mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
Fix factory-reset for admin-less mode.
Reported-by: Stanislas Bach <sbach@0g.re> Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
eea011fe70
commit
2b340ee1c5
@ -1,3 +1,7 @@
|
|||||||
|
2017-08-03 NIIBE Yutaka <gniibe@fsij.org>
|
||||||
|
|
||||||
|
* src/openpgp.c (cmd_terminate_df): Fix for admin-less mode.
|
||||||
|
|
||||||
2017-08-03 Jeremy Drake <jeremydrake+gnuk@eacceleration.com>
|
2017-08-03 Jeremy Drake <jeremydrake+gnuk@eacceleration.com>
|
||||||
|
|
||||||
* regnual/regnual.c (main): Allow compile time
|
* regnual/regnual.c (main): Allow compile time
|
||||||
|
1
THANKS
1
THANKS
@ -35,6 +35,7 @@ Paul Fertser
|
|||||||
Paul Bakker polarssl_maintainer@polarssl.org
|
Paul Bakker polarssl_maintainer@polarssl.org
|
||||||
Santiago Ruano Rincón santiago@debian.org
|
Santiago Ruano Rincón santiago@debian.org
|
||||||
Shane Coughlan scoughlan@openinventionnetwork.com
|
Shane Coughlan scoughlan@openinventionnetwork.com
|
||||||
|
Stanislas Bach sbach@0g.re
|
||||||
Szczepan Zalega szczepan@nitrokey.com
|
Szczepan Zalega szczepan@nitrokey.com
|
||||||
Vasily Evseenko
|
Vasily Evseenko
|
||||||
Werner Koch wk@gnupg.org
|
Werner Koch wk@gnupg.org
|
||||||
|
@ -1335,6 +1335,8 @@ cmd_activate_file (void)
|
|||||||
static void
|
static void
|
||||||
cmd_terminate_df (void)
|
cmd_terminate_df (void)
|
||||||
{
|
{
|
||||||
|
const uint8_t *ks_pw3;
|
||||||
|
|
||||||
uint8_t p1 = P1 (apdu);
|
uint8_t p1 = P1 (apdu);
|
||||||
uint8_t p2 = P2 (apdu);
|
uint8_t p2 = P2 (apdu);
|
||||||
|
|
||||||
@ -1356,8 +1358,11 @@ cmd_terminate_df (void)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ks_pw3 = gpg_do_read_simple (NR_DO_KEYSTRING_PW3);
|
||||||
|
|
||||||
if (!ac_check_status (AC_ADMIN_AUTHORIZED) && !gpg_pw_locked (PW_ERR_PW3))
|
if (!ac_check_status (AC_ADMIN_AUTHORIZED)
|
||||||
|
&& !((ks_pw3 && gpg_pw_locked (PW_ERR_PW3))
|
||||||
|
|| (ks_pw3 == NULL && gpg_pw_locked (PW_ERR_PW1))))
|
||||||
{
|
{
|
||||||
/* Only allow the case admin authorized, or, admin pass is locked. */
|
/* Only allow the case admin authorized, or, admin pass is locked. */
|
||||||
GPG_SECURITY_FAILURE();
|
GPG_SECURITY_FAILURE();
|
||||||
|
Loading…
Reference in New Issue
Block a user