Merge lp:~robert-ancell/lightdm/passive-authentication into lp:lightdm
- passive-authentication
- Merge into trunk
Proposed by
Robert Ancell
Status: | Work in progress |
---|---|
Proposed branch: | lp:~robert-ancell/lightdm/passive-authentication |
Merge into: | lp:lightdm |
Diff against target: |
793 lines (+372/-7) 18 files modified
data/lightdm.conf (+2/-0) liblightdm-gobject/greeter.c (+75/-0) liblightdm-gobject/lightdm/greeter.h (+4/-1) liblightdm-qt/QLightDM/greeter.h (+2/-0) liblightdm-qt/greeter.cpp (+16/-1) src/greeter.c (+111/-2) src/greeter.h (+1/-1) src/seat.c (+8/-2) src/session.c (+14/-0) src/session.h (+4/-0) tests/Makefile.am (+5/-0) tests/scripts/fingerprint.conf (+38/-0) tests/scripts/smartcard.conf (+36/-0) tests/src/libsystem.c (+38/-0) tests/src/test-gobject-greeter.c (+10/-0) tests/src/test-runner.c (+4/-0) tests/test-fingerprint (+2/-0) tests/test-smartcard (+2/-0) |
To merge this branch: | bzr merge lp:~robert-ancell/lightdm/passive-authentication |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
LightDM Development Team | Pending | ||
Review via email: mp+176042@code.launchpad.net |
Commit message
Add support for authentication that is not initiated graphically from the greeter, e.g. using fingerprint scanners / smartcard systems.
Description of the change
To post a comment you must log in.
- 1537. By Robert Ancell
-
Merge with trunk
- 1538. By Robert Ancell
-
Remove cclosure that is no longer required
- 1539. By Robert Ancell
-
Merge with trunk
- 1540. By Robert Ancell
-
Merge with trunk
- 1541. By Robert Ancell
-
Merge with trunk
- 1542. By Robert Ancell
-
Remove stray files
- 1543. By Robert Ancell
-
Merge with trunk
- 1544. By Robert Ancell
-
Merge with trunk
- 1545. By Robert Ancell
-
Merge with trunk
- 1546. By Robert Ancell
-
Merge with trunk
- 1547. By Robert Ancell
-
Merge with trunk
- 1548. By Robert Ancell
-
Merge with trunk
Unmerged revisions
- 1548. By Robert Ancell
-
Merge with trunk
- 1547. By Robert Ancell
-
Merge with trunk
- 1546. By Robert Ancell
-
Merge with trunk
- 1545. By Robert Ancell
-
Merge with trunk
- 1544. By Robert Ancell
-
Merge with trunk
- 1543. By Robert Ancell
-
Merge with trunk
- 1542. By Robert Ancell
-
Remove stray files
- 1541. By Robert Ancell
-
Merge with trunk
- 1540. By Robert Ancell
-
Merge with trunk
- 1539. By Robert Ancell
-
Merge with trunk
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'data/lightdm.conf' | |||
2 | --- data/lightdm.conf 2014-09-10 03:33:25 +0000 | |||
3 | +++ data/lightdm.conf 2014-10-02 07:53:03 +0000 | |||
4 | @@ -68,6 +68,7 @@ | |||
5 | 68 | # greeter-setup-script = Script to run when starting a greeter (runs as root) | 68 | # greeter-setup-script = Script to run when starting a greeter (runs as root) |
6 | 69 | # session-setup-script = Script to run when starting a user session (runs as root) | 69 | # session-setup-script = Script to run when starting a user session (runs as root) |
7 | 70 | # session-cleanup-script = Script to run when quitting a user session (runs as root) | 70 | # session-cleanup-script = Script to run when quitting a user session (runs as root) |
8 | 71 | # passive-services = PAM services to run which are triggered by external events (e.g. fingerprint, smartcard) | ||
9 | 71 | # autologin-guest = True to log in as guest by default | 72 | # autologin-guest = True to log in as guest by default |
10 | 72 | # autologin-user = User to log in with by default (overrides autologin-guest) | 73 | # autologin-user = User to log in with by default (overrides autologin-guest) |
11 | 73 | # autologin-user-timeout = Number of seconds to wait before loading default user | 74 | # autologin-user-timeout = Number of seconds to wait before loading default user |
12 | @@ -109,6 +110,7 @@ | |||
13 | 109 | #greeter-setup-script= | 110 | #greeter-setup-script= |
14 | 110 | #session-setup-script= | 111 | #session-setup-script= |
15 | 111 | #session-cleanup-script= | 112 | #session-cleanup-script= |
16 | 113 | #passive-services= | ||
17 | 112 | #autologin-guest=false | 114 | #autologin-guest=false |
18 | 113 | #autologin-user= | 115 | #autologin-user= |
19 | 114 | #autologin-user-timeout=0 | 116 | #autologin-user-timeout=0 |
20 | 115 | 117 | ||
21 | === modified file 'liblightdm-gobject/greeter.c' | |||
22 | --- liblightdm-gobject/greeter.c 2014-09-29 23:42:38 +0000 | |||
23 | +++ liblightdm-gobject/greeter.c 2014-10-02 07:53:03 +0000 | |||
24 | @@ -41,6 +41,7 @@ | |||
25 | 41 | AUTOLOGIN_TIMER_EXPIRED, | 41 | AUTOLOGIN_TIMER_EXPIRED, |
26 | 42 | IDLE, | 42 | IDLE, |
27 | 43 | RESET, | 43 | RESET, |
28 | 44 | OFFER_AUTHENTICATION, | ||
29 | 44 | LAST_SIGNAL | 45 | LAST_SIGNAL |
30 | 45 | }; | 46 | }; |
31 | 46 | static guint signals[LAST_SIGNAL] = { 0 }; | 47 | static guint signals[LAST_SIGNAL] = { 0 }; |
32 | @@ -107,6 +108,7 @@ | |||
33 | 107 | GREETER_MESSAGE_SET_LANGUAGE, | 108 | GREETER_MESSAGE_SET_LANGUAGE, |
34 | 108 | GREETER_MESSAGE_AUTHENTICATE_REMOTE, | 109 | GREETER_MESSAGE_AUTHENTICATE_REMOTE, |
35 | 109 | GREETER_MESSAGE_ENSURE_SHARED_DIR, | 110 | GREETER_MESSAGE_ENSURE_SHARED_DIR, |
36 | 111 | GREETER_MESSAGE_CHANGE_AUTHENTICATION, | ||
37 | 110 | } GreeterMessage; | 112 | } GreeterMessage; |
38 | 111 | 113 | ||
39 | 112 | /* Messages from the server to the greeter */ | 114 | /* Messages from the server to the greeter */ |
40 | @@ -119,6 +121,7 @@ | |||
41 | 119 | SERVER_MESSAGE_SHARED_DIR_RESULT, | 121 | SERVER_MESSAGE_SHARED_DIR_RESULT, |
42 | 120 | SERVER_MESSAGE_IDLE, | 122 | SERVER_MESSAGE_IDLE, |
43 | 121 | SERVER_MESSAGE_RESET, | 123 | SERVER_MESSAGE_RESET, |
44 | 124 | SERVER_MESSAGE_OFFER_AUTHENTICATION, | ||
45 | 122 | } ServerMessage; | 125 | } ServerMessage; |
46 | 123 | 126 | ||
47 | 124 | /* Request sent to server */ | 127 | /* Request sent to server */ |
48 | @@ -509,6 +512,20 @@ | |||
49 | 509 | } | 512 | } |
50 | 510 | 513 | ||
51 | 511 | static void | 514 | static void |
52 | 515 | handle_offer_authentication (LightDMGreeter *greeter, guint8 *message, gsize message_length, gsize *offset) | ||
53 | 516 | { | ||
54 | 517 | gchar *service; | ||
55 | 518 | |||
56 | 519 | service = read_string (message, message_length, offset); | ||
57 | 520 | |||
58 | 521 | g_debug ("Offering authentication with service %s", service); | ||
59 | 522 | |||
60 | 523 | g_signal_emit (G_OBJECT (greeter), signals[OFFER_AUTHENTICATION], 0, service); | ||
61 | 524 | |||
62 | 525 | g_free (service); | ||
63 | 526 | } | ||
64 | 527 | |||
65 | 528 | static void | ||
66 | 512 | handle_idle (LightDMGreeter *greeter, guint8 *message, gsize message_length, gsize *offset) | 529 | handle_idle (LightDMGreeter *greeter, guint8 *message, gsize message_length, gsize *offset) |
67 | 513 | { | 530 | { |
68 | 514 | g_signal_emit (G_OBJECT (greeter), signals[IDLE], 0); | 531 | g_signal_emit (G_OBJECT (greeter), signals[IDLE], 0); |
69 | @@ -595,6 +612,9 @@ | |||
70 | 595 | case SERVER_MESSAGE_PROMPT_AUTHENTICATION: | 612 | case SERVER_MESSAGE_PROMPT_AUTHENTICATION: |
71 | 596 | handle_prompt_authentication (greeter, message, message_length, &offset); | 613 | handle_prompt_authentication (greeter, message, message_length, &offset); |
72 | 597 | break; | 614 | break; |
73 | 615 | case SERVER_MESSAGE_OFFER_AUTHENTICATION: | ||
74 | 616 | handle_offer_authentication (greeter, message, message_length, &offset); | ||
75 | 617 | break; | ||
76 | 598 | case SERVER_MESSAGE_END_AUTHENTICATION: | 618 | case SERVER_MESSAGE_END_AUTHENTICATION: |
77 | 599 | handle_end_authentication (greeter, message, message_length, &offset); | 619 | handle_end_authentication (greeter, message, message_length, &offset); |
78 | 600 | break; | 620 | break; |
79 | @@ -1212,6 +1232,40 @@ | |||
80 | 1212 | } | 1232 | } |
81 | 1213 | 1233 | ||
82 | 1214 | /** | 1234 | /** |
83 | 1235 | * lightdm_greeter_change_authentication: | ||
84 | 1236 | * @greeter: A #LightDMGreeter | ||
85 | 1237 | * @service: The service to change to (as received from ::offer-authentication) | ||
86 | 1238 | * | ||
87 | 1239 | * Sets the requested service as the active authentication. | ||
88 | 1240 | **/ | ||
89 | 1241 | void | ||
90 | 1242 | lightdm_greeter_change_authentication (LightDMGreeter *greeter, const gchar *service) | ||
91 | 1243 | { | ||
92 | 1244 | LightDMGreeterPrivate *priv; | ||
93 | 1245 | guint8 message[MAX_MESSAGE_LENGTH]; | ||
94 | 1246 | gsize offset = 0; | ||
95 | 1247 | |||
96 | 1248 | g_return_if_fail (LIGHTDM_IS_GREETER (greeter)); | ||
97 | 1249 | |||
98 | 1250 | priv = GET_PRIVATE (greeter); | ||
99 | 1251 | |||
100 | 1252 | g_return_if_fail (priv->connected); | ||
101 | 1253 | |||
102 | 1254 | priv->cancelling_authentication = FALSE; | ||
103 | 1255 | priv->authenticate_sequence_number++; | ||
104 | 1256 | priv->in_authentication = TRUE; | ||
105 | 1257 | priv->is_authenticated = FALSE; | ||
106 | 1258 | g_free (priv->authentication_user); | ||
107 | 1259 | priv->authentication_user = NULL; | ||
108 | 1260 | |||
109 | 1261 | g_debug ("Changing to authentication service %s...", service); | ||
110 | 1262 | write_header (message, MAX_MESSAGE_LENGTH, GREETER_MESSAGE_CHANGE_AUTHENTICATION, int_length () + string_length (service), &offset); | ||
111 | 1263 | write_int (message, MAX_MESSAGE_LENGTH, priv->authenticate_sequence_number, &offset); | ||
112 | 1264 | write_string (message, MAX_MESSAGE_LENGTH, service, &offset); | ||
113 | 1265 | send_message (greeter, message, offset); | ||
114 | 1266 | } | ||
115 | 1267 | |||
116 | 1268 | /** | ||
117 | 1215 | * lightdm_greeter_respond: | 1269 | * lightdm_greeter_respond: |
118 | 1216 | * @greeter: A #LightDMGreeter | 1270 | * @greeter: A #LightDMGreeter |
119 | 1217 | * @response: Response to a prompt | 1271 | * @response: Response to a prompt |
120 | @@ -1866,6 +1920,27 @@ | |||
121 | 1866 | G_TYPE_NONE, 0); | 1920 | G_TYPE_NONE, 0); |
122 | 1867 | 1921 | ||
123 | 1868 | /** | 1922 | /** |
124 | 1923 | * LightDMGreeter::offer-authentication: | ||
125 | 1924 | * @greeter: A #LightDMGreeter | ||
126 | 1925 | * @service: The service that can be changed to | ||
127 | 1926 | * | ||
128 | 1927 | * The ::offer-authentication signal gets emitted when an uninitiated | ||
129 | 1928 | * authentication starts, for example a smartcard or fingerprint is | ||
130 | 1929 | * presented. | ||
131 | 1930 | * | ||
132 | 1931 | * If this authentication can be used the application should then call | ||
133 | 1932 | * lightdm_greeter_change_authentication(). | ||
134 | 1933 | **/ | ||
135 | 1934 | signals[OFFER_AUTHENTICATION] = | ||
136 | 1935 | g_signal_new ("offer-authentication", | ||
137 | 1936 | G_TYPE_FROM_CLASS (klass), | ||
138 | 1937 | G_SIGNAL_RUN_LAST, | ||
139 | 1938 | G_STRUCT_OFFSET (LightDMGreeterClass, offer_authentication), | ||
140 | 1939 | NULL, NULL, | ||
141 | 1940 | NULL, | ||
142 | 1941 | G_TYPE_NONE, 1, G_TYPE_STRING); | ||
143 | 1942 | |||
144 | 1943 | /** | ||
145 | 1869 | * LightDMGreeter::idle: | 1944 | * LightDMGreeter::idle: |
146 | 1870 | * @greeter: A #LightDMGreeter | 1945 | * @greeter: A #LightDMGreeter |
147 | 1871 | * | 1946 | * |
148 | 1872 | 1947 | ||
149 | === modified file 'liblightdm-gobject/lightdm/greeter.h' | |||
150 | --- liblightdm-gobject/lightdm/greeter.h 2014-09-29 23:42:38 +0000 | |||
151 | +++ liblightdm-gobject/lightdm/greeter.h 2014-10-02 07:53:03 +0000 | |||
152 | @@ -29,6 +29,7 @@ | |||
153 | 29 | #define LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED "autologin-timer-expired" | 29 | #define LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED "autologin-timer-expired" |
154 | 30 | #define LIGHTDM_GREETER_SIGNAL_IDLE "idle" | 30 | #define LIGHTDM_GREETER_SIGNAL_IDLE "idle" |
155 | 31 | #define LIGHTDM_GREETER_SIGNAL_RESET "reset" | 31 | #define LIGHTDM_GREETER_SIGNAL_RESET "reset" |
156 | 32 | #define LIGHTDM_GREETER_SIGNAL_OFFER_AUTHENTICATION "offer-authentication" | ||
157 | 32 | 33 | ||
158 | 33 | /** | 34 | /** |
159 | 34 | * LightDMPromptType: | 35 | * LightDMPromptType: |
160 | @@ -67,12 +68,12 @@ | |||
161 | 67 | void (*autologin_timer_expired)(LightDMGreeter *greeter); | 68 | void (*autologin_timer_expired)(LightDMGreeter *greeter); |
162 | 68 | void (*idle)(LightDMGreeter *greeter); | 69 | void (*idle)(LightDMGreeter *greeter); |
163 | 69 | void (*reset)(LightDMGreeter *greeter); | 70 | void (*reset)(LightDMGreeter *greeter); |
164 | 71 | void (*offer_authentication) (LightDMGreeter *greeter, const gchar *service); | ||
165 | 70 | 72 | ||
166 | 71 | /* Reserved */ | 73 | /* Reserved */ |
167 | 72 | void (*reserved1) (void); | 74 | void (*reserved1) (void); |
168 | 73 | void (*reserved2) (void); | 75 | void (*reserved2) (void); |
169 | 74 | void (*reserved3) (void); | 76 | void (*reserved3) (void); |
170 | 75 | void (*reserved4) (void); | ||
171 | 76 | } LightDMGreeterClass; | 77 | } LightDMGreeterClass; |
172 | 77 | 78 | ||
173 | 78 | GType lightdm_greeter_get_type (void); | 79 | GType lightdm_greeter_get_type (void); |
174 | @@ -123,6 +124,8 @@ | |||
175 | 123 | 124 | ||
176 | 124 | void lightdm_greeter_authenticate_remote (LightDMGreeter *greeter, const gchar *session, const gchar *username); | 125 | void lightdm_greeter_authenticate_remote (LightDMGreeter *greeter, const gchar *session, const gchar *username); |
177 | 125 | 126 | ||
178 | 127 | void lightdm_greeter_change_authentication (LightDMGreeter *greeter, const gchar *service); | ||
179 | 128 | |||
180 | 126 | void lightdm_greeter_respond (LightDMGreeter *greeter, const gchar *response); | 129 | void lightdm_greeter_respond (LightDMGreeter *greeter, const gchar *response); |
181 | 127 | 130 | ||
182 | 128 | void lightdm_greeter_cancel_authentication (LightDMGreeter *greeter); | 131 | void lightdm_greeter_cancel_authentication (LightDMGreeter *greeter); |
183 | 129 | 132 | ||
184 | === modified file 'liblightdm-qt/QLightDM/greeter.h' | |||
185 | --- liblightdm-qt/QLightDM/greeter.h 2014-09-19 03:16:14 +0000 | |||
186 | +++ liblightdm-qt/QLightDM/greeter.h 2014-10-02 07:53:03 +0000 | |||
187 | @@ -77,6 +77,7 @@ | |||
188 | 77 | void authenticateAsGuest(); | 77 | void authenticateAsGuest(); |
189 | 78 | void authenticateAutologin(); | 78 | void authenticateAutologin(); |
190 | 79 | void authenticateRemote(const QString &session=QString(), const QString &username=QString()); | 79 | void authenticateRemote(const QString &session=QString(), const QString &username=QString()); |
191 | 80 | void changeAuthentication(const QString &service); | ||
192 | 80 | void respond(const QString &response); | 81 | void respond(const QString &response); |
193 | 81 | void cancelAuthentication(); | 82 | void cancelAuthentication(); |
194 | 82 | void setLanguage (const QString &language); | 83 | void setLanguage (const QString &language); |
195 | @@ -91,6 +92,7 @@ | |||
196 | 91 | void autologinTimerExpired(); | 92 | void autologinTimerExpired(); |
197 | 92 | void idle(); | 93 | void idle(); |
198 | 93 | void reset(); | 94 | void reset(); |
199 | 95 | void offerAuthentication(QString service); | ||
200 | 94 | 96 | ||
201 | 95 | private: | 97 | private: |
202 | 96 | GreeterPrivate *d_ptr; | 98 | GreeterPrivate *d_ptr; |
203 | 97 | 99 | ||
204 | === modified file 'liblightdm-qt/greeter.cpp' | |||
205 | --- liblightdm-qt/greeter.cpp 2014-09-29 23:42:38 +0000 | |||
206 | +++ liblightdm-qt/greeter.cpp 2014-10-02 07:53:03 +0000 | |||
207 | @@ -35,7 +35,7 @@ | |||
208 | 35 | static void cb_autoLoginExpired(LightDMGreeter *greeter, gpointer data); | 35 | static void cb_autoLoginExpired(LightDMGreeter *greeter, gpointer data); |
209 | 36 | static void cb_idle(LightDMGreeter *greeter, gpointer data); | 36 | static void cb_idle(LightDMGreeter *greeter, gpointer data); |
210 | 37 | static void cb_reset(LightDMGreeter *greeter, gpointer data); | 37 | static void cb_reset(LightDMGreeter *greeter, gpointer data); |
212 | 38 | 38 | static void cb_offerAuthentication(LightDMGreeter *greeter, const gchar *service, gpointer data); | |
213 | 39 | private: | 39 | private: |
214 | 40 | Q_DECLARE_PUBLIC(Greeter) | 40 | Q_DECLARE_PUBLIC(Greeter) |
215 | 41 | }; | 41 | }; |
216 | @@ -54,6 +54,7 @@ | |||
217 | 54 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED, G_CALLBACK (cb_autoLoginExpired), this); | 54 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED, G_CALLBACK (cb_autoLoginExpired), this); |
218 | 55 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_IDLE, G_CALLBACK (cb_idle), this); | 55 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_IDLE, G_CALLBACK (cb_idle), this); |
219 | 56 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_RESET, G_CALLBACK (cb_reset), this); | 56 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_RESET, G_CALLBACK (cb_reset), this); |
220 | 57 | g_signal_connect (ldmGreeter, LIGHTDM_GREETER_SIGNAL_OFFER_AUTHENTICATION, G_CALLBACK (cb_offerAuthentication), this); | ||
221 | 57 | } | 58 | } |
222 | 58 | 59 | ||
223 | 59 | void GreeterPrivate::cb_showPrompt(LightDMGreeter *greeter, const gchar *text, LightDMPromptType type, gpointer data) | 60 | void GreeterPrivate::cb_showPrompt(LightDMGreeter *greeter, const gchar *text, LightDMPromptType type, gpointer data) |
224 | @@ -106,6 +107,14 @@ | |||
225 | 106 | Q_EMIT that->q_func()->reset(); | 107 | Q_EMIT that->q_func()->reset(); |
226 | 107 | } | 108 | } |
227 | 108 | 109 | ||
228 | 110 | void GreeterPrivate::cb_offerAuthentication(LightDMGreeter *greeter, const gchar *service, gpointer data) | ||
229 | 111 | { | ||
230 | 112 | Q_UNUSED(greeter); | ||
231 | 113 | GreeterPrivate *that = static_cast<GreeterPrivate*>(data); | ||
232 | 114 | QString service_string = QString::fromUtf8(service); | ||
233 | 115 | Q_EMIT that->q_func()->offerAuthentication(service_string); | ||
234 | 116 | } | ||
235 | 117 | |||
236 | 109 | Greeter::Greeter(QObject *parent) : | 118 | Greeter::Greeter(QObject *parent) : |
237 | 110 | QObject(parent), | 119 | QObject(parent), |
238 | 111 | d_ptr(new GreeterPrivate(this)) | 120 | d_ptr(new GreeterPrivate(this)) |
239 | @@ -154,6 +163,12 @@ | |||
240 | 154 | lightdm_greeter_authenticate_remote(d->ldmGreeter, session.toLocal8Bit().data(), username.toLocal8Bit().data()); | 163 | lightdm_greeter_authenticate_remote(d->ldmGreeter, session.toLocal8Bit().data(), username.toLocal8Bit().data()); |
241 | 155 | } | 164 | } |
242 | 156 | 165 | ||
243 | 166 | void Greeter::changeAuthentication(const QString &service) | ||
244 | 167 | { | ||
245 | 168 | Q_D(Greeter); | ||
246 | 169 | lightdm_greeter_change_authentication(d->ldmGreeter, service.toLocal8Bit().data()); | ||
247 | 170 | } | ||
248 | 171 | |||
249 | 157 | void Greeter::respond(const QString &response) | 172 | void Greeter::respond(const QString &response) |
250 | 158 | { | 173 | { |
251 | 159 | Q_D(Greeter); | 174 | Q_D(Greeter); |
252 | 160 | 175 | ||
253 | === modified file 'src/greeter.c' | |||
254 | --- src/greeter.c 2014-09-29 23:42:38 +0000 | |||
255 | +++ src/greeter.c 2014-10-02 07:53:03 +0000 | |||
256 | @@ -40,6 +40,9 @@ | |||
257 | 40 | gchar *pam_service; | 40 | gchar *pam_service; |
258 | 41 | gchar *autologin_pam_service; | 41 | gchar *autologin_pam_service; |
259 | 42 | 42 | ||
260 | 43 | /* PAM services to that are triggered by external events */ | ||
261 | 44 | gchar **passive_services; | ||
262 | 45 | |||
263 | 43 | /* Buffer for data read from greeter */ | 46 | /* Buffer for data read from greeter */ |
264 | 44 | guint8 *read_buffer; | 47 | guint8 *read_buffer; |
265 | 45 | gsize n_read; | 48 | gsize n_read; |
266 | @@ -63,6 +66,9 @@ | |||
267 | 63 | /* PAM session being constructed by the greeter */ | 66 | /* PAM session being constructed by the greeter */ |
268 | 64 | Session *authentication_session; | 67 | Session *authentication_session; |
269 | 65 | 68 | ||
270 | 69 | /* Background sessions being authenticated by the greeter */ | ||
271 | 70 | GList *passive_sessions; | ||
272 | 71 | |||
273 | 66 | /* TRUE if a the greeter can handle a reset; else we will just kill it instead */ | 72 | /* TRUE if a the greeter can handle a reset; else we will just kill it instead */ |
274 | 67 | gboolean resettable; | 73 | gboolean resettable; |
275 | 68 | 74 | ||
276 | @@ -95,6 +101,7 @@ | |||
277 | 95 | GREETER_MESSAGE_SET_LANGUAGE, | 101 | GREETER_MESSAGE_SET_LANGUAGE, |
278 | 96 | GREETER_MESSAGE_AUTHENTICATE_REMOTE, | 102 | GREETER_MESSAGE_AUTHENTICATE_REMOTE, |
279 | 97 | GREETER_MESSAGE_ENSURE_SHARED_DIR, | 103 | GREETER_MESSAGE_ENSURE_SHARED_DIR, |
280 | 104 | GREETER_MESSAGE_CHANGE_AUTHENTICATION, | ||
281 | 98 | } GreeterMessage; | 105 | } GreeterMessage; |
282 | 99 | 106 | ||
283 | 100 | /* Messages from the server to the greeter */ | 107 | /* Messages from the server to the greeter */ |
284 | @@ -107,6 +114,7 @@ | |||
285 | 107 | SERVER_MESSAGE_SHARED_DIR_RESULT, | 114 | SERVER_MESSAGE_SHARED_DIR_RESULT, |
286 | 108 | SERVER_MESSAGE_IDLE, | 115 | SERVER_MESSAGE_IDLE, |
287 | 109 | SERVER_MESSAGE_RESET, | 116 | SERVER_MESSAGE_RESET, |
288 | 117 | SERVER_MESSAGE_OFFER_AUTHENTICATION, | ||
289 | 110 | } ServerMessage; | 118 | } ServerMessage; |
290 | 111 | 119 | ||
291 | 112 | static gboolean read_cb (GIOChannel *source, GIOCondition condition, gpointer data); | 120 | static gboolean read_cb (GIOChannel *source, GIOCondition condition, gpointer data); |
292 | @@ -118,12 +126,13 @@ | |||
293 | 118 | } | 126 | } |
294 | 119 | 127 | ||
295 | 120 | void | 128 | void |
297 | 121 | greeter_set_pam_services (Greeter *greeter, const gchar *pam_service, const gchar *autologin_pam_service) | 129 | greeter_set_pam_services (Greeter *greeter, const gchar *pam_service, const gchar *autologin_pam_service, gchar **passive_services) |
298 | 122 | { | 130 | { |
299 | 123 | g_free (greeter->priv->pam_service); | 131 | g_free (greeter->priv->pam_service); |
300 | 124 | greeter->priv->pam_service = g_strdup (pam_service); | 132 | greeter->priv->pam_service = g_strdup (pam_service); |
301 | 125 | g_free (greeter->priv->autologin_pam_service); | 133 | g_free (greeter->priv->autologin_pam_service); |
302 | 126 | greeter->priv->autologin_pam_service = g_strdup (autologin_pam_service); | 134 | greeter->priv->autologin_pam_service = g_strdup (autologin_pam_service); |
303 | 135 | greeter->priv->passive_services = g_strdupv (passive_services); | ||
304 | 127 | } | 136 | } |
305 | 128 | 137 | ||
306 | 129 | void | 138 | void |
307 | @@ -258,6 +267,33 @@ | |||
308 | 258 | } | 267 | } |
309 | 259 | 268 | ||
310 | 260 | static void | 269 | static void |
311 | 270 | offer_service (Greeter *greeter, const gchar *service) | ||
312 | 271 | { | ||
313 | 272 | guint8 message[MAX_MESSAGE_LENGTH]; | ||
314 | 273 | gsize offset = 0; | ||
315 | 274 | guint32 length; | ||
316 | 275 | |||
317 | 276 | g_debug ("Greeter offering authentication with service %s", service); | ||
318 | 277 | |||
319 | 278 | length = string_length (service); | ||
320 | 279 | write_header (message, MAX_MESSAGE_LENGTH, SERVER_MESSAGE_OFFER_AUTHENTICATION, length, &offset); | ||
321 | 280 | write_string (message, MAX_MESSAGE_LENGTH, service, &offset); | ||
322 | 281 | write_message (greeter, message, offset); | ||
323 | 282 | } | ||
324 | 283 | |||
325 | 284 | static void | ||
326 | 285 | passive_messages_cb (Session *session, Greeter *greeter) | ||
327 | 286 | { | ||
328 | 287 | offer_service (greeter, session_get_pam_service (session)); | ||
329 | 288 | } | ||
330 | 289 | |||
331 | 290 | static void | ||
332 | 291 | passive_complete_cb (Session *session, Greeter *greeter) | ||
333 | 292 | { | ||
334 | 293 | offer_service (greeter, session_get_pam_service (session)); | ||
335 | 294 | } | ||
336 | 295 | |||
337 | 296 | static void | ||
338 | 261 | handle_connect (Greeter *greeter, const gchar *version, gboolean resettable) | 297 | handle_connect (Greeter *greeter, const gchar *version, gboolean resettable) |
339 | 262 | { | 298 | { |
340 | 263 | guint8 message[MAX_MESSAGE_LENGTH]; | 299 | guint8 message[MAX_MESSAGE_LENGTH]; |
341 | @@ -265,6 +301,7 @@ | |||
342 | 265 | guint32 length; | 301 | guint32 length; |
343 | 266 | GHashTableIter iter; | 302 | GHashTableIter iter; |
344 | 267 | gpointer key, value; | 303 | gpointer key, value; |
345 | 304 | int i; | ||
346 | 268 | 305 | ||
347 | 269 | l_debug (greeter, "Greeter connected version=%s resettable=%s", version, resettable ? "true" : "false"); | 306 | l_debug (greeter, "Greeter connected version=%s resettable=%s", version, resettable ? "true" : "false"); |
348 | 270 | 307 | ||
349 | @@ -285,6 +322,24 @@ | |||
350 | 285 | } | 322 | } |
351 | 286 | write_message (greeter, message, offset); | 323 | write_message (greeter, message, offset); |
352 | 287 | 324 | ||
353 | 325 | /* Start background authentications */ | ||
354 | 326 | if (greeter->priv->passive_services) | ||
355 | 327 | { | ||
356 | 328 | for (i = 0; greeter->priv->passive_services[i]; i++) | ||
357 | 329 | { | ||
358 | 330 | Session *session; | ||
359 | 331 | |||
360 | 332 | g_signal_emit (greeter, signals[CREATE_SESSION], 0, &session); | ||
361 | 333 | greeter->priv->passive_sessions = g_list_append (greeter->priv->passive_sessions, session); | ||
362 | 334 | g_signal_connect (G_OBJECT (session), "got-messages", G_CALLBACK (passive_messages_cb), greeter); | ||
363 | 335 | g_signal_connect (G_OBJECT (session), "authentication-complete", G_CALLBACK (passive_complete_cb), greeter); | ||
364 | 336 | session_set_pam_service (session, greeter->priv->passive_services[i]); | ||
365 | 337 | session_set_do_authenticate (session, TRUE); | ||
366 | 338 | session_set_is_interactive (session, TRUE); | ||
367 | 339 | session_start (session); | ||
368 | 340 | } | ||
369 | 341 | } | ||
370 | 342 | |||
371 | 288 | g_signal_emit (greeter, signals[CONNECTED], 0); | 343 | g_signal_emit (greeter, signals[CONNECTED], 0); |
372 | 289 | } | 344 | } |
373 | 290 | 345 | ||
374 | @@ -572,6 +627,45 @@ | |||
375 | 572 | } | 627 | } |
376 | 573 | 628 | ||
377 | 574 | static void | 629 | static void |
378 | 630 | handle_change_authentication (Greeter *greeter, guint32 sequence_number, const gchar *service) | ||
379 | 631 | { | ||
380 | 632 | Session *session = NULL; | ||
381 | 633 | GList *link; | ||
382 | 634 | |||
383 | 635 | g_debug ("Greeter change authentication to service %s", service); | ||
384 | 636 | |||
385 | 637 | /* Find this session */ | ||
386 | 638 | for (link = greeter->priv->passive_sessions; link; link = link->next) | ||
387 | 639 | { | ||
388 | 640 | Session *s = link->data; | ||
389 | 641 | if (strcmp (service, session_get_pam_service (s)) == 0) | ||
390 | 642 | { | ||
391 | 643 | session = s; | ||
392 | 644 | break; | ||
393 | 645 | } | ||
394 | 646 | } | ||
395 | 647 | if (session == NULL) | ||
396 | 648 | { | ||
397 | 649 | g_warning ("Greeter requested unknown service %s", service); | ||
398 | 650 | return; | ||
399 | 651 | } | ||
400 | 652 | |||
401 | 653 | reset_session (greeter); | ||
402 | 654 | |||
403 | 655 | greeter->priv->authentication_sequence_number = sequence_number; | ||
404 | 656 | |||
405 | 657 | /* Listen to this new service */ | ||
406 | 658 | greeter->priv->authentication_session = g_object_ref (session); | ||
407 | 659 | g_signal_handlers_disconnect_matched (session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, greeter); | ||
408 | 660 | g_signal_connect (G_OBJECT (session), "got-messages", G_CALLBACK (pam_messages_cb), greeter); | ||
409 | 661 | g_signal_connect (G_OBJECT (session), "authentication-complete", G_CALLBACK (authentication_complete_cb), greeter); | ||
410 | 662 | if (session_get_is_authentication_complete (session)) | ||
411 | 663 | authentication_complete_cb (session, greeter); | ||
412 | 664 | else | ||
413 | 665 | pam_messages_cb (session, greeter); | ||
414 | 666 | } | ||
415 | 667 | |||
416 | 668 | static void | ||
417 | 575 | handle_continue_authentication (Greeter *greeter, gchar **secrets) | 669 | handle_continue_authentication (Greeter *greeter, gchar **secrets) |
418 | 576 | { | 670 | { |
419 | 577 | int messages_length; | 671 | int messages_length; |
420 | @@ -790,7 +884,7 @@ | |||
421 | 790 | GIOStatus status; | 884 | GIOStatus status; |
422 | 791 | int id, length, i; | 885 | int id, length, i; |
423 | 792 | guint32 sequence_number, n_secrets, max_secrets; | 886 | guint32 sequence_number, n_secrets, max_secrets; |
425 | 793 | gchar *version, *username, *session_name, *language; | 887 | gchar *version, *username, *session_name, *language, *service; |
426 | 794 | gchar **secrets; | 888 | gchar **secrets; |
427 | 795 | gboolean resettable = FALSE; | 889 | gboolean resettable = FALSE; |
428 | 796 | GError *error = NULL; | 890 | GError *error = NULL; |
429 | @@ -868,6 +962,12 @@ | |||
430 | 868 | username = read_string (greeter, &offset); | 962 | username = read_string (greeter, &offset); |
431 | 869 | handle_login_remote (greeter, session_name, username, sequence_number); | 963 | handle_login_remote (greeter, session_name, username, sequence_number); |
432 | 870 | break; | 964 | break; |
433 | 965 | case GREETER_MESSAGE_CHANGE_AUTHENTICATION: | ||
434 | 966 | sequence_number = read_int (greeter, &offset); | ||
435 | 967 | service = read_string (greeter, &offset); | ||
436 | 968 | handle_change_authentication (greeter, sequence_number, service); | ||
437 | 969 | g_free (service); | ||
438 | 970 | break; | ||
439 | 871 | case GREETER_MESSAGE_CONTINUE_AUTHENTICATION: | 971 | case GREETER_MESSAGE_CONTINUE_AUTHENTICATION: |
440 | 872 | n_secrets = read_int (greeter, &offset); | 972 | n_secrets = read_int (greeter, &offset); |
441 | 873 | max_secrets = (G_MAXUINT32 - 1) / sizeof (gchar *); | 973 | max_secrets = (G_MAXUINT32 - 1) / sizeof (gchar *); |
442 | @@ -1035,11 +1135,13 @@ | |||
443 | 1035 | greeter_finalize (GObject *object) | 1135 | greeter_finalize (GObject *object) |
444 | 1036 | { | 1136 | { |
445 | 1037 | Greeter *self; | 1137 | Greeter *self; |
446 | 1138 | GList *link; | ||
447 | 1038 | 1139 | ||
448 | 1039 | self = GREETER (object); | 1140 | self = GREETER (object); |
449 | 1040 | 1141 | ||
450 | 1041 | g_free (self->priv->pam_service); | 1142 | g_free (self->priv->pam_service); |
451 | 1042 | g_free (self->priv->autologin_pam_service); | 1143 | g_free (self->priv->autologin_pam_service); |
452 | 1144 | g_strfreev (self->priv->passive_services); | ||
453 | 1043 | secure_free (self, self->priv->read_buffer); | 1145 | secure_free (self, self->priv->read_buffer); |
454 | 1044 | g_hash_table_unref (self->priv->hints); | 1146 | g_hash_table_unref (self->priv->hints); |
455 | 1045 | g_free (self->priv->remote_session); | 1147 | g_free (self->priv->remote_session); |
456 | @@ -1049,6 +1151,13 @@ | |||
457 | 1049 | g_signal_handlers_disconnect_matched (self->priv->authentication_session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self); | 1151 | g_signal_handlers_disconnect_matched (self->priv->authentication_session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self); |
458 | 1050 | g_object_unref (self->priv->authentication_session); | 1152 | g_object_unref (self->priv->authentication_session); |
459 | 1051 | } | 1153 | } |
460 | 1154 | for (link = self->priv->passive_sessions; link; link = link->next) | ||
461 | 1155 | { | ||
462 | 1156 | Session *session = link->data; | ||
463 | 1157 | g_signal_handlers_disconnect_matched (session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self); | ||
464 | 1158 | g_object_unref (session); | ||
465 | 1159 | } | ||
466 | 1160 | g_list_free (self->priv->passive_sessions); | ||
467 | 1052 | if (self->priv->to_greeter_channel) | 1161 | if (self->priv->to_greeter_channel) |
468 | 1053 | g_io_channel_unref (self->priv->to_greeter_channel); | 1162 | g_io_channel_unref (self->priv->to_greeter_channel); |
469 | 1054 | if (self->priv->from_greeter_channel) | 1163 | if (self->priv->from_greeter_channel) |
470 | 1055 | 1164 | ||
471 | === modified file 'src/greeter.h' | |||
472 | --- src/greeter.h 2014-09-29 23:42:38 +0000 | |||
473 | +++ src/greeter.h 2014-10-02 07:53:03 +0000 | |||
474 | @@ -50,7 +50,7 @@ | |||
475 | 50 | 50 | ||
476 | 51 | Greeter *greeter_new (void); | 51 | Greeter *greeter_new (void); |
477 | 52 | 52 | ||
479 | 53 | void greeter_set_pam_services (Greeter *greeter, const gchar *pam_service, const gchar *autologin_pam_service); | 53 | void greeter_set_pam_services (Greeter *greeter, const gchar *pam_service, const gchar *autologin_pam_service, gchar **passive_services); |
480 | 54 | 54 | ||
481 | 55 | void greeter_set_allow_guest (Greeter *greeter, gboolean allow_guest); | 55 | void greeter_set_allow_guest (Greeter *greeter, gboolean allow_guest); |
482 | 56 | 56 | ||
483 | 57 | 57 | ||
484 | === modified file 'src/seat.c' | |||
485 | --- src/seat.c 2014-09-29 23:42:38 +0000 | |||
486 | +++ src/seat.c 2014-10-02 07:53:03 +0000 | |||
487 | @@ -1186,7 +1186,8 @@ | |||
488 | 1186 | gchar *sessions_dir, **argv; | 1186 | gchar *sessions_dir, **argv; |
489 | 1187 | SessionConfig *session_config; | 1187 | SessionConfig *session_config; |
490 | 1188 | Greeter *greeter_session; | 1188 | Greeter *greeter_session; |
492 | 1189 | const gchar *greeter_wrapper; | 1189 | const gchar *greeter_wrapper, *service_list; |
493 | 1190 | gchar **passive_services; | ||
494 | 1190 | const gchar *autologin_username; | 1191 | const gchar *autologin_username; |
495 | 1191 | int autologin_timeout; | 1192 | int autologin_timeout; |
496 | 1192 | gboolean autologin_guest; | 1193 | gboolean autologin_guest; |
497 | @@ -1235,9 +1236,14 @@ | |||
498 | 1235 | session_set_argv (SESSION (greeter_session), argv); | 1236 | session_set_argv (SESSION (greeter_session), argv); |
499 | 1236 | g_strfreev (argv); | 1237 | g_strfreev (argv); |
500 | 1237 | 1238 | ||
501 | 1239 | service_list = seat_get_string_property (seat, "passive-services"); | ||
502 | 1240 | passive_services = service_list ? g_strsplit (service_list, " ", -1) : NULL; | ||
503 | 1238 | greeter_set_pam_services (greeter_session, | 1241 | greeter_set_pam_services (greeter_session, |
504 | 1239 | seat_get_string_property (seat, "pam-service"), | 1242 | seat_get_string_property (seat, "pam-service"), |
506 | 1240 | seat_get_string_property (seat, "pam-autologin-service")); | 1243 | seat_get_string_property (seat, "pam-autologin-service"), |
507 | 1244 | passive_services); | ||
508 | 1245 | g_strfreev (passive_services); | ||
509 | 1246 | greeter_set_allow_guest (greeter_session, seat_get_allow_guest (seat)); | ||
510 | 1241 | g_signal_connect (greeter_session, GREETER_SIGNAL_CREATE_SESSION, G_CALLBACK (greeter_create_session_cb), seat); | 1247 | g_signal_connect (greeter_session, GREETER_SIGNAL_CREATE_SESSION, G_CALLBACK (greeter_create_session_cb), seat); |
511 | 1242 | g_signal_connect (greeter_session, GREETER_SIGNAL_START_SESSION, G_CALLBACK (greeter_start_session_cb), seat); | 1248 | g_signal_connect (greeter_session, GREETER_SIGNAL_START_SESSION, G_CALLBACK (greeter_start_session_cb), seat); |
512 | 1243 | 1249 | ||
513 | 1244 | 1250 | ||
514 | === modified file 'src/session.c' | |||
515 | --- src/session.c 2014-09-29 23:42:38 +0000 | |||
516 | +++ src/session.c 2014-10-02 07:53:03 +0000 | |||
517 | @@ -646,6 +646,13 @@ | |||
518 | 646 | } | 646 | } |
519 | 647 | 647 | ||
520 | 648 | const gchar * | 648 | const gchar * |
521 | 649 | session_get_pam_service (Session *session) | ||
522 | 650 | { | ||
523 | 651 | g_return_val_if_fail (session != NULL, NULL); | ||
524 | 652 | return session->priv->pam_service; | ||
525 | 653 | } | ||
526 | 654 | |||
527 | 655 | const gchar * | ||
528 | 649 | session_get_username (Session *session) | 656 | session_get_username (Session *session) |
529 | 650 | { | 657 | { |
530 | 651 | g_return_val_if_fail (session != NULL, NULL); | 658 | g_return_val_if_fail (session != NULL, NULL); |
531 | @@ -706,6 +713,13 @@ | |||
532 | 706 | } | 713 | } |
533 | 707 | 714 | ||
534 | 708 | gboolean | 715 | gboolean |
535 | 716 | session_get_is_authentication_complete (Session *session) | ||
536 | 717 | { | ||
537 | 718 | g_return_val_if_fail (session != NULL, FALSE); | ||
538 | 719 | return session->priv->authentication_complete; | ||
539 | 720 | } | ||
540 | 721 | |||
541 | 722 | gboolean | ||
542 | 709 | session_get_is_authenticated (Session *session) | 723 | session_get_is_authenticated (Session *session) |
543 | 710 | { | 724 | { |
544 | 711 | g_return_val_if_fail (session != NULL, FALSE); | 725 | g_return_val_if_fail (session != NULL, FALSE); |
545 | 712 | 726 | ||
546 | === modified file 'src/session.h' | |||
547 | --- src/session.h 2014-09-29 23:42:38 +0000 | |||
548 | +++ src/session.h 2014-10-02 07:53:03 +0000 | |||
549 | @@ -74,6 +74,8 @@ | |||
550 | 74 | 74 | ||
551 | 75 | void session_set_pam_service (Session *session, const gchar *pam_service); | 75 | void session_set_pam_service (Session *session, const gchar *pam_service); |
552 | 76 | 76 | ||
553 | 77 | const gchar *session_get_pam_service (Session *session); | ||
554 | 78 | |||
555 | 77 | void session_set_username (Session *session, const gchar *username); | 79 | void session_set_username (Session *session, const gchar *username); |
556 | 78 | 80 | ||
557 | 79 | void session_set_do_authenticate (Session *session, gboolean do_authenticate); | 81 | void session_set_do_authenticate (Session *session, gboolean do_authenticate); |
558 | @@ -125,6 +127,8 @@ | |||
559 | 125 | 127 | ||
560 | 126 | const struct pam_message *session_get_messages (Session *session); | 128 | const struct pam_message *session_get_messages (Session *session); |
561 | 127 | 129 | ||
562 | 130 | gboolean session_get_is_authentication_complete (Session *session); | ||
563 | 131 | |||
564 | 128 | gboolean session_get_is_authenticated (Session *session); | 132 | gboolean session_get_is_authenticated (Session *session); |
565 | 129 | 133 | ||
566 | 130 | int session_get_authentication_result (Session *session); | 134 | int session_get_authentication_result (Session *session); |
567 | 131 | 135 | ||
568 | === modified file 'tests/Makefile.am' | |||
569 | --- tests/Makefile.am 2014-10-02 06:51:36 +0000 | |||
570 | +++ tests/Makefile.am 2014-10-02 07:53:03 +0000 | |||
571 | @@ -36,6 +36,8 @@ | |||
572 | 36 | test-autologin-guest-timeout-gobject \ | 36 | test-autologin-guest-timeout-gobject \ |
573 | 37 | test-change-authentication \ | 37 | test-change-authentication \ |
574 | 38 | test-restart-authentication \ | 38 | test-restart-authentication \ |
575 | 39 | test-fingerprint \ | ||
576 | 40 | test-smartcard \ | ||
577 | 39 | test-cancel-authentication-gobject \ | 41 | test-cancel-authentication-gobject \ |
578 | 40 | test-login-pam \ | 42 | test-login-pam \ |
579 | 41 | test-login-pam-config \ | 43 | test-login-pam-config \ |
580 | @@ -387,6 +389,7 @@ | |||
581 | 387 | scripts/dbus.conf \ | 389 | scripts/dbus.conf \ |
582 | 388 | scripts/denied.conf \ | 390 | scripts/denied.conf \ |
583 | 389 | scripts/expired.conf \ | 391 | scripts/expired.conf \ |
584 | 392 | scripts/fingerprint.conf \ | ||
585 | 390 | scripts/greeter-allow-guest.conf \ | 393 | scripts/greeter-allow-guest.conf \ |
586 | 391 | scripts/greeter-crash.conf \ | 394 | scripts/greeter-crash.conf \ |
587 | 392 | scripts/greeter-default-session.conf \ | 395 | scripts/greeter-default-session.conf \ |
588 | @@ -491,6 +494,8 @@ | |||
589 | 491 | scripts/session-stderr.conf \ | 494 | scripts/session-stderr.conf \ |
590 | 492 | scripts/session-stderr-multi-write.conf \ | 495 | scripts/session-stderr-multi-write.conf \ |
591 | 493 | scripts/session-stderr-backup.conf \ | 496 | scripts/session-stderr-backup.conf \ |
592 | 497 | scripts/smartcard.conf \ | ||
593 | 498 | scripts/surfaceflinger-autologin.conf \ | ||
594 | 494 | scripts/switch-to-greeter.conf \ | 499 | scripts/switch-to-greeter.conf \ |
595 | 495 | scripts/switch-to-greeter-disabled.conf \ | 500 | scripts/switch-to-greeter-disabled.conf \ |
596 | 496 | scripts/switch-to-greeter-new-session.conf \ | 501 | scripts/switch-to-greeter-new-session.conf \ |
597 | 497 | 502 | ||
598 | === added file 'tests/scripts/fingerprint.conf' | |||
599 | --- tests/scripts/fingerprint.conf 1970-01-01 00:00:00 +0000 | |||
600 | +++ tests/scripts/fingerprint.conf 2014-10-02 07:53:03 +0000 | |||
601 | @@ -0,0 +1,38 @@ | |||
602 | 1 | # | ||
603 | 2 | # Check can handle a fingerprint user than then requires a password | ||
604 | 3 | # | ||
605 | 4 | |||
606 | 5 | [SeatDefaults] | ||
607 | 6 | passive-services=lightdm-fingerprint | ||
608 | 7 | |||
609 | 8 | #?*START-DAEMON | ||
610 | 9 | #?RUNNER DAEMON-START | ||
611 | 10 | |||
612 | 11 | # X server starts | ||
613 | 12 | #?XSERVER-0 START VT=7 SEAT=seat0 | ||
614 | 13 | |||
615 | 14 | # Daemon connects when X server is ready | ||
616 | 15 | #?*XSERVER-0 INDICATE-READY | ||
617 | 16 | #?XSERVER-0 INDICATE-READY | ||
618 | 17 | #?XSERVER-0 ACCEPT-CONNECT | ||
619 | 18 | |||
620 | 19 | # Greeter starts | ||
621 | 20 | #?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter | ||
622 | 21 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 | ||
623 | 22 | #?XSERVER-0 ACCEPT-CONNECT | ||
624 | 23 | #?GREETER-X-0 CONNECT-XSERVER | ||
625 | 24 | #?GREETER-X-0 CONNECT-TO-DAEMON | ||
626 | 25 | #?GREETER-X-0 CONNECTED-TO-DAEMON | ||
627 | 26 | |||
628 | 27 | # Greeter is offered an authentication | ||
629 | 28 | #?GREETER-X-0 OFFER-AUTHENTICATION SERVICE=lightdm-fingerprint | ||
630 | 29 | #?*GREETER-X-0 CHANGE-AUTHENTICATION SERVICE=lightdm-fingerprint | ||
631 | 30 | #?GREETER-X-0 SHOW-PROMPT TEXT="Password:" | ||
632 | 31 | #?*GREETER-X-0 RESPOND TEXT="password" | ||
633 | 32 | #?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=fingerprint AUTHENTICATED=TRUE | ||
634 | 33 | |||
635 | 34 | # Cleanup | ||
636 | 35 | #?*STOP-DAEMON | ||
637 | 36 | #?GREETER-X-0 TERMINATE SIGNAL=15 | ||
638 | 37 | #?XSERVER-0 TERMINATE SIGNAL=15 | ||
639 | 38 | #?RUNNER DAEMON-EXIT STATUS=0 | ||
640 | 0 | 39 | ||
641 | === added file 'tests/scripts/smartcard.conf' | |||
642 | --- tests/scripts/smartcard.conf 1970-01-01 00:00:00 +0000 | |||
643 | +++ tests/scripts/smartcard.conf 2014-10-02 07:53:03 +0000 | |||
644 | @@ -0,0 +1,36 @@ | |||
645 | 1 | # | ||
646 | 2 | # Check can handle a smartcard user that authorizes without any additional input | ||
647 | 3 | # | ||
648 | 4 | |||
649 | 5 | [SeatDefaults] | ||
650 | 6 | passive-services=lightdm-smartcard | ||
651 | 7 | |||
652 | 8 | #?*START-DAEMON | ||
653 | 9 | #?RUNNER DAEMON-START | ||
654 | 10 | |||
655 | 11 | # X server starts | ||
656 | 12 | #?XSERVER-0 START VT=7 SEAT=seat0 | ||
657 | 13 | |||
658 | 14 | # Daemon connects when X server is ready | ||
659 | 15 | #?*XSERVER-0 INDICATE-READY | ||
660 | 16 | #?XSERVER-0 INDICATE-READY | ||
661 | 17 | #?XSERVER-0 ACCEPT-CONNECT | ||
662 | 18 | |||
663 | 19 | # Greeter starts | ||
664 | 20 | #?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter | ||
665 | 21 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 | ||
666 | 22 | #?XSERVER-0 ACCEPT-CONNECT | ||
667 | 23 | #?GREETER-X-0 CONNECT-XSERVER | ||
668 | 24 | #?GREETER-X-0 CONNECT-TO-DAEMON | ||
669 | 25 | #?GREETER-X-0 CONNECTED-TO-DAEMON | ||
670 | 26 | |||
671 | 27 | # Greeter is offered an authentication | ||
672 | 28 | #?GREETER-X-0 OFFER-AUTHENTICATION SERVICE=lightdm-smartcard | ||
673 | 29 | #?*GREETER-X-0 CHANGE-AUTHENTICATION SERVICE=lightdm-smartcard | ||
674 | 30 | #?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=smartcard AUTHENTICATED=TRUE | ||
675 | 31 | |||
676 | 32 | # Cleanup | ||
677 | 33 | #?*STOP-DAEMON | ||
678 | 34 | #?GREETER-X-0 TERMINATE SIGNAL=15 | ||
679 | 35 | #?XSERVER-0 TERMINATE SIGNAL=15 | ||
680 | 36 | #?RUNNER DAEMON-EXIT STATUS=0 | ||
681 | 0 | 37 | ||
682 | === modified file 'tests/src/libsystem.c' | |||
683 | --- tests/src/libsystem.c 2014-09-19 03:16:14 +0000 | |||
684 | +++ tests/src/libsystem.c 2014-10-02 07:53:03 +0000 | |||
685 | @@ -910,6 +910,44 @@ | |||
686 | 910 | return PAM_AUTH_ERR; | 910 | return PAM_AUTH_ERR; |
687 | 911 | } | 911 | } |
688 | 912 | 912 | ||
689 | 913 | /* Fingerprint user scans immediately and requires password */ | ||
690 | 914 | if (strcmp (pamh->service_name, "lightdm-fingerprint") == 0) | ||
691 | 915 | { | ||
692 | 916 | int result; | ||
693 | 917 | struct pam_message **msg; | ||
694 | 918 | struct pam_response *resp = NULL; | ||
695 | 919 | |||
696 | 920 | msg = malloc (sizeof (struct pam_message *) * 1); | ||
697 | 921 | |||
698 | 922 | if (pamh->user) | ||
699 | 923 | free (pamh->user); | ||
700 | 924 | pamh->user = strdup ("fingerprint"); | ||
701 | 925 | |||
702 | 926 | entry = getpwnam (pamh->user); | ||
703 | 927 | msg = malloc (sizeof (struct pam_message *)); | ||
704 | 928 | msg[0] = malloc (sizeof (struct pam_message)); | ||
705 | 929 | msg[0]->msg_style = PAM_PROMPT_ECHO_OFF; | ||
706 | 930 | msg[0]->msg = "Password:"; | ||
707 | 931 | result = pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr); | ||
708 | 932 | free (msg[0]); | ||
709 | 933 | free (msg); | ||
710 | 934 | password_matches = strcmp (entry->pw_passwd, resp[0].resp) == 0; | ||
711 | 935 | if (resp[0].resp) | ||
712 | 936 | free (resp[0].resp); | ||
713 | 937 | free (resp); | ||
714 | 938 | |||
715 | 939 | return password_matches ? PAM_SUCCESS : PAM_AUTH_ERR; | ||
716 | 940 | } | ||
717 | 941 | |||
718 | 942 | /* Smartcard user scans immediately */ | ||
719 | 943 | if (strcmp (pamh->service_name, "lightdm-smartcard") == 0) | ||
720 | 944 | { | ||
721 | 945 | if (pamh->user) | ||
722 | 946 | free (pamh->user); | ||
723 | 947 | pamh->user = strdup ("smartcard"); | ||
724 | 948 | return PAM_SUCCESS; | ||
725 | 949 | } | ||
726 | 950 | |||
727 | 913 | /* Prompt for username */ | 951 | /* Prompt for username */ |
728 | 914 | if (pamh->user == NULL) | 952 | if (pamh->user == NULL) |
729 | 915 | { | 953 | { |
730 | 916 | 954 | ||
731 | === modified file 'tests/src/test-gobject-greeter.c' | |||
732 | --- tests/src/test-gobject-greeter.c 2014-09-29 23:42:38 +0000 | |||
733 | +++ tests/src/test-gobject-greeter.c 2014-10-02 07:53:03 +0000 | |||
734 | @@ -44,6 +44,12 @@ | |||
735 | 44 | } | 44 | } |
736 | 45 | 45 | ||
737 | 46 | static void | 46 | static void |
738 | 47 | offer_authentication_cb (LightDMGreeter *greeter, const gchar *service) | ||
739 | 48 | { | ||
740 | 49 | status_notify ("%s OFFER-AUTHENTICATION SERVICE=%s", greeter_id, service); | ||
741 | 50 | } | ||
742 | 51 | |||
743 | 52 | static void | ||
744 | 47 | autologin_timer_expired_cb (LightDMGreeter *greeter) | 53 | autologin_timer_expired_cb (LightDMGreeter *greeter) |
745 | 48 | { | 54 | { |
746 | 49 | } | 55 | } |
747 | @@ -209,6 +215,9 @@ | |||
748 | 209 | else if (strcmp (name, "RESPOND") == 0) | 215 | else if (strcmp (name, "RESPOND") == 0) |
749 | 210 | lightdm_greeter_respond (greeter, g_hash_table_lookup (params, "TEXT")); | 216 | lightdm_greeter_respond (greeter, g_hash_table_lookup (params, "TEXT")); |
750 | 211 | 217 | ||
751 | 218 | else if (strcmp (name, "CHANGE-AUTHENTICATION") == 0) | ||
752 | 219 | lightdm_greeter_change_authentication (greeter, g_hash_table_lookup (params, "SERVICE")); | ||
753 | 220 | |||
754 | 212 | else if (strcmp (name, "CANCEL-AUTHENTICATION") == 0) | 221 | else if (strcmp (name, "CANCEL-AUTHENTICATION") == 0) |
755 | 213 | lightdm_greeter_cancel_authentication (greeter); | 222 | lightdm_greeter_cancel_authentication (greeter); |
756 | 214 | 223 | ||
757 | @@ -485,6 +494,7 @@ | |||
758 | 485 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_SHOW_MESSAGE, G_CALLBACK (show_message_cb), NULL); | 494 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_SHOW_MESSAGE, G_CALLBACK (show_message_cb), NULL); |
759 | 486 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_SHOW_PROMPT, G_CALLBACK (show_prompt_cb), NULL); | 495 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_SHOW_PROMPT, G_CALLBACK (show_prompt_cb), NULL); |
760 | 487 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_AUTHENTICATION_COMPLETE, G_CALLBACK (authentication_complete_cb), NULL); | 496 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_AUTHENTICATION_COMPLETE, G_CALLBACK (authentication_complete_cb), NULL); |
761 | 497 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_OFFER_AUTHENTICATION, G_CALLBACK (offer_authentication_cb), NULL); | ||
762 | 488 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED, G_CALLBACK (autologin_timer_expired_cb), NULL); | 498 | g_signal_connect (greeter, LIGHTDM_GREETER_SIGNAL_AUTOLOGIN_TIMER_EXPIRED, G_CALLBACK (autologin_timer_expired_cb), NULL); |
763 | 489 | if (g_key_file_get_boolean (config, "test-greeter-config", "resettable", NULL)) | 499 | if (g_key_file_get_boolean (config, "test-greeter-config", "resettable", NULL)) |
764 | 490 | { | 500 | { |
765 | 491 | 501 | ||
766 | === modified file 'tests/src/test-runner.c' | |||
767 | --- tests/src/test-runner.c 2014-10-02 02:46:13 +0000 | |||
768 | +++ tests/src/test-runner.c 2014-10-02 07:53:03 +0000 | |||
769 | @@ -2723,6 +2723,10 @@ | |||
770 | 2723 | {"corrupt-xauth", "password", "Corrupt Xauthority", 1032}, | 2723 | {"corrupt-xauth", "password", "Corrupt Xauthority", 1032}, |
771 | 2724 | /* User to test properties */ | 2724 | /* User to test properties */ |
772 | 2725 | {"prop-user", "", "TEST", 1033}, | 2725 | {"prop-user", "", "TEST", 1033}, |
773 | 2726 | /* This account is the user that starts by scanning a fingerprint then requiring a password */ | ||
774 | 2727 | {"fingerprint", "password", "Fingerprint", 1034}, | ||
775 | 2728 | /* This account is the user that authenticates by scanning a smartcard */ | ||
776 | 2729 | {"smartcard", "password", "Smartcard", 1035}, | ||
777 | 2726 | {NULL, NULL, NULL, 0} | 2730 | {NULL, NULL, NULL, 0} |
778 | 2727 | }; | 2731 | }; |
779 | 2728 | passwd_data = g_string_new (""); | 2732 | passwd_data = g_string_new (""); |
780 | 2729 | 2733 | ||
781 | === added file 'tests/test-fingerprint' | |||
782 | --- tests/test-fingerprint 1970-01-01 00:00:00 +0000 | |||
783 | +++ tests/test-fingerprint 2014-10-02 07:53:03 +0000 | |||
784 | @@ -0,0 +1,2 @@ | |||
785 | 1 | #!/bin/sh | ||
786 | 2 | ./src/dbus-env ./src/test-runner fingerprint test-gobject-greeter | ||
787 | 0 | 3 | ||
788 | === added file 'tests/test-smartcard' | |||
789 | --- tests/test-smartcard 1970-01-01 00:00:00 +0000 | |||
790 | +++ tests/test-smartcard 2014-10-02 07:53:03 +0000 | |||
791 | @@ -0,0 +1,2 @@ | |||
792 | 1 | #!/bin/sh | ||
793 | 2 | ./src/dbus-env ./src/test-runner smartcard test-gobject-greeter |