Commit 8ce393a1 authored by Nathan Heldt-Sheller's avatar Nathan Heldt-Sheller Committed by Kevin Kane

[IOT-1958] CR 22 State Specific Property Access for /cred Resource

Implementation of CR 22 feature to deny UPDATE to /cred if any
Property in the POST representation is read-only in the current
/pstat.dos.s state.

Change-Id: I2acb34b8ceff1eeba0a4b12101fa60d7c2dee9dc
Signed-off-by: Nathan Heldt-Sheller's avatarNathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/19481Tested-by: default avatarjenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: default avatarKevin Kane <kkane@microsoft.com>
parent e9d05107
...@@ -56,6 +56,7 @@ ...@@ -56,6 +56,7 @@
#include "certhelpers.h" #include "certhelpers.h"
#include "cacommon.h" #include "cacommon.h"
#include "secureresourcemanager.h" #include "secureresourcemanager.h"
#include "deviceonboardingstate.h"
#ifdef __unix__ #ifdef __unix__
#include <sys/types.h> #include <sys/types.h>
...@@ -2041,16 +2042,30 @@ exit: ...@@ -2041,16 +2042,30 @@ exit:
static OCEntityHandlerResult HandlePostRequest(OCEntityHandlerRequest * ehRequest) static OCEntityHandlerResult HandlePostRequest(OCEntityHandlerRequest * ehRequest)
{ {
OCEntityHandlerResult ret = OC_EH_ERROR; OCEntityHandlerResult ret = OC_EH_INTERNAL_SERVER_ERROR;
OIC_LOG(DEBUG, TAG, "HandleCREDPostRequest IN"); OIC_LOG(DEBUG, TAG, "HandleCREDPostRequest IN");
OicSecDostype_t dos;
static uint16_t previousMsgId = 0; static uint16_t previousMsgId = 0;
//Get binary representation of cbor //Get binary representation of cbor
OicSecCred_t *cred = NULL; OicSecCred_t *cred = NULL;
uint8_t *payload = (((OCSecurityPayload*)ehRequest->payload)->securityData); uint8_t *payload = (((OCSecurityPayload*)ehRequest->payload)->securityData);
size_t size = (((OCSecurityPayload*)ehRequest->payload)->payloadSize); size_t size = (((OCSecurityPayload*)ehRequest->payload)->payloadSize);
OCStackResult res = CBORPayloadToCred(payload, size, &cred); OCStackResult res = OC_STACK_ERROR;
VERIFY_SUCCESS(TAG, OC_STACK_OK == GetDos(&dos), ERROR);
if ((DOS_RESET == dos.state) ||
(DOS_RFPRO == dos.state) ||
(DOS_RFNOP == dos.state))
{
OIC_LOG_V(WARNING, TAG, "%s /cred resource is read-only in RESET, RFPRO and RFNOP.", __func__);
ret = OC_EH_NOT_ACCEPTABLE;
goto exit;
}
res = CBORPayloadToCred(payload, size, &cred);
if (res == OC_STACK_OK) if (res == OC_STACK_OK)
{ {
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__) #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
...@@ -2284,6 +2299,7 @@ static OCEntityHandlerResult HandlePostRequest(OCEntityHandlerRequest * ehReques ...@@ -2284,6 +2299,7 @@ static OCEntityHandlerResult HandlePostRequest(OCEntityHandlerRequest * ehReques
#endif//__WITH_DTLS__ #endif//__WITH_DTLS__
} }
exit:
if (OC_EH_CHANGED != ret && cred != NULL) if (OC_EH_CHANGED != ret && cred != NULL)
{ {
if(OC_STACK_OK != RemoveCredential(&cred->subject)) if(OC_STACK_OK != RemoveCredential(&cred->subject))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment