From c939585dc440e2b2ccaeea82ce3cf42c990dbe23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Mon, 12 Nov 2018 12:49:39 +0100
Subject: [PATCH 03/15] compat: add support for with-smartcard-required
 (--enablerequiresmartcard)

Resolves:
https://github.com/pbrezina/authselect/issues/109
---
 src/compat/authcompat.py.in.in   | 15 ++++++++-------
 src/compat/authcompat_Options.py |  4 ++--
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
index 42cc6f3c0e38d8e14d62bd5acdc171176a6cb51f..accb3385ade908c07451ee4824d6b62b012ea317 100755
--- a/src/compat/authcompat.py.in.in
+++ b/src/compat/authcompat.py.in.in
@@ -518,13 +518,14 @@ class AuthCompat:
 
     def runAuthselect(self):
         map = {
-            'smartcard'   : 'with-smartcard',
-            'fingerprint' : 'with-fingerprint',
-            'ecryptfs'    : 'with-ecryptfs',
-            'mkhomedir'   : 'with-mkhomedir',
-            'faillock'    : 'with-faillock',
-            'pamaccess'   : 'with-pamaccess',
-            'winbindkrb5' : 'with-krb5'
+            'smartcard'        : 'with-smartcard',
+            'requiresmartcard' : 'with-smartcard-required',
+            'fingerprint'      : 'with-fingerprint',
+            'ecryptfs'         : 'with-ecryptfs',
+            'mkhomedir'        : 'with-mkhomedir',
+            'faillock'         : 'with-faillock',
+            'pamaccess'        : 'with-pamaccess',
+            'winbindkrb5'      : 'with-krb5'
         }
 
         # Read current configuration first.
diff --git a/src/compat/authcompat_Options.py b/src/compat/authcompat_Options.py
index e77b4407c7cd385b66a8a97795cece7f33571ff6..c8f52ab6773c4cd5371f32121dba8053f3443261 100644
--- a/src/compat/authcompat_Options.py
+++ b/src/compat/authcompat_Options.py
@@ -13,7 +13,7 @@
 #    This program is distributed in the hope that it will be useful,
 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#    GNU General Public License for more details.
+#    GNU General Public License for morerequi details.
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
@@ -91,6 +91,7 @@ class Options:
         Option.Feature("rfc2307bis",      _("use of RFC-2307bis schema for LDAP user information lookups")),
         Option.Feature("smartcard",       _("authentication with smart card by default")),
         Option.Valued ("smartcardaction", _("<0=Lock|1=Ignore>"), _("action to be taken on smart card removal")),
+        Option.Feature("requiresmartcard",_("require smart card for authentication by default")),
         Option.Feature("fingerprint",     _("authentication with fingerprint readers by default")),
         Option.Feature("ecryptfs",        _("automatic per-user ecryptfs")),
         Option.Feature("krb5",            _("Kerberos authentication by default")),
@@ -146,7 +147,6 @@ class Options:
         Option.UnsupportedSwitch ("usemd5"),
         Option.UnsupportedValued ("passalgo", _("<descrypt|bigcrypt|md5|sha256|sha512>")),
         Option.UnsupportedValued ("ldaploadcacert", _("<URL>")),
-        Option.UnsupportedFeature("requiresmartcard"),
         Option.UnsupportedValued ("smartcardmodule", _("<module>")),
         Option.UnsupportedValued ("smbsecurity", _("<user|server|domain|ads>")),
         Option.UnsupportedValued ("smbrealm", _("<realm>")),
-- 
2.17.2