Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(1939)

Unified Diff: cmd/modutil/pk11.c

Issue 201830043: Bug 1118245 - Apply uniform style across NSS
Patch Set: Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « cmd/modutil/modutil.c ('k') | cmd/multinit/multinit.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: cmd/modutil/pk11.c
===================================================================
--- a/cmd/modutil/pk11.c
+++ b/cmd/modutil/pk11.c
@@ -10,956 +10,901 @@
#include "pk11func.h"
/*************************************************************************
*
* F i p s M o d e
* If arg=="true", enable FIPS mode on the internal module. If arg=="false",
* disable FIPS mode on the internal module.
*/
-Error
-FipsMode(char *arg)
-{
- char *internal_name;
+Error FipsMode(char *arg) {
+ char *internal_name;
- if(!PORT_Strcasecmp(arg, "true")) {
- if(!PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (!PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
- return FIPS_ALREADY_ON_ERR;
- }
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
- return FIPS_ALREADY_OFF_ERR;
- }
+ if (!PORT_Strcasecmp(arg, "true")) {
+ if (!PK11_IsFIPS()) {
+ internal_name = PR_smprintf("%s", SECMOD_GetInternalModule()->commonName);
+ if (SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
+ PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
+ PR_smprintf_free(internal_name);
+ PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
+ return FIPS_SWITCH_FAILED_ERR;
+ }
+ PR_smprintf_free(internal_name);
+ if (!PK11_IsFIPS()) {
+ PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
+ return FIPS_SWITCH_FAILED_ERR;
+ }
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
} else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
+ PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
+ return FIPS_ALREADY_ON_ERR;
}
+ } else if (!PORT_Strcasecmp(arg, "false")) {
+ if (PK11_IsFIPS()) {
+ internal_name = PR_smprintf("%s", SECMOD_GetInternalModule()->commonName);
+ if (SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
+ PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
+ PR_smprintf_free(internal_name);
+ PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
+ return FIPS_SWITCH_FAILED_ERR;
+ }
+ PR_smprintf_free(internal_name);
+ if (PK11_IsFIPS()) {
+ PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
+ return FIPS_SWITCH_FAILED_ERR;
+ }
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
+ } else {
+ PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
+ return FIPS_ALREADY_OFF_ERR;
+ }
+ } else {
+ PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
+ return INVALID_FIPS_ARG;
+ }
- return SUCCESS;
+ return SUCCESS;
}
/*************************************************************************
*
* C h k F i p s M o d e
- * If arg=="true", verify FIPS mode is enabled on the internal module.
+ * If arg=="true", verify FIPS mode is enabled on the internal module.
* If arg=="false", verify FIPS mode is disabled on the internal module.
*/
-Error
-ChkFipsMode(char *arg)
-{
- if(!PORT_Strcasecmp(arg, "true")) {
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
-
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(!PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
+Error ChkFipsMode(char *arg) {
+ if (!PORT_Strcasecmp(arg, "true")) {
+ if (PK11_IsFIPS()) {
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
} else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
+ return FIPS_SWITCH_FAILED_ERR;
}
- return SUCCESS;
+ } else if (!PORT_Strcasecmp(arg, "false")) {
+ if (!PK11_IsFIPS()) {
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
+ } else {
+ PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
+ return FIPS_SWITCH_FAILED_ERR;
+ }
+ } else {
+ PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
+ return INVALID_FIPS_ARG;
+ }
+
+ return SUCCESS;
}
/************************************************************************
* Cipher and Mechanism name-bitmask translation tables
*/
typedef struct {
- const char *name;
- unsigned long mask;
+ const char *name;
+ unsigned long mask;
} MaskString;
-
static const MaskString cipherStrings[] = {
- {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
-};
+ {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}};
static const int numCipherStrings =
sizeof(cipherStrings) / sizeof(cipherStrings[0]);
/* Initialized by LoadMechanismList */
-static MaskString *mechanismStrings = NULL;
+static MaskString *mechanismStrings = NULL;
static int numMechanismStrings = 0;
const static PK11DefaultArrayEntry *pk11_DefaultArray = NULL;
static int pk11_DefaultArraySize = 0;
/* Maximum length of a colon-separated list of all the strings in an
* array. */
-#define MAX_STRING_LIST_LEN 240 /* or less */
+#define MAX_STRING_LIST_LEN 240 /* or less */
+Error LoadMechanismList(void) {
+ int i;
-Error
-LoadMechanismList(void)
-{
- int i;
+ if (pk11_DefaultArray == NULL) {
+ pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
+ if (pk11_DefaultArray == NULL) {
+ /* should assert. This shouldn't happen */
+ return UNSPECIFIED_ERR;
+ }
+ }
+ if (mechanismStrings != NULL) {
+ return SUCCESS;
+ }
- if (pk11_DefaultArray == NULL) {
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
- if (pk11_DefaultArray == NULL) {
- /* should assert. This shouldn't happen */
- return UNSPECIFIED_ERR;
- }
+ /* build the mechanismStrings array */
+ mechanismStrings = PORT_NewArray(MaskString, pk11_DefaultArraySize);
+ if (mechanismStrings == NULL) {
+ return OUT_OF_MEM_ERR;
+ }
+ numMechanismStrings = pk11_DefaultArraySize;
+ for (i = 0; i < numMechanismStrings; i++) {
+ const char *name = pk11_DefaultArray[i].name;
+ unsigned long flag = pk11_DefaultArray[i].flag;
+ /* map new name to old */
+ switch (flag) {
+ case SECMOD_FORTEZZA_FLAG:
+ name = "FORTEZZA";
+ break;
+ case SECMOD_SHA1_FLAG:
+ name = "SHA1";
+ break;
+ case SECMOD_CAMELLIA_FLAG:
+ name = "CAMELLIA";
+ break;
+ case SECMOD_RANDOM_FLAG:
+ name = "RANDOM";
+ break;
+ case SECMOD_FRIENDLY_FLAG:
+ name = "FRIENDLY";
+ break;
+ default:
+ break;
}
- if (mechanismStrings != NULL) {
- return SUCCESS;
- }
-
- /* build the mechanismStrings array */
- mechanismStrings = PORT_NewArray(MaskString, pk11_DefaultArraySize);
- if (mechanismStrings == NULL) {
- return OUT_OF_MEM_ERR;
- }
- numMechanismStrings = pk11_DefaultArraySize;
- for (i = 0; i < numMechanismStrings; i++) {
- const char *name = pk11_DefaultArray[i].name;
- unsigned long flag = pk11_DefaultArray[i].flag;
- /* map new name to old */
- switch (flag) {
- case SECMOD_FORTEZZA_FLAG:
- name = "FORTEZZA";
- break;
- case SECMOD_SHA1_FLAG:
- name = "SHA1";
- break;
- case SECMOD_CAMELLIA_FLAG:
- name = "CAMELLIA";
- break;
- case SECMOD_RANDOM_FLAG:
- name = "RANDOM";
- break;
- case SECMOD_FRIENDLY_FLAG:
- name = "FRIENDLY";
- break;
- default:
- break;
- }
- mechanismStrings[i].name = name;
- mechanismStrings[i].mask = SECMOD_InternaltoPubMechFlags(flag);
- }
- return SUCCESS;
+ mechanismStrings[i].name = name;
+ mechanismStrings[i].mask = SECMOD_InternaltoPubMechFlags(flag);
+ }
+ return SUCCESS;
}
/************************************************************************
- *
+ *
* g e t F l a g s F r o m S t r i n g
*
* Parses a mechanism list passed on the command line and converts it
* to an unsigned long bitmask.
* string is a colon-separated string of constants
* array is an array of MaskStrings.
* elements is the number of elements in array.
*/
-static unsigned long
-getFlagsFromString(char *string, const MaskString array[], int elements)
-{
- unsigned long ret = 0;
- short i = 0;
- char *cp;
- char *buf;
- char *end;
+static unsigned long getFlagsFromString(char *string, const MaskString array[],
+ int elements) {
+ unsigned long ret = 0;
+ short i = 0;
+ char *cp;
+ char *buf;
+ char *end;
- if(!string || !string[0]) {
- return ret;
+ if (!string || !string[0]) {
+ return ret;
+ }
+
+ /* Make a temporary copy of the string */
+ buf = PR_Malloc(strlen(string) + 1);
+ if (!buf) {
+ out_of_memory();
+ }
+ strcpy(buf, string);
+
+ /* Look at each element of the list passed in */
+ for (cp = buf; cp && *cp; cp = (end ? end + 1 : NULL)) {
+ /* Look at the string up to the next colon */
+ end = strchr(cp, ':');
+ if (end) {
+ *end = '\0';
}
- /* Make a temporary copy of the string */
- buf = PR_Malloc(strlen(string)+1);
- if(!buf) {
- out_of_memory();
+ /* Find which element this is */
+ for (i = 0; i < elements; i++) {
+ if (!PORT_Strcasecmp(cp, array[i].name)) {
+ break;
+ }
}
- strcpy(buf, string);
+ if (i == elements) {
+ /* Skip a bogus string, but print a warning message */
+ PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
+ continue;
+ }
+ ret |= array[i].mask;
+ }
- /* Look at each element of the list passed in */
- for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) {
- /* Look at the string up to the next colon */
- end = strchr(cp, ':');
- if(end) {
- *end = '\0';
- }
-
- /* Find which element this is */
- for(i=0; i < elements; i++) {
- if( !PORT_Strcasecmp(cp, array[i].name) ) {
- break;
- }
- }
- if(i == elements) {
- /* Skip a bogus string, but print a warning message */
- PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
- continue;
- }
- ret |= array[i].mask;
- }
-
- PR_Free(buf);
- return ret;
+ PR_Free(buf);
+ return ret;
}
/**********************************************************************
*
* g e t S t r i n g F r o m F l a g s
- *
+ *
* The return string's memory is owned by this function. Copy it
* if you need it permanently or you want to change it.
*/
-static char *
-getStringFromFlags(unsigned long flags, const MaskString array[], int elements)
-{
- static char buf[MAX_STRING_LIST_LEN];
- int i;
- int count=0;
+static char *getStringFromFlags(unsigned long flags, const MaskString array[],
+ int elements) {
+ static char buf[MAX_STRING_LIST_LEN];
+ int i;
+ int count = 0;
- buf[0] = '\0';
- for(i=0; i<elements; i++) {
- if( flags & array[i].mask ) {
- ++count;
- if(count!=1) {
- strcat(buf, ":");
- }
- strcat(buf, array[i].name);
- }
+ buf[0] = '\0';
+ for (i = 0; i < elements; i++) {
+ if (flags & array[i].mask) {
+ ++count;
+ if (count != 1) {
+ strcat(buf, ":");
+ }
+ strcat(buf, array[i].name);
}
- return buf;
+ }
+ return buf;
}
/**********************************************************************
*
* A d d M o d u l e
*
* Add the named module, with the given library file, ciphers, and
* default mechanism flags
*/
-Error
-AddModule(char *moduleName, char *libFile, char *cipherString,
- char *mechanismString, char* modparms)
-{
- unsigned long ciphers;
- unsigned long mechanisms;
- SECStatus status;
+Error AddModule(char *moduleName, char *libFile, char *cipherString,
+ char *mechanismString, char *modparms) {
+ unsigned long ciphers;
+ unsigned long mechanisms;
+ SECStatus status;
- mechanisms =
- getFlagsFromString(mechanismString, mechanismStrings,
- numMechanismStrings);
- ciphers =
- getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
+ mechanisms = getFlagsFromString(mechanismString, mechanismStrings,
+ numMechanismStrings);
+ ciphers = getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
- status =
- SECMOD_AddNewModuleEx(moduleName, libFile,
- SECMOD_PubMechFlagstoInternal(mechanisms),
- SECMOD_PubCipherFlagstoInternal(ciphers),
- modparms, NULL );
+ status = SECMOD_AddNewModuleEx(
+ moduleName, libFile, SECMOD_PubMechFlagstoInternal(mechanisms),
+ SECMOD_PubCipherFlagstoInternal(ciphers), modparms, NULL);
- if(status != SECSuccess) {
- char* errtxt=NULL;
- PRInt32 copied = 0;
- if (PR_GetErrorTextLength()) {
- errtxt = PR_Malloc(PR_GetErrorTextLength() + 1);
- copied = PR_GetErrorText(errtxt);
- }
- if (copied && errtxt) {
- PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR],
- moduleName, errtxt);
- PR_Free(errtxt);
- } else {
- PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR],
- moduleName, SECU_Strerror(PORT_GetError()));
- }
- return ADD_MODULE_FAILED_ERR;
+ if (status != SECSuccess) {
+ char *errtxt = NULL;
+ PRInt32 copied = 0;
+ if (PR_GetErrorTextLength()) {
+ errtxt = PR_Malloc(PR_GetErrorTextLength() + 1);
+ copied = PR_GetErrorText(errtxt);
+ }
+ if (copied && errtxt) {
+ PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR], moduleName,
+ errtxt);
+ PR_Free(errtxt);
} else {
- PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
- return SUCCESS;
+ PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR], moduleName,
+ SECU_Strerror(PORT_GetError()));
}
+ return ADD_MODULE_FAILED_ERR;
+ } else {
+ PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
+ return SUCCESS;
+ }
}
/***********************************************************************
*
* D e l e t e M o d u l e
*
* Deletes the named module from the database.
*/
-Error
-DeleteModule(char *moduleName)
-{
- SECStatus status;
- int type;
-
- status = SECMOD_DeleteModule(moduleName, &type);
+Error DeleteModule(char *moduleName) {
+ SECStatus status;
+ int type;
- if(status != SECSuccess) {
- if(type == SECMOD_FIPS || type == SECMOD_INTERNAL) {
- PR_fprintf(PR_STDERR, errStrings[DELETE_INTERNAL_ERR]);
- return DELETE_INTERNAL_ERR;
- } else {
- PR_fprintf(PR_STDERR, errStrings[DELETE_FAILED_ERR], moduleName);
- return DELETE_FAILED_ERR;
- }
+ status = SECMOD_DeleteModule(moduleName, &type);
+
+ if (status != SECSuccess) {
+ if (type == SECMOD_FIPS || type == SECMOD_INTERNAL) {
+ PR_fprintf(PR_STDERR, errStrings[DELETE_INTERNAL_ERR]);
+ return DELETE_INTERNAL_ERR;
+ } else {
+ PR_fprintf(PR_STDERR, errStrings[DELETE_FAILED_ERR], moduleName);
+ return DELETE_FAILED_ERR;
}
+ }
- PR_fprintf(PR_STDOUT, msgStrings[DELETE_SUCCESS_MSG], moduleName);
- return SUCCESS;
+ PR_fprintf(PR_STDOUT, msgStrings[DELETE_SUCCESS_MSG], moduleName);
+ return SUCCESS;
}
/************************************************************************
*
* R a w L i s t M o d u l e s
*
* Lists all the modules in the database, along with their slots and tokens.
*/
-Error
-RawListModule(char *modulespec)
-{
- SECMODModule *module;
- char **moduleSpecList;
+Error RawListModule(char *modulespec) {
+ SECMODModule *module;
+ char **moduleSpecList;
- module = SECMOD_LoadModule(modulespec,NULL,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
+ module = SECMOD_LoadModule(modulespec, NULL, PR_FALSE);
+ if (module == NULL) {
+ /* handle error */
+ return NO_SUCH_MODULE_ERR;
+ }
- moduleSpecList = SECMOD_GetModuleSpecList(module);
- if (!moduleSpecList || !moduleSpecList[0]) {
- SECU_PrintError("modutil",
- "no specs in secmod DB");
- return NO_SUCH_MODULE_ERR;
- }
+ moduleSpecList = SECMOD_GetModuleSpecList(module);
+ if (!moduleSpecList || !moduleSpecList[0]) {
+ SECU_PrintError("modutil", "no specs in secmod DB");
+ return NO_SUCH_MODULE_ERR;
+ }
- for ( ;*moduleSpecList; moduleSpecList++) {
- printf("%s\n\n",*moduleSpecList);
- }
+ for (; *moduleSpecList; moduleSpecList++) {
+ printf("%s\n\n", *moduleSpecList);
+ }
- return SUCCESS;
+ return SUCCESS;
}
-Error
-RawAddModule(char *dbmodulespec, char *modulespec)
-{
- SECMODModule *module;
- SECMODModule *dbmodule;
+Error RawAddModule(char *dbmodulespec, char *modulespec) {
+ SECMODModule *module;
+ SECMODModule *dbmodule;
+ dbmodule = SECMOD_LoadModule(dbmodulespec, NULL, PR_TRUE);
+ if (dbmodule == NULL) {
+ /* handle error */
+ return NO_SUCH_MODULE_ERR;
+ }
- dbmodule = SECMOD_LoadModule(dbmodulespec,NULL,PR_TRUE);
- if (dbmodule == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
+ module = SECMOD_LoadModule(modulespec, dbmodule, PR_FALSE);
+ if (module == NULL) {
+ /* handle error */
+ return NO_SUCH_MODULE_ERR;
+ }
- module = SECMOD_LoadModule(modulespec,dbmodule,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], modulespec);
- return UPDATE_MOD_FAILED_ERR;
- }
- return SUCCESS;
+ if (SECMOD_UpdateModule(module) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], modulespec);
+ return UPDATE_MOD_FAILED_ERR;
+ }
+ return SUCCESS;
}
-static void
-printModule(SECMODModule *module, int *count)
-{
- int slotCount = module->loaded ? module->slotCount : 0;
- int i;
+static void printModule(SECMODModule *module, int *count) {
+ int slotCount = module->loaded ? module->slotCount : 0;
+ int i;
- if ((*count)++) {
- PR_fprintf(PR_STDOUT,"\n");
- }
- PR_fprintf(PR_STDOUT, "%3d. %s\n", *count, module->commonName);
+ if ((*count)++) {
+ PR_fprintf(PR_STDOUT, "\n");
+ }
+ PR_fprintf(PR_STDOUT, "%3d. %s\n", *count, module->commonName);
- if (module->dllName) {
- PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", module->dllName);
- }
+ if (module->dllName) {
+ PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", module->dllName);
+ }
- if (slotCount == 0) {
- PR_fprintf(PR_STDOUT,
- "\t slots: There are no slots attached to this module\n");
- } else {
- PR_fprintf(PR_STDOUT, "\t slots: %d slot%s attached\n",
- slotCount, (slotCount==1 ? "" : "s") );
- }
+ if (slotCount == 0) {
+ PR_fprintf(PR_STDOUT,
+ "\t slots: There are no slots attached to this module\n");
+ } else {
+ PR_fprintf(PR_STDOUT, "\t slots: %d slot%s attached\n", slotCount,
+ (slotCount == 1 ? "" : "s"));
+ }
- if (module->loaded == 0) {
- PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
- } else {
- PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
- }
+ if (module->loaded == 0) {
+ PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
+ } else {
+ PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
+ }
- /* Print slot and token names */
- for (i = 0; i < slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
+ /* Print slot and token names */
+ for (i = 0; i < slotCount; i++) {
+ PK11SlotInfo *slot = module->slots[i];
- PR_fprintf(PR_STDOUT, "\n");
- PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
- }
- return;
+ PR_fprintf(PR_STDOUT, "\n");
+ PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
+ PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
+ }
+ return;
}
/************************************************************************
*
* L i s t M o d u l e s
*
* Lists all the modules in the database, along with their slots and tokens.
*/
-Error
-ListModules()
-{
- SECMODListLock *lock;
- SECMODModuleList *list;
- SECMODModuleList *deadlist;
- SECMODModuleList *mlp;
- Error ret=UNSPECIFIED_ERR;
- int count = 0;
+Error ListModules() {
+ SECMODListLock *lock;
+ SECMODModuleList *list;
+ SECMODModuleList *deadlist;
+ SECMODModuleList *mlp;
+ Error ret = UNSPECIFIED_ERR;
+ int count = 0;
- lock = SECMOD_GetDefaultModuleListLock();
- if(!lock) {
- PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
- return NO_LIST_LOCK_ERR;
- }
+ lock = SECMOD_GetDefaultModuleListLock();
+ if (!lock) {
+ PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
+ return NO_LIST_LOCK_ERR;
+ }
- SECMOD_GetReadLock(lock);
+ SECMOD_GetReadLock(lock);
- list = SECMOD_GetDefaultModuleList();
- deadlist = SECMOD_GetDeadModuleList();
- if (!list && !deadlist) {
- PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
- ret = NO_MODULE_LIST_ERR;
- goto loser;
- }
+ list = SECMOD_GetDefaultModuleList();
+ deadlist = SECMOD_GetDeadModuleList();
+ if (!list && !deadlist) {
+ PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
+ ret = NO_MODULE_LIST_ERR;
+ goto loser;
+ }
- PR_fprintf(PR_STDOUT,
- "\nListing of PKCS #11 Modules\n"
- "-----------------------------------------------------------\n");
-
- for(mlp=list; mlp != NULL; mlp = mlp->next) {
- printModule(mlp->module, &count);
- }
- for (mlp=deadlist; mlp != NULL; mlp = mlp->next) {
- printModule(mlp->module, &count);
- }
+ PR_fprintf(PR_STDOUT,
+ "\nListing of PKCS #11 Modules\n"
+ "-----------------------------------------------------------\n");
+ for (mlp = list; mlp != NULL; mlp = mlp->next) {
+ printModule(mlp->module, &count);
+ }
+ for (mlp = deadlist; mlp != NULL; mlp = mlp->next) {
+ printModule(mlp->module, &count);
+ }
- PR_fprintf(PR_STDOUT,
- "-----------------------------------------------------------\n");
+ PR_fprintf(PR_STDOUT,
+ "-----------------------------------------------------------\n");
- ret = SUCCESS;
+ ret = SUCCESS;
loser:
- SECMOD_ReleaseReadLock(lock);
- return ret;
+ SECMOD_ReleaseReadLock(lock);
+ return ret;
}
/* Strings describing PK11DisableReasons */
static char *disableReasonStr[] = {
- "no reason",
- "user disabled",
- "could not initialize token",
- "could not verify token",
- "token not present"
-};
+ "no reason", "user disabled", "could not initialize token",
+ "could not verify token", "token not present"};
static int numDisableReasonStr =
sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
/***********************************************************************
*
* L i s t M o d u l e
*
* Lists detailed information about the named module.
*/
-Error
-ListModule(char *moduleName)
-{
- SECMODModule *module = NULL;
- PK11SlotInfo *slot;
- int slotnum;
- CK_INFO modinfo;
- CK_SLOT_INFO slotinfo;
- CK_TOKEN_INFO tokeninfo;
- char *ciphers, *mechanisms;
- PK11DisableReasons reason;
- Error rv = SUCCESS;
+Error ListModule(char *moduleName) {
+ SECMODModule *module = NULL;
+ PK11SlotInfo *slot;
+ int slotnum;
+ CK_INFO modinfo;
+ CK_SLOT_INFO slotinfo;
+ CK_TOKEN_INFO tokeninfo;
+ char *ciphers, *mechanisms;
+ PK11DisableReasons reason;
+ Error rv = SUCCESS;
- if(!moduleName) {
- return SUCCESS;
- }
+ if (!moduleName) {
+ return SUCCESS;
+ }
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- rv = NO_SUCH_MODULE_ERR;
- goto loser;
- }
+ module = SECMOD_FindModule(moduleName);
+ if (!module) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
+ rv = NO_SUCH_MODULE_ERR;
+ goto loser;
+ }
- if ((module->loaded) &&
- (PK11_GetModInfo(module, &modinfo) != SECSuccess)) {
- PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
- rv = MOD_INFO_ERR;
- goto loser;
- }
+ if ((module->loaded) && (PK11_GetModInfo(module, &modinfo) != SECSuccess)) {
+ PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
+ rv = MOD_INFO_ERR;
+ goto loser;
+ }
- /* Module info */
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
- if(module->internal || !module->dllName) {
- PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
- } else {
- PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
- }
+ /* Module info */
+ PR_fprintf(PR_STDOUT,
+ "\n-----------------------------------------------------------\n");
+ PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
+ if (module->internal || !module->dllName) {
+ PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
+ } else {
+ PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
+ }
- if (module->loaded) {
- PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
- PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
- modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
- modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
- } else {
- PR_fprintf(PR_STDOUT, "* Module not loaded\n");
- }
- /* Get cipher and mechanism flags */
- ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
- numCipherStrings);
- if(ciphers[0] == '\0') {
- ciphers = "None";
- }
- PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
- mechanisms = NULL;
- if (module->slotCount > 0) {
- mechanisms = getStringFromFlags(
- PK11_GetDefaultFlags(module->slots[0]),
- mechanismStrings, numMechanismStrings);
- }
- if ((mechanisms==NULL) || (mechanisms[0] =='\0')) {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
+ if (module->loaded) {
+ PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
+ PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
+ PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
+ modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
+ PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
+ modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
+ } else {
+ PR_fprintf(PR_STDOUT, "* Module not loaded\n");
+ }
+ /* Get cipher and mechanism flags */
+ ciphers = getStringFromFlags(module->ssl[0], cipherStrings, numCipherStrings);
+ if (ciphers[0] == '\0') {
+ ciphers = "None";
+ }
+ PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
+ mechanisms = NULL;
+ if (module->slotCount > 0) {
+ mechanisms = getStringFromFlags(PK11_GetDefaultFlags(module->slots[0]),
+ mechanismStrings, numMechanismStrings);
+ }
+ if ((mechanisms == NULL) || (mechanisms[0] == '\0')) {
+ mechanisms = "None";
+ }
+ PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
#define PAD " "
- /* Loop over each slot */
- for (slotnum=0; slotnum < module->slotCount; slotnum++) {
- slot = module->slots[slotnum];
- if (PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
- PK11_GetSlotName(slot));
- rv = SLOT_INFO_ERR;
- continue;
- }
+ /* Loop over each slot */
+ for (slotnum = 0; slotnum < module->slotCount; slotnum++) {
+ slot = module->slots[slotnum];
+ if (PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR], PK11_GetSlotName(slot));
+ rv = SLOT_INFO_ERR;
+ continue;
+ }
- /* Slot Info */
- PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot));
- mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot),
- mechanismStrings, numMechanismStrings);
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms);
- PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n",
- slotinfo.manufacturerID);
- if (PK11_IsHW(slot)) {
- PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Type: Software\n");
- }
- PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n",
- slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n",
- slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
- if (PK11_IsDisabled(slot)) {
- reason = PK11_GetDisabledReason(slot);
- if(reason < numDisableReasonStr) {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n",
- disableReasonStr[reason]);
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n");
- }
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n");
- }
+ /* Slot Info */
+ PR_fprintf(PR_STDOUT, "\n" PAD "Slot: %s\n", PK11_GetSlotName(slot));
+ mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot),
+ mechanismStrings, numMechanismStrings);
+ if (mechanisms[0] == '\0') {
+ mechanisms = "None";
+ }
+ PR_fprintf(PR_STDOUT, PAD "Slot Mechanism Flags: %s\n", mechanisms);
+ PR_fprintf(PR_STDOUT, PAD "Manufacturer: %.32s\n", slotinfo.manufacturerID);
+ if (PK11_IsHW(slot)) {
+ PR_fprintf(PR_STDOUT, PAD "Type: Hardware\n");
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "Type: Software\n");
+ }
+ PR_fprintf(PR_STDOUT, PAD "Version Number: %d.%d\n",
+ slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
+ PR_fprintf(PR_STDOUT, PAD "Firmware Version: %d.%d\n",
+ slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
+ if (PK11_IsDisabled(slot)) {
+ reason = PK11_GetDisabledReason(slot);
+ if (reason < numDisableReasonStr) {
+ PR_fprintf(PR_STDOUT, PAD "Status: DISABLED (%s)\n",
+ disableReasonStr[reason]);
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "Status: DISABLED\n");
+ }
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "Status: Enabled\n");
+ }
- if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
- PK11_GetTokenName(slot));
- rv = TOKEN_INFO_ERR;
- continue;
- }
+ if (PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
+ PK11_GetTokenName(slot));
+ rv = TOKEN_INFO_ERR;
+ continue;
+ }
- /* Token Info */
- PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n",
- tokeninfo.label);
- PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n",
- tokeninfo.manufacturerID);
- PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model);
- PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n",
- tokeninfo.serialNumber);
- PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n",
- tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n",
- tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
- if(tokeninfo.flags & CKF_WRITE_PROTECTED) {
- PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n");
- }
- if(tokeninfo.flags & CKF_LOGIN_REQUIRED) {
- PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD
- "Login Type: Public (no login required)\n");
- }
- if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
- PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n");
- }
+ /* Token Info */
+ PR_fprintf(PR_STDOUT, PAD "Token Name: %.32s\n", tokeninfo.label);
+ PR_fprintf(PR_STDOUT, PAD "Token Manufacturer: %.32s\n",
+ tokeninfo.manufacturerID);
+ PR_fprintf(PR_STDOUT, PAD "Token Model: %.16s\n", tokeninfo.model);
+ PR_fprintf(PR_STDOUT, PAD "Token Serial Number: %.16s\n",
+ tokeninfo.serialNumber);
+ PR_fprintf(PR_STDOUT, PAD "Token Version: %d.%d\n",
+ tokeninfo.hardwareVersion.major,
+ tokeninfo.hardwareVersion.minor);
+ PR_fprintf(PR_STDOUT, PAD "Token Firmware Version: %d.%d\n",
+ tokeninfo.firmwareVersion.major,
+ tokeninfo.firmwareVersion.minor);
+ if (tokeninfo.flags & CKF_WRITE_PROTECTED) {
+ PR_fprintf(PR_STDOUT, PAD "Access: Write Protected\n");
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "Access: NOT Write Protected\n");
}
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
+ if (tokeninfo.flags & CKF_LOGIN_REQUIRED) {
+ PR_fprintf(PR_STDOUT, PAD "Login Type: Login required\n");
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "Login Type: Public (no login required)\n");
+ }
+ if (tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
+ PR_fprintf(PR_STDOUT, PAD "User Pin: Initialized\n");
+ } else {
+ PR_fprintf(PR_STDOUT, PAD "User Pin: NOT Initialized\n");
+ }
+ }
+ PR_fprintf(PR_STDOUT,
+ "\n-----------------------------------------------------------\n");
loser:
- if (module) {
- SECMOD_DestroyModule(module);
- }
- return rv;
+ if (module) {
+ SECMOD_DestroyModule(module);
+ }
+ return rv;
}
/************************************************************************
*
* C h a n g e P W
*/
-Error
-ChangePW(char *tokenName, char *pwFile, char *newpwFile)
-{
- char *oldpw=NULL, *newpw=NULL, *newpw2=NULL;
- PK11SlotInfo *slot;
- Error ret=UNSPECIFIED_ERR;
- PRBool matching;
+Error ChangePW(char *tokenName, char *pwFile, char *newpwFile) {
+ char *oldpw = NULL, *newpw = NULL, *newpw2 = NULL;
+ PK11SlotInfo *slot;
+ Error ret = UNSPECIFIED_ERR;
+ PRBool matching;
- slot = PK11_FindSlotByName(tokenName);
- if(!slot) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
- return NO_SUCH_TOKEN_ERR;
+ slot = PK11_FindSlotByName(tokenName);
+ if (!slot) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
+ return NO_SUCH_TOKEN_ERR;
+ }
+
+ /* Get old password */
+ if (!PK11_NeedUserInit(slot)) {
+ if (pwFile) {
+ oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
+ if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
+ ret = BAD_PW_ERR;
+ goto loser;
+ }
+ } else {
+ for (matching = PR_FALSE; !matching;) {
+ oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
+ if (PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
+ matching = PR_TRUE;
+ } else {
+ PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
+ }
+ }
}
+ }
- /* Get old password */
- if(! PK11_NeedUserInit(slot)) {
- if(pwFile) {
- oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
- if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
- ret=BAD_PW_ERR;
- goto loser;
- }
- } else {
- for(matching=PR_FALSE; !matching; ) {
- oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
- if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
- matching = PR_TRUE;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
- }
- }
- }
+ /* Get new password */
+ if (newpwFile) {
+ newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
+ } else {
+ for (matching = PR_FALSE; !matching;) {
+ newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
+ newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
+ if (strcmp(newpw, newpw2)) {
+ PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
+ } else {
+ matching = PR_TRUE;
+ }
}
+ }
- /* Get new password */
- if(newpwFile) {
- newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
- } else {
- for(matching=PR_FALSE; !matching; ) {
- newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
- newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
- if(strcmp(newpw, newpw2)) {
- PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
- } else {
- matching = PR_TRUE;
- }
- }
+ /* Change the password */
+ if (PK11_NeedUserInit(slot)) {
+ if (PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
+ ret = CHANGEPW_FAILED_ERR;
+ goto loser;
}
+ } else {
+ if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
+ ret = CHANGEPW_FAILED_ERR;
+ goto loser;
+ }
+ }
- /* Change the password */
- if(PK11_NeedUserInit(slot)) {
- if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- } else {
- if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
- ret = SUCCESS;
+ PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
+ ret = SUCCESS;
loser:
- if(oldpw) {
- memset(oldpw, 0, strlen(oldpw));
- PORT_Free(oldpw);
- }
- if(newpw) {
- memset(newpw, 0, strlen(newpw));
- PORT_Free(newpw);
- }
- if(newpw2) {
- memset(newpw2, 0, strlen(newpw2));
- PORT_Free(newpw2);
- }
- PK11_FreeSlot(slot);
+ if (oldpw) {
+ memset(oldpw, 0, strlen(oldpw));
+ PORT_Free(oldpw);
+ }
+ if (newpw) {
+ memset(newpw, 0, strlen(newpw));
+ PORT_Free(newpw);
+ }
+ if (newpw2) {
+ memset(newpw2, 0, strlen(newpw2));
+ PORT_Free(newpw2);
+ }
+ PK11_FreeSlot(slot);
- return ret;
+ return ret;
}
/***********************************************************************
*
* E n a b l e M o d u l e
*
* If enable==PR_TRUE, enables the module or slot.
* If enable==PR_FALSE, disables the module or slot.
* moduleName is the name of the module.
* slotName is the name of the slot. It is optional.
*/
-Error
-EnableModule(char *moduleName, char *slotName, PRBool enable)
-{
- int i;
- SECMODModule *module = NULL;
- PK11SlotInfo *slot = NULL;
- PRBool found = PR_FALSE;
- Error rv;
+Error EnableModule(char *moduleName, char *slotName, PRBool enable) {
+ int i;
+ SECMODModule *module = NULL;
+ PK11SlotInfo *slot = NULL;
+ PRBool found = PR_FALSE;
+ Error rv;
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- rv = NO_SUCH_MODULE_ERR;
+ module = SECMOD_FindModule(moduleName);
+ if (!module) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
+ rv = NO_SUCH_MODULE_ERR;
+ goto loser;
+ }
+
+ for (i = 0; i < module->slotCount; i++) {
+ slot = module->slots[i];
+ if (slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
+ /* Not the right slot */
+ continue;
+ }
+ if (enable) {
+ if (!PK11_UserEnableSlot(slot)) {
+ PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], "enable",
+ PK11_GetSlotName(slot));
+ rv = ENABLE_FAILED_ERR;
goto loser;
+ } else {
+ found = PR_TRUE;
+ PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
+ PK11_GetSlotName(slot), "enabled");
+ }
+ } else {
+ if (!PK11_UserDisableSlot(slot)) {
+ PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], "disable",
+ PK11_GetSlotName(slot));
+ rv = ENABLE_FAILED_ERR;
+ goto loser;
+ } else {
+ found = PR_TRUE;
+ PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
+ PK11_GetSlotName(slot), "disabled");
+ }
}
+ }
- for(i=0; i < module->slotCount; i++) {
- slot = module->slots[i];
- if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
- /* Not the right slot */
- continue;
- }
- if(enable) {
- if(! PK11_UserEnableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "enable", PK11_GetSlotName(slot));
- rv = ENABLE_FAILED_ERR;
- goto loser;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "enabled");
- }
- } else {
- if(! PK11_UserDisableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "disable", PK11_GetSlotName(slot));
- rv = ENABLE_FAILED_ERR;
- goto loser;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "disabled");
- }
- }
- }
+ if (slotName && !found) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
+ rv = NO_SUCH_SLOT_ERR;
+ goto loser;
+ }
- if(slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- rv = NO_SUCH_SLOT_ERR;
- goto loser;
- }
+ /* Delete and re-add module to save changes */
+ if (SECMOD_UpdateModule(module) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
+ rv = UPDATE_MOD_FAILED_ERR;
+ goto loser;
+ }
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
- rv = UPDATE_MOD_FAILED_ERR;
- goto loser;
- }
-
- rv = SUCCESS;
+ rv = SUCCESS;
loser:
- if (module) {
- SECMOD_DestroyModule(module);
- }
- return rv;
+ if (module) {
+ SECMOD_DestroyModule(module);
+ }
+ return rv;
}
/*************************************************************************
*
* S e t D e f a u l t M o d u l e
*
*/
-Error
-SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule *module = NULL;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
- numMechanismStrings);
- PRBool found = PR_FALSE;
- Error errcode = UNSPECIFIED_ERR;
+Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms) {
+ SECMODModule *module = NULL;
+ PK11SlotInfo *slot;
+ int s, i;
+ unsigned long mechFlags =
+ getFlagsFromString(mechanisms, mechanismStrings, numMechanismStrings);
+ PRBool found = PR_FALSE;
+ Error errcode = UNSPECIFIED_ERR;
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
+ mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- errcode = NO_SUCH_MODULE_ERR;
- goto loser;
+ module = SECMOD_FindModule(moduleName);
+ if (!module) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
+ errcode = NO_SUCH_MODULE_ERR;
+ goto loser;
+ }
+
+ /* Go through each slot */
+ for (s = 0; s < module->slotCount; s++) {
+ slot = module->slots[s];
+
+ if ((slotName != NULL) &&
+ !((strcmp(PK11_GetSlotName(slot), slotName) == 0) ||
+ (strcmp(PK11_GetTokenName(slot), slotName) == 0))) {
+ /* we are only interested in changing the one slot */
+ continue;
}
- /* Go through each slot */
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
+ found = PR_TRUE;
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
+ /* Go through each mechanism */
+ for (i = 0; i < pk11_DefaultArraySize; i++) {
+ if (pk11_DefaultArray[i].flag & mechFlags) {
+ /* Enable this default mechanism */
+ PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]), PR_TRUE);
+ }
+ }
+ }
+ if (slotName && !found) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
+ errcode = NO_SUCH_SLOT_ERR;
+ goto loser;
+ }
- found = PR_TRUE;
+ /* Delete and re-add module to save changes */
+ if (SECMOD_UpdateModule(module) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR], moduleName);
+ errcode = DEFAULT_FAILED_ERR;
+ goto loser;
+ }
- /* Go through each mechanism */
- for(i=0; i < pk11_DefaultArraySize; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- /* Enable this default mechanism */
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_TRUE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- errcode = NO_SUCH_SLOT_ERR;
- goto loser;
- }
+ PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
- moduleName);
- errcode = DEFAULT_FAILED_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
-
- errcode = SUCCESS;
+ errcode = SUCCESS;
loser:
- if (module) {
- SECMOD_DestroyModule(module);
- }
- return errcode;
+ if (module) {
+ SECMOD_DestroyModule(module);
+ }
+ return errcode;
}
/************************************************************************
*
* U n s e t D e f a u l t M o d u l e
*/
-Error
-UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule * module = NULL;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms,
- mechanismStrings, numMechanismStrings);
- PRBool found = PR_FALSE;
- Error rv;
+Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms) {
+ SECMODModule *module = NULL;
+ PK11SlotInfo *slot;
+ int s, i;
+ unsigned long mechFlags =
+ getFlagsFromString(mechanisms, mechanismStrings, numMechanismStrings);
+ PRBool found = PR_FALSE;
+ Error rv;
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
+ mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- rv = NO_SUCH_MODULE_ERR;
- goto loser;
+ module = SECMOD_FindModule(moduleName);
+ if (!module) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
+ rv = NO_SUCH_MODULE_ERR;
+ goto loser;
+ }
+
+ for (s = 0; s < module->slotCount; s++) {
+ slot = module->slots[s];
+ if ((slotName != NULL) &&
+ !((strcmp(PK11_GetSlotName(slot), slotName) == 0) ||
+ (strcmp(PK11_GetTokenName(slot), slotName) == 0))) {
+ /* we are only interested in changing the one slot */
+ continue;
}
+ for (i = 0; i < pk11_DefaultArraySize; i++) {
+ if (pk11_DefaultArray[i].flag & mechFlags) {
+ PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]), PR_FALSE);
+ }
+ }
+ }
+ if (slotName && !found) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
+ rv = NO_SUCH_SLOT_ERR;
+ goto loser;
+ }
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
- for(i=0; i < pk11_DefaultArraySize ; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_FALSE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- rv = NO_SUCH_SLOT_ERR;
- goto loser;
- }
+ /* Delete and re-add module to save changes */
+ if (SECMOD_UpdateModule(module) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR], moduleName);
+ rv = UNDEFAULT_FAILED_ERR;
+ goto loser;
+ }
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
- moduleName);
- rv = UNDEFAULT_FAILED_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
- rv = SUCCESS;
+ PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
+ rv = SUCCESS;
loser:
- if (module) {
- SECMOD_DestroyModule(module);
- }
- return rv;
+ if (module) {
+ SECMOD_DestroyModule(module);
+ }
+ return rv;
}
« no previous file with comments | « cmd/modutil/modutil.c ('k') | cmd/multinit/multinit.c » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b