From 624d302d3d192b66d5465fa4551c223df0c4a850 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 10:57:02 -0400 Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using (any) token If a user uses a token at login time, we need to make sure they continue to use the token at unlock time. As a prerequisite for addressing that problem we need to know up front if a user logged in with a token at all. This commit adds the necessary api to detect that case. --- js/misc/smartcardManager.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js index 674efc9ad..bfe8a26f4 100644 --- a/js/misc/smartcardManager.js +++ b/js/misc/smartcardManager.js @@ -113,6 +113,13 @@ const SmartcardManager = new Lang.Class({ return false; return true; + }, + + loggedInWithToken: function() { + if (this._loginToken) + return true; + + return false; } }); -- 2.12.0 From 9e3c4a25a32f1e9b828dc37c5a37de1481288478 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:56:53 -0400 Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for login If a smartcard is used for login, we need to make sure the smartcard gets used for unlock, too. --- js/gdm/util.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/js/gdm/util.js b/js/gdm/util.js index 1aa52a17f..cea1a0918 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -131,7 +131,6 @@ const ShellUserVerifier = new Lang.Class({ this._settings = new Gio.Settings({ schema_id: LOGIN_SCREEN_SCHEMA }); this._settings.connect('changed', Lang.bind(this, this._updateDefaultService)); - this._updateDefaultService(); this._fprintManager = new Fprint.FprintManager(); this._smartcardManager = SmartcardManager.getSmartcardManager(); @@ -142,6 +141,8 @@ const ShellUserVerifier = new Lang.Class({ // after a user has been picked. this._checkForSmartcard(); + this._updateDefaultService(); + this._smartcardInsertedId = this._smartcardManager.connect('smartcard-inserted', Lang.bind(this, this._checkForSmartcard)); this._smartcardRemovedId = this._smartcardManager.connect('smartcard-removed', @@ -408,7 +409,9 @@ const ShellUserVerifier = new Lang.Class({ }, _updateDefaultService: function() { - if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) + if (this._smartcardManager.loggedInWithToken()) + this._defaultService = SMARTCARD_SERVICE_NAME; + else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) this._defaultService = PASSWORD_SERVICE_NAME; else if (this._settings.get_boolean(SMARTCARD_AUTHENTICATION_KEY)) this._defaultService = SMARTCARD_SERVICE_NAME; -- 2.12.0 From d378c2ccd514770cc35ce72bfff2b24fe956b762 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:57:36 -0400 Subject: [PATCH 3/3] gdm: update default service when smartcard inserted Early on at start up we may not know if a smartcard is available. Make sure we reupdate the default service after we get a smartcard insertion event. --- js/gdm/util.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/js/gdm/util.js b/js/gdm/util.js index cea1a0918..9517150f0 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -331,6 +331,8 @@ const ShellUserVerifier = new Lang.Class({ else if (this._preemptingService == SMARTCARD_SERVICE_NAME) this._preemptingService = null; + this._updateDefaultService(); + this.emit('smartcard-status-changed'); } }, -- 2.12.0