Mercurial > trustbridge
comparison cinst/mozilla.c @ 493:48d7b956bd98
Change loop order of installation to only call NSS_Initialize once per db
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Thu, 24 Apr 2014 17:04:49 +0000 |
| parents | a9da8e4eeff7 |
| children | f115da3645d5 |
comparison
equal
deleted
inserted
replaced
| 492:dcb014e7d32f | 493:48d7b956bd98 |
|---|---|
| 436 CERTCertificate *cert = NULL; | 436 CERTCertificate *cert = NULL; |
| 437 bool success = false; | 437 bool success = false; |
| 438 char *cert_name = nss_cert_name(dercert); | 438 char *cert_name = nss_cert_name(dercert); |
| 439 | 439 |
| 440 DEBUGPRINTF("INSTALLING cert: '%s' to: %s\n", cert_name, pdir); | 440 DEBUGPRINTF("INSTALLING cert: '%s' to: %s\n", cert_name, pdir); |
| 441 if (NSS_Initialize(pdir, "", "", "secmod.db", 0) == SECSuccess) | 441 pk11slot = PK11_GetInternalKeySlot(); |
| 442 { | 442 cert = CERT_DecodeCertFromPackage((char *)dercert->data, |
| 443 pk11slot = PK11_GetInternalKeySlot(); | 443 (int)dercert->len); |
| 444 cert = CERT_DecodeCertFromPackage((char *)dercert->data, | 444 trust = (CERTCertTrust *)xmalloc(sizeof(CERTCertTrust)); |
| 445 (int)dercert->len); | 445 CERT_DecodeTrustString(trust, "C"); |
| 446 trust = (CERTCertTrust *)xmalloc(sizeof(CERTCertTrust)); | 446 if ((PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE, |
| 447 CERT_DecodeTrustString(trust, "C"); | 447 cert_name, PR_FALSE) |
| 448 if ((PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE, | 448 == SECSuccess) && |
| 449 cert_name, PR_FALSE) | 449 (CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), cert, trust) |
| 450 == SECSuccess) && | 450 == SECSuccess)) |
| 451 (CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), cert, trust) | 451 { |
| 452 == SECSuccess)) | 452 success = true; |
| 453 { | |
| 454 success = true; | |
| 455 } | |
| 456 else | |
| 457 { | |
| 458 DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdir); | |
| 459 } | |
| 460 CERT_DestroyCertificate (cert); | |
| 461 free(trust); | |
| 462 PK11_FreeSlot(pk11slot); | |
| 463 NSS_Shutdown(); | |
| 464 } | 453 } |
| 465 else | 454 else |
| 466 { | 455 { |
| 467 DEBUGPRINTF("Could not open nss certificate store in %s!\n", pdir); | 456 DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdir); |
| 468 } | 457 ERRORPRINTF("Error installing certificate err: %i\n", PORT_GetError()); |
| 458 } | |
| 459 CERT_DestroyCertificate (cert); | |
| 460 free(trust); | |
| 461 PK11_FreeSlot(pk11slot); | |
| 469 | 462 |
| 470 free(cert_name); | 463 free(cert_name); |
| 471 return success; | 464 return success; |
| 472 } | 465 } |
| 473 | 466 |
| 542 */ | 535 */ |
| 543 bool | 536 bool |
| 544 apply_to_certs_and_profiles(bool fn(char *, SECItem *), | 537 apply_to_certs_and_profiles(bool fn(char *, SECItem *), |
| 545 seciteml_t **certs, char **pdirs) | 538 seciteml_t **certs, char **pdirs) |
| 546 { | 539 { |
| 547 SECItem *cert; | |
| 548 bool success = true; | 540 bool success = true; |
| 549 | 541 |
| 550 while ((cert = seciteml_pop(certs)) != NULL) | 542 for (int i=0; pdirs[i] != NULL; i++) |
| 551 { | 543 { |
| 552 for (int i=0; pdirs[i] != NULL; i++) | 544 seciteml_t *iter = *certs; |
| 553 { | 545 if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) != SECSuccess) |
| 546 { | |
| 547 DEBUGPRINTF("Could not open nss certificate store in %s!\n", pdirs[i]); | |
| 548 continue; | |
| 549 } | |
| 550 | |
| 551 while (iter != NULL && iter->item != NULL) | |
| 552 { | |
| 553 SECItem *cert = iter->item; | |
| 554 if (! (*fn)(pdirs[i], cert)) | 554 if (! (*fn)(pdirs[i], cert)) |
| 555 success = false; | 555 success = false; |
| 556 } | 556 iter = iter->next; |
| 557 free(cert->data); | 557 } |
| 558 free(cert); | 558 NSS_Shutdown(); |
| 559 } | 559 } |
| 560 | 560 |
| 561 return success; | 561 return success; |
| 562 } | 562 } |
| 563 | 563 |