From f358242f0068b280c1478075617288095dd95adc Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Fri, 5 Apr 2013 19:17:25 +0200 Subject: Force Mac OS shared library extension to .so Darwin and libtool seem confused about what shared library extension they actually use. https://bugs.freedesktop.org/show_bug.cgi?id=57714 --- configure.ac | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 3511800..382c96a 100644 --- a/configure.ac +++ b/configure.ac @@ -398,7 +398,17 @@ echo $PACKAGE_VERSION | tr '.' ' ' | while read major minor unused; do break done -eval SHLEXT=$shrext_cmds +case "$host" in +*-*-darwin*) + # It seems like libtool lies about this see: + # https://bugs.freedesktop.org/show_bug.cgi?id=57714 + SHLEXT='.so' + ;; +*) + eval SHLEXT=$shrext_cmds + ;; +esac + AC_DEFINE_UNQUOTED(SHLEXT, ["$SHLEXT"], [File extension for shared libraries]) AC_SUBST(SHLEXT) -- cgit v1.1 From cf91dc6975424e3ba3971e4496e91036e97419e5 Mon Sep 17 00:00:00 2001 From: "manphiz@gmail.com" Date: Wed, 24 Apr 2013 01:01:00 +0000 Subject: Fix uninitialized p11_library_once https://bugs.freedesktop.org/show_bug.cgi?id=57714 --- common/library.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/library.c b/common/library.c index 2d54fd5..b7d6923 100644 --- a/common/library.c +++ b/common/library.c @@ -60,7 +60,7 @@ static p11_local * _p11_library_get_thread_local (void); p11_mutex_t p11_library_mutex; #ifdef OS_UNIX -pthread_once_t p11_library_once; +pthread_once_t p11_library_once = PTHREAD_ONCE_INIT; #endif static char * -- cgit v1.1 From 3dc38f294af5bbe1939d38ec9b3fcd699f97c8ce Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 5 Jun 2013 10:41:19 +0200 Subject: trust: Fix reinitialization of trust module Track number of C_Initialize calls, and require similar number of C_Finalize calls to finalize. This fixes leaks/disappearing sessions in the trust module. https://bugs.freedesktop.org/show_bug.cgi?id=65401 --- trust/module.c | 25 +++++++++++++--- trust/tests/frob-multi-init.c | 69 +++++++++++++++++++++++++++++++++++++++++++ trust/tests/test-module.c | 49 ++++++++++++++++++++++++++++++ 3 files changed, 139 insertions(+), 4 deletions(-) create mode 100644 trust/tests/frob-multi-init.c diff --git a/trust/module.c b/trust/module.c index 7595ba1..15a4890 100644 --- a/trust/module.c +++ b/trust/module.c @@ -65,10 +65,11 @@ #define BASE_SLOT_ID 18UL static struct _Shared { + int initialized; p11_dict *sessions; p11_array *tokens; char *paths; -} gl = { NULL, NULL }; +} gl = { 0, NULL, NULL, NULL }; /* Used during FindObjects */ typedef struct _FindObjects { @@ -354,10 +355,13 @@ sys_C_Finalize (CK_VOID_PTR reserved) } else { p11_lock (); - if (!gl.sessions) { + if (gl.initialized == 0) { + p11_debug ("trust module is not initialized"); rv = CKR_CRYPTOKI_NOT_INITIALIZED; - } else { + } else if (gl.initialized == 1) { + p11_debug ("doing finalization"); + free (gl.paths); gl.paths = NULL; @@ -368,6 +372,11 @@ sys_C_Finalize (CK_VOID_PTR reserved) gl.tokens = NULL; rv = CKR_OK; + gl.initialized = 0; + + } else { + gl.initialized--; + p11_debug ("trust module still initialized %d times", gl.initialized); } p11_unlock (); @@ -416,11 +425,17 @@ sys_C_Initialize (CK_VOID_PTR init_args) rv = CKR_CANT_LOCK; } + if (rv == CKR_OK && gl.initialized != 0) { + p11_debug ("trust module already initialized %d times", + gl.initialized); + /* * We support setting the socket path and other arguments from from the * pReserved pointer, similar to how NSS PKCS#11 components are initialized. */ - if (rv == CKR_OK) { + } else if (rv == CKR_OK) { + p11_debug ("doing initialization"); + if (args->pReserved) parse_arguments ((const char*)args->pReserved); @@ -438,6 +453,8 @@ sys_C_Initialize (CK_VOID_PTR init_args) } } + gl.initialized++; + p11_unlock (); if (rv != CKR_OK) diff --git a/trust/tests/frob-multi-init.c b/trust/tests/frob-multi-init.c new file mode 100644 index 0000000..d966540 --- /dev/null +++ b/trust/tests/frob-multi-init.c @@ -0,0 +1,69 @@ +/* + * gcc -Wall -o frob-multi-init $(pkg-config p11-kit-1 --cflags --libs) -ldl frob-multi-init.c + */ + +#include +#include +#include + +#include + +#define TRUST_SO "/usr/lib64/pkcs11/p11-kit-trust.so" + +int +main (void) +{ + CK_C_INITIALIZE_ARGS args = + { NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, }; + CK_C_GetFunctionList C_GetFunctionList; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *module; + CK_SLOT_ID slots[8]; + CK_SESSION_INFO info; + CK_ULONG count; + CK_RV rv; + void *dl; + + dl = dlopen (TRUST_SO, RTLD_LOCAL | RTLD_NOW); + if (dl == NULL) + fprintf (stderr, "%s\n", dlerror()); + assert (dl != NULL); + + C_GetFunctionList = dlsym (dl, "C_GetFunctionList"); + assert (C_GetFunctionList != NULL); + + rv = C_GetFunctionList (&module); + assert (rv == CKR_OK); + assert (module != NULL); + + rv = module->C_Initialize (&args); + assert (rv == CKR_OK); + + count = 8; + rv = module->C_GetSlotList (CK_TRUE, slots, &count); + assert (rv == CKR_OK); + assert (count > 1); + + rv = module->C_OpenSession (slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); + + rv = module->C_GetSessionInfo (session, &info); + assert (rv == CKR_OK); + + rv = p11_kit_initialize_registered (); + assert (rv == CKR_OK); + + rv = module->C_GetSessionInfo (session, &info); + if (rv == CKR_OK) { + printf ("no reinitialization bug\n"); + return 0; + + } else if (rv == CKR_SESSION_HANDLE_INVALID) { + printf ("reinitialization bug present\n"); + return 1; + + } else { + printf ("another error: %lu\n", rv); + return 1; + } +} diff --git a/trust/tests/test-module.c b/trust/tests/test-module.c index 16d8037..7f0b1a5 100644 --- a/trust/tests/test-module.c +++ b/trust/tests/test-module.c @@ -144,6 +144,54 @@ test_get_slot_list (CuTest *cu) } static void +test_multi_initialize (CuTest *cu) +{ + static CK_C_INITIALIZE_ARGS args = + { NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, }; + CK_FUNCTION_LIST *module; + CK_SESSION_HANDLE session; + CK_SLOT_ID slots[8]; + CK_SESSION_INFO info; + CK_ULONG count; + CK_RV rv; + + /* This is the entry point of the trust module, linked to this test */ + rv = C_GetFunctionList (&module); + CuAssertTrue (cu, rv == CKR_OK); + + rv = module->C_Initialize (&args); + CuAssertTrue (cu, rv == CKR_OK); + + count = 8; + rv = module->C_GetSlotList (CK_TRUE, slots, &count); + CuAssertTrue (cu, rv == CKR_OK); + CuAssertTrue (cu, count > 0); + + rv = module->C_OpenSession (slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); + CuAssertTrue (cu, rv == CKR_OK); + + rv = module->C_GetSessionInfo (session, &info); + CuAssertTrue (cu, rv == CKR_OK); + CuAssertTrue (cu, info.slotID == slots[0]); + + rv = module->C_Initialize (&args); + CuAssertTrue (cu, rv == CKR_OK); + + rv = module->C_GetSessionInfo (session, &info); + CuAssertTrue (cu, rv == CKR_OK); + CuAssertTrue (cu, info.slotID == slots[0]); + + rv = module->C_Finalize (NULL); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = module->C_Finalize (NULL); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = module->C_Finalize (NULL); + CuAssertIntEquals (cu, CKR_CRYPTOKI_NOT_INITIALIZED, rv); +} + +static void test_get_slot_info (CuTest *cu) { CK_SLOT_ID slots[NUM_SLOTS]; @@ -1009,6 +1057,7 @@ main (void) putenv ("P11_KIT_STRICT=1"); p11_library_init (); + SUITE_ADD_TEST (suite, test_multi_initialize); SUITE_ADD_TEST (suite, test_get_slot_list); SUITE_ADD_TEST (suite, test_get_slot_info); SUITE_ADD_TEST (suite, test_get_token_info); -- cgit v1.1 From 1b61494bb10866841e52956a2b65b75259f64e3c Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 5 Jun 2013 10:03:41 +0200 Subject: trust: Fix crash when C_Initialize args are NULL https://bugs.freedesktop.org/show_bug.cgi?id=65401 --- trust/module.c | 5 ++++- trust/tests/test-module.c | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/trust/module.c b/trust/module.c index 15a4890..ba41884 100644 --- a/trust/module.c +++ b/trust/module.c @@ -389,6 +389,8 @@ sys_C_Finalize (CK_VOID_PTR reserved) static CK_RV sys_C_Initialize (CK_VOID_PTR init_args) { + static CK_C_INITIALIZE_ARGS def_args = + { NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, }; CK_C_INITIALIZE_ARGS *args = NULL; int supplied_ok; CK_RV rv; @@ -403,8 +405,9 @@ sys_C_Initialize (CK_VOID_PTR init_args) rv = CKR_OK; - /* pReserved must be NULL */ args = init_args; + if (args == NULL) + args = &def_args; /* ALL supplied function pointers need to have the value either NULL or non-NULL. */ supplied_ok = (args->CreateMutex == NULL && args->DestroyMutex == NULL && diff --git a/trust/tests/test-module.c b/trust/tests/test-module.c index 7f0b1a5..472263a 100644 --- a/trust/tests/test-module.c +++ b/trust/tests/test-module.c @@ -144,6 +144,23 @@ test_get_slot_list (CuTest *cu) } static void +test_null_initialize (CuTest *cu) +{ + CK_FUNCTION_LIST *module; + CK_RV rv; + + /* This is the entry point of the trust module, linked to this test */ + rv = C_GetFunctionList (&module); + CuAssertTrue (cu, rv == CKR_OK); + + rv = module->C_Initialize (NULL); + CuAssertTrue (cu, rv == CKR_OK); + + rv = module->C_Finalize (NULL); + CuAssertIntEquals (cu, CKR_OK, rv); +} + +static void test_multi_initialize (CuTest *cu) { static CK_C_INITIALIZE_ARGS args = @@ -1057,6 +1074,7 @@ main (void) putenv ("P11_KIT_STRICT=1"); p11_library_init (); + SUITE_ADD_TEST (suite, test_null_initialize); SUITE_ADD_TEST (suite, test_multi_initialize); SUITE_ADD_TEST (suite, test_get_slot_list); SUITE_ADD_TEST (suite, test_get_slot_info); -- cgit v1.1 From 49e344cfa48d765ccc83a7313b1ba1c30252b84e Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 5 Jun 2013 13:24:43 +0200 Subject: Release version 0.18.3 --- NEWS | 5 +++++ configure.ac | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 9b4e67c..be0e3b4 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +0.18.3 (stable) + * Fix reinitialization of trust module [#65401] + * Fix crash in trust module C_Initialize + * Mac OS fixes [#57714] + 0.18.2 (stable) * Build fixes [#64378 ...] diff --git a/configure.ac b/configure.ac index 382c96a..cf886a9 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ AC_PREREQ(2.61) AC_INIT([p11-kit], - [0.18.2], + [0.18.3], [https://bugs.freedesktop.org/enter_bug.cgi?product=p11-glue], [p11-kit], [http://p11-glue.freedesktop.org/p11-kit.html]) -- cgit v1.1