- Initialize memory area that is being encrypted, because it is allocated
rounded up to CBLKSIZE, and the last bytes are not used. If stack
protector is active, it detects access to uninitialized memory.
- Change default pamdir to /lib/${host_cpu}-${host_os}/security.
- Fix a couple of compilation warnings.
Makefile.in
aclocal.m4
autom4te.cache/
Makefile.in
aclocal.m4
autom4te.cache/
config.guess
config.h
config.h.in
config.guess
config.h
config.h.in
datasize = ((secsize + paylsize + HASHSIZE + 4 * sizeof(short) - 1) /
CBLKSIZE + 1) * CBLKSIZE;
data = alloca(datasize);
datasize = ((secsize + paylsize + HASHSIZE + 4 * sizeof(short) - 1) /
CBLKSIZE + 1) * CBLKSIZE;
data = alloca(datasize);
+ /*
+ We allocate memory rounded up to CBLKSIZE on the stack, but do not
+ use the last bytes. Stack protectors, if enabled, fill this memory
+ with `canary` value. Later, when encryption function is called,
+ stack protector detects that it tries to access "uninitialized
+ memory". Which, while technically true, is not an error. Still,
+ let us make stack protector happy by initializing the whole area:
+ */
+ memset(data, 0, datasize);
serial_init(&srl, data, datasize);
if (serial_put(&srl, secret, secsize) != secsize) {
ao.err = "authobj: serialization of secret failed";
serial_init(&srl, data, datasize);
if (serial_put(&srl, secret, secsize) != secsize) {
ao.err = "authobj: serialization of secret failed";
dnl Process this file with autoconf to produce a configure script.
dnl Process this file with autoconf to produce a configure script.
-AC_INIT([pam_pcsc_cr], 0.9.3)
+AC_INIT([pam_pcsc_cr], 0.9.4)
AC_CONFIG_SRCDIR([pam_pcsc_cr.c])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE
AC_CONFIG_SRCDIR([pam_pcsc_cr.c])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE
])
AC_CHECK_LIB([pam], [pam_start])
AC_CHECK_FUNCS([pam_get_authtok])
])
AC_CHECK_LIB([pam], [pam_start])
AC_CHECK_FUNCS([pam_get_authtok])
+pamdir=/lib/${host_cpu}-${host_os}/security
- [ --with-pam-dir=DIR path to install the PAM module (/lib/security)],
+ [ --with-pam-dir=DIR path to install the PAM module (${pamdir})],
[PAMDIR="$withval"],
[
case $prefix in
[PAMDIR="$withval"],
[
case $prefix in
-*/_inst) PAMDIR='${exec_prefix}/lib/security' ;;
-*) PAMDIR=/lib/security ;;
+*/_inst) PAMDIR="${prefix}${pamdir}" ;;
+*) PAMDIR=${pamdir} ;;
-char *pcsc_errstr(long err) {
+const char *pcsc_errstr(long err) {
return pcsc_stringify_error(err);
}
return pcsc_stringify_error(err);
}
#include <string.h>
#include "pcsc_cr.h"
#include <string.h>
#include "pcsc_cr.h"
-static void usage(const char const *cmd)
+static void usage(const char *const cmd)
{
fprintf(stderr,
"usage: %s [-o backend:name=value] ... \"challenge\"\n",
{
fprintf(stderr,
"usage: %s [-o backend:name=value] ... \"challenge\"\n",