From 0f5c91ffcf7a9efc7f3c8a7117f3630cddd782cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Thu, 18 Feb 2021 15:08:03 +0100 Subject: [PATCH 1/9] credentialManager: Add Signal methods to the base class CredentialManager is used to emit signals but it's not implementing the Signals interface by itself, while its implementations do. So just define it generically so that classes implementing it can use the api without worrying about. --- js/gdm/credentialManager.js | 3 +++ js/gdm/oVirt.js | 2 -- js/gdm/vmware.js | 2 -- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/js/gdm/credentialManager.js b/js/gdm/credentialManager.js index 5c4bc7e62a..e768f0e8fd 100644 --- a/js/gdm/credentialManager.js +++ b/js/gdm/credentialManager.js @@ -1,6 +1,8 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- /* exported CredentialManager */ +const Signals = imports.signals; + var CredentialManager = class CredentialManager { constructor(service) { this._token = null; @@ -22,3 +24,4 @@ var CredentialManager = class CredentialManager { return this._service; } }; +Signals.addSignalMethods(CredentialManager.prototype); diff --git a/js/gdm/oVirt.js b/js/gdm/oVirt.js index 94a22b8237..a90d76f271 100644 --- a/js/gdm/oVirt.js +++ b/js/gdm/oVirt.js @@ -2,7 +2,6 @@ /* exported getOVirtCredentialsManager */ const Gio = imports.gi.Gio; -const Signals = imports.signals; const Credential = imports.gdm.credentialManager; var SERVICE_NAME = 'gdm-ovirtcred'; @@ -41,7 +40,6 @@ var OVirtCredentialsManager = class OVirtCredentialsManager extends Credential.C }); } }; -Signals.addSignalMethods(OVirtCredentialsManager.prototype); function getOVirtCredentialsManager() { if (!_oVirtCredentialsManager) diff --git a/js/gdm/vmware.js b/js/gdm/vmware.js index 20d57e8a28..eeedabe43c 100644 --- a/js/gdm/vmware.js +++ b/js/gdm/vmware.js @@ -2,7 +2,6 @@ /* exported getVmwareCredentialsManager */ const Gio = imports.gi.Gio; -const Signals = imports.signals; const Credential = imports.gdm.credentialManager; const dbusPath = '/org/vmware/viewagent/Credentials'; @@ -44,7 +43,6 @@ var VmwareCredentialsManager = class VmwareCredentialsManager extends Credential }); } }; -Signals.addSignalMethods(VmwareCredentialsManager.prototype); function getVmwareCredentialsManager() { if (!_vmwareCredentialsManager) -- GitLab From 48a7f2015d56a434a8ea7228963736ac92332254 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 18:41:47 +0100 Subject: [PATCH 2/9] oVirt/vmware: Do not use a full proxy to only listen a signal Credentials manager only need to listen to a specific signal, so do not use a proxy for that, we can just keep a listener on the connection. --- js/gdm/oVirt.js | 31 +++++++------------------------ js/gdm/vmware.js | 36 ++++++++---------------------------- 2 files changed, 15 insertions(+), 52 deletions(-) diff --git a/js/gdm/oVirt.js b/js/gdm/oVirt.js index a90d76f271..538ed2aeae 100644 --- a/js/gdm/oVirt.js +++ b/js/gdm/oVirt.js @@ -6,36 +6,19 @@ const Credential = imports.gdm.credentialManager; var SERVICE_NAME = 'gdm-ovirtcred'; -const OVirtCredentialsIface = ` - - - - - - -`; - -const OVirtCredentialsInfo = Gio.DBusInterfaceInfo.new_for_xml(OVirtCredentialsIface); +const credentialsIface = 'org.ovirt.vdsm.Credentials'; +const credentialsPath = '/org/ovirt/vdsm/Credentials'; let _oVirtCredentialsManager = null; -function OVirtCredentials() { - var self = new Gio.DBusProxy({ g_connection: Gio.DBus.system, - g_interface_name: OVirtCredentialsInfo.name, - g_interface_info: OVirtCredentialsInfo, - g_name: 'org.ovirt.vdsm.Credentials', - g_object_path: '/org/ovirt/vdsm/Credentials', - g_flags: Gio.DBusProxyFlags.DO_NOT_LOAD_PROPERTIES }); - self.init(null); - return self; -} - var OVirtCredentialsManager = class OVirtCredentialsManager extends Credential.CredentialManager { constructor() { super(SERVICE_NAME); - this._credentials = new OVirtCredentials(); - this._credentials.connectSignal('UserAuthenticated', - (proxy, sender, [token]) => { + + Gio.DBus.system.signal_subscribe(credentialsIface, credentialsIface, + 'UserAuthenticated', credentialsPath, null, + Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { + const [token] = params.deep_unpack(); this.token = token; }); } diff --git a/js/gdm/vmware.js b/js/gdm/vmware.js index eeedabe43c..efc6126022 100644 --- a/js/gdm/vmware.js +++ b/js/gdm/vmware.js @@ -1,44 +1,24 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- /* exported getVmwareCredentialsManager */ -const Gio = imports.gi.Gio; +const { Gio } = imports.gi; const Credential = imports.gdm.credentialManager; -const dbusPath = '/org/vmware/viewagent/Credentials'; -const dbusInterface = 'org.vmware.viewagent.Credentials'; - var SERVICE_NAME = 'gdm-vmwcred'; -const VmwareCredentialsIface = ' \ - \ - \ - \ - \ - \ -'; - - -const VmwareCredentialsInfo = Gio.DBusInterfaceInfo.new_for_xml(VmwareCredentialsIface); +const credentialsPath = '/org/vmware/viewagent/Credentials'; +const credentialsIface = 'org.vmware.viewagent.Credentials'; let _vmwareCredentialsManager = null; -function VmwareCredentials() { - var self = new Gio.DBusProxy({ g_connection: Gio.DBus.session, - g_interface_name: VmwareCredentialsInfo.name, - g_interface_info: VmwareCredentialsInfo, - g_name: dbusInterface, - g_object_path: dbusPath, - g_flags: Gio.DBusProxyFlags.DO_NOT_LOAD_PROPERTIES }); - self.init(null); - return self; -} - var VmwareCredentialsManager = class VmwareCredentialsManager extends Credential.CredentialManager { constructor() { super(SERVICE_NAME); - this._credentials = new VmwareCredentials(); - this._credentials.connectSignal('UserAuthenticated', - (proxy, sender, [token]) => { + + Gio.DBus.system.signal_subscribe(credentialsIface, credentialsIface, + 'UserAuthenticated', credentialsPath, null, + Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { + const [token] = params.deep_unpack(); this.token = token; }); } -- GitLab From 96908f3dfef8c8ac8a926032a9e02fa49eeaa48d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 20:15:42 +0100 Subject: [PATCH 3/9] credentialManager: Add generic DBusCredentialManager implementation We basically do the same thing in all the implementations, they differ only on dbus name, interfaces and paths, so we can just define a generic base class that can be implemented by all the credentials managers that will use a DBus server. --- js/gdm/credentialManager.js | 25 ++++++++++++++++++++++++- js/gdm/oVirt.js | 12 ++---------- js/gdm/vmware.js | 12 ++---------- 3 files changed, 28 insertions(+), 21 deletions(-) diff --git a/js/gdm/credentialManager.js b/js/gdm/credentialManager.js index e768f0e8fd..6d157fbcc1 100644 --- a/js/gdm/credentialManager.js +++ b/js/gdm/credentialManager.js @@ -1,6 +1,7 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- -/* exported CredentialManager */ +/* exported CredentialManager, DBusCredentialManager */ +const { Gio } = imports.gi; const Signals = imports.signals; var CredentialManager = class CredentialManager { @@ -10,6 +11,10 @@ var CredentialManager = class CredentialManager { this._authenticatedSignalId = null; } + destroy() { + this.disconnectAll(); + } + get token() { return this._token; } @@ -25,3 +30,21 @@ var CredentialManager = class CredentialManager { } }; Signals.addSignalMethods(CredentialManager.prototype); + + +var DBusCredentialManager = class extends CredentialManager { + constructor(service, dbusName, dbusIface, dbusPath) { + super(service); + + Gio.DBus.system.signal_subscribe(dbusName, + dbusIface, 'UserAuthenticated', dbusPath, null, + Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { + const [token] = params.deep_unpack(); + this._onUserAuthenticated(token); + }); + } + + _onUserAuthenticated(token) { + this.token = token; + } +}; diff --git a/js/gdm/oVirt.js b/js/gdm/oVirt.js index 538ed2aeae..e356f88e2e 100644 --- a/js/gdm/oVirt.js +++ b/js/gdm/oVirt.js @@ -1,7 +1,6 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- /* exported getOVirtCredentialsManager */ -const Gio = imports.gi.Gio; const Credential = imports.gdm.credentialManager; var SERVICE_NAME = 'gdm-ovirtcred'; @@ -11,16 +10,9 @@ const credentialsPath = '/org/ovirt/vdsm/Credentials'; let _oVirtCredentialsManager = null; -var OVirtCredentialsManager = class OVirtCredentialsManager extends Credential.CredentialManager { +var OVirtCredentialsManager = class OVirtCredentialsManager extends Credential.DBusCredentialManager { constructor() { - super(SERVICE_NAME); - - Gio.DBus.system.signal_subscribe(credentialsIface, credentialsIface, - 'UserAuthenticated', credentialsPath, null, - Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { - const [token] = params.deep_unpack(); - this.token = token; - }); + super(SERVICE_NAME, credentialsIface, credentialsIface, credentialsPath); } }; diff --git a/js/gdm/vmware.js b/js/gdm/vmware.js index efc6126022..ed65b58ab4 100644 --- a/js/gdm/vmware.js +++ b/js/gdm/vmware.js @@ -1,7 +1,6 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- /* exported getVmwareCredentialsManager */ -const { Gio } = imports.gi; const Credential = imports.gdm.credentialManager; var SERVICE_NAME = 'gdm-vmwcred'; @@ -11,16 +10,9 @@ const credentialsIface = 'org.vmware.viewagent.Credentials'; let _vmwareCredentialsManager = null; -var VmwareCredentialsManager = class VmwareCredentialsManager extends Credential.CredentialManager { +var VmwareCredentialsManager = class VmwareCredentialsManager extends Credential.DBusCredentialManager { constructor() { - super(SERVICE_NAME); - - Gio.DBus.system.signal_subscribe(credentialsIface, credentialsIface, - 'UserAuthenticated', credentialsPath, null, - Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { - const [token] = params.deep_unpack(); - this.token = token; - }); + super(SERVICE_NAME, credentialsIface, credentialsIface, credentialsPath); } }; -- GitLab From 7d17fd561711d9172533e8b6cfe070dfae9962d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 19:37:07 +0100 Subject: [PATCH 4/9] gdm: Use a Map to hold the credential managers It allows us to do some operations easily and avoid iterating over the object values with old-style and redoundant for. --- js/gdm/util.js | 46 ++++++++++++++++++++-------------------------- 1 file changed, 20 insertions(+), 26 deletions(-) diff --git a/js/gdm/util.js b/js/gdm/util.js index 1ee84acde2..42eb31e6ca 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -178,20 +178,17 @@ var ShellUserVerifier = class { this._failCounter = 0; this._unavailableServices = new Set(); - this._credentialManagers = {}; - this._credentialManagers[OVirt.SERVICE_NAME] = OVirt.getOVirtCredentialsManager(); - this._credentialManagers[Vmware.SERVICE_NAME] = Vmware.getVmwareCredentialsManager(); - - for (let service in this._credentialManagers) { - if (this._credentialManagers[service].token) { - this._onCredentialManagerAuthenticated(this._credentialManagers[service], - this._credentialManagers[service].token); - } + this._credentialManagers = new Map(); + this._credentialManagers.set(OVirt.SERVICE_NAME, OVirt.getOVirtCredentialsManager()); + this._credentialManagers.set(Vmware.SERVICE_NAME, Vmware.getVmwareCredentialsManager()); - this._credentialManagers[service]._authenticatedSignalId = - this._credentialManagers[service].connect('user-authenticated', - this._onCredentialManagerAuthenticated.bind(this)); - } + this._credentialManagers.forEach(service => { + if (service.token) + this._onCredentialManagerAuthenticated(service, service.token); + + service._authenticatedSignalId = service.connect('user-authenticated', + this._onCredentialManagerAuthenticated.bind(this)); + }); } get hasPendingMessages() { @@ -260,11 +257,11 @@ var ShellUserVerifier = class { this._smartcardManager.disconnect(this._smartcardRemovedId); this._smartcardManager = null; - for (let service in this._credentialManagers) { - let credentialManager = this._credentialManagers[service]; - credentialManager.disconnect(credentialManager._authenticatedSignalId); - credentialManager = null; - } + this._credentialManagers.forEach(service => { + service.disconnect(service._authenticatedSignalId); + delete service._authenticatedSignalId; + }); + this._credentialManagers.clear(); } answerQuery(serviceName, answer) { @@ -644,10 +641,8 @@ var ShellUserVerifier = class { if (!this.serviceIsForeground(serviceName)) return; - let token = null; - if (this._credentialManagers[serviceName]) - token = this._credentialManagers[serviceName].token; + const token = this._credentialManagers.get(serviceName)?.token; if (token) { this.answerQuery(serviceName, token); return; @@ -738,10 +733,9 @@ var ShellUserVerifier = class { // If the login failed with the preauthenticated oVirt credentials // then discard the credentials and revert to default authentication // mechanism. - let foregroundService = Object.keys(this._credentialManagers).find(service => - this.serviceIsForeground(service)); - if (foregroundService) { - this._credentialManagers[foregroundService].token = null; + const foregroundService = this.serviceIsForeground(serviceName); + if (foregroundService && this._credentialManagers.has(serviceName)) { + this._credentialManagers.get(serviceName).token = null; this._preemptingService = null; this._verificationFailed(serviceName, false); return; @@ -755,7 +749,7 @@ var ShellUserVerifier = class { // if the password service fails, then cancel everything. // But if, e.g., fingerprint fails, still give // password authentication a chance to succeed - if (this.serviceIsForeground(serviceName)) + if (foregroundService) this._failCounter++; this._verificationFailed(serviceName, true); -- GitLab From 8ca17b0c9630ce11516ebac281fd22cdc4a9e69d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 20:39:27 +0100 Subject: [PATCH 5/9] oVirt/vmware: Do not use a singleton to initialize credential managers There's no point to keep the credentials manager around when not in lockscreen or login screen, so we can avoid use a singleton to create them, and initialize an instance only when needed. While it's true that oVirt can be initialized multiple times (during lock screen), the implementation is small enough that there's no problem in having couple of instances active when screen is locked. --- js/gdm/credentialManager.js | 11 ++++++++++- js/gdm/oVirt.js | 13 ++----------- js/gdm/util.js | 9 +++------ js/gdm/vmware.js | 13 ++----------- js/ui/screenShield.js | 17 +++++++++++------ 5 files changed, 28 insertions(+), 35 deletions(-) diff --git a/js/gdm/credentialManager.js b/js/gdm/credentialManager.js index 6d157fbcc1..21fb76471e 100644 --- a/js/gdm/credentialManager.js +++ b/js/gdm/credentialManager.js @@ -36,7 +36,7 @@ var DBusCredentialManager = class extends CredentialManager { constructor(service, dbusName, dbusIface, dbusPath) { super(service); - Gio.DBus.system.signal_subscribe(dbusName, + this._subscriptionId = Gio.DBus.system.signal_subscribe(dbusName, dbusIface, 'UserAuthenticated', dbusPath, null, Gio.DBusSignalFlags.NONE, (_c, _sender, _path, _iface, _signal, params) => { const [token] = params.deep_unpack(); @@ -47,4 +47,13 @@ var DBusCredentialManager = class extends CredentialManager { _onUserAuthenticated(token) { this.token = token; } + + destroy() { + if (this._subscriptionId) { + Gio.DBus.system.signal_unsubscribe(this._subscriptionId); + delete this._subscriptionId; + } + + super.destroy(); + } }; diff --git a/js/gdm/oVirt.js b/js/gdm/oVirt.js index e356f88e2e..e36e318a34 100644 --- a/js/gdm/oVirt.js +++ b/js/gdm/oVirt.js @@ -1,5 +1,5 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- -/* exported getOVirtCredentialsManager */ +/* exported CredentialsManager */ const Credential = imports.gdm.credentialManager; @@ -8,17 +8,8 @@ var SERVICE_NAME = 'gdm-ovirtcred'; const credentialsIface = 'org.ovirt.vdsm.Credentials'; const credentialsPath = '/org/ovirt/vdsm/Credentials'; -let _oVirtCredentialsManager = null; - -var OVirtCredentialsManager = class OVirtCredentialsManager extends Credential.DBusCredentialManager { +var CredentialsManager = class extends Credential.DBusCredentialManager { constructor() { super(SERVICE_NAME, credentialsIface, credentialsIface, credentialsPath); } }; - -function getOVirtCredentialsManager() { - if (!_oVirtCredentialsManager) - _oVirtCredentialsManager = new OVirtCredentialsManager(); - - return _oVirtCredentialsManager; -} diff --git a/js/gdm/util.js b/js/gdm/util.js index 42eb31e6ca..bcc9232ddb 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -179,8 +179,8 @@ var ShellUserVerifier = class { this._unavailableServices = new Set(); this._credentialManagers = new Map(); - this._credentialManagers.set(OVirt.SERVICE_NAME, OVirt.getOVirtCredentialsManager()); - this._credentialManagers.set(Vmware.SERVICE_NAME, Vmware.getVmwareCredentialsManager()); + this._credentialManagers.set(OVirt.SERVICE_NAME, new OVirt.CredentialsManager()); + this._credentialManagers.set(Vmware.SERVICE_NAME, new Vmware.CredentialsManager()); this._credentialManagers.forEach(service => { if (service.token) @@ -257,10 +257,7 @@ var ShellUserVerifier = class { this._smartcardManager.disconnect(this._smartcardRemovedId); this._smartcardManager = null; - this._credentialManagers.forEach(service => { - service.disconnect(service._authenticatedSignalId); - delete service._authenticatedSignalId; - }); + this._credentialManagers.forEach(s => s.destroy()); this._credentialManagers.clear(); } diff --git a/js/gdm/vmware.js b/js/gdm/vmware.js index ed65b58ab4..dd6fc841a1 100644 --- a/js/gdm/vmware.js +++ b/js/gdm/vmware.js @@ -1,5 +1,5 @@ // -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- -/* exported getVmwareCredentialsManager */ +/* exported CredentialsManager */ const Credential = imports.gdm.credentialManager; @@ -8,17 +8,8 @@ var SERVICE_NAME = 'gdm-vmwcred'; const credentialsPath = '/org/vmware/viewagent/Credentials'; const credentialsIface = 'org.vmware.viewagent.Credentials'; -let _vmwareCredentialsManager = null; - -var VmwareCredentialsManager = class VmwareCredentialsManager extends Credential.DBusCredentialManager { +var CredentialsManager = class extends Credential.DBusCredentialManager { constructor() { super(SERVICE_NAME, credentialsIface, credentialsIface, credentialsPath); } }; - -function getVmwareCredentialsManager() { - if (!_vmwareCredentialsManager) - _vmwareCredentialsManager = new VmwareCredentialsManager(); - - return _vmwareCredentialsManager; -} diff --git a/js/ui/screenShield.js b/js/ui/screenShield.js index 9a64fc32c3..68651112d1 100644 --- a/js/ui/screenShield.js +++ b/js/ui/screenShield.js @@ -89,12 +89,17 @@ var ScreenShield = class { this._activateDialog(); }); - this._oVirtCredentialsManager = OVirt.getOVirtCredentialsManager(); - this._oVirtCredentialsManager.connect('user-authenticated', - () => { - if (this._isLocked) - this._activateDialog(); - }); + this.connect('locked-changed', () => { + if (!this._isLocked) { + this._oVirtCredentialsManager?.destroy(); + delete this._oVirtCredentialsManager; + return; + } + + this._oVirtCredentialsManager = new OVirt.CredentialsManager(); + this._oVirtCredentialsManager.connect('user-authenticated', + () => this._activateDialog()); + }); this._loginManager = LoginManager.getLoginManager(); this._loginManager.connect('prepare-for-sleep', -- GitLab From fcbadf9319f60204e683d0f76e595570319f8689 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 20:59:04 +0100 Subject: [PATCH 6/9] screenShield: React to to smartcard-inserted events only during lockscreen There's no point to monitor changes otherwise --- js/ui/screenShield.js | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/js/ui/screenShield.js b/js/ui/screenShield.js index 68651112d1..58de186d97 100644 --- a/js/ui/screenShield.js +++ b/js/ui/screenShield.js @@ -82,20 +82,27 @@ var ScreenShield = class { this._screenSaverDBus = new ShellDBus.ScreenSaverDBus(this); - this._smartcardManager = SmartcardManager.getSmartcardManager(); - this._smartcardManager.connect('smartcard-inserted', - (manager, token) => { - if (this._isLocked && token.UsedToLogin) - this._activateDialog(); - }); - this.connect('locked-changed', () => { + const smartcardManager = SmartcardManager.getSmartcardManager(); if (!this._isLocked) { this._oVirtCredentialsManager?.destroy(); delete this._oVirtCredentialsManager; + + smartcardManager.disconnect(this._smartcardInsertedId); + delete this._smartcardInsertedId; + return; } + if (smartcardManager.hasInsertedLoginToken()) + this._activateDialog(); + + this._smartcardInsertedId = smartcardManager.connect('smartcard-inserted', + (manager, token) => { + if (token.UsedToLogin) + this._activateDialog(); + }); + this._oVirtCredentialsManager = new OVirt.CredentialsManager(); this._oVirtCredentialsManager.connect('user-authenticated', () => this._activateDialog()); -- GitLab From 58e1c5cf743a8253eef79b652e7c7444be535788 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 20:59:28 +0100 Subject: [PATCH 7/9] smartcardManager: Dispose the token when removed When a token that is actually a GDBus proxy is removed we don't need it anymore but we're still monitoring its dbus properties. To avoid that we used to use disconnectAll(), but the token is not implementing the Signals interface being a native GOjbect, so this won't do anything. So, instead of just disconnecting the signal we connect to, we can just safely dispose the object, to ignore gdbus events. --- js/misc/smartcardManager.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js index d9b6ff4747..868734892b 100644 --- a/js/misc/smartcardManager.js +++ b/js/misc/smartcardManager.js @@ -95,7 +95,7 @@ var SmartcardManager = class { if (this._loginToken == token) this._loginToken = null; - token.disconnectAll(); + token.run_dispose(); } hasInsertedTokens() { -- GitLab From 0d82092ebcf8ff7c8b50c69e41469c389fbf60a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 21:19:47 +0100 Subject: [PATCH 8/9] gdm: Only reset the preempting Service after verification-failed event When the preempting service is set that will be our foreground service. If a conversation is stopped we're going to mark the verification as failed and during the callback we may still be able to check whether if the failed service was the foreground one or not. So, in order to ensure that when verification-failed is emitted we preserve the previous state, just unset the preempting service once we've notified our clients. --- js/gdm/util.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/gdm/util.js b/js/gdm/util.js index bcc9232ddb..bdbb3cd9e4 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -733,8 +733,8 @@ var ShellUserVerifier = class { const foregroundService = this.serviceIsForeground(serviceName); if (foregroundService && this._credentialManagers.has(serviceName)) { this._credentialManagers.get(serviceName).token = null; - this._preemptingService = null; this._verificationFailed(serviceName, false); + this._preemptingService = null; return; } -- GitLab From b09735c2cddbd5f4921bd7983ad5ad88b7d283bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Fri, 19 Feb 2021 21:29:49 +0100 Subject: [PATCH 9/9] authPrompt: Only clear the entry if the failed service was the querying service As we don't animate if a non-querying service failed, we can just avoid clearing the interface in such case. Given that clearing implies also unsetting the default actor in button well (so hiding the spinner these days), we can just remove this call instead of repeat it under the same if. --- js/gdm/authPrompt.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/js/gdm/authPrompt.js b/js/gdm/authPrompt.js index d2c9a16594..dce4f441fa 100644 --- a/js/gdm/authPrompt.js +++ b/js/gdm/authPrompt.js @@ -281,10 +281,11 @@ var AuthPrompt = GObject.registerClass({ _onVerificationFailed(userVerifier, serviceName, canRetry) { const wasQueryingService = this._queryingService === serviceName; this._queryingService = null; - this.clear(); + + if (wasQueryingService) + this.clear(); this.updateSensitivity(canRetry); - this.setActorInDefaultButtonWell(null); this.verificationStatus = AuthPromptStatus.VERIFICATION_FAILED; if (wasQueryingService) -- GitLab