📄 advisor.c
字号:
if (numcerts > 1) { char * formName = NULL, *params = NULL; rv = SSM_HTTPParamValue(req, "formName", &formName); if (rv != SSM_SUCCESS || !formName) SSM_DEBUG("AdvisorContext_FindCertByNickname:Can't get original form\n"); params = PR_smprintf("origin=%s",formName); cx->m_nickname = SSM_ConvertStringToHTMLString(certNickname); rv = SSMControlConnection_SendUIEvent(cx->super.m_connection, "get", "choose_cert", &cx->super, params, &cx->super.m_clientContext); /* Now wait until we are notified by the handler that the user * has selected a cert. */ SSM_LockUIEvent(&cx->super); SSM_WaitUIEvent(&cx->super, PR_INTERVAL_NO_TIMEOUT); cert = (CERTCertificate*)cx->super.m_connection->super.super.m_uiData; if (cx->super.m_buttonType != SSM_BUTTON_CANCEL) { /* * If we don't sleep for a bit here, we cause the client to crash * because it tries to re-use a window that gets killed. */ PR_Sleep(PR_TicksPerSecond()*1); } PR_FREEIF(cx->m_nickname); cx->m_nickname = NULL; PR_FREEIF(params); } else { cert = CERT_FindCertByNickname(cx->super.m_connection->m_certdb, certNickname); cx->super.m_buttonType = SSM_BUTTON_OK; } CERT_DestroyCertList(certList); return cert; loser: PR_FREEIF(htmlTemplate); if (certList != NULL) { CERT_DestroyCertList(certList); } if (cert != NULL) { CERT_DestroyCertificate(cert); } if (textGenCx != NULL) { SSMTextGen_DestroyContext(textGenCx); } return NULL;}typedef struct SSMFindMineArgStr { CERTCertList *certList; SSMControlConnection *ctrl;} SSMFindMineArg;static SSMStatusssm_find_all_mine(PRIntn index, void *arg, void *key, void *itemdata){ ssmCertData * data = (ssmCertData*)itemdata; SSMFindMineArg *findArg = (SSMFindMineArg*) arg; char *nick = (char*)key; SSMStatus rv = SSM_FAILURE; if (data->usage == clAllMine) { CERTCertList *tmpList; tmpList = CERT_CreateNicknameCertList(findArg->certList, findArg->ctrl->m_certdb, nick, PR_Now(), PR_FALSE); if (tmpList != NULL) { rv = SSM_SUCCESS; } } return rv;}SSMStatusSSMSecurityAdvisorContext_BackupAllMineCerts(SSMSecurityAdvisorContext *cx, HTTPRequest *req){ SSMFindMineArg arg; CERTCertList *certList=NULL; SSMPKCS12Context *p12Cxt=NULL; SSMPKCS12CreateArg p12Create; SSMResourceID rid; SSMStatus rv; CERTCertificate **certArr = NULL; int numCerts,i, finalCerts, currIndex; CERTCertListNode *node; PRIntn numNicks; const char *responseKey; certList = CERT_NewCertList(); if (certList == NULL) { goto loser; } arg.certList = certList; arg.ctrl = req->ctrlconn; numNicks = SSMSortedList_Enumerate(cx->m_certhash, ssm_find_all_mine, &arg); if (numNicks <= 0){ /* No certs to backup */ SSM_HTTPReportError(req, HTTP_NO_CONTENT); goto loser; } certList = arg.certList; p12Create.isExportContext = PR_TRUE; rv = (SSMStatus) SSM_CreateResource(SSM_RESTYPE_PKCS12_CONTEXT, (void*)&p12Create, req->ctrlconn, &rid, (SSMResource**)(&p12Cxt)); if (rv != SSM_SUCCESS) { goto loser; } SSM_CopyCMTItem(&p12Cxt->super.m_clientContext, &cx->super.m_clientContext); numCerts = SSM_CertListCount(certList); certArr = SSM_NEW_ARRAY(CERTCertificate*,numCerts); if (certArr == NULL) { goto loser; } node = CERT_LIST_HEAD(certList); for (i=0, currIndex=0, finalCerts=numCerts; i<numCerts; i++) { if (node->cert->slot == NULL || PK11_IsInternal(node->cert->slot)) { certArr[currIndex] = node->cert; currIndex++; } else { finalCerts--; } node = CERT_LIST_NEXT(node); } rv = SSMPKCS12Context_CreatePKCS12FileForMultipleCerts(p12Cxt, PR_TRUE, certArr, finalCerts); PR_Free(certArr); certArr = NULL; CERT_DestroyCertList(certList); certList = NULL; if (rv == SSM_SUCCESS) { responseKey = (finalCerts > 1) ? "pkcs12_backup_multiple_success" : "pkcs12_backup_success"; } else { if (p12Cxt->super.m_buttonType == SSM_BUTTON_CANCEL) { goto loser; } else { responseKey = SSMUI_GetPKCS12Error(rv, PR_TRUE); } } SSM_FreeResource(&p12Cxt->super); p12Cxt = NULL; if (SSMSecurityAdvisorContext_DoPKCS12Response(req, responseKey) != SSM_SUCCESS) { goto loser; } return SSM_SUCCESS; loser: PR_FREEIF(certArr); if (certList != NULL) { CERT_DestroyCertList(certList); } if (p12Cxt != NULL) { SSM_FreeResource(&p12Cxt->super); } SSM_HTTPReportError(req, HTTP_NO_CONTENT); return SSM_FAILURE;}SSMStatus SSMSecurityAdvisorContext_DoPKCS12Backup( SSMSecurityAdvisorContext *cx, HTTPRequest *req){ SSMStatus rv; char *certNickname; const char *responseKey; SSMPKCS12CreateArg p12Create; SSMResourceID rid; SSMPKCS12Context *p12Cxt; p12Create.isExportContext = PR_TRUE; rv = (SSMStatus) SSM_CreateResource(SSM_RESTYPE_PKCS12_CONTEXT, (void*)&p12Create, SSMRESOURCE(cx)->m_connection, &rid, (SSMResource **)(&p12Cxt)); if (rv != PR_SUCCESS) { goto loser; } /* pass along Advisor's client context for window management */ SSM_CopyCMTItem(&((SSMResource *)p12Cxt)->m_clientContext, &((SSMResource *)cx)->m_clientContext); rv = SSM_HTTPParamValue(req, "selectCert", &certNickname); if (rv != SSM_SUCCESS) { goto loser; } p12Cxt->m_cert = SSMSecurityAdvisorContext_FindCertByNickname(cx, req, certNickname); if (cx->super.m_buttonType == SSM_BUTTON_CANCEL) { goto loser; } if (p12Cxt->m_cert == NULL) { goto loser; } /* p12Cxt->super.m_clientContext = cx->super.m_clientContext; */ rv = SSMPKCS12Context_CreatePKCS12File(p12Cxt, PR_TRUE); if (rv == SSM_SUCCESS) { responseKey = "pkcs12_backup_success"; } else { if (p12Cxt->super.m_buttonType == SSM_BUTTON_CANCEL) { goto loser; } else { responseKey = SSMUI_GetPKCS12Error(rv, PR_TRUE); } } if (SSMSecurityAdvisorContext_DoPKCS12Response(req, responseKey) != SSM_SUCCESS) { goto loser; } SSM_FreeResource(&p12Cxt->super); return SSM_SUCCESS; loser: if (p12Cxt != NULL) { SSM_FreeResource(&p12Cxt->super); } SSM_HTTPReportError(req, HTTP_NO_CONTENT); return SSM_FAILURE;}SSMStatus SSMSecurityAdvisorContext_Process_cert_mine_form( SSMSecurityAdvisorContext *res, HTTPRequest *req){ SSMStatus rv= SSM_FAILURE; char *button; /* Figure out which one of the buttons on the form was pressed. */ if (SSM_HTTPParamValue(req, "backup", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSMSecurityAdvisorContext_DoPKCS12Backup(res, req); } } else if (SSM_HTTPParamValue(req, "restore", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSMSecurityAdvisorContext_DoPKCS12Restore(res, req); } } else if (SSM_HTTPParamValue(req, "delete", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSM_ProcessCertDeleteButton(req); } } else if (SSM_HTTPParamValue(req, "password", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSM_ProcessPasswordWindow(req); } } else if (SSM_HTTPParamValue(req, "ldap", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSM_ProcessLDAPWindow(req); } } else if (SSM_HTTPParamValue(req, "backup_all", &button) == SSM_SUCCESS) { if (button != NULL) { rv = SSMSecurityAdvisorContext_BackupAllMineCerts(res, req); } } return rv;}static SSMStatusSSMSecurityAdvisorContext_SetConfigOCSP(SSMSecurityAdvisorContext *cx, HTTPRequest *req){ char *responderURL = NULL, *caNickname = NULL; char *enableOCSP = NULL, *enableDefaultResponder = NULL; CERTCertDBHandle *db; SSMStatus rv; SECStatus srv; db = cx->super.m_connection->m_certdb; rv = SSM_HTTPParamValue(req, "enableOCSP", &enableOCSP); if (rv != SSM_SUCCESS) { goto loser; } if (!strcmp(enableOCSP,"noOCSP")) { CERT_DisableOCSPChecking(db); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.enabled", PR_FALSE); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.useDefaultResponder", PR_FALSE); CERT_DisableOCSPChecking(db); CERT_DisableOCSPDefaultResponder(db); } else if (!strcmp(enableOCSP,"noDefaultResponder")) { srv = CERT_EnableOCSPChecking(db); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.enabled", PR_TRUE); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.useDefaultResponder", PR_FALSE); if (srv != SECSuccess) { goto loser; } CERT_DisableOCSPDefaultResponder(db); } else if (!strcmp(enableOCSP,"useDefaultResponder")) { srv = CERT_EnableOCSPChecking(db); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.enabled", PR_TRUE); SSMControlConnection_SaveBoolPref(req->ctrlconn, "security.OCSP.useDefaultResponder", PR_TRUE); if (srv != SECSuccess) { goto loser; } rv = SSM_HTTPParamValue(req, "ocspURL", &responderURL); if (rv != SSM_SUCCESS) { goto loser; } SSMControlConnection_SaveStringPref(req->ctrlconn, "security.OCSP.URL", responderURL); rv = SSM_HTTPParamValue(req, "selectCert", &caNickname); if (rv != SSM_SUCCESS) { goto loser; } SSMControlConnection_SaveStringPref(req->ctrlconn, "security.OCSP.signingCA", caNickname); srv = CERT_SetOCSPDefaultResponder(db, responderURL, caNickname); if (srv != SECSuccess) { goto loser; } srv = CERT_EnableOCSPDefaultResponder(db); if (srv != SECSuccess) { goto loser; } } else { goto loser; } return SSM_SUCCESS; loser: return SSM_FAILURE;}static SSMStatusSSMSecurityAdvisorContext_ProcessOCSPForm(SSMSecurityAdvisorContext *cx, HTTPRequest *req){ SSMStatus rv = SSM_SUCCESS; /* * First, if the Cancel button was pressed, then don't * process the form. */ if (cx->super.m_buttonType == SSM_BUTTON_OK) { rv = SSMSecurityAdvisorContext_SetConfigOCSP(cx, req); } SSM_HTTPDefaultCommandHandler(req); return rv;}SSMStatus SSMSecurityAdvisorContext_FormSubmitHandler(SSMResource *res, HTTPRequest *req){ SSMStatus rv; char *formName; if (!SSM_IsAKindOf(res, SSM_RESTYPE_SECADVISOR_CONTEXT)) { return SSM_FAILURE; } /* First figure out which form we're processing. */ rv = SSM_HTTPParamValue(req, "formName", &formName); if (rv != SSM_SUCCESS) { goto loser; } if (PL_strcmp(formName, "prefs_submit_form") == 0) { /* save pref changes and close the Security Advisor */ rv = SSMSecurityAdvisorContext_SavePrefs ((SSMSecurityAdvisorContext*)res, req); } else if (!strcmp(formName, "cert_mine_form") || !strcmp(formName, "cert_others_form") || !strcmp(formName, "cert_websites_form") || !strcmp(formName, "cert_authorities_form")) { rv = SSMSecurityAdvisorContext_Process_cert_mine_form ((SSMSecurityAdvisorContext*)res, req); } else if (!strcmp(formName, "choose_cert_by_usage")) { rv = SSM_ChooseCertUsageHandler(req); } else if (!strcmp(formName, "set_db_password")) { rv = SSM_SetDBPasswordHandler(req); } else if (!strcmp(formName, "configureOCSPForm")){ rv = SSMSecurityAdvisorContext_ProcessOCSPForm ((SSMSecurityAdvisorContext*)res, req); } else { rv = SSM_ERR_BAD_REQUEST; SSM_HTTPReportSpecificError(req, "Do not know how to process form %s", formName); } loser: return rv;}SSMStatus⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -