diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2019-02-23 09:40:46 -0800 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2019-02-23 09:40:46 -0800 |
commit | 846848b66b87d394b41326e15e651adfe7a81970 (patch) | |
tree | 748396c98a5b51bfa4a38051ce3a8cf065207134 | |
parent | 530168eb1b7fcbcc8ce413d832fa9816a59dd1ea (diff) | |
download | openssl-pkcs11-export-846848b66b87d394b41326e15e651adfe7a81970.tar.gz |
Implement multiple sessions
It turns out that gnutls p11tool will open multiple sessions to the
token when checking signatures. This looks like a bug in p11tool, but
means we have to implement multiple sessions if we want to get the
tool to check signatures on our keys.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rw-r--r-- | pkcs11.c | 17 |
1 files changed, 12 insertions, 5 deletions
@@ -168,14 +168,17 @@ static int logged_in(CK_SESSION_HANDLE handle) CK_RV C_OpenSession(CK_SLOT_ID slot, CK_FLAGS flags, CK_VOID_PTR app, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR handle) { + int init; + if (!handle) return CKR_ARGUMENTS_BAD; if (slot > cache_get_sections() - 1) return CKR_ARGUMENTS_BAD; - if (session_init(slot)) - return CKR_SESSION_COUNT; + init = session_init(slot); - cache_add_by_secnum(slot, "session_init", (const char *)1, CACHE_INT); + init++; + cache_add_by_secnum(slot, "session_init", (const char *)(long)init, + CACHE_INT); *handle = slot; return CKR_OK; @@ -184,9 +187,13 @@ CK_RV C_OpenSession(CK_SLOT_ID slot, CK_FLAGS flags, CK_VOID_PTR app, CK_RV C_CloseSession(CK_SESSION_HANDLE handle) { - if (!session_init(handle)) + int init = session_init(handle); + + if (!init) return CKR_SESSION_HANDLE_INVALID; - cache_add_by_secnum(handle, "session_init", (const char *)0, CACHE_INT); + --init; + cache_add_by_secnum(handle, "session_init", (const char *)(long)init, + CACHE_INT); return CKR_OK; } |