func (p *pluginControl) returnPluginDetails(rp *core.RequestedPlugin) (*pluginDetails, serror.SnapError) {
details := &pluginDetails{}
var serr serror.SnapError
//Check plugin signing
details.Signed, serr = p.verifySignature(rp)
if serr != nil {
return nil, serr
}
details.Path = rp.Path()
details.CheckSum = rp.CheckSum()
details.Signature = rp.Signature()
if filepath.Ext(rp.Path()) == ".aci" {
f, err := os.Open(rp.Path())
if err != nil {
return nil, serror.New(err)
}
defer f.Close()
if err := aci.Validate(f); err != nil {
return nil, serror.New(err)
}
tempPath, err := aci.Extract(f)
if err != nil {
return nil, serror.New(err)
}
details.ExecPath = path.Join(tempPath, "rootfs")
if details.Manifest, err = aci.Manifest(f); err != nil {
return nil, serror.New(err)
}
details.Exec = details.Manifest.App.Exec[0]
details.IsPackage = true
} else {
details.IsPackage = false
details.Exec = filepath.Base(rp.Path())
details.ExecPath = filepath.Dir(rp.Path())
}
return details, nil
}
func (p *pluginControl) verifySignature(rp *core.RequestedPlugin) (bool, serror.SnapError) {
f := map[string]interface{}{
"_block": "verifySignature",
}
switch p.pluginTrust {
case PluginTrustDisabled:
return false, nil
case PluginTrustEnabled:
err := p.signingManager.ValidateSignature(p.keyringFiles, rp.Path(), rp.Signature())
if err != nil {
return false, serror.New(err)
}
case PluginTrustWarn:
if rp.Signature() == nil {
controlLogger.WithFields(f).Warn("Loading unsigned plugin ", rp.Path())
return false, nil
} else {
err := p.signingManager.ValidateSignature(p.keyringFiles, rp.Path(), rp.Signature())
if err != nil {
return false, serror.New(err)
}
}
}
return true, nil
}