New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve "buffer too small" error with some bigger certs #1
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This should be already resolved. |
Closed
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 18, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 23, 2018
frankmorgner
added a commit
that referenced
this pull request
Apr 23, 2018
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 21, 2021
After fork the context handler will reset the PKCS#11 module by calling C_Initialize. After this all handles from the module should be considered invalidated. This combines the session opening and logging after fork to single function, and removes the relogin flag from functions where it's not needed. The new pkcs11_reload_slot() properly update the state so the normal functions operate as expected. This also fixes a memory leak after fork: if the slot was in logged-in state, a session was leaked from check_slot_fork_int because: 1. the "if loggedIn" clears state, and calls pkcs11_relogin() which also implicitly opens a session 2. the next "if haveSession" block fires also, and clears state, and calls pkcs11_reopen_session. This function will explicitly call C_OpenSession overwriting and leaking the session from step OpenSC#1
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 22, 2021
After fork the context handler will reset the PKCS#11 module by calling C_Initialize. After this all handles from the module should be considered invalidated. This combines the session opening and logging after fork to single function, and removes the relogin flag from functions where it's not needed. The new pkcs11_reload_slot() properly update the state so the normal functions operate as expected. This also fixes a memory leak after fork: if the slot was in logged-in state, a session was leaked from check_slot_fork_int because: 1. the "if loggedIn" clears state, and calls pkcs11_relogin() which also implicitly opens a session 2. the next "if haveSession" block fires also, and clears state, and calls pkcs11_reopen_session. This function will explicitly call C_OpenSession overwriting and leaking the session from step OpenSC#1
fabled
added a commit
to fabled/libp11
that referenced
this pull request
Mar 22, 2021
After fork the context handler will reset the PKCS#11 module by calling C_Initialize. After this all handles from the module should be considered invalidated. This combines the session opening and logging after fork to single function, and removes the relogin flag from functions where it's not needed. The new pkcs11_reload_slot() properly update the state so the normal functions operate as expected. This also fixes a memory leak after fork: if the slot was in logged-in state, a session was leaked from check_slot_fork_int because: 1. the "if loggedIn" clears state, and calls pkcs11_relogin() which also implicitly opens a session 2. the next "if haveSession" block fires also, and clears state, and calls pkcs11_reopen_session. This function will explicitly call C_OpenSession overwriting and leaking the session from step OpenSC#1
mtrojnar
pushed a commit
that referenced
this pull request
Apr 11, 2021
After fork the context handler will reset the PKCS#11 module by calling C_Initialize. After this all handles from the module should be considered invalidated. This combines the session opening and logging after fork to single function, and removes the relogin flag from functions where it's not needed. The new pkcs11_reload_slot() properly update the state so the normal functions operate as expected. This also fixes a memory leak after fork: if the slot was in logged-in state, a session was leaked from check_slot_fork_int because: 1. the "if loggedIn" clears state, and calls pkcs11_relogin() which also implicitly opens a session 2. the next "if haveSession" block fires also, and clears state, and calls pkcs11_reopen_session. This function will explicitly call C_OpenSession overwriting and leaking the session from step #1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch allows to use PPTP VPN from Linux to Windows Server using Aladdin eToken PRO 64K. Without the patch, for some certificates pppd will fail with error: "pkcs11_init_cert: buffer too small" and refuse to establish connection.
This fixes ticket #350 in libp11 trac:
https://www.opensc-project.org/opensc/ticket/350