From a7afe91e652b20b764c78ca9508cdd8f0a27dd8f Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Tue, 6 Sep 2016 15:08:26 -0500
Subject: [PATCH] Do not start card authentication unless PKCS logins were
 enabled Rename UserList class in kgreeter.cpp to avoid conflict with TDE LDAP
 library class name

---
 kdesktop/lock/CMakeLists.txt |  5 ++++-
 kdesktop/lock/lockdlg.cc     | 11 +++++++++++
 tdm/kfrontend/CMakeLists.txt |  4 +++-
 tdm/kfrontend/kgreeter.cpp   | 21 ++++++++++++++++-----
 4 files changed, 34 insertions(+), 7 deletions(-)

diff --git a/kdesktop/lock/CMakeLists.txt b/kdesktop/lock/CMakeLists.txt
index 2bbe4b289..a0ec2f08a 100644
--- a/kdesktop/lock/CMakeLists.txt
+++ b/kdesktop/lock/CMakeLists.txt
@@ -19,10 +19,12 @@ include_directories(
   ${CMAKE_SOURCE_DIR}/kcheckpass
   ${TDE_INCLUDE_DIR}
   ${TQT_INCLUDE_DIRS}
+  ${KRB5_INCLUDE_DIRS}
 )
 
 link_directories(
   ${TQT_LIBRARY_DIRS}
+  ${TDE_LIB_DIR}
 )
 
 
@@ -38,6 +40,7 @@ set( ${target}_SRCS
 tde_add_executable( ${target} AUTOMOC
   SOURCES ${${target}_SRCS}
   LINK kdesktopsettings-static dmctl-static tdeio-shared Xext
-    pthread ${GL_LIBRARIES} "${LINKER_IMMEDIATE_BINDING_FLAGS}"
+    pthread ${GL_LIBRARIES} ${LIBTDELDAP_LIBRARIES}
+    "${LINKER_IMMEDIATE_BINDING_FLAGS}"
   DESTINATION ${BIN_INSTALL_DIR}
 )
diff --git a/kdesktop/lock/lockdlg.cc b/kdesktop/lock/lockdlg.cc
index 8202a7f68..1be892e2a 100644
--- a/kdesktop/lock/lockdlg.cc
+++ b/kdesktop/lock/lockdlg.cc
@@ -58,6 +58,10 @@
 #include <X11/Xatom.h>
 #include <fixx11h.h>
 
+#ifdef HAVE_KRB5
+#include <tde/libtdeldap.h>
+#endif
+
 #ifndef AF_LOCAL
 # define AF_LOCAL	AF_UNIX
 #endif
@@ -970,6 +974,13 @@ void PasswordDlg::capsLocked()
 }
 
 void PasswordDlg::attemptCardLogin() {
+#ifdef HAVE_KRB5
+	/* Make sure card logins are enabled before attempting one */
+	if (!LDAPManager::pkcsLoginEnabled()) {
+		return;
+	}
+#endif
+
 	if (mCardLoginInProgress) {
 		return;
 	}
diff --git a/tdm/kfrontend/CMakeLists.txt b/tdm/kfrontend/CMakeLists.txt
index ab2ddc691..1de0d14fb 100644
--- a/tdm/kfrontend/CMakeLists.txt
+++ b/tdm/kfrontend/CMakeLists.txt
@@ -22,11 +22,13 @@ include_directories(
   ${CMAKE_SOURCE_DIR}/kcontrol/background
   ${TDE_INCLUDE_DIR}
   ${TQT_INCLUDE_DIRS}
+  ${KRB5_INCLUDE_DIRS}
 )
 
 link_directories(
   ${TQT_LIBRARY_DIRS}
   ${LIBART_LIBRARY_DIRS}
+  ${TDE_LIB_DIR}
 )
 
 
@@ -68,7 +70,7 @@ tde_add_executable( tdm_greet AUTOMOC
     kfdialog.cpp kgdialog.cpp kchooser.cpp kgverify.cpp
     tdmshutdown.cpp tdmadmindialog.cpp kgreeter.cpp
     kgapp.cpp sakdlg.cc
-  LINK tdmthemer-static tdeui-shared tdeio-shared dmctl-static Xtst ${TDMGREET_OPTIONAL_LINK}
+  LINK tdmthemer-static tdeui-shared tdeio-shared dmctl-static Xtst ${LIBTDELDAP_LIBRARIES} ${TDMGREET_OPTIONAL_LINK}
   DESTINATION ${BIN_INSTALL_DIR}
 )
 
diff --git a/tdm/kfrontend/kgreeter.cpp b/tdm/kfrontend/kgreeter.cpp
index e2791d43a..1143a8609 100644
--- a/tdm/kfrontend/kgreeter.cpp
+++ b/tdm/kfrontend/kgreeter.cpp
@@ -99,6 +99,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 #include <X11/Xlib.h>
 
+#ifdef HAVE_KRB5
+#include <tde/libtdeldap.h>
+#endif
+
 #define FIFO_DIR "/tmp/tdesocket-global/tdm"
 #define FIFO_FILE "/tmp/tdesocket-global/tdm/tdmctl-%1"
 #define FIFO_SAK_FILE "/tmp/tdesocket-global/tdm/tdmctl-sak-%1"
@@ -437,9 +441,9 @@ class KCStringList : public TQValueList<TQCString> {
 	}
 };
 
-class UserList {
+class KGreeterUserList {
   public:
-	UserList( char **in );
+	KGreeterUserList( char **in );
 	bool hasUser( const char *str ) const { return users.contains( str ); }
 	bool hasGroup( gid_t gid ) const
 		{ return groups.find( gid ) != groups.end(); }
@@ -450,7 +454,7 @@ class UserList {
 	TQValueList<gid_t> groups;
 };
 
-UserList::UserList( char **in )
+KGreeterUserList::KGreeterUserList( char **in )
 {
 	struct group *grp;
 
@@ -485,7 +489,7 @@ KGreeter::insertUsers(int limit_users)
 			  default_pix.convertDepth( 32 ).smoothScale( ns, TQ_ScaleMin );
 	}
 	if (_showUsers == SHOW_ALL) {
-		UserList noUsers( _noUsers );
+		KGreeterUserList noUsers( _noUsers );
 		TQDict<int> dupes( 1000 );	// Potential crash risk with buffer overrun?
                 TQStringList toinsert;
                 int count = 0;
@@ -551,7 +555,7 @@ KGreeter::insertUsers(int limit_users)
                         insertUser( default_pix, *it, ps );
                 }
 	} else {
-		UserList users( _users );
+		KGreeterUserList users( _users );
 		if (users.hasGroups()) {
 			TQDict<int> dupes( 1000 );
 			for (setpwent(); (ps = getpwent()) != 0;) {
@@ -856,6 +860,13 @@ KGreeter::verifySetUser( const TQString &user )
 }
 
 void KGreeter::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) {
+#ifdef HAVE_KRB5
+	/* Make sure card logins are enabled before attempting one */
+	if (!LDAPManager::pkcsLoginEnabled()) {
+		return;
+	}
+#endif
+
 	TQString login_name = TQString::null;
 	X509CertificatePtrList certList = cdevice->cardX509Certificates();
 	if (certList.count() > 0) {