Mercurial > trustbridge
comparison cinst/mozilla.c @ 261:7707191ddb01
New function to generate certificate name.
Use it in debug output.
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Tue, 01 Apr 2014 16:32:35 +0200 |
| parents | bd7fb50078b4 |
| children | 1fa607af6332 |
comparison
equal
deleted
inserted
replaced
| 260:e7a8b70021b6 | 261:7707191ddb01 |
|---|---|
| 55 #include <sys/types.h> | 55 #include <sys/types.h> |
| 56 | 56 |
| 57 #define DEBUGPREFIX "MOZ-" | 57 #define DEBUGPREFIX "MOZ-" |
| 58 #include "logging.h" | 58 #include "logging.h" |
| 59 | 59 |
| 60 #include "certhelp.h" | |
| 60 #include "errorcodes.h" | 61 #include "errorcodes.h" |
| 61 #include "portpath.h" | 62 #include "portpath.h" |
| 62 #include "strhelp.h" | 63 #include "strhelp.h" |
| 63 #include "nss-secitemlist.h" | 64 #include "nss-secitemlist.h" |
| 64 | 65 |
| 330 } | 331 } |
| 331 else | 332 else |
| 332 DEBUGPRINTF("Could not open nss cer store in %s!", confdir); | 333 DEBUGPRINTF("Could not open nss cer store in %s!", confdir); |
| 333 } | 334 } |
| 334 | 335 |
| 336 /** | |
| 337 * @brief Create a string with the name for cert in SECItem. | |
| 338 * | |
| 339 * Should be freed by caller. | |
| 340 * @param[in] secitemp ponts to an SECItem holding the DER certificate. | |
| 341 * @retruns a string of the from "CN of Subject - O of Subject" | |
| 342 */ | |
| 343 static char * | |
| 344 nss_cert_name(SECItem *secitemp) | |
| 345 { char *cn_str, *o_str, *name; | |
| 346 size_t name_len; | |
| 347 cn_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_CN); | |
| 348 o_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_O); | |
| 349 name_len = strlen(cn_str) + strlen(o_str) + 4; | |
| 350 name = (char *)xmalloc(name_len); | |
| 351 snprintf(name, name_len, "%s - %s", cn_str, o_str); | |
| 352 free(cn_str); | |
| 353 free(o_str); | |
| 354 return name; | |
| 355 } | |
| 356 | |
| 335 static bool | 357 static bool |
| 336 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem) | 358 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem) |
| 337 { | 359 { |
| 338 unsigned char *dercert = NULL; | 360 unsigned char *dercert = NULL; |
| 339 size_t dercertlen; | 361 size_t dercertlen; |
| 346 secitem->len = (unsigned int) dercertlen; | 368 secitem->len = (unsigned int) dercertlen; |
| 347 return true; | 369 return true; |
| 348 } | 370 } |
| 349 else | 371 else |
| 350 DEBUGPRINTF("Base64 decode failed for: %s\n", b64); | 372 DEBUGPRINTF("Base64 decode failed for: %s\n", b64); |
| 351 return false; | 373 return false; |
| 352 } | 374 } |
| 353 | 375 |
| 354 /** | 376 /** |
| 355 * @brief Parse IPC commands from standard input. | 377 * @brief Parse IPC commands from standard input. |
| 356 * | 378 * |
| 419 { | 441 { |
| 420 char **pdirs; | 442 char **pdirs; |
| 421 seciteml_t *certs_to_remove = NULL; | 443 seciteml_t *certs_to_remove = NULL; |
| 422 seciteml_t *certs_to_add = NULL; | 444 seciteml_t *certs_to_add = NULL; |
| 423 SECItem *secitemp; | 445 SECItem *secitemp; |
| 446 char *cert_name; | |
| 424 | 447 |
| 425 pdirs = | 448 pdirs = |
| 426 get_all_profile_dirs(); | 449 get_all_profile_dirs(); |
| 427 | 450 |
| 428 if (pdirs != NULL) | 451 if (pdirs != NULL) |
| 429 { | 452 { |
| 430 parse_commands(&certs_to_add, &certs_to_remove); | 453 parse_commands(&certs_to_add, &certs_to_remove); |
| 431 | 454 |
| 432 while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) | 455 while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) |
| 433 { | 456 { |
| 434 fprintf(stderr,"CERT TO REMOVE :'"); | 457 cert_name = nss_cert_name(secitemp); |
| 435 write(2, secitemp->data, secitemp->len); | 458 printf("Request to REMOVE cert: %s\n", cert_name); |
| 436 fprintf(stderr,"'\n"); | 459 free(cert_name); |
| 437 free(secitemp->data); | 460 free(secitemp->data); |
| 438 free(secitemp); | 461 free(secitemp); |
| 439 } | 462 } |
| 440 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) | 463 while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) |
| 441 { | 464 { |
| 442 fprintf(stderr,"CERT TO ADD :'"); | 465 cert_name = nss_cert_name(secitemp); |
| 443 write(2, secitemp->data, secitemp->len); | 466 printf("Request to ADD cert: %s\n", cert_name); |
| 444 fprintf(stderr,"'\n"); | 467 free(cert_name); |
| 445 free(secitemp->data); | 468 free(secitemp->data); |
| 446 free(secitemp); | 469 free(secitemp); |
| 447 } | 470 } |
| 448 | 471 |
| 449 for (int i=0; pdirs[i] != NULL; i++) | 472 for (int i=0; pdirs[i] != NULL; i++) |