wgtpkg-digsig: Add flag to accept/refuse a WGT without signature

This flag allows with a single function to check the signature
and the case that a not signed widget is to be refused in the same
way that the signature is wrong.

The CMAKE boolean ALLOW_NO_SIGNATURE can be used to control
the default behavior at compile time. By default its value
is OFF meaning that install will refuse widgets without
signature.

Relates to Bug-AGL: SPEC-1590

Change-Id: I403109272759454696a1e5d9913879aaea7676e6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 87373de..dc7f482 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -32,6 +32,7 @@ set(PROJECT_URL "https://gerrit.automotivelinux.org/gerrit/gitweb?p=src/app-fram
 set(USE_LIBZIP     ON  CACHE BOOL "should try to use libzip?")
 set(USE_SIMULATION OFF CACHE BOOL "if set simulates security manager and smack")
 set(USE_SDK        OFF CACHE BOOL "if set, avoids installating system runtime files")
+set(ALLOW_NO_SIGNATURE OFF CACHE BOOL "if set, widgets without signature are accepted")
 
 set(SIMULATE_SECMGR OFF CACHE BOOL "if set, the security manager is simulated")
 set(SIMULATE_SMACK  OFF CACHE BOOL "if set, the smack environment is simulated")
@@ -69,6 +70,12 @@ add_definitions(
        -DSYSTEMD_UNITS_ROOT="${systemd_units_root}"
        -DAFM_VERSION="${PROJECT_VERSION}"
 )
+if(ALLOW_NO_SIGNATURE)
+       add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=1)
+else(ALLOW_NO_SIGNATURE)
+       add_definitions(-DDEFAULT_ALLOW_NO_SIGNATURE=0)
+endif(ALLOW_NO_SIGNATURE)
+
 
 add_subdirectory(src)
 add_subdirectory(conf)

diff --git a/src/wgtpkg-digsig.c b/src/wgtpkg-digsig.c
index a1cb55f..36060ce 100644 (file)
--- a/src/wgtpkg-digsig.c
+++ b/src/wgtpkg-digsig.c
@@ -336,13 +336,17 @@ int verify_digsig(struct filedesc *fdesc)
 }
 
 /* check all the signature files */
-int check_all_signatures()
+int check_all_signatures(int allow_none)
 {
        int rc, irc;
        unsigned int i, n;
        struct filedesc *fdesc;
 
        n = signature_count();
+       if (n == 0 && !allow_none) {
+               ERROR("no signature found");
+               return -1;
+       }
        rc = 0;
        for (i = n ; i-- > 0 ; ) {
                fdesc = signature_of_index(i);

diff --git a/src/wgtpkg-digsig.h b/src/wgtpkg-digsig.h
index 7bcb18f..fee9d49 100644 (file)
--- a/src/wgtpkg-digsig.h
+++ b/src/wgtpkg-digsig.h
@@ -24,5 +24,8 @@ extern int verify_digsig(struct filedesc *fdesc);
 extern int create_digsig(unsigned int index, const char *key, const char **certs);
 
 /* check the signatures of the current directory */
-extern int check_all_signatures();
+extern int check_all_signatures(int allow_none);
 
+#if !defined(DEFAULT_ALLOW_NO_SIGNATURE)
+#define DEFAULT_ALLOW_NO_SIGNATURE 0
+#endif

diff --git a/src/wgtpkg-info.c b/src/wgtpkg-info.c
index 4849de7..1c9eac0 100644 (file)
--- a/src/wgtpkg-info.c
+++ b/src/wgtpkg-info.c
@@ -155,11 +155,11 @@ static void show(const char *wgtfile)
        if (zread(wgtfile, 0))
                goto error2;
 
-       if (check_all_signatures())
+       if (check_all_signatures(1)) /* info even on WGT without signature */
                goto error2;
 
        check_and_show();
-       
+
 error2:
        remove_workdir();
        return;

diff --git a/src/wgtpkg-install.c b/src/wgtpkg-install.c
index 505b915..27dcb87 100644 (file)
--- a/src/wgtpkg-install.c
+++ b/src/wgtpkg-install.c
@@ -168,13 +168,13 @@ static int check_valid_string(const char *value, const char *name)
        if (c == 0) {
                ERROR("empty string forbidden in '%s' (temporary constraints)", name);
                errno = EINVAL;
-               return -1;                      
+               return -1;
        }
        do {
                if (!isalnum(c) && !strchr(".-_", c)) {
                        ERROR("forbidden char %c in '%s' -> '%s' (temporary constraints)", c, name, value);
                        errno = EINVAL;
-                       return -1;                      
+                       return -1;
                }
                c = value[++pos];
        } while(c);
@@ -517,7 +517,7 @@ struct wgt_info *install_widget(const char *wgtfile, const char *root, int force
        if (zread(wgtfile, 0))
                goto error2;
 
-       if (check_all_signatures())
+       if (check_all_signatures(DEFAULT_ALLOW_NO_SIGNATURE))
                goto error2;
 
        ifo = wgt_info_createat(workdirfd, NULL, 1, 1, 1);