- Added run-time option pkcs11.cache_pins, default false
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@816 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
8e6dc966b5
commit
36930668fb
@ -178,5 +178,17 @@ app opensc-pkcs11 {
|
|||||||
# Netscape or Mozilla, this does not happen until
|
# Netscape or Mozilla, this does not happen until
|
||||||
# you exit the browser.
|
# you exit the browser.
|
||||||
lock_login = true;
|
lock_login = true;
|
||||||
|
|
||||||
|
# Normally, the pkcs11 module will not cache PINs
|
||||||
|
# presented via C_Login. However, some cards
|
||||||
|
# may not work properly with OpenSC; for instance
|
||||||
|
# when you have two keys on your card that get
|
||||||
|
# stored in two different directories.
|
||||||
|
#
|
||||||
|
# In this case, you can turn on PIN caching by setting
|
||||||
|
# cache_pins = true
|
||||||
|
#
|
||||||
|
# Default: false
|
||||||
|
cache_pins = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1508,7 +1508,7 @@ cache_pin(void *p, int user, const void *pin, size_t len)
|
|||||||
{
|
{
|
||||||
struct pkcs15_slot_data *data = (struct pkcs15_slot_data *) p;
|
struct pkcs15_slot_data *data = (struct pkcs15_slot_data *) p;
|
||||||
|
|
||||||
if (user != 0 && user != 1)
|
if ((user != 0 && user != 1) || !sc_pkcs11_conf.cache_pins)
|
||||||
return;
|
return;
|
||||||
memset(data->pin + user, 0, sizeof(data->pin[user]));
|
memset(data->pin + user, 0, sizeof(data->pin[user]));
|
||||||
if (len && len <= MAX_CACHE_PIN) {
|
if (len && len <= MAX_CACHE_PIN) {
|
||||||
|
@ -306,6 +306,7 @@ void load_pkcs11_parameters(struct sc_pkcs11_config *conf, struct sc_context *ct
|
|||||||
conf->num_slots = SC_PKCS11_MAX_VIRTUAL_SLOTS;
|
conf->num_slots = SC_PKCS11_MAX_VIRTUAL_SLOTS;
|
||||||
conf->hide_empty_slots = 0;
|
conf->hide_empty_slots = 0;
|
||||||
conf->lock_login = 1;
|
conf->lock_login = 1;
|
||||||
|
conf->cache_pins = 0;
|
||||||
|
|
||||||
for (i = 0; ctx->conf_blocks[i] != NULL; i++) {
|
for (i = 0; ctx->conf_blocks[i] != NULL; i++) {
|
||||||
blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i],
|
blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i],
|
||||||
@ -322,4 +323,5 @@ void load_pkcs11_parameters(struct sc_pkcs11_config *conf, struct sc_context *ct
|
|||||||
conf->num_slots = scconf_get_int(conf_block, "num_slots", conf->num_slots);
|
conf->num_slots = scconf_get_int(conf_block, "num_slots", conf->num_slots);
|
||||||
conf->hide_empty_slots = scconf_get_bool(conf_block, "hide_empty_slots", 0);
|
conf->hide_empty_slots = scconf_get_bool(conf_block, "hide_empty_slots", 0);
|
||||||
conf->lock_login = scconf_get_bool(conf_block, "lock_login", 1);
|
conf->lock_login = scconf_get_bool(conf_block, "lock_login", 1);
|
||||||
|
conf->cache_pins = scconf_get_bool(conf_block, "cache_pins", 0);
|
||||||
}
|
}
|
||||||
|
@ -82,6 +82,7 @@ struct sc_pkcs11_config {
|
|||||||
unsigned int num_slots;
|
unsigned int num_slots;
|
||||||
unsigned char hide_empty_slots;
|
unsigned char hide_empty_slots;
|
||||||
unsigned char lock_login;
|
unsigned char lock_login;
|
||||||
|
unsigned char cache_pins;
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
Loading…
Reference in New Issue
Block a user