Mercurial > trustbridge > nss-cmake-static

comparison nss/lib/softoken/legacydb/lginit.c @ 3:150b72113545

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add DBM and legacydb support
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 05 Aug 2014 18:32:02 +0200
parents
children
comparison
equal deleted inserted replaced
2:a945361df361 3:150b72113545
1 /*
2 * NSS utility functions
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7
8 #include "lowkeyi.h"
9 #include "pcert.h"
10 #include "keydbi.h"
11 #include "lgdb.h"
12 #include "secoid.h"
13 #include "prenv.h"
14 #include "softkver.h"
15
16 /* Library identity and versioning */
17
18 #if defined(DEBUG)
19 #define _DEBUG_STRING " (debug)"
20 #else
21 #define _DEBUG_STRING ""
22 #endif
23
24 /*
25 * Version information for the 'ident' and 'what commands
26 *
27 * NOTE: the first component of the concatenated rcsid string
28 * must not end in a '$' to prevent rcs keyword substitution.
29 */
30 const char __nss_dbm_rcsid[] = "$Header: NSS " SOFTOKEN_VERSION _DEBUG_STRING
31 " " __DATE__ " " __TIME__ " $";
32 const char __nss_dbm_sccsid[] = "@(#)NSS " SOFTOKEN_VERSION _DEBUG_STRING
33 " " __DATE__ " " __TIME__;
34
35 typedef struct LGPrivateStr {
36 NSSLOWCERTCertDBHandle *certDB;
37 NSSLOWKEYDBHandle *keyDB;
38 PRLock *dbLock;
39 PLHashTable *hashTable;
40 } LGPrivate;
41
42 static char *
43 lg_certdb_name_cb(void *arg, int dbVersion)
44 {
45 const char *configdir = (const char *)arg;
46 const char *dbver;
47 char *smpname = NULL;
48 char *dbname = NULL;
49
50 switch (dbVersion) {
51 case 8:
52 dbver = "8";
53 break;
54 case 7:
55 dbver = "7";
56 break;
57 case 6:
58 dbver = "6";
59 break;
60 case 5:
61 dbver = "5";
62 break;
63 case 4:
64 default:
65 dbver = "";
66 break;
67 }
68
69 /* make sure we return something allocated with PORT_ so we have properly
70 * matched frees at the end */
71 smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver);
72 if (smpname) {
73 dbname = PORT_Strdup(smpname);
74 PR_smprintf_free(smpname);
75 }
76 return dbname;
77 }
78
79 static char *
80 lg_keydb_name_cb(void *arg, int dbVersion)
81 {
82 const char *configdir = (const char *)arg;
83 const char *dbver;
84 char *smpname = NULL;
85 char *dbname = NULL;
86
87 switch (dbVersion) {
88 case 4:
89 dbver = "4";
90 break;
91 case 3:
92 dbver = "3";
93 break;
94 case 1:
95 dbver = "1";
96 break;
97 case 2:
98 default:
99 dbver = "";
100 break;
101 }
102
103 smpname = PR_smprintf(KEY_DB_FMT, configdir, dbver);
104 if (smpname) {
105 dbname = PORT_Strdup(smpname);
106 PR_smprintf_free(smpname);
107 }
108 return dbname;
109 }
110
111 const char *
112 lg_EvaluateConfigDir(const char *configdir,char **appName)
113 {
114 if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
115 char *cdir;
116
117 *appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
118 if (*appName == NULL) {
119 return configdir;
120 }
121 cdir = *appName;
122 while (*cdir && *cdir != ':') {
123 cdir++;
124 }
125 if (*cdir == ':') {
126 *cdir = 0;
127 cdir++;
128 }
129 configdir = cdir;
130 }
131 return configdir;
132 }
133
134 static int rdbmapflags(int flags);
135 static rdbfunc lg_rdbfunc = NULL;
136 static rdbstatusfunc lg_rdbstatusfunc = NULL;
137
138 /* NOTE: SHLIB_SUFFIX is defined on the command line */
139 #define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX
140
141 DB * rdbopen(const char *appName, const char *prefix,
142 const char *type, int flags, int *status)
143 {
144 PRLibrary *lib;
145 DB *db;
146 char *disableUnload = NULL;
147
148 if (lg_rdbfunc) {
149 db = (*lg_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
150 if (!db && status && lg_rdbstatusfunc) {
151 *status = (*lg_rdbstatusfunc)();
152 }
153 return db;
154 }
155
156 /*
157 * try to open the library.
158 */
159 lib = PR_LoadLibrary(RDBLIB);
160
161 if (!lib) {
162 return NULL;
163 }
164
165 /* get the entry points */
166 lg_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
167 lg_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
168 if (lg_rdbfunc) {
169 db = (*lg_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
170 if (!db && status && lg_rdbstatusfunc) {
171 *status = (*lg_rdbstatusfunc)();
172 }
173 return db;
174 }
175
176 /* couldn't find the entry point, unload the library and fail */
177 disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
178 if (!disableUnload) {
179 PR_UnloadLibrary(lib);
180 }
181 return NULL;
182 }
183
184 /*
185 * the following data structures are from rdb.h.
186 */
187 struct RDBStr {
188 DB db;
189 int (*xactstart)(DB *db);
190 int (*xactdone)(DB *db, PRBool abort);
191 int version;
192 int (*dbinitcomplete)(DB *db);
193 };
194
195 #define DB_RDB ((DBTYPE) 0xff)
196 #define RDB_RDONLY 1
197 #define RDB_RDWR 2
198 #define RDB_CREATE 4
199
200 static int
201 rdbmapflags(int flags) {
202 switch (flags) {
203 case NO_RDONLY:
204 return RDB_RDONLY;
205 case NO_RDWR:
206 return RDB_RDWR;
207 case NO_CREATE:
208 return RDB_CREATE;
209 default:
210 break;
211 }
212 return 0;
213 }
214
215 PRBool
216 db_IsRDB(DB *db)
217 {
218 return (PRBool) db->type == DB_RDB;
219 }
220
221 int
222 db_BeginTransaction(DB *db)
223 {
224 struct RDBStr *rdb = (struct RDBStr *)db;
225 if (db->type != DB_RDB) {
226 return 0;
227 }
228
229 return rdb->xactstart(db);
230 }
231
232 int
233 db_FinishTransaction(DB *db, PRBool abort)
234 {
235 struct RDBStr *rdb = (struct RDBStr *)db;
236 if (db->type != DB_RDB) {
237 return 0;
238 }
239
240 return rdb->xactdone(db, abort);
241 }
242
243 static DB *
244 lg_getRawDB(SDB *sdb)
245 {
246 NSSLOWCERTCertDBHandle *certDB;
247 NSSLOWKEYDBHandle *keyDB;
248
249 certDB = lg_getCertDB(sdb);
250 if (certDB) {
251 return certDB->permCertDB;
252 }
253 keyDB = lg_getKeyDB(sdb);
254 if (keyDB) {
255 return keyDB->db;
256 }
257 return NULL;
258 }
259
260 CK_RV
261 lg_Begin(SDB *sdb)
262 {
263 DB *db = lg_getRawDB(sdb);
264 int ret;
265
266 if (db == NULL) {
267 return CKR_GENERAL_ERROR; /* shouldn't happen */
268 }
269 ret = db_BeginTransaction(db);
270 if (ret != 0) {
271 return CKR_GENERAL_ERROR; /* could happen */
272 }
273 return CKR_OK;
274 }
275
276 CK_RV
277 lg_Commit(SDB *sdb)
278 {
279 DB *db = lg_getRawDB(sdb);
280 int ret;
281
282 if (db == NULL) {
283 return CKR_GENERAL_ERROR; /* shouldn't happen */
284 }
285 ret = db_FinishTransaction(db, PR_FALSE);
286 if (ret != 0) {
287 return CKR_GENERAL_ERROR; /* could happen */
288 }
289 return CKR_OK;
290 }
291
292 CK_RV
293 lg_Abort(SDB *sdb)
294 {
295 DB *db = lg_getRawDB(sdb);
296 int ret;
297
298 if (db == NULL) {
299 return CKR_GENERAL_ERROR; /* shouldn't happen */
300 }
301 ret = db_FinishTransaction(db, PR_TRUE);
302 if (ret != 0) {
303 return CKR_GENERAL_ERROR; /* could happen */
304 }
305 return CKR_OK;
306 }
307
308 int
309 db_InitComplete(DB *db)
310 {
311 struct RDBStr *rdb = (struct RDBStr *)db;
312 if (db->type != DB_RDB) {
313 return 0;
314 }
315 /* we should have added a version number to the RDBS structure. Since we
316 * didn't, we detect that we have and 'extended' structure if the rdbstatus
317 * func exists */
318 if (!lg_rdbstatusfunc) {
319 return 0;
320 }
321
322 return rdb->dbinitcomplete(db);
323 }
324
325
326
327 SECStatus
328 db_Copy(DB *dest,DB *src)
329 {
330 int ret;
331 DBT key,data;
332 ret = (*src->seq)(src, &key, &data, R_FIRST);
333 if (ret) {
334 return SECSuccess;
335 }
336
337 do {
338 (void)(*dest->put)(dest,&key,&data, R_NOOVERWRITE);
339 } while ( (*src->seq)(src, &key, &data, R_NEXT) == 0);
340 (void)(*dest->sync)(dest,0);
341
342 return SECSuccess;
343 }
344
345
346 static CK_RV
347 lg_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
348 NSSLOWCERTCertDBHandle **certdbPtr)
349 {
350 NSSLOWCERTCertDBHandle *certdb = NULL;
351 CK_RV crv = CKR_NETSCAPE_CERTDB_FAILED;
352 SECStatus rv;
353 char * name = NULL;
354 char * appName = NULL;
355
356 if (prefix == NULL) {
357 prefix = "";
358 }
359
360 configdir = lg_EvaluateConfigDir(configdir, &appName);
361
362 name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
363 if (name == NULL) goto loser;
364
365 certdb = (NSSLOWCERTCertDBHandle*)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
366 if (certdb == NULL)
367 goto loser;
368
369 certdb->ref = 1;
370 /* fix when we get the DB in */
371 rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
372 lg_certdb_name_cb, (void *)name, PR_FALSE);
373 if (rv == SECSuccess) {
374 crv = CKR_OK;
375 *certdbPtr = certdb;
376 certdb = NULL;
377 }
378 loser:
379 if (certdb) PR_Free(certdb);
380 if (name) PR_smprintf_free(name);
381 if (appName) PORT_Free(appName);
382 return crv;
383 }
384
385 static CK_RV
386 lg_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
387 NSSLOWKEYDBHandle **keydbPtr)
388 {
389 NSSLOWKEYDBHandle *keydb;
390 char * name = NULL;
391 char * appName = NULL;
392
393 if (prefix == NULL) {
394 prefix = "";
395 }
396 configdir = lg_EvaluateConfigDir(configdir, &appName);
397
398 name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
399 if (name == NULL)
400 return CKR_HOST_MEMORY;
401 keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
402 lg_keydb_name_cb, (void *)name);
403 PR_smprintf_free(name);
404 if (appName) PORT_Free(appName);
405 if (keydb == NULL)
406 return CKR_NETSCAPE_KEYDB_FAILED;
407 *keydbPtr = keydb;
408
409 return CKR_OK;
410 }
411
412 /*
413 * Accessors for the private parts of the sdb structure.
414 */
415 void
416 lg_DBLock(SDB *sdb)
417 {
418 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
419 SKIP_AFTER_FORK(PR_Lock(lgdb_p->dbLock));
420 }
421
422 void
423 lg_DBUnlock(SDB *sdb)
424 {
425 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
426 SKIP_AFTER_FORK(PR_Unlock(lgdb_p->dbLock));
427 }
428
429 PLHashTable *
430 lg_GetHashTable(SDB *sdb)
431 {
432 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
433 return lgdb_p->hashTable;
434 }
435
436 NSSLOWCERTCertDBHandle *
437 lg_getCertDB(SDB *sdb)
438 {
439 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
440
441 return lgdb_p->certDB;
442 }
443
444 NSSLOWKEYDBHandle *
445 lg_getKeyDB(SDB *sdb)
446 {
447 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
448
449 return lgdb_p->keyDB;
450 }
451
452 PRBool lg_parentForkedAfterC_Initialize;
453
454 void lg_SetForkState(PRBool forked)
455 {
456 lg_parentForkedAfterC_Initialize = forked;
457 }
458
459 CK_RV
460 lg_Close(SDB *sdb)
461 {
462 LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
463 lg_ClearTokenKeyHashTable(sdb);
464 if (lgdb_p) {
465 if (lgdb_p->certDB) {
466 nsslowcert_ClosePermCertDB(lgdb_p->certDB);
467 } else if (lgdb_p->keyDB) {
468 nsslowkey_CloseKeyDB(lgdb_p->keyDB);
469 }
470 if (lgdb_p->dbLock) {
471 SKIP_AFTER_FORK(PR_DestroyLock(lgdb_p->dbLock));
472 }
473 if (lgdb_p->hashTable) {
474 PL_HashTableDestroy(lgdb_p->hashTable);
475 }
476 PORT_Free(lgdb_p);
477 }
478 PORT_Free(sdb);
479 return CKR_OK;
480 }
481
482 static PLHashNumber
483 lg_HashNumber(const void *key)
484 {
485 return (PLHashNumber) key;
486 }
487
488 PRIntn
489 lg_CompareValues(const void *v1, const void *v2)
490 {
491 PLHashNumber value1 = (PLHashNumber) v1;
492 PLHashNumber value2 = (PLHashNumber) v2;
493 return (value1 == value2);
494 }
495
496 /*
497 * helper function to wrap a NSSLOWCERTCertDBHandle or a NSSLOWKEYDBHandle
498 * with and sdb structure.
499 */
500 CK_RV
501 lg_init(SDB **pSdb, int flags, NSSLOWCERTCertDBHandle *certdbPtr,
502 NSSLOWKEYDBHandle *keydbPtr)
503 {
504 SDB *sdb = NULL;
505 LGPrivate *lgdb_p = NULL;
506 CK_RV error = CKR_HOST_MEMORY;
507
508 *pSdb = NULL;
509 sdb = (SDB *) PORT_Alloc(sizeof(SDB));
510 if (sdb == NULL) {
511 goto loser;
512 }
513 lgdb_p = (LGPrivate *) PORT_Alloc(sizeof(LGPrivate));
514 if (lgdb_p == NULL) {
515 goto loser;
516 }
517 /* invariant fields */
518 lgdb_p->certDB = certdbPtr;
519 lgdb_p->keyDB = keydbPtr;
520 lgdb_p->dbLock = PR_NewLock();
521 if (lgdb_p->dbLock == NULL) {
522 goto loser;
523 }
524 lgdb_p->hashTable = PL_NewHashTable(64, lg_HashNumber, lg_CompareValues,
525 SECITEM_HashCompare, NULL, 0);
526 if (lgdb_p->hashTable == NULL) {
527 goto loser;
528 }
529
530 sdb->private = lgdb_p;
531 sdb->version = 0;
532 /*sdb->sdb_type = SDB_LEGACY; */
533 sdb->sdb_flags = flags;
534 sdb->app_private = NULL;
535 sdb->sdb_FindObjectsInit = lg_FindObjectsInit;
536 sdb->sdb_FindObjects = lg_FindObjects;
537 sdb->sdb_FindObjectsFinal = lg_FindObjectsFinal;
538 sdb->sdb_GetAttributeValue = lg_GetAttributeValue;
539 sdb->sdb_SetAttributeValue = lg_SetAttributeValue;
540 sdb->sdb_CreateObject = lg_CreateObject;
541 sdb->sdb_DestroyObject = lg_DestroyObject;
542 sdb->sdb_GetMetaData = lg_GetMetaData;
543 sdb->sdb_PutMetaData = lg_PutMetaData;
544 sdb->sdb_Begin = lg_Begin;
545 sdb->sdb_Commit = lg_Commit;
546 sdb->sdb_Abort = lg_Abort;
547 sdb->sdb_Reset = lg_Reset;
548 sdb->sdb_Close = lg_Close;
549 sdb->sdb_SetForkState = lg_SetForkState;
550
551 *pSdb = sdb;
552 return CKR_OK;
553
554 loser:
555 if (sdb) {
556 PORT_Free(sdb);
557 }
558 if (lgdb_p) {
559 if (lgdb_p->dbLock) {
560 PR_DestroyLock(lgdb_p->dbLock);
561 }
562 if (lgdb_p->hashTable) {
563 PL_HashTableDestroy(lgdb_p->hashTable);
564 }
565 PORT_Free(lgdb_p);
566 }
567 return error;
568
569 }
570
571 /*
572 * OK there are now lots of options here, lets go through them all:
573 *
574 * configdir - base directory where all the cert, key, and module datbases live.
575 * certPrefix - prefix added to the beginning of the cert database example: "
576 * "https-server1-"
577 * keyPrefix - prefix added to the beginning of the key database example: "
578 * "https-server1-"
579 * secmodName - name of the security module database (usually "secmod.db").
580 * readOnly - Boolean: true if the databases are to be openned read only.
581 * nocertdb - Don't open the cert DB and key DB's, just initialize the
582 * Volatile certdb.
583 * nomoddb - Don't open the security module DB, just initialize the
584 * PKCS #11 module.
585 * forceOpen - Continue to force initializations even if the databases cannot
586 * be opened.
587 */
588 CK_RV
589 legacy_Open(const char *configdir, const char *certPrefix,
590 const char *keyPrefix, int certVersion, int keyVersion,
591 int flags, SDB **certDB, SDB **keyDB)
592 {
593 CK_RV crv = CKR_OK;
594 SECStatus rv;
595 PRBool readOnly = (flags == SDB_RDONLY)? PR_TRUE: PR_FALSE;
596 volatile char c; /* force a reference that won't get optimized away */
597
598 c = __nss_dbm_rcsid[0] + __nss_dbm_sccsid[0];
599
600 rv = SECOID_Init();
601 if (SECSuccess != rv) {
602 return CKR_DEVICE_ERROR;
603 }
604 nsslowcert_InitLocks();
605
606 if (keyDB) *keyDB = NULL;
607 if (certDB) *certDB = NULL;
608
609 if (certDB) {
610 NSSLOWCERTCertDBHandle *certdbPtr;
611
612 crv = lg_OpenCertDB(configdir, certPrefix, readOnly, &certdbPtr);
613 if (crv != CKR_OK) {
614 goto loser;
615 }
616 crv = lg_init(certDB, flags, certdbPtr, NULL);
617 if (crv != CKR_OK) {
618 nsslowcert_ClosePermCertDB(certdbPtr);
619 goto loser;
620 }
621 }
622 if (keyDB) {
623 NSSLOWKEYDBHandle *keydbPtr;
624
625 crv = lg_OpenKeyDB(configdir, keyPrefix, readOnly, &keydbPtr);
626 if (crv != CKR_OK) {
627 goto loser;
628 }
629 crv = lg_init(keyDB, flags, NULL, keydbPtr);
630 if (crv != CKR_OK) {
631 nsslowkey_CloseKeyDB(keydbPtr);
632 goto loser;
633 }
634 if (certDB && *certDB) {
635 LGPrivate *lgdb_p = (LGPrivate *)(*certDB)->private;
636 lgdb_p->keyDB = keydbPtr;
637 }
638 }
639
640 loser:
641 if (crv != CKR_OK) {
642 if (keyDB && *keyDB) {
643 lg_Close(*keyDB);
644 *keyDB = NULL;
645 }
646 if (certDB && *certDB) {
647 lg_Close(*certDB);
648 *certDB = NULL;
649 }
650 }
651 return crv;
652 }
653
654 CK_RV
655 legacy_Shutdown(PRBool forked)
656 {
657 lg_SetForkState(forked);
658 nsslowcert_DestroyFreeLists();
659 nsslowcert_DestroyGlobalLocks();
660 SECOID_Shutdown();
661 lg_SetForkState(PR_FALSE);
662 return CKR_OK;
663 }
664
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)