-LAST UPDATED 5/27/2015
+LAST UPDATED 9/29/2016
To build the IoTivity stack with the security features enabled:
$ export LD_LIBRARY_PATH=<iotivity-base>/out/<...>/release
$ ./ocserverbasicops &
$ ./occlientbasicops -t 1
- Message "INFO: occlientbasicops: Secure -- YES" indicates success!
+ NOTE: Console messages below indicate success:
+ "INFO: occlientbasicops: Uri -- /a/led
+ INFO: occlientbasicops: SECUREPORT udp: 51516
+ INFO: occlientbasicops: Secure -- YES"
$ ./occlientbasicops -t 2
- Completion of 'GET' and 'PUT' query successfully indicates success!
+ NOTE: Completion of 'GET' and 'PUT' query to /a/led indicates success!
CopyParamsToContext(context, subjectId, resource, requestedPermission);
}
- // Before doing any processing, check if request coming
- // from DevOwner and if so, always GRANT.
- if (IsRequestFromDevOwner(context))
+ // Before doing any ACL processing, check if request a) coming
+ // from DevOwner AND b) the device is not in Ready for Normal Operation
+ // state (which in IoTivity is equivalent to isOp == true) AND c)
+ // the request is for a SVR resource. If all 3 are met, grant request.
+ if (IsRequestFromDevOwner(context) // if from DevOwner
+ && (GetPstatIsop() == false) // AND if isOp == false
+ && (context->resourceType != NOT_A_SVR_RESOURCE)) // AND if SVR type
{
context->retVal = ACCESS_GRANTED;
}