[gnome-settings-daemon] smartcard: use NSS_InitContext instead of NSS_Initialize
- From: Ray Strode <halfline src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-settings-daemon] smartcard: use NSS_InitContext instead of NSS_Initialize
- Date: Thu, 5 Jan 2017 15:46:32 +0000 (UTC)
commit 3b4c585e983d2ed341a4f892879ec40f6ea1dc91
Author: Ray Strode <rstrode redhat com>
Date: Tue Jun 16 09:45:46 2015 -0400
smartcard: use NSS_InitContext instead of NSS_Initialize
NSS_Initialize is a noop if called multiple times. We
currently call NSS_Initialize twice in gnome-settings-daemon.
Once by NMClient and once by the smartcard plugin. NMClient
does it first, and it does it without initializing the secmod
database. When the smartcard plugin tries to initialize NSS
with the secmod database later, it's call is turned to a noop.
This commit changes the smartcard plugin to use NSS_InitContext
instead, which can properly handle being initialized multiple
times with different configurations. See:
https://wiki.mozilla.org/NSS_Library_Init
https://bugzilla.gnome.org/show_bug.cgi?id=751040
plugins/smartcard/gsd-smartcard-manager.c | 28 ++++++++++++++++++----------
1 files changed, 18 insertions(+), 10 deletions(-)
---
diff --git a/plugins/smartcard/gsd-smartcard-manager.c b/plugins/smartcard/gsd-smartcard-manager.c
index ba9f27f..a93f771 100644
--- a/plugins/smartcard/gsd-smartcard-manager.c
+++ b/plugins/smartcard/gsd-smartcard-manager.c
@@ -53,7 +53,7 @@ struct GsdSmartcardManagerPrivate
GSettings *settings;
- guint32 nss_is_loaded : 1;
+ NSSInitContext *nss_context;
};
#define CONF_SCHEMA "org.gnome.settings-daemon.peripherals.smartcard"
@@ -92,7 +92,14 @@ static void
load_nss (GsdSmartcardManager *self)
{
GsdSmartcardManagerPrivate *priv = self->priv;
- SECStatus status = SECSuccess;
+ NSSInitContext *context = NULL;
+
+ /* The first field in the NSSInitParameters structure
+ * is the size of the structure. NSS requires this, so
+ * that it can change the size of the structure in future
+ * versions of NSS in a detectable way
+ */
+ NSSInitParameters parameters = { sizeof (parameters), };
static const guint32 flags = NSS_INIT_READONLY
| NSS_INIT_FORCEOPEN
| NSS_INIT_NOROOTINIT
@@ -104,10 +111,10 @@ load_nss (GsdSmartcardManager *self)
PR_Init (PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
- status = NSS_Initialize (GSD_SMARTCARD_MANAGER_NSS_DB,
- "", "", SECMOD_DB, flags);
+ context = NSS_InitContext (GSD_SMARTCARD_MANAGER_NSS_DB,
+ "", "", SECMOD_DB, ¶meters, flags);
- if (status != SECSuccess) {
+ if (context == NULL) {
gsize error_message_size;
char *error_message;
@@ -122,13 +129,14 @@ load_nss (GsdSmartcardManager *self)
g_debug ("NSS security system could not be initialized - %s",
error_message);
}
- priv->nss_is_loaded = FALSE;
+
+ priv->nss_context = NULL;
return;
}
g_debug ("NSS database '%s' loaded", GSD_SMARTCARD_MANAGER_NSS_DB);
- priv->nss_is_loaded = TRUE;
+ priv->nss_context = context;
}
static void
@@ -137,9 +145,9 @@ unload_nss (GsdSmartcardManager *self)
g_debug ("attempting to unload NSS security system with database '%s'",
GSD_SMARTCARD_MANAGER_NSS_DB);
- if (self->priv->nss_is_loaded) {
- NSS_Shutdown ();
- self->priv->nss_is_loaded = FALSE;
+ if (self->priv->nss_context != NULL) {
+ g_clear_pointer (&self->priv->nss_context,
+ NSS_ShutdownContext);
g_debug ("NSS database '%s' unloaded", GSD_SMARTCARD_MANAGER_NSS_DB);
} else {
g_debug ("NSS database '%s' already not loaded", GSD_SMARTCARD_MANAGER_NSS_DB);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
