Make logins per session instead of global

Having a global login parameter is a failure if we have more than one
key, so make logins local to the session using the presence of the
private key in the cache as an indicator of whether we are logged in
or not.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

1 files changed, 11 insertions, 5 deletions

diff --git a/pkcs11.c b/pkcs11.c
index 22baebb..5141a81 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -154,7 +154,13 @@ C_GetSlotInfo(CK_SLOT_ID slot, CK_SLOT_INFO_PTR info)
 }
 
 static int session_count = 0;
-static int logged_in = 0;
+
+static int logged_in(CK_SESSION_HANDLE handle)
+{
+	const char *pkey = cache_get_by_secnum(handle, "pkey", NULL);
+
+	return pkey != NULL;
+}
 
 CK_RV C_OpenSession(CK_SLOT_ID slot, CK_FLAGS flags, CK_VOID_PTR app,
 		    CK_NOTIFY notify, CK_SESSION_HANDLE_PTR handle)
@@ -329,7 +335,7 @@ C_FindObjectsInit(CK_SESSION_HANDLE handle, CK_ATTRIBUTE_PTR template,
 		    memcmp(attr.pValue, template[i].pValue, attr.ulValueLen) != 0)
 			goto fail;
 	}
-	if (!logged_in) {
+	if (!logged_in(handle)) {
 		if (find_restriction == CKO_PRIVATE_KEY)
 			goto fail;
 		else
@@ -400,7 +406,8 @@ C_GetSessionInfo(CK_SESSION_HANDLE handle, CK_SESSION_INFO_PTR info)
 	if (!info)
 		return CKR_ARGUMENTS_BAD;
 	memset(info, 0, sizeof(*info));
-	info->state = logged_in ? CKS_RO_USER_FUNCTIONS : CKS_RO_PUBLIC_SESSION;
+	info->state = logged_in(handle) ?
+		CKS_RO_USER_FUNCTIONS : CKS_RO_PUBLIC_SESSION;
 
 	return CKR_OK;
 }
@@ -416,7 +423,7 @@ C_Login(CK_SESSION_HANDLE handle, CK_USER_TYPE type,
 	rc = crypto_load_private_key(handle, pin, pin_len);
 	if (rc)
 		return CKR_PIN_INCORRECT;
-	logged_in = 1;
+
 	return CKR_OK;
 }
 
@@ -424,7 +431,6 @@ CK_RV
 C_Logout(CK_SESSION_HANDLE handle)
 {
 	crypto_free_private_key(handle);
-	logged_in = 0;
 
 	return CKR_OK;
 }