More on using OpenSC-0.11.6 with Solaris 10 and
/usr/lib/libpkcs11.so.
I rebuilt OpenSC to use the OpenSSL from /usr/sfw
and changed the OpenSC to return CKR_TOKEN_NOT_PRESENT
in the C_GetMechanismList if the p11card==NULL.
See attachment.
With the the metaslot enabled, sshd fails.
Still need to trace why.
With the metaslot disabled, sshd works,
but it does load the opensc-pkcs11, and if a card
is present, opensc will access the card to get
info need to setup for use with pkcs11. This
adds about 5 seconds to the ssh connection!
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
--- src/pkcs11/,mechanism.c Thu Jul 31 07:19:57 2008
+++ src/pkcs11/mechanism.c Tue Oct 7 10:30:43 2008
@@ -80,6 +80,7 @@
unsigned int n, count = 0;
int rv;
+ if (p11card) {
for (n = 0; n < p11card->nmechanisms; n++) {
if (!(mt = p11card->mechanisms[n]))
continue;
@@ -89,6 +90,9 @@
}
rv = CKR_OK;
+ } else {
+ rv = CKR_TOKEN_NOT_PRESENT;
+ }
if (pList && count > *pulCount)
rv = CKR_BUFFER_TOO_SMALL;
*pulCount = count;
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
