-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 reopen 318123 thanks
Hi all-- sorry i haven't kept up with this bug. Thanks for all the work that everyone has put into it. I'm still using libpam-opensc version 0.9.6-3 (which is in testing). i haven't switched over to libpam-p11-opensc (which is only in unstable) yet. On January 29, [EMAIL PROTECTED] said: > Could you tell me whether other authentication means work with > pam_opensc? Such as xdm, vlock, login. yes: xdm, vlock, and login all authenticate correctly with pam_opensc: the correct password unlocks or logs in, and the incorrect password fails to do so. (actually, there appears to be a minor information leak in vlock when the user-supplied passphrase/PIN doesn't match the stored PIN on the card. i'll report that separately, though). i've got xlockmore from testing (version 5.13-2.2) installed right now, and the bug is unfortunately not fixed. xlock properly rejects authentication (and stays locked) when no card is present. But when a card is present, xlock unlocks the screen for me regardless of what password i supply. This is pretty bad. Running xlock from a command line, i get the same output whether or not i use the correct password: [EMAIL PROTECTED] ~]$ xlock -debug Access control list restored. xlock: caught signal 11 while running blank mode (uid 1000). [EMAIL PROTECTED] ~]$ and of course, signal 11 is a segmentation fault: [EMAIL PROTECTED] ~]$ /bin/kill -l 11 SEGV [EMAIL PROTECTED] ~]$ > Could you recompile xlockmore with the patch provided by Elmar > http://bugs.debian.org/cgi-bin/bugreport.cgi/xlockmore-5.13_free-non-alloc-fix.diff?bug=318123;msg=19;att=1 > and tell me whether this fixes the problem with xlockmore? 5.13-2.2 seems to already have this patch applied, actually, so i didn't bother with a rebuild. I'm happy to try to debug this (since i've got the hardware handy), if anyone wants me to try anything in particular. i should now be subscribed to the bug (i'm not sure why i wasn't before). Regards, --dkg -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/> iD8DBQFD3nNWiXTlFKVLY2URAjxwAKCIFDWdJDC+3hnkuSq3btdF6uoNZQCg9D3k hab6v9ayQTXlS4Al2YFJX5c= =rglT -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
