You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
115 lines
3.8 KiB
115 lines
3.8 KiB
8 months ago
|
From 8ce91c85fe052d1a9f4fed0743bceae7d9654aa0 Mon Sep 17 00:00:00 2001
|
||
|
From: Ray Strode <rstrode@redhat.com>
|
||
|
Date: Mon, 28 Sep 2015 10:57:02 -0400
|
||
|
Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using
|
||
|
(any) token
|
||
|
|
||
|
If a user uses a token at login time, we need to make sure they continue
|
||
|
to use the token at unlock time.
|
||
|
|
||
|
As a prerequisite for addressing that problem we need to know up front
|
||
|
if a user logged in with a token at all.
|
||
|
|
||
|
This commit adds the necessary api to detect that case.
|
||
|
---
|
||
|
js/misc/smartcardManager.js | 7 +++++++
|
||
|
1 file changed, 7 insertions(+)
|
||
|
|
||
|
diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js
|
||
|
index fda782d1e..bb43c96e7 100644
|
||
|
--- a/js/misc/smartcardManager.js
|
||
|
+++ b/js/misc/smartcardManager.js
|
||
|
@@ -112,5 +112,12 @@ var SmartcardManager = class {
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
+ loggedInWithToken() {
|
||
|
+ if (this._loginToken)
|
||
|
+ return true;
|
||
|
+
|
||
|
+ return false;
|
||
|
+ }
|
||
|
+
|
||
|
};
|
||
|
Signals.addSignalMethods(SmartcardManager.prototype);
|
||
|
--
|
||
|
2.21.0
|
||
|
|
||
|
|
||
|
From 6decf5560d309579760e10048533d3bd9bc56c3c Mon Sep 17 00:00:00 2001
|
||
|
From: Ray Strode <rstrode@redhat.com>
|
||
|
Date: Mon, 28 Sep 2015 19:56:53 -0400
|
||
|
Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for
|
||
|
login
|
||
|
|
||
|
If a smartcard is used for login, we need to make sure the smartcard
|
||
|
gets used for unlock, too.
|
||
|
---
|
||
|
js/gdm/util.js | 7 +++++--
|
||
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/js/gdm/util.js b/js/gdm/util.js
|
||
|
index 2e9935250..2b80e1dd9 100644
|
||
|
--- a/js/gdm/util.js
|
||
|
+++ b/js/gdm/util.js
|
||
|
@@ -126,7 +126,6 @@ var ShellUserVerifier = class {
|
||
|
this._settings = new Gio.Settings({ schema_id: LOGIN_SCREEN_SCHEMA });
|
||
|
this._settings.connect('changed',
|
||
|
this._updateDefaultService.bind(this));
|
||
|
- this._updateDefaultService();
|
||
|
|
||
|
this._fprintManager = Fprint.FprintManager();
|
||
|
this._smartcardManager = SmartcardManager.getSmartcardManager();
|
||
|
@@ -138,6 +137,8 @@ var ShellUserVerifier = class {
|
||
|
this.smartcardDetected = false;
|
||
|
this._checkForSmartcard();
|
||
|
|
||
|
+ this._updateDefaultService();
|
||
|
+
|
||
|
this._smartcardInsertedId = this._smartcardManager.connect('smartcard-inserted',
|
||
|
this._checkForSmartcard.bind(this));
|
||
|
this._smartcardRemovedId = this._smartcardManager.connect('smartcard-removed',
|
||
|
@@ -407,7 +408,9 @@ var ShellUserVerifier = class {
|
||
|
}
|
||
|
|
||
|
_updateDefaultService() {
|
||
|
- if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
|
||
|
+ if (this._smartcardManager.loggedInWithToken())
|
||
|
+ this._defaultService = SMARTCARD_SERVICE_NAME;
|
||
|
+ else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
|
||
|
this._defaultService = PASSWORD_SERVICE_NAME;
|
||
|
else if (this._settings.get_boolean(SMARTCARD_AUTHENTICATION_KEY))
|
||
|
this._defaultService = SMARTCARD_SERVICE_NAME;
|
||
|
--
|
||
|
2.21.0
|
||
|
|
||
|
|
||
|
From dd844c98c3450dd1b21bcc580b51162c1b00ed2a Mon Sep 17 00:00:00 2001
|
||
|
From: Ray Strode <rstrode@redhat.com>
|
||
|
Date: Mon, 28 Sep 2015 19:57:36 -0400
|
||
|
Subject: [PATCH 3/3] gdm: update default service when smartcard inserted
|
||
|
|
||
|
Early on at start up we may not know if a smartcard is
|
||
|
available. Make sure we reupdate the default service
|
||
|
after we get a smartcard insertion event.
|
||
|
---
|
||
|
js/gdm/util.js | 2 ++
|
||
|
1 file changed, 2 insertions(+)
|
||
|
|
||
|
diff --git a/js/gdm/util.js b/js/gdm/util.js
|
||
|
index 2b80e1dd9..6e940d2ab 100644
|
||
|
--- a/js/gdm/util.js
|
||
|
+++ b/js/gdm/util.js
|
||
|
@@ -327,6 +327,8 @@ var ShellUserVerifier = class {
|
||
|
else if (this._preemptingService == SMARTCARD_SERVICE_NAME)
|
||
|
this._preemptingService = null;
|
||
|
|
||
|
+ this._updateDefaultService();
|
||
|
+
|
||
|
this.emit('smartcard-status-changed');
|
||
|
}
|
||
|
}
|
||
|
--
|
||
|
2.21.0
|
||
|
|