# HG changeset patch

# User mbalao

# Date 1529971845 -28800

#      Tue Jun 26 08:10:45 2018 +0800

# Node ID e9c20b7250cd98d16a67f2a30b34284c2caa01dc

# Parent  9f1aa2e38d90dd60522237d7414af6bdcf03c4ff

8195607, PR3776: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1

Reviewed-by: valeriep, weijun

diff --git openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java

--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java

+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java

@@ -197,7 +197,7 @@

         if (configDir != null) {

             String configDirPath = null;

-            String sqlPrefix = "sql:/";

+            String sqlPrefix = "sql:";

             if (!configDir.startsWith(sqlPrefix)) {

                 configDirPath = configDir;

             } else {

diff --git openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c

--- openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c

+++ openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c

@@ -69,9 +69,14 @@

     int res = 0;

     FPTR_Initialize initialize =

         (FPTR_Initialize)findFunction(env, jHandle, "NSS_Initialize");

+    #ifdef SECMOD_DEBUG

+    FPTR_GetError getError =

+        (FPTR_GetError)findFunction(env, jHandle, "PORT_GetError");

+    #endif // SECMOD_DEBUG

     unsigned int flags = 0x00;

     const char *configDir = NULL;

     const char *functionName = NULL;

+    const char *configFile = NULL;

     /* If we cannot initialize, exit now */

     if (initialize == NULL) {

@@ -97,13 +102,18 @@

         flags = 0x20; // NSS_INIT_OPTIMIZESPACE flag

     }

+    configFile = "secmod.db";

+    if (configDir != NULL && strncmp("sql:", configDir, 4U) == 0) {

+        configFile = "pkcs11.txt";

+    }

+

     /*

      * If the NSS_Init function is requested then call NSS_Initialize to

      * open the Cert, Key and Security Module databases, read only.

      */

     if (strcmp("NSS_Init", functionName) == 0) {

         flags = flags | 0x01; // NSS_INIT_READONLY flag

-        res = initialize(configDir, "", "", "secmod.db", flags);

+        res = initialize(configDir, "", "", configFile, flags);

     /*

      * If the NSS_InitReadWrite function is requested then call

@@ -111,7 +121,7 @@

      * read/write.

      */

     } else if (strcmp("NSS_InitReadWrite", functionName) == 0) {

-        res = initialize(configDir, "", "", "secmod.db", flags);

+        res = initialize(configDir, "", "", configFile, flags);

     /*

      * If the NSS_NoDB_Init function is requested then call

@@ -137,6 +147,13 @@

         (*env)->ReleaseStringUTFChars(env, jConfigDir, configDir);

     }

     dprintf1("-res: %d\n", res);

+    #ifdef SECMOD_DEBUG

+    if (res == -1) {

+        if (getError != NULL) {

+            dprintf1("-NSS error: %d\n", getError());

+        }

+    }

+    #endif // SECMOD_DEBUG

     return (res == 0) ? JNI_TRUE : JNI_FALSE;

 }

diff --git openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h

--- openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h

+++ openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h

@@ -34,6 +34,10 @@

         const char *certPrefix, const char *keyPrefix,

         const char *secmodName, unsigned int flags);

+#ifdef SECMOD_DEBUG

+typedef int (*FPTR_GetError)(void);

+#endif //SECMOD_DEBUG

+

 // in secmod.h

 //extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,

 //                                                      PRBool recurse);

diff --git openjdk.orig/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt

new file mode 100644

--- /dev/null

+++ openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt

@@ -0,0 +1,4 @@

+library=

+name=NSS Internal PKCS #11 Module

+parameters=configdir='sql:./tmpdb' certPrefix='' keyPrefix='' secmod='' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' 

+NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})

diff --git openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java

--- openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java

+++ openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java

@@ -55,7 +55,7 @@

         DBDIR = System.getProperty("test.classes", ".") + SEP + "tmpdb";

         if (useSqlite) {

-            System.setProperty("pkcs11test.nss.db", "sql:/" + DBDIR);

+            System.setProperty("pkcs11test.nss.db", "sql:" + DBDIR);

         } else {

             System.setProperty("pkcs11test.nss.db", DBDIR);

         }

@@ -67,6 +67,7 @@

         if (useSqlite) {

             copyFile("key4.db", BASE, DBDIR);

             copyFile("cert9.db", BASE, DBDIR);

+            copyFile("pkcs11.txt", BASE, DBDIR);

         } else {

             copyFile("secmod.db", BASE, DBDIR);

             copyFile("key3.db", BASE, DBDIR);