[git] Poldi - branch, master, updated. release-0.4.1-22-gfbaf642

by NIIBE Yutaka cvs at cvs.gnupg.org
Thu May 1 06:11:37 CEST 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "PAM for the OpenPGP card".

The branch, master has been updated
       via  fbaf642629b4a8b9e2e3b50ec9d0a98e894b7bcf (commit)
       via  51ff0fe77a07a4a7386bda2a520e35b90d3a4611 (commit)
       via  afa739f1e63fa3959f974fa3c196e9449d66864e (commit)
       via  31bd644dab64a72bcbfec8bf71225b0264408b56 (commit)
       via  123b9dc89892a18ca91d7daf675b8dab89f56a5d (commit)
       via  90f8fe57c85b326b047f605dcb4b8cd9ae3486a6 (commit)
      from  bfb6284a6d1f4a8557b4ac6905c2ce88fa223979 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit fbaf642629b4a8b9e2e3b50ec9d0a98e894b7bcf
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 17:15:59 2014 +0900

    * src/pam/auth-method-localdb/auth-localdb.c
    (auth_method_localdb_auth_do): Bug fix, use ->loghandle.

diff --git a/src/pam/auth-method-localdb/auth-localdb.c b/src/pam/auth-method-localdb/auth-localdb.c
index 6027ee1..0c65817 100644
--- a/src/pam/auth-method-localdb/auth-localdb.c
+++ b/src/pam/auth-method-localdb/auth-localdb.c
@@ -117,7 +117,7 @@ auth_method_localdb_auth_do (poldi_ctx_t ctx,
     username = username_desired;
 
   if (ctx->debug)
-    log_msg_debug (ctx->conv,
+    log_msg_debug (ctx->loghandle,
 		   _("Trying authentication as user `%s'..."), username);
   if (!ctx->quiet)
     conv_tell (ctx->conv,

commit 51ff0fe77a07a4a7386bda2a520e35b90d3a4611
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 17:15:11 2014 +0900

    * src/pam/Makefile.am (pam_poldi.so): Use LDFLAGS and GCC.

diff --git a/src/pam/Makefile.am b/src/pam/Makefile.am
index a056613..968fb71 100644
--- a/src/pam/Makefile.am
+++ b/src/pam/Makefile.am
@@ -61,7 +61,7 @@ libpam_poldi_a_SOURCES = \
 
 pam_poldi.so: libpam_poldi.a $(AUTH_METHODS_LIBS) auth-support/libpam-poldi-auth-support.a \
 		../scd/libscd_shared.a ../util/libpoldi-util_shared.a
-	gcc -shared -o pam_poldi.so -Wl,-u,pam_sm_authenticate \
+	$(CC) $(LDFLAGS) -shared -o pam_poldi.so -Wl,-u,pam_sm_authenticate \
 		libpam_poldi.a \
 		$(AUTH_METHODS_LIBS) auth-support/libpam-poldi-auth-support.a \
 		../scd/libscd_shared.a ../util/libpoldi-util_shared.a ../assuan/libassuan.a \

commit afa739f1e63fa3959f974fa3c196e9449d66864e
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 17:07:44 2014 +0900

    * src/pam/auth-support/getpin-cb.c (query_user): Remove checking of digits.
    Change error message when it's too short.

diff --git a/src/pam/auth-support/getpin-cb.c b/src/pam/auth-support/getpin-cb.c
index 10acbe7..5dfba9a 100644
--- a/src/pam/auth-support/getpin-cb.c
+++ b/src/pam/auth-support/getpin-cb.c
@@ -81,9 +81,10 @@ query_user (poldi_ctx_t ctx, const char *info, char *pin, size_t pin_size)
 	 Shouldn't they be done in scdaemon itself?  -mo */
 
       if (strlen (buffer) < 6)	/* FIXME? is it really minimum of 6 bytes? */
-	log_msg_error (ctx->loghandle, _("invalid PIN"));
-      else if (!all_digitsp (buffer))
-	log_msg_error (ctx->loghandle, _("invalid characters in PIN"));
+	{
+	  log_msg_error (ctx->loghandle, _("PIN too short"));
+	  conv_tell (ctx->conv, "%s", _("PIN too short"));
+	}
       else
 	break;
     }

commit 31bd644dab64a72bcbfec8bf71225b0264408b56
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 16:44:19 2014 +0900

    * MIGRATION, TODO: Apply documentation change from Debian.

diff --git a/MIGRATION b/MIGRATION
index 2c33dbc..d5ee697 100644
--- a/MIGRATION
+++ b/MIGRATION
@@ -51,3 +51,5 @@ or greater.
   - "fake-wait-for-card"
   - "require-card-switch"
   - "wait-timeout"
+  - "try_pin"
+  - "quiet"
diff --git a/TODO b/TODO
index c62faea..fe509a1 100644
--- a/TODO
+++ b/TODO
@@ -2,6 +2,9 @@ Final:
 * allow for Dirmngr to be started on demand (in pipe mode) (NO <- Why?!)
 
 Low priority:
+* allow user to skip card authentication without submitting a wrong
+   PIN to the card, e.g. by entering an empty PIN? Return
+   PAM_CRED_INSUFFICIENT in that case? PAM_AUTHINFO_UNAVAIL? PAM_AUTH_ERR?
 * figure out what exactly the dependencies on the OpenPGP smartcard are.
 * improve doc
 * work on MIGRATION text

commit 123b9dc89892a18ca91d7daf675b8dab89f56a5d
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 16:43:03 2014 +0900

    * conf/Makefile.am: Add scdaemon.conf installation.
    * conf/scdaemon.conf.skel: New.

diff --git a/conf/Makefile.am b/conf/Makefile.am
index 373d70d..47a5886 100644
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@@ -33,5 +33,11 @@ install-conf-skeleton:
 		install -m 644 -T $(top_srcdir)/conf/poldi.conf.skel \
                   $(DESTDIR)$(POLDI_CONF_DIRECTORY)/poldi.conf; \
 	fi
+	if test -e $(DESTDIR)$(POLDI_CONF_DIRECTORY)/scdaemon.conf; then \
+		echo "$(DESTDIR)$(POLDI_CONF_DIRECTORY)/scdaemon.conf exists, doing nothing here"; \
+	else \
+		install -m 644 -T $(top_srcdir)/conf/scdaemon.conf.skel \
+                  $(DESTDIR)$(POLDI_CONF_DIRECTORY)/scdaemon.conf; \
+	fi
 
-EXTRA_DIST = poldi.conf.skel users.skel README.keys
+EXTRA_DIST = poldi.conf.skel users.skel scdaemon.conf.skel README.keys
diff --git a/conf/scdaemon.conf.skel b/conf/scdaemon.conf.skel
new file mode 100644
index 0000000..9c006a9
--- /dev/null
+++ b/conf/scdaemon.conf.skel
@@ -0,0 +1,11 @@
+#
+# Disable internal CCID driver (but always use PC/SC driver)
+# disable-ccid
+#
+# Useful options to debug:
+#
+# debug-level guru
+# debug-all
+# log-file /tmp/scd.log
+# debug-ccid-driver
+#

commit 90f8fe57c85b326b047f605dcb4b8cd9ae3486a6
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Apr 30 16:39:29 2014 +0900

    * conf/poldi.conf.skel (scdaemon-program): Change the path.

diff --git a/conf/poldi.conf.skel b/conf/poldi.conf.skel
index 58967b3..3fed157 100644
--- a/conf/poldi.conf.skel
+++ b/conf/poldi.conf.skel
@@ -11,4 +11,4 @@ log-file /var/log/poldi
 debug
 
 # Specify SCDaemon executable
-scdaemon-program /usr/bin/scdaemon
+scdaemon-program /usr/lib/gnupg2/scdaemon

-----------------------------------------------------------------------

Summary of changes:
 MIGRATION                                  |    2 ++
 TODO                                       |    3 +++
 conf/Makefile.am                           |    8 +++++++-
 conf/poldi.conf.skel                       |    2 +-
 conf/scdaemon.conf.skel                    |   11 +++++++++++
 src/pam/Makefile.am                        |    2 +-
 src/pam/auth-method-localdb/auth-localdb.c |    2 +-
 src/pam/auth-support/getpin-cb.c           |    7 ++++---
 8 files changed, 30 insertions(+), 7 deletions(-)
 create mode 100644 conf/scdaemon.conf.skel


hooks/post-receive
-- 
PAM for the OpenPGP card
http://git.gnupg.org

More information about the Gnupg-commits mailing list