From ce8b568934fcb621f7ffaef18d55f0218d7b76d2 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Thu, 13 Mar 2014 20:30:05 +0100
Subject: pam: Allow unlock_keyring() to be called with a NULL password

This happens when doing auto-login. The various side effects
of unlock_keyring (including setting *need_daemon) are valuable
even in the cases where password is NULL.

Add a test that checks that the daemon starts as expected when
the user did not authenticate.

http://bugzilla.gnome.org/show_bug.cgi?id=726245
---
 pam/gkr-pam-module.c |  1 -
 pam/test-pam.c       | 30 ++++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

(limited to 'pam')

diff --git a/pam/gkr-pam-module.c b/pam/gkr-pam-module.c
index cd39510f..c06d8321 100644
--- a/pam/gkr-pam-module.c
+++ b/pam/gkr-pam-module.c
@@ -629,7 +629,6 @@ unlock_keyring (pam_handle_t *ph,
 	const char *argv[2];
 	
 	assert (pwd);
-	assert (password);
 
 	control = get_any_env (ph, ENV_CONTROL);
 	argv[0] = password;
diff --git a/pam/test-pam.c b/pam/test-pam.c
index 4000901c..56eebcae 100644
--- a/pam/test-pam.c
+++ b/pam/test-pam.c
@@ -308,6 +308,32 @@ test_starts_creates (Test *test,
 	g_assert (gkd_control_quit (control, 0));
 }
 
+static void
+test_starts_only_session (Test *test,
+		          gconstpointer user_data)
+{
+	const char *pam_conf = user_data;
+	const gchar *control;
+	gchar *login_keyring;
+
+	if (test->skipping)
+		return;
+
+	/* This is the PAM config that starts the daemon from session handler */
+	g_assert (strstr (pam_conf, "session-start") != NULL);
+
+	login_keyring = g_build_filename (test->directory, "login.keyring", NULL);
+	g_assert (!g_file_test (login_keyring, G_FILE_TEST_EXISTS));
+
+	g_assert_cmpint (pam_open_session (test->ph, 0), ==, PAM_SUCCESS);
+
+	g_assert (pam_getenv (test->ph, "GNOME_KEYRING_CONTROL") != NULL);
+	control = pam_getenv (test->ph, "GNOME_KEYRING_CONTROL");
+
+	/* These verify that the daemon was started */
+	g_assert (gkd_control_quit (control, 0));
+}
+
 static void
 test_starts_exists (Test *test,
                     gconstpointer user_data)
@@ -497,6 +523,10 @@ main (int argc, char **argv)
 	            "gnome-keyring-test-session-start",
 	            setup, test_starts_exists, teardown);
 
+	g_test_add ("/pam/session-starts-without-auth", Test,
+	            "gnome-keyring-test-session-start",
+	            setup, test_starts_only_session, teardown);
+
 	g_test_add ("/pam/auth-running-unlocks-existing", Test,
 	            "gnome-keyring-test-no-start",
 	            setup, test_auth_running_unlocks, teardown);
-- 
cgit v1.2.1