[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-105-g750aaed
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-105-g750aaed |
Date: |
Fri, 17 Jun 2011 18:39:37 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=750aaed6ffc8d29441f9f6d8870e2c8f4787c329
The branch, master has been updated
via 750aaed6ffc8d29441f9f6d8870e2c8f4787c329 (commit)
via 3da801fa9301088a7bdc470e8f2a40f14199fdee (commit)
from 27a424cf6668b61c8c92ed88d5331b3010be3374 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 750aaed6ffc8d29441f9f6d8870e2c8f4787c329
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Jun 17 20:38:34 2011 +0200
Limit the number of attempts with the same PIN, to avoid attempting again
and again with a wrong PIN.
commit 3da801fa9301088a7bdc470e8f2a40f14199fdee
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Jun 17 20:31:58 2011 +0200
When writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to
FALSE, to allow the SO to write it. Reported by Rickard Bellgrim.
-----------------------------------------------------------------------
Summary of changes:
lib/pkcs11_write.c | 9 ++++++++-
src/p11common.c | 7 +++++--
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index 15ed132..3083faf 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -54,11 +54,12 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
size_t der_size, id_size;
opaque *der = NULL;
opaque id[20];
- struct ck_attribute a[10];
+ struct ck_attribute a[16];
ck_object_class_t class = CKO_CERTIFICATE;
ck_certificate_type_t type = CKC_X_509;
ck_object_handle_t obj;
ck_bool_t tval = 1;
+ ck_bool_t fval = 0;
int a_val;
gnutls_datum_t subject = { NULL, 0 };
@@ -142,6 +143,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
a[a_val].value_len = subject.size;
a_val++;
+
if (label)
{
a[a_val].type = CKA_LABEL;
@@ -156,6 +158,11 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
a[a_val].value = &tval;
a[a_val].value_len = sizeof (tval);
a_val++;
+
+ a[a_val].type = CKA_PRIVATE;
+ a[a_val].value = &fval;
+ a[a_val].value_len = sizeof(fval);
+ a_val++;
}
rv = pkcs11_create_object (module, pks, a, a_val, &obj);
diff --git a/src/p11common.c b/src/p11common.c
index c866a52..1ef7c9c 100644
--- a/src/p11common.c
+++ b/src/p11common.c
@@ -30,6 +30,7 @@
#define MIN(x,y) ((x)<(y))?(x):(y)
+#define MAX_CACHE_TRIES 5
static int
pin_callback (void *user, int attempt, const char *token_url,
const char *token_label, unsigned int flags, char *pin,
@@ -37,7 +38,7 @@ pin_callback (void *user, int attempt, const char *token_url,
{
const char *password;
const char * desc;
- int len, cache = 1;
+ int len, cache = MAX_CACHE_TRIES;
/* allow caching of PIN */
static char *cached_url = NULL;
static char cached_pin[32] = "";
@@ -58,7 +59,7 @@ pin_callback (void *user, int attempt, const char *token_url,
printf ("*** Only few tries left before locking!\n");
}
- if (cache == 1 && cached_url != NULL)
+ if (cache > 0 && cached_url != NULL)
{
if (strcmp (cached_url, token_url) == 0)
{
@@ -69,6 +70,7 @@ pin_callback (void *user, int attempt, const char *token_url,
}
strcpy (pin, cached_pin);
+ cache--;
return 0;
}
}
@@ -91,6 +93,7 @@ pin_callback (void *user, int attempt, const char *token_url,
strcpy (cached_pin, pin);
free (cached_url);
cached_url = strdup (token_url);
+ cache = MAX_CACHE_TRIES;
return 0;
}
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-105-g750aaed,
Nikos Mavrogiannopoulos <=