Fix for 132461 - add better functions to load and remove modules dynamically r=relyea

2002-03-21 03:35:28 +00:00 · 2002-03-21 03:35:28 +00:00 · 0b1cba67e5
--- a/security/nss/lib/pk11wrap/pk11pars.c
+++ b/security/nss/lib/pk11wrap/pk11pars.c
@ -272,6 +272,9 @@ SECMOD_FreeModuleSpecList(SECMODModule *parent, char **moduleSpecList)
    return SECSuccess;
 }

+/* internal function that loads a PKCS#11 module but does not add it to the
+   default NSS trust domain */
+
 SECMODModule *
 SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
 {
@ -349,3 +352,43 @@ loser:
    }
    return module;
 }
+
+/* exported function that loads a PKCS#11 module and adds it to the default
+   NSS trust domain */
+
+SECMODModule *
+SECMOD_LoadUserModule(char *modulespec,SECMODModule *parent, PRBool recurse)
+{
+    SECStatus rv = SECSuccess;
+    SECMODModule * newmod = SECMOD_LoadModule(modulespec, parent, recurse);
+    if (newmod)
+    {
+        rv = STAN_AddModuleToDefaultTrustDomain(newmod);
+        if (SECSuccess != rv)
+        {
+            SECMOD_DestroyModule(newmod);
+            return NULL;
+        }
+    }
+    return newmod;
+}
+
+/* exported call that removes the PKCS#11 module from the default NSS trust
+   domain, call C_Finalize, and destroy the module structure */
+
+SECStatus SECMOD_UnloadUserModule(SECMODModule *mod)
+{
+    SECStatus rv = SECSuccess;
+    int atype = 0;
+    if (!mod)
+    {
+        return SECFailure;
+    }
+    rv = STAN_AddModuleToDefaultTrustDomain(mod);
+    if (SECSuccess != rv)
+    {
+        return SECFailure;
+    }
+    return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE);
+}
+
--- a/security/nss/lib/pk11wrap/pk11util.c
+++ b/security/nss/lib/pk11wrap/pk11util.c
@ -224,12 +224,13 @@ PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) {
    return NULL;
 }

-
 /*
- * find a module by name and delete it of the module list
+ * find a module by name or module pointer, and delete it off the module list
+ * optionally remove it from secmod.db
 */
+
 SECStatus
-SECMOD_DeleteModule(char *name, int *type) {
+SECMOD_DeleteModuleEx(char * name, SECMODModule *mod, int *type, PRBool permdb) {
    SECMODModuleList *mlp;
    SECMODModuleList **mlpp;
    SECStatus rv = SECFailure;
@ -240,7 +241,8 @@ SECMOD_DeleteModule(char *name, int *type) {
    SECMOD_GetWriteLock(moduleLock);
    for(mlpp = &modules,mlp = modules; 
 				mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
-	if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
+        if ( ( name && (PORT_Strcmp(name,mlp->module->commonName) == 0) ) ||
+             mod == mlp->module ) {
 	    /* don't delete the internal module */
 	    if (!mlp->module->internal) {
 		SECMOD_RemoveList(mlpp,mlp);
@ -256,14 +258,23 @@ SECMOD_DeleteModule(char *name, int *type) {
    }
    SECMOD_ReleaseWriteLock(moduleLock);

-
    if (rv == SECSuccess) {
- 	SECMOD_DeletePermDB(mlp->module);
+        if (permdb) {
+ 	    SECMOD_DeletePermDB(mlp->module);
+        }
 	SECMOD_DestroyModuleListElement(mlp);
    }
    return rv;
 }

+/*
+ * find a module by name and delete it of the module list
+ */
+SECStatus
+SECMOD_DeleteModule(char *name, int *type) {
+    return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE);
+}
+
 /*
 * find a module by name and delete it of the module list
 */
@ -329,7 +340,7 @@ SECMOD_DeleteInternalModule(char *name) {
 }

 SECStatus
-SECMOD_AddModule(SECMODModule *newModule) {
+SECMOD_AddModuleEx(SECMODModule *newModule, PRBool permdb) {
    SECStatus rv;
    SECMODModule *oldModule;

@ -353,7 +364,9 @@ SECMOD_AddModule(SECMODModule *newModule) {
 	newModule->parent = SECMOD_ReferenceModule(defaultDBModule);
    }

-    SECMOD_AddPermDB(newModule);
+    if (permdb) {
+        SECMOD_AddPermDB(newModule);
+    }
    SECMOD_AddModuleToList(newModule);

    rv = STAN_AddModuleToDefaultTrustDomain(newModule);
@ -361,6 +374,11 @@ SECMOD_AddModule(SECMODModule *newModule) {
    return rv;
 }

+SECStatus
+SECMOD_AddModule(SECMODModule *newModule) {
+    return SECMOD_AddModuleEx(newModule, PR_TRUE);
+}
+
 PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name) {
    int i;
    char *string;
--- a/security/nss/lib/pk11wrap/secmod.h
+++ b/security/nss/lib/pk11wrap/secmod.h
@ -81,8 +81,11 @@ SEC_BEGIN_PROTOS
 */

 /* Initialization */
-extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
+extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent,
 							PRBool recurse);
+
+SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
+
 SECMODModule * SECMOD_CreateModule(char *lib, char *name, char *param, 
 								char *nss);
 extern void SECMOD_Shutdown(void);
@ -91,6 +94,7 @@ extern void SECMOD_Shutdown(void);
 /* Module Management */
 char **SECMOD_GetModuleSpecList(SECMODModule *module);
 SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
+
 
 /* protoypes */
 extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
--- a/security/nss/lib/pk11wrap/secmodi.h
+++ b/security/nss/lib/pk11wrap/secmodi.h
@ -74,6 +74,7 @@ extern SECMODModuleList *SECMOD_NewModuleListElement(void);
 extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
 extern void SECMOD_DestroyModuleList(SECMODModuleList *);
 extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
+SECStatus SECMOD_DeleteModuleEx(char * name, SECMODModule *mod, int *type, PRBool permdb);

 extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
 extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);