Merge "adb: Read secure adb keys on every auth request"
This commit is contained in:
commit
83dee8e4e5
|
@ -36,7 +36,6 @@ int adb_auth_get_userkey(unsigned char *data, size_t len);
|
|||
static inline int adb_auth_generate_token(void *token, size_t token_size) { return 0; }
|
||||
static inline int adb_auth_verify(void *token, void *sig, int siglen) { return 0; }
|
||||
static inline void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t) { }
|
||||
static inline void adb_auth_reload_keys(void) { }
|
||||
|
||||
#else // !ADB_HOST
|
||||
|
||||
|
@ -47,7 +46,6 @@ static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return
|
|||
int adb_auth_generate_token(void *token, size_t token_size);
|
||||
int adb_auth_verify(void *token, void *sig, int siglen);
|
||||
void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t);
|
||||
void adb_auth_reload_keys(void);
|
||||
|
||||
#endif // ADB_HOST
|
||||
|
||||
|
|
|
@ -34,8 +34,6 @@ struct adb_public_key {
|
|||
RSAPublicKey key;
|
||||
};
|
||||
|
||||
static struct listnode key_list;
|
||||
|
||||
static char *key_paths[] = {
|
||||
"/adb_keys",
|
||||
"/data/misc/adb/adb_keys",
|
||||
|
@ -102,18 +100,18 @@ static void free_keys(struct listnode *list)
|
|||
}
|
||||
}
|
||||
|
||||
void adb_auth_reload_keys(void)
|
||||
static void load_keys(struct listnode *list)
|
||||
{
|
||||
char *path;
|
||||
char **paths = key_paths;
|
||||
struct stat buf;
|
||||
|
||||
free_keys(&key_list);
|
||||
list_init(list);
|
||||
|
||||
while ((path = *paths++)) {
|
||||
if (!stat(path, &buf)) {
|
||||
D("Loading keys from '%s'\n", path);
|
||||
read_keys(path, &key_list);
|
||||
read_keys(path, list);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -137,19 +135,24 @@ int adb_auth_verify(void *token, void *sig, int siglen)
|
|||
{
|
||||
struct listnode *item;
|
||||
struct adb_public_key *key;
|
||||
int ret;
|
||||
struct listnode key_list;
|
||||
int ret = 0;
|
||||
|
||||
if (siglen != RSANUMBYTES)
|
||||
return 0;
|
||||
|
||||
load_keys(&key_list);
|
||||
|
||||
list_for_each(item, &key_list) {
|
||||
key = node_to_item(item, struct adb_public_key, node);
|
||||
ret = RSA_verify(&key->key, sig, siglen, token);
|
||||
if (ret)
|
||||
return 1;
|
||||
break;
|
||||
}
|
||||
|
||||
return 0;
|
||||
free_keys(&key_list);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void adb_auth_event(int fd, unsigned events, void *data)
|
||||
|
@ -166,7 +169,6 @@ static void adb_auth_event(int fd, unsigned events, void *data)
|
|||
framework_fd = -1;
|
||||
}
|
||||
else if (ret == 2 && response[0] == 'O' && response[1] == 'K') {
|
||||
adb_auth_reload_keys();
|
||||
adb_auth_verified(t);
|
||||
}
|
||||
}
|
||||
|
@ -225,9 +227,6 @@ void adb_auth_init(void)
|
|||
{
|
||||
int fd, ret;
|
||||
|
||||
list_init(&key_list);
|
||||
adb_auth_reload_keys();
|
||||
|
||||
fd = android_get_control_socket("adbd");
|
||||
if (fd < 0) {
|
||||
D("Failed to get adbd socket\n");
|
||||
|
|
Loading…
Reference in New Issue