comparison cinst/main.c @ 125:24fb90ef8f6a

Fix install_certificates_win. Access the correct store / check errors and return them accordingly
author Andre Heinecke <aheinecke@intevation.de>
date Mon, 24 Mar 2014 10:13:13 +0000
parents c602d8cfa619
children 898446d9d23e
comparison
equal deleted inserted replaced
124:2d50ff378367 125:24fb90ef8f6a
36 #include "errorcodes.h" 36 #include "errorcodes.h"
37 37
38 #ifdef WIN32 38 #ifdef WIN32
39 #include <windows.h> 39 #include <windows.h>
40 #include <wincrypt.h> 40 #include <wincrypt.h>
41 #endif
42
43 #ifdef WIN32
44 LPWSTR getLastErrorMsg() {
45 LPWSTR bufPtr = NULL;
46 DWORD err = GetLastError();
47 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
48 FORMAT_MESSAGE_FROM_SYSTEM |
49 FORMAT_MESSAGE_IGNORE_INSERTS,
50 NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL);
51 if (!bufPtr) {
52 HMODULE hWinhttp = GetModuleHandleW(L"winhttp");
53 if (hWinhttp) {
54 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
55 FORMAT_MESSAGE_FROM_HMODULE |
56 FORMAT_MESSAGE_IGNORE_INSERTS,
57 hWinhttp, HRESULT_CODE(err), 0,
58 (LPWSTR)&bufPtr, 0, NULL);
59 }
60 }
61 if (!bufPtr)
62 printf("Error getting last error\n");
63 return bufPtr;
64 }
41 #endif 65 #endif
42 66
43 /* The certificate list + instructions may only be so long as 67 /* The certificate list + instructions may only be so long as
44 * twice the accepted certificatelist size */ 68 * twice the accepted certificatelist size */
45 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 69 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2
126 150
127 #ifdef WIN32 151 #ifdef WIN32
128 /** @brief Install certificates into Windows store 152 /** @brief Install certificates into Windows store
129 * 153 *
130 * @param [in] to_install NULL terminated array of base64 encoded certificates. 154 * @param [in] to_install NULL terminated array of base64 encoded certificates.
131 * @param [in] user_store set to True if the certificates shoudl be installed 155 * @param [in] user_store set to True if the certificates should be installed
132 * only for the current user. O for system wide installation. 156 * only for the current user. O for system wide installation.
133 * @returns 0 on success an errorcode otherwise. 157 * @returns 0 on success an errorcode otherwise.
134 */ 158 */
135 int install_certificates_win(const char **to_install, int user_store) 159 int install_certificates_win(const char **to_install, int user_store)
136 { 160 {
137 int i = 0; 161 int i = 0;
138 HCERTSTORE hStore = NULL; 162 HCERTSTORE hStore = NULL;
139 163
140 if (!user_store) { 164 if (user_store) {
141 // Access user store 165 // Access user store
142 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 166 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0,
143 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); 167 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
144 } else { 168 } else {
145 // Access machine store 169 // Access machine store
154 while (to_install[i]) { 178 while (to_install[i]) {
155 size_t needed_len = 0; 179 size_t needed_len = 0;
156 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); 180 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH);
157 int ret = -1; 181 int ret = -1;
158 unsigned char *buf; 182 unsigned char *buf;
183
159 /* Check the needed size for the buffer */ 184 /* Check the needed size for the buffer */
160 ret = base64_decode(NULL, &needed_len, 185 ret = base64_decode(NULL, &needed_len,
161 (unsigned char *)to_install[i], cert_len); 186 (unsigned char *)to_install[i], cert_len);
162 187
163 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { 188 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) {
172 197
173 if (ret != 0) { 198 if (ret != 0) {
174 return ERR_INVALID_INSTRUCTIONS; 199 return ERR_INVALID_INSTRUCTIONS;
175 } 200 }
176 201
177 ret = CertAddEncodedCTLToStore (hStore, 202 ret = CertAddEncodedCertificateToStore (hStore,
178 X509_ASN_ENCODING, 203 X509_ASN_ENCODING,
179 (PBYTE)buf, 204 (PBYTE)buf,
180 needed_len, 205 needed_len,
181 CERT_STORE_ADD_ALWAYS, 206 CERT_STORE_ADD_ALWAYS,
182 NULL); 207 NULL);
183 208
184 if (ret != 0) { 209 if (ret == 0) {
185 printf("Failed to add certificate\n"); 210 LPWSTR error = getLastErrorMsg();
186 free(buf); 211 if (error) {
187 return ret; 212 printf("Failed to add certificate: %S \n", error);
188 } 213 LocalFree(error);
214 }
215 }
216 i++;
189 free(buf); 217 free(buf);
190 } 218 }
191 if(hStore) { 219 if(hStore) {
192 CertCloseStore(hStore, 0); 220 CertCloseStore(hStore, 0);
193 } 221 }
248 276
249 } 277 }
250 */ 278 */
251 279
252 #ifdef WIN32 280 #ifdef WIN32
253 install_certificates_win((const char**) to_install, 1); 281 return install_certificates_win((const char**) to_install, 1);
254 //remove_certificates_win((const char**) to_remove, 1); 282 //remove_certificates_win((const char**) to_remove, 1);
255 #endif 283 #endif
256 284
257 /* Make valgrind happy */ 285 /* Make valgrind happy */
258 strv_free(to_install); 286 strv_free(to_install);

http://wald.intevation.org/projects/trustbridge/