diff --git a/ChangeLog b/ChangeLog index 1d3e74671..44c47527c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20131107 + - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) + that got lost in recent merge. + 20131104 - (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2013/11/02 20:03:54 diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 6e8d2db36..b785d822c 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -233,13 +233,16 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, CKM_RSA_PKCS, NULL_PTR, 0 }; CK_ATTRIBUTE key_filter[] = { - {CKA_CLASS, &private_key_class, sizeof(private_key_class) }, + {CKA_CLASS, NULL, sizeof(private_key_class) }, {CKA_ID, NULL, 0}, - {CKA_SIGN, &true_val, sizeof(true_val) } + {CKA_SIGN, NULL, sizeof(true_val) } }; char *pin, prompt[1024]; int rval = -1; + key_filter[0].pValue = &private_key_class; + key_filter[2].pValue = &true_val; + if ((k11 = RSA_get_app_data(rsa)) == NULL) { error("RSA_get_app_data failed for rsa %p", rsa); return (-1); @@ -392,10 +395,10 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; CK_ATTRIBUTE pubkey_filter[] = { - { CKA_CLASS, &pubkey_class, sizeof(pubkey_class) } + { CKA_CLASS, NULL, sizeof(pubkey_class) } }; CK_ATTRIBUTE cert_filter[] = { - { CKA_CLASS, &cert_class, sizeof(cert_class) } + { CKA_CLASS, NULL, sizeof(cert_class) } }; CK_ATTRIBUTE pubkey_attribs[] = { { CKA_ID, NULL, 0 }, @@ -407,6 +410,8 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, { CKA_SUBJECT, NULL, 0 }, { CKA_VALUE, NULL, 0 } }; + pubkey_filter[0].pValue = &pubkey_class; + cert_filter[0].pValue = &cert_class; if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs, keysp, nkeys) < 0 ||