gnome-keyring r1449 - in trunk: . common daemon daemon/pkcs11 daemon/ui library pam pkcs11 pkcs11/gck pkcs11/gck/tests pkcs11/roots pkcs11/rpc-layer pkcs11/ssh-agent pkcs11/ssh-store pkcs11/ssh-store/tests
- From: nnielsen svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-keyring r1449 - in trunk: . common daemon daemon/pkcs11 daemon/ui library pam pkcs11 pkcs11/gck pkcs11/gck/tests pkcs11/roots pkcs11/rpc-layer pkcs11/ssh-agent pkcs11/ssh-store pkcs11/ssh-store/tests
- Date: Fri, 9 Jan 2009 03:05:12 +0000 (UTC)
Author: nnielsen
Date: Fri Jan 9 03:05:12 2009
New Revision: 1449
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1449&view=rev
Log:
* common/Makefile.am:
* daemon/Makefile.am:
* daemon/ui/Makefile.am:
* library/Makefile.am:
* pam/Makefile.am:
* pkcs11/gck/tests/Makefile.am:
* pkcs11/roots/Makefile.am:
* pkcs11/ssh-agent/Makefile.am:
* pkcs11/ssh-store/Makefile.am:
* pkcs11/ssh-store/tests/Makefile.am: Make it easier to pick and
choose between commonly used code bits in different modules.
* pkcs11/gck/Makefile.am:
* pkcs11/gck-temporary-test.c: Remove test code.
* daemon/gkr-daemon.c:
* daemon/pkcs11/gkr-pkcs11-auth.c:
* daemon/pkcs11/gkr-pkcs11-daemon.c:
* daemon/pkcs11/gkr-pkcs11-dispatch.c: (removed)
* daemon/pkcs11/gkr-pkcs11-dispatch.h: (removed)
* daemon/pkcs11/gkr-pkcs11-dispatch-session.c: (removed)
* daemon/pkcs11/gkr-pkcs11-dsa.c: (removed)
* daemon/pkcs11/gkr-pkcs11-dsa.h: (removed)
* daemon/pkcs11/gkr-pkcs11-rsa.c: (removed)
* daemon/pkcs11/gkr-pkcs11-rsa.h: (removed)
* daemon/pkcs11/Makefile.am:
* pkcs11/gkr-pkcs11-calls.h: (removed)
* pkcs11/gkr-pkcs11-mechanisms.h: (removed)
* pkcs11/gkr-pkcs11-message.c: (removed)
* pkcs11/gkr-pkcs11-message.h: (removed)
* pkcs11/gkr-pkcs11-module.c: (removed)
* pkcs11/Makefile.am:
* pkcs11/rpc-layer/gck-rpc-daemon-standalone.c:
* pkcs11/rpc-layer/gck-rpc-dispatch.c:
* pkcs11/rpc-layer/gck-rpc-layer.h:
* pkcs11/rpc-layer/gck-rpc-message.c:
* pkcs11/rpc-layer/gck-rpc-module.c:
* pkcs11/rpc-layer/gck-rpc-private.h:
* pkcs11/rpc-layer/Makefile.am:
* pkcs11/rpc-layer/p11-rpc-*: (remove old straggler files)
* configure.in: Integrate modular rpc-layer and remove old
dispatch and module code frome gnome-keyring-daemon.
Removed:
trunk/daemon/pkcs11/gkr-pkcs11-dispatch-session.c
trunk/daemon/pkcs11/gkr-pkcs11-dispatch.c
trunk/daemon/pkcs11/gkr-pkcs11-dispatch.h
trunk/daemon/pkcs11/gkr-pkcs11-dsa.c
trunk/daemon/pkcs11/gkr-pkcs11-dsa.h
trunk/daemon/pkcs11/gkr-pkcs11-rsa.c
trunk/daemon/pkcs11/gkr-pkcs11-rsa.h
trunk/pkcs11/gck/temporary-test.c
trunk/pkcs11/gkr-pkcs11-calls.h
trunk/pkcs11/gkr-pkcs11-mechanisms.h
trunk/pkcs11/gkr-pkcs11-message.c
trunk/pkcs11/gkr-pkcs11-message.h
trunk/pkcs11/gkr-pkcs11-module.c
trunk/pkcs11/rpc-layer/p11-rpc-dispatch.c
trunk/pkcs11/rpc-layer/p11-rpc-message.c
trunk/pkcs11/rpc-layer/p11-rpc-module.c
trunk/pkcs11/rpc-layer/p11-rpc-private.h
trunk/pkcs11/rpc-layer/p11-rpc-test-daemon.c
trunk/pkcs11/rpc-layer/p11-rpc-test-module.c
trunk/pkcs11/rpc-layer/p11-rpc-util.c
trunk/pkcs11/rpc-layer/p11-rpc.h
Modified:
trunk/ChangeLog
trunk/common/Makefile.am
trunk/configure.in
trunk/daemon/Makefile.am
trunk/daemon/gkr-daemon.c
trunk/daemon/pkcs11/Makefile.am
trunk/daemon/pkcs11/gkr-pkcs11-auth.c
trunk/daemon/pkcs11/gkr-pkcs11-daemon.c
trunk/daemon/ui/Makefile.am
trunk/library/Makefile.am
trunk/pam/Makefile.am
trunk/pkcs11/Makefile.am
trunk/pkcs11/gck/Makefile.am
trunk/pkcs11/gck/tests/Makefile.am
trunk/pkcs11/roots/Makefile.am
trunk/pkcs11/rpc-layer/Makefile.am
trunk/pkcs11/rpc-layer/gck-rpc-daemon-standalone.c
trunk/pkcs11/rpc-layer/gck-rpc-dispatch.c
trunk/pkcs11/rpc-layer/gck-rpc-layer.h
trunk/pkcs11/rpc-layer/gck-rpc-message.c
trunk/pkcs11/rpc-layer/gck-rpc-module.c
trunk/pkcs11/rpc-layer/gck-rpc-private.h
trunk/pkcs11/ssh-agent/Makefile.am
trunk/pkcs11/ssh-store/Makefile.am
trunk/pkcs11/ssh-store/tests/Makefile.am
Modified: trunk/common/Makefile.am
==============================================================================
--- trunk/common/Makefile.am (original)
+++ trunk/common/Makefile.am Fri Jan 9 03:05:12 2009
@@ -1,8 +1,9 @@
noinst_LTLIBRARIES = \
libgkr-common.la \
- libgkr-module-common.la \
- libgkr-common-buffer.la
+ libgkr-common-secure.la \
+ libgkr-common-buffer.la \
+ libgkr-common-creds.la
INCLUDES = \
-I$(top_srcdir)
@@ -42,17 +43,15 @@
# --------------------------------------------------------------------
# COMMON STUFF COMPILED INTO LOADABLE MODULES
-libgkr_module_common_la_SOURCES = \
- gkr-buffer.c gkr-buffer.h \
- gkr-secure-memory.c gkr-secure-memory.h \
- gkr-unix-credentials.c gkr-unix-credentials.h
-
-# --------------------------------------------------------------------
-# ONLY THE BUFFER CODE
+libgkr_common_secure_la_SOURCES = \
+ gkr-secure-memory.c gkr-secure-memory.h
libgkr_common_buffer_la_SOURCES = \
gkr-buffer.c gkr-buffer.h
+libgkr_common_creds_la_SOURCES = \
+ gkr-unix-credentials.c gkr-unix-credentials.h
+
if WITH_TESTS
TESTS_DIR = tests
else
Modified: trunk/configure.in
==============================================================================
--- trunk/configure.in (original)
+++ trunk/configure.in Fri Jan 9 03:05:12 2009
@@ -509,6 +509,7 @@
pkcs11/gck/tests/Makefile
pkcs11/roots/Makefile
pkcs11/roots/tests/Makefile
+pkcs11/rpc-layer/Makefile
pkcs11/ssh-agent/Makefile
pkcs11/ssh-store/Makefile
pkcs11/ssh-store/tests/Makefile
Modified: trunk/daemon/Makefile.am
==============================================================================
--- trunk/daemon/Makefile.am (original)
+++ trunk/daemon/Makefile.am Fri Jan 9 03:05:12 2009
@@ -43,6 +43,7 @@
$(top_builddir)/daemon/keyrings/libgkr-keyrings.la \
$(top_builddir)/daemon/ui/libgkr-ui.la \
$(top_builddir)/library/libgnome-keyring-common.la \
+ $(top_builddir)/pkcs11/rpc-layer/libgck-rpc-layer.la \
$(top_builddir)/pkcs11/ssh-agent/libgck-ssh-agent.la \
$(top_builddir)/pkcs11/ssh-store/libgck-ssh-store.la \
$(top_builddir)/pkcs11/gck/libgck.la \
Modified: trunk/daemon/gkr-daemon.c
==============================================================================
--- trunk/daemon/gkr-daemon.c (original)
+++ trunk/daemon/gkr-daemon.c Fri Jan 9 03:05:12 2009
@@ -36,17 +36,7 @@
#include "library/gnome-keyring.h"
-#include "pk/gkr-pk-object-storage.h"
-#ifdef ROOT_CERTIFICATES
-#include "pk/gkr-pk-root-storage.h"
-#endif
-
#include "pkcs11/gkr-pkcs11-daemon.h"
-#include "pkcs11/gkr-pkcs11-dispatch.h"
-
-#ifdef WITH_SSH
-#include "ssh/gkr-ssh-storage.h"
-#endif
#include "ui/gkr-ask-daemon.h"
@@ -638,32 +628,17 @@
if (!gkr_pkcs11_daemon_initialize ())
return FALSE;
- /* TODO: OLD, REMOVE */
- if (!gkr_pk_object_storage_initialize ())
- return FALSE;
-
-#ifdef ROOT_CERTIFICATES
- /* TODO: OLD, REMOVE */
- if (!gkr_pk_root_storage_initialize ())
- return FALSE;
-#endif
-
/* Initialize the appropriate components */
#ifdef WITH_SSH
if (check_run_component ("ssh")) {
if (!gkr_pkcs11_daemon_setup_ssh ())
return FALSE;
-
- /* TODO: OLD, REMOVE */
- if (!gkr_ssh_storage_initialize ())
- return FALSE;
}
#endif
if (check_run_component ("pkcs11")) {
- /* TODO: OLD, REMOVE */
- if (!gkr_pkcs11_dispatch_setup ())
+ if (!gkr_pkcs11_daemon_setup_pkcs11 ())
return FALSE;
}
Modified: trunk/daemon/pkcs11/Makefile.am
==============================================================================
--- trunk/daemon/pkcs11/Makefile.am (original)
+++ trunk/daemon/pkcs11/Makefile.am Fri Jan 9 03:05:12 2009
@@ -9,12 +9,7 @@
DAEMON_SRCS = \
gkr-pkcs11-auth.c gkr-pkcs11-auth.h gkr-pkcs11-auth-ep.c \
- gkr-pkcs11-daemon.c gkr-pkcs11-daemon.h \
- gkr-pkcs11-dispatch.c gkr-pkcs11-dispatch.h \
- gkr-pkcs11-dispatch-session.c \
- gkr-pkcs11-dsa.c gkr-pkcs11-dsa.h \
- $(top_srcdir)/pkcs11/gkr-pkcs11-message.c \
- gkr-pkcs11-rsa.c gkr-pkcs11-rsa.h
+ gkr-pkcs11-daemon.c gkr-pkcs11-daemon.h
noinst_LTLIBRARIES = libgkr-pkcs11.la
Modified: trunk/daemon/pkcs11/gkr-pkcs11-auth.c
==============================================================================
--- trunk/daemon/pkcs11/gkr-pkcs11-auth.c (original)
+++ trunk/daemon/pkcs11/gkr-pkcs11-auth.c Fri Jan 9 03:05:12 2009
@@ -525,8 +525,7 @@
g_return_if_fail (per_slot_data);
/* Remove all information about this slot */
- if (!g_hash_table_remove (per_slot_data, &id))
- g_return_if_reached ();
+ g_hash_table_remove (per_slot_data, &id);
}
void
Modified: trunk/daemon/pkcs11/gkr-pkcs11-daemon.c
==============================================================================
--- trunk/daemon/pkcs11/gkr-pkcs11-daemon.c (original)
+++ trunk/daemon/pkcs11/gkr-pkcs11-daemon.c Fri Jan 9 03:05:12 2009
@@ -97,7 +97,6 @@
return TRUE;
}
-#if 0
static void
pkcs11_rpc_cleanup (gpointer unused)
{
@@ -135,7 +134,7 @@
gkr_async_begin_concurrent ();
- sock = gck_rpc_layer_initialize (base_dir, pkcs11_roof, NULL);
+ sock = gck_rpc_layer_initialize (base_dir, pkcs11_roof);
gkr_async_end_concurrent ();
@@ -150,7 +149,6 @@
return TRUE;
}
-#endif
static void
pkcs11_ssh_cleanup (gpointer unused)
Modified: trunk/daemon/ui/Makefile.am
==============================================================================
--- trunk/daemon/ui/Makefile.am (original)
+++ trunk/daemon/ui/Makefile.am Fri Jan 9 03:05:12 2009
@@ -21,7 +21,7 @@
gkr-ask-request.h
gnome_keyring_ask_LDADD = \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-secure.la \
$(GTK_LIBS)
noinst_LTLIBRARIES=libgkr-ui.la
Modified: trunk/library/Makefile.am
==============================================================================
--- trunk/library/Makefile.am (original)
+++ trunk/library/Makefile.am Fri Jan 9 03:05:12 2009
@@ -40,7 +40,9 @@
libgnome_keyring_la_LIBADD = \
libgnome-keyring-common.la \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-secure.la \
+ $(top_builddir)/common/libgkr-common-creds.la \
$(GLIB_LIBS)
libgnome_keyring_la_LDFLAGS = \
Modified: trunk/pam/Makefile.am
==============================================================================
--- trunk/pam/Makefile.am (original)
+++ trunk/pam/Makefile.am Fri Jan 9 03:05:12 2009
@@ -13,7 +13,9 @@
gkr-pam-stubs.c
pam_gnome_keyring_la_LIBADD = \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-creds.la \
+ $(top_builddir)/common/libgkr-common-secure.la \
-lpam
pam_gnome_keyring_la_LDFLAGS = \
Modified: trunk/pkcs11/Makefile.am
==============================================================================
--- trunk/pkcs11/Makefile.am (original)
+++ trunk/pkcs11/Makefile.am Fri Jan 9 03:05:12 2009
@@ -9,32 +9,6 @@
EXTRA_DIST = \
pkcs11.h
-# ------------------------------------------------------------------------------
-# The pkcs11 module
-
-moduledir = $(libdir)/gnome-keyring/
-
-MODULE_SRCS = \
- gkr-pkcs11-module.c \
- gkr-pkcs11-message.c gkr-pkcs11-message.h \
- gkr-pkcs11-mechanisms.h gkr-pkcs11-calls.h
-
-module_LTLIBRARIES = gnome-keyring-pkcs11.la
-
-gnome_keyring_pkcs11_la_LDFLAGS = \
- -module -avoid-version \
- -no-undefined -export-symbols-regex 'C_GetFunctionList'
-
-gnome_keyring_pkcs11_la_CFLAGS = \
- -I. \
- -I$(top_srcdir)
-
-gnome_keyring_pkcs11_la_SOURCES = $(MODULE_SRCS)
-
-gnome_keyring_pkcs11_la_LIBADD = \
- $(top_builddir)/common/libgkr-module-common.la
-
-
if WITH_ROOT_CERTS
ROOTS_DIR = roots
else
@@ -47,5 +21,5 @@
TESTS_DIR =
endif
-SUBDIRS = . gck ssh-agent ssh-store $(ROOTS_DIR) $(TESTS_DIR)
+SUBDIRS = . gck rpc-layer ssh-agent ssh-store $(ROOTS_DIR) $(TESTS_DIR)
Modified: trunk/pkcs11/gck/Makefile.am
==============================================================================
--- trunk/pkcs11/gck/Makefile.am (original)
+++ trunk/pkcs11/gck/Makefile.am Fri Jan 9 03:05:12 2009
@@ -73,25 +73,6 @@
pkix.asn \
pk.asn
-# ------------------------------------------------------------------------------
-# TEMPORARY TEST BINARY
-
-noinst_PROGRAMS = \
- temporary-test
-
-temporary_test_SOURCES = \
- temporary-test.c
-
-temporary_test_LDFLAGS = \
- -lpthread
-
-temporary_test_LDADD = \
- libgck.la \
- $(top_builddir)/common/libgkr-module-common.la \
- $(GOBJECT_LIBS) \
- $(LIBGCRYPT_LIBS) \
- $(GLIB_LIBS)
-
# -------------------------------------------------------------------------------
if WITH_TESTS
Modified: trunk/pkcs11/gck/tests/Makefile.am
==============================================================================
--- trunk/pkcs11/gck/tests/Makefile.am (original)
+++ trunk/pkcs11/gck/tests/Makefile.am Fri Jan 9 03:05:12 2009
@@ -22,7 +22,8 @@
UNIT_LIBS = \
$(top_builddir)/pkcs11/gck/libgck.la \
- $(top_builddir)/common/libgkr-module-common.la
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-secure.la
EXTRA_DIST = \
test.asn \
Modified: trunk/pkcs11/roots/Makefile.am
==============================================================================
--- trunk/pkcs11/roots/Makefile.am (original)
+++ trunk/pkcs11/roots/Makefile.am Fri Jan 9 03:05:12 2009
@@ -36,7 +36,8 @@
gck_roots_module_la_LIBADD = \
libgck-roots.la \
$(top_builddir)/pkcs11/gck/libgck.la \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-secure.la \
$(GOBJECT_LIBS) \
$(GTHREAD_LIBS) \
$(GLIB_LIBS) \
Modified: trunk/pkcs11/rpc-layer/Makefile.am
==============================================================================
--- trunk/pkcs11/rpc-layer/Makefile.am (original)
+++ trunk/pkcs11/rpc-layer/Makefile.am Fri Jan 9 03:05:12 2009
@@ -20,7 +20,6 @@
gck-rpc-util.c
libgck_rpc_layer_la_LIBADD = \
- $(top_builddir)/common/libgkr-common-buffer.la \
$(GOBJECT_LIBS) \
$(GTHREAD_LIBS) \
$(GLIB_LIBS)
@@ -31,23 +30,24 @@
$(GLIB_CFLAGS)
# ------------------------------------------------------------------------------
-# The module code
+# The module code, built as the public gnome-keyring module
-moduledir = $(libdir)/gnome-keyring/devel/
+moduledir = $(libdir)/gnome-keyring/
module_LTLIBRARIES = \
- gck-rpc-layer-standalone.la
+ gnome-keyring-pkcs11.la
-gck_rpc_layer_standalone_la_SOURCES = \
+gnome_keyring_pkcs11_la_SOURCES = \
gck-rpc-private.h \
gck-rpc-module.c \
gck-rpc-message.c \
gck-rpc-util.c
-gck_rpc_layer_standalone_la_LIBADD = \
- $(top_builddir)/common/libgkr-common-buffer.la
+gnome_keyring_pkcs11_la_LIBADD = \
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-creds.la
-gck_rpc_layer_standalone_la_LDFLAGS = \
+gnome_keyring_pkcs11_la_LDFLAGS = \
-module -avoid-version \
-no-undefined -export-symbols-regex 'C_GetFunctionList'
@@ -58,5 +58,6 @@
gck-rpc-daemon-standalone.c
gck_rpc_daemon_standalone_LDADD = \
- -ldl -lpthread libgck-rpc-layer.la
+ -ldl libgck-rpc-layer.la \
+ $(top_builddir)/common/libgkr-common.la
Modified: trunk/pkcs11/rpc-layer/gck-rpc-daemon-standalone.c
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-daemon-standalone.c (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-daemon-standalone.c Fri Jan 9 03:05:12 2009
@@ -89,8 +89,12 @@
errx (1, "couldn't get function list from C_GetFunctionList in libary: %s: 0x%08x",
argv[1], (int)rv);
- unlink (SOCKET_PATH);
- sock = gck_rpc_dispatch_init (SOCKET_PATH, funcs, &p11_init_args);
+ /* RPC layer expects initialized module */
+ rv = (funcs->C_Initialize) (&p11_init_args);
+ if (rv != CKR_OK)
+ errx (1, "couldn't initialize module: %s: 0x%08x", argv[1], (int)rv);
+
+ sock = gck_rpc_layer_initialize (SOCKET_PATH, funcs);
if (sock == -1)
exit (1);
@@ -106,10 +110,15 @@
}
if (FD_ISSET (sock, &read_fds))
- gck_rpc_dispatch_accept ();
+ gck_rpc_layer_accept ();
}
- gck_rpc_dispatch_uninit ();
+ gck_rpc_layer_uninitialize ();
+
+ rv = (funcs->C_Finalize) (NULL);
+ if (rv != CKR_OK)
+ warnx ("couldn't finalize module: %s: 0x%08x", argv[1], (int)rv);
+
dlclose(module);
return 0;
Modified: trunk/pkcs11/rpc-layer/gck-rpc-dispatch.c
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-dispatch.c (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-dispatch.c Fri Jan 9 03:05:12 2009
@@ -27,6 +27,9 @@
#include "gck-rpc-private.h"
#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11g.h"
+
+#include "common/gkr-unix-credentials.h"
#include <sys/types.h>
#include <sys/param.h>
@@ -45,15 +48,6 @@
/* Where we dispatch the calls to */
static CK_FUNCTION_LIST_PTR pkcs11_module = NULL;
-/* Argument to pass to C_Initialize */
-static CK_C_INITIALIZE_ARGS *pkcs11_initialize_args = NULL;
-
-/* Mutex for guarding initialization variable */
-static pthread_mutex_t init_mutex = PTHREAD_MUTEX_INITIALIZER;
-
-/* The number of times we've initialized */
-static int pkcs11_initialized = 0;
-
/* The error returned on protocol failures */
#define PARSE_ERROR CKR_DEVICE_ERROR
#define PREP_ERROR CKR_DEVICE_MEMORY
@@ -87,6 +81,7 @@
GckRpcMessage *req;
GckRpcMessage *resp;
void *allocated;
+ CK_ULONG appid;
} CallState;
static int
@@ -181,7 +176,7 @@
msg = cs->req;
/* Check that we're supposed to be reading this at this point */
- assert (!msg->signature || gck_rpc_message_verify_part (msg, "ay"));
+ assert (!msg->signature || gck_rpc_message_verify_part (msg, "fy"));
/* The number of ulongs there's room for on the other end */
if (!gkr_buffer_get_uint32 (&msg->buffer, msg->parsed, &msg->parsed, &length))
@@ -220,9 +215,11 @@
if (!gkr_buffer_get_byte (&msg->buffer, msg->parsed, &msg->parsed, &valid))
return PARSE_ERROR;
- /* Module should always send us valid arrays */
- if (!valid)
- return PARSE_ERROR;
+ if (!valid) {
+ *array = NULL;
+ *n_array = 0;
+ return CKR_OK;
+ }
/* Point our arguments into the buffer */
if (!gkr_buffer_get_byte_array (&msg->buffer, msg->parsed, &msg->parsed,
@@ -366,10 +363,18 @@
return PARSE_ERROR;
if (valid) {
+ if (!gkr_buffer_get_uint32 (&msg->buffer, msg->parsed, &msg->parsed, &value))
+ return PARSE_ERROR;
if (!gkr_buffer_get_byte_array (&msg->buffer, msg->parsed, &msg->parsed, &data, &n_data))
return PARSE_ERROR;
+
+ if (data != NULL && n_data != value) {
+ g_warning ("attribute length and data do not match");
+ return PARSE_ERROR;
+ }
+
attrs[i].pValue = (CK_VOID_PTR)data;
- attrs[i].ulValueLen = n_data;
+ attrs[i].ulValueLen = value;
} else {
attrs[i].pValue = NULL;
attrs[i].ulValueLen = -1;
@@ -385,7 +390,7 @@
proto_write_attribute_array (CallState *cs, CK_ATTRIBUTE_PTR array, CK_ULONG len, CK_RV ret)
{
assert (cs);
-
+
/*
* When returning an attribute array, certain errors aren't
* actually real errors, these are passed through to the other
@@ -705,18 +710,10 @@
assert (gck_rpc_message_is_verified (cs->req));
}
- if (ret == CKR_OK) {
-
- pthread_mutex_lock (&init_mutex);
-
- if (pkcs11_initialized == 0)
- ret = pkcs11_module->C_Initialize (pkcs11_initialize_args);
-
- if (ret == CKR_OK)
- ++pkcs11_initialized;
-
- pthread_mutex_unlock (&init_mutex);
- }
+ /*
+ * We don't actually C_Initialize lower layers. It's assumed
+ * that they'll already be initialzied by the code that loaded us.
+ */
debug (("ret: %d", ret));
return ret;
@@ -725,6 +722,9 @@
static CK_RV
rpc_C_Finalize (CallState *cs)
{
+ CK_SLOT_ID_PTR slots;
+ CK_ULONG n_slots, i;
+ CK_SLOT_ID appartment;
CK_RV ret;
debug (("C_Finalize: enter"));
@@ -732,16 +732,30 @@
assert (cs);
assert (pkcs11_module);
- pthread_mutex_lock (&init_mutex);
-
- if (pkcs11_initialized == 1)
- ret = pkcs11_module->C_Finalize (NULL);
-
- if (ret == CKR_OK)
- --pkcs11_initialized;
+ /*
+ * We don't actually C_Finalize lower layers, since this would finalize
+ * for all appartments, client applications. Anyway this is done by
+ * the code that loaded us.
+ *
+ * But we do need to cleanup resources used by this client, so instead
+ * we call C_CloseAllSessions for each appartment for this client.
+ */
+
+ ret = (pkcs11_module->C_GetSlotList) (TRUE, NULL, &n_slots);
+ if (ret == CKR_OK) {
+ slots = calloc (n_slots, sizeof (CK_SLOT_ID));
+ if (slots == NULL) {
+ ret = CKR_DEVICE_MEMORY;
+ } else {
+ ret = (pkcs11_module->C_GetSlotList) (TRUE, slots, &n_slots);
+ for (i = 0; ret == CKR_OK && i < n_slots; ++i) {
+ appartment = CK_GNOME_MAKE_APPARTMENT (slots[i], cs->appid);
+ ret = (pkcs11_module->C_CloseAllSessions) (appartment);
+ }
+ free (slots);
+ }
+ }
- pthread_mutex_unlock (&init_mutex);
-
debug (("ret: %d", ret));
return ret;
}
@@ -777,9 +791,12 @@
{
CK_SLOT_ID slot_id;
CK_SLOT_INFO info;
-
+
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_GetSlotInfo);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
PROCESS_CALL ((slot_id, &info));
OUT_SLOT_INFO (info);
END_CALL;
@@ -791,8 +808,11 @@
CK_SLOT_ID slot_id;
CK_TOKEN_INFO info;
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_GetTokenInfo);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
PROCESS_CALL ((slot_id, &info));
OUT_TOKEN_INFO (info);
END_CALL;
@@ -804,9 +824,12 @@
CK_SLOT_ID slot_id;
CK_MECHANISM_TYPE_PTR mechanism_list;
CK_ULONG count;
-
+
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_GetMechanismList);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
IN_ULONG_BUFFER (mechanism_list, count);
PROCESS_CALL ((slot_id, mechanism_list, &count));
OUT_ULONG_ARRAY (mechanism_list, count);
@@ -820,8 +843,11 @@
CK_MECHANISM_TYPE type;
CK_MECHANISM_INFO info;
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_GetMechanismInfo);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
IN_ULONG (type);
PROCESS_CALL ((slot_id, type, &info));
OUT_MECHANISM_INFO (info);
@@ -835,9 +861,12 @@
CK_UTF8CHAR_PTR pin;
CK_ULONG pin_len;
CK_UTF8CHAR_PTR label;
-
+
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_InitToken);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
IN_BYTE_ARRAY (pin, pin_len);
IN_STRING (label);
PROCESS_CALL ((slot_id, pin, pin_len, label));
@@ -849,10 +878,13 @@
{
CK_FLAGS flags;
CK_SLOT_ID slot_id;
-
+
+ /* Get slot id from appartment lower layers use. */
+
BEGIN_CALL (C_WaitForSlotEvent);
IN_ULONG (flags);
PROCESS_CALL ((flags, &slot_id, NULL));
+ slot_id = CK_GNOME_APPARTMENT_SLOT (slot_id);
OUT_ULONG (slot_id);
END_CALL;
}
@@ -864,8 +896,11 @@
CK_FLAGS flags;
CK_SESSION_HANDLE session;
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_OpenSession);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
IN_ULONG (flags);
PROCESS_CALL ((slot_id, flags, NULL, NULL, &session));
OUT_ULONG (session);
@@ -889,8 +924,11 @@
{
CK_SLOT_ID slot_id;
+ /* Slot id becomes appartment so lower layers can tell clients apart. */
+
BEGIN_CALL (C_CloseAllSessions);
IN_ULONG (slot_id);
+ slot_id = CK_GNOME_MAKE_APPARTMENT (slot_id, cs->appid);
PROCESS_CALL ((slot_id));
END_CALL;
}
@@ -922,10 +960,13 @@
{
CK_SESSION_HANDLE session;
CK_SESSION_INFO info;
+
+ /* Get slot id from appartment lower layers use. */
BEGIN_CALL (C_GetSessionInfo);
IN_ULONG (session);
PROCESS_CALL ((session, &info));
+ info.slotID = CK_GNOME_APPARTMENT_SLOT (info.slotID);
OUT_SESSION_INFO (info);
END_CALL;
}
@@ -1981,12 +2022,20 @@
run_dispatch_loop (int sock)
{
CallState cs;
+ pid_t pid;
+ uid_t uid;
unsigned char buf[4];
uint32_t len;
assert (sock != -1);
- /* TODO: Read credentials */
+ if (!gkr_unix_credentials_read (sock, &pid, &uid) < 0) {
+ gck_rpc_warn ("couldn't read socket credentials");
+ return;
+ }
+
+ /* The client application */
+ cs.appid = pid;
/* Setup our buffers */
if (!call_init (&cs)) {
@@ -2046,11 +2095,6 @@
int *sock = arg;
assert (*sock != -1);
- /* Try and initialize the PKCS#11 module */
- if (!pkcs11_initialized) {
-
- }
-
run_dispatch_loop (*sock);
/* The thread closes the socket and marks as done */
@@ -2080,9 +2124,8 @@
/* A linked list of dispatcher threads */
static DispatchState *pkcs11_dispatchers = NULL;
-
void
-gck_rpc_dispatch_accept (void)
+gck_rpc_layer_accept (void)
{
struct sockaddr_un addr;
DispatchState *ds, **here;
@@ -2132,8 +2175,7 @@
}
int
-gck_rpc_dispatch_init (const char *socket_path, CK_FUNCTION_LIST_PTR module,
- CK_C_INITIALIZE_ARGS_PTR init_args)
+gck_rpc_layer_initialize (const char *prefix, CK_FUNCTION_LIST_PTR module)
{
struct sockaddr_un addr;
int sock;
@@ -2143,7 +2185,7 @@
#endif
assert (module);
- assert (socket_path);
+ assert (prefix);
/* cannot be called more than once */
assert (!pkcs11_module);
@@ -2151,7 +2193,7 @@
assert (pkcs11_dispatchers == NULL);
snprintf (pkcs11_socket_path, sizeof (pkcs11_socket_path),
- "%s", socket_path);
+ "%s/socket.pkcs11", prefix);
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0) {
@@ -2161,6 +2203,7 @@
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
+ unlink (pkcs11_socket_path);
strncpy (addr.sun_path, pkcs11_socket_path, sizeof (addr.sun_path));
if (bind (sock, (struct sockaddr*)&addr, sizeof (addr)) < 0) {
gck_rpc_warn ("couldn't bind to pkcs11 socket: %s: %s",
@@ -2175,7 +2218,6 @@
}
pkcs11_module = module;
- pkcs11_initialize_args = init_args;
pkcs11_socket = sock;
pkcs11_dispatchers = NULL;
@@ -2183,7 +2225,7 @@
}
void
-gck_rpc_dispatch_uninit (void)
+gck_rpc_layer_uninitialize (void)
{
DispatchState *ds, *next;
@@ -2215,5 +2257,4 @@
}
pkcs11_module = NULL;
- pkcs11_initialize_args = NULL;
}
Modified: trunk/pkcs11/rpc-layer/gck-rpc-layer.h
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-layer.h (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-layer.h Fri Jan 9 03:05:12 2009
@@ -8,14 +8,13 @@
*/
/* Call to initialize the module and start listening, returns socket or -1 */
-int gck_rpc_dispatch_init (const char *socket_prefix,
- CK_FUNCTION_LIST_PTR module,
- CK_C_INITIALIZE_ARGS_PTR init_args);
+int gck_rpc_layer_initialize (const char *prefix,
+ CK_FUNCTION_LIST_PTR funcs);
/* Should be called to cleanup dispatcher */
-void gck_rpc_dispatch_uninit (void);
+void gck_rpc_layer_uninitialize (void);
/* Accept a new connection. Should be called when above fd has read */
-void gck_rpc_dispatch_accept (void);
+void gck_rpc_layer_accept (void);
#endif /* GCKRPC_H_ */
Modified: trunk/pkcs11/rpc-layer/gck-rpc-message.c
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-message.c (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-message.c Fri Jan 9 03:05:12 2009
@@ -105,6 +105,7 @@
msg->signature = gck_rpc_calls[call_id].response;
else
assert (0 && "invalid message type");
+ assert (msg->signature);
msg->sigverify = msg->signature;
}
@@ -250,7 +251,7 @@
int
gck_rpc_message_write_attribute_array (GckRpcMessage *msg,
- CK_ATTRIBUTE_PTR arr, CK_ULONG num)
+ CK_ATTRIBUTE_PTR arr, CK_ULONG num)
{
CK_ULONG i;
CK_ATTRIBUTE_PTR attr;
@@ -275,9 +276,11 @@
validity = (((CK_LONG)attr->ulValueLen) == -1) ? 0 : 1;
gkr_buffer_add_byte (&msg->buffer, validity);
- /* The attribute value */
- if (validity)
+ /* The attribute length and value */
+ if (validity) {
+ gkr_buffer_add_uint32 (&msg->buffer, attr->ulValueLen);
gkr_buffer_add_byte_array (&msg->buffer, attr->pValue, attr->ulValueLen);
+ }
}
return !gkr_buffer_has_error (&msg->buffer);
Modified: trunk/pkcs11/rpc-layer/gck-rpc-module.c
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-module.c (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-module.c Fri Jan 9 03:05:12 2009
@@ -28,6 +28,8 @@
#include "pkcs11/pkcs11.h"
+#include "common/gkr-unix-credentials.h"
+
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
@@ -52,9 +54,6 @@
/* Various mutexes */
static pthread_mutex_t init_mutex = PTHREAD_MUTEX_INITIALIZER;
-/* Our per thread key */
-static pthread_key_t pkcs11_per_thread = 0;
-
/* Whether we've been initialized, and on what process id it happened */
static int pkcs11_initialized = 0;
static pid_t pkcs11_initialized_pid = 0;
@@ -86,6 +85,98 @@
}
/* -----------------------------------------------------------------------------
+ * MODULE ARGUMENTS
+ */
+
+static void
+parse_argument (char *arg)
+{
+ char *value;
+
+ value = arg + strcspn (arg, ":=");
+ if (!*value)
+ value = NULL;
+ else
+ *(value++) = 0;
+
+ /* Setup the socket path from the arguments */
+ if (strcmp (arg, "socket") == 0)
+ snprintf (pkcs11_socket_path, sizeof (pkcs11_socket_path), "%s", value);
+ else
+ warning (("unrecognized argument: %s", arg));
+}
+
+static void
+parse_arguments (const char *string)
+{
+ char quote = '\0';
+ char *src, *dup, *at, *arg;
+
+ if (!string)
+ return;
+
+ src = dup = strdup (string);
+ if (!dup) {
+ warning (("couldn't allocate memory for argument string"));
+ return;
+ }
+
+ arg = at = src;
+ for (src = dup; *src; src++) {
+
+ /* Matching quote */
+ if (quote == *src) {
+ quote = '\0';
+
+ /* Inside of quotes */
+ } else if (quote != '\0') {
+ if (*src == '\\') {
+ *at++ = *src++;
+ if (!*src) {
+ warning (("couldn't parse argument string: %s", string));
+ goto done;
+ }
+ if (*src != quote)
+ *at++ = '\\';
+ }
+ *at++ = *src;
+
+ /* Space, not inside of quotes */
+ } else if (isspace(*src)) {
+ *at = 0;
+ parse_argument (arg);
+ arg = at;
+
+ /* Other character outside of quotes */
+ } else {
+ switch (*src) {
+ case '\'':
+ case '"':
+ quote = *src;
+ break;
+ case '\\':
+ *at++ = *src++;
+ if (!*src) {
+ warning (("couldn't parse argument string: %s", string));
+ goto done;
+ }
+ /* fall through */
+ default:
+ *at++ = *src;
+ break;
+ }
+ }
+ }
+
+
+ if (at != arg)
+ parse_argument (arg);
+
+done:
+ free (dup);
+}
+
+/* -----------------------------------------------------------------------------
* CALL SESSION
*/
@@ -98,12 +189,23 @@
};
typedef struct _CallState {
- int socket; /* The connection we're sending on */
+ int socket; /* The connection we're sending on */
GckRpcMessage *req; /* The current request */
GckRpcMessage *resp; /* The current response */
int call_status;
+ struct _CallState *next; /* For pooling of completed sockets */
} CallState;
+/* Maximum number of idle calls */
+#define MAX_CALL_STATE_POOL 8
+
+/* All call unused call states are in this list */
+static CallState *call_state_pool = NULL;
+static unsigned int n_call_state_pool = 0;
+
+/* Mutex to protect above call state list */
+static pthread_mutex_t call_state_mutex = PTHREAD_MUTEX_INITIALIZER;
+
/* Allocator for call session buffers */
static void*
call_allocator (void* p, unsigned long sz)
@@ -149,14 +251,11 @@
return CKR_DEVICE_ERROR;
}
- /* TODO: Write credentials */
-#if 0
- if (!gck_rpc_write_credentials (sock)) {
+ if (gkr_unix_credentials_write (sock) < 0) {
close (sock);
warning (("couldn't send socket credentials: %s", strerror (errno)));
return CKR_DEVICE_ERROR;
}
-#endif
cs->socket = sock;
cs->call_status = CALL_READY;
@@ -196,51 +295,44 @@
}
static CK_RV
-call_create (void)
-{
- CallState *cs;
-
- assert (pkcs11_per_thread);
-
- cs = calloc(1, sizeof (CallState));
- if (!cs)
- return CKR_HOST_MEMORY;
- cs->socket = -1;
- cs->call_status = CALL_INVALID;
-
- assert (!pthread_getspecific (pkcs11_per_thread));
- pthread_setspecific (pkcs11_per_thread, cs);
-
- return CKR_OK;
-}
-
-static CK_RV
call_lookup (CallState **ret)
{
- CallState *cs;
+ CallState *cs = NULL;
CK_RV rv;
assert (ret);
- assert (pkcs11_per_thread);
+
+ pthread_mutex_lock (&call_state_mutex);
+
+ /* Pop one from the pool if possible */
+ if (call_state_pool != NULL) {
+ cs = call_state_pool;
+ call_state_pool = cs->next;
+ cs->next = NULL;
+ assert (n_call_state_pool > 0);
+ --n_call_state_pool;
+ }
+
+ pthread_mutex_unlock (&call_state_mutex);
- cs = pthread_getspecific (pkcs11_per_thread);
if (cs == NULL) {
- rv = call_create ();
- if (rv != CKR_OK)
- return rv;
-
- cs = pthread_getspecific (pkcs11_per_thread);
- assert (cs);
- }
+ cs = calloc(1, sizeof (CallState));
+ if (cs == NULL)
+ return CKR_HOST_MEMORY;
+ cs->socket = -1;
+ cs->call_status = CALL_INVALID;
- if (cs->call_status == CALL_INVALID) {
+ /* Try to connect the call */
rv = call_connect (cs);
- if (rv != CKR_OK)
+ if (rv != CKR_OK) {
+ free (cs);
return rv;
+ }
}
assert (cs->call_status == CALL_READY);
assert (cs->socket != -1);
+ assert (cs->next == NULL);
*ret = cs;
return CKR_OK;
}
@@ -503,19 +595,34 @@
if (gck_rpc_message_buffer_error (cs->resp)) {
warning (("invalid response from gnome-keyring-daemon: bad argument data"));
- return CKR_GENERAL_ERROR;
+ ret = CKR_GENERAL_ERROR;
+ } else {
+ /* Double check that the signature matched our decoding */
+ assert (gck_rpc_message_is_verified (cs->resp));
}
-
- /* Double check that the signature matched our decoding */
- assert (gck_rpc_message_is_verified (cs->resp));
}
}
- /* Some cleanup */
- if (cs->socket == -1)
- cs->call_status = CALL_INVALID;
- else
- cs->call_status = CALL_READY;
+ /* Certain error codes cause us to discard the conenction */
+ if (ret != CKR_DEVICE_ERROR && ret != CKR_DEVICE_REMOVED && cs->socket != -1) {
+
+ /* Try and stash it away for later use */
+ pthread_mutex_lock (&call_state_mutex);
+
+ if (n_call_state_pool < MAX_CALL_STATE_POOL) {
+ cs->call_status = CALL_READY;
+ assert (cs->next == NULL);
+ cs->next = call_state_pool;
+ call_state_pool = cs;
+ ++n_call_state_pool;
+ cs = NULL;
+ }
+
+ pthread_mutex_unlock (&call_state_mutex);
+ }
+
+ if (cs != NULL)
+ call_destroy (cs);
return ret;
}
@@ -527,7 +634,7 @@
static CK_RV
proto_read_attribute_array (GckRpcMessage *msg, CK_ATTRIBUTE_PTR arr, CK_ULONG len)
{
- uint32_t i, num, val;
+ uint32_t i, num, value, type;
CK_ATTRIBUTE_PTR attr;
const unsigned char *attrval;
size_t attrlen;
@@ -538,7 +645,7 @@
assert (msg);
/* Make sure this is in the right order */
- assert (!msg->signature || gck_rpc_message_verify_part (msg, "aA"));
+ assert (!msg->signature || gck_rpc_message_verify_part (msg, "aAu"));
/* Get the number of items. We need this value to be correct */
if (!gkr_buffer_get_uint32 (&msg->buffer, msg->parsed, &msg->parsed, &num))
@@ -564,16 +671,23 @@
/* The attribute type */
gkr_buffer_get_uint32 (&msg->buffer, msg->parsed,
- &msg->parsed, &val);
+ &msg->parsed, &type);
/* Attribute validity */
gkr_buffer_get_byte (&msg->buffer, msg->parsed,
&msg->parsed, &validity);
/* And the data itself */
- if (validity)
- gkr_buffer_get_byte_array (&msg->buffer, msg->parsed,
- &msg->parsed, &attrval, &attrlen);
+ if (validity) {
+ if (gkr_buffer_get_uint32 (&msg->buffer, msg->parsed, &msg->parsed, &value) &&
+ gkr_buffer_get_byte_array (&msg->buffer, msg->parsed, &msg->parsed, &attrval, &attrlen)) {
+ if (attrval && value != attrlen) {
+ warning (("attribute length does not match attribute data"));
+ return PARSE_ERROR;
+ }
+ attrlen = value;
+ }
+ }
/* Don't act on this data unless no errors */
if (gkr_buffer_has_error (&msg->buffer))
@@ -582,7 +696,10 @@
/* Try and stuff it in the output data */
if (arr) {
attr = &(arr[i]);
- attr->type = val;
+ if (attr->type != type) {
+ warning (("returned attributes in invalid order"));
+ return PARSE_ERROR;
+ }
if (validity) {
/* Just requesting the attribute size */
@@ -610,8 +727,15 @@
}
}
}
+
+ if (gkr_buffer_has_error (&msg->buffer))
+ return PARSE_ERROR;
+
+ /* Read in the code that goes along with these attributes */
+ if (!gkr_buffer_get_uint32 (&msg->buffer, msg->parsed, &msg->parsed, &num))
+ return PARSE_ERROR;
- return gkr_buffer_has_error (&msg->buffer) ? PARSE_ERROR : ret;
+ return (CK_RV)num;
}
static CK_RV
@@ -950,13 +1074,6 @@
if (_ret == CKR_OK && !gck_rpc_message_read_ulong (_cs->resp, val)) \
_ret = PARSE_ERROR;
-#define OUT_RETURN_CODE() { \
- CK_RV r; \
- _ret = gck_rpc_message_read_ulong (_cs->resp, (_ret == CKR_OK) ? &r : NULL); \
- if (_ret == CKR_OK) _ret = r; \
- if (_ret != CKR_OK) goto _cleanup; \
- }
-
#define OUT_BYTE_ARRAY(arr, len) \
if (len == NULL) \
_ret = CKR_ARGUMENTS_BAD; \
@@ -1024,7 +1141,6 @@
const char *path;
CallState *cs;
pid_t pid;
- int err;
debug (("C_Initialize: enter"));
@@ -1060,6 +1176,13 @@
ret = CKR_CANT_LOCK;
goto done;
}
+
+ /*
+ * We support setting the socket path and other arguments from from the
+ * pReserved pointer, similar to how NSS PKCS#11 components are initialized.
+ */
+ if (args->pReserved)
+ parse_arguments ((const char*)args->pReserved);
}
pid = getpid ();
@@ -1072,31 +1195,17 @@
goto done;
}
}
-
- /* Create the necessary per thread key */
- if (pkcs11_per_thread == 0) {
- err = pthread_key_create (&pkcs11_per_thread, call_destroy);
- if (err != 0) {
- ret = CKR_GENERAL_ERROR;
- goto done;
+
+ /* Lookup the socket path, append '.pkcs11' */
+ if (pkcs11_socket_path[0] == 0) {
+ pkcs11_socket_path[0] = 0;
+ path = getenv ("GNOME_KEYRING_SOCKET");
+ if (path && path[0]) {
+ snprintf (pkcs11_socket_path, sizeof (pkcs11_socket_path), "%s.pkcs11", path);
+ pkcs11_socket_path[sizeof (pkcs11_socket_path) - 1] = 0;
}
}
-#ifdef UNIMPLEMENTED
- path = gck_rpc_module_init (args);
- if (!path || !path[0]) {
- warning (("missing pkcs11 socket path in environment"));
- ret = CKR_GENERAL_ERROR;
- goto done;
- }
-#else
- /* TODO: Need to complete this code */
- path = "";
-#endif
-
- /* Make a copy of the socket path */
- snprintf (pkcs11_socket_path, sizeof (pkcs11_socket_path), "%s", path);
-
/* Call through and initialize the daemon */
ret = call_lookup (&cs);
if (ret == CKR_OK) {
@@ -1104,24 +1213,21 @@
if (ret == CKR_OK)
if (!gck_rpc_message_write_byte_array (cs->req, GCK_RPC_HANDSHAKE, GCK_RPC_HANDSHAKE_LEN))
ret = CKR_HOST_MEMORY;
- if (ret == CKR_OK) {
+ if (ret == CKR_OK)
ret = call_run (cs);
- if (ret == CKR_CRYPTOKI_ALREADY_INITIALIZED)
- ret = CKR_OK;
- }
call_done (cs, ret);
}
done:
- /* Mark us as officially initialized */
- if (ret == CKR_OK) {
- pkcs11_initialized = 1;
- pkcs11_initialized_pid = pid;
- } else if (ret != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
- pkcs11_initialized = 0;
- pkcs11_initialized_pid = 0;
- pkcs11_socket_path[0] = 0;
- }
+ /* Mark us as officially initialized */
+ if (ret == CKR_OK) {
+ pkcs11_initialized = 1;
+ pkcs11_initialized_pid = pid;
+ } else if (ret != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
+ pkcs11_initialized = 0;
+ pkcs11_initialized_pid = 0;
+ pkcs11_socket_path[0] = 0;
+ }
pthread_mutex_unlock (&init_mutex);
@@ -1471,7 +1577,6 @@
IN_ATTRIBUTE_BUFFER (template, count);
PROCESS_CALL;
OUT_ATTRIBUTE_ARRAY (template, count);
- OUT_RETURN_CODE ();
END_CALL;
}
Modified: trunk/pkcs11/rpc-layer/gck-rpc-private.h
==============================================================================
--- trunk/pkcs11/rpc-layer/gck-rpc-private.h (original)
+++ trunk/pkcs11/rpc-layer/gck-rpc-private.h Fri Jan 9 03:05:12 2009
@@ -35,7 +35,7 @@
/* Whether to print debug output or not */
-#define DEBUG_OUTPUT 1
+#define DEBUG_OUTPUT 0
/* The calls, must be in sync with array below */
@@ -168,7 +168,7 @@
{ GCK_RPC_CALL_C_FindObjectsInit, "C_FindObjectsInit", "uaA", "" },
{ GCK_RPC_CALL_C_FindObjects, "C_FindObjects", "ufu", "au" },
{ GCK_RPC_CALL_C_FindObjectsFinal, "C_FindObjectsFinal", "u", "" },
- { GCK_RPC_CALL_C_EncryptInit, "C_EncryptInit", "uMu" "" },
+ { GCK_RPC_CALL_C_EncryptInit, "C_EncryptInit", "uMu", "" },
{ GCK_RPC_CALL_C_Encrypt, "C_Encrypt", "uayfy", "ay" },
{ GCK_RPC_CALL_C_EncryptUpdate, "C_EncryptUpdate", "uayfy", "ay" },
{ GCK_RPC_CALL_C_EncryptFinal, "C_EncryptFinal", "ufy", "ay" },
@@ -242,7 +242,7 @@
int gck_rpc_message_equals (GckRpcMessage *m1,
GckRpcMessage *m2);
-#define gck_rpc_message_is_verified(msg) ((msg)->sigverify[0] == 0)
+#define gck_rpc_message_is_verified(msg) (!(msg)->sigverify || (msg)->sigverify[0] == 0)
#define gck_rpc_message_buffer_error(msg) (gkr_buffer_has_error(&(msg)->buffer))
Modified: trunk/pkcs11/ssh-agent/Makefile.am
==============================================================================
--- trunk/pkcs11/ssh-agent/Makefile.am (original)
+++ trunk/pkcs11/ssh-agent/Makefile.am Fri Jan 9 03:05:12 2009
@@ -31,7 +31,7 @@
gck_ssh_agent_standalone_LDADD = \
libgck-ssh-agent.la \
$(top_builddir)/gp11/libgp11.la \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-buffer.la \
$(GOBJECT_LIBS) \
$(GTHREAD_LIBS) \
$(LIBGCRYPT_LIBS) \
Modified: trunk/pkcs11/ssh-store/Makefile.am
==============================================================================
--- trunk/pkcs11/ssh-store/Makefile.am (original)
+++ trunk/pkcs11/ssh-store/Makefile.am Fri Jan 9 03:05:12 2009
@@ -39,7 +39,8 @@
gck_ssh_store_standalone_la_LIBADD = \
libgck-ssh-store.la \
$(top_builddir)/pkcs11/gck/libgck.la \
- $(top_builddir)/common/libgkr-module-common.la \
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-secure.la \
$(GOBJECT_LIBS) \
$(GTHREAD_LIBS) \
$(GLIB_LIBS) \
Modified: trunk/pkcs11/ssh-store/tests/Makefile.am
==============================================================================
--- trunk/pkcs11/ssh-store/tests/Makefile.am (original)
+++ trunk/pkcs11/ssh-store/tests/Makefile.am Fri Jan 9 03:05:12 2009
@@ -6,7 +6,8 @@
UNIT_LIBS = \
$(top_builddir)/pkcs11/ssh-store/libgck-ssh-store.la \
$(top_builddir)/pkcs11/gck/libgck.la \
- $(top_builddir)/common/libgkr-module-common.la
+ $(top_builddir)/common/libgkr-common-buffer.la \
+ $(top_builddir)/common/libgkr-common-secure.la
include $(top_srcdir)/tests/gtest.make
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
