changeset 223:d29997e09177

NSS first Blood. Added code to list certs in found stores.
author Sascha Wilde <wilde@intevation.de>
date Thu, 27 Mar 2014 12:46:46 +0100
parents e6c5c70a67b0
children 689b94dd89a9
files cinst/CMakeLists.txt cinst/mozilla.c
diffstat 2 files changed, 61 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/cinst/CMakeLists.txt	Wed Mar 26 20:21:55 2014 +0100
+++ b/cinst/CMakeLists.txt	Thu Mar 27 12:46:46 2014 +0100
@@ -8,13 +8,8 @@
     ${CMAKE_CURRENT_SOURCE_DIR}/windowsstore.c
     ${CMAKE_CURRENT_SOURCE_DIR}/main.c
 )
+add_executable(cinst ${CINST_SOURCES})
 
-set(MOZILLA_SOURCES
-   ${CMAKE_CURRENT_SOURCE_DIR}/mozilla.c
-)
-
-add_executable(cinst ${CINST_SOURCES})
-add_executable(mozilla ${MOZILLA_SOURCES})
 if (WIN32)
    set(WIN_EXTRA_LIBS -lcrypt32)
 endif(WIN32)
@@ -27,11 +22,26 @@
 
 install(TARGETS cinst DESTINATION bin)
 
-target_link_libraries(mozilla
+# ----------------------------------------------------------------------
+# Mozilla nss store specific certificate installer:
+
+include(FindPkgConfig)
+# FIXME: maybe a minimal version would be wise...
+pkg_check_modules (NSS  nss)
+include_directories(${NSS_INCLUDE_DIRS})
+
+if(NSS_FOUND)
+  set(MOZILLA_SOURCES
+    ${CMAKE_CURRENT_SOURCE_DIR}/mozilla.c
+    )
+  add_executable(mozilla ${MOZILLA_SOURCES})
+  target_link_libraries(mozilla
    m13_common
    ${POLARSSL_LIBRARIES}
+   ${NSS_LIBRARIES}
    ${PROFILING_LIBS})
-
-set_target_properties(mozilla PROPERTIES COMPILE_FLAGS "-std=c99")
- 
-install(TARGETS mozilla DESTINATION bin)
+ set_target_properties(mozilla PROPERTIES COMPILE_FLAGS "-std=c99")
+ install(TARGETS mozilla DESTINATION bin)
+else()
+   message(STATUS "WARNING: Could not find nss. Mozilla cert installer will not be build!")
+endif()
--- a/cinst/mozilla.c	Wed Mar 26 20:21:55 2014 +0100
+++ b/cinst/mozilla.c	Thu Mar 27 12:46:46 2014 +0100
@@ -49,6 +49,10 @@
  * */
 
 #include <dirent.h>
+#include <nss/cert.h>
+#include <nss/certt.h>
+#include <nss/nss.h>
+#include <nss/pk11pub.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -62,10 +66,10 @@
 
 #ifndef _WIN32
 #define CONFDIRS ".mozilla", ".thunderbird"
-#define LINUX 1
+#define TARGET_LINUX 1
 #else
 #define CONFDIRS "Mozilla", "Thunderbird"
-#define LINUX 0
+#define TARGET_LINUX 0
 #endif
 
 #define LINEBUFLEN 1000
@@ -91,7 +95,7 @@
 {
   char *cdir, *envvar;
 
-  if (LINUX)
+  if (TARGET_LINUX)
     envvar = "HOME" ;
   else
     envvar = "APPDATA";
@@ -250,11 +254,38 @@
   return inis;
 }
 
+/**
+ * @brief list certificates from nss certificate store
+ * @param[in] confdir the directory with the certificate store
+ */
+static void
+nss_list_certs (char *confdir)
+{
+  CERTCertList *list;
+  CERTCertListNode *node;
+  char *name;
+  
+  if (NSS_Initialize(confdir, "", "", "secmod.db", NSS_INIT_READONLY)
+      == SECSuccess)
+    {
+      list = PK11_ListCerts(PK11CertListAll, NULL);
+      for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
+           node = CERT_LIST_NEXT(node)) {
+        name = node->appData;
+
+        printf ("Found certificate \"%s\"\n", name);
+      }
+      CERT_DestroyCertList(list);
+      NSS_Shutdown();
+    }
+  else
+    DEBUGFPRINT("Could not open nss cer store in %s!", confdir);
+}
+
 
 int
 main ()
 {
-  int x = 0;
   int y = 0;
   char **mozinis, **pdirs;
   if ((mozinis = get_profile_inis()) != NULL)
@@ -264,9 +295,11 @@
           get_profile_dirs(mozinis[y++]);
         if (pdirs != NULL)
           {
-            x = 0;
-            while (pdirs[x] != NULL)
-              puts(pdirs[x++]);
+            for (int x=0; pdirs[x] != NULL; x++)
+              {
+                puts(pdirs[x]);
+                nss_list_certs(pdirs[x]);
+              }
             strv_free(pdirs);
           }
       }

http://wald.intevation.org/projects/trustbridge/