32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
|
From 7407bcbbb0da9721c9ead7b9253b8dd90b12ccda Mon Sep 17 00:00:00 2001
|
||
|
From: Stef Walter <stef@memberwebs.com>
|
||
|
Date: Thu, 21 Jan 2010 14:49:00 +0000
|
||
|
Subject: Fix endless loop when looking for password in login keyring.
|
||
|
|
||
|
If the password for an encryption key was stored in the login
|
||
|
keyring in the 'old' way, there could be an endless loop if
|
||
|
it was the wrong password.
|
||
|
---
|
||
|
diff --git a/daemon/pkcs11/gkd-pkcs11-auth.c b/daemon/pkcs11/gkd-pkcs11-auth.c
|
||
|
index 599e212..e9cc232 100644
|
||
|
--- a/daemon/pkcs11/gkd-pkcs11-auth.c
|
||
|
+++ b/daemon/pkcs11/gkd-pkcs11-auth.c
|
||
|
@@ -518,8 +518,15 @@ login_specific_done (CK_SESSION_HANDLE handle, CK_SESSION_INFO *info,
|
||
|
case CKR_PIN_INVALID:
|
||
|
case CKR_PIN_LEN_RANGE:
|
||
|
case CKR_PIN_LOCKED:
|
||
|
+ /* Clear out any stored secret */
|
||
|
if (object->unique && object->token)
|
||
|
gkd_login_remove_secret ("unique", object->unique, NULL);
|
||
|
+
|
||
|
+ /* COMPAT: Clear old method of storing secrets for objects in login keyring */
|
||
|
+ if (object->digest) {
|
||
|
+ convert_upper_case (object->digest);
|
||
|
+ gkd_login_remove_secret ("object-digest", object->digest, NULL);
|
||
|
+ }
|
||
|
break;
|
||
|
|
||
|
case CKR_OK:
|
||
|
--
|
||
|
cgit v0.8.3.1
|