void nssCleanup (void) { /* Shutdown NSS and exit NSPR gracefully. */ NSS_Shutdown (); PR_Cleanup (); }
/* Global cleanup */ void Curl_nss_cleanup(void) { /* This function isn't required to be threadsafe and this is only done * as a safety feature. */ PR_Lock(nss_initlock); if(initialized) { /* Free references to client certificates held in the SSL session cache. * Omitting this hampers destruction of the security module owning * the certificates. */ SSL_ClearSessionCache(); if(mod && SECSuccess == SECMOD_UnloadUserModule(mod)) { SECMOD_DestroyModule(mod); mod = NULL; } #ifdef HAVE_NSS_INITCONTEXT NSS_ShutdownContext(nss_context); nss_context = NULL; #else /* HAVE_NSS_INITCONTEXT */ NSS_Shutdown(); #endif } PR_Unlock(nss_initlock); PR_DestroyLock(nss_initlock); PR_DestroyLock(nss_crllock); nss_initlock = NULL; initialized = 0; }
void crypto_global_finish(void) { NSS_Shutdown(); PL_ArenaFinish(); PR_Cleanup(); }
void MozillaRenderer::shutdown(void) { // Shutdown NSS and NSPR NSS_Shutdown(); // FIXME: this hangs, waiting on a condition variable //PR_Cleanup(); }
void lsw_nss_shutdown(void) { NSS_Shutdown(); if (!(flags & LSW_NSS_SKIP_PR_CLEANUP)) { PR_Cleanup(); } }
/** * camel_shutdown: * * Since: 2.24 **/ void camel_shutdown (void) { CamelCertDB *certdb; if (!initialised) return; certdb = camel_certdb_get_default (); if (certdb) { camel_certdb_save (certdb); camel_certdb_set_default (NULL); } /* These next calls must come last. */ if (nss_initlock != NULL) { PR_Lock (nss_initlock); if (nss_initialized) NSS_Shutdown (); PR_Unlock (nss_initlock); } initialised = FALSE; }
int qdevice_model_net_destroy(struct qdevice_instance *instance) { struct qdevice_net_instance *net_instance; net_instance = instance->model_data; qdevice_log(LOG_DEBUG, "Destroying algorithm"); qdevice_net_algorithm_destroy(net_instance); qdevice_log(LOG_DEBUG, "Destroying qdevice_net_instance"); qdevice_net_instance_destroy(net_instance); qdevice_log(LOG_DEBUG, "Shutting down NSS"); SSL_ClearSessionCache(); if (NSS_Shutdown() != SECSuccess) { qdevice_log_nss(LOG_WARNING, "Can't shutdown NSS"); } if (PR_Cleanup() != PR_SUCCESS) { qdevice_log_nss(LOG_WARNING, "Can't shutdown NSPR"); } free(net_instance); return (0); }
void release_pkcs11_module(pkcs11_handle_t *h) { SECStatus rv; close_pkcs11_session(h); if (h->is_user_module) { rv = SECMOD_UnloadUserModule(h->module); if (rv != SECSuccess) { DBG1("Unloading UserModule failed: %s", SECU_Strerror(PR_GetError())); } } if (h->module) { SECMOD_DestroyModule(h->module); } memset(h, 0, sizeof(pkcs11_handle_t)); free(h); /* if we initialized NSS, then we need to shut it down */ if (!app_has_NSS) { rv = NSS_Shutdown(); if (rv != SECSuccess) { DBG1("NSS Shutdown Failed: %s", SECU_Strerror(PR_GetError())); } } }
static int runCmd(mainTestFn fnPointer, int argc, char **argv, char *dbPath) { int retStat = 0; /* Initialize NSPR and NSS. */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); /* if using databases, use NSS_Init and not NSS_NoDB_Init */ if (dbPath && PORT_Strlen(dbPath) != 0) { if (NSS_Init(dbPath) != SECSuccess) return SECFailure; } else { if (NSS_NoDB_Init(NULL) != 0) return SECFailure; } retStat = fnPointer(argc, argv); if (NSS_Shutdown() != SECSuccess) { exit(1); } PR_Cleanup(); return retStat; }
void tls_deinit(void *ssl_ctx) { tls_nss_ref_count--; if (tls_nss_ref_count == 0) { if (NSS_Shutdown() != SECSuccess) wpa_printf(MSG_ERROR, "NSS: NSS_Shutdown() failed"); } }
/* * _import_crl <url> <der size> * the der blob is passed through STDIN from pluto's fork */ int main(int argc, char *argv[]) { char *url, *lenstr; unsigned char *buf, *tbuf; size_t len, tlen; ssize_t rd; int fin; if (argc != 3) exit(-1); progname = argv[0]; url = argv[1]; lenstr = argv[2]; /* can't be 0 */ if (*lenstr == '0' && strlen(lenstr) == 1) exit(-1); while (*lenstr != '\0') { if (!isalnum(*lenstr++)) { exit(-1); } } tlen = len = (size_t) atoi(argv[2]); tbuf = buf = (unsigned char *) malloc(len); if (tbuf == NULL) exit(-1); while (tlen != 0 && (rd = read(STDIN_FILENO, buf, len)) != 0) { if (rd == -1) { if (errno == EINTR) continue; exit(-1); } tlen -= rd; buf += rd; } if ((size_t)(buf - tbuf) != len) exit(-1); const struct lsw_conf_options *oco = lsw_init_options(); lsw_nss_buf_t err; if (!lsw_nss_setup(oco->nssdir, 0, lsw_nss_get_password, err)) { fprintf(stderr, "%s: %s\n", progname, err); exit(1); } fin = import_crl(url, tbuf, len); if (tbuf != NULL) free(tbuf); NSS_Shutdown(); return fin; }
gboolean sc_shutdown_nss (GError **error) { NSS_Shutdown (); sc_debug ("NSS shut down"); return TRUE; }
static void ssl_nss_uninit(void) { NSS_Shutdown(); PR_Cleanup(); _nss_methods = NULL; }
void crypto_deinit (void) { if (initialized) { NSS_Shutdown (); PR_Cleanup (); } }
int main(int argc, char **argv) { char * progName = NULL; SECStatus secStatus; PLOptState *optstate; PLOptStatus status; /* Call the NSPR initialization routines */ PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); progName = PL_strdup(argv[0]); hostName = NULL; optstate = PL_CreateOptState(argc, argv, "d:h:i:o:p:t:"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch(optstate->option) { case 'd' : certDir = PL_strdup(optstate->value); break; case 'h' : hostName = PL_strdup(optstate->value); break; case 'i' : infileName = PL_strdup(optstate->value); break; case 'o' : outfileName = PL_strdup(optstate->value); break; case 'p' : port = PORT_Atoi(optstate->value); break; case 't' : trustNewServer_p = PL_strdup(optstate->value); break; case '?' : default : Usage(progName); } } if (port == 0 || hostName == NULL || infileName == NULL || outfileName == NULL || certDir == NULL) Usage(progName); #if 0 /* no client authentication */ /* Set our password function callback. */ PK11_SetPasswordFunc(myPasswd); #endif /* Initialize the NSS libraries. */ secStatus = NSS_InitReadWrite(certDir); if (secStatus != SECSuccess) { /* Try it again, readonly. */ secStatus = NSS_Init(certDir); if (secStatus != SECSuccess) exitErr("Error initializing NSS", GENERAL_ERROR); } /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */ NSS_SetDomesticPolicy(); client_main(port); NSS_Shutdown(); PR_Cleanup(); return 0; }
/** * Shutdown the crypto library and release resources. * * It is safe to shut down twice. */ static apr_status_t crypto_shutdown(void) { if (NSS_IsInitialized()) { SECStatus s = NSS_Shutdown(); if (s != SECSuccess) { return APR_EINIT; } } return APR_SUCCESS; }
void exitErr(char *function) { errWarn(function); /* Exit gracefully. */ /* ignoring return value of NSS_Shutdown as code exits with 1 anyway*/ (void) NSS_Shutdown(); PR_Cleanup(); exit(1); }
static void exitErr(const char* errorStr, int rc) { fprintf (stderr, "%s: ", errorStr); nssError(); /* Exit gracefully. */ /* ignoring return value of NSS_Shutdown. */ (void) NSS_Shutdown(); PR_Cleanup(); exit(rc); }
static int __pkcs11h_crypto_nss_uninitialize ( IN void * const global_data ) { if (*(int *)global_data != FALSE) { NSS_Shutdown (); } return TRUE; }
am_status_t Connection::shutdown(void) { // // NOTE: This may not always be the right thing to do, as somebody may // have initialized NSS before we did and expect it to keep working // after we are done. // if (initialized) { NSS_Shutdown(); initialized = false; } return AM_SUCCESS; }
static void unload_nss (GsdSmartcardManager *self) { g_debug ("attempting to unload NSS security system with database '%s'", GSD_SMARTCARD_MANAGER_NSS_DB); if (self->priv->nss_is_loaded) { NSS_Shutdown (); self->priv->nss_is_loaded = FALSE; g_debug ("NSS database '%s' unloaded", GSD_SMARTCARD_MANAGER_NSS_DB); } else { g_debug ("NSS database '%s' already not loaded", GSD_SMARTCARD_MANAGER_NSS_DB); } }
void cms_context_fini(cms_context *ctx) { if (ctx->cert) { CERT_DestroyCertificate(ctx->cert); ctx->cert = NULL; } if (ctx->privkey) { free(ctx->privkey); ctx->privkey = NULL; } if (ctx->pe_digest) { free_poison(ctx->pe_digest->data, ctx->pe_digest->len); /* XXX sure seems like we should be freeing it here, but * that's segfaulting, and we know it'll get cleaned up with * PORT_FreeArena a couple of lines down. */ ctx->pe_digest = NULL; } if (ctx->ci_digest) { free_poison(ctx->ci_digest->data, ctx->ci_digest->len); /* XXX sure seems like we should be freeing it here, but * that's segfaulting, and we know it'll get cleaned up with * PORT_FreeArena a couple of lines down. */ ctx->ci_digest = NULL; } #if 0 for (int i = 0; i < ctx->num_signatures; i++) { if (ctx->signatures[i]) { if (ctx->signatures[i]->data) free(ctx->signatures[i]->data); free(ctx->signatures[i]); } } free(ctx->signatures); #endif ctx->signatures = NULL; PORT_FreeArena(ctx->arena, PR_TRUE); memset(ctx, '\0', sizeof(*ctx)); NSS_Shutdown(); }
/** * xmlSecNssAppShutdown: * * General crypto engine shutdown. This function is used * by XMLSec command line utility and called after * @xmlSecShutdown function. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecNssAppShutdown(void) { SECStatus rv; /* SSL_ClearSessionCache(); */ PK11_LogoutAll(); rv = NSS_Shutdown(); if(rv != SECSuccess) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "NSS_Shutdown", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
/* Global cleanup */ void Curl_nss_cleanup(void) { /* This function isn't required to be threadsafe and this is only done * as a safety feature. */ PR_Lock(nss_initlock); if (initialized) { if(mod) SECMOD_DestroyModule(mod); mod = NULL; NSS_Shutdown(); } PR_Unlock(nss_initlock); PR_DestroyLock(nss_initlock); nss_initlock = NULL; initialized = 0; }
/* leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { reset_globals(); /* needed because we may be called in odd state */ free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); /* free memory allocated by initialization routines. Please don't forget to do this. */ #ifdef TPM free_tpm(); #endif #ifdef HAVE_THREADS free_crl_fetch(); /* free chain of crl fetch requests */ #endif #ifdef HAVE_OCSP free_ocsp_fetch(); /* free chain of ocsp fetch requests */ #endif free_authcerts(); /* free chain of X.509 authority certificates */ free_crls(); /* free chain of X.509 CRLs */ free_acerts(); /* free chain of X.509 attribute certificates */ free_ocsp(); /* free ocsp cache */ osw_conf_free_oco(); /* free global_oco containing path names */ free_myFQDN(); /* free myid FQDN */ free_ifaces(); /* free interface list from memory */ stop_adns(); /* Stop async DNS process (if running) */ free_md_pool(); /* free the md pool */ #ifdef HAVE_LIBNSS NSS_Shutdown(); #endif delete_lock(); /* delete any lock files */ #ifdef LEAK_DETECTIVE report_leaks(); /* report memory leaks now, after all free()s */ #endif /* LEAK_DETECTIVE */ close_log(); /* close the logfiles */ exit(status); /* exit, with our error code */ }
int nspr_nss_cleanup(void) { SECStatus sret; /* nothing to do */ if (nspr_nss_init_done == 0) return SECSuccess; sret = NSS_Shutdown(); if (sret != SECSuccess) { DEBUG(SSSDBG_CRIT_FAILURE, "Error shutting down connection to NSS [%d]\n", PR_GetError()); return EIO; } PR_Cleanup(); nspr_nss_init_done = 0; return EOK; }
int main(int argc, char **argv) { if (argc < 2) exit(1); NSS_NoDB_Init(NULL); /*************/ /* AES */ /*************/ if (strcmp(argv[1], "aes") == 0) { /* argv[2]=kat argv[3]=gcm argv[4]=<test name>.rsp */ if (strcmp(argv[2], "kat") == 0) { /* Known Answer Test (KAT) */ aes_gcm_kat(argv[4]); } } NSS_Shutdown(); return 0; }
/* * leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { /* needed because we may be called in odd state */ reset_globals(); free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); /* * free memory allocated by initialization routines. Please don't * forget to do this. */ #if defined(LIBCURL) || defined(LDAP_VER) free_crl_fetch(); /* free chain of crl fetch requests */ #endif lsw_conf_free_oco(); /* free global_oco containing path names */ free_myFQDN(); /* free myid FQDN */ free_ifaces(); /* free interface list from memory */ #ifdef USE_ADNS stop_adns(); /* Stop async DNS process (if running) */ #endif free_md_pool(); /* free the md pool */ NSS_Shutdown(); delete_lock(); /* delete any lock files */ free_virtual_ip(); /* virtual_private= */ free_kernelfd(); /* stop listening to kernel FD, remove event */ free_pluto_main(); /* our static chars */ /* report memory leaks now, after all free_* calls */ if (leak_detective) report_leaks(); close_log(); /* close the logfiles */ exit(status); /* exit, with our error code */ }
void __pmSecureServerShutdown(void) { PM_INIT_LOCKS(); PM_LOCK(secureserver_lock); if (secure_server.certificate) { CERT_DestroyCertificate(secure_server.certificate); secure_server.certificate = NULL; } if (secure_server.private_key) { SECKEY_DestroyPrivateKey(secure_server.private_key); secure_server.private_key = NULL; } if (secure_server.ssl_session_cache_setup) { SSL_ShutdownServerSessionIDCache(); secure_server.ssl_session_cache_setup = 0; } if (secure_server.initialized) { NSS_Shutdown(); secure_server.initialized = 0; } PM_UNLOCK(secureserver_lock); }
int main(int argc, char **argv) { int rv, ascii; char *progName; FILE *outFile; PRFileDesc *inFile; SECItem der, data; char *typeTag; PLOptState *optstate; progName = strrchr(argv[0], '/'); progName = progName ? progName+1 : argv[0]; ascii = 0; inFile = 0; outFile = 0; typeTag = 0; optstate = PL_CreateOptState(argc, argv, "at:i:o:"); while ( PL_GetNextOpt(optstate) == PL_OPT_OK ) { switch (optstate->option) { case '?': Usage(progName); break; case 'a': ascii = 1; break; case 'i': inFile = PR_Open(optstate->value, PR_RDONLY, 0); if (!inFile) { fprintf(stderr, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); return -1; } break; case 'o': outFile = fopen(optstate->value, "w"); if (!outFile) { fprintf(stderr, "%s: unable to open \"%s\" for writing\n", progName, optstate->value); return -1; } break; case 't': typeTag = strdup(optstate->value); break; } } PL_DestroyOptState(optstate); if (!typeTag) Usage(progName); if (!inFile) inFile = PR_STDIN; if (!outFile) outFile = stdout; PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); rv = NSS_NoDB_Init(NULL); if (rv != SECSuccess) { fprintf(stderr, "%s: NSS_NoDB_Init failed (%s)\n", progName, SECU_Strerror(PORT_GetError())); exit(1); } SECU_RegisterDynamicOids(); rv = SECU_ReadDERFromFile(&der, inFile, ascii, PR_FALSE); if (rv != SECSuccess) { fprintf(stderr, "%s: SECU_ReadDERFromFile failed\n", progName); exit(1); } /* Data is untyped, using the specified type */ data.data = der.data; data.len = der.len; /* Pretty print it */ if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) { rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0, SECU_PrintCertificate); } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_ID) == 0) { PRBool saveWrapeState = SECU_GetWrapEnabled(); SECU_EnableWrap(PR_FALSE); rv = SECU_PrintSignedContent(outFile, &data, 0, 0, SECU_PrintDumpDerIssuerAndSerial); SECU_EnableWrap(saveWrapeState); } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) { rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0, SECU_PrintCertificateRequest); } else if (PORT_Strcmp (typeTag, SEC_CT_CRL) == 0) { rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl); #ifdef HAVE_EPV_TEMPLATE } else if (PORT_Strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) { rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0); #endif } else if (PORT_Strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) { rv = SECU_PrintSubjectPublicKeyInfo(outFile, &data, "Public Key", 0); } else if (PORT_Strcmp(typeTag, SEC_CT_PKCS7) == 0) { rv = SECU_PrintPKCS7ContentInfo(outFile, &data, "PKCS #7 Content Info", 0); } else if (PORT_Strcmp(typeTag, SEC_CT_NAME) == 0) { rv = SECU_PrintDERName(outFile, &data, "Name", 0); } else { fprintf(stderr, "%s: don't know how to print out '%s' files\n", progName, typeTag); SECU_PrintAny(outFile, &data, "File contains", 0); return -1; } if (inFile != PR_STDIN) PR_Close(inFile); PORT_Free(der.data); if (rv) { fprintf(stderr, "%s: problem converting data (%s)\n", progName, SECU_Strerror(PORT_GetError())); } if (NSS_Shutdown() != SECSuccess) { fprintf(stderr, "%s: NSS_Shutdown failed (%s)\n", progName, SECU_Strerror(PORT_GetError())); rv = SECFailure; } PR_Cleanup(); return rv; }