In the case where the last non-critical module initialization failed the entire initialization of all registered p11-kit modules would fail. This was because the result rv code was not being reset corretly. This was not taken into account for this patch: http://cgit.freedesktop.org/p11-glue/p11-kit/commit/?id=483db3ee5d0c0e92dd8ecd8bf0cbefaa6254b6eb
Created attachment 67328 [details] [review] Don't fail initialization if last initialized module fails * We weren't resetting the result code after a failure, so even though failures for critical modules didn't interrupt the initialization loop, the result still leaked to callers. * Also print an error message clearly indicating that a module failed to initialize, regardless of whether critical or not.
To try this out, Set 'user-config: only' in ~/.pkcs11/pkcs11.conf Then make sure that only a filed called 'nss.module' exists in ~/.pkcs11/modules/, with (invalid) contents like this: module: /usr/lib64/libsoftokn3.so x-init-reserved: configdir='sql:/blah/.pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags=optimizeSpace updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' Before the patch 'p11-kit -l' would return a non-zero exit code. After it'll return success.
This was pushed into git master before the 0.15.1 release.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.