[PATCH 2/2] Load modules from $libdir/pkcs11
Kalev Lember
kalevlember at gmail.com
Tue Sep 13 22:10:46 PDT 2011
So far we have only supported full paths to the pkcs11 modules in config
files. This change adds relative path support, so that for modules
installed under the standard $libdir/pkcs11, the config file won't have
to spell out the full path.
---
configure.ac | 9 +++++++
p11-kit/modules.c | 59 ++++++++++++++++++++++++++++++++++++++++++++--
p11-kit/p11-kit-1.pc.in | 1 +
3 files changed, 66 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9111cf1..71b9f58 100644
--- a/configure.ac
+++ b/configure.ac
@@ -59,21 +59,29 @@ AC_ARG_WITH([pkcs11-config-dir],
[pkcs11_config_dir=$withval],
[pkcs11_config_dir=$sysconfdir/pkcs11])
+AC_ARG_WITH([pkcs11-modules-dir],
+ [AS_HELP_STRING([--with-pkcs11-modules-dir], [Change PKCS#11 system modules directory])],
+ [pkcs11_modules_dir=$withval],
+ [pkcs11_modules_dir=$libdir/pkcs11])
+
# We expand these so we have concrete paths
p11_system_dir=$(eval echo $pkcs11_config_dir)
p11_system_conf=$(eval echo $p11_system_dir/pkcs11.conf)
p11_system_modules_config_dir=$(eval echo $p11_system_dir/modules)
+p11_system_modules_dir=$(eval echo $pkcs11_modules_dir)
p11_user_conf="~/.pkcs11/pkcs11.conf"
p11_user_modules_config_dir="~/.pkcs11/modules"
AC_DEFINE_UNQUOTED(P11_SYSTEM_CONF, "$p11_system_conf", [System configuration file])
AC_DEFINE_UNQUOTED(P11_SYSTEM_MODULES_CONFIG_DIR, "$p11_system_modules_config_dir", [System modules configuration dir])
+AC_DEFINE_UNQUOTED(P11_SYSTEM_MODULES_DIR, "$p11_system_modules_dir", [System modules dir])
AC_DEFINE_UNQUOTED(P11_USER_CONF, "$p11_user_conf", [User configuration file])
AC_DEFINE_UNQUOTED(P11_USER_MODULES_CONFIG_DIR, "$p11_user_modules_config_dir", [User modules configuration dir])
AC_SUBST(p11_system_dir)
AC_SUBST(p11_system_conf)
AC_SUBST(p11_system_modules_config_dir)
+AC_SUBST(p11_system_modules_dir)
AC_SUBST(p11_user_conf)
AC_SUBST(p11_user_modules_config_dir)
@@ -192,4 +200,5 @@ AC_MSG_NOTICE([build options:
User Global Config: $p11_user_conf
System Module Config Directory: $p11_system_modules_config_dir
User Module Config Directory: $p11_user_modules_config_dir
+ System Module Directory: $p11_system_modules_dir
])
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 4cfb4cb..5ff5e6f 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -244,6 +244,35 @@ alloc_module_unlocked (void)
return mod;
}
+static int
+is_relative_path (const char *path)
+{
+ assert (path);
+
+ return (*path != '/');
+}
+
+static char*
+build_path (const char *dir, const char *filename)
+{
+ char *path;
+ int len;
+
+ assert (dir);
+ assert (filename);
+
+ len = snprintf (NULL, 0, "%s/%s", dir, filename) + 1;
+ if (len <= 0 || len > PATH_MAX)
+ return NULL;
+
+ if (!(path = malloc (len)))
+ return NULL;
+
+ sprintf (path, "%s/%s", dir, filename);
+
+ return path;
+}
+
static CK_RV
dlopen_and_get_function_list (Module *mod, const char *path)
{
@@ -312,11 +341,25 @@ load_module_from_file_unlocked (const char *path, Module **result)
return CKR_OK;
}
+static char*
+expand_module_path (const char *filename)
+{
+ char *path;
+
+ if (is_relative_path (filename))
+ path = build_path (P11_SYSTEM_MODULES_DIR, filename);
+ else
+ path = strdup (filename);
+
+ return path;
+}
+
static CK_RV
take_config_and_load_module_unlocked (char **name, hashmap **config)
{
Module *mod, *prev;
- const char *path;
+ const char *module_filename;
+ char *path;
CK_RV rv;
assert (name);
@@ -324,12 +367,22 @@ take_config_and_load_module_unlocked (char **name, hashmap **config)
assert (config);
assert (*config);
- path = hash_get (*config, "module");
- if (path == NULL) {
+ module_filename = hash_get (*config, "module");
+ if (module_filename == NULL) {
debug ("no module path for module, skipping: %s", *name);
return CKR_OK;
}
+ path = expand_module_path (module_filename);
+ if (!path)
+ return CKR_HOST_MEMORY;
+
+ /* The hash map will take ownership of the variable */
+ if (!hash_set (*config, "module", path)) {
+ free (path);
+ return CKR_HOST_MEMORY;
+ }
+
mod = alloc_module_unlocked ();
if (!mod)
return CKR_HOST_MEMORY;
diff --git a/p11-kit/p11-kit-1.pc.in b/p11-kit/p11-kit-1.pc.in
index dac411a..8eda9c0 100644
--- a/p11-kit/p11-kit-1.pc.in
+++ b/p11-kit/p11-kit-1.pc.in
@@ -7,6 +7,7 @@ datadir=@datadir@
sysconfdir=@sysconfdir@
p11_system_conf=@p11_system_conf@
p11_system_modules_config_dir=@p11_system_modules_config_dir@
+p11_system_modules_dir=@p11_system_modules_dir@
p11_user_conf=@p11_user_conf@
p11_user_modules_config_dir=@p11_user_modules_config_dir@
proxy_module=@libdir@/p11-kit-proxy.so
--
1.7.6.2
More information about the p11-glue
mailing list