trust: Make each configured path its own token

 * Each source directory or file configured into the module or passed
   in as an initialization argument becomes its own token.
   Previously there was one token that contained certificates from
   all the configured paths.
 * These tokens are clearly labeled in the token info as
   to the directory or file that they represent.
 * Update PKCS#11 module logic to deal with multiple tokens, validate
   the slot ids and so on.
 * The order in which the paths are configured will become the
   order of trust priority. This is the same order in which they
   are listed through 'p11-kit list-modules' and C_GetSlotList.
 * Update the frob-token internal tool to only play with one path
 * Adjust tests where necessary to reflect the new state of things
   and add tests for modified trust module code

https://bugs.freedesktop.org/show_bug.cgi?id=61499

1 files changed, 23 insertions, 41 deletions

diff --git a/trust/token.c b/trust/token.c
index f96d865..39bca04 100644
--- a/trust/token.c
+++ b/trust/token.c
@@ -59,7 +59,8 @@
 struct _p11_token {
 	p11_parser *parser;
 	p11_dict *objects;
-	const char *paths;
+	const char *path;
+	CK_SLOT_ID slot;
 	int loaded;
 };
 
@@ -209,43 +210,6 @@ loader_load_path (p11_token *token,
 }
 
 static int
-loader_load_paths (p11_token *token,
-                   const char *paths)
-{
-	const char *pos;
-	int total = 0;
-	char *path;
-	int ret;
-
-	p11_debug ("loading paths: %s", paths);
-
-	while (paths) {
-		pos = strchr (paths, ':');
-		if (pos == NULL) {
-			path = strdup (paths);
-			paths = NULL;
-		} else {
-			path = strndup (paths, pos - paths);
-			paths = pos + 1;
-		}
-
-		return_val_if_fail (path != NULL, -1);
-
-		if (path[0] != '\0') {
-			/* We don't expect this to fail except for in strange circumstances */
-			ret = loader_load_path (token, path);
-			if (ret < 0)
-				return_val_if_reached (-1);
-			total += ret;
-		}
-
-		free (path);
-	}
-
-	return total;
-}
-
-static int
 load_builtin_objects (p11_token *token)
 {
 	CK_OBJECT_CLASS builtin = CKO_NSS_BUILTIN_ROOT_LIST;
@@ -425,7 +389,7 @@ p11_token_load (p11_token *token)
 
 	builtins = load_builtin_objects (token);
 
-	count = loader_load_paths (token, token->paths);
+	count = loader_load_path (token, token->path);
 	return_val_if_fail (count >= 0, count);
 
 	return count + builtins;
@@ -449,7 +413,8 @@ p11_token_free (p11_token *token)
 }
 
 p11_token *
-p11_token_new (const char *paths)
+p11_token_new (CK_SLOT_ID slot,
+               const char *path)
 {
 	p11_token *token;
 
@@ -464,8 +429,25 @@ p11_token_new (const char *paths)
 	                               free, p11_attrs_free);
 	return_val_if_fail (token->objects != NULL, NULL);
 
-	token->paths = paths;
+	token->path = strdup (path);
+	return_val_if_fail (token->path != NULL, NULL);
+
+	token->slot = slot;
 	token->loaded = 0;
 
 	return token;
 }
+
+const char *
+p11_token_get_path (p11_token *token)
+{
+	return_val_if_fail (token != NULL, NULL);
+	return token->path;
+}
+
+CK_SLOT_ID
+p11_token_get_slot (p11_token *token)
+{
+	return_val_if_fail (token != NULL, 0);
+	return token->slot;
+}