From c28ff652e5d6c6ddff513716e22064e0e17a58d3 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Sun, 25 Dec 2016 11:03:47 +0900
Subject: remote: Add API to serve a token

---
 doc/manual/p11-kit-sections.txt |  1 +
 p11-kit/remote.h                |  5 +++++
 p11-kit/rpc-server.c            | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 43 insertions(+)

diff --git a/doc/manual/p11-kit-sections.txt b/doc/manual/p11-kit-sections.txt
index 386b97e..a1fdeb5 100644
--- a/doc/manual/p11-kit-sections.txt
+++ b/doc/manual/p11-kit-sections.txt
@@ -138,6 +138,7 @@ p11_kit_iter_free
 P11KitIterKind
 P11KitIterBehavior
 p11_kit_remote_serve_module
+p11_kit_remote_serve_token
 </SECTION>
 
 <SECTION>
diff --git a/p11-kit/remote.h b/p11-kit/remote.h
index 12cbe6d..899f070 100644
--- a/p11-kit/remote.h
+++ b/p11-kit/remote.h
@@ -47,6 +47,11 @@ int                    p11_kit_remote_serve_module          (CK_FUNCTION_LIST *m
 							     int in_fd,
 							     int out_fd);
 
+int		       p11_kit_remote_serve_token	    (CK_FUNCTION_LIST *module,
+							     CK_TOKEN_INFO *token,
+							     int in_fd,
+							     int out_fd);
+
 #endif
 
 #ifdef __cplusplus
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
index 5da53bf..5824157 100644
--- a/p11-kit/rpc-server.c
+++ b/p11-kit/rpc-server.c
@@ -37,6 +37,7 @@
 
 #define P11_DEBUG_FLAG P11_DEBUG_RPC
 #include "debug.h"
+#include "filter.h"
 #include "pkcs11.h"
 #include "library.h"
 #include "private.h"
@@ -2015,3 +2016,39 @@ out:
 
 	return ret;
 }
+
+int
+p11_kit_remote_serve_token (CK_FUNCTION_LIST *module,
+			    CK_TOKEN_INFO *token,
+			    int in_fd,
+			    int out_fd)
+{
+	p11_virtual virt;
+	p11_virtual *filter = NULL;
+	CK_FUNCTION_LIST *filtered = NULL;
+	int ret = 1;
+
+	return_val_if_fail (module != NULL, 1);
+	return_val_if_fail (token != NULL, 1);
+
+	p11_virtual_init (&virt, &p11_virtual_base, module, NULL);
+	filter = p11_filter_subclass (&virt, NULL);
+	if (filter == NULL)
+		goto out;
+
+	filtered = p11_virtual_wrap (filter, (p11_destroyer)p11_virtual_uninit);
+	if (filtered == NULL)
+		goto out;
+
+	p11_filter_allow_token (filter, token);
+
+	ret = p11_kit_remote_serve_module (filtered, in_fd, out_fd);
+
+ out:
+	if (filtered != NULL)
+		p11_virtual_unwrap (filtered);
+	if (filter != NULL)
+		p11_filter_release (filter);
+
+	return ret;
+}
-- 
cgit v1.1