Mercurial > trustbridge > trustbridge

changeset 223:d29997e09177

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
NSS first Blood. Added code to list certs in found stores.
author Sascha Wilde <wilde@intevation.de>
date Thu, 27 Mar 2014 12:46:46 +0100
parents e6c5c70a67b0
children 689b94dd89a9
files cinst/CMakeLists.txt cinst/mozilla.c
diffstat 2 files changed, 61 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/cinst/CMakeLists.txt	Wed Mar 26 20:21:55 2014 +0100
+++ b/cinst/CMakeLists.txt	Thu Mar 27 12:46:46 2014 +0100
@@ -8,13 +8,8 @@
     ${CMAKE_CURRENT_SOURCE_DIR}/windowsstore.c
     ${CMAKE_CURRENT_SOURCE_DIR}/main.c
 )
+add_executable(cinst ${CINST_SOURCES})
 
-set(MOZILLA_SOURCES
-   ${CMAKE_CURRENT_SOURCE_DIR}/mozilla.c
-)
-
-add_executable(cinst ${CINST_SOURCES})
-add_executable(mozilla ${MOZILLA_SOURCES})
 if (WIN32)
    set(WIN_EXTRA_LIBS -lcrypt32)
 endif(WIN32)
@@ -27,11 +22,26 @@
 
 install(TARGETS cinst DESTINATION bin)
 
-target_link_libraries(mozilla
+# ----------------------------------------------------------------------
+# Mozilla nss store specific certificate installer:
+
+include(FindPkgConfig)
+# FIXME: maybe a minimal version would be wise...
+pkg_check_modules (NSS  nss)
+include_directories(${NSS_INCLUDE_DIRS})
+
+if(NSS_FOUND)
+  set(MOZILLA_SOURCES
+    ${CMAKE_CURRENT_SOURCE_DIR}/mozilla.c
+    )
+  add_executable(mozilla ${MOZILLA_SOURCES})
+  target_link_libraries(mozilla
    m13_common
    ${POLARSSL_LIBRARIES}
+   ${NSS_LIBRARIES}
    ${PROFILING_LIBS})
-
-set_target_properties(mozilla PROPERTIES COMPILE_FLAGS "-std=c99")
- 
-install(TARGETS mozilla DESTINATION bin)
+ set_target_properties(mozilla PROPERTIES COMPILE_FLAGS "-std=c99")
+ install(TARGETS mozilla DESTINATION bin)
+else()
+   message(STATUS "WARNING: Could not find nss. Mozilla cert installer will not be build!")
+endif()
--- a/cinst/mozilla.c	Wed Mar 26 20:21:55 2014 +0100
+++ b/cinst/mozilla.c	Thu Mar 27 12:46:46 2014 +0100
@@ -49,6 +49,10 @@
  * */
 
 #include <dirent.h>
+#include <nss/cert.h>
+#include <nss/certt.h>
+#include <nss/nss.h>
+#include <nss/pk11pub.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -62,10 +66,10 @@
 
 #ifndef _WIN32
 #define CONFDIRS ".mozilla", ".thunderbird"
-#define LINUX 1
+#define TARGET_LINUX 1
 #else
 #define CONFDIRS "Mozilla", "Thunderbird"
-#define LINUX 0
+#define TARGET_LINUX 0
 #endif
 
 #define LINEBUFLEN 1000
@@ -91,7 +95,7 @@
 {
   char *cdir, *envvar;
 
-  if (LINUX)
+  if (TARGET_LINUX)
     envvar = "HOME" ;
   else
     envvar = "APPDATA";
@@ -250,11 +254,38 @@
   return inis;
 }
 
+/**
+ * @brief list certificates from nss certificate store
+ * @param[in] confdir the directory with the certificate store
+ */
+static void
+nss_list_certs (char *confdir)
+{
+  CERTCertList *list;
+  CERTCertListNode *node;
+  char *name;
+  
+  if (NSS_Initialize(confdir, "", "", "secmod.db", NSS_INIT_READONLY)
+      == SECSuccess)
+    {
+      list = PK11_ListCerts(PK11CertListAll, NULL);
+      for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
+           node = CERT_LIST_NEXT(node)) {
+        name = node->appData;
+
+        printf ("Found certificate \"%s\"\n", name);
+      }
+      CERT_DestroyCertList(list);
+      NSS_Shutdown();
+    }
+  else
+    DEBUGFPRINT("Could not open nss cer store in %s!", confdir);
+}
+
 
 int
 main ()
 {
-  int x = 0;
   int y = 0;
   char **mozinis, **pdirs;
   if ((mozinis = get_profile_inis()) != NULL)
@@ -264,9 +295,11 @@
           get_profile_dirs(mozinis[y++]);
         if (pdirs != NULL)
           {
-            x = 0;
-            while (pdirs[x] != NULL)
-              puts(pdirs[x++]);
+            for (int x=0; pdirs[x] != NULL; x++)
+              {
+                puts(pdirs[x]);
+                nss_list_certs(pdirs[x]);
+              }
             strv_free(pdirs);
           }
       }
http://wald.intevation.org/projects/trustbridge/