Mercurial > trustbridge
changeset 269:f7471604bb31
Deletion of certificates implemented.
We are feature complete!
Only some cleanup, refactoring and stabilisation to do...
author | Sascha Wilde <wilde@intevation.de> |
---|---|
date | Wed, 02 Apr 2014 10:30:49 +0200 |
parents | a7c6a21aba38 |
children | 9d2ac9b6a5b0 |
files | cinst/mozilla.c |
diffstat | 1 files changed, 36 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/cinst/mozilla.c Tue Apr 01 19:10:05 2014 +0200 +++ b/cinst/mozilla.c Wed Apr 02 10:30:49 2014 +0200 @@ -43,9 +43,10 @@ /* REMOVEME: */ #include <unistd.h> +#include <cert.h> +#include <certdb.h> +#include <certt.h> #include <dirent.h> -#include <cert.h> -#include <certt.h> #include <nss.h> #include <pk11pub.h> #include <stdbool.h> @@ -446,6 +447,7 @@ SECStatus rv; PK11SlotInfo *pk11slot = NULL; char *cert_name; + CERTCertificate *cert = NULL; pdirs = get_all_profile_dirs(); @@ -457,7 +459,38 @@ while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL) { cert_name = nss_cert_name(secitemp); - printf("Request to REMOVE cert: %s\n", cert_name); + for (int i=0; pdirs[i] != NULL; i++) + { + puts(pdirs[i]); + nss_list_certs(pdirs[i]); + + printf("Will now DELETE cert: '%s' from %s\n", cert_name, pdirs[i]); + if (NSS_Initialize(pdirs[i], "", "", "secmod.db", 0) + == SECSuccess) + { + pk11slot = PK11_GetInternalKeySlot(); + cert = PK11_FindCertFromDERCertItem(pk11slot, + secitemp, NULL); + if (cert != NULL) + { + rv = SEC_DeletePermCertificate(cert); + if (rv != SECSuccess) + { + DEBUGPRINTF("Failed to remove certificate '%s' from '%s'!\n", cert_name, pdirs[i]); + DEBUGPRINTF("Error was %d\n", rv); + } + } + else + { + DEBUGPRINTF("Could not find Certificate %s in store.\n", cert_name); + } + CERT_DestroyCertificate(cert); + PK11_FreeSlot(pk11slot); + NSS_Shutdown(); + } + puts("List new:"); + nss_list_certs(pdirs[i]); + } free(cert_name); free(secitemp->data); free(secitemp);