changeset 166:199878f09bf1

Merged
author Sascha Wilde <wilde@intevation.de>
date Tue, 25 Mar 2014 12:29:51 +0100
parents d47de01d6ad7 (current diff) 8cfcd38a9bb3 (diff)
children 92d7e0b40808
files common/portpath.c
diffstat 9 files changed, 296 insertions(+), 189 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/HACKING	Tue Mar 25 12:29:51 2014 +0100
@@ -0,0 +1,10 @@
+Please keep C code according to GNU coding standards.
+
+With regards to the style:
+    astyle --style=gnu --indent=spaces=2 --pad-paren-out
+
+For the C++ Ui code please use the kdelibs coding style
+    astyle --indent=spaces=4 --brackets=linux \
+           --indent-labels --pad-oper --unpad-paren --pad-header \
+           --keep-one-line-statements --convert-tabs \
+           --indent-preprocessor
--- a/cinst/CMakeLists.txt	Tue Mar 25 12:25:39 2014 +0100
+++ b/cinst/CMakeLists.txt	Tue Mar 25 12:29:51 2014 +0100
@@ -29,6 +29,7 @@
 
 target_link_libraries(mozilla
    m13_common
+   ${POLARSSL_LIBRARIES}
    ${PROFILING_LIBS})
 
 install(TARGETS mozilla DESTINATION bin)
--- a/cinst/main.c	Tue Mar 25 12:25:39 2014 +0100
+++ b/cinst/main.c	Tue Mar 25 12:29:51 2014 +0100
@@ -59,71 +59,84 @@
  *
  * @returns: 0 on success. An error code otherwise.
  */
-int readInput(char **certificate_list, char ***to_install,
-              char ***to_remove, char ***all_certs)
+int
+readInput (char **certificate_list, char ***to_install,
+           char ***to_remove, char ***all_certs)
 {
-    int lines_read = 0;
-    int readingList = 0;
-    size_t list_size = 0;
-    char buf[MAX_LINE_LENGTH + 2];
+  int lines_read = 0;
+  int readingList = 0;
+  size_t list_size = 0;
+  char buf[MAX_LINE_LENGTH + 2];
 
-    if (*certificate_list || *to_install || *to_remove) {
-        printf("Error invalid parameters\n");
-        return -1;
+  if (*certificate_list || *to_install || *to_remove)
+    {
+      printf ("Error invalid parameters\n");
+      return -1;
     }
 
-    while (fgets(buf, MAX_LINE_LENGTH + 1, stdin)) {
-        size_t len = strlen(buf); /* fgets ensures buf is terminated */
-        if (len <= 3) {
-            printf("Line too short.\n");
-            return ERR_INVALID_INPUT;
+  while (fgets (buf, MAX_LINE_LENGTH + 1, stdin) )
+    {
+      size_t len = strlen (buf);	/* fgets ensures buf is terminated */
+      if (len <= 3)
+        {
+          printf ("Line too short.\n");
+          return ERR_INVALID_INPUT;
         }
-        if (lines_read ++ > MAX_LINES) {
-            printf("Too many lines\n");
-            return ERR_TOO_MUCH_INPUT;
+      if (lines_read++ > MAX_LINES)
+        {
+          printf ("Too many lines\n");
+          return ERR_TOO_MUCH_INPUT;
         }
 
-        if (buf[len-2] != '\r') {
-            if (buf[len-1] != '\n') {
-                printf("Line too long.\n");
-                return ERR_INVALID_INPUT;
+      if (buf[len - 2] != '\r')
+        {
+          if (buf[len - 1] != '\n')
+            {
+              printf ("Line too long.\n");
+              return ERR_INVALID_INPUT;
             }
-            buf[len-1] = '\r';
-            buf[len] = '\n';
-            buf[len+1] = '\0';
-            len++;
+          buf[len - 1] = '\r';
+          buf[len] = '\n';
+          buf[len + 1] = '\0';
+          len++;
         }
 
-        if (strcmp("-----BEGIN CERTIFICATE LIST-----\r\n", buf) == 0){
-            readingList = 1;
-            continue;
-        }
-        if (strcmp("-----END CERTIFICATE LIST-----\r\n", buf) == 0){
-            readingList = 0;
-            continue;
+      if (strcmp ("-----BEGIN CERTIFICATE LIST-----\r\n", buf) == 0)
+        {
+          readingList = 1;
+          continue;
         }
-        if (readingList) {
-            str_append_str(certificate_list, &list_size, buf, len);
-        } else if (strcmp("UNINSTALL\r\n", buf) == 0) {
-            /* Remove trailing \r\n */
-            strv_append(to_remove, buf, len - 2);
-            continue;
+      if (strcmp ("-----END CERTIFICATE LIST-----\r\n", buf) == 0)
+        {
+          readingList = 0;
+          continue;
         }
-        if (*buf == 'I') {
-            /* Remove leading I: and trailing \r\n */
-            strv_append(readingList ? all_certs : to_install,
-                    buf+2, len - 4);
-            continue;
+      if (readingList)
+        {
+          str_append_str (certificate_list, &list_size, buf, len);
         }
-        if (*buf == 'R') {
-            /* Remove leading R: and trailing \r\n */
-            strv_append(readingList ? all_certs : to_remove,
-                    buf+2, len - 4);
-            continue;
+      else if (strcmp ("UNINSTALL\r\n", buf) == 0)
+        {
+          /* Remove trailing \r\n */
+          strv_append (to_remove, buf, len - 2);
+          continue;
+        }
+      if (*buf == 'I')
+        {
+          /* Remove leading I: and trailing \r\n */
+          strv_append (readingList ? all_certs : to_install,
+                       buf + 2, len - 4);
+          continue;
+        }
+      if (*buf == 'R')
+        {
+          /* Remove leading R: and trailing \r\n */
+          strv_append (readingList ? all_certs : to_remove, buf + 2, len - 4);
+          continue;
         }
     }
 
-    return 0;
+  return 0;
 }
 
 /** @brief Check that the insturctions match to the list
@@ -136,111 +149,133 @@
  *
  * @returns 0 on success, an error otherwise
  */
-int validate_instructions(char **all_certs,
-                          char **to_validate)
+int
+validate_instructions (char **all_certs, char **to_validate)
 {
-    int i = 0,
-        j = 0;
+  int i = 0, j = 0;
 
-    if (!all_certs || strv_length(all_certs) < 1) {
-        /* Invalid parameters */
-        return -1;
+  if (!all_certs || strv_length (all_certs) < 1)
+    {
+      /* Invalid parameters */
+      return -1;
     }
 
-    if (to_validate == NULL) {
-        /* Nothing is valid */
-        return 0;
+  if (to_validate == NULL)
+    {
+      /* Nothing is valid */
+      return 0;
     }
 
-    for (i=0; to_validate[i]; i++) {
-        bool found = false;
-        for (j=0; all_certs[j]; j++) {
-            if (strncmp(to_validate[i], all_certs[j], MAX_LINE_LENGTH - 2) == 0) {
-                found = true;
-                break;
+  for (i = 0; to_validate[i]; i++)
+    {
+      bool found = false;
+      for (j = 0; all_certs[j]; j++)
+        {
+          if (strncmp (to_validate[i], all_certs[j], MAX_LINE_LENGTH - 2) ==
+              0)
+            {
+              found = true;
+              break;
             }
         }
-        if (!found) {
-            printf("Install instruction with invalid certificate\n.");
-            return ERR_INVALID_INSTRUCTIONS;
+      if (!found)
+        {
+          printf ("Install instruction with invalid certificate\n.");
+          return ERR_INVALID_INSTRUCTIONS;
         }
     }
 
-    return 0;
+  return 0;
 }
 
 
-int main() {
-    char **to_install = NULL;
-    char **to_remove = NULL;
-    char **all_certs = NULL;
-    char *certificate_list = NULL;
-    size_t list_len = 0;
-    int ret = -1;
-    bool uninstall = false;
+int
+main ()
+{
+  char **to_install = NULL;
+  char **to_remove = NULL;
+  char **all_certs = NULL;
+  char *certificate_list = NULL;
+  size_t list_len = 0;
+  int ret = -1;
+  bool uninstall = false;
 
-    ret = readInput(&certificate_list, &to_install, &to_remove, &all_certs);
+  ret = readInput (&certificate_list, &to_install, &to_remove, &all_certs);
 
-    if (ret) {
-        return ret;
+  if (ret)
+    {
+      return ret;
     }
 
-    if (!certificate_list) {
-        return ERR_INVALID_INPUT_NO_LIST;
+  if (!certificate_list)
+    {
+      return ERR_INVALID_INPUT_NO_LIST;
     }
 
-    list_len = strnlen(certificate_list, MAX_INPUT_SIZE);
+  list_len = strnlen (certificate_list, MAX_INPUT_SIZE);
 
-    ret = verify_list(certificate_list, list_len);
+  ret = verify_list (certificate_list, list_len);
 
-    if (ret) {
-        return ERR_INVALID_SIGNATURE;
+  if (ret)
+    {
+      return ERR_INVALID_SIGNATURE;
     }
 
-    if (!strv_length(to_install) && !strv_length(to_remove)) {
-        return ERR_NO_INSTRUCTIONS;
+  if (!strv_length (to_install) && !strv_length (to_remove) )
+    {
+      return ERR_NO_INSTRUCTIONS;
     }
 
 
-    /* Check that the instructions are ok to execute */
-    if (to_install) {
-        ret = validate_instructions(all_certs, to_install);
-        if (ret) {
-            return ret;
+  /* Check that the instructions are ok to execute */
+  if (to_install)
+    {
+      ret = validate_instructions (all_certs, to_install);
+      if (ret)
+        {
+          return ret;
         }
     }
 
-    if (to_remove) {
-        if (to_remove[0] && strncmp("UNINSTALL", to_remove[0], MAX_LINE_LENGTH) == 0) {
-            uninstall = true;
-            strv_free(to_remove);
-            to_remove = NULL;
-        } else {
-            ret = validate_instructions(all_certs, to_remove);
-            if (ret) {
-                return ret;
+  if (to_remove)
+    {
+      if (to_remove[0]
+          && strncmp ("UNINSTALL", to_remove[0], MAX_LINE_LENGTH) == 0)
+        {
+          uninstall = true;
+          strv_free (to_remove);
+          to_remove = NULL;
+        }
+      else
+        {
+          ret = validate_instructions (all_certs, to_remove);
+          if (ret)
+            {
+              return ret;
             }
         }
     }
 
-    if (uninstall) {
-        /* To uninstall does not have to be verified as it part of the
-         * signed list.*/
-        to_remove = all_certs;
-    } else {
-        strv_free(all_certs);
-        all_certs = NULL;
+  if (uninstall)
+    {
+      /* To uninstall does not have to be verified as it part of the
+       * signed list.*/
+      to_remove = all_certs;
+    }
+  else
+    {
+      strv_free (all_certs);
+      all_certs = NULL;
     }
 
 #ifdef WIN32
-    return install_certificates_win((const char**) to_install, true);
-    //remove_certificates_win((const char**) to_remove, 1);
+  return write_stores_win (to_install, to_remove, true);
 #endif
 
-    /* Make valgrind happy */
-    strv_free(to_install);
-    strv_free(to_remove);
-    free(certificate_list);
+  /* Make valgrind happy */
+  strv_free (to_install);
+  strv_free (to_remove);
+  free (certificate_list);
 
-    return 0;
+  return 0;
 }
--- a/cinst/windowsstore.c	Tue Mar 25 12:25:39 2014 +0100
+++ b/cinst/windowsstore.c	Tue Mar 25 12:29:51 2014 +0100
@@ -1,92 +1,101 @@
 #ifdef WIN32
 
-#include <polarssl/base64.h>
-#include "windowsstore.h"
+#include <stdio.h>
 
-static LPWSTR getLastErrorMsg() {
-    LPWSTR bufPtr = NULL;
-    DWORD err = GetLastError();
-    FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
-                   FORMAT_MESSAGE_FROM_SYSTEM |
-                   FORMAT_MESSAGE_IGNORE_INSERTS,
-                   NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL);
-    if (!bufPtr) {
-        HMODULE hWinhttp = GetModuleHandleW(L"winhttp");
-        if (hWinhttp) {
-            FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
-                           FORMAT_MESSAGE_FROM_HMODULE |
-                           FORMAT_MESSAGE_IGNORE_INSERTS,
-                           hWinhttp, HRESULT_CODE(err), 0,
-                           (LPWSTR)&bufPtr, 0, NULL);
+#include "windowsstore.h"
+#include "errorcodes.h"
+#include "listutil.h"
+#include "strhelp.h"
+
+static LPWSTR getLastErrorMsg()
+{
+  LPWSTR bufPtr = NULL;
+  DWORD err = GetLastError();
+  FormatMessageW (FORMAT_MESSAGE_ALLOCATE_BUFFER |
+                  FORMAT_MESSAGE_FROM_SYSTEM |
+                  FORMAT_MESSAGE_IGNORE_INSERTS,
+                  NULL, err, 0, (LPWSTR) &bufPtr, 0, NULL);
+  if (!bufPtr)
+    {
+      HMODULE hWinhttp = GetModuleHandleW (L"winhttp");
+      if (hWinhttp)
+        {
+          FormatMessageW (FORMAT_MESSAGE_ALLOCATE_BUFFER |
+                          FORMAT_MESSAGE_FROM_HMODULE |
+                          FORMAT_MESSAGE_IGNORE_INSERTS,
+                          hWinhttp, HRESULT_CODE (err), 0,
+                          (LPWSTR) &bufPtr, 0, NULL);
         }
     }
-    if (!bufPtr)
-        printf("Error getting last error\n");
-    return bufPtr;
+  if (!bufPtr)
+    printf ("Error getting last error\n");
+  return bufPtr;
 }
 
-int install_certificates_win(const char **to_install, bool user_store)
+int write_stores_win (char **to_install, char **to_remove, bool user_store)
 {
-    int i = 0;
-    HCERTSTORE hStore = NULL;
+  int i = 0;
+  int ret = -1;
+  HCERTSTORE hStore = NULL;
 
-    if (user_store) {
-        hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0,
-                               0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
-    } else {
-        hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0,
-                               0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root");
+  if (user_store)
+    {
+      hStore = CertOpenStore (CERT_STORE_PROV_SYSTEM, 0,
+                              0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
     }
-
-    if (!hStore) {
-        return ERR_STORE_ACCESS_DENIED;
+  else
+    {
+      hStore = CertOpenStore (CERT_STORE_PROV_SYSTEM, 0,
+                              0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root");
     }
 
-    while (to_install[i]) {
-        size_t needed_len = 0;
-        size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH);
-        int ret = -1;
-        unsigned char *buf;
-
-        /* Check the needed size for the buffer */
-        ret = base64_decode(NULL, &needed_len,
-                            (unsigned char *)to_install[i], cert_len);
+  if (!hStore)
+    {
+      return ERR_STORE_ACCESS_DENIED;
+    }
 
-        if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) {
-            return ERR_INVALID_INSTRUCTIONS;
-        }
+  for (i=0; to_install[i]; i++)
+    {
+      size_t cert_len = strnlen (to_install[i], MAX_LINE_LENGTH),
+             buf_size = 0;
+      char *buf = NULL;
 
-        buf = xmalloc(needed_len);
-        memset (buf, 0, needed_len);
+      ret = str_base64_decode (&buf, &buf_size, to_install[i], cert_len);
 
-        ret = base64_decode(buf, &needed_len,
-                            (unsigned char *)to_install[i], cert_len);
-
-        if (ret != 0) {
-            return ERR_INVALID_INSTRUCTIONS;
+      if (ret != 0)
+        {
+          return ERR_INVALID_INSTRUCTIONS;
         }
 
-        ret = CertAddEncodedCertificateToStore (hStore,
-                                                X509_ASN_ENCODING,
-                                                (PBYTE)buf,
-                                                needed_len,
-                                                CERT_STORE_ADD_ALWAYS,
-                                                NULL);
+      ret = CertAddEncodedCertificateToStore (hStore,
+                                              X509_ASN_ENCODING,
+                                              (PBYTE) buf,
+                                              buf_size,
+                                              CERT_STORE_ADD_ALWAYS,
+                                              NULL);
 
-        if (ret == 0) {
-            LPWSTR error = getLastErrorMsg();
-            if (error) {
-                printf("Failed to add certificate: %S \n", error);
-                LocalFree(error);
+      if (ret == 0)
+        {
+          LPWSTR error = getLastErrorMsg();
+          if (error)
+            {
+              printf ("Failed to add certificate: %S \n", error);
+              LocalFree (error);
             }
         }
-        i++;
-        free(buf);
+      i++;
+      free (buf);
     }
 
-    if(hStore) {
-        CertCloseStore(hStore, 0);
+  for (i=0; to_remove[i]; i++)
+    {
+      // TODO
     }
-    return 0;
+
+  if (hStore)
+    {
+      CertCloseStore (hStore, 0);
+    }
+  return 0;
 }
 #endif // WIN32
--- a/cinst/windowsstore.h	Tue Mar 25 12:25:39 2014 +0100
+++ b/cinst/windowsstore.h	Tue Mar 25 12:29:51 2014 +0100
@@ -4,14 +4,19 @@
 
 #include <windows.h>
 #include <wincrypt.h>
-/** @brief Install certificates into Windows store
+
+#include <stdbool.h>
+
+/** @brief Access the Windows certificate store
  *
- * @param [in] to_install NULL terminated array of base64 encoded certificates.
+ * @param [in] to_install strv of DER encoded certificates to be added.
+ * @param [in] to_remove strv of DER encoded certificates to be remvoed.
  * @param [in] user_store set to True if the certificates should be installed
  *             only for the current user. O for system wide installation.
  * @returns 0 on success an errorcode otherwise.
  */
-int install_certificates_win(const char **to_install, int user_store)
+int write_stores_win (char **to_install, char **to_remove,
+                      bool user_store);
 
 #endif // WINDOWSSTORE_H
 #endif // WIN32
--- a/common/errorcodes.h	Tue Mar 25 12:25:39 2014 +0100
+++ b/common/errorcodes.h	Tue Mar 25 12:29:51 2014 +0100
@@ -2,7 +2,7 @@
 #define ERRORCODES_H
 
 /* No error */
-#define NO_ERROR 0
+#define ERR_NO_ERROR 0
 /* No begin certificate / end certificate could be found */
 #define ERR_INVALID_INPUT_NO_LIST 2
 /* Too much input for the installer process */
--- a/common/strhelp.c	Tue Mar 25 12:25:39 2014 +0100
+++ b/common/strhelp.c	Tue Mar 25 12:29:51 2014 +0100
@@ -5,6 +5,8 @@
 #include <string.h>
 #include <assert.h>
 
+#include <polarssl/base64.h>
+
 /* Remarks regarding the "Flawfinder: ignore" comments in this file:
  *
  * - strlen:
@@ -150,3 +152,33 @@
         (*s)[i] = '\0';
     }
 }
+
+int str_base64_decode(char **dst, size_t *dst_size, char *src,
+                      size_t src_size)
+{
+    int ret = -1;
+
+    if (!dst || *dst) {
+        return -1;
+    }
+
+    /* Check the needed size for the buffer */
+    ret = base64_decode(NULL, dst_size,
+                        (unsigned char *)src, src_size);
+
+    if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) {
+        return ret;
+    }
+
+    *dst = xmalloc(*dst_size);
+    memset (*dst, 0, *dst_size);
+
+    ret = base64_decode((unsigned char *)*dst, dst_size,
+                        (unsigned char *)src, src_size);
+    if (!ret) {
+        free (*dst);
+        *dst = NULL;
+        dst_size = 0;
+    }
+    return ret;
+}
--- a/common/strhelp.h	Tue Mar 25 12:25:39 2014 +0100
+++ b/common/strhelp.h	Tue Mar 25 12:29:51 2014 +0100
@@ -75,4 +75,19 @@
  */
 bool str_trim (char **s);
 
+/** @brief decode base64 encoded data
+ *
+ * The memory allocated for dest needs to be free'd by the
+ * caller.
+ *
+ * @param [out] dst Pointer to the destination. Needs to be NULL
+ * @param [out] dst_size Size allocated for the destination.
+ * @param [in] src Pointer to the base64 encoded data.
+ * @param [in] src_size Size of the encoded data.
+ *
+ * @returns 0 on success a polarssl error or -1 otherwise
+ */
+int str_base64_decode(char **dst, size_t *dst_size, char *src,
+                      size_t src_size);
+
 #endif
--- a/ui/tests/cinstprocesstest.cpp	Tue Mar 25 12:25:39 2014 +0100
+++ b/ui/tests/cinstprocesstest.cpp	Tue Mar 25 12:29:51 2014 +0100
@@ -46,7 +46,7 @@
         installerProcess->write("\r\n");
     }
 
-    finishVerify(installerProcess, NO_ERROR);
+    finishVerify(installerProcess, ERR_NO_ERROR);
 }
 
 void CinstProcessTest::initTestCase() {
@@ -133,7 +133,7 @@
 
     installerProcess->write("UNINSTALL\r\n");
 
-    finishVerify(installerProcess, NO_ERROR);
+    finishVerify(installerProcess, ERR_NO_ERROR);
 }
 
 QTEST_GUILESS_MAIN (CinstProcessTest);

http://wald.intevation.org/projects/trustbridge/