Re: [Opensc-devel] C_Login returns CKR_GENERAL_ERROR / SCardBeginTransaction failed: 0x8010001d

[David W. <dw...@in...>]

On Tue, 2015-05-05 at 23:15 +0100, David Woodhouse wrote:
> 
> Here's a test case. I've verified that it fails with OpenSC with both 
> a PIV device (Yubikey NEO) and a Feitian ePass PKI token:

And this "fixes" it, although obviously it's more of a proof of
concept than something we could apply as-is:

Are our file descriptors all opened with O_CLOEXEC, btw?

diff --git a/src/pkcs11/pkcs11-global.c b/src/pkcs11/pkcs11-global.c
index aa50758..c304825 100644
--- a/src/pkcs11/pkcs11-global.c
+++ b/src/pkcs11/pkcs11-global.c
@@ -204,8 +204,29 @@ CK_RV C_Initialize(CK_VOID_PTR pInitArgs)
 
        /* Handle fork() exception */
 #if !defined(_WIN32)
-       if (current_pid != initialized_pid) {
-               C_Finalize(NULL_PTR);
+       if (context != NULL && current_pid != initialized_pid) {
+               void *p;
+               sc_pkcs11_slot_t *slot;
+
+               rv = sc_pkcs11_lock();
+               if (rv != CKR_OK)
+                       return rv;
+
+               /* We cannot touch the PC/SC context since it
+                * belongs to the parent process. FIXME: For now
+                * just leak it */
+               context = NULL;
+
+               while ((p = list_fetch(&sessions)))
+                       free(p);
+               list_destroy(&sessions);
+
+               while ((slot = list_fetch(&virtual_slots))) {
+                       list_destroy(&slot->objects);
+                       free(slot);
+               }
+               list_destroy(&virtual_slots);
+               sc_pkcs11_free_lock();
        }
        initialized_pid = current_pid;
        in_finalize = 0;

-- 
David Woodhouse                            Open Source Technology Centre
Dav...@in...                              Intel Corporation