sitter added inline comments.
INLINE COMMENTS
> pam_kwallet.c:313
>
> - char *key = malloc(KWALLET_PAM_KEYSIZE);
> - if (!key || kwallet_hash(pamh, password, userInfo, key) != 0) {
> - free(key);
> - pam_syslog(pamh, LOG_ERR, "%s: Fail into creating the hash",
> logPrefix);
> - return PAM_IGNORE;
> - }
> -
> + char *key = strdup(password);
> result = pam_set_data(pamh, kwalletPamDataKey, key, cleanup_free);
This can ENOMEM. Does that maybe need handling? Or will pam_set_data just fail
if you give it a nullptr?
> pam_kwallet.c:329
>
> - //if sm_open_session has already been called (but we did not have
> password), call it now
> - const char *session_bit;
I wonder about this comment. Can the call sequence here be random? Can open be
called before authenticate?
REPOSITORY
R107 KWallet PAM Integration
REVISION DETAIL
https://phabricator.kde.org/D27935
To: aacid
Cc: sitter, security-team, davidedmundson, plasma-devel, Orage, LeGast00n,
The-Feren-OS-Dev, cblack, jraleigh, zachus, fbampaloukas, GB_2, ragreen,
ZrenBot, ngraham, himcesjf, lesliezhai, ali-mohamed, jensreuterberg, abetts,
sebas, apol, ahiemstra, mart
