From: Ray Strode <rstr...@redhat.com> vcard_emul_reset currently only logs NSS out, but there is a TODO for potentially sending insertion/removal events when powering down or powering up.
For clarity, this commit moves the current guts of vcard_emul_reset to a new vcard_emul_logout function which will never send insertion/removal events. The vcard_emul_reset function now just calls vcard_emul_logout, but also retains its TODO for watching power state transitions and sending insertion/removal events. Signed-off-by: Ray Strode <rstr...@redhat.com> Reviewed-By: Robert Relyea <rrel...@redhat.com> Reviewed-By: Alon Levy <al...@redhat.com> --- libcacard/vcard_emul.h | 1 + libcacard/vcard_emul_nss.c | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/libcacard/vcard_emul.h b/libcacard/vcard_emul.h index 963563f..f09ee98 100644 --- a/libcacard/vcard_emul.h +++ b/libcacard/vcard_emul.h @@ -13,53 +13,54 @@ #ifndef VCARD_EMUL_H #define VCARD_EMUL_H 1 #include "card_7816t.h" #include "vcard.h" #include "vcard_emul_type.h" /* * types */ typedef enum { VCARD_EMUL_OK = 0, VCARD_EMUL_FAIL, /* return values by vcard_emul_init */ VCARD_EMUL_INIT_ALREADY_INITED, } VCardEmulError; /* options are emul specific. call card_emul_parse_args to change a string * To an options struct */ typedef struct VCardEmulOptionsStruct VCardEmulOptions; /* * Login functions */ /* return the number of login attempts still possible on the card. if unknown, * return -1 */ int vcard_emul_get_login_count(VCard *card); /* login into the card, return the 7816 status word (sw2 || sw1) */ vcard_7816_status_t vcard_emul_login(VCard *card, unsigned char *pin, int pin_len); +void vcard_emul_logout(VCard *card); /* * key functions */ /* delete a key */ void vcard_emul_delete_key(VCardKey *key); /* RSA sign/decrypt with the key, signature happens 'in place' */ vcard_7816_status_t vcard_emul_rsa_op(VCard *card, VCardKey *key, unsigned char *buffer, int buffer_size); void vcard_emul_reset(VCard *card, VCardPower power); void vcard_emul_get_atr(VCard *card, unsigned char *atr, int *atr_len); /* Re-insert of a card that has been removed by force removal */ VCardEmulError vcard_emul_force_card_insert(VReader *vreader); /* Force a card removal even if the card is not physically removed */ VCardEmulError vcard_emul_force_card_remove(VReader *vreader); VCardEmulOptions *vcard_emul_options(const char *args); VCardEmulError vcard_emul_init(const VCardEmulOptions *options); void vcard_emul_replay_insertion_events(void); void vcard_emul_usage(void); #endif diff --git a/libcacard/vcard_emul_nss.c b/libcacard/vcard_emul_nss.c index 07b4464..53252a8 100644 --- a/libcacard/vcard_emul_nss.c +++ b/libcacard/vcard_emul_nss.c @@ -374,78 +374,86 @@ vcard_emul_login(VCard *card, unsigned char *pin, int pin_len) if (!nss_emul_init) { return VCARD7816_STATUS_ERROR_CONDITION_NOT_SATISFIED; } slot = vcard_emul_card_get_slot(card); /* We depend on the PKCS #11 module internal login state here because we * create a separate process to handle each guest instance. If we needed * to handle multiple guests from one process, then we would need to keep * a lot of extra state in our card structure * */ pin_string = g_malloc(pin_len+1); memcpy(pin_string, pin, pin_len); pin_string[pin_len] = 0; /* handle CAC expanded pins correctly */ for (i = pin_len-1; i >= 0 && (pin_string[i] == 0xff); i--) { pin_string[i] = 0; } rv = PK11_Authenticate(slot, PR_FALSE, pin_string); memset(pin_string, 0, pin_len); /* don't let the pin hang around in memory to be snooped */ g_free(pin_string); if (rv == SECSuccess) { return VCARD7816_STATUS_SUCCESS; } /* map the error from port get error */ return VCARD7816_STATUS_ERROR_CONDITION_NOT_SATISFIED; } void -vcard_emul_reset(VCard *card, VCardPower power) +vcard_emul_logout(VCard *card) { PK11SlotInfo *slot; if (!nss_emul_init) { return; } + slot = vcard_emul_card_get_slot(card); + if (PK11_IsLoggedIn(slot,NULL)) { + PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */ + } +} + +void +vcard_emul_reset(VCard *card, VCardPower power) +{ /* * if we reset the card (either power on or power off), we lose our login * state */ + vcard_emul_logout(card); + /* TODO: we may also need to send insertion/removal events? */ - slot = vcard_emul_card_get_slot(card); - PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */ } - static VReader * vcard_emul_find_vreader_from_slot(PK11SlotInfo *slot) { VReaderList *reader_list = vreader_get_reader_list(); VReaderListEntry *current_entry; if (reader_list == NULL) { return NULL; } for (current_entry = vreader_list_get_first(reader_list); current_entry; current_entry = vreader_list_get_next(current_entry)) { VReader *reader = vreader_list_get_reader(current_entry); VReaderEmul *reader_emul = vreader_get_private(reader); if (reader_emul->slot == slot) { vreader_list_delete(reader_list); return reader; } vreader_free(reader); } vreader_list_delete(reader_list); return NULL; } /* * create a new reader emul */ static VReaderEmul * vreader_emul_new(PK11SlotInfo *slot, VCardEmulType type, const char *params) { -- 2.1.0