Thanks for the information Marcello, I'll give it a try and report back if there are issues.
Cheers, Peter On Friday, 2 September 2016, Lioy, Marcello <[email protected]> wrote: > 15.09 iOS support was not official on of the reasons for this is that > support for Security 2.0 was not exposed of iOS (or Java for that matter). > I would recommend that you try with the 16.04a iOS binding as that was > officially supported, and if you see issues there with security the Core WG > will have to seriously consider fixing it as that might imply an > interoperability issue. > > > > *From:* Peter Nisbet [mailto:[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>] > *Sent:* Friday, September 02, 2016 11:45 AM > *To:* Lioy, Marcello <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > *Cc:* [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>; > [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');> > *Subject:* Re: [Allseen-core] Issues accessing config and onboarding > services after upgrading to 16.04a > > > > Hello Marcello, > > > > Thank you for providing some information regarding our issue accessing the > Onboarding and configuration services after our upgrade. It explains why > our 14.12 version of our app didn't work, however we do have a 15.09 > version of our Alljoyn mobile app running on IOS which is also unable to > access these services. > > > > I would assume that as the 15.09 app is able to complete the handshake > process but is unable to access the onboarding or configuration services is > due to a permission issue, is this related to not having a policy installed > on our device running 16.04 thin client? If this is the case how is a > policy obtained for the thin client device? > > > > Thank you for any further information you can provide on this issue, > > > > Cheers, > > > > Peter > > > Peter Nisbet, MASc, C.E.T > > Electronics Engineer > > > > Heaven Fresh Canada Inc. > > 1600 Aimco Blvd., Unit 5 > > Mississauga ON L4W 1V1 > > Cell: +1.647.377.2489 > > http://www.heavenfresh.ca > > > > Linkedin <http://ca.linkedin.com/in/peternisbet265> > > > > On Fri, Sep 2, 2016 at 2:08 PM, Lioy, Marcello <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > > You are correct there are changes in security that are not compatible > between 14.12 and 16.04. The issue is likely with the Dashboard > application, which was open sourced (https://git.allseenalliance. > org/cgit/contributed_applications/dashboard.git/) a while back. > Depending on your product requirements you may wish to updated the > dashboard project to use the new security features. Unfortunately no one > is currently maintaining that project, but was made available exactly for > situations like these. If you do so it would be great if you upstreamed > your changes! > > > > *From:* [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');> > [mailto:[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>] > *On Behalf Of *Peter Nisbet > *Sent:* Wednesday, August 31, 2016 12:41 PM > *To:* [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>; > [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');> > *Subject:* [Allseen-core] Issues accessing config and onboarding services > after upgrading to 16.04a > > > > Hello All, > > > > I've recently been working on upgrading our smart home products from AJTCL > version 14.12 to 16.04a and I've ran into issues accessing the onboarding > and configuration services of the device. > > > > I can access our custom device control panel and control our > device through our Alljoyn app after the upgrade to 16.04. Our control > panel uses an unsecured interface, while I believe the configuration and > onboarding interfaces are secured. This leads me to believe that there is > some issue with the security settings for our products, as there appear to > be significant changes between the security of 14.12 and 16.04. > > > > If I bypass calls for authorisation, policy and ACL functions I am able to > load the config and onboarding services, however this only works with 15.09 > or above versions of Alljoyn, as the dashboard app running 14.12 asks > repeatedly for a passcode. > > > > In the logs I've collected from the device I noticed that the function > AJ_PolicyLoad(); in AJ_PeerHandleExchangeGUIDs returns with error no policy > found. Could this be causing issues as I'd assume not having a policy would > prevent access to interface methods for the secured interface. > > > > It appears the interface methods for the onboarding and config services > are being registered in the access control list as I see this being done as > the device starts up. > > > > In the device logs I notice that on first attempt to access the onboarding > or config services, the device and app seem to fail at > AJ_PeerHandleKeyExchange(); with failed authentication, however restarting > the app on the phone and reconnecting to the device results in > authentication being successful and ultimately resulting a successful > handshake. The app however will repeatedly ask for a passcode when it tries > to call an interface method. I also see an error on the thin client for > FindAccessControlMember: Access table not initialized. > > > > Some information on our platform: > > OS: MQX 4.1 RTOS > > Alljoyn core version: 16.04a > > Base service version: 16.04 > > > > IOS App versions: 15.09 > > Android App: Dashboard 14.12 > > Cipher used is ALLJOYN_ECDHE_PSK > > > > If the issue is with not having a policy for the device please direct me > to where I can generate one. If it is not related to the policy is it some > other security issue and is it something that needs to be changed on the > thin client or mobile app. > > > > Any insight or information would be most appreciated. > > > > Thanks in advance, > > > > Peter > > > > > Peter Nisbet, MASc, C.E.T > > Electronics Engineer > > > > Heaven Fresh Canada Inc. > > 1600 Aimco Blvd., Unit 5 > > Mississauga ON L4W 1V1 > > Cell: +1.647.377.2489 > > http://www.heavenfresh.ca > > > > Linkedin <http://ca.linkedin.com/in/peternisbet265> > > > -- Peter Nisbet, MASc, C.E.T Electronics Engineer Heaven Fresh Canada Inc. 1600 Aimco Blvd., Unit 5 Mississauga ON L4W 1V1 Cell: +1.647.377.2489 http://www.heavenfresh.ca Linkedin <http://ca.linkedin.com/in/peternisbet265>
_______________________________________________ Allseen-core mailing list [email protected] https://lists.allseenalliance.org/mailman/listinfo/allseen-core
