From f70643fb52b077f9e385f49877ad4515e4696c3f Mon Sep 17 00:00:00 2001 From: wtchang%redhat.com Date: Mar 08 2005 18:52:50 +0000 Subject: Comment formatting changes. Modified Files: alt.c cache.c errors.c file.c manifest.mn ntgetpin.c pin.c pk11.c std.c svrcore.h user.c --- diff --git a/alt.c b/alt.c index 9cd5066..e69de29 100644 --- a/alt.c +++ b/alt.c @@ -1,127 +0,0 @@ -/* - * alt.c - SVRCORE module for reading a PIN from one of two alternate - * sources. - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include -#include -#include - -/* ------------------------------------------------------------ */ -/* - * SVRCOREAltPinObj implementation - */ -struct SVRCOREAltPinObj -{ - SVRCOREPinObj base; - SVRCOREPinObj *primary; - SVRCOREPinObj *alt; -}; -static const SVRCOREPinMethods vtable; - -/* ------------------------------------------------------------ */ -SVRCOREError -SVRCORE_CreateAltPinObj( - SVRCOREAltPinObj **out, - SVRCOREPinObj *primary, SVRCOREPinObj *alt) -{ - SVRCOREError err = SVRCORE_Success; - SVRCOREAltPinObj *obj = 0; - - do { - obj = (SVRCOREAltPinObj *)malloc(sizeof (SVRCOREAltPinObj)); - if (!obj) { err = SVRCORE_NoMemory_Error; break; } - - obj->base.methods = &vtable; - - obj->primary = primary; - obj->alt = alt; - } while(0); - - if (err != SVRCORE_Success) - { - SVRCORE_DestroyAltPinObj(obj); - } - - *out = obj; - - return err; -} - -void -SVRCORE_DestroyAltPinObj( - SVRCOREAltPinObj *obj) -{ - if (!obj) return; - - free(obj); -} - -/* ------------------------------------------------------------ */ -/* - * vtable methods - */ -static void -destroyObject(SVRCOREPinObj *obj) -{ - SVRCORE_DestroyAltPinObj((SVRCOREAltPinObj*)obj); -} - -static char * -getPin(SVRCOREPinObj *pinObj, const char *tokenName, PRBool retry) -{ - SVRCOREAltPinObj *obj = (SVRCOREAltPinObj*)pinObj; - char *res = 0; - - do { - /* Try primary first */ - res = SVRCORE_GetPin(obj->primary, tokenName, retry); - if (res) break; - - /* If unsucessful, try alternate source */ - res = SVRCORE_GetPin(obj->alt, tokenName, retry); - } while(0); - - return res; -} - -/* - * VTable - */ -static const SVRCOREPinMethods vtable = -{ 0, 0, destroyObject, getPin }; diff --git a/cache.c b/cache.c index e25573c..e69de29 100644 --- a/cache.c +++ b/cache.c @@ -1,247 +0,0 @@ -/* - * cache.c - SVRCORE module for caching PIN values - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include - -#include - -/* ------------------------------------------------------------ */ -/* - * Node - for maintaining link list of tokens with cached PINs - */ -typedef struct Node Node; -static void freeNode(Node *node); -static void freeList(Node *list); - -struct Node -{ - Node *next; - char *tokenName; - SVRCOREPk11PinStore *store; -}; - -/* ------------------------------------------------------------ */ -/* - * SVRCORECachedPinObj implementation - */ -struct SVRCORECachedPinObj -{ - SVRCOREPinObj base; - SVRCOREPinObj *alt; - Node *pinList; -}; -static const struct SVRCOREPinMethods vtable; - -/* ------------------------------------------------------------ */ -SVRCOREError -SVRCORE_CreateCachedPinObj( - SVRCORECachedPinObj **out, SVRCOREPinObj *alt) -{ - SVRCOREError err = SVRCORE_Success; - SVRCORECachedPinObj *obj; - - do { - obj = (SVRCORECachedPinObj*)malloc(sizeof (SVRCORECachedPinObj)); - if (!obj) { err = SVRCORE_NoMemory_Error; break; } - - obj->base.methods = &vtable; - - obj->alt = alt; - obj->pinList = 0; - } while(0); - - *out = obj; - return err; -} - -void -SVRCORE_DestroyCachedPinObj(SVRCORECachedPinObj *obj) -{ - if (!obj) return; - - if (obj->pinList) freeList(obj->pinList); - - free(obj); -} - -/* ------------------------------------------------------------ */ -/* - * vtable functions - */ -static void -destroyObject(SVRCOREPinObj *obj) -{ - SVRCORE_DestroyCachedPinObj((SVRCORECachedPinObj*)obj); -} - -static char * -getPin(SVRCOREPinObj *ctx, const char *tokenName, PRBool retry) -{ - SVRCORECachedPinObj *obj = (SVRCORECachedPinObj*)ctx; - Node **link, *node; - char *pin = 0; - - /* - * Look up the value in the cache. Remove the entry if this is - * a retry, or getting the stored value fails. This loop terminates - * with 'pin' set to any valid cached value. - */ - for(link = &obj->pinList;(node = *link) != NULL;link = &node->next) - { - if (strcmp(node->tokenName, tokenName) != 0) continue; - - if (retry || - SVRCORE_Pk11StoreGetPin(&pin, node->store) != SVRCORE_Success) - { - *link = node->next; - - freeNode(node); - } - - break; - } - - /* - * Now loop, attempting to read a pin from the alternate source - * until cancelled, or a valid PIN is provided. - */ - while(!pin) - { - SVRCOREError err; - - /* Call second level */ - pin = SVRCORE_GetPin(obj->alt, tokenName, retry); - - if (!pin) break; /* Cancel */ - - /* Attempt to create a Pin Storage object. This checks the - * password. - */ - do { - Node *node; - - node = (Node*)malloc(sizeof (Node)); - if (!node) { err = SVRCORE_NoMemory_Error; break; } - - node->tokenName = 0; - node->store = 0; - - do { - node->tokenName = strdup(tokenName); - if (!node->tokenName) { err = SVRCORE_NoMemory_Error; break; } - - err = SVRCORE_CreatePk11PinStore(&node->store, tokenName, pin); - } while(0); - - if (err) { freeNode(node); break; } - - node->next = obj->pinList; - obj->pinList = node; - } while(0); - - /* If node creation worked, then pin is correct */ - if (err == SVRCORE_Success) break; - - /* Quit on any error other than IncorrectPassword */ - if (err != SVRCORE_IncorrectPassword_Error) break; - - /* Password was incorrect, treat this as a retry */ - retry = PR_TRUE; - } - - return pin; -} - -/* ------------------------------------------------------------ */ -/* - * SVRCORE_CachedPinGetPin - */ -SVRCOREError -SVRCORE_CachedPinGetPin( - char **out, SVRCORECachedPinObj *obj, - const char *tokenName) -{ - SVRCOREError err; - Node *node; - - *out = 0; - - do { - /* Find a matching PIN node */ - for(node = obj->pinList;node;node = node->next) - { - if (strcmp(node->tokenName, tokenName) == 0) break;; - } - if (!node) { err = SVRCORE_NoSuchToken_Error; break; } - - err = SVRCORE_Pk11StoreGetPin(out, node->store); - } while(0); - - return err; -} - -static const struct SVRCOREPinMethods vtable = -{ 0, 0, destroyObject, getPin }; - -/* ------------------------------------------------------------ */ -/* - * Node implementation - */ -static void freeNode(Node *node) -{ - if (!node) return; - - if (node->store) SVRCORE_DestroyPk11PinStore(node->store); - if (node->tokenName) free(node->tokenName); - - free(node); -} - -static void freeList(Node *list) -{ - Node *n; - - while((n = list) != NULL) - { - list = n->next; - - free(n->tokenName); - free(n); - } -} diff --git a/errors.c b/errors.c index 75016ad..e69de29 100644 --- a/errors.c +++ b/errors.c @@ -1,48 +0,0 @@ -/* - * errors.c - SVRCORE Error strings - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include - -const char * const SVRCORE_Errors[] = { - "Operation completed successfully", - "Not enough memory to complete operation", - "Unspecified error", - "Token missing or unavailable", - "Incorrect password or PIN provided" -}; diff --git a/file.c b/file.c index 33b555e..e69de29 100644 --- a/file.c +++ b/file.c @@ -1,252 +0,0 @@ -/* - * file.c - SVRCORE module for reading PIN from a file - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include -#include -#include - -/* ------------------------------------------------------------ */ -/* - * Node - for maintaining link list of tokens with bad PINs - */ -typedef struct Node Node; -static void freeList(Node *list); - -struct Node -{ - Node *next; - char *tokenName; -}; - -/* ------------------------------------------------------------ */ -/* - * SVRCOREFilePinObj implementation - */ -struct SVRCOREFilePinObj -{ - SVRCOREPinObj base; - char *filename; - PRBool disabled; - Node *badPinList; -}; -static const struct SVRCOREPinMethods vtable; - -/* ------------------------------------------------------------ */ -SVRCOREError -SVRCORE_CreateFilePinObj( - SVRCOREFilePinObj **out, - const char *filename) -{ - SVRCOREError err = SVRCORE_Success; - SVRCOREFilePinObj *obj = 0; - - do { - obj = (SVRCOREFilePinObj*)malloc(sizeof (SVRCOREFilePinObj)); - if (!obj) { err = SVRCORE_NoMemory_Error; break; } - - obj->base.methods = &vtable; - - obj->filename = 0; - obj->disabled = PR_FALSE; - obj->badPinList = 0; - - obj->filename = strdup(filename); - if (!obj->filename) { err = SVRCORE_NoMemory_Error; break; } - - } while(0); - - if (err) - { - SVRCORE_DestroyFilePinObj(obj); - obj = 0; - } - - *out = obj; - return err; -} - -void -SVRCORE_DestroyFilePinObj(SVRCOREFilePinObj *obj) -{ - if (!obj) return; - - if (obj->filename) free(obj->filename); - - if (obj->badPinList) freeList(obj->badPinList); - - free(obj); -} - -/* ------------------------------------------------------------ */ -/* - * vtable functions - */ -static void -destroyObject(SVRCOREPinObj *obj) -{ - SVRCORE_DestroyFilePinObj((SVRCOREFilePinObj*)obj); -} - -static char * -getPin(SVRCOREPinObj *ctx, const char *tokenName, PRBool retry) -{ - SVRCOREFilePinObj *obj = (SVRCOREFilePinObj*)ctx; - PK11SlotInfo *slot; - int is_internal_token = 0; - FILE *pinfile = 0; - char *res = 0; - - /* In really bad situations, where we cannot allocate memory - * for a bad PIN list, the entire PIN object is disabled. - */ - if (obj->disabled) return 0; - - /* - * If the application is retrying the PIN, the one in the file is - * probably wrong. It's important that we avoid returning this - * PIN to the caller each time, since that will result in disabling - * the token. - */ - { - Node *p; - - for(p = obj->badPinList;p;p = p->next) - if (strcmp(p->tokenName, tokenName) == 0) break; - - if (p) return 0; - } - - /* Mark it as bad (in the hash table) so that we remember - * to never return it again. - */ - if (retry) - { - Node *ent = 0; - - do { - ent = (Node *)malloc(sizeof (Node)); - if (!ent) break; - - ent->tokenName = strdup(tokenName); - - if (!ent->tokenName) - { - free(ent); - ent = 0; - } - } while(0); - - /* If adding fails, disable the whole object */ - if (!ent) obj->disabled = PR_TRUE; - - /* Add to list */ - ent->next = obj->badPinList; - obj->badPinList = ent; - - return 0; - } - - slot = PK11_FindSlotByName((char *)tokenName); - if (slot) { - is_internal_token = PK11_IsInternal(slot); - PK11_FreeSlot(slot); - } - - do { - char line[128]; - - pinfile = fopen(obj->filename, "rt"); - if (!pinfile) break; - - /* Read lines from the file */ - while(fgets(line, sizeof line, pinfile)) - { - char *pin; - char *delim; - - /* Find the ":" */ - delim = strchr(line, ':'); - if (!delim) continue; - - /* Terminate name field and skip ";" */ - *delim++ = 0; - - if (strcmp(line, tokenName) == 0 || - (is_internal_token && - (strcmp(line, "Communicator Certificate DB") == 0 || - strcmp(line, "Internal (Software) Token") == 0))) - { - pin = delim; - delim = strchr(pin, '\n'); - if (delim) *delim = 0; - - res = strdup(pin); - break; - } - } - - /* Clear any sensitive data */ - memset(line, 0, sizeof line); - } while(0); - - if (pinfile) fclose(pinfile); - - return res; -} - -static const struct SVRCOREPinMethods vtable = -{ 0, 0, destroyObject, getPin }; - -/* ------------------------------------------------------------ */ -/* - * Node implementation - */ -static void freeList(Node *list) -{ - Node *n; - - while((n = list) != NULL) - { - list = n->next; - - free(n->tokenName); - free(n); - } -} - diff --git a/manifest.mn b/manifest.mn index 14543d6..fb40eeb 100644 --- a/manifest.mn +++ b/manifest.mn @@ -1,4 +1,4 @@ -# +# # ***** BEGIN LICENSE BLOCK ***** # Version: MPL 1.1/GPL 2.0/LGPL 2.1 # diff --git a/ntgetpin.c b/ntgetpin.c index cc69dd0..e69de29 100644 --- a/ntgetpin.c +++ b/ntgetpin.c @@ -1,168 +0,0 @@ -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1996 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -/****************************************************** - * - * ntgetpin.c - Prompts for the key - * database passphrase. - * - ******************************************************/ - -#if defined( WIN32 ) - -#include -#include -#include "ntresource.h" - -#undef Debug -#undef OFF -#undef LITTLE_ENDIAN - -#include -#include -#include - -static char password[512]; - -static void CenterDialog(HWND hwndParent, HWND hwndDialog) -{ - RECT DialogRect; - RECT ParentRect; - POINT Point; - int nWidth; - int nHeight; - - // Determine if the main window exists. This can be useful when - // the application creates the dialog box before it creates the - // main window. If it does exist, retrieve its size to center - // the dialog box with respect to the main window. - if( hwndParent != NULL ) - { - GetClientRect(hwndParent, &ParentRect); - } - else - { - // if main window does not exist, center with respect to desktop - hwndParent = GetDesktopWindow(); - GetWindowRect(hwndParent, &ParentRect); - } - - // get the size of the dialog box - GetWindowRect(hwndDialog, &DialogRect); - - // calculate height and width for MoveWindow() - nWidth = DialogRect.right - DialogRect.left; - nHeight = DialogRect.bottom - DialogRect.top; - - // find center point and convert to screen coordinates - Point.x = (ParentRect.right - ParentRect.left) / 2; - Point.y = (ParentRect.bottom - ParentRect.top) / 2; - - ClientToScreen(hwndParent, &Point); - - // calculate new X, Y starting point - Point.x -= nWidth / 2; - Point.y -= nHeight / 2; - - MoveWindow(hwndDialog, Point.x, Point.y, nWidth, nHeight, FALSE); -} - -static BOOL CALLBACK PinDialogProc(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam) -{ - switch(message) - { - case WM_INITDIALOG: - SetDlgItemText( hDlg, IDC_TOKEN_NAME, (char *)lParam); - CenterDialog(NULL, hDlg); - SendDlgItemMessage(hDlg, IDEDIT, EM_SETLIMITTEXT, sizeof(password), 0); - EnableWindow(GetDlgItem(hDlg, IDOK), FALSE); - return(FALSE); - - case WM_COMMAND: - if(LOWORD(wParam) == IDEDIT) - { - if(HIWORD(wParam) == EN_CHANGE) - { - if(GetDlgItemText(hDlg, IDEDIT, password, - sizeof(password)) > 0) - { - EnableWindow(GetDlgItem(hDlg, IDOK), TRUE); - } - else - { - EnableWindow(GetDlgItem(hDlg, IDOK), FALSE); - } - } - return (FALSE); - } - else if(LOWORD(wParam) == IDOK) - { - GetDlgItemText(hDlg, IDEDIT, password, sizeof(password)); - EndDialog(hDlg, IDOK); - return (TRUE); - } - else if(LOWORD(wParam) == IDCANCEL) - { - memset(password, 0, sizeof(password)); - EndDialog(hDlg, IDCANCEL); - return(FALSE); - } - } - return (FALSE); -} -char* -NT_PromptForPin (const char *tokenName) -{ - int iResult = 0; - - iResult = DialogBoxParam( GetModuleHandle( NULL ), - MAKEINTRESOURCE(IDD_DATABASE_PASSWORD), - HWND_DESKTOP, (DLGPROC) PinDialogProc, (LPARAM)tokenName); - if( iResult == -1 ) - { - iResult = GetLastError(); -/* - ReportSlapdEvent( EVENTLOG_INFORMATION_TYPE, - MSG_SERVER_PASSWORD_DIALOG_FAILED, 0, NULL ); -*/ - return NULL; - } - /* Return no-response if the user click on cancel */ - if (password[0] == 0) return 0; - return strdup(password); -} - -#endif /* defined( WIN32 ) */ diff --git a/pin.c b/pin.c index 6b7df14..e69de29 100644 --- a/pin.c +++ b/pin.c @@ -1,90 +0,0 @@ -/* - * pin.c - SVRCORE module implementing PK11 pin callback support - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include - -#include -#include -#include - -/* - * Global state - */ -static SVRCOREPinObj *pinObj = 0; - -/* - * SVRCORE_Pk11PasswordFunc - * - * DEPRECATED public interface. - */ -static char * -SVRCORE_Pk11PasswordFunc(PK11SlotInfo *slot, PRBool retry, void *ctx) -{ - char *passwd; - - /* If the user has not installed a cbk, then return failure (cancel) */ - if (pinObj == 0) return 0; - - /* Invoke the callback function, translating slot into token name */ - passwd = SVRCORE_GetPin(pinObj, PK11_GetTokenName(slot), retry); - - return passwd; -} - -/* - * SVRCORE_RegisterPinObj - */ -void -SVRCORE_RegisterPinObj(SVRCOREPinObj *obj) -{ - /* Set PK11 callback function to call back here */ - PK11_SetPasswordFunc(SVRCORE_Pk11PasswordFunc); - - /* Set object to use for getPin method */ - pinObj = obj; -} - -/* - * SVRCORE_GetRegisteredPinObj - */ -SVRCOREPinObj * -SVRCORE_GetRegisteredPinObj(void) -{ - return pinObj; -} diff --git a/pk11.c b/pk11.c index 7a2e94e..e69de29 100644 --- a/pk11.c +++ b/pk11.c @@ -1,309 +0,0 @@ -/* - * pk11.c - SVRCORE module for securely storing PIN using PK11 - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include - -#include -#include -#include - -/* ------------------------------------------------------------ */ -/* - * Mechanisms for doing the PIN encryption. Each of these lists - * an encryption mechanism, with setup, encode and decode routines that - * use that mechanism. The PK11PinStore looks for a mechanism - * that the token supports, and then uses it. If none is found, - * it will fail. - */ -typedef struct mech_item mech_item; -struct mech_item -{ - CK_MECHANISM_TYPE type; - const char *mechName; -}; - -/* ------------------------------------------------------------ */ -/* - * The table listing all mechanism to try - */ -#define MECH_TABLE_SIZE 4 -static const mech_item table[MECH_TABLE_SIZE] = { - { CKM_SKIPJACK_CBC64, "Skipjack CBC-64 encryption" }, - { CKM_DES3_CBC, "Triple-DES CBC encryption" }, - { CKM_CAST128_CBC, "CAST-128 CBC encryption" }, - { CKM_DES_CBC, "DES CBC encryption" } -}; -static mech_item dflt_mech = { CKM_DES3_CBC, "Triple-DES CBC (default)" }; - - -/* ------------------------------------------------------------ */ -/* - * Implementation - */ -struct SVRCOREPk11PinStore -{ - PK11SlotInfo *slot; - - const mech_item *mech; - - PK11SymKey *key; - SECItem *params; - - int length; - unsigned char *crypt; -}; - - -/* ------------------------------------------------------------ */ -/* - * SVRCORE_CreatePk11PinStore - */ -SVRCOREError -SVRCORE_CreatePk11PinStore( - SVRCOREPk11PinStore **out, - const char *tokenName, const char *pin) -{ - SVRCOREError err; - SVRCOREPk11PinStore *store; - - do { - err = SVRCORE_Success; - - store = (SVRCOREPk11PinStore*)malloc(sizeof *store); - if (store == 0) { err = SVRCORE_NoMemory_Error; break; } - - /* Low-level init */ - store->slot = 0; - store->key = 0; - store->params = 0; - store->crypt = 0; - - /* Use the tokenName to find a PKCS11 slot */ - store->slot = PK11_FindSlotByName((char *)tokenName); - if (store->slot == 0) { err = SVRCORE_NoSuchToken_Error; break; } - - /* Check the password/PIN. This allows access to the token */ - { - SECStatus rv = PK11_CheckUserPassword(store->slot, (char *)pin); - - if (rv == SECSuccess) - ; - else if (rv == SECWouldBlock) - { - err = SVRCORE_IncorrectPassword_Error; - break; - } - else - { - err = SVRCORE_System_Error; - break; - } - } - - /* Find the mechanism that this token can do */ - { - const mech_item *tp; - - store->mech = 0; - for(tp = table;tp < &table[MECH_TABLE_SIZE];tp++) - { - if (PK11_DoesMechanism(store->slot, tp->type)) - { - store->mech = tp; - break; - } - } - /* Default to a mechanism (probably on the internal token */ - if (store->mech == 0) - store->mech = &dflt_mech; - } - - /* Generate a key and parameters to do the encryption */ - store->key = PK11_KeyGen(store->slot, store->mech->type, - 0, 0, 0); - if (store->key == 0) - { - /* PR_SetError(xxx); */ - err = SVRCORE_System_Error; - break; - } - - store->params = PK11_GenerateNewParam(store->mech->type, store->key); - if (store->params == 0) - { - err = SVRCORE_System_Error; - break; - } - - /* Compute the size of the encrypted data including necessary padding */ - { - int blocksize = PK11_GetBlockSize(store->mech->type, 0); - - store->length = strlen(pin)+1; - - /* Compute padded size - 0 means stream cipher */ - if (blocksize != 0) - { - store->length += blocksize - (store->length % blocksize); - } - - store->crypt = (unsigned char *)malloc(store->length); - if (!store->crypt) { err = SVRCORE_NoMemory_Error; break; } - } - - /* Encrypt */ - { - unsigned char *plain; - PK11Context *ctx; - SECStatus rv; - int outLen; - - plain = (unsigned char *)malloc(store->length); - if (!plain) { err = SVRCORE_NoMemory_Error; break; } - - /* Pad with 0 bytes */ - memset(plain, 0, store->length); - strcpy((char *)plain, pin); - - ctx = PK11_CreateContextBySymKey(store->mech->type, CKA_ENCRYPT, - store->key, store->params); - if (!ctx) { err = SVRCORE_System_Error; break; } - - do { - rv = PK11_CipherOp(ctx, store->crypt, &outLen, store->length, - plain, store->length); - if (rv) break; - - rv = PK11_Finalize(ctx); - } while(0); - - PK11_DestroyContext(ctx, PR_TRUE); - memset(plain, 0, store->length); - free(plain); - - if (rv) err = SVRCORE_System_Error; - } - } while(0); - - if (err) - { - SVRCORE_DestroyPk11PinStore(store); - store = 0; - } - - *out = store; - return err; -} - -/* - * SVRCORE_DestroyPk11PinStore - */ -void -SVRCORE_DestroyPk11PinStore(SVRCOREPk11PinStore *store) -{ - if (store == 0) return; - - if (store->slot) - { - PK11_FreeSlot(store->slot); - } - - if (store->params) - { - SECITEM_ZfreeItem(store->params, PR_TRUE); - } - - if (store->key) - { - PK11_FreeSymKey(store->key); - } - - if (store->crypt) - { - memset(store->crypt, 0, store->length); - free(store->crypt); - } - - free(store); -} - -SVRCOREError -SVRCORE_Pk11StoreGetPin(char **out, SVRCOREPk11PinStore *store) -{ - SVRCOREError err = SVRCORE_Success; - unsigned char *plain; - SECStatus rv; - PK11Context *ctx = 0; - int outLen; - - do { - plain = (unsigned char *)malloc(store->length); - if (!plain) { err = SVRCORE_NoMemory_Error; break; } - - ctx = PK11_CreateContextBySymKey(store->mech->type, CKA_DECRYPT, - store->key, store->params); - if (!ctx) { err = SVRCORE_System_Error; break; } - - rv = PK11_CipherOp(ctx, plain, &outLen, store->length, - store->crypt, store->length); - if (rv) break; - - rv = PK11_Finalize(ctx); - if (rv) break; - } while(0); - - if (ctx) PK11_DestroyContext(ctx, PR_TRUE); - - if (rv) - { - err = SVRCORE_System_Error; - memset(plain, 0, store->length); - free(plain); - plain = 0; - } - - *out = (char *)plain; - return err; -} - -const char * -SVRCORE_Pk11StoreGetMechName(const SVRCOREPk11PinStore *store) -{ - return store->mech->mechName; -} diff --git a/std.c b/std.c index a652004..e69de29 100644 --- a/std.c +++ b/std.c @@ -1,185 +0,0 @@ -/* - * std.c - StandardSVRCORE module for reading a PIN - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include -#include -#include - -/* ------------------------------------------------------------ */ -/* - * SVRCOREStdPinObj implementation - */ -struct SVRCOREStdPinObj -{ - SVRCOREPinObj base; - SVRCORECachedPinObj *cache; - SVRCOREAltPinObj *alt; - SVRCOREFilePinObj *file; - SVRCOREUserPinObj *user; - - SVRCOREPinObj *top; -}; -static const SVRCOREPinMethods vtable; - -/* ------------------------------------------------------------ */ -SVRCOREError -SVRCORE_CreateStdPinObj( - SVRCOREStdPinObj **out, - const char *filename, PRBool cachePINs) -{ - SVRCOREError err = SVRCORE_Success; - SVRCOREStdPinObj *obj = 0; - - do { - SVRCOREPinObj *top; - - obj = (SVRCOREStdPinObj *)malloc(sizeof (SVRCOREStdPinObj)); - if (!obj) { err = SVRCORE_NoMemory_Error; break; } - - obj->base.methods = &vtable; - - obj->cache = 0; - obj->alt = 0; - obj->file = 0; - obj->user = 0; - - err = SVRCORE_CreateUserPinObj(&obj->user); - if (err) break; - - top = (SVRCOREPinObj*)obj->user; - - /* If filename is provided, splice it into the chain */ - if (filename) - { - err = SVRCORE_CreateFilePinObj(&obj->file, filename); - if (err) break; - - err = SVRCORE_CreateAltPinObj(&obj->alt, - (SVRCOREPinObj*)obj->file, top); - if (err) break; - - top = (SVRCOREPinObj*)obj->alt; - } - - /* Create cache object if requested */ - if (cachePINs) - { - err = SVRCORE_CreateCachedPinObj(&obj->cache, top); - if (err) break; - - top = (SVRCOREPinObj*)obj->cache; - } - - obj->top = top; - } while(0); - - if (err != SVRCORE_Success) - { - SVRCORE_DestroyStdPinObj(obj); - } - - *out = obj; - - return err; -} - -void -SVRCORE_DestroyStdPinObj( - SVRCOREStdPinObj *obj) -{ - if (!obj) return; - - if (obj->user) SVRCORE_DestroyUserPinObj(obj->user); - if (obj->file) SVRCORE_DestroyFilePinObj(obj->file); - if (obj->alt) SVRCORE_DestroyAltPinObj(obj->alt); - if (obj->cache) SVRCORE_DestroyCachedPinObj(obj->cache); - - free(obj); -} - -/* ------------------------------------------------------------ */ - -void -SVRCORE_SetStdPinInteractive(SVRCOREStdPinObj *obj, PRBool i) -{ - SVRCORE_SetUserPinInteractive(obj->user, i); -} - -/* ------------------------------------------------------------ */ -/* - * SVRCORE_StdPinGetPin - */ -SVRCOREError -SVRCORE_StdPinGetPin(char **pin, SVRCOREStdPinObj *obj, - const char *tokenName) -{ - /* Make sure caching is turned on */ - if (!obj->cache) - { - *pin = 0; - return SVRCORE_NoSuchToken_Error; - } - - return SVRCORE_CachedPinGetPin(pin, obj->cache, tokenName); -} - -/* ------------------------------------------------------------ */ -/* - * vtable methods - */ -static void -destroyObject(SVRCOREPinObj *obj) -{ - SVRCORE_DestroyStdPinObj((SVRCOREStdPinObj*)obj); -} - -static char * -getPin(SVRCOREPinObj *pinObj, const char *tokenName, PRBool retry) -{ - SVRCOREStdPinObj *obj = (SVRCOREStdPinObj*)pinObj; - - /* Just forward call to the top level handler */ - return SVRCORE_GetPin(obj->top, tokenName, retry); -} - -/* - * VTable - */ -static const SVRCOREPinMethods vtable = -{ 0, 0, destroyObject, getPin }; diff --git a/svrcore.h b/svrcore.h index 94cab11..e69de29 100644 --- a/svrcore.h +++ b/svrcore.h @@ -1,277 +0,0 @@ -/* - * Interface to policy configuration for export-control modules - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ -#ifndef __SVRCORE_H_ -#define __SVRCORE_H_ - -#include -#include -#include - -PR_BEGIN_EXTERN_C -/* ------------------------------------------------------------ */ -/* - * SVRCOREError - error values generated by components in the - * SVRCORE module. - */ -enum SVRCOREError -{ - SVRCORE_Success = 0, - SVRCORE_NoMemory_Error = 1, - SVRCORE_System_Error = 2, - SVRCORE_NoSuchToken_Error = 3, - SVRCORE_IncorrectPassword_Error = 4, - SVRCORE_MaximumErrorValue = 4 -}; -typedef enum SVRCOREError SVRCOREError; - - -/* ------------------------------------------------------------ */ -/* - * PIN Object - provides an interface to get the PIN for - * a PKCS11 token. - * - * Methods: - * destroyObj - delete the object - * getPin - retrieve the PIN for the token with name "tokenName". The - * retry flag is set if this request is a retry due to an incorrect - * PIN. Implementations should not return a "cached" copy in this case, - * since it will result in multiple fails, and will disable some tokens. - * The memory allocated for the returned string must be on the system - * heap. It will be released using "free" - */ -typedef struct SVRCOREPinObj SVRCOREPinObj; -typedef struct SVRCOREPinMethods SVRCOREPinMethods; -struct SVRCOREPinMethods -{ - void *(*reserved0)(SVRCOREPinObj *, void *); - void (*reserved1)(SVRCOREPinObj *); - void (*destroyObj)(SVRCOREPinObj* obj); - char *(*getPin)(SVRCOREPinObj *obj, const char *tokenName, PRBool retryFlag); -}; - -struct SVRCOREPinObj -{ - const SVRCOREPinMethods *methods; -}; - -/* - * Methods on SVRCOREPinObj - */ -/* char *SVRCORE_GetPin(SVRCOREPinObj *, char *tokenName, PRBool retry) */ -#define SVRCORE_GetPin(obj, name, retry) \ - (obj)->methods->getPin(obj, name, retry) - -/* void SVRCORE_DestroyPinObj(SVRCOREPinObj *) */ -#define SVRCORE_DestroyPinObj(obj) \ - (obj)->methods->destroyObj(obj) - - -/* ------------------------------------------------------------ */ -/* - * SVRCORE_RegisterPinObj - registers the PIN handling object with the - * PK11 module. - * - * The PIN object's getPin method will be called when the NSS layer - * requires a password/PIN for a token. The caller may provide NULL - * as the pin object, in which case, no password callbacks will be invoked. - * This may be used to unregister the object prior to deleting it. - */ -void -SVRCORE_RegisterPinObj(SVRCOREPinObj *obj); - -/* - * SVRCORE_GetRegisteredPinObj - get the currently registered Pin object - * (if any) - * - * Return a pointer to the currently register Pin object. If none has been - * registered, NULL is returned. - */ -SVRCOREPinObj * -SVRCORE_GetRegisteredPinObj(void); - -/* ------------------------------------------------------------ */ -/* - * SVRCOREStdPinObj - implementation of SVRCOREPinObj that - * provides the standard handling for servers. This includes - * optional file lookup, and optional caching - * - * SVRCORE_SetStdPinInteractive - allows the application to declare - * that input via the terminal is no longer possible (set interactive - * to PR_FALSE). See the corresponding routine for UserPinObj - * - * SVRCORE_StdPinGetPin - get a (securely) cached PIN value. Returns - * SVRCORE_NoSuchToken_Error if the object is not set up for caching. - */ -typedef struct SVRCOREStdPinObj SVRCOREStdPinObj; - -SVRCOREError -SVRCORE_CreateStdPinObj(SVRCOREStdPinObj **out, - const char *filename, PRBool cachePINs); - -void -SVRCORE_SetStdPinInteractive(SVRCOREStdPinObj *obj, PRBool interactive); - -SVRCOREError -SVRCORE_StdPinGetPin(char **pin, SVRCOREStdPinObj *obj, - const char *tokenName); - -void -SVRCORE_DestroyStdPinObj(SVRCOREStdPinObj *obj); - -/* ------------------------------------------------------------ */ -/* - * SVRCOREUserPinObj - implementation of SVRCOREPinObj that - * requests the PIN on the terminal. - * - * SVRCORE_SetUserPinInteractive - allows the application to declare - * that input via the terminal is no longer possible (set interactive - * to PR_FALSE). When this is the case, the object returns NULL (no - * PIN available) - */ -typedef struct SVRCOREUserPinObj SVRCOREUserPinObj; - -SVRCOREError -SVRCORE_CreateUserPinObj(SVRCOREUserPinObj **out); - -void -SVRCORE_SetUserPinInteractive(SVRCOREUserPinObj *obj, PRBool interactive); - -void -SVRCORE_DestroyUserPinObj(SVRCOREUserPinObj *obj); - -/* ------------------------------------------------------------ */ -/* - * SVRCOREAltPinObj - allows cascading of PinObj. For example, an - * application can first check a file (FilePinObj) and then the terminal - * (UserPinObj). The primary object is called first then, if no PIN is - * available, the alternate object is called. - * - * This object does not claim ownership of the PinObjs. The application - * must delete them (after deleting the AltPinObj). - */ -typedef struct SVRCOREAltPinObj SVRCOREAltPinObj; - -SVRCOREError -SVRCORE_CreateAltPinObj( - SVRCOREAltPinObj **out, - SVRCOREPinObj *primary, SVRCOREPinObj *alt); - -void SVRCORE_DestroyAltPinObj(SVRCOREAltPinObj *obj); - -/* ------------------------------------------------------------ */ -/* - * SVRCOREFilePinObj - implements reading PINs from a file. The - * name of the file is provided in the constructor. - */ -typedef struct SVRCOREFilePinObj SVRCOREFilePinObj; - -SVRCOREError -SVRCORE_CreateFilePinObj( - SVRCOREFilePinObj **out, - const char *filename); - -void -SVRCORE_DestroyFilePinObj(SVRCOREFilePinObj *obj); - -/* ------------------------------------------------------------ */ -/* - * SVRCORECachedPinObj - implementation of SVRCOREPinObj that - * caches the PIN in a secure way. - * - * SVRCORE_CachedPinGetPin - allows the application to retrieve - * the stored pin. The application should free the value useing free() - * after clearing the memory. - */ -typedef struct SVRCORECachedPinObj SVRCORECachedPinObj; - -SVRCOREError -SVRCORE_CreateCachedPinObj(SVRCORECachedPinObj **out, SVRCOREPinObj *alt); - -SVRCOREError -SVRCORE_CachedPinGetPin(char **pin, SVRCORECachedPinObj *obj, - const char *tokenName); - -void -SVRCORE_DestroyCachedPinObj(SVRCORECachedPinObj *obj); - - -/* ------------------------------------------------------------ */ -/* - * Implements SVRCORESecurePinStore interface - */ -typedef struct SVRCOREPk11PinStore SVRCOREPk11PinStore; - -/* - * SVRCORE_GetPk11PinStoreError - */ -SECStatus SVRCORE_Pk11StoreGetError(const SVRCOREPk11PinStore *store); - -/* Experimental */ -const char *SVRCORE_Pk11StoreGetMechName(const SVRCOREPk11PinStore *store); - -/* - * SVRCORE_CreatePk11PinStore - * Args: - * None - * Errors: - * SVRCORE_Success - * SVRCORE_NoMemory_Error - * SVRCORE_NoSuchToken_Error - * SVRCORE_System_Error - * SVRCORE_IncorrectPassword_Error - */ -SVRCOREError -SVRCORE_CreatePk11PinStore( - SVRCOREPk11PinStore **out, /* Output */ - const char *tokenName, - const char *pin); - -SVRCOREError -SVRCORE_Pk11StoreGetPin( - char **out, /* Output */ - SVRCOREPk11PinStore *store); - -void -SVRCORE_DestroyPk11PinStore( - SVRCOREPk11PinStore *store); - - -PR_END_EXTERN_C - -#endif diff --git a/user.c b/user.c index 3cbdc19..e69de29 100644 --- a/user.c +++ b/user.c @@ -1,201 +0,0 @@ -/* - * tty.c - SVRCORE module for reading PIN from the terminal - * - * ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Netscape svrcore library. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -#include -#include -#include -#ifdef WIN32 -#include -#endif /* WIN32 */ - -/* ------------------------------------------------------------ */ -/* I18N */ -static const char retryWarning[] = -"Warning: Incorrect PIN may result in disabling the token"; -static const char prompt[] = "Enter PIN for"; -static const char nt_retryWarning[] = -"Warning: You entered an incorrect PIN. Incorrect PIN may result in disabling the token"; - -struct SVRCOREUserPinObj -{ - SVRCOREPinObj base; - PRBool interactive; -}; -static const struct SVRCOREPinMethods vtable; - -#ifdef WIN32 -extern char* NT_PromptForPin(const char *tokenName); -#endif -/* ------------------------------------------------------------ */ -/* - * Support routines for changing terminal modes on UNIX - */ -#ifdef XP_UNIX -#include -#include -static void echoOff(int fd) -{ - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag &= ~ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -} - -static void echoOn(int fd) -{ - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag |= ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -} -#endif - -/* ------------------------------------------------------------ */ -SVRCOREError -SVRCORE_CreateUserPinObj(SVRCOREUserPinObj **out) -{ - SVRCOREError err = 0; - SVRCOREUserPinObj *obj = 0; - - do { - obj = (SVRCOREUserPinObj*)malloc(sizeof (SVRCOREUserPinObj)); - if (!obj) { err = 1; break; } - - obj->base.methods = &vtable; - - obj->interactive = PR_TRUE; - } while(0); - - if (err) - { - SVRCORE_DestroyUserPinObj(obj); - obj = 0; - } - - *out = obj; - return err; -} - -void -SVRCORE_DestroyUserPinObj(SVRCOREUserPinObj *obj) -{ - if (obj) free(obj); -} - -void -SVRCORE_SetUserPinInteractive(SVRCOREUserPinObj *obj, PRBool i) -{ - obj->interactive = i; -} - -static void destroyObject(SVRCOREPinObj *obj) -{ - SVRCORE_DestroyUserPinObj((SVRCOREUserPinObj*)obj); -} - - -static char *getPin(SVRCOREPinObj *obj, const char *tokenName, PRBool retry) -{ - SVRCOREUserPinObj *tty = (SVRCOREUserPinObj*)obj; - char line[128]; - char *res; - - /* If the program is not interactive then return no result */ - if (!tty->interactive) return 0; - -#ifdef WIN32 - if (retry) { - MessageBox(GetDesktopWindow(), nt_retryWarning, - "Netscape Server", MB_ICONEXCLAMATION | MB_OK); - } - return NT_PromptForPin(tokenName); -#else - - if (retry) - fprintf(stdout, "%s\n", retryWarning); - - echoOff(fileno(stdin)); - -/*** - Please Note: the following printf statement was changed from fprintf(stdout,...) because - of an odd problem with the Linux build. The issue is that libc.so has a symbol for stdout - and libstdc++.so which we also reference has a symbol for stdout. Normally the libc.so version - of stdout is resolved first and writing to stdout is no problem. Unfortunately something happens - on Linux which allows the "other" stdout from libstdc++.so to get referenced so that when a call - to fprintf(stdout,...) is made the new stdout which has never been initialized get's written - to causing a sigsegv. At this point we can not easily remove libstdc++.so from the dependencies - because other code which slapd uses happens to be C++ code which causes the reference of - libstdc++.so . - - It was determined that the quickest way to resolve the issue for now was to change the fprintf - calls to printf thereby fixing the crashes on a temp basis. Using printf seems to work because - it references stdout internally which means it will use the one from libc.so . -***/ - printf("%s %s: ", prompt, tokenName); - fflush(stdout); - - /* Read input */ - res = fgets(line, sizeof line, stdin); - - echoOn(fileno(stdin)); - printf("\n"); - - if (!res) return 0; - - /* Find and kill the newline */ - if ((res = strchr(line, '\n')) != NULL) *res = 0; - - /* Return no-response if user typed an empty line */ - if (line[0] == 0) return 0; - - return strdup(line); - -#endif /* WIN32 */ - -} - -/* - * VTable - */ -static const SVRCOREPinMethods vtable = -{ 0, 0, destroyObject, getPin };