diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-03 15:03:35 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-06 15:41:33 +0100 |
| commit | 9638a7db5212a2af83aec7617038ce586c1099e4 (patch) | |
| tree | 83c12097a1da40ed919453631f27bd1f7f0ed6e8 | |
| parent | 7768d5c93c65fd3b288eaf4a5dde80de28872685 (diff) | |
| download | gnutls-9638a7db5212a2af83aec7617038ce586c1099e4.tar.gz | |
pkcs11: refuse to load modules with duplicate information
That is, when ck_info matches, we soft fail loading the module.
That is, because in several cases the pointers got by p11-kit
may differ for the same modules.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/pkcs11.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/pkcs11.c b/lib/pkcs11.c index 4adfe653b3..ec5754e898 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -233,7 +233,8 @@ pkcs11_add_module(const char* name, struct ck_function_list *module, const char /* initially check if this module is a duplicate */ for (i = 0; i < active_providers; i++) { /* already loaded, skip the rest */ - if (module == providers[i].module) { + if (module == providers[i].module || + memcmp(&info, &providers[i].info, sizeof(info)) == 0) { _gnutls_debug_log("p11: module %s is already loaded.\n", name); return GNUTLS_E_INT_RET_0; } |