[3.0] Apply certificate pinning

author Yoonsang Lee <ysang114.lee@samsung.com>

Tue, 22 Dec 2015 02:55:42 +0000 (11:55 +0900)

committer Yoonsang Lee <ysang114.lee@samsung.com>

Wed, 23 Dec 2015 08:06:24 +0000 (17:06 +0900)
author Yoonsang Lee <ysang114.lee@samsung.com>
Tue, 22 Dec 2015 02:55:42 +0000 (11:55 +0900)
committer Yoonsang Lee <ysang114.lee@samsung.com>
Wed, 23 Dec 2015 08:06:24 +0000 (17:06 +0900)
diff --git a/build/tizen/adaptor/Makefile.am b/build/tizen/adaptor/Makefile.am

index 517d8ae..6992d49 100644 (file)
--- a/build/tizen/adaptor/Makefile.am
+++ b/build/tizen/adaptor/Makefile.am
@@ -356,6 +356,9 @@ endif
  if UBUNTU_PROFILE
  libdali_adaptor_la_LIBADD += -ljpeg
  CFLAGS += -fPIC
+else
+libdali_adaptor_la_CXXFLAGS += $(TPKP_CURL_CFLAGS)
+libdali_adaptor_la_LIBADD += $(TPKP_CURL_LIBS)
  endif
  
  if !UBUNTU_PROFILE
diff --git a/build/tizen/configure.ac b/build/tizen/configure.ac

index c276626..3c49128 100644 (file)
--- a/build/tizen/configure.ac
+++ b/build/tizen/configure.ac
@@ -203,6 +203,7 @@ PKG_CHECK_MODULES(SENSOR, sensor)
  PKG_CHECK_MODULES(TTS, tts)
  PKG_CHECK_MODULES(VCONF, vconf)
  PKG_CHECK_MODULES(CAPI_SYSTEM_SYSTEM_SETTINGS, capi-system-system-settings)
+PKG_CHECK_MODULES(TPKP_CURL, tpkp-curl)
  
  if test "x$enable_wayland" != "xyes"; then
  PKG_CHECK_MODULES(UTILX, utilX)
diff --git a/packaging/dali-adaptor.spec b/packaging/dali-adaptor.spec

index e961db4..be4139b 100644 (file)
--- a/packaging/dali-adaptor.spec
+++ b/packaging/dali-adaptor.spec
@@ -62,6 +62,7 @@ BuildRequires:  pkgconfig(libpng)
  BuildRequires:  pkgconfig(glesv2)
  BuildRequires:  pkgconfig(egl)
  BuildRequires:  libcurl-devel
+BuildRequires:  pkgconfig(tpkp-curl)
  
  
  %if 0%{?over_tizen_2_2}
diff --git a/platform-abstractions/tizen/resource-loader/network/file-download.cpp b/platform-abstractions/tizen/resource-loader/network/file-download.cpp

index 9f91eb6..362fb7f 100755 (executable)
--- a/platform-abstractions/tizen/resource-loader/network/file-download.cpp
+++ b/platform-abstractions/tizen/resource-loader/network/file-download.cpp
@@ -25,6 +25,9 @@
  // INTERNAL INCLUDES
  #include "portable/file-closer.h"
  
+#ifndef DALI_PROFILE_UBUNTU
+#include <tpkp_curl.h>
+#endif // DALI_PROFILE_UBUNTU
  
  using namespace Dali::Integration;
  
@@ -55,6 +58,11 @@ void ConfigureCurlOptions( CURL* curl_handle, const std::string& url )
    curl_easy_setopt( curl_handle, CURLOPT_CONNECTTIMEOUT, CONNECTION_TIMEOUT_SECONDS );
    curl_easy_setopt( curl_handle, CURLOPT_HEADER, INCLUDE_HEADER );
    curl_easy_setopt( curl_handle, CURLOPT_NOBODY, EXCLUDE_BODY );
+
+#ifndef DALI_PROFILE_UBUNTU
+  // Apply certificate pinning on Tizen
+  curl_easy_setopt( curl_handle, CURLOPT_SSL_CTX_FUNCTION, tpkp_curl_ssl_ctx_callback );
+#endif // DALI_PROFILE_UBUNTU
  }
  
  // Without a write function or a buffer (file descriptor) to write to, curl will pump out
@@ -155,6 +163,11 @@ bool Network::DownloadRemoteFileIntoMemory( const std::string& url,
    // clean up session
    curl_easy_cleanup( curl_handle );
  
+#ifndef DALI_PROFILE_UBUNTU
+  // Clean up tpkp(the module for certificate pinning) resources on Tizen
+  tpkp_curl_cleanup();
+#endif // DALI_PROFILE_UBUNTU
+
    return result;
  }
author	Yoonsang Lee <ysang114.lee@samsung.com>
	Tue, 22 Dec 2015 02:55:42 +0000 (11:55 +0900)
committer	Yoonsang Lee <ysang114.lee@samsung.com>
	Wed, 23 Dec 2015 08:06:24 +0000 (17:06 +0900)
build/tizen/adaptor/Makefile.am		patch \| blob \| history
build/tizen/configure.ac		patch \| blob \| history
packaging/dali-adaptor.spec		patch \| blob \| history
platform-abstractions/tizen/resource-loader/network/file-download.cpp		patch \| blob \| history