summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2018-07-17 11:14:06 +0200
committerJosé Bollo <jose.bollo@iot.bzh>2018-07-17 14:49:18 +0200
commitd8d819bcde18c8b4b5dfbdf610a6fc5e04fa54bf (patch)
tree214ee1ec95aafe4855a25899886d2b33915fcb46
parentf97f8d24a1971117bbd4057ca0cd00776bcccb39 (diff)
wgtpkg-digsig: Add flag to accept/refuse a WGT without signature
This flag allows with a single function to check the signature and the case that a not signed widget is to be refused in the same way that the signature is wrong. The CMAKE boolean ALLOW_NO_SIGNATURE can be used to control the default behavior at compile time. By default its value is OFF meaning that install will refuse widgets without signature. Relates to Bug-AGL: SPEC-1590 Change-Id: I403109272759454696a1e5d9913879aaea7676e6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
-rw-r--r--CMakeLists.txt7
-rw-r--r--src/wgtpkg-digsig.c6
-rw-r--r--src/wgtpkg-digsig.h5
-rw-r--r--src/wgtpkg-info.c4
-rw-r--r--src/wgtpkg-install.c6
5 files changed, 21 insertions, 7 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 87373de..dc7f482 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -32,6 +32,7 @@ set(PROJECT_URL "https://gerrit.automotivelinux.org/gerrit/gitweb?p=src/app-fram
set(USE_LIBZIP ON CACHE BOOL "should try to use libzip?")
set(USE_SIMULATION OFF CACHE BOOL "if set simulates security manager and smack")
set(USE_SDK OFF CACHE BOOL "if set, avoids installating system runtime files")
+set(ALLOW_NO_SIGNATURE OFF CACHE BOOL "if set, widgets without signature are accepted")
set(SIMULATE_SECMGR OFF CACHE BOOL "if set, the security manager is simulated")
set(SIMULATE_SMACK OFF CACHE BOOL "if set, the smack environment is simulated")
@@ -69,6 +70,12 @@ add_definitions(
-DSYSTEMD_UNITS_ROOT="${systemd_units_root}"
-DAFM_VERSION="${PROJECT_VERSION}"
)
+if(ALLOW_NO_SIGNATURE)
+ add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=1)
+else(ALLOW_NO_SIGNATURE)
+ add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=0)
+endif(ALLOW_NO_SIGNATURE)
+
add_subdirectory(src)
add_subdirectory(conf)
diff --git a/src/wgtpkg-digsig.c b/src/wgtpkg-digsig.c
index a1cb55f..36060ce 100644
--- a/src/wgtpkg-digsig.c
+++ b/src/wgtpkg-digsig.c
@@ -336,13 +336,17 @@ int verify_digsig(struct filedesc *fdesc)
}
/* check all the signature files */
-int check_all_signatures()
+int check_all_signatures(int allow_none)
{
int rc, irc;
unsigned int i, n;
struct filedesc *fdesc;
n = signature_count();
+ if (n == 0 && !allow_none) {
+ ERROR("no signature found");
+ return -1;
+ }
rc = 0;
for (i = n ; i-- > 0 ; ) {
fdesc = signature_of_index(i);
diff --git a/src/wgtpkg-digsig.h b/src/wgtpkg-digsig.h
index 7bcb18f..fee9d49 100644
--- a/src/wgtpkg-digsig.h
+++ b/src/wgtpkg-digsig.h
@@ -24,5 +24,8 @@ extern int verify_digsig(struct filedesc *fdesc);
extern int create_digsig(unsigned int index, const char *key, const char **certs);
/* check the signatures of the current directory */
-extern int check_all_signatures();
+extern int check_all_signatures(int allow_none);
+#if !defined(DEFAULT_ALLOW_NO_SIGNATURE)
+#define DEFAULT_ALLOW_NO_SIGNATURE 0
+#endif
diff --git a/src/wgtpkg-info.c b/src/wgtpkg-info.c
index 4849de7..1c9eac0 100644
--- a/src/wgtpkg-info.c
+++ b/src/wgtpkg-info.c
@@ -155,11 +155,11 @@ static void show(const char *wgtfile)
if (zread(wgtfile, 0))
goto error2;
- if (check_all_signatures())
+ if (check_all_signatures(1)) /* info even on WGT without signature */
goto error2;
check_and_show();
-
+
error2:
remove_workdir();
return;
diff --git a/src/wgtpkg-install.c b/src/wgtpkg-install.c
index 505b915..27dcb87 100644
--- a/src/wgtpkg-install.c
+++ b/src/wgtpkg-install.c
@@ -168,13 +168,13 @@ static int check_valid_string(const char *value, const char *name)
if (c == 0) {
ERROR("empty string forbidden in '%s' (temporary constraints)", name);
errno = EINVAL;
- return -1;
+ return -1;
}
do {
if (!isalnum(c) && !strchr(".-_", c)) {
ERROR("forbidden char %c in '%s' -> '%s' (temporary constraints)", c, name, value);
errno = EINVAL;
- return -1;
+ return -1;
}
c = value[++pos];
} while(c);
@@ -517,7 +517,7 @@ struct wgt_info *install_widget(const char *wgtfile, const char *root, int force
if (zread(wgtfile, 0))
goto error2;
- if (check_all_signatures())
+ if (check_all_signatures(DEFAULT_ALLOW_NO_SIGNATURE))
goto error2;
ifo = wgt_info_createat(workdirfd, NULL, 1, 1, 1);