Open Bug 495361 Opened 16 years ago Updated 1 year ago

Two minor problems with the handling of CKR_CRYPTOKI_ALREADY_INITIALIZED

Categories

(NSS :: Libraries, defect, P5)

Tracking

(Not tracked)

People

(Reporter: wtc, Unassigned)

Details

Recently when I looked into a problem caused by loading the libnssckbi.so root certs module twice, I found two minor problems with our handling of CKR_CRYPTOKI_ALREADY_INITIALIZED. 1. PK11_MapError maps CKR_CRYPTOKI_ALREADY_INITIALIZED to the dreaded SEC_ERROR_IO in the default case. We should add a new error code SEC_ERROR_xxx_ALREADY_INITIALIZED for this condition. 2. After PK11_GETTAB(mod)->C_Initialize(pInitArgs) fails with CKR_CRYPTOKI_ALREADY_INITIALIZED, secmod_ModuleInit retries with PK11_GETTAB(mod)->C_Initialize(NULL), even though that call will fail with the same error again: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/pk11wrap/pk11load.c&rev=1.25&mark=146-151,164-169#125
Severity: minor → S4
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.