Bug#852039: pam-p11: diff for NMU version 0.1.5-6.1

Mon, 23 Jan 2017 12:40:13 -0800 

Control: tags 852039 + pending


Dear maintainer,

I've prepared an NMU for pam-p11 (versioned as 0.1.5-6.1) and
uploaded it to DELAYED/2day. I realize this is a small delay, but I want the 
changes to make it in before the freeze.  Please feel free to tell me if I
should delay it longer.

Regards.
diff -Nru pam-p11-0.1.5/debian/changelog pam-p11-0.1.5/debian/changelog
--- pam-p11-0.1.5/debian/changelog      2016-12-10 20:32:54.000000000 -0500
+++ pam-p11-0.1.5/debian/changelog      2017-01-23 15:13:19.000000000 -0500
@@ -1,3 +1,10 @@
+pam-p11 (0.1.5-6.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix segfault after token login, Closes: #852039
+
+ -- Sam Hartman <hartm...@debian.org>  Mon, 23 Jan 2017 15:13:19 -0500
+
 pam-p11 (0.1.5-6) unstable; urgency=medium
 
   * debian/control: Explicit build-deps on libssl1.0-dev.
diff -Nru pam-p11-0.1.5/debian/patches/reread_certs_on_token_login 
pam-p11-0.1.5/debian/patches/reread_certs_on_token_login
--- pam-p11-0.1.5/debian/patches/reread_certs_on_token_login    1969-12-31 
19:00:00.000000000 -0500
+++ pam-p11-0.1.5/debian/patches/reread_certs_on_token_login    2017-01-20 
17:23:43.000000000 -0500
@@ -0,0 +1,40 @@
+Index: pam-p11/src/pam_p11.c
+===================================================================
+--- pam-p11.orig/src/pam_p11.c
++++ pam-p11/src/pam_p11.c
+@@ -56,6 +56,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+       const char *user;
+       char *password;
+       char password_prompt[64];
++      int loggedin = 0;
+ 
+       struct pam_conv *conv;
+       struct pam_message msg;
+@@ -119,7 +120,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+       }
+ 
+       /* get all certs */
+-      rv = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
++ cert_scan: rv = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
+       if (rv) {
+               pam_syslog(pamh, LOG_ERR, "PKCS11_enumerate_certs failed");
+               rv = PAM_AUTHINFO_UNAVAIL;
+@@ -156,7 +157,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+               goto out;
+       }
+ 
+-      if (!slot->token->loginRequired)
++      if (!slot->token->loginRequired ||loggedin)
+               goto loggedin;
+ 
+       /* get password */
+@@ -209,6 +210,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+               goto out;
+       }
+ 
++      loggedin = 1;
++      goto cert_scan;
++      
+       loggedin:
+       /* get random bytes */
+       fd = open(RANDOM_SOURCE, O_RDONLY);
diff -Nru pam-p11-0.1.5/debian/patches/series 
pam-p11-0.1.5/debian/patches/series
--- pam-p11-0.1.5/debian/patches/series 2016-12-10 20:32:54.000000000 -0500
+++ pam-p11-0.1.5/debian/patches/series 2017-01-20 17:22:14.000000000 -0500
@@ -1 +1,2 @@
 0001-Use-INSTALL-instead-of-libLTLIBRARIES_INSTALL.patch
+reread_certs_on_token_login

Reply via email to