From 3f357776c15255710997e61ca305aa5a2ce5cf02 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 27 Aug 2013 20:58:18 +0200 Subject: iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behavior This allows us to try to get a RW session, but if not fallback to a read-only session. --- doc/manual/p11-kit-sections.txt | 1 - p11-kit/iter.c | 36 ++++++++++++++---------------------- p11-kit/iter.h | 4 +--- p11-kit/tests/test-iter.c | 4 +--- 4 files changed, 16 insertions(+), 29 deletions(-) diff --git a/doc/manual/p11-kit-sections.txt b/doc/manual/p11-kit-sections.txt index 7ee3019..2780c7f 100644 --- a/doc/manual/p11-kit-sections.txt +++ b/doc/manual/p11-kit-sections.txt @@ -99,7 +99,6 @@ p11_kit_be_loud p11_kit_destroyer P11KitIter p11_kit_iter_new -p11_kit_iter_set_session_flags p11_kit_iter_add_callback p11_kit_iter_callback p11_kit_iter_add_filter diff --git a/p11-kit/iter.c b/p11-kit/iter.c index 124d990..3f26eda 100644 --- a/p11-kit/iter.c +++ b/p11-kit/iter.c @@ -64,7 +64,6 @@ struct p11_kit_iter { CK_TOKEN_INFO match_token; CK_ATTRIBUTE *match_attrs; Callback *callbacks; - CK_FLAGS session_flags; /* The input modules */ p11_array *modules; @@ -93,12 +92,15 @@ struct p11_kit_iter { unsigned int match_nothing : 1; unsigned int keep_session : 1; unsigned int preload_results : 1; + unsigned int want_writable : 1; }; /** * P11KitIterBehavior: * @P11_KIT_ITER_BUSY_SESSIONS: Allow the iterator's sessions to be - * in a busy state when the iterator returns an object. + * in a busy state when the iterator returns an object. + * @P11_KIT_ITER_WANT_WRITABLE: Try to open read-write sessions when + * iterating over obojects. * * Various flags controling the behavior of the iterator. */ @@ -135,6 +137,8 @@ p11_kit_iter_new (P11KitUri *uri, iter->modules = p11_array_new (NULL); return_val_if_fail (iter->modules != NULL, NULL); + iter->want_writable = !!(behavior & P11_KIT_ITER_WANT_WRITABLE); + if (uri != NULL) { if (p11_kit_uri_any_unrecognized (uri)) { @@ -157,31 +161,12 @@ p11_kit_iter_new (P11KitUri *uri, iter->match_module.libraryVersion.major = (CK_BYTE)-1; iter->match_module.libraryVersion.minor = (CK_BYTE)-1; } - - iter->session_flags = CKF_SERIAL_SESSION; iter->preload_results = !(behavior & P11_KIT_ITER_BUSY_SESSIONS); return iter; } /** - * p11_kit_iter_set_session_flags: - * @iter: the iterator - * @flags: set of session flags - * - * Set the PKCS\#11 session flags to be used when the iterator opens - * new sessions. - */ -void -p11_kit_iter_set_session_flags (P11KitIter *iter, - CK_FLAGS flags) -{ - return_if_fail (iter != NULL); - return_if_fail (!iter->iterating); - iter->session_flags = flags | CKF_SERIAL_SESSION; -} - -/** * p11_kit_destroyer: * @data: data to destroy * @@ -450,6 +435,7 @@ static CK_RV move_next_session (P11KitIter *iter) { CK_TOKEN_INFO tinfo; + CK_ULONG session_flags; CK_ULONG num_slots; CK_INFO minfo; CK_RV rv; @@ -497,7 +483,13 @@ move_next_session (P11KitIter *iter) if (rv != CKR_OK || !p11_match_uri_token_info (&iter->match_token, &tinfo)) continue; - rv = (iter->module->C_OpenSession) (iter->slot, iter->session_flags, + session_flags = CKF_SERIAL_SESSION; + + /* Skip if the read/write on a read-only token */ + if (iter->want_writable && (tinfo.flags & CKF_WRITE_PROTECTED) == 0) + session_flags |= CKF_RW_SESSION; + + rv = (iter->module->C_OpenSession) (iter->slot, session_flags, NULL, NULL, &iter->session); if (rv != CKR_OK) return finish_iterating (iter, rv); diff --git a/p11-kit/iter.h b/p11-kit/iter.h index d8534ec..17bd6f1 100644 --- a/p11-kit/iter.h +++ b/p11-kit/iter.h @@ -49,6 +49,7 @@ typedef struct p11_kit_iter P11KitIter; typedef enum { P11_KIT_ITER_BUSY_SESSIONS = 1 << 1, + P11_KIT_ITER_WANT_WRITABLE = 1 << 2, } P11KitIterBehavior; typedef CK_RV (* p11_kit_iter_callback) (P11KitIter *iter, @@ -60,9 +61,6 @@ P11KitIter * p11_kit_iter_new (P11KitUri *uri, void p11_kit_iter_free (P11KitIter *iter); -void p11_kit_iter_set_session_flags (P11KitIter *iter, - CK_FLAGS flags); - void p11_kit_iter_add_callback (P11KitIter *iter, p11_kit_iter_callback callback, void *callback_data, diff --git a/p11-kit/tests/test-iter.c b/p11-kit/tests/test-iter.c index 309a0ad..b6bf6f9 100644 --- a/p11-kit/tests/test-iter.c +++ b/p11-kit/tests/test-iter.c @@ -576,9 +576,7 @@ test_session_flags (void) modules = initialize_and_get_modules (); - iter = p11_kit_iter_new (NULL, 0); - p11_kit_iter_set_session_flags (iter, CKF_RW_SESSION); - + iter = p11_kit_iter_new (NULL, P11_KIT_ITER_WANT_WRITABLE); p11_kit_iter_begin (iter, modules); while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { -- cgit v1.1