From 39344e506c679be793e32031c2df099c736d8dba Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 5 Apr 2011 16:22:57 +0200 Subject: [PATCH] Use p11-kit to lookup trust uris. --- gcr/Makefile.am | 1 + gcr/gcr-library.c | 38 +++++++++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/gcr/Makefile.am b/gcr/Makefile.am index 880f5fc..ee2359a 100644 --- a/gcr/Makefile.am +++ b/gcr/Makefile.am @@ -115,6 +115,7 @@ libgcr@GCR_VERSION_SUFFIX@_la_SOURCES = \ libgcr@GCR_VERSION_SUFFIX@_la_CFLAGS = \ -DGCK_API_SUBJECT_TO_CHANGE \ -DGCR_API_SUBJECT_TO_CHANGE \ + -DP11_KIT_API_SUBJECT_TO_CHANGE \ -DGCR_COMPILATION \ -DUIDIR=\""$(uidir)"\" diff --git a/gcr/gcr-library.c b/gcr/gcr-library.c index 2567712..10c3b90 100644 --- a/gcr/gcr-library.c +++ b/gcr/gcr-library.c @@ -34,6 +34,8 @@ #include "egg/egg-libgcrypt.h" #include "egg/egg-secure-memory.h" +#include + #include #include @@ -176,25 +178,39 @@ void _gcr_initialize (void) { static volatile gsize gcr_initialized = 0; + CK_FUNCTION_LIST_PTR_PTR module_list; + GPtrArray *uris; + gchar *uri; + guint i; /* Initialize the libgcrypt library if needed */ egg_libgcrypt_initialize (); if (g_once_init_enter (&gcr_initialized)) { - all_modules = gck_modules_initialize_registered (); - /* - * Soon we're going to have support for using a configuration of - * PKCS#11 modules using p11-kit. But for this release this is - * hard coded. - */ + /* This calls p11_kit_initialize_registered */ + all_modules = gck_modules_initialize_registered (); - trust_store_uri = g_strdup ("pkcs11:library-manufacturer=GNOME%20Keyring;serial=1:XDG:DEFAULT"); + module_list = p11_kit_registered_modules (); + + /* Ask for the global x-trust-store option */ + trust_store_uri = p11_kit_registered_option (NULL, "x-trust-store"); + for (i = 0; !trust_store_uri && module_list[i]; i++) + trust_store_uri = p11_kit_registered_option (module_list[i], "x-trust-store"); + + uris = g_ptr_array_new (); + uri = p11_kit_registered_option (NULL, "x-trust-lookup"); + if (uri != NULL) + g_ptr_array_add (uris, uri); + for (i = 0; module_list[i]; i++) { + uri = p11_kit_registered_option (module_list[i], "x-trust-lookup"); + if (uri != NULL) + g_ptr_array_add (uris, uri); + } + g_ptr_array_add (uris, NULL); - trust_lookup_uris = g_new0 (gchar*, 3); - trust_lookup_uris[0] = g_strdup ("pkcs11:library-manufacturer=GNOME%20Keyring;serial=1:ROOTS:DEFAULT"); - trust_lookup_uris[1] = g_strdup ("pkcs11:library-manufacturer=GNOME%20Keyring;serial=1:XDG:DEFAULT"); - trust_lookup_uris[2] = NULL; + trust_lookup_uris = (gchar**)g_ptr_array_free (uris, FALSE); + free (module_list); g_once_init_leave (&gcr_initialized, 1); } -- 2.7.4