diff options
Diffstat (limited to 'sys-apps/systemd/files/249-home-secret-assert.patch')
-rw-r--r-- | sys-apps/systemd/files/249-home-secret-assert.patch | 106 |
1 files changed, 0 insertions, 106 deletions
diff --git a/sys-apps/systemd/files/249-home-secret-assert.patch b/sys-apps/systemd/files/249-home-secret-assert.patch deleted file mode 100644 index e6e2a8e7cc78..000000000000 --- a/sys-apps/systemd/files/249-home-secret-assert.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 6a09dbb89507449d158af6c7097d2c51ce83205f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Sun, 5 Sep 2021 11:16:26 +0900 -Subject: [PATCH] home: 'secret' argument of handle_generic_user_record_error - may be null - -When RefHome() bus method is called in acquire_home(), secret is NULL. - -Fixes #20639. ---- - src/home/pam_systemd_home.c | 19 ++++++++++++++++++- - 1 file changed, 18 insertions(+), 1 deletion(-) - -diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c -index 836ed0d5e96d..a04d50208a8e 100644 ---- a/src/home/pam_systemd_home.c -+++ b/src/home/pam_systemd_home.c -@@ -281,7 +281,6 @@ static int handle_generic_user_record_error( - const sd_bus_error *error) { - - assert(user_name); -- assert(secret); - assert(error); - - int r; -@@ -301,6 +300,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - /* This didn't work? Ask for an (additional?) password */ - - if (strv_isempty(secret->password)) -@@ -326,6 +327,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - if (strv_isempty(secret->password)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token of user %s not inserted.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: "); -@@ -350,6 +353,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_NEEDED)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Security token PIN: "); - if (r != PAM_SUCCESS) - return PAM_CONV_ERR; /* no logging here */ -@@ -367,6 +372,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PROTECTED_AUTHENTICATION_PATH_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please authenticate physically on security token of user %s.", user_name); - - r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true); -@@ -377,6 +384,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_PRESENCE_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please confirm presence on security token of user %s.", user_name); - - r = user_record_set_fido2_user_presence_permitted(secret, true); -@@ -387,6 +396,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_VERIFICATION_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please verify user on security token of user %s.", user_name); - - r = user_record_set_fido2_user_verification_permitted(secret, true); -@@ -403,6 +414,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN incorrect for user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -422,6 +435,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_FEW_TRIES_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only a few tries left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -441,6 +456,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_ONE_TRY_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only one try left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) |