| version 1.40, 2019/01/22 12:00:50 |
version 1.41, 2019/01/22 12:03:58 |
|
|
| pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin, |
pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin, |
| CK_ULONG user) |
CK_ULONG user) |
| { |
{ |
| CK_RV rv; |
struct pkcs11_slotinfo *si; |
| CK_FUNCTION_LIST *f; |
CK_FUNCTION_LIST *f; |
| |
CK_RV rv; |
| CK_SESSION_HANDLE session; |
CK_SESSION_HANDLE session; |
| int login_required, ret; |
int login_required, have_pinpad, ret; |
| |
|
| f = p->function_list; |
f = p->function_list; |
| login_required = p->slotinfo[slotidx].token.flags & CKF_LOGIN_REQUIRED; |
si = &p->slotinfo[slotidx]; |
| if (pin && login_required && !strlen(pin)) { |
|
| |
have_pinpad = si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH; |
| |
login_required = si->token.flags & CKF_LOGIN_REQUIRED; |
| |
|
| |
/* fail early before opening session */ |
| |
if (login_required && !have_pinpad && pin != NULL && strlen(pin) == 0) { |
| error("pin required"); |
error("pin required"); |
| return (-SSH_PKCS11_ERR_PIN_REQUIRED); |
return (-SSH_PKCS11_ERR_PIN_REQUIRED); |
| } |
} |
| if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| |
if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| |
| CKF_SERIAL_SESSION, NULL, NULL, &session)) |
CKF_SERIAL_SESSION, NULL, NULL, &session)) != CKR_OK) { |
| != CKR_OK) { |
|
| error("C_OpenSession failed: %lu", rv); |
error("C_OpenSession failed: %lu", rv); |
| return (-1); |
return (-1); |
| } |
} |
| if (login_required && pin) { |
if (login_required) { |
| rv = f->C_Login(session, user, |
if (have_pinpad && (pin == NULL || strlen(pin) == 0)) { |
| (u_char *)pin, strlen(pin)); |
/* defer PIN entry to the reader keypad */ |
| |
rv = f->C_Login(session, CKU_USER, NULL_PTR, 0); |
| |
} else { |
| |
rv = f->C_Login(session, CKU_USER, |
| |
(u_char *)pin, strlen(pin)); |
| |
} |
| if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { |
if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { |
| error("C_Login failed: %lu", rv); |
error("C_Login failed: %lu", rv); |
| ret = (rv == CKR_PIN_LOCKED) ? |
ret = (rv == CKR_PIN_LOCKED) ? |
|
|
| error("C_CloseSession failed: %lu", rv); |
error("C_CloseSession failed: %lu", rv); |
| return (ret); |
return (ret); |
| } |
} |
| p->slotinfo[slotidx].logged_in = 1; |
si->logged_in = 1; |
| } |
} |
| p->slotinfo[slotidx].session = session; |
si->session = session; |
| return (0); |
return (0); |
| } |
} |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-pkcs11.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh