diff --git a/doc/manual/p11-kit-sections.txt b/doc/manual/p11-kit-sections.txt index 915fc4466..c9f0cdab6 100644 --- a/doc/manual/p11-kit-sections.txt +++ b/doc/manual/p11-kit-sections.txt @@ -142,6 +142,7 @@ p11_filter_deny_token p11_filter_release p11_filter_subclass p11_kit_remote_serve_module +p11_kit_remote_serve_token
diff --git a/p11-kit/remote.h b/p11-kit/remote.h index 12cbe6d45..899f0706d 100644 --- a/p11-kit/remote.h +++ b/p11-kit/remote.h @@ -47,6 +47,11 @@ int p11_kit_remote_serve_module (CK_FUNCTION_LIST *m int in_fd, int out_fd); +int p11_kit_remote_serve_token (CK_FUNCTION_LIST *module, + CK_TOKEN_INFO *token, + int in_fd, + int out_fd); + #endif #ifdef __cplusplus diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c index 5da53bf63..58241571a 100644 --- a/p11-kit/rpc-server.c +++ b/p11-kit/rpc-server.c @@ -37,6 +37,7 @@ #define P11_DEBUG_FLAG P11_DEBUG_RPC #include "debug.h" +#include "filter.h" #include "pkcs11.h" #include "library.h" #include "private.h" @@ -2015,3 +2016,39 @@ p11_kit_remote_serve_module (CK_FUNCTION_LIST *module, return ret; } + +int +p11_kit_remote_serve_token (CK_FUNCTION_LIST *module, + CK_TOKEN_INFO *token, + int in_fd, + int out_fd) +{ + p11_virtual virt; + p11_virtual *filter = NULL; + CK_FUNCTION_LIST *filtered = NULL; + int ret = 1; + + return_val_if_fail (module != NULL, 1); + return_val_if_fail (token != NULL, 1); + + p11_virtual_init (&virt, &p11_virtual_base, module, NULL); + filter = p11_filter_subclass (&virt, NULL); + if (filter == NULL) + goto out; + + filtered = p11_virtual_wrap (filter, (p11_destroyer)p11_virtual_uninit); + if (filtered == NULL) + goto out; + + p11_filter_allow_token (filter, token); + + ret = p11_kit_remote_serve_module (filtered, in_fd, out_fd); + + out: + if (filtered != NULL) + p11_virtual_unwrap (filtered); + if (filter != NULL) + p11_filter_release (filter); + + return ret; +}