Mercurial > trustbridge

comparison cinst/mozilla.c @ 244:0145d2401f46

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Input parser works. Added debug output for collected cert data.
author Sascha Wilde <wilde@intevation.de>
date Fri, 28 Mar 2014 19:28:01 +0100
parents 4b67cc2d4dad
children fbd74e2370de
comparison
equal deleted inserted replaced
243:4b67cc2d4dad 244:0145d2401f46
58 #include "debug.h" 58 #include "debug.h"
59 59
60 #include "errorcodes.h" 60 #include "errorcodes.h"
61 #include "portpath.h" 61 #include "portpath.h"
62 #include "strhelp.h" 62 #include "strhelp.h"
63 63 #include "nss-secitemlist.h"
64 64
65 #ifndef _WIN32 65 #ifndef _WIN32
66 #define CONFDIRS ".mozilla", ".thunderbird" 66 #define CONFDIRS ".mozilla", ".thunderbird"
67 #define TARGET_LINUX 1 67 #define TARGET_LINUX 1
68 #else 68 #else
330 } 330 }
331 else 331 else
332 DEBUGPRINTF("Could not open nss cer store in %s!", confdir); 332 DEBUGPRINTF("Could not open nss cer store in %s!", confdir);
333 } 333 }
334 334
335 static bool
336 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem)
337 {
338 unsigned char *dercert = NULL;
339 size_t dercertlen;
340
341 if ( str_base64_decode((char **)(&dercert), &dercertlen,
342 b64, b64len) == 0 )
343 {
344 secitem->data = dercert;
345 secitem->len = dercertlen;
346 return true;
347 }
348 else
349 DEBUGPRINTF("Base64 decode failed for: %s\n", b64);
350 return false;
351 }
352
353 /**
354 * @brief Parse IPC commands from standard input.
355 *
356 * Reads command lines (R: and I:) from standard input and puts the
357 * certificates to process in two SECItem lists holding the
358 * certificates in DER format.
359 * @param[inout] install_list list of SECItems with certifiactes to install
360 * @param[inout] remove_list list of SECItems with certifiactes to remove
361 */
362 static void
363 parse_commands (seciteml_t **install_list, seciteml_t **remove_list)
364 {
365 char inpl[LINEBUFLEN];
366 size_t inpllen;
367 bool parserr = true;
368 SECItem secitem;
369
370 while ( fgets(inpl, LINEBUFLEN, stdin) != NULL )
371 {
372 inpllen = strnlen(inpl, LINEBUFLEN);
373 /* Validate input line:
374 * - must be (much) longer than 3 characters
375 * - must start with "*:"
376 */
377 if ((inpllen > 3) && (inpl[1] == ':'))
378 /* Now parse Input */
379 switch(inpl[0])
380 {
381 case 'R':
382 parserr = true;
383 DEBUGPRINTF("Request to remove certificate: %s\n", &inpl[2]);
384 if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem))
385 {
386 seciteml_push(remove_list, &secitem);
387 parserr = false;
388 }
389 break;
390 case 'I':
391 parserr = true;
392 DEBUGPRINTF("Request to install certificate: %s\n", &inpl[2]);
393 if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem))
394 {
395 seciteml_push(install_list, &secitem);
396 parserr = false;
397 }
398 break;
399 default:
400 parserr = true;
401 }
402 else
403 {
404 parserr = true;
405 }
406
407 if (parserr)
408 {
409 DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl);
410 exit(ERR_MOZ_INVALID_INPUT);
411 }
412 }
413 }
414
335 415
336 int 416 int
337 main () 417 main ()
338 { 418 {
339 char inpl[LINEBUFLEN];
340 size_t inpllen;
341 char *dercert;
342 size_t dercertlen;
343 char **pdirs; 419 char **pdirs;
344 bool parserr = true; 420 seciteml_t *certs_to_remove = NULL;
421 seciteml_t *certs_to_add = NULL;
422 SECItem *secitemp;
423
345 pdirs = 424 pdirs =
346 get_all_profile_dirs(); 425 get_all_profile_dirs();
347 426
348 if (pdirs != NULL) 427 if (pdirs != NULL)
349 { 428 {
350 while ( fgets(inpl, LINEBUFLEN, stdin) != NULL ) 429 parse_commands(&certs_to_add, &certs_to_remove);
351 { 430
352 inpllen = strnlen(inpl, LINEBUFLEN); 431 while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL)
353 /* Validate input line: 432 {
354 * - must be (much) longer than 3 characters 433 fprintf(stderr,"CERT TO REMOVE :'");
355 * - must start with "*:" 434 write(2, secitemp->data, secitemp->len);
356 */ 435 fprintf(stderr,"'\n");
357 if ((inpllen > 3) && (inpl[1] == ':')) 436 free(secitemp->data);
358 /* Now parse Input */ 437 free(secitemp);
359 switch(inpl[0]) 438 }
360 { 439 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL)
361 case 'R': 440 {
362 parserr = true; 441 fprintf(stderr,"CERT TO ADD :'");
363 DEBUGPRINTF("Removing Certificate: %s", &inpl[2]); 442 write(2, secitemp->data, secitemp->len);
364 if ( str_base64_decode(&dercert, &dercertlen, 443 fprintf(stderr,"'\n");
365 &inpl[2], inpllen-2) == 0 ) 444 free(secitemp->data);
366 { 445 free(secitemp);
367 DEBUGPRINTF("Successfully b64 decoded cert: '");
368 write(2, dercert, dercertlen);
369 fprintf(stderr,"'\n");
370 free(dercert);
371 parserr = false;
372 }
373 else
374 DEBUGPRINTF("Base64 decoded failed!\n'");
375 break;
376 case 'I':
377 DEBUGPRINTF("Installing Certificate: %s", &inpl[2]);
378 parserr = false;
379 break;
380 default:
381 parserr = true;
382 }
383 else
384 {
385 parserr = true;
386 }
387
388 if (parserr)
389 {
390 DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl);
391 exit(ERR_MOZ_INVALID_INPUT);
392 }
393 } 446 }
394 447
395 for (int i=0; pdirs[i] != NULL; i++) 448 for (int i=0; pdirs[i] != NULL; i++)
396 { 449 {
397 puts(pdirs[i]); 450 puts(pdirs[i]);
http://wald.intevation.org/projects/trustbridge/