Mercurial > trustbridge
comparison cinst/mozilla.c @ 263:1fa607af6332
Next baby step: we can import certificates!
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Tue, 01 Apr 2014 17:38:27 +0200 |
| parents | 7707191ddb01 |
| children | a7c6a21aba38 |
comparison
equal
deleted
inserted
replaced
| 261:7707191ddb01 | 263:1fa607af6332 |
|---|---|
| 328 } | 328 } |
| 329 CERT_DestroyCertList(list); | 329 CERT_DestroyCertList(list); |
| 330 NSS_Shutdown(); | 330 NSS_Shutdown(); |
| 331 } | 331 } |
| 332 else | 332 else |
| 333 DEBUGPRINTF("Could not open nss cer store in %s!", confdir); | 333 DEBUGPRINTF("Could not open nss certificate store in %s!\n", confdir); |
| 334 } | 334 } |
| 335 | 335 |
| 336 /** | 336 /** |
| 337 * @brief Create a string with the name for cert in SECItem. | 337 * @brief Create a string with the name for cert in SECItem. |
| 338 * | 338 * |
| 441 { | 441 { |
| 442 char **pdirs; | 442 char **pdirs; |
| 443 seciteml_t *certs_to_remove = NULL; | 443 seciteml_t *certs_to_remove = NULL; |
| 444 seciteml_t *certs_to_add = NULL; | 444 seciteml_t *certs_to_add = NULL; |
| 445 SECItem *secitemp; | 445 SECItem *secitemp; |
| 446 SECStatus rv; | |
| 447 PK11SlotInfo *pk11slot = NULL; | |
| 448 CERTCertificate *cert = NULL; | |
| 446 char *cert_name; | 449 char *cert_name; |
| 447 | 450 |
| 448 pdirs = | 451 pdirs = |
| 449 get_all_profile_dirs(); | 452 get_all_profile_dirs(); |
| 450 | 453 |
| 458 printf("Request to REMOVE cert: %s\n", cert_name); | 461 printf("Request to REMOVE cert: %s\n", cert_name); |
| 459 free(cert_name); | 462 free(cert_name); |
| 460 free(secitemp->data); | 463 free(secitemp->data); |
| 461 free(secitemp); | 464 free(secitemp); |
| 462 } | 465 } |
| 466 | |
| 463 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) | 467 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) |
| 464 { | 468 { |
| 465 cert_name = nss_cert_name(secitemp); | 469 cert_name = nss_cert_name(secitemp); |
| 466 printf("Request to ADD cert: %s\n", cert_name); | 470 for (int i=0; pdirs[i] != NULL; i++) |
| 471 { | |
| 472 puts(pdirs[i]); | |
| 473 nss_list_certs(pdirs[i]); | |
| 474 | |
| 475 printf("Will now ADD cert: '%s' to %s\n", cert_name, pdirs[i]); | |
| 476 if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) | |
| 477 == SECSuccess) | |
| 478 { | |
| 479 pk11slot = PK11_GetInternalKeySlot(); | |
| 480 cert = CERT_DecodeCertFromPackage((char *)secitemp->data, (int)secitemp->len); | |
| 481 rv = PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE, cert_name, PR_FALSE); | |
| 482 if (rv != SECSuccess) { | |
| 483 DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdirs[i]); | |
| 484 DEBUGPRINTF("Error was %d\n", rv); | |
| 485 } | |
| 486 CERT_DestroyCertificate(cert); | |
| 487 cert = NULL; | |
| 488 PK11_FreeSlot(pk11slot); | |
| 489 NSS_Shutdown(); | |
| 490 } | |
| 491 puts("List new:"); | |
| 492 nss_list_certs(pdirs[i]); | |
| 493 } | |
| 467 free(cert_name); | 494 free(cert_name); |
| 468 free(secitemp->data); | 495 free(secitemp->data); |
| 469 free(secitemp); | 496 free(secitemp); |
| 470 } | 497 } |
| 471 | |
| 472 for (int i=0; pdirs[i] != NULL; i++) | |
| 473 { | |
| 474 puts(pdirs[i]); | |
| 475 nss_list_certs(pdirs[i]); | |
| 476 } | |
| 477 strv_free(pdirs); | 498 strv_free(pdirs); |
| 478 } | 499 } |
| 479 exit(return_code); | 500 exit(return_code); |
| 480 } | 501 } |