Prepare release for tizen.org

Changes:
 * Reset manifest.
 * Security policy for security-server sockets has been removed.
 * Minor fixes required by g++ 4.8.
 * Removed unused code.
 * Version update.
 * Fix conflicts in manifest file.

[Issue#]   SSDWSSP-816
[Bug]      N/A
[Cause]    N/A
[Solution] N/A

[Verification] N/A

Change-Id: I39e55c0355f561465b8f3ae777e6bcd46097ec86

diff --git a/CMakeLists.txt b/CMakeLists.txt
index c6f634c..476b94a 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -50,6 +50,7 @@ ADD_DEFINITIONS("-Wextra")                      # Generate even more extra warni
 
 STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}")
 ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"")
+
 ADD_DEFINITIONS("-DSMACK_ENABLED")
 
 IF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
@@ -61,13 +62,6 @@ SET(TARGET_SECURITY_SERVER "security-server")
 SET(TARGET_SECURITY_CLIENT "security-server-client")
 SET(TARGET_SERVER_COMMON "security-server-commons")
 
-INSTALL(FILES
-    ${CMAKE_SOURCE_DIR}/packaging/libsecurity-server-client.manifest
-    ${CMAKE_SOURCE_DIR}/packaging/security-server.manifest
-    DESTINATION
-    /usr/share
-)
-
 ADD_SUBDIRECTORY(src)
 ADD_SUBDIRECTORY(build)
 ADD_SUBDIRECTORY(systemd)

diff --git a/packaging/security-server.manifest b/packaging/security-server.manifest
index 5bb6fbf..017d22d 100644 (file)
--- a/packaging/security-server.manifest
+++ b/packaging/security-server.manifest
@@ -1,30 +1,5 @@
 <manifest>
-       <define>
-               <domain name="security-server" />
-               <provide>
-                       <label name="security-server::daemon" />
-                       <label name="security-server::db" />
-                       <label name="security-server::api-app-permissions" />
-                       <label name="security-server::api-app-privilege-by-name" />
-                       <label name="security-server::api-cookie-check" />
-                       <label name="security-server::api-cookie-get" />
-                       <label name="security-server::api-data-share" />
-                       <label name="security-server::api-privilege-by-pid" />
-                       <label name="security-server::api-get-smacklabel-socket" />
-                       <label name="security-server::api-get-object-name" />
-                       <label name="security-server::api-get-gid" />
-                       <label name="security-server::api-password-check" />
-                       <label name="security-server::api-password-set" />
-                       <label name="security-server::api-password-reset" />
-                       <label name="security-server::api-open-for" />
-                       <label name="security-server::audit-files" />
-               </provide>
-       </define>
-       <request>
-               <domain name="_" />
-       </request>
-       <assign>
-               <filesystem path="/etc/security/security-server-audit.conf" label="security-server::audit-files" />
-           <filesystem path="/usr/bin/security-server" label="security-server" exec_label="security-server"/>
-       </assign>
+ <request>
+    <domain name="_"/>
+ </request>
 </manifest>

diff --git a/packaging/security-server.spec b/packaging/security-server.spec
index 7e776a4..4bca923 100644 (file)
--- a/packaging/security-server.spec
+++ b/packaging/security-server.spec
@@ -1,19 +1,18 @@
 Name:       security-server
 Summary:    Security server and utilities
-Version:    0.0.73
+Version:    0.0.118
 Release:    1
 Group:      Security/Service
 License:    Apache-2.0
 Source0:    %{name}-%{version}.tar.gz
+Source1:    security-server.manifest
+Source2:    libsecurity-server-client.manifest
 BuildRequires: cmake
 BuildRequires: zip
 BuildRequires: pkgconfig(dlog)
 BuildRequires: pkgconfig(openssl)
 BuildRequires: libattr-devel
 BuildRequires: pkgconfig(libsmack)
-Requires(preun):  systemd
-Requires(post):   systemd
-Requires(postun): systemd
 BuildRequires: pkgconfig(libprivilege-control)
 BuildRequires: pkgconfig(libsystemd-daemon)
 %{?systemd_requires}
@@ -58,7 +57,8 @@ Certificates for the Tizen Web-Runtime
 
 %prep
 %setup -q
-cp %{SOURCE1001} .
+cp %{SOURCE1} .
+cp %{SOURCE2} .
 
 %build
 %if 0%{?sec_build_binary_debug_enable}
@@ -130,7 +130,8 @@ fi
 %postun -n libsecurity-server-client -p /sbin/ldconfig
 
 %files -n security-server
-%manifest %{_datadir}/security-server.manifest
+%manifest security-server.manifest
+%defattr(-,root,root,-)
 %attr(755,root,root) /usr/bin/security-server
 %{_libdir}/libsecurity-server-commons.so.*
 %attr(-,root,root) /usr/lib/systemd/system/multi-user.target.wants/security-server.service
@@ -163,7 +164,7 @@ fi
 %{_datadir}/license/%{name}
 
 %files -n libsecurity-server-client
-%manifest %{name}.manifest
+%manifest libsecurity-server-client.manifest
 %defattr(-,root,root,-)
 %{_libdir}/libsecurity-server-client.so.*
 %{_datadir}/license/libsecurity-server-client

diff --git a/src/server/client/client-socket-privilege.cpp b/src/server/client/client-socket-privilege.cpp
index 5fcd286..4d90902 100644 (file)
--- a/src/server/client/client-socket-privilege.cpp
+++ b/src/server/client/client-socket-privilege.cpp
@@ -36,37 +36,6 @@
 
 #include <security-server.h>
 
-//static int get_exec_path(pid_t pid, std::string &exe)
-//{
-//    using namespace SecurityServer;
-//
-//    try{
-//        MessageBuffer send, recv;
-//        Serialization::Serialize(send, pid);
-//
-//        int result = sendToServer(
-//                SERVICE_SOCKET_EXEC_PATH,
-//                send.Pop(),
-//                recv);
-//        if(result != SECURITY_SERVER_API_SUCCESS)
-//            return result;
-//
-//        Deserialization::Deserialize(recv, result);
-//        if(result != SECURITY_SERVER_API_SUCCESS)
-//            return result;
-//
-//        Deserialization::Deserialize(recv, exe);
-//        return result;
-//    } catch (MessageBuffer::Exception::Base &e) {
-//        LogDebug("SecurityServer::MessageBuffer::Exception " << e.DumpToString());
-//    } catch (std::exception &e) {
-//        LogDebug("STD exception " << e.what());
-//    } catch (...) {
-//        LogDebug("Unknown exception occured");
-//    }
-//    return SECURITY_SERVER_API_ERROR_UNKNOWN;
-//}
-
 SECURITY_SERVER_API
 int security_server_check_privilege_by_sockfd(int sockfd,
                                               const char *object,
@@ -112,25 +81,7 @@ int security_server_check_privilege_by_sockfd(int sockfd,
         return SECURITY_SERVER_API_ERROR_SOCKET;
     }
 
-    ret = security_server_check_privilege_by_pid(cr.pid, object, access_rights);
-
-    //Getting path for logs
-//    if (SECURITY_SERVER_API_SUCCESS != get_exec_path(cr.pid, path)) {
-//        LogError("Failed to read executable path for process " << cr.pid);
-//    }
-//
-//    if (ret == SECURITY_SERVER_API_SUCCESS)
-//        LogSecureDebug("SS_SMACK: caller_pid=" << cr.pid << ", subject=" <<
-//            (subjectPtr.get() ? subjectPtr.get() : "NULL") << ", object=" <<
-//            object << ", access=" << access_rights << ", result=" <<
-//            ret << ", caller_path=" << path.c_str());
-//    else
-//        LogSecureWarning("SS_SMACK: caller_pid=" << cr.pid << ", subject=" <<
-//            (subjectPtr.get() ? subjectPtr.get() : "NULL") << ", object=" <<
-//            object << ", access=" << access_rights << ", result=" <<
-//            ret << ", caller_path=" << path.c_str());
-
-    return ret;
+    return security_server_check_privilege_by_pid(cr.pid, object, access_rights);
 }
 
 SECURITY_SERVER_API

diff --git a/src/server/service/password-file.cpp b/src/server/service/password-file.cpp
index 79cc549..6f59589 100644 (file)
--- a/src/server/service/password-file.cpp
+++ b/src/server/service/password-file.cpp
@@ -123,10 +123,10 @@ namespace SecurityServer
         unsigned int algorithm;
         Deserialization::Deserialize(stream, algorithm);
         switch (algorithm) {
-            case IPassword::PasswordType::NONE:
+            case (unsigned int)IPassword::PasswordType::NONE:
                 ptr.reset(new NoPassword());
                 break;
-            case IPassword::PasswordType::SHA256:
+            case (unsigned int)IPassword::PasswordType::SHA256:
                 ptr.reset(new SHA256Password(stream));
                 break;
             default:

diff --git a/src/server/service/privilege-by-pid.cpp b/src/server/service/privilege-by-pid.cpp
index bcb8659..bfe34eb 100644 (file)
--- a/src/server/service/privilege-by-pid.cpp
+++ b/src/server/service/privilege-by-pid.cpp
@@ -96,28 +96,6 @@ bool PrivilegeByPidService::processOne(const ConnectionID &conn, MessageBuffer &
         LogDebug("SMACK is not available. Subject label has not been read.");
         retval = 1;
     }
-//    char *path = read_exe_path_from_proc(pid);
-//
-//    if (retval > 0)
-//        LogDebug("SS_SMACK: "
-//                << "caller_pid=" << pid
-//                << ", subject=" << subject
-//                << ", object=" << object
-//                << ", access=" << access_rights
-//                << ", result=" << retval
-//                << ", caller_path=" << path);
-//    else
-//        LogError("SS_SMACK: "
-//                << "caller_pid=" << pid
-//                << ", subject=" << subject
-//                << ", object=" << object
-//                << ", access=" << access_rights
-//                << ", result=" << retval
-//                << ", caller_path=" << path);
-//
-//    if (path != NULL)
-//        free(path);
-
 
     if (retval == 1)   //there is permission
         retCode = SECURITY_SERVER_API_SUCCESS;
@@ -137,7 +115,7 @@ bool PrivilegeByPidService::processOne(const ConnectionID &conn, MessageBuffer &
             << ", object="   << object
             << ", access="   << access_rights
             << ", result="   << retval
-            << ", caller_path=" << (path ? path : ""));
+            << ", caller_path=" << (path ? path : "" ));
 
         free(path);
     }

diff --git a/systemd/security-server-app-permissions.socket b/systemd/security-server-app-permissions.socket
index 814de37..7271ff2 100644 (file)
--- a/systemd/security-server-app-permissions.socket
+++ b/systemd/security-server-app-permissions.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-app-permissions.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-app-permissions
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-app-privilege-by-name.socket b/systemd/security-server-app-privilege-by-name.socket
index b5a032f..da595c3 100644 (file)
--- a/systemd/security-server-app-privilege-by-name.socket
+++ b/systemd/security-server-app-privilege-by-name.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-app-privilege-by-name.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-app-privilege-by-name
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-cookie-check.socket b/systemd/security-server-cookie-check.socket
index ecd953b..0f889a4 100644 (file)
--- a/systemd/security-server-cookie-check.socket
+++ b/systemd/security-server-cookie-check.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-cookie-check.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-cookie-check
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-data-share.socket b/systemd/security-server-data-share.socket
index 4b1f540..bd858c6 100644 (file)
--- a/systemd/security-server-data-share.socket
+++ b/systemd/security-server-data-share.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-data-share.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-data-share
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-get-gid.socket b/systemd/security-server-get-gid.socket
index 0b06c46..0a0852c 100644 (file)
--- a/systemd/security-server-get-gid.socket
+++ b/systemd/security-server-get-gid.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-get-gid.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-get-gid
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-open-for.socket b/systemd/security-server-open-for.socket
index 1c41f2d..a0886a3 100644 (file)
--- a/systemd/security-server-open-for.socket
+++ b/systemd/security-server-open-for.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-open-for.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-open-for
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-password-check.socket b/systemd/security-server-password-check.socket
index 057746c..d3ac5d5 100644 (file)
--- a/systemd/security-server-password-check.socket
+++ b/systemd/security-server-password-check.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-password-check.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-password-check
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-password-reset.socket b/systemd/security-server-password-reset.socket
index 2ce101d..377d722 100644 (file)
--- a/systemd/security-server-password-reset.socket
+++ b/systemd/security-server-password-reset.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-password-reset.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-password-reset
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-password-set.socket b/systemd/security-server-password-set.socket
index 19e677a..0dee1e7 100644 (file)
--- a/systemd/security-server-password-set.socket
+++ b/systemd/security-server-password-set.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-password-set.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-password-set
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service

diff --git a/systemd/security-server-privilege-by-pid.socket b/systemd/security-server-privilege-by-pid.socket
index 8de4cbb..8fd46f2 100644 (file)
--- a/systemd/security-server-privilege-by-pid.socket
+++ b/systemd/security-server-privilege-by-pid.socket
@@ -1,7 +1,7 @@
 [Socket]
 ListenStream=/tmp/.security-server-api-privilege-by-pid.sock
 SocketMode=0777
-SmackLabelIPIn=security-server::api-privilege-by-pid
+SmackLabelIPIn=*
 SmackLabelIPOut=@
 
 Service=security-server.service