Skip to content

Commit

Permalink
Fix handling of certificate validity policy in CHIPDeviceControllerFa…
Browse files Browse the repository at this point in the history
…ctory. (#26526)

When we created a new system state, we lost track of the certificate validity
policy (since it's not stored in the system state and was not copied from the
old one to the new one).

Just store it in the controller factory like other things of that sort, so we
make sure to propagate it to all system states.
  • Loading branch information
bzbarsky-apple authored May 12, 2023
1 parent e80abca commit 10af55d
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 21 deletions.
35 changes: 19 additions & 16 deletions src/controller/CHIPDeviceControllerFactory.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -58,11 +58,12 @@ CHIP_ERROR DeviceControllerFactory::Init(FactoryInitParams params)

// Save our initialization state that we can't recover later from a
// created-but-shut-down system state.
mListenPort = params.listenPort;
mFabricIndependentStorage = params.fabricIndependentStorage;
mOperationalKeystore = params.operationalKeystore;
mOpCertStore = params.opCertStore;
mEnableServerInteractions = params.enableServerInteractions;
mListenPort = params.listenPort;
mFabricIndependentStorage = params.fabricIndependentStorage;
mOperationalKeystore = params.operationalKeystore;
mOpCertStore = params.opCertStore;
mCertificateValidityPolicy = params.certificateValidityPolicy;
mEnableServerInteractions = params.enableServerInteractions;

CHIP_ERROR err = InitSystemState(params);

Expand All @@ -82,14 +83,15 @@ CHIP_ERROR DeviceControllerFactory::InitSystemState()
#if CONFIG_NETWORK_LAYER_BLE
params.bleLayer = mSystemState->BleLayer();
#endif
params.listenPort = mListenPort;
params.fabricIndependentStorage = mFabricIndependentStorage;
params.enableServerInteractions = mEnableServerInteractions;
params.groupDataProvider = mSystemState->GetGroupDataProvider();
params.sessionKeystore = mSystemState->GetSessionKeystore();
params.fabricTable = mSystemState->Fabrics();
params.operationalKeystore = mOperationalKeystore;
params.opCertStore = mOpCertStore;
params.listenPort = mListenPort;
params.fabricIndependentStorage = mFabricIndependentStorage;
params.enableServerInteractions = mEnableServerInteractions;
params.groupDataProvider = mSystemState->GetGroupDataProvider();
params.sessionKeystore = mSystemState->GetSessionKeystore();
params.fabricTable = mSystemState->Fabrics();
params.operationalKeystore = mOperationalKeystore;
params.opCertStore = mOpCertStore;
params.certificateValidityPolicy = mCertificateValidityPolicy;
}

return InitSystemState(params);
Expand Down Expand Up @@ -363,9 +365,10 @@ void DeviceControllerFactory::Shutdown()
Platform::Delete(mSystemState);
mSystemState = nullptr;
}
mFabricIndependentStorage = nullptr;
mOperationalKeystore = nullptr;
mOpCertStore = nullptr;
mFabricIndependentStorage = nullptr;
mOperationalKeystore = nullptr;
mOpCertStore = nullptr;
mCertificateValidityPolicy = nullptr;
}

void DeviceControllerSystemState::Shutdown()
Expand Down
11 changes: 6 additions & 5 deletions src/controller/CHIPDeviceControllerFactory.h
Original file line number Diff line number Diff line change
Expand Up @@ -251,11 +251,12 @@ class DeviceControllerFactory
CHIP_ERROR InitSystemState();

uint16_t mListenPort;
DeviceControllerSystemState * mSystemState = nullptr;
PersistentStorageDelegate * mFabricIndependentStorage = nullptr;
Crypto::OperationalKeystore * mOperationalKeystore = nullptr;
Credentials::OperationalCertificateStore * mOpCertStore = nullptr;
bool mEnableServerInteractions = false;
DeviceControllerSystemState * mSystemState = nullptr;
PersistentStorageDelegate * mFabricIndependentStorage = nullptr;
Crypto::OperationalKeystore * mOperationalKeystore = nullptr;
Credentials::OperationalCertificateStore * mOpCertStore = nullptr;
Credentials::CertificateValidityPolicy * mCertificateValidityPolicy = nullptr;
bool mEnableServerInteractions = false;
};

} // namespace Controller
Expand Down

0 comments on commit 10af55d

Please sign in to comment.