Commit 29a8f14b authored by Kishen Maloor's avatar Kishen Maloor

Expose /oic/sec/sp in non OC_PKI builds

Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
parent 9b74a88f
Pipeline #127 passed with stage
in 49 seconds
......@@ -597,13 +597,13 @@ oc_core_get_resource_by_uri(const char *uri, size_t device)
} else if (memcmp(uri + skip, "oic/sec/cred", 12) == 0) {
type = OCF_SEC_CRED;
}
} else if ((strlen(uri) - skip) == 10 &&
memcmp(uri + skip, "oic/sec/sp", 10) == 0) {
type = OCF_SEC_SP;
}
#ifdef OC_PKI
else if ((strlen(uri) - skip) == 10 &&
memcmp(uri + skip, "oic/sec/sp", 10) == 0) {
type = OCF_SEC_SP;
} else if ((strlen(uri) - skip) == 11 &&
memcmp(uri + skip, "oic/sec/csr", 11) == 0) {
else if ((strlen(uri) - skip) == 11 &&
memcmp(uri + skip, "oic/sec/csr", 11) == 0) {
type = OCF_SEC_CSR;
} else if ((strlen(uri) - skip) == 13 &&
memcmp(uri + skip, "oic/sec/roles", 13) == 0) {
......
......@@ -42,9 +42,9 @@
#include "security/oc_store.h"
#include "security/oc_svr.h"
#include "security/oc_tls.h"
#include "security/oc_sp.h"
#ifdef OC_PKI
#include "security/oc_keypair.h"
#include "security/oc_sp.h"
#endif /* OC_PKI */
#endif /* OC_SECURITY */
......@@ -237,8 +237,8 @@ oc_main_init(const oc_handler_t *handler)
oc_sec_load_doxm(device);
oc_sec_load_cred(device);
oc_sec_load_acl(device);
#ifdef OC_PKI
oc_sec_load_sp(device);
#ifdef OC_PKI
oc_sec_load_ecdsa_keypair(device);
#endif /* OC_PKI */
}
......@@ -293,8 +293,8 @@ oc_main_shutdown(void)
oc_sec_cred_free();
oc_sec_doxm_free();
oc_sec_pstat_free();
#ifdef OC_PKI
oc_sec_sp_free();
#ifdef OC_PKI
oc_free_ecdsa_keypairs();
#endif /* OC_PKI */
oc_tls_shutdown();
......
......@@ -37,7 +37,7 @@ extern int strncasecmp(const char *s1, const char *s2, size_t n);
#ifdef OC_DYNAMIC_ALLOCATION
#include "port/oc_assert.h"
static oc_sec_acl_t *aclist;
#else /* OC_DYNAMIC_ALLOCATION */
#else /* OC_DYNAMIC_ALLOCATION */
static oc_sec_acl_t aclist[OC_MAX_NUM_DEVICES];
#endif /* !OC_DYNAMIC_ALLOCATION */
......@@ -197,8 +197,8 @@ oc_sec_acl_find_subject(oc_sec_ace_t *start, oc_ace_subject_type_t type,
}
static uint16_t
oc_ace_get_permission(oc_sec_ace_t *ace, oc_resource_t *resource,
bool is_DCR, bool is_public)
oc_ace_get_permission(oc_sec_ace_t *ace, oc_resource_t *resource, bool is_DCR,
bool is_public)
{
uint16_t permission = 0;
......@@ -222,8 +222,8 @@ oc_ace_get_permission(oc_sec_ace_t *ace, oc_resource_t *resource,
}
}
oc_ace_res_t *res = oc_sec_ace_find_resource(
NULL, ace, oc_string(resource->uri), wc);
oc_ace_res_t *res =
oc_sec_ace_find_resource(NULL, ace, oc_string(resource->uri), wc);
while (res != NULL) {
permission |= ace->permission;
......@@ -307,8 +307,7 @@ get_role_permissions(oc_sec_cred_t *role_cred, oc_resource_t *resource,
device);
if (match) {
permission |=
oc_ace_get_permission(match, resource, is_DCR, is_public);
permission |= oc_ace_get_permission(match, resource, is_DCR, is_public);
OC_DBG("oc_check_acl: Found ACE with permission %d for matching role",
permission);
}
......@@ -385,8 +384,7 @@ oc_sec_check_acl(oc_method_t method, oc_resource_t *resource,
endpoint->device);
if (match) {
permission |=
oc_ace_get_permission(match, resource, is_DCR, is_public);
permission |= oc_ace_get_permission(match, resource, is_DCR, is_public);
OC_DBG("oc_check_acl: Found ACE with permission %d for subject UUID",
permission);
}
......@@ -432,8 +430,7 @@ oc_sec_check_acl(oc_method_t method, oc_resource_t *resource,
match = oc_sec_acl_find_subject(match, OC_SUBJECT_CONN, &_auth_crypt, -1,
0, endpoint->device);
if (match) {
permission |=
oc_ace_get_permission(match, resource, is_DCR, is_public);
permission |= oc_ace_get_permission(match, resource, is_DCR, is_public);
OC_DBG("oc_check_acl: Found ACE with permission %d for auth-crypt "
"connection",
permission);
......@@ -448,8 +445,7 @@ oc_sec_check_acl(oc_method_t method, oc_resource_t *resource,
match = oc_sec_acl_find_subject(match, OC_SUBJECT_CONN, &_anon_clear, -1, 0,
endpoint->device);
if (match) {
permission |=
oc_ace_get_permission(match, resource, is_DCR, is_public);
permission |= oc_ace_get_permission(match, resource, is_DCR, is_public);
OC_DBG("oc_check_acl: Found ACE with permission %d for anon-clear "
"connection",
permission);
......@@ -558,8 +554,8 @@ oc_sec_encode_acl(size_t device)
static oc_ace_res_t *
oc_sec_ace_get_res(oc_ace_subject_type_t type, oc_ace_subject_t *subject,
const char *href, oc_ace_wildcard_t wildcard,
int aceid, uint16_t permission, size_t device, bool create)
const char *href, oc_ace_wildcard_t wildcard, int aceid,
uint16_t permission, size_t device, bool create)
{
oc_sec_ace_t *ace =
oc_sec_acl_find_subject(NULL, type, subject, aceid, permission, device);
......@@ -673,8 +669,8 @@ oc_sec_ace_update_res(oc_ace_subject_type_t type, oc_ace_subject_t *subject,
int aceid, uint16_t permission, const char *href,
oc_ace_wildcard_t wildcard, size_t device)
{
if (oc_sec_ace_get_res(type, subject, href, wildcard, aceid,
permission, device, true))
if (oc_sec_ace_get_res(type, subject, href, wildcard, aceid, permission,
device, true))
return true;
return false;
}
......@@ -817,8 +813,7 @@ oc_sec_acl_add_created_resource_ace(const char *href, oc_endpoint_t *client,
perm |= OC_PERM_CREATE;
}
oc_sec_ace_update_res(OC_SUBJECT_UUID, &subject, -1, perm, href, 0,
device);
oc_sec_ace_update_res(OC_SUBJECT_UUID, &subject, -1, perm, href, 0, device);
return true;
}
......@@ -843,20 +838,18 @@ oc_sec_acl_default(size_t device)
continue;
}
if (i <= OCF_RES || i == OCF_D) {
success &=
oc_sec_ace_update_res(OC_SUBJECT_CONN, &_anon_clear, 1, 2,
oc_string(resource->uri), 0, device);
success &= oc_sec_ace_update_res(OC_SUBJECT_CONN, &_anon_clear, 1, 2,
oc_string(resource->uri), 0, device);
}
if (i >= OCF_SEC_DOXM &&
#ifdef OC_PKI
i < OCF_SEC_ROLES)
#else /* OC_PKI */
i <= OCF_SEC_CRED)
i <= OCF_SEC_SP)
#endif /* !OC_PKI */
{
success &=
oc_sec_ace_update_res(OC_SUBJECT_CONN, &_anon_clear, 2, 14,
oc_string(resource->uri), -1, device);
success &= oc_sec_ace_update_res(OC_SUBJECT_CONN, &_anon_clear, 2, 14,
oc_string(resource->uri), -1, device);
}
}
OC_DBG("ACL for core resources initialized %d", success);
......
......@@ -156,8 +156,8 @@ oc_pstat_handle_state(oc_sec_pstat_t *ps, size_t device, bool from_storage,
}
#ifdef OC_PKI
oc_sec_free_roles_for_device(device);
oc_sec_sp_default(device);
#endif /* OC_PKI */
oc_sec_sp_default(device);
#ifdef OC_SERVER
#ifdef OC_CLIENT
#ifdef OC_CLOUD
......
......@@ -132,7 +132,6 @@ oc_sec_load_pstat(size_t device)
}
}
#ifdef OC_PKI
void
oc_sec_load_sp(size_t device)
{
......@@ -205,6 +204,7 @@ oc_sec_dump_sp(size_t device)
#endif /* OC_DYNAMIC_ALLOCATION */
}
#ifdef OC_PKI
void
oc_sec_load_ecdsa_keypair(size_t device)
{
......
......@@ -35,10 +35,7 @@ oc_sec_create_svr(void)
oc_sec_pstat_init();
oc_sec_cred_init();
oc_sec_acl_init();
#ifdef OC_PKI
oc_sec_sp_init();
#endif /* OC_PKI */
size_t i;
for (i = 0; i < oc_core_get_num_devices(); i++) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment