gdm/gdm-unified-auth.patch

From f91f017071ffa5f5999e6c2e2c0929e290482932 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Mon, 19 Sep 2011 22:16:25 +0000
Subject: daemon: add better unified authentication compatibility

The daemon and fallback greeter support --disable-split-authentication,
but the new shiny greeter doesn't.  This posed a problem for
distributions that want to use the new shiny greeter (in an albeit
degraded mode) but don't yet have support at the system level for
split authentication.

This commit adds a small amount of goo to make the split authentication
pam service names translate to the unified pam service name and
thus give the shell greeter a level of compatibility with
--disable-split-authentication.
---
diff --git a/configure.ac b/configure.ac
index 6893c26..8d746c8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -234,6 +234,10 @@ AC_ARG_ENABLE(split-authentication,
               enable_split_authentication=yes)
 AM_CONDITIONAL(ENABLE_SPLIT_AUTHENTICATION, test x$enable_split_authentication = xyes)
 
+if test x$enable_split_authentication = xyes; then
+  AC_DEFINE(ENABLE_SPLIT_AUTHENTICATION, 1, [Define if split authentication is enabled])
+fi
+
 AC_ARG_ENABLE(console-helper,
 	      AS_HELP_STRING([--enable-console-helper],
                              [Enable PAM console helper @<:@default=auto@:>@]),,
diff --git a/daemon/gdm-greeter-server.c b/daemon/gdm-greeter-server.c
index 4c40a4e..4803bc3 100644
--- a/daemon/gdm-greeter-server.c
+++ b/daemon/gdm-greeter-server.c
@@ -60,6 +60,8 @@ struct GdmGreeterServerPrivate
         DBusServer     *server;
         char           *server_address;
         DBusConnection *greeter_connection;
+
+        guint           using_legacy_service_name : 1;
 };
 
 enum {
@@ -246,11 +248,42 @@ send_dbus_void_signal (GdmGreeterServer *greeter_server,
         dbus_message_unref (message);
 }
 
+static const char *
+translate_outgoing_service_name (GdmGreeterServer *greeter_server,
+                                 const char       *service_name)
+{
+#ifndef ENABLE_SPLIT_AUTHENTICATION
+        if (strcmp (service_name, "gdm") == 0 && greeter_server->priv->using_legacy_service_name) {
+                return "gdm-password";
+        }
+#endif
+
+        return service_name;
+}
+
+static const char *
+translate_incoming_service_name (GdmGreeterServer *greeter_server,
+                                 const char       *service_name)
+{
+#ifndef ENABLE_SPLIT_AUTHENTICATION
+        if (strcmp (service_name, "gdm-password") == 0) {
+                g_debug ("GdmGreeterServer: Adjusting pam service from '%s' to 'gdm' for legacy compatibility", service_name);
+                service_name = "gdm";
+                greeter_server->priv->using_legacy_service_name = TRUE;
+        } else if (g_str_has_prefix (service_name, "gdm-") == 0 && strcmp (service_name, "gdm-autologin") != 0) {
+                g_debug ("GdmGreeterServer: Rejecting pam service '%s' for legacy compatibility", service_name);
+                return NULL;
+        }
+#endif
+        return service_name;
+}
+
 gboolean
 gdm_greeter_server_info_query (GdmGreeterServer *greeter_server,
                                const char       *service_name,
                                const char       *text)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_string_signal (greeter_server, "InfoQuery", service_name, text);
 
         return TRUE;
@@ -261,6 +294,7 @@ gdm_greeter_server_secret_info_query (GdmGreeterServer *greeter_server,
                                       const char       *service_name,
                                       const char       *text)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_string_signal (greeter_server, "SecretInfoQuery", service_name, text);
         return TRUE;
 }
@@ -270,6 +304,7 @@ gdm_greeter_server_info (GdmGreeterServer *greeter_server,
                          const char       *service_name,
                          const char       *text)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_string_signal (greeter_server, "Info", service_name, text);
         return TRUE;
 }
@@ -279,6 +314,7 @@ gdm_greeter_server_problem (GdmGreeterServer *greeter_server,
                             const char       *service_name,
                             const char       *text)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_string_signal (greeter_server, "Problem", service_name, text);
         return TRUE;
 }
@@ -287,6 +323,7 @@ gboolean
 gdm_greeter_server_authentication_failed (GdmGreeterServer *greeter_server,
                                           const char       *service_name)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_signal (greeter_server, "AuthenticationFailed", service_name);
         return TRUE;
 }
@@ -295,6 +332,7 @@ gboolean
 gdm_greeter_server_service_unavailable (GdmGreeterServer *greeter_server,
                                         const char       *service_name)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_signal (greeter_server, "ServiceUnavailable", service_name);
         return TRUE;
 }
@@ -310,6 +348,7 @@ gboolean
 gdm_greeter_server_ready (GdmGreeterServer *greeter_server,
                           const char       *service_name)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_signal (greeter_server, "Ready", service_name);
         return TRUE;
 }
@@ -318,6 +357,7 @@ gboolean
 gdm_greeter_server_conversation_stopped (GdmGreeterServer *greeter_server,
                                          const char       *service_name)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_signal (greeter_server, "ConversationStopped", service_name);
         return TRUE;
 }
@@ -355,6 +395,7 @@ void
 gdm_greeter_server_session_opened (GdmGreeterServer *greeter_server,
                                    const char       *service_name)
 {
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         send_dbus_string_signal (greeter_server, "SessionOpened", service_name);
 }
 
@@ -394,6 +435,7 @@ handle_start_conversation (GdmGreeterServer *greeter_server,
         DBusMessage *reply;
         DBusError    error;
         const char  *service_name;
+        const char  *translated_service_name;
 
         dbus_error_init (&error);
         if (! dbus_message_get_args (message, &error,
@@ -409,7 +451,14 @@ handle_start_conversation (GdmGreeterServer *greeter_server,
         dbus_connection_send (connection, reply, NULL);
         dbus_message_unref (reply);
 
-        g_signal_emit (greeter_server, signals [START_CONVERSATION], 0, service_name);
+        translated_service_name = translate_incoming_service_name (greeter_server, service_name);
+
+        if (translated_service_name == NULL) {
+                gdm_greeter_server_service_unavailable (greeter_server, service_name);
+                return DBUS_HANDLER_RESULT_HANDLED;
+        }
+
+        g_signal_emit (greeter_server, signals [START_CONVERSATION], 0, translated_service_name);
 
         return DBUS_HANDLER_RESULT_HANDLED;
 }
@@ -437,6 +486,7 @@ handle_begin_verification (GdmGreeterServer *greeter_server,
         dbus_connection_send (connection, reply, NULL);
         dbus_message_unref (reply);
 
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         g_signal_emit (greeter_server, signals [BEGIN_VERIFICATION], 0, service_name);
 
         return DBUS_HANDLER_RESULT_HANDLED;
@@ -494,6 +544,7 @@ handle_begin_verification_for_user (GdmGreeterServer *greeter_server,
         dbus_connection_send (connection, reply, NULL);
         dbus_message_unref (reply);
 
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         g_signal_emit (greeter_server, signals [BEGIN_VERIFICATION_FOR_USER], 0, service_name, text);
 
         return DBUS_HANDLER_RESULT_HANDLED;
@@ -524,6 +575,7 @@ handle_answer_query (GdmGreeterServer *greeter_server,
         dbus_connection_send (connection, reply, NULL);
         dbus_message_unref (reply);
 
+        service_name = translate_outgoing_service_name (greeter_server, service_name);
         g_signal_emit (greeter_server, signals [QUERY_ANSWER], 0, service_name, text);
 
         return DBUS_HANDLER_RESULT_HANDLED;
@@ -711,6 +763,7 @@ handle_start_session_when_ready (GdmGreeterServer *greeter_server,
         dbus_connection_send (connection, reply, NULL);
         dbus_message_unref (reply);
 
+        service_name = (char *) translate_outgoing_service_name (greeter_server, service_name);
         if (should_start_session) {
                 g_signal_emit (greeter_server, signals [START_SESSION_WHEN_READY], 0, service_name);
         } else {
diff --git a/daemon/gdm-simple-slave.c b/daemon/gdm-simple-slave.c
index 38e7a84..b9165fd 100644
--- a/daemon/gdm-simple-slave.c
+++ b/daemon/gdm-simple-slave.c
@@ -1034,10 +1034,11 @@ on_greeter_start_conversation (GdmGreeterServer *greeter_server,
                                const char       *service_name,
                                GdmSimpleSlave   *slave)
 {
-        g_debug ("GdmSimpleSlave: starting conversation with '%s' pam service'", service_name);
         if (slave->priv->greeter_reset_id > 0) {
                 return;
         }
+
+        g_debug ("GdmSimpleSlave: starting conversation with '%s' pam service'", service_name);
         gdm_session_start_conversation (GDM_SESSION (slave->priv->session),
                                         service_name);
 }
--
cgit v0.9.0.2
Accepting request 84750 from home:dimstar:branches:GNOME:Factory Fix is working OBS-URL: https://build.opensuse.org/request/show/84750 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gdm?expand=0&rev=182 2011-09-25 22:04:53 +00:00			`From f91f017071ffa5f5999e6c2e2c0929e290482932 Mon Sep 17 00:00:00 2001`
			`From: Ray Strode <rstrode@redhat.com>`
			`Date: Mon, 19 Sep 2011 22:16:25 +0000`
			`Subject: daemon: add better unified authentication compatibility`

			`The daemon and fallback greeter support --disable-split-authentication,`
			`but the new shiny greeter doesn't. This posed a problem for`
			`distributions that want to use the new shiny greeter (in an albeit`
			`degraded mode) but don't yet have support at the system level for`
			`split authentication.`

			`This commit adds a small amount of goo to make the split authentication`
			`pam service names translate to the unified pam service name and`
			`thus give the shell greeter a level of compatibility with`
			`--disable-split-authentication.`
			`---`
			`diff --git a/configure.ac b/configure.ac`
			`index 6893c26..8d746c8 100644`
			`--- a/configure.ac`
			`+++ b/configure.ac`
			`@@ -234,6 +234,10 @@ AC_ARG_ENABLE(split-authentication,`
			`enable_split_authentication=yes)`
			`AM_CONDITIONAL(ENABLE_SPLIT_AUTHENTICATION, test x$enable_split_authentication = xyes)`

			`+if test x$enable_split_authentication = xyes; then`
			`+ AC_DEFINE(ENABLE_SPLIT_AUTHENTICATION, 1, [Define if split authentication is enabled])`
			`+fi`
			`+`
			`AC_ARG_ENABLE(console-helper,`
			`AS_HELP_STRING([--enable-console-helper],`
			`[Enable PAM console helper @<:@default=auto@:>@]),,`
			`diff --git a/daemon/gdm-greeter-server.c b/daemon/gdm-greeter-server.c`
			`index 4c40a4e..4803bc3 100644`
			`--- a/daemon/gdm-greeter-server.c`
			`+++ b/daemon/gdm-greeter-server.c`
			`@@ -60,6 +60,8 @@ struct GdmGreeterServerPrivate`
			`DBusServer *server;`
			`char *server_address;`
			`DBusConnection *greeter_connection;`
			`+`
			`+ guint using_legacy_service_name : 1;`
			`};`

			`enum {`
			`@@ -246,11 +248,42 @@ send_dbus_void_signal (GdmGreeterServer *greeter_server,`
			`dbus_message_unref (message);`
			`}`

			`+static const char *`
			`+translate_outgoing_service_name (GdmGreeterServer *greeter_server,`
			`+ const char *service_name)`
			`+{`
			`+#ifndef ENABLE_SPLIT_AUTHENTICATION`
			`+ if (strcmp (service_name, "gdm") == 0 && greeter_server->priv->using_legacy_service_name) {`
			`+ return "gdm-password";`
			`+ }`
			`+#endif`
			`+`
			`+ return service_name;`
			`+}`
			`+`
			`+static const char *`
			`+translate_incoming_service_name (GdmGreeterServer *greeter_server,`
			`+ const char *service_name)`
			`+{`
			`+#ifndef ENABLE_SPLIT_AUTHENTICATION`
			`+ if (strcmp (service_name, "gdm-password") == 0) {`
			`+ g_debug ("GdmGreeterServer: Adjusting pam service from '%s' to 'gdm' for legacy compatibility", service_name);`
			`+ service_name = "gdm";`
			`+ greeter_server->priv->using_legacy_service_name = TRUE;`
			`+ } else if (g_str_has_prefix (service_name, "gdm-") == 0 && strcmp (service_name, "gdm-autologin") != 0) {`
			`+ g_debug ("GdmGreeterServer: Rejecting pam service '%s' for legacy compatibility", service_name);`
			`+ return NULL;`
			`+ }`
			`+#endif`
			`+ return service_name;`
			`+}`
			`+`
			`gboolean`
			`gdm_greeter_server_info_query (GdmGreeterServer *greeter_server,`
			`const char *service_name,`
			`const char *text)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_string_signal (greeter_server, "InfoQuery", service_name, text);`

			`return TRUE;`
			`@@ -261,6 +294,7 @@ gdm_greeter_server_secret_info_query (GdmGreeterServer *greeter_server,`
			`const char *service_name,`
			`const char *text)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_string_signal (greeter_server, "SecretInfoQuery", service_name, text);`
			`return TRUE;`
			`}`
			`@@ -270,6 +304,7 @@ gdm_greeter_server_info (GdmGreeterServer *greeter_server,`
			`const char *service_name,`
			`const char *text)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_string_signal (greeter_server, "Info", service_name, text);`
			`return TRUE;`
			`}`
			`@@ -279,6 +314,7 @@ gdm_greeter_server_problem (GdmGreeterServer *greeter_server,`
			`const char *service_name,`
			`const char *text)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_string_signal (greeter_server, "Problem", service_name, text);`
			`return TRUE;`
			`}`
			`@@ -287,6 +323,7 @@ gboolean`
			`gdm_greeter_server_authentication_failed (GdmGreeterServer *greeter_server,`
			`const char *service_name)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_signal (greeter_server, "AuthenticationFailed", service_name);`
			`return TRUE;`
			`}`
			`@@ -295,6 +332,7 @@ gboolean`
			`gdm_greeter_server_service_unavailable (GdmGreeterServer *greeter_server,`
			`const char *service_name)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_signal (greeter_server, "ServiceUnavailable", service_name);`
			`return TRUE;`
			`}`
			`@@ -310,6 +348,7 @@ gboolean`
			`gdm_greeter_server_ready (GdmGreeterServer *greeter_server,`
			`const char *service_name)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_signal (greeter_server, "Ready", service_name);`
			`return TRUE;`
			`}`
			`@@ -318,6 +357,7 @@ gboolean`
			`gdm_greeter_server_conversation_stopped (GdmGreeterServer *greeter_server,`
			`const char *service_name)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_signal (greeter_server, "ConversationStopped", service_name);`
			`return TRUE;`
			`}`
			`@@ -355,6 +395,7 @@ void`
			`gdm_greeter_server_session_opened (GdmGreeterServer *greeter_server,`
			`const char *service_name)`
			`{`
			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`send_dbus_string_signal (greeter_server, "SessionOpened", service_name);`
			`}`

			`@@ -394,6 +435,7 @@ handle_start_conversation (GdmGreeterServer *greeter_server,`
			`DBusMessage *reply;`
			`DBusError error;`
			`const char *service_name;`
			`+ const char *translated_service_name;`

			`dbus_error_init (&error);`
			`if (! dbus_message_get_args (message, &error,`
			`@@ -409,7 +451,14 @@ handle_start_conversation (GdmGreeterServer *greeter_server,`
			`dbus_connection_send (connection, reply, NULL);`
			`dbus_message_unref (reply);`

			`- g_signal_emit (greeter_server, signals [START_CONVERSATION], 0, service_name);`
			`+ translated_service_name = translate_incoming_service_name (greeter_server, service_name);`
			`+`
			`+ if (translated_service_name == NULL) {`
			`+ gdm_greeter_server_service_unavailable (greeter_server, service_name);`
			`+ return DBUS_HANDLER_RESULT_HANDLED;`
			`+ }`
			`+`
			`+ g_signal_emit (greeter_server, signals [START_CONVERSATION], 0, translated_service_name);`

			`return DBUS_HANDLER_RESULT_HANDLED;`
			`}`
			`@@ -437,6 +486,7 @@ handle_begin_verification (GdmGreeterServer *greeter_server,`
			`dbus_connection_send (connection, reply, NULL);`
			`dbus_message_unref (reply);`

			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`g_signal_emit (greeter_server, signals [BEGIN_VERIFICATION], 0, service_name);`

			`return DBUS_HANDLER_RESULT_HANDLED;`
			`@@ -494,6 +544,7 @@ handle_begin_verification_for_user (GdmGreeterServer *greeter_server,`
			`dbus_connection_send (connection, reply, NULL);`
			`dbus_message_unref (reply);`

			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`g_signal_emit (greeter_server, signals [BEGIN_VERIFICATION_FOR_USER], 0, service_name, text);`

			`return DBUS_HANDLER_RESULT_HANDLED;`
			`@@ -524,6 +575,7 @@ handle_answer_query (GdmGreeterServer *greeter_server,`
			`dbus_connection_send (connection, reply, NULL);`
			`dbus_message_unref (reply);`

			`+ service_name = translate_outgoing_service_name (greeter_server, service_name);`
			`g_signal_emit (greeter_server, signals [QUERY_ANSWER], 0, service_name, text);`

			`return DBUS_HANDLER_RESULT_HANDLED;`
			`@@ -711,6 +763,7 @@ handle_start_session_when_ready (GdmGreeterServer *greeter_server,`
			`dbus_connection_send (connection, reply, NULL);`
			`dbus_message_unref (reply);`

			`+ service_name = (char *) translate_outgoing_service_name (greeter_server, service_name);`
			`if (should_start_session) {`
			`g_signal_emit (greeter_server, signals [START_SESSION_WHEN_READY], 0, service_name);`
			`} else {`
			`diff --git a/daemon/gdm-simple-slave.c b/daemon/gdm-simple-slave.c`
			`index 38e7a84..b9165fd 100644`
			`--- a/daemon/gdm-simple-slave.c`
			`+++ b/daemon/gdm-simple-slave.c`
			`@@ -1034,10 +1034,11 @@ on_greeter_start_conversation (GdmGreeterServer *greeter_server,`
			`const char *service_name,`
			`GdmSimpleSlave *slave)`
			`{`
			`- g_debug ("GdmSimpleSlave: starting conversation with '%s' pam service'", service_name);`
			`if (slave->priv->greeter_reset_id > 0) {`
			`return;`
			`}`
			`+`
			`+ g_debug ("GdmSimpleSlave: starting conversation with '%s' pam service'", service_name);`
			`gdm_session_start_conversation (GDM_SESSION (slave->priv->session),`
			`service_name);`
			`}`
			`--`
			`cgit v0.9.0.2`