OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * The following handles the loading, unloading and management of | 5 * The following handles the loading, unloading and management of |
6 * various PCKS #11 modules | 6 * various PCKS #11 modules |
7 */ | 7 */ |
8 | 8 |
9 #include <ctype.h> | 9 #include <ctype.h> |
10 #include "pkcs11.h" | 10 #include "pkcs11.h" |
11 #include "seccomon.h" | 11 #include "seccomon.h" |
12 #include "secmod.h" | 12 #include "secmod.h" |
13 #include "secmodi.h" | 13 #include "secmodi.h" |
14 #include "secmodti.h" | 14 #include "secmodti.h" |
15 #include "pki3hack.h" | 15 #include "pki3hack.h" |
16 #include "secerr.h" | 16 #include "secerr.h" |
17 | 17 |
18 #include "pk11pars.h" | 18 #include "utilpars.h" |
19 | 19 |
20 /* create a new module */ | 20 /* create a new module */ |
21 static SECMODModule * | 21 static SECMODModule * |
22 secmod_NewModule(void) | 22 secmod_NewModule(void) |
23 { | 23 { |
24 SECMODModule *newMod; | 24 SECMODModule *newMod; |
25 PRArenaPool *arena; | 25 PRArenaPool *arena; |
26 | 26 |
27 | 27 |
28 /* create an arena in which dllName and commonName can be | 28 /* create an arena in which dllName and commonName can be |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
141 if (mod == NULL) return NULL; | 141 if (mod == NULL) return NULL; |
142 | 142 |
143 mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : ""); | 143 mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : ""); |
144 if (library) { | 144 if (library) { |
145 mod->dllName = PORT_ArenaStrdup(mod->arena,library); | 145 mod->dllName = PORT_ArenaStrdup(mod->arena,library); |
146 } | 146 } |
147 /* new field */ | 147 /* new field */ |
148 if (parameters) { | 148 if (parameters) { |
149 mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters); | 149 mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters); |
150 } | 150 } |
151 mod->internal = secmod_argHasFlag("flags","internal",nssc); | 151 mod->internal = NSSUTIL_ArgHasFlag("flags","internal",nssc); |
152 mod->isFIPS = secmod_argHasFlag("flags","FIPS",nssc); | 152 mod->isFIPS = NSSUTIL_ArgHasFlag("flags","FIPS",nssc); |
153 mod->isCritical = secmod_argHasFlag("flags","critical",nssc); | 153 mod->isCritical = NSSUTIL_ArgHasFlag("flags","critical",nssc); |
154 slotParams = secmod_argGetParamValue("slotParams",nssc); | 154 slotParams = NSSUTIL_ArgGetParamValue("slotParams",nssc); |
155 mod->slotInfo = secmod_argParseSlotInfo(mod->arena,slotParams, | 155 mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena,slotParams, |
156 &mod->slotInfoCount); | 156 &mod->slotInfoCount); |
157 if (slotParams) PORT_Free(slotParams); | 157 if (slotParams) PORT_Free(slotParams); |
158 /* new field */ | 158 /* new field */ |
159 mod->trustOrder = secmod_argReadLong("trustOrder",nssc, | 159 mod->trustOrder = NSSUTIL_ArgReadLong("trustOrder",nssc, |
160 » » » » » SECMOD_DEFAULT_TRUST_ORDER,NULL); | 160 » » » » » NSSUTIL_DEFAULT_TRUST_ORDER,NULL); |
161 /* new field */ | 161 /* new field */ |
162 mod->cipherOrder = secmod_argReadLong("cipherOrder",nssc, | 162 mod->cipherOrder = NSSUTIL_ArgReadLong("cipherOrder",nssc, |
163 » » » » » SECMOD_DEFAULT_CIPHER_ORDER,NULL); | 163 » » » » » NSSUTIL_DEFAULT_CIPHER_ORDER,NULL); |
164 /* new field */ | 164 /* new field */ |
165 mod->isModuleDB = secmod_argHasFlag("flags","moduleDB",nssc); | 165 mod->isModuleDB = NSSUTIL_ArgHasFlag("flags","moduleDB",nssc); |
166 mod->moduleDBOnly = secmod_argHasFlag("flags","moduleDBOnly",nssc); | 166 mod->moduleDBOnly = NSSUTIL_ArgHasFlag("flags","moduleDBOnly",nssc); |
167 if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE; | 167 if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE; |
168 | 168 |
169 /* we need more bits, but we also want to preserve binary compatibility | 169 /* we need more bits, but we also want to preserve binary compatibility |
170 * so we overload the isModuleDB PRBool with additional flags. | 170 * so we overload the isModuleDB PRBool with additional flags. |
171 * These flags are only valid if mod->isModuleDB is already set. | 171 * These flags are only valid if mod->isModuleDB is already set. |
172 * NOTE: this depends on the fact that PRBool is at least a char on | 172 * NOTE: this depends on the fact that PRBool is at least a char on |
173 * all platforms. These flags are only valid if moduleDB is set, so | 173 * all platforms. These flags are only valid if moduleDB is set, so |
174 * code checking if (mod->isModuleDB) will continue to work correctly. */ | 174 * code checking if (mod->isModuleDB) will continue to work correctly. */ |
175 if (mod->isModuleDB) { | 175 if (mod->isModuleDB) { |
176 char flags = SECMOD_FLAG_MODULE_DB_IS_MODULE_DB; | 176 char flags = SECMOD_FLAG_MODULE_DB_IS_MODULE_DB; |
177 » if (secmod_argHasFlag("flags","skipFirst",nssc)) { | 177 » if (NSSUTIL_ArgHasFlag("flags","skipFirst",nssc)) { |
178 flags |= SECMOD_FLAG_MODULE_DB_SKIP_FIRST; | 178 flags |= SECMOD_FLAG_MODULE_DB_SKIP_FIRST; |
179 } | 179 } |
180 » if (secmod_argHasFlag("flags","defaultModDB",nssc)) { | 180 » if (NSSUTIL_ArgHasFlag("flags","defaultModDB",nssc)) { |
181 flags |= SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB; | 181 flags |= SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB; |
182 } | 182 } |
183 /* additional moduleDB flags could be added here in the future */ | 183 /* additional moduleDB flags could be added here in the future */ |
184 mod->isModuleDB = (PRBool) flags; | 184 mod->isModuleDB = (PRBool) flags; |
185 } | 185 } |
186 | 186 |
187 if (mod->internal) { | 187 if (mod->internal) { |
188 char flags = SECMOD_FLAG_INTERNAL_IS_INTERNAL; | 188 char flags = SECMOD_FLAG_INTERNAL_IS_INTERNAL; |
189 | 189 |
190 » if (secmod_argHasFlag("flags", "internalKeySlot", nssc)) { | 190 » if (NSSUTIL_ArgHasFlag("flags", "internalKeySlot", nssc)) { |
191 flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT; | 191 flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT; |
192 } | 192 } |
193 mod->internal = (PRBool) flags; | 193 mod->internal = (PRBool) flags; |
194 } | 194 } |
195 | 195 |
196 ciphers = secmod_argGetParamValue("ciphers",nssc); | 196 ciphers = NSSUTIL_ArgGetParamValue("ciphers",nssc); |
197 secmod_argSetNewCipherFlags(&mod->ssl[0],ciphers); | 197 NSSUTIL_ArgParseCipherFlags(&mod->ssl[0],ciphers); |
198 if (ciphers) PORT_Free(ciphers); | 198 if (ciphers) PORT_Free(ciphers); |
199 | 199 |
200 secmod_PrivateModuleCount++; | 200 secmod_PrivateModuleCount++; |
201 | 201 |
202 return mod; | 202 return mod; |
203 } | 203 } |
204 | 204 |
205 PRBool | 205 PRBool |
206 SECMOD_GetSkipFirstFlag(SECMODModule *mod) | 206 SECMOD_GetSkipFirstFlag(SECMODModule *mod) |
207 { | 207 { |
(...skipping 24 matching lines...) Expand all Loading... |
232 char flags = (char) mod->internal; | 232 char flags = (char) mod->internal; |
233 | 233 |
234 if (val) { | 234 if (val) { |
235 flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT; | 235 flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT; |
236 } else { | 236 } else { |
237 flags &= ~SECMOD_FLAG_INTERNAL_KEY_SLOT; | 237 flags &= ~SECMOD_FLAG_INTERNAL_KEY_SLOT; |
238 } | 238 } |
239 mod->internal = flags; | 239 mod->internal = flags; |
240 } | 240 } |
241 | 241 |
242 /* forward declarations */ | |
243 static int secmod_escapeSize(const char *string, char quote); | |
244 static char *secmod_addEscape(const char *string, char quote); | |
245 | |
246 /* | 242 /* |
247 * copy desc and value into target. Target is known to be big enough to | 243 * copy desc and value into target. Target is known to be big enough to |
248 * hold desc +2 +value, which is good because the result of this will be | 244 * hold desc +2 +value, which is good because the result of this will be |
249 * *desc"*value". We may, however, have to add some escapes for special | 245 * *desc"*value". We may, however, have to add some escapes for special |
250 * characters imbedded into value (rare). This string potentially comes from | 246 * characters imbedded into value (rare). This string potentially comes from |
251 * a user, so we don't want the user overflowing the target buffer by using | 247 * a user, so we don't want the user overflowing the target buffer by using |
252 * excessive escapes. To prevent this we count the escapes we need to add and | 248 * excessive escapes. To prevent this we count the escapes we need to add and |
253 * try to expand the buffer with Realloc. | 249 * try to expand the buffer with Realloc. |
254 */ | 250 */ |
255 static char * | 251 static char * |
256 secmod_doDescCopy(char *target, int *targetLen, const char *desc, | 252 secmod_doDescCopy(char *target, int *targetLen, const char *desc, |
257 int descLen, char *value) | 253 int descLen, char *value) |
258 { | 254 { |
259 int diff, esc_len; | 255 int diff, esc_len; |
260 | 256 |
261 esc_len = secmod_escapeSize(value, '\"') - 1; | 257 esc_len = NSSUTIL_EscapeSize(value, '\"') - 1; |
262 diff = esc_len - strlen(value); | 258 diff = esc_len - strlen(value); |
263 if (diff > 0) { | 259 if (diff > 0) { |
264 /* we need to escape... expand newSpecPtr as well to make sure | 260 /* we need to escape... expand newSpecPtr as well to make sure |
265 * we don't overflow it */ | 261 * we don't overflow it */ |
266 char *newPtr = PORT_Realloc(target, *targetLen * diff); | 262 char *newPtr = PORT_Realloc(target, *targetLen * diff); |
267 if (!newPtr) { | 263 if (!newPtr) { |
268 return target; /* not enough space, just drop the whole copy */ | 264 return target; /* not enough space, just drop the whole copy */ |
269 } | 265 } |
270 *targetLen += diff; | 266 *targetLen += diff; |
271 target = newPtr; | 267 target = newPtr; |
272 » value = secmod_addEscape(value, '\"'); | 268 » value = NSSUTIL_Escape(value, '\"'); |
273 if (value == NULL) { | 269 if (value == NULL) { |
274 return target; /* couldn't escape value, just drop the copy */ | 270 return target; /* couldn't escape value, just drop the copy */ |
275 } | 271 } |
276 } | 272 } |
277 PORT_Memcpy(target, desc, descLen); | 273 PORT_Memcpy(target, desc, descLen); |
278 target += descLen; | 274 target += descLen; |
279 *target++='\"'; | 275 *target++='\"'; |
280 PORT_Memcpy(target, value, esc_len); | 276 PORT_Memcpy(target, value, esc_len); |
281 target += esc_len; | 277 target += esc_len; |
282 *target++='\"'; | 278 *target++='\"'; |
| 279 if (diff > 0) { |
| 280 PORT_Free(value); |
| 281 } |
283 return target; | 282 return target; |
284 } | 283 } |
285 | 284 |
286 #define SECMOD_SPEC_COPY(new, start, end) \ | 285 #define SECMOD_SPEC_COPY(new, start, end) \ |
287 if (end > start) { \ | 286 if (end > start) { \ |
288 int _cnt = end - start; \ | 287 int _cnt = end - start; \ |
289 PORT_Memcpy(new, start, _cnt); \ | 288 PORT_Memcpy(new, start, _cnt); \ |
290 new += _cnt; \ | 289 new += _cnt; \ |
291 } | 290 } |
292 #define SECMOD_TOKEN_DESCRIPTION "tokenDescription=" | 291 #define SECMOD_TOKEN_DESCRIPTION "tokenDescription=" |
(...skipping 27 matching lines...) Expand all Loading... |
320 int i; | 319 int i; |
321 | 320 |
322 if (newSpec == NULL) { | 321 if (newSpec == NULL) { |
323 return NULL; | 322 return NULL; |
324 } | 323 } |
325 | 324 |
326 *children = NULL; | 325 *children = NULL; |
327 if (ids) { | 326 if (ids) { |
328 *ids = NULL; | 327 *ids = NULL; |
329 } | 328 } |
330 moduleSpec = secmod_argStrip(moduleSpec); | 329 moduleSpec = NSSUTIL_ArgStrip(moduleSpec); |
331 SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec); | 330 SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec); |
332 | 331 |
333 /* Notes on 'convert' and 'isFIPS' flags: The base parameters for opening | 332 /* Notes on 'convert' and 'isFIPS' flags: The base parameters for opening |
334 * a new softoken module takes the following parameters to name the | 333 * a new softoken module takes the following parameters to name the |
335 * various tokens: | 334 * various tokens: |
336 * | 335 * |
337 * cryptoTokenDescription: name of the non-fips crypto token. | 336 * cryptoTokenDescription: name of the non-fips crypto token. |
338 * cryptoSlotDescription: name of the non-fips crypto slot. | 337 * cryptoSlotDescription: name of the non-fips crypto slot. |
339 * dbTokenDescription: name of the non-fips db token. | 338 * dbTokenDescription: name of the non-fips db token. |
340 * dbSlotDescription: name of the non-fips db slot. | 339 * dbSlotDescription: name of the non-fips db slot. |
(...skipping 11 matching lines...) Expand all Loading... |
352 * (either db or FIPS based on the isFIPS flag) to tokenDescription and | 351 * (either db or FIPS based on the isFIPS flag) to tokenDescription and |
353 * slotDescription). | 352 * slotDescription). |
354 */ | 353 */ |
355 /* | 354 /* |
356 * walk down the list. if we find a tokens= argument, save it, | 355 * walk down the list. if we find a tokens= argument, save it, |
357 * otherise copy the argument. | 356 * otherise copy the argument. |
358 */ | 357 */ |
359 while (*moduleSpec) { | 358 while (*moduleSpec) { |
360 int next; | 359 int next; |
361 modulePrev = moduleSpec; | 360 modulePrev = moduleSpec; |
362 » SECMOD_HANDLE_STRING_ARG(moduleSpec, target, "tokens=", | 361 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, target, "tokens=", |
363 modulePrev = moduleSpec; /* skip copying */ ) | 362 modulePrev = moduleSpec; /* skip copying */ ) |
364 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoTokenDescription=", | 363 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoTokenDescription=", |
365 if (convert) { modulePrev = moduleSpec; } ); | 364 if (convert) { modulePrev = moduleSpec; } ); |
366 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoSlotDescription=", | 365 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoSlotDescription=", |
367 if (convert) { modulePrev = moduleSpec; } ); | 366 if (convert) { modulePrev = moduleSpec; } ); |
368 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "dbTokenDescription=", | 367 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbTokenDescription=", |
369 if (convert) { | 368 if (convert) { |
370 modulePrev = moduleSpec; | 369 modulePrev = moduleSpec; |
371 if (!isFIPS) { | 370 if (!isFIPS) { |
372 newSpecPtr = secmod_doDescCopy(newSpecPtr, | 371 newSpecPtr = secmod_doDescCopy(newSpecPtr, |
373 &newSpecLen, SECMOD_TOKEN_DESCRIPTION, | 372 &newSpecLen, SECMOD_TOKEN_DESCRIPTION, |
374 sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp); | 373 sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp); |
375 } | 374 } |
376 }); | 375 }); |
377 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "dbSlotDescription=", | 376 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbSlotDescription=", |
378 if (convert) { | 377 if (convert) { |
379 modulePrev = moduleSpec; /* skip copying */ | 378 modulePrev = moduleSpec; /* skip copying */ |
380 if (!isFIPS) { | 379 if (!isFIPS) { |
381 newSpecPtr = secmod_doDescCopy(newSpecPtr, | 380 newSpecPtr = secmod_doDescCopy(newSpecPtr, |
382 &newSpecLen, SECMOD_SLOT_DESCRIPTION, | 381 &newSpecLen, SECMOD_SLOT_DESCRIPTION, |
383 sizeof(SECMOD_SLOT_DESCRIPTION)-1, tmp); | 382 sizeof(SECMOD_SLOT_DESCRIPTION)-1, tmp); |
384 } | 383 } |
385 } ); | 384 } ); |
386 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSTokenDescription=", | 385 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSTokenDescription=", |
387 if (convert) { | 386 if (convert) { |
388 modulePrev = moduleSpec; /* skip copying */ | 387 modulePrev = moduleSpec; /* skip copying */ |
389 if (isFIPS) { | 388 if (isFIPS) { |
390 newSpecPtr = secmod_doDescCopy(newSpecPtr, | 389 newSpecPtr = secmod_doDescCopy(newSpecPtr, |
391 &newSpecLen, SECMOD_TOKEN_DESCRIPTION, | 390 &newSpecLen, SECMOD_TOKEN_DESCRIPTION, |
392 sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp); | 391 sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp); |
393 } | 392 } |
394 } ); | 393 } ); |
395 » SECMOD_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSSlotDescription=", | 394 » NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSSlotDescription=", |
396 if (convert) { | 395 if (convert) { |
397 modulePrev = moduleSpec; /* skip copying */ | 396 modulePrev = moduleSpec; /* skip copying */ |
398 if (isFIPS) { | 397 if (isFIPS) { |
399 newSpecPtr = secmod_doDescCopy(newSpecPtr, | 398 newSpecPtr = secmod_doDescCopy(newSpecPtr, |
400 &newSpecLen, SECMOD_SLOT_DESCRIPTION, | 399 &newSpecLen, SECMOD_SLOT_DESCRIPTION, |
401 sizeof(SECMOD_SLOT_DESCRIPTION)-1, tmp); | 400 sizeof(SECMOD_SLOT_DESCRIPTION)-1, tmp); |
402 } | 401 } |
403 } ); | 402 } ); |
404 » SECMOD_HANDLE_FINAL_ARG(moduleSpec) | 403 » NSSUTIL_HANDLE_FINAL_ARG(moduleSpec) |
405 SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec); | 404 SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec); |
406 } | 405 } |
407 if (tmp) { | 406 if (tmp) { |
408 PORT_Free(tmp); | 407 PORT_Free(tmp); |
409 tmp = NULL; | 408 tmp = NULL; |
410 } | 409 } |
411 *newSpecPtr = 0; | 410 *newSpecPtr = 0; |
412 | 411 |
413 /* no target found, return the newSpec */ | 412 /* no target found, return the newSpec */ |
414 if (target == NULL) { | 413 if (target == NULL) { |
415 return newSpec; | 414 return newSpec; |
416 } | 415 } |
417 | 416 |
418 /* now build the child array from target */ | 417 /* now build the child array from target */ |
419 /*first count them */ | 418 /*first count them */ |
420 for (tokenIndex = secmod_argStrip(target); *tokenIndex; | 419 for (tokenIndex = NSSUTIL_ArgStrip(target); *tokenIndex; |
421 » tokenIndex = secmod_argStrip(secmod_argSkipParameter(tokenIndex))) { | 420 » tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) { |
422 tokenCount++; | 421 tokenCount++; |
423 } | 422 } |
424 | 423 |
425 childArray = PORT_NewArray(char *, tokenCount+1); | 424 childArray = PORT_NewArray(char *, tokenCount+1); |
426 if (childArray == NULL) { | 425 if (childArray == NULL) { |
427 /* just return the spec as is then */ | 426 /* just return the spec as is then */ |
428 PORT_Free(target); | 427 PORT_Free(target); |
429 return newSpec; | 428 return newSpec; |
430 } | 429 } |
431 if (ids) { | 430 if (ids) { |
432 idArray = PORT_NewArray(CK_SLOT_ID, tokenCount+1); | 431 idArray = PORT_NewArray(CK_SLOT_ID, tokenCount+1); |
433 if (idArray == NULL) { | 432 if (idArray == NULL) { |
434 PORT_Free(childArray); | 433 PORT_Free(childArray); |
435 PORT_Free(target); | 434 PORT_Free(target); |
436 return newSpec; | 435 return newSpec; |
437 } | 436 } |
438 } | 437 } |
439 | 438 |
440 /* now fill them in */ | 439 /* now fill them in */ |
441 for (tokenIndex = secmod_argStrip(target), i=0 ; | 440 for (tokenIndex = NSSUTIL_ArgStrip(target), i=0 ; |
442 *tokenIndex && (i < tokenCount); | 441 *tokenIndex && (i < tokenCount); |
443 » » » tokenIndex=secmod_argStrip(tokenIndex)) { | 442 » » » tokenIndex=NSSUTIL_ArgStrip(tokenIndex)) { |
444 int next; | 443 int next; |
445 » char *name = secmod_argGetName(tokenIndex, &next); | 444 » char *name = NSSUTIL_ArgGetLabel(tokenIndex, &next); |
446 tokenIndex += next; | 445 tokenIndex += next; |
447 | 446 |
448 if (idArray) { | 447 if (idArray) { |
449 » idArray[i] = secmod_argDecodeNumber(name); | 448 » idArray[i] = NSSUTIL_ArgDecodeNumber(name); |
450 } | 449 } |
451 | 450 |
452 PORT_Free(name); /* drop the explicit number */ | 451 PORT_Free(name); /* drop the explicit number */ |
453 | 452 |
454 /* if anything is left, copy the args to the child array */ | 453 /* if anything is left, copy the args to the child array */ |
455 » if (!secmod_argIsBlank(*tokenIndex)) { | 454 » if (!NSSUTIL_ArgIsBlank(*tokenIndex)) { |
456 » childArray[i++] = secmod_argFetchValue(tokenIndex, &next); | 455 » childArray[i++] = NSSUTIL_ArgFetchValue(tokenIndex, &next); |
457 tokenIndex += next; | 456 tokenIndex += next; |
458 } | 457 } |
459 } | 458 } |
460 | 459 |
461 PORT_Free(target); | 460 PORT_Free(target); |
462 childArray[i] = 0; | 461 childArray[i] = 0; |
463 if (idArray) { | 462 if (idArray) { |
464 idArray[i] = 0; | 463 idArray[i] = 0; |
465 } | 464 } |
466 | 465 |
467 /* return it */ | 466 /* return it */ |
468 *children = childArray; | 467 *children = childArray; |
469 if (ids) { | 468 if (ids) { |
470 *ids = idArray; | 469 *ids = idArray; |
471 } | 470 } |
472 return newSpec; | 471 return newSpec; |
473 } | 472 } |
474 | 473 |
475 /* get the database and flags from the spec */ | 474 /* get the database and flags from the spec */ |
476 static char * | 475 static char * |
477 secmod_getConfigDir(char *spec, char **certPrefix, char **keyPrefix, | 476 secmod_getConfigDir(char *spec, char **certPrefix, char **keyPrefix, |
478 PRBool *readOnly) | 477 PRBool *readOnly) |
479 { | 478 { |
480 char * config = NULL; | 479 char * config = NULL; |
481 | 480 |
482 *certPrefix = NULL; | 481 *certPrefix = NULL; |
483 *keyPrefix = NULL; | 482 *keyPrefix = NULL; |
484 *readOnly = secmod_argHasFlag("flags","readOnly",spec); | 483 *readOnly = NSSUTIL_ArgHasFlag("flags","readOnly",spec); |
485 | 484 |
486 spec = secmod_argStrip(spec); | 485 spec = NSSUTIL_ArgStrip(spec); |
487 while (*spec) { | 486 while (*spec) { |
488 int next; | 487 int next; |
489 » SECMOD_HANDLE_STRING_ARG(spec, config, "configdir=", ;) | 488 » NSSUTIL_HANDLE_STRING_ARG(spec, config, "configdir=", ;) |
490 » SECMOD_HANDLE_STRING_ARG(spec, *certPrefix, "certPrefix=", ;) | 489 » NSSUTIL_HANDLE_STRING_ARG(spec, *certPrefix, "certPrefix=", ;) |
491 » SECMOD_HANDLE_STRING_ARG(spec, *keyPrefix, "keyPrefix=", ;) | 490 » NSSUTIL_HANDLE_STRING_ARG(spec, *keyPrefix, "keyPrefix=", ;) |
492 » SECMOD_HANDLE_FINAL_ARG(spec) | 491 » NSSUTIL_HANDLE_FINAL_ARG(spec) |
493 } | 492 } |
494 return config; | 493 return config; |
495 } | 494 } |
496 | 495 |
497 struct SECMODConfigListStr { | 496 struct SECMODConfigListStr { |
498 char *config; | 497 char *config; |
499 char *certPrefix; | 498 char *certPrefix; |
500 char *keyPrefix; | 499 char *keyPrefix; |
501 PRBool isReadOnly; | 500 PRBool isReadOnly; |
502 }; | 501 }; |
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
663 for (thisChild = children; thisChild && *thisChild; thisChild++ ) { | 662 for (thisChild = children; thisChild && *thisChild; thisChild++ ) { |
664 PORT_Free(*thisChild); | 663 PORT_Free(*thisChild); |
665 } | 664 } |
666 PORT_Free(children); | 665 PORT_Free(children); |
667 if (ids) { | 666 if (ids) { |
668 PORT_Free(ids); | 667 PORT_Free(ids); |
669 } | 668 } |
670 return; | 669 return; |
671 } | 670 } |
672 | 671 |
673 | |
674 static int | |
675 secmod_escapeSize(const char *string, char quote) | |
676 { | |
677 int escapes = 0, size = 0; | |
678 const char *src; | |
679 for (src=string; *src ; src++) { | |
680 if ((*src == quote) || (*src == '\\')) escapes++; | |
681 size++; | |
682 } | |
683 | |
684 return escapes+size+1; | |
685 } | |
686 | |
687 | |
688 /* | |
689 * add escapes to protect quote characters... | |
690 */ | |
691 static char * | |
692 secmod_addEscape(const char *string, char quote) | |
693 { | |
694 char *newString = 0; | |
695 int size = 0; | |
696 const char *src; | |
697 char *dest; | |
698 | |
699 | |
700 size = secmod_escapeSize(string,quote); | |
701 newString = PORT_ZAlloc(size); | |
702 if (newString == NULL) { | |
703 return NULL; | |
704 } | |
705 | |
706 for (src=string, dest=newString; *src; src++,dest++) { | |
707 if ((*src == '\\') || (*src == quote)) { | |
708 *dest++ = '\\'; | |
709 } | |
710 *dest = *src; | |
711 } | |
712 | |
713 return newString; | |
714 } | |
715 | |
716 static int | |
717 secmod_doubleEscapeSize(const char *string, char quote1, char quote2) | |
718 { | |
719 int escapes = 0, size = 0; | |
720 const char *src; | |
721 for (src=string; *src ; src++) { | |
722 if (*src == '\\') escapes+=3; /* \\\\ */ | |
723 if (*src == quote1) escapes+=2; /* \\quote1 */ | |
724 if (*src == quote2) escapes++; /* \quote2 */ | |
725 size++; | |
726 } | |
727 | |
728 return escapes+size+1; | |
729 } | |
730 | |
731 char * | |
732 secmod_DoubleEscape(const char *string, char quote1, char quote2) | |
733 { | |
734 char *round1 = NULL; | |
735 char *retValue = NULL; | |
736 if (string == NULL) { | |
737 goto done; | |
738 } | |
739 round1 = secmod_addEscape(string,quote1); | |
740 if (round1) { | |
741 retValue = secmod_addEscape(round1,quote2); | |
742 PORT_Free(round1); | |
743 } | |
744 | |
745 done: | |
746 if (retValue == NULL) { | |
747 retValue = PORT_Strdup(""); | |
748 } | |
749 return retValue; | |
750 } | |
751 | |
752 | |
753 /* | 672 /* |
754 * caclulate the length of each child record: | 673 * caclulate the length of each child record: |
755 * " 0x{id}=<{escaped_child}>" | 674 * " 0x{id}=<{escaped_child}>" |
756 */ | 675 */ |
757 static int | 676 static int |
758 secmod_getChildLength(char *child, CK_SLOT_ID id) | 677 secmod_getChildLength(char *child, CK_SLOT_ID id) |
759 { | 678 { |
760 int length = secmod_doubleEscapeSize(child, '>', ']'); | 679 int length = NSSUTIL_DoubleEscapeSize(child, '>', ']'); |
761 if (id == 0) { | 680 if (id == 0) { |
762 length++; | 681 length++; |
763 } | 682 } |
764 while (id) { | 683 while (id) { |
765 length++; | 684 length++; |
766 id = id >> 4; | 685 id = id >> 4; |
767 } | 686 } |
768 length += 6; /* {sp}0x[id]=<{child}> */ | 687 length += 6; /* {sp}0x[id]=<{child}> */ |
769 return length; | 688 return length; |
770 } | 689 } |
771 | 690 |
772 /* | 691 /* |
773 * Build a child record: | 692 * Build a child record: |
774 * " 0x{id}=<{escaped_child}>" | 693 * " 0x{id}=<{escaped_child}>" |
775 */ | 694 */ |
776 static SECStatus | 695 static SECStatus |
777 secmod_mkTokenChild(char **next, int *length, char *child, CK_SLOT_ID id) | 696 secmod_mkTokenChild(char **next, int *length, char *child, CK_SLOT_ID id) |
778 { | 697 { |
779 int len; | 698 int len; |
780 char *escSpec; | 699 char *escSpec; |
781 | 700 |
782 len = PR_snprintf(*next, *length, " 0x%x=<",id); | 701 len = PR_snprintf(*next, *length, " 0x%x=<",id); |
783 if (len < 0) { | 702 if (len < 0) { |
784 return SECFailure; | 703 return SECFailure; |
785 } | 704 } |
786 *next += len; | 705 *next += len; |
787 *length -= len; | 706 *length -= len; |
788 escSpec = secmod_DoubleEscape(child, '>', ']'); | 707 escSpec = NSSUTIL_DoubleEscape(child, '>', ']'); |
789 if (escSpec == NULL) { | 708 if (escSpec == NULL) { |
790 return SECFailure; | 709 return SECFailure; |
791 } | 710 } |
792 if (*child && (*escSpec == 0)) { | 711 if (*child && (*escSpec == 0)) { |
793 PORT_Free(escSpec); | 712 PORT_Free(escSpec); |
794 return SECFailure; | 713 return SECFailure; |
795 } | 714 } |
796 len = strlen(escSpec); | 715 len = strlen(escSpec); |
797 if (len+1 > *length) { | 716 if (len+1 > *length) { |
798 PORT_Free(escSpec); | 717 PORT_Free(escSpec); |
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
944 goto loser; | 863 goto loser; |
945 } | 864 } |
946 | 865 |
947 | 866 |
948 /* build the slot info strings */ | 867 /* build the slot info strings */ |
949 if (module->slotCount) { | 868 if (module->slotCount) { |
950 for (i=0, si= 0; i < module->slotCount; i++) { | 869 for (i=0, si= 0; i < module->slotCount; i++) { |
951 if (module->slots[i]->defaultFlags) { | 870 if (module->slots[i]->defaultFlags) { |
952 PORT_Assert(si < slotCount); | 871 PORT_Assert(si < slotCount); |
953 if (si >= slotCount) break; | 872 if (si >= slotCount) break; |
954 » » slotStrings[si] = secmod_mkSlotString(module->slots[i]->slotID, | 873 » » slotStrings[si] = NSSUTIL_MkSlotString(module->slots[i]->slotID, |
955 module->slots[i]->defaultFlags, | 874 module->slots[i]->defaultFlags, |
956 module->slots[i]->timeout, | 875 module->slots[i]->timeout, |
957 module->slots[i]->askpw, | 876 module->slots[i]->askpw, |
958 module->slots[i]->hasRootCerts, | 877 module->slots[i]->hasRootCerts, |
959 module->slots[i]->hasRootTrust); | 878 module->slots[i]->hasRootTrust); |
960 si++; | 879 si++; |
961 } | 880 } |
962 } | 881 } |
963 } else { | 882 } else { |
964 for (i=0; i < slotCount; i++) { | 883 for (i=0; i < slotCount; i++) { |
965 » » slotStrings[i] = secmod_mkSlotString(module->slotInfo[i].slotID, | 884 » » slotStrings[i] = NSSUTIL_MkSlotString( |
| 885 » » » module->slotInfo[i].slotID, |
966 module->slotInfo[i].defaultFlags, | 886 module->slotInfo[i].defaultFlags, |
967 module->slotInfo[i].timeout, | 887 module->slotInfo[i].timeout, |
968 module->slotInfo[i].askpw, | 888 module->slotInfo[i].askpw, |
969 module->slotInfo[i].hasRootCerts, | 889 module->slotInfo[i].hasRootCerts, |
970 module->slotInfo[i].hasRootTrust); | 890 module->slotInfo[i].hasRootTrust); |
971 } | 891 } |
972 } | 892 } |
973 | 893 |
974 SECMOD_ReleaseReadLock(moduleLock); | 894 SECMOD_ReleaseReadLock(moduleLock); |
975 nss = secmod_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS, | 895 nss = NSSUTIL_MkNSSString(slotStrings,slotCount,module->internal, |
976 » » module->isModuleDB, module->moduleDBOnly, | 896 » » module->isFIPS, module->isModuleDB, |
977 » » module->isCritical, module->trustOrder, | 897 » » module->moduleDBOnly, module->isCritical, |
978 » » module->cipherOrder,module->ssl[0],module->ssl[1]); | 898 » » module->trustOrder, module->cipherOrder, |
979 modSpec= secmod_mkNewModuleSpec(module->dllName,module->commonName, | 899 » » module->ssl[0],module->ssl[1]); |
| 900 modSpec= NSSUTIL_MkModuleSpec(module->dllName,module->commonName, |
980 module->libraryParams,nss); | 901 module->libraryParams,nss); |
981 PORT_Free(slotStrings); | 902 PORT_Free(slotStrings); |
982 PR_smprintf_free(nss); | 903 PR_smprintf_free(nss); |
983 loser: | 904 loser: |
984 return (modSpec); | 905 return (modSpec); |
985 } | 906 } |
986 | 907 |
987 | 908 |
988 char ** | 909 char ** |
989 SECMOD_GetModuleSpecList(SECMODModule *module) | 910 SECMOD_GetModuleSpecList(SECMODModule *module) |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1057 { | 978 { |
1058 char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL; | 979 char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL; |
1059 SECStatus status; | 980 SECStatus status; |
1060 SECMODModule *module = NULL; | 981 SECMODModule *module = NULL; |
1061 SECMODModule *oldModule = NULL; | 982 SECMODModule *oldModule = NULL; |
1062 SECStatus rv; | 983 SECStatus rv; |
1063 | 984 |
1064 /* initialize the underlying module structures */ | 985 /* initialize the underlying module structures */ |
1065 SECMOD_Init(); | 986 SECMOD_Init(); |
1066 | 987 |
1067 status = secmod_argParseModuleSpec(modulespec, &library, &moduleName, | 988 status = NSSUTIL_ArgParseModuleSpec(modulespec, &library, &moduleName, |
1068 ¶meters, &nss); | 989 ¶meters, &nss); |
1069 if (status != SECSuccess) { | 990 if (status != SECSuccess) { |
1070 goto loser; | 991 goto loser; |
1071 } | 992 } |
1072 | 993 |
1073 module = SECMOD_CreateModule(library, moduleName, parameters, nss); | 994 module = SECMOD_CreateModule(library, moduleName, parameters, nss); |
1074 if (library) PORT_Free(library); | 995 if (library) PORT_Free(library); |
1075 if (moduleName) PORT_Free(moduleName); | 996 if (moduleName) PORT_Free(moduleName); |
1076 if (parameters) PORT_Free(parameters); | 997 if (parameters) PORT_Free(parameters); |
1077 if (nss) PORT_Free(nss); | 998 if (nss) PORT_Free(nss); |
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1204 | 1125 |
1205 SECMOD_GetReadLock(moduleLock); | 1126 SECMOD_GetReadLock(moduleLock); |
1206 rv = STAN_RemoveModuleFromDefaultTrustDomain(mod); | 1127 rv = STAN_RemoveModuleFromDefaultTrustDomain(mod); |
1207 SECMOD_ReleaseReadLock(moduleLock); | 1128 SECMOD_ReleaseReadLock(moduleLock); |
1208 if (SECSuccess != rv) { | 1129 if (SECSuccess != rv) { |
1209 return SECFailure; | 1130 return SECFailure; |
1210 } | 1131 } |
1211 return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE); | 1132 return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE); |
1212 } | 1133 } |
1213 | 1134 |
OLD | NEW |