diff options
author | José Bollo <jose.bollo@iot.bzh> | 2018-07-17 11:14:06 +0200 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2018-07-17 14:49:18 +0200 |
commit | d8d819bcde18c8b4b5dfbdf610a6fc5e04fa54bf (patch) | |
tree | 214ee1ec95aafe4855a25899886d2b33915fcb46 | |
parent | f97f8d24a1971117bbd4057ca0cd00776bcccb39 (diff) |
wgtpkg-digsig: Add flag to accept/refuse a WGT without signature
This flag allows with a single function to check the signature
and the case that a not signed widget is to be refused in the same
way that the signature is wrong.
The CMAKE boolean ALLOW_NO_SIGNATURE can be used to control
the default behavior at compile time. By default its value
is OFF meaning that install will refuse widgets without
signature.
Relates to Bug-AGL: SPEC-1590
Change-Id: I403109272759454696a1e5d9913879aaea7676e6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
-rw-r--r-- | CMakeLists.txt | 7 | ||||
-rw-r--r-- | src/wgtpkg-digsig.c | 6 | ||||
-rw-r--r-- | src/wgtpkg-digsig.h | 5 | ||||
-rw-r--r-- | src/wgtpkg-info.c | 4 | ||||
-rw-r--r-- | src/wgtpkg-install.c | 6 |
5 files changed, 21 insertions, 7 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 87373de..dc7f482 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -32,6 +32,7 @@ set(PROJECT_URL "https://gerrit.automotivelinux.org/gerrit/gitweb?p=src/app-fram set(USE_LIBZIP ON CACHE BOOL "should try to use libzip?") set(USE_SIMULATION OFF CACHE BOOL "if set simulates security manager and smack") set(USE_SDK OFF CACHE BOOL "if set, avoids installating system runtime files") +set(ALLOW_NO_SIGNATURE OFF CACHE BOOL "if set, widgets without signature are accepted") set(SIMULATE_SECMGR OFF CACHE BOOL "if set, the security manager is simulated") set(SIMULATE_SMACK OFF CACHE BOOL "if set, the smack environment is simulated") @@ -69,6 +70,12 @@ add_definitions( -DSYSTEMD_UNITS_ROOT="${systemd_units_root}" -DAFM_VERSION="${PROJECT_VERSION}" ) +if(ALLOW_NO_SIGNATURE) + add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=1) +else(ALLOW_NO_SIGNATURE) + add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=0) +endif(ALLOW_NO_SIGNATURE) + add_subdirectory(src) add_subdirectory(conf) diff --git a/src/wgtpkg-digsig.c b/src/wgtpkg-digsig.c index a1cb55f..36060ce 100644 --- a/src/wgtpkg-digsig.c +++ b/src/wgtpkg-digsig.c @@ -336,13 +336,17 @@ int verify_digsig(struct filedesc *fdesc) } /* check all the signature files */ -int check_all_signatures() +int check_all_signatures(int allow_none) { int rc, irc; unsigned int i, n; struct filedesc *fdesc; n = signature_count(); + if (n == 0 && !allow_none) { + ERROR("no signature found"); + return -1; + } rc = 0; for (i = n ; i-- > 0 ; ) { fdesc = signature_of_index(i); diff --git a/src/wgtpkg-digsig.h b/src/wgtpkg-digsig.h index 7bcb18f..fee9d49 100644 --- a/src/wgtpkg-digsig.h +++ b/src/wgtpkg-digsig.h @@ -24,5 +24,8 @@ extern int verify_digsig(struct filedesc *fdesc); extern int create_digsig(unsigned int index, const char *key, const char **certs); /* check the signatures of the current directory */ -extern int check_all_signatures(); +extern int check_all_signatures(int allow_none); +#if !defined(DEFAULT_ALLOW_NO_SIGNATURE) +#define DEFAULT_ALLOW_NO_SIGNATURE 0 +#endif diff --git a/src/wgtpkg-info.c b/src/wgtpkg-info.c index 4849de7..1c9eac0 100644 --- a/src/wgtpkg-info.c +++ b/src/wgtpkg-info.c @@ -155,11 +155,11 @@ static void show(const char *wgtfile) if (zread(wgtfile, 0)) goto error2; - if (check_all_signatures()) + if (check_all_signatures(1)) /* info even on WGT without signature */ goto error2; check_and_show(); - + error2: remove_workdir(); return; diff --git a/src/wgtpkg-install.c b/src/wgtpkg-install.c index 505b915..27dcb87 100644 --- a/src/wgtpkg-install.c +++ b/src/wgtpkg-install.c @@ -168,13 +168,13 @@ static int check_valid_string(const char *value, const char *name) if (c == 0) { ERROR("empty string forbidden in '%s' (temporary constraints)", name); errno = EINVAL; - return -1; + return -1; } do { if (!isalnum(c) && !strchr(".-_", c)) { ERROR("forbidden char %c in '%s' -> '%s' (temporary constraints)", c, name, value); errno = EINVAL; - return -1; + return -1; } c = value[++pos]; } while(c); @@ -517,7 +517,7 @@ struct wgt_info *install_widget(const char *wgtfile, const char *root, int force if (zread(wgtfile, 0)) goto error2; - if (check_all_signatures()) + if (check_all_signatures(DEFAULT_ALLOW_NO_SIGNATURE)) goto error2; ifo = wgt_info_createat(workdirfd, NULL, 1, 1, 1); |