trust: More appropriate rv when non-modifiable object deleted

This will change once the spec has a specific attribute and code
to signify deletability.

diff --git a/trust/anchor.c b/trust/anchor.c
index e20282bb3a862ab997608d7e7a403058a38e0937..7854c5f81f21f1053b80d3219c9cd1d645581a5a 100644 (file)
--- a/trust/anchor.c
+++ b/trust/anchor.c
@@ -508,6 +508,7 @@ remove_all (p11_kit_iter *iter)
                        continue;
                case CKR_TOKEN_WRITE_PROTECTED:
                case CKR_SESSION_READ_ONLY:
+               case CKR_ATTRIBUTE_READ_ONLY:
                        p11_message ("couldn't remove read-only %s", desc);
                        continue;
                default:

diff --git a/trust/module.c b/trust/module.c
index 5ebe1fffe4d651143b1aede1503112aee063707c..852d74fc08e80632e3433ca4eeaac0b467c2b0af 100644 (file)
--- a/trust/module.c
+++ b/trust/module.c
@@ -975,7 +975,7 @@ sys_C_DestroyObject (CK_SESSION_HANDLE handle,
 
                        if (rv == CKR_OK && p11_attrs_find_bool (attrs, CKA_MODIFIABLE, &val) && !val) {
                                /* TODO: This should be replaced with CKR_ACTION_PROHIBITED */
-                               rv = CKR_FUNCTION_REJECTED;
+                               rv = CKR_ATTRIBUTE_READ_ONLY;
                        }
 
                        if (rv == CKR_OK)