diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2021-09-13 13:17:26 +0300 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2021-09-13 13:18:17 +0300 |
| commit | 9f07a3447ea1e8fb67cdbd5c30b2ea144e826490 (patch) | |
| tree | 7f2d3df2336737fce12fabe0bda8e3f243403950 | |
| parent | a278d112877a0c347e42694d399d62ebbafc1dee (diff) | |
| download | apk-tools-9f07a3447ea1e8fb67cdbd5c30b2ea144e826490.tar.gz apk-tools-9f07a3447ea1e8fb67cdbd5c30b2ea144e826490.tar.bz2 apk-tools-9f07a3447ea1e8fb67cdbd5c30b2ea144e826490.tar.xz apk-tools-9f07a3447ea1e8fb67cdbd5c30b2ea144e826490.zip | |
adb: fix --allow-untrusted to work again
and fix the error code if untrusted adb is seen
| -rw-r--r-- | src/adb.c | 14 | ||||
| -rw-r--r-- | src/context.c | 1 |
2 files changed, 11 insertions, 4 deletions
@@ -82,7 +82,7 @@ static int __adb_m_parse(struct adb *db, apk_blob_t data, struct apk_trust *t, struct adb_verify_ctx vfy = {}; struct adb_block *blk; struct apk_istream is; - int r = 0, trusted = t ? 0 : 1; + int r = 0, trusted = (t && t->allow_untrusted) ? 1 : 0; uint32_t type, allowed = BIT(ADB_BLOCK_ADB); adb_foreach_block(blk, data) { @@ -112,7 +112,10 @@ static int __adb_m_parse(struct adb *db, apk_blob_t data, struct apk_trust *t, break; case ADB_BLOCK_DATA: allowed = BIT(ADB_BLOCK_DATA) | BIT(ADB_BLOCK_DATAX); - if (!trusted) goto err; + if (!trusted) { + r = -APKE_SIGNATURE_UNTRUSTED; + goto err; + } break; case ADB_BLOCK_DATAX: r = -APKE_ADB_BLOCK; @@ -170,7 +173,7 @@ static int __adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expec struct adb_block blk; struct apk_segment_istream seg; void *sig; - int r = 0, trusted = t ? 0 : 1; + int r = 0, trusted = (t && t->allow_untrusted) ? 1 : 0; uint32_t type, allowed = BIT(ADB_BLOCK_ADB); size_t sz; @@ -229,7 +232,10 @@ static int __adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expec break; case ADB_BLOCK_DATA: allowed = BIT(ADB_BLOCK_DATA) | BIT(ADB_BLOCK_DATAX); - if (!trusted) goto err; + if (!trusted) { + r = -APKE_SIGNATURE_UNTRUSTED; + goto err; + } break; case ADB_BLOCK_DATAX: r = -APKE_ADB_BLOCK; diff --git a/src/context.c b/src/context.c index 9298a5a..ea3ae0b 100644 --- a/src/context.c +++ b/src/context.c @@ -38,6 +38,7 @@ int apk_ctx_prepare(struct apk_ctx *ac) ac->open_flags &= ~(APK_OPENF_CREATE | APK_OPENF_WRITE); ac->open_flags |= APK_OPENF_READ; } + if (ac->flags & APK_ALLOW_UNTRUSTED) ac->trust.allow_untrusted = 1; if (!ac->cache_dir) ac->cache_dir = "etc/apk/cache"; if (!ac->keys_dir) ac->keys_dir = "etc/apk/keys"; if (!ac->root) ac->root = "/"; |