[gdm] pam_gdm: bail if more than one password

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm] pam_gdm: bail if more than one password
Date: Mon, 8 Jan 2018 20:54:52 +0000 (UTC)

commit 250dd691b286be7ed72bc7149bf2065a1b0b233c
Author: Ray Strode <rstrode redhat com>
Date:   Mon Jan 8 13:50:39 2018 -0500

    pam_gdm: bail if more than one password
    
    it's possible for different disks to have different encryption passwords
    at startup.
    
    In that case, we won't know which one to use, so bail.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=792339

 pam_gdm/pam_gdm.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/pam_gdm/pam_gdm.c b/pam_gdm/pam_gdm.c
index d87c91b..767a6c8 100644
--- a/pam_gdm/pam_gdm.c
+++ b/pam_gdm/pam_gdm.c
@@ -47,7 +47,7 @@ pam_sm_authenticate (pam_handle_t  *pamh,
                 return PAM_AUTHINFO_UNAVAIL;
 
         r = keyctl_read_alloc (serial, &cached_password);
-        if (r < 0)
+        if (r < 0 || r != strlen (cached_password))
                 return PAM_AUTHINFO_UNAVAIL;
 
         r = pam_set_item (pamh, PAM_AUTHTOK, cached_password);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]