diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | ssh-pkcs11.c | 13 |
2 files changed, 13 insertions, 4 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20131107 | ||
2 | - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) | ||
3 | that got lost in recent merge. | ||
4 | |||
1 | 20131104 | 5 | 20131104 |
2 | - (djm) OpenBSD CVS Sync | 6 | - (djm) OpenBSD CVS Sync |
3 | - markus@cvs.openbsd.org 2013/11/02 20:03:54 | 7 | - markus@cvs.openbsd.org 2013/11/02 20:03:54 |
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 6e8d2db36..b785d822c 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
@@ -233,13 +233,16 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
233 | CKM_RSA_PKCS, NULL_PTR, 0 | 233 | CKM_RSA_PKCS, NULL_PTR, 0 |
234 | }; | 234 | }; |
235 | CK_ATTRIBUTE key_filter[] = { | 235 | CK_ATTRIBUTE key_filter[] = { |
236 | {CKA_CLASS, &private_key_class, sizeof(private_key_class) }, | 236 | {CKA_CLASS, NULL, sizeof(private_key_class) }, |
237 | {CKA_ID, NULL, 0}, | 237 | {CKA_ID, NULL, 0}, |
238 | {CKA_SIGN, &true_val, sizeof(true_val) } | 238 | {CKA_SIGN, NULL, sizeof(true_val) } |
239 | }; | 239 | }; |
240 | char *pin, prompt[1024]; | 240 | char *pin, prompt[1024]; |
241 | int rval = -1; | 241 | int rval = -1; |
242 | 242 | ||
243 | key_filter[0].pValue = &private_key_class; | ||
244 | key_filter[2].pValue = &true_val; | ||
245 | |||
243 | if ((k11 = RSA_get_app_data(rsa)) == NULL) { | 246 | if ((k11 = RSA_get_app_data(rsa)) == NULL) { |
244 | error("RSA_get_app_data failed for rsa %p", rsa); | 247 | error("RSA_get_app_data failed for rsa %p", rsa); |
245 | return (-1); | 248 | return (-1); |
@@ -392,10 +395,10 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | |||
392 | CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; | 395 | CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; |
393 | CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; | 396 | CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; |
394 | CK_ATTRIBUTE pubkey_filter[] = { | 397 | CK_ATTRIBUTE pubkey_filter[] = { |
395 | { CKA_CLASS, &pubkey_class, sizeof(pubkey_class) } | 398 | { CKA_CLASS, NULL, sizeof(pubkey_class) } |
396 | }; | 399 | }; |
397 | CK_ATTRIBUTE cert_filter[] = { | 400 | CK_ATTRIBUTE cert_filter[] = { |
398 | { CKA_CLASS, &cert_class, sizeof(cert_class) } | 401 | { CKA_CLASS, NULL, sizeof(cert_class) } |
399 | }; | 402 | }; |
400 | CK_ATTRIBUTE pubkey_attribs[] = { | 403 | CK_ATTRIBUTE pubkey_attribs[] = { |
401 | { CKA_ID, NULL, 0 }, | 404 | { CKA_ID, NULL, 0 }, |
@@ -407,6 +410,8 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | |||
407 | { CKA_SUBJECT, NULL, 0 }, | 410 | { CKA_SUBJECT, NULL, 0 }, |
408 | { CKA_VALUE, NULL, 0 } | 411 | { CKA_VALUE, NULL, 0 } |
409 | }; | 412 | }; |
413 | pubkey_filter[0].pValue = &pubkey_class; | ||
414 | cert_filter[0].pValue = &cert_class; | ||
410 | 415 | ||
411 | if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs, | 416 | if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs, |
412 | keysp, nkeys) < 0 || | 417 | keysp, nkeys) < 0 || |