diff cinst/mozilla.c @ 261:7707191ddb01

New function to generate certificate name. Use it in debug output.
author Sascha Wilde <wilde@intevation.de>
date Tue, 01 Apr 2014 16:32:35 +0200
parents bd7fb50078b4
children 1fa607af6332
line wrap: on
line diff
--- a/cinst/mozilla.c	Tue Apr 01 15:46:40 2014 +0200
+++ b/cinst/mozilla.c	Tue Apr 01 16:32:35 2014 +0200
@@ -57,6 +57,7 @@
 #define DEBUGPREFIX "MOZ-"
 #include "logging.h"
 
+#include "certhelp.h"
 #include "errorcodes.h"
 #include "portpath.h"
 #include "strhelp.h"
@@ -332,6 +333,27 @@
     DEBUGPRINTF("Could not open nss cer store in %s!", confdir);
 }
 
+/**
+ * @brief Create a string with the name for cert in SECItem.
+ *
+ * Should be freed by caller.
+ * @param[in] secitemp ponts to an SECItem holding the DER certificate.
+ * @retruns a string of the from "CN of Subject - O of Subject"
+ */
+static char *
+nss_cert_name(SECItem *secitemp)
+{ char *cn_str, *o_str, *name;
+  size_t name_len;
+  cn_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_CN);
+  o_str = x509_parse_subject(secitemp->data, secitemp->len, CERT_OID_O);
+  name_len = strlen(cn_str) + strlen(o_str) + 4;
+  name = (char *)xmalloc(name_len);
+  snprintf(name, name_len, "%s - %s", cn_str, o_str);
+  free(cn_str);
+  free(o_str);
+  return name;
+}
+
 static bool
 base64_to_secitem(char *b64, size_t b64len, SECItem *secitem)
 {
@@ -348,7 +370,7 @@
     }
   else
     DEBUGPRINTF("Base64 decode failed for: %s\n", b64);
-    return false;
+  return false;
 }
 
 /**
@@ -421,6 +443,7 @@
   seciteml_t *certs_to_remove = NULL;
   seciteml_t *certs_to_add = NULL;
   SECItem *secitemp;
+  char *cert_name;
 
   pdirs =
     get_all_profile_dirs();
@@ -431,17 +454,17 @@
 
       while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL)
         {
-          fprintf(stderr,"CERT TO REMOVE :'");
-          write(2, secitemp->data, secitemp->len);
-          fprintf(stderr,"'\n");
+          cert_name = nss_cert_name(secitemp);
+          printf("Request to REMOVE cert: %s\n", cert_name);
+          free(cert_name);
           free(secitemp->data);
           free(secitemp);
         }
       while ((secitemp = seciteml_pop(&certs_to_add)) != NULL)
         {
-          fprintf(stderr,"CERT TO ADD :'");
-          write(2, secitemp->data, secitemp->len);
-          fprintf(stderr,"'\n");
+          cert_name = nss_cert_name(secitemp);
+          printf("Request to ADD cert: %s\n", cert_name);
+          free(cert_name);
           free(secitemp->data);
           free(secitemp);
         }

http://wald.intevation.org/projects/trustbridge/