diff options
author | Gilad Arnold <garnold@google.com> | 2015-08-24 14:55:07 -0700 |
---|---|---|
committer | Gilad Arnold <garnold@google.com> | 2015-08-25 20:01:22 -0700 |
commit | c300c30a28a8673d5c53981c72149a9fb6b3d17a (patch) | |
tree | 89d73efa111263069f4023d68bc2638bc8d23315 | |
parent | 90cf470a3becacdfea8461f4848d51c1030436cd (diff) | |
download | tlsdate-c300c30a28a8673d5c53981c72149a9fb6b3d17a.tar.gz |
Build tlsdate and tlsdated in AOSP.
The tlsdate-helper target fails due to OpenSSL/BoringSSL
incompatibilities and is currently commented out.
Additionally new unprivileged user/group need to be allocated then set
here.
Bug: 22373707
Change-Id: Ie3b7c0a4284dca4bfcbf2be90ec2870471279e75
-rw-r--r-- | Android.mk | 68 | ||||
-rw-r--r-- | config.h | 304 | ||||
-rw-r--r-- | dbus/org.torproject.tlsdate.conf | 31 | ||||
-rw-r--r-- | src/configmake.h | 8 |
4 files changed, 411 insertions, 0 deletions
diff --git a/Android.mk b/Android.mk new file mode 100644 index 0000000..b175829 --- /dev/null +++ b/Android.mk @@ -0,0 +1,68 @@ +# Copyright (C) 2015 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +LOCAL_PATH := $(call my-dir) + +define tlsdate_common + LOCAL_CFLAGS += \ + -DWITH_EVENTS -DHAVE_DBUS -DHAVE_CROS -DHAVE_PV_UIO \ + -DRECENT_COMPILE_DATE=$(shell date +%sL) \ + -DTARGET_OS_LINUX -Wall -Werror -Wno-unused-parameter +endef + + +include $(CLEAR_VARS) +LOCAL_MODULE := tlsdate +LOCAL_SRC_FILES := src/tlsdate.c +$(eval $(tlsdate_common)) +include $(BUILD_EXECUTABLE) + + +#include $(CLEAR_VARS) +#LOCAL_MODULE := tlsdate-helper +#LOCAL_SRC_FILES := \ +# src/proxy-bio.c \ +# src/seccomp.c \ +# src/tlsdate-helper.c \ +# src/util.c +#LOCAL_SHARED_LIBRARIES := libcrypto libevent +#$(eval $(tlsdate_common)) +#include $(BUILD_EXECUTABLE) + + +include $(CLEAR_VARS) +LOCAL_MODULE := tlsdated +LOCAL_SRC_FILES := \ + src/conf.c \ + src/dbus.c \ + src/events/check_continuity.c \ + src/events/kickoff_time_sync.c \ + src/events/route_up.c \ + src/events/run_tlsdate.c \ + src/events/save.c \ + src/events/sigchld.c \ + src/events/sigterm.c \ + src/events/time_set.c \ + src/events/tlsdate_status.c \ + src/platform-cros.c \ + src/routeup.c \ + src/seccomp.c \ + src/tlsdate-monitor.c \ + src/tlsdate-setter.c \ + src/tlsdated.c \ + src/util.c +LOCAL_CFLAGS := -DTLSDATED_MAIN +LOCAL_SHARED_LIBRARIES := libcrypto libdbus libevent +$(eval $(tlsdate_common)) +include $(BUILD_EXECUTABLE) diff --git a/config.h b/config.h new file mode 100644 index 0000000..438a800 --- /dev/null +++ b/config.h @@ -0,0 +1,304 @@ +/* config.h. Generated from config.in by configure. */ +/* config.in. Generated from configure.ac by autoheader. */ + + +#pragma once + +/* _SYS_FEATURE_TESTS_H is Solaris, _FEATURES_H is GCC */ +#if defined( _SYS_FEATURE_TESTS_H) || defined(_FEATURES_H) +#error "You should include config.h as your first include file" +#endif + + + +/* DBus client group */ +#define DBUS_CLIENT_GROUP "root" + +/* Another magical number */ +/* #undef EAI_SYSTEM */ + +/* Defined if we are to build for an Android system */ +#define HAVE_ANDROID 1 + +/* Define to 1 if you have the <arpa/inet.h> header file. */ +#define HAVE_ARPA_INET_H 1 + +/* Enable CrOS support */ +/* #undef HAVE_CROS */ + +/* dbus enabled */ +/* #undef HAVE_DBUS */ + +/* Define to 1 if you have the <dlfcn.h> header file. */ +#define HAVE_DLFCN_H 1 + +/* Define to 1 if you have the `fmemopen' function. */ +/* #undef HAVE_FMEMOPEN */ + +/* Define to 1 if you have the `funopen' function. */ +/* #undef HAVE_FUNOPEN */ + +/* Define to 1 if you have the <getopt.h> header file. */ +#define HAVE_GETOPT_H 1 + +/* Define to 1 if you have the `gettimeofday' function. */ +#define HAVE_GETTIMEOFDAY 1 + +/* Define to 1 if you have the <grp.h> header file. */ +#define HAVE_GRP_H 1 + +/* Define to 1 if you have the <inttypes.h> header file. */ +#define HAVE_INTTYPES_H 1 + +/* Define to 1 if you have the <linux/rtc.h> header file. */ +#define HAVE_LINUX_RTC_H 1 + +/* Define to 1 if you have the <mach/clock.h> header file. */ +/* #undef HAVE_MACH_CLOCK_H */ + +/* Define to 1 if you have the <mach/mach.h> header file. */ +/* #undef HAVE_MACH_MACH_H */ + +/* Define to 1 if you have the <memory.h> header file. */ +#define HAVE_MEMORY_H 1 + +/* Define to 1 if you have the <openssl/bio.h> header file. */ +#define HAVE_OPENSSL_BIO_H 1 + +/* Define to 1 if you have the <openssl/err.h> header file. */ +#define HAVE_OPENSSL_ERR_H 1 + +/* Define to 1 if you have the <openssl/evp.h> header file. */ +#define HAVE_OPENSSL_EVP_H 1 + +/* Define to 1 if you have the <openssl/ssl.h> header file. */ +#define HAVE_OPENSSL_SSL_H 1 + +/* Define to 1 if you have the `prctl' function. */ +#define HAVE_PRCTL 1 + +/* Define to 1 if you have the `preadv' function. */ +/* #undef HAVE_PREADV */ + +/* Define to 1 if you have the <pwd.h> header file. */ +#define HAVE_PWD_H 1 + +/* Define to 1 if you have the `pwritev' function. */ +/* #undef HAVE_PWRITEV */ + +/* Enable seccomp filter */ +#define HAVE_SECCOMP_FILTER 1 + +/* Define to 1 if you have the `setresuid' function. */ +#define HAVE_SETRESUID 1 + +/* Define to 1 if you have the <stdint.h> header file. */ +#define HAVE_STDINT_H 1 + +/* Define to 1 if you have the <stdio.h> header file. */ +#define HAVE_STDIO_H 1 + +/* Define to 1 if you have the <stdlib.h> header file. */ +#define HAVE_STDLIB_H 1 + +/* Define to 1 if you have the `strchrnul' function. */ +/* undef HAVE_STRCHRNUL */ + +/* Define to 1 if you have the <strings.h> header file. */ +#define HAVE_STRINGS_H 1 + +/* Define to 1 if you have the <string.h> header file. */ +#define HAVE_STRING_H 1 + +/* Define to 1 if you have the `strnlen' function. */ +#define HAVE_STRNLEN 1 + +/* Define to 1 if the system has the type `struct rtc_time'. */ +#define HAVE_STRUCT_RTC_TIME 1 + +/* Define to 1 if you have the <sys/mman.h> header file. */ +#define HAVE_SYS_MMAN_H 1 + +/* Define to 1 if you have the <sys/socket.h> header file. */ +#define HAVE_SYS_SOCKET_H 1 + +/* Define to 1 if you have the <sys/stat.h> header file. */ +#define HAVE_SYS_STAT_H 1 + +/* Define to 1 if you have the <sys/time.h> header file. */ +#define HAVE_SYS_TIME_H 1 + +/* Define to 1 if you have the <sys/types.h> header file. */ +#define HAVE_SYS_TYPES_H 1 + +/* Define to 1 if you have the <sys/wait.h> header file. */ +#define HAVE_SYS_WAIT_H 1 + +/* Define to 1 if you have the <time.h> header file. */ +#define HAVE_TIME_H 1 + +/* Define to 1 if you have the <unistd.h> header file. */ +#define HAVE_UNISTD_H 1 + +/* Define to 1 or 0, depending whether the compiler supports simple visibility + declarations. */ +#define HAVE_VISIBILITY 1 + +/* CPU of Build System */ +/* #undef HOST_CPU */ + +/* OS of Build System */ +/* #undef HOST_OS */ + +/* Vendor of Build System */ +/* #undef HOST_VENDOR */ + +/* User-Agent value to send when running as an HTTPS client */ +#define HTTPS_USER_AGENT "TLSDate/0.0.13" + +/* Define to the sub-directory in which libtool stores uninstalled libraries. + */ +#define LT_OBJDIR ".libs/" + +/* Name of package */ +#define PACKAGE "tlsdate" + +/* Define to the address where bug reports for this package should be sent. */ +#define PACKAGE_BUGREPORT "jacob at appelbaum.net" + +/* Define to the full name of this package. */ +#define PACKAGE_NAME "tlsdate" + +/* Define to the full name and version of this package. */ +#define PACKAGE_STRING "tlsdate 0.0.13" + +/* Define to the one symbol short name of this package. */ +#define PACKAGE_TARNAME "tlsdate" + +/* Define to the home page for this package. */ +#define PACKAGE_URL "" + +/* Define to the version of this package. */ +#define PACKAGE_VERSION "0.0.13" + +/* TODO Automate conditional definition of this symbol. */ +/* Time in seconds since the Disco epoch at build time */ +#ifndef RECENT_COMPILE_DATE +# define RECENT_COMPILE_DATE 1440540554L +#endif + +/* Enable seccomp filter debugging */ +/* #undef SECCOMP_FILTER_DEBUG */ + +/* Define to 1 if you have the ANSI C header files. */ +#define STDC_HEADERS 1 + +/* CPU of Target System */ +/* #undef TARGET_CPU */ + +/* OS of Target System */ +/* #undef TARGET_OS */ + +/* Whether we are building for some other *BSD */ +/* #undef TARGET_OS_BSD */ + +/* Whether we build for Cygwin */ +/* #undef TARGET_OS_CYGWIN */ + +/* Whether we are building for DragonFly BSD */ +/* #undef TARGET_OS_DRAGONFLYBSD */ + +/* Whether we are building for FreeBSD */ +/* #undef TARGET_OS_FREEBSD */ + +/* Whether we build for GNU/Hurd */ +/* #undef TARGET_OS_GNUHURD */ + +/* Whether we are building for GNU/kFreeBSD */ +/* #undef TARGET_OS_GNUKFREEBSD */ + +/* Whether we build for Haiku */ +/* #undef TARGET_OS_HAIKU */ + +/* Whether we build for Linux */ +#define TARGET_OS_LINUX 1 + +/* Whether we build for MinGW */ +/* #undef TARGET_OS_MINGW */ + +/* Whether we are building for NetBSD */ +/* #undef TARGET_OS_NETBSD */ + +/* Whether we are building for OpenBSD */ +/* #undef TARGET_OS_OPENBSD */ + +/* Whether we build for OSX */ +/* #undef TARGET_OS_OSX */ + +/* Whether we are building for Solaris */ +/* #undef TARGET_OS_SOLARIS */ + +/* Whether we are building for Windows */ +/* #undef TARGET_OS_WINDOWS */ + +/* Vendor of Target System */ +/* #undef TARGET_VENDOR */ + +/* TODO Reserve proper unprivileged uid/gid for the helper. */ +/* Unprivileged group */ +#define UNPRIV_GROUP "nogroup" + +/* Unprivileged user */ +#define UNPRIV_USER "nobody" + +/* if PolarSSL is enabled */ +/* #undef USE_POLARSSL */ + +/* Enable extensions on AIX 3, Interix. */ +#ifndef _ALL_SOURCE +# define _ALL_SOURCE 1 +#endif +/* Enable GNU extensions on systems that have them. */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE 1 +#endif +/* Enable threading extensions on Solaris. */ +#ifndef _POSIX_PTHREAD_SEMANTICS +# define _POSIX_PTHREAD_SEMANTICS 1 +#endif +/* Enable extensions on HP NonStop. */ +#ifndef _TANDEM_SOURCE +# define _TANDEM_SOURCE 1 +#endif +/* Enable general extensions on Solaris. */ +#ifndef __EXTENSIONS__ +# define __EXTENSIONS__ 1 +#endif + + +/* Version number of package */ +#define VERSION "0.0.13" + +/* Version of Windows */ +/* #undef WINVER */ + +/* Define to 1 if on MINIX. */ +/* #undef _MINIX */ + +/* Define to 2 if the system does not provide POSIX.1 features except with + this defined. */ +/* #undef _POSIX_1_SOURCE */ + +/* Define to 1 if you need to in order for `stat' and other things to work. */ +/* #undef _POSIX_SOURCE */ + +/* Magical number to make things work */ +/* #undef _WIN32_WINNT */ + + +#ifndef HAVE_SYS_SOCKET_H +# define SHUT_RD SD_RECEIVE +# define SHUT_WR SD_SEND +# define SHUT_RDWR SD_BOTH +#endif + diff --git a/dbus/org.torproject.tlsdate.conf b/dbus/org.torproject.tlsdate.conf new file mode 100644 index 0000000..78e055a --- /dev/null +++ b/dbus/org.torproject.tlsdate.conf @@ -0,0 +1,31 @@ +<!DOCTYPE busconfig PUBLIC + "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + + <!-- Only certain user can own the tlsdated service --> + <policy user="nobody"> + <allow own="org.torproject.tlsdate"/> + </policy> + + <!-- Allow anyone in the given group to invoke methods --> + <policy group="root"> + <allow send_destination="org.torproject.tlsdate" + send_interface="org.torproject.tlsdate" + send_member="LastSyncInfo"/> + <allow send_destination="org.torproject.tlsdate" + send_interface="org.torproject.tlsdate" + send_member="SetTime"/> + <allow send_destination="org.torproject.tlsdate" + send_interface="org.torproject.tlsdate" + send_member="CanSetTime"/> + </policy> + + <!-- Disallow anyone to invoke methods on tlsdated interface --> + <policy context="default"> + <deny send_interface="org.torproject.tlsdate" /> + <allow send_destination="org.torproject.tlsdate" + send_interface="org.torproject.tlsdate" + send_member="LastSyncInfo"/> + </policy> +</busconfig> diff --git a/src/configmake.h b/src/configmake.h new file mode 100644 index 0000000..46c299d --- /dev/null +++ b/src/configmake.h @@ -0,0 +1,8 @@ +/* DO NOT EDIT! GENERATED AUTOMATICALLY! */ +#define TLSDATE_CONFIG "/system/etc/ca-roots/" +#define TLSDATE_CERTFILE "/system/etc/tlsdate/ca-roots/tlsdate-ca-roots.conf" +#define TLSDATE_CONF_DIR "/system/etc/tlsdate/" +#define TLSDATE_HELPER "/system/bin/tlsdate-helper" +#define TLSDATE "/system/bin/tlsdate" +#define TLSDATED "/system/bin/tlsdated" +#define TLSDATE_DBUS_ANNOUNCE "/system/bin/tlsdate-dbus-announce" |