#include <notification_internal.h>
#include <system_info.h>
#include <sqlite3.h>
+#include <cert-svc/ccert.h>
+#include <cert-svc/cinstance.h>
#include <glib.h>
#if !GLIB_CHECK_VERSION(2, 31, 0)
void on_bus_name_owner_changed(GDBusConnection *connection, const gchar *sender_name, const gchar *object_path,
const gchar *interface_name, const gchar *signal_name, GVariant *parameters, gpointer user_data);
bool __get_caller_unique_name(int pid, char *unique_name, int size, bool *is_app, uid_t uid);
+static bool __permit_by_config(pkgmgrinfo_appinfo_h handle, uid_t uid);
static int __db_busyhandler(void *pData, int count);
static notification_h __get_notification(guchar *data, int datalen);
return ret;
}
+static int __bg_category_func(const char *name, void *user_data)
+{
+ bg_category_cb_info_t *info = (bg_category_cb_info_t *)user_data;
+ ALARM_MGR_LOG_PRINT("appid[%s], bg name = %s", info->appid, name);
+ if (name && strncmp("enable", name, strlen(name)) &&
+ strncmp("disable", name, strlen(name))) {
+ info->has_bg = true;
+ return -1;
+ }
+
+ return 0;
+}
+
+static bool __is_permitted(const char *app_id, int alarm_type, uid_t uid)
+{
+ pkgmgrinfo_appinfo_h handle = NULL;
+ int ret;
+ bool _return = false;
+
+ if (app_id == NULL) {
+ ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n");
+ return false;
+ }
+
+ ret = pkgmgrinfo_appinfo_get_usr_appinfo(app_id, uid, &handle);
+ if (ret != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to get appinfo [%s]\n", app_id);
+ } else {
+ char *app_type = NULL;
+ ret = pkgmgrinfo_appinfo_get_component_type(handle, &app_type);
+ if (app_type && strcmp("uiapp", app_type) == 0) {
+ if (alarm_type & ALARM_TYPE_EXACT_SERVICE_APP) {
+ ALARM_MGR_EXCEPTION_PRINT("[%s] is ui application. it is not allowed", app_id);
+ _return = false;
+ goto out;
+ }
+ ALARM_MGR_LOG_PRINT("[%s] is ui application. It is allowed", app_id);
+ _return = true;
+ goto out;
+ } else if (app_type && strcmp("svcapp", app_type) == 0) {
+ ALARM_MGR_LOG_PRINT("[%s] is service application.", app_id);
+
+ if (__permit_by_config(handle, uid)) {
+ ALARM_MGR_LOG_PRINT("service applications are allowed");
+ _return = true;
+ goto out;
+ }
+
+ bg_category_cb_info_t info = {
+ .appid = app_id,
+ .has_bg = false
+ };
+
+ if (alarm_type & ALARM_TYPE_INEXACT || alarm_type & ALARM_TYPE_EXACT_SERVICE_APP) {
+ ret = pkgmgrinfo_appinfo_foreach_background_category(handle, __bg_category_func, &info);
+ if (ret == PMINFO_R_OK && info.has_bg) {
+ ALARM_MGR_LOG_PRINT("[%s] has background categories. It is allowed", app_id);
+ _return = true;
+ goto out;
+ } else {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to foreach background category. [%s] is not allowed", app_id);
+ }
+ }
+ }
+ }
+
+out:
+ if (handle)
+ pkgmgrinfo_appinfo_destroy_appinfo(handle);
+
+ return _return;
+}
+
+
+
static int __find_login_user(uid_t *uid)
{
uid_t *uids;
return true;
}
+static bool __permit_by_config(pkgmgrinfo_appinfo_h handle, uid_t uid)
+{
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-service-restricted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile restrict alarms for service applications\n");
+ return false;
+ }
+
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-platform-service-permitted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile permit alarm for service applications which has platform cert\n");
+ char *pkgid;
+ int r;
+ const char *cert_value;
+ pkgmgrinfo_certinfo_h certinfo;
+ CertSvcInstance instance;
+ CertSvcCertificate certificate;
+ CertSvcVisibility visibility = CERTSVC_VISIBILITY_PUBLIC;
+
+ r = pkgmgrinfo_appinfo_get_pkgid(handle, &pkgid);
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to get certinfo pkgid");
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_create_certinfo(&certinfo);
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to create certinfo");
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_load_certinfo(pkgid, certinfo, uid);
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to load certinfo");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_get_cert_value(certinfo,
+ PMINFO_DISTRIBUTOR_ROOT_CERT, &cert_value);
+ if (r != PMINFO_R_OK || cert_value == NULL) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to get cert value");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = certsvc_instance_new(&instance);
+ if (r != CERTSVC_SUCCESS) {
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_instance_new() is failed.");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = certsvc_certificate_new_from_memory(instance,
+ (const unsigned char *)cert_value,
+ strlen(cert_value),
+ CERTSVC_FORM_DER_BASE64,
+ &certificate);
+ if (r != CERTSVC_SUCCESS) {
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_new_from_memory() is failed.");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ certsvc_instance_free(instance);
+ return false;
+ }
+
+ r = certsvc_certificate_get_visibility(certificate, &visibility);
+ if (r != CERTSVC_SUCCESS)
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_get_visibility() is failed.");
+
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ certsvc_instance_free(instance);
+ certsvc_certificate_free(certificate);
+
+ ALARM_MGR_EXCEPTION_PRINT("visibility is %d", visibility);
+ if (visibility & CERTSVC_VISIBILITY_PLATFORM) {
+ return true;
+ }
+ }
+
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-all-service-permitted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile permit alarms for all service applications\n");
+ return true;
+ }
+
+ return false;
+}
+
#ifdef _APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG
static void __initialize_module_log(void)
{
#endif
int uid;
int pid;
+ int result;
+ bundle *b;
+ const char *callee_appid;
const char *name = g_dbus_method_invocation_get_sender(invoc);
uid = __get_caller_uid(name);
return true;
}
+ b = bundle_decode((bundle_raw *)bundle_data, strlen(bundle_data));
+ if (b == NULL) {
+ int ret_bundle = get_last_result();
+ ALARM_MGR_EXCEPTION_PRINT("Failed to decode bundle_data[Error:%d]\n", ret_bundle);
+ return_code = ERR_ALARM_SYSTEM_FAIL;
+ g_dbus_method_invocation_return_value(invoc, g_variant_new("(ii)", alarm_id, return_code));
+ return true;
+ } else {
+ callee_appid = appsvc_get_appid(b);
+
+ if (__compare_api_version(&result, pid, uid) < 0) {
+ ALARM_MGR_EXCEPTION_PRINT("Unable to check api version\n");
+ return_code = ERR_ALARM_SYSTEM_FAIL;
+ g_dbus_method_invocation_return_value(invoc, g_variant_new("(ii)", alarm_id, return_code));
+ bundle_free(b);
+ return true;
+ }
+
+ if (result < 0) {
+ if (alarm_type & ALARM_TYPE_INEXACT)
+ alarm_type ^= ALARM_TYPE_INEXACT;
+ } else { /* Since 2.4 */
+ if (!__is_permitted(callee_appid, alarm_type, uid)) {
+ ALARM_MGR_EXCEPTION_PRINT("[%s] is not permitted \n", callee_appid);
+ return_code = ERR_ALARM_NOT_PERMITTED_APP;
+ g_dbus_method_invocation_return_value(invoc, g_variant_new("(ii)", alarm_id, return_code));
+ bundle_free(b);
+ return true;
+ }
+ }
+
+ bundle_free(b);
+ }
+
+
alarm_info.start.year = start_year;
alarm_info.start.month = start_month;
alarm_info.start.day = start_day;
static GDBusNodeInfo *introspection_data;
-typedef enum {
- ALARM_MANAGER_SVC_UNKNOWN = 0,
- ALARM_MANAGER_SVC_RESTRICTED,
- ALARM_MANAGER_SVC_PERMITTED
-} svc_allowed_e;
-
-static svc_allowed_e svc_allowed;
-
static const gchar introspection_xml[] =
"<node name='/org/tizen/alarm/client'>"
" <interface name='org.tizen.alarm.client'>"
return true;
}
-static int __compare_api_version(int *result, uid_t uid)
-{
- int ret = 0;
- pkgmgrinfo_pkginfo_h pkginfo = NULL;
- char pkgid[512] = {0, };
- char *pkg_version;
-
- if (aul_app_get_pkgid_bypid_for_uid(getpid(), pkgid, sizeof(pkgid), uid) != AUL_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("aul_app_get_pkgid_bypid() is failed. PID %d may not be app.", getpid());
- } else {
- ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(pkgid, uid, &pkginfo);
- if (ret != PMINFO_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to get pkginfo\n");
- } else {
- ret = pkgmgrinfo_pkginfo_get_api_version(pkginfo, &pkg_version);
- if (ret != PMINFO_R_OK)
- ALARM_MGR_EXCEPTION_PRINT("Failed to check api version [%d]\n", ret);
-
- *result = strverscmp(pkg_version, "2.4");
- pkgmgrinfo_pkginfo_destroy_pkginfo(pkginfo);
- }
- }
- return ret;
-}
-
-static int __bg_category_func(const char *name, void *user_data)
-{
- bg_category_cb_info_t *info = (bg_category_cb_info_t *)user_data;
- ALARM_MGR_LOG_PRINT("appid[%s], bg name = %s", info->appid, name);
- if (name &&
- strncmp("enable", name, strlen(name)) && strncmp("disable", name, strlen(name))) {
- info->has_bg = true;
- return -1;
- }
-
- return 0;
-}
-
-static bool __permit_by_config(pkgmgrinfo_appinfo_h handle)
-{
- ALARM_MGR_LOG_PRINT("svc_allowed is %d", svc_allowed);
- switch (svc_allowed) {
- case ALARM_MANAGER_SVC_RESTRICTED:
- return false;
- case ALARM_MANAGER_SVC_PERMITTED:
- return true;
- case ALARM_MANAGER_SVC_UNKNOWN:
- break;
- default:
- break;
- }
-
- if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
- "alarm-manager/alarm-config-service-restricted"), F_OK) == 0) {
- ALARM_MGR_LOG_PRINT("This profile restrict alarms for service applications\n");
- svc_allowed = ALARM_MANAGER_SVC_RESTRICTED;
- return false;
- }
-
- if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
- "alarm-manager/alarm-config-platform-service-permitted"), F_OK) == 0) {
- ALARM_MGR_LOG_PRINT("This profile permit alarm for service applications which has platform cert\n");
- char *pkgid;
- int r;
- const char *cert_value;
- pkgmgrinfo_certinfo_h certinfo;
- CertSvcInstance instance;
- CertSvcCertificate certificate;
- CertSvcVisibility visibility = CERTSVC_VISIBILITY_PUBLIC;
-
- r = pkgmgrinfo_appinfo_get_pkgid(handle, &pkgid);
- if (r != PMINFO_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to get certinfo pkgid");
- return false;
- }
-
- r = pkgmgrinfo_pkginfo_create_certinfo(&certinfo);
- if (r != PMINFO_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to create certinfo");
- return false;
- }
-
- r = pkgmgrinfo_pkginfo_load_certinfo(pkgid, certinfo, getuid());
- if (r != PMINFO_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to load certinfo");
- pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
- return false;
- }
-
- r = pkgmgrinfo_pkginfo_get_cert_value(certinfo,
- PMINFO_DISTRIBUTOR_ROOT_CERT, &cert_value);
- if (r != PMINFO_R_OK || cert_value == NULL) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to get cert value");
- pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
- return false;
- }
-
- r = certsvc_instance_new(&instance);
- if (r != CERTSVC_SUCCESS) {
- ALARM_MGR_EXCEPTION_PRINT("certsvc_instance_new() is failed.");
- pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
- return false;
- }
-
- r = certsvc_certificate_new_from_memory(instance,
- (const unsigned char *)cert_value,
- strlen(cert_value),
- CERTSVC_FORM_DER_BASE64,
- &certificate);
- if (r != CERTSVC_SUCCESS) {
- ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_new_from_memory() is failed.");
- pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
- certsvc_instance_free(instance);
- return false;
- }
-
- r = certsvc_certificate_get_visibility(certificate, &visibility);
- if (r != CERTSVC_SUCCESS)
- ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_get_visibility() is failed.");
-
- pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
- certsvc_instance_free(instance);
- certsvc_certificate_free(certificate);
-
- ALARM_MGR_EXCEPTION_PRINT("visibility is %d", visibility);
- if (visibility & CERTSVC_VISIBILITY_PLATFORM) {
- svc_allowed = ALARM_MANAGER_SVC_PERMITTED;
- return true;
- }
- }
-
- if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
- "alarm-manager/alarm-config-all-service-permitted"), F_OK) == 0) {
- ALARM_MGR_LOG_PRINT("This profile permit alarms for all service applications\n");
- svc_allowed = ALARM_MANAGER_SVC_PERMITTED;
- return true;
- }
-
- svc_allowed = ALARM_MANAGER_SVC_RESTRICTED;
- return false;
-}
-
-static bool __is_permitted(const char *app_id, int alarm_type)
-{
- pkgmgrinfo_appinfo_h handle = NULL;
- int ret;
- bool _return = false;
-
- if (app_id == NULL) {
- ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n");
- return false;
- }
-
- ret = pkgmgrinfo_appinfo_get_usr_appinfo(app_id, getuid(), &handle);
- if (ret != PMINFO_R_OK) {
- ALARM_MGR_EXCEPTION_PRINT("Failed to get appinfo [%s]\n", app_id);
- } else {
- char *app_type = NULL;
- ret = pkgmgrinfo_appinfo_get_component_type(handle, &app_type);
- if (app_type && strcmp("uiapp", app_type) == 0) {
- if (alarm_type & ALARM_TYPE_EXACT_SERVICE_APP) {
- ALARM_MGR_EXCEPTION_PRINT("[%s] is ui application. it is not allowed", app_id);
- _return = false;
- goto out;
- }
- ALARM_MGR_LOG_PRINT("[%s] is ui application. It is allowed", app_id);
- _return = true;
- goto out;
- } else if (app_type && strcmp("svcapp", app_type) == 0) {
- ALARM_MGR_LOG_PRINT("[%s] is service application.", app_id);
-
- if (__permit_by_config(handle)) {
- ALARM_MGR_LOG_PRINT("service applications are allowed");
- _return = true;
- goto out;
- }
-
- bg_category_cb_info_t info = {
- .appid = app_id,
- .has_bg = false
- };
-
- if (alarm_type & ALARM_TYPE_INEXACT || alarm_type & ALARM_TYPE_EXACT_SERVICE_APP) {
- ret = pkgmgrinfo_appinfo_foreach_background_category(handle, __bg_category_func, &info);
- if (ret == PMINFO_R_OK && info.has_bg) {
- ALARM_MGR_LOG_PRINT("[%s] has background categories. It is allowed", app_id);
- _return = true;
- goto out;
- } else {
- ALARM_MGR_EXCEPTION_PRINT("Failed to foreach background category. [%s] is not allowed", app_id);
- }
- }
- }
- }
-
-out:
- if (handle)
- pkgmgrinfo_appinfo_destroy_appinfo(handle);
-
- return _return;
-}
-
static int __alarm_context_init()
{
if (sub_initialized)
const char *operation = NULL;
int error_code = 0;
const char *appid = NULL;
- int result;
bundle *b;
ALARM_MGR_LOG_PRINT("[alarm-lib]:alarm_create() is called\n");
return ERR_ALARM_INVALID_PARAM;
}
- if (__compare_api_version(&result, getuid()) < 0)
- return ERR_ALARM_SYSTEM_FAIL;
-
- if (result >= 0 && !__is_permitted(appid, alarm_info->alarm_type)) {
- ALARM_MGR_EXCEPTION_PRINT("[%s] is not permitted \n", appid);
- return ERR_ALARM_NOT_PERMITTED_APP;
- }
-
if (alarm_info == NULL || alarm_id == NULL) {
ALARM_MGR_EXCEPTION_PRINT("Invalid parameter\n");
return ERR_ALARM_INVALID_PARAM;
alarm_id_t *alarm_id)
{
int error_code = 0;
- int result;
struct timeval current_time;
struct tm duetime_tm;
alarm_info_t alarm_info;
alarm_info.alarm_type = alarm_type;
alarm_info.alarm_type |= ALARM_TYPE_RELATIVE;
- if (__compare_api_version(&result, getuid()) < 0)
- return ERR_ALARM_SYSTEM_FAIL;
-
- if (result < 0) {
- if (alarm_info.alarm_type & ALARM_TYPE_INEXACT)
- alarm_info.alarm_type ^= ALARM_TYPE_INEXACT;
- } else { /* Since 2.4 */
- if (!__is_permitted(appid, alarm_info.alarm_type)) {
- ALARM_MGR_EXCEPTION_PRINT("[%s] is not permitted \n", appid);
- return ERR_ALARM_NOT_PERMITTED_APP;
- }
- }
-
gettimeofday(¤t_time, NULL);
if (current_time.tv_usec > 500 * 1000) {
/* When the millisecond part of the current_time is bigger than 500ms,