>From 938f959a23b05ea2407bef067d54ce8b1e3cb6ec Mon Sep 17 00:00:00 2001
From: Stef Walter <address@hidden>
Date: Mon, 1 Aug 2011 11:12:57 +0200
Subject: [PATCH 3/3] Don't try to do PKCS#11 login if session is already
 logged in.

 * It is possible for new PKCS#11 sessions to be logged in if
   another logged in session already exists.
 * In these cases, don't log in, but detect the condition and
   return success.
---
 lib/pkcs11.c |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index bbf6d4b..017eb73 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1862,6 +1862,7 @@ int
 pkcs11_login (struct ck_function_list * module, ck_session_handle_t pks,
               const struct token_info *tokinfo, struct p11_kit_uri *info, int so)
 {
+  struct ck_session_info session_info;
   int attempt = 0, ret;
   ck_user_type_t user_type;
   ck_rv_t rv;
@@ -1900,6 +1901,15 @@ pkcs11_login (struct ck_function_list * module, ck_session_handle_t pks,
 
       memcpy (&tinfo, &tokinfo->tinfo, sizeof(tinfo));
 
+      /* Check whether the session is already logged in, and if so, just skip */
+      rv = (module)->C_GetSessionInfo (pks, &session_info);
+      if (rv == CKR_OK && (session_info.state == CKS_RO_USER_FUNCTIONS ||
+                           session_info.state == CKS_RW_USER_FUNCTIONS))
+        {
+          ret = 0;
+          goto cleanup;
+        }
+
       /* If login has been attempted once already, check the token
        * status again, the flags might change. */
       if (attempt)
-- 
1.7.6