rpms/gnome-screensaver/devel gnome-screensaver-2.16.0-better-debug.patch, NONE, 1.1 gnome-screensaver-2.16.0-securitytoken.patch, 1.5, 1.6 gnome-screensaver.spec, 1.111, 1.112
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Oct 4 16:03:06 UTC 2006
Author: rstrode
Update of /cvs/dist/rpms/gnome-screensaver/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3987
Modified Files:
gnome-screensaver-2.16.0-securitytoken.patch
gnome-screensaver.spec
Added Files:
gnome-screensaver-2.16.0-better-debug.patch
Log Message:
- Add more debugging messages to help diagnose bug 208018
gnome-screensaver-2.16.0-better-debug.patch:
gs-listener-dbus.c | 2 ++
gs-monitor.c | 14 ++++++++++++--
2 files changed, 14 insertions(+), 2 deletions(-)
--- NEW FILE gnome-screensaver-2.16.0-better-debug.patch ---
--- gnome-screensaver-2.16.0/src/gs-listener-dbus.c.better-debug 2006-10-04 12:01:53.000000000 -0400
+++ gnome-screensaver-2.16.0/src/gs-listener-dbus.c 2006-10-04 12:01:09.000000000 -0400
@@ -445,6 +445,7 @@
g_return_val_if_fail (GS_IS_LISTENER (listener), FALSE);
+ gs_debug ("set active %s", active? "true" : "false");
if (listener->priv->active == active) {
gs_debug ("Trying to set active state when already: %s",
active ? "active" : "inactive");
@@ -452,6 +453,7 @@
}
res = FALSE;
+ gs_debug ("emiting active-changed signal");
g_signal_emit (listener, signals [ACTIVE_CHANGED], 0, active, &res);
if (! res) {
/* if the signal is not handled then we haven't changed state */
--- gnome-screensaver-2.16.0/src/gs-monitor.c.better-debug 2006-10-04 11:58:06.000000000 -0400
+++ gnome-screensaver-2.16.0/src/gs-monitor.c 2006-10-04 11:59:47.000000000 -0400
@@ -122,16 +122,23 @@
{
gboolean lock_on_remove_is_enabled;
- if (!sc_security_token_is_login_token (token))
+
+ if (!sc_security_token_is_login_token (token)){
+ gs_debug ("non-login token, smart card removed");
return;
+ }
/* if we're configured to lock on removal, then lock the screen
* FIXME: the way we check whether we're configured for lock on
* removal is a total hack
*/
lock_on_remove_is_enabled = system ("pkcs11_setup rm_action | grep -q lock") == 0;
- if (lock_on_remove_is_enabled)
+ if (lock_on_remove_is_enabled) {
+ gs_debug ("screen is configured to lock because of removal");
gs_monitor_lock_screen (monitor);
+ } else {
+ gs_debug ("screen is configured to not lock despite removal");
+ }
/* If we're already locked and the lock dialog is up, kill it.
*/
@@ -541,6 +548,9 @@
in case something tries to react to the ActiveChanged signal */
gs_manager_get_lock_active (monitor->priv->manager, &locked);
+
+ if (locked)
+ gs_debug ("screen is already locked");
gs_manager_set_lock_active (monitor->priv->manager, TRUE);
res = gs_listener_set_active (monitor->priv->listener, TRUE);
if (! res) {
gnome-screensaver-2.16.0-securitytoken.patch:
configure.ac | 16
src/Makefile.am | 1
src/cut-n-paste/Makefile.am | 13
src/cut-n-paste/securitytoken.c | 580 +++++++++++
src/cut-n-paste/securitytoken.h | 91 +
src/cut-n-paste/securitytokenmonitor.c | 1623 +++++++++++++++++++++++++++++++++
src/cut-n-paste/securitytokenmonitor.h | 84 +
src/gs-auth-pam.c | 7
src/gs-monitor.c | 128 +-
src/gs-window-x11.c | 1
10 files changed, 2509 insertions(+), 35 deletions(-)
Index: gnome-screensaver-2.16.0-securitytoken.patch
===================================================================
RCS file: /cvs/dist/rpms/gnome-screensaver/devel/gnome-screensaver-2.16.0-securitytoken.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- gnome-screensaver-2.16.0-securitytoken.patch 4 Oct 2006 15:48:47 -0000 1.5
+++ gnome-screensaver-2.16.0-securitytoken.patch 4 Oct 2006 16:03:03 -0000 1.6
@@ -1,5 +1,5 @@
--- gnome-screensaver-2.16.0/src/gs-monitor.c.securitytoken 2006-08-04 15:36:03.000000000 -0400
-+++ gnome-screensaver-2.16.0/src/gs-monitor.c 2006-10-04 11:46:46.000000000 -0400
++++ gnome-screensaver-2.16.0/src/gs-monitor.c 2006-09-18 13:58:41.000000000 -0400
@@ -41,10 +41,15 @@
#include "gs-prefs.h"
#include "gs-debug.h"
@@ -25,7 +25,7 @@
guint release_grab_id;
};
-@@ -100,6 +107,44 @@
+@@ -100,6 +107,29 @@
gs_listener_emit_auth_request_end (monitor->priv->listener);
}
@@ -42,35 +42,20 @@
+ ScSecurityToken *token,
+ GSMonitor *monitor)
+{
-+ gboolean lock_on_remove_is_enabled;
++ gboolean locking_is_enabled;
+
-+ if (!sc_security_token_is_login_token (token)) {
-+ gs_debug ("Smart card removed, but not login token");
-+ return;
-+ }
-+ gs_debug ("Login token smart card removed!");
-+
-+ /* if we're configured to lock on removal, then lock the screen
-+ * FIXME: the way we check whether we're configured for lock on
-+ * removal is a total hack
++ /* FIXME: lame hack
+ */
-+ lock_on_remove_is_enabled = system ("pkcs11_setup rm_action | grep -q lock") == 0;
-+ if (lock_on_remove_is_enabled) {
-+
-+ gs_debug ("system is configured to lock on removal");
++ locking_is_enabled = system ("pkcs11_setup rm_action | grep -q lock") == 0;
++ if (locking_is_enabled &&
++ sc_security_token_is_login_token (token))
+ gs_monitor_lock_screen (monitor);
-+ } else
-+ gs_debug ("system is not configured to lock on removal");
-+
-+ /* If we're already locked and the lock dialog is up, kill it.
-+ */
-+ gs_manager_cancel_unlock_request (monitor->priv->manager);
+}
+
static gboolean
watcher_idle_cb (GSWatcher *watcher,
gboolean is_idle,
-@@ -180,37 +225,6 @@
+@@ -180,37 +210,6 @@
}
static void
@@ -108,7 +93,7 @@
listener_lock_cb (GSListener *listener,
GSMonitor *monitor)
{
-@@ -390,6 +404,27 @@
+@@ -390,6 +389,27 @@
}
static void
@@ -136,7 +121,7 @@
disconnect_prefs_signals (GSMonitor *monitor)
{
g_signal_handlers_disconnect_by_func (monitor->priv->prefs, _gs_monitor_update_from_prefs, monitor);
-@@ -423,6 +458,15 @@
+@@ -423,6 +443,15 @@
monitor->priv->manager = gs_manager_new ();
connect_manager_signals (monitor);
@@ -152,7 +137,7 @@
_gs_monitor_update_from_prefs (monitor, monitor->priv->prefs);
}
-@@ -438,6 +482,12 @@
+@@ -438,6 +467,12 @@
g_return_if_fail (monitor->priv != NULL);
@@ -165,7 +150,7 @@
disconnect_watcher_signals (monitor);
disconnect_listener_signals (monitor);
disconnect_manager_signals (monitor);
-@@ -475,3 +525,40 @@
+@@ -475,3 +510,34 @@
return TRUE;
}
@@ -188,16 +173,10 @@
+ gboolean res;
+ gboolean locked;
+
-+ gs_debug ("locking screen");
-+
+ /* set lock flag before trying to activate screensaver
+ in case something tries to react to the ActiveChanged signal */
+
+ gs_manager_get_lock_active (monitor->priv->manager, &locked);
-+
-+ if (locked)
-+ gs_debug ("screen already locked");
-+
+ gs_manager_set_lock_active (monitor->priv->manager, TRUE);
+ res = gs_listener_set_active (monitor->priv->listener, TRUE);
+ if (! res) {
@@ -207,7 +186,7 @@
+ }
+}
--- gnome-screensaver-2.16.0/src/Makefile.am.securitytoken 2006-08-03 09:53:14.000000000 -0400
-+++ gnome-screensaver-2.16.0/src/Makefile.am 2006-10-04 11:41:10.000000000 -0400
++++ gnome-screensaver-2.16.0/src/Makefile.am 2006-09-18 13:58:41.000000000 -0400
@@ -211,6 +211,7 @@
gnome_screensaver_LDADD = \
$(SAVER_LIBS) \
@@ -216,8 +195,8 @@
$(NULL)
gnome_screensaver_LDFLAGS = -export-dynamic
---- /dev/null 2006-10-04 09:55:26.335534266 -0400
-+++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytokenmonitor.c 2006-10-04 11:41:10.000000000 -0400
+--- /dev/null 2006-09-18 14:45:43.343998235 -0400
++++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytokenmonitor.c 2006-09-18 15:47:48.000000000 -0400
@@ -0,0 +1,1623 @@
+/* securitytokenmonitor.c - monitor for security token insertion and
+ * removal events
@@ -1842,8 +1821,8 @@
+ return 0;
+}
+#endif
---- /dev/null 2006-10-04 09:55:26.335534266 -0400
-+++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytoken.c 2006-10-04 11:41:10.000000000 -0400
+--- /dev/null 2006-09-18 14:45:43.343998235 -0400
++++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytoken.c 2006-09-18 13:58:41.000000000 -0400
@@ -0,0 +1,580 @@
+/* securitytoken.c - security token
+ *
@@ -2425,8 +2404,8 @@
+ return 0;
+}
+#endif
---- /dev/null 2006-10-04 09:55:26.335534266 -0400
-+++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytoken.h 2006-10-04 11:41:10.000000000 -0400
+--- /dev/null 2006-09-18 14:45:43.343998235 -0400
++++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytoken.h 2006-09-18 13:58:41.000000000 -0400
@@ -0,0 +1,91 @@
+/* securitytoken.h - api for reading and writing data to a security token
+ *
@@ -2519,8 +2498,8 @@
+
+G_END_DECLS
+#endif /* SC_SECURITY_TOKEN_H */
---- /dev/null 2006-10-04 09:55:26.335534266 -0400
-+++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytokenmonitor.h 2006-10-04 11:41:10.000000000 -0400
+--- /dev/null 2006-09-18 14:45:43.343998235 -0400
++++ gnome-screensaver-2.16.0/src/cut-n-paste/securitytokenmonitor.h 2006-09-18 13:58:41.000000000 -0400
@@ -0,0 +1,84 @@
+/* securitytokenmonitor.h - monitor for security token insertion and
+ * removal events
@@ -2607,7 +2586,7 @@
+G_END_DECLS
+#endif /* SC_SECURITY_TOKEN_MONITOR_H */
--- gnome-screensaver-2.16.0/src/cut-n-paste/Makefile.am.securitytoken 2005-04-14 15:59:44.000000000 -0400
-+++ gnome-screensaver-2.16.0/src/cut-n-paste/Makefile.am 2006-10-04 11:41:10.000000000 -0400
++++ gnome-screensaver-2.16.0/src/cut-n-paste/Makefile.am 2006-09-18 13:58:41.000000000 -0400
@@ -10,7 +10,18 @@
Makefile.in
@@ -2629,303 +2608,23 @@
libfast_user_switch_a_CPPFLAGS = \
-DDATADIR=\""$(datadir)"\" \
--- gnome-screensaver-2.16.0/src/gs-auth-pam.c.securitytoken 2006-06-08 16:23:40.000000000 -0400
-+++ gnome-screensaver-2.16.0/src/gs-auth-pam.c 2006-10-04 11:41:10.000000000 -0400
-@@ -28,6 +28,7 @@
- # include <unistd.h>
- #endif
-
-+#include <fcntl.h>
- #include <stdio.h>
- #include <string.h>
- #include <sys/types.h>
-@@ -40,6 +41,7 @@
- #include <glib.h>
- #include <glib/gstdio.h>
- #include <glib/gi18n.h>
-+#include <gtk/gtk.h>
-
- #include "gs-auth.h"
-
-@@ -81,8 +83,20 @@
- const char *username;
- GSAuthMessageFunc cb_func;
- gpointer cb_data;
-+ int signal_fd;
-+ int result;
- };
-
-+typedef struct {
-+ struct pam_closure *closure;
-+ GSAuthMessageStyle style;
-+ const char *msg;
-+ char **resp;
-+ gboolean should_interrupt_stack;
-+} GsAuthMessageHandlerData;
-+static GCond *message_handled_condition;
-+static GMutex *message_handler_mutex;
-+
- GQuark
- gs_auth_error_quark (void)
- {
-@@ -162,6 +176,48 @@
- return ret;
- }
-
-+static gboolean
-+gs_auth_queued_message_handler (GsAuthMessageHandlerData *data)
-+{
-+ g_mutex_lock (message_handler_mutex);
-+ data->should_interrupt_stack =
-+ data->closure->cb_func (data->style,
-+ data->msg, data->resp,
-+ data->closure->cb_data) == FALSE;
-+ g_cond_signal (message_handled_condition);
-+ g_mutex_unlock (message_handler_mutex);
-+ return FALSE;
-+}
-+
-+static gboolean
-+gs_auth_run_message_handler (struct pam_closure *c,
-+ GSAuthMessageStyle style,
-+ const char *msg,
-+ char **resp)
-+{
-+ GsAuthMessageHandlerData data;
-+
-+ data.closure = c;
-+ data.style = style;
-+ data.msg = msg;
-+ data.resp = resp;
-+ data.should_interrupt_stack = TRUE;
-+
-+ g_mutex_lock (message_handler_mutex);
-+
-+ /* Queue the callback in the gui (the main) thread
-+ */
-+ g_idle_add ((GSourceFunc) gs_auth_queued_message_handler, &data);
-+
-+ /* Wait for the response
-+ */
-+ g_cond_wait (message_handled_condition,
-+ message_handler_mutex);
-+ g_mutex_unlock (message_handler_mutex);
-+
-+ return data.should_interrupt_stack == FALSE;
-+}
-+
- static int
- pam_conversation (int nmsgs,
- const struct pam_message **msg,
-@@ -195,12 +251,14 @@
- NULL);
-
- if (c->cb_func != NULL) {
-- res = c->cb_func (style,
-- msg [replies]->msg,
-- &reply [replies].resp,
-- c->cb_data);
-
-- /* If the handler returns FALSE - interrupt the PAM stack */
-+ /* blocks until the gui responds
-+ */
-+ res = gs_auth_run_message_handler (c, style,
-+ msg [replies]->msg,
-+ &reply [replies].resp);
-+
-+ /* If the handler returns FALSE - interrupt the PAM stack */
- if (res) {
- reply [replies].resp_retcode = PAM_SUCCESS;
- } else {
-@@ -231,6 +289,16 @@
++++ gnome-screensaver-2.16.0/src/gs-auth-pam.c 2006-09-18 13:58:41.000000000 -0400
+@@ -207,6 +207,13 @@
+ reply [replies].resp_retcode = PAM_INCOMPLETE;
+ }
}
- }
-
-+ if (message_handled_condition != NULL) {
-+ g_cond_free (message_handled_condition);
-+ message_handled_condition = NULL;
-+ }
-+
-+ if (message_handler_mutex != NULL) {
-+ g_mutex_free (message_handler_mutex);
-+ message_handler_mutex = NULL;
-+ }
-+
- return TRUE;
- }
-
-@@ -296,6 +364,8 @@
- }
-
- ret = TRUE;
-+ message_handled_condition = g_cond_new ();
-+ message_handler_mutex = g_mutex_new ();
-
- out:
- if (status_code != NULL) {
-@@ -342,6 +412,114 @@
-
- }
-
-+static int
-+gs_auth_thread_func (int auth_operation_fd)
-+{
-+ static const int flags = 0;
-+ int status;
-+
-+ status = pam_authenticate (pam_handle, flags);
+
-+ /* we're done, close the fd and wake up the main
-+ * loop
-+ */
-+ close (auth_operation_fd);
-+
-+ return status;
-+}
-+
-+static gboolean
-+gs_auth_loop_quit (GIOChannel *source,
-+ GIOCondition condition,
-+ gboolean *thread_done)
-+{
-+ *thread_done = TRUE;
-+ gtk_main_quit ();
-+ return FALSE;
-+}
-+
-+static gboolean
-+gs_auth_identify_user (pam_handle_t *handle,
-+ int *status)
-+{
-+ GThread *auth_thread;
-+ GIOChannel *channel;
-+ guint watch_id;
-+ int auth_operation_fds[2];
-+ int auth_status;
-+ gboolean thread_done;
-+
-+ channel = NULL;
-+ watch_id = 0;
-+ auth_status = PAM_INCOMPLETE;
-+
-+ /* This pipe gives us a set of fds we can hook into
-+ * the event loop to be notified when our helper thread
-+ * is ready to be reaped.
-+ */
-+ if (pipe (auth_operation_fds) < 0) {
-+ goto out;
-+ }
-+
-+ if (fcntl (auth_operation_fds[0], F_SETFD, FD_CLOEXEC) < 0) {
-+ close (auth_operation_fds[0]);
-+ close (auth_operation_fds[1]);
-+ goto out;
-+ }
-+
-+ if (fcntl (auth_operation_fds[1], F_SETFD, FD_CLOEXEC) < 0) {
-+ close (auth_operation_fds[0]);
-+ close (auth_operation_fds[1]);
-+ goto out;
-+ }
-+
-+ channel = g_io_channel_unix_new (auth_operation_fds[0]);
-+
-+ /* we use a recursive main loop to process ui events
-+ * while we wait on a thread to handle the blocking parts
-+ * of pam authentication.
-+ */
-+ thread_done = FALSE;
-+ watch_id = g_io_add_watch (channel, G_IO_ERR | G_IO_HUP,
-+ (GIOFunc) gs_auth_loop_quit, &thread_done);
-+
-+ auth_thread = g_thread_create ((GThreadFunc) gs_auth_thread_func,
-+ GINT_TO_POINTER (auth_operation_fds[1]),
-+ TRUE, NULL);
-+
-+ if (auth_thread == NULL) {
-+ goto out;
-+ }
-+
-+ gtk_main ();
-+
-+ /* if the event loop was quit before the thread is done then we can't
-+ * reap the thread without blocking on it finishing. The
-+ * thread may not ever finish though if the pam module is blocking.
-+ *
-+ * The only time the event loop is going to stop when the thread isn't
-+ * done, however, is if the dialog quits early (from, e.g., "cancel"),
-+ * so we can just exit. An alternative option would be to switch to
-+ * using pthreads directly and calling pthread_cancel.
-+ */
-+ if (!thread_done)
-+ raise (SIGTERM);
-+
-+ auth_status = GPOINTER_TO_INT (g_thread_join (auth_thread));
-+
-+out:
-+ if (watch_id != 0)
-+ g_source_remove (watch_id);
-+
-+ if (channel != NULL)
-+ g_io_channel_unref (channel);
-+
-+ if (status)
-+ *status = auth_status;
-+
-+ return auth_status == PAM_SUCCESS;
-+}
-+
- gboolean
- gs_auth_verify_user (const char *username,
- const char *display,
-@@ -356,7 +534,6 @@
- sigset_t set;
- struct timespec timeout;
- struct passwd *pwent;
-- int null_tok = 0;
- const void *p;
-
- pwent = getpwnam (username);
-@@ -364,6 +541,7 @@
- return FALSE;
- }
-
-+
- c.username = username;
- c.cb_func = func;
- c.cb_data = data;
-@@ -386,8 +564,6 @@
- set = block_sigchld ();
-
- did_we_ask_for_password = FALSE;
-- status = pam_authenticate (pam_handle, null_tok);
--
- sigtimedwait (&set, NULL, &timeout);
- unblock_sigchld ();
-
-@@ -397,9 +573,9 @@
- PAM_STRERROR (pam_handle, status));
++ /* iterate the glib event loop inbetween processing pam
++ * messages so that the user interface can be updated
++ * to reflect changes that are a result of the pam
++ * messages
++ */
++ while (g_main_context_iteration (NULL, FALSE));
}
-- if (status != PAM_SUCCESS) {
-- goto DONE;
-- }
-+ if (!gs_auth_identify_user (pam_handle, &status)) {
-+ goto DONE;
-+ }
-
- if ((status = pam_get_item (pam_handle, PAM_USER, &p)) != PAM_SUCCESS) {
- /* is not really an auth problem, but it will
-@@ -412,7 +588,7 @@
- * but we need to run them anyway because certain pam modules
- * depend on side effects of the account modules getting run.
- */
-- status2 = pam_acct_mgmt (pam_handle, null_tok);
-+ status2 = pam_acct_mgmt (pam_handle, 0);
-
- if (gs_auth_get_verbose ()) {
- g_message ("pam_acct_mgmt (...) ==> %d (%s)\n",
+ *resp = reply;
--- gnome-screensaver-2.16.0/src/gs-window-x11.c.securitytoken 2006-08-04 15:20:11.000000000 -0400
-+++ gnome-screensaver-2.16.0/src/gs-window-x11.c 2006-10-04 11:41:10.000000000 -0400
++++ gnome-screensaver-2.16.0/src/gs-window-x11.c 2006-09-18 13:58:41.000000000 -0400
@@ -680,6 +680,7 @@
"XAUTHLOCALHOSTNAME",
"KRB5CCNAME",
@@ -2934,31 +2633,8 @@
"LANG",
"LANGUAGE",
"RUNNING_UNDER_GDM",
-@@ -1373,6 +1374,22 @@
- g_signal_emit (window, signals [DIALOG_UP], 0);
- }
-
-+void
-+gs_window_cancel_unlock_request (GSWindow *window)
-+{
-+ /* FIXME: This is a bit of a hammer approach...
-+ * Maybe we should send a delete-event to
-+ * the plug?
-+ */
-+ g_return_if_fail (GS_IS_WINDOW (window));
-+
-+ if (window->priv->lock_socket == NULL)
-+ return;
-+
-+ if (window->priv->lock_pid > 0)
-+ kill (window->priv->lock_pid, SIGTERM);
-+}
-+
- void
- gs_window_set_lock_enabled (GSWindow *window,
- gboolean lock_enabled)
--- gnome-screensaver-2.16.0/configure.ac.securitytoken 2006-08-21 19:00:04.000000000 -0400
-+++ gnome-screensaver-2.16.0/configure.ac 2006-10-04 11:41:10.000000000 -0400
++++ gnome-screensaver-2.16.0/configure.ac 2006-09-18 13:58:41.000000000 -0400
@@ -43,6 +43,7 @@
LIBGNOME_MENU_REQUIRED_VERSION=2.11.1
LIBEXIF_REQUIRED_VERSION=0.6.12
Index: gnome-screensaver.spec
===================================================================
RCS file: /cvs/dist/rpms/gnome-screensaver/devel/gnome-screensaver.spec,v
retrieving revision 1.111
retrieving revision 1.112
diff -u -r1.111 -r1.112
--- gnome-screensaver.spec 4 Oct 2006 15:48:47 -0000 1.111
+++ gnome-screensaver.spec 4 Oct 2006 16:03:03 -0000 1.112
@@ -22,6 +22,7 @@
Patch1: gnome-screensaver-2.15.4-default-theme.patch
Patch2: gnome-screensaver-2.16.0-securitytoken.patch
Patch3: gnome-screensaver-2.16.0-better-pam-integration.patch
+Patch4: gnome-screensaver-2.16.0-better-debug.patch
BuildRoot: %{_tmppath}/%{name}-root
URL: http://www.gnome.org
@@ -65,6 +66,7 @@
%patch1 -p1 -b .use-floaters-by-default
%patch2 -p1 -b .securitytoken
%patch3 -p1 -b .better-pam-integration
+%patch4 -p1 -b .better-debug
%build
autoreconf
More information about the fedora-cvs-commits
mailing list