2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. 2N/A * Functions for dealing with provider sessions 2N/A * This is just a **WILD** guess for the maximum idle sessions to 2N/A * keep for each slot. This number should probably be adjusted 2N/A * when there's more data from actual application use 2N/A * The following 5 variables are initialized at the time metaslot 2N/A * is initialized. They are not modified after they are initialized 2N/A * During initialization time, they are protected by the "initmutex" 2N/A/* protects the "metaslotLoggedIn" variable */ 2N/A * meta_slotManager_initialize 2N/A * Called from C_Initialize. Allocates and initializes the storage needed 2N/A * by the slot manager. 2N/A /* Initialize the static variables */ 2N/A * Count the number of slots in the framework. 2N/A * We start at ((slottable->st_first) + 1) instead of 2N/A * slottable->st_first because when we are here, metaslot is 2N/A * enabled, and st_first is always metaslot, which doesn't 2N/A * need to be counted. 2N/A * This shouldn't happen, because there should at least 2N/A * be 1 other slot besides metaslot. 2N/A * Store the slot IDs. Adjust for the fact that the first slot is 2N/A * actually us (metaslot). 2N/A * meta_slotManager_finalize 2N/A * Called from C_Finalize. Deallocates any storage held by the slot manager. 2N/A /* If no slots to free, return */ 2N/A * No need to lock pool, we assume all meta sessions are closed. 2N/A * Close all sessions in the idle and persist list. 2N/A * The active list is empty. It doesn't need to be checked. 2N/A * The slotobjects associated with the session should have 2N/A * been closed when the metaobjects were closed. Thus, no 2N/A * need to do anything here. 2N/A * meta_slotManager_find_object_token() 2N/A * Called from meta_Initialize. Searches for the "object token," which is used 2N/A * for storing token objects and logging into. 2N/A * We do the search using the following algorithm. 2N/A * If either ${METASLOT_OBJECTSTORE_SLOT} or ${METASLOT_OBJECTSTORE_TOKEN} 2N/A * environment variable is defined, the value of the defined variable(s) 2N/A * will be used for the match. All token and slot values defined system-wide 2N/A * If neither variables above are defined, the system-wide values defined 2N/A * If neither environment variables or system-wide values are defined, 2N/A * values, the first slot after metaslot will be used as the default. 2N/A * The PKCS#11 strings are not null-terminated, so, 2N/A * we just compare SLOT_DESCRIPTION_SIZE bytes 2N/A * The PKCS#11 strings are not null-terminated. 2N/A * So, just compare TOKEN_LABEL_SIZE bytes 2N/A /* match is found */ 2N/A * Currently this is the only time that 2N/A * the write_protected state is set, and 2N/A * it is never cleared. The token could 2N/A * clear (or set!) this flag later on. 2N/A * We might want to adjust the state 2N/A * of metaslot, but there's know way to know 2N/A * when a token changes this flag. 2N/A * if slot and/or token is not defined for the keystore, 2N/A * just use the first available slot as keystore 2N/A * This is only used internally, and so the slotnum should always 2N/A * Find a session in the given list that matches the specified flags. 2N/A * If such a session is found, it will be removed from the list, and 2N/A * returned to the caller. If such a session is not found, will 2N/A /* Remove from list */ 2N/A * meta_get_slot_session 2N/A * NOTE - We assume the slot allows an unlimited number of sessions. We 2N/A * could look at what's reported in the token info, but that information is 2N/A * not always set. It's also unclear when we should (A) wait for one to become 2N/A * available, (B) skip the slot for now or (C) return a fatal error. The 2N/A * extra complexity is not worth it. 2N/A * Try to reuse an existing session. 2N/A /* Add to active list */ 2N/A /* Add to active list */ 2N/A /* initialize slotsession */ 2N/A /* Retry with a RO session. */ 2N/A /* Insert session into active list */ 2N/A * meta_release_slot_session 2N/A * Call to release a session obtained via meta_get_slot_session() 2N/A /* Note that the active_list must have >= 1 entry (this session) */ 2N/A * If the session has session objects, we need to retain it. Also 2N/A * retain it if it's the only session holding login state (or handles 2N/A * to public token objects) 2N/A /* remove from active list */ 2N/A /* insert into persist list */ 2N/A /* insert into idle list */ 2N/A * Returns whether metaslot has directly logged in 2N/A * Set or clear the logged-in flag