Index: cmd/dbck/dbck.c |
=================================================================== |
--- a/cmd/dbck/dbck.c |
+++ b/cmd/dbck/dbck.c |
@@ -25,145 +25,137 @@ |
static char *progName; |
/* placeholders for pointer error types */ |
static void *WrongEntry; |
static void *NoNickname; |
static void *NoSMime; |
typedef enum { |
-/* 0*/ NoSubjectForCert = 0, |
-/* 1*/ SubjectHasNoKeyForCert, |
-/* 2*/ NoNicknameOrSMimeForSubject, |
-/* 3*/ WrongNicknameForSubject, |
-/* 4*/ NoNicknameEntry, |
-/* 5*/ WrongSMimeForSubject, |
-/* 6*/ NoSMimeEntry, |
-/* 7*/ NoSubjectForNickname, |
-/* 8*/ NoSubjectForSMime, |
-/* 9*/ NicknameAndSMimeEntries, |
- NUM_ERROR_TYPES |
+ /* 0*/ NoSubjectForCert = 0, |
+ /* 1*/ SubjectHasNoKeyForCert, |
+ /* 2*/ NoNicknameOrSMimeForSubject, |
+ /* 3*/ WrongNicknameForSubject, |
+ /* 4*/ NoNicknameEntry, |
+ /* 5*/ WrongSMimeForSubject, |
+ /* 6*/ NoSMimeEntry, |
+ /* 7*/ NoSubjectForNickname, |
+ /* 8*/ NoSubjectForSMime, |
+ /* 9*/ NicknameAndSMimeEntries, |
+ NUM_ERROR_TYPES |
} dbErrorType; |
static char *dbErrorString[NUM_ERROR_TYPES] = { |
-/* 0*/ "<CERT ENTRY>\nDid not find a subject entry for this certificate.", |
-/* 1*/ "<SUBJECT ENTRY>\nSubject has certKey which is not in db.", |
-/* 2*/ "<SUBJECT ENTRY>\nSubject does not have a nickname or email address.", |
-/* 3*/ "<SUBJECT ENTRY>\nUsing this subject's nickname, found a nickname entry for a different subject.", |
-/* 4*/ "<SUBJECT ENTRY>\nDid not find a nickname entry for this subject.", |
-/* 5*/ "<SUBJECT ENTRY>\nUsing this subject's email, found an S/MIME entry for a different subject.", |
-/* 6*/ "<SUBJECT ENTRY>\nDid not find an S/MIME entry for this subject.", |
-/* 7*/ "<NICKNAME ENTRY>\nDid not find a subject entry for this nickname.", |
-/* 8*/ "<S/MIME ENTRY>\nDid not find a subject entry for this S/MIME profile.", |
+ /* 0*/ "<CERT ENTRY>\nDid not find a subject entry for this certificate.", |
+ /* 1*/ "<SUBJECT ENTRY>\nSubject has certKey which is not in db.", |
+ /* 2*/ "<SUBJECT ENTRY>\nSubject does not have a nickname or email address.", |
+ /* 3*/ "<SUBJECT ENTRY>\nUsing this subject's nickname, found a nickname " |
+ "entry for a different subject.", |
+ /* 4*/ "<SUBJECT ENTRY>\nDid not find a nickname entry for this subject.", |
+ /* 5*/ "<SUBJECT ENTRY>\nUsing this subject's email, found an S/MIME entry " |
+ "for a different subject.", |
+ /* 6*/ "<SUBJECT ENTRY>\nDid not find an S/MIME entry for this subject.", |
+ /* 7*/ "<NICKNAME ENTRY>\nDid not find a subject entry for this nickname.", |
+ /* 8*/ "<S/MIME ENTRY>\nDid not find a subject entry for this S/MIME " |
+ "profile.", |
}; |
static char *errResult[NUM_ERROR_TYPES] = { |
- "Certificate entries that had no subject entry.", |
- "Subject entries with no corresponding Certificate entries.", |
+ "Certificate entries that had no subject entry.", |
+ "Subject entries with no corresponding Certificate entries.", |
"Subject entries that had no nickname or S/MIME entries.", |
"Redundant nicknames (subjects with the same nickname).", |
"Subject entries that had no nickname entry.", |
"Redundant email addresses (subjects with the same email address).", |
"Subject entries that had no S/MIME entry.", |
- "Nickname entries that had no subject entry.", |
+ "Nickname entries that had no subject entry.", |
"S/MIME entries that had no subject entry.", |
- "Subject entries with BOTH nickname and S/MIME entries." |
+ "Subject entries with BOTH nickname and S/MIME entries."}; |
+ |
+enum { |
+ GOBOTH = 0, |
+ GORIGHT, |
+ GOLEFT |
}; |
- |
-enum { |
- GOBOTH = 0, |
- GORIGHT, |
- GOLEFT |
-}; |
- |
-typedef struct |
-{ |
- PRBool verbose; |
- PRBool dograph; |
- PRFileDesc *out; |
- PRFileDesc *graphfile; |
- int dbErrors[NUM_ERROR_TYPES]; |
+typedef struct { |
+ PRBool verbose; |
+ PRBool dograph; |
+ PRFileDesc *out; |
+ PRFileDesc *graphfile; |
+ int dbErrors[NUM_ERROR_TYPES]; |
} dbDebugInfo; |
struct certDBEntryListNodeStr { |
- PRCList link; |
- certDBEntry entry; |
- void *appData; |
+ PRCList link; |
+ certDBEntry entry; |
+ void *appData; |
}; |
-typedef struct certDBEntryListNodeStr certDBEntryListNode; |
+typedef struct certDBEntryListNodeStr certDBEntryListNode; |
/* |
* A list node for a cert db entry. The index is a unique identifier |
* to use for creating generic maps of a db. This struct handles |
* the cert, nickname, and smime db entry types, as all three have a |
* single handle to a subject entry. |
* This structure is pointed to by certDBEntryListNode->appData. |
*/ |
-typedef struct |
-{ |
- PLArenaPool *arena; |
- int index; |
- certDBEntryListNode *pSubject; |
+typedef struct { |
+ PLArenaPool *arena; |
+ int index; |
+ certDBEntryListNode *pSubject; |
} certDBEntryMap; |
/* |
* Subject entry is special case, it has bidirectional handles. One |
* subject entry can point to several certs (using the same DN), and |
* a nickname and/or smime entry. |
* This structure is pointed to by certDBEntryListNode->appData. |
*/ |
-typedef struct |
-{ |
- PLArenaPool *arena; |
- int index; |
- int numCerts; |
- certDBEntryListNode **pCerts; |
- certDBEntryListNode *pNickname; |
- certDBEntryListNode *pSMime; |
+typedef struct { |
+ PLArenaPool *arena; |
+ int index; |
+ int numCerts; |
+ certDBEntryListNode **pCerts; |
+ certDBEntryListNode *pNickname; |
+ certDBEntryListNode *pSMime; |
} certDBSubjectEntryMap; |
/* |
* A map of a certdb. |
*/ |
-typedef struct |
-{ |
- int numCerts; |
- int numSubjects; |
- int numNicknames; |
- int numSMime; |
- int numRevocation; |
- certDBEntryListNode certs; /* pointer to head of cert list */ |
- certDBEntryListNode subjects; /* pointer to head of subject list */ |
- certDBEntryListNode nicknames; /* pointer to head of nickname list */ |
- certDBEntryListNode smime; /* pointer to head of smime list */ |
- certDBEntryListNode revocation; /* pointer to head of revocation list */ |
+typedef struct { |
+ int numCerts; |
+ int numSubjects; |
+ int numNicknames; |
+ int numSMime; |
+ int numRevocation; |
+ certDBEntryListNode certs; /* pointer to head of cert list */ |
+ certDBEntryListNode subjects; /* pointer to head of subject list */ |
+ certDBEntryListNode nicknames; /* pointer to head of nickname list */ |
+ certDBEntryListNode smime; /* pointer to head of smime list */ |
+ certDBEntryListNode revocation; /* pointer to head of revocation list */ |
} certDBArray; |
/* Cast list to the base element, a certDBEntryListNode. */ |
-#define LISTNODE_CAST(node) \ |
- ((certDBEntryListNode *)(node)) |
+#define LISTNODE_CAST(node) ((certDBEntryListNode *)(node)) |
-static void |
-Usage(char *progName) |
-{ |
-#define FPS fprintf(stderr, |
+static void Usage(char *progName) { |
+#define FPS fprintf(stderr, |
FPS "Type %s -H for more detailed descriptions\n", progName); |
FPS "Usage: %s -D [-d certdir] [-m] [-v [-f dumpfile]]\n", |
progName); |
#ifdef DORECOVER |
FPS " %s -R -o newdbname [-d certdir] [-aprsx] [-v [-f dumpfile]]\n", |
progName); |
#endif |
- exit(-1); |
+ exit(-1); |
} |
-static void |
-LongUsage(char *progName) |
-{ |
+static void LongUsage(char *progName) { |
FPS "%-15s Display this help message.\n", |
"-H"); |
FPS "%-15s Dump analysis. No changes will be made to the database.\n", |
"-D"); |
FPS "%-15s Cert database directory (default is ~/.netscape)\n", |
" -d certdir"); |
FPS "%-15s Put database graph in ./mailfile (default is stdout).\n", |
" -m"); |
@@ -205,1149 +197,1065 @@ LongUsage(char *progName) |
FPS "%-15s Keep expired certificates.\n", |
" -x"); |
FPS "%-15s Verbose mode - report all activity while recovering db.\n", |
" -v"); |
FPS "%-15s File to dump verbose output into.\n", |
" -f dumpfile"); |
FPS "\n"); |
#endif |
- exit(-1); |
+ exit(-1); |
#undef FPS |
} |
/******************************************************************* |
* |
* Functions for dbck. |
* |
******************************************************************/ |
-void |
-printHexString(PRFileDesc *out, SECItem *hexval) |
-{ |
- unsigned int i; |
- for (i = 0; i < hexval->len; i++) { |
- if (i != hexval->len - 1) { |
- PR_fprintf(out, "%02x:", hexval->data[i]); |
- } else { |
- PR_fprintf(out, "%02x", hexval->data[i]); |
- } |
+void printHexString(PRFileDesc *out, SECItem *hexval) { |
+ unsigned int i; |
+ for (i = 0; i < hexval->len; i++) { |
+ if (i != hexval->len - 1) { |
+ PR_fprintf(out, "%02x:", hexval->data[i]); |
+ } else { |
+ PR_fprintf(out, "%02x", hexval->data[i]); |
} |
- PR_fprintf(out, "\n"); |
+ } |
+ PR_fprintf(out, "\n"); |
} |
- |
-SECStatus |
-dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile) |
-{ |
- int userCert = 0; |
- CERTCertTrust *trust = cert->trust; |
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || |
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || |
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); |
- if (num >= 0) { |
- PR_fprintf(outfile, "Certificate: %3d\n", num); |
- } else { |
- PR_fprintf(outfile, "Certificate:\n"); |
- } |
- PR_fprintf(outfile, "----------------\n"); |
- if (userCert) |
- PR_fprintf(outfile, "(User Cert)\n"); |
- PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName); |
- PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName); |
- PR_fprintf(outfile, "## SERIAL NUMBER: "); |
- printHexString(outfile, &cert->serialNumber); |
- { /* XXX should be separate function. */ |
- PRTime timeBefore, timeAfter; |
- PRExplodedTime beforePrintable, afterPrintable; |
- char *beforestr, *afterstr; |
- DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore); |
- DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter); |
- PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); |
- PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable); |
- beforestr = PORT_Alloc(100); |
- afterstr = PORT_Alloc(100); |
- PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable); |
- PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable); |
- PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr); |
- } |
- PR_fprintf(outfile, "\n"); |
- return SECSuccess; |
+SECStatus dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile) { |
+ int userCert = 0; |
+ CERTCertTrust *trust = cert->trust; |
+ userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || |
+ (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || |
+ (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); |
+ if (num >= 0) { |
+ PR_fprintf(outfile, "Certificate: %3d\n", num); |
+ } else { |
+ PR_fprintf(outfile, "Certificate:\n"); |
+ } |
+ PR_fprintf(outfile, "----------------\n"); |
+ if (userCert) PR_fprintf(outfile, "(User Cert)\n"); |
+ PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName); |
+ PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName); |
+ PR_fprintf(outfile, "## SERIAL NUMBER: "); |
+ printHexString(outfile, &cert->serialNumber); |
+ {/* XXX should be separate function. */ |
+ PRTime timeBefore, timeAfter; |
+ PRExplodedTime beforePrintable, afterPrintable; |
+ char *beforestr, *afterstr; |
+ DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore); |
+ DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter); |
+ PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); |
+ PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable); |
+ beforestr = PORT_Alloc(100); |
+ afterstr = PORT_Alloc(100); |
+ PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable); |
+ PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable); |
+ PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr); |
+ } |
+ PR_fprintf(outfile, "\n"); |
+ return SECSuccess; |
} |
-SECStatus |
-dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile) |
-{ |
+SECStatus dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile) { |
#if 0 |
NSSLOWCERTCertificate *cert; |
/* should we check for existing duplicates? */ |
cert = nsslowcert_DecodeDERCertificate(&entry->cert.derCert, |
entry->cert.nickname); |
#else |
- CERTCertificate *cert; |
- cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL); |
+ CERTCertificate *cert; |
+ cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL); |
#endif |
- if (!cert) { |
- fprintf(stderr, "Failed to decode certificate.\n"); |
- return SECFailure; |
- } |
- cert->trust = (CERTCertTrust *)&entry->trust; |
- dumpCertificate(cert, num, outfile); |
- CERT_DestroyCertificate(cert); |
- return SECSuccess; |
+ if (!cert) { |
+ fprintf(stderr, "Failed to decode certificate.\n"); |
+ return SECFailure; |
+ } |
+ cert->trust = (CERTCertTrust *)&entry->trust; |
+ dumpCertificate(cert, num, outfile); |
+ CERT_DestroyCertificate(cert); |
+ return SECSuccess; |
} |
-SECStatus |
-dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile) |
-{ |
- char *subjectName = CERT_DerNameToAscii(&entry->derSubject); |
+SECStatus dumpSubjectEntry(certDBEntrySubject *entry, int num, |
+ PRFileDesc *outfile) { |
+ char *subjectName = CERT_DerNameToAscii(&entry->derSubject); |
- PR_fprintf(outfile, "Subject: %3d\n", num); |
- PR_fprintf(outfile, "------------\n"); |
- PR_fprintf(outfile, "## %s\n", subjectName); |
- if (entry->nickname) |
- PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname); |
- if (entry->emailAddrs) { |
- unsigned int n; |
- for (n = 0; n < entry->nemailAddrs && entry->emailAddrs[n]; ++n) { |
- char * emailAddr = entry->emailAddrs[n]; |
- if (emailAddr[0]) { |
- PR_fprintf(outfile, "## Subject email address: %s\n", |
- emailAddr); |
- } |
- } |
+ PR_fprintf(outfile, "Subject: %3d\n", num); |
+ PR_fprintf(outfile, "------------\n"); |
+ PR_fprintf(outfile, "## %s\n", subjectName); |
+ if (entry->nickname) |
+ PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname); |
+ if (entry->emailAddrs) { |
+ unsigned int n; |
+ for (n = 0; n < entry->nemailAddrs && entry->emailAddrs[n]; ++n) { |
+ char *emailAddr = entry->emailAddrs[n]; |
+ if (emailAddr[0]) { |
+ PR_fprintf(outfile, "## Subject email address: %s\n", emailAddr); |
+ } |
} |
- PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts); |
- PR_fprintf(outfile, "\n"); |
- PORT_Free(subjectName); |
- return SECSuccess; |
+ } |
+ PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts); |
+ PR_fprintf(outfile, "\n"); |
+ PORT_Free(subjectName); |
+ return SECSuccess; |
} |
-SECStatus |
-dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile) |
-{ |
- PR_fprintf(outfile, "Nickname: %3d\n", num); |
- PR_fprintf(outfile, "-------------\n"); |
- PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname); |
- return SECSuccess; |
+SECStatus dumpNicknameEntry(certDBEntryNickname *entry, int num, |
+ PRFileDesc *outfile) { |
+ PR_fprintf(outfile, "Nickname: %3d\n", num); |
+ PR_fprintf(outfile, "-------------\n"); |
+ PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname); |
+ return SECSuccess; |
} |
-SECStatus |
-dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile) |
-{ |
- PR_fprintf(outfile, "S/MIME Profile: %3d\n", num); |
- PR_fprintf(outfile, "-------------------\n"); |
- PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr); |
+SECStatus dumpSMimeEntry(certDBEntrySMime *entry, int num, |
+ PRFileDesc *outfile) { |
+ PR_fprintf(outfile, "S/MIME Profile: %3d\n", num); |
+ PR_fprintf(outfile, "-------------------\n"); |
+ PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr); |
#ifdef OLDWAY |
- PR_fprintf(outfile, "## OPTIONS: "); |
- printHexString(outfile, &entry->smimeOptions); |
- PR_fprintf(outfile, "## TIMESTAMP: "); |
- printHexString(outfile, &entry->optionsDate); |
+ PR_fprintf(outfile, "## OPTIONS: "); |
+ printHexString(outfile, &entry->smimeOptions); |
+ PR_fprintf(outfile, "## TIMESTAMP: "); |
+ printHexString(outfile, &entry->optionsDate); |
#else |
- SECU_PrintAny(stdout, &entry->smimeOptions, "## OPTIONS ", 0); |
- fflush(stdout); |
- if (entry->optionsDate.len && entry->optionsDate.data) |
- PR_fprintf(outfile, "## TIMESTAMP: %.*s\n", |
- entry->optionsDate.len, entry->optionsDate.data); |
+ SECU_PrintAny(stdout, &entry->smimeOptions, "## OPTIONS ", 0); |
+ fflush(stdout); |
+ if (entry->optionsDate.len && entry->optionsDate.data) |
+ PR_fprintf(outfile, "## TIMESTAMP: %.*s\n", entry->optionsDate.len, |
+ entry->optionsDate.data); |
#endif |
- PR_fprintf(outfile, "\n"); |
- return SECSuccess; |
+ PR_fprintf(outfile, "\n"); |
+ return SECSuccess; |
} |
-SECStatus |
-mapCertEntries(certDBArray *dbArray) |
-{ |
- certDBEntryCert *certEntry; |
- certDBEntrySubject *subjectEntry; |
- certDBEntryListNode *certNode, *subjNode; |
- certDBSubjectEntryMap *smap; |
- certDBEntryMap *map; |
- PLArenaPool *tmparena; |
- SECItem derSubject; |
- SECItem certKey; |
- PRCList *cElem, *sElem; |
+SECStatus mapCertEntries(certDBArray *dbArray) { |
+ certDBEntryCert *certEntry; |
+ certDBEntrySubject *subjectEntry; |
+ certDBEntryListNode *certNode, *subjNode; |
+ certDBSubjectEntryMap *smap; |
+ certDBEntryMap *map; |
+ PLArenaPool *tmparena; |
+ SECItem derSubject; |
+ SECItem certKey; |
+ PRCList *cElem, *sElem; |
- /* Arena for decoded entries */ |
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
- if (tmparena == NULL) { |
- PORT_SetError(SEC_ERROR_NO_MEMORY); |
- return SECFailure; |
+ /* Arena for decoded entries */ |
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
+ if (tmparena == NULL) { |
+ PORT_SetError(SEC_ERROR_NO_MEMORY); |
+ return SECFailure; |
+ } |
+ |
+ /* Iterate over cert entries and map them to subject entries. |
+ * NOTE: mapSubjectEntries must be called first to alloc memory |
+ * for array of subject->cert map. |
+ */ |
+ for (cElem = PR_LIST_HEAD(&dbArray->certs.link); |
+ cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { |
+ certNode = LISTNODE_CAST(cElem); |
+ certEntry = (certDBEntryCert *)&certNode->entry; |
+ map = (certDBEntryMap *)certNode->appData; |
+ CERT_NameFromDERCert(&certEntry->derCert, &derSubject); |
+ CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey); |
+ /* Loop over found subjects for cert's DN. */ |
+ for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
+ sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
+ subjNode = LISTNODE_CAST(sElem); |
+ subjectEntry = (certDBEntrySubject *)&subjNode->entry; |
+ if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) { |
+ unsigned int i; |
+ /* Found matching subject name, create link. */ |
+ map->pSubject = subjNode; |
+ /* Make sure subject entry has cert's key. */ |
+ for (i = 0; i < subjectEntry->ncerts; i++) { |
+ if (SECITEM_ItemsAreEqual(&certKey, &subjectEntry->certKeys[i])) { |
+ /* Found matching cert key. */ |
+ smap = (certDBSubjectEntryMap *)subjNode->appData; |
+ smap->pCerts[i] = certNode; |
+ break; |
+ } |
+ } |
+ } |
} |
- |
- /* Iterate over cert entries and map them to subject entries. |
- * NOTE: mapSubjectEntries must be called first to alloc memory |
- * for array of subject->cert map. |
- */ |
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link); |
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { |
- certNode = LISTNODE_CAST(cElem); |
- certEntry = (certDBEntryCert *)&certNode->entry; |
- map = (certDBEntryMap *)certNode->appData; |
- CERT_NameFromDERCert(&certEntry->derCert, &derSubject); |
- CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey); |
- /* Loop over found subjects for cert's DN. */ |
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
- subjNode = LISTNODE_CAST(sElem); |
- subjectEntry = (certDBEntrySubject *)&subjNode->entry; |
- if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) { |
- unsigned int i; |
- /* Found matching subject name, create link. */ |
- map->pSubject = subjNode; |
- /* Make sure subject entry has cert's key. */ |
- for (i=0; i<subjectEntry->ncerts; i++) { |
- if (SECITEM_ItemsAreEqual(&certKey, |
- &subjectEntry->certKeys[i])) { |
- /* Found matching cert key. */ |
- smap = (certDBSubjectEntryMap *)subjNode->appData; |
- smap->pCerts[i] = certNode; |
- break; |
- } |
- } |
- } |
- } |
- } |
- PORT_FreeArena(tmparena, PR_FALSE); |
- return SECSuccess; |
+ } |
+ PORT_FreeArena(tmparena, PR_FALSE); |
+ return SECSuccess; |
} |
-SECStatus |
-mapSubjectEntries(certDBArray *dbArray) |
-{ |
- certDBEntrySubject *subjectEntry; |
- certDBEntryListNode *subjNode; |
- certDBSubjectEntryMap *subjMap; |
- PRCList *sElem; |
+SECStatus mapSubjectEntries(certDBArray *dbArray) { |
+ certDBEntrySubject *subjectEntry; |
+ certDBEntryListNode *subjNode; |
+ certDBSubjectEntryMap *subjMap; |
+ PRCList *sElem; |
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
- /* Iterate over subject entries and map subjects to nickname |
- * and smime entries. The cert<->subject map will be handled |
- * by a subsequent call to mapCertEntries. |
- */ |
- subjNode = LISTNODE_CAST(sElem); |
- subjectEntry = (certDBEntrySubject *)&subjNode->entry; |
- subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
- /* need to alloc memory here for array of matching certs. */ |
- subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena, |
- subjectEntry->ncerts*sizeof(int)); |
- subjMap->numCerts = subjectEntry->ncerts; |
- subjMap->pNickname = NoNickname; |
- subjMap->pSMime = NoSMime; |
+ for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
+ sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
+ /* Iterate over subject entries and map subjects to nickname |
+ * and smime entries. The cert<->subject map will be handled |
+ * by a subsequent call to mapCertEntries. |
+ */ |
+ subjNode = LISTNODE_CAST(sElem); |
+ subjectEntry = (certDBEntrySubject *)&subjNode->entry; |
+ subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
+ /* need to alloc memory here for array of matching certs. */ |
+ subjMap->pCerts = |
+ PORT_ArenaAlloc(subjMap->arena, subjectEntry->ncerts * sizeof(int)); |
+ subjMap->numCerts = subjectEntry->ncerts; |
+ subjMap->pNickname = NoNickname; |
+ subjMap->pSMime = NoSMime; |
- if (subjectEntry->nickname) { |
- /* Subject should have a nickname entry, so create a link. */ |
- PRCList *nElem; |
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); |
- nElem != &dbArray->nicknames.link; |
- nElem = PR_NEXT_LINK(nElem)) { |
- certDBEntryListNode *nickNode; |
- certDBEntryNickname *nicknameEntry; |
- /* Look for subject's nickname in nickname entries. */ |
- nickNode = LISTNODE_CAST(nElem); |
- nicknameEntry = (certDBEntryNickname *)&nickNode->entry; |
- if (PL_strcmp(subjectEntry->nickname, |
- nicknameEntry->nickname) == 0) { |
- /* Found a nickname entry for subject's nickname. */ |
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, |
- &nicknameEntry->subjectName)) { |
- certDBEntryMap *nickMap; |
- nickMap = (certDBEntryMap *)nickNode->appData; |
- /* Nickname and subject match. */ |
- subjMap->pNickname = nickNode; |
- nickMap->pSubject = subjNode; |
- } else if (subjMap->pNickname == NoNickname) { |
- /* Nickname entry found is for diff. subject. */ |
- subjMap->pNickname = WrongEntry; |
- } |
- } |
- } |
- } |
- if (subjectEntry->emailAddrs) { |
- unsigned int n; |
- for (n = 0; n < subjectEntry->nemailAddrs && |
- subjectEntry->emailAddrs[n]; ++n) { |
- char * emailAddr = subjectEntry->emailAddrs[n]; |
- if (emailAddr[0]) { |
- PRCList *mElem; |
- /* Subject should have an smime entry, so create a link. */ |
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link); |
- mElem != &dbArray->smime.link; |
- mElem = PR_NEXT_LINK(mElem)) { |
- certDBEntryListNode *smimeNode; |
- certDBEntrySMime *smimeEntry; |
- /* Look for subject's email in S/MIME entries. */ |
- smimeNode = LISTNODE_CAST(mElem); |
- smimeEntry = (certDBEntrySMime *)&smimeNode->entry; |
- if (PL_strcmp(emailAddr, |
- smimeEntry->emailAddr) == 0) { |
- /* Found a S/MIME entry for subject's email. */ |
- if (SECITEM_ItemsAreEqual( |
- &subjectEntry->derSubject, |
- &smimeEntry->subjectName)) { |
- certDBEntryMap *smimeMap; |
- /* S/MIME entry and subject match. */ |
- subjMap->pSMime = smimeNode; |
- smimeMap = (certDBEntryMap *)smimeNode->appData; |
- smimeMap->pSubject = subjNode; |
- } else if (subjMap->pSMime == NoSMime) { |
- /* S/MIME entry found is for diff. subject. */ |
- subjMap->pSMime = WrongEntry; |
- } |
- } |
- } /* end for */ |
- } /* endif (emailAddr[0]) */ |
- } /* end for */ |
- } /* endif (subjectEntry->emailAddrs) */ |
+ if (subjectEntry->nickname) { |
+ /* Subject should have a nickname entry, so create a link. */ |
+ PRCList *nElem; |
+ for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); |
+ nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) { |
+ certDBEntryListNode *nickNode; |
+ certDBEntryNickname *nicknameEntry; |
+ /* Look for subject's nickname in nickname entries. */ |
+ nickNode = LISTNODE_CAST(nElem); |
+ nicknameEntry = (certDBEntryNickname *)&nickNode->entry; |
+ if (PL_strcmp(subjectEntry->nickname, nicknameEntry->nickname) == 0) { |
+ /* Found a nickname entry for subject's nickname. */ |
+ if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, |
+ &nicknameEntry->subjectName)) { |
+ certDBEntryMap *nickMap; |
+ nickMap = (certDBEntryMap *)nickNode->appData; |
+ /* Nickname and subject match. */ |
+ subjMap->pNickname = nickNode; |
+ nickMap->pSubject = subjNode; |
+ } else if (subjMap->pNickname == NoNickname) { |
+ /* Nickname entry found is for diff. subject. */ |
+ subjMap->pNickname = WrongEntry; |
+ } |
+ } |
+ } |
} |
- return SECSuccess; |
+ if (subjectEntry->emailAddrs) { |
+ unsigned int n; |
+ for (n = 0; n < subjectEntry->nemailAddrs && subjectEntry->emailAddrs[n]; |
+ ++n) { |
+ char *emailAddr = subjectEntry->emailAddrs[n]; |
+ if (emailAddr[0]) { |
+ PRCList *mElem; |
+ /* Subject should have an smime entry, so create a link. */ |
+ for (mElem = PR_LIST_HEAD(&dbArray->smime.link); |
+ mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { |
+ certDBEntryListNode *smimeNode; |
+ certDBEntrySMime *smimeEntry; |
+ /* Look for subject's email in S/MIME entries. */ |
+ smimeNode = LISTNODE_CAST(mElem); |
+ smimeEntry = (certDBEntrySMime *)&smimeNode->entry; |
+ if (PL_strcmp(emailAddr, smimeEntry->emailAddr) == 0) { |
+ /* Found a S/MIME entry for subject's email. */ |
+ if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, |
+ &smimeEntry->subjectName)) { |
+ certDBEntryMap *smimeMap; |
+ /* S/MIME entry and subject match. */ |
+ subjMap->pSMime = smimeNode; |
+ smimeMap = (certDBEntryMap *)smimeNode->appData; |
+ smimeMap->pSubject = subjNode; |
+ } else if (subjMap->pSMime == NoSMime) { |
+ /* S/MIME entry found is for diff. subject. */ |
+ subjMap->pSMime = WrongEntry; |
+ } |
+ } |
+ } /* end for */ |
+ } /* endif (emailAddr[0]) */ |
+ } /* end for */ |
+ } /* endif (subjectEntry->emailAddrs) */ |
+ } |
+ return SECSuccess; |
} |
-void |
-printnode(dbDebugInfo *info, const char *str, int num) |
-{ |
- if (!info->dograph) |
- return; |
- if (num < 0) { |
- PR_fprintf(info->graphfile, str); |
- } else { |
- PR_fprintf(info->graphfile, str, num); |
- } |
+void printnode(dbDebugInfo *info, const char *str, int num) { |
+ if (!info->dograph) return; |
+ if (num < 0) { |
+ PR_fprintf(info->graphfile, str); |
+ } else { |
+ PR_fprintf(info->graphfile, str, num); |
+ } |
} |
-PRBool |
-map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent) |
-{ |
- if (mapPtr == NULL) { |
- if (indent > 0) |
- printnode(info, " ", -1); |
- if (indent >= 0) |
- printnode(info, "******************* ", -1); |
- return PR_FALSE; |
- } else if (mapPtr == WrongEntry) { |
- if (indent > 0) |
- printnode(info, " ", -1); |
- if (indent >= 0) |
- printnode(info, "??????????????????? ", -1); |
- return PR_FALSE; |
- } else { |
- return PR_TRUE; |
- } |
+PRBool map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent) { |
+ if (mapPtr == NULL) { |
+ if (indent > 0) printnode(info, " ", -1); |
+ if (indent >= 0) printnode(info, "******************* ", -1); |
+ return PR_FALSE; |
+ } else if (mapPtr == WrongEntry) { |
+ if (indent > 0) printnode(info, " ", -1); |
+ if (indent >= 0) printnode(info, "??????????????????? ", -1); |
+ return PR_FALSE; |
+ } else { |
+ return PR_TRUE; |
+ } |
} |
/* these call each other */ |
-void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, |
+void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, |
int direction); |
-void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, |
+void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, |
int direction); |
-void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, |
+void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, |
int direction, int optindex, int opttype); |
-void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, |
+void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, |
int direction); |
-/* Given an smime entry, print its unique identifier. If GOLEFT is |
+/* Given an smime entry, print its unique identifier. If GOLEFT is |
* specified, print the cert<-subject<-smime map, else just print |
* the smime entry. |
*/ |
-void |
-print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction) |
-{ |
- certDBSubjectEntryMap *subjMap; |
- certDBEntryListNode *subjNode; |
- if (direction == GOLEFT) { |
- /* Need to output subject and cert first, see print_subject_graph */ |
- subjNode = smimeMap->pSubject; |
- if (map_handle_is_ok(info, (void *)subjNode, 1)) { |
- subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
- print_subject_graph(info, subjMap, GOLEFT, |
- smimeMap->index, certDBEntryTypeSMimeProfile); |
- } else { |
- printnode(info, "<---- S/MIME %5d ", smimeMap->index); |
- info->dbErrors[NoSubjectForSMime]++; |
- } |
+void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, |
+ int direction) { |
+ certDBSubjectEntryMap *subjMap; |
+ certDBEntryListNode *subjNode; |
+ if (direction == GOLEFT) { |
+ /* Need to output subject and cert first, see print_subject_graph */ |
+ subjNode = smimeMap->pSubject; |
+ if (map_handle_is_ok(info, (void *)subjNode, 1)) { |
+ subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
+ print_subject_graph(info, subjMap, GOLEFT, smimeMap->index, |
+ certDBEntryTypeSMimeProfile); |
} else { |
- printnode(info, "S/MIME %5d ", smimeMap->index); |
+ printnode(info, "<---- S/MIME %5d ", smimeMap->index); |
+ info->dbErrors[NoSubjectForSMime]++; |
} |
+ } else { |
+ printnode(info, "S/MIME %5d ", smimeMap->index); |
+ } |
} |
-/* Given a nickname entry, print its unique identifier. If GOLEFT is |
+/* Given a nickname entry, print its unique identifier. If GOLEFT is |
* specified, print the cert<-subject<-nickname map, else just print |
* the nickname entry. |
*/ |
-void |
-print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction) |
-{ |
- certDBSubjectEntryMap *subjMap; |
- certDBEntryListNode *subjNode; |
- if (direction == GOLEFT) { |
- /* Need to output subject and cert first, see print_subject_graph */ |
- subjNode = nickMap->pSubject; |
- if (map_handle_is_ok(info, (void *)subjNode, 1)) { |
- subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
- print_subject_graph(info, subjMap, GOLEFT, |
- nickMap->index, certDBEntryTypeNickname); |
- } else { |
- printnode(info, "<---- Nickname %5d ", nickMap->index); |
- info->dbErrors[NoSubjectForNickname]++; |
- } |
+void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, |
+ int direction) { |
+ certDBSubjectEntryMap *subjMap; |
+ certDBEntryListNode *subjNode; |
+ if (direction == GOLEFT) { |
+ /* Need to output subject and cert first, see print_subject_graph */ |
+ subjNode = nickMap->pSubject; |
+ if (map_handle_is_ok(info, (void *)subjNode, 1)) { |
+ subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
+ print_subject_graph(info, subjMap, GOLEFT, nickMap->index, |
+ certDBEntryTypeNickname); |
} else { |
- printnode(info, "Nickname %5d ", nickMap->index); |
+ printnode(info, "<---- Nickname %5d ", nickMap->index); |
+ info->dbErrors[NoSubjectForNickname]++; |
} |
+ } else { |
+ printnode(info, "Nickname %5d ", nickMap->index); |
+ } |
} |
/* Given a subject entry, if going right print the graph of the nickname|smime |
* that it maps to (by its unique identifier); and if going left |
* print the list of certs that it points to. |
*/ |
-void |
-print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, |
- int direction, int optindex, int opttype) |
-{ |
- certDBEntryMap *map; |
- certDBEntryListNode *node; |
- int i; |
- /* The first line of output always contains the cert id, subject id, |
- * and nickname|smime id. Subsequent lines may contain additional |
- * cert id's for the subject if going left or both directions. |
- * Ex. of printing the graph for a subject entry: |
- * Cert 3 <- Subject 5 -> Nickname 32 |
- * Cert 8 / |
- * Cert 9 / |
- * means subject 5 has 3 certs, 3, 8, and 9, and corresponds |
- * to nickname entry 32. |
- * To accomplish the above, it is required to dump the entire first |
- * line left-to-right, regardless of the input direction, and then |
- * finish up any remaining cert entries. Hence the code is uglier |
- * than one may expect. |
+void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, |
+ int direction, int optindex, int opttype) { |
+ certDBEntryMap *map; |
+ certDBEntryListNode *node; |
+ int i; |
+ /* The first line of output always contains the cert id, subject id, |
+ * and nickname|smime id. Subsequent lines may contain additional |
+ * cert id's for the subject if going left or both directions. |
+ * Ex. of printing the graph for a subject entry: |
+ * Cert 3 <- Subject 5 -> Nickname 32 |
+ * Cert 8 / |
+ * Cert 9 / |
+ * means subject 5 has 3 certs, 3, 8, and 9, and corresponds |
+ * to nickname entry 32. |
+ * To accomplish the above, it is required to dump the entire first |
+ * line left-to-right, regardless of the input direction, and then |
+ * finish up any remaining cert entries. Hence the code is uglier |
+ * than one may expect. |
+ */ |
+ if (direction == GOLEFT || direction == GOBOTH) { |
+ /* In this case, nothing should be output until the first cert is |
+ * located and output (cert 3 in the above example). |
*/ |
- if (direction == GOLEFT || direction == GOBOTH) { |
- /* In this case, nothing should be output until the first cert is |
- * located and output (cert 3 in the above example). |
- */ |
- if (subjMap->numCerts == 0 || subjMap->pCerts == NULL) |
- /* XXX uh-oh */ |
- return; |
- /* get the first cert and dump it. */ |
- node = subjMap->pCerts[0]; |
- if (map_handle_is_ok(info, (void *)node, 0)) { |
- map = (certDBEntryMap *)node->appData; |
- /* going left here stops. */ |
- print_cert_graph(info, map, GOLEFT); |
- } else { |
- info->dbErrors[SubjectHasNoKeyForCert]++; |
- } |
- /* Now it is safe to output the subject id. */ |
- if (direction == GOLEFT) |
- printnode(info, "Subject %5d <---- ", subjMap->index); |
- else /* direction == GOBOTH */ |
- printnode(info, "Subject %5d ----> ", subjMap->index); |
+ if (subjMap->numCerts == 0 || subjMap->pCerts == NULL) /* XXX uh-oh */ |
+ return; |
+ /* get the first cert and dump it. */ |
+ node = subjMap->pCerts[0]; |
+ if (map_handle_is_ok(info, (void *)node, 0)) { |
+ map = (certDBEntryMap *)node->appData; |
+ /* going left here stops. */ |
+ print_cert_graph(info, map, GOLEFT); |
+ } else { |
+ info->dbErrors[SubjectHasNoKeyForCert]++; |
} |
- if (direction == GORIGHT || direction == GOBOTH) { |
- /* Okay, now output the nickname|smime for this subject. */ |
- if (direction != GOBOTH) /* handled above */ |
- printnode(info, "Subject %5d ----> ", subjMap->index); |
- if (subjMap->pNickname) { |
- node = subjMap->pNickname; |
- if (map_handle_is_ok(info, (void *)node, 0)) { |
- map = (certDBEntryMap *)node->appData; |
- /* going right here stops. */ |
- print_nickname_graph(info, map, GORIGHT); |
- } |
- } |
- if (subjMap->pSMime) { |
- node = subjMap->pSMime; |
- if (map_handle_is_ok(info, (void *)node, 0)) { |
- map = (certDBEntryMap *)node->appData; |
- /* going right here stops. */ |
- print_smime_graph(info, map, GORIGHT); |
- } |
- } |
- if (!subjMap->pNickname && !subjMap->pSMime) { |
- printnode(info, "******************* ", -1); |
- info->dbErrors[NoNicknameOrSMimeForSubject]++; |
- } |
- if (subjMap->pNickname && subjMap->pSMime) { |
- info->dbErrors[NicknameAndSMimeEntries]++; |
- } |
+ /* Now it is safe to output the subject id. */ |
+ if (direction == GOLEFT) |
+ printnode(info, "Subject %5d <---- ", subjMap->index); |
+ else /* direction == GOBOTH */ |
+ printnode(info, "Subject %5d ----> ", subjMap->index); |
+ } |
+ if (direction == GORIGHT || direction == GOBOTH) { |
+ /* Okay, now output the nickname|smime for this subject. */ |
+ if (direction != GOBOTH) /* handled above */ |
+ printnode(info, "Subject %5d ----> ", subjMap->index); |
+ if (subjMap->pNickname) { |
+ node = subjMap->pNickname; |
+ if (map_handle_is_ok(info, (void *)node, 0)) { |
+ map = (certDBEntryMap *)node->appData; |
+ /* going right here stops. */ |
+ print_nickname_graph(info, map, GORIGHT); |
+ } |
} |
- if (direction != GORIGHT) { /* going right has only one cert */ |
- if (opttype == certDBEntryTypeNickname) |
- printnode(info, "Nickname %5d ", optindex); |
- else if (opttype == certDBEntryTypeSMimeProfile) |
- printnode(info, "S/MIME %5d ", optindex); |
- for (i=1 /* 1st one already done */; i<subjMap->numCerts; i++) { |
- printnode(info, "\n", -1); /* start a new line */ |
- node = subjMap->pCerts[i]; |
- if (map_handle_is_ok(info, (void *)node, 0)) { |
- map = (certDBEntryMap *)node->appData; |
- /* going left here stops. */ |
- print_cert_graph(info, map, GOLEFT); |
- printnode(info, "/", -1); |
- } |
- } |
+ if (subjMap->pSMime) { |
+ node = subjMap->pSMime; |
+ if (map_handle_is_ok(info, (void *)node, 0)) { |
+ map = (certDBEntryMap *)node->appData; |
+ /* going right here stops. */ |
+ print_smime_graph(info, map, GORIGHT); |
+ } |
} |
+ if (!subjMap->pNickname && !subjMap->pSMime) { |
+ printnode(info, "******************* ", -1); |
+ info->dbErrors[NoNicknameOrSMimeForSubject]++; |
+ } |
+ if (subjMap->pNickname && subjMap->pSMime) { |
+ info->dbErrors[NicknameAndSMimeEntries]++; |
+ } |
+ } |
+ if (direction != GORIGHT) {/* going right has only one cert */ |
+ if (opttype == certDBEntryTypeNickname) |
+ printnode(info, "Nickname %5d ", optindex); |
+ else if (opttype == certDBEntryTypeSMimeProfile) |
+ printnode(info, "S/MIME %5d ", optindex); |
+ for (i = 1 /* 1st one already done */; i < subjMap->numCerts; i++) { |
+ printnode(info, "\n", -1); /* start a new line */ |
+ node = subjMap->pCerts[i]; |
+ if (map_handle_is_ok(info, (void *)node, 0)) { |
+ map = (certDBEntryMap *)node->appData; |
+ /* going left here stops. */ |
+ print_cert_graph(info, map, GOLEFT); |
+ printnode(info, "/", -1); |
+ } |
+ } |
+ } |
} |
/* Given a cert entry, print its unique identifer. If GORIGHT is specified, |
* print the cert->subject->nickname|smime map, else just print |
* the cert entry. |
*/ |
-void |
-print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction) |
-{ |
- certDBSubjectEntryMap *subjMap; |
- certDBEntryListNode *subjNode; |
- if (direction == GOLEFT) { |
- printnode(info, "Cert %5d <---- ", certMap->index); |
- /* only want cert entry, terminate here. */ |
- return; |
- } |
- /* Keep going right then. */ |
- printnode(info, "Cert %5d ----> ", certMap->index); |
- subjNode = certMap->pSubject; |
- if (map_handle_is_ok(info, (void *)subjNode, 0)) { |
- subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
- print_subject_graph(info, subjMap, GORIGHT, -1, -1); |
- } else { |
- info->dbErrors[NoSubjectForCert]++; |
- } |
+void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, |
+ int direction) { |
+ certDBSubjectEntryMap *subjMap; |
+ certDBEntryListNode *subjNode; |
+ if (direction == GOLEFT) { |
+ printnode(info, "Cert %5d <---- ", certMap->index); |
+ /* only want cert entry, terminate here. */ |
+ return; |
+ } |
+ /* Keep going right then. */ |
+ printnode(info, "Cert %5d ----> ", certMap->index); |
+ subjNode = certMap->pSubject; |
+ if (map_handle_is_ok(info, (void *)subjNode, 0)) { |
+ subjMap = (certDBSubjectEntryMap *)subjNode->appData; |
+ print_subject_graph(info, subjMap, GORIGHT, -1, -1); |
+ } else { |
+ info->dbErrors[NoSubjectForCert]++; |
+ } |
} |
-SECStatus |
-computeDBGraph(certDBArray *dbArray, dbDebugInfo *info) |
-{ |
- PRCList *cElem, *sElem, *nElem, *mElem; |
- certDBEntryListNode *node; |
- certDBEntryMap *map; |
- certDBSubjectEntryMap *subjMap; |
+SECStatus computeDBGraph(certDBArray *dbArray, dbDebugInfo *info) { |
+ PRCList *cElem, *sElem, *nElem, *mElem; |
+ certDBEntryListNode *node; |
+ certDBEntryMap *map; |
+ certDBSubjectEntryMap *subjMap; |
- /* Graph is of this form: |
- * |
- * certs: |
- * cert ---> subject ---> (nickname|smime) |
- * |
- * subjects: |
- * cert <--- subject ---> (nickname|smime) |
- * |
- * nicknames and smime: |
- * cert <--- subject <--- (nickname|smime) |
- */ |
+ /* Graph is of this form: |
+ * |
+ * certs: |
+ * cert ---> subject ---> (nickname|smime) |
+ * |
+ * subjects: |
+ * cert <--- subject ---> (nickname|smime) |
+ * |
+ * nicknames and smime: |
+ * cert <--- subject <--- (nickname|smime) |
+ */ |
- /* Print cert graph. */ |
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link); |
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { |
- /* Print graph of everything to right of cert entry. */ |
- node = LISTNODE_CAST(cElem); |
- map = (certDBEntryMap *)node->appData; |
- print_cert_graph(info, map, GORIGHT); |
- printnode(info, "\n", -1); |
- } |
+ /* Print cert graph. */ |
+ for (cElem = PR_LIST_HEAD(&dbArray->certs.link); |
+ cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { |
+ /* Print graph of everything to right of cert entry. */ |
+ node = LISTNODE_CAST(cElem); |
+ map = (certDBEntryMap *)node->appData; |
+ print_cert_graph(info, map, GORIGHT); |
printnode(info, "\n", -1); |
+ } |
+ printnode(info, "\n", -1); |
- /* Print subject graph. */ |
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
- /* Print graph of everything to both sides of subject entry. */ |
- node = LISTNODE_CAST(sElem); |
- subjMap = (certDBSubjectEntryMap *)node->appData; |
- print_subject_graph(info, subjMap, GOBOTH, -1, -1); |
- printnode(info, "\n", -1); |
- } |
+ /* Print subject graph. */ |
+ for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); |
+ sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { |
+ /* Print graph of everything to both sides of subject entry. */ |
+ node = LISTNODE_CAST(sElem); |
+ subjMap = (certDBSubjectEntryMap *)node->appData; |
+ print_subject_graph(info, subjMap, GOBOTH, -1, -1); |
printnode(info, "\n", -1); |
+ } |
+ printnode(info, "\n", -1); |
- /* Print nickname graph. */ |
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); |
- nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) { |
- /* Print graph of everything to left of nickname entry. */ |
- node = LISTNODE_CAST(nElem); |
- map = (certDBEntryMap *)node->appData; |
- print_nickname_graph(info, map, GOLEFT); |
- printnode(info, "\n", -1); |
- } |
+ /* Print nickname graph. */ |
+ for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); |
+ nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) { |
+ /* Print graph of everything to left of nickname entry. */ |
+ node = LISTNODE_CAST(nElem); |
+ map = (certDBEntryMap *)node->appData; |
+ print_nickname_graph(info, map, GOLEFT); |
printnode(info, "\n", -1); |
+ } |
+ printnode(info, "\n", -1); |
- /* Print smime graph. */ |
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link); |
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { |
- /* Print graph of everything to left of smime entry. */ |
- node = LISTNODE_CAST(mElem); |
- if (node == NULL) break; |
- map = (certDBEntryMap *)node->appData; |
- print_smime_graph(info, map, GOLEFT); |
- printnode(info, "\n", -1); |
- } |
+ /* Print smime graph. */ |
+ for (mElem = PR_LIST_HEAD(&dbArray->smime.link); |
+ mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { |
+ /* Print graph of everything to left of smime entry. */ |
+ node = LISTNODE_CAST(mElem); |
+ if (node == NULL) break; |
+ map = (certDBEntryMap *)node->appData; |
+ print_smime_graph(info, map, GOLEFT); |
printnode(info, "\n", -1); |
+ } |
+ printnode(info, "\n", -1); |
- return SECSuccess; |
+ return SECSuccess; |
} |
/* |
* List the entries in the db, showing handles between entry types. |
*/ |
-void |
-verboseOutput(certDBArray *dbArray, dbDebugInfo *info) |
-{ |
- int i, ref; |
- PRCList *elem; |
- certDBEntryListNode *node; |
- certDBEntryMap *map; |
- certDBSubjectEntryMap *smap; |
- certDBEntrySubject *subjectEntry; |
+void verboseOutput(certDBArray *dbArray, dbDebugInfo *info) { |
+ int i, ref; |
+ PRCList *elem; |
+ certDBEntryListNode *node; |
+ certDBEntryMap *map; |
+ certDBSubjectEntryMap *smap; |
+ certDBEntrySubject *subjectEntry; |
- /* List certs */ |
- for (elem = PR_LIST_HEAD(&dbArray->certs.link); |
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) { |
- node = LISTNODE_CAST(elem); |
- map = (certDBEntryMap *)node->appData; |
- dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out); |
- /* walk the cert handle to it's subject entry */ |
- if (map_handle_is_ok(info, map->pSubject, -1)) { |
- smap = (certDBSubjectEntryMap *)map->pSubject->appData; |
- ref = smap->index; |
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
- } else { |
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
- } |
+ /* List certs */ |
+ for (elem = PR_LIST_HEAD(&dbArray->certs.link); elem != &dbArray->certs.link; |
+ elem = PR_NEXT_LINK(elem)) { |
+ node = LISTNODE_CAST(elem); |
+ map = (certDBEntryMap *)node->appData; |
+ dumpCertEntry((certDBEntryCert *)&node->entry, map->index, info->out); |
+ /* walk the cert handle to it's subject entry */ |
+ if (map_handle_is_ok(info, map->pSubject, -1)) { |
+ smap = (certDBSubjectEntryMap *)map->pSubject->appData; |
+ ref = smap->index; |
+ PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
} |
- /* List subjects */ |
- for (elem = PR_LIST_HEAD(&dbArray->subjects.link); |
- elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) { |
- int refs = 0; |
- node = LISTNODE_CAST(elem); |
- subjectEntry = (certDBEntrySubject *)&node->entry; |
- smap = (certDBSubjectEntryMap *)node->appData; |
- dumpSubjectEntry(subjectEntry, smap->index, info->out); |
- /* iterate over subject's certs */ |
- for (i=0; i<smap->numCerts; i++) { |
- /* walk each subject handle to it's cert entries */ |
- if (map_handle_is_ok(info, smap->pCerts[i], -1)) { |
- ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index; |
- PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref); |
- } else { |
- PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i); |
- } |
- } |
- if (subjectEntry->nickname) { |
- ++refs; |
- /* walk each subject handle to it's nickname entry */ |
- if (map_handle_is_ok(info, smap->pNickname, -1)) { |
- ref = ((certDBEntryMap *)smap->pNickname->appData)->index; |
- PR_fprintf(info->out, "-->(nickname %d)\n", ref); |
- } else { |
- PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n"); |
- } |
- } |
- if (subjectEntry->nemailAddrs && |
- subjectEntry->emailAddrs && |
- subjectEntry->emailAddrs[0] && |
- subjectEntry->emailAddrs[0][0]) { |
- ++refs; |
- /* walk each subject handle to it's smime entry */ |
- if (map_handle_is_ok(info, smap->pSMime, -1)) { |
- ref = ((certDBEntryMap *)smap->pSMime->appData)->index; |
- PR_fprintf(info->out, "-->(s/mime %d)\n", ref); |
- } else { |
- PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n"); |
- } |
- } |
- if (!refs) { |
- PR_fprintf(info->out, "-->(NO NICKNAME+S/MIME ENTRY)\n"); |
- } |
- PR_fprintf(info->out, "\n\n"); |
+ } |
+ /* List subjects */ |
+ for (elem = PR_LIST_HEAD(&dbArray->subjects.link); |
+ elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) { |
+ int refs = 0; |
+ node = LISTNODE_CAST(elem); |
+ subjectEntry = (certDBEntrySubject *)&node->entry; |
+ smap = (certDBSubjectEntryMap *)node->appData; |
+ dumpSubjectEntry(subjectEntry, smap->index, info->out); |
+ /* iterate over subject's certs */ |
+ for (i = 0; i < smap->numCerts; i++) { |
+ /* walk each subject handle to it's cert entries */ |
+ if (map_handle_is_ok(info, smap->pCerts[i], -1)) { |
+ ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index; |
+ PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i); |
+ } |
} |
- for (elem = PR_LIST_HEAD(&dbArray->nicknames.link); |
- elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) { |
- node = LISTNODE_CAST(elem); |
- map = (certDBEntryMap *)node->appData; |
- dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index, |
- info->out); |
- if (map_handle_is_ok(info, map->pSubject, -1)) { |
- ref = ((certDBEntryMap *)map->pSubject->appData)->index; |
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
- } else { |
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
- } |
+ if (subjectEntry->nickname) { |
+ ++refs; |
+ /* walk each subject handle to it's nickname entry */ |
+ if (map_handle_is_ok(info, smap->pNickname, -1)) { |
+ ref = ((certDBEntryMap *)smap->pNickname->appData)->index; |
+ PR_fprintf(info->out, "-->(nickname %d)\n", ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n"); |
+ } |
} |
- for (elem = PR_LIST_HEAD(&dbArray->smime.link); |
- elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) { |
- node = LISTNODE_CAST(elem); |
- map = (certDBEntryMap *)node->appData; |
- dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out); |
- if (map_handle_is_ok(info, map->pSubject, -1)) { |
- ref = ((certDBEntryMap *)map->pSubject->appData)->index; |
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
- } else { |
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
- } |
+ if (subjectEntry->nemailAddrs && subjectEntry->emailAddrs && |
+ subjectEntry->emailAddrs[0] && subjectEntry->emailAddrs[0][0]) { |
+ ++refs; |
+ /* walk each subject handle to it's smime entry */ |
+ if (map_handle_is_ok(info, smap->pSMime, -1)) { |
+ ref = ((certDBEntryMap *)smap->pSMime->appData)->index; |
+ PR_fprintf(info->out, "-->(s/mime %d)\n", ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n"); |
+ } |
+ } |
+ if (!refs) { |
+ PR_fprintf(info->out, "-->(NO NICKNAME+S/MIME ENTRY)\n"); |
} |
PR_fprintf(info->out, "\n\n"); |
+ } |
+ for (elem = PR_LIST_HEAD(&dbArray->nicknames.link); |
+ elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) { |
+ node = LISTNODE_CAST(elem); |
+ map = (certDBEntryMap *)node->appData; |
+ dumpNicknameEntry((certDBEntryNickname *)&node->entry, map->index, |
+ info->out); |
+ if (map_handle_is_ok(info, map->pSubject, -1)) { |
+ ref = ((certDBEntryMap *)map->pSubject->appData)->index; |
+ PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
+ } |
+ } |
+ for (elem = PR_LIST_HEAD(&dbArray->smime.link); elem != &dbArray->smime.link; |
+ elem = PR_NEXT_LINK(elem)) { |
+ node = LISTNODE_CAST(elem); |
+ map = (certDBEntryMap *)node->appData; |
+ dumpSMimeEntry((certDBEntrySMime *)&node->entry, map->index, info->out); |
+ if (map_handle_is_ok(info, map->pSubject, -1)) { |
+ ref = ((certDBEntryMap *)map->pSubject->appData)->index; |
+ PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); |
+ } else { |
+ PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); |
+ } |
+ } |
+ PR_fprintf(info->out, "\n\n"); |
} |
- |
/* A callback function, intended to be called from nsslowcert_TraverseDBEntries |
* Builds a PRCList of DB entries of the specified type. |
*/ |
-SECStatus |
-SEC_GetCertDBEntryList(SECItem *dbdata, SECItem *dbkey, |
- certDBEntryType entryType, void *pdata) |
-{ |
- certDBEntry * entry; |
- certDBEntryListNode * node; |
- PRCList * list = (PRCList *)pdata; |
+SECStatus SEC_GetCertDBEntryList(SECItem *dbdata, SECItem *dbkey, |
+ certDBEntryType entryType, void *pdata) { |
+ certDBEntry *entry; |
+ certDBEntryListNode *node; |
+ PRCList *list = (PRCList *)pdata; |
- if (!dbdata || !dbkey || !pdata || !dbdata->data || !dbkey->data) { |
- PORT_SetError(SEC_ERROR_INVALID_ARGS); |
- return SECFailure; |
- } |
- entry = nsslowcert_DecodeAnyDBEntry(dbdata, dbkey, entryType, NULL); |
- if (!entry) { |
- return SECSuccess; /* skip it */ |
- } |
- node = PORT_ArenaZNew(entry->common.arena, certDBEntryListNode); |
- if (!node) { |
- /* DestroyDBEntry(entry); */ |
- PLArenaPool *arena = entry->common.arena; |
- PORT_Memset(&entry->common, 0, sizeof entry->common); |
- PORT_FreeArena(arena, PR_FALSE); |
- return SECFailure; |
- } |
- node->entry = *entry; /* crude but effective. */ |
- PR_INIT_CLIST(&node->link); |
- PR_INSERT_BEFORE(&node->link, list); |
- return SECSuccess; |
+ if (!dbdata || !dbkey || !pdata || !dbdata->data || !dbkey->data) { |
+ PORT_SetError(SEC_ERROR_INVALID_ARGS); |
+ return SECFailure; |
+ } |
+ entry = nsslowcert_DecodeAnyDBEntry(dbdata, dbkey, entryType, NULL); |
+ if (!entry) { |
+ return SECSuccess; /* skip it */ |
+ } |
+ node = PORT_ArenaZNew(entry->common.arena, certDBEntryListNode); |
+ if (!node) { |
+ /* DestroyDBEntry(entry); */ |
+ PLArenaPool *arena = entry->common.arena; |
+ PORT_Memset(&entry->common, 0, sizeof entry->common); |
+ PORT_FreeArena(arena, PR_FALSE); |
+ return SECFailure; |
+ } |
+ node->entry = *entry; /* crude but effective. */ |
+ PR_INIT_CLIST(&node->link); |
+ PR_INSERT_BEFORE(&node->link, list); |
+ return SECSuccess; |
} |
+int fillDBEntryArray(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, |
+ certDBEntryListNode *list) { |
+ PRCList *elem; |
+ certDBEntryListNode *node; |
+ certDBEntryMap *mnode; |
+ certDBSubjectEntryMap *smnode; |
+ PLArenaPool *arena; |
+ int count = 0; |
-int |
-fillDBEntryArray(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, |
- certDBEntryListNode *list) |
-{ |
- PRCList *elem; |
- certDBEntryListNode *node; |
- certDBEntryMap *mnode; |
- certDBSubjectEntryMap *smnode; |
- PLArenaPool *arena; |
- int count = 0; |
+ /* Initialize a dummy entry in the list. The list head will be the |
+ * next element, so this element is skipped by for loops. |
+ */ |
+ PR_INIT_CLIST((PRCList *)list); |
+ /* Collect all of the cert db entries for this type into a list. */ |
+ nsslowcert_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList, list); |
- /* Initialize a dummy entry in the list. The list head will be the |
- * next element, so this element is skipped by for loops. |
- */ |
- PR_INIT_CLIST((PRCList *)list); |
- /* Collect all of the cert db entries for this type into a list. */ |
- nsslowcert_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList, list); |
- |
- for (elem = PR_LIST_HEAD(&list->link); |
- elem != &list->link; elem = PR_NEXT_LINK(elem)) { |
- /* Iterate over the entries and ... */ |
- node = (certDBEntryListNode *)elem; |
- if (type != certDBEntryTypeSubject) { |
- arena = PORT_NewArena(sizeof(*mnode)); |
- mnode = PORT_ArenaZNew(arena, certDBEntryMap); |
- mnode->arena = arena; |
- /* ... assign a unique index number to each node, and ... */ |
- mnode->index = count; |
- /* ... set the map pointer for the node. */ |
- node->appData = (void *)mnode; |
- } else { |
- /* allocate some room for the cert pointers also */ |
- arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *)); |
- smnode = PORT_ArenaZNew(arena, certDBSubjectEntryMap); |
- smnode->arena = arena; |
- smnode->index = count; |
- node->appData = (void *)smnode; |
- } |
- count++; |
+ for (elem = PR_LIST_HEAD(&list->link); elem != &list->link; |
+ elem = PR_NEXT_LINK(elem)) { |
+ /* Iterate over the entries and ... */ |
+ node = (certDBEntryListNode *)elem; |
+ if (type != certDBEntryTypeSubject) { |
+ arena = PORT_NewArena(sizeof(*mnode)); |
+ mnode = PORT_ArenaZNew(arena, certDBEntryMap); |
+ mnode->arena = arena; |
+ /* ... assign a unique index number to each node, and ... */ |
+ mnode->index = count; |
+ /* ... set the map pointer for the node. */ |
+ node->appData = (void *)mnode; |
+ } else { |
+ /* allocate some room for the cert pointers also */ |
+ arena = PORT_NewArena(sizeof(*smnode) + 20 * sizeof(void *)); |
+ smnode = PORT_ArenaZNew(arena, certDBSubjectEntryMap); |
+ smnode->arena = arena; |
+ smnode->index = count; |
+ node->appData = (void *)smnode; |
} |
- return count; |
+ count++; |
+ } |
+ return count; |
} |
-void |
-freeDBEntryList(PRCList *list) |
-{ |
- PRCList *next, *elem; |
- certDBEntryListNode *node; |
- certDBEntryMap *map; |
+void freeDBEntryList(PRCList *list) { |
+ PRCList *next, *elem; |
+ certDBEntryListNode *node; |
+ certDBEntryMap *map; |
- for (elem = PR_LIST_HEAD(list); elem != list;) { |
- next = PR_NEXT_LINK(elem); |
- node = (certDBEntryListNode *)elem; |
- map = (certDBEntryMap *)node->appData; |
- PR_REMOVE_LINK(&node->link); |
- PORT_FreeArena(map->arena, PR_TRUE); |
- PORT_FreeArena(node->entry.common.arena, PR_TRUE); |
- elem = next; |
- } |
+ for (elem = PR_LIST_HEAD(list); elem != list;) { |
+ next = PR_NEXT_LINK(elem); |
+ node = (certDBEntryListNode *)elem; |
+ map = (certDBEntryMap *)node->appData; |
+ PR_REMOVE_LINK(&node->link); |
+ PORT_FreeArena(map->arena, PR_TRUE); |
+ PORT_FreeArena(node->entry.common.arena, PR_TRUE); |
+ elem = next; |
+ } |
} |
-void |
-DBCK_DebugDB(NSSLOWCERTCertDBHandle *handle, PRFileDesc *out, |
- PRFileDesc *mailfile) |
-{ |
- int i, nCertsFound, nSubjFound, nErr; |
- int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime, nRevocation; |
- PRCList *elem; |
- char c; |
- dbDebugInfo info; |
- certDBArray dbArray; |
+void DBCK_DebugDB(NSSLOWCERTCertDBHandle *handle, PRFileDesc *out, |
+ PRFileDesc *mailfile) { |
+ int i, nCertsFound, nSubjFound, nErr; |
+ int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime, nRevocation; |
+ PRCList *elem; |
+ char c; |
+ dbDebugInfo info; |
+ certDBArray dbArray; |
- PORT_Memset(&dbArray, 0, sizeof(dbArray)); |
- PORT_Memset(&info, 0, sizeof(info)); |
- info.verbose = (PRBool)(out != NULL); |
- info.dograph = info.verbose; |
- info.out = (out) ? out : PR_STDOUT; |
- info.graphfile = mailfile ? mailfile : PR_STDOUT; |
+ PORT_Memset(&dbArray, 0, sizeof(dbArray)); |
+ PORT_Memset(&info, 0, sizeof(info)); |
+ info.verbose = (PRBool)(out != NULL); |
+ info.dograph = info.verbose; |
+ info.out = (out) ? out : PR_STDOUT; |
+ info.graphfile = mailfile ? mailfile : PR_STDOUT; |
- /* Fill the array structure with cert/subject/nickname/smime entries. */ |
- dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert, |
- &dbArray.certs); |
- dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject, |
- &dbArray.subjects); |
- dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname, |
- &dbArray.nicknames); |
- dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile, |
- &dbArray.smime); |
- dbArray.numRevocation= fillDBEntryArray(handle, certDBEntryTypeRevocation, |
- &dbArray.revocation); |
+ /* Fill the array structure with cert/subject/nickname/smime entries. */ |
+ dbArray.numCerts = |
+ fillDBEntryArray(handle, certDBEntryTypeCert, &dbArray.certs); |
+ dbArray.numSubjects = |
+ fillDBEntryArray(handle, certDBEntryTypeSubject, &dbArray.subjects); |
+ dbArray.numNicknames = |
+ fillDBEntryArray(handle, certDBEntryTypeNickname, &dbArray.nicknames); |
+ dbArray.numSMime = |
+ fillDBEntryArray(handle, certDBEntryTypeSMimeProfile, &dbArray.smime); |
+ dbArray.numRevocation = |
+ fillDBEntryArray(handle, certDBEntryTypeRevocation, &dbArray.revocation); |
- /* Compute the map between the database entries. */ |
- mapSubjectEntries(&dbArray); |
- mapCertEntries(&dbArray); |
- computeDBGraph(&dbArray, &info); |
+ /* Compute the map between the database entries. */ |
+ mapSubjectEntries(&dbArray); |
+ mapCertEntries(&dbArray); |
+ computeDBGraph(&dbArray, &info); |
- /* Store the totals for later reference. */ |
- nCerts = dbArray.numCerts; |
- nSubjects = dbArray.numSubjects; |
- nNicknames = dbArray.numNicknames; |
- nSMime = dbArray.numSMime; |
- nRevocation= dbArray.numRevocation; |
- nSubjCerts = 0; |
- for (elem = PR_LIST_HEAD(&dbArray.subjects.link); |
- elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) { |
- certDBSubjectEntryMap *smap; |
- smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData; |
- nSubjCerts += smap->numCerts; |
- } |
+ /* Store the totals for later reference. */ |
+ nCerts = dbArray.numCerts; |
+ nSubjects = dbArray.numSubjects; |
+ nNicknames = dbArray.numNicknames; |
+ nSMime = dbArray.numSMime; |
+ nRevocation = dbArray.numRevocation; |
+ nSubjCerts = 0; |
+ for (elem = PR_LIST_HEAD(&dbArray.subjects.link); |
+ elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) { |
+ certDBSubjectEntryMap *smap; |
+ smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData; |
+ nSubjCerts += smap->numCerts; |
+ } |
- if (info.verbose) { |
- /* Dump the database contents. */ |
- verboseOutput(&dbArray, &info); |
- } |
+ if (info.verbose) { |
+ /* Dump the database contents. */ |
+ verboseOutput(&dbArray, &info); |
+ } |
- freeDBEntryList(&dbArray.certs.link); |
- freeDBEntryList(&dbArray.subjects.link); |
- freeDBEntryList(&dbArray.nicknames.link); |
- freeDBEntryList(&dbArray.smime.link); |
- freeDBEntryList(&dbArray.revocation.link); |
+ freeDBEntryList(&dbArray.certs.link); |
+ freeDBEntryList(&dbArray.subjects.link); |
+ freeDBEntryList(&dbArray.nicknames.link); |
+ freeDBEntryList(&dbArray.smime.link); |
+ freeDBEntryList(&dbArray.revocation.link); |
- PR_fprintf(info.out, "\n"); |
- PR_fprintf(info.out, "Database statistics:\n"); |
- PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n", |
- nCerts); |
- PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n", |
- nSubjects); |
- PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n", |
- nSubjCerts); |
- PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n", |
- nNicknames); |
- PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n", |
- nSMime); |
- PR_fprintf(info.out, "N5: Found %4d CRL entries.\n", |
- nRevocation); |
- PR_fprintf(info.out, "\n"); |
+ PR_fprintf(info.out, "\n"); |
+ PR_fprintf(info.out, "Database statistics:\n"); |
+ PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n", nCerts); |
+ PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n", |
+ nSubjects); |
+ PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n", |
+ nSubjCerts); |
+ PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n", nNicknames); |
+ PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n", nSMime); |
+ PR_fprintf(info.out, "N5: Found %4d CRL entries.\n", nRevocation); |
+ PR_fprintf(info.out, "\n"); |
- nErr = 0; |
- for (i=0; i < NUM_ERROR_TYPES; i++) { |
- PR_fprintf(info.out, "E%d: Found %4d %s\n", |
- i, info.dbErrors[i], errResult[i]); |
- nErr += info.dbErrors[i]; |
- } |
- PR_fprintf(info.out, "--------------\n Found %4d errors in database.\n", |
- nErr); |
+ nErr = 0; |
+ for (i = 0; i < NUM_ERROR_TYPES; i++) { |
+ PR_fprintf(info.out, "E%d: Found %4d %s\n", i, info.dbErrors[i], |
+ errResult[i]); |
+ nErr += info.dbErrors[i]; |
+ } |
+ PR_fprintf(info.out, "--------------\n Found %4d errors in database.\n", |
+ nErr); |
- PR_fprintf(info.out, "\nCertificates:\n"); |
- PR_fprintf(info.out, "N0 == N2 + E%d + E%d\n", NoSubjectForCert, |
- SubjectHasNoKeyForCert); |
- nCertsFound = nSubjCerts + |
- info.dbErrors[NoSubjectForCert] + |
- info.dbErrors[SubjectHasNoKeyForCert]; |
- c = (nCertsFound == nCerts) ? '=' : '!'; |
- PR_fprintf(info.out, "%d %c= %d + %d + %d\n", nCerts, c, nSubjCerts, |
- info.dbErrors[NoSubjectForCert], |
- info.dbErrors[SubjectHasNoKeyForCert]); |
- PR_fprintf(info.out, "\nSubjects:\n"); |
- PR_fprintf(info.out, |
- "N1 == N3 + N4 + E%d + E%d + E%d + E%d + E%d - E%d - E%d - E%d\n", |
- NoNicknameOrSMimeForSubject, |
- WrongNicknameForSubject, |
- NoNicknameEntry, |
- WrongSMimeForSubject, |
- NoSMimeEntry, |
- NoSubjectForNickname, |
- NoSubjectForSMime, |
- NicknameAndSMimeEntries); |
- nSubjFound = nNicknames + nSMime + |
- info.dbErrors[NoNicknameOrSMimeForSubject] + |
- info.dbErrors[WrongNicknameForSubject] + |
- info.dbErrors[NoNicknameEntry] + |
- info.dbErrors[WrongSMimeForSubject] + |
- info.dbErrors[NoSMimeEntry] - |
- info.dbErrors[NoSubjectForNickname] - |
- info.dbErrors[NoSubjectForSMime] - |
- info.dbErrors[NicknameAndSMimeEntries]; |
- c = (nSubjFound == nSubjects) ? '=' : '!'; |
- PR_fprintf(info.out, |
- "%2d %c= %2d + %2d + %2d + %2d + %2d + %2d + %2d - %2d - %2d - %2d\n", |
- nSubjects, c, nNicknames, nSMime, |
- info.dbErrors[NoNicknameOrSMimeForSubject], |
- info.dbErrors[WrongNicknameForSubject], |
- info.dbErrors[NoNicknameEntry], |
- info.dbErrors[WrongSMimeForSubject], |
- info.dbErrors[NoSMimeEntry], |
- info.dbErrors[NoSubjectForNickname], |
- info.dbErrors[NoSubjectForSMime], |
- info.dbErrors[NicknameAndSMimeEntries]); |
- PR_fprintf(info.out, "\n"); |
+ PR_fprintf(info.out, "\nCertificates:\n"); |
+ PR_fprintf(info.out, "N0 == N2 + E%d + E%d\n", NoSubjectForCert, |
+ SubjectHasNoKeyForCert); |
+ nCertsFound = nSubjCerts + info.dbErrors[NoSubjectForCert] + |
+ info.dbErrors[SubjectHasNoKeyForCert]; |
+ c = (nCertsFound == nCerts) ? '=' : '!'; |
+ PR_fprintf(info.out, "%d %c= %d + %d + %d\n", nCerts, c, nSubjCerts, |
+ info.dbErrors[NoSubjectForCert], |
+ info.dbErrors[SubjectHasNoKeyForCert]); |
+ PR_fprintf(info.out, "\nSubjects:\n"); |
+ PR_fprintf(info.out, |
+ "N1 == N3 + N4 + E%d + E%d + E%d + E%d + E%d - E%d - E%d - E%d\n", |
+ NoNicknameOrSMimeForSubject, WrongNicknameForSubject, |
+ NoNicknameEntry, WrongSMimeForSubject, NoSMimeEntry, |
+ NoSubjectForNickname, NoSubjectForSMime, NicknameAndSMimeEntries); |
+ nSubjFound = |
+ nNicknames + nSMime + info.dbErrors[NoNicknameOrSMimeForSubject] + |
+ info.dbErrors[WrongNicknameForSubject] + info.dbErrors[NoNicknameEntry] + |
+ info.dbErrors[WrongSMimeForSubject] + info.dbErrors[NoSMimeEntry] - |
+ info.dbErrors[NoSubjectForNickname] - info.dbErrors[NoSubjectForSMime] - |
+ info.dbErrors[NicknameAndSMimeEntries]; |
+ c = (nSubjFound == nSubjects) ? '=' : '!'; |
+ PR_fprintf( |
+ info.out, |
+ "%2d %c= %2d + %2d + %2d + %2d + %2d + %2d + %2d - %2d - %2d - %2d\n", |
+ nSubjects, c, nNicknames, nSMime, |
+ info.dbErrors[NoNicknameOrSMimeForSubject], |
+ info.dbErrors[WrongNicknameForSubject], info.dbErrors[NoNicknameEntry], |
+ info.dbErrors[WrongSMimeForSubject], info.dbErrors[NoSMimeEntry], |
+ info.dbErrors[NoSubjectForNickname], info.dbErrors[NoSubjectForSMime], |
+ info.dbErrors[NicknameAndSMimeEntries]); |
+ PR_fprintf(info.out, "\n"); |
} |
#ifdef DORECOVER |
#include "dbrecover.c" |
#endif /* DORECOVER */ |
enum { |
- cmd_Debug = 0, |
- cmd_LongUsage, |
- cmd_Recover |
+ cmd_Debug = 0, |
+ cmd_LongUsage, |
+ cmd_Recover |
}; |
enum { |
- opt_KeepAll = 0, |
- opt_CertDir, |
- opt_Dumpfile, |
- opt_InputDB, |
- opt_OutputDB, |
- opt_Mailfile, |
- opt_Prompt, |
- opt_KeepRedundant, |
- opt_KeepNoSMimeProfile, |
- opt_Verbose, |
- opt_KeepExpired |
+ opt_KeepAll = 0, |
+ opt_CertDir, |
+ opt_Dumpfile, |
+ opt_InputDB, |
+ opt_OutputDB, |
+ opt_Mailfile, |
+ opt_Prompt, |
+ opt_KeepRedundant, |
+ opt_KeepNoSMimeProfile, |
+ opt_Verbose, |
+ opt_KeepExpired |
}; |
-static secuCommandFlag dbck_commands[] = |
-{ |
- { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE }, |
- { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE }, |
- { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE } |
-}; |
+static secuCommandFlag dbck_commands[] = { |
+ {/* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE}, |
+ {/* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE}, |
+ {/* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE}}; |
-static secuCommandFlag dbck_options[] = |
-{ |
- { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE }, |
- { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE }, |
- { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE }, |
- { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE }, |
- { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE }, |
- { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE } |
-}; |
+static secuCommandFlag dbck_options[] = { |
+ {/* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE}, |
+ {/* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE}, |
+ {/* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE}, |
+ {/* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE}, |
+ {/* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE}, |
+ {/* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE}}; |
#define CERT_DB_FMT "%s/cert%s.db" |
-static char * |
-dbck_certdb_name_cb(void *arg, int dbVersion) |
-{ |
- const char *configdir = (const char *)arg; |
- const char *dbver; |
- char *smpname = NULL; |
- char *dbname = NULL; |
+static char *dbck_certdb_name_cb(void *arg, int dbVersion) { |
+ const char *configdir = (const char *)arg; |
+ const char *dbver; |
+ char *smpname = NULL; |
+ char *dbname = NULL; |
- switch (dbVersion) { |
- case 8: |
- dbver = "8"; |
- break; |
- case 7: |
- dbver = "7"; |
- break; |
- case 6: |
- dbver = "6"; |
- break; |
- case 5: |
- dbver = "5"; |
- break; |
- case 4: |
- default: |
- dbver = ""; |
- break; |
+ switch (dbVersion) { |
+ case 8: |
+ dbver = "8"; |
+ break; |
+ case 7: |
+ dbver = "7"; |
+ break; |
+ case 6: |
+ dbver = "6"; |
+ break; |
+ case 5: |
+ dbver = "5"; |
+ break; |
+ case 4: |
+ default: |
+ dbver = ""; |
+ break; |
+ } |
+ |
+ /* make sure we return something allocated with PORT_ so we have properly |
+ * matched frees at the end */ |
+ smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver); |
+ if (smpname) { |
+ dbname = PORT_Strdup(smpname); |
+ PR_smprintf_free(smpname); |
+ } |
+ return dbname; |
+} |
+ |
+int main(int argc, char **argv) { |
+ NSSLOWCERTCertDBHandle *certHandle; |
+ |
+ PRFileDesc *mailfile = NULL; |
+ PRFileDesc *dumpfile = NULL; |
+ |
+ char *pathname = 0; |
+ char *fullname = 0; |
+ char *newdbname = 0; |
+ |
+ PRBool removeExpired, requireProfile, singleEntry; |
+ SECStatus rv; |
+ secuCommand dbck; |
+ |
+ dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag); |
+ dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag); |
+ dbck.commands = dbck_commands; |
+ dbck.options = dbck_options; |
+ |
+ progName = strrchr(argv[0], '/'); |
+ progName = progName ? progName + 1 : argv[0]; |
+ |
+ rv = SECU_ParseCommandLine(argc, argv, progName, &dbck); |
+ |
+ if (rv != SECSuccess) Usage(progName); |
+ |
+ if (dbck.commands[cmd_LongUsage].activated) LongUsage(progName); |
+ |
+ if (!dbck.commands[cmd_Debug].activated && |
+ !dbck.commands[cmd_Recover].activated) { |
+ PR_fprintf(PR_STDERR, "Please specify -H, -D or -R.\n"); |
+ Usage(progName); |
+ } |
+ |
+ removeExpired = !(dbck.options[opt_KeepAll].activated || |
+ dbck.options[opt_KeepExpired].activated); |
+ |
+ requireProfile = !(dbck.options[opt_KeepAll].activated || |
+ dbck.options[opt_KeepNoSMimeProfile].activated); |
+ |
+ singleEntry = !(dbck.options[opt_KeepAll].activated || |
+ dbck.options[opt_KeepRedundant].activated); |
+ |
+ if (dbck.options[opt_OutputDB].activated) { |
+ newdbname = PL_strdup(dbck.options[opt_OutputDB].arg); |
+ } else { |
+ newdbname = PL_strdup("new_cert8.db"); |
+ } |
+ |
+ /* Create a generic graph of the database. */ |
+ if (dbck.options[opt_Mailfile].activated) { |
+ mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660); |
+ if (!mailfile) { |
+ fprintf(stderr, "Unable to create mailfile.\n"); |
+ return -1; |
} |
+ } |
- /* make sure we return something allocated with PORT_ so we have properly |
- * matched frees at the end */ |
- smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver); |
- if (smpname) { |
- dbname = PORT_Strdup(smpname); |
- PR_smprintf_free(smpname); |
+ /* Dump all debugging info while running. */ |
+ if (dbck.options[opt_Verbose].activated) { |
+ if (dbck.options[opt_Dumpfile].activated) { |
+ dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg, |
+ PR_RDWR | PR_CREATE_FILE, 00660); |
+ if (!dumpfile) { |
+ fprintf(stderr, "Unable to create dumpfile.\n"); |
+ return -1; |
+ } |
+ } else { |
+ dumpfile = PR_STDOUT; |
} |
- return dbname; |
-} |
- |
+ } |
-int |
-main(int argc, char **argv) |
-{ |
- NSSLOWCERTCertDBHandle *certHandle; |
+ /* Set the cert database directory. */ |
+ if (dbck.options[opt_CertDir].activated) { |
+ SECU_ConfigDirectory(dbck.options[opt_CertDir].arg); |
+ } |
- PRFileDesc *mailfile = NULL; |
- PRFileDesc *dumpfile = NULL; |
+ pathname = SECU_ConfigDirectory(NULL); |
- char * pathname = 0; |
- char * fullname = 0; |
- char * newdbname = 0; |
+ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); |
+ rv = NSS_NoDB_Init(pathname); |
+ if (rv != SECSuccess) { |
+ fprintf(stderr, "NSS_NoDB_Init failed\n"); |
+ return -1; |
+ } |
- PRBool removeExpired, requireProfile, singleEntry; |
- SECStatus rv; |
- secuCommand dbck; |
- |
- dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag); |
- dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag); |
- dbck.commands = dbck_commands; |
- dbck.options = dbck_options; |
- |
- progName = strrchr(argv[0], '/'); |
- progName = progName ? progName+1 : argv[0]; |
- |
- rv = SECU_ParseCommandLine(argc, argv, progName, &dbck); |
- |
- if (rv != SECSuccess) |
- Usage(progName); |
- |
- if (dbck.commands[cmd_LongUsage].activated) |
- LongUsage(progName); |
- |
- if (!dbck.commands[cmd_Debug].activated && |
- !dbck.commands[cmd_Recover].activated) { |
- PR_fprintf(PR_STDERR, "Please specify -H, -D or -R.\n"); |
- Usage(progName); |
- } |
- |
- removeExpired = !(dbck.options[opt_KeepAll].activated || |
- dbck.options[opt_KeepExpired].activated); |
- |
- requireProfile = !(dbck.options[opt_KeepAll].activated || |
- dbck.options[opt_KeepNoSMimeProfile].activated); |
- |
- singleEntry = !(dbck.options[opt_KeepAll].activated || |
- dbck.options[opt_KeepRedundant].activated); |
- |
- if (dbck.options[opt_OutputDB].activated) { |
- newdbname = PL_strdup(dbck.options[opt_OutputDB].arg); |
- } else { |
- newdbname = PL_strdup("new_cert8.db"); |
- } |
- |
- /* Create a generic graph of the database. */ |
- if (dbck.options[opt_Mailfile].activated) { |
- mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660); |
- if (!mailfile) { |
- fprintf(stderr, "Unable to create mailfile.\n"); |
- return -1; |
- } |
- } |
- |
- /* Dump all debugging info while running. */ |
- if (dbck.options[opt_Verbose].activated) { |
- if (dbck.options[opt_Dumpfile].activated) { |
- dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg, |
- PR_RDWR | PR_CREATE_FILE, 00660); |
- if (!dumpfile) { |
- fprintf(stderr, "Unable to create dumpfile.\n"); |
- return -1; |
- } |
- } else { |
- dumpfile = PR_STDOUT; |
- } |
- } |
- |
- /* Set the cert database directory. */ |
- if (dbck.options[opt_CertDir].activated) { |
- SECU_ConfigDirectory(dbck.options[opt_CertDir].arg); |
- } |
- |
- pathname = SECU_ConfigDirectory(NULL); |
- |
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); |
- rv = NSS_NoDB_Init(pathname); |
- if (rv != SECSuccess) { |
- fprintf(stderr, "NSS_NoDB_Init failed\n"); |
- return -1; |
- } |
- |
- certHandle = PORT_ZNew(NSSLOWCERTCertDBHandle); |
- if (!certHandle) { |
- SECU_PrintError(progName, "unable to get database handle"); |
- return -1; |
- } |
- certHandle->ref = 1; |
+ certHandle = PORT_ZNew(NSSLOWCERTCertDBHandle); |
+ if (!certHandle) { |
+ SECU_PrintError(progName, "unable to get database handle"); |
+ return -1; |
+ } |
+ certHandle->ref = 1; |
#ifdef NOTYET |
- /* Open the possibly corrupt database. */ |
- if (dbck.options[opt_InputDB].activated) { |
- PRFileInfo fileInfo; |
- fullname = PR_smprintf("%s/%s", pathname, |
- dbck.options[opt_InputDB].arg); |
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { |
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname); |
- return -1; |
- } |
- rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE); |
- } else |
+ /* Open the possibly corrupt database. */ |
+ if (dbck.options[opt_InputDB].activated) { |
+ PRFileInfo fileInfo; |
+ fullname = PR_smprintf("%s/%s", pathname, dbck.options[opt_InputDB].arg); |
+ if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { |
+ fprintf(stderr, "Unable to read file \"%s\".\n", fullname); |
+ return -1; |
+ } |
+ rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE); |
+ } else |
#endif |
- { |
- /* Use the default. */ |
+ { |
+/* Use the default. */ |
#ifdef NOTYET |
- fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION); |
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { |
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname); |
- return -1; |
- } |
+ fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION); |
+ if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { |
+ fprintf(stderr, "Unable to read file \"%s\".\n", fullname); |
+ return -1; |
+ } |
#endif |
- rv = nsslowcert_OpenCertDB(certHandle, |
- PR_TRUE, /* readOnly */ |
- NULL, /* rdb appName */ |
- "", /* rdb prefix */ |
- dbck_certdb_name_cb, /* namecb */ |
- pathname, /* configDir */ |
- PR_FALSE); /* volatile */ |
- } |
+ rv = nsslowcert_OpenCertDB(certHandle, PR_TRUE, /* readOnly */ |
+ NULL, /* rdb appName */ |
+ "", /* rdb prefix */ |
+ dbck_certdb_name_cb, /* namecb */ |
+ pathname, /* configDir */ |
+ PR_FALSE); /* volatile */ |
+ } |
- if (rv) { |
- SECU_PrintError(progName, "unable to open cert database"); |
- return -1; |
- } |
+ if (rv) { |
+ SECU_PrintError(progName, "unable to open cert database"); |
+ return -1; |
+ } |
- if (dbck.commands[cmd_Debug].activated) { |
- DBCK_DebugDB(certHandle, dumpfile, mailfile); |
- return 0; |
- } |
+ if (dbck.commands[cmd_Debug].activated) { |
+ DBCK_DebugDB(certHandle, dumpfile, mailfile); |
+ return 0; |
+ } |
#ifdef DORECOVER |
- if (dbck.commands[cmd_Recover].activated) { |
- DBCK_ReconstructDBFromCerts(certHandle, newdbname, |
- dumpfile, removeExpired, |
- requireProfile, singleEntry, |
- dbck.options[opt_Prompt].activated); |
- return 0; |
- } |
+ if (dbck.commands[cmd_Recover].activated) { |
+ DBCK_ReconstructDBFromCerts(certHandle, newdbname, dumpfile, removeExpired, |
+ requireProfile, singleEntry, |
+ dbck.options[opt_Prompt].activated); |
+ return 0; |
+ } |
#endif |
- if (mailfile) |
- PR_Close(mailfile); |
- if (dumpfile) |
- PR_Close(dumpfile); |
- if (certHandle) { |
- nsslowcert_ClosePermCertDB(certHandle); |
- PORT_Free(certHandle); |
- } |
- return -1; |
+ if (mailfile) PR_Close(mailfile); |
+ if (dumpfile) PR_Close(dumpfile); |
+ if (certHandle) { |
+ nsslowcert_ClosePermCertDB(certHandle); |
+ PORT_Free(certHandle); |
+ } |
+ return -1; |
} |