From 26c794da31c215fef3e41429f6f13afdaf349bee Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Wed, 3 Jun 2020 20:35:04 +0200
Subject: [PATCH 21/22] pam_sss: add SERVICE_IS_GDM_SMARTCARD

Resolves: https://github.com/SSSD/sssd/issues/5190

Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
---
 src/sss_client/pam_sss.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c
index 69b440774..7e59f0487 100644
--- a/src/sss_client/pam_sss.c
+++ b/src/sss_client/pam_sss.c
@@ -71,6 +71,8 @@
 #define DEBUG_MGS_LEN 1024
 #define MAX_AUTHTOK_SIZE (1024*1024)
 #define CHECK_AND_RETURN_PI_STRING(s) ((s != NULL && *s != '\0')? s : "(not available)")
+#define SERVICE_IS_GDM_SMARTCARD(pitem) (strcmp((pitem)->pam_service, \
+                                                "gdm-smartcard") == 0)
 
 static void logger(pam_handle_t *pamh, int level, const char *fmt, ...) {
     va_list ap;
@@ -2580,7 +2582,7 @@ static int pam_sss(enum sss_cli_command task, pam_handle_t *pamh,
                     return PAM_AUTHINFO_UNAVAIL;
                 }
 
-                if (strcmp(pi.pam_service, "gdm-smartcard") == 0
+                if (SERVICE_IS_GDM_SMARTCARD(&pi)
                         || (flags & PAM_CLI_FLAGS_REQUIRE_CERT_AUTH)) {
                     ret = check_login_token_name(pamh, &pi, retries,
                                                  quiet_mode);
-- 
2.21.3