Bug#771690: marked as done (unblock: softhsm/1.3.7-2)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#771690: marked as done (unblock: softhsm/1.3.7-2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 01 Dec 2014 19:03:05 +0000
Message-id: <[🔎] handler.771690.D771690.141746053916241.ackdone@bugs.debian.org>
References: <1417460531.2472.57.camel@adam-barratt.org.uk> <[🔎] 20141201170412.9308.94236.reportbug@lettie.nic.cz>

Your message dated Mon, 01 Dec 2014 19:02:11 +0000
with message-id <1417460531.2472.57.camel@adam-barratt.org.uk>
and subject line Re: Bug#771690: unblock: softhsm/1.3.7-2
has caused the Debian Bug report #771690,
regarding unblock: softhsm/1.3.7-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
771690: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771690
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: softhsm/1.3.7-2
From: Ondřej Surý <ondrej@debian.org>
Date: Mon, 01 Dec 2014 18:04:12 +0100
Message-id: <[🔎] 20141201170412.9308.94236.reportbug@lettie.nic.cz>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package softhsm

There's a security bug that we have agree that doesn't need to be
fixed in wheezy, but I forgot to fix it in jessie.

The patch comes from upstream and looks simple enough (just a couple
of opens with S_IRUSR | S_IWUSR before opening the file for writting).

$ diffstat softhsm_1.3.7-2.debdiff
 changelog                 |    9 ++
 control                   |    4 
 gbp.conf                  |    4 
 patches/SUPPORT-101.patch |  198 ++++++++++++++++++++++++++++++++++++++++++++++
 patches/series            |    1 
 5 files changed, 212 insertions(+), 4 deletions(-)

(Vcs-URLs and GBP configuration fixes also included.)

unblock softhsm/1.3.7-2

- -- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (700, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUfJ+IXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHTRMP+gNoezXk2RrvKrpI389vG3+R
ZAQZrEA3302e7gEd+bnyQ2H4HQ8X8cXCpcRpXiDCk9bKWo35acMSUcMXudS90eAg
2UPU7rAvGBpYmyn4BuMtzt8FxxYCHmDtGH/BWSiZaFqtzmLJwfRnh8o6g8vgVgSZ
a1H2npmtjHmD2feToxSBwRa0fC2anLqPM1E9V3yUqIMosTNV8nLBnFJLiLkgUxVN
8IgTBVK2+aCpA1lGdCmInURZwKS1B+jEy7ObwipTv7K1fkRxarEuF10BhiBvwvVc
BOwN9RwJTf7mQfu+aaaIRMSrtfs9kt98UYLS+ryNnrAlCRgz8LJYYFsLgXXoIEGP
VHwAx3eTCnP+C3zt7hu7v8MnQ1Fuw0HLeS7GTeeBPcepc78MODG1LijwQ0DIvLQ4
SQskOa6KZ9dSAji/diu3X5cV5fJrVSoccAwEx1GnnjfgKLkwk7wfUnoZzvSKwAz7
xgdh/LbW1o8Wq3JZ7iTHS+EgQRJg1x5bsBA1G9WZlFFQK2sPodnzQwTlOmZtrovK
Ma2n4dq3LzCHRtbHm50iBAS3j5sVkumGXu1Kwe/+CHTqGesBlvQi06Wj7BAv3xLr
J3oHk/tERh3ZkS/pGepAKVGoXeRk7XcBkUK/DzKwGJucoDIQIrOGt3R8mIZsdJ1i
gVgF52i+ImFB/C4SBvRA
=Fg5l
-----END PGP SIGNATURE-----

Attachment: softhsm_1.3.7-2.debian.tar.xz
Description: application/xz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: softhsm
Binary: softhsm-common, softhsm, libsofthsm-dev, libsofthsm, softhsm-dbg
Architecture: any
Version: 1.3.7-2
Maintainer: Ondřej Surý <ondrej@debian.org>
Homepage: http://trac.opendnssec.org/wiki/SoftHSM
Standards-Version: 3.9.1
Vcs-Browser: http://anonscm.debian.org/?p=pkg-nlnetlabs/softhsm.git
Vcs-Git: git://anonscm.debian.org/pkg-nlnetlabs/softhsm.git
Build-Depends: quilt (>= 0.46-7~), debhelper (>= 7.0.50~), autotools-dev, libbotan1.10-dev (>= 1.10.0-1~), libsqlite3-dev (>= 3.4.2), hardening-wrapper, autoconf, dh-autoreconf, automake, libtool
Build-Conflicts: libbotan1.8-dev
Package-List:
 libsofthsm deb libs extra arch=any
 libsofthsm-dev deb libdevel extra arch=any
 softhsm deb admin extra arch=any
 softhsm-common deb admin extra arch=any
 softhsm-dbg deb debug extra arch=any
Checksums-Sha1:
 e8bf4269472f9e63d1dfeda238b1d542d6c036f2 438437 softhsm_1.3.7.orig.tar.gz
 c6ff73a951409ac6f903745b1760cc55c9ec2aa4 8828 softhsm_1.3.7-2.debian.tar.xz
Checksums-Sha256:
 d12d6456a85561266d9da427565f3ee3746a35df6670d5e6be75de253c2810a4 438437 softhsm_1.3.7.orig.tar.gz
 fbfa54f534125903493bbba3425844adeac665328808c2a60c86175f15556630 8828 softhsm_1.3.7-2.debian.tar.xz
Files:
 acfda39ee23c32f38ee51692d6c6a44b 438437 softhsm_1.3.7.orig.tar.gz
 315b2804602ca9110a49a39ec9cdc179 8828 softhsm_1.3.7-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUfJ8DXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHrvYP/01JMr66P+XusLqKPrE5SAZu
3xuv+bWo79n2Hs4lur7ASLiTmm8tl+shuQ06d64jBYQsBJuG1wRf9FV6Di4G/TWw
5T0cDTtSx569MURDt2ry+EVG0yN989sZbpH2/fZ2soD+IgY8wR1dM9CuAFrKxbyf
kKP6f5QP1IW3a36QP8tSXIfn2V6sdpoeyzA2AOtb4i4YAzm5rfgk4703lnit+Z82
PmhRRhKD2qd0ZNc7c495dEERY2wmT2CVk496f8iSm26u6mr6aBdvx9zU0RW4L/qu
qTJz9J1ZY/2WZgeQv5LRF1jDetrDhZHG5W7f3UFXvDxqqEwOG9nvFKgt1WPwo+QX
1I2goM9apkC/Q2TSdGTrdiH73Z6cynGA+n4HGVbiZRpApR1aIwqqBhc29TIsZtqI
7IM++EVLN9hSYi5qQH27tnMU7RmkkVA4sgzLAMhYltNnp3yv8VGyKaxcuSVi2kmf
9s1mOwxqAgA+rEMiMl5PbIAPmcdtSHetOhvep/OiqDPu6qwa37aqDUBJAZ5Umizj
L76NUVLDTJRewExe/HQkqaKYycjYxtqdnLTWRtfVzWzyMUCC/HLCo5mRi3MH5D78
Zx7ADBmEccebeidKGbg0AZ0f2gTgM1/1AJObipO7ld32oYvUUKspVTLoHIpz+IBL
J1AozIwhEA2WG3FjfpJu
=KCHc
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 01 Dec 2014 17:52:05 +0100
Source: softhsm
Binary: softhsm-common softhsm libsofthsm-dev libsofthsm softhsm-dbg
Architecture: source amd64
Version: 1.3.7-2
Distribution: unstable
Urgency: medium
Maintainer: Ondřej Surý <ondrej@debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 libsofthsm - a cryptographic store accessible through a PKCS #11
 libsofthsm-dev - a cryptographic store accessible through a PKCS #11
 softhsm    - a cryptographic store accessible through a PKCS #11
 softhsm-common - a cryptographic store accessible through a PKCS #11
 softhsm-dbg - Debug symbols for SoftHSM
Closes: 752092
Changes:
 softhsm (1.3.7-2) unstable; urgency=medium
 .
   * Fix softhsm-keyconv creating security-sensibe file world-readable
     (Closes: #752092)
   * Update Vcs-Urls to point to anonscm.debian.org
   * Standardize gbp repository layout
Checksums-Sha1:
 4c35616ee05d048a2375f4cee1436a6b73368c68 2357 softhsm_1.3.7-2.dsc
 c6ff73a951409ac6f903745b1760cc55c9ec2aa4 8828 softhsm_1.3.7-2.debian.tar.xz
 0518fb60f5350f82dcf7901b0d2f0066385e6ff4 10664 softhsm-common_1.3.7-2_amd64.deb
 83fba268f1fd131b057d2bfa27759a52a77a3a18 36342 softhsm_1.3.7-2_amd64.deb
 bd313351be1f9cc74531e8ae31f34d86698f2ff0 55302 libsofthsm-dev_1.3.7-2_amd64.deb
 24020d12d2ab913dda0f69c63ffc8d00c8bfe74c 42530 libsofthsm_1.3.7-2_amd64.deb
 2957155e0e75d437afdc0f6c23b2111348e8f6d9 362020 softhsm-dbg_1.3.7-2_amd64.deb
Checksums-Sha256:
 1a892255d2de9cb84ec2e3b60c314e81f1e0b4cdb1db2bffa3c0ae81958d57a0 2357 softhsm_1.3.7-2.dsc
 fbfa54f534125903493bbba3425844adeac665328808c2a60c86175f15556630 8828 softhsm_1.3.7-2.debian.tar.xz
 fc1a91adeaf6428622ce4dc27e5ab4d94d4d1189134f1f634b68c8c6870edd5d 10664 softhsm-common_1.3.7-2_amd64.deb
 5d03f963dd75ad348311b7efb8195ca310836413abe2e4806836a2b4964b115f 36342 softhsm_1.3.7-2_amd64.deb
 611379a9b87081d04a35e4104383f8b043d04a6b54d6c6e5687c08eccdb3f547 55302 libsofthsm-dev_1.3.7-2_amd64.deb
 b3469ada39383bf8b4739026f364221635e1fd4fe8ca27027c2566366af87969 42530 libsofthsm_1.3.7-2_amd64.deb
 6276210c230ee637ce08dbcc60403c1f5d13584ea3c53aad577664b74f9edcf6 362020 softhsm-dbg_1.3.7-2_amd64.deb
Files:
 223f9b3f0cad7934378ed682c3586264 2357 admin extra softhsm_1.3.7-2.dsc
 315b2804602ca9110a49a39ec9cdc179 8828 admin extra softhsm_1.3.7-2.debian.tar.xz
 97c3802f0978c97dcda7bd863ac13f40 10664 admin extra softhsm-common_1.3.7-2_amd64.deb
 8a91b788bb45e507bc76ff8f98b8d2f2 36342 admin extra softhsm_1.3.7-2_amd64.deb
 9832693ff6b2d124606911be2e7f0215 55302 libdevel extra libsofthsm-dev_1.3.7-2_amd64.deb
 3b6a231af6062514b749a02e1bce233f 42530 libs extra libsofthsm_1.3.7-2_amd64.deb
 884fdeb46dc266637dedd32e00ce15eb 362020 debug extra softhsm-dbg_1.3.7-2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUfJ8HXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHsLEQAKiZDQFIBZcH8gRa1nwsPy1Q
fx+mI7ZjREpw/COvGGkn2gWm0DYS8sXmaKhPpbnRtlfJoocfzRZ8E0dlSQWSYArK
R+NvSRBf1GqByloJx7N0FgDVoZuTeYvrGwXtVybXlTzstaCgqRjCTDI00M5p54dt
nqej5sLRNsGtDaFIm6npNRA3B86yA8/VAvhsG1L7Jla5S7FkZNcE0v6BDBHqt91R
yLjeTipvuswZGNBYZQ6yVRUD5i/Brlwa0xJNl4HE5gymbYKeqT9PdapNxSw7/sIl
sHAZPqNKPgOkw0I4+yBMM//xRQQ7dYCrJ+yfrUksbtq002+ZHej4bF0VBb6UYhYi
5xBSFWC+EjKdmyDiaoUbWPG8xpqTn+B5Tr2LoLqOaSCPy5RwepdRaa6xw5FbcSZI
1PbjJSW0jkwmpOMShmb2SVQJ1IyU54Ns0gvDtn1wjV5v3WkBYmSP0hBb4nfxsstT
lED+mciI6ZQJMME8ytenoosFx0sNotOP7EwqWeeoBGRyGK3Vx4Ti4FNdbEUaPSn2
751ynGJ5y76peSMkqN0XWErBSSPnpSKMUfRK8MfFucbZ64cPnV+5O4Snty7lkQRg
2O38NcCIet08SlARqLWS8UhFB5TxSWIw8P3ke7aCrkACFt3LEzZ9wscfe6xVXI6f
Z46CcRH5g8wnEUL+hsHW
=MSkf
-----END PGP SIGNATURE-----

diff -Nru softhsm-1.3.7/debian/changelog softhsm-1.3.7/debian/changelog
--- softhsm-1.3.7/debian/changelog	2014-06-01 23:52:54.000000000 +0200
+++ softhsm-1.3.7/debian/changelog	2014-12-01 17:52:26.000000000 +0100
@@ -1,3 +1,12 @@
+softhsm (1.3.7-2) unstable; urgency=medium
+
+  * Fix softhsm-keyconv creating security-sensibe file world-readable
+    (Closes: #752092)
+  * Update Vcs-Urls to point to anonscm.debian.org
+  * Standardize gbp repository layout
+
+ -- Ondřej Surý <ondrej@debian.org>  Mon, 01 Dec 2014 17:52:05 +0100
+
 softhsm (1.3.7-1) unstable; urgency=medium
 
   * New upstream version 1.3.7
diff -Nru softhsm-1.3.7/debian/control softhsm-1.3.7/debian/control
--- softhsm-1.3.7/debian/control	2014-06-01 23:52:54.000000000 +0200
+++ softhsm-1.3.7/debian/control	2014-12-01 17:52:26.000000000 +0100
@@ -15,8 +15,8 @@
 Build-Conflicts: libbotan1.8-dev
 Standards-Version: 3.9.1
 Homepage: http://trac.opendnssec.org/wiki/SoftHSM
-Vcs-Browser: http://git.debian.org/?p=pkg-nlnetlabs/softhsm.git
-Vcs-Git: git://git.debian.org/pkg-nlnetlabs/softhsm.git
+Vcs-Browser: http://anonscm.debian.org/?p=pkg-nlnetlabs/softhsm.git
+Vcs-Git: git://anonscm.debian.org/pkg-nlnetlabs/softhsm.git
 
 Package: softhsm-common
 Architecture: any
diff -Nru softhsm-1.3.7/debian/gbp.conf softhsm-1.3.7/debian/gbp.conf
--- softhsm-1.3.7/debian/gbp.conf	2014-06-01 23:52:54.000000000 +0200
+++ softhsm-1.3.7/debian/gbp.conf	2014-12-01 17:52:26.000000000 +0100
@@ -1,7 +1,7 @@
 [DEFAULT]
-debian-branch = debian-sid
+debian-branch = master
 debian-tag = debian/%(version)s
-upstream-branch = upstream-sid
+upstream-branch = upstream
 upstream-tag = upstream/%(version)s
 
 [git-dch]
diff -Nru softhsm-1.3.7/debian/patches/series softhsm-1.3.7/debian/patches/series
--- softhsm-1.3.7/debian/patches/series	2014-06-01 23:52:54.000000000 +0200
+++ softhsm-1.3.7/debian/patches/series	2014-12-01 17:52:26.000000000 +0100
@@ -1 +1,2 @@
+SUPPORT-101.patch
 002_libtool_export_symbols_fix.patch
diff -Nru softhsm-1.3.7/debian/patches/SUPPORT-101.patch softhsm-1.3.7/debian/patches/SUPPORT-101.patch
--- softhsm-1.3.7/debian/patches/SUPPORT-101.patch	1970-01-01 01:00:00.000000000 +0100
+++ softhsm-1.3.7/debian/patches/SUPPORT-101.patch	2014-12-01 17:52:26.000000000 +0100
@@ -0,0 +1,198 @@
+From aa2d1ebb0ef31c71a4db4435f3dc056cacf87209 Mon Sep 17 00:00:00 2001
+From: Rickard Bellgrim <rickard@opendnssec.org>
+Date: Sun, 26 Oct 2014 08:08:43 +0100
+Subject: [PATCH 1/2] SOFTHSM-101: softhsm-keyconv creates files with sensitive
+ material in insecure way. Also applies to softhsm when using --export or
+ --optimize.
+
+---
+ NEWS                        |  8 ++++++++
+ src/bin/softhsm-keyconv.cpp | 50 ++++++++++++++++++++++++++++++++++++++++++---
+ src/bin/softhsm.cpp         | 31 +++++++++++++++++++++++++++-
+ 3 files changed, 85 insertions(+), 4 deletions(-)
+
+--- softhsm.orig/NEWS
++++ softhsm/NEWS
+@@ -1,5 +1,13 @@
+ NEWS for SoftHSM -- History of user visible changes
+ 
++SoftHSM develop
++
++Bugfixes:
++* SOFTHSM-101: softhsm-keyconv creates files with sensitive material
++  in insecure way. Also applies to softhsm when using --export or
++  --optimize.
++
++
+ SoftHSM 1.3.7 - 2014-05-28
+ 
+ Bugfixes:
+--- softhsm.orig/src/bin/softhsm-keyconv.cpp
++++ softhsm/src/bin/softhsm-keyconv.cpp
+@@ -48,6 +48,10 @@
+ #include <iostream>
+ #include <fstream>
+ #include <stdint.h>
++#include <fcntl.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <errno.h>
+ 
+ void usage() {
+   printf("Converting between BIND .private-key format and PKCS#8 key file format.\n");
+@@ -391,6 +395,15 @@ int to_pkcs8(char *in_path, char *out_pa
+     return 1;
+   }
+ 
++  // Create and set file permissions if the file does not exist.
++  int fd = open(out_path, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            out_path, errno);
++    return 1;
++  }
++  close(fd);
++
+   // Save the the key to the disk
+   switch(algorithm) {
+     case DNS_KEYALG_ERROR:
+@@ -735,8 +748,16 @@ int save_rsa_bind(char *name, int ttl, B
+   snprintf(priv_out, MAX_LINE, "K%s+%03i+%05i.private", name, algorithm, key_tag);
+   snprintf(pub_out, MAX_LINE, "K%s+%03i+%05i.key", name, algorithm, key_tag);
+ 
+-  // Create the private key file
++  // Create and set file permissions if the file does not exist.
++  int fd = open(priv_out, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            priv_out, errno);
++    return 1;
++  }
++  close(fd);
+ 
++  // Create the private key file
+   file_pointer = fopen(priv_out, "w");
+   if (!file_pointer) {
+     fprintf(stderr, "Error: Could not open output file %.100s for writing.\n", priv_out);
+@@ -786,8 +807,16 @@ int save_rsa_bind(char *name, int ttl, B
+ 
+   printf("The private key has been written to %s\n", priv_out);
+ 
+-  // Create the public key file
++  // Create and set file permissions if the file does not exist.
++  fd = open(pub_out, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            pub_out, errno);
++    return 1;
++  }
++  close(fd);
+ 
++  // Create the public key file
+   file_pointer = fopen(pub_out, "w");
+   if (!file_pointer) {
+     fprintf(stderr, "Error: Could not open output file %.100s for writing.\n", pub_out);
+@@ -836,6 +865,15 @@ int save_dsa_bind(char *name, int ttl, B
+   snprintf(priv_out, MAX_LINE, "K%s+%03i+%05i.private", name, algorithm, key_tag);
+   snprintf(pub_out, MAX_LINE, "K%s+%03i+%05i.key", name, algorithm, key_tag);
+ 
++  // Create and set file permissions if the file does not exist.
++  int fd = open(priv_out, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            priv_out, errno);
++    return 1;
++  }
++  close(fd);
++
+   file_pointer = fopen(priv_out, "w");
+   if (!file_pointer) {
+     fprintf(stderr, "Error: Could not open output file %.100s for writing.\n", priv_out);
+@@ -873,8 +911,16 @@ int save_dsa_bind(char *name, int ttl, B
+ 
+   printf("The private key has been written to %s\n", priv_out);
+ 
+-  // Create the public key file
++  // Create and set file permissions if the file does not exist.
++  fd = open(pub_out, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            pub_out, errno);
++    return 1;
++  }
++  close(fd);
+ 
++  // Create the public key file
+   file_pointer = fopen(pub_out, "w");
+   if (!file_pointer) {
+     fprintf(stderr, "Error: Could not open output file %.100s for writing.\n", pub_out);
+--- softhsm.orig/src/bin/softhsm.cpp
++++ softhsm/src/bin/softhsm.cpp
+@@ -46,6 +46,10 @@
+ #include <iostream>
+ #include <fstream>
+ #include <sched.h>
++#include <fcntl.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <errno.h>
+ 
+ #ifdef HAVE_DLOPEN
+ #include <dlfcn.h>
+@@ -1005,6 +1009,15 @@ int removeSessionObjs(char *dbPath) {
+   CK_BBOOL ckFalse = CK_FALSE;
+   int retVal = 0;
+ 
++  // Create and set file permissions if the DB does not exist.
++  int fd = open(dbPath, O_CREAT, S_IRUSR | S_IWUSR);
++  if(fd == -1) {
++    fprintf(stderr, "Could not open the token database. errno=%i. "
++                    "Probably wrong privileges: %s", errno, dbPath);
++    return 1;
++  }
++  close(fd);
++
+   if(sqlite3_open(dbPath, &db) != 0) {
+     fprintf(stderr, "ERROR: Could not connect to database.\n");
+     return 1;
+@@ -1278,6 +1291,15 @@ CK_RV writeKeyToDisk(char *filePath, cha
+     return CKR_GENERAL_ERROR;
+   }
+ 
++  // Create and set file permissions if the file does not exist.
++  int fd = open(filePath, O_CREAT, S_IRUSR | S_IWUSR);
++  if (fd == -1) {
++    fprintf(stderr, "ERROR: Could not open the output file: %s (errno %i)\n",
++            filePath, errno);
++    return CKR_GENERAL_ERROR;
++  }
++  close(fd);
++
+   std::ofstream privFile(filePath);
+ 
+   if(!privFile) {
+@@ -1468,6 +1490,15 @@ Botan::Private_Key* getPrivKey(char *dbP
+   sqlite3_stmt *select_sql = NULL;
+   Botan::Private_Key *privKey = NULL;
+ 
++  // Create and set file permissions if the DB does not exist.
++  int fd = open(dbPath, O_CREAT, S_IRUSR | S_IWUSR);
++  if(fd == -1) {
++    fprintf(stderr, "Could not open the token database. errno=%i. "
++                    "Probably wrong privileges: %s", errno, dbPath);
++    return NULL;
++  }
++  close(fd);
++
+   if(sqlite3_open(dbPath, &db) == 0 && sqlite3_prepare_v2(db, select_str, -1, &select_sql, NULL) == 0) {
+     if(getObjectClass(select_sql, oHandle) == CKO_PRIVATE_KEY && getKeyType(select_sql, oHandle) == CKK_RSA) {
+       Botan::BigInt bigN = getBigIntAttribute(select_sql, oHandle, CKA_MODULUS);
+@@ -1477,7 +1508,7 @@ Botan::Private_Key* getPrivKey(char *dbP
+       Botan::BigInt bigQ = getBigIntAttribute(select_sql, oHandle, CKA_PRIME_2);
+ 
+       Botan::AutoSeeded_RNG *rng = new Botan::AutoSeeded_RNG();
+-      
++
+       try {
+         privKey = new Botan::RSA_PrivateKey(*rng, bigP, bigQ, bigE, bigD, bigN);
+       }

--- End Message ---

--- Begin Message ---

To: Ondřej Surý <ondrej@debian.org>, 771690-done@bugs.debian.org

Subject: Re: Bug#771690: unblock: softhsm/1.3.7-2

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Mon, 01 Dec 2014 19:02:11 +0000

Message-id: <1417460531.2472.57.camel@adam-barratt.org.uk>

In-reply-to: <[🔎] 20141201170412.9308.94236.reportbug@lettie.nic.cz>

References: <[🔎] 20141201170412.9308.94236.reportbug@lettie.nic.cz>
On Mon, 2014-12-01 at 18:04 +0100, Ondřej Surý wrote:
> Please unblock package softhsm
> 
> There's a security bug that we have agree that doesn't need to be
> fixed in wheezy, but I forgot to fix it in jessie.
> 
> The patch comes from upstream and looks simple enough (just a couple
> of opens with S_IRUSR | S_IWUSR before opening the file for writting).

Unblocked, thanks.

Regards,

Adam
--- End Message ---

Reply to:

References:
- Bug#771690: unblock: softhsm/1.3.7-2
  - From: Ondřej Surý <ondrej@debian.org>

Prev by Date: Bug#771535: marked as done (Pre-approval for gnome-shell/3.14.2-1)
Next by Date: Bug#771692: marked as done (unblock: opendnssec/1:1.4.6-5)
Previous by thread: Bug#771690: unblock: softhsm/1.3.7-2
Next by thread: Bug#771692: unblock: opendnssec/1:1.4.6-5
Index(es):
- Date
- Thread