The SECMOD_LoadUserModule and SECMOD_UnloadUserModule functions
were added in https://bugzilla.mozilla.org/show_bug.cgi?id=132461, but no
NSS utilities or test programs use these functions, so the only sample code
for these functions that I can find is PSM.
PSM uses these functions as follows:
In nsNSSComponent::InstallLoadableRoots:
812 RootsModule =
813 SECMOD_LoadUserModule(const_cast<char*>(pkcs11moduleSpec.get()),
814 nsnull, // no parent
815 PR_FALSE); // do not recurse
816
817 if (RootsModule) {
818 PRBool found = (RootsModule->loaded);
819
820 SECMOD_DestroyModule(RootsModule);
821 RootsModule = nsnull;
822
823 if (found) {
824 break;
825 }
826 }
In nsNSSComponent::UnloadLoadableRoots:
839 SECMODModule *RootsModule = SECMOD_FindModule(modNameUTF8.get());
840
841 if (RootsModule) {
842 SECMOD_UnloadUserModule(RootsModule);
843 SECMOD_DestroyModule(RootsModule);
844 }
SECMOD_DestroyModule is not documented in
https://developer.mozilla.org/en/NSS_PKCS11_Functions, so it's not clear
what the side effects of SECMOD_DestroyModule are and why PSM calls
SECMOD_DestroyModule after both the SECMOD_LoadUserModule and
SECMOD_UnloadUserModule calls.
Is it true that SECMOD_DestroyModule merely does reference counting,
and won't cause the module to be unloaded?
Does SECMOD_UnloadUserModule not destroy the module structure, contrary
to what this source code comment says?
http://mxr.mozilla.org/mozilla-central/source/security/nss/lib/pk11wrap/pk11pars.c#406
406 /*
407 * remove the PKCS#11 module from the default NSS trust domain, call
408 * C_Finalize, and destroy the module structure
409 */
410 SECStatus SECMOD_UnloadUserModule(SECMODModule *mod)
Thank you!
Wan-Teh
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
