diff options
author | Benoit Goby <benoit@android.com> | 2013-01-28 23:33:27 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2013-01-28 23:33:28 +0000 |
commit | 83dee8e4e5346553f435626b46487d51b1e0ff2d (patch) | |
tree | a9a76c2db72dabfc093f3df2df99422e241f46a4 | |
parent | 078ca5e30d04b10e2d6f6811a149643d255d4dc1 (diff) | |
parent | 345cb066d2e0c774c877a85d3035f298df1daf16 (diff) | |
download | system_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.zip system_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.tar.gz system_core-83dee8e4e5346553f435626b46487d51b1e0ff2d.tar.bz2 |
Merge "adb: Read secure adb keys on every auth request"
-rw-r--r-- | adb/adb_auth.h | 2 | ||||
-rw-r--r-- | adb/adb_auth_client.c | 23 |
2 files changed, 11 insertions, 14 deletions
diff --git a/adb/adb_auth.h b/adb/adb_auth.h index 1fffa49..96f637b 100644 --- a/adb/adb_auth.h +++ b/adb/adb_auth.h @@ -36,7 +36,6 @@ int adb_auth_get_userkey(unsigned char *data, size_t len); static inline int adb_auth_generate_token(void *token, size_t token_size) { return 0; } static inline int adb_auth_verify(void *token, void *sig, int siglen) { return 0; } static inline void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t) { } -static inline void adb_auth_reload_keys(void) { } #else // !ADB_HOST @@ -47,7 +46,6 @@ static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return int adb_auth_generate_token(void *token, size_t token_size); int adb_auth_verify(void *token, void *sig, int siglen); void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t); -void adb_auth_reload_keys(void); #endif // ADB_HOST diff --git a/adb/adb_auth_client.c b/adb/adb_auth_client.c index 0b4913e..a4ad18f 100644 --- a/adb/adb_auth_client.c +++ b/adb/adb_auth_client.c @@ -34,8 +34,6 @@ struct adb_public_key { RSAPublicKey key; }; -static struct listnode key_list; - static char *key_paths[] = { "/adb_keys", "/data/misc/adb/adb_keys", @@ -102,18 +100,18 @@ static void free_keys(struct listnode *list) } } -void adb_auth_reload_keys(void) +static void load_keys(struct listnode *list) { char *path; char **paths = key_paths; struct stat buf; - free_keys(&key_list); + list_init(list); while ((path = *paths++)) { if (!stat(path, &buf)) { D("Loading keys from '%s'\n", path); - read_keys(path, &key_list); + read_keys(path, list); } } } @@ -137,19 +135,24 @@ int adb_auth_verify(void *token, void *sig, int siglen) { struct listnode *item; struct adb_public_key *key; - int ret; + struct listnode key_list; + int ret = 0; if (siglen != RSANUMBYTES) return 0; + load_keys(&key_list); + list_for_each(item, &key_list) { key = node_to_item(item, struct adb_public_key, node); ret = RSA_verify(&key->key, sig, siglen, token); if (ret) - return 1; + break; } - return 0; + free_keys(&key_list); + + return ret; } static void adb_auth_event(int fd, unsigned events, void *data) @@ -166,7 +169,6 @@ static void adb_auth_event(int fd, unsigned events, void *data) framework_fd = -1; } else if (ret == 2 && response[0] == 'O' && response[1] == 'K') { - adb_auth_reload_keys(); adb_auth_verified(t); } } @@ -225,9 +227,6 @@ void adb_auth_init(void) { int fd, ret; - list_init(&key_list); - adb_auth_reload_keys(); - fd = android_get_control_socket("adbd"); if (fd < 0) { D("Failed to get adbd socket\n"); |