X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fsrc%2Faclresource.c;h=dc4b87426dde77e852cbbfcb5b3735da8bf6f2f0;hb=d2124971f17b1767127a7241ecc95d00633e5f3e;hp=94118bc89fef7d2abea0749848827f3e64457ac0;hpb=73b04a36692e1d23931b621262298b5a4b7f8431;p=platform%2Fupstream%2Fiotivity.git diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c index 94118bc..dc4b874 100644 --- a/resource/csdk/security/src/aclresource.c +++ b/resource/csdk/security/src/aclresource.c @@ -47,7 +47,7 @@ #include "security_internals.h" #define TAG "OIC_SRM_ACL" -#define NUMBER_OF_SEC_PROV_RSCS 4 +#define NUMBER_OF_SEC_PROV_RSCS 3 #define NUMBER_OF_DEFAULT_SEC_RSCS 2 #define STRING_UUID_SIZE (UUID_LENGTH * 2 + 5) @@ -132,7 +132,7 @@ static void FreeACE(OicSecAce_t *ace) validity = NULL; } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER OICFree(ace->eownerID); #endif @@ -190,6 +190,7 @@ OicSecAce_t* DuplicateACE(const OicSecAce_t* ace) newRsrc->rel = (char*)OICMalloc(sizeof(char) * allocateSize); VERIFY_NON_NULL(TAG, newRsrc->rel, ERROR); OICStrcpy(newRsrc->rel, allocateSize, rsrc->rel); + newRsrc->rel[allocateSize - 1] = '\0'; } if(rsrc->types && 0 < rsrc->typeLen) @@ -256,7 +257,7 @@ OicSecAce_t* DuplicateACE(const OicSecAce_t* ace) } } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER if (ace->eownerID) { if (NULL == newAce->eownerID) @@ -362,14 +363,15 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz { aclMapSize++; } + validityElts = validityElts->next; } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER if(ace->eownerID) { aclMapSize++; } -#endif //_ENABLE_MULTIPLE_OWNER_ +#endif //MULTIPLE_OWNER cborEncoderResult = cbor_encoder_create_map(&acesArray, &oicSecAclMap, aclMapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACES Map"); @@ -561,7 +563,7 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Validities Array."); } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER // Eownerid -- Not Mandatory if(ace->eownerID) { @@ -575,7 +577,7 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz OICFree(eowner); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding eownerId Value."); } -#endif //_ENABLE_MULTIPLE_OWNER_ +#endif //MULTIPLE_OWNER cborEncoderResult = cbor_encoder_close_container(&acesArray, &oicSecAclMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACES Map."); @@ -687,6 +689,7 @@ OicSecAcl_t* CBORPayloadToAcl2(const uint8_t *cborPayload, const size_t size) cbor_parser_init(cborPayload, size, 0, &parser, &aclCbor); OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t)); + VERIFY_NON_NULL(TAG, acl, ERROR); // Enter ACL Map CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; @@ -727,8 +730,6 @@ OicSecAcl_t* CBORPayloadToAcl2(const uint8_t *cborPayload, const size_t size) VERIFY_NON_NULL(TAG, ace, ERROR); LL_APPEND(acl->aces, ace); - VERIFY_NON_NULL(TAG, acl, ERROR); - while (cbor_value_is_valid(&aceMap)) { char* name = NULL; @@ -1128,12 +1129,31 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size) { cbor_value_get_array_length(&rMap, &rsrc->typeLen); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT array length."); + + CborValue resourceTypes; + + if (rsrc->typeLen == 0) + { + cborFindResult = cbor_value_enter_container(&rMap, &resourceTypes); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering RT Array."); + + while (!cbor_value_at_end(&resourceTypes)) + { + rsrc->typeLen++; + cborFindResult = cbor_value_advance(&resourceTypes); + if (cborFindResult != CborNoError) + { + break; + } + } + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT array length."); + } + VERIFY_SUCCESS(TAG, (0 != rsrc->typeLen), ERROR); rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*)); VERIFY_NON_NULL(TAG, rsrc->types, ERROR); - CborValue resourceTypes; cborFindResult = cbor_value_enter_container(&rMap, &resourceTypes); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering RT Array."); @@ -1151,12 +1171,31 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size) { cbor_value_get_array_length(&rMap, &rsrc->interfaceLen); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF array length."); + + CborValue interfaces; + + if (rsrc->interfaceLen == 0) + { + cborFindResult = cbor_value_enter_container(&rMap, &interfaces); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering IF Array."); + + while (!cbor_value_at_end(&interfaces)) + { + rsrc->interfaceLen++; + cborFindResult = cbor_value_advance(&interfaces); + if (cborFindResult != CborNoError) + { + break; + } + } + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF array length."); + } + VERIFY_SUCCESS(TAG, (0 != rsrc->interfaceLen), ERROR); rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*)); VERIFY_NON_NULL(TAG, rsrc->interfaces, ERROR); - CborValue interfaces; cborFindResult = cbor_value_enter_container(&rMap, &interfaces); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering IF Array."); @@ -1254,7 +1293,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size) } } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER // eowner uuid -- Not Mandatory if (strcmp(name, OIC_JSON_EOWNERID_NAME) == 0) { @@ -1270,7 +1309,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size) OICFree(eowner); VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); } -#endif //_ENABLE_MULTIPLE_OWNER_ +#endif //MULTIPLE_OWNER OICFree(name); } @@ -1333,7 +1372,7 @@ exit: return acl; } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER bool IsValidAclAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cborPayload, const size_t size) { bool retValue = false; @@ -1373,7 +1412,7 @@ exit: return retValue; } -#endif //_ENABLE_MULTIPLE_OWNER_ +#endif //MULTIPLE_OWNER /** * This method removes ACE for the subject and resource from the ACL @@ -1390,6 +1429,12 @@ OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource) { OIC_LOG(DEBUG, TAG, "IN RemoveACE"); + if (!gAcl) + { + OIC_LOG_V(ERROR, TAG, "%s: gAcl is NULL", __func__); + return OC_STACK_INVALID_PARAM; + } + OicSecAce_t *ace = NULL; OicSecAce_t *tempAce = NULL; bool deleteFlag = false; @@ -1702,7 +1747,7 @@ static bool IsSameValidities(OicSecValidity_t* validities1, OicSecValidity_t* va return false; } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER static bool IsSameEowner(OicUuid_t* eowner1, OicUuid_t* eowner2) { if (NULL != eowner1 && NULL != eowner2) @@ -1746,7 +1791,7 @@ static bool IsSameACE(OicSecAce_t* ace1, OicSecAce_t* ace2) return false; } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER if(false == IsSameEowner(ace1->eownerID, ace2->eownerID)) { return false; @@ -1839,6 +1884,7 @@ static OCStackResult RemoveAllAce(void) static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *ehRequest) { OIC_LOG(INFO, TAG, "HandleACLGetRequest processing the request"); + uint8_t* payload = NULL; size_t size = 0; OCEntityHandlerResult ehRet; @@ -1857,7 +1903,16 @@ static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *e const OicSecAce_t *currentAce = NULL; OicSecAcl_t targetAcl; - memcpy(&targetAcl.rownerID, &gAcl->rownerID, sizeof(OicUuid_t)); + if (NULL != gAcl) + { + memcpy(&targetAcl.rownerID, &gAcl->rownerID, sizeof(OicUuid_t)); + } + else + { + OIC_LOG_V(ERROR, TAG, "%s: gAcl is NULL", __func__); + goto exit; + } + targetAcl.aces = NULL; // 'Subject' field is MUST for processing a querystring in REST request. @@ -1945,7 +2000,7 @@ static OCEntityHandlerResult HandleACLPostRequest(const OCEntityHandlerRequest * OIC_LOG_BUFFER(DEBUG, TAG, payload, size); newAcl = CBORPayloadToAcl(payload, size); - if (newAcl) + if (NULL != newAcl && NULL != gAcl) { bool isNewAce = true; OicSecAce_t* existAce = NULL; @@ -2004,6 +2059,10 @@ static OCEntityHandlerResult HandleACLPostRequest(const OCEntityHandlerRequest * } } } + else + { + OIC_LOG_V(ERROR, TAG, "%s: %s", __func__, (NULL == newAcl) ? "no new ACL" : "gAcl is NULL"); + } } //Send response to request originator @@ -2488,8 +2547,17 @@ OCStackResult AppendACL2(const OicSecAcl_t* acl) { OCStackResult ret = OC_STACK_ERROR; + OIC_LOG_V(DEBUG, TAG, "IN: %s", __func__); + if (!acl) { + OIC_LOG_V(ERROR, TAG, "%s: acl is NULL", __func__); + return OC_STACK_INVALID_PARAM; + } + + if (!gAcl) + { + OIC_LOG_V(ERROR, TAG, "%s: gAcl is NULL", __func__); return OC_STACK_INVALID_PARAM; } @@ -2520,6 +2588,8 @@ OCStackResult AppendACL2(const OicSecAcl_t* acl) OICFree(payload); } + OIC_LOG_V(DEBUG, TAG, "OUT: %s", __func__); + return ret; } @@ -2533,10 +2603,19 @@ OCStackResult AppendACL(const uint8_t *cborPayload, const size_t size) OCStackResult InstallACL(const OicSecAcl_t* acl) { + OIC_LOG_V(DEBUG, TAG, "IN: %s", __func__); + OCStackResult ret = OC_STACK_ERROR; if (!acl) { + OIC_LOG_V(ERROR, TAG, "%s: acl is NULL", __func__); + return OC_STACK_INVALID_PARAM; + } + + if (!gAcl) + { + OIC_LOG_V(ERROR, TAG, "%s: gAcl is NULL", __func__); return OC_STACK_INVALID_PARAM; } @@ -2599,6 +2678,8 @@ OCStackResult InstallACL(const OicSecAcl_t* acl) OICFree(newInstallAcl); } + OIC_LOG_V(DEBUG, TAG, "OUT: %s", __func__); + return ret; } @@ -2719,8 +2800,6 @@ OCStackResult UpdateDefaultSecProvACE() strlen(OIC_RSRC_DOXM_URI) + 1) == 0 || strncmp(rsrc->href, OIC_RSRC_CRED_URI, strlen(OIC_RSRC_CRED_URI) + 1) == 0 || - strncmp(rsrc->href, OIC_RSRC_ACL_URI, - strlen(OIC_RSRC_ACL_URI) + 1) == 0 || strncmp(rsrc->href, OIC_RSRC_PSTAT_URI, strlen(OIC_RSRC_PSTAT_URI) + 1) == 0) {