comparison cinst/mozilla.c @ 261:7707191ddb01

New function to generate certificate name. Use it in debug output.
author Sascha Wilde <wilde@intevation.de>
date Tue, 01 Apr 2014 16:32:35 +0200
parents bd7fb50078b4
children 1fa607af6332
comparison
equal deleted inserted replaced
260:e7a8b70021b6 261:7707191ddb01
55 #include <sys/types.h> 55 #include <sys/types.h>
56 56
57 #define DEBUGPREFIX "MOZ-" 57 #define DEBUGPREFIX "MOZ-"
58 #include "logging.h" 58 #include "logging.h"
59 59
60 #include "certhelp.h"
60 #include "errorcodes.h" 61 #include "errorcodes.h"
61 #include "portpath.h" 62 #include "portpath.h"
62 #include "strhelp.h" 63 #include "strhelp.h"
63 #include "nss-secitemlist.h" 64 #include "nss-secitemlist.h"
64 65
330 } 331 }
331 else 332 else
332 DEBUGPRINTF("Could not open nss cer store in %s!", confdir); 333 DEBUGPRINTF("Could not open nss cer store in %s!", confdir);
333 } 334 }
334 335
336 /**
337 * @brief Create a string with the name for cert in SECItem.
338 *
339 * Should be freed by caller.
340 * @param[in] secitemp ponts to an SECItem holding the DER certificate.
341 * @retruns a string of the from "CN of Subject - O of Subject"
342 */
343 static char *
344 nss_cert_name(SECItem *secitemp)
345 { char *cn_str, *o_str, *name;
346 size_t name_len;
347 cn_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_CN);
348 o_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_O);
349 name_len = strlen(cn_str) + strlen(o_str) + 4;
350 name = (char *)xmalloc(name_len);
351 snprintf(name, name_len, "%s - %s", cn_str, o_str);
352 free(cn_str);
353 free(o_str);
354 return name;
355 }
356
335 static bool 357 static bool
336 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem) 358 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem)
337 { 359 {
338 unsigned char *dercert = NULL; 360 unsigned char *dercert = NULL;
339 size_t dercertlen; 361 size_t dercertlen;
346 secitem->len = (unsigned int) dercertlen; 368 secitem->len = (unsigned int) dercertlen;
347 return true; 369 return true;
348 } 370 }
349 else 371 else
350 DEBUGPRINTF("Base64 decode failed for: %s\n", b64); 372 DEBUGPRINTF("Base64 decode failed for: %s\n", b64);
351 return false; 373 return false;
352 } 374 }
353 375
354 /** 376 /**
355 * @brief Parse IPC commands from standard input. 377 * @brief Parse IPC commands from standard input.
356 * 378 *
419 { 441 {
420 char **pdirs; 442 char **pdirs;
421 seciteml_t *certs_to_remove = NULL; 443 seciteml_t *certs_to_remove = NULL;
422 seciteml_t *certs_to_add = NULL; 444 seciteml_t *certs_to_add = NULL;
423 SECItem *secitemp; 445 SECItem *secitemp;
446 char *cert_name;
424 447
425 pdirs = 448 pdirs =
426 get_all_profile_dirs(); 449 get_all_profile_dirs();
427 450
428 if (pdirs != NULL) 451 if (pdirs != NULL)
429 { 452 {
430 parse_commands(&certs_to_add, &certs_to_remove); 453 parse_commands(&certs_to_add, &certs_to_remove);
431 454
432 while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) 455 while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL)
433 { 456 {
434 fprintf(stderr,"CERT TO REMOVE :'"); 457 cert_name = nss_cert_name(secitemp);
435 write(2, secitemp->data, secitemp->len); 458 printf("Request to REMOVE cert: %s\n", cert_name);
436 fprintf(stderr,"'\n"); 459 free(cert_name);
437 free(secitemp->data); 460 free(secitemp->data);
438 free(secitemp); 461 free(secitemp);
439 } 462 }
440 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) 463 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL)
441 { 464 {
442 fprintf(stderr,"CERT TO ADD :'"); 465 cert_name = nss_cert_name(secitemp);
443 write(2, secitemp->data, secitemp->len); 466 printf("Request to ADD cert: %s\n", cert_name);
444 fprintf(stderr,"'\n"); 467 free(cert_name);
445 free(secitemp->data); 468 free(secitemp->data);
446 free(secitemp); 469 free(secitemp);
447 } 470 }
448 471
449 for (int i=0; pdirs[i] != NULL; i++) 472 for (int i=0; pdirs[i] != NULL; i++)

http://wald.intevation.org/projects/trustbridge/