Mercurial > trustbridge
changeset 138:7a8d960d60c9
Merged
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Mon, 24 Mar 2014 14:57:37 +0000 |
parents | 4904fe01055d (diff) 5fa4791d6d0e (current diff) |
children | 52993db093f4 |
files | |
diffstat | 4 files changed, 115 insertions(+), 107 deletions(-) [+] |
line wrap: on
line diff
--- a/cinst/CMakeLists.txt Mon Mar 24 15:36:12 2014 +0100 +++ b/cinst/CMakeLists.txt Mon Mar 24 14:57:37 2014 +0000 @@ -5,6 +5,7 @@ include_directories(${CMAKE_CURRENT_SOURCE_DIR}/../common) set(CINST_SOURCES + ${CMAKE_CURRENT_SOURCE_DIR}/windowsstore.c ${CMAKE_CURRENT_SOURCE_DIR}/main.c )
--- a/cinst/main.c Mon Mar 24 15:36:12 2014 +0100 +++ b/cinst/main.c Mon Mar 24 14:57:37 2014 +0000 @@ -1,4 +1,6 @@ -/** @brief Main entry point for the cinst process. +/** + * @file main.c + * @brief Main entry point for the cinst process. * * The cinst process may or may not be run with elevated * privileges. When run with elevated privileges this @@ -29,40 +31,10 @@ #include <string.h> #include <assert.h> -#include <polarssl/base64.h> - #include "strhelp.h" #include "listutil.h" #include "errorcodes.h" - -#ifdef WIN32 -#include <windows.h> -#include <wincrypt.h> -#endif - -#ifdef WIN32 -LPWSTR getLastErrorMsg() { - LPWSTR bufPtr = NULL; - DWORD err = GetLastError(); - FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL); - if (!bufPtr) { - HMODULE hWinhttp = GetModuleHandleW(L"winhttp"); - if (hWinhttp) { - FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_HMODULE | - FORMAT_MESSAGE_IGNORE_INSERTS, - hWinhttp, HRESULT_CODE(err), 0, - (LPWSTR)&bufPtr, 0, NULL); - } - } - if (!bufPtr) - printf("Error getting last error\n"); - return bufPtr; -} -#endif +#include "windowsstore.h" /* The certificate list + instructions may only be so long as * twice the accepted certificatelist size */ @@ -160,81 +132,6 @@ } */ -#ifdef WIN32 -/** @brief Install certificates into Windows store - * - * @param [in] to_install NULL terminated array of base64 encoded certificates. - * @param [in] user_store set to True if the certificates should be installed - * only for the current user. O for system wide installation. - * @returns 0 on success an errorcode otherwise. - */ -int install_certificates_win(const char **to_install, int user_store) -{ - int i = 0; - HCERTSTORE hStore = NULL; - - if (user_store) { - // Access user store - hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, - 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); - } else { - // Access machine store - hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, - 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root"); - } - - if (!hStore) { - return ERR_STORE_ACCESS_DENIED; - } - - while (to_install[i]) { - size_t needed_len = 0; - size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); - int ret = -1; - unsigned char *buf; - - /* Check the needed size for the buffer */ - ret = base64_decode(NULL, &needed_len, - (unsigned char *)to_install[i], cert_len); - - if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { - return ERR_INVALID_INSTRUCTIONS; - } - - buf = xmalloc(needed_len); - memset (buf, 0, needed_len); - - ret = base64_decode(buf, &needed_len, - (unsigned char *)to_install[i], cert_len); - - if (ret != 0) { - return ERR_INVALID_INSTRUCTIONS; - } - - ret = CertAddEncodedCertificateToStore (hStore, - X509_ASN_ENCODING, - (PBYTE)buf, - needed_len, - CERT_STORE_ADD_ALWAYS, - NULL); - - if (ret == 0) { - LPWSTR error = getLastErrorMsg(); - if (error) { - printf("Failed to add certificate: %S \n", error); - LocalFree(error); - } - } - i++; - free(buf); - } - if(hStore) { - CertCloseStore(hStore, 0); - } - return 0; -} -#endif - int main() { char **to_install = NULL; char **to_remove = NULL;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cinst/windowsstore.c Mon Mar 24 14:57:37 2014 +0000 @@ -0,0 +1,93 @@ +#ifdef WIN32 + +#include <polarssl/base64.h> +#include "windowsstore.h" + +static LPWSTR getLastErrorMsg() { + LPWSTR bufPtr = NULL; + DWORD err = GetLastError(); + FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL); + if (!bufPtr) { + HMODULE hWinhttp = GetModuleHandleW(L"winhttp"); + if (hWinhttp) { + FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_HMODULE | + FORMAT_MESSAGE_IGNORE_INSERTS, + hWinhttp, HRESULT_CODE(err), 0, + (LPWSTR)&bufPtr, 0, NULL); + } + } + if (!bufPtr) + printf("Error getting last error\n"); + return bufPtr; +} + +int install_certificates_win(const char **to_install, int user_store) +{ + int i = 0; + HCERTSTORE hStore = NULL; + + if (user_store) { + // Access user store + hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, + 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); + } else { + // Access machine store + hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, + 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root"); + } + + if (!hStore) { + return ERR_STORE_ACCESS_DENIED; + } + + while (to_install[i]) { + size_t needed_len = 0; + size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); + int ret = -1; + unsigned char *buf; + + /* Check the needed size for the buffer */ + ret = base64_decode(NULL, &needed_len, + (unsigned char *)to_install[i], cert_len); + + if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { + return ERR_INVALID_INSTRUCTIONS; + } + + buf = xmalloc(needed_len); + memset (buf, 0, needed_len); + + ret = base64_decode(buf, &needed_len, + (unsigned char *)to_install[i], cert_len); + + if (ret != 0) { + return ERR_INVALID_INSTRUCTIONS; + } + + ret = CertAddEncodedCertificateToStore (hStore, + X509_ASN_ENCODING, + (PBYTE)buf, + needed_len, + CERT_STORE_ADD_ALWAYS, + NULL); + + if (ret == 0) { + LPWSTR error = getLastErrorMsg(); + if (error) { + printf("Failed to add certificate: %S \n", error); + LocalFree(error); + } + } + i++; + free(buf); + } + if(hStore) { + CertCloseStore(hStore, 0); + } + return 0; +} +#endif // WIN32
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cinst/windowsstore.h Mon Mar 24 14:57:37 2014 +0000 @@ -0,0 +1,17 @@ +#ifdef WIN32 +#ifndef WINDOWSSTORE_H +#define WINDOWSSTORE_H + +#include <windows.h> +#include <wincrypt.h> +/** @brief Install certificates into Windows store + * + * @param [in] to_install NULL terminated array of base64 encoded certificates. + * @param [in] user_store set to True if the certificates should be installed + * only for the current user. O for system wide installation. + * @returns 0 on success an errorcode otherwise. + */ +int install_certificates_win(const char **to_install, int user_store) + +#endif // WINDOWSSTORE_H +#endif // WIN32