From bfb7f68b70459db45c10744671e6a46140438462 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri, 17 Jun 2011 20:38:34 +0200
Subject: Limit the number of attempts with the same PIN, to avoid attempting
 again and again with a wrong PIN.

---
 src/p11common.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/p11common.c b/src/p11common.c
index ae56cf06c3..0060c88eb6 100644
--- a/src/p11common.c
+++ b/src/p11common.c
@@ -30,6 +30,7 @@
 
 #define MIN(x,y) ((x)<(y))?(x):(y)
 
+#define MAX_CACHE_TRIES 5
 static int
 pin_callback (void *user, int attempt, const char *token_url,
               const char *token_label, unsigned int flags, char *pin,
@@ -37,7 +38,7 @@ pin_callback (void *user, int attempt, const char *token_url,
 {
   const char *password;
   const char * desc;
-  int len, cache = 1;
+  int len, cache = MAX_CACHE_TRIES;
 /* allow caching of PIN */
   static char *cached_url = NULL;
   static char cached_pin[32] = "";
@@ -58,7 +59,7 @@ pin_callback (void *user, int attempt, const char *token_url,
       printf ("*** Only few tries left before locking!\n");
     }
     
-  if (cache == 1 && cached_url != NULL)
+  if (cache > 0 && cached_url != NULL)
     {
       if (strcmp (cached_url, token_url) == 0)
         {
@@ -69,6 +70,7 @@ pin_callback (void *user, int attempt, const char *token_url,
             }
 
           strcpy (pin, cached_pin);
+          cache--;
           return 0;
         }
     }
@@ -91,6 +93,7 @@ pin_callback (void *user, int attempt, const char *token_url,
   strcpy (cached_pin, pin);
   free (cached_url);
   cached_url = strdup (token_url);
+  cache = MAX_CACHE_TRIES;
 
   return 0;
 }
-- 
cgit v1.2.1