Login Fails if token is reset while waiting for a password.

RESOLVED FIXED in 3.12

Status

NSS
Libraries
--
enhancement
RESOLVED FIXED
11 years ago
10 years ago

People

(Reporter: Robert Relyea, Assigned: Robert Relyea)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Assignee)

Description

11 years ago
If something resets the token while the application is prompting the user for a password, then a login will fail.

This is more a fault tolerance then an actual bug.
(Assignee)

Comment 1

11 years ago
Created attachment 260526 [details] [diff] [review]
Check to see if the token was reset since receiving the password, and if so reinitialize
Comment on attachment 260526 [details] [diff] [review]
Check to see if the token was reset since receiving the password, and if so reinitialize

r=nelson for trunk.  Unsolicited review comments:  

>+	switch (crv) {
>+	/* if we're already logged in, we're good to go */
>+	case CKR_OK:
>+	    slot->authTransact = PK11_Global.transaction;
            /* Fall through */                     <-- pls add comment
>+	case CKR_USER_ALREADY_LOGGED_IN:
>+	    slot->authTime = currtime;
>+	    rv = SECSuccess;
>+	    break;
>+	case CKR_PIN_INCORRECT:
>+	    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
>+	    rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
>+	    break;
>+	/* someone called reset while we fetched the password, try again once
>+	 * if the token is still there. */
>+	case CKR_SESSION_HANDLE_INVALID:
>+	case CKR_SESSION_CLOSED:
>+	    if (retry++ == 0) {
>+		rv = PK11_InitToken(slot,PR_FALSE);
>+		if (rv == SECSuccess) {
>+		    if (slot->session != CK_INVALID_SESSION) {
>+			mustRetry = PR_TRUE;
>+		    } else {
>+			PORT_SetError(PK11_MapError(crv));
>+			rv = SECFailure;
>+		    }
>+		}
>+		break;
>+	    }
            /* Fall through */                     <-- pls add comment
>+	default:
>+		PORT_SetError(PK11_MapError(crv));
>+		rv = SECFailure; /* some failure we can't fix by retrying */
            ^^^^ pls remove extra spaces.
>+	}
>+    } while (mustRetry);
Attachment #260526 - Flags: review+
(Assignee)

Comment 3

11 years ago
Checked in with nelson's comments.

cvs commit pk11auth.c
Checking in pk11auth.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11auth.c,v  <--  pk11auth.c
new revision: 1.6; previous revision: 1.5
done
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12
You need to log in before you can comment on or make changes to this bug.