Oh... I really don't know libp11... But if one process called C_Initialize() and then another/same thread called C_Initialize() again and calls C_Finalize, first thread will not be able to continue working.
On Tue, Oct 20, 2009 at 11:45 AM, David Smith <[email protected]> wrote: > On Tue, Oct 20, 2009 at 6:41 PM, Alon Bar-Lev <[email protected]> wrote: >> For the C_Initialize() patch... If you got already initialize you >> should not call C_Finalize. > > Can you explain more? How should the handling look like with libp11? > >> >> >> On Tue, Oct 20, 2009 at 11:23 AM, David Smith >> <[email protected]> wrote: >>> Hi OpenSC folks, >>> >>> While debugging some issues with pkcs#11 related handling in >>> wpasupplicant, I found two small bugs that I'm sending patches for. >>> Both are related to attempting to reuse pkcs#11 modules in one >>> process, something that wpasupplicant does when switching to and from >>> networks that one wants to authenticate to using smartcard >>> credentials. >>> >>> The first is for a buffer overrun in engine_pkcs11's pin handling. The >>> overrun occurs after the pin has been created with strdup() via >>> set_pin(), when it is OPENSSL_cleanse() it always cleanses to >>> MAX_PIN_LENGTH, which will cause free() to fail when the pin is short. >>> The patch adds tracking of the pin length in a new static variable and >>> uses it for all calls to OPENSSL_cleanse(). >>> >>> The second patch is to make libp11 swallow >>> CKR_CRYPTOKI_ALREADY_INITIALIZED returns from C_Initialize(). It's an >>> informational message and should not be bubbled up to the caller. >>> >>> Please take a look, >>> - dds >>> >>> _______________________________________________ >>> opensc-devel mailing list >>> [email protected] >>> http://www.opensc-project.org/mailman/listinfo/opensc-devel >>> >> > _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
