trust: Implement reloading of token data

 * Reload token data whenever a new session is opened.
 * Only reload files/directories that have changed.
 * Move duplicate anchor/blacklist detection logic into
   the extract code. This is in line with the approach
   being discussed on the mailing lists and spec document.
 * New internal attribute CKA_X_ORIGIN set on all objects
   so we can track where an object came from, and replace
   it when reloaded.

In general this is a prerequisite for modification of objects
reload before modify is necessary to prevent multiple callers
clobbering each other's changes.

1 files changed, 12 insertions, 6 deletions

diff --git a/trust/index.c b/trust/index.c
index c8632cc..4de65c9 100644
--- a/trust/index.c
+++ b/trust/index.c
@@ -154,6 +154,7 @@ is_indexable (p11_index *index,
 	case CKA_VALUE:
 	case CKA_OBJECT_ID:
 	case CKA_ID:
+	case CKA_X_ORIGIN:
 		return true;
 	}
 
@@ -566,13 +567,18 @@ p11_index_replace_all (p11_index *index,
 	handles = p11_index_find_all (index, match, -1);
 
 	rv = index_replacev (index, handles, key,
-	                     (CK_ATTRIBUTE **)replace->elem,
-	                     replace->num);
+	                     replace ? (CK_ATTRIBUTE **)replace->elem : NULL,
+	                     replace ? replace->num : 0);
 
-	for (i = 0; i < replace->num; i++) {
-		if (!replace->elem[i]) {
-			p11_array_remove (replace, i);
-			i--;
+	if (rv == CKR_OK) {
+		if (replace)
+			p11_array_clear (replace);
+	} else {
+		for (i = 0; replace && i < replace->num; i++) {
+			if (!replace->elem[i]) {
+				p11_array_remove (replace, i);
+				i--;
+			}
 		}
 	}