From c029b32c04a9a5993b9c8715fb82421fee613137 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Sep 25 2018 13:08:48 +0000
Subject: Include the token name when a PIN is provided but is unused


This improves the output so the user will know which token
the PIN is missing for. Theoretically it should be the token
they asked for but this will show certmogner's view of it.

---

diff --git a/src/certread-n.c b/src/certread-n.c
index f2e78c0..57a38dc 100644
--- a/src/certread-n.c
+++ b/src/certread-n.c
@@ -259,9 +259,9 @@ cm_certread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 			if ((pin != NULL) &&
 			    (strlen(pin) > 0) &&
 			    (cb_data.n_attempts == 0)) {
-				cm_log(1, "PIN was not needed to auth to cert "
-				       "db, though one was provided. "
-				       "Treating this as an error.\n");
+				cm_log(1, "PIN was not needed to auth to token "
+				       "%s, though one was provided. "
+				       "Treating this as an error.\n", token);
 				goto next_slot;
 			}
 		}
diff --git a/src/keygen-n.c b/src/keygen-n.c
index 8078a52..84b0bbd 100644
--- a/src/keygen-n.c
+++ b/src/keygen-n.c
@@ -400,8 +400,8 @@ next_slot:
 	    (strlen(pin) > 0) &&
 	    (cb_data.n_attempts == 0)) {
 		cm_log(1, "PIN was not needed to auth to key "
-		       "store, though one was provided. "
-		       "Treating this as an error.\n");
+		       "store token %s, though one was provided. "
+		       "Treating this as an error.\n", token);
 		PK11_FreeSlotList(slotlist);
 		error = NSS_ShutdownContext(ctx);
 		if (error != SECSuccess) {