If the user specified "any" finger, then we would mirror this back even
if there is only one finger available. Change it so that we act as if
that finger was passed explicitly, meaning we use the "verify" method
and also send the signal for the selected finger accordingly.
If a print we have stored locally is not available in device anymore, we
need to cleanup the local database.
We do not get a proper DATA_NOT_FOUND error for most devices (indeed, at
this point no device does this properly). As such, do this when we see a
DATA_NOT_FOUND error and the first time that we get a verify-no-match
results on a device which is capable of listing all known prints.
Co-Authored-by: Marco Trevisan (Treviño) <mail@3v1n0.net>
In case we got a data-not-found error, it means that the device has not
such prints stored, and thus the verification failed, and there's no
need to expose the internal reasons to fprintd clients.
If the client disconnected while the release call was stopping the
current action, then the disconnect will be processed. This means that
the device can be closed already and the session is destroyed.
Add a check for this, in the same way that the vanished handler deals
with this corner case.
This renames the internal "in-use" property to "busy" and redefines the
value to be TRUE either if a client is connected or if the device is
considered WARM or HOT.
This prevents fprintd shutdown while devices are warm in order to ensure
that the libfprint hardware protection is functional.
The test suite ran into a very rare error where it seemed to get stuck
during authorization. A possible explanation is that the priv->_session
pointer re-fetching is optimized away and the pointer just continues to
contain the invalid placeholder rather than an updated value.
Use g_atomic_pointer_get in order to avoid this possibility entirely.
gnome-control-center expects to be able to re-enroll an existing print
when calling EnrollStart without deleting it first. As such, implicitly
delete the existing print rather than throwing an error.
Ideally, we'll change the API, but we need to give API users time to
adjust to the world.
If the device supports listing prints, then we can do more targeted
deletes once the storage runs out. As such, do not try to clear the
storage on first enroll (therefore allowing dual boot setups to work to
a limited degree).
Clear the device storage before we enroll the first print. At that
point, we know that the storage should be completely empty and we have
no way of deleting "garbage" prints later if the device does not support
listing prints.
This makes little sense. Users should delete the finger before trying to
enroll the same one again. So throw an error at them from EnrollStart
right away.
Fixes: #95
Always do an identify step before starting an enroll. If we find an
existing print, delete or throw an error depending on what is
appropriate.
Doing this ensures that we should not get duplicate prints system wide.
This means we will be able to identify the user that is trying to log
in. But more importantly, we need to do these checks for MoC devices,
which always run "identify" against all device stored prints rather than
the passed gallery.
During VerifyStart we may return early if there are no enrolled prints.
In such case we don't require the verification to be stopped if we're
using identification, but in the verification case we may leave the
device into the verification state.
So ensure we only set the device current state only when we're about to
start it.
Add tests ensuring those cases
The user may have some invalid prints saved (like the ones enrolled with
fprintd 1) in the storage, this lead to list such prints as enrolled but
they're actually not valid.
So load the prints to ensure that those are of the valid type instead of
just discovering them.
We may make just store.discover_prints to be aware of this, but this
would break some assumptions we do in tests, so better to go this way.
We may want to be able to load the user prints to check whether they
are usable, so add an utility function for this.
And use it also in load_all_prints().
It might make sense to push this into the storage layer. But, overall,
it is OK to live here, and if we do make changes on the storage layer we
probably want to change more than just this.
When saving the prints we use g_file_set_contents under the hood and in
case return its error code that is a positive value.
So in such case we don't fail if we have a write failure at the end of
the enrollment.
While we could ensure in file storage to always return a negative value,
it's always better to ensure that is has to be 0 when we didn't get an
error.
Add a test checking for this case.
When claiming a device for delete operation we'd not get an error in
case we can claim it but it's not already claimed, so in such case we
should explicitly check that the device has been opened.
When a device has reported the verification status the client should
call VerifyStop to stop the device, however this under the hood may lead
to a premature cancellation, causing the device not to react as expected
in case the finger is still on the sensor or in case it may return to us
some errors that we may want to handle (like the data-missing one).
So, in case we are about to stop the verification and the operation is
still in process, wait for a maximum timeout before proceed to the
cancellation.
However, while waiting, the action may be also cancelled because of a
call to Release() or because the client vanished, and in such case we
have to ensure that the current invocation is saved for being invoked by
stoppable_action_completed() when callback will return. That will also
unset it, and that's a clear indication for us that it has been already
consumed, and thus that we can just return doing nothing else.
Fixes: #100
In case we get concurrent requests on EnrollStart/EnrollStop we'd just
continue with the operation, making the first processed request to start
the process and the second to hang (in code before the introduction of
stoppable_action_stop()) or to crash (in the current code).
So in such case we should always check that we're not handling already
the request, by checking priv->current_cancel_invocation value.
Add tests to verify the race.
Add a method to delete only a Fingerprint for a device, this is required
by they g-c-c UI design and at the same time it reflects the libfprint
API, where so far only a fingerprint at time can be deleted.
libfprint v1.90.4 introduced a new finger status API to expose to the UI
the finger status on sensor.
Add two new properties to the Device interface that represent the
possible values.
Add new tests.
The device DBus skeleton interface already implements caching for the
properties and can smartly handle their update sending (batched) dbus
events on changes.
Even if the default properties are only read only and we don't care, we
are going to introduce properties that will change values, and so having
the skeleton to handle this for us is quite convenient.
Given that we don't really need to override those properties, we can
just set them at start and leave the skeleton cache to handle the rest.
In case we'd ever need to override them, however the skeleton also
provides a way to override all the properties and to get a reference of
the number of properties it defines, ensuring to keep the order they are
defined.
This would allow us to get back the parent's properties IDs and to use
this to implement ours properties getters/setters using the parent one
as fallback.
This makes garbage collection a bit more predictable overall. Note that
we'll first delete prints that we do not know the age of.
If we cannot sort them by age, then randomize the order so that we don't
end up deleting in the order that the device returned the prints.
The stoppable actions (Verify/Enroll) have the same logic during
completion. Create a common function to share this logic instead of
copying it in each of the handlers.
Fixes: #97
