Skip to content

Commit

Permalink
Always ship newest ca-certs (from Mozilla).
Browse files Browse the repository at this point in the history 
Signed-off-by: Thomas Rohloff <v10lator@myway.de>
  • Loading branch information
@V10lator
V10lator committed Mar 20, 2024
1 parent 0b150ea commit 560c2d9
Show file tree
Hide file tree
Showing 5 changed files with 8 additions and 141 deletions.
3 changes: 3 additions & 0 deletions build.py
View file
Expand Up @@ -44,6 +44,9 @@ def checkAndDeleteDir(dir):
checkAndDeleteFile("src/gtitles.c")
urllib.request.urlretrieve("https://napi.v10lator.de/db", "src/gtitles.c")

checkAndDeleteFile("data/ca-certs.pem");
urllib.request.urlretrieve("https://ccadb.my.salesforce-sites.com/mozilla/IncludedRootsPEMTxt?TrustBitsInclude=Websites", "data/ca-certs.pem");

checkAndDeleteDir("NUStmp")
checkAndDeleteDir("out")

Expand Down
22 changes: 0 additions & 22 deletions data/ca-certificates/DigiCert_Global_Root_CA.crt
View file

This file was deleted.

23 changes: 0 additions & 23 deletions data/ca-certificates/DigiCert_High_Assurance_EV_Root_CA.pem
View file

This file was deleted.

31 changes: 0 additions & 31 deletions data/ca-certificates/ISRG_Root_X1.pem
View file

This file was deleted.

70 changes: 5 additions & 65 deletions src/downloader.c
View file
Expand Up @@ -200,71 +200,11 @@ bool initDownloader()
{
initNetwork();

char *fn = getStaticPathBuffer(2);
strcpy(fn, ROMFS_PATH "ca-certificates/");
struct curl_blob blob = { .data = NULL, .len = 0, .flags = CURL_BLOB_COPY };

#ifndef NUSSPLI_HBL
FSADirectoryHandle dir;
if(FSAOpenDir(getFSAClient(), fn, &dir) == FS_ERROR_OK)
#else
DIR *dir = opendir(fn);
if(dir != NULL)
#endif
{
char *ptr = fn + strlen(fn);
void *buf;
size_t bufsize;
size_t oldcertsize = 0;
void *tmp;
#ifndef NUSSPLI_HBL
FSADirectoryEntry entry;
while(FSAReadDir(getFSAClient(), dir, &entry) == FS_ERROR_OK)
{
if(entry.name[0] == '.') // TODO: Aroma bug
continue;

strcpy(ptr, entry.name);
#else
for(struct dirent *entry = readdir(dir); entry != NULL; entry = readdir(dir))
{
if(entry->d_name[0] == '.')
continue;

strcpy(ptr, entry->d_name);
#endif
bufsize = readFile(fn, &buf);
if(buf == NULL)
continue;

oldcertsize = blob.len;
blob.len += bufsize;
tmp = blob.data;
blob.data = MEMAllocFromDefaultHeap(blob.len);
if(blob.data != NULL)
{
if(tmp != NULL)
OSBlockMove(blob.data, tmp, oldcertsize, false);

OSBlockMove(((uint8_t *)blob.data) + oldcertsize, buf, bufsize, false);
}
else
{
blob.data = tmp;
blob.len = oldcertsize;
}

MEMFreeToDefaultHeap(buf);
}

#ifndef NUSSPLI_HBL
FSACloseDir(getFSAClient(), dir);
#else
closedir(dir);
#endif
}
else
debugPrintf("Error opening %s!", fn);
void *buf;
struct curl_blob blob = { .data = NULL, .flags = CURL_BLOB_COPY };
blob.len = readFile(ROMFS_PATH "ca-certs.pem", &blob.data);
if(blob.data == NULL)
return false;

CURLcode ret = curl_global_init(CURL_GLOBAL_DEFAULT & ~(CURL_GLOBAL_SSL));
if(ret == CURLE_OK)
Expand Down

0 comments on commit 560c2d9

Please sign in to comment.