Commit 8b6b1ed2 authored by Kishen Maloor's avatar Kishen Maloor

oc_acl: expose ACL related structs to public API

Change-Id: I253b96d905a2bd2e48c68631faf244dda17aeca7
Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
parent eae1574f
/*
// Copyright (c) 2017-2019 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
*/
/**
@file
*/
#ifndef OC_ACL_COMMON_H
#define OC_ACL_COMMON_H
#include "oc_ri.h"
#include "oc_uuid.h"
#include "util/oc_list.h"
#ifdef __cplusplus
extern "C"
{
#endif
typedef struct oc_sec_acl_s
{
OC_LIST_STRUCT(subjects);
oc_uuid_t rowneruuid;
} oc_sec_acl_t;
typedef enum {
OC_CONN_AUTH_CRYPT = 0,
OC_CONN_ANON_CLEAR
} oc_ace_connection_type_t;
typedef enum {
OC_ACE_NO_WC = 0,
OC_ACE_WC_ALL = 0x111,
OC_ACE_WC_ALL_SECURED = 0x01,
OC_ACE_WC_ALL_PUBLIC = 0x10,
} oc_ace_wildcard_t;
typedef enum {
OC_PERM_NONE = 0,
OC_PERM_CREATE = (1 << 0),
OC_PERM_RETRIEVE = (1 << 1),
OC_PERM_UPDATE = (1 << 2),
OC_PERM_DELETE = (1 << 3),
OC_PERM_NOTIFY = (1 << 4)
} oc_ace_permissions_t;
typedef enum {
OC_SUBJECT_UUID = 0,
OC_SUBJECT_ROLE,
OC_SUBJECT_CONN
} oc_ace_subject_type_t;
typedef struct oc_ace_res_t
{
struct oc_ace_res_t *next;
oc_string_t href;
oc_interface_mask_t interfaces;
oc_string_array_t types;
oc_ace_wildcard_t wildcard;
} oc_ace_res_t;
typedef union oc_ace_subject_t
{
oc_uuid_t uuid;
struct
{
oc_string_t role;
oc_string_t authority;
} role;
oc_ace_connection_type_t conn;
} oc_ace_subject_t;
typedef struct oc_sec_ace_t
{
struct oc_sec_ace_t *next;
OC_LIST_STRUCT(resources);
oc_ace_subject_type_t subject_type;
oc_ace_subject_t subject;
int aceid;
oc_ace_permissions_t permission;
} oc_sec_ace_t;
#ifdef __cplusplus
}
#endif
#endif /* OC_ACL_COMMON_H */
......@@ -19,6 +19,7 @@
#ifndef OC_OBT_H
#define OC_OBT_H
#include "oc_acl_common.h"
#include "oc_api.h"
#include "oc_pki.h"
#include "oc_uuid.h"
......@@ -28,30 +29,6 @@ extern "C"
{
#endif
typedef struct oc_ace_res_s oc_ace_res_t;
typedef struct oc_sec_ace_s oc_sec_ace_t;
typedef enum {
OC_CONN_AUTH_CRYPT = 0,
OC_CONN_ANON_CLEAR
} oc_ace_connection_type_t;
typedef enum {
OC_ACE_NO_WC = 0,
OC_ACE_WC_ALL = 0x111,
OC_ACE_WC_ALL_SECURED = 0x01,
OC_ACE_WC_ALL_PUBLIC = 0x10,
} oc_ace_wildcard_t;
typedef enum {
OC_PERM_NONE = 0,
OC_PERM_CREATE = (1 << 0),
OC_PERM_RETRIEVE = (1 << 1),
OC_PERM_UPDATE = (1 << 2),
OC_PERM_DELETE = (1 << 3),
OC_PERM_NOTIFY = (1 << 4)
} oc_ace_permissions_t;
typedef void (*oc_obt_discovery_cb_t)(oc_uuid_t *, oc_endpoint_t *, void *);
typedef void (*oc_obt_device_status_cb_t)(oc_uuid_t *, int, void *);
typedef void (*oc_obt_status_cb_t)(int, void *);
......
/*
// Copyright (c) 2017 Intel Corporation
// Copyright (c) 2017-2019 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
......@@ -41,8 +41,6 @@ static oc_sec_acl_t *aclist;
static oc_sec_acl_t aclist[OC_MAX_NUM_DEVICES];
#endif /* !OC_DYNAMIC_ALLOCATION */
static const char *auth_crypt = "auth-crypt";
static const char *anon_clear = "anon-clear";
static const char *wc_all = "*";
static const char *wc_secured = "+";
static const char *wc_public = "-";
......@@ -545,10 +543,10 @@ oc_sec_encode_acl(size_t device)
case OC_SUBJECT_CONN: {
switch (sub->subject.conn) {
case OC_CONN_AUTH_CRYPT:
oc_rep_set_text_string(subject, conntype, auth_crypt);
oc_rep_set_text_string(subject, conntype, "auth-crypt");
break;
case OC_CONN_ANON_CLEAR:
oc_rep_set_text_string(subject, conntype, anon_clear);
oc_rep_set_text_string(subject, conntype, "anon-clear");
break;
}
} break;
......@@ -1009,14 +1007,13 @@ oc_sec_decode_acl(oc_rep_t *rep, bool from_storage, size_t device)
subject_type = OC_SUBJECT_ROLE;
} else if (len == 8 &&
memcmp(oc_string(sub->name), "conntype", 8) == 0) {
if (oc_string_len(sub->value.string) == strlen(auth_crypt) &&
memcmp(oc_string(sub->value.string), auth_crypt,
strlen(auth_crypt)) == 0) {
if (oc_string_len(sub->value.string) == 10 &&
memcmp(oc_string(sub->value.string), "auth-crypt", 10) ==
0) {
subject.conn = OC_CONN_AUTH_CRYPT;
} else if (oc_string_len(sub->value.string) ==
strlen(anon_clear) &&
memcmp(oc_string(sub->value.string), anon_clear,
strlen(anon_clear)) == 0) {
} else if (oc_string_len(sub->value.string) == 10 &&
memcmp(oc_string(sub->value.string), "anon-clear",
10) == 0) {
subject.conn = OC_CONN_ANON_CLEAR;
}
subject_type = OC_SUBJECT_CONN;
......
......@@ -30,49 +30,6 @@ extern "C"
{
#endif
typedef enum {
OC_SUBJECT_UUID = 0,
OC_SUBJECT_ROLE,
OC_SUBJECT_CONN
} oc_ace_subject_type_t;
struct oc_ace_res_s
{
struct oc_ace_res_s *next;
oc_string_t href;
oc_interface_mask_t interfaces;
oc_string_array_t types;
oc_ace_wildcard_t wildcard;
};
typedef union
{
oc_uuid_t uuid;
struct
{
oc_string_t role;
oc_string_t authority;
} role;
oc_ace_connection_type_t conn;
} oc_ace_subject_t;
struct oc_sec_ace_s
{
struct oc_sec_ace_s *next;
OC_LIST_STRUCT(resources);
oc_ace_subject_type_t subject_type;
oc_ace_subject_t subject;
int aceid;
oc_ace_permissions_t permission;
// TODO: Add "validity" for ACE. It is currently not a mandatory property
};
typedef struct
{
OC_LIST_STRUCT(subjects);
oc_uuid_t rowneruuid;
} oc_sec_acl_t;
void oc_sec_acl_init(void);
void oc_sec_acl_free(void);
oc_sec_acl_t *oc_sec_get_acl(size_t device);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment