deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix resetting ADMIN pass phrase in admi-less mode

Browse Source
This commit is contained in:
NIIBE Yutaka
2012-07-05 08:56:42 +09:00
parent ffba0e0158
commit e78206e1cd
4 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@@ -1,3 +1,11 @@
2012-07-05 Niibe Yutaka <gniibe@fsij.org>
* src/openpgp.c (cmd_change_password): Call ac_reset_admin when
admin-less mode.
(cmd_reset_user_password): Likewise.
* src/ac.c (ac_reset_admin, ac_fini): Clear ADMIN_AUTHORIZED.
2012-07-04 Niibe Yutaka <gniibe@fsij.org> 2012-07-04 Niibe Yutaka <gniibe@fsij.org>
Bug fixes. Bug fixes.

2
src/ac.c
View File

@@ -290,6 +290,7 @@ ac_reset_admin (void)
{ {
memset (keystring_md_pw3, 0, KEYSTRING_MD_SIZE); memset (keystring_md_pw3, 0, KEYSTRING_MD_SIZE);
auth_status &= ~AC_ADMIN_AUTHORIZED; auth_status &= ~AC_ADMIN_AUTHORIZED;
admin_authorized = 0;
} }
void void
@@ -300,4 +301,5 @@ ac_fini (void)
gpg_do_clear_prvkey (GPG_KEY_FOR_DECRYPTION); gpg_do_clear_prvkey (GPG_KEY_FOR_DECRYPTION);
gpg_do_clear_prvkey (GPG_KEY_FOR_AUTHENTICATION); gpg_do_clear_prvkey (GPG_KEY_FOR_AUTHENTICATION);
auth_status = AC_NONE_AUTHORIZED; auth_status = AC_NONE_AUTHORIZED;
admin_authorized = 0;
} }

2
src/openpgp-do.c
View File

@@ -959,7 +959,7 @@ proc_key_import (const uint8_t *data, int len)
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (keystring_admin == NULL) if (admin_authorized == BY_USER)
ac_reset_admin (); ac_reset_admin ();
} }

12
src/openpgp.c
View File

@@ -315,6 +315,8 @@ cmd_change_password (void)
gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
DEBUG_INFO ("Changed DO_KEYSTRING_PW1.\r\n"); DEBUG_INFO ("Changed DO_KEYSTRING_PW1.\r\n");
GPG_SUCCESS (); GPG_SUCCESS ();
} }
@@ -323,6 +325,8 @@ cmd_change_password (void)
gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1); gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
DEBUG_INFO ("Changed length of DO_KEYSTRING_PW1.\r\n"); DEBUG_INFO ("Changed length of DO_KEYSTRING_PW1.\r\n");
GPG_SUCCESS (); GPG_SUCCESS ();
} }
@@ -422,6 +426,8 @@ cmd_reset_user_password (void)
KEYSTRING_SIZE_PW1); KEYSTRING_SIZE_PW1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
gpg_pw_reset_err_counter (PW_ERR_RC); gpg_pw_reset_err_counter (PW_ERR_RC);
gpg_pw_reset_err_counter (PW_ERR_PW1); gpg_pw_reset_err_counter (PW_ERR_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
@@ -432,6 +438,8 @@ cmd_reset_user_password (void)
gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1); gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
gpg_pw_reset_err_counter (PW_ERR_RC); gpg_pw_reset_err_counter (PW_ERR_RC);
gpg_pw_reset_err_counter (PW_ERR_PW1); gpg_pw_reset_err_counter (PW_ERR_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
@@ -470,6 +478,8 @@ cmd_reset_user_password (void)
KEYSTRING_SIZE_PW1); KEYSTRING_SIZE_PW1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
gpg_pw_reset_err_counter (PW_ERR_PW1); gpg_pw_reset_err_counter (PW_ERR_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
} }
@@ -479,6 +489,8 @@ cmd_reset_user_password (void)
gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1); gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1);
ac_reset_pso_cds (); ac_reset_pso_cds ();
ac_reset_other (); ac_reset_other ();
if (admin_authorized == BY_USER)
ac_reset_admin ();
gpg_pw_reset_err_counter (PW_ERR_PW1); gpg_pw_reset_err_counter (PW_ERR_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
} }