Refuse to load the p11-kit-proxy.so as a registered module

 * Since p11-kit-proxy.so is a symlink to the libp11-kit.so library
   we check that we are not calling into our known CK_FUNCTION_LIST
   for the proxy code.
 * Although such a configuration is invalid, detecting this directly
   prevents strange initialization loop issues that are hard to debug.

https://bugs.freedesktop.org/show_bug.cgi?id=55052

diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 9dc3a3a264aa91010b23da1e2b7e4f5ccc2f2ae7..a4ffc43cd8c8242626ce12c371f47bbee32a6bc3 100644 (file)
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -553,13 +553,19 @@ initialize_module_unlocked_reentrant (Module *mod)
        _p11_unlock ();
 
        if (!mod->initialize_called) {
+               assert (mod->funcs);
 
-               _p11_debug ("C_Initialize: calling");
+               if (mod->funcs == &_p11_proxy_function_list) {
+                       _p11_message ("refusing to load the p11-kit-proxy.so module as a registered module");
+                       rv = CKR_FUNCTION_FAILED;
 
-               assert (mod->funcs);
-               rv = mod->funcs->C_Initialize (&mod->init_args);
+               } else {
+                       _p11_debug ("C_Initialize: calling");
 
-               _p11_debug ("C_Initialize: result: %lu", rv);
+                       rv = mod->funcs->C_Initialize (&mod->init_args);
+
+                       _p11_debug ("C_Initialize: result: %lu", rv);
+               }
 
                /* Module was initialized and C_Finalize should be called */
                if (rv == CKR_OK)

diff --git a/p11-kit/private.h b/p11-kit/private.h
index f2cd18197a2bb4dfb33620878a0445e93679fa59..61cd1425f6772e82b5533b44690e6ed082a5b750 100644 (file)
--- a/p11-kit/private.h
+++ b/p11-kit/private.h
@@ -73,6 +73,7 @@ extern pthread_once_t _p11_once;
 
 #endif /* !OS_WIN32 */
 
+extern CK_FUNCTION_LIST _p11_proxy_function_list;
 
 void        _p11_library_init                                   (void);
 

diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
index bae25d382c492fe759fb227a45e42f9345ec061d..a4b947aeb8462919d398e55443756b09e3ee93fa 100644 (file)
--- a/p11-kit/proxy.c
+++ b/p11-kit/proxy.c
@@ -69,9 +69,6 @@ typedef struct _Session {
        CK_SLOT_ID wrap_slot;
 } Session;
 
-/* Forward declaration */
-static CK_FUNCTION_LIST proxy_function_list;
-
 /*
  * Shared data between threads, protected by the mutex, a structure so
  * we can audit thread safety easier.
@@ -365,7 +362,7 @@ proxy_C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
        /* Can be called before C_Initialize */
 
        return_val_if_fail (list != NULL, CKR_ARGUMENTS_BAD);
-       *list = &proxy_function_list;
+       *list = &_p11_proxy_function_list;
        return CKR_OK;
 }
 
@@ -1312,7 +1309,7 @@ proxy_C_GenerateRandom (CK_SESSION_HANDLE handle, CK_BYTE_PTR random_data,
  * MODULE ENTRY POINT
  */
 
-static CK_FUNCTION_LIST proxy_function_list = {
+CK_FUNCTION_LIST _p11_proxy_function_list = {
        { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR },  /* version */
        proxy_C_Initialize,
        proxy_C_Finalize,