Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:jberkman
gdmfactory
gdm-2.19.3-token-login.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gdm-2.19.3-token-login.patch of Package gdmfactory
--- gdm-2.19.3/daemon/slave.c~ 2007-07-25 15:00:30.000000000 -0400 +++ gdm-2.19.3/daemon/slave.c 2007-07-25 15:05:46.000000000 -0400 @@ -116,6 +116,8 @@ static gboolean do_configurator = static gboolean do_cancel = FALSE; /* If this is true, go back to username entry & unselect face browser (if present) */ +static gboolean do_token_login = FALSE; /* if true, auth with smart + cards */ static gboolean do_restart_greeter = FALSE; /* If this is true, whack the greeter and try again */ static gboolean restart_greeter_now = FALSE; /* Restart_greeter_when the @@ -2081,11 +2083,14 @@ play_login_sound (const char *sound_file static void gdm_slave_wait_for_login (void) { + gboolean verify_token; const char *successsound; char *username; g_free (login); login = NULL; + do_token_login = FALSE; + /* Chat with greeter */ while (login == NULL) { /* init to a sane value */ @@ -2109,11 +2114,16 @@ gdm_slave_wait_for_login (void) gdm_debug ("gdm_slave_wait_for_login: In loop"); username = d->preset_user; d->preset_user = NULL; + + verify_token = do_token_login; + do_token_login = FALSE; + login = gdm_verify_user (d /* the display */, - username /* username */, + verify_token ? "" : username /* username */, d->name /* display name */, d->attached /* display attached? */, - TRUE /* allow retry */); + TRUE /* allow retry */, + verify_token); g_free (username); gdm_debug ("gdm_slave_wait_for_login: end verify for '%s'", @@ -2162,7 +2172,7 @@ gdm_slave_wait_for_login (void) pwent->pw_name, d->name, d->attached, - FALSE); + FALSE, FALSE); gdm_daemon_config_set_value_bool (GDM_KEY_ALLOW_ROOT, oldAllowRoot); /* Clear message */ @@ -5019,6 +5029,11 @@ gdm_slave_handle_usr2_message (void) gdm_fdprintf (slave_fd_out, "%c%c%c\n", STX, BEL, GDM_INTERRUPT_CANCEL); } + } else if (strcmp (&s[1], GDM_NOTIFY_TOKEN_LOGIN) == 0) { + if (!d->logged_in && d->attached) { + gdm_fdprintf (slave_fd_out, "%c%c%c\n", + STX, BEL, GDM_INTERRUPT_TOKEN_LOGIN); + } } } else if (s[0] == GDM_SLAVE_NOTIFY_RESPONSE) { gdm_got_ack = TRUE; @@ -5219,6 +5234,10 @@ check_for_interruption (const char *msg) do_restart_greeter = TRUE; } break; + case GDM_INTERRUPT_TOKEN_LOGIN: + do_token_login = TRUE; + do_cancel = TRUE; + break; default: break; } --- gdm-2.19.3/daemon/gdm.c~ 2007-07-25 15:00:37.000000000 -0400 +++ gdm-2.19.3/daemon/gdm.c 2007-07-25 15:08:09.000000000 -0400 @@ -4359,7 +4359,7 @@ gdm_handle_user_message (GdmConnection * } static void -gdm_reset_local_displays (void) +send_command_to_locals (const char *msg) { GSList *li; @@ -4367,11 +4367,23 @@ gdm_reset_local_displays (void) GdmDisplay *d = li->data; if (d->attached) - send_slave_command (d, GDM_NOTIFY_RESET); + send_slave_command (d, msg); } } static void +gdm_reset_local_displays (void) +{ + send_command_to_locals (GDM_NOTIFY_RESET); +} + +static void +gdm_do_token_login (void) +{ + send_command_to_locals (GDM_NOTIFY_TOKEN_LOGIN); +} + +static void gdm_watch_for_security_tokens (void) { DBusGConnection *conn; @@ -4392,7 +4404,7 @@ gdm_watch_for_security_tokens (void) MONITOR_INTERFACE); dbus_g_proxy_add_signal (monitor, "SecurityTokenInserted", G_TYPE_STRING, G_TYPE_INVALID); - dbus_g_proxy_connect_signal (monitor, "SecurityTokenInserted", G_CALLBACK (gdm_reset_local_displays), NULL, NULL); + dbus_g_proxy_connect_signal (monitor, "SecurityTokenInserted", G_CALLBACK (gdm_do_token_login), NULL, NULL); dbus_g_proxy_add_signal (monitor, "SecurityTokenRemoved", G_TYPE_STRING, G_TYPE_INVALID); dbus_g_proxy_connect_signal (monitor, "SecurityTokenRemoved", G_CALLBACK (gdm_reset_local_displays), NULL, NULL); --- gdm-2.19.3/daemon/gdm-socket-protocol.h~ 2007-07-25 15:00:30.000000000 -0400 +++ gdm-2.19.3/daemon/gdm-socket-protocol.h 2007-07-25 15:09:02.000000000 -0400 @@ -75,6 +75,7 @@ #define GDM_INTERRUPT_CUSTOM_CMD 'M' #define GDM_INTERRUPT_CANCEL 'X' #define GDM_INTERRUPT_SELECT_LANG 'O' +#define GDM_INTERRUPT_TOKEN_LOGIN '$' /* List delimiter for config file lists */ #define GDM_DELIMITER_MODULES ":" --- gdm-2.19.3/daemon/gdm-daemon-config-keys.h~ 2007-07-25 15:00:30.000000000 -0400 +++ gdm-2.19.3/daemon/gdm-daemon-config-keys.h 2007-07-25 15:10:22.000000000 -0400 @@ -105,6 +105,7 @@ G_BEGIN_DECLS #define GDM_KEY_RETRY_DELAY "security/RetryDelay=1" #define GDM_KEY_DISALLOW_TCP "security/DisallowTCP=true" #define GDM_KEY_PAM_STACK "security/PamStack=gdm" +#define GDM_KEY_PAM_STACK_SMARTCARD "security/SmartCardPamStack=gdm-smartcard" #define GDM_KEY_NEVER_PLACE_COOKIES_ON_NFS "security/NeverPlaceCookiesOnNFS=true" #define GDM_KEY_PASSWORD_REQUIRED "security/PasswordRequired=false" #define GDM_KEY_XDMCP "xdmcp/Enable=false" @@ -227,6 +228,7 @@ G_BEGIN_DECLS #define GDM_NOTIFY_GO "GO" #define GDM_NOTIFY_TWIDDLE_POINTER "TWIDDLE_POINTER" #define GDM_NOTIFY_RESET "RESET" +#define GDM_NOTIFY_TOKEN_LOGIN "TOKEN_LOGIN" G_END_DECLS --- gdm-2.19.3/daemon/verify.h~ 2007-06-17 13:07:39.000000000 -0400 +++ gdm-2.19.3/daemon/verify.h 2007-07-25 15:12:17.000000000 -0400 @@ -28,7 +28,8 @@ gchar *gdm_verify_user (GdmDisplay *d const char *username, const gchar *display, gboolean local, - gboolean allow_retry); + gboolean allow_retry, + gboolean token); void gdm_verify_cleanup (GdmDisplay *d); void gdm_verify_check (void); void gdm_verify_select_user (const char *user); --- gdm-2.19.3/daemon/verify-pam.c~ 2007-06-17 13:07:38.000000000 -0400 +++ gdm-2.19.3/daemon/verify-pam.c 2007-07-25 15:11:57.000000000 -0400 @@ -866,7 +866,8 @@ gdm_verify_user (GdmDisplay *d, const char *username, const gchar *display, gboolean local, - gboolean allow_retry) + gboolean allow_retry, + gboolean verify_token) { gint pamerr = 0; struct passwd *pwent = NULL; @@ -926,7 +927,10 @@ gdm_verify_user (GdmDisplay *d, * PAM Stacks, in case one display should use a different * authentication mechanism than another display. */ - pam_stack = gdm_daemon_config_get_value_string_per_display (GDM_KEY_PAM_STACK, (char *)display); + pam_stack = gdm_daemon_config_get_value_string_per_display (verify_token + ? GDM_KEY_PAM_STACK_SMARTCARD + : GDM_KEY_PAM_STACK, + (char *)display); if ( ! create_pamh (d, pam_stack, login, &pamc, display, &pamerr)) { if (started_timer) --- gdm-2.19.3/daemon/verify-shadow.c~ 2007-06-17 13:07:38.000000000 -0400 +++ gdm-2.19.3/daemon/verify-shadow.c 2007-07-25 15:12:30.000000000 -0400 @@ -106,7 +106,8 @@ gdm_verify_user (GdmDisplay *d, const char *username, const gchar *display, gboolean local, - gboolean allow_retry) + gboolean allow_retry, + gboolean token) { gchar *login, *passwd, *ppasswd; struct passwd *pwent; --- gdm-2.19.3/daemon/verify-crypt.c~ 2007-06-17 13:07:39.000000000 -0400 +++ gdm-2.19.3/daemon/verify-crypt.c 2007-07-25 15:12:53.000000000 -0400 @@ -105,7 +105,8 @@ gdm_verify_user (GdmDisplay *d, const char *username, const gchar *display, gboolean local, - gboolean allow_retry) + gboolean allow_retry, + gboolean token) { gchar *login, *passwd, *ppasswd; struct passwd *pwent; --- gdm-2.19.3/daemon/gdm-daemon-config.c~ 2007-06-17 13:07:39.000000000 -0400 +++ gdm-2.19.3/daemon/gdm-daemon-config.c 2007-07-25 15:17:46.000000000 -0400 @@ -552,7 +552,8 @@ gdm_daemon_config_key_to_string_per_disp if (strcmp (group, "greeter") == 0 || strcmp (group, "gui") == 0 || - is_key (keystring, GDM_KEY_PAM_STACK)) { + is_key (keystring, GDM_KEY_PAM_STACK) || + is_key (keystring, GDM_KEY_PAM_STACK_SMARTCARD)) { ret = gdm_daemon_config_key_to_string (file, keystring, retval); } --- gdm-2.19.3/daemon/gdm-daemon-config-entries.h~ 2007-06-17 13:07:38.000000000 -0400 +++ gdm-2.19.3/daemon/gdm-daemon-config-entries.h 2007-07-25 17:12:25.000000000 -0400 @@ -208,6 +208,7 @@ typedef enum { GDM_ID_SYSTEM_COMMANDS_IN_MENU, GDM_ID_ALLOW_LOGOUT_ACTIONS, GDM_ID_RBAC_SYSTEM_COMMAND_KEYS, + GDM_ID_SMART_CARD_PAM_STACK, GDK_ID_LAST } GdmConfigKey; @@ -363,6 +364,7 @@ static const GdmConfigEntry gdm_daemon_c { GDM_CONFIG_GROUP_SECURITY, "RetryDelay", GDM_CONFIG_VALUE_INT, "1", GDM_ID_RETRY_DELAY }, { GDM_CONFIG_GROUP_SECURITY, "DisallowTCP", GDM_CONFIG_VALUE_BOOL, "true", GDM_ID_DISALLOW_TCP }, { GDM_CONFIG_GROUP_SECURITY, "PamStack", GDM_CONFIG_VALUE_STRING, "gdm", GDM_ID_PAM_STACK }, + { GDM_CONFIG_GROUP_SECURITY, "SmartCardPamStack", GDM_CONFIG_VALUE_STRING, "gdm-smartcard", GDM_ID_SMART_CARD_PAM_STACK }, { GDM_CONFIG_GROUP_SECURITY, "NeverPlaceCookiesOnNFS", GDM_CONFIG_VALUE_BOOL, "true", GDM_ID_NEVER_PLACE_COOKIES_ON_NFS }, { GDM_CONFIG_GROUP_SECURITY, "PasswordRequired", GDM_CONFIG_VALUE_BOOL, "false", GDM_ID_PASSWORD_REQUIRED },
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor