* This ammends the b8ebb12 , which was logging out the current user
on every applet selection, which is more common in CACv2 than in
the first version.
* This change issues the logout only before the login is explicitly
requested, which makes sure the password is properly verified
* This might need some attention
Signed-off-by: Jakub Jelen <jjelen@xxxxxxxxxx>
Reviewed-by: Robert Relyea <rrelyea@xxxxxxxxxx>
---
src/vcard.c | 4 ----
src/vcard_emul_nss.c | 4 ++++
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/vcard.c b/src/vcard.c
index 2edf1d0..afa3bb8 100644
--- a/src/vcard.c
+++ b/src/vcard.c
@@ -253,10 +253,6 @@ vcard_select_applet(VCard *card, int channel, VCardApplet *applet)
{
assert(channel < MAX_CHANNEL);
- /* If using an emulated card, make sure to log out of any already logged in
- * session. */
- vcard_emul_logout(card);
-
card->current_applet[channel] = applet;
/* reset the applet */
if (applet && applet->reset_applet) {
diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
index 156a916..209a3aa 100644
--- a/src/vcard_emul_nss.c
+++ b/src/vcard_emul_nss.c
@@ -396,6 +396,10 @@ vcard_emul_login(VCard *card, unsigned char *pin, int pin_len)
pin_string[i] = 0;
}
+ /* If using an emulated card, make sure to log out of any already logged in
+ * session. */
+ vcard_emul_logout(card);
+
rv = PK11_Authenticate(slot, PR_FALSE, pin_string);
memset(pin_string, 0, pin_len); /* don't let the pin hang around in memory
to be snooped */
--
2.17.1
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel