pesign/0039-Fix-token-auth-authentication-failure-error-reportin.patch
Peter Jones b58922c480 setfacl u:kojibuilder:rw /var/run/pesign/socket
- Fix command line checking in client
- Add client stdin pin reading.
2012-10-19 10:24:10 -04:00

61 lines
1.7 KiB
Diff

From 3ceb3eb5b1c36ead2a862bcec5e527f74dc91381 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:49 -0400
Subject: [PATCH 39/41] Fix token auth authentication failure error reporting.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 4 +++-
src/daemon.c | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 898ddfb..2f3683e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -316,6 +316,7 @@ unlock_nss_token(cms_context *cms)
secuPWData pwdata_val = { 0, 0 };
void *pwdata = cms->pwdata ? cms->pwdata : &pwdata_val;
PK11_SetPasswordFunc(cms->func ? cms->func : SECU_GetModulePassword);
+ int rc = -1;
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
@@ -323,7 +324,7 @@ unlock_nss_token(cms_context *cms)
cms->log(cms, LOG_ERR, "Could not find certificate \"%s\"",
cms->tokenname);
err:
- return -1;
+ return rc;
}
PK11SlotListElement *psle = NULL;
@@ -351,6 +352,7 @@ err_slots:
cms->log(cms, LOG_ERR, "Authentication failed for "
"token \"%s\"", cms->tokenname);
PK11_DestroySlotListElement(slots, &psle);
+ rc = -2;
goto err_slots;
}
}
diff --git a/src/daemon.c b/src/daemon.c
index 974a559..bf7485f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -204,10 +204,10 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc < 0)
+ if (rc == -1)
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
"could not find token \"%s\"", tn->value);
- else
+ else if (rc == 0)
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
"authentication succeeded for token \"%s\"",
tn->value);
--
1.7.12.1