[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_0_x, updated. gnutls_3_0_0-128-g9c93ac
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_3_0_x, updated. gnutls_3_0_0-128-g9c93ace |
|
Date: |
Sun, 14 Aug 2011 13:03:49 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9c93acec60e0bd9e3e7622bd1a9d9e3efb03be6e
The branch, gnutls_3_0_x has been updated
via 9c93acec60e0bd9e3e7622bd1a9d9e3efb03be6e (commit)
via 6910f517c7533f6499d4faaf5eb7c920751f805a (commit)
via fbcbc22581084858845792ed0da0ece935d7ff0d (commit)
via b94a72ef8eda2f2a873d6b75743d6d1a9e9adf60 (commit)
via 1ce6d1c171f82f1b3860d55de4acb6020039574c (commit)
from 621b24c082f938714f688ed3184dc87028104e9d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9c93acec60e0bd9e3e7622bd1a9d9e3efb03be6e
Merge: 1ce6d1c 6910f51
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 14 15:03:44 2011 +0200
Merge branch 'master' into gnutls_3_0_x
commit 1ce6d1c171f82f1b3860d55de4acb6020039574c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 14 14:47:34 2011 +0200
documented fix
-----------------------------------------------------------------------
Summary of changes:
NEWS | 5 +++++
lib/includes/gnutls/pkcs11.h | 4 +++-
lib/pkcs11.c | 3 +++
src/p11common.c | 7 +++++++
4 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/NEWS b/NEWS
index b1f4fa6..47a0fbc 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,10 @@ See the end for copying conditions.
* Version 3.0.1 (unreleased)
+** libgnutls: When asking for a PIN multiple times, the
+flags in the callback were not being updated to reflect
+for PIN low count or final try.
+
** crywrap: Added to the distribution
** libgnutls: Do not allow second instances of PKCS #11
@@ -28,6 +32,7 @@ imported is properly sorted.
** API and ABI modifications:
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: New element in
gnutls_certificate_import_flags
+GNUTLS_PKCS11_PIN_WRONG: New flag for PIN callback
* Version 3.0.0 (released 2011-07-29)
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 22726b8..6dca20f 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -59,6 +59,7 @@ typedef int (*gnutls_pkcs11_token_callback_t) (void *const
userdata,
* @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and
key like signing.
* @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking.
* @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks.
+ * @GNUTLS_PKCS11_PIN_WRONG: Last given PIN was not correct.
*
* Enumeration of different PIN flags.
*/
@@ -66,9 +67,10 @@ typedef enum
{
GNUTLS_PKCS11_PIN_USER = (1 << 0),
GNUTLS_PKCS11_PIN_SO = (1 << 1),
- GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2),
GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3),
+ GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
+ GNUTLS_PKCS11_PIN_WRONG = (1 << 5),
} gnutls_pkcs11_pin_flag_t;
/**
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 23a1ed9..91db86c 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1847,6 +1847,9 @@ retrieve_pin_for_callback (struct ck_token_info
*token_info, int attempts,
flags |= GNUTLS_PKCS11_PIN_FINAL_TRY;
}
+ if (attempts > 0)
+ flags |= GNUTLS_PKCS11_PIN_WRONG;
+
ret = pin_func (pin_data, attempts, (char*)token_str, label,
flags, pin_value, GNUTLS_PKCS11_MAX_PIN_LEN);
free (token_str);
diff --git a/src/p11common.c b/src/p11common.c
index 1ef7c9c..4c7df1e 100644
--- a/src/p11common.c
+++ b/src/p11common.c
@@ -58,6 +58,12 @@ pin_callback (void *user, int attempt, const char *token_url,
cache = 0;
printf ("*** Only few tries left before locking!\n");
}
+
+ if (flags & GNUTLS_PKCS11_PIN_WRONG)
+ {
+ cache = 0;
+ printf ("*** Wrong PIN has been provided!\n");
+ }
if (cache > 0 && cached_url != NULL)
{
@@ -69,6 +75,7 @@ pin_callback (void *user, int attempt, const char *token_url,
exit (1);
}
+ fprintf(stderr, "Re-using cached PIN for token '%s'\n", token_label);
strcpy (pin, cached_pin);
cache--;
return 0;
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_0_x, updated. gnutls_3_0_0-128-g9c93ace,
Nikos Mavrogiannopoulos <=