--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libkscreenlocker5: fails to accept correct pin after entering pin less than 6 chars with libpam-poldi
- From: Jason Franklin <jason.franklin@quoininc.com>
- Date: Wed, 07 Aug 2019 16:12:41 -0400
- Message-id: <156520876194.26029.9311518483039939353.reportbug@qipb7lnca>
Package: libkscreenlocker5
Version: 5.14.5-1
Severity: grave
Justification: causes non-serious data loss
Greetings,
I am working on a machine that is configured to use libpam-poldi for
user authentication with GPG smart cards.
When the screen locker is engaged and the user enters a PIN that is under
six characters in length, two things happen:
1. The screen locker will no longer accept a valid PIN.
2. The /var/log/auth.log file fills up with "PIN too short" messages.
The messages in auth.log appear as below:
Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short
Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short
Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short
...
This problem is clearly due to some issue at the boundary of kcheckpass
and libpam-poldi. However, I am not yet able to determine which of the
two is responsible.
I have pulled down the source code of both packages, and I am actively
working on fixing the problem. I can see where libpam-poldi obviously
will not accept a PIN less than 6 chars in length. Refer to the
libpam-poldi source tree in the file...
src/pam/auth-support/getpin-cb.c
to confirm this.
Ideally, I would need to do the following to fix this issue:
1. Compile libpam-poldi with debugging support.
2. Compile kcheckpass with debugging support.
3. Run kcheckpass with GDB to find where the conversation breaks down
when a short PIN is provided.
This would tell us if the bug is with kcheckpass or with libpam-poldi.
Let me know if you can help me implement the plan of attack above,
especially if you can offer or refer me to instructions on building and
running kcheckpass from the shell. That would be very helpful!
I am quite invested in fixing this, and I'll gladly help in any way
I can. Please advise on a course of action.
Best wishes,
Jason Franklin
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (500, 'stable'), (100, 'unstable'), (10, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libkscreenlocker5 depends on:
ii kpackagetool5 5.54.0-1
ii libc6 2.28-10
ii libkf5configcore5 5.54.0-1
ii libkf5configgui5 5.54.0-1
ii libkf5coreaddons5 5.54.0-1
ii libkf5crash5 5.54.0-1
ii libkf5declarative5 5.54.0-1
ii libkf5globalaccel-bin 5.54.0-1
ii libkf5globalaccel5 5.54.0-1
ii libkf5i18n5 5.54.0-1
ii libkf5idletime5 5.54.0-1
ii libkf5notifications5 5.54.0-1
ii libkf5package5 5.54.0-1
ii libkf5quickaddons5 5.54.0-1
ii libkf5waylandclient5 4:5.54.0-1
ii libkf5waylandserver5 4:5.54.0-1
ii libkf5windowsystem5 5.54.0-1
ii libpam0g 1.3.1-5
ii libqt5core5a 5.11.3+dfsg1-1
ii libqt5dbus5 5.11.3+dfsg1-1
ii libqt5gui5 5.11.3+dfsg1-1
ii libqt5network5 5.11.3+dfsg1-1
ii libqt5qml5 5.11.3-4
ii libqt5quick5 5.11.3-4
ii libqt5widgets5 5.11.3+dfsg1-1
ii libqt5x11extras5 5.11.3-2
ii libseccomp2 2.3.3-4
ii libstdc++6 8.3.0-6
ii libwayland-client0 1.16.0-1
ii libwayland-server0 1.16.0-1
ii libx11-6 2:1.6.7-1
ii libxcb-keysyms1 0.4.0-1+b2
ii libxcb1 1.13.1-2
ii libxi6 2:1.7.9-1
Versions of packages libkscreenlocker5 recommends:
ii kde-config-screenlocker 5.14.5-1
libkscreenlocker5 suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
- To: 934185-close@bugs.debian.org
- Subject: Bug#934185: fixed in kscreenlocker 5.14.5-2
- From: Maximiliano Curia <maxy@debian.org>
- Date: Wed, 02 Oct 2019 14:37:13 +0000
- Message-id: <E1iFfkf-0004Y4-2o@fasolo.debian.org>
Source: kscreenlocker
Source-Version: 5.14.5-2
We believe that the bug you reported is fixed in the latest version of
kscreenlocker, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 934185@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maximiliano Curia <maxy@debian.org> (supplier of updated kscreenlocker package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 27 Sep 2019 17:16:49 -0700
Source: kscreenlocker
Architecture: source
Version: 5.14.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Maximiliano Curia <maxy@debian.org>
Closes: 911052 934185
Changes:
kscreenlocker (5.14.5-2) unstable; urgency=medium
.
[ Maximiliano Curia ]
* New revision
* Salsa CI automatic initialization by Tuco
* Add patch: send_password_once.patch.
Thanks to Jason Franklin (Closes: 934185)
* Drop kde-l10n breaks/replaces, fixed versions already in stable
* Drop old breaks/replaces, fixed versions already in stable
* Bump debhelper build-dep and compat to 12.
* Bump Standards-Version to 4.4.0.
* Build with hardening bindnow
* Release to unstable
.
[ Scarlett Gately Moore ]
* Add psmisc Depends as 'killall' is used in postinst and it needs to be
installed. (Closes: 911052)
.
[ Scarlett Clark ]
* Move psmisc to Pre-Depends as per Debian policy.
Checksums-Sha1:
a3d626c70706ecb92b4fe98f6b5c1c8425580808 3063 kscreenlocker_5.14.5-2.dsc
3df4b899aeb5f4b2b564419a5b98b4b8fb1a6978 13328 kscreenlocker_5.14.5-2.debian.tar.xz
ffe333ddf535b595649acd1ea9aeccf79c78e98f 11855 kscreenlocker_5.14.5-2_source.buildinfo
Checksums-Sha256:
445ba55da665ef0e9e8f46826441454136b3562f0dbe1e5ad842c162b8340bcb 3063 kscreenlocker_5.14.5-2.dsc
df41e39cbde4798c496593c1314f601954ca487be84db13dbe849455b9af2e47 13328 kscreenlocker_5.14.5-2.debian.tar.xz
3bff9455aa5193b555d7a539582706628a7a7d76fe3108c49250753b753562af 11855 kscreenlocker_5.14.5-2_source.buildinfo
Files:
ea71f6448926ab9bbc495f9bf539cf69 3063 libs optional kscreenlocker_5.14.5-2.dsc
2285a896a4e7774ae2f20ae41062a704 13328 libs optional kscreenlocker_5.14.5-2.debian.tar.xz
a2cadecef5e728371cdb14815bcc94ec 11855 libs optional kscreenlocker_5.14.5-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE+JIdOnQEyG4RNSIVxxl2mbKbIyoFAl2UtBoACgkQxxl2mbKb
IypGLQ//YQjT1zaSlImR8SKkKOwGCpZx6+SAw0irzy75EUFzfJYEddX81z5lQXrq
Zf3pVlX4XwLvCeYa4DrkEy3sTWc8Uedwx48N1H02T/4IPxqOJHSB9PMfX91WB+dh
vAl/0JzT7yBCtwcEF+zv7bZFZu1io6WLVgHh5AuTBYv6kKjiCkBuDQRnGVRbomwQ
vHisXR4utku3rZ5kFLeT5Brh/xwytoxYyYtvHph2A4+z8lHyVAytvhtAg8Krm0hy
EGmk22e2BT0vaw83UDz6lOP+GeLDOo1FBqJsbOIEFPwluE8/hak3q3Bv7LD/CcP+
44v4Tm+0PRWDMFdcheZOkilPdh01252ZOSckFTupv+X1fAXS3egb10ubZvA3vQyN
2U6KMJtIoNYPSDhYuTuIJXm1KGYdRnYgoQNDNeT7ZUL9poQsjHOX2/Xfpw+HixWv
bYDugEpuEYvnPbEHAUgdaK5yFP/Q31s4YEhcJTRPxPw3PtLjV05wgmyyPGbjdWwu
ipdX4SQP682DIKJ263jFVo6/9JhL1DYSgBzlalLXr5oGpOKosxd8EFdE5JDa4TFr
u1oo/FAUb9b5XSCS9lVZMMpJKjnV2J+FcbqT9xBKLnR2uS19Ek6rFmKeKWDgXRoO
g0sQFRUe3IkME/HOfmunW4aRnsnV2k/2yrYSdlYFJhLvwOl5vVY=
=Je7m
-----END PGP SIGNATURE-----
--- End Message ---