VirtualBox

source: vbox/trunk/src/VBox/Runtime/generic/RTCrStoreCreateSnapshotById-generic.cpp@ 76553

Last change on this file since 76553 was 76553, checked in by vboxsync, 6 years ago

scm --update-copyright-year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.4 KB
Line 
1/* $Id: RTCrStoreCreateSnapshotById-generic.cpp 76553 2019-01-01 01:45:53Z vboxsync $ */
2/** @file
3 * IPRT - Generic RTCrStoreCreateSnapshotById implementation.
4 */
5
6/*
7 * Copyright (C) 2006-2019 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include <iprt/crypto/store.h>
32#include "internal/iprt.h"
33
34#include <iprt/assert.h>
35#include <iprt/errcore.h>
36#include <iprt/file.h>
37#include <iprt/dir.h>
38
39
40/*********************************************************************************************************************************
41* Defined Constants And Macros *
42*********************************************************************************************************************************/
43/** Unix root prefix. */
44#ifdef RT_OS_OS2
45# define UNIX_ROOT "/@unixroot@"
46#elif defined(RT_OS_WINDOWS)
47# define UNIX_ROOT "C:/cygwin"
48#else
49# define UNIX_ROOT
50#endif
51
52
53/*********************************************************************************************************************************
54* Global Variables *
55*********************************************************************************************************************************/
56/** System PEM files worth looking at.
57 * @remarks Several of these could be symlinks to one of the others.
58 */
59static const char *g_apszSystemPemFiles[] =
60{
61 UNIX_ROOT "/etc/ssl/certs/ca-certificates.crt",
62 UNIX_ROOT "/etc/ssl/cert.pem",
63 UNIX_ROOT "/etc/ca-certificates/extracted/tls-ca-bundle.pem", /* Arch linux (ca 2015-08-xx) */
64 UNIX_ROOT "/etc/ca-certificates/extracted/email-ca-bundle.pem",
65 UNIX_ROOT "/etc/ca-certificates/extracted/objsign-ca-bundle.pem",
66 UNIX_ROOT "/etc/ca-certificates/extracted/ca-bundle.trust.crt",
67 UNIX_ROOT "/etc/ca-certificates/extracted/ca-bundle.trust.crt",
68 UNIX_ROOT "/etc/pki/tls/certs/ca-bundle.crt", /* Oracle Linux 5 */
69 UNIX_ROOT "/etc/pki/tls/cert.pem",
70 UNIX_ROOT "/etc/certs/ca-certificates.crt", /* Solaris 11 */
71 UNIX_ROOT "/etc/curl/curlCA",
72};
73
74/**
75 * System directories containing lots of pem/crt files.
76 */
77static const char *g_apszSystemPemDirs[] =
78{
79 UNIX_ROOT "/etc/openssl/certs/",
80 UNIX_ROOT "/etc/ssl/certs/",
81 UNIX_ROOT "/etc/ca-certificates/extracted/cadir/",
82 UNIX_ROOT "/etc/certs/CA/", /* Solaris 11 */
83};
84
85
86RTDECL(int) RTCrStoreCreateSnapshotById(PRTCRSTORE phStore, RTCRSTOREID enmStoreId, PRTERRINFO pErrInfo)
87{
88 AssertReturn(enmStoreId > RTCRSTOREID_INVALID && enmStoreId < RTCRSTOREID_END, VERR_INVALID_PARAMETER);
89
90 /*
91 * Create an empty in-memory store.
92 */
93 RTCRSTORE hStore;
94 uint32_t cExpected = enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES ? 256 : 0;
95 int rc = RTCrStoreCreateInMem(&hStore, cExpected);
96 if (RT_SUCCESS(rc))
97 {
98 *phStore = hStore;
99
100 /*
101 * Add system certificates if part of the given store ID.
102 */
103 bool fFound = false;
104 rc = VINF_SUCCESS;
105 if (enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES)
106 {
107 for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemFiles); i++)
108 if (RTFileExists(g_apszSystemPemFiles[i]))
109 {
110 fFound = true;
111 int rc2 = RTCrStoreCertAddFromFile(hStore,
112 RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR,
113 g_apszSystemPemFiles[i], pErrInfo);
114 if (RT_FAILURE(rc2))
115 rc = -rc2;
116 }
117
118 /*
119 * If we didn't find any of the certificate collection files, go hunting
120 * for directories containing PEM/CRT files with single certificates.
121 */
122 if (!fFound)
123 for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemDirs); i++)
124 if (RTDirExists(g_apszSystemPemDirs[i]))
125 {
126 static RTSTRTUPLE const s_aSuffixes[] =
127 {
128 { RT_STR_TUPLE(".crt") },
129 { RT_STR_TUPLE(".pem") },
130 { RT_STR_TUPLE(".PEM") },
131 { RT_STR_TUPLE(".CRT") },
132 };
133 fFound = true;
134 int rc2 = RTCrStoreCertAddFromDir(hStore,
135 RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR,
136 g_apszSystemPemDirs[i], &s_aSuffixes[0], RT_ELEMENTS(s_aSuffixes),
137 pErrInfo);
138 if (RT_FAILURE(rc2))
139 rc = -rc2;
140 }
141 }
142 }
143 else
144 RTErrInfoAdd(pErrInfo, rc, " RTCrStoreCreateInMem failed");
145 return rc;
146}
147RT_EXPORT_SYMBOL(RTCrStoreCreateSnapshotById);
148
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette