static gboolean
RemoveTrustCert(const gchar *clientCertPemFile)
{
gboolean ret = FALSE;
int last, num;
gchar *hash = NULL;
gchar *src = NULL;
gchar *dst = NULL;
if (!ValidateEnvironment(TRUE)) {
goto exit;
}
if (!g_file_test(clientCertPemFile, G_FILE_TEST_IS_REGULAR)) {
Error("No certificate file found at %s.\n", clientCertPemFile);
goto exit;
}
hash = CertKey_ComputeCertPemFileHash(clientCertPemFile);
if (!hash) {
goto exit;
}
if (!CertUtil_FindCert(clientCertPemFile, guestProxyTrustedDir, hash,
&num, &last) || num < 0) {
Error("Couldn't find any certificate in the trusted directory.\n");
goto exit;
}
dst = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, num);
if (last != num) {
src = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, last);
if (rename(src, dst) != 0) {
Error("Failed to rename %s to %s with error: %s.",
src, dst, strerror(errno));
goto exit;
}
} else {
if (unlink(dst) != 0) {
Error("Failed to remove %s with error: %s.", dst, strerror(errno));
goto exit;
}
}
ret = TRUE;
printf("Successfully removed the certificate.\n");
exit:
g_free(hash);
g_free(src);
g_free(dst);
return ret;
}
gboolean
CertUtil_FindCert(const gchar *certFile, // IN
const gchar *certDir, // IN
const gchar *hash, // IN
int *num, // OUT
int *last) // OUT
{
gboolean ret = FALSE;
const GList *node;
GList *list = NULL;
gchar *path = NULL;
*last = *num = -1;
if (!SearchFile(certDir, hash, &list)) {
goto exit;
}
ret = TRUE;
if (!list) {
goto exit;
}
/* *last = the highest file version */
node = g_list_last(list);
*last = GPOINTER_TO_INT(node->data);
for (node = g_list_first(list); node; node = g_list_next(node)) {
gboolean same = FALSE;
int ext = GPOINTER_TO_INT(node->data);
g_free(path);
path = CertUtil_CreateCertFileName(certDir, hash, ext);
if (!CompareFile(certFile, path, &same)) {
ret = FALSE;
goto exit;
}
if (same) {
*num = ext;
break;
}
}
exit:
g_free(path);
if (list) {
g_list_free(list);
}
return ret;
}
static gboolean
AddTrustCert(const gchar *clientCertPemFile) // IN
{
gboolean ret = FALSE;
int last, num;
gchar *hash = NULL;
gchar *path = NULL;
if (!ValidateEnvironment(TRUE)) {
goto exit;
}
if (!g_file_test(clientCertPemFile, G_FILE_TEST_IS_REGULAR)) {
Error("No certificate file found at %s.\n", clientCertPemFile);
goto exit;
}
hash = CertKey_ComputeCertPemFileHash(clientCertPemFile);
if (!hash) {
goto exit;
}
if (CertUtil_FindCert(clientCertPemFile, guestProxyTrustedDir, hash,
&num, &last) && num >= 0) {
Error("The specified certificate file already exists: %s.%d.\n",
hash, num);
goto exit;
}
path = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, last + 1);
if (!CertUtil_CopyFile(clientCertPemFile, path)) {
Error("Unable to add %s to the trusted certificate store.\n",
clientCertPemFile);
goto exit;
}
printf("Successfully added the %s to the trusted certificate store.\n",
clientCertPemFile);
ret = TRUE;
exit:
g_free(hash);
g_free(path);
return ret;
}
