[pkg-opensc-commit] [pam-p11] 24/66: smart card pins are sacret, we should not pass them to other code. also this code was buggy (password instead of &password - see ticket #4).
Eric Dorland
eric at moszumanska.debian.org
Tue Jun 13 04:06:49 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository pam-p11.
commit eb39b300c3e4196d0ab512f67a5ec950cebc5ea7
Author: Andreas Jellinghaus <andreas at ionisiert.de>
Date: Wed Dec 20 08:26:58 2006 +0000
smart card pins are sacret, we should not pass them to other code.
also this code was buggy (password instead of &password - see ticket #4).
---
src/pam_p11.c | 8 --------
1 file changed, 8 deletions(-)
diff --git a/src/pam_p11.c b/src/pam_p11.c
index 120e548..81ea8f9 100644
--- a/src/pam_p11.c
+++ b/src/pam_p11.c
@@ -213,14 +213,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
free(&resp[0]);
}
- /* save password if variable nitem is set */
- rv = pam_set_item(pamh, PAM_AUTHTOK, &password);
- if (rv != PAM_SUCCESS) {
- syslog(LOG_ERR, "pam_set_item failed");
- rv = PAM_AUTHINFO_UNAVAIL;
- goto out;
- }
-
/* perform pkcs #11 login */
rv = PKCS11_login(slot, 0, password);
memset(password, 0, strlen(password));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/pam-p11.git
More information about the pkg-opensc-commit
mailing list