From adbfc3e8b2fa6ab4962667624c008b36e24d7bf9 Mon Sep 17 00:00:00 2001
From: Ingo Huerner <ingo.huerner@xse.de>
Date: Tue, 4 Nov 2014 13:30:35 +0100
Subject: Disable application validation in pclInitLibrary; activate this
 feature using --enable-appcheck in the configure step

---
 configure.ac                     | 19 +++++++++++++++++++
 src/persistence_client_library.c |  6 +++++-
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 2e40aec..25d7b19 100644
--- a/configure.ac
+++ b/configure.ac
@@ -163,6 +163,25 @@ fi
 ######################################################################
 
 
+# enable persistence application security check ###########
+AC_ARG_ENABLE([appcheck],
+            [AS_HELP_STRING([--enable-appcheck],[Enable application security check])],
+            [use_appcheck=$enableval],
+            [use_appcheck="no"])
+
+AM_CONDITIONAL([USE_APPCHECK], [test x"$use_appcheck" = "no"])
+
+if test "$use_appcheck" != "yes" -a "$use_appcheck" != "no"; then   
+   AC_MSG_ERROR([Invalid application security check: $use_appcheck. Only "yes" or "no" is valid])
+else   
+   AC_MSG_NOTICE([Use application security check: $use_appcheck])
+
+   if test "$use_appcheck" = "yes"; then
+      AC_DEFINE_UNQUOTED([USE_APPCHECK], [1], [application check enabled])   
+   fi
+fi
+######################################################################
+
 AC_ARG_ENABLE(debug,
 AS_HELP_STRING([--enable-debug],
                [enable debugging, default: no]),
diff --git a/src/persistence_client_library.c b/src/persistence_client_library.c
index d675695..e01a8f2 100644
--- a/src/persistence_client_library.c
+++ b/src/persistence_client_library.c
@@ -79,7 +79,8 @@ int pclInitLibrary(const char* appName, int shutdownMode)
       DLT_REGISTER_CONTEXT(gPclDLTContext,"PCL","Context for persistence client library logging");
       DLT_LOG(gPclDLTContext, DLT_LOG_INFO, DLT_STRING("pclInitLibrary => I N I T  Persistence Client Library - "), DLT_STRING(appName),
                               DLT_STRING("- init counter: "), DLT_INT(gPclInitialized) );
-
+#if USE_APPCHECK
+      printf("SECURITY check enabled!!!!!\n");
       /* security check for valid application:
          if the RCT table exists, the application is proven to be valid,
          otherwise return EPERS_NOPRCTABLE  */
@@ -88,6 +89,7 @@ int pclInitLibrary(const char* appName, int shutdownMode)
 
       if(access(rctFilename, F_OK) == 0)
       {
+#endif
         char blacklistPath[DbPathMaxLen] = {0};
 
 #if USE_FILECACHE
@@ -161,11 +163,13 @@ int pclInitLibrary(const char* appName, int shutdownMode)
       gAppId[MaxAppNameLen-1] = '\0';
 
       gPclInitialized++;
+#if USE_APPCHECK
       }
       else
       {
         rval = EPERS_NOPRCTABLE;
       }
+#endif
    }
    else if(gPclInitialized >= PCLinitialized)
    {
-- 
cgit v1.2.1