1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
|
#include <stdlib.h>
#include "cryptoki-capi.h"
typedef struct _SessionList {
Session **list;
size_t lmax;
} SessionList;
/* These are protected by global_mutex */
static SessionList the_sessions = { NULL, 0 };
Session*
ckcapi_session_create(void)
{
Session* sess = calloc(1, sizeof(Session));
if(!sess)
return NULL;
sess->mutex = CreateMutex(NULL, FALSE, NULL);
if(!sess->mutex)
{
free(sess);
return NULL;
}
DBGS(sess, "created");
return sess;
}
CK_RV
ckcapi_session_register(Session* sess)
{
CK_ULONG id = 0;
CK_RV ret = CKR_OK;
size_t i;
ASSERT(sess);
ASSERT(sess->id == 0 && sess->refs == 0);
DBGS(sess, "registering new session");
ckcapi_lock_global();
/* Find a nice session identifier */
while(id == 0) {
/*
* PKCS#11 GRAY AREA: We're assuming we can reuse session
* handles. PKCS#11 spec says they're like file handles,
* and file handles get reused :)
*/
/* Note we never put anything in array position '0' */
for(i = 1; i < the_sessions.lmax; ++i)
{
/* Any empty position will do */
if(!the_sessions.list[i])
{
id = i;
break;
}
}
/* Couldn't find a handle, reallocate */
if(id == 0)
{
Session** buf;
size_t oldmax, newmax;
oldmax = the_sessions.lmax;
newmax = oldmax + 16;
buf = realloc(the_sessions.list, newmax * sizeof(Session*));
if(!buf)
{
DBGS(sess, ("couldn't allocate session list, out of memory"));
ret = CKR_HOST_MEMORY;
break;
}
/* Choose the first of the new block as the id */
id = oldmax;
/* Clear new memory */
the_sessions.list = buf;
for( ; oldmax < newmax; ++oldmax)
buf[oldmax] = NULL;
the_sessions.lmax = newmax;
DBG(("allocated new session list: %d max", newmax));
}
}
if(ret == CKR_OK)
{
ASSERT(id > 0 && id < the_sessions.lmax);
ASSERT(the_sessions.list[id] == NULL);
/* And assign it to the session handle */
the_sessions.list[id] = sess;
sess->id = id;
/* The session list reference */
ASSERT(sess->refs == 0);
sess->refs++;
DBGS(sess, "registered sesson id");
}
ckcapi_unlock_global();
return ret;
}
void
ckcapi_session_destroy(Session* sess)
{
ASSERT(sess);
ASSERT(sess->refs == 0);
/* Ask any pending operations to cleanup */
if(sess->operation_type)
{
ASSERT(sess->operation_cancel);
(sess->operation_cancel)(sess);
}
ASSERT(sess->operation_type == 0);
ASSERT(sess->operation_data == NULL);
ASSERT(sess->operation_cancel == NULL);
/* And make the mutex go away */
ASSERT(sess->mutex != NULL);
CloseHandle(sess->mutex);
DBGS(sess, "destroyed");
free(sess);
}
static CK_RV
find_lock_ref_internal(SessionList* sessions, CK_SESSION_HANDLE id,
int remove, Session** sess_ret)
{
Session *sess;
DWORD r;
ASSERT(sessions);
ASSERT(sess_ret);
if(id >= sessions->lmax)
{
DBG(("invalid session id: %d", id));
return CKR_SESSION_HANDLE_INVALID;
}
/* A seemingly valid id */
ASSERT(sessions->list);
sess = sessions->list[id];
if(!sess)
{
DBG(("session does not exist: %d", id));
return CKR_SESSION_HANDLE_INVALID;
}
ASSERT(sess->id == id);
/* Closing takes precedence over active operations */
if(!remove)
{
/*
* An initial check is done to make sure this session is not active.
* This is done outside of the lock. The real check is done later
* inside a lock. This is so we can return quickly without blocking
* in most cases.
*/
if(sess->in_call)
{
DBGS(sess, ("an operation is already active in this session"));
return CKR_OPERATION_ACTIVE;
}
}
/* Lock the CallSession */
r = WaitForSingleObject(sess->mutex, INFINITE);
ASSERT(r == WAIT_OBJECT_0);
/* Do the real check */
if(!remove && sess->in_call)
{
ReleaseMutex(sess->mutex);
DBGS(sess, ("an operation is already active in this session"));
return CKR_OPERATION_ACTIVE;
}
/* Make sure it doesn't go away */
ASSERT(sess->refs > 0);
sess->refs++;
DBGS(sess, "found and locked session");
/* And remove it if necessary */
if(remove)
{
sessions->list[id] = NULL;
/* The session list reference */
sess->refs--;
ASSERT(sess->refs > 0);
DBGS(sess, "removed session from list");
}
else
{
ASSERT(!sess->in_call);
sess->in_call = 1;
}
*sess_ret = sess;
return CKR_OK;
}
CK_RV
ckcapi_session_find_lock_ref(CK_ULONG id, int remove, Session **sess)
{
/* This must be called without any locks held */
CK_RV ret = CKR_OK;
ASSERT(sess);
if(id <= 0)
{
DBG(("invalid session id passed: %d", id));
return CKR_ARGUMENTS_BAD;
}
ckcapi_lock_global();
ret = find_lock_ref_internal (&the_sessions, id, remove, sess);
ckcapi_unlock_global();
return ret;
}
void
ckcapi_session_unref_unlock(Session* sess)
{
/* The CallSession must be locked at this point */
int refs;
BOOL r;
ASSERT(sess);
ASSERT(sess->refs > 0);
sess->refs--;
refs = sess->refs;
sess->in_call = 0;
DBGS(sess, "unlocked session");
r = ReleaseMutex(sess->mutex);
ASSERT(r == TRUE);
/*
* At this point if no references are held, then we can safely
* delete. No other thread should be involved.
*/
if(refs == 0)
ckcapi_session_destroy(sess);
}
void
ckcapi_session_close_all()
{
/* This must be called without any locks held */
SessionList sessions;
Session *sess;
size_t i;
CK_RV ret;
/*
* PKCS#11 GRAY AREA: What happens when this gets called
* concurrently? We don't return an error on the second call,
* because by the time it returns, all sessions should be closed.
*/
ckcapi_lock_global();
/* Steal all the session data */
sessions.list = the_sessions.list;
the_sessions.list = NULL;
sessions.lmax = the_sessions.lmax;
the_sessions.lmax = 0;
if(sessions.list || sessions.lmax)
DBG(("closing all sessions"));
ckcapi_unlock_global();
/* Close each session in turn */
for(i = 1; i < sessions.lmax; ++i)
{
if(!sessions.list[i])
continue;
ret = find_lock_ref_internal (&sessions, i, 1, &sess);
ASSERT(ret == CKR_OK);
ckcapi_session_unref_unlock(sess);
}
/* We stole the memory above, free it now */
if(sessions.list)
{
free(sessions.list);
DBG(("freed session list"));
}
}
|
