diff -up gnome-screensaver-2.26.0/configure.ac.securitytoken gnome-screensaver-2.26.0/configure.ac

--- gnome-screensaver-2.26.0/configure.ac.securitytoken	2009-03-18 13:20:20.000000000 -0400

+++ gnome-screensaver-2.26.0/configure.ac	2009-03-19 00:20:36.625194934 -0400

@@ -45,6 +45,7 @@ GNOME_DESKTOP_REQUIRED_VERSION=2.23.2

 GLADE_REQUIRED_VERSION=2.5.0

 LIBGNOMEKBDUI_REQUIRED_VERSION=0.1

+NSS_REQUIRED_VERSION=3.11.2

 AC_CHECK_HEADERS(unistd.h)

 AC_CHECK_HEADERS(crypt.h sys/select.h)

@@ -59,7 +60,8 @@ PKG_CHECK_MODULES(GNOME_SCREENSAVER,

         dbus-glib-1 >= $DBUS_REQUIRED_VERSION

         gconf-2.0 >= $GCONF_REQUIRED_VERSION

         gnome-desktop-2.0 >= $GNOME_DESKTOP_REQUIRED_VERSION

-        libgnome-menu >= $LIBGNOME_MENU_REQUIRED_VERSION)

+        libgnome-menu >= $LIBGNOME_MENU_REQUIRED_VERSION

+        nss >= $NSS_REQUIRED_VERSION)

 AC_SUBST(GNOME_SCREENSAVER_CFLAGS)

 AC_SUBST(GNOME_SCREENSAVER_LIBS)

@@ -96,8 +98,6 @@ AC_PATH_PROG(GCONFTOOL, gconftool-2)

 AM_GCONF_SOURCE_2

-GNOME_COMPILE_WARNINGS(yes)

-

 # Solaris requires libresolv for daemon()

 case "$host" in

 	*-*-solaris*)

@@ -171,6 +171,13 @@ PKG_CHECK_MODULES(LIB_GNOME_MENU,

 AC_SUBST(LIB_GNOME_MENU_CFLAGS)

 AC_SUBST(LIB_GNOME_MENU_LIBS)

+# security token support

+PKG_CHECK_MODULES(SECURITY_TOKEN,

+        gobject-2.0 >= $GLIB_REQUIRED_VERSION

+        nss >= $NSS_REQUIRED_VERSION)

+AC_SUBST(SECURITY_TOKEN_CFLAGS)

+AC_SUBST(SECURITY_TOKEN_LIBS)

+

 dnl ---------------------------------------------------------------------------

 dnl - Where should we put documentation ?

 dnl ---------------------------------------------------------------------------

diff -up gnome-screensaver-2.26.0/src/gs-auth-pam.c.securitytoken gnome-screensaver-2.26.0/src/gs-auth-pam.c

--- gnome-screensaver-2.26.0/src/gs-auth-pam.c.securitytoken	2009-03-18 11:39:58.000000000 -0400

+++ gnome-screensaver-2.26.0/src/gs-auth-pam.c	2009-03-19 00:20:36.632207149 -0400

@@ -354,6 +354,13 @@ close_pam_handle (int status)

                                    status2,

                                    (status2 == PAM_SUCCESS ? "Success" : "Failure"));

                 }

+

+		/* iterate the glib event loop inbetween processing pam

+		 * messages so that the user interface can be updated

+		 * to reflect changes that are a result of the pam

+		 * messages

+		 */

+		while (g_main_context_iteration (NULL, FALSE));

         }

         if (message_handled_condition != NULL) {

diff -up gnome-screensaver-2.26.0/src/gs-monitor.c.securitytoken gnome-screensaver-2.26.0/src/gs-monitor.c

--- gnome-screensaver-2.26.0/src/gs-monitor.c.securitytoken	2009-03-18 11:39:58.000000000 -0400

+++ gnome-screensaver-2.26.0/src/gs-monitor.c	2009-03-19 00:46:39.466197461 -0400

@@ -41,10 +41,15 @@

 #include "gs-prefs.h"

 #include "gs-debug.h"

+#include "securitytokenmonitor.h"

+

 static void     gs_monitor_class_init (GSMonitorClass *klass);

 static void     gs_monitor_init       (GSMonitor      *monitor);

 static void     gs_monitor_finalize   (GObject        *object);

+static void     gs_monitor_simulate_user_activity (GSMonitor *monitor);

+static void     gs_monitor_lock_screen (GSMonitor *monitor);

+

 #define GS_MONITOR_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GS_TYPE_MONITOR, GSMonitorPrivate))

 struct GSMonitorPrivate

@@ -56,6 +61,7 @@ struct GSMonitorPrivate

         GSFade         *fade;

         GSGrab         *grab;

         guint           release_grab_id;

+        ScSecurityTokenMonitor *security_token_monitor;

 };

 #define FADE_TIMEOUT 10000

@@ -85,6 +91,36 @@ manager_deactivated_cb (GSManager *manag

         gs_listener_set_active (monitor->priv->listener, FALSE);

 }

+static void

+security_token_inserted_cb (ScSecurityTokenMonitor *token_monitor,

+                            ScSecurityToken        *token,

+                            GSMonitor              *monitor)

+{

+        gs_monitor_simulate_user_activity (monitor);

+}

+

+static gboolean

+gs_monitor_should_lock_on_login_security_token_removal (void)

+{

+        /* FIXME: lame hack

+         */

+        return system ("pkcs11_setup rm_action | grep -q lock") == 0;

+}

+

+static void

+security_token_removed_cb (ScSecurityTokenMonitor *token_monitor,

+                           ScSecurityToken        *token,

+                           GSMonitor              *monitor)

+{

+        if (gs_monitor_should_lock_on_login_security_token_removal () &&

+            sc_security_token_is_login_token (token))

+                gs_monitor_lock_screen (monitor);

+

+        /* If we're already locked and the lock dialog is up, kill it.

+         */

+        gs_manager_cancel_unlock_request (monitor->priv->manager);

+}

+

 static gboolean

 watcher_idle_cb (GSWatcher *watcher,

                  gboolean   is_idle,

@@ -165,35 +201,6 @@ watcher_idle_notice_cb (GSWatcher *watch

 }

 static void

-gs_monitor_lock_screen (GSMonitor *monitor)

-{

-        gboolean res;

-        gboolean locked;

-

-        /* set lock flag before trying to activate screensaver

-           in case something tries to react to the ActiveChanged signal */

-

-        gs_manager_get_lock_active (monitor->priv->manager, &locked);

-        gs_manager_set_lock_active (monitor->priv->manager, TRUE);

-        res = gs_listener_set_active (monitor->priv->listener, TRUE);

-        if (! res) {

-                /* If we've failed then restore lock status */

-                gs_manager_set_lock_active (monitor->priv->manager, locked);

-                gs_debug ("Unable to lock the screen");

-        }

-}

-

-static void

-gs_monitor_simulate_user_activity (GSMonitor *monitor)

-{

-        /* FIXME: reset the xsync timer? */

-

-        /* request that the manager unlock -

-           will pop up a dialog if necessary */

-        gs_manager_request_unlock (monitor->priv->manager);

-}

-

-static void

 listener_lock_cb (GSListener *listener,

                   GSMonitor  *monitor)

 {

@@ -401,6 +408,27 @@ connect_manager_signals (GSMonitor *moni

 }

 static void

+disconnect_security_token_monitor_signals (GSMonitor *monitor)

+{

+        g_signal_handlers_disconnect_by_func (monitor->priv->security_token_monitor,

+					      security_token_removed_cb, monitor);

+

+        g_signal_handlers_disconnect_by_func (monitor->priv->security_token_monitor,

+					      security_token_inserted_cb, monitor);

+}

+

+static void

+connect_security_token_monitor_signals (GSMonitor *monitor)

+{

+	g_signal_connect (monitor->priv->security_token_monitor, 

+			  "security-token-removed",

+			  G_CALLBACK (security_token_removed_cb), monitor);

+	g_signal_connect (monitor->priv->security_token_monitor, 

+			  "security-token-inserted",

+			  G_CALLBACK (security_token_inserted_cb), monitor);

+}

+

+static void

 disconnect_prefs_signals (GSMonitor *monitor)

 {

         g_signal_handlers_disconnect_by_func (monitor->priv->prefs, _gs_monitor_update_from_prefs, monitor);

@@ -434,6 +462,26 @@ gs_monitor_init (GSMonitor *monitor)

         monitor->priv->manager = gs_manager_new ();

         connect_manager_signals (monitor);

+	/* PKCS11_LOGIN_TOKEN_NAME is set if the user logged in with a

+	 * security token.

+	 */

+	if (g_getenv ("PKCS11_LOGIN_TOKEN_NAME") != NULL) {

+		monitor->priv->security_token_monitor = sc_security_token_monitor_new (NULL);

+		sc_security_token_monitor_start (monitor->priv->security_token_monitor,

+						 NULL);

+		connect_security_token_monitor_signals (monitor);

+

+		/* if the user logged in with a security token but it's

+		 * not currently inserted, then they must have yanked it

+		 * before we started.  lock the screen immediately

+		 */

+		if (gs_monitor_should_lock_on_login_security_token_removal () &&

+		    !sc_security_token_monitor_login_token_is_inserted (monitor->priv->security_token_monitor))

+			gs_monitor_lock_screen (monitor);

+	} else {

+		monitor->priv->security_token_monitor = NULL;

+	}

+

         _gs_monitor_update_from_prefs (monitor, monitor->priv->prefs);

 }

@@ -449,6 +497,12 @@ gs_monitor_finalize (GObject *object)

         g_return_if_fail (monitor->priv != NULL);

+	if (monitor->priv->security_token_monitor != NULL) {

+		sc_security_token_monitor_stop (monitor->priv->security_token_monitor);

+		disconnect_security_token_monitor_signals (monitor);

+		g_object_unref (monitor->priv->security_token_monitor);

+	}

+

         disconnect_watcher_signals (monitor);

         disconnect_listener_signals (monitor);

         disconnect_manager_signals (monitor);

@@ -486,3 +540,30 @@ gs_monitor_start (GSMonitor *monitor,

         return TRUE;

 }

+

+static void     

+gs_monitor_simulate_user_activity (GSMonitor *monitor)

+{

+        /* request that the manager unlock -

+           will pop up a dialog if necessary */

+        gs_manager_request_unlock (monitor->priv->manager);

+}

+

+static void     

+gs_monitor_lock_screen (GSMonitor *monitor)

+{

+        gboolean res;

+        gboolean locked;

+

+        /* set lock flag before trying to activate screensaver

+           in case something tries to react to the ActiveChanged signal */

+

+        gs_manager_get_lock_active (monitor->priv->manager, &locked);

+        gs_manager_set_lock_active (monitor->priv->manager, TRUE);

+        res = gs_listener_set_active (monitor->priv->listener, TRUE);

+        if (! res) {

+                /* If we've failed then restore lock status */

+                gs_manager_set_lock_active (monitor->priv->manager, locked);

+                gs_debug ("Unable to lock the screen");

+        }

+}

diff -up gnome-screensaver-2.26.0/src/Makefile.am.securitytoken gnome-screensaver-2.26.0/src/Makefile.am

--- gnome-screensaver-2.26.0/src/Makefile.am.securitytoken	2009-03-18 11:39:58.000000000 -0400

+++ gnome-screensaver-2.26.0/src/Makefile.am	2009-03-19 00:20:36.635194085 -0400

@@ -51,6 +51,18 @@ noinst_PROGRAMS = 	\

 	test-window	\

 	$(NULL)

+noinst_LIBRARIES = libsecuritytoken.a

+ 

+libsecuritytoken_a_SOURCES = \

+	securitytoken.h \

+	securitytoken.c \

+	securitytokenmonitor.h \

+	securitytokenmonitor.c

+

+libsecuritytoken_a_CFLAGS = $(SECURITY_TOKEN_CFLAGS) \

+			-DLIBDIR=\""$(libdir)"\"  \

+			-DSYSCONFDIR=\""$(sysconfdir)"\"

+

 gnome_screensaver_command_SOURCES = 	\

 	gnome-screensaver-command.c	\

 	$(NULL)

@@ -208,6 +220,7 @@ gnome_screensaver_gl_helper_SOURCES =	\

 gnome_screensaver_LDADD =		\

 	$(GNOME_SCREENSAVER_LIBS)	\

 	$(SAVER_LIBS)			\

+ 	$(top_builddir)/src/libsecuritytoken.a \

 	$(NULL)

 gnome_screensaver_LDFLAGS = -export-dynamic

diff -up /dev/null gnome-screensaver-2.26.0/src/securitytoken.c

--- /dev/null	2009-03-18 22:51:48.055015100 -0400

+++ gnome-screensaver-2.26.0/src/securitytoken.c	2009-03-19 00:20:36.637204629 -0400

@@ -0,0 +1,680 @@

+/* securitytoken.c - security token

+ * 

+ * Copyright (C) 2006 Ray Strode <rstrode@redhat.com>

+ * 

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2, or (at your option)

+ * any later version.

+ * 

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ * 

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, write to the Free Software

+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA

+ * 02111-1307, USA.  

+ *

+ * TODO:     - doing this per project is a bad idea i think.

+ *             We should probably make this a system service 

+ *             and use dbus.

+ *

+ *           - We hardcode a driver right now.  We should probably

+ *             look up the default list and go from there. 

+ */

+#define SC_SECURITY_TOKEN_ENABLE_INTERNAL_API

+#include "securitytoken.h"

+

+#include <errno.h>

+#include <string.h>

+#include <unistd.h>

+

+#include <glib.h>

+#include <glib/gi18n.h>

+

+#include <cert.h>

+#include <nss.h>

+#include <pk11func.h>

+#include <prerror.h>

+#include <secmod.h>

+#include <secerr.h>

+

+#if defined (SC_SECURITY_TOKEN_ENABLE_TEST) || defined (SC_SECURITY_TOKEN_MONITOR_ENABLE_TEST)

+#define sc_debug(format, args...) g_printerr (format "\n", ##args)

+#define sc_warning(format, args...) g_printerr (format "\n", ##args)

+#else

+#define sc_debug(format, args...) 

+#define sc_warning(format, args...) 

+#endif

+

+struct _ScSecurityTokenPrivate {

+	SECMODModule *module;

+	ScSecurityTokenState state;

+

+	CK_SLOT_ID slot_id;

+	gint slot_series;

+

+	PK11SlotInfo *slot;

+	gchar *name;

+

+	CERTCertificate *signing_certificate;

+	CERTCertificate *encryption_certificate;

+};

+

+static void sc_security_token_finalize (GObject *object);

+static void sc_security_token_class_install_signals (ScSecurityTokenClass *token_class);

+static void sc_security_token_class_install_properties (ScSecurityTokenClass *token_class);

+static void sc_security_token_set_property (GObject       *object,

+					    guint          prop_id,

+					    const GValue  *value,

+					    GParamSpec    *pspec);

+static void sc_security_token_get_property (GObject     *object,

+					    guint        prop_id,

+					    GValue      *value,

+					    GParamSpec  *pspec);

+static void sc_security_token_set_name (ScSecurityToken *token, const gchar *name);

+static void sc_security_token_set_slot_id (ScSecurityToken *token, 

+					   gint             slot_id);

+static void sc_security_token_set_slot_series (ScSecurityToken *token, 

+					       gint             slot_series);

+static void sc_security_token_set_module (ScSecurityToken *token,

+					  SECMODModule    *module);

+

+static PK11SlotInfo *sc_security_token_find_slot_from_id (ScSecurityToken *token,

+							  gint slot_id);

+

+static PK11SlotInfo *sc_security_token_find_slot_from_token_name (ScSecurityToken *token,

+								  const gchar     *token_name);

+static gboolean sc_security_token_fetch_certificates (ScSecurityToken *token);

+

+

+#ifndef SC_SECURITY_TOKEN_DEFAULT_SLOT_ID 

+#define SC_SECURITY_TOKEN_DEFAULT_SLOT_ID ((gulong) -1)

+#endif

+

+#ifndef SC_SECURITY_TOKEN_DEFAULT_SLOT_SERIES

+#define SC_SECURITY_TOKEN_DEFAULT_SLOT_SERIES -1

+#endif

+

+enum {

+	PROP_0 = 0,

+	PROP_NAME,

+	PROP_SLOT_ID,

+	PROP_SLOT_SERIES,

+	PROP_MODULE,

+	NUMBER_OF_PROPERTIES

+};

+

+enum {

+	INSERTED,

+	REMOVED,

+	NUMBER_OF_SIGNALS

+};

+

+static guint sc_security_token_signals[NUMBER_OF_SIGNALS];

+

+G_DEFINE_TYPE (ScSecurityToken, sc_security_token, G_TYPE_OBJECT);

+

+static void

+sc_security_token_class_init (ScSecurityTokenClass *token_class)

+{

+    GObjectClass *gobject_class;

+

+    gobject_class = G_OBJECT_CLASS (token_class);

+

+    gobject_class->finalize = sc_security_token_finalize;

+

+    sc_security_token_class_install_signals (token_class);

+    sc_security_token_class_install_properties (token_class);

+

+    g_type_class_add_private (token_class,

+			      sizeof (ScSecurityTokenPrivate));

+}

+

+static void

+sc_security_token_class_install_signals (ScSecurityTokenClass *token_class)

+{

+    GObjectClass *object_class;

+

+    object_class = G_OBJECT_CLASS (token_class);

+

+    sc_security_token_signals[INSERTED] =

+	    g_signal_new ("inserted",

+			  G_OBJECT_CLASS_TYPE (object_class),

+			  G_SIGNAL_RUN_LAST,

+			  G_STRUCT_OFFSET (ScSecurityTokenClass,

+					   inserted), 

+			  NULL, NULL, g_cclosure_marshal_VOID__VOID, 

+			  G_TYPE_NONE, 0);

+    token_class->inserted = NULL;

+

+    sc_security_token_signals[REMOVED] =

+	    g_signal_new ("removed",

+			  G_OBJECT_CLASS_TYPE (object_class),

+			  G_SIGNAL_RUN_LAST,

+			  G_STRUCT_OFFSET (ScSecurityTokenClass,

+					   removed), 

+			  NULL, NULL, g_cclosure_marshal_VOID__VOID, 

+			  G_TYPE_NONE, 0);

+    token_class->removed = NULL;

+}

+

+static void

+sc_security_token_class_install_properties (ScSecurityTokenClass *token_class)

+{

+    GObjectClass *object_class;

+    GParamSpec *param_spec;

+

+    object_class = G_OBJECT_CLASS (token_class);

+    object_class->set_property = sc_security_token_set_property;

+    object_class->get_property = sc_security_token_get_property;

+

+    param_spec = g_param_spec_ulong ("slot-id", _("Slot ID"),

+				   _("The slot the token is in"),

+				   1, G_MAXULONG,

+				   SC_SECURITY_TOKEN_DEFAULT_SLOT_ID,

+				   G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);

+    g_object_class_install_property (object_class, PROP_SLOT_ID, param_spec);

+

+    param_spec = g_param_spec_int ("slot-series", _("Slot Series"),

+				   _("per-slot token identifier"),

+				   -1, G_MAXINT,

+				   SC_SECURITY_TOKEN_DEFAULT_SLOT_SERIES,

+				   G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);

+    g_object_class_install_property (object_class, PROP_SLOT_SERIES, param_spec);

+

+    param_spec = g_param_spec_string ("name", _("name"),

+				      _("name"), NULL,

+				      G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);

+    g_object_class_install_property (object_class, PROP_NAME, param_spec);

+

+    param_spec = g_param_spec_pointer ("module", _("Module"),

+				       _("security token driver"),

+				       G_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY);

+    g_object_class_install_property (object_class, PROP_MODULE, param_spec);

+}

+

+static void 

+sc_security_token_set_property (GObject       *object,

+				guint          prop_id,

+				const GValue  *value,

+				GParamSpec    *pspec)

+{

+    ScSecurityToken *token = SC_SECURITY_TOKEN (object);

+

+    switch (prop_id)

+    {

+	    case PROP_NAME:

+		    sc_security_token_set_name (token, g_value_get_string (value));

+		    break;

+

+	    case PROP_SLOT_ID:

+		    sc_security_token_set_slot_id (token, 

+						   g_value_get_ulong (value));

+		    break;

+

+	    case PROP_SLOT_SERIES:

+		    sc_security_token_set_slot_series (token, 

+						       g_value_get_int (value));

+		    break;

+

+	    case PROP_MODULE:

+		    sc_security_token_set_module (token, 

+						  (SECMODModule *)

+						  g_value_get_pointer (value));

+		    break;

+

+	    default:

+		    G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);

+    }

+}

+

+CK_SLOT_ID

+sc_security_token_get_slot_id (ScSecurityToken *token)

+{

+    return token->priv->slot_id;

+}

+

+ScSecurityTokenState 

+sc_security_token_get_state (ScSecurityToken *token)

+{

+    return token->priv->state;

+}

+

+gchar *

+sc_security_token_get_name (ScSecurityToken *token)

+{

+    return g_strdup (token->priv->name);

+}

+

+gboolean

+sc_security_token_is_login_token (ScSecurityToken *token)

+{

+    const gchar *login_token_name;

+    login_token_name = g_getenv ("PKCS11_LOGIN_TOKEN_NAME");

+

+    if ((login_token_name == NULL) || (token->priv->name == NULL))

+	    return FALSE;

+

+    if (strcmp (token->priv->name, login_token_name) == 0)

+	    return TRUE;

+

+    return FALSE;

+}

+

+static void 

+sc_security_token_get_property (GObject    *object,

+				guint        prop_id,

+				GValue      *value,

+				GParamSpec  *pspec)

+{

+    ScSecurityToken *token = SC_SECURITY_TOKEN (object);

+

+    switch (prop_id)

+    {

+	    case PROP_NAME:

+		    g_value_take_string (value, 

+					 sc_security_token_get_name (token));

+		    break;

+

+	    case PROP_SLOT_ID:

+		    g_value_set_ulong (value, 

+				       (gulong) sc_security_token_get_slot_id (token));

+		    break;

+

+	    case PROP_SLOT_SERIES:

+		    g_value_set_int (value, 

+				     sc_security_token_get_slot_series (token));

+		    break;

+

+	    default:

+		    G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);

+    }

+}

+

+static void

+sc_security_token_set_name (ScSecurityToken *token,

+			    const gchar     *name)

+{

+    if (name == NULL)

+	    return;

+

+    if ((token->priv->name == NULL) ||

+	(strcmp (token->priv->name, name) != 0)) {

+	    g_free (token->priv->name);

+	    token->priv->name = g_strdup (name);

+

+	    if (token->priv->slot == NULL) {

+		    token->priv->slot = sc_security_token_find_slot_from_token_name (token,

+										     token->priv->name);

+

+		    if (token->priv->slot != NULL) {

+			    gint slot_id, slot_series;

+

+			    slot_id = PK11_GetSlotID (token->priv->slot);

+			    if (slot_id != token->priv->slot_id)

+				    sc_security_token_set_slot_id (token, slot_id);

+

+			    slot_series = PK11_GetSlotSeries (token->priv->slot);

+			    if (slot_series != token->priv->slot_series)

+				    sc_security_token_set_slot_series (token, slot_series);

+

+			    _sc_security_token_set_state (token, SC_SECURITY_TOKEN_STATE_INSERTED);

+		    } else {

+			    _sc_security_token_set_state (token, SC_SECURITY_TOKEN_STATE_REMOVED);

+		    }

+	    }

+

+

+	    g_object_notify (G_OBJECT (token), "name");

+    }

+}

+

+static void

+sc_security_token_set_slot_id (ScSecurityToken *token,

+			       gint             slot_id)

+{

+    if (token->priv->slot_id != slot_id)

+    {

+	    token->priv->slot_id = slot_id;

+

+	    if (token->priv->slot == NULL) {

+		    token->priv->slot = sc_security_token_find_slot_from_id (token,

+									     token->priv->slot_id);

+

+		    if (token->priv->slot != NULL) {

+			    const gchar *token_name;

+

+			    token_name = PK11_GetTokenName (token->priv->slot);

+			    if ((token->priv->name == NULL) || 

+				((token_name != NULL) &&

+				(strcmp (token_name, token->priv->name) != 0)))

+				    sc_security_token_set_name (token, token_name);

+

+			    _sc_security_token_set_state (token, SC_SECURITY_TOKEN_STATE_INSERTED);

+		    } else {

+			    _sc_security_token_set_state (token, SC_SECURITY_TOKEN_STATE_REMOVED);

+		    }

+	    }

+

+	    g_object_notify (G_OBJECT (token), "slot-id");

+    }

+}

+

+static void

+sc_security_token_set_slot_series (ScSecurityToken *token,

+				   gint             slot_series)

+{

+    if (token->priv->slot_series != slot_series)

+    {

+	    token->priv->slot_series = slot_series;

+	    g_object_notify (G_OBJECT (token), "slot-series");

+    }

+}

+

+static void

+sc_security_token_set_module (ScSecurityToken *token,

+			      SECMODModule    *module)

+{

+    gboolean should_notify;

+

+    if (token->priv->module != module)

+	    should_notify = TRUE;

+    else

+	    should_notify = FALSE;

+

+    if (token->priv->module != NULL) {

+	    SECMOD_DestroyModule (token->priv->module);

+	    token->priv->module = NULL;

+    }

+

+    if (module != NULL)

+	    token->priv->module = SECMOD_ReferenceModule (module);

+

+    if (should_notify)

+	    g_object_notify (G_OBJECT (token), "module");

+}

+

+gint 

+sc_security_token_get_slot_series (ScSecurityToken *token)

+{

+    return token->priv->slot_series;

+}

+

+static void

+sc_security_token_init (ScSecurityToken *token)

+{

+

+    sc_debug ("initializing security token ");

+

+    token->priv = G_TYPE_INSTANCE_GET_PRIVATE (token,

+					       SC_TYPE_SECURITY_TOKEN,

+					       ScSecurityTokenPrivate);

+

+    if (token->priv->slot != NULL)

+	    token->priv->name = g_strdup (PK11_GetTokenName (token->priv->slot));

+}

+

+static void sc_security_token_finalize (GObject *object)

+{

+    ScSecurityToken *token;

+    GObjectClass *gobject_class;