Hello, iotivity-dev! I'm preparing OCF Certification and I'm doing it using IoTivity-Lite. When I'm testing CT1.1.6 OCF Endpoint the problem occurs.
In CT1.1.6, before starting the test, an ACE which grants "anon-clear" access to any Resource that has a CoAP Endpoint is added. (It looks like following. {"subject" : {"conntype": "anon-clear"}, "resources": [ wc: "*" ], "permission":2 }) When this request is posted, post_acl function is called and post_acl function calls oc_sec_decode_acl function. And inside of this function, Following part changes all the app resource to be public(unsecure). And this makes the test fail by following reason. (For Smart Home Devices, Vertical Resources with OCF-defined "rt" values shall not expose any unsecured Endpoints (e.g. CoAPs)(10.2.4 Endpoint information in "eps" Parameter [CORE], 8 Security [DEV]).) #ifdef OC_SERVER if (subject_type == OC_SUBJECT_CONN && subject.conn == OC_CONN_ANON_CLEAR) { if (href) { oc_resource_t *r = oc_ri_get_app_resource_by_uri(href, strlen(href), device); if (r) { oc_resource_make_public(r); } } else { oc_resource_t *r = oc_ri_get_app_resources(); while (r != NULL) { if ((r->properties & wc_r) == r->properties) { oc_resource_make_public(r); } r = r->next; } } } #endif /* OC_SERVER */ So, making the test pass, I commented out the line 'oc_resource_make_public(r);' and I could pass the test. But I wonder I did right thing to modify the api in person. Please check out this and let me know the right way me to pass the CT1.1.6. Thanks in advance. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9964): https://lists.iotivity.org/g/iotivity-dev/message/9964 Mute This Topic: https://lists.iotivity.org/mt/27779813/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-