work in progress

Change-Id: I65416563a8dc54e877df03a304fe4cbd42ebb3da

diff --git a/src/Makefile.am b/src/Makefile.am
index 9767941..a538a38 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -29,14 +29,19 @@ APPFWK = \
 #pkgsysconfdir = $(sysconfdir)
 pkgsysconfdir = .
 
+
 AM_CFLAGS  = -Wall -Wno-pointer-sign
 AM_CFLAGS += -ffunction-sections -fdata-sections
 AM_CFLAGS += ${ZIP_CFLAGS} ${XML2_CFLAGS} ${OPENSSL_CFLAGS} ${XMLSEC_CFLAGS}
 
 
+
+
 AM_CFLAGS += -DPKGSYSCONFDIR=\"$(pkgsysconfdir)\"
 AM_CFLAGS += -DPREFIXPERMISSION=\"urn:agl-perm:\"
-AM_CFLAGS += -DAGLWIDGET=\"urn:agl-widget\"
+AM_CFLAGS += -DICONDESTDIR=\"\"
+
+
 
 AM_LDFLAGS = -Wl,--gc-sections
 

diff --git a/src/wgt-info.c b/src/wgt-info.c
index d5f664b..61779e0 100644 (file)
--- a/src/wgt-info.c
+++ b/src/wgt-info.c
@@ -423,3 +423,21 @@ void wgt_info_dump(struct wgt_info *ifo, int fd, const char *prefix)
        }
 }
 
+const struct wgt_desc_feature *wgt_info_feature(struct wgt_info *ifo, const char *name)
+{
+       const struct wgt_desc_feature *result = ifo->desc.features;
+       while(result && strcmp(result->name, name))
+               result = result->next;
+       return result;
+}
+
+const char *wgt_info_param(const struct wgt_desc_feature *feature, const char *name)
+{
+       const struct wgt_desc_param *param = feature->params;
+       while(param) {
+               if (0 == strcmp(name, param->name))
+                       return param->value;
+       }
+       return NULL;
+}
+

diff --git a/src/wgt-info.h b/src/wgt-info.h
index 4d2007d..50b8ed4 100644 (file)
--- a/src/wgt-info.h
+++ b/src/wgt-info.h
@@ -75,4 +75,6 @@ extern struct wgt *wgt_info_wgt(struct wgt_info *ifo);
 extern void wgt_info_addref(struct wgt_info *ifo);
 extern void wgt_info_unref(struct wgt_info *ifo);
 extern void wgt_info_dump(struct wgt_info *ifo, int fd, const char *prefix);
+extern const struct wgt_desc_feature *wgt_info_feature(struct wgt_info *ifo, const char *name);
+extern const char *wgt_info_param(const struct wgt_desc_feature *feature, const char *name);
 

diff --git a/src/wgtpkg-digsig.c b/src/wgtpkg-digsig.c
index 3aa4da3..80428fa 100644 (file)
--- a/src/wgtpkg-digsig.c
+++ b/src/wgtpkg-digsig.c
@@ -188,18 +188,37 @@ error:
 
 static int check_references(xmlNodePtr sinfo)
 {
+       unsigned int i, n, flags;
+       struct filedesc *f;
+       int result;
        xmlNodePtr elem;
 
+       result = 0;
        elem = sinfo->children;
        while (elem != NULL) {
                if (is_element(elem, "Reference"))
                        if (check_one_reference(elem))
-                               return -1;
+                               result = -1;
                elem = elem->next;
        }
-       return 0;
+
+       n = file_count();
+       i = 0;
+       while(i < n) {
+               f = file_of_index(i++);
+               if (f->type == type_file) {
+                       flags = f->flags;
+                       if (!(flags & (flag_signature | flag_referenced))) {
+                               syslog(LOG_ERR, "file not referenced in signature", f->name);
+                               result = -1;
+                       }
+               }
+       }
+
+       return result;
 }
 
+
 static int get_certificates(xmlNodePtr kinfo)
 {
        xmlNodePtr n1, n2;

diff --git a/src/wgtpkg-install.c b/src/wgtpkg-install.c
index ee21d8f..dc746c2 100644 (file)
--- a/src/wgtpkg-install.c
+++ b/src/wgtpkg-install.c
@@ -19,33 +19,55 @@
 #include <errno.h>
 #include <syslog.h>
 #include <string.h>
+#include <ctype.h>
 
 #include "verbose.h"
 #include "wgtpkg.h"
 #include "wgt.h"
 #include "wgt-info.h"
+#include "secmgr-wrap.h"
 
-static int check_temporary_constraints(const struct wgt_desc *desc)
+static int check_defined(const void *data, const char *name)
 {
-       if (!desc->icons) {
-               syslog(LOG_ERR, "widget has not icon defined (temporary constraints)");
-               errno = EINVAL;
+       if (data)
+               return 0;
+       syslog(LOG_ERR, "widget has no defined '%s' (temporary constraints)", name);
+       errno = EINVAL;
+       return -1;
+}
+
+static int check_valid_string(const char *value, const char *name)
+{
+       int pos;
+       char c;
+
+       if (check_defined(value, name))
                return -1;
+       pos = 0;
+       c = value[pos];
+       while(c) {
+               if (!isalnum(c) && !strchr(".-_", c)) {
+                       syslog(LOG_ERR, "forbidden char %c in '%s' -> '%s' (temporary constraints)", c, name, value);
+                       errno = EINVAL;
+                       return -1;                      
+               }
+               c = value[++pos];
        }
+       return 0;
+}
+
+static int check_temporary_constraints(const struct wgt_desc *desc)
+{
+       int result = check_valid_string(desc->id, "id");
+       result |= check_valid_string(desc->version, "version");
+       result |= check_defined(desc->icons, "icon");
+       result |= check_defined(desc->content_src, "content");
+       if (result)
+               return result;
        if (desc->icons->next) {
                syslog(LOG_ERR, "widget has more than one icon defined (temporary constraints)");
                errno = EINVAL;
-               return -1;
-       }
-       if (!desc->content_src) {
-               syslog(LOG_ERR, "widget has not content defined (temporary constraints)");
-               errno = EINVAL;
-               return -1;
-       }
-       if (!desc->content_type) {
-               syslog(LOG_ERR, "widget has not type for its content (temporary constraints)");
-               errno = EINVAL;
-               return -1;
+               result = -1;
        }
        return 0;
 }
@@ -70,37 +92,37 @@ static int check_widget(const struct wgt_desc *desc)
 {
        int result;
        const struct wgt_desc_feature *feature;
-       const char *name;
 
        result = check_temporary_constraints(desc);
        feature = desc->features;
        while(feature) {
-               name = feature->name;
-               if (0 == strcmp(name, AGLWIDGET)) {
-                       
-               } else {
-                       if (!check_permissions(feature->name, feature->required))
-                               result = -1;
-               }
+               if (!check_permissions(feature->name, feature->required))
+                       result = -1;
                feature = feature->next;
        }
        return result;
 }
 
-static int place(const char *root, const char *appid, const char *version, int force)
+static int move_widget(const char *root, const struct wgt_desc *desc, int force)
 {
        char newdir[PATH_MAX];
        int rc;
 
-       rc = snprintf(newdir, sizeof newdir, "%s/%s/%s", root, appid, version);
+       rc = snprintf(newdir, sizeof newdir, "%s/%s/%s", root, desc->id, desc->version);
        if (rc >= sizeof newdir) {
-               syslog(LOG_ERR, "path to long: %s/%s/%s", root, appid, version);
+               syslog(LOG_ERR, "path to long: %s/%s/%s", root, desc->id, desc->version);
                errno = EINVAL;
                return -1;
        }
 
-       rc = move_workdir(newdir, 1, force);
-       return rc;
+       return move_workdir(newdir, 1, force);
+}
+
+static int install_security(struct wgt_info *ifo)
+{
+       int rc;
+
+       rc = secmgr_init(wgt_info_desc(ifo)->
 }
 
 /* install the widget of the file */
@@ -131,10 +153,11 @@ void install_widget(const char *wgtfile, const char *root, int force)
        if (check_widget(desc))
                goto error3;
 
-/*
-       if (check_and_place())
-               goto error2;
-*/     
+       if (move_widget(root, desc, force))
+               goto error3;
+
+       
+       
        return;
 
 error3:

diff --git a/src/wgtpkg-xmlsec.c b/src/wgtpkg-xmlsec.c
index a403b77..746ccc0 100644 (file)
--- a/src/wgtpkg-xmlsec.c
+++ b/src/wgtpkg-xmlsec.c
@@ -95,17 +95,28 @@ static void errors_cb(const char *file, int line, const char *func, const char *
 }
 
 /* fills database with trusted keys */
-static int fill_trusted_keys()
+static int fill_trusted_keys_file(const char *file)
+{
+       int err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, file, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+       if (err < 0) {
+               syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", file);
+               return -1;
+       }
+       return 0;
+}
+
+/* fills database with trusted keys */
+static int fill_trusted_keys_dir(const char *directory)
 {
        int err;
        DIR *dir;
        struct dirent *ent;
        char path[PATH_MAX], *e;
 
-       e = stpcpy(path, CA_ROOT_DIRECTORY);
+       e = stpcpy(path, directory);
        dir = opendir(path);
        if (!dir) {
-               syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys", path);
+               syslog(LOG_ERR, "opendir %s failed in fill_trusted_keys_dir", path);
                return -1;
        }
 
@@ -114,9 +125,8 @@ static int fill_trusted_keys()
        while (ent != NULL) {
                if (ent->d_type == DT_REG) {
                        strcpy(e, ent->d_name);
-                       err = xmlSecCryptoAppKeysMngrCertLoad(keymgr, path, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted);
+                       err = fill_trusted_keys_file(path);
                        if (err < 0) {
-                               syslog(LOG_ERR, "xmlSecCryptoAppKeysMngrCertLoadMemory failed for %s", path);
                                closedir(dir);
                                return -1;
                        }
@@ -180,7 +190,7 @@ int xmlsec_init()
                syslog(LOG_ERR, "xmlSecCryptoAppDefaultKeysMngrInit failed.");
                goto end;
        }
-       fill_trusted_keys();
+       fill_trusted_keys_dir(CA_ROOT_DIRECTORY);
 
        initstatus = 0;
 end: