|
1 /* |
|
2 * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: IKEv2 plugin session, handles one IKEv2 vpn connection |
|
15 * |
|
16 */ |
|
17 |
|
18 #ifndef C_IKEV2PLUGINSESSION_H |
|
19 #define C_IKEV2PLUGINSESSION_H |
|
20 |
|
21 #include <e32base.h> |
|
22 |
|
23 #include "ikepluginsessionif.h" |
|
24 #include "ikev2receiver.h" |
|
25 #include "ikev2deactivationtimer.h" |
|
26 |
|
27 |
|
28 class MIkeDataInterface; |
|
29 class CIkev2PlugIn; |
|
30 class MKmdEventLoggerIf; |
|
31 class MIkeDebug; |
|
32 class CIkev2Negotiation; |
|
33 class CIkev2SA; |
|
34 class TIkev2SAData; |
|
35 class TIkeV2IpsecSAData; |
|
36 class CIkev2Receiver; |
|
37 class TIpsecSaSpec; |
|
38 class TIpsecSAData; |
|
39 class TPfkeyMessage; |
|
40 class CIpsecSaSpecList; |
|
41 class CPFKeySocketIf; |
|
42 class CIpsecPolicyUtil; |
|
43 class CIkev2MessageSendQueue; |
|
44 |
|
45 |
|
46 NONSHARABLE_CLASS(CIkev2PluginSession) : public CBase, |
|
47 public MIkePluginSessionIf, |
|
48 public MIkev2ReceiverCallback, |
|
49 public MIkev2DeactivationTimerCallback |
|
50 { |
|
51 public: |
|
52 static CIkev2PluginSession* NewL( TUint32 aVpnIapId, |
|
53 TUint32 aVpnNetId, |
|
54 TUint32 aVpnInterfaceIndex, |
|
55 MIkeDataInterface& aDataInterface, |
|
56 CIkev2PlugIn& aPlugin, |
|
57 CPFKeySocketIf& aPfKeySocketIf, |
|
58 CIpsecPolicyUtil& aIpsecPolicyUtil, |
|
59 MKmdEventLoggerIf& aEventLogger, |
|
60 MIkeDebug& aDebug ); |
|
61 ~CIkev2PluginSession(); |
|
62 |
|
63 /** |
|
64 * Starts negotiation with a peer. |
|
65 * |
|
66 * @param aIkeData IKE policy data |
|
67 * @param aVpnInterfaceIndex VPN interface index |
|
68 * @param aInternalAddress Internal address (returned) |
|
69 * @param aStatus Completion status (returned) |
|
70 */ |
|
71 void NegotiateWithHost( const CIkeData& aIkeData, |
|
72 TVPNAddress& aInternalAddress, |
|
73 TRequestStatus& aStatus ); |
|
74 |
|
75 /** |
|
76 * Cancels negotiate request. DeleteSession() method needs to be called |
|
77 * after this method to delete session. |
|
78 */ |
|
79 void CancelNegotiateWithHost(); |
|
80 |
|
81 /** |
|
82 * Deletes session. IKE/IPSec SA:s are deleted. |
|
83 * |
|
84 * @param aSilentClose Specified if a silent close in question (Delete |
|
85 * payloads not transmitted to peer) |
|
86 * @param aStatus Completion status (returned) |
|
87 */ |
|
88 void DeleteSession( const TBool aSilentClose, |
|
89 TRequestStatus& aStatus ); |
|
90 |
|
91 /** |
|
92 * Cancels deletion requests. IKE/IPSec SA:s are deleted. |
|
93 */ |
|
94 void CancelDeleteSession(); |
|
95 |
|
96 void NotifyError( TRequestStatus& aStatus ); |
|
97 |
|
98 /** |
|
99 * Cancels error notification request. |
|
100 */ |
|
101 void CancelNotifyError(); |
|
102 |
|
103 |
|
104 /** |
|
105 * Requests notification about change of internal address. |
|
106 * |
|
107 * @param aStatus Completion status (returned) |
|
108 */ |
|
109 void NotifyInternalAddressChanged( TVPNAddress& aInternalAddress, |
|
110 TRequestStatus& aStatus ); |
|
111 |
|
112 /** |
|
113 * Cancels internal address notification request. |
|
114 */ |
|
115 void CancelNotifyInternalAddressChanged(); |
|
116 |
|
117 void IkeMessageReceivedL( const ThdrISAKMP& aIkeMessage, |
|
118 const TInetAddr &aRemote, |
|
119 TUint16 aLocalPort ); |
|
120 |
|
121 void LinkNegotiation( CIkev2Negotiation* aNegotiation ); |
|
122 void RemoveNegotiation( CIkev2Negotiation* aNegotiation ); |
|
123 |
|
124 CIkev2SA* FindIkev2SA( TUint32 aSAId, |
|
125 TInt aRequiredState, |
|
126 TInt aNewState ); |
|
127 TBool UpdateIkev2SAL( TIkev2SAData* aIkev2SAData, |
|
128 TIkeV2IpsecSAData* aIpsecSAData ); |
|
129 TIkeV2IpsecSAData* FindIpsecSAData( TUint32 aSAId, |
|
130 const TDesC8& aSpi, |
|
131 TBool aInbound ); |
|
132 void DeleteIkev2SA( TUint32 aSAId ); |
|
133 |
|
134 TUint32 GetSAId(); |
|
135 TBool CreateIkev2SAL( TIkev2SAData& aIkev2SAData ); |
|
136 |
|
137 void IkeSaCompleted( TInt aStatus, |
|
138 TVPNAddress& aInternalAddress ); |
|
139 void VirtualIpChanged( TVPNAddress& VirtualIp ); |
|
140 |
|
141 void StartResponding(); |
|
142 void StopResponding(); |
|
143 |
|
144 void DeleteIpsecSAData( TUint32 aSAId, |
|
145 const TDesC8& aSpi, |
|
146 TBool aInbound ); |
|
147 |
|
148 void IkeSaDeleted( TInt aStatus ); |
|
149 |
|
150 CIpsecSaSpecList* GetIPsecSaSpecListL( const TInetAddr& aLocalAddr, |
|
151 const TInetAddr& aLocalMask, |
|
152 const TInetAddr& aRemoteAddr, |
|
153 const TInetAddr& aRemoteMask, |
|
154 TInt aProtocol ); |
|
155 |
|
156 TBool InheritIpsecSas( TUint32 aDstSAId, |
|
157 TUint32 aSrcSAId ); |
|
158 |
|
159 TUint32 VpnInterfaceIndex() const; |
|
160 TBool RemoteAddrChanged( TIkev2SAData* aIkev2SAData, |
|
161 TInetAddr& aNewIp ); |
|
162 |
|
163 void KeepAliveIkeSAL( TIkev2SAData* aIkev2SAdata ); |
|
164 CIkev2Negotiation* FindNegotiation( TUint32 aSAId, |
|
165 TInt aRequiredState ); |
|
166 |
|
167 TBool DeleteIkeSAL( TIkev2SAData* aIkev2SAdata, |
|
168 TBool aNormal ); |
|
169 void RekeyIkeSAL( TIkev2SAData* aIkev2SAdata ); |
|
170 |
|
171 void DeleteIpsecSA( const TUint32 aSPI, |
|
172 const TInetAddr& aSrc, |
|
173 const TInetAddr& aDst, |
|
174 const TUint8 aProtocol ); |
|
175 |
|
176 void AddSAL( const TIpsecSAData& aSAData ); |
|
177 void UpdateSAL( const TIpsecSAData& aSAData ); |
|
178 |
|
179 void PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage ); |
|
180 |
|
181 TBool MatchDestinationAddress( const TInetAddr& aDestAddr ) const; |
|
182 |
|
183 // from base class MIkev2ReceiverCallback |
|
184 |
|
185 /** |
|
186 * From MIkev2ReceiverCallback. |
|
187 * Notification about received IKE message. |
|
188 * @param aIkeMsg IKE message |
|
189 * @param aSrcAddr Source IP address/port |
|
190 * @param aLocalPort Local port |
|
191 */ |
|
192 void IkeMsgReceived( const ThdrISAKMP& aIkeMsg, |
|
193 const TInetAddr& aSrcAddr, |
|
194 TInt aLocalPort); |
|
195 |
|
196 /** |
|
197 * From MIkev2ReceiverCallback. |
|
198 * Notification about receive error. |
|
199 * @param aStatus Error value |
|
200 */ |
|
201 void ReceiveError( TInt aError ); |
|
202 |
|
203 |
|
204 // from base class MIkev2DeactivationTimerCallback |
|
205 |
|
206 /** |
|
207 * From MIkev2DeactivationTimerCallback |
|
208 * Notification about deactivation timeout. |
|
209 */ |
|
210 void DeactivationTimeout(); |
|
211 |
|
212 |
|
213 private: |
|
214 CIkev2PluginSession( TUint32 aVpnIapId, |
|
215 TUint32 aVpnNetId, |
|
216 TUint32 aVpnInterfaceIndex, |
|
217 MIkeDataInterface& aDataInterface, |
|
218 CIkev2PlugIn& aPlugin, |
|
219 CPFKeySocketIf& aPfKeySocketIf, |
|
220 CIpsecPolicyUtil& aIpsecPolicyUtil, |
|
221 MKmdEventLoggerIf& aEventLogger, |
|
222 MIkeDebug& aDebug ); |
|
223 void ConstructL(); |
|
224 |
|
225 |
|
226 void DoNegotiateWithHostL( const CIkeData& aIkeData ); |
|
227 void DoDeleteIkeSAExhangeL( TIkev2SAData& aIkev2SAdata ); |
|
228 |
|
229 TIkev2SAData* FindIkev2SAData( TUint32 aSAId, |
|
230 TInt aRequiredState, |
|
231 TInt aNewState ); |
|
232 TBool CheckIkeMessageHeader( const ThdrISAKMP& aIkeMessage, |
|
233 TUint32& NegotiationId ); |
|
234 void PfkeyMessageReceivedL( const TPfkeyMessage& aPfkeyMessage ); |
|
235 |
|
236 /** |
|
237 * Handles completion of client's negotiate request. |
|
238 * @param aStatus Status |
|
239 */ |
|
240 void DoCompleteNegotiateWithHost( TInt aStatus ); |
|
241 |
|
242 /** |
|
243 * Handles completion of client's delete session request. |
|
244 * @param aStatus Status |
|
245 */ |
|
246 void DoCompleteDeleteSession( TInt aStatus ); |
|
247 |
|
248 /** |
|
249 * Handles completion of client's notify error request. |
|
250 * @param aStatus Status |
|
251 */ |
|
252 void DoCompleteNotifyError( TInt aStatus ); |
|
253 |
|
254 /** |
|
255 * Cancels active operations. |
|
256 */ |
|
257 void DoCancelActiveOperations(); |
|
258 |
|
259 /** |
|
260 * Cancels data transfer. |
|
261 */ |
|
262 void DoCancelDataTransfer(); |
|
263 |
|
264 private: // data |
|
265 |
|
266 TUint32 iVpnIapId; |
|
267 TUint32 iVpnNetId; |
|
268 MIkeDataInterface& iDataInterface; |
|
269 CIkev2PlugIn& iPlugin; |
|
270 CPFKeySocketIf& iPfKeySocketIf; |
|
271 CIpsecPolicyUtil& iIpsecPolicyUtil; |
|
272 MKmdEventLoggerIf& iEventLogger; |
|
273 MIkeDebug& iDebug; |
|
274 |
|
275 TUint32 iSAIdSeed; |
|
276 TUint32 iVpnInterfaceIndex; |
|
277 |
|
278 |
|
279 TRequestStatus* iClientStatusNegotiate; |
|
280 TVPNAddress* iInternalAddress; //Not owned by this class |
|
281 CIkeData* iIkeData; |
|
282 |
|
283 CIkev2Negotiation* iFirstNegotiation; |
|
284 CIkev2SA* iFirstIkev2SA; |
|
285 |
|
286 TRequestStatus* iClientStatusDelete; |
|
287 |
|
288 CIkev2Receiver* iReceiver; |
|
289 CIkev2MessageSendQueue* iMessageSendQue; |
|
290 |
|
291 TRequestStatus* iClientStatusInternalAddressChange; |
|
292 TVPNAddress* iChangedInternalAddress; |
|
293 |
|
294 TUint32 iCurrIkeSaRespCount; |
|
295 |
|
296 TRequestStatus* iClientStatusNotifyError; |
|
297 |
|
298 CIkev2DeactivationTimer* iDeactivationTimer; |
|
299 TBool iActivated; |
|
300 }; |
|
301 |
|
302 |
|
303 #endif //C_IKEV2PLUGINSESSION_H |