summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2017-10-21 15:10:03 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2017-10-21 15:16:58 +0200
commit88984a77d7a07b6570b147700a6922d09c8160a9 (patch)
treed59dab05ddecbee6d3dc875fcbb282c57988c82e /src
parent7fc2d925824b23451c99986364e67a703a9eb0aa (diff)
downloadgnutls-88984a77d7a07b6570b147700a6922d09c8160a9.tar.gz
p11tool: attempt to auto-login when the token requires it
In operations like generation or writing objects, run as if --login was given if the token is marked to require login. Relates #147 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'src')
-rw-r--r--src/pkcs11.c29
1 files changed, 21 insertions, 8 deletions
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 9a84982494..4017bcb0eb 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -59,10 +59,19 @@ static char *_saved_url = NULL;
#define KEEP_LOGIN_FLAGS(flags) (flags & (GNUTLS_PKCS11_OBJ_FLAG_LOGIN|GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO))
-#define CHECK_LOGIN_FLAG(flags) \
- if ((flags & KEEP_LOGIN_FLAGS(flags)) == 0) \
- fprintf(stderr, \
- "warning: --login was not specified and it may be required for this operation.\n")
+#define CHECK_LOGIN_FLAG(url, flags) \
+ if ((flags & KEEP_LOGIN_FLAGS(flags)) == 0) { \
+ unsigned _tflags; \
+ int _r = gnutls_pkcs11_token_get_flags(url, &_tflags); \
+ if (_r >= 0 && (_tflags & GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED)) { \
+ flags |= GNUTLS_PKCS11_OBJ_FLAG_LOGIN; \
+ fprintf(stderr, \
+ "note: assuming --login for this operation.\n"); \
+ } else { \
+ fprintf(stderr, \
+ "warning: --login was not specified and it may be required for this operation.\n"); \
+ } \
+ }
void
@@ -1133,7 +1142,8 @@ pkcs11_write(FILE * outfile, const char *url, const char *label,
pkcs11_common(info);
FIX(url, outfile, 0, info);
- CHECK_LOGIN_FLAG(flags);
+
+ CHECK_LOGIN_FLAG(url, flags);
if (label == NULL && info->batch == 0) {
label = read_str("warning: The object's label was not specified.\nLabel: ");
}
@@ -1268,7 +1278,8 @@ pkcs11_generate(FILE * outfile, const char *url, gnutls_pk_algorithm_t pk,
pkcs11_common(info);
FIX(url, outfile, detailed, info);
- CHECK_LOGIN_FLAG(flags);
+
+ CHECK_LOGIN_FLAG(url, flags);
if (id != NULL) {
raw_id_size = sizeof(raw_id);
@@ -1322,7 +1333,8 @@ pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed, unsigned int
pkcs11_common(info);
FIX(url, outfile, detailed, info);
- CHECK_LOGIN_FLAG(flags);
+
+ CHECK_LOGIN_FLAG(url, flags);
if (outfile == stderr || outfile == stdout) {
fprintf(stderr, "warning: no --outfile was specified and the public key will be printed on screen.\n");
@@ -1538,7 +1550,8 @@ void pkcs11_set_val(FILE * outfile, const char *url, int detailed,
pkcs11_common(info);
FIX(url, outfile, detailed, info);
- CHECK_LOGIN_FLAG(flags);
+
+ CHECK_LOGIN_FLAG(url, flags);
ret = gnutls_pkcs11_obj_init(&obj);
if (ret < 0) {