Mercurial > trustbridge
changeset 244:0145d2401f46
Input parser works. Added debug output for collected cert data.
author | Sascha Wilde <wilde@intevation.de> |
---|---|
date | Fri, 28 Mar 2014 19:28:01 +0100 |
parents | 4b67cc2d4dad |
children | fbd74e2370de |
files | cinst/mozilla.c |
diffstat | 1 files changed, 101 insertions(+), 48 deletions(-) [+] |
line wrap: on
line diff
--- a/cinst/mozilla.c Fri Mar 28 18:38:34 2014 +0100 +++ b/cinst/mozilla.c Fri Mar 28 19:28:01 2014 +0100 @@ -60,7 +60,7 @@ #include "errorcodes.h" #include "portpath.h" #include "strhelp.h" - +#include "nss-secitemlist.h" #ifndef _WIN32 #define CONFDIRS ".mozilla", ".thunderbird" @@ -332,64 +332,117 @@ DEBUGPRINTF("Could not open nss cer store in %s!", confdir); } +static bool +base64_to_secitem(char *b64, size_t b64len, SECItem *secitem) +{ + unsigned char *dercert = NULL; + size_t dercertlen; + + if ( str_base64_decode((char **)(&dercert), &dercertlen, + b64, b64len) == 0 ) + { + secitem->data = dercert; + secitem->len = dercertlen; + return true; + } + else + DEBUGPRINTF("Base64 decode failed for: %s\n", b64); + return false; +} + +/** + * @brief Parse IPC commands from standard input. + * + * Reads command lines (R: and I:) from standard input and puts the + * certificates to process in two SECItem lists holding the + * certificates in DER format. + * @param[inout] install_list list of SECItems with certifiactes to install + * @param[inout] remove_list list of SECItems with certifiactes to remove + */ +static void +parse_commands (seciteml_t **install_list, seciteml_t **remove_list) +{ + char inpl[LINEBUFLEN]; + size_t inpllen; + bool parserr = true; + SECItem secitem; + + while ( fgets(inpl, LINEBUFLEN, stdin) != NULL ) + { + inpllen = strnlen(inpl, LINEBUFLEN); + /* Validate input line: + * - must be (much) longer than 3 characters + * - must start with "*:" + */ + if ((inpllen > 3) && (inpl[1] == ':')) + /* Now parse Input */ + switch(inpl[0]) + { + case 'R': + parserr = true; + DEBUGPRINTF("Request to remove certificate: %s\n", &inpl[2]); + if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem)) + { + seciteml_push(remove_list, &secitem); + parserr = false; + } + break; + case 'I': + parserr = true; + DEBUGPRINTF("Request to install certificate: %s\n", &inpl[2]); + if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem)) + { + seciteml_push(install_list, &secitem); + parserr = false; + } + break; + default: + parserr = true; + } + else + { + parserr = true; + } + + if (parserr) + { + DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl); + exit(ERR_MOZ_INVALID_INPUT); + } + } +} + int main () { - char inpl[LINEBUFLEN]; - size_t inpllen; - char *dercert; - size_t dercertlen; char **pdirs; - bool parserr = true; + seciteml_t *certs_to_remove = NULL; + seciteml_t *certs_to_add = NULL; + SECItem *secitemp; + pdirs = get_all_profile_dirs(); if (pdirs != NULL) { - while ( fgets(inpl, LINEBUFLEN, stdin) != NULL ) + parse_commands(&certs_to_add, &certs_to_remove); + + while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) { - inpllen = strnlen(inpl, LINEBUFLEN); - /* Validate input line: - * - must be (much) longer than 3 characters - * - must start with "*:" - */ - if ((inpllen > 3) && (inpl[1] == ':')) - /* Now parse Input */ - switch(inpl[0]) - { - case 'R': - parserr = true; - DEBUGPRINTF("Removing Certificate: %s", &inpl[2]); - if ( str_base64_decode(&dercert, &dercertlen, - &inpl[2], inpllen-2) == 0 ) - { - DEBUGPRINTF("Successfully b64 decoded cert: '"); - write(2, dercert, dercertlen); - fprintf(stderr,"'\n"); - free(dercert); - parserr = false; - } - else - DEBUGPRINTF("Base64 decoded failed!\n'"); - break; - case 'I': - DEBUGPRINTF("Installing Certificate: %s", &inpl[2]); - parserr = false; - break; - default: - parserr = true; - } - else - { - parserr = true; - } - - if (parserr) - { - DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl); - exit(ERR_MOZ_INVALID_INPUT); - } + fprintf(stderr,"CERT TO REMOVE :'"); + write(2, secitemp->data, secitemp->len); + fprintf(stderr,"'\n"); + free(secitemp->data); + free(secitemp); + } + while ((secitemp = seciteml_pop(&certs_to_add)) != NULL) + { + fprintf(stderr,"CERT TO ADD :'"); + write(2, secitemp->data, secitemp->len); + fprintf(stderr,"'\n"); + free(secitemp->data); + free(secitemp); } for (int i=0; pdirs[i] != NULL; i++)