Changes

Jump to: navigation, search

NSS Shared DB

1,435 bytes added, 02:27, 1 February 2008
How Applications Use Upgrade
token name string. If this function fails, stop.
(NoteStep 2: Determine if a merge is even necessary. If a merge is necessary,NSS will set the present implementation has no way slot to pass the source DBprefix to the functiona 'removable slot'. This needs You can use PK11_IsPerm to be correctedtest for this.)
Step 2: Determine if it If the DB slot token is removable, then an update/merge is necessary to authenticate for the source DB.However,This will not be necessary if there is no database password on either the merge operation has already completed,source or if the source DB had no password. To determine thistarget database, the applicationcalls a function to ask if then NSS has already completed the token in the DB slot is removablemerge. '''FIX ME'' Thefunction to be called You can test for that purpose has not yet been made public, sothis withthose details are TBD. That needs to be correctedPK11_NeedLogin(). If the DB slot token PK11_NeedLogin() is removable, true then it is necessary to authenticateto the source token, at step 3 below. If the token is not removable,then it NOT no merge is necessary to authenticate to the source DB. Skip and you can skipto step 48.
Step 3. Authenticate to the source token. The substeps are:
a) (optional) Call PK11_GetTokenName to get the name of the token. With
that name, you can be sure that you are authenticating to the source token. Skipping this step is not harmful, it is only necessary if the application absolutely needs to know which token the following PK11_Authenticate() will be called on(for instance pwArg contains the actual password for the token). For most NSS applications the underlying password prompt system will properly disambiguate the appropriate password to the user(or it's password cache).
b) Call PK11_Authenticate() to authenticate to the source token. This
source DB was empty. It will record the unique source DB identifier
string in the target DB and act as if the merger is complete. This is similiar to what happens in all previous versions of NSS during database update. See "Database Merge" below for how to recover from this.
 
/* STEP 1: Signal that update/merge may be needed */
rv = NSS_InitWithMerge(SECU_ConfigDirectory(NULL),
certPrefix, certPrefix, "secmod.db",
updateDir, updCertPrefix, updCertPrefix,
updateID, updateTokenName,
readOnly ? NSS_INIT_READONLY: 0);
slot = PK11_GetInternalKeySlot();
 
/*
* Step 2: Determine if update/merge is needed.
*/
if (!PK11_IsPerm(slot) && !PK11_NeedLogin(slot)) {
/* need to update/Merge the database */
/*
* Step 3: Authenticate to the token
*/
rv = PK11_Authenticate(slot, PR_FALSE, pwArg);
if (rv != SECSuccess) {
if (PORT_Strcmp(PK11_GetTokenName(slot), updateTokenName) == 0)) {
handle_failure_to_get_old_DB_Password();
} else {
handle_failure_to_get_new_DB_Password();
}
goto fail;
}
/* Step 4: */
if (PK11_IsLoggedIn(slot, &pwdata)) {
printf("update complete!\n");
rv = SECSuccess;
goto shutdown;
}
}
 
/* Step 5: */
if (!PK11_IsPresent(slot)) {
Assert(); /* should not happen */
}
 
/* skipping optional step 6 */
/* Step 7: */
rv = PK11_Authenticate(slot, PR_FALSE, pwArg);
if (rv != SECSuccess) {
handle_failure_to_get_new_DB_Password();
}
}
 
/* NSS is initialized and merged, start using it */
====== Database Upgrade Underlying Implementation ======
V
done
 
===== Merge Conflicts (Mode 3A only) =====
Relyea
439
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/81804"

Navigation menu