Overview
| Comment: | Added return value printing for C_Login() and removed requirement that PIN not be provided if using protected authentication path (some tools provide it anyway) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | protected-auth-path |
| Files: | files | file ages | folders |
| SHA1: | a68e222d00bf4883fe3937110ce4635921e082e4 |
| User & Date: | rkeene on 2013-08-14 04:16:58 |
| Other Links: | manifest | tags |
Context
|
2013-08-14
| ||
| 04:22 | Merged in updates check-in: 5469f9a4d0 user: rkeene tags: protected-auth-path | |
| 04:16 | Added return value printing for C_Login() and removed requirement that PIN not be provided if using protected authentication path (some tools provide it anyway) check-in: a68e222d00 user: rkeene tags: protected-auth-path | |
| 04:15 | Added start of script to ask for PIN via X11 check-in: 20ddc71853 user: rkeene tags: protected-auth-path | |
Changes
Modified cackey.c from [b4f00ff994] to [1a206186e3].
5208 5208 } 5209 5209 5210 5210 pincmd = cackey_pin_command; 5211 5211 if (pincmd != NULL) { 5212 5212 CACKEY_DEBUG_PRINTF("CACKEY_PIN_COMMAND = %s", pincmd); 5213 5213 5214 5214 if (pPin != NULL) { 5215 - CACKEY_DEBUG_PRINTF("Error. Protected authentication path in effect and PIN provided !?"); 5216 - 5217 - cackey_mutex_unlock(cackey_biglock); 5218 - 5219 - return(CKR_GENERAL_ERROR); 5215 + CACKEY_DEBUG_PRINTF("Protected authentication path in effect and PIN provided !?"); 5220 5216 } 5221 5217 5222 5218 pinfd = popen(pincmd, "r"); 5223 5219 if (pinfd == NULL) { 5224 5220 CACKEY_DEBUG_PRINTF("Error. %s: Unable to run", pincmd); 5225 5221 5226 5222 cackey_mutex_unlock(cackey_biglock); 5223 + 5224 + CACKEY_DEBUG_PRINTF("Returning CKR_PIN_INCORRECT (%i)", (int) CKR_PIN_INCORRECT); 5227 5225 5228 5226 return(CKR_PIN_INCORRECT); 5229 5227 } 5230 5228 5231 5229 fgets_ret = fgets(pinbuf, sizeof(pinbuf), pinfd); 5232 5230 if (fgets_ret == NULL) { 5233 5231 pinbuf[0] = '\0'; ................................................................................ 5235 5233 5236 5234 pclose_ret = pclose(pinfd); 5237 5235 if (pclose_ret != 0) { 5238 5236 CACKEY_DEBUG_PRINTF("Error. %s: exited with non-zero status of %i", pincmd, pclose_ret); 5239 5237 5240 5238 cackey_mutex_unlock(cackey_biglock); 5241 5239 5240 + CACKEY_DEBUG_PRINTF("Returning CKR_PIN_INCORRECT (%i)", (int) CKR_PIN_INCORRECT); 5241 + 5242 5242 return(CKR_PIN_INCORRECT); 5243 5243 } 5244 5244 5245 5245 if (strlen(pinbuf) < 1) { 5246 5246 CACKEY_DEBUG_PRINTF("Error. %s: returned no data", pincmd); 5247 5247 5248 5248 cackey_mutex_unlock(cackey_biglock); 5249 + 5250 + CACKEY_DEBUG_PRINTF("Returning CKR_PIN_INCORRECT (%i)", (int) CKR_PIN_INCORRECT); 5249 5251 5250 5252 return(CKR_PIN_INCORRECT); 5251 5253 } 5252 5254 5253 5255 if (pinbuf[strlen(pinbuf) - 1] == '\n') { 5254 5256 pinbuf[strlen(pinbuf) - 1] = '\0'; 5255 5257 } ................................................................................ 5263 5265 cackey_mutex_unlock(cackey_biglock); 5264 5266 5265 5267 if (login_ret == CACKEY_PCSC_E_LOCKED) { 5266 5268 CACKEY_DEBUG_PRINTF("Error. Token is locked."); 5267 5269 5268 5270 cackey_slots[slotID].token_flags |= CKF_USER_PIN_LOCKED; 5269 5271 5272 + CACKEY_DEBUG_PRINTF("Returning CKR_PIN_LOCKED (%i)", (int) CKR_PIN_LOCKED); 5273 + 5270 5274 return(CKR_PIN_LOCKED); 5271 5275 } else if (login_ret == CACKEY_PCSC_E_BADPIN) { 5272 5276 CACKEY_DEBUG_PRINTF("Error. Invalid PIN."); 5273 5277 5274 5278 cackey_slots[slotID].token_flags |= CKF_USER_PIN_COUNT_LOW; 5275 5279 5276 5280 if (tries_remaining == 1) { 5277 5281 cackey_slots[slotID].token_flags |= CKF_USER_PIN_FINAL_TRY; 5278 5282 } 5283 + 5284 + CACKEY_DEBUG_PRINTF("Returning CKR_PIN_INCORRECT (%i)", (int) CKR_PIN_INCORRECT); 5279 5285 5280 5286 return(CKR_PIN_INCORRECT); 5281 5287 } 5282 5288 5283 5289 CACKEY_DEBUG_PRINTF("Error. Unknown error returned from cackey_login() (%i)", login_ret); 5284 5290 5285 5291 return(CKR_GENERAL_ERROR);