[Bug 2652] PKCS11 login skipped if login required and no pin set
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Aug 11 14:54:09 AEST 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2652
--- Comment #3 from Daniel Kucera <openssh at danman.eu> ---
(In reply to Damien Miller from comment #2)
> Comment on attachment 3032 [details]
> patch
>
> >diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
> >index d1f750db0..938535638 100644
> >--- a/ssh-pkcs11.c
> >+++ b/ssh-pkcs11.c
> >@@ -366,19 +366,16 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin)
> >
> > f = p->function_list;
> > login_required = p->slotinfo[slotidx].token.flags & CKF_LOGIN_REQUIRED;
> >- if (pin && login_required && !strlen(pin)) {
> >- error("pin required");
> >- return (-1);
> >- }
> >+
>
> I'm not sure I understand why this section is removed - could you
> explain it?
Because in my case, the pkcs library says it requires login but if you
don't pass it as argument to C_Login, it will ask for it. Thus we
should not exit with error here.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list