[pkg-opensc-commit] [libp11] 25/33: Destroy cert cache on login/logout too

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit bbcfd7b51b0606496c82be8eb8c2a5bf65eca167
Author: David Woodhouse <David.Woodhouse at intel.com>
Date:   Mon Sep 5 21:38:09 2016 +0100

    Destroy cert cache on login/logout too
    
    Certificates can have the CKA_PRIVATE attribute, so that you need to log
    in before you can see them. So destroy the cache when we log in, just as
    we do the cache of keys.
---
 src/p11_slot.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/p11_slot.c b/src/p11_slot.c
index f031b3e..1fe40ab 100644
--- a/src/p11_slot.c
+++ b/src/p11_slot.c
@@ -195,6 +195,7 @@ int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
 		if (slot->token) {
 			pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
 			pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
+			pkcs11_destroy_certs(slot->token);
 		}
 		if (spriv->loggedIn) {
 			/* already logged in, log out first */
@@ -251,6 +252,7 @@ int pkcs11_logout(PKCS11_SLOT * slot)
 	if (slot->token) {
 		pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
 		pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
+		pkcs11_destroy_certs(slot->token);
 	}
 	if (!spriv->haveSession) {
 		PKCS11err(PKCS11_F_PKCS11_LOGOUT, PKCS11_NO_SESSION);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git