diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-11-07 07:49:54 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-11-07 08:59:26 +0100 |
commit | c7213d8779ba9f168c8bd7e6780dd6166e07f12b (patch) | |
tree | 7c740dd9dd812ecf700c01e960482bd134ee6f1b | |
parent | ce4395838f3d06c3aa198c0ce607304f4d67a17f (diff) | |
download | gnutls-c7213d8779ba9f168c8bd7e6780dd6166e07f12b.tar.gz |
pkcs11_login: set the correct user type on reauthentication
-rw-r--r-- | lib/pkcs11.c | 13 | ||||
-rw-r--r-- | lib/pkcs11_int.h | 2 |
2 files changed, 11 insertions, 4 deletions
diff --git a/lib/pkcs11.c b/lib/pkcs11.c index dfe78c4fa8..a370199170 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -2184,14 +2184,21 @@ pkcs11_login(struct pkcs11_session_info *sinfo, struct pin_info_st *pin_info, struct p11_kit_uri *info, unsigned so, - unsigned force) + unsigned reauth) { struct ck_session_info session_info; int attempt = 0, ret; ck_user_type_t user_type; ck_rv_t rv; - user_type = (so == 0) ? CKU_USER : CKU_SO; + if (so == 0) { + if (reauth == 0) + user_type = CKU_USER; + else + user_type = CKU_CONTEXT_SPECIFIC; + } else + user_type = CKU_SO; + if (so == 0 && (sinfo->tinfo.flags & CKF_LOGIN_REQUIRED) == 0) { gnutls_assert(); _gnutls_debug_log("p11: No login required.\n"); @@ -2226,7 +2233,7 @@ pkcs11_login(struct pkcs11_session_info *sinfo, /* Check whether the session is already logged in, and if so, just skip */ rv = (sinfo->module)->C_GetSessionInfo(sinfo->pks, &session_info); - if (rv == CKR_OK && force == 0 && + if (rv == CKR_OK && reauth == 0 && (session_info.state == CKS_RO_USER_FUNCTIONS || session_info.state == CKS_RW_USER_FUNCTIONS)) { ret = 0; diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h index 6c8541d574..82bf367069 100644 --- a/lib/pkcs11_int.h +++ b/lib/pkcs11_int.h @@ -103,7 +103,7 @@ int pkcs11_get_info(struct p11_kit_uri *info, int pkcs11_login(struct pkcs11_session_info *sinfo, struct pin_info_st *pin_info, struct p11_kit_uri *info, unsigned so, - unsigned force); + unsigned reauth); int pkcs11_call_token_func(struct p11_kit_uri *info, const unsigned retry); |