summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2016-07-24Add package info validation logicsangwan.kwon2-0/+18
* Before popup call app-control for launching setting-manager, * Check package info first. Change-Id: If0f607694b7fb18f2ddff556f3fc0726cb591d61 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-07-22Replace popup architecture to systemd servicesangwan.kwon16-786/+499
[AS-IS] * popup used to pipe for IPC [TO-BE] * use to systemd service Change-Id: Ie203c8a4dbcb071fd3896e0c7af1bb8cd7280dbf Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-06-30Fix svace defectssangwan.kwon2-71/+97
* About taint checking, variable should be checked boundary. * About exception handling, should handle whole possible exception. Change-Id: I6e85bc12cdeea550f7ea1c6dd06b7d9cbb91b3d7 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-05-30Apply tizen coding rulesangwan.kwon50-4167/+4077
* It depends on cpp rule checker(version 160520) Change-Id: Ica308e1296be4f3567725fdb004f3bae8a456a0c
2016-05-25Fix build error at 64bit archsubmit/tizen/20160525.085258accepted/tizen/mobile/20160602.021048accepted/tizen/ivi/20160602.021115accepted/tizen/common/20160525.160330accepted/tizen_iviaccepted/tizen_commonsangwan.kwon1-20/+0
[problem] * In 64bit arch, time_t and int64_t has problem when overloading [solve] * Delete time_t in serialization.h Change-Id: I20dc01022487dadd4119ee318ef2bf4de478a984
2016-05-24Add CAPI for clientsangwan.kwon5-7/+90
Change-Id: Ie618a4248445c1b4bebf3bb47b13486463a4b67f
2016-05-24Add mainloop stop logic by using eventfdsangwan.kwon7-7/+150
Change-Id: If175379bebd20eeb60d091284f754857f59d34a7
2016-05-20Seperate logic to thread for several client connectionsangwan.kwon5-8/+16
Change-Id: I8424f68e23f32cc8104c9c3987bc2054c6c034ad
2016-05-20Apply timeout at g_main_loopsangwan.kwon4-14/+38
* If no event since cchecker launched, cchecker should exit * timeout = 10 miniute Change-Id: Ie472171c597e6dc4ffda1674bc859e26a066d9ca
2016-05-19Fix namespace of Clientsangwan.kwon3-6/+0
Change-Id: I569965b36bb8ab7d505fabaccb270eaec016f853
2016-05-19Adjust class access modifier in logicsangwan.kwon1-12/+15
Change-Id: I6881cfaa24adb1e58e4d4c5d8da886b7dd79e27a
2016-05-18Add timer for remaining buffersangwan.kwon5-2/+172
* Timer's interval is 1 hour. * It works periodically until buffer is empty. Change-Id: I719c9addcedeb6f276d969a849c8374813857589
2016-05-16Add logic to deal remaining buffersangwan.kwon1-15/+26
* If process return OCSP_CHECK_AGAIN, don't exit. Change-Id: I3ddeed639cc854a22f3e88b6ab5f1f29935c7c30
2016-05-12Detach looping logic from setupsangwan.kwon4-7/+17
[AS-IS] * running g_main_loop is in setup * so, it can hard to test [TO-BE] * seperate setup and looping Change-Id: I591da58b93895e46adbd1262b11e0d7dd545c7c6
2016-05-12Move log system to common librarysangwan.kwon23-32/+30
Change-Id: I313b4b4d6019cca575996f7f3fd3f3254f4ce11a
2016-05-11Implement on-demand style about client-sidesangwan.kwon13-12/+376
[AS-IS] * cert-checker was daemon. [TO-BE] * Change to on-demand style. * Add client library. Change-Id: Ia318bc8a724db1f50a50bd42aa4c8c94b078e287
2016-05-10Implement on-demand style about server-sidesangwan.kwon31-103/+1993
[AS-IS] * cert-checker was daemon. [TO-BE] * Change to on-demand style. * cert-svc call cert-checker. * Add common library. Change-Id: Idab160e6103cf62299b97a5485a767de9831d614 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-04-15change a user from system to security_fwsubmit/tizen/20160419.001742submit/tizen/20160418.074121accepted/tizen/mobile/20160419.050219accepted/tizen/ivi/20160419.050238accepted/tizen/common/20160419.143240Dongsun Lee2-3/+1
Change-Id: I394228947a672e9e6a6c0110bd8fb8cdaae66060 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2016-03-15Delete thread unsafe function. strerrorsubmit/tizen/20160321.051308accepted/tizen/wearable/20160321.113743accepted/tizen/tv/20160321.113723accepted/tizen/mobile/20160321.113706accepted/tizen/ivi/20160321.113800accepted/tizen/common/20160321.150604sangwan.kwon2-2/+11
* use GetErrnoString() instead of it Change-Id: I0d767d423be26987d387ad1b1c5899d7f36a27b3 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-03-15Set linker flags and delete unuse librarysangwan.kwon3-5/+0
* flag : about as-needed * delete lib : cert-svc Change-Id: Iba79ed9fc6dd5d478ccb871b3f8aeac41a10dedf Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-03-04Specify signed keyword explicitlysubmit/tizen/20160304.055833accepted/tizen/wearable/20160305.093447accepted/tizen/tv/20160305.093432accepted/tizen/mobile/20160305.093413accepted/tizen/ivi/20160305.093507accepted/tizen/common/20160304.195523sangwan.kwon1-2/+2
Change-Id: Ief109eac6c859e4a158473611d63a5de134fc369 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-03-02Fix hard coded pathsangwan.kwon2-1/+4
Change-Id: Ic47c2b6f4201fc71104077fd93dba2bff09d139c Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-02-25Delete unuse data, functionsangwan.kwon7-199/+15
* key-manager uses only a chain for OCSP Check * url is no longer needed Change-Id: I8fb1e8baa6834c79a487ff865c0c6452b34078f1 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-02-24Change building certificate chain APIsubmit/tizen/20160224.080105accepted/tizen/wearable/20160225.080701accepted/tizen/tv/20160225.080643accepted/tizen/mobile/20160225.080627accepted/tizen/ivi/20160225.080714sangwan.kwon2-63/+89
* cert-svc API, key-manager API -> pkgmgr-info API Change-Id: I1c3523dd73041f117fab1c1b0012d25c1535defe Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2016-02-17Change package event handler APIsangwan.kwon3-121/+210
* Dbus API -> pkgmgrinfo API Change-Id: Ia7a8d84e7eaf35d5be5d077b753ec1915b1b49d0 Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
2015-11-25Use new cert-svc vcore APIsubmit/tizen_ivi/20160217.000003submit/tizen_ivi/20160217.000000submit/tizen_common/20151229.154718submit/tizen_common/20151229.144031submit/tizen_common/20151229.142028submit/tizen/20151204.130942accepted/tizen/wearable/20151206.224905accepted/tizen/tv/20151206.224844accepted/tizen/mobile/20151206.224825accepted/tizen/ivi/20160218.023939Janusz Kozerski1-2/+2
Vcore SignatureValidator API has been changed. This commit introduces usage of the new API. Change-Id: I074e0ca0660b980b4defa9d95ae5869099822eb0
2015-11-17Fix klocwork issuesJanusz Kozerski1-1/+1
Verification: Build, run tests. Change-Id: I91e4dea095cc427576e0e4d75eb335e65ee4ae5d
2015-11-10Add popupJanusz Kozerski15-171/+1333
Since Notification framework doesn't support system daemons, the cert-checker's internal popup should be provided. Add implementation of popup binary - /usr/bin/cert-checker-popup Cert-checker forks(), execs a popup binary, waits for popup termination, and then reads user response from pipe. Change-Id: Ie2e70f661feb1f262841d59a1b4c6a7ec49901f9
2015-09-14Add missing code for logic testsJanusz Kozerski3-5/+24
Change-Id: Iaa411b52647f2348024b1e8d100d678f89a48c5f
2015-09-08Fixed synchronisation issuesKrzysztof Jackiewicz2-59/+82
[Problem] Production code mixed with test code. Poor readability. Synchronisation issues. [Solution] Synchronisation reimplemented. Test code separated from production code. [Verification] Run all test Change-Id: Iea5ed2ce9f10a4cdac8994acf91809cd12050d69
2015-09-08Use new cert-svc-vcore API: makeChainBySignature()Janusz Kozerski4-109/+52
This change includes adding cert_order in DB. Chain of certificates should be created while reading/parsing signature. Certificates should be put into DB in right order - first should go end entity certificate. DB ensures that certificates will be loaded into the buffer in exactly same order (end entity will be the first element on the list). Verification: Run tests, all should pass. Change-Id: I09571bab7862bdb539dd3a957330fe23d687b48f
2015-08-03Add defines in DB codeJanusz Kozerski1-50/+54
Change-Id: I7405977c655032e4d520dcd064979302105b820c
2015-08-03Add popup UI (+tests)Janusz Kozerski9-7/+398
Notification framework currently doesn't work properly on tizen.org/common. To test UI run: cert-checker-popup-test, and check if UI is displayed correctly. Change-Id: I0eb9b134c77c82eb77b4834b81a1cd1fa19dd620
2015-07-31Get online status from connman at startup.Janusz Kozerski2-22/+60
* Fix DBus proxy pointer Change-Id: Iad1cfe8e6a02136e5a899b50560a586265c5a322
2015-07-17Add systemd configurationJanusz Kozerski1-1/+1
Change-Id: Id0de6e5eb1387e99b8c8bcb0c66ae13151c1a3f7
2015-07-17Add OCSP verification (CKM API is used)Janusz Kozerski5-48/+237
* Add tests for certificates * Remove unnecessary methods in Logic class * Add missing include * Use new cert-checker-vcore API Change-Id: Idfa777d1f1ba6f7142ea78e29bf1bc63415b128e
2015-07-10Refactor DB and app_t structure - preparation for OCSP checking.Janusz Kozerski5-49/+127
New version of DB is needed to keep separately certificates from each signatrue. Because application can be signed by more than one signature we need to keep all certificates from all signatures in separate lists to make building certificates' chains easier. * Add operators (==, !=, <) for app_t structre * Add operators (==, !=) for event_t structure * Add tests for operators * Remove check_id from app_t structure Change-Id: I966dd81420618325d1afa55bcbc656291ccb4238
2015-07-06Add pulling out certificates from apps' signature.Janusz Kozerski32-48/+296
* Move DPL include files from "dpl/*" into "cchecker/dpl/* because of cert-svc-vcore also uses DPL (from wrt-commons), and that was causing build break. * Certificates are stored in buffer and database. * OCSP URLs are pulled out from certificates and stored in database. Change-Id: Ic0601da38619f7c7b784d952abe56888db036673
2015-07-06Add thread for processing eventsJanusz Kozerski2-9/+171
Thread is waiting on conditional for events. When event will be add to queue the callback will send signal to thread (connman callback sends signal without adding event to queue). The thread: * Process the queue first: Moves all events from queue into the buffer. * Then process buffer (checks OCSP, shows popup, etc.) - to be implemented. Change-Id: I8cadc43b8d2c704bf07f0aec63b909ec4d52d5a7
2015-07-06Add thread-safe Queue classJanusz Kozerski5-0/+133
* Add m_queue member to Logic class Change-Id: I31574fccd48cddc8bbb467568cf72c4d80d94803
2015-06-26Replace pkgmgr signal handling with dbus APIJanusz Kozerski3-92/+160
After fix package-manager API using of its API can be restored. [Verication] 1) Build cert-checker with debug and run it on emulator 2) In 2nd console run: journalctl -f | grep cert-checker 3) Install and uninstall app in some random order: install: pkgcmd -i -t wgt -p /usr/share/widget_demo/mancala.wgt -q uninstall: pkgcmd -u -n yKrWwxz1KX -q 4) Check if journal logs are correct Change-Id: I60a77c2862dd9745e1b422fb2eb3afec13b40d14
2015-06-26Add cert-checker database (+tests). Change include files path.Janusz Kozerski16-37/+639
* Add m_buffer in Logic class. * Load database into buffer in Logic::setup() * Move include to separate folder - this solves problem with app.h file from different package. [Verification] Run cert-checker-tests. All should pass. Change-Id: I809951a17fd44d5258ad91e480b6914e92d1058b
2015-05-27Add DPL code (needed for database support)Janusz Kozerski23-0/+3100
Changes: * change namespace from DPL to CCHECKER. * change LogPenantic -> LogDebug (journal doesn't support pedantic) * naiveSynchronizationObject() uses STL thread and chrono instead of DPL/thread Change-Id: I553a71dd5befbe4bc4d18f7582955af6ea329db7
2015-05-27Add classes: Logic, App_t. Add journal loging supportJanusz Kozerski8-0/+614
Class Logic has only dbus callbacks implemetation (package-manager, connman), beside it it's empty implementation. Verification: 1) Build cert-checker with debug, and install on emulator. 2) Run cert-checker - do it in emulator UI console (not via ssh). 3) On other console in emulator UI run command: journalctl -f | grep cert-checker - to see the logs. 4) On third console turn on and off offline mode on device: /usr/sbin/connmanctl enable offline /usr/sbin/connmanctl disable offline 5) You should see logs from cert-checker in journal 6) Install any app to check if package-manager signal works in cert-checker: pkgcmd -i -t wgt -p /usr/share/widget_demo/go.wgt -q 7) Check if logs are present. Change-Id: Ic7d6fc4f47ca9ced18744ad8a77f8516b75304e3
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-14 20:52:43 +0000