Back to index

lightning-sunbird  0.9+nobinonly
Functions | Variables
pk11load.c File Reference
#include "seccomon.h"
#include "pkcs11.h"
#include "secmod.h"
#include "prlink.h"
#include "pk11func.h"
#include "secmodi.h"
#include "secmodti.h"
#include "nssilock.h"
#include "secerr.h"
#include "prenv.h"

Go to the source code of this file.

Functions

void FC_GetFunctionList (void)
void NSC_GetFunctionList (void)
void NSC_ModuleDBFunc (void)
CK_RV PR_CALLBACK secmodCreateMutext (CK_VOID_PTR_PTR pmutex)
CK_RV PR_CALLBACK secmodDestroyMutext (CK_VOID_PTR mutext)
CK_RV PR_CALLBACK secmodLockMutext (CK_VOID_PTR mutext)
CK_RV PR_CALLBACK secmodUnlockMutext (CK_VOID_PTR mutext)
SECStatus pk11_setGlobalOptions (PRBool noSingleThreadedModules, PRBool allowAlreadyInitializedModules, PRBool dontFinalizeModules)
PRBool pk11_getFinalizeModulesOption (void)
SECStatus secmod_ModuleInit (SECMODModule *mod, PRBool *alreadyLoaded)
void SECMOD_SetRootCerts (PK11SlotInfo *slot, SECMODModule *mod)
SECStatus SECMOD_LoadPKCS11Module (SECMODModule *mod)
SECStatus SECMOD_UnloadModule (SECMODModule *mod)
void nss_DumpModuleLog (void)

Variables

static SECMODModuleID nextModuleID = 1
static const CK_C_INITIALIZE_ARGS secmodLockFunctions
static PRBool loadSingleThreadedModules = PR_TRUE
static PRBool enforceAlreadyInitializedError = PR_TRUE
static PRBool finalizeModules = PR_TRUE

Function Documentation

Here is the caller graph for this function:

Here is the caller graph for this function:

Here is the caller graph for this function:

Definition at line 435 of file pk11load.c.

{
#ifdef DEBUG_MODULE
    if (modToDBG) {
       print_final_statistics();
    }
#endif
}

Here is the caller graph for this function:

Definition at line 122 of file pk11load.c.

{
    return finalizeModules;
}

Here is the caller graph for this function:

SECStatus pk11_setGlobalOptions ( PRBool  noSingleThreadedModules,
PRBool  allowAlreadyInitializedModules,
PRBool  dontFinalizeModules 
)

Definition at line 100 of file pk11load.c.

{
    if (noSingleThreadedModules) {
        loadSingleThreadedModules = PR_FALSE;
    } else {
        loadSingleThreadedModules = PR_TRUE;
    }
    if (allowAlreadyInitializedModules) {
        enforceAlreadyInitializedError = PR_FALSE;
    } else {
        enforceAlreadyInitializedError = PR_TRUE;
    }
    if (dontFinalizeModules) {
        finalizeModules = PR_FALSE;
    } else {
        finalizeModules = PR_TRUE;
    }
    return SECSuccess;
}

Here is the caller graph for this function:

SECStatus SECMOD_LoadPKCS11Module ( SECMODModule *  mod)

Definition at line 229 of file pk11load.c.

                                           {
    PRLibrary *library = NULL;
    CK_C_GetFunctionList entry = NULL;
    char * full_name;
    CK_INFO info;
    CK_ULONG slotCount = 0;
    SECStatus rv;
    PRBool alreadyLoaded = PR_FALSE;
    char *disableUnload = NULL;

    if (mod->loaded) return SECSuccess;

    /* intenal modules get loaded from their internal list */
    if (mod->internal) {
       /* internal, statically get the C_GetFunctionList function */
       if (mod->isFIPS) {
           entry = (CK_C_GetFunctionList) FC_GetFunctionList;
       } else {
           entry = (CK_C_GetFunctionList) NSC_GetFunctionList;
       }
       if (mod->isModuleDB) {
           mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
       }
       if (mod->moduleDBOnly) {
           mod->loaded = PR_TRUE;
           return SECSuccess;
       }
    } else {
       /* Not internal, load the DLL and look up C_GetFunctionList */
       if (mod->dllName == NULL) {
           return SECFailure;
       }

#ifdef notdef
       /* look up the library name */
       full_name = PR_GetLibraryName(PR_GetLibraryPath(),mod->dllName);
       if (full_name == NULL) {
           return SECFailure;
       }
#else
       full_name = PORT_Strdup(mod->dllName);
#endif

       /* load the library. If this succeeds, then we have to remember to
        * unload the library if anything goes wrong from here on out...
        */
       library = PR_LoadLibrary(full_name);
       mod->library = (void *)library;
       PORT_Free(full_name);
       if (library == NULL) {
           return SECFailure;
       }

       /*
        * now we need to get the entry point to find the function pointers
        */
       if (!mod->moduleDBOnly) {
           entry = (CK_C_GetFunctionList)
                     PR_FindSymbol(library, "C_GetFunctionList");
       }
       if (mod->isModuleDB) {
           mod->moduleDBFunc = (void *)
                     PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
       }
       if (mod->moduleDBFunc == NULL) mod->isModuleDB = PR_FALSE;
       if (entry == NULL) {
           if (mod->isModuleDB) {
              mod->loaded = PR_TRUE;
              mod->moduleDBOnly = PR_TRUE;
              return SECSuccess;
           }
           PR_UnloadLibrary(library);
           return SECFailure;
       }
    }

    /*
     * We need to get the function list
     */
    if ((*entry)((CK_FUNCTION_LIST_PTR *)&mod->functionList) != CKR_OK) 
                                                        goto fail;

#ifdef DEBUG_MODULE
    if (PR_TRUE) {
       modToDBG = PR_GetEnv("NSS_DEBUG_PKCS11_MODULE");
       if (modToDBG && strcmp(mod->commonName, modToDBG) == 0) {
           mod->functionList = (void *)nss_InsertDeviceLog(
                                  (CK_FUNCTION_LIST_PTR)mod->functionList);
       }
    }
#endif

    mod->isThreadSafe = PR_TRUE;

    /* Now we initialize the module */
    rv = secmod_ModuleInit(mod, &alreadyLoaded);
    if (rv != SECSuccess) {
       goto fail;
    }

    /* check the version number */
    if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2;
    if (info.cryptokiVersion.major != 2) goto fail2;
    /* all 2.0 are a priori *not* thread safe */
    if (info.cryptokiVersion.minor < 1) {
        if (!loadSingleThreadedModules) {
            PORT_SetError(SEC_ERROR_INCOMPATIBLE_PKCS11);
            goto fail2;
        } else {
            mod->isThreadSafe = PR_FALSE;
        }
    }
    mod->cryptokiVersion = info.cryptokiVersion;

    /* If we don't have a common name, get it from the PKCS 11 module */
    if ((mod->commonName == NULL) || (mod->commonName[0] == 0)) {
       mod->commonName = PK11_MakeString(mod->arena,NULL,
          (char *)info.libraryDescription, sizeof(info.libraryDescription));
       if (mod->commonName == NULL) goto fail2;
    }
    

    /* initialize the Slots */
    if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) {
       CK_SLOT_ID *slotIDs;
       int i;
       CK_RV crv;

       mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena,
                                   sizeof(PK11SlotInfo *) * slotCount);
       if (mod->slots == NULL) goto fail2;

       slotIDs = (CK_SLOT_ID *) PORT_Alloc(sizeof(CK_SLOT_ID)*slotCount);
       if (slotIDs == NULL) {
           goto fail2;
       }  
       crv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount);
       if (crv != CKR_OK) {
           PORT_Free(slotIDs);
           goto fail2;
       }

       /* Initialize each slot */
       for (i=0; i < (int)slotCount; i++) {
           mod->slots[i] = PK11_NewSlotInfo(mod);
           PK11_InitSlot(mod,slotIDs[i],mod->slots[i]);
           /* look down the slot info table */
           PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount);
           SECMOD_SetRootCerts(mod->slots[i],mod);
       }
       mod->slotCount = slotCount;
       mod->slotInfoCount = 0;
       PORT_Free(slotIDs);
    }
    
    mod->loaded = PR_TRUE;
    mod->moduleID = nextModuleID++;
    return SECSuccess;
fail2:
    if (enforceAlreadyInitializedError || (!alreadyLoaded)) {
        PK11_GETTAB(mod)->C_Finalize(NULL);
    }
fail:
    mod->functionList = NULL;
    disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
    if (library && !disableUnload) {
        PR_UnloadLibrary(library);
    }
    return SECFailure;
}

Here is the caller graph for this function:

SECStatus secmod_ModuleInit ( SECMODModule *  mod,
PRBool alreadyLoaded 
)

Definition at line 131 of file pk11load.c.

{
    CK_C_INITIALIZE_ARGS moduleArgs;
    CK_VOID_PTR pInitArgs;
    CK_RV crv;

    if (!mod || !alreadyLoaded) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }

    if (mod->isThreadSafe == PR_FALSE) {
       pInitArgs = NULL;
    } else if (mod->libraryParams == NULL) {
       pInitArgs = (void *) &secmodLockFunctions;
    } else {
       moduleArgs = secmodLockFunctions;
       moduleArgs.LibraryParameters = (void *) mod->libraryParams;
       pInitArgs = &moduleArgs;
    }
    crv = PK11_GETTAB(mod)->C_Initialize(pInitArgs);
    if ((CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) &&
        (!enforceAlreadyInitializedError)) {
        *alreadyLoaded = PR_TRUE;
        return SECSuccess;
    }
    if (crv != CKR_OK) {
       if (pInitArgs == NULL ||
              crv == CKR_NETSCAPE_CERTDB_FAILED ||
              crv == CKR_NETSCAPE_KEYDB_FAILED) {
           PORT_SetError(PK11_MapError(crv));
           return SECFailure;
       }
       if (!loadSingleThreadedModules) {
           PORT_SetError(SEC_ERROR_INCOMPATIBLE_PKCS11);
           return SECFailure;
       }
       mod->isThreadSafe = PR_FALSE;
       crv = PK11_GETTAB(mod)->C_Initialize(NULL);
       if ((CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) &&
           (!enforceAlreadyInitializedError)) {
           *alreadyLoaded = PR_TRUE;
           return SECSuccess;
       }
       if (crv != CKR_OK)  {
           PORT_SetError(PK11_MapError(crv));
           return SECFailure;
       }
    }
    return SECSuccess;
}

Here is the caller graph for this function:

void SECMOD_SetRootCerts ( PK11SlotInfo *  slot,
SECMODModule *  mod 
)

Definition at line 188 of file pk11load.c.

                                                           {
    PK11PreSlotInfo *psi = NULL;
    int i;

    if (slot->hasRootCerts) {
       for (i=0; i < mod->slotInfoCount; i++) {
           if (slot->slotID == mod->slotInfo[i].slotID) {
              psi = &mod->slotInfo[i];
              break;
           }
       }
       if (psi == NULL) {
          /* allocate more slots */
          PK11PreSlotInfo *psi_list = (PK11PreSlotInfo *)
              PORT_ArenaAlloc(mod->arena,
                     (mod->slotInfoCount+1)* sizeof(PK11PreSlotInfo));
          /* copy the old ones */
          if (mod->slotInfoCount > 0) {
              PORT_Memcpy(psi_list,mod->slotInfo,
                            (mod->slotInfoCount)*sizeof(PK11PreSlotInfo));
          }
          /* assign psi to the last new slot */
          psi = &psi_list[mod->slotInfoCount];
          psi->slotID = slot->slotID;
          psi->askpw = 0;
          psi->timeout = 0;
          psi ->defaultFlags = 0;

          /* increment module count & store new list */
          mod->slotInfo = psi_list;
          mod->slotInfoCount++;
          
       }
       psi->hasRootCerts = 1;
    }
}

Here is the call graph for this function:

Here is the caller graph for this function:

SECStatus SECMOD_UnloadModule ( SECMODModule *  mod)

Definition at line 401 of file pk11load.c.

                                       {
    PRLibrary *library;
    char *disableUnload = NULL;

    if (!mod->loaded) {
       return SECFailure;
    }
    if (finalizeModules) {
        if (!mod->moduleDBOnly) PK11_GETTAB(mod)->C_Finalize(NULL);
    }
    mod->moduleID = 0;
    mod->loaded = PR_FALSE;
    
    /* do we want the semantics to allow unloading the internal library?
     * if not, we should change this to SECFailure and move it above the
     * mod->loaded = PR_FALSE; */
    if (mod->internal) {
       return SECSuccess;
    }

    library = (PRLibrary *)mod->library;
    /* paranoia */
    if (library == NULL) {
       return SECFailure;
    }

    disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
    if (!disableUnload) {
        PR_UnloadLibrary(library);
    }
    return SECSuccess;
}

Here is the caller graph for this function:

Definition at line 66 of file pk11load.c.

                                                             {
    *pmutex = (CK_VOID_PTR) PZ_NewLock(nssILockOther);
    if ( *pmutex ) return CKR_OK;
    return CKR_HOST_MEMORY;
}

Definition at line 72 of file pk11load.c.

                                                          {
    PZ_DestroyLock((PZLock *)mutext);
    return CKR_OK;
}

Definition at line 77 of file pk11load.c.

                                                       {
    PZ_Lock((PZLock *)mutext);
    return CKR_OK;
}

Definition at line 82 of file pk11load.c.

                                                         {
    PZ_Unlock((PZLock *)mutext);
    return CKR_OK;
}

Variable Documentation

Definition at line 96 of file pk11load.c.

Definition at line 97 of file pk11load.c.

Definition at line 95 of file pk11load.c.

Definition at line 87 of file pk11load.c.