oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use HX509_CERTS_UNPROTECT_ALL when there is no pin code.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22463 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-01-16 14:24:33 +00:00
parent 51c9da4501
commit 8b206a59cc
1 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/hx509/softp11.c
View File

@@ -604,12 +604,15 @@ add_certificate(const char *cert_file,
{ {
hx509_certs certs; hx509_certs certs;
hx509_lock lock = NULL; hx509_lock lock = NULL;
int ret; int ret, flags = 0;
struct foo foo; struct foo foo;
foo.id = id; foo.id = id;
foo.label = label; foo.label = label;
if (pin == NULL)
flags |= HX509_CERTS_UNPROTECT_ALL;
if (pin) { if (pin) {
char *str; char *str;
asprintf(&str, "PASS:%s", pin); asprintf(&str, "PASS:%s", pin);
@@ -621,7 +624,7 @@ add_certificate(const char *cert_file,
free(str); free(str);
} }
ret = hx509_certs_init(context, cert_file, 0, lock, &certs); ret = hx509_certs_init(context, cert_file, flags, lock, &certs);
if (ret) { if (ret) {
st_logf("failed to open file %s\n", cert_file); st_logf("failed to open file %s\n", cert_file);
return CKR_GENERAL_ERROR; return CKR_GENERAL_ERROR;
@@ -694,6 +697,7 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin)
int anchor; int anchor;
FILE *f; FILE *f;
CK_RV ret = CKR_OK; CK_RV ret = CKR_OK;
CK_RV failed = CKR_OK;
f = fopen(fn, "r"); f = fopen(fn, "r");
if (f == NULL) { if (f == NULL) {
@@ -745,7 +749,7 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin)
ret = add_certificate(cert, pin, id, label); ret = add_certificate(cert, pin, id, label);
if (ret) if (ret)
goto out; failed = ret;
} else if (strcasecmp("debug", type) == 0) { } else if (strcasecmp("debug", type) == 0) {
char *name; char *name;
@@ -755,6 +759,9 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin)
continue; continue;
} }
if (soft_token.logfile)
fclose(soft_token.logfile);
if (strcasecmp(name, "stdout") == 0) if (strcasecmp(name, "stdout") == 0)
soft_token.logfile = stdout; soft_token.logfile = stdout;
else else
@@ -769,7 +776,7 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin)
out: out:
fclose(f); fclose(f);
return ret; return failed;
} }
static CK_RV static CK_RV
@@ -849,7 +856,6 @@ C_Initialize(CK_VOID_PTR a)
soft_token.config_file = fn; soft_token.config_file = fn;
} }
#if 0
/* /*
* XXX this should really fail if the password is missing and the * XXX this should really fail if the password is missing and the
* cert-store is protected by a password * cert-store is protected by a password
@@ -857,7 +863,6 @@ C_Initialize(CK_VOID_PTR a)
ret = read_conf_file(soft_token.config_file, CKU_USER, NULL); ret = read_conf_file(soft_token.config_file, CKU_USER, NULL);
if (ret == CKR_OK) if (ret == CKR_OK)
soft_token.flags.login_done = 1; soft_token.flags.login_done = 1;
#endif
return CKR_OK; return CKR_OK;
} }