123
* Allow specification loading the same module more than once at init time.
124
* This enables 2 things.
126
* 1) we can load additional databases by manipulating secmod.db/pkcs11.txt.
127
* 2) we can handle the case where some library has already initialized NSS
128
* before the main application.
130
* oldModule is the module we have already initialized.
131
* char *modulespec is the full module spec for the library we want to
135
secmod_handleReload(SECMODModule *oldModule, SECMODModule *newModule)
143
SECMODConfigList *conflist;
146
/* first look for tokens= key words from the module spec */
147
modulespec = newModule->libraryParams;
148
newModuleSpec = secmod_ParseModuleSpecForTokens(PR_TRUE,
149
newModule->isFIPS, modulespec, &children, &ids);
150
if (!newModuleSpec) {
155
* We are now trying to open a new slot on an already loaded module.
156
* If that slot represents a cert/key database, we don't want to open
157
* multiple copies of that same database. Unfortunately we understand
158
* the softoken flags well enough to be able to do this, so we can only get
159
* the list of already loaded databases if we are trying to open another
162
if (oldModule->internal) {
163
conflist = secmod_GetConfigList(oldModule->isFIPS,
164
oldModule->libraryParams, &count);
168
/* don't open multiple of the same db */
169
if (conflist && secmod_MatchConfigList(newModuleSpec, conflist, count)) {
173
slot = SECMOD_OpenNewSlot(oldModule, newModuleSpec);
180
if (secmod_IsInternalKeySlot(newModule)) {
181
pk11_SetInternalKeySlot(slot);
183
newID = slot->slotID;
185
for (thisChild=children, thisID=ids; thisChild && *thisChild;
186
thisChild++,thisID++) {
188
secmod_MatchConfigList(*thisChild, conflist, count)) {
189
*thisID = (CK_SLOT_ID) -1;
192
slot = SECMOD_OpenNewSlot(oldModule, *thisChild);
194
*thisID = slot->slotID;
197
*thisID = (CK_SLOT_ID) -1;
201
/* update the old module initialization string in case we need to
202
* shutdown and reinit the whole mess (this is rare, but can happen
203
* when trying to stop smart card insertion/removal threads)... */
204
oldModuleSpec = secmod_MkAppendTokensList(oldModule->arena,
205
oldModule->libraryParams, newModuleSpec, newID,
208
oldModule->libraryParams = oldModuleSpec;
215
secmod_FreeChildren(children, ids);
216
PORT_Free(newModuleSpec);
218
secmod_FreeConfigList(conflist, count);
123
224
* collect the steps we need to initialize a module in a single function
126
secmod_ModuleInit(SECMODModule *mod, PRBool* alreadyLoaded)
227
secmod_ModuleInit(SECMODModule *mod, SECMODModule **reload,
228
PRBool* alreadyLoaded)
128
230
CK_C_INITIALIZE_ARGS moduleArgs;
129
231
CK_VOID_PTR pInitArgs;
132
238
if (!mod || !alreadyLoaded) {
133
239
PORT_SetError(SEC_ERROR_INVALID_ARGS);
134
240
return SECFailure;
144
250
pInitArgs = &moduleArgs;
146
252
crv = PK11_GETTAB(mod)->C_Initialize(pInitArgs);
147
if ((CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) &&
148
(!enforceAlreadyInitializedError)) {
149
*alreadyLoaded = PR_TRUE;
253
if (CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) {
254
SECMODModule *oldModule = NULL;
256
/* Library has already been loaded once, if caller expects it, and it
257
* has additional configuration, try reloading it as well. */
258
if (reload != NULL && mod->libraryParams) {
259
oldModule = secmod_FindModuleByFuncPtr(mod->functionList);
261
/* Library has been loaded by NSS. It means it may be capable of
265
rv = secmod_handleReload(oldModule, mod);
266
if (rv == SECSuccess) {
267
/* This module should go away soon, since we've
268
* simply expanded the slots on the old module.
269
* When it goes away, it should not Finalize since
270
* that will close our old module as well. Setting
271
* the function list to NULL will prevent that close */
272
mod->functionList = NULL;
276
SECMOD_DestroyModule(oldModule);
278
/* reload not possible, fall back to old semantics */
279
if (!enforceAlreadyInitializedError) {
280
*alreadyLoaded = PR_TRUE;
152
284
if (crv != CKR_OK) {
153
285
if (pInitArgs == NULL ||
231
363
#include <stdio.h>
232
364
#include "prsystem.h"
234
#include "../freebl/genload.c"
236
366
/* This function must be run only once. */
237
367
/* determine if hybrid platform, then actually load the DSO. */
239
369
softoken_LoadDSO( void )
241
371
PRLibrary * handle;
242
const char * name = softoken_default_name;
245
PR_SetError(PR_LOAD_LIBRARY_ERROR, 0);
249
handle = loader_LoadLibrary(name);
373
handle = PORT_LoadLibraryFromOrigin(my_shlib_name,
374
(PRFuncPtr) &softoken_LoadDSO,
375
softoken_shlib_name);
251
377
softokenLib = handle;
252
378
return PR_SUCCESS;
308
434
return SECFailure;
312
/* look up the library name */
313
full_name = PR_GetLibraryName(PR_GetLibraryPath(),mod->dllName);
314
if (full_name == NULL) {
318
437
full_name = PORT_Strdup(mod->dllName);
321
439
/* load the library. If this succeeds, then we have to remember to
322
440
* unload the library if anything goes wrong from here on out...
324
442
library = PR_LoadLibrary(full_name);
325
443
mod->library = (void *)library;
327
PR_FreeLibraryName(full_name);
329
444
PORT_Free(full_name);
332
446
if (library == NULL) {
333
447
return SECFailure;
375
489
mod->isThreadSafe = PR_TRUE;
377
491
/* Now we initialize the module */
378
rv = secmod_ModuleInit(mod, &alreadyLoaded);
492
rv = secmod_ModuleInit(mod, oldModule, &alreadyLoaded);
379
493
if (rv != SECSuccess) {
497
/* module has been reloaded, this module itself is done,
498
* return to the caller */
499
if (mod->functionList == NULL) {
500
mod->loaded = PR_TRUE; /* technically the module is loaded.. */
383
504
/* check the version number */
384
505
if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2;
385
506
if (info.cryptokiVersion.major != 2) goto fail2;