The Tor Browser: comparison security/nss/cmd/multinit/multinit.c

--1:000000000000
+:e6a14eedb04d
+/* This Source Code Form is subject to the terms of the Mozilla Public
+* License, v. 2.0. If a copy of the MPL was not distributed with this
+* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "nss.h"
+#include "secutil.h"
+#include "pk11pub.h"
+#include "cert.h"
+typedef struct commandDescriptStr {
+int required;
+char *arg;
+char *des;
+} commandDescript;
+enum optionNames {
+opt_liborder = 0,
+opt_mainDB,
+opt_lib1DB,
+opt_lib2DB,
+opt_mainRO,
+opt_lib1RO,
+opt_lib2RO,
+opt_mainCMD,
+opt_lib1CMD,
+opt_lib2CMD,
+opt_mainTokNam,
+opt_lib1TokNam,
+opt_lib2TokNam,
+opt_oldStyle,
+opt_verbose,
+opt_summary,
+opt_help,
+opt_last
+};
+static const
+secuCommandFlag options_init[] =
+{
+{ /* opt_liborder */  'o', PR_TRUE, "1M2zmi", PR_TRUE,  "order" },
+{ /* opt_mainDB */    'd', PR_TRUE,     0,    PR_FALSE, "main_db" },
+{ /* opt_lib1DB */    '1', PR_TRUE,     0,    PR_FALSE, "lib1_db" },
+{ /* opt_lib2DB */    '2', PR_TRUE,     0,    PR_FALSE, "lib2_db" },
+{ /* opt_mainRO */    'r', PR_FALSE,    0,    PR_FALSE, "main_readonly" },
+{ /* opt_lib1RO */     0,  PR_FALSE,    0,    PR_FALSE, "lib1_readonly" },
+{ /* opt_lib2RO */     0,  PR_FALSE,    0,    PR_FALSE, "lib2_readonly" },
+{ /* opt_mainCMD */   'c', PR_TRUE,     0,    PR_FALSE, "main_command" },
+{ /* opt_lib1CMD */    0,  PR_TRUE,     0,    PR_FALSE, "lib1_command" },
+{ /* opt_lib2CMD */    0,  PR_TRUE,     0,    PR_FALSE, "lib2_command" },
+{ /* opt_mainTokNam */'t', PR_TRUE,     0,    PR_FALSE, "main_token_name" },
+{ /* opt_lib1TokNam */ 0,  PR_TRUE,     0,    PR_FALSE, "lib1_token_name" },
+{ /* opt_lib2TokNam */ 0,  PR_TRUE,     0,    PR_FALSE, "lib2_token_name" },
+{ /* opt_oldStype */  's', PR_FALSE,    0,    PR_FALSE, "oldStype" },
+{ /* opt_verbose */   'v', PR_FALSE,    0,    PR_FALSE, "verbose" },
+{ /* opt_summary */   'z', PR_FALSE,    0,    PR_FALSE, "summary" },
+{ /* opt_help */      'h', PR_FALSE,    0,    PR_FALSE, "help" }
+};
+static const
+commandDescript options_des[] =
+{
+{ /* opt_liborder */  PR_FALSE, "initOrder",
+	" Specifies the order of NSS initialization and shutdown. Order is\n"
+	" given as a string where each character represents either an init or\n"
+	" a shutdown of the main program or one of the 2 test libraries\n"
+	" (library 1 and library 2). The valid characters are as follows:\n"
+	"   M Init the main program\n   1 Init library 1\n"
+	"   2 Init library 2\n"
+	"   m Shutdown the main program\n   i Shutdown library 1\n"
+	"   z Shutdown library 2\n" },
+{ /* opt_mainDB */   PR_TRUE, "nss_db",
+	" Specified the directory to open the nss database for the main\n"
+	" program. Must be specified if \"M\" is given in the order string\n"},
+{ /* opt_lib1DB */   PR_FALSE, "nss_db",
+	" Specified the directory to open the nss database for library 1.\n"
+	" Must be specified if \"1\" is given in the order string\n"},
+{ /* opt_lib2DB */   PR_FALSE, "nss_db",
+	" Specified the directory to open the nss database for library 2.\n"
+	" Must be specified if \"2\" is given in the order string\n"},
+{ /* opt_mainRO */   PR_FALSE,    NULL,
+	" Open the main program's database read only.\n" },
+{ /* opt_lib1RO */   PR_FALSE,    NULL,
+	" Open library 1's database read only.\n" },
+{ /* opt_lib2RO */   PR_FALSE,    NULL,
+	" Open library 2's database read only.\n" },
+{ /* opt_mainCMD */  PR_FALSE,  "nss_command",
+	" Specifies the NSS command to execute in the main program.\n"
+	" Valid commands are: \n"
+	"   key_slot, list_slots, list_certs, add_cert, none.\n"
+	" Default is \"none\".\n" },
+{ /* opt_lib1CMD */  PR_FALSE,  "nss_command",
+	" Specifies the NSS command to execute in library 1.\n" },
+{ /* opt_lib2CMD */  PR_FALSE,  "nss_command",
+	" Specifies the NSS command to execute in library 2.\n" },
+{ /* opt_mainTokNam */PR_FALSE,  "token_name",
+	" Specifies the name of PKCS11 token for the main program's "
+	"database.\n" },
+{ /* opt_lib1TokNam */PR_FALSE,  "token_name",
+	" Specifies the name of PKCS11 token for library 1's database.\n" },
+{ /* opt_lib2TokNam */PR_FALSE,  "token_name",
+	" Specifies the name of PKCS11 token for library 2's database.\n" },
+{ /* opt_oldStype */ PR_FALSE,   NULL,
+	" Use NSS_Shutdown rather than NSS_ShutdownContext in the main\n"
+	" program.\n" },
+{ /* opt_verbose */  PR_FALSE,   NULL,
+	" Noisily output status to standard error\n" },
+{ /* opt_summarize */ PR_FALSE,  NULL,
+	"report a summary of the test results\n" },
+{ /* opt_help */ PR_FALSE,   NULL, " give this message\n" }
+};
+/*
+* output our short help (table driven). (does not exit).
+*/
+static void
+short_help(const char *prog)
+{
+int count = opt_last;
+int i,words_found;
+/* make sure all the tables are up to date before we allow compiles to
+* succeed */
+PR_STATIC_ASSERT(sizeof(options_init)/sizeof(secuCommandFlag) == opt_last);
+PR_STATIC_ASSERT(sizeof(options_init)/sizeof(secuCommandFlag) ==
+		     sizeof(options_des)/sizeof(commandDescript));
+/* print the base usage */
+fprintf(stderr,"usage: %s ",prog);
+for (i=0, words_found=0; i < count; i++) {
+	if (!options_des[i].required) {
+	    fprintf(stderr,"[");
+	}
+	if (options_init[i].longform) {
+	    fprintf(stderr, "--%s", options_init[i].longform);
+	    words_found++;
+	} else {
+	    fprintf(stderr, "-%c", options_init[i].flag);
+	}
+	if (options_init[i].needsArg) {
+	    if (options_des[i].arg) {
+		fprintf(stderr," %s",options_des[i].arg);
+	    } else {
+		fprintf(stderr," arg");
+	    }
+	    words_found++;
+	}
+	if (!options_des[i].required) {
+	    fprintf(stderr,"]");
+	}
+	if (i < count-1 ) {
+	    if (words_found >= 5) {
+		fprintf(stderr,"\n      ");
+		words_found=0;
+	    } else {
+		fprintf(stderr," ");
+	    }
+	}
+}
+fprintf(stderr,"\n");
+}
+/*
+* print out long help. like short_help, this does not exit
+*/
+static void
+long_help(const char *prog)
+{
+int i;
+int count = opt_last;
+short_help(prog);
+/* print the option descriptions */
+fprintf(stderr,"\n");
+for (i=0; i < count; i++) {
+	fprintf(stderr,"        ");
+	if (options_init[i].flag) {
+	    fprintf(stderr, "-%c", options_init[i].flag);
+	    if (options_init[i].longform) {
+		fprintf(stderr,",");
+	    }
+	}
+	if (options_init[i].longform) {
+	    fprintf(stderr,"--%s", options_init[i].longform);
+	}
+	if (options_init[i].needsArg) {
+	    if (options_des[i].arg) {
+		fprintf(stderr," %s",options_des[i].arg);
+	    } else {
+		fprintf(stderr," arg");
+	    }
+	    if (options_init[i].arg) {
+		fprintf(stderr," (default = \"%s\")",options_init[i].arg);
+	    }
+	}
+	fprintf(stderr,"\n%s",options_des[i].des);
+}
+}
+/*
+* record summary data
+*/
+struct bufferData {
+char * data;		/* lowest address of the buffer */
+char * next;		/* pointer to the next element on the buffer */
+int  len;		/* length of the buffer */
+};
+/* our actual buffer. If data is NULL, then all append ops
+* except are noops */
+static struct bufferData buffer= { NULL, NULL, 0 };
+#define CHUNK_SIZE 1000
+/*
+* get our initial data. and set the buffer variables up. on failure,
+* just don't initialize the buffer.
+*/
+static void
+initBuffer(void)
+{
+buffer.data = PORT_Alloc(CHUNK_SIZE);
+if (!buffer.data) {
+	return;
+}
+buffer.next = buffer.data;
+buffer.len = CHUNK_SIZE;
+}
+/*
+* grow the buffer. If we can't get more data, record a 'D' in the second
+* to last record and allow the rest of the data to overwrite the last
+* element.
+*/
+static void
+growBuffer(void)
+{
+char *new = PORT_Realloc(buffer.data, buffer.len + CHUNK_SIZE);
+if (!new) {
+	buffer.data[buffer.len-2] = 'D'; /* signal malloc failure in summary */
+	/* buffer must always point to good memory if it exists */
+	buffer.next = buffer.data + (buffer.len -1);
+	return;
+}
+buffer.next = new + (buffer.next-buffer.data);
+buffer.data = new;
+buffer.len += CHUNK_SIZE;
+}
+/*
+* append a label, doubles as appending a single character.
+*/
+static void
+appendLabel(char label)
+{
+if (!buffer.data) {
+	return;
+}
+*buffer.next++ = label;
+if (buffer.data+buffer.len >= buffer.next) {
+	growBuffer();
+}
+}
+/*
+* append a string onto the buffer. The result will be <string>
+*/
+static void
+appendString(char *string)
+{
+if (!buffer.data) {
+	return;
+}
+appendLabel('<');
+while (*string) {
+	appendLabel(*string++);
+}
+appendLabel('>');
+}
+/*
+* append a bool, T= true, F=false
+*/
+static void
+appendBool(PRBool bool)
+{
+if (!buffer.data) {
+	return;
+}
+if (bool) {
+	appendLabel('t');
+} else {
+	appendLabel('f');
+}
+}
+/*
+* append a single hex nibble.
+*/
+static void
+appendHex(unsigned char nibble)
+{
+if (nibble <= 9) {
+	appendLabel('0'+nibble);
+} else {
+	appendLabel('a'+nibble-10);
+}
+}
+/*
+* append a secitem as colon separated hex bytes.
+*/
+static void
+appendItem(SECItem *item)
+{
+int i;
+if (!buffer.data) {
+	return;
+}
+appendLabel(':');
+for (i=0; i < item->len; i++) {
+	unsigned char byte=item->data[i];
+	appendHex(byte >> 4);
+	appendHex(byte & 0xf);
+	appendLabel(':');
+}
+}
+/*
+* append a 32 bit integer (even on a 64 bit platform).
+* for simplicity append it as a hex value, full extension with 0x prefix.
+*/
+static void
+appendInt(unsigned int value)
+{
+int i;
+if (!buffer.data) {
+	return;
+}
+appendLabel('0');
+appendLabel('x');
+value = value & 0xffffffff; /* only look at the buttom 8 bytes */
+for (i=0; i < 8; i++) {
+	appendHex(value >> 28 );
+	value = value << 4;
+}
+}
+/* append a trust flag */
+static void
+appendFlags(unsigned int flag)
+{
+char trust[10];
+char *cp=trust;
+trust[0] = 0;
+printflags(trust, flag);
+while (*cp) {
+appendLabel(*cp++);
+}
+}
+/*
+* dump our buffer out with a result= flag so we can find it easily.
+* free the buffer as a side effect.
+*/
+static void
+dumpBuffer(void)
+{
+if (!buffer.data) {
+	return;
+}
+appendLabel(0); /* terminate */
+printf("\nresult=%s\n",buffer.data);
+PORT_Free(buffer.data);
+buffer.data = buffer.next = NULL;
+buffer.len = 0;
+}
+/*
+* usage, like traditional usage, automatically exit
+*/
+static void
+usage(const char *prog)
+{
+short_help(prog);
+dumpBuffer();
+exit(1);
+}
+/*
+* like usage, except prints the long version of help
+*/
+static void
+usage_long(const char *prog)
+{
+long_help(prog);
+dumpBuffer();
+exit(1);
+}
+static const char *
+bool2String(PRBool bool)
+{
+return bool ? "true" : "false";
+}
+/*
+* print out interesting info about the given slot
+*/
+void
+print_slot(PK11SlotInfo *slot, int log)
+{
+if (log) {
+	fprintf(stderr, "* Name=%s Token_Name=%s present=%s, ro=%s *\n",
+		PK11_GetSlotName(slot), PK11_GetTokenName(slot),
+		bool2String(PK11_IsPresent(slot)),
+		bool2String(PK11_IsReadOnly(slot)));
+}
+appendLabel('S');
+appendString(PK11_GetTokenName(slot));
+appendBool(PK11_IsPresent(slot));
+appendBool(PK11_IsReadOnly(slot));
+}
+/*
+* list all our slots
+*/
+void
+do_list_slots(const char *progName, int log)
+{
+PK11SlotList *list;
+PK11SlotListElement *le;
+list= PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL);
+if (list == NULL) {
+	fprintf(stderr,"ERROR: no tokens found %s\n",
+		SECU_Strerror(PORT_GetError()));
+	appendLabel('S');
+	appendString("none");
+	return;
+}
+for (le= PK11_GetFirstSafe(list); le;
+				le = PK11_GetNextSafe(list,le,PR_TRUE)) {
+	print_slot(le->slot, log);
+}
+PK11_FreeSlotList(list);
+}
+static PRBool
+sort_CN(CERTCertificate *certa, CERTCertificate *certb, void *arg)
+{
+char *commonNameA, *commonNameB;
+int ret;
+commonNameA = CERT_GetCommonName(&certa->subject);
+commonNameB = CERT_GetCommonName(&certb->subject);
+if (commonNameA == NULL) {
+	PORT_Free(commonNameB);
+	return PR_TRUE;
+}
+if (commonNameB == NULL) {
+	PORT_Free(commonNameA);
+	return PR_FALSE;
+}
+ret = PORT_Strcmp(commonNameA,commonNameB);
+PORT_Free(commonNameA);
+PORT_Free(commonNameB);
+return (ret < 0) ? PR_TRUE: PR_FALSE;
+}
+/*
+* list all the certs
+*/
+void
+do_list_certs(const char *progName, int log)
+{
+CERTCertList *list;
+CERTCertList *sorted;
+CERTCertListNode *node;
+CERTCertTrust trust;
+int i;
+list = PK11_ListCerts(PK11CertListUnique, NULL);
+if (list == NULL) {
+	fprintf(stderr,"ERROR: no certs found %s\n",
+		SECU_Strerror(PORT_GetError()));
+	appendLabel('C');
+	appendString("none");
+	return;
+}
+sorted = CERT_NewCertList();
+if (sorted == NULL) {
+	fprintf(stderr,"ERROR: no certs found %s\n",
+		SECU_Strerror(PORT_GetError()));
+	appendLabel('C');
+	appendLabel('E');
+	appendInt(PORT_GetError());
+	return;
+}
+/* sort the list */
+for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node,list);
+				node = CERT_LIST_NEXT(node)) {
+	CERT_AddCertToListSorted(sorted, node->cert, sort_CN, NULL);
+}
+for (node = CERT_LIST_HEAD(sorted); !CERT_LIST_END(node,sorted);
+				node = CERT_LIST_NEXT(node)) {
+	CERTCertificate *cert = node->cert;
+	char *commonName;
+	SECU_PrintCertNickname(node, stderr);
+	if (log) {
+	    fprintf(stderr, "*	Slot=%s*\n", cert->slot ?
+		 PK11_GetTokenName(cert->slot) : "none");
+	    fprintf(stderr, "*	Nickname=%s*\n", cert->nickname);
+	    fprintf(stderr, "*	Subject=<%s>*\n", cert->subjectName);
+	    fprintf(stderr, "*	Issuer=<%s>*\n", cert->issuerName);
+	    fprintf(stderr, "*	SN=");
+	    for (i=0; i < cert->serialNumber.len; i++) {
+		if (i!=0) fprintf(stderr,":");
+		fprintf(stderr, "%02x",cert->serialNumber.data[0]);
+	    }
+	    fprintf(stderr," *\n");
+	}
+	appendLabel('C');
+	commonName = CERT_GetCommonName(&cert->subject);
+	appendString(commonName?commonName:"*NoName*");
+	PORT_Free(commonName);
+	if (CERT_GetCertTrust(cert, &trust) == SECSuccess) {
+	    appendFlags(trust.sslFlags);
+	    appendFlags(trust.emailFlags);
+	    appendFlags(trust.objectSigningFlags);
+	}
+}
+CERT_DestroyCertList(list);
+}
+/*
+* need to implement yet... try to add a new certificate
+*/
+void
+do_add_cert(const char *progName, int log)
+{
+PORT_Assert(/* do_add_cert not implemented */ 0);
+}
+/*
+* display the current key slot
+*/
+void
+do_key_slot(const char *progName, int log)
+{
+PK11SlotInfo *slot = PK11_GetInternalKeySlot();
+if (!slot) {
+	fprintf(stderr,"ERROR: no internal key slot found %s\n",
+		SECU_Strerror(PORT_GetError()));
+	appendLabel('K');
+	appendLabel('S');
+	appendString("none");
+}
+print_slot(slot, log);
+PK11_FreeSlot(slot);
+}
+/*
+* execute some NSS command.
+*/
+void
+do_command(const char *label, int initialized, secuCommandFlag *command,
+	   const char *progName, int log)
+{
+char * command_string;
+if (!initialized) {
+	return;
+}
+if (command->activated) {
+	command_string = command->arg;
+} else {
+	command_string = "none";
+}
+if (log) {
+	fprintf(stderr, "*Executing nss command \"%s\" for %s*\n",
+						command_string,label);
+}
+/* do something */
+if (PORT_Strcasecmp(command_string, "list_slots") == 0) {
+	do_list_slots(progName, log);
+} else if (PORT_Strcasecmp(command_string, "list_certs") == 0) {
+	do_list_certs(progName, log);
+} else if (PORT_Strcasecmp(command_string, "add_cert") == 0) {
+	do_add_cert(progName, log);
+} else if (PORT_Strcasecmp(command_string, "key_slot") == 0) {
+	do_key_slot(progName, log);
+} else if (PORT_Strcasecmp(command_string, "none") != 0) {
+	fprintf(stderr, ">> Unknown command (%s)\n", command_string);
+	appendLabel('E');
+	appendString("bc");
+	usage_long(progName);
+}
+}
+/*
+* functions do handle
+* different library initializations.
+*/
+static int main_initialized;
+static int lib1_initialized;
+static int lib2_initialized;
+void
+main_Init(secuCommandFlag *db, secuCommandFlag *tokNam,
+	  int readOnly, const char *progName, int log)
+{
+SECStatus rv;
+if (log) {
+	fprintf(stderr,"*NSS_Init for the main program*\n");
+}
+appendLabel('M');
+if (!db->activated) {
+	fprintf(stderr, ">> No main_db has been specified\n");
+	usage(progName);
+}
+if (main_initialized) {
+	fprintf(stderr,"Warning: Second initialization of Main\n");
+	appendLabel('E');
+	appendString("2M");
+}
+if (tokNam->activated) {
+	PK11_ConfigurePKCS11(NULL, NULL, NULL, tokNam->arg,
+			 NULL, NULL, NULL, NULL, 0, 0);
+}
+rv = NSS_Initialize(db->arg, "", "", "",
+		NSS_INIT_NOROOTINIT|(readOnly?NSS_INIT_READONLY:0));
+if (rv != SECSuccess) {
+	appendLabel('E');
+	appendInt(PORT_GetError());
+	fprintf(stderr,">> %s\n", SECU_Strerror(PORT_GetError()));
+	dumpBuffer();
+	exit(1);
+}
+main_initialized = 1;
+}
+void
+main_Do(secuCommandFlag *command, const char *progName, int log)
+{
+do_command("main", main_initialized, command, progName, log);
+}
+void
+main_Shutdown(int old_style, const char *progName, int log)
+{
+SECStatus rv;
+appendLabel('N');
+if (log) {
+	fprintf(stderr,"*NSS_Shutdown for the main program*\n");
+}
+if (!main_initialized) {
+	fprintf(stderr,"Warning: Main shutdown without corresponding init\n");
+}
+if (old_style) {
+	rv = NSS_Shutdown();
+} else {
+	rv = NSS_ShutdownContext(NULL);
+}
+fprintf(stderr, "Shutdown main state = %d\n", rv);
+if (rv != SECSuccess) {
+	appendLabel('E');
+	appendInt(PORT_GetError());
+	fprintf(stderr,"ERROR: %s\n", SECU_Strerror(PORT_GetError()));
+}
+main_initialized = 0;
+}
+/* common library init */
+NSSInitContext *
+lib_Init(const char *lableString, char label, int initialized,
+	 secuCommandFlag *db, secuCommandFlag *tokNam, int readonly,
+	 const char *progName, int log)
+{
+NSSInitContext *ctxt;
+NSSInitParameters initStrings;
+NSSInitParameters *initStringPtr = NULL;
+appendLabel(label);
+if (log) {
+	fprintf(stderr,"*NSS_Init for %s*\n", lableString);
+}
+if (!db->activated) {
+	fprintf(stderr, ">> No %s_db has been specified\n", lableString);
+	usage(progName);
+}
+if (initialized) {
+	fprintf(stderr,"Warning: Second initialization of %s\n", lableString);
+}
+if (tokNam->activated) {
+	PORT_Memset(&initStrings, 0, sizeof(initStrings));
+	initStrings.length = sizeof(initStrings);
+	initStrings.dbTokenDescription = tokNam->arg;
+	initStringPtr = &initStrings;
+}
+ctxt = NSS_InitContext(db->arg, "", "", "", initStringPtr,
+		NSS_INIT_NOROOTINIT|(readonly?NSS_INIT_READONLY:0));
+if (ctxt == NULL) {
+	appendLabel('E');
+	appendInt(PORT_GetError());
+	fprintf(stderr,">> %s\n",SECU_Strerror(PORT_GetError()));
+	dumpBuffer();
+	exit(1);
+}
+return ctxt;
+}
+/* common library shutdown */
+void
+lib_Shutdown(const char *labelString, char label, NSSInitContext *ctx,
+	     int initialize, const char *progName, int log)
+{
+SECStatus rv;
+appendLabel(label);
+if (log) {
+	fprintf(stderr,"*NSS_Shutdown for %s\n*", labelString);
+}
+if (!initialize) {
+	fprintf(stderr,"Warning: %s shutdown without corresponding init\n",
+		 labelString);
+}
+rv = NSS_ShutdownContext(ctx);
+fprintf(stderr, "Shutdown %s state = %d\n", labelString, rv);
+if (rv != SECSuccess) {
+	appendLabel('E');
+	appendInt(PORT_GetError());
+	fprintf(stderr,"ERROR: %s\n", SECU_Strerror(PORT_GetError()));
+}
+}
+static NSSInitContext *lib1_context;
+static NSSInitContext *lib2_context;
+void
+lib1_Init(secuCommandFlag *db, secuCommandFlag *tokNam,
+	  int readOnly, const char *progName, int log)
+{
+lib1_context = lib_Init("lib1", '1', lib1_initialized, db, tokNam,
+			     readOnly, progName, log);
+lib1_initialized = 1;
+}
+void
+lib2_Init(secuCommandFlag *db, secuCommandFlag *tokNam,
+	  int readOnly, const char *progName, int log)
+{
+lib2_context = lib_Init("lib2", '2', lib2_initialized,
+			    db, tokNam, readOnly, progName, log);
+lib2_initialized = 1;
+}
+void
+lib1_Do(secuCommandFlag *command, const char *progName, int log)
+{
+do_command("lib1", lib1_initialized, command, progName, log);
+}
+void
+lib2_Do(secuCommandFlag *command, const char *progName, int log)
+{
+do_command("lib2", lib2_initialized, command, progName, log);
+}
+void
+lib1_Shutdown(const char *progName, int log)
+{
+lib_Shutdown("lib1", 'I', lib1_context, lib1_initialized, progName, log);
+lib1_initialized = 0;
+/* don't clear lib1_Context, so we can test multiple attempts to close
+* the same context produces correct errors*/
+}
+void
+lib2_Shutdown(const char *progName, int log)
+{
+lib_Shutdown("lib2", 'Z', lib2_context, lib2_initialized, progName, log);
+lib2_initialized = 0;
+/* don't clear lib2_Context, so we can test multiple attempts to close
+* the same context produces correct errors*/
+}
+int
+main(int argc, char **argv)
+{
+SECStatus rv;
+secuCommand libinit;
+char *progName;
+char *order;
+secuCommandFlag *options;
+int log = 0;
+progName = strrchr(argv[0], '/');
+progName = progName ? progName+1 : argv[0];
+libinit.numCommands = 0;
+libinit.commands = 0;
+libinit.numOptions = opt_last;
+options = (secuCommandFlag *)PORT_Alloc(sizeof(options_init));
+if (options == NULL) {
+	fprintf(stderr, ">> %s:Not enough free memory to run command\n",
+		progName);
+	exit(1);
+}
+PORT_Memcpy(options, options_init, sizeof(options_init));
+libinit.options = options;
+rv = SECU_ParseCommandLine(argc, argv, progName, & libinit);
+if (rv != SECSuccess) {
+	usage(progName);
+}
+if (libinit.options[opt_help].activated) {
+	long_help(progName);
+	exit (0);
+}
+log = libinit.options[opt_verbose].activated;
+if (libinit.options[opt_summary].activated) {
+	initBuffer();
+}
+order = libinit.options[opt_liborder].arg;
+if (!order) {
+	usage(progName);
+}
+if (log) {
+	fprintf(stderr,"* initializing with order \"%s\"*\n", order);
+}
+for (;*order; order++) {
+	switch (*order) {
+	case 'M':
+	    main_Init(&libinit.options[opt_mainDB],
+		      &libinit.options[opt_mainTokNam],
+		       libinit.options[opt_mainRO].activated,
+		       progName, log);
+	    break;
+	case '1':
+	    lib1_Init(&libinit.options[opt_lib1DB],
+		      &libinit.options[opt_lib1TokNam],
+		       libinit.options[opt_lib1RO].activated,
+		        progName,log);
+	    break;
+	case '2':
+	    lib2_Init(&libinit.options[opt_lib2DB],
+		      &libinit.options[opt_lib2TokNam],
+		       libinit.options[opt_lib2RO].activated,
+		       progName,log);
+	    break;
+	case 'm':
+	    main_Shutdown(libinit.options[opt_oldStyle].activated,
+			  progName, log);
+	    break;
+	case 'i':
+	    lib1_Shutdown(progName, log);
+	    break;
+	case 'z':
+	    lib2_Shutdown(progName, log);
+	    break;
+	default:
+	    fprintf(stderr,">> Unknown init/shutdown command \"%c\"", *order);
+	    usage_long(progName);
+	}
+	main_Do(&libinit.options[opt_mainCMD], progName, log);
+	lib1_Do(&libinit.options[opt_lib1CMD], progName, log);
+	lib2_Do(&libinit.options[opt_lib2CMD], progName, log);
+}
+if (NSS_IsInitialized()) {
+	appendLabel('X');
+	fprintf(stderr, "Warning: NSS is initialized\n");
+}
+dumpBuffer();
+exit(0);
+}

The Tor Browser / file comparison

comparison: security/nss/cmd/multinit/multinit.c

security/nss/cmd/multinit/multinit.c