diff options
author | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-08-08 23:48:12 +0000 |
---|---|---|
committer | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-08-08 23:48:12 +0000 |
commit | b5b8633b1f39d319f506b4b4cf70288aae1dce8d (patch) | |
tree | eadf68051ce3ab92b86b17aeadbe5632531ba38b /security/nss/cmd/tstclnt | |
parent | 65db7d3655e1c3c06686aa4118ce0f77fda083b6 (diff) | |
download | nss-hg-b5b8633b1f39d319f506b4b4cf70288aae1dce8d.tar.gz |
Fix for bug 423839 . Add multiple PKCS#11 token password command-line option to NSS tools. r=nelson
Diffstat (limited to 'security/nss/cmd/tstclnt')
-rw-r--r-- | security/nss/cmd/tstclnt/tstclnt.c | 48 |
1 files changed, 16 insertions, 32 deletions
diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c index 6377c0236..24c57e787 100644 --- a/security/nss/cmd/tstclnt/tstclnt.c +++ b/security/nss/cmd/tstclnt/tstclnt.c @@ -38,7 +38,7 @@ /* ** -** Sample client side test program that uses SSL and libsec +** Sample client side test program that uses SSL and NSS ** */ @@ -126,20 +126,7 @@ int renegotiate = 0; static char *progName; -/* This exists only for the automated test suite. It allows us to - * pass in a password on the command line. - */ - -char *password = NULL; - -char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg) -{ - char *passwd = NULL; - if ( (!retry) && arg ) { - passwd = PL_strdup((char *)arg); - } - return passwd; -} +secuPWData pwdata = { PW_NONE, 0 }; void printSecurityInfo(PRFileDesc *fd) { @@ -203,7 +190,7 @@ static void Usage(const char *progName) { fprintf(stderr, "Usage: %s -h host [-p port] [-d certdir] [-n nickname] [-23BTfosvxr] \n" -" [-c ciphers] [-w passwd] [-q]\n", progName); +" [-c ciphers] [-w passwd] [-W pwfile] [-q]\n", progName); fprintf(stderr, "%-20s Hostname to connect with\n", "-h host"); fprintf(stderr, "%-20s Port number for SSL server\n", "-p port"); fprintf(stderr, @@ -523,7 +510,6 @@ int main(int argc, char **argv) PRSocketOptionData opt; PRNetAddr addr; PRPollDesc pollset[2]; - PRBool useCommandLinePassword = PR_FALSE; PRBool pingServerFirst = PR_FALSE; PRBool clientSpeaksFirst = PR_FALSE; PRBool wrStarted = PR_FALSE; @@ -548,7 +534,7 @@ int main(int argc, char **argv) } } - optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:x"); + optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xW:"); while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { case '?': @@ -594,11 +580,16 @@ int main(int argc, char **argv) case 'r': renegotiate = atoi(optstate->value); break; - case 'w': - password = PORT_Strdup(optstate->value); - useCommandLinePassword = PR_TRUE; + case 'w': + pwdata.source = PW_PLAINTEXT; + pwdata.data = PORT_Strdup(optstate->value); break; + case 'W': + pwdata.source = PW_FROMFILE; + pwdata.data = PORT_Strdup(optstate->value); + break; + case 'x': useExportPolicy = 1; break; } } @@ -613,12 +604,7 @@ int main(int argc, char **argv) PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - /* set our password function */ - if ( useCommandLinePassword ) { - PK11_SetPasswordFunc(ownPasswd); - } else { - PK11_SetPasswordFunc(SECU_GetModulePassword); - } + PK11_SetPasswordFunc(SECU_GetModulePassword); /* open the cert DB, the key DB, and the secmod DB. */ if (!certDir) { @@ -843,9 +829,7 @@ int main(int argc, char **argv) return 1; } - if (useCommandLinePassword) { - SSL_SetPKCS11PinArg(s, password); - } + SSL_SetPKCS11PinArg(s, &pwdata); SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); if (override) { @@ -1064,8 +1048,8 @@ int main(int argc, char **argv) if (nickname) { PORT_Free(nickname); } - if (password) { - PORT_Free(password); + if (pwdata.data) { + PORT_Free(pwdata.data); } PORT_Free(host); |