Patch-ID# 109887-18
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security ocf card i2c pam_smartcard ocf_deregisterforevent ocfserv
Synopsis: SunOS 5.8: smartcard and usr/sbin/ocfserv patch
Date: Nov/17/2003
Install Requirements: Perform a reconfigure reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 8
SunOS Release: 5.8
Unbundled Product:
Unbundled Release:
Xref:
Topic: SunOS 5.8: smartcard and usr/sbin/ocfserv patch
NOTE: Refer to Special Install Instructions section for
IMPORTANT specific information on this patch.
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 4460859 4704250 4876141
Patches accumulated and obsoleted by this patch: 109351-04 109965-03 111337-01 114295-01
Patches which conflict with this patch:
Patches required with this patch: 108979-10 (or greater)
Obsoleted by:
Files included with this patch:
/etc/smartcard/ocf.classpath
/usr/include/smartcard/ocf_core.h
/usr/include/smartcard/ocf_core_cardservices.h
/usr/include/smartcard/scf.h
/usr/lib/abi/abi_libSCMI2CNative.so.1
/usr/lib/abi/abi_libsmartcard.so.1
/usr/lib/abi/sparcv9/abi_libSCMI2CNative.so.1
/usr/lib/abi/sparcv9/abi_libsmartcard.so.1
/usr/lib/libsmartcard.so.1
/usr/lib/llib-lsmartcard
/usr/lib/llib-lsmartcard.ln
/usr/lib/security/pam_smartcard.so.1
/usr/lib/security/sparcv9/pam_smartcard.so.1
/usr/lib/sparcv9/libsmartcard.so.1
/usr/lib/sparcv9/llib-lsmartcard.ln
/usr/platform/sun4u/include/sys/i2c/clients/scmi2c.h
/usr/sbin/ocfserv
/usr/share/lib/smartcard/CDESmartCardAdmin
/usr/share/lib/smartcard/commands.jar
/usr/share/lib/smartcard/ocf.jar
/usr/share/lib/smartcard/scmiscr.jar
/usr/share/lib/smartcard/scmtester.jar
/usr/share/lib/smartcard/smartcard.jar
/usr/share/lib/smartcard/smartos.jar
Problem Description:
4460859 Java code in smartcard library calls locale-dependent methods
4704250 CT factory stalling prevents subsequent CT factories from being instantiated
4876141 Thread leak in ocfserv
(from 109887-17)
4827207 Enabling smart card removes pam entries from pam.conf
(from 109887-16)
This patch revision was generated to accumulate and obsolete
the feature changes introduced in feature point patch 114295-01
and to include these additional fixes:
4776340 ON support for Enchilada and Taco workstations
4630038 usr/src/lib/smartcard/jarsc/req.flg is missing
4682730 Card.getInfo(INFO_ATR) returns a wrong type
(from 109887-15)
4734926 "smartcard -c admin" gets stuck when a card is not in the reader. (S8 patch)
(from 109887-14)
4462472 *CardServiceFactory.knows(CardID) have multiple problems
4524620 SCF: Need to remove dangerous "restart" support in ocfserv
4554402 internal ocf_encode API isn't very robust
4628969 lint found actual bugs in libsmartcard
4629775 libsmartcard contains "unsafe" libc calls (strcat and friends)
4646497 OCFCardHandle.lock does not handle multiple requests from a client properly.
4647542 ocfserv should clean up threads upon client deregistration
4676018 The smartcard client library passes a wrong hostname to the RPC library.
(from 109887-13)
4454879 OCF server debuggability enhancement
4506457 Ocfserv does not allow dynamic addition of a terminal
4513319 The ATRs of current cards should not be stored as server properties
4523037 UID checking is insufficient and broken
4523207 OCFCardHandle.getCardID and OCFCardHandle.getATR fails
4524468 Getting an existing card handle should be lightweight
4524615 SCF: Need terminal access control and filtering
4524616 SCF: Server is limited to 32 concurrent threads
4528570 OCFDispatcher is not MT safe
4620186 CTListeningService uses clientHandle poorly
4620717 smartcard terminal properties are inaccessible
4622069 ocfserv can't access card reset functions in OCF
4622072 SCM terminals won't reset a card already present
4624770 OCF_CTListener.cardInserted() threw NullPointerException due to no card handle
(from 109887-12)
4369364 OCF_RegisterForEvent() returns OCF_Success incorrectly
4624773 Client should retry RPC request after RPC_TIMEDOUT
(from 109887-11)
4509396 SmartCard.getSmartCard() returns null incorrectly
(from 109887-10)
4516697 payflex wrong default permission
(from 109887-09)
4480706 Java client API of PassThruCardService is broken
4487753 OCF implementation incomplete/inconsistent
4449515 pam_smartcard has problems with "authmechanism" property
(from 109887-08)
4451847 link fails on OCF_PassThruCardService
(from 109887-07)
4420910 OCF_PassThruCardService C-API needs to be implemented.
4293165 com.sun.opencard.service.common.PassThruCardService:sendCommandAPDU returns null
4426474 smartcard -c admin stops working for non-root users
4259952 The output details of smartcard -c admin -a <application> are truncated.
4434303 challenge-response authentication needs fixed
4445519 running "smartcard -c enable" overwrites CDE smartcard settings
4423025 Login problem - user can not login
4396204 pam_smartcard module calls pam_authenticate
(from 109887-06)
4423038 /etc/smartcard/opencard.properties became corrupted
4423901 PIN + extra character
(from 109887-05)
4423932 after changing properties in gui, ocfserv does not detect the changes
(from 109887-04)
4352260 ocf API tests don't compile as 64-bit
4390593 OCF_ListCards_Next will core dump in 64-bit mode
4418518 deadlock occurs for dtlogin auth. after smart card is removed
4401809 scm driver mutex panic on failed attach
(from 109887-03)
4389861 card events not received after OCF server is killed
4341792 libsmartcard sees wrong i18n file written in ocf_error.c
(from 109887-02)
4343702 can't EXIT out from CDE after ocf daemon recovered from corrupt stage
4343711 ocfserv gets corrupted at a stage causing problem in login authenticating
4346640 cde fails to unlock screen via smart card when system isn't free idle
4361637 password login fails for payflex
(from 109887-01)
This patch revision was generated to accumulate and obsolete
the feature changes introduced in point patch 109351-04.
4293939 Add Internal reader jar file to /etc/smartcard/ocf.classpath
4290329 Need OCF Card Terminal driver for internal smartcard reader
4305335 Validate test apps fails on cyberflex card
4275177 Smartcard I2C support for new platforms
4330625 SUNWiscr package doesn't build in the Source build
4332392 missing file I2CDrive.class in smartos.jar
(from 109351-04)
4330625 SUNWiscr package doesn't build in the Source build
This patch revision was generated to include smartcard source
changes for the new SUNWstcx pkg.
(from 109351-03)
4330625 SUNWiscr package doesn't build in the Source build
(from 109351-02)
4332392 missing file I2CDrive.class in smartos.jar
(from 109351-01)
4293939 Add Internal reader jar file to /etc/smartcard/ocf.classpath
4290329 Need OCF Card Terminal driver for internal smartcard reader
4305335 Validate test apps fails on cyberflex card
4275177 Smartcard I2C support for new platforms
(from 109965-03)
4352242 OCF_DeregisterForEvent core dumps sigbus and segv
(from 109965-02)
4322446 dt config files are not setup properly by smartcard command causing dtlogin bug
4315034 Missing depend files for SUNWocf, SUNWocfx and SUNWocfh.
4353105 SUNWjcom and SUNWjcomx are missing depend file in Solaris.
4306126 Missing depend files for several smart card packages for Solaris 8 and up
4352312 deregister() is called from garbage collector of class Smartcard
4355630 Missing calls of ocf_cleanup() in pam_sm_authenticate()
4288077 OCF Server doesn't backup props. If aborted prematurely props. might be deleted
4352345 card-event-listening threads falling into infinite loops after ocfserv restarted
4252211 ocfserv doesn't keep track of the cards currently in the readers
4260074 Smartcard authentication generates new WaitForCardRemoved threads.
4298260 smartcard GUI waits for loading property; process globe kept spinning w/jvm121.4
(from 109965-01)
4341789 pam_smartcard module sees invalid file
(from 111337-01)
4429492 OCFserv hangs at random times on some platforms
(from 114295-01)
4655166 tracking bug for SCF project integration
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: It is recommended to install patch 108909-06 (or newer)
with this patch for CDE users.
NOTE 2: For complete platform support for the SUNW,Sun-Blade-1500
and SUNW,Sun-Blade-2500, please install the following patches:
108528-20 (or newer) Kernel Update Patch
108974-28 (or newer) dada,uata,dad,sd,scsi patch
108975-08 (or newer) rmformat and format patch
108977-02 (or newer) libsmedia patch
109793-18 (or newer) su patch
109873-17 (or newer) libprtdiag_psr.so.1 patch
109885-11 (or newer) glm patch
109887-16 (or newer) smartcard patch
109888-21 (or newer) platform drivers patch
109889-04 (or newer) platform links & libc_psr patch
109896-13 (or newer) USB patch
109920-08 (or newer) pcic driver patch
110320-03 (or newer) s1394 patch
110460-28 (or newer) fruid/PICL plug-ins patch
110609-04 (or newer) USB header patch
111804-03 (or newer) update_drv,rem_drv patch
111808-02 (or newer) /usr/lib/adb/devinfo patch
109892-04 (or newer) ecpp patch
README -- Last modified date: Friday, November 9, 2012