G'day,
The documentation for the util_ReadPreferences function in p11x_prefs.c
mentions that "[h]aving a preferences file is optional and it is assumed
that most of the time users will not have one unless debug/logging or
other special settings are required".
However, I've got an application that uses the muscle PKCS#11 library.
If the configuration file is missing, the application fails. If I put
the default configuration file into ${HOME}/.pkcs11rc, the application
fails. If I modify the debug level from HIGH to LOW, then the
application succeeds (see attached log).
The application is not doing anything tricky, so I assume that no
configuration file should be required. But the application only succeeds
if the debug level is changed from HIGH to LOW. Has anyone else seen
similar behaviour?
Note: I'm using the PKCS11 library that I checked out of CVS this
morning, on SuSE 9.2
-- Geoff
(1) No configuration file present => application fails.
$ ls ~/.pkcs11rc
/bin/ls: /home/matlock/.pkcs11rc: No such file or directory
$ ./vas-auth-tool --module /usr/local/lib/libmusclepkcs11.so --slot 1 --pin
00000000 --view
LOG [open_session] Loading module: /usr/local/lib/libmusclepkcs11.so
LOG [open_session] Opening session for slot = 01
LOG [open_session] Performing login
LOG [get_objects] Searching for data object {vas-auth-user,(null)}
ERROR [get_objects] search failed: bad arguments
*** Error getting domains ***
No domains found
LOG [close_session] finalizing cryptoki
(2) Default configuration file present with DebugLevel set to HIGH =>
application fails
$ cp ~/workspace/libmusclepkcs11/pkcs11rc.example ~/.pkcs11rc
$ grep DebugLevel ~/.pkcs11rc
DebugLevel = HIGH # Only logs high priority messages
$ ./vas-auth-tool --module /usr/local/lib/libmusclepkcs11.so --slot 1 --pin
00000000 --view
LOG [open_session] Loading module: /usr/local/lib/libmusclepkcs11.so
LOG [open_session] Opening session for slot = 01
LOG [open_session] Performing login
LOG [get_objects] Searching for data object {vas-auth-user,(null)}
ERROR [get_objects] search failed: bad arguments
*** Error getting domains ***
No domains found
LOG [close_session] finalizing cryptoki
(3) Default configuration file present with DebugLevel set to LOW =>
application succeeds
$ vim ~/.pkcs11rc
$ grep DebugLevel ~/.pkcs11rc
DebugLevel = LOW # Only logs high priority messages
$ ./vas-auth-tool --module /usr/local/lib/libmusclepkcs11.so --slot 1 --pin
00000000 --view
LOG [open_session] Loading module: /usr/local/lib/libmusclepkcs11.so
LOG [open_session] Opening session for slot = 01
LOG [open_session] Performing login
LOG [get_objects] Searching for data object {vas-auth-user,(null)}
LOG [get_objects] Found 2 data object(s)
LOG [get_string] getting value of attribute type 3 for object 804F638
LOG [get_string] getting value of attribute type 3 for object 804E9E8
LOG [get_objects] Searching for data object {vas-auth-user,rcdev.vintela.com}
LOG [get_objects] Found 1 data object(s)
LOG [get_string] getting value of attribute type 17 for object 804F638
LOG [get_objects] Searching for data object {vas-auth-pwd,rcdev.vintela.com}
LOG [get_objects] Found 1 data object(s)
LOG [get_string] getting value of attribute type 17 for object 804F4A0
LOG [get_objects] Searching for data object {vas-auth-user,vintela.com}
LOG [get_objects] Found 1 data object(s)
LOG [get_string] getting value of attribute type 17 for object 804E9E8
LOG [get_objects] Searching for data object {vas-auth-pwd,vintela.com}
LOG [get_objects] Found 1 data object(s)
LOG [get_string] getting value of attribute type 17 for object 804E8C8
LOG [close_session] finalizing cryptoki
(4) Default configuration file present with DebugLevel set to HIGH =>
application fails
$ vim ~/.pkcs11rc
$ grep DebugLevel ~/.pkcs11rc
DebugLevel = HIGH # Only logs high priority messages
$ ./vas-auth-tool --module /usr/local/lib/libmusclepkcs11.so --slot 1 --pin
00000000 --view
LOG [open_session] Loading module: /usr/local/lib/libmusclepkcs11.so
LOG [open_session] Opening session for slot = 01
LOG [open_session] Performing login
LOG [get_objects] Searching for data object {vas-auth-user,(null)}
ERROR [get_objects] search failed: bad arguments
*** Error getting domains ***
No domains found
LOG [close_session] finalizing cryptoki
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
