Remove crypto type "None" Unused for a while. If necessary better to set local_anonymous_access_role into kOwner. Change-Id: Ifdd39a9a6069f54ac641730550ed71da106fe10e Reviewed-on: https://weave-review.googlesource.com/2377 Reviewed-by: Alex Vakulenko <avakulenko@google.com> (cherry picked from commit d7c6deb0576805c0e043686e220a7a27e17b50d4) Reviewed-on: https://weave-review.googlesource.com/2423 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
diff --git a/examples/daemon/common/daemon.h b/examples/daemon/common/daemon.h index 6dc021d..985c5e5 100644 --- a/examples/daemon/common/daemon.h +++ b/examples/daemon/common/daemon.h
@@ -20,7 +20,6 @@ public: struct Options { bool force_bootstrapping_{false}; - bool disable_security_{false}; bool disable_privet_{false}; std::string registration_ticket_; std::string model_id_{"AAAAA"}; @@ -31,7 +30,6 @@ << "\t-h,--help Show this help message\n" << "\t--v=LEVEL Logging level\n" << "\t-b,--bootstrapping Force WiFi bootstrapping\n" - << "\t-d,--disable_security Disable privet security\n" << "\t--registration_ticket=TICKET Register device with the " "given ticket\n" << "\t--disable_privet Disable local privet\n"; @@ -44,8 +42,6 @@ return false; } else if (arg == "-b" || arg == "--bootstrapping") { force_bootstrapping_ = true; - } else if (arg == "-d" || arg == "--disable_security") { - disable_security_ = true; } else if (arg == "--disable_privet") { disable_privet_ = true; } else if (arg.find("--registration_ticket") != std::string::npos) { @@ -71,8 +67,7 @@ Daemon(const Options& opts) : task_runner_{new weave::examples::EventTaskRunner}, config_store_{ - new weave::examples::FileConfigStore(opts.disable_security_, - opts.model_id_, + new weave::examples::FileConfigStore(opts.model_id_, task_runner_.get())}, http_client_{new weave::examples::CurlHttpClient(task_runner_.get())}, network_{new weave::examples::EventNetworkImpl(task_runner_.get())},
diff --git a/examples/provider/file_config_store.cc b/examples/provider/file_config_store.cc index 31efaa7..a6c2e60 100644 --- a/examples/provider/file_config_store.cc +++ b/examples/provider/file_config_store.cc
@@ -19,11 +19,9 @@ const char kSettingsDir[] = "/var/lib/weave/"; -FileConfigStore::FileConfigStore(bool disable_security, - const std::string& model_id, +FileConfigStore::FileConfigStore(const std::string& model_id, provider::TaskRunner* task_runner) - : disable_security_{disable_security}, - model_id_{model_id}, + : model_id_{model_id}, task_runner_{task_runner} {} std::string FileConfigStore::GetPath(const std::string& name) const { @@ -61,7 +59,6 @@ settings->client_secret = "LS_iPYo_WIOE0m2VnLdduhnx"; settings->api_key = "AIzaSyACK3oZtmIylUKXiTMqkZqfuRiCgQmQSAQ"; - settings->disable_security = disable_security_; return true; }
diff --git a/examples/provider/file_config_store.h b/examples/provider/file_config_store.h index e7398d1..337e82a 100644 --- a/examples/provider/file_config_store.h +++ b/examples/provider/file_config_store.h
@@ -17,8 +17,7 @@ class FileConfigStore : public provider::ConfigStore { public: - FileConfigStore(bool disable_security, - const std::string& model_id, + FileConfigStore(const std::string& model_id, provider::TaskRunner* task_runner); bool LoadDefaults(Settings* settings) override; @@ -31,7 +30,6 @@ private: std::string GetPath(const std::string& name) const; - const bool disable_security_; const std::string model_id_; provider::TaskRunner* task_runner_{nullptr}; };
diff --git a/include/weave/settings.h b/include/weave/settings.h index eeb3f93..741fff2 100644 --- a/include/weave/settings.h +++ b/include/weave/settings.h
@@ -71,7 +71,6 @@ // Internal options to tweak some library functionality. External code should // avoid using them. bool wifi_auto_setup_enabled{true}; - bool disable_security{false}; std::string test_privet_ssid; };
diff --git a/src/config_unittest.cc b/src/config_unittest.cc index fbb558a..4b0e5b4 100644 --- a/src/config_unittest.cc +++ b/src/config_unittest.cc
@@ -68,7 +68,6 @@ EXPECT_FALSE(GetSettings().device_id.empty()); EXPECT_EQ("", GetSettings().firmware_version); EXPECT_TRUE(GetSettings().wifi_auto_setup_enabled); - EXPECT_FALSE(GetSettings().disable_security); EXPECT_EQ("", GetSettings().test_privet_ssid); EXPECT_EQ(std::set<PairingType>{PairingType::kPinCode}, GetSettings().pairing_modes); @@ -164,8 +163,6 @@ EXPECT_EQ("state_device_id", GetSettings().device_id); EXPECT_EQ(GetDefaultSettings().wifi_auto_setup_enabled, GetSettings().wifi_auto_setup_enabled); - EXPECT_EQ(GetDefaultSettings().disable_security, - GetSettings().disable_security); EXPECT_EQ(GetDefaultSettings().test_privet_ssid, GetSettings().test_privet_ssid); EXPECT_EQ(GetDefaultSettings().pairing_modes, GetSettings().pairing_modes);
diff --git a/src/privet/privet_manager.cc b/src/privet/privet_manager.cc index edc7907..9c717ce 100644 --- a/src/privet/privet_manager.cc +++ b/src/privet/privet_manager.cc
@@ -53,8 +53,6 @@ CHECK(auth_manager); CHECK(device); - disable_security_ = device->GetSettings().disable_security; - device_ = DeviceDelegate::CreateDefault( task_runner_, http_server->GetHttpPort(), http_server->GetHttpsPort(), http_server->GetRequestTimeout()); @@ -129,9 +127,6 @@ const std::shared_ptr<provider::HttpServer::Request>& request, const std::string& data) { std::string auth_header = request->GetFirstHeader(http::kAuthorization); - if (auth_header.empty() && disable_security_) - auth_header = "Privet anonymous"; - base::DictionaryValue empty; auto value = base::JSONReader::Read(data); const base::DictionaryValue* dictionary = ∅
diff --git a/src/privet/privet_manager.h b/src/privet/privet_manager.h index 371d843..06eb89a 100644 --- a/src/privet/privet_manager.h +++ b/src/privet/privet_manager.h
@@ -79,7 +79,6 @@ void OnChanged(); void OnConnectivityChanged(); - bool disable_security_{false}; provider::TaskRunner* task_runner_{nullptr}; std::unique_ptr<CloudDelegate> cloud_; std::unique_ptr<DeviceDelegate> device_;
diff --git a/src/privet/privet_types.cc b/src/privet/privet_types.cc index dd291b3..9e50f94 100644 --- a/src/privet/privet_types.cc +++ b/src/privet/privet_types.cc
@@ -52,7 +52,6 @@ }; const EnumToStringMap<CryptoType>::Map kCryptoTypeMap[] = { - {CryptoType::kNone, "none"}, {CryptoType::kSpake_p224, "p224_spake2"}, };
diff --git a/src/privet/privet_types.h b/src/privet/privet_types.h index c738865..49c4522 100644 --- a/src/privet/privet_types.h +++ b/src/privet/privet_types.h
@@ -15,7 +15,6 @@ namespace privet { enum class CryptoType { - kNone, kSpake_p224, };
diff --git a/src/privet/security_manager.cc b/src/privet/security_manager.cc index 358876d..0f00699 100644 --- a/src/privet/security_manager.cc +++ b/src/privet/security_manager.cc
@@ -67,25 +67,6 @@ crypto::P224EncryptedKeyExchange spake_; }; -class UnsecureKeyExchanger : public SecurityManager::KeyExchanger { - public: - explicit UnsecureKeyExchanger(const std::string& password) - : password_(password) {} - ~UnsecureKeyExchanger() override = default; - - // SecurityManager::KeyExchanger methods. - const std::string& GetMessage() override { return password_; } - - bool ProcessMessage(const std::string& message, ErrorPtr* error) override { - return true; - } - - const std::string& GetKey() const override { return password_; } - - private: - std::string password_; -}; - } // namespace SecurityManager::SecurityManager(const Config* config, @@ -218,8 +199,6 @@ std::set<CryptoType> SecurityManager::GetCryptoTypes() const { std::set<CryptoType> result{CryptoType::kSpake_p224}; - if (GetSettings().disable_security) - result.insert(CryptoType::kNone); return result; } @@ -259,8 +238,6 @@ bool SecurityManager::IsValidPairingCode( const std::vector<uint8_t>& auth_code) const { - if (GetSettings().disable_security) - return true; for (const auto& session : confirmed_sessions_) { const std::string& key = session.second->GetKey(); const std::string& id = session.first; @@ -309,11 +286,6 @@ case CryptoType::kSpake_p224: spake.reset(new Spakep224Exchanger(code)); break; - case CryptoType::kNone: - if (GetSettings().disable_security) { - spake.reset(new UnsecureKeyExchanger(code)); - break; - } // Fall through... default: return Error::AddTo(error, FROM_HERE, errors::kInvalidParams, @@ -428,9 +400,6 @@ } bool SecurityManager::CheckIfPairingAllowed(ErrorPtr* error) { - if (GetSettings().disable_security) - return true; - if (block_pairing_until_ > auth_manager_->Now()) { return Error::AddTo(error, FROM_HERE, errors::kDeviceBusy, "Too many pairing attempts");