Code Review
/
src
/
app-framework-main.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Allow setting of libexec location
[src/app-framework-main.git]
/
src
/
wgtpkg-digsig.c
diff --git
a/src/wgtpkg-digsig.c
b/src/wgtpkg-digsig.c
index
ed78354
..
098a240
100644
(file)
--- a/
src/wgtpkg-digsig.c
+++ b/
src/wgtpkg-digsig.c
@@
-1,5
+1,7
@@
/*
/*
- Copyright 2015 IoT.bzh
+ Copyright (C) 2015-2019 IoT.bzh
+
+ author: José Bollo <jose.bollo@iot.bzh>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@
-16,7
+18,6
@@
#include <string.h>
#include <string.h>
-#include <syslog.h>
#include <assert.h>
#include <fcntl.h>
#include <unistd.h>
#include <assert.h>
#include <fcntl.h>
#include <unistd.h>
@@
-28,7
+29,11
@@
#include "verbose.h"
#include "verbose.h"
-#include "wgtpkg.h"
+#include "wgtpkg-files.h"
+#include "wgtpkg-workdir.h"
+#include "wgtpkg-certs.h"
+#include "wgtpkg-xmlsec.h"
+#include "wgtpkg-digsig.h"
@@
-331,18
+336,22
@@
int verify_digsig(struct filedesc *fdesc)
}
/* check all the signature files */
}
/* check all the signature files */
-int check_all_signatures()
+int check_all_signatures(
int allow_none
)
{
int rc, irc;
unsigned int i, n;
struct filedesc *fdesc;
n = signature_count();
{
int rc, irc;
unsigned int i, n;
struct filedesc *fdesc;
n = signature_count();
+ if (n == 0 && !allow_none) {
+ ERROR("no signature found");
+ return -1;
+ }
rc = 0;
for (i = n ; i-- > 0 ; ) {
fdesc = signature_of_index(i);
irc = verify_digsig(fdesc);
rc = 0;
for (i = n ; i-- > 0 ; ) {
fdesc = signature_of_index(i);
irc = verify_digsig(fdesc);
- if (
!irc
)
+ if (
irc < 0
)
rc = irc;
}
rc = irc;
}
@@
-352,11
+361,12
@@
int check_all_signatures()
/* create a signature of 'index' (0 for author, other values for distributors)
using the private 'key' (filename) and the certificates 'certs' (filenames)
as trusted chain */
/* create a signature of 'index' (0 for author, other values for distributors)
using the private 'key' (filename) and the certificates 'certs' (filenames)
as trusted chain */
-int create_digsig(int index, const char *key, const char **certs)
+int create_digsig(
unsigned
int index, const char *key, const char **certs)
{
struct filedesc *fdesc;
xmlDocPtr doc;
{
struct filedesc *fdesc;
xmlDocPtr doc;
- int rc, len, fd;
+ int rc, fd;
+ long len;
xmlSaveCtxtPtr ctx;
rc = -1;
xmlSaveCtxtPtr ctx;
rc = -1;