Changes In Branch require-login-if-needed Excluding Merge-Ins
This is equivalent to a diff from b5ecb7c2d6 to 38771da1e8
|
2015-07-16
| ||
| 16:18 | Updated to retry login if it fails with a 6D 00 (wrong instruction) check-in: 4e30511f94 user: rkeene tags: trunk | |
| 16:06 | Reset the card and rescan for certificates if we get the ISO 7816 error 6D 00 (Wrong instruction) error from the card when trying to verify. Closed-Leaf check-in: 52569c3e74 user: rkeene tags: piv-reset-on-wronginstruction | |
|
2015-07-15
| ||
| 20:10 | Merged in trunk Leaf check-in: 38771da1e8 user: rkeene tags: require-login-if-needed | |
| 20:08 | Merged in trunk Closed-Leaf check-in: bab332232a user: rkeene tags: protected-auth-path | |
| 20:05 | Added support for updating the PIN check-in: b5ecb7c2d6 user: rkeene tags: trunk | |
| 18:47 | Updated KPS CA Certs check-in: efe7692225 user: rkeene tags: trunk | |
|
2015-05-04
| ||
| 16:02 | Merged in trunk check-in: 6938f7a82c user: rkeene tags: require-login-if-needed | |
Modified cackey.c from [3a0d4abad4] to [a802283a94].
| ︙ | ︙ | |||
922 923 924 925 926 927 928 929 930 931 932 933 934 935 |
CACKEY_DEBUG_PRINTF("Returning 0x%lx", retval);
return(retval);
}
/* PC/SC Related Functions */
/*
* SYNPOSIS
* void cackey_slots_disconnect_all(void);
*
* ARGUMENTS
* None
*
| > > > > | 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 |
CACKEY_DEBUG_PRINTF("Returning 0x%lx", retval);
return(retval);
}
/* PC/SC Related Functions */
static cackey_ret cackey_login_required(struct cackey_slot *slot) {
return(CACKEY_PCSC_E_NEEDLOGIN);
}
/*
* SYNPOSIS
* void cackey_slots_disconnect_all(void);
*
* ARGUMENTS
* None
*
|
| ︙ | ︙ | |||
1096 1097 1098 1099 1100 1101 1102 | } /* * SYNPOSIS * void cackey_mark_slot_reset(struct cackey_slot *slot); * * ARGUMENTS | | > > > > > > | > > > | > > > > > | | 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 |
}
/*
* SYNPOSIS
* void cackey_mark_slot_reset(struct cackey_slot *slot);
*
* ARGUMENTS
* ...
*
* RETURN VALUE
* None
*
* NOTES
* This function marks a slot has having been reset, to later be cleaned up.
* Cleanup only happens when a PKCS#11 client calls C_FindObjectsInit.
*
*/
static void cackey_mark_slot_reset(struct cackey_slot *slot) {
int login_required = -1;
if (slot == NULL) {
return;
}
CACKEY_DEBUG_PRINTF("Called.");
if (slot->pcsc_card_connected) {
SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD);
}
slot->slot_reset = 1;
slot->pcsc_card_connected = 0;
slot->token_flags = 0;
if (cackey_pin_command == NULL) {
login_required = 0;
}
if (login_required == -1) {
if (cackey_login_required(slot) != CACKEY_PCSC_S_OK) {
login_required = 1;
} else {
login_required = 0;
}
}
if (login_required) {
slot->token_flags |= CKF_LOGIN_REQUIRED;
}
CACKEY_DEBUG_PRINTF("Returning.");
return;
}
|
| ︙ | ︙ | |||
2971 2972 2973 2974 2975 2976 2977 |
CACKEY_DEBUG_PRINTF("Got \"WRONG CLASS\", this means we are talking to the wrong object (likely because the card went away) -- resetting");
} else {
CACKEY_DEBUG_PRINTF("Security status not satisified (respcode = 0x%04x). Returning NEEDLOGIN", (int) respcode);
}
cackey_mark_slot_reset(slot);
| < < | 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 3001 3002 |
CACKEY_DEBUG_PRINTF("Got \"WRONG CLASS\", this means we are talking to the wrong object (likely because the card went away) -- resetting");
} else {
CACKEY_DEBUG_PRINTF("Security status not satisified (respcode = 0x%04x). Returning NEEDLOGIN", (int) respcode);
}
cackey_mark_slot_reset(slot);
return(CACKEY_PCSC_E_NEEDLOGIN);
}
if (send_ret == CACKEY_PCSC_E_TOKENABSENT) {
CACKEY_DEBUG_PRINTF("Token absent. Returning TOKENABSENT");
cackey_mark_slot_reset(slot);
|
| ︙ | ︙ | |||
4683 4684 4685 4686 4687 4688 4689 |
if (slot_reset) {
cackey_slots[currslot].active = 1;
cackey_slots[currslot].internal = 0;
cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers);
cackey_slots[currslot].pcsc_card_connected = 0;
cackey_slots[currslot].transaction_depth = 0;
cackey_slots[currslot].transaction_need_hw_lock = 0;
| < < < | < | 4699 4700 4701 4702 4703 4704 4705 4706 4707 4708 4709 4710 4711 4712 4713 |
if (slot_reset) {
cackey_slots[currslot].active = 1;
cackey_slots[currslot].internal = 0;
cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers);
cackey_slots[currslot].pcsc_card_connected = 0;
cackey_slots[currslot].transaction_depth = 0;
cackey_slots[currslot].transaction_need_hw_lock = 0;
cackey_slots[currslot].token_flags = 0;
cackey_slots[currslot].label = NULL;
cackey_mark_slot_reset(&cackey_slots[currslot]);
}
} else {
if (!cackey_slots[currslot].active) {
/* Artificially increase the number of active slots by what will become active */
|
| ︙ | ︙ | |||
5767 5768 5769 5770 5771 5772 5773 | cackey_mutex_unlock(cackey_biglock); return(CKR_GENERAL_ERROR); } cackey_sessions[hSession].state = CKS_RO_PUBLIC_SESSION; | < < < < < < | 5779 5780 5781 5782 5783 5784 5785 5786 5787 5788 5789 5790 5791 5792 |
cackey_mutex_unlock(cackey_biglock);
return(CKR_GENERAL_ERROR);
}
cackey_sessions[hSession].state = CKS_RO_PUBLIC_SESSION;
mutex_retval = cackey_mutex_unlock(cackey_biglock);
if (mutex_retval != 0) {
CACKEY_DEBUG_PRINTF("Error. Unlocking failed.");
return(CKR_GENERAL_ERROR);
}
|
| ︙ | ︙ |