Mercurial > trustbridge

changeset 1176:c8f698ca6355

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue128) Rename cinst to trustbridge-certificate-installer
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 22 Sep 2014 11:34:06 +0200
parents e210ecc32d69
children 53a02fbe2fc9
files cinst/CMakeLists.txt cinst/README cinst/certificate-installer.c cinst/main.c cinst/nssstore_win.c packaging/create-dist-package.sh.in packaging/filelist.nsh packaging/linux-createpackage.sh.in packaging/linux-installer-uninstall.inc packaging/trustbridge.nsi packaging/win-createpackage.sh.in ui/installwrapper.cpp ui/installwrapper.h ui/tests/CMakeLists.txt ui/tests/cinstprocesstest.cpp
diffstat 15 files changed, 390 insertions(+), 387 deletions(-) [+]
line wrap: on
line diff
--- a/cinst/CMakeLists.txt	Mon Sep 22 11:19:43 2014 +0200
+++ b/cinst/CMakeLists.txt	Mon Sep 22 11:34:06 2014 +0200
@@ -11,47 +11,47 @@
 
 include_directories(${CMAKE_CURRENT_SOURCE_DIR}/../common)
 
-set(CINST_SOURCES
+set(trustbridge-certificate-installer_SOURCES
     ${CMAKE_CURRENT_SOURCE_DIR}/windowsstore.c
     ${CMAKE_CURRENT_SOURCE_DIR}/nssstore_linux.c
     ${CMAKE_CURRENT_SOURCE_DIR}/nssstore_win.c
-    ${CMAKE_CURRENT_SOURCE_DIR}/main.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/certificate-installer.c
 )
-add_executable(cinst ${CINST_SOURCES})
+add_executable(trustbridge-certificate-installer ${trustbridge-certificate-installer_SOURCES})
 
 if (WIN32)
    set(WIN_EXTRA_LIBS -lcrypt32 -luserenv -lshell32)
 endif(WIN32)
 
-target_link_libraries(cinst
+target_link_libraries(trustbridge-certificate-installer
    trustbridge_common
    ${PROFILING_LIBS}
    ${POLARSSL_LIBRARIES}
    ${WIN_EXTRA_LIBS})
 
-install(TARGETS cinst DESTINATION bin)
+install(TARGETS trustbridge-certificate-installer DESTINATION bin)
 if (WIN32)
    add_custom_command(
-      TARGET cinst
+      TARGET trustbridge-certificate-installer
       POST_BUILD
-      COMMAND ${CMAKE_STRIP} cinst.exe
+      COMMAND ${CMAKE_STRIP} trustbridge-certificate-installer.exe
    )
    if (NOT RELEASE_BUILD)
       add_custom_command(
-         TARGET cinst
+         TARGET trustbridge-certificate-installer
          POST_BUILD
          COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.pem
          -key ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.key
-         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/cinst.exe
-         -out ${CMAKE_CURRENT_BINARY_DIR}/cinst-signed.exe &&
-         mv ${CMAKE_CURRENT_BINARY_DIR}/cinst-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/cinst.exe
+         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-certificate-installer.exe
+         -out ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-certificate-installer-signed.exe &&
+         mv ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-certificate-installer-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/cinst.exe
          )
     endif()
 else()
    add_custom_command(
-      TARGET cinst
+      TARGET trustbridge-certificate-installer
       POST_BUILD
-      COMMAND strip cinst
+      COMMAND strip trustbridge-certificate-installer
    )
 endif()
 
--- a/cinst/README	Mon Sep 22 11:19:43 2014 +0200
+++ b/cinst/README	Mon Sep 22 11:34:06 2014 +0200
@@ -9,8 +9,8 @@
 There is a test list in ui/tests that you can use to manually
 invoke the command. e.g.:
 
-./cinst list=<path_to_repo>/ui/tests/data/list-valid-signed.txt choices=uninstall
+./trustbridge-certificate-installer list=<path_to_repo>/ui/tests/data/list-valid-signed.txt choices=uninstall
 
 A choices file lies next to it.
-./cinst list=<path_to_repo>/ui/tests/data/list-valid-signed.txt \
+./trustbrdige-certificate-installer list=<path_to_repo>/ui/tests/data/list-valid-signed.txt \
     choices=<path_to_repo>/ui/tests/data/choices-example.txt
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/cinst/certificate-installer.c	Mon Sep 22 11:34:06 2014 +0200
@@ -0,0 +1,357 @@
+/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
+ * Software engineering by Intevation GmbH
+ *
+ * This file is Free Software under the GNU GPL (v>=2)
+ * and comes with ABSOLUTELY NO WARRANTY!
+ * See LICENSE.txt for details.
+ */
+/**
+ * @file certificate-installer.c
+ * @brief Main entry point for the certificate install process.
+ *
+ *  The certificate installer process may or may not be run with elevated
+ *  privileges. When run with elevated privileges this
+ *  process will modify system wide certificate stores.
+ *  Otherwise only the users certificate stores are modified.
+ *
+ *  The first parameter to this process should be list=\<file_name\>
+ *  of the certificate list to work on. The second parameter should
+ *  be choices=\<choices_file_name\>|uninstall
+ *
+ *  choices_file_name should be the absolute path to an
+ *  choices file formatted as:
+ *
+ *  I:\<certificate\><BR>
+ *  R:\<certificate\>
+ *
+ *  Line breaks can be system dependent in the Choices file.
+ *
+ *  It will only execute the choices if the
+ *  I and R choices are also part of the signed
+ *  certificate list. The signature is validated with the
+ *  built in key.
+ *
+ *  The special instruction "uninstall" will cause the installer
+ *  to remove all certificates (Even those marked with I) that
+ *  are part of the list.
+ *
+ *  For more verbose debug output add --debug to the call.
+ *
+ **/
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <stdbool.h>
+
+#include "strhelp.h"
+#include "listutil.h"
+#include "logging.h"
+#include "errorcodes.h"
+#include "windowsstore.h"
+#include "nssstore.h"
+#include "portpath.h"
+
+/* The certificate list + choices may only be so long as
+ * twice the accepted certificatelist size */
+#define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2
+
+/* @brief Read stdin into data structures.
+ *
+ * Reads choices from an input file into the to_install
+ * and to_remove buffers.
+ *
+ * Lines starting with I: are treated as install choices.
+ * Lines starting with R: are treated as remove choices.
+ * Other lines are ignored.
+ *
+ * Terminates in OOM conditions.
+ *
+ * The caller needs to free the memory allocated by this function
+ * even when an error is returned.
+ *
+ * @param[in] file_name absolute path to the choices file.
+ * @param[out] to_install strv of installation choices or NULL
+ * @param[out] to_remove strv of remove choices or NULL
+ *
+ * @returns: 0 on success. An error code otherwise.
+ */
+static int
+read_choices_file (char *file_name, char ***to_install,
+                   char ***to_remove)
+{
+  int lines_read = 0;
+  char buf[MAX_LINE_LENGTH + 2];
+  FILE *f = NULL;
+  long file_size;
+
+  if (*to_install || *to_remove)
+    {
+      ERRORPRINTF ("Error invalid parameters.\n");
+      return -1;
+    }
+
+  f = port_fopen_rb(file_name, false);
+  if (f == NULL)
+    {
+      ERRORPRINTF ("Failed to open file: %s\n", file_name);
+      return ERR_NO_INSTRUCTIONS;
+    }
+
+  fseek (f, 0, SEEK_END);
+  file_size = ftell (f);
+  if (file_size <= 0)
+    {
+      fclose (f);
+      ERRORPRINTF ("File size error: %s\n", file_name);
+      return ERR_NO_INSTRUCTIONS;
+    }
+
+  fseek (f, 0, SEEK_SET);
+
+  if (file_size + 1 == 0)
+    {
+      fclose (f);
+      ERRORPRINTF ("File seek error: %s\n", file_name);
+      return ERR_INVALID_INSTRUCTIONS;
+    }
+
+  while (fgets (buf, MAX_LINE_LENGTH + 1, f) )
+    {
+      size_t len = strlen (buf); /* fgets ensures buf is terminated */
+      if (len <= 3)
+        {
+          ERRORPRINTF ("Line too short.\n");
+          fclose (f);
+          return ERR_INVALID_INPUT;
+        }
+      if (lines_read++ > MAX_LINES)
+        {
+          ERRORPRINTF ("Too many lines\n");
+          fclose (f);
+          return ERR_TOO_MUCH_INPUT;
+        }
+      if (*buf == 'I')
+        {
+          char *trimmed = buf+2;
+          /* Remove leading I: and trailing whitespace */
+          str_trim(&trimmed);
+          strv_append (to_install, trimmed, strlen(trimmed));
+          continue;
+        }
+      if (*buf == 'R')
+        {
+          char *trimmed = buf+2;
+          /* Remove leading R: and trailing whitespace */
+          str_trim(&trimmed);
+          strv_append (to_remove, trimmed, strlen(trimmed));
+          continue;
+        }
+    }
+
+  fclose (f);
+  return 0;
+}
+
+/** @brief Check that the insturctions match to the list
+ *
+ * Only certificates part of the certificate_list are allowed
+ * for installation.
+ *
+ * @param[in] all_certs strv of all valid certificates in a list
+ * @param[in] to_validate strv of choices
+ *
+ * @returns 0 on success, an error otherwise
+ */
+int
+validate_choices (char **all_certs, char **to_validate)
+{
+  int i = 0, j = 0;
+
+  if (!all_certs || strv_length (all_certs) < 1)
+    {
+      /* Invalid parameters */
+      return -1;
+    }
+
+  if (to_validate == NULL)
+    {
+      /* Nothing is valid */
+      return 0;
+    }
+
+  for (i = 0; to_validate[i]; i++)
+    {
+      bool found = false;
+      for (j = 0; all_certs[j]; j++)
+        {
+          if (strncmp (to_validate[i], all_certs[j], MAX_LINE_LENGTH) ==
+              0)
+            {
+              found = true;
+              break;
+            }
+        }
+      if (!found)
+        {
+          DEBUGPRINTF ("Failed to find certificate; \n%s\n", to_validate[i]);
+          return ERR_INVALID_INSTRUCTIONS;
+        }
+    }
+
+  return 0;
+}
+
+#ifdef DO_RELEASE_BUILD
+bool g_debug = false;
+#else
+bool g_debug = true;
+#endif
+
+int
+main (int argc, char **argv)
+{
+  char **to_install = NULL,
+         **to_remove = NULL,
+           **all_valid_certs = NULL;
+  int ret = -1;
+
+  char *certificate_list = NULL,
+        *certificate_file_name = NULL,
+         *choices_file_name = NULL;
+  size_t list_len = 0;
+  list_status_t list_status;
+  bool do_uninstall = false;
+
+  /* Some very static argument parsing. list= and choices= is only
+     added to make it more transparent how this programm is called if
+     a user looks at the detailed uac dialog. */
+  if ((argc != 3 && argc != 4) || strncmp(argv[1], "list=", 5) != 0 ||
+      strncmp(argv[2], "choices=", 8) != 0)
+    {
+      ERRORPRINTF ("Invalid arguments.\n"
+                   "Expected arguments: list=<certificate_list> \n"
+                   "                    choices=<choices_file>|uninstall\n"
+                   "Optional: --debug\n");
+      return ERR_INVALID_PARAMS;
+    }
+
+  certificate_file_name = strchr(argv[1], '=') + 1;
+  choices_file_name = strchr(argv[2], '=') + 1;
+
+  if (argc == 4 && strncmp(argv[3], "--debug", 7) == 0)
+    {
+      g_debug = true;
+    }
+
+  if (!certificate_file_name || !choices_file_name)
+    {
+      ERRORPRINTF ("Invalid arguments.\n"
+                   "Expected arguments: list=<certificate_list> \n"
+                   "                    choices=<choices_file>|uninstall\n");
+      return ERR_INVALID_PARAMS;
+    }
+
+  if (strncmp(choices_file_name, "uninstall", 9) == 0)
+    {
+      do_uninstall = true;
+      choices_file_name = NULL;
+    }
+
+  list_status = read_and_verify_list (certificate_file_name, &certificate_list,
+                                      &list_len);
+
+  if (list_status != Valid)
+    {
+      if (list_status == InvalidSignature)
+        {
+          ERRORPRINTF ("Failed to verify signature.\n");
+          return ERR_INVALID_SIGNATURE;
+        }
+
+      ERRORPRINTF ("Failed to read certificate list.\n");
+      return ERR_INVALID_INPUT_NO_LIST;
+    }
+
+  all_valid_certs = get_certs_from_list (certificate_list, list_len);
+  free (certificate_list);
+
+  if (!all_valid_certs)
+    {
+      /* Impossible */
+      return -1;
+    }
+
+
+  /* For uninstall we are done now */
+  if (do_uninstall)
+    {
+#ifdef WIN32
+      ret = write_stores_win (NULL, all_valid_certs);
+      if (ret != 0)
+        {
+          ERRORPRINTF ("Failed to write windows stores retval: %i\n", ret);
+        }
+#endif
+      ret = write_stores_nss (NULL, all_valid_certs);
+      strv_free (all_valid_certs);
+      return ret;
+    }
+
+  ret = read_choices_file (choices_file_name, &to_install,
+                           &to_remove);
+
+  if (ret)
+    {
+      ERRORPRINTF ("Failed to read choices file\n");
+      return ret;
+    }
+
+  if (!strv_length (to_install) && !strv_length (to_remove) )
+    {
+      ERRORPRINTF ("Failed to read choices file\n");
+      return ERR_NO_INSTRUCTIONS;
+    }
+
+  /* Check that the choices are ok to execute */
+  if (to_install)
+    {
+      ret = validate_choices (all_valid_certs, to_install);
+      if (ret)
+        {
+          ERRORPRINTF ("Failed to validate choices\n");
+          return ret;
+        }
+    }
+
+  if (to_remove)
+    {
+      ret = validate_choices (all_valid_certs, to_remove);
+      if (ret)
+        {
+          ERRORPRINTF ("Failed to validate removal choices\n");
+          return ret;
+        }
+    }
+
+  strv_free (all_valid_certs);
+
+#ifdef WIN32
+  ret = write_stores_win (to_install, to_remove);
+  if (ret != 0)
+    {
+      ERRORPRINTF ("Failed to write windows stores retval: %i\n", ret);
+    }
+#endif
+  ret = write_stores_nss (to_install, to_remove);
+  if (ret != 0)
+    {
+      ERRORPRINTF ("Failed to write nss stores");
+    }
+
+  /* Make valgrind happy */
+  strv_free (to_install);
+  strv_free (to_remove);
+
+  return 0;
+}
--- a/cinst/main.c	Mon Sep 22 11:19:43 2014 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,357 +0,0 @@
-/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
- * Software engineering by Intevation GmbH
- *
- * This file is Free Software under the GNU GPL (v>=2)
- * and comes with ABSOLUTELY NO WARRANTY!
- * See LICENSE.txt for details.
- */
-/**
- * @file main.c
- * @brief Main entry point for the cinst process.
- *
- *  The cinst process may or may not be run with elevated
- *  privileges. When run with elevated privileges this
- *  process will modify system wide certificate stores.
- *  Otherwise only the users certificate stores are modified.
- *
- *  The first parameter to this process should be list=\<file_name\>
- *  of the certificate list to work on. The second parameter should
- *  be choices=\<choices_file_name\>|uninstall
- *
- *  choices_file_name should be the absolute path to an
- *  choices file formatted as:
- *
- *  I:\<certificate\><BR>
- *  R:\<certificate\>
- *
- *  Line breaks can be system dependent in the Choices file.
- *
- *  It will only execute the choices if the
- *  I and R choices are also part of the signed
- *  certificate list. The signature is validated with the
- *  built in key.
- *
- *  The special instruction "uninstall" will cause the installer
- *  to remove all certificates (Even those marked with I) that
- *  are part of the list.
- *
- *  For more verbose debug output add --debug to the call.
- *
- **/
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
-#include <stdbool.h>
-
-#include "strhelp.h"
-#include "listutil.h"
-#include "logging.h"
-#include "errorcodes.h"
-#include "windowsstore.h"
-#include "nssstore.h"
-#include "portpath.h"
-
-/* The certificate list + choices may only be so long as
- * twice the accepted certificatelist size */
-#define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2
-
-/* @brief Read stdin into data structures.
- *
- * Reads choices from an input file into the to_install
- * and to_remove buffers.
- *
- * Lines starting with I: are treated as install choices.
- * Lines starting with R: are treated as remove choices.
- * Other lines are ignored.
- *
- * Terminates in OOM conditions.
- *
- * The caller needs to free the memory allocated by this function
- * even when an error is returned.
- *
- * @param[in] file_name absolute path to the choices file.
- * @param[out] to_install strv of installation choices or NULL
- * @param[out] to_remove strv of remove choices or NULL
- *
- * @returns: 0 on success. An error code otherwise.
- */
-static int
-read_choices_file (char *file_name, char ***to_install,
-                   char ***to_remove)
-{
-  int lines_read = 0;
-  char buf[MAX_LINE_LENGTH + 2];
-  FILE *f = NULL;
-  long file_size;
-
-  if (*to_install || *to_remove)
-    {
-      ERRORPRINTF ("Error invalid parameters.\n");
-      return -1;
-    }
-
-  f = port_fopen_rb(file_name, false);
-  if (f == NULL)
-    {
-      ERRORPRINTF ("Failed to open file: %s\n", file_name);
-      return ERR_NO_INSTRUCTIONS;
-    }
-
-  fseek (f, 0, SEEK_END);
-  file_size = ftell (f);
-  if (file_size <= 0)
-    {
-      fclose (f);
-      ERRORPRINTF ("File size error: %s\n", file_name);
-      return ERR_NO_INSTRUCTIONS;
-    }
-
-  fseek (f, 0, SEEK_SET);
-
-  if (file_size + 1 == 0)
-    {
-      fclose (f);
-      ERRORPRINTF ("File seek error: %s\n", file_name);
-      return ERR_INVALID_INSTRUCTIONS;
-    }
-
-  while (fgets (buf, MAX_LINE_LENGTH + 1, f) )
-    {
-      size_t len = strlen (buf); /* fgets ensures buf is terminated */
-      if (len <= 3)
-        {
-          ERRORPRINTF ("Line too short.\n");
-          fclose (f);
-          return ERR_INVALID_INPUT;
-        }
-      if (lines_read++ > MAX_LINES)
-        {
-          ERRORPRINTF ("Too many lines\n");
-          fclose (f);
-          return ERR_TOO_MUCH_INPUT;
-        }
-      if (*buf == 'I')
-        {
-          char *trimmed = buf+2;
-          /* Remove leading I: and trailing whitespace */
-          str_trim(&trimmed);
-          strv_append (to_install, trimmed, strlen(trimmed));
-          continue;
-        }
-      if (*buf == 'R')
-        {
-          char *trimmed = buf+2;
-          /* Remove leading R: and trailing whitespace */
-          str_trim(&trimmed);
-          strv_append (to_remove, trimmed, strlen(trimmed));
-          continue;
-        }
-    }
-
-  fclose (f);
-  return 0;
-}
-
-/** @brief Check that the insturctions match to the list
- *
- * Only certificates part of the certificate_list are allowed
- * for installation.
- *
- * @param[in] all_certs strv of all valid certificates in a list
- * @param[in] to_validate strv of choices
- *
- * @returns 0 on success, an error otherwise
- */
-int
-validate_choices (char **all_certs, char **to_validate)
-{
-  int i = 0, j = 0;
-
-  if (!all_certs || strv_length (all_certs) < 1)
-    {
-      /* Invalid parameters */
-      return -1;
-    }
-
-  if (to_validate == NULL)
-    {
-      /* Nothing is valid */
-      return 0;
-    }
-
-  for (i = 0; to_validate[i]; i++)
-    {
-      bool found = false;
-      for (j = 0; all_certs[j]; j++)
-        {
-          if (strncmp (to_validate[i], all_certs[j], MAX_LINE_LENGTH) ==
-              0)
-            {
-              found = true;
-              break;
-            }
-        }
-      if (!found)
-        {
-          DEBUGPRINTF ("Failed to find certificate; \n%s\n", to_validate[i]);
-          return ERR_INVALID_INSTRUCTIONS;
-        }
-    }
-
-  return 0;
-}
-
-#ifdef DO_RELEASE_BUILD
-bool g_debug = false;
-#else
-bool g_debug = true;
-#endif
-
-int
-main (int argc, char **argv)
-{
-  char **to_install = NULL,
-         **to_remove = NULL,
-           **all_valid_certs = NULL;
-  int ret = -1;
-
-  char *certificate_list = NULL,
-        *certificate_file_name = NULL,
-         *choices_file_name = NULL;
-  size_t list_len = 0;
-  list_status_t list_status;
-  bool do_uninstall = false;
-
-  /* Some very static argument parsing. list= and choices= is only
-     added to make it more transparent how this programm is called if
-     a user looks at the detailed uac dialog. */
-  if ((argc != 3 && argc != 4) || strncmp(argv[1], "list=", 5) != 0 ||
-      strncmp(argv[2], "choices=", 8) != 0)
-    {
-      ERRORPRINTF ("Invalid arguments.\n"
-                   "Expected arguments: list=<certificate_list> \n"
-                   "                    choices=<choices_file>|uninstall\n"
-                   "Optional: --debug\n");
-      return ERR_INVALID_PARAMS;
-    }
-
-  certificate_file_name = strchr(argv[1], '=') + 1;
-  choices_file_name = strchr(argv[2], '=') + 1;
-
-  if (argc == 4 && strncmp(argv[3], "--debug", 7) == 0)
-    {
-      g_debug = true;
-    }
-
-  if (!certificate_file_name || !choices_file_name)
-    {
-      ERRORPRINTF ("Invalid arguments.\n"
-                   "Expected arguments: list=<certificate_list> \n"
-                   "                    choices=<choices_file>|uninstall\n");
-      return ERR_INVALID_PARAMS;
-    }
-
-  if (strncmp(choices_file_name, "uninstall", 9) == 0)
-    {
-      do_uninstall = true;
-      choices_file_name = NULL;
-    }
-
-  list_status = read_and_verify_list (certificate_file_name, &certificate_list,
-                                      &list_len);
-
-  if (list_status != Valid)
-    {
-      if (list_status == InvalidSignature)
-        {
-          ERRORPRINTF ("Failed to verify signature.\n");
-          return ERR_INVALID_SIGNATURE;
-        }
-
-      ERRORPRINTF ("Failed to read certificate list.\n");
-      return ERR_INVALID_INPUT_NO_LIST;
-    }
-
-  all_valid_certs = get_certs_from_list (certificate_list, list_len);
-  free (certificate_list);
-
-  if (!all_valid_certs)
-    {
-      /* Impossible */
-      return -1;
-    }
-
-
-  /* For uninstall we are done now */
-  if (do_uninstall)
-    {
-#ifdef WIN32
-      ret = write_stores_win (NULL, all_valid_certs);
-      if (ret != 0)
-        {
-          ERRORPRINTF ("Failed to write windows stores retval: %i\n", ret);
-        }
-#endif
-      ret = write_stores_nss (NULL, all_valid_certs);
-      strv_free (all_valid_certs);
-      return ret;
-    }
-
-  ret = read_choices_file (choices_file_name, &to_install,
-                           &to_remove);
-
-  if (ret)
-    {
-      ERRORPRINTF ("Failed to read choices file\n");
-      return ret;
-    }
-
-  if (!strv_length (to_install) && !strv_length (to_remove) )
-    {
-      ERRORPRINTF ("Failed to read choices file\n");
-      return ERR_NO_INSTRUCTIONS;
-    }
-
-  /* Check that the choices are ok to execute */
-  if (to_install)
-    {
-      ret = validate_choices (all_valid_certs, to_install);
-      if (ret)
-        {
-          ERRORPRINTF ("Failed to validate choices\n");
-          return ret;
-        }
-    }
-
-  if (to_remove)
-    {
-      ret = validate_choices (all_valid_certs, to_remove);
-      if (ret)
-        {
-          ERRORPRINTF ("Failed to validate removal choices\n");
-          return ret;
-        }
-    }
-
-  strv_free (all_valid_certs);
-
-#ifdef WIN32
-  ret = write_stores_win (to_install, to_remove);
-  if (ret != 0)
-    {
-      ERRORPRINTF ("Failed to write windows stores retval: %i\n", ret);
-    }
-#endif
-  ret = write_stores_nss (to_install, to_remove);
-  if (ret != 0)
-    {
-      ERRORPRINTF ("Failed to write nss stores");
-    }
-
-  /* Make valgrind happy */
-  strv_free (to_install);
-  strv_free (to_remove);
-
-  return 0;
-}
--- a/cinst/nssstore_win.c	Mon Sep 22 11:19:43 2014 +0200
+++ b/cinst/nssstore_win.c	Mon Sep 22 11:34:06 2014 +0200
@@ -53,7 +53,7 @@
 #include "binverify.h"
 
 #ifndef APPNAME
-#define APPNAME L"cinst"
+#define APPNAME L"trustbridge-certificate-installer"
 #endif
 
 /**@def The name of the nss installation process */
--- a/packaging/create-dist-package.sh.in	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/create-dist-package.sh.in	Mon Sep 22 11:34:06 2014 +0200
@@ -47,7 +47,7 @@
 mv @CMAKE_SOURCE_DIR@/build-i386/TrustBridge-@PROJECT_VERSION@.sh \
     $TMPDIR/linux/TrustBridge-@PROJECT_VERSION@-i386.sh
 cp @CMAKE_SOURCE_DIR@/build-windows/ui/trustbridge.exe $TMPDIR/windows
-cp @CMAKE_SOURCE_DIR@/build-windows/cinst/cinst.exe $TMPDIR/windows
+cp @CMAKE_SOURCE_DIR@/build-windows/cinst/trustbridge-certificate-installer.exe $TMPDIR/windows
 cp @CMAKE_SOURCE_DIR@/build-windows/cinst/trustbridge-nss-installer.exe $TMPDIR/windows
 cp -r @CMAKE_SOURCE_DIR@/packaging/resources $TMPDIR/resources
 cp @CMAKE_SOURCE_DIR@/build-windows/packaging/DesktopShellRun.dll $TMPDIR/resources
--- a/packaging/filelist.nsh	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/filelist.nsh	Mon Sep 22 11:34:06 2014 +0200
@@ -8,7 +8,7 @@
 ; This file is not autogenerated.
 ; Keep it updated if you add new things.
 
-File "${files_dir}${path_sep}cinst.exe"
+File "${files_dir}${path_sep}trustbridge-certificate-installer.exe"
 File "${files_dir}${path_sep}trustbridge.exe"
 File "${files_dir}${path_sep}trustbridge-nss-installer.exe"
 File /r /x .buildinfo "${files_dir}${path_sep}doc"
--- a/packaging/linux-createpackage.sh.in	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/linux-createpackage.sh.in	Mon Sep 22 11:34:06 2014 +0200
@@ -41,7 +41,7 @@
 INSTALLER="@CMAKE_BINARY_DIR@/TrustBridge-@PROJECT_VERSION@.sh"
 UNINSTALLER="$TMPDIR/bin/trustbridge-deinstall.sh"
 
-EXEFILES=("@CMAKE_BINARY_DIR@/cinst/cinst"
+EXEFILES=("@CMAKE_BINARY_DIR@/cinst/trustbridge-certificate-installer"
           "@CMAKE_BINARY_DIR@/cinst/trustbridge-nss-installer"
           "@CMAKE_BINARY_DIR@/ui/trustbridge"
           "@CMAKE_BINARY_DIR@/ui/trustbridge-tray-starter.sh"
--- a/packaging/linux-installer-uninstall.inc	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/linux-installer-uninstall.inc	Mon Sep 22 11:34:06 2014 +0200
@@ -33,7 +33,7 @@
 
 deinstall_certs()
 {
-  local cinst="${oldinstcfg[PREFIX]}/bin/cinst"
+  local cinst="${oldinstcfg[PREFIX]}/bin/trustbridge-certificate-installer"
   local certlist=`ls 2>/dev/null -1  ${instdata_path}/list-installed.txt`
 
   getxt "Uninstalling certificates ...\n"
--- a/packaging/trustbridge.nsi	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/trustbridge.nsi	Mon Sep 22 11:34:06 2014 +0200
@@ -271,7 +271,7 @@
 Section "Uninstall"
   StrCmp "$douninstcertificates" "TRUE" 0 skip_certs
     ExpandEnvStrings $0 %LOCALAPPDATA%
-    nsExec::ExecToLog '"$INSTDIR\cinst.exe" "list=$0\BSI\TrustBridge\list-installed.txt" "choices=uninstall"'
+    nsExec::ExecToLog '"$INSTDIR\trustbridge-certificate-installer.exe" "list=$0\BSI\TrustBridge\list-installed.txt" "choices=uninstall"'
 skip_certs:
   RMDir /r "$INSTDIR" ; TODO (issue137) include uninstall files
 ; !include "filelist-un.nsh"
--- a/packaging/win-createpackage.sh.in	Mon Sep 22 11:19:43 2014 +0200
+++ b/packaging/win-createpackage.sh.in	Mon Sep 22 11:34:06 2014 +0200
@@ -13,7 +13,7 @@
 TMPDIR=$(mktemp -d)
 TMPINST=$(mktemp)
 
-EXEFILES=$(find . -name cinst.exe -o -name trustbridge.exe -o -name trustbridge-nss-installer.exe)
+EXEFILES=$(find . -name trustbridge-certificate-installer.exe -o -name trustbridge.exe -o -name trustbridge-nss-installer.exe)
 HELPDIR=@CMAKE_BINARY_DIR@/manuals/help-manual/html
 
 cp $EXEFILES $TMPDIR
--- a/ui/installwrapper.cpp	Mon Sep 22 11:19:43 2014 +0200
+++ b/ui/installwrapper.cpp	Mon Sep 22 11:34:06 2014 +0200
@@ -31,7 +31,7 @@
 QFileInfo getCinstProcInfo() {
     QFileInfo fi(QCoreApplication::applicationFilePath());
     QDir myDir = fi.absoluteDir();
-    QString instProcName = "cinst";
+    QString instProcName = "trustbridge-certificate-installer";
     if (!fi.suffix().isEmpty()) {
         instProcName += "." + fi.suffix();
     }
--- a/ui/installwrapper.h	Mon Sep 22 11:19:43 2014 +0200
+++ b/ui/installwrapper.h	Mon Sep 22 11:34:06 2014 +0200
@@ -45,11 +45,12 @@
     /**
      * @brief Construct an installwrapper for a certificateList
      *
-     * The install wrapper will start the cinst process to execute
-     * the specified instructions with the provided certificatelist.
+     * The install wrapper will start the certificate installer 
+     * process to execute the specified instructions with the
+     * provided certificatelist.
      *
-     * The cinst executable is expected to be in the same directory
-     * as the current application.
+     * The trustbridge-certificate-installer executable is expected
+     * to be in the same directory as the current application.
      *
      * @param[in] parent the parent object.
      * @param[in] path the absolute path to the certificatelist.
--- a/ui/tests/CMakeLists.txt	Mon Sep 22 11:19:43 2014 +0200
+++ b/ui/tests/CMakeLists.txt	Mon Sep 22 11:34:06 2014 +0200
@@ -60,7 +60,7 @@
 
 # Cinstprocess
 add_custom_test(cinstprocesstest.cpp "")
-add_dependencies(cinstprocesstest cinst)
+add_dependencies(cinstprocesstest trustbridge-certificate-installer)
 add_custom_test(commontest.cpp "")
 
 add_custom_test(createcertlisttest.cpp "")
--- a/ui/tests/cinstprocesstest.cpp	Mon Sep 22 11:19:43 2014 +0200
+++ b/ui/tests/cinstprocesstest.cpp	Mon Sep 22 11:34:06 2014 +0200
@@ -17,8 +17,10 @@
 
 #include <stdlib.h>
 
-#define CINST_PATH_CANDIDATES "../../cinst/cinst" << \
-    "cinst" << "../../cinst/cinst.exe" << "cinst.exe";
+#define CINST_PATH_CANDIDATES "../../cinst/trustbridge-certificate-installer" << \
+    "trustbridge-certificate-installer" << \
+    "../../cinst/trustbridge-certificate-installer.exe" \
+    << "trustbridge-certificate-installer.exe";
 
 QProcess *CinstProcessTest::startCinstProcess(const QStringList& args) {
     QStringList cinstCandidates;
http://wald.intevation.org/projects/trustbridge/