return name;
}
+static const char *
+module_get_option_inlock (Module *mod,
+ const char *option)
+{
+ p11_dict *config;
+
+ if (mod == NULL)
+ config = gl.config;
+ else
+ config = mod->config;
+ if (config == NULL)
+ return NULL;
+ return p11_dict_get (config, option);
+}
+
/**
* p11_kit_module_get_flags:
* @module: the module
int
p11_kit_module_get_flags (CK_FUNCTION_LIST *module)
{
+ const char *trusted;
Module *mod;
int flags = 0;
}
if (!mod || mod->critical)
flags |= P11_KIT_MODULE_CRITICAL;
+ if (mod) {
+ trusted = module_get_option_inlock (mod, "trust-policy");
+ if (_p11_conf_parse_boolean (trusted, false))
+ flags |= P11_KIT_MODULE_TRUSTED;
+ }
}
p11_unlock ();
return ret;
}
-static const char *
-module_get_option_inlock (Module *mod,
- const char *option)
-{
- p11_dict *config;
-
- if (mod == NULL)
- config = gl.config;
- else
- config = mod->config;
- if (config == NULL)
- return NULL;
- return p11_dict_get (config, option);
-}
-
/**
* p11_kit_registered_option:
* @module: a pointer to a registered module
CK_FUNCTION_LIST **module)
{
p11_destroyer destroyer;
+ const char *trusted;
p11_virtual *virt;
bool is_managed;
bool with_log;
assert (module != NULL);
+ if (flags & P11_KIT_MODULE_TRUSTED) {
+ trusted = module_get_option_inlock (mod, "trust-policy");
+ if (!_p11_conf_parse_boolean (trusted, false))
+ return CKR_FUNCTION_NOT_SUPPORTED;
+ }
+
if (flags & P11_KIT_MODULE_UNMANAGED) {
is_managed = false;
with_log = false;
rv = prepare_module_inlock_reentrant (mod, flags, modules + at);
if (rv == CKR_OK)
at++;
- else if (rv != CKR_FUNCTION_NOT_SUPPORTED)
+ else if (rv == CKR_FUNCTION_NOT_SUPPORTED)
+ rv = CKR_OK;
+ else
break;
}
rv = load_module_from_file_inlock (NULL, module_path, &mod);
if (rv == CKR_OK) {
-
/* WARNING: Reentrancy can occur here */
rv = prepare_module_inlock_reentrant (mod, flags, &module);
if (rv != CKR_OK)
enum {
P11_KIT_MODULE_UNMANAGED = 1 << 0,
P11_KIT_MODULE_CRITICAL = 1 << 1,
+ P11_KIT_MODULE_TRUSTED = 1 << 2,
};
typedef void (* p11_kit_destroyer) (void *data);
module: mock-four.so
disable-in: test-disable, test-other
-priority: 4
\ No newline at end of file
+priority: 4
+trust-policy: no
\ No newline at end of file
module: mock-one.so
-setting: system1
\ No newline at end of file
+setting: system1
+trust-policy: yes
\ No newline at end of file
p11_kit_modules_release (unmanaged);
}
+static void
+test_module_trusted_only (void)
+{
+ CK_FUNCTION_LIST_PTR_PTR modules;
+ char *name;
+
+ modules = p11_kit_modules_load_and_initialize (P11_KIT_MODULE_TRUSTED);
+ assert_ptr_not_null (modules);
+ assert_ptr_not_null (modules[0]);
+ assert (modules[1] == NULL);
+
+ name = p11_kit_module_get_name (modules[0]);
+ assert_str_eq (name, "one");
+ free (name);
+
+ assert_num_eq (p11_kit_module_get_flags (modules[0]), P11_KIT_MODULE_TRUSTED);
+
+ finalize_and_free_modules (modules);
+}
+
+static void
+test_module_trust_flags (void)
+{
+ CK_FUNCTION_LIST_PTR_PTR modules;
+ char *name;
+ int flags;
+ int i;
+
+ modules = initialize_and_get_modules ();
+ assert_ptr_not_null (modules);
+
+ for (i = 0; modules[i] != NULL; i++) {
+ name = p11_kit_module_get_name (modules[i]);
+ assert_ptr_not_null (name);
+
+ flags = p11_kit_module_get_flags (modules[i]);
+ if (strcmp (name, "one") == 0) {
+ assert_num_eq (flags, P11_KIT_MODULE_TRUSTED);
+ } else {
+ assert_num_eq (flags, 0);
+ }
+
+ free (name);
+ }
+
+ finalize_and_free_modules (modules);
+}
+
static void
test_config_option (void)
{
p11_test (test_module_name, "/modules/test_module_name");
p11_test (test_module_flags, "/modules/test_module_flags");
p11_test (test_config_option, "/modules/test_config_option");
+ p11_test (test_module_trusted_only, "/modules/trusted-only");
+ p11_test (test_module_trust_flags, "/modules/trust-flags");
p11_kit_be_quiet ();
return true;
}
-static void
-limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules,
- int flags)
-{
- char *string;
- int i, out;
-
- /*
- * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes
- * we get from modules explicitly marked as containing trust-policy.
- */
-
- if ((flags & (P11_EXTRACT_ANCHORS | P11_EXTRACT_BLACKLIST)) == 0)
- return;
-
- /* Count the number of modules */
- for (out = 0; modules[out] != NULL; out++);
-
- if (out == 0)
- return;
-
- /* TODO: This logic will move once we merge our p11-kit managed code */
- for (i = 0, out = 0; modules[i] != NULL; i++) {
- string = p11_kit_config_option (modules[i], "trust-policy");
- if (string && strcmp (string, "yes") == 0)
- modules[out++] = modules[i];
- else if (string && strcmp (string, "no") != 0)
- p11_message ("skipping module with invalid 'trust-policy' setting: %s", string);
- free (string);
- }
-
- if (out == 0)
- p11_message ("no modules containing trust policy are registered");
-}
-
static bool
validate_filter_and_format (p11_extract_info *ex,
p11_extract_func func,
p11_extract_info ex;
CK_ATTRIBUTE *match;
P11KitUri *uri;
+ int flags;
int opt = 0;
int ret;
if (uri && p11_kit_uri_any_unrecognized (uri))
p11_message ("uri contained unrecognized components, nothing will be extracted");
- modules = p11_kit_modules_load_and_initialize (0);
+ /*
+ * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes
+ * we get from modules explicitly marked as containing trust-policy.
+ */
+ flags = 0;
+ if (ex.flags & (P11_EXTRACT_ANCHORS | P11_EXTRACT_BLACKLIST))
+ flags |= P11_KIT_MODULE_TRUSTED;
+
+ modules = p11_kit_modules_load_and_initialize (flags);
if (!modules)
return 1;
- limit_modules_if_necessary (modules, ex.flags);
+ if (modules[0] == NULL)
+ p11_message ("no modules containing trust policy are registered");
iter = p11_kit_iter_new (uri, 0);
projects / p11-kit / commitdiff