Refuse to load the p11-kit-proxy.so as a registered module

 * Since p11-kit-proxy.so is a symlink to the libp11-kit.so library
   we check that we are not calling into our known CK_FUNCTION_LIST
   for the proxy code.
 * Although such a configuration is invalid, detecting this directly
   prevents strange initialization loop issues that are hard to debug.

https://bugs.freedesktop.org/show_bug.cgi?id=55052

1 files changed, 2 insertions, 5 deletions

diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
index bae25d3..a4b947a 100644
--- a/p11-kit/proxy.c
+++ b/p11-kit/proxy.c
@@ -69,9 +69,6 @@ typedef struct _Session {
 	CK_SLOT_ID wrap_slot;
 } Session;
 
-/* Forward declaration */
-static CK_FUNCTION_LIST proxy_function_list;
-
 /*
  * Shared data between threads, protected by the mutex, a structure so
  * we can audit thread safety easier.
@@ -365,7 +362,7 @@ proxy_C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
 	/* Can be called before C_Initialize */
 
 	return_val_if_fail (list != NULL, CKR_ARGUMENTS_BAD);
-	*list = &proxy_function_list;
+	*list = &_p11_proxy_function_list;
 	return CKR_OK;
 }
 
@@ -1312,7 +1309,7 @@ proxy_C_GenerateRandom (CK_SESSION_HANDLE handle, CK_BYTE_PTR random_data,
  * MODULE ENTRY POINT
  */
 
-static CK_FUNCTION_LIST proxy_function_list = {
+CK_FUNCTION_LIST _p11_proxy_function_list = {
 	{ CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR },  /* version */
 	proxy_C_Initialize,
 	proxy_C_Finalize,