From d6d13132b1a8f8b410f33f2b241e028db7238db7 Mon Sep 17 00:00:00 2001
From: Aki Tuomi <cmouse@cmouse.fi>
Date: Tue, 20 Feb 2018 08:19:16 +0200
Subject: [PATCH] pkcs11signers: Get actual slot IDs from PKCS#11 device

Some devices have slots that do not start from 0, so we ask
for the slot IDs from the device and iterate those instead of
just guessing the slot ID.
---
 pdns/pkcs11signers.cc | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/pdns/pkcs11signers.cc b/pdns/pkcs11signers.cc
index 045bae2b5..2ebe42e14 100644
--- a/pdns/pkcs11signers.cc
+++ b/pdns/pkcs11signers.cc
@@ -626,6 +626,7 @@ static std::map<std::string, std::shared_ptr<Pkcs11Token> > pkcs11_tokens;
 CK_RV Pkcs11Slot::HuntSlot(const string& tokenId, CK_SLOT_ID &slotId, _CK_SLOT_INFO* info, CK_FUNCTION_LIST* functions)
 {
   CK_RV err;
+  unsigned int i;
   unsigned long slots;
   _CK_TOKEN_INFO tinfo;
 
@@ -637,8 +638,19 @@ CK_RV Pkcs11Slot::HuntSlot(const string& tokenId, CK_SLOT_ID &slotId, _CK_SLOT_I
     return err;
   }
 
+  // get the actual slot ids
+  CK_SLOT_ID slotIds[slots];
+  err = functions->C_GetSlotList(CK_FALSE, slotIds, &slots);
+  if (err) {
+    L<<Logger::Warning<<"C_GetSlotList(CK_FALSE, slotIds, &slots) = " << err << std::endl;
+    return err;
+  }
+
   // iterate all slots
-  for(slotId=0;slotId<slots;slotId++) {
+  for(i=0;i<slots;i++) {
+    slotId=slotIds[i];
+    if (slotId == static_cast<CK_SLOT_ID>(-1))
+      continue;
     if ((err = functions->C_GetSlotInfo(slotId, info))) {
       L<<Logger::Warning<<"C_GetSlotList("<<slotId<<", info) = " << err << std::endl;
       return err;
@@ -651,6 +663,7 @@ CK_RV Pkcs11Slot::HuntSlot(const string& tokenId, CK_SLOT_ID &slotId, _CK_SLOT_I
     slotName.assign(reinterpret_cast<char*>(tinfo.label), 32);
     // trim it
     boost::trim(slotName);
+
     if (boost::iequals(slotName, tokenId)) {
       return 0;
     }
-- 
2.40.0