Index: mozilla/security/nss/lib/util/utilpars.c |
=================================================================== |
--- mozilla/security/nss/lib/util/utilpars.c (revision 166571) |
+++ mozilla/security/nss/lib/util/utilpars.c (working copy) |
@@ -1,83 +1,21 @@ |
/* This Source Code Form is subject to the terms of the Mozilla Public |
* License, v. 2.0. If a copy of the MPL was not distributed with this |
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
-/* |
- * The following handles the loading, unloading and management of |
- * various PCKS #11 modules |
+/* |
+ * The following code handles the storage of PKCS 11 modules used by the |
+ * NSS. This file is written to abstract away how the modules are |
+ * stored so we can decide that later. |
*/ |
+#include "secport.h" |
+#include "prprf.h" |
+#include "prenv.h" |
+#include "utilpars.h" |
+#include "utilmodt.h" |
- |
/* |
- * this header file contains routines for parsing PKCS #11 module spec |
- * strings. It contains 'C' code and should only be included in one module. |
- * Currently it is included in both softoken and the wrapper. |
+ * return the expected matching quote value for the one specified |
*/ |
-#include <ctype.h> |
-#include "pkcs11.h" |
-#include "seccomon.h" |
-#include "prprf.h" |
-#include "secmodt.h" |
-#include "pk11init.h" |
- |
-#define SECMOD_ARG_LIBRARY_PARAMETER "library=" |
-#define SECMOD_ARG_NAME_PARAMETER "name=" |
-#define SECMOD_ARG_MODULE_PARAMETER "parameters=" |
-#define SECMOD_ARG_NSS_PARAMETER "NSS=" |
-#define SECMOD_ARG_FORTEZZA_FLAG "FORTEZZA" |
-#define SECMOD_ARG_ESCAPE '\\' |
- |
-struct secmodargSlotFlagTable { |
- char *name; |
- int len; |
- unsigned long value; |
-}; |
- |
-#define SECMOD_DEFAULT_CIPHER_ORDER 0 |
-#define SECMOD_DEFAULT_TRUST_ORDER 50 |
- |
- |
-#define SECMOD_ARG_ENTRY(arg,flag) \ |
-{ #arg , sizeof(#arg)-1, flag } |
-static struct secmodargSlotFlagTable secmod_argSlotFlagTable[] = { |
- SECMOD_ARG_ENTRY(RSA,SECMOD_RSA_FLAG), |
- SECMOD_ARG_ENTRY(DSA,SECMOD_RSA_FLAG), |
- SECMOD_ARG_ENTRY(RC2,SECMOD_RC4_FLAG), |
- SECMOD_ARG_ENTRY(RC4,SECMOD_RC2_FLAG), |
- SECMOD_ARG_ENTRY(DES,SECMOD_DES_FLAG), |
- SECMOD_ARG_ENTRY(DH,SECMOD_DH_FLAG), |
- SECMOD_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG), |
- SECMOD_ARG_ENTRY(RC5,SECMOD_RC5_FLAG), |
- SECMOD_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG), |
- SECMOD_ARG_ENTRY(MD5,SECMOD_MD5_FLAG), |
- SECMOD_ARG_ENTRY(MD2,SECMOD_MD2_FLAG), |
- SECMOD_ARG_ENTRY(SSL,SECMOD_SSL_FLAG), |
- SECMOD_ARG_ENTRY(TLS,SECMOD_TLS_FLAG), |
- SECMOD_ARG_ENTRY(AES,SECMOD_AES_FLAG), |
- SECMOD_ARG_ENTRY(Camellia,SECMOD_CAMELLIA_FLAG), |
- SECMOD_ARG_ENTRY(SEED,SECMOD_SEED_FLAG), |
- SECMOD_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG), |
- SECMOD_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG), |
- SECMOD_ARG_ENTRY(Disable, PK11_DISABLE_FLAG), |
-}; |
- |
-#define SECMOD_HANDLE_STRING_ARG(param,target,value,command) \ |
- if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \ |
- param += sizeof(value)-1; \ |
- if (target) PORT_Free(target); \ |
- target = secmod_argFetchValue(param,&next); \ |
- param += next; \ |
- command ;\ |
- } else |
- |
-#define SECMOD_HANDLE_FINAL_ARG(param) \ |
- { param = secmod_argSkipParameter(param); } param = secmod_argStrip(param); |
- |
- |
-static int secmod_argSlotFlagTableSize = |
- sizeof(secmod_argSlotFlagTable)/sizeof(secmod_argSlotFlagTable[0]); |
- |
- |
-static PRBool secmod_argGetPair(char c) { |
+PRBool NSSUTIL_ArgGetPair(char c) { |
switch (c) { |
case '\'': return c; |
case '\"': return c; |
@@ -90,15 +28,15 @@ |
return ' '; |
} |
-static PRBool secmod_argIsBlank(char c) { |
+PRBool NSSUTIL_ArgIsBlank(char c) { |
return isspace((unsigned char )c); |
} |
-static PRBool secmod_argIsEscape(char c) { |
+PRBool NSSUTIL_ArgIsEscape(char c) { |
return c == '\\'; |
} |
-static PRBool secmod_argIsQuote(char c) { |
+PRBool NSSUTIL_ArgIsQuote(char c) { |
switch (c) { |
case '\'': |
case '\"': |
@@ -111,34 +49,22 @@ |
return PR_FALSE; |
} |
-static PRBool secmod_argHasChar(char *v, char c) |
-{ |
- for ( ;*v; v++) { |
- if (*v == c) return PR_TRUE; |
- } |
- return PR_FALSE; |
-} |
- |
-static PRBool secmod_argHasBlanks(char *v) |
-{ |
- for ( ;*v; v++) { |
- if (secmod_argIsBlank(*v)) return PR_TRUE; |
- } |
- return PR_FALSE; |
-} |
- |
-static char *secmod_argStrip(char *c) { |
- while (*c && secmod_argIsBlank(*c)) c++; |
+char *NSSUTIL_ArgStrip(char *c) { |
+ while (*c && NSSUTIL_ArgIsBlank(*c)) c++; |
return c; |
} |
-static char * |
-secmod_argFindEnd(char *string) { |
+/* |
+ * find the end of the current tag/value pair. string should be pointing just |
+ * after the equal sign. Handles quoted characters. |
+ */ |
+char * |
+NSSUTIL_ArgFindEnd(char *string) { |
char endChar = ' '; |
PRBool lastEscape = PR_FALSE; |
- if (secmod_argIsQuote(*string)) { |
- endChar = secmod_argGetPair(*string); |
+ if (NSSUTIL_ArgIsQuote(*string)) { |
+ endChar = NSSUTIL_ArgGetPair(*string); |
string++; |
} |
@@ -147,11 +73,11 @@ |
lastEscape = PR_FALSE; |
continue; |
} |
- if (secmod_argIsEscape(*string) && !lastEscape) { |
+ if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) { |
lastEscape = PR_TRUE; |
continue; |
} |
- if ((endChar == ' ') && secmod_argIsBlank(*string)) break; |
+ if ((endChar == ' ') && NSSUTIL_ArgIsBlank(*string)) break; |
if (*string == endChar) { |
break; |
} |
@@ -160,10 +86,14 @@ |
return string; |
} |
-static char * |
-secmod_argFetchValue(char *string, int *pcount) |
+/* |
+ * get the value pointed to by string. string should be pointing just beyond |
+ * the equal sign. |
+ */ |
+char * |
+NSSUTIL_ArgFetchValue(char *string, int *pcount) |
{ |
- char *end = secmod_argFindEnd(string); |
+ char *end = NSSUTIL_ArgFindEnd(string); |
char *retString, *copyString; |
PRBool lastEscape = PR_FALSE; |
int len; |
@@ -181,9 +111,9 @@ |
if (retString == NULL) return NULL; |
- if (secmod_argIsQuote(*string)) string++; |
+ if (NSSUTIL_ArgIsQuote(*string)) string++; |
for (; string < end; string++) { |
- if (secmod_argIsEscape(*string) && !lastEscape) { |
+ if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) { |
lastEscape = PR_TRUE; |
continue; |
} |
@@ -194,46 +124,30 @@ |
return retString; |
} |
-static char * |
-secmod_argSkipParameter(char *string) |
+/* |
+ * point to the next parameter in string |
+ */ |
+char * |
+NSSUTIL_ArgSkipParameter(char *string) |
{ |
char *end; |
/* look for the end of the <name>= */ |
for (;*string; string++) { |
if (*string == '=') { string++; break; } |
- if (secmod_argIsBlank(*string)) return(string); |
+ if (NSSUTIL_ArgIsBlank(*string)) return(string); |
} |
- end = secmod_argFindEnd(string); |
+ end = NSSUTIL_ArgFindEnd(string); |
if (*end) end++; |
return end; |
} |
- |
-static SECStatus |
-secmod_argParseModuleSpec(char *modulespec, char **lib, char **mod, |
- char **parameters, char **nss) |
+/* |
+ * get the value from that tag value pair. |
+ */ |
+char * |
+NSSUTIL_ArgGetParamValue(char *paramName,char *parameters) |
{ |
- int next; |
- modulespec = secmod_argStrip(modulespec); |
- |
- *lib = *mod = *parameters = *nss = 0; |
- |
- while (*modulespec) { |
- SECMOD_HANDLE_STRING_ARG(modulespec,*lib,SECMOD_ARG_LIBRARY_PARAMETER,;) |
- SECMOD_HANDLE_STRING_ARG(modulespec,*mod,SECMOD_ARG_NAME_PARAMETER,;) |
- SECMOD_HANDLE_STRING_ARG(modulespec,*parameters, |
- SECMOD_ARG_MODULE_PARAMETER,;) |
- SECMOD_HANDLE_STRING_ARG(modulespec,*nss,SECMOD_ARG_NSS_PARAMETER,;) |
- SECMOD_HANDLE_FINAL_ARG(modulespec) |
- } |
- return SECSuccess; |
-} |
- |
- |
-static char * |
-secmod_argGetParamValue(char *paramName,char *parameters) |
-{ |
char searchValue[256]; |
int paramLen = strlen(paramName); |
char *returnValue = NULL; |
@@ -248,19 +162,21 @@ |
while (*parameters) { |
if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) { |
parameters += paramLen+1; |
- returnValue = secmod_argFetchValue(parameters,&next); |
+ returnValue = NSSUTIL_ArgFetchValue(parameters,&next); |
break; |
} else { |
- parameters = secmod_argSkipParameter(parameters); |
+ parameters = NSSUTIL_ArgSkipParameter(parameters); |
} |
- parameters = secmod_argStrip(parameters); |
+ parameters = NSSUTIL_ArgStrip(parameters); |
} |
return returnValue; |
} |
- |
- |
-static char * |
-secmod_argNextFlag(char *flags) |
+ |
+/* |
+ * find the next flag in the parameter list |
+ */ |
+char * |
+NSSUTIL_ArgNextFlag(char *flags) |
{ |
for (; *flags ; flags++) { |
if (*flags == ',') { |
@@ -271,17 +187,20 @@ |
return flags; |
} |
-static PRBool |
-secmod_argHasFlag(char *label, char *flag, char *parameters) |
+/* |
+ * return true if the flag is set in the label parameter. |
+ */ |
+PRBool |
+NSSUTIL_ArgHasFlag(char *label, char *flag, char *parameters) |
{ |
char *flags,*index; |
int len = strlen(flag); |
PRBool found = PR_FALSE; |
- flags = secmod_argGetParamValue(label,parameters); |
+ flags = NSSUTIL_ArgGetParamValue(label,parameters); |
if (flags == NULL) return PR_FALSE; |
- for (index=flags; *index; index=secmod_argNextFlag(index)) { |
+ for (index=flags; *index; index=NSSUTIL_ArgNextFlag(index)) { |
if (PORT_Strncasecmp(index,flag,len) == 0) { |
found=PR_TRUE; |
break; |
@@ -291,36 +210,11 @@ |
return found; |
} |
-static void |
-secmod_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList) |
-{ |
- newCiphers[0] = newCiphers[1] = 0; |
- if ((cipherList == NULL) || (*cipherList == 0)) return; |
- |
- for (;*cipherList; cipherList=secmod_argNextFlag(cipherList)) { |
- if (PORT_Strncasecmp(cipherList,SECMOD_ARG_FORTEZZA_FLAG, |
- sizeof(SECMOD_ARG_FORTEZZA_FLAG)-1) == 0) { |
- newCiphers[0] |= SECMOD_FORTEZZA_FLAG; |
- } |
- |
- /* add additional flags here as necessary */ |
- /* direct bit mapping escape */ |
- if (*cipherList == 0) { |
- if (cipherList[1] == 'l') { |
- newCiphers[1] |= atoi(&cipherList[2]); |
- } else { |
- newCiphers[0] |= atoi(&cipherList[2]); |
- } |
- } |
- } |
-} |
- |
- |
/* |
* decode a number. handle octal (leading '0'), hex (leading '0x') or decimal |
*/ |
-static long |
-secmod_argDecodeNumber(char *num) |
+long |
+NSSUTIL_ArgDecodeNumber(char *num) |
{ |
int radix = 10; |
unsigned long value = 0; |
@@ -330,7 +224,7 @@ |
if (num == NULL) return retValue; |
- num = secmod_argStrip(num); |
+ num = NSSUTIL_ArgStrip(num); |
if (*num == '-') { |
sign = -1; |
@@ -365,163 +259,182 @@ |
return retValue; |
} |
-static long |
-secmod_argReadLong(char *label,char *params, long defValue, PRBool *isdefault) |
+/* |
+ * parameters are tag value pairs. This function returns the tag or label (the |
+ * value before the equal size. |
+ */ |
+char * |
+NSSUTIL_ArgGetLabel(char *inString, int *next) |
{ |
+ char *name=NULL; |
+ char *string; |
+ int len; |
+ |
+ /* look for the end of the <label>= */ |
+ for (string = inString;*string; string++) { |
+ if (*string == '=') { break; } |
+ if (NSSUTIL_ArgIsBlank(*string)) break; |
+ } |
+ |
+ len = string - inString; |
+ |
+ *next = len; |
+ if (*string == '=') (*next) += 1; |
+ if (len > 0) { |
+ name = PORT_Alloc(len+1); |
+ PORT_Strncpy(name,inString,len); |
+ name[len] = 0; |
+ } |
+ return name; |
+} |
+ |
+/* |
+ * read an argument at a Long integer |
+ */ |
+long |
+NSSUTIL_ArgReadLong(char *label,char *params, long defValue, PRBool *isdefault) |
+{ |
char *value; |
long retValue; |
if (isdefault) *isdefault = PR_FALSE; |
- value = secmod_argGetParamValue(label,params); |
+ value = NSSUTIL_ArgGetParamValue(label,params); |
if (value == NULL) { |
if (isdefault) *isdefault = PR_TRUE; |
return defValue; |
} |
- retValue = secmod_argDecodeNumber(value); |
+ retValue = NSSUTIL_ArgDecodeNumber(value); |
if (value) PORT_Free(value); |
return retValue; |
} |
-static unsigned long |
-secmod_argSlotFlags(char *label,char *params) |
+/* |
+ * prepare a string to be quoted with 'quote' marks. We do that by adding |
+ * appropriate escapes. |
+ */ |
+static int |
+nssutil_escapeQuotesSize(const char *string, char quote, PRBool addquotes) |
{ |
- char *flags,*index; |
- unsigned long retValue = 0; |
- int i; |
- PRBool all = PR_FALSE; |
+ int escapes = 0, size = 0; |
+ const char *src; |
- flags = secmod_argGetParamValue(label,params); |
- if (flags == NULL) return 0; |
+ size= addquotes ? 2 : 0; |
+ for (src=string; *src ; src++) { |
+ if ((*src == quote) || (*src == '\\')) escapes++; |
+ size++; |
+ } |
+ return size+escapes+1; |
- if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE; |
- |
- for (index=flags; *index; index=secmod_argNextFlag(index)) { |
- for (i=0; i < secmod_argSlotFlagTableSize; i++) { |
- if (all || (PORT_Strncasecmp(index, secmod_argSlotFlagTable[i].name, |
- secmod_argSlotFlagTable[i].len) == 0)) { |
- retValue |= secmod_argSlotFlagTable[i].value; |
- } |
- } |
- } |
- PORT_Free(flags); |
- return retValue; |
} |
- |
-static void |
-secmod_argDecodeSingleSlotInfo(char *name, char *params, |
- PK11PreSlotInfo *slotInfo) |
+static char * |
+nssutil_escapeQuotes(const char *string, char quote, PRBool addquotes) |
{ |
- char *askpw; |
+ char *newString = 0; |
+ int size = 0; |
+ const char *src; |
+ char *dest; |
- slotInfo->slotID=secmod_argDecodeNumber(name); |
- slotInfo->defaultFlags=secmod_argSlotFlags("slotFlags",params); |
- slotInfo->timeout=secmod_argReadLong("timeout",params, 0, NULL); |
+ size = nssutil_escapeQuotesSize(string, quote, addquotes); |
- askpw = secmod_argGetParamValue("askpw",params); |
- slotInfo->askpw = 0; |
+ dest = newString = PORT_ZAlloc(size+2); |
+ if (newString == NULL) { |
+ return NULL; |
+ } |
- if (askpw) { |
- if (PORT_Strcasecmp(askpw,"every") == 0) { |
- slotInfo->askpw = -1; |
- } else if (PORT_Strcasecmp(askpw,"timeout") == 0) { |
- slotInfo->askpw = 1; |
- } |
- PORT_Free(askpw); |
- slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS; |
+ if (addquotes) *dest++=quote; |
+ for (src=string; *src; src++,dest++) { |
+ if ((*src == '\\') || (*src == quote)) { |
+ *dest++ = '\\'; |
+ } |
+ *dest = *src; |
} |
- slotInfo->hasRootCerts = secmod_argHasFlag("rootFlags", "hasRootCerts", |
- params); |
- slotInfo->hasRootTrust = secmod_argHasFlag("rootFlags", "hasRootTrust", |
- params); |
+ if (addquotes) *dest=quote; |
+ |
+ return newString; |
} |
-static char * |
-secmod_argGetName(char *inString, int *next) |
+int |
+NSSUTIL_EscapeSize(const char *string, char quote) |
{ |
- char *name=NULL; |
- char *string; |
- int len; |
+ return nssutil_escapeQuotesSize(string, quote, PR_FALSE); |
+} |
- /* look for the end of the <name>= */ |
- for (string = inString;*string; string++) { |
- if (*string == '=') { break; } |
- if (secmod_argIsBlank(*string)) break; |
- } |
+char * |
+NSSUTIL_Escape(const char *string, char quote) |
+{ |
+ return nssutil_escapeQuotes(string, quote, PR_FALSE); |
+} |
- len = string - inString; |
- *next = len; |
- if (*string == '=') (*next) += 1; |
- if (len > 0) { |
- name = PORT_Alloc(len+1); |
- PORT_Strncpy(name,inString,len); |
- name[len] = 0; |
- } |
- return name; |
+int |
+NSSUTIL_QuoteSize(const char *string, char quote) |
+{ |
+ return nssutil_escapeQuotesSize(string, quote, PR_TRUE); |
} |
-static PK11PreSlotInfo * |
-secmod_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) |
+char * |
+NSSUTIL_Quote(const char *string, char quote) |
{ |
- char *slotIndex; |
- PK11PreSlotInfo *slotInfo = NULL; |
- int i=0,count = 0,next; |
+ return nssutil_escapeQuotes(string, quote, PR_TRUE); |
+} |
- *retCount = 0; |
- if ((slotParams == NULL) || (*slotParams == 0)) return NULL; |
- |
- /* first count the number of slots */ |
- for (slotIndex = secmod_argStrip(slotParams); *slotIndex; |
- slotIndex = secmod_argStrip(secmod_argSkipParameter(slotIndex))) { |
- count++; |
+int |
+NSSUTIL_DoubleEscapeSize(const char *string, char quote1, char quote2) |
+{ |
+ int escapes = 0, size = 0; |
+ const char *src; |
+ for (src=string; *src ; src++) { |
+ if (*src == '\\') escapes+=3; /* \\\\ */ |
+ if (*src == quote1) escapes+=2; /* \\quote1 */ |
+ if (*src == quote2) escapes++; /* \quote2 */ |
+ size++; |
} |
- /* get the data structures */ |
- if (arena) { |
- slotInfo = (PK11PreSlotInfo *) |
- PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo)); |
- PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo)); |
- } else { |
- slotInfo = (PK11PreSlotInfo *) |
- PORT_ZAlloc(count*sizeof(PK11PreSlotInfo)); |
+ return escapes+size+1; |
+} |
+ |
+char * |
+NSSUTIL_DoubleEscape(const char *string, char quote1, char quote2) |
+{ |
+ char *round1 = NULL; |
+ char *retValue = NULL; |
+ if (string == NULL) { |
+ goto done; |
} |
- if (slotInfo == NULL) return NULL; |
+ round1 = nssutil_escapeQuotes(string, quote1, PR_FALSE); |
+ if (round1) { |
+ retValue = nssutil_escapeQuotes(round1, quote2, PR_FALSE); |
+ PORT_Free(round1); |
+ } |
- for (slotIndex = secmod_argStrip(slotParams), i = 0; |
- *slotIndex && i < count ; ) { |
- char *name; |
- name = secmod_argGetName(slotIndex,&next); |
- slotIndex += next; |
- |
- if (!secmod_argIsBlank(*slotIndex)) { |
- char *args = secmod_argFetchValue(slotIndex,&next); |
- slotIndex += next; |
- if (args) { |
- secmod_argDecodeSingleSlotInfo(name,args,&slotInfo[i]); |
- i++; |
- PORT_Free(args); |
- } |
- } |
- if (name) PORT_Free(name); |
- slotIndex = secmod_argStrip(slotIndex); |
+done: |
+ if (retValue == NULL) { |
+ retValue = PORT_Strdup(""); |
} |
- *retCount = i; |
- return slotInfo; |
+ return retValue; |
} |
-static char *secmod_nullString = ""; |
+/************************************************************************ |
+ * These functions are used in contructing strings. |
+ * NOTE: they will always return a string, but sometimes it will return |
+ * a specific NULL string. These strings must be freed with util_freePair. |
+ */ |
+ |
+/* string to return on error... */ |
+static char *nssutil_nullString = ""; |
+ |
static char * |
-secmod_formatValue(PRArenaPool *arena, char *value, char quote) |
+nssutil_formatValue(PRArenaPool *arena, char *value, char quote) |
{ |
char *vp,*vp2,*retval; |
int size = 0, escapes = 0; |
for (vp=value; *vp ;vp++) { |
- if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) escapes++; |
+ if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) escapes++; |
size++; |
} |
if (arena) { |
@@ -532,49 +445,67 @@ |
if (retval == NULL) return NULL; |
vp2 = retval; |
for (vp=value; *vp; vp++) { |
- if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) |
- *vp2++ = SECMOD_ARG_ESCAPE; |
+ if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) |
+ *vp2++ = NSSUTIL_ARG_ESCAPE; |
*vp2++ = *vp; |
} |
return retval; |
} |
- |
-static char *secmod_formatPair(char *name,char *value, char quote) |
+ |
+ |
+static PRBool nssutil_argHasChar(char *v, char c) |
{ |
+ for ( ;*v; v++) { |
+ if (*v == c) return PR_TRUE; |
+ } |
+ return PR_FALSE; |
+} |
+ |
+static PRBool nssutil_argHasBlanks(char *v) |
+{ |
+ for ( ;*v; v++) { |
+ if (NSSUTIL_ArgIsBlank(*v)) return PR_TRUE; |
+ } |
+ return PR_FALSE; |
+} |
+ |
+static char * |
+nssutil_formatPair(char *name, char *value, char quote) |
+{ |
char openQuote = quote; |
- char closeQuote = secmod_argGetPair(quote); |
+ char closeQuote = NSSUTIL_ArgGetPair(quote); |
char *newValue = NULL; |
char *returnValue; |
PRBool need_quote = PR_FALSE; |
- if (!value || (*value == 0)) return secmod_nullString; |
+ if (!value || (*value == 0)) return nssutil_nullString; |
- if (secmod_argHasBlanks(value) || secmod_argIsQuote(value[0])) |
+ if (nssutil_argHasBlanks(value) || NSSUTIL_ArgIsQuote(value[0])) |
need_quote=PR_TRUE; |
- if ((need_quote && secmod_argHasChar(value,closeQuote)) |
- || secmod_argHasChar(value,SECMOD_ARG_ESCAPE)) { |
- value = newValue = secmod_formatValue(NULL, value,quote); |
- if (newValue == NULL) return secmod_nullString; |
+ if ((need_quote && nssutil_argHasChar(value,closeQuote)) |
+ || nssutil_argHasChar(value,NSSUTIL_ARG_ESCAPE)) { |
+ value = newValue = nssutil_formatValue(NULL, value,quote); |
+ if (newValue == NULL) return nssutil_nullString; |
} |
if (need_quote) { |
returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote); |
} else { |
returnValue = PR_smprintf("%s=%s",name,value); |
} |
- if (returnValue == NULL) returnValue = secmod_nullString; |
+ if (returnValue == NULL) returnValue = nssutil_nullString; |
if (newValue) PORT_Free(newValue); |
return returnValue; |
} |
-static char *secmod_formatIntPair(char *name, unsigned long value, |
+static char *nssutil_formatIntPair(char *name, unsigned long value, |
unsigned long def) |
{ |
char *returnValue; |
- if (value == def) return secmod_nullString; |
+ if (value == def) return nssutil_nullString; |
returnValue = PR_smprintf("%s=%d",name,value); |
@@ -582,93 +513,163 @@ |
} |
static void |
-secmod_freePair(char *pair) |
+nssutil_freePair(char *pair) |
{ |
- if (pair && pair != secmod_nullString) { |
+ if (pair && pair != nssutil_nullString) { |
PR_smprintf_free(pair); |
} |
} |
-#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\ |
- sizeof("moduleDBOnly")+sizeof("critical") |
-static char * |
-secmod_mkNSSFlags(PRBool internal, PRBool isFIPS, |
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical) |
+ |
+/************************************************************************ |
+ * Parse the Slot specific parameters in the NSS params. |
+ */ |
+ |
+struct nssutilArgSlotFlagTable { |
+ char *name; |
+ int len; |
+ unsigned long value; |
+}; |
+ |
+#define NSSUTIL_ARG_ENTRY(arg,flag) \ |
+{ #arg , sizeof(#arg)-1, flag } |
+static struct nssutilArgSlotFlagTable nssutil_argSlotFlagTable[] = { |
+ NSSUTIL_ARG_ENTRY(RSA,SECMOD_RSA_FLAG), |
+ NSSUTIL_ARG_ENTRY(DSA,SECMOD_RSA_FLAG), |
+ NSSUTIL_ARG_ENTRY(RC2,SECMOD_RC4_FLAG), |
+ NSSUTIL_ARG_ENTRY(RC4,SECMOD_RC2_FLAG), |
+ NSSUTIL_ARG_ENTRY(DES,SECMOD_DES_FLAG), |
+ NSSUTIL_ARG_ENTRY(DH,SECMOD_DH_FLAG), |
+ NSSUTIL_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG), |
+ NSSUTIL_ARG_ENTRY(RC5,SECMOD_RC5_FLAG), |
+ NSSUTIL_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG), |
+ NSSUTIL_ARG_ENTRY(MD5,SECMOD_MD5_FLAG), |
+ NSSUTIL_ARG_ENTRY(MD2,SECMOD_MD2_FLAG), |
+ NSSUTIL_ARG_ENTRY(SSL,SECMOD_SSL_FLAG), |
+ NSSUTIL_ARG_ENTRY(TLS,SECMOD_TLS_FLAG), |
+ NSSUTIL_ARG_ENTRY(AES,SECMOD_AES_FLAG), |
+ NSSUTIL_ARG_ENTRY(Camellia,SECMOD_CAMELLIA_FLAG), |
+ NSSUTIL_ARG_ENTRY(SEED,SECMOD_SEED_FLAG), |
+ NSSUTIL_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG), |
+ NSSUTIL_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG), |
+ NSSUTIL_ARG_ENTRY(Disable, SECMOD_DISABLE_FLAG), |
+}; |
+ |
+static int nssutil_argSlotFlagTableSize = |
+ sizeof(nssutil_argSlotFlagTable)/sizeof(nssutil_argSlotFlagTable[0]); |
+ |
+ |
+/* turn the slot flags into a bit mask */ |
+unsigned long |
+NSSUTIL_ArgParseSlotFlags(char *label,char *params) |
{ |
- char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE); |
- PRBool first = PR_TRUE; |
+ char *flags,*index; |
+ unsigned long retValue = 0; |
+ int i; |
+ PRBool all = PR_FALSE; |
- PORT_Memset(flags,0,MAX_FLAG_SIZE); |
- if (internal) { |
- PORT_Strcat(flags,"internal"); |
- first = PR_FALSE; |
+ flags = NSSUTIL_ArgGetParamValue(label,params); |
+ if (flags == NULL) return 0; |
+ |
+ if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE; |
+ |
+ for (index=flags; *index; index=NSSUTIL_ArgNextFlag(index)) { |
+ for (i=0; i < nssutil_argSlotFlagTableSize; i++) { |
+ if (all || |
+ (PORT_Strncasecmp(index, nssutil_argSlotFlagTable[i].name, |
+ nssutil_argSlotFlagTable[i].len) == 0)) { |
+ retValue |= nssutil_argSlotFlagTable[i].value; |
+ } |
+ } |
} |
- if (isFIPS) { |
- if (!first) PORT_Strcat(flags,","); |
- PORT_Strcat(flags,"FIPS"); |
- first = PR_FALSE; |
+ PORT_Free(flags); |
+ return retValue; |
+} |
+ |
+ |
+/* parse a single slot specific parameter */ |
+static void |
+nssutil_argDecodeSingleSlotInfo(char *name, char *params, |
+ struct NSSUTILPreSlotInfoStr *slotInfo) |
+{ |
+ char *askpw; |
+ |
+ slotInfo->slotID=NSSUTIL_ArgDecodeNumber(name); |
+ slotInfo->defaultFlags=NSSUTIL_ArgParseSlotFlags("slotFlags",params); |
+ slotInfo->timeout=NSSUTIL_ArgReadLong("timeout",params, 0, NULL); |
+ |
+ askpw = NSSUTIL_ArgGetParamValue("askpw",params); |
+ slotInfo->askpw = 0; |
+ |
+ if (askpw) { |
+ if (PORT_Strcasecmp(askpw,"every") == 0) { |
+ slotInfo->askpw = -1; |
+ } else if (PORT_Strcasecmp(askpw,"timeout") == 0) { |
+ slotInfo->askpw = 1; |
+ } |
+ PORT_Free(askpw); |
+ slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS; |
} |
- if (isModuleDB) { |
- if (!first) PORT_Strcat(flags,","); |
- PORT_Strcat(flags,"moduleDB"); |
- first = PR_FALSE; |
- } |
- if (isModuleDBOnly) { |
- if (!first) PORT_Strcat(flags,","); |
- PORT_Strcat(flags,"moduleDBOnly"); |
- first = PR_FALSE; |
- } |
- if (isCritical) { |
- if (!first) PORT_Strcat(flags,","); |
- PORT_Strcat(flags,"critical"); |
- first = PR_FALSE; |
- } |
- return flags; |
+ slotInfo->hasRootCerts = NSSUTIL_ArgHasFlag("rootFlags", "hasRootCerts", |
+ params); |
+ slotInfo->hasRootTrust = NSSUTIL_ArgHasFlag("rootFlags", "hasRootTrust", |
+ params); |
} |
-static char * |
-secmod_mkCipherFlags(unsigned long ssl0, unsigned long ssl1) |
+/* parse all the slot specific parameters. */ |
+struct NSSUTILPreSlotInfoStr * |
+NSSUTIL_ArgParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) |
{ |
- char *cipher = NULL; |
- int i; |
+ char *slotIndex; |
+ struct NSSUTILPreSlotInfoStr *slotInfo = NULL; |
+ int i=0,count = 0,next; |
- for (i=0; i < sizeof(ssl0)*8; i++) { |
- if (ssl0 & (1<<i)) { |
- char *string; |
- if ((1<<i) == SECMOD_FORTEZZA_FLAG) { |
- string = PR_smprintf("%s","FORTEZZA"); |
- } else { |
- string = PR_smprintf("0h0x%08x",1<<i); |
- } |
- if (cipher) { |
- char *tmp; |
- tmp = PR_smprintf("%s,%s",cipher,string); |
- PR_smprintf_free(cipher); |
- PR_smprintf_free(string); |
- cipher = tmp; |
- } else { |
- cipher = string; |
- } |
- } |
+ *retCount = 0; |
+ if ((slotParams == NULL) || (*slotParams == 0)) return NULL; |
+ |
+ /* first count the number of slots */ |
+ for (slotIndex = NSSUTIL_ArgStrip(slotParams); *slotIndex; |
+ slotIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(slotIndex))) { |
+ count++; |
} |
- for (i=0; i < sizeof(ssl0)*8; i++) { |
- if (ssl1 & (1<<i)) { |
- if (cipher) { |
- char *tmp; |
- tmp = PR_smprintf("%s,0l0x%08x",cipher,1<<i); |
- PR_smprintf_free(cipher); |
- cipher = tmp; |
- } else { |
- cipher = PR_smprintf("0l0x%08x",1<<i); |
+ |
+ /* get the data structures */ |
+ if (arena) { |
+ slotInfo = PORT_ArenaZNewArray(arena, |
+ struct NSSUTILPreSlotInfoStr, count); |
+ } else { |
+ slotInfo = PORT_ZNewArray(struct NSSUTILPreSlotInfoStr, count); |
+ } |
+ if (slotInfo == NULL) return NULL; |
+ |
+ for (slotIndex = NSSUTIL_ArgStrip(slotParams), i = 0; |
+ *slotIndex && i < count ; ) { |
+ char *name; |
+ name = NSSUTIL_ArgGetLabel(slotIndex,&next); |
+ slotIndex += next; |
+ |
+ if (!NSSUTIL_ArgIsBlank(*slotIndex)) { |
+ char *args = NSSUTIL_ArgFetchValue(slotIndex,&next); |
+ slotIndex += next; |
+ if (args) { |
+ nssutil_argDecodeSingleSlotInfo(name,args,&slotInfo[i]); |
+ i++; |
+ PORT_Free(args); |
} |
} |
+ if (name) PORT_Free(name); |
+ slotIndex = NSSUTIL_ArgStrip(slotIndex); |
} |
- |
- return cipher; |
+ *retCount = i; |
+ return slotInfo; |
} |
+/************************************************************************ |
+ * make a new slot specific parameter |
+ */ |
+/* first make the slot flags */ |
static char * |
-secmod_mkSlotFlags(unsigned long defaultFlags) |
+nssutil_mkSlotFlags(unsigned long defaultFlags) |
{ |
char *flags=NULL; |
int i,j; |
@@ -677,9 +678,9 @@ |
if (defaultFlags & (1<<i)) { |
char *string = NULL; |
- for (j=0; j < secmod_argSlotFlagTableSize; j++) { |
- if (secmod_argSlotFlagTable[j].value == ( 1UL << i )) { |
- string = secmod_argSlotFlagTable[j].name; |
+ for (j=0; j < nssutil_argSlotFlagTableSize; j++) { |
+ if (nssutil_argSlotFlagTable[j].value == ( 1UL << i )) { |
+ string = nssutil_argSlotFlagTable[j].name; |
break; |
} |
} |
@@ -699,15 +700,15 @@ |
return flags; |
} |
-#define SECMOD_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust") |
- |
+/* now make the root flags */ |
+#define NSSUTIL_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust") |
static char * |
-secmod_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust) |
+nssutil_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust) |
{ |
- char *flags= (char *)PORT_ZAlloc(SECMOD_MAX_ROOT_FLAG_SIZE); |
+ char *flags= (char *)PORT_ZAlloc(NSSUTIL_MAX_ROOT_FLAG_SIZE); |
PRBool first = PR_TRUE; |
- PORT_Memset(flags,0,SECMOD_MAX_ROOT_FLAG_SIZE); |
+ PORT_Memset(flags,0,NSSUTIL_MAX_ROOT_FLAG_SIZE); |
if (hasRootCerts) { |
PORT_Strcat(flags,"hasRootCerts"); |
first = PR_FALSE; |
@@ -720,8 +721,9 @@ |
return flags; |
} |
-static char * |
-secmod_mkSlotString(unsigned long slotID, unsigned long defaultFlags, |
+/* now make a full slot string */ |
+char * |
+NSSUTIL_MkSlotString(unsigned long slotID, unsigned long defaultFlags, |
unsigned long timeout, unsigned char askpw_in, |
PRBool hasRootCerts, PRBool hasRootTrust) { |
char *askpw,*flags,*rootFlags,*slotString; |
@@ -738,10 +740,10 @@ |
askpw = "any"; |
break; |
} |
- flags = secmod_mkSlotFlags(defaultFlags); |
- rootFlags = secmod_mkRootFlags(hasRootCerts,hasRootTrust); |
- flagPair=secmod_formatPair("slotFlags",flags,'\''); |
- rootFlagsPair=secmod_formatPair("rootFlags",rootFlags,'\''); |
+ flags = nssutil_mkSlotFlags(defaultFlags); |
+ rootFlags = nssutil_mkRootFlags(hasRootCerts,hasRootTrust); |
+ flagPair = nssutil_formatPair("slotFlags",flags,'\''); |
+ rootFlagsPair = nssutil_formatPair("rootFlags",rootFlags,'\''); |
if (flags) PR_smprintf_free(flags); |
if (rootFlags) PORT_Free(rootFlags); |
if (defaultFlags & PK11_OWN_PW_DEFAULTS) { |
@@ -752,16 +754,180 @@ |
slotString = PR_smprintf("0x%08lx=[%s %s]", |
(PRUint32)slotID,flagPair,rootFlagsPair); |
} |
- secmod_freePair(flagPair); |
- secmod_freePair(rootFlagsPair); |
+ nssutil_freePair(flagPair); |
+ nssutil_freePair(rootFlagsPair); |
return slotString; |
} |
+ |
+/************************************************************************ |
+ * Parse Full module specs into: library, commonName, module parameters, |
+ * and NSS specifi parameters. |
+ */ |
+SECStatus |
+NSSUTIL_ArgParseModuleSpec(char *modulespec, char **lib, char **mod, |
+ char **parameters, char **nss) |
+{ |
+ int next; |
+ modulespec = NSSUTIL_ArgStrip(modulespec); |
+ |
+ *lib = *mod = *parameters = *nss = 0; |
+ |
+ while (*modulespec) { |
+ NSSUTIL_HANDLE_STRING_ARG(modulespec,*lib,"library=",;) |
+ NSSUTIL_HANDLE_STRING_ARG(modulespec,*mod,"name=",;) |
+ NSSUTIL_HANDLE_STRING_ARG(modulespec,*parameters,"parameters=",;) |
+ NSSUTIL_HANDLE_STRING_ARG(modulespec,*nss,"nss=",;) |
+ NSSUTIL_HANDLE_FINAL_ARG(modulespec) |
+ } |
+ return SECSuccess; |
+} |
+ |
+/************************************************************************ |
+ * make a new module spec from it's components */ |
+char * |
+NSSUTIL_MkModuleSpec(char *dllName, char *commonName, char *parameters, |
+ char *NSS) |
+{ |
+ char *moduleSpec; |
+ char *lib,*name,*param,*nss; |
+ |
+ /* |
+ * now the final spec |
+ */ |
+ lib = nssutil_formatPair("library",dllName,'\"'); |
+ name = nssutil_formatPair("name",commonName,'\"'); |
+ param = nssutil_formatPair("parameters",parameters,'\"'); |
+ nss = nssutil_formatPair("NSS",NSS,'\"'); |
+ moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss); |
+ nssutil_freePair(lib); |
+ nssutil_freePair(name); |
+ nssutil_freePair(param); |
+ nssutil_freePair(nss); |
+ return (moduleSpec); |
+} |
+ |
+ |
+#define NSSUTIL_ARG_FORTEZZA_FLAG "FORTEZZA" |
+/****************************************************************************** |
+ * Parse the cipher flags from the NSS parameter |
+ */ |
+void |
+NSSUTIL_ArgParseCipherFlags(unsigned long *newCiphers,char *cipherList) |
+{ |
+ newCiphers[0] = newCiphers[1] = 0; |
+ if ((cipherList == NULL) || (*cipherList == 0)) return; |
+ |
+ for (;*cipherList; cipherList=NSSUTIL_ArgNextFlag(cipherList)) { |
+ if (PORT_Strncasecmp(cipherList,NSSUTIL_ARG_FORTEZZA_FLAG, |
+ sizeof(NSSUTIL_ARG_FORTEZZA_FLAG)-1) == 0) { |
+ newCiphers[0] |= SECMOD_FORTEZZA_FLAG; |
+ } |
+ |
+ /* add additional flags here as necessary */ |
+ /* direct bit mapping escape */ |
+ if (*cipherList == 0) { |
+ if (cipherList[1] == 'l') { |
+ newCiphers[1] |= atoi(&cipherList[2]); |
+ } else { |
+ newCiphers[0] |= atoi(&cipherList[2]); |
+ } |
+ } |
+ } |
+} |
+ |
+ |
+/********************************************************************* |
+ * make NSS parameter... |
+ */ |
+/* First make NSS specific flags */ |
+#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\ |
+ sizeof("moduleDBOnly")+sizeof("critical") |
static char * |
-secmod_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS, |
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical, |
- unsigned long trustOrder, unsigned long cipherOrder, |
- unsigned long ssl0, unsigned long ssl1) { |
+nssutil_mkNSSFlags(PRBool internal, PRBool isFIPS, |
+ PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical) |
+{ |
+ char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE); |
+ PRBool first = PR_TRUE; |
+ |
+ PORT_Memset(flags,0,MAX_FLAG_SIZE); |
+ if (internal) { |
+ PORT_Strcat(flags,"internal"); |
+ first = PR_FALSE; |
+ } |
+ if (isFIPS) { |
+ if (!first) PORT_Strcat(flags,","); |
+ PORT_Strcat(flags,"FIPS"); |
+ first = PR_FALSE; |
+ } |
+ if (isModuleDB) { |
+ if (!first) PORT_Strcat(flags,","); |
+ PORT_Strcat(flags,"moduleDB"); |
+ first = PR_FALSE; |
+ } |
+ if (isModuleDBOnly) { |
+ if (!first) PORT_Strcat(flags,","); |
+ PORT_Strcat(flags,"moduleDBOnly"); |
+ first = PR_FALSE; |
+ } |
+ if (isCritical) { |
+ if (!first) PORT_Strcat(flags,","); |
+ PORT_Strcat(flags,"critical"); |
+ first = PR_FALSE; |
+ } |
+ return flags; |
+} |
+ |
+ |
+/* construct the NSS cipher flags */ |
+static char * |
+nssutil_mkCipherFlags(unsigned long ssl0, unsigned long ssl1) |
+{ |
+ char *cipher = NULL; |
+ int i; |
+ |
+ for (i=0; i < sizeof(ssl0)*8; i++) { |
+ if (ssl0 & (1<<i)) { |
+ char *string; |
+ if ((1<<i) == SECMOD_FORTEZZA_FLAG) { |
+ string = PR_smprintf("%s",NSSUTIL_ARG_FORTEZZA_FLAG); |
+ } else { |
+ string = PR_smprintf("0h0x%08x",1<<i); |
+ } |
+ if (cipher) { |
+ char *tmp; |
+ tmp = PR_smprintf("%s,%s",cipher,string); |
+ PR_smprintf_free(cipher); |
+ PR_smprintf_free(string); |
+ cipher = tmp; |
+ } else { |
+ cipher = string; |
+ } |
+ } |
+ } |
+ for (i=0; i < sizeof(ssl0)*8; i++) { |
+ if (ssl1 & (1<<i)) { |
+ if (cipher) { |
+ char *tmp; |
+ tmp = PR_smprintf("%s,0l0x%08x",cipher,1<<i); |
+ PR_smprintf_free(cipher); |
+ cipher = tmp; |
+ } else { |
+ cipher = PR_smprintf("0l0x%08x",1<<i); |
+ } |
+ } |
+ } |
+ |
+ return cipher; |
+} |
+ |
+/* Assemble a full NSS string. */ |
+char * |
+NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal, |
+ PRBool isFIPS, PRBool isModuleDB, PRBool isModuleDBOnly, |
+ PRBool isCritical, unsigned long trustOrder, |
+ unsigned long cipherOrder, unsigned long ssl0, unsigned long ssl1) |
+{ |
int slotLen, i; |
char *slotParams, *ciphers, *nss, *nssFlags, *tmp; |
char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair; |
@@ -788,29 +954,29 @@ |
/* |
* now the NSS structure |
*/ |
- nssFlags = secmod_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly, |
+ nssFlags = nssutil_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly, |
isCritical); |
/* for now only the internal module is critical */ |
- ciphers = secmod_mkCipherFlags(ssl0, ssl1); |
+ ciphers = nssutil_mkCipherFlags(ssl0, ssl1); |
- trustOrderPair=secmod_formatIntPair("trustOrder",trustOrder, |
- SECMOD_DEFAULT_TRUST_ORDER); |
- cipherOrderPair=secmod_formatIntPair("cipherOrder",cipherOrder, |
- SECMOD_DEFAULT_CIPHER_ORDER); |
- slotPair=secmod_formatPair("slotParams",slotParams,'{'); /* } */ |
+ trustOrderPair = nssutil_formatIntPair("trustOrder",trustOrder, |
+ NSSUTIL_DEFAULT_TRUST_ORDER); |
+ cipherOrderPair = nssutil_formatIntPair("cipherOrder",cipherOrder, |
+ NSSUTIL_DEFAULT_CIPHER_ORDER); |
+ slotPair=nssutil_formatPair("slotParams",slotParams,'{'); /* } */ |
if (slotParams) PORT_Free(slotParams); |
- cipherPair=secmod_formatPair("ciphers",ciphers,'\''); |
+ cipherPair=nssutil_formatPair("ciphers",ciphers,'\''); |
if (ciphers) PR_smprintf_free(ciphers); |
- flagPair=secmod_formatPair("Flags",nssFlags,'\''); |
+ flagPair=nssutil_formatPair("Flags",nssFlags,'\''); |
if (nssFlags) PORT_Free(nssFlags); |
nss = PR_smprintf("%s %s %s %s %s",trustOrderPair, |
cipherOrderPair,slotPair,cipherPair,flagPair); |
- secmod_freePair(trustOrderPair); |
- secmod_freePair(cipherOrderPair); |
- secmod_freePair(slotPair); |
- secmod_freePair(cipherPair); |
- secmod_freePair(flagPair); |
- tmp = secmod_argStrip(nss); |
+ nssutil_freePair(trustOrderPair); |
+ nssutil_freePair(cipherOrderPair); |
+ nssutil_freePair(slotPair); |
+ nssutil_freePair(cipherPair); |
+ nssutil_freePair(flagPair); |
+ tmp = NSSUTIL_ArgStrip(nss); |
if (*tmp == '\0') { |
PR_smprintf_free(nss); |
nss = NULL; |
@@ -818,24 +984,126 @@ |
return nss; |
} |
-static char * |
-secmod_mkNewModuleSpec(char *dllName, char *commonName, char *parameters, |
- char *NSS) { |
- char *moduleSpec; |
- char *lib,*name,*param,*nss; |
+/***************************************************************************** |
+ * |
+ * Private calls for use by softoken and utilmod.c |
+ */ |
- /* |
- * now the final spec |
- */ |
- lib = secmod_formatPair("library",dllName,'\"'); |
- name = secmod_formatPair("name",commonName,'\"'); |
- param = secmod_formatPair("parameters",parameters,'\"'); |
- nss = secmod_formatPair("NSS",NSS,'\"'); |
- moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss); |
- secmod_freePair(lib); |
- secmod_freePair(name); |
- secmod_freePair(param); |
- secmod_freePair(nss); |
- return (moduleSpec); |
+#define SQLDB "sql:" |
+#define EXTERNDB "extern:" |
+#define LEGACY "dbm:" |
+#define MULTIACCESS "multiaccess:" |
+#define SECMOD_DB "secmod.db" |
+const char * |
+_NSSUTIL_EvaluateConfigDir(const char *configdir, |
+ NSSDBType *pdbType, char **appName) |
+{ |
+ NSSDBType dbType; |
+ *appName = NULL; |
+/* force the default */ |
+#ifdef NSS_DISABLE_DBM |
+ dbType = NSS_DB_TYPE_SQL; |
+#else |
+ dbType = NSS_DB_TYPE_LEGACY; |
+#endif |
+ if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) { |
+ char *cdir; |
+ dbType = NSS_DB_TYPE_MULTIACCESS; |
+ |
+ *appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1); |
+ if (*appName == NULL) { |
+ return configdir; |
+ } |
+ cdir = *appName; |
+ while (*cdir && *cdir != ':') { |
+ cdir++; |
+ } |
+ if (*cdir == ':') { |
+ *cdir = 0; |
+ cdir++; |
+ } |
+ configdir = cdir; |
+ } else if (PORT_Strncmp(configdir, SQLDB, sizeof(SQLDB)-1) == 0) { |
+ dbType = NSS_DB_TYPE_SQL; |
+ configdir = configdir + sizeof(SQLDB) -1; |
+ } else if (PORT_Strncmp(configdir, EXTERNDB, sizeof(EXTERNDB)-1) == 0) { |
+ dbType = NSS_DB_TYPE_EXTERN; |
+ configdir = configdir + sizeof(EXTERNDB) -1; |
+ } else if (PORT_Strncmp(configdir, LEGACY, sizeof(LEGACY)-1) == 0) { |
+ dbType = NSS_DB_TYPE_LEGACY; |
+ configdir = configdir + sizeof(LEGACY) -1; |
+ } else { |
+ /* look up the default from the environment */ |
+ char *defaultType = PR_GetEnv("NSS_DEFAULT_DB_TYPE"); |
+ if (defaultType != NULL) { |
+ if (PORT_Strncmp(defaultType, SQLDB, sizeof(SQLDB)-2) == 0) { |
+ dbType = NSS_DB_TYPE_SQL; |
+ } else if (PORT_Strncmp(defaultType,EXTERNDB,sizeof(EXTERNDB)-2)==0) { |
+ dbType = NSS_DB_TYPE_EXTERN; |
+ } else if (PORT_Strncmp(defaultType, LEGACY, sizeof(LEGACY)-2) == 0) { |
+ dbType = NSS_DB_TYPE_LEGACY; |
+ } |
+ } |
+ } |
+ /* if the caller has already set a type, don't change it */ |
+ if (*pdbType == NSS_DB_TYPE_NONE) { |
+ *pdbType = dbType; |
+ } |
+ return configdir; |
} |
+char * |
+_NSSUTIL_GetSecmodName(char *param, NSSDBType *dbType, char **appName, |
+ char **filename, PRBool *rw) |
+{ |
+ int next; |
+ char *configdir = NULL; |
+ char *secmodName = NULL; |
+ char *value = NULL; |
+ char *save_params = param; |
+ const char *lconfigdir; |
+ param = NSSUTIL_ArgStrip(param); |
+ |
+ |
+ while (*param) { |
+ NSSUTIL_HANDLE_STRING_ARG(param,configdir,"configDir=",;) |
+ NSSUTIL_HANDLE_STRING_ARG(param,secmodName,"secmod=",;) |
+ NSSUTIL_HANDLE_FINAL_ARG(param) |
+ } |
+ |
+ *rw = PR_TRUE; |
+ if (NSSUTIL_ArgHasFlag("flags","readOnly",save_params)) { |
+ *rw = PR_FALSE; |
+ } |
+ |
+ if (!secmodName || *secmodName == '\0') { |
+ if (secmodName) PORT_Free(secmodName); |
+ secmodName = PORT_Strdup(SECMOD_DB); |
+ } |
+ |
+ *filename = secmodName; |
+ lconfigdir = _NSSUTIL_EvaluateConfigDir(configdir, dbType, appName); |
+ |
+ if (NSSUTIL_ArgHasFlag("flags","noModDB",save_params)) { |
+ /* there isn't a module db, don't load the legacy support */ |
+ *dbType = NSS_DB_TYPE_SQL; |
+ *rw = PR_FALSE; |
+ } |
+ |
+ /* only use the renamed secmod for legacy databases */ |
+ if ((*dbType != NSS_DB_TYPE_LEGACY) && |
+ (*dbType != NSS_DB_TYPE_MULTIACCESS)) { |
+ secmodName="pkcs11.txt"; |
+ } |
+ |
+ if (lconfigdir) { |
+ value = PR_smprintf("%s" NSSUTIL_PATH_SEPARATOR "%s", |
+ lconfigdir,secmodName); |
+ } else { |
+ value = PR_smprintf("%s",secmodName); |
+ } |
+ if (configdir) PORT_Free(configdir); |
+ return value; |
+} |
+ |
+ |