#include "vreader.h"
#include "vevent.h"
+#include "libcacard/vcardt_internal.h"
+
+
typedef enum {
VCardEmulUnknown = -1,
VCardEmulFalse = 0,
if (key->slot) {
PK11_FreeSlot(key->slot);
}
- return;
}
/*
/* TODO: we may also need to send insertion/removal events? */
slot = vcard_emul_card_get_slot(card);
PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */
- return;
}
new_reader_emul->slot = PK11_ReferenceSlot(slot);
new_reader_emul->default_type = type;
- new_reader_emul->type_params = strdup(params);
+ new_reader_emul->type_params = g_strdup(params);
new_reader_emul->present = PR_FALSE;
new_reader_emul->series = 0;
new_reader_emul->saved_vcard = NULL;
}
/*
- * Card ATR's map to physical cards. VCARD_ATR_PREFIX will set appropriate
+ * Card ATR's map to physical cards. vcard_alloc_atr will set appropriate
* historical bytes for any software emulated card. The remaining bytes can be
* used to indicate the actual emulator
*/
-static const unsigned char nss_atr[] = { VCARD_ATR_PREFIX(3), 'N', 'S', 'S' };
+static unsigned char *nss_atr;
+static int nss_atr_len;
void
vcard_emul_get_atr(VCard *card, unsigned char *atr, int *atr_len)
{
- int len = MIN(sizeof(nss_atr), *atr_len);
+ int len;
assert(atr != NULL);
+ if (nss_atr == NULL) {
+ nss_atr = vcard_alloc_atr("NSS", &nss_atr_len);
+ }
+ len = MIN(nss_atr_len, *atr_len);
memcpy(atr, nss_atr, len);
*atr_len = len;
- return;
}
/*
SECMODModule *module = (SECMODModule *)arg;
do {
+ /*
+ * XXX - the latency value doesn't matter one bit. you only get no
+ * blocking (flags |= CKF_DONT_BLOCK) or PKCS11_WAIT_LATENCY (==500),
+ * hard coded in coolkey. And it isn't coolkey's fault - the timeout
+ * value we pass get's dropped on the floor before C_WaitForSlotEvent
+ * is called.
+ */
slot = SECMOD_WaitForAnyTokenEvent(module, 0, 500);
if (slot == NULL) {
+ /* this could be just a no event indication */
+ if (PORT_GetError() == SEC_ERROR_NO_EVENT) {
+ continue;
+ }
break;
}
vreader = vcard_emul_find_vreader_from_slot(slot);
vcard_emul_init(const VCardEmulOptions *options)
{
SECStatus rv;
- PRBool ret, has_readers = PR_FALSE, need_coolkey_module;
+ PRBool ret, has_readers = PR_FALSE;
VReader *vreader;
VReaderEmul *vreader_emul;
SECMODListLock *module_lock;
if (options->nss_db) {
rv = NSS_Init(options->nss_db);
} else {
- rv = NSS_Init("sql:/etc/pki/nssdb");
+ gchar *path;
+#ifndef _WIN32
+ path = g_strdup("/etc/pki/nssdb");
+#else
+ if (g_get_system_config_dirs() == NULL ||
+ g_get_system_config_dirs()[0] == NULL) {
+ return VCARD_EMUL_FAIL;
+ }
+
+ path = g_build_filename(
+ g_get_system_config_dirs()[0], "pki", "nssdb", NULL);
+#endif
+
+ rv = NSS_Init(path);
+ g_free(path);
}
if (rv != SECSuccess) {
return VCARD_EMUL_FAIL;
/* make sure we have some PKCS #11 module loaded */
module_lock = SECMOD_GetDefaultModuleListLock();
module_list = SECMOD_GetDefaultModuleList();
- need_coolkey_module = !has_readers;
SECMOD_GetReadLock(module_lock);
for (mlp = module_list; mlp; mlp = mlp->next) {
SECMODModule *module = mlp->module;
if (module_has_removable_hw_slots(module)) {
- need_coolkey_module = PR_FALSE;
break;
}
}
SECMOD_ReleaseReadLock(module_lock);
- if (need_coolkey_module) {
- SECMODModule *module;
- module = SECMOD_LoadUserModule(
- (char *)"library=libcoolkeypk11.so name=Coolkey",
- NULL, PR_FALSE);
- if (module == NULL) {
- return VCARD_EMUL_FAIL;
- }
- SECMOD_DestroyModule(module); /* free our reference, Module will still
- * be on the list.
- * until we destroy it */
- }
-
/* now examine all the slots, finding which should be readers */
/* We should control this with options. For now we mirror out any
* removable hardware slot */
default_card_type = options->hw_card_type;
- default_type_params = strdup(options->hw_type_params);
+ default_type_params = g_strdup(options->hw_type_params);
SECMOD_GetReadLock(module_lock);
for (mlp = module_list; mlp; mlp = mlp->next) {
SECMODModule *module = mlp->module;
- PRBool has_emul_slots = PR_FALSE;
- if (module == NULL) {
- continue;
+ /* Ignore the internal module */
+ if (module == NULL || module == SECMOD_GetInternalModule()) {
+ continue;
}
for (i = 0; i < module->slotCount; i++) {
if (slot == NULL || !PK11_IsRemovable(slot) || !PK11_IsHW(slot)) {
continue;
}
+ if (strcmp("E-Gate 0 0", PK11_GetSlotName(slot)) == 0) {
+ /*
+ * coolkey <= 1.1.0-20 emulates this reader if it can't find
+ * any hardware readers. This causes problems, warn user of
+ * problems.
+ */
+ fprintf(stderr, "known bad coolkey version - see "
+ "https://bugzilla.redhat.com/show_bug.cgi?id=802435\n");
+ continue;
+ }
vreader_emul = vreader_emul_new(slot, options->hw_card_type,
options->hw_type_params);
vreader = vreader_new(PK11_GetSlotName(slot), vreader_emul,
vreader_emul_delete);
vreader_add_reader(vreader);
- has_readers = PR_TRUE;
- has_emul_slots = PR_TRUE;
-
if (PK11_IsPresent(slot)) {
VCard *vcard;
vcard = vcard_emul_mirror_card(vreader);
vcard_free(vcard);
}
}
- if (has_emul_slots) {
- vcard_emul_new_event_thread(module);
- }
+ vcard_emul_new_event_thread(module);
}
SECMOD_ReleaseReadLock(module_lock);
- nss_emul_init = has_readers;
+ nss_emul_init = PR_TRUE;
return VCARD_EMUL_OK;
}
NEXT_TOKEN(vname)
NEXT_TOKEN(type_params)
type_params_length = MIN(type_params_length, sizeof(type_str)-1);
- strncpy(type_str, type_params, type_params_length);
- type_str[type_params_length] = 0;
+ pstrcpy(type_str, type_params_length, type_params);
type = vcard_emul_type_from_string(type_str);
NEXT_TOKEN(type_params)
" {card_type_to_emulate} What card interface to present to the guest\n"
" {param_for_card} Card interface specific parameters\n"
" {slot_name} NSS slot that contains the certs\n"
-" {vreader_name} Virutal reader name to present to the guest\n"
+" {vreader_name} Virtual reader name to present to the guest\n"
" {certN} Nickname of the certificate n on the virtual card\n"
"\n"
"These parameters come as a single string separated by blanks or newlines."
projects / qemu.git / blobdiff