OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam_mount?expand=0&rev=20

pam_mount-0.45-umount-home-dir.dif

@@ -6,7 +6,7 @@ Index: scripts/umount.crypt
  # ask cryptsetup about the underlying device
  #
  REALDEVICE=`cryptsetup status "$DMDEVICE" | sed -n '/device/s/[ ]*device:[ ]*//p'`;
-+IMGDEVICE=`"$LOSETUP" -a | grep "$REALDEVICE" | awk -F\( '{ print $2 }' | sed 's/)//'`
++IMGDEVICE=`losetup -a | grep "$REALDEVICE" | awk -F\( '{ print $2 }' | sed 's/)//'`
  
  for ((x = 5; x >= 0; --x)); do
  	fuser -m "$1" || break;
@@ -16,7 +16,7 @@ Index: scripts/umount.crypt
  fi
 +
 +if echo "$IMGDEVICE" | grep ^/dev/loop >/dev/null; then
-+        "$LOSETUP" -d "$IMGDEVICE";
++        losetup -d "$IMGDEVICE";
 +        if [ $? -ne 0 ]; then
 +                echo "${0##*/}: error removing $IMGDEVICE" >&2
 +                exit 1

pam_mount-0.47-fix-decrypt-key.dif

@@ -0,0 +1,58 @@
+--- src/crypto.c
++++ src/crypto.c	2008/09/25 12:40:16
+@@ -35,6 +35,7 @@
+ #include "crypto.h"
+ #include "misc.h"
+ #include "pam_mount.h"
++#include <stdio.h>
+ 
+ /* Functions */
+ #if defined(HAVE_LIBCRYPTO) && defined(HAVE_LIBSSL)
+@@ -123,7 +124,7 @@
+ int decrypted_key(hmc_t **pt_fs_key, const char *fs_key_path,
+     const char *fs_key_cipher, const char *authtok)
+ {
+-	hmc_t *ct_fs_key = NULL, *line = NULL;
++	hmc_t *ct_fs_key = NULL;
+ 	int segment_len, pt_fs_key_len, ret = 1;
+ 	unsigned char hashed_authtok[EVP_MAX_KEY_LENGTH];	/* hash(system authtok) */
+ 	unsigned char iv[EVP_MAX_IV_LENGTH];
+@@ -156,10 +157,26 @@
+ 	}
+ 
+ 	ct_fs_key = hmc_minit(NULL, 0);
+-	while (HX_getl(&line, fs_key_fp) != NULL)
+-		hmc_memcat(&ct_fs_key, line, hmc_length(line));
+-	hmc_free(line);
+ 
++	while (1)
++	{
++		unsigned char line[EVP_MAX_BLOCK_LENGTH];
++		size_t n = fread(&line, 1, EVP_MAX_BLOCK_LENGTH, fs_key_fp);
++		if (ferror(fs_key_fp))
++		{
++			l0g("failed to read the key(%d)", ferror(fs_key_fp));
++            goto out2;
++		}
++		
++		if(n > 0)
++		{
++			hmc_memcat(&ct_fs_key, line, n);
++		}
++		
++        if (feof(fs_key_fp))
++            break;
++	}
++	
+ 	if (hmc_length(ct_fs_key) == 0) {
+ 		l0g("failed to read encrypted filesystem key from %s, "
+ 		    "or file empty.\n", fs_key_path);
+@@ -210,7 +227,7 @@
+ 
+ 	ERR_free_strings();
+ 	/* pt_fs_key_len is unsigned */
+-	assert(ret == 0);
++	assert(ret != 0);
+ 	return ret;
+ }
+ 

pam_mount.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Sep 25 14:59:05 CEST 2008 - mc@suse.de
+
+- fix reading the key from harddisk.
+- using losteup command directly (bnc#427343) 
+
 -------------------------------------------------------------------
 Fri Sep  5 09:49:13 CEST 2008 - mc@suse.de
 

pam_mount.spec

@@ -23,7 +23,7 @@ BuildRequires:  libHX-devel libxml2-devel lzma openssl-devel pam-devel perl-XML-
 BuildRequires:  linux-kernel-headers
 Summary:        A PAM Module that can Mount Volumes for a User Session
 Version:        0.47
-Release:        1
+Release:        8
 # psmisc: /bin/fuser
 Recommends:     cifs-mount psmisc
 Recommends:     cryptsetup
@@ -33,6 +33,7 @@ Prefix:         /usr
 Group:          System/Libraries
 Source:         %{name}-%{version}.tar.lzma
 Patch1:         pam_mount-0.45-umount-home-dir.dif
+Patch2:         pam_mount-0.47-fix-decrypt-key.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Url:            http://pam-mount.sourceforge.net/
 PreReq:         coreutils, perl-XML-Writer
@@ -69,6 +70,7 @@ include it and send me patches.
 %prep
 %setup -q
 %patch1
+%patch2
 
 %build
 %{suse_update_config -f}
@@ -128,6 +130,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc %{_mandir}/man8/umount.crypt.8.gz
 
 %changelog
+* Thu Sep 25 2008 mc@suse.de
+- fix reading the key from harddisk.
+- using losteup command directly (bnc#427343)
 * Fri Sep 05 2008 mc@suse.de
 - version 0.47
   - mount.crypt: add missing null command to conform to sh syntax