diff cinst/main.c @ 125:24fb90ef8f6a

Fix install_certificates_win. Access the correct store / check errors and return them accordingly
author Andre Heinecke <aheinecke@intevation.de>
date Mon, 24 Mar 2014 10:13:13 +0000
parents c602d8cfa619
children 898446d9d23e
line wrap: on
line diff
--- a/cinst/main.c	Mon Mar 24 10:06:45 2014 +0000
+++ b/cinst/main.c	Mon Mar 24 10:13:13 2014 +0000
@@ -40,6 +40,30 @@
 #include <wincrypt.h>
 #endif
 
+#ifdef WIN32
+LPWSTR getLastErrorMsg() {
+    LPWSTR bufPtr = NULL;
+    DWORD err = GetLastError();
+    FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
+                   FORMAT_MESSAGE_FROM_SYSTEM |
+                   FORMAT_MESSAGE_IGNORE_INSERTS,
+                   NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL);
+    if (!bufPtr) {
+        HMODULE hWinhttp = GetModuleHandleW(L"winhttp");
+        if (hWinhttp) {
+            FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
+                           FORMAT_MESSAGE_FROM_HMODULE |
+                           FORMAT_MESSAGE_IGNORE_INSERTS,
+                           hWinhttp, HRESULT_CODE(err), 0,
+                           (LPWSTR)&bufPtr, 0, NULL);
+        }
+    }
+    if (!bufPtr)
+        printf("Error getting last error\n");
+    return bufPtr;
+}
+#endif
+
 /* The certificate list + instructions may only be so long as
  * twice the accepted certificatelist size */
 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2
@@ -128,7 +152,7 @@
 /** @brief Install certificates into Windows store
  *
  * @param [in] to_install NULL terminated array of base64 encoded certificates.
- * @param [in] user_store set to True if the certificates shoudl be installed
+ * @param [in] user_store set to True if the certificates should be installed
  *             only for the current user. O for system wide installation.
  * @returns 0 on success an errorcode otherwise.
  */
@@ -137,7 +161,7 @@
     int i = 0;
     HCERTSTORE hStore = NULL;
 
-    if (!user_store) {
+    if (user_store) {
         // Access user store
         hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0,
                                0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
@@ -156,6 +180,7 @@
         size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH);
         int ret = -1;
         unsigned char *buf;
+
         /* Check the needed size for the buffer */
         ret = base64_decode(NULL, &needed_len,
                             (unsigned char *)to_install[i], cert_len);
@@ -174,18 +199,21 @@
             return ERR_INVALID_INSTRUCTIONS;
         }
 
-        ret = CertAddEncodedCTLToStore (hStore,
-                                        X509_ASN_ENCODING,
-                                        (PBYTE)buf,
-                                        needed_len,
-                                        CERT_STORE_ADD_ALWAYS,
-                                        NULL);
+        ret = CertAddEncodedCertificateToStore (hStore,
+                                                X509_ASN_ENCODING,
+                                                (PBYTE)buf,
+                                                needed_len,
+                                                CERT_STORE_ADD_ALWAYS,
+                                                NULL);
 
-        if (ret != 0) {
-            printf("Failed to add certificate\n");
-            free(buf);
-            return ret;
+        if (ret == 0) {
+            LPWSTR error = getLastErrorMsg();
+            if (error) {
+                printf("Failed to add certificate: %S \n", error);
+                LocalFree(error);
+            }
         }
+        i++;
         free(buf);
     }
     if(hStore) {
@@ -250,7 +278,7 @@
 */
 
 #ifdef WIN32
-    install_certificates_win((const char**) to_install, 1);
+    return install_certificates_win((const char**) to_install, 1);
     //remove_certificates_win((const char**) to_remove, 1);
 #endif
 

http://wald.intevation.org/projects/trustbridge/