Commit 0addc3ff authored by Oleksandr Andrieiev's avatar Oleksandr Andrieiev

[IOT-3108] Disabled identity check for MFG OTM

Bug: https://jira.iotivity.org/browse/IOT-3108
Change-Id: I1bca35ab9c516f7a0850dd209e043048d9194007
Signed-off-by: Oleksandr Andrieiev's avatarOleksandr Andrieiev <o.andrieiev@samsung.com>
parent 1d19300d
......@@ -1468,7 +1468,10 @@ static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl
tep->sep.endpoint = *endpoint;
tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
mbedtls_ssl_conf_verify(config, verifyIdentity, NULL);
if (g_getIdentityCallback != NULL)
{
mbedtls_ssl_conf_verify(config, verifyIdentity, NULL);
}
if(0 != mbedtls_ssl_setup(&tep->ssl, config))
{
OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
......
......@@ -526,6 +526,10 @@ static void SetResult(OTMContext_t* otmCtx, const OCStackResult res)
{
OIC_LOG(WARNING, TAG, "Failed to revert PkixInfoHandler.");
}
if(CA_STATUS_OK != CAregisterIdentityHandler(GetIdentityHandler))
{
OIC_LOG(WARNING, TAG, "Failed to set IdentityHandler.");
}
if(CA_STATUS_OK != CAregisterGetCredentialTypesHandler(InitCipherSuiteList))
{
OIC_LOG(WARNING, TAG, "Failed to revert CredentialTypesHandler.");
......
......@@ -119,6 +119,12 @@ OCStackResult PrepareMCertificateCallback(OTMContext_t *otmCtx)
return OC_STACK_ERROR;
}
if (CA_STATUS_OK != CAregisterIdentityHandler(NULL))
{
OIC_LOG(ERROR, TAG, "Failed to register IdentityHandler");
return OC_STACK_ERROR;
}
if (CA_STATUS_OK != CAregisterGetCredentialTypesHandler(InitManufacturerCipherSuiteList))
{
OIC_LOG(ERROR, TAG, "Failed to register CredentialTypesHandler");
......
......@@ -3312,7 +3312,8 @@ void GetIdentityHandler(UuidContext_t* ctx, unsigned char* crt, size_t crtLen)
{
continue;
}
if (0 == strcmp(cred->credUsage, TRUST_CA) && 0 == strcmp(cred->credUsage, MF_TRUST_CA))
if (0 != strcmp(cred->credUsage, TRUST_CA))
{
continue;
}
......
......@@ -1519,6 +1519,7 @@ OCEntityHandlerResult HandleDoxmPostRequestMfg(OicSecDoxm_t *newDoxm,
OIC_LOG(DEBUG, TAG, "No ciphersuite preferred");
VERIFY_SUCCESS(TAG, CA_STATUS_OK == CAregisterPkixInfoHandler(GetManufacturerPkixInfo), ERROR);
VERIFY_SUCCESS(TAG, CA_STATUS_OK == CAregisterIdentityHandler(NULL), ERROR);
VERIFY_SUCCESS(TAG, CA_STATUS_OK == CAregisterGetCredentialTypesHandler(
InitManufacturerCipherSuiteList), ERROR);
exit:
......
......@@ -472,13 +472,13 @@ OCStackResult SRMInitSecureResources(void)
InitSecureResources();
OCStackResult ret = OC_STACK_OK;
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
CAregisterIdentityHandler(GetIdentityHandler);
if (CA_STATUS_OK != CAregisterPskCredentialsHandler(GetDtlsPskCredentials))
{
OIC_LOG(ERROR, TAG, "Failed to revert TLS credential handler.");
ret = OC_STACK_ERROR;
}
CAregisterPkixInfoHandler(GetPkixInfo);
CAregisterIdentityHandler(GetIdentityHandler);
CAregisterGetCredentialTypesHandler(InitCipherSuiteList);
#endif // __WITH_DTLS__ or __WITH_TLS__
return ret;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment