Closed
Bug 252702
Opened 20 years ago
Closed 20 years ago
NSS needs to handle better token insertion and removal.
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.9.3
People
(Reporter: rrelyea, Assigned: rrelyea)
Details
Attachments
(1 file, 4 obsolete files)
48.92 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Currently NSS handles token insertion and removals by polling. PKCS #11 supplies and interface for us to get token events. NSS needs a function give applications access to this server. PKCS 2.20 also allows for the slotlist to grow as new slots are dynamically added. NSS needs a way to grow it's slotlist on the fly as well.
Assignee | ||
Updated•20 years ago
|
Target Milestone: --- → 3.9.3
Assignee | ||
Comment 1•20 years ago
|
||
This code adds new several new functions: SECMOD_WaitForAnyTokenEvent - waits for a token insertion or removal using the PKCS#11 C_WaitForSlotEvent() call. If the module does not support the call, a polling method is invoked. This varies from the previous attempt and defining an API for this function in that The previous call waited for a single slot, not on a whole module. The new interface is more efficient, and matches the PKCS #11 interface better. SECMOD_CancelWait() - cancels a pending wait. The only way to do this in PKCS #11 is to call Finalize, so this function should really only be used while shutting down (though it does re-init the module). SECMOD_UpdateSlotList() - applications can call this function whenever the application feels new slots may have been added. SECMOD_WaitForAnyTokenEvent automatically calls SECMOD_UpdateSlotList whenever it gets a slot id that it doesn't recognize. This patch adds a new element to a public data structure (evControlMask). It also adds the requirement that applications need to get the moduleList ReadLock when examining the slots[] array directly. This is only necessary if the application calls SECMOD_UpdateSlotList or SECMOD_WaitForAnyTokenEvent, so existing apps do not have an issue.
Assignee | ||
Updated•20 years ago
|
Attachment #154054 -
Flags: superreview?(kinmoz)
Attachment #154054 -
Flags: review?(wchang0222)
Assignee | ||
Comment 2•20 years ago
|
||
The other was from another tree... the refactoring patch
Attachment #154054 -
Attachment is obsolete: true
Assignee | ||
Updated•20 years ago
|
Attachment #154055 -
Flags: superreview?(kinmoz)
Attachment #154055 -
Flags: review?(wchang0222)
Assignee | ||
Updated•20 years ago
|
Attachment #154054 -
Flags: superreview?(kinmoz)
Attachment #154054 -
Flags: review?(wchang0222)
Assignee | ||
Comment 3•20 years ago
|
||
Comment on attachment 154055 [details] [diff] [review] Really the" Add functions to wait for new token events and update new slots on the fly." patch Changing review from wan-teh (going on vacation) to nelson (returning from vaction).
Attachment #154055 -
Flags: review?(wchang0222) → review?(nelson)
Comment 4•20 years ago
|
||
Comment on attachment 154055 [details] [diff] [review] Really the" Add functions to wait for new token events and update new slots on the fly." patch I gave Bob a written set of review feedback.
Attachment #154055 -
Flags: review?(nelson) → review-
Assignee | ||
Comment 5•20 years ago
|
||
The major change is adding locking around trust domain access to the token list and the token iterator. The PKCS #11 module list reader/writer locks have also been converted to use the NSS reader/writer lock support.
Assignee | ||
Updated•20 years ago
|
Attachment #154055 -
Attachment is obsolete: true
Assignee | ||
Comment 6•20 years ago
|
||
Attachment #154630 -
Attachment is obsolete: true
Assignee | ||
Comment 7•20 years ago
|
||
It's time to go home... bob needs to get some sleep before he touches anymore C code...
Attachment #154631 -
Attachment is obsolete: true
Assignee | ||
Comment 8•20 years ago
|
||
Comment on attachment 154632 [details] [diff] [review] This *should* be the correct patch... OK, this is the one that needs to be reviewed.
Attachment #154632 -
Flags: review?(nelson)
Assignee | ||
Comment 9•20 years ago
|
||
Checkin log for NSS 3.9 Checking in nss/nss.def; /cvsroot/mozilla/security/nss/lib/nss/nss.def,v <-- nss.def new revision: 1.128.4.2; previous revision: 1.128.4.1 done Checking in pk11wrap/pk11err.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11err.c,v <-- pk11err.c new revision: 1.1.276.1; previous revision: 1.1 done Checking in pk11wrap/pk11list.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11list.c,v <-- pk11list.c new revision: 1.3.238.1; previous revision: 1.3 done Checking in pk11wrap/pk11load.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11load.c,v <-- pk11load.c new revision: 1.9.16.1; previous revision: 1.9 done Checking in pk11wrap/pk11pars.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pars.c,v <-- pk11pars.c new revision: 1.14.16.1; previous revision: 1.14 done Checking in pk11wrap/pk11util.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11util.c,v <-- pk11util.c new revision: 1.41.16.1; previous revision: 1.41 done Checking in pk11wrap/secmod.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmod.h,v <-- secmod.h new revision: 1.17.16.1; previous revision: 1.17 done Checking in pk11wrap/secmodi.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v <-- secmodi.h new revision: 1.14.16.2; previous revision: 1.14.16.1 done Checking in pk11wrap/secmodt.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodt.h,v <-- secmodt.h new revision: 1.20.16.2; previous revision: 1.20.16.1 done Checking in pk11wrap/secmodti.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodti.h,v <-- secmodti.h new revision: 1.16.16.2; previous revision: 1.16.16.1 done Checking in pki/pki3hack.c; /cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v <-- pki3hack.c new revision: 1.79.14.2; previous revision: 1.79.14.1 done Checking in pki/pki3hack.h; /cvsroot/mozilla/security/nss/lib/pki/pki3hack.h,v <-- pki3hack.h new revision: 1.15.16.2; previous revision: 1.15.16.1 done Checking in pki/pkit.h; /cvsroot/mozilla/security/nss/lib/pki/pkit.h,v <-- pkit.h new revision: 1.13.98.1; previous revision: 1.13 done Checking in pki/trustdomain.c; /cvsroot/mozilla/security/nss/lib/pki/trustdomain.c,v <-- trustdomain.c new revision: 1.48.38.1; previous revision: 1.48 done Checking in util/secerr.h; /cvsroot/mozilla/security/nss/lib/util/secerr.h,v <-- secerr.h new revision: 1.12.16.2; previous revision: 1.12.16.1 done
Assignee | ||
Comment 10•20 years ago
|
||
Checkin log to tip: Checking in nss/nss.def; /cvsroot/mozilla/security/nss/lib/nss/nss.def,v <-- nss.def new revision: 1.133; previous revision: 1.132 done Checking in pk11wrap/pk11err.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11err.c,v <-- pk11err.c new revision: 1.3; previous revision: 1.2 done Checking in pk11wrap/pk11list.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11list.c,v <-- pk11list.c new revision: 1.6; previous revision: 1.5 done Checking in pk11wrap/pk11load.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11load.c,v <-- pk11load.c new revision: 1.14; previous revision: 1.13 done Checking in pk11wrap/pk11pars.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pars.c,v <-- pk11pars.c new revision: 1.17; previous revision: 1.16 done Checking in pk11wrap/pk11util.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11util.c,v <-- pk11util.c new revision: 1.44; previous revision: 1.43 done Checking in pk11wrap/secmod.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmod.h,v <-- secmod.h new revision: 1.20; previous revision: 1.19 done Checking in pk11wrap/secmodi.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v <-- secmodi.h new revision: 1.19; previous revision: 1.18 done Checking in pk11wrap/secmodt.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodt.h,v <-- secmodt.h new revision: 1.24; previous revision: 1.23 done Checking in pk11wrap/secmodti.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodti.h,v <-- secmodti.h new revision: 1.20; previous revision: 1.19 done Checking in pki/pki3hack.c; /cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v <-- pki3hack.c new revision: 1.83; previous revision: 1.82 done Checking in pki/pki3hack.h; /cvsroot/mozilla/security/nss/lib/pki/pki3hack.h,v <-- pki3hack.h new revision: 1.18; previous revision: 1.17 done Checking in pki/pkit.h; /cvsroot/mozilla/security/nss/lib/pki/pkit.h,v <-- pkit.h new revision: 1.16; previous revision: 1.15 done Checking in pki/trustdomain.c; /cvsroot/mozilla/security/nss/lib/pki/trustdomain.c,v <-- trustdomain.c new revision: 1.50; previous revision: 1.49 done Checking in util/secerr.h; /cvsroot/mozilla/security/nss/lib/util/secerr.h,v <-- secerr.h new revision: 1.16; previous revision: 1.15 done
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Comment 11•20 years ago
|
||
Comment on attachment 154632 [details] [diff] [review] This *should* be the correct patch... I gave Bob verbal r=nelson before the checkins.
Attachment #154632 -
Flags: review?(nelson) → review+
Updated•20 years ago
|
Priority: -- → P2
Assignee | ||
Updated•20 years ago
|
Attachment #154055 -
Flags: superreview?(kinmoz)
You need to log in
before you can comment on or make changes to this bug.
Description
•