-DUSER_NAME=%{user_name} \
-DGROUP_NAME=%{group_name} \
-DSMACK_DOMAIN_NAME=%{smack_domain_name} \
- -DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF} \
-DOLD_RW_DATA_DIR=%{old_rw_data_dir} \
-DRW_DATA_DIR=%{rw_data_dir} \
-DRO_DATA_DIR=%{ro_data_dir} \
SET(KEY_MANAGER_SRC_PATH ${PROJECT_SOURCE_DIR}/src)
SET(KEY_MANAGER_PATH ${PROJECT_SOURCE_DIR}/src/manager)
-IF (MOCKUP_SM MATCHES "ON")
- IF (CMAKE_BUILD_TYPE MATCHES "RELEASE")
- MESSAGE(FATAL_ERROR "You cannot compile release version with SECURITY MOCKUPS!")
- ENDIF (CMAKE_BUILD_TYPE MATCHES "RELEASE")
- MESSAGE("USING MOCKUPS INSTEAD SECURITY MODULES (SECURITY MANAGER AND CYNARA)")
- SET(SECURITY_MANAGER_WRAPPER_PATH ${KEY_MANAGER_PATH}/main/socket-2-id-mockup.cpp)
- SET(CYNARA_WRAPPER_PATH ${KEY_MANAGER_PATH}/main/cynara-mockup.cpp)
-ELSE (MOCKUP_SM MATCHES "ON")
- SET(SECURITY_MANAGER_WRAPPER_PATH ${KEY_MANAGER_PATH}/main/socket-2-id-wrapper.cpp)
- SET(CYNARA_WRAPPER_PATH ${KEY_MANAGER_PATH}/main/cynara.cpp)
-ENDIF (MOCKUP_SM MATCHES "ON")
-
SET(KEY_MANAGER_SOURCES
+ ${KEY_MANAGER_PATH}/main/cynara.cpp
${KEY_MANAGER_PATH}/main/generic-socket-manager.cpp
${KEY_MANAGER_PATH}/main/key-manager-main.cpp
${KEY_MANAGER_PATH}/main/smack-check.cpp
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-/*
- * @file cynara-mockup.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Mockup for cynara used in ckm-tests.
- */
-#include <string>
-
-#include <cynara.h>
-
-namespace CKM {
-
-Cynara::Cynara(GenericSocketManager *socketManager) :
- m_socketManager(socketManager),
- m_cynara(nullptr)
-{
-}
-
-void Cynara::Request(
- const std::string &,
- const std::string &,
- const std::string &,
- const std::string &,
- StatusCallback callback)
-{
- callback(true);
-}
-
-void Cynara::ProcessSocket() {}
-
-Cynara::~Cynara() {}
-
-void Cynara::ChangeStatus(
- int,
- int,
- cynara_async_status)
-{
-}
-
-void Cynara::ProcessResponse(
- cynara_check_id,
- cynara_async_call_cause,
- int)
-{
-}
-
-void Cynara::SendRequest(
- const std::string &,
- const std::string &,
- const std::string &,
- const std::string &,
- StatusCallback)
-{
-}
-
-void Cynara::ChangeStatusCallback(
- int,
- int,
- cynara_async_status,
- void *)
-{
-}
-
-void Cynara::ProcessResponseCallback(
- cynara_check_id,
- cynara_async_call_cause,
- int,
- void *)
-{
-}
-
-bool Cynara::GetUserFromSocket(
- int,
- std::string &)
-{
- return true;
-}
-
-bool Cynara::GetClientFromSocket(
- int,
- std::string &)
-{
- return true;
-}
-
-} // namespace CKM
+++ /dev/null
-/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-/*
- * @file socket-2-id-mockup.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- */
-#include <string>
-
-#include <dpl/log/log.h>
-#include <protocols.h>
-#include <socket-2-id.h>
-
-namespace {
-
-int getPkgIdFromSmack(const std::string &smack, std::string &pkgId)
-{
- static const std::string SMACK_PREFIX_APPID = "User::App::";
-
- if (smack.empty()) {
- LogError("Smack is empty. Connection will be rejected");
- return -1;
- }
-
- if (smack.compare(0, SMACK_PREFIX_APPID.size(), SMACK_PREFIX_APPID)) {
- pkgId = "/" + smack;
- LogDebug("Smack: " << smack << " Was translated to owner id: " << pkgId);
- return 0;
- }
-
- std::string appId = smack.substr(SMACK_PREFIX_APPID.size(), std::string::npos);
-
- if (appId.empty()) {
- LogError("After conversion (smack->pkgId) pkgId is empty. Label: " << appId);
- return -1;
- }
-
- pkgId = std::move(appId);
- LogDebug("Smack: " << smack << " Was translated to owner id: " << pkgId);
- return 0;
-}
-
-} // namespace anonymous
-
-namespace CKM {
-
-int Socket2Id::translate(int sock, std::string &result)
-{
- std::string smack;
- std::string pkgId;
-
- if (0 > getCredentialsFromSocket(sock, smack))
- return -1;
-
- if (0 > getPkgIdFromSmack(smack, pkgId))
- return -1;
-
- mapToDomainLabel(pkgId);
-
- result = std::move(pkgId);
- return 0;
-}
-
-} // namespace CKM
-
+++ /dev/null
-/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-/*
- * @file socket-2-id-wrapper.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- */
-#include <string>
-
-#include <security-manager.h>
-
-#include <dpl/log/log.h>
-#include <protocols.h>
-#include <socket-2-id.h>
-
-namespace {
-
-int getPkgIdFromSocket(int sock, std::string &pkgId)
-{
- char *pkg = nullptr;
-
- int ret = security_manager_identify_app_from_socket(sock, &pkg, nullptr);
-
- if (ret == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT) {
- LogInfo("Owner of socket is not connected with pkgid. "
- "This case must be special-labled client. e.g. User, System");
- return 1;
- }
-
- if (ret != SECURITY_MANAGER_SUCCESS) {
- LogError("security_manager_identify_app_from_socket failed with error: "
- << ret);
- return -1;
- }
-
- pkgId = pkg;
- free(pkg);
- LogDebug("Socket: " << sock << " Was translated to owner id: " << pkgId);
- return 0;
-}
-
-} // namespace anonymous
-
-namespace CKM {
-
-int Socket2Id::translate(int sock, std::string &result)
-{
- std::string smack;
-
- if (0 > getCredentialsFromSocket(sock, smack))
- return -1;
-
- StringMap::iterator it = m_stringMap.find(smack);
-
- if (it != m_stringMap.end()) {
- result = it->second;
- return 0;
- }
-
- std::string pkgId;
- int retCode = getPkgIdFromSocket(sock, pkgId);
-
- if (retCode < 0)
- return -1;
-
- if (retCode == 1) {
- LogInfo("Special smack label case. label: " << smack);
- pkgId = "/" + smack;
- }
-
- mapToDomainLabel(pkgId);
-
- result = pkgId;
- m_stringMap.emplace(std::move(smack), std::move(pkgId));
- return 0;
-}
-
-} // namespace CKM
-
/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000 - 2016 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <sys/types.h>
#include <sys/socket.h>
+#include <security-manager.h>
+
#include <dpl/log/log.h>
#include <protocols.h>
#include <socket-2-id.h>
namespace {
+int getPkgIdFromSocket(int sock, std::string &pkgId)
+{
+ char *pkg = nullptr;
+
+ int ret = security_manager_identify_app_from_socket(sock, &pkg, nullptr);
+
+ if (ret == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT) {
+ LogInfo("Owner of socket is not connected with pkgid. "
+ "This case must be special-labled client. e.g. User, System");
+ return 1;
+ }
+
+ if (ret != SECURITY_MANAGER_SUCCESS) {
+ LogError("security_manager_identify_app_from_socket failed with error: "
+ << ret);
+ return -1;
+ }
+
+ pkgId = pkg;
+ free(pkg);
+ LogDebug("Socket: " << sock << " Was translated to owner id: " << pkgId);
+ return 0;
+}
+
int assignToString(std::vector<char> &vec, socklen_t len, std::string &res)
{
if (vec.size() <= len)
m_stringMap.clear();
}
+int Socket2Id::translate(int sock, std::string &result)
+{
+ std::string smack;
+
+ if (0 > getCredentialsFromSocket(sock, smack))
+ return -1;
+
+ StringMap::iterator it = m_stringMap.find(smack);
+
+ if (it != m_stringMap.end()) {
+ result = it->second;
+ return 0;
+ }
+
+ std::string pkgId;
+ int retCode = getPkgIdFromSocket(sock, pkgId);
+
+ if (retCode < 0)
+ return -1;
+
+ if (retCode == 1) {
+ LogInfo("Special smack label case. label: " << smack);
+ pkgId = "/" + smack;
+ }
+
+ mapToDomainLabel(pkgId);
+
+ result = pkgId;
+ m_stringMap.emplace(std::move(smack), std::move(pkgId));
+ return 0;
+}
+
} // namespace CKM
libxml-2.0
cynara-client-async
cynara-creds-socket
+ security-manager
)
FIND_PACKAGE(Threads REQUIRED)
${KEY_MANAGER_PATH}/main/generic-socket-manager.cpp
${KEY_MANAGER_PATH}/main/smack-check.cpp
${KEY_MANAGER_PATH}/main/socket-2-id.cpp
- ${KEY_MANAGER_PATH}/main/socket-2-id-mockup.cpp
${KEY_MANAGER_PATH}/main/socket-manager.cpp
${KEY_MANAGER_PATH}/main/thread-service.cpp
${KEY_MANAGER_PATH}/service/access-control.cpp