|
 |
3bc8c4 |
From 7b647338a40d701c6a5bb51c48c10a31a6b72699 Mon Sep 17 00:00:00 2001
|
|
|
3bc8c4 |
From: Sumit Bose <sbose@redhat.com>
|
|
|
3bc8c4 |
Date: Thu, 30 Jan 2020 13:14:14 +0100
|
|
|
3bc8c4 |
Subject: [PATCH 24/25] p11_child: check if card is present in wait_for_card()
|
|
|
3bc8c4 |
MIME-Version: 1.0
|
|
|
3bc8c4 |
Content-Type: text/plain; charset=UTF-8
|
|
|
3bc8c4 |
Content-Transfer-Encoding: 8bit
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
Some implementations of C_WaitForSlotEvent() might return even if no
|
|
|
3bc8c4 |
card was inserted. So it has to be checked if a card is really present.
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
Resolves: https://pagure.io/SSSD/sssd/issue/4159
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
3bc8c4 |
---
|
|
|
3bc8c4 |
src/p11_child/p11_child_openssl.c | 47 ++++++++++++++++---------------
|
|
|
3bc8c4 |
1 file changed, 25 insertions(+), 22 deletions(-)
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
diff --git a/src/p11_child/p11_child_openssl.c b/src/p11_child/p11_child_openssl.c
|
|
|
3bc8c4 |
index 56601b117..295715612 100644
|
|
|
3bc8c4 |
--- a/src/p11_child/p11_child_openssl.c
|
|
|
3bc8c4 |
+++ b/src/p11_child/p11_child_openssl.c
|
|
|
3bc8c4 |
@@ -1546,35 +1546,38 @@ static errno_t wait_for_card(CK_FUNCTION_LIST *module, CK_SLOT_ID *slot_id)
|
|
|
3bc8c4 |
CK_RV rv;
|
|
|
3bc8c4 |
CK_SLOT_INFO info;
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
- rv = module->C_WaitForSlotEvent(wait_flags, slot_id, NULL);
|
|
|
3bc8c4 |
- if (rv != CKR_OK) {
|
|
|
3bc8c4 |
- if (rv != CKR_FUNCTION_NOT_SUPPORTED) {
|
|
|
3bc8c4 |
+ do {
|
|
|
3bc8c4 |
+ rv = module->C_WaitForSlotEvent(wait_flags, slot_id, NULL);
|
|
|
3bc8c4 |
+ if (rv != CKR_OK && rv != CKR_FUNCTION_NOT_SUPPORTED) {
|
|
|
3bc8c4 |
DEBUG(SSSDBG_OP_FAILURE,
|
|
|
3bc8c4 |
"C_WaitForSlotEvent failed [%lu][%s].\n",
|
|
|
3bc8c4 |
rv, p11_kit_strerror(rv));
|
|
|
3bc8c4 |
return EIO;
|
|
|
3bc8c4 |
}
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
- /* Poor man's wait */
|
|
|
3bc8c4 |
- do {
|
|
|
3bc8c4 |
+ if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
|
|
|
3bc8c4 |
+ /* Poor man's wait */
|
|
|
3bc8c4 |
sleep(10);
|
|
|
3bc8c4 |
- rv = module->C_GetSlotInfo(*slot_id, &info;;
|
|
|
3bc8c4 |
- if (rv != CKR_OK) {
|
|
|
3bc8c4 |
- DEBUG(SSSDBG_OP_FAILURE, "C_GetSlotInfo failed\n");
|
|
|
3bc8c4 |
- return EIO;
|
|
|
3bc8c4 |
- }
|
|
|
3bc8c4 |
- DEBUG(SSSDBG_TRACE_ALL,
|
|
|
3bc8c4 |
- "Description [%s] Manufacturer [%s] flags [%lu] "
|
|
|
3bc8c4 |
- "removable [%s] token present [%s].\n",
|
|
|
3bc8c4 |
- info.slotDescription, info.manufacturerID, info.flags,
|
|
|
3bc8c4 |
- (info.flags & CKF_REMOVABLE_DEVICE) ? "true": "false",
|
|
|
3bc8c4 |
- (info.flags & CKF_TOKEN_PRESENT) ? "true": "false");
|
|
|
3bc8c4 |
- if ((info.flags & CKF_REMOVABLE_DEVICE)
|
|
|
3bc8c4 |
- && (info.flags & CKF_TOKEN_PRESENT)) {
|
|
|
3bc8c4 |
- break;
|
|
|
3bc8c4 |
- }
|
|
|
3bc8c4 |
- } while (true);
|
|
|
3bc8c4 |
- }
|
|
|
3bc8c4 |
+ }
|
|
|
3bc8c4 |
+
|
|
|
3bc8c4 |
+ rv = module->C_GetSlotInfo(*slot_id, &info;;
|
|
|
3bc8c4 |
+ if (rv != CKR_OK) {
|
|
|
3bc8c4 |
+ DEBUG(SSSDBG_OP_FAILURE, "C_GetSlotInfo failed\n");
|
|
|
3bc8c4 |
+ return EIO;
|
|
|
3bc8c4 |
+ }
|
|
|
3bc8c4 |
+ DEBUG(SSSDBG_TRACE_ALL,
|
|
|
3bc8c4 |
+ "Description [%s] Manufacturer [%s] flags [%lu] "
|
|
|
3bc8c4 |
+ "removable [%s] token present [%s].\n",
|
|
|
3bc8c4 |
+ info.slotDescription, info.manufacturerID, info.flags,
|
|
|
3bc8c4 |
+ (info.flags & CKF_REMOVABLE_DEVICE) ? "true": "false",
|
|
|
3bc8c4 |
+ (info.flags & CKF_TOKEN_PRESENT) ? "true": "false");
|
|
|
3bc8c4 |
+
|
|
|
3bc8c4 |
+ /* Check if really a token is present */
|
|
|
3bc8c4 |
+ if ((info.flags & CKF_REMOVABLE_DEVICE)
|
|
|
3bc8c4 |
+ && (info.flags & CKF_TOKEN_PRESENT)) {
|
|
|
3bc8c4 |
+ break;
|
|
|
3bc8c4 |
+ }
|
|
|
3bc8c4 |
+ } while (true);
|
|
|
3bc8c4 |
|
|
|
3bc8c4 |
return EOK;
|
|
|
3bc8c4 |
}
|
|
|
3bc8c4 |
--
|
|
|
3bc8c4 |
2.20.1
|
|
|
3bc8c4 |
|