[gnome-settings-daemon/gnome-3-22] smartcard: use NSS_InitContext instead of NSS_Initialize
- From: Bastien Nocera <hadess src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-settings-daemon/gnome-3-22] smartcard: use NSS_InitContext instead of NSS_Initialize
- Date: Wed, 11 Jan 2017 13:27:14 +0000 (UTC)
commit 347b87256291420507b12345d203a49e9caaa6bf
Author: Ray Strode <rstrode redhat com>
Date: Tue Jun 16 09:45:46 2015 -0400
smartcard: use NSS_InitContext instead of NSS_Initialize
NSS_Initialize is a noop if called multiple times. We
currently call NSS_Initialize twice in gnome-settings-daemon.
Once by NMClient and once by the smartcard plugin. NMClient
does it first, and it does it without initializing the secmod
database. When the smartcard plugin tries to initialize NSS
with the secmod database later, it's call is turned to a noop.
This commit changes the smartcard plugin to use NSS_InitContext
instead, which can properly handle being initialized multiple
times with different configurations. See:
https://wiki.mozilla.org/NSS_Library_Init
https://bugzilla.gnome.org/show_bug.cgi?id=751040
plugins/smartcard/gsd-smartcard-manager.c | 28 ++++++++++++++++++----------
1 files changed, 18 insertions(+), 10 deletions(-)
---
diff --git a/plugins/smartcard/gsd-smartcard-manager.c b/plugins/smartcard/gsd-smartcard-manager.c
index 5300965..31551c7 100644
--- a/plugins/smartcard/gsd-smartcard-manager.c
+++ b/plugins/smartcard/gsd-smartcard-manager.c
@@ -54,7 +54,7 @@ struct GsdSmartcardManagerPrivate
GSettings *settings;
- guint32 nss_is_loaded : 1;
+ NSSInitContext *nss_context;
};
#define CONF_SCHEMA "org.gnome.settings-daemon.peripherals.smartcard"
@@ -93,7 +93,14 @@ static void
load_nss (GsdSmartcardManager *self)
{
GsdSmartcardManagerPrivate *priv = self->priv;
- SECStatus status = SECSuccess;
+ NSSInitContext *context = NULL;
+
+ /* The first field in the NSSInitParameters structure
+ * is the size of the structure. NSS requires this, so
+ * that it can change the size of the structure in future
+ * versions of NSS in a detectable way
+ */
+ NSSInitParameters parameters = { sizeof (parameters), };
static const guint32 flags = NSS_INIT_READONLY
| NSS_INIT_FORCEOPEN
| NSS_INIT_NOROOTINIT
@@ -105,10 +112,10 @@ load_nss (GsdSmartcardManager *self)
PR_Init (PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
- status = NSS_Initialize (GSD_SMARTCARD_MANAGER_NSS_DB,
- "", "", SECMOD_DB, flags);
+ context = NSS_InitContext (GSD_SMARTCARD_MANAGER_NSS_DB,
+ "", "", SECMOD_DB, ¶meters, flags);
- if (status != SECSuccess) {
+ if (context == NULL) {
gsize error_message_size;
char *error_message;
@@ -123,13 +130,14 @@ load_nss (GsdSmartcardManager *self)
g_debug ("NSS security system could not be initialized - %s",
error_message);
}
- priv->nss_is_loaded = FALSE;
+
+ priv->nss_context = NULL;
return;
}
g_debug ("NSS database '%s' loaded", GSD_SMARTCARD_MANAGER_NSS_DB);
- priv->nss_is_loaded = TRUE;
+ priv->nss_context = context;
}
static void
@@ -138,9 +146,9 @@ unload_nss (GsdSmartcardManager *self)
g_debug ("attempting to unload NSS security system with database '%s'",
GSD_SMARTCARD_MANAGER_NSS_DB);
- if (self->priv->nss_is_loaded) {
- NSS_Shutdown ();
- self->priv->nss_is_loaded = FALSE;
+ if (self->priv->nss_context != NULL) {
+ g_clear_pointer (&self->priv->nss_context,
+ NSS_ShutdownContext);
g_debug ("NSS database '%s' unloaded", GSD_SMARTCARD_MANAGER_NSS_DB);
} else {
g_debug ("NSS database '%s' already not loaded", GSD_SMARTCARD_MANAGER_NSS_DB);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
