Mercurial > trustbridge
comparison cinst/main.c @ 125:24fb90ef8f6a
Fix install_certificates_win.
Access the correct store / check errors and return them
accordingly
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Mon, 24 Mar 2014 10:13:13 +0000 |
| parents | c602d8cfa619 |
| children | 898446d9d23e |
comparison
equal
deleted
inserted
replaced
| 124:2d50ff378367 | 125:24fb90ef8f6a |
|---|---|
| 36 #include "errorcodes.h" | 36 #include "errorcodes.h" |
| 37 | 37 |
| 38 #ifdef WIN32 | 38 #ifdef WIN32 |
| 39 #include <windows.h> | 39 #include <windows.h> |
| 40 #include <wincrypt.h> | 40 #include <wincrypt.h> |
| 41 #endif | |
| 42 | |
| 43 #ifdef WIN32 | |
| 44 LPWSTR getLastErrorMsg() { | |
| 45 LPWSTR bufPtr = NULL; | |
| 46 DWORD err = GetLastError(); | |
| 47 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | | |
| 48 FORMAT_MESSAGE_FROM_SYSTEM | | |
| 49 FORMAT_MESSAGE_IGNORE_INSERTS, | |
| 50 NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL); | |
| 51 if (!bufPtr) { | |
| 52 HMODULE hWinhttp = GetModuleHandleW(L"winhttp"); | |
| 53 if (hWinhttp) { | |
| 54 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | | |
| 55 FORMAT_MESSAGE_FROM_HMODULE | | |
| 56 FORMAT_MESSAGE_IGNORE_INSERTS, | |
| 57 hWinhttp, HRESULT_CODE(err), 0, | |
| 58 (LPWSTR)&bufPtr, 0, NULL); | |
| 59 } | |
| 60 } | |
| 61 if (!bufPtr) | |
| 62 printf("Error getting last error\n"); | |
| 63 return bufPtr; | |
| 64 } | |
| 41 #endif | 65 #endif |
| 42 | 66 |
| 43 /* The certificate list + instructions may only be so long as | 67 /* The certificate list + instructions may only be so long as |
| 44 * twice the accepted certificatelist size */ | 68 * twice the accepted certificatelist size */ |
| 45 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 | 69 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 |
| 126 | 150 |
| 127 #ifdef WIN32 | 151 #ifdef WIN32 |
| 128 /** @brief Install certificates into Windows store | 152 /** @brief Install certificates into Windows store |
| 129 * | 153 * |
| 130 * @param [in] to_install NULL terminated array of base64 encoded certificates. | 154 * @param [in] to_install NULL terminated array of base64 encoded certificates. |
| 131 * @param [in] user_store set to True if the certificates shoudl be installed | 155 * @param [in] user_store set to True if the certificates should be installed |
| 132 * only for the current user. O for system wide installation. | 156 * only for the current user. O for system wide installation. |
| 133 * @returns 0 on success an errorcode otherwise. | 157 * @returns 0 on success an errorcode otherwise. |
| 134 */ | 158 */ |
| 135 int install_certificates_win(const char **to_install, int user_store) | 159 int install_certificates_win(const char **to_install, int user_store) |
| 136 { | 160 { |
| 137 int i = 0; | 161 int i = 0; |
| 138 HCERTSTORE hStore = NULL; | 162 HCERTSTORE hStore = NULL; |
| 139 | 163 |
| 140 if (!user_store) { | 164 if (user_store) { |
| 141 // Access user store | 165 // Access user store |
| 142 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, | 166 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, |
| 143 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); | 167 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); |
| 144 } else { | 168 } else { |
| 145 // Access machine store | 169 // Access machine store |
| 154 while (to_install[i]) { | 178 while (to_install[i]) { |
| 155 size_t needed_len = 0; | 179 size_t needed_len = 0; |
| 156 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); | 180 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); |
| 157 int ret = -1; | 181 int ret = -1; |
| 158 unsigned char *buf; | 182 unsigned char *buf; |
| 183 | |
| 159 /* Check the needed size for the buffer */ | 184 /* Check the needed size for the buffer */ |
| 160 ret = base64_decode(NULL, &needed_len, | 185 ret = base64_decode(NULL, &needed_len, |
| 161 (unsigned char *)to_install[i], cert_len); | 186 (unsigned char *)to_install[i], cert_len); |
| 162 | 187 |
| 163 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { | 188 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { |
| 172 | 197 |
| 173 if (ret != 0) { | 198 if (ret != 0) { |
| 174 return ERR_INVALID_INSTRUCTIONS; | 199 return ERR_INVALID_INSTRUCTIONS; |
| 175 } | 200 } |
| 176 | 201 |
| 177 ret = CertAddEncodedCTLToStore (hStore, | 202 ret = CertAddEncodedCertificateToStore (hStore, |
| 178 X509_ASN_ENCODING, | 203 X509_ASN_ENCODING, |
| 179 (PBYTE)buf, | 204 (PBYTE)buf, |
| 180 needed_len, | 205 needed_len, |
| 181 CERT_STORE_ADD_ALWAYS, | 206 CERT_STORE_ADD_ALWAYS, |
| 182 NULL); | 207 NULL); |
| 183 | 208 |
| 184 if (ret != 0) { | 209 if (ret == 0) { |
| 185 printf("Failed to add certificate\n"); | 210 LPWSTR error = getLastErrorMsg(); |
| 186 free(buf); | 211 if (error) { |
| 187 return ret; | 212 printf("Failed to add certificate: %S \n", error); |
| 188 } | 213 LocalFree(error); |
| 214 } | |
| 215 } | |
| 216 i++; | |
| 189 free(buf); | 217 free(buf); |
| 190 } | 218 } |
| 191 if(hStore) { | 219 if(hStore) { |
| 192 CertCloseStore(hStore, 0); | 220 CertCloseStore(hStore, 0); |
| 193 } | 221 } |
| 248 | 276 |
| 249 } | 277 } |
| 250 */ | 278 */ |
| 251 | 279 |
| 252 #ifdef WIN32 | 280 #ifdef WIN32 |
| 253 install_certificates_win((const char**) to_install, 1); | 281 return install_certificates_win((const char**) to_install, 1); |
| 254 //remove_certificates_win((const char**) to_remove, 1); | 282 //remove_certificates_win((const char**) to_remove, 1); |
| 255 #endif | 283 #endif |
| 256 | 284 |
| 257 /* Make valgrind happy */ | 285 /* Make valgrind happy */ |
| 258 strv_free(to_install); | 286 strv_free(to_install); |