opensc-commits Mailing List for OpenSC (Page 27)

OpenSC - tools and libraries for smart cards

Brought to you by: jyrjola, ludov, okir, pisi, tarvik

opensc-commits — commit notifications

You can subscribe to this list here.

2013	Jan (18)	Feb (20)	Mar (15)	Apr (5)	May (7)	Jun (3)	Jul (4)	Aug (20)	Sep (10)	Oct (12)	Nov (12)	Dec (7)
2014	Jan (12)	Feb (8)	Mar (3)	Apr (7)	May (12)	Jun (19)	Jul (1)	Aug (5)	Sep (9)	Oct (11)	Nov (13)	Dec (20)
2015	Jan (12)	Feb (25)	Mar (33)	Apr (37)	May (36)	Jun (2)	Jul (18)	Aug (31)	Sep (98)	Oct (50)	Nov (25)	Dec (34)
2016	Jan (95)	Feb (35)	Mar (78)	Apr (12)	May (11)	Jun (20)	Jul (28)	Aug (21)	Sep (30)	Oct (29)	Nov (15)	Dec (15)
2017	Jan (29)	Feb (17)	Mar (34)	Apr (28)	May (12)	Jun (25)	Jul (39)	Aug (14)	Sep (12)	Oct (38)	Nov (28)	Dec (6)
2018	Jan (15)	Feb (22)	Mar (27)	Apr (71)	May (78)	Jun (47)	Jul (24)	Aug (63)	Sep (43)	Oct (34)	Nov (27)	Dec (18)
2019	Jan (51)	Feb (17)	Mar (48)	Apr (46)	May (25)	Jun (9)	Jul (14)	Aug (46)	Sep (18)	Oct (25)	Nov (26)	Dec (25)
2020	Jan (28)	Feb (30)	Mar (20)	Apr (69)	May (40)	Jun (16)	Jul (13)	Aug (9)	Sep (17)	Oct (40)	Nov (55)	Dec (6)
2021	Jan (44)	Feb (13)	Mar (33)	Apr (31)	May (32)	Jun (10)	Jul (9)	Aug (27)	Sep (33)	Oct (7)	Nov (14)	Dec (17)
2022	Jan (25)	Feb (11)	Mar (42)	Apr (14)	May (18)	Jun (3)	Jul (10)	Aug (41)	Sep (12)	Oct (13)	Nov (18)	Dec (9)
2023	Jan (10)	Feb (18)	Mar (25)	Apr (27)	May (16)	Jun (26)	Jul (9)	Aug (29)	Sep (17)	Oct (24)	Nov (18)	Dec (16)
2024	Jan (23)	Feb (55)	Mar (40)	Apr (17)	May (15)	Jun (12)	Jul (12)	Aug (6)	Sep (15)	Oct (16)	Nov (29)	Dec (26)
2025	Jan (29)	Feb (37)	Mar (24)	Apr (35)	May (38)	Jun (20)	Jul (7)	Aug (8)	Sep	Oct	Nov	Dec

Flat | Threaded

<< < 1 .. 25 26 27 28 29 .. 147 > >> (Page 27 of 147)

[Opensc-commits] [OpenSC/OpenSC] dd138d: Fixed loop in sc_hsm_write_ef, handle offset into ...

From: Ingo S. <no...@gi...> - 2023-03-22 08:23:04

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: dd138d0600a1acd7991989127f36827e5836b24e
      https://github.com/OpenSC/OpenSC/commit/dd138d0600a1acd7991989127f36827e5836b24e
  Author: Ingo Struck (git commits) <gi...@in...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M src/libopensc/card-sc-hsm.c

  Log Message:
  -----------
  Fixed loop in sc_hsm_write_ef, handle offset into buf and into EF separately

[Opensc-commits] [OpenSC/OpenSC] d952a9: support for Slovak eID cards (#2672)

From: Juraj Š. <no...@gi...> - 2023-03-22 08:21:03

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: d952a9fa3d0e2becc684c3a2529173d3d151f817
      https://github.com/OpenSC/OpenSC/commit/d952a9fa3d0e2becc684c3a2529173d3d151f817
  Author: Juraj Šarinay <ju...@sa...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M src/libopensc/Makefile.am
    M src/libopensc/Makefile.mak
    A src/libopensc/card-skeid.c
    M src/libopensc/cards.h
    M src/libopensc/ctx.c
    A src/libopensc/pkcs15-skeid.c
    M src/libopensc/pkcs15-syn.c
    M src/libopensc/pkcs15-syn.h

  Log Message:
  -----------
  support for Slovak eID cards (#2672)

## Driver

The card runs CardOS 5.4, the new driver is therefore a stripped-down version of ```card-cardos.c``` The only place where I have to diverge from the original driver is ```set_security_env```, because the card expects ```MSE RESTORE``` instead of ```MSE SET```. I abuse ```key_ref``` to store the corresponding ```seIdentifier```, as our pkcs\#15 structures do not include the entry.

Because the card shares the ATR with other CardOS 5.4 cards, the new driver precedes ```cardos-driver``` within ```internal_card_drivers[]```.

## PKCS\#15 emulation

Within EF.DIR there are 5 applications. The last two carry (apparently not entirely usable) PKCS\#15 structures. 

```pkcs15-skeid.c``` binds the _fourth_ application in the list. Otherwise ```sc_pkcs15_bind_internal``` would get called and create an unusable token. In the case of the fifth application this is prevented by ```SC_PKCS11_FRAMEWORK_DATA_MAX_NUM = 4```.

Because there is no point in calling ```sc_pkcs15_bind_internal``` for this card, I added it to ```sc_pkcs15_is_emulation_only```. This does not prevent ```sc_pkcs15_bind_internal``` from [getting called](https://github.com/OpenSC/OpenSC/blob/70771735ae10180bb039043b9a1b00b66bf00fc1/src/libopensc/pkcs15.c#L1296
) though (if synthetic binding was unsuccessful).

I consider this behaviour a bit counterintuitive. I mention it here to report on and justify what I have done, it has no noticeable effect on my driver (any more). Let me know if ```sc_pkcs15_is_emulation_only``` warrants a separate GitHub issue.

## PINs

There is a global User PIN labeled BOK. The qualified certificate (key) requires user consent and a separate (local) Signature PIN labeled KEP. The "official" proprietary PKCS\#11 module requires both the codes for every signature. Fortunately, the card is happy with the Signature PIN only, as there seems to be no convenient way to have multiple PIN codes per slot. 

I considered emulating (parts of) the "official" behaviour wihtin a custom ```pin_cmd``` that contained the following:

```C
    if (data->pin_reference == 0x87 && data->cmd != SC_PIN_CMD_CHANGE && data->pin_type != SC_AC_CONTEXT_SPECIFIC)
        {
               sc_log(card->ctx, "Non-specific KEP PIN encountered, handling it as BOK instead.");
               data->pin_reference = 0x03;
       }

```
I ultimately decided against the idea. It adds complexity (or confusion) and provides little benefit. I mention the issue because it is connected to a failure in ```pkcs11-tool --test --slot 1 --login```: [log](https://github.com/OpenSC/OpenSC/files/10326667/pkcs11-tool_test_slot_1.log).

Because the local Signature PIN is used for the session, ```test_verify()``` fails [here](https://github.com/OpenSC/OpenSC/blob/70771735ae10180bb039043b9a1b00b66bf00fc1/src/tools/pkcs11-tool.c#L6639).

The card enforces CKA_ALWAYS_AUTHENTICATE and therefore reports that the Signature PIN is (no longer) verified, apparently because signatures have been computed during ```test_signature()```. The only effect of this is that the built-in test fails even though the token works (reasonably) well.

The above ```pin_cmd``` hack would result in a passed ```pkcs11-tool --test --slot 1 --login```.

I include this information mainly to justify a PR with a failed test attached. If the behaviour of ```pkcs11-tool --test``` in the context of a local Signature PIN and ```user_consent``` warrants a separate GitHub issue, do please let me know.

For completeness,  [here](https://github.com/OpenSC/OpenSC/files/10326703/pkcs11-tool_test_slot_0.log) is the output of ```pkcs11-tool --test --slot 0 --login```.

[Opensc-commits] [OpenSC/OpenSC] 44476c: use proper define for PSS salt length auto detection

From: Frank M. <no...@gi...> - 2023-03-22 08:16:06

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 44476c024464493f818a6b56a8fbdd079671ff1c
      https://github.com/OpenSC/OpenSC/commit/44476c024464493f818a6b56a8fbdd079671ff1c
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M src/pkcs11/openssl.c

  Log Message:
  -----------
  use proper define for PSS salt length auto detection


  Commit: 0878dc96f038553d0f80afffde7064f6003c3669
      https://github.com/OpenSC/OpenSC/commit/0878dc96f038553d0f80afffde7064f6003c3669
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c
    M src/pkcs11/openssl.c
    M src/pkcs11/sc-pkcs11.h

  Log Message:
  -----------
  fixed implicit conversion loses integer precision

- use pkcs#11 types in sc_pkcs11_verify_data
- this reduces the number of type conversions needed
- this fixes a possible data corruption when gost is used with a very long public key


  Commit: 659beea4383206ead67f599c010f6d74a0ec705b
      https://github.com/OpenSC/OpenSC/commit/659beea4383206ead67f599c010f6d74a0ec705b
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M configure.ac
    M src/common/Makefile.am
    M src/common/Makefile.mak
    A src/common/compat_overflow.c
    A src/common/compat_overflow.h

  Log Message:
  -----------
  added wrappers for checked arithmetic builtins of clang/gcc


  Commit: 2e149d3eb4c8e43682ba9143e45d4eb22af70124
      https://github.com/OpenSC/OpenSC/commit/2e149d3eb4c8e43682ba9143e45d4eb22af70124
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-22 (Wed, 22 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed possible integer overflow


Compare: https://github.com/OpenSC/OpenSC/compare/8786ccbc7958...2e149d3eb4c8

[Opensc-commits] [OpenSC/OpenSC] a285b3: Check nested macros when parsing pkcs15init profile

From: Veronika H. <no...@gi...> - 2023-03-21 14:46:05

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: a285b300305ab19a706dac158695c8d92b96d1ff
      https://github.com/OpenSC/OpenSC/commit/a285b300305ab19a706dac158695c8d92b96d1ff
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/profile.c

  Log Message:
  -----------
  Check nested macros when parsing pkcs15init profile

When processing macros in pkcs15init profile, the macros
may contain nested macros, which causes recursion loop.

In this particular case found by OSS-Fuzz, the problem
was caused by macro e =1)$e

Thank you OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53545


  Commit: fd4754b101a50541d41216ba4d9d57bc9e2991cc
      https://github.com/OpenSC/OpenSC/commit/fd4754b101a50541d41216ba4d9d57bc9e2991cc
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/profile.c

  Log Message:
  -----------
  Handle errors when processing macros


  Commit: b6dc20b29ba5da4cac6ebb0a4539233e58fa5fcc
      https://github.com/OpenSC/OpenSC/commit/b6dc20b29ba5da4cac6ebb0a4539233e58fa5fcc
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/libopensc/muscle-filesystem.c
    M src/libopensc/muscle-filesystem.h

  Log Message:
  -----------
  muscle-filesystem: Do not process too deep filesystem

Given test-case causes the creation of too deep filesystem,
which processing recursive leads to stack-overflow.

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54592


  Commit: f169e3f56b4e061267d188c66c7223ba12177211
      https://github.com/OpenSC/OpenSC/commit/f169e3f56b4e061267d188c66c7223ba12177211
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/libopensc/card-muscle.c

  Log Message:
  -----------
  Add error checking in muscle driver


  Commit: 5631e9843c832a99769def85b7b9b68b4e3e3959
      https://github.com/OpenSC/OpenSC/commit/5631e9843c832a99769def85b7b9b68b4e3e3959
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/profile.c

  Log Message:
  -----------
  Check length of string before making copy

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55851
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55998


  Commit: eac9f21202377cb2b34246f2920504dfbd92b139
      https://github.com/OpenSC/OpenSC/commit/eac9f21202377cb2b34246f2920504dfbd92b139
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-lib.c

  Log Message:
  -----------
  Fix file memory leak

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56736


  Commit: d0a2bdaac5dcecc905c7aad6579c46624cc0ebde
      https://github.com/OpenSC/OpenSC/commit/d0a2bdaac5dcecc905c7aad6579c46624cc0ebde
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur.c

  Log Message:
  -----------
  Check length of path

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56781


  Commit: 34f6ca6ed1cdd6eeb0faac4087634467ff604a26
      https://github.com/OpenSC/OpenSC/commit/34f6ca6ed1cdd6eeb0faac4087634467ff604a26
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M src/pkcs15init/profile.c

  Log Message:
  -----------
  Use better naming for macro-related variables


Compare: https://github.com/OpenSC/OpenSC/compare/5d3657f76b0f...34f6ca6ed1cd

[Opensc-commits] [OpenSC/OpenSC] 1b5c44: fixed implicit conversion loses integer precision

From: Frank M. <no...@gi...> - 2023-03-20 12:49:25

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 1b5c44243a9c3998ce0cb11ba973bff149b71269
      https://github.com/OpenSC/OpenSC/commit/1b5c44243a9c3998ce0cb11ba973bff149b71269
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c
    M src/pkcs11/openssl.c
    M src/pkcs11/sc-pkcs11.h

  Log Message:
  -----------
  fixed implicit conversion loses integer precision

- use pkcs#11 types in sc_pkcs11_verify_data
- this reduces the number of type conversions needed
- this fixes a possible data corruption when gost is used with a very long public key


  Commit: 54df1217c9580117c8632eb4dede9b6821b6fdd2
      https://github.com/OpenSC/OpenSC/commit/54df1217c9580117c8632eb4dede9b6821b6fdd2
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur-awp.c

  Log Message:
  -----------
  fixed typos


  Commit: 324435e3c0142f790437a7a1948707f4f004b27b
      https://github.com/OpenSC/OpenSC/commit/324435e3c0142f790437a7a1948707f4f004b27b
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M configure.ac
    M src/common/Makefile.am
    M src/common/Makefile.mak
    A src/common/compat_overflow.c
    A src/common/compat_overflow.h

  Log Message:
  -----------
  added wrappers for checked arithmetic builtins of clang/gcc


  Commit: 8786ccbc7958505d8862a08200a7787f57c8b0e8
      https://github.com/OpenSC/OpenSC/commit/8786ccbc7958505d8862a08200a7787f57c8b0e8
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed possible integer overflow


Compare: https://github.com/OpenSC/OpenSC/compare/e81726a0947a...8786ccbc7958

[Opensc-commits] [OpenSC/OpenSC] eba22f: pkcs11: Add missing attributes used by pkcs11-prov...

From: Frank M. <no...@gi...> - 2023-03-20 10:23:37

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: eba22f2135924c0471e6c408e9150ae5ddb77443
      https://github.com/OpenSC/OpenSC/commit/eba22f2135924c0471e6c408e9150ae5ddb77443
  Author: Jakub Jelen <jj...@re...>
  Date:   2023-03-20 (Mon, 20 Mar 2023)

  Changed paths:
    M src/pkcs11/pkcs11-display.c
    M src/pkcs11/pkcs11.h

  Log Message:
  -----------
  pkcs11: Add missing attributes used by pkcs11-provider


  Commit: 5d3657f76b0f0645a41bde948aa5adb6d1826995
      https://github.com/OpenSC/OpenSC/commit/5d3657f76b0f0645a41bde948aa5adb6d1826995
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-20 (Mon, 20 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur-awp.c

  Log Message:
  -----------
  fixed typos


Compare: https://github.com/OpenSC/OpenSC/compare/58a1cbd0f2cd...5d3657f76b0f

[Opensc-commits] [OpenSC/OpenSC] 930fa0: pkcs11-tool to use OpenSSL libctx

From: Doug E. <no...@gi...> - 2023-03-20 10:20:14

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 930fa0acb483e2e67fe6ff39a8c149c94e8339b2
      https://github.com/OpenSC/OpenSC/commit/930fa0acb483e2e67fe6ff39a8c149c94e8339b2
  Author: Doug Engert <dee...@gm...>
  Date:   2023-03-20 (Mon, 20 Mar 2023)

  Changed paths:
    M src/tools/pkcs11-tool.c

  Log Message:
  -----------
  pkcs11-tool to use OpenSSL libctx

This is in addition to "Introduce use of custom ossl libctx with OpenSSL >= 3.0"
https://github.com/OpenSC/OpenSC/pull/2712

pkcs11-tool uses some functions found in libopensc, but does not create a sc_context
like other OpenSC tools as the pkcs11 module can be any pkscs11 module.

There is one OpenSSL function "d2i_PUBKEY_bio" that does not have an equivalent
"d2i_PUBKEY_ex_bio" in 3.0.8.  It is listed in OpenSSL master.
See: https://github.com/openssl/openssl/pull/18427

 On branch ossl_lib_ctx-pkcs11-tool
 Changes to be committed:
	modified:   src/tools/pkcs11-tool.c


  Commit: 540f3da3db3ced6fd8586223faee27e5ca7d958c
      https://github.com/OpenSC/OpenSC/commit/540f3da3db3ced6fd8586223faee27e5ca7d958c
  Author: Doug Engert <dee...@gm...>
  Date:   2023-03-20 (Mon, 20 Mar 2023)

  Changed paths:
    M src/tools/pkcs11-tool.c

  Log Message:
  -----------
  pkcs11-tool.c comments on d2i_PUBKEY_ex_bio

Requested https://github.com/OpenSC/OpenSC/pull/2715#pullrequestreview-1310924929

 On branch ossl_lib_ctx-pkcs11-tool
 Changes to be committed:
	modified:   src/tools/pkcs11-tool.c


  Commit: 58a1cbd0f2cdc08a9d1cff6e1232441c54fdabee
      https://github.com/OpenSC/OpenSC/commit/58a1cbd0f2cdc08a9d1cff6e1232441c54fdabee
  Author: Doug Engert <dee...@gm...>
  Date:   2023-03-20 (Mon, 20 Mar 2023)

  Changed paths:
    M src/tools/pkcs11-tool.c

  Log Message:
  -----------
  pkcs11-tool.c

Address comments

 On branch ossl_lib_ctx-pkcs11-tool
 Changes to be committed:
	modified:   pkcs11-tool.c


Compare: https://github.com/OpenSC/OpenSC/compare/a97e702bb8e6...58a1cbd0f2cd

[Opensc-commits] [OpenSC/OpenSC] 73a758: added wrappers for checked arithmetic builtins of ...

From: Frank M. <no...@gi...> - 2023-03-17 13:34:42

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 73a758909fe7b897dd0dd3b7670f8748caafe97f
      https://github.com/OpenSC/OpenSC/commit/73a758909fe7b897dd0dd3b7670f8748caafe97f
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M configure.ac
    M src/common/Makefile.am
    M src/common/Makefile.mak
    A src/common/compat_overflow.c
    A src/common/compat_overflow.h

  Log Message:
  -----------
  added wrappers for checked arithmetic builtins of clang/gcc


  Commit: e81726a0947a6103d47a3121115a2a24bca07345
      https://github.com/OpenSC/OpenSC/commit/e81726a0947a6103d47a3121115a2a24bca07345
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed possible integer overflow


Compare: https://github.com/OpenSC/OpenSC/compare/0c7db5e6d7d9...e81726a0947a

[Opensc-commits] [OpenSC/OpenSC] 765cad: added wrappers for checked arithmetic builtins of ...

From: Frank M. <no...@gi...> - 2023-03-17 11:17:23

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 765cad545f31945af541b2b9cf0524e0f0cd2a43
      https://github.com/OpenSC/OpenSC/commit/765cad545f31945af541b2b9cf0524e0f0cd2a43
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M configure.ac
    M src/common/Makefile.am
    M src/common/Makefile.mak
    A src/common/compat_overflow.c
    A src/common/compat_overflow.h

  Log Message:
  -----------
  added wrappers for checked arithmetic builtins of clang/gcc


  Commit: 0c7db5e6d7d95517549683e81a6ed4eb8c9cf530
      https://github.com/OpenSC/OpenSC/commit/0c7db5e6d7d95517549683e81a6ed4eb8c9cf530
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed possible integer overflow


Compare: https://github.com/OpenSC/OpenSC/compare/fef02e994493...0c7db5e6d7d9

[Opensc-commits] [OpenSC/OpenSC] 8f37f4: use proper define for PSS salt length auto detection

From: Frank M. <no...@gi...> - 2023-03-17 10:33:20

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 8f37f47df6877731862eac319496d5372e8cd80b
      https://github.com/OpenSC/OpenSC/commit/8f37f47df6877731862eac319496d5372e8cd80b
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/openssl.c

  Log Message:
  -----------
  use proper define for PSS salt length auto detection


  Commit: 54ba2d5de9706b7946d9d8ebbeb7b35644ac98c8
      https://github.com/OpenSC/OpenSC/commit/54ba2d5de9706b7946d9d8ebbeb7b35644ac98c8
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c
    M src/pkcs11/openssl.c
    M src/pkcs11/sc-pkcs11.h

  Log Message:
  -----------
  fixed implicit conversion loses integer precision

- use pkcs#11 types in sc_pkcs11_verify_data
- this reduces the number of type conversions needed
- this fixes a possible data corruption when gost is used with a very long public key


  Commit: 5fc6d9de0ce6e50632c0b1e666f32e5a5ff71667
      https://github.com/OpenSC/OpenSC/commit/5fc6d9de0ce6e50632c0b1e666f32e5a5ff71667
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur-awp.c

  Log Message:
  -----------
  fixed typos


  Commit: b09c843251cb20d9043fbbab6fa9ee7ab219315f
      https://github.com/OpenSC/OpenSC/commit/b09c843251cb20d9043fbbab6fa9ee7ab219315f
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/common/compat_getpass.h
    M src/common/simclist.h

  Log Message:
  -----------
  added missing include of config.h


  Commit: af7ae75b568362d69e0ec8d9de75436aca642c72
      https://github.com/OpenSC/OpenSC/commit/af7ae75b568362d69e0ec8d9de75436aca642c72
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M configure.ac
    M src/common/Makefile.am
    M src/common/Makefile.mak
    A src/common/compat_overflow.c
    A src/common/compat_overflow.h

  Log Message:
  -----------
  added wrappers for checked arithmetic builtins of clang/gcc


  Commit: fef02e994493aff8da106e66181eb163a37c0b16
      https://github.com/OpenSC/OpenSC/commit/fef02e994493aff8da106e66181eb163a37c0b16
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-17 (Fri, 17 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed possible integer overflow


Compare: https://github.com/OpenSC/OpenSC/compare/e82c1c59e1a2...fef02e994493

[Opensc-commits] [OpenSC/OpenSC] f4c9ef: fixed implicit conversion loses integer precision

From: Frank M. <no...@gi...> - 2023-03-14 11:34:57

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: f4c9ef0c37c137e23408b1064c042a6386f3de78
      https://github.com/OpenSC/OpenSC/commit/f4c9ef0c37c137e23408b1064c042a6386f3de78
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-14 (Tue, 14 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c
    M src/pkcs11/openssl.c
    M src/pkcs11/sc-pkcs11.h

  Log Message:
  -----------
  fixed implicit conversion loses integer precision


  Commit: e82c1c59e1a22a2bb6db32b47f5d35a673ecf6d4
      https://github.com/OpenSC/OpenSC/commit/e82c1c59e1a22a2bb6db32b47f5d35a673ecf6d4
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-14 (Tue, 14 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur-awp.c

  Log Message:
  -----------
  fixed typos


Compare: https://github.com/OpenSC/OpenSC/compare/b8da6be76eb3...e82c1c59e1a2

[Opensc-commits] [OpenSC/OpenSC] a97e70: sm-eac: mark cryptographic mechanism field as opti...

From: Frank M. <no...@gi...> - 2023-03-09 13:51:39

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: a97e702bb8e66b4f5b6230b9962b7d36869237bc
      https://github.com/OpenSC/OpenSC/commit/a97e702bb8e66b4f5b6230b9962b7d36869237bc
  Author: Marco Hünseler <mar...@h-...>
  Date:   2023-03-09 (Thu, 09 Mar 2023)

  Changed paths:
    M src/sm/sm-eac.c

  Log Message:
  -----------
  sm-eac: mark cryptographic mechanism field as optional and fix asn.1 encode error in encode_mse_cdata during terminal authentication. Fixes #2726

[Opensc-commits] [OpenSC/OpenSC] b8da6b: fixed typos

From: Frank M. <no...@gi...> - 2023-03-09 13:41:45

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: b8da6be76eb3b1e1e41a12e90a8fc204b0c0ebb9
      https://github.com/OpenSC/OpenSC/commit/b8da6be76eb3b1e1e41a12e90a8fc204b0c0ebb9
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-09 (Thu, 09 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-oberthur-awp.c

  Log Message:
  -----------
  fixed typos

[Opensc-commits] [OpenSC/OpenSC] 4281b6: use proper define for PSS salt length auto detection

From: Frank M. <no...@gi...> - 2023-03-09 13:36:21

  Branch: refs/heads/openssl
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 4281b681c451a141b8fc5ee043084778f2e11e26
      https://github.com/OpenSC/OpenSC/commit/4281b681c451a141b8fc5ee043084778f2e11e26
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/pkcs11/openssl.c

  Log Message:
  -----------
  use proper define for PSS salt length auto detection


  Commit: 53618512b65f7f942d141856db7a6eb966631486
      https://github.com/OpenSC/OpenSC/commit/53618512b65f7f942d141856db7a6eb966631486
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/pkcs11/openssl.c

  Log Message:
  -----------
  fixed implicit conversion loses integer precision


  Commit: 99186af7528894e7e773d903c4a53c41299cb879
      https://github.com/OpenSC/OpenSC/commit/99186af7528894e7e773d903c4a53c41299cb879
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-09 (Thu, 09 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c

  Log Message:
  -----------
  fixed implicit conversion loses integer precision


  Commit: 6fdcfccea157caf89d79b0d052a7431e5479f3c4
      https://github.com/OpenSC/OpenSC/commit/6fdcfccea157caf89d79b0d052a7431e5479f3c4
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-09 (Thu, 09 Mar 2023)

  Changed paths:
    M src/pkcs11/mechanism.c
    M src/pkcs11/sc-pkcs11.h

  Log Message:
  -----------
  fixed implicit conversion loses integer precision


Compare: https://github.com/OpenSC/OpenSC/compare/4281b681c451%5E...6fdcfccea157

[Opensc-commits] [OpenSC/OpenSC] 7aa06c: epass2003: Invalid APDU fix

From: Peter P. <no...@gi...> - 2023-03-08 15:05:14

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 7aa06c15c2e977ad0df834245b14ca2c4c90c9bc
      https://github.com/OpenSC/OpenSC/commit/7aa06c15c2e977ad0df834245b14ca2c4c90c9bc
  Author: Peter Popovec <pop...@gm...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-epass2003.c

  Log Message:
  -----------
  epass2003: Invalid APDU fix

If sc_transmit_apdu_t() needs to retransmit the APDU, the response buffer
size must be refreshed.

Fixes #2705

[Opensc-commits] [OpenSC/OpenSC] 37045a: fix OpenSSL library detection if pkgconfig not found

From: Claus S. <no...@gi...> - 2023-03-08 15:03:37

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 37045afc6dd7cf9f98ca056acfca972e2be5c2e7
      https://github.com/OpenSC/OpenSC/commit/37045afc6dd7cf9f98ca056acfca972e2be5c2e7
  Author: Claus Steuer <cla...@sw...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M configure.ac

  Log Message:
  -----------
  fix OpenSSL library detection if pkgconfig not found

If pkg-config fails to find OpenSSL, autoconf tries to check for
the presence of the RSA_version symbol in the libcrypto library.
However, it turns out that RSA_version was never actually part of OpenSSL,
so this check will always fail.
To fix this issue, autoconf can search for the RSA_get_version symbol instead,
which should be present in OpenSSL since version 1.1.1

[Opensc-commits] [OpenSC/OpenSC] 498576: Add support to initialize custom OpenSSL context

From: Simo S. <no...@gi...> - 2023-03-08 10:13:23

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 4985762eaff529afcb4f7ac8e85e0d9f8c4d2ffb
      https://github.com/OpenSC/OpenSC/commit/4985762eaff529afcb4f7ac8e85e0d9f8c4d2ffb
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/ctx.c
    M src/libopensc/opensc.h
    M src/libopensc/sc-ossl-compat.h

  Log Message:
  -----------
  Add support to initialize custom OpenSSL context

Add an openssl custom libcontext to sc_context_t and intitalize it if we
are using OpenSSL 3.0+

Signed-off-by: Simo Sorce <si...@re...>


  Commit: df81788d3bbaa179c577c21b335cf1f06bc1da78
      https://github.com/OpenSC/OpenSC/commit/df81788d3bbaa179c577c21b335cf1f06bc1da78
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/sc-ossl-compat.h
    M src/pkcs11/openssl.c

  Log Message:
  -----------
  Convert pkcs11/openssl.c to use the custom osslctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 0d34432a9150491c1d3fe9c9bcb0029e2ac59f59
      https://github.com/OpenSC/OpenSC/commit/0d34432a9150491c1d3fe9c9bcb0029e2ac59f59
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/ctx.c
    M src/libopensc/sc-ossl-compat.h

  Log Message:
  -----------
  Load also the legacy provider

This is not ideal, but some of the code uses legacy algorithms that are
not available without this provider.

The code that depends on those legacy algorithms will fail if the legacy
provider is not available (which is a legitimate choice by the admin and/or
system integrator). Therefore we just report an error but do not fail
initialization if the legacy provider is not available.

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 30fad6e1243f7442bda9a0326515624fc90a0cf7
      https://github.com/OpenSC/OpenSC/commit/30fad6e1243f7442bda9a0326515624fc90a0cf7
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/sc-ossl-compat.h

  Log Message:
  -----------
  Add wrappers for EVP_CIPHERs

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 4b793c3ca055f3d05c2044e5e87fd880287f5f1d
      https://github.com/OpenSC/OpenSC/commit/4b793c3ca055f3d05c2044e5e87fd880287f5f1d
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-entersafe.c

  Log Message:
  -----------
  Convert card entersafe to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 870b47fb22fd4fa720b6feb6c83854f3aeb66ff3
      https://github.com/OpenSC/OpenSC/commit/870b47fb22fd4fa720b6feb6c83854f3aeb66ff3
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-epass2003.c

  Log Message:
  -----------
  Convert card epass2003 to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 84a3552fef90b87bc20366b6bdf04618123b7586
      https://github.com/OpenSC/OpenSC/commit/84a3552fef90b87bc20366b6bdf04618123b7586
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-authentic.c
    M src/libopensc/cwa14890.c

  Log Message:
  -----------
  Remove call to load legacy provider from cwa14890

Library code should *never* arbitrarily load the legacy provider in the
default application context. It may literally break or make an
application vulnerable by sneaking in unexpected algorithms.

This is not needed anymore given we will use an opensc specific context
that will not affect the rest of the application (or other libraries).

Signed-off-by: Simo Sorce <si...@re...>


  Commit: d5029d41e0dee3e84ed5ac70f5cc7759f696c9f1
      https://github.com/OpenSC/OpenSC/commit/d5029d41e0dee3e84ed5ac70f5cc7759f696c9f1
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/cwa-dnie.c
    M src/libopensc/cwa14890.c

  Log Message:
  -----------
  Convert card cwa14890 to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 23c71da7647d84a6e28ea836ada9c05646cb30de
      https://github.com/OpenSC/OpenSC/commit/23c71da7647d84a6e28ea836ada9c05646cb30de
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-gids.c

  Log Message:
  -----------
  Convert card GIDS to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 48e92e467bd52e0d520f854b39c50471e5b5cd7b
      https://github.com/OpenSC/OpenSC/commit/48e92e467bd52e0d520f854b39c50471e5b5cd7b
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-gpk.c

  Log Message:
  -----------
  Convert card GPK to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 2de1a7171171c960528e419e7dc754b75a00c545
      https://github.com/OpenSC/OpenSC/commit/2de1a7171171c960528e419e7dc754b75a00c545
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-iasecc.c

  Log Message:
  -----------
  Convert card IASECC to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 410b9b4c451f8b360468b921faa5a186f62c3dea
      https://github.com/OpenSC/OpenSC/commit/410b9b4c451f8b360468b921faa5a186f62c3dea
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-oberthur.c

  Log Message:
  -----------
  Convert card oberthur to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: bbb53979a57b1ec384806a499f54e3ad79c2be44
      https://github.com/OpenSC/OpenSC/commit/bbb53979a57b1ec384806a499f54e3ad79c2be44
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-piv.c

  Log Message:
  -----------
  Convert card PIV to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 264b23aff5b01acebe9627dff4468fa42eb5a825
      https://github.com/OpenSC/OpenSC/commit/264b23aff5b01acebe9627dff4468fa42eb5a825
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/card-westcos.c

  Log Message:
  -----------
  Convert card westcos to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: fceeca13e9fb811896648456d44ef9c5d1c7ffcd
      https://github.com/OpenSC/OpenSC/commit/fceeca13e9fb811896648456d44ef9c5d1c7ffcd
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/libopensc/padding.c

  Log Message:
  -----------
  Convert padding.c to use openssllibctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 75dc92a57d53268fe6b549e840a3e278ad7bf03e
      https://github.com/OpenSC/OpenSC/commit/75dc92a57d53268fe6b549e840a3e278ad7bf03e
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-westcos.c

  Log Message:
  -----------
  Convert pkcs15-westcos.c to use OpenSSL libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: a931d8835f0ddc1f2aba31421e9274f4c347d525
      https://github.com/OpenSC/OpenSC/commit/a931d8835f0ddc1f2aba31421e9274f4c347d525
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/sm/sm-common.c

  Log Message:
  -----------
  Remove call to load legacy provider from libsm

Library code should *never* arbitrarily load the legacy provider in the
default application context. It may literally break or make an
application vulnerable by sneaking in unexpected algorithms.

This is not needed anymore given we will use an opensc specific context
that will not affect the rest of the application (or other libraries).

Signed-off-by: Simo Sorce <si...@re...>


  Commit: 3934f6febc5b951b0b4d1f804c9ba22ec4f84ef7
      https://github.com/OpenSC/OpenSC/commit/3934f6febc5b951b0b4d1f804c9ba22ec4f84ef7
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/sm/sm-common.c
    M src/sm/sm-common.h
    M src/smm/sm-card-authentic.c
    M src/smm/sm-cwa14890.c
    M src/smm/sm-global-platform.c
    M src/smm/sm-module.h
    M src/tests/unittests/sm.c

  Log Message:
  -----------
  Convert libsm to use openssl libctx

Signed-off-by: Simo Sorce <si...@re...>


  Commit: fe58e93d6d55537649e687ccc4cbf5f13e2af92d
      https://github.com/OpenSC/OpenSC/commit/fe58e93d6d55537649e687ccc4cbf5f13e2af92d
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/pkcs11/pkcs11-global.c

  Log Message:
  -----------
  Protect from nested initializations

If a library used by the module itself tries, somehow to also
initializae the module, return a hard error. Nested Initializations are
not permitted.

Signed-off-by: Simo Sorce <si...@re...>


  Commit: b09e371906f49a40b7886b440cb3b937094fd8b4
      https://github.com/OpenSC/OpenSC/commit/b09e371906f49a40b7886b440cb3b937094fd8b4
  Author: Simo Sorce <si...@re...>
  Date:   2023-03-08 (Wed, 08 Mar 2023)

  Changed paths:
    M src/pkcs11/pkcs11-global.c

  Log Message:
  -----------
  Add thread locking protection for nesting check

Signed-off-by: Simo Sorce <si...@re...>


Compare: https://github.com/OpenSC/OpenSC/compare/bdb89174cd54...b09e371906f4

[Opensc-commits] [OpenSC/pam_pkcs11] f526e2: Merge pull request #26 from gkloepfer/master

From: Paul W. <no...@gi...> - 2023-03-06 12:58:20

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/pam_pkcs11
  Commit: f526e27a10e3661faf111f56b4f85d6992bb00e0
      https://github.com/OpenSC/pam_pkcs11/commit/f526e27a10e3661faf111f56b4f85d6992bb00e0
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2018-08-20 (Mon, 20 Aug 2018)

  Changed paths:
    M src/common/cert_vfy.c
    M src/common/uri.c

  Log Message:
  -----------
  Merge pull request #26 from gkloepfer/master

Fixed segfault and fetch problems when checking CRLs


  Commit: 85bd663909027a21f4e804931e3b2c105d4c9a33
      https://github.com/OpenSC/pam_pkcs11/commit/85bd663909027a21f4e804931e3b2c105d4c9a33
  Author: Frank Morgner <fra...@gm...>
  Date:   2018-08-27 (Mon, 27 Aug 2018)

  Changed paths:
    M README.md

  Log Message:
  -----------
  Update README.md

- project is maintained
- as wiki is empty, we use its main description (converted to MD) here


  Commit: 24987f09a729dbb4c12450de084b1343ac20b54c
      https://github.com/OpenSC/pam_pkcs11/commit/24987f09a729dbb4c12450de084b1343ac20b54c
  Author: Frank Morgner <fra...@gm...>
  Date:   2018-08-27 (Mon, 27 Aug 2018)

  Changed paths:
    M README.md

  Log Message:
  -----------
  README.md: removed license section

... we have a COPYING file anyway

fixes some formatting


  Commit: 81e4d4be87253d04fe960f3c9c3caae191bbb946
      https://github.com/OpenSC/pam_pkcs11/commit/81e4d4be87253d04fe960f3c9c3caae191bbb946
  Author: Paul Wolneykien <ma...@al...>
  Date:   2018-09-11 (Tue, 11 Sep 2018)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fixed extra "0" argument passed to `cleanse()`


  Commit: 4250344e6694b918848f1064e5bf1341794caeff
      https://github.com/OpenSC/pam_pkcs11/commit/4250344e6694b918848f1064e5bf1341794caeff
  Author: Paul Wolneykien <ma...@al...>
  Date:   2018-09-12 (Wed, 12 Sep 2018)

  Changed paths:
    M ChangeLog
    M NEWS
    M README
    M configure.ac

  Log Message:
  -----------
  0.6.10

- Fixed some security issues (thx @frankmorgner):
  (https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/)
  -- fixed buffer overflow with long home directory;
  -- fixed wiping secrets (now using OpenSSL_cleanse());
  -- verify using a nonce from the system, not the card.


  Commit: ebf11498a47834bb3f63f95959fbd16e70f6878e
      https://github.com/OpenSC/pam_pkcs11/commit/ebf11498a47834bb3f63f95959fbd16e70f6878e
  Author: Andrea Scarpino <me...@an...>
  Date:   2018-12-04 (Tue, 04 Dec 2018)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Support openssl 1.1.0


  Commit: 367dd22f5580339b0aef510cd2e162b8a527529b
      https://github.com/OpenSC/pam_pkcs11/commit/367dd22f5580339b0aef510cd2e162b8a527529b
  Author: alexandr nedvedicky - Sun Microsystems - Prague Czech Republic <ale...@or...>
  Date:   2019-01-23 (Wed, 23 Jan 2019)

  Changed paths:
    M doc/Makefile.am

  Log Message:
  -----------
  - Solaris runs build process outside of srcdir

this small tweak makes our life easier and should not harm other
pam_pkcs11 users.

Our build process generates makefiles and objects in dedicated
build directory. without this patch it fails with error as follows:

xsltproc \
--stringparam  section.autolabel 1 \
--stringparam  section.label.includes.component.label 1 \
-o pam_pkcs11.html pam_pkcs11.xsl /scratch/sashan/userland/components/pam_pkcs11/pam_pkcs11-0.6.10/doc/pam_pkcs11.xml
warning: failed to load external entity "pam_pkcs11.xsl"
cannot parse pam_pkcs11.xsl
make[3]: *** [Makefile:644: pam_pkcs11.html] Error 4
make[3]: Leaving directory '/scratch/sashan/userland/components/pam_pkcs11/build/i86/doc'
make[2]: *** [Makefile:464: all-recursive] Error 1
make[2]: Leaving directory '/scratch/sashan/userland/components/pam_pkcs11/build/i86'
make[1]: *** [Makefile:396: all] Error 2

change in this pull request makes my build happy.


  Commit: d89237dbd858b0441a31b6a98ce92d0ee13e6385
      https://github.com/OpenSC/pam_pkcs11/commit/d89237dbd858b0441a31b6a98ce92d0ee13e6385
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-16 (Thu, 16 May 2019)

  Changed paths:
    M src/common/debug.c

  Log Message:
  -----------
  Use green instead of blue for log lines

Blue text on black background is unreadable. This is the case for login
on the console.
Green text is readable on a black background and also a white
background.


  Commit: 00c9684b37304be6797f8a267df10f6680971d0c
      https://github.com/OpenSC/pam_pkcs11/commit/00c9684b37304be6797f8a267df10f6680971d0c
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M doc/Makefile.am

  Log Message:
  -----------
  Merge pull request #34 from Sashan/doc-build

- Solaris runs build process outside of srcdir


  Commit: 64ad8e2f86802bdfc46eb306f94bf40b12e2bc9a
      https://github.com/OpenSC/pam_pkcs11/commit/64ad8e2f86802bdfc46eb306f94bf40b12e2bc9a
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Merge pull request #32 from ilpianista/openssl-110

Support openssl 1.1.0


  Commit: d712ac3d52ef92efff93620d796ffb20b9a7d74d
      https://github.com/OpenSC/pam_pkcs11/commit/d712ac3d52ef92efff93620d796ffb20b9a7d74d
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/tools/card_eventmgr.c

  Log Message:
  -----------
  Fix compiler warning

card_eventmgr.c: In function ‘main’:
card_eventmgr.c:336:8: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 5 has type ‘pid_t’ {aka ‘int’} [-Wformat=]
   DBG1("Killing process: %ld", pid);
        ^~~~~~~~~~~~~~~~~~~~~~  ~~~


  Commit: db0d957310e3d26d7a59af2c1f823cca00d3697b
      https://github.com/OpenSC/pam_pkcs11/commit/db0d957310e3d26d7a59af2c1f823cca00d3697b
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix potential buffer overflow by 1

pam_pkcs11.c:753:34: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
     "PKCS11_LOGIN_TOKEN_NAME=%.*s",
                                  ^
pam_pkcs11.c:752:3: note: ‘snprintf’ output between 25 and 256 bytes into a destination of size 255
   snprintf(env_temp, sizeof(env_temp) - 1,
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     "PKCS11_LOGIN_TOKEN_NAME=%.*s",
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     (int)((sizeof(env_temp) - 1) - strlen("PKCS11_LOGIN_TOKEN_NAME=")),
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     get_slot_tokenlabel(ph));
     ~~~~~~~~~~~~~~~~~~~~~~~~
pam_pkcs11.c:770:35: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
     "PKCS11_LOGIN_CERT_ISSUER=%.*s",
                                   ^
pam_pkcs11.c:769:5: note: ‘snprintf’ output between 26 and 256 bytes into a destination of size 255
     snprintf(env_temp, sizeof(env_temp) - 1,
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     "PKCS11_LOGIN_CERT_ISSUER=%.*s",
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     (int)((sizeof(env_temp) - 1) - strlen("PKCS11_LOGIN_CERT_ISSUER=")),
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     issuer[0]);
     ~~~~~~~~~~
pam_pkcs11.c:792:35: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
     "PKCS11_LOGIN_CERT_SERIAL=%.*s",
                                   ^
pam_pkcs11.c:791:5: note: ‘snprintf’ output between 26 and 256 bytes into a destination of size 255
     snprintf(env_temp, sizeof(env_temp) - 1,
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     "PKCS11_LOGIN_CERT_SERIAL=%.*s",
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     (int)((sizeof(env_temp) - 1) - strlen("PKCS11_LOGIN_CERT_SERIAL=")),
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     serial[0]);
     ~~~~~~~~~~


  Commit: 8b426b6364e3650a3c1b09000d05f1fb527d6525
      https://github.com/OpenSC/pam_pkcs11/commit/8b426b6364e3650a3c1b09000d05f1fb527d6525
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/pam-pkcs11-ossl-compat.h
    M src/mappers/openssh_mapper.c

  Log Message:
  -----------
  Fix openssh_mapper_match_keys() for OpenSSL 1.0 & 1.1

The code was incorrect since the addition of OpenSSL 1.1 support in
release 0.6.10.


  Commit: b86eee946bcd6808cf0f9df38ad7f2107cb67ae2
      https://github.com/OpenSC/pam_pkcs11/commit/b86eee946bcd6808cf0f9df38ad7f2107cb67ae2
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/mappers/mail_mapper.c

  Log Message:
  -----------
  Fix compiler warning

mail_mapper.c: In function ‘compare_email’:
mail_mapper.c:100:27: warning: comparison of integer expressions of different signedness: ‘long int’ and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare]
     return (at - c_email) == strlen(c_user) && !strncmp(c_email, c_user, strlen(c_user));
                           ^~


  Commit: e251dcb3317089fe1ad6fd716647f0181f7fccc4
      https://github.com/OpenSC/pam_pkcs11/commit/e251dcb3317089fe1ad6fd716647f0181f7fccc4
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/mappers/ldap_mapper.c

  Log Message:
  -----------
  Fix compiler warning

ldap_mapper.c:844:33: warning: pointer targets in passing argument 1 of ‘ldap_encode_escapes’ differ in signedness [-Wpointer-sign]
   escaped = ldap_encode_escapes(login, strlen(login));
                                 ^~~~~
ldap_mapper.c:622:1: note: expected ‘const unsigned char *’ but argument is of type ‘const char *’
 ldap_encode_escapes(const unsigned char *binary, size_t length)
 ^~~~~~~~~~~~~~~~~~~


  Commit: 03cbe348ea7b38faa5fcd7ff4417619b633c902c
      https://github.com/OpenSC/pam_pkcs11/commit/03cbe348ea7b38faa5fcd7ff4417619b633c902c
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/mappers/ldap_mapper.c

  Log Message:
  -----------
  Fix compiler warning

ldap_mapper.c: In function ‘ldap_build_filter’:
ldap_mapper.c:836:31: warning: declaration of ‘filter’ shadows a global declaration [-Wshadow]
 ldap_build_filter(const char *filter, const char *login, const char *map,
                   ~~~~~~~~~~~~^~~~~~
ldap_mapper.c:107:20: note: shadowed declaration is here
 static const char *filter="(&(objectClass=posixAccount)(uid=%s)";
                    ^~~~~~


  Commit: 754c37edf8b1e0afc0d995a92f2551b7adcd5f20
      https://github.com/OpenSC/pam_pkcs11/commit/754c37edf8b1e0afc0d995a92f2551b7adcd5f20
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/scconf/parse.c

  Log Message:
  -----------
  Fix compiler warning

parse.c: In function ‘scconf_parse’:
parse.c:389:3: warning: ‘strncpy’ output may be truncated copying 255 bytes from a string of length 255 [-Wstringop-truncation]
   strncpy(buffer, p.emesg, sizeof(buffer)-1);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
parse.c: In function ‘scconf_parse_string’:
parse.c:416:3: warning: ‘strncpy’ output may be truncated copying 255 bytes from a string of length 255 [-Wstringop-truncation]
   strncpy(buffer, p.emesg, sizeof(buffer)-1);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  Commit: 86d9a8107ae16ff505f25fc3203153adcf50b8e9
      https://github.com/OpenSC/pam_pkcs11/commit/86d9a8107ae16ff505f25fc3203153adcf50b8e9
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/strings.c

  Log Message:
  -----------
  Fix compiler warning and optimize speed

memcpy() should be faster than strncpy().

./strings.h: In function ‘clone_str’:
strings.c:53:2: warning: ‘strncpy’ output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
  strncpy(dst,str,len);
  ^~~~~~~~~~~~~~~~~~~~
strings.c:50:14: note: length computed here
  size_t len= strlen(str);
              ^~~~~~~~~~~


  Commit: f6b4365520781ccd12b97ce0af096ab42d986757
      https://github.com/OpenSC/pam_pkcs11/commit/f6b4365520781ccd12b97ce0af096ab42d986757
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/strings.c

  Log Message:
  -----------
  Fix compiler warning

The function split_static() is not used anywhere in the code.
I could have removed the code but maybe some external mapper are using it?

strings.c:158:9: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
         strncpy(dst,str,1+strlen(str));
         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
strings.c:158:27: note: length computed here
         strncpy(dst,str,1+strlen(str));
                           ^~~~~~~~~~~


  Commit: f64d27a7796b9fc721704fd3f225eeb95cb22aa3
      https://github.com/OpenSC/pam_pkcs11/commit/f64d27a7796b9fc721704fd3f225eeb95cb22aa3
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix compiler warning

pkcs11_lib.c: In function ‘refresh_slots’:
pkcs11_lib.c:1111:11: warning: declaration of ‘rv’ shadows a previous local [-Wshadow]
     CK_RV rv;
           ^~
pkcs11_lib.c:1056:9: note: shadowed declaration is here
   CK_RV rv;
         ^~


  Commit: 03150494e6ac246c1bcf70f7cdf65875aca03284
      https://github.com/OpenSC/pam_pkcs11/commit/03150494e6ac246c1bcf70f7cdf65875aca03284
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix compiler warning

pkcs11_lib.c: In function ‘init_pkcs11_module’:
pkcs11_lib.c:1148:12: warning: unused variable ‘i’ [-Wunused-variable]
   CK_ULONG i;
            ^


  Commit: dce544ead7730a9540ec8964141cdeb92ecb5837
      https://github.com/OpenSC/pam_pkcs11/commit/dce544ead7730a9540ec8964141cdeb92ecb5837
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/mappers/null_mapper.c

  Log Message:
  -----------
  Fix compiler warning

null_mapper.c: In function ‘mapper_match_user’:
mapper.h:206:6: warning: declaration of ‘match’ shadows a global declaration [-Wshadow]
  int match = 0;       \
      ^~~~~
null_mapper.c:60:1: note: in expansion of macro ‘_DEFAULT_MAPPER_MATCH_USER’
 _DEFAULT_MAPPER_MATCH_USER
 ^~~~~~~~~~~~~~~~~~~~~~~~~~
null_mapper.c:43:12: note: shadowed declaration is here
 static int match=0;
            ^~~~~


  Commit: 269d6c9acaeee2bd23fa7e4a099c9b6e141bce0e
      https://github.com/OpenSC/pam_pkcs11/commit/269d6c9acaeee2bd23fa7e4a099c9b6e141bce0e
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/mappers/openssh_mapper.c

  Log Message:
  -----------
  Fix compiler warning

openssh_mapper.c: In function ‘openssh_mapper_match_keys’:
openssh_mapper.c:297:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
                 authrsa_e = RSA_get0_e(authrsa);
                           ^
openssh_mapper.c:298:23: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
                 rsa_e = RSA_get0_e(rsa);
                       ^
openssh_mapper.c:301:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
                 authrsa_n = RSA_get0_n(authrsa);
                           ^
openssh_mapper.c:302:23: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
                 rsa_n = RSA_get0_n(rsa);
                       ^


  Commit: e9d0c4ed016cc774ff1ed07f5be4c822b2ef4f2e
      https://github.com/OpenSC/pam_pkcs11/commit/e9d0c4ed016cc774ff1ed07f5be4c822b2ef4f2e
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/cert_info.c

  Log Message:
  -----------
  Fix 64-bit pkcs11_inspect(1) fails on SPARC with a SIBGUS due to misaligned access

A cast has been added in fa5b394b0523fd9254ddc2a8dea7a984699bceac (in
2005) and the problem was hidden.

It was the wrong solution to fix a compiler warning.

Fixes https://github.com/OpenSC/pam_pkcs11/issues/28


  Commit: 751eed9b5d6c96760798cb6399f43771b1d66b4d
      https://github.com/OpenSC/pam_pkcs11/commit/751eed9b5d6c96760798cb6399f43771b1d66b4d
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Get the key type from the private key

This will allow to add support of non-RSA keys.

Thanks to sovaeta for the patch
https://github.com/OpenSC/pam_pkcs11/issues/23


  Commit: 4a89cf3dc481425bfb9e31f91039afc5bd30c0e5
      https://github.com/OpenSC/pam_pkcs11/commit/4a89cf3dc481425bfb9e31f91039afc5bd30c0e5
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/cert_vfy.c
    M src/common/cert_vfy.h
    M src/common/pam-pkcs11-ossl-compat.h
    M src/common/pkcs11_lib.c
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Add support of ECDSA signature in addition to RSA

Thanks to sovaeta got the patch
https://github.com/OpenSC/pam_pkcs11/issues/23


  Commit: a78af08b2471323faac83d38f1f449933e97ed78
      https://github.com/OpenSC/pam_pkcs11/commit/a78af08b2471323faac83d38f1f449933e97ed78
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-17 (Fri, 17 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix signature length computation

The correct length to use is returned by C_Sign() so no need to manually
increase the signature length.

Thanks to sovaeta for the patch
https://github.com/OpenSC/pam_pkcs11/issues/23


  Commit: bc95a748470d84ff443c9d81292d40c1676fb080
      https://github.com/OpenSC/pam_pkcs11/commit/bc95a748470d84ff443c9d81292d40c1676fb080
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-19 (Sun, 19 May 2019)

  Changed paths:
    M README.md

  Log Message:
  -----------
  Do not use a specific version in README.md


  Commit: 04f8b09080d7f48ec5ecd91a3d549aa134e016c4
      https://github.com/OpenSC/pam_pkcs11/commit/04f8b09080d7f48ec5ecd91a3d549aa134e016c4
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fix support of NSS after ECDSA addition

Fix compiler error:
cert_vfy.c: At top level:
cert_vfy.c:44:5: error: conflicting types for ‘verify_signature’
 int verify_signature(X509 * x509, unsigned char *data, int data_length,
     ^~~~~~~~~~~~~~~~
In file included from cert_vfy.c:18:0:
cert_vfy.h:81:20: note: previous declaration of ‘verify_signature’ was here
 CERTVFY_EXTERN int verify_signature(X509 * x509, unsigned char *data, int data_length, unsigned char **signature, int *signature_length);
                    ^~~~~~~~~~~~~~~~


  Commit: f4a9ac19b069789a5b2f4f7e674690d0f0a50686
      https://github.com/OpenSC/pam_pkcs11/commit/f4a9ac19b069789a5b2f4f7e674690d0f0a50686
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/cert_vfy.c
    M src/common/cert_vfy.h

  Log Message:
  -----------
  Fix verify_signature() API

Fix compiler warning:
pam_pkcs11.c:729:62: warning: passing argument 5 of ‘verify_signature’ from incompatible pointer type [-Wincompatible-pointer-types]
              random_value, sizeof(random_value), &signature, &signature_length);
                                                              ^
In file included from pam_pkcs11.c:45:0:
../common/cert_vfy.h:81:20: note: expected ‘int *’ but argument is of type ‘long unsigned int *’
 CERTVFY_EXTERN int verify_signature(X509 * x509, unsigned char *data, int data_length, unsigned char **signature, int *signature_length);
                    ^~~~~~~~~~~~~~~~


  Commit: 2d860c0e91fb99a3ceb600673c34fa0824f5500a
      https://github.com/OpenSC/pam_pkcs11/commit/2d860c0e91fb99a3ceb600673c34fa0824f5500a
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/tools/pkcs11_eventmgr.c

  Log Message:
  -----------
  Fix DBG1() use

pkcs11_eventmgr.c: In function ‘main’:
pkcs11_eventmgr.c:482:9: warning: too many arguments for format [-Wformat-extra-args]
    DBG1("Malloc failed when allocating module spec",
         ^
../common/debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^
pkcs11_eventmgr.c:510:26: warning: statement with no effect [-Wunused-value]
   for (; modList; modList->next)
                   ~~~~~~~^~~~~~
In file included from pkcs11_eventmgr.c:33:0:
pkcs11_eventmgr.c:531:9: warning: too many arguments for format [-Wformat-extra-args]
    DBG1("Error in daemon() call", strerror(errno));
         ^
../common/debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^


  Commit: 2ce043bcbf9a4a083fec7c00da0c21fabca9a9d0
      https://github.com/OpenSC/pam_pkcs11/commit/2ce043bcbf9a4a083fec7c00da0c21fabca9a9d0
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix DBG2() use

In file included from pkcs11_lib.c:31:0:
pkcs11_lib.c: In function ‘find_module_by_library’:
pkcs11_lib.c:265:10: warning: format ‘%x’ expects argument of type ‘unsigned int’, but argument 5 has type ‘SECMODModuleList * {aka struct SECMODModuleListStr *}’ [-Wformat=]
     DBG2("modList = 0x%x next = 0x%x\n", modList, modList->next);
          ^
debug.h:56:56: note: in definition of macro ‘DBG2’
 #define DBG2(f,a,b) debug_print(1, __FILE__, __LINE__, f , a , b )
                                                        ^
pkcs11_lib.c:265:10: warning: format ‘%x’ expects argument of type ‘unsigned int’, but argument 6 has type ‘SECMODModuleList * {aka struct SECMODModuleListStr *}’ [-Wformat=]
     DBG2("modList = 0x%x next = 0x%x\n", modList, modList->next);
          ^
debug.h:56:56: note: in definition of macro ‘DBG2’
 #define DBG2(f,a,b) debug_print(1, __FILE__, __LINE__, f , a , b )
                                                        ^


  Commit: d853d94dc2cf02eb4d75d9bf23122e0d3f7a52c7
      https://github.com/OpenSC/pam_pkcs11/commit/d853d94dc2cf02eb4d75d9bf23122e0d3f7a52c7
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix DBG1() use

In file included from pkcs11_lib.c:31:0:
pkcs11_lib.c:306:10: warning: too many arguments for format [-Wformat-extra-args]
     DBG1("Malloc failed when allocating module spec", strerror(errno));
          ^
debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^


  Commit: 716303b97e4111beb15e7b6da3b090fe9aeb53c1
      https://github.com/OpenSC/pam_pkcs11/commit/716303b97e4111beb15e7b6da3b090fe9aeb53c1
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix compiler warning

pkcs11_lib.c: In function ‘load_pkcs11_module’:
pkcs11_lib.c:295:35: warning: passing argument 1 of ‘find_module_by_library’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
   module = find_module_by_library(pkcs11_module);
                                   ^~~~~~~~~~~~~
pkcs11_lib.c:255:22: note: expected ‘char *’ but argument is of type ‘const char *’
 static SECMODModule *find_module_by_library(char *pkcs11_module)
                      ^~~~~~~~~~~~~~~~~~~~~~


  Commit: c02ad0ecb9573a924d3a63e42b2a2c4557329fe0
      https://github.com/OpenSC/pam_pkcs11/commit/c02ad0ecb9573a924d3a63e42b2a2c4557329fe0
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/cert_info.c

  Log Message:
  -----------
  Fix DBG1() use

In file included from cert_info.c:26:0:
cert_info.c: In function ‘cert_info_digest’:
cert_info.c:123:10: warning: too many arguments for format [-Wformat-extra-args]
     DBG1("Invalid digest algorithm, using 'sha1'",algorithm);
          ^
debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^


  Commit: b4f1fdde48293cb27abed4e1772e6e6a3c8d4793
      https://github.com/OpenSC/pam_pkcs11/commit/b4f1fdde48293cb27abed4e1772e6e6a3c8d4793
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/tools/pkcs11_eventmgr.c

  Log Message:
  -----------
  pkcs11_eventmgr: Fix NSS module iteration

pkcs11_eventmgr.c: In function ‘main’:
pkcs11_eventmgr.c:510:26: warning: statement with no effect [-Wunused-value]
   for (; modList; modList->next)
                   ~~~~~~~^~~~~~


  Commit: bed38a565b505b167ee365153e468cf683a222ec
      https://github.com/OpenSC/pam_pkcs11/commit/bed38a565b505b167ee365153e468cf683a222ec
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fix DBG1() use

cert_vfy.c: In function ‘verify_signature’:
cert_vfy.c:519:8: warning: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘int’ [-Wformat=]
   DBG1("public key type: 0x%08lx", EVP_PKEY_base_id(pubkey));
        ^
debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^
cert_vfy.c:520:8: warning: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘int’ [-Wformat=]
   DBG1("public key bits: 0x%08lx", EVP_PKEY_bits(pubkey));
        ^
debug.h:55:54: note: in definition of macro ‘DBG1’
 #define DBG1(f,a) debug_print(1, __FILE__, __LINE__, f , a )
                                                      ^


  Commit: 3b3f6876d89f937efbace83613e620675f15f476
      https://github.com/OpenSC/pam_pkcs11/commit/3b3f6876d89f937efbace83613e620675f15f476
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-20 (Mon, 20 May 2019)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fix compiler warning

cert_vfy.c: In function ‘verify_signature’:
cert_vfy.c:508:7: warning: unused variable ‘sig_der_len’ [-Wunused-variable]
   int sig_der_len;
       ^~~~~~~~~~~


  Commit: d681296215c4a4988accf9236045749addd1ef57
      https://github.com/OpenSC/pam_pkcs11/commit/d681296215c4a4988accf9236045749addd1ef57
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-22 (Wed, 22 May 2019)

  Changed paths:
    M README

  Log Message:
  -----------
  README: remove the release number


  Commit: 33072ec36631c884b09c545058551675bf22e199
      https://github.com/OpenSC/pam_pkcs11/commit/33072ec36631c884b09c545058551675bf22e199
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2019-05-22 (Wed, 22 May 2019)

  Changed paths:
    M ChangeLog
    M NEWS
    M configure.ac

  Log Message:
  -----------
  Release 0.6.11

Signed-off-by: Ludovic Rousseau <lud...@fr...>


  Commit: 372a676635b9237b39d4e7116475f2797c24aeb6
      https://github.com/OpenSC/pam_pkcs11/commit/372a676635b9237b39d4e7116475f2797c24aeb6
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-07-10 (Fri, 10 Jul 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fixed double free() in refresh_slots()


  Commit: ae3a851dfe5e990897dfc6c104bdc8afb917bea6
      https://github.com/OpenSC/pam_pkcs11/commit/ae3a851dfe5e990897dfc6c104bdc8afb917bea6
  Author: AngusMcGyver <568...@us...>
  Date:   2020-08-07 (Fri, 07 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  change for issue 46

see https://github.com/OpenSC/pam_pkcs11/issues/46


  Commit: 3c559ab4c90c73dc23982538ce33bc4f030e25d3
      https://github.com/OpenSC/pam_pkcs11/commit/3c559ab4c90c73dc23982538ce33bc4f030e25d3
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-11 (Tue, 11 Aug 2020)

  Changed paths:
    M ChangeLog
    M NEWS
    M README
    M README.md
    M configure.ac
    M doc/Makefile.am
    M src/common/cert_info.c
    M src/common/cert_vfy.c
    M src/common/cert_vfy.h
    M src/common/debug.c
    M src/common/pam-pkcs11-ossl-compat.h
    M src/common/pkcs11_lib.c
    M src/common/strings.c
    M src/mappers/ldap_mapper.c
    M src/mappers/mail_mapper.c
    M src/mappers/null_mapper.c
    M src/mappers/openssh_mapper.c
    M src/pam_pkcs11/pam_pkcs11.c
    M src/scconf/parse.c
    M src/tools/card_eventmgr.c
    M src/tools/pkcs11_eventmgr.c

  Log Message:
  -----------
  Merge branch 'devel/base' into devel/fixes


  Commit: 6d33a04b4a3631f3b9579be80faa1cad7688d1a8
      https://github.com/OpenSC/pam_pkcs11/commit/6d33a04b4a3631f3b9579be80faa1cad7688d1a8
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-14 (Fri, 14 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fixed the format strings for error code values

Signed-off-by: Paul Wolneykien <ma...@al...>


  Commit: e4705f01b52629092e71fb71e70bd39a9cfc7e72
      https://github.com/OpenSC/pam_pkcs11/commit/e4705f01b52629092e71fb71e70bd39a9cfc7e72
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-14 (Fri, 14 Aug 2020)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fixed some reference type errors for OpenSSL objects

Signed-off-by: Paul Wolneykien <ma...@al...>


  Commit: 64dfbd188a7f794de916a414bb3cbf1adf1db227
      https://github.com/OpenSC/pam_pkcs11/commit/64dfbd188a7f794de916a414bb3cbf1adf1db227
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-14 (Fri, 14 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Merge branch 'devel/formats' into devel/fixes


  Commit: 15e80f474be3304ca9d18824ea5b637d5549029f
      https://github.com/OpenSC/pam_pkcs11/commit/15e80f474be3304ca9d18824ea5b637d5549029f
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-14 (Fri, 14 Aug 2020)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Cast pointers for pam_get_item()


  Commit: ee9839bb35a41f8f6bb136799941e6563273ee38
      https://github.com/OpenSC/pam_pkcs11/commit/ee9839bb35a41f8f6bb136799941e6563273ee38
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-14 (Fri, 14 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fixed format for CK_RV error code

Signed-off-by: Paul Wolneykien <ma...@al...>


  Commit: 3fa30a241bf5f1e32cafb38edf7c82bab9b5ed2d
      https://github.com/OpenSC/pam_pkcs11/commit/3fa30a241bf5f1e32cafb38edf7c82bab9b5ed2d
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-15 (Sat, 15 Aug 2020)

  Changed paths:
    M configure.ac

  Log Message:
  -----------
  Disable pointer-sign warnings for a while...


  Commit: 17d05841d94b4d35f40fada78b11b4d41ed3a661
      https://github.com/OpenSC/pam_pkcs11/commit/17d05841d94b4d35f40fada78b11b4d41ed3a661
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-15 (Sat, 15 Aug 2020)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Cast more pointers for pam_get_item()


  Commit: 996dc857da9eb454d7d75736e6c54b61bb121bb6
      https://github.com/OpenSC/pam_pkcs11/commit/996dc857da9eb454d7d75736e6c54b61bb121bb6
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-15 (Sat, 15 Aug 2020)

  Changed paths:
    M src/tools/card_eventmgr.c

  Log Message:
  -----------
  Fix: Use the return values of fscanf() and write()


  Commit: 3cb362e3c23b9917360bd5864f3882d5e3da9a1d
      https://github.com/OpenSC/pam_pkcs11/commit/3cb362e3c23b9917360bd5864f3882d5e3da9a1d
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-15 (Sat, 15 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c
    M src/common/pkcs11_lib.h

  Log Message:
  -----------
  Fix: Remove `const` from `get_X509_certificate()` as OpenSSL functions have non-const arguments


  Commit: 1e7fb31032eaca6ece258ce4f5bd266dcda93ddf
      https://github.com/OpenSC/pam_pkcs11/commit/1e7fb31032eaca6ece258ce4f5bd266dcda93ddf
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-08-16 (Sun, 16 Aug 2020)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fixed more format for CK_RV error code


  Commit: ab0319f7e6609c5fa542fbc07db243a2564e294d
      https://github.com/OpenSC/pam_pkcs11/commit/ab0319f7e6609c5fa542fbc07db243a2564e294d
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-09-03 (Thu, 03 Sep 2020)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fix: Use X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate()

Use X509_CRL_get0_lastUpdate(crl) and X509_CRL_get0_nextUpdate(crl) in
new OpenSSL versions instead of X509_CRL_get_lastUpdate(crl) and
X509_CRL_get_nextUpdate(crl).


  Commit: 6c49136417ba523a27a30fe765537a78e43ec8c4
      https://github.com/OpenSC/pam_pkcs11/commit/6c49136417ba523a27a30fe765537a78e43ec8c4
  Author: Paul Wolneykien <ma...@al...>
  Date:   2020-09-03 (Thu, 03 Sep 2020)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Use ECDSA_SIG_set0() instead of ECDSA_SIG_get0_r() + ECDSA_SIG_get0_s()

FIXME: Why not to use d2i_ECDSA_SIG() ???


  Commit: 285a2d66ca166591fa72fa07f6aaf9c8e148c0d2
      https://github.com/OpenSC/pam_pkcs11/commit/285a2d66ca166591fa72fa07f6aaf9c8e148c0d2
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-03-23 (Tue, 23 Mar 2021)

  Changed paths:
    M configure.ac
    M src/common/pkcs11_lib.c
    M src/common/pkcs11_lib.h
    M src/pam_pkcs11/pam_pkcs11.c
    M src/tools/card_eventmgr.c

  Log Message:
  -----------
  Merge pull request #52 from wolneykien/devel/fixes

I've just tested it with RSA cert and the `generic` mapper.


  Commit: 6b55908ca57114793607c3e150249ba2941f87b2
      https://github.com/OpenSC/pam_pkcs11/commit/6b55908ca57114793607c3e150249ba2941f87b2
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-03-23 (Tue, 23 Mar 2021)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Merge pull request #51 from wolneykien/devel/opensslfix

Tested with RSA certificate, `opensc` and `generic` mappers.


  Commit: a4f0311f2ce6f02fa1482a2df03df470634bf53d
      https://github.com/OpenSC/pam_pkcs11/commit/a4f0311f2ce6f02fa1482a2df03df470634bf53d
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-03-23 (Tue, 23 Mar 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Merge pull request #47 from AngusMcGyver/master

Seems rational.


  Commit: 289f3b8bcfc821a19312f7390e3c651e647fd102
      https://github.com/OpenSC/pam_pkcs11/commit/289f3b8bcfc821a19312f7390e3c651e647fd102
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Don't stuck if wait_for_card=false and ignore the token not found error when the auth isn't restricted to card only (either by option or by PKCS11_LOGIN_TOKEN_NAME env.var.)


  Commit: 6d0e9b81945df6298233766b319b19d55aad3195
      https://github.com/OpenSC/pam_pkcs11/commit/6d0e9b81945df6298233766b319b19d55aad3195
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Allow to pass to the next module if the auth isn't restricted to card only.


  Commit: 1bb036a630d6dc49d0b652fa78919d5a05dea4fb
      https://github.com/OpenSC/pam_pkcs11/commit/1bb036a630d6dc49d0b652fa78919d5a05dea4fb
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Make wait-for-card work when the user is not logged in


  Commit: 5bcf25150fa50a6f67b9428d873619d973972ceb
      https://github.com/OpenSC/pam_pkcs11/commit/5bcf25150fa50a6f67b9428d873619d973972ceb
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Return PAM_AUTH_ERR for login error


  Commit: 88a87d54ff0a9f1c425906bb1fe260e40bd7751c
      https://github.com/OpenSC/pam_pkcs11/commit/88a87d54ff0a9f1c425906bb1fe260e40bd7751c
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fail if no token found only when it is strictly required

1. card_only = true AND PKCS11_LOGIN_TOKEN_NAME isn't set.
2. card_only = true AND wait_for_card = true

This fixes/improves commit b08ec3b095d4fa143d046783cb010cc0f34f7c92.


  Commit: 503dd3206a13d54df19b8b8520bd2cb1c84bb38c
      https://github.com/OpenSC/pam_pkcs11/commit/503dd3206a13d54df19b8b8520bd2cb1c84bb38c
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix the layout a little bit


  Commit: 0c6fcc159413f1c3fd1ad64ce82845a8f6f00caa
      https://github.com/OpenSC/pam_pkcs11/commit/0c6fcc159413f1c3fd1ad64ce82845a8f6f00caa
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Exit quietly only if card_only is false


  Commit: 9938b5fe59eb387fc57a135396c44e872f6cba0e
      https://github.com/OpenSC/pam_pkcs11/commit/9938b5fe59eb387fc57a135396c44e872f6cba0e
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix: Do not return error when there are no slots


  Commit: 806e46625f7144be9de1b33c8c77bef1be1c962e
      https://github.com/OpenSC/pam_pkcs11/commit/806e46625f7144be9de1b33c8c77bef1be1c962e
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Output "no token" errors only when wait-for-card mode is off


  Commit: ba24e532b637072c309408be0a50b606aad22c43
      https://github.com/OpenSC/pam_pkcs11/commit/ba24e532b637072c309408be0a50b606aad22c43
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-25 (Thu, 25 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fixed cleanup of the old password


  Commit: 097ff87538995152e1f96ea2189b1731d7516c6e
      https://github.com/OpenSC/pam_pkcs11/commit/097ff87538995152e1f96ea2189b1731d7516c6e
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M po/pam_pkcs11.pot
    M po/ru.po
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix/improve: Write a message when the token authentication is cancelled


  Commit: 26a9f81b4f5026e0804639334fd378e103dcbf25
      https://github.com/OpenSC/pam_pkcs11/commit/26a9f81b4f5026e0804639334fd378e103dcbf25
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Improve more: Write a message when the token authentication is cancelled (no card case)


  Commit: e3ebe576c3bb98b3ab1b4a69b1e6a8b4ffcef5b3
      https://github.com/OpenSC/pam_pkcs11/commit/e3ebe576c3bb98b3ab1b4a69b1e6a8b4ffcef5b3
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix/improve: Output the "no token" debug message even when `wait_for_card` is set


  Commit: 4a7a3ea8c1145e78adbb5cddaab829cfd05271c3
      https://github.com/OpenSC/pam_pkcs11/commit/4a7a3ea8c1145e78adbb5cddaab829cfd05271c3
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M etc/Makefile.am
    A etc/system-auth-pkcs11_strict
    A etc/system-auth-use_first_pass-pkcs11_strict

  Log Message:
  -----------
  Added the exmple PAM configuration which uses the ignore result

The configuration allows users in the group "wheel" to login without
token when "card_only=false".


  Commit: b1ea66dad88672daef8b2e2ef171830c5808d7c4
      https://github.com/OpenSC/pam_pkcs11/commit/b1ea66dad88672daef8b2e2ef171830c5808d7c4
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M etc/Makefile.am
    A etc/pam.d_ignore_no_card.example
    R etc/system-auth-pkcs11_strict
    R etc/system-auth-use_first_pass-pkcs11_strict

  Log Message:
  -----------
  Rename "pkcs11_strict" PAM config to "ignore_no_card" and install it in the docs as an example


  Commit: e05600c88d1a673d9f69211af6dd99adb16f7279
      https://github.com/OpenSC/pam_pkcs11/commit/e05600c88d1a673d9f69211af6dd99adb16f7279
  Author: Alexey I. Froloff <ra...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M etc/pam_pkcs11.conf.example.in

  Log Message:
  -----------
  Add card_only and wait_for_card to example config.


  Commit: d3a9e2eae721da3fb501c29468423bd45ea115c8
      https://github.com/OpenSC/pam_pkcs11/commit/d3a9e2eae721da3fb501c29468423bd45ea115c8
  Author: Alexey I. Froloff <ra...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M etc/pam_pkcs11.conf.example.in

  Log Message:
  -----------
  Add screen_savers to example config


  Commit: a2495ecff9cbcb3e165cecc09ef693d6b635840a
      https://github.com/OpenSC/pam_pkcs11/commit/a2495ecff9cbcb3e165cecc09ef693d6b635840a
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Use the single fail exit point


  Commit: bcf31ad533233f3d37a65e4f384e4e5f1ba937e6
      https://github.com/OpenSC/pam_pkcs11/commit/bcf31ad533233f3d37a65e4f384e4e5f1ba937e6
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-03-26 (Fri, 26 Mar 2021)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Fix: Cast the &user pointer for pam_get_item()


  Commit: a1abb33dddc2df1876f371d6e5869f544b7e63c9
      https://github.com/OpenSC/pam_pkcs11/commit/a1abb33dddc2df1876f371d6e5869f544b7e63c9
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-05-08 (Sat, 08 May 2021)

  Changed paths:
    M etc/Makefile.am
    A etc/pam.d_ignore_no_card.example
    M etc/pam_pkcs11.conf.example.in
    M po/pam_pkcs11.pot
    M po/ru.po
    M src/common/pkcs11_lib.c
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  Merge pull request #54 from wolneykien/devel/ignore-no-card

Merged the `ignore-no-card` patch.


  Commit: 0ddd3a7bd32d697790b1bc5b00e59147de352d5a
      https://github.com/OpenSC/pam_pkcs11/commit/0ddd3a7bd32d697790b1bc5b00e59147de352d5a
  Author: Michał Skalski <msk...@en...>
  Date:   2021-05-09 (Sun, 09 May 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Workaround for buggy PKCS#11 C_Sign() implementation

Add workaround for buggy implementation of PKCS#11 library when it
does not update signature_length parameter if it returns CKR_BUFFER_TOO_SMALL.
It handles also (hypotetical) reducing by PKCS#11 library returned signature length.

Additionally speeds up signature using larger buffer (of 1024 bytes) at beginning
which should result for most of cases calling C_Sign() only once.


  Commit: bae6bed9fc8b4c2c78f0f46e5247b78e7cbc518c
      https://github.com/OpenSC/pam_pkcs11/commit/bae6bed9fc8b4c2c78f0f46e5247b78e7cbc518c
  Author: Olivier Martin <ol...@la...>
  Date:   2021-05-20 (Thu, 20 May 2021)

  Changed paths:
    M src/pam_pkcs11/pam_config.c

  Log Message:
  -----------
  pam_config: Handle 'card_only' option from command line


  Commit: 8bda0205f3f448b79ccb56fc63efae69bbb38dfd
      https://github.com/OpenSC/pam_pkcs11/commit/8bda0205f3f448b79ccb56fc63efae69bbb38dfd
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-05-20 (Thu, 20 May 2021)

  Changed paths:
    M src/pam_pkcs11/pam_config.c

  Log Message:
  -----------
  Merge pull request #55 from labapart/card-only-from-command-line

pam_config: Handle 'card_only' option from command line


  Commit: 4b020263b91c626f083e4c3bff55d0f3e334f4e8
      https://github.com/OpenSC/pam_pkcs11/commit/4b020263b91c626f083e4c3bff55d0f3e334f4e8
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2021-05-31 (Mon, 31 May 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Merge pull request #40 from mskalski/signature-size-workaround

Workaround for buggy PKCS#11 C_Sign() implementation


  Commit: 2e7e4b880cd17b06d4633d1f1b5eb21190e0365b
      https://github.com/OpenSC/pam_pkcs11/commit/2e7e4b880cd17b06d4633d1f1b5eb21190e0365b
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-05-31 (Mon, 31 May 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Limit signature length to 65536 bytes

This protects the C_Sign() loop from infinite looping in the case of a
buggy PKCS#11 implementation (see commit f81e22c).


  Commit: 8647c7cde99c8cf3a8df910c0185d3997f5c56e2
      https://github.com/OpenSC/pam_pkcs11/commit/8647c7cde99c8cf3a8df910c0185d3997f5c56e2
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-05-31 (Mon, 31 May 2021)

  Changed paths:
    M AUTHORS
    M ChangeLog
    M README
    M configure.ac

  Log Message:
  -----------
  Release 0.6.12

Signed-off-by: Paul Wolneykien <ma...@al...>


  Commit: e8c26d01e1b9c8eb3bb8d965505d682b151a4775
      https://github.com/OpenSC/pam_pkcs11/commit/e8c26d01e1b9c8eb3bb8d965505d682b151a4775
  Author: Paul Wolneykien <ma...@al...>
  Date:   2021-08-27 (Fri, 27 Aug 2021)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Fixed missing X509_CRL_free() in check_for_revocation

Fixed missing X509_CRL_free() in check_for_revocation (thx Komarov
Egor).


  Commit: faa8a2f09f2eda1d39e2d60f2cd9830f023e2e73
      https://github.com/OpenSC/pam_pkcs11/commit/faa8a2f09f2eda1d39e2d60f2cd9830f023e2e73
  Author: Dimitri Papadopoulos <323...@us...>
  Date:   2021-09-15 (Wed, 15 Sep 2021)

  Changed paths:
    M AUTHORS
    M ChangeLog
    M README
    M README.md
    M doc/README.autologin
    M doc/README.eventmgr
    M doc/README.mappers
    M doc/mappers_api.xml
    M doc/pam_pkcs11.xml
    M doc/pkcs11_eventmgr.1
    M etc/pam_pkcs11.conf.example.in
    M pam_pkcs11.spec
    M src/common/cert_info.c
    M src/common/cert_vfy.c
    M src/common/cert_vfy.h
    M src/common/pam-pkcs11-ossl-compat.h
    M src/common/pkcs11_lib.c
    M src/common/rsaref/pkcs11.h
    M src/common/strings.h
    M src/common/uri.c
    M src/common/uri.h
    M src/mappers/ldap_mapper.c
    M src/mappers/mail_mapper.c
    M src/mappers/mapper.h
    M src/mappers/null_mapper.c
    M src/pam_pkcs11/mapper_mgr.h
    M src/pam_pkcs11/pam_pkcs11.c
    M src/scconf/README.scconf
    M src/tools/card_eventmgr.c
    M src/tools/pkcs11_eventmgr.c

  Log Message:
  -----------
  Fix typos found by codespell


  Commit: 85c5b9707b2dfc0c4c4a37be0ec06ad9ec7fc1d1
      https://github.com/OpenSC/pam_pkcs11/commit/85c5b9707b2dfc0c4c4a37be0ec06ad9ec7fc1d1
  Author: Dimitri Papadopoulos <323...@us...>
  Date:   2021-09-15 (Wed, 15 Sep 2021)

  Changed paths:
    A .github/workflows/codespell.yml
    A codespell_ignore_words.txt

  Log Message:
  -----------
  Add codespell to CI to find typos early


  Commit: d09ae6efb672dba32e772a176abec20eb8979cbb
      https://github.com/OpenSC/pam_pkcs11/commit/d09ae6efb672dba32e772a176abec20eb8979cbb
  Author: Dimitri Papadopoulos <323...@us...>
  Date:   2021-09-15 (Wed, 15 Sep 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Fix LGTM.com errors

Wrong type of arguments to formatting function


  Commit: 4a6a7fcede56385fd2d63cbef13e8b2c8f0f0717
      https://github.com/OpenSC/pam_pkcs11/commit/4a6a7fcede56385fd2d63cbef13e8b2c8f0f0717
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2021-10-05 (Tue, 05 Oct 2021)

  Changed paths:
    A .github/workflows/codespell.yml
    M AUTHORS
    M ChangeLog
    M README
    M README.md
    A codespell_ignore_words.txt
    M doc/README.autologin
    M doc/README.eventmgr
    M doc/README.mappers
    M doc/mappers_api.xml
    M doc/pam_pkcs11.xml
    M doc/pkcs11_eventmgr.1
    M etc/pam_pkcs11.conf.example.in
    M pam_pkcs11.spec
    M src/common/cert_info.c
    M src/common/cert_vfy.c
    M src/common/cert_vfy.h
    M src/common/pam-pkcs11-ossl-compat.h
    M src/common/pkcs11_lib.c
    M src/common/rsaref/pkcs11.h
    M src/common/strings.h
    M src/common/uri.c
    M src/common/uri.h
    M src/mappers/ldap_mapper.c
    M src/mappers/mail_mapper.c
    M src/mappers/mapper.h
    M src/mappers/null_mapper.c
    M src/pam_pkcs11/mapper_mgr.h
    M src/pam_pkcs11/pam_pkcs11.c
    M src/scconf/README.scconf
    M src/tools/card_eventmgr.c
    M src/tools/pkcs11_eventmgr.c

  Log Message:
  -----------
  Merge pull request #60 from DimitriPapadopoulos/codespell

Codespell


  Commit: fc9307503a125da6ae434807690e5e6f7f4d43d1
      https://github.com/OpenSC/pam_pkcs11/commit/fc9307503a125da6ae434807690e5e6f7f4d43d1
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2021-10-05 (Tue, 05 Oct 2021)

  Changed paths:
    M src/common/pkcs11_lib.c

  Log Message:
  -----------
  Merge pull request #61 from DimitriPapadopoulos/lgtm

Fix LGTM.com errors


  Commit: 91c9d59101aedf341544b27a4271d5e4886d4567
      https://github.com/OpenSC/pam_pkcs11/commit/91c9d59101aedf341544b27a4271d5e4886d4567
  Author: Ludovic Rousseau <lud...@fr...>
  Date:   2021-10-05 (Tue, 05 Oct 2021)

  Changed paths:
    M src/common/cert_vfy.c

  Log Message:
  -----------
  Merge pull request #58 from wolneykien/devel/moresslfix

Fixed missing X509_CRL_free() in check_for_revocation


  Commit: dfe124c0be7ef1fab8389aaab4cf0407c75d2ab5
      https://github.com/OpenSC/pam_pkcs11/commit/dfe124c0be7ef1fab8389aaab4cf0407c75d2ab5
  Author: krolikov <kro...@gm...>
  Date:   2022-03-22 (Tue, 22 Mar 2022)

  Changed paths:
    M tools/pkcs11_make_hash_link

  Log Message:
  -----------
  Making changes to pkcs11_make_hash_link to support whitespaces in file names


  Commit: c886c4cc7f1a4a76fdccda6c50a1e45bd108ee47
      https://github.com/OpenSC/pam_pkcs11/commit/c886c4cc7f1a4a76fdccda6c50a1e45bd108ee47
  Author: krolikov <kro...@gm...>
  Date:   2022-04-07 (Thu, 07 Apr 2022)

  Changed paths:
    M tools/pkcs11_make_hash_link

  Log Message:
  -----------
  Change IFS variable inside a subshell to accomodate for whitespaces in file names


  Commit: df9257e0173215f66cb8fc25e91f994aba0a20da
      https://github.com/OpenSC/pam_pkcs11/commit/df9257e0173215f66cb8fc25e91f994aba0a20da
  Author: Paul Wolneykien <wol...@gm...>
  Date:   2022-04-07 (Thu, 07 Apr 2022)

  Changed paths:
    M tools/pkcs11_make_hash_link

  Log Message:
  -----------
  Merge pull request #64 from krolikov/krolikov_make_hash_whitespace

Making changes to pkcs11_make_hash_link to support whitespaces in file names


  Commit: cf14bf97c55a8c442d46d1f4970922049a2b8652
      https://github.com/OpenSC/pam_pkcs11/commit/cf14bf97c55a8c442d46d1f4970922049a2b8652
  Author: Bowb <618...@us...>
  Date:   2022-06-07 (Tue, 07 Jun 2022)

  Changed paths:
    M src/mappers/mapper.c

  Log Message:
  -----------
  Update mapper.c

Check if *from has value before passing to strchr


  Commit: d1fc946597207750b9d5a93a63ebb77c7c343967
      https://github.com/OpenSC/pam_pkcs11/commit/d1fc946597207750b9d5a93a63ebb77c7c343967
  Author: Truman H Lackey <th...@sa...>
  Date:   2022-06-08 (Wed, 08 Jun 2022)

  Changed paths:
    M src/common/pkcs11_lib.c
    M src/mappers/mapper.c
    M src/mappers/subject_mapper.c
    M src/pam_pkcs11/mapper_mgr.c
    M src/pam_pkcs11/pam_config.c
    M src/pam_pkcs11/pam_config.h
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  cleanup memory leaks.


  Commit: f8e7d85aa3ca4fd2e2a8c2dfe601d1224debe372
      https://github.com/OpenSC/pam_pkcs11/commit/f8e7d85aa3ca4fd2e2a8c2dfe601d1224debe372
  Author: bowb <618...@us...>
  Date:   2022-06-09 (Thu, 09 Jun 2022)

  Changed paths:
    M src/mappers/mapper.c
    M src/pam_pkcs11/pam_config.c
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  memory leak fixes.


  Commit: 5e7dd640498047682d485cb57d24f767a902747c
      https://github.com/OpenSC/pam_pkcs11/commit/5e7dd640498047682d485cb57d24f767a902747c
  Author: bowb <618...@us...>
  Date:   2022-06-09 (Thu, 09 Jun 2022)

  Changed paths:
    M src/common/pkcs11_lib.c
    M src/mappers/mapper.c
    M src/mappers/subject_mapper.c
    M src/pam_pkcs11/mapper_mgr.c
    M src/pam_pkcs11/pam_config.c
    M src/pam_pkcs11/pam_config.h
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  merge in memory leak fixes into master.


  Commit: db03519dcd8de95538074da06260636003c23ce6
      https://github.com/OpenSC/pam_pkcs11/commit/db03519dcd8de95538074da06260636003c23ce6
  Author: bowb <618...@us...>
  Date:   2022-06-09 (Thu, 09 Jun 2022)

  Changed paths:
    M src/mappers/mapper.c

  Log Message:
  -----------
  check from bounds.


  Commit: a7553612563b6fdd3e55507751d25f41e72411d3
      https://github.com/OpenSC/pam_pkcs11/commit/a7553612563b6fdd3e55507751d25f41e72411d3
  Author: bowb <618...@us...>
  Date:   2022-06-09 (Thu, 09 Jun 2022)

  Changed paths:
    M src/common/pkcs11_lib.c
    M src/mappers/mapper.c
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  formatting fixes.


  Commit: fcceff3eeef0cb8cf7f054054d1593ca00b9b797
      https://github.com/OpenSC/pam_pkcs11/commit/fcceff3eeef0cb8cf7f054054d1593ca00b9b797
  Author: bowb <618...@us...>
  Date:   2022-06-09 (Thu, 09 Jun 2022)

  Changed paths:
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  free memory returned by cert_info


  Commit: 345b22721fd97848e2d20ddca4a3df91e9fc0b14
      https://github.com/OpenSC/pam_pkcs11/commit/345b22721fd97848e2d20ddca4a3df91e9fc0b14
  Author: bowb <618...@us...>
  Date:   2022-06-10 (Fri, 10 Jun 2022)

  Changed paths:
    M src/common/cert_vfy.c
    M src/pam_pkcs11/pam_pkcs11.c

  Log Message:
  -----------
  cleanup formatting. fix memory leak check_for_revocation


  Commit: bdad577afc434b20420f6c4a1fa8a33b9cc7693a
      https://github.com/OpenSC/pam_pkcs11/commit/bdad577afc434b20420f6c4a1fa8a33b9cc7693a
  Author: bowb <618...@us...>
  Date:   2022-06-10 (Fri, 10 Jun 2022)

  Changed paths:
    M src/common/algorithm.c
    M src/common/base64.c
    M src/common/cert_info.c
    M src/common/cert_vfy.c
    M src/common/pkcs11_lib.c
    M src/common/strings.c
    M src/common/strndup.c
    M src/common/uri.c

  Log Message:
  -----------
  initialize unitialized variables.


  Commit: ecdce1afad21ea6126160f49cc11d581b8a3cd03
      https://github.com/OpenSC/pam_pkcs11/commit/ecdce1afad21ea6126160f49cc11d581b8a3cd03
  Author: Bowb <618...@us...>
  Date:   2022-06-10 (Fri, 10 Jun 2022)

  Changed paths:
    M src/common/base64.c

  Log Message:
  -----------
  Update base64.c


  Commit: 0cbc9627bbdb4ee73e405acd3266fce854637118
      https://github.com/OpenSC/pam_pkcs11/commit/0cbc9627bbdb4ee73e405acd3266fce854637118
  Author: bowb <618...@us...>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M src/common/cert_info.c
    M src/common/cert_info.h
    M src/mappers/subject_mapper.c

  Log Message:
  -----------
  add free_entries. only used by subject_mapper


  Commit: ab78e02119ebe29bbd6860eed7154ed676cd1957
      https://github.com/OpenSC/pam_pkcs11/commit/ab78e02119ebe29bbd6860eed7154ed676cd1957
  Author: bowb <618...@us...>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M src/common/cert_info.c
    M src/common/cert_info.h
    M src/mappers/subject_mapper.c

  Log Message:
  -----------
  Merge branch 'changes'


  Commit: 6d0a4bcafb34b2835135739f0b3cc16e7290715c
      https://github.com/OpenSC/pam_pkcs11/commit/6d0a4bcafb34b2835135739f0b3cc16e7290715c
  Author: bowb <618...@us...>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M src/mappers/subject_mapper.c

  Log Message:
  -----------
  fix return type.


  Commit: 54d6e48dc583f8a0be01e2b228cbfbb247b8f1e2
      https://github.com/OpenSC/pam_pkcs11/commit/54d6e48dc583f8a0be01e2b228cbfbb247b8f1e2
  Author: Paul Wolneykien <ma...@al...>
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
    M src/common/cert_info.c

  Log Message:
  -----------
  Initialize the entries ar...
 
[truncated message content]

[Opensc-commits] [OpenSC/pam_p11] 5a395a: Add CodeQL workflow

From: Frank M. <no...@gi...> - 2023-03-03 16:08:00

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/pam_p11
  Commit: 5a395a908eb9aa8ba4c6f89a2ebc600d9e4fe432
      https://github.com/OpenSC/pam_p11/commit/5a395a908eb9aa8ba4c6f89a2ebc600d9e4fe432
  Author: Jorge <460...@us...>
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
    A .github/workflows/codeql.yml

  Log Message:
  -----------
  Add CodeQL workflow


  Commit: e4b6ad506386ee7761e1beae41a3c37f70e83618
      https://github.com/OpenSC/pam_p11/commit/e4b6ad506386ee7761e1beae41a3c37f70e83618
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    A .github/workflows/codeql.yml

  Log Message:
  -----------
  Merge pull request #25 from jorgectf/jorgectf/add-codeql-workflow

Add CodeQL workflow


Compare: https://github.com/OpenSC/pam_p11/compare/900684afdd93...e4b6ad506386

[Opensc-commits] [OpenSC/pam_p11] 513cfb: migrate RSA initialization to openssl 3

From: Frank M. <no...@gi...> - 2023-03-03 16:04:51

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/pam_p11
  Commit: 513cfbe2bf7216c1696887980dead2a800fe9a65
      https://github.com/OpenSC/pam_p11/commit/513cfbe2bf7216c1696887980dead2a800fe9a65
  Author: Frank Morgner <fra...@gm...>
  Date:   2022-03-09 (Wed, 09 Mar 2022)

  Changed paths:
    M configure.ac
    M src/match_openssh.c
    M src/pam_p11.c

  Log Message:
  -----------
  migrate RSA initialization to openssl 3


  Commit: b973b0e413e9d421cedd0e8231aeccf230c8a74c
      https://github.com/OpenSC/pam_p11/commit/b973b0e413e9d421cedd0e8231aeccf230c8a74c
  Author: Frank Morgner <fra...@gm...>
  Date:   2022-03-10 (Thu, 10 Mar 2022)

  Changed paths:
    M src/match_openssh.c

  Log Message:
  -----------
  added openssl 3 compatibility for ec pubkeys


  Commit: 1e110f77f4fb52878722de3e1c0991d6199cf701
      https://github.com/OpenSC/pam_p11/commit/1e110f77f4fb52878722de3e1c0991d6199cf701
  Author: Frank Morgner <fra...@gm...>
  Date:   2022-03-10 (Thu, 10 Mar 2022)

  Changed paths:
    M src/match_opensc.c
    M src/match_openssh.c

  Log Message:
  -----------
  added compatibility for openssl 3 evp_pkey comparison


  Commit: debd4f7acfaf998cfe4002e0be5c35ad9a9591b5
      https://github.com/OpenSC/pam_p11/commit/debd4f7acfaf998cfe4002e0be5c35ad9a9591b5
  Author: Frank Morgner <fra...@gm...>
  Date:   2022-03-10 (Thu, 10 Mar 2022)

  Changed paths:
    M .github/build.sh

  Log Message:
  -----------
  CI: enable OpenSSL's deprecated warnings


  Commit: 900684afdd933435e71e6aee3e7b71427fae492a
      https://github.com/OpenSC/pam_p11/commit/900684afdd933435e71e6aee3e7b71427fae492a
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M .github/build.sh
    M configure.ac
    M src/match_opensc.c
    M src/match_openssh.c
    M src/pam_p11.c

  Log Message:
  -----------
  Merge pull request #22 from OpenSC/ssl3

Added compatibility with OpenSSL 3+


Compare: https://github.com/OpenSC/pam_p11/compare/d5dc10692aa6...900684afdd93

[Opensc-commits] [OpenSC/OpenSC] c16d4e: Check path length to prevent buffer underflow

From: Veronika H. <no...@gi...> - 2023-03-03 10:25:41

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: c16d4e6588a19f4b85aa584174335f62efe28aaf
      https://github.com/OpenSC/OpenSC/commit/c16d4e6588a19f4b85aa584174335f62efe28aaf
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-lib.c

  Log Message:
  -----------
  Check path length to prevent buffer underflow

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53417


  Commit: cfb35259357c210bfea461dac4ca31dae7faaa7d
      https://github.com/OpenSC/OpenSC/commit/cfb35259357c210bfea461dac4ca31dae7faaa7d
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/card-coolkey.c

  Log Message:
  -----------
  Fix memory leak

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54082


  Commit: df5a176bfdf8c52ba89c7fef1f82f6f3b9312bc1
      https://github.com/OpenSC/OpenSC/commit/df5a176bfdf8c52ba89c7fef1f82f6f3b9312bc1
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/muscle.c

  Log Message:
  -----------
  Check array bounds

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54312


  Commit: 475b4fce8fc4d2bbb4d42c446877820539413d85
      https://github.com/OpenSC/OpenSC/commit/475b4fce8fc4d2bbb4d42c446877820539413d85
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/card-oberthur.c

  Log Message:
  -----------
  Free file in case of error

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54456


  Commit: 4bed31d9f88e92e1466d25c1ccd2b83f7ad805c1
      https://github.com/OpenSC/OpenSC/commit/4bed31d9f88e92e1466d25c1ccd2b83f7ad805c1
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/card-starcos.c

  Log Message:
  -----------
  Fix memory leaks when reading of file fails

Free file `tmp_file` when subsequent call to
`starcos_select_fid` or `starcos_select_aid` fails.

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54508


  Commit: 4a4836b936150e129ce0e525aae1ed64b74caa89
      https://github.com/OpenSC/OpenSC/commit/4a4836b936150e129ce0e525aae1ed64b74caa89
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/pkcs15.c

  Log Message:
  -----------
  Free allocated data when the length is 0

Allocated data has size from the selected file,
but the resulting length is given by bytes read by
sc_read_binary. This prevents memory leaks when
freeing pkcs15 object data in sc_pkcs15_free_data_info.

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54858


  Commit: 3cc75727177bcabf7dbcf34d0f3177e5d66ef7f3
      https://github.com/OpenSC/OpenSC/commit/3cc75727177bcabf7dbcf34d0f3177e5d66ef7f3
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/libopensc/card-authentic.c

  Log Message:
  -----------
  Check pointer before dereferencing

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55074


  Commit: bdb89174cd5441a279feea258c2792abbbe024ac
      https://github.com/OpenSC/OpenSC/commit/bdb89174cd5441a279feea258c2792abbbe024ac
  Author: Veronika Hanulikova <xha...@fi...>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M src/pkcs15init/pkcs15-starcos.c

  Log Message:
  -----------
  Use sc_file_free() for freeing files

Thanks OSS-Fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55567


Compare: https://github.com/OpenSC/OpenSC/compare/16fdd70a7e02...bdb89174cd54

[Opensc-commits] [OpenSC/libp11] 89ccb1: Change bool attribute true/false names to _true/_f...

From: David L. <no...@gi...> - 2023-02-28 08:09:12

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/libp11
  Commit: 89ccb1f097f56a0933f881af051422b8d67e457f
      https://github.com/OpenSC/libp11/commit/89ccb1f097f56a0933f881af051422b8d67e457f
  Author: dlegault <dle...@bl...>
  Date:   2023-02-28 (Tue, 28 Feb 2023)

  Changed paths:
    M src/p11_attr.c
    M src/p11_ec.c

  Log Message:
  -----------
  Change bool attribute true/false names to _true/_false

This prevents conflicts with true/false defined in stdbool.h

fixes #472

[Opensc-commits] [OpenSC/libp11] 02461b: Check validity of session in pkcs11_get_session

From: Kevin K. <no...@gi...> - 2023-02-28 08:02:58

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/libp11
  Commit: 02461b101a4592bc009935da8568e9820d88b641
      https://github.com/OpenSC/libp11/commit/02461b101a4592bc009935da8568e9820d88b641
  Author: Kevin King <kc...@go...>
  Date:   2023-02-28 (Tue, 28 Feb 2023)

  Changed paths:
    M src/p11_slot.c

  Log Message:
  -----------
  Check validity of session in pkcs11_get_session

Before this change, if a session handle became invalid it would still be
returned to the caller.

This commit uses C_GetSessionInfo to check that a handle is still valid before
returning it from the pool. If a session is no longer valid, it is discarded.

[Opensc-commits] [OpenSC/libp11] 1b9a10: Remove unused 'execinfo.h' include from tests.

From: nojocodex <no...@gi...> - 2023-02-28 07:53:57

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/libp11
  Commit: 1b9a1023e5b2352f48f238bcef654927ec5a502c
      https://github.com/OpenSC/libp11/commit/1b9a1023e5b2352f48f238bcef654927ec5a502c
  Author: nojocodex <noj...@gm...>
  Date:   2023-02-28 (Tue, 28 Feb 2023)

  Changed paths:
    M tests/fork-change-slot.c

  Log Message:
  -----------
  Remove unused 'execinfo.h' include from tests.

[Opensc-commits] [OpenSC/OpenSC] 16fdd7: enable use_file_cache for static cards

From: Frank M. <no...@gi...> - 2023-02-27 10:39:28

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 16fdd70a7e02bc87c14d363ca21777b293cdcf2c
      https://github.com/OpenSC/OpenSC/commit/16fdd70a7e02bc87c14d363ca21777b293cdcf2c
  Author: Frank Morgner <fra...@gm...>
  Date:   2023-02-27 (Mon, 27 Feb 2023)

  Changed paths:
    M README.md
    M doc/files/files.html
    M doc/files/opensc.conf.5.xml.in
    M etc/opensc.conf
    M etc/opensc.conf.example.in
    M src/libopensc/pkcs15.c

  Log Message:
  -----------
  enable use_file_cache for static cards

use_file_cache is initially only activated for cards that can't be
modified with OpenSC (i.e. with pkcs15-init). However, don't enable
cache for PIV by default as many people are experimenting with a
Yubikey.

This also fixes a syntax error in opensc.conf.5.xml.in in the
documentation for `use_file_caching`

fixes https://github.com/OpenSC/OpenSC/issues/2444

Flat | Threaded

<< < 1 .. 25 26 27 28 29 .. 147 > >> (Page 27 of 147)