Remove MDFPP related code

Change-Id: I4b2078f2f2ebc8ebbd31fb3b7995eb1807fc3a49 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
author: Kyungwook Tak <k.tak@samsung.com> 2015-11-10 11:53:18 +0900
committer: Kyungwook Tak <k.tak@samsung.com> 2015-11-10 12:02:49 +0900
commit: 7372be701ca36747cea699c6d2ecac3524a2cffa (patch)
tree: 4d0e8b3418eb18fb098cb8734f04c423337e5a1f
parent: c1fe1e83ca540a1290f73dc077a0f8dcc0e67360 (diff)
download: key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.tar.gz
key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.tar.bz2
key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.zip
7 files changed, 38 insertions, 130 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab1548cf..73720b1e 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -58,13 +58,6 @@ IF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
     ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG")
 ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
 
-IF (DEFINED SECURITY_MDFPP_STATE_ENABLE)
-    MESSAGE("SECURITY_MDFPP_STATE_ENABLE ENABLED !")
-    ADD_DEFINITIONS("-DSECURITY_MDFPP_STATE_ENABLE")
-ELSE (DEFINED SECURITY_MDFPP_STATE_ENABLE)
-    MESSAGE("SECURITY_MDFPP_STATE_ENABLE DISABLED !")
-ENDIF (DEFINED SECURITY_MDFPP_STATE_ENABLE)
-
 IF (DEFINED SYSTEMD_ENV_FILE)
     ADD_DEFINITIONS(-DSYSTEMD_ENV_FILE="${SYSTEMD_ENV_FILE}")
 ENDIF (DEFINED SYSTEMD_ENV_FILE)
diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index a054ff67..23b89b0a 100644
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -17,7 +17,6 @@ BuildRequires: pkgconfig(openssl)
 BuildRequires: libattr-devel
 BuildRequires: pkgconfig(libsmack)
 BuildRequires: pkgconfig(libsystemd-daemon)
-BuildRequires: pkgconfig(vconf)
 BuildRequires: pkgconfig(libsystemd-journal)
 BuildRequires: pkgconfig(libxml-2.0)
 BuildRequires: pkgconfig(capi-system-info)
@@ -36,8 +35,8 @@ application to sign and verify (DSA/RSA/ECDSA) signatures.
 %package -n key-manager-listener
 Summary:    Package with listener daemon
 Group:      System/Security
-BuildRequires: pkgconfig(vconf)
 BuildRequires: pkgconfig(glib-2.0)
+BuildRequires: pkgconfig(dlog)
 BuildRequires: pkgconfig(capi-appfw-package-manager)
 Requires:   libkey-manager-client = %{version}-%{release}
 
@@ -120,9 +119,6 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
 %cmake . -DVERSION=%{version} \
         -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \
         -DCMAKE_VERBOSE_MAKEFILE=ON \
-%if "%{sec_product_feature_security_mdfpp_enable}" == "1"
-        -DSECURITY_MDFPP_STATE_ENABLE=1 \
-%endif
         -DSYSTEMD_UNIT_DIR=%{_unitdir} \
         -DSYSTEMD_ENV_FILE="/etc/sysconfig/central-key-manager" \
         -DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF}
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 131e6d43..aa72fb78 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -7,7 +7,6 @@ PKG_CHECK_MODULES(KEY_MANAGER_DEP
     libsystemd-daemon
     capi-base-common
     capi-system-info
-    vconf
     libxml-2.0
     security-manager
     cynara-client-async
diff --git a/src/listener/CMakeLists.txt b/src/listener/CMakeLists.txt
index 25e92eb4..1518c423 100644
--- a/src/listener/CMakeLists.txt
+++ b/src/listener/CMakeLists.txt
@@ -3,8 +3,6 @@ PKG_CHECK_MODULES(LISTENER_DEP
     dlog
     glib-2.0
     capi-appfw-package-manager
-    libsystemd-daemon
-    vconf
     )
 
 SET(LISTENER_SOURCES ${PROJECT_SOURCE_DIR}/src/listener/listener-daemon.cpp)
diff --git a/src/listener/listener-daemon.cpp b/src/listener/listener-daemon.cpp
index 0568c77c..4521bbd9 100644
--- a/src/listener/listener-daemon.cpp
+++ b/src/listener/listener-daemon.cpp
@@ -29,15 +29,10 @@
 #include <ckm/ckm-type.h>
 #include <dlog.h>
 
-#ifdef SECURITY_MDFPP_STATE_ENABLE
-#include <vconf/vconf.h>
-#endif
-
-#define CKM_LISTENER_TAG "CKM_LISTENER"
-
-#if defined(SECURITY_MDFPP_STATE_ENABLE) && !defined(VCONFKEY_SECURITY_MDPP_STATE)
-#define VCONFKEY_SECURITY_MDPP_STATE "file/security_mdpp/security_mdpp_state"
+#ifdef LOG_TAG
+#undef LOG_TAG
 #endif
+#define LOG_TAG "CKM_LISTENER"
 
 namespace {
 const char* const CKM_LOCK = "/var/run/key-manager.pid";
@@ -56,30 +51,6 @@ bool isCkmRunning()
     return (0 != ret);
 }
 
-#ifdef SECURITY_MDFPP_STATE_ENABLE
-void callUpdateCCMode()
-{
-    if(!isCkmRunning())
-        return;
-
-    auto control = CKM::Control::create();
-    int ret = control->updateCCMode();
-
-    SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "Callback caller process id : %d\n", getpid());
-
-    if ( ret != CKM_API_SUCCESS )
-        SLOG(LOG_ERROR, CKM_LISTENER_TAG, "CKM::Control::updateCCMode error. ret : %d\n", ret);
-    else
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "CKM::Control::updateCCMode success.\n");
-}
-
-void ccModeChangedEventCallback(keynode_t*, void*)
-{
-    callUpdateCCMode();
-}
-#endif
-
-
 void packageUninstalledEventCallback(
     const char *type,
     const char *package,
@@ -96,59 +67,41 @@ void packageUninstalledEventCallback(
 
     if (eventType != PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL ||
             eventState != PACKAGE_MANAGER_EVENT_STATE_STARTED ||
-            package == NULL) {
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "PackageUninstalled Callback error of Invalid Param");
-    }
-    else {
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "PackageUninstalled Callback. Uninstalation of: %s", package);
-        auto control = CKM::Control::create();
-        int ret = 0;
-        if ( CKM_API_SUCCESS != (ret = control->removeApplicationData(std::string(package))) ) {
-            SLOG(LOG_ERROR, CKM_LISTENER_TAG, "CKM::Control::removeApplicationData error. ret : %d\n", ret);
-        }
-        else {
-            SLOG(LOG_DEBUG, CKM_LISTENER_TAG,
-                "CKM::Control::removeApplicationData success. Uninstallation package : %s\n", package);
-        }
+            package == NULL)
+		return;
+
+    SLOGD("PackageUninstalled Callback. Uninstalation of: %s", package);
+
+    if (!isCkmRunning()) {
+        SLOGE("package uninstall event recieved but ckm isn't running!");
+        return;
     }
+
+    auto control = CKM::Control::create();
+    int ret = control->removeApplicationData(std::string(package));
+    if (ret != CKM_API_SUCCESS)
+        SLOGE("CKM::Control::removeApplicationData error. ret : %d", ret);
+    else
+        SLOGD("CKM::Control::removeApplicationData success. Uninstallation package : %s", package);
 }
 
-int main(void) {
-    SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "%s", "Start!");
+int main(void)
+{
+    SLOGD("Start!");
 
-    // Let's start to listen
     GMainLoop *main_loop = g_main_loop_new(NULL, FALSE);
 
     package_manager_h request;
     package_manager_create(&request);
 
-    SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "register uninstalledApp event callback start");
+    SLOGD("register uninstalledApp event callback start");
     if (0 != package_manager_set_event_cb(request, packageUninstalledEventCallback, NULL)) {
-        SLOG(LOG_ERROR, CKM_LISTENER_TAG, "%s", "Error in package_manager_set_event_cb");
+        SLOGE("Error in package_manager_set_event_cb");
         exit(-1);
     }
-    SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "register uninstalledApp event callback success");
-
-#ifdef SECURITY_MDFPP_STATE_ENABLE
-    int ret = 0;
-    char *mdpp_state = vconf_get_str(VCONFKEY_SECURITY_MDPP_STATE);
-    if ( mdpp_state ) { // Update cc mode and register event callback only when mdpp vconf key exists
-        callUpdateCCMode();
-
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "register vconfCCModeChanged event callback start");
-        if ( 0 != (ret = vconf_notify_key_changed(VCONFKEY_SECURITY_MDPP_STATE, ccModeChangedEventCallback, NULL)) ) {
-            SLOG(LOG_ERROR, CKM_LISTENER_TAG, "Error in vconf_notify_key_changed. ret : %d", ret);
-            exit(-1);
-        }
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "register vconfCCModeChanged event callback success");
-    }
-    else
-        SLOG(LOG_DEBUG, CKM_LISTENER_TAG,
-            "vconfCCModeChanged event callback is not registered. No vconf key exists : %s", VCONFKEY_SECURITY_MDPP_STATE);
-#endif
-
-    SLOG(LOG_DEBUG, CKM_LISTENER_TAG, "%s", "Ready to listen!");
+    SLOGD("Ready to listen!");
     g_main_loop_run(main_loop);
+
     return 0;
 }
 
diff --git a/src/manager/service/access-control.cpp b/src/manager/service/access-control.cpp
index decd92cb..e5eba2b9 100644
--- a/src/manager/service/access-control.cpp
+++ b/src/manager/service/access-control.cpp
@@ -25,58 +25,28 @@
 #include <ckm/ckm-type.h>
 #include <openssl/crypto.h>
 
-#ifdef SECURITY_MDFPP_STATE_ENABLE
-#include <vconf/vconf.h>
-#endif
-
-#if defined(SECURITY_MDFPP_STATE_ENABLE) && !defined(VCONFKEY_SECURITY_MDPP_STATE)
-#define VCONFKEY_SECURITY_MDPP_STATE "file/security_mdpp/security_mdpp_state"
-#endif
-
 namespace {
-const char* const MDPP_MODE_ENFORCING = "Enforcing";
-const char* const MDPP_MODE_ENABLED = "Enabled";
-const char* const MDPP_MODE_DISABLED = "Disabled";
-const uid_t       SYSTEM_SVC_MAX_UID = (5000 - 1);
+const uid_t SYSTEM_SVC_MAX_UID = (5000 - 1);
 } // anonymous namespace
 
 namespace CKM {
 
-void AccessControl::updateCCMode() {
-    int fipsModeStatus = 0;
-    int rc = 0;
-    bool newMode;
-
-#ifdef SECURITY_MDFPP_STATE_ENABLE
-    char *mdppState = vconf_get_str(VCONFKEY_SECURITY_MDPP_STATE);
-#else
-    char *mdppState = NULL;
-#endif
-    newMode = ( mdppState && (!strcmp(mdppState, MDPP_MODE_ENABLED) ||
-                              !strcmp(mdppState, MDPP_MODE_ENFORCING) ||
-                              !strcmp(mdppState, MDPP_MODE_DISABLED)));
+void AccessControl::updateCCMode()
+{
+    /* newMode should be extracted from global property like buxton in product */
+    bool newMode = false;
+
     if (newMode == m_ccMode)
         return;
 
-    m_ccMode = newMode;
+    int iNewMode = newMode ? 1 : 0;
 
-    fipsModeStatus = FIPS_mode();
-
-    if(m_ccMode) {
-        if(fipsModeStatus == 0) { // If FIPS mode off
-            rc = FIPS_mode_set(1); // Change FIPS_mode from off to on
-            if(rc == 0) {
-                LogError("Error in FIPS_mode_set function");
-            }
-        }
-    } else {
-        if(fipsModeStatus == 1) { // If FIPS mode on
-            rc = FIPS_mode_set(0); // Change FIPS_mode from on to off
-            if(rc == 0) {
-                LogError("Error in FIPS_mode_set function");
-            }
-        }
+    if (FIPS_mode_set(iNewMode) == 0) {
+        LogError("Error to FIPS_mode_set with param " << iNewMode);
+        return;
     }
+
+    m_ccMode = newMode;
 }
 
 bool AccessControl::isCCMode() const
diff --git a/tools/ckm_db_tool/CMakeLists.txt b/tools/ckm_db_tool/CMakeLists.txt
index c8fb53cd..8309d5dc 100644
--- a/tools/ckm_db_tool/CMakeLists.txt
+++ b/tools/ckm_db_tool/CMakeLists.txt
@@ -8,7 +8,6 @@ PKG_CHECK_MODULES(CKM_DB_TOOL_DEP
     libcrypto
     capi-base-common
     capi-system-info
-    vconf
     libxml-2.0
     cynara-client-async
     cynara-creds-socket
author	Kyungwook Tak <k.tak@samsung.com>	2015-11-10 11:53:18 +0900
committer	Kyungwook Tak <k.tak@samsung.com>	2015-11-10 12:02:49 +0900
commit	7372be701ca36747cea699c6d2ecac3524a2cffa (patch)
tree	4d0e8b3418eb18fb098cb8734f04c423337e5a1f
parent	c1fe1e83ca540a1290f73dc077a0f8dcc0e67360 (diff)
download	key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.tar.gz key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.tar.bz2 key-manager-7372be701ca36747cea699c6d2ecac3524a2cffa.zip