Mercurial > trustbridge > trustbridge

changeset 244:0145d2401f46

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Input parser works. Added debug output for collected cert data.
author Sascha Wilde <wilde@intevation.de>
date Fri, 28 Mar 2014 19:28:01 +0100
parents 4b67cc2d4dad
children fbd74e2370de
files cinst/mozilla.c
diffstat 1 files changed, 101 insertions(+), 48 deletions(-) [+]
line wrap: on
line diff
--- a/cinst/mozilla.c	Fri Mar 28 18:38:34 2014 +0100
+++ b/cinst/mozilla.c	Fri Mar 28 19:28:01 2014 +0100
@@ -60,7 +60,7 @@
 #include "errorcodes.h"
 #include "portpath.h"
 #include "strhelp.h"
-
+#include "nss-secitemlist.h"
 
 #ifndef _WIN32
 #define CONFDIRS ".mozilla", ".thunderbird"
@@ -332,64 +332,117 @@
     DEBUGPRINTF("Could not open nss cer store in %s!", confdir);
 }
 
+static bool
+base64_to_secitem(char *b64, size_t b64len, SECItem *secitem)
+{
+  unsigned char *dercert = NULL;
+  size_t dercertlen;
+
+  if ( str_base64_decode((char **)(&dercert), &dercertlen,
+                         b64, b64len) == 0 )
+    {
+      secitem->data = dercert;
+      secitem->len = dercertlen;
+      return true;
+    }
+  else
+    DEBUGPRINTF("Base64 decode failed for: %s\n", b64);
+    return false;
+}
+
+/**
+ * @brief Parse IPC commands from standard input.
+ *
+ * Reads command lines (R: and I:) from standard input and puts the
+ * certificates to process in two SECItem lists holding the
+ * certificates in DER format.
+ * @param[inout] install_list list of SECItems with certifiactes to install
+ * @param[inout] remove_list list of SECItems with certifiactes to remove
+ */
+static void
+parse_commands (seciteml_t **install_list, seciteml_t **remove_list)
+{
+  char inpl[LINEBUFLEN];
+  size_t inpllen;
+  bool parserr = true;
+  SECItem secitem;
+
+  while ( fgets(inpl, LINEBUFLEN, stdin) != NULL )
+    {
+      inpllen = strnlen(inpl, LINEBUFLEN);
+      /* Validate input line:
+       * - must be (much) longer than 3 characters
+       * - must start with "*:"
+       */
+      if ((inpllen > 3) && (inpl[1] == ':'))
+        /* Now parse Input */
+        switch(inpl[0])
+          {
+          case 'R':
+            parserr = true;
+            DEBUGPRINTF("Request to remove certificate: %s\n", &inpl[2]);
+            if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem))
+              {
+                seciteml_push(remove_list, &secitem);
+                parserr = false;
+              }
+            break;
+          case 'I':
+            parserr = true;
+            DEBUGPRINTF("Request to install certificate: %s\n", &inpl[2]);
+            if (base64_to_secitem(&inpl[2], inpllen - 2, &secitem))
+              {
+                seciteml_push(install_list, &secitem);
+                parserr = false;
+              }
+            break;
+          default:
+            parserr = true;
+          }
+      else
+        {
+          parserr = true;
+        }
+
+      if (parserr)
+        {
+          DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl);
+          exit(ERR_MOZ_INVALID_INPUT);
+        }
+    }
+}
+
 
 int
 main ()
 {
-  char inpl[LINEBUFLEN];
-  size_t inpllen;
-  char *dercert;
-  size_t dercertlen;
   char **pdirs;
-  bool parserr = true;
+  seciteml_t *certs_to_remove = NULL;
+  seciteml_t *certs_to_add = NULL;
+  SECItem *secitemp;
+
   pdirs =
     get_all_profile_dirs();
 
   if (pdirs != NULL)
     {
-      while ( fgets(inpl, LINEBUFLEN, stdin) != NULL )
+      parse_commands(&certs_to_add, &certs_to_remove);
+
+      while ((secitemp = seciteml_pop(&certs_to_remove)) != NULL)
         {
-          inpllen = strnlen(inpl, LINEBUFLEN);
-          /* Validate input line:
-           * - must be (much) longer than 3 characters
-           * - must start with "*:"
-           */
-          if ((inpllen > 3) && (inpl[1] == ':'))
-            /* Now parse Input */
-            switch(inpl[0])
-              {
-              case 'R':
-                parserr = true;
-                DEBUGPRINTF("Removing Certificate: %s", &inpl[2]);
-                if ( str_base64_decode(&dercert, &dercertlen,
-                                       &inpl[2], inpllen-2) == 0 )
-                  {
-                    DEBUGPRINTF("Successfully b64 decoded cert: '");
-                    write(2, dercert, dercertlen);
-                    fprintf(stderr,"'\n");
-                    free(dercert);
-                    parserr = false;
-                  }
-                else
-                  DEBUGPRINTF("Base64 decoded failed!\n'");
-                break;
-              case 'I':
-                DEBUGPRINTF("Installing Certificate: %s", &inpl[2]);
-                parserr = false;
-                break;
-              default:
-                parserr = true;
-              }
-          else
-            {
-              parserr = true;
-            }
-
-          if (parserr)
-            {
-              DEBUGPRINTF("FATAL: Invalid input: %s\n", inpl);
-              exit(ERR_MOZ_INVALID_INPUT);
-            }
+          fprintf(stderr,"CERT TO REMOVE :'");
+          write(2, secitemp->data, secitemp->len);
+          fprintf(stderr,"'\n");
+          free(secitemp->data);
+          free(secitemp);
+        }
+      while ((secitemp = seciteml_pop(&certs_to_add)) != NULL)
+        {
+          fprintf(stderr,"CERT TO ADD :'");
+          write(2, secitemp->data, secitemp->len);
+          fprintf(stderr,"'\n");
+          free(secitemp->data);
+          free(secitemp);
         }
 
       for (int i=0; pdirs[i] != NULL; i++)
http://wald.intevation.org/projects/trustbridge/