mkcert/truststore_firefox.go

package main

import (
	"log"
	"os"
	"os/exec"
	"path/filepath"
	"runtime"
	"strings"
)

var (
	hasFirefox   bool
	hasCertutil  bool
	certutilPath string
)

func init() {
	_, err := os.Stat(FirefoxPath)
	hasFirefox = !os.IsNotExist(err)

	out, err := exec.Command("brew", "--prefix", "nss").Output()
	if err != nil {
		return
	}
	certutilPath = filepath.Join(strings.TrimSpace(string(out)), "bin", "certutil")

	_, err = os.Stat(certutilPath)
	hasCertutil = !os.IsNotExist(err)
}

func (m *mkcert) checkFirefox() bool {
	if !hasCertutil {
		return false
	}
	success := true
	if m.forEachFirefoxProfile(func(profile string) {
		err := exec.Command(certutilPath, "-V", "-d", profile, "-u", "L", "-n", m.caUniqueName()).Run()
		if err != nil {
			success = false
		}
	}) == 0 {
		success = false
	}
	return success
}

func (m *mkcert) installFirefox() {
	if m.forEachFirefoxProfile(func(profile string) {
		cmd := exec.Command(certutilPath, "-A", "-d", profile, "-t", "C,,", "-n", m.caUniqueName(), "-i", filepath.Join(m.CAROOT, rootName))
		out, err := cmd.CombinedOutput()
		if err != nil {
			log.Printf("!!! You've hit a known issue. Please report the entire command output at https://github.com/FiloSottile/mkcert/issues/12\nProfile path: %s\nOS: %s/%s\ncertutil: %s\n", profile, runtime.GOOS, runtime.GOARCH, certutilPath)
			cmd := exec.Command("ls", "-l", profile[4:])
			cmd.Stdout, cmd.Stderr = os.Stderr, os.Stderr
			cmd.Run()
		}
		fatalIfCmdErr(err, "certutil -A", out)
	}) == 0 {
		log.Println("ERROR: no Firefox security databases found")
	}
	if !m.checkFirefox() {
		log.Println("Installing in Firefox failed. Please report the issue with details about your environment at https://github.com/FiloSottile/mkcert/issues/new 👎")
		log.Println("Note that if you never started Firefox, you need to do that at least once.")
	}
}

func (m *mkcert) uninstallFirefox() {
	m.forEachFirefoxProfile(func(profile string) {
		err := exec.Command(certutilPath, "-V", "-d", profile, "-u", "L", "-n", m.caUniqueName()).Run()
		if err != nil {
			return
		}
		cmd := exec.Command(certutilPath, "-D", "-d", profile, "-n", m.caUniqueName())
		out, err := cmd.CombinedOutput()
		fatalIfCmdErr(err, "certutil -D", out)
	})
}

func (m *mkcert) forEachFirefoxProfile(f func(profile string)) (found int) {
	profiles, _ := filepath.Glob(FirefoxProfile)
	if len(profiles) == 0 {
		return
	}
	for _, profile := range profiles {
		if _, err := os.Stat(filepath.Join(profile, "cert8.db")); !os.IsNotExist(err) {
			f("dbm:" + profile)
			found++
		}
		if _, err := os.Stat(filepath.Join(profile, "cert9.db")); !os.IsNotExist(err) {
			f("sql:" + profile)
			found++
		}
	}
	return
}
Add Firefox support Fixes #6 2018-06-28 05:29:20 +00:00			`package main`

			`import (`
			`"log"`
			`"os"`
			`"os/exec"`
			`"path/filepath"`
Add debugging output for #12 2018-07-04 00:48:31 +00:00			`"runtime"`
Add Firefox support Fixes #6 2018-06-28 05:29:20 +00:00			`"strings"`
			`)`

			`var (`
			`hasFirefox bool`
			`hasCertutil bool`
			`certutilPath string`
			`)`

			`func init() {`
			`_, err := os.Stat(FirefoxPath)`
			`hasFirefox = !os.IsNotExist(err)`

			`out, err := exec.Command("brew", "--prefix", "nss").Output()`
			`if err != nil {`
			`return`
			`}`
			`certutilPath = filepath.Join(strings.TrimSpace(string(out)), "bin", "certutil")`

			`_, err = os.Stat(certutilPath)`
			`hasCertutil = !os.IsNotExist(err)`
			`}`

			`func (m *mkcert) checkFirefox() bool {`
			`if !hasCertutil {`
			`return false`
			`}`
			`success := true`
			`if m.forEachFirefoxProfile(func(profile string) {`
			`err := exec.Command(certutilPath, "-V", "-d", profile, "-u", "L", "-n", m.caUniqueName()).Run()`
			`if err != nil {`
			`success = false`
			`}`
			`}) == 0 {`
			`success = false`
			`}`
			`return success`
			`}`

			`func (m *mkcert) installFirefox() {`
			`if m.forEachFirefoxProfile(func(profile string) {`
			`cmd := exec.Command(certutilPath, "-A", "-d", profile, "-t", "C,,", "-n", m.caUniqueName(), "-i", filepath.Join(m.CAROOT, rootName))`
			`out, err := cmd.CombinedOutput()`
Add debugging output for #12 2018-07-04 00:48:31 +00:00			`if err != nil {`
			`log.Printf("!!! You've hit a known issue. Please report the entire command output at https://github.com/FiloSottile/mkcert/issues/12\nProfile path: %s\nOS: %s/%s\ncertutil: %s\n", profile, runtime.GOOS, runtime.GOARCH, certutilPath)`
			`cmd := exec.Command("ls", "-l", profile[4:])`
			`cmd.Stdout, cmd.Stderr = os.Stderr, os.Stderr`
			`cmd.Run()`
			`}`
Add Firefox support Fixes #6 2018-06-28 05:29:20 +00:00			`fatalIfCmdErr(err, "certutil -A", out)`
			`}) == 0 {`
			`log.Println("ERROR: no Firefox security databases found")`
			`}`
			`if !m.checkFirefox() {`
			`log.Println("Installing in Firefox failed. Please report the issue with details about your environment at https://github.com/FiloSottile/mkcert/issues/new 👎")`
			`log.Println("Note that if you never started Firefox, you need to do that at least once.")`
			`}`
			`}`

			`func (m *mkcert) uninstallFirefox() {`
			`m.forEachFirefoxProfile(func(profile string) {`
			`err := exec.Command(certutilPath, "-V", "-d", profile, "-u", "L", "-n", m.caUniqueName()).Run()`
			`if err != nil {`
			`return`
			`}`
			`cmd := exec.Command(certutilPath, "-D", "-d", profile, "-n", m.caUniqueName())`
			`out, err := cmd.CombinedOutput()`
			`fatalIfCmdErr(err, "certutil -D", out)`
			`})`
			`}`

			`func (m *mkcert) forEachFirefoxProfile(f func(profile string)) (found int) {`
			`profiles, _ := filepath.Glob(FirefoxProfile)`
			`if len(profiles) == 0 {`
			`return`
			`}`
			`for _, profile := range profiles {`
			`if _, err := os.Stat(filepath.Join(profile, "cert8.db")); !os.IsNotExist(err) {`
Use explicit prefix for dbm NSS databases sql is the default since 3.35 Fixes #10 2018-06-28 06:08:56 +00:00			`f("dbm:" + profile)`
Add Firefox support Fixes #6 2018-06-28 05:29:20 +00:00			`found++`
			`}`
			`if _, err := os.Stat(filepath.Join(profile, "cert9.db")); !os.IsNotExist(err) {`
			`f("sql:" + profile)`
			`found++`
			`}`
			`}`
			`return`
			`}`