platform/core/security/security-manager.git
10 years agoChanged dlog logging buffer.
Jan Olszak [Thu, 4 Jul 2013 12:59:07 +0000 (14:59 +0200)]
Changed dlog logging buffer.

[Issue#] dlog logged in a wrong buffer.
[Bug/Feature]   Recent prevent bugs need fix.
[Cause]         N/A
[Solution]      N/A
[Verification]  Build, install, run "dlogutil -c", run tests, run "dlogutil -b main SECURITY_SERVER" (no loggs), "dlogutil -b system SECURITY_SERVER" (loggs..)

Change-Id: I8680f74ab4452469147e6f348c2a3491b9063bf7

10 years agoError code for empty passwords.
Jan Olszak [Tue, 2 Jul 2013 13:35:52 +0000 (15:35 +0200)]
Error code for empty passwords.

[Issue] No error code for empty passwords. Needed in tests.
[Feature] N/A
[Cause] N/A
[Solution] Added error code
[Verification]  Build

Change-Id: Icb1d6aacaf5b346ab2733245d7d328d48a1e03f5

10 years agoFixing prevent defects in security-server
Marcin Niesluchowski [Fri, 5 Jul 2013 11:27:22 +0000 (13:27 +0200)]
Fixing prevent defects in security-server
* 63411; Critical; Resource leak; In function
  SecurityServer::BinaryQueue::AppendUnmanaged(
      void const*,
      unsigned int,
      void (*)(void const*, unsigned int, void *),
      void *)
  in src/server2/dpl/core/src/binary_queue.cpp
* 63374; Critical; Explicit null dereferenced; In function
  SecurityServer::SharedMemoryService::readOne(SecurityServer::ConnectionID const&,
                                               SecurityServer::SocketBuffer &)
  in src/server2/service/data-share.cpp

[Issue#]        SSDWSSP-356
[Bug/Feature]   Prevent bugs need to be fixed.
[Cause]         N/A
[Solution]      N/A
[Verification]  Running security-server tests.

Change-Id: I816e8b50ff94470256604d37a88a400dbeac59b5

10 years agoSocket won't have any smack label when smack is turn off.
Bartlomiej Grzelewski [Wed, 3 Jul 2013 08:17:35 +0000 (10:17 +0200)]
Socket won't have any smack label when smack is turn off.

[Issue#]   SSDWSSP-68
[Bug]      Security-server does not work without smack.
[Cause]    Smack was mandatory.
[Solution] Add runtime check for smack existance.

[Verfication] Run tests.

Change-Id: I431a2c86a6f110f5c79b3795e07f32e49759cd28

10 years agoSecurity-server refactoring.
Bartlomiej Grzelewski [Mon, 20 May 2013 09:11:27 +0000 (11:11 +0200)]
Security-server refactoring.

* Rewrite shared-memory-service.
* Each service will run in own thread.
* Import log and exception modules from DPL library.
* Add serialization.
* Hide symbols in client library.

[Issue#]   SSDWSSP-68
[Bug]      N/A
[Cause]    N/A
[Solution] N/A

[Verification] Run security-server tests.

Change-Id: Ib353c4ddaccc2f4211f2bbce74dd890956fa60de

10 years agoFixing prevent defects in security-server.
Marcin Niesluchowski [Fri, 21 Jun 2013 12:05:25 +0000 (14:05 +0200)]
Fixing prevent defects in security-server.
* 60575; Major; Unsigned compared against 0; In function security_server_thread
  in src/server/security-server-main.c
* 52113; Minor; Unchecked return value; In function security_server_thread
  in src/server/security-server-main.c

[Issue#]        SSDWSSP-335
[Bug/Feature]   Prevent detected new defects.
[Cause]         N/A
[Solution]      N/A
[Verification]  Running tests.

Change-Id: Ie74a957585482b3435783c9bcba4dc1e7ce13ee2

10 years agoChanging some error logs to warnings and turning off debug logs on security-server.
Marcin Niesluchowski [Thu, 20 Jun 2013 07:57:50 +0000 (09:57 +0200)]
Changing some error logs to warnings and turning off debug logs on security-server.

[Issue#]        SSDWSSP-331
[Bug/Feature]   Too many error logs. Debug logs should be turned off.
[Cause]         N/A
[Solution]      N/A
[Verification]  Checking logs and running tests.

Change-Id: I060a891700e161064980c97a5b90c32eef47fca6

10 years agoAdded missing handler for executable path retrieval message
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Added missing handler for executable path retrieval message

[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] SECURITY_SERVER_MSG_TYPE_EXE_PATH_REQUEST is not handled
[Cause] Incorrectly resolved conflict. Part of code lost.
[Solution] Missing handler restored

[Verification] Build & install. Run security-server-tests-client-smack
--regexp=tc06_check_privilege_by_sockfd. Security server logs should contain
valid executable path in lines starting with SS_SMACK. There should be no
"Unknown msg ID" message in dlog

Change-Id: I8e384e645291a0563a1ffd4ce47496742e756742

10 years agoAll *.c and *.h files changed by stylecheck-for-git.
Marcin Niesluchowski [Thu, 20 Jun 2013 12:35:52 +0000 (14:35 +0200)]
All *.c and *.h files changed by stylecheck-for-git.

[Issue#]        SSDWSSP-322
[Bug/Feature]   Standardization of repository coding style.
[Cause]         N/A
[Solution]      N/A
[Verification]  N/A

Change-Id: Ife70bac31e8fb6a5b0b678dfddbee840ace8c764

10 years agoFixing prevent major defects in security-server.
Marcin Niesluchowski [Fri, 14 Jun 2013 08:51:30 +0000 (10:51 +0200)]
Fixing prevent major defects in security-server.
In file src/client/security-server-cient.c:
  Major "Integer overflowed argument" in function recv_exec_path_response()
In file src/server/security-server-main.c:
  Major "Integer overflowed argument" in function security_server_thread()
  Major "Various" in security_server_thread()
In file src/communication/sercurity-server-comm.c:
  Major "Integer overflowed argument" in function recv_pid_privilege_request()

[Issue#]        SSDWSSP-306
[Bug/Feature]   Fix prevent defects
[Cause]         Prevent server signalizes defects
[Solution]      N/A
[Verification]  Running tests and checking prevent output.

Change-Id: Iff331cd34c2f3447df79118cfa449e6c37c72091

10 years agoLog messages refactoring continued
Zbigniew Jasinski [Mon, 17 Jun 2013 13:41:10 +0000 (15:41 +0200)]
Log messages refactoring continued

[Issue#]        SSDWSSP-323
[Bug/Feature]   Log messages refactoring
[Cause]         Legal issues with prohibited words in logs (ie. password)
[Solution]      Use SECURE_LOG* macro
[Verification]  Compile and run. No tests should fail

Change-Id: I5ed5815d1e105f31765162460350476cba574c00

10 years agoLog messages refactoring continued
Zbigniew Jasinski [Mon, 17 Jun 2013 13:39:23 +0000 (15:39 +0200)]
Log messages refactoring continued

[Issue#]        SSDWSSP-323
[Bug/Feature]   Log messages refactoring
[Cause]         Legal issues with prohibited words in logs (ie. password)
[Solution]      Use SECURE_LOG* macro
[Verification]  Compile and run. No tests should fail

Change-Id: I8997084a6fbac44b21b253fa4a8765ebf6625ae9

10 years agoLog messages refactoring
Zbigniew Jasinski [Mon, 17 Jun 2013 13:34:53 +0000 (15:34 +0200)]
Log messages refactoring

[Issue#]        SSDWSSP-323
[Bug/Feature]   Log messages refactoring
[Cause]         Legal issues with prohibited words in logs (ie. password)
[Solution]      Use SECURE_LOG* macro
[Verification]  Compile and run. No tests should fail

Change-Id: I060ce75cc308fd1890c5b249840e19f40b833fd6

10 years agoAdded SECURE_LOG* macro
Zbigniew Jasinski [Tue, 18 Jun 2013 08:40:23 +0000 (10:40 +0200)]
Added SECURE_LOG* macro

[Issue#]        SSDWSSP-323
[Bug/Feature]   Log messages refactoring
[Cause]         SECURE_LOG* macro added for log messages refactoring
[Solution]      Added SECURE_LOG* macro
[Verification]  Compile with LOG_DEBUG_ENABLED and run. No tests should fail

Change-Id: Id9181d91c3bc571bd122edbc9e641fbcca39af7e

10 years agoAdd SMACK checking for SS API
Pawel Polawski [Mon, 20 May 2013 09:06:33 +0000 (11:06 +0200)]
Add SMACK checking for SS API

[Issue#]        SSDWSSP-272
[Bug/Feature]   Add SMACK checking for each SS API
[Cause]         No SMACK authorization in some SS API
[Solution]      Added SMACK checking for each SS API
[Verification]  Compile and run. No tests should fail

Change-Id: I4043c7eddd2bab1547f48ffbaf3ab7e28101550c

10 years agoExecutable path retrieval moved to security-server
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Executable path retrieval moved to security-server

[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] security_server_check_privilege_by_sockfd should not require root privileges
[Cause] The function reads /proc/[pid]/exe
[Solution] Executable retrieval moved to security-server.

[Verification] Build & install. Run security-server-tests-client-smack --regexp=tc06_check_privilege_by_sockfd
Security server logs should contain valid executable path in lines starting with SS_SMACK

Change-Id: Ib06414e80c9ee992108b7c49b33914e9047e5871

10 years agoRewriting search_gid to use POSIX getgrnam_r
Zbigniew Jasinski [Mon, 27 May 2013 13:10:02 +0000 (15:10 +0200)]
Rewriting search_gid to use POSIX getgrnam_r

[Issue#]       N/A
[Bug]          N/A
[Cause]        Instead of opening /etc/group and search for group name and ID we can
               use POSIX getgrnam_r
[Solution]     Rewriting function to use POSIX getgrnam_r.
[Verification] Build. Run all security-server tests.

Change-Id: Ia3591db1e11c013229ffd0a725697be797e0a2f1

10 years agoUse function smack_pid_have_access() from libprivilege-control instead smack_have_acc...
Janusz Kozerski [Tue, 7 May 2013 12:19:09 +0000 (14:19 +0200)]
Use function smack_pid_have_access() from libprivilege-control instead smack_have_access()

[Issue#]   SSDWSSP-220
[Feature]  Using function smack_pid_have_access() from libprivilege-control instead smack_have_access()
[Problem]  N/A
[Cause]    N/A
[Solution] N/A

[Verification] Needs http://slp-info.sec.samsung.net/gerrit/#/c/197481/. Build, install, reboot.

Change-Id: I98b651f7e52c74d794fe96818a61644ece5c9ae5

10 years agoFix data control api.
Bartlomiej Grzelewski [Fri, 17 May 2013 12:06:14 +0000 (14:06 +0200)]
Fix data control api.

Data control must return SUCCESS on images without smack.

[Issue#]   SSDWSSP-277
[Bug]      security-server_app_give_access returns error on image
           without smack.
[Cause]    On image without smack user passed "" as a client label.
           "" is not acceptable smack label.
[Solution] Function security_server_app_give_access returns SUCCESS
           when smack is turn off.

[Verification] Build. Run all tests. No changes in result should be
               noticed on smack image.

Change-Id: I0c740ecda07e3ed97f1d409c8e597bc3b1f0b773

10 years agoCookie executable path logic fixed and refactored.
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.

[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.

[Verification] Run all security-server tests

Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7

10 years agoReimplementing process_app_get_access_request
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request

[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)

Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad

10 years agoThread synchronisation fixed. Proper cookie copying.
Krzysztof Jackiewicz [Fri, 10 May 2013 12:53:05 +0000 (14:53 +0200)]
Thread synchronisation fixed. Proper cookie copying.

[Issue#] SSDWSSP-237
[Feature/Bug] N/A
[Problem] security server crashes
[Cause] Because of incorrect synchronisation a race condition was possible
[Solution] Synchronisation fixed. Proper cookie copying applied.

[Verification] Run all security server tests

Change-Id: I464fb0cf05ec707191c32dde8b7b3de2b0fcdeb5

10 years agoAdd SMACK_LOG in client_has_access.
Bartlomiej Grzelewski [Wed, 8 May 2013 14:29:05 +0000 (16:29 +0200)]
Add SMACK_LOG in client_has_access.

Security-server must inform that client does not have access to
some service provided by him.

Fix problem with random pid client in security-server logs.

[Issue#]   SSDWSSP-226
[Bug]      Security server shows rundom value as client pid.
[Cause]    Function responsible for client pid extraction wass comment out.
[Solution] N/A

[Verification] Run test. Check logs. Pid of client process should be
shown correctly.

Change-Id: Ifdb0712b1d6f22a71a3e90b2264666f0ec7146da

10 years agoChange logs in SS to correct error logs.
Pawel Polawski [Thu, 9 May 2013 09:37:56 +0000 (11:37 +0200)]
Change logs in SS to correct error logs.

[Issue#]        SSDWSSP-234
[Bug/Feature]   Security-server SMACK dlog should be "ERROR", not info
[Cause]         N/A
[Solution]      Log type changed to error
[Verification]  Compile and run. SS should generate both: debug and
                error logs on dlog

Change-Id: I8e4c609d30cc71ab4395e85ab5bf9c6a7e97abf9

10 years agoAdd binary path to SMACK log
Pawel Polawski [Thu, 25 Apr 2013 13:44:25 +0000 (15:44 +0200)]
Add binary path to SMACK log

[Issue#]        SSDWSSP-203
[Bug/Feature]   Change logs in security_server_check_privilege_by_sockfd
[Cause]         N/A
[Solution]      N/A
[Verification]  Compile. Run tests.

Change-Id: I6ca2cfc97bc795eefa287c82b0a826f2d6c853a9

10 years agoMerge missing code pieces from private repository.
Rafal Krypa [Fri, 3 May 2013 13:44:18 +0000 (15:44 +0200)]
Merge missing code pieces from private repository.

[Issue#]       N/A
[Bug]          Patches applied in different version in RSA and private repository
[Cause]        Developers not careful enough about applying patches in both places
[Solution]     Move missing bits of code
[Verification] Build

Change-Id: If1f65e07b44e1a2ad40f9d67f0ae211511948632

10 years agoremove set_pmon
Kidong Kim [Tue, 30 Apr 2013 12:39:33 +0000 (21:39 +0900)]
remove set_pmon

Change-Id: I7ac0c26573e52e8ed70e96a32de5962168548811

10 years agoAdd #ifdef SMACK_ENABLED to private code.
Bartlomiej Grzelewski [Mon, 27 Jan 2014 16:40:05 +0000 (17:40 +0100)]
Add #ifdef SMACK_ENABLED to private code.

With this define commented, all security-server API
should work as if there was no SMACK error and SMACK
allowed for everything.

[Issue#]   SSDWSSP-206 & SSDWSSP-221
[Bug]      N/A
[Cause]    SS should work without SMACK enabled.
[Solution] As mentioned above.

[Verification] Build with and without ADD_DEFINITIONS( -DSMACK_ENABLED ).
1. SMACK enabled system.
1.1 -DSMACK_ENABLED on: SS tests should not fail
1.2 -DSMACK_ENABLED off: Following SS tests should fail:
 -client-smack:
  -tc04_security_server_get_gid_client_is_not_allowed
  -tc05_check_privilege_by_cookie
  -tc06_check_privilege_by_sockfd
  -tc07_check_privilege_by_sockfd
 -label:
  -tc_security_server_get_smacklabel_cookie
 -server:
  -tc01a_security_server_app_give_access
  -tc02_check_privilege_by_pid
 There should be no missing SMACK rules for security server sockets in dmesg

2. SMACK disabled system. Same results for -DSMACK_ENABLED on and off. Beside tests
failing in 1.2 all test cases using smack_accesses_apply and smack_have_access will also fail.

Change-Id: Ia1074d9da4a07e3a60878030b9b8fc3760340c73

10 years agoRemoving authentication of middleware
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
Removing authentication of middleware

Change-Id: I276c83539a09db05500539dfa600bb05a64ceae0

10 years agoFixing klocwork bugs
Zofia Abramowska [Fri, 26 Apr 2013 10:17:45 +0000 (12:17 +0200)]
Fixing klocwork bugs

[Issue#] N/A
[Bug] Bugs found by klocwork
[Cause] N/A
[Solution] N/A
[Verficiation] Build and run all tests

Change-Id: I386f3e74820c518fd0437f082246c7fa1177ced4

10 years agoImplemet data control solution for OSP apps.
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:02:45 +0000 (17:02 +0200)]
Implemet data control solution for OSP apps.

Function security_server_app_give_access may be called only by
priviledge process (process must have "rw" access to
"security-server::api-data-share"). In current implemnetation security
check is made in user space. It should be moved to kernel space by
creating separate socket with "security-server::api-data-share" label.

[Issue#]   SSDWSSP-177
[Bug]      N/A
[Cause]    OPS application need to share memory.
[Solution] Add cross rules between OSP application.

[Verification] Build.

Change-Id: Ie6bad6e924bbcd1b37af58cb7650f65bebd5d57c

10 years agoFix process_pid_privilege_check function.
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:50:14 +0000 (17:50 +0200)]
Fix process_pid_privilege_check function.

Prevent function process_pid_privilege_check from closing random socket
when something fails.

[Issue#]   N/A
[Bug]      N/A
[Cause]    Value was not initialized.
[Solution] N/A

[Verification] Build.

Change-Id: Id77c84c9f2ac1237c56f7cd5ff00258d40680459

10 years agoChange logs in security server connected to SMACK
Pawel Polawski [Tue, 23 Apr 2013 12:45:05 +0000 (14:45 +0200)]
Change logs in security server connected to SMACK

[Issue#]        SSDWSSP-203
[Feature]       New logs format
[Cause]         Deprecated log format
[Solution]      Log format changed
[Verification]  Compile, no tests should fail

Change-Id: I38d227b99e341cc76f540a7dc56c4532704ce9e3

10 years agoAdd debug log for smack_have_acces in security-server
Pawel Polawski [Thu, 18 Apr 2013 07:20:02 +0000 (09:20 +0200)]
Add debug log for smack_have_acces in security-server

[Issue#]        SSDWSSP-185
[Feature]       New security-server API
[Problem]       N/A
[Cause]         N/A
[Solution]      New log message added

[Verification]  Build package

Change-Id: I69df34df93a3efec58073667c9ac1a0d4cba031c

10 years agoImplemet data control solution for OSP apps.
Bartlomiej Grzelewski [Tue, 9 Apr 2013 16:03:52 +0000 (18:03 +0200)]
Implemet data control solution for OSP apps.

[Issue#]   SSDWSSP-177
[Bug]      N/A
[Cause]    OPS application need to share memory.
[Solution] Add cross rules between OSP application.

[Verification] Build.

Change-Id: I5085e5f0130ff687aaa142006837110077ba00be

10 years agoCookie executable path logic fixed and refactored.
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.

[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.

[Verification] Run all security-server tests

Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7

Conflicts:

src/server/security-server-cookie.c

10 years agoFixed compilation error
Krzysztof Jackiewicz [Tue, 14 May 2013 15:31:49 +0000 (17:31 +0200)]
Fixed compilation error

[Issue#] SSDWSSP-229
[Feature/Bug] Compilation error
[Problem] N/A
[Cause] Error logs are not yet available
[Solution] Changed to debug logs

[Verification] Successfull compilation

Change-Id: I29a8268cfefc41189e4c1e218387a20a48cf9142

10 years agoReimplementing process_app_get_access_request
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request

[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)

Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad

10 years agoFix for TIVI 2222 : Add build option to enable SMACK related features
Baptiste DURAND [Tue, 26 Nov 2013 14:00:08 +0000 (15:00 +0100)]
Fix for TIVI 2222 : Add build option to enable SMACK related features

Change-Id: I2069e76a88892ada0ce401451600566028014ca8
Signed-off-by: Baptiste DURAND <baptiste.durand@eurogiciel.fr>
11 years agoChange variable type for system observer thread
Jean-Benoit MARTIN [Wed, 18 Sep 2013 07:32:56 +0000 (09:32 +0200)]
Change variable type for system observer thread

The event_callback is not correctly transmitted to the system
observer thread. Change so_config into static variable

Change-Id: I7572eedcbcbaa33027841c0b7fbf588c34a5d35b
Bug-Tizen: IVI-1793

11 years agoCleanup spec and remove defunct system V startup scripts
Rusty Lynch [Fri, 23 Aug 2013 17:24:42 +0000 (10:24 -0700)]
Cleanup spec and remove defunct system V startup scripts

Fix several rpmlint errors and removed the pointless startup script
from the source and all the logic for installing it in the spec

11 years agosmack API has changed; smack_new_label_from socket returns the label
Ismo Puustinen [Thu, 22 Aug 2013 07:28:58 +0000 (10:28 +0300)]
smack API has changed; smack_new_label_from socket returns the label
length.

11 years agoFix the manifest installation
Patrick McCarty [Mon, 15 Jul 2013 19:18:55 +0000 (12:18 -0700)]
Fix the manifest installation

Change-Id: I32c2c22ebfb91e1ae497a807791c2703f1667c1d

11 years agoFix the manifest installation
Patrick McCarty [Mon, 15 Jul 2013 19:18:55 +0000 (12:18 -0700)]
Fix the manifest installation

Change-Id: I32c2c22ebfb91e1ae497a807791c2703f1667c1d

11 years agoMerge "resetting manifest requested domain to floor" into tizen
Ryan Ware [Mon, 8 Jul 2013 17:07:09 +0000 (10:07 -0700)]
Merge "resetting manifest requested domain to floor" into tizen

11 years agoresetting manifest requested domain to floor
Alexandru Cornea [Mon, 1 Jul 2013 14:32:26 +0000 (17:32 +0300)]
resetting manifest requested domain to floor

11 years agoresetting manifest requested domain to floor
Alexandru Cornea [Fri, 28 Jun 2013 14:38:51 +0000 (17:38 +0300)]
resetting manifest requested domain to floor

11 years agomerge back from tizen_2.1_smack
Kidong Kim [Fri, 10 May 2013 08:59:48 +0000 (17:59 +0900)]
merge back from tizen_2.1_smack

11 years ago[Release] security-server_0.0.73
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
[Release] security-server_0.0.73

* Removed authentication of middleware

Change-Id: I430da7b68dc2f2645082e6e82b1e35a9f8e23bbc

11 years ago[Release] security-server_0.0.72
Krzysztof Jackiewicz [Wed, 17 Apr 2013 10:17:49 +0000 (12:17 +0200)]
[Release] security-server_0.0.72

* fixed release commit message

Change-Id: I7c56fe03e85c5b906b0aac055ab352d18f3d2b2d

11 years ago[Release] security-server-0.0.72
Krzysztof Jackiewicz [Tue, 16 Apr 2013 15:43:46 +0000 (17:43 +0200)]
[Release] security-server-0.0.72

* prevent bugfixes
* unnecessary package dependecies removed

Change-Id: I0820cc1656b6405db68aead4cfed609ad7c86175

11 years agoFix bugs reported by prevent.
Bartlomiej Grzelewski [Fri, 12 Apr 2013 13:57:07 +0000 (15:57 +0200)]
Fix bugs reported by prevent.

[Issue#]   N/A
[Bug]      Sizeof gets wrong argument.
[Cause]    N/A
[Solution] Sizeof gets type of struct now.

[Verification] Build. Run security tests.

Change-Id: I300591ae3fa1040d9f316699551b522bf222acce

11 years agoRemove package from build dependency that are not requried druing build.
Bartlomiej Grzelewski [Fri, 12 Apr 2013 14:21:11 +0000 (16:21 +0200)]
Remove package from build dependency that are not requried druing build.

[Issue#]   N/A
[Bug]      N/A
[Caluse]   N/A
[Solution] N/A

[Verification] Build.

Change-Id: Ib13ed0a3c837b85c410633a047212042447ebe27

11 years agoMerge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Fri, 12 Apr 2013 14:05:43 +0000 (16:05 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master

Change-Id: I15d1549c23d65fa677c10065dd5880647c4a3060

11 years ago[Release] security-server_0.0.71
Krzysztof Jackiewicz [Fri, 12 Apr 2013 13:09:56 +0000 (15:09 +0200)]
[Release] security-server_0.0.71

* Remove usage of mw-list file in security-server

Change-Id: I6c47b7f6cbe5040147be837112a50a079893d1bd

11 years agoRemove usage of mw-list file in security-server
Jan Cybulski [Thu, 11 Apr 2013 06:08:02 +0000 (08:08 +0200)]
Remove usage of mw-list file in security-server

[Issue#]SSDWSSP-186
[Feature/Bug] N/A
[Problem] N/A
[Cause] N/A
[Solution] Removing hardcoded set of trusted daemon binaries.
Removing function search_middleware_exe_path and file with mw-list entries.
[Verification] Build, tests

Change-Id: I3f7bd1d37bc0b315642884801c80d3e308f78a2a

11 years agoMiddleware list check fixed.
Krzysztof Jackiewicz [Tue, 2 Apr 2013 08:55:26 +0000 (10:55 +0200)]
Middleware list check fixed.

[Issue#] N/A
[Feature/Bug] N/A
[Problem] Empty line in mw-lists matches everything.
[Cause] N/A
[Solution] Commandline replaced by executable name. Fixed comparison of
executable name with mw-list entries. Empty line removed from mw-list. 50 chars
limit removed

[Verification] Run all security server tests

Change-Id: I872ad45a4089b484a30fc4caa1759ce9d6a584e4

11 years agoFix for 64 bit compatibility.
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.

- Fix hardcoding path.
- Use %cmake to set default paths.

Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910

11 years agoFix for 64 bit compatibility.
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.

- Fix hardcoding path.
- Use %cmake to set default paths.

Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910

11 years agoMerge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Fri, 29 Mar 2013 10:17:37 +0000 (11:17 +0100)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master

11 years ago[Release] security-server_0.0.70
Krzysztof Jackiewicz [Thu, 28 Mar 2013 14:36:01 +0000 (15:36 +0100)]
[Release] security-server_0.0.70

* Prevent bugfixes from private repo

Change-Id: I52ea4353e5f4092672135323b30f5ae8e295f1d1

11 years agoRead or write may be interrupt.
Bartlomiej Grzelewski [Fri, 8 Mar 2013 16:38:57 +0000 (17:38 +0100)]
Read or write may be interrupt.

This commits add suport for interruption of read or write. Please note
that we still need to add support for sitation when read or write
returns less that we expect.

[Issue#]    N/A
[Bug]       N/A
[Cause]     N/A
[Solution]  N/A

[Verification] Run all security-server tests.

Change-Id: I799fd41245cce004582458f98f49511a2860ff0e

11 years agoReemove compilation warrnings.
Bartlomiej Grzelewski [Thu, 7 Mar 2013 17:32:28 +0000 (18:32 +0100)]
Reemove compilation warrnings.

[Issue#]    N/A
[Bug]       N/A
[Cause]     N/A
[Solution]  N/A

[Verification] Run all security-server tests.

Change-Id: Icedbece62623b2393eb16c3776a909db8443c073

11 years agoFix defects reported by prevent.
Bartlomiej Grzelewski [Thu, 7 Mar 2013 16:21:12 +0000 (17:21 +0100)]
Fix defects reported by prevent.

[Issue#]        SSDWSSP-115
[Bug]           N/A
[Cause]         N/A
[Soultion]      N/A

[Verification]  Run all security-server tests.

Change-Id: I61a437f604e94b6897d1b2b76aca8217893a307e

11 years ago[Release] security-server_0.0.69
Krzysztof Jackiewicz [Thu, 21 Mar 2013 15:37:04 +0000 (16:37 +0100)]
[Release] security-server_0.0.69

* Table allocation bug fixed
* Password timeout changed
* Merged master into tizen_2.1

Change-Id: I85d41e0f8c1e10491a1fab07586058c1ef5f7271

11 years ago[Release] security-server_0.0.69
Krzysztof Jackiewicz [Thu, 21 Mar 2013 10:07:11 +0000 (11:07 +0100)]
[Release] security-server_0.0.69

* Table allocation bug fixed
* Password timeout changed

Change-Id: I70b81639a80600fa83cf93ae08ebced1fa83fe84

11 years agoChange password timeout from 1 seconds to 500000 microseconds.
Janusz Kozerski [Wed, 20 Mar 2013 10:27:28 +0000 (11:27 +0100)]
Change password timeout from 1 seconds to 500000 microseconds.

[Issue#]    N/A
[Bug]       N/A
[Cause]     N/A
[Solution]  N/A

[Verification] Run all security-server tests.

11 years agomerge with master
Jinkun Jang [Fri, 15 Mar 2013 16:17:58 +0000 (01:17 +0900)]
merge with master

11 years agoTizen 2.1 base
Jinkun Jang [Tue, 12 Mar 2013 16:51:34 +0000 (01:51 +0900)]
Tizen 2.1 base

11 years agoFix bug in table allocation.
Pawel Polawski [Tue, 5 Mar 2013 10:28:38 +0000 (11:28 +0100)]
Fix bug in table allocation.

[Issue#]        N/A
[Bug]           Wrong pointer passed to allocating fuinction
[Cause]         N/A
[Soultion]      Changed to correct pointer
[Verification]  No warnings while compilation

Change-Id: I54d00e11862f1986b0518009bdb30a5942f127b7

11 years ago[Release] security-server_0.0.67
Bartlomiej Grzelewski [Mon, 4 Mar 2013 16:37:03 +0000 (17:37 +0100)]
[Release] security-server_0.0.67

* Fix bug with searching cookie with no privileges.

Change-Id: I46ab72148143df3f1a76956aa8f4474147ef3338

11 years agoFix bug with searching cookie with no privileges.
Pawel Polawski [Tue, 26 Feb 2013 07:51:09 +0000 (08:51 +0100)]
Fix bug with searching cookie with no privileges.

[Issue#]        SSDWSSP-102
[Bug]           Bug with get_smack_label in security-server
[Cause]         Error in searching cookie with no privileges set
[Soulution]     Special trading cookies with no privileges set
[Verification]  Code compiles with success

Change-Id: I25debbc88315f316ed08b1cda2895bd3d9d90116

11 years ago[Release] security-server_0.0.65
Mariusz Domanski [Wed, 27 Feb 2013 10:46:25 +0000 (11:46 +0100)]
[Release] security-server_0.0.65

* Proper %post and %postun scripts in spec file
* Removing unused code and separating deprecated files
* Fix for several issues detected by Prevent

Change-Id: I494fba79e6c11e9c298a4972a99a4847e9caffe6

11 years agoMerge "Proper %post and %postun scripts in spec file"
Rafal Krypa [Mon, 25 Feb 2013 14:45:51 +0000 (23:45 +0900)]
Merge "Proper %post and %postun scripts in spec file"

11 years agoRemoving unused code and separating deprecated files
Zofia Abramowska [Mon, 18 Feb 2013 12:44:57 +0000 (13:44 +0100)]
Removing unused code and separating deprecated files

[Issue#] SSDWSSP-98
[Feature] N/A
[Cause] Removal of unwanted files from security-server
[Solution] N/A
[Verification] Successful build

Change-Id: I27fbd9ca4d597c71b65400c4ed71458b406f557b

11 years agoFix for several issues detected by Prevent
Mariusz Domanski [Tue, 19 Feb 2013 15:43:15 +0000 (16:43 +0100)]
Fix for several issues detected by Prevent

[Issue#] SSDWSSP-106
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] N/A
[Verification] Build and run tests

Change-Id: Ie0d469e73685fd518da2a374cf0c0e5dea5829eb

11 years agoProper %post and %postun scripts in spec file
Mariusz Domanski [Wed, 20 Feb 2013 14:43:36 +0000 (15:43 +0100)]
Proper %post and %postun scripts in spec file

[Issue#]   N/A
[Bug]      errors when upgrading rpm package via rpm -U command
[Cause]    bugged %post and %postun scripts in spec file
[Solution] fixed %post and %postun scripts to handle upgrades properly

[Verification] Build and install rpm files, then increment version
               number in spec file and build and install with rpm -U.
               No security-server related errors should appear after
               second installation, S10security-server symlinks in
               /etc/rc.d/rc3.d/ and /etc/rc.d/rc5.d/ should exist.
               After package uninstallation symlinks should be gone.

Change-Id: I5f0ec6e640f14c12335de0338d3e75d883d1a79e

11 years agoFix for several issues detected by Prevent
Janusz Majnert [Mon, 18 Feb 2013 12:39:30 +0000 (13:39 +0100)]
Fix for several issues detected by Prevent

[Issue#] SSDWSSP-107
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] Please see comments below
[Verification] Build and run

Changes:
* Added a sanity check for new_pwd_len in (prevent #42100)
* Added a check for result of setuid in security server test case
  (prevent #42102)
* Fixed a bug in one of the test cases (comparing smack labels)
  (prevent #43435)
* Fixed a bug where one error condition was not handled properly, which in turn
  led to double free.

Change-Id: I54562981cf5e1201f8f62852da5cb6b3473df138

11 years ago[Release] security-server_0.0.64
Tomasz Swierczek [Tue, 5 Feb 2013 08:40:00 +0000 (09:40 +0100)]
[Release] security-server_0.0.64

* Fixed bug with searching cookie for root process in security-server

Change-Id: Ic499ef20918e791351d1a3acdf30697532481618

11 years agoFixing bug with searching cookie and privileges in security-server.
Pawel Polawski [Mon, 4 Feb 2013 16:50:45 +0000 (17:50 +0100)]
Fixing bug with searching cookie and privileges in security-server.

[Issue#]        SSDWSSP-71
[Cause]         Fix bug with access to security-server API
                by some root processes.
[Problem]       Access to security server API returns error
                for alarm service.
[Solution]      Removed special treating root processes when searching
                cookies for caller.
[Verification]  Security-serwer should return no error while
                calling security_server_check_privilege()
                with correct parameters. Setting clock alarm should
                return no errors in DLOGUTIL.

Change-Id: I86a950afedd326c021ab00d7ba6a868034d647f9

11 years ago[Release] security-server_0.0.63
Mariusz Domanski [Fri, 1 Feb 2013 16:22:50 +0000 (17:22 +0100)]
[Release] security-server_0.0.63

* Add new functions to security-server API

Change-Id: I05ca7e3356db323123a026b02875a7a30d6e3f32

11 years agoAdd new functions to security-server API.
Pawel Polawski [Fri, 25 Jan 2013 10:52:21 +0000 (11:52 +0100)]
Add new functions to security-server API.

[Issue#]        SSDWSSP-45
[Cause]         Implement new APIs for getting SMACK label
                of peer in security-server
[Problem]       Two new function needed in API. Both returns
                SMACK labels but ttaking another parameters.
                First uses cookie, second socked descriptor.
[Solution]      New functions added
[Verification]  Tests should not fail

Change-Id: I4ca044230f1cba1174b61abae6b7641e1bbfcdbc

11 years agoCherry-pick release: security-server_0.0.62
Tomasz Swierczek [Fri, 18 Jan 2013 08:09:05 +0000 (09:09 +0100)]
Cherry-pick release: security-server_0.0.62

* Separated security-server and wrt-security-daemon
* This repository holds security-server now

Conflicts:

CMakeLists.txt
packaging/security-server.spec
socket_connection/connection/SocketStream.cpp
tests/CMakeLists.txt
tests/security_server_tests/CMakeLists.txt

Change-Id: I1185bb69f8517da9f5fa5299335e8cc856ba402f

11 years agoFixing communication problem with security-server
Zofia Abramowska [Wed, 16 Jan 2013 13:44:23 +0000 (14:44 +0100)]
Fixing communication problem with security-server

[Issue#] LINUXSWAP-454
[Bug] Security-server crashes
[Cause] No handling of SIGPIPE signal when writing to closed socket
[Solution] blocking SIGPIPE signal in all threads created by socket
service and handling error returned by write
[Verification] Build, run tests and check  JIRA bug(N_SE-20154)

Change-Id: Id6d15922bb9b94cb9ee565e9e90ed0e46a27e25c

11 years agoPrevent related bugfixes.
Mariusz Domanski [Tue, 15 Jan 2013 13:58:55 +0000 (14:58 +0100)]
Prevent related bugfixes.

[Issue] N/A
[Bug] Bugs found by Coverity.
[Cause] N/A
[Solution] Checking varibale values, catching exception.
[Verification] Build security-server, run all tests.

Change-Id: Ide143746a4a4ccc4cc575f14cfb3529d3b32d088

11 years agoAdd NOTICE file
Hyunwoo Kim [Tue, 15 Jan 2013 12:44:39 +0000 (21:44 +0900)]
Add NOTICE file

Change-Id: Icb39ceba4aaefb880d949f213cdf25bb47a34e5c

11 years ago[Prevent] Multiple minor bugfixes.
Jan Olszak [Mon, 14 Jan 2013 09:55:31 +0000 (10:55 +0100)]
[Prevent] Multiple minor bugfixes.

[Issue] Bugs found by Coverity.
[Bug] N/A
[Cause] N/A
[Solution] Fixed bugs.
[Verification] Build security-server.

Change-Id: I33df2ee3d0c8a6a1abbe6ff89063603c604bb2aa

11 years agoRe-enabling systemd configuration.
baik [Thu, 13 Dec 2012 00:51:07 +0000 (09:51 +0900)]
Re-enabling systemd configuration.

Change-Id: I7eb6c073b1614482331dff6d885c63848c47c7f9

11 years agoMerge "Invoke initiate_try to init variable"
Chengwei Yang [Fri, 11 Jan 2013 04:13:30 +0000 (13:13 +0900)]
Merge "Invoke initiate_try to init variable"

11 years agoRelease of changes from Samsung private repository.
Mariusz Domanski [Tue, 8 Jan 2013 17:01:54 +0000 (18:01 +0100)]
Release of changes from Samsung private repository.

* Fixed Prevent defects

Change-Id: I3468cf2754656c7f0b4a3cc619fcfdd1c758d2e6

11 years agoInvoke initiate_try to init variable
Chengwei Yang [Tue, 8 Jan 2013 07:49:29 +0000 (15:49 +0800)]
Invoke initiate_try to init variable

Change-Id: I382d1ad805dec133051f098ceb62a42559e0ab38
Signed-off-by: Chengwei Yang <chengwei.yang@intel.com>
11 years agoRelease of changes from Samsung private repository.
Pawel Polawski [Mon, 7 Jan 2013 14:00:27 +0000 (15:00 +0100)]
Release of changes from Samsung private repository.

* Fixed possible thread synchronization issue

Change-Id: I434ff4bf5c539dfe845d52369dc51d7bddc29081

11 years agoRelease of changes from Samsung private repository.
Tomasz Swierczek [Thu, 3 Jan 2013 13:58:33 +0000 (14:58 +0100)]
Release of changes from Samsung private repository.

* Enabled sockets in security server
* Removed old popup implementation

Change-Id: Iceb91878e48bd0cad819aa07e3de147a7befd1c8

11 years agoRelease of changes from Samsung private repository.
Tomasz Swierczek [Tue, 18 Dec 2012 09:08:10 +0000 (10:08 +0100)]
Release of changes from Samsung private repository.

* Adjusted TizenPolicy.xml - added missing "deny" clause for Untrusted widgets

Change-Id: Ic0bc673b1ed856bbd008dcc3e64202d6456fe529

11 years agoRelease of changes from Samsung private repository.
Tomasz Swierczek [Thu, 13 Dec 2012 09:50:43 +0000 (10:50 +0100)]
Release of changes from Samsung private repository.

* Adjusted TizenPolicy.xml according to Device API HQ team request

Change-Id: I399896954b5462119e365220b9f39a23956f6ae2

11 years ago[systemd] systemd boot script for security-server
baik [Thu, 13 Dec 2012 00:51:07 +0000 (09:51 +0900)]
[systemd] systemd boot script for security-server
          in addtion, add to verify middleware user.

11 years agoRelease of changes from Samsung private repository.
Tomasz Swierczek [Tue, 11 Dec 2012 17:50:09 +0000 (18:50 +0100)]
Release of changes from Samsung private repository.

* Fixed problem with leaving zombie after SIGTERM
* Turned on logs in "old security server".
* Added new TizenPolicy as per HQ WRT team request

Change-Id: I170af48d89407ff9dc770563bb3ab4aa47cabc6d

11 years agoRelease changes from Samsung private repository.
Tomasz Swierczek [Fri, 7 Dec 2012 15:06:00 +0000 (16:06 +0100)]
Release changes from Samsung private repository.

* Prepared headers for abstract communication client
* Added implementation of security socket server
* Added ace_is_private_api function in ace_settings
* Fixed klocwork bugs
* Added Partner API section in Tizen Policy
* Added build type required for code coverage analysis
* Removed deprecated headers from dev package

Change-Id: I57bf5912e45c6b6f5c514f45e52b60490404d244

11 years agorelease 0.0.48
Kidong Kim [Wed, 5 Dec 2012 10:01:42 +0000 (19:01 +0900)]
release 0.0.48

Change-Id: I8cb402cb786e55e5b6894c0b8fc4e5a0112900ac

11 years agoMerge branch 'for-rsa-systemd'
Jacek Migacz [Fri, 23 Nov 2012 15:36:12 +0000 (16:36 +0100)]
Merge branch 'for-rsa-systemd'

Change-Id: If23f809e103988990930032eafadf9c7b8ccb958