Mercurial > trustbridge
changeset 270:9d2ac9b6a5b0
Merged
author | Sascha Wilde <wilde@intevation.de> |
---|---|
date | Wed, 02 Apr 2014 10:31:08 +0200 |
parents | f7471604bb31 (diff) 89e8783866f8 (current diff) |
children | e265431f3e92 ea9c5bbc6496 |
files | |
diffstat | 1 files changed, 37 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/cinst/mozilla.c Wed Apr 02 09:27:24 2014 +0200 +++ b/cinst/mozilla.c Wed Apr 02 10:31:08 2014 +0200 @@ -43,9 +43,10 @@ /* REMOVEME: */ #include <unistd.h> +#include <cert.h> +#include <certdb.h> +#include <certt.h> #include <dirent.h> -#include <cert.h> -#include <certt.h> #include <nss.h> #include <pk11pub.h> #include <stdbool.h> @@ -445,8 +446,8 @@ SECItem *secitemp; SECStatus rv; PK11SlotInfo *pk11slot = NULL; + char *cert_name; CERTCertificate *cert = NULL; - char *cert_name; pdirs = get_all_profile_dirs(); @@ -458,7 +459,38 @@ while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) { cert_name = nss_cert_name(secitemp); - printf("Request to REMOVE cert: %s\n", cert_name); + for (int i=0; pdirs[i] != NULL; i++) + { + puts(pdirs[i]); + nss_list_certs(pdirs[i]); + + printf("Will now DELETE cert: '%s' from %s\n", cert_name, pdirs[i]); + if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) + == SECSuccess) + { + pk11slot = PK11_GetInternalKeySlot(); + cert = PK11_FindCertFromDERCertItem(pk11slot, + secitemp, NULL); + if (cert != NULL) + { + rv = SEC_DeletePermCertificate(cert); + if (rv != SECSuccess) + { + DEBUGPRINTF("Failed to remove certificate '%s' from '%s'!\n", cert_name, pdirs[i]); + DEBUGPRINTF("Error was %d\n", rv); + } + } + else + { + DEBUGPRINTF("Could not find Certificate %s in store.\n", cert_name); + } + CERT_DestroyCertificate(cert); + PK11_FreeSlot(pk11slot); + NSS_Shutdown(); + } + puts("List new:"); + nss_list_certs(pdirs[i]); + } free(cert_name); free(secitemp->data); free(secitemp); @@ -477,14 +509,11 @@ == SECSuccess) { pk11slot = PK11_GetInternalKeySlot(); - cert = CERT_DecodeCertFromPackage((char *)secitemp->data, (int)secitemp->len); - rv = PK11_ImportCert(pk11slot, cert, CK_INVALID_HANDLE, cert_name, PR_FALSE); + rv = PK11_ImportDERCert(pk11slot, secitemp, CK_INVALID_HANDLE, cert_name, PR_FALSE); if (rv != SECSuccess) { DEBUGPRINTF("Failed to install certificate '%s' to '%s'!\n", cert_name, pdirs[i]); DEBUGPRINTF("Error was %d\n", rv); } - CERT_DestroyCertificate(cert); - cert = NULL; PK11_FreeSlot(pk11slot); NSS_Shutdown(); }