From 43d8d26e612c1d2bb3d5e251bece5581e03b74fb Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Wed, 8 Nov 2023 14:57:29 +0300 Subject: [PATCH] import gnome-shell-40.10-13.el9 --- ...gard-smartcard-status-changes-events.patch | 100 ++++++++++++++++++ SPECS/gnome-shell.spec | 9 +- 2 files changed, 107 insertions(+), 2 deletions(-) create mode 100644 SOURCES/0001-authPrompt-Disregard-smartcard-status-changes-events.patch diff --git a/SOURCES/0001-authPrompt-Disregard-smartcard-status-changes-events.patch b/SOURCES/0001-authPrompt-Disregard-smartcard-status-changes-events.patch new file mode 100644 index 0000000..35dd9e0 --- /dev/null +++ b/SOURCES/0001-authPrompt-Disregard-smartcard-status-changes-events.patch @@ -0,0 +1,100 @@ +From ec802e39a5dfb252e2d18b8cb95f713724180565 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 15 May 2023 10:48:15 -0400 +Subject: [PATCH] authPrompt: Disregard smartcard status changes events if + VERIFICATION_IN_PROGRESS + +commit c8bb45b41c3a13ef161103f649aa18938e028a70 introduced a new +verification state, VERIFICATION_IN_PROGRESS, to detect when the user +has already interacted with the authentication service, so the auth +prompt can rate limit the number of times the user can cancel +authentication attempts with the escape key (without also rate limiting +the number of times they hit escape to go back to the clock without +interacting with the authentication service). + +That means there are now two states that represent the +user actively undergoing verification: VERIFYING and +VERIFICATION_IN_PROGRESS. + +It's inappropriate to reset the smartcard service if the user is +actively conversing with it. We try to check for that by looking at the +original verification state, VERIFYING, but we unfortunately, neglected +to account for the new VERIFICATION_IN_PROGRESS state. + +This commit fixes that oversight, and allows users to again pre-type +their smartcard pin at the clock before inserting their smartcard. +--- + js/gdm/authPrompt.js | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/js/gdm/authPrompt.js b/js/gdm/authPrompt.js +index 4da91e096..e961f396e 100644 +--- a/js/gdm/authPrompt.js ++++ b/js/gdm/authPrompt.js +@@ -327,61 +327,62 @@ var AuthPrompt = GObject.registerClass({ + _onShowChoiceList(userVerifier, serviceName, promptMessage, choiceList) { + if (this._queryingService) + this.clear(); + + this._queryingService = serviceName; + + if (this._preemptiveAnswer) + this._preemptiveAnswer = null; + + this.setChoiceList(promptMessage, choiceList); + this.updateSensitivity(true); + this.emit('prompted'); + } + + _onCredentialManagerAuthenticated() { + if (this.verificationStatus != AuthPromptStatus.VERIFICATION_SUCCEEDED) + this.reset(); + } + + _onSmartcardStatusChanged() { + this.smartcardDetected = this._userVerifier.smartcardDetected; + + // Most of the time we want to reset if the user inserts or removes + // a smartcard. Smartcard insertion "preempts" what the user was + // doing, and smartcard removal aborts the preemption. + // The exceptions are: 1) Don't reset on smartcard insertion if we're already verifying + // with a smartcard + // 2) Don't reset if we've already succeeded at verification and + // the user is getting logged in. + if (this._userVerifier.serviceIsDefault(GdmUtil.SMARTCARD_SERVICE_NAME) && +- this.verificationStatus == AuthPromptStatus.VERIFYING && ++ (this.verificationStatus === AuthPromptStatus.VERIFYING || ++ this.verificationStatus === AuthPromptStatus.VERIFICATION_IN_PROGRESS) && + this.smartcardDetected) + return; + + if (this.verificationStatus != AuthPromptStatus.VERIFICATION_SUCCEEDED) + this.reset(); + } + + _onShowMessage(_userVerifier, serviceName, message, type) { + this.setMessage(serviceName, message, type); + this.emit('prompted'); + } + + _onVerificationFailed(userVerifier, serviceName, canRetry) { + const wasQueryingService = this._queryingService === serviceName; + + if (wasQueryingService) { + this._queryingService = null; + this.clear(); + } + + this.updateSensitivity(canRetry); + this.setActorInDefaultButtonWell(null); + + if (!canRetry) + this.verificationStatus = AuthPromptStatus.VERIFICATION_FAILED; + + if (wasQueryingService) + Util.wiggle(this._entry); + } + +-- +2.39.1 + diff --git a/SPECS/gnome-shell.spec b/SPECS/gnome-shell.spec index 95c9b7d..50ed56d 100644 --- a/SPECS/gnome-shell.spec +++ b/SPECS/gnome-shell.spec @@ -2,7 +2,7 @@ Name: gnome-shell Version: 40.10 -Release: 12%{?dist} +Release: 13%{?dist} Summary: Window management and application launching for GNOME License: GPLv2+ @@ -27,6 +27,7 @@ Patch14: support-choicelist-extension.patch Patch15: gdm-networking.patch Patch16: login-screen-extensions.patch Patch17: fix-resetting-auth-prompt.patch +Patch18: 0001-authPrompt-Disregard-smartcard-status-changes-events.patch # Misc. Patch30: 0001-panel-add-an-icon-to-the-ActivitiesButton.patch @@ -274,7 +275,11 @@ desktop-file-validate %{buildroot}%{_datadir}/applications/evolution-calendar.de %{_mandir}/man1/gnome-shell.1* %changelog -* Wed Mar 15 2023 MSVSphere Packaging Team - 40.10-3 +* Mon May 15 2023 Ray Strode - 40.10-13 +- Don't reset smartcard conversation twice when smartcard is inserted. + Resolves: #2140898 + +* Wed Mar 15 2023 MSVSphere Packaging Team - 40.10-12 - Rebuilt for MSVSphere 9.1. * Wed Feb 22 2023 Florian Müllner - 40.10-12