pkcs11: refuse to load modules with duplicate information

That is, when ck_info matches, we soft fail loading the module. That is, because in several cases the pointers got by p11-kit may differ for the same modules. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-11-03 15:03:35 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-11-03 16:10:59 +0000
commit: 12f4abc02e718e2ab0f7ae80b3026a29028536e7 (patch)
tree: 906487e6bffb832e9cde30229c97b39e79b38ec0 /lib/pkcs11.c
parent: a630d5a5d0ba58766092ba3489e17d73a53b96cd (diff)
download: gnutls-12f4abc02e718e2ab0f7ae80b3026a29028536e7.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 5955f19c61..e6e37c60cf 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -235,7 +235,8 @@ pkcs11_add_module(const char* name, struct ck_function_list *module, unsigned cu
 	/* initially check if this module is a duplicate */
 	for (i = 0; i < active_providers; i++) {
 		/* already loaded, skip the rest */
-		if (module == providers[i].module) {
+		if (module == providers[i].module ||
+		    memcmp(&info, &providers[i].info, sizeof(info)) == 0) {
 			_gnutls_debug_log("p11: module %s is already loaded.\n", name);
 			return GNUTLS_E_INT_RET_0;
 		}
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-11-03 15:03:35 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-11-03 16:10:59 +0000
commit	12f4abc02e718e2ab0f7ae80b3026a29028536e7 (patch)
tree	906487e6bffb832e9cde30229c97b39e79b38ec0 /lib/pkcs11.c
parent	a630d5a5d0ba58766092ba3489e17d73a53b96cd (diff)
download	gnutls-12f4abc02e718e2ab0f7ae80b3026a29028536e7.tar.gz