Rule #1. Default sw-backend is supported.
Rule #2. tz-backend's priority is higher than sw-backend.
Rule #3. For support tz-backend, install tz-backend to plugin path.
Change-Id: I0e5ad3abf0ad437bb5b5a75e55b71d899530895d
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
ADD_DEFINITIONS("-DSOCK_PASSWD_SET=\"${SOCK_PASSWD_SET}\"")
ADD_DEFINITIONS("-DSOCK_PASSWD_RESET=\"${SOCK_PASSWD_RESET}\"")
ADD_DEFINITIONS("-DSOCK_PASSWD_POLICY=\"${SOCK_PASSWD_POLICY}\"")
+ADD_DEFINITIONS("-DPLUGIN_SW_BACKEND_PATH=\"${PLUGIN_SW_BACKEND_PATH}\"")
+ADD_DEFINITIONS("-DPLUGIN_TZ_BACKEND_PATH=\"${PLUGIN_TZ_BACKEND_PATH}\"")
IF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG")
# image creation error occured if /usr/sbin used for ldconfig
#%global sbin_dir %{?TZ_SYS_SBIN:%TZ_SYS_SBIN}%{!?TZ_SYS_SBIN:%_sbindir}
%global sbin_dir /sbin
+%global plugin_dir %{_datadir}/auth-fw
%global rw_data_dir %{?TZ_SYS_DATA:%TZ_SYS_DATA/%name}%{!?TZ_SYS_DATA:/opt/data/%name}
%global sock_passwd_check %{name}-passwd-check.socket
%global sock_passwd_set %{name}-passwd-set.socket
-DSYS_CONFIG_DIR:PATH=%{_sysconfdir} \
-DRUN_DIR:PATH=%{run_dir} \
-DRW_DATA_DIR:PATH=%{rw_data_dir} \
+ -DPLUGIN_DIR:PATH=%{plugin_dir} \
+ -DPLUGIN_SW_BACKEND_PATH=%{plugin_dir}/lib%{name}-sw-backend.so.%{version} \
+ -DPLUGIN_TZ_BACKEND_PATH=%{plugin_dir}/lib%{name}-tz-backend.so.%{version} \
-DSYSTEMD_UNIT_DIR:PATH=%{_unitdir} \
-DINCLUDE_DIR:PATH=%{_includedir} \
-DSOCK_PASSWD_CHECK=%{sock_passwd_check} \
%files -n lib%{name}-client-devel
%{_libdir}/lib%{name}-client.so
%{_libdir}/lib%{name}-client-admin.so
-%{_libdir}/lib%{name}-sw-backend.so
%{_libdir}/lib%{name}-commons.so
%{_includedir}/%{name}/auth-passwd.h
%{_includedir}/%{name}/auth-passwd-admin.h
%files -n lib%{name}-sw-backend
%manifest lib%{name}-sw-backend.manifest
%license LICENSE
-%{_libdir}/lib%{name}-sw-backend.so.*
+%{plugin_dir}/lib%{name}-sw-backend.so
+%{plugin_dir}/lib%{name}-sw-backend.so.*
## Test Package ##############################################################
%package test
#ifndef AUTHPASSWD_SINGLETON_H
#define AUTHPASSWD_SINGLETON_H
+#include <symbol-visibility.h>
+
namespace AuthPasswd {
template<typename Class>
-class Singleton :
+class COMMON_API Singleton :
private Class {
//
// Note:
REQUIRED
libsmack
libsystemd-daemon
- openssl
)
FIND_PACKAGE(Threads REQUIRED)
service/password-manager.cpp
service/policy-file.cpp
service/policy-manager.cpp
+ service/plugin-loader.cpp
+ service/plugin-manager.cpp
plugin/generic-backend/password-file-buffer.cpp
-
- # TODO: Replace with dynamic load. (Temporary included for TDD)
- plugin/sw-backend/password-file.cpp
)
SET_SOURCE_FILES_PROPERTIES(${SERVER_SOURCES}
openssl
)
-FIND_PACKAGE(Threads REQUIRED)
-
INCLUDE_DIRECTORIES(
SYSTEM
${SW_BACKEND_DEP_INCLUDE_DIRS}
TARGET_LINK_LIBRARIES(${TARGET_SW_BACKEND} ${SW_BACKEND_DEP_LIBRARIES} ${TARGET_COMMON})
-INSTALL(TARGETS ${TARGET_SW_BACKEND} DESTINATION ${LIB_INSTALL_DIR})
+INSTALL(TARGETS ${TARGET_SW_BACKEND} DESTINATION ${PLUGIN_DIR})
virtual bool isHistoryActive() const = 0;
};
-using PasswordFileFactory = IPasswordFile* (*)(unsigned int);
+using PasswordFileFactory = AuthPasswd::IPasswordFile* (*)(unsigned int);
} //namespace AuthPasswd
#include <password-exception.h>
#include <generic-backend/password-file-buffer.h>
+extern "C" {
+
+AuthPasswd::IPasswordFile* PasswordFileFactory(unsigned int user)
+{
+ return new AuthPasswd::SWBackend::PasswordFile(user);
+}
+
+} // extern "C"
+
namespace {
const std::string PASSWORD_FILE = "/password";
const std::string OLD_VERSION_PASSWORD_FILE = "/password.old";
#include <map>
#include <memory>
+#include <plugin-manager.h>
+
#include <generic-backend/ipassword-file.h>
namespace AuthPasswd {
-class PasswordManager {
+class PasswordManager final {
public:
typedef std::map<unsigned int, std::shared_ptr<IPasswordFile>> PasswordFileMap;
+ PasswordManager();
+ ~PasswordManager() = default;
+
//checking functions
//no const in checkPassword, attempts are update
int checkPassword(unsigned int passwdType, const std::string &challenge,
void existPassword(unsigned int user);
PasswordFileMap m_pwdFile;
+ PasswordFileFactory m_factory = nullptr;
+
+ PluginManager m_pluginManager;
};
} //namespace AuthPasswd
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file plugin-loader.h
+ * @author Sangwan Kwon(sangwan.kwon@samsung.com)
+ * @version 1.0
+ * @brief Plugin loader for loading backend.
+ */
+#pragma once
+
+#include <string>
+#include <stdexcept>
+
+#include <dlfcn.h>
+
+namespace AuthPasswd {
+
+class PluginLoader final {
+public:
+ explicit PluginLoader(const std::string& path, int flag = RTLD_LAZY);
+ ~PluginLoader();
+
+ PluginLoader(const PluginLoader&) = delete;
+ PluginLoader& operator=(const PluginLoader&) = delete;
+
+ PluginLoader(PluginLoader&&) = delete;
+ PluginLoader& operator=(PluginLoader&&) = delete;
+
+ template<typename T>
+ void load(const std::string& name, T& symbol);
+
+private:
+ void* m_handle;
+};
+
+template<typename T>
+void PluginLoader::load(const std::string& name, T& symbol)
+{
+ symbol = reinterpret_cast<T>(::dlsym(m_handle, name.c_str()));
+ if (symbol == nullptr)
+ throw std::runtime_error("Failed to load: " + name);
+}
+
+} //namespace AuthPasswd
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file plugin-manager.h
+ * @author Sangwan Kwon(sangwan.kwon@samsung.com)
+ * @version 1.0
+ * @brief Plugin manager for binding backend.
+ */
+#pragma once
+
+#include <string>
+#include <memory>
+
+#include <plugin-loader.h>
+
+namespace AuthPasswd {
+
+enum class BackendType {
+ SW,
+ TZ
+};
+
+class PluginManager final {
+public:
+ explicit PluginManager() noexcept = default;
+ ~PluginManager() = default;
+
+ PluginManager(const PluginManager&) = delete;
+ PluginManager& operator=(const PluginManager&) = delete;
+
+ PluginManager(PluginManager&&) = delete;
+ PluginManager& operator=(PluginManager&&) = delete;
+
+ bool isSupport(BackendType type) const noexcept;
+
+ void setBackend(BackendType type);
+
+ template<typename T>
+ void loadFactory(const std::string& name, T& factory);
+
+private:
+ std::string getPluginPath(BackendType type) const noexcept;
+
+ std::shared_ptr<PluginLoader> m_loader = nullptr;
+};
+
+template<typename T>
+void PluginManager::loadFactory(const std::string& name, T& factory)
+{
+ m_loader->load(name, factory);
+}
+
+} //namespace AuthPasswd
#include <policy.h>
-// TODO(sangwan.kwon): Replace with dynamic load.
-#include <sw-backend/password-file.h>
-
namespace {
void calculateExpiredTime(unsigned int receivedDays, time_t &validSecs)
{
validSecs = (curTime + (receivedDays * 86400));
return;
}
+} //namespace
-AuthPasswd::IPasswordFile* CreatePasswordFile(unsigned int user)
+namespace AuthPasswd {
+
+PasswordManager::PasswordManager()
{
- return new AuthPasswd::SWBackend::PasswordFile(user);
-}
+ if (m_pluginManager.isSupport(BackendType::TZ)) {
+ m_pluginManager.setBackend(BackendType::TZ);
+ LogDebug("Success to set TZ-Backend.");
+ } else {
+ m_pluginManager.setBackend(BackendType::SW);
+ LogDebug("Success to set SW-Backend.");
+ }
-} //namespace
+ m_pluginManager.loadFactory("PasswordFileFactory", m_factory);
+}
-namespace AuthPasswd {
void PasswordManager::addPassword(unsigned int user)
{
- PasswordFileFactory factory = &CreatePasswordFile;
- std::shared_ptr<IPasswordFile> passwordFile((*factory)(user));
+ std::shared_ptr<IPasswordFile> passwordFile((*m_factory)(user));
m_pwdFile.insert(PasswordFileMap::value_type(user, passwordFile));
}
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file plugin-loader.cpp
+ * @author Sangwan Kwon(sangwan.kwon@samsung.com)
+ * @version 1.0
+ * @brief Implementation of plugin loader.
+ */
+#include <plugin-loader.h>
+
+namespace AuthPasswd {
+
+PluginLoader::PluginLoader(const std::string& path, int flag)
+ : m_handle(::dlopen(path.c_str(), flag))
+{
+ if (m_handle == nullptr)
+ throw std::invalid_argument("Failed to open: " + path);
+}
+
+PluginLoader::~PluginLoader()
+{
+ ::dlclose(m_handle);
+}
+
+} // namespace AuthPasswd
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file plugin-manager.cpp
+ * @author Sangwan Kwon(sangwan.kwon@samsung.com)
+ * @version 1.0
+ * @brief Implementation of plugin manager.
+ */
+#include <plugin-manager.h>
+
+#include <fstream>
+
+namespace AuthPasswd {
+
+bool PluginManager::isSupport(BackendType type) const noexcept
+{
+ if (std::ifstream(this->getPluginPath(type)))
+ return true;
+ else
+ return false;
+}
+
+void PluginManager::setBackend(BackendType type)
+{
+ m_loader = std::make_shared<PluginLoader>(this->getPluginPath(type));
+}
+
+std::string PluginManager::getPluginPath(BackendType type) const noexcept
+{
+ if (type == BackendType::SW)
+ return PLUGIN_SW_BACKEND_PATH;
+ else
+ return PLUGIN_TZ_BACKEND_PATH;
+}
+
+} //namespace AuthPasswd
SET(TEST_SRCS main.cpp
test-util.cpp
test-client.cpp
- test-admin.cpp)
+ test-admin.cpp
+ test-sw-backend.cpp
+
+ ${SERVER_PATH}/service/plugin-loader.cpp
+ ${SERVER_PATH}/service/plugin-manager.cpp)
PKG_CHECK_MODULES(${TARGET_TEST}_DEP REQUIRED klay)
INCLUDE_DIRECTORIES(SYSTEM ${${TARGET_TEST}_DEP_INCLUDE_DIRS}
- ${INCLUDE_PATH})
+ ${INCLUDE_PATH}
+ ${SERVER_PATH}/service/include
+ ${DPL_PATH}/core/include
+ ${DPL_PATH}/log/include
+ ${PLUGIN_PATH})
ADD_EXECUTABLE(${TARGET_TEST} ${TEST_SRCS})
TARGET_LINK_LIBRARIES(${TARGET_TEST} ${${TARGET_TEST}_DEP_LIBRARIES}
${TARGET_CLIENT}
- ${TARGET_CLIENT_ADMIN})
+ ${TARGET_CLIENT_ADMIN}
+ ${TARGET_SW_BACKEND}
+ -ldl)
SET_TARGET_PROPERTIES(${TARGET_TEST} PROPERTIES COMPILE_FLAGS "-fPIE")
SET_TARGET_PROPERTIES(${TARGET_TEST} PROPERTIES LINK_FLAGS "-pie")
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file test-sw-backend.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 1.0
+ * @brief Testcases of PasswordFile(SW-Backend)
+ */
+
+#include <klay/testbench.h>
+
+#include <plugin-manager.h>
+
+#include <generic-backend/ipassword-file.h>
+#include <sw-backend/password-file.h>
+
+using namespace AuthPasswd;
+
+TESTCASE(T00300_is_support)
+{
+ PluginManager pm;
+
+ TEST_EXPECT(true, pm.isSupport(BackendType::SW));
+ TEST_EXPECT(false, pm.isSupport(BackendType::TZ));
+}
+
+TESTCASE(T00301_bind_backend)
+{
+ PluginManager pm;
+ pm.setBackend(BackendType::SW);
+
+ PasswordFileFactory factory = nullptr;
+ pm.loadFactory("PasswordFileFactory", factory);
+
+ TEST_EXPECT(true, factory != nullptr);
+
+ std::shared_ptr<IPasswordFile> passwdFile((*factory)(5001));
+ TEST_EXPECT(true, passwdFile != nullptr);
+}
projects / platform / core / security / auth-fw.git / commitdiff