p11-kit-server and p11-kit-client gets stuck in infinite loop

[Nowa-Ammerlaan]

If on a single machine the p11-kit-server.service is enabled and the client library has been enabled:

.config/pkcs11/modules/p11-kit-client.module:

module: /usr/lib64/pkcs11/p11-kit-client.so

The client/server will get stuck in an infinite loop, eventually crashing the machine when it runs out of RAM and swap.

This might seem like an unusual configuration but it happens when you have a machine that you sometimes access remotely and sometimes use to access other machines remotely. E.g. sometimes I access my computer at home remotely and I need to forward my Nitrokey to it, but when I'm physically sitting behind my computer at home then I sometimes need to forward my Nitrokey to other machines. In this situation I would like to configure both the server and the client on the same computer. However, when you do this the whole machine gets stuck in an infinite loop of the client connecting to the server connecting to the client connecting to the server etc. The eventual end result is OOM.

Proposed solution: p11-kit-client should not (by default) connect to p11-kit-server running on localhost. Or p11-kit-server should ignore the p11-kit-client.so module.