Fix PAM conversations after authentication from locking up sessions

Fix PAM informational messages locking up autologin

6 files changed, 81 insertions, 2 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index d7011ef9..d036b0b1 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -15,6 +15,8 @@ TESTS = \
 	test-autologin-session-crash \
 	test-autologin-password \
 	test-autologin-new-authtok \
+	test-pam \
+	test-login-pam \
 	test-denied \
 	test-expired \
 	test-cred-error \
@@ -106,7 +108,6 @@ TESTS = \
 	test-switch-to-user-existing-session \
 	test-switch-to-user-no-password \
 	test-switch-to-user-logout \
-	scripts/util-path.conf \
 	test-vnc-login \
 	test-xdmcp-login \
 	test-no-accounts-service \
@@ -205,6 +206,7 @@ EXTRA_DIST = \
 	scripts/login-multi-info-prompt.conf \
 	scripts/login-new-authtok.conf \
 	scripts/login-no-password.conf \
+	scripts/login-pam.conf \
 	scripts/login-pick-session.conf \
 	scripts/login-previous-session.conf \
 	scripts/login-two-factor.conf \
@@ -216,6 +218,7 @@ EXTRA_DIST = \
 	scripts/no-console-kit.conf \
 	scripts/no-keyboard-layout.conf \
 	scripts/no-language.conf \
+	scripts/pam.conf \
 	scripts/plymouth-active-vt.conf \
 	scripts/plymouth-inactive-vt.conf \
 	scripts/plymouth-no-seat.conf \
@@ -235,6 +238,7 @@ EXTRA_DIST = \
 	scripts/switch-to-user-logout.conf \
 	scripts/switch-to-user-no-password.conf \
 	scripts/system-xauthority.conf \
+	scripts/util-path.conf \
 	scripts/user-renamed.conf \
 	scripts/user-renamed-invalid.conf \
 	scripts/vnc-login.conf \
diff --git a/tests/scripts/pam.conf b/tests/scripts/pam.conf
new file mode 100644
index 00000000..64078dc9
--- /dev/null
+++ b/tests/scripts/pam.conf
@@ -0,0 +1,30 @@
+#
+# Check we handle conversations during each PAM method
+#
+
+[LightDM]
+minimum-display-number=50
+
+[SeatDefaults]
+autologin-user=log-pam
+
+#?RUNNER DAEMON-START
+
+# X server starts
+#?XSERVER :50 START
+#?XSERVER :50 INDICATE-READY
+
+# LightDM connects to X server
+#?XSERVER :50 ACCEPT-CONNECT
+
+# Session starts
+#?SESSION :50 START USER=log-pam
+#?XSERVER :50 ACCEPT-CONNECT
+#?SESSION :50 CONNECT-XSERVER
+
+# Cleanup
+#?*STOP-DAEMON
+# Don't know what order they will terminate
+#?(SESSION :50 TERMINATE SIGNAL=15|XSERVER :50 TERMINATE SIGNAL=15)
+#?(SESSION :50 TERMINATE SIGNAL=15|XSERVER :50 TERMINATE SIGNAL=15)
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/src/libsystem.c b/tests/src/libsystem.c
index 13abda8c..9a8b6de7 100644
--- a/tests/src/libsystem.c
+++ b/tests/src/libsystem.c
@@ -445,6 +445,27 @@ pam_start (const char *service_name, const char *user, const struct pam_conv *co
     return PAM_SUCCESS;
 }
 
+static void
+send_info (pam_handle_t *pamh, const char *message)
+{
+    struct pam_message **msg;
+    struct pam_response *resp = NULL;
+
+    msg = calloc (1, sizeof (struct pam_message *));
+    msg[0] = malloc (sizeof (struct pam_message));
+    msg[0]->msg_style = PAM_TEXT_INFO;
+    msg[0]->msg = message;
+    pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr);
+    free (msg[0]);
+    free (msg);
+    if (resp)
+    {
+        if (resp[0].resp)
+            free (resp[0].resp);
+        free (resp);
+    }
+}
+
 int
 pam_authenticate (pam_handle_t *pamh, int flags)
 {
@@ -484,6 +505,9 @@ pam_authenticate (pam_handle_t *pamh, int flags)
         free (resp);
     }
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_authenticate");
+
     /* Crash on authenticate */
     if (strcmp (pamh->user, "crash-authenticate") == 0)
         kill (getpid (), SIGSEGV);
@@ -731,6 +755,9 @@ pam_open_session (pam_handle_t *pamh, int flags)
     if (strcmp (pamh->user, "session-error") == 0)
         return PAM_SESSION_ERR;
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_open_session");
+
     if (strcmp (pamh->user, "make-home-dir") == 0)
     {
         struct passwd *entry;
@@ -747,6 +774,9 @@ pam_close_session (pam_handle_t *pamh, int flags)
     if (pamh == NULL)
         return PAM_SYSTEM_ERR;
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_close_session");
+
     return PAM_SUCCESS;
 }
 
@@ -759,6 +789,9 @@ pam_acct_mgmt (pam_handle_t *pamh, int flags)
     if (!pamh->user)
         return PAM_USER_UNKNOWN;
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_acct_mgmt");
+
     if (strcmp (pamh->user, "denied") == 0)
         return PAM_PERM_DENIED;
     if (strcmp (pamh->user, "expired") == 0)
@@ -780,6 +813,9 @@ pam_chauthtok (pam_handle_t *pamh, int flags)
     if (pamh == NULL)
         return PAM_SYSTEM_ERR;
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_chauthtok");
+
     msg = malloc (sizeof (struct pam_message *) * 1);
     msg[0] = malloc (sizeof (struct pam_message));
     msg[0]->msg_style = PAM_PROMPT_ECHO_OFF;
@@ -815,6 +851,9 @@ pam_setcred (pam_handle_t *pamh, int flags)
     if (pamh == NULL)
         return PAM_SYSTEM_ERR;
 
+    if (strcmp (pamh->user, "log-pam") == 0)
+        send_info (pamh, "pam_setcred");
+
     /* Put the test directories into the path */
     e = g_strdup_printf ("PATH=%s/tests/src/.libs:%s/tests/src:%s/tests/src:%s/src:%s", BUILDDIR, BUILDDIR, SRCDIR, BUILDDIR, pam_getenv (pamh, "PATH"));
     pam_putenv (pamh, e);
@@ -858,7 +897,7 @@ pam_end (pam_handle_t *pamh, int pam_status)
 {
     if (pamh == NULL)
         return PAM_SYSTEM_ERR;
-
+  
     free (pamh->service_name);
     if (pamh->user)
         free (pamh->user);
diff --git a/tests/src/test-runner.c b/tests/src/test-runner.c
index a8ed5860..491a16c8 100644
--- a/tests/src/test-runner.c
+++ b/tests/src/test-runner.c
@@ -1389,6 +1389,8 @@ main (int argc, char **argv)
         {"cred-expired",     "password", TRUE,  "Cred Expired",       NULL,  NULL, NULL,          NULL,          1028},
         /* This account has cannot access their credentials */
         {"cred-unavail",     "password", TRUE,  "Cred Unavail",       NULL,  NULL, NULL,          NULL,          1029},
+        /* This account sends informational messages for each PAM function that is called */
+        {"log-pam",          "password", TRUE,  "Log PAM",            NULL,  NULL, NULL,          NULL,          1030},
         {NULL,               NULL,       FALSE, NULL,                 NULL,  NULL, NULL,          NULL,             0}
     };
     passwd_data = g_string_new ("");
diff --git a/tests/test-login-pam b/tests/test-login-pam
new file mode 100755
index 00000000..e6e52f25
--- /dev/null
+++ b/tests/test-login-pam
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner login-pam test-gobject-greeter
diff --git a/tests/test-pam b/tests/test-pam
new file mode 100755
index 00000000..d8527e8d
--- /dev/null
+++ b/tests/test-pam
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner pam test-gobject-greeter