[pkg-opensc-maint] Bug#852039: Bug#852039: pam-p11: diff for NMU version 0.1.5-6.1
Eric Dorland
eric at debian.org
Tue Jan 24 07:15:00 UTC 2017
Hi Sam,
Thanks for the patch. I'll prepare an upload for it tomorrow if you
want to hold off for a bit.
* hartmans at debian.org (hartmans at debian.org) wrote:
> Control: tags 852039 + pending
>
>
> Dear maintainer,
>
> I've prepared an NMU for pam-p11 (versioned as 0.1.5-6.1) and
> uploaded it to DELAYED/2day. I realize this is a small delay, but I want the changes to make it in before the freeze. Please feel free to tell me if I
> should delay it longer.
>
> Regards.
> diff -Nru pam-p11-0.1.5/debian/changelog pam-p11-0.1.5/debian/changelog
> --- pam-p11-0.1.5/debian/changelog 2016-12-10 20:32:54.000000000 -0500
> +++ pam-p11-0.1.5/debian/changelog 2017-01-23 15:13:19.000000000 -0500
> @@ -1,3 +1,10 @@
> +pam-p11 (0.1.5-6.1) unstable; urgency=medium
> +
> + * Non-maintainer upload.
> + * Fix segfault after token login, Closes: #852039
> +
> + -- Sam Hartman <hartmans at debian.org> Mon, 23 Jan 2017 15:13:19 -0500
> +
> pam-p11 (0.1.5-6) unstable; urgency=medium
>
> * debian/control: Explicit build-deps on libssl1.0-dev.
> diff -Nru pam-p11-0.1.5/debian/patches/reread_certs_on_token_login pam-p11-0.1.5/debian/patches/reread_certs_on_token_login
> --- pam-p11-0.1.5/debian/patches/reread_certs_on_token_login 1969-12-31 19:00:00.000000000 -0500
> +++ pam-p11-0.1.5/debian/patches/reread_certs_on_token_login 2017-01-20 17:23:43.000000000 -0500
> @@ -0,0 +1,40 @@
> +Index: pam-p11/src/pam_p11.c
> +===================================================================
> +--- pam-p11.orig/src/pam_p11.c
> ++++ pam-p11/src/pam_p11.c
> +@@ -56,6 +56,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
> + const char *user;
> + char *password;
> + char password_prompt[64];
> ++ int loggedin = 0;
> +
> + struct pam_conv *conv;
> + struct pam_message msg;
> +@@ -119,7 +120,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
> + }
> +
> + /* get all certs */
> +- rv = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
> ++ cert_scan: rv = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
> + if (rv) {
> + pam_syslog(pamh, LOG_ERR, "PKCS11_enumerate_certs failed");
> + rv = PAM_AUTHINFO_UNAVAIL;
> +@@ -156,7 +157,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
> + goto out;
> + }
> +
> +- if (!slot->token->loginRequired)
> ++ if (!slot->token->loginRequired ||loggedin)
> + goto loggedin;
> +
> + /* get password */
> +@@ -209,6 +210,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
> + goto out;
> + }
> +
> ++ loggedin = 1;
> ++ goto cert_scan;
> ++
> + loggedin:
> + /* get random bytes */
> + fd = open(RANDOM_SOURCE, O_RDONLY);
> diff -Nru pam-p11-0.1.5/debian/patches/series pam-p11-0.1.5/debian/patches/series
> --- pam-p11-0.1.5/debian/patches/series 2016-12-10 20:32:54.000000000 -0500
> +++ pam-p11-0.1.5/debian/patches/series 2017-01-20 17:22:14.000000000 -0500
> @@ -1 +1,2 @@
> 0001-Use-INSTALL-instead-of-libLTLIBRARIES_INSTALL.patch
> +reread_certs_on_token_login
>
> _______________________________________________
> pkg-opensc-maint mailing list
> pkg-opensc-maint at lists.alioth.debian.org
> https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint
--
Eric Dorland <eric at kuroneko.ca>
43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-opensc-maint/attachments/20170124/8a8b67be/attachment.sig>
More information about the pkg-opensc-maint
mailing list