# HG changeset patch # User Sascha Wilde # Date 1396427449 -7200 # Node ID f7471604bb3113dc84180cbbd3f54e8a5797c6e7 # Parent a7c6a21aba385c2b4a25cbf97e66e23ea2da0cc9 Deletion of certificates implemented. We are feature complete! Only some cleanup, refactoring and stabilisation to do... diff -r a7c6a21aba38 -r f7471604bb31 cinst/mozilla.c --- a/cinst/mozilla.c Tue Apr 01 19:10:05 2014 +0200 +++ b/cinst/mozilla.c Wed Apr 02 10:30:49 2014 +0200 @@ -43,9 +43,10 @@ /* REMOVEME: */ #include +#include +#include +#include #include -#include -#include #include #include #include @@ -446,6 +447,7 @@ SECStatus rv; PK11SlotInfo *pk11slot = NULL; char *cert_name; + CERTCertificate *cert = NULL; pdirs = get_all_profile_dirs(); @@ -457,7 +459,38 @@ while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) { cert_name = nss_cert_name(secitemp); - printf("Request to REMOVE cert: %s\n", cert_name); + for (int i=0; pdirs[i] != NULL; i++) + { + puts(pdirs[i]); + nss_list_certs(pdirs[i]); + + printf("Will now DELETE cert: '%s' from %s\n", cert_name, pdirs[i]); + if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) + == SECSuccess) + { + pk11slot = PK11_GetInternalKeySlot(); + cert = PK11_FindCertFromDERCertItem(pk11slot, + secitemp, NULL); + if (cert != NULL) + { + rv = SEC_DeletePermCertificate(cert); + if (rv != SECSuccess) + { + DEBUGPRINTF("Failed to remove certificate '%s' from '%s'!\n", cert_name, pdirs[i]); + DEBUGPRINTF("Error was %d\n", rv); + } + } + else + { + DEBUGPRINTF("Could not find Certificate %s in store.\n", cert_name); + } + CERT_DestroyCertificate(cert); + PK11_FreeSlot(pk11slot); + NSS_Shutdown(); + } + puts("List new:"); + nss_list_certs(pdirs[i]); + } free(cert_name); free(secitemp->data); free(secitemp);