Bug 210660: backed out the main change in the fix for bug 145322 because

the adoption of session is not thread safe. This eliminates most of the saving of sessions, but we must be correct first, and then optimize. r=nicolson,nelsonb. Modified Files: pk11func.h pk11skey.c
sailfishos-mirror · Jun 27, 2003 · 51ee3f7 · 51ee3f7
1 parent feb1697
commit 51ee3f7
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 22 deletions.
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
@@ -264,6 +264,10 @@ PK11SymKey *PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent,
     PRBool owner, void *wincx);
 PK11SymKey *PK11_GetWrapKey(PK11SlotInfo *slot, int wrap,
 			      CK_MECHANISM_TYPE type,int series, void *wincx);
+/*
+ * This function is not thread-safe.  It can only be called when only
+ * one thread has a reference to wrapKey.
+ */
 void PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey);
 CK_MECHANISM_TYPE PK11_GetMechanism(PK11SymKey *symKey);
 CK_OBJECT_HANDLE PK11_ImportPublicKey(PK11SlotInfo *slot, 

diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
@@ -326,6 +326,11 @@ PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
     return symKey;
 }
 
+/*
+ * This function is not thread-safe because it sets wrapKey->sessionOwner
+ * without using a lock or atomic routine.  It can only be called when
+ * only one thread has a reference to wrapKey.
+ */
 void
 PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
 {
@@ -3425,20 +3430,7 @@ PK11_ExitContextMonitor(PK11Context *cx) {
 void
 PK11_DestroyContext(PK11Context *context, PRBool freeit)
 {
-    SECStatus rv = SECFailure;
-    if (context->ownSession && context->key && /* context owns session & key */
-        context->key->session == context->session && /* sharing session */
-        !context->key->sessionOwner)              /* sanity check */
-    {
-	/* session still valid, let the key free it as necessary */
-        rv = PK11_Finalize(context); /* end any ongoing activity */
-	if (rv == SECSuccess) {
-	    context->key->sessionOwner = PR_TRUE;
-	} /* else couldn't finalize the session, close it */
-    }
-    if (rv == SECFailure) {
-	pk11_CloseSession(context->slot,context->session,context->ownSession);
-    }
+    pk11_CloseSession(context->slot,context->session,context->ownSession);
     /* initialize the critical fields of the context */
     if (context->savedData != NULL ) PORT_Free(context->savedData);
     if (context->key) PK11_FreeSymKey(context->key);
@@ -3623,14 +3615,7 @@ static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
     context->operation = operation;
     context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
     context->slot = PK11_ReferenceSlot(slot);
-    if (symKey && symKey->sessionOwner) {
-	/* The symkey owns a session.  Adopt that session. */
-	context->session = symKey->session;
-	context->ownSession = symKey->sessionOwner;
-	symKey->sessionOwner = PR_FALSE;
-    } else {
-	context->session = pk11_GetNewSession(slot, &context->ownSession);
-    }
+    context->session = pk11_GetNewSession(slot,&context->ownSession);
     context->cx = symKey ? symKey->cx : NULL;
     /* get our session */
     context->savedData = NULL;