entd: Restart on token init failure

base_policy/policy-utils.js

Index: base_policy/policy-utils.js
diff --git a/base_policy/policy-utils.js b/base_policy/policy-utils.js
index 1aee94406fb188b9573c5a820fc4a1c3a124a1d3..88e9beef08872457ebe25916daeda7b33a25dc3f 100644
--- a/base_policy/policy-utils.js
+++ b/base_policy/policy-utils.js
@@ -390,7 +390,7 @@ function initPkcs11() {
  * PINs have been set, and neither PIN is locked.
  */
 Policy.prototype.checkToken =
-function initToken(token) {
+function checkToken(token) {
   token.refresh();
   return ((token.flags & Token.CKF_TOKEN_INITIALIZED) &&
           (token.flags & Token.CKF_USER_PIN_INITIALIZED) &&
@@ -420,6 +420,7 @@ function initToken(token, tokenLabel) {
   var sopin;
 
   token.refresh();
+
   if (token.flags & Token.CKF_SO_PIN_TO_BE_CHANGED) {
     // If the SO pin hasn't been initialized yet, then it's the one
     // assigned by opencryptoki.
@@ -1176,7 +1177,7 @@ function cb_setPin_(arg) {
       policy.setTokenPin(token, userType, arg.oldPin, arg.newPin);
     }, 1);
 
-  return Policy.CallbackSuccess('Resetting user pin');
+  return Policy.CallbackSuccess('Resetting so pin');
 }
 
 /**
@@ -1414,6 +1415,14 @@ function cb_installCert(arg) {
                                           cert.label));
 }
 
+Policy.Callbacks.prototype['cb:restart'] =
+function cb_restart(arg) {
+  entd.syslog.info("Restarting by client request.");
+  // Exit code two means we haven't errored, but would like to be restarted.
+  entd.scheduleShutdown(2);
+  return Policy.CallbackSuccess('Restarting');
+}
+
 /**
  * Return an object indicating that a callback succeeded.
  */