ADD_DEFINITIONS("-fPIC")
# Set compiler warning flags
-#ADD_DEFINITIONS("-Werror") # Make all warnings into errors.
+ADD_DEFINITIONS("-Werror") # Make all warnings into errors.
ADD_DEFINITIONS("-Wall") # Generate all warnings
ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings
if (!pp_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- try {
- *pp_policy = new policy_h;
-
- } catch (std::bad_alloc& ex) {
+ auto policy = new (std::nothrow) AuthPasswd::Policy;
+ if (policy == nullptr)
return AUTH_PASSWD_API_ERROR_OUT_OF_MEMORY;
- }
- (*pp_policy)->policyFlag = 0;
+ *pp_policy = reinterpret_cast<policy_h *>(policy);
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_USER);
- p_policy->uid = uid;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_USER);
+ policy->uid = uid;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_MAX_ATTEMPTS);
- p_policy->maxAttempts = max_attempts;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ /* TODO: set flag & value in atomic operation */
+ policy->setFlag(POLICY_MAX_ATTEMPTS);
+ policy->maxAttempts = max_attempts;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_VALID_PERIOD);
- p_policy->validPeriod = valid_days;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_VALID_PERIOD);
+ policy->validPeriod = valid_days;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_HISTORY_SIZE);
- p_policy->historySize = history_size;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_HISTORY_SIZE);
+ policy->historySize = history_size;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_MIN_LENGTH);
- p_policy->minLength = min_length;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_MIN_LENGTH);
+ policy->minLength = min_length;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_MIN_COMPLEX_CHAR_NUMBER);
- p_policy->minComplexCharNumber = val;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_MIN_COMPLEX_CHAR_NUMBER);
+ policy->minComplexCharNumber = val;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_MAX_CHAR_OCCURRENCES);
- p_policy->maxCharOccurrences = val;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_MAX_CHAR_OCCURRENCES);
+ policy->maxCharOccurrences = val;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_MAX_NUMERIC_SEQ_LENGTH);
- p_policy->maxNumSeqLength = val;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_MAX_NUMERIC_SEQ_LENGTH);
+ policy->maxNumSeqLength = val;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!p_policy)
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_QUALITY_TYPE);
- p_policy->qualityType = quality_type;
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_QUALITY_TYPE);
+ policy->qualityType = quality_type;
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!pattern)
pattern = AuthPasswd::NO_PATTERN;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_PATTERN);
- p_policy->pattern = std::string(pattern);
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_PATTERN);
+ policy->pattern = std::string(pattern);
+
return AUTH_PASSWD_API_SUCCESS;
}
if (!forbidden_passwd)
forbidden_passwd = AuthPasswd::NO_FORBIDDEND_PASSWORD;
- p_policy->policyFlag = p_policy->policyFlag | (1 << POLICY_FORBIDDEN_PASSWDS);
- p_policy->forbiddenPasswds.push_back(forbidden_passwd);
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+ policy->setFlag(POLICY_FORBIDDEN_PASSWDS);
+ policy->forbiddenPasswds.push_back(forbidden_passwd);
+
return AUTH_PASSWD_API_SUCCESS;
}
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
}
- if (!(p_policy->policyFlag & (1 << POLICY_USER)))
+ auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy);
+
+ if (!policy->isFlagOn(POLICY_USER))
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
MessageBuffer send, recv;
Serialization::Serialize(send, static_cast<int>(PasswordHdrs::HDR_SET_PASSWD_POLICY));
- Serialization::Serialize(send, p_policy->policyFlag);
- Serialization::Serialize(send, p_policy->uid);
- Serialization::Serialize(send, p_policy->maxAttempts);
- Serialization::Serialize(send, p_policy->validPeriod);
- Serialization::Serialize(send, p_policy->historySize);
- Serialization::Serialize(send, p_policy->minLength);
- Serialization::Serialize(send, p_policy->minComplexCharNumber);
- Serialization::Serialize(send, p_policy->maxCharOccurrences);
- Serialization::Serialize(send, p_policy->maxNumSeqLength);
- Serialization::Serialize(send, p_policy->qualityType);
- Serialization::Serialize(send, p_policy->pattern);
- Serialization::Serialize(send, p_policy->forbiddenPasswds);
+ Serialization::Serialize(send, policy->flag);
+ Serialization::Serialize(send, policy->uid);
+ Serialization::Serialize(send, policy->maxAttempts);
+ Serialization::Serialize(send, policy->validPeriod);
+ Serialization::Serialize(send, policy->historySize);
+ Serialization::Serialize(send, policy->minLength);
+ Serialization::Serialize(send, policy->minComplexCharNumber);
+ Serialization::Serialize(send, policy->maxCharOccurrences);
+ Serialization::Serialize(send, policy->maxNumSeqLength);
+ Serialization::Serialize(send, policy->qualityType);
+ Serialization::Serialize(send, policy->pattern);
+ Serialization::Serialize(send, policy->forbiddenPasswds);
int retCode = sendToServer(SERVICE_SOCKET_PASSWD_POLICY, send.Pop(), recv);
if (AUTH_PASSWD_API_SUCCESS != retCode) {
AUTH_PASSWD_API
void auth_passwd_free_policy(policy_h *p_policy)
{
- delete p_policy;
+ delete (reinterpret_cast<AuthPasswd::Policy *>(p_policy));
}
AUTH_PASSWD_API
#include <string>
#include <auth-passwd-policy-types.h>
-struct auth_password_policy {
+namespace AuthPasswd {
+
+extern const size_t MAX_PASSWORD_LEN;
+extern const unsigned int MAX_PASSWORD_HISTORY;
+extern const unsigned int MAX_PASSWORD_ATTEMPTS;
+extern const unsigned int PASSWORD_INFINITE_EXPIRATION_DAYS;
+extern const unsigned int PASSWORD_INFINITE_ATTEMPT_COUNT;
+extern const unsigned int PASSWORD_API_NO_EXPIRATION;
+
+extern const char* NO_PASSWORD;
+extern const char* NO_PATTERN;
+extern const char* NO_FORBIDDEND_PASSWORD;
+
+extern const std::string REGEX_QUALITY_UNSPECIFIED;
+extern const std::string REGEX_QUALITY_SOMETHING;
+extern const std::string REGEX_QUALITY_NUMERIC;
+extern const std::string REGEX_QUALITY_ALPHABETIC;
+extern const std::string REGEX_QUALITY_ALPHANUMERIC;
+
+struct Policy {
+ Policy();
+ ~Policy();
+
+ inline void setFlag(password_policy_type field)
+ {
+ flag |= (1 << field);
+ }
- int policyFlag;
+ inline bool isFlagOn(password_policy_type field)
+ {
+ return (flag & (1 << field)) ? true : false;
+ }
+
+ // XOR-ed value of password_policy_type enum
+ int flag;
uid_t uid;
std::vector<std::string> forbiddenPasswds;
};
-namespace AuthPasswd {
-
-extern const size_t MAX_PASSWORD_LEN;
-extern const unsigned int MAX_PASSWORD_HISTORY;
-extern const unsigned int MAX_PASSWORD_ATTEMPTS;
-extern const unsigned int PASSWORD_INFINITE_EXPIRATION_DAYS;
-extern const unsigned int PASSWORD_INFINITE_ATTEMPT_COUNT;
-extern const unsigned int PASSWORD_API_NO_EXPIRATION;
-
-extern const char* NO_PASSWORD;
-extern const char* NO_PATTERN;
-extern const char* NO_FORBIDDEND_PASSWORD;
-
-extern const std::string REGEX_QUALITY_UNSPECIFIED;
-extern const std::string REGEX_QUALITY_SOMETHING;
-extern const std::string REGEX_QUALITY_NUMERIC;
-extern const std::string REGEX_QUALITY_ALPHABETIC;
-extern const std::string REGEX_QUALITY_ALPHANUMERIC;
-
}
#endif // _AUTH_PASSWD_POLICY_H_
const std::string REGEX_QUALITY_ALPHABETIC = "^[A-Za-z]+$";
const std::string REGEX_QUALITY_ALPHANUMERIC = "^[A-Za-z0-9]+$";
+Policy::Policy() : flag(0)
+{
+}
+
+Policy::~Policy()
+{
+}
+
} // namespace AuthPasswd
extern "C" {
#endif
-typedef struct auth_password_policy policy_h;
+typedef struct _policy_h policy_h;
typedef enum {
POLICY_USER,
unsigned int user);
// policy setting functions
- int setPolicy(auth_password_policy policy);
+ int setPolicy(Policy policy);
// policy disabling functions
int disablePolicy(unsigned int user);
switch (hdr) {
case PasswordHdrs::HDR_SET_PASSWD_POLICY: {
- auth_password_policy policy;
+ Policy policy;
- Deserialization::Deserialize(buffer, policy.policyFlag);
+ Deserialization::Deserialize(buffer, policy.flag);
Deserialization::Deserialize(buffer, policy.uid);
Deserialization::Deserialize(buffer, policy.maxAttempts);
Deserialization::Deserialize(buffer, policy.validPeriod);
result = m_policyManager.setPolicy(policy);
if (result == AUTH_PASSWD_API_SUCCESS) {
- if (policy.policyFlag & (1 << POLICY_MAX_ATTEMPTS))
+ if (policy.isFlagOn(POLICY_MAX_ATTEMPTS))
m_pwdManager.setPasswordMaxAttempts(policy.uid, policy.maxAttempts);
- if (policy.policyFlag & (1 << POLICY_VALID_PERIOD))
+ if (policy.isFlagOn(POLICY_VALID_PERIOD))
m_pwdManager.setPasswordValidity(policy.uid, policy.validPeriod);
- if (policy.policyFlag & (1 << POLICY_HISTORY_SIZE))
+ if (policy.isFlagOn(POLICY_HISTORY_SIZE))
m_pwdManager.setPasswordHistory(policy.uid, policy.historySize);
}
break;
return AUTH_PASSWD_API_SUCCESS;
}
- int PolicyManager::setPolicy(auth_password_policy policy)
+ int PolicyManager::setPolicy(Policy policy)
{
LogSecureDebug("Inside setPolicy function.");
// check if policies are correct
for (int i = POLICY_TYPE_FIRST ; i < POLICY_TYPE_LAST+1 ; i++) {
- if (policy.policyFlag & (1 << i)) {
- switch (i) {
- case POLICY_MAX_ATTEMPTS:
- break;
-
- case POLICY_VALID_PERIOD: {
- time_t curTime = time(NULL);
- if (policy.validPeriod > ((UINT_MAX - curTime) / 86400)) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
+ if (!policy.isFlagOn(static_cast<password_policy_type>(i)))
+ continue;
+
+ switch (i) {
+ case POLICY_MAX_ATTEMPTS:
+ break;
+
+ case POLICY_VALID_PERIOD: {
+ time_t curTime = time(NULL);
+ if (policy.validPeriod > ((UINT_MAX - curTime) / 86400)) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
}
+ break;
+ }
- case POLICY_HISTORY_SIZE:
- if (policy.historySize > MAX_PASSWORD_HISTORY) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_MIN_LENGTH:
- if (policy.minLength > MAX_PASSWORD_LEN) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_MIN_COMPLEX_CHAR_NUMBER:
- if (policy.minComplexCharNumber > MAX_PASSWORD_LEN) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_MAX_CHAR_OCCURRENCES:
- if (policy.maxCharOccurrences > MAX_PASSWORD_LEN) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_MAX_NUMERIC_SEQ_LENGTH:
- if (policy.maxNumSeqLength > MAX_PASSWORD_LEN) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_QUALITY_TYPE:
- if (policy.qualityType > AUTH_PWD_QUALITY_LAST) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_PATTERN:
- if (!itPolicy->second.isValidPattern(policy.pattern)) {
- LogError("Incorrect input param.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
- break;
-
- case POLICY_FORBIDDEN_PASSWDS:
- break;
-
- default:
- LogError("Not supported policy type.");
+ case POLICY_HISTORY_SIZE:
+ if (policy.historySize > MAX_PASSWORD_HISTORY) {
+ LogError("Incorrect input param.");
return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
+ }
+ break;
+
+ case POLICY_MIN_LENGTH:
+ if (policy.minLength > MAX_PASSWORD_LEN) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_MIN_COMPLEX_CHAR_NUMBER:
+ if (policy.minComplexCharNumber > MAX_PASSWORD_LEN) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_MAX_CHAR_OCCURRENCES:
+ if (policy.maxCharOccurrences > MAX_PASSWORD_LEN) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_MAX_NUMERIC_SEQ_LENGTH:
+ if (policy.maxNumSeqLength > MAX_PASSWORD_LEN) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_QUALITY_TYPE:
+ if (policy.qualityType > AUTH_PWD_QUALITY_LAST) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_PATTERN:
+ if (!itPolicy->second.isValidPattern(policy.pattern)) {
+ LogError("Incorrect input param.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ }
+ break;
+
+ case POLICY_FORBIDDEN_PASSWDS:
+ break;
+
+ default:
+ LogError("Not supported policy type.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
}
}
// update policies
for (int i = POLICY_TYPE_FIRST ; i < POLICY_TYPE_LAST+1 ; i++) {
- if (policy.policyFlag & (1 << i)) {
- switch (i) {
- case POLICY_MAX_ATTEMPTS:
- LogSecureDebug("maxAttempts: " << policy.maxAttempts);
- break;
-
- case POLICY_VALID_PERIOD:
- LogSecureDebug("validPeriod: " << policy.validPeriod);
- break;
-
- case POLICY_HISTORY_SIZE:
- LogSecureDebug("historySize: " << policy.historySize);
- break;
-
- case POLICY_MIN_LENGTH:
- LogSecureDebug("minLength: " << policy.minLength);
- itPolicy->second.setMinLength(policy.minLength);
- break;
-
- case POLICY_MIN_COMPLEX_CHAR_NUMBER:
- LogSecureDebug("minComplexCharNumber: " << policy.minComplexCharNumber);
- itPolicy->second.setMinComplexCharNumber(policy.minComplexCharNumber);
- break;
-
- case POLICY_MAX_CHAR_OCCURRENCES:
- LogSecureDebug("maxCharOccurrences: " << policy.maxCharOccurrences);
- itPolicy->second.setMaxCharOccurrences(policy.maxCharOccurrences);
- break;
-
- case POLICY_MAX_NUMERIC_SEQ_LENGTH:
- LogSecureDebug("maxNumSeqLength: " << policy.maxNumSeqLength);
- itPolicy->second.setMaxNumSeqLength(policy.maxNumSeqLength);
- break;
-
- case POLICY_QUALITY_TYPE:
- LogSecureDebug("qualityType: " << policy.qualityType);
- itPolicy->second.setQualityType(policy.qualityType);
- break;
-
- case POLICY_PATTERN:
- LogSecureDebug("pattern: " << policy.pattern);
- itPolicy->second.setPattern(policy.pattern);
- break;
-
- case POLICY_FORBIDDEN_PASSWDS:
- LogSecureDebug("forbiddenPasswds number: " << policy.forbiddenPasswds.size());
- itPolicy->second.setForbiddenPasswds(policy.forbiddenPasswds);
- break;
-
- default:
- LogError("Not supported policy type.");
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- }
+ if (!policy.isFlagOn(static_cast<password_policy_type>(i)))
+ continue;
+
+ switch (i) {
+ case POLICY_MAX_ATTEMPTS:
+ LogSecureDebug("maxAttempts: " << policy.maxAttempts);
+ break;
+
+ case POLICY_VALID_PERIOD:
+ LogSecureDebug("validPeriod: " << policy.validPeriod);
+ break;
+
+ case POLICY_HISTORY_SIZE:
+ LogSecureDebug("historySize: " << policy.historySize);
+ break;
+
+ case POLICY_MIN_LENGTH:
+ LogSecureDebug("minLength: " << policy.minLength);
+ itPolicy->second.setMinLength(policy.minLength);
+ break;
+
+ case POLICY_MIN_COMPLEX_CHAR_NUMBER:
+ LogSecureDebug("minComplexCharNumber: " << policy.minComplexCharNumber);
+ itPolicy->second.setMinComplexCharNumber(policy.minComplexCharNumber);
+ break;
+
+ case POLICY_MAX_CHAR_OCCURRENCES:
+ LogSecureDebug("maxCharOccurrences: " << policy.maxCharOccurrences);
+ itPolicy->second.setMaxCharOccurrences(policy.maxCharOccurrences);
+ break;
+
+ case POLICY_MAX_NUMERIC_SEQ_LENGTH:
+ LogSecureDebug("maxNumSeqLength: " << policy.maxNumSeqLength);
+ itPolicy->second.setMaxNumSeqLength(policy.maxNumSeqLength);
+ break;
+
+ case POLICY_QUALITY_TYPE:
+ LogSecureDebug("qualityType: " << policy.qualityType);
+ itPolicy->second.setQualityType(policy.qualityType);
+ break;
+
+ case POLICY_PATTERN:
+ LogSecureDebug("pattern: " << policy.pattern);
+ itPolicy->second.setPattern(policy.pattern);
+ break;
+
+ case POLICY_FORBIDDEN_PASSWDS:
+ LogSecureDebug("forbiddenPasswds number: " << policy.forbiddenPasswds.size());
+ itPolicy->second.setForbiddenPasswds(policy.forbiddenPasswds);
+ break;
+
+ default:
+ LogError("Not supported policy type.");
+ return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
}
}
+
itPolicy->second.enable();
itPolicy->second.writeMemoryToFile();
projects / platform / core / security / auth-fw.git / commitdiff