From c5eea382eec13c014a672df8079db40504fd6b34 Mon Sep 17 00:00:00 2001
From: sth <sth@c6295689-39f2-0310-b995-f0e70906c6a9>
Date: Thu, 11 Sep 2003 12:11:52 +0000
Subject: [PATCH] Fix: C_GenerateKeyPair(), C_CreateObject() returned
 CKR_USER_NOT_LOGGED_IN if lock_login is set to false in the config file,
 because then the pkcs15_init functions do a logoff internally

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1441 c6295689-39f2-0310-b995-f0e70906c6a9
---
 src/pkcs11/framework-pkcs15.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index e268fc10..b72af78c 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -1081,6 +1081,12 @@ static CK_RV pkcs15_create_object(struct sc_pkcs11_card *p11card,
 	if (rc < 0)
 		return sc_to_cryptoki_error(rc, p11card->reader);
 
+	rc = sc_lock(p11card->card);
+	if (rc < 0) {
+		sc_pkcs15init_unbind(profile);
+		return sc_to_cryptoki_error(rc, p11card->reader);
+	}
+
 	/* Add the PINs the user presented so far. Some initialization
 	 * routines need to present these PINs again because some
 	 * card operations may clobber the authentication state
@@ -1110,6 +1116,7 @@ static CK_RV pkcs15_create_object(struct sc_pkcs11_card *p11card,
 		rv = CKR_FUNCTION_NOT_SUPPORTED;
 	}
 
+	sc_unlock(p11card->card);
 	sc_pkcs15init_unbind(profile);
 	return rv;
 }
@@ -1202,6 +1209,12 @@ CK_RV pkcs15_gen_keypair(struct sc_pkcs11_card *p11card, struct sc_pkcs11_slot *
 	memset(&priv_args, 0, sizeof(priv_args));
 	memset(&pub_args, 0, sizeof(pub_args));
 
+	rc = sc_lock(p11card->card);
+	if (rc < 0) {
+		sc_pkcs15init_unbind(profile);
+		return sc_to_cryptoki_error(rc, p11card->reader);
+	}
+
 	/* 1. Convert the pkcs11 attributes to pkcs15init args */
 
 	if ((pin = slot_data_pin_info(slot->fw_data)) != NULL)
@@ -1321,6 +1334,7 @@ CK_RV pkcs15_gen_keypair(struct sc_pkcs11_card *p11card, struct sc_pkcs11_slot *
 	pkcs15_add_object(slot, pub_any_obj, phPubKey);
 
 kpgen_done:
+	sc_unlock(p11card->card);
 	sc_pkcs15init_unbind(profile);
 
 	return rv;
@@ -1365,6 +1379,12 @@ CK_RV pkcs15_set_attrib(struct sc_pkcs11_session *session,
        if (rc < 0)
                return sc_to_cryptoki_error(rc, p11card->reader);
 
+	rc = sc_lock(p11card->card);
+	if (rc < 0) {
+		sc_pkcs15init_unbind(profile);
+		return sc_to_cryptoki_error(rc, p11card->reader);
+	}
+
        /* 2. Add the PINs the user presented so far. Some initialization
         * routines need to present these PINs again because some
         * card operations may clobber the authentication state
@@ -1404,6 +1424,7 @@ CK_RV pkcs15_set_attrib(struct sc_pkcs11_session *session,
        rv = sc_to_cryptoki_error(rc, p11card->reader);
 
 set_attr_done:
+	sc_unlock(p11card->card);
        sc_pkcs15init_unbind(profile);
 
        return rv;