The Tor Browser / annotate

security/nss/cmd/modutil/instsec.c@7e26c7da4463 (annotated)

security/nss/cmd/modutil/instsec.c

Wed, 31 Dec 2014 06:55:50 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:55:50 +0100
changeset 2
7e26c7da4463
permissions
-rw-r--r--

Added tag UPSTREAM_283F7C6 for changeset ca08bd8f51b2

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 #include <plarena.h>
michael@0 6 #include <prerror.h>
michael@0 7 #include <prio.h>
michael@0 8 #include <prprf.h>
michael@0 9 #include <seccomon.h>
michael@0 10 #include <secmod.h>
michael@0 11 #include <jar.h>
michael@0 12 #include <secutil.h>
michael@0 13
michael@0 14 /* These are installation functions that make calls to the security library.
michael@0 15 * We don't want to include security include files in the C++ code too much.
michael@0 16 */
michael@0 17
michael@0 18 static char* PR_fgets(char *buf, int size, PRFileDesc *file);
michael@0 19
michael@0 20 /***************************************************************************
michael@0 21 *
michael@0 22 * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
michael@0 23 */
michael@0 24 int
michael@0 25 Pk11Install_AddNewModule(char* moduleName, char* dllPath,
michael@0 26 unsigned long defaultMechanismFlags,
michael@0 27 unsigned long cipherEnableFlags)
michael@0 28 {
michael@0 29 return (SECMOD_AddNewModule(moduleName, dllPath,
michael@0 30 SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
michael@0 31 SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
michael@0 32 == SECSuccess) ? 0 : -1;
michael@0 33 }
michael@0 34
michael@0 35 /*************************************************************************
michael@0 36 *
michael@0 37 * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
michael@0 38 *
michael@0 39 * Gives the user feedback on the signatures of a JAR files, asks them
michael@0 40 * whether they actually want to continue.
michael@0 41 * Assumes the jar structure has already been created and is valid.
michael@0 42 * Returns 0 if the user wants to continue the installation, nonzero
michael@0 43 * if the user wishes to abort.
michael@0 44 */
michael@0 45 short
michael@0 46 Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
michael@0 47 {
michael@0 48 JAR_Context *ctx;
michael@0 49 JAR_Cert *fing;
michael@0 50 JAR_Item *item;
michael@0 51 char stdinbuf[80];
michael@0 52 int count=0;
michael@0 53
michael@0 54 CERTCertificate *cert, *prev=NULL;
michael@0 55
michael@0 56 PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
michael@0 57
michael@0 58 ctx = JAR_find(jar, NULL, jarTypeSign);
michael@0 59
michael@0 60 while(JAR_find_next(ctx, &item) >= 0 ) {
michael@0 61 fing = (JAR_Cert*) item->data;
michael@0 62 cert = fing->cert;
michael@0 63 if(cert==prev) {
michael@0 64 continue;
michael@0 65 }
michael@0 66
michael@0 67 count++;
michael@0 68 PR_fprintf(out, "----------------------------------------------\n");
michael@0 69 if(cert) {
michael@0 70 if(cert->nickname) {
michael@0 71 PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
michael@0 72 }
michael@0 73 if(cert->subjectName) {
michael@0 74 PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
michael@0 75 if(cert->issuerName) {
michael@0 76 PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
michael@0 77 }
michael@0 78 } else {
michael@0 79 PR_fprintf(out, "No matching certificate could be found.\n");
michael@0 80 }
michael@0 81 PR_fprintf(out, "----------------------------------------------\n\n");
michael@0 82
michael@0 83 prev=cert;
michael@0 84 }
michael@0 85
michael@0 86 JAR_find_end(ctx);
michael@0 87
michael@0 88 if(count==0) {
michael@0 89 PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
michael@0 90 }
michael@0 91
michael@0 92 if(query) {
michael@0 93 PR_fprintf(out,
michael@0 94 "Do you wish to continue this installation? (y/n) ");
michael@0 95
michael@0 96 if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
michael@0 97 char *response;
michael@0 98
michael@0 99 if( (response=strtok(stdinbuf, " \t\n\r")) ) {
michael@0 100 if( !PL_strcasecmp(response, "y") ||
michael@0 101 !PL_strcasecmp(response, "yes") ) {
michael@0 102 return 0;
michael@0 103 }
michael@0 104 }
michael@0 105 }
michael@0 106 }
michael@0 107
michael@0 108 return 1;
michael@0 109 }
michael@0 110
michael@0 111 /**************************************************************************
michael@0 112 *
michael@0 113 * P R _ f g e t s
michael@0 114 *
michael@0 115 * fgets implemented with NSPR.
michael@0 116 */
michael@0 117 static char*
michael@0 118 PR_fgets(char *buf, int size, PRFileDesc *file)
michael@0 119 {
michael@0 120 int i;
michael@0 121 int status;
michael@0 122 char c;
michael@0 123
michael@0 124 i=0;
michael@0 125 while(i < size-1) {
michael@0 126 status = PR_Read(file, (void*) &c, 1);
michael@0 127 if(status==-1) {
michael@0 128 return NULL;
michael@0 129 } else if(status==0) {
michael@0 130 break;
michael@0 131 }
michael@0 132 buf[i++] = c;
michael@0 133 if(c=='\n') {
michael@0 134 break;
michael@0 135 }
michael@0 136 }
michael@0 137 buf[i]='\0';
michael@0 138
michael@0 139 return buf;
michael@0 140 }
michael@0 141
michael@0 142 /**************************************************************************
michael@0 143 *
michael@0 144 * m y S E C U _ E r r o r S t r i n g
michael@0 145 *
michael@0 146 */
michael@0 147 const char* mySECU_ErrorString(PRErrorCode errnum)
michael@0 148 {
michael@0 149 return SECU_Strerror(errnum);
michael@0 150 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial