Permalink
Browse files

Add support of El Capitan 10.11

If the directory /usr/lib/pkcs11 does not exist then try
the directory /usr/local/lib/pkcs11 used on El Capitan 10.11

Because of SIP (System Integrity Protection) introduced in El Capitan
10.11 the directory /usr/lib/pkcs11 cannot be used to install PKCS#11
libraries.  PKCS#11 libraries are now installed in /usr/local/lib/pkcs11.

git-svn-id: https://svn.macosforge.org/repository/smartcardservices/trunk@161 6beaa694-74da-4ea8-86b6-2f242058810b
  • Loading branch information...
1 parent 31d3579 commit ea8e7dc53da37becab347485d8b2966c97b98cac Ludovic Rousseau committed Oct 2, 2015
Showing with 14 additions and 3 deletions.
  1. +14 −3 Tokend/PKCS11/GemaltoToken.cpp
@@ -60,6 +60,7 @@ CK_FUNCTION_LIST_PTR GemaltoToken::s_CK_pFunctionList = NULL;
/* search PKCS#11 libs here.
* See http://wiki.cacert.org/wiki/Pkcs11TaskForce */
#define PKCS11LIB_PATH "/usr/lib/pkcs11/"
+#define PKCS11LIB_LOCAL_PATH "/usr/local/lib/pkcs11/"
GemaltoToken::GemaltoToken() :
@@ -293,15 +294,25 @@ uint32 GemaltoToken::probe(SecTokendProbeFlags flags, char tokenUid[TOKEND_MAX_U
GemaltoToken::toStringHex(readerState.rgbAtr, readerState.cbAtr, s);
log("GemaltoToken::probe - ATR <%s>\n", s.c_str());
- DIR *dirp = opendir(PKCS11LIB_PATH);
+ DIR *dirp;
+ /* if /usr/lib/pkcs11 does not exist then try
+ /usr/local/lib/pkcs11 used on El Capitan 10.11 */
+ const char *lib_path = PKCS11LIB_PATH;
+ dirp = opendir(lib_path);
if (NULL == dirp)
- CKError::throwMe(CKR_GENERAL_ERROR);
+ {
+ lib_path = PKCS11LIB_LOCAL_PATH;
+ dirp = opendir(lib_path);
+ if (NULL == dirp)
+ CKError::throwMe(CKR_GENERAL_ERROR);
+ }
+ log("Libraries directory: %s\n", lib_path);
bool found = false;
struct dirent *dir_entry;
while (!found && (dir_entry = readdir(dirp)) != NULL)
{
- std::string lib_name = PKCS11LIB_PATH;
+ std::string lib_name = lib_path;
const char* dlPath;
CK_FUNCTION_LIST_PTR p;
CK_RV rv;

0 comments on commit ea8e7dc

Please sign in to comment.