summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenoit Goby <benoit@android.com>2013-01-28 23:33:27 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2013-01-28 23:33:28 +0000
commit83dee8e4e5346553f435626b46487d51b1e0ff2d (patch)
treea9a76c2db72dabfc093f3df2df99422e241f46a4
parent078ca5e30d04b10e2d6f6811a149643d255d4dc1 (diff)
parent345cb066d2e0c774c877a85d3035f298df1daf16 (diff)
downloadsystem_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.zip
system_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.tar.gz
system_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.tar.bz2
Merge "adb: Read secure adb keys on every auth request"
-rw-r--r--adb/adb_auth.h2
-rw-r--r--adb/adb_auth_client.c23
2 files changed, 11 insertions, 14 deletions
diff --git a/adb/adb_auth.h b/adb/adb_auth.h
index 1fffa49..96f637b 100644
--- a/adb/adb_auth.h
+++ b/adb/adb_auth.h
@@ -36,7 +36,6 @@ int adb_auth_get_userkey(unsigned char *data, size_t len);
static inline int adb_auth_generate_token(void *token, size_t token_size) { return 0; }
static inline int adb_auth_verify(void *token, void *sig, int siglen) { return 0; }
static inline void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t) { }
-static inline void adb_auth_reload_keys(void) { }
#else // !ADB_HOST
@@ -47,7 +46,6 @@ static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return
int adb_auth_generate_token(void *token, size_t token_size);
int adb_auth_verify(void *token, void *sig, int siglen);
void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t);
-void adb_auth_reload_keys(void);
#endif // ADB_HOST
diff --git a/adb/adb_auth_client.c b/adb/adb_auth_client.c
index 0b4913e..a4ad18f 100644
--- a/adb/adb_auth_client.c
+++ b/adb/adb_auth_client.c
@@ -34,8 +34,6 @@ struct adb_public_key {
RSAPublicKey key;
};
-static struct listnode key_list;
-
static char *key_paths[] = {
"/adb_keys",
"/data/misc/adb/adb_keys",
@@ -102,18 +100,18 @@ static void free_keys(struct listnode *list)
}
}
-void adb_auth_reload_keys(void)
+static void load_keys(struct listnode *list)
{
char *path;
char **paths = key_paths;
struct stat buf;
- free_keys(&key_list);
+ list_init(list);
while ((path = *paths++)) {
if (!stat(path, &buf)) {
D("Loading keys from '%s'\n", path);
- read_keys(path, &key_list);
+ read_keys(path, list);
}
}
}
@@ -137,19 +135,24 @@ int adb_auth_verify(void *token, void *sig, int siglen)
{
struct listnode *item;
struct adb_public_key *key;
- int ret;
+ struct listnode key_list;
+ int ret = 0;
if (siglen != RSANUMBYTES)
return 0;
+ load_keys(&key_list);
+
list_for_each(item, &key_list) {
key = node_to_item(item, struct adb_public_key, node);
ret = RSA_verify(&key->key, sig, siglen, token);
if (ret)
- return 1;
+ break;
}
- return 0;
+ free_keys(&key_list);
+
+ return ret;
}
static void adb_auth_event(int fd, unsigned events, void *data)
@@ -166,7 +169,6 @@ static void adb_auth_event(int fd, unsigned events, void *data)
framework_fd = -1;
}
else if (ret == 2 && response[0] == 'O' && response[1] == 'K') {
- adb_auth_reload_keys();
adb_auth_verified(t);
}
}
@@ -225,9 +227,6 @@ void adb_auth_init(void)
{
int fd, ret;
- list_init(&key_list);
- adb_auth_reload_keys();
-
fd = android_get_control_socket("adbd");
if (fd < 0) {
D("Failed to get adbd socket\n");