static gboolean RemoveTrustCert(const gchar *clientCertPemFile) { gboolean ret = FALSE; int last, num; gchar *hash = NULL; gchar *src = NULL; gchar *dst = NULL; if (!ValidateEnvironment(TRUE)) { goto exit; } if (!g_file_test(clientCertPemFile, G_FILE_TEST_IS_REGULAR)) { Error("No certificate file found at %s.\n", clientCertPemFile); goto exit; } hash = CertKey_ComputeCertPemFileHash(clientCertPemFile); if (!hash) { goto exit; } if (!CertUtil_FindCert(clientCertPemFile, guestProxyTrustedDir, hash, &num, &last) || num < 0) { Error("Couldn't find any certificate in the trusted directory.\n"); goto exit; } dst = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, num); if (last != num) { src = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, last); if (rename(src, dst) != 0) { Error("Failed to rename %s to %s with error: %s.", src, dst, strerror(errno)); goto exit; } } else { if (unlink(dst) != 0) { Error("Failed to remove %s with error: %s.", dst, strerror(errno)); goto exit; } } ret = TRUE; printf("Successfully removed the certificate.\n"); exit: g_free(hash); g_free(src); g_free(dst); return ret; }
gboolean CertUtil_FindCert(const gchar *certFile, // IN const gchar *certDir, // IN const gchar *hash, // IN int *num, // OUT int *last) // OUT { gboolean ret = FALSE; const GList *node; GList *list = NULL; gchar *path = NULL; *last = *num = -1; if (!SearchFile(certDir, hash, &list)) { goto exit; } ret = TRUE; if (!list) { goto exit; } /* *last = the highest file version */ node = g_list_last(list); *last = GPOINTER_TO_INT(node->data); for (node = g_list_first(list); node; node = g_list_next(node)) { gboolean same = FALSE; int ext = GPOINTER_TO_INT(node->data); g_free(path); path = CertUtil_CreateCertFileName(certDir, hash, ext); if (!CompareFile(certFile, path, &same)) { ret = FALSE; goto exit; } if (same) { *num = ext; break; } } exit: g_free(path); if (list) { g_list_free(list); } return ret; }
static gboolean AddTrustCert(const gchar *clientCertPemFile) // IN { gboolean ret = FALSE; int last, num; gchar *hash = NULL; gchar *path = NULL; if (!ValidateEnvironment(TRUE)) { goto exit; } if (!g_file_test(clientCertPemFile, G_FILE_TEST_IS_REGULAR)) { Error("No certificate file found at %s.\n", clientCertPemFile); goto exit; } hash = CertKey_ComputeCertPemFileHash(clientCertPemFile); if (!hash) { goto exit; } if (CertUtil_FindCert(clientCertPemFile, guestProxyTrustedDir, hash, &num, &last) && num >= 0) { Error("The specified certificate file already exists: %s.%d.\n", hash, num); goto exit; } path = CertUtil_CreateCertFileName(guestProxyTrustedDir, hash, last + 1); if (!CertUtil_CopyFile(clientCertPemFile, path)) { Error("Unable to add %s to the trusted certificate store.\n", clientCertPemFile); goto exit; } printf("Successfully added the %s to the trusted certificate store.\n", clientCertPemFile); ret = TRUE; exit: g_free(hash); g_free(path); return ret; }