[rt-commit] r121 - in /redwax-tool/trunk: ChangeLog redwax_nss.c
rt-commit at redwax.eu
rt-commit at redwax.eu
Thu Dec 9 20:05:48 CET 2021
Author: minfrin at redwax.eu
Date: Thu Dec 9 20:05:47 2021
New Revision: 121
Log:
Check if certificates already exist before attempting write to
NSS if --auto-out has been set.
Modified:
redwax-tool/trunk/ChangeLog
redwax-tool/trunk/redwax_nss.c
Modified: redwax-tool/trunk/ChangeLog
==============================================================================
--- redwax-tool/trunk/ChangeLog (original)
+++ redwax-tool/trunk/ChangeLog Thu Dec 9 20:05:47 2021
@@ -1,5 +1,8 @@
Changes with v0.9.1
+
+ *) Check if certificates already exist before attempting write to
+ NSS if --auto-out has been set. [Graham Leggett]
*) Read the pkcs11 label on certificates. [Graham Leggett]
Modified: redwax-tool/trunk/redwax_nss.c
==============================================================================
--- redwax-tool/trunk/redwax_nss.c (original)
+++ redwax-tool/trunk/redwax_nss.c Thu Dec 9 20:05:47 2021
@@ -496,6 +496,26 @@
apr_pool_cleanup_register(pool, x, cleanup_cert,
apr_pool_cleanup_null);
+ if (r->auto_out) {
+
+ CERTCertificate *xx;
+
+ xx = PK11_FindCertFromDERCert(slot, x, &s);
+
+ if (xx) {
+
+ redwax_print_error(r,
+ "Warning: nss-out: certificate '%s' already exists, skipping.\n",
+ x->subjectName);
+
+ apr_pool_cleanup_register(pool, xx, cleanup_cert,
+ apr_pool_cleanup_null);
+
+ continue;
+ }
+
+ }
+
if (!label) {
if (cert->label) {
label = apr_pstrndup(pool, cert->label, cert->label_len);
@@ -580,6 +600,26 @@
apr_pool_cleanup_register(pool, x, cleanup_cert,
apr_pool_cleanup_null);
+ if (r->auto_out) {
+
+ CERTCertificate *xx;
+
+ xx = PK11_FindCertFromDERCert(slot, x, &s);
+
+ if (xx) {
+
+ redwax_print_error(r,
+ "Warning: nss-out: intermediate '%s' already exists, skipping.\n",
+ x->subjectName);
+
+ apr_pool_cleanup_register(pool, xx, cleanup_cert,
+ apr_pool_cleanup_null);
+
+ continue;
+ }
+
+ }
+
redwax_print_error(r, "nss-out: intermediate: %s\n", x->subjectName);
if (cert->label) {
@@ -642,6 +682,26 @@
apr_pool_cleanup_register(pool, x, cleanup_cert,
apr_pool_cleanup_null);
+
+ if (r->auto_out) {
+
+ CERTCertificate *xx;
+
+ xx = PK11_FindCertFromDERCert(slot, x, &s);
+
+ if (xx) {
+
+ redwax_print_error(r,
+ "Warning: nss-out: trusted '%s' already exists, skipping.\n",
+ x->subjectName);
+
+ apr_pool_cleanup_register(pool, xx, cleanup_cert,
+ apr_pool_cleanup_null);
+
+ continue;
+ }
+
+ }
redwax_print_error(r, "nss-out: trusted: %s\n", x->subjectName);
More information about the rt-commit
mailing list