summaryrefslogtreecommitdiff
path: root/p11-kit
diff options
context:
space:
mode:
authorStef Walter <stefw@gnome.org>2013-03-07 18:53:50 +0100
committerStef Walter <stefw@gnome.org>2013-03-15 17:29:23 +0100
commit8fd55c8089c90b52f00e4ffad572d1b9da72e6ba (patch)
tree3b381718ede4745ef2f9e2f6cbca1283b0a2fe58 /p11-kit
parent0e75a5ba8261955d4d75a38a528f79ff4edd5c21 (diff)
p11-kit: New priority option and change trust-policy option
* Sort loaded modules appropriately using the 'priority' option. This allows us to have a predictable order for callers, when callers iterate through modules. * Modules default to having an 'priority' option of '0'. * If modules have the same order value, then sort by name. * The above assumes the role of ordering trust-policy sources. * Change the trust-policy option to a boolean * Some of this code will be rearranged when the managed branch is merged. https://bugs.freedesktop.org/show_bug.cgi?id=61978
Diffstat (limited to 'p11-kit')
-rw-r--r--p11-kit/modules.c47
-rw-r--r--p11-kit/tests/files/package-modules/four.module1
-rw-r--r--p11-kit/tests/files/package-modules/win32/four.module1
-rw-r--r--p11-kit/tests/files/system-modules/two-duplicate.module1
-rw-r--r--p11-kit/tests/files/system-modules/two.badname1
-rw-r--r--p11-kit/tests/files/system-modules/win32/one.module3
-rw-r--r--p11-kit/tests/files/system-modules/win32/two-duplicate.module1
-rw-r--r--p11-kit/tests/files/system-modules/win32/two.badname1
-rw-r--r--p11-kit/tests/files/user-modules/three.module3
-rw-r--r--p11-kit/tests/files/user-modules/win32/three.module3
-rw-r--r--p11-kit/tests/test-modules.c42
11 files changed, 101 insertions, 3 deletions
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index eaa1564..7648167 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -896,6 +896,51 @@ p11_kit_finalize_registered (void)
return rv;
}
+static int
+compar_priority (const void *one,
+ const void *two)
+{
+ CK_FUNCTION_LIST_PTR f1 = *((CK_FUNCTION_LIST_PTR *)one);
+ CK_FUNCTION_LIST_PTR f2 = *((CK_FUNCTION_LIST_PTR *)two);
+ Module *m1, *m2;
+ const char *v1, *v2;
+ int o1, o2;
+
+ m1 = p11_dict_get (gl.modules, f1);
+ m2 = p11_dict_get (gl.modules, f2);
+ assert (m1 != NULL && m2 != NULL);
+
+ v1 = p11_dict_get (m1->config, "priority");
+ v2 = p11_dict_get (m2->config, "priority");
+
+ o1 = atoi (v1 ? v1 : "0");
+ o2 = atoi (v2 ? v2 : "0");
+
+ /* Priority is in descending order, highest first */
+ if (o1 != o2)
+ return o1 > o2 ? -1 : 1;
+
+ /*
+ * Otherwise use the names alphabetically in ascending order. This
+ * is really just to provide consistency between various loads of
+ * the configuration.
+ */
+ if (m1->name == m2->name)
+ return 0;
+ if (!m1->name)
+ return -1;
+ if (!m2->name)
+ return 1;
+ return strcmp (m1->name, m2->name);
+}
+
+static void
+sort_modules_by_priority (CK_FUNCTION_LIST_PTR *modules,
+ int count)
+{
+ qsort (modules, count, sizeof (CK_FUNCTION_LIST_PTR), compar_priority);
+}
+
CK_FUNCTION_LIST_PTR_PTR
_p11_kit_registered_modules_unlocked (void)
{
@@ -927,6 +972,8 @@ _p11_kit_registered_modules_unlocked (void)
result[i++] = mod->funcs;
}
}
+
+ sort_modules_by_priority (result, i);
}
return result;
diff --git a/p11-kit/tests/files/package-modules/four.module b/p11-kit/tests/files/package-modules/four.module
index 6eace3c..545c285 100644
--- a/p11-kit/tests/files/package-modules/four.module
+++ b/p11-kit/tests/files/package-modules/four.module
@@ -1,3 +1,4 @@
module: mock-four.so
disable-in: test-disable, test-other
+priority: 4 \ No newline at end of file
diff --git a/p11-kit/tests/files/package-modules/win32/four.module b/p11-kit/tests/files/package-modules/win32/four.module
index 7fd1540..6dc87c9 100644
--- a/p11-kit/tests/files/package-modules/win32/four.module
+++ b/p11-kit/tests/files/package-modules/win32/four.module
@@ -1,3 +1,4 @@
module: mock-four.dll
disable-in: test-disable, test-other
+priority: 4 \ No newline at end of file
diff --git a/p11-kit/tests/files/system-modules/two-duplicate.module b/p11-kit/tests/files/system-modules/two-duplicate.module
index 907aa75..756af69 100644
--- a/p11-kit/tests/files/system-modules/two-duplicate.module
+++ b/p11-kit/tests/files/system-modules/two-duplicate.module
@@ -1,3 +1,4 @@
# This is a duplicate of the 'two' module
module: mock-two.so
+# no priority, use name \ No newline at end of file
diff --git a/p11-kit/tests/files/system-modules/two.badname b/p11-kit/tests/files/system-modules/two.badname
index 0d41cac..eec3af0 100644
--- a/p11-kit/tests/files/system-modules/two.badname
+++ b/p11-kit/tests/files/system-modules/two.badname
@@ -3,3 +3,4 @@
module: mock-two.so
setting: system2
+# no priority, use name \ No newline at end of file
diff --git a/p11-kit/tests/files/system-modules/win32/one.module b/p11-kit/tests/files/system-modules/win32/one.module
index 5f80304..d153ce5 100644
--- a/p11-kit/tests/files/system-modules/win32/one.module
+++ b/p11-kit/tests/files/system-modules/win32/one.module
@@ -1,3 +1,4 @@
module: mock-one.dll
-setting: system1 \ No newline at end of file
+setting: system1
+# no order, use name \ No newline at end of file
diff --git a/p11-kit/tests/files/system-modules/win32/two-duplicate.module b/p11-kit/tests/files/system-modules/win32/two-duplicate.module
index e80c9e8..54ef1cc 100644
--- a/p11-kit/tests/files/system-modules/win32/two-duplicate.module
+++ b/p11-kit/tests/files/system-modules/win32/two-duplicate.module
@@ -1,3 +1,4 @@
# This is a duplicate of the 'two' module
module: mock-two.dll
+# no order, use name \ No newline at end of file
diff --git a/p11-kit/tests/files/system-modules/win32/two.badname b/p11-kit/tests/files/system-modules/win32/two.badname
index ae44b83..af63cf9 100644
--- a/p11-kit/tests/files/system-modules/win32/two.badname
+++ b/p11-kit/tests/files/system-modules/win32/two.badname
@@ -3,3 +3,4 @@
module: mock-two.dll
setting: system2
+# no order, use name \ No newline at end of file
diff --git a/p11-kit/tests/files/user-modules/three.module b/p11-kit/tests/files/user-modules/three.module
index 00caab5..3a2366d 100644
--- a/p11-kit/tests/files/user-modules/three.module
+++ b/p11-kit/tests/files/user-modules/three.module
@@ -2,4 +2,5 @@
module: mock-three.so
setting: user3
-enable-in: test-enable \ No newline at end of file
+enable-in: test-enable
+priority: 3 \ No newline at end of file
diff --git a/p11-kit/tests/files/user-modules/win32/three.module b/p11-kit/tests/files/user-modules/win32/three.module
index 58f883d..30a3b63 100644
--- a/p11-kit/tests/files/user-modules/win32/three.module
+++ b/p11-kit/tests/files/user-modules/win32/three.module
@@ -2,4 +2,5 @@
module: mock-three.dll
setting: user3
-enable-in: test-enable \ No newline at end of file
+enable-in: test-enable
+priority: 3 \ No newline at end of file
diff --git a/p11-kit/tests/test-modules.c b/p11-kit/tests/test-modules.c
index eb8d952..5bdbaa4 100644
--- a/p11-kit/tests/test-modules.c
+++ b/p11-kit/tests/test-modules.c
@@ -219,6 +219,47 @@ test_enable (CuTest *tc)
p11_kit_set_progname (NULL);
}
+static void
+test_priority (CuTest *tc)
+{
+ CK_FUNCTION_LIST_PTR_PTR modules;
+ char *name;
+ int i;
+
+ /*
+ * The expected order.
+ * - four is marked with a priority of 4, the highest therefore first
+ * - three is marked with a priority of 3, next highest
+ * - one and two do not have priority marked, so they default to zero
+ * and fallback to sorting alphabetically. 'o' comes before 't'
+ */
+
+ const char *expected[] = { "four", "three", "one", "two.badname" };
+
+ /* This enables module three */
+ p11_kit_set_progname ("test-enable");
+
+ modules = initialize_and_get_modules (tc);
+
+ /* The loaded modules should not contain duplicates */
+ for (i = 0; modules[i] != NULL; i++) {
+ name = p11_kit_registered_module_to_name (modules[i]);
+ CuAssertPtrNotNull (tc, name);
+
+ /* Either one of these can be loaded, as this is a duplicate module */
+ if (strcmp (name, "two-duplicate") == 0) {
+ free (name);
+ name = strdup ("two.badname");
+ }
+
+ CuAssertStrEquals (tc, expected[i], name);
+ free (name);
+ }
+
+ CuAssertIntEquals (tc, 4, i);
+ finalize_and_free_modules (tc, modules);
+}
+
int
main (void)
{
@@ -233,6 +274,7 @@ main (void)
SUITE_ADD_TEST (suite, test_disable);
SUITE_ADD_TEST (suite, test_disable_later);
SUITE_ADD_TEST (suite, test_enable);
+ SUITE_ADD_TEST (suite, test_priority);
p11_kit_be_quiet ();