The Tor Browser / annotate

security/nss/lib/sysinit/nsssysinit.c@6474c204b198 (annotated)

security/nss/lib/sysinit/nsssysinit.c

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4 #include "seccomon.h"
michael@0 5 #include "prio.h"
michael@0 6 #include "prprf.h"
michael@0 7 #include "plhash.h"
michael@0 8
michael@0 9 /*
michael@0 10 * The following provides a default example for operating systems to set up
michael@0 11 * and manage applications loading NSS on their OS globally.
michael@0 12 *
michael@0 13 * This code hooks in to the system pkcs11.txt, which controls all the loading
michael@0 14 * of pkcs11 modules common to all applications.
michael@0 15 */
michael@0 16
michael@0 17 /*
michael@0 18 * OS Specific function to get where the NSS user database should reside.
michael@0 19 */
michael@0 20
michael@0 21 #ifdef XP_UNIX
michael@0 22 #include <unistd.h>
michael@0 23 #include <sys/stat.h>
michael@0 24 #include <sys/types.h>
michael@0 25
michael@0 26 static int
michael@0 27 testdir(char *dir)
michael@0 28 {
michael@0 29 struct stat buf;
michael@0 30 memset(&buf, 0, sizeof(buf));
michael@0 31
michael@0 32 if (stat(dir,&buf) < 0) {
michael@0 33 return 0;
michael@0 34 }
michael@0 35
michael@0 36 return S_ISDIR(buf.st_mode);
michael@0 37 }
michael@0 38
michael@0 39 #define NSS_USER_PATH1 "/.pki"
michael@0 40 #define NSS_USER_PATH2 "/nssdb"
michael@0 41 static char *
michael@0 42 getUserDB(void)
michael@0 43 {
michael@0 44 char *userdir = getenv("HOME");
michael@0 45 char *nssdir = NULL;
michael@0 46
michael@0 47 if (userdir == NULL) {
michael@0 48 return NULL;
michael@0 49 }
michael@0 50
michael@0 51 nssdir = PORT_Alloc(strlen(userdir)
michael@0 52 +sizeof(NSS_USER_PATH1)+sizeof(NSS_USER_PATH2));
michael@0 53 if (nssdir == NULL) {
michael@0 54 return NULL;
michael@0 55 }
michael@0 56 PORT_Strcpy(nssdir, userdir);
michael@0 57 /* verify it exists */
michael@0 58 if (!testdir(nssdir)) {
michael@0 59 PORT_Free(nssdir);
michael@0 60 return NULL;
michael@0 61 }
michael@0 62 PORT_Strcat(nssdir, NSS_USER_PATH1);
michael@0 63 if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
michael@0 64 PORT_Free(nssdir);
michael@0 65 return NULL;
michael@0 66 }
michael@0 67 PORT_Strcat(nssdir, NSS_USER_PATH2);
michael@0 68 if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
michael@0 69 PORT_Free(nssdir);
michael@0 70 return NULL;
michael@0 71 }
michael@0 72 return nssdir;
michael@0 73 }
michael@0 74
michael@0 75 #define NSS_DEFAULT_SYSTEM "/etc/pki/nssdb"
michael@0 76 static char *
michael@0 77 getSystemDB(void) {
michael@0 78 return PORT_Strdup(NSS_DEFAULT_SYSTEM);
michael@0 79 }
michael@0 80
michael@0 81 static PRBool
michael@0 82 userIsRoot()
michael@0 83 {
michael@0 84 /* this works for linux and all unixes that we know off
michael@0 85 though it isn't stated as such in POSIX documentation */
michael@0 86 return getuid() == 0;
michael@0 87 }
michael@0 88
michael@0 89 static PRBool
michael@0 90 userCanModifySystemDB()
michael@0 91 {
michael@0 92 return (access(NSS_DEFAULT_SYSTEM, W_OK) == 0);
michael@0 93 }
michael@0 94
michael@0 95 #else
michael@0 96 #ifdef XP_WIN
michael@0 97 static char *
michael@0 98 getUserDB(void)
michael@0 99 {
michael@0 100 /* use the registry to find the user's NSS_DIR. if no entry exists, create
michael@0 101 * one in the users Appdir location */
michael@0 102 return NULL;
michael@0 103 }
michael@0 104
michael@0 105 static char *
michael@0 106 getSystemDB(void)
michael@0 107 {
michael@0 108 /* use the registry to find the system's NSS_DIR. if no entry exists, create
michael@0 109 * one based on the windows system data area */
michael@0 110 return NULL;
michael@0 111 }
michael@0 112
michael@0 113 static PRBool
michael@0 114 userIsRoot()
michael@0 115 {
michael@0 116 /* use the registry to find if the user is the system administrator. */
michael@0 117 return PR_FALSE;
michael@0 118 }
michael@0 119
michael@0 120 static PRBool
michael@0 121 userCanModifySystemDB()
michael@0 122 {
michael@0 123 /* use the registry to find if the user has administrative privilege
michael@0 124 * to modify the system's nss database. */
michael@0 125 return PR_FALSE;
michael@0 126 }
michael@0 127
michael@0 128 #else
michael@0 129 #error "Need to write getUserDB, SystemDB, userIsRoot, and userCanModifySystemDB functions"
michael@0 130 #endif
michael@0 131 #endif
michael@0 132
michael@0 133 static PRBool
michael@0 134 getFIPSEnv(void)
michael@0 135 {
michael@0 136 char *fipsEnv = getenv("NSS_FIPS");
michael@0 137 if (!fipsEnv) {
michael@0 138 return PR_FALSE;
michael@0 139 }
michael@0 140 if ((strcasecmp(fipsEnv,"fips") == 0) ||
michael@0 141 (strcasecmp(fipsEnv,"true") == 0) ||
michael@0 142 (strcasecmp(fipsEnv,"on") == 0) ||
michael@0 143 (strcasecmp(fipsEnv,"1") == 0)) {
michael@0 144 return PR_TRUE;
michael@0 145 }
michael@0 146 return PR_FALSE;
michael@0 147 }
michael@0 148 #ifdef XP_LINUX
michael@0 149
michael@0 150 static PRBool
michael@0 151 getFIPSMode(void)
michael@0 152 {
michael@0 153 FILE *f;
michael@0 154 char d;
michael@0 155 size_t size;
michael@0 156
michael@0 157 f = fopen("/proc/sys/crypto/fips_enabled", "r");
michael@0 158 if (!f) {
michael@0 159 /* if we don't have a proc flag, fall back to the
michael@0 160 * environment variable */
michael@0 161 return getFIPSEnv();
michael@0 162 }
michael@0 163
michael@0 164 size = fread(&d, 1, 1, f);
michael@0 165 fclose(f);
michael@0 166 if (size != 1)
michael@0 167 return PR_FALSE;
michael@0 168 if (d != '1')
michael@0 169 return PR_FALSE;
michael@0 170 return PR_TRUE;
michael@0 171 }
michael@0 172
michael@0 173 #else
michael@0 174 static PRBool
michael@0 175 getFIPSMode(void)
michael@0 176 {
michael@0 177 return getFIPSEnv();
michael@0 178 }
michael@0 179 #endif
michael@0 180
michael@0 181
michael@0 182 #define NSS_DEFAULT_FLAGS "flags=readonly"
michael@0 183
michael@0 184 /* configuration flags according to
michael@0 185 * https://developer.mozilla.org/en/PKCS11_Module_Specs
michael@0 186 * As stated there the slotParams start with a slot name which is a slotID
michael@0 187 * Slots 1 through 3 are reserved for the nss internal modules as follows:
michael@0 188 * 1 for crypto operations slot non-fips,
michael@0 189 * 2 for the key slot, and
michael@0 190 * 3 for the crypto operations slot fips
michael@0 191 */
michael@0 192 #define CIPHER_ORDER_FLAGS "cipherOrder=100"
michael@0 193 #define SLOT_FLAGS \
michael@0 194 "[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM" \
michael@0 195 " askpw=any timeout=30 ]"
michael@0 196
michael@0 197 static const char *nssDefaultFlags =
michael@0 198 CIPHER_ORDER_FLAGS " slotParams={0x00000001=" SLOT_FLAGS " } ";
michael@0 199
michael@0 200 static const char *nssDefaultFIPSFlags =
michael@0 201 CIPHER_ORDER_FLAGS " slotParams={0x00000003=" SLOT_FLAGS " } ";
michael@0 202
michael@0 203 /*
michael@0 204 * This function builds the list of databases and modules to load, and sets
michael@0 205 * their configuration. For the sample we have a fixed set.
michael@0 206 * 1. We load the user's home nss database.
michael@0 207 * 2. We load the user's custom PKCS #11 modules.
michael@0 208 * 3. We load the system nss database readonly.
michael@0 209 *
michael@0 210 * Any space allocated in get_list must be freed in release_list.
michael@0 211 * This function can use whatever information is available to the application.
michael@0 212 * it is running in the process of the application for which it is making
michael@0 213 * decisions, so it's possible to acquire the application name as part of
michael@0 214 * the decision making process.
michael@0 215 *
michael@0 216 */
michael@0 217 static char **
michael@0 218 get_list(char *filename, char *stripped_parameters)
michael@0 219 {
michael@0 220 char **module_list = PORT_ZNewArray(char *, 5);
michael@0 221 char *userdb, *sysdb;
michael@0 222 int isFIPS = getFIPSMode();
michael@0 223 const char *nssflags = isFIPS ? nssDefaultFIPSFlags : nssDefaultFlags;
michael@0 224 int next = 0;
michael@0 225
michael@0 226 /* can't get any space */
michael@0 227 if (module_list == NULL) {
michael@0 228 return NULL;
michael@0 229 }
michael@0 230
michael@0 231 sysdb = getSystemDB();
michael@0 232 userdb = getUserDB();
michael@0 233
michael@0 234 /* Don't open root's user DB */
michael@0 235 if (userdb != NULL && !userIsRoot()) {
michael@0 236 /* return a list of databases to open. First the user Database */
michael@0 237 module_list[next++] = PR_smprintf(
michael@0 238 "library= "
michael@0 239 "module=\"NSS User database\" "
michael@0 240 "parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
michael@0 241 "NSS=\"trustOrder=75 %sflags=internal%s\"",
michael@0 242 userdb, stripped_parameters, nssflags,
michael@0 243 isFIPS ? ",FIPS" : "");
michael@0 244
michael@0 245 /* now open the user's defined PKCS #11 modules */
michael@0 246 /* skip the local user DB entry */
michael@0 247 module_list[next++] = PR_smprintf(
michael@0 248 "library= "
michael@0 249 "module=\"NSS User database\" "
michael@0 250 "parameters=\"configdir='sql:%s' %s\" "
michael@0 251 "NSS=\"flags=internal,moduleDBOnly,defaultModDB,skipFirst\"",
michael@0 252 userdb, stripped_parameters);
michael@0 253 }
michael@0 254
michael@0 255 /* now the system database (always read only unless it's root) */
michael@0 256 if (sysdb) {
michael@0 257 const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
michael@0 258 module_list[next++] = PR_smprintf(
michael@0 259 "library= "
michael@0 260 "module=\"NSS system database\" "
michael@0 261 "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
michael@0 262 "NSS=\"trustOrder=80 %sflags=internal,critical\"",sysdb, readonly, nssflags);
michael@0 263 }
michael@0 264
michael@0 265 /* that was the last module */
michael@0 266 module_list[next] = 0;
michael@0 267
michael@0 268 PORT_Free(userdb);
michael@0 269 PORT_Free(sysdb);
michael@0 270
michael@0 271 return module_list;
michael@0 272 }
michael@0 273
michael@0 274 static char **
michael@0 275 release_list(char **arg)
michael@0 276 {
michael@0 277 static char *success = "Success";
michael@0 278 int next;
michael@0 279
michael@0 280 for (next = 0; arg[next]; next++) {
michael@0 281 free(arg[next]);
michael@0 282 }
michael@0 283 PORT_Free(arg);
michael@0 284 return &success;
michael@0 285 }
michael@0 286
michael@0 287
michael@0 288 #include "utilpars.h"
michael@0 289
michael@0 290 #define TARGET_SPEC_COPY(new, start, end) \
michael@0 291 if (end > start) { \
michael@0 292 int _cnt = end - start; \
michael@0 293 PORT_Memcpy(new, start, _cnt); \
michael@0 294 new += _cnt; \
michael@0 295 }
michael@0 296
michael@0 297 /*
michael@0 298 * According the strcpy man page:
michael@0 299 *
michael@0 300 * The strings may not overlap, and the destination string dest must be
michael@0 301 * large enough to receive the copy.
michael@0 302 *
michael@0 303 * This implementation allows target to overlap with src.
michael@0 304 * It does not allow the src to overlap the target.
michael@0 305 * example: overlapstrcpy(string, string+4) is fine
michael@0 306 * overlapstrcpy(string+4, string) is not.
michael@0 307 */
michael@0 308 static void
michael@0 309 overlapstrcpy(char *target, char *src)
michael@0 310 {
michael@0 311 while (*src) {
michael@0 312 *target++ = *src++;
michael@0 313 }
michael@0 314 *target = 0;
michael@0 315 }
michael@0 316
michael@0 317 /* determine what options the user was trying to open this database with */
michael@0 318 /* filename is the directory pointed to by configdir= */
michael@0 319 /* stripped is the rest of the parameters with configdir= stripped out */
michael@0 320 static SECStatus
michael@0 321 parse_parameters(char *parameters, char **filename, char **stripped)
michael@0 322 {
michael@0 323 char *sourcePrev;
michael@0 324 char *sourceCurr;
michael@0 325 char *targetCurr;
michael@0 326 char *newStripped;
michael@0 327 *filename = NULL;
michael@0 328 *stripped = NULL;
michael@0 329
michael@0 330 newStripped = PORT_Alloc(PORT_Strlen(parameters)+2);
michael@0 331 targetCurr = newStripped;
michael@0 332 sourcePrev = parameters;
michael@0 333 sourceCurr = NSSUTIL_ArgStrip(parameters);
michael@0 334 TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
michael@0 335
michael@0 336 while (*sourceCurr) {
michael@0 337 int next;
michael@0 338 sourcePrev = sourceCurr;
michael@0 339 NSSUTIL_HANDLE_STRING_ARG(sourceCurr, *filename, "configdir=",
michael@0 340 sourcePrev = sourceCurr; )
michael@0 341 NSSUTIL_HANDLE_FINAL_ARG(sourceCurr);
michael@0 342 TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
michael@0 343 }
michael@0 344 *targetCurr = 0;
michael@0 345 if (*filename == NULL) {
michael@0 346 PORT_Free(newStripped);
michael@0 347 return SECFailure;
michael@0 348 }
michael@0 349 /* strip off any directives from the filename */
michael@0 350 if (strncmp("sql:", *filename, 4) == 0) {
michael@0 351 overlapstrcpy(*filename, (*filename)+4);
michael@0 352 } else if (strncmp("dbm:", *filename, 4) == 0) {
michael@0 353 overlapstrcpy(*filename, (*filename)+4);
michael@0 354 } else if (strncmp("extern:", *filename, 7) == 0) {
michael@0 355 overlapstrcpy(*filename, (*filename)+7);
michael@0 356 }
michael@0 357 *stripped = newStripped;
michael@0 358 return SECSuccess;
michael@0 359 }
michael@0 360
michael@0 361 /* entry point */
michael@0 362 char **
michael@0 363 NSS_ReturnModuleSpecData(unsigned long function, char *parameters, void *args)
michael@0 364 {
michael@0 365 char *filename = NULL;
michael@0 366 char *stripped = NULL;
michael@0 367 char **retString = NULL;
michael@0 368 SECStatus rv;
michael@0 369
michael@0 370 rv = parse_parameters(parameters, &filename, &stripped);
michael@0 371 if (rv != SECSuccess) {
michael@0 372 /* use defaults */
michael@0 373 filename = getSystemDB();
michael@0 374 if (!filename) {
michael@0 375 return NULL;
michael@0 376 }
michael@0 377 stripped = PORT_Strdup(NSS_DEFAULT_FLAGS);
michael@0 378 if (!stripped) {
michael@0 379 free(filename);
michael@0 380 return NULL;
michael@0 381 }
michael@0 382 }
michael@0 383 switch (function) {
michael@0 384 case SECMOD_MODULE_DB_FUNCTION_FIND:
michael@0 385 retString = get_list(filename, stripped);
michael@0 386 break;
michael@0 387 case SECMOD_MODULE_DB_FUNCTION_RELEASE:
michael@0 388 retString = release_list((char **)args);
michael@0 389 break;
michael@0 390 /* can't add or delete from this module DB */
michael@0 391 case SECMOD_MODULE_DB_FUNCTION_ADD:
michael@0 392 case SECMOD_MODULE_DB_FUNCTION_DEL:
michael@0 393 retString = NULL;
michael@0 394 break;
michael@0 395 default:
michael@0 396 retString = NULL;
michael@0 397 break;
michael@0 398 }
michael@0 399
michael@0 400 PORT_Free(filename);
michael@0 401 PORT_Free(stripped);
michael@0 402 return retString;
michael@0 403 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial