OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * The following code handles the storage of PKCS 11 modules used by the | 5 * The following code handles the storage of PKCS 11 modules used by the |
6 * NSS. For the rest of NSS, only one kind of database handle exists: | 6 * NSS. For the rest of NSS, only one kind of database handle exists: |
7 * | 7 * |
8 * SFTKDBHandle | 8 * SFTKDBHandle |
9 * | 9 * |
10 * There is one SFTKDBHandle for the each key database and one for each cert | 10 * There is one SFTKDBHandle for the each key database and one for each cert |
11 * database. These databases are opened as associated pairs, one pair per | 11 * database. These databases are opened as associated pairs, one pair per |
12 * slot. SFTKDBHandles are reference counted objects. | 12 * slot. SFTKDBHandles are reference counted objects. |
13 * | 13 * |
14 * Each SFTKDBHandle points to a low level database handle (SDB). This handle | 14 * Each SFTKDBHandle points to a low level database handle (SDB). This handle |
15 * represents the underlying physical database. These objects are not | 15 * represents the underlying physical database. These objects are not |
16 * reference counted, an are 'owned' by their respective SFTKDBHandles. | 16 * reference counted, an are 'owned' by their respective SFTKDBHandles. |
17 * | 17 * |
18 * | 18 * |
19 */ | 19 */ |
20 #include "sftkdb.h" | |
21 #include "sftkpars.h" | |
22 #include "prprf.h" | 20 #include "prprf.h" |
23 #include "prsystem.h" | 21 #include "prsystem.h" |
24 #include "lgglue.h" | 22 #include "lgglue.h" |
25 #include "secerr.h" | 23 /*#include "secmodt.h" */ |
26 #include "secmodt.h" | |
27 #if defined (_WIN32) | 24 #if defined (_WIN32) |
28 #include <io.h> | 25 #include <io.h> |
29 #endif | 26 #endif |
| 27 #include "utilpars.h" |
| 28 #include "secerr.h" |
30 | 29 |
31 /**************************************************************** | 30 /**************************************************************** |
32 * | 31 * |
33 * Secmod database. | 32 * Secmod database. |
34 * | 33 * |
35 * The new secmod database is simply a text file with each of the module | 34 * The new secmod database is simply a text file with each of the module |
36 * entries. in the following form: | 35 * entries. in the following form: |
37 * | 36 * |
38 * # | 37 * # |
39 * # This is a comment The next line is the library to load | 38 * # This is a comment The next line is the library to load |
40 * library=libmypkcs11.so | 39 * library=libmypkcs11.so |
41 * name="My PKCS#11 module" | 40 * name="My PKCS#11 module" |
42 * params="my library's param string" | 41 * params="my library's param string" |
43 * nss="NSS parameters" | 42 * nss="NSS parameters" |
44 * other="parameters for other libraries and applications" | 43 * other="parameters for other libraries and applications" |
45 * | 44 * |
46 * library=libmynextpk11.so | 45 * library=libmynextpk11.so |
47 * name="My other PKCS#11 module" | 46 * name="My other PKCS#11 module" |
48 */ | 47 */ |
49 | 48 |
50 static char * | |
51 sftkdb_quote(const char *string, char quote) | |
52 { | |
53 char *newString = 0; | |
54 int escapes = 0, size = 0; | |
55 const char *src; | |
56 char *dest; | |
57 | |
58 size=2; | |
59 for (src=string; *src ; src++) { | |
60 if ((*src == quote) || (*src == '\\')) escapes++; | |
61 size++; | |
62 } | |
63 | |
64 dest = newString = PORT_ZAlloc(escapes+size+1); | |
65 if (newString == NULL) { | |
66 return NULL; | |
67 } | |
68 | |
69 *dest++=quote; | |
70 for (src=string; *src; src++,dest++) { | |
71 if ((*src == '\\') || (*src == quote)) { | |
72 *dest++ = '\\'; | |
73 } | |
74 *dest = *src; | |
75 } | |
76 *dest=quote; | |
77 | |
78 return newString; | |
79 } | |
80 | 49 |
81 /* | 50 /* |
82 * Smart string cat functions. Automatically manage the memory. | 51 * Smart string cat functions. Automatically manage the memory. |
83 * The first parameter is the source string. If it's null, we | 52 * The first parameter is the source string. If it's null, we |
84 * allocate memory for it. If it's not, we reallocate memory | 53 * allocate memory for it. If it's not, we reallocate memory |
85 * so the the concanenated string fits. | 54 * so the the concanenated string fits. |
86 */ | 55 */ |
87 static char * | 56 static char * |
88 sftkdb_DupnCat(char *baseString, const char *str, int str_len) | 57 nssutil_DupnCat(char *baseString, const char *str, int str_len) |
89 { | 58 { |
90 int len = (baseString ? PORT_Strlen(baseString) : 0) + 1; | 59 int len = (baseString ? PORT_Strlen(baseString) : 0) + 1; |
91 char *newString; | 60 char *newString; |
92 | 61 |
93 len += str_len; | 62 len += str_len; |
94 newString = (char *) PORT_Realloc(baseString,len); | 63 newString = (char *) PORT_Realloc(baseString,len); |
95 if (newString == NULL) { | 64 if (newString == NULL) { |
96 PORT_Free(baseString); | 65 PORT_Free(baseString); |
97 return NULL; | 66 return NULL; |
98 } | 67 } |
99 if (baseString == NULL) *newString = 0; | 68 if (baseString == NULL) *newString = 0; |
100 return PORT_Strncat(newString,str, str_len); | 69 return PORT_Strncat(newString,str, str_len); |
101 } | 70 } |
102 | 71 |
103 /* Same as sftkdb_DupnCat except it concatenates the full string, not a | 72 /* Same as nssutil_DupnCat except it concatenates the full string, not a |
104 * partial one */ | 73 * partial one */ |
105 static char * | 74 static char * |
106 sftkdb_DupCat(char *baseString, const char *str) | 75 nssutil_DupCat(char *baseString, const char *str) |
107 { | 76 { |
108 return sftkdb_DupnCat(baseString, str, PORT_Strlen(str)); | 77 return nssutil_DupnCat(baseString, str, PORT_Strlen(str)); |
109 } | 78 } |
110 | 79 |
111 /* function to free up all the memory associated with a null terminated | 80 /* function to free up all the memory associated with a null terminated |
112 * array of module specs */ | 81 * array of module specs */ |
113 static SECStatus | 82 static SECStatus |
114 sftkdb_releaseSpecList(char **moduleSpecList) | 83 nssutil_releaseSpecList(char **moduleSpecList) |
115 { | 84 { |
116 if (moduleSpecList) { | 85 if (moduleSpecList) { |
117 char **index; | 86 char **index; |
118 for(index = moduleSpecList; *index; index++) { | 87 for(index = moduleSpecList; *index; index++) { |
119 PORT_Free(*index); | 88 PORT_Free(*index); |
120 } | 89 } |
121 PORT_Free(moduleSpecList); | 90 PORT_Free(moduleSpecList); |
122 } | 91 } |
123 return SECSuccess; | 92 return SECSuccess; |
124 } | 93 } |
125 | 94 |
126 #define SECMOD_STEP 10 | 95 #define SECMOD_STEP 10 |
127 static SECStatus | 96 static SECStatus |
128 sftkdb_growList(char ***pModuleList, int *useCount, int last) | 97 nssutil_growList(char ***pModuleList, int *useCount, int last) |
129 { | 98 { |
130 char **newModuleList; | 99 char **newModuleList; |
131 | 100 |
132 *useCount += SECMOD_STEP; | 101 *useCount += SECMOD_STEP; |
133 newModuleList = (char **)PORT_Realloc(*pModuleList, | 102 newModuleList = (char **)PORT_Realloc(*pModuleList, |
134 *useCount*sizeof(char *)); | 103 *useCount*sizeof(char *)); |
135 if (newModuleList == NULL) { | 104 if (newModuleList == NULL) { |
136 return SECFailure; | 105 return SECFailure; |
137 } | 106 } |
138 PORT_Memset(&newModuleList[last],0, sizeof(char *)*SECMOD_STEP); | 107 PORT_Memset(&newModuleList[last],0, sizeof(char *)*SECMOD_STEP); |
139 *pModuleList = newModuleList; | 108 *pModuleList = newModuleList; |
140 return SECSuccess; | 109 return SECSuccess; |
141 } | 110 } |
142 | 111 |
143 static | 112 static |
144 char *sftk_getOldSecmodName(const char *dbname,const char *filename) | 113 char *_NSSUTIL_GetOldSecmodName(const char *dbname,const char *filename) |
145 { | 114 { |
146 char *file = NULL; | 115 char *file = NULL; |
147 char *dirPath = PORT_Strdup(dbname); | 116 char *dirPath = PORT_Strdup(dbname); |
148 char *sep; | 117 char *sep; |
149 | 118 |
150 sep = PORT_Strrchr(dirPath,*PATH_SEPARATOR); | 119 sep = PORT_Strrchr(dirPath,*NSSUTIL_PATH_SEPARATOR); |
151 #ifdef _WIN32 | 120 #ifdef WINDOWS |
152 if (!sep) { | 121 if (!sep) { |
153 /* pkcs11i.h defines PATH_SEPARATOR as "/" for all platforms. */ | |
154 sep = PORT_Strrchr(dirPath,'\\'); | 122 sep = PORT_Strrchr(dirPath,'\\'); |
155 } | 123 } |
156 #endif | 124 #endif |
157 if (sep) { | 125 if (sep) { |
158 » *sep = 0; | 126 » *(sep)=0; |
159 » file = PR_smprintf("%s"PATH_SEPARATOR"%s", dirPath, filename); | |
160 } else { | |
161 » file = PR_smprintf("%s", filename); | |
162 } | 127 } |
| 128 file= PR_smprintf("%s"NSSUTIL_PATH_SEPARATOR"%s", dirPath, filename); |
163 PORT_Free(dirPath); | 129 PORT_Free(dirPath); |
164 return file; | 130 return file; |
165 } | 131 } |
166 | 132 |
| 133 static SECStatus nssutil_AddSecmodDB(NSSDBType dbType, const char *appName, |
| 134 const char *filename, const char *dbname, |
| 135 char *module, PRBool rw); |
| 136 |
167 #ifdef XP_UNIX | 137 #ifdef XP_UNIX |
168 #include <unistd.h> | 138 #include <unistd.h> |
169 #endif | 139 #endif |
170 #include <fcntl.h> | 140 #include <fcntl.h> |
171 | 141 |
172 #ifndef WINCE | 142 #ifndef WINCE |
173 /* same as fopen, except it doesn't use umask, but explicit */ | 143 /* same as fopen, except it doesn't use umask, but explicit */ |
174 FILE * | 144 FILE * |
175 lfopen(const char *name, const char *mode, int flags) | 145 lfopen(const char *name, const char *mode, int flags) |
176 { | 146 { |
177 int fd; | 147 int fd; |
178 FILE *file; | 148 FILE *file; |
179 | 149 |
180 fd = open(name, flags, 0600); | 150 fd = open(name, flags, 0600); |
181 if (fd < 0) { | 151 if (fd < 0) { |
182 return NULL; | 152 return NULL; |
183 } | 153 } |
184 file = fdopen(fd, mode); | 154 file = fdopen(fd, mode); |
185 if (!file) { | 155 if (!file) { |
186 close(fd); | 156 close(fd); |
187 } | 157 } |
188 /* file inherits fd */ | 158 /* file inherits fd */ |
189 return file; | 159 return file; |
190 } | 160 } |
191 #endif | 161 #endif |
192 | 162 |
193 #define MAX_LINE_LENGTH 2048 | 163 #define MAX_LINE_LENGTH 2048 |
194 #define SFTK_DEFAULT_INTERNAL_INIT1 "library= name=\"NSS Internal PKCS #11 Modul
e\" parameters=" | |
195 #define SFTK_DEFAULT_INTERNAL_INIT2 " NSS=\"Flags=internal,critical trustOrder=7
5 cipherOrder=100 slotParams=(1={" | |
196 #define SFTK_DEFAULT_INTERNAL_INIT3 " askpw=any timeout=30})\"" | |
197 | 164 |
198 /* | 165 /* |
199 * Read all the existing modules in out of the file. | 166 * Read all the existing modules in out of the file. |
200 */ | 167 */ |
201 char ** | 168 static char ** |
202 sftkdb_ReadSecmodDB(SDBType dbType, const char *appName, | 169 nssutil_ReadSecmodDB(NSSDBType dbType, const char *appName, |
203 const char *filename, const char *dbname, | 170 const char *filename, const char *dbname, |
204 char *params, PRBool rw) | 171 char *params, PRBool rw) |
205 { | 172 { |
206 FILE *fd = NULL; | 173 FILE *fd = NULL; |
207 char **moduleList = NULL; | 174 char **moduleList = NULL; |
208 int moduleCount = 1; | 175 int moduleCount = 1; |
209 int useCount = SECMOD_STEP; | 176 int useCount = SECMOD_STEP; |
210 char line[MAX_LINE_LENGTH]; | 177 char line[MAX_LINE_LENGTH]; |
211 PRBool internal = PR_FALSE; | 178 PRBool internal = PR_FALSE; |
212 PRBool skipParams = PR_FALSE; | 179 PRBool skipParams = PR_FALSE; |
213 char *moduleString = NULL; | 180 char *moduleString = NULL; |
214 char *paramsValue=NULL; | 181 char *paramsValue=NULL; |
215 PRBool failed = PR_TRUE; | 182 PRBool failed = PR_TRUE; |
216 | 183 |
217 if ((dbname != NULL) && | 184 if (dbname == NULL) { |
218 » » ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS))) { | 185 » PORT_SetError(SEC_ERROR_INVALID_ARGS); |
219 » return sftkdbCall_ReadSecmodDB(appName, filename, dbname, params, rw); | 186 » return NULL; |
220 } | 187 } |
221 | 188 |
222 moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **)); | 189 moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **)); |
223 if (moduleList == NULL) return NULL; | 190 if (moduleList == NULL) return NULL; |
224 | 191 |
225 if (dbname == NULL) { | |
226 goto return_default; | |
227 } | |
228 | |
229 /* do we really want to use streams here */ | 192 /* do we really want to use streams here */ |
230 fd = fopen(dbname, "r"); | 193 fd = fopen(dbname, "r"); |
231 if (fd == NULL) goto done; | 194 if (fd == NULL) goto done; |
232 | 195 |
233 /* | 196 /* |
234 * the following loop takes line separated config lines and collapses | 197 * the following loop takes line separated config lines and collapses |
235 * the lines to a single string, escaping and quoting as necessary. | 198 * the lines to a single string, escaping and quoting as necessary. |
236 */ | 199 */ |
237 /* loop state variables */ | 200 /* loop state variables */ |
238 moduleString = NULL; /* current concatenated string */ | 201 moduleString = NULL; /* current concatenated string */ |
(...skipping 16 matching lines...) Expand all Loading... |
255 * The PKCS #11 group standard assumes blocks of strings | 218 * The PKCS #11 group standard assumes blocks of strings |
256 * separated by new lines, clumped by new lines. Internally | 219 * separated by new lines, clumped by new lines. Internally |
257 * we take strings separated by spaces, so we may need to escape | 220 * we take strings separated by spaces, so we may need to escape |
258 * certain spaces. | 221 * certain spaces. |
259 */ | 222 */ |
260 char *value = PORT_Strchr(line,'='); | 223 char *value = PORT_Strchr(line,'='); |
261 | 224 |
262 /* there is no value, write out the stanza as is */ | 225 /* there is no value, write out the stanza as is */ |
263 if (value == NULL || value[1] == 0) { | 226 if (value == NULL || value[1] == 0) { |
264 if (moduleString) { | 227 if (moduleString) { |
265 » » moduleString = sftkdb_DupnCat(moduleString," ", 1); | 228 » » moduleString = nssutil_DupnCat(moduleString," ", 1); |
266 if (moduleString == NULL) goto loser; | 229 if (moduleString == NULL) goto loser; |
267 } | 230 } |
268 » moduleString = sftkdb_DupCat(moduleString, line); | 231 » moduleString = nssutil_DupCat(moduleString, line); |
269 if (moduleString == NULL) goto loser; | 232 if (moduleString == NULL) goto loser; |
270 /* value is already quoted, just write it out */ | 233 /* value is already quoted, just write it out */ |
271 } else if (value[1] == '"') { | 234 } else if (value[1] == '"') { |
272 if (moduleString) { | 235 if (moduleString) { |
273 » » moduleString = sftkdb_DupnCat(moduleString," ", 1); | 236 » » moduleString = nssutil_DupnCat(moduleString," ", 1); |
274 if (moduleString == NULL) goto loser; | 237 if (moduleString == NULL) goto loser; |
275 } | 238 } |
276 » moduleString = sftkdb_DupCat(moduleString, line); | 239 » moduleString = nssutil_DupCat(moduleString, line); |
277 if (moduleString == NULL) goto loser; | 240 if (moduleString == NULL) goto loser; |
278 /* we have an override parameter section, remember that | 241 /* we have an override parameter section, remember that |
279 * we found this (see following comment about why this | 242 * we found this (see following comment about why this |
280 * is necessary). */ | 243 * is necessary). */ |
281 if (PORT_Strncasecmp(line, "parameters", 10) == 0) { | 244 if (PORT_Strncasecmp(line, "parameters", 10) == 0) { |
282 skipParams = PR_TRUE; | 245 skipParams = PR_TRUE; |
283 } | 246 } |
284 /* | 247 /* |
285 * The internal token always overrides it's parameter block | 248 * The internal token always overrides it's parameter block |
286 * from the passed in parameters, so wait until then end | 249 * from the passed in parameters, so wait until then end |
(...skipping 10 matching lines...) Expand all Loading... |
297 * the absence of overrides, paramsValue is set to the first | 260 * the absence of overrides, paramsValue is set to the first |
298 * parameter block we find. All subsequent blocks are ignored. | 261 * parameter block we find. All subsequent blocks are ignored. |
299 * When we find an internal token, the application passed | 262 * When we find an internal token, the application passed |
300 * parameters take precident. | 263 * parameters take precident. |
301 */ | 264 */ |
302 } else if (PORT_Strncasecmp(line, "parameters", 10) == 0) { | 265 } else if (PORT_Strncasecmp(line, "parameters", 10) == 0) { |
303 /* already have parameters */ | 266 /* already have parameters */ |
304 if (paramsValue) { | 267 if (paramsValue) { |
305 continue; | 268 continue; |
306 } | 269 } |
307 » » paramsValue = sftkdb_quote(&value[1], '"'); | 270 » » paramsValue = NSSUTIL_Quote(&value[1], '"'); |
308 if (paramsValue == NULL) goto loser; | 271 if (paramsValue == NULL) goto loser; |
309 continue; | 272 continue; |
310 } else { | 273 } else { |
311 /* may need to quote */ | 274 /* may need to quote */ |
312 char *newLine; | 275 char *newLine; |
313 if (moduleString) { | 276 if (moduleString) { |
314 » » moduleString = sftkdb_DupnCat(moduleString," ", 1); | 277 » » moduleString = nssutil_DupnCat(moduleString," ", 1); |
315 if (moduleString == NULL) goto loser; | 278 if (moduleString == NULL) goto loser; |
316 } | 279 } |
317 » » moduleString = sftkdb_DupnCat(moduleString,line,value-line+1); | 280 » » moduleString = nssutil_DupnCat(moduleString,line,value-line+1); |
318 if (moduleString == NULL) goto loser; | 281 if (moduleString == NULL) goto loser; |
319 » newLine = sftkdb_quote(&value[1],'"'); | 282 » newLine = NSSUTIL_Quote(&value[1],'"'); |
320 if (newLine == NULL) goto loser; | 283 if (newLine == NULL) goto loser; |
321 » » moduleString = sftkdb_DupCat(moduleString,newLine); | 284 » » moduleString = nssutil_DupCat(moduleString,newLine); |
322 PORT_Free(newLine); | 285 PORT_Free(newLine); |
323 if (moduleString == NULL) goto loser; | 286 if (moduleString == NULL) goto loser; |
324 } | 287 } |
325 | 288 |
326 /* check to see if it's internal? */ | 289 /* check to see if it's internal? */ |
327 if (PORT_Strncasecmp(line, "NSS=", 4) == 0) { | 290 if (PORT_Strncasecmp(line, "NSS=", 4) == 0) { |
328 /* This should be case insensitive! reviewers make | 291 /* This should be case insensitive! reviewers make |
329 * me fix it if it's not */ | 292 * me fix it if it's not */ |
330 if (PORT_Strstr(line,"internal")) { | 293 if (PORT_Strstr(line,"internal")) { |
331 internal = PR_TRUE; | 294 internal = PR_TRUE; |
332 /* override the parameters */ | 295 /* override the parameters */ |
333 if (paramsValue) { | 296 if (paramsValue) { |
334 PORT_Free(paramsValue); | 297 PORT_Free(paramsValue); |
335 } | 298 } |
336 » » paramsValue = sftkdb_quote(params, '"'); | 299 » » paramsValue = NSSUTIL_Quote(params, '"'); |
337 } | 300 } |
338 } | 301 } |
339 continue; | 302 continue; |
340 } | 303 } |
341 if ((moduleString == NULL) || (*moduleString == 0)) { | 304 if ((moduleString == NULL) || (*moduleString == 0)) { |
342 continue; | 305 continue; |
343 } | 306 } |
344 | 307 |
345 /* | 308 /* |
346 * if we are here, we have found a complete stanza. Now write out | 309 * if we are here, we have found a complete stanza. Now write out |
347 * any param section we may have found. | 310 * any param section we may have found. |
348 */ | 311 */ |
349 if (paramsValue) { | 312 if (paramsValue) { |
350 /* we had an override */ | 313 /* we had an override */ |
351 if (!skipParams) { | 314 if (!skipParams) { |
352 » » moduleString = sftkdb_DupnCat(moduleString," parameters=", 12); | 315 » » moduleString = nssutil_DupnCat(moduleString," parameters=", 12); |
353 if (moduleString == NULL) goto loser; | 316 if (moduleString == NULL) goto loser; |
354 » » moduleString = sftkdb_DupCat(moduleString, paramsValue); | 317 » » moduleString = nssutil_DupCat(moduleString, paramsValue); |
355 if (moduleString == NULL) goto loser; | 318 if (moduleString == NULL) goto loser; |
356 } | 319 } |
357 PORT_Free(paramsValue); | 320 PORT_Free(paramsValue); |
358 paramsValue = NULL; | 321 paramsValue = NULL; |
359 } | 322 } |
360 | 323 |
361 if ((moduleCount+1) >= useCount) { | 324 if ((moduleCount+1) >= useCount) { |
362 SECStatus rv; | 325 SECStatus rv; |
363 » rv = sftkdb_growList(&moduleList, &useCount, moduleCount+1); | 326 » rv = nssutil_growList(&moduleList, &useCount, moduleCount+1); |
364 if (rv != SECSuccess) { | 327 if (rv != SECSuccess) { |
365 goto loser; | 328 goto loser; |
366 } | 329 } |
367 } | 330 } |
368 | 331 |
369 if (internal) { | 332 if (internal) { |
370 moduleList[0] = moduleString; | 333 moduleList[0] = moduleString; |
371 } else { | 334 } else { |
372 moduleList[moduleCount] = moduleString; | 335 moduleList[moduleCount] = moduleString; |
373 moduleCount++; | 336 moduleCount++; |
374 } | 337 } |
375 moduleString = NULL; | 338 moduleString = NULL; |
376 internal = PR_FALSE; | 339 internal = PR_FALSE; |
377 skipParams = PR_FALSE; | 340 skipParams = PR_FALSE; |
378 } | 341 } |
379 | 342 |
380 if (moduleString) { | 343 if (moduleString) { |
381 PORT_Free(moduleString); | 344 PORT_Free(moduleString); |
382 moduleString = NULL; | 345 moduleString = NULL; |
383 } | 346 } |
384 done: | 347 done: |
385 /* If we couldn't open a pkcs11 database, look for the old one. | 348 /* if we couldn't open a pkcs11 database, look for the old one */ |
386 * This is necessary to maintain the semantics of the transition from | |
387 * old to new DB's. If there is an old DB and not new DB, we will | |
388 * automatically use the old DB. If the DB was opened read/write, we | |
389 * create a new db and upgrade it from the old one. */ | |
390 if (fd == NULL) { | 349 if (fd == NULL) { |
391 » char *olddbname = sftk_getOldSecmodName(dbname,filename); | 350 » char *olddbname = _NSSUTIL_GetOldSecmodName(dbname,filename); |
392 PRStatus status; | 351 PRStatus status; |
393 char **oldModuleList; | |
394 int i; | |
395 | 352 |
396 /* couldn't get the old name */ | 353 /* couldn't get the old name */ |
397 if (!olddbname) { | 354 if (!olddbname) { |
398 goto bail; | 355 goto bail; |
399 } | 356 } |
400 | 357 |
401 /* old one doesn't exist */ | 358 /* old one doesn't exist */ |
402 status = PR_Access(olddbname, PR_ACCESS_EXISTS); | 359 status = PR_Access(olddbname, PR_ACCESS_EXISTS); |
403 » if (status != PR_SUCCESS) { | 360 » if (status == PR_SUCCESS) { |
404 » goto bail; | 361 » PR_smprintf_free(olddbname); |
| 362 » PORT_SetError(SEC_ERROR_LEGACY_DATABASE); |
| 363 » return NULL; |
405 } | 364 } |
406 | 365 |
407 oldModuleList = sftkdbCall_ReadSecmodDB(appName, filename, | |
408 olddbname, params, rw); | |
409 /* old one had no modules */ | |
410 if (!oldModuleList) { | |
411 goto bail; | |
412 } | |
413 | |
414 /* count the modules */ | |
415 for (i=0; oldModuleList[i]; i++) { } | |
416 | |
417 /* grow the moduleList if necessary */ | |
418 if (i >= useCount) { | |
419 SECStatus rv; | |
420 rv = sftkdb_growList(&moduleList,&useCount,moduleCount+1); | |
421 if (rv != SECSuccess) { | |
422 goto loser; | |
423 } | |
424 } | |
425 | |
426 /* write each module out, and copy it */ | |
427 for (i=0; oldModuleList[i]; i++) { | |
428 if (rw) { | |
429 sftkdb_AddSecmodDB(dbType,appName,filename,dbname, | |
430 oldModuleList[i],rw); | |
431 } | |
432 if (moduleList[i]) { | |
433 PORT_Free(moduleList[i]); | |
434 } | |
435 moduleList[i] = PORT_Strdup(oldModuleList[i]); | |
436 } | |
437 | |
438 /* done with the old module list */ | |
439 sftkdbCall_ReleaseSecmodDBData(appName, filename, olddbname, | |
440 oldModuleList, rw); | |
441 bail: | 366 bail: |
442 if (olddbname) { | 367 if (olddbname) { |
443 PR_smprintf_free(olddbname); | 368 PR_smprintf_free(olddbname); |
444 } | 369 } |
445 } | 370 } |
446 | |
447 return_default: | |
448 | 371 |
449 if (!moduleList[0]) { | 372 if (!moduleList[0]) { |
450 char * newParams; | 373 char * newParams; |
451 » moduleString = PORT_Strdup(SFTK_DEFAULT_INTERNAL_INIT1); | 374 » moduleString = PORT_Strdup(NSSUTIL_DEFAULT_INTERNAL_INIT1); |
452 » newParams = sftkdb_quote(params,'"'); | 375 » newParams = NSSUTIL_Quote(params,'"'); |
453 if (newParams == NULL) goto loser; | 376 if (newParams == NULL) goto loser; |
454 » moduleString = sftkdb_DupCat(moduleString, newParams); | 377 » moduleString = nssutil_DupCat(moduleString, newParams); |
455 PORT_Free(newParams); | 378 PORT_Free(newParams); |
456 if (moduleString == NULL) goto loser; | 379 if (moduleString == NULL) goto loser; |
457 » moduleString = sftkdb_DupCat(moduleString, SFTK_DEFAULT_INTERNAL_INIT2); | 380 » moduleString = nssutil_DupCat(moduleString, |
| 381 » » » » » NSSUTIL_DEFAULT_INTERNAL_INIT2); |
458 if (moduleString == NULL) goto loser; | 382 if (moduleString == NULL) goto loser; |
459 » moduleString = sftkdb_DupCat(moduleString, SECMOD_SLOT_FLAGS); | 383 » moduleString = nssutil_DupCat(moduleString, |
| 384 » » » » » NSSUTIL_DEFAULT_SFTKN_FLAGS); |
460 if (moduleString == NULL) goto loser; | 385 if (moduleString == NULL) goto loser; |
461 » moduleString = sftkdb_DupCat(moduleString, SFTK_DEFAULT_INTERNAL_INIT3); | 386 » moduleString = nssutil_DupCat(moduleString, |
| 387 » » » » » NSSUTIL_DEFAULT_INTERNAL_INIT3); |
462 if (moduleString == NULL) goto loser; | 388 if (moduleString == NULL) goto loser; |
463 moduleList[0] = moduleString; | 389 moduleList[0] = moduleString; |
464 moduleString = NULL; | 390 moduleString = NULL; |
465 } | 391 } |
466 failed = PR_FALSE; | 392 failed = PR_FALSE; |
467 | 393 |
468 loser: | 394 loser: |
469 /* | 395 /* |
470 * cleanup | 396 * cleanup |
471 */ | 397 */ |
472 /* deal with trust cert db here */ | 398 /* deal with trust cert db here */ |
473 if (moduleString) { | 399 if (moduleString) { |
474 PORT_Free(moduleString); | 400 PORT_Free(moduleString); |
475 moduleString = NULL; | 401 moduleString = NULL; |
476 } | 402 } |
477 if (paramsValue) { | 403 if (paramsValue) { |
478 PORT_Free(paramsValue); | 404 PORT_Free(paramsValue); |
479 paramsValue = NULL; | 405 paramsValue = NULL; |
480 } | 406 } |
481 if (failed || (moduleList[0] == NULL)) { | 407 if (failed || (moduleList[0] == NULL)) { |
482 /* This is wrong! FIXME */ | 408 /* This is wrong! FIXME */ |
483 » sftkdb_releaseSpecList(moduleList); | 409 » nssutil_releaseSpecList(moduleList); |
484 moduleList = NULL; | 410 moduleList = NULL; |
485 failed = PR_TRUE; | 411 failed = PR_TRUE; |
486 } | 412 } |
487 if (fd != NULL) { | 413 if (fd != NULL) { |
488 fclose(fd); | 414 fclose(fd); |
489 } else if (!failed && rw) { | 415 } else if (!failed && rw) { |
490 /* update our internal module */ | 416 /* update our internal module */ |
491 » sftkdb_AddSecmodDB(dbType,appName,filename,dbname,moduleList[0],rw); | 417 » nssutil_AddSecmodDB(dbType,appName,filename,dbname,moduleList[0],rw); |
492 } | 418 } |
493 return moduleList; | 419 return moduleList; |
494 } | 420 } |
495 | 421 |
496 SECStatus | 422 static SECStatus |
497 sftkdb_ReleaseSecmodDBData(SDBType dbType, const char *appName, | 423 nssutil_ReleaseSecmodDBData(NSSDBType dbType, const char *appName, |
498 const char *filename, const char *dbname, | 424 const char *filename, const char *dbname, |
499 char **moduleSpecList, PRBool rw) | 425 char **moduleSpecList, PRBool rw) |
500 { | 426 { |
501 if ((dbname != NULL) && | |
502 ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS))) { | |
503 return sftkdbCall_ReleaseSecmodDBData(appName, filename, dbname, | |
504 moduleSpecList, rw); | |
505 } | |
506 if (moduleSpecList) { | 427 if (moduleSpecList) { |
507 » sftkdb_releaseSpecList(moduleSpecList); | 428 » nssutil_releaseSpecList(moduleSpecList); |
508 } | 429 } |
509 return SECSuccess; | 430 return SECSuccess; |
510 } | 431 } |
511 | 432 |
512 | 433 |
513 /* | 434 /* |
514 * Delete a module from the Data Base | 435 * Delete a module from the Data Base |
515 */ | 436 */ |
516 SECStatus | 437 static SECStatus |
517 sftkdb_DeleteSecmodDB(SDBType dbType, const char *appName, | 438 nssutil_DeleteSecmodDB(NSSDBType dbType, const char *appName, |
518 const char *filename, const char *dbname, | 439 const char *filename, const char *dbname, |
519 char *args, PRBool rw) | 440 char *args, PRBool rw) |
520 { | 441 { |
521 /* SHDB_FIXME implement */ | 442 /* SHDB_FIXME implement */ |
522 FILE *fd = NULL; | 443 FILE *fd = NULL; |
523 FILE *fd2 = NULL; | 444 FILE *fd2 = NULL; |
524 char line[MAX_LINE_LENGTH]; | 445 char line[MAX_LINE_LENGTH]; |
525 char *dbname2 = NULL; | 446 char *dbname2 = NULL; |
526 char *block = NULL; | 447 char *block = NULL; |
527 char *name = NULL; | 448 char *name = NULL; |
528 char *lib = NULL; | 449 char *lib = NULL; |
529 int name_len, lib_len; | 450 int name_len, lib_len; |
530 PRBool skip = PR_FALSE; | 451 PRBool skip = PR_FALSE; |
531 PRBool found = PR_FALSE; | 452 PRBool found = PR_FALSE; |
532 | 453 |
533 if (dbname == NULL) { | 454 if (dbname == NULL) { |
534 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 455 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
535 return SECFailure; | 456 return SECFailure; |
536 } | 457 } |
537 | 458 |
538 if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) { | |
539 return sftkdbCall_DeleteSecmodDB(appName, filename, dbname, args, rw); | |
540 } | |
541 | |
542 if (!rw) { | 459 if (!rw) { |
543 PORT_SetError(SEC_ERROR_READ_ONLY); | 460 PORT_SetError(SEC_ERROR_READ_ONLY); |
544 return SECFailure; | 461 return SECFailure; |
545 } | 462 } |
546 | 463 |
547 dbname2 = strdup(dbname); | 464 dbname2 = PORT_Strdup(dbname); |
548 if (dbname2 == NULL) goto loser; | 465 if (dbname2 == NULL) goto loser; |
549 dbname2[strlen(dbname)-1]++; | 466 dbname2[strlen(dbname)-1]++; |
550 | 467 |
551 /* do we really want to use streams here */ | 468 /* do we really want to use streams here */ |
552 fd = fopen(dbname, "r"); | 469 fd = fopen(dbname, "r"); |
553 if (fd == NULL) goto loser; | 470 if (fd == NULL) goto loser; |
554 #ifdef WINCE | 471 #ifdef WINCE |
555 fd2 = fopen(dbname2, "w+"); | 472 fd2 = fopen(dbname2, "w+"); |
556 #else | 473 #else |
557 fd2 = lfopen(dbname2, "w+", O_CREAT|O_RDWR|O_TRUNC); | 474 fd2 = lfopen(dbname2, "w+", O_CREAT|O_RDWR|O_TRUNC); |
558 #endif | 475 #endif |
559 if (fd2 == NULL) goto loser; | 476 if (fd2 == NULL) goto loser; |
560 | 477 |
561 name = sftk_argGetParamValue("name",args); | 478 name = NSSUTIL_ArgGetParamValue("name",args); |
562 if (name) { | 479 if (name) { |
563 name_len = PORT_Strlen(name); | 480 name_len = PORT_Strlen(name); |
564 } | 481 } |
565 lib = sftk_argGetParamValue("library",args); | 482 lib = NSSUTIL_ArgGetParamValue("library",args); |
566 if (lib) { | 483 if (lib) { |
567 lib_len = PORT_Strlen(lib); | 484 lib_len = PORT_Strlen(lib); |
568 } | 485 } |
569 | 486 |
570 | 487 |
571 /* | 488 /* |
572 * the following loop takes line separated config files and collapses | 489 * the following loop takes line separated config files and collapses |
573 * the lines to a single string, escaping and quoting as necessary. | 490 * the lines to a single string, escaping and quoting as necessary. |
574 */ | 491 */ |
575 /* loop state variables */ | 492 /* loop state variables */ |
(...skipping 16 matching lines...) Expand all Loading... |
592 /* yup, we don't need to save any more data, */ | 509 /* yup, we don't need to save any more data, */ |
593 PORT_Free(block); | 510 PORT_Free(block); |
594 block=NULL; | 511 block=NULL; |
595 /* we don't need to collect more of this block */ | 512 /* we don't need to collect more of this block */ |
596 skip = PR_TRUE; | 513 skip = PR_TRUE; |
597 /* we don't need to continue searching for the block */ | 514 /* we don't need to continue searching for the block */ |
598 found =PR_TRUE; | 515 found =PR_TRUE; |
599 continue; | 516 continue; |
600 } | 517 } |
601 /* not our match, continue to collect data in this block */ | 518 /* not our match, continue to collect data in this block */ |
602 » block = sftkdb_DupCat(block,line); | 519 » block = nssutil_DupCat(block,line); |
603 continue; | 520 continue; |
604 } | 521 } |
605 /* we've collected a block of data that wasn't the module we were | 522 /* we've collected a block of data that wasn't the module we were |
606 * looking for, write it out */ | 523 * looking for, write it out */ |
607 if (block) { | 524 if (block) { |
608 fwrite(block, PORT_Strlen(block), 1, fd2); | 525 fwrite(block, PORT_Strlen(block), 1, fd2); |
609 PORT_Free(block); | 526 PORT_Free(block); |
610 block = NULL; | 527 block = NULL; |
611 } | 528 } |
612 /* If we didn't just delete the this block, keep the blank line */ | 529 /* If we didn't just delete the this block, keep the blank line */ |
(...skipping 30 matching lines...) Expand all Loading... |
643 PORT_Free(dbname2); | 560 PORT_Free(dbname2); |
644 } | 561 } |
645 PORT_Free(lib); | 562 PORT_Free(lib); |
646 PORT_Free(name); | 563 PORT_Free(name); |
647 return SECFailure; | 564 return SECFailure; |
648 } | 565 } |
649 | 566 |
650 /* | 567 /* |
651 * Add a module to the Data base | 568 * Add a module to the Data base |
652 */ | 569 */ |
653 SECStatus | 570 static SECStatus |
654 sftkdb_AddSecmodDB(SDBType dbType, const char *appName, | 571 nssutil_AddSecmodDB(NSSDBType dbType, const char *appName, |
655 const char *filename, const char *dbname, | 572 const char *filename, const char *dbname, |
656 char *module, PRBool rw) | 573 char *module, PRBool rw) |
657 { | 574 { |
658 FILE *fd = NULL; | 575 FILE *fd = NULL; |
659 char *block = NULL; | 576 char *block = NULL; |
660 PRBool libFound = PR_FALSE; | 577 PRBool libFound = PR_FALSE; |
661 | 578 |
662 if (dbname == NULL) { | 579 if (dbname == NULL) { |
663 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 580 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
664 return SECFailure; | 581 return SECFailure; |
665 } | 582 } |
666 | 583 |
667 if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) { | |
668 return sftkdbCall_AddSecmodDB(appName, filename, dbname, module, rw); | |
669 } | |
670 | |
671 /* can't write to a read only module */ | 584 /* can't write to a read only module */ |
672 if (!rw) { | 585 if (!rw) { |
673 PORT_SetError(SEC_ERROR_READ_ONLY); | 586 PORT_SetError(SEC_ERROR_READ_ONLY); |
674 return SECFailure; | 587 return SECFailure; |
675 } | 588 } |
676 | 589 |
677 /* remove the previous version if it exists */ | 590 /* remove the previous version if it exists */ |
678 (void) sftkdb_DeleteSecmodDB(dbType, appName, filename, dbname, module, rw); | 591 (void) nssutil_DeleteSecmodDB(dbType, appName, filename, |
| 592 » » » » dbname, module, rw); |
679 | 593 |
680 #ifdef WINCE | 594 #ifdef WINCE |
681 fd = fopen(dbname, "a+"); | 595 fd = fopen(dbname, "a+"); |
682 #else | 596 #else |
683 fd = lfopen(dbname, "a+", O_CREAT|O_RDWR|O_APPEND); | 597 fd = lfopen(dbname, "a+", O_CREAT|O_RDWR|O_APPEND); |
684 #endif | 598 #endif |
685 if (fd == NULL) { | 599 if (fd == NULL) { |
686 return SECFailure; | 600 return SECFailure; |
687 } | 601 } |
688 module = sftk_argStrip(module); | 602 module = NSSUTIL_ArgStrip(module); |
689 while (*module) { | 603 while (*module) { |
690 int count; | 604 int count; |
691 char *keyEnd = PORT_Strchr(module,'='); | 605 char *keyEnd = PORT_Strchr(module,'='); |
692 char *value; | 606 char *value; |
693 | 607 |
694 if (PORT_Strncmp(module, "library=", 8) == 0) { | 608 if (PORT_Strncmp(module, "library=", 8) == 0) { |
695 libFound=PR_TRUE; | 609 libFound=PR_TRUE; |
696 } | 610 } |
697 if (keyEnd == NULL) { | 611 if (keyEnd == NULL) { |
698 » block = sftkdb_DupCat(block, module); | 612 » block = nssutil_DupCat(block, module); |
699 break; | 613 break; |
700 } | 614 } |
701 » block = sftkdb_DupnCat(block, module, keyEnd-module+1); | 615 » block = nssutil_DupnCat(block, module, keyEnd-module+1); |
702 if (block == NULL) { goto loser; } | 616 if (block == NULL) { goto loser; } |
703 » value = sftk_argFetchValue(&keyEnd[1], &count); | 617 » value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count); |
704 if (value) { | 618 if (value) { |
705 » block = sftkdb_DupCat(block, sftk_argStrip(value)); | 619 » block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value)); |
706 PORT_Free(value); | 620 PORT_Free(value); |
707 } | 621 } |
708 if (block == NULL) { goto loser; } | 622 if (block == NULL) { goto loser; } |
709 » block = sftkdb_DupnCat(block, "\n", 1); | 623 » block = nssutil_DupnCat(block, "\n", 1); |
710 module = keyEnd + 1 + count; | 624 module = keyEnd + 1 + count; |
711 » module = sftk_argStrip(module); | 625 » module = NSSUTIL_ArgStrip(module); |
712 } | 626 } |
713 if (block) { | 627 if (block) { |
714 if (!libFound) { | 628 if (!libFound) { |
715 fprintf(fd,"library=\n"); | 629 fprintf(fd,"library=\n"); |
716 } | 630 } |
717 fwrite(block, PORT_Strlen(block), 1, fd); | 631 fwrite(block, PORT_Strlen(block), 1, fd); |
718 fprintf(fd,"\n"); | 632 fprintf(fd,"\n"); |
719 PORT_Free(block); | 633 PORT_Free(block); |
720 block = NULL; | 634 block = NULL; |
721 } | 635 } |
722 fclose(fd); | 636 fclose(fd); |
723 return SECSuccess; | 637 return SECSuccess; |
724 | 638 |
725 loser: | 639 loser: |
726 PORT_Free(block); | 640 PORT_Free(block); |
727 fclose(fd); | 641 fclose(fd); |
728 return SECFailure; | 642 return SECFailure; |
729 } | 643 } |
730 | 644 |
731 | 645 |
| 646 char ** |
| 647 NSSUTIL_DoModuleDBFunction(unsigned long function,char *parameters, void *args) |
| 648 { |
| 649 char *secmod = NULL; |
| 650 char *appName = NULL; |
| 651 char *filename = NULL; |
| 652 NSSDBType dbType = NSS_DB_TYPE_NONE; |
| 653 PRBool rw; |
| 654 static char *success="Success"; |
| 655 char **rvstr = NULL; |
| 656 |
| 657 |
| 658 secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName, |
| 659 &filename, &rw); |
| 660 if ((dbType == NSS_DB_TYPE_LEGACY) || |
| 661 (dbType == NSS_DB_TYPE_MULTIACCESS)) { |
| 662 /* we can't handle the old database, only softoken can */ |
| 663 PORT_SetError(SEC_ERROR_LEGACY_DATABASE); |
| 664 rvstr = NULL; |
| 665 goto done; |
| 666 } |
| 667 |
| 668 switch (function) { |
| 669 case SECMOD_MODULE_DB_FUNCTION_FIND: |
| 670 rvstr = nssutil_ReadSecmodDB(dbType,appName,filename, |
| 671 secmod,(char *)parameters,rw); |
| 672 break; |
| 673 case SECMOD_MODULE_DB_FUNCTION_ADD: |
| 674 rvstr = (nssutil_AddSecmodDB(dbType,appName,filename, |
| 675 secmod,(char *)args,rw) == SECSuccess) ? &success: NULL; |
| 676 break; |
| 677 case SECMOD_MODULE_DB_FUNCTION_DEL: |
| 678 rvstr = (nssutil_DeleteSecmodDB(dbType,appName,filename, |
| 679 secmod,(char *)args,rw) == SECSuccess) ? &success: NULL; |
| 680 break; |
| 681 case SECMOD_MODULE_DB_FUNCTION_RELEASE: |
| 682 rvstr = (nssutil_ReleaseSecmodDBData(dbType, appName,filename, |
| 683 secmod, (char **)args,rw) == SECSuccess) ? &success: NULL; |
| 684 break; |
| 685 } |
| 686 done: |
| 687 if (secmod) PR_smprintf_free(secmod); |
| 688 if (appName) PORT_Free(appName); |
| 689 if (filename) PORT_Free(filename); |
| 690 return rvstr; |
| 691 } |
OLD | NEW |