File gdm-2.19.3-token-login.patch of Package gdmfactory

Overview Repositories Revisions Requests Users Attributes Meta

File gdm-2.19.3-token-login.patch of Package gdmfactory

--- gdm-2.19.3/daemon/slave.c~	2007-07-25 15:00:30.000000000 -0400
+++ gdm-2.19.3/daemon/slave.c	2007-07-25 15:05:46.000000000 -0400
@@ -116,6 +116,8 @@ static gboolean do_configurator        =
 static gboolean do_cancel              = FALSE; /* If this is true, go back to
                                                    username entry & unselect
                                                    face browser (if present) */
+static gboolean do_token_login         = FALSE; /* if true, auth with smart 
+						   cards */
 static gboolean do_restart_greeter     = FALSE; /* If this is true, whack the
 					           greeter and try again */
 static gboolean restart_greeter_now    = FALSE; /* Restart_greeter_when the
@@ -2081,11 +2083,14 @@ play_login_sound (const char *sound_file
 static void
 gdm_slave_wait_for_login (void)
 {
+	gboolean verify_token;
 	const char *successsound;
 	char *username;
 	g_free (login);
 	login = NULL;
 
+	do_token_login = FALSE;
+
 	/* Chat with greeter */
 	while (login == NULL) {
 		/* init to a sane value */
@@ -2109,11 +2114,16 @@ gdm_slave_wait_for_login (void)
 		gdm_debug ("gdm_slave_wait_for_login: In loop");
 		username = d->preset_user;
 		d->preset_user = NULL;
+
+		verify_token = do_token_login;
+		do_token_login = FALSE;
+
 		login = gdm_verify_user (d /* the display */,
-					 username /* username */,
+					 verify_token ? "" : username /* username */,
 					 d->name /* display name */,
 					 d->attached /* display attached? */,
-					 TRUE /* allow retry */);
+					 TRUE /* allow retry */,
+					 verify_token);
 		g_free (username);
 
 		gdm_debug ("gdm_slave_wait_for_login: end verify for '%s'",
@@ -2162,7 +2172,7 @@ gdm_slave_wait_for_login (void)
 						 pwent->pw_name,
 						 d->name,
 						 d->attached,
-						 FALSE);
+						 FALSE, FALSE);
 			gdm_daemon_config_set_value_bool (GDM_KEY_ALLOW_ROOT, oldAllowRoot);
 
 			/* Clear message */
@@ -5019,6 +5029,11 @@ gdm_slave_handle_usr2_message (void)
 					gdm_fdprintf (slave_fd_out, "%c%c%c\n", 
 						      STX, BEL, GDM_INTERRUPT_CANCEL);
 				}
+			} else if (strcmp (&s[1], GDM_NOTIFY_TOKEN_LOGIN) == 0) {
+				if (!d->logged_in && d->attached) {
+					gdm_fdprintf (slave_fd_out, "%c%c%c\n",
+						      STX, BEL, GDM_INTERRUPT_TOKEN_LOGIN);
+				}
 			}
 		} else if (s[0] == GDM_SLAVE_NOTIFY_RESPONSE) {
 			gdm_got_ack = TRUE;
@@ -5219,6 +5234,10 @@ check_for_interruption (const char *msg)
 				do_restart_greeter = TRUE;
 			}
 			break;
+		case GDM_INTERRUPT_TOKEN_LOGIN:
+			do_token_login = TRUE;
+			do_cancel = TRUE;
+			break;
 		default:
 			break;
 		}
--- gdm-2.19.3/daemon/gdm.c~	2007-07-25 15:00:37.000000000 -0400
+++ gdm-2.19.3/daemon/gdm.c	2007-07-25 15:08:09.000000000 -0400
@@ -4359,7 +4359,7 @@ gdm_handle_user_message (GdmConnection *
 }
 
 static void
-gdm_reset_local_displays (void)
+send_command_to_locals (const char *msg)
 {
     GSList *li;
 
@@ -4367,11 +4367,23 @@ gdm_reset_local_displays (void)
 	    GdmDisplay *d = li->data;
 
 	    if (d->attached)
-		    send_slave_command (d, GDM_NOTIFY_RESET);
+		    send_slave_command (d, msg);
     }
 }
 
 static void
+gdm_reset_local_displays (void)
+{
+    send_command_to_locals (GDM_NOTIFY_RESET);
+}
+
+static void
+gdm_do_token_login (void)
+{
+    send_command_to_locals (GDM_NOTIFY_TOKEN_LOGIN);
+}
+
+static void
 gdm_watch_for_security_tokens (void)
 {
     DBusGConnection *conn;
@@ -4392,7 +4404,7 @@ gdm_watch_for_security_tokens (void)
                                          MONITOR_INTERFACE);
 
     dbus_g_proxy_add_signal (monitor, "SecurityTokenInserted", G_TYPE_STRING, G_TYPE_INVALID);
-    dbus_g_proxy_connect_signal (monitor, "SecurityTokenInserted", G_CALLBACK (gdm_reset_local_displays), NULL, NULL);
+    dbus_g_proxy_connect_signal (monitor, "SecurityTokenInserted", G_CALLBACK (gdm_do_token_login), NULL, NULL);
 
     dbus_g_proxy_add_signal (monitor, "SecurityTokenRemoved", G_TYPE_STRING, G_TYPE_INVALID);
     dbus_g_proxy_connect_signal (monitor, "SecurityTokenRemoved", G_CALLBACK (gdm_reset_local_displays), NULL, NULL);    
--- gdm-2.19.3/daemon/gdm-socket-protocol.h~	2007-07-25 15:00:30.000000000 -0400
+++ gdm-2.19.3/daemon/gdm-socket-protocol.h	2007-07-25 15:09:02.000000000 -0400
@@ -75,6 +75,7 @@
 #define GDM_INTERRUPT_CUSTOM_CMD  'M'
 #define GDM_INTERRUPT_CANCEL      'X'
 #define GDM_INTERRUPT_SELECT_LANG 'O'
+#define GDM_INTERRUPT_TOKEN_LOGIN '$'
 
 /* List delimiter for config file lists */
 #define GDM_DELIMITER_MODULES ":"
--- gdm-2.19.3/daemon/gdm-daemon-config-keys.h~	2007-07-25 15:00:30.000000000 -0400
+++ gdm-2.19.3/daemon/gdm-daemon-config-keys.h	2007-07-25 15:10:22.000000000 -0400
@@ -105,6 +105,7 @@ G_BEGIN_DECLS
 #define GDM_KEY_RETRY_DELAY "security/RetryDelay=1"
 #define GDM_KEY_DISALLOW_TCP "security/DisallowTCP=true"
 #define GDM_KEY_PAM_STACK "security/PamStack=gdm"
+#define GDM_KEY_PAM_STACK_SMARTCARD "security/SmartCardPamStack=gdm-smartcard"
 #define GDM_KEY_NEVER_PLACE_COOKIES_ON_NFS "security/NeverPlaceCookiesOnNFS=true"
 #define GDM_KEY_PASSWORD_REQUIRED "security/PasswordRequired=false"
 #define GDM_KEY_XDMCP "xdmcp/Enable=false"
@@ -227,6 +228,7 @@ G_BEGIN_DECLS
 #define GDM_NOTIFY_GO "GO"
 #define GDM_NOTIFY_TWIDDLE_POINTER "TWIDDLE_POINTER"
 #define GDM_NOTIFY_RESET "RESET"
+#define GDM_NOTIFY_TOKEN_LOGIN "TOKEN_LOGIN"
 
 G_END_DECLS
 
--- gdm-2.19.3/daemon/verify.h~	2007-06-17 13:07:39.000000000 -0400
+++ gdm-2.19.3/daemon/verify.h	2007-07-25 15:12:17.000000000 -0400
@@ -28,7 +28,8 @@ gchar *gdm_verify_user    (GdmDisplay *d
 			   const char *username,
 			   const gchar *display,
 			   gboolean local,
-			   gboolean allow_retry);
+			   gboolean allow_retry,
+                           gboolean token);
 void   gdm_verify_cleanup (GdmDisplay *d);
 void   gdm_verify_check   (void);
 void   gdm_verify_select_user (const char *user);
--- gdm-2.19.3/daemon/verify-pam.c~	2007-06-17 13:07:38.000000000 -0400
+++ gdm-2.19.3/daemon/verify-pam.c	2007-07-25 15:11:57.000000000 -0400
@@ -866,7 +866,8 @@ gdm_verify_user (GdmDisplay *d,
 		 const char *username,
 		 const gchar *display,
 		 gboolean local,
-		 gboolean allow_retry)
+		 gboolean allow_retry,
+		 gboolean verify_token)
 {
 	gint pamerr = 0;
 	struct passwd *pwent = NULL;
@@ -926,7 +927,10 @@ gdm_verify_user (GdmDisplay *d,
 	 * PAM Stacks, in case one display should use a different
 	 * authentication mechanism than another display.
 	 */
-	pam_stack = gdm_daemon_config_get_value_string_per_display (GDM_KEY_PAM_STACK, (char *)display);
+	pam_stack = gdm_daemon_config_get_value_string_per_display (verify_token 
+								    ? GDM_KEY_PAM_STACK_SMARTCARD 
+								    : GDM_KEY_PAM_STACK, 
+								    (char *)display);
 
 	if ( ! create_pamh (d, pam_stack, login, &pamc, display, &pamerr)) {
 		if (started_timer)
--- gdm-2.19.3/daemon/verify-shadow.c~	2007-06-17 13:07:38.000000000 -0400
+++ gdm-2.19.3/daemon/verify-shadow.c	2007-07-25 15:12:30.000000000 -0400
@@ -106,7 +106,8 @@ gdm_verify_user (GdmDisplay *d,
 		 const char *username,
 		 const gchar *display,
 		 gboolean local,
-		 gboolean allow_retry)
+		 gboolean allow_retry,
+		 gboolean token)
 {
 	gchar *login, *passwd, *ppasswd;
 	struct passwd *pwent;
--- gdm-2.19.3/daemon/verify-crypt.c~	2007-06-17 13:07:39.000000000 -0400
+++ gdm-2.19.3/daemon/verify-crypt.c	2007-07-25 15:12:53.000000000 -0400
@@ -105,7 +105,8 @@ gdm_verify_user (GdmDisplay *d,
 		 const char *username,
 		 const gchar *display,
 		 gboolean local,
-		 gboolean allow_retry)
+		 gboolean allow_retry,
+		 gboolean token)
 {
 	gchar *login, *passwd, *ppasswd;
 	struct passwd *pwent;
--- gdm-2.19.3/daemon/gdm-daemon-config.c~	2007-06-17 13:07:39.000000000 -0400
+++ gdm-2.19.3/daemon/gdm-daemon-config.c	2007-07-25 15:17:46.000000000 -0400
@@ -552,7 +552,8 @@ gdm_daemon_config_key_to_string_per_disp
 
 	if (strcmp (group, "greeter") == 0 ||
 	    strcmp (group, "gui") == 0 ||
-	    is_key (keystring, GDM_KEY_PAM_STACK)) {
+	    is_key (keystring, GDM_KEY_PAM_STACK) ||
+	    is_key (keystring, GDM_KEY_PAM_STACK_SMARTCARD)) {
 		ret = gdm_daemon_config_key_to_string (file, keystring, retval);
 	}
 
--- gdm-2.19.3/daemon/gdm-daemon-config-entries.h~	2007-06-17 13:07:38.000000000 -0400
+++ gdm-2.19.3/daemon/gdm-daemon-config-entries.h	2007-07-25 17:12:25.000000000 -0400
@@ -208,6 +208,7 @@ typedef enum {
 	GDM_ID_SYSTEM_COMMANDS_IN_MENU,
 	GDM_ID_ALLOW_LOGOUT_ACTIONS,
 	GDM_ID_RBAC_SYSTEM_COMMAND_KEYS,
+	GDM_ID_SMART_CARD_PAM_STACK,
 	GDK_ID_LAST
 } GdmConfigKey;
 
@@ -363,6 +364,7 @@ static const GdmConfigEntry gdm_daemon_c
 	{ GDM_CONFIG_GROUP_SECURITY, "RetryDelay", GDM_CONFIG_VALUE_INT, "1", GDM_ID_RETRY_DELAY },
 	{ GDM_CONFIG_GROUP_SECURITY, "DisallowTCP", GDM_CONFIG_VALUE_BOOL, "true", GDM_ID_DISALLOW_TCP },
 	{ GDM_CONFIG_GROUP_SECURITY, "PamStack", GDM_CONFIG_VALUE_STRING, "gdm", GDM_ID_PAM_STACK },
+	{ GDM_CONFIG_GROUP_SECURITY, "SmartCardPamStack", GDM_CONFIG_VALUE_STRING, "gdm-smartcard", GDM_ID_SMART_CARD_PAM_STACK },
 
 	{ GDM_CONFIG_GROUP_SECURITY, "NeverPlaceCookiesOnNFS", GDM_CONFIG_VALUE_BOOL, "true", GDM_ID_NEVER_PLACE_COOKIES_ON_NFS },
 	{ GDM_CONFIG_GROUP_SECURITY, "PasswordRequired", GDM_CONFIG_VALUE_BOOL, "false", GDM_ID_PASSWORD_REQUIRED },

Places

File gdm-2.19.3-token-login.patch of Package gdmfactory

Places