OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * The following handles the loading, unloading and management of | 5 * The following handles the loading, unloading and management of |
6 * various PCKS #11 modules | 6 * various PCKS #11 modules |
7 */ | 7 */ |
8 | 8 |
9 #include <ctype.h> | 9 #include <ctype.h> |
10 #include "pkcs11.h" | 10 #include "pkcs11.h" |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 *the other flags are set */ | 127 *the other flags are set */ |
128 #define SECMOD_FLAG_INTERNAL_KEY_SLOT 0x02 | 128 #define SECMOD_FLAG_INTERNAL_KEY_SLOT 0x02 |
129 | 129 |
130 /* | 130 /* |
131 * for 3.4 we continue to use the old SECMODModule structure | 131 * for 3.4 we continue to use the old SECMODModule structure |
132 */ | 132 */ |
133 SECMODModule * | 133 SECMODModule * |
134 SECMOD_CreateModule(const char *library, const char *moduleName, | 134 SECMOD_CreateModule(const char *library, const char *moduleName, |
135 const char *parameters, const char *nss) | 135 const char *parameters, const char *nss) |
136 { | 136 { |
| 137 return SECMOD_CreateModuleEx(library, moduleName, parameters, nss, NULL); |
| 138 } |
| 139 |
| 140 /* |
| 141 * for 3.4 we continue to use the old SECMODModule structure |
| 142 */ |
| 143 SECMODModule * |
| 144 SECMOD_CreateModuleEx(const char *library, const char *moduleName, |
| 145 const char *parameters, const char *nss, |
| 146 const char *config) |
| 147 { |
137 SECMODModule *mod = secmod_NewModule(); | 148 SECMODModule *mod = secmod_NewModule(); |
138 char *slotParams,*ciphers; | 149 char *slotParams,*ciphers; |
139 /* pk11pars.h still does not have const char * interfaces */ | 150 /* pk11pars.h still does not have const char * interfaces */ |
140 char *nssc = (char *)nss; | 151 char *nssc = (char *)nss; |
141 if (mod == NULL) return NULL; | 152 if (mod == NULL) return NULL; |
142 | 153 |
143 mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : ""); | 154 mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : ""); |
144 if (library) { | 155 if (library) { |
145 mod->dllName = PORT_ArenaStrdup(mod->arena,library); | 156 mod->dllName = PORT_ArenaStrdup(mod->arena,library); |
146 } | 157 } |
147 /* new field */ | 158 /* new field */ |
148 if (parameters) { | 159 if (parameters) { |
149 mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters); | 160 mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters); |
150 } | 161 } |
| 162 if (config) { |
| 163 /* XXX: Apply configuration */ |
| 164 } |
151 mod->internal = NSSUTIL_ArgHasFlag("flags","internal",nssc); | 165 mod->internal = NSSUTIL_ArgHasFlag("flags","internal",nssc); |
152 mod->isFIPS = NSSUTIL_ArgHasFlag("flags","FIPS",nssc); | 166 mod->isFIPS = NSSUTIL_ArgHasFlag("flags","FIPS",nssc); |
153 mod->isCritical = NSSUTIL_ArgHasFlag("flags","critical",nssc); | 167 mod->isCritical = NSSUTIL_ArgHasFlag("flags","critical",nssc); |
154 slotParams = NSSUTIL_ArgGetParamValue("slotParams",nssc); | 168 slotParams = NSSUTIL_ArgGetParamValue("slotParams",nssc); |
155 mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena,slotParams, | 169 mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena,slotParams, |
156 &mod->slotInfoCount); | 170 &mod->slotInfoCount); |
157 if (slotParams) PORT_Free(slotParams); | 171 if (slotParams) PORT_Free(slotParams); |
158 /* new field */ | 172 /* new field */ |
159 mod->trustOrder = NSSUTIL_ArgReadLong("trustOrder",nssc, | 173 mod->trustOrder = NSSUTIL_ArgReadLong("trustOrder",nssc, |
160 NSSUTIL_DEFAULT_TRUST_ORDER,NULL); | 174 NSSUTIL_DEFAULT_TRUST_ORDER,NULL); |
(...skipping 809 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
970 return SECFailure; | 984 return SECFailure; |
971 } | 985 } |
972 | 986 |
973 /* | 987 /* |
974 * load a PKCS#11 module but do not add it to the default NSS trust domain | 988 * load a PKCS#11 module but do not add it to the default NSS trust domain |
975 */ | 989 */ |
976 SECMODModule * | 990 SECMODModule * |
977 SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse) | 991 SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse) |
978 { | 992 { |
979 char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL; | 993 char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL; |
| 994 char *config = NULL; |
980 SECStatus status; | 995 SECStatus status; |
981 SECMODModule *module = NULL; | 996 SECMODModule *module = NULL; |
982 SECMODModule *oldModule = NULL; | 997 SECMODModule *oldModule = NULL; |
983 SECStatus rv; | 998 SECStatus rv; |
984 | 999 |
985 /* initialize the underlying module structures */ | 1000 /* initialize the underlying module structures */ |
986 SECMOD_Init(); | 1001 SECMOD_Init(); |
987 | 1002 |
988 status = NSSUTIL_ArgParseModuleSpec(modulespec, &library, &moduleName, | 1003 status = NSSUTIL_ArgParseModuleSpecEx(modulespec, &library, &moduleName, |
989 » » » » » » » ¶meters, &nss); | 1004 » » » » » » » ¶meters, &nss, |
| 1005 » » » » » » » &config); |
990 if (status != SECSuccess) { | 1006 if (status != SECSuccess) { |
991 goto loser; | 1007 goto loser; |
992 } | 1008 } |
993 | 1009 |
994 module = SECMOD_CreateModule(library, moduleName, parameters, nss); | 1010 module = SECMOD_CreateModuleEx(library, moduleName, parameters, nss, config)
; |
995 if (library) PORT_Free(library); | 1011 if (library) PORT_Free(library); |
996 if (moduleName) PORT_Free(moduleName); | 1012 if (moduleName) PORT_Free(moduleName); |
997 if (parameters) PORT_Free(parameters); | 1013 if (parameters) PORT_Free(parameters); |
998 if (nss) PORT_Free(nss); | 1014 if (nss) PORT_Free(nss); |
| 1015 if (config) PORT_Free(config); |
999 if (!module) { | 1016 if (!module) { |
1000 goto loser; | 1017 goto loser; |
1001 } | 1018 } |
1002 if (parent) { | 1019 if (parent) { |
1003 module->parent = SECMOD_ReferenceModule(parent); | 1020 module->parent = SECMOD_ReferenceModule(parent); |
1004 if (module->internal && secmod_IsInternalKeySlot(parent)) { | 1021 if (module->internal && secmod_IsInternalKeySlot(parent)) { |
1005 module->internal = parent->internal; | 1022 module->internal = parent->internal; |
1006 } | 1023 } |
1007 } | 1024 } |
1008 | 1025 |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1125 | 1142 |
1126 SECMOD_GetReadLock(moduleLock); | 1143 SECMOD_GetReadLock(moduleLock); |
1127 rv = STAN_RemoveModuleFromDefaultTrustDomain(mod); | 1144 rv = STAN_RemoveModuleFromDefaultTrustDomain(mod); |
1128 SECMOD_ReleaseReadLock(moduleLock); | 1145 SECMOD_ReleaseReadLock(moduleLock); |
1129 if (SECSuccess != rv) { | 1146 if (SECSuccess != rv) { |
1130 return SECFailure; | 1147 return SECFailure; |
1131 } | 1148 } |
1132 return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE); | 1149 return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE); |
1133 } | 1150 } |
1134 | 1151 |
OLD | NEW |