Adding upstream version 1:115.7.0.upstream/1%115.7.0 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-21 11:44:51 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-21 11:44:51 +0000
commit: 9e3c08db40b8916968b9f30096c7be3f00ce9647 (patch)
tree: a68f146d7fa01f0134297619fbe7e33db084e0aa /security/nss/cmd/modutil/instsec.c
parent: Initial commit. (diff)
download: thunderbird-9e3c08db40b8916968b9f30096c7be3f00ce9647.tar.xz
thunderbird-9e3c08db40b8916968b9f30096c7be3f00ce9647.zip
1 files changed, 153 insertions, 0 deletions
diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c
new file mode 100644
index 0000000000..95191e7292
--- /dev/null
+++ b/security/nss/cmd/modutil/instsec.c
@@ -0,0 +1,153 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <plarena.h>
+#include <prerror.h>
+#include <prio.h>
+#include <prprf.h>
+#include <seccomon.h>
+#include <secmod.h>
+#include <jar.h>
+#include <secutil.h>
+
+/* These are installation functions that make calls to the security library.
+ * We don't want to include security include files in the C++ code too much.
+ */
+
+static char *PR_fgets(char *buf, int size, PRFileDesc *file);
+
+/***************************************************************************
+ *
+ * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
+ */
+int
+Pk11Install_AddNewModule(char *moduleName, char *dllPath,
+                         unsigned long defaultMechanismFlags,
+                         unsigned long cipherEnableFlags)
+{
+    return (SECMOD_AddNewModule(moduleName, dllPath,
+                                SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
+                                SECMOD_PubCipherFlagstoInternal(cipherEnableFlags)) == SECSuccess)
+               ? 0
+               : -1;
+}
+
+/*************************************************************************
+ *
+ * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
+ *
+ * Gives the user feedback on the signatures of a JAR files, asks them
+ * whether they actually want to continue.
+ * Assumes the jar structure has already been created and is valid.
+ * Returns 0 if the user wants to continue the installation, nonzero
+ * if the user wishes to abort.
+ */
+short
+Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
+{
+    JAR_Context *ctx;
+    JAR_Cert *fing;
+    JAR_Item *item;
+    char stdinbuf[80];
+    int count = 0;
+
+    CERTCertificate *cert, *prev = NULL;
+
+    PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
+
+    ctx = JAR_find(jar, NULL, jarTypeSign);
+
+    while (JAR_find_next(ctx, &item) >= 0) {
+        fing = (JAR_Cert *)item->data;
+        cert = fing->cert;
+        if (cert == prev) {
+            continue;
+        }
+
+        count++;
+        PR_fprintf(out, "----------------------------------------------\n");
+        if (cert) {
+            if (cert->nickname) {
+                PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
+            }
+            if (cert->subjectName) {
+                PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName);
+            }
+            if (cert->issuerName) {
+                PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
+            }
+        } else {
+            PR_fprintf(out, "No matching certificate could be found.\n");
+        }
+        PR_fprintf(out, "----------------------------------------------\n\n");
+
+        prev = cert;
+    }
+
+    JAR_find_end(ctx);
+
+    if (count == 0) {
+        PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
+    }
+
+    if (query) {
+        PR_fprintf(out,
+                   "Do you wish to continue this installation? (y/n) ");
+
+        if (PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
+            char *response;
+
+            if ((response = strtok(stdinbuf, " \t\n\r"))) {
+                if (!PL_strcasecmp(response, "y") ||
+                    !PL_strcasecmp(response, "yes")) {
+                    return 0;
+                }
+            }
+        }
+    }
+
+    return 1;
+}
+
+/**************************************************************************
+ *
+ * P R _ f g e t s
+ *
+ * fgets implemented with NSPR.
+ */
+static char *
+PR_fgets(char *buf, int size, PRFileDesc *file)
+{
+    int i;
+    int status;
+    char c;
+
+    i = 0;
+    while (i < size - 1) {
+        status = PR_Read(file, (void *)&c, 1);
+        if (status == -1) {
+            return NULL;
+        } else if (status == 0) {
+            break;
+        }
+        buf[i++] = c;
+        if (c == '\n') {
+            break;
+        }
+    }
+    buf[i] = '\0';
+
+    return buf;
+}
+
+/**************************************************************************
+ *
+ * m y S E C U _ E r r o r S t r i n g
+ *
+ */
+const char *
+mySECU_ErrorString(PRErrorCode errnum)
+{
+    return SECU_Strerror(errnum);
+}
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-21 11:44:51 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-21 11:44:51 +0000
commit	9e3c08db40b8916968b9f30096c7be3f00ce9647 (patch)
tree	a68f146d7fa01f0134297619fbe7e33db084e0aa /security/nss/cmd/modutil/instsec.c
parent	Initial commit. (diff)
download	thunderbird-9e3c08db40b8916968b9f30096c7be3f00ce9647.tar.xz thunderbird-9e3c08db40b8916968b9f30096c7be3f00ce9647.zip