ADD_DEFINITIONS("-DCA_CERTS_DIR=\"${CA_CERTS_DIR}\"")
ADD_DEFINITIONS("-DSYSTEMD_ENV_FILE=\"${SYSTEMD_ENV_FILE}\"")
-IF(CKM_PERMISSIVE_MODE)
- ADD_DEFINITIONS("-DCKM_PERMISSIVE_MODE")
-ENDIF(CKM_PERMISSIVE_MODE)
-
SET(KEY_MANAGER_PATH ${PROJECT_SOURCE_DIR}/src/manager)
IF(NOT DEFINED COVERAGE_DIR)
%global initial_values_dir_rw %{rw_data_dir}/initial_values
%global ca_certs_dir %{?TZ_SYS_CA_CERTS:%TZ_SYS_CA_CERTS}%{!?TZ_SYS_CA_CERTS:%ro_etc_dir/ssl/certs}
%global dump_legacy_db_libname key-manager-dump-legacy-database
-%global ckm_permissive_mode %{?dev_wos:%dev_wos}%{!?dev_wos:0}
%description
Central Key Manager daemon could be used as secure storage
-DCOVERAGE_DIR=%{coverage_dir} \
%if %{coverage_only}
-DCOVERAGE_ONLY=ON \
-%endif
-%if %{ckm_permissive_mode} == 1
- -DCKM_PERMISSIVE_MODE="ON" \
%endif
-DDUMP_LEGACY_DB_LIBNAME=%{dump_legacy_db_libname}
namespace CKM {
-#ifndef CKM_PERMISSIVE_MODE
namespace {
int getPkgIdFromSocket(int sock, std::string &pkgId)
return assignToString(result, length, res);
}
-#endif
void Socket2Id::mapToDomainClient(std::string &pkgId)
{
m_stringMap.clear();
}
-int Socket2Id::translate(__attribute__((unused)) int sock, std::string &result)
+int Socket2Id::translate(int sock, std::string &result)
{
-#ifdef CKM_PERMISSIVE_MODE
- result = "/System";
- return 0;
-#else
std::string smack;
if (0 > getCredentialsFromSocket(sock, smack))
result = pkgId;
m_stringMap.emplace(std::move(smack), std::move(pkgId));
return 0;
-#endif
}
} // namespace CKM
projects / platform / core / security / key-manager.git / commitdiff