2009-09-14 Dave Brolley <brolley@redhat.com>

        * modsign.cxx (init_cert_db_path): Use 'system' call.
        (sign_module): Renamed to 'main'. This is now an independant program.
        Check for arguments. Return 1 on error.
        * buildrun.cxx (modsign.h): Don't #include it.
        (compile_pass): Don't sign the module.
        * main.cxx (main): Don't copy the module signature.
        * cache.cxx (add_to_cache): Don't cache the module signature.
        * Makefile.am (bin_PROGRAMS): Add stap-sign-module.
        (stap_SOURCES): Remove modsign.cxx and nsscommon.c.
        (stap_sign_module_SOURCES): New variable.
        (stap_sign_module_CPPFLAGS): New variable.
        (stap_sign_module_LDFLAGS): New variable.
        (stap_sign_module_LDADD): New variable.
        * stap-server (initialization): Initialize unprivileged.
        (parse_options): Handle --unprivileged.
        (create_response): Call stap-sign-module if --unprivileged was
        specified.
        * systemtap.spec: Add stap-sign-module to stap-server.
        * Makefile.in: Regenerated.
        * doc/Makefile.in: Regenerated.
        * doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated.
        * grapher/Makefile.in: Regenerated.
        * testsuite/Makefile.in: Regenerated.
        * aclocal.m4: Likewise.
        * testsuite/aclocal.m4: Likewise.
        * configure: Likewise.
        * testsuite/configure: Likewise.

1 files changed, 0 insertions, 49 deletions

diff --git a/cache.cxx b/cache.cxx
index b1c7908f..73dd59ce 100644
--- a/cache.cxx
+++ b/cache.cxx
@@ -75,33 +75,6 @@ add_to_cache(systemtap_session& s)
       return;
     }
 
-#if HAVE_NSS
-  // This is the name of the cached module signature.
-  string module_signature_dest_path = s.hash_path;
-  module_signature_dest_path += ".sgn";
-
-  // Copy the module signature.
-  assert (! s.cert_db_path.empty());
-  string module_signature_src_path = module_src_path;
-  module_signature_src_path += ".sgn";
-
-  if (file_exists (module_signature_src_path))
-    {
-      STAP_PROBE2(stap, cache__add__nss, module_signature_src_path.c_str(), module_signature_dest_path.c_str());
-      if (s.verbose > 1)
-	clog << "Copying " << module_signature_src_path << " to " << module_signature_dest_path << endl;
-      if (copy_file(module_signature_src_path.c_str(), module_signature_dest_path.c_str()) != 0)
-	{
-	  cerr << "Copy failed (\"" << module_signature_src_path << "\" to \""
-	       << module_signature_dest_path << "\"): " << strerror(errno) << endl;
-	  // NB: this is not so severe as to prevent reuse of the .ko
-	  // already copied.
-	  //
-	  // s.use_cache = false;
-	}
-    }
-#endif /* HAVE_NSS */
-
   string c_dest_path = s.hash_path;
   if (c_dest_path.rfind(".ko") == (c_dest_path.size() - 3))
     c_dest_path.resize(c_dest_path.size() - 3);
@@ -131,10 +104,6 @@ get_from_cache(systemtap_session& s)
   string module_dest_path = s.tmpdir + "/" + s.module_name + ".ko";
   string c_src_path = s.hash_path;
   int fd_stapconf, fd_module, fd_c;
-#if HAVE_NSS
-  string hash_signature_path = s.hash_path + ".sgn";
-  int fd_signature;
-#endif
 
   if (c_src_path.rfind(".ko") == (c_src_path.size() - 3))
     c_src_path.resize(c_src_path.size() - 3);
@@ -204,24 +173,6 @@ get_from_cache(systemtap_session& s)
 	  close(fd_c);
 	  return false;
 	}
-#if HAVE_NSS
-      // See if module signature exists. It's not an error if it doesn't. It just
-      // means that the module is unsigned.
-      fd_signature = open(hash_signature_path.c_str(), O_RDONLY);
-      if (fd_signature != -1) {
-	string signature_dest_path = module_dest_path + ".sgn";
-	close(fd_signature);
-	if (copy_file(hash_signature_path.c_str(), signature_dest_path.c_str()) != 0)
-	  {
-	    cerr << "Copy failed (\"" << hash_signature_path << "\" to \""
-		 << signature_dest_path << "\"): " << strerror(errno) << endl;
-	    unlink(c_src_path.c_str());
-	    close(fd_module);
-	    close(fd_c);
-	    return false;
-	  }
-      }
-#endif
     }
 
   // We're done with these file handles.