Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 470500. Detect attempts to use NSS slots and modules when NSS is not

Browse Source 
initialized.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@257504 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
nelson%bolyard.com 2009-06-16 06:15:23 +00:00
parent 480512ae6e
commit 079ddf9967
3 changed files with 100 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mozilla/security/nss/lib/pk11wrap/pk11auth.c
View File

@ -630,7 +630,7 @@ PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
void PK11_LogoutAll(void)
{
SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
SECMODModuleList *modList = SECMOD_GetDefaultModuleList();
SECMODModuleList *modList;
SECMODModuleList *mlp = NULL;
int i;
@ -640,6 +640,7 @@ void PK11_LogoutAll(void)
}
SECMOD_GetReadLock(lock);
modList = SECMOD_GetDefaultModuleList();
/* find the number of entries */
for (mlp = modList; mlp != NULL; mlp = mlp->next) {
for (i=0; i < mlp->module->slotCount; i++) {

60
mozilla/security/nss/lib/pk11wrap/pk11slot.c
View File

@ -482,13 +482,19 @@ PRBool
SECMOD_HasRootCerts(void)
{
SECMODModuleList *mlp;
SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
SECMODModuleList *modules;
SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
int i;
PRBool found = PR_FALSE;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return found;
}
/* work through all the slots */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
for (i=0; i < mlp->module->slotCount; i++) {
PK11SlotInfo *tmpSlot = mlp->module->slots[i];
@ -514,17 +520,22 @@ PK11_FindSlotsByNames(const char *dllName, const char* slotName,
const char* tokenName, PRBool presentOnly)
{
SECMODModuleList *mlp;
SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
SECMODModuleList *modules;
SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
int i;
PK11SlotList* slotList = NULL;
PRUint32 slotcount = 0;
SECStatus rv = SECSuccess;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return slotList;
}
slotList = PK11_NewSlotList();
if (!slotList) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return NULL;
return slotList;
}
if ( ((NULL == dllName) || (0 == *dllName)) &&
@ -537,6 +548,7 @@ PK11_FindSlotsByNames(const char *dllName, const char* slotName,
/* work through all the slots */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for (mlp = modules; mlp != NULL; mlp = mlp->next) {
PORT_Assert(mlp->module);
if (!mlp->module) {
@ -584,17 +596,22 @@ PK11SlotInfo *
PK11_FindSlotByName(const char *name)
{
SECMODModuleList *mlp;
SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
SECMODModuleList *modules;
SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
int i;
PK11SlotInfo *slot = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return slot;
}
if ((name == NULL) || (*name == 0)) {
return PK11_GetInternalKeySlot();
}
/* work through all the slots */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
for (i=0; i < mlp->module->slotCount; i++) {
PK11SlotInfo *tmpSlot = mlp->module->slots[i];
@ -621,13 +638,18 @@ PK11SlotInfo *
PK11_FindSlotBySerial(char *serial)
{
SECMODModuleList *mlp;
SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
SECMODModuleList *modules;
SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
int i;
PK11SlotInfo *slot = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return slot;
}
/* work through all the slots */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
for (i=0; i < mlp->module->slotCount; i++) {
PK11SlotInfo *tmpSlot = mlp->module->slots[i];
@ -1722,12 +1744,16 @@ PRBool
PK11_TokenExists(CK_MECHANISM_TYPE type)
{
SECMODModuleList *mlp;
SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
SECMODModuleList *modules;
SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
PK11SlotInfo *slot;
PRBool found = PR_FALSE;
int i;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return found;
}
/* we only need to know if there is a token that does this mechanism.
* check the internal module first because it's fast, and supports
* almost everything. */
@ -1739,6 +1765,7 @@ PK11_TokenExists(CK_MECHANISM_TYPE type)
if (found) return PR_TRUE; /* bypass getting module locks */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for(mlp = modules; mlp != NULL && (!found); mlp = mlp->next) {
for (i=0; i < mlp->module->slotCount; i++) {
slot = mlp->module->slots[i];
@ -1764,18 +1791,27 @@ PK11SlotList *
PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
void *wincx)
{
PK11SlotList * list = PK11_NewSlotList();
PK11SlotList * loginList = PK11_NewSlotList();
PK11SlotList * friendlyList = PK11_NewSlotList();
PK11SlotList * list;
PK11SlotList * loginList;
PK11SlotList * friendlyList;
SECMODModuleList * mlp;
SECMODModuleList * modules = SECMOD_GetDefaultModuleList();
SECMODListLock * moduleLock = SECMOD_GetDefaultModuleListLock();
SECMODModuleList * modules;
SECMODListLock * moduleLock;
int i;
#if defined( XP_WIN32 )
int j = 0;
PRInt32 waste[16];
#endif
moduleLock = SECMOD_GetDefaultModuleListLock();
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return NULL;
}
list = PK11_NewSlotList();
loginList = PK11_NewSlotList();
friendlyList = PK11_NewSlotList();
if ((list == NULL) || (loginList == NULL) || (friendlyList == NULL)) {
if (list) PK11_FreeSlotList(list);
if (loginList) PK11_FreeSlotList(loginList);
@ -1784,6 +1820,8 @@ PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
}
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
#if defined( XP_WIN32 )

52
mozilla/security/nss/lib/pk11wrap/pk11util.c
View File

@ -223,6 +223,10 @@ SECMOD_FindModule(const char *name)
SECMODModuleList *mlp;
SECMODModule *module = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return module;
}
SECMOD_GetReadLock(moduleLock);
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
@ -258,6 +262,10 @@ SECMOD_FindModuleByID(SECMODModuleID id)
SECMODModuleList *mlp;
SECMODModule *module = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return module;
}
SECMOD_GetReadLock(moduleLock);
for(mlp = modules; mlp != NULL; mlp = mlp->next) {
if (id == mlp->module->moduleID) {
@ -282,6 +290,10 @@ SECMOD_FindSlotByID(SECMODModule *module, CK_SLOT_ID slotID)
int i;
PK11SlotInfo *slot = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return slot;
}
SECMOD_GetReadLock(moduleLock);
for (i=0; i < module->slotCount; i++) {
PK11SlotInfo *cSlot = module->slots[i];
@ -329,6 +341,11 @@ SECMOD_DeleteModuleEx(const char *name, SECMODModule *mod,
SECMODModuleList **mlpp;
SECStatus rv = SECFailure;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return rv;
}
*type = SECMOD_EXTERNAL;
SECMOD_GetWriteLock(moduleLock);
@ -405,6 +422,10 @@ SECMOD_DeleteInternalModule(const char *name)
PORT_SetError(SEC_ERROR_MODULE_STUCK);
return rv;
}
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return rv;
}
SECMOD_GetWriteLock(moduleLock);
for(mlpp = &modules,mlp = modules;
@ -508,6 +529,10 @@ SECMOD_FindSlot(SECMODModule *module,const char *name)
char *string;
PK11SlotInfo *retSlot = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return retSlot;
}
SECMOD_GetReadLock(moduleLock);
for (i=0; i < module->slotCount; i++) {
PK11SlotInfo *slot = module->slots[i];
@ -574,6 +599,10 @@ SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath,
PK11SlotInfo* slot;
PR_SetErrorText(0, NULL);
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return result;
}
module = SECMOD_CreateModule(dllPath, moduleName, modparms, nssparms);
@ -693,10 +722,14 @@ PRBool
SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags )
{
PRBool result = PR_FALSE;
SECMODModuleList *mods = SECMOD_GetDefaultModuleList();
SECMODModuleList *mods;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return result;
}
SECMOD_GetReadLock(moduleLock);
mods = SECMOD_GetDefaultModuleList();
for ( ; mods != NULL; mods = mods->next) {
if (mods->module->ssl[0] &
SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) {
@ -867,6 +900,11 @@ SECMOD_UpdateSlotList(SECMODModule *mod)
PK11SlotInfo **newSlots = NULL;
PK11SlotInfo **oldSlots = NULL;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return SECFailure;
}
/* C_GetSlotList is not a session function, make sure
* calls are serialized */
PZ_Lock(mod->refLock);
@ -988,6 +1026,10 @@ secmod_HandleWaitForSlotEvent(SECMODModule *mod, unsigned long flags,
int i;
int error = SEC_ERROR_NO_EVENT;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return NULL;
}
PZ_Lock(mod->refLock);
if (mod->evControlMask & SECMOD_END_WAIT) {
mod->evControlMask &= ~SECMOD_END_WAIT;
@ -1184,6 +1226,10 @@ SECMOD_HasRemovableSlots(SECMODModule *mod)
int i;
PRBool ret = PR_FALSE;
if (!moduleLock) {
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return ret;
}
SECMOD_GetReadLock(moduleLock);
for (i=0; i < mod->slotCount; i++) {
PK11SlotInfo *slot = mod->slots[i];