|
1 /** @file |
|
2 * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Defines the CUpnpSecAccessController class |
|
15 * |
|
16 */ |
|
17 |
|
18 // INCLUDES |
|
19 #include <e32base.h> |
|
20 #include <upnpmediaserversettings.h> |
|
21 #include "upnpsecaccesscontroller.h" |
|
22 #include "upnpsecuritymanagerclientsession.h" |
|
23 |
|
24 _LIT( KComponentLogfile, "upnpsecurity.txt"); |
|
25 #include "upnplog.h" |
|
26 |
|
27 // CONSTANTS |
|
28 |
|
29 _LIT8( KSecurityPluginName, "UpnpSecurityManager" ); |
|
30 _LIT( KMediaServerXMLFile, "MediaServer1\\MediaServer1.xml" ); |
|
31 _LIT( KConnectionManagerXMLFile, "MediaServer1\\ConnectionManager1.xml" ); |
|
32 _LIT( KContentDirectoryXMLFile, "MediaServer1\\ContentDirectory1.xml" ); |
|
33 _LIT( KIconFile0, "MediaServer1\\icon\\0" ); |
|
34 _LIT( KIconFile1, "MediaServer1\\icon\\1" ); |
|
35 _LIT( KIconFile2, "MediaServer1\\icon\\2" ); |
|
36 _LIT( KIconFile3, "MediaServer1\\icon\\3" ); |
|
37 _LIT8( KGetProtocolInfo, "GetProtocolInfo" ); |
|
38 |
|
39 // ============================= MEMBER FUNCTIONS ============================== |
|
40 |
|
41 // ----------------------------------------------------------------------------- |
|
42 // CUpnpSecAccessController::NewL |
|
43 // ----------------------------------------------------------------------------- |
|
44 // |
|
45 EXPORT_C CUpnpSecAccessController* CUpnpSecAccessController::NewL() |
|
46 { |
|
47 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::NewL" ); |
|
48 |
|
49 CUpnpSecAccessController* self = new (ELeave) CUpnpSecAccessController; |
|
50 CleanupStack::PushL( self ); |
|
51 self->ConstructL(); |
|
52 CleanupStack::Pop( self ); |
|
53 return self; |
|
54 } |
|
55 |
|
56 // ----------------------------------------------------------------------------- |
|
57 // CUpnpSecAccessController::ConstructL |
|
58 // ----------------------------------------------------------------------------- |
|
59 // |
|
60 void CUpnpSecAccessController::ConstructL() |
|
61 { |
|
62 iSecurityManagerClientSession = new (ELeave) RUpnpSecurityManagerClientSession(); |
|
63 User::LeaveIfError( iSecurityManagerClientSession->Connect( ) ); |
|
64 } |
|
65 |
|
66 // ----------------------------------------------------------------------------- |
|
67 // CUpnpSecAccessController::CUpnpSecAccessController |
|
68 // Constructor. |
|
69 // ----------------------------------------------------------------------------- |
|
70 // |
|
71 CUpnpSecAccessController::CUpnpSecAccessController() |
|
72 { |
|
73 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
74 CUpnpSecAccessController" ); |
|
75 } |
|
76 |
|
77 // ----------------------------------------------------------------------------- |
|
78 // CUpnpSecAccessController::~CUpnpSecAccessController |
|
79 // Destructor. |
|
80 // ----------------------------------------------------------------------------- |
|
81 // |
|
82 EXPORT_C CUpnpSecAccessController::~CUpnpSecAccessController() |
|
83 { |
|
84 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
85 ~CUpnpSecAccessController" ); |
|
86 if ( iSecurityManagerClientSession ) |
|
87 { |
|
88 iSecurityManagerClientSession->Close(); |
|
89 delete iSecurityManagerClientSession; |
|
90 } |
|
91 } |
|
92 |
|
93 // ----------------------------------------------------------------------------- |
|
94 // CUpnpSecAccessController::EnableMediaServerSecurityL |
|
95 // Enables the security plugin in Media Server. |
|
96 // ----------------------------------------------------------------------------- |
|
97 // |
|
98 EXPORT_C void CUpnpSecAccessController::EnableMediaServerSecurityL() |
|
99 { |
|
100 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
101 EnableMediaServerSecurityL" ); |
|
102 SetSecurityManagerSettingL( KSecurityPluginName ); |
|
103 } |
|
104 |
|
105 // ----------------------------------------------------------------------------- |
|
106 // CUpnpSecAccessController::DisableMediaServerSecurityL |
|
107 // Disables the security plugin in Media Server. |
|
108 // ----------------------------------------------------------------------------- |
|
109 // |
|
110 EXPORT_C void CUpnpSecAccessController::DisableMediaServerSecurityL() |
|
111 { |
|
112 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
113 DisableMediaServerSecurityL" ); |
|
114 SetSecurityManagerSettingL( KNullDesC8 ); |
|
115 } |
|
116 |
|
117 // ----------------------------------------------------------------------------- |
|
118 // CUpnpSecAccessController::SetSecurityManagerSettingL |
|
119 // ----------------------------------------------------------------------------- |
|
120 // |
|
121 void CUpnpSecAccessController::SetSecurityManagerSettingL( const TDesC8& aSettingToSet ) |
|
122 { |
|
123 CUpnpMediaServerSettings* settings = CUpnpMediaServerSettings::NewL(); |
|
124 CleanupStack::PushL( settings ); |
|
125 User::LeaveIfError( settings->SetL( |
|
126 UpnpMediaServerSettings::ESecurityManager, aSettingToSet ) ); |
|
127 // Clean up |
|
128 CleanupStack::PopAndDestroy( settings ); |
|
129 } |
|
130 |
|
131 // ----------------------------------------------------------------------------- |
|
132 // CUpnpSecAccessController::IsMediaServerSecurityEnabledL |
|
133 // Returns the status of the Media Server security plugin. |
|
134 // ----------------------------------------------------------------------------- |
|
135 // |
|
136 EXPORT_C TBool CUpnpSecAccessController::IsMediaServerSecurityEnabledL() |
|
137 { |
|
138 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
139 IsMediaServerSecurityEnabledL" ); |
|
140 |
|
141 TBool returnValue = EFalse; |
|
142 CUpnpMediaServerSettings* settings = CUpnpMediaServerSettings::NewL(); |
|
143 CleanupStack::PushL( settings ); |
|
144 HBufC8* value = |
|
145 settings->GetL( UpnpMediaServerSettings::ESecurityManager ); |
|
146 CleanupStack::PushL( value ); |
|
147 if ( value && value->Des() != KNullDesC8 ) |
|
148 { |
|
149 returnValue = ETrue; |
|
150 } |
|
151 // Clean up |
|
152 CleanupStack::PopAndDestroy( value ); |
|
153 value = NULL; |
|
154 CleanupStack::PopAndDestroy( settings ); |
|
155 settings = NULL; |
|
156 return returnValue; |
|
157 } |
|
158 |
|
159 // ----------------------------------------------------------------------------- |
|
160 // CUpnpSecAccessController::AddAllowedFile |
|
161 // Adds file to notifier allowed list. |
|
162 // ----------------------------------------------------------------------------- |
|
163 // |
|
164 EXPORT_C TInt CUpnpSecAccessController::AddAllowedFile( |
|
165 const TDesC& aFileName ) |
|
166 { |
|
167 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::AddAllowedFile" ); |
|
168 |
|
169 TInt error = KErrNone; |
|
170 if ( !IsAllowedFile( aFileName ) ) |
|
171 { |
|
172 TRAP(error, iSecurityManagerClientSession->AddFileL( aFileName )); |
|
173 } |
|
174 return error; |
|
175 } |
|
176 |
|
177 // ----------------------------------------------------------------------------- |
|
178 // CUpnpSecAccessController::RemoveAllowedFile |
|
179 // Removes file from notifier allowed list. |
|
180 // ----------------------------------------------------------------------------- |
|
181 // |
|
182 EXPORT_C TInt CUpnpSecAccessController::RemoveAllowedFile( |
|
183 const TDesC& aFileName ) |
|
184 { |
|
185 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::RemoveAllowedFile" ); |
|
186 |
|
187 TInt error = KErrNone; |
|
188 if ( !IsAllowedFile( aFileName ) ) |
|
189 { |
|
190 // We're not expecting an answer... |
|
191 TRAP(error, iSecurityManagerClientSession->RemoveFileL( aFileName )); |
|
192 } |
|
193 return error; |
|
194 } |
|
195 |
|
196 // ----------------------------------------------------------------------------- |
|
197 // CUpnpSecAccessController::AddAllowedAddress |
|
198 // Adds IP Address to notifier allowed list. |
|
199 // ----------------------------------------------------------------------------- |
|
200 // |
|
201 EXPORT_C TInt CUpnpSecAccessController::AddAllowedAddress( |
|
202 const TInetAddr& aIpAddress ) |
|
203 { |
|
204 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::AddAllowedAddress" ); |
|
205 TInt error = KErrNone; |
|
206 TRAP( error, iSecurityManagerClientSession->AddAddressL( aIpAddress )); |
|
207 return error; |
|
208 } |
|
209 |
|
210 // ----------------------------------------------------------------------------- |
|
211 // CUpnpSecAccessController::RemoveAllowedAddress |
|
212 // Removes IP address from notifier allowed list. |
|
213 // ----------------------------------------------------------------------------- |
|
214 // |
|
215 EXPORT_C TInt CUpnpSecAccessController::RemoveAllowedAddress( |
|
216 const TInetAddr& aIpAddress ) |
|
217 { |
|
218 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::AddAllowedAddress" ); |
|
219 TInt error = KErrNone; |
|
220 TRAP( error, iSecurityManagerClientSession->RemoveAddressL( aIpAddress )); |
|
221 return error; |
|
222 } |
|
223 |
|
224 // ----------------------------------------------------------------------------- |
|
225 // CUpnpSecAccessController::ResetFileList |
|
226 // Resets allowed files list. |
|
227 // ----------------------------------------------------------------------------- |
|
228 // |
|
229 EXPORT_C TInt CUpnpSecAccessController::ResetFileList() |
|
230 { |
|
231 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::ResetFileList" ); |
|
232 |
|
233 TInt error = KErrNone; |
|
234 TRAP( error, iSecurityManagerClientSession->ResetFileListL() ); |
|
235 return error; |
|
236 } |
|
237 |
|
238 // ----------------------------------------------------------------------------- |
|
239 // CUpnpSecAccessController::ResetAddressList |
|
240 // Resets allowed addresses list. |
|
241 // ----------------------------------------------------------------------------- |
|
242 // |
|
243 EXPORT_C TInt CUpnpSecAccessController::ResetAddressList() |
|
244 { |
|
245 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::ResetAddressList" ); |
|
246 |
|
247 TInt error = KErrNone; |
|
248 TRAP( error, iSecurityManagerClientSession->ResetAddressListL()); |
|
249 return error; |
|
250 } |
|
251 |
|
252 // ----------------------------------------------------------------------------- |
|
253 // CUpnpSecAccessController::QueryAuthorizationL |
|
254 // Query user to authorize connection from an IP-address. |
|
255 // ----------------------------------------------------------------------------- |
|
256 // |
|
257 EXPORT_C void CUpnpSecAccessController::QueryAuthorizationL( |
|
258 const TInetAddr& aIpAddress ) |
|
259 { |
|
260 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController:: QueryAuthorizationL" ); |
|
261 |
|
262 iSecurityManagerClientSession->QueryAuthorisationL( aIpAddress ); |
|
263 } |
|
264 |
|
265 // ----------------------------------------------------------------------------- |
|
266 // CUpnpSecAccessController::CheckAuthorizationL |
|
267 // Checks if the given IP-address/action/file is authorized. |
|
268 // ----------------------------------------------------------------------------- |
|
269 // |
|
270 EXPORT_C void CUpnpSecAccessController::CheckAuthorizationL( |
|
271 const TInetAddr& aIpAddress, const TDesC& aFileName, |
|
272 const TDesC8& aActionName ) |
|
273 { |
|
274 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::\ |
|
275 CheckAuthorizationL" ); |
|
276 |
|
277 TBool authorized = EFalse; |
|
278 |
|
279 // First, check if the access to the file can be automatically authorized |
|
280 if ( aFileName != KNullDesC ) |
|
281 { |
|
282 authorized = IsAllowedFile( aFileName ); |
|
283 } |
|
284 |
|
285 // If file was not authorized, check the action |
|
286 if ( !authorized && aActionName != KNullDesC8 ) |
|
287 { |
|
288 authorized = IsAllowedAction( aActionName ); |
|
289 } |
|
290 |
|
291 // If neither file or action were authorized, query the authorization |
|
292 // from the notifier |
|
293 if ( !authorized ) |
|
294 { |
|
295 TAccessType accessType = iSecurityManagerClientSession->CheckAuthorizationL( |
|
296 aIpAddress, aFileName ); |
|
297 |
|
298 // If the address, file or both are allowed, authorize the access |
|
299 if ( accessType == EAddressAllowed || accessType == EFileAllowed |
|
300 || accessType == EFileAndAddressAllowed ) |
|
301 { |
|
302 authorized = ETrue; |
|
303 } |
|
304 } |
|
305 |
|
306 // Leave if not authorized |
|
307 if ( !authorized ) |
|
308 { |
|
309 User::Leave( KErrAccessDenied ); |
|
310 } |
|
311 } |
|
312 |
|
313 // ----------------------------------------------------------------------------- |
|
314 // CUpnpSecAccessController::IsAllowedFile |
|
315 // Checks if the requested file is automatically allowed. |
|
316 // ----------------------------------------------------------------------------- |
|
317 // |
|
318 TBool CUpnpSecAccessController::IsAllowedFile( const TDesC& aFileName ) |
|
319 { |
|
320 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::IsAllowedFile" ); |
|
321 |
|
322 TBool returnValue = EFalse; |
|
323 if ( aFileName.Length( ) > 0 ) |
|
324 { |
|
325 // Do folded find (non-case-sensitive) |
|
326 if ( aFileName.FindF( KMediaServerXMLFile ) != KErrNotFound |
|
327 || aFileName.FindF( KConnectionManagerXMLFile ) |
|
328 != KErrNotFound |
|
329 || aFileName.FindF( KContentDirectoryXMLFile ) |
|
330 != KErrNotFound |
|
331 || aFileName.FindF( KIconFile0 ) != KErrNotFound |
|
332 || aFileName.FindF( KIconFile1 ) != KErrNotFound |
|
333 || aFileName.FindF( KIconFile2 ) != KErrNotFound |
|
334 || aFileName.FindF( KIconFile3 ) != KErrNotFound ) |
|
335 { |
|
336 returnValue = ETrue; |
|
337 } |
|
338 } |
|
339 return returnValue; |
|
340 } |
|
341 |
|
342 // ----------------------------------------------------------------------------- |
|
343 // CUpnpSecAccessController::IsAllowedAction |
|
344 // Checks if the requested action is automatically allowed. |
|
345 // ----------------------------------------------------------------------------- |
|
346 // |
|
347 TBool CUpnpSecAccessController::IsAllowedAction( const TDesC8& aActionName ) |
|
348 { |
|
349 __LOG( "[UpnpSecurity]\t CUpnpSecAccessController::IsAllowedAction" ); |
|
350 |
|
351 TBool returnValue = EFalse; |
|
352 if ( aActionName.Length( ) > 0 ) |
|
353 { |
|
354 if ( aActionName.CompareF( KGetProtocolInfo ) == 0 ) |
|
355 { |
|
356 returnValue = ETrue; |
|
357 } |
|
358 } |
|
359 return returnValue; |
|
360 } |
|
361 |
|
362 // End of File |