File gnome-keyring-pam-auto-start-if.patch of Package gnome-keyring
Index: gnome-keyring-2.24.1/pam/gkr-pam-module.c
===================================================================
--- gnome-keyring-2.24.1.orig/pam/gkr-pam-module.c
+++ gnome-keyring-2.24.1/pam/gkr-pam-module.c
@@ -205,6 +205,39 @@ write_string (int fd, const char* buf)
return 0;
}
+/* Check for list match. */
+static int
+evaluate_inlist (const char *needle, const char *haystack)
+{
+ const char *item;
+ const char *remaining;
+
+ remaining = haystack;
+
+ while (1) {
+ item = strstr (remaining, needle);
+ if (item == NULL)
+ break;
+
+ /* is it really the start of an item in the list? */
+ if (item == haystack || *(item - 1) == ',') {
+ item += strlen (needle);
+ /* is item really needle? */
+ if (*item == '\0' || *item == ',')
+ return PAM_SUCCESS;
+ }
+
+ remaining = strchr (item, ',');
+ if (remaining == NULL)
+ break;
+
+ /* skip ',' */
+ ++remaining;
+ }
+
+ return PAM_AUTH_ERR;
+}
+
/* -----------------------------------------------------------------------------
* DAEMON MANAGEMENT
*/
@@ -732,16 +765,30 @@ prompt_password (pam_handle_t *ph)
}
static uint
-parse_args (int argc, const char **argv)
+parse_args (pam_handle_t *ph, int argc, const char **argv)
{
uint args = 0;
-
+ const void *svc;
+ int i;
+
+ svc = NULL;
+ if (pam_get_item(ph, PAM_SERVICE, &svc) != PAM_SUCCESS)
+ svc = NULL;
+
/* Parse the arguments */
- for (; argc-- > 0; ++argv) {
- if (strcmp (argv[0], "auto_start") == 0)
+ for (i = 0; i < argc; i++) {
+ if (strcmp (argv[i], "auto_start") == 0)
args |= ARG_AUTO_START;
- else
- syslog (GKR_LOG_WARN, "gkr-pam: invalid option: %s", argv[0]);
+ else if (strncmp (argv[i],
+ "auto_start_if=",
+ strlen ("auto_start_if=")) == 0) {
+ if (svc &&
+ evaluate_inlist (svc,
+ &argv[i][strlen ("auto_start_if=")]) == PAM_SUCCESS)
+ args |= ARG_AUTO_START;
+
+ } else
+ syslog (GKR_LOG_WARN, "gkr-pam: invalid option: %s", argv[i]);
}
return args;
@@ -757,7 +804,7 @@ pam_sm_authenticate (pam_handle_t *ph, i
uint args;
int ret;
- args = parse_args (argc, argv);
+ args = parse_args (ph, argc, argv);
/* Figure out and/or prompt for the user name */
ret = pam_get_user (ph, &user, NULL);
@@ -822,7 +869,7 @@ pam_sm_open_session (pam_handle_t *ph, i
const char *user = NULL, *password = NULL;
struct passwd *pwd;
int ret;
- uint args = parse_args (argc, argv);
+ uint args = parse_args (ph, argc, argv);
int started_daemon;
/* Figure out the user name */
@@ -987,7 +1034,7 @@ pam_sm_chauthtok (pam_handle_t *ph, int
uint args;
int ret;
- args = parse_args (argc, argv);
+ args = parse_args (ph, argc, argv);
/* Figure out and/or prompt for the user name */
ret = pam_get_user (ph, &user, NULL);