diff options
author | Stef Walter <stefw@gnome.org> | 2013-03-07 18:53:50 +0100 |
---|---|---|
committer | Stef Walter <stefw@gnome.org> | 2013-03-15 17:29:23 +0100 |
commit | 8fd55c8089c90b52f00e4ffad572d1b9da72e6ba (patch) | |
tree | 3b381718ede4745ef2f9e2f6cbca1283b0a2fe58 /tools | |
parent | 0e75a5ba8261955d4d75a38a528f79ff4edd5c21 (diff) |
p11-kit: New priority option and change trust-policy option
* Sort loaded modules appropriately using the 'priority' option. This
allows us to have a predictable order for callers, when callers
iterate through modules.
* Modules default to having an 'priority' option of '0'.
* If modules have the same order value, then sort by name.
* The above assumes the role of ordering trust-policy sources.
* Change the trust-policy option to a boolean
* Some of this code will be rearranged when the managed branch
is merged.
https://bugs.freedesktop.org/show_bug.cgi?id=61978
Diffstat (limited to 'tools')
-rw-r--r-- | tools/extract.c | 47 |
1 files changed, 6 insertions, 41 deletions
diff --git a/tools/extract.c b/tools/extract.c index 40a3911..fe5ba15 100644 --- a/tools/extract.c +++ b/tools/extract.c @@ -203,28 +203,12 @@ format_argument (const char *optarg, return true; } -static int -compar_longs (const void *v1, - const void *v2) -{ - const long *o1 = v1; - const long *o2 = v2; - return (int)(o1 - o2); -} - static void limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules, CK_ATTRIBUTE *match) { - long policy; char *string; int i, out; - char *endptr; - - struct { - long policy; - CK_FUNCTION_LIST_PTR module; - } *order; /* * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes @@ -241,35 +225,16 @@ limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules, if (out == 0) return; - order = malloc (sizeof (*order) * out); - return_if_fail (order != NULL); - + /* TODO: This logic will move once we merge our p11-kit managed code */ for (i = 0, out = 0; modules[i] != NULL; i++) { string = p11_kit_registered_option (modules[i], "trust-policy"); - if (string) { - policy = strtol (string, &endptr, 10); - if (!endptr || endptr[0] != '\0' || policy > INT16_MAX || policy < INT16_MIN) { - p11_message ("skipping module with invalid 'trust-policy' setting: %s", string); - - } else { - order[out].module = modules[i]; - order[out].policy = policy; - out++; - } - - free (string); - } + if (string && strcmp (string, "yes") == 0) + modules[out++] = modules[i]; + else if (string && strcmp (string, "no") != 0) + p11_message ("skipping module with invalid 'trust-policy' setting: %s", string); + free (string); } - /* Our compare function compares the first member of Order */ - qsort (order, out, sizeof (*order), compar_longs); - - for (i = 0; i < out; i++) - modules[i] = order[i].module; - modules[i] = NULL; - - free (order); - if (out == 0) p11_message ("no modules containing trust policy are registered"); } |