lib/56630: Several pam_u2f debug issues

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/56630: Several pam_u2f debug issues
From: mlelstv%serpens.de@localhost
Date: Sat, 15 Jan 2022 16:10:00 +0000 (UTC)

>Number:         56630
>Category:       lib
>Synopsis:       Several pam_u2f debug issues
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jan 15 16:10:00 +0000 2022
>Originator:     Michael van Elst
>Release:        NetBSD 9.99.93
>Organization:
	
>Environment:
	
	
System: NetBSD tazz 9.99.93 NetBSD 9.99.93 (TAZZ) #43: Thu Jan 13 23:07:03 UTC 2022 mlelstv@slowpoke:/scratch2/obj.amd64/scratch/netbsd-current/src/sys/arch/amd64/compile/TAZZ amd64
Architecture: x86_64
Machine: amd64
>Description:

pam_u2f supports the debug and debug_file options to redirect output
to a file, syslog, stdout or stderr. However, you always get some
output written to stderr.

Reason is that pam_u2f calls fido_init() with the FIDO_DEBUG parameter
when it sees the debug option and libfido2 defaults to log debug
output to stderr. pam_u2f should use fido_set_log_handler() to catch
the output and print it according to the debug_file option.

The pam_u2f man page is also irritating as it describes a quoting
mechanism for options containing white space using square brackets.
OpenPAM however uses normal shell quoting rules, i.e. single or
double quotes.

>How-To-Repeat:
Try pam_u2f with the debug option.

>Fix:
	

>Unformatted:

Prev by Date: Re: kern/56629 (pfil(9) is at odds with reality)
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: Re: kern/56629 (pfil(9) is at odds with reality)
Next by Thread: bin/56631: rdump fails to back up to remote file
Indexes:

Home | Main Index | Thread Index | Old Index