From 653fea874aa5308e71b26615d1262e18554dae51 Mon Sep 17 00:00:00 2001 From: Sunwook Bae Date: Fri, 29 Mar 2013 09:07:29 +0900 Subject: [PATCH] Move a cert check to channel-service Change-Id: I4bc8d563067ebd8602a68f2e401e17b644622afc Signed-off-by: Sunwook Bae --- CMakeLists.txt | 1 - packaging/message-port.spec | 1 - src/MessagePortProxy.cpp | 144 +++++++++++++------------------------------- src/MessagePortProxy.h | 4 -- 4 files changed, 41 insertions(+), 109 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 64adece..bdcf3ea 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -60,7 +60,6 @@ TARGET_LINK_LIBRARIES(${this_target} "-lbundle" ) TARGET_LINK_LIBRARIES(${this_target} "-lglib-2.0" ) TARGET_LINK_LIBRARIES(${this_target} "-lchromium" ) TARGET_LINK_LIBRARIES(${this_target} "-lcapi-appfw-app-manager" ) -TARGET_LINK_LIBRARIES(${this_target} "-lcapi-appfw-package-manager" ) SET_TARGET_PROPERTIES(${this_target} PROPERTIES diff --git a/packaging/message-port.spec b/packaging/message-port.spec index 9c147f9..1c887d7 100755 --- a/packaging/message-port.spec +++ b/packaging/message-port.spec @@ -14,7 +14,6 @@ BuildRequires: pkgconfig(bundle) BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(chromium) BuildRequires: pkgconfig(capi-appfw-app-manager) -BuildRequires: pkgconfig(capi-appfw-package-manager) # runtime requires Requires: chromium diff --git a/src/MessagePortProxy.cpp b/src/MessagePortProxy.cpp index f151bb9..8945dba 100644 --- a/src/MessagePortProxy.cpp +++ b/src/MessagePortProxy.cpp @@ -26,8 +26,6 @@ #include #include -#include - #include "message-port.h" #include "message-port-messages.h" #include "message-port-log.h" @@ -169,7 +167,6 @@ MessagePortProxy::RegisterMessagePort(const string& localPort, bool isTrusted, return MESSAGEPORT_ERROR_IO_ERROR; } - // Add a listener if (!isTrusted) { @@ -197,23 +194,10 @@ MessagePortProxy::CheckRemotePort(const string& remoteAppId, const string& remot { _LOGD("Check a remote port : [%s:%s]", remoteAppId.c_str(), remotePort.c_str()); - int ret = 0; + bundle *b = bundle_create(); - // Check the certificate - if (isTrusted) - { - // Check the preloaded - if (!IsPreloaded(remoteAppId)) - { - ret = CheckCertificate(remoteAppId); - if (ret < 0) - { - return ret; - } - } - } + bundle_add(b, LOCAL_APPID, __appId.c_str()); - bundle *b = bundle_create(); bundle_add(b, REMOTE_APPID, remoteAppId.c_str()); bundle_add(b, REMOTE_PORT, remotePort.c_str()); @@ -239,7 +223,7 @@ MessagePortProxy::CheckRemotePort(const string& remoteAppId, const string& remot return MESSAGEPORT_ERROR_OUT_OF_MEMORY; } - ret = __pIpcClient->SendRequest(pMsg); + int ret = __pIpcClient->SendRequest(pMsg); delete pMsg; @@ -256,9 +240,18 @@ MessagePortProxy::CheckRemotePort(const string& remoteAppId, const string& remot { if (return_value == MESSAGEPORT_ERROR_MESSAGEPORT_NOT_FOUND) { + _LOGE("The remote message port (%s) is not found.", remotePort.c_str()); + *exist = false; return 0; } + else if (return_value == MESSAGEPORT_ERROR_CERTIFICATE_NOT_MATCH) + { + _LOGE("The remote application (%s) is not signed with the same certificate", remoteAppId.c_str()); + + *exist = true; + return MESSAGEPORT_ERROR_CERTIFICATE_NOT_MATCH; + } else { _LOGE("Failed to check the remote messge port: %d.", return_value); @@ -277,22 +270,10 @@ MessagePortProxy::SendMessage(const string& remoteAppId, const string& remotePor int ret = 0; - // Check the certificate - if (trustedMessage) - { - // Check the preloaded - if (!IsPreloaded(remoteAppId)) - { - ret = CheckCertificate(remoteAppId); - if (ret < 0) - { - return ret; - } - } - } - bundle_add(data, MESSAGE_TYPE, "UNI-DIR"); + bundle_add(data, LOCAL_APPID, __appId.c_str()); + bundle_add(data, REMOTE_APPID, remoteAppId.c_str()); bundle_add(data, REMOTE_PORT, remotePort.c_str()); @@ -320,20 +301,6 @@ MessagePortProxy::SendMessage(const string& localPort, bool trustedPort, const s int ret = 0; - // Check the certificate - if (trustedMessage) - { - // Check the preloaded - if (!IsPreloaded(remoteAppId)) - { - ret = CheckCertificate(remoteAppId); - if (ret < 0) - { - return ret; - } - } - } - bundle_add(data, MESSAGE_TYPE, "BI-DIR"); bundle_add(data, LOCAL_APPID, __appId.c_str()); @@ -371,9 +338,8 @@ MessagePortProxy::SendMessage(const string& localPort, bool trustedPort, const s int MessagePortProxy::SendMessageInternal(const BundleBuffer& buffer) { - int ret = 0; - - IPC::Message* pMsg = new MessagePort_sendMessage(buffer, &ret); + int return_value = 0; + IPC::Message* pMsg = new MessagePort_sendMessage(buffer, &return_value); if (pMsg == NULL) { return MESSAGEPORT_ERROR_OUT_OF_MEMORY; @@ -392,15 +358,38 @@ MessagePortProxy::SendMessageInternal(const BundleBuffer& buffer) return MESSAGEPORT_ERROR_MAX_EXCEEDED; } - ret = __pIpcClient->SendRequest(pMsg); + int ret = __pIpcClient->SendRequest(pMsg); delete pMsg; - if (ret != 0) + if (ret < 0) { _LOGE("Failed to send a request: %d.", ret); + return MESSAGEPORT_ERROR_IO_ERROR; } + if (return_value < 0) + { + if (return_value == MESSAGEPORT_ERROR_MESSAGEPORT_NOT_FOUND) + { + _LOGE("The remote message port is not found."); + + return MESSAGEPORT_ERROR_MESSAGEPORT_NOT_FOUND; + } + else if (return_value == MESSAGEPORT_ERROR_CERTIFICATE_NOT_MATCH) + { + _LOGE("The remote application is not signed with the same certificate."); + + return MESSAGEPORT_ERROR_CERTIFICATE_NOT_MATCH; + } + else + { + _LOGE("Failed to check the remote messge port: %d.", return_value); + + return MESSAGEPORT_ERROR_IO_ERROR; + } + } + return 0; } @@ -544,57 +533,6 @@ MessagePortProxy::IsLocalPortRegisted(const string& localPort, bool trusted, int return false; } -int -MessagePortProxy::CheckCertificate(const std::string& remoteAppId) -{ - package_manager_compare_result_type_e res; - int ret = package_manager_compare_app_cert_info(__appId.c_str(), remoteAppId.c_str(), &res); - - if (ret == 0) - { - if (res != PACAKGE_MANAGER_COMPARE_MATCH) - { - _LOGE("The remote application (%s) is not signed with the same certificate", remoteAppId.c_str()); - return MESSAGEPORT_ERROR_CERTIFICATE_NOT_MATCH; - } - } - else - { - _LOGE("Failed to check the certificate: %d.", ret); - return MESSAGEPORT_ERROR_IO_ERROR; - } - - return 0; -} - -bool -MessagePortProxy::IsPreloaded(const std::string& remoteAppId) -{ - bool preload_local = false; - bool preload_remote = false; - - if (package_manager_is_preload_package_by_app_id(__appId.c_str(), &preload_local) == 0) - { - if (package_manager_is_preload_package_by_app_id(remoteAppId.c_str(), &preload_remote) == 0) - { - if (preload_local && preload_remote) - { - return true; - } - } - else - { - _LOGE("Failed to check the preloaded application."); - } - } - else - { - _LOGE("Failed to check the preloaded application."); - } - - return false; -} - bool MessagePortProxy::OnSendMessageInternal(const BundleBuffer& buffer) { diff --git a/src/MessagePortProxy.h b/src/MessagePortProxy.h index 129de9b..be05363 100644 --- a/src/MessagePortProxy.h +++ b/src/MessagePortProxy.h @@ -90,10 +90,6 @@ private: bool IsLocalPortRegisted(const std::string& localPort, bool trusted, int &id); - int CheckCertificate(const std::string& remoteAppId); - - bool IsPreloaded(const std::string& remoteAppId); - private: IpcClient* __pIpcClient; pthread_mutex_t* __pMutex; -- 2.7.4