rpms/pesign
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
c2cd4a27db
pesign/0021-Fix-race-condition-in-SEC_GetPassword.patch
Peter Jones c2cd4a27db Try to fix the db problem nirik is seeing trying to upgrade the builders. 
Nirik is seeing a failure that looks like:

[root@bkernel01 ~][PROD]# journalctl -b -l -u pesign | cat
-- Logs begin at Tue 2017-08-08 18:10:41 UTC, end at Tue 2017-08-08 18:27:17 UTC. --
Aug 08 18:22:25 bkernel01.phx2.fedoraproject.org systemd[1]: Starting Pesign signing daemon...
Aug 08 18:22:25 bkernel01.phx2.fedoraproject.org pesign[11226]: pesignd starting (pid 11227)
Aug 08 18:22:25 bkernel01.phx2.fedoraproject.org pesignd[11227]: pesignd starting (pid 11227)
Aug 08 18:22:25 bkernel01.phx2.fedoraproject.org pesign[11226]: Could not initialize nss: The certificate/key database is in an old, unsupported format.
Aug 08 18:22:27 bkernel01.phx2.fedoraproject.org systemd[1]: pesign.service: PID 11227 read from file /var/run/pesign.pid does not exist or is a zombie.
Aug 08 18:22:27 bkernel01.phx2.fedoraproject.org systemd[1]: Failed to start Pesign signing daemon.
Aug 08 18:22:27 bkernel01.phx2.fedoraproject.org systemd[1]: pesign.service: Unit entered failed state.
Aug 08 18:22:27 bkernel01.phx2.fedoraproject.org systemd[1]: pesign.service: Failed with result 'protocol'.

Signed-off-by: Peter Jones <pjones@redhat.com>
2017-08-09 10:28:05 -04:00

35 lines
1.0 KiB
Diff
Raw Blame History

From a40c584691ae071e93e8adf4e5c05bcd90c68159 Mon Sep 17 00:00:00 2001
From: Julien Cristau <jcristau@debian.org>
Date: Sat, 6 May 2017 22:45:34 +0200
Subject: [PATCH 21/24] Fix race condition in SEC_GetPassword
A side effect of echoOff is to discard unread input, so if we print the
prompt before echoOff, the user (or process) at the other end might
react to it by writing the password in between those steps, which is
then discarded. This bit me when trying to drive pesign with an expect
script.
Signed-off-by: Julien Cristau <jcristau@debian.org>
---
src/password.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/password.c b/src/password.c
index cd1c07e..d4eae0d 100644
--- a/src/password.c
+++ b/src/password.c
@@ -71,9 +71,9 @@ static char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
for (;;) {
/* Prompt for password */
if (isTTY) {
+ echoOff(infd);
fprintf(output, "%s", prompt);
fflush (output);
- echoOff(infd);
}
fgets ( phrase, sizeof(phrase), input);
--
2.13.4
Reference in New Issue View Git Blame Copy Permalink