From 3ceb3eb5b1c36ead2a862bcec5e527f74dc91381 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:49 -0400
Subject: [PATCH 39/42] Fix token auth authentication failure error reporting.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/cms_common.c | 4 +++-
 src/daemon.c     | 4 ++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/cms_common.c b/src/cms_common.c
index 898ddfb..2f3683e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -316,6 +316,7 @@ unlock_nss_token(cms_context *cms)
 	secuPWData pwdata_val = { 0, 0 };
 	void *pwdata = cms->pwdata ? cms->pwdata : &pwdata_val;
 	PK11_SetPasswordFunc(cms->func ? cms->func : SECU_GetModulePassword);
+	int rc = -1;
 
 	PK11SlotList *slots = NULL;
 	slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
@@ -323,7 +324,7 @@ unlock_nss_token(cms_context *cms)
 		cms->log(cms, LOG_ERR, "Could not find certificate \"%s\"",
 			cms->tokenname);
 err:
-		return -1;
+		return rc;
 	}
 
 	PK11SlotListElement *psle = NULL;
@@ -351,6 +352,7 @@ err_slots:
 			cms->log(cms, LOG_ERR, "Authentication failed for "
 				"token \"%s\"", cms->tokenname);
 			PK11_DestroySlotListElement(slots, &psle);
+			rc = -2;
 			goto err_slots;
 		}
 	}
diff --git a/src/daemon.c b/src/daemon.c
index 974a559..bf7485f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -204,10 +204,10 @@ malformed:
 	cms_set_pw_callback(ctx->cms, get_password_fail);
 	cms_set_pw_data(ctx->cms, NULL);
 
-	if (rc < 0)
+	if (rc == -1)
 		ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
 			"could not find token \"%s\"", tn->value);
-	else
+	else if (rc == 0)
 		ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
 			"authentication succeeded for token \"%s\"",
 			tn->value);
-- 
1.7.12.1