зеркало из https://github.com/mozilla/gecko-dev.git
Multi-access database changes.
This commit is contained in:
Родитель
c8ab7babb2
Коммит
1e4fbdcfa4
|
@ -34,7 +34,7 @@
|
||||||
* cdbhdl.h - certificate database handle
|
* cdbhdl.h - certificate database handle
|
||||||
* private to the certdb module
|
* private to the certdb module
|
||||||
*
|
*
|
||||||
* $Id: cdbhdl.h,v 1.2 2001/11/08 00:15:30 relyea%netscape.com Exp $
|
* $Id: cdbhdl.h,v 1.3 2002/04/05 09:17:49 relyea%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
#ifndef _CDBHDL_H_
|
#ifndef _CDBHDL_H_
|
||||||
#define _CDBHDL_H_
|
#define _CDBHDL_H_
|
||||||
|
@ -51,4 +51,19 @@ struct NSSLOWCERTCertDBHandleStr {
|
||||||
PZMonitor *dbMon;
|
PZMonitor *dbMon;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
#ifdef DBM_USING_NSPR
|
||||||
|
#define NO_RDONLY PR_RDONLY
|
||||||
|
#define NO_RDWR PR_RDWR
|
||||||
|
#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
|
||||||
|
#else
|
||||||
|
#define NO_RDONLY O_RDONLY
|
||||||
|
#define NO_RDWR O_RDWR
|
||||||
|
#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef DB * (*rdbfunc)(const char *appName, const char *prefix,
|
||||||
|
const char *type, int flags);
|
||||||
|
|
||||||
|
DB * rdbopen(const char *appName, const char *prefix,
|
||||||
|
const char *type, int flags);
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
* may use your version of this file under either the MPL or the
|
* may use your version of this file under either the MPL or the
|
||||||
* GPL.
|
* GPL.
|
||||||
*
|
*
|
||||||
# $Id: dbinit.c,v 1.8 2001/12/07 01:36:17 relyea%netscape.com Exp $
|
# $Id: dbinit.c,v 1.9 2002/04/05 09:17:49 relyea%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
@ -102,6 +102,29 @@ pk11_keydb_name_cb(void *arg, int dbVersion)
|
||||||
#define CKR_CERTDB_FAILED CKR_DEVICE_ERROR
|
#define CKR_CERTDB_FAILED CKR_DEVICE_ERROR
|
||||||
#define CKR_KEYDB_FAILED CKR_DEVICE_ERROR
|
#define CKR_KEYDB_FAILED CKR_DEVICE_ERROR
|
||||||
|
|
||||||
|
const char *
|
||||||
|
pk11_EvaluateConfigDir(const char *configdir,char **appName)
|
||||||
|
{
|
||||||
|
if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
|
||||||
|
char *cdir;
|
||||||
|
|
||||||
|
*appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
|
||||||
|
if (*appName == NULL) {
|
||||||
|
return configdir;
|
||||||
|
}
|
||||||
|
cdir = *appName;
|
||||||
|
while (*cdir && *cdir != ':') {
|
||||||
|
cdir++;
|
||||||
|
}
|
||||||
|
if (*cdir == ':') {
|
||||||
|
*cdir = 0;
|
||||||
|
cdir++;
|
||||||
|
}
|
||||||
|
configdir = cdir;
|
||||||
|
}
|
||||||
|
return configdir;
|
||||||
|
}
|
||||||
|
|
||||||
static CK_RV
|
static CK_RV
|
||||||
pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||||
NSSLOWCERTCertDBHandle **certdbPtr)
|
NSSLOWCERTCertDBHandle **certdbPtr)
|
||||||
|
@ -110,11 +133,14 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||||
CK_RV crv = CKR_CERTDB_FAILED;
|
CK_RV crv = CKR_CERTDB_FAILED;
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
char * name = NULL;
|
char * name = NULL;
|
||||||
|
char * appName = NULL;
|
||||||
|
|
||||||
if (prefix == NULL) {
|
if (prefix == NULL) {
|
||||||
prefix = "";
|
prefix = "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
configdir = pk11_EvaluateConfigDir(configdir, &appName);
|
||||||
|
|
||||||
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
||||||
if (name == NULL) goto loser;
|
if (name == NULL) goto loser;
|
||||||
|
|
||||||
|
@ -123,7 +149,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||||
goto loser;
|
goto loser;
|
||||||
|
|
||||||
/* fix when we get the DB in */
|
/* fix when we get the DB in */
|
||||||
rv = nsslowcert_OpenCertDB(certdb, readOnly,
|
rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
|
||||||
pk11_certdb_name_cb, (void *)name, PR_FALSE);
|
pk11_certdb_name_cb, (void *)name, PR_FALSE);
|
||||||
if (rv == SECSuccess) {
|
if (rv == SECSuccess) {
|
||||||
crv = CKR_OK;
|
crv = CKR_OK;
|
||||||
|
@ -133,6 +159,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||||
loser:
|
loser:
|
||||||
if (certdb) PR_Free(certdb);
|
if (certdb) PR_Free(certdb);
|
||||||
if (name) PORT_Free(name);
|
if (name) PORT_Free(name);
|
||||||
|
if (appName) PORT_Free(appName);
|
||||||
return crv;
|
return crv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,15 +169,20 @@ pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||||
{
|
{
|
||||||
NSSLOWKEYDBHandle *keydb;
|
NSSLOWKEYDBHandle *keydb;
|
||||||
char * name = NULL;
|
char * name = NULL;
|
||||||
|
char * appName = NULL;
|
||||||
|
|
||||||
if (prefix == NULL) {
|
if (prefix == NULL) {
|
||||||
prefix = "";
|
prefix = "";
|
||||||
}
|
}
|
||||||
|
configdir = pk11_EvaluateConfigDir(configdir, &appName);
|
||||||
|
|
||||||
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
||||||
if (name == NULL)
|
if (name == NULL)
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
keydb = nsslowkey_OpenKeyDB(readOnly, pk11_keydb_name_cb, (void *)name);
|
keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
|
||||||
|
pk11_keydb_name_cb, (void *)name);
|
||||||
PORT_Free(name);
|
PORT_Free(name);
|
||||||
|
if (appName) PORT_Free(appName);
|
||||||
if (keydb == NULL)
|
if (keydb == NULL)
|
||||||
return CKR_KEYDB_FAILED;
|
return CKR_KEYDB_FAILED;
|
||||||
*keydbPtr = keydb;
|
*keydbPtr = keydb;
|
||||||
|
@ -222,3 +254,39 @@ pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||||
keyHandle= NULL;
|
keyHandle= NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static rdbfunc pk11_rdbfunc;
|
||||||
|
|
||||||
|
/* NOTE: SHLIB_SUFFIX is defined on the command line */
|
||||||
|
#define RDBLIB "rdb."SHLIB_SUFFIX
|
||||||
|
|
||||||
|
DB * rdbopen(const char *appName, const char *prefix,
|
||||||
|
const char *type, int flags)
|
||||||
|
{
|
||||||
|
PRLibrary *lib;
|
||||||
|
DB *db;
|
||||||
|
|
||||||
|
if (pk11_rdbfunc) {
|
||||||
|
db = (*pk11_rdbfunc)(appName,prefix,type,flags);
|
||||||
|
return db;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* try to open the library.
|
||||||
|
*/
|
||||||
|
lib = PR_LoadLibrary(RDBLIB);
|
||||||
|
|
||||||
|
if (!lib) {
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* get the entry point */
|
||||||
|
pk11_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
|
||||||
|
if (pk11_rdbfunc) {
|
||||||
|
return (*pk11_rdbfunc)(appName,prefix,type,flags);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* couldn't find the entry point, unload the library and fail */
|
||||||
|
PR_UnloadLibrary(lib);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
*
|
*
|
||||||
* Private Key Database code
|
* Private Key Database code
|
||||||
*
|
*
|
||||||
* $Id: keydb.c,v 1.14 2002/04/05 03:33:42 nelsonb%netscape.com Exp $
|
* $Id: keydb.c,v 1.15 2002/04/05 09:17:49 relyea%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "lowkeyi.h"
|
#include "lowkeyi.h"
|
||||||
|
@ -47,6 +47,7 @@
|
||||||
#include "mcom_db.h"
|
#include "mcom_db.h"
|
||||||
#include "lowpbe.h"
|
#include "lowpbe.h"
|
||||||
#include "secerr.h"
|
#include "secerr.h"
|
||||||
|
#include "cdbhdl.h"
|
||||||
|
|
||||||
#include "keydbi.h"
|
#include "keydbi.h"
|
||||||
|
|
||||||
|
@ -531,13 +532,6 @@ keyDBFilenameCallback(void *arg, int dbVersion)
|
||||||
return(PORT_Strdup((char *)arg));
|
return(PORT_Strdup((char *)arg));
|
||||||
}
|
}
|
||||||
|
|
||||||
NSSLOWKEYDBHandle *
|
|
||||||
nsslowkey_OpenKeyDBFilename(char *dbname, PRBool readOnly)
|
|
||||||
{
|
|
||||||
return(nsslowkey_OpenKeyDB(readOnly, keyDBFilenameCallback,
|
|
||||||
(void *)dbname));
|
|
||||||
}
|
|
||||||
|
|
||||||
static SECStatus
|
static SECStatus
|
||||||
ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
|
ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
|
||||||
SECItem *oldpwitem, SECItem *newpwitem,
|
SECItem *oldpwitem, SECItem *newpwitem,
|
||||||
|
@ -577,148 +571,12 @@ nsslowkey_version(DB *db)
|
||||||
return 255;
|
return 255;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ret == 1 ) {
|
if ( ret >= 1 ) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return *( (unsigned char *)versionData.data);
|
return *( (unsigned char *)versionData.data);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef NSS_USE_KEY4_DB
|
|
||||||
nsslowkey_UpdateKey3DBPass1(NSSLOWKEYDBHandle *handle)
|
|
||||||
{
|
|
||||||
SECStatus rv;
|
|
||||||
DBT checkKey;
|
|
||||||
DBT checkData;
|
|
||||||
DBT saltKey;
|
|
||||||
DBT saltData;
|
|
||||||
DBT key;
|
|
||||||
DBT data;
|
|
||||||
DBT newKey;
|
|
||||||
unsigned char buf[SHA1_LENGTH];
|
|
||||||
unsigned char version;
|
|
||||||
SECItem *rc4key = NULL;
|
|
||||||
NSSLOWKEYDBKey *dbkey = NULL;
|
|
||||||
SECItem *oldSalt = NULL;
|
|
||||||
int ret;
|
|
||||||
SECItem checkitem;
|
|
||||||
|
|
||||||
if ( handle->updatedb == NULL ) {
|
|
||||||
return(SECSuccess);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* check the version record
|
|
||||||
*/
|
|
||||||
version = nsslowkey_version(handle->updatedb);
|
|
||||||
if (version != 3) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
saltKey.data = SALT_STRING;
|
|
||||||
saltKey.size = sizeof(SALT_STRING) - 1;
|
|
||||||
|
|
||||||
ret = (* handle->updatedb->get)(handle->updatedb, &saltKey, &saltData, 0);
|
|
||||||
if ( ret ) {
|
|
||||||
/* no salt in old db, so it is corrupted */
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
oldSalt = decodeKeyDBGlobalSalt(&saltData);
|
|
||||||
if ( oldSalt == NULL ) {
|
|
||||||
/* bad salt in old db, so it is corrupted */
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* look for a pw check entry
|
|
||||||
*/
|
|
||||||
checkKey.data = KEYDB_PW_CHECK_STRING;
|
|
||||||
checkKey.size = KEYDB_PW_CHECK_LEN;
|
|
||||||
|
|
||||||
ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
|
|
||||||
&checkData, 0 );
|
|
||||||
if (ret) {
|
|
||||||
checkKey.data = KEYDB_FAKE_PW_CHECK_STRING;
|
|
||||||
checkKey.size = KEYDB_FAKE_PW_CHECK_LEN;
|
|
||||||
ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
|
|
||||||
&checkData, 0 );
|
|
||||||
if (ret) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* put global salt into the new database now */
|
|
||||||
ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
|
|
||||||
if ( ret ) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (checkKey.size == KEYDB_PW_CHECK_LEN) {
|
|
||||||
dbkey = decode_dbkey(&checkData, 3);
|
|
||||||
if ( dbkey == NULL ) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
rv = put_dbkey(handle, &checkKey, dbkey, PR_FALSE);
|
|
||||||
ret = (rv != SECSuccess);
|
|
||||||
} else {
|
|
||||||
ret = (* handle->db->put)(handle->db, &checkKey, &checkData, 0);
|
|
||||||
}
|
|
||||||
if ( ret ) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* now traverse the database */
|
|
||||||
ret = (* handle->updatedb->seq)(handle->updatedb, &key, &data, R_FIRST);
|
|
||||||
if ( ret ) {
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
do {
|
|
||||||
|
|
||||||
/* skip version record */
|
|
||||||
if ( data.size > 1 ) {
|
|
||||||
/* skip salt */
|
|
||||||
if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
|
|
||||||
if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
/* skip pw check entry */
|
|
||||||
if ( key.size == checkKey.size ) {
|
|
||||||
if ( PORT_Memcmp(key.data, checkKey.data, key.size) == 0 ) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
dbkey = decode_dbkey(&data, 3);
|
|
||||||
if ( dbkey == NULL ) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
SHA1_HashBuf(buf,key.data,key.size);
|
|
||||||
newKey.data = buf;
|
|
||||||
newKey.size = SHA1_LENGTH;
|
|
||||||
|
|
||||||
rv = put_dbkey(handle, &newKey, dbkey, PR_FALSE);
|
|
||||||
|
|
||||||
sec_destroy_dbkey(dbkey);
|
|
||||||
|
|
||||||
}
|
|
||||||
} while ( (* handle->updatedb->seq)(handle->updatedb, &key, &data,
|
|
||||||
R_NEXT) == 0 );
|
|
||||||
|
|
||||||
done:
|
|
||||||
/* sync the database */
|
|
||||||
ret = (* handle->db->sync)(handle->db, 0);
|
|
||||||
|
|
||||||
(* handle->updatedb->close)(handle->updatedb);
|
|
||||||
handle->updatedb = NULL;
|
|
||||||
|
|
||||||
if ( oldSalt ) {
|
|
||||||
SECITEM_FreeItem(oldSalt, PR_TRUE);
|
|
||||||
}
|
|
||||||
return(SECSuccess);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static PRBool
|
static PRBool
|
||||||
seckey_HasAServerKey(DB *db)
|
seckey_HasAServerKey(DB *db)
|
||||||
{
|
{
|
||||||
|
@ -958,18 +816,9 @@ done:
|
||||||
return(SECSuccess);
|
return(SECSuccess);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DBM_USING_NSPR
|
|
||||||
#define NO_RDONLY PR_RDONLY
|
|
||||||
#define NO_RDWR PR_RDWR
|
|
||||||
#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
|
|
||||||
#else
|
|
||||||
#define NO_RDONLY O_RDONLY
|
|
||||||
#define NO_RDWR O_RDWR
|
|
||||||
#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
NSSLOWKEYDBHandle *
|
NSSLOWKEYDBHandle *
|
||||||
nsslowkey_OpenKeyDB(PRBool readOnly, NSSLOWKEYDBNameFunc namecb, void *cbarg)
|
nsslowkey_OpenKeyDB(PRBool readOnly, const char *appName, const char *prefix,
|
||||||
|
NSSLOWKEYDBNameFunc namecb, void *cbarg)
|
||||||
{
|
{
|
||||||
NSSLOWKEYDBHandle *handle;
|
NSSLOWKEYDBHandle *handle;
|
||||||
int ret;
|
int ret;
|
||||||
|
@ -993,8 +842,12 @@ nsslowkey_OpenKeyDB(PRBool readOnly, NSSLOWKEYDBNameFunc namecb, void *cbarg)
|
||||||
|
|
||||||
handle->dbname = PORT_Strdup(dbname);
|
handle->dbname = PORT_Strdup(dbname);
|
||||||
handle->readOnly = readOnly;
|
handle->readOnly = readOnly;
|
||||||
|
|
||||||
handle->db = dbopen( dbname, openflags, 0600, DB_HASH, 0 );
|
if (appName) {
|
||||||
|
handle->db = rdbopen( appName, prefix, "key", openflags);
|
||||||
|
} else {
|
||||||
|
handle->db = dbopen( dbname, openflags, 0600, DB_HASH, 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/* check for correct version number */
|
/* check for correct version number */
|
||||||
if (handle->db != NULL) {
|
if (handle->db != NULL) {
|
||||||
|
@ -1013,39 +866,18 @@ nsslowkey_OpenKeyDB(PRBool readOnly, NSSLOWKEYDBNameFunc namecb, void *cbarg)
|
||||||
}
|
}
|
||||||
|
|
||||||
newdb:
|
newdb:
|
||||||
|
|
||||||
/* if first open fails, try to create a new DB */
|
/* if first open fails, try to create a new DB */
|
||||||
if ( handle->db == NULL ) {
|
if ( handle->db == NULL ) {
|
||||||
#ifdef NSS_USE_KEY4_DB
|
|
||||||
char *dbname3 = (*namecb)(cbarg, 3);
|
|
||||||
|
|
||||||
if ( readOnly ) {
|
|
||||||
if (dbname3 == NULL) {
|
|
||||||
goto loser;
|
|
||||||
}
|
|
||||||
handle->db = dbopen( dbname3, NO_RDONLY, 0600, DB_HASH, 0 );
|
|
||||||
PORT_Free(handle->dbname);
|
|
||||||
handle->dbname = dbname3;
|
|
||||||
dbname3 = NULL;
|
|
||||||
if (handle->db == NULL) {
|
|
||||||
goto loser;
|
|
||||||
}
|
|
||||||
handle->version = nsslowkey_version(handle->db);
|
|
||||||
if (handle->version != 3) {
|
|
||||||
/* bogus version number record, reset the database */
|
|
||||||
(* handle->db->close)( handle->db );
|
|
||||||
handle->db = NULL;
|
|
||||||
goto loser;
|
|
||||||
}
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
if ( readOnly ) {
|
if ( readOnly ) {
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
handle->db = dbopen( dbname, NO_CREATE, 0600, DB_HASH, 0 );
|
if (appName) {
|
||||||
|
handle->db = rdbopen( appName, prefix, "key", NO_CREATE);
|
||||||
|
} else {
|
||||||
|
handle->db = dbopen( dbname, NO_CREATE, 0600, DB_HASH, 0 );
|
||||||
|
}
|
||||||
|
|
||||||
PORT_Free( dbname );
|
PORT_Free( dbname );
|
||||||
dbname = NULL;
|
dbname = NULL;
|
||||||
|
@ -1059,22 +891,6 @@ newdb:
|
||||||
if ( rv != SECSuccess ) {
|
if ( rv != SECSuccess ) {
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef NSS_USE_KEY4_DB
|
|
||||||
handle->updatedb = dbopen( dbname3, NO_RDONLY, 0600, DB_HASH, 0 );
|
|
||||||
PORT_Free(dbname3);
|
|
||||||
dbname3 = NULL;
|
|
||||||
if (handle->updatedb) {
|
|
||||||
/*
|
|
||||||
* copy the key data, all the real work happens in pass2
|
|
||||||
*/
|
|
||||||
rv = nsslowkey_UpdateKey3DBPass1(handle);
|
|
||||||
if ( rv == SECSuccess ) {
|
|
||||||
updated = PR_TRUE;
|
|
||||||
}
|
|
||||||
goto skip_v2_db;
|
|
||||||
}
|
|
||||||
#endif /* NSS_USE_KEY4_DB */
|
|
||||||
/*
|
/*
|
||||||
* try to update from v2 db
|
* try to update from v2 db
|
||||||
*/
|
*/
|
||||||
|
@ -1099,9 +915,6 @@ newdb:
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef NSS_USE_KEY4_DB
|
|
||||||
skip_v2_db:
|
|
||||||
#endif
|
|
||||||
/* we are using the old salt if we updated from an old db */
|
/* we are using the old salt if we updated from an old db */
|
||||||
if ( ! updated ) {
|
if ( ! updated ) {
|
||||||
rv = makeGlobalSalt(handle);
|
rv = makeGlobalSalt(handle);
|
||||||
|
@ -1117,9 +930,6 @@ skip_v2_db:
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef NSS_USE_KEY4_DB
|
|
||||||
done:
|
|
||||||
#endif
|
|
||||||
handle->global_salt = GetKeyDBGlobalSalt(handle);
|
handle->global_salt = GetKeyDBGlobalSalt(handle);
|
||||||
if ( dbname )
|
if ( dbname )
|
||||||
PORT_Free( dbname );
|
PORT_Free( dbname );
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
*
|
*
|
||||||
* key.h - public data structures and prototypes for the private key library
|
* key.h - public data structures and prototypes for the private key library
|
||||||
*
|
*
|
||||||
* $Id: lowkeyi.h,v 1.5 2002/02/21 22:41:38 ian.mcgreer%sun.com Exp $
|
* $Id: lowkeyi.h,v 1.6 2002/04/05 09:17:50 relyea%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _LOWKEYI_H_
|
#ifndef _LOWKEYI_H_
|
||||||
|
@ -66,11 +66,11 @@ typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
|
||||||
** Open a key database.
|
** Open a key database.
|
||||||
*/
|
*/
|
||||||
extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
|
extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
|
||||||
|
const char *domain,
|
||||||
|
const char *prefix,
|
||||||
NSSLOWKEYDBNameFunc namecb,
|
NSSLOWKEYDBNameFunc namecb,
|
||||||
void *cbarg);
|
void *cbarg);
|
||||||
|
|
||||||
extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDBFilename(char *filename,
|
|
||||||
PRBool readOnly);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Clear out all the keys in the existing database
|
* Clear out all the keys in the existing database
|
||||||
|
|
|
@ -40,15 +40,7 @@ LIBRARY_NAME = softokn
|
||||||
LIBRARY_VERSION = 3
|
LIBRARY_VERSION = 3
|
||||||
MAPFILE = $(OBJDIR)/softokn.def
|
MAPFILE = $(OBJDIR)/softokn.def
|
||||||
|
|
||||||
#
|
DEFINES += -DSHLIB_SUFFIX=\"${DLL_SUFFIX}\"
|
||||||
# turn this on to get key4 generation and use.
|
|
||||||
#
|
|
||||||
# key4.db is properly indexed so we don't have to do db traversals to find keys.
|
|
||||||
# turning on key4.db will automatically upgrade to key4 on startup if we open
|
|
||||||
# the directory R/W and key4.db doesn't exist. If we open the directory up
|
|
||||||
# R/O it opens and used the old key3.db without any update at all.
|
|
||||||
#
|
|
||||||
#DEFINES += -DNSS_USE_KEY4_DB
|
|
||||||
|
|
||||||
|
|
||||||
EXPORTS = \
|
EXPORTS = \
|
||||||
|
|
|
@ -139,6 +139,7 @@ nsslowcert_DestroyDBEntry(certDBEntry *entry);
|
||||||
|
|
||||||
SECStatus
|
SECStatus
|
||||||
nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
|
const char *domain, const char *prefix,
|
||||||
NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
|
NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
|
@ -34,7 +34,7 @@
|
||||||
/*
|
/*
|
||||||
* Permanent Certificate database handling code
|
* Permanent Certificate database handling code
|
||||||
*
|
*
|
||||||
* $Id: pcertdb.c,v 1.14 2002/04/05 03:33:42 nelsonb%netscape.com Exp $
|
* $Id: pcertdb.c,v 1.15 2002/04/05 09:17:50 relyea%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
#include "prtime.h"
|
#include "prtime.h"
|
||||||
|
|
||||||
|
@ -541,7 +541,7 @@ static SECStatus
|
||||||
DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
|
DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
|
||||||
{
|
{
|
||||||
unsigned int nnlen;
|
unsigned int nnlen;
|
||||||
int headerlen;
|
unsigned int headerlen;
|
||||||
int lenoff;
|
int lenoff;
|
||||||
|
|
||||||
/* allow updates of old versions of the database */
|
/* allow updates of old versions of the database */
|
||||||
|
@ -2602,6 +2602,7 @@ ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
|
||||||
certDBEntryVersion *entry;
|
certDBEntryVersion *entry;
|
||||||
SECItem dbkey;
|
SECItem dbkey;
|
||||||
SECItem dbentry;
|
SECItem dbentry;
|
||||||
|
SECStatus rv;
|
||||||
|
|
||||||
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
||||||
if ( arena == NULL ) {
|
if ( arena == NULL ) {
|
||||||
|
@ -2633,7 +2634,10 @@ ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
|
||||||
PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
|
PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
|
||||||
SEC_DB_VERSION_KEY_LEN);
|
SEC_DB_VERSION_KEY_LEN);
|
||||||
|
|
||||||
ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
|
rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
|
||||||
|
if (rv != SECSuccess) {
|
||||||
|
goto loser;
|
||||||
|
}
|
||||||
|
|
||||||
PORT_FreeArena(tmparena, PR_FALSE);
|
PORT_FreeArena(tmparena, PR_FALSE);
|
||||||
return(entry);
|
return(entry);
|
||||||
|
@ -2758,11 +2762,11 @@ AddPermSubjectNode(certDBEntrySubject *entry, NSSLOWCERTCertificate *cert,
|
||||||
char *nickname)
|
char *nickname)
|
||||||
{
|
{
|
||||||
SECItem *newCertKeys, *newKeyIDs;
|
SECItem *newCertKeys, *newKeyIDs;
|
||||||
int i;
|
unsigned int i;
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
NSSLOWCERTCertificate *cmpcert;
|
NSSLOWCERTCertificate *cmpcert;
|
||||||
unsigned int nnlen;
|
unsigned int nnlen;
|
||||||
int ncerts;
|
unsigned int ncerts;
|
||||||
|
|
||||||
|
|
||||||
PORT_Assert(entry);
|
PORT_Assert(entry);
|
||||||
|
@ -2860,7 +2864,7 @@ nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
|
||||||
NSSLOWCERTCertCallback cb, void *cbarg)
|
NSSLOWCERTCertCallback cb, void *cbarg)
|
||||||
{
|
{
|
||||||
certDBEntrySubject *entry;
|
certDBEntrySubject *entry;
|
||||||
int i;
|
unsigned int i;
|
||||||
NSSLOWCERTCertificate *cert;
|
NSSLOWCERTCertificate *cert;
|
||||||
SECStatus rv = SECSuccess;
|
SECStatus rv = SECSuccess;
|
||||||
|
|
||||||
|
@ -3551,7 +3555,8 @@ nsslowcert_CertNicknameConflict(char *nickname, SECItem *derSubject,
|
||||||
*/
|
*/
|
||||||
static SECStatus
|
static SECStatus
|
||||||
nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
NSSLOWCERTDBNameFunc namecb, void *cbarg)
|
const char *appName, const char *prefix,
|
||||||
|
NSSLOWCERTDBNameFunc namecb, void *cbarg)
|
||||||
{
|
{
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
int openflags;
|
int openflags;
|
||||||
|
@ -3572,7 +3577,11 @@ nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
/*
|
/*
|
||||||
* first open the permanent file based database.
|
* first open the permanent file based database.
|
||||||
*/
|
*/
|
||||||
handle->permCertDB = dbopen( certdbname, openflags, 0600, DB_HASH, 0 );
|
if (appName) {
|
||||||
|
handle->permCertDB = rdbopen( appName, prefix, "cert", openflags);
|
||||||
|
} else {
|
||||||
|
handle->permCertDB = dbopen( certdbname, openflags, 0600, DB_HASH, 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/* check for correct version number */
|
/* check for correct version number */
|
||||||
if ( handle->permCertDB ) {
|
if ( handle->permCertDB ) {
|
||||||
|
@ -3593,7 +3602,6 @@ nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* if first open fails, try to create a new DB */
|
/* if first open fails, try to create a new DB */
|
||||||
if ( handle->permCertDB == NULL ) {
|
if ( handle->permCertDB == NULL ) {
|
||||||
|
|
||||||
|
@ -3602,7 +3610,11 @@ nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
|
|
||||||
handle->permCertDB = dbopen(certdbname, NO_CREATE, 0600, DB_HASH, 0);
|
if (appName) {
|
||||||
|
handle->permCertDB=rdbopen( appName, prefix, "cert", NO_CREATE);
|
||||||
|
} else {
|
||||||
|
handle->permCertDB=dbopen(certdbname, NO_CREATE, 0600, DB_HASH, 0);
|
||||||
|
}
|
||||||
|
|
||||||
/* if create fails then we lose */
|
/* if create fails then we lose */
|
||||||
if ( handle->permCertDB == 0 ) {
|
if ( handle->permCertDB == 0 ) {
|
||||||
|
@ -4049,6 +4061,7 @@ done:
|
||||||
*/
|
*/
|
||||||
SECStatus
|
SECStatus
|
||||||
nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
|
const char *appName, const char *prefix,
|
||||||
NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
|
NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
|
||||||
{
|
{
|
||||||
int rv;
|
int rv;
|
||||||
|
@ -4058,7 +4071,8 @@ nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
|
||||||
handle->dbMon = PZ_NewMonitor(nssILockCertDB);
|
handle->dbMon = PZ_NewMonitor(nssILockCertDB);
|
||||||
PORT_Assert(handle->dbMon != NULL);
|
PORT_Assert(handle->dbMon != NULL);
|
||||||
|
|
||||||
rv = nsslowcert_OpenPermCertDB(handle, readOnly, namecb, cbarg);
|
rv = nsslowcert_OpenPermCertDB(handle, readOnly, appName, prefix,
|
||||||
|
namecb, cbarg);
|
||||||
if ( rv ) {
|
if ( rv ) {
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,6 +39,7 @@
|
||||||
#include "pk11pars.h"
|
#include "pk11pars.h"
|
||||||
#include "pkcs11i.h"
|
#include "pkcs11i.h"
|
||||||
#include "mcom_db.h"
|
#include "mcom_db.h"
|
||||||
|
#include "cdbhdl.h"
|
||||||
|
|
||||||
#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
|
#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
|
||||||
|
|
||||||
|
@ -247,13 +248,14 @@ secmod_freeParams(pk11_parameters *params)
|
||||||
|
|
||||||
|
|
||||||
char *
|
char *
|
||||||
secmod_getSecmodName(char *param, PRBool *rw)
|
secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
|
||||||
{
|
{
|
||||||
int next;
|
int next;
|
||||||
char *configdir = NULL;
|
char *configdir = NULL;
|
||||||
char *secmodName = NULL;
|
char *secmodName = NULL;
|
||||||
char *value = NULL;
|
char *value = NULL;
|
||||||
char *save_params = param;
|
char *save_params = param;
|
||||||
|
char *lconfigdir;
|
||||||
param = pk11_argStrip(param);
|
param = pk11_argStrip(param);
|
||||||
|
|
||||||
|
|
||||||
|
@ -268,13 +270,15 @@ secmod_getSecmodName(char *param, PRBool *rw)
|
||||||
pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
|
pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
|
||||||
|
|
||||||
if (!secmodName || *secmodName == '\0') secmodName = PORT_Strdup(SECMOD_DB);
|
if (!secmodName || *secmodName == '\0') secmodName = PORT_Strdup(SECMOD_DB);
|
||||||
|
*filename = secmodName;
|
||||||
|
|
||||||
if (configdir) {
|
lconfigdir = pk11_EvaluateConfigDir(configdir, appName);
|
||||||
|
|
||||||
|
if (lconfigdir) {
|
||||||
value = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,secmodName);
|
value = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,secmodName);
|
||||||
} else {
|
} else {
|
||||||
value = PORT_Strdup(secmodName);
|
value = PR_smprintf("%s",secmodName);
|
||||||
}
|
}
|
||||||
PORT_Free(secmodName);
|
|
||||||
if (configdir) PORT_Free(configdir);
|
if (configdir) PORT_Free(configdir);
|
||||||
return value;
|
return value;
|
||||||
}
|
}
|
||||||
|
@ -631,22 +635,26 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef DBM_USING_NSPR
|
|
||||||
#define NO_RDONLY PR_RDONLY
|
|
||||||
#define NO_RDWR PR_RDWR
|
|
||||||
#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
|
|
||||||
#else
|
|
||||||
#define NO_RDONLY O_RDONLY
|
|
||||||
#define NO_RDWR O_RDWR
|
|
||||||
#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
static DB *
|
static DB *
|
||||||
secmod_OpenDB(char *dbName, PRBool readOnly)
|
secmod_OpenDB(const char *appName,
|
||||||
|
const char *filename, const char *dbName, PRBool readOnly)
|
||||||
{
|
{
|
||||||
DB *pkcs11db = NULL;
|
DB *pkcs11db = NULL;
|
||||||
|
|
||||||
|
|
||||||
|
if (appName) {
|
||||||
|
char *secname = PORT_Strdup(filename);
|
||||||
|
int len = strlen(secname);
|
||||||
|
|
||||||
|
if (len >= 3 && PORT_Strcmp(&secname[len-3],".db") == 0) {
|
||||||
|
secname[len-3] = 0;
|
||||||
|
}
|
||||||
|
pkcs11db=rdbopen(appName, "", secname, readOnly ? NO_RDONLY:NO_CREATE);
|
||||||
|
PORT_Free(secname);
|
||||||
|
return pkcs11db;
|
||||||
|
}
|
||||||
|
|
||||||
/* I'm sure we should do more checks here sometime... */
|
/* I'm sure we should do more checks here sometime... */
|
||||||
pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
|
pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
|
||||||
|
|
||||||
|
@ -702,7 +710,8 @@ secmod_addEscape(const char *string, char quote)
|
||||||
* Read all the existing modules in
|
* Read all the existing modules in
|
||||||
*/
|
*/
|
||||||
char **
|
char **
|
||||||
secmod_ReadPermDB(char *dbname, char *params, PRBool rw)
|
secmod_ReadPermDB(const char *appName, const char *filename,
|
||||||
|
const char *dbname, char *params, PRBool rw)
|
||||||
{
|
{
|
||||||
DBT key,data;
|
DBT key,data;
|
||||||
int ret;
|
int ret;
|
||||||
|
@ -714,7 +723,7 @@ secmod_ReadPermDB(char *dbname, char *params, PRBool rw)
|
||||||
moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
|
moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
|
||||||
if (moduleList == NULL) return NULL;
|
if (moduleList == NULL) return NULL;
|
||||||
|
|
||||||
pkcs11db = secmod_OpenDB(dbname,PR_TRUE);
|
pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_TRUE);
|
||||||
if (pkcs11db == NULL) goto done;
|
if (pkcs11db == NULL) goto done;
|
||||||
|
|
||||||
/* read and parse the file or data base */
|
/* read and parse the file or data base */
|
||||||
|
@ -756,16 +765,29 @@ done:
|
||||||
if (pkcs11db) {
|
if (pkcs11db) {
|
||||||
secmod_CloseDB(pkcs11db);
|
secmod_CloseDB(pkcs11db);
|
||||||
} else {
|
} else {
|
||||||
secmod_AddPermDB(dbname,moduleList[0], rw) ;
|
secmod_AddPermDB(appName,filename,dbname,moduleList[0], rw) ;
|
||||||
}
|
}
|
||||||
return moduleList;
|
return moduleList;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
SECStatus
|
||||||
|
secmod_ReleasePermDBData(const char *appName, const char *filename,
|
||||||
|
const char *dbname, char **moduleSpecList, PRBool rw)
|
||||||
|
{
|
||||||
|
char **index;
|
||||||
|
for(index = moduleSpecList; *index; index++) {
|
||||||
|
PR_smprintf_free(*index);
|
||||||
|
}
|
||||||
|
PORT_Free(moduleSpecList);
|
||||||
|
return SECSuccess;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Delete a module from the Data Base
|
* Delete a module from the Data Base
|
||||||
*/
|
*/
|
||||||
SECStatus
|
SECStatus
|
||||||
secmod_DeletePermDB(char *dbname, char *args, PRBool rw)
|
secmod_DeletePermDB(const char *appName, const char *filename,
|
||||||
|
const char *dbname, char *args, PRBool rw)
|
||||||
{
|
{
|
||||||
DBT key;
|
DBT key;
|
||||||
SECStatus rv = SECFailure;
|
SECStatus rv = SECFailure;
|
||||||
|
@ -775,7 +797,7 @@ secmod_DeletePermDB(char *dbname, char *args, PRBool rw)
|
||||||
if (!rw) return SECFailure;
|
if (!rw) return SECFailure;
|
||||||
|
|
||||||
/* make sure we have a db handle */
|
/* make sure we have a db handle */
|
||||||
pkcs11db = secmod_OpenDB(dbname,PR_FALSE);
|
pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE);
|
||||||
if (pkcs11db == NULL) {
|
if (pkcs11db == NULL) {
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
}
|
}
|
||||||
|
@ -800,7 +822,8 @@ done:
|
||||||
* Add a module to the Data base
|
* Add a module to the Data base
|
||||||
*/
|
*/
|
||||||
SECStatus
|
SECStatus
|
||||||
secmod_AddPermDB(char *dbname, char *module, PRBool rw)
|
secmod_AddPermDB(const char *appName, const char *filename,
|
||||||
|
const char *dbname, char *module, PRBool rw)
|
||||||
{
|
{
|
||||||
DBT key,data;
|
DBT key,data;
|
||||||
SECStatus rv = SECFailure;
|
SECStatus rv = SECFailure;
|
||||||
|
@ -811,7 +834,7 @@ secmod_AddPermDB(char *dbname, char *module, PRBool rw)
|
||||||
if (!rw) return SECFailure;
|
if (!rw) return SECFailure;
|
||||||
|
|
||||||
/* make sure we have a db handle */
|
/* make sure we have a db handle */
|
||||||
pkcs11db = secmod_OpenDB(dbname,PR_FALSE);
|
pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE);
|
||||||
if (pkcs11db == NULL) {
|
if (pkcs11db == NULL) {
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2257,29 +2257,37 @@ pk11_DestroySlotData(PK11Slot *slot)
|
||||||
* handle the SECMOD.db
|
* handle the SECMOD.db
|
||||||
*/
|
*/
|
||||||
char **
|
char **
|
||||||
NSC_ModuleDBFunc(unsigned long function,char *parameters, char *args)
|
NSC_ModuleDBFunc(unsigned long function,char *parameters, void *args)
|
||||||
{
|
{
|
||||||
char *secmod;
|
char *secmod = NULL;
|
||||||
|
char *appName = NULL;
|
||||||
|
char *filename = NULL;
|
||||||
PRBool rw;
|
PRBool rw;
|
||||||
static char *success="Success";
|
static char *success="Success";
|
||||||
char **rvstr = NULL;
|
char **rvstr = NULL;
|
||||||
|
|
||||||
secmod = secmod_getSecmodName(parameters,&rw);
|
secmod = secmod_getSecmodName(parameters,&appName,&filename, &rw);
|
||||||
|
|
||||||
switch (function) {
|
switch (function) {
|
||||||
case SECMOD_MODULE_DB_FUNCTION_FIND:
|
case SECMOD_MODULE_DB_FUNCTION_FIND:
|
||||||
rvstr = secmod_ReadPermDB(secmod,parameters,rw);
|
rvstr = secmod_ReadPermDB(appName,filename,secmod,(char *)parameters,rw);
|
||||||
break;
|
break;
|
||||||
case SECMOD_MODULE_DB_FUNCTION_ADD:
|
case SECMOD_MODULE_DB_FUNCTION_ADD:
|
||||||
rvstr = (secmod_AddPermDB(secmod,args,rw) == SECSuccess)
|
rvstr = (secmod_AddPermDB(appName,filename,secmod,(char *)args,rw)
|
||||||
? &success: NULL;
|
== SECSuccess) ? &success: NULL;
|
||||||
break;
|
break;
|
||||||
case SECMOD_MODULE_DB_FUNCTION_DEL:
|
case SECMOD_MODULE_DB_FUNCTION_DEL:
|
||||||
rvstr = (secmod_DeletePermDB(secmod,args,rw) == SECSuccess)
|
rvstr = (secmod_DeletePermDB(appName,filename,secmod,(char *)args,rw)
|
||||||
? &success: NULL;
|
== SECSuccess) ? &success: NULL;
|
||||||
|
break;
|
||||||
|
case SECMOD_MODULE_DB_FUNCTION_RELEASE:
|
||||||
|
rvstr = (secmod_ReleasePermDBData(appName,filename,secmod,
|
||||||
|
(char **)args,rw) == SECSuccess) ? &success: NULL;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (secmod) PR_smprintf_free(secmod);
|
if (secmod) PR_smprintf_free(secmod);
|
||||||
|
if (appName) PORT_Free(appName);
|
||||||
|
if (filename) PORT_Free(filename);
|
||||||
return rvstr;
|
return rvstr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2425,6 +2433,7 @@ CK_RV NSC_GetInfo(CK_INFO_PTR pInfo)
|
||||||
return CKR_OK;
|
return CKR_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* NSC_GetSlotList obtains a list of slots in the system. */
|
/* NSC_GetSlotList obtains a list of slots in the system. */
|
||||||
CK_RV NSC_GetSlotList(CK_BBOOL tokenPresent,
|
CK_RV NSC_GetSlotList(CK_BBOOL tokenPresent,
|
||||||
CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
|
CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
|
||||||
|
@ -3213,7 +3222,6 @@ CK_RV NSC_CopyObject(CK_SESSION_HANDLE hSession,
|
||||||
if (crv != CKR_OK) {
|
if (crv != CKR_OK) {
|
||||||
pk11_FreeObject(destObject);
|
pk11_FreeObject(destObject);
|
||||||
pk11_FreeSession(session);
|
pk11_FreeSession(session);
|
||||||
return crv;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
crv = pk11_handleObject(destObject,session);
|
crv = pk11_handleObject(destObject,session);
|
||||||
|
|
|
@ -113,6 +113,8 @@
|
||||||
#endif
|
#endif
|
||||||
#define MAX_KEY_LEN 256
|
#define MAX_KEY_LEN 256
|
||||||
|
|
||||||
|
#define MULTIACCESS "multiaccess:"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
|
* LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
|
||||||
* With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
|
* With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
|
||||||
|
@ -594,10 +596,16 @@ extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
|
||||||
extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
|
extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
|
||||||
PRBool isFIPS);
|
PRBool isFIPS);
|
||||||
extern void secmod_freeParams(pk11_parameters *params);
|
extern void secmod_freeParams(pk11_parameters *params);
|
||||||
extern char *secmod_getSecmodName(char *params, PRBool *rw);
|
extern char *secmod_getSecmodName(char *params, char **domain,
|
||||||
extern char ** secmod_ReadPermDB(char *dbname, char *params, PRBool rw);
|
char **filename, PRBool *rw);
|
||||||
extern SECStatus secmod_DeletePermDB(char *dbname,char *args, PRBool rw);
|
extern char ** secmod_ReadPermDB(const char *domain, const char *filename,
|
||||||
extern SECStatus secmod_AddPermDB(char *dbname, char *module, PRBool rw);
|
const char *dbname, char *params, PRBool rw);
|
||||||
|
extern SECStatus secmod_DeletePermDB(const char *domain, const char *filename,
|
||||||
|
const char *dbname, char *args, PRBool rw);
|
||||||
|
extern SECStatus secmod_AddPermDB(const char *domain, const char *filename,
|
||||||
|
const char *dbname, char *module, PRBool rw);
|
||||||
|
extern SECStatus secmod_ReleasePermDBData(const char *domain,
|
||||||
|
const char *filename, const char *dbname, char **specList, PRBool rw);
|
||||||
/*
|
/*
|
||||||
* OK there are now lots of options here, lets go through them all:
|
* OK there are now lots of options here, lets go through them all:
|
||||||
*
|
*
|
||||||
|
@ -623,6 +631,8 @@ CK_RV pk11_DBInit(const char *configdir, const char *certPrefix,
|
||||||
void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||||
NSSLOWKEYDBHandle *keyHandle);
|
NSSLOWKEYDBHandle *keyHandle);
|
||||||
|
|
||||||
|
const char *pk11_EvaluateConfigDir(const char *configdir, char **domain);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* narrow objects
|
* narrow objects
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -36,7 +36,7 @@
|
||||||
#define _PKCS11N_H_
|
#define _PKCS11N_H_
|
||||||
|
|
||||||
#ifdef DEBUG
|
#ifdef DEBUG
|
||||||
static const char CKT_CVS_ID[] = "@(#) $RCSfile: pkcs11n.h,v $ $Revision: 1.3 $ $Date: 2002/03/02 00:52:04 $ $Name: $";
|
static const char CKT_CVS_ID[] = "@(#) $RCSfile: pkcs11n.h,v $ $Revision: 1.4 $ $Date: 2002/04/05 09:17:51 $ $Name: $";
|
||||||
#endif /* DEBUG */
|
#endif /* DEBUG */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -213,11 +213,13 @@ typedef CK_ULONG CK_TRUST;
|
||||||
* The function 'ADD' takes a PKCS #11 initialization string and stores it.
|
* The function 'ADD' takes a PKCS #11 initialization string and stores it.
|
||||||
* The function 'DEL' takes a 'name= library=' value and deletes the associated
|
* The function 'DEL' takes a 'name= library=' value and deletes the associated
|
||||||
* string.
|
* string.
|
||||||
|
* The function 'RELEASE' frees the array returned by 'FIND'
|
||||||
*/
|
*/
|
||||||
#define SECMOD_MODULE_DB_FUNCTION_FIND 0
|
#define SECMOD_MODULE_DB_FUNCTION_FIND 0
|
||||||
#define SECMOD_MODULE_DB_FUNCTION_ADD 1
|
#define SECMOD_MODULE_DB_FUNCTION_ADD 1
|
||||||
#define SECMOD_MODULE_DB_FUNCTION_DEL 2
|
#define SECMOD_MODULE_DB_FUNCTION_DEL 2
|
||||||
|
#define SECMOD_MODULE_DB_FUNCTION_RELEASE 3
|
||||||
typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
|
typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
|
||||||
char *parameters, char *moduleSpec);
|
char *parameters, void *moduleSpec);
|
||||||
|
|
||||||
#endif /* _PKCS11N_H_ */
|
#endif /* _PKCS11N_H_ */
|
||||||
|
|
|
@ -34,13 +34,21 @@
|
||||||
#include "nss.h"
|
#include "nss.h"
|
||||||
#include <winver.h>
|
#include <winver.h>
|
||||||
|
|
||||||
#define MY_LIBNAME "softokn"
|
#define MY_LIBNAME "softoken"
|
||||||
#ifdef MOZ_CLIENT
|
#ifdef MOZ_CLIENT
|
||||||
#define MY_FILEDESCRIPTION "NSS Builtin Crypto PKCS #11 Library for Clients"
|
#define CLIENTS " for Clients"
|
||||||
#else
|
#else
|
||||||
#define MY_FILEDESCRIPTION "NSS Builtin Crypto PKCS #11 Library"
|
#define CLIENTS ""
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef REMOTE_DBM
|
||||||
|
#define DBM " with Shared Database"
|
||||||
|
#else
|
||||||
|
#define DBM ""
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define MY_FILEDESCRIPTION "NSS PKCS #11 Library" CLIENTS DBM
|
||||||
|
|
||||||
#define STRINGIZE(x) #x
|
#define STRINGIZE(x) #x
|
||||||
#define STRINGIZE2(x) STRINGIZE(x)
|
#define STRINGIZE2(x) STRINGIZE(x)
|
||||||
#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
|
#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
|
||||||
|
|
Загрузка…
Ссылка в новой задаче