diff options
-rw-r--r-- | p11-kit/modules.c | 48 | ||||
-rw-r--r-- | p11-kit/p11-kit.h | 1 | ||||
-rw-r--r-- | p11-kit/tests/files/package-modules/four.module | 3 | ||||
-rw-r--r-- | p11-kit/tests/files/system-modules/one.module | 3 | ||||
-rw-r--r-- | p11-kit/tests/test-modules.c | 50 | ||||
-rw-r--r-- | trust/extract.c | 49 |
6 files changed, 98 insertions, 56 deletions
diff --git a/p11-kit/modules.c b/p11-kit/modules.c index ef8cea6..43ace18 100644 --- a/p11-kit/modules.c +++ b/p11-kit/modules.c @@ -1126,6 +1126,21 @@ p11_kit_module_get_name (CK_FUNCTION_LIST *module) return name; } +static const char * +module_get_option_inlock (Module *mod, + const char *option) +{ + p11_dict *config; + + if (mod == NULL) + config = gl.config; + else + config = mod->config; + if (config == NULL) + return NULL; + return p11_dict_get (config, option); +} + /** * p11_kit_module_get_flags: * @module: the module @@ -1145,6 +1160,7 @@ p11_kit_module_get_name (CK_FUNCTION_LIST *module) int p11_kit_module_get_flags (CK_FUNCTION_LIST *module) { + const char *trusted; Module *mod; int flags = 0; @@ -1165,6 +1181,11 @@ p11_kit_module_get_flags (CK_FUNCTION_LIST *module) } if (!mod || mod->critical) flags |= P11_KIT_MODULE_CRITICAL; + if (mod) { + trusted = module_get_option_inlock (mod, "trust-policy"); + if (_p11_conf_parse_boolean (trusted, false)) + flags |= P11_KIT_MODULE_TRUSTED; + } } p11_unlock (); @@ -1265,21 +1286,6 @@ p11_kit_module_for_name (CK_FUNCTION_LIST **modules, return ret; } -static const char * -module_get_option_inlock (Module *mod, - const char *option) -{ - p11_dict *config; - - if (mod == NULL) - config = gl.config; - else - config = mod->config; - if (config == NULL) - return NULL; - return p11_dict_get (config, option); -} - /** * p11_kit_registered_option: * @module: a pointer to a registered module @@ -1735,12 +1741,19 @@ prepare_module_inlock_reentrant (Module *mod, CK_FUNCTION_LIST **module) { p11_destroyer destroyer; + const char *trusted; p11_virtual *virt; bool is_managed; bool with_log; assert (module != NULL); + if (flags & P11_KIT_MODULE_TRUSTED) { + trusted = module_get_option_inlock (mod, "trust-policy"); + if (!_p11_conf_parse_boolean (trusted, false)) + return CKR_FUNCTION_NOT_SUPPORTED; + } + if (flags & P11_KIT_MODULE_UNMANAGED) { is_managed = false; with_log = false; @@ -1821,7 +1834,9 @@ p11_modules_load_inlock_reentrant (int flags, rv = prepare_module_inlock_reentrant (mod, flags, modules + at); if (rv == CKR_OK) at++; - else if (rv != CKR_FUNCTION_NOT_SUPPORTED) + else if (rv == CKR_FUNCTION_NOT_SUPPORTED) + rv = CKR_OK; + else break; } @@ -2301,7 +2316,6 @@ p11_kit_module_load (const char *module_path, rv = load_module_from_file_inlock (NULL, module_path, &mod); if (rv == CKR_OK) { - /* WARNING: Reentrancy can occur here */ rv = prepare_module_inlock_reentrant (mod, flags, &module); if (rv != CKR_OK) diff --git a/p11-kit/p11-kit.h b/p11-kit/p11-kit.h index a07bf40..d5f0bd9 100644 --- a/p11-kit/p11-kit.h +++ b/p11-kit/p11-kit.h @@ -56,6 +56,7 @@ extern "C" { enum { P11_KIT_MODULE_UNMANAGED = 1 << 0, P11_KIT_MODULE_CRITICAL = 1 << 1, + P11_KIT_MODULE_TRUSTED = 1 << 2, }; typedef void (* p11_kit_destroyer) (void *data); diff --git a/p11-kit/tests/files/package-modules/four.module b/p11-kit/tests/files/package-modules/four.module index 545c285..933af2b 100644 --- a/p11-kit/tests/files/package-modules/four.module +++ b/p11-kit/tests/files/package-modules/four.module @@ -1,4 +1,5 @@ module: mock-four.so disable-in: test-disable, test-other -priority: 4
\ No newline at end of file +priority: 4 +trust-policy: no
\ No newline at end of file diff --git a/p11-kit/tests/files/system-modules/one.module b/p11-kit/tests/files/system-modules/one.module index 3620869..15cb7f2 100644 --- a/p11-kit/tests/files/system-modules/one.module +++ b/p11-kit/tests/files/system-modules/one.module @@ -1,3 +1,4 @@ module: mock-one.so -setting: system1
\ No newline at end of file +setting: system1 +trust-policy: yes
\ No newline at end of file diff --git a/p11-kit/tests/test-modules.c b/p11-kit/tests/test-modules.c index d50b2d5..f274502 100644 --- a/p11-kit/tests/test-modules.c +++ b/p11-kit/tests/test-modules.c @@ -307,6 +307,54 @@ test_module_flags (void) } static void +test_module_trusted_only (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + char *name; + + modules = p11_kit_modules_load_and_initialize (P11_KIT_MODULE_TRUSTED); + assert_ptr_not_null (modules); + assert_ptr_not_null (modules[0]); + assert (modules[1] == NULL); + + name = p11_kit_module_get_name (modules[0]); + assert_str_eq (name, "one"); + free (name); + + assert_num_eq (p11_kit_module_get_flags (modules[0]), P11_KIT_MODULE_TRUSTED); + + finalize_and_free_modules (modules); +} + +static void +test_module_trust_flags (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + char *name; + int flags; + int i; + + modules = initialize_and_get_modules (); + assert_ptr_not_null (modules); + + for (i = 0; modules[i] != NULL; i++) { + name = p11_kit_module_get_name (modules[i]); + assert_ptr_not_null (name); + + flags = p11_kit_module_get_flags (modules[i]); + if (strcmp (name, "one") == 0) { + assert_num_eq (flags, P11_KIT_MODULE_TRUSTED); + } else { + assert_num_eq (flags, 0); + } + + free (name); + } + + finalize_and_free_modules (modules); +} + +static void test_config_option (void) { CK_FUNCTION_LIST_PTR_PTR modules; @@ -358,6 +406,8 @@ main (int argc, p11_test (test_module_name, "/modules/test_module_name"); p11_test (test_module_flags, "/modules/test_module_flags"); p11_test (test_config_option, "/modules/test_config_option"); + p11_test (test_module_trusted_only, "/modules/trusted-only"); + p11_test (test_module_trust_flags, "/modules/trust-flags"); p11_kit_be_quiet (); diff --git a/trust/extract.c b/trust/extract.c index d5ceb13..39d30e0 100644 --- a/trust/extract.c +++ b/trust/extract.c @@ -208,41 +208,6 @@ format_argument (const char *optarg, return true; } -static void -limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules, - int flags) -{ - char *string; - int i, out; - - /* - * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes - * we get from modules explicitly marked as containing trust-policy. - */ - - if ((flags & (P11_EXTRACT_ANCHORS | P11_EXTRACT_BLACKLIST)) == 0) - return; - - /* Count the number of modules */ - for (out = 0; modules[out] != NULL; out++); - - if (out == 0) - return; - - /* TODO: This logic will move once we merge our p11-kit managed code */ - for (i = 0, out = 0; modules[i] != NULL; i++) { - string = p11_kit_config_option (modules[i], "trust-policy"); - if (string && strcmp (string, "yes") == 0) - modules[out++] = modules[i]; - else if (string && strcmp (string, "no") != 0) - p11_message ("skipping module with invalid 'trust-policy' setting: %s", string); - free (string); - } - - if (out == 0) - p11_message ("no modules containing trust policy are registered"); -} - static bool validate_filter_and_format (p11_extract_info *ex, p11_extract_func func, @@ -304,6 +269,7 @@ p11_trust_extract (int argc, p11_extract_info ex; CK_ATTRIBUTE *match; P11KitUri *uri; + int flags; int opt = 0; int ret; @@ -434,11 +400,20 @@ p11_trust_extract (int argc, if (uri && p11_kit_uri_any_unrecognized (uri)) p11_message ("uri contained unrecognized components, nothing will be extracted"); - modules = p11_kit_modules_load_and_initialize (0); + /* + * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes + * we get from modules explicitly marked as containing trust-policy. + */ + flags = 0; + if (ex.flags & (P11_EXTRACT_ANCHORS | P11_EXTRACT_BLACKLIST)) + flags |= P11_KIT_MODULE_TRUSTED; + + modules = p11_kit_modules_load_and_initialize (flags); if (!modules) return 1; - limit_modules_if_necessary (modules, ex.flags); + if (modules[0] == NULL) + p11_message ("no modules containing trust policy are registered"); iter = p11_kit_iter_new (uri, 0); |