Bug 1570306 - softhsm crashes applications using p11-kit-proxy
Summary: softhsm crashes applications using p11-kit-proxy
Keywords:
Status: CLOSED DUPLICATE of bug 1607635
Alias: None
Product: Fedora
Classification: Fedora
Component: softhsm
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Paul Wouters
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-21 20:08 UTC by Francisco de la Peña
Modified: 2018-07-26 18:38 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-25 08:05:00 UTC
Type: Bug

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1607635 'unspecified' 'CLOSED' 'Segfault in ldif2db during ipa-server-install on current Rawhide' 2019-11-22 16:08:25 UTC

Internal Links: 1607635 1608690 1615751

Description Francisco de la Peña 2018-04-21 20:08:58 UTC 
Description of problem:

Several applications using p11-kit-proxy module crash when softhsm is installed. Firefox always crashes on quit and opensc-tools may reproduce a similar crash while listing details from that module.


Version-Release number of selected component (if applicable):

2.3.0-2.fc27, 2.3.0-3.fc28.1


How reproducible:

Always.


Steps to Reproduce:

opensc tools way:

1. Install softhsm and opensc
2. Run: $ pkcs11-tool -L --module /usr/lib64/p11-kit-proxy.so

Firefox way:

1. Install softhsm and firefox
2. Configure NSS to use p11-kit-proxy:
   # alternatives --install /usr/lib64/libnssckbi.so \
     libnssckbi.so.x86_64 /usr/lib64/p11-kit-proxy.so 50
3. Run Firefox (quit Firefox if already opened first) and quit Firefox. 


Actual results:

pkcs11-tool crashes with the command above.
firefox crashes on quit (no abrt but breakpad crash report window instead).

Removing softhsm works around this issue and p11-kit-proxy works without crashes.


Expected results:

It shouldn't crash.
Comment 1 Daiki Ueno 2018-04-23 13:00:44 UTC 
I tried to reproduce it, but couldn't.  Could you provide more information about your configuration:
- NSS and p11-kit package versions
- How softhsm is configured (do you have a token initialized and any certificates/keys in it?)

(In reply to Francisco de la Peña from comment #0)

> 2. Configure NSS to use p11-kit-proxy:
>    # alternatives --install /usr/lib64/libnssckbi.so \
>      libnssckbi.so.x86_64 /usr/lib64/p11-kit-proxy.so 50

This is to explicitly override the default installation, that registers p11-kit-trust.so with priority 30, right?
Comment 2 Nikos Mavrogiannopoulos 2018-07-25 08:05:00 UTC 
Closing as duplicate as it is seen to be related.

*** This bug has been marked as a duplicate of bug 1607635 ***
Comment 3 Francisco de la Peña 2018-07-26 18:38:12 UTC 
> This is to explicitly override the default installation, that registers
> p11-kit-trust.so with priority 30, right?

Yes, it is. Also happens here with the upcoming F29 crypto policies approach.
I didn't configure softhsm, so it should use defaults here.
Tested with latest F28 downstream packages, still reproduceable here.

> Closing as duplicate as it is seen to be related.

Indeed, I can confirm the backtrace is the same there as in bug 1607635, +1.
Note You need to log in before you can comment on or make changes to this bug.