From 77c1d21f4caab06e24efd6c0937e05af74a3b2b6 Mon Sep 17 00:00:00 2001 From: jongmyeongko Date: Thu, 16 Feb 2017 22:12:10 +0900 Subject: [PATCH] Modify cert-info related logic of pkginfo - Privileged user process can handle cert-info. - Actually, the user id is not neccessary to handle cert-info. Because, the cert-info database has unified concept and the pkgid/appid is globally unique. Change-Id: I318d93638221b40004b2128d5287d5fb110ce545 Signed-off-by: jongmyeongko --- src/pkg_info.c | 198 +++++++++++++++++++++++++++++++++------------------------ 1 file changed, 114 insertions(+), 84 deletions(-) diff --git a/src/pkg_info.c b/src/pkg_info.c index 4f5b782..de84154 100644 --- a/src/pkg_info.c +++ b/src/pkg_info.c @@ -254,15 +254,15 @@ static void __print_usage() printf("\tpkginfo --[imd|rmd] \n\n"); printf("To set manifest validation\n"); printf("\tpkginfo --check \n\n"); - printf("To set cert info in DB\n"); + printf("To set cert info in DB [root only]\n"); printf("\tpkginfo --setcert \n\n"); - printf("To get cert info from DB\n"); + printf("To get cert info from DB [root only]\n"); printf("\tpkginfo --getcert \n\n"); printf("To compare pkg cert info from DB\n"); printf("\tpkginfo --cmp-pkgcert \n\n"); printf("To compare app cert info from DB\n"); printf("\tpkginfo --cmp-appcert \n\n"); - printf("To delete all cert info from DB\n"); + printf("To delete all cert info from DB [root only]\n"); printf("\tpkginfo --delcert \n\n"); printf("To add application filter values [Multiple values can be added]\n"); printf("\tpkginfo --app-flt\n\n"); @@ -1940,6 +1940,16 @@ static int __check_manifest_validation(char *manifest) return 0; } +static int _is_authorized(uid_t uid) +{ + if ((uid_t) OWNER_ROOT == uid) { + return 1; + } else { + printf("Error! This cmd is allowed for only root user!\n\n"); + return 0; + } +} + int main(int argc, char *argv[]) { int ret = 0; @@ -1950,6 +1960,49 @@ int main(int argc, char *argv[]) gettimeofday(&tv, NULL); starttime = tv.tv_sec * 1000l + tv.tv_usec / 1000l; + if (argc < 2) { + __print_usage(); + ret = -1; + goto end; + } + + /* TODO : refactor all with getopt system funtion */ + /* a group for the authorized user */ + if (strcmp(argv[1], "--setcert") == 0) { + if (argc != 3 || !_is_authorized(getuid())) { + __print_usage(); + ret = -1; + goto end; + } + ret = __set_certinfo_in_db(argv[2], 0); + if (ret == -1) { + printf("set certinfo in db failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--getcert") == 0) { + if (argc != 3 || !_is_authorized(getuid())) { + __print_usage(); + ret = -1; + goto end; + } + ret = __get_certinfo_from_db(argv[2], 0); + if (ret == -1) { + printf("get certinfo from db failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--delcert") == 0) { + if (argc != 3 || !_is_authorized(getuid())) { + __print_usage(); + ret = -1; + goto end; + } + ret = __del_certinfo_from_db(argv[2]); + if (ret == -1) { + printf("del certinfo from db failed\n"); + goto end; + } + } + if (argc == 2) { if (strcmp(argv[1], "--listpkg") == 0) { ret = __get_pkg_list(getuid()); @@ -1996,6 +2049,63 @@ int main(int argc, char *argv[]) ret = -1; goto end; } + } else if (argc == 3) { + if (strcmp(argv[1], "--pkg") == 0) { + ret = __get_pkg_info(argv[2], getuid()); + if (ret == -1) { + printf("get pkg info failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--app") == 0) { + ret = __get_app_info(argv[2]); + if (ret == -1) { + printf("get app info failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--list") == 0) { + ret = __get_app_list(argv[2], getuid()); + if (ret == -1) { + printf("get app list failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--imd") == 0) { + printf("Not supported!\n"); + goto end; + } else if (strcmp(argv[1], "--fota") == 0) { + printf("Not supported!\n"); + goto end; + } else if (strcmp(argv[1], "--rmd") == 0) { + printf("Not supported!\n"); + goto end; + } else if (strcmp(argv[1], "--check") == 0) { + ret = __check_manifest_validation(argv[2]); + if (ret == -1) { + printf("check manifest failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--category") == 0) { + ret = __get_app_category_list(argv[2]); + if (ret == -1) { + printf("get app category list failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--metadata") == 0) { + ret = __get_app_metadata_list(argv[2]); + if (ret == -1) { + printf("get app metadata list failed\n"); + goto end; + } + } else if (strcmp(argv[1], "--appcontrol") == 0) { + ret = __get_app_control_list(argv[2]); + if (ret == -1) { + printf("get app control list failed\n"); + goto end; + } + } else { + __print_usage(); + ret = -1; + goto end; + } } else if (argc == 4) { if (strcmp(argv[1], "--cmp-pkgcert") == 0) { ret = __compare_pkg_certinfo_from_db(argv[2], argv[3], getuid()); @@ -2023,90 +2133,10 @@ int main(int argc, char *argv[]) ret = -1; goto end; } - } - - if (argc != 3) { + } else { __print_usage(); ret = -1; - goto end; } - if (!argv[1] || !argv[2]) { - __print_usage(); - ret = -1; - goto end; - } - - if (strcmp(argv[1], "--pkg") == 0) { - ret = __get_pkg_info(argv[2], getuid()); - if (ret == -1) { - printf("get pkg info failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--app") == 0) { - ret = __get_app_info(argv[2]); - if (ret == -1) { - printf("get app info failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--list") == 0) { - ret = __get_app_list(argv[2], getuid()); - if (ret == -1) { - printf("get app list failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--imd") == 0) { - printf("Not supported!\n"); - goto end; - } else if (strcmp(argv[1], "--fota") == 0) { - printf("Not supported!\n"); - goto end; - } else if (strcmp(argv[1], "--rmd") == 0) { - printf("Not supported!\n"); - goto end; - } else if (strcmp(argv[1], "--setcert") == 0) { - ret = __set_certinfo_in_db(argv[2], getuid()); - if (ret == -1) { - printf("set certinfo in db failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--getcert") == 0) { - ret = __get_certinfo_from_db(argv[2], getuid()); - if (ret == -1) { - printf("get certinfo from db failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--delcert") == 0) { - ret = __del_certinfo_from_db(argv[2]); - if (ret == -1) { - printf("del certinfo from db failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--check") == 0) { - ret = __check_manifest_validation(argv[2]); - if (ret == -1) { - printf("check manifest failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--category") == 0) { - ret = __get_app_category_list(argv[2]); - if (ret == -1) { - printf("get app category list failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--metadata") == 0) { - ret = __get_app_metadata_list(argv[2]); - if (ret == -1) { - printf("get app metadata list failed\n"); - goto end; - } - } else if (strcmp(argv[1], "--appcontrol") == 0) { - ret = __get_app_control_list(argv[2]); - if (ret == -1) { - printf("get app control list failed\n"); - goto end; - } - } else - __print_usage(); end: gettimeofday(&tv, NULL); -- 2.7.4