Change-Id: I65416563a8dc54e877df03a304fe4cbd42ebb3da
#pkgsysconfdir = $(sysconfdir)
pkgsysconfdir = .
#pkgsysconfdir = $(sysconfdir)
pkgsysconfdir = .
AM_CFLAGS = -Wall -Wno-pointer-sign
AM_CFLAGS += -ffunction-sections -fdata-sections
AM_CFLAGS += ${ZIP_CFLAGS} ${XML2_CFLAGS} ${OPENSSL_CFLAGS} ${XMLSEC_CFLAGS}
AM_CFLAGS = -Wall -Wno-pointer-sign
AM_CFLAGS += -ffunction-sections -fdata-sections
AM_CFLAGS += ${ZIP_CFLAGS} ${XML2_CFLAGS} ${OPENSSL_CFLAGS} ${XMLSEC_CFLAGS}
AM_CFLAGS += -DPKGSYSCONFDIR=\"$(pkgsysconfdir)\"
AM_CFLAGS += -DPREFIXPERMISSION=\"urn:agl-perm:\"
AM_CFLAGS += -DPKGSYSCONFDIR=\"$(pkgsysconfdir)\"
AM_CFLAGS += -DPREFIXPERMISSION=\"urn:agl-perm:\"
-AM_CFLAGS += -DAGLWIDGET=\"urn:agl-widget\"
+AM_CFLAGS += -DICONDESTDIR=\"\"
+
+
AM_LDFLAGS = -Wl,--gc-sections
AM_LDFLAGS = -Wl,--gc-sections
+const struct wgt_desc_feature *wgt_info_feature(struct wgt_info *ifo, const char *name)
+{
+ const struct wgt_desc_feature *result = ifo->desc.features;
+ while(result && strcmp(result->name, name))
+ result = result->next;
+ return result;
+}
+
+const char *wgt_info_param(const struct wgt_desc_feature *feature, const char *name)
+{
+ const struct wgt_desc_param *param = feature->params;
+ while(param) {
+ if (0 == strcmp(name, param->name))
+ return param->value;
+ }
+ return NULL;
+}
+
extern void wgt_info_addref(struct wgt_info *ifo);
extern void wgt_info_unref(struct wgt_info *ifo);
extern void wgt_info_dump(struct wgt_info *ifo, int fd, const char *prefix);
extern void wgt_info_addref(struct wgt_info *ifo);
extern void wgt_info_unref(struct wgt_info *ifo);
extern void wgt_info_dump(struct wgt_info *ifo, int fd, const char *prefix);
+extern const struct wgt_desc_feature *wgt_info_feature(struct wgt_info *ifo, const char *name);
+extern const char *wgt_info_param(const struct wgt_desc_feature *feature, const char *name);
static int check_references(xmlNodePtr sinfo)
{
static int check_references(xmlNodePtr sinfo)
{
+ unsigned int i, n, flags;
+ struct filedesc *f;
+ int result;
elem = sinfo->children;
while (elem != NULL) {
if (is_element(elem, "Reference"))
if (check_one_reference(elem))
elem = sinfo->children;
while (elem != NULL) {
if (is_element(elem, "Reference"))
if (check_one_reference(elem))
+
+ n = file_count();
+ i = 0;
+ while(i < n) {
+ f = file_of_index(i++);
+ if (f->type == type_file) {
+ flags = f->flags;
+ if (!(flags & (flag_signature | flag_referenced))) {
+ syslog(LOG_ERR, "file not referenced in signature", f->name);
+ result = -1;
+ }
+ }
+ }
+
+ return result;
static int get_certificates(xmlNodePtr kinfo)
{
xmlNodePtr n1, n2;
static int get_certificates(xmlNodePtr kinfo)
{
xmlNodePtr n1, n2;
#include <errno.h>
#include <syslog.h>
#include <string.h>
#include <errno.h>
#include <syslog.h>
#include <string.h>
#include "verbose.h"
#include "wgtpkg.h"
#include "wgt.h"
#include "wgt-info.h"
#include "verbose.h"
#include "wgtpkg.h"
#include "wgt.h"
#include "wgt-info.h"
+#include "secmgr-wrap.h"
-static int check_temporary_constraints(const struct wgt_desc *desc)
+static int check_defined(const void *data, const char *name)
- if (!desc->icons) {
- syslog(LOG_ERR, "widget has not icon defined (temporary constraints)");
- errno = EINVAL;
+ if (data)
+ return 0;
+ syslog(LOG_ERR, "widget has no defined '%s' (temporary constraints)", name);
+ errno = EINVAL;
+ return -1;
+}
+
+static int check_valid_string(const char *value, const char *name)
+{
+ int pos;
+ char c;
+
+ if (check_defined(value, name))
+ pos = 0;
+ c = value[pos];
+ while(c) {
+ if (!isalnum(c) && !strchr(".-_", c)) {
+ syslog(LOG_ERR, "forbidden char %c in '%s' -> '%s' (temporary constraints)", c, name, value);
+ errno = EINVAL;
+ return -1;
+ }
+ c = value[++pos];
+ return 0;
+}
+
+static int check_temporary_constraints(const struct wgt_desc *desc)
+{
+ int result = check_valid_string(desc->id, "id");
+ result |= check_valid_string(desc->version, "version");
+ result |= check_defined(desc->icons, "icon");
+ result |= check_defined(desc->content_src, "content");
+ if (result)
+ return result;
if (desc->icons->next) {
syslog(LOG_ERR, "widget has more than one icon defined (temporary constraints)");
errno = EINVAL;
if (desc->icons->next) {
syslog(LOG_ERR, "widget has more than one icon defined (temporary constraints)");
errno = EINVAL;
- return -1;
- }
- if (!desc->content_src) {
- syslog(LOG_ERR, "widget has not content defined (temporary constraints)");
- errno = EINVAL;
- return -1;
- }
- if (!desc->content_type) {
- syslog(LOG_ERR, "widget has not type for its content (temporary constraints)");
- errno = EINVAL;
- return -1;
{
int result;
const struct wgt_desc_feature *feature;
{
int result;
const struct wgt_desc_feature *feature;
result = check_temporary_constraints(desc);
feature = desc->features;
while(feature) {
result = check_temporary_constraints(desc);
feature = desc->features;
while(feature) {
- name = feature->name;
- if (0 == strcmp(name, AGLWIDGET)) {
-
- } else {
- if (!check_permissions(feature->name, feature->required))
- result = -1;
- }
+ if (!check_permissions(feature->name, feature->required))
+ result = -1;
feature = feature->next;
}
return result;
}
feature = feature->next;
}
return result;
}
-static int place(const char *root, const char *appid, const char *version, int force)
+static int move_widget(const char *root, const struct wgt_desc *desc, int force)
{
char newdir[PATH_MAX];
int rc;
{
char newdir[PATH_MAX];
int rc;
- rc = snprintf(newdir, sizeof newdir, "%s/%s/%s", root, appid, version);
+ rc = snprintf(newdir, sizeof newdir, "%s/%s/%s", root, desc->id, desc->version);
if (rc >= sizeof newdir) {
if (rc >= sizeof newdir) {
- syslog(LOG_ERR, "path to long: %s/%s/%s", root, appid, version);
+ syslog(LOG_ERR, "path to long: %s/%s/%s", root, desc->id, desc->version);
errno = EINVAL;
return -1;
}
errno = EINVAL;
return -1;
}
- rc = move_workdir(newdir, 1, force);
- return rc;
+ return move_workdir(newdir, 1, force);
+}
+
+static int install_security(struct wgt_info *ifo)
+{
+ int rc;
+
+ rc = secmgr_init(wgt_info_desc(ifo)->
}
/* install the widget of the file */
}
/* install the widget of the file */
if (check_widget(desc))
goto error3;
if (check_widget(desc))
goto error3;
-/*
- if (check_and_place())
- goto error2;
-*/
+ if (move_widget(root, desc, force))
+ goto error3;
+
+
+
}
/* fills database with trusted keys */
}
/* fills database with trusted keys */
-static int fill_trusted_keys()
+static int fill_trusted_keys_file(const char *file)
+{
+ int err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, file, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+ if (err < 0) {
+ syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", file);
+ return -1;
+ }
+ return 0;
+}
+
+/* fills database with trusted keys */
+static int fill_trusted_keys_dir(const char *directory)
{
int err;
DIR *dir;
struct dirent *ent;
char path[PATH_MAX], *e;
{
int err;
DIR *dir;
struct dirent *ent;
char path[PATH_MAX], *e;
- e = stpcpy(path, CA_ROOT_DIRECTORY);
+ e = stpcpy(path, directory);
dir = opendir(path);
if (!dir) {
dir = opendir(path);
if (!dir) {
- syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys", path);
+ syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys_dir", path);
while (ent != NULL) {
if (ent->d_type == DT_REG) {
strcpy(e, ent->d_name);
while (ent != NULL) {
if (ent->d_type == DT_REG) {
strcpy(e, ent->d_name);
- err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, path, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+ err = fill_trusted_keys_file(path);
- syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", path);
closedir(dir);
return -1;
}
closedir(dir);
return -1;
}
syslog(LOG_ERR, "xmlSecCryptoAppDefaultKeysMngrInit failed.");
goto end;
}
syslog(LOG_ERR, "xmlSecCryptoAppDefaultKeysMngrInit failed.");
goto end;
}
+ fill_trusted_keys_dir(CA_ROOT_DIRECTORY);