Security:Cynara:Agent

From Tizen Wiki
Jump to: navigation, search

What is agent

Agents are applications meant to perform some action which plugin is not able to perform itself. Action is specific for agent and data which is given in request so agent may be able to perform more then one action. Agents are used by cynara plugins and not by cynara directly. An example of agent is UI agent for plugin serving Ask User policy . Such action may not be performed by plugin itself so it calls Ask User agent.

Communication

If plugin is not able to give direct answer it calls agent through cynara communication mechanism. Agent is communicating with cynara through agent API Agent receives request from plugin which may be of type:

  • Action - perform action on given data
  • Cancel - cancel performing action

After performing action agent sends response to cynara. Such answer goes to plugin which requested the action and now plugin.

Implementation

One must do the following steps to create agent:

  1. call int cynara_agent_initialize(cynara_agent **pp_cynara_agent, const char *p_agent_type) which will create instance of cynara agent. p_agent_type must be correct name of agent. The same name will be used by plugin for sending request.
  2. call int cynara_agent_get_request(cynara_agent *p_cynara_agent, cynara_agent_msg_type *req_type, cynara_agent_req_id *req_id, void **data, size_t *data_size) which will register agent in cynara service and wait for request. req_type, req_id, data and data_size will be filled with proper data from plugin when this function returns CYNARA_API_SUCCESS.
  3. perform some action on data from request
  4. call int cynara_agent_put_response(cynara_agent *p_cynara_agent, const cynara_agent_msg_type resp_type, const cynara_agent_req_id req_id, const void *data, const size_t data_size) to send response to plugin. resp_type and req_id must be those obtained from cynara_agent_get_request(). data must contain answer and data_size must be equal to number of bytes of data
  5. call int cynara_agent_finish(cynara_agent *p_cynara_agent) to destroy agent instance when one decided that agent has finished its job.

Steps 2 - 4 may be looped to process more than one request.

It may be needed to create multi-threaded application in order to act immediately on cynara request. In such situation int cynara_agent_get_request() should be called in separate thread.

Example

The very first implementation of agent is Ask User application which is simple UI application allowing user decision on requested privilege. Agent is a daemon which is started by systemd. After starting it registers in cynara and waits for requests form cynara plugins. UI of this application is based on tizen notification system. Bellow is presented screen shot of Ask User window.

AskUser.png

Its appearance leaves much to be desired but currently tizen notification system is very limited. Source code of this agent may be downloaded from [askuser]