diff options
author | relyea%netscape.com <devnull@localhost> | 2002-03-04 22:39:28 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2002-03-04 22:39:28 +0000 |
commit | 68da74b2af40ebf29de89b047c84c7d184c8d2f7 (patch) | |
tree | 24364d9903620eb6acce45d3e826956053f0573a /security/nss | |
parent | b67ad60b7c5ed178ff43554ed8f5230e46aaed30 (diff) | |
download | nss-hg-68da74b2af40ebf29de89b047c84c7d184c8d2f7.tar.gz |
Fix token/cert interactions:
1) don't have certs disappear because we have empty tokens.
2) Make sure the NSSToken structure has up-to-date nicknames.
Diffstat (limited to 'security/nss')
-rw-r--r-- | security/nss/lib/dev/devtoken.c | 4 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/dev3hack.c | 10 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/dev3hack.h | 3 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11slot.c | 3 | ||||
-rw-r--r-- | security/nss/lib/pki/pki3hack.c | 6 |
5 files changed, 22 insertions, 4 deletions
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c index cdd0fc9ac..cc5709a4b 100644 --- a/security/nss/lib/dev/devtoken.c +++ b/security/nss/lib/dev/devtoken.c @@ -167,12 +167,14 @@ nssToken_Destroy if (tok->defaultSession) { nssSession_Destroy(tok->defaultSession); } -#endif if (tok->arena) { return NSSArena_Destroy(tok->arena); } else { nss_ZFreeIf(tok); } +#else + nss_ZFreeIf(tok); +#endif } return PR_SUCCESS; } diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c index 742335c9d..0cbd686aa 100644 --- a/security/nss/lib/pk11wrap/dev3hack.c +++ b/security/nss/lib/pk11wrap/dev3hack.c @@ -151,9 +151,19 @@ nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot) rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot); rvToken->slot->token = rvToken; rvToken->defaultSession->slot = rvToken->slot; + rvToken->arena = td->arena; return rvToken; } +NSS_IMPLEMENT void +nssToken_UpdateName(NSSToken *token) +{ + if (!token) { + return; + } + token->name = nssUTF8_Duplicate(token->pk11slot->token_name,token->arena); +} + NSS_IMPLEMENT PRBool nssSlot_IsPermanent ( diff --git a/security/nss/lib/pk11wrap/dev3hack.h b/security/nss/lib/pk11wrap/dev3hack.h index 0f096e3e8..ae5b2fac5 100644 --- a/security/nss/lib/pk11wrap/dev3hack.h +++ b/security/nss/lib/pk11wrap/dev3hack.h @@ -45,6 +45,9 @@ PR_BEGIN_EXTERN_C NSS_EXTERN NSSToken * nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot); +NSS_EXTERN void +nssToken_UpdateName(NSSToken *); + NSSTrustDomain * nssToken_GetTrustDomain(NSSToken *token); diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c index c3839594e..136789fb6 100644 --- a/security/nss/lib/pk11wrap/pk11slot.c +++ b/security/nss/lib/pk11wrap/pk11slot.c @@ -447,6 +447,7 @@ PK11_NewSlotInfo(void) slot->minPassword = 0; slot->maxPassword = 0; slot->hasRootCerts = PR_FALSE; + slot->nssToken = NULL; return slot; } @@ -1721,6 +1722,8 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) slot->maxPassword = tokenInfo.ulMaxPinLen; PORT_Memcpy(slot->serial,tokenInfo.serialNumber,sizeof(slot->serial)); + nssToken_UpdateName(slot->nssToken); + slot->defRWSession = (PRBool)((!slot->readOnly) && (tokenInfo.ulMaxSessionCount == 1)); rv = PK11_ReadMechanismList(slot); diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c index 1df51b1e1..351e1742e 100644 --- a/security/nss/lib/pki/pki3hack.c +++ b/security/nss/lib/pki/pki3hack.c @@ -185,10 +185,10 @@ destroy_token_certs(nssList *certList, NSSToken *token, PRBool renewInstances) cert = (NSSCertificate *)nssListIterator_Next(certs)) { removeIt = instance_destructor(cert, token); - if (removeIt || !renewInstances) { + if (removeIt) { nssList_Remove(certList, cert); CERT_DestroyCertificate(STAN_GetCERTCertificate(cert)); - } else { + } else if (renewInstances) { /* force an update of the nickname and slot fields of the cert */ (void)stan_GetCERTCertificate(cert, PR_TRUE); } @@ -200,7 +200,7 @@ destroy_token_certs(nssList *certList, NSSToken *token, PRBool renewInstances) NSS_IMPLEMENT void nssCertificateList_DestroyTokenCerts(nssList *certList, NSSToken *token) { - destroy_token_certs(certList, token, PR_FALSE); + destroy_token_certs(certList, token, PR_TRUE); } NSS_IMPLEMENT void |