[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-74-g6910f51
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-74-g6910f51 |
|
Date: |
Sun, 14 Aug 2011 13:03:49 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6910f517c7533f6499d4faaf5eb7c920751f805a
The branch, master has been updated
via 6910f517c7533f6499d4faaf5eb7c920751f805a (commit)
via fbcbc22581084858845792ed0da0ece935d7ff0d (commit)
via b94a72ef8eda2f2a873d6b75743d6d1a9e9adf60 (commit)
from e829173095ee8b74c246a4d45aa0f7a0a7e7a98a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
NEWS | 5 +++++
lib/includes/gnutls/pkcs11.h | 4 +++-
lib/pkcs11.c | 3 +++
src/p11common.c | 7 +++++++
4 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/NEWS b/NEWS
index b1f4fa6..47a0fbc 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,10 @@ See the end for copying conditions.
* Version 3.0.1 (unreleased)
+** libgnutls: When asking for a PIN multiple times, the
+flags in the callback were not being updated to reflect
+for PIN low count or final try.
+
** crywrap: Added to the distribution
** libgnutls: Do not allow second instances of PKCS #11
@@ -28,6 +32,7 @@ imported is properly sorted.
** API and ABI modifications:
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: New element in
gnutls_certificate_import_flags
+GNUTLS_PKCS11_PIN_WRONG: New flag for PIN callback
* Version 3.0.0 (released 2011-07-29)
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 22726b8..6dca20f 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -59,6 +59,7 @@ typedef int (*gnutls_pkcs11_token_callback_t) (void *const
userdata,
* @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and
key like signing.
* @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking.
* @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks.
+ * @GNUTLS_PKCS11_PIN_WRONG: Last given PIN was not correct.
*
* Enumeration of different PIN flags.
*/
@@ -66,9 +67,10 @@ typedef enum
{
GNUTLS_PKCS11_PIN_USER = (1 << 0),
GNUTLS_PKCS11_PIN_SO = (1 << 1),
- GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2),
GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3),
+ GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
+ GNUTLS_PKCS11_PIN_WRONG = (1 << 5),
} gnutls_pkcs11_pin_flag_t;
/**
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 23a1ed9..91db86c 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1847,6 +1847,9 @@ retrieve_pin_for_callback (struct ck_token_info
*token_info, int attempts,
flags |= GNUTLS_PKCS11_PIN_FINAL_TRY;
}
+ if (attempts > 0)
+ flags |= GNUTLS_PKCS11_PIN_WRONG;
+
ret = pin_func (pin_data, attempts, (char*)token_str, label,
flags, pin_value, GNUTLS_PKCS11_MAX_PIN_LEN);
free (token_str);
diff --git a/src/p11common.c b/src/p11common.c
index 1ef7c9c..4c7df1e 100644
--- a/src/p11common.c
+++ b/src/p11common.c
@@ -58,6 +58,12 @@ pin_callback (void *user, int attempt, const char *token_url,
cache = 0;
printf ("*** Only few tries left before locking!\n");
}
+
+ if (flags & GNUTLS_PKCS11_PIN_WRONG)
+ {
+ cache = 0;
+ printf ("*** Wrong PIN has been provided!\n");
+ }
if (cache > 0 && cached_url != NULL)
{
@@ -69,6 +75,7 @@ pin_callback (void *user, int attempt, const char *token_url,
exit (1);
}
+ fprintf(stderr, "Re-using cached PIN for token '%s'\n", token_label);
strcpy (pin, cached_pin);
cache--;
return 0;
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-74-g6910f51,
Nikos Mavrogiannopoulos <=