++)
++	{
++	  atom_count++;
++	}
++    }
++
++  atoms = calloc(atom_count, sizeof(Atom));
++  names = calloc(atom_count, sizeof(char *));
++  if (!atoms || !names)
++    return -1;
++
++  n = 0;
++  for (l = request_lists; l != NULL && *l != NULL; l++)
++    {
++      for (r = *l; r != NULL && r->name != NULL; r++)
++	{
++	  names[n++] = r->name;
++	}
++    }
++  result = XInternAtoms( dpy, (char **) names, atom_count, False, atoms );
++
++  n = 0;
++  for (l = request_lists; l != NULL && *l != NULL; l++)
++    {
++      for (r = *l; r != NULL && r->name != NULL; r++)
++	{
++#if DEBUG_ATOMS
++	  fprintf (stderr, "atom: %s => %d\n", names[n], atoms[n]);
++#endif
++	  *(r->atomp) = atoms[n++];
++	}
++    }
++
++  free(atoms);
++  free(names);
++
++  return result;
++}
+diff --git a/driver/atoms.h b/driver/atoms.h
+new file mode 100644
+--- /dev/null
++++ b/driver/atoms.h
[email protected]@ -0,0 +1,33 @@
++/* xscreensaver, Copyright (c) 1991-2010 Jamie Zawinski <[email protected]>
++ *
++ * Permission to use, copy, modify, distribute, and sell this software and its
++ * documentation for any purpose is hereby granted without fee, provided that
++ * the above copyright notice appear in all copies and that both that
++ * copyright notice and this permission notice appear in supporting
++ * documentation.  No representations are made about the suitability of this
++ * software for any purpose.  It is provided "as is" without express or
++ * implied warranty.
++ */
++
++#ifndef _XSCREENSAVER_ATOMS_H_
++#define _XSCREENSAVER_ATOMS_H_
++
++struct atom_request {
++    Atom *atomp;
++    const char *name;
++};
++
++extern const struct atom_request *remote_control_atoms;
++extern Status request_atoms ( Display *dpy,
++			      const struct atom_request **request_lists );
++
++/* Atoms to retrieve info from remote daemon */
++extern Atom XA_SCREENSAVER, XA_SCREENSAVER_ID, XA_SCREENSAVER_VERSION,
++  XA_SCREENSAVER_RESPONSE, XA_SCREENSAVER_STATUS;
++
++/* Atoms to send commands to remote daemon */
++extern Atom XA_ACTIVATE, XA_BLANK, XA_CYCLE, XA_DEACTIVATE, XA_DEMO,
++  XA_EXIT, XA_LOCK, XA_NEXT, XA_PREFS, XA_PREV, XA_RESTART,
++  XA_SELECT, XA_THROTTLE, XA_UNTHROTTLE;
++
++#endif /* _XSCREENSAVER_ATOMS_H_ */
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -118,6 +118,7 @@
+ #include "resources.h"		/* for parse_time() */
+ #include "visual.h"		/* for has_writable_cells() */
+ #include "remote.h"		/* for xscreensaver_command() */
++#include "atoms.h"
+ #include "usleep.h"
+ 
+ #include "logo-50.xpm"
[email protected]@ -252,12 +253,6 @@ typedef struct {
+    a closure object of our own down into the various widget callbacks. */
+ static state *global_state_kludge;
+ 
+-Atom XA_VROOT;
+-Atom XA_SCREENSAVER, XA_SCREENSAVER_RESPONSE, XA_SCREENSAVER_VERSION;
+-Atom XA_SCREENSAVER_ID, XA_SCREENSAVER_STATUS, XA_SELECT, XA_DEMO;
+-Atom XA_ACTIVATE, XA_BLANK, XA_LOCK, XA_RESTART, XA_EXIT;
+-
+-
+ static void populate_demo_window (state *, int list_elt);
+ static void populate_prefs_page (state *);
+ static void populate_popup_window (state *);
[email protected]@ -5050,20 +5045,11 @@ main (int argc, char **argv)
+ 
+   /* Intern the atoms that xscreensaver_command() needs.
+    */
+-  XA_VROOT = XInternAtom (dpy, "__SWM_VROOT", False);
+-  XA_SCREENSAVER = XInternAtom (dpy, "SCREENSAVER", False);
+-  XA_SCREENSAVER_VERSION = XInternAtom (dpy, "_SCREENSAVER_VERSION",False);
+-  XA_SCREENSAVER_STATUS = XInternAtom (dpy, "_SCREENSAVER_STATUS", False);
+-  XA_SCREENSAVER_ID = XInternAtom (dpy, "_SCREENSAVER_ID", False);
+-  XA_SCREENSAVER_RESPONSE = XInternAtom (dpy, "_SCREENSAVER_RESPONSE", False);
+-  XA_SELECT = XInternAtom (dpy, "SELECT", False);
+-  XA_DEMO = XInternAtom (dpy, "DEMO", False);
+-  XA_ACTIVATE = XInternAtom (dpy, "ACTIVATE", False);
+-  XA_BLANK = XInternAtom (dpy, "BLANK", False);
+-  XA_LOCK = XInternAtom (dpy, "LOCK", False);
+-  XA_EXIT = XInternAtom (dpy, "EXIT", False);
+-  XA_RESTART = XInternAtom (dpy, "RESTART", False);
+-
++  {
++    const struct atom_request *atom_lists[2] = { NULL, NULL };
++    atom_lists[0] = remote_control_atoms;
++    request_atoms (dpy, atom_lists);
++  }
+ 
+   /* Create the window and all its widgets.
+    */
+diff --git a/driver/demo-Xm.c b/driver/demo-Xm.c
+--- a/driver/demo-Xm.c
++++ b/driver/demo-Xm.c
[email protected]@ -82,6 +82,7 @@
+ #include "resources.h"		/* for parse_time() */
+ #include "visual.h"		/* for has_writable_cells() */
+ #include "remote.h"		/* for xscreensaver_command() */
++#include "atoms.h"
+ #include "usleep.h"
+ 
+ #include <stdio.h>
[email protected]@ -110,12 +111,6 @@ extern const char *visual_menu[];
+ 
+ static char *short_version = 0;
+ 
+-Atom XA_VROOT;
+-Atom XA_SCREENSAVER, XA_SCREENSAVER_RESPONSE, XA_SCREENSAVER_VERSION;
+-Atom XA_SCREENSAVER_ID, XA_SCREENSAVER_STATUS, XA_SELECT, XA_DEMO;
+-Atom XA_ACTIVATE, XA_BLANK, XA_LOCK, XA_RESTART, XA_EXIT;
+-
+-
+ static void populate_demo_window (Widget toplevel,
+                                   int which, prefs_pair *pair);
+ static void populate_prefs_page (Widget top, prefs_pair *pair);
[email protected]@ -1791,19 +1786,11 @@ main (int argc, char **argv)
+ 
+   /* Intern the atoms that xscreensaver_command() needs.
+    */
+-  XA_VROOT = XInternAtom (dpy, "__SWM_VROOT", False);
+-  XA_SCREENSAVER = XInternAtom (dpy, "SCREENSAVER", False);
+-  XA_SCREENSAVER_VERSION = XInternAtom (dpy, "_SCREENSAVER_VERSION",False);
+-  XA_SCREENSAVER_STATUS = XInternAtom (dpy, "_SCREENSAVER_STATUS", False);
+-  XA_SCREENSAVER_ID = XInternAtom (dpy, "_SCREENSAVER_ID", False);
+-  XA_SCREENSAVER_RESPONSE = XInternAtom (dpy, "_SCREENSAVER_RESPONSE", False);
+-  XA_SELECT = XInternAtom (dpy, "SELECT", False);
+-  XA_DEMO = XInternAtom (dpy, "DEMO", False);
+-  XA_ACTIVATE = XInternAtom (dpy, "ACTIVATE", False);
+-  XA_BLANK = XInternAtom (dpy, "BLANK", False);
+-  XA_LOCK = XInternAtom (dpy, "LOCK", False);
+-  XA_EXIT = XInternAtom (dpy, "EXIT", False);
+-  XA_RESTART = XInternAtom (dpy, "RESTART", False);
++  {
++    const struct atom_request *atom_lists[2] = { NULL, NULL };
++    atom_lists[0] = remote_control_atoms;
++    request_atoms (dpy, atom_lists);
++  }
+ 
+   /* Create the window and all its widgets.
+    */
+diff --git a/driver/remote.c b/driver/remote.c
+--- a/driver/remote.c
++++ b/driver/remote.c
[email protected]@ -34,15 +34,13 @@
+ #include <X11/Xos.h>
+ 
+ #include "remote.h"
++#include "atoms.h"
+ 
+ #ifdef _VROOT_H_
+ ERROR! you must not include vroot.h in this file
+ #endif
+ 
+ extern char *progname;
+-extern Atom XA_SCREENSAVER, XA_SCREENSAVER_VERSION, XA_SCREENSAVER_RESPONSE;
+-extern Atom XA_SCREENSAVER_ID, XA_SCREENSAVER_STATUS, XA_EXIT;
+-extern Atom XA_VROOT, XA_SELECT, XA_DEMO, XA_BLANK, XA_LOCK;
+ 
+ 
+ static XErrorHandler old_handler = 0;
+diff --git a/driver/windows.c b/driver/windows.c
+--- a/driver/windows.c
++++ b/driver/windows.c
[email protected]@ -69,14 +69,12 @@ typedef long PROP32;
+ #include "xscreensaver.h"
+ #include "visual.h"
+ #include "fade.h"
++#include "atoms.h"
+ 
+ 
+ extern int kill (pid_t, int);		/* signal() is in sys/signal.h... */
+ 
+ Atom XA_VROOT, XA_XSETROOT_ID, XA_ESETROOT_PMAP_ID, XA_XROOTPMAP_ID;
+-Atom XA_SCREENSAVER, XA_SCREENSAVER_VERSION, XA_SCREENSAVER_ID;
+-Atom XA_SCREENSAVER_STATUS;
+-
+ 
+ extern saver_info *global_si_kludge;	/* I hate C so much... */
+ 
+diff --git a/driver/xscreensaver-command.c b/driver/xscreensaver-command.c
+--- a/driver/xscreensaver-command.c
++++ b/driver/xscreensaver-command.c
[email protected]@ -40,6 +40,7 @@
+ typedef long PROP32;
+ 
+ #include "remote.h"
++#include "atoms.h"
+ #include "version.h"
+ 
+ #ifdef _VROOT_H_
[email protected]@ -48,13 +49,6 @@ ERROR! you must not include vroot.h in this file
+ 
+ char *progname;
+ 
+-Atom XA_VROOT;
+-Atom XA_SCREENSAVER, XA_SCREENSAVER_VERSION, XA_SCREENSAVER_RESPONSE;
+-Atom XA_SCREENSAVER_ID, XA_SCREENSAVER_STATUS, XA_SELECT, XA_DEMO, XA_EXIT;
+-Atom XA_BLANK, XA_LOCK;
+-static Atom XA_ACTIVATE, XA_DEACTIVATE, XA_CYCLE, XA_NEXT, XA_PREV;
+-static Atom XA_RESTART, XA_PREFS, XA_THROTTLE, XA_UNTHROTTLE;
+-
+ static char *screensaver_version;
+ # ifdef __GNUC__
+   __extension__   /* don't warn about "string length is greater than the
[email protected]@ -285,28 +279,11 @@ main (int argc, char **argv)
+       exit (1);
+     }
+ 
+-  XA_VROOT = XInternAtom (dpy, "__SWM_VROOT", False);
+-  XA_SCREENSAVER = XInternAtom (dpy, "SCREENSAVER", False);
+-  XA_SCREENSAVER_ID = XInternAtom (dpy, "_SCREENSAVER_ID", False);
+-  XA_SCREENSAVER_VERSION = XInternAtom (dpy, "_SCREENSAVER_VERSION",False);
+-  XA_SCREENSAVER_STATUS = XInternAtom (dpy, "_SCREENSAVER_STATUS", False);
+-  XA_SCREENSAVER_RESPONSE = XInternAtom (dpy, "_SCREENSAVER_RESPONSE", False);
+-  XA_ACTIVATE = XInternAtom (dpy, "ACTIVATE", False);
+-  XA_DEACTIVATE = XInternAtom (dpy, "DEACTIVATE", False);
+-  XA_RESTART = XInternAtom (dpy, "RESTART", False);
+-  XA_CYCLE = XInternAtom (dpy, "CYCLE", False);
+-  XA_NEXT = XInternAtom (dpy, "NEXT", False);
+-  XA_PREV = XInternAtom (dpy, "PREV", False);
+-  XA_SELECT = XInternAtom (dpy, "SELECT", False);
+-  XA_EXIT = XInternAtom (dpy, "EXIT", False);
+-  XA_DEMO = XInternAtom (dpy, "DEMO", False);
+-  XA_PREFS = XInternAtom (dpy, "PREFS", False);
+-  XA_LOCK = XInternAtom (dpy, "LOCK", False);
+-  XA_BLANK = XInternAtom (dpy, "BLANK", False);
+-  XA_THROTTLE = XInternAtom (dpy, "THROTTLE", False);
+-  XA_UNTHROTTLE = XInternAtom (dpy, "UNTHROTTLE", False);
+-
+-  XSync (dpy, 0);
++  {
++    const struct atom_request *atom_lists[2] = { NULL, NULL };
++    atom_lists[0] = remote_control_atoms;
++    request_atoms (dpy, atom_lists);
++  }
+ 
+   if (cmd == &XA_WATCH)
+     {
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -224,6 +224,7 @@
+ #include "visual.h"
+ #include "usleep.h"
+ #include "auth.h"
++#include "atoms.h"
+ 
+ saver_info *global_si_kludge = 0;	/* I hate C so much... */
+ 
[email protected]@ -232,12 +233,6 @@ char *progclass = 0;
+ XrmDatabase db = 0;
+ 
+ 
+-static Atom XA_SCREENSAVER_RESPONSE;
+-static Atom XA_ACTIVATE, XA_DEACTIVATE, XA_CYCLE, XA_NEXT, XA_PREV;
+-static Atom XA_RESTART, XA_SELECT;
+-static Atom XA_THROTTLE, XA_UNTHROTTLE;
+-Atom XA_DEMO, XA_PREFS, XA_EXIT, XA_LOCK, XA_BLANK;
+-
+ 
+ static XrmOptionDescRec options [] = {
+ 
[email protected]@ -628,30 +623,20 @@ connect_to_server (saver_info *si, int *argc, char **argv)
+ 
+   db = si->prefs.db;	/* resources.c needs this */
+ 
+-  XA_VROOT = XInternAtom (si->dpy, "__SWM_VROOT", False);
+-  XA_SCREENSAVER = XInternAtom (si->dpy, "SCREENSAVER", False);
+-  XA_SCREENSAVER_VERSION = XInternAtom (si->dpy, "_SCREENSAVER_VERSION",False);
+-  XA_SCREENSAVER_ID = XInternAtom (si->dpy, "_SCREENSAVER_ID", False);
+-  XA_SCREENSAVER_STATUS = XInternAtom (si->dpy, "_SCREENSAVER_STATUS", False);
+-  XA_SCREENSAVER_RESPONSE = XInternAtom (si->dpy, "_SCREENSAVER_RESPONSE",
+-					 False);
+-  XA_XSETROOT_ID = XInternAtom (si->dpy, "_XSETROOT_ID", False);
+-  XA_ESETROOT_PMAP_ID = XInternAtom (si->dpy, "ESETROOT_PMAP_ID", False);
+-  XA_XROOTPMAP_ID = XInternAtom (si->dpy, "_XROOTPMAP_ID", False);
+-  XA_ACTIVATE = XInternAtom (si->dpy, "ACTIVATE", False);
+-  XA_DEACTIVATE = XInternAtom (si->dpy, "DEACTIVATE", False);
+-  XA_RESTART = XInternAtom (si->dpy, "RESTART", False);
+-  XA_CYCLE = XInternAtom (si->dpy, "CYCLE", False);
+-  XA_NEXT = XInternAtom (si->dpy, "NEXT", False);
+-  XA_PREV = XInternAtom (si->dpy, "PREV", False);
+-  XA_SELECT = XInternAtom (si->dpy, "SELECT", False);
+-  XA_EXIT = XInternAtom (si->dpy, "EXIT", False);
+-  XA_DEMO = XInternAtom (si->dpy, "DEMO", False);
+-  XA_PREFS = XInternAtom (si->dpy, "PREFS", False);
+-  XA_LOCK = XInternAtom (si->dpy, "LOCK", False);
+-  XA_BLANK = XInternAtom (si->dpy, "BLANK", False);
+-  XA_THROTTLE = XInternAtom (si->dpy, "THROTTLE", False);
+-  XA_UNTHROTTLE = XInternAtom (si->dpy, "UNTHROTTLE", False);
++  {
++    const struct atom_request root_atoms[] =
++      {
++	{ &XA_VROOT, "__SWM_VROOT" },
++	{ &XA_XSETROOT_ID, "_XSETROOT_ID" },
++	{ &XA_ESETROOT_PMAP_ID, "ESETROOT_PMAP_ID" },
++	{ &XA_XROOTPMAP_ID, "_XROOTPMAP_ID" },
++	{ NULL, NULL } /* Must be last to terminate list */
++      };
++    const struct atom_request *atom_lists[3] = { NULL, NULL, NULL };
++    atom_lists[0] = remote_control_atoms;
++    atom_lists[1] = root_atoms;
++    request_atoms (si->dpy, atom_lists);
++  }
+ 
+   return toplevel_shell;
+ }
+diff --git a/driver/xscreensaver.h b/driver/xscreensaver.h
+--- a/driver/xscreensaver.h
++++ b/driver/xscreensaver.h
[email protected]@ -200,8 +200,5 @@ Bool safe_XF86VidModeGetViewPort (Display *, int, int *, int *);
+ #endif /* HAVE_XF86VMODE */
+ 
+ extern Atom XA_VROOT, XA_XSETROOT_ID, XA_ESETROOT_PMAP_ID, XA_XROOTPMAP_ID;
+-extern Atom XA_SCREENSAVER, XA_SCREENSAVER_VERSION, XA_SCREENSAVER_ID;
+-extern Atom XA_SCREENSAVER_STATUS, XA_LOCK, XA_BLANK;
+-extern Atom XA_DEMO, XA_PREFS;
+ 
+ #endif /* __XSCREENSAVER_H__ */
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/06-gtk-lock.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,3976 @@
+Solaris uses the gtk unlock dialog program originally written by
+Ximian & Wipro, in order to provide a dialog box that works with
+the GNOME accessibility framework.   This was done as a fork of
+the original xscreensaver because the maintainer would not allow
+use of a toolkit in the lock dialog - he has since softened his
+stance a bit, but this has not been presented to him to see if it
+meets his requirements as spelled out at:
+        http://www.jwz.org/xscreensaver/toolkits.html
+
+This patch also contains fixes for:
+
+15134570 SUNBT4782515 user is prompted to enter PIN or password when screen
+	 	      is locked
+15134983 SUNBT4783832 No date on xscreensaver-lock and warning on screen
+15179562 SUNBT4931584 xscreensaver-demo cores with GTK_MODULES=gail:atk-bridge
+15209082 SUNBT5039876 "User:" should not look like an input field
+15209083 SUNBT5039878 "Password:" field should be focused / have flashing caret
+15214348 SUNBT5059445 pam service name, screen kb and screen reader support
+15220008 SUNBT5077989 Bug 147580: password input dialogue obscures GOK
+15220010 SUNBT5077993 Bug 147639: Gok cant automatically UI grab screensaver
+	 	      preferences
+15220705 SUNBT5079870 147587: password field should set ATK_ROLE_PASSWORD_TEXT
+15221761 SUNBT5083155 Unable to unlock screen when running dual head
+	 	      magnification
+15231258 SUNBT6176524 passwdTimeoutEnable for disabled user (xscreensaver-lock)
+15231818 SUNBT6178584 Xscreensaver needs to use ROLE_PASSWORD_TEXT
+15233078 SUNBT6182506 Screensaver dialog isn't magnified properly
+15239418 SUNBT6203951 xscreensaver lockscreen translation errors for fr_FR
+15252945 SUNBT6237901 Ldap and Gnome xscreensaver authentication failure
+15265442 SUNBT6269444 snv_14 xscreensaver prints out gratuitous debug messages
+	 	      after authentication
+15280862 SUNBT6308859 xscreensaver: password lock dialog is not localized
+15295912 SUNBT6346056 xscreensaver should not enable input method
+15317555 SUNBT6395649 at-spi-registryd starts when screen is locked even when
+	 	      accessible device support is off
+15326852 SUNBT6417168 xscreensaver loops while trying to unlock a session for
+	 	      a user whose password was expired
+15346556 SUNBT6461887 GNOME screen lock does not prevent access to other
+	 	      applications via 'alt-tab'
+15352585 SUNBT6475285 xscreensaver core dumps in kill_job() after unlocking
+	 	      the screen
+15354012 SUNBT6478362 When the AT support is enabled, the input focus is
+	 	      located at password label
+15356879 SUNBT6484604 X should stop linking against -lcmd
+15375976 SUNBT6520014 possible mem. leak in xscreensaver's lock.c in s11/nv
+15387793 SUNBT6541240 Screen saver will lock user out of the system if they
+	 	      have no password set
+15405753 SUNBT6573182 after applying patch 120094-11(or later), xscreensaver
+	 	      core dump
+15427168 SUNBT6611183 xscreensaver needs to put Sun logos in files loaded at
+	 	      runtime
+15461985 SUNBT6670025 xscreensaver passwd dialog image missing in nv_85
+15462355 SUNBT6670659 password dialog window remains on the screen even after
+	 	      screen is unlocked
+15463666 SUNBT6673036 prepare for Indiana unlock logos
+15500787 SUNBT6736157 Security problem when desktop a11y support is turned on
+15521700 SUNBT6769901 popup windows appearing through xscreensaver
+15553552 SUNBT6825374 xscreensaver issues under Xorg
+15561643 SUNBT6839026 Regression in screensaver may cause Performance
+	 	      Degradation and make locked screensaver unresponsive
+15565807 SUNBT6845751 xscreensaver-lock chews CPU when daemon dies while unlock
+	 	      dialog is up
+15568147 SUNBT6849124 xscreensaver leaves a dialog that cannot be moved/closed
+	 	      after password change warning
+15573881 SUNBT6857559 Nevada build was broken because of 6849124
+---
+ config.h.in           |    3 +
+ configure.in          |   23 +-
+ driver/Makefile.in    |   59 +++-
+ driver/auth.h         |    4 +
+ driver/demo-Gtk.c     |   18 +
+ driver/dialog-data.h  |  131 ++++++
+ driver/lock-Gtk.c     |  955 +++++++++++++++++++++++++++++++++++++++++++
+ driver/lock.c         | 1083 ++++++++++++++++++++++++++++++++++++++++++++-----
+ driver/passwd-pam.c   |  207 +++++++++-
+ driver/passwd.c       |    1 +
+ driver/setuid.c       |    5 +-
+ driver/subprocs.c     |   35 ++-
+ driver/timers.c       |  110 +++++-
+ driver/types.h        |   18 +
+ driver/windows.c      |   21 +-
+ driver/xscreensaver.c |  131 ++++++-
+ driver/xscreensaver.h |    6 +
+ 17 files changed, 2663 insertions(+), 147 deletions(-)
+ create mode 100644 driver/dialog-data.h
+ create mode 100644 driver/lock-Gtk.c
+
+diff --git a/config.h.in b/config.h.in
+--- a/config.h.in
++++ b/config.h.in
[email protected]@ -384,6 +384,9 @@
+    make use of this if it is available. */
+ #undef HAVE_XPM
+ 
++/* Define this to build the external lock dialog */
++#undef HAVE_XSCREENSAVER_LOCK
++
+ /* Define this if you have the X Shared Memory Extension. */
+ #undef HAVE_XSHM_EXTENSION
+ 
+diff --git a/configure.in b/configure.in
+--- a/configure.in
++++ b/configure.in
[email protected]@ -2531,6 +2531,8 @@ if test "$with_gtk" = yes; then
+   pkg_check_version        libglade-2.0  1.99.0
+   pkg_check_version      gdk-pixbuf-2.0  2.0.0
+   pkg_check_version gdk-pixbuf-xlib-2.0  2.0.0
++  pkg_check_version           gconf-2.0  2.6.1
++  pkg_check_version  libloginhelper-1.0  1.0
+   have_gtk="$ok"
+ 
+   if test "$have_gtk" = no; then
[email protected]@ -2546,6 +2548,9 @@ if test "$with_gtk" = yes; then
+   fi
+ 
+   if test "$have_gtk" = yes; then
++#--- Begin SUNW addition
++    AC_DEFINE(HAVE_XSCREENSAVER_LOCK,[],[Define this to build the external lock dialog])
++#--- End SUNW addition
+     AC_CACHE_CHECK([for Gtk includes], ac_cv_gtk_config_cflags,
+                    [ac_cv_gtk_config_cflags=`$pkg_config --cflags $pkgs`])
+     AC_CACHE_CHECK([for Gtk libs], ac_cv_gtk_config_libs,
[email protected]@ -3642,6 +3647,16 @@ if test "$have_gtk" = yes; then
+   ALL_DEMO_PROGRAMS="$PREFERRED_DEMO_PROGRAM $ALL_DEMO_PROGRAMS"
+ fi
+ 
++#--- Begin SUNW addition
++PREFERRED_LOCK_PROGRAM=
++ALL_LOCK_PROGRAMS=
++LOCK_PROGRAM=
++if test "$have_gtk" = yes; then
++  PREFERRED_LOCK_PROGRAM=xscreensaver-lock-Gtk
++  ALL_LOCK_PROGRAMS="$PREFERRED_LOCK_PROGRAM $ALL_LOCK_PROGRAMS"
++  LOCK_PROGRAM=xscreensaver-lock
++fi
++#--- End SUNW addition
+ 
+ if test "$have_kerberos" = yes; then
+   PASSWD_SRCS="$PASSWD_SRCS \$(KERBEROS_SRCS)"
[email protected]@ -3781,6 +3796,11 @@ AC_SUBST(INCLUDES)
+ 
+ AC_SUBST(PREFERRED_DEMO_PROGRAM)
+ AC_SUBST(ALL_DEMO_PROGRAMS)
++#--- Begin SUNW addition
++AC_SUBST(PREFERRED_LOCK_PROGRAM)
++AC_SUBST(ALL_LOCK_PROGRAMS)
++AC_SUBST(LOCK_PROGRAM)
++#--- End SUNW addition
+ AC_SUBST(SAVER_LIBS)
+ AC_SUBST(MOTIF_LIBS)
+ AC_SUBST(GTK_LIBS)
[email protected]@ -4260,7 +4280,8 @@ HACK_CONF_DIR=`echo "${HACK_CONF_DIR}" | sed '[email protected]/[email protected]@;[email protected]//*@/@g'`
+ 
+ 
+ # Sanity check the hackdir
+-for bad_choice in xscreensaver xscreensaver-demo xscreensaver-command ; do
++# SUNW addition: added xscreensaver-lock to list on next line
++for bad_choice in xscreensaver xscreensaver-demo xscreensaver-command xscreensaver-lock ; do
+   if test "${HACKDIR}" = "${bindir}/${bad_choice}" ; then
+     echo ""
+     AC_MSG_ERROR([\"--with-hackdir=${bindir}/${bad_choice}\" won't work.
+diff --git a/driver/Makefile.in b/driver/Makefile.in
+--- a/driver/Makefile.in
++++ b/driver/Makefile.in
[email protected]@ -29,6 +29,7 @@ GTK_APPDIR	= $(GTK_DATADIR)/applications
+ GTK_ICONDIR	= $(GTK_DATADIR)/pixmaps
+ GTK_GLADEDIR	= $(prefix)/lib/xscreensaver/config
+ HACK_CONF_DIR	= @[email protected]
++LOCK_DIR	= $(libexecdir)
+ 
+ CC		= @[email protected]
+ OBJCC		= @[email protected]
[email protected]@ -42,6 +43,7 @@ SUBP_DEFS	= $(DEFS) -DHACK_PATH='"@[email protected]"' \
+ GTK_DEFS	= $(DEFS) -DDEFAULT_ICONDIR='"$(GTK_GLADEDIR)"' \
+ 			-DBINDIR='"$(bindir)"'
+ CONF_DEFS	= -DHACK_CONFIGURATION_PATH='"$(HACK_CONF_DIR)"'
++LOCK_DEFS	= $(DEFS) -DLOCKDIR=\"$(LOCK_DIR)\"
+ 
+ LIBS		= @[email protected]
+ INTL_LIBS	= @[email protected]
[email protected]@ -100,6 +102,8 @@ GTK_SRCS	= demo-Gtk.c demo-Gtk-conf.c \
+ 		  demo-Gtk-widgets.c demo-Gtk-support.c
+ GTK_EXTRA_OBJS  = demo-Gtk-widgets.o demo-Gtk-support.o
+ GTK_OBJS	= demo-Gtk.o demo-Gtk-conf.o @[email protected]
++GTK_LOCK_SRCS	= lock-Gtk.c atoms.c remote.c
++GTK_LOCK_OBJS	= lock-Gtk.o atoms.o remote.o
+ 
+ PWENT_SRCS	= passwd-pwent.c
+ PWENT_OBJS	= passwd-pwent.o
[email protected]@ -219,8 +223,8 @@ GETIMG_LIBS	= $(LIBS) $(X_LIBS) $(XPM_LIBS) $(JPEG_LIBS) \
+ 		  $(X_PRE_LIBS) -lXt -lX11 $(XMU_LIBS) -lXext $(X_EXTRA_LIBS)
+ 
+ EXES		= xscreensaver xscreensaver-command xscreensaver-demo \
+-		  xscreensaver-getimage @[email protected]
+-EXES2		= @[email protected]
++		  xscreensaver-getimage @[email protected] @[email protected]
++EXES2		= @[email protected] @[email protected]
+ EXES_OSX	= pdf2jpeg
+ 
+ SCRIPTS_1	= xscreensaver-getimage-file xscreensaver-getimage-video \
[email protected]@ -250,7 +254,7 @@ VMSFILES	= compile_axp.com compile_decc.com link_axp.com link_decc.com \
+ 		  vms-getpwnam.c vms-pwd.h vms-hpwd.c vms-validate.c \
+ 		  vms_axp.opt vms_axp_12.opt vms_decc.opt vms_decc_12.opt
+ 
+-TARFILES	= $(EXTRAS) $(VMSFILES) $(SAVER_SRCS_1) \
++TARFILES	= $(EXTRAS) $(VMSFILES) $(SAVER_SRCS_1) $(GTK_LOCK_SRCS) \
+ 		  $(MOTIF_SRCS) $(GTK_SRCS) $(PWENT_SRCS) $(PWHELPER_SRCS) \
+ 		  $(KERBEROS_SRCS) $(PAM_SRCS) $(LOCK_SRCS_1) $(DEMO_SRCS_1) \
+ 		  $(CMD_SRCS) $(GETIMG_SRCS_1) $(PDF2JPEG_SRCS) $(HDRS) \
[email protected]@ -263,7 +267,7 @@ all: $(EXES) $(EXES2)
+ tests: $(TEST_EXES)
+ 
+ install:   install-program   install-ad    install-scripts \
+-	   install-gnome     install-man   install-xml install-pam
++	   install-gnome     install-man   install-xml
+ uninstall: uninstall-program uninstall-ad  \
+ 	   uninstall-gnome   uninstall-man uninstall-xml  
+ 
[email protected]@ -275,6 +279,9 @@ install-program: $(EXES)
+ 	@if [ ! -d $(install_prefix)$(bindir) ]; then			\
+ 	  $(INSTALL_DIRS) $(install_prefix)$(bindir) ;			\
+ 	 fi
++	@if [ -n "@[email protected]" -a ! -d $(install_prefix)$(LOCK_DIR) ]; then \
++	  $(INSTALL_DIRS) $(install_prefix)$(LOCK_DIR) ; 		\
++	 fi
+ 	@inst="$(INSTALL_PROGRAM)" ;					\
+ 	if [ @[email protected] = yes ]; then				\
+ 	   me=`PATH="$$PATH:/usr/ucb" whoami` ;				\
[email protected]@ -303,6 +310,12 @@ install-program: $(EXES)
+ 	  echo $(INSTALL_PROGRAM) $$exe $(install_prefix)$(bindir)/$$exe ; \
+ 	       $(INSTALL_PROGRAM) $$exe $(install_prefix)$(bindir)/$$exe ; \
+ 	 done
++	@if [ -n "@[email protected]" ]; then				     \
++	  echo $(INSTALL_PROGRAM) xscreensaver-lock \
++	    $(install_prefix)$(LOCK_DIR)/xscreensaver-lock ; \
++	   $(INSTALL_PROGRAM) xscreensaver-lock \
++	    $(install_prefix)$(LOCK_DIR)/xscreensaver-lock ; \
++	fi
+ 
+ install-ad: XScreenSaver.ad
+ 	@if [ ! -d $(install_prefix)$(AD_DIR) ]; then			      \
[email protected]@ -738,7 +751,7 @@ $(SAVER_UTIL_OBJS):
+ 
+ # How we build object files in this directory.
+ .c.o:
+-	$(CC) -c $(INCLUDES) $(DEFS) $(CFLAGS) $(X_CFLAGS) $<
++	$(CC) -c $(INCLUDES) $(DEFS) $(INTL_DEFS) $(CFLAGS) $(X_CFLAGS) $<
+ 
+ .m.o:
+ 	$(OBJCC) -c $(INCLUDES) $(DEFS) $(CFLAGS) $(X_CFLAGS) $<
[email protected]@ -764,6 +777,16 @@ demo-Gtk-conf.o: demo-Gtk-conf.c
+ 	$(CC) -c $(INCLUDES) $(CONF_DEFS) $(GTK_DEFS) $(CFLAGS) $(X_CFLAGS) \
+ 	  $(srcdir)/demo-Gtk-conf.c
+ 
++# lock takes an extra -D option.
++lock.o:
++	$(CC) -c $(INCLUDES) $(LOCK_DEFS) $(CFLAGS) $(X_CFLAGS) \
++	  $(srcdir)/lock.c
++
++# lock-Gtk takes extra -D and -I options.
++lock-Gtk.o: lock-Gtk.c
++	$(CC) -c $(INCLUDES) -I$(ICON_SRC) $(GTK_DEFS) \
++	  $(CFLAGS) $(X_CFLAGS) $(INTL_DEFS) \
++	  $(srcdir)/lock-Gtk.c
+ 
+ # How we build the default app-defaults file into the program.
+ #
[email protected]@ -778,7 +801,8 @@ XScreenSaver_Xm_ad.h: XScreenSaver-Xm.ad
+ # The executables linked in this directory.
+ #
+ xscreensaver: $(SAVER_OBJS)
+-	$(CC) $(LDFLAGS) -o [email protected] $(SAVER_OBJS) $(SAVER_LIBS)
++	$(CC) $(LDFLAGS) -o [email protected] $(SAVER_OBJS) $(SAVER_LIBS) \
++	-lgconf-2 -lgobject-2.0
+ 
+ xscreensaver-command: $(CMD_OBJS)
+ 	$(CC) $(LDFLAGS) -o [email protected] $(CMD_OBJS) $(CMD_LIBS)
[email protected]@ -794,6 +818,15 @@ xscreensaver-demo: @[email protected]
+ 	       cp -p @[email protected]@[email protected] [email protected]@[email protected]      ;	\
+ 	fi
+ 
++xscreensaver-lock: @[email protected]
++	$(INSTALL_PROGRAM) @[email protected] [email protected]
++
++xscreensaver-lock-Gtk: $(GTK_LOCK_OBJS)
++	$(CC) $(LDFLAGS) -o [email protected] $(GTK_LOCK_OBJS) $(LIBS) $(X_LIBS) \
++	$(GTK_LIBS) $(XML_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
++	$(XDPMS_LIBS) -lXext \
++	$(X_EXTRA_LIBS)
++
+ xscreensaver-demo-Xm: $(DEMO_OBJS) $(MOTIF_OBJS)
+ 	$(CC) $(LDFLAGS) -o [email protected] $(DEMO_OBJS) $(MOTIF_OBJS) $(LIBS) $(X_LIBS) \
+ 	$(MOTIF_LIBS) $(INTL_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
[email protected]@ -817,7 +850,7 @@ pdf2jpeg: $(PDF2JPEG_OBJS)
+ 
+ 
+ TEST_PASSWD_OBJS = test-passwd.o $(LOCK_OBJS_1) $(PASSWD_OBJS) \
+-	 subprocs.o setuid.o splash.o prefs.o mlstring.o exec.o \
++	 subprocs.o setuid.o splash.o prefs.o mlstring.o \
+ 	$(SAVER_UTIL_OBJS)
+ test-passwd.o: XScreenSaver_ad.h
+ 
[email protected]@ -907,8 +940,14 @@ dpms.o: $(srcdir)/types.h
+ dpms.o: $(srcdir)/xscreensaver.h
+ exec.o: ../config.h
+ exec.o: $(srcdir)/exec.h
++lock-Gtk.o: $(srcdir)/atoms.h
++lock-Gtk.o: ../config.h
++lock-Gtk.o: $(srcdir)/remote.h
++lock-Gtk.o: $(UTILS_SRC)/xscreensaver-intl.h
+ lock.o: $(srcdir)/auth.h
+ lock.o: ../config.h
++lock.o: $(srcdir)/dialog-data.h
++lock.o: $(srcdir)/exec.h
+ lock.o: $(srcdir)/mlstring.h
+ lock.o: $(srcdir)/prefs.h
+ lock.o: $(srcdir)/types.h
[email protected]@ -917,6 +956,8 @@ lock.o: $(srcdir)/xscreensaver.h
+ mlstring.o: $(srcdir)/mlstring.h
+ passwd.o: $(srcdir)/auth.h
+ passwd.o: ../config.h
++passwd.o: $(srcdir)/dialog-data.h
++passwd.o: $(srcdir)/mlstring.h
+ passwd.o: $(srcdir)/prefs.h
+ passwd.o: $(srcdir)/types.h
+ passwd.o: $(srcdir)/xscreensaver.h
[email protected]@ -984,6 +1025,8 @@ test-vp.o: ../config.h
+ test-xdpms.o: ../config.h
+ test-xinerama.o: ../config.h
+ timers.o: ../config.h
++timers.o: $(srcdir)/dialog-data.h
++timers.o: $(srcdir)/mlstring.h
+ timers.o: $(srcdir)/prefs.h
+ timers.o: $(srcdir)/types.h
+ timers.o: $(srcdir)/xscreensaver.h
[email protected]@ -1011,6 +1054,8 @@ xscreensaver-getimage.o: $(UTILS_SRC)/yarandom.h
+ xscreensaver.o: XScreenSaver_ad.h
+ xscreensaver.o: $(srcdir)/auth.h
+ xscreensaver.o: ../config.h
++xscreensaver.o: $(srcdir)/dialog-data.h
++xscreensaver.o: $(srcdir)/mlstring.h
+ xscreensaver.o: $(srcdir)/prefs.h
+ xscreensaver.o: $(srcdir)/types.h
+ xscreensaver.o: $(UTILS_SRC)/resources.h
+diff --git a/driver/auth.h b/driver/auth.h
+--- a/driver/auth.h
++++ b/driver/auth.h
[email protected]@ -51,4 +51,8 @@ xss_authenticate(saver_info *si, Bool verbose_p);
+ void
+ auth_finished_cb (saver_info *si);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++extern int write_to_child (saver_info* si, const char* cmd, const char *msg);
++#endif
++
+ #endif
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -98,6 +98,8 @@
+ # define G_MODULE_EXPORT /**/
+ #endif /* !HAVE_GTK2 */
+ 
++#include <gconf/gconf-client.h>
++
+ #if defined(DEFAULT_ICONDIR) && !defined(GLADE_DIR)
+ # define GLADE_DIR DEFAULT_ICONDIR
+ #endif
[email protected]@ -5024,6 +5026,22 @@ main (int argc, char **argv)
+   load_init_file (dpy, p);
+   initialize_sort_map (s);
+ 
++  /* Bug 147639: Gok cant automatically UI grab screensaver preferences */
++  {
++    GConfClient *client = gconf_client_get_default ();
++
++#define KEY "/desktop/gnome/interface/accessibility"
++
++    /* check if accessibilty mode is enabled */
++    if (gconf_client_get_bool (client, KEY, NULL))
++      {
++	/* GTK Accessibility Module initialized */
++	const char *modulesptr = g_getenv ("GTK_MODULES");
++	if (!modulesptr || (modulesptr [0] == '\0'))
++	  putenv ("GTK_MODULES=gail:atk-bridge");
++      }
++  }
++
+   /* Now that Xt has been initialized, and the resources have been read,
+      we can set our `progname' variable to something more in line with
+      reality.
+diff --git a/driver/dialog-data.h b/driver/dialog-data.h
+new file mode 100644
+--- /dev/null
++++ b/driver/dialog-data.h
[email protected]@ -0,0 +1,131 @@
++/* xscreensaver, Copyright (c) 1993-2008 Jamie Zawinski <[email protected]>
++ *
++ * Permission to use, copy, modify, distribute, and sell this software and its
++ * documentation for any purpose is hereby granted without fee, provided that
++ * the above copyright notice appear in all copies and that both that
++ * copyright notice and this permission notice appear in supporting
++ * documentation.  No representations are made about the suitability of this
++ * software for any purpose.  It is provided "as is" without express or
++ * implied warranty.
++ */
++
++#ifndef __DIALOG_DATA_H__
++#define __DIALOG_DATA_H__
++
++#include <stdio.h>
++#include "types.h"
++#include "mlstring.h"
++
++#define MAX_BYTES_PER_CHAR 8	/* UTF-8 uses no more than 3, I think */
++#define MAX_PASSWD_CHARS   128	/* Longest possible passphrase */
++
++struct passwd_dialog_data {
++
++  saver_screen_info *prompt_screen;
++  int previous_mouse_x, previous_mouse_y;
++
++  /* "Characters" in the password may be a variable number of bytes long.
++     typed_passwd contains the raw bytes.
++     typed_passwd_char_size indicates the size in bytes of each character,
++     so that we can make backspace work.
++   */
++  char typed_passwd [MAX_PASSWD_CHARS * MAX_BYTES_PER_CHAR];
++  char typed_passwd_char_size [MAX_PASSWD_CHARS];
++  
++  XtIntervalId timer;
++  int i_beam;
++
++  float ratio;
++  Position x, y;
++  Dimension width;
++  Dimension height;
++  Dimension border_width;
++
++  Bool echo_input;
++  Bool show_stars_p; /* "I regret that I have but one asterisk for my country."
++                        -- Nathan Hale, 1776. */
++
++  char *heading_label;
++  char *body_label;
++  char *user_label;
++  mlstring *info_label;
++  /* The entry field shall only be displayed if prompt_label is not NULL */
++  mlstring *prompt_label;
++  char *date_label;
++  char *passwd_string;
++  Bool passwd_changed_p; /* Whether the user entry field needs redrawing */
++  Bool caps_p;           /* Whether we saw a keypress with caps-lock on */
++  char *unlock_label;
++  char *login_label;
++  char *uname_label;
++
++  Bool show_uname_p;
++
++#ifndef HAVE_XSCREENSAVER_LOCK
++  XFontStruct *heading_font;
++  XFontStruct *body_font;
++  XFontStruct *label_font;
++  XFontStruct *passwd_font;
++  XFontStruct *date_font;
++  XFontStruct *button_font;
++  XFontStruct *uname_font;
++
++  Pixel foreground;
++  Pixel background;
++  Pixel border;
++  Pixel passwd_foreground;
++  Pixel passwd_background;
++  Pixel thermo_foreground;
++  Pixel thermo_background;
++  Pixel shadow_top;
++  Pixel shadow_bottom;
++  Pixel button_foreground;
++  Pixel button_background;
++
++  Dimension preferred_logo_width, logo_width;
++  Dimension preferred_logo_height, logo_height;
++  Dimension thermo_width;
++  Dimension internal_border;
++  Dimension shadow_width;
++
++  Dimension passwd_field_x, passwd_field_y;
++  Dimension passwd_field_width, passwd_field_height;
++
++  Dimension unlock_button_x, unlock_button_y;
++  Dimension unlock_button_width, unlock_button_height;
++
++  Dimension login_button_x, login_button_y;
++  Dimension login_button_width, login_button_height;
++
++  Dimension thermo_field_x, thermo_field_y;
++  Dimension thermo_field_height;
++
++  Pixmap logo_pixmap;
++  Pixmap logo_clipmask;
++  int logo_npixels;
++  unsigned long *logo_pixels;
++#endif /* ! HAVE_XSCREENSAVER_LOCK */
++
++  Cursor passwd_cursor;
++  Bool unlock_button_down_p;
++  Bool login_button_down_p;
++  Bool login_button_p;
++  Bool login_button_enabled_p;
++  Bool button_state_changed_p; /* Refers to both buttons */
++
++  Pixmap save_under;
++  Pixmap user_entry_pixmap;
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* extern passwd dialog stuff */
++  XtInputId stdout_input_id;
++  int       stdin_fd;    /* child's stdin - parent writes to this */
++  int       stdout_fd;   /* child's stdout - parent reads from this */
++  FILE     *stdin_file;  /* child's stdin - parent writes to this */
++  FILE     *stdout_file; /* child's stdout - parent reads from this */
++  Bool      got_windowid;
++  Bool      got_passwd;
++#endif
++};
++
++#endif /* __DIALOG_DATA_H__ */
+diff --git a/driver/lock-Gtk.c b/driver/lock-Gtk.c
+new file mode 100644
+--- /dev/null
++++ b/driver/lock-Gtk.c
[email protected]@ -0,0 +1,955 @@
++/* lock-Gtk.c -- a GTK+ password dialog for xscreensaver
++ * xscreensaver, Copyright (c) 1993-1998 Jamie Zawinski <[email protected]>
++ *
++ * Permission to use, copy, modify, distribute, and sell this software and its
++ * documentation for any purpose is hereby granted without fee, provided that
++ * the above copyright notice appear in all copies and that both that
++ * copyright notice and this permission notice appear in supporting
++ * documentation.  No representations are made about the suitability of this
++ * software for any purpose.  It is provided "as is" without express or
++ * implied warranty.
++ */
++
++/* GTK+ locking code written by Jacob Berkman  <[email protected]> for
++ *  Sun Microsystems.
++ *
++ * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
++ *
++ * Permission is hereby granted, free of charge, to any person obtaining a
++ * copy of this software and associated documentation files (the "Software"),
++ * to deal in the Software without restriction, including without limitation
++ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
++ * and/or sell copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following conditions:
++ *
++ * The above copyright notice and this permission notice (including the next
++ * paragraph) shall be included in all copies or substantial portions of the
++ * Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
++ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
++ * DEALINGS IN THE SOFTWARE.
++ */
++
++#ifdef HAVE_CONFIG_H
++# include "config.h"
++#endif
++
++#ifdef HAVE_GTK2 /* whole file */
++
++#include <xscreensaver-intl.h>
++
++#include <unistd.h>
++#include <errno.h>
++#include <string.h>
++#include <time.h>
++#include <stdlib.h>
++#include <stdio.h>
++#include <fcntl.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++
++#include <gtk/gtk.h>
++#include <gdk/gdkx.h>
++
++/* AT-enabled */
++#include <stdio.h>
++#include <ctype.h>
++#include <X11/Xos.h>
++#include <X11/Xlib.h>
++#include <X11/Xatom.h>
++#include <X11/Xutil.h>
++#include <X11/Xmu/WinUtil.h>
++
++#include <gconf/gconf-client.h>
++#include <libbonobo.h>
++#include <login-helper/Accessibility_LoginHelper.h>
++#include <atk/atkobject.h>
++
++#include "remote.h"
++#include "atoms.h"
++
++#if GTK_CHECK_VERSION(2,14,0)
++# define GET_WINDOW(w)          gtk_widget_get_window (w)
++#else
++# define GET_WINDOW(w)          ((w)->window)
++#endif
++
++static Atom XA_UNLOCK_RATIO;
++
++typedef struct {
++  GtkWidget *dialog;
++  GtkWidget *user_prompt_label;
++  GtkWidget *user_input_entry;
++  GtkWidget *progress;
++  GtkWidget *button;
++  GtkWidget *msg_label;
++  GtkWidget *pam_message_label;
++} PasswdDialog;
++
++/*Global info */
++#define MAXRAISEDWINS  2
++
++char *progname = 0;
++FILE *parent_file = NULL; /* child writes to parent on this */
++
++#define FD_TO_PARENT  9
++
++/* Send a command to the xscreensaver parent daemon
++   Arguments:
++    - msg - type of message - "input", "raise_wid", etc.
++    - data - data for message
++    - flush - whether to flush now or allow stdio to buffer
++   Message format sent to parent:
++    "msg\n" if no data, otherwise "msg=data\n"
++
++   Can be used to flush previously buffered messages by calling
++   with NULL msg & data, and TRUE for flush.
++ */
++static int
++write_to_parent (const char* msg, const char *data, gboolean flush)
++{
++  int len = 0;
++
++  /*
++  fprintf (stderr, "-->Child write_to_parent() string to send is: %s=%s\n",
++           msg, data ? data : "(null)");
++  fflush (stderr);
++  */
++
++  if (msg)
++    {
++      if (data)
++        len = fprintf (parent_file, "%s=%s\n", msg, data);
++      else
++        len = fprintf (parent_file, "%s\n", msg);
++    }
++
++  if (flush)
++    fflush (parent_file);
++
++  return len;
++}
++
++/* Send parent a message with a window id as the data */
++static void
++write_windowid (const char* msg, Window w)
++{
++  char s[16]; /* more than long enough to hold a 32-bit integer + '\0' */
++
++  snprintf(s, sizeof(s), "0x%lx", w);
++  write_to_parent(msg, s, FALSE);
++}
++
++static GtkWidget *
++load_unlock_logo_image (void)
++{
++  const char *logofile;
++  struct stat statbuf;
++
++  logofile = DEFAULT_ICONDIR "/unlock-logo.png";
++
++  if (stat (logofile, &statbuf) != 0)
++    {
++      logofile = DEFAULT_ICONDIR "/logo-180.gif"; /* fallback */
++    }
++
++  return gtk_image_new_from_file (logofile);
++}
++
++/* Create unlock dialog */
++static PasswdDialog *
++make_dialog (gboolean center_pos)
++{
++  GtkWidget *dialog;
++  AtkObject *atk_dialog;
++  GtkWidget *frame1, *frame2;
++  GtkWidget *vbox;
++  GtkWidget *hbox1, *hbox2;
++  GtkWidget *bbox;
++  GtkWidget *vbox2;
++  GtkWidget *entry;
++  AtkObject *atk_entry;
++  GtkWidget *title_label, *msg_label, *prompt_label,
++    *user_label, *date_label, *pam_msg_label;
++  AtkObject *atk_title_label, *atk_prompt_label;
++  GtkWidget *button;
++  GtkWidget *image;
++  GtkWidget *progress;
++  char *version;
++  char *user;
++  char *host;
++  char *s;
++  gchar *format_string_locale, *format_string_utf8;
++  PasswdDialog *pwd;
++
++  /* taken from lock.c */
++  char buf[256];
++  gchar *utf8_format;
++  time_t now = time (NULL);
++  struct tm* tm;
++
++  server_xscreensaver_version (GDK_DISPLAY (), &version, &user, &host);
++
++  if (!version)
++    {
++      fprintf (stderr, "%s: no xscreensaver running on display %s, exiting.\n",
++               progname, gdk_get_display ());
++      exit (1);
++    }
++
++  /* PUSH */
++  gtk_widget_push_colormap (gdk_rgb_get_cmap ());
++
++  pwd = g_new0 (PasswdDialog, 1);
++
++  dialog = gtk_window_new (GTK_WINDOW_POPUP);
++  pwd->dialog = dialog;
++
++  /*
++  ** bugid: 5077989(P2)Bug 147580: password input dialogue obscures GOK
++     gtk_window_set_position (GTK_WINDOW (dialog), GTK_WIN_POS_MOUSE);
++     bugid: 5002244:  scr unlock dialog incompatible with MAG technique
++  ** 6182506: scr dialog is obscured by MAG window
++  */
++  if (center_pos)
++    gtk_window_set_position (GTK_WINDOW (dialog), GTK_WIN_POS_CENTER_ALWAYS);
++  else
++    gtk_window_set_position (GTK_WINDOW (dialog), GTK_WIN_POS_MOUSE);
++
++  gtk_window_set_resizable (GTK_WINDOW (dialog), FALSE); /*mali99 irritating*/
++
++  /* AT-enabled dialog role = frame */
++  atk_dialog = gtk_widget_get_accessible (dialog);
++  atk_object_set_description (atk_dialog, _("screen unlock dialog"));
++
++  /* frame */
++  frame1 = g_object_new (GTK_TYPE_FRAME,
++                         "shadow", GTK_SHADOW_OUT,
++                         NULL);
++  gtk_container_add (GTK_CONTAINER (dialog), frame1);
++  /* AT role = panel */
++
++  /* vbox */
++  vbox = gtk_vbox_new (FALSE, 10);
++  gtk_container_set_border_width (GTK_CONTAINER (vbox), 10);
++  gtk_container_add (GTK_CONTAINER (frame1), vbox);
++  /* AT role= filler(default) */
++
++  /* hbox */
++  hbox1 = gtk_hbox_new (FALSE, 5);
++  gtk_box_pack_start (GTK_BOX (vbox), hbox1,
++                      TRUE, TRUE, 0);
++
++  /* image frame */
++  frame2 = g_object_new (GTK_TYPE_FRAME,
++                         "shadow", GTK_SHADOW_ETCHED_IN,
++                         NULL);
++  gtk_box_pack_start (GTK_BOX (hbox1), frame2,
++                      TRUE, TRUE, 0);
++  /* AT role= filler(default) */
++
++  /* image */
++  image = load_unlock_logo_image ();
++  /* AT role = icon */
++  gtk_container_add (GTK_CONTAINER (frame2), image);
++
++  /* progress thingie */
++  progress = g_object_new (GTK_TYPE_PROGRESS_BAR,
++                           "orientation", GTK_PROGRESS_BOTTOM_TO_TOP,
++                           "fraction", 1.0,
++                           NULL);
++  gtk_box_pack_start (GTK_BOX (hbox1), progress,
++                      FALSE, FALSE, 0);
++  pwd->progress = progress;
++  atk_object_set_description (gtk_widget_get_accessible (progress),
++            _("Percent of time you have left to unlock the screen."));
++
++  /* text fields */
++  vbox2 = gtk_vbox_new (FALSE, 20);
++  gtk_box_pack_start (GTK_BOX (hbox1), vbox2,
++                      TRUE, TRUE, 0);
++  /* AT role =filler */
++
++  s = g_markup_printf_escaped ("<span size=\"xx-large\"><b>%s </b></span>",
++                               _("Screensaver"));
++  /* XScreenSaver foo label */
++  title_label = g_object_new (GTK_TYPE_LABEL,
++                              "use-markup", TRUE,
++                              "label", s,
++                              NULL);
++  g_free (s);
++  gtk_box_pack_start (GTK_BOX (vbox2), title_label,
++                      FALSE, FALSE, 0);
++  /* AT role = label prog name */
++  atk_title_label = gtk_widget_get_accessible (title_label);
++  atk_object_add_relationship (atk_title_label, ATK_RELATION_LABEL_FOR,
++                               atk_dialog);
++  atk_object_add_relationship (atk_dialog, ATK_RELATION_LABELLED_BY,
++                               atk_title_label);
++
++  /* This display is locked. */
++  msg_label = g_object_new (GTK_TYPE_LABEL,
++                            "use-markup", TRUE,
++                            "label", _("<b>This display is locked.</b>"),
++                            NULL);
++  pwd->msg_label = msg_label;
++  gtk_box_pack_start (GTK_BOX (vbox2), msg_label,
++                      FALSE, FALSE, 0);
++
++  /* User information */
++  s = g_strdup_printf (_("User: %s"), user ? user : "");
++  user_label = g_object_new (GTK_TYPE_LABEL,
++                             "label", s,
++                             "use_underline", TRUE,
++                             NULL);
++  g_free(s);
++  gtk_label_set_width_chars (GTK_LABEL (user_label), 35);
++  gtk_box_pack_start (GTK_BOX (vbox2), user_label, FALSE, FALSE, 0);
++
++  /* User input */
++  hbox2 = gtk_widget_new (GTK_TYPE_HBOX,
++                          "border_width", 5,
++                          "visible", TRUE,
++                          "homogeneous", FALSE,
++                          "spacing", 1,
++                          NULL);
++
++  /* PAM prompt */
++  prompt_label = g_object_new (GTK_TYPE_LABEL,
++                               /* blank space for prompt */
++                               "label", _("         "),
++                               "use_underline", TRUE,
++                               "use_markup", FALSE,
++                               "justify", GTK_JUSTIFY_CENTER,
++                               "wrap", FALSE,
++                               "selectable", FALSE,
++                               "xalign", 1.0,
++                               "xpad", 0,
++                               "ypad", 0,
++                               "visible", FALSE,
++                               NULL);
++  pwd->user_prompt_label = prompt_label;
++
++  entry = g_object_new (GTK_TYPE_ENTRY,
++                        "activates-default", TRUE,
++                        "visible", TRUE,
++                        "editable", TRUE,
++                        "visibility", FALSE,
++                        "can_focus", TRUE,
++                        NULL);
++  pwd->user_input_entry = entry;
++  /* gtk_widget_grab_focus (entry); */
++  atk_entry = gtk_widget_get_accessible (entry);
++  atk_object_set_role (atk_entry, ATK_ROLE_PASSWORD_TEXT);
++
++  /* AT role = label for input widget */
++  atk_prompt_label = gtk_widget_get_accessible (prompt_label);
++  atk_object_add_relationship (atk_prompt_label, ATK_RELATION_LABEL_FOR,
++                               atk_entry);
++  atk_object_add_relationship (atk_entry, ATK_RELATION_LABELLED_BY,
++                               atk_prompt_label);
++
++  gtk_box_pack_start (GTK_BOX (hbox2), prompt_label, FALSE, FALSE, 0);
++  gtk_box_pack_end (GTK_BOX (hbox2), entry, TRUE, TRUE, 0);
++  gtk_box_pack_start (GTK_BOX (vbox2), hbox2, FALSE, FALSE, 0);
++
++  pam_msg_label = g_object_new (GTK_TYPE_LABEL,
++                                NULL);
++  pwd->pam_message_label = pam_msg_label;
++
++  gtk_box_pack_start (GTK_BOX (vbox2), pam_msg_label, FALSE, FALSE, 0);
++
++  /* date string */
++  tm = localtime (&now);
++  memset (buf, 0, sizeof (buf));
++  format_string_utf8 = _("%d-%b-%y (%a); %I:%M %p");
++  format_string_locale = g_locale_from_utf8 (format_string_utf8, -1,
++                                             NULL, NULL, NULL);
++  strftime (buf, sizeof (buf) - 1, format_string_locale, tm);
++  g_free (format_string_locale);
++
++  utf8_format = g_locale_to_utf8 (buf, -1, NULL, NULL, NULL);
++  s = g_markup_printf_escaped ("<small>%s</small>", utf8_format);
++  g_free (utf8_format);
++
++  date_label = g_object_new (GTK_TYPE_LABEL,
++                             "use-markup", TRUE,
++                             "label", s,
++                             NULL);
++  g_free (s);
++  gtk_box_pack_start (GTK_BOX (vbox2), date_label,
++                      FALSE, FALSE, 0);
++
++  /* button box */
++  bbox = g_object_new (GTK_TYPE_HBUTTON_BOX,
++                       "layout-style", GTK_BUTTONBOX_END,
++                       "spacing", 10,
++                       NULL);
++
++  /* Ok button */
++  button = gtk_button_new_from_stock (GTK_STOCK_OK);
++  pwd->button = button;
++
++  gtk_box_pack_end (GTK_BOX (bbox), button,
++                    FALSE, TRUE, 0);
++
++  free (user);
++  free (version);
++  free (host);
++
++  /* POP */
++  gtk_widget_pop_colormap ();
++
++  return pwd;
++}
++
++/* Callback for when user has finished entering input, even though
++   we don't display an "OK" button for them to click on */
++static void
++ok_clicked_cb (GtkWidget *button, PasswdDialog *pwd)
++{
++  const char *s;
++
++  g_object_set (pwd->msg_label, "label", _("<b>Checking...</b>"), NULL);
++
++  s = gtk_entry_get_text (GTK_ENTRY (pwd->user_input_entry));
++  write_to_parent ("input", s, TRUE);
++
++  /* Reset password field to blank, else passwd field shows old passwd *'s,
++     visible when passwd is expired, and pam is walking the user to change
++     old passwd.
++   */
++  gtk_editable_delete_text (GTK_EDITABLE (pwd->user_input_entry), 0, -1);
++  gtk_widget_hide (pwd->user_input_entry);
++  gtk_widget_hide (pwd->user_prompt_label);
++}
++
++static void
++connect_signals (PasswdDialog *pwd)
++{
++  g_signal_connect (pwd->button, "clicked",
++                    G_CALLBACK (ok_clicked_cb),
++                    pwd);
++
++  g_signal_connect (pwd->user_input_entry, "activate",
++                    G_CALLBACK (ok_clicked_cb),
++                    pwd);
++
++  g_signal_connect (pwd->dialog, "delete-event",
++                    G_CALLBACK (gtk_main_quit),
++                    NULL);
++}
++
++static GdkFilterReturn
++dialog_filter_func (GdkXEvent *xevent, GdkEvent *gevent, gpointer data)
++{
++  PasswdDialog *pwd = data;
++  XEvent *event = xevent;
++  gdouble ratio;
++
++  if ((event->xany.type != ClientMessage ||
++       event->xclient.message_type != XA_UNLOCK_RATIO))
++    return GDK_FILTER_CONTINUE;
++
++  ratio = event->xclient.data.l[0] / (gdouble)100.0;
++
++  /* CR 6176524 passwdTimeoutEnable for disabled user */
++  if (event->xclient.data.l[1] == 0)
++    g_object_set (pwd->progress, "fraction", ratio, NULL);
++
++  return GDK_FILTER_REMOVE;
++}
++
++static gboolean
++handle_input (GIOChannel *source, GIOCondition cond, gpointer data)
++{
++  PasswdDialog *pwd = data;
++  GIOStatus status;
++  char *str;
++  char *label;
++  char *hmsg = NULL;  /* This is the heading of lock dialog..shows status */
++
++  if (cond & G_IO_HUP) /* daemon crashed/exited/was killed */
++    gtk_main_quit ();
++
++  do
++    {
++      status = g_io_channel_read_line (source, &str, NULL, NULL, NULL);
++    }
++  while (status == G_IO_STATUS_AGAIN);
++
++/* debug only
++  if (status == G_IO_STATUS_ERROR)
++      g_message ("handle input() status_error %s\n",str);
++  if (status == G_IO_STATUS_EOF)
++      g_message ("handle input() status_eof %s\n",str);
++  if (status == G_IO_STATUS_NORMAL)
++      g_message ("handle input() status_normal %s\n",str);
++  Most likely, the returned error msg of g_io_channel_read_line(),
++  i.e str will not be translated into other locales ...
++*/
++
++  if (str)
++    {
++      /* strip trailing newline */
++      char *nl = strrchr(str, '\n');
++      if (nl)
++        *nl = 0;
++
++      /*
++      fprintf (stderr,">>>>>Child..in handle_input..string is:%s\n",str);
++      fflush (stderr);
++      */
++
++      /* Handle commands from parent daemon */
++
++      if (((strncmp (str, "ul_", 3)) == 0))
++        {
++          /* search for =, and if found, split into two strings there */
++          char *msgstr = strchr(str, '='); /* Data sent with command */
++          if (msgstr)
++            *msgstr++ = 0;
++
++          if ((strcmp (str, "ul_ok") == 0))
++            {
++              hmsg = _("Authentication Successful!");
++            }
++          else if ((strcmp (str, "ul_acct_ok") == 0))
++            {
++              hmsg = _("PAM Account Management Also Successful!");
++            }
++          else if ((strcmp (str, "ul_setcred_fail") == 0))
++            {
++              hmsg = _("Just a Warning PAM Set Credential Failed!");
++            }
++          else if ((strcmp (str, "ul_setcred_ok") == 0))
++            {
++              hmsg = _("PAM Set Credential Also Successful!");
++            }
++          else if ((strcmp (str, "ul_acct_fail") == 0))
++            {
++              hmsg = _("Your Password has expired.");
++            }
++          else if ((strcmp (str, "ul_fail") == 0))
++            {
++              hmsg = _("Sorry!");
++            }
++          else if ((strcmp (str, "ul_read") == 0))
++            {
++              hmsg = _("Waiting for user input!");
++            }
++          else if ((strcmp (str, "ul_time") == 0))
++            {
++              hmsg = _("Timed Out!");
++            }
++          else if ((strcmp (str, "ul_null") == 0))
++            {
++              hmsg = _("Still Checking!");
++            }
++          else if ((strcmp (str, "ul_cancel") == 0))
++            {
++              hmsg = _("Authentication Cancelled!");
++            }
++          else if ((strcmp (str, "ul_pamprompt") == 0))
++            {
++              gtk_label_set_text (GTK_LABEL (pwd->user_prompt_label), msgstr);
++              gtk_widget_show (pwd->user_prompt_label);
++              msgstr = NULL; /* clear message so we don't show it twice */
++            }
++          else if ((strcmp (str, "ul_prompt_echo") == 0))
++            {
++              if ((strcmp (msgstr, "true") == 0))
++                {
++                  gtk_entry_set_visibility
++                    (GTK_ENTRY (pwd->user_input_entry), TRUE);
++                }
++              else
++                {
++                  if ((strcmp (msgstr, "stars") == 0))
++                    /* reset to default display of "*" or bullet */
++                    gtk_entry_unset_invisible_char
++                      (GTK_ENTRY (pwd->user_input_entry));
++                  else
++                    /* set to no display */
++                    gtk_entry_set_invisible_char
++                       (GTK_ENTRY (pwd->user_input_entry), 0);
++
++                  gtk_entry_set_visibility
++                    (GTK_ENTRY (pwd->user_input_entry), FALSE);
++                }
++              msgstr = NULL; /* clear message so we don't show it to user */
++              /* Show the entry field */
++              gtk_widget_show (pwd->user_input_entry);
++              gtk_widget_grab_focus (pwd->user_input_entry);
++              gdk_display_sync
++		  (gtk_widget_get_display (pwd->user_input_entry));
++            }
++          else if ((strcmp (str, "ul_message") == 0))
++            {
++              hmsg = NULL; /* only show msg */
++            }
++          else
++            {
++              /* Should not be others, but if so just show it */
++              hmsg = str;
++            }
++
++          if (hmsg)
++            {
++              label = g_markup_printf_escaped ("<b>%s</b>", hmsg);
++              g_object_set (pwd->msg_label, "label", label, NULL);
++              g_free (label);
++            }
++
++          if (msgstr)
++            {
++              gtk_label_set_text (GTK_LABEL (pwd->pam_message_label), msgstr);
++            }
++        }
++      else if ((strcmp (str, "cmd_exit") == 0))
++        {
++          gtk_main_quit ();
++        }
++      else /* something came through that didn't start with ul_ */
++        {
++          gtk_label_set_text (GTK_LABEL (pwd->pam_message_label), str);
++        }
++
++      g_free (str);
++    }
++
++  return (status != G_IO_STATUS_EOF);
++}
++
++int
++main (int argc, char *argv[])
++{
++  GIOChannel *ioc;
++  PasswdDialog *pwd;
++  char *s;
++  char *real_progname = argv[0];
++  GConfClient *client;
++  const char *modulesptr = NULL;
++  int i;
++
++  gboolean  at_enable  = FALSE; /* accessibility mode enabled ? */
++  Bonobo_ServerInfoList *server_list = NULL;
++  CORBA_Environment ev;
++  Accessibility_LoginHelper helper;
++  Accessibility_LoginHelper *helper_list = NULL;
++  CORBA_boolean safe;
++  gboolean center_position = TRUE; /* center dialog on screen? */
++
++#ifdef ENABLE_NLS
++  bindtextdomain (GETTEXT_PACKAGE, LOCALEDIR);
++  textdomain (GETTEXT_PACKAGE);
++
++#ifdef HAVE_GTK2
++  bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
++#else /* ! HAVE_GTK2 */
++  if (!setlocale (LC_ALL, ""))
++    fprintf (stderr, "%s: locale not supported by C library\n", real_progname);
++#endif /* ! HAVE_GTK2 */
++#endif /* ENABLE_NLS */
++
++  s = strrchr (real_progname, '/');
++  if (s) real_progname = s+1;
++  progname = real_progname;
++
++  parent_file = fdopen(FD_TO_PARENT, "w");
++  if (!parent_file)
++    {
++      fprintf (stderr, "%s: can't communicate with parent, exiting.\n",
++               progname);
++      exit (1);
++    }
++
++  gtk_init (&argc, &argv);
++
++  /* Intern the atoms that xscreensaver_command() needs.
++   */
++  {
++    Display *dpy = gdk_x11_get_default_xdisplay();
++
++    const struct atom_request unlock_atoms[] =
++      {
++	{ &XA_UNLOCK_RATIO, "UNLOCK_RATIO" },
++	{ NULL, NULL } /* Must be last to terminate list */
++      };
++
++    const struct atom_request *atom_lists[3] = { NULL, NULL, NULL };
++    atom_lists[0] = remote_control_atoms;
++    atom_lists[1] = unlock_atoms;
++    request_atoms (dpy, atom_lists);
++  }
++
++  /* bugid 6346056(P1):
++     ATOK pallet sometimes appears in screensave/lock-screen mode
++  */
++  putenv ("GTK_IM_MODULE=gtk-im-context-simple");
++
++
++  /* accessibility mode enabled ? */
++  client = gconf_client_get_default ();
++  at_enable = gconf_client_get_bool (client,
++                                     "/desktop/gnome/interface/accessibility",
++                                     NULL);
++  if (at_enable)
++    {
++
++      /* GTK Accessibility Module initialized */
++      modulesptr = g_getenv ("GTK_MODULES");
++      if (!modulesptr || modulesptr [0] == '\0')
++        putenv ("GTK_MODULES=gail:atk-bridge");
++
++      CORBA_exception_init (&ev);
++      if (!bonobo_init (&argc, argv))
++        {
++          g_error ("Can't initialize Bonobo");
++        }
++
++      /* bonobo-activation query lists existing instances */
++      server_list = bonobo_activation_query (
++        "(repo_ids.has('IDL:Accessibility/LoginHelper:1.0')) AND _active",
++        NULL, &ev);
++
++      if (BONOBO_EX (&ev))
++        {
++          bonobo_debug_shutdown ();
++          g_error ("LoginHelper query failed : %s",
++                   bonobo_exception_get_text (&ev));
++          /* not reached (below) because g_error exits */
++          CORBA_exception_free (&ev);
++        }
++
++      /*
++       * 6182506: unlock dialog can be obscured by the magnifier window
++       * if it's always centered, so don't force that if any accessibility
++       * helpers are present
++       */
++      if (server_list && server_list->_length)
++        center_position = FALSE;
++    } /* accessibility enabled */
++
++  pwd = make_dialog (center_position);
++  connect_signals (pwd);
++
++  gtk_widget_show_all (pwd->dialog);
++  gtk_window_present (GTK_WINDOW (pwd->dialog));
++  gtk_widget_map (pwd->dialog);
++
++  gdk_display_sync (gtk_widget_get_display (pwd->dialog));
++
++  gdk_window_add_filter (GET_WINDOW (pwd->dialog), dialog_filter_func, pwd);
++  write_windowid ("dialog_win", GDK_WINDOW_XID (GET_WINDOW (pwd->dialog)));
++
++  if (server_list && server_list->_length)
++    {
++      /* debug only
++      g_message ("%d LoginHelpers are running.",
++                 server_list ? server_list->_length : 0);
++      */
++
++      helper_list = g_new0 (Accessibility_LoginHelper, server_list->_length);
++
++      /* for each instance... */
++      for (i = 0; i < server_list->_length; i++)
++        {
++          Bonobo_Unknown server;
++          Bonobo_ServerInfo info = server_list->_buffer[i];
++
++          server = bonobo_activation_activate_from_id (
++              info.iid, Bonobo_ACTIVATION_FLAG_EXISTING_ONLY, NULL, &ev);
++
++          if (BONOBO_EX (&ev))
++            {
++              g_warning ("Error activating server %d: %s", i,
++                         bonobo_exception_get_text (&ev));
++              CORBA_exception_free (&ev);
++              continue;
++            }
++          else if (server == CORBA_OBJECT_NIL)
++            {
++              g_warning ("Activated server %d is NIL!", i);
++              continue;
++            }
++
++          bonobo_activate ();
++
++          helper = Bonobo_Unknown_queryInterface
++            (server, "IDL:Accessibility/LoginHelper:1.0", &ev);
++
++          if (BONOBO_EX (&ev))
++            {
++              g_warning ("Error performing interface query: %s",
++                         bonobo_exception_get_text (&ev));
++              CORBA_exception_free (&ev);
++              continue;
++            }
++          else if (helper == CORBA_OBJECT_NIL)
++            {
++              g_warning ("Activated an object which advertised LoginHelper but does not implement it!");
++              continue;
++            }
++
++          helper_list[i] = helper;
++          bonobo_object_release_unref (server, &ev);
++
++          if (helper && !BONOBO_EX (&ev))
++            {
++              /* ask the helper to go into safe mode */
++              safe = Accessibility_LoginHelper_setSafe (helper, TRUE, &ev);
++              if (BONOBO_EX (&ev))
++                {
++                  g_warning ("setSafe(TRUE) failed: %s",
++                             bonobo_exception_get_text (&ev));
++                  CORBA_exception_free (&ev);
++                }
++
++              /* get the raise window list (if the program went into safe mode) */
++              if (safe)
++                {
++                  int j;
++                  gboolean needs_windows_raised = FALSE;
++                  Accessibility_LoginHelper_DeviceReqList *list;
++
++                  g_debug ("safe");
++
++                  /* does this helper need to have windows raised? */
++                  list = Accessibility_LoginHelper_getDeviceReqs (helper, &ev);
++
++                  if (BONOBO_EX (&ev))
++                    {
++                      g_warning ("Bonobo exception getting Device Requirements: %s",
++                                 bonobo_exception_get_text (&ev));
++                      CORBA_exception_free (&ev);
++                    }
++                  else
++                    {
++                      g_debug ("LoginHelper device requirements: ");
++                      if (list->_length == 0)
++                        g_debug (" - None.");
++
++                      for (j = 0; j < list->_length; j++)
++                        {
++                          switch (list->_buffer[j])
++                            {
++                            case Accessibility_LoginHelper_GUI_EVENTS:
++                              g_debug (" - Needs access to the GUI event subsystem (e.g. Xserver)");
++                              break;
++                            case Accessibility_LoginHelper_CORE_KEYBOARD:
++                              g_debug (" - Needs access to core keyboard device");
++                              write_to_parent("ungrab_keyboard", "true", FALSE);
++                              break;
++                            case Accessibility_LoginHelper_CORE_POINTER:
++                              g_debug (" - Needs access to core pointer device");
++                              write_to_parent("ungrab_pointer", "true", FALSE);
++                              break;
++                            case Accessibility_LoginHelper_EXT_INPUT:
++                              g_debug (" - Reads XInput extended input devices");
++                              break;
++                            case Accessibility_LoginHelper_POST_WINDOWS:
++                              g_debug (" - Posts windows");
++                              needs_windows_raised = TRUE;
++                              break;
++                            case Accessibility_LoginHelper_AUDIO_OUT:
++                              g_debug (" - Writes to audio device");
++                              break;
++                            case Accessibility_LoginHelper_AUDIO_IN:
++                              g_debug (" - Reads from audio device");
++                              break;
++                            case Accessibility_LoginHelper_LOCALHOST:
++                              g_debug (" - Needs LOCALHOST network connection");
++                              break;
++                            case Accessibility_LoginHelper_SERIAL_OUT:
++                              g_debug (" - Needs to write to one or more serial ports");
++                              break;
++                            default:
++                              break;
++                            }
++                        }
++                      CORBA_free (list);
++                    }
++
++                  if (needs_windows_raised)
++                    {
++                      Accessibility_LoginHelper_WindowList *windows
++                        = Accessibility_LoginHelper_getRaiseWindows
++                        (helper, &ev);
++
++                      if (BONOBO_EX (&ev))
++                        {
++                          g_warning ("getRaiseWindows failed: %s",
++                                     bonobo_exception_get_text (&ev));
++                          CORBA_exception_free (&ev);
++                        }
++
++                      g_debug ("%d windows need raising", windows->_length);
++                      for (j = 0; j < windows->_length; j++)
++                        {
++                          Window wid = windows->_buffer[j].winID;
++                          g_debug ("Window ID = 0x%lx", wid);
++                          if (wid)
++                            write_windowid ("raise_win", wid);
++                        }
++                    }
++                }
++              else
++                {
++                  g_warning ("LoginHelper %d did not go into safe mode", i);
++                }
++            }
++           else
++            {
++              if (BONOBO_EX (&ev))
++                {
++                  g_warning ("Error activating %s: %s",
++                             info.iid, bonobo_exception_get_text (&ev));
++                  CORBA_exception_free (&ev);
++                }
++              else
++                {
++                  g_warning ("no active instance of %s found", info.iid);
++                }
++            }
++        }
++    } /* accessibility helpers active */
++
++  /* Flush dialog window ids & any messages about login helpers to parent */
++  write_to_parent(NULL, NULL, TRUE);
++
++  gtk_widget_grab_focus (pwd->user_input_entry);
++
++  ioc = g_io_channel_unix_new (0);
++  g_io_add_watch (ioc, G_IO_IN | G_IO_HUP, handle_input, pwd);
++
++  gtk_main ();
++
++  /* Reset accessibility helpers back to non-safe mode now that we're done */
++  if (server_list)
++    {
++      for (i = 0; i < server_list->_length; i++)
++        {
++          helper = helper_list[i];
++          /* really no need to check the return value this time */
++          Accessibility_LoginHelper_setSafe (helper, FALSE, &ev);
++          if (BONOBO_EX (&ev))
++            {
++              g_warning ("setSafe(FALSE) failed: %s",
++                         bonobo_exception_get_text (&ev));
++              CORBA_exception_free (&ev);
++            }
++          CORBA_Object_release (helper, &ev);
++        }
++      CORBA_free (server_list);
++      bonobo_debug_shutdown ();
++    }
++
++  return 0;
++}
++#endif /* HAVE_GTK2 */
+diff --git a/driver/lock.c b/driver/lock.c
+--- a/driver/lock.c
++++ b/driver/lock.c
[email protected]@ -21,8 +21,13 @@
+ #include <X11/Intrinsic.h>
+ #include <X11/cursorfont.h>
+ #include <X11/Xos.h>		/* for time() */
++#include <X11/Xatom.h>
+ #include <time.h>
+ #include <sys/time.h>
++#include <errno.h>
++#include <gconf/gconf-client.h>
++#include "exec.h"
++#include "dialog-data.h"
+ #include "xscreensaver.h"
+ #include "resources.h"
+ #include "mlstring.h"
[email protected]@ -83,126 +88,631 @@ vms_passwd_valid_p(char *pw, Bool verbose_p)
+ 
+ typedef struct info_dialog_data info_dialog_data;
+ 
++/* struct passwd_dialog_data moved to dialog-data.h */
+ 
+-#define MAX_BYTES_PER_CHAR 8	/* UTF-8 uses no more than 3, I think */
+-#define MAX_PASSWD_CHARS   128	/* Longest possible passphrase */
+-
+-struct passwd_dialog_data {
+-
+-  saver_screen_info *prompt_screen;
+-  int previous_mouse_x, previous_mouse_y;
+-
+-  /* "Characters" in the password may be a variable number of bytes long.
+-     typed_passwd contains the raw bytes.
+-     typed_passwd_char_size indicates the size in bytes of each character,
+-     so that we can make backspace work.
+-   */
+-  char typed_passwd [MAX_PASSWD_CHARS * MAX_BYTES_PER_CHAR];
+-  char typed_passwd_char_size [MAX_PASSWD_CHARS];
+-  
+-  XtIntervalId timer;
+-  int i_beam;
+-
+-  float ratio;
+-  Position x, y;
+-  Dimension width;
+-  Dimension height;
+-  Dimension border_width;
+-
+-  Bool echo_input;
+-  Bool show_stars_p; /* "I regret that I have but one asterisk for my country."
+-                        -- Nathan Hale, 1776. */
+-
+-  char *heading_label;
+-  char *body_label;
+-  char *user_label;
+-  mlstring *info_label;
+-  /* The entry field shall only be displayed if prompt_label is not NULL */
+-  mlstring *prompt_label;
+-  char *date_label;
+-  char *passwd_string;
+-  Bool passwd_changed_p; /* Whether the user entry field needs redrawing */
+-  Bool caps_p;		 /* Whether we saw a keypress with caps-lock on */
+-  char *unlock_label;
+-  char *login_label;
+-  char *uname_label;
+-
+-  Bool show_uname_p;
+-
+-  XFontStruct *heading_font;
+-  XFontStruct *body_font;
+-  XFontStruct *label_font;
+-  XFontStruct *passwd_font;
+-  XFontStruct *date_font;
+-  XFontStruct *button_font;
+-  XFontStruct *uname_font;
+-
+-  Pixel foreground;
+-  Pixel background;
+-  Pixel border;
+-  Pixel passwd_foreground;
+-  Pixel passwd_background;
+-  Pixel thermo_foreground;
+-  Pixel thermo_background;
+-  Pixel shadow_top;
+-  Pixel shadow_bottom;
+-  Pixel button_foreground;
+-  Pixel button_background;
+-
+-  Dimension preferred_logo_width, logo_width;
+-  Dimension preferred_logo_height, logo_height;
+-  Dimension thermo_width;
+-  Dimension internal_border;
+-  Dimension shadow_width;
+-
+-  Dimension passwd_field_x, passwd_field_y;
+-  Dimension passwd_field_width, passwd_field_height;
+-
+-  Dimension unlock_button_x, unlock_button_y;
+-  Dimension unlock_button_width, unlock_button_height;
+-
+-  Dimension login_button_x, login_button_y;
+-  Dimension login_button_width, login_button_height;
+-
+-  Dimension thermo_field_x, thermo_field_y;
+-  Dimension thermo_field_height;
+-
+-  Pixmap logo_pixmap;
+-  Pixmap logo_clipmask;
+-  int logo_npixels;
+-  unsigned long *logo_pixels;
+-
+-  Cursor passwd_cursor;
+-  Bool unlock_button_down_p;
+-  Bool login_button_down_p;
+-  Bool login_button_p;
+-  Bool login_button_enabled_p;
+-  Bool button_state_changed_p; /* Refers to both buttons */
+-
+-  Pixmap save_under;
+-  Pixmap user_entry_pixmap;
+-};
+-
++#ifndef HAVE_XSCREENSAVER_LOCK
+ static void draw_passwd_window (saver_info *si);
++#endif
+ static void update_passwd_window (saver_info *si, const char *printed_passwd,
+ 				  float ratio);
+ static void destroy_passwd_window (saver_info *si);
++static int ignore_all_errors_ehandler (Display *dpy, XErrorEvent *error);
+ static void undo_vp_motion (saver_info *si);
++#ifndef HAVE_XSCREENSAVER_LOCK
+ static void finished_typing_passwd (saver_info *si, passwd_dialog_data *pw);
++#endif
+ static void cleanup_passwd_window (saver_info *si);
+ static void restore_background (saver_info *si);
+ 
+ extern void xss_authenticate(saver_info *si, Bool verbose_p);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++
++#define WIN_ALLOC_INCREMENT 8	/* allocate entries in the window lists in
++                                   increments of 8 at a time for fewer
++                                   reallocs and less chance of malloc error
++                                   at the wrong time */
++#define EXTRA_RAISE_WIN_SLOTS 4 /* Need to leave four extra slots free in
++                                   raise_wins to allow calling XRestackWindows
++                                   when a window pops up without having to
++                                   realloc or copy to a new list.
++                                   These slots would be used by:
++                                   - passwd_dialog
++                                   - stderr_overlay_window
++                                   - xscreensaver virtual root
++                                   - an interloper popup we need to hide
++                                */
++
++extern Atom XA_UNLOCK_RATIO;
++
++Bool g_passwd_dialog_created = 0;
++
++GConfClient *client = NULL;
++
++static const char *switch_windows_gconf_key
++  = "/apps/metacity/global_keybindings/switch_windows";
++static char  *global_switch_key = NULL;
++
++static const char *main_menu_gconf_key
++  = "/apps/metacity/global_keybindings/panel_main_menu";
++static char  *global_menu_key = NULL;
++
++extern Bool safe_XDestroyWindow (Display *dpy, Window window);
++static Bool safe_XRestackWindows(Display *dpy, Window windows[], int nwindows);
++static Bool safe_XSendEvent(Display *dpy, Window w, Bool propagate,
++                            long event_mask, XEvent *event_send);
++static void passwd_animate_timer (XtPointer closure, XtIntervalId *id);
++extern void swallow_unlock_typeahead_events (saver_info *si, XEvent *e);
++
++
++static saver_screen_info *
++find_screen_for_window (saver_info *si, Window wid)
++{
++  saver_screen_info *ssi;
++  Screen *screen;
++  Window root, root_ret, parent_ret, *children = NULL;
++  unsigned int nchildren = 0;
++  int screen_no, status;
++
++  status = XQueryTree (si->dpy, wid, &root_ret, &parent_ret,
++                       &children, &nchildren);
++
++  if (status == 0) /* failed */
++    return NULL;
++
++  XFree(children);
++  children = NULL;
++
++  for (screen_no = 0; screen_no < si->nscreens; screen_no++)
++    {
++      ssi = &si->screens[screen_no];
++      screen = ssi->screen;
++      root   = RootWindowOfScreen (screen);
++
++      if (root == root_ret)
++        return ssi;
++    }
++
++  return NULL; /* Didn't match the root on any screen  we know of - PUNT! */
++}
++
++/*
++ 5083155 Unable to unlock screen when running dual-head MAG
++ adding dual or multiple heads for magnifier support
++
++ screen 0: loginhelp can pass the raisedWid of GOK or MAG or both
++           found: return its parent Wid (child of root)
++           not found:  0
++
++ other screen:        MAG only if the target screen no > 0 is selected
++           found:  restack on that screen
++               return 0
++           not-found : return 0
++
++ */
++
++static Window
++check_raisedWid (saver_info *si, Window wid)
++{
++  saver_screen_info *ssi;
++  Screen *screen;
++  Window root, root_ret, parent_ret, *children = NULL;
++  unsigned int nchildren = 0;
++  int screen_no, status;
++
++  status = XQueryTree (si->dpy, wid, &root_ret, &parent_ret,
++                       &children, &nchildren);
++
++  if (status == 0) /* failed */
++    return 0;
++
++  XFree(children);
++  children = NULL;
++
++  for (screen_no = 0; screen_no < si->nscreens; screen_no++)
++    {
++      ssi = &si->screens[screen_no];
++      screen = ssi->screen;
++      root   = RootWindowOfScreen (screen);
++
++      if (root == root_ret)
++        break;
++    }
++
++  if ( screen_no >= si->nscreens ) /* Didn't match the root on any screen */
++    return 0;                      /*  we know of - PUNT!                 */
++
++  /* Climb the tree until we find an ancestor that's a child of root */
++  while ( root_ret != parent_ret )
++    {
++      wid = parent_ret;
++
++      status = XQueryTree (si->dpy, wid, &root_ret, &parent_ret,
++                           &children, &nchildren);
++
++      if (status == 0) /* failed */
++        return 0;
++
++      XFree(children);
++      children = NULL;
++    }
++
++  if ( ssi != si->pw_data->prompt_screen )
++    {
++      /* found in other screen (not the one with the unlock dialog),
++         implies MAG target screen, invoke XRestackWindow() there
++      */
++      Window screen_win[2] = { wid, ssi->screensaver_window };
++      safe_XRestackWindows(si->dpy, screen_win, 2);
++      return 0;   /* no need to do the restack on prompt screen */
++    }
++
++  return wid;
++}
++
++/* Enforce window stacking order when a new window arrives.
++   Only allow raising windows the unlock dialog has told us to raise
++   (including itself).
++ */
++static void
++restack_my_windows (saver_info* si, saver_screen_info *ssi, Window newWin)
++{
++  int n = 0;
++  Window short_stack[EXTRA_RAISE_WIN_SLOTS];
++  Window *restack_list;
++  Bool allowed = False;
++
++  /* If window is on another screen than the unlock dialog,
++     or we have list of no windows to raise */
++  if ((si->raise_wins == NULL) || (ssi != si->pw_data->prompt_screen))
++    {
++      restack_list = short_stack;
++    }
++  else
++    {
++      restack_list = si->raise_wins;
++      for (n = 0; n < si->num_raise_wins; n++)
++        {
++          if (si->raise_wins[n] == newWin)
++            allowed = True;
++        }
++    }
++
++  if (si->passwd_dialog && (ssi == si->pw_data->prompt_screen))
++    {
++      restack_list[n++] = si->passwd_dialog;
++      if (si->passwd_dialog == newWin)
++        allowed = True;
++    }
++
++  if (ssi->stderr_overlay_window)
++    {
++      restack_list[n++] = ssi->stderr_overlay_window;
++      if (ssi->stderr_overlay_window == newWin)
++        allowed = True;
++    }
++
++  if (ssi->screensaver_window)
++    {
++      restack_list[n++] = ssi->screensaver_window;
++      if (ssi->screensaver_window == newWin)
++        allowed = True;
++    }
++
++  /* If it's not in the allowed list, it goes behind
++     the screensaver_window. */
++  if (newWin && !allowed)
++    restack_list[n++] = newWin;
++
++  if (n > 1)
++    safe_XRestackWindows (si->dpy, restack_list, n);
++}
++
++/* Send a command to the xscreensaver-lock child process
++   Arguments:
++    - msg - message to send, such as ul_ok
++    - data - additional data, such as string to display for this message,
++             if any, otherwise NULL
++   Message format sent to child:
++    "msg\n" if no data, otherwise "msg=data\n"
++ */
++int
++write_to_child (saver_info* si, const char* msg, const char *data)
++{
++  if (msg == NULL)
++    {
++      fprintf (stderr, "Invalid null message written to child\n");
++      return -1;
++    }
++
++  if (si->external_passwd && g_passwd_dialog_created &&
++      si->pw_data->stdin_fd != -1)
++    {
++      int len;
++
++      if (si->prefs.verbose_p)
++        {
++          fprintf (stderr,
++                   "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n"
++                   "HAVE_SCRSVR_LOCK writing to fd:%d message is:\n%s=%s\n"
++                   "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n",
++                   si->pw_data->stdin_fd, msg, data ? data : "(null)");
++        }
++
++      if (data)
++        len = fprintf (si->pw_data->stdin_file, "%s=%s\n", msg, data);
++      else
++        len = fprintf (si->pw_data->stdin_file, "%s\n", msg);
++
++      fflush (si->pw_data->stdin_file);
++      return len;
++    }
++
++  return (0); /* if we didn't write anything return 0 */
++}
++
++static int
++sane_dup2 (int fd1, int fd2)
++{
++  int ret;
++
++  do
++    {
++      ret = dup2 (fd1, fd2);
++    }
++  while (ret < 0 && errno == EINTR);
++
++  return ret;
++}
++
++static int
++close_and_invalidate (int *fd)
++{
++  int ret;
++
++  ret = close (*fd);
++  *fd = -1;
++
++  return ret;
++}
++
++void
++handle_passwd_input (XtPointer xtdata, int *fd, XtInputId *id)
++{
++  saver_info *si = (saver_info *)xtdata;
++  saver_preferences *p = &si->prefs;
++  char buffer[1024];
++  char *msg, *data;
++  passwd_dialog_data *pw = si->pw_data;
++
++  if (p->verbose_p)
++    fprintf (stderr, "passwd input handler() fd=%d\n", *fd);
++
++  msg = fgets (buffer, sizeof (buffer), pw->stdout_file);
++  if (!msg)  /* child closed pipe */
++    {
++      if (p->verbose_p)
++        {
++          fprintf (stderr, "done reading...\n");
++          fprintf (stderr, "removing input handler...\n");
++        }
++      XtRemoveInput (*id);
++      pw->stdout_input_id = 0;
++
++      if (p->verbose_p)
++        fprintf (stderr, "passwd input handler() returning...done reading\n");
++
++      return;
++    }
++
++  if (p->verbose_p)
++    fprintf (stderr, "Child sent message: %s\n", msg);
++
++  /* search for =, and if found, split msg & data into two strings there */
++  data = strchr(msg, '=');
++  if (data)
++    {
++      char *nl;
++
++      *data++ = 0;
++
++      /* strip trailing newline */
++      nl = strchr (data, '\n');
++      if (nl)
++        *nl = '\0';
++    }
++  else
++    {
++      /* All the messages we currently expect require data! */
++      if (p->verbose_p)
++        fprintf (stderr, "*** Invalid message: no data found, discarding\n");
++
++      return;
++    }
++
++  if ((strcmp(msg, "input") == 0)) /* User input */
++    {
++      si->unlock_state = ul_finished;
++      pw->got_passwd = TRUE;
++      pw->passwd_string = strdup (data);
++      memset (data, 0, strlen(data));
++    }
++  else if ((strcmp(msg, "ungrab_keyboard") == 0))
++    {
++      /* An accessibility helper needs to access the keyboard, so we have
++         to release our grab - unfortunately this risks other apps acting
++         on keys they shouldn't, so first we disable metacity keys that
++         could allow getting back to the locked session windows, and hope
++         we don't crash or die before restoring them later.
++
++         Other window managers are likely to be risky to use in this case.
++      */
++
++      if (client == NULL)
++        client = gconf_client_get_default();
++
++      if (global_switch_key == NULL)
++        {
++          global_switch_key =
++            gconf_client_get_string (client, switch_windows_gconf_key, NULL);
++
++          if (global_switch_key && strncmp (global_switch_key, "dis", 3))
++            gconf_client_set_string (client, switch_windows_gconf_key,
++                                     "disabled", NULL);
++        }
++
++      if (global_menu_key == NULL)
++        {
++          global_menu_key =
++            gconf_client_get_string (client, main_menu_gconf_key, NULL);
++
++          if (global_menu_key && strncmp(global_menu_key, "dis", 3))
++            gconf_client_set_string (client, main_menu_gconf_key,
++                                     "disabled", NULL);
++        }
++
++      XUngrabKeyboard (si->dpy, CurrentTime);
++      XFlush (si->dpy);
++    }
++  else if ((strcmp(msg, "ungrab_pointer") == 0))
++    {
++      /* An accessibility helper needs to access the mouse, so we have
++         to release our grab - this is simpler, since we don't worry about
++         mouse gestures that may get through, though maybe we should...
++      */
++
++      XUngrabPointer (si->dpy, CurrentTime);
++      XFlush (si->dpy);
++    }
++  else /* Get a window id of an interesting window from the child */
++    {
++      Window window = strtoul (data, NULL, 0);
++      int status;
++
++      if ((strcmp (msg, "dialog_win") == 0))
++        {
++          /* The unlock dialog itself */
++          si->passwd_dialog = window;
++          pw->got_windowid = True;
++
++          move_mouse_grab (si, si->passwd_dialog, pw->passwd_cursor,
++                           pw->prompt_screen->number);
++          undo_vp_motion (si);
++          passwd_animate_timer ((XtPointer) si, 0);
++
++          /* Flush queue of captured typeahead events */
++          if (si->typeahead_events && si->num_typeahead_events)
++            {
++              int i;
++
++              for (i = 0; i < si->num_typeahead_events; i++)
++                {
++                  si->typeahead_events[i].window = window;
++                  safe_XSendEvent (si->dpy, window, False, KeyPressMask,
++                                   (XEvent *) &si->typeahead_events[i]);
++                }
++              si->num_typeahead_events = 0;
++            }
++          XGrabKeyboard (si->dpy, window, True, GrabModeAsync, GrabModeAsync, CurrentTime);
++          XGrabPointer (si->dpy, window, True, 0, GrabModeAsync, GrabModeAsync, None, None, CurrentTime);
++          XFlush (si->dpy);
++          XSetInputFocus (si->dpy, window, RevertToPointerRoot, CurrentTime);
++          XSync (si->dpy, False);
++        }
++      else if ((strcmp (msg, "raise_win") == 0))
++        {
++          /* Accessibility helpers that need to be raised above the
++             full-screen blanking window hiding the user's desktop */
++          Window *newlist;
++          Window overwin;
++
++          if ( (si->num_raise_wins + EXTRA_RAISE_WIN_SLOTS)
++               >= si->max_raise_wins)
++            {
++              int raise_alloc = si->max_raise_wins + WIN_ALLOC_INCREMENT;
++
++              newlist = realloc(si->raise_wins, raise_alloc * sizeof(Window));
++              if (newlist == NULL)
++                return;
++
++              si->raise_wins = newlist;
++              si->max_raise_wins = raise_alloc;
++            }
++
++          overwin = check_raisedWid (si, window);
++          if (overwin)
++            {
++              XWindowAttributes attrs;
++              status = XGetWindowAttributes (si->dpy, overwin, &attrs);
++
++              if ( status && !attrs.override_redirect )
++                {
++                  unsigned long valuemask = CWOverrideRedirect;
++                  XSetWindowAttributes setwinattr;
++                  setwinattr.override_redirect = True;
++
++                  XChangeWindowAttributes (si->dpy, overwin,
++                                           valuemask, &setwinattr);
++
++                  if (si->num_override_wins >= si->max_override_wins)
++                    {
++                      int over_alloc
++                        = si->max_override_wins + WIN_ALLOC_INCREMENT;
++
++                      newlist = realloc(si->override_wins,
++                                        over_alloc * sizeof(Window));
++                      if (newlist == NULL)
++                        return;
++
++                      si->override_wins = newlist;
++                      si->max_override_wins = over_alloc;
++                    }
++
++                  si->override_wins[si->num_override_wins++] = overwin;
++                }
++              XMapSubwindows(si->dpy, overwin);
++              si->raise_wins[si->num_raise_wins++] = overwin;
++            }
++          else
++            si->raise_wins[si->num_raise_wins++] = window;
++        } /* "raise_win" */
++
++      restack_my_windows(si, si->pw_data->prompt_screen, 0);
++    }
++}
++
++/* returns successful fork/exec */
++Bool
++spawn_external_passwd_process (saver_info *si, passwd_dialog_data *pw)
++{
++  saver_preferences *p = &si->prefs;
++  pid_t forked;
++  const char *command = LOCKDIR "/xscreensaver-lock";
++  int stdin_pipe[2]  = { -1, -1 };
++  int stdout_pipe[2] = { -1, -1 };
++
++  si->passwd_pid = 0;
++  pw->stdin_fd = pw->stdout_fd = -1;
++  pw->got_windowid = False;
++
++  if (si->prefs.verbose_p)
++     fprintf(stderr, "-->spawn_external_passwd()\n");
++
++  if (si->passwd_pid > 0)
++    {
++      if (si->prefs.verbose_p)
++        fprintf (stderr,"pid %ld still exists.  Killing it with SIGKILL\n",
++                 si->passwd_pid);
++      kill_job (si, si->passwd_pid, SIGKILL);
++    }
++  si->passwd_pid = 0;
++
++  if (pipe (stdin_pipe) < 0)
++    {
++      perror ("pipe(stdin_pipe) failed!");
++      return False;
++    }
++
++  if (pipe (stdout_pipe) < 0)
++    {
++      perror ("pipe(stdout_pipe) failed!");
++      close_and_invalidate (&stdin_pipe[0]);
++      close_and_invalidate (&stdin_pipe[1]);
++      return False;
++    }
++  switch ((int) (forked = fork ()))
++    {
++    case -1:
++      fprintf (stderr, "%s: ", blurb ());
++      perror ("couldn't fork");
++
++      close_and_invalidate (&stdin_pipe[0]);
++      close_and_invalidate (&stdin_pipe[1]);
++      close_and_invalidate (&stdout_pipe[0]);
++      close_and_invalidate (&stdout_pipe[1]);
++
++      return False;
++
++    case 0:
++      close (ConnectionNumber (si->dpy)); /* close display fd */
++      /* limit_subproc_memory (p->inferior_memory_limit, p->verbose_p); */
++      /* hack_subproc_environment (ssi); */ /* FIX $DISPLAY */
++
++      /* Inside Child Process */
++      if (p->verbose_p)
++        fprintf (stderr, "%s: spawning \"%s\" in pid %lu.\n",
++                 blurb(), command, (unsigned long) getpid ());
++
++      close_and_invalidate (&stdin_pipe[1]);
++      close_and_invalidate (&stdout_pipe[0]);
++
++      sane_dup2 (stdin_pipe[0], 0);  /* Listen to Parent from here */
++      sane_dup2 (stdout_pipe[1], 9); /* Talk to Parent from here */
++
++      /* Make sure we have relinquished setuid privs or lock dialog gtk
++       * program will not run as libgtk is not setuid safe.
++       */
++      hack_uid (si);
++
++      exec_command (p->shell, command, 0);
++      /* print_path_error (command); */
++      fprintf (stderr, "%s: couldn't exec: %s\n",
++               blurb (), command);
++      abort ();
++
++    default:
++      /* In Parent */
++      make_job(forked, 0, command);
++      close_and_invalidate (&stdin_pipe[0]);
++      close_and_invalidate (&stdout_pipe[1]);
++
++      sane_dup2 (stdin_pipe[0], 0);  /* Listen to Child from here */
++      sane_dup2 (stdout_pipe[1], 13); /* Talk to Child from here */
++
++      pw->stdin_fd   = stdin_pipe[1];   /* Talk to child from here */
++      pw->stdout_fd  = stdout_pipe[0];  /* Listen to Child from here */
++      si->passwd_pid = forked;
++
++      /* Messages to child dialog are sent through this pipe/fd */
++      pw->stdin_file = fdopen (pw->stdin_fd, "w");
++      write_to_child (si, "Hello", NULL); /* Send a test message to Child */
++
++      /* Password from child dialog comes through this pipe/fd */
++      pw->stdout_file = fdopen (pw->stdout_fd, "r");
++
++      pw->stdout_input_id = XtAppAddInput (si->app, pw->stdout_fd,
++                                           (XtPointer) XtInputReadMask,
++                                           handle_passwd_input, si);
++
++      /* Set global flag to indicate that lock dialog is visible */
++      g_passwd_dialog_created = True;
++      return True;
++    }
++
++  /* shouldn't reach */
++  abort ();
++  return False;
++}
++#endif /* HAVE_XSCREENSAVER_LOCK */
++
+ static int
+ new_passwd_window (saver_info *si)
+ {
+   passwd_dialog_data *pw;
++#ifndef HAVE_XSCREENSAVER_LOCK
+   Screen *screen;
+   Colormap cmap;
+   char *f;
++#endif
+   saver_screen_info *ssi = &si->screens [mouse_screen (si)];
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* si->pw_data is globally allocated and never freed when HAVE_XSS_LOCK */
++  pw = si->pw_data;
++  if (!spawn_external_passwd_process (si, pw))
++    return -1;
++  si->external_passwd = True;
++#else
+   pw = (passwd_dialog_data *) calloc (1, sizeof(*pw));
+   if (!pw)
+     return -1;
[email protected]@ -211,17 +721,21 @@ new_passwd_window (saver_info *si)
+    */
+   pw->login_button_p = (si->prefs.new_login_command &&
+                         *si->prefs.new_login_command);
++#endif
+ 
+   pw->passwd_cursor = XCreateFontCursor (si->dpy, XC_top_left_arrow);
+ 
+   pw->prompt_screen = ssi;
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+   screen = pw->prompt_screen->screen;
+   cmap = DefaultColormapOfScreen (screen);
++#endif
+ 
+   pw->show_stars_p = get_boolean_resource(si->dpy, "passwd.asterisks", 
+ 					  "Boolean");
+   
++#ifndef HAVE_XSCREENSAVER_LOCK
+   pw->heading_label = get_string_resource (si->dpy, "passwd.heading.label",
+ 					   "Dialog.Label.Label");
+   pw->body_label = get_string_resource (si->dpy, "passwd.body.label",
[email protected]@ -376,6 +890,7 @@ new_passwd_window (saver_info *si)
+   if (pw->shadow_width == 0) pw->shadow_width = 4;
+   if (pw->thermo_width == 0) pw->thermo_width = pw->shadow_width;
+ 
++#endif /* ! HAVE_XSCREENSAVER_LOCK */
+ 
+   /* We need to remember the mouse position and restore it afterward, or
+      sometimes (perhaps only with Xinerama?) the mouse gets warped to
[email protected]@ -442,12 +957,16 @@ make_passwd_window (saver_info *si,
+ 		    const char *prompt,
+ 		    Bool echo)
+ {
++#ifndef HAVE_XSCREENSAVER_LOCK
+   XSetWindowAttributes attrs;
+   unsigned long attrmask = 0;
++#endif
+   passwd_dialog_data *pw;
++#ifndef HAVE_XSCREENSAVER_LOCK
+   Screen *screen;
+   Colormap cmap;
+   Dimension max_string_width_px;
++#endif
+   saver_screen_info *ssi = &si->screens [mouse_screen (si)];
+ 
+   cleanup_passwd_window (si);
[email protected]@ -455,7 +974,12 @@ make_passwd_window (saver_info *si,
+   if (! ssi)   /* WTF?  Trying to prompt while no screens connected? */
+     return -1;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* si->pw_data is globally allocated and never freed when HAVE_XSS_LOCK */
++  if (!si->pw_data->got_windowid)
++#else
+   if (!si->pw_data)
++#endif
+     if (new_passwd_window (si) < 0)
+       return -1;
+ 
[email protected]@ -470,6 +994,29 @@ make_passwd_window (saver_info *si,
+              blurb(), pw->prompt_screen->number,
+              info_msg ? info_msg : "");
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* Wipe the old password, so we get prompted to enter new password. */
++  if (pw->passwd_string)
++    {
++      memset(pw->passwd_string, 0, strlen (pw->passwd_string));
++      free (pw->passwd_string);
++      pw->passwd_string = NULL;
++    }
++
++  if (info_msg)
++    write_to_child (si, "ul_message", info_msg);
++  if (prompt)
++    {
++      write_to_child (si, "ul_pamprompt", prompt);
++
++      if (echo)
++        write_to_child (si, "ul_prompt_echo", "true");
++      else if (pw->show_stars_p)
++        write_to_child (si, "ul_prompt_echo", "stars");
++      else
++        write_to_child (si, "ul_prompt_echo", "false");
++    }
++#else
+   screen = pw->prompt_screen->screen;
+   cmap = DefaultColormapOfScreen (screen);
+ 
[email protected]@ -716,11 +1263,13 @@ make_passwd_window (saver_info *si,
+   if (cmap)
+     XInstallColormap (si->dpy, cmap);
+   draw_passwd_window (si);
++#endif /* ! HAVE_XSCREENSAVER_LOCK */
+ 
+   return 0;
+ }
+ 
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+ static void
+ draw_passwd_window (saver_info *si)
+ {
[email protected]@ -1066,17 +1615,48 @@ draw_button(Display *dpy,
+   draw_shaded_rectangle(dpy, dialog, x, y, width, height,
+ 			shadow_width, shadow_light, shadow_dark);
+ }
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+ 
+ static void
+ update_passwd_window (saver_info *si, const char *printed_passwd, float ratio)
+ {
+   passwd_dialog_data *pw = si->pw_data;
++#ifndef HAVE_XSCREENSAVER_LOCK
+   XGCValues gcv;
+   GC gc1, gc2;
+   int x, y;
+   XRectangle rects[1];
++#endif
+ 
+   pw->ratio = ratio;
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* Send countdown timer ratio to child lock dialog */
++  if (si->passwd_dialog)
++    {
++      XEvent event;
++
++      event.xany.type = ClientMessage;
++      event.xclient.display = si->dpy;
++      event.xclient.window = si->passwd_dialog;
++      event.xclient.message_type = XA_UNLOCK_RATIO;
++      event.xclient.format = 32;
++      memset (&event.xclient.data, 0, sizeof (event.xclient.data));
++      event.xclient.data.l[0] = (long)(pw->ratio * 100);
++      event.xclient.data.l[1] = 0;
++      event.xclient.data.l[2] = 0;
++
++      if (!safe_XSendEvent (si->dpy, si->passwd_dialog, False, 0L, &event))
++        fprintf (stderr, "%s: error sending ratio to lock dialog\n", blurb ());
++    }
++  else
++    {
++      if (si->prefs.verbose_p)
++        fprintf (stderr,
++          "-->update_passwd_window() lockdialog not created, returning!!\n");
++      return;
++    }
++#else
+   gcv.foreground = pw->passwd_foreground;
+   gcv.font = pw->passwd_font->fid;
+   gc1 = XCreateGC (si->dpy, si->passwd_dialog, GCForeground|GCFont, &gcv);
[email protected]@ -1221,6 +1801,7 @@ update_passwd_window (saver_info *si, const char *printed_passwd, float ratio)
+   XFreeGC (si->dpy, gc1);
+   XFreeGC (si->dpy, gc2);
+   XSync (si->dpy, False);
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+ }
+ 
+ 
[email protected]@ -1252,6 +1833,9 @@ cleanup_passwd_window (saver_info *si)
+ {
+   passwd_dialog_data *pw;
+ 
++  if (si->prefs.verbose_p)
++    fprintf (stderr, "cleanup_passwd_window\n");
++
+   if (!(pw = si->pw_data))
+     return;
+ 
[email protected]@ -1269,7 +1853,13 @@ cleanup_passwd_window (saver_info *si)
+ 
+   memset (pw->typed_passwd, 0, sizeof(pw->typed_passwd));
+   memset (pw->typed_passwd_char_size, 0, sizeof(pw->typed_passwd_char_size));
+-  memset (pw->passwd_string, 0, strlen(pw->passwd_string));
++  if (pw->passwd_string)
++    {
++      memset (pw->passwd_string, 0, strlen(pw->passwd_string));
++      free (pw->passwd_string);
++      pw->passwd_string = NULL;
++    }
++
+ 
+   if (pw->timer)
+     {
[email protected]@ -1292,8 +1882,10 @@ destroy_passwd_window (saver_info *si)
+   passwd_dialog_data *pw = si->pw_data;
+   saver_screen_info *ssi = pw->prompt_screen;
+   Colormap cmap = DefaultColormapOfScreen (ssi->screen);
++#ifndef HAVE_XSCREENSAVER_LOCK
+   Pixel black = BlackPixelOfScreen (ssi->screen);
+   Pixel white = WhitePixelOfScreen (ssi->screen);
++#endif
+   XEvent event;
+ 
+   cleanup_passwd_window (si);
[email protected]@ -1309,6 +1901,81 @@ destroy_passwd_window (saver_info *si)
+       si->cached_passwd = NULL;
+     }
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* reset global flag to indicate passwd dialog is no longer there */
++  g_passwd_dialog_created = False;
++
++  if (si->external_passwd)
++    {
++      /* kill the child etc. */
++      write_to_child (si, "cmd_exit", NULL);
++
++      if (pw->stdin_file)
++        fclose (pw->stdin_file);
++      if (pw->stdin_fd != -1)
++        close_and_invalidate (&pw->stdin_fd);
++      if (pw->stdout_input_id)
++        XtRemoveInput (pw->stdout_input_id);
++      if (pw->stdout_file)
++        fclose (pw->stdout_file);
++      else if (pw->stdout_fd != -1)
++        close_and_invalidate (&pw->stdout_fd);
++
++      if (si->passwd_pid)
++        {
++          kill_job (si, si->passwd_pid, SIGTERM);
++          si->passwd_pid = 0;
++        }
++
++      free (si->raise_wins);
++      si->raise_wins = NULL;
++      si->num_raise_wins = 0;
++      si->max_raise_wins = 0;
++
++      if (si->override_wins)
++        {
++          int n;
++
++          unsigned long valuemask = CWOverrideRedirect;
++          XSetWindowAttributes setwinattr;
++          setwinattr.override_redirect = False;
++
++          for (n = 0; n < si->num_override_wins; n++)
++            {
++              XChangeWindowAttributes (si->dpy, si->override_wins[n],
++                                       valuemask, &setwinattr);
++            }
++          free(si->override_wins);
++          si->override_wins = NULL;
++        }
++      si->num_override_wins = 0;
++      si->max_override_wins = 0;
++
++      si->pw_data->got_windowid = False;
++      si->external_passwd = False;
++
++      /* restore any metacity keys we temporarily disabled */
++      if (client)
++        {
++          if (global_switch_key)
++            {
++              gconf_client_set_string (client, switch_windows_gconf_key,
++                                       global_switch_key, NULL);
++              g_free(global_switch_key);
++              global_switch_key = NULL;
++            }
++
++          if (global_menu_key)
++            {
++              gconf_client_set_string (client, main_menu_gconf_key,
++                                       global_menu_key, NULL);
++              g_free(global_menu_key);
++              global_menu_key = NULL;
++            }
++        }
++    }
++#endif /* HAVE_XSCREENSAVER_LOCK */
++
+   move_mouse_grab (si, RootWindowOfScreen (ssi->screen),
+                    ssi->cursor, ssi->number);
+ 
[email protected]@ -1343,7 +2010,14 @@ destroy_passwd_window (saver_info *si)
+         fprintf (stderr, "%s: %d: destroying password dialog.\n",
+                  blurb(), pw->prompt_screen->number);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++      /* Ignore X error if window was already closed by the child,
++         and make sure any VisibilityNotify events are removed
++         from the event queue before we forget the window id. */
++      safe_XDestroyWindow (si->dpy, si->passwd_dialog);
++#else
+       XDestroyWindow (si->dpy, si->passwd_dialog);
++#endif
+       si->passwd_dialog = 0;
+     }
+   
[email protected]@ -1354,6 +2028,7 @@ destroy_passwd_window (saver_info *si)
+       pw->save_under = 0;
+     }
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+   if (pw->heading_label) free (pw->heading_label);
+   if (pw->body_label)    free (pw->body_label);
+   if (pw->user_label)    free (pw->user_label);
[email protected]@ -1404,6 +2079,7 @@ destroy_passwd_window (saver_info *si)
+       pw->logo_pixels = 0;
+       pw->logo_npixels = 0;
+     }
++#endif /* ! HAVE_XSCREENSAVER_LOCK */
+ 
+   if (pw->save_under)
+     XFreePixmap (si->dpy, pw->save_under);
[email protected]@ -1411,9 +2087,12 @@ destroy_passwd_window (saver_info *si)
+   if (cmap)
+     XInstallColormap (si->dpy, cmap);
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
++  /* si->pw_data is globally allocated and never freed when HAVE_XSS_LOCK */
+   memset (pw, 0, sizeof(*pw));
+   free (pw);
+   si->pw_data = 0;
++#endif
+ }
+ 
+ 
[email protected]@ -1426,6 +2105,49 @@ ignore_all_errors_ehandler (Display *dpy, XErrorEvent *error)
+   return 0;
+ }
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++/* Catch errors from XRestackWindows, since there's an inherent race
++   condition in which other clients can destroy windows between when
++   we get the notification event and when we send the RestackWindows
++   response to it. */
++static Bool
++safe_XRestackWindows(Display *dpy, Window windows[], int nwindows)
++{
++  XErrorHandler old_handler;
++  XSync (dpy, False);
++  error_handler_hit_p = False;
++  old_handler = XSetErrorHandler (ignore_all_errors_ehandler);
++
++  XRestackWindows (dpy, windows, nwindows);
++
++  XSync (dpy, False);
++  XSetErrorHandler (old_handler);
++  XSync (dpy, False);
++
++  return (!error_handler_hit_p);
++}
++
++static Bool
++safe_XSendEvent(Display *dpy, Window w, Bool propagate,
++                long event_mask, XEvent *event_send)
++{
++  Status status;
++  XErrorHandler old_handler;
++  XSync (dpy, False);
++  error_handler_hit_p = False;
++  old_handler = XSetErrorHandler (ignore_all_errors_ehandler);
++
++  status = XSendEvent (dpy, w, propagate, event_mask, event_send);
++
++  XSync (dpy, False);
++  XSetErrorHandler (old_handler);
++  XSync (dpy, False);
++
++  return (!error_handler_hit_p && status);
++}
++
++#endif
++
+ 
+ #ifdef HAVE_XHPDISABLERESET
+ /* This function enables and disables the C-Sh-Reset hot-key, which
[email protected]@ -1627,6 +2349,17 @@ passwd_animate_timer (XtPointer closure, XtIntervalId *id)
+ 
+   if (!pw) return;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* We want to make sure dialog is up before we update countdown timer */
++  if (!si->passwd_dialog)
++    {
++      if (si->prefs.verbose_p)
++        fprintf (stderr,
++                 "-->passwd_animate_timer() returning..no dialog yet\n");
++      return;
++    }
++#endif
++
+   pw->ratio -= (1.0 / ((double) si->prefs.passwd_timeout / (double) tick));
+   if (pw->ratio < 0)
+     {
[email protected]@ -1646,6 +2379,7 @@ passwd_animate_timer (XtPointer closure, XtIntervalId *id)
+   idle_timer ((XtPointer) si, 0);
+ }
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+ 
+ static XComposeStatus *compose_status;
+ 
[email protected]@ -1723,6 +2457,7 @@ finished_typing_passwd (saver_info *si, passwd_dialog_data *pw)
+       update_passwd_window (si, "", pw->ratio);
+     }
+ }
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+ 
+ static void
+ handle_passwd_key (saver_info *si, XKeyEvent *event)
[email protected]@ -1730,7 +2465,8 @@ handle_passwd_key (saver_info *si, XKeyEvent *event)
+   passwd_dialog_data *pw = si->pw_data;
+   unsigned char decoded [MAX_BYTES_PER_CHAR * 10]; /* leave some slack */
+   KeySym keysym = 0;
+-
++#ifndef HAVE_XSCREENSAVER_LOCK
++ 
+   /* XLookupString may return more than one character via XRebindKeysym;
+      and on some systems it returns multi-byte UTF-8 characters (contrary
+      to its documentation, which says it returns only Latin1.)
[email protected]@ -1764,11 +2500,40 @@ handle_passwd_key (saver_info *si, XKeyEvent *event)
+ 
+   decoded[decoded_size] = 0;
+   pw->passwd_changed_p = True;
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+ 
+   /* Add 10% to the time remaining every time a key is pressed. */
+   pw->ratio += 0.1;
+   if (pw->ratio > 1) pw->ratio = 1;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  if (si->pw_data->got_windowid)
++    {
++      Bool status;
++
++      if (si->prefs.verbose_p)
++        fprintf (stderr, "event loop..gotwindowid..and keypress event...\n");
++
++      event->window = si->passwd_dialog;
++
++      status = safe_XSendEvent (si->dpy, si->passwd_dialog,
++                                False, KeyPressMask, (XEvent *) event);
++
++      if (si->prefs.verbose_p)
++        {
++          if (status)
++            fprintf (stderr, "sent key...\n");
++          else
++            fprintf (stderr, "error %d sending key...\n", status);
++        }
++      update_passwd_window (si, NULL, pw->ratio);
++    }
++  else
++    {
++      swallow_unlock_typeahead_events (si, (XEvent *) event);
++    }
++
++#else /* !HAVE_XSCREENSAVER_LOCK */
+   if (decoded_size == 1)		/* Handle single-char commands */
+     {
+       switch (*decoded)
[email protected]@ -1858,6 +2623,7 @@ handle_passwd_key (saver_info *si, XKeyEvent *event)
+     {
+       update_passwd_window (si, "", pw->ratio);
+     }
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+ }
+ 
+ 
[email protected]@ -1880,7 +2646,9 @@ passwd_event_loop (saver_info *si)
+ 
+   passwd_animate_timer ((XtPointer) si, 0);
+ 
+-  while (si->unlock_state == ul_read)
++  si->pw_data->got_passwd = FALSE;
++
++  while (si->unlock_state == ul_read && si->pw_data->got_passwd == FALSE)
+     {
+       XtAppNextEvent (si->app, &event.x_event);
+ 
[email protected]@ -1921,12 +2689,17 @@ passwd_event_loop (saver_info *si)
+ 
+       if (event.x_event.xany.window == si->passwd_dialog && 
+           event.x_event.xany.type == Expose)
++#ifdef HAVE_XSCREENSAVER_LOCK
++	XtDispatchEvent (&event.x_event);
++#else
+ 	draw_passwd_window (si);
++#endif /* !HAVE_XSCREENSAVER_LOCK */
+       else if (event.x_event.xany.type == KeyPress)
+         {
+           handle_passwd_key (si, &event.x_event.xkey);
+           si->pw_data->caps_p = (event.x_event.xkey.state & LockMask);
+         }
++#ifndef HAVE_XSCREENSAVER_LOCK
+       else if (event.x_event.xany.type == ButtonPress || 
+                event.x_event.xany.type == ButtonRelease)
+ 	{
[email protected]@ -1935,6 +2708,82 @@ passwd_event_loop (saver_info *si)
+ 	  if (si->pw_data->login_button_p)
+ 	    handle_login_button (si, &event.x_event);
+ 	}
++#endif /* !HAVE_XSCREENSAVER_LOCK */
++
++ /*
++  5077974 P1 "Bug 147583: Screen Lock unlocks because of GOK dwell movement in
++		core pointer mode"
++
++  ScreenLock did not unlock the screen, but WM's XRestackWindow() did.
++  Once WM/metacity fixes the problem, the code can be removed.
++  The problem:
++    repositioning the Wids in the wrong positions when
++    1. the window type is changed from NORMAL to DOCK or vice versa
++    2. the Wid is managed
++    within the X window stack with or without screen-lock in a mixed Wids
++  there are two temp. get-around solutions:
++    1. non-managed GOK or MAG Wid
++    or
++    2. screensaver picks up the WM's restacking task and fixes the prevous
++       restacking problem.
++       the cons: there is a flashing screen when corepointer is touching
++       GOK or MAG and mouse is moved in a fast way
++       when GOK or MAG window type is DOCK only.
++       and it is not a good temp. get-around solution.
++       This is the only choice if WM did not want to fix the problem now
++       and AT group did not want to use non-managed Wids.
++       Now, GOK only supports 2nd USB/mouse/Dwell, corepointer is supposed
++       not to be used, and GOK cannot disable it
++ */
++/*
++     bugid 6769901,6839026: popup windows appearing through xscreensaver
++*/
++      else if (((event.x_event.xany.type == UnmapNotify)
++             || (event.x_event.xany.type == MapNotify)
++             || (event.x_event.xany.type == VisibilityNotify)
++             || (event.x_event.xany.type == ConfigureNotify)
++             || (event.x_event.xany.type == PropertyNotify)
++             || (event.x_event.xany.type == CreateNotify)
++             || (event.x_event.xany.type == ReparentNotify))
++             && (si->passwd_dialog))
++        {
++          /* Find the handle of popup window
++           * Note: we can not get handle of popup window with
++           * event.xany.window, thats why we have switch cases.
++           */
++          Window wPopWin = 0;
++
++          switch(event.x_event.xany.type)
++            {
++            case ConfigureNotify:
++              wPopWin = event.x_event.xconfigure.window;
++              break;
++            case CreateNotify:
++              wPopWin = event.x_event.xcreatewindow.window;
++              break;
++            case VisibilityNotify:
++              wPopWin = event.x_event.xvisibility.window;
++              break;
++            default:
++              break;
++            }
++
++          if (wPopWin)
++            {
++              saver_screen_info *ssi = find_screen_for_window (si, wPopWin);
++
++              /* This if case is for safety, it prevent screensaver stuck in
++               * loop of ConfigureNotify
++               */
++              if ((wPopWin != si->passwd_dialog) && (ssi != NULL) &&
++                  (wPopWin != ssi->screensaver_window) &&
++                  (wPopWin != ssi->stderr_overlay_window))
++                {
++                  restack_my_windows(si, ssi, wPopWin);
++                }
++            }
++        }
++        /* the above new code for restacking under the condition */
+       else
+ 	XtDispatchEvent (&event.x_event);
+     }
[email protected]@ -1960,8 +2809,13 @@ passwd_event_loop (saver_info *si)
+ 
+   if (msg)
+     {
++#ifdef HAVE_XSCREENSAVER_LOCK
++      write_to_child (si, "ul_message", msg);
++      usleep (250000);  /* 1/4 second */
++#else
+       si->pw_data->i_beam = 0;
+       update_passwd_window (si, msg, 0.0);
++#endif
+       XSync (si->dpy, False);
+ 
+       /* Swallow all pending KeyPress/KeyRelease events. */
[email protected]@ -1977,6 +2831,10 @@ passwd_event_loop (saver_info *si)
+ static void
+ handle_typeahead (saver_info *si)
+ {
++/* HAVE_XSCREENSAVER_LOCK: typeahead events are flushed to the external
++   dialog program in handle_passwd_input when we get the dialog_win notice
++   that it has created the window */
++#ifndef HAVE_XSCREENSAVER_LOCK
+   passwd_dialog_data *pw = si->pw_data;
+   int i;
+   if (!si->unlock_typeahead)
[email protected]@ -2004,6 +2862,7 @@ handle_typeahead (saver_info *si)
+ 
+   free (si->unlock_typeahead);
+   si->unlock_typeahead = 0;
++#endif
+ }
+ 
+ 
[email protected]@ -2109,9 +2968,11 @@ gui_auth_conv(int num_msg,
+ 	  free(prompt_trimmed);
+       }
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+       compose_status = calloc (1, sizeof (*compose_status));
+       if (!compose_status)
+ 	goto fail;
++#endif
+ 
+       si->unlock_state = ul_read;
+ 
[email protected]@ -2121,7 +2982,14 @@ gui_auth_conv(int num_msg,
+       if (si->unlock_state == ul_cancel)
+ 	goto fail;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++      if ((si->unlock_state != ul_time) && si->pw_data->passwd_string)
++        responses[i].response = strdup (si->pw_data->passwd_string);
++      else
++        goto fail;
++#else
+       responses[i].response = strdup(si->pw_data->typed_passwd);
++#endif
+ 
+       /* Cache the first response to a PROMPT_NOECHO to save prompting for
+        * each auth mechanism. */
[email protected]@ -2129,8 +2997,10 @@ gui_auth_conv(int num_msg,
+ 	  auth_msgs[i].type == AUTH_MSGTYPE_PROMPT_NOECHO)
+ 	si->cached_passwd = strdup(responses[i].response);
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+       free (compose_status);
+       compose_status = 0;
++#endif
+     }
+ 
+   *resp = responses;
[email protected]@ -2138,9 +3008,11 @@ gui_auth_conv(int num_msg,
+   return (si->unlock_state == ul_finished) ? 0 : -1;
+ 
+ fail:
++#ifndef HAVE_XSCREENSAVER_LOCK
+   if (compose_status)
+     free (compose_status);
+   compose_status = 0;
++#endif
+ 
+   if (responses)
+     {
[email protected]@ -2196,11 +3068,14 @@ auth_finished_cb (saver_info *si)
+       if (XPending (si->dpy))
+         {
+           XNextEvent (si->dpy, &event);
++#ifndef HAVE_XSCREENSAVER_LOCK
+           if (event.xany.window == si->passwd_dialog && 
+               event.xany.type == Expose)
+             draw_passwd_window (si);
+-          else if (event.xany.type == ButtonPress || 
+-                   event.xany.type == KeyPress)
++          else
++#endif
++            if (event.xany.type == ButtonPress ||
++                event.xany.type == KeyPress)
+             break;
+           XSync (si->dpy, False);
+         }
+diff --git a/driver/passwd-pam.c b/driver/passwd-pam.c
+--- a/driver/passwd-pam.c
++++ b/driver/passwd-pam.c
[email protected]@ -39,10 +39,16 @@
+ #ifndef NO_LOCKING  /* whole file */
+ 
+ #include <stdlib.h>
++#include <xscreensaver-intl.h>
++
+ #ifdef HAVE_UNISTD_H
+ # include <unistd.h>
+ #endif
+ 
++#ifdef __sun
++# include <deflt.h>
++#endif
++
+ extern char *blurb(void);
+ 
+ 
[email protected]@ -58,6 +64,7 @@ extern char *blurb(void);
+ 
+ #include <sys/stat.h>
+ 
++#include "dialog-data.h"
+ #include "auth.h"
+ 
+ extern sigset_t block_sigchld (void);
[email protected]@ -82,7 +89,10 @@ extern void unblock_sigchld (void);
+ #endif
+ 
+ static int pam_conversation (int nmsgs,
+-                             const struct pam_message **msg,
++#ifndef __sun
++                             const
++#endif
++                             struct pam_message **msg,
+                              struct pam_response **resp,
+                              void *closure);
+ 
[email protected]@ -183,6 +193,11 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+   struct pam_conv pc;
+   sigset_t set;
+   struct timespec timeout;
++  int pam_auth_status = 0;  /* Specific for pam_authenticate() status*/
++  int acct_rc, setcred_rc, chauth_rc;
++  int pam_flags = 0;
++
++  uid_t euid = geteuid();
+ 
+   pc.conv = &pam_conversation;
+   pc.appdata_ptr = (void *) si;
[email protected]@ -191,6 +206,23 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+      `closure' argument to pc.conv always comes in as random garbage. */
+   suns_pam_implementation_blows = (void *) si;
+ 
++#ifdef __sun
++  if (verbose_p)
++    fprintf (stderr, "Before uid=%d euid=%d \n\n", getuid(), geteuid());
++
++  if (seteuid (0) != 0)
++    {
++      if (verbose_p)
++        perror("Could not change euid to root, pam may not work!\n");
++    }
++
++  if (verbose_p)
++    {
++      fprintf (stderr, "After seteuid(0) uid=%d euid=%d \n\n",
++               getuid(), geteuid());
++      fprintf (stderr, "PAM is using SERVICE_NAME=\"%s\"\n\n", service);
++    }
++#endif
+ 
+   /* Initialize PAM.
+    */
[email protected]@ -201,11 +233,35 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+              status, PAM_STRERROR (pamh, status));
+   if (status != PAM_SUCCESS) goto DONE;
+ 
++#ifdef __sun
++  /* Check /etc/default/login to see if we should add
++     PAM_DISALLOW_NULL_AUTHTOK to pam_flags */
++  if (defopen("/etc/default/login") == 0) {
++    char *ptr;
++    int flags = defcntl(DC_GETFLAGS, 0);
++
++    TURNOFF(flags, DC_CASE);
++    (void) defcntl(DC_SETFLAGS, flags);
++    if ((ptr = defread("PASSREQ=")) != NULL &&
++        strcasecmp("YES", ptr) == 0)
++      {
++        pam_flags |= PAM_DISALLOW_NULL_AUTHTOK;
++      }
++
++    (void) defopen((char *)NULL); /* close current file */
++  }
++#endif
++
+   /* #### We should set PAM_TTY to the display we're using, but we
+      don't have that handy from here.  So set it to :0.0, which is a
+      good guess (and has the bonus of counting as a "secure tty" as
+      far as PAM is concerned...)
+    */
++
++/* From the pam trace and log file, it is found out that the
++   Sun pam modules can drive itself.
++*/
++#ifndef __sun
+   {
+     char *tty = strdup (":0.0");
+     status = pam_set_item (pamh, PAM_TTY, tty);
[email protected]@ -214,6 +270,7 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+                blurb(), tty, status, PAM_STRERROR(pamh, status));
+     free (tty);
+   }
++#endif
+ 
+   /* Try to authenticate as the current user.
+      We must turn off our SIGCHLD handler for the duration of the call to
[email protected]@ -243,43 +300,102 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+   timeout.tv_sec = 0;
+   timeout.tv_nsec = 1;
+   set = block_sigchld();
+-  status = pam_authenticate (pamh, 0);
++  pam_auth_status = pam_authenticate (pamh, pam_flags);
+ # ifdef HAVE_SIGTIMEDWAIT
+   sigtimedwait (&set, NULL, &timeout);
+   /* #### What is the portable thing to do if we don't have it? */
+ # endif /* HAVE_SIGTIMEDWAIT */
+   unblock_sigchld();
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  /* Send status message to unlock dialog */
++  if (pam_auth_status == PAM_SUCCESS)
++    {
++      if (verbose_p)
++        write_to_child (si, "ul_ok", PAM_STRERROR (pamh, pam_auth_status));
++    }
++  else if (si->unlock_state != ul_cancel && si->unlock_state != ul_time)
++    {
++      write_to_child (si, "ul_fail", PAM_STRERROR (pamh, pam_auth_status));
++    }
++  if (verbose_p)
++    sleep (1);
++#endif
++
++  if (verbose_p)
++      fprintf (stderr, "after calling pam_authenticate state is: %s\n",
++               si->unlock_state == ul_success ? "ul_success" : "ul_fail");
++
+   if (verbose_p)
+     fprintf (stderr, "%s:   pam_authenticate (...) ==> %d (%s)\n",
+-             blurb(), status, PAM_STRERROR(pamh, status));
++             blurb(), pam_auth_status, PAM_STRERROR(pamh, pam_auth_status));
+ 
+-  if (status == PAM_SUCCESS)  /* Win! */
++  if (pam_auth_status == PAM_SUCCESS)  /* Win! */
+     {
+-      int status2;
++      /* perform PAM account validation procedures for login user only */
++      acct_rc   = pam_acct_mgmt(pamh, pam_flags);
+ 
+-      /* We don't actually care if the account modules fail or succeed,
+-       * but we need to run them anyway because certain pam modules
+-       * depend on side effects of the account modules getting run.
+-       */
+-      status2 = pam_acct_mgmt (pamh, 0);
++      /******************************************************************
++           ignore other cases for the time being
++           PAM_USER_UNKNOWN, PAM_AUTH_ERR, PAM_ACCT_EXPIRED
++           (password mgn service module)
++           same as pam_setcred(), focus on auth. service module only
++       *****************************************************************/
+ 
+       if (verbose_p)
+         fprintf (stderr, "%s:   pam_acct_mgmt (...) ==> %d (%s)\n",
+-                 blurb(), status2, PAM_STRERROR(pamh, status2));
++                 blurb(), acct_rc, PAM_STRERROR(pamh, acct_rc));
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++      /* Send status message to unlock dialog ***/
++      if (acct_rc == PAM_SUCCESS)
++        {
++          if (verbose_p)
++            write_to_child (si, "ul_acct_ok", PAM_STRERROR(pamh, acct_rc));
++        }
++      else
++        write_to_child (si, "ul_acct_fail", PAM_STRERROR(pamh, acct_rc));
++      if (verbose_p)
++        sleep (1);
++#endif
+ 
+       /* HPUX for some reason likes to make PAM defines different from
+        * everyone else's. */
+ #ifdef PAM_AUTHTOKEN_REQD
+-      if (status2 == PAM_AUTHTOKEN_REQD)
++      if (acct_rc == PAM_AUTHTOKEN_REQD)
+ #else
+-      if (status2 == PAM_NEW_AUTHTOK_REQD)
++      if (acct_rc == PAM_NEW_AUTHTOK_REQD)
+ #endif
+         {
+-          status2 = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
++          int i;
++          for (i = 0; i < 3; i++)
++            {
++              chauth_rc  = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
++              if (chauth_rc == PAM_AUTHTOK_ERR ||
++                  chauth_rc  == PAM_TRY_AGAIN )
++                {
++                  i = 0;
++                  si->unlock_state = ul_read;
++                }
++              else break; /* get out of the loop */
++            }
++
+           if (verbose_p)
+             fprintf (stderr, "%s: pam_chauthtok (...) ==> %d (%s)\n",
+-                     blurb(), status2, PAM_STRERROR(pamh, status2));
++                     blurb(), chauth_rc, PAM_STRERROR(pamh, chauth_rc));
++
++          if (chauth_rc != PAM_SUCCESS)
++            {
++              pam_auth_status = chauth_rc;
++              goto DONE;
++            }
++        }
++      else if (acct_rc != PAM_SUCCESS)
++        {
++          pam_auth_status = acct_rc;
++          write_to_child (si, "pw_acct_fail", PAM_STRERROR(pamh, acct_rc));
++          sleep (3);
++          goto DONE;
+         }
+ 
+       /* Each time we successfully authenticate, refresh credentials,
[email protected]@ -291,24 +406,57 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+          says that the Linux PAM library ignores that one, and only refreshes
+          credentials when using PAM_REINITIALIZE_CRED.
+        */
+-      status2 = pam_setcred (pamh, PAM_REINITIALIZE_CRED);
++      setcred_rc = pam_setcred (pamh, PAM_REINITIALIZE_CRED);
+       if (verbose_p)
+         fprintf (stderr, "%s:   pam_setcred (...) ==> %d (%s)\n",
+-                 blurb(), status2, PAM_STRERROR(pamh, status2));
++                 blurb(), setcred_rc, PAM_STRERROR(pamh, setcred_rc));
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++      /* Send status message to unlock dialog ***/
++      if (setcred_rc == PAM_SUCCESS)
++        {
++          if (verbose_p)
++            write_to_child (si, "ul_setcred_ok", PAM_STRERROR(pamh, setcred_rc));
++        }
++      else
++        write_to_child (si, "ul_setcred_fail", PAM_STRERROR(pamh, setcred_rc));
++      if (verbose_p)
++        sleep (1);
++#endif
+     }
+ 
+  DONE:
+   if (pamh)
+     {
+-      int status2 = pam_end (pamh, status);
+-      pamh = 0;
++      int status2 = pam_end (pamh, pam_auth_status);
++      pamh = NULL;
+       if (verbose_p)
+         fprintf (stderr, "%s: pam_end (...) ==> %d (%s)\n",
+                  blurb(), status2,
+                  (status2 == PAM_SUCCESS ? "Success" : "Failure"));
+     }
+ 
+-  if (status == PAM_SUCCESS)
++  if (seteuid (euid) != 0)
++    {
++      if (verbose_p)
++        perror("Error pam could not revert euid to user running as euid root,"
++               " locking may not work now\n");
++    }
++
++  if (verbose_p)
++    fprintf (stderr,
++             "<--end of pam_authenticate() returning ok_to_unblank = %d\n",
++             (int) ((pam_auth_status == PAM_SUCCESS) ? True : False));
++
++  if (si->pw_data->passwd_string)
++    {
++      memset(si->pw_data->passwd_string, 0,
++             strlen(si->pw_data->passwd_string));
++      free (si->pw_data->passwd_string);
++      si->pw_data->passwd_string = NULL;
++    }
++
++  if (pam_auth_status == PAM_SUCCESS)
+     si->unlock_state = ul_success;	     /* yay */
+   else if (si->unlock_state == ul_cancel ||
+            si->unlock_state == ul_time)
[email protected]@ -334,6 +482,13 @@ pam_priv_init (int argc, char **argv, Bool verbose_p)
+   const char file2[] = "/etc/pam.conf";
+   struct stat st;
+ 
++#ifdef __sun
++  if (! verbose_p)      /* SUN addition: only print warnings in verbose mode */
++    {                   /* since they are rarely useful and mostly just      */
++      return True;      /* cause confusion when users see them.		     */
++    }
++#endif
++
+ # ifndef S_ISDIR
+ #  define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
+ # endif
[email protected]@ -360,6 +515,8 @@ pam_priv_init (int argc, char **argv, Bool verbose_p)
+                 break;
+               }
+           fclose (f);
++
++#ifndef __sun  /* disable the misleading message */
+           if (!ok)
+             {
+               fprintf (stderr,
[email protected]@ -367,9 +524,11 @@ pam_priv_init (int argc, char **argv, Bool verbose_p)
+                   "%s: password authentication via PAM is unlikely to work.\n",
+                        blurb(), file2, PAM_SERVICE_NAME, blurb());
+             }
++#endif
+         }
+       /* else warn about file2 existing but being unreadable? */
+     }
++#ifndef __sun  /* disable the misleading message */
+   else
+     {
+       fprintf (stderr,
[email protected]@ -377,15 +536,19 @@ pam_priv_init (int argc, char **argv, Bool verbose_p)
+                "%s: password authentication via PAM is unlikely to work.\n",
+                blurb(), file2, file, blurb());
+     }
++#endif
+ 
+   /* Return true anyway, just in case. */
+   return True;
+ }
+ 
+ 
+-static int
++int
+ pam_conversation (int nmsgs,
+-		  const struct pam_message **msg,
++#ifndef __sun
++                  const
++#endif
++		  struct pam_message **msg,
+ 		  struct pam_response **resp,
+ 		  void *vsaver_info)
+ {
+diff --git a/driver/passwd.c b/driver/passwd.c
+--- a/driver/passwd.c
++++ b/driver/passwd.c
[email protected]@ -35,6 +35,7 @@
+ 
+ #include <X11/Intrinsic.h>
+ 
++#include "dialog-data.h"
+ #include "xscreensaver.h"
+ #include "auth.h"
+ 
+diff --git a/driver/setuid.c b/driver/setuid.c
+--- a/driver/setuid.c
++++ b/driver/setuid.c
[email protected]@ -145,7 +145,10 @@ set_ids_by_number (uid_t uid, gid_t gid, char **message_ret)
+     gid_errno = errno ? errno : -1;
+ 
+   errno = 0;
+-  if (setuid (uid) != 0)
++/*mali  if (setuid (uid) != 0)**we need root privs back at pam_authenticate
++  this is causing to loose root priv for good, not good **/
++
++  if (seteuid (uid) != 0)
+     uid_errno = errno ? errno : -1;
+ 
+   if (uid_errno == 0 && gid_errno == 0 && sgs_errno == 0)
+diff --git a/driver/subprocs.c b/driver/subprocs.c
+--- a/driver/subprocs.c
++++ b/driver/subprocs.c
[email protected]@ -243,7 +243,11 @@ show_job_list (void)
+ 
+ static void clean_job_list (void);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++struct screenhack_job *
++#else
+ static struct screenhack_job *
++#endif
+ make_job (pid_t pid, int screen, const char *cmd)
+ {
+   struct screenhack_job *job = (struct screenhack_job *) malloc (sizeof(*job));
[email protected]@ -407,7 +411,11 @@ unblock_sigchld (void)
+   block_sigchld_handler--;
+ }
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++int
++#else
+ static int
++#endif
+ kill_job (saver_info *si, pid_t pid, int signal)
+ {
+   saver_preferences *p = &si->prefs;
[email protected]@ -590,9 +598,14 @@ describe_dead_child (saver_info *si, pid_t kid, int wait_status)
+ 	 mention them) if we've just killed the subprocess.  But mention them
+ 	 if they happen on their own.
+        */
+-      if (!job ||
+-	  (exit_status != 0 &&
+-	   (p->verbose_p || job->status != job_killed)))
++
++      if ((!job
++#ifdef HAVE_XSCREENSAVER_LOCK
++	   && kid != si->passwd_pid
++#endif /* HAVE_XSCREENSAVER_LOCK */
++	      ) ||
++	   (exit_status != 0 &&
++	    (p->verbose_p || (job && job->status != job_killed))))
+         {
+           /* Don't call fprintf() from signal handlers, as it might malloc.
+ 	  fprintf (stderr,
[email protected]@ -632,8 +645,12 @@ describe_dead_child (saver_info *si, pid_t kid, int wait_status)
+   else if (WIFSIGNALED (wait_status))
+     {
+       if (p->verbose_p ||
+-	  !job ||
+-	  job->status != job_killed ||
++	  (!job
++#ifdef HAVE_XSCREENSAVER_LOCK
++	   && kid != si->passwd_pid
++#endif /* HAVE_XSCREENSAVER_LOCK */
++		  ) ||
++	  (job && job->status != job_killed) ||
+ 	  WTERMSIG (wait_status) != SIGTERM)
+         {
+           /* Don't call fprintf() from signal handlers, as it might malloc.
[email protected]@ -701,12 +718,20 @@ describe_dead_child (saver_info *si, pid_t kid, int wait_status)
+   /* Clear out the pid so that screenhack_running_p() knows it's dead.
+    */
+   if (!job || job->status == job_dead)
++    {
+     for (i = 0; i < si->nscreens; i++)
+       {
+ 	saver_screen_info *ssi = &si->screens[i];
+ 	if (kid == ssi->pid)
+ 	  ssi->pid = 0;
+       }
++#ifdef HAVE_XSCREENSAVER_LOCK
++      if (kid == si->passwd_pid)
++	{
++	  si->passwd_pid = 0;
++	}
++#endif
++    }
+ }
+ 
+ #else  /* VMS */
+diff --git a/driver/timers.c b/driver/timers.c
+--- a/driver/timers.c
++++ b/driver/timers.c
[email protected]@ -47,6 +47,8 @@
+ #endif /* HAVE_RANDR */
+ 
+ #include "xscreensaver.h"
++#include "types.h"
++#include "dialog-data.h"
+ 
+ #undef ABS
+ #define ABS(x)((x)<0?-(x):(x))
[email protected]@ -60,6 +62,11 @@ static Bool proc_interrupts_activity_p (saver_info *si);
+ #endif /* HAVE_PROC_INTERRUPTS */
+ 
+ static void check_for_clock_skew (saver_info *si);
++#ifdef HAVE_XSCREENSAVER_LOCK
++static void watchdog_timer (XtPointer closure, XtIntervalId *id);
++extern Bool g_passwd_dialog_created;
++extern Bool ok_to_unblank;
++#endif
+ 
+ 
+ void
[email protected]@ -255,7 +262,11 @@ cycle_timer (XtPointer closure, XtIntervalId *id)
+        crash.  So, restart the thing once an hour. */
+     how_long = 1000 * 60 * 60;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  if (si->external_passwd)
++#else
+   if (si->dbox_up_p)
++#endif
+     {
+       if (p->verbose_p)
+ 	fprintf (stderr, "%s: dialog box up; delaying hack change.\n",
[email protected]@ -308,7 +319,28 @@ activate_lock_timer (XtPointer closure, XtIntervalId *id)
+ 
+   if (p->verbose_p)
+     fprintf (stderr, "%s: timed out; activating lock.\n", blurb());
+-  set_locked_p (si, True);
++
++  if (si->locked_p)
++    {
++      if (p->verbose_p)
++        fprintf (stderr,
++          "-->activate_lock_timer returning because screen already locked\n");
++      return;
++    }
++
++  /* Make sure screen is blanked before posting dialog box */
++  if (si->screen_blanked_p)
++    {
++      set_locked_p (si, True);
++      ok_to_unblank = unlock_p (si);
++      if (ok_to_unblank == True)
++        {
++          set_locked_p(si,False);
++          unblank_screen(si);
++        }
++    }
++  else /* blanking of screen failed reset lock flag */
++    set_locked_p (si, False);
+ }
+ 
+ 
[email protected]@ -587,14 +619,30 @@ dispatch_event (saver_info *si, XEvent *event)
+ }
+ 
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++void /* called from lock.c */
++#else
+ static void
++#endif
+ swallow_unlock_typeahead_events (saver_info *si, XEvent *e)
+ {
+   XEvent event;
+   char buf [100];
+   int i = 0;
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++  if (!si->typeahead_events)
++    {
++      /* Allocate enough space for 10 keys to be queued - if we get more
++         than that before the dialog is ready, it's most likely the user
++         left something sitting on the keyboard, and won't want them. */
++      si->typeahead_events = calloc(10, sizeof(XKeyEvent));
++      if (si->typeahead_events == NULL)
++        return;
++    }
++#else
+   memset (buf, 0, sizeof(buf));
++#endif
+ 
+   event = *e;
+ 
[email protected]@ -607,10 +655,12 @@ swallow_unlock_typeahead_events (saver_info *si, XEvent *e)
+           if (size != 1) continue;
+           switch (*s)
+             {
++#ifndef HAVE_XSCREENSAVER_LOCK /* Let these be queued with the rest */
+             case '\010': case '\177':			/* Backspace */
+               if (i > 0) i--;
+               break;
+             case '\025': case '\030':			/* Erase line */
++#endif
+             case '\012': case '\015':			/* Enter */
+             case '\033':				/* ESC */
+               i = 0;
[email protected]@ -620,7 +670,17 @@ swallow_unlock_typeahead_events (saver_info *si, XEvent *e)
+                 break;  /* ignore space at beginning of line */
+               /* else, fall through */
+             default:
++#ifdef HAVE_XSCREENSAVER_LOCK
++              /* Queue events to replay once dialog is ready */
++              if (si->num_typeahead_events < 10)
++                memcpy (&si->typeahead_events[si->num_typeahead_events++],
++                        &event, sizeof(XKeyEvent));
++              else
++                XBell (si->dpy, 0);
++              i = 1; /* so that spaces are accepted after the beginning */
++#else
+               buf [i++] = *s;
++#endif
+               break;
+             }
+         }
[email protected]@ -628,6 +688,7 @@ swallow_unlock_typeahead_events (saver_info *si, XEvent *e)
+     } while (i < sizeof(buf)-1 &&
+              XCheckMaskEvent (si->dpy, KeyPressMask, &event));
+ 
++#ifndef HAVE_XSCREENSAVER_LOCK
+   buf[i] = 0;
+ 
+   if (si->unlock_typeahead)
[email protected]@ -642,6 +703,7 @@ swallow_unlock_typeahead_events (saver_info *si, XEvent *e)
+     si->unlock_typeahead = 0;
+ 
+   memset (buf, 0, sizeof(buf));
++#endif /* HAVE_XSCREENSAVER_LOCK */
+ }
+ 
+ 
[email protected]@ -824,6 +886,7 @@ sleep_until_idle (saver_info *si, Bool until_idle_p)
+ 	if (handle_clientmessage (si, &event.x_event, until_idle_p))
+           {
+             why = "ClientMessage";
++            si->emergency_lock_p = True;
+             goto DONE;
+           }
+ 	break;
[email protected]@ -838,6 +901,47 @@ sleep_until_idle (saver_info *si, Bool until_idle_p)
+ 	  }
+ 	break;
+ 
++      case VisibilityNotify:
++      {
++        int k;
++
++        if (p->debug_p)
++          {
++            fprintf (stderr,
++                     "************************************\n"
++                     "-->sleep_until_idle() event:VisibilityNotify\n"
++                     "\t Window of VisibilityNotify:%x\n"
++                     "\t until_idle_p=%d g_passwd_dialog_created=%d\n",
++                     event.x_event.xvisibility.window,
++                     until_idle_p, g_passwd_dialog_created);
++            fflush(stderr);
++          }
++
++        /* Don't raise root window when passwd dialog wants to come up */
++        if (g_passwd_dialog_created == 0 && !until_idle_p)
++          {
++            if (event.x_event.xvisibility.state != VisibilityUnobscured)
++              {
++                for (k = 0; k < si->nscreens; k++)
++                  {
++                    saver_screen_info *ssi = &si->screens[k];
++                    XClearWindow (si->dpy, ssi->screensaver_window);
++                    clear_stderr (ssi);
++                    XMapRaised (si->dpy, ssi->screensaver_window);
++                  }
++                if (p->debug_p)
++                  {
++                    fprintf (stderr,
++                             "A window is trying to popup.\n"
++                             "Raising saver root Window.\n"
++                             "************************************\n");
++                    fflush(stderr);
++                  }
++              }
++          }
++        break;
++      }
++
+       case KeyPress:
+       case ButtonPress:
+       /* Ignore release events so that hitting ESC at the password dialog
[email protected]@ -1457,7 +1561,11 @@ watchdog_timer (XtPointer closure, XtIntervalId *id)
+     {
+       Bool running_p = screenhack_running_p (si);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++      if (si->external_passwd)
++#else
+       if (si->dbox_up_p)
++#endif
+         {
+           if (si->prefs.debug_p)
+             fprintf (stderr, "%s: dialog box is up: not raising screen.\n",
+diff --git a/driver/types.h b/driver/types.h
+--- a/driver/types.h
++++ b/driver/types.h
[email protected]@ -250,12 +250,30 @@ struct saver_info {
+ 
+   int unlock_failures;		/* Counts failed login attempts while the
+ 				   screen is locked. */
++#ifdef HAVE_XSCREENSAVER_LOCK
++  Window *raise_wins;		/* List of windows to raise above the	*/
++  int num_raise_wins;		/*  virtual root/hack display, such as	*/
++  int max_raise_wins;		/*  accessibility helpers		*/
++
++  Window *override_wins;        /* Windows we had to unset the          */
++  int num_override_wins;        /*  override_redirect attribute on and  */
++  int max_override_wins;        /*  need to restore it on after unlock. */
++
++
++  pid_t passwd_pid;             /* The pid of the password dialog child if we
++                                   are running an external process for it. */
++  Bool external_passwd;
++
++  XKeyEvent *typeahead_events;	/* Like unlock_typeahead, but as raw events */
++  int num_typeahead_events;
++#else
+ 
+   char *unlock_typeahead;	/* If the screen is locked, and the user types
+                                    a character, we assume that it is the first
+                                    character of the password.  It's stored here
+                                    for the password dialog to use to populate
+                                    itself. */
++#endif /* HAVE_XSCREENSAVER_LOCK */
+ 
+   char *user;			/* The user whose session is locked. */
+   char *cached_passwd;		/* Cached password, used to avoid multiple
+diff --git a/driver/windows.c b/driver/windows.c
+--- a/driver/windows.c
++++ b/driver/windows.c
[email protected]@ -1081,8 +1081,12 @@ safe_XConfigureWindow (Display *dpy, Window window,
+   return (!error_handler_hit_p);
+ }
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++Bool
++#else
+ /* This might not be necessary, but just in case. */
+ static Bool
++#endif
+ safe_XDestroyWindow (Display *dpy, Window window)
+ {
+   XErrorHandler old_handler;
[email protected]@ -1096,6 +1100,14 @@ safe_XDestroyWindow (Display *dpy, Window window)
+   XSetErrorHandler (old_handler);
+   XSync (dpy, False);
+ 
++  /* clear any queued VisibilityNotify events so we don't cause XErrors
++     later when we try to process them and find the windowid is invalid */
++  XEvent event;
++  while (XCheckWindowEvent(dpy, window, VisibilityChangeMask, &event))
++    {
++      /* discard event */ ;
++    }
++
+   return (!error_handler_hit_p);
+ }
+ 
[email protected]@ -1210,6 +1222,7 @@ initialize_screensaver_window_1 (saver_screen_info *ssi)
+    */
+   attrs.event_mask = (KeyPressMask | KeyReleaseMask |
+ 		      ButtonPressMask | ButtonReleaseMask |
++		      VisibilityChangeMask |
+ 		      PointerMotionMask);
+ 
+   attrs.backing_store = NotUseful;
[email protected]@ -1481,6 +1494,9 @@ raise_window (saver_info *si,
+   saver_preferences *p = &si->prefs;
+   int i;
+ 
++  if (p->verbose_p)
++      fprintf(stderr,"-->raise_window()\n");
++
+   if (si->demoing_p)
+     inhibit_fade = True;
+ 
[email protected]@ -1695,6 +1711,9 @@ unblank_screen (saver_info *si)
+   Bool unfade_p = (si->fading_possible_p && p->unfade_p);
+   int i;
+ 
++  if (p->verbose_p)
++      fprintf(stderr,"-->unblank_screen()\n");
++
+   monitor_power_on (si, True);
+   reset_watchdog_timer (si, False);
+ 
[email protected]@ -1983,7 +2002,7 @@ select_visual (saver_screen_info *ssi, const char *visual_name)
+       maybe_transfer_grabs (ssi, old_w, ssi->screensaver_window, ssi->number);
+ 
+       /* Now we can destroy the old window without horking our grabs. */
+-      XDestroyWindow (si->dpy, old_w);
++      safe_XDestroyWindow (si->dpy, old_w);
+ 
+       if (p->verbose_p)
+ 	fprintf (stderr, "%s: %d: destroyed old saver window 0x%lx.\n",
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -156,6 +156,8 @@
+ #include <X11/StringDefs.h>
+ #include <X11/Shell.h>
+ #include <X11/Xos.h>
++#include <gconf/gconf-client.h>
++#include <glib.h>
+ #include <time.h>
+ #include <sys/time.h>
+ #include <netdb.h>	/* for gethostbyname() */
[email protected]@ -217,6 +219,7 @@
+ #endif /* HAVE_RANDR */
+ 
+ 
++#include "dialog-data.h"
+ #include "xscreensaver.h"
+ #include "version.h"
+ #include "yarandom.h"
[email protected]@ -228,11 +231,28 @@
+ 
+ saver_info *global_si_kludge = 0;	/* I hate C so much... */
+ 
++/* Globals */
++Bool ok_to_unblank = False;
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++/* Global storage for gtk passwd lock dialog
++ * we assign this to si->pw_data and this is needed
++ * to set user/passwd labels on gtk lock dialog by
++ * pam conv function.
++ */
++passwd_dialog_data mygtkpwd;
++passwd_dialog_data *ptr_mygtkpwd = &mygtkpwd;
++#endif
++
+ char *progname = 0;
+ char *progclass = 0;
+ XrmDatabase db = 0;
+ 
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++Atom XA_UNLOCK_RATIO;
++#endif
++
+ 
+ static XrmOptionDescRec options [] = {
+ 
[email protected]@ -630,6 +650,9 @@ connect_to_server (saver_info *si, int *argc, char **argv)
+ 	{ &XA_XSETROOT_ID, "_XSETROOT_ID" },
+ 	{ &XA_ESETROOT_PMAP_ID, "ESETROOT_PMAP_ID" },
+ 	{ &XA_XROOTPMAP_ID, "_XROOTPMAP_ID" },
++#ifdef HAVE_XSCREENSAVER_LOCK
++	{ &XA_UNLOCK_RATIO, "UNLOCK_RATIO" },
++#endif
+ 	{ NULL, NULL } /* Must be last to terminate list */
+       };
+     const struct atom_request *atom_lists[3] = { NULL, NULL, NULL };
[email protected]@ -1105,8 +1128,36 @@ static void
+ main_loop (saver_info *si)
+ {
+   saver_preferences *p = &si->prefs;
+-  Bool ok_to_unblank;
++  /* Bool ok_to_unblank; made this a global flag, gets set in timers.c */
+   int i;
++  const char *modulesptr = NULL;
++
++/*
++** CR4784055(P1)locked-screen dialog is inaccessible to Gnopernicus
++** voice for each type-in char in the password field of
++** pop-up dialog
++*/
++
++  /* BUG #6573182
++  ** g_type_init should be done before calling gconf_client routines
++  ** so that xscreensaver does not dump core if gconf daemon is not running.
++  */
++  g_type_init ();
++
++  /*
++  ** 6395649 at-spi-registryd starts when screen is locked even
++  ** when accessible device support is off(SR)
++  ** per AT core gp suggestion
++  ** GTK_MODULES is set only if at support is enabled
++  */
++
++  if (gconf_client_get_bool(gconf_client_get_default(),
++			    "/desktop/gnome/interface/accessibility", NULL))
++    {
++      modulesptr = getenv ("GTK_MODULES");
++      if (!modulesptr || modulesptr [0] == '\0')
++	putenv ("GTK_MODULES=gail:atk-bridge");
++    }
+ 
+   while (1)
+     {
[email protected]@ -1137,6 +1188,17 @@ main_loop (saver_info *si)
+             fprintf (stderr, "%s: idle with blanking disabled at %s.\n",
+                      blurb(), timestring());
+ 
++          /* 6221109 Changing mode from disable to anything else,
++             doesn't lock screen.
++
++             This is Disable Screen Saver mode, in this mode we dont lock
++             screen, but si->locked_p is already set to True, since someone
++             tried to lock screen, reset it to False, else when we change
++             mode from disable and try to lock screen, xscreensaver thinks
++             screen is already locked and doesnt lock screen anymore.
++           */
++          set_locked_p (si, False);
++
+           /* Go around the loop and wait for the next bout of idleness,
+              or for the init file to change, or for a remote command to
+              come in, or something.
[email protected]@ -1198,6 +1260,7 @@ main_loop (saver_info *si)
+                        blurb());
+ 
+               schedule_wakeup_event (si, retry, p->debug_p);
++              set_locked_p(si, False);
+               continue;
+             }
+         }
[email protected]@ -1263,7 +1326,17 @@ main_loop (saver_info *si)
+             p->lock_p &&                /* and locking is enabled */
+             !si->locking_disabled_p &&  /* and locking is possible */
+             lock_timeout == 0)          /* and locking is not timer-deferred */
+-          set_locked_p (si, True);      /* then lock right now. */
++          {
++           if (p->debug_p)
++             fprintf(stderr, "going to lock screen B\n");
++           set_locked_p (si, True);      /* then lock right now. */
++           ok_to_unblank = unlock_p(si);
++           if (ok_to_unblank == True)
++             {
++               set_locked_p (si, False);
++               goto DONE;
++             }
++          }
+ 
+         /* locked_p might be true already because of the above, or because of
+            the LOCK ClientMessage.  But if not, and if we're supposed to lock
[email protected]@ -1278,10 +1351,7 @@ main_loop (saver_info *si)
+       }
+ #endif /* !NO_LOCKING */
+ 
+-
+-      ok_to_unblank = True;
+       do {
+-
+         check_for_leaks ("blanked A");
+ 	sleep_until_idle (si, False);		/* until not idle */
+         check_for_leaks ("blanked B");
[email protected]@ -1291,6 +1361,13 @@ main_loop (saver_info *si)
+ #ifndef NO_LOCKING
+         /* Maybe unlock the screen.
+          */
++        if (si->demoing_p) goto DONE; /* in demoing mode and user wants out
++                                         unblank screen */
++
++        /* This is when blank timeout has happened but lock timeout hasnt
++           and user gets active.  Simply get him out of the blank screen. */
++        if (si->screen_blanked_p && !si->locked_p) goto DONE;
++
+ 	if (si->locked_p)
+ 	  {
+ 	    saver_screen_info *ssi = si->default_screen;
[email protected]@ -1302,7 +1379,20 @@ main_loop (saver_info *si)
+               suspend_screenhack (&si->screens[i], True);	  /* suspend */
+ 	    XUndefineCursor (si->dpy, ssi->screensaver_window);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++            /* Prevents lock dialog posting on non blanked screen */
++            if (!si->screen_blanked_p)  /* locked_p is true, so blank now */
++              blank_screen (si);
++            if (si->screen_blanked_p)   /* if blanking successful, call PAM */
++              {
++                set_locked_p (si, True);
++                ok_to_unblank = unlock_p(si);
++              }
++            else /* blanking failed, probably couldn't grab keyboard/mouse */
++              set_locked_p (si, False);
++#else
+ 	    ok_to_unblank = unlock_p (si);
++#endif
+ 
+ 	    si->dbox_up_p = False;
+ 	    XDefineCursor (si->dpy, ssi->screensaver_window, ssi->cursor);
[email protected]@ -1327,6 +1417,7 @@ main_loop (saver_info *si)
+ 
+ 	} while (!ok_to_unblank);
+ 
++DONE:
+ 
+       if (p->verbose_p)
+ 	fprintf (stderr, "%s: unblanking screen at %s.\n",
[email protected]@ -1411,7 +1502,19 @@ main (int argc, char **argv)
+   textdomain (GETTEXT_PACKAGE);
+ #endif /* ENABLE_NLS */
+ 
++#if defined(ENABLE_NLS) && defined(HAVE_XSCREENSAVER_LOCK)
++  /* Gtk unlock dialog needs to be sent UTF-8 text to display */
++  bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
++#endif
++
+   memset(si, 0, sizeof(*si));
++
++#ifdef HAVE_XSCREENSAVER_LOCK
++/* Initialize and point si to pw_data i.e. the lock dialog struct */
++  memset(ptr_mygtkpwd, 0, sizeof(*ptr_mygtkpwd));
++  si->pw_data = ptr_mygtkpwd;
++#endif
++
+   global_si_kludge = si;	/* I hate C so much... */
+ 
+   fix_fds();
[email protected]@ -1421,7 +1524,9 @@ main (int argc, char **argv)
+ 
+   save_argv (argc, argv);
+   set_version_string (si, &argc, argv);
++#ifndef HAVE_XSCREENSAVER_LOCK /* moved below for external lock */
+   privileged_initialization (si, &argc, argv);
++#endif
+   hack_environment (si);
+ 
+   spasswd = getpwuid(getuid());
[email protected]@ -1444,6 +1549,10 @@ main (int argc, char **argv)
+   print_banner (si);
+ 
+   load_init_file(si->dpy, p); /* must be before initialize_per_screen_info() */
++#ifdef HAVE_XSCREENSAVER_LOCK
++  privileged_initialization (si, &argc, argv);
++#endif
++
+   blurb_timestamp_p = p->timestamp_p;  /* kludge */
+   initialize_per_screen_info (si, shell); /* also sets si->fading_possible_p */
+ 
[email protected]@ -1695,8 +1804,12 @@ handle_clientmessage (saver_info *si, XEvent *event, Bool until_idle_p)
+   Atom type = 0;
+   Window window = event->xclient.window;
+ 
++  if (p->verbose_p)
++     fprintf(stderr, "handle_clientmessage\n");
++
+   /* Preferences might affect our handling of client messages. */
+   maybe_reload_init_file (si);
++  XSync (si->dpy, False);
+ 
+   if (event->xclient.message_type != XA_SCREENSAVER ||
+       event->xclient.format != 32)
[email protected]@ -1969,10 +2082,18 @@ handle_clientmessage (saver_info *si, XEvent *event, Bool until_idle_p)
+ 			    : "locking.");
+ 	  sprintf (buf, "LOCK ClientMessage received; %s", response);
+ 	  clientmessage_response (si, window, False, buf, response);
++
++	  if (p->verbose_p)
++	    fprintf(stderr, "going to lock screen A\n");
++
+ 	  set_locked_p (si, True);
++	  si->emergency_lock_p = True;
+ 	  si->selection_mode = 0;
+ 	  si->demoing_p = False;
+ 
++	  return True; /* dont set lock_id to 0,
++                          causes to go in lock in main_loop above */
++
+ 	  if (si->lock_id)	/* we're doing it now, so lose the timeout */
+ 	    {
+ 	      XtRemoveTimeOut (si->lock_id);
+diff --git a/driver/xscreensaver.h b/driver/xscreensaver.h
+--- a/driver/xscreensaver.h
++++ b/driver/xscreensaver.h
[email protected]@ -164,6 +164,12 @@ extern Bool select_visual (saver_screen_info *ssi, const char *visual_name);
+ extern void store_saver_status (saver_info *si);
+ extern const char *signal_name (int signal);
+ 
++#ifdef HAVE_XSCREENSAVER_LOCK
++extern int kill_job (saver_info *si, pid_t pid, int signal);
++extern struct screenhack_job *make_job (pid_t pid, int screen,
++                                        const char *cmd);
++#endif
++
+ /* =======================================================================
+    subprocs diagnostics
+    ======================================================================= */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/07-allow-root.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,209 @@
+Fix for: Bug 15155994 - SUNBT4849641 xscreensaver won't run as root
+
+Let root lock the screen, but don't launch the hacks for root.
+
+Rejected by upstream because upstream author argues instead that users should
+not login as root, which is correct, but not something we can force all of
+our customers to stop doing.
+
+See http://www.jwz.org/xscreensaver/faq.html#root-lock for his side.
+---
+ driver/demo-Gtk.c     |   26 ++++++++++++++++++++++++++
+ driver/exec.c         |    2 ++
+ driver/setuid.c       |   12 ++++++++++++
+ driver/subprocs.c     |    3 +++
+ driver/timers.c       |    2 +-
+ driver/xscreensaver.c |    7 ++++---
+ 6 files changed, 48 insertions(+), 4 deletions(-)
+
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -687,6 +687,14 @@ run_cmd (state *s, Atom command, int arg)
+   char *err = 0;
+   int status;
+ 
++  if (getuid () == 0)
++    {
++      char buf [255];
++      strlcpy (buf, _("Can not run hacks if logged in as root!"), sizeof(buf));
++      warning_dialog (s->toplevel_widget, buf, False, 100);
++      return;
++    }
++
+   flush_dialog_changes_and_save (s);
+   status = xscreensaver_command (GDK_DISPLAY(), command, arg, False, &err);
+ 
[email protected]@ -717,6 +725,14 @@ run_hack (state *s, int list_elt, Bool report_errors_p)
+   char *err = 0;
+   int status;
+ 
++  if (getuid () == 0)
++    {
++      char buf [255];
++      strlcpy (buf, _("Can not run hacks if logged in as root!"), sizeof(buf));
++      warning_dialog (s->toplevel_widget, buf, False, 100);
++      return;
++    }
++
+   if (list_elt < 0) return;
+   hack_number = s->list_elt_to_hack_number[list_elt];
+ 
[email protected]@ -5155,6 +5171,15 @@ main (int argc, char **argv)
+     GtkMenu *menu = GTK_MENU (gtk_option_menu_get_menu (opt));
+     GList *kids = gtk_container_children (GTK_CONTAINER (menu));
+     int i;
++
++    if (getuid () == 0)
++      {
++        /* If logged in as root disable menu so user can't activate a hack. */
++        gtk_widget_set_sensitive (GTK_WIDGET (opt), False);
++        gtk_widget_set_sensitive (GTK_WIDGET (menu), False);
++      }
++    else
++    {
+     for (i = 0; kids; kids = kids->next, i++)
+       {
+         gtk_signal_connect (GTK_OBJECT (kids->data), "activate",
[email protected]@ -5168,6 +5193,7 @@ main (int argc, char **argv)
+             mode_menu_order[i] == RANDOM_HACKS_SAME)
+           gtk_widget_hide (GTK_WIDGET (kids->data));
+       }
++    }
+ 
+     if (s->nscreens <= 1)   /* recompute option-menu size */
+       {
+diff --git a/driver/exec.c b/driver/exec.c
+--- a/driver/exec.c
++++ b/driver/exec.c
[email protected]@ -186,6 +186,7 @@ exec_command (const char *shell, const char *command, int nice_level)
+   hairy_p = !!strpbrk (command, "*?$&!<>[];`'\\\"=");
+   /* note: = is in the above because of the sh syntax "FOO=bar cmd". */
+ 
++#ifdef DONT_ALLOW_ROOT_LOGIN
+   if (getuid() == (uid_t) 0 || geteuid() == (uid_t) 0)
+     {
+       /* If you're thinking of commenting this out, think again.
[email protected]@ -196,6 +197,7 @@ exec_command (const char *shell, const char *command, int nice_level)
+                blurb());
+       exit (-1);
+     }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+ 
+   if (hairy_p)
+     /* If it contains any shell metacharacters, do it the hard way,
+diff --git a/driver/setuid.c b/driver/setuid.c
+--- a/driver/setuid.c
++++ b/driver/setuid.c
[email protected]@ -121,6 +121,10 @@ set_ids_by_number (uid_t uid, gid_t gid, char **message_ret)
+   struct passwd *p = getpwuid (uid);
+   struct group  *g = getgrgid (gid);
+ 
++  /* if we are logged in as root i.e. uid==0 then dont do anything*/
++  if (getuid () == (uid_t) 0)
++   return 0;
++
+   if (message_ret)
+     *message_ret = 0;
+ 
[email protected]@ -278,11 +282,13 @@ hack_uid (saver_info *si)
+          of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
+          and "USING XDM".
+    */
++#ifdef DONT_ALLOW_ROOT_LOGIN
+   if (getuid() == (uid_t) 0)
+     {
+       si->locking_disabled_p = True;
+       si->nolock_reason = "running as root";
+     }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+ 
+ 
+   /* If we're running as root, switch to a safer user.  This is above and
[email protected]@ -297,6 +303,8 @@ hack_uid (saver_info *si)
+          of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", 
+          and "USING XDM".
+    */
++/* We are letting root login to fix a P1 bug, i.e. root should lock screen*/
++#ifdef DONT_ALLOW_ROOT_LOGIN
+   if (getuid() == (uid_t) 0)
+     {
+       struct passwd *p;
[email protected]@ -315,6 +323,7 @@ hack_uid (saver_info *si)
+       if (set_ids_by_number (p->pw_uid, p->pw_gid, &si->uid_message) != 0)
+ 	saver_exit (si, -1, 0);
+     }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+ 
+ 
+   /* If there's anything even remotely funny looking about the passwd struct,
[email protected]@ -357,7 +366,10 @@ hack_uid (saver_info *si)
+ 		 (p && p->pw_name && *p->pw_name
+ 		  ? p->pw_name : "<unknown>"));
+ 	si->nolock_reason = buf;
++
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ 	si->locking_disabled_p = True;
++#endif
+ 	si->dangerous_uid_p = True;
+       }
+   }
+diff --git a/driver/subprocs.c b/driver/subprocs.c
+--- a/driver/subprocs.c
++++ b/driver/subprocs.c
[email protected]@ -939,6 +939,9 @@ spawn_screenhack (saver_screen_info *ssi)
+   saver_preferences *p = &si->prefs;
+   char* complete_hack_command;
+ 
++  if (getuid () == 0)
++    return;  /* Dont let hacks run if logged in as root*/
++
+   if (si->prefs.verbose_p)
+    fprintf(stderr, "--> spawn_screenhack()\n");
+ 
+diff --git a/driver/timers.c b/driver/timers.c
+--- a/driver/timers.c
++++ b/driver/timers.c
[email protected]@ -282,7 +282,7 @@ cycle_timer (XtPointer closure, XtIntervalId *id)
+ 
+       raise_window (si, True, True, False);
+ 
+-      if (!si->throttled_p)
++      if (!si->throttled_p && getuid () != 0)
+         for (i = 0; i < si->nscreens; i++)
+           spawn_screenhack (&si->screens[i]);
+       else
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -458,6 +458,7 @@ startup_ehandler (String name, String type, String class,
+ 
+   describe_uids (si, stderr);
+ 
++#ifdef DONT_ALLOW_ROOT_LOGIN
+   if (si->orig_uid && !strncmp (si->orig_uid, "root/", 5))
+     {
+       fprintf (stderr, "\n"
[email protected]@ -471,11 +472,11 @@ startup_ehandler (String name, String type, String class,
+                blurb());
+     }
+   else
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+     {
+       fprintf (stderr, "\n"
+           "%s: Errors at startup are usually authorization problems.\n"
+-"              But you're not logging in as root (good!) so something\n"
+-"              else must be wrong.  Did you read the manual and the FAQ?\n",
++"              Did you read the manual and the FAQ?\n",
+            blurb());
+     }
+ 
[email protected]@ -1269,7 +1270,7 @@ main_loop (saver_info *si)
+         kill_screenhack (&si->screens[i]);
+ 
+       raise_window (si, True, True, False);
+-      if (si->throttled_p)
++      if (si->throttled_p || getuid () == 0)
+         fprintf (stderr, "%s: not launching hack (throttled.)\n", blurb());
+       else
+         for (i = 0; i < si->nscreens; i++)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/08-passwdTimeout-pref.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,268 @@
+Bug 15220000 SUNBT5077981 There should be an option to extend/disable lockout
+                          timer
+aka http://bugzilla.gnome.org/show_bug.cgi?id=147579
+ 
+Bug 15231258 SUNBT6176524 passwdTimeoutEnable for disabled user
+
+Upstream status unknown.
+
+---
+ driver/XScreenSaver.ad.in       |    1 +
+ driver/demo-Gtk.c               |   13 +++++
+ driver/lock.c                   |    8 +++
+ driver/prefs.c                  |    6 ++
+ driver/types.h                  |    2 +
+ driver/xscreensaver-demo.glade2 |   98 ++++++++++++++++++++++++++++++++++++++-
+ 6 files changed, 127 insertions(+), 1 deletions(-)
+
+diff --git a/driver/XScreenSaver.ad.in b/driver/XScreenSaver.ad.in
+--- a/driver/XScreenSaver.ad.in
++++ b/driver/XScreenSaver.ad.in
[email protected]@ -34,6 +34,7 @@
+ *cycle:			0:10:00
+ *lockTimeout:		0:00:00
+ *passwdTimeout:		0:02:00
++*passwdTimeoutEnabled:	True
+ *dpmsEnabled:		True
+ *dpmsQuickoffEnabled:	False
+ *dpmsStandby:		0:10:00
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -1558,6 +1558,8 @@ flush_dialog_changes_and_save (state *s)
+ 
+   MINUTES  (&p2->timeout,         "timeout_spinbutton");
+   MINUTES  (&p2->cycle,           "cycle_spinbutton");
++  CHECKBOX (p2->unlock_timeout_p, "pwd_button");	/* bugid 5077981 */
++  MINUTES  (&p2->passwd_timeout,  "pwd_spinbutton");
+   CHECKBOX (p2->lock_p,           "lock_button");
+   MINUTES  (&p2->lock_timeout,    "lock_spinbutton");
+ 
[email protected]@ -1660,6 +1662,8 @@ flush_dialog_changes_and_save (state *s)
+   COPY(cycle,          "cycle");
+   COPY(lock_p,         "lock_p");
+   COPY(lock_timeout,   "lock_timeout");
++  COPY(unlock_timeout_p,"unlock_timeout_p");		/* bugid 5077981 */
++  COPY(passwd_timeout, "passwd_timeout");
+ 
+   COPY(dpms_enabled_p,  "dpms_enabled_p");
+   COPY(dpms_quickoff_p, "dpms_quickoff_enabled_p");
[email protected]@ -2791,6 +2795,9 @@ populate_prefs_page (state *s)
+   FMT_MINUTES ("timeout_spinbutton",      p->timeout);
+   FMT_MINUTES ("cycle_spinbutton",        p->cycle);
+   FMT_MINUTES ("lock_spinbutton",         p->lock_timeout);
++  /* bugid 5077981 */
++  FMT_MINUTES ("pwd_spinbutton",          p->passwd_timeout);
++
+   FMT_MINUTES ("dpms_standby_spinbutton", p->dpms_standby);
+   FMT_MINUTES ("dpms_suspend_spinbutton", p->dpms_suspend);
+   FMT_MINUTES ("dpms_off_spinbutton",     p->dpms_off);
[email protected]@ -2803,6 +2810,7 @@ populate_prefs_page (state *s)
+   gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (name_to_widget (s,(NAME))),\
+                                 (ACTIVEP))
+ 
++  TOGGLE_ACTIVE ("pwd_button",	      p->unlock_timeout_p); /* bugid 5077981 */
+   TOGGLE_ACTIVE ("lock_button",       p->lock_p);
+ #if 0
+   TOGGLE_ACTIVE ("verbose_button",    p->verbose_p);
[email protected]@ -2908,6 +2916,10 @@ populate_prefs_page (state *s)
+ 
+     /* Blanking and Locking
+      */
++    /* bugid 5077081 */
++    SENSITIZE ("pwd_spinbutton", p->unlock_timeout_p);
++    SENSITIZE ("pwd_mlabel",     p->unlock_timeout_p);
++
+     SENSITIZE ("lock_button",     can_lock_p);
+     SENSITIZE ("lock_spinbutton", can_lock_p && p->lock_p);
+     SENSITIZE ("lock_mlabel",     can_lock_p && p->lock_p);
[email protected]@ -3082,6 +3094,7 @@ fix_text_entry_sizes (state *s)
+ # if 0   /* appears no longer necessary with Gtk 1.2.10 */
+   const char * const spinbuttons[] = {
+     "timeout_spinbutton", "cycle_spinbutton", "lock_spinbutton",
++    "pwd_spinbutton", /* bugid 5077981 */
+     "dpms_standby_spinbutton", "dpms_suspend_spinbutton",
+     "dpms_off_spinbutton",
+     "-fade_spinbutton" };
+diff --git a/driver/lock.c b/driver/lock.c
+--- a/driver/lock.c
++++ b/driver/lock.c
[email protected]@ -1646,6 +1646,10 @@ update_passwd_window (saver_info *si, const char *printed_passwd, float ratio)
+       event.xclient.data.l[1] = 0;
+       event.xclient.data.l[2] = 0;
+ 
++      /* CR 5077981: option to disable unlock timer */
++      if (! si->prefs.unlock_timeout_p)
++        event.xclient.data.l[1] = 1;
++
+       if (!safe_XSendEvent (si->dpy, si->passwd_dialog, False, 0L, &event))
+         fprintf (stderr, "%s: error sending ratio to lock dialog\n", blurb ());
+     }
[email protected]@ -2349,6 +2353,10 @@ passwd_animate_timer (XtPointer closure, XtIntervalId *id)
+ 
+   if (!pw) return;
+ 
++  /* CR 5077981: option to disable unlock timer */
++  if (! si->prefs.unlock_timeout_p)
++    return;
++
+ #ifdef HAVE_XSCREENSAVER_LOCK
+   /* We want to make sure dialog is up before we update countdown timer */
+   if (!si->passwd_dialog)
+diff --git a/driver/prefs.c b/driver/prefs.c
+--- a/driver/prefs.c
++++ b/driver/prefs.c
[email protected]@ -251,6 +251,7 @@ static const char * const prefs[] = {
+   "lockVTs",			/* not saved */
+   "lockTimeout",
+   "passwdTimeout",
++  "passwdTimeoutEnabled",	/* bugid 5077981 */
+   "visualID",
+   "installColormap",
+   "verbose",
[email protected]@ -784,6 +785,9 @@ write_init_file (Display *dpy,
+       CHECK("lockVTs")		continue;  /* don't save, unused */
+       CHECK("lockTimeout")	type = pref_time, t = p->lock_timeout;
+       CHECK("passwdTimeout")	type = pref_time, t = p->passwd_timeout;
++
++/* bugid 5077981 */
++      CHECK("passwdTimeoutEnabled") type = pref_bool, b = p->unlock_timeout_p;
+       CHECK("visualID")		type = pref_str,  s =    visual_name;
+       CHECK("installColormap")	type = pref_bool, b = p->install_cmap_p;
+       CHECK("verbose")		type = pref_bool, b = p->verbose_p;
[email protected]@ -1068,6 +1072,8 @@ load_init_file (Display *dpy, saver_preferences *p)
+   p->lock_timeout    = 1000 * get_minutes_resource (dpy, "lockTimeout", "Time");
+   p->cycle           = 1000 * get_minutes_resource (dpy, "cycle", "Time");
+   p->passwd_timeout  = 1000 * get_seconds_resource (dpy, "passwdTimeout", "Time");
++  /* bugid 5077981 */
++  p->unlock_timeout_p = get_boolean_resource (dpy, "passwdTimeoutEnabled", "Boolean");
+   p->pointer_timeout = 1000 * get_seconds_resource (dpy, "pointerPollTime", "Time");
+   p->pointer_hysteresis = get_integer_resource (dpy, "pointerHysteresis","Integer");
+   p->notice_events_timeout = 1000*get_seconds_resource(dpy,
+diff --git a/driver/types.h b/driver/types.h
+--- a/driver/types.h
++++ b/driver/types.h
[email protected]@ -77,6 +77,8 @@ struct saver_preferences {
+   Bool xsync_p;			/* whether XSynchronize has been called */
+ 
+   Bool lock_p;			/* whether to lock as well as save */
++  Bool unlock_timeout_p;	/* whether to timeout unlock dialog */
++                                /* bugid 5077981 */
+ 
+   Bool fade_p;			/* whether to fade to black, if possible */
+   Bool unfade_p;		/* whether to fade from black, if possible */
+diff --git a/driver/xscreensaver-demo.glade2 b/driver/xscreensaver-demo.glade2
+--- a/driver/xscreensaver-demo.glade2
++++ b/driver/xscreensaver-demo.glade2
[email protected]@ -165,7 +165,7 @@
+ 		  <child>
+ 		    <widget class="GtkTable" id="blanking_table">
+ 		      <property name="visible">True</property>
+-		      <property name="n_rows">3</property>
++		      <property name="n_rows">4</property>
+ 		      <property name="n_columns">4</property>
+ 		      <property name="homogeneous">False</property>
+ 		      <property name="row_spacing">2</property>
[email protected]@ -466,6 +466,102 @@
+ 			  <property name="y_options"></property>
+ 			</packing>
+ 		      </child>
++
++		      <child>
++			<widget class="GtkSpinButton" id="pwd_spinbutton">
++			  <property name="visible">True</property>
++			  <property name="tooltip" translatable="yes">How long the unlock dialog waits for input before disappearing.</property>
++			  <property name="can_focus">True</property>
++			  <property name="climb_rate">15</property>
++			  <property name="digits">0</property>
++			  <property name="numeric">True</property>
++			  <property name="update_policy">GTK_UPDATE_ALWAYS</property>
++			  <property name="snap_to_ticks">True</property>
++			  <property name="wrap">False</property>
++			  <property name="adjustment">0 0 720 1 15 15</property>
++			  <accessibility>
++			    <atkrelation target="pwd_button" type="controlled-by"/>
++			    <atkrelation target="pwd_button" type="labelled-by"/>
++			    <atkrelation target="pwd_mlabel" type="labelled-by"/>
++			  </accessibility>
++			  <signal name="activate" handler="pref_changed_cb"/>
++			  <signal name="focus_out_event" handler="pref_changed_event_cb"/>
++			  <signal name="value_changed" handler="pref_changed_cb"/>
++			</widget>
++			<packing>
++			  <property name="left_attach">2</property>
++			  <property name="right_attach">3</property>
++			  <property name="top_attach">3</property>
++			  <property name="bottom_attach">4</property>
++			  <property name="y_padding">10</property>
++			  <property name="x_options">fill</property>
++			  <property name="y_options"></property>
++			</packing>
++		      </child>
++
++		      <child>
++			<widget class="GtkEventBox" id="pwd_button_eventbox">
++			  <property name="visible">True</property>
++			  <property name="tooltip" translatable="yes">Whether the unlock dialog box should disappear after a timeout.</property>
++			  <property name="visible_window">True</property>
++			  <property name="above_child">False</property>
++
++			  <child>
++			    <widget class="GtkCheckButton" id="pwd_button">
++			      <property name="visible">True</property>
++			      <property name="can_focus">True</property>
++			      <property name="label" translatable="yes">Timeout _Unlock After</property>
++			      <property name="use_underline">True</property>
++			      <property name="relief">GTK_RELIEF_NORMAL</property>
++			      <property name="focus_on_click">True</property>
++			      <property name="active">False</property>
++			      <property name="inconsistent">False</property>
++			      <property name="draw_indicator">True</property>
++			      <accessibility>
++				<atkrelation target="pwd_spinbutton" type="controller-for"/>
++				<atkrelation target="pwd_spinbutton" type="label-for"/>
++				<atkrelation target="pwd_spinbutton" type="flows-to"/>
++			      </accessibility>
++			      <signal name="toggled" handler="pref_changed_cb"/>
++			    </widget>
++			  </child>
++			</widget>
++			<packing>
++			  <property name="left_attach">0</property>
++			  <property name="right_attach">2</property>
++			  <property name="top_attach">3</property>
++			  <property name="bottom_attach">4</property>
++			  <property name="x_options">fill</property>
++			  <property name="y_options">fill</property>
++			</packing>
++		      </child>
++
++		      <child>
++			<widget class="GtkLabel" id="pwd_mlabel">
++			  <property name="visible">True</property>
++			  <property name="label" translatable="yes">minutes</property>
++			  <property name="use_underline">False</property>
++			  <property name="use_markup">False</property>
++			  <property name="justify">GTK_JUSTIFY_LEFT</property>
++			  <property name="wrap">False</property>
++			  <property name="selectable">False</property>
++			  <property name="xalign">0</property>
++			  <property name="yalign">0.5</property>
++			  <property name="xpad">8</property>
++			  <property name="ypad">0</property>
++			  <accessibility>
++			    <atkrelation target="pwd_spinbutton" type="label-for"/>
++			    <atkrelation target="pwd_spinbutton" type="flows-from"/>
++			  </accessibility>
++			</widget>
++			<packing>
++			  <property name="left_attach">3</property>
++			  <property name="right_attach">4</property>
++			  <property name="top_attach">3</property>
++			  <property name="bottom_attach">4</property>
++			  <property name="y_options"></property>
++			</packing>
++		      </child>
+ 		    </widget>
+ 		    <packing>
+ 		      <property name="left_attach">0</property>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/09-dpms.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,48 @@
+Allow xset dpms settings to override .xscreensaver.
+
+Upstream rejected:
+
+You can't have *two* places that specify the same preference.
+Therefore, xscreensaver should be the one and only place.
+
+
+---
+ driver/timers.c       |    3 +++
+ driver/xscreensaver.c |    4 ++++
+ 2 files changed, 7 insertions(+), 0 deletions(-)
+
+diff --git a/driver/timers.c b/driver/timers.c
+--- a/driver/timers.c
++++ b/driver/timers.c
[email protected]@ -1549,6 +1549,8 @@ watchdog_timer (XtPointer closure, XtIntervalId *id)
+ 
+   /* If the DPMS settings on the server have changed, change them back to
+      what ~/.xscreensaver says they should be. */
++  /* mali- No!! if someone uses xset then let the changes be picked by
++   * xscreensaver...do not have to regulate everything from .xscreensaver.
+   sync_server_dpms_settings (si->dpy,
+                              (p->dpms_enabled_p  &&
+                               p->mode != DONT_BLANK),
[email protected]@ -1556,6 +1558,7 @@ watchdog_timer (XtPointer closure, XtIntervalId *id)
+                              p->dpms_suspend / 1000,
+                              p->dpms_off / 1000,
+                              False);
++  **/
+ 
+   if (si->screen_blanked_p)
+     {
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -1587,6 +1587,10 @@ main (int argc, char **argv)
+   init_sigchld ();
+ 
+   disable_builtin_screensaver (si, True);
++/*****
++  mali- this may need to be taken out in future if it hinders user
++  setting dpms values through xset.
++ *****/
+   sync_server_dpms_settings (si->dpy,
+                              (p->dpms_enabled_p  &&
+                               p->mode != DONT_BLANK),
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/10-security_policy.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,415 @@
+Bug 15284497 SUNBT6317441 Allow admins to remove user-configurability from
+                          screensaver
+
+- Upstream rejected as "I will never implement that, because it's stupid and 
+  unenforcible."  Unfortunately, we're stuck with Common Criteria requirements,
+  which do not allow for common sense.
+
+Bug 15779180 SUNBT7154101 Not able to unlock screen after xlock after su to a
+                          role
+
+- specific to Solaris RBAC
+
+---
+ driver/Makefile.in              |    2 +-
+ driver/demo-Gtk.c               |   95 +++++++++++++++++++++++++++++++++++----
+ driver/lock-Gtk.c               |    5 ++-
+ driver/prefs.c                  |   37 +++++++++++++++
+ driver/subprocs.c               |   24 ++++++++++
+ driver/types.h                  |    3 ++
+ driver/xscreensaver-demo.glade2 |    2 +-
+ driver/xscreensaver.c           |   36 +++++++++++++--
+ driver/xscreensaver.h           |    2 +
+ 9 files changed, 192 insertions(+), 14 deletions(-)
+
+diff --git a/driver/Makefile.in b/driver/Makefile.in
+--- a/driver/Makefile.in
++++ b/driver/Makefile.in
[email protected]@ -802,7 +802,7 @@ XScreenSaver_Xm_ad.h: XScreenSaver-Xm.ad
+ #
+ xscreensaver: $(SAVER_OBJS)
+ 	$(CC) $(LDFLAGS) -o [email protected] $(SAVER_OBJS) $(SAVER_LIBS) \
+-	-lgconf-2 -lgobject-2.0
++	-lgconf-2 -lgobject-2.0 -lglib-2.0
+ 
+ xscreensaver-command: $(CMD_OBJS)
+ 	$(CC) $(LDFLAGS) -o [email protected] $(CMD_OBJS) $(CMD_LIBS)
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -136,6 +136,7 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <ctype.h>
++#include <user_attr.h>
+ 
+ #ifdef HAVE_GTK2
+ enum {
[email protected]@ -687,6 +688,7 @@ run_cmd (state *s, Atom command, int arg)
+   char *err = 0;
+   int status;
+ 
++  #if 0
+   if (getuid () == 0)
+     {
+       char buf [255];
[email protected]@ -694,6 +696,7 @@ run_cmd (state *s, Atom command, int arg)
+       warning_dialog (s->toplevel_widget, buf, False, 100);
+       return;
+     }
++  #endif
+ 
+   flush_dialog_changes_and_save (s);
+   status = xscreensaver_command (GDK_DISPLAY(), command, arg, False, &err);
[email protected]@ -1691,9 +1694,10 @@ flush_dialog_changes_and_save (state *s)
+ # undef COPY
+ 
+ # define COPYSTR(FIELD,NAME) \
+-  if (!p->FIELD || \
++  if ((p->FIELD != p2->FIELD) && \
++      (!p->FIELD || \
+       !p2->FIELD || \
+-      strcmp(p->FIELD, p2->FIELD)) \
++      strcmp(p->FIELD, p2->FIELD))) \
+     { \
+       changed = True; \
+       if (s->debug_p) \
[email protected]@ -2754,6 +2758,79 @@ update_list_sensitivity (state *s)
+ #endif /* !HAVE_GTK2 */
+ }
+ 
++# define SENSITIZE(NAME,SENSITIVEP) \
++    gtk_widget_set_sensitive (name_to_widget (s, (NAME)), (SENSITIVEP))
++
++#define HIDEWIDGET(NAME) \
++    gtk_widget_hide (name_to_widget (s, (NAME)))
++
++static void
++customized_lock(state *s)
++{
++  char *idletime = NULL;
++  int timeout = 0;
++  char *idlecmd = NULL;
++  
++  if (getenv("TRUSTED_SESSION")) /* trusted_lock */
++    {
++      HIDEWIDGET("doc_menu");
++      SENSITIZE("restart", 0);
++      SENSITIZE("kill_menu", 0);
++      timeout = 15 ; /* if IDLECMD is missing in security policy file default timeout is 15 min*/
++    }
++  
++  if (((idletime = getuserattruid(getuid(),
++	  USERATTR_IDLETIME_KW, NULL, NULL)) != NULL) &&
++	  ((timeout = atoi(idletime)) != 0) || timeout)
++    {
++
++      GtkWidget *timeout_spinbutton = name_to_widget(s, "timeout_spinbutton");
++      GtkAdjustment *adj = gtk_spin_button_get_adjustment((GtkSpinButton *) timeout_spinbutton);
++      SET_ADJ_UPPER(adj, (gdouble) timeout);
++      if (GET_ADJ_VALUE(adj) > (gdouble) timeout)
++        SET_ADJ_VALUE(adj, (gdouble) timeout);
++      gtk_spin_button_set_adjustment((GtkSpinButton *) timeout_spinbutton, adj);
++
++      /* enforce timeout with idlecmd */
++      if ((idlecmd = getuserattruid(getuid(),
++              USERATTR_IDLECMD_KW, NULL, NULL)) == NULL)
++        idlecmd = strdup(USERATTR_IDLECMD_LOCK_KW);
++
++      if (!idletime && getenv("TRUSTED_SESSION")) 
++        {
++          idlecmd = strdup(USERATTR_IDLECMD_LOGOUT_KW);
++        }
++      
++      if (idlecmd && strcasecmp(idlecmd, USERATTR_IDLECMD_LOGOUT_KW) == 0)
++        {
++          gtk_label_set_text_with_mnemonic(name_to_widget(s, "timeout_label"), "_Logout After");
++
++          HIDEWIDGET("cycle_label");
++          HIDEWIDGET("cycle_spinbutton");
++          HIDEWIDGET("cycle_mlabel");
++
++          HIDEWIDGET("pwd_spinbutton");
++          HIDEWIDGET("pwd_button");
++          HIDEWIDGET("pwd_mlabel");
++          HIDEWIDGET("pwd_button_eventbox");
++
++        } 
++      else
++        {
++          gtk_label_set_text_with_mnemonic(name_to_widget(s, "timeout_label"), "_Lock Screen After");
++        }
++      SENSITIZE("lock_spinbutton", 0);
++      SENSITIZE("lock_mlabel", 0);
++      SENSITIZE("lock_button", 0);
++
++      HIDEWIDGET("lock_spinbutton");
++      HIDEWIDGET("lock_mlabel");
++      HIDEWIDGET("lock_button");
++      HIDEWIDGET("lock_button_eventbox");
++    }
++  free(idletime); /* free works on a NULL value */
++  free(idlecmd); /* when you're all with idlecmd */
++}
+ 
+ static void
+ populate_prefs_page (state *s)
[email protected]@ -2910,10 +2987,6 @@ populate_prefs_page (state *s)
+     }
+ #endif /* HAVE_DPMS_EXTENSION */
+ 
+-
+-# define SENSITIZE(NAME,SENSITIVEP) \
+-    gtk_widget_set_sensitive (name_to_widget (s, (NAME)), (SENSITIVEP))
+-
+     /* Blanking and Locking
+      */
+     /* bugid 5077081 */
[email protected]@ -2953,10 +3026,13 @@ dpms_supported=1;
+     SENSITIZE ("fade_spinbutton", (fading_possible &&
+                                    (p->fade_p || p->unfade_p)));
+ 
+-# undef SENSITIZE
++    customized_lock(s);
++
+   }
+ }
+ 
++# undef SENSITIZE
++# undef HIDEWIDGET
+ 
+ static void
+ populate_popup_window (state *s)
[email protected]@ -3040,6 +3116,9 @@ sensitize_menu_items (state *s, Bool force_p)
+ 
+   for (i = 0; i < countof(names); i++)
+     {
++      if (getenv ("TRUSTED_SESSION") && 2==i)
++        continue;
++
+       GtkWidget *w = name_to_widget (s, names[i]);
+       gtk_widget_set_sensitive (GTK_WIDGET(w), running_p);
+     }
+diff --git a/driver/lock-Gtk.c b/driver/lock-Gtk.c
+--- a/driver/lock-Gtk.c
++++ b/driver/lock-Gtk.c
[email protected]@ -151,7 +151,10 @@ load_unlock_logo_image (void)
+   const char *logofile;
+   struct stat statbuf;
+ 
+-  logofile = DEFAULT_ICONDIR "/unlock-logo.png";
++  if (getenv("TRUSTED_SESSION"))
++    logofile = DEFAULT_ICONDIR "/trusted-logo.png";
++  else
++    logofile = DEFAULT_ICONDIR "/unlock-logo.png";
+ 
+   if (stat (logofile, &statbuf) != 0)
+     {
+diff --git a/driver/prefs.c b/driver/prefs.c
+--- a/driver/prefs.c
++++ b/driver/prefs.c
[email protected]@ -37,6 +37,7 @@
+ # include "vms-pwd.h"
+ #endif /* VMS */
+ 
++#include <user_attr.h>
+ 
+ /* This file doesn't need the Xt headers, so stub these types out... */
+ #undef XtPointer
[email protected]@ -1181,6 +1182,42 @@ load_init_file (Display *dpy, saver_preferences *p)
+     if (s) free (s);
+   }
+ 
++  char *idletime = NULL;
++  int timeout = 0;
++  char *idlecmd = NULL;
++
++  if (((idletime = getuserattruid(getuid(),
++          USERATTR_IDLETIME_KW, NULL, NULL)) != NULL) &&
++          ((timeout = atoi(idletime) * 60 * 1000) != 0))
++    {
++
++      p->lock_timeout = 0;
++      if (p->timeout > timeout)
++	p->timeout = timeout;
++
++      /* always lock or logout and do not show blank screen */
++      if (p->mode == DONT_BLANK)
++	p->mode = BLANK_ONLY;
++
++      p->forcedlock_p = p->lock_p = True;
++
++      /* enforce timeout with idlecmd */
++      if ((idlecmd = getuserattruid(getuid(),
++            USERATTR_IDLECMD_KW, NULL, NULL)) == NULL)
++            idlecmd = strdup(USERATTR_IDLECMD_LOCK_KW);
++
++      if (idlecmd && strcasecmp(idlecmd, USERATTR_IDLECMD_LOGOUT_KW) == 0)
++	p->forcedlogout_p = True;
++    }
++  else if (getenv("TRUSTED_SESSION"))
++    {
++      p->forcedlogout_p = p->forcedlock_p = p->lock_p = True; 
++      p->timeout = 15 * 60 * 1000; /* if security policy not defined, forced logout in 15 mins */
++    }
++
++  free(idletime); /* free works on a NULL value */
++  free(idlecmd); /* when you're all with idlecmd */
++
+   if (system_default_screenhack_count)  /* note: first_time is also true */
+     {
+       merge_system_screenhacks (dpy, p, system_default_screenhacks,
+diff --git a/driver/subprocs.c b/driver/subprocs.c
+--- a/driver/subprocs.c
++++ b/driver/subprocs.c
[email protected]@ -932,6 +932,30 @@ check_if_hacks_dir_exists(Bool verbose_p)
+     }
+ }
+ 
++/* Added separate function for logout as we need to find better way to log user
++   out. See CR6422890. For s10 we will use /usr/bin/gnome-session-save --kill
++*/
++void
++logout(saver_screen_info *ssi)
++{
++  saver_info *si = ssi->global;
++  saver_preferences *p = &si->prefs;
++  if (!(si->emergency_lock_p || si->locked_p))
++    {
++      struct stat st;
++      if (!stat ("/usr/bin/gnome-session-save", &st))
++        {
++          pid_t forked = fork_and_exec (ssi, "/usr/bin/gnome-session-save\t--force-logout");
++          if (forked < 1)
++            {
++              char buf [255];
++              snprintf (buf, sizeof(buf), "%s: couldn't fork", blurb());
++              perror (buf);
++            }
++        }
++    }
++}
++
+ void
+ spawn_screenhack (saver_screen_info *ssi)
+ {
+diff --git a/driver/types.h b/driver/types.h
+--- a/driver/types.h
++++ b/driver/types.h
[email protected]@ -77,6 +77,9 @@ struct saver_preferences {
+   Bool xsync_p;			/* whether XSynchronize has been called */
+ 
+   Bool lock_p;			/* whether to lock as well as save */
++  Bool forcedlock_p;		/* whether to forced lock */
++  Bool forcedlogout_p;		/* whether to forced logout */
++
+   Bool unlock_timeout_p;	/* whether to timeout unlock dialog */
+                                 /* bugid 5077981 */
+ 
+diff --git a/driver/xscreensaver-demo.glade2 b/driver/xscreensaver-demo.glade2
+--- a/driver/xscreensaver-demo.glade2
++++ b/driver/xscreensaver-demo.glade2
[email protected]@ -478,7 +478,7 @@
+ 			  <property name="update_policy">GTK_UPDATE_ALWAYS</property>
+ 			  <property name="snap_to_ticks">True</property>
+ 			  <property name="wrap">False</property>
+-			  <property name="adjustment">0 0 720 1 15 15</property>
++			  <property name="adjustment">0 0 720 1 15 0</property>
+ 			  <accessibility>
+ 			    <atkrelation target="pwd_button" type="controlled-by"/>
+ 			    <atkrelation target="pwd_button" type="labelled-by"/>
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -142,6 +142,8 @@
+ 
+ #include <stdio.h>
+ #include <ctype.h>
++#include <zone.h>
++#include <user_attr.h>
+ #include <X11/Xlib.h>
+ 
+ #ifdef ENABLE_NLS
[email protected]@ -1183,6 +1185,9 @@ main_loop (saver_info *si)
+ 
+       maybe_reload_init_file (si);
+ 
++      if (p->forcedlogout_p)
++        logout(&si->screens[0]);
++
+       if (p->mode == DONT_BLANK)
+         {
+           if (p->verbose_p)
[email protected]@ -1466,6 +1471,20 @@ DONE:
+ static void analyze_display (saver_info *si);
+ static void fix_fds (void);
+ 
++/*
++ * Is Role attached to userid
++ */
++Bool
++isRoleAttached(uid_t uid)
++{
++  char *type;
++  if (((type = getuserattruid(uid, USERATTR_TYPE_KW, NULL, NULL)) != NULL) &&
++	  (strcmp(type, USERATTR_TYPE_NONADMIN_KW) == 0))
++    return (B_TRUE);
++  else
++    return (B_FALSE);
++}
++
+ int
+ main (int argc, char **argv)
+ {
[email protected]@ -1476,6 +1495,17 @@ main (int argc, char **argv)
+   struct passwd *spasswd;
+   int i;
+ 
++  if (getenv ("TRUSTED_SESSION") && (getzoneid () != 0))
++    exit (1);
++
++  uid_t uid = getuid();
++  if (uid == 0 && isRoleAttached(uid))
++    {
++      fprintf(stderr, "Roles Can not login directly.\n");
++      return 1;
++    }
++
++
+   /* It turns out that if we do setlocale (LC_ALL, "") here, people
+      running in Japanese locales get font craziness on the password
+      dialog, presumably because it is displaying Japanese characters
[email protected]@ -1973,7 +2003,7 @@ handle_clientmessage (saver_info *si, XEvent *event, Bool until_idle_p)
+   else if (type == XA_EXIT)
+     {
+       /* Ignore EXIT message if the screen is locked. */
+-      if (until_idle_p || !si->locked_p)
++      if (!(p->forcedlogout_p || p->forcedlock_p) && (until_idle_p || !si->locked_p))
+ 	{
+ 	  clientmessage_response (si, window, False,
+ 				  "EXIT ClientMessage received.",
[email protected]@ -1990,8 +2020,8 @@ handle_clientmessage (saver_info *si, XEvent *event, Bool until_idle_p)
+ 	}
+       else
+ 	clientmessage_response (si, window, True,
+-				"EXIT ClientMessage received while locked.",
+-				"screen is locked.");
++				"EXIT ClientMessage received.",
++				"screen is locked or does not have privilege to exit.");
+     }
+   else if (type == XA_RESTART)
+     {
+diff --git a/driver/xscreensaver.h b/driver/xscreensaver.h
+--- a/driver/xscreensaver.h
++++ b/driver/xscreensaver.h
[email protected]@ -170,6 +170,8 @@ extern struct screenhack_job *make_job (pid_t pid, int screen,
+                                         const char *cmd);
+ #endif
+ 
++extern void logout(saver_screen_info *ssi);
++
+ /* =======================================================================
+    subprocs diagnostics
+    ======================================================================= */
+1.7.9.2
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/11-pam_audit.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,274 @@
+Fixes for bugs:
+15201967 SUNBT5015296 xscreensaver doesn't audit
+15326852 SUNBT6417168 xscreensaver loops while trying to unlock a session
+	 	      for a user whose password was expired
+15452882 SUNBT6654320 xscreensaver dies due to memory corruption
+15688159 SUNBT7008058 screensaver continues to accept old password for
+	 	      existing sessions after password changed
+
+Also ensures that Xscreensaver on Solaris only uses PAM, and never attempts
+to fallback to direct use of getpwent(), which isn't audited
+
+Upstream status unknown.
+---
+ driver/Makefile.in  |    2 +-
+ driver/passwd-pam.c |  158 ++++++++++++++++++++++++++++++++++++++++++++++++++-
+ driver/passwd.c     |    4 +
+ 3 files changed, 161 insertions(+), 3 deletions(-)
+
+diff --git a/driver/Makefile.in b/driver/Makefile.in
+--- a/driver/Makefile.in
++++ b/driver/Makefile.in
[email protected]@ -214,7 +214,7 @@ PDF2JPEG_LIBS	= -framework Cocoa
+ SAVER_LIBS	= $(LIBS) $(X_LIBS) $(XMU_LIBS) @[email protected] \
+ 		  $(XDPMS_LIBS) $(XINERAMA_LIBS) $(GL_LIBS) $(X_PRE_LIBS) \
+ 		  -lXt -lX11 -lXext $(X_EXTRA_LIBS) \
+-		  $(PASSWD_LIBS)
++		  -lbsm $(PASSWD_LIBS)
+ 
+ CMD_LIBS	= $(LIBS) $(X_LIBS) \
+ 		  $(X_PRE_LIBS) -lX11 -lXext $(X_EXTRA_LIBS)
+diff --git a/driver/passwd-pam.c b/driver/passwd-pam.c
+--- a/driver/passwd-pam.c
++++ b/driver/passwd-pam.c
[email protected]@ -47,6 +47,8 @@
+ 
+ #ifdef __sun
+ # include <deflt.h>
++# include <bsm/adt.h>
++# include <bsm/adt_event.h>
+ #endif
+ 
+ extern char *blurb(void);
[email protected]@ -81,6 +83,9 @@ extern void unblock_sigchld (void);
+ #undef countof
+ #define countof(x) (sizeof((x))/sizeof(*(x)))
+ 
++static struct pam_response *reply = 0; /*making it global so we can free it */
++static int replies = 0;
++
+ /* Some time between Red Hat 4.2 and 7.0, the words were transposed 
+    in the various PAM_x_CRED macro names.  Yay!
+  */
[email protected]@ -178,6 +183,124 @@ Bool pam_priv_init (int argc, char **argv, Bool verbose_p);
+  */
+ static void *suns_pam_implementation_blows = 0;
+ 
++#ifdef __sun
++#include <syslog.h>
++#include <bsm/adt.h>
++#include <bsm/adt_event.h>
++
++static Bool audit_flag_global = True;
++
++/*
++ * audit_lock - audit entry to screenlock
++ *
++ *      Entry   Process running with appropriate privilege to generate
++ *                      audit records and real uid of the user.
++ *
++ *      Exit    ADT_screenlock audit record written.
++ */
++void
++audit_lock(void)
++{
++  adt_session_data_t      *ah;          /* audit session handle */
++  adt_event_data_t        *event;       /* audit event handle */
++
++  /* Audit start of screen lock -- equivalent to logout ;-) */
++  if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0)
++    {
++      syslog(LOG_AUTH | LOG_ALERT, "adt_start_session: %m");
++      return;
++    }
++  if ((event = adt_alloc_event(ah, ADT_screenlock)) == NULL)
++    {
++      syslog(LOG_AUTH | LOG_ALERT, "adt_alloc_event(ADT_screenlock): %m");
++    } else {
++      if (adt_put_event(event, ADT_SUCCESS, ADT_SUCCESS) != 0)
++        {
++          syslog(LOG_AUTH | LOG_ALERT, "adt_put_event(ADT_screenlock): %m");
++        }
++      adt_free_event(event);
++    }
++  (void) adt_end_session(ah);
++}
++
++/*
++ * audit_unlock - audit screen unlock
++ *
++ *      Entry   Process running with appropriate privilege to generate
++ *                      audit records and real uid of the user.
++ *              pam_status = PAM error code; reason for failure.
++ *
++ *      Exit    ADT_screenunlock audit record written.
++ */
++static void
++audit_unlock(int pam_status)
++{
++  adt_session_data_t      *ah;          /* audit session handle */
++  adt_event_data_t        *event;       /* audit event handle */
++
++  if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0)
++    {
++      syslog(LOG_AUTH | LOG_ALERT,
++             "adt_start_session(ADT_screenunlock): %m");
++      return;
++    }
++  if ((event = adt_alloc_event(ah, ADT_screenunlock)) == NULL)
++    {
++      syslog(LOG_AUTH | LOG_ALERT,
++             "adt_alloc_event(ADT_screenunlock): %m");
++    } else {
++      if (adt_put_event(event,
++                        pam_status == PAM_SUCCESS ? ADT_SUCCESS : ADT_FAILURE,
++                        pam_status == PAM_SUCCESS ? ADT_SUCCESS
++                                                  : ADT_FAIL_PAM + pam_status)
++          != 0)
++        {
++          syslog(LOG_AUTH | LOG_ALERT,
++                 "adt_put_event(ADT_screenunlock(%s): %m",
++                 pam_strerror(NULL, pam_status));
++        }
++      adt_free_event(event);
++    }
++  (void) adt_end_session(ah);
++}
++
++/*
++ * audit_passwd - audit password change
++ *      Entry   Process running with appropriate privilege to generate
++ *                      audit records and real uid of the user.
++ *              pam_status = PAM error code; reason for failure.
++ *
++ *      Exit    ADT_passwd audit record written.
++ */
++static void
++audit_passwd(int pam_status)
++{
++  adt_session_data_t      *ah;          /* audit session handle */
++  adt_event_data_t        *event;       /* audit event handle */
++
++  if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0)
++    {
++      syslog(LOG_AUTH | LOG_ALERT, "adt_start_session(ADT_passwd): %m");
++      return;
++    }
++  if ((event = adt_alloc_event(ah, ADT_passwd)) == NULL)
++    {
++      syslog(LOG_AUTH | LOG_ALERT, "adt_alloc_event(ADT_passwd): %m");
++    } else {
++      if (adt_put_event(event,
++                        pam_status == PAM_SUCCESS ? ADT_SUCCESS : ADT_FAILURE,
++                        pam_status == PAM_SUCCESS ? ADT_SUCCESS
++                                                  : ADT_FAIL_PAM + pam_status)
++          != 0)
++        {
++          syslog(LOG_AUTH | LOG_ALERT, "adt_put_event(ADT_passwd(%s): %m",
++                 pam_strerror(NULL, pam_status));
++        }
++      adt_free_event(event);
++    }
++  (void) adt_end_session(ah);
++}
++#endif /* sun */
+ 
+ /**
+  * This function is the PAM conversation driver. It conducts a full
[email protected]@ -231,6 +354,12 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+     fprintf (stderr, "%s: pam_start (\"%s\", \"%s\", ...) ==> %d (%s)\n",
+              blurb(), service, si->user,
+              status, PAM_STRERROR (pamh, status));
++
++#ifdef __sun
++  if (audit_flag_global) /* We want one audit lock log per lock */
++    audit_lock ();
++#endif /**sun*/
++
+   if (status != PAM_SUCCESS) goto DONE;
+ 
+ #ifdef __sun
[email protected]@ -307,6 +436,14 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+ # endif /* HAVE_SIGTIMEDWAIT */
+   unblock_sigchld();
+ 
++#ifdef __sun
++  audit_unlock(pam_auth_status);
++  if (pam_auth_status == PAM_SUCCESS)
++    audit_flag_global = True;
++  else
++    audit_flag_global = False;
++#endif /*sun*/
++
+ #ifdef HAVE_XSCREENSAVER_LOCK
+   /* Send status message to unlock dialog */
+   if (pam_auth_status == PAM_SUCCESS)
[email protected]@ -354,7 +491,14 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+             write_to_child (si, "ul_acct_ok", PAM_STRERROR(pamh, acct_rc));
+         }
+       else
+-        write_to_child (si, "ul_acct_fail", PAM_STRERROR(pamh, acct_rc));
++        {
++#ifdef __sun
++          /* Only in failure of pam_acct_mgmt case we call audit */
++          audit_unlock (acct_rc);
++#endif /*sun*/
++
++          write_to_child (si, "ul_acct_fail", PAM_STRERROR(pamh, acct_rc));
++        }
+       if (verbose_p)
+         sleep (1);
+ #endif
[email protected]@ -383,6 +527,10 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+             fprintf (stderr, "%s: pam_chauthtok (...) ==> %d (%s)\n",
+                      blurb(), chauth_rc, PAM_STRERROR(pamh, chauth_rc));
+ 
++#ifdef __sun
++          audit_passwd (chauth_rc);
++#endif /* sun */
++
+           if (chauth_rc != PAM_SUCCESS)
+             {
+               pam_auth_status = chauth_rc;
[email protected]@ -419,7 +567,13 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+             write_to_child (si, "ul_setcred_ok", PAM_STRERROR(pamh, setcred_rc));
+         }
+       else
+-        write_to_child (si, "ul_setcred_fail", PAM_STRERROR(pamh, setcred_rc));
++        {
++#ifdef __sun
++          /* Only in failure of pam_setcred() case we call audit. */
++          audit_unlock (setcred_rc);
++#endif /*sun*/
++          write_to_child (si, "ul_setcred_fail", PAM_STRERROR(pamh, setcred_rc));
++        }
+       if (verbose_p)
+         sleep (1);
+ #endif
+diff --git a/driver/passwd.c b/driver/passwd.c
+--- a/driver/passwd.c
++++ b/driver/passwd.c
[email protected]@ -79,9 +79,11 @@ extern void pam_try_unlock (saver_info *si, Bool verbose_p,
+ extern Bool ext_priv_init (int argc, char **argv, Bool verbose_p);
+ extern Bool ext_passwd_valid_p (const char *typed_passwd, Bool verbose_p);
+ #endif
++#ifndef __sun /* Only use PAM on Solaris, not direct getpwent */
+ extern Bool pwent_lock_init (int argc, char **argv, Bool verbose_p);
+ extern Bool pwent_priv_init (int argc, char **argv, Bool verbose_p);
+ extern Bool pwent_passwd_valid_p (const char *typed_passwd, Bool verbose_p);
++#endif
+ 
+ Bool lock_priv_init (int argc, char **argv, Bool verbose_p);
+ Bool lock_init (int argc, char **argv, Bool verbose_p);
[email protected]@ -105,8 +107,10 @@ struct auth_methods methods[] = {
+   { "external",		0, ext_priv_init, ext_passwd_valid_p, 0,
+   			False, False },
+ # endif
++# ifndef __sun /* Only use PAM on Solaris, not direct getpwent */
+   { "normal",           pwent_lock_init, pwent_priv_init, pwent_passwd_valid_p, 0,
+                         False, False }
++# endif
+ };
+ 
+ 
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/12-barcode-hack.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,389 @@
+Replace words that may disturb easily-offended users or easily-worried lawyers
+with those that may entertain the easily-amused Sun engineer who had to edit
+the list.
+
+Do not remove unless you've gotten approval to ship with R-rated language
+randomly displayed on screen.   (While you could argue that out of context
+some of these words are, for instance, another name for a rooster or a cat,
+it's harder to argue when the context they're displayed in may include words
+like "boobies", "vibrator" and "Viagra".)
+
+Unlikely to be accepted upstream.
+---
+ hacks/barcode.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 113 insertions(+), 14 deletions(-)
+
+diff --git a/hacks/barcode.c b/hacks/barcode.c
+index d659216..b883c67 100644
+--- a/hacks/barcode.c
++++ b/hacks/barcode.c
[email protected]@ -102,44 +102,66 @@ static const char *words[] =
+   "addiction",
+   "alertness",
+   "Algeria",
++  "Amber Road",
+   "anxiety",
+   "aorta",
+   "argyle socks",
+   "attrition",
++  "automagic",
+   "axis of evil",
+   "bamboo",
++  "banana slug",
+   "bangle",
+   "bankruptcy",
+   "baptism",
++  "barrelmaker",
+   "beer",
+   "bellicosity",
+   "bells",
+   "belly",
++  "Beowawe",
++  "Berkeley",
++  "BFU",
++  "Bleaklow",
+   "bliss",
+   "bogosity",
+-  "boobies",
+-  "boobs",
++  "bolthole",
++  "Boole House",
++  "boomer",
+   "booty",
+   "bread",
++  "brickify",
++  "browncoat",
+   "bubba",
+   "burrito",
++  "caiman",
+   "California",
+   "capybara",
+   "cardinality",
+   "caribou",
+   "carnage",
++  "Chicago",
+   "children",
++  "chime",
+   "chocolate",
++  "chupacabra",
++  "cinnabar",
++  "Clear View",
+   "CLONE",
+-  "cock",
++  "Colorado",
++  "Complete.",
+   "constriction",
+   "contrition",
+   "cop",
++  "corona",
+   "corpse",
+   "cowboy",
+   "crabapple",
+   "craziness",
++  "crossbow",
+   "cthulhu",
++  "cuddle",
++  "cuddletech",
+   "Death",
+   "decepticon",
+   "deception",
[email protected]@ -148,22 +170,31 @@ static const char *words[] =
+   "decoy",
+   "defenestration",
+   "democracy",
++  "dendrite",
+   "dependency",
+   "despair",
+   "desperation",
+   "disease",
+   "disease",
+   "doberman",
++  "dot com",
+   "DOOM",
+-  "dreams",
++  "DREAM",
+   "dreams",
+   "drugs",
++  "Duckwater",
++  "duraflame",
+   "easy",
+   "ebony",
++  "ecoresponsibility",
+   "election",
+   "eloquence",
++  "Elko",
++  "Ely",
++  "embiggen",
+   "emergency",
+   "eureka",
++  "every city",
+   "excommunication",
+   "fat",
+   "fatherland",
[email protected]@ -171,18 +202,29 @@ static const char *words[] =
+   "fear",
+   "fever",
+   "filth",
++  "fishworks",
++  "flask",
+   "flatulence",
+   "fluff",
+   "fnord",
++  "FOX",
++  "frak",
+   "freedom",
+   "fruit",
+-  "fruit",
++  "fugu",
+   "futility",
++  "galaxy",
++  "genunix",
+   "gerbils",
+-  "GOD",
++  "Gerlach",
+   "goggles",
+   "goobers",
+   "gorilla",
++  "greenline",
++  "green violet",
++  "grok",
++  "grub",
++  "Groom Lake",
+   "halibut",
+   "handmaid",
+   "happiness",
[email protected]@ -193,23 +235,31 @@ static const char *words[] =
+   "heroin",
+   "heroine",
+   "hope",
++  "honeycomb",
+   "hysteria",
++  "Ichthyosaur",
+   "icepick",
+   "identity",
+   "ignorance",
++  "illumonati",
+   "importance",
++  "Indiana",
+   "individuality",
+   "inkling",
+   "insurrection",
+   "intoxicant",
+   "ire",
+   "irritant",
++  "iwashi",
+   "jade",
+   "jaundice",
++  "Jet",
+   "Joyce",
++  "Jupiter",
+   "kidney stone",
+   "kitchenette",
+   "kiwi",
++  "Lahontan",
+   "lathe",
+   "lattice",
+   "lawyer",
[email protected]@ -218,32 +268,49 @@ static const char *words[] =
+   "lobbyist",
+   "love",
+   "lozenge",
++  "Lund",
++  "Mad Hatter",
+   "magazine",
+   "magnesium",
+   "malfunction",
++  "Marrakesh",
++  "Mars",
+   "marmot",
+   "marshmallow",
++  "McGill",
++  "Menlo Park",
++  "mercurial",
+   "merit",
+   "merkin",
+   "mescaline",
+   "milk",
+   "mischief",
+   "mistrust",
++  "Moapa",
+   "money",
+   "monkey",
+   "monkeybutter",
++  "Muskoka",
++  "mustang",
+   "nationalism",
+   "nature",
++  "Nevada",
++  "newt",
++  "Niagara",
+   "neuron",
+   "noise",
+   "nomenclature",
+   "nutria",
+   "OBEY",
+   "ocelot",
++  "oracle",
+   "offspring",
+   "overseer",
++  "Pahrump",
+   "pain",
+   "pajamas",
++  "panic",
++  "paravon",
+   "passenger",
+   "passion",
+   "Passover",
[email protected]@ -253,19 +320,21 @@ static const char *words[] =
+   "petticoat",
+   "pharmacist",
+   "PhD",
++  "pinenut",
++  "Pioche",
+   "pitchfork",
+   "plague",
+   "Poindexter",
+   "politician",
+   "pony",
++  "ponytail",
+   "presidency",
+   "prison",
+   "prophecy",
+-  "Prozac",
+   "punishment",
+   "punk rock",
+   "punk",
+-  "pussy",
++  "quahog",
+   "quagmire",
+   "quarantine",
+   "quartz",
[email protected]@ -274,13 +343,18 @@ static const char *words[] =
+   "rage",
+   "readout",
+   "reality",
+-  "rectum",
++  "register",
+   "reject",
+   "rejection",
++  "Reno",
+   "respect",
+   "revolution",
+   "roadrunner",
++  "rock",
+   "rule",
++  "sagebrush",
++  "Santa Clara",
++  "Santa Cruz",
+   "savor",
+   "scab",
+   "scalar",
[email protected]@ -289,25 +363,36 @@ static const char *words[] =
+   "security",
+   "sediment",
+   "self worth",
++  "shiny",
+   "sickness",
++  "sierra",
+   "silicone",
++  "Sirius",
+   "slack",
+   "slander",
+   "slavery",
+   "sledgehammer",
+-  "smegma",
+   "smelly socks",
++  "soda",
++  "solder",
++  "Sonoma",
++  "songbird",
+   "sorrow",
+   "space program",
++  "Sparks",
+   "stamen",
+   "standardization",
+   "stench",
++  "stilt",
+   "subculture",
+   "subversion",
++  "sun",
+   "suffering",
+   "surrender",
+   "surveillance",
+   "synthesis",
++  "tamarack",
++  "Tahoe",
+   "television",
+   "tenant",
+   "tendril",
[email protected]@ -315,17 +400,27 @@ static const char *words[] =
+   "terrorism",
+   "terrorist",
+   "the impossible",
++  "the possimpible",
+   "the unknown",
++  "thumper",
++  "tiger",
++  "tonic",
+   "toast",
++  "Tonopah",
+   "topography",
+   "truism",
++  "truthiness",
++  "Tsinghua",
+   "turgid",
++  "uisce",
++  "unbreakable",
+   "underbrush",
+   "underling",
+   "unguent",
+   "unusual",
+   "uplink",
+   "urge",
++  "Utah",
+   "valor",
+   "variance",
+   "vaudeville",
[email protected]@ -333,8 +428,7 @@ static const char *words[] =
+   "vegetarian",
+   "venom",
+   "verifiability",
+-  "viagra",
+-  "vibrator",
++  "vermillion",
+   "victim",
+   "vignette",
+   "villainy",
[email protected]@ -344,25 +438,30 @@ static const char *words[] =
+   "warehouse",
+   "waste",
+   "waveform",
++  "Wendover",
+   "whiffle ball",
+   "whorl",
+   "windmill",
++  "Winchester",
+   "words",
+   "worm",
+   "worship",
+   "worship",
+-  "Xanax",
++  "Wyoming",
+   "Xerxes",
+   "Xhosa",
+   "xylophone",
+   "yellow",
++  "Yerington",
+   "yesterday",
+   "your nose",
+   "Zanzibar",
+   "zeal",
+   "zebra",
+   "zest",
+-  "zinc"
++  "zettabyte",
++  "zinc",
++  "Zulu"
+ };
+ 
+ #define WORD_COUNT (sizeof(words) / sizeof(char *))
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/13-glsnake.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,73 @@
+Remove models whose name and/or shape are in poor taste.
+
+Do not remove unless you've gotten approval to ship with NSFW
+images & language randomly displayed on screen.
+
+Unlikely to be accepted upstream.
+---
+ hacks/glx/glsnake.c |   31 -------------------------------
+ 1 files changed, 0 insertions(+), 31 deletions(-)
+
+diff --git a/hacks/glx/glsnake.c b/hacks/glx/glsnake.c
+--- a/hacks/glx/glsnake.c
++++ b/hacks/glx/glsnake.c
[email protected]@ -535,11 +535,6 @@ static const struct model_s model[] = {
+ 	PIN, ZERO, RIGHT, RIGHT, ZERO, PIN, PIN, ZERO, PIN, PIN, ZERO,
+ 	RIGHT, ZERO }
+     },
+-    { "k's turd",
+-      { RIGHT, RIGHT, PIN, RIGHT, LEFT, RIGHT, PIN, RIGHT, LEFT,
+-	RIGHT, PIN, RIGHT, LEFT, RIGHT, PIN, RIGHT, LEFT, RIGHT, PIN,
+-	RIGHT, LEFT, RIGHT, PIN, ZERO }
+-    },
+     { "lightsabre",
+       { ZERO, ZERO, ZERO, ZERO, ZERO, PIN, PIN, ZERO, ZERO, ZERO, ZERO,
+ 	ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO,
[email protected]@ -560,26 +555,6 @@ static const struct model_s model[] = {
+ 	ZERO, PIN, ZERO, ZERO, ZERO, ZERO, PIN, ZERO, ZERO, ZERO, ZERO,
+ 	ZERO, ZERO, ZERO }
+     },
+-    { "kissy box",
+-      { PIN, ZERO, ZERO, ZERO, PIN, ZERO, ZERO, ZERO, ZERO, ZERO,
+-	ZERO, PIN, ZERO, ZERO, ZERO, ZERO, PIN, ZERO, ZERO, ZERO, ZERO,
+-	ZERO, PIN, ZERO }
+-    },
+-    { "erect penis",     /* thanks benno */
+-      { PIN, ZERO, PIN, PIN, ZERO, ZERO, PIN, ZERO, ZERO, ZERO, PIN,
+-	PIN, ZERO, ZERO, ZERO, RIGHT, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO,
+-	ZERO, ZERO }
+-    },
+-    { "flaccid penis",
+-      { PIN, ZERO, PIN, PIN, ZERO, ZERO, PIN, ZERO, ZERO, ZERO, PIN,
+-	PIN, ZERO, ZERO, ZERO, RIGHT, PIN, ZERO, ZERO, ZERO, ZERO, ZERO,
+-	ZERO, ZERO }
+-    },
+-    { "vagina",
+-      { RIGHT, ZERO, ZERO, ZERO, RIGHT, ZERO, ZERO, PIN, ZERO, ZERO,
+-	LEFT, ZERO, ZERO, ZERO, LEFT, ZERO, LEFT, PIN, LEFT, PIN, RIGHT,
+-	PIN, RIGHT, ZERO }
+-    },
+     { "mask",
+       { ZERO, RIGHT, LEFT, PIN, RIGHT, RIGHT, PIN, ZERO, ZERO, PIN,
+ 	ZERO, ZERO, PIN, ZERO, PIN, ZERO, PIN, ZERO, ZERO, PIN, ZERO,
[email protected]@ -684,9 +659,6 @@ static const struct model_s model[] = {
+     { "Bow",
+         { LEFT, LEFT, LEFT, RIGHT, LEFT, RIGHT, RIGHT, RIGHT, LEFT, LEFT, LEFT, RIGHT, LEFT, RIGHT, RIGHT, RIGHT, LEFT, LEFT, LEFT, RIGHT, LEFT, RIGHT, RIGHT , ZERO }
+     },
+-    { "bra",
+-        { RIGHT, RIGHT, LEFT, LEFT, RIGHT, LEFT, RIGHT, RIGHT, LEFT, LEFT, LEFT, RIGHT, RIGHT, RIGHT, LEFT, LEFT, RIGHT, LEFT, RIGHT, RIGHT, LEFT, LEFT, LEFT , ZERO }
+-    },
+     { "bronchosaurus",
+         { ZERO, PIN, ZERO, PIN, PIN, ZERO, PIN, ZERO, ZERO, PIN, ZERO, PIN, PIN, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, ZERO, PIN , ZERO }
+     },
[email protected]@ -995,9 +967,6 @@ static const struct model_s model[] = {
+     { "Parrot",
+         { ZERO, ZERO, ZERO, ZERO, RIGHT, RIGHT, ZERO, LEFT, PIN, RIGHT, ZERO, RIGHT, ZERO, RIGHT, ZERO, RIGHT, PIN, LEFT, ZERO, RIGHT, LEFT, ZERO, PIN, ZERO }
+     },
+-    { "Penis",
+-        { PIN, PIN, RIGHT, ZERO, PIN, PIN, ZERO, PIN, ZERO, ZERO, RIGHT, PIN, LEFT, ZERO, ZERO, PIN, ZERO, PIN, PIN, ZERO, LEFT, PIN, PIN, ZERO }
+-    },
+     { "PictureComingSoon",
+         { LEFT, LEFT, ZERO, RIGHT, LEFT, PIN, RIGHT, RIGHT, PIN, RIGHT, LEFT, PIN, LEFT, RIGHT, PIN, RIGHT, RIGHT, PIN, RIGHT, LEFT, ZERO, RIGHT, RIGHT, ZERO }
+     },
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/14-bug-15426641.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,26 @@
+15426641 SUNBT6610282 On-Screen Keyboard application and desktop shown
+	 	      without unlocking xscreensaver lock screen
+
+Upstream status unknown - suspect to be specific to our GTK unlock dialog.
+---
+ driver/xscreensaver.c |    7 +++++++
+ 1 files changed, 7 insertions(+), 0 deletions(-)
+
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -420,7 +420,14 @@ saver_ehandler (Display *dpy, XErrorEvent *error)
+    "\n"
+    "\n");
+ 
++/**
++  6610282(P1) On-Screen Keyboard application and desktop shown
++         with out unlocking xscreensaver lock screen
++  The screen is still locked and it needs to cover all conditions,
++  including AT services, such as GOK, only GOK-COMPOSE should
++  be supported(others should not), there is no need to invoke
+ 	  saver_exit (si, -1, 0);
++**/
+ 	}
+     }
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/15-bug-15411287.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,26 @@
+15411287 SUNBT6583181 SCREENSAVER_STATUS needs to be set up correctly at startup
+
+Upstream applicability & status unknown.
+---
+ driver/xscreensaver.c |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -1577,6 +1577,7 @@ main (int argc, char **argv)
+       if (ssi->real_screen_p)
+         if (ensure_no_screensaver_running (si->dpy, si->screens[i].screen))
+           exit (1);
++      ssi->current_hack = -1; /* otherwise initialize hacks to no hack */
+     }
+ 
+   lock_initialization (si, &argc, argv);
[email protected]@ -1611,6 +1612,7 @@ main (int argc, char **argv)
+ 
+   make_splash_dialog (si);
+ 
++  store_saver_status(si); /* set window property for SCREENSAVER_STATUS */
+   main_loop (si);		/* doesn't return */
+   return 0;
+ }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/16-bug-15412661.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,26 @@
+15412661 SUNBT6585644 xscreensaver can cause KeyPress event loop between
+	 	      itself and xscreensaver-lock.
+
+Upstream status unknown - suspect to be specific to our GTK unlock dialog.
+---
+ driver/timers.c |    7 +++++++
+ 1 files changed, 7 insertions(+), 0 deletions(-)
+
+diff --git a/driver/timers.c b/driver/timers.c
+--- a/driver/timers.c
++++ b/driver/timers.c
[email protected]@ -131,6 +131,13 @@ notice_events (saver_info *si, Window window, Bool top_p)
+   unsigned int nkids;
+   int screen_no;
+ 
++  if ((si->pw_data->got_windowid) && (window == si->passwd_dialog))
++    {
++      if (p->verbose_p)
++	fprintf (stderr, "--> notice_events() breaking out of loop!\n");
++      return;
++    }
++
+   if (XtWindowToWidget (si->dpy, window))
+     /* If it's one of ours, don't mess up its event mask. */
+     return;
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/17-bug-15411306.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,19 @@
+15411306 SUNBT6583247 JDS session is accessible for a while before
+	 	      xscreensaver lock is displayed on hotdesking
+
+Upstream applicability & status unknown.
+---
+ driver/windows.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/driver/windows.c b/driver/windows.c
+--- a/driver/windows.c
++++ b/driver/windows.c
[email protected]@ -1580,6 +1580,7 @@ raise_window (saver_info *si,
+ 	  if (!dont_clear || ssi->stderr_overlay_window)
+ 	    clear_stderr (ssi);
+ 	  XMapRaised (si->dpy, ssi->screensaver_window);
++	  XSync(si->dpy,False); /* make sure window is raised now. */
+ #ifdef HAVE_MIT_SAVER_EXTENSION
+ 	  if (ssi->server_mit_saver_window &&
+ 	      window_exists_p (si->dpy, ssi->server_mit_saver_window))
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/18-bug-15141135.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,28 @@
+15141135 SUNBT4802301 xscreensaver should not tell root to "xhost +localhost"
+
+Upstream's opinion differs from our requirements here.
+---
+ driver/demo-Gtk.c |   11 +----------
+ 1 files changed, 1 insertions(+), 10 deletions(-)
+
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
[email protected]@ -1058,16 +1058,7 @@ await_xscreensaver (state *s)
+         strcat (buf, STFU
+ 	  _("You are running as root.  This usually means that xscreensaver\n"
+             "was unable to contact your X server because access control is\n"
+-            "turned on.  Try running this command:\n"
+-            "\n"
+-            "                        xhost +localhost\n"
+-            "\n"
+-            "and then selecting `File / Restart Daemon'.\n"
+-            "\n"
+-            "Note that turning off access control will allow anyone logged\n"
+-            "on to this machine to access your screen, which might be\n"
+-            "considered a security problem.  Please read the xscreensaver\n"
+-            "manual and FAQ for more information.\n"
++            "turned on.\n"
+             "\n"
+             "You shouldn't run X as root. Instead, you should log in as a\n"
+             "normal user, and `su' as necessary."));
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/19-bug-15574928.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,32 @@
+Bug 15574928 - SUNBT6859039
+
+Upstream applicability & status unknown.
+---
+ driver/prefs.c |   14 ++++++++++++++
+ 1 files changed, 14 insertions(+), 0 deletions(-)
+
+diff --git a/driver/prefs.c b/driver/prefs.c
+--- a/driver/prefs.c
++++ b/driver/prefs.c
[email protected]@ -378,7 +378,21 @@ parse_init_file (saver_preferences *p)
+       return 0;
+     }
+ 
++  /*
++   * 6859039: unprivileged local users can use xscreensaver to show
++   * contents of files they don't have permission to read.
++   */
++
++  /* Drop Privilege before opening .xscreensaver file */
++  uid_t idorg = geteuid ();
++  if (seteuid (getuid ()) != 0)
++    return 0;
++
+   in = fopen(name, "r");
++
++  /* Restore Privilege */
++  seteuid (idorg);
++
+   if (!in)
+     {
+       char *buf = (char *) malloc(1024 + strlen(name));
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/20-bug-15652522.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,18 @@
+15652522 SUNBT6964562 xscreensaver dumps core whenever it unlocks in svn-142
+
+Upstream status unknown - suspect to be specific to our GTK unlock dialog.
+---
+ driver/lock.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/driver/lock.c b/driver/lock.c
+--- a/driver/lock.c
++++ b/driver/lock.c
[email protected]@ -3092,7 +3092,7 @@ auth_finished_cb (saver_info *si)
+   }
+ 
+  END:
+-  if (si->pw_data)
++  if (si->pw_data && si->pw_data->prompt_screen)
+     destroy_passwd_window (si);
+ }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/21-verbose.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,43 @@
+Bug 16559 - xscreensaver shows extra messages
+https://defect.opensolaris.org/bz/show_bug.cgi?id=16559
+
+Make messages that annoy users only appear when verbose is set.
+(Upstream wasn't showing these until we started capturing stderr.)
+---
+ driver/passwd.c |   12 +++++++++---
+ 1 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/driver/passwd.c b/driver/passwd.c
+--- a/driver/passwd.c
++++ b/driver/passwd.c
[email protected]@ -283,8 +283,11 @@ xss_authenticate(saver_info *si, Bool verbose_p)
+           si->cached_passwd &&
+           !*si->cached_passwd)
+         {
+-          fprintf (stderr, "%s: assuming null password means cancel.\n",
+-                   blurb());
++          if (verbose_p)
++            {
++              fprintf (stderr, "%s: assuming null password means cancel.\n",
++                       blurb());
++            }
+           si->unlock_state = ul_cancel;
+         }
+ 
[email protected]@ -313,11 +316,14 @@ xss_authenticate(saver_info *si, Bool verbose_p)
+         {
+           /* If any auth method gets a cancel or timeout, don't try the
+              next auth method!  We're done! */
+-          fprintf (stderr,
++          if (verbose_p)
++            {
++              fprintf (stderr,
+                    "%s: authentication via %s %s.\n",
+                        blurb(), methods[i].name,
+                    (si->unlock_state == ul_cancel
+                     ? "cancelled" : "timed out"));
++            }
+           goto DONE;
+         }
+     }
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/22-bug-15706879.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,48 @@
+15706879 SUNBT7033508 Xscreensaver "Black Screen Only" module shows
+	 	      portions of display when session is locked
+
+Upstream applicability & status unknown.
+---
+ driver/lock.c         |    4 ++--
+ driver/xscreensaver.c |    1 -
+ 2 files changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/driver/lock.c b/driver/lock.c
+--- a/driver/lock.c
++++ b/driver/lock.c
[email protected]@ -918,6 +918,7 @@ new_passwd_window (saver_info *si)
+                blurb(), pw->prompt_screen->number);
+   }
+ 
++#ifdef CR7033508
+   /* Before mapping the window, save a pixmap of the current screen.
+      When we lower the window, we restore these bits.  This works,
+      because the running screenhack has already been sent SIGSTOP, so
[email protected]@ -939,6 +940,7 @@ new_passwd_window (saver_info *si)
+ 	       0, 0);
+     XFreeGC (si->dpy, gc);
+   }
++#endif /*CR7033508*/
+ 
+   si->pw_data = pw;
+   return 0;
[email protected]@ -3108,8 +3110,6 @@ unlock_p (saver_info *si)
+       return False;
+     }
+ 
+-  raise_window (si, True, True, True);
+-
+   xss_authenticate(si, p->verbose_p);
+ 
+   return (si->unlock_state == ul_success);
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
[email protected]@ -1276,7 +1276,6 @@ main_loop (saver_info *si)
+       for (i = 0; i < si->nscreens; i++)
+         kill_screenhack (&si->screens[i]);
+ 
+-      raise_window (si, True, True, False);
+       if (si->throttled_p || getuid () == 0)
+         fprintf (stderr, "%s: not launching hack (throttled.)\n", blurb());
+       else
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/23-bug-15769303.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,364 @@
+15769303 SUNBT7136531 xscreensaver incorrectly processes PAM_ERROR_MSG
+	 	      and possibly PAM_TEXT_INFO
+
+Displayed PAM_ERROR_MSG and PAM_TEXT_INFO at Locked screen with Dismiss
+button.  After reading message, user can click Dismiss button or press
+Enter to close the Locked Screen.
+
+Upstream applicability & status unknown.
+---
+ driver/lock-Gtk.c   |   49 ++++++++++++++++++++++--------
+ driver/lock.c       |   49 +++++++++++++++++++++++++------
+ driver/passwd-pam.c |   81 +++++++++++++++++++++++++++++++++++++++++++++++---
+ 3 files changed, 152 insertions(+), 27 deletions(-)
+
+diff --git a/driver/lock-Gtk.c b/driver/lock-Gtk.c
+--- a/driver/lock-Gtk.c
++++ b/driver/lock-Gtk.c
[email protected]@ -392,11 +392,13 @@ make_dialog (gboolean center_pos)
+                        NULL);
+ 
+   /* Ok button */
+-  button = gtk_button_new_from_stock (GTK_STOCK_OK);
++  button = g_object_new (GTK_TYPE_BUTTON, "visible", FALSE, "label",
++                         "Dismiss",  "can_focus", TRUE, NULL) ;
+   pwd->button = button;
+ 
+   gtk_box_pack_end (GTK_BOX (bbox), button,
+                     FALSE, TRUE, 0);
++  gtk_box_pack_start (GTK_BOX (vbox2), bbox, FALSE, FALSE, 0);
+ 
+   free (user);
+   free (version);
[email protected]@ -415,18 +417,26 @@ ok_clicked_cb (GtkWidget *button, PasswdDialog *pwd)
+ {
+   const char *s;
+ 
+-  g_object_set (pwd->msg_label, "label", _("<b>Checking...</b>"), NULL);
++  if (GTK_IS_BUTTON (button) && gtk_widget_get_visible (button)) /* Is it Dismiss Dialog Box */
++    {
++      write_to_parent ("dismiss", "true", TRUE);
++      gtk_widget_hide (button);
++    }
++  else
++    {
++      g_object_set (pwd->msg_label, "label", _("<b>Checking...</b>"), NULL);
+ 
+-  s = gtk_entry_get_text (GTK_ENTRY (pwd->user_input_entry));
+-  write_to_parent ("input", s, TRUE);
++      s = gtk_entry_get_text (GTK_ENTRY (pwd->user_input_entry));
++      write_to_parent ("input", s, TRUE);
+ 
+-  /* Reset password field to blank, else passwd field shows old passwd *'s,
+-     visible when passwd is expired, and pam is walking the user to change
+-     old passwd.
+-   */
+-  gtk_editable_delete_text (GTK_EDITABLE (pwd->user_input_entry), 0, -1);
+-  gtk_widget_hide (pwd->user_input_entry);
+-  gtk_widget_hide (pwd->user_prompt_label);
++      /* Reset password field to blank, else passwd field shows old passwd *'s,
++         visible when passwd is expired, and pam is walking the user to change
++         old passwd.
++       */
++      gtk_editable_delete_text (GTK_EDITABLE (pwd->user_input_entry), 0, -1);
++      gtk_widget_hide (pwd->user_input_entry);
++      gtk_widget_hide (pwd->user_prompt_label);
++    }
+ }
+ 
+ static void
[email protected]@ -443,6 +453,10 @@ connect_signals (PasswdDialog *pwd)
+   g_signal_connect (pwd->dialog, "delete-event",
+                     G_CALLBACK (gtk_main_quit),
+                     NULL);
++
++  g_signal_connect (pwd->button, "button-press-event",
++                    G_CALLBACK (ok_clicked_cb),
++                    pwd);
+ }
+ 
+ static GdkFilterReturn
[email protected]@ -559,6 +573,7 @@ handle_input (GIOChannel *source, GIOCondition cond, gpointer data)
+             {
+               gtk_label_set_text (GTK_LABEL (pwd->user_prompt_label), msgstr);
+               gtk_widget_show (pwd->user_prompt_label);
++              gtk_widget_hide (pwd->button);
+               msgstr = NULL; /* clear message so we don't show it twice */
+             }
+           else if ((strcmp (str, "ul_prompt_echo") == 0))
[email protected]@ -593,6 +608,14 @@ handle_input (GIOChannel *source, GIOCondition cond, gpointer data)
+             {
+               hmsg = NULL; /* only show msg */
+             }
++          else if ((strcmp (str, "ul_pam_msg") == 0))
++            {
++              GTK_WIDGET_SET_FLAGS (pwd->button,GTK_CAN_DEFAULT);
++              gtk_widget_show (pwd->button);
++              gtk_widget_grab_default (pwd->button);
++              gtk_widget_grab_focus (pwd->button);
++              hmsg = NULL; /* only show msg */
++            }
+           else
+             {
+               /* Should not be others, but if so just show it */
+diff --git a/driver/lock.c b/driver/lock.c
+--- a/driver/lock.c
++++ b/driver/lock.c
[email protected]@ -437,6 +437,10 @@ handle_passwd_input (XtPointer xtdata, int *fd, XtInputId *id)
+       pw->passwd_string = strdup (data);
+       memset (data, 0, strlen(data));
+     }
++  else if ((strcmp(msg, "dismiss") == 0)) /* Dismiss Dialog */
++    {
++      si->unlock_state = ul_finished;
++    }
+   else if ((strcmp(msg, "ungrab_keyboard") == 0))
+     {
+       /* An accessibility helper needs to access the keyboard, so we have
[email protected]@ -514,7 +518,7 @@ handle_passwd_input (XtPointer xtdata, int *fd, XtInputId *id)
+               si->num_typeahead_events = 0;
+             }
+           XGrabKeyboard (si->dpy, window, True, GrabModeAsync, GrabModeAsync, CurrentTime);
+-          XGrabPointer (si->dpy, window, True, 0, GrabModeAsync, GrabModeAsync, None, None, CurrentTime);
++          XGrabPointer (si->dpy, window, True, ButtonPressMask, GrabModeAsync, GrabModeAsync, None, None, CurrentTime);
+           XFlush (si->dpy);
+           XSetInputFocus (si->dpy, window, RevertToPointerRoot, CurrentTime);
+           XSync (si->dpy, False);
[email protected]@ -957,7 +961,7 @@ static int
+ make_passwd_window (saver_info *si,
+ 		    const char *info_msg,
+ 		    const char *prompt,
+-		    Bool echo)
++		    Bool echo, Bool dismissDialog)
+ {
+ #ifndef HAVE_XSCREENSAVER_LOCK
+   XSetWindowAttributes attrs;
[email protected]@ -1006,7 +1010,7 @@ make_passwd_window (saver_info *si,
+     }
+ 
+   if (info_msg)
+-    write_to_child (si, "ul_message", info_msg);
++    write_to_child (si,  dismissDialog ? "ul_pam_msg" : "ul_message", info_msg);
+   if (prompt)
+     {
+       write_to_child (si, "ul_pamprompt", prompt);
[email protected]@ -2709,8 +2713,22 @@ passwd_event_loop (saver_info *si)
+           handle_passwd_key (si, &event.x_event.xkey);
+           si->pw_data->caps_p = (event.x_event.xkey.state & LockMask);
+         }
+-#ifndef HAVE_XSCREENSAVER_LOCK
+-      else if (event.x_event.xany.type == ButtonPress || 
++#ifdef HAVE_XSCREENSAVER_LOCK
++      else if ( event.x_event.xany.type == ButtonPress)
++        {
++          Bool status;
++          status= safe_XSendEvent (si->dpy, si->passwd_dialog,
++                                   False, ButtonPressMask,  &event);
++          if (si->prefs.verbose_p)
++            {
++              if (status)
++                fprintf (stderr, "sent Button Press...\n");
++              else
++                fprintf (stderr, "error %d  Button Press...\n", status);
++            }
++        }
++#else
++      else if (event.x_event.xany.type == ButtonPress ||
+                event.x_event.xany.type == ButtonRelease)
+ 	{
+ 	  si->pw_data->button_state_changed_p = True;
[email protected]@ -2925,6 +2943,8 @@ gui_auth_conv(int num_msg,
+   const char *info_msg, *prompt;
+   struct auth_response *responses;
+ 
++  Bool dismissDialog = False;
++
+   if (si->unlock_state == ul_cancel ||
+       si->unlock_state == ul_time)
+     /* If we've already cancelled or timed out in this PAM conversation,
[email protected]@ -2965,9 +2985,14 @@ gui_auth_conv(int num_msg,
+ 	info_msg_trimmed = remove_trailing_whitespace(info_msg);
+ 	prompt_trimmed = remove_trailing_whitespace(prompt);
+ 
++        if( info_msg_trimmed != NULL &&  prompt_trimmed == NULL )
++            dismissDialog = True;
++        else
++            dismissDialog = False;
++
+ 	if (make_passwd_window(si, info_msg_trimmed, prompt_trimmed,
+                                auth_msgs[i].type == AUTH_MSGTYPE_PROMPT_ECHO
+-                               ? True : False)
++                               ? True : False, dismissDialog)
+             < 0)
+           goto fail;
+ 
[email protected]@ -2989,6 +3014,9 @@ gui_auth_conv(int num_msg,
+       handle_typeahead (si);
+       passwd_event_loop (si);
+ 
++      if( dismissDialog )
++          goto fail; /* If it is DismissDialog, no response message */
++
+       if (si->unlock_state == ul_cancel)
+ 	goto fail;
+ 
[email protected]@ -3028,10 +3056,13 @@ fail:
+     {
+       for (i = 0; i < num_msg; ++i)
+ 	if (responses[i].response)
+-	  free (responses[i].response);
++          {
++            bzero(responses[i].response, strlen(responses[i].response));
++            free (responses[i].response);
++          }
+       free (responses);
+     }
+-
++  *resp = NULL;
+   return -1;
+ }
+ 
[email protected]@ -3067,7 +3098,7 @@ auth_finished_cb (saver_info *si)
+   else						/* good, with no failures, */
+     goto END;					/* or timeout, or cancel. */
+ 
+-  make_passwd_window (si, s, NULL, True);
++  make_passwd_window (si, s, NULL, True, False);
+   XSync (si->dpy, False);
+ 
+   {
+diff --git a/driver/passwd-pam.c b/driver/passwd-pam.c
+--- a/driver/passwd-pam.c
++++ b/driver/passwd-pam.c
[email protected]@ -540,7 +540,7 @@ pam_try_unlock(saver_info *si, Bool verbose_p,
+       else if (acct_rc != PAM_SUCCESS)
+         {
+           pam_auth_status = acct_rc;
+-          write_to_child (si, "pw_acct_fail", PAM_STRERROR(pamh, acct_rc));
++          write_to_child (si, "ul_acct_fail", PAM_STRERROR(pamh, acct_rc));
+           sleep (3);
+           goto DONE;
+         }
[email protected]@ -712,6 +712,7 @@ pam_conversation (int nmsgs,
+   struct pam_response *pam_responses;
+   saver_info *si = (saver_info *) vsaver_info;
+   Bool verbose_p;
++  size_t msg_len = 0;
+ 
+   /* On SunOS 5.6, the `closure' argument always comes in as random garbage. */
+   si = (saver_info *) suns_pam_implementation_blows;
[email protected]@ -727,6 +728,20 @@ pam_conversation (int nmsgs,
+    * pass along whatever was passed in here.
+    */
+ 
++  if (nmsgs >= PAM_MAX_NUM_MSG)
++    {
++      if (verbose_p)
++        {
++          fprintf (stderr, "Too many PAM messages "
++                  "%d >= %d\n", nmsgs, PAM_MAX_NUM_MSG);
++        }
++
++      syslog (LOG_AUTH | LOG_ERR, "Too many PAM messages "
++               "%d >= %d", nmsgs, PAM_MAX_NUM_MSG);
++      *resp = NULL;
++      return (PAM_CONV_ERR);
++    }
++
+   messages = calloc(nmsgs, sizeof(struct auth_message));
+   pam_responses = calloc(nmsgs, sizeof(*pam_responses));
+   
[email protected]@ -738,6 +753,34 @@ pam_conversation (int nmsgs,
+ 
+   for (i = 0; i < nmsgs; ++i)
+     {
++
++      if (msg[i]->msg == NULL)
++        {
++          if (verbose_p)
++            {
++              fprintf (stderr, "PAM message[%d] "
++                      "style %d NULL\n", i, msg[i]->msg_style);
++            }
++          syslog (LOG_AUTH | LOG_WARNING, "PAM message[%d] "
++                  "style %d NULL", i, msg[i]->msg_style);
++          goto end;
++        }
++
++        msg_len = strlen (msg[i]->msg);
++
++        if (msg_len > PAM_MAX_MSG_SIZE)
++          {
++            if (verbose_p)
++              {
++                fprintf (stderr, "PAM message[%d] "
++                        " style %d length %d too long\n",
++                        i, msg[i]->msg_style, msg_len);
++              }
++             syslog (LOG_AUTH | LOG_WARNING, "PAM message[%d] "
++                     "style %d length %d too long",i, msg[i]->msg_style, msg_len);
++             goto end;
++          }
++
+       if (verbose_p && i > 0) fprintf (stderr, ", ");
+ 
+       messages[i].msg = msg[i]->msg;
[email protected]@ -755,9 +798,16 @@ pam_conversation (int nmsgs,
+       case PAM_TEXT_INFO:       messages[i].type = AUTH_MSGTYPE_INFO;
+         if (verbose_p) fprintf (stderr, "TEXT_INFO");
+         break;
+-      default:                  messages[i].type = AUTH_MSGTYPE_PROMPT_ECHO;
+-        if (verbose_p) fprintf (stderr, "PROMPT_ECHO");
+-        break;
++      default:
++         if (verbose_p)
++           {
++             fprintf (stderr, "Invalid PAM "
++                     "message style %d\n", msg[i]->msg_style);
++           }
++          syslog (LOG_AUTH | LOG_WARNING, "Invalid PAM "
++                 "message style %d", msg[i]->msg_style);
++
++          goto end;
+       }
+ 
+       if (verbose_p) 
[email protected]@ -779,8 +829,28 @@ pam_conversation (int nmsgs,
+ 
+   if (ret == 0)
+     {
++      msg_len = 0;
+       for (i = 0; i < nmsgs; ++i)
+-	pam_responses[i].resp = authresp[i].response;
++      {
++        if (authresp[i].response)
++            msg_len = strlen (authresp[i].response);
++
++        if (msg_len > PAM_MAX_RESP_SIZE)
++          {
++            if (verbose_p)
++              {
++                fprintf (stderr, "PAM "
++                        "message[%d] style %d response %d too long\n",
++                        i, msg[i]->msg_style, msg_len);
++              }
++            syslog (LOG_AUTH | LOG_WARNING, "PAM "
++                    "message[%d] style %d response %d too long",
++                    i, msg[i]->msg_style, msg_len);
++            ret = -1;
++            goto end;
++          }
++        pam_responses[i].resp = authresp[i].response;
++      }
+     }
+ 
+ end:
[email protected]@ -804,6 +874,7 @@ end:
+     if (pam_responses)
+       free(pam_responses);
+ 
++    *resp == NULL;
+     return PAM_CONV_ERR;
+ }
+ 
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/24-bug-15772119.patch	Sun Jan 31 19:31:13 2016 -0800
@@ -0,0 +1,642 @@
+Bug 15772119 - SUNBT7144354 xscreensaver 5.15 fails to load image files
+
+ xscreensaver-getimage-file fails to load image files because 
+ LWP::Simple perl modules missing in Solaris. I have reverted  
+ xscreensaver-getimage-file to older version 1.27 for time being.
+ Already, RFE 15772127 is  filed to add the LWP perl modules to Solaris.
+
+Fixed upstream in a different form in a later release.
+
+---
+ driver/xscreensaver-getimage-file |  428 ++++---------------------------------
+ 1 files changed, 45 insertions(+), 383 deletions(-)
+
+diff --git a/driver/xscreensaver-getimage-file b/driver/xscreensaver-getimage-file
+--- a/driver/xscreensaver-getimage-file
++++ b/driver/xscreensaver-getimage-file
[email protected]@ -1,5 +1,5 @@
+-#!/usr/bin/perl -w
+-# Copyright  2001-2011 Jamie Zawinski <[email protected]>.
++#!/usr/perl5/bin/perl -w
++# Copyright  2001-2009 Jamie Zawinski <[email protected]>.
+ #
+ # Permission to use, copy, modify, distribute, and sell this software and its
+ # documentation for any purpose is hereby granted without fee, provided that
[email protected]@ -13,18 +13,12 @@
+ # prints its name.  The file will be an image file whose dimensions are
+ # larger than a certain minimum size.
+ #
+-# If the directory is a URL, it is assumed to be an RSS or Atom feed.
+-# The images from that feed will be downloaded, cached, and selected from
+-# at random.  The feed will be re-polled periodically, as needed.
+-#
+ # The various xscreensaver hacks that manipulate images ("jigsaw", etc.) get
+ # the image to manipulate by running the "xscreensaver-getimage" program.
+ #
+ # Under X11, the "xscreensaver-getimage" program invokes this script,
+ # depending on the value of the "chooseRandomImages" and "imageDirectory"
+ # settings in the ~/.xscreensaver file (or .../app-defaults/XScreenSaver).
+-# The screen savers invoke "xscreensaver-getimage" via utils/grabclient.c,
+-# which then invokes this script.
+ #
+ # Under Cocoa, this script lives inside the .saver bundle, and is invoked
+ # directly from utils/grabclient.c.
[email protected]@ -49,12 +43,8 @@ use bytes;  # Larry can take Unicode and shove it up his ass sideways.
+             # Perl 5.8.0 causes us to start getting incomprehensible
+             # errors about UTF-8 all over the place without this.
+ 
+-use Digest::MD5 qw(md5_base64);
+-use LWP::Simple qw($ua);
+-
+-
+ my $progname = $0; $progname =~ [email protected]*/@@g;
+-my $version = q{ $Revision: 1.30 $ }; $version =~ s/^[^0-9]+([0-9.]+).*$/$1/;
++my $version = q{ $Revision: 1.27 $ }; $version =~ s/^[^0-9]+([0-9.]+).*$/$1/;
+ 
+ my $verbose = 0;
+ 
[email protected]@ -74,10 +64,6 @@ my $cache_p = 1;
+ #
+ my $cache_max_age = 60 * 60 * 3;   # 3 hours
+ 
+-# Re-poll RSS/Atom feeds when local copy is older than this many seconds.
+-#
+-my $feed_max_age = $cache_max_age;
+-
+ 
+ # This matches files that we are allowed to use as images (case-insensitive.)
+ # Anything not matching this is ignored.  This is so you can point your
[email protected]@ -118,19 +104,18 @@ my $stat_count = 0;	    # number of files/dirs stat'ed
+ my $skip_count_unstat = 0;  # number of files skipped without stat'ing
+ my $skip_count_stat = 0;    # number of files skipped after stat
+ 
+-sub find_all_files($);
+-sub find_all_files($) {
++sub find_all_files {
+   my ($dir) = @_;
+ 
+   print STDERR "$progname:  + reading dir $dir/...\n" if ($verbose > 1);
+ 
+-  my $dd;
+-  if (! opendir ($dd, $dir)) {
++  local *DIR;
++  if (! opendir (DIR, $dir)) {
+     print STDERR "$progname: couldn't open $dir: $!\n" if ($verbose);
+     return;
+   }
+-  my @files = readdir ($dd);
+-  closedir ($dd);
++  my @files = readdir (DIR);
++  closedir (DIR);
+ 
+   my @dirs = ();
+ 
[email protected]@ -205,7 +190,7 @@ sub find_all_files($) {
+ }
+ 
+ 
+-sub spotlight_all_files($) {
++sub spotlight_all_files {
+   my ($dir) = @_;
+ 
+   my @terms = ();
[email protected]@ -235,7 +220,7 @@ sub spotlight_all_files($) {
+ # running at once, one will wait for the other, instead of both of
+ # them spanking the same file system at the same time.
+ #
+-my $cache_fd = undef;
++local *CACHE_FILE;
+ my $cache_file_name = undef;
+ my $read_cache_p = 0;
+ 
[email protected]@ -257,18 +242,18 @@ sub read_cache($) {
+     if ($verbose > 1);
+ 
+   my $file = $cache_file_name;
+-  open ($cache_fd, '+>>', $file) || error ("unable to write $file: $!");
+-  flock ($cache_fd, LOCK_EX)     || error ("unable to lock $file: $!");
+-  seek ($cache_fd, 0, 0)         || error ("unable to rewind $file: $!");
++  open (CACHE_FILE, "+>>$file") || error ("unable to write $file: $!");
++  flock (CACHE_FILE, LOCK_EX)   || error ("unable to lock $file: $!");
++  seek (CACHE_FILE, 0, 0)       || error ("unable to rewind $file: $!");
+ 
+-  my $mtime = (stat($cache_fd))[9];
++  my $mtime = (stat(CACHE_FILE))[9];
+ 
+   if ($mtime + $cache_max_age < time) {
+     print STDERR "$progname: cache is too old\n" if ($verbose);
+     return ();
+   }
+ 
+-  my $odir = <$cache_fd>;
++  my $odir = <CACHE_FILE>;
+   $odir =~ s/[\r\n]+$//s if defined ($odir);
+   if (!defined ($odir) || ($dir ne $odir)) {
+     print STDERR "$progname: cache is for $odir, not $dir\n"
[email protected]@ -277,7 +262,7 @@ sub read_cache($) {
+   }
+ 
+   my @files = ();
+-  while (<$cache_fd>) { 
++  while (<CACHE_FILE>) {
+     s/[\r\n]+$//s;
+     push @files, "$odir/$_";
+   }
[email protected]@ -300,17 +285,18 @@ sub write_cache($) {
+ 
+   if (! $read_cache_p) {
+ 
+-    truncate ($cache_fd, 0) ||
++    truncate (CACHE_FILE, 0) ||
+       error ("unable to truncate $cache_file_name: $!");
+-    seek ($cache_fd, 0, 0) ||
++    seek (CACHE_FILE, 0, 0) ||
+       error ("unable to rewind $cache_file_name: $!");
+ 
+     if ($#all_files >= 0) {
+-      print $cache_fd "$dir\n";
++      print CACHE_FILE "$dir\n";
++      my $re = qr/$dir/;
+       foreach (@all_files) {
+         my $f = $_; # stupid Perl. do this to avoid modifying @all_files!
+-        $f =~ [email protected]^\Q$dir\L/@@so || die;  # remove $dir from front
+-        print $cache_fd "$f\n";
++        $f =~ [email protected]^$re/@@so || die;
++        print CACHE_FILE "$f\n";
+       }
+     }
+ 
[email protected]@ -318,319 +304,17 @@ sub write_cache($) {
+       if ($verbose);
+   }
+ 
+-  flock ($cache_fd, LOCK_UN) ||
++  flock (CACHE_FILE, LOCK_UN) ||
+     error ("unable to unlock $cache_file_name: $!");
+-  close ($cache_fd);
+-  $cache_fd = undef;
+-}
+-
+-
+-# Returns a list of the image enclosures in the RSS or Atom feed.
+-# Elements of the list are references, [ "url", "guid" ].
+-#
+-sub parse_feed($) {
+-  my ($url) = @_;
+-
+-  $ua->agent ("$progname/$version");
+-  $ua->timeout (10);  # bail sooner than the default of 3 minutes
+-
+-  my $body = (LWP::Simple::get($url) || '');
+-
+-  error ("not an RSS or Atom feed: $url")
+-    unless ($body =~ [email protected]^<\?xml\[email protected]);
+-
+-  $body =~ [email protected](<ENTRY|<ITEM)@\[email protected];
+-  my @items = split(/\001/, $body);
+-  shift @items;
+-
+-  my @imgs = ();
+-  my %ids;
+-
+-  foreach my $item (@items) {
+-    my $iurl = undef;
+-    my $id = undef;
+-
+-    # First look for <link rel="enclosure" href="...">
+-    #
+-    if (! $iurl) {
+-      $item =~ s!(<LINK[^<>]*>)!{
+-        my $link = $1;
+-        my ($rel)  = ($link =~ m/\bREL\s*=\s*[\"\']?([^<>\'\"]+)/si);
+-        my ($type) = ($link =~ m/\bTYPE\s*=\s*[\"\']?([^<>\'\"]+)/si);
+-        my ($href) = ($link =~ m/\bHREF\s*=\s*[\"\']([^<>\'\"]+)/si);
+-
+-        if ($rel && lc($rel) eq 'enclosure') {
+-          if ($type) {
+-            $href = undef unless ($type =~ [email protected]^image/@si);  # omit videos
+-          }
+-          $iurl = $href if ($href);
+-        }
+-        $link;
+-      }!gsexi;
+-    }
+-
+-    # Then look for <media:content url="...">
+-    #
+-    if (! $iurl) {
+-      $item =~ s!(<MEDIA:CONTENT[^<>]*>)!{
+-        my $link = $1;
+-        my ($href) = ($link =~ m/\bURL\s*=\s*[\"\']([^<>\'\"]+)/si);
+-        $iurl = $href if $href;
+-        $link;
+-      }!gsexi;
+-    }
+-
+-    # Then look for <description>... with an <img href="..."> inside.
+-    #
+-    if (! $iurl) {
+-      $item =~ s!(<description[^<>]*>.*?</description>)!{
+-        my $desc = $1;
+-        $desc =~ s/&lt;/</gs;
+-        $desc =~ s/&gt;/>/gs;
+-        $desc =~ s/&quot;/\"/gs;
+-        $desc =~ s/&apos;/\'/gs;
+-        $desc =~ s/&amp;/&/gs;
+-        my ($href) = ($desc =~ [email protected]<IMG[^<>]*\bSRC=[\"\']?([^\"\'<>]+)@si);
+-        $iurl = $href if ($href);
+-        $desc;
+-      }!gsexi;
+-    }
+-
+-    # Could also do <content:encoded>, but the above probably covers all
+-    # of the real-world possibilities.
+-
+-
+-    # Find a unique ID for this image, to defeat image farms.
+-    # First look for <id>...</id>
+-    ($id) = ($item =~ m!<ID\b[^<>]*>\s*([^<>]+?)\s*</ID>!si) unless $id;
+-
+-    # Then look for <guid isPermaLink=...> ... </guid>
+-    ($id) = ($item =~ m!<GUID\b[^<>]*>\s*([^<>]+?)\s*</GUID>!si) unless $id;
+-
+-    # Then look for <link> ... </link>
+-    ($id) = ($item =~ m!<LINK\b[^<>]*>\s*([^<>]+?)\s*</LINK>!si) unless $id;
+-
+-
+-    if ($iurl) {
+-      $id = $iurl unless $id;
+-      my $o = $ids{$id};
+-      if (! $o) {
+-        $ids{$id} = $iurl;
+-        my @P = ($iurl, $id);
+-        push @imgs, \@P;
+-      } elsif ($iurl ne $o) {
+-        print STDERR "$progname: WARNING: dup ID \"$id\"" .
+-                     " for \"$o\" and \"$iurl\"\n";
+-      }
+-    }
+-  }
+-
+-  return @imgs;
+-}
+-
+-
+-# Like md5_base64 but uses filename-safe characters.
+-#
+-sub md5_file($) {
+-  my ($s) = @_;
+-  $s = md5_base64($s);
+-  $s =~ [email protected][/]@[email protected];
+-  $s =~ [email protected][+]@[email protected];
+-  return $s;
+-}
+-
+-
+-# Given the URL of an image, download it into the given directory
+-# and return the file name.
+-#
+-sub download_image($$$) {
+-  my ($url, $uid, $dir) = @_;
+-
+-  my ($ext) = ($url =~ [email protected]\.([a-z\d]+)[email protected]);
+-  my $file = md5_file ($uid);
+-  $file .= '.' . lc($ext) if $ext;
+-
+-  # Don't bother doing If-Modified-Since to see if the URL has changed.
+-  # If we have already downloaded it, assume it's good.
+-  if (-f "$dir/$file") {
+-    print STDERR "$progname: exists: $dir/$file for $uid / $url\n" 
+-      if ($verbose > 1);
+-    return $file;
+-  }
+-
+-  # Special-case kludge for Flickr:
+-  # Their RSS feeds sometimes include only the small versions of the images.
+-  # So if the URL ends in "s" (75x75), "t" (100x100) or "m" (240x240),then
+-  # munge it to be "b" (1024x1024).
+-  #
+-  $url =~ [email protected]_[stm](\.[a-z]+)[email protected][email protected]
+-    if ($url =~ [email protected]^https?://[^/?#&]*?flickr\.com/@si);
+-
+-  print STDERR "$progname: downloading: $dir/$file for $uid / $url\n" 
+-    if ($verbose > 1);
+-  $ua->agent ("$progname/$version");
+-  my $status = LWP::Simple::mirror ($url, "$dir/$file");
+-  if (!LWP::Simple::is_success ($status)) {
+-    print STDERR "$progname: error $status: $url\n";   # keep going
+-  }
+-
+-  return $file;
+-}
+-
+-
+-sub mirror_feed($) {
+-  my ($url) = @_;
+-
+-  if ($url !~ m/^https?:/si) {   # not a URL: local directory.
+-    return (undef, $url);
+-  }
+-
+-  my $dir = "$ENV{HOME}/Library/Caches";    # MacOS location
+-  if (-d $dir) {
+-    $dir = "$dir/org.jwz.xscreensaver.feeds";
+-  } elsif (-d "$ENV{HOME}/tmp") {
+-    $dir = "$ENV{HOME}/tmp/.xscreensaver-feeds";
+-  } else {
+-    $dir = "$ENV{HOME}/.xscreensaver-feeds";
+-  }
+-
+-  if (! -d $dir) {
+-    mkdir ($dir) || error ("mkdir $dir: $!");
+-    print STDERR "$progname: mkdir $dir/\n" if ($verbose);
+-  }
+-
+-  # MD5 for directory name to use for cache of a feed URL.
+-  $dir .= '/' . md5_file ($url);
+-
+-  if (! -d $dir) {
+-    mkdir ($dir) || error ("mkdir $dir: $!");
+-    print STDERR "$progname: mkdir $dir/ for $url\n" if ($verbose);
+-  }
+-
+-  # At this point, we have the directory corresponding to this URL.
+-  # Now check to see if the files in it are up to date, and download
+-  # them if not.
+-
+-  my $stamp = '.timestamp';
+-  my $lock = "$dir/$stamp";
+-
+-  print STDERR "$progname: awaiting lock: $lock\n"
+-    if ($verbose > 1);
+-
+-  my $mtime = ((stat($lock))[9]) || 0;
+-
+-  my $lock_fd;
+-  open ($lock_fd, '+>>', $lock) || error ("unable to write $lock: $!");
+-  flock ($lock_fd, LOCK_EX)     || error ("unable to lock $lock: $!");
+-  seek ($lock_fd, 0, 0)         || error ("unable to rewind $lock: $!");
+-
+-  my $poll_p = ($mtime + $feed_max_age < time);
+-
+-  $poll_p = 1 unless ($cache_p);  # poll again now with --no-cache cmd line arg.
+-
+-  # Even if the cache is young, let's make sure there are at least
+-  # a few files in it, and re-check if not.
+-  #
+-  if (! $poll_p) {
+-    my $count = 0;
+-    opendir (my $dirh, $dir) || error ("$dir: $!");
+-    foreach my $f (readdir ($dirh)) {
+-      next if ($f =~ m/^\./s);
+-      $count++;
+-      last;
+-    }
+-    closedir $dirh;
+-
+-    if ($count <= 0) {
+-      print STDERR "$progname: no files in cache of $url\n" if ($verbose);
+-      $poll_p = 1;
+-    }
+-  }
+-
+-  if ($poll_p) {
+-
+-    print STDERR "$progname: loading $url\n" if ($verbose);
+-
+-    my %files;
+-    opendir (my $dirh, $dir) || error ("$dir: $!");
+-    foreach my $f (readdir ($dirh)) {
+-      next if ($f eq '.' || $f eq '..');
+-      $files{$f} = 0;  # 0 means "file exists, should be deleted"
+-    }
+-    closedir $dirh;
+-
+-    $files{$stamp} = 1;
+-
+-    # Download each image currently in the feed.
+-    #
+-    my $count = 0;
+-    my @urls = parse_feed ($url);
+-    foreach my $p (@urls) {
+-      my ($furl, $id) = @$p;
+-      my $f = download_image ($furl, $id, $dir);
+-      next unless $f;
+-      $files{$f} = 1;    # Got it, don't delete
+-      $count++;
+-    }
+-
+-    print STDERR "$progname: empty feed: $url\n" if ($count <= 0);
+-
+-    # Now delete any files that are no longer in the feed.
+-    # But if there was nothing in the feed (network failure?)
+-    # then don't blow away the old files.
+-    #
+-    my $kept = 0;
+-    foreach my $f (keys(%files)) {
+-      if ($count <= 0) {
+-        $kept++;
+-      } elsif ($files{$f}) {
+-