Mercurial > trustbridge
comparison cinst/main.c @ 399:55cbe0a482ce
merged.
author | Raimund Renkert <rrenkert@intevation.de> |
---|---|
date | Wed, 16 Apr 2014 10:01:02 +0200 |
parents | 124f08a85532 |
children | 17e1c8f37d72 |
comparison
equal
deleted
inserted
replaced
398:9e6a2c2033ed | 399:55cbe0a482ce |
---|---|
7 * process will modify system wide certificate stores. | 7 * process will modify system wide certificate stores. |
8 * Otherwise only the users certificate stores are modified. | 8 * Otherwise only the users certificate stores are modified. |
9 * | 9 * |
10 * The first parameter to this process should be list=<file_name> | 10 * The first parameter to this process should be list=<file_name> |
11 * of the certificate list to work on. The second parameter should | 11 * of the certificate list to work on. The second parameter should |
12 * be instruction=<instruction_file_name>|uninstall | 12 * be choices=<choices_file_name>|uninstall |
13 * | 13 * |
14 * instruction_file_name should be the absolute path to an | 14 * choices_file_name should be the absolute path to an |
15 * instructions file formatted as: | 15 * choices file formatted as: |
16 * | 16 * |
17 * I:<certificate> | 17 * I:<certificate> |
18 * R:<certificate> | 18 * R:<certificate> |
19 * | 19 * |
20 * Line breaks can be system dependent in the Instructions file. | 20 * Line breaks can be system dependent in the Choices file. |
21 * | 21 * |
22 * It will only execute the instructions if the | 22 * It will only execute the choices if the |
23 * I and R instructions are also part of the signed | 23 * I and R choices are also part of the signed |
24 * certificate list. The signature is validated with the | 24 * certificate list. The signature is validated with the |
25 * built in key. | 25 * built in key. |
26 * | 26 * |
27 * The special instruction "uninstall" will cause the installer | 27 * The special instruction "uninstall" will cause the installer |
28 * to remove all certificates (Even those marked with I) that | 28 * to remove all certificates (Even those marked with I) that |
40 #include "logging.h" | 40 #include "logging.h" |
41 #include "errorcodes.h" | 41 #include "errorcodes.h" |
42 #include "windowsstore.h" | 42 #include "windowsstore.h" |
43 #include "nssstore.h" | 43 #include "nssstore.h" |
44 | 44 |
45 /* The certificate list + instructions may only be so long as | 45 /* The certificate list + choices may only be so long as |
46 * twice the accepted certificatelist size */ | 46 * twice the accepted certificatelist size */ |
47 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 | 47 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 |
48 | 48 |
49 /* @brief Read stdin into data structures. | 49 /* @brief Read stdin into data structures. |
50 * | 50 * |
51 * Reads instructions from an input file into the to_install | 51 * Reads choices from an input file into the to_install |
52 * and to_remove buffers. | 52 * and to_remove buffers. |
53 * | 53 * |
54 * Lines starting with I: are treated as install instructions. | 54 * Lines starting with I: are treated as install choices. |
55 * Lines starting with R: are treated as remove instructions. | 55 * Lines starting with R: are treated as remove choices. |
56 * Other lines are ignored. | 56 * Other lines are ignored. |
57 * | 57 * |
58 * Terminates in OOM conditions. | 58 * Terminates in OOM conditions. |
59 * | 59 * |
60 * The caller needs to free the memory allocated by this function | 60 * The caller needs to free the memory allocated by this function |
61 * even when an error is returned. | 61 * even when an error is returned. |
62 * | 62 * |
63 * @param[in] file_name absolute path to the instructions file. | 63 * @param[in] file_name absolute path to the choices file. |
64 * @param[out] to_install strv of installation instructions or NULL | 64 * @param[out] to_install strv of installation choices or NULL |
65 * @param[out] to_remove strv of remove instructions or NULL | 65 * @param[out] to_remove strv of remove choices or NULL |
66 * | 66 * |
67 * @returns: 0 on success. An error code otherwise. | 67 * @returns: 0 on success. An error code otherwise. |
68 */ | 68 */ |
69 static int | 69 static int |
70 read_instructions_file (char *file_name, char ***to_install, | 70 read_choices_file (char *file_name, char ***to_install, |
71 char ***to_remove) | 71 char ***to_remove) |
72 { | 72 { |
73 int lines_read = 0; | 73 int lines_read = 0; |
74 char buf[MAX_LINE_LENGTH + 2]; | 74 char buf[MAX_LINE_LENGTH + 2]; |
75 FILE *f = NULL; | 75 FILE *f = NULL; |
142 * | 142 * |
143 * Only certificates part of the certificate_list are allowed | 143 * Only certificates part of the certificate_list are allowed |
144 * for installation. | 144 * for installation. |
145 * | 145 * |
146 * @param[in] all_certs strv of all valid certificates in a list | 146 * @param[in] all_certs strv of all valid certificates in a list |
147 * @param[in] to_validate strv of instructions | 147 * @param[in] to_validate strv of choices |
148 * | 148 * |
149 * @returns 0 on success, an error otherwise | 149 * @returns 0 on success, an error otherwise |
150 */ | 150 */ |
151 int | 151 int |
152 validate_instructions (char **all_certs, char **to_validate) | 152 validate_choices (char **all_certs, char **to_validate) |
153 { | 153 { |
154 int i = 0, j = 0; | 154 int i = 0, j = 0; |
155 | 155 |
156 if (!all_certs || strv_length (all_certs) < 1) | 156 if (!all_certs || strv_length (all_certs) < 1) |
157 { | 157 { |
197 **all_valid_certs = NULL; | 197 **all_valid_certs = NULL; |
198 int ret = -1; | 198 int ret = -1; |
199 | 199 |
200 char *certificate_list = NULL, | 200 char *certificate_list = NULL, |
201 *certificate_file_name = NULL, | 201 *certificate_file_name = NULL, |
202 *instruction_file_name = NULL; | 202 *choices_file_name = NULL; |
203 size_t list_len = 0; | 203 size_t list_len = 0; |
204 list_status_t list_status; | 204 list_status_t list_status; |
205 bool do_uninstall = false; | 205 bool do_uninstall = false; |
206 | 206 |
207 /* Some very static argument parsing. list= and instructions= is only | 207 /* Some very static argument parsing. list= and choices= is only |
208 added to make it more transparent how this programm is called if | 208 added to make it more transparent how this programm is called if |
209 a user looks at the detailed uac dialog. */ | 209 a user looks at the detailed uac dialog. */ |
210 if (argc != 3 || strncmp(argv[1], "list=", 5) != 0 || | 210 if (argc != 3 || strncmp(argv[1], "list=", 5) != 0 || |
211 strncmp(argv[2], "instructions=", 13) != 0) | 211 strncmp(argv[2], "choices=", 8) != 0) |
212 { | 212 { |
213 ERRORPRINTF ("Invalid arguments.\n" | 213 ERRORPRINTF ("Invalid arguments.\n" |
214 "Expected arguments: list=<certificate_list> \n" | 214 "Expected arguments: list=<certificate_list> \n" |
215 " instructions=<instructions_file>|uninstall\n"); | 215 " choices=<choices_file>|uninstall\n"); |
216 return ERR_INVALID_PARAMS; | 216 return ERR_INVALID_PARAMS; |
217 } | 217 } |
218 | 218 |
219 certificate_file_name = strchr(argv[1], '=') + 1; | 219 certificate_file_name = strchr(argv[1], '=') + 1; |
220 instruction_file_name = strchr(argv[2], '=') + 1; | 220 choices_file_name = strchr(argv[2], '=') + 1; |
221 | 221 |
222 if (!certificate_file_name || !instruction_file_name) | 222 if (!certificate_file_name || !choices_file_name) |
223 { | 223 { |
224 ERRORPRINTF ("Invalid arguments.\n" | 224 ERRORPRINTF ("Invalid arguments.\n" |
225 "Expected arguments: list=<certificate_list> \n" | 225 "Expected arguments: list=<certificate_list> \n" |
226 " instructions=<instructions_file>|uninstall\n"); | 226 " choices=<choices_file>|uninstall\n"); |
227 return ERR_INVALID_PARAMS; | 227 return ERR_INVALID_PARAMS; |
228 } | 228 } |
229 | 229 |
230 if (strncmp(instruction_file_name, "uninstall", 9) == 0) | 230 if (strncmp(choices_file_name, "uninstall", 9) == 0) |
231 { | 231 { |
232 do_uninstall = true; | 232 do_uninstall = true; |
233 instruction_file_name = NULL; | 233 choices_file_name = NULL; |
234 } | 234 } |
235 | 235 |
236 list_status = read_and_verify_list (certificate_file_name, &certificate_list, | 236 list_status = read_and_verify_list (certificate_file_name, &certificate_list, |
237 &list_len); | 237 &list_len); |
238 | 238 |
239 if (list_status != Valid) | 239 if (list_status != Valid) |
240 { | 240 { |
241 if (list_status == InvalidSignature) | 241 if (list_status == InvalidSignature) |
242 { | 242 { |
243 ERRORPRINTF ("Failed to verify signature.\n"); | |
243 return ERR_INVALID_SIGNATURE; | 244 return ERR_INVALID_SIGNATURE; |
244 } | 245 } |
245 | 246 |
247 ERRORPRINTF ("Failed to read certificate list.\n"); | |
246 return ERR_INVALID_INPUT_NO_LIST; | 248 return ERR_INVALID_INPUT_NO_LIST; |
247 } | 249 } |
248 | 250 |
249 all_valid_certs = get_certs_from_list (certificate_list, list_len); | 251 all_valid_certs = get_certs_from_list (certificate_list, list_len); |
250 | 252 |
267 #endif | 269 #endif |
268 ret = write_stores_nss (NULL, all_valid_certs); | 270 ret = write_stores_nss (NULL, all_valid_certs); |
269 return ret; | 271 return ret; |
270 } | 272 } |
271 | 273 |
272 ret = read_instructions_file (instruction_file_name, &to_install, | 274 ret = read_choices_file (choices_file_name, &to_install, |
273 &to_remove); | 275 &to_remove); |
274 | 276 |
275 if (ret) | 277 if (ret) |
276 { | 278 { |
279 ERRORPRINTF ("Failed to read choices file\n"); | |
277 return ret; | 280 return ret; |
278 } | 281 } |
279 | 282 |
280 if (!strv_length (to_install) && !strv_length (to_remove) ) | 283 if (!strv_length (to_install) && !strv_length (to_remove) ) |
281 { | 284 { |
285 ERRORPRINTF ("Failed to read choices file\n"); | |
282 return ERR_NO_INSTRUCTIONS; | 286 return ERR_NO_INSTRUCTIONS; |
283 } | 287 } |
284 | 288 |
285 /* Check that the instructions are ok to execute */ | 289 /* Check that the choices are ok to execute */ |
286 if (to_install) | 290 if (to_install) |
287 { | 291 { |
288 ret = validate_instructions (all_valid_certs, to_install); | 292 ret = validate_choices (all_valid_certs, to_install); |
289 if (ret) | 293 if (ret) |
290 { | 294 { |
295 ERRORPRINTF ("Failed to validate choices\n"); | |
291 return ret; | 296 return ret; |
292 } | 297 } |
293 } | 298 } |
294 | 299 |
295 if (to_remove) | 300 if (to_remove) |
296 { | 301 { |
297 ret = validate_instructions (all_valid_certs, to_remove); | 302 ret = validate_choices (all_valid_certs, to_remove); |
298 if (ret) | 303 if (ret) |
299 { | 304 { |
305 ERRORPRINTF ("Failed to validate removal choices\n"); | |
300 return ret; | 306 return ret; |
301 } | 307 } |
302 } | 308 } |
303 | 309 |
304 #ifdef WIN32 | 310 #ifdef WIN32 |
310 #endif | 316 #endif |
311 ret = write_stores_nss (to_install, to_remove); | 317 ret = write_stores_nss (to_install, to_remove); |
312 if (ret != 0) | 318 if (ret != 0) |
313 { | 319 { |
314 ERRORPRINTF ("Failed to write nss stores"); | 320 ERRORPRINTF ("Failed to write nss stores"); |
321 DEBUGPRINTF ("Hello World"); | |
315 } | 322 } |
316 | 323 |
317 /* Make valgrind happy */ | 324 /* Make valgrind happy */ |
318 strv_free (to_install); | 325 strv_free (to_install); |
319 strv_free (to_remove); | 326 strv_free (to_remove); |