[arch-commits] Commit in yubico-pam/trunk (2 files)

Christian Hesse eworm at archlinux.org
Thu Apr 5 18:36:07 UTC 2018 

    Date: Thursday, April 5, 2018 @ 18:36:06
  Author: eworm
Revision: 314454

upgpkg: yubico-pam 2.25-2

fix Authfile Leaking File Descriptor (FS#58119)
https://github.com/Yubico/yubico-pam/issues/136

Added:
  yubico-pam/trunk/0001-util-make-sure-to-close-the-authfile-before-returnin.patch
Modified:
  yubico-pam/trunk/PKGBUILD

-----------------------------------------------------------------+
 0001-util-make-sure-to-close-the-authfile-before-returnin.patch |   26 ++++++++++
 PKGBUILD                                                        |   14 ++++-
 2 files changed, 37 insertions(+), 3 deletions(-)

Added: 0001-util-make-sure-to-close-the-authfile-before-returnin.patch
===================================================================
--- 0001-util-make-sure-to-close-the-authfile-before-returnin.patch	                        (rev 0)
+++ 0001-util-make-sure-to-close-the-authfile-before-returnin.patch	2018-04-05 18:36:06 UTC (rev 314454)
@@ -0,0 +1,26 @@
+From 0f6ceabab0a8849b47f67d727aa526c2656089ba Mon Sep 17 00:00:00 2001
+From: Klas Lindfors <klas at yubico.com>
+Date: Tue, 3 Apr 2018 09:19:53 +0200
+Subject: [PATCH 1/1] util: make sure to close the authfile before returning
+ success
+
+fixes #136
+
+Signed-off-by: Christian Hesse <mail at eworm.de>
+---
+ util.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/util.c b/util.c
+index 6cb4a79..32bca06 100644
+--- a/util.c
++++ b/util.c
+@@ -167,6 +167,8 @@ check_user_token (const char *authfile,
+ 		{
+ 		  if(verbose)
+ 		      D (debug_file, "Match user/token as %s/%s", username, otp_id);
++
++		  fclose(opwfile);
+ 		  return AUTH_FOUND;
+ 		}
+ 	    }

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2018-04-05 18:29:04 UTC (rev 314453)
+++ PKGBUILD	2018-04-05 18:36:06 UTC (rev 314454)
@@ -4,7 +4,7 @@
 pkgname=yubico-pam
 _shortname=pam_yubico
 pkgver=2.25
-pkgrel=1
+pkgrel=2
 pkgdesc='Yubico YubiKey PAM module'
 arch=('x86_64')
 url='https://github.com/Yubico/yubico-pam'
@@ -14,10 +14,18 @@
 provides=("${_shortname}")
 conflicts=("${_shortname}")
 validpgpkeys=('0A3B0262BCA1705307D5FF06BCA00FD4B2168C0A') # Klas Lindfors <klas at yubico.com>
-source=("https://developers.yubico.com/${pkgname}/Releases/${_shortname}-${pkgver}.tar.gz"{,.sig})
+source=("https://developers.yubico.com/${pkgname}/Releases/${_shortname}-${pkgver}.tar.gz"{,.sig}
+        '0001-util-make-sure-to-close-the-authfile-before-returnin.patch')
 sha256sums=('624a5754d82665f6ba5f2e012f57cb41ea9bf61781ed2272dba49dffb4704e36'
-            'SKIP')
+            'SKIP'
+            '1b044b779cb08d3a02fea7a62203b494fec621f74a47f27a085b06c22cbe8c88')
 
+prepare() {
+	cd "${_shortname}-${pkgver}"
+
+	patch -Np1 < "${srcdir}"/0001-util-make-sure-to-close-the-authfile-before-returnin.patch
+}
+
 build() {
 	cd "${_shortname}-${pkgver}"

More information about the arch-commits mailing list