Hello community, here is the log from the commit of package pam_kwallet for openSUSE:Factory checked in at 2019-02-11 21:21:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam_kwallet (Old) and /work/SRC/openSUSE:Factory/.pam_kwallet.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_kwallet" Mon Feb 11 21:21:29 2019 rev:43 rq:672595 version:5.15.0 Changes: -------- --- /work/SRC/openSUSE:Factory/pam_kwallet/pam_kwallet.changes 2019-01-21 10:48:29.460155774 +0100 +++ /work/SRC/openSUSE:Factory/.pam_kwallet.new.28833/pam_kwallet.changes 2019-02-11 21:21:32.419204400 +0100 @@ -1,0 +2,24 @@ +Thu Feb 7 16:02:52 UTC 2019 - [email protected] + +- Update to 5.15.0 + * New feature release + * For more details please see: + * https://www.kde.org/announcements/plasma-5.15.0.php +- No code changes since 5.14.90 + +------------------------------------------------------------------- +Thu Jan 17 18:47:56 UTC 2019 - [email protected] + +- Update to 5.14.90 + * New feature release + * For more details please see: + * https://www.kde.org/announcements/plasma-5.14.90.php +- Changes since 5.14.5: + * bump KF5 dependency to required 5.54 as agreed at start of Plasma 5.15 cycle + * Move some messages to LOG_DEBUG level + * Add .arcconfig file + * Use KF5_MIN_VERSION + * use ssize_t for return value of write() + * do not use buffered file IO + +------------------------------------------------------------------- Old: ---- kwallet-pam-5.14.5.tar.xz kwallet-pam-5.14.5.tar.xz.sig New: ---- kwallet-pam-5.15.0.tar.xz kwallet-pam-5.15.0.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_kwallet.spec ++++++ --- /var/tmp/diff_new_pack.FV82JS/_old 2019-02-11 21:21:33.019204079 +0100 +++ /var/tmp/diff_new_pack.FV82JS/_new 2019-02-11 21:21:33.031204072 +0100 @@ -17,17 +17,16 @@ %bcond_without lang - Name: pam_kwallet -Version: 5.14.5 +Version: 5.15.0 Release: 0 Summary: A PAM Module for KWallet signing License: LGPL-2.1-only AND GPL-2.0-or-later AND GPL-3.0-only Group: System/GUI/KDE Url: http://www.kde.org/ -Source: https://download.kde.org/stable/plasma/%{version}/kwallet-pam-%{version}.tar.xz +Source: kwallet-pam-%{version}.tar.xz %if %{with lang} -Source1: https://download.kde.org/stable/plasma/%{version}/kwallet-pam-%{version}.tar.xz.sig +Source1: kwallet-pam-%{version}.tar.xz.sig Source2: plasma.keyring %endif Source3: baselibs.conf ++++++ kwallet-pam-5.14.5.tar.xz -> kwallet-pam-5.15.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kwallet-pam-5.14.5/.arcconfig new/kwallet-pam-5.15.0/.arcconfig --- old/kwallet-pam-5.14.5/.arcconfig 1970-01-01 01:00:00.000000000 +0100 +++ new/kwallet-pam-5.15.0/.arcconfig 2019-02-07 12:11:50.000000000 +0100 @@ -0,0 +1,3 @@ +{ + "phabricator.uri" : "https://phabricator.kde.org/"; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kwallet-pam-5.14.5/CMakeLists.txt new/kwallet-pam-5.15.0/CMakeLists.txt --- old/kwallet-pam-5.14.5/CMakeLists.txt 2019-01-08 12:01:00.000000000 +0100 +++ new/kwallet-pam-5.15.0/CMakeLists.txt 2019-02-07 12:11:50.000000000 +0100 @@ -1,10 +1,10 @@ project(pam_kwallet) cmake_minimum_required(VERSION 2.8.12) - -set(PROJECT_VERSION "5.14.5") +set(KF5_MIN_VERSION "5.54.0") +set(PROJECT_VERSION "5.15.0") set(PROJECT_VERSION_MAJOR 5) -find_package (ECM 1.2.0 REQUIRED NO_MODULE) +find_package (ECM ${KF5_MIN_VERSION} REQUIRED NO_MODULE) set (CMAKE_MODULE_PATH ${ECM_MODULE_PATH} "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules" ) include(CheckFunctionExists) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kwallet-pam-5.14.5/pam_kwallet.c new/kwallet-pam-5.15.0/pam_kwallet.c --- old/kwallet-pam-5.14.5/pam_kwallet.c 2019-01-08 12:01:00.000000000 +0100 +++ new/kwallet-pam-5.15.0/pam_kwallet.c 2019-02-07 12:11:50.000000000 +0100 @@ -16,6 +16,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * *************************************************************************************/ +#include <fcntl.h> #include <gcrypt.h> #include <stdio.h> #include <signal.h> @@ -273,7 +274,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { - pam_syslog(pamh, LOG_INFO, "%s: pam_sm_authenticate\n", logPrefix); + pam_syslog(pamh, LOG_DEBUG, "%s: pam_sm_authenticate\n", logPrefix); if (get_env(pamh, envVar) != NULL) { pam_syslog(pamh, LOG_INFO, "%s: we were already executed", logPrefix); return PAM_IGNORE; @@ -419,7 +420,7 @@ fullSocket = NULL; unlink(local.sun_path);//Just in case it exists from a previous login - syslog(LOG_INFO, "%s: final socket path: %s", logPrefix, local.sun_path); + syslog(LOG_DEBUG, "%s: final socket path: %s", logPrefix, local.sun_path); size_t len = strlen(local.sun_path) + sizeof(local.sun_family); if (bind(envSocket, (struct sockaddr *)&local, len) == -1) { @@ -468,7 +469,7 @@ { size_t writtenBytes = 0; while(writtenBytes < len) { - int result = write(fd, buffer + writtenBytes, len - writtenBytes); + ssize_t result = write(fd, buffer + writtenBytes, len - writtenBytes); if (result < 0) { if (errno != EAGAIN && errno != EINTR) { return -1; @@ -563,7 +564,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { - pam_syslog(pamh, LOG_INFO, "%s: pam_sm_open_session\n", logPrefix); + pam_syslog(pamh, LOG_DEBUG, "%s: pam_sm_open_session\n", logPrefix); if (get_env(pamh, envVar) != NULL) { pam_syslog(pamh, LOG_INFO, "%s: we were already executed", logPrefix); @@ -616,20 +617,20 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { - pam_syslog(pamh, LOG_INFO, "%s: pam_sm_close_session", logPrefix); + pam_syslog(pamh, LOG_DEBUG, "%s: pam_sm_close_session", logPrefix); return PAM_SUCCESS; } PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) { - pam_syslog(pamh, LOG_INFO, "%s: pam_sm_setcred", logPrefix); + pam_syslog(pamh, LOG_DEBUG, "%s: pam_sm_setcred", logPrefix); return PAM_SUCCESS; } PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) { - pam_syslog(pamh, LOG_INFO, "%s: pam_sm_chauthtok", logPrefix); + pam_syslog(pamh, LOG_DEBUG, "%s: pam_sm_chauthtok", logPrefix); return PAM_SUCCESS; } @@ -692,16 +693,21 @@ free(dir); char *salt = gcry_random_bytes(KWALLET_PAM_SALTSIZE, GCRY_STRONG_RANDOM); - FILE *fd = fopen(path, "w"); + const int fd = open(path, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0600); //If the file can't be created - if (fd == NULL) { + if (fd == -1) { syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); exit(-2); } - fwrite(salt, KWALLET_PAM_SALTSIZE, 1, fd); - fclose(fd); + const ssize_t wlen = write(fd, salt, KWALLET_PAM_SALTSIZE); + close(fd); + if (wlen != KWALLET_PAM_SALTSIZE) { + syslog(LOG_ERR, "%s: Short write to file: %s", logPrefix, path); + unlink(path); + exit(-2); + } exit(0); // success } else { @@ -746,8 +752,8 @@ exit(-1); } - FILE *fd = fopen(path, "r"); - if (fd == NULL) { + const int fd = open(path, O_RDONLY | O_CLOEXEC); + if (fd == -1) { syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); free(path); close(readSaltPipe[1]); @@ -755,8 +761,8 @@ } free(path); char salt[KWALLET_PAM_SALTSIZE] = {}; - const int bytesRead = fread(salt, 1, KWALLET_PAM_SALTSIZE, fd); - fclose(fd); + const ssize_t bytesRead = read(fd, salt, KWALLET_PAM_SALTSIZE); + close(fd); if (bytesRead != KWALLET_PAM_SALTSIZE) { syslog(LOG_ERR, "%s: Couldn't read the full salt file contents from file. %d:%d", logPrefix, bytesRead, KWALLET_PAM_SALTSIZE); exit(-1);
