Security-55471.14.18.tar.gz

[apple/security.git] / libsecurity_codesigning / lib / bundlediskrep.h

diff --git a/libsecurity_codesigning/lib/bundlediskrep.h b/libsecurity_codesigning/lib/bundlediskrep.h
index 6dfb12fb805d3cc95660c511e6cc21a9e3ae1820..a697237ae899ffedc44c00d2060e6fc0b5ad5641 100644 (file)
--- a/libsecurity_codesigning/lib/bundlediskrep.h
+++ b/libsecurity_codesigning/lib/bundlediskrep.h
@@ -56,8 +56,9 @@ public:
        CFDataRef component(CodeDirectory::SpecialSlot slot);
        CFDataRef identification();
        std::string mainExecutablePath();
-       CFURLRef canonicalPath();
+       CFURLRef copyCanonicalPath();
        std::string resourcesRootPath();
+       std::string resourcesRelativePath();
        void adjustResources(ResourceBuilder &builder);
        Universal *mainExecutableImage();
        size_t signingBase();
@@ -72,6 +73,9 @@ public:
        const Requirements *defaultRequirements(const Architecture *arch, const SigningContext &ctx);
        size_t pageSize(const SigningContext &ctx);
 
+       void strictValidate(const ToleratedErrors& tolerated);
+       CFArrayRef allowedResourceOmissions();
+
        CFBundleRef bundle() const { return mBundle; }
        
 public:
@@ -87,6 +91,9 @@ protected:
 private:
        void setup(const Context *ctx);                 // shared init
        void checkModifiedFile(CFMutableArrayRef files, CodeDirectory::SpecialSlot slot);
+       CFDataRef loadRegularFile(CFURLRef url);
+       void recordStrictError(OSStatus error);
+       void validateFrameworkRoot(std::string root);
 
 private:
        CFRef<CFBundleRef> mBundle;
@@ -96,6 +103,7 @@ private:
        bool mInstallerPackage;                                 // is an installer (not executable) bundle
        string mFormat;                                                 // format description string
        RefPointer<DiskRep> mExecRep;                   // DiskRep for main executable file
+       std::set<OSStatus> mStrictErrors;               // strict validation errors encountered
 };