Implement CA installation

2025-12-12 15:14:35 +01:00 · 2023-08-18 14:45:28 +02:00
parent bc1df1f5e1
commit 3875599c5f
3 changed files with 81 additions and 2 deletions
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@@ -921,6 +921,7 @@ dependencies = [
 "is_elevated",
 "once_cell",
 "open",
+ "os_type",
 "rcgen 0.9.3",
 "regex",
 "registry",
@@ -2904,6 +2905,15 @@ dependencies = [
 "winapi",
 ]

+[[package]]
+name = "os_type"
+version = "2.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e24d44c0eea30167516ed8f6daca4b5e3eebcde1bde1e4e6e08b809fb02c7ba5"
+dependencies = [
+ "regex",
+]
+
 [[package]]
 name = "pango"
 version = "0.15.10"
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@@ -24,6 +24,7 @@ sudo = "0.6.0"

 [target.'cfg(target_os = "linux")'.dependencies]
 anyhow = "1.0.58"
+os_type = "2.6"
 term-detect = "0.1.7"
 which = "4.4"

--- a/src-tauri/src/proxy.rs
+++ b/src-tauri/src/proxy.rs
@@ -26,8 +26,12 @@ use tauri::{api::path::data_dir, http::Uri};
 #[cfg(windows)]
 use registry::{Data, Hive, Security};

+#[cfg(target_os = "linux")]
+use crate::system_helpers::{AsRoot, SpawnItsFineReally};
 #[cfg(target_os = "linux")]
 use anime_launcher_sdk::{config::ConfigExt, genshin::config::Config};
+#[cfg(target_os = "linux")]
+use std::{fs::File, io::Write, process::Command};

 async fn shutdown_signal() {
  tokio::signal::ctrl_c()
@@ -443,8 +447,72 @@ pub fn install_ca_files(cert_path: &Path) {
 }

 #[cfg(target_os = "linux")]
-pub fn install_ca_files(_cert_path: &Path) {
-  println!("install_ca_files is not implemented");
+pub fn install_ca_files(cert_path: &Path) {
+  let platform = os_type::current_platform();
+  use os_type::OSType::*;
+  // TODO: Add more distros
+  match &platform.os_type {
+    // Debian-based
+    Debian | Ubuntu | Kali => {
+      let usr_certs = PathBuf::from("/usr/local/share/ca-certificates");
+      let usr_cert_path = usr_certs.join("cultivation.crt");
+
+      // We want to execute multiple commands, but we don't want multiple pkexec prompts
+      // so we have to use a script
+      let script = Path::new("/tmp/cultivation-inject-ca-cert.sh");
+      let mut scriptf = File::create(script).unwrap();
+      #[cfg(debug_assertions)]
+      let setflags = "xe";
+      #[cfg(not(debug_assertions))]
+      let setflags = "e";
+      write!(
+        scriptf,
+        r#"#!/usr/bin/env bash
+set -{}
+CERT="{}"
+CERT_DIR="{}"
+CERT_TARGET="{}"
+# Create dir if it doesn't exist
+if ! [[ -d "$CERT_DIR" ]]; then
+  mkdir -v "$CERT_DIR"
+fi
+cp -v "$CERT" "$CERT_TARGET"
+update-ca-certificates
+"#,
+        setflags,
+        cert_path.to_str().unwrap(),
+        usr_certs.to_str().unwrap(),
+        usr_cert_path.to_str().unwrap()
+      )
+      .unwrap();
+      scriptf.flush().unwrap();
+      drop(scriptf);
+      let _ = Command::new("bash")
+        .arg(script)
+        .as_root_gui()
+        .spawn_its_fine_really("Unable to install certificate");
+      if let Err(e) = fs::remove_file(script) {
+        println!("Unable to remove certificate install script: {}", e);
+      };
+    }
+    // RedHat-based
+    //Redhat | CentOS |
+    // Arch-based
+    Arch | Manjaro => {
+      let _ = Command::new("trust")
+        .arg("anchor")
+        .arg("--store")
+        .arg(cert_path)
+        .as_root_gui()
+        .spawn_its_fine_really("Unable to install certificate");
+    }
+    OSX => unreachable!(),
+    _ => {
+      println!("Unsupported Linux distribution.");
+      return;
+    }
+  }
+  println!("Installed certificate.");
 }

 #[cfg(not(any(windows, target_os = "macos", target_os = "linux")))]