use heim_base_once_f to initialize PKCS#11 library

heimdal · Nov 27, 2015 · 114349b · 114349b
1 parent cfe2af8
commit 114349b
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 59 deletions.
diff --git a/lib/hcrypto/Makefile.am b/lib/hcrypto/Makefile.am
@@ -12,6 +12,7 @@ libhcrypto_la_LDFLAGS = -version-info 5:0:1
 libhcrypto_la_LIBADD = \
 	$(top_builddir)/lib/asn1/libasn1.la \
 	$(LIB_dlopen) \
+	$(LIB_heimbase) \
 	$(LIBADD_roken)
 
 hcryptoincludedir = $(includedir)/hcrypto

diff --git a/lib/hcrypto/NTMakefile b/lib/hcrypto/NTMakefile
@@ -172,63 +172,63 @@ test-binaries:				\
 	$(OBJ)\test_rand.exe		\
 	$(OBJ)\test_crypto.sh
 
-$(OBJ)\destest.exe: $(OBJ)\destest.obj $(TESTLIB) $(LIBROKEN)
+$(OBJ)\destest.exe: $(OBJ)\destest.obj $(TESTLIB) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\example_evp_cipher.exe: $(OBJ)\example_evp_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\example_evp_cipher.exe: $(OBJ)\example_evp_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\mdtest.exe: $(OBJ)\mdtest.obj $(LIBHEIMDAL) $(LIBROKEN) $(OBJ)\sha512.obj
+$(OBJ)\mdtest.exe: $(OBJ)\mdtest.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(OBJ)\sha512.obj
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\rc2test.exe: $(OBJ)\rc2test.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\rc2test.exe: $(OBJ)\rc2test.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\rctest.exe: $(OBJ)\rctest.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\rctest.exe: $(OBJ)\rctest.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_bn.exe: $(OBJ)\test_bn.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\test_bn.exe: $(OBJ)\test_bn.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_bulk.exe: $(OBJ)\test_bulk.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_bulk.exe: $(OBJ)\test_bulk.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_cipher.exe: $(OBJ)\test_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_cipher.exe: $(OBJ)\test_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_engine_dso.exe: $(OBJ)\test_engine_dso.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_engine_dso.exe: $(OBJ)\test_engine_dso.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_hmac.exe: $(OBJ)\test_hmac.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\test_hmac.exe: $(OBJ)\test_hmac.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_pkcs5.exe: $(OBJ)\test_pkcs5.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\test_pkcs5.exe: $(OBJ)\test_pkcs5.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_pkcs12.exe: $(OBJ)\test_pkcs12.obj $(LIBHEIMDAL) $(LIBROKEN)
+$(OBJ)\test_pkcs12.exe: $(OBJ)\test_pkcs12.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_rsa.exe: $(OBJ)\test_rsa.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_rsa.exe: $(OBJ)\test_rsa.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_dh.exe: $(OBJ)\test_dh.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_dh.exe: $(OBJ)\test_dh.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 
-$(OBJ)\test_rand.exe: $(OBJ)\test_rand.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS)
+$(OBJ)\test_rand.exe: $(OBJ)\test_rand.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHEIMBASE) $(LIBVERS)
 	$(EXECONLINK)
 	$(EXEPREP_NODIST)
 

diff --git a/lib/hcrypto/evp-pkcs11.c b/lib/hcrypto/evp-pkcs11.c
@@ -78,60 +78,65 @@ struct pkcs11_md_ctx {
     CK_SESSION_HANDLE hSession;
 };
 
-static CK_RV
-p11_module_init(void)
+static void
+p11_module_init_once(void *context)
 {
-    CK_RV rv = CKR_OK;
-
-    if (p11_module == NULL) {
-        CK_RV (*C_GetFunctionList_fn)(CK_FUNCTION_LIST_PTR_PTR);
-        CK_FUNCTION_LIST_PTR module;
-        void *handle = NULL;
-
-        if (!issuid()) {
-            char *pkcs11ModulePath = getenv("PKCS11_MODULE_PATH");
-            if (pkcs11ModulePath != NULL) {
-                handle = dlopen(pkcs11ModulePath, RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP);
-                if (handle == NULL)
-                    fprintf(stderr, "p11_module_init(%s): %s\n", pkcs11ModulePath, dlerror());
-            }
-        }
-#ifdef PKCS11_MODULE_PATH
-        if (handle == NULL) {
-            handle = dlopen(PKCS11_MODULE_PATH, RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP);
+    CK_RV rv;
+    CK_FUNCTION_LIST_PTR module;
+    CK_RV (*C_GetFunctionList_fn)(CK_FUNCTION_LIST_PTR_PTR);
+    void *handle = NULL;
+
+    if (!issuid()) {
+        char *pkcs11ModulePath = getenv("PKCS11_MODULE_PATH");
+        if (pkcs11ModulePath != NULL) {
+            handle = dlopen(pkcs11ModulePath, RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP);
             if (handle == NULL)
-                fprintf(stderr, "p11_module_init(%s): %s\n", PKCS11_MODULE_PATH, dlerror());
+                fprintf(stderr, "p11_module_init(%s): %s\n", pkcs11ModulePath, dlerror());
         }
+    }
+#ifdef PKCS11_MODULE_PATH
+    if (handle == NULL) {
+        handle = dlopen(PKCS11_MODULE_PATH, RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP);
+        if (handle == NULL)
+            fprintf(stderr, "p11_module_init(%s): %s\n", PKCS11_MODULE_PATH, dlerror());
+    }
 #endif
-        if (handle == NULL) {
-            rv = CKR_LIBRARY_LOAD_FAILED;
-            goto cleanup;
-        }
+    if (handle == NULL) {
+        rv = CKR_LIBRARY_LOAD_FAILED;
+        goto cleanup;
+    }
 
-        C_GetFunctionList_fn = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR))
-                               dlsym(handle, "C_GetFunctionList");
-        if (C_GetFunctionList_fn == NULL) {
-            rv = CKR_LIBRARY_LOAD_FAILED;
-            goto cleanup;
-        }
+    C_GetFunctionList_fn = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR))
+                           dlsym(handle, "C_GetFunctionList");
+    if (C_GetFunctionList_fn == NULL) {
+        rv = CKR_LIBRARY_LOAD_FAILED;
+        goto cleanup;
+    }
 
-        rv = C_GetFunctionList_fn(&module);
-        if (rv != CKR_OK)
-            goto cleanup;
+    rv = C_GetFunctionList_fn(&module);
+    if (rv != CKR_OK)
+        goto cleanup;
 
-        rv = module->C_Initialize(NULL);
-        if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED)
-            rv = CKR_OK;
-        if (rv == CKR_OK)
-            (void)heim_base_exchange_pointer(&p11_module, module);
+    rv = module->C_Initialize(NULL);
+    if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED)
+        rv = CKR_OK;
+    if (rv == CKR_OK)
+        *((CK_FUNCTION_LIST_PTR_PTR)context) = module;
 
 cleanup:
-        if (handle != NULL && p11_module == NULL)
-            dlclose(handle);
-        /* else leak handle */
-    }
+    if (handle != NULL && p11_module == NULL)
+        dlclose(handle);
+    /* else leak handle */
+}
 
-    return rv;
+static CK_RV
+p11_module_init(void)
+{
+    static heim_base_once_t init_module = HEIM_BASE_ONCE_INIT;
+
+    heim_base_once_f(&init_module, &p11_module, p11_module_init_once);
+
+    return p11_module != NULL ? CKR_OK : CKR_LIBRARY_LOAD_FAILED;
 }
 
 static CK_RV