Resolve "buffer too small" error with some bigger certs #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This should be already resolved. |
Closed
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 23, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 23, 2018
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 21, 2021
After fork the context handler will reset the PKCS#11 module by
calling C_Initialize. After this all handles from the module should
be considered invalidated.
This combines the session opening and logging after fork to single
function, and removes the relogin flag from functions where it's
not needed. The new pkcs11_reload_slot() properly update the state
so the normal functions operate as expected.
This also fixes a memory leak after fork: if the slot was in
logged-in state, a session was leaked from check_slot_fork_int because:
1. the "if loggedIn" clears state, and calls pkcs11_relogin() which
also implicitly opens a session
2. the next "if haveSession" block fires also, and clears state,
and calls pkcs11_reopen_session. This function will explicitly
call C_OpenSession overwriting and leaking the session from step OpenSC#1
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 22, 2021
After fork the context handler will reset the PKCS#11 module by
calling C_Initialize. After this all handles from the module should
be considered invalidated.
This combines the session opening and logging after fork to single
function, and removes the relogin flag from functions where it's
not needed. The new pkcs11_reload_slot() properly update the state
so the normal functions operate as expected.
This also fixes a memory leak after fork: if the slot was in
logged-in state, a session was leaked from check_slot_fork_int because:
1. the "if loggedIn" clears state, and calls pkcs11_relogin() which
also implicitly opens a session
2. the next "if haveSession" block fires also, and clears state,
and calls pkcs11_reopen_session. This function will explicitly
call C_OpenSession overwriting and leaking the session from step OpenSC#1
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 22, 2021
After fork the context handler will reset the PKCS#11 module by
calling C_Initialize. After this all handles from the module should
be considered invalidated.
This combines the session opening and logging after fork to single
function, and removes the relogin flag from functions where it's
not needed. The new pkcs11_reload_slot() properly update the state
so the normal functions operate as expected.
This also fixes a memory leak after fork: if the slot was in
logged-in state, a session was leaked from check_slot_fork_int because:
1. the "if loggedIn" clears state, and calls pkcs11_relogin() which
also implicitly opens a session
2. the next "if haveSession" block fires also, and clears state,
and calls pkcs11_reopen_session. This function will explicitly
call C_OpenSession overwriting and leaking the session from step OpenSC#1
mtrojnar
pushed a commit
that referenced
this pull request
Apr 11, 2021
After fork the context handler will reset the PKCS#11 module by
calling C_Initialize. After this all handles from the module should
be considered invalidated.
This combines the session opening and logging after fork to single
function, and removes the relogin flag from functions where it's
not needed. The new pkcs11_reload_slot() properly update the state
so the normal functions operate as expected.
This also fixes a memory leak after fork: if the slot was in
logged-in state, a session was leaked from check_slot_fork_int because:
1. the "if loggedIn" clears state, and calls pkcs11_relogin() which
also implicitly opens a session
2. the next "if haveSession" block fires also, and clears state,
and calls pkcs11_reopen_session. This function will explicitly
call C_OpenSession overwriting and leaking the session from step #1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch allows to use PPTP VPN from Linux to Windows Server using Aladdin eToken PRO 64K. Without the patch, for some certificates pppd will fail with error: "pkcs11_init_cert: buffer too small" and refuse to establish connection.
This fixes ticket #350 in libp11 trac:
https://www.opensc-project.org/opensc/ticket/350