[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_6

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_6_1-8-g3830

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_6_1-8-g3830d13
Date:	Wed, 15 Jun 2011 19:32:31 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3830d1309f4cd15c0394f9a0344b54234723161e

The branch, gnutls_2_12_x has been updated
       via  3830d1309f4cd15c0394f9a0344b54234723161e (commit)
       via  3399647148085818f1adcae9fc0ed9e054366de1 (commit)
       via  c4f76a288db9e48fa8d2f114c112f293c10fe040 (commit)
      from  7c78a454729924f108cf099c301090070e98aef0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3830d1309f4cd15c0394f9a0344b54234723161e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Jun 15 21:32:19 2011 +0200

    When setting the TRUSTED flag login as security officer.

commit 3399647148085818f1adcae9fc0ed9e054366de1
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Jun 15 20:55:15 2011 +0200

    write label in PKCS #11 privkey.

commit c4f76a288db9e48fa8d2f114c112f293c10fe040
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Jun 15 20:52:11 2011 +0200

    define ck_bool_t to be compatible with PKCS #11 bool type.

-----------------------------------------------------------------------

Summary of changes:
 lib/gnutls_privkey.c         |    1 -
 lib/gnutls_pubkey.c          |    1 -
 lib/includes/gnutls/pkcs11.h |    1 +
 lib/pkcs11.c                 |    4 +++-
 lib/pkcs11_int.h             |    2 ++
 lib/pkcs11_privkey.c         |    1 -
 lib/pkcs11_secret.c          |    2 +-
 lib/pkcs11_write.c           |   12 ++++++++++--
 src/pkcs11.c                 |    7 ++++++-
 9 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c
index df604a3..eb4bd6b 100644
--- a/lib/gnutls_privkey.c
+++ b/lib/gnutls_privkey.c
@@ -24,7 +24,6 @@
 #include <pakchois/pakchois.h>
 #include <gnutls/pkcs11.h>
 #include <stdio.h>
-#include <stdbool.h>
 #include <string.h>
 #include <gnutls_errors.h>
 #include <gnutls_datum.h>
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c
index d944660..49688f7 100644
--- a/lib/gnutls_pubkey.c
+++ b/lib/gnutls_pubkey.c
@@ -24,7 +24,6 @@
 #include <pakchois/pakchois.h>
 #include <gnutls/pkcs11.h>
 #include <stdio.h>
-#include <stdbool.h>
 #include <string.h>
 #include <gnutls_errors.h>
 #include <gnutls_datum.h>
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 4f2cefd..c1b7981 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -68,6 +68,7 @@ int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
 #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0)     /* force login in the token 
for the operation */
 #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1)      /* object marked as 
trusted */
 #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2)    /* object marked as 
sensitive (unexportable) */
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3)     /* force login as a 
security officer in the token for the operation */
 
   /**
    * gnutls_pkcs11_url_type_t:
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index a2dce6c..764448b 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1399,7 +1399,7 @@ pkcs11_obj_import_pubkey (pakchois_session_t * pks,
   opaque tmp1[2048];
   opaque tmp2[2048];
   int ret;
-  unsigned int tval;
+  ck_bool_t tval;
 
   a[0].type = CKA_KEY_TYPE;
   a[0].value = &key_type;
@@ -1779,6 +1779,8 @@ pkcs11_obj_flags_to_int (unsigned int flags)
 
   if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN)
     ret_flags |= SESSION_LOGIN;
+  else if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO)
+    ret_flags |= SESSION_LOGIN|SESSION_SO;
 
   return ret_flags;
 }
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
index b431a80..b2c1d46 100644
--- a/lib/pkcs11_int.h
+++ b/lib/pkcs11_int.h
@@ -7,6 +7,8 @@
 #define PKCS11_ID_SIZE 128
 #define PKCS11_LABEL_SIZE 128
 
+typedef unsigned char ck_bool_t;
+
 struct token_info
 {
   struct ck_token_info tinfo;
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index 3d1ed3e..9a66353 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -24,7 +24,6 @@
 #include <pakchois/pakchois.h>
 #include <gnutls/pkcs11.h>
 #include <stdio.h>
-#include <stdbool.h>
 #include <string.h>
 #include <gnutls_errors.h>
 #include <gnutls_datum.h>
diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c
index 3cfb1e1..037e569 100644
--- a/lib/pkcs11_secret.c
+++ b/lib/pkcs11_secret.c
@@ -57,7 +57,7 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, 
gnutls_datum_t * key,
   ck_object_class_t class = CKO_SECRET_KEY;
   ck_object_handle_t obj;
   ck_key_type_t keytype = CKK_GENERIC_SECRET;
-  unsigned int tval = 1;
+  ck_bool_t tval = 1;
   int a_val;
   opaque id[16];
 
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index 8ab3aa3..fb161ac 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -57,7 +57,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
   ck_object_class_t class = CKO_CERTIFICATE;
   ck_certificate_type_t type = CKC_X_509;
   ck_object_handle_t obj;
-  unsigned int tval = 1;
+  ck_bool_t tval = 1;
   int a_val;
 
   ret = pkcs11_url_to_info (token_url, &info);
@@ -195,7 +195,7 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
   ck_object_class_t class = CKO_PRIVATE_KEY;
   ck_object_handle_t obj;
   ck_key_type_t type;
-  unsigned int tval = 1;
+  ck_bool_t tval = 1;
   int a_val;
   gnutls_pk_algorithm_t pk;
   gnutls_datum_t p, q, g, y, x;
@@ -253,6 +253,14 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
   a[a_val].value_len = sizeof (tval);
   a_val++;
 
+  if (label)
+    {
+      a[a_val].type = CKA_LABEL;
+      a[a_val].value = (void *) label;
+      a[a_val].value_len = strlen (label);
+      a_val++;
+    }
+
   if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE)
     tval = 1;
   else
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 0dc9b58..9c0526a 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -145,7 +145,12 @@ pkcs11_list (FILE * outfile, const char *url, int type, 
unsigned int login,
   unsigned int obj_flags = 0;
 
   if (login)
-    obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
+    {
+      if (type == PKCS11_TYPE_TRUSTED)
+        obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO;
+      else
+        obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
+    }
 
   pkcs11_common ();
 


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_6_1-8-g3830d13, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-89-g91b8780
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-93-gba1f72e
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-89-g91b8780
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-93-gba1f72e
Index(es):
- Date
- Thread