projects / platform / upstream / iotivity.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[IOT-1524] Added check to reject unsecure request for selected SVR resources
[platform/upstream/iotivity.git] / resource / csdk / security / src / secureresourcemanager.c
diff --git a/resource/csdk/security/src/secureresourcemanager.c b/resource/csdk/security/src/secureresourcemanager.c
index 373bd09..fd13eff 100644 (file)
--- a/resource/csdk/security/src/secureresourcemanager.c
+++ b/resource/csdk/security/src/secureresourcemanager.c
@@ -186,9 +186,13 @@ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requ
     OCResource *resPtr = FindResourceByUri(newUri);
     if (NULL != resPtr)
     {
-        // check whether request is for secure resource or not and it should not be a SVR resource
-        if (((resPtr->resourceProperties) & OC_SECURE)
+        // All vertical secure resources and SVR resources other than DOXM & PSTAT should reject request
+        // over coap.
+        if ((((resPtr->resourceProperties) & OC_SECURE)
                             && (g_policyEngineContext.resourceType == NOT_A_SVR_RESOURCE))
+                            || ((g_policyEngineContext.resourceType < OIC_SEC_SVR_TYPE_COUNT)
+                            &&  (g_policyEngineContext.resourceType != OIC_R_DOXM_TYPE)
+                            &&  (g_policyEngineContext.resourceType != OIC_R_PSTAT_TYPE)))
         {
            // if resource is secure and request is over insecure channel
             if (!isRequestOverSecureChannel)
Domain: Network & Connectivity / IoT Connectivity;