Use onepin-opensc-pkcs11.so for Chromium (#1828)
* pkcs11-register: Fixed detection of already registered OpenSC Anny configuration of onepin-opensc-pkcs11.so and opensc-pkcs11.so should be enough to skip registering the default module again. * Use onepin module for generic NSS DB fixes https://github.com/OpenSC/OpenSC/issues/1818 May have the disadvantage that some other programs that use NSS don't see the signature keys. However, we currently only know for sure that Chromium is using the generic NSS DB.
This commit is contained in:
parent
eac516fd41
commit
3a1bd36e20
|
@ -118,7 +118,7 @@ get_next_profile_path(const char **profiles_ini, const char *home, const char *b
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_pkcs11_txt(const char *profile_dir,
|
add_module_pkcs11_txt(const char *profile_dir,
|
||||||
const char *module_path, const char *module_name)
|
const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
char pkcs11_txt_path[PATH_MAX];
|
char pkcs11_txt_path[PATH_MAX];
|
||||||
char *pkcs11_txt = NULL;
|
char *pkcs11_txt = NULL;
|
||||||
|
@ -136,7 +136,8 @@ add_module_pkcs11_txt(const char *profile_dir,
|
||||||
p[pkcs11_txt_len] = '\0';
|
p[pkcs11_txt_len] = '\0';
|
||||||
pkcs11_txt = p;
|
pkcs11_txt = p;
|
||||||
|
|
||||||
if (!strstr(pkcs11_txt, module_path)) {
|
if (!strstr(pkcs11_txt, module_path)
|
||||||
|
&& (!exclude_module_path || !strstr(pkcs11_txt, exclude_module_path))) {
|
||||||
/* module is not yet present */
|
/* module is not yet present */
|
||||||
FILE *f = fopen(pkcs11_txt_path, "a");
|
FILE *f = fopen(pkcs11_txt_path, "a");
|
||||||
if (f) {
|
if (f) {
|
||||||
|
@ -160,7 +161,7 @@ struct location {
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_mozilla(const struct location *locations, size_t locations_len,
|
add_module_mozilla(const struct location *locations, size_t locations_len,
|
||||||
const char *module_path, const char *module_name)
|
const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
|
@ -177,7 +178,7 @@ add_module_mozilla(const struct location *locations, size_t locations_len,
|
||||||
const char *profile_path = get_next_profile_path(&p, home, locations[i].dir);
|
const char *profile_path = get_next_profile_path(&p, home, locations[i].dir);
|
||||||
if (!profile_path)
|
if (!profile_path)
|
||||||
break;
|
break;
|
||||||
add_module_pkcs11_txt(profile_path, module_path, module_name);
|
add_module_pkcs11_txt(profile_path, module_path, module_name, exclude_module_path);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
free(profiles_ini);
|
free(profiles_ini);
|
||||||
|
@ -218,7 +219,7 @@ get_module_name(const char *module_path)
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_firefox(const char *module_path, const char *module_name)
|
add_module_firefox(const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
struct location locations[] = {
|
struct location locations[] = {
|
||||||
#if defined(__APPLE__)
|
#if defined(__APPLE__)
|
||||||
|
@ -231,15 +232,17 @@ add_module_firefox(const char *module_path, const char *module_name)
|
||||||
#endif
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
if (0 == strcmp(module_path, default_pkcs11_provider))
|
if (0 == strcmp(module_path, default_pkcs11_provider)) {
|
||||||
module_path = default_onepin_pkcs11_provider;
|
module_path = default_onepin_pkcs11_provider;
|
||||||
|
exclude_module_path = default_pkcs11_provider;
|
||||||
|
}
|
||||||
|
|
||||||
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
||||||
module_path, module_name);
|
module_path, module_name, exclude_module_path);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_thunderbird(const char *module_path, const char *module_name)
|
add_module_thunderbird(const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
struct location locations[] = {
|
struct location locations[] = {
|
||||||
#if defined(__APPLE__)
|
#if defined(__APPLE__)
|
||||||
|
@ -254,11 +257,11 @@ add_module_thunderbird(const char *module_path, const char *module_name)
|
||||||
};
|
};
|
||||||
|
|
||||||
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
||||||
module_path, module_name);
|
module_path, module_name, exclude_module_path);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_seamonkey(const char *module_path, const char *module_name)
|
add_module_seamonkey(const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
struct location locations[] = {
|
struct location locations[] = {
|
||||||
#if defined(__APPLE__)
|
#if defined(__APPLE__)
|
||||||
|
@ -272,20 +275,26 @@ add_module_seamonkey(const char *module_path, const char *module_name)
|
||||||
};
|
};
|
||||||
|
|
||||||
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
add_module_mozilla(locations, sizeof locations/sizeof *locations,
|
||||||
module_path, module_name);
|
module_path, module_name, exclude_module_path);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
add_module_chrome(const char *module_path, const char *module_name)
|
add_module_chrome(const char *module_path, const char *module_name, const char *exclude_module_path)
|
||||||
{
|
{
|
||||||
#if defined(__APPLE__) || defined(_WIN32)
|
#if defined(__APPLE__) || defined(_WIN32)
|
||||||
/* OS specific framework will be used by Chrome instead of PKCS#11 */
|
/* OS specific framework will be used by Chrome instead of PKCS#11 */
|
||||||
#else
|
#else
|
||||||
char profile_path[PATH_MAX];
|
char profile_path[PATH_MAX];
|
||||||
const char *home = getenv("HOME");
|
const char *home = getenv("HOME");
|
||||||
|
|
||||||
|
if (0 == strcmp(module_path, default_pkcs11_provider)) {
|
||||||
|
module_path = default_onepin_pkcs11_provider;
|
||||||
|
exclude_module_path = default_pkcs11_provider;
|
||||||
|
}
|
||||||
|
|
||||||
if (home && 0 <= snprintf(profile_path, sizeof profile_path,
|
if (home && 0 <= snprintf(profile_path, sizeof profile_path,
|
||||||
"%s%c%s", home, path_sep, ".pki/nssdb")) {
|
"%s%c%s", home, path_sep, ".pki/nssdb")) {
|
||||||
add_module_pkcs11_txt(profile_path, module_path, module_name);
|
add_module_pkcs11_txt(profile_path, module_path, module_name, exclude_module_path);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
@ -300,13 +309,16 @@ int
|
||||||
main(int argc, char **argv)
|
main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
struct gengetopt_args_info cmdline;
|
struct gengetopt_args_info cmdline;
|
||||||
|
const char *exclude_module_path = NULL;
|
||||||
|
|
||||||
if (cmdline_parser(argc, argv, &cmdline) != 0)
|
if (cmdline_parser(argc, argv, &cmdline) != 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
const char *module_path = cmdline.module_arg;
|
const char *module_path = cmdline.module_arg;
|
||||||
if (!cmdline.module_given)
|
if (!cmdline.module_given) {
|
||||||
module_path = default_pkcs11_provider;
|
module_path = default_pkcs11_provider;
|
||||||
|
exclude_module_path = default_onepin_pkcs11_provider;
|
||||||
|
}
|
||||||
#ifdef _WIN32
|
#ifdef _WIN32
|
||||||
DWORD expanded_len;
|
DWORD expanded_len;
|
||||||
char module_path_expanded[PATH_MAX], default_expanded[PATH_MAX], onepin_expanded[PATH_MAX];
|
char module_path_expanded[PATH_MAX], default_expanded[PATH_MAX], onepin_expanded[PATH_MAX];
|
||||||
|
@ -322,13 +334,13 @@ main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!cmdline.skip_chrome_flag)
|
if (!cmdline.skip_chrome_flag)
|
||||||
add_module_chrome(module_path, module_name);
|
add_module_chrome(module_path, module_name, exclude_module_path);
|
||||||
if (!cmdline.skip_firefox_flag)
|
if (!cmdline.skip_firefox_flag)
|
||||||
add_module_firefox(module_path, module_name);
|
add_module_firefox(module_path, module_name, exclude_module_path);
|
||||||
if (!cmdline.skip_thunderbird_flag)
|
if (!cmdline.skip_thunderbird_flag)
|
||||||
add_module_thunderbird(module_path, module_name);
|
add_module_thunderbird(module_path, module_name, exclude_module_path);
|
||||||
if (!cmdline.skip_seamonkey_flag)
|
if (!cmdline.skip_seamonkey_flag)
|
||||||
add_module_seamonkey(module_path, module_name);
|
add_module_seamonkey(module_path, module_name, exclude_module_path);
|
||||||
|
|
||||||
cmdline_parser_free (&cmdline);
|
cmdline_parser_free (&cmdline);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue