From 8fd55c8089c90b52f00e4ffad572d1b9da72e6ba Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Thu, 7 Mar 2013 18:53:50 +0100
Subject: p11-kit: New priority option and change trust-policy option

 * Sort loaded modules appropriately using the 'priority' option. This
   allows us to have a predictable order for callers, when callers
   iterate through modules.
 * Modules default to having an 'priority' option of '0'.
 * If modules have the same order value, then sort by name.
 * The above assumes the role of ordering trust-policy sources.
 * Change the trust-policy option to a boolean
 * Some of this code will be rearranged when the managed branch
   is merged.

https://bugs.freedesktop.org/show_bug.cgi?id=61978
---
 tools/extract.c | 47 ++++++-----------------------------------------
 1 file changed, 6 insertions(+), 41 deletions(-)

(limited to 'tools')

diff --git a/tools/extract.c b/tools/extract.c
index 40a3911..fe5ba15 100644
--- a/tools/extract.c
+++ b/tools/extract.c
@@ -203,28 +203,12 @@ format_argument (const char *optarg,
 	return true;
 }
 
-static int
-compar_longs (const void *v1,
-              const void *v2)
-{
-	const long *o1 = v1;
-	const long *o2 = v2;
-	return (int)(o1 - o2);
-}
-
 static void
 limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules,
                             CK_ATTRIBUTE *match)
 {
-	long policy;
 	char *string;
 	int i, out;
-	char *endptr;
-
-	struct {
-		long policy;
-		CK_FUNCTION_LIST_PTR module;
-	} *order;
 
 	/*
 	 * We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes
@@ -241,35 +225,16 @@ limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules,
 	if (out == 0)
 		return;
 
-	order = malloc (sizeof (*order) * out);
-	return_if_fail (order != NULL);
-
+	/* TODO: This logic will move once we merge our p11-kit managed code */
 	for (i = 0, out = 0; modules[i] != NULL; i++) {
 		string = p11_kit_registered_option (modules[i], "trust-policy");
-		if (string) {
-			policy = strtol (string, &endptr, 10);
-			if (!endptr || endptr[0] != '\0' || policy > INT16_MAX || policy < INT16_MIN) {
-				p11_message ("skipping module with invalid 'trust-policy' setting: %s", string);
-
-			} else {
-				order[out].module = modules[i];
-				order[out].policy = policy;
-				out++;
-			}
-
-			free (string);
-		}
+		if (string && strcmp (string, "yes") == 0)
+			modules[out++] = modules[i];
+		else if (string && strcmp (string, "no") != 0)
+			p11_message ("skipping module with invalid 'trust-policy' setting: %s", string);
+		free (string);
 	}
 
-	/* Our compare function compares the first member of Order */
-	qsort (order, out, sizeof (*order), compar_longs);
-
-	for (i = 0; i < out; i++)
-		modules[i] = order[i].module;
-	modules[i] = NULL;
-
-	free (order);
-
 	if (out == 0)
 		p11_message ("no modules containing trust policy are registered");
 }
-- 
cgit v1.1