VirtualBox

source: vbox/trunk/src/VBox/Runtime/generic/RTCrStoreCreateSnapshotById-generic.cpp@ 57613

Last change on this file since 57613 was 57613, checked in by vboxsync, 10 years ago

IPRT,UINetworkReply.cpp: Added RTPathGlob, a set of RTCrStoreCertAddWantedDir/File/Store, a RTCrStoreCertAddWantedFromFishingExpedition, RTCrStoreCertCheckWanted, RTCrStoreCertCount, RTFsIsCaseSensitive and RTFileOpenTemp. Reworked some RTHttp bits and UINetworkReply stuff - this needs testing.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.4 KB
Line 
1/* $Id: RTCrStoreCreateSnapshotById-generic.cpp 57613 2015-09-04 02:19:44Z vboxsync $ */
2/** @file
3 * IPRT - Generic RTCrStoreCreateSnapshotById implementation.
4 */
5
6/*
7 * Copyright (C) 2006-2015 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.215389.xyz. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include <iprt/crypto/store.h>
32#include "internal/iprt.h"
33
34#include <iprt/assert.h>
35#include <iprt/err.h>
36#include <iprt/file.h>
37#include <iprt/dir.h>
38
39
40/*********************************************************************************************************************************
41* Defined Constants And Macros *
42*********************************************************************************************************************************/
43/** Unix root prefix. */
44#ifdef RT_OS_OS2
45# define UNIX_ROOT "/@unixroot@"
46#elif defined(RT_OS_WINDOWS)
47# define UNIX_ROOT "C:/cygwin"
48#else
49# define UNIX_ROOT
50#endif
51
52
53/*********************************************************************************************************************************
54* Global Variables *
55*********************************************************************************************************************************/
56/** System PEM files worth looking at.
57 * @remarks Several of these could be symlinks to one of the others.
58 */
59static const char *g_apszSystemPemFiles[] =
60{
61 UNIX_ROOT "/etc/ssl/certs/ca-certificates.crt",
62 UNIX_ROOT "/etc/ssl/cert.pem",
63 UNIX_ROOT "/etc/ca-certificates/extracted/tls-ca-bundle.pem",
64 UNIX_ROOT "/etc/ca-certificates/extracted/email-ca-bundle.pem",
65 UNIX_ROOT "/etc/ca-certificates/extracted/objsign-ca-bundle.pem",
66 UNIX_ROOT "/etc/ca-certificates/extracted/ca-bundle.trust.crt",
67 UNIX_ROOT "/etc/ca-certificates/extracted/ca-bundle.trust.crt",
68 UNIX_ROOT "/etc/curl/curlCA",
69#if 0 /* Just for reference. */
70 UNIX_ROOT"/usr/share/ca-certificates/trust-source/mozilla.trust.crt",
71 UNIX_ROOT"/usr/share/ca-certificates/trust-source/mozilla.neutral-trust.crt",
72# if defined(RT_OS_SOLARIS) /* the only one on tindersol2... */
73 UNIX_ROOT"/usr/share/doc/mutt/samples/ca-bundle.crt",
74 VeriSign topic: Provide interface for reading: /usr/jdk/latest/jre/lib/security/cacerts ?
75# endif
76#endif
77};
78
79/**
80 * System directories containing lots of pem/crt files.
81 */
82static const char *g_apszSystemPemDirs[] =
83{
84 UNIX_ROOT "/etc/openssl/certs/",
85 UNIX_ROOT "/etc/ssl/certs/",
86 UNIX_ROOT "/etc/ca-certificates/extracted/cadir/",
87};
88
89
90RTDECL(int) RTCrStoreCreateSnapshotById(PRTCRSTORE phStore, RTCRSTOREID enmStoreId, PRTERRINFO pErrInfo)
91{
92 AssertReturn(enmStoreId > RTCRSTOREID_INVALID && enmStoreId < RTCRSTOREID_END, VERR_INVALID_PARAMETER);
93
94 /*
95 * Create an empty in-memory store.
96 */
97 RTCRSTORE hStore;
98 uint32_t cExpected = enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES ? 256 : 0;
99 int rc = RTCrStoreCreateInMem(&hStore, cExpected);
100 if (RT_SUCCESS(rc))
101 {
102 *phStore = hStore;
103
104 /*
105 * Add system certificates if part of the given store ID.
106 */
107 bool fFound = false;
108 rc = VINF_SUCCESS;
109 if (enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES)
110 {
111 for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemFiles); i++)
112 if (RTFileExists(g_apszSystemPemFiles[i]))
113 {
114 fFound = true;
115 int rc2 = RTCrStoreCertAddFromFile(hStore,
116 RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR,
117 g_apszSystemPemFiles[i], pErrInfo);
118 if (RT_FAILURE(rc2))
119 rc = -rc2;
120 }
121
122 /*
123 * If we didn't find any of the certificate collection files, go hunting
124 * for directories containing PEM/CRT files with single certificates.
125 */
126 if (!fFound)
127 for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemDirs); i++)
128 if (RTDirExists(g_apszSystemPemDirs[i]))
129 {
130 static RTSTRTUPLE const s_aSuffixes[] =
131 {
132 { RT_STR_TUPLE(".crt") },
133 { RT_STR_TUPLE(".pem") },
134 { RT_STR_TUPLE(".PEM") },
135 { RT_STR_TUPLE(".CRT") },
136 };
137 fFound = true;
138 int rc2 = RTCrStoreCertAddFromDir(hStore,
139 RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR,
140 g_apszSystemPemDirs[i], &s_aSuffixes[0], RT_ELEMENTS(s_aSuffixes),
141 pErrInfo);
142 if (RT_FAILURE(rc2))
143 rc = -rc2;
144 }
145 }
146 }
147 else
148 RTErrInfoAdd(pErrInfo, rc, " RTCrStoreCreateInMem failed");
149 return rc;
150}
151RT_EXPORT_SYMBOL(RTCrStoreCreateSnapshotById);
152
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette