diff --git a/enforce-smartcard-at-unlock.patch b/enforce-smartcard-at-unlock.patch index 1dcfa8f..ee1d9c1 100644 --- a/enforce-smartcard-at-unlock.patch +++ b/enforce-smartcard-at-unlock.patch @@ -1,4 +1,4 @@ -From 420178f0f4711b3d58c9880008cf847a99fb438b Mon Sep 17 00:00:00 2001 +From 066e4346a13a667f318e4334020cc1ac4a03ba9a Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 10:57:02 -0400 Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using @@ -35,7 +35,7 @@ index 32573cd384..6c48c80a19 100644 2.44.0 -From add283227afed3e32d9dd7c93b211e012d9fd85a Mon Sep 17 00:00:00 2001 +From dba5cdb1cd96d8f5e99280135e88df4f0487c4ed Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:56:53 -0400 Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for @@ -44,22 +44,14 @@ Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for If a smartcard is used for login, we need to make sure the smartcard gets used for unlock, too. --- - js/gdm/util.js | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) + js/gdm/util.js | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/js/gdm/util.js b/js/gdm/util.js -index 97df6d687e..cfb430a24e 100644 +index 97df6d687e..8a05758bb8 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js -@@ -125,7 +125,6 @@ export class ShellUserVerifier extends Signals.EventEmitter { - this._settings = new Gio.Settings({schema_id: LOGIN_SCREEN_SCHEMA}); - this._settings.connect('changed', () => this._onSettingsChanged()); - this._updateEnabledServices(); -- this._updateDefaultService(); - - this.addCredentialManager(OVirt.SERVICE_NAME, OVirt.getOVirtCredentialsManager()); - this.addCredentialManager(Vmware.SERVICE_NAME, Vmware.getVmwareCredentialsManager()); -@@ -463,6 +462,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { +@@ -463,6 +463,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { this.smartcardDetected = false; this._checkForSmartcard(); @@ -68,12 +60,12 @@ index 97df6d687e..cfb430a24e 100644 this._smartcardManager.connectObject( 'smartcard-inserted', () => this._checkForSmartcard(), 'smartcard-removed', () => this._checkForSmartcard(), this); -@@ -641,7 +642,9 @@ export class ShellUserVerifier extends Signals.EventEmitter { +@@ -641,7 +643,9 @@ export class ShellUserVerifier extends Signals.EventEmitter { } _getDetectedDefaultService() { - if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) -+ if (this._smartcardManager.loggedInWithToken()) ++ if (this._smartcardManager?.loggedInWithToken()) + return SMARTCARD_SERVICE_NAME; + else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) return PASSWORD_SERVICE_NAME; @@ -83,7 +75,7 @@ index 97df6d687e..cfb430a24e 100644 2.44.0 -From 2ad44eb49ab436df194d5ad78a73aef02f67a220 Mon Sep 17 00:00:00 2001 +From ef8ac2256eed6bac5c002f127915c88a12bf1a58 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:57:36 -0400 Subject: [PATCH 3/3] gdm: update default service when smartcard inserted @@ -96,10 +88,10 @@ after we get a smartcard insertion event. 1 file changed, 2 insertions(+) diff --git a/js/gdm/util.js b/js/gdm/util.js -index cfb430a24e..e4777225a0 100644 +index 8a05758bb8..69005f7335 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js -@@ -487,6 +487,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { +@@ -488,6 +488,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { else if (this._preemptingService === SMARTCARD_SERVICE_NAME) this._preemptingService = null;