[pkg-opensc-commit] [libp11] 19/33: Fix #89: pkcs11_load_key should only login if needed

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit 32d739bbd8f7b5d2b061771b61f51e2784f030d3
Author: Matt Hauck <matthauck at gmail.com>
Date:   Mon Aug 8 16:32:57 2016 -0700

    Fix #89: pkcs11_load_key should only login if needed
---
 src/eng_back.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/eng_back.c b/src/eng_back.c
index 48087f7..6effe82 100644
--- a/src/eng_back.c
+++ b/src/eng_back.c
@@ -561,6 +561,7 @@ static EVP_PKEY *pkcs11_load_key(ENGINE_CTX *ctx, const char *s_slot_key_id,
 	char tmp_pin[MAX_PIN_LENGTH];
 	size_t tmp_pin_len = sizeof(tmp_pin);
 	char flags[64];
+	int already_logged_in = 0;
 
 	if (pkcs11_init_libp11(ctx)) /* Delayed libp11 initialization */
 		return NULL;
@@ -734,12 +735,16 @@ static EVP_PKEY *pkcs11_load_key(ENGINE_CTX *ctx, const char *s_slot_key_id,
 	}
 
 	if (isPrivate) {
+		/* Check if already logged in to avoid resetting state */
+		if (PKCS11_is_logged_in(slot, 0, &already_logged_in) != 0) {
+			fprintf(stderr, "Unable to check if already logged in\n");
+			return NULL;
+		}
 		/* Perform login to the token if required */
-		if (!pkcs11_login(ctx, slot, tok, ui_method, callback_data)) {
+		if (!already_logged_in && !pkcs11_login(ctx, slot, tok, ui_method, callback_data)) {
 			fprintf(stderr, "login to token failed, returning NULL...\n");
 			return NULL;
 		}
-
 		/* Make sure there is at least one private key on the token */
 		if (PKCS11_enumerate_keys(tok, &keys, &key_count)) {
 			fprintf(stderr, "Unable to enumerate private keys\n");

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git