|
|
f3cbb9 |
From 624d302d3d192b66d5465fa4551c223df0c4a850 Mon Sep 17 00:00:00 2001
|
|
|
580c05 |
From: Ray Strode <rstrode@redhat.com>
|
|
|
580c05 |
Date: Mon, 28 Sep 2015 10:57:02 -0400
|
|
|
580c05 |
Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using
|
|
|
580c05 |
(any) token
|
|
|
580c05 |
|
|
|
580c05 |
If a user uses a token at login time, we need to make sure they continue
|
|
|
580c05 |
to use the token at unlock time.
|
|
|
580c05 |
|
|
|
580c05 |
As a prerequisite for addressing that problem we need to know up front
|
|
|
580c05 |
if a user logged in with a token at all.
|
|
|
580c05 |
|
|
|
580c05 |
This commit adds the necessary api to detect that case.
|
|
|
580c05 |
---
|
|
|
580c05 |
js/misc/smartcardManager.js | 7 +++++++
|
|
|
580c05 |
1 file changed, 7 insertions(+)
|
|
|
580c05 |
|
|
|
580c05 |
diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js
|
|
|
f3cbb9 |
index 674efc9ad..bfe8a26f4 100644
|
|
|
580c05 |
--- a/js/misc/smartcardManager.js
|
|
|
580c05 |
+++ b/js/misc/smartcardManager.js
|
|
|
f3cbb9 |
@@ -113,6 +113,13 @@ const SmartcardManager = new Lang.Class({
|
|
|
580c05 |
return false;
|
|
|
580c05 |
|
|
|
580c05 |
return true;
|
|
|
580c05 |
+ },
|
|
|
580c05 |
+
|
|
|
580c05 |
+ loggedInWithToken: function() {
|
|
|
580c05 |
+ if (this._loginToken)
|
|
|
580c05 |
+ return true;
|
|
|
580c05 |
+
|
|
|
580c05 |
+ return false;
|
|
|
580c05 |
}
|
|
|
580c05 |
|
|
|
580c05 |
});
|
|
|
580c05 |
--
|
|
|
f3cbb9 |
2.12.0
|
|
|
580c05 |
|
|
|
580c05 |
|
|
|
f3cbb9 |
From 9e3c4a25a32f1e9b828dc37c5a37de1481288478 Mon Sep 17 00:00:00 2001
|
|
|
580c05 |
From: Ray Strode <rstrode@redhat.com>
|
|
|
580c05 |
Date: Mon, 28 Sep 2015 19:56:53 -0400
|
|
|
580c05 |
Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for
|
|
|
580c05 |
login
|
|
|
580c05 |
|
|
|
580c05 |
If a smartcard is used for login, we need to make sure the smartcard
|
|
|
580c05 |
gets used for unlock, too.
|
|
|
580c05 |
---
|
|
|
580c05 |
js/gdm/util.js | 7 +++++--
|
|
|
580c05 |
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
580c05 |
|
|
|
580c05 |
diff --git a/js/gdm/util.js b/js/gdm/util.js
|
|
|
f3cbb9 |
index 1aa52a17f..cea1a0918 100644
|
|
|
580c05 |
--- a/js/gdm/util.js
|
|
|
580c05 |
+++ b/js/gdm/util.js
|
|
|
f3cbb9 |
@@ -131,7 +131,6 @@ const ShellUserVerifier = new Lang.Class({
|
|
|
580c05 |
this._settings = new Gio.Settings({ schema_id: LOGIN_SCREEN_SCHEMA });
|
|
|
580c05 |
this._settings.connect('changed',
|
|
|
580c05 |
Lang.bind(this, this._updateDefaultService));
|
|
|
580c05 |
- this._updateDefaultService();
|
|
|
580c05 |
|
|
|
580c05 |
this._fprintManager = new Fprint.FprintManager();
|
|
|
580c05 |
this._smartcardManager = SmartcardManager.getSmartcardManager();
|
|
|
f3cbb9 |
@@ -142,6 +141,8 @@ const ShellUserVerifier = new Lang.Class({
|
|
|
580c05 |
// after a user has been picked.
|
|
|
580c05 |
this._checkForSmartcard();
|
|
|
580c05 |
|
|
|
580c05 |
+ this._updateDefaultService();
|
|
|
580c05 |
+
|
|
|
580c05 |
this._smartcardInsertedId = this._smartcardManager.connect('smartcard-inserted',
|
|
|
580c05 |
Lang.bind(this, this._checkForSmartcard));
|
|
|
580c05 |
this._smartcardRemovedId = this._smartcardManager.connect('smartcard-removed',
|
|
|
f3cbb9 |
@@ -408,7 +409,9 @@ const ShellUserVerifier = new Lang.Class({
|
|
|
580c05 |
},
|
|
|
580c05 |
|
|
|
580c05 |
_updateDefaultService: function() {
|
|
|
580c05 |
- if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
|
|
|
580c05 |
+ if (this._smartcardManager.loggedInWithToken())
|
|
|
580c05 |
+ this._defaultService = SMARTCARD_SERVICE_NAME;
|
|
|
580c05 |
+ else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
|
|
|
580c05 |
this._defaultService = PASSWORD_SERVICE_NAME;
|
|
|
580c05 |
else if (this._settings.get_boolean(SMARTCARD_AUTHENTICATION_KEY))
|
|
|
580c05 |
this._defaultService = SMARTCARD_SERVICE_NAME;
|
|
|
580c05 |
--
|
|
|
f3cbb9 |
2.12.0
|
|
|
580c05 |
|
|
|
580c05 |
|
|
|
f3cbb9 |
From d378c2ccd514770cc35ce72bfff2b24fe956b762 Mon Sep 17 00:00:00 2001
|
|
|
580c05 |
From: Ray Strode <rstrode@redhat.com>
|
|
|
580c05 |
Date: Mon, 28 Sep 2015 19:57:36 -0400
|
|
|
580c05 |
Subject: [PATCH 3/3] gdm: update default service when smartcard inserted
|
|
|
580c05 |
|
|
|
580c05 |
Early on at start up we may not know if a smartcard is
|
|
|
580c05 |
available. Make sure we reupdate the default service
|
|
|
580c05 |
after we get a smartcard insertion event.
|
|
|
580c05 |
---
|
|
|
580c05 |
js/gdm/util.js | 2 ++
|
|
|
580c05 |
1 file changed, 2 insertions(+)
|
|
|
580c05 |
|
|
|
580c05 |
diff --git a/js/gdm/util.js b/js/gdm/util.js
|
|
|
f3cbb9 |
index cea1a0918..9517150f0 100644
|
|
|
580c05 |
--- a/js/gdm/util.js
|
|
|
580c05 |
+++ b/js/gdm/util.js
|
|
|
f3cbb9 |
@@ -331,6 +331,8 @@ const ShellUserVerifier = new Lang.Class({
|
|
|
580c05 |
else if (this._preemptingService == SMARTCARD_SERVICE_NAME)
|
|
|
580c05 |
this._preemptingService = null;
|
|
|
580c05 |
|
|
|
580c05 |
+ this._updateDefaultService();
|
|
|
580c05 |
+
|
|
|
580c05 |
this.emit('smartcard-status-changed');
|
|
|
580c05 |
}
|
|
|
580c05 |
},
|
|
|
580c05 |
--
|
|
|
f3cbb9 |
2.12.0
|
|
|
580c05 |
|