Merge lp:~robert-ancell/lightdm/setcred-on-unlock into lp:lightdm
- setcred-on-unlock
- Merge into trunk
Status: | Merged |
---|---|
Merged at revision: | 1954 |
Proposed branch: | lp:~robert-ancell/lightdm/setcred-on-unlock |
Merge into: | lp:lightdm |
Diff against target: |
667 lines (+321/-51) 9 files modified
src/session-child.c (+23/-0) src/session.c (+16/-0) tests/Makefile.am (+5/-3) tests/scripts/autologin-pam.conf (+16/-3) tests/scripts/login-pam.conf (+28/-7) tests/scripts/switch-to-greeter-return-session-pam.conf (+102/-0) tests/src/libsystem.c (+128/-37) tests/test-autologin-pam (+1/-1) tests/test-switch-to-greeter-return-session-pam (+2/-0) |
To merge this branch: | bzr merge lp:~robert-ancell/lightdm/setcred-on-unlock |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Robert Ancell | Approve | ||
PS Jenkins bot | continuous-integration | Approve | |
Review via email: mp+212337@code.launchpad.net |
Commit message
When switching to an existing session refresh PAM credentials and end session cleanly so no resources leak.
Description of the change
Robert Ancell (robert-ancell) wrote : | # |
- 1945. By Robert Ancell
-
Use PAM_REINITIALIZ
E_CRED instead of PAM_REFRESH_CRED as that's what GDM/gnome- screensaver do
PS Jenkins bot (ps-jenkins) wrote : | # |
PASSED: Continuous integration, rev:1944
http://
Executed test runs:
SUCCESS: http://
SUCCESS: http://
Click here to trigger a rebuild:
http://
- 1946. By Robert Ancell
-
Call pam_end after reinitializing credentials
PS Jenkins bot (ps-jenkins) wrote : | # |
PASSED: Continuous integration, rev:1945
http://
Executed test runs:
SUCCESS: http://
SUCCESS: http://
Click here to trigger a rebuild:
http://
PS Jenkins bot (ps-jenkins) wrote : | # |
PASSED: Continuous integration, rev:1946
http://
Executed test runs:
SUCCESS: http://
SUCCESS: http://
Click here to trigger a rebuild:
http://
Robert Ancell (robert-ancell) wrote : | # |
Committing to trunk, this should probably also go into lp:lightdm/1.10
Robert Ancell (robert-ancell) wrote : | # |
Preview Diff
1 | === modified file 'src/session-child.c' |
2 | --- src/session-child.c 2014-03-10 23:44:49 +0000 |
3 | +++ src/session-child.c 2014-03-23 23:35:47 +0000 |
4 | @@ -353,7 +353,10 @@ |
5 | |
6 | /* See what user we ended up as */ |
7 | if (pam_get_item (pam_handle, PAM_USER, (const void **) &new_username) != PAM_SUCCESS) |
8 | + { |
9 | + pam_end (pam_handle, 0); |
10 | return EXIT_FAILURE; |
11 | + } |
12 | g_free (username); |
13 | username = g_strdup (new_username); |
14 | |
15 | @@ -438,12 +441,16 @@ |
16 | if (!username) |
17 | { |
18 | g_printerr ("No user selected during authentication\n"); |
19 | + pam_end (pam_handle, 0); |
20 | return EXIT_FAILURE; |
21 | } |
22 | |
23 | /* Stop if we didn't authenticated */ |
24 | if (authentication_result != PAM_SUCCESS) |
25 | + { |
26 | + pam_end (pam_handle, 0); |
27 | return EXIT_FAILURE; |
28 | + } |
29 | |
30 | /* Get the command to run (blocks) */ |
31 | log_filename = read_string (); |
32 | @@ -470,6 +477,14 @@ |
33 | command_argv[i] = read_string (); |
34 | command_argv[i] = NULL; |
35 | |
36 | + /* If nothing to run just refresh credentials because we successfully authenticated */ |
37 | + if (command_argc == 0) |
38 | + { |
39 | + pam_setcred (pam_handle, PAM_REINITIALIZE_CRED); |
40 | + pam_end (pam_handle, 0); |
41 | + return EXIT_SUCCESS; |
42 | + } |
43 | + |
44 | /* Redirect stderr to a log file */ |
45 | if (log_filename) |
46 | { |
47 | @@ -506,6 +521,7 @@ |
48 | if (result != PAM_SUCCESS) |
49 | { |
50 | g_printerr ("Failed to establish PAM credentials: %s\n", pam_strerror (pam_handle, result)); |
51 | + pam_end (pam_handle, 0); |
52 | return EXIT_FAILURE; |
53 | } |
54 | |
55 | @@ -514,6 +530,7 @@ |
56 | if (result != PAM_SUCCESS) |
57 | { |
58 | g_printerr ("Failed to open PAM session: %s\n", pam_strerror (pam_handle, result)); |
59 | + pam_end (pam_handle, 0); |
60 | return EXIT_FAILURE; |
61 | } |
62 | |
63 | @@ -522,7 +539,10 @@ |
64 | if (error) |
65 | g_printerr ("Unable to contact system bus: %s", error->message); |
66 | if (!bus) |
67 | + { |
68 | + pam_end (pam_handle, 0); |
69 | return EXIT_FAILURE; |
70 | + } |
71 | |
72 | if (login1_is_running ()) |
73 | { |
74 | @@ -580,7 +600,10 @@ |
75 | g_printerr ("Error writing X authority: %s\n", error->message); |
76 | g_clear_error (&error); |
77 | if (!result) |
78 | + { |
79 | + pam_end (pam_handle, 0); |
80 | return EXIT_FAILURE; |
81 | + } |
82 | |
83 | value = g_strdup_printf ("XAUTHORITY=%s", x_authority_filename); |
84 | pam_putenv (pam_handle, value); |
85 | |
86 | === modified file 'src/session.c' |
87 | --- src/session.c 2014-03-17 16:02:32 +0000 |
88 | +++ src/session.c 2014-03-23 23:35:47 +0000 |
89 | @@ -846,6 +846,22 @@ |
90 | { |
91 | g_return_if_fail (session != NULL); |
92 | |
93 | + /* If can cleanly stop then do that */ |
94 | + if (session_get_is_authenticated (session) && !session->priv->command_run) |
95 | + { |
96 | + gsize n = 0; |
97 | + |
98 | + session->priv->command_run = TRUE; |
99 | + write_string (session, NULL); // log filename |
100 | + write_string (session, NULL); // tty |
101 | + write_string (session, NULL); // xauth filename |
102 | + write_string (session, NULL); // xdisplay |
103 | + write_xauth (session, NULL); // xauth |
104 | + write_data (session, &n, sizeof (n)); // environment |
105 | + write_data (session, &n, sizeof (n)); // command |
106 | + return; |
107 | + } |
108 | + |
109 | if (session->priv->stopping) |
110 | return; |
111 | session->priv->stopping = TRUE; |
112 | |
113 | === modified file 'tests/Makefile.am' |
114 | --- tests/Makefile.am 2014-03-17 03:37:55 +0000 |
115 | +++ tests/Makefile.am 2014-03-23 23:35:47 +0000 |
116 | @@ -19,6 +19,7 @@ |
117 | test-additional-system-config-priority \ |
118 | test-headless \ |
119 | test-autologin \ |
120 | + test-autologin-pam \ |
121 | test-autologin-in-background \ |
122 | test-autologin-guest-in-background \ |
123 | test-autologin-timeout-in-background \ |
124 | @@ -35,7 +36,6 @@ |
125 | test-change-authentication \ |
126 | test-restart-authentication \ |
127 | test-gobject-cancel-authentication \ |
128 | - test-pam \ |
129 | test-login-pam \ |
130 | test-denied \ |
131 | test-expired \ |
132 | @@ -134,6 +134,7 @@ |
133 | test-switch-to-greeter \ |
134 | test-switch-to-greeter-new-session \ |
135 | test-switch-to-greeter-return-session \ |
136 | + test-switch-to-greeter-return-session-pam \ |
137 | test-switch-to-greeter-return-session-logout \ |
138 | test-switch-to-guest \ |
139 | test-switch-to-user \ |
140 | @@ -329,12 +330,13 @@ |
141 | scripts/autologin.conf \ |
142 | scripts/autologin-guest.conf \ |
143 | scripts/autologin-guest-fail-setup-script.conf \ |
144 | + scripts/autologin-guest-in-background.conf \ |
145 | scripts/autologin-guest-logout.conf \ |
146 | scripts/autologin-guest-session-config.conf \ |
147 | scripts/autologin-guest-timeout.conf \ |
148 | scripts/autologin-in-background.conf \ |
149 | scripts/autologin-invalid-greeter.conf \ |
150 | - scripts/autologin-guest-in-background.conf \ |
151 | + scripts/autologin-pam.conf \ |
152 | scripts/autologin-timeout-in-background.conf \ |
153 | scripts/autologin-invalid-session.conf \ |
154 | scripts/autologin-invalid-user.conf \ |
155 | @@ -426,7 +428,6 @@ |
156 | scripts/no-console-kit-or-login1.conf \ |
157 | scripts/no-login1.conf \ |
158 | scripts/open-file-descriptors.conf \ |
159 | - scripts/pam.conf \ |
160 | scripts/power.conf \ |
161 | scripts/power-no-console-kit.conf \ |
162 | scripts/power-no-services.conf \ |
163 | @@ -455,6 +456,7 @@ |
164 | scripts/switch-to-greeter-new-session.conf \ |
165 | scripts/switch-to-greeter-return-session.conf \ |
166 | scripts/switch-to-greeter-return-session-logout.conf \ |
167 | + scripts/switch-to-greeter-return-session-pam.conf \ |
168 | scripts/switch-to-guest.conf \ |
169 | scripts/switch-to-user.conf \ |
170 | scripts/switch-to-users.conf \ |
171 | |
172 | === renamed file 'tests/scripts/pam.conf' => 'tests/scripts/autologin-pam.conf' |
173 | --- tests/scripts/pam.conf 2014-03-17 18:33:02 +0000 |
174 | +++ tests/scripts/autologin-pam.conf 2014-03-23 23:35:47 +0000 |
175 | @@ -1,11 +1,14 @@ |
176 | # |
177 | -# Check we handle conversations during each PAM method |
178 | +# Check we correctly use PAM for automatic login |
179 | # |
180 | |
181 | [SeatDefaults] |
182 | -autologin-user=log-pam |
183 | +autologin-user=no-password1 |
184 | user-session=default |
185 | |
186 | +[test-pam] |
187 | +log-events=true |
188 | + |
189 | #?*START-DAEMON |
190 | #?RUNNER DAEMON-START |
191 | |
192 | @@ -17,8 +20,15 @@ |
193 | #?XSERVER-0 INDICATE-READY |
194 | #?XSERVER-0 ACCEPT-CONNECT |
195 | |
196 | +# Session authenticates |
197 | +#?PAM-no-password1 START SERVICE=lightdm-autologin USER=no-password1 |
198 | +#?PAM-no-password1 AUTHENTICATE |
199 | +#?PAM-no-password1 ACCT-MGMT |
200 | +#?PAM-no-password1 SETCRED ESTABLISH_CRED |
201 | +#?PAM-no-password1 OPEN-SESSION |
202 | + |
203 | # Session starts |
204 | -#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/log-pam DESKTOP_SESSION=default USER=log-pam |
205 | +#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/no-password1 DESKTOP_SESSION=default USER=no-password1 |
206 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 |
207 | #?XSERVER-0 ACCEPT-CONNECT |
208 | #?SESSION-X-0 CONNECT-XSERVER |
209 | @@ -26,5 +36,8 @@ |
210 | # Cleanup |
211 | #?*STOP-DAEMON |
212 | #?SESSION-X-0 TERMINATE SIGNAL=15 |
213 | +#?PAM-no-password1 CLOSE-SESSION |
214 | +#?PAM-no-password1 SETCRED DELETE_CRED |
215 | +#?PAM-no-password1 END |
216 | #?XSERVER-0 TERMINATE SIGNAL=15 |
217 | #?RUNNER DAEMON-EXIT STATUS=0 |
218 | |
219 | === modified file 'tests/scripts/login-pam.conf' |
220 | --- tests/scripts/login-pam.conf 2014-03-17 18:33:02 +0000 |
221 | +++ tests/scripts/login-pam.conf 2014-03-23 23:35:47 +0000 |
222 | @@ -1,10 +1,13 @@ |
223 | # |
224 | -# Check we handle conversations during each PAM method |
225 | +# Check we correctly use PAM for login |
226 | # |
227 | |
228 | [SeatDefaults] |
229 | user-session=default |
230 | |
231 | +[test-pam] |
232 | +log-events=true |
233 | + |
234 | #?*START-DAEMON |
235 | #?RUNNER DAEMON-START |
236 | |
237 | @@ -16,6 +19,11 @@ |
238 | #?XSERVER-0 INDICATE-READY |
239 | #?XSERVER-0 ACCEPT-CONNECT |
240 | |
241 | +# Create PAM session for greeter |
242 | +#?PAM-lightdm START SERVICE=lightdm-greeter USER=lightdm |
243 | +#?PAM-lightdm SETCRED ESTABLISH_CRED |
244 | +#?PAM-lightdm OPEN-SESSION |
245 | + |
246 | # Greeter starts |
247 | #?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter |
248 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 |
249 | @@ -24,18 +32,28 @@ |
250 | #?GREETER-X-0 CONNECT-TO-DAEMON |
251 | #?GREETER-X-0 CONNECTED-TO-DAEMON |
252 | |
253 | -# Log into account with a password |
254 | -#?*GREETER-X-0 AUTHENTICATE USERNAME=log-pam |
255 | -#?GREETER-X-0 SHOW-MESSAGE TEXT="pam_authenticate" |
256 | +# Greeter does authentication via PAM |
257 | +#?*GREETER-X-0 AUTHENTICATE USERNAME=have-password1 |
258 | +#?PAM-have-password1 START SERVICE=lightdm USER=have-password1 |
259 | +#?PAM-have-password1 AUTHENTICATE |
260 | #?GREETER-X-0 SHOW-PROMPT TEXT="Password:" |
261 | #?*GREETER-X-0 RESPOND TEXT="password" |
262 | -#?GREETER-X-0 SHOW-MESSAGE TEXT="pam_acct_mgmt" |
263 | -#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=log-pam AUTHENTICATED=TRUE |
264 | +#?PAM-have-password1 ACCT-MGMT |
265 | +#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE |
266 | + |
267 | +# User session starts |
268 | #?*GREETER-X-0 START-SESSION |
269 | +#?PAM-have-password1 SETCRED ESTABLISH_CRED |
270 | +#?PAM-have-password1 OPEN-SESSION |
271 | + |
272 | +# Greeter session stops |
273 | #?GREETER-X-0 TERMINATE SIGNAL=15 |
274 | +#?PAM-lightdm CLOSE-SESSION |
275 | +#?PAM-lightdm SETCRED DELETE_CRED |
276 | +#?PAM-lightdm END |
277 | |
278 | # Session starts |
279 | -#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/log-pam DESKTOP_SESSION=default USER=log-pam |
280 | +#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1 |
281 | #?LOGIN1 ACTIVATE-SESSION SESSION=c1 |
282 | #?XSERVER-0 ACCEPT-CONNECT |
283 | #?SESSION-X-0 CONNECT-XSERVER |
284 | @@ -43,5 +61,8 @@ |
285 | # Cleanup |
286 | #?*STOP-DAEMON |
287 | #?SESSION-X-0 TERMINATE SIGNAL=15 |
288 | +#?PAM-have-password1 CLOSE-SESSION |
289 | +#?PAM-have-password1 SETCRED DELETE_CRED |
290 | +#?PAM-have-password1 END |
291 | #?XSERVER-0 TERMINATE SIGNAL=15 |
292 | #?RUNNER DAEMON-EXIT STATUS=0 |
293 | |
294 | === added file 'tests/scripts/switch-to-greeter-return-session-pam.conf' |
295 | --- tests/scripts/switch-to-greeter-return-session-pam.conf 1970-01-01 00:00:00 +0000 |
296 | +++ tests/scripts/switch-to-greeter-return-session-pam.conf 2014-03-23 23:35:47 +0000 |
297 | @@ -0,0 +1,102 @@ |
298 | +# |
299 | +# Check we correctly use PAM for returning to an existing session |
300 | +# |
301 | + |
302 | +[SeatDefaults] |
303 | +autologin-user=have-password1 |
304 | +user-session=default |
305 | + |
306 | +[test-pam] |
307 | +log-events=true |
308 | + |
309 | +#?*START-DAEMON |
310 | +#?RUNNER DAEMON-START |
311 | + |
312 | +# X server starts |
313 | +#?XSERVER-0 START VT=7 SEAT=seat0 |
314 | + |
315 | +# Daemon connects when X server is ready |
316 | +#?*XSERVER-0 INDICATE-READY |
317 | +#?XSERVER-0 INDICATE-READY |
318 | +#?XSERVER-0 ACCEPT-CONNECT |
319 | + |
320 | +# Session authenticates |
321 | +#?PAM-have-password1 START SERVICE=lightdm-autologin USER=have-password1 |
322 | +#?PAM-have-password1 AUTHENTICATE |
323 | +#?PAM-have-password1 ACCT-MGMT |
324 | +#?PAM-have-password1 SETCRED ESTABLISH_CRED |
325 | +#?PAM-have-password1 OPEN-SESSION |
326 | + |
327 | +# Session starts |
328 | +#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1 |
329 | +#?LOGIN1 ACTIVATE-SESSION SESSION=c0 |
330 | +#?XSERVER-0 ACCEPT-CONNECT |
331 | +#?SESSION-X-0 CONNECT-XSERVER |
332 | + |
333 | +# Show the greeter |
334 | +#?*SWITCH-TO-GREETER |
335 | +#?RUNNER SWITCH-TO-GREETER |
336 | + |
337 | +# New X server starts |
338 | +#?XSERVER-1 START VT=8 SEAT=seat0 |
339 | + |
340 | +# Daemon connects when X server is ready |
341 | +#?*XSERVER-1 INDICATE-READY |
342 | +#?XSERVER-1 INDICATE-READY |
343 | +#?XSERVER-1 ACCEPT-CONNECT |
344 | + |
345 | +# Session is locked |
346 | +#?LOGIN1 LOCK-SESSION |
347 | + |
348 | +# Create PAM session for greeter |
349 | +#?PAM-lightdm START SERVICE=lightdm-greeter USER=lightdm |
350 | +#?PAM-lightdm SETCRED ESTABLISH_CRED |
351 | +#?PAM-lightdm OPEN-SESSION |
352 | + |
353 | +# Greeter starts |
354 | +#?GREETER-X-1 START XDG_SEAT=seat0 XDG_VTNR=8 XDG_SESSION_CLASS=greeter |
355 | +#?XSERVER-1 ACCEPT-CONNECT |
356 | +#?GREETER-X-1 CONNECT-XSERVER |
357 | +#?GREETER-X-1 CONNECT-TO-DAEMON |
358 | +#?GREETER-X-1 CONNECTED-TO-DAEMON |
359 | + |
360 | +# Switch to greeter |
361 | +#?LOGIN1 ACTIVATE-SESSION SESSION=c1 |
362 | +#?VT ACTIVATE VT=8 |
363 | + |
364 | +# Login as existing user |
365 | +#?*GREETER-X-1 AUTHENTICATE USERNAME=have-password1 |
366 | +#?PAM-have-password1 START SERVICE=lightdm USER=have-password1 |
367 | +#?PAM-have-password1 AUTHENTICATE |
368 | +#?GREETER-X-1 SHOW-PROMPT TEXT="Password:" |
369 | +#?*GREETER-X-1 RESPOND TEXT="password" |
370 | +#?PAM-have-password1 ACCT-MGMT |
371 | +#?GREETER-X-1 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE |
372 | +#?*GREETER-X-1 START-SESSION |
373 | + |
374 | +# Credentials are refreshed |
375 | +#?PAM-have-password1 SETCRED REINITIALIZE_CRED |
376 | +#?PAM-have-password1 END |
377 | + |
378 | +# Session is unlocked |
379 | +#?LOGIN1 UNLOCK-SESSION |
380 | + |
381 | +# Switch to session |
382 | +#?LOGIN1 ACTIVATE-SESSION SESSION=c0 |
383 | +#?VT ACTIVATE VT=7 |
384 | + |
385 | +# Greeter and X server stop |
386 | +#?GREETER-X-1 TERMINATE SIGNAL=15 |
387 | +#?PAM-lightdm CLOSE-SESSION |
388 | +#?PAM-lightdm SETCRED DELETE_CRED |
389 | +#?PAM-lightdm END |
390 | +#?XSERVER-1 TERMINATE SIGNAL=15 |
391 | + |
392 | +# Cleanup |
393 | +#?*STOP-DAEMON |
394 | +#?SESSION-X-0 TERMINATE SIGNAL=15 |
395 | +#?PAM-have-password1 CLOSE-SESSION |
396 | +#?PAM-have-password1 SETCRED DELETE_CRED |
397 | +#?PAM-have-password1 END |
398 | +#?XSERVER-0 TERMINATE SIGNAL=15 |
399 | +#?RUNNER DAEMON-EXIT STATUS=0 |
400 | |
401 | === modified file 'tests/src/libsystem.c' |
402 | --- tests/src/libsystem.c 2014-03-18 03:06:36 +0000 |
403 | +++ tests/src/libsystem.c 2014-03-23 23:35:47 +0000 |
404 | @@ -54,6 +54,7 @@ |
405 | |
406 | struct pam_handle |
407 | { |
408 | + char *id; |
409 | char *service_name; |
410 | char *user; |
411 | char *authtok; |
412 | @@ -794,6 +795,25 @@ |
413 | if (handle == NULL) |
414 | return PAM_BUF_ERR; |
415 | |
416 | + if (user) |
417 | + handle->id = g_strdup_printf ("PAM-%s", user); |
418 | + else |
419 | + handle->id = g_strdup ("PAM"); |
420 | + |
421 | + connect_status (); |
422 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
423 | + { |
424 | + GString *status; |
425 | + |
426 | + status = g_string_new (""); |
427 | + g_string_append_printf (status, "%s START", handle->id); |
428 | + g_string_append_printf (status, " SERVICE=%s", service_name); |
429 | + if (user) |
430 | + g_string_append_printf (status, " USER=%s", user); |
431 | + status_notify (status->str); |
432 | + g_string_free (status, TRUE); |
433 | + } |
434 | + |
435 | handle->service_name = strdup (service_name); |
436 | handle->user = user ? strdup (user) : NULL; |
437 | handle->authtok = NULL; |
438 | @@ -807,27 +827,6 @@ |
439 | return PAM_SUCCESS; |
440 | } |
441 | |
442 | -static void |
443 | -send_info (pam_handle_t *pamh, const char *message) |
444 | -{ |
445 | - struct pam_message **msg; |
446 | - struct pam_response *resp = NULL; |
447 | - |
448 | - msg = calloc (1, sizeof (struct pam_message *)); |
449 | - msg[0] = malloc (sizeof (struct pam_message)); |
450 | - msg[0]->msg_style = PAM_TEXT_INFO; |
451 | - msg[0]->msg = message; |
452 | - pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr); |
453 | - free (msg[0]); |
454 | - free (msg); |
455 | - if (resp) |
456 | - { |
457 | - if (resp[0].resp) |
458 | - free (resp[0].resp); |
459 | - free (resp); |
460 | - } |
461 | -} |
462 | - |
463 | int |
464 | pam_authenticate (pam_handle_t *pamh, int flags) |
465 | { |
466 | @@ -836,6 +835,22 @@ |
467 | |
468 | if (pamh == NULL) |
469 | return PAM_SYSTEM_ERR; |
470 | + |
471 | + connect_status (); |
472 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
473 | + { |
474 | + GString *status; |
475 | + |
476 | + status = g_string_new (""); |
477 | + g_string_append_printf (status, "%s AUTHENTICATE", pamh->id); |
478 | + if (flags & PAM_SILENT) |
479 | + g_string_append (status, " SILENT"); |
480 | + if (flags & PAM_DISALLOW_NULL_AUTHTOK) |
481 | + g_string_append (status, " DISALLOW_NULL_AUTHTOK"); |
482 | + |
483 | + status_notify (status->str); |
484 | + g_string_free (status, TRUE); |
485 | + } |
486 | |
487 | if (strcmp (pamh->service_name, "test-remote") == 0) |
488 | { |
489 | @@ -929,9 +944,6 @@ |
490 | free (resp); |
491 | } |
492 | |
493 | - if (strcmp (pamh->user, "log-pam") == 0) |
494 | - send_info (pamh, "pam_authenticate"); |
495 | - |
496 | /* Crash on authenticate */ |
497 | if (strcmp (pamh->user, "crash-authenticate") == 0) |
498 | kill (getpid (), SIGSEGV); |
499 | @@ -1201,12 +1213,23 @@ |
500 | if (pamh == NULL) |
501 | return PAM_SYSTEM_ERR; |
502 | |
503 | + connect_status (); |
504 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
505 | + { |
506 | + GString *status; |
507 | + |
508 | + status = g_string_new (""); |
509 | + g_string_append_printf (status, "%s OPEN-SESSION", pamh->id); |
510 | + if (flags & PAM_SILENT) |
511 | + g_string_append (status, " SILENT"); |
512 | + |
513 | + status_notify (status->str); |
514 | + g_string_free (status, TRUE); |
515 | + } |
516 | + |
517 | if (strcmp (pamh->user, "session-error") == 0) |
518 | return PAM_SESSION_ERR; |
519 | |
520 | - if (strcmp (pamh->user, "log-pam") == 0) |
521 | - send_info (pamh, "pam_open_session"); |
522 | - |
523 | if (strcmp (pamh->user, "make-home-dir") == 0) |
524 | { |
525 | struct passwd *entry; |
526 | @@ -1223,8 +1246,19 @@ |
527 | if (pamh == NULL) |
528 | return PAM_SYSTEM_ERR; |
529 | |
530 | - if (strcmp (pamh->user, "log-pam") == 0) |
531 | - send_info (pamh, "pam_close_session"); |
532 | + connect_status (); |
533 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
534 | + { |
535 | + GString *status; |
536 | + |
537 | + status = g_string_new (""); |
538 | + g_string_append_printf (status, "%s CLOSE-SESSION", pamh->id); |
539 | + if (flags & PAM_SILENT) |
540 | + g_string_append (status, " SILENT"); |
541 | + |
542 | + status_notify (status->str); |
543 | + g_string_free (status, TRUE); |
544 | + } |
545 | |
546 | return PAM_SUCCESS; |
547 | } |
548 | @@ -1234,13 +1268,26 @@ |
549 | { |
550 | if (pamh == NULL) |
551 | return PAM_SYSTEM_ERR; |
552 | + |
553 | + connect_status (); |
554 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
555 | + { |
556 | + GString *status; |
557 | + |
558 | + status = g_string_new (""); |
559 | + g_string_append_printf (status, "%s ACCT-MGMT", pamh->id); |
560 | + if (flags & PAM_SILENT) |
561 | + g_string_append (status, " SILENT"); |
562 | + if (flags & PAM_DISALLOW_NULL_AUTHTOK) |
563 | + g_string_append (status, " DISALLOW_NULL_AUTHTOK"); |
564 | + |
565 | + status_notify (status->str); |
566 | + g_string_free (status, TRUE); |
567 | + } |
568 | |
569 | if (!pamh->user) |
570 | return PAM_USER_UNKNOWN; |
571 | |
572 | - if (strcmp (pamh->user, "log-pam") == 0) |
573 | - send_info (pamh, "pam_acct_mgmt"); |
574 | - |
575 | if (strcmp (pamh->user, "denied") == 0) |
576 | return PAM_PERM_DENIED; |
577 | if (strcmp (pamh->user, "expired") == 0) |
578 | @@ -1262,8 +1309,21 @@ |
579 | if (pamh == NULL) |
580 | return PAM_SYSTEM_ERR; |
581 | |
582 | - if (strcmp (pamh->user, "log-pam") == 0) |
583 | - send_info (pamh, "pam_chauthtok"); |
584 | + connect_status (); |
585 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
586 | + { |
587 | + GString *status; |
588 | + |
589 | + status = g_string_new (""); |
590 | + g_string_append_printf (status, "%s CHAUTHTOK", pamh->id); |
591 | + if (flags & PAM_SILENT) |
592 | + g_string_append (status, " SILENT"); |
593 | + if (flags & PAM_CHANGE_EXPIRED_AUTHTOK) |
594 | + g_string_append (status, " CHANGE_EXPIRED_AUTHTOK"); |
595 | + |
596 | + status_notify (status->str); |
597 | + g_string_free (status, TRUE); |
598 | + } |
599 | |
600 | msg = malloc (sizeof (struct pam_message *) * 1); |
601 | msg[0] = malloc (sizeof (struct pam_message)); |
602 | @@ -1303,8 +1363,27 @@ |
603 | if (pamh == NULL) |
604 | return PAM_SYSTEM_ERR; |
605 | |
606 | - if (strcmp (pamh->user, "log-pam") == 0) |
607 | - send_info (pamh, "pam_setcred"); |
608 | + connect_status (); |
609 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
610 | + { |
611 | + GString *status; |
612 | + |
613 | + status = g_string_new (""); |
614 | + g_string_append_printf (status, "%s SETCRED", pamh->id); |
615 | + if (flags & PAM_SILENT) |
616 | + g_string_append (status, " SILENT"); |
617 | + if (flags & PAM_ESTABLISH_CRED) |
618 | + g_string_append (status, " ESTABLISH_CRED"); |
619 | + if (flags & PAM_DELETE_CRED) |
620 | + g_string_append (status, " DELETE_CRED"); |
621 | + if (flags & PAM_REINITIALIZE_CRED) |
622 | + g_string_append (status, " REINITIALIZE_CRED"); |
623 | + if (flags & PAM_REFRESH_CRED) |
624 | + g_string_append (status, " REFRESH_CRED"); |
625 | + |
626 | + status_notify (status->str); |
627 | + g_string_free (status, TRUE); |
628 | + } |
629 | |
630 | /* Put the test directories into the path */ |
631 | e = g_strdup_printf ("PATH=%s/tests/src/.libs:%s/tests/src:%s/tests/src:%s/src:%s", BUILDDIR, BUILDDIR, SRCDIR, BUILDDIR, pam_getenv (pamh, "PATH")); |
632 | @@ -1353,7 +1432,19 @@ |
633 | { |
634 | if (pamh == NULL) |
635 | return PAM_SYSTEM_ERR; |
636 | - |
637 | + |
638 | + connect_status (); |
639 | + if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL)) |
640 | + { |
641 | + GString *status; |
642 | + |
643 | + status = g_string_new (""); |
644 | + g_string_append_printf (status, "%s END", pamh->id); |
645 | + status_notify (status->str); |
646 | + g_string_free (status, TRUE); |
647 | + } |
648 | + |
649 | + free (pamh->id); |
650 | free (pamh->service_name); |
651 | if (pamh->user) |
652 | free (pamh->user); |
653 | |
654 | === renamed file 'tests/test-pam' => 'tests/test-autologin-pam' |
655 | --- tests/test-pam 2012-04-05 06:52:27 +0000 |
656 | +++ tests/test-autologin-pam 2014-03-23 23:35:47 +0000 |
657 | @@ -1,2 +1,2 @@ |
658 | #!/bin/sh |
659 | -./src/dbus-env ./src/test-runner pam test-gobject-greeter |
660 | +./src/dbus-env ./src/test-runner autologin-pam test-gobject-greeter |
661 | |
662 | === added file 'tests/test-switch-to-greeter-return-session-pam' |
663 | --- tests/test-switch-to-greeter-return-session-pam 1970-01-01 00:00:00 +0000 |
664 | +++ tests/test-switch-to-greeter-return-session-pam 2014-03-23 23:35:47 +0000 |
665 | @@ -0,0 +1,2 @@ |
666 | +#!/bin/sh |
667 | +./src/dbus-env ./src/test-runner switch-to-greeter-return-session-pam test-gobject-greeter |
Awaiting confirmation from reporters in bug 1296276