diff options
Diffstat (limited to 'nss/cmd/modutil/modutil.c')
| -rw-r--r-- | nss/cmd/modutil/modutil.c | 1643 |
1 files changed, 820 insertions, 823 deletions
diff --git a/nss/cmd/modutil/modutil.c b/nss/cmd/modutil/modutil.c index 6421202..02972f7 100644 --- a/nss/cmd/modutil/modutil.c +++ b/nss/cmd/modutil/modutil.c @@ -2,8 +2,8 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* To edit this file, set TABSTOPS to 4 spaces. - * This is not the normal NSS convention. +/* To edit this file, set TABSTOPS to 4 spaces. + * This is not the normal NSS convention. */ #include "modutil.h" @@ -12,140 +12,138 @@ #include "certdb.h" /* for CERT_DB_FILE_VERSION */ #include "nss.h" -static void install_error(char *message); -static char* PR_fgets(char *buf, int size, PRFileDesc *file); -static char *progName; - +static void install_error(char* message); +static char* PR_fgets(char* buf, int size, PRFileDesc* file); +static char* progName; /* This enum must be kept in sync with the commandNames list */ typedef enum { - NO_COMMAND, - ADD_COMMAND, - CHANGEPW_COMMAND, - CREATE_COMMAND, - DEFAULT_COMMAND, - DELETE_COMMAND, - DISABLE_COMMAND, - ENABLE_COMMAND, - FIPS_COMMAND, - JAR_COMMAND, - LIST_COMMAND, - RAW_LIST_COMMAND, - RAW_ADD_COMMAND, - CHKFIPS_COMMAND, - UNDEFAULT_COMMAND + NO_COMMAND, + ADD_COMMAND, + CHANGEPW_COMMAND, + CREATE_COMMAND, + DEFAULT_COMMAND, + DELETE_COMMAND, + DISABLE_COMMAND, + ENABLE_COMMAND, + FIPS_COMMAND, + JAR_COMMAND, + LIST_COMMAND, + RAW_LIST_COMMAND, + RAW_ADD_COMMAND, + CHKFIPS_COMMAND, + UNDEFAULT_COMMAND } Command; /* This list must be kept in sync with the Command enum */ -static char *commandNames[] = { - "(no command)", - "-add", - "-changepw", - "-create", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-jar", - "-list", - "-rawlist", - "-rawadd", - "-chkfips", - "-undefault" +static char* commandNames[] = { + "(no command)", + "-add", + "-changepw", + "-create", + "-default", + "-delete", + "-disable", + "-enable", + "-fips", + "-jar", + "-list", + "-rawlist", + "-rawadd", + "-chkfips", + "-undefault" }; - /* this enum must be kept in sync with the optionStrings list */ typedef enum { - ADD_ARG=0, - RAW_ADD_ARG, - CHANGEPW_ARG, - CIPHERS_ARG, - CREATE_ARG, - DBDIR_ARG, - DBPREFIX_ARG, - DEFAULT_ARG, - DELETE_ARG, - DISABLE_ARG, - ENABLE_ARG, - FIPS_ARG, - FORCE_ARG, - JAR_ARG, - LIBFILE_ARG, - LIST_ARG, - RAW_LIST_ARG, - MECHANISMS_ARG, - NEWPWFILE_ARG, - PWFILE_ARG, - SLOT_ARG, - UNDEFAULT_ARG, - INSTALLDIR_ARG, - TEMPDIR_ARG, - SECMOD_ARG, - NOCERTDB_ARG, - STRING_ARG, - CHKFIPS_ARG, - - NUM_ARGS /* must be last */ + ADD_ARG = 0, + RAW_ADD_ARG, + CHANGEPW_ARG, + CIPHERS_ARG, + CREATE_ARG, + DBDIR_ARG, + DBPREFIX_ARG, + DEFAULT_ARG, + DELETE_ARG, + DISABLE_ARG, + ENABLE_ARG, + FIPS_ARG, + FORCE_ARG, + JAR_ARG, + LIBFILE_ARG, + LIST_ARG, + RAW_LIST_ARG, + MECHANISMS_ARG, + NEWPWFILE_ARG, + PWFILE_ARG, + SLOT_ARG, + UNDEFAULT_ARG, + INSTALLDIR_ARG, + TEMPDIR_ARG, + SECMOD_ARG, + NOCERTDB_ARG, + STRING_ARG, + CHKFIPS_ARG, + + NUM_ARGS /* must be last */ } Arg; /* This list must be kept in sync with the Arg enum */ -static char *optionStrings[] = { - "-add", - "-rawadd", - "-changepw", - "-ciphers", - "-create", - "-dbdir", - "-dbprefix", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-force", - "-jar", - "-libfile", - "-list", - "-rawlist", - "-mechanisms", - "-newpwfile", - "-pwfile", - "-slot", - "-undefault", - "-installdir", - "-tempdir", - "-secmod", - "-nocertdb", - "-string", - "-chkfips", +static char* optionStrings[] = { + "-add", + "-rawadd", + "-changepw", + "-ciphers", + "-create", + "-dbdir", + "-dbprefix", + "-default", + "-delete", + "-disable", + "-enable", + "-fips", + "-force", + "-jar", + "-libfile", + "-list", + "-rawlist", + "-mechanisms", + "-newpwfile", + "-pwfile", + "-slot", + "-undefault", + "-installdir", + "-tempdir", + "-secmod", + "-nocertdb", + "-string", + "-chkfips", }; -char *msgStrings[] = { - "FIPS mode enabled.\n", - "FIPS mode disabled.\n", - "Using database directory %s...\n", - "Creating \"%s\"...", - "Module \"%s\" added to database.\n", - "Module \"%s\" deleted from database.\n", - "Token \"%s\" password changed successfully.\n", - "Incorrect password, try again...\n", - "Passwords do not match, try again...\n", - "done.\n", - "Slot \"%s\" %s.\n", - "Successfully changed defaults.\n", - "Successfully changed defaults.\n", -"\nWARNING: Performing this operation while the browser is running could cause" -"\ncorruption of your security databases. If the browser is currently running," -"\nyou should exit browser before continuing this operation. Type " -"\n'q <enter>' to abort, or <enter> to continue: ", - "\nAborting...\n" +char* msgStrings[] = { + "FIPS mode enabled.\n", + "FIPS mode disabled.\n", + "Using database directory %s...\n", + "Creating \"%s\"...", + "Module \"%s\" added to database.\n", + "Module \"%s\" deleted from database.\n", + "Token \"%s\" password changed successfully.\n", + "Incorrect password, try again...\n", + "Passwords do not match, try again...\n", + "done.\n", + "Slot \"%s\" %s.\n", + "Successfully changed defaults.\n", + "Successfully changed defaults.\n", + "\nWARNING: Performing this operation while the browser is running could cause" + "\ncorruption of your security databases. If the browser is currently running," + "\nyou should exit browser before continuing this operation. Type " + "\n'q <enter>' to abort, or <enter> to continue: ", + "\nAborting...\n" }; /* Increment i if doing so would have i still be less than j. If you are able to do this, return 0. Otherwise return 1. */ -#define TRY_INC(i,j) ( ((i+1)<j) ? (++i, 0) : 1 ) +#define TRY_INC(i, j) (((i + 1) < j) ? (++i, 0) : 1) /******************************************************************** * @@ -177,327 +175,327 @@ static PRBool nocertdb = PR_FALSE; * p a r s e _ a r g s */ static Error -parse_args(int argc, char *argv[]) +parse_args(int argc, char* argv[]) { - int i; - char *arg; - int optionType; - - /* Loop over all arguments */ - for(i=1; i < argc; i++) { - arg = argv[i]; - - /* Make sure this is an option and not some floating argument */ - if(arg[0] != '-') { - PR_fprintf(PR_STDERR, errStrings[UNEXPECTED_ARG_ERR], argv[i]); - return UNEXPECTED_ARG_ERR; - } - - /* Find which option this is */ - for(optionType=0; optionType < NUM_ARGS; optionType++) { - if(! strcmp(arg, optionStrings[optionType])) { - break; - } - } - - /* Deal with this specific option */ - switch(optionType) { - case NUM_ARGS: - default: - PR_fprintf(PR_STDERR, errStrings[UNKNOWN_OPTION_ERR], arg); - return UNKNOWN_OPTION_ERR; - break; - case ADD_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = ADD_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleName = argv[i]; - break; - case CHANGEPW_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = CHANGEPW_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - tokenName = argv[i]; - break; - case CIPHERS_ARG: - if(ciphers != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - ciphers = argv[i]; - break; - case CREATE_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = CREATE_COMMAND; - break; - case DBDIR_ARG: - if(dbdir != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - dbdir = argv[i]; - break; - case DBPREFIX_ARG: - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - dbprefix = argv[i]; - break; - case UNDEFAULT_ARG: - case DEFAULT_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - if(optionType == DEFAULT_ARG) { - command = DEFAULT_COMMAND; - } else { - command = UNDEFAULT_COMMAND; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleName = argv[i]; - break; - case DELETE_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = DELETE_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleName = argv[i]; - break; - case DISABLE_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = DISABLE_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleName = argv[i]; - break; - case ENABLE_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = ENABLE_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleName = argv[i]; - break; - case FIPS_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = FIPS_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - fipsArg = argv[i]; - break; - case CHKFIPS_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = CHKFIPS_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - fipsArg = argv[i]; - break; - case FORCE_ARG: - force = 1; - break; - case NOCERTDB_ARG: - nocertdb = PR_TRUE; - break; - case INSTALLDIR_ARG: - if(installDir != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - installDir = argv[i]; - break; - case TEMPDIR_ARG: - if(tempDir != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - tempDir = argv[i]; - break; - case JAR_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = JAR_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - jarFile = argv[i]; - break; - case LIBFILE_ARG: - if(libFile != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - libFile = argv[i]; - break; - case LIST_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = LIST_COMMAND; - /* This option may or may not have an argument */ - if( (i+1 < argc) && (argv[i+1][0] != '-') ) { - moduleName = argv[++i]; - } - break; - case RAW_LIST_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = RAW_LIST_COMMAND; - /* This option may or may not have an argument */ - if( (i+1 < argc) && (argv[i+1][0] != '-') ) { - moduleName = argv[++i]; - } - break; - case RAW_ADD_ARG: - if(command != NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); - return MULTIPLE_COMMAND_ERR; - } - command = RAW_ADD_COMMAND; - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - moduleSpec = argv[i]; - break; - case MECHANISMS_ARG: - if(mechanisms != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - mechanisms = argv[i]; - break; - case NEWPWFILE_ARG: - if(newpwFile != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - newpwFile = argv[i]; - break; - case PWFILE_ARG: - if(pwFile != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - pwFile = argv[i]; - break; - case SLOT_ARG: - if(slotName != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - slotName = argv[i]; - break; - case SECMOD_ARG: - if(secmodName != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - secmodName = argv[i]; - break; - case STRING_ARG: - if(secmodString != NULL) { - PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); - return DUPLICATE_OPTION_ERR; - } - if(TRY_INC(i, argc)) { - PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); - return OPTION_NEEDS_ARG_ERR; - } - secmodString = argv[i]; - break; - } - } - return SUCCESS; + int i; + char* arg; + int optionType; + + /* Loop over all arguments */ + for (i = 1; i < argc; i++) { + arg = argv[i]; + + /* Make sure this is an option and not some floating argument */ + if (arg[0] != '-') { + PR_fprintf(PR_STDERR, errStrings[UNEXPECTED_ARG_ERR], argv[i]); + return UNEXPECTED_ARG_ERR; + } + + /* Find which option this is */ + for (optionType = 0; optionType < NUM_ARGS; optionType++) { + if (!strcmp(arg, optionStrings[optionType])) { + break; + } + } + + /* Deal with this specific option */ + switch (optionType) { + case NUM_ARGS: + default: + PR_fprintf(PR_STDERR, errStrings[UNKNOWN_OPTION_ERR], arg); + return UNKNOWN_OPTION_ERR; + break; + case ADD_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = ADD_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleName = argv[i]; + break; + case CHANGEPW_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = CHANGEPW_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + tokenName = argv[i]; + break; + case CIPHERS_ARG: + if (ciphers != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + ciphers = argv[i]; + break; + case CREATE_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = CREATE_COMMAND; + break; + case DBDIR_ARG: + if (dbdir != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + dbdir = argv[i]; + break; + case DBPREFIX_ARG: + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + dbprefix = argv[i]; + break; + case UNDEFAULT_ARG: + case DEFAULT_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + if (optionType == DEFAULT_ARG) { + command = DEFAULT_COMMAND; + } else { + command = UNDEFAULT_COMMAND; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleName = argv[i]; + break; + case DELETE_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = DELETE_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleName = argv[i]; + break; + case DISABLE_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = DISABLE_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleName = argv[i]; + break; + case ENABLE_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = ENABLE_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleName = argv[i]; + break; + case FIPS_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = FIPS_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + fipsArg = argv[i]; + break; + case CHKFIPS_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = CHKFIPS_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + fipsArg = argv[i]; + break; + case FORCE_ARG: + force = 1; + break; + case NOCERTDB_ARG: + nocertdb = PR_TRUE; + break; + case INSTALLDIR_ARG: + if (installDir != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + installDir = argv[i]; + break; + case TEMPDIR_ARG: + if (tempDir != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + tempDir = argv[i]; + break; + case JAR_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = JAR_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + jarFile = argv[i]; + break; + case LIBFILE_ARG: + if (libFile != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + libFile = argv[i]; + break; + case LIST_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = LIST_COMMAND; + /* This option may or may not have an argument */ + if ((i + 1 < argc) && (argv[i + 1][0] != '-')) { + moduleName = argv[++i]; + } + break; + case RAW_LIST_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = RAW_LIST_COMMAND; + /* This option may or may not have an argument */ + if ((i + 1 < argc) && (argv[i + 1][0] != '-')) { + moduleName = argv[++i]; + } + break; + case RAW_ADD_ARG: + if (command != NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg); + return MULTIPLE_COMMAND_ERR; + } + command = RAW_ADD_COMMAND; + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + moduleSpec = argv[i]; + break; + case MECHANISMS_ARG: + if (mechanisms != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + mechanisms = argv[i]; + break; + case NEWPWFILE_ARG: + if (newpwFile != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + newpwFile = argv[i]; + break; + case PWFILE_ARG: + if (pwFile != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + pwFile = argv[i]; + break; + case SLOT_ARG: + if (slotName != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + slotName = argv[i]; + break; + case SECMOD_ARG: + if (secmodName != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + secmodName = argv[i]; + break; + case STRING_ARG: + if (secmodString != NULL) { + PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg); + return DUPLICATE_OPTION_ERR; + } + if (TRY_INC(i, argc)) { + PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg); + return OPTION_NEEDS_ARG_ERR; + } + secmodString = argv[i]; + break; + } + } + return SUCCESS; } /************************************************************************ @@ -507,58 +505,58 @@ parse_args(int argc, char *argv[]) static Error verify_params() { - switch(command) { - case ADD_COMMAND: - if(libFile == NULL) { - PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], - commandNames[ADD_COMMAND], optionStrings[LIBFILE_ARG]); - return MISSING_PARAM_ERR; - } - break; - case CHANGEPW_COMMAND: - break; - case CREATE_COMMAND: - break; - case DELETE_COMMAND: - break; - case DISABLE_COMMAND: - break; - case ENABLE_COMMAND: - break; - case FIPS_COMMAND: - case CHKFIPS_COMMAND: - if(PL_strcasecmp(fipsArg, "true") && - PL_strcasecmp(fipsArg, "false")) { - PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]); - return INVALID_FIPS_ARG; - } - break; - case JAR_COMMAND: - if(installDir == NULL) { - PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], - commandNames[JAR_COMMAND], optionStrings[INSTALLDIR_ARG]); - return MISSING_PARAM_ERR; - } - break; - case LIST_COMMAND: - case RAW_LIST_COMMAND: - break; - case RAW_ADD_COMMAND: - break; - case UNDEFAULT_COMMAND: - case DEFAULT_COMMAND: - if(mechanisms == NULL) { - PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], - commandNames[command], optionStrings[MECHANISMS_ARG]); - return MISSING_PARAM_ERR; - } - break; - default: - /* Ignore this here */ - break; - } - - return SUCCESS; + switch (command) { + case ADD_COMMAND: + if (libFile == NULL) { + PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], + commandNames[ADD_COMMAND], optionStrings[LIBFILE_ARG]); + return MISSING_PARAM_ERR; + } + break; + case CHANGEPW_COMMAND: + break; + case CREATE_COMMAND: + break; + case DELETE_COMMAND: + break; + case DISABLE_COMMAND: + break; + case ENABLE_COMMAND: + break; + case FIPS_COMMAND: + case CHKFIPS_COMMAND: + if (PL_strcasecmp(fipsArg, "true") && + PL_strcasecmp(fipsArg, "false")) { + PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]); + return INVALID_FIPS_ARG; + } + break; + case JAR_COMMAND: + if (installDir == NULL) { + PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], + commandNames[JAR_COMMAND], optionStrings[INSTALLDIR_ARG]); + return MISSING_PARAM_ERR; + } + break; + case LIST_COMMAND: + case RAW_LIST_COMMAND: + break; + case RAW_ADD_COMMAND: + break; + case UNDEFAULT_COMMAND: + case DEFAULT_COMMAND: + if (mechanisms == NULL) { + PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR], + commandNames[command], optionStrings[MECHANISMS_ARG]); + return MISSING_PARAM_ERR; + } + break; + default: + /* Ignore this here */ + break; + } + + return SUCCESS; } /******************************************************************** @@ -578,105 +576,106 @@ verify_params() static Error check_crypto(PRBool create, PRBool readOnly) { - char *dir; - char *moddbname=NULL; - Error retval; - static const char multiaccess[] = { "multiaccess:" }; - - dir = SECU_ConfigDirectory(dbdir); /* dir is never NULL */ - if (dir[0] == '\0') { - PR_fprintf(PR_STDERR, errStrings[NO_DBDIR_ERR]); - retval=NO_DBDIR_ERR; - goto loser; - } - if (strncmp(dir, multiaccess, sizeof multiaccess - 1) == 0) { - /* won't attempt to handle the multiaccess case. */ - return SUCCESS; - } + char* dir; + char* moddbname = NULL; + Error retval; + static const char multiaccess[] = { "multiaccess:" }; + + dir = SECU_ConfigDirectory(dbdir); /* dir is never NULL */ + if (dir[0] == '\0') { + PR_fprintf(PR_STDERR, errStrings[NO_DBDIR_ERR]); + retval = NO_DBDIR_ERR; + goto loser; + } + if (strncmp(dir, multiaccess, sizeof multiaccess - 1) == 0) { + /* won't attempt to handle the multiaccess case. */ + return SUCCESS; + } #ifdef notdef - /* Make sure db directory exists and is readable */ - if(PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dir); - retval = DIR_DOESNT_EXIST_ERR; - goto loser; - } else if(PR_Access(dir, PR_ACCESS_READ_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dir); - retval = DIR_NOT_READABLE_ERR; - goto loser; - } - - if (secmodName == NULL) { - secmodName = "secmod.db"; - } - - moddbname = PR_smprintf("%s/%s", dir, secmodName); - if (!moddbname) - return OUT_OF_MEM_ERR; - - /* Check for the proper permissions on databases */ - if(create) { - /* Make sure dbs don't already exist, and the directory is - writeable */ - if(PR_Access(moddbname, PR_ACCESS_EXISTS)==PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], - moddbname); - retval=FILE_ALREADY_EXISTS_ERR; - goto loser; - } else - if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir); - retval=DIR_NOT_WRITEABLE_ERR; - goto loser; - } - } else { - /* Make sure dbs are readable and writeable */ - if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], moddbname); - retval=FILE_NOT_READABLE_ERR; - goto loser; - } - - /* Check for write access if we'll be making changes */ - if( !readOnly ) { - if(PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], - moddbname); - retval=FILE_NOT_WRITEABLE_ERR; - goto loser; - } - } - PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG], - SECU_ConfigDirectory(NULL)); - } + /* Make sure db directory exists and is readable */ + if (PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dir); + retval = DIR_DOESNT_EXIST_ERR; + goto loser; + } else if (PR_Access(dir, PR_ACCESS_READ_OK) != PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dir); + retval = DIR_NOT_READABLE_ERR; + goto loser; + } + + if (secmodName == NULL) { + secmodName = "secmod.db"; + } + + moddbname = PR_smprintf("%s/%s", dir, secmodName); + if (!moddbname) + return OUT_OF_MEM_ERR; + + /* Check for the proper permissions on databases */ + if (create) { + /* Make sure dbs don't already exist, and the directory is + writeable */ + if (PR_Access(moddbname, PR_ACCESS_EXISTS) == PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], + moddbname); + retval = FILE_ALREADY_EXISTS_ERR; + goto loser; + } else if (PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir); + retval = DIR_NOT_WRITEABLE_ERR; + goto loser; + } + } else { + /* Make sure dbs are readable and writeable */ + if (PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], moddbname); + retval = FILE_NOT_READABLE_ERR; + goto loser; + } + + /* Check for write access if we'll be making changes */ + if (!readOnly) { + if (PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { + PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], + moddbname); + retval = FILE_NOT_WRITEABLE_ERR; + goto loser; + } + } + PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG], + SECU_ConfigDirectory(NULL)); + } #endif - retval=SUCCESS; + retval = SUCCESS; loser: - if (moddbname) { - PR_Free(moddbname); - } - return retval; + if (moddbname) { + PR_Free(moddbname); + } + return retval; } static Error init_crypto(PRBool create, PRBool readOnly) { - PRUint32 flags = 0; - SECStatus rv; - Error retval; - /* Open/create key database */ - - if (readOnly) flags |= NSS_INIT_READONLY; - if (nocertdb) flags |= NSS_INIT_NOCERTDB; - rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix, - secmodName, flags); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - retval=NSS_INITIALIZE_FAILED_ERR; - } else - retval=SUCCESS; - - return retval; + PRUint32 flags = 0; + SECStatus rv; + Error retval; + /* Open/create key database */ + + if (readOnly) + flags |= NSS_INIT_READONLY; + if (nocertdb) + flags |= NSS_INIT_NOCERTDB; + rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix, + secmodName, flags); + if (rv != SECSuccess) { + SECU_PrintPRandOSError(progName); + retval = NSS_INITIALIZE_FAILED_ERR; + } else + retval = SUCCESS; + + return retval; } /************************************************************************* @@ -686,71 +685,69 @@ init_crypto(PRBool create, PRBool readOnly) static void usage() { - PR_fprintf(PR_STDOUT, -"\nNetscape Cryptographic Module Utility\n" -"Usage: modutil [command] [options]\n\n" -" COMMANDS\n" -"---------------------------------------------------------------------------\n" -"-add MODULE_NAME Add the named module to the module database\n" -" -libfile LIBRARY_FILE The name of the file (.so or .dll)\n" -" containing the implementation of PKCS #11\n" -" [-ciphers CIPHER_LIST] Enable the given ciphers on this module\n" -" [-mechanisms MECHANISM_LIST] Make the module a default provider of the\n" -" given mechanisms\n" -" [-string CONFIG_STRING] Pass a configuration string to this module\n" -"-changepw TOKEN Change the password on the named token\n" -" [-pwfile FILE] The old password is in this file\n" -" [-newpwfile FILE] The new password is in this file\n" -"-chkfips [ true | false ] If true, verify FIPS mode. If false,\n" -" verify not FIPS mode\n" -"-create Create a new set of security databases\n" -"-default MODULE Make the given module a default provider\n" -" -mechanisms MECHANISM_LIST of the given mechanisms\n" -" [-slot SLOT] limit change to only the given slot\n" -"-delete MODULE Remove the named module from the module\n" -" database\n" -"-disable MODULE Disable the named module\n" -" [-slot SLOT] Disable only the named slot on the module\n" -"-enable MODULE Enable the named module\n" -" [-slot SLOT] Enable only the named slot on the module\n" -"-fips [ true | false ] If true, enable FIPS mode. If false,\n" -" disable FIPS mode\n" -"-force Do not run interactively\n" -"-jar JARFILE Install a PKCS #11 module from the given\n" -" JAR file in the PKCS #11 JAR format\n" -" -installdir DIR Use DIR as the root directory of the\n" -" installation\n" -" [-tempdir DIR] Use DIR as the temporary installation\n" -" directory. If not specified, the current\n" -" directory is used\n" -"-list [MODULE] Lists information about the specified module\n" -" or about all modules if none is specified\n" -"-rawadd MODULESPEC Add module spec string to secmod DB\n" -"-rawlist [MODULE] Display module spec(s) for one or all\n" -" loadable modules\n" -"-undefault MODULE The given module is NOT a default provider\n" -" -mechanisms MECHANISM_LIST of the listed mechanisms\n" -" [-slot SLOT] limit change to only the given slot\n" -"---------------------------------------------------------------------------\n" -"\n" -" OPTIONS\n" -"---------------------------------------------------------------------------\n" -"-dbdir DIR Directory DIR contains the security databases\n" -"-dbprefix prefix Prefix for the security databases\n" -"-nocertdb Do not load certificate or key databases. No\n" -" verification will be performed on JAR files.\n" -"-secmod secmodName Name of the security modules file\n" -"---------------------------------------------------------------------------\n" -"\n" -"Mechanism lists are colon-separated. The following mechanisms are recognized:\n" -"RSA, DSA, DH, RC2, RC4, RC5, AES, CAMELLIA, DES, MD2, MD5, SHA1, SHA256, SHA512,\n" -"SSL, TLS, RANDOM, and FRIENDLY\n" -"\n" -"Cipher lists are colon-separated. The following ciphers are recognized:\n" -"\n" -"\nQuestions or bug reports should be sent to modutil-support@netscape.com.\n" -); - + PR_fprintf(PR_STDOUT, + "\nNetscape Cryptographic Module Utility\n" + "Usage: modutil [command] [options]\n\n" + " COMMANDS\n" + "---------------------------------------------------------------------------\n" + "-add MODULE_NAME Add the named module to the module database\n" + " -libfile LIBRARY_FILE The name of the file (.so or .dll)\n" + " containing the implementation of PKCS #11\n" + " [-ciphers CIPHER_LIST] Enable the given ciphers on this module\n" + " [-mechanisms MECHANISM_LIST] Make the module a default provider of the\n" + " given mechanisms\n" + " [-string CONFIG_STRING] Pass a configuration string to this module\n" + "-changepw TOKEN Change the password on the named token\n" + " [-pwfile FILE] The old password is in this file\n" + " [-newpwfile FILE] The new password is in this file\n" + "-chkfips [ true | false ] If true, verify FIPS mode. If false,\n" + " verify not FIPS mode\n" + "-create Create a new set of security databases\n" + "-default MODULE Make the given module a default provider\n" + " -mechanisms MECHANISM_LIST of the given mechanisms\n" + " [-slot SLOT] limit change to only the given slot\n" + "-delete MODULE Remove the named module from the module\n" + " database\n" + "-disable MODULE Disable the named module\n" + " [-slot SLOT] Disable only the named slot on the module\n" + "-enable MODULE Enable the named module\n" + " [-slot SLOT] Enable only the named slot on the module\n" + "-fips [ true | false ] If true, enable FIPS mode. If false,\n" + " disable FIPS mode\n" + "-force Do not run interactively\n" + "-jar JARFILE Install a PKCS #11 module from the given\n" + " JAR file in the PKCS #11 JAR format\n" + " -installdir DIR Use DIR as the root directory of the\n" + " installation\n" + " [-tempdir DIR] Use DIR as the temporary installation\n" + " directory. If not specified, the current\n" + " directory is used\n" + "-list [MODULE] Lists information about the specified module\n" + " or about all modules if none is specified\n" + "-rawadd MODULESPEC Add module spec string to secmod DB\n" + "-rawlist [MODULE] Display module spec(s) for one or all\n" + " loadable modules\n" + "-undefault MODULE The given module is NOT a default provider\n" + " -mechanisms MECHANISM_LIST of the listed mechanisms\n" + " [-slot SLOT] limit change to only the given slot\n" + "---------------------------------------------------------------------------\n" + "\n" + " OPTIONS\n" + "---------------------------------------------------------------------------\n" + "-dbdir DIR Directory DIR contains the security databases\n" + "-dbprefix prefix Prefix for the security databases\n" + "-nocertdb Do not load certificate or key databases. No\n" + " verification will be performed on JAR files.\n" + "-secmod secmodName Name of the security modules file\n" + "---------------------------------------------------------------------------\n" + "\n" + "Mechanism lists are colon-separated. The following mechanisms are recognized:\n" + "RSA, DSA, DH, RC2, RC4, RC5, AES, CAMELLIA, DES, MD2, MD5, SHA1, SHA256, SHA512,\n" + "SSL, TLS, RANDOM, and FRIENDLY\n" + "\n" + "Cipher lists are colon-separated. The following ciphers are recognized:\n" + "\n" + "\nQuestions or bug reports should be sent to modutil-support@netscape.com.\n"); } /************************************************************************* @@ -758,163 +755,164 @@ usage() * m a i n */ int -main(int argc, char *argv[]) +main(int argc, char* argv[]) { - int errcode = SUCCESS; - PRBool createdb, readOnly; + int errcode = SUCCESS; + PRBool createdb, readOnly; #define STDINBUF_SIZE 80 - char stdinbuf[STDINBUF_SIZE]; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - - PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); - - if(parse_args(argc, argv) != SUCCESS) { - usage(); - errcode = INVALID_USAGE_ERR; - goto loser; - } - - if(verify_params() != SUCCESS) { - usage(); - errcode = INVALID_USAGE_ERR; - goto loser; - } - - if(command==NO_COMMAND) { - PR_fprintf(PR_STDERR, errStrings[NO_COMMAND_ERR]); - usage(); - errcode = INVALID_USAGE_ERR; - goto loser; - } - - /* Set up crypto stuff */ - createdb = command==CREATE_COMMAND; - readOnly = ((command == LIST_COMMAND) || - (command == CHKFIPS_COMMAND) || - (command == RAW_LIST_COMMAND)); - - /* Make sure browser is not running if we're writing to a database */ - /* Do this before initializing crypto */ - if(!readOnly && !force) { - char *response; - - PR_fprintf(PR_STDOUT, msgStrings[BROWSER_RUNNING_MSG]); - if( ! PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) { - PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]); - errcode = STDIN_READ_ERR; - goto loser; - } - if( (response=strtok(stdinbuf, " \r\n\t")) ) { - if(!PL_strcasecmp(response, "q")) { - PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]); - errcode = SUCCESS; - goto loser; - } - } - PR_fprintf(PR_STDOUT, "\n"); - } - - errcode = check_crypto(createdb, readOnly); - if( errcode != SUCCESS) { - goto loser; - } - - if ((command == RAW_LIST_COMMAND) || (command == RAW_ADD_COMMAND)) { - if(!moduleName) { - char *readOnlyStr, *noCertDBStr, *sep; - if (!secmodName) secmodName="secmod.db"; - if (!dbprefix) dbprefix = ""; - sep = ((command == RAW_LIST_COMMAND) && nocertdb) ? "," : " "; - readOnlyStr = (command == RAW_LIST_COMMAND) ? "readOnly" : "" ; - noCertDBStr = nocertdb ? "noCertDB" : ""; - SECU_ConfigDirectory(dbdir); - - moduleName=PR_smprintf( - "name=\"NSS default Module DB\" parameters=\"configdir=%s certPrefix=%s " - "keyPrefix=%s secmod=%s flags=%s%s%s\" NSS=\"flags=internal,moduleDB," - "moduleDBOnly,critical\"", - SECU_ConfigDirectory(NULL),dbprefix,dbprefix, - secmodName, readOnlyStr,sep, noCertDBStr); - } - if (command == RAW_LIST_COMMAND) { - errcode = RawListModule(moduleName); - } else { - PORT_Assert(moduleSpec); - errcode = RawAddModule(moduleName,moduleSpec); - } - goto loser; - } - - errcode = init_crypto(createdb, readOnly); - if( errcode != SUCCESS) { - goto loser; - } - - errcode = LoadMechanismList(); - if (errcode != SUCCESS) { - goto loser; - } - - /* Execute the command */ - switch(command) { - case ADD_COMMAND: - errcode = AddModule(moduleName, libFile, ciphers, mechanisms, secmodString); - break; - case CHANGEPW_COMMAND: - errcode = ChangePW(tokenName, pwFile, newpwFile); - break; - case CREATE_COMMAND: - /* The work was already done in init_crypto() */ - break; - case DEFAULT_COMMAND: - errcode = SetDefaultModule(moduleName, slotName, mechanisms); - break; - case DELETE_COMMAND: - errcode = DeleteModule(moduleName); - break; - case DISABLE_COMMAND: - errcode = EnableModule(moduleName, slotName, PR_FALSE); - break; - case ENABLE_COMMAND: - errcode = EnableModule(moduleName, slotName, PR_TRUE); - break; - case FIPS_COMMAND: - errcode = FipsMode(fipsArg); - break; - case CHKFIPS_COMMAND: - errcode = ChkFipsMode(fipsArg); - break; - case JAR_COMMAND: - Pk11Install_SetErrorHandler(install_error); - errcode = Pk11Install_DoInstall(jarFile, installDir, tempDir, - PR_STDOUT, force, nocertdb); - break; - case LIST_COMMAND: - if(moduleName) { - errcode = ListModule(moduleName); - } else { - errcode = ListModules(); - } - break; - case UNDEFAULT_COMMAND: - errcode = UnsetDefaultModule(moduleName, slotName, mechanisms); - break; - default: - PR_fprintf(PR_STDERR, "This command is not supported yet.\n"); - errcode = INVALID_USAGE_ERR; - break; - } - - if (NSS_Shutdown() != SECSuccess) { - exit(1); - } + char stdinbuf[STDINBUF_SIZE]; + + progName = strrchr(argv[0], '/'); + progName = progName ? progName + 1 : argv[0]; + + PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); + + if (parse_args(argc, argv) != SUCCESS) { + usage(); + errcode = INVALID_USAGE_ERR; + goto loser; + } + + if (verify_params() != SUCCESS) { + usage(); + errcode = INVALID_USAGE_ERR; + goto loser; + } + + if (command == NO_COMMAND) { + PR_fprintf(PR_STDERR, errStrings[NO_COMMAND_ERR]); + usage(); + errcode = INVALID_USAGE_ERR; + goto loser; + } + + /* Set up crypto stuff */ + createdb = command == CREATE_COMMAND; + readOnly = ((command == LIST_COMMAND) || + (command == CHKFIPS_COMMAND) || + (command == RAW_LIST_COMMAND)); + + /* Make sure browser is not running if we're writing to a database */ + /* Do this before initializing crypto */ + if (!readOnly && !force) { + char* response; + + PR_fprintf(PR_STDOUT, msgStrings[BROWSER_RUNNING_MSG]); + if (!PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) { + PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]); + errcode = STDIN_READ_ERR; + goto loser; + } + if ((response = strtok(stdinbuf, " \r\n\t"))) { + if (!PL_strcasecmp(response, "q")) { + PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]); + errcode = SUCCESS; + goto loser; + } + } + PR_fprintf(PR_STDOUT, "\n"); + } + + errcode = check_crypto(createdb, readOnly); + if (errcode != SUCCESS) { + goto loser; + } + + if ((command == RAW_LIST_COMMAND) || (command == RAW_ADD_COMMAND)) { + if (!moduleName) { + char *readOnlyStr, *noCertDBStr, *sep; + if (!secmodName) + secmodName = "secmod.db"; + if (!dbprefix) + dbprefix = ""; + sep = ((command == RAW_LIST_COMMAND) && nocertdb) ? "," : " "; + readOnlyStr = (command == RAW_LIST_COMMAND) ? "readOnly" : ""; + noCertDBStr = nocertdb ? "noCertDB" : ""; + SECU_ConfigDirectory(dbdir); + + moduleName = PR_smprintf( + "name=\"NSS default Module DB\" parameters=\"configdir=%s certPrefix=%s " + "keyPrefix=%s secmod=%s flags=%s%s%s\" NSS=\"flags=internal,moduleDB," + "moduleDBOnly,critical\"", + SECU_ConfigDirectory(NULL), dbprefix, dbprefix, + secmodName, readOnlyStr, sep, noCertDBStr); + } + if (command == RAW_LIST_COMMAND) { + errcode = RawListModule(moduleName); + } else { + PORT_Assert(moduleSpec); + errcode = RawAddModule(moduleName, moduleSpec); + } + goto loser; + } + + errcode = init_crypto(createdb, readOnly); + if (errcode != SUCCESS) { + goto loser; + } + + errcode = LoadMechanismList(); + if (errcode != SUCCESS) { + goto loser; + } + + /* Execute the command */ + switch (command) { + case ADD_COMMAND: + errcode = AddModule(moduleName, libFile, ciphers, mechanisms, secmodString); + break; + case CHANGEPW_COMMAND: + errcode = ChangePW(tokenName, pwFile, newpwFile); + break; + case CREATE_COMMAND: + /* The work was already done in init_crypto() */ + break; + case DEFAULT_COMMAND: + errcode = SetDefaultModule(moduleName, slotName, mechanisms); + break; + case DELETE_COMMAND: + errcode = DeleteModule(moduleName); + break; + case DISABLE_COMMAND: + errcode = EnableModule(moduleName, slotName, PR_FALSE); + break; + case ENABLE_COMMAND: + errcode = EnableModule(moduleName, slotName, PR_TRUE); + break; + case FIPS_COMMAND: + errcode = FipsMode(fipsArg); + break; + case CHKFIPS_COMMAND: + errcode = ChkFipsMode(fipsArg); + break; + case JAR_COMMAND: + Pk11Install_SetErrorHandler(install_error); + errcode = Pk11Install_DoInstall(jarFile, installDir, tempDir, + PR_STDOUT, force, nocertdb); + break; + case LIST_COMMAND: + if (moduleName) { + errcode = ListModule(moduleName); + } else { + errcode = ListModules(); + } + break; + case UNDEFAULT_COMMAND: + errcode = UnsetDefaultModule(moduleName, slotName, mechanisms); + break; + default: + PR_fprintf(PR_STDERR, "This command is not supported yet.\n"); + errcode = INVALID_USAGE_ERR; + break; + } + + if (NSS_Shutdown() != SECSuccess) { + exit(1); + } loser: - PR_Cleanup(); - return errcode; + PR_Cleanup(); + return errcode; } /************************************************************************ @@ -924,9 +922,9 @@ loser: * Callback function to handle errors in PK11 JAR file installation. */ static void -install_error(char *message) +install_error(char* message) { - PR_fprintf(PR_STDERR, "Install error: %s\n", message); + PR_fprintf(PR_STDERR, "Install error: %s\n", message); } /************************************************************************* @@ -936,11 +934,10 @@ install_error(char *message) void out_of_memory(void) { - PR_fprintf(PR_STDERR, errStrings[OUT_OF_MEM_ERR]); - exit(OUT_OF_MEM_ERR); + PR_fprintf(PR_STDERR, errStrings[OUT_OF_MEM_ERR]); + exit(OUT_OF_MEM_ERR); } - /************************************************************************** * * P R _ f g e t s @@ -948,26 +945,26 @@ out_of_memory(void) * fgets implemented with NSPR. */ static char* -PR_fgets(char *buf, int size, PRFileDesc *file) +PR_fgets(char* buf, int size, PRFileDesc* file) { - int i; - int status; - char c; - - i=0; - while(i < size-1) { - status = PR_Read(file, (void*) &c, 1); - if(status==-1) { - return NULL; - } else if(status==0) { - break; - } - buf[i++] = c; - if(c=='\n') { - break; - } - } - buf[i]='\0'; - - return buf; + int i; + int status; + char c; + + i = 0; + while (i < size - 1) { + status = PR_Read(file, (void*)&c, 1); + if (status == -1) { + return NULL; + } else if (status == 0) { + break; + } + buf[i++] = c; + if (c == '\n') { + break; + } + } + buf[i] = '\0'; + + return buf; } |