Bug 203866. Make unloaded modules visible for administrative purposes.

sr=wtc r=nelson


git-svn-id: svn://10.0.0.236/trunk@147840 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/nss/lib/pk11wrap/pk11pars.c

@@ -109,10 +109,13 @@ secmod_NewModule(void)
  * for 3.4 we continue to use the old SECMODModule structure
  */
 SECMODModule *
-SECMOD_CreateModule(char *library, char *moduleName, char *parameters, char *nss)
+SECMOD_CreateModule(const char *library, const char *moduleName, 
+				const char *parameters, const char *nss)
 {
     SECMODModule *mod = secmod_NewModule();
     char *slotParams,*ciphers;
+    /* pk11pars.h still does not have const char * interfaces */
+    char *nssc = (char *)nss;
     if (mod == NULL) return NULL;
 
     mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : "");
@@ -123,25 +126,25 @@ SECMOD_CreateModule(char *library, char *moduleName, char *parameters, char *nss
     if (parameters) {
 	mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
     }
-    mod->internal = pk11_argHasFlag("flags","internal",nss);
-    mod->isFIPS = pk11_argHasFlag("flags","FIPS",nss);
-    mod->isCritical = pk11_argHasFlag("flags","critical",nss);
-    slotParams = pk11_argGetParamValue("slotParams",nss);
+    mod->internal = pk11_argHasFlag("flags","internal",nssc);
+    mod->isFIPS = pk11_argHasFlag("flags","FIPS",nssc);
+    mod->isCritical = pk11_argHasFlag("flags","critical",nssc);
+    slotParams = pk11_argGetParamValue("slotParams",nssc);
     mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
 							&mod->slotInfoCount);
     if (slotParams) PORT_Free(slotParams);
     /* new field */
-    mod->trustOrder = pk11_argReadLong("trustOrder",nss,
+    mod->trustOrder = pk11_argReadLong("trustOrder",nssc,
 						PK11_DEFAULT_TRUST_ORDER,NULL);
     /* new field */
-    mod->cipherOrder = pk11_argReadLong("cipherOrder",nss,
+    mod->cipherOrder = pk11_argReadLong("cipherOrder",nssc,
 						PK11_DEFAULT_CIPHER_ORDER,NULL);
     /* new field */
-    mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nss);
-    mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nss);
+    mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nssc);
+    mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nssc);
     if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
 
-    ciphers = pk11_argGetParamValue("ciphers",nss);
+    ciphers = pk11_argGetParamValue("ciphers",nssc);
     pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
     if (ciphers) PORT_Free(ciphers);
 
@@ -301,6 +304,12 @@ SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
     if (moduleName) PORT_Free(moduleName);
     if (parameters) PORT_Free(parameters);
     if (nss) PORT_Free(nss);
+    if (!module) {
+	goto loser;
+    }
+    if (parent) {
+    	module->parent = SECMOD_ReferenceModule(parent);
+    }
 
     /* load it */
     rv = SECMOD_LoadPKCS11Module(module);
@@ -333,9 +342,6 @@ SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
 	goto loser;
     }
 
-    if (parent) {
-    	module->parent = SECMOD_ReferenceModule(parent);
-    }
 
     /* inherit the reference */
     if (!module->moduleDBOnly) {

mozilla/security/nss/lib/pk11wrap/pk11util.c

@@ -182,6 +182,8 @@ SECMOD_AddModuleToUnloadList(SECMODModule *newModule) {
  * get the list of PKCS11 modules that are available.
  */
 SECMODModuleList *SECMOD_GetDefaultModuleList() { return modules; }
+SECMODModuleList *SECMOD_GetDeadModuleList() { return modulesUnload; }
+SECMODModuleList *SECMOD_GetDBModuleList() { return modulesDB; }
 SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; }
 
 
@@ -190,7 +192,7 @@ SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; }
  * find a module by name, and add a reference to it.
  * return that module.
  */
-SECMODModule *SECMOD_FindModule(char *name) {
+SECMODModule *SECMOD_FindModule(const char *name) {
     SECMODModuleList *mlp;
     SECMODModule *module = NULL;
 
@@ -202,6 +204,18 @@ SECMODModule *SECMOD_FindModule(char *name) {
 	    break;
 	}
     }
+    if (module) {
+	goto found;
+    }
+    for(mlp = modulesUnload; mlp != NULL; mlp = mlp->next) {
+	if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
+	    module = mlp->module;
+	    SECMOD_ReferenceModule(module);
+	    break;
+	}
+    }
+
+found:
     SECMOD_ReleaseReadLock(moduleLock);
 
     return module;
@@ -256,16 +270,17 @@ PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) {
  * optionally remove it from secmod.db.
  */
 SECStatus
-SECMOD_DeleteModuleEx(char *name, SECMODModule *mod, int *type, PRBool permdb) {
+SECMOD_DeleteModuleEx(const char *name, SECMODModule *mod, 
+						int *type, PRBool permdb) 
+{
     SECMODModuleList *mlp;
     SECMODModuleList **mlpp;
     SECStatus rv = SECFailure;
 
-
     *type = SECMOD_EXTERNAL;
 
     SECMOD_GetWriteLock(moduleLock);
-    for(mlpp = &modules,mlp = modules; 
+    for (mlpp = &modules,mlp = modules; 
 				mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
 	if ((name && (PORT_Strcmp(name,mlp->module->commonName) == 0)) ||
 							mod == mlp->module) {
@@ -282,6 +297,27 @@ SECMOD_DeleteModuleEx(char *name, SECMODModule *mod, int *type, PRBool permdb) {
 	    break;
 	}
     }
+    if (mlp) {
+	goto found;
+    }
+    /* not on the internal list, check the unload list */
+    for (mlpp = &modulesUnload,mlp = modulesUnload; 
+				mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
+	if ((name && (PORT_Strcmp(name,mlp->module->commonName) == 0)) ||
+							mod == mlp->module) {
+	    /* don't delete the internal module */
+	    if (!mlp->module->internal) {
+		SECMOD_RemoveList(mlpp,mlp);
+		rv = SECSuccess;
+	    } else if (mlp->module->isFIPS) {
+		*type = SECMOD_FIPS;
+	    } else {
+		*type = SECMOD_INTERNAL;
+	    }
+	    break;
+	}
+    }
+found:
     SECMOD_ReleaseWriteLock(moduleLock);
 
 
@@ -298,7 +334,7 @@ SECMOD_DeleteModuleEx(char *name, SECMODModule *mod, int *type, PRBool permdb) {
  * find a module by name and delete it off the module list
  */
 SECStatus
-SECMOD_DeleteModule(char *name, int *type) {
+SECMOD_DeleteModule(const char *name, int *type) {
     return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE);
 }
 
@@ -306,7 +342,7 @@ SECMOD_DeleteModule(char *name, int *type) {
  * find a module by name and delete it off the module list
  */
 SECStatus
-SECMOD_DeleteInternalModule(char *name) {
+SECMOD_DeleteInternalModule(const char *name) {
     SECMODModuleList *mlp;
     SECMODModuleList **mlpp;
     SECStatus rv = SECFailure;
@@ -410,7 +446,7 @@ SECMOD_AddModule(SECMODModule *newModule) {
     return rv;
 }
 
-PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name) {
+PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name) {
     int i;
     char *string;
 
@@ -461,7 +497,7 @@ PK11_IsFIPS(void)
 /* combines NewModule() & AddModule */
 /* give a string for the module name & the full-path for the dll, */
 /* installs the PKCS11 module & update registry */
-SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
+SECStatus SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath,
                               unsigned long defaultMechanismFlags,
                               unsigned long cipherEnableFlags,
                               char* modparms,
@@ -473,7 +509,7 @@ SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
 
     PR_SetErrorText(0, NULL);
 
-    module = SECMOD_CreateModule(dllPath,moduleName, modparms, nssparms);
+    module = SECMOD_CreateModule(dllPath, moduleName, modparms, nssparms);
 
     if (module == NULL) {
 	return result;
@@ -514,7 +550,7 @@ SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
     return result;
 }
 
-SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
+SECStatus SECMOD_AddNewModule(const char* moduleName, const char* dllPath,
                               unsigned long defaultMechanismFlags,
                               unsigned long cipherEnableFlags)
 {

mozilla/security/nss/lib/pk11wrap/secmod.h

@@ -89,8 +89,8 @@ extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent
 
 SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
 
-SECMODModule * SECMOD_CreateModule(char *lib, char *name, char *param, 
-								char *nss);
+SECMODModule * SECMOD_CreateModule(const char *lib, const char *name,
+					const char *param, const char *nss);
 extern SECStatus SECMOD_Shutdown(void);
 void nss_DumpModuleLog(void);
 
@@ -101,7 +101,14 @@ SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
 
  
 /* protoypes */
-extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
+/* Get a list of active PKCS #11 modules */
+extern SECMODModuleList *SECMOD_GetDefaultModuleList(void); 
+/* Get a list of defined but not loaded PKCS #11 modules */
+extern SECMODModuleList *SECMOD_GetDeadModuleList(void);
+/* Get a list of Modules which define PKCS #11 modules to load */
+extern SECMODModuleList *SECMOD_GetDBModuleList(void);
+
+/* lock to protect all three module lists above */
 extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
 
 extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
@@ -115,14 +122,14 @@ extern void SECMOD_GetWriteLock(SECMODListLock *);
 extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
 
 /* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModule(char *name);
-extern SECStatus SECMOD_DeleteModule(char *name, int *type);
-extern SECStatus SECMOD_DeleteInternalModule(char *name);
+extern SECMODModule *SECMOD_FindModule(const char *name);
+extern SECStatus SECMOD_DeleteModule(const char *name, int *type);
+extern SECStatus SECMOD_DeleteInternalModule(const char *name);
 extern PRBool SECMOD_CanDeleteInternalModule(void);
-extern SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
+extern SECStatus SECMOD_AddNewModule(const char* moduleName, char* dllPath,
                               unsigned long defaultMechanismFlags,
                               unsigned long cipherEnableFlags);
-extern SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
+extern SECStatus SECMOD_AddNewModuleEx(const char* moduleName, char* dllPath,
                               unsigned long defaultMechanismFlags,
                               unsigned long cipherEnableFlags,
                               char* modparms,
@@ -134,7 +141,7 @@ extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
 extern void SECMOD_DestroyModule(SECMODModule *module);
 extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
 							unsigned long slotID);
-extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name);
+extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name);
 
 /* Funtion reports true if at least one of the modules */
 /* of modType has been installed */

mozilla/security/nss/lib/pk11wrap/secmodi.h

@@ -76,7 +76,7 @@ extern SECMODModuleList *SECMOD_NewModuleListElement(void);
 extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
 extern void SECMOD_DestroyModuleList(SECMODModuleList *);
 extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
-SECStatus SECMOD_DeleteModuleEx(char * name, SECMODModule *mod, int *type, PRBool permdb);
+SECStatus SECMOD_DeleteModuleEx(const char * name, SECMODModule *mod, int *type, PRBool permdb);
 
 extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
 extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);