OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * The following handles the loading, unloading and management of | 5 * The following code handles the storage of PKCS 11 modules used by the |
6 * various PCKS #11 modules | 6 * NSS. This file is written to abstract away how the modules are |
| 7 * stored so we can decide that later. |
7 */ | 8 */ |
8 | 9 #include "secport.h" |
| 10 #include "prprf.h" |
| 11 #include "prenv.h" |
| 12 #include "utilpars.h" |
| 13 #include "utilmodt.h" |
9 | 14 |
10 /* | 15 /* |
11 * this header file contains routines for parsing PKCS #11 module spec | 16 * return the expected matching quote value for the one specified |
12 * strings. It contains 'C' code and should only be included in one module. | |
13 * Currently it is included in both softoken and the wrapper. | |
14 */ | 17 */ |
15 #include <ctype.h> | 18 PRBool NSSUTIL_ArgGetPair(char c) { |
16 #include "pkcs11.h" | |
17 #include "seccomon.h" | |
18 #include "prprf.h" | |
19 #include "secmodt.h" | |
20 #include "pk11init.h" | |
21 | |
22 #define SECMOD_ARG_LIBRARY_PARAMETER "library=" | |
23 #define SECMOD_ARG_NAME_PARAMETER "name=" | |
24 #define SECMOD_ARG_MODULE_PARAMETER "parameters=" | |
25 #define SECMOD_ARG_NSS_PARAMETER "NSS=" | |
26 #define SECMOD_ARG_FORTEZZA_FLAG "FORTEZZA" | |
27 #define SECMOD_ARG_ESCAPE '\\' | |
28 | |
29 struct secmodargSlotFlagTable { | |
30 char *name; | |
31 int len; | |
32 unsigned long value; | |
33 }; | |
34 | |
35 #define SECMOD_DEFAULT_CIPHER_ORDER 0 | |
36 #define SECMOD_DEFAULT_TRUST_ORDER 50 | |
37 | |
38 | |
39 #define SECMOD_ARG_ENTRY(arg,flag) \ | |
40 { #arg , sizeof(#arg)-1, flag } | |
41 static struct secmodargSlotFlagTable secmod_argSlotFlagTable[] = { | |
42 » SECMOD_ARG_ENTRY(RSA,SECMOD_RSA_FLAG), | |
43 » SECMOD_ARG_ENTRY(DSA,SECMOD_RSA_FLAG), | |
44 » SECMOD_ARG_ENTRY(RC2,SECMOD_RC4_FLAG), | |
45 » SECMOD_ARG_ENTRY(RC4,SECMOD_RC2_FLAG), | |
46 » SECMOD_ARG_ENTRY(DES,SECMOD_DES_FLAG), | |
47 » SECMOD_ARG_ENTRY(DH,SECMOD_DH_FLAG), | |
48 » SECMOD_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG), | |
49 » SECMOD_ARG_ENTRY(RC5,SECMOD_RC5_FLAG), | |
50 » SECMOD_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG), | |
51 » SECMOD_ARG_ENTRY(MD5,SECMOD_MD5_FLAG), | |
52 » SECMOD_ARG_ENTRY(MD2,SECMOD_MD2_FLAG), | |
53 » SECMOD_ARG_ENTRY(SSL,SECMOD_SSL_FLAG), | |
54 » SECMOD_ARG_ENTRY(TLS,SECMOD_TLS_FLAG), | |
55 » SECMOD_ARG_ENTRY(AES,SECMOD_AES_FLAG), | |
56 » SECMOD_ARG_ENTRY(Camellia,SECMOD_CAMELLIA_FLAG), | |
57 » SECMOD_ARG_ENTRY(SEED,SECMOD_SEED_FLAG), | |
58 » SECMOD_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG), | |
59 » SECMOD_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG), | |
60 » SECMOD_ARG_ENTRY(Disable, PK11_DISABLE_FLAG), | |
61 }; | |
62 | |
63 #define SECMOD_HANDLE_STRING_ARG(param,target,value,command) \ | |
64 if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \ | |
65 » param += sizeof(value)-1; \ | |
66 » if (target) PORT_Free(target); \ | |
67 » target = secmod_argFetchValue(param,&next); \ | |
68 » param += next; \ | |
69 » command ;\ | |
70 } else | |
71 | |
72 #define SECMOD_HANDLE_FINAL_ARG(param) \ | |
73 { param = secmod_argSkipParameter(param); } param = secmod_argStrip(param); | |
74 » | |
75 | |
76 static int secmod_argSlotFlagTableSize = | |
77 » sizeof(secmod_argSlotFlagTable)/sizeof(secmod_argSlotFlagTable[0]); | |
78 | |
79 | |
80 static PRBool secmod_argGetPair(char c) { | |
81 switch (c) { | 19 switch (c) { |
82 case '\'': return c; | 20 case '\'': return c; |
83 case '\"': return c; | 21 case '\"': return c; |
84 case '<': return '>'; | 22 case '<': return '>'; |
85 case '{': return '}'; | 23 case '{': return '}'; |
86 case '[': return ']'; | 24 case '[': return ']'; |
87 case '(': return ')'; | 25 case '(': return ')'; |
88 default: break; | 26 default: break; |
89 } | 27 } |
90 return ' '; | 28 return ' '; |
91 } | 29 } |
92 | 30 |
93 static PRBool secmod_argIsBlank(char c) { | 31 PRBool NSSUTIL_ArgIsBlank(char c) { |
94 return isspace((unsigned char )c); | 32 return isspace((unsigned char )c); |
95 } | 33 } |
96 | 34 |
97 static PRBool secmod_argIsEscape(char c) { | 35 PRBool NSSUTIL_ArgIsEscape(char c) { |
98 return c == '\\'; | 36 return c == '\\'; |
99 } | 37 } |
100 | 38 |
101 static PRBool secmod_argIsQuote(char c) { | 39 PRBool NSSUTIL_ArgIsQuote(char c) { |
102 switch (c) { | 40 switch (c) { |
103 case '\'': | 41 case '\'': |
104 case '\"': | 42 case '\"': |
105 case '<': | 43 case '<': |
106 case '{': /* } end curly to keep vi bracket matching working */ | 44 case '{': /* } end curly to keep vi bracket matching working */ |
107 case '(': /* ) */ | 45 case '(': /* ) */ |
108 case '[': /* ] */ return PR_TRUE; | 46 case '[': /* ] */ return PR_TRUE; |
109 default: break; | 47 default: break; |
110 } | 48 } |
111 return PR_FALSE; | 49 return PR_FALSE; |
112 } | 50 } |
113 | 51 |
114 static PRBool secmod_argHasChar(char *v, char c) | 52 char *NSSUTIL_ArgStrip(char *c) { |
115 { | 53 while (*c && NSSUTIL_ArgIsBlank(*c)) c++; |
116 for ( ;*v; v++) { | |
117 » if (*v == c) return PR_TRUE; | |
118 } | |
119 return PR_FALSE; | |
120 } | |
121 | |
122 static PRBool secmod_argHasBlanks(char *v) | |
123 { | |
124 for ( ;*v; v++) { | |
125 » if (secmod_argIsBlank(*v)) return PR_TRUE; | |
126 } | |
127 return PR_FALSE; | |
128 } | |
129 | |
130 static char *secmod_argStrip(char *c) { | |
131 while (*c && secmod_argIsBlank(*c)) c++; | |
132 return c; | 54 return c; |
133 } | 55 } |
134 | 56 |
135 static char * | 57 /* |
136 secmod_argFindEnd(char *string) { | 58 * find the end of the current tag/value pair. string should be pointing just |
| 59 * after the equal sign. Handles quoted characters. |
| 60 */ |
| 61 char * |
| 62 NSSUTIL_ArgFindEnd(char *string) { |
137 char endChar = ' '; | 63 char endChar = ' '; |
138 PRBool lastEscape = PR_FALSE; | 64 PRBool lastEscape = PR_FALSE; |
139 | 65 |
140 if (secmod_argIsQuote(*string)) { | 66 if (NSSUTIL_ArgIsQuote(*string)) { |
141 » endChar = secmod_argGetPair(*string); | 67 » endChar = NSSUTIL_ArgGetPair(*string); |
142 string++; | 68 string++; |
143 } | 69 } |
144 | 70 |
145 for (;*string; string++) { | 71 for (;*string; string++) { |
146 if (lastEscape) { | 72 if (lastEscape) { |
147 lastEscape = PR_FALSE; | 73 lastEscape = PR_FALSE; |
148 continue; | 74 continue; |
149 } | 75 } |
150 » if (secmod_argIsEscape(*string) && !lastEscape) { | 76 » if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) { |
151 lastEscape = PR_TRUE; | 77 lastEscape = PR_TRUE; |
152 continue; | 78 continue; |
153 } | 79 } |
154 » if ((endChar == ' ') && secmod_argIsBlank(*string)) break; | 80 » if ((endChar == ' ') && NSSUTIL_ArgIsBlank(*string)) break; |
155 if (*string == endChar) { | 81 if (*string == endChar) { |
156 break; | 82 break; |
157 } | 83 } |
158 } | 84 } |
159 | 85 |
160 return string; | 86 return string; |
161 } | 87 } |
162 | 88 |
163 static char * | 89 /* |
164 secmod_argFetchValue(char *string, int *pcount) | 90 * get the value pointed to by string. string should be pointing just beyond |
| 91 * the equal sign. |
| 92 */ |
| 93 char * |
| 94 NSSUTIL_ArgFetchValue(char *string, int *pcount) |
165 { | 95 { |
166 char *end = secmod_argFindEnd(string); | 96 char *end = NSSUTIL_ArgFindEnd(string); |
167 char *retString, *copyString; | 97 char *retString, *copyString; |
168 PRBool lastEscape = PR_FALSE; | 98 PRBool lastEscape = PR_FALSE; |
169 int len; | 99 int len; |
170 | 100 |
171 len = end - string; | 101 len = end - string; |
172 if (len == 0) { | 102 if (len == 0) { |
173 *pcount = 0; | 103 *pcount = 0; |
174 return NULL; | 104 return NULL; |
175 } | 105 } |
176 | 106 |
177 copyString = retString = (char *)PORT_Alloc(len+1); | 107 copyString = retString = (char *)PORT_Alloc(len+1); |
178 | 108 |
179 if (*end) len++; | 109 if (*end) len++; |
180 *pcount = len; | 110 *pcount = len; |
181 if (retString == NULL) return NULL; | 111 if (retString == NULL) return NULL; |
182 | 112 |
183 | 113 |
184 if (secmod_argIsQuote(*string)) string++; | 114 if (NSSUTIL_ArgIsQuote(*string)) string++; |
185 for (; string < end; string++) { | 115 for (; string < end; string++) { |
186 » if (secmod_argIsEscape(*string) && !lastEscape) { | 116 » if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) { |
187 lastEscape = PR_TRUE; | 117 lastEscape = PR_TRUE; |
188 continue; | 118 continue; |
189 } | 119 } |
190 lastEscape = PR_FALSE; | 120 lastEscape = PR_FALSE; |
191 *copyString++ = *string; | 121 *copyString++ = *string; |
192 } | 122 } |
193 *copyString = 0; | 123 *copyString = 0; |
194 return retString; | 124 return retString; |
195 } | 125 } |
196 | 126 |
197 static char * | 127 /* |
198 secmod_argSkipParameter(char *string) | 128 * point to the next parameter in string |
| 129 */ |
| 130 char * |
| 131 NSSUTIL_ArgSkipParameter(char *string) |
199 { | 132 { |
200 char *end; | 133 char *end; |
201 /* look for the end of the <name>= */ | 134 /* look for the end of the <name>= */ |
202 for (;*string; string++) { | 135 for (;*string; string++) { |
203 if (*string == '=') { string++; break; } | 136 if (*string == '=') { string++; break; } |
204 » if (secmod_argIsBlank(*string)) return(string); | 137 » if (NSSUTIL_ArgIsBlank(*string)) return(string); |
205 } | 138 } |
206 | 139 |
207 end = secmod_argFindEnd(string); | 140 end = NSSUTIL_ArgFindEnd(string); |
208 if (*end) end++; | 141 if (*end) end++; |
209 return end; | 142 return end; |
210 } | 143 } |
211 | 144 |
212 | 145 /* |
213 static SECStatus | 146 * get the value from that tag value pair. |
214 secmod_argParseModuleSpec(char *modulespec, char **lib, char **mod, | 147 */ |
215 » » » » » char **parameters, char **nss) | 148 char * |
216 { | 149 NSSUTIL_ArgGetParamValue(char *paramName,char *parameters) |
217 int next; | |
218 modulespec = secmod_argStrip(modulespec); | |
219 | |
220 *lib = *mod = *parameters = *nss = 0; | |
221 | |
222 while (*modulespec) { | |
223 » SECMOD_HANDLE_STRING_ARG(modulespec,*lib,SECMOD_ARG_LIBRARY_PARAMETER,;) | |
224 » SECMOD_HANDLE_STRING_ARG(modulespec,*mod,SECMOD_ARG_NAME_PARAMETER,;) | |
225 » SECMOD_HANDLE_STRING_ARG(modulespec,*parameters, | |
226 » » » » » » SECMOD_ARG_MODULE_PARAMETER,;) | |
227 » SECMOD_HANDLE_STRING_ARG(modulespec,*nss,SECMOD_ARG_NSS_PARAMETER,;) | |
228 » SECMOD_HANDLE_FINAL_ARG(modulespec) | |
229 } | |
230 return SECSuccess; | |
231 } | |
232 | |
233 | |
234 static char * | |
235 secmod_argGetParamValue(char *paramName,char *parameters) | |
236 { | 150 { |
237 char searchValue[256]; | 151 char searchValue[256]; |
238 int paramLen = strlen(paramName); | 152 int paramLen = strlen(paramName); |
239 char *returnValue = NULL; | 153 char *returnValue = NULL; |
240 int next; | 154 int next; |
241 | 155 |
242 if ((parameters == NULL) || (*parameters == 0)) return NULL; | 156 if ((parameters == NULL) || (*parameters == 0)) return NULL; |
243 | 157 |
244 PORT_Assert(paramLen+2 < sizeof(searchValue)); | 158 PORT_Assert(paramLen+2 < sizeof(searchValue)); |
245 | 159 |
246 PORT_Strcpy(searchValue,paramName); | 160 PORT_Strcpy(searchValue,paramName); |
247 PORT_Strcat(searchValue,"="); | 161 PORT_Strcat(searchValue,"="); |
248 while (*parameters) { | 162 while (*parameters) { |
249 if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) { | 163 if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) { |
250 parameters += paramLen+1; | 164 parameters += paramLen+1; |
251 » returnValue = secmod_argFetchValue(parameters,&next); | 165 » returnValue = NSSUTIL_ArgFetchValue(parameters,&next); |
252 break; | 166 break; |
253 } else { | 167 } else { |
254 » parameters = secmod_argSkipParameter(parameters); | 168 » parameters = NSSUTIL_ArgSkipParameter(parameters); |
255 } | 169 } |
256 » parameters = secmod_argStrip(parameters); | 170 » parameters = NSSUTIL_ArgStrip(parameters); |
257 } | 171 } |
258 return returnValue; | 172 return returnValue; |
259 } | 173 } |
260 | 174 |
261 | 175 /* |
262 static char * | 176 * find the next flag in the parameter list |
263 secmod_argNextFlag(char *flags) | 177 */ |
| 178 char * |
| 179 NSSUTIL_ArgNextFlag(char *flags) |
264 { | 180 { |
265 for (; *flags ; flags++) { | 181 for (; *flags ; flags++) { |
266 if (*flags == ',') { | 182 if (*flags == ',') { |
267 flags++; | 183 flags++; |
268 break; | 184 break; |
269 } | 185 } |
270 } | 186 } |
271 return flags; | 187 return flags; |
272 } | 188 } |
273 | 189 |
274 static PRBool | 190 /* |
275 secmod_argHasFlag(char *label, char *flag, char *parameters) | 191 * return true if the flag is set in the label parameter. |
| 192 */ |
| 193 PRBool |
| 194 NSSUTIL_ArgHasFlag(char *label, char *flag, char *parameters) |
276 { | 195 { |
277 char *flags,*index; | 196 char *flags,*index; |
278 int len = strlen(flag); | 197 int len = strlen(flag); |
279 PRBool found = PR_FALSE; | 198 PRBool found = PR_FALSE; |
280 | 199 |
281 flags = secmod_argGetParamValue(label,parameters); | 200 flags = NSSUTIL_ArgGetParamValue(label,parameters); |
282 if (flags == NULL) return PR_FALSE; | 201 if (flags == NULL) return PR_FALSE; |
283 | 202 |
284 for (index=flags; *index; index=secmod_argNextFlag(index)) { | 203 for (index=flags; *index; index=NSSUTIL_ArgNextFlag(index)) { |
285 if (PORT_Strncasecmp(index,flag,len) == 0) { | 204 if (PORT_Strncasecmp(index,flag,len) == 0) { |
286 found=PR_TRUE; | 205 found=PR_TRUE; |
287 break; | 206 break; |
288 } | 207 } |
289 } | 208 } |
290 PORT_Free(flags); | 209 PORT_Free(flags); |
291 return found; | 210 return found; |
292 } | 211 } |
293 | 212 |
294 static void | |
295 secmod_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList) | |
296 { | |
297 newCiphers[0] = newCiphers[1] = 0; | |
298 if ((cipherList == NULL) || (*cipherList == 0)) return; | |
299 | |
300 for (;*cipherList; cipherList=secmod_argNextFlag(cipherList)) { | |
301 if (PORT_Strncasecmp(cipherList,SECMOD_ARG_FORTEZZA_FLAG, | |
302 sizeof(SECMOD_ARG_FORTEZZA_FLAG)-1) == 0) { | |
303 newCiphers[0] |= SECMOD_FORTEZZA_FLAG; | |
304 } | |
305 | |
306 /* add additional flags here as necessary */ | |
307 /* direct bit mapping escape */ | |
308 if (*cipherList == 0) { | |
309 if (cipherList[1] == 'l') { | |
310 newCiphers[1] |= atoi(&cipherList[2]); | |
311 } else { | |
312 newCiphers[0] |= atoi(&cipherList[2]); | |
313 } | |
314 } | |
315 } | |
316 } | |
317 | |
318 | |
319 /* | 213 /* |
320 * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal | 214 * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal |
321 */ | 215 */ |
322 static long | 216 long |
323 secmod_argDecodeNumber(char *num) | 217 NSSUTIL_ArgDecodeNumber(char *num) |
324 { | 218 { |
325 int radix = 10; | 219 int radix = 10; |
326 unsigned long value = 0; | 220 unsigned long value = 0; |
327 long retValue = 0; | 221 long retValue = 0; |
328 int sign = 1; | 222 int sign = 1; |
329 int digit; | 223 int digit; |
330 | 224 |
331 if (num == NULL) return retValue; | 225 if (num == NULL) return retValue; |
332 | 226 |
333 num = secmod_argStrip(num); | 227 num = NSSUTIL_ArgStrip(num); |
334 | 228 |
335 if (*num == '-') { | 229 if (*num == '-') { |
336 sign = -1; | 230 sign = -1; |
337 num++; | 231 num++; |
338 } | 232 } |
339 | 233 |
340 if (*num == '0') { | 234 if (*num == '0') { |
341 radix = 8; | 235 radix = 8; |
342 num++; | 236 num++; |
343 if ((*num == 'x') || (*num == 'X')) { | 237 if ((*num == 'x') || (*num == 'X')) { |
(...skipping 14 matching lines...) Expand all Loading... |
358 break; | 252 break; |
359 } | 253 } |
360 if (digit >= radix) break; | 254 if (digit >= radix) break; |
361 value = value*radix + digit; | 255 value = value*radix + digit; |
362 } | 256 } |
363 | 257 |
364 retValue = ((int) value) * sign; | 258 retValue = ((int) value) * sign; |
365 return retValue; | 259 return retValue; |
366 } | 260 } |
367 | 261 |
368 static long | 262 /* |
369 secmod_argReadLong(char *label,char *params, long defValue, PRBool *isdefault) | 263 * parameters are tag value pairs. This function returns the tag or label (the |
370 { | 264 * value before the equal size. |
371 char *value; | 265 */ |
372 long retValue; | 266 char * |
373 if (isdefault) *isdefault = PR_FALSE; | 267 NSSUTIL_ArgGetLabel(char *inString, int *next) |
374 | |
375 value = secmod_argGetParamValue(label,params); | |
376 if (value == NULL) { | |
377 » if (isdefault) *isdefault = PR_TRUE; | |
378 » return defValue; | |
379 } | |
380 retValue = secmod_argDecodeNumber(value); | |
381 if (value) PORT_Free(value); | |
382 | |
383 return retValue; | |
384 } | |
385 | |
386 | |
387 static unsigned long | |
388 secmod_argSlotFlags(char *label,char *params) | |
389 { | |
390 char *flags,*index; | |
391 unsigned long retValue = 0; | |
392 int i; | |
393 PRBool all = PR_FALSE; | |
394 | |
395 flags = secmod_argGetParamValue(label,params); | |
396 if (flags == NULL) return 0; | |
397 | |
398 if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE; | |
399 | |
400 for (index=flags; *index; index=secmod_argNextFlag(index)) { | |
401 » for (i=0; i < secmod_argSlotFlagTableSize; i++) { | |
402 » if (all || (PORT_Strncasecmp(index, secmod_argSlotFlagTable[i].name, | |
403 » » » » secmod_argSlotFlagTable[i].len) == 0)) { | |
404 » » retValue |= secmod_argSlotFlagTable[i].value; | |
405 » } | |
406 » } | |
407 } | |
408 PORT_Free(flags); | |
409 return retValue; | |
410 } | |
411 | |
412 | |
413 static void | |
414 secmod_argDecodeSingleSlotInfo(char *name, char *params, | |
415 PK11PreSlotInfo *slotInfo) | |
416 { | |
417 char *askpw; | |
418 | |
419 slotInfo->slotID=secmod_argDecodeNumber(name); | |
420 slotInfo->defaultFlags=secmod_argSlotFlags("slotFlags",params); | |
421 slotInfo->timeout=secmod_argReadLong("timeout",params, 0, NULL); | |
422 | |
423 askpw = secmod_argGetParamValue("askpw",params); | |
424 slotInfo->askpw = 0; | |
425 | |
426 if (askpw) { | |
427 » if (PORT_Strcasecmp(askpw,"every") == 0) { | |
428 » slotInfo->askpw = -1; | |
429 » } else if (PORT_Strcasecmp(askpw,"timeout") == 0) { | |
430 » slotInfo->askpw = 1; | |
431 » } | |
432 » PORT_Free(askpw); | |
433 » slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS; | |
434 } | |
435 slotInfo->hasRootCerts = secmod_argHasFlag("rootFlags", "hasRootCerts", | |
436 params); | |
437 slotInfo->hasRootTrust = secmod_argHasFlag("rootFlags", "hasRootTrust", | |
438 params); | |
439 } | |
440 | |
441 static char * | |
442 secmod_argGetName(char *inString, int *next) | |
443 { | 268 { |
444 char *name=NULL; | 269 char *name=NULL; |
445 char *string; | 270 char *string; |
446 int len; | 271 int len; |
447 | 272 |
448 /* look for the end of the <name>= */ | 273 /* look for the end of the <label>= */ |
449 for (string = inString;*string; string++) { | 274 for (string = inString;*string; string++) { |
450 if (*string == '=') { break; } | 275 if (*string == '=') { break; } |
451 » if (secmod_argIsBlank(*string)) break; | 276 » if (NSSUTIL_ArgIsBlank(*string)) break; |
452 } | 277 } |
453 | 278 |
454 len = string - inString; | 279 len = string - inString; |
455 | 280 |
456 *next = len; | 281 *next = len; |
457 if (*string == '=') (*next) += 1; | 282 if (*string == '=') (*next) += 1; |
458 if (len > 0) { | 283 if (len > 0) { |
459 name = PORT_Alloc(len+1); | 284 name = PORT_Alloc(len+1); |
460 PORT_Strncpy(name,inString,len); | 285 PORT_Strncpy(name,inString,len); |
461 name[len] = 0; | 286 name[len] = 0; |
462 } | 287 } |
463 return name; | 288 return name; |
464 } | 289 } |
465 | 290 |
466 static PK11PreSlotInfo * | 291 /* |
467 secmod_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) | 292 * read an argument at a Long integer |
| 293 */ |
| 294 long |
| 295 NSSUTIL_ArgReadLong(char *label,char *params, long defValue, PRBool *isdefault) |
468 { | 296 { |
469 char *slotIndex; | 297 char *value; |
470 PK11PreSlotInfo *slotInfo = NULL; | 298 long retValue; |
471 int i=0,count = 0,next; | 299 if (isdefault) *isdefault = PR_FALSE; |
472 | 300 |
473 *retCount = 0; | 301 value = NSSUTIL_ArgGetParamValue(label,params); |
474 if ((slotParams == NULL) || (*slotParams == 0)) return NULL; | 302 if (value == NULL) { |
| 303 » if (isdefault) *isdefault = PR_TRUE; |
| 304 » return defValue; |
| 305 } |
| 306 retValue = NSSUTIL_ArgDecodeNumber(value); |
| 307 if (value) PORT_Free(value); |
475 | 308 |
476 /* first count the number of slots */ | 309 return retValue; |
477 for (slotIndex = secmod_argStrip(slotParams); *slotIndex; | 310 } |
478 » slotIndex = secmod_argStrip(secmod_argSkipParameter(slotIndex))) { | 311 |
479 » count++; | 312 |
| 313 /* |
| 314 * prepare a string to be quoted with 'quote' marks. We do that by adding |
| 315 * appropriate escapes. |
| 316 */ |
| 317 static int |
| 318 nssutil_escapeQuotesSize(const char *string, char quote, PRBool addquotes) |
| 319 { |
| 320 int escapes = 0, size = 0; |
| 321 const char *src; |
| 322 |
| 323 size= addquotes ? 2 : 0; |
| 324 for (src=string; *src ; src++) { |
| 325 » if ((*src == quote) || (*src == '\\')) escapes++; |
| 326 » size++; |
| 327 } |
| 328 return size+escapes+1; |
| 329 |
| 330 } |
| 331 |
| 332 static char * |
| 333 nssutil_escapeQuotes(const char *string, char quote, PRBool addquotes) |
| 334 { |
| 335 char *newString = 0; |
| 336 int size = 0; |
| 337 const char *src; |
| 338 char *dest; |
| 339 |
| 340 size = nssutil_escapeQuotesSize(string, quote, addquotes); |
| 341 |
| 342 dest = newString = PORT_ZAlloc(size+2); |
| 343 if (newString == NULL) { |
| 344 » return NULL; |
480 } | 345 } |
481 | 346 |
482 /* get the data structures */ | 347 if (addquotes) *dest++=quote; |
483 if (arena) { | 348 for (src=string; *src; src++,dest++) { |
484 » slotInfo = (PK11PreSlotInfo *) | 349 » if ((*src == '\\') || (*src == quote)) { |
485 » » » PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo)); | 350 » *dest++ = '\\'; |
486 » PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo)); | 351 » } |
487 } else { | 352 » *dest = *src; |
488 » slotInfo = (PK11PreSlotInfo *) | |
489 » » » PORT_ZAlloc(count*sizeof(PK11PreSlotInfo)); | |
490 } | 353 } |
491 if (slotInfo == NULL) return NULL; | 354 if (addquotes) *dest=quote; |
492 | 355 |
493 for (slotIndex = secmod_argStrip(slotParams), i = 0; | 356 return newString; |
494 » » » » » *slotIndex && i < count ; ) { | |
495 » char *name; | |
496 » name = secmod_argGetName(slotIndex,&next); | |
497 » slotIndex += next; | |
498 | |
499 » if (!secmod_argIsBlank(*slotIndex)) { | |
500 » char *args = secmod_argFetchValue(slotIndex,&next); | |
501 » slotIndex += next; | |
502 » if (args) { | |
503 » » secmod_argDecodeSingleSlotInfo(name,args,&slotInfo[i]); | |
504 » » i++; | |
505 » » PORT_Free(args); | |
506 » } | |
507 » } | |
508 » if (name) PORT_Free(name); | |
509 » slotIndex = secmod_argStrip(slotIndex); | |
510 } | |
511 *retCount = i; | |
512 return slotInfo; | |
513 } | 357 } |
514 | 358 |
515 static char *secmod_nullString = ""; | 359 int |
| 360 NSSUTIL_EscapeSize(const char *string, char quote) |
| 361 { |
| 362 return nssutil_escapeQuotesSize(string, quote, PR_FALSE); |
| 363 } |
| 364 |
| 365 char * |
| 366 NSSUTIL_Escape(const char *string, char quote) |
| 367 { |
| 368 return nssutil_escapeQuotes(string, quote, PR_FALSE); |
| 369 } |
| 370 |
| 371 |
| 372 int |
| 373 NSSUTIL_QuoteSize(const char *string, char quote) |
| 374 { |
| 375 return nssutil_escapeQuotesSize(string, quote, PR_TRUE); |
| 376 } |
| 377 |
| 378 char * |
| 379 NSSUTIL_Quote(const char *string, char quote) |
| 380 { |
| 381 return nssutil_escapeQuotes(string, quote, PR_TRUE); |
| 382 } |
| 383 |
| 384 int |
| 385 NSSUTIL_DoubleEscapeSize(const char *string, char quote1, char quote2) |
| 386 { |
| 387 int escapes = 0, size = 0; |
| 388 const char *src; |
| 389 for (src=string; *src ; src++) { |
| 390 if (*src == '\\') escapes+=3; /* \\\\ */ |
| 391 if (*src == quote1) escapes+=2; /* \\quote1 */ |
| 392 if (*src == quote2) escapes++; /* \quote2 */ |
| 393 size++; |
| 394 } |
| 395 |
| 396 return escapes+size+1; |
| 397 } |
| 398 |
| 399 char * |
| 400 NSSUTIL_DoubleEscape(const char *string, char quote1, char quote2) |
| 401 { |
| 402 char *round1 = NULL; |
| 403 char *retValue = NULL; |
| 404 if (string == NULL) { |
| 405 goto done; |
| 406 } |
| 407 round1 = nssutil_escapeQuotes(string, quote1, PR_FALSE); |
| 408 if (round1) { |
| 409 retValue = nssutil_escapeQuotes(round1, quote2, PR_FALSE); |
| 410 PORT_Free(round1); |
| 411 } |
| 412 |
| 413 done: |
| 414 if (retValue == NULL) { |
| 415 retValue = PORT_Strdup(""); |
| 416 } |
| 417 return retValue; |
| 418 } |
| 419 |
| 420 |
| 421 /************************************************************************ |
| 422 * These functions are used in contructing strings. |
| 423 * NOTE: they will always return a string, but sometimes it will return |
| 424 * a specific NULL string. These strings must be freed with util_freePair. |
| 425 */ |
| 426 |
| 427 /* string to return on error... */ |
| 428 static char *nssutil_nullString = ""; |
516 | 429 |
517 static char * | 430 static char * |
518 secmod_formatValue(PRArenaPool *arena, char *value, char quote) | 431 nssutil_formatValue(PRArenaPool *arena, char *value, char quote) |
519 { | 432 { |
520 char *vp,*vp2,*retval; | 433 char *vp,*vp2,*retval; |
521 int size = 0, escapes = 0; | 434 int size = 0, escapes = 0; |
522 | 435 |
523 for (vp=value; *vp ;vp++) { | 436 for (vp=value; *vp ;vp++) { |
524 » if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) escapes++; | 437 » if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) escapes++; |
525 size++; | 438 size++; |
526 } | 439 } |
527 if (arena) { | 440 if (arena) { |
528 retval = PORT_ArenaZAlloc(arena,size+escapes+1); | 441 retval = PORT_ArenaZAlloc(arena,size+escapes+1); |
529 } else { | 442 } else { |
530 retval = PORT_ZAlloc(size+escapes+1); | 443 retval = PORT_ZAlloc(size+escapes+1); |
531 } | 444 } |
532 if (retval == NULL) return NULL; | 445 if (retval == NULL) return NULL; |
533 vp2 = retval; | 446 vp2 = retval; |
534 for (vp=value; *vp; vp++) { | 447 for (vp=value; *vp; vp++) { |
535 » if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) | 448 » if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) |
536 » » » » *vp2++ = SECMOD_ARG_ESCAPE; | 449 » » » » *vp2++ = NSSUTIL_ARG_ESCAPE; |
537 *vp2++ = *vp; | 450 *vp2++ = *vp; |
538 } | 451 } |
539 return retval; | 452 return retval; |
540 } | 453 } |
541 | 454 |
542 static char *secmod_formatPair(char *name,char *value, char quote) | 455 |
| 456 static PRBool nssutil_argHasChar(char *v, char c) |
| 457 { |
| 458 for ( ;*v; v++) { |
| 459 if (*v == c) return PR_TRUE; |
| 460 } |
| 461 return PR_FALSE; |
| 462 } |
| 463 |
| 464 static PRBool nssutil_argHasBlanks(char *v) |
| 465 { |
| 466 for ( ;*v; v++) { |
| 467 if (NSSUTIL_ArgIsBlank(*v)) return PR_TRUE; |
| 468 } |
| 469 return PR_FALSE; |
| 470 } |
| 471 |
| 472 static char * |
| 473 nssutil_formatPair(char *name, char *value, char quote) |
543 { | 474 { |
544 char openQuote = quote; | 475 char openQuote = quote; |
545 char closeQuote = secmod_argGetPair(quote); | 476 char closeQuote = NSSUTIL_ArgGetPair(quote); |
546 char *newValue = NULL; | 477 char *newValue = NULL; |
547 char *returnValue; | 478 char *returnValue; |
548 PRBool need_quote = PR_FALSE; | 479 PRBool need_quote = PR_FALSE; |
549 | 480 |
550 if (!value || (*value == 0)) return secmod_nullString; | 481 if (!value || (*value == 0)) return nssutil_nullString; |
551 | 482 |
552 if (secmod_argHasBlanks(value) || secmod_argIsQuote(value[0])) | 483 if (nssutil_argHasBlanks(value) || NSSUTIL_ArgIsQuote(value[0])) |
553 need_quote=PR_TRUE; | 484 need_quote=PR_TRUE; |
554 | 485 |
555 if ((need_quote && secmod_argHasChar(value,closeQuote)) | 486 if ((need_quote && nssutil_argHasChar(value,closeQuote)) |
556 » » » » || secmod_argHasChar(value,SECMOD_ARG_ESCAPE))
{ | 487 » » » || nssutil_argHasChar(value,NSSUTIL_ARG_ESCAPE)) { |
557 » value = newValue = secmod_formatValue(NULL, value,quote); | 488 » value = newValue = nssutil_formatValue(NULL, value,quote); |
558 » if (newValue == NULL) return secmod_nullString; | 489 » if (newValue == NULL) return nssutil_nullString; |
559 } | 490 } |
560 if (need_quote) { | 491 if (need_quote) { |
561 returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote); | 492 returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote); |
562 } else { | 493 } else { |
563 returnValue = PR_smprintf("%s=%s",name,value); | 494 returnValue = PR_smprintf("%s=%s",name,value); |
564 } | 495 } |
565 if (returnValue == NULL) returnValue = secmod_nullString; | 496 if (returnValue == NULL) returnValue = nssutil_nullString; |
566 | 497 |
567 if (newValue) PORT_Free(newValue); | 498 if (newValue) PORT_Free(newValue); |
568 | 499 |
569 return returnValue; | 500 return returnValue; |
570 } | 501 } |
571 | 502 |
572 static char *secmod_formatIntPair(char *name, unsigned long value, | 503 static char *nssutil_formatIntPair(char *name, unsigned long value, |
573 unsigned long def) | 504 unsigned long def) |
574 { | 505 { |
575 char *returnValue; | 506 char *returnValue; |
576 | 507 |
577 if (value == def) return secmod_nullString; | 508 if (value == def) return nssutil_nullString; |
578 | 509 |
579 returnValue = PR_smprintf("%s=%d",name,value); | 510 returnValue = PR_smprintf("%s=%d",name,value); |
580 | 511 |
581 return returnValue; | 512 return returnValue; |
582 } | 513 } |
583 | 514 |
584 static void | 515 static void |
585 secmod_freePair(char *pair) | 516 nssutil_freePair(char *pair) |
586 { | 517 { |
587 if (pair && pair != secmod_nullString) { | 518 if (pair && pair != nssutil_nullString) { |
588 PR_smprintf_free(pair); | 519 PR_smprintf_free(pair); |
589 } | 520 } |
590 } | 521 } |
591 | 522 |
592 #define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\ | 523 |
593 » » » » sizeof("moduleDBOnly")+sizeof("critical") | 524 /************************************************************************ |
594 static char * | 525 * Parse the Slot specific parameters in the NSS params. |
595 secmod_mkNSSFlags(PRBool internal, PRBool isFIPS, | 526 */ |
596 » » PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical) | 527 |
| 528 struct nssutilArgSlotFlagTable { |
| 529 char *name; |
| 530 int len; |
| 531 unsigned long value; |
| 532 }; |
| 533 |
| 534 #define NSSUTIL_ARG_ENTRY(arg,flag) \ |
| 535 { #arg , sizeof(#arg)-1, flag } |
| 536 static struct nssutilArgSlotFlagTable nssutil_argSlotFlagTable[] = { |
| 537 » NSSUTIL_ARG_ENTRY(RSA,SECMOD_RSA_FLAG), |
| 538 » NSSUTIL_ARG_ENTRY(DSA,SECMOD_RSA_FLAG), |
| 539 » NSSUTIL_ARG_ENTRY(RC2,SECMOD_RC4_FLAG), |
| 540 » NSSUTIL_ARG_ENTRY(RC4,SECMOD_RC2_FLAG), |
| 541 » NSSUTIL_ARG_ENTRY(DES,SECMOD_DES_FLAG), |
| 542 » NSSUTIL_ARG_ENTRY(DH,SECMOD_DH_FLAG), |
| 543 » NSSUTIL_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG), |
| 544 » NSSUTIL_ARG_ENTRY(RC5,SECMOD_RC5_FLAG), |
| 545 » NSSUTIL_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG), |
| 546 » NSSUTIL_ARG_ENTRY(MD5,SECMOD_MD5_FLAG), |
| 547 » NSSUTIL_ARG_ENTRY(MD2,SECMOD_MD2_FLAG), |
| 548 » NSSUTIL_ARG_ENTRY(SSL,SECMOD_SSL_FLAG), |
| 549 » NSSUTIL_ARG_ENTRY(TLS,SECMOD_TLS_FLAG), |
| 550 » NSSUTIL_ARG_ENTRY(AES,SECMOD_AES_FLAG), |
| 551 » NSSUTIL_ARG_ENTRY(Camellia,SECMOD_CAMELLIA_FLAG), |
| 552 » NSSUTIL_ARG_ENTRY(SEED,SECMOD_SEED_FLAG), |
| 553 » NSSUTIL_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG), |
| 554 » NSSUTIL_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG), |
| 555 » NSSUTIL_ARG_ENTRY(Disable, SECMOD_DISABLE_FLAG), |
| 556 }; |
| 557 |
| 558 static int nssutil_argSlotFlagTableSize = |
| 559 » sizeof(nssutil_argSlotFlagTable)/sizeof(nssutil_argSlotFlagTable[0]); |
| 560 |
| 561 |
| 562 /* turn the slot flags into a bit mask */ |
| 563 unsigned long |
| 564 NSSUTIL_ArgParseSlotFlags(char *label,char *params) |
597 { | 565 { |
598 char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE); | 566 char *flags,*index; |
599 PRBool first = PR_TRUE; | 567 unsigned long retValue = 0; |
| 568 int i; |
| 569 PRBool all = PR_FALSE; |
600 | 570 |
601 PORT_Memset(flags,0,MAX_FLAG_SIZE); | 571 flags = NSSUTIL_ArgGetParamValue(label,params); |
602 if (internal) { | 572 if (flags == NULL) return 0; |
603 » PORT_Strcat(flags,"internal"); | |
604 » first = PR_FALSE; | |
605 } | |
606 if (isFIPS) { | |
607 » if (!first) PORT_Strcat(flags,","); | |
608 » PORT_Strcat(flags,"FIPS"); | |
609 » first = PR_FALSE; | |
610 } | |
611 if (isModuleDB) { | |
612 » if (!first) PORT_Strcat(flags,","); | |
613 » PORT_Strcat(flags,"moduleDB"); | |
614 » first = PR_FALSE; | |
615 } | |
616 if (isModuleDBOnly) { | |
617 » if (!first) PORT_Strcat(flags,","); | |
618 » PORT_Strcat(flags,"moduleDBOnly"); | |
619 » first = PR_FALSE; | |
620 } | |
621 if (isCritical) { | |
622 » if (!first) PORT_Strcat(flags,","); | |
623 » PORT_Strcat(flags,"critical"); | |
624 » first = PR_FALSE; | |
625 } | |
626 return flags; | |
627 } | |
628 | 573 |
629 static char * | 574 if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE; |
630 secmod_mkCipherFlags(unsigned long ssl0, unsigned long ssl1) | |
631 { | |
632 char *cipher = NULL; | |
633 int i; | |
634 | 575 |
635 for (i=0; i < sizeof(ssl0)*8; i++) { | 576 for (index=flags; *index; index=NSSUTIL_ArgNextFlag(index)) { |
636 » if (ssl0 & (1<<i)) { | 577 » for (i=0; i < nssutil_argSlotFlagTableSize; i++) { |
637 » char *string; | 578 » if (all || |
638 » if ((1<<i) == SECMOD_FORTEZZA_FLAG) { | 579 » » (PORT_Strncasecmp(index, nssutil_argSlotFlagTable[i].name, |
639 » » string = PR_smprintf("%s","FORTEZZA"); | 580 » » » » nssutil_argSlotFlagTable[i].len) == 0)) { |
640 » } else { | 581 » » retValue |= nssutil_argSlotFlagTable[i].value; |
641 » » string = PR_smprintf("0h0x%08x",1<<i); | |
642 » } | |
643 » if (cipher) { | |
644 » » char *tmp; | |
645 » » tmp = PR_smprintf("%s,%s",cipher,string); | |
646 » » PR_smprintf_free(cipher); | |
647 » » PR_smprintf_free(string); | |
648 » » cipher = tmp; | |
649 » } else { | |
650 » » cipher = string; | |
651 } | 582 } |
652 } | 583 } |
653 } | 584 } |
654 for (i=0; i < sizeof(ssl0)*8; i++) { | 585 PORT_Free(flags); |
655 » if (ssl1 & (1<<i)) { | 586 return retValue; |
656 » if (cipher) { | 587 } |
657 » » char *tmp; | 588 |
658 » » tmp = PR_smprintf("%s,0l0x%08x",cipher,1<<i); | 589 |
659 » » PR_smprintf_free(cipher); | 590 /* parse a single slot specific parameter */ |
660 » » cipher = tmp; | 591 static void |
661 » } else { | 592 nssutil_argDecodeSingleSlotInfo(char *name, char *params, |
662 » » cipher = PR_smprintf("0l0x%08x",1<<i); | 593 struct NSSUTILPreSlotInfoStr *slotInfo) |
| 594 { |
| 595 char *askpw; |
| 596 |
| 597 slotInfo->slotID=NSSUTIL_ArgDecodeNumber(name); |
| 598 slotInfo->defaultFlags=NSSUTIL_ArgParseSlotFlags("slotFlags",params); |
| 599 slotInfo->timeout=NSSUTIL_ArgReadLong("timeout",params, 0, NULL); |
| 600 |
| 601 askpw = NSSUTIL_ArgGetParamValue("askpw",params); |
| 602 slotInfo->askpw = 0; |
| 603 |
| 604 if (askpw) { |
| 605 » if (PORT_Strcasecmp(askpw,"every") == 0) { |
| 606 » slotInfo->askpw = -1; |
| 607 » } else if (PORT_Strcasecmp(askpw,"timeout") == 0) { |
| 608 » slotInfo->askpw = 1; |
| 609 » } |
| 610 » PORT_Free(askpw); |
| 611 » slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS; |
| 612 } |
| 613 slotInfo->hasRootCerts = NSSUTIL_ArgHasFlag("rootFlags", "hasRootCerts", |
| 614 params); |
| 615 slotInfo->hasRootTrust = NSSUTIL_ArgHasFlag("rootFlags", "hasRootTrust", |
| 616 params); |
| 617 } |
| 618 |
| 619 /* parse all the slot specific parameters. */ |
| 620 struct NSSUTILPreSlotInfoStr * |
| 621 NSSUTIL_ArgParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) |
| 622 { |
| 623 char *slotIndex; |
| 624 struct NSSUTILPreSlotInfoStr *slotInfo = NULL; |
| 625 int i=0,count = 0,next; |
| 626 |
| 627 *retCount = 0; |
| 628 if ((slotParams == NULL) || (*slotParams == 0)) return NULL; |
| 629 |
| 630 /* first count the number of slots */ |
| 631 for (slotIndex = NSSUTIL_ArgStrip(slotParams); *slotIndex; |
| 632 » slotIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(slotIndex))) { |
| 633 » count++; |
| 634 } |
| 635 |
| 636 /* get the data structures */ |
| 637 if (arena) { |
| 638 » slotInfo = PORT_ArenaZNewArray(arena, |
| 639 » » » » struct NSSUTILPreSlotInfoStr, count); |
| 640 } else { |
| 641 » slotInfo = PORT_ZNewArray(struct NSSUTILPreSlotInfoStr, count); |
| 642 } |
| 643 if (slotInfo == NULL) return NULL; |
| 644 |
| 645 for (slotIndex = NSSUTIL_ArgStrip(slotParams), i = 0; |
| 646 » » » » » *slotIndex && i < count ; ) { |
| 647 » char *name; |
| 648 » name = NSSUTIL_ArgGetLabel(slotIndex,&next); |
| 649 » slotIndex += next; |
| 650 |
| 651 » if (!NSSUTIL_ArgIsBlank(*slotIndex)) { |
| 652 » char *args = NSSUTIL_ArgFetchValue(slotIndex,&next); |
| 653 » slotIndex += next; |
| 654 » if (args) { |
| 655 » » nssutil_argDecodeSingleSlotInfo(name,args,&slotInfo[i]); |
| 656 » » i++; |
| 657 » » PORT_Free(args); |
663 } | 658 } |
664 } | 659 } |
| 660 if (name) PORT_Free(name); |
| 661 slotIndex = NSSUTIL_ArgStrip(slotIndex); |
665 } | 662 } |
666 | 663 *retCount = i; |
667 return cipher; | 664 return slotInfo; |
668 } | 665 } |
669 | 666 |
| 667 /************************************************************************ |
| 668 * make a new slot specific parameter |
| 669 */ |
| 670 /* first make the slot flags */ |
670 static char * | 671 static char * |
671 secmod_mkSlotFlags(unsigned long defaultFlags) | 672 nssutil_mkSlotFlags(unsigned long defaultFlags) |
672 { | 673 { |
673 char *flags=NULL; | 674 char *flags=NULL; |
674 int i,j; | 675 int i,j; |
675 | 676 |
676 for (i=0; i < sizeof(defaultFlags)*8; i++) { | 677 for (i=0; i < sizeof(defaultFlags)*8; i++) { |
677 if (defaultFlags & (1<<i)) { | 678 if (defaultFlags & (1<<i)) { |
678 char *string = NULL; | 679 char *string = NULL; |
679 | 680 |
680 » for (j=0; j < secmod_argSlotFlagTableSize; j++) { | 681 » for (j=0; j < nssutil_argSlotFlagTableSize; j++) { |
681 » » if (secmod_argSlotFlagTable[j].value == ( 1UL << i )) { | 682 » » if (nssutil_argSlotFlagTable[j].value == ( 1UL << i )) { |
682 » » string = secmod_argSlotFlagTable[j].name; | 683 » » string = nssutil_argSlotFlagTable[j].name; |
683 break; | 684 break; |
684 } | 685 } |
685 } | 686 } |
686 if (string) { | 687 if (string) { |
687 if (flags) { | 688 if (flags) { |
688 char *tmp; | 689 char *tmp; |
689 tmp = PR_smprintf("%s,%s",flags,string); | 690 tmp = PR_smprintf("%s,%s",flags,string); |
690 PR_smprintf_free(flags); | 691 PR_smprintf_free(flags); |
691 flags = tmp; | 692 flags = tmp; |
692 } else { | 693 } else { |
693 flags = PR_smprintf("%s",string); | 694 flags = PR_smprintf("%s",string); |
694 } | 695 } |
695 } | 696 } |
696 } | 697 } |
697 } | 698 } |
698 | 699 |
699 return flags; | 700 return flags; |
700 } | 701 } |
701 | 702 |
702 #define SECMOD_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust") | 703 /* now make the root flags */ |
703 | 704 #define NSSUTIL_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust"
) |
704 static char * | 705 static char * |
705 secmod_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust) | 706 nssutil_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust) |
706 { | 707 { |
707 char *flags= (char *)PORT_ZAlloc(SECMOD_MAX_ROOT_FLAG_SIZE); | 708 char *flags= (char *)PORT_ZAlloc(NSSUTIL_MAX_ROOT_FLAG_SIZE); |
708 PRBool first = PR_TRUE; | 709 PRBool first = PR_TRUE; |
709 | 710 |
710 PORT_Memset(flags,0,SECMOD_MAX_ROOT_FLAG_SIZE); | 711 PORT_Memset(flags,0,NSSUTIL_MAX_ROOT_FLAG_SIZE); |
711 if (hasRootCerts) { | 712 if (hasRootCerts) { |
712 PORT_Strcat(flags,"hasRootCerts"); | 713 PORT_Strcat(flags,"hasRootCerts"); |
713 first = PR_FALSE; | 714 first = PR_FALSE; |
714 } | 715 } |
715 if (hasRootTrust) { | 716 if (hasRootTrust) { |
716 if (!first) PORT_Strcat(flags,","); | 717 if (!first) PORT_Strcat(flags,","); |
717 PORT_Strcat(flags,"hasRootTrust"); | 718 PORT_Strcat(flags,"hasRootTrust"); |
718 first = PR_FALSE; | 719 first = PR_FALSE; |
719 } | 720 } |
720 return flags; | 721 return flags; |
721 } | 722 } |
722 | 723 |
723 static char * | 724 /* now make a full slot string */ |
724 secmod_mkSlotString(unsigned long slotID, unsigned long defaultFlags, | 725 char * |
| 726 NSSUTIL_MkSlotString(unsigned long slotID, unsigned long defaultFlags, |
725 unsigned long timeout, unsigned char askpw_in, | 727 unsigned long timeout, unsigned char askpw_in, |
726 PRBool hasRootCerts, PRBool hasRootTrust) { | 728 PRBool hasRootCerts, PRBool hasRootTrust) { |
727 char *askpw,*flags,*rootFlags,*slotString; | 729 char *askpw,*flags,*rootFlags,*slotString; |
728 char *flagPair,*rootFlagsPair; | 730 char *flagPair,*rootFlagsPair; |
729 | 731 |
730 switch (askpw_in) { | 732 switch (askpw_in) { |
731 case 0xff: | 733 case 0xff: |
732 askpw = "every"; | 734 askpw = "every"; |
733 break; | 735 break; |
734 case 1: | 736 case 1: |
735 askpw = "timeout"; | 737 askpw = "timeout"; |
736 break; | 738 break; |
737 default: | 739 default: |
738 askpw = "any"; | 740 askpw = "any"; |
739 break; | 741 break; |
740 } | 742 } |
741 flags = secmod_mkSlotFlags(defaultFlags); | 743 flags = nssutil_mkSlotFlags(defaultFlags); |
742 rootFlags = secmod_mkRootFlags(hasRootCerts,hasRootTrust); | 744 rootFlags = nssutil_mkRootFlags(hasRootCerts,hasRootTrust); |
743 flagPair=secmod_formatPair("slotFlags",flags,'\''); | 745 flagPair = nssutil_formatPair("slotFlags",flags,'\''); |
744 rootFlagsPair=secmod_formatPair("rootFlags",rootFlags,'\''); | 746 rootFlagsPair = nssutil_formatPair("rootFlags",rootFlags,'\''); |
745 if (flags) PR_smprintf_free(flags); | 747 if (flags) PR_smprintf_free(flags); |
746 if (rootFlags) PORT_Free(rootFlags); | 748 if (rootFlags) PORT_Free(rootFlags); |
747 if (defaultFlags & PK11_OWN_PW_DEFAULTS) { | 749 if (defaultFlags & PK11_OWN_PW_DEFAULTS) { |
748 slotString = PR_smprintf("0x%08lx=[%s askpw=%s timeout=%d %s]", | 750 slotString = PR_smprintf("0x%08lx=[%s askpw=%s timeout=%d %s]", |
749 (PRUint32)slotID,flagPair,askpw,timeout, | 751 (PRUint32)slotID,flagPair,askpw,timeout, |
750 rootFlagsPair); | 752 rootFlagsPair); |
751 } else { | 753 } else { |
752 slotString = PR_smprintf("0x%08lx=[%s %s]", | 754 slotString = PR_smprintf("0x%08lx=[%s %s]", |
753 (PRUint32)slotID,flagPair,rootFlagsPair); | 755 (PRUint32)slotID,flagPair,rootFlagsPair); |
754 } | 756 } |
755 secmod_freePair(flagPair); | 757 nssutil_freePair(flagPair); |
756 secmod_freePair(rootFlagsPair); | 758 nssutil_freePair(rootFlagsPair); |
757 return slotString; | 759 return slotString; |
758 } | 760 } |
759 | 761 |
| 762 |
| 763 /************************************************************************ |
| 764 * Parse Full module specs into: library, commonName, module parameters, |
| 765 * and NSS specifi parameters. |
| 766 */ |
| 767 SECStatus |
| 768 NSSUTIL_ArgParseModuleSpec(char *modulespec, char **lib, char **mod, |
| 769 char **parameters, char **nss) |
| 770 { |
| 771 int next; |
| 772 modulespec = NSSUTIL_ArgStrip(modulespec); |
| 773 |
| 774 *lib = *mod = *parameters = *nss = 0; |
| 775 |
| 776 while (*modulespec) { |
| 777 NSSUTIL_HANDLE_STRING_ARG(modulespec,*lib,"library=",;) |
| 778 NSSUTIL_HANDLE_STRING_ARG(modulespec,*mod,"name=",;) |
| 779 NSSUTIL_HANDLE_STRING_ARG(modulespec,*parameters,"parameters=",;) |
| 780 NSSUTIL_HANDLE_STRING_ARG(modulespec,*nss,"nss=",;) |
| 781 NSSUTIL_HANDLE_FINAL_ARG(modulespec) |
| 782 } |
| 783 return SECSuccess; |
| 784 } |
| 785 |
| 786 /************************************************************************ |
| 787 * make a new module spec from it's components */ |
| 788 char * |
| 789 NSSUTIL_MkModuleSpec(char *dllName, char *commonName, char *parameters, |
| 790 char *NSS) |
| 791 { |
| 792 char *moduleSpec; |
| 793 char *lib,*name,*param,*nss; |
| 794 |
| 795 /* |
| 796 * now the final spec |
| 797 */ |
| 798 lib = nssutil_formatPair("library",dllName,'\"'); |
| 799 name = nssutil_formatPair("name",commonName,'\"'); |
| 800 param = nssutil_formatPair("parameters",parameters,'\"'); |
| 801 nss = nssutil_formatPair("NSS",NSS,'\"'); |
| 802 moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss); |
| 803 nssutil_freePair(lib); |
| 804 nssutil_freePair(name); |
| 805 nssutil_freePair(param); |
| 806 nssutil_freePair(nss); |
| 807 return (moduleSpec); |
| 808 } |
| 809 |
| 810 |
| 811 #define NSSUTIL_ARG_FORTEZZA_FLAG "FORTEZZA" |
| 812 /****************************************************************************** |
| 813 * Parse the cipher flags from the NSS parameter |
| 814 */ |
| 815 void |
| 816 NSSUTIL_ArgParseCipherFlags(unsigned long *newCiphers,char *cipherList) |
| 817 { |
| 818 newCiphers[0] = newCiphers[1] = 0; |
| 819 if ((cipherList == NULL) || (*cipherList == 0)) return; |
| 820 |
| 821 for (;*cipherList; cipherList=NSSUTIL_ArgNextFlag(cipherList)) { |
| 822 if (PORT_Strncasecmp(cipherList,NSSUTIL_ARG_FORTEZZA_FLAG, |
| 823 sizeof(NSSUTIL_ARG_FORTEZZA_FLAG)-1) == 0) { |
| 824 newCiphers[0] |= SECMOD_FORTEZZA_FLAG; |
| 825 } |
| 826 |
| 827 /* add additional flags here as necessary */ |
| 828 /* direct bit mapping escape */ |
| 829 if (*cipherList == 0) { |
| 830 if (cipherList[1] == 'l') { |
| 831 newCiphers[1] |= atoi(&cipherList[2]); |
| 832 } else { |
| 833 newCiphers[0] |= atoi(&cipherList[2]); |
| 834 } |
| 835 } |
| 836 } |
| 837 } |
| 838 |
| 839 |
| 840 /********************************************************************* |
| 841 * make NSS parameter... |
| 842 */ |
| 843 /* First make NSS specific flags */ |
| 844 #define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\ |
| 845 sizeof("moduleDBOnly")+sizeof("critical") |
760 static char * | 846 static char * |
761 secmod_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS, | 847 nssutil_mkNSSFlags(PRBool internal, PRBool isFIPS, |
762 » PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical, | 848 » » PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical) |
763 » unsigned long trustOrder, unsigned long cipherOrder, | 849 { |
764 » » » » unsigned long ssl0, unsigned long ssl1) { | 850 char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE); |
| 851 PRBool first = PR_TRUE; |
| 852 |
| 853 PORT_Memset(flags,0,MAX_FLAG_SIZE); |
| 854 if (internal) { |
| 855 » PORT_Strcat(flags,"internal"); |
| 856 » first = PR_FALSE; |
| 857 } |
| 858 if (isFIPS) { |
| 859 » if (!first) PORT_Strcat(flags,","); |
| 860 » PORT_Strcat(flags,"FIPS"); |
| 861 » first = PR_FALSE; |
| 862 } |
| 863 if (isModuleDB) { |
| 864 » if (!first) PORT_Strcat(flags,","); |
| 865 » PORT_Strcat(flags,"moduleDB"); |
| 866 » first = PR_FALSE; |
| 867 } |
| 868 if (isModuleDBOnly) { |
| 869 » if (!first) PORT_Strcat(flags,","); |
| 870 » PORT_Strcat(flags,"moduleDBOnly"); |
| 871 » first = PR_FALSE; |
| 872 } |
| 873 if (isCritical) { |
| 874 » if (!first) PORT_Strcat(flags,","); |
| 875 » PORT_Strcat(flags,"critical"); |
| 876 » first = PR_FALSE; |
| 877 } |
| 878 return flags; |
| 879 } |
| 880 |
| 881 |
| 882 /* construct the NSS cipher flags */ |
| 883 static char * |
| 884 nssutil_mkCipherFlags(unsigned long ssl0, unsigned long ssl1) |
| 885 { |
| 886 char *cipher = NULL; |
| 887 int i; |
| 888 |
| 889 for (i=0; i < sizeof(ssl0)*8; i++) { |
| 890 » if (ssl0 & (1<<i)) { |
| 891 » char *string; |
| 892 » if ((1<<i) == SECMOD_FORTEZZA_FLAG) { |
| 893 » » string = PR_smprintf("%s",NSSUTIL_ARG_FORTEZZA_FLAG); |
| 894 » } else { |
| 895 » » string = PR_smprintf("0h0x%08x",1<<i); |
| 896 » } |
| 897 » if (cipher) { |
| 898 » » char *tmp; |
| 899 » » tmp = PR_smprintf("%s,%s",cipher,string); |
| 900 » » PR_smprintf_free(cipher); |
| 901 » » PR_smprintf_free(string); |
| 902 » » cipher = tmp; |
| 903 » } else { |
| 904 » » cipher = string; |
| 905 » } |
| 906 » } |
| 907 } |
| 908 for (i=0; i < sizeof(ssl0)*8; i++) { |
| 909 » if (ssl1 & (1<<i)) { |
| 910 » if (cipher) { |
| 911 » » char *tmp; |
| 912 » » tmp = PR_smprintf("%s,0l0x%08x",cipher,1<<i); |
| 913 » » PR_smprintf_free(cipher); |
| 914 » » cipher = tmp; |
| 915 » } else { |
| 916 » » cipher = PR_smprintf("0l0x%08x",1<<i); |
| 917 » } |
| 918 » } |
| 919 } |
| 920 |
| 921 return cipher; |
| 922 } |
| 923 |
| 924 /* Assemble a full NSS string. */ |
| 925 char * |
| 926 NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal, |
| 927 » PRBool isFIPS, PRBool isModuleDB, PRBool isModuleDBOnly, |
| 928 » PRBool isCritical, unsigned long trustOrder, |
| 929 » unsigned long cipherOrder, unsigned long ssl0, unsigned long ssl1) |
| 930 { |
765 int slotLen, i; | 931 int slotLen, i; |
766 char *slotParams, *ciphers, *nss, *nssFlags, *tmp; | 932 char *slotParams, *ciphers, *nss, *nssFlags, *tmp; |
767 char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair; | 933 char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair; |
768 | 934 |
769 | 935 |
770 /* now let's build up the string | 936 /* now let's build up the string |
771 * first the slot infos | 937 * first the slot infos |
772 */ | 938 */ |
773 slotLen=0; | 939 slotLen=0; |
774 for (i=0; i < (int)slotCount; i++) { | 940 for (i=0; i < (int)slotCount; i++) { |
775 slotLen += PORT_Strlen(slotStrings[i])+1; | 941 slotLen += PORT_Strlen(slotStrings[i])+1; |
776 } | 942 } |
777 slotLen += 1; /* space for the final NULL */ | 943 slotLen += 1; /* space for the final NULL */ |
778 | 944 |
779 slotParams = (char *)PORT_ZAlloc(slotLen); | 945 slotParams = (char *)PORT_ZAlloc(slotLen); |
780 PORT_Memset(slotParams,0,slotLen); | 946 PORT_Memset(slotParams,0,slotLen); |
781 for (i=0; i < (int)slotCount; i++) { | 947 for (i=0; i < (int)slotCount; i++) { |
782 PORT_Strcat(slotParams,slotStrings[i]); | 948 PORT_Strcat(slotParams,slotStrings[i]); |
783 PORT_Strcat(slotParams," "); | 949 PORT_Strcat(slotParams," "); |
784 PR_smprintf_free(slotStrings[i]); | 950 PR_smprintf_free(slotStrings[i]); |
785 slotStrings[i]=NULL; | 951 slotStrings[i]=NULL; |
786 } | 952 } |
787 | 953 |
788 /* | 954 /* |
789 * now the NSS structure | 955 * now the NSS structure |
790 */ | 956 */ |
791 nssFlags = secmod_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly, | 957 nssFlags = nssutil_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly, |
792 isCritical); | 958 isCritical); |
793 /* for now only the internal module is critical */ | 959 /* for now only the internal module is critical */ |
794 ciphers = secmod_mkCipherFlags(ssl0, ssl1); | 960 ciphers = nssutil_mkCipherFlags(ssl0, ssl1); |
795 | 961 |
796 trustOrderPair=secmod_formatIntPair("trustOrder",trustOrder, | 962 trustOrderPair = nssutil_formatIntPair("trustOrder",trustOrder, |
797 » » » » » SECMOD_DEFAULT_TRUST_ORDER); | 963 » » » » » NSSUTIL_DEFAULT_TRUST_ORDER); |
798 cipherOrderPair=secmod_formatIntPair("cipherOrder",cipherOrder, | 964 cipherOrderPair = nssutil_formatIntPair("cipherOrder",cipherOrder, |
799 » » » » » SECMOD_DEFAULT_CIPHER_ORDER); | 965 » » » » » NSSUTIL_DEFAULT_CIPHER_ORDER); |
800 slotPair=secmod_formatPair("slotParams",slotParams,'{'); /* } */ | 966 slotPair=nssutil_formatPair("slotParams",slotParams,'{'); /* } */ |
801 if (slotParams) PORT_Free(slotParams); | 967 if (slotParams) PORT_Free(slotParams); |
802 cipherPair=secmod_formatPair("ciphers",ciphers,'\''); | 968 cipherPair=nssutil_formatPair("ciphers",ciphers,'\''); |
803 if (ciphers) PR_smprintf_free(ciphers); | 969 if (ciphers) PR_smprintf_free(ciphers); |
804 flagPair=secmod_formatPair("Flags",nssFlags,'\''); | 970 flagPair=nssutil_formatPair("Flags",nssFlags,'\''); |
805 if (nssFlags) PORT_Free(nssFlags); | 971 if (nssFlags) PORT_Free(nssFlags); |
806 nss = PR_smprintf("%s %s %s %s %s",trustOrderPair, | 972 nss = PR_smprintf("%s %s %s %s %s",trustOrderPair, |
807 cipherOrderPair,slotPair,cipherPair,flagPair); | 973 cipherOrderPair,slotPair,cipherPair,flagPair); |
808 secmod_freePair(trustOrderPair); | 974 nssutil_freePair(trustOrderPair); |
809 secmod_freePair(cipherOrderPair); | 975 nssutil_freePair(cipherOrderPair); |
810 secmod_freePair(slotPair); | 976 nssutil_freePair(slotPair); |
811 secmod_freePair(cipherPair); | 977 nssutil_freePair(cipherPair); |
812 secmod_freePair(flagPair); | 978 nssutil_freePair(flagPair); |
813 tmp = secmod_argStrip(nss); | 979 tmp = NSSUTIL_ArgStrip(nss); |
814 if (*tmp == '\0') { | 980 if (*tmp == '\0') { |
815 PR_smprintf_free(nss); | 981 PR_smprintf_free(nss); |
816 nss = NULL; | 982 nss = NULL; |
817 } | 983 } |
818 return nss; | 984 return nss; |
819 } | 985 } |
820 | 986 |
821 static char * | 987 /***************************************************************************** |
822 secmod_mkNewModuleSpec(char *dllName, char *commonName, char *parameters, | 988 * |
823 » » » » » » » » char *NSS) { | 989 * Private calls for use by softoken and utilmod.c |
824 char *moduleSpec; | 990 */ |
825 char *lib,*name,*param,*nss; | |
826 | 991 |
827 /* | 992 #define SQLDB "sql:" |
828 * now the final spec | 993 #define EXTERNDB "extern:" |
829 */ | 994 #define LEGACY "dbm:" |
830 lib = secmod_formatPair("library",dllName,'\"'); | 995 #define MULTIACCESS "multiaccess:" |
831 name = secmod_formatPair("name",commonName,'\"'); | 996 #define SECMOD_DB "secmod.db" |
832 param = secmod_formatPair("parameters",parameters,'\"'); | 997 const char * |
833 nss = secmod_formatPair("NSS",NSS,'\"'); | 998 _NSSUTIL_EvaluateConfigDir(const char *configdir, |
834 moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss); | 999 » » » NSSDBType *pdbType, char **appName) |
835 secmod_freePair(lib); | 1000 { |
836 secmod_freePair(name); | 1001 NSSDBType dbType; |
837 secmod_freePair(param); | 1002 *appName = NULL; |
838 secmod_freePair(nss); | 1003 /* force the default */ |
839 return (moduleSpec); | 1004 #ifdef NSS_DISABLE_DBM |
| 1005 dbType = NSS_DB_TYPE_SQL; |
| 1006 #else |
| 1007 dbType = NSS_DB_TYPE_LEGACY; |
| 1008 #endif |
| 1009 if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) { |
| 1010 » char *cdir; |
| 1011 » dbType = NSS_DB_TYPE_MULTIACCESS; |
| 1012 |
| 1013 » *appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1); |
| 1014 » if (*appName == NULL) { |
| 1015 » return configdir; |
| 1016 » } |
| 1017 » cdir = *appName; |
| 1018 » while (*cdir && *cdir != ':') { |
| 1019 » cdir++; |
| 1020 » } |
| 1021 » if (*cdir == ':') { |
| 1022 » *cdir = 0; |
| 1023 » cdir++; |
| 1024 » } |
| 1025 » configdir = cdir; |
| 1026 } else if (PORT_Strncmp(configdir, SQLDB, sizeof(SQLDB)-1) == 0) { |
| 1027 » dbType = NSS_DB_TYPE_SQL; |
| 1028 » configdir = configdir + sizeof(SQLDB) -1; |
| 1029 } else if (PORT_Strncmp(configdir, EXTERNDB, sizeof(EXTERNDB)-1) == 0) { |
| 1030 » dbType = NSS_DB_TYPE_EXTERN; |
| 1031 » configdir = configdir + sizeof(EXTERNDB) -1; |
| 1032 } else if (PORT_Strncmp(configdir, LEGACY, sizeof(LEGACY)-1) == 0) { |
| 1033 » dbType = NSS_DB_TYPE_LEGACY; |
| 1034 » configdir = configdir + sizeof(LEGACY) -1; |
| 1035 } else { |
| 1036 » /* look up the default from the environment */ |
| 1037 » char *defaultType = PR_GetEnv("NSS_DEFAULT_DB_TYPE"); |
| 1038 » if (defaultType != NULL) { |
| 1039 » if (PORT_Strncmp(defaultType, SQLDB, sizeof(SQLDB)-2) == 0) { |
| 1040 » » dbType = NSS_DB_TYPE_SQL; |
| 1041 » } else if (PORT_Strncmp(defaultType,EXTERNDB,sizeof(EXTERNDB)-2)==0)
{ |
| 1042 » » dbType = NSS_DB_TYPE_EXTERN; |
| 1043 » } else if (PORT_Strncmp(defaultType, LEGACY, sizeof(LEGACY)-2) == 0)
{ |
| 1044 » » dbType = NSS_DB_TYPE_LEGACY; |
| 1045 » } |
| 1046 » } |
| 1047 } |
| 1048 /* if the caller has already set a type, don't change it */ |
| 1049 if (*pdbType == NSS_DB_TYPE_NONE) { |
| 1050 » *pdbType = dbType; |
| 1051 } |
| 1052 return configdir; |
840 } | 1053 } |
841 | 1054 |
| 1055 char * |
| 1056 _NSSUTIL_GetSecmodName(char *param, NSSDBType *dbType, char **appName, |
| 1057 char **filename, PRBool *rw) |
| 1058 { |
| 1059 int next; |
| 1060 char *configdir = NULL; |
| 1061 char *secmodName = NULL; |
| 1062 char *value = NULL; |
| 1063 char *save_params = param; |
| 1064 const char *lconfigdir; |
| 1065 param = NSSUTIL_ArgStrip(param); |
| 1066 |
| 1067 |
| 1068 while (*param) { |
| 1069 NSSUTIL_HANDLE_STRING_ARG(param,configdir,"configDir=",;) |
| 1070 NSSUTIL_HANDLE_STRING_ARG(param,secmodName,"secmod=",;) |
| 1071 NSSUTIL_HANDLE_FINAL_ARG(param) |
| 1072 } |
| 1073 |
| 1074 *rw = PR_TRUE; |
| 1075 if (NSSUTIL_ArgHasFlag("flags","readOnly",save_params)) { |
| 1076 *rw = PR_FALSE; |
| 1077 } |
| 1078 |
| 1079 if (!secmodName || *secmodName == '\0') { |
| 1080 if (secmodName) PORT_Free(secmodName); |
| 1081 secmodName = PORT_Strdup(SECMOD_DB); |
| 1082 } |
| 1083 |
| 1084 *filename = secmodName; |
| 1085 lconfigdir = _NSSUTIL_EvaluateConfigDir(configdir, dbType, appName); |
| 1086 |
| 1087 if (NSSUTIL_ArgHasFlag("flags","noModDB",save_params)) { |
| 1088 /* there isn't a module db, don't load the legacy support */ |
| 1089 *dbType = NSS_DB_TYPE_SQL; |
| 1090 *rw = PR_FALSE; |
| 1091 } |
| 1092 |
| 1093 /* only use the renamed secmod for legacy databases */ |
| 1094 if ((*dbType != NSS_DB_TYPE_LEGACY) && |
| 1095 (*dbType != NSS_DB_TYPE_MULTIACCESS)) { |
| 1096 secmodName="pkcs11.txt"; |
| 1097 } |
| 1098 |
| 1099 if (lconfigdir) { |
| 1100 value = PR_smprintf("%s" NSSUTIL_PATH_SEPARATOR "%s", |
| 1101 lconfigdir,secmodName); |
| 1102 } else { |
| 1103 value = PR_smprintf("%s",secmodName); |
| 1104 } |
| 1105 if (configdir) PORT_Free(configdir); |
| 1106 return value; |
| 1107 } |
| 1108 |
| 1109 |
OLD | NEW |