[pkg-opensc-commit] [libp11] 06/27: Added FORCE_LOGIN engine ctrl command (#160)

Eric Dorland eric at moszumanska.debian.org
Mon Aug 7 19:48:08 UTC 2017 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit af06b4ac79358b5d9bc108357f400a21b4f83120
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date:   Thu May 25 07:55:19 2017 +0200

    Added FORCE_LOGIN engine ctrl command (#160)
---
 NEWS            |  1 +
 README.md       |  1 +
 src/eng_back.c  | 22 +++++++++++++++++-----
 src/eng_front.c |  4 ++++
 src/engine.h    |  1 +
 5 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/NEWS b/NEWS
index 86237c1..75ce4e2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
 NEWS for Libp11 -- History of user visible changes
 
 New in 0.4.7; unreleased
+* Added FORCE_LOGIN engine ctrl command (Michał Trojnara)
 
 New in 0.4.6; 2017-04-23; Michał Trojnara
 * Updated ex_data on EVP_PKEYs after enumerating keys (Matt Hauck)
diff --git a/README.md b/README.md
index c88950d..aebbdc8 100644
--- a/README.md
+++ b/README.md
@@ -158,6 +158,7 @@ The supported engine controls are the following.
 * **LOAD_CERT_CTRL**: Load a certificate from token
 * **SET_USER_INTERFACE**: Set the global user interface
 * **SET_CALLBACK_DATA**: Set the global user interface extra data
+* **FORCE_LOGIN**: Force login to the PKCS#11 module
 
 An example code snippet setting specific module is shown below.
 
diff --git a/src/eng_back.c b/src/eng_back.c
index 17cfae4..926c9ca 100644
--- a/src/eng_back.c
+++ b/src/eng_back.c
@@ -49,6 +49,7 @@ struct st_engine_ctx {
 	char *init_args;
 	UI_METHOD *ui_method;
 	void *callback_data;
+	int force_login;
 
 	/* Engine initialization mutex */
 #if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)
@@ -561,7 +562,8 @@ static int ctx_ctrl_load_cert(ENGINE_CTX *ctx, void *p)
 	if (parms->cert != NULL)
 		return 0;
 
-	parms->cert = ctx_load_cert(ctx, parms->s_slot_cert_id, 0);
+	if (!ctx->force_login)
+		parms->cert = ctx_load_cert(ctx, parms->s_slot_cert_id, 0);
 	if (parms->cert == NULL) /* Try again with login */
 		parms->cert = ctx_load_cert(ctx, parms->s_slot_cert_id, 1);
 
@@ -833,9 +835,10 @@ static EVP_PKEY *ctx_load_key(ENGINE_CTX *ctx, const char *s_slot_key_id,
 EVP_PKEY *ctx_load_pubkey(ENGINE_CTX *ctx, const char *s_key_id,
 		UI_METHOD *ui_method, void *callback_data)
 {
-	EVP_PKEY *pk;
+	EVP_PKEY *pk = NULL;
 
-	pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 0, 0);
+	if (!ctx->force_login)
+		pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 0, 0);
 	if (pk == NULL) /* Try again with login */
 		pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 0, 1);
 	if (pk == NULL) {
@@ -848,9 +851,10 @@ EVP_PKEY *ctx_load_pubkey(ENGINE_CTX *ctx, const char *s_key_id,
 EVP_PKEY *ctx_load_privkey(ENGINE_CTX *ctx, const char *s_key_id,
 		UI_METHOD *ui_method, void *callback_data)
 {
-	EVP_PKEY *pk;
+	EVP_PKEY *pk = NULL;
 
-	pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 1, 0);
+	if (!ctx->force_login)
+		pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 1, 0);
 	if (pk == NULL) /* Try again with login */
 		pk = ctx_load_key(ctx, s_key_id, ui_method, callback_data, 1, 1);
 	if (pk == NULL) {
@@ -933,6 +937,12 @@ static int ctx_ctrl_set_callback_data(ENGINE_CTX *ctx, void *callback_data)
 	return 1;
 }
 
+static int ctx_ctrl_force_login(ENGINE_CTX *ctx)
+{
+	ctx->force_login = 1;
+	return 1;
+}
+
 int ctx_engine_ctrl(ENGINE_CTX *ctx, int cmd, long i, void *p, void (*f)())
 {
 	(void)i; /* We don't currently take integer parameters */
@@ -955,6 +965,8 @@ int ctx_engine_ctrl(ENGINE_CTX *ctx, int cmd, long i, void *p, void (*f)())
 	case ENGINE_CTRL_SET_CALLBACK_DATA:
 	case CMD_SET_CALLBACK_DATA:
 		return ctx_ctrl_set_callback_data(ctx, p);
+	case CMD_FORCE_LOGIN:
+		return ctx_ctrl_force_login(ctx);
 	default:
 		break;
 	}
diff --git a/src/eng_front.c b/src/eng_front.c
index b5464db..3b74864 100644
--- a/src/eng_front.c
+++ b/src/eng_front.c
@@ -118,6 +118,10 @@ static const ENGINE_CMD_DEFN engine_cmd_defns[] = {
 		"SET_CALLBACK_DATA",
 		"Set the global user interface extra data (internal)",
 		ENGINE_CMD_FLAG_INTERNAL},
+	{CMD_FORCE_LOGIN,
+		"FORCE_LOGIN",
+		"Force login to the PKCS#11 module",
+		ENGINE_CMD_FLAG_NO_INPUT},
 	{0, NULL, NULL, 0}
 };
 
diff --git a/src/engine.h b/src/engine.h
index e8aab25..56e554d 100644
--- a/src/engine.h
+++ b/src/engine.h
@@ -48,6 +48,7 @@
 #define CMD_INIT_ARGS	(ENGINE_CMD_BASE+6)
 #define CMD_SET_USER_INTERFACE	(ENGINE_CMD_BASE + 7)
 #define CMD_SET_CALLBACK_DATA	(ENGINE_CMD_BASE + 8)
+#define CMD_FORCE_LOGIN	(ENGINE_CMD_BASE+9)
 
 typedef struct st_engine_ctx ENGINE_CTX; /* opaque */
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git

More information about the pkg-opensc-commit mailing list