ansasaki / rpms / libp11

Forked from rpms/libp11 6 years ago
Clone
Source Code
GIT

Files

  1.   62478b1266aeb06af66b9af5cac6718fe1a0c356
  2.   0001-Destroy-cert-cache-on-login-logout-too.patch
Blob Blame History Raw 
From bbcfd7b51b0606496c82be8eb8c2a5bf65eca167 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Mon, 5 Sep 2016 21:38:09 +0100
Subject: [PATCH] Destroy cert cache on login/logout too

Certificates can have the CKA_PRIVATE attribute, so that you need to log
in before you can see them. So destroy the cache when we log in, just as
we do the cache of keys.
---
 src/p11_slot.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/p11_slot.c b/src/p11_slot.c
index f031b3e..1fe40ab 100644
--- a/src/p11_slot.c
+++ b/src/p11_slot.c
@@ -195,6 +195,7 @@ int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
 		if (slot->token) {
 			pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
 			pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
+			pkcs11_destroy_certs(slot->token);
 		}
 		if (spriv->loggedIn) {
 			/* already logged in, log out first */
@@ -251,6 +252,7 @@ int pkcs11_logout(PKCS11_SLOT * slot)
 	if (slot->token) {
 		pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
 		pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
+		pkcs11_destroy_certs(slot->token);
 	}
 	if (!spriv->haveSession) {
 		PKCS11err(PKCS11_F_PKCS11_LOGOUT, PKCS11_NO_SESSION);
-- 
2.5.5
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.