diff options
| author | wyllys <none@none> | 2007-10-22 14:24:56 -0700 |
|---|---|---|
| committer | wyllys <none@none> | 2007-10-22 14:24:56 -0700 |
| commit | 90c85bf889e3af34323084f00e344a82f120b409 (patch) | |
| tree | 0efc717dde761fb5bb5d90cde940a06e97fc9d4d | |
| parent | 5114d1ad03211a84d5722382609b1c7f8552e216 (diff) | |
| download | illumos-gate-90c85bf889e3af34323084f00e344a82f120b409.tar.gz | |
6614385 libkmf should be able to open plugins on demand
| -rw-r--r-- | usr/src/lib/libkmf/libkmf/Makefile.com | 11 | ||||
| -rw-r--r-- | usr/src/lib/libkmf/libkmf/common/generalop.c | 62 | ||||
| -rw-r--r-- | usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com | 9 |
3 files changed, 45 insertions, 37 deletions
diff --git a/usr/src/lib/libkmf/libkmf/Makefile.com b/usr/src/lib/libkmf/libkmf/Makefile.com index fd5162c59c..74447da003 100644 --- a/usr/src/lib/libkmf/libkmf/Makefile.com +++ b/usr/src/lib/libkmf/libkmf/Makefile.com @@ -58,12 +58,15 @@ LIBS= $(DYNLIB) $(LINTLIB) $(LINTLIB) := SRCS = $(SRCDIR)/$(LINTSRC) -LDLIBS += $(BERDERLIB) $(CRYPTOUTILLIB) -lmd -lpkcs11 -lnsl -lsocket -lc -LDLIBS64 += $(BERDERLIB64) $(CRYPTOUTILLIB64) -lmd -lpkcs11 -lnsl -lsocket -lc +LAZYLIBS= $(ZLAZYLOAD) -lpkcs11 $(ZNOLAZYLOAD) +lint := LAZYLIBS = -lpkcs11 + +LDLIBS += $(BERDERLIB) $(CRYPTOUTILLIB) -lmd $(LAZYLIBS) -lnsl -lsocket -lc +LDLIBS64 += $(BERDERLIB64) $(CRYPTOUTILLIB64) -lmd $(LAZYLIBS) -lnsl -lsocket -lc # DYNLIB libraries do not have lint libs and are not linted -$(DYNLIB) := LDLIBS += -lxml2 -$(DYNLIB64) := LDLIBS64 += -lxml2 +$(DYNLIB) := LDLIBS += $(ZLAZYLOAD) -lxml2 $(ZNOLAZYLOAD) +$(DYNLIB64) := LDLIBS64 += $(ZLAZYLOAD) -lxml2 $(ZNOLAZYLOAD) CPPFLAGS += -I$(INCDIR) -I/usr/include/libxml2 -I../../ber_der/inc -I$(SRCDIR) diff --git a/usr/src/lib/libkmf/libkmf/common/generalop.c b/usr/src/lib/libkmf/libkmf/common/generalop.c index 38a72a3df4..f41f9ec71f 100644 --- a/usr/src/lib/libkmf/libkmf/common/generalop.c +++ b/usr/src/lib/libkmf/libkmf/common/generalop.c @@ -154,7 +154,10 @@ KMF_PLUGIN_ITEM plugin_list[] = { +static KMF_RETURN InitializePlugin(KMF_KEYSTORE_TYPE, char *, KMF_PLUGIN **); +static KMF_RETURN AddPlugin(KMF_HANDLE_T, KMF_PLUGIN *); static void free_extensions(KMF_X509_EXTENSIONS *extns); +static void DestroyPlugin(KMF_PLUGIN *); KMF_RETURN init_pk11() @@ -182,17 +185,43 @@ KMF_PLUGIN * FindPlugin(KMF_HANDLE_T handle, KMF_KEYSTORE_TYPE kstype) { KMF_PLUGIN_LIST *node; + KMF_RETURN ret = KMF_OK; if (handle == NULL) return (NULL); node = handle->plugins; + /* See if the desired plugin was already initialized. */ while (node != NULL && node->plugin->type != kstype) node = node->next; - /* If it is NULL, that is indication enough of an error */ - return (node ? node->plugin : NULL); + /* If the plugin was not found, try to initialize it here. */ + if (node == NULL) { + int i; + KMF_PLUGIN *pluginrec = NULL; + int numitems = sizeof (plugin_list)/sizeof (KMF_PLUGIN_ITEM); + for (i = 0; i < numitems; i++) { + if (plugin_list[i].kstype == kstype) { + ret = InitializePlugin(plugin_list[i].kstype, + plugin_list[i].path, &pluginrec); + break; + } + } + + /* No matching plugins found in the available list */ + if (ret != KMF_OK || pluginrec == NULL) + return (NULL); + + ret = AddPlugin(handle, pluginrec); + if (ret != KMF_OK) { + DestroyPlugin(pluginrec); + pluginrec = NULL; + } + return (pluginrec); + } else { + return (node->plugin); + } } static KMF_RETURN @@ -216,7 +245,7 @@ InitializePlugin(KMF_KEYSTORE_TYPE kstype, char *path, KMF_PLUGIN **plugin) free(p); return (KMF_ERR_MEMORY); } - p->dldesc = dlopen(path, RTLD_NOW | RTLD_GROUP | RTLD_PARENT); + p->dldesc = dlopen(path, RTLD_LAZY | RTLD_GROUP | RTLD_PARENT); if (p->dldesc == NULL) { free(p->path); free(p); @@ -294,12 +323,9 @@ Cleanup_KMF_Handle(KMF_HANDLE_T handle) KMF_PLUGIN_LIST *next = handle->plugins->next; DestroyPlugin(handle->plugins->plugin); - free(handle->plugins); - handle->plugins = next; } - kmf_free_policy_record(handle->policy); free(handle->policy); } @@ -323,8 +349,6 @@ kmf_initialize(KMF_HANDLE_T *outhandle, char *policyfile, char *policyname) { KMF_RETURN ret = KMF_OK; KMF_HANDLE *handle = NULL; - KMF_PLUGIN *pluginrec = NULL; - int i, numitems; if (outhandle == NULL) return (KMF_ERR_BAD_PARAMETER); @@ -344,28 +368,6 @@ kmf_initialize(KMF_HANDLE_T *outhandle, char *policyfile, char *policyname) if (ret != KMF_OK) goto errout; - numitems = sizeof (plugin_list)/sizeof (KMF_PLUGIN_ITEM); - for (i = 0; i < numitems; i++) { - ret = InitializePlugin(plugin_list[i].kstype, - plugin_list[i].path, &pluginrec); - if (ret != KMF_OK) { - cryptoerror( - plugin_list[i].critical ? LOG_WARNING : LOG_DEBUG, - "KMF was unable to load %s plugin module %s\n", - plugin_list[i].critical ? "critical" : "optional", - plugin_list[i].path); - - if (plugin_list[i].critical == FALSE) - ret = KMF_OK; - else - goto errout; - } - if (pluginrec != NULL) { - if ((ret = AddPlugin(handle, pluginrec))) - goto errout; - } - } - CLEAR_ERROR(handle, ret); errout: if (ret != KMF_OK) { diff --git a/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com b/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com index fdc89db34a..ce639da0e1 100644 --- a/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com +++ b/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com @@ -18,8 +18,7 @@ # # CDDL HEADER END # -# -# Copyright 2006 Sun Microsystems, Inc. All rights reserved. +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # ident "%Z%%M% %I% %E% SMI" @@ -37,7 +36,11 @@ include $(SRC)/lib/openssl/Makefile.openssl LIBLINKS= $(DYNLIB:.so.1=.so) KMFINC= -I../../../include -I../../../ber_der/inc -BERLIB= -lkmf -lkmfberder +LAZYLIBS= $(ZLAZYLOAD) -lkmf $(ZNOLAZYLOAD) -lkmfberder + +lint:= LAZYLIBS = -lkmf -lkmfberder + +BERLIB= $(LAZYLIBS) BERLIB64= $(BERLIB) OPENSSLLIBS= $(BERLIB) $(OPENSSL_DYNFLAGS) $(OPENSSL_LDFLAGS) -lcrypto -lcryptoutil -lc |