--- /dev/null
+--style=1tbs
+--indent=spaces=4
+--pad-oper
+--pad-header
+--max-code-length=120
+--align-pointer=type
+--add-brackets
+--attach-inlines
+--unpad-paren
#include <vector>
#include <jsoncpp/json/writer.h>
-enum IPTablesProtocol
-{
+enum IPTablesProtocol {
UDP,
TCP
};
void setIptablesState(bool on);
void iptablesAddBlock(const std::string& ip, const IPTablesProtocol proto, const unsigned char ports);
void iptablesAddBlock(const std::string& ip, const IPTablesProtocol proto, const std::vector<unsigned short>& ports);
- void iptablesAddBlockRange(const std::string& ip, const IPTablesProtocol proto, unsigned short start_port, unsigned short end_port);
+ void iptablesAddBlockRange(const std::string& ip, const IPTablesProtocol proto, unsigned short start_port,
+ unsigned short end_port);
void iptablesClear();
void iptablesRemoveBlock(const std::string& ip, IPTablesProtocol proto);
- void iptablesAddRule(const std::string& rule)
- {
+ void iptablesAddRule(const std::string& rule) {
iptables_items.push_back(rule);
}
bool directly = false;
#if PROFILE_NAME != 3
-int dpm_firewall_apply_allow_rules(device_policy_manager_h handle, const char* rules){ return 0; }
-int dpm_firewall_flush_allow_rules(device_policy_manager_h handle){ return 0; }
-int dpm_firewall_apply_deny_rules(device_policy_manager_h handle, const char* rules){ return 0; }
-int dpm_firewall_flush_deny_rules(device_policy_manager_h handle){ return 0; }
+int dpm_firewall_apply_allow_rules(device_policy_manager_h handle, const char* rules)
+{
+ return 0;
+}
+int dpm_firewall_flush_allow_rules(device_policy_manager_h handle)
+{
+ return 0;
+}
+int dpm_firewall_apply_deny_rules(device_policy_manager_h handle, const char* rules)
+{
+ return 0;
+}
+int dpm_firewall_flush_deny_rules(device_policy_manager_h handle)
+{
+ return 0;
+}
int dpm_restriction_set_usb_client_state(device_policy_manager_h handle, int allow)
{
return dpm_restriction_set_camera_state(handle, allow);
}
-int dpm_restriction_get_usb_client_state(device_policy_manager_h handle, int *is_allowed)
+int dpm_restriction_get_usb_client_state(device_policy_manager_h handle, int* is_allowed)
{
return dpm_restriction_get_camera_state(handle, is_allowed);
}
-int dpm_restriction_set_sound_state(device_policy_manager_h handle, int allow){ return 0; }
-int dpm_restriction_get_sound_state(device_policy_manager_h handle, int *is_allowed){ return 0; }
-int dpm_restriction_set_tuner_state(device_policy_manager_h handle, int allow){ return 0; }
-int dpm_restriction_get_tuner_state(device_policy_manager_h handle, int *is_allowed){ return 0; }
+int dpm_restriction_set_sound_state(device_policy_manager_h handle, int allow)
+{
+ return 0;
+}
+int dpm_restriction_get_sound_state(device_policy_manager_h handle, int* is_allowed)
+{
+ return 0;
+}
+int dpm_restriction_set_tuner_state(device_policy_manager_h handle, int allow)
+{
+ return 0;
+}
+int dpm_restriction_get_tuner_state(device_policy_manager_h handle, int* is_allowed)
+{
+ return 0;
+}
#endif
using namespace std;
-enum class State
-{
+enum class State {
Main,
Show,
Usb,
- WiFi,
+ WiFi,
Sound,
Tuner,
Bluetooth,
void applyPolicy(const string& agend_id, const TvPolicy& policy)
{
- try
- {
- static AgentPolicyAdapter adapter;
+ try {
+ static AgentPolicyAdapter adapter;
string policy_json = policy.makePolicy();
int result = adapter.enforcePolicy(agend_id, policy_json);
- if (result != SUCCESS)
- {
+ if (result != SUCCESS) {
cerr << "Failed to enforce policy" << endl;
}
- }
- catch(exception& e)
- {
+ } catch (exception& e) {
cerr << "Failed to enforce policy: " << e.what() << endl;
}
}
string::size_type spos = 0;
string::size_type epos = string::npos;
- while((epos = str.find(delim, spos)) != string::npos)
- {
+ while ((epos = str.find(delim, spos)) != string::npos) {
v.push_back(str.substr(spos, epos - spos));
spos = epos + 1;
- if (spos >= str.length()) break;
+ if (spos >= str.length()) {
+ break;
+ }
}
- if (spos < str.length())
- {
+ if (spos < str.length()) {
v.push_back(str.substr(spos, epos));
}
string s;
auto it = str.cbegin();
- while(it != str.cend() && isspace(*it)) ++it;
+ while (it != str.cend() && isspace(*it)) {
+ ++it;
+ }
- while(it != str.cend() && !isspace(*it))
- {
+ while (it != str.cend() && !isspace(*it)) {
s.push_back(*it);
++it;
}
dpmh handle = (dpmh)dpm_manager_create();
- if (argc > 1)
- {
+ if (argc > 1) {
id = argv[1];
- if (argc > 2)
+ if (argc > 2) {
directly = true;
- }
- else
- {
+ }
+ } else {
cout << "AgentID: ";
cin >> id;
}
dpm_restriction_get_bluetooth_mode_change_state(handle, &allow);
policy.setBluetoothState(bool(allow));
- try
- {
+ try {
State state = State::Main;
bool work = true;
- while (work)
- {
+ while (work) {
char option;
switch (state) {
cin >> option;
- switch (option)
- {
+ switch (option) {
case '0':
state = State::Show;
break;
cin >> option;
- switch (option)
- {
+ switch (option) {
case '1':
case '2':
policy.setUsbSate(option == '1');
- if (directly)
- {
+ if (directly) {
res = dpm_restriction_set_usb_client_state(handle, option == '1');
cout << "set res = " << res << endl;
res = dpm_restriction_get_usb_client_state(handle, &allow);
cout << "get res = " << res << " state = " << allow << endl;
- }
- else
+ } else {
applyPolicy(id, policy);
+ }
break;
case '0':
break;
- case State::WiFi:
- cout << endl << "WiFi options:" << endl;
- cout << "----------------------" << endl;
- cout << policy.getWiFiPolicy().toStyledString();
- cout << "----------------------" << endl;
- cout << " 1 - WiFi enable" << endl;
- cout << " 2 - WiFi disable" << endl;
- cout << " 0 - Back" << endl;
- cout << " ------------------\n\tq - exit" << endl;
-
- cin >> option;
-
- switch (option)
- {
- case '1':
- case '2':
- policy.setWiFiSate(option == '1');
- if (directly)
- {
- res = dpm_restriction_set_wifi_state(handle, option == '1');
- cout << "set res = " << res << endl;
- res = dpm_restriction_get_wifi_state(handle, &allow);
- cout << "get res = " << res << " state = " << allow << endl;
- }
- else
- applyPolicy(id, policy);
- break;
- case '0':
- state = State::Main;
- break;
- case 'q':
- work = false;
- break;
- default:
- cout << "Unsupported option" << endl << endl;
- break;
- }
+ case State::WiFi:
+ cout << endl << "WiFi options:" << endl;
+ cout << "----------------------" << endl;
+ cout << policy.getWiFiPolicy().toStyledString();
+ cout << "----------------------" << endl;
+ cout << " 1 - WiFi enable" << endl;
+ cout << " 2 - WiFi disable" << endl;
+ cout << " 0 - Back" << endl;
+ cout << " ------------------\n\tq - exit" << endl;
+ cin >> option;
+
+ switch (option) {
+ case '1':
+ case '2':
+ policy.setWiFiSate(option == '1');
+ if (directly) {
+ res = dpm_restriction_set_wifi_state(handle, option == '1');
+ cout << "set res = " << res << endl;
+ res = dpm_restriction_get_wifi_state(handle, &allow);
+ cout << "get res = " << res << " state = " << allow << endl;
+ } else {
+ applyPolicy(id, policy);
+ }
+ break;
+ case '0':
+ state = State::Main;
+ break;
+ case 'q':
+ work = false;
break;
+ default:
+ cout << "Unsupported option" << endl << endl;
+ break;
+ }
+
+ break;
case State::Sound:
cout << endl << "Sound options:" << endl;
cin >> option;
- switch (option)
- {
+ switch (option) {
case '1':
case '2':
policy.setSoundState(option == '1');
- if (directly)
- {
+ if (directly) {
res = dpm_restriction_set_sound_state(handle, option == '1');
cout << "set res = " << res << endl;
res = dpm_restriction_get_sound_state(handle, &allow);
cout << "get res = " << res << " state = " << allow << endl;
- }
- else
+ } else {
applyPolicy(id, policy);
+ }
break;
case '0':
state = State::Main;
cin >> option;
- switch (option)
- {
+ switch (option) {
case '1':
case '2':
policy.setTunerState(option == '1');
- if (directly)
- {
+ if (directly) {
res = dpm_restriction_set_tuner_state(handle, option == '1');
cout << "set res = " << res << endl;
res = dpm_restriction_get_tuner_state(handle, &allow);
cout << "get res = " << res << " state = " << allow << endl;
+ } else {
+ applyPolicy(id, policy);
}
- else
- applyPolicy(id, policy);
break;
case '0':
state = State::Main;
cin >> option;
- switch (option)
- {
+ switch (option) {
case '1':
case '2':
policy.setBluetoothState(option == '1');
- if (directly)
- {
+ if (directly) {
res = dpm_restriction_set_bluetooth_mode_change_state(handle, option == '1');
cout << "set res = " << res << endl;
res = dpm_restriction_get_bluetooth_mode_change_state(handle, &allow);
cout << "get res = " << res << " state = " << allow << endl;
- }
- else
+ } else {
applyPolicy(id, policy);
+ }
break;
case '0':
state = State::Main;
cin >> option;
- switch (option)
- {
+ switch (option) {
case '1':
state = State::IptablesAdd;
rule_allow = true;
break;
}
break;
- case State::IptablesAdd:
- {
- cout << endl << "Iptables add to block list:" << endl;
- cout << "----------------------" << endl;
- cout << " Enter " << (rule_allow ? "allow" : "deny") << " rule: ";
- string rule;
- cin >> rule;
-
- if (directly)
- {
- if (rule_allow)
- res = dpm_firewall_apply_allow_rules(handle, rule.c_str());
- else
- res = dpm_firewall_apply_deny_rules(handle, rule.c_str());
- cout << " res = " << res << endl;
- }
- else
- {
- policy.iptablesAddRule(rule);
- applyPolicy(id, policy);
+ case State::IptablesAdd: {
+ cout << endl << "Iptables add to block list:" << endl;
+ cout << "----------------------" << endl;
+ cout << " Enter " << (rule_allow ? "allow" : "deny") << " rule: ";
+ string rule;
+ cin >> rule;
+
+ if (directly) {
+ if (rule_allow) {
+ res = dpm_firewall_apply_allow_rules(handle, rule.c_str());
+ } else {
+ res = dpm_firewall_apply_deny_rules(handle, rule.c_str());
}
+ cout << " res = " << res << endl;
+ } else {
+ policy.iptablesAddRule(rule);
+ applyPolicy(id, policy);
}
- state = State::Iptables;
- break;
- case State::IptablesRemove:
- {
- try
- {
- cout << endl << "Iptables remove from block list" << endl;
- if (directly)
- {
- if (rule_allow)
- res = dpm_firewall_flush_allow_rules(handle);
- else
- res = dpm_firewall_flush_deny_rules(handle);
- cout << " res = " << res << endl;
- }
- else
- {
- policy.iptablesClear();
- applyPolicy(id, policy);
+ }
+ state = State::Iptables;
+ break;
+ case State::IptablesRemove: {
+ try {
+ cout << endl << "Iptables remove from block list" << endl;
+ if (directly) {
+ if (rule_allow) {
+ res = dpm_firewall_flush_allow_rules(handle);
+ } else {
+ res = dpm_firewall_flush_deny_rules(handle);
}
+ cout << " res = " << res << endl;
+ } else {
+ policy.iptablesClear();
+ applyPolicy(id, policy);
}
- catch (...)
- {
- cout << "Wrong format" << endl;
- }
-
+ } catch (...) {
+ cout << "Wrong format" << endl;
}
- state = State::Iptables;
- break;
+
+ }
+ state = State::Iptables;
+ break;
}
}
- }
- catch(std::exception& e)
- {
+ } catch (std::exception& e) {
cerr << "Exception thrown: " << e.what() << endl;
}
- if (handle) dpm_manager_destroy((dpmh)handle);
+ if (handle) {
+ dpm_manager_destroy((dpmh)handle);
+ }
cout << "Bye" << endl;
- return 0;
+ return 0;
}
#include <algorithm>
-const std::string TvPolicy::TV_EXT_GROUP_NAME{"tv-extension"};
+const std::string TvPolicy::TV_EXT_GROUP_NAME
+{"tv-extension"
+};
TvPolicy::TvPolicy():
- USB_state(true),
- WiFi_state(true),
- screen_capture_state(true),
- bluetooth_state(true),
- iptables_state(true),
- sound_state(true),
- tuner_state(true),
- iptables_items()
+ USB_state(true),
+ WiFi_state(true),
+ screen_capture_state(true),
+ bluetooth_state(true),
+ iptables_state(true),
+ sound_state(true),
+ tuner_state(true),
+ iptables_items()
{
}
void TvPolicy::setWiFiSate(bool on)
{
- WiFi_state = on;
+ WiFi_state = on;
}
Json::Value TvPolicy::getWiFiPolicy() const
void TvPolicy::setIptablesState(bool on)
{
iptables_state = on;
- if (!iptables_state) iptables_items.clear();
+ if (!iptables_state) {
+ iptables_items.clear();
+ }
}
void TvPolicy::iptablesAddBlock(const std::string& ip, const IPTablesProtocol proto, const unsigned char port)
iptables_items.push_back(os.str());
}
-void TvPolicy::iptablesAddBlock(const std::string& ip, const IPTablesProtocol proto, const std::vector<unsigned short>& ports)
+void TvPolicy::iptablesAddBlock(const std::string& ip, const IPTablesProtocol proto,
+ const std::vector<unsigned short>& ports)
{
std::ostringstream os;
os << ip << '|' << (proto == UDP ? "UDP" : "TCP") << '|';
bool first = true;
- for (auto port: ports)
- {
- if (port > 65535) throw std::logic_error("Port could not be bigger than 65535");
+ for (auto port : ports) {
+ if (port > 65535) {
+ throw std::logic_error("Port could not be bigger than 65535");
+ }
- if (first) first = false;
- else os << ',';
+ if (first) {
+ first = false;
+ } else {
+ os << ',';
+ }
os << std::to_string(port);
}
iptables_items.push_back(os.str());
}
-void TvPolicy::iptablesAddBlockRange(const std::string& ip, const IPTablesProtocol proto, unsigned short start_port, unsigned short end_port)
+void TvPolicy::iptablesAddBlockRange(const std::string& ip, const IPTablesProtocol proto, unsigned short start_port,
+ unsigned short end_port)
{
- if (start_port > 65535 || end_port > 65535) throw std::logic_error("Port could not be bigger than 65535");
+ if (start_port > 65535 || end_port > 65535) {
+ throw std::logic_error("Port could not be bigger than 65535");
+ }
- if (start_port == end_port)
- {
+ if (start_port == end_port) {
iptablesAddBlock(ip, proto, start_port);
return;
}
unsigned start = start_port;
unsigned end = end_port;
- if (start_port > end_port)
- {
+ if (start_port > end_port) {
start = end_port;
end = start_port;
}
{
std::string filter{ip + (proto == UDP ? "|UDP" : "|TCP")};
iptables_items.erase(
- std::remove_if(
- iptables_items.begin(),
- iptables_items.end(),
- [&filter] (const std::string& val) {
- return val.compare(0, filter.length(), filter) == 0;
- }),
- iptables_items.end());
+ std::remove_if(
+ iptables_items.begin(),
+ iptables_items.end(),
+ [&filter](const std::string & val) {
+ return val.compare(0, filter.length(), filter) == 0;
+ }),
+ iptables_items.end());
}
Json::Value TvPolicy::getIptablesPolicy() const
{
Json::Value iptables_policy{boolPolicy("iptables", int(-1))};
- if (!iptables_items.empty())
- {
+ if (!iptables_items.empty()) {
Json::Value items;
- for (auto item : iptables_items)
- {
+ for (auto item : iptables_items) {
items.append(item);
}
{
Json::Value policy;
policy["name"] = name;
- policy["state"] = state ? 1: 0;
+ policy["state"] = state ? 1 : 0;
policy["items"] = "[]";
return policy;
}
--- /dev/null
+#!/bin/bash
+
+SCRIPT_PATH=$(readlink -m $0)
+SCRIPT_DIR=${SCRIPT_PATH%/*}
+export ARTISTIC_STYLE_OPTIONS=${SCRIPT_DIR}/.astylerc
+
+declare -a IGNORED=(
+ "build"
+ "build-gbs"
+)
+
+function is_ignored
+{
+ for ((i = 0; i < ${#IGNORED[@]}; i++)) ; do
+ if [ "$1" = ${IGNORED[$i]} ] ; then
+ return 0
+ fi
+ done
+ return 1
+}
+
+function visit
+{
+ for entry in ${1}/* ; do
+ if [ -d $entry ] ; then
+ base_n=$(basename $entry)
+ is_ignored $base_n && echo "$base_n ignored" || visit $entry
+ elif [ -f $entry ] ; then
+ if [[ $entry =~ ^.+\.(cpp|h)$ ]] ; then
+ astyle $entry
+ fi
+ fi
+
+ done
+}
+
+visit $SCRIPT_DIR
\ No newline at end of file
bool iptables_state,
const vector<string>& iptables_items)
{
- try
- {
+ try {
Json::Value root;
Json::Reader reader;
bool usb_present = false, screen_present = false, bt_present = false, ipt_present = false;
ASSERT_EQ(group_name, root["group"].asString());
Json::Value policies = root["policies"];
ASSERT_FALSE(policies.isNull()) << "No policies found";
- for (unsigned i = 0; i < policies.size(); i++)
- {
+ for (unsigned i = 0; i < policies.size(); i++) {
Json::Value policy = policies[i];
- if (policy["name"].asString() == usb_policy)
- {
+ if (policy["name"].asString() == usb_policy) {
ASSERT_EQ(usb_state, policy["state"].asBool());
usb_present = true;
- }
- else if (policy["name"].asString() == screen_capture_policy)
- {
+ } else if (policy["name"].asString() == screen_capture_policy) {
ASSERT_EQ(screen_capture_state, policy["state"].asBool());
screen_present = true;
- }
- else if (policy["name"].asString() == bluetooth_policy)
- {
+ } else if (policy["name"].asString() == bluetooth_policy) {
ASSERT_EQ(bluetooth_state, policy["state"].asBool());
bt_present = true;
- }
- else if (policy["name"].asString() == iptables_policy)
- {
+ } else if (policy["name"].asString() == iptables_policy) {
ASSERT_EQ(iptables_state, policy["state"].asBool());
ipt_present = true;
Json::Value items = policy["items"];
- if (items.isNull() && iptables_items.size() != 0)
- {
+ if (items.isNull() && iptables_items.size() != 0) {
FAIL() << "Policy has no items but must have " << iptables_items.size();
- }
- else
- {
+ } else {
ASSERT_EQ(items.size(), iptables_items.size());
vector<string> result{iptables_items};
- for (unsigned i = 0; i < items.size(); i++)
- {
+ for (unsigned i = 0; i < items.size(); i++) {
string v = items[i].asString();
auto it = find(result.begin(), result.end(), v);
ASSERT_NE(it, result.end()) << "Value \"" << v << "\" not found";
ASSERT_TRUE(screen_present) << "Screen capture policy not found";
ASSERT_TRUE(bt_present) << "Bluetooth policy not found";
ASSERT_TRUE(ipt_present) << "IPTables policy not found";
- }
- catch(std::exception& e)
- {
+ } catch (std::exception& e) {
FAIL() << "Exception: " << e.what();
- }
- catch(...)
- {
+ } catch (...) {
FAIL() << "Unknown exception";
}
policy.setIptablesState(false);
policy.setScreenCaptureState(false);
- checkPolicy(policy, false, false, false, false, vector<string>{});
+ checkPolicy(policy, false, false, false, false, vector<string> {});
}
/**
policy.setIptablesState(true);
policy.setScreenCaptureState(true);
- checkPolicy(policy, true, true, true, true, vector<string>{});
+ checkPolicy(policy, true, true, true, true, vector<string> {});
}
/**
policy.setScreenCaptureState(true);
// Add records
- policy.iptablesAddBlock("106.125.33.55", IPTablesProtocol::TCP, vector<unsigned short>{10,20,30,40,50,60,70});
+ policy.iptablesAddBlock("106.125.33.55", IPTablesProtocol::TCP, vector<unsigned short> {10, 20, 30, 40, 50, 60, 70});
policy.iptablesAddBlockRange("106.125.12.34", IPTablesProtocol::UDP, 100, 1111);
vector<string> result{
checkPolicy(policy, true, true, true, true, result);
result = {
- "106.125.33.55|TCP|10,20,30,40,50,60,70",
- "106.125.10.51|TCP|80"
- };
+ "106.125.33.55|TCP|10,20,30,40,50,60,70",
+ "106.125.10.51|TCP|80"
+ };
// Remove record and check
policy.iptablesRemoveBlock("106.125.12.34", IPTablesProtocol::UDP);
checkPolicy(policy, true, true, true, true, result);
projects / platform / core / security / suspicious-activity-monitor.git / commitdiff