[Fedora-directory-commits] mod_nss nss_engine_pphrase.c, 1.8, 1.9 nss_pcache.c, 1.8, 1.9
Robert Crittenden (rcritten)
fedora-directory-commits at redhat.com
Wed Jan 10 20:56:02 UTC 2007
- Previous message (by thread): [Fedora-directory-commits] esc/src/xulrunner Makefile,1.1,1.2
- Next message (by thread): [Fedora-directory-commits] ldapserver Makefile.am, 1.14, 1.15 Makefile.in, 1.15, 1.16 aclocal.m4, 1.6, 1.7 configure, 1.15, 1.16 configure.ac, 1.11, 1.12 ltmain.sh, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rcritten
Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8474
Modified Files:
nss_engine_pphrase.c nss_pcache.c
Log Message:
222173
Stop processing tokens when a login fails so we can correctly report
the failure.
Fix an off-by-one error in nss_pcache that prevented 1 character
passwords (not a huge problem but a bug none-the-less).
Index: nss_engine_pphrase.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_pphrase.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- nss_engine_pphrase.c 2 Oct 2006 15:57:47 -0000 1.8
+++ nss_engine_pphrase.c 10 Jan 2007 20:56:00 -0000 1.9
@@ -85,8 +85,15 @@
ret = PK11_Authenticate(slot, PR_TRUE, parg);
if (SECSuccess != ret) {
- status = SECFailure;
- break;
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+ "Password for slot %s is incorrect.", PK11_GetTokenName(slot));
+ PK11_FreeSlot(slot);
+ /* We return here rather than breaking because:
+ 1. All tokens must be logged for the server to work.
+ 2. We'll get a bogus error message from nss_engine_init, -8053,
+ instead of -8177.
+ */
+ return SECFailure;
}
parg->retryCount = 0; /* reset counter to 0 for the next token */
PK11_FreeSlot(slot);
@@ -153,7 +160,7 @@
if (rv != APR_SUCCESS ||
(res != PIN_SUCCESS && res != PIN_INCORRECTPW)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "Unable to read from pin store for slot: %s APR err: %d", PK11_GetTokenName(slot), rv);
+ "Unable to read from pin store for slot: %s APR err: %d pcache: %d", PK11_GetTokenName(slot), rv, res);
nss_die();
}
}
Index: nss_pcache.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_pcache.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- nss_pcache.c 18 Nov 2005 16:10:23 -0000 1.8
+++ nss_pcache.c 10 Jan 2007 20:56:00 -0000 1.9
@@ -445,12 +445,13 @@
work = strdup(cmd);
s = t = work;
+ r = NULL;
peek = s;
if (peek)
peek++;
while (*s) {
- if (*s == '\t' || *peek == '\0') {
+ if (*s == '\t' || *s == '\0') {
if (i == el) {
if (*peek != '\0')
*s = '\0';
@@ -468,8 +469,9 @@
peek++;
}
+ if (t) r = strdup(t);
free(work);
- return NULL;
+ return r;
}
/*
- Previous message (by thread): [Fedora-directory-commits] esc/src/xulrunner Makefile,1.1,1.2
- Next message (by thread): [Fedora-directory-commits] ldapserver Makefile.am, 1.14, 1.15 Makefile.in, 1.15, 1.16 aclocal.m4, 1.6, 1.7 configure, 1.15, 1.16 configure.ac, 1.11, 1.12 ltmain.sh, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-directory-commits
mailing list