NS_IMETHODIMP nsPK11Token::LogoutSimple() { // PK11_Logout() can fail if the user wasn't logged in beforehand. We want // this method to succeed even in this case, so we ignore the return value. Unused << PK11_Logout(mSlot.get()); return NS_OK; }
NS_IMETHODIMP nsPK11Token::LogoutSimple() { nsNSSShutDownPreventionLock locker; if (isAlreadyShutDown()) return NS_ERROR_NOT_AVAILABLE; // PK11_MapError sets CKR_USER_NOT_LOGGED_IN to SEC_ERROR_LIBRARY_FAILURE, // so not going to learn anything here by a failure. Treat it like void. PK11_Logout(mSlot); return NS_OK; }
int close_pkcs11_session(pkcs11_handle_t *h) { if (h->slot) { PK11_Logout(h->slot); PK11_FreeSlot(h->slot); h->slot = NULL; } if (h->certs) { CERT_DestroyCertArray((CERTCertificate **)h->certs, h->cert_count); h->certs = NULL; h->cert_count = 0; } return 0; }
void vcard_emul_reset(VCard *card, VCardPower power) { PK11SlotInfo *slot; if (!nss_emul_init) { return; } /* * if we reset the card (either power on or power off), we lose our login * state */ /* TODO: we may also need to send insertion/removal events? */ slot = vcard_emul_card_get_slot(card); PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */ }
void PK11_LogoutAll(void) { SECMODListLock *lock = SECMOD_GetDefaultModuleListLock(); SECMODModuleList *modList = SECMOD_GetDefaultModuleList(); SECMODModuleList *mlp = NULL; int i; /* NSS is not initialized, there are not tokens to log out */ if (lock == NULL) { return; } SECMOD_GetReadLock(lock); /* find the number of entries */ for (mlp = modList; mlp != NULL; mlp = mlp->next) { for (i=0; i < mlp->module->slotCount; i++) { PK11_Logout(mlp->module->slots[i]); } } SECMOD_ReleaseReadLock(lock); }
int main(int argc, char **argv) { PLOptState *optstate; PLOptStatus optstatus; PRUint32 flags = 0; Error ret; SECStatus rv; char *dbString = NULL; PRBool doInitTest = PR_FALSE; int i; progName = strrchr(argv[0], '/'); if (!progName) progName = strrchr(argv[0], '\\'); progName = progName ? progName + 1 : argv[0]; optstate = PL_CreateOptState(argc, argv, "rfip:d:h"); while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { case 'h': default: Usage(progName); break; case 'r': flags |= NSS_INIT_READONLY; break; case 'f': flags |= NSS_INIT_FORCEOPEN; break; case 'i': doInitTest = PR_TRUE; break; case 'p': userPassword = PORT_Strdup(optstate->value); break; case 'd': dbDir = PORT_Strdup(optstate->value); break; } } if (optstatus == PL_OPT_BAD) Usage(progName); if (!dbDir) { dbDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */ } dbDir = SECU_ConfigDirectory(dbDir); PR_fprintf(PR_STDERR, "dbdir selected is %s\n\n", dbDir); if (dbDir[0] == '\0') { PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir); ret = DIR_DOESNT_EXIST_ERR; goto loser; } PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); /* get the status of the directory and databases and output message */ if (PR_Access(dbDir, PR_ACCESS_EXISTS) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir); } else if (PR_Access(dbDir, PR_ACCESS_READ_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dbDir); } else { if (!(flags & NSS_INIT_READONLY) && PR_Access(dbDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dbDir); } if (!doInitTest) { for (i = 0; i < 3; i++) { dbString = PR_smprintf("%s/%s", dbDir, dbName[i]); PR_fprintf(PR_STDOUT, "database checked is %s\n", dbString); if (PR_Access(dbString, PR_ACCESS_EXISTS) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[FILE_DOESNT_EXIST_ERR], dbString); } else if (PR_Access(dbString, PR_ACCESS_READ_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], dbString); } else if (!(flags & NSS_INIT_READONLY) && PR_Access(dbString, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], dbString); } } } } rv = NSS_Initialize(SECU_ConfigDirectory(dbDir), dbprefix, dbprefix, secmodName, flags); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); ret = NSS_INITIALIZE_FAILED_ERR; } else { ret = SUCCESS; if (doInitTest) { PK11SlotInfo *slot = PK11_GetInternalKeySlot(); SECStatus rv; int passwordSuccess = 0; int type = CKM_DES3_CBC; SECItem keyid = { 0, NULL, 0 }; unsigned char keyIdData[] = { 0xff, 0xfe }; PK11SymKey *key = NULL; keyid.data = keyIdData; keyid.len = sizeof(keyIdData); PK11_SetPasswordFunc(getPassword); rv = PK11_InitPin(slot, (char *)NULL, userPassword); if (rv != SECSuccess) { PR_fprintf(PR_STDERR, "Failed to Init DB: %s\n", SECU_Strerror(PORT_GetError())); ret = CHANGEPW_FAILED_ERR; } if (*userPassword && !PK11_IsLoggedIn(slot, &passwordSuccess)) { PR_fprintf(PR_STDERR, "New DB did not log in after init\n"); ret = AUTHENTICATION_FAILED_ERR; } /* generate a symetric key */ key = PK11_TokenKeyGen(slot, type, NULL, 0, &keyid, PR_TRUE, &passwordSuccess); if (!key) { PR_fprintf(PR_STDERR, "Could not generated symetric key: %s\n", SECU_Strerror(PORT_GetError())); exit(UNSPECIFIED_ERR); } PK11_FreeSymKey(key); PK11_Logout(slot); PK11_Authenticate(slot, PR_TRUE, &passwordSuccess); if (*userPassword && !passwordSuccess) { PR_fprintf(PR_STDERR, "New DB Did not initalize\n"); ret = AUTHENTICATION_FAILED_ERR; } key = PK11_FindFixedKey(slot, type, &keyid, &passwordSuccess); if (!key) { PR_fprintf(PR_STDERR, "Could not find generated key: %s\n", SECU_Strerror(PORT_GetError())); ret = UNSPECIFIED_ERR; } else { PK11_FreeSymKey(key); } PK11_FreeSlot(slot); } if (NSS_Shutdown() != SECSuccess) { PR_fprintf(PR_STDERR, "Could not find generated key: %s\n", SECU_Strerror(PORT_GetError())); exit(1); } } loser: return ret; }