Ticket #14 (closed defect: fixed)
C_Initalize should be called after each fork
| Reported by: | alon.barlev@… | Owned by: | somebody |
|---|---|---|---|
| Priority: | normal | Milestone: | milestone1 |
| Component: | component1 | Version: | 1.0 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Hello,
The pkcs11_eventmgr first C_Initialize then becomes a daemon... The PKCS#11 standard states that after fork the user must call C_Initialize again, in order to allow proper library initialization at new process.
Also, don't quit on major errors... try to reinitialize.
I've sent this a long time ago...
Please consider the following patch:
diff -urNp pam_pkcs11-0.5.3/src/common/pkcs11.c pam_pkcs11-0.5.3.new/src/common/pkcs11.c
--- pam_pkcs11-0.5.3/src/common/pkcs11.c 2005-09-12 09:12:55.000000000 +0000
+++ pam_pkcs11-0.5.3.new/src/common/pkcs11.c 2005-10-05 03:07:30.000000000 +0000
@@ -82,7 +82,9 @@ int init_pkcs11_module(pkcs11_handle_t *
/* initialise the module */
rv = h->fl->C_Initialize(NULL);
- if (rv != CKR_OK) {
+ if (rv == CKR_OK)
+ h->should_finalize = 1;
+ else if (rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
set_error("C_Initialize() failed: %x", rv);
return -1;
}
@@ -170,7 +172,8 @@ void release_pkcs11_module(pkcs11_handle
{
/* finalise pkcs #11 module */
if (h->fl != NULL)
- h->fl->C_Finalize(NULL);
+ if (h->should_finalize)
+ h->fl->C_Finalize(NULL);
/* unload the module */
if (h->module_handle != NULL)
dlclose(h->module_handle);
diff -urNp pam_pkcs11-0.5.3/src/common/pkcs11.h pam_pkcs11-0.5.3.new/src/common/pkcs11.h
--- pam_pkcs11-0.5.3/src/common/pkcs11.h 2005-09-12 09:12:55.000000000 +0000
+++ pam_pkcs11-0.5.3.new/src/common/pkcs11.h 2005-10-05 03:07:30.000000000 +0000
@@ -136,6 +136,7 @@ typedef struct {
typedef struct {
void *module_handle;
CK_FUNCTION_LIST_PTR fl;
+ int should_finalize;
slot_t *slots;
CK_ULONG slot_count;
CK_SESSION_HANDLE session;
diff -urNp pam_pkcs11-0.5.3/src/tools/pkcs11_eventmgr.c pam_pkcs11-0.5.3.new/src/tools/pkcs11_eventmgr.c
--- pam_pkcs11-0.5.3/src/tools/pkcs11_eventmgr.c 2005-09-12 09:12:54.000000000 +0000
+++ pam_pkcs11-0.5.3.new/src/tools/pkcs11_eventmgr.c 2005-10-05 03:11:24.000000000 +0000
@@ -283,15 +283,6 @@ int main(int argc, char *argv[]) {
return 1;
}
- /* open pkcs11 sesion */
- DBG("initialising pkcs #11 module...");
- rv = ph.fl->C_Initialize(NULL);
- if (rv != 0) {
- release_pkcs11_module(&ph);
- DBG1("C_Initialize() failed: %d", rv);
- return 1;
- }
-
/* put my self into background if flag is set */
if (daemonize) {
DBG("Going to be daemon...");
@@ -303,6 +294,17 @@ int main(int argc, char *argv[]) {
}
}
+ /* open pkcs11 sesion */
+ DBG("initialising pkcs #11 module...");
+ rv = ph.fl->C_Initialize(NULL);
+ if (rv != 0) {
+ release_pkcs11_module(&ph);
+ if (ctx) scconf_free(ctx);
+ DBG1("C_Initialize() failed: %d", rv);
+ return 1;
+ }
+ ph.should_finalize = 1;
+
/*
* Wait endlessly for all events in the list of readers
* We only stop in case of an error
@@ -324,7 +326,9 @@ int main(int argc, char *argv[]) {
new_state = get_a_token();
if (new_state == CARD_ERROR) {
DBG("Error trying to get a token");
- break;
+ rv = ph.fl->C_Finalize(NULL);
+ rv = ph.fl->C_Initialize(NULL);
+ continue;
}
if (old_state == new_state ) { /* state unchanged */
/* on card not present, increase and check expire time */
Attachments
-
pam_pkcs11-0.5.3-daemon-init.patch
(2.8 KB) - added by alon.barlev@…
4 years ago.
- A patch to C_Initialize at proper place
Change History
Note: See
TracTickets for help on using
tickets.
