Remove crypto type "None"
Unused for a while. If necessary better to set
local_anonymous_access_role into kOwner.
Change-Id: Ifdd39a9a6069f54ac641730550ed71da106fe10e
Reviewed-on: https://weave-review.googlesource.com/2377
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
diff --git a/examples/daemon/common/daemon.h b/examples/daemon/common/daemon.h
index 6dc021d..985c5e5 100644
--- a/examples/daemon/common/daemon.h
+++ b/examples/daemon/common/daemon.h
@@ -20,7 +20,6 @@
public:
struct Options {
bool force_bootstrapping_{false};
- bool disable_security_{false};
bool disable_privet_{false};
std::string registration_ticket_;
std::string model_id_{"AAAAA"};
@@ -31,7 +30,6 @@
<< "\t-h,--help Show this help message\n"
<< "\t--v=LEVEL Logging level\n"
<< "\t-b,--bootstrapping Force WiFi bootstrapping\n"
- << "\t-d,--disable_security Disable privet security\n"
<< "\t--registration_ticket=TICKET Register device with the "
"given ticket\n"
<< "\t--disable_privet Disable local privet\n";
@@ -44,8 +42,6 @@
return false;
} else if (arg == "-b" || arg == "--bootstrapping") {
force_bootstrapping_ = true;
- } else if (arg == "-d" || arg == "--disable_security") {
- disable_security_ = true;
} else if (arg == "--disable_privet") {
disable_privet_ = true;
} else if (arg.find("--registration_ticket") != std::string::npos) {
@@ -71,8 +67,7 @@
Daemon(const Options& opts)
: task_runner_{new weave::examples::EventTaskRunner},
config_store_{
- new weave::examples::FileConfigStore(opts.disable_security_,
- opts.model_id_,
+ new weave::examples::FileConfigStore(opts.model_id_,
task_runner_.get())},
http_client_{new weave::examples::CurlHttpClient(task_runner_.get())},
network_{new weave::examples::EventNetworkImpl(task_runner_.get())},
diff --git a/examples/provider/file_config_store.cc b/examples/provider/file_config_store.cc
index 31efaa7..a6c2e60 100644
--- a/examples/provider/file_config_store.cc
+++ b/examples/provider/file_config_store.cc
@@ -19,11 +19,9 @@
const char kSettingsDir[] = "/var/lib/weave/";
-FileConfigStore::FileConfigStore(bool disable_security,
- const std::string& model_id,
+FileConfigStore::FileConfigStore(const std::string& model_id,
provider::TaskRunner* task_runner)
- : disable_security_{disable_security},
- model_id_{model_id},
+ : model_id_{model_id},
task_runner_{task_runner} {}
std::string FileConfigStore::GetPath(const std::string& name) const {
@@ -61,7 +59,6 @@
settings->client_secret = "LS_iPYo_WIOE0m2VnLdduhnx";
settings->api_key = "AIzaSyACK3oZtmIylUKXiTMqkZqfuRiCgQmQSAQ";
- settings->disable_security = disable_security_;
return true;
}
diff --git a/examples/provider/file_config_store.h b/examples/provider/file_config_store.h
index e7398d1..337e82a 100644
--- a/examples/provider/file_config_store.h
+++ b/examples/provider/file_config_store.h
@@ -17,8 +17,7 @@
class FileConfigStore : public provider::ConfigStore {
public:
- FileConfigStore(bool disable_security,
- const std::string& model_id,
+ FileConfigStore(const std::string& model_id,
provider::TaskRunner* task_runner);
bool LoadDefaults(Settings* settings) override;
@@ -31,7 +30,6 @@
private:
std::string GetPath(const std::string& name) const;
- const bool disable_security_;
const std::string model_id_;
provider::TaskRunner* task_runner_{nullptr};
};
diff --git a/include/weave/settings.h b/include/weave/settings.h
index eeb3f93..741fff2 100644
--- a/include/weave/settings.h
+++ b/include/weave/settings.h
@@ -71,7 +71,6 @@
// Internal options to tweak some library functionality. External code should
// avoid using them.
bool wifi_auto_setup_enabled{true};
- bool disable_security{false};
std::string test_privet_ssid;
};
diff --git a/src/config_unittest.cc b/src/config_unittest.cc
index fbb558a..4b0e5b4 100644
--- a/src/config_unittest.cc
+++ b/src/config_unittest.cc
@@ -68,7 +68,6 @@
EXPECT_FALSE(GetSettings().device_id.empty());
EXPECT_EQ("", GetSettings().firmware_version);
EXPECT_TRUE(GetSettings().wifi_auto_setup_enabled);
- EXPECT_FALSE(GetSettings().disable_security);
EXPECT_EQ("", GetSettings().test_privet_ssid);
EXPECT_EQ(std::set<PairingType>{PairingType::kPinCode},
GetSettings().pairing_modes);
@@ -164,8 +163,6 @@
EXPECT_EQ("state_device_id", GetSettings().device_id);
EXPECT_EQ(GetDefaultSettings().wifi_auto_setup_enabled,
GetSettings().wifi_auto_setup_enabled);
- EXPECT_EQ(GetDefaultSettings().disable_security,
- GetSettings().disable_security);
EXPECT_EQ(GetDefaultSettings().test_privet_ssid,
GetSettings().test_privet_ssid);
EXPECT_EQ(GetDefaultSettings().pairing_modes, GetSettings().pairing_modes);
diff --git a/src/privet/privet_manager.cc b/src/privet/privet_manager.cc
index edc7907..9c717ce 100644
--- a/src/privet/privet_manager.cc
+++ b/src/privet/privet_manager.cc
@@ -53,8 +53,6 @@
CHECK(auth_manager);
CHECK(device);
- disable_security_ = device->GetSettings().disable_security;
-
device_ = DeviceDelegate::CreateDefault(
task_runner_, http_server->GetHttpPort(), http_server->GetHttpsPort(),
http_server->GetRequestTimeout());
@@ -129,9 +127,6 @@
const std::shared_ptr<provider::HttpServer::Request>& request,
const std::string& data) {
std::string auth_header = request->GetFirstHeader(http::kAuthorization);
- if (auth_header.empty() && disable_security_)
- auth_header = "Privet anonymous";
-
base::DictionaryValue empty;
auto value = base::JSONReader::Read(data);
const base::DictionaryValue* dictionary = ∅
diff --git a/src/privet/privet_manager.h b/src/privet/privet_manager.h
index 371d843..06eb89a 100644
--- a/src/privet/privet_manager.h
+++ b/src/privet/privet_manager.h
@@ -79,7 +79,6 @@
void OnChanged();
void OnConnectivityChanged();
- bool disable_security_{false};
provider::TaskRunner* task_runner_{nullptr};
std::unique_ptr<CloudDelegate> cloud_;
std::unique_ptr<DeviceDelegate> device_;
diff --git a/src/privet/privet_types.cc b/src/privet/privet_types.cc
index dd291b3..9e50f94 100644
--- a/src/privet/privet_types.cc
+++ b/src/privet/privet_types.cc
@@ -52,7 +52,6 @@
};
const EnumToStringMap<CryptoType>::Map kCryptoTypeMap[] = {
- {CryptoType::kNone, "none"},
{CryptoType::kSpake_p224, "p224_spake2"},
};
diff --git a/src/privet/privet_types.h b/src/privet/privet_types.h
index c738865..49c4522 100644
--- a/src/privet/privet_types.h
+++ b/src/privet/privet_types.h
@@ -15,7 +15,6 @@
namespace privet {
enum class CryptoType {
- kNone,
kSpake_p224,
};
diff --git a/src/privet/security_manager.cc b/src/privet/security_manager.cc
index 358876d..0f00699 100644
--- a/src/privet/security_manager.cc
+++ b/src/privet/security_manager.cc
@@ -67,25 +67,6 @@
crypto::P224EncryptedKeyExchange spake_;
};
-class UnsecureKeyExchanger : public SecurityManager::KeyExchanger {
- public:
- explicit UnsecureKeyExchanger(const std::string& password)
- : password_(password) {}
- ~UnsecureKeyExchanger() override = default;
-
- // SecurityManager::KeyExchanger methods.
- const std::string& GetMessage() override { return password_; }
-
- bool ProcessMessage(const std::string& message, ErrorPtr* error) override {
- return true;
- }
-
- const std::string& GetKey() const override { return password_; }
-
- private:
- std::string password_;
-};
-
} // namespace
SecurityManager::SecurityManager(const Config* config,
@@ -218,8 +199,6 @@
std::set<CryptoType> SecurityManager::GetCryptoTypes() const {
std::set<CryptoType> result{CryptoType::kSpake_p224};
- if (GetSettings().disable_security)
- result.insert(CryptoType::kNone);
return result;
}
@@ -259,8 +238,6 @@
bool SecurityManager::IsValidPairingCode(
const std::vector<uint8_t>& auth_code) const {
- if (GetSettings().disable_security)
- return true;
for (const auto& session : confirmed_sessions_) {
const std::string& key = session.second->GetKey();
const std::string& id = session.first;
@@ -309,11 +286,6 @@
case CryptoType::kSpake_p224:
spake.reset(new Spakep224Exchanger(code));
break;
- case CryptoType::kNone:
- if (GetSettings().disable_security) {
- spake.reset(new UnsecureKeyExchanger(code));
- break;
- }
// Fall through...
default:
return Error::AddTo(error, FROM_HERE, errors::kInvalidParams,
@@ -428,9 +400,6 @@
}
bool SecurityManager::CheckIfPairingAllowed(ErrorPtr* error) {
- if (GetSettings().disable_security)
- return true;
-
if (block_pairing_until_ > auth_manager_->Now()) {
return Error::AddTo(error, FROM_HERE, errors::kDeviceBusy,
"Too many pairing attempts");