mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
nss: factorize out nss_{un,}load_module to separate fncs
No change of behavior is intended by this commit.
This commit is contained in:
parent
c8ea86f377
commit
fab3d1ec65
@ -207,7 +207,7 @@ static const cipher_s cipherlist[] = {
|
||||
};
|
||||
|
||||
static const char *pem_library = "libnsspem.so";
|
||||
static SECMODModule *mod = NULL;
|
||||
static SECMODModule *pem_module = NULL;
|
||||
|
||||
/* NSPR I/O layer we use to detect blocking direction during SSL handshake */
|
||||
static PRDescIdentity nspr_io_identity = PR_INVALID_IO_LAYER;
|
||||
@ -622,7 +622,7 @@ static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
|
||||
return CURLE_SSL_CERTPROBLEM;
|
||||
|
||||
/* This will force the token to be seen as re-inserted */
|
||||
tmp = SECMOD_WaitForAnyTokenEvent(mod, 0, 0);
|
||||
tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0);
|
||||
if(tmp)
|
||||
PK11_FreeSlot(tmp);
|
||||
PK11_IsPresent(slot);
|
||||
@ -1202,6 +1202,50 @@ static PRStatus nspr_io_close(PRFileDesc *fd)
|
||||
return close_fn(fd);
|
||||
}
|
||||
|
||||
/* load a PKCS #11 module */
|
||||
static CURLcode nss_load_module(SECMODModule **pmod, const char *library,
|
||||
const char *name)
|
||||
{
|
||||
char *config_string;
|
||||
SECMODModule *module = *pmod;
|
||||
if(module)
|
||||
/* already loaded */
|
||||
return CURLE_OK;
|
||||
|
||||
config_string = aprintf("library=%s name=%s", library, name);
|
||||
if(!config_string)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
module = SECMOD_LoadUserModule(config_string, NULL, PR_FALSE);
|
||||
free(config_string);
|
||||
|
||||
if(module && module->loaded) {
|
||||
/* loaded successfully */
|
||||
*pmod = module;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
if(module)
|
||||
SECMOD_DestroyModule(module);
|
||||
return CURLE_FAILED_INIT;
|
||||
}
|
||||
|
||||
/* unload a PKCS #11 module */
|
||||
static void nss_unload_module(SECMODModule **pmod)
|
||||
{
|
||||
SECMODModule *module = *pmod;
|
||||
if(!module)
|
||||
/* not loaded */
|
||||
return;
|
||||
|
||||
if(SECMOD_UnloadUserModule(module) != SECSuccess)
|
||||
/* unload failed */
|
||||
return;
|
||||
|
||||
SECMOD_DestroyModule(module);
|
||||
*pmod = NULL;
|
||||
}
|
||||
|
||||
/* data might be NULL */
|
||||
static CURLcode nss_init_core(struct Curl_easy *data, const char *cert_dir)
|
||||
{
|
||||
@ -1349,10 +1393,7 @@ void Curl_nss_cleanup(void)
|
||||
* the certificates. */
|
||||
SSL_ClearSessionCache();
|
||||
|
||||
if(mod && SECSuccess == SECMOD_UnloadUserModule(mod)) {
|
||||
SECMOD_DestroyModule(mod);
|
||||
mod = NULL;
|
||||
}
|
||||
nss_unload_module(&pem_module);
|
||||
NSS_ShutdownContext(nss_context);
|
||||
nss_context = NULL;
|
||||
}
|
||||
@ -1707,29 +1748,17 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
|
||||
goto error;
|
||||
}
|
||||
|
||||
result = CURLE_SSL_CONNECT_ERROR;
|
||||
|
||||
if(!mod) {
|
||||
char *configstring = aprintf("library=%s name=PEM", pem_library);
|
||||
if(!configstring) {
|
||||
PR_Unlock(nss_initlock);
|
||||
goto error;
|
||||
}
|
||||
mod = SECMOD_LoadUserModule(configstring, NULL, PR_FALSE);
|
||||
free(configstring);
|
||||
|
||||
if(!mod || !mod->loaded) {
|
||||
if(mod) {
|
||||
SECMOD_DestroyModule(mod);
|
||||
mod = NULL;
|
||||
}
|
||||
infof(data, "WARNING: failed to load NSS PEM library %s. Using "
|
||||
"OpenSSL PEM certificates will not work.\n", pem_library);
|
||||
}
|
||||
}
|
||||
|
||||
PK11_SetPasswordFunc(nss_get_password);
|
||||
|
||||
result = nss_load_module(&pem_module, pem_library, "PEM");
|
||||
PR_Unlock(nss_initlock);
|
||||
if(result == CURLE_FAILED_INIT)
|
||||
infof(data, "WARNING: failed to load NSS PEM library %s. Using "
|
||||
"OpenSSL PEM certificates will not work.\n", pem_library);
|
||||
else if(result)
|
||||
goto error;
|
||||
|
||||
result = CURLE_SSL_CONNECT_ERROR;
|
||||
|
||||
model = PR_NewTCPSocket();
|
||||
if(!model)
|
||||
|
Loading…
Reference in New Issue
Block a user