Closed Bug 376422 Opened 17 years ago Closed 17 years ago

Login Fails if token is reset while waiting for a password.

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Platform:
x86
Linux
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rrelyea, Assigned: rrelyea)

Details

Attachments

(1 file)

Check to see if the token was reset since receiving the password, and if so reinitialize
2.36 KB, patch
nelson
: review+
Details | Diff | Splinter Review 
If something resets the token while the application is prompting the user for a password, then a login will fail.

This is more a fault tolerance then an actual bug.
Comment on attachment 260526 [details] [diff] [review]
Check to see if the token was reset since receiving the password, and if so reinitialize

r=nelson for trunk.  Unsolicited review comments:  

>+	switch (crv) {
>+	/* if we're already logged in, we're good to go */
>+	case CKR_OK:
>+	    slot->authTransact = PK11_Global.transaction;
            /* Fall through */                     <-- pls add comment
>+	case CKR_USER_ALREADY_LOGGED_IN:
>+	    slot->authTime = currtime;
>+	    rv = SECSuccess;
>+	    break;
>+	case CKR_PIN_INCORRECT:
>+	    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
>+	    rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
>+	    break;
>+	/* someone called reset while we fetched the password, try again once
>+	 * if the token is still there. */
>+	case CKR_SESSION_HANDLE_INVALID:
>+	case CKR_SESSION_CLOSED:
>+	    if (retry++ == 0) {
>+		rv = PK11_InitToken(slot,PR_FALSE);
>+		if (rv == SECSuccess) {
>+		    if (slot->session != CK_INVALID_SESSION) {
>+			mustRetry = PR_TRUE;
>+		    } else {
>+			PORT_SetError(PK11_MapError(crv));
>+			rv = SECFailure;
>+		    }
>+		}
>+		break;
>+	    }
            /* Fall through */                     <-- pls add comment
>+	default:
>+		PORT_SetError(PK11_MapError(crv));
>+		rv = SECFailure; /* some failure we can't fix by retrying */
            ^^^^ pls remove extra spaces.
>+	}
>+    } while (mustRetry);
Attachment #260526 - Flags: review+
Checked in with nelson's comments.

cvs commit pk11auth.c
Checking in pk11auth.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11auth.c,v  <--  pk11auth.c
new revision: 1.6; previous revision: 1.5
done
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: