Changeset 34442 in vbox

Timestamp:

Nov 29, 2010 12:25:17 AM (14 years ago)

Author:

vboxsync

Message:

bugfixing

Location:

trunk/src/VBox

Files:

• Main/VBoxExtPackHelperApp.cpp (modified) (12 diffs)
• Runtime/common/checksum/manifest2.cpp (modified) (1 diff)

trunk/src/VBox/Main/VBoxExtPackHelperApp.cpp

@@ -86 +86 @@
                       "Usage: %s <command> [options]\n"
                       "Commands:\n"
-                      "    install --base-dir <dir> --certificate-dir <dir> --name <name> \\\n"
+                      "    install --base-dir <dir> --cert-dir <dir> --name <name> \\\n"
                       "        --tarball <tarball> --tarball-fd <fd>\n"
                       "    uninstall --base-dir <dir> --name <name>\n"
@@ -231 +231 @@
 static RTEXITCODE SetExtPackPermissions(const char *pszDir)
 {
+    RTMsgInfo("Setting permissions...");
 #if !defined(RT_OS_WINDOWS)
      int rc = RTPathSetMode(pszDir, 0755);
@@ -239 +240 @@
 #endif
 
+    return RTEXITCODE_SUCCESS;
+}
+
+
+/**
+ * Verifies the manifest and its signature.
+ *
+ * @returns Program exit code, failure with message.
+ * @param   hManifestFile   The xml from the extension pack.
+ * @param   pszExtPackName  The expected extension pack name.
+ */
+static RTEXITCODE VerifyXml(RTVFSFILE hXmlFile, const char *pszExtPackName)
+{
+    /** @todo implement XML verification. */
     return RTEXITCODE_SUCCESS;
 }
@@ -294 +309 @@
     }
     else
-        RTMsgError("Error parsing '%s': %Rrc", VBOX_EXTPACK_MANIFEST_NAME);
+        RTMsgError("Error parsing '%s': %Rrc", VBOX_EXTPACK_MANIFEST_NAME, rc);
 
     RTManifestRelease(hTheirManifest);
@@ -356 +371 @@
             break;
         }
+
+        /* advance */
+        psz++;
     }
 
@@ -450 +468 @@
  * Operations performed:
  *      - Hardening checks.
- *      - XML validity check.
- *      - Name check (against XML).
  *
  * @returns The program exit code.
  * @param   pszDir              The directory where the extension pack has been
  *                              unpacked.
- * @param   pszName             The expected extension pack name.
+ * @param   pszExtPackName      The expected extension pack name.
  * @param   pszTarball          The name of the tarball in case we have to
  *                              complain about something.
  */
-static RTEXITCODE ValidateUnpackedExtPack(const char *pszDir, const char *pszTarball, const char *pszName)
-{
-    /** @todo  */
+static RTEXITCODE ValidateUnpackedExtPack(const char *pszDir, const char *pszTarball, const char *pszExtPackName)
+{
+    RTMsgInfo("Validating unpacked extension pack...");
+
+    char szErr[4096+1024];
+    int rc = SUPR3HardenedVerifyDir(pszDir, true /*fRecursive*/, true /*fCheckFiles*/, szErr, sizeof(szErr));
+    if (RT_FAILURE(rc))
+        return RTMsgErrorExit(RTEXITCODE_FAILURE, "Hardening check failed with %Rrc: %s", rc, szErr);
+    return RTEXITCODE_SUCCESS;
+}
+
+
+/**
+ * Unpacks a directory from an extension pack tarball.
+ *
+ * @returns Program exit code, failure with message.
+ * @param   pszDstDirName   The name of the unpacked directory.
+ * @param   hVfsObj         The source object for the directory.
+ */
+static RTEXITCODE UnpackExtPackDir(const char *pszDstDirName, RTVFSOBJ hVfsObj)
+{
+    int rc = RTDirCreate(pszDstDirName, 0755);
+    if (RT_FAILURE(rc))
+        return RTMsgErrorExit(RTEXITCODE_FAILURE, "Failed to create directory '%s': %Rrc", pszDstDirName, rc);
+    /** @todo Ownership tricks on windows? */
     return RTEXITCODE_SUCCESS;
 }
@@ -564 +602 @@
  * @param   hTarballFile        The tarball to unpack.
  * @param   pszDirDst           Where to unpack it.
+ * @param   hValidManifest      The manifest we've validated.
  * @param   pszTarball          The name of the tarball in case we have to
  *                              complain about something.
- * @todo    Needs to take the previous verified manifest as input.
- */
-static RTEXITCODE UnpackExtPack(RTFILE hTarballFile, const char *pszDirDst, const char *pszTarball)
-{
+ */
+static RTEXITCODE UnpackExtPack(RTFILE hTarballFile, const char *pszDirDst, RTMANIFEST hValidManifest,
+                                const char *pszTarball)
+{
+    RTMsgInfo("Unpacking extension pack into '%s'...", pszDirDst);
+
     /*
      * Set up the destination path and directory.
@@ -634 +675 @@
                     }
                     else
-                    {
-                        rc = RTDirCreate(szDstPath, 0755);
-                        if (RT_FAILURE(rc))
-                            rcExit = RTMsgErrorExit(RTEXITCODE_FAILURE, "Failed to create directory '%s': %Rrc", pszName, rc);
-                    }
+                        rcExit = UnpackExtPackDir(szDstPath, hVfsObj);
                 }
                 else
@@ -657 +694 @@
          * manifest.
          */
-        //if (rcExit == RTEXITCODE_SUCCESS)
-        /// @todo
+        if (rcExit == RTEXITCODE_SUCCESS)
+        {
+            char szEntry[RTPATH_MAX];
+            rc = RTManifestEqualsEx(hUnpackManifest, hValidManifest, NULL /*papszIgnoreEntries*/, NULL /*papszIgnoreAttr*/,
+                                    szEntry, sizeof(szEntry));
+            if (RT_SUCCESS(rc))
+                rc = RTEXITCODE_SUCCESS;
+            else if (rc == VERR_NOT_EQUAL && szEntry[0])
+                RTMsgError("Manifest mismatch: '%s'", szEntry);
+            else
+                RTMsgError("RTManifestEqualsEx failed: %Rrc", rc);
+        }
 
         RTManifestRelease(hUnpackManifest);
@@ -668 +715 @@
 
 
+
 /**
  * Validates the extension pack tarball prior to unpacking.
  *
  * Operations performed:
+ *      - Mandatory files.
  *      - Manifest check.
  *      - Manifest seal check.
- *      - Mandatory files.
+ *      - XML check, match name.
  *
  * @returns The program exit code.
  * @param   hTarballFile        The handle to open the @a pszTarball file.
+ * @param   pszExtPackName      The name of the extension pack name.
  * @param   pszTarball          The name of the tarball in case we have to
  *                              complain about something.
- *
- * @todo    Should validate the XML and name.
- * @todo    Needs to return a manifest.
- */
-static RTEXITCODE ValidateExtPackTarball(RTFILE hTarballFile, const char *pszTarball)
-{
+ * @param   phValidManifest     Where to return the handle to fully validated
+ *                              the manifest for the extension pack.  This
+ *                              includes all files.
+ *
+ * @todo    This function is a bit too long and should be split up if possible.
+ */
+static RTEXITCODE ValidateExtPackTarball(RTFILE hTarballFile, const char *pszExtPackName, const char *pszTarball,
+                                         PRTMANIFEST phValidManifest)
+{
+    *phValidManifest = NIL_RTMANIFEST;
+    RTMsgInfo("Validating extension pack '%s' ('%s')...", pszTarball, pszExtPackName);
+
     /*
      * Open the tar.gz filesystem stream and set up an manifest in-memory file.
@@ -831 +887 @@
             rcExit = VerifyManifestAndSignature(hOurManifest, hManifestFile, hSignatureFile);
 
-        RTManifestRelease(hOurManifest);   /** @todo return this and use it during unpacking */
+        /*
+         * Check the XML.
+         */
+        if (rcExit == RTEXITCODE_SUCCESS)
+            rcExit = VerifyXml(hXmlFile, pszExtPackName);
+
+        /*
+         * Release objects and stuff.
+         */
+        if (rcExit == RTEXITCODE_SUCCESS)
+            *phValidManifest = hOurManifest;
+        else
+            RTManifestRelease(hOurManifest);
 
         RTVfsFileRelease(hXmlFile);
@@ -923 +991 @@
         return RTMsgErrorExit(RTEXITCODE_FAILURE, "Failed to create temporary directory: %Rrc ('%s')", rc, szTmpPath);
 
-    RTEXITCODE rcExit = ValidateExtPackTarball(hTarballFile, pszTarball);
+    RTMANIFEST hValidManifest = NIL_RTMANIFEST;
+    RTEXITCODE rcExit = ValidateExtPackTarball(hTarballFile, pszName, pszTarball, &hValidManifest);
     if (rcExit == RTEXITCODE_SUCCESS)
-        rcExit = UnpackExtPack(hTarballFile, szTmpPath, pszTarball);
+        rcExit = UnpackExtPack(hTarballFile, szTmpPath, hValidManifest, pszTarball);
     if (rcExit == RTEXITCODE_SUCCESS)
         rcExit = ValidateUnpackedExtPack(szTmpPath, pszTarball, pszName);
     if (rcExit == RTEXITCODE_SUCCESS)
         rcExit = SetExtPackPermissions(szTmpPath);
+    RTManifestRelease(hValidManifest);
+
     if (rcExit == RTEXITCODE_SUCCESS)
     {

trunk/src/VBox/Runtime/common/checksum/manifest2.cpp

@@ -676 +676 @@
 
 
+#if 0
+static int rtManifestReadLine(RTVFSIOSTREAM hVfsIos, char *pszLine, size_t cbLine)
+{
+    /* This is horribly slow right now, but it's not a biggy as the input is
+       usually cached in memory somewhere... */
+    *pszLine = '\0';
+    while (cbLine > 1)
+    {
+        int rc = RTVfsIoStrmRead(hVfsIos, pszLine, 1, true /*fBLocking*/, NULL);
+        if (RT_FAILURE(rc))
+        {
+            *pszLine = '\0';
+            return rc == VERR_EOF ? VINF_EOF : rc;
+        }
+    }
+    return rc;
+}
+#endif
+
+
 /**
  * Reads in a "standard" manifest.