Project

General

Profile

Bug #2166

nm-strongswan stores the PIN when using smartcard authentication

Added by Raphael Geissert about 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Tobias Brunner
Category:
networkmanager (charon-nm)
Target version:
5.5.3
Start date:
03.11.2016
Due date:
Estimated time:
Affected version:
5.5.1
Resolution:
Fixed

Description

Quoting from the attached patch:

The secret storage flag wasn't being saved when using smartcard
authentication, resulting in the PIN being stored.

The patch fixes it by storing the flags, but it doesn't clear any stored PIN.

0001-nm-prevent-the-smartcard-PIN-from-being-stored.patch (953 Bytes) 0001-nm-prevent-the-smartcard-PIN-from-being-stored.patch Raphael Geissert, 03.11.2016 17:06

Associated revisions

Revision a4b3f145 (diff)
Added by Raphael Geissert over 3 years ago

nm: Explicitly prevent the smartcard PIN from being stored

The secret storage flag wasn't being saved when using smartcard
authentication, resulting in the PIN being stored.

Fixes #2166.

History

#1 Updated by Tobias Brunner over 3 years ago

  • Tracker changed from Issue to Bug
  • Status changed from New to Closed
  • Assignee set to Tobias Brunner
  • Target version set to 5.5.3
  • Start date set to 03.11.2016
  • Resolution set to Fixed

Sorry for missing this. I can't really reproduce what you are seeing. Instead, in my tests if I didn't set the flag the entered password somehow got lost and I always received a final secrets request failed to provide sufficient secrets errors. Anyway, setting the flag somehow seems to fix that too. Applied to master, thanks!

Also available in: Atom PDF