]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/Code.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.120.7.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / Code.cpp
diff --git a/OSX/libsecurity_codesigning/lib/Code.cpp b/OSX/libsecurity_codesigning/lib/Code.cpp
index 8de98a3782796cc7a139096cfb41f32e25915c36..712b2ff4cf0f4bfa67f56ac2c826376ce5ec3968 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/Code.cpp
+++ b/OSX/libsecurity_codesigning/lib/Code.cpp
@@ -26,10 +26,10 @@
 //
 #include "Code.h"
 #include "StaticCode.h"
-#include <Security/SecCodeHost.h>
 #include "cskernel.h"
 #include <security_utilities/cfmunge.h>
 #include <security_utilities/debugging.h>
+#include "SecInternalReleasePriv.h"
 
 namespace Security {
 namespace CodeSigning {
@@ -206,13 +206,27 @@ void SecCode::checkValidity(SecCSFlags flags)
 
        // check my static state
        myDisk->validateNonResourceComponents();        // also validates the CodeDirectory
-       if (flags & kSecCSStrictValidate)
+       if (flags & kSecCSStrictValidate) {
                myDisk->diskRep()->strictValidate(myDisk->codeDirectory(), DiskRep::ToleratedErrors(), flags);
+       } else if (flags & kSecCSStrictValidateStructure) {
+               myDisk->diskRep()->strictValidateStructure(myDisk->codeDirectory(), DiskRep::ToleratedErrors(), flags);
+       }
 
        // check my own dynamic state
-       if (!(this->host()->getGuestStatus(this) & kSecCodeStatusValid))
-               MacOSError::throwMe(errSecCSGuestInvalid);
-       
+       SecCodeStatus dynamic_status = this->host()->getGuestStatus(this);
+       bool isValid = (dynamic_status & kSecCodeStatusValid) != 0;
+       if (!isValid) {
+               bool isDebugged = (dynamic_status & kSecCodeStatusDebugged) != 0;
+               bool isPlatform = (dynamic_status & kSecCodeStatusPlatform) != 0;
+               bool isInternal = SecIsInternalRelease();
+
+               if (!isDebugged || (isPlatform && !isInternal)) {
+                       // fatal if the code is invalid and not being debugged, but
+                       // never let platform code be debugged except on internal systems.
+                       MacOSError::throwMe(errSecCSGuestInvalid);
+               }
+       }
+
        // check that static and dynamic views are consistent
        if (this->cdHash() && !CFEqual(this->cdHash(), myDisk->cdHash()))
                MacOSError::throwMe(errSecCSStaticCodeChanged);
mirror of Security