1 files changed, 296 insertions, 0 deletions
diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c
new file mode 100644
index 000000000..4ba45bfc2
--- /dev/null
+++ b/security/nss/lib/dev/devslot.c
@@ -0,0 +1,296 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#ifdef DEBUG
+static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$";
+#endif /* DEBUG */
+
+#ifndef NSSCKEPV_H
+#include "nssckepv.h"
+#endif /* NSSCKEPV_H */
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#ifndef CKHELPER_H
+#include "ckhelper.h"
+#endif /* CKHELPER_H */
+
+#include "pk11pub.h"
+
+/* measured in seconds */
+#define NSSSLOT_TOKEN_DELAY_TIME 1
+
+/* this should track global and per-transaction login information */
+
+#define NSSSLOT_IS_FRIENDLY(slot) \
+  (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
+
+/* measured as interval */
+static PRIntervalTime s_token_delay_time = 0;
+
+/* The flags needed to open a read-only session. */
+static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
+
+NSS_IMPLEMENT PRStatus
+nssSlot_Destroy (
+  NSSSlot *slot
+)
+{
+    if (slot) {
+	if (PR_AtomicDecrement(&slot->base.refCount) == 0) {
+	    PZ_DestroyLock(slot->base.lock);
+	    return nssArena_Destroy(slot->base.arena);
+	}
+    }
+    return PR_SUCCESS;
+}
+
+void
+nssSlot_EnterMonitor(NSSSlot *slot)
+{
+    if (slot->lock) {
+	PZ_Lock(slot->lock);
+    }
+}
+
+void
+nssSlot_ExitMonitor(NSSSlot *slot)
+{
+    if (slot->lock) {
+	PZ_Unlock(slot->lock);
+    }
+}
+
+NSS_IMPLEMENT void
+NSSSlot_Destroy (
+  NSSSlot *slot
+)
+{
+    (void)nssSlot_Destroy(slot);
+}
+
+NSS_IMPLEMENT NSSSlot *
+nssSlot_AddRef (
+  NSSSlot *slot
+)
+{
+    PR_AtomicIncrement(&slot->base.refCount);
+    return slot;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssSlot_GetName (
+  NSSSlot *slot
+)
+{
+    return slot->base.name;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssSlot_GetTokenName (
+  NSSSlot *slot
+)
+{
+    return nssToken_GetName(slot->token);
+}
+
+NSS_IMPLEMENT void
+nssSlot_ResetDelay (
+  NSSSlot *slot
+)
+{
+    slot->lastTokenPing = 0;
+}
+
+static PRBool
+within_token_delay_period(NSSSlot *slot)
+{
+    PRIntervalTime time, lastTime;
+    /* Set the delay time for checking the token presence */
+    if (s_token_delay_time == 0) {
+	s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
+    }
+    time = PR_IntervalNow();
+    lastTime = slot->lastTokenPing;
+    if ((lastTime) && ((time - lastTime) < s_token_delay_time)) {
+	return PR_TRUE;
+    }
+    slot->lastTokenPing = time;
+    return PR_FALSE;
+}
+
+NSS_IMPLEMENT PRBool
+nssSlot_IsTokenPresent (
+  NSSSlot *slot
+)
+{
+    CK_RV ckrv;
+    PRStatus nssrv;
+    /* XXX */
+    nssSession *session;
+    CK_SLOT_INFO slotInfo;
+    void *epv;
+    /* permanent slots are always present unless they're disabled */
+    if (nssSlot_IsPermanent(slot)) {
+	return !PK11_IsDisabled(slot->pk11slot);
+    }
+    /* avoid repeated calls to check token status within set interval */
+    if (within_token_delay_period(slot)) {
+	return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
+    }
+
+    /* First obtain the slot info */
+    epv = slot->epv;
+    if (!epv) {
+	return PR_FALSE;
+    }
+    nssSlot_EnterMonitor(slot);
+    ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
+    nssSlot_ExitMonitor(slot);
+    if (ckrv != CKR_OK) {
+	slot->token->base.name[0] = 0; /* XXX */
+	return PR_FALSE;
+    }
+    slot->ckFlags = slotInfo.flags;
+    /* check for the presence of the token */
+    if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
+	if (!slot->token) {
+	    /* token was never present */
+	    return PR_FALSE;
+	}
+	session = nssToken_GetDefaultSession(slot->token);
+	if (session) {
+	    nssSession_EnterMonitor(session);
+	    /* token is not present */
+	    if (session->handle != CK_INVALID_SESSION) {
+		/* session is valid, close and invalidate it */
+		CKAPI(epv)->C_CloseSession(session->handle);
+		session->handle = CK_INVALID_SESSION;
+	    }
+	    nssSession_ExitMonitor(session);
+	}
+	if (slot->token->base.name[0] != 0) {
+	    /* notify the high-level cache that the token is removed */
+	    slot->token->base.name[0] = 0; /* XXX */
+	    nssToken_NotifyCertsNotVisible(slot->token);
+	}
+	slot->token->base.name[0] = 0; /* XXX */
+	/* clear the token cache */
+	nssToken_Remove(slot->token);
+	return PR_FALSE;
+    }
+    /* token is present, use the session info to determine if the card
+     * has been removed and reinserted.
+     */
+    session = nssToken_GetDefaultSession(slot->token);
+    if (session) {
+	nssSession_EnterMonitor(session);
+	if (session->handle != CK_INVALID_SESSION) {
+	    CK_SESSION_INFO sessionInfo;
+	    ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
+	    if (ckrv != CKR_OK) {
+		/* session is screwy, close and invalidate it */
+		CKAPI(epv)->C_CloseSession(session->handle);
+		session->handle = CK_INVALID_SESSION;
+	    }
+	}
+	nssSession_ExitMonitor(session);
+	/* token not removed, finished */
+	if (session->handle != CK_INVALID_SESSION)
+	    return PR_TRUE;
+    } 
+    /* the token has been removed, and reinserted, or the slot contains
+     * a token it doesn't recognize. invalidate all the old
+     * information we had on this token, if we can't refresh, clear
+     * the present flag */
+    nssToken_NotifyCertsNotVisible(slot->token);
+    nssToken_Remove(slot->token);
+    /* token has been removed, need to refresh with new session */
+    nssrv = nssSlot_Refresh(slot);
+    if (nssrv != PR_SUCCESS) {
+        slot->token->base.name[0] = 0; /* XXX */
+        slot->ckFlags &= ~CKF_TOKEN_PRESENT;
+        return PR_FALSE;
+    }
+    return PR_TRUE;
+}
+
+NSS_IMPLEMENT void *
+nssSlot_GetCryptokiEPV (
+  NSSSlot *slot
+)
+{
+    return slot->epv;
+}
+
+NSS_IMPLEMENT NSSToken *
+nssSlot_GetToken (
+  NSSSlot *slot
+)
+{
+    if (nssSlot_IsTokenPresent(slot)) {
+	return nssToken_AddRef(slot->token);
+    }
+    return (NSSToken *)NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSession_EnterMonitor (
+  nssSession *s
+)
+{
+    if (s->lock) PZ_Lock(s->lock);
+    return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSession_ExitMonitor (
+  nssSession *s
+)
+{
+    return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
+}
+
+NSS_EXTERN PRBool
+nssSession_IsReadWrite (
+  nssSession *s
+)
+{
+    return s->isRW;
+}
+