summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/softoken/sdb.c
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-02-24 00:43:43 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-24 00:43:43 +0100
commitdc7ceccf8bc0950e4daa5f0e7736d4c204526fc0 (patch)
treec70154c611b0f03bdcba029f1c51c48e5f69eb36 /security/nss/lib/softoken/sdb.c
parent6f93b00559c8fe5b8dfaf59fcbaac8f1e0dd3366 (diff)
parent788c588bf6f8907dc57b01cd1c86239215d3c661 (diff)
downloadUXP-dc7ceccf8bc0950e4daa5f0e7736d4c204526fc0.tar
UXP-dc7ceccf8bc0950e4daa5f0e7736d4c204526fc0.tar.gz
UXP-dc7ceccf8bc0950e4daa5f0e7736d4c204526fc0.tar.lz
UXP-dc7ceccf8bc0950e4daa5f0e7736d4c204526fc0.tar.xz
UXP-dc7ceccf8bc0950e4daa5f0e7736d4c204526fc0.zip
Merge branch 'TLS-1.3'
Diffstat (limited to 'security/nss/lib/softoken/sdb.c')
-rw-r--r--security/nss/lib/softoken/sdb.c105
1 files changed, 68 insertions, 37 deletions
diff --git a/security/nss/lib/softoken/sdb.c b/security/nss/lib/softoken/sdb.c
index 8690df34c..96717cb26 100644
--- a/security/nss/lib/softoken/sdb.c
+++ b/security/nss/lib/softoken/sdb.c
@@ -37,6 +37,7 @@
#elif defined(XP_UNIX)
#include <unistd.h>
#endif
+#include "utilpars.h"
#ifdef SQLITE_UNSAFE_THREADS
#include "prlock.h"
@@ -190,6 +191,34 @@ sdb_done(int err, int *count)
return 0;
}
+#if defined(_WIN32)
+/*
+ * NSPR functions and narrow CRT functions do not handle UTF-8 file paths that
+ * sqlite3 expects.
+ */
+
+static int
+sdb_chmod(const char *filename, int pmode)
+{
+ int result;
+
+ if (!filename) {
+ return -1;
+ }
+
+ wchar_t *filenameWide = _NSSUTIL_UTF8ToWide(filename);
+ if (!filenameWide) {
+ return -1;
+ }
+ result = _wchmod(filenameWide, pmode);
+ PORT_Free(filenameWide);
+
+ return result;
+}
+#else
+#define sdb_chmod(filename, pmode) chmod((filename), (pmode))
+#endif
+
/*
* find out where sqlite stores the temp tables. We do this by replicating
* the logic from sqlite.
@@ -1600,7 +1629,7 @@ loser:
return error;
}
-static const char RESET_CMD[] = "DROP TABLE IF EXISTS %s;";
+static const char RESET_CMD[] = "DELETE FROM %s;";
CK_RV
sdb_Reset(SDB *sdb)
{
@@ -1621,17 +1650,19 @@ sdb_Reset(SDB *sdb)
goto loser;
}
- /* delete the key table */
- newStr = sqlite3_mprintf(RESET_CMD, sdb_p->table);
- if (newStr == NULL) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
- sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
- sqlite3_free(newStr);
+ if (tableExists(sqlDB, sdb_p->table)) {
+ /* delete the contents of the key table */
+ newStr = sqlite3_mprintf(RESET_CMD, sdb_p->table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
- if (sqlerr != SQLITE_OK)
- goto loser;
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ }
/* delete the password entry table */
sqlerr = sqlite3_exec(sqlDB, "DROP TABLE IF EXISTS metaData;",
@@ -1737,7 +1768,7 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
* sqlite3 will always create it.
*/
LOCK_SQLITE();
- create = (PR_Access(dbname, PR_ACCESS_EXISTS) != PR_SUCCESS);
+ create = (_NSSUTIL_Access(dbname, PR_ACCESS_EXISTS) != PR_SUCCESS);
if ((flags == SDB_RDONLY) && create) {
error = sdb_mapSQLError(type, SQLITE_CANTOPEN);
goto loser;
@@ -1754,7 +1785,7 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
*
* NO NSPR call for chmod? :(
*/
- if (create && chmod(dbname, 0600) != 0) {
+ if (create && sdb_chmod(dbname, 0600) != 0) {
error = sdb_mapSQLError(type, SQLITE_CANTOPEN);
goto loser;
}
@@ -1866,30 +1897,29 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
* so we use it for the cache (see sdb_buildCache for how it's done).*/
/*
- * we decide whether or not to use the cache based on the following input.
- *
- * NSS_SDB_USE_CACHE environment variable is non-existant or set to
- * anything other than "no" or "yes" ("auto", for instance).
- * This is the normal case. NSS will measure the performance of access
- * to the temp database versus the access to the users passed in
- * database location. If the temp database location is "significantly"
- * faster we will use the cache.
- *
- * NSS_SDB_USE_CACHE environment variable is set to "no": cache will not
- * be used.
- *
- * NSS_SDB_USE_CACHE environment variable is set to "yes": cache will
- * always be used.
- *
- * It is expected that most applications would use the "auto" selection,
- * the environment variable is primarily to simplify testing, and to
- * correct potential corner cases where */
+ * we decide whether or not to use the cache based on the following input.
+ *
+ * NSS_SDB_USE_CACHE environment variable is set to anything other than
+ * "yes" or "no" (for instance, "auto"): NSS will measure the performance
+ * of access to the temp database versus the access to the user's
+ * passed-in database location. If the temp database location is
+ * "significantly" faster we will use the cache.
+ *
+ * NSS_SDB_USE_CACHE environment variable is nonexistent or set to "no":
+ * cache will not be used.
+ *
+ * NSS_SDB_USE_CACHE environment variable is set to "yes": cache will
+ * always be used.
+ *
+ * It is expected that most applications will not need this feature, and
+ * thus it is disabled by default.
+ */
env = PR_GetEnvSecure("NSS_SDB_USE_CACHE");
- if (env && PORT_Strcasecmp(env, "no") == 0) {
+ if (!env || PORT_Strcasecmp(env, "no") == 0) {
enableCache = PR_FALSE;
- } else if (env && PORT_Strcasecmp(env, "yes") == 0) {
+ } else if (PORT_Strcasecmp(env, "yes") == 0) {
enableCache = PR_TRUE;
} else {
char *tempDir = NULL;
@@ -2035,10 +2065,11 @@ s_open(const char *directory, const char *certPrefix, const char *keyPrefix,
{
char *env;
env = PR_GetEnvSecure("NSS_SDB_USE_CACHE");
- /* If the environment variable is set to yes or no, sdb_init() will
- * ignore the value of accessOps, and we can skip the measuring.*/
- if (!env || ((PORT_Strcasecmp(env, "no") != 0) &&
- (PORT_Strcasecmp(env, "yes") != 0))) {
+ /* If the environment variable is undefined or set to yes or no,
+ * sdb_init() will ignore the value of accessOps, and we can skip the
+ * measuring.*/
+ if (env && PORT_Strcasecmp(env, "no") != 0 &&
+ PORT_Strcasecmp(env, "yes") != 0) {
accessOps = sdb_measureAccess(directory);
}
}