session: Threat PAM max retries error as service unavailable

When a service has returned PAM_MAXTRIES error code we should both emit
the error message and also ensure that this service isn't marked as
available again for the current session, to prevent us to restart the
authentication of it.

An example of this can be the PAM fprintd module that will return us a
max retries error when the user tried to use his finger more times than
configured. In such scenario we want to both prompt the error to the
user and prevent that this module is used again if the user can still
use other authentication methods.

So add an error specialization for PAM_MAXTRIES and threat it as service
unavailable error when emitting it.

1 files changed, 7 insertions, 0 deletions

diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index e4d2e3fa..cb53e461 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -1283,6 +1283,13 @@ gdm_session_worker_authenticate_user (GdmSessionWorker *worker,
                              GDM_SESSION_WORKER_ERROR_SERVICE_UNAVAILABLE,
                              "%s", "");
                 goto out;
+        } else if (error_code == PAM_MAXTRIES) {
+                g_debug ("GdmSessionWorker: authentication service had too many retries");
+                g_set_error_literal (error,
+                                     GDM_SESSION_WORKER_ERROR,
+                                     GDM_SESSION_WORKER_ERROR_TOO_MANY_RETRIES,
+                                     get_friendly_error_message (worker, error_code));
+                goto out;
         } else if (error_code != PAM_SUCCESS) {
                 g_debug ("GdmSessionWorker: authentication returned %d: %s", error_code, pam_strerror (worker->priv->pam_handle, error_code));