annotate cinst/windowsstore.c @ 1070:f110a3f6e387

(issue114) Fine tune ACL propagation using mkdir_p the ACL of the parent directories would propagate to all subdirectories and objects in the directory. Now we only use ACL propagation in the last directory to make sure that files we might create in that directory inherit the correct (resitricted) ACL
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 10 Sep 2014 16:41:36 +0200
parents 698b6a9bd75e
children 265583011f24
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 321
diff changeset
7 */
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #ifdef WIN32
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9
161
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
10 #include <stdio.h>
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
11
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 #include "windowsstore.h"
161
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
13 #include "errorcodes.h"
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
14 #include "listutil.h"
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
15 #include "strhelp.h"
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
16 #include "logging.h"
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 262
diff changeset
17 #include "util.h"
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
18
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
19 static PCCERT_CONTEXT
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
20 b64_to_cert_context(char *b64_data, size_t b64_size)
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
21 {
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
22 size_t buf_size = 0;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
23 char *buf = NULL;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
24 PCCERT_CONTEXT pCert = NULL;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
25 int ret = -1;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
26
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
27 ret = str_base64_decode (&buf, &buf_size, b64_data, b64_size);
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
28
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
29 if (ret != 0)
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
30 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
31 ERRORPRINTF ("decoding certificate failed\n");
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
32 return NULL;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
33 }
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
34
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
35 pCert = CertCreateContext (CERT_STORE_CERTIFICATE_CONTEXT,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
36 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
37 (const PBYTE) buf,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
38 (DWORD) buf_size,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
39 0,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
40 NULL);
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
41 free (buf); /* Windows has a copy */
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
42
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
43 if (pCert == NULL)
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
44 {
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
45 char *error = getLastErrorMsg();
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
46 if (error)
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
47 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
48 ERRORPRINTF ("Failed to create cert context: %s \n", error);
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
49 free (error);
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
50 }
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
51 return NULL;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
52 }
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
53 return pCert;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
54 }
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
55
219
57bef180d560 Add debug output and make windowsstore linkable from C++ code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 218
diff changeset
56 void
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
57 do_remove(HCERTSTORE hStore, char **to_remove)
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
58 {
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
59 PCCERT_CONTEXT pCert = NULL;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
60 unsigned int i = 0;
624
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
61 bool elevated = is_elevated();
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
62
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
63 if (!to_remove)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
64 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
65 return;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
66 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
67
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
68 for (i=0; to_remove[i]; i++)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
69 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
70 PCCERT_CONTEXT pc_to_remove = NULL;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
71
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
72 pc_to_remove = b64_to_cert_context(to_remove[i],
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
73 strnlen(to_remove[i], MAX_LINE_LENGTH));
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
74
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
75 if (pc_to_remove == NULL)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
76 {
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
77 char *error = getLastErrorMsg();
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
78 if (error)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
79 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
80 ERRORPRINTF ("Failed to create cert context: %s \n", error);
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
81 free (error);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
82 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
83 continue;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
84 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
85
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
86 pCert = CertFindCertificateInStore (hStore,
218
8fb12af98960 According to MSDN you Must also provide message encoding flag.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 217
diff changeset
87 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
88 0,
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
89 CERT_FIND_EXISTING,
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
90 pc_to_remove,
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
91 NULL);
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
92
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
93 CertFreeCertificateContext (pc_to_remove);
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
94
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
95 if (pCert == NULL)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
96 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
97 ERRORPRINTF ("Did not find certificate\n");
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
98 continue;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
99 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
100
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
101 if (!CertDeleteCertificateFromStore (pCert))
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
102 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
103 /* From MSDN:
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
104 The CertDeleteCertificateFromStore function always frees
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
105 pCertContext by calling the CertFreeCertificateContext
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
106 function, even if an error is encountered. */
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
107 char *error = getLastErrorMsg();
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
108 ERRORPRINTF ("Error deleting certificate. %s", error);
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
109 free (error);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
110 continue;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
111 }
624
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
112 log_certificate (elevated ? "Local Machine" : "Current User",
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
113 to_remove[i], false);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
114 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
115 return;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
116 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
117
219
57bef180d560 Add debug output and make windowsstore linkable from C++ code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 218
diff changeset
118 void
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
119 do_install(HCERTSTORE hStore, char **to_install)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
120 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
121 int i = 0,
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
122 ret = -1;
624
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
123 bool elevated = is_elevated();
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
124
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
125 if (!to_install)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
126 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
127 return;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
128 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
129
217
83a015f2e078 Remove leftover incrementation of i from former loop style. Fixes a crash when adding only one
Andre Heinecke <andre.heinecke@intevation.de>
parents: 215
diff changeset
130 for (i = 0; to_install[i]; i++)
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
131 {
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
132 PCCERT_CONTEXT pc_to_add = NULL;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
133 PCCERT_CONTEXT found_cert = NULL;
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
134
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
135 pc_to_add = b64_to_cert_context(to_install[i],
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
136 strnlen(to_install[i], MAX_LINE_LENGTH));
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
137
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
138 if (pc_to_add == NULL)
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
139 {
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
140 continue;
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
141 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
142
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
143 found_cert = CertFindCertificateInStore (hStore,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 626
diff changeset
144 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 626
diff changeset
145 0,
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 626
diff changeset
146 CERT_FIND_EXISTING,
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 626
diff changeset
147 pc_to_add,
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 626
diff changeset
148 NULL);
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
149 if (found_cert != NULL)
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
150 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
151 DEBUGPRINTF ("Certificate already in store\n");
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
152 CertFreeCertificateContext (found_cert);
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
153 CertFreeCertificateContext (pc_to_add);
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
154 continue;
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
155 }
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
156
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
157 ret = CertAddCertificateContextToStore (hStore,
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
158 pc_to_add,
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
159 CERT_STORE_ADD_ALWAYS,
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
160 NULL);
222
53ea9b975d1c Cleanup windowsstore.c
Andre Heinecke <aheinecke@intevation.de>
parents: 219
diff changeset
161 CertFreeCertificateContext (pc_to_add);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
162 if (!ret)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
163 {
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
164 char *error = getLastErrorMsg();
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
165 if (error)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
166 {
626
f595fcbe3e76 Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents: 624
diff changeset
167 ERRORPRINTF ("Failed to add certificate: %s \n", error);
253
3595ea4fd3fb Use getLastErrorMsg from logging
Andre Heinecke <aheinecke@intevation.de>
parents: 247
diff changeset
168 free (error);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
169 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
170 }
624
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
171 log_certificate (elevated ? "Local Machine" : "Current User",
736e95c63b86 Log access to windows stores
Andre Heinecke <andre.heinecke@intevation.de>
parents: 504
diff changeset
172 to_install[i], true);
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
173 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
174 return;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
175 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
176
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
177 int
247
4de97f74d038 Check for process elevation and write into system store accordingly
Andre Heinecke <aheinecke@intevation.de>
parents: 222
diff changeset
178 write_stores_win (char **to_install, char **to_remove)
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
179 {
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
180 HCERTSTORE hStore = NULL;
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
181
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
182 if (!to_install && !to_remove)
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
183 {
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
184 /* Nothing to do */
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
185 return 0;
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
186 }
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
187
247
4de97f74d038 Check for process elevation and write into system store accordingly
Andre Heinecke <aheinecke@intevation.de>
parents: 222
diff changeset
188 if (!is_elevated())
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
189 {
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
190 hStore = CertOpenStore (CERT_STORE_PROV_SYSTEM, 0,
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
191 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
192 }
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
193 else
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
194 {
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
195 hStore = CertOpenStore (CERT_STORE_PROV_SYSTEM, 0,
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
196 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root");
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
197 }
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
198
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
199 if (!hStore)
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
200 {
504
3cf72c5282e8 Redirect errorprintf to output debug string on windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
201 ERRORPRINTF ("Failed to access store.\n");
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
202 return ERR_STORE_ACCESS_DENIED;
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
203 }
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
204
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
205 /* Do the actual work */
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
206 do_install (hStore, to_install);
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
207
215
292e2cb60ef0 Add removal of certificates
Andre Heinecke <andre.heinecke@intevation.de>
parents: 185
diff changeset
208 do_remove (hStore, to_remove);
161
a4b1c77f3e6a Change install_certificates_win to generic write_stores_win
Andre Heinecke <aheinecke@intevation.de>
parents: 149
diff changeset
209
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
210 if (hStore)
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
211 {
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
212 CertCloseStore (hStore, 0);
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
213 }
163
8cfcd38a9bb3 Change coding style for cinst main / windowsstore to GNU
Andre Heinecke <aheinecke@intevation.de>
parents: 161
diff changeset
214 return 0;
137
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
215 }
4904fe01055d Factor out windows specific parts
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
216 #endif // WIN32

http://wald.intevation.org/projects/trustbridge/