[SCM] GNU gnutls branch, master, updated. gnutls_3_0

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-6-g717118b

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-6-g717118b
Date:	Mon, 01 Aug 2011 16:01:08 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=717118b68a2518caec8f363bc694a3679b0a98c6

The branch, master has been updated
       via  717118b68a2518caec8f363bc694a3679b0a98c6 (commit)
       via  3c04faca8fb6fa505b24af190903886371fbeafa (commit)
       via  6ab4070464285f651526000afacdc81f352cbcce (commit)
      from  85986c82ec5edf498196476bcf671a36cf4ed091 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 717118b68a2518caec8f363bc694a3679b0a98c6
Author: Stef Walter <address@hidden>
Date:   Mon Aug 1 11:12:57 2011 +0200

    Don't try to do PKCS#11 login if session is already logged in.
    
     * It is possible for new PKCS#11 sessions to be logged in if
       another logged in session already exists.
     * In these cases, don't log in, but detect the condition and
       return success.
    
    Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>

commit 3c04faca8fb6fa505b24af190903886371fbeafa
Author: Stef Walter <address@hidden>
Date:   Mon Aug 1 11:11:01 2011 +0200

    When finding private keys fail, return error code.
    
     * Previously this would result in an endless loop.
    
    Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>

commit 6ab4070464285f651526000afacdc81f352cbcce
Author: Stef Walter <address@hidden>
Date:   Mon Aug 1 09:45:44 2011 +0200

    Mark the config argument of gnutls_pkcs11_init() as unused
    
     * Since its no longer used.
    
    Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>

-----------------------------------------------------------------------

Summary of changes:
 lib/includes/gnutls/pkcs11.h |    2 +-
 lib/pkcs11.c                 |   16 +++++++++++++---
 lib/pkcs11_privkey.c         |    6 ++++--
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 647b241..4206749 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -57,7 +57,7 @@ typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
  * load = /lib/yyy-pkcs11.so
  */
 
-int gnutls_pkcs11_init (unsigned int flags, const char *configfile);
+int gnutls_pkcs11_init (unsigned int flags, void *unused);
 void gnutls_pkcs11_deinit (void);
 void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn,
                                        void *userdata);
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 7366965..017eb73 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -464,10 +464,10 @@ const char* configfile = "/etc/gnutls/pkcs11.conf";
 /**
  * gnutls_pkcs11_init:
  * @flags: %GNUTLS_PKCS11_FLAG_MANUAL or %GNUTLS_PKCS11_FLAG_AUTO
- * @configfile: either NULL or the location of a configuration file
+ * @unused: unused, set to NULL
  *
  * This function will initialize the PKCS 11 subsystem in gnutls. It will
- * read a configuration file if %GNUTLS_PKCS11_FLAG_AUTO is used or allow
+ * read configuration files if %GNUTLS_PKCS11_FLAG_AUTO is used or allow
  * you to independently load PKCS 11 modules using gnutls_pkcs11_add_provider()
  * if %GNUTLS_PKCS11_FLAG_MANUAL is specified.
  *
@@ -479,7 +479,7 @@ const char* configfile = "/etc/gnutls/pkcs11.conf";
  *   negative error value.
  **/
 int
-gnutls_pkcs11_init (unsigned int flags, const char *configfile)
+gnutls_pkcs11_init (unsigned int flags, void *unused)
 {
   struct ck_function_list **modules;
   const char *name;
@@ -1862,6 +1862,7 @@ int
 pkcs11_login (struct ck_function_list * module, ck_session_handle_t pks,
               const struct token_info *tokinfo, struct p11_kit_uri *info, int 
so)
 {
+  struct ck_session_info session_info;
   int attempt = 0, ret;
   ck_user_type_t user_type;
   ck_rv_t rv;
@@ -1900,6 +1901,15 @@ pkcs11_login (struct ck_function_list * module, 
ck_session_handle_t pks,
 
       memcpy (&tinfo, &tokinfo->tinfo, sizeof(tinfo));
 
+      /* Check whether the session is already logged in, and if so, just skip 
*/
+      rv = (module)->C_GetSessionInfo (pks, &session_info);
+      if (rv == CKR_OK && (session_info.state == CKS_RO_USER_FUNCTIONS ||
+                           session_info.state == CKS_RW_USER_FUNCTIONS))
+        {
+          ret = 0;
+          goto cleanup;
+        }
+
       /* If login has been attempted once already, check the token
        * status again, the flags might change. */
       if (attempt)
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index e1eea0f..8d1fe30 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -137,8 +137,10 @@ gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t 
pkey,
                           } \
                        gnutls_assert(); \
                        return ret; \
-               } \
-       } while (ret < 0);
+               } else if (ret < 0) { \
+                        return ret; \
+                } \
+       } while (0);
 
 /*-
  * _gnutls_pkcs11_privkey_sign_hash:


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-6-g717118b, Nikos Mavrogiannopoulos <=

Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-7-ga7ece2a
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-7-ga7ece2a
Index(es):
- Date
- Thread