Skip C_Finalize() when pkcs11_CTX_reload() has failed

Author: mtrojnar

src/libp11-int.h

@@ -61,8 +61,9 @@ struct pkcs11_ctx_private {
 	CK_VERSION cryptoki_version;
 	UI_METHOD *ui_method; /* UI_METHOD for CKU_CONTEXT_SPECIFIC PINs */
 	void *ui_user_data;
-	unsigned int forkid;
 	pthread_mutex_t fork_lock;
+	unsigned int forkid;
+	int initialized;
 	void (*vlog_a)(int, const char *, va_list); /* for the logging callback */
 };
 #define PRIVCTX(_ctx)		((PKCS11_CTX_private *) ((_ctx)->_private))

src/p11_load.c

@@ -81,9 +81,11 @@ static int pkcs11_initialize(PKCS11_CTX_private *cpriv)
 	args.pReserved = cpriv->init_args;
 	rv = cpriv->method->C_Initialize(&args);
 	if (rv && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
+		cpriv->initialized = 0;
 		CKRerr(P11_F_PKCS11_CTX_LOAD, rv);
 		return -1;
 	}
+	cpriv->initialized = 1;
 	return 0;
 }
 
@@ -103,18 +105,15 @@ int pkcs11_CTX_load(PKCS11_CTX *ctx, const char *name)
 	}
 
 	if (pkcs11_initialize(cpriv)) {
-		C_UnloadModule(cpriv->handle);
-		cpriv->handle = NULL;
+		pkcs11_CTX_unload(ctx);
 		return -1;
 	}
 
 	/* Get info on the library */
 	memset(&ck_info, 0, sizeof(ck_info));
 	rv = cpriv->method->C_GetInfo(&ck_info);
 	if (rv) {
-		cpriv->method->C_Finalize(NULL);
-		C_UnloadModule(cpriv->handle);
-		cpriv->handle = NULL;
+		pkcs11_CTX_unload(ctx);
 		CKRerr(P11_F_PKCS11_CTX_LOAD, rv);
 		return -1;
 	}
@@ -144,16 +143,18 @@ void pkcs11_CTX_unload(PKCS11_CTX *ctx)
 {
 	PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
 
-	if (!cpriv->method || !cpriv->handle) /* Module not loaded */
-		return;
-
 	/* Tell the PKCS11 library to shut down */
-	if (cpriv->forkid == get_forkid())
-		cpriv->method->C_Finalize(NULL);
+	if (cpriv->method) {
+		if (cpriv->initialized && cpriv->forkid == get_forkid())
+			cpriv->method->C_Finalize(NULL);
+		cpriv->method = NULL;
+	}
 
 	/* Unload the module */
-	C_UnloadModule(cpriv->handle);
-	cpriv->handle = NULL;
+	if (cpriv->handle) {
+		C_UnloadModule(cpriv->handle);
+		cpriv->handle = NULL;
+	}
 }
 
 /*