summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMoonchild <moonchild@palemoon.org>2022-07-27 03:06:40 +0000
committerMoonchild <moonchild@palemoon.org>2022-07-27 03:06:40 +0000
commit713d6ed1b4453c13cf47610f7ec01689e8814cb8 (patch)
tree49f77b249919682df54da3bba053c590a8945db7
parent515ba7c8872beecc185abb5572e414335c8fd009 (diff)
downloaduxp-713d6ed1b4453c13cf47610f7ec01689e8814cb8.tar.gz
[NSS] protect SFTKSlot needLogin with slotLock.
-rw-r--r--security/nss/lib/softoken/pkcs11.c67
-rw-r--r--security/nss/lib/softoken/pkcs11i.h2
2 files changed, 53 insertions, 16 deletions
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
index 93150cd789..ed723985a6 100644
--- a/security/nss/lib/softoken/pkcs11.c
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -1652,6 +1652,7 @@ sftk_handleObject(SFTKObject *object, SFTKSession *session)
CK_OBJECT_HANDLE handle;
CK_BBOOL ckfalse = CK_FALSE;
CK_BBOOL cktrue = CK_TRUE;
+ PRBool isLoggedIn, needLogin;
CK_RV crv;
/* make sure all the base object types are defined. If not set the
@@ -1669,9 +1670,13 @@ sftk_handleObject(SFTKObject *object, SFTKSession *session)
if (crv != CKR_OK)
return crv;
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
/* don't create a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (sftk_isTrue(object, CKA_PRIVATE))) {
+ if (!isLoggedIn && needLogin && (sftk_isTrue(object, CKA_PRIVATE))) {
return CKR_USER_NOT_LOGGED_IN;
}
@@ -3617,11 +3622,18 @@ NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
static PRBool
sftk_checkNeedLogin(SFTKSlot *slot, SFTKDBHandle *keyHandle)
{
+ PRBool needLogin;
if (sftkdb_PWCached(keyHandle) == SECSuccess) {
- return slot->needLogin;
+ PZ_Lock(slot->slotLock);
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+ } else {
+ needLogin = (PRBool)!sftk_hasNullPassword(slot, keyHandle);
+ PZ_Lock(slot->slotLock);
+ slot->needLogin = needLogin;
+ PZ_Unlock(slot->slotLock);
}
- slot->needLogin = (PRBool)!sftk_hasNullPassword(slot, keyHandle);
- return (slot->needLogin);
+ return needLogin;
}
static PRBool
@@ -4021,8 +4033,11 @@ NSC_InitPIN(CK_SESSION_HANDLE hSession,
/* Now update our local copy of the pin */
if (rv == SECSuccess) {
- if (ulPinLen == 0)
+ if (ulPinLen == 0) {
+ PZ_Lock(slot->slotLock);
slot->needLogin = PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+ }
/* database has been initialized, now force min password in FIPS
* mode. NOTE: if we are in level1, we may not have a password, but
* forcing it now will prevent an insufficient password from being set.
@@ -4057,6 +4072,7 @@ NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
char newPinStr[SFTK_MAX_PIN + 1], oldPinStr[SFTK_MAX_PIN + 1];
SECStatus rv;
CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ PRBool needLogin;
PRBool tokenRemoved = PR_FALSE;
CHECK_FORK();
@@ -4077,7 +4093,10 @@ NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
return CKR_PIN_LEN_RANGE; /* XXX FIXME wrong return value */
}
- if (slot->needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
+ PZ_Lock(slot->slotLock);
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+ if (needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
crv = CKR_USER_NOT_LOGGED_IN;
goto loser;
}
@@ -4305,6 +4324,8 @@ NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
CK_RV crv;
char pinStr[SFTK_MAX_PIN + 1];
PRBool tokenRemoved = PR_FALSE;
+ PRBool isLoggedIn;
+ PRBool needLogin;
CHECK_FORK();
@@ -4328,9 +4349,14 @@ NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
return CKR_USER_TYPE_INVALID;
}
- if (slot->isLoggedIn)
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
+ if (isLoggedIn)
return CKR_USER_ALREADY_LOGGED_IN;
- if (!slot->needLogin) {
+ if (!needLogin) {
return ulPinLen ? CKR_PIN_INCORRECT : CKR_OK;
}
slot->ssoLoggedIn = PR_FALSE;
@@ -4793,7 +4819,7 @@ NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
SFTKSession *session;
SFTKObject *object;
SFTKAttribute *attribute;
- PRBool sensitive;
+ PRBool sensitive, isLoggedIn, needLogin;
CK_RV crv;
int i;
@@ -4824,9 +4850,13 @@ NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
return CKR_OBJECT_HANDLE_INVALID;
}
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
/* don't read a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (sftk_isTrue(object, CKA_PRIVATE))) {
+ if (!isLoggedIn && needLogin && (sftk_isTrue(object, CKA_PRIVATE))) {
sftk_FreeObject(object);
return CKR_USER_NOT_LOGGED_IN;
}
@@ -4867,7 +4897,7 @@ NSC_SetAttributeValue(CK_SESSION_HANDLE hSession,
SFTKSession *session;
SFTKAttribute *attribute;
SFTKObject *object;
- PRBool isToken;
+ PRBool isToken, isLoggedIn, needLogin;
CK_RV crv = CKR_OK;
CK_BBOOL legal;
int i;
@@ -4891,9 +4921,13 @@ NSC_SetAttributeValue(CK_SESSION_HANDLE hSession,
return CKR_OBJECT_HANDLE_INVALID;
}
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
/* don't modify a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (sftk_isTrue(object, CKA_PRIVATE))) {
+ if (!isLoggedIn && needLogin && (sftk_isTrue(object, CKA_PRIVATE))) {
sftk_FreeSession(session);
sftk_FreeObject(object);
return CKR_USER_NOT_LOGGED_IN;
@@ -5171,7 +5205,10 @@ NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
search->index = 0;
search->size = 0;
search->array_size = NSC_SEARCH_BLOCK_SIZE;
+
+ PZ_Lock(slot->slotLock);
isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
+ PZ_Unlock(slot->slotLock);
crv = sftk_searchTokenList(slot, search, pTemplate, ulCount, isLoggedIn);
if (crv != CKR_OK) {
diff --git a/security/nss/lib/softoken/pkcs11i.h b/security/nss/lib/softoken/pkcs11i.h
index 1630442c9f..0e5153b7b0 100644
--- a/security/nss/lib/softoken/pkcs11i.h
+++ b/security/nss/lib/softoken/pkcs11i.h
@@ -318,7 +318,7 @@ struct SFTKSessionStr {
* object hash tables (sessObjHashTable[] and tokObjHashTable), and
* sessionObjectHandleCount.
* slotLock protects the remaining protected elements:
- * password, isLoggedIn, ssoLoggedIn, and sessionCount,
+ * password, needLogin, isLoggedIn, ssoLoggedIn, and sessionCount,
* and pwCheckLock serializes the key database password checks in
* NSC_SetPIN and NSC_Login.
*