summaryrefslogtreecommitdiff
path: root/security/nss/cmd/modutil
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-02-23 11:04:39 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-23 11:04:39 +0100
commitf202bd979235bff22fe069a187eff461e8408e6e (patch)
tree99ccc8e212257e1da1902036ae261e8e55d55c1c /security/nss/cmd/modutil
parentc765922ddfdc794d04b692b1c3da9d43374ad00a (diff)
downloaduxp-f202bd979235bff22fe069a187eff461e8408e6e.tar.gz
Update NSS to 3.35-RTM
Diffstat (limited to 'security/nss/cmd/modutil')
-rw-r--r--security/nss/cmd/modutil/error.h6
-rw-r--r--security/nss/cmd/modutil/install-ds.c3
-rw-r--r--security/nss/cmd/modutil/modutil.c2
-rw-r--r--security/nss/cmd/modutil/modutil.h1
-rw-r--r--security/nss/cmd/modutil/pk11.c35
5 files changed, 41 insertions, 6 deletions
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
index b328afebc6..d9f06592f8 100644
--- a/security/nss/cmd/modutil/error.h
+++ b/security/nss/cmd/modutil/error.h
@@ -57,6 +57,7 @@ typedef enum {
UNSPECIFIED_ERR,
NOCERTDB_MISUSE_ERR,
NSS_INITIALIZE_FAILED_ERR,
+ INITPW_FAILED_ERR,
LAST_ERR /* must be last */
} Error;
@@ -109,8 +110,9 @@ static char *errStrings[] = {
"ERROR: Failed to change default.\n",
"ERROR: Unable to read from standard input.\n",
"ERROR: Unknown error occurred.\n",
- "ERROR: -nocertdb option can only be used with the -jar command.\n"
- "ERROR: NSS_Initialize() failed.\n"
+ "ERROR: -nocertdb option can only be used with the -jar command.\n",
+ "ERROR: NSS_Initialize() failed.\n",
+ "ERROR: Unable to set initial password on the database.\n"
};
typedef enum {
diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c
index c8fef78979..0305687626 100644
--- a/security/nss/cmd/modutil/install-ds.c
+++ b/security/nss/cmd/modutil/install-ds.c
@@ -975,8 +975,7 @@ Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad)
printf("Doesn't use equiv\n");
}
PAD(pad);
- printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile
- : "<NULL>");
+ printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile : "<NULL>");
PAD(pad);
printf("mechFlags: %lx\n", _this->mechFlags);
PAD(pad);
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
index 02972f7b46..c1b44be536 100644
--- a/security/nss/cmd/modutil/modutil.c
+++ b/security/nss/cmd/modutil/modutil.c
@@ -865,7 +865,7 @@ main(int argc, char* argv[])
errcode = ChangePW(tokenName, pwFile, newpwFile);
break;
case CREATE_COMMAND:
- /* The work was already done in init_crypto() */
+ errcode = InitPW();
break;
case DEFAULT_COMMAND:
errcode = SetDefaultModule(moduleName, slotName, mechanisms);
diff --git a/security/nss/cmd/modutil/modutil.h b/security/nss/cmd/modutil/modutil.h
index 127d0d0dab..04aa908c85 100644
--- a/security/nss/cmd/modutil/modutil.h
+++ b/security/nss/cmd/modutil/modutil.h
@@ -29,6 +29,7 @@ Error AddModule(char *moduleName, char *libFile, char *ciphers,
Error DeleteModule(char *moduleName);
Error ListModule(char *moduleName);
Error ListModules();
+Error InitPW(void);
Error ChangePW(char *tokenName, char *pwFile, char *newpwFile);
Error EnableModule(char *moduleName, char *slotName, PRBool enable);
Error RawAddModule(char *dbmodulespec, char *modulespec);
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
index 834469af1e..1efc1895c4 100644
--- a/security/nss/cmd/modutil/pk11.c
+++ b/security/nss/cmd/modutil/pk11.c
@@ -670,6 +670,39 @@ loser:
/************************************************************************
*
+ * I n i t P W
+ */
+Error
+InitPW(void)
+{
+ PK11SlotInfo *slot;
+ Error ret = UNSPECIFIED_ERR;
+
+ slot = PK11_GetInternalKeySlot();
+ if (!slot) {
+ PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], "internal");
+ return NO_SUCH_TOKEN_ERR;
+ }
+
+ /* Set the initial password to empty */
+ if (PK11_NeedUserInit(slot)) {
+ if (PK11_InitPin(slot, NULL, "") != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[INITPW_FAILED_ERR]);
+ ret = INITPW_FAILED_ERR;
+ goto loser;
+ }
+ }
+
+ ret = SUCCESS;
+
+loser:
+ PK11_FreeSlot(slot);
+
+ return ret;
+}
+
+/************************************************************************
+ *
* C h a n g e P W
*/
Error
@@ -695,7 +728,7 @@ ChangePW(char *tokenName, char *pwFile, char *newpwFile)
ret = BAD_PW_ERR;
goto loser;
}
- } else {
+ } else if (PK11_NeedLogin(slot)) {
for (matching = PR_FALSE; !matching;) {
oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
if (PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {