p11tool: use GNUTLS_PIN and GNUTLS_SO_PIN when setting the PINs of an initialized...

diff --git a/src/p11tool-args.def b/src/p11tool-args.def
index 043e18794479dca33b7fd57869cb0bbc3ae76ba0..971009a84b3b4d8edaa9759020198e8a635aaaa1 100644 (file)
--- a/src/p11tool-args.def
+++ b/src/p11tool-args.def
@@ -272,14 +272,14 @@ flag = {
     name      = set-pin;
     arg-type  = string;
     descrip   = "Specify the PIN to use on token initialization";
-    doc      = "";
+    doc      = "Alternatively the GNUTLS_PIN environment variable may be used.";
 };
 
 flag = {
     name      = set-so-pin;
     arg-type  = string;
     descrip   = "Specify the Security Officer's PIN to use on token initialization";
-    doc      = "";
+    doc      = "Alternatively the GNUTLS_SO_PIN environment variable may be used.";
 };
 
 flag = {

diff --git a/src/pkcs11.c b/src/pkcs11.c
index 8bfeb0229453c1239c9a13addd24d0f914c0fb4e..5e6806b049078d9ba4043ab10a656d90e3a9c85a 100644 (file)
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -593,7 +593,9 @@ pkcs11_init(FILE * outfile, const char *url, const char *label,
        if (info->so_pin != NULL)
                pin = info->so_pin;
        else {
-               pin = getpass("Enter Security Officer's PIN: ");
+               pin = getenv("GNUTLS_SO_PIN");
+               if (pin == NULL && info->batch == 0)
+                       pin = getpass("Enter Security Officer's PIN: ");
                if (pin == NULL)
                        exit(1);
        }
@@ -603,10 +605,12 @@ pkcs11_init(FILE * outfile, const char *url, const char *label,
 
        strcpy(so_pin, pin);
 
-       if (info->so_pin != NULL)
+       if (info->so_pin != NULL) {
                pin = info->pin;
-       else {
-               pin = getpass("Enter new User's PIN: ");
+       } else {
+               pin = getenv("GNUTLS_PIN");
+               if (pin == NULL && info->batch == 0)
+                       pin = getpass("Enter new User's PIN: ");
                if (pin == NULL)
                        exit(1);
        }