Mercurial > trustbridge
annotate cinst/main.c @ 100:8fa273791242
Add test for cinstprocess
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Fri, 21 Mar 2014 12:15:29 +0000 |
parents | 80ab2168760f |
children | c602d8cfa619 |
rev | line source |
---|---|
25
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 /** @brief Main entry point for the cinst process. |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
2 * |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
3 * The cinst process may or may not be run with elevated |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 * privileges. When run with elevated privileges this |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 * process will modify system wide certificate stores. |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
6 * Otherwise only the users certificate stores are modified. |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
7 * |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
8 * It expects a certificatelist on stdin enclosed in a |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
9 * -----BEGIN CERTIFICATE LIST----- |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
10 * ... |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
11 * -----END CERTIFICATE LIST----- |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
12 * |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
13 * Followed by additional instruction lines of: |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
14 * I:<certificate> |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
15 * R:<certificate> |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
16 * |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
17 * It will only execute the instructions if the |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
18 * I and R instructions are also part of the signed |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
19 * certificate list. The signature is validated with the |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
20 * built in key. |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
21 * |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
22 * The special instruction "UNINSTALL" will cause the installer |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
23 * to remove all certificates (Even those marked with I) that |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
24 * are part of the list to be removed. |
25
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
25 * |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
26 **/ |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
27 #include <stdio.h> |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
28 #include <stdlib.h> |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
29 #include <string.h> |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
30 #include <assert.h> |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
31 |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
32 #include <polarssl/base64.h> |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
33 |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
34 #include "strhelp.h" |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
35 #include "listutil.h" |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
36 #include "errorcodes.h" |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
37 |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
38 #ifdef WIN32 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
39 #include <windows.h> |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
40 #include <wincrypt.h> |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
41 #endif |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
42 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
43 /* The certificate list + instructions may only be so long as |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
44 * twice the accepted certificatelist size */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
45 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
46 |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
47 /* @brief Read stdin into data structures. |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
48 * |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
49 * Reads from stdin and sorts the input into the respective |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
50 * variables. The pointers returned need to be freed by the caller. |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
51 * Terminates in OOM conditions. |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
52 * |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
53 * The caller needs to free the memory allocated by this function |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
54 * even when an error is returned. |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
55 * |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
56 * @returns: 0 on success. An error code otherwise. |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
57 */ |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
58 int readInput(char **certificate_list, char ***to_install, |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
59 char ***to_remove) |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
60 { |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
61 int lines_read = 0; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
62 int readingList = 0; |
91
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
63 size_t list_size = 0; |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
64 char buf[MAX_LINE_LENGTH + 1]; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
65 |
90
899fcddb92d0
Check parameters in readInput
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
66 if (*certificate_list || *to_install || *to_remove) { |
899fcddb92d0
Check parameters in readInput
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
67 printf("Error invalid parameters\n"); |
899fcddb92d0
Check parameters in readInput
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
68 return -1; |
899fcddb92d0
Check parameters in readInput
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
69 } |
899fcddb92d0
Check parameters in readInput
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
70 |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
71 while (fgets(buf, MAX_LINE_LENGTH + 1, stdin)) { |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
72 size_t len = strlen(buf); /* fgets ensures buf is terminated */ |
91
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
73 if (len < 2) { |
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
74 printf("Line to short.\n"); |
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
75 return ERR_INVALID_INPUT; |
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
76 } |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
77 if (lines_read ++ > MAX_LINES) { |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
78 printf("Too many lines\n"); |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
79 return ERR_TOO_MUCH_INPUT; |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
80 } |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
81 if (strcmp("-----BEGIN CERTIFICATE LIST-----\r\n", buf) == 0){ |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
82 readingList = 1; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
83 continue; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
84 } |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
85 if (strcmp("-----END CERTIFICATE LIST-----\r\n", buf) == 0){ |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
86 readingList = 0; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
87 continue; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
88 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
89 if (readingList) { |
91
80ab2168760f
Also add output size handling to str_append_str
Andre Heinecke <aheinecke@intevation.de>
parents:
90
diff
changeset
|
90 str_append_str(certificate_list, &list_size, buf, len); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
91 continue; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
92 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
93 if (*buf == 'I') { |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
94 /* Remove leading I: and trailing \r\n */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
95 array_append_str(to_install, buf+2, len - 4); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
96 continue; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
97 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
98 if (*buf == 'R') { |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
99 /* Remove leading R: and trailing \r\n */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
100 array_append_str(to_remove, buf+2, len - 4); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
101 continue; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
102 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
103 if (strcmp("UNINSTALL", buf) == 0) { |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
104 /* Remove trailing \r\n */ |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
105 array_append_str(to_remove, buf, len - 2); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
106 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
107 } |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
108 |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
109 return 0; |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
110 } |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
111 /* |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
112 int validate_instructions(const char *certificate_list, |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
113 const size_t list_len, |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
114 const char **to_install, |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
115 const char **to_remove) |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
116 { |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
117 TODO |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
118 (void *) certificate_list; |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
119 (void **) to_install; |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
120 (void **) to_remove; |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
121 (void) list_len; |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
122 |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
123 return 0; |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
124 } |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
125 */ |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
126 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
127 #ifdef WIN32 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
128 /** @brief Install certificates into Windows store |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
129 * |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
130 * @param [in] to_install NULL terminated array of base64 encoded certificates. |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
131 * @param [in] user_store set to True if the certificates shoudl be installed |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
132 * only for the current user. O for system wide installation. |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
133 * @returns 0 on success an errorcode otherwise. |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
134 */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
135 int install_certificates_win(const char **to_install, int user_store) |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
136 { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
137 int i = 0; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
138 HCERTSTORE hStore = NULL; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
139 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
140 if (!user_store) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
141 // Access user store |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
142 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
143 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
144 } else { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
145 // Access machine store |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
146 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
147 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root"); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
148 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
149 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
150 if (!hStore) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
151 return ERR_STORE_ACCESS_DENIED; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
152 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
153 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
154 while (to_install[i]) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
155 size_t needed_len = 0; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
156 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
157 int ret = -1; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
158 unsigned char *buf; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
159 /* Check the needed size for the buffer */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
160 ret = base64_decode(NULL, &needed_len, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
161 (unsigned char *)to_install[i], cert_len); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
162 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
163 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
164 return ERR_INVALID_INSTRUCTIONS; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
165 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
166 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
167 buf = xmalloc(needed_len); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
168 memset (buf, 0, needed_len); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
169 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
170 ret = base64_decode(buf, &needed_len, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
171 (unsigned char *)to_install[i], cert_len); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
172 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
173 if (ret != 0) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
174 return ERR_INVALID_INSTRUCTIONS; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
175 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
176 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
177 ret = CertAddEncodedCTLToStore (hStore, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
178 X509_ASN_ENCODING, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
179 (PBYTE)buf, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
180 needed_len, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
181 CERT_STORE_ADD_ALWAYS, |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
182 NULL); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
183 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
184 if (ret != 0) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
185 printf("Failed to add certificate\n"); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
186 free(buf); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
187 return ret; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
188 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
189 free(buf); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
190 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
191 if(hStore) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
192 CertCloseStore(hStore, 0); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
193 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
194 return 0; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
195 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
196 #endif |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
197 |
26
cbd57d767dfa
Move layout around. Restructure CMakeLists
Andre Heinecke <andre.heinecke@intevation.de>
parents:
25
diff
changeset
|
198 int main() { |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
199 char **to_install = NULL; |
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
200 char **to_remove = NULL; |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
201 char *certificate_list = NULL; |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
202 size_t list_len = 0; |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
203 int ret = -1; |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
204 /* |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
205 i = 0 , |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
206 uninstall = 0; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
207 */ |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
208 ret = readInput(&certificate_list, &to_install, &to_remove); |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
209 |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
210 if (ret != 0) { |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
211 return ret; |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
212 } |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
213 |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
214 if (!certificate_list) { |
60
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
215 return ERR_INVALID_INPUT_NO_LIST; |
6acb1dae6185
Use strn functions and improve error handling.
Andre Heinecke <aheinecke@intevation.de>
parents:
59
diff
changeset
|
216 } |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
217 |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
218 list_len = strnlen(certificate_list, MAX_INPUT_SIZE); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
219 |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
220 ret = verify_list(certificate_list, list_len); |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
221 |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
222 if (ret != 0) { |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
223 return ERR_INVALID_SIGNATURE; |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
224 } |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
225 |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
226 if (!strv_length(to_install) && !strv_length(to_remove)) { |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
227 return ERR_NO_INSTRUCTIONS; |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
228 } |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
229 |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
230 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
231 /* Check that the instructions are ok to execute |
65
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
232 ret = validate_instructions(certificate_list, list_len, to_install, |
e4088afd5281
Comment out validate instructions for now to avoid unused warnings
Andre Heinecke <aheinecke@intevation.de>
parents:
64
diff
changeset
|
233 to_remove); |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
234 if (ret != 0) { |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
235 return ERR_INVALID_INSTRUCTIONS; |
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
236 } |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
237 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
238 if (to_remove) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
239 for (i=0; to_remove[i]; i++) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
240 if (strncmp("UNINSTALL", to_remove[i], MAX_LINE_LENGTH)) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
241 uninstall = 1; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
242 break; |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
243 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
244 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
245 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
246 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
247 if (uninstall) { |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
248 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
249 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
250 */ |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
251 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
252 #ifdef WIN32 |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
253 install_certificates_win((const char**) to_install, 1); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
254 //remove_certificates_win((const char**) to_remove, 1); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
255 #endif |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
256 |
64
fb9f78f7ab2f
Improve error handling free memory before exiting. Include line endings in Marker lines
Andre Heinecke <aheinecke@intevation.de>
parents:
60
diff
changeset
|
257 /* Make valgrind happy */ |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
258 strfreev(to_install); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
259 strfreev(to_remove); |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
65
diff
changeset
|
260 free(certificate_list); |
59
3f6378647371
Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents:
26
diff
changeset
|
261 |
25
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
262 return 0; |
92108a2120f1
Move certificatelist to common. Add cinst directory
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
263 } |