Mercurial > trustbridge

diff cinst/mozilla.c @ 524:a097dd86cb4d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merged.
author Raimund Renkert <rrenkert@intevation.de>
date Tue, 29 Apr 2014 15:26:43 +0200
parents 48d7b956bd98
children f115da3645d5
line wrap: on
line diff
--- a/cinst/mozilla.c	Tue Apr 29 15:26:02 2014 +0200
+++ b/cinst/mozilla.c	Tue Apr 29 15:26:43 2014 +0200
@@ -381,7 +381,6 @@
   if (!cn_str || !o_str)
     {
       DEBUGPRINTF("FATAL: Could not parse certificate!");
-      DEBUGPRINTF("data len: %u \n", secitemp->len);
       exit(ERR_INVALID_CERT);
     }
   name_len = strlen(cn_str) + strlen(o_str) + 4;
@@ -439,34 +438,27 @@
   char *cert_name = nss_cert_name(dercert);
 
   DEBUGPRINTF("INSTALLING cert: '%s' to: %s\n", cert_name, pdir);
-  if (NSS_Initialize(pdir, "", "", "secmod.db", 0) == SECSuccess)
+  pk11slot = PK11_GetInternalKeySlot();
+  cert = CERT_DecodeCertFromPackage((char *)dercert->data,
+                                    (int)dercert->len);
+  trust = (CERTCertTrust *)xmalloc(sizeof(CERTCertTrust));
+  CERT_DecodeTrustString(trust, "C");
+  if ((PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE,
+                       cert_name, PR_FALSE)
+       == SECSuccess) &&
+      (CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), cert, trust)
+       == SECSuccess))
     {
-      pk11slot = PK11_GetInternalKeySlot();
-      cert = CERT_DecodeCertFromPackage((char *)dercert->data,
-                                        (int)dercert->len);
-      trust = (CERTCertTrust *)xmalloc(sizeof(CERTCertTrust));
-      CERT_DecodeTrustString(trust, "C");
-      if ((PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE,
-                           cert_name, PR_FALSE)
-           == SECSuccess) &&
-          (CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), cert, trust)
-           == SECSuccess))
-        {
-          success = true;
-        }
-      else
-        {
-          DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdir);
-        }
-      CERT_DestroyCertificate (cert);
-      free(trust);
-      PK11_FreeSlot(pk11slot);
-      NSS_Shutdown();
+      success = true;
     }
   else
     {
-      DEBUGPRINTF("Could not open nss certificate store in %s!\n", pdir);
+      DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdir);
+      ERRORPRINTF("Error installing certificate err: %i\n", PORT_GetError());
     }
+  CERT_DestroyCertificate (cert);
+  free(trust);
+  PK11_FreeSlot(pk11slot);
 
   free(cert_name);
   return success;
@@ -545,18 +537,25 @@
 apply_to_certs_and_profiles(bool fn(char *, SECItem *),
                             seciteml_t **certs, char **pdirs)
 {
-  SECItem *cert;
   bool success = true;
 
-  while ((cert = seciteml_pop(certs)) != NULL)
+  for (int i=0; pdirs[i] != NULL; i++)
     {
-      for (int i=0; pdirs[i] != NULL; i++)
+      seciteml_t *iter = *certs;
+      if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) != SECSuccess)
         {
+          DEBUGPRINTF("Could not open nss certificate store in %s!\n", pdirs[i]);
+          continue;
+        }
+
+      while (iter != NULL && iter->item != NULL)
+        {
+          SECItem *cert = iter->item;
           if (! (*fn)(pdirs[i], cert))
             success = false;
+          iter = iter->next;
         }
-      free(cert->data);
-      free(cert);
+      NSS_Shutdown();
     }
 
   return success;
http://wald.intevation.org/projects/trustbridge/