For the C_Initialize() patch... If you got already initialize you should not call C_Finalize.
On Tue, Oct 20, 2009 at 11:23 AM, David Smith <[email protected]> wrote: > Hi OpenSC folks, > > While debugging some issues with pkcs#11 related handling in > wpasupplicant, I found two small bugs that I'm sending patches for. > Both are related to attempting to reuse pkcs#11 modules in one > process, something that wpasupplicant does when switching to and from > networks that one wants to authenticate to using smartcard > credentials. > > The first is for a buffer overrun in engine_pkcs11's pin handling. The > overrun occurs after the pin has been created with strdup() via > set_pin(), when it is OPENSSL_cleanse() it always cleanses to > MAX_PIN_LENGTH, which will cause free() to fail when the pin is short. > The patch adds tracking of the pin length in a new static variable and > uses it for all calls to OPENSSL_cleanse(). > > The second patch is to make libp11 swallow > CKR_CRYPTOKI_ALREADY_INITIALIZED returns from C_Initialize(). It's an > informational message and should not be bubbled up to the caller. > > Please take a look, > - dds > > _______________________________________________ > opensc-devel mailing list > [email protected] > http://www.opensc-project.org/mailman/listinfo/opensc-devel > _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
