review.tizen.org Git - contrib/iotivity.git/commit

author	Dan Mihai <Daniel.Mihai@microsoft.com>
	Mon, 6 Feb 2017 22:42:07 +0000 (14:42 -0800)
committer	Kevin Kane <kkane@microsoft.com>
	Tue, 14 Feb 2017 17:31:43 +0000 (17:31 +0000)
commit	5d9af5966b3ecad6fc141b69a74bcacac3850f96
tree	1408c349ffcf7b71fffccc290d76219d680bd65c	tree \| snapshot
parent	a400e4fe6174f726658a437065dd2b1d933e5d41	commit \| diff

[IOT-1800] Implement OCF Security CR1291

1. After establishing the secure OTM connection, GET the doxm
   properties again, and verify that they are still the same as those
   obtained during un-owned device discovery.

2. All GET and POST requests for /oic/sec/pstat are now performed
   using the secure OTM connection, after finishing step #1 above.

3. Assert that a secure OTM connection is used for all Onboarding
   related communication, except for:
   - The initial discovery, and
   - Posting the OxmSel property value (PostOwnerTransferModeToResource)

Note that:
- These are just Client-side changes. No Server-side changes were
  required.
- A newer Client is still compatible with a Server based on IoTivity 1.2
- A newer Server is still compatible with a Client based on IoTivity 1.2

Not directly-related to this CR: set-up DTLSHandshakeCB earlier, to
avoid a possible race condition with the initiation of the OTM secure
connection triggered by PostOwnerTransferModeToResource.

Change-Id: I1a94505756205d3b40ed70cb73dc41c8ce6ce0e1
Signed-off-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/17135
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Kevin Kane <kkane@microsoft.com>

resource/csdk/security/include/internal/doxmresource.h		diff \| blob \| history
resource/csdk/security/provisioning/src/ownershiptransfermanager.c		diff \| blob \| history
resource/csdk/security/src/doxmresource.c		diff \| blob \| history
resource/csdk/security/unittest/doxmresource.cpp		diff \| blob \| history