439
edits
Changes
→How Applications Use Upgrade
token name string. If this function fails, stop.
Step 3. Authenticate to the source token. The substeps are:
a) (optional) Call PK11_GetTokenName to get the name of the token. With
that name, you can be sure that you are authenticating to the source token. Skipping this step is not harmful, it is only necessary if the application absolutely needs to know which token the following PK11_Authenticate() will be called on(for instance pwArg contains the actual password for the token). For most NSS applications the underlying password prompt system will properly disambiguate the appropriate password to the user(or it's password cache).
b) Call PK11_Authenticate() to authenticate to the source token. This
source DB was empty. It will record the unique source DB identifier
string in the target DB and act as if the merger is complete. This is similiar to what happens in all previous versions of NSS during database update. See "Database Merge" below for how to recover from this.
/* STEP 1: Signal that update/merge may be needed */
rv = NSS_InitWithMerge(SECU_ConfigDirectory(NULL),
certPrefix, certPrefix, "secmod.db",
updateDir, updCertPrefix, updCertPrefix,
updateID, updateTokenName,
readOnly ? NSS_INIT_READONLY: 0);
slot = PK11_GetInternalKeySlot();
/*
* Step 2: Determine if update/merge is needed.
*/
if (!PK11_IsPerm(slot) && !PK11_NeedLogin(slot)) {
/* need to update/Merge the database */
/*
* Step 3: Authenticate to the token
*/
rv = PK11_Authenticate(slot, PR_FALSE, pwArg);
if (rv != SECSuccess) {
if (PORT_Strcmp(PK11_GetTokenName(slot), updateTokenName) == 0)) {
handle_failure_to_get_old_DB_Password();
} else {
handle_failure_to_get_new_DB_Password();
}
goto fail;
}
/* Step 4: */
if (PK11_IsLoggedIn(slot, &pwdata)) {
printf("update complete!\n");
rv = SECSuccess;
goto shutdown;
}
}
/* Step 5: */
if (!PK11_IsPresent(slot)) {
Assert(); /* should not happen */
}
/* skipping optional step 6 */
/* Step 7: */
rv = PK11_Authenticate(slot, PR_FALSE, pwArg);
if (rv != SECSuccess) {
handle_failure_to_get_new_DB_Password();
}
}
/* NSS is initialized and merged, start using it */
====== Database Upgrade Underlying Implementation ======
V
done
===== Merge Conflicts (Mode 3A only) =====