X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fwgtpkg-xmlsec.c;h=746ccc0914529528efd54d223150db5ed2b9c1f0;hb=7e1027342a3cff95635ba2107f283321cf0efa08;hp=843ea2b09e16e0fa785abd64bf43becea35fcd62;hpb=bf7b5918fcc07713a29b9ca32f766b65b15a4ec2;p=src%2Fapp-framework-main.git

diff --git a/src/wgtpkg-xmlsec.c b/src/wgtpkg-xmlsec.c
index 843ea2b..746ccc0 100644
--- a/src/wgtpkg-xmlsec.c
+++ b/src/wgtpkg-xmlsec.c
@@ -21,6 +21,7 @@
 #include <dirent.h>
 #include <string.h>
 #include <assert.h>
+#include <fcntl.h>
 
 #include <libxml/tree.h>
 #include <xmlsec/xmlsec.h>
@@ -53,6 +54,7 @@ static int file_match_cb(const char *uri)
 static void *file_open_cb(const char *file)
 {
 	struct filedesc *fdesc;
+	int fd;
 	FILE *f;
 
 	fdesc = file_of_name(file);
@@ -61,10 +63,13 @@ static void *file_open_cb(const char *file)
 		return NULL;
 	}
 
-	f = fopen(file, "r");
-	if (f == NULL)
+	fd = openat(workdirfd, file, O_RDONLY);
+	f = fd < 0 ? NULL : fdopen(fd, "r");
+	if (f == NULL) {
 		syslog(LOG_ERR, "can't open file %s for reading", file);
-	else
+		if (fd >= 0)
+			close(fd);
+	} else
 		fdesc->flags |= flag_opened;
 
 	return f;
@@ -90,17 +95,28 @@ static void errors_cb(const char *file, int line, const char *func, const char *
 }
 
 /* fills database with trusted keys */
-static int fill_trusted_keys()
+static int fill_trusted_keys_file(const char *file)
+{
+	int err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, file, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+	if (err < 0) {
+		syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", file);
+		return -1;
+	}
+	return 0;
+}
+
+/* fills database with trusted keys */
+static int fill_trusted_keys_dir(const char *directory)
 {
 	int err;
 	DIR *dir;
 	struct dirent *ent;
 	char path[PATH_MAX], *e;
 
-	e = stpcpy(path, CA_ROOT_DIRECTORY);
+	e = stpcpy(path, directory);
 	dir = opendir(path);
 	if (!dir) {
-		syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys", path);
+		syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys_dir", path);
 		return -1;
 	}
 
@@ -109,9 +125,8 @@ static int fill_trusted_keys()
 	while (ent != NULL) {
 		if (ent->d_type == DT_REG) {
 			strcpy(e, ent->d_name);
-			err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, path, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+			err = fill_trusted_keys_file(path);
 			if (err < 0) {
-				syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", path);
 				closedir(dir);
 				return -1;
 			}
@@ -175,7 +190,7 @@ int xmlsec_init()
 		syslog(LOG_ERR, "xmlSecCryptoAppDefaultKeysMngrInit failed.");
 		goto end;
 	}
-	fill_trusted_keys();
+	fill_trusted_keys_dir(CA_ROOT_DIRECTORY);
 
 	initstatus = 0;
 end: