+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @brief
-#
-
-############################# Check minimum CMake version #####################
-
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-SET(CMAKE_EDIT_COMMAND vim)
-PROJECT("wrt-security")
-
-############################# cmake packages ##################################
-
-INCLUDE(FindPkgConfig)
-
-############################# compilation defines #############################
-
-# EMPTY
-
-############################# compiler flags ##################################
-
-SET(CMAKE_C_FLAGS_PROFILING "-O0 -g -pg")
-SET(CMAKE_CXX_FLAGS_PROFILING "-O0 -std=c++0x -g -pg")
-SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
-SET(CMAKE_CXX_FLAGS_DEBUG "-O0 -std=c++0x -g")
-SET(CMAKE_C_FLAGS_RELEASE "-O2 -g")
-SET(CMAKE_CXX_FLAGS_RELEASE "-O2 -std=c++0x -g")
-
-# If supported for the target machine, emit position-independent code,suitable
-# for dynamic linking and avoiding any limit on the size of the global offset
-# table. This option makes a difference on the m68k, PowerPC and SPARC.
-# (BJ: our ARM too?)
-ADD_DEFINITIONS("-fPIC")
-
-ADD_DEFINITIONS("-DSEPARATED_SINGLETON_IMPLEMENTATION")
-
-# Set the default ELF image symbol visibility to hidden - all symbols will be
-# marked with this unless overridden within the code.
-#ADD_DEFINITIONS("-fvisibility=hidden")
-
-# Set compiler warning flags
-#ADD_DEFINITIONS("-Werror") # Make all warnings into errors.
-ADD_DEFINITIONS("-Wall") # Generate all warnings
-ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings
-ADD_DEFINITIONS("-Wno-variadic-macros") # Inhibit variadic macros warnings (needed for ORM)
-ADD_DEFINITIONS("-Wno-deprecated") # No warnings about deprecated features
-ADD_DEFINITIONS("-std=c++0x") # No warnings about deprecated features
-ADD_DEFINITIONS("-DDPL_LOGS_ENABLED")
-
-############################# Targets names ###################################
-
-SET(TARGET_DAEMON "wrt-security-daemon")
-
-############################# subdirectories ##################################
-
-ADD_SUBDIRECTORY(src)
-ADD_SUBDIRECTORY(tests)
-
+++ /dev/null
-!!!options!!! stop
-Debian folder (rules, control etc.)
+++ /dev/null
-wrt-security (0.0.9) natty; urgency=low
-
- * Boilerplate update
-
- * Git : tizen2/pkgs/w/wrt-security
- * Tag : wrt-security_0.0.9
-
- -- Tae-Jeong Lee <taejeong.lee@samsung.com> Thu, 23 Feb 2012 16:19:19 +0900
-
-wrt-security (0.0.8) unstable; urgency=low
-
- * debianize
-
- * Git : tizen2/pkgs/w/wrt-security
- * Tag : wrt-security_0.0.8
-
- -- Yunchan Cho <yunchan.cho@samsung.com> Wed, 22 Feb 2012 17:00:49 +0900
-
-wrt-security (0.0.7) unstable; urgency=low
-
- * Init changelog
-
- * Git : tizen2/pkgs/w/wrt-security
- * Tag : wrt-security_0.0.7
-
- -- Jihoon Chung <jihoon.chung@samsung.com> Thu, 16 Feb 2012 10:44:19 +0900
+++ /dev/null
-Source: wrt-security
-Section: devel
-Priority: extra
-Maintainer: Bartlomiej Grzelewski<b.grzelewski@samsung.com>, Pawel Sikorski <p.sikorski@samsung.com>, yunchan Cho <yunchan.cho@samsung.com>, Jihoon Chung <jihoon.chung@samsung.com>
-Uploaders: Lukasz Wrzosek <l.wrzosek@samsung.com>, Grzegorz Krawczyk <g.krawczyk@samsung.com>, Soyoung Kim <sy037.kim@samsung.com>, Zbigniew Kostrzewa <z.kostrzewa@samsung.com>, Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
-Build-Depends: debhelper (>= 5), libglib2.0-dev, libsqlite3-dev, libwebkit-engine-dev, libelm-webview-dev, libxml2-dev, libdbus-1-dev, libefreet-dev, libappcore-efl-dev, openssl (>= 0.9.7), libcert-svc-dev, wrt-commons-dev (>= 0.2.1), libpcre-dev, libelm-dev, libecore-dev, libeina-dev, libui-gadget-dev, libslp-utilx-dev, libsecurity-server-client-dev, libpkgmgr-installer-dev, libxmlsec1-dev, libidn11-dev, libpkgmgr-types-dev, libss-client-dev, libiri-dev
-Standards-Version: 0.1.0
-
-Package: wrt-security
-Architecture: any
-Section: libs
-Depends: ${shlibs:Depends}, ${misc:Depends}, openssl, libug-picker-efl
-Replaces: wrt-security
-Provides: wrt-security
-Conflicts: wrt-security
-Description: online widget(W3C, BONDI, JIL, MSC) platform
-
-Package: wrt-security-dev
-Architecture: any
-Section: libs
-Depends: wrt-security (= ${Source-Version})
-Description: wrt security platform - dev
-
-#Package: wrt-security-test
-#Architecture: any
-#Section: libs
-#Depends: wrt-security (= ${Source-Version}), wrt-commons (>=0.2.9)
-#Description: wrt security platform - test programs
-
-Package: wrt-security-dbg
-Architecture: any
-Replaces: wrt-security-dbg
-Provides: wrt-security-dbg
-Conflicts: wrt-security-dbg
-Section: debug
-Depends: ${shlibs:Depends}, ${misc:Depends}, wrt (= ${Source-Version})
-Description: online widget(W3C, BONDI, JIL, MSC) platform - debug
+++ /dev/null
-usr/bin
-usr/sbin
-opt/share/icons/default/small
-opt/share/install-info/widget
-opt/apps/widget/system
-opt/apps/widget/user
-opt/apps/widget/exec
-opt/apps/widget/tests
-usr/etc/ace
-usr/apps/org.tizen.policy
-usr/lib/wrt-plugins
+++ /dev/null
-#!/usr/bin/make -f
-# -*- makefile -*-
-# Sample debian/rules that uses debhelper.
-# This file was originally written by Joey Hess and Craig Small.
-# As a special exception, when this file is copied by dh-make into a
-# dh-make output file, you may use that output file without restriction.
-# This special exception was added by Craig Small in version 0.37 of dh-make.
-
-# Uncomment this to turn on verbose mode.
-#export DH_VERBOSE=1
-
-
-# These are used for cross-compiling and for saving the configure script
-# from having to guess our platform (since we know it already)
-DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
-DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
-PACKAGE_VERSION ?= $(shell sed -n "1 p" debian/changelog | sed 's/.*(\(.*\)).*/\1/')
-
-PREFIX ?= /usr
-DATADIR ?= /opt
-LDFLAGS = -Wl,--rpath=$(PREFIX)/lib
-# Please set CFLAGS only in CMakeLists.txt, as they are dependent on CMake build type.
-
-
-ifeq (,$(findstring no,$(DPL_LOG)))
- DPL_LOGS_STATUS = "ON"
-else
- DPL_LOGS_STATUS = "OFF"
-endif
-
-ifeq (1,$(WRT_SKIP_ACE_SUPPORT))
- WRT_SKIP_ACE = "ON"
-else
- WRT_SKIP_ACE = "OFF"
-endif
-
-ifeq (1,$(WRT_SMACK_ENABLE))
- SMACK_STATUS = "ON"
-else
- SMACK_STATUS = "OFF"
-endif
-
-#for building with:
-#efl library, use TARGET=X1
-export TARGET=X1
-
-CMAKE_BUILD_DIR ?= $(CURDIR)/cmake_build_tmp
-
-#config.status: configure
-config.status:
- dh_testdir
- # Add here commands to configure the package.
- mkdir -p $(CMAKE_BUILD_DIR) && cd $(CMAKE_BUILD_DIR) && \
- cmake ${SRCDIR} -DBUILD_TYPE="${TARGET}" -DCMAKE_INSTALL_PREFIX="${PREFIX}" -DCMAKE_BUILD_TYPE="$(BUILD_TYPE)" -DDPL_LOG=$(DPL_LOGS_STATUS) -DSMACK_ENABLED=${SMACK_STATUS} -DCMAKE_PACKAGE_VERSION="$(PACKAGE_VERSION)" -DWRT_SKIP_ACE_SUPPORT="${WRT_SKIP_ACE}" ..
-
-
-build: build-stamp
-
-build-stamp: config.status
- dh_testdir
- # Add here commands to compile the package.
- cd $(CMAKE_BUILD_DIR) && $(MAKE) -j 4
- #docbook-to-man debian/ncurses.sgml > ncurses.1
-
- for f in `find $(CURDIR)/debian/ -name "*.in"`; do \
- cat $$f > $${f%.in}; \
- sed -i -e "s#@PREFIX@#$(PREFIX)#g" $${f%.in}; \
- sed -i -e "s#@DATADIR@#$(DATADIR)#g" $${f%.in}; \
- done
-
- touch $@
-
-clean:
- dh_testdir
- dh_testroot
- rm -f build-stamp
-
- # Add here commands to clean up after the build process.
- -find . -name CMakeFiles -exec rm -rf {} \;
- -find . -name cmake_install.cmake -exec rm {} \;
- #-find . -name Makefile -exec rm {} \;
- rm CMakeCache.txt -rf
- #-$(MAKE) distclean
- rm -rf $(CMAKE_BUILD_DIR)
- rm -rf autotools
- rm -rf aclocal.m4
- rm -rf configure
- rm -rf Makefile
- rm -rf Makefile.in
- rm -rf m4
- rm -rf libtool
- rm -rf build/config.*
- rm -rf build/depcomp
- rm -rf build/install-sh
- rm -rf build/ltmain.sh
- rm -rf build/missing
-
-ifneq "$(wildcard /usr/share/misc/config.sub)" ""
- cp -f /usr/share/misc/config.sub config.sub
-endif
-ifneq "$(wildcard /usr/share/misc/config.guess)" ""
- cp -f /usr/share/misc/config.guess config.guess
-endif
-
- for f in `find $(CURDIR)/debian/ -name "*.in"`; do \
- rm -f $${f%.in}; \
- done
-
- rm -rf config.*
- dh_clean
-
-install: build
- dh_testdir
- dh_testroot
- dh_clean -k
- dh_installdirs
-
- # Add here commands to install the package into debian/ncurses.
- cd $(CMAKE_BUILD_DIR) && $(MAKE) DESTDIR=$(CURDIR)/debian/tmp install
-
-
-# Build architecture-independent files here.
-binary-indep: build install
-# We have nothing to do by default.
-
-# Build architecture-dependent files here.
-binary-arch: build install
- dh_testdir
- dh_testroot
- dh_installchangelogs
- dh_installdocs
- dh_installexamples
- dh_install --sourcedir=debian/tmp
-# dh_installmenu
-# dh_installdebconf
-# dh_installlogrotate
-# dh_installemacsen
-# dh_installpam
-# dh_installmime
-# dh_python
-# dh_installinit
-# dh_installcron
-# dh_installinfo
- dh_installman
- dh_link
- dh_strip --dbg-package=wrt-security-dbg
- dh_compress
- dh_fixperms
-# dh_perl
- dh_makeshlibs
- dh_installdeb
- dh_shlibdeps
- dh_gencontrol
- dh_md5sums
- dh_builddeb
-
-binary: binary-indep binary-arch
-.PHONY: build clean binary-indep binary-arch binary install
+++ /dev/null
-#TODO ifs do not work here, so maybe somewhere else it should be generated
-#/usr/bin/wrt-daemon
-#/usr/share/dbus-1/services/org.tizen.SecurityDaemon.service
+++ /dev/null
-@PREFIX@/include/wrt-security/*
+++ /dev/null
-@PREFIX@/bin/wrt-test*
-@PREFIX@/etc/ace/*.xml
+++ /dev/null
-@PREFIX@/bin/wrt-security-daemon
-@PREFIX@/share/dbus-1/services
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-#
-
-SET(DAEMON_BASIC_DEP
- dpl-efl
- dpl-vcore
- dpl-wrt-dao-rw
- dpl-ace-dao-rw
- dpl-ace
- dpl-dbus-efl
- )
-
-PKG_CHECK_MODULES(DAEMON_DEP
- ${DAEMON_BASIC_DEP}
- REQUIRED)
-
-
-SET(DAEMON_SOURCES_PATH ${PROJECT_SOURCE_DIR}/src)
-
-SET(DAEMON_SOURCES
- ${DAEMON_SOURCES_PATH}/daemon/dbus/security_dbus_service.cpp
- ${DAEMON_SOURCES_PATH}/daemon/dbus/security_daemon_dbus_config.cpp
- ${DAEMON_SOURCES_PATH}/daemon/security_daemon.cpp
- ${DAEMON_SOURCES_PATH}/main.cpp
- #ocsp
- ${DAEMON_SOURCES_PATH}/services/ocsp/dbus/ocsp_server_dbus_interface.cpp
- ${DAEMON_SOURCES_PATH}/services/ocsp/logic/ocsp_controller.cpp
- ${DAEMON_SOURCES_PATH}/services/ocsp/ocsp_service.cpp
- #db
- ${DAEMON_SOURCES_PATH}/services/vcore_service.cpp
- #ace
- ${DAEMON_SOURCES_PATH}/services/ace/dbus/ace_server_dbus_interface.cpp
- ${DAEMON_SOURCES_PATH}/services/ace/ace_service.cpp
- ${DAEMON_SOURCES_PATH}/services/ace/logic/security_controller.cpp
- ${DAEMON_SOURCES_PATH}/services/ace/logic/attribute_facade.cpp
- ${DAEMON_SOURCES_PATH}/services/ace/logic/security_logic.cpp
- ${DAEMON_SOURCES_PATH}/services/ace/logic/simple_roaming_agent.cpp
- #popup
- ${DAEMON_SOURCES_PATH}/services/popup/dbus/popup_response_dbus_interface.cpp
- )
-
-
-############################# Lets start compilation process ##################
-
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/dbus)
-#ace
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/dbus)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/logic)
-#ocsp
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/dbus)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/logic)
-#popup
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/dbus)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/logic)
-INCLUDE_DIRECTORIES(${DAEMON_DEP_INCLUDE_DIRS})
-
-ADD_EXECUTABLE(${TARGET_DAEMON}
- ${DAEMON_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_DAEMON}
- ${DAEMON_DEP_LIBRARIES})
-
-INSTALL(TARGETS ${TARGET_DAEMON}
- DESTINATION bin
- PERMISSIONS OWNER_READ GROUP_READ GROUP_EXECUTE
- )
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/src/services/ace/dbus/org.tizen.SecurityDaemon.service
- DESTINATION /usr/share/dbus-1/services
- )
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/src/services/ace/dbus/api/ace_server_api.h
- ${PROJECT_SOURCE_DIR}/src/services/ocsp/dbus/api/ocsp_server_api.h
- ${PROJECT_SOURCE_DIR}/src/services/popup/dbus/api/popup_response_server_api.h
- DESTINATION /usr/include/wrt-security
- )
+++ /dev/null
-Security Daemon todos:
-
-* One runtime instance should be allowed (DONE)
-* Hide application symbols that should not be exported.
-* Add support for service/module dependencies.
-* Signals blocking/handlers should be added.
-* Connections to other databases should be set.
-* Make it a real daemon (demonize ? auto restarting support ?)
-* Same of the files needs to be separated from the rest of WebRuntime sources:
- - global_config.cpp
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file security_daemon_dbus_config.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief This file contains security daemon DBus configuration constants.
- */
-#include "security_daemon_dbus_config.h"
-
-#include <string>
-
-namespace RPC {
-
-const std::string SecurityDaemonConfig::OBJECT_PATH =
- "/org/tizen/SecurityDaemon";
-const std::string SecurityDaemonConfig::SERVICE_NAME =
- "org.tizen.SecurityDaemon";
-
-} // namespace RPC
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file security_daemon_dbus_config.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief This file contains security daemon DBus configuration.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_DBUS_CONFIG_H_
-#define WRT_SRC_RPC_SECURITY_DAEMON_DBUS_CONFIG_H_
-
-#include <string>
-
-namespace RPC {
-
-struct SecurityDaemonConfig {
- static const std::string OBJECT_PATH;
- static const std::string SERVICE_NAME;
-};
-
-} // namespace RPC
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_DBUS_CONFIG_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file security_dbus_service.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @author Zbigniew Kostrzewa (z.kostrzewa@samsung.com)
- * @version 1.0
- * @brief This file contains implementation of security DBus service.
- */
-#include <dpl/log/log.h>
-#include <algorithm>
-#include <gio/gio.h>
-#include <dpl/exception.h>
-#include <dpl/dbus/interface.h>
-#include <dpl/dbus/connection.h>
-#include "security_dbus_service.h"
-#include "security_daemon_dbus_config.h"
-#include <ace_server_dbus_interface.h>
-#include <ocsp_server_dbus_interface.h>
-#include <popup_response_dbus_interface.h>
-
-void SecurityDBusService::start()
-{
- LogDebug("SecurityDBusService starting");
- m_connection = DPL::DBus::Connection::systemBus();
- std::for_each(m_objects.begin(),
- m_objects.end(),
- [&m_connection] (const DPL::DBus::ObjectPtr& object)
- {
- m_connection->registerObject(object);
- });
- m_connection->registerService(RPC::SecurityDaemonConfig::SERVICE_NAME);
-}
-
-void SecurityDBusService::stop()
-{
- LogDebug("SecurityDBusService stopping");
- m_connection.reset();
-}
-
-void SecurityDBusService::initialize()
-{
- LogDebug("SecurityDBusService initializing");
- g_type_init();
-
- addInterface(RPC::SecurityDaemonConfig::OBJECT_PATH,
- std::make_shared<RPC::AceServerDBusInterface>());
- addInterface(RPC::SecurityDaemonConfig::OBJECT_PATH,
- std::make_shared<RPC::OcspServerDBusInterface>());
- addInterface(RPC::SecurityDaemonConfig::OBJECT_PATH,
- std::make_shared<RPC::PopupResponseDBusInterface>());
-}
-
-void SecurityDBusService::addInterface(const std::string& objectPath,
- const InterfaceDispatcherPtr& dispatcher)
-{
- auto ifaces =
- DPL::DBus::Interface::fromXMLString(dispatcher->getXmlSignature());
- if (ifaces.empty())
- {
- ThrowMsg(DPL::Exception, "No interface description.");
- }
-
- auto iface = ifaces.at(0);
- iface->setDispatcher(dispatcher.get());
-
- m_dispatchers.push_back(dispatcher);
- m_objects.push_back(DPL::DBus::Object::create(objectPath, iface));
-}
-
-void SecurityDBusService::deinitialize()
-{
- LogDebug("SecurityDBusService deinitializing");
- m_objects.clear();
- m_dispatchers.clear();
-}
-
-DAEMON_REGISTER_SERVICE_MODULE(SecurityDBusService)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file security_dbus_service.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @author Zbigniew Kostrzewa (z.kostrzewa@samsung.com)
- * @version 1.0
- * @brief This file contains definitions of security DBus service.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DBUS_SERVICE_H_
-#define WRT_SRC_RPC_SECURITY_DBUS_SERVICE_H_
-
-#include <memory>
-#include <vector>
-#include <dpl/dbus/connection.h>
-#include <dpl/dbus/object.h>
-#include <dpl/dbus/dispatcher.h>
-#include <dpl/dbus/dbus_interface_dispatcher.h>
-#include <security_daemon.h>
-
-class SecurityDBusService : public SecurityDaemon::DaemonService {
-private:
- virtual void initialize();
- virtual void start();
- virtual void stop();
- virtual void deinitialize();
-
-private:
- typedef std::shared_ptr<DPL::DBus::InterfaceDispatcher> InterfaceDispatcherPtr;
- typedef std::shared_ptr<DPL::DBus::Dispatcher> DispatcherPtr;
-
- void addInterface(const std::string& objectPath,
- const InterfaceDispatcherPtr& dispatcher);
-
- DPL::DBus::ConnectionPtr m_connection;
- std::vector<DPL::DBus::ObjectPtr> m_objects;
- std::vector<DispatcherPtr> m_dispatchers;
-};
-
-#endif // WRT_SRC_RPC_SECURITY_DBUS_SERVICE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file security_daemon.cpp
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief This is implementation file of Security Daemon
- */
-
-#include "security_daemon.h"
-
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-
-#include <dpl/framework_efl.h>
-
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(SecurityDaemon::SecurityDaemon)
-
-#include <dpl/vcore/vcore/VCore.h>
-#include <dpl/wrt-dao-ro/WrtDatabase.h>
-#include <dpl/ace-dao-rw/AceDAO.h>
-
-namespace SecurityDaemon {
-
-//This is declared not in SecurityDaemon class, so no Ecore.h is needed there.
-static Ecore_Event_Handler *g_exitHandler;
-static Eina_Bool exitHandler(void */*data*/, int /*type*/, void */*event*/)
-{
- auto& daemon = SecurityDaemonSingleton::Instance();
- daemon.terminate(0);
-
- return ECORE_CALLBACK_CANCEL;
-}
-
-SecurityDaemon::SecurityDaemon() :
- m_initialized(false),
- m_terminating(false),
- m_returnValue(0)
-{
-}
-
-void SecurityDaemon::initialize(int& /*argc*/, char** /*argv*/)
-{
- LogDebug("Initializing");
- Assert(!m_initialized && "Already Initialized");
-
- g_exitHandler = ecore_event_handler_add(ECORE_EVENT_SIGNAL_EXIT,
- &exitHandler,
- NULL);
-
- DatabaseService::initialize();
- FOREACH (service, m_servicesList) {
- (*service)->initialize();
- }
- m_initialized = true;
- LogDebug("Initialized");
-}
-
-int SecurityDaemon::execute()
-{
- Assert(m_initialized && "Not Initialized");
- LogDebug("Starting execute");
- FOREACH (service, m_servicesList) {
- (*service)->start();
- }
- ecore_main_loop_begin();
- return m_returnValue;
-}
-
-void SecurityDaemon::terminate(int returnValue)
-{
- Assert(m_initialized && "Not Initialized");
- Assert(!m_terminating && "Already terminating");
- LogDebug("Terminating");
-
- ecore_event_handler_del(g_exitHandler);
-
- m_returnValue = returnValue;
- m_terminating = true;
-
- FOREACH (service, m_servicesList) {
- (*service)->stop();
- }
-
- ecore_main_loop_quit();
-}
-
-void SecurityDaemon::shutdown()
-{
- LogDebug("Shutdown");
- Assert(m_initialized && "Not Initialized");
- Assert(m_terminating && "Not terminated");
-
- DatabaseService::deinitialize();
- FOREACH (service, m_servicesList) {
- (*service)->deinitialize();
- }
-
- m_initialized = false;
-}
-
-namespace DatabaseService {
-
-void initialize(void)
-{
- LogDebug("DatabaseService initializing");
- ValidationCore::AttachToThread();
- AceDB::AceDAO::attachToThread();
- WrtDB::WrtDatabase::attachToThread();
-}
-
-void deinitialize(void)
-{
- LogDebug("DatabaseService deinitializing");
- ValidationCore::DetachFromThread();
- AceDB::AceDAO::detachFromThread();
- WrtDB::WrtDatabase::detachFromThread();
-}
-
-} //namespace DatabaseService
-
-} //namespace SecurityDaemon
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file security_daemon.h
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief This is header file of Security Daemon
- */
-
-#ifndef WRT_SRC_SECURITY_DAEMON_SECURITY_DAEMON_H
-#define WRT_SRC_SECURITY_DAEMON_SECURITY_DAEMON_H
-
-#include <utility>
-#include <memory>
-#include <list>
-#include <dpl/noncopyable.h>
-#include <dpl/singleton.h>
-#include <dpl/assert.h>
-
-namespace SecurityDaemon {
-
-class DaemonService : DPL::Noncopyable {
- public:
- virtual void initialize() = 0;
- virtual void start() = 0;
- virtual void stop() = 0;
- virtual void deinitialize() = 0;
-};
-
-class SecurityDaemon : DPL::Noncopyable
-{
- public:
- SecurityDaemon();
-
- void initialize(int& argc, char** argv);
- int execute();
- void terminate(int returnValue = 0);
-
- template<typename ServiceType, typename ...Args>
- void registerService(Args&&... args)
- {
- Assert(!m_initialized && "Too late for registration");
-
- m_servicesList.push_back(
- std::make_shared<ServiceType>(std::forward<Args>(args)...));
- }
-
- void shutdown();
-
- private:
- bool m_initialized;
- bool m_terminating;
- int m_returnValue;
- typedef std::list<std::shared_ptr<DaemonService>> DaemonServiceList;
- DaemonServiceList m_servicesList;
-};
-
-namespace DatabaseService {
- void initialize();
- void deinitialize();
-};
-
-} //namespace SecurityDaemon
-
-typedef DPL::Singleton<SecurityDaemon::SecurityDaemon> SecurityDaemonSingleton;
-
-#define DAEMON_REGISTER_SERVICE_MODULE(Type) \
- namespace { \
- static int initializeModule(); \
- static int initializeModuleHelper = initializeModule(); \
- int initializeModule() \
- { \
- (void)initializeModuleHelper; \
- SecurityDaemonSingleton::Instance().registerService<Type>(); \
- return 0; \
- } \
- }
-
-
-#endif /* WRT_SRC_SECURITY_DAEMON_SECURITY_DAEMON_H */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file main.cpp
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief This is main routing for Security Daemon
- */
-
-#include <string>
-
-#include <dpl/application.h>
-#include <dpl/log/log.h>
-#include <dpl/single_instance.h>
-
-#include "security_daemon.h"
-
-static const std::string DAEMON_INSTANCE_UUID =
- "5ebf3f24-dad6-4a27-88b4-df7970efe7a9";
-
-int main(int argc, char* argv[])
-{
- DPL::SingleInstance instance;
- if (!instance.TryLock(DAEMON_INSTANCE_UUID)) {
- LogError("Security Daemon is already running");
- return -1;
- }
-
- auto& daemon = SecurityDaemonSingleton::Instance();
-
- daemon.initialize(argc, argv);
-
- //Run daemon
- auto retVal = daemon.execute();
-
- daemon.shutdown();
- instance.Release();
-
- return retVal;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file ace_service.cpp
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief This is implementation file of AceService service
- */
-
-#include <dpl/log/log.h>
-#include <security_controller.h>
-
-#include "security_daemon.h"
-
-namespace AceService
-{
-
-class AceService : public SecurityDaemon::DaemonService
-{
- private:
- virtual void initialize()
- {
- LogDebug("AceService initializing");
-
- SecurityControllerSingleton::Instance().Touch();
- SecurityControllerSingleton::Instance().SwitchToThread(NULL);
-
- CONTROLLER_POST_SYNC_EVENT(
- SecurityController,
- SecurityControllerEvents::InitializeSyncEvent());
- }
-
- virtual void start()
- {
- LogDebug("Starting AceService");
- }
-
- virtual void stop()
- {
- LogDebug("Stopping AceService");
- }
-
- virtual void deinitialize()
- {
- LogDebug("AceService deinitializing");
- SecurityControllerSingleton::Instance().SwitchToThread(NULL);
- //this is direct call inside
- CONTROLLER_POST_SYNC_EVENT(
- SecurityController,
- SecurityControllerEvents::TerminateSyncEvent());
- }
-
-};
-
-DAEMON_REGISTER_SERVICE_MODULE(AceService)
-
-}//namespace AceService
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ace_service_dbus_interface.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief Implementation of ACE server API.
- */
-#include <dpl/foreach.h>
-#include <vector>
-#include <string>
-#include "ace_server_dbus_interface.h"
-#include <dpl/dbus/dbus_server_deserialization.h>
-#include <dpl/dbus/dbus_server_serialization.h>
-
-#include <dpl/ace/Request.h>
-#include <dpl/ace/PolicyResult.h>
-#include <security_controller.h>
-#include <attribute_facade.h>
-
-
-namespace RPC {
-
-void AceServerDBusInterface::onMethodCall(const gchar* methodName,
- GVariant* parameters,
- GDBusMethodInvocation* invocation)
-{
- using namespace WrtSecurity;
-
- if (0 == g_strcmp0(methodName, AceServerApi::ECHO_METHOD().c_str()))
- {
- std::string str;
- DPL::DBus::ServerDeserialization::deserialize(parameters, &str);
- g_dbus_method_invocation_return_value(invocation,
- DPL::DBus::ServerSerialization::serialize(str));
- } else if (0 == g_strcmp0(methodName,
- AceServerApi::CHECK_ACCESS_METHOD().c_str()))
- {
- int widgetHandle;
- std::string subject, resource;
- std::vector<std::string> paramNames, paramValues;
- if (!DPL::DBus::ServerDeserialization::deserialize(parameters,
- &widgetHandle,
- &subject,
- &resource,
- ¶mNames,
- ¶mValues)) {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.AceCheckAccessInterface.UnknownError",
- "Error in deserializing input parameters");
- return;
- }
- if (paramNames.size() != paramValues.size()) {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.AceCheckAccessInterface.UnknownError",
- "Varying sizes of parameter names and parameter values");
- return;
- }
- LogDebug("We got subject: " << subject);
- LogDebug("We got resource: " << resource);
-
- FunctionParamImpl params;
- for (size_t i = 0; i < paramNames.size(); ++i) {
- params.addAttribute(paramNames[i], paramValues[i]);
- }
-
- Request request(widgetHandle,
- WidgetExecutionPhase_Invoke,
- ¶ms);
- request.addDeviceCapability(resource);
-
- PolicyResult result(PolicyEffect::DENY);
- CONTROLLER_POST_SYNC_EVENT(
- SecurityController,
- SecurityControllerEvents::CheckFunctionCallSyncEvent(
- &result,
- &request));
-
- int response = PolicyResult::serialize(result);
- g_dbus_method_invocation_return_value(invocation,
- DPL::DBus::ServerSerialization::serialize(response));
- } else {
- // invalid method name
- g_dbus_method_invocation_return_value(invocation, NULL);
- }
-}
-
-} // namespace RPC
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ace_service_dbus_interface.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief Class that handles ACE server API.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_DBUS_INTERFACE_H_
-#define WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_DBUS_INTERFACE_H_
-
-#include <dpl/dbus/dbus_interface_dispatcher.h>
-#include "api/ace_server_api.h"
-
-namespace RPC {
-
-class AceServerDBusInterface : public DPL::DBus::InterfaceDispatcher {
- public:
- AceServerDBusInterface():
- DPL::DBus::InterfaceDispatcher(WrtSecurity::AceServerApi::INTERFACE_NAME())
- {
- using namespace WrtSecurity;
-
- setXmlSignature("<node>"
- " <interface name='" + AceServerApi::INTERFACE_NAME() + "'>"
- " <method name='" + AceServerApi::ECHO_METHOD() + "'>"
- " <arg type='s' name='input' direction='in'/>"
- " <arg type='s' name='output' direction='out'/>"
- " </method>"
- " <method name='" + AceServerApi::CHECK_ACCESS_METHOD() + "'>"
- " <arg type='i' name='handle' direction='in'/>"
- " <arg type='s' name='subject' direction='in'/>"
- " <arg type='s' name='resource' direction='in'/>"
- " <arg type='as' name='parameter names' direction='in'/>"
- " <arg type='as' name='parameter values' direction='in'/>"
- " <arg type='i' name='output' direction='out'/>"
- " </method>"
- " </interface>"
- "</node>");
- }
-
- virtual ~AceServerDBusInterface()
- {}
-
- virtual void onMethodCall(const gchar* methodName,
- GVariant* parameters,
- GDBusMethodInvocation* invocation);
-};
-
-} // namespace RPC
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_DBUS_INTERFACE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ace_server_api.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief This file contains definitions ACE server interface & methods.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_API_H_
-#define WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_API_H_
-
-#include<string>
-
-
-namespace WrtSecurity{
-namespace AceServerApi{
-
- // DBus interface names
- inline const std::string INTERFACE_NAME()
- {
- return "org.tizen.AceCheckAccessInterface";
- }
-
- // RPC test function
- // IN std::string
- // OUT std::string
- inline const std::string ECHO_METHOD()
- {
- return "echo";
- }
-
- // IN string subject
- // IN string resource
- // IN vector<string> function param names
- // IN vector<string> function param values
- // OUT int allow, deny, popup type
- inline const std::string CHECK_ACCESS_METHOD()
- {
- return "check_access";
- }
-};
-};
-
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_ACE_SERVER_API_H_
+++ /dev/null
-[D-BUS Service]
-Name=org.tizen.SecurityDaemon
-Exec=/usr/bin/wrt-security-daemon
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * This file contain consts for Signing Template and Policy Manager
- * This values will be used to specified and identified algorithms in xml policy documents.
- * Its consistent with BONDI 1.0 released requirements
- *
- * NOTE: This values should be verified when ACF will be updated to the latest version of BONDI requirements
- * This values comes from widget digital signature 1.0 - required version of this doc is very important
- *
- **/
-
-#ifndef ACF_CONSTS_TYPES_H
-#define ACF_CONSTS_TYPES_H
-
-//Digest Algorithms
-extern const char* DIGEST_ALG_SHA256;
-
-//Canonicalization Algorithms
-extern const char* CANONICAL_ALG_C14N;
-
-//Signature Algorithms
-extern const char* SIGNATURE_ALG_RSA_with_SHA256;
-extern const char* SIGNATURE_ALG_DSA_with_SHA1;
-extern const char* SIGNATURE_ALG_ECDSA_with_SHA256;
-
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * This file contains classes that implement WRT_INTERFACE.h interfaces,
- * so that ACE could access WRT specific and other information during
- * the decision making.
- *
- * @file attribute_.cpp
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @version 1.0
- * @brief Implementation file for attributes obtaining.
- */
-
-#include <dpl/exception.h>
-#include <sstream>
-#include <algorithm>
-#include <list>
-#include <string>
-#include <sstream>
-#include <stdexcept>
-#include <map>
-#include <cstdlib>
-#include <dpl/wrt-dao-rw/widget_dao.h>
-#include <dpl/wrt-dao-rw/feature_dao.h>
-#include <dpl/ace/WRT_INTERFACE.h>
-#include <map>
-#include <dpl/log/log.h>
-#include <attribute_facade.h>
-#include <dpl/ace/Request.h>
-#include <simple_roaming_agent.h>
-
-using namespace WrtDB;
-
-namespace // anonymous
-{
-typedef std::list<std::string> AttributeHandlerResponse;
-
-typedef AttributeHandlerResponse (*AttributeHandler)(
- const WidgetExecutionPhase &phase,
- const WidgetHandle &widgetHandle);
-typedef AttributeHandlerResponse (*ResourceAttributeHandler)(
- const WidgetExecutionPhase &phase,
- const WidgetHandle &widgetHandle,
- const Request &request);
-
-AttributeHandlerResponse AttributeClassHandler(const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle & /*widgetHandle*/)
-{
- AttributeHandlerResponse response;
- response.push_back("widget");
- return response;
-}
-
-AttributeHandlerResponse AttributeInstallUriHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- std::string value = dao.getShareHref();
-
- if (!value.empty()) {
- response.push_back(value);
- }
-
- return response;
-}
-
-AttributeHandlerResponse AttributeVersionHandler(const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- DPL::Optional<DPL::String> value = dao.getVersion();
-
- if (!!value) {
- response.push_back(DPL::ToUTF8String(*value));
- }
-
- return response;
-}
-
-AttributeHandlerResponse AttributeDistributorKeyCnHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyCommonNameList(WidgetCertificateData::DISTRIBUTOR,
- WidgetCertificateData::ENDENTITY);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeDistributorKeyFingerprintHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyFingerprints(WidgetCertificateData::DISTRIBUTOR,
- WidgetCertificateData::ENDENTITY);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeDistributorKeyRootCnHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyCommonNameList(WidgetCertificateData::DISTRIBUTOR,
- WidgetCertificateData::ROOT);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeDistributorKeyRootFingerprintHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyFingerprints(WidgetCertificateData::DISTRIBUTOR,
- WidgetCertificateData::ROOT);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeAuthorKeyCnHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyCommonNameList(WidgetCertificateData::AUTHOR,
- WidgetCertificateData::ENDENTITY);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeAuthorKeyFingerprintHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyFingerprints(WidgetCertificateData::AUTHOR,
- WidgetCertificateData::ENDENTITY);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeAuthorKeyRootCnHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyCommonNameList(WidgetCertificateData::AUTHOR,
- WidgetCertificateData::ROOT);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeAuthorKeyRootFingerprintHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- response = dao.getKeyFingerprints(WidgetCertificateData::AUTHOR,
- WidgetCertificateData::ROOT);
-
- return response;
-}
-
-AttributeHandlerResponse AttributeNetworkAccessUriHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle & /*widgetHandle*/)
-{
- AttributeHandlerResponse response;
- return response;
-}
-
-AttributeHandlerResponse AttributeIdHandler(const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
- WidgetGUID wGUID = dao.getGUID();
-
- if (!!wGUID) {
- response.push_back(DPL::ToUTF8String(*wGUID));
- }
- return response;
-}
-
-//AttributeHandlerResponse AttributeNameHandler(const WidgetExecutionPhase & /*phase*/,
-// const WidgetHandle &widgetHandle)
-//{
-// AttributeHandlerResponse response;
-//
-// WidgetLocalizedInfo info =
-// W3CFileLocalization::getLocalizedInfo(widgetHandle);
-//
-// DPL::Optional<DPL::String> val = info.name;
-// std::string value = !!val ? DPL::ToUTF8String(*val) : "";
-//
-// response.push_back(value);
-// return response;
-//}
-//
-//AttributeHandlerResponse AttributeWidgetAttrNameHandler(
-// const WidgetExecutionPhase & /*phase*/,
-// const WidgetHandle &widgetHandle)
-//{
-// AttributeHandlerResponse response;
-//
-// WidgetLocalizedInfo info =
-// W3CFileLocalization::getLocalizedInfo(widgetHandle);
-//
-// DPL::Optional<DPL::String> value = info.name;
-//
-// if (!!value) {
-// response.push_back(DPL::ToUTF8String(*value));
-// }
-//
-// return response;
-//}
-
-AttributeHandlerResponse AttributeAuthorNameHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle)
-{
- AttributeHandlerResponse response;
- WidgetDAOReadOnly dao(widgetHandle);
-
- DPL::Optional<DPL::String> value = dao.getAuthorName();
-
- if (!!value) {
- response.push_back(DPL::ToUTF8String(*value));
- }
-
- return response;
-}
-
-AttributeHandlerResponse AttributeRoamingHandler(
- const WidgetExecutionPhase &phase,
- const WidgetHandle & /*widgetHandle*/)
-{
- AttributeHandlerResponse response;
-
- if (WidgetExecutionPhase_WidgetInstall == phase) {
- // TODO undetermind value
- response.push_back(std::string(""));
- } else if (SimpleRoamingAgentSingleton::Instance().IsRoamingOn()) {
- response.push_back(std::string("true"));
- } else {
- response.push_back(std::string("false"));
- }
-
- return response;
-}
-
-AttributeHandlerResponse AttributeBearerTypeHandler(
- const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle & /*widgetHandle*/)
-{
- AttributeHandlerResponse response;
-
- std::string bearerName = "undefined-bearer-name";
-
- if (bearerName.empty()) {
- LogWarning("Bearer-type is NOT SET or empty");
- } else {
- response.push_back(bearerName);
- }
-
- return response;
-}
-
-struct AttributeHandlerContext
-{
- std::string name;
- WidgetExecutionPhase allowedPhaseMask;
- AttributeHandler handler;
-};
-
-// Private masks
-const WidgetExecutionPhase WidgetExecutionPhase_All =
- static_cast<WidgetExecutionPhase>(
- WidgetExecutionPhase_WidgetInstall |
- WidgetExecutionPhase_WidgetInstantiate |
- WidgetExecutionPhase_WebkitBind |
- WidgetExecutionPhase_Invoke);
-const WidgetExecutionPhase WidgetExecutionPhase_NoWidgetInstall =
- static_cast<WidgetExecutionPhase>(
- WidgetExecutionPhase_WidgetInstantiate |
- WidgetExecutionPhase_WebkitBind |
- WidgetExecutionPhase_Invoke);
-
-#define ALL_PHASE(name, handler) \
- { # name, WidgetExecutionPhase_All, handler },
-
-#define NO_INSTALL(name, handler) \
- { # name, WidgetExecutionPhase_NoWidgetInstall, handler },
-
-AttributeHandlerContext HANDLED_ATTRIBUTES_LIST[] = {
- ALL_PHASE(Class, &AttributeClassHandler)
- ALL_PHASE(install-uri, &AttributeInstallUriHandler)
- ALL_PHASE(version, &AttributeVersionHandler)
- ALL_PHASE(distributor-key-cn, &AttributeDistributorKeyCnHandler)
- ALL_PHASE(distributor-key-fingerprint,
- &AttributeDistributorKeyFingerprintHandler)
- ALL_PHASE(distributor-key-root-cn,
- &AttributeDistributorKeyRootCnHandler)
- ALL_PHASE(distributor-key-root-fingerprint,
- &AttributeDistributorKeyRootFingerprintHandler)
- ALL_PHASE(author-key-cn, &AttributeAuthorKeyCnHandler)
- ALL_PHASE(author-key-fingerprint, &AttributeAuthorKeyFingerprintHandler)
- ALL_PHASE(author-key-root-cn, &AttributeAuthorKeyRootCnHandler)
- ALL_PHASE(author-key-root-fingerprint,
- &AttributeAuthorKeyRootFingerprintHandler)
- ALL_PHASE(network-access-uri, &AttributeNetworkAccessUriHandler)
- ALL_PHASE(id, &AttributeIdHandler)
-// ALL_PHASE(name, &AttributeNameHandler)
-// ALL_PHASE(widget-attr:name, &AttributeWidgetAttrNameHandler)
- ALL_PHASE(author-name, &AttributeAuthorNameHandler)
- /* Enviroment attributes*/
- NO_INSTALL(roaming, &AttributeRoamingHandler)
- NO_INSTALL(bearer-type, &AttributeBearerTypeHandler)
-};
-
-#undef ALL_PHASE
-#undef NO_INSTALL
-
-const size_t HANDLED_ATTRIBUTES_LIST_COUNT =
- sizeof(HANDLED_ATTRIBUTES_LIST) / sizeof(HANDLED_ATTRIBUTES_LIST[0]);
-
-template<class T>
-class lambdaCollectionPusher
-{
- public:
- std::list<T>& m_collection;
- lambdaCollectionPusher(std::list<T>& collection) : m_collection(collection)
- {
- }
- void operator()(const T& element) const
- {
- m_collection.push_back(element);
- }
-};
-
-class lambdaWidgetPrefixEquality :
- public std::binary_function<WidgetFeature, std::string, bool>
-{
- public:
- bool operator()(const WidgetFeature& wFeature,
- const std::string& prefix) const
- {
- return wFeature.name.find(DPL::FromUTF8String(prefix)) !=
- DPL::String::npos;
- }
-};
-
-class lambdaWidgetNameEquality :
- public std::binary_function<WidgetFeature, std::string, bool>
-{
- public:
- bool operator()(const WidgetFeature& wFeature,
- const std::string& prefix) const
- {
- return wFeature.name == DPL::FromUTF8String(prefix);
- }
-};
-
-FeatureHandleList getFeatureHandleList(const WidgetHandle& widgetHandle,
- const std::string& resourceId)
-{
- FeatureHandleList featureHandleList;
- WidgetDAOReadOnly widgetDAO(widgetHandle);
- WidgetFeatureSet wFeatureSet = widgetDAO.getFeaturesList();
- WidgetFeatureSet::iterator foundFeatures =
- std::find_if(wFeatureSet.begin(),
- wFeatureSet.end(),
- std::bind2nd(lambdaWidgetPrefixEquality(), resourceId));
-
- if (foundFeatures != wFeatureSet.end()) {
- FeatureDAOReadOnly featureDAO(resourceId);
- featureHandleList.push_back(featureDAO.GetFeatureHandle());
- }
- return featureHandleList;
-}
-
-AttributeHandlerResponse AttributeDeviceCapHandler(const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle & /*widgetHandle*/,
- const Request &request)
-{
- AttributeHandlerResponse response;
-
- Request::DeviceCapabilitySet capSet = request.getDeviceCapabilitySet();
- LogDebug("device caps set contains");
- FOREACH(dc, capSet)
- {
- LogDebug("-> " << *dc);
- }
-
- std::for_each(
- capSet.begin(),
- capSet.end(),
- lambdaCollectionPusher<std::string>(response));
-
- return response;
-
- // We should return list of device-caps required by resourceId.
- // AttributeHandlerResponse response;
- //
- // FeatureHandleList fHandleList =
- // getFeatureHandleList(widgetHandle, resourceId);
- // if( !fHandleList.empty() )
- // {
- // FeatureDAO feature( resourceId );
- // std::set<std::string> deviceCapLast =
- // feature.GetDeviceCapabilities();
- // std::for_each(
- // deviceCapList.begin(),
- // deviceCapList.end(),
- // lambdaCollectionPusher<DeviceCapList::value_type>(
- // response) );
- // }
- // return response;
-}
-
-class lambdaFeatureEquality :
- public std::binary_function<FeatureHandle, int, bool>
-{
- public:
- bool operator()(const FeatureHandle& wFeature,
- const int& resurceId) const
- {
- return wFeature == resurceId;
- }
-};
-
-class lambdaPushFeatureName :
- public std::binary_function<WidgetFeature, AttributeHandlerResponse, void>
-{
- void operator()(const WidgetFeature& wFeature,
- AttributeHandlerResponse& response) const
- {
- response.push_back(DPL::ToUTF8String(wFeature.name));
- }
-};
-
-AttributeHandlerResponse AttributeApiFeatureHandler(
- const WidgetExecutionPhase & /* phase */,
- const WidgetHandle & /* widgetHandle */,
- const Request & /* request */)
-{
- LogDebug("WAC 2.0 does not support api-feature and resource-id in policy.");
- AttributeHandlerResponse response;
- return response;
- // Wrt shouldn't ask about resource which is not listed in
- // (widget) config.xml file
- //
- // AttributeHandlerResponse response;
- // WidgetDAOReadOnly widgetDAO(widgetHandle);
- // WidgetFeatureSet wFeatureSet = widgetDAO.GetFeaturesList();
- // std::string featureName = resourceId;
- // WidgetFeatureSet::iterator foundFeatures =
- // std::find_if(wFeatureSet.begin(),
- // wFeatureSet.end(),
- // std::bind2nd(lambdaWidgetPrefixEquality(),
- // featureName));
- //
- // while( foundFeatures != wFeatureSet.end() )
- // {
- // response.push_back( foundFeatures->name );
- // LogDebug("Found feature: " << foundFeatures->name );
- // foundFeatures++;
- // }
- //
- // return response;
-}
-
-typedef std::string (FeatureDAOReadOnly::*FNMETHOD)() const;
-
-AttributeHandlerResponse GetFeatureAttributeGroup(const WidgetExecutionPhase & /*phase*/,
- const WidgetHandle &widgetHandle,
- const std::string& resourceId,
- FNMETHOD function)
-{
- AttributeHandlerResponse response;
- FeatureHandleList fHandleList =
- getFeatureHandleList(widgetHandle, resourceId);
- if (!fHandleList.empty()) {
- FeatureDAOReadOnly featureDAO(fHandleList.front());
- std::string attribute = (featureDAO.*function)();
- response.push_back(attribute);
- }
- return response;
-}
-
-AttributeHandlerResponse AttributeFeatureInstallUriHandler(
- const WidgetExecutionPhase & /* phase */,
- const WidgetHandle & /* widgetHandle */,
- const Request & /* request */)
-{
- LogDebug("WAC 2.0 does not support feature-install-uri is policy!");
- AttributeHandlerResponse response;
- return response;
-}
-
-AttributeHandlerResponse AttributeFeatureFeatureKeyCnHandler(
- const WidgetExecutionPhase & /* phase */,
- const WidgetHandle & /* widgetHandle */,
- const Request & /* request */)
-{
- LogDebug("WAC 2.0 does not support feature-key-cn is policy!");
- AttributeHandlerResponse response;
- return response;
-}
-
-AttributeHandlerResponse AttributeFeatureKeyRootCnHandler(
- const WidgetExecutionPhase & /* phase */,
- const WidgetHandle & /* widgetHandle */,
- const Request & /* request */)
-{
- LogDebug("WAC 2.0 does not support feature-key-root-cn is policy!");
- AttributeHandlerResponse response;
- return response;
-}
-
-AttributeHandlerResponse AttributeFeatureKeyRootFingerprintHandler(
- const WidgetExecutionPhase & /* phase */,
- const WidgetHandle & /* widgetHandle */,
- const Request & /* request */)
-{
- LogDebug("WAC 2.0 does not support"
- " feature-key-root-fingerprint is policy!");
- AttributeHandlerResponse response;
- return response;
-}
-
-struct ResourceAttributeHandlerContext
-{
- std::string name;
- WidgetExecutionPhase allowedPhaseMask;
- ResourceAttributeHandler handler;
-};
-
-#define ALL_PHASE(name, handler) \
- { # name, WidgetExecutionPhase_All, handler },
-
-ResourceAttributeHandlerContext HANDLED_RESOURCE_ATTRIBUTES_LIST[] = {
- ALL_PHASE(device-cap, &AttributeDeviceCapHandler)
- ALL_PHASE(api-feature, &AttributeApiFeatureHandler)
- // For compatiblity with older policies we tread resource-id
- // identically as api-feature
- ALL_PHASE(resource-id, &AttributeApiFeatureHandler)
-
- ALL_PHASE(feature-install-uri, &AttributeFeatureInstallUriHandler)
- ALL_PHASE(feature-key-cn, &AttributeFeatureFeatureKeyCnHandler)
- ALL_PHASE(feature-key-root-cn, &AttributeFeatureKeyRootCnHandler)
- ALL_PHASE(feature-key-root-fingerprint,
- &AttributeFeatureKeyRootFingerprintHandler)
-};
-
-#undef ALL_PHASE
-
-const size_t HANDLED_RESOURCE_ATTRIBUTES_LIST_COUNT =
- sizeof(HANDLED_RESOURCE_ATTRIBUTES_LIST) /
- sizeof(HANDLED_RESOURCE_ATTRIBUTES_LIST[0]);
-} // namespace anonymous
-
-/*
- * class WebRuntimeImpl
- */
-int WebRuntimeImpl::getAttributesValuesLoop(const Request &request,
- std::list<ATTRIBUTE>* attributes,
- WidgetExecutionPhase executionPhase)
-{
- UNHANDLED_EXCEPTION_HANDLER_BEGIN
- {
- WidgetHandle widgetHandle = request.getWidgetHandle();
-
- FOREACH(itr, *attributes)
- {
- // Get attribute name
- std::string attribute = *itr->first;
-
- // Search for attribute handler
- bool attributeFound = false;
-
- for (size_t i = 0; i < HANDLED_ATTRIBUTES_LIST_COUNT; ++i) {
- if (HANDLED_ATTRIBUTES_LIST[i].name == attribute) {
- // Check if execution phase is valid
- if ((executionPhase &
- HANDLED_ATTRIBUTES_LIST[i].allowedPhaseMask) == 0) {
- // Attribute found, but execution state
- // forbids to execute handler
- LogWarning(
- "Request for attribute: '" <<
- attribute << "' which is supported " <<
- "but forbidden at widget execution phase: "
- <<
- executionPhase);
- } else {
- // Execution phase allows handler
- AttributeHandlerResponse attributeResponse =
- (*HANDLED_ATTRIBUTES_LIST[i].handler)(
- executionPhase,
- widgetHandle);
- std::copy(attributeResponse.begin(),
- attributeResponse.end(),
- std::back_inserter(*itr->second));
- }
-
- attributeFound = true;
- break;
- }
- }
-
- if (!attributeFound) {
- LogWarning("Request for attribute: '" <<
- attribute << "' which is not supported");
- }
- }
-
- return 0;
- }
- UNHANDLED_EXCEPTION_HANDLER_END
-}
-
-int WebRuntimeImpl::getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes)
-{
- UNHANDLED_EXCEPTION_HANDLER_BEGIN
- {
- // Get current execution state
- WidgetExecutionPhase executionPhase =
- request.getExecutionPhase();
-
- return getAttributesValuesLoop(request, attributes, executionPhase);
- }
- UNHANDLED_EXCEPTION_HANDLER_END
-}
-
-std::string WebRuntimeImpl::getSessionId(const Request & /* request */)
-{
- std::string result;
- LogError("Not implemented!");
- return result;
-}
-
-WebRuntimeImpl::WebRuntimeImpl()
-{
-}
-
-/*
- * class ResourceInformationImpl
- */
-
-int ResourceInformationImpl::getAttributesValuesLoop(const Request &request,
- std::list<ATTRIBUTE>* attributes,
- WidgetExecutionPhase executionPhase)
-{
- // Currently, we assume widgets have internal representation of integer IDs
- WidgetHandle widgetHandle = request.getWidgetHandle();
- //TODO add resource id string analyzys
- FOREACH(itr, *attributes)
- {
- // Get attribute name
- std::string attribute = *itr->first;
- LogDebug("getting attribute value for: " << attribute);
- FOREACH(aaa, *itr->second)
- {
- LogDebug("its value is: " << *aaa);
- }
-
- // Search for attribute handler
- bool attributeFound = false;
-
- for (size_t i = 0; i < HANDLED_RESOURCE_ATTRIBUTES_LIST_COUNT; ++i) {
- if (HANDLED_RESOURCE_ATTRIBUTES_LIST[i].name == attribute) {
- // Check if execution phase is valid
- if ((executionPhase &
- HANDLED_RESOURCE_ATTRIBUTES_LIST[i].allowedPhaseMask) ==
- 0) {
- // Attribute found, but execution state
- // forbids to execute handler
- LogDebug(
- "Request for attribute: '" <<
- attribute <<
- "' which is supported but forbidden " <<
- "at widget execution phase: " << executionPhase);
- itr->second = NULL;
- } else {
- // Execution phase allows handler
- AttributeHandlerResponse attributeResponse =
- (*HANDLED_RESOURCE_ATTRIBUTES_LIST[i].handler)(
- executionPhase,
- widgetHandle,
- request);
- std::copy(attributeResponse.begin(),
- attributeResponse.end(),
- std::back_inserter(*itr->second));
-
- std::ostringstream attributeResponseFull;
-
- for (AttributeHandlerResponse::const_iterator
- it = attributeResponse.begin();
- it != attributeResponse.end(); ++it) {
- attributeResponseFull <<
- (it == attributeResponse.begin() ? "" : ", ") <<
- *it;
- }
-
- LogDebug("Attribute(" << attribute << ") = " <<
- attributeResponseFull.str());
- }
-
- attributeFound = true;
- break;
- }
- }
-
- if (!attributeFound) {
- LogWarning("Request for attribute: '" << attribute <<
- "' which is not supported");
- }
- }
- return 0;
-}
-
-int ResourceInformationImpl::getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes)
-{
- UNHANDLED_EXCEPTION_HANDLER_BEGIN
- {
- // Get current execution state
- WidgetExecutionPhase executionPhase =
- request.getExecutionPhase();
- return getAttributesValuesLoop(request, attributes, executionPhase);
- }
- UNHANDLED_EXCEPTION_HANDLER_END
-}
-
-ResourceInformationImpl::ResourceInformationImpl()
-{
-}
-
-/*
- * class OperationSystemImpl
- */
-
-int OperationSystemImpl::getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes)
-{
- UNHANDLED_EXCEPTION_HANDLER_BEGIN
- {
- //FIXME:
- //GetExecution name without widget name
- WidgetExecutionPhase executionPhase =
- request.getExecutionPhase();
-
- FOREACH(itr, *attributes)
- {
- // Get attribute name
- std::string attribute = *itr->first;
-
- // Search for attribute handler
- bool attributeFound = false;
-
- for (size_t i = 0; i < HANDLED_ATTRIBUTES_LIST_COUNT; ++i) {
- if (HANDLED_ATTRIBUTES_LIST[i].name == attribute) {
- // Check if execution phase is valid
- if ((executionPhase &
- HANDLED_ATTRIBUTES_LIST[i].allowedPhaseMask) == 0) {
- // Attribute found, but execution state forbids
- // to execute handler
- LogDebug("Request for attribute: '" << attribute <<
- "' which is supported but forbidden at " <<
- "widget execution phase: " << executionPhase);
- itr->second = NULL;
- } else {
- // Execution phase allows handler
- AttributeHandlerResponse attributeResponse =
- (*HANDLED_ATTRIBUTES_LIST[i].handler)(
- executionPhase,
- 0);
- std::copy(attributeResponse.begin(),
- attributeResponse.end(),
- std::back_inserter(*itr->second));
-
- std::ostringstream attributeResponseFull;
-
- typedef AttributeHandlerResponse::const_iterator Iter;
- FOREACH(it, attributeResponse)
- {
- attributeResponseFull <<
- (it == attributeResponse.begin()
- ? "" : ", ") << *it;
- }
-
- LogDebug("Attribute(" << attribute <<
- ") = " << attributeResponseFull.str());
- }
-
- attributeFound = true;
- break;
- }
- }
-
- if (!attributeFound) {
- LogWarning("Request for attribute: '" << attribute <<
- "' which is not supported");
- }
- }
-
- return 0;
- }
- UNHANDLED_EXCEPTION_HANDLER_END
-}
-
-OperationSystemImpl::OperationSystemImpl()
-{
-}
-
-/*
- * end of class OperationSystemImpl
- */
-
-int FunctionParamImpl::getAttributesValues(const Request & /*request*/,
- std::list<ATTRIBUTE> *attributes)
-{
- FOREACH(iter, *attributes)
- {
- std::string attributeName = *(iter->first);
-
- ParamMap::const_iterator i;
- std::pair<ParamMap::const_iterator, ParamMap::const_iterator> jj =
- paramMap.equal_range(attributeName);
-
- for (i = jj.first; i != jj.second; ++i) {
- iter->second->push_back(i->second);
- LogDebug("Attribute: " << attributeName << " Value: " <<
- i->second);
- }
- }
- return 0;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file attribute_facade.h
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file contains the declaration of WebRuntimeImpl,
- * ResourceInformationImpl, OperationSystemImpl
- */
-
-#ifndef ATTRIBUTE_FACADE_H
-#define ATTRIBUTE_FACADE_H
-
-#include <string>
-#include <map>
-#include <vector>
-
-#include <dpl/ace/WRT_INTERFACE.h>
-
-class Request;
-
-class WebRuntimeImpl : public IWebRuntime
-{
- public:
- // Return current sessionId
- int getAttributesValuesLoop(const Request &request,
- std::list<ATTRIBUTE>* attributes,
- WidgetExecutionPhase executionPhase);
-
- int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes);
- virtual std::string getSessionId(const Request &request);
- WebRuntimeImpl();
-};
-
-class ResourceInformationImpl : public IResourceInformation
-{
- public:
- int getAttributesValuesLoop(const Request &request,
- std::list<ATTRIBUTE>* attributes,
- WidgetExecutionPhase executionPhase);
- int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes);
- ResourceInformationImpl();
-};
-
-class OperationSystemImpl : public IOperationSystem
-{
- public:
- /**
- * gather and set attributes values for specified attribute name
- * @param attributes is a list of pairs(
- * first: pointer to attribute name
- * second: list of values for attribute (std::string) -
- * its a list of string (BONDI requirement), but usually there
- * will be only one string
- */
- int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE>* attributes);
- OperationSystemImpl();
-};
-
-class FunctionParamImpl : public IFunctionParam
-{
- public:
- virtual int getAttributesValues(const Request & /*request*/,
- std::list<ATTRIBUTE> *attributes);
- void addAttribute(const std::string &key,
- const std::string &value)
- {
- paramMap.insert(make_pair(key, value));
- }
- virtual ~FunctionParamImpl()
- {
- }
-
- private:
- typedef std::multimap<std::string, std::string> ParamMap;
- ParamMap paramMap;
-};
-
-typedef std::vector <FunctionParamImpl> FunctionParams;
-
-#endif //ATTRIBUTE_FACADE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * This class simply redirects the access requests to access control engine.
- * The aim is to hide access control engine specific details from WRT modules.
- * It also implements WRT_INTERFACE.h interfaces, so that ACE could access
- * WRT specific and other information during the decision making.
- *
- * @file security_controller.cpp
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @version 1.0
- * @brief Implementation file for security controller
- */
-#include <security_controller.h>
-#include <dpl/ace/PolicyEnforcementPoint.h>
-#include <dpl/ace/WRT_INTERFACE.h>
-//#include <engine/PolicyEvaluatorFactory.h>
-//#include <logic/attribute_facade.h>
-#include <dpl/singleton_impl.h>
-#include <dpl/log/log.h>
-#include <security_logic.h>
-
-IMPLEMENT_SINGLETON(SecurityController)
-
-struct SecurityController::Impl
-{
- SecurityLogic logic;
-};
-
-SecurityController::SecurityController()
-{
- m_impl.Reset(new Impl);
-}
-
-SecurityController::~SecurityController()
-{
-}
-
-void SecurityController::OnEventReceived(
- const SecurityControllerEvents::InitializeSyncEvent & /* event */)
-{
- m_impl->logic.initialize();
-}
-
-void SecurityController::OnEventReceived(
- const SecurityControllerEvents::TerminateSyncEvent & /*event*/)
-{
- m_impl->logic.terminate();
-}
-
-void SecurityController::OnEventReceived(
- const SecurityControllerEvents::CheckFunctionCallSyncEvent &ev)
-{
- *ev.GetArg0() = m_impl->logic.checkFunctionCall(ev.GetArg1());
-}
-
-void SecurityController::OnEventReceived(
- const SecurityControllerEvents::ValidatePopupResponseEvent &ev)
-{
- m_impl->logic.validatePopupResponse(ev.GetArg0(),
- ev.GetArg1(),
- ev.GetArg2(),
- ev.GetArg3(),
- ev.GetArg4());
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * This class simply redirects the access requests to access control engine.
- * The aim is to hide access control engine specific details from WRT modules.
- * It also implements WRT_INTERFACE.h interfaces, so that ACE could access
- * WRT specific and other information during the decision making.
- *
- * @file security_controller.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @version 1.0
- * @brief Header file for security controller
- */
-#ifndef SECURITY_CONTROLLER_H
-#define SECURITY_CONTROLLER_H
-
-#include <dpl/singleton.h>
-#include <dpl/event/controller.h>
-#include <dpl/generic_event.h>
-#include <dpl/scoped_ptr.h>
-#include <dpl/type_list.h>
-#include <string>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace/AbstractPolicyEnforcementPoint.h>
-#include <dpl/ace-dao-ro/PromptModel.h>
-#include <string>
-#include <dpl/event/inter_context_delegate.h>
-
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-namespace Jobs {
-class Job;
-}
-
-namespace SecurityControllerEvents {
-DECLARE_GENERIC_EVENT_0(InitializeSyncEvent)
-DECLARE_GENERIC_EVENT_0(TerminateSyncEvent)
-
-DECLARE_GENERIC_EVENT_2(CheckFunctionCallSyncEvent,
- PolicyResult *,
- Request *)
-
-DECLARE_GENERIC_EVENT_5(ValidatePopupResponseEvent,
- Request *,
- bool, //is allowed
- Prompt::Validity,
- std::string, //sessionId
- bool* //check return value
- )
-
-} // namespace SecurityControllerEvents
-
-typedef DPL::TypeListDecl<
- SecurityControllerEvents::InitializeSyncEvent,
- SecurityControllerEvents::TerminateSyncEvent,
- SecurityControllerEvents::ValidatePopupResponseEvent,
- SecurityControllerEvents::CheckFunctionCallSyncEvent>::Type
-SecurityControllerEventsTypeList;
-
-class SecurityController :
- public DPL::Event::Controller<SecurityControllerEventsTypeList>
-{
- protected:
- virtual void OnEventReceived(
- const SecurityControllerEvents::InitializeSyncEvent &event);
- virtual void OnEventReceived(
- const SecurityControllerEvents::ValidatePopupResponseEvent &e);
- virtual void OnEventReceived(
- const SecurityControllerEvents::TerminateSyncEvent &event);
- virtual void OnEventReceived(
- const SecurityControllerEvents::CheckFunctionCallSyncEvent &e);
-
- private:
- class Impl;
- DPL::ScopedPtr<Impl> m_impl;
-
- SecurityController();
- //This desctructor must be in implementation file (cannot be autogenerated)
- ~SecurityController();
-
- friend class DPL::Singleton<SecurityController>;
-};
-
-typedef DPL::Singleton<SecurityController> SecurityControllerSingleton;
-
-#endif // SECURITY_CONTROLLER_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * This class simply redirects the access requests to access control engine.
- * The aim is to hide access control engine specific details from WRT modules.
- * It also implements WRT_INTERFACE.h interfaces, so that ACE could access
- * WRT specific and other information during the decision making.
- *
- * @file security_controller.h
- # @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @author Piotr Kozbial (p.kozbial@samsung.com)
- * @version 1.0
- * @brief Header file for security logic
- */
-
-#include <security_logic.h>
-#include <attribute_facade.h>
-#ifdef WRT_SMACK_ENABLED
-#include <privilege-control.h>
-#endif
-#include <dpl/ace-dao-rw/AceDAO.h>
-#include <dpl/ace-dao-ro/AceDAOConversions.h>
-#include <dpl/ace/PolicyInformationPoint.h>
-#include <dpl/ace/PromptDecision.h>
-#include <dpl/log/log.h>
-
-void SecurityLogic::initialize() {
- m_policyEnforcementPoint.initialize(new WebRuntimeImpl(),
- new ResourceInformationImpl(),
- new OperationSystemImpl());
-}
-
-void SecurityLogic::terminate() {
- m_policyEnforcementPoint.terminate();
-}
-
-
-void SecurityLogic::grantSmackLabel(const Request& request)
-{
-#ifdef WRT_SMACK_ENABLED
- Try {
- WrtDB::WidgetDAOReadOnly dao(request.getWidgetHandle());
- DPL::OptionalString pkgName = dao.getPkgname();
- Assert(!pkgName.IsNull() && "widget doesn't have a pkg name");
- const char *devCap = "";
- int ret = grant_rules_forWAC(DPL::ToUTF8String(*pkgName).c_str(),
- devCap);
- if (PC_OPERATION_SUCCESS == ret) {
- LogError("smack rules couldn't be granted");
- }
- } Catch (WrtDB::WidgetDAOReadOnly::Exception) {
- LogError("can't access widget data");
- }
-#endif
-}
-
-PolicyResult SecurityLogic::checkFunctionCall(Request* request)
-{
- Assert(NULL != request);
- PolicyResult aceResult = m_policyEnforcementPoint.check(*request);
-
- if (aceResult == PolicyEffect::PERMIT) {
- grantSmackLabel(*request);
- return PolicyEffect::PERMIT;
- } else if (aceResult == PolicyEffect::PROMPT_ONESHOT ||
- aceResult == PolicyEffect::PROMPT_SESSION ||
- aceResult == PolicyEffect::PROMPT_BLANKET)
- {
- // TODO: check stored user answers!!!
- // if necessary, grant SMACK rules
- // return appropriately - the following is a dummy:
- return aceResult;
- } else {
- return PolicyEffect::DENY;
- }
-}
-
-void SecurityLogic::validatePopupResponse(Request* request,
- bool allowed,
- Prompt::Validity validity,
- const std::string& sessionId,
- bool* retValue)
-{
- Assert(NULL != retValue);
- Assert(NULL != request);
-
- LogDebug("Start");
- LogDebug("User answered: " << allowed << " with validity: " << validity);
-
- *retValue = false;
- OptionalPolicyResult aceResult =
- m_policyEnforcementPoint.checkFromCache(*request);
- if (aceResult.IsNull()) {
- LogDebug("No cached policy result - but it should be here");
- LogDebug("returning " << *retValue);
- return;
- }
- if (*aceResult == PolicyEffect::DENY) {
- LogDebug("returning " << *retValue);
- return;
- }
- if (*aceResult == PolicyEffect::PERMIT) {
- // TODO we were asked for prompt validation
- // but we got that no prompt should be opened - is this OK?
- // (this is on the diagram in wiki)
- *retValue = true;
- } else if (*aceResult == PolicyEffect::PROMPT_ONESHOT ||
- *aceResult == PolicyEffect::PROMPT_SESSION ||
- *aceResult == PolicyEffect::PROMPT_BLANKET)
- {
- Request::DeviceCapabilitySet devCaps =
- request->getDeviceCapabilitySet();
-
- FOREACH (it, devCaps) {
- Request::DeviceCapability resourceId = *it;
- LogDebug("Recheck: " << *it);
- // 1) check if per-widget settings permit
- AceDB::PreferenceTypes wgtPref =
- AceDB::AceDAO::getWidgetDevCapSetting(
- resourceId,
- request->getWidgetHandle());
- if (AceDB::PreferenceTypes::PREFERENCE_DENY == wgtPref) {
- LogDebug("returning " << *retValue);
- return;
- }
- // 2) check if per-dev-cap settings permit
- AceDB::PreferenceTypes resPerf =
- AceDB::AceDAO::getDevCapSetting(resourceId);
- if (AceDB::PreferenceTypes::PREFERENCE_DENY == resPerf) {
- LogDebug("returning " << *retValue);
- return;
- }
-
- // 3) check for stored propmt answer - should not be there
- // TODO - is this check necessary?
- AceDB::BaseAttributeSet attributes;
- AceDB::AceDAO::getAttributes(&attributes);
- Request req(request->getWidgetHandle(),
- request->getExecutionPhase());
- req.addDeviceCapability(resourceId);
- PolicyInformationPoint *pip =
- m_policyEnforcementPoint.getPip();
-
- Assert(NULL != pip);
-
- pip->getAttributesValues(&req, &attributes);
- auto attrHash = AceDB::AceDaoConversions::convertToHash(attributes);
- OptionalCachedPromptDecision promptDecision =
- AceDB::AceDAOReadOnly::getPromptDecision(
- attrHash,
- sessionId); // TODO how about userParam?
- if (!promptDecision.IsNull()) {
- // this should not happen
- LogDebug("returning " << *retValue);
- return;
- }
-
- // 4) validate consistency of answer with policy result
- Prompt::Validity clampedValidity =
- clampPromptValidity(validity, *(aceResult->getEffect()));
-
- // 5) store answer in database if appropriate
- // TODO how about userParam? sessionId?
- DPL::String userParam = DPL::FromUTF8String(sessionId);
- DPL::OptionalString sessionOptional =
- DPL::FromUTF8String(sessionId);
-
- switch (clampedValidity) {
- case Prompt::Validity::ALWAYS: {
- AceDB::AceDAO::setPromptDecision(attrHash,
- userParam,
- sessionOptional,
- allowed ?
- PromptDecision::ALLOW_ALWAYS :
- PromptDecision::DENY_ALWAYS);
- break; }
- case Prompt::Validity::SESSION: {
- AceDB::AceDAO::setPromptDecision(
- attrHash,
- userParam,
- sessionOptional,
- allowed ?
- PromptDecision::ALLOW_FOR_SESSION :
- PromptDecision::DENY_FOR_SESSION);
- break; }
-
- case Prompt::Validity::ONCE: {
- LogInfo("Validity ONCE, not saving prompt decision to cache");
- break; }
- }
-
- }
- // access granted!
- *retValue = allowed;
- }
- if (*retValue) {
- // 6) grant smack label if not granted yet
- grantSmackLabel(*request);
- }
- LogDebug("Finish");
- LogDebug("returning " << *retValue);
-}
-
-Prompt::Validity SecurityLogic::clampPromptValidity(
- Prompt::Validity validity,
- PolicyEffect effect)
-{
- switch (effect) {
- case PolicyEffect::PROMPT_BLANKET: {
- return validity; }
- case PolicyEffect::PROMPT_SESSION: {
- if (Prompt::Validity::ALWAYS == validity) {
- LogInfo("ALWAYS returned from prompt in PROMPT_SESSION");
- return Prompt::Validity::SESSION;
- }
- return validity; }
- case PolicyEffect::PROMPT_ONESHOT: {
- if (Prompt::Validity::ONCE != validity) {
- LogInfo("Not ONCE returned from prompt in PROMPT_ONESHOT");
- }
- return Prompt::Validity::ONCE; }
- case PolicyEffect::DENY:
- case PolicyEffect::PERMIT:
- default: {// other options - should not happen
- LogError("This kind of policy effect does not deal with prompts");
- return Prompt::Validity::ONCE; }
- }
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * This class simply redirects the access requests to access control engine.
- * The aim is to hide access control engine specific details from WRT modules.
- * It also implements WRT_INTERFACE.h interfaces, so that ACE could access
- * WRT specific and other information during the decision making.
- *
- * @file security_controller.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @author Piotr Kozbial (p.kozbial@samsung.com)
- * @version 1.0
- * @brief Header file for security logic
- */
-#ifndef SECURITY_LOGIC_H
-#define SECURITY_LOGIC_H
-
-#include <dpl/ace/Request.h>
-#include <dpl/ace/PolicyResult.h>
-#include <dpl/ace/AbstractPolicyEnforcementPoint.h>
-#include <dpl/ace/Preference.h>
-#include <dpl/ace/PolicyEnforcementPoint.h>
-#include <dpl/ace-dao-ro/PromptModel.h>
-
-/* SecurityLogic
- * May only be created and used by SecurityController.
- * There may be only one instance.
- */
-class SecurityLogic {
- public:
- SecurityLogic() {}
- ~SecurityLogic() {}
- // initialize/terminate
- /** */
- void initialize();
- /** */
- void terminate();
-
- /** */
- PolicyResult checkFunctionCall(Request*);
-
- void validatePopupResponse(Request* request,
- bool allowed,
- Prompt::Validity validity,
- const std::string& sessionId,
- bool* retValue);
-
- private:
- PolicyEnforcementPoint m_policyEnforcementPoint;
-
- Prompt::Validity clampPromptValidity(Prompt::Validity validity,
- PolicyEffect effect);
- void grantSmackLabel(const Request& request);
-};
-
-#endif // SECURITY_CONTROLLER_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file simple_roaming_agent.cpp
- * @author Pawel Sikorski (p.sikorski@samsung.com)
- * @author Lukasz Marek (l.marek@samsung.com)
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief roaming agent
- */
-
-#include "simple_roaming_agent.h"
-#include <vconf.h>
-#include <dpl/fast_delegate.h>
-#include <dpl/log/log.h>
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(SimpleRoamingAgent)
-
-SimpleRoamingAgent::SimpleRoamingAgent()
-{
- if (vconf_notify_key_changed(
- VCONFKEY_TELEPHONY_SVC_ROAM,
- vConfChagedCallback, this) < 0)
- {
- LogError("Cannot add vconf callback [" <<
- VCONFKEY_TELEPHONY_SVC_ROAM << "]");
- Assert(false && "Cannot add vconf callback");
- }
-
- int result = 0;
- if (vconf_get_int(VCONFKEY_TELEPHONY_SVC_ROAM, &result) != 0) {
- LogError("Cannot get current roaming status");
- Assert(false && "Cannot get current roaming status");
- } else {
- bool type = (result == VCONFKEY_TELEPHONY_SVC_ROAM_ON);
- m_networkType = type ? ROAMING : HOME;
- LogInfo("Network type is " << (type ? "ROAMING" : "HOME"));
- }
-
-}
-
-SimpleRoamingAgent::~SimpleRoamingAgent()
-{
- if (vconf_ignore_key_changed(
- VCONFKEY_TELEPHONY_SVC_ROAM,
- vConfChagedCallback) < 0)
- {
- LogError("Cannot rm vconf callback [" <<
- VCONFKEY_TELEPHONY_SVC_ROAM << "]");
- Assert(false && "Cannot remove vconf callback");
- }
-
-}
-
-void SimpleRoamingAgent::vConfChagedCallback(keynode_t *keyNode, void *data)
-{
- LogInfo("SimpleRoamingAgent::vConfChagedCallback ");
- char *key = vconf_keynode_get_name(keyNode);
-
- if (NULL == key) {
- LogWarning("vconf key is null.");
- return;
- }
- std::string keyString = key;
- if (VCONFKEY_NETWORK_WIFI_STATE != keyString) {
- LogError("Wrong key found");
- Assert(false && "Wrong key found in vconf callback");
- return;
- }
- SimpleRoamingAgent *agent = static_cast<SimpleRoamingAgent *>(data);
- if (NULL == agent) {
- LogError("Bad user arg from vconf lib");
- Assert(false && "Bad user arg from vconf lib");
- return;
- }
- int result = 0;
- if (vconf_get_int(VCONFKEY_TELEPHONY_SVC_ROAM, &result) != 0) {
- LogError("Cannot get current roaming status");
- Assert(false && "Cannot get current roaming status");
- } else {
- bool type = (result == VCONFKEY_TELEPHONY_SVC_ROAM_ON);
- agent->m_networkType = type ? ROAMING : HOME;
- LogInfo("Network type is " << (type ? "ROAMING" : "HOME"));
- }
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file simple_roaming_agent.h
- * @author Pawel Sikorski (p.sikorski@samsung.com)
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief simple roaming agent
- */
-
-#ifndef WRT_SRC_ACCESS_CONTROL_COMMON_SIMPLE_ROAMING_AGENT_H_
-#define WRT_SRC_ACCESS_CONTROL_COMMON_SIMPLE_ROAMING_AGENT_H_
-
-#include <string>
-#include <dpl/singleton.h>
-#include <dpl/noncopyable.h>
-#include <vconf.h>
-
-class SimpleRoamingAgent : DPL::Noncopyable
-{
- public:
- bool IsRoamingOn() const
- {
- return ROAMING == m_networkType;
- }
-
- private:
- enum NetworkType {ROAMING, HOME};
-
- NetworkType m_networkType;
-
- SimpleRoamingAgent();
- virtual ~SimpleRoamingAgent();
-
- static void vConfChagedCallback(keynode_t *keyNode, void *userParam);
-
- friend class DPL::Singleton<SimpleRoamingAgent>;
-};
-
-typedef DPL::Singleton<SimpleRoamingAgent> SimpleRoamingAgentSingleton;
-
-#endif//WRT_SRC_ACCESS_CONTROL_COMMON_SIMPLE_ROAMING_AGENT_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ocsp_server_api.h
- * @author
- * @version 1.0
- * @brief This file contains definitions OCSP server interface & methods.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_API_H_
-#define WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_API_H_
-
-#include<string>
-
-namespace WrtSecurity{
-namespace OcspServerApi{
-
-// DBus interface name
-inline const std::string INTERFACE_NAME()
-{
- return "org.tizen.OcspCheck";
-}
-
-// RPC test function
-// IN std::string
-// OUT std::string
-inline const std::string ECHO_METHOD()
-{
- return "echo";
-}
-
-// Function checks WidgetStatus for installed widget.
-// https://106.116.37.24/wiki/WebRuntime/Security/Widget_Signatures
-// IN WidgetHandle Widget ID in Database
-// OUT WidgetStatus GOOD/REVOKED
-inline const std::string CHECK_ACCESS_METHOD()
-{
- return "OcspCheck";
-}
-
-}
-};
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_API_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ocsp_service_dbus_interface.cpp
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief Implementation of OCSP server API.
- */
-#include "ocsp_server_dbus_interface.h"
-#include <vcore/VerificationStatus.h>
-#include <dpl/foreach.h>
-#include <vcore/CertificateVerifier.h>
-#include <vcore/VerificationStatus.h>
-#include <dpl/wrt-dao-ro/global_config.h>
-#include <dpl/ace-dao-ro/common_dao_types.h>
-#include <dpl/wrt-dao-ro/widget_dao_read_only.h>
-#include "ocsp_controller.h"
-
-
-
-namespace RPC {
-
-using namespace WrtSecurity;
-
-OcspServerDBusInterface::OcspServerDBusInterface():
- DPL::DBus::InterfaceDispatcher(OcspServerApi::INTERFACE_NAME())
-{
- setXmlSignature("<node>"
- " <interface name='" + OcspServerApi::INTERFACE_NAME() + "'>"
- " <method name='" + OcspServerApi::ECHO_METHOD() + "'>"
- " <arg type='s' name='input' direction='in'/>"
- " <arg type='s' name='output' direction='out'/>"
- " </method>"
- " <method name='" + OcspServerApi::CHECK_ACCESS_METHOD() + "'>"
- " <arg type='i' name='input' direction='in'/>"
- " <arg type='i' name='output' direction='out'/>"
- " </method>"
- " </interface>"
- "</node>");
-}
-
-void OcspServerDBusInterface::onResponse(
- OCSPControllerEvents::ErrorCode argError,
- ValidationCore::WidgetVerificationStatus argState)
-{
- Assert(!m_invocationFifo.empty());
- GDBusMethodInvocation* invocation = m_invocationFifo.front();
- m_invocationFifo.pop_front();
-
- if (OCSPControllerEvents::ErrorOK == argError) {
-
- gint32 response = static_cast<gint32>(argState);
-
- //Ownership is transferred to return value function
- GVariant* varResponse = g_variant_new ("(i)", response);
- //This function will unref invocation and it will be freed
- LogDebug("OCSP dbus interface tries to send result");
- g_dbus_method_invocation_return_value(invocation,
- varResponse);
- } else if (OCSPControllerEvents::ErrorNoWidget == argError) {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.OcspCheck.WidgetNotFound",
- "WidgetDAOReadOnly returned error WidgetNotFound");
- } else if (OCSPControllerEvents::ErrorUnknown == argError) {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.OcspCheck.UnknownError",
- "WidgetDAOReadOnly returned unknown error");
- } else {
- Assert(false && "Not supported error code");
- }
-}
-
-void OcspServerDBusInterface::onMethodCall(
- const gchar* argMethodName,
- GVariant* argParameters,
- GDBusMethodInvocation* argInvocation)
-{
- if (OcspServerApi::ECHO_METHOD() == argMethodName){
- // TODO: Deserialization should use
- // DBus::SErverDeserialization::deserialize()
- const gchar* arg = NULL;
- g_variant_get(argParameters, "(&s)", &arg);
- // TODO: Serialization should use
- // DBus::SErverDeserialization::serialize()
- gchar* response = g_strdup_printf(arg);
- g_dbus_method_invocation_return_value(argInvocation,
- g_variant_new ("(s)", response));
- g_free (response);
- } else if (OcspServerApi::CHECK_ACCESS_METHOD() == argMethodName) {
- gint32 value;
- //TODO: Check if argument is valid and report error for invalid
- g_variant_get(argParameters, "(i)", &value);
- WrtDB::DbWidgetHandle handle = static_cast<WrtDB::DbWidgetHandle>(
- value);
-
- m_invocationFifo.push_back(argInvocation);
- CONTROLLER_POST_EVENT(
- OCSPController,
- OCSPControllerEvents::OCSPCheckEvent(
- handle,
- makeICDelegate(&OcspServerDBusInterface::onResponse)
- )
- );
- }
-}
-
-} // namespace RPC
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ocsp_service_dbus_interface.h
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief Class that handles OCSP server API.
- */
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_DBUS_INTERFACE_H_
-#define WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_DBUS_INTERFACE_H_
-
-#include <list>
-#include <dpl/event/inter_context_delegate.h>
-#include <vcore/VerificationStatus.h>
-
-#include <dpl/dbus/dbus_interface_dispatcher.h>
-#include "api/ocsp_server_api.h"
-#include "ocsp_controller.h"
-
-namespace RPC {
-
-class OcspServerDBusInterface :
- public DPL::DBus::InterfaceDispatcher,
- public DPL::Event::ICDelegateSupport<OcspServerDBusInterface>
-{
- public:
- OcspServerDBusInterface();
-
- virtual ~OcspServerDBusInterface()
- {}
-
- virtual void onMethodCall(const gchar* method_name,
- GVariant* parameters,
- GDBusMethodInvocation* invocation);
- private:
- typedef std::list<GDBusMethodInvocation*> InvocationsContainer;
- InvocationsContainer m_invocationFifo;
- void onResponse(OCSPControllerEvents::ErrorCode argError,
- ValidationCore::WidgetVerificationStatus argState);
-};
-
-} // namespace RPC
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_OCSP_SERVER_DBUS_INTERFACE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief
- */
-#include "ocsp_controller.h"
-
-#include <dpl/wrt-dao-ro/global_config.h>
-#include <dpl/wrt-dao-ro/widget_dao_read_only.h>
-#include <vcore/CertificateVerifier.h>
-#include <vcore/VerificationStatus.h>
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(OCSPController)
-
-void OCSPController::OnEventReceived(
- const OCSPControllerEvents::OCSPCheckEvent &event)
-{
- WrtDB::DbWidgetHandle handle = event.GetArg0();
- OCSPControllerEvents::ResponseDelegate delegate = event.GetArg1();
- LogDebug("Ocsp controller started");
- Try {
-
- ValidationCore::WidgetVerificationStatus status =
- ValidationCore::WIDGET_VERIFICATION_STATUS_GOOD;
-
- LogDebug("Ocsp controller tries to acces WidgetDAOReadOnly");
- WrtDB::WidgetDAOReadOnly dao(handle);
-
- std::list<std::string> chainList = dao.getWidgetCertificate();
-
- ValidationCore::CertificateCollectionList certificateChainList;
-
- FOREACH(iter, chainList) {
- ValidationCore::CertificateCollection chain;
- if (!chain.load(*iter)) {
- LogError("Certificates in database are corrupted.");
- Assert(false);
- }
-
- if (!chain.sort()) {
- LogError("Certificates in database do not form chain.");
- Assert(false);
- }
- certificateChainList.push_back(chain);
- }
- LogDebug("Ocsp controller tries use VCore");
- ValidationCore::CertificateVerifier verificator(
- WrtDB::GlobalConfig::IsOCSPEnabled(),
- WrtDB::GlobalConfig::IsCRLEnabled());
- if (ValidationCore::VERIFICATION_STATUS_REVOKED ==
- verificator.checkEndEntity(certificateChainList)) {
- status = ValidationCore::WIDGET_VERIFICATION_STATUS_REVOKED;
- }
- LogDebug("Ocsp controller return result");
- delegate(OCSPControllerEvents::ErrorOK, status);
- } catch (const WrtDB::WidgetDAOReadOnly::Exception::WidgetNotExist& error) {
- LogWarning("Error No Widget will be returned to client: " << handle);
- delegate(OCSPControllerEvents::ErrorNoWidget,
- ValidationCore::WIDGET_VERIFICATION_STATUS_REVOKED);
- } catch (...) {
- LogWarning("Error Unknown will be returned to client: " << handle);
- delegate(OCSPControllerEvents::ErrorUnknown,
- ValidationCore::WIDGET_VERIFICATION_STATUS_REVOKED);
- }
-
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _SRC_VALIDATION_CORE_OCSP_CONTROLLER_H_
-#define _SRC_VALIDATION_CORE_OCSP_CONTROLLER_H_
-#include <dpl/event/controller.h>
-#include <dpl/generic_event.h>
-#include <dpl/singleton.h>
-#include <dpl/type_list.h>
-#include <dpl/event/inter_context_delegate.h>
-
-#include <vcore/Certificate.h>
-#include <vcore/VerificationStatus.h>
-#include <dpl/ace-dao-ro/common_dao_types.h>
-//#include "widget_dao_read_only.h"
-
-namespace OCSPControllerEvents {
-
-enum ErrorCode {
- ErrorOK,
- ErrorNoWidget,
- ErrorUnknown
-};
-
-typedef DPL::Event::ICDelegate<
- ErrorCode,
- ValidationCore::WidgetVerificationStatus
-> ResponseDelegate;
-DECLARE_GENERIC_EVENT_2(OCSPCheckEvent,
- WrtDB::DbWidgetHandle,
- ResponseDelegate)
-
-} // OCSPControllerEvents
-
-typedef DPL::TypeListDecl<
- OCSPControllerEvents::OCSPCheckEvent>::Type
-OCSPControllerEventsTypeList;
-
-class OCSPController : public DPL::Event::Controller<OCSPControllerEventsTypeList>
-{
- protected:
- virtual void OnEventReceived(
- const OCSPControllerEvents::OCSPCheckEvent &event);
- private:
- OCSPController()
- {
- }
- friend class DPL::Singleton<OCSPController>;
-};
-
-typedef DPL::Singleton<OCSPController> OCSPControllerSingleton;
-
-#endif // _OCSP_CONTROLLER_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file ocsp_service.cpp
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief This is implementation file of Ocsp service
- */
-
-
-#include <string>
-#include <list>
-#include <memory>
-
-#include <dpl/log/log.h>
-#include <dpl/single_instance.h>
-#include <dpl/event/controller.h>
-#include <dpl/thread.h>
-#include <vcore/VCore.h>
-#include <dpl/wrt-dao-ro/WrtDatabase.h>
-#include "security_daemon.h"
-#include "security_dbus_service.h"
-#include "ocsp_server_dbus_interface.h"
-#include "ocsp_controller.h"
-
-
-namespace {
-
-
-class OCSPThread :
- public DPL::Thread
-{
- protected:
- virtual int ThreadEntry()
- {
- // Attach databases
- ValidationCore::AttachToThread();
- WrtDB::WrtDatabase::attachToThread();
-
- int result = DPL::Thread::ThreadEntry();
-
- // Detach databases
- ValidationCore::DetachFromThread();
- WrtDB::WrtDatabase::detachFromThread();
-
- return result;
- }
-};
-
-} //anonymous namespace
-
-namespace OcspService {
-
-class OcspService : public SecurityDaemon::DaemonService
-{
- private:
- virtual void initialize()
- {
- //Init OCSP thread
- m_threadOCSP.reset(new OCSPThread());
- m_threadOCSP->Run();
- OCSPControllerSingleton::Instance().Touch();
- OCSPControllerSingleton::Instance().SwitchToThread(m_threadOCSP.get());
- }
-
- virtual void start()
- {
- }
-
- virtual void stop()
- {
- }
-
- virtual void deinitialize()
- {
- //Deinitialize OCSP thread
- OCSPControllerSingleton::Instance().SwitchToThread(NULL);
- m_threadOCSP->Quit();
- m_threadOCSP.reset();
- }
-
- std::shared_ptr<OCSPThread> m_threadOCSP;
-
-};
-
-DAEMON_REGISTER_SERVICE_MODULE(OcspService)
-
-}//namespace OcspService
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file popup_ace_data_types.h
- * @author Pawel Sikorski (p.sikorski@samsung.com)
- * @version 1.0
- * @brief
- */
-
-#ifndef POPUP_ACE_DATA_TYPES_H_
-#define POPUP_ACE_DATA_TYPES_H_
-
-#include <vector>
-#include <string>
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-// additional data needed by PolicyEvaluaor to recognize Popup Response
-struct AceUserdata
-{
- //TODO INVALID_WIDGET_HANDLE is defined in wrt_plugin_export.h.
- // I do not want to include that file here...
- AceUserdata(): handle(-1) {}
-
- WidgetHandle handle;
- std::string subject;
- std::string resource;
- std::vector<std::string> paramKeys;
- std::vector<std::string> paramValues;
- std::string sessionId;
-};
-
-typedef bool SecurityStatus;
-
-#endif /* POPUP_ACE_DATA_TYPES_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file popup_response_server_api.h
- * @author Zbigniew Kostrzewa (z.kostrzewa@samsung.com)
- * @version 1.0
- * @brief
- */
-
-#ifndef WRT_SRC_RPC_SECURITY_DAEMON_API_POPUP_RESPONSE_SERVER_API_H
-#define WRT_SRC_RPC_SECURITY_DAEMON_API_POPUP_RESPONSE_SERVER_API_H
-
-#include <string>
-
-namespace WrtSecurity{
-namespace PopupServerApi{
-
-inline const std::string INTERFACE_NAME()
-{
- return "org.tizen.PopupResponse";
-}
-
-inline const std::string VALIDATION_METHOD()
-{
- return "validate";
-}
-
-}
-}
-
-#endif // WRT_SRC_RPC_SECURITY_DAEMON_API_POPUP_RESPONSE_SERVER_API_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file popup_response_dispatcher.cpp
- * @author Zbigniew Kostrzewa (z.kostrzewa@samsung.com)
- * @version 1.0
- * @brief
- */
-
-#include "popup_response_dbus_interface.h"
-#include <vector>
-#include <string>
-#include <api/popup_response_server_api.h>
-#include <dpl/dbus/dbus_server_deserialization.h>
-#include <dpl/dbus/dbus_server_serialization.h>
-#include <dpl/ace/Request.h>
-#include <dpl/ace-dao-ro/PromptModel.h>
-#include "api/popup_ace_data_types.h"
-//#include "access-control/engine/PromptModel.h"
-#include "attribute_facade.h"
-//#include "Request.h"
-#include "security_controller.h"
-
-namespace RPC
-{
-
-void PopupResponseDBusInterface::onMethodCall(const gchar* methodName,
- GVariant* parameters,
- GDBusMethodInvocation* invocation)
-{
- using namespace WrtSecurity;
-#if 1
- if (0 == g_strcmp0(methodName,
- PopupServerApi::VALIDATION_METHOD().c_str()))
- {
- // popup answer data
- bool allowed = false;
- int serializedValidity = 0;
-
- // ACE data
- AceUserdata acedata;
-
- if (!DPL::DBus::ServerDeserialization::deserialize(
- parameters,
- &allowed,
- &serializedValidity,
- &(acedata.handle),
- &(acedata.subject),
- &(acedata.resource),
- &(acedata.paramKeys),
- &(acedata.paramValues),
- &(acedata.sessionId)))
- {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.PopupResponse.UnknownError",
- "Error in deserializing input parameters");
- return;
- }
-
- if (acedata.paramKeys.size() != acedata.paramValues.size()) {
- g_dbus_method_invocation_return_dbus_error(
- invocation,
- "org.tizen.PopupResponse.UnknownError",
- "Varying sizes of parameter names and parameter values");
- return;
- }
-
- FunctionParamImpl params;
- for (size_t i = 0; i < acedata.paramKeys.size(); ++i) {
- params.addAttribute(acedata.paramKeys[i], acedata.paramValues[i]);
- }
- Request request(acedata.handle,
- WidgetExecutionPhase_Invoke,
- ¶ms);
- request.addDeviceCapability(acedata.resource);
-
- Prompt::Validity validity = static_cast<Prompt::Validity>(serializedValidity);
-
- bool response = false;
- SecurityControllerEvents::ValidatePopupResponseEvent ev(
- &request,
- allowed,
- validity,
- acedata.sessionId,
- &response);
- CONTROLLER_POST_SYNC_EVENT(SecurityController, ev);
-
- g_dbus_method_invocation_return_value(
- invocation,
- DPL::DBus::ServerSerialization::serialize(response));
- }
-#endif
-}
-
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file popup_response_dbus_interface.h
- * @author Zbigniew Kostrzewa (z.kostrzewa@samsung.com)
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 1.0
- * @brief
- */
-
-#ifndef WRT_SRC_RPC_DAEMON_POPUP_RESPONSE_DBUS_INTERFACE_H
-#define WRT_SRC_RPC_DAEMON_POPUP_RESPONSE_DBUS_INTERFACE_H
-
-#include <dpl/dbus/dbus_interface_dispatcher.h>
-#include "api/popup_response_server_api.h"
-
-namespace RPC {
-
-class PopupResponseDBusInterface : public DPL::DBus::InterfaceDispatcher
-{
-public:
- PopupResponseDBusInterface():
- DPL::DBus::InterfaceDispatcher(
- WrtSecurity::PopupServerApi::INTERFACE_NAME())
- {
- using namespace WrtSecurity;
-
- setXmlSignature("<node>"
- " <interface name='" +
- PopupServerApi::INTERFACE_NAME() + "'>"
- " <method name='" +
- PopupServerApi::VALIDATION_METHOD() + "'>"
- // popup answer data
- " <arg type='b' name='allowed' direction='in'/>"
- " <arg type='i' name='valid' direction='in'/>"
- // this is copied from ace_server_dbus_interface
- " <arg type='i' name='handle' direction='in'/>"
- " <arg type='s' name='subject' direction='in'/>"
- " <arg type='s' name='resource' direction='in'/>"
- " <arg type='as' name='parameter names' direction='in'/>"
- " <arg type='as' name='parameter values' direction='in'/>"
- " <arg type='s' name='sessionId' direction='in'/>"
- " <arg type='b' name='response' direction='out'/>"
- " </method>"
- " </interface>"
- "</node>");
-
- }
-
- virtual ~PopupResponseDBusInterface()
- {}
-
- virtual void onMethodCall(const gchar* methodName,
- GVariant* parameters,
- GDBusMethodInvocation* invocation);
-};
-
-}
-
-#endif // WRT_SRC_RPC_DAEMON_POPUP_RESPONSE_DBUS_INTERFACE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file vcore_service.cpp
- * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
- * @version 1.0
- * @brief This is implementation file of VCoreService service
- */
-
-#include <dpl/log/log.h>
-#include <dpl/event/controller.h>
-#include <dpl/generic_event.h>
-#include <string>
-#include <list>
-
-#include <vcore/VCore.h>
-#include <vcore/CachedOCSP.h>
-#include <vcore/CachedCRL.h>
-#include <dpl/wrt-dao-ro/global_config.h>
-
-#include "security_daemon.h"
-
-namespace VCoreService {
-DECLARE_GENERIC_EVENT_0(UpdateCacheTimeReachedEvent)
-using namespace ValidationCore;
-
-class VCoreService : public SecurityDaemon::DaemonService,
- DPL::Event::Controller<DPL::TypeListDecl<UpdateCacheTimeReachedEvent>::Type>
-{
- public:
- VCoreService() :
- m_ignoreFurtherCacheUpdates(false),
- m_timespan(static_cast<double>(CachedOCSP::OCSP_minTimeValid))
- {
- Touch();
- }
-
- private:
- virtual void initialize()
- {
- using namespace WrtDB;
- LogDebug("VCoreService initializing");
- ValidationCore::AttachToThread();
- ValidationCore::VCoreInit(
- std::string(GlobalConfig::GetFingerprintListFile()),
- std::string(GlobalConfig::GetFingerprintListSchema()),
- std::string(GlobalConfig::GetVCoreDatabaseFilePath()));
- }
-
- virtual void start()
- {
- LogDebug("Starting VCoreService");
- OnEventReceived(UpdateCacheTimeReachedEvent());
- }
-
- virtual void stop()
- {
- LogDebug("Stopping VCoreService");
- m_ignoreFurtherCacheUpdates = true;
- }
-
- virtual void deinitialize()
- {
- LogDebug("VCoreService deinitializing");
- }
-
- void OnEventReceived(const UpdateCacheTimeReachedEvent& /*event*/)
- {
- if (m_ignoreFurtherCacheUpdates) return;
-
- this->PostTimedEvent(UpdateCacheTimeReachedEvent(), m_timespan);
-
- LogDebug("calling ocsp module to cache update ...");
- m_ocspCache.updateCache();
- LogDebug("calling crl module to cache update ...");
- m_crlCache.updateCache();
- }
-
- CachedOCSP m_ocspCache;
- CachedCRL m_crlCache;
- bool m_ignoreFurtherCacheUpdates;
-
- const double m_timespan;
-};
-
-DAEMON_REGISTER_SERVICE_MODULE(VCoreService)
-
-}//namespace VCoreService
-
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-ADD_SUBDIRECTORY(security_daemon_tests)
+++ /dev/null
-#
-#Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Lukasz Wrzosek (l.wrzosek@samsung.com)
-# @brief
-#
-
-SET(TARGET_SEC_DAEMON_TESTS "wrt-tests-security-daemon")
-SET(SEC_DAEMON_SOURCES
- ace_ipc_test_cases.cpp
- ocsp_ipc_test_cases.cpp
- main.cpp
- )
-PKG_CHECK_MODULES(SEC_DAEMON_TESTS_PKGS
- dbus-1
- dpl-test-efl
- dpl-ace
- dpl-dbus-efl
- dpl-wrt-dao-ro
- dpl-wrt-dao-rw
- dpl-vcore
- dpl-utils-efl
- REQUIRED)
-
-INCLUDE_DIRECTORIES(
- ${SEC_DAEMON_TESTS_PKGS_INCLUDE_DIRS}
- )
-
-LINK_DIRECTORIES(${SEC_DAEMON_TESTS_PKGS_LIBRARY_DIRS})
-
-ADD_EXECUTABLE(${TARGET_SEC_DAEMON_TESTS} ${SEC_DAEMON_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_DAEMON_TESTS}
- ${SEC_DAEMON_TESTS_PKGS_LIBRARIES})
-
-INSTALL(TARGETS ${TARGET_SEC_DAEMON_TESTS} DESTINATION /usr/bin)
-INSTALL(FILES "ipc-tests-demo.xml" DESTINATION /usr/etc/ace)
+++ /dev/null
-Is required to install '''ipc-tests-demo.xml''' ACE policy file and restart security daemon before executing this test suite.
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dpl/assert.h>
-#include <dpl/test/test_runner.h>
-#include <dpl/ace/PolicyResult.h>
-#include <dpl/dbus/dbus_client.h>
-#include <dpl/ace-dao-ro/PromptModel.h>
-#include <dpl/ace-dao-ro/PromptModel.h>
-
-#include <vector>
-#include <string>
-#include <memory>
-
-using namespace DPL;
-
-namespace {
-
-const std::string OBJECT_PATH =
- "/org/tizen/SecurityDaemon";
-const std::string SERVICE_NAME =
- "org.tizen.SecurityDaemon";
-
-const std::string ACE_INTERFACE_NAME =
- "org.tizen.AceCheckAccessInterface";
-const std::string ACE_ECHO_METHOD = "echo";
-const std::string ACE_CHECK_ACCESS_METHOD = "check_access";
-
-const std::string POPUP_INTERFACE_NAME =
- "org.tizen.PopupResponse";
-const std::string VALIDATION_METHOD = "validate";
-
-}
-
-class AceClientStub
-{
- public:
- bool testConnectToDaemon()
- {
- Assert(!!m_dbusAceClient);
- std::string hello = "RPC test.";
- std::string response;
- m_dbusAceClient->call(ACE_ECHO_METHOD, hello, &response);
- return response == hello;
- }
-
- PolicyResult callCheckAccess(int handle,
- const std::string& subjectId,
- const std::string& resourceId,
- const std::vector<std::string> keys,
- const std::vector<std::string> values)
- {
- Assert(!!m_dbusAceClient);
- int serialized = 0;
- m_dbusAceClient->call(ACE_CHECK_ACCESS_METHOD,
- handle,
- subjectId,
- resourceId,
- keys,
- values,
- &serialized);
- PolicyResult policyResult = PolicyResult::deserialize(serialized);
- return policyResult;
- }
-
- bool callPopupAnswer(bool allowed,
- int serializedValidity,
- int handle,
- const std::string& subjectId,
- const std::string& resourceId,
- const std::vector<std::string> keys,
- const std::vector<std::string> values,
- const std::string& session)
- {
- Assert(!!m_dbusPopupClient);
- bool status = false;
- m_dbusPopupClient->call(VALIDATION_METHOD,
- allowed,
- serializedValidity,
- handle,
- subjectId,
- resourceId,
- keys,
- values,
- session,
- &status);
- return status;
- }
-
- static AceClientStub& getInstance();
-
- private:
- AceClientStub() :
- m_dbusAceClient(new DBus::Client(OBJECT_PATH,
- SERVICE_NAME,
- ACE_INTERFACE_NAME)),
- m_dbusPopupClient(new DBus::Client(OBJECT_PATH,
- SERVICE_NAME,
- POPUP_INTERFACE_NAME))
- {
-
- }
-
- ~AceClientStub() { }
-
- std::unique_ptr<DBus::Client> m_dbusAceClient;
- std::unique_ptr<DBus::Client> m_dbusPopupClient;
-};
-
-AceClientStub& AceClientStub::getInstance()
-{
- static AceClientStub instance;
- return instance;
-}
-
-RUNNER_TEST_GROUP_INIT(ace)
-
-RUNNER_TEST(ace_echo)
-{
- auto passed = AceClientStub::getInstance().testConnectToDaemon();
- RUNNER_ASSERT_MSG(true == passed, "Echo method returned wrong value");
-}
-
-RUNNER_TEST(policy1)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string subjectId = "resource_id_prompt_oneshot";
- std::string resourceId = subjectId;
- auto policy = AceClientStub::getInstance().callCheckAccess(
- 345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_ONESHOT);
-}
-
-RUNNER_TEST(policy2)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string subjectId = "resource_id_prompt_blanket";
- std::string resourceId = subjectId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_BLANKET);
-}
-
-RUNNER_TEST(policy3)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string subjectId = "resource_id_prompt_session";
- std::string resourceId = subjectId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_SESSION);
-}
-
-RUNNER_TEST(policy4)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string subjectId = "resource_id_permit";
- std::string resourceId = subjectId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PERMIT);
-}
-
-RUNNER_TEST(policy5)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string subjectId = "resource_id_deny";
- std::string resourceId = subjectId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::DENY);
-}
-
-RUNNER_TEST(popup_test_after_policy1)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string resourceId = "resource_id_prompt_oneshot";
- std::string subjectId = resourceId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_ONESHOT);
-
- int validity = static_cast<int>(Prompt::Validity::ONCE);
- auto status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(status);
- LogDebug("1: " << status);
- status = AceClientStub::getInstance().callPopupAnswer(false,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(!status);
- status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(status);
-}
-
-RUNNER_TEST(popup_test_after_policy2)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string resourceId = "resource_id_prompt_blanket";
- std::string subjectId = resourceId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_BLANKET);
-
- int validity = static_cast<int>(Prompt::Validity::ALWAYS);
- auto status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(status);
- LogDebug("1: " << status);
- status = AceClientStub::getInstance().callPopupAnswer(false,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(!status);
- status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "");
- RUNNER_ASSERT(!status);
-}
-
-RUNNER_TEST(popup_test_after_policy3)
-{
- std::vector<std::string> names;
- std::vector<std::string> values;
- std::string resourceId = "resource_id_prompt_session";
- std::string subjectId = resourceId;
- auto policy = AceClientStub::getInstance().callCheckAccess(345,
- subjectId,
- resourceId,
- names,
- values);
- RUNNER_ASSERT(!!policy.getEffect());
- RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_SESSION);
-
- int validity = static_cast<int>(Prompt::Validity::SESSION);
- auto status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "some_session");
- RUNNER_ASSERT(status);
- status = AceClientStub::getInstance().callPopupAnswer(false,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "some_session");
- RUNNER_ASSERT(!status);
- status = AceClientStub::getInstance().callPopupAnswer(true,
- validity,
- 345,
- subjectId,
- resourceId,
- names,
- values,
- "some_session");
- RUNNER_ASSERT(!status);
-}
-
+++ /dev/null
-<policy-set id="Policy-1" combine="first-matching-target">
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="demoMSG" />
- </subject>
- </target>
- <rule effect="deny" />
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="device-cap">
- resource_id_permit
- </resource-match>
- </condition>
- </rule>
-
- <rule effect="deny">
- <condition>
- <resource-match attr="device-cap">
- resource_id_deny
- </resource-match>
- </condition>
- </rule>
-
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap">
- resource_id_prompt_blanket
- </resource-match>
- </condition>
- </rule>
-
- <rule effect="prompt-oneshot">
- <condition>
- <resource-match attr="device-cap">
- resource_id_prompt_oneshot
- </resource-match>
- </condition>
- </rule>
-
- <rule effect="prompt-session">
- <condition>
- <resource-match attr="device-cap">
- resource_id_prompt_session
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dpl/test/test_runner.h>
-#include <dpl/wrt-dao-ro/WrtDatabase.h>
-
-int main(int argc, char** argv)
-{
- WrtDB::WrtDatabase::attachToThread();
- int error =
- DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
- WrtDB::WrtDatabase::detachFromThread();
- return error;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dpl/assert.h>
-#include <dpl/dbus/dbus_client.h>
-#include <dpl/test/test_runner.h>
-#include <dpl/wrt-dao-ro/widget_dao_read_only.h>
-#include <dpl/wrt-dao-rw/widget_dao.h>
-#include <dpl/vcore/vcore/Certificate.h>
-#include <dpl/vcore/vcore/CertificateCollection.h>
-#include <dpl/vcore/vcore/VerificationStatus.h>
-#include <dpl/localization/localization_utils.h>
-
-#include <vector>
-#include <string>
-#include <memory>
-
-using namespace DPL;
-using namespace ValidationCore;
-
-namespace {
-
-const std::string OBJECT_PATH = "/org/tizen/SecurityDaemon";
-const std::string SERVICE_NAME = "org.tizen.SecurityDaemon";
-const std::string OCSP_INTERFACE_NAME = "org.tizen.OcspCheck";
-const std::string ECHO_METHOD_NAME = "echo";
-const std::string CHECK_ACCESS_METHOD = "OcspCheck";
-
-const std::string googleCA3 =
- "MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM"
- "MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg"
- "THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x"
- "MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh"
- "MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw"
- "FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
- "AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe"
- "qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys"
- "Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw"
- "DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0"
- "ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF"
- "BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0"
- "cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3"
- "dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF"
- "BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ"
- "wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3"
- "fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A=";
-const std::string googleCA2 =
- "MIIDIzCCAoygAwIBAgIEMAAAAjANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJV"
- "UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVi"
- "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNTEzMDAw"
- "MDAwWhcNMTQwNTEyMjM1OTU5WjBMMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh"
- "d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBD"
- "QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1NNn0I0Vf67NMf59HZGhPwtx"
- "PKzMyGT7Y/wySweUvW+Aui/hBJPAM/wJMyPpC3QrccQDxtLN4i/1CWPN/0ilAL/g"
- "5/OIty0y3pg25gqtAHvEZEo7hHUD8nCSfQ5i9SGraTaEMXWQ+L/HbIgbBpV8yeWo"
- "3nWhLHpo39XKHIdYYBkCAwEAAaOB/jCB+zASBgNVHRMBAf8ECDAGAQH/AgEAMAsG"
- "A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwKAYDVR0RBCEwH6QdMBsxGTAX"
- "BgNVBAMTEFByaXZhdGVMYWJlbDMtMTUwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDov"
- "L2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCCsG"
- "AQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMDQGA1UdJQQtMCsGCCsGAQUF"
- "BwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEB"
- "BQUAA4GBAFWsY+reod3SkF+fC852vhNRj5PZBSvIG3dLrWlQoe7e3P3bB+noOZTc"
- "q3J5Lwa/q4FwxKjt6lM07e8eU9kGx1Yr0Vz00YqOtCuxN5BICEIlxT6Ky3/rbwTR"
- "bcV0oveifHtgPHfNDs5IAn8BL7abN+AqKjbc1YXWrOU/VG+WHgWv";
-
-const std::string googleCA1 =
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k";
-
-const std::string revoked1 =
- "MIIEPDCCAySgAwIBAgIEEjRX1zANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJH"
- "QjElMCMGA1UECgwcV0FDIEFwcGxpY2F0aW9uIFNlcnZpY2VzIEx0ZDEhMB8GA1UE"
- "AwwYV0FDIEFTTCBJbnRlcm5hbCBDQSBURVNUMB4XDTExMDUyNDE4MDI0NFoXDTIx"
- "MDUyNDE4MDI0NFowNTEzMDEGA1UEAwwqaHR0cDovL3Rlc3RzLndhY2FwcHMubmV0"
- "LzIuMC9TUC0yMTUyLzEuMC4wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC"
- "AQEAtwDBLYP8TqODPnG/J3poBHb3xKLU0SaJT0uT18Hk7jr20MqZU9YLx0Qrz0M6"
- "lts9nRJYEnx4tF+xRBZ7dTT8yVhT17UElL08alCrt//DcwvYl2a+Av7TAV05ly+K"
- "+VFudwZtAFEsnProzlJvAKX5nOHvOkjzCWGQ3oH+GzO0W+ioUWJfj37ky4tYJ+8n"
- "Q6Y2lvWnVixrVpaeD4UcU+GHlV1T5RnodYw2p6Dbz+RtRp7VEmXJSdktD3FRdi3d"
- "qYV6efslg/S6VTXXKw8ppfQ4SJ4mBmHwestdzbQ6VgyC/CJym44Nf1qpr9kY0kZh"
- "vXhx918TQAtP1cHotatJyWL6MwIDAQABo4IBMDCCASwwDgYDVR0PAQH/BAQDAgeA"
- "MBMGA1UdJQQMMAoGCCsGAQUFBwMDMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly90"
- "ZXN0cy53YWNhcHBzLm5ldC8yLjAvdGVzdC5jcmwwOQYIKwYBBQUHAQEELTArMCkG"
- "CCsGAQUFBzABhh1odHRwOi8vdGVzdHMud2FjYXBwcy5uZXQ6ODA4MDBSBgNVHSAE"
- "SzBJMEcGBmeBDQEBAjA9MDsGCCsGAQUFBwIBFi9odHRwOi8vY2Eud2FjYXBwcy5u"
- "ZXQvcmVwb3NpdG9yeS9XaWRnZXRDUFMuaHRtbDAfBgNVHSMEGDAWgBTwbamqthT8"
- "7+9kKN7ZARVbiq4mMzAdBgNVHQ4EFgQU9tjOK6+r5PaL00tMp+Nt0BPvL1cwDQYJ"
- "KoZIhvcNAQELBQADggEBAE94ceB4R//NwYP0JahbfQSJD3IlGEoDcjzrsVoxucW2"
- "t4eOec95IpZaJU2i/OVOJ40ktxDbUkts15vDOPeTMoleq3Lh4AwHHvkF8GBjmuwY"
- "+Y6ySrstM2J5qYsnQfTls5ysNJYnoiMNNdcEh7k++OFKKwZahmjvzneEfE76JpoK"
- "nu9ONc5mpZIyWEVQ0krbUXguZC1OL53VXpNdlprtK/jr+FhPlgcBqjDUTErwfDsO"
- "5EBi66oASzHXxc1fgbO2sFTLXtQW0uatI0676U8tFRnQtJJvlzb3UiO87g/sb5eV"
- "uW8YOALZXQwFv2A2ufW+VhXxiKk64dT4Hrk4qQRNL0Y=";
-const std::string revoked2 =
- "MIIEQzCCAyugAwIBAgIPAMdMAQEALqZRDlTBXHdHMA0GCSqGSIb3DQEBCwUAMGAx"
- "CzAJBgNVBAYTAkdCMSUwIwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMg"
- "THRkMSowKAYDVQQDDCFXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkIFRFU1Qw"
- "HhcNMTEwNDI3MDg0NDIxWhcNMjYwNDI3MDg0NDIxWjBXMQswCQYDVQQGEwJHQjEl"
- "MCMGA1UECgwcV0FDIEFwcGxpY2F0aW9uIFNlcnZpY2VzIEx0ZDEhMB8GA1UEAwwY"
- "V0FDIEFTTCBJbnRlcm5hbCBDQSBURVNUMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A"
- "MIIBCgKCAQEAjuY5+eOh/4+EpslfIsixpDEJquJSOcMjuX/AOhgR5b5FeoU/KiS5"
- "VKFiTHyRKdWOVbRwpR3jvmT6wgeRaqV5Y+CgtskCaRsERUxf5rtBdFZtwfYkWhSt"
- "eli+nMTMO/FJ87gvIGmpguitqehtzdXkYXz7cPIMQRkMlZTi9LLSzkh9SSlj6n8R"
- "TEGwXsHmuFUiSAWE7Z4wAN3EuYbPxxvzBHz7b91rlkqT/EtPFjoW9jcnSYw6HF0g"
- "r2DegZpgIc1KuAULkasZxhEANJDF/GJSnnow01t6tlmTLqmZrns+kGOioMT1PbEb"
- "dyYXKeKfoUnZvD+DOSGhfzy3K1EF4OiCkwIDAQABo4IBATCB/jAfBgNVHSMEGDAW"
- "gBQp5dzy2tJEArpTqcQWNXG6J7y5WTASBgNVHRMBAf8ECDAGAQH/AgEAMFIGA1Ud"
- "IARLMEkwRwYGZ4ENAQEBMD0wOwYIKwYBBQUHAgEWL2h0dHA6Ly9jYS53YWNhcHBz"
- "Lm5ldC9yZXBvc2l0b3J5L1dpZGdldENQUy5odG1sMA4GA1UdDwEB/wQEAwIBBjAd"
- "BgNVHQ4EFgQU8G2pqrYU/O/vZCje2QEVW4quJjMwRAYDVR0fBD0wOzA5oDegNYYz"
- "aHR0cDovL2NybC5wcC5jYS53YWNhcHBzLm5ldC9jcmwvV0FDRG9tYWluLVRFU1Qu"
- "Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCBF8E8pQkcxSHcNU5rzFrJZY3KiZvaO+p0"
- "csuaqxzPTByKkGCPZA+/evM8X9fimMIJMQyFkER8GLvEw2QS/1Jc2WJBnpYfjiCr"
- "7nCzViUFH2XYKJqmRx4TDqyDjXmW1/sEo3659VBny8493UMuuXxP4737BJRteRf7"
- "O/YwrHeOUEegYZOBfamvG+JYaLqflRM+W7XbP7j3IrdoWUEnyoMBUWCMra2jn/Wm"
- "hNxa8wknxyLUB815dt33kQOHjjeMKjcXx+kZ5igg7bJW9QkenBKp86VSDhnod+sA"
- "CgPuNqg9R5jJQp2GXBaykOMnKvNJ8/pCdo3rdSuuzZxxMXUXnbyw";
-const std::string revoked3 =
- "MIIDijCCAnKgAwIBAgIOMwoBAQAuBBKsIqIni7QwDQYJKoZIhvcNAQELBQAwYDEL"
- "MAkGA1UEBhMCR0IxJTAjBgNVBAoMHFdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBM"
- "dGQxKjAoBgNVBAMMIVdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQgVEVTVDAe"
- "Fw0xMTAzMDMxNTA3MTlaFw0zNjAzMDMxNTA3MTlaMGAxCzAJBgNVBAYTAkdCMSUw"
- "IwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkMSowKAYDVQQDDCFX"
- "QUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkIFRFU1QwggEiMA0GCSqGSIb3DQEB"
- "AQUAA4IBDwAwggEKAoIBAQC1PB3UrpAQgLSVqHRPhHqdDJsjKQe/CT9oS4lA+mI/"
- "vkhAvam/EvcNrNHcLVvSph+Mj0d2Y2J9wkcNW7fS3qZJXtpMNU36r7XdBk9kiYhc"
- "PwJbckCo9Pp8YFxkuR6xV6Cc4o54mO2mumxDQ1hbwCsc5CT7yQz0FVVhCE01X6JJ"
- "D61DvqmAzCUpehmEXthNV/s/o8fL+I2mD75p8vNDyIZHSJX59czO3PriT3tH2h+0"
- "tQx7NEWG70fQEU2CzcH9UngPYU7xXqNOhT9GmI/yL3HTeYGNH3i5VHrBjxeTF11t"
- "IWSUDWQX1W0Y7TbN06XcGcuqPgjZ9xMcV7S4OiCBJz5nAgMBAAGjQjBAMA8GA1Ud"
- "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQp5dzy2tJEArpT"
- "qcQWNXG6J7y5WTANBgkqhkiG9w0BAQsFAAOCAQEAoXuyi8AjMx2yKVpss7xpVi5v"
- "aUjcHU3AlptjNCFrXI6Bw+KJGNo8ydYlEASRd5dL/pJ6/V+UuUt9EngjUSdYOZGB"
- "OgCeB2sJI8EZSay2LLhOCmkAxltC94Y/KRzkKqsYvNc6yvF85d+d4gbokf4APjmR"
- "1TSlZLZsVhwfR0k0mer2rHQGE5Ljezdk7ZGeEMLdn6WFScwjo980EI0OqEoJU3on"
- "+1TTBYudZ4o3qMgHiFwJafUJ6i3zuYbi9x86zMqeI4dJTbsTKLM0QV8vIdzI9fkV"
- "t1tO/uBBAsNFUv8PAYwP4AFyGvyJbR4uxwxuQZKrltgjSTkPGYR14JtrGk7Y9g==";
-
-class OcspTestImpl
-{
- public:
- bool testCheckEcho()
- {
- Assert(!!m_dbusClient);
- std::string hello = "RPC test.";
- std::string response;
- m_dbusClient->call(ECHO_METHOD_NAME, hello, &response);
- return response == hello;
- }
-
- WidgetVerificationStatus testOcspCheckForWidget(int id)
- {
- Assert(!!m_dbusClient);
- int response = 0;
- m_dbusClient->call(CHECK_ACCESS_METHOD, id, &response);
- return static_cast<WidgetVerificationStatus>(response);
- }
-
- static OcspTestImpl& getInstance();
-
- private:
- OcspTestImpl() :
- m_dbusClient(new DBus::Client(OBJECT_PATH,
- SERVICE_NAME,
- OCSP_INTERFACE_NAME))
- {
- }
-
- ~OcspTestImpl() { }
-
- std::shared_ptr<DBus::Client> m_dbusClient;
-};
-
-OcspTestImpl& OcspTestImpl::getInstance()
-{
- static OcspTestImpl instance;
- return instance;
-}
-
-}
-
-using namespace WrtDB;
-class WacSecurity : public IWacSecurity
-{
- public:
- WacSecurity() :
- mRecognized(false),
- mDistributorSigned(false),
- mWacSigned(false)
- {
- }
- virtual ~WacSecurity() {}
-
- virtual const WidgetCertificateDataList& getCertificateList() const
- {
- return mCertificateList;
- }
-
- virtual bool isRecognized() const { return mRecognized; }
-
- virtual bool isDistributorSigned() const { return mDistributorSigned; }
-
- virtual bool isWacSigned() const { return mWacSigned; }
-
- virtual void getCertificateChainList(
- CertificateChainList& list) const
- {
- FOREACH(certIter, mCertificateChainList)
- list.push_back(certIter->toBase64String());
- }
-
- void setRecognized(bool recognized) { mRecognized = recognized; }
- void setDistributorSigned(bool distributorSigned)
- {
- mDistributorSigned = distributorSigned;
- }
- void setWacSigned(bool wacSigned) { mWacSigned = wacSigned; }
-
- CertificatePtr getAuthorCertificatePtr() const
- {
- return mAuthorCertificate;
- }
-
- CertificateCollectionList& getCertificateChainListRef()
- {
- return mCertificateChainList;
- }
-
- WidgetCertificateDataList& getCertificateListRef()
- {
- return mCertificateList;
- }
-
- private:
- // This data are used to evaluate policy
- WidgetCertificateDataList mCertificateList;
-
- // author signature verified
- bool mRecognized;
- // known distribuor
- bool mDistributorSigned;
- // distributor is wac
- bool mWacSigned;
- // Author end entity certificate.
- // Information from this certificate are shown to user
- // during installation process.
- CertificatePtr mAuthorCertificate;
- // This certificates are used by OCSP/CRL
- CertificateCollectionList mCertificateChainList;
-};
-
-namespace WrtDB {
-IWacSecurity::~IWacSecurity() {}
-}
-
-
-RUNNER_TEST_GROUP_INIT(ocsp)
-
-RUNNER_TEST(aaa_ocsp_echo)
-{
- auto passed = OcspTestImpl::getInstance().testCheckEcho();
- RUNNER_ASSERT_MSG(true == passed, "Echo method returned wrong value");
-}
-
-RUNNER_TEST(ocsp_check_good)
-{
- WidgetRegisterInfo info;
- LanguageTagsList tagList;
-
- WidgetCertificateData cert;
- WacSecurity sec;
- sec.getCertificateListRef().push_back(cert);
- CertificateCollection collection;
- auto cert1 = new Certificate(googleCA1, Certificate::FormType::FORM_BASE64);
- auto cert2 = new Certificate(googleCA2, Certificate::FormType::FORM_BASE64);
- auto cert3 = new Certificate(googleCA3, Certificate::FormType::FORM_BASE64);
- CertificateList list;
- list.push_back(CertificatePtr(cert1));
- list.push_back(CertificatePtr(cert2));
- list.push_back(CertificatePtr(cert3));
-
- collection.load(list);
- collection.sort();
- sec.getCertificateChainListRef().push_back(collection);
-
- auto id = WidgetDAO::registerWidget(info, sec, tagList);
- auto ret = OcspTestImpl::getInstance().testOcspCheckForWidget(id);
-
- LogDebug("Status: " << ret);
- RUNNER_ASSERT_MSG(
- ret == WIDGET_VERIFICATION_STATUS_GOOD,
- "Certification status should be GOOD: " <<
- WIDGET_VERIFICATION_STATUS_GOOD << " but is " << ret);
- WidgetDAO::unregisterWidget(id);
-}
-
-RUNNER_TEST(ocsp_check_bad)
-{
- using namespace ValidationCore;
- WidgetRegisterInfo info;
- LanguageTagsList tagList;
-
- WidgetCertificateData cert;
- WacSecurity sec;
- sec.getCertificateListRef().push_back(cert);
- CertificateCollection collection;
- auto cert1 = new Certificate(revoked1, Certificate::FormType::FORM_BASE64);
- auto cert2 = new Certificate(revoked2, Certificate::FormType::FORM_BASE64);
- auto cert3 = new Certificate(revoked3, Certificate::FormType::FORM_BASE64);
- CertificateList list;
- list.push_back(CertificatePtr(cert1));
- list.push_back(CertificatePtr(cert2));
- list.push_back(CertificatePtr(cert3));
-
- collection.load(list);
- collection.sort();
- sec.getCertificateChainListRef().push_back(collection);
-
- auto id = WidgetDAO::registerWidget(info, sec, tagList);
- auto ret = OcspTestImpl::getInstance().testOcspCheckForWidget(id);
-
- LogDebug("Status: " << ret);
- RUNNER_ASSERT_MSG(
- ret == WIDGET_VERIFICATION_STATUS_REVOKED,
- "Certification status should be REVOKED: " <<
- WIDGET_VERIFICATION_STATUS_REVOKED << " but is " << ret);
- WidgetDAO::unregisterWidget(id);
-}