diff options
-rw-r--r-- | pam_network_manager_helper.c | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/pam_network_manager_helper.c b/pam_network_manager_helper.c index c90fa8c..8447211 100644 --- a/pam_network_manager_helper.c +++ b/pam_network_manager_helper.c @@ -201,7 +201,6 @@ static void add_cb(UNUSED NMRemoteSettings *settings, NMRemoteConnection *con, G static void delete_cb(UNUSED NMRemoteConnection *connection, UNUSED GError *error, gpointer user_data) { cb_arg *arg = user_data; - g_main_loop_quit(arg->loop); } @@ -210,7 +209,36 @@ static void read_cb(UNUSED NMRemoteSettings *settings, gpointer user_data) { g_main_loop_quit(arg->loop); } -static gboolean handle_old_connection(NMRemoteSettings *settings, cb_arg *arg) { +static gboolean match_connection_user(NMConnection *connection, const char *user) { + NMSetting8021x *setting = nm_connection_get_setting_802_1x(connection); + if (!setting) + return FALSE; + + const char *identity = nm_setting_802_1x_get_identity(setting); + if (!identity) + return FALSE; + + return (strcmp(identity, user) == 0); +} + +static gboolean is_connection_active(NMConnection *connection, cb_arg *arg) { + NMDevice *device = find_device(arg->client); + if (!device) + return FALSE; + + NMActiveConnection *active_connection = nm_device_get_active_connection(device); + if (!active_connection) + return FALSE; + + if (strcmp(nm_connection_get_path(connection), nm_active_connection_get_connection(active_connection)) != 0) + return FALSE; + + NMActiveConnectionState state = nm_active_connection_get_state(active_connection); + + return (state == NM_ACTIVE_CONNECTION_STATE_ACTIVATED); +} + +static gboolean handle_old_connection(NMRemoteSettings *settings, const char *user, cb_arg *arg) { NMRemoteConnection *con = NULL; g_signal_connect(settings, NM_REMOTE_SETTINGS_CONNECTIONS_READ, @@ -222,6 +250,9 @@ static gboolean handle_old_connection(NMRemoteSettings *settings, cb_arg *arg) { if (!con) goto end; + if (match_connection_user(NM_CONNECTION(con), user) && is_connection_active(NM_CONNECTION(con), arg)) + return TRUE; + nm_remote_connection_delete(con, delete_cb, arg); g_main_loop_run(arg->loop); @@ -250,8 +281,8 @@ static int authenticate(const char *user, const char *pass) { if (!settings) goto end; - if (handle_old_connection(settings, &arg)) { - arg.ret = PAM_SUCCESS; + if (handle_old_connection(settings, user, &arg)) { + arg.ret = PAM_IGNORE; goto end; } |