--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,131 @@
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for VPN components
+*
+*/
+
+#include <platform_paths.hrh>
+
+PRJ_EXPORTS
+
+#ifdef FF_VPN_CLIENT
+../vpnengine/dmadengine/rom/dmadengine.iby CORE_MW_LAYER_IBY_EXPORT_PATH(dmadengine.iby)
+../vpnengine/dmadipsecvpn/rom/dmadipsecvpn.iby CORE_MW_LAYER_IBY_EXPORT_PATH(dmadipsecvpn.iby)
+../vpnengine/dmadpki/rom/dmadpki.iby CORE_MW_LAYER_IBY_EXPORT_PATH(dmadpki.iby)
+../vpnengine/eventmediator/rom/eventmediator.iby CORE_MW_LAYER_IBY_EXPORT_PATH(eventmediator.iby)
+../vpnengine/eventmediatorapi/rom/eventmediatorapi.iby CORE_MW_LAYER_IBY_EXPORT_PATH(eventmediatorapi.iby)
+../vpnengine/eventviewer/rom/eventviewer.iby CORE_MW_LAYER_IBY_EXPORT_PATH(eventviewer.iby)
+../vpnengine/ikepolparser/rom/ikepolparser.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikepolparser.iby)
+../vpnengine/ikesocket/rom/ikesocket.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikesocket.iby)
+../vpnengine/ikecert/rom/ikecert.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikecert.iby)
+../vpnengine/kmdapi/rom/kmdapi.iby CORE_MW_LAYER_IBY_EXPORT_PATH(kmdapi.iby)
+../vpnengine/kmdserver/rom/kmdserver.iby CORE_MW_LAYER_IBY_EXPORT_PATH(kmdserver.iby)
+../vpnengine/ikeutils/rom/ikeutils.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikeutils.iby)
+../vpnengine/ikev1lib/rom/ikev1lib.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikev1lib.iby)
+../vpnengine/ikev2lib/rom/ikev2lib.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ikev2lib.iby)
+../vpnengine/pkiservice/rom/pkiservice.iby CORE_MW_LAYER_IBY_EXPORT_PATH(pkiservice.iby)
+../vpnengine/pkiserviceapi/rom/pkiserviceapi.iby CORE_MW_LAYER_IBY_EXPORT_PATH(pkiserviceapi.iby)
+../vpnengine/sit/rom/eventmedsit.iby CORE_MW_LAYER_IBY_EXPORT_PATH(eventmedsit.iby)
+../vpnengine/utlbase64/rom/utlbase64.iby CORE_MW_LAYER_IBY_EXPORT_PATH(utlbase64.iby)
+../vpnengine/utlcrypto/rom/utlcrypto.iby CORE_MW_LAYER_IBY_EXPORT_PATH(utlcrypto.iby)
+../vpnengine/utlpkcs10/rom/utlpkcs10.iby CORE_MW_LAYER_IBY_EXPORT_PATH(utlpkcs10.iby)
+../vpnengine/utlpkcs12/rom/utlpkcs12.iby CORE_MW_LAYER_IBY_EXPORT_PATH(utlpkcs12.iby)
+../vpnengine/utlxml/rom/utlxml.iby CORE_MW_LAYER_IBY_EXPORT_PATH(utlxml.iby)
+../vpnengine/vpncleaner/rom/vpncleaner.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpncleaner.iby)
+../vpnengine/vpnconnagt/rom/vpnconnagt.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnconnagt.iby)
+../vpnengine/vpnmanager/rom/vpnmanager.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnmanager.iby)
+../vpnengine/vpnins/rom/vpnins.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnins.iby)
+../vpnengine/vpnipsecpolparser/rom/vpnipsecpolparser.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnipsecpolparser.iby)
+
+../vpnui/vpnecomnotifier/rom/vpnecomnotifier.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnecomnotifier.iby)
+../vpnui/vpndialogmanager/rom/vpndialogmanager.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpndialogmanager.iby)
+../vpnui/vpnmanagementui/rom/vpnmanagementui.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnmanagementui.iby)
+../vpnui/vpnpolins/rom/vpnpolins.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnpolins.iby)
+
+../vpnui/vpnecomnotifier/rom/vpnecomnotifierResources.iby LANGUAGE_MW_LAYER_IBY_EXPORT_PATH(vpnecomnotifierResources.iby)
+../vpnui/vpnmanagementui/rom/vpnmanagementuiResources.iby LANGUAGE_MW_LAYER_IBY_EXPORT_PATH(vpnmanagementuiResources.iby)
+
+#ifndef FF_GENERIC_ACCESS_NETWORK // UMA not supported
+../vpnui/vpnpolicyrecognizer/rom/vpnpolicyrecognizer.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnpolicyrecognizer.iby)
+../rom/ipsecvpn.iby CORE_MW_LAYER_IBY_EXPORT_PATH(ipsecvpn.iby)
+#endif
+
+
+#endif // FF_VPN_CLIENT
+
+// vpnapi.dll should be in rom always
+../vpnapiimpl/rom/vpnapi.iby CORE_MW_LAYER_IBY_EXPORT_PATH(vpnapi.iby)
+
+// export localised loc file
+../vpnui/vpnecomnotifier/loc/vpnnotifier.loc MW_LAYER_LOC_EXPORT_PATH(vpnnotifier.loc)
+
+./vpnclient_version_update.flm /epoc32/tools/makefile_templates/vpnclient/vpnclient_version_update.flm
+./vpnclient_version_update.xml /epoc32/tools/makefile_templates/vpnclient/vpnclient_version_update.xml
+
+
+PRJ_MMPFILES
+
+// Update version information
+#ifndef SBSV2
+gnumakefile vpnclient_version_update.make
+#endif
+
+#include "../vpnc_plat/vpnapi/group/bld.inf"
+#include "../vpnapiimpl/group/bld.inf"
+
+#include "../vpnengine/eventmediatorapi/group/bld.inf"
+#include "../vpnengine/eventviewer/group/bld.inf"
+#include "../vpnengine/vpnins/group/bld.inf"
+#include "../vpnengine/ikepolparser/group/bld.inf"
+#include "../vpnengine/utlbase64/group/bld.inf"
+#include "../vpnengine/utlcrypto/group/bld.inf"
+#include "../vpnengine/utlxml/group/bld.inf"
+#include "../vpnengine/utlpkcs10/group/bld.inf"
+
+#include "../vpnengine/pkiserviceapi/group/bld.inf"
+#include "../vpnengine/ikecert/group/bld.inf"
+#include "../vpnengine/kmdapi/group/bld.inf"
+#include "../vpnengine/kmdserver/group/bld.inf"
+#include "../vpnengine/ikeutils/group/bld.inf"
+#include "../vpnengine/ikev1lib/group/bld.inf"
+#include "../vpnengine/ikev2lib/group/bld.inf"
+#include "../vpnengine/vpnipsecpolparser/group/bld.inf"
+#include "../vpnengine/sit/group/bld.inf"
+
+#include "../vpnengine/vpntcwrapper/group/bld.inf"
+#include "../vpnui/vpnecomnotifier/group/bld.inf"
+#include "../vpnui/vpndialogmanager/group/bld.inf"
+#include "../vpnengine/eventmediator/group/bld.inf"
+#include "../vpnengine/pkiservice/group/bld.inf"
+#include "../vpnengine/vpnconnagt/group/bld.inf"
+#include "../vpnengine/vpnmanager/group/bld.inf"
+#include "../vpnui/vpnmanagementui/group/bld.inf"
+#include "../vpnui/vpnpolins/group/bld.inf"
+#include "../vpnui/vpnpolicyrecognizer/group/bld.inf"
+#include "../vpnengine/vpncleaner/group/bld.inf"
+
+#include "../vpnengine/utlpkcs12/group/bld.inf"
+#include "../vpnengine/dmadengine/group/bld.inf"
+#include "../vpnengine/dmadipsecvpn/group/bld.inf"
+#include "../vpnengine/dmadpki/group/bld.inf"
+#include "../vpnengine/ikesocket/group/bld.inf"
+
+#include "../help/group/bld.inf"
+
+PRJ_EXTENSIONS
+
+#ifdef SBSV2
+START EXTENSION vpnclient/version_update vpnclient_vu
+END
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/group/update_version_h.pl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,85 @@
+#
+# Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+# Updates version.h information with current date.
+#
+
+use strict;
+use Cwd;
+use POSIX qw(strftime);
+
+my $PLATFORM_LONG = "4_2";
+my $PLATFORM_SHORT = "42";
+
+sub update_version_h
+{
+ my ($version_path, $platform) = @_;
+
+ # Check path
+ if (! -e $version_path)
+ {
+ die "version.h can't be found from $version_path";
+ }
+
+ # Form version strings
+ my $version = strftime($platform."_%y%m%d", localtime());
+ my $builddate = localtime();
+
+ # Backup
+ if (-e "$version_path.BACKUP")
+ {
+ chmod 0666, "$version_path.BACKUP";
+ unlink "$version_path.BACKUP";
+ }
+ chmod 0666, $version_path;
+ rename $version_path, "$version_path.BACKUP";
+
+ my ($infile, $outfile);
+ open $infile, "<$version_path.BACKUP" or die "Can't open $version_path.BACKUP : $!";
+ open $outfile, ">$version_path" or die "Can't open $version_path : $!";
+ while (<$infile>)
+ {
+ my $line = $_;
+ my $pattern1 = '_LIT\(KVersion.*?;';
+ my $replacement1 = "_LIT(KVersion, \"$version\");";
+
+ my $pattern2 = '_LIT\(KBuildDate.*?;';
+ my $replacement2 = "_LIT(KBuildDate, \"$builddate\");";
+
+ if ($line =~ s/$pattern1/$replacement1/g)
+ {
+ print "Updated KVersion\n";
+ }
+ elsif ($line =~ s/$pattern2/$replacement2/g)
+ {
+ print "Updated KBuildDate\n";
+ }
+ print $outfile $line;
+ }
+ close $infile;
+ close $outfile;
+}
+
+
+my $oldpwd = getcwd();
+chdir "..";
+
+### VERSION.H ###########
+
+# version.h
+update_version_h(
+ 'vpnengine/vpncommon/inc/version.h',
+ $PLATFORM_LONG);
+
+chdir $oldpwd;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/group/vpnclient_version_update.flm Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of the License "Symbian Foundation License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.symbianfoundation.org/legal/sfl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+#
+
+# ============================================================================
+# vpnclient_version_update.flm
+# This flm will update the version of vpnclient into generated version.h file.
+#
+# Version update Function Like Makefile (FLM)
+# The file destinations relative to EPOCROOT
+# ============================================================================
+
+
+define updateversion
+$(GUARD):=1
+
+BITMAP:: $(EXTENSION_ROOT)/$(VU_TOOL)
+ $(call startrule,vpnclient_version_update,FORCESUCCESS) \
+ cd $(EXTENSION_ROOT) && $(PERL) $(VU_TOOL) \
+ $(call endrule,vpnclient_version_update)
+endef
+
+ifeq ($($(GUARD)),)
+$(eval -$(updateversion))
+endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/group/vpnclient_version_update.make Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,4 @@
+MAKMAKE :
+ echo Update VpnClient version.h
+ perl update_version_h.pl
+BLD FREEZE CLEANLIB RESOURCE LIB RELEASABLES CLEAN SAVESPACE FINAL:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/group/vpnclient_version_update.xml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+#
+# Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of the License "Symbian Foundation License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.symbianfoundation.org/legal/sfl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+#
+# ============================================================================
+# Name : vpnclient_version_update.xml
+# Part of : vpnclient
+# Description :
+# Version : %version: 1 %
+# ============================================================================
+-->
+
+<build xmlns="http://symbian.com/xml/build" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://symbian.com/xml/build ../../schema/build/2_0.xsd">
+ <interface name="vpnclient.version_update" extends="Symbian.UserFLM" flm="vpnclient_version_update.flm">
+
+ <!-- Tool(s) -->
+ <param name='VU_TOOL' default="update_version_h.pl"/>
+ <param name='PERL' default="perl$(DOTEXE)"/>
+
+ </interface>
+</build>
\ No newline at end of file
Binary file help/data/xhtml.zip has changed
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/help/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,29 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - Initial contribution
+*
+* Contributors:
+*
+*
+* Description:
+* Export help related files.
+*
+*/
+
+#include <platform_paths.hrh>
+PRJ_EXPORTS
+:zip ../data/xhtml.zip /epoc32/data/z/resource/ overwrite
+:zip ../data/xhtml.zip /epoc32/winscw/c/resource/ overwrite
+
+../inc/vpn.hlp.hrh MW_LAYER_PLATFORM_EXPORT_PATH(csxhelp/vpn.hlp.hrh)
+
+#ifndef FF_GENERIC_ACCESS_NETWORK // UMA not supported
+../rom/vpnclienthelps_variant.iby CUSTOMER_APP_LAYER_IBY_EXPORT_PATH(vpnclienthelps_variant.iby)
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/help/inc/vpn.hlp.hrh Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Symbian Foundation License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.symbianfoundation.org/legal/sfl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+//
+// vpn.hlp.hrh generated by CSXHelp Utilities.
+//
+
+#ifndef __VPN_HLP_HRH__
+#define __VPN_HLP_HRH__
+
+_LIT(KSET_HLP_VPN_LOG_VIEW, "SET_HLP_VPN_LOG_VIEW"); //
+_LIT(KSET_HLP_VPN_CONFIG_MAIN, "SET_HLP_VPN_CONFIG_MAIN"); //
+_LIT(KSET_HLP_VPN_POLICY_VIEW, "SET_HLP_VPN_POLICY_VIEW"); //
+_LIT(KSET_HLP_VPN_POLICY_SERVERS, "SET_HLP_VPN_POLICY_SERVERS"); //
+_LIT(KSET_HLP_VPN_POLICY_SERVER_SET, "SET_HLP_VPN_POLICY_SERVER_SET"); //
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/help/rom/vpnclienthelps_variant.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,28 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+#ifndef __VPNCLIENTHELPS_VARIANT_IBY__
+#define __VPNCLIENTHELPS_VARIANT_IBY__
+
+#if defined(FF_S60_HELPS_IN_USE) && defined(FF_VPN_CLIENT)
+ data=LOCALISE(DATAZ_\resource\xhtml\%02d\0x10200EC4\contents.zip, RESOURCE_FILES_DIR\xhtml\%02d\0x10200EC4\contents.zip)
+ data=LOCALISE(DATAZ_\resource\xhtml\%02d\0x10200EC4\index.xml, RESOURCE_FILES_DIR\xhtml\%02d\0x10200EC4\index.xml)
+ data=LOCALISE(DATAZ_\resource\xhtml\%02d\0x10200EC4\keywords.xml, RESOURCE_FILES_DIR\xhtml\%02d\0x10200EC4\keywords.xml)
+ data=LOCALISE(DATAZ_\resource\xhtml\%02d\0x10200EC4\meta.xml, RESOURCE_FILES_DIR\xhtml\%02d\0x10200EC4\meta.xml)
+#endif
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/layers.sysdef.xml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<!DOCTYPE SystemDefinition SYSTEM "sysdef_1_4_0.dtd" [
+ <!ENTITY layer_real_source_path "sf/mw/vpnclient" >
+]>
+
+<SystemDefinition name="vpnclient" schema="1.4.0">
+ <systemModel>
+ <layer name="mw_layer">
+ <module name="vpnclient">
+ <unit unitID="netdo.vpnclient"
+ mrp="" bldFile="&layer_real_source_path;/group"
+ filter="!oem_build" name="vpnclient" />
+ </module>
+ </layer>
+ </systemModel>
+</SystemDefinition>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/package_definition.xml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<SystemDefinition schema="3.0.0">
+ <package id="vpnclient" name="VPN Client" levels="engine ui api">
+ <collection id="vpnengine" name="VPN Engine" level="engine">
+ <!-- too many components in this collection.
+ Probably best to group the binaries together into larger components
+ or maybe split the collection into more reasonable groups -->
+ <component id="eventmediatorapi" filter="s60" name="Event Mediator API">
+ <unit bldFile="vpnengine/eventmediatorapi/group"/>
+ </component>
+ <component id="eventviewer" filter="s60" name="Event Viewer">
+ <unit bldFile="vpnengine/eventviewer/group"/>
+ </component>
+ <component id="vpnins" filter="s60" name="VPN Installer">
+ <unit bldFile="vpnengine/vpnins/group"/>
+ </component>
+ <component id="acuagenttransport" filter="s60" name="ACU Agent Transport">
+ <unit bldFile="vpnengine/acuagenttransport/group"/>
+ </component>
+ <component id="acupluginlib" filter="s60" name="ACU Plugin Library">
+ <unit bldFile="vpnengine/acupluginlib/group"/>
+ </component>
+ <component id="ikepolparser" filter="s60" name="IKE Policy Parser">
+ <unit bldFile="vpnengine/ikepolparser/group"/>
+ </component>
+ <component id="utlbase64" filter="s60" name="Base64 Utilities">
+ <unit bldFile="vpnengine/utlbase64/group"/>
+ </component>
+ <component id="utlcrypto" filter="s60" name="Crypto Utilities">
+ <unit bldFile="vpnengine/utlcrypto/group"/>
+ </component>
+ <component id="utlxml" filter="s60" name="XML Utilities">
+ <unit bldFile="vpnengine/utlxml/group"/>
+ </component>
+ <component id="utlpkcs10" filter="s60" name="PKCS#10 Utilities">
+ <unit bldFile="vpnengine/utlpkcs10/group"/>
+ </component>
+ <component id="pkiserviceapi" filter="s60" name="PKI Service API">
+ <unit bldFile="vpnengine/pkiserviceapi/group"/>
+ </component>
+ <component id="acuagentcrypto" filter="s60" name="ACU Agent Crypto">
+ <unit bldFile="vpnengine/acuagentcrypto/group"/>
+ </component>
+ <component id="vpnextapi" filter="s60" name="VPN Extension API">
+ <unit bldFile="vpnengine/vpnextapi/group"/>
+ </component>
+ <component id="ikecert" filter="s60" name="IKE Certificate Management">
+ <unit bldFile="vpnengine/ikecert/group"/>
+ </component>
+ <component id="kmdapi" filter="s60" name="Key Management Daemon API">
+ <unit bldFile="vpnengine/kmdapi/group"/>
+ </component>
+ <component id="kmdserver" filter="s60" name="Key Management Daemon Server">
+ <unit bldFile="vpnengine/kmdserver/group"/>
+ </component>
+ <component id="ikeutils" filter="s60" name="Internet Key Exchange Utils">
+ <unit bldFile="vpnengine/ikeutils/group"/>
+ </component>
+ <component id="ikev1lib" filter="s60" name="IKEv1 Library">
+ <unit bldFile="vpnengine/ikev1lib/group"/>
+ </component>
+ <component id="ikev2lib" filter="s60" name="IKEv2 Library">
+ <unit bldFile="vpnengine/ikev2lib/group"/>
+ </component>
+ <component id="acuagentmessage" filter="s60" name="ACU Agent Message">
+ <unit bldFile="vpnengine/acuagentmessage/group"/>
+ </component>
+ <component id="acuagent" filter="s60" name="Automatic Content Update Agent">
+ <unit bldFile="vpnengine/acuagent/group"/>
+ </component>
+ <component id="vpnawapi" filter="s60" name="VPN ACU Wrapper API">
+ <unit bldFile="vpnengine/vpnawapi/group"/>
+ </component>
+ <component id="vpnipsecpolparser" filter="s60" name="VPN IPsec Policy Parser">
+ <unit bldFile="vpnengine/vpnipsecpolparser/group"/>
+ </component>
+ <component id="sit" filter="s60" name="Socket Interaction Thread">
+ <unit bldFile="vpnengine/sit/group"/>
+ </component>
+ <component id="acuins" filter="s60" name="ACU Installer">
+ <unit bldFile="vpnengine/acuins/group"/>
+ </component>
+ <component id="vpntcwrapper" filter="s60" name="VPN Terminal Control Wrapper">
+ <unit bldFile="vpnengine/vpntcwrapper/group"/>
+ </component>
+ <component id="eventmediator" filter="s60" name="Event Mediator">
+ <unit bldFile="vpnengine/eventmediator/group"/>
+ </component>
+ <component id="ipsecacuplugin" filter="s60" name="IPsec ACU Plugin" class="plugin">
+ <unit bldFile="vpnengine/ipsecacuplugin/group"/>
+ </component>
+ <component id="pkiservice" filter="s60" name="PKI Service">
+ <unit bldFile="vpnengine/pkiservice/group"/>
+ </component>
+ <component id="vpnconnagt" filter="s60" name="VPN Connection Agent">
+ <unit bldFile="vpnengine/vpnconnagt/group"/>
+ </component>
+ <component id="vpnmanager" filter="s60" name="VPN Manager">
+ <unit bldFile="vpnengine/vpnmanager/group"/>
+ </component>
+ <component id="vpncleaner" filter="s60" name="VPN Cleaner">
+ <unit bldFile="vpnengine/vpncleaner/group"/>
+ </component>
+ <component id="utlpkcs12" filter="s60" name="PKCS#12 Utilities">
+ <unit bldFile="vpnengine/utlpkcs12/group"/>
+ </component>
+ <component id="dmadengine" filter="s60" name="DM Adapter Engine">
+ <unit bldFile="vpnengine/dmadengine/group"/>
+ </component>
+ <component id="dmadipsecvpn" filter="s60" name="IPsec VPN DM Adapter" class="plugin">
+ <unit bldFile="vpnengine/dmadipsecvpn/group"/>
+ </component>
+ <component id="dmadpki" filter="s60" name="PKI DM Adapter" class="plugin">
+ <unit bldFile="vpnengine/dmadpki/group"/>
+ </component>
+ <component id="ikesocketplugin" filter="s60" name="IKE Socket Plugin" class="plugin">
+ <unit bldFile="vpnengine/ikesocketplugin/group"/>
+ </component>
+ <component id="vpnnif" filter="s60" name="VPN NIF"/>
+ </collection>
+ <collection id="vpnui" name="VPN UI" level="ui">
+ <component id="vpnecomnotifier" filter="s60" name="VPN ECOM Notifier" class="plugin">
+ <unit bldFile="vpnui/vpnecomnotifier/group"/>
+ </component>
+ <component id="vpndialogmanager" filter="s60" name="VPN Dialog Manager">
+ <unit bldFile="vpnui/vpndialogmanager/group"/>
+ </component>
+ <component id="vpnmanagementui" filter="s60" name="VPN Management UI" class="plugin">
+ <unit bldFile="vpnui/vpnmanagementui/group"/>
+ </component>
+ <component id="vpnpolins" filter="s60" name="VPN Policy Installer">
+ <unit bldFile="vpnui/vpnpolins/group"/>
+ </component>
+ <component id="vpnpolicyrecognizer" filter="s60" name="VPN Policy Recognizer" class="plugin">
+ <unit bldFile="vpnui/vpnpolicyrecognizer/group"/>
+ </component>
+ </collection>
+ <collection id="vpnapiimpl" name="VPN API Implementation" level="api">
+ <component id="vpnapi" filter="s60" name="VPN API">
+ <unit bldFile="vpnapiimpl/group"/>
+ </component>
+ </collection>
+ <collection id="vpnclient_sis" name="VPN Client SIS" level="api">
+ <component id="ce_sis" filter="s60" name="CE SIS">
+ <unit bldFile="vpnclient_sis/ce_sis/group"/>
+ </component>
+ <component id="stub_sis" filter="s60" name="Stub SIS">
+ <unit bldFile="vpnclient_sis/stub_sis/group"/>
+ </component>
+ <component id="vpnclient_sis_build" filter="s60" name="VPN Client SIS Build">
+ <unit bldFile="vpnclient_sis/group"/>
+ </component>
+ </collection>
+ <collection id="vpnclient_info" name="VPN Client Info" level="api">
+ <component id="vpnclient_help" filter="s60" name="VPN Client Help">
+ <unit bldFile="help/group"/>
+ </component>
+ <component id="vpnclient_build" filter="s60" name="VPN Client Build">
+ <!-- should split this up into the other components-->
+ <unit bldFile="group"/>
+ </component>
+ <component id="vpnc_plat" filter="s60" class="api" name="VPN Client Platform Interfaces">
+ <unit bldFile="vpnc_plat/vpnapi/group"/>
+ </component>
+ </collection>
+ </package>
+</SystemDefinition>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/rom/ipsecvpn.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* vpnclient
+*
+*/
+
+
+#ifndef __IPSECVPN_IBY__
+#define __IPSECVPN_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNCLIENT STUB SISSES not included in this rom
+
+#else
+
+data=ZSYSTEM\install\ipsecvpn.sis system\install\ipsecvpn.sis
+data=ZSYSTEM\install\ipsecvpn_vpnpolins.sis system\install\ipsecvpn_vpnpolins.sis
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __IPSECVPN_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sysdef_1_4_0.dtd Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,86 @@
+ <!ELEMENT SystemDefinition (systemModel?, build?)>
+ <!ATTLIST SystemDefinition
+ name CDATA #REQUIRED
+ schema CDATA #REQUIRED>
+ <!ELEMENT systemModel (layer+)>
+ <!ELEMENT layer (logicalset* | module*)*>
+ <!ATTLIST layer
+ name CDATA #REQUIRED
+ levels CDATA #IMPLIED
+ span CDATA #IMPLIED>
+ <!ELEMENT logicalset (logicalsubset* | module* | unit* | package* | prebuilt*)*>
+ <!ATTLIST logicalset name CDATA #REQUIRED>
+ <!ELEMENT logicalsubset (module* | unit* | package* | prebuilt*)*>
+ <!ATTLIST logicalsubset name CDATA #REQUIRED>
+ <!ELEMENT module (component* | unit* | package* | prebuilt*)*>
+ <!ATTLIST module
+ name CDATA #REQUIRED
+ level CDATA #IMPLIED>
+ <!ELEMENT component (unit* | package* | prebuilt*)*>
+ <!ATTLIST component name CDATA #REQUIRED>
+ <!ELEMENT unit EMPTY>
+ <!ATTLIST unit
+ unitID ID #REQUIRED
+ name CDATA #REQUIRED
+ mrp CDATA #REQUIRED
+ filter CDATA #IMPLIED
+ bldFile CDATA #REQUIRED
+ priority CDATA #IMPLIED
+ contract CDATA #IMPLIED>
+ <!ELEMENT package EMPTY>
+ <!ATTLIST package
+ name CDATA #REQUIRED
+ mrp CDATA #REQUIRED
+ filter CDATA #IMPLIED
+ contract CDATA #IMPLIED>
+ <!ELEMENT prebuilt EMPTY>
+ <!ATTLIST prebuilt
+ name CDATA #REQUIRED
+ version CDATA #REQUIRED
+ late (Y|N) #IMPLIED
+ filter CDATA #IMPLIED
+ contract CDATA #IMPLIED>
+ <!ELEMENT build (option* | target+ | targetList+ | unitList+ | configuration+)*>
+ <!ELEMENT unitList (unitRef+)>
+ <!ATTLIST unitList
+ name ID #REQUIRED
+ description CDATA #REQUIRED>
+ <!ELEMENT unitRef EMPTY>
+ <!ATTLIST unitRef unit IDREF #REQUIRED>
+ <!ELEMENT targetList EMPTY>
+ <!ATTLIST targetList
+ name ID #REQUIRED
+ description CDATA #REQUIRED
+ target IDREFS #REQUIRED>
+ <!ELEMENT target EMPTY>
+ <!ATTLIST target
+ name ID #REQUIRED
+ abldTarget CDATA #REQUIRED
+ description CDATA #REQUIRED>
+ <!ELEMENT option EMPTY>
+ <!ATTLIST option
+ name ID #REQUIRED
+ abldOption CDATA #REQUIRED
+ description CDATA #REQUIRED
+ enable (Y | N | y | n) #REQUIRED>
+ <!ELEMENT configuration (unitListRef+ | layerRef+ | task+)*>
+ <!ATTLIST configuration
+ name ID #REQUIRED
+ description CDATA #REQUIRED
+ filter CDATA #REQUIRED>
+ <!ELEMENT task ( unitListRef* , (buildLayer | specialInstructions))>
+ <!ELEMENT unitListRef EMPTY>
+ <!ATTLIST unitListRef unitList IDREF #REQUIRED>
+ <!ELEMENT layerRef EMPTY>
+ <!ATTLIST layerRef layerName CDATA #REQUIRED>
+ <!ELEMENT buildLayer EMPTY>
+ <!ATTLIST buildLayer
+ command CDATA #REQUIRED
+ targetList IDREFS #IMPLIED
+ unitParallel (Y | N | y | n) #REQUIRED
+ targetParallel (Y | N | y | n) #IMPLIED>
+ <!ELEMENT specialInstructions EMPTY>
+ <!ATTLIST specialInstructions
+ name CDATA #REQUIRED
+ cwd CDATA #REQUIRED
+ command CDATA #REQUIRED>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/BMARM/VPNAPIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,18 @@
+EXPORTS
+ __8RVpnServ @ 1 NONAME R3UNUSED ; RVpnServ::RVpnServ(void)
+ CancelImport__8RVpnServ @ 2 NONAME R3UNUSED ; RVpnServ::CancelImport(void)
+ ChangePassword__8RVpnServRCt5TPckg1Zt4TBuf1i50R14TRequestStatus @ 3 NONAME R3UNUSED ; RVpnServ::ChangePassword(TPckg<TBuf<50> > const &, TRequestStatus &)
+ Close__8RVpnServ @ 4 NONAME R3UNUSED ; RVpnServ::Close(void)
+ Connect__8RVpnServ @ 5 NONAME R3UNUSED ; RVpnServ::Connect(void)
+ DeletePolicy__8RVpnServRCt4TBuf1i50 @ 6 NONAME R3UNUSED ; RVpnServ::DeletePolicy(TBuf<50> const &)
+ EnumeratePolicies__8RVpnServRi @ 7 NONAME R3UNUSED ; RVpnServ::EnumeratePolicies(int &)
+ GetPolicyDetails__8RVpnServRCt4TBuf1i50R17TVpnPolicyDetails @ 8 NONAME R3UNUSED ; RVpnServ::GetPolicyDetails(TBuf<50> const &, TVpnPolicyDetails &)
+ GetPolicyInfoList__8RVpnServPt13CArrayFixFlat1Z14TVpnPolicyInfo @ 9 NONAME R3UNUSED ; RVpnServ::GetPolicyInfoList(CArrayFixFlat<TVpnPolicyInfo> *)
+ ImportPolicy__8RVpnServRC7TDesC16R14TRequestStatus @ 10 NONAME R3UNUSED ; RVpnServ::ImportPolicy(TDesC16 const &, TRequestStatus &)
+ Version__C8RVpnServ @ 11 NONAME R3UNUSED ; RVpnServ::Version(void) const
+ CancelChange__8RVpnServ @ 12 NONAME R3UNUSED ; RVpnServ::CancelChange(void)
+ GetPolicyData__8RVpnServRCt4TBuf1i50RP6HBufC8 @ 13 NONAME R3UNUSED ; RVpnServ::GetPolicyData(TBuf<50> const &, HBufC8 *&)
+ UpdatePolicyData__8RVpnServRCt4TBuf1i50RC6TDesC8 @ 14 NONAME R3UNUSED ; RVpnServ::UpdatePolicyData(TBuf<50> const &, TDesC8 const &)
+ UpdatePolicyDetails__8RVpnServR17TVpnPolicyDetails @ 15 NONAME R3UNUSED ; RVpnServ::UpdatePolicyDetails(TVpnPolicyDetails &)
+ AddPolicy__8RVpnServR17TVpnPolicyDetailsRC6TDesC8 @ 16 NONAME R3UNUSED ; RVpnServ::AddPolicy(TVpnPolicyDetails &, TDesC8 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/EABI/vpnapiU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,20 @@
+EXPORTS
+ _ZN8RVpnServ12CancelChangeEv @ 1 NONAME
+ _ZN8RVpnServ12CancelImportEv @ 2 NONAME
+ _ZN8RVpnServ12DeletePolicyERK4TBufILi50EE @ 3 NONAME
+ _ZN8RVpnServ12ImportPolicyERK7TDesC16R14TRequestStatus @ 4 NONAME
+ _ZN8RVpnServ13GetPolicyDataERK4TBufILi50EERP6HBufC8 @ 5 NONAME
+ _ZN8RVpnServ14ChangePasswordERK5TPckgI4TBufILi50EEER14TRequestStatus @ 6 NONAME
+ _ZN8RVpnServ16GetPolicyDetailsERK4TBufILi50EER17TVpnPolicyDetails @ 7 NONAME
+ _ZN8RVpnServ17EnumeratePoliciesERi @ 8 NONAME
+ _ZN8RVpnServ17GetPolicyInfoListEP13CArrayFixFlatI14TVpnPolicyInfoE @ 9 NONAME
+ _ZN8RVpnServ5CloseEv @ 10 NONAME
+ _ZN8RVpnServ7ConnectEv @ 11 NONAME
+ _ZN8RVpnServC1Ev @ 12 NONAME
+ _ZN8RVpnServC2Ev @ 13 NONAME
+ _ZNK8RVpnServ7VersionEv @ 14 NONAME
+ _ZN8RVpnServ16UpdatePolicyDataERK4TBufILi50EERK6TDesC8 @ 15 NONAME
+ _ZN8RVpnServ19UpdatePolicyDetailsERK17TVpnPolicyDetails @ 16 NONAME
+ _ZN8RVpnServ9AddPolicyER17TVpnPolicyDetailsRK6TDesC8 @ 17 NONAME
+ _ZN8RVpnServ19UpdatePolicyDetailsER17TVpnPolicyDetails @ 18 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/bwins/VPNAPIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,19 @@
+EXPORTS
+ ??0RVpnServ@@QAE@XZ @ 1 NONAME ; public: __thiscall RVpnServ::RVpnServ(void)
+ ?CancelChange@RVpnServ@@QAEXXZ @ 2 NONAME ; public: void __thiscall RVpnServ::CancelChange(void)
+ ?CancelImport@RVpnServ@@QAEXXZ @ 3 NONAME ; public: void __thiscall RVpnServ::CancelImport(void)
+ ?ChangePassword@RVpnServ@@QAEXABV?$TPckg@V?$TBuf@$0DC@@@@@AAVTRequestStatus@@@Z @ 4 NONAME ; public: void __thiscall RVpnServ::ChangePassword(class TPckg<class TBuf<50> > const &,class TRequestStatus &)
+ ?Close@RVpnServ@@QAEXXZ @ 5 NONAME ; public: void __thiscall RVpnServ::Close(void)
+ ?Connect@RVpnServ@@QAEHXZ @ 6 NONAME ; public: int __thiscall RVpnServ::Connect(void)
+ ?DeletePolicy@RVpnServ@@QAEHABV?$TBuf@$0DC@@@@Z @ 7 NONAME ; public: int __thiscall RVpnServ::DeletePolicy(class TBuf<50> const &)
+ ?EnumeratePolicies@RVpnServ@@QAEHAAH@Z @ 8 NONAME ; public: int __thiscall RVpnServ::EnumeratePolicies(int &)
+ ?GetPolicyDetails@RVpnServ@@QAEHABV?$TBuf@$0DC@@@AAUTVpnPolicyDetails@@@Z @ 9 NONAME ; public: int __thiscall RVpnServ::GetPolicyDetails(class TBuf<50> const &,struct TVpnPolicyDetails &)
+ ?GetPolicyInfoList@RVpnServ@@QAEHPAV?$CArrayFixFlat@UTVpnPolicyInfo@@@@@Z @ 10 NONAME ; public: int __thiscall RVpnServ::GetPolicyInfoList(class CArrayFixFlat<struct TVpnPolicyInfo> *)
+ ?ImportPolicy@RVpnServ@@QAEXABVTDesC16@@AAVTRequestStatus@@@Z @ 11 NONAME ; public: void __thiscall RVpnServ::ImportPolicy(class TDesC16 const &,class TRequestStatus &)
+ ?Version@RVpnServ@@QBE?AVTVersion@@XZ @ 12 NONAME ; public: class TVersion __thiscall RVpnServ::Version(void)const
+ ?GetPolicyData@RVpnServ@@QAEHABV?$TBuf@$0DC@@@AAPAVHBufC8@@@Z @ 13 NONAME ; public: int __thiscall RVpnServ::GetPolicyData(class TBuf<50> const &,class HBufC8 * &)
+ ?AddPolicy@RVpnServ@@QAEHAAUTVpnPolicyDetails@@ABVTDesC8@@@Z @ 14 NONAME ; int RVpnServ::AddPolicy(struct TVpnPolicyDetails &, class TDesC8 const &)
+ ?UpdatePolicyData@RVpnServ@@QAEHABV?$TBuf@$0DC@@@ABVTDesC8@@@Z @ 15 NONAME ; int RVpnServ::UpdatePolicyData(class TBuf<50> const &, class TDesC8 const &)
+ ?UpdatePolicyDetails@RVpnServ@@QAEHABUTVpnPolicyDetails@@@Z @ 16 NONAME ; int RVpnServ::UpdatePolicyDetails(struct TVpnPolicyDetails const &)
+ ?UpdatePolicyDetails@RVpnServ@@QAEHAAUTVpnPolicyDetails@@@Z @ 17 NONAME ; int RVpnServ::UpdatePolicyDetails(struct TVpnPolicyDetails &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/data/vpnerr.ra Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,490 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPN API.
+*
+*/
+
+
+/* IPSec Policy API errors */
+
+RESOURCE ARRAY r_error_array_ipsecpolapi_errors
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_EOpenSocketError; /* -5135 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EBindSocketError; /* -5136 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EOpenAlgorithmsFileError; /* -5137 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ESecpolSocketSetOptError; /* -5138 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EUnknownPolicyHandle; /* -5139 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EParsingError; /* -5140 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EWriteSocketError; /* -5141 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ESecpolReaderError; /* -5142 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ENoSelectorFound; /* -5143 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ENoMemory; /* -5144 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_EInboundOutboundConflict; /* -5145 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ESelectorConflict; /* -5146 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_ENoConflictInfoFound; /* -5147 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_EOpenSocketError { buf=STRING_r_error_EOpenSocketError; }
+RESOURCE TBUF r_error_EBindSocketError { buf=STRING_r_error_EBindSocketError; }
+RESOURCE TBUF r_error_EOpenAlgorithmsFileError { buf=STRING_r_error_EOpenAlgorithmsFileError; }
+RESOURCE TBUF r_error_ESecpolSocketSetOptError { buf=STRING_r_error_ESecpolSocketSetOptError; }
+RESOURCE TBUF r_error_EUnknownPolicyHandle { buf=STRING_r_error_EUnknownPolicyHandle; }
+RESOURCE TBUF r_error_EParsingError { buf=STRING_r_error_EParsingError; }
+RESOURCE TBUF r_error_EWriteSocketError { buf=STRING_r_error_EWriteSocketError; }
+RESOURCE TBUF r_error_ESecpolReaderError { buf=STRING_r_error_ESecpolReaderError; }
+RESOURCE TBUF r_error_ENoSelectorFound { buf=STRING_r_error_ENoSelectorFound; }
+RESOURCE TBUF r_error_ENoMemory { buf=STRING_r_error_ENoMemory; }
+RESOURCE TBUF r_error_EInboundOutboundConflict { buf=STRING_r_error_EInboundOutboundConflict; }
+RESOURCE TBUF r_error_ESelectorConflict { buf=STRING_r_error_ESelectorConflict; }
+RESOURCE TBUF r_error_ENoConflictInfoFound { buf=STRING_r_error_ENoConflictInfoFound; }
+
+/* VPN API errors */
+
+RESOURCE ARRAY r_error_array_vpnapi_errors
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrNoPolicyFile; /* -5229 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrNoPolicyInfoFile; /* -5230 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrInvalidPolicyFile; /* -5231 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrPolicyNotFound; /* -5232 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrInvalidCaCertFile; /* -5233 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrPeerCertFileMissing; /* -5234 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrInvalidUserCertFile; /* -5235 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrInvalidUserPrivKeyFile; /* -5236 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrImportOngoing; /* -5237 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrPwdChangeOngoing; /* -5238 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrPolicyCountChanged; /* -5239 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_KVpnErrNoPolicyFile { buf=STRING_r_error_KVpnErrNoPolicyFile; }
+RESOURCE TBUF r_error_KVpnErrNoPolicyInfoFile { buf=STRING_r_error_KVpnErrNoPolicyInfoFile; }
+RESOURCE TBUF r_error_KVpnErrInvalidPolicyFile { buf=STRING_r_error_KVpnErrInvalidPolicyFile; }
+RESOURCE TBUF r_error_KVpnErrPolicyNotFound { buf=STRING_r_error_KVpnErrPolicyNotFound; }
+RESOURCE TBUF r_error_KVpnErrInvalidCaCertFile { buf=STRING_r_error_KVpnErrInvalidCaCertFile; }
+RESOURCE TBUF r_error_KVpnErrPeerCertFileMissing { buf=STRING_r_error_KVpnErrPeerCertFileMissing; }
+RESOURCE TBUF r_error_KVpnErrInvalidUserCertFile { buf=STRING_r_error_KVpnErrInvalidUserCertFile; }
+RESOURCE TBUF r_error_KVpnErrInvalidUserPrivKeyFile { buf=STRING_r_error_KVpnErrInvalidUserPrivKeyFile; }
+RESOURCE TBUF r_error_KVpnErrImportOngoing { buf=STRING_r_error_KVpnErrImportOngoing; }
+RESOURCE TBUF r_error_KVpnErrPwdChangeOngoing { buf=STRING_r_error_KVpnErrPwdChangeOngoing; }
+RESOURCE TBUF r_error_KVpnErrPolicyCountChanged { buf=STRING_r_error_KVpnErrPolicyCountChanged; }
+
+/* PKI Service API errors */
+
+RESOURCE ARRAY r_error_array_pkiserviceapi_errors
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrWrongObjectType; /* -5240 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrObjectUninitialized; /* -5241 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrPassword; /* -5242 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrServiceBusy; /* -5243 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrCancel; /* -5244 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrBufferTooShort; /* -5245 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrCertRequestParam; /* -5246 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrCertRequest; /* -5247 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrNotFound; /* -5248 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrAmbiguous; /* -5249 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrNotSupported; /* -5250 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrUnexpectedState; /* -5251 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KPKIErrKeyStoreEmpty; /* -5252 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_KPKIErrWrongObjectType { buf=STRING_r_error_KPKIErrWrongObjectType; }
+RESOURCE TBUF r_error_KPKIErrObjectUninitialized { buf=STRING_r_error_KPKIErrObjectUninitialized; }
+RESOURCE TBUF r_error_KPKIErrPassword { buf=STRING_r_error_KPKIErrPassword; }
+RESOURCE TBUF r_error_KPKIErrServiceBusy { buf=STRING_r_error_KPKIErrServiceBusy; }
+RESOURCE TBUF r_error_KPKIErrCancel { buf=STRING_r_error_KPKIErrCancel; }
+RESOURCE TBUF r_error_KPKIErrBufferTooShort { buf=STRING_r_error_KPKIErrBufferTooShort; }
+RESOURCE TBUF r_error_KPKIErrCertRequestParam { buf=STRING_r_error_KPKIErrCertRequestParam; }
+RESOURCE TBUF r_error_KPKIErrCertRequest { buf=STRING_r_error_KPKIErrCertRequest; }
+RESOURCE TBUF r_error_KPKIErrNotFound { buf=STRING_r_error_KPKIErrNotFound; }
+RESOURCE TBUF r_error_KPKIErrAmbiguous { buf=STRING_r_error_KPKIErrAmbiguous; }
+RESOURCE TBUF r_error_KPKIErrNotSupported { buf=STRING_r_error_KPKIErrNotSupported; }
+RESOURCE TBUF r_error_KPKIErrUnexpectedState { buf=STRING_r_error_KPKIErrUnexpectedState; }
+RESOURCE TBUF r_error_KPKIErrKeyStoreEmpty { buf=STRING_r_error_KPKIErrKeyStoreEmpty; }
+
+/* KMD API errors */
+
+RESOURCE ARRAY r_error_array_kmdapi_errors
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdTooWeakCryptoLib; /* -5253 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdNoAlgorithmsFile; /* -5254 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkePolicyFileErr; /* -5255 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeNegotFailed; /* -5256 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeNoResponse; /* -5257 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeNoProposalErr; /* -5258 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeAuthFailedErr; /* -5259 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkePeerAuthFailed; /* -5260 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeNoCertFoundErr; /* -5261 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KKmdIkeNoPolicyErr; /* -5262 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_KKmdTooWeakCryptoLib { buf=STRING_r_error_KKmdTooWeakCryptoLib; }
+RESOURCE TBUF r_error_KKmdNoAlgorithmsFile { buf=STRING_r_error_KKmdNoAlgorithmsFile; }
+RESOURCE TBUF r_error_KKmdIkePolicyFileErr { buf=STRING_r_error_KKmdIkePolicyFileErr; }
+RESOURCE TBUF r_error_KKmdIkeNegotFailed { buf=STRING_r_error_KKmdIkeNegotFailed; }
+RESOURCE TBUF r_error_KKmdIkeNoResponse { buf=STRING_r_error_KKmdIkeNoResponse; }
+RESOURCE TBUF r_error_KKmdIkeNoProposalErr { buf=STRING_r_error_KKmdIkeNoProposalErr; }
+RESOURCE TBUF r_error_KKmdIkeAuthFailedErr { buf=STRING_r_error_KKmdIkeAuthFailedErr; }
+RESOURCE TBUF r_error_KKmdIkePeerAuthFailed { buf=STRING_r_error_KKmdIkePeerAuthFailed; }
+RESOURCE TBUF r_error_KKmdIkeNoCertFoundErr { buf=STRING_r_error_KKmdIkeNoCertFoundErr; }
+RESOURCE TBUF r_error_KKmdIkeNoPolicyErr { buf=STRING_r_error_KKmdIkeNoPolicyErr; }
+
+/* IKE policy parser errors */
+
+RESOURCE ARRAY r_error_array_ikepolparser_errors
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrMode; /* -5263 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrNotify; /* -5264 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrCommit; /* -5265 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrIpsecExpire; /* -5266 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrSendCert; /* -5267 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrInitialContact; /* -5268 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrResponderLifetime;/* -5269 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrReplayStatus; /* -5270 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrGroupDesc_II; /* -5271 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrProposal; /* -5272 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrEncrAlg; /* -5273 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrAuthMethod; /* -5274 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrHashAlg; /* -5275 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrGroupDesc; /* -5276 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrGroupType; /* -5277 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrLifeBytes; /* -5278 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrLifeSecs; /* -5279 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPRF; /* -5280 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPreKey; /* -5281 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPreFormat; /* -5282 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrCA; /* -5283 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrOwnCerts; /* -5284 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrOwnName; /* -5285 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrOwnKey; /* -5286 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPeerCerts; /* -5287 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPeerAddr; /* -5288 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrPeerMask; /* -5289 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrMaxLifetimeSec; /* -5290 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrMaxLifetimeKB; /* -5291 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrMaxRetrans; /* -5292 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrNoSeparator; /* -5293 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrCRACKLAMType; /* -5294 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrUseIntAddr; /* -5295 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrUseNATProbe; /* -5296 */
+ },
+ SINGLE_ERROR
+ {
+ text=r_error_KSecParserErrUnknown; /* -5297 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_KSecParserErrMode { buf=STRING_r_error_KSecParserErrMode; }
+RESOURCE TBUF r_error_KSecParserErrNotify { buf=STRING_r_error_KSecParserErrNotify; }
+RESOURCE TBUF r_error_KSecParserErrCommit { buf=STRING_r_error_KSecParserErrCommit; }
+RESOURCE TBUF r_error_KSecParserErrIpsecExpire { buf=STRING_r_error_KSecParserErrIpsecExpire; }
+RESOURCE TBUF r_error_KSecParserErrSendCert { buf=STRING_r_error_KSecParserErrSendCert; }
+RESOURCE TBUF r_error_KSecParserErrInitialContact { buf=STRING_r_error_KSecParserErrInitialContact; }
+RESOURCE TBUF r_error_KSecParserErrResponderLifetime { buf=STRING_r_error_KSecParserErrResponderLifetime; }
+RESOURCE TBUF r_error_KSecParserErrReplayStatus { buf=STRING_r_error_KSecParserErrReplayStatus; }
+RESOURCE TBUF r_error_KSecParserErrGroupDesc_II { buf=STRING_r_error_KSecParserErrGroupDesc_II; }
+RESOURCE TBUF r_error_KSecParserErrProposal { buf=STRING_r_error_KSecParserErrProposal; }
+RESOURCE TBUF r_error_KSecParserErrEncrAlg { buf=STRING_r_error_KSecParserErrEncrAlg; }
+RESOURCE TBUF r_error_KSecParserErrAuthMethod { buf=STRING_r_error_KSecParserErrAuthMethod; }
+RESOURCE TBUF r_error_KSecParserErrHashAlg { buf=STRING_r_error_KSecParserErrHashAlg; }
+RESOURCE TBUF r_error_KSecParserErrGroupDesc { buf=STRING_r_error_KSecParserErrGroupDesc; }
+RESOURCE TBUF r_error_KSecParserErrGroupType { buf=STRING_r_error_KSecParserErrGroupType; }
+RESOURCE TBUF r_error_KSecParserErrLifeBytes { buf=STRING_r_error_KSecParserErrLifeBytes; }
+RESOURCE TBUF r_error_KSecParserErrLifeSecs { buf=STRING_r_error_KSecParserErrLifeSecs; }
+RESOURCE TBUF r_error_KSecParserErrPRF { buf=STRING_r_error_KSecParserErrPRF; }
+RESOURCE TBUF r_error_KSecParserErrPreKey { buf=STRING_r_error_KSecParserErrPreKey; }
+RESOURCE TBUF r_error_KSecParserErrPreFormat { buf=STRING_r_error_KSecParserErrPreFormat; }
+RESOURCE TBUF r_error_KSecParserErrCA { buf=STRING_r_error_KSecParserErrCA; }
+RESOURCE TBUF r_error_KSecParserErrOwnCerts { buf=STRING_r_error_KSecParserErrOwnCerts; }
+RESOURCE TBUF r_error_KSecParserErrOwnName { buf=STRING_r_error_KSecParserErrOwnName; }
+RESOURCE TBUF r_error_KSecParserErrOwnKey { buf=STRING_r_error_KSecParserErrOwnKey; }
+RESOURCE TBUF r_error_KSecParserErrPeerCerts { buf=STRING_r_error_KSecParserErrPeerCerts; }
+RESOURCE TBUF r_error_KSecParserErrPeerAddr { buf=STRING_r_error_KSecParserErrPeerAddr; }
+RESOURCE TBUF r_error_KSecParserErrPeerMask { buf=STRING_r_error_KSecParserErrPeerMask; }
+RESOURCE TBUF r_error_KSecParserErrMaxLifetimeSec { buf=STRING_r_error_KSecParserErrMaxLifetimeSec; }
+RESOURCE TBUF r_error_KSecParserErrMaxLifetimeKB { buf=STRING_r_error_KSecParserErrMaxLifetimeKB; }
+RESOURCE TBUF r_error_KSecParserErrMaxRetrans { buf=STRING_r_error_KSecParserErrMaxRetrans; }
+RESOURCE TBUF r_error_KSecParserErrNoSeparator { buf=STRING_r_error_KSecParserErrNoSeparator; }
+RESOURCE TBUF r_error_KSecParserErrCRACKLAMType { buf=STRING_r_error_KSecParserErrCRACKLAMType; }
+RESOURCE TBUF r_error_KSecParserErrUseIntAddr { buf=STRING_r_error_KSecParserErrUseIntAddr; }
+RESOURCE TBUF r_error_KSecParserErrUseNATProbe { buf=STRING_r_error_KSecParserErrUseNATProbe; }
+RESOURCE TBUF r_error_KSecParserErrUnknown { buf=STRING_r_error_KSecParserErrUnknown; }
+
+RESOURCE ARRAY r_error_array_vpnapi_errors_2
+ {
+ items=
+ {
+ SINGLE_ERROR
+ {
+ text=r_error_KVpnErrPolicySizeChanged; /* -5298 */
+ }
+ };
+ }
+
+RESOURCE TBUF r_error_KVpnErrPolicySizeChanged { buf=STRING_r_error_KVpnErrPolicySizeChanged; }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/data/vpnerr.rls Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,117 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPN API.
+*
+*/
+
+// IPSec Policy API errors
+
+rls_string STRING_r_error_EOpenSocketError "IPSec policy loading failed (socket open failed)"
+rls_string STRING_r_error_EBindSocketError "IPSec policy loading failed (socket bind failed)"
+rls_string STRING_r_error_EOpenAlgorithmsFileError "IPSec policy loading failed (algorithms configuration file not found)"
+rls_string STRING_r_error_ESecpolSocketSetOptError "IPSec policy loading failed (socket options could not be set)"
+rls_string STRING_r_error_EUnknownPolicyHandle "Unknown IPSec policy handle"
+rls_string STRING_r_error_EParsingError "IPSec policy loading failed (invalid policy)"
+rls_string STRING_r_error_EWriteSocketError "IPSec policy loading failed (socket write failed)"
+rls_string STRING_r_error_ESecpolReaderError "IPSec event logging failed (socket error)"
+rls_string STRING_r_error_ENoSelectorFound "No matching IPSec policy selector found"
+rls_string STRING_r_error_ENoMemory "IPSec policy handling failed (no memory)"
+rls_string STRING_r_error_EInboundOutboundConflict "IPSec policy loading failed (conflicting policy already active)"
+rls_string STRING_r_error_ESelectorConflict "IPSec policy loading failed (conflicting policy already active)"
+rls_string STRING_r_error_ENoConflictInfoFound "IPSec policy conflict information not found"
+
+// VPN API errors
+
+rls_string STRING_r_error_KVpnErrNoPolicyFile "VPN policy file not found"
+rls_string STRING_r_error_KVpnErrNoPolicyInfoFile "VPN policy information file not found"
+rls_string STRING_r_error_KVpnErrInvalidPolicyFile "Invalid VPN policy file"
+rls_string STRING_r_error_KVpnErrPolicyNotFound "VPN policy not found"
+rls_string STRING_r_error_KVpnErrInvalidCaCertFile "VPN CA certificate file not found or file is corrupted"
+rls_string STRING_r_error_KVpnErrPeerCertFileMissing "VPN gateway certificate file not found"
+rls_string STRING_r_error_KVpnErrInvalidUserCertFile "VPN user certificate file not found or file is corrupted"
+rls_string STRING_r_error_KVpnErrInvalidUserPrivKeyFile "VPN user private key file not found, file is corrupted or wrong password used"
+rls_string STRING_r_error_KVpnErrImportOngoing "VPN policy import already in progress"
+rls_string STRING_r_error_KVpnErrPwdChangeOngoing "Password change already in progress"
+rls_string STRING_r_error_KVpnErrPolicyCountChanged "VPN policy count has changed"
+
+// PKI Service API errors
+
+rls_string STRING_r_error_KPKIErrWrongObjectType "Wrong PKI object (key or certificate) type"
+rls_string STRING_r_error_KPKIErrObjectUninitialized "PKI object (key or certificate) uninitialized"
+rls_string STRING_r_error_KPKIErrPassword "PKI key store password error"
+rls_string STRING_r_error_KPKIErrServiceBusy "PKI service is busy"
+rls_string STRING_r_error_KPKIErrCancel "PKI service request cancelled"
+rls_string STRING_r_error_KPKIErrBufferTooShort "Not enough space reserved for a PKI object (key or certificate)"
+rls_string STRING_r_error_KPKIErrCertRequestParam "Parameter error in certificate request"
+rls_string STRING_r_error_KPKIErrCertRequest "Generating certificate request failed"
+rls_string STRING_r_error_KPKIErrNotFound "Key or certificate not found"
+rls_string STRING_r_error_KPKIErrAmbiguous "Key or certificate selection was ambiguous"
+rls_string STRING_r_error_KPKIErrNotSupported "Function not supported"
+rls_string STRING_r_error_KPKIErrUnexpectedState "Unexpected state encountered"
+rls_string STRING_r_error_KPKIErrKeyStoreEmpty "Logon or ChangePassword is impossible because the key store is empty"
+
+// IKE policy parser errors
+
+rls_string STRING_r_error_KSecParserErrMode "Invalid VPN policy (invalid IKE mode value)"
+rls_string STRING_r_error_KSecParserErrNotify "Invalid VPN policy (invalid IKE notify value)"
+rls_string STRING_r_error_KSecParserErrCommit "Invalid VPN policy (invalid IKE commit value)"
+rls_string STRING_r_error_KSecParserErrIpsecExpire "Invalid VPN policy (invalid IKE expire value)"
+rls_string STRING_r_error_KSecParserErrSendCert "Invalid VPN policy (invalid IKE send certificate value)"
+rls_string STRING_r_error_KSecParserErrInitialContact "Invalid VPN policy (invalid IKE initial contact value)"
+rls_string STRING_r_error_KSecParserErrResponderLifetime "Invalid VPN policy (invalid IKE responder lifetime value)"
+rls_string STRING_r_error_KSecParserErrReplayStatus "Invalid VPN policy (invalid IKE replay status value)"
+rls_string STRING_r_error_KSecParserErrGroupDesc_II "Invalid VPN policy (invalid IKE group description II value)"
+rls_string STRING_r_error_KSecParserErrProposal "Invalid VPN policy (invalid IKE proposal)"
+rls_string STRING_r_error_KSecParserErrEncrAlg "Invalid VPN policy (invalid IKE encryption algorithm value)"
+rls_string STRING_r_error_KSecParserErrAuthMethod "Invalid VPN policy (invalid IKE authentication method value)"
+rls_string STRING_r_error_KSecParserErrHashAlg "Invalid VPN policy (invalid IKE hash algorithm value)"
+rls_string STRING_r_error_KSecParserErrGroupDesc "Invalid VPN policy (invalid IKE group description value)"
+rls_string STRING_r_error_KSecParserErrGroupType "Invalid VPN policy (invalid IKE group type value)"
+rls_string STRING_r_error_KSecParserErrLifeBytes "Invalid VPN policy (invalid IKE lifetime bytes value)"
+rls_string STRING_r_error_KSecParserErrLifeSecs "Invalid VPN policy (invalid IKE lifetime seconds value)"
+rls_string STRING_r_error_KSecParserErrPRF "Invalid VPN policy (invalid IKE PRF value)"
+rls_string STRING_r_error_KSecParserErrPreKey "Invalid VPN policy (invalid IKE preshared key value)"
+rls_string STRING_r_error_KSecParserErrPreFormat "Invalid VPN policy (invalid IKE preshared key format value)"
+rls_string STRING_r_error_KSecParserErrCA "Invalid VPN policy (invalid IKE CA value)"
+rls_string STRING_r_error_KSecParserErrOwnCerts "Invalid VPN policy (invalid IKE own certificate value)"
+rls_string STRING_r_error_KSecParserErrOwnName "Invalid VPN policy (invalid IKE own name value)"
+rls_string STRING_r_error_KSecParserErrOwnKey "Invalid VPN policy (invalid IKE own key value)"
+rls_string STRING_r_error_KSecParserErrPeerCerts "Invalid VPN policy (invalid IKE peer certificate value)"
+rls_string STRING_r_error_KSecParserErrPeerAddr "Invalid VPN policy (invalid IKE peer address value)"
+rls_string STRING_r_error_KSecParserErrPeerMask "Invalid VPN policy (invalid IKE peer mask value)"
+rls_string STRING_r_error_KSecParserErrMaxLifetimeSec "Invalid VPN policy (invalid IKE max. lifetime seconds value)"
+rls_string STRING_r_error_KSecParserErrMaxLifetimeKB "Invalid VPN policy (invalid IKE max. lifetime kilobytes value)"
+rls_string STRING_r_error_KSecParserErrMaxRetrans "Invalid VPN policy (invalid IKE max. retransmissions value)"
+rls_string STRING_r_error_KSecParserErrNoSeparator "Invalid VPN policy (no separator)"
+rls_string STRING_r_error_KSecParserErrCRACKLAMType "Invalid VPN policy (invalid IKE CRACK LAM type value)"
+rls_string STRING_r_error_KSecParserErrUseIntAddr "Invalid VPN policy (invalid IKE use internal addressing value)"
+rls_string STRING_r_error_KSecParserErrUseNATProbe "Invalid VPN policy (invalid IKE use NAT probe value)"
+rls_string STRING_r_error_KSecParserErrUnknown "Invalid VPN policy (unknown error)"
+
+// KMD API errors
+
+rls_string STRING_r_error_KKmdTooWeakCryptoLib "Crypto library is too weak"
+rls_string STRING_r_error_KKmdNoAlgorithmsFile "VPN Configuration error (Algorithms.conf cannot be found)"
+rls_string STRING_r_error_KKmdIkePolicyFileErr "VPN Configuration error (Error in IKE configuration)"
+rls_string STRING_r_error_KKmdIkeNegotFailed "IKE Phase 1 negotiation failed"
+rls_string STRING_r_error_KKmdIkeNoResponse "IKE Phase 1 negotiation failed (no proper response from peer)"
+rls_string STRING_r_error_KKmdIkeNoProposalErr "IKE Phase 1 negotiation failed (no proposal chosen by peer)"
+rls_string STRING_r_error_KKmdIkeAuthFailedErr "IKE Phase 1 negotiation failed (local end authentication failed)"
+rls_string STRING_r_error_KKmdIkePeerAuthFailed "IKE Phase 1 negotiation failed (peer authentication failed)"
+rls_string STRING_r_error_KKmdIkeNoCertFoundErr "IKE Phase 1 negotiation failed (proper certificate not found)"
+rls_string STRING_r_error_KKmdIkeNoPolicyErr "IKE Phase 1 negotiation failed (no IKE policy section found"
+
+// VPN API errors 2
+
+rls_string STRING_r_error_KVpnErrPolicySizeChanged "VPN policy size has changed"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/data/vpnerr.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,100 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPN API.
+*
+*/
+
+
+NAME VPNE
+
+#include <uikon.rh>
+#include <baerrrsvr.rh>
+#include "vpnerr.rls"
+
+RESOURCE RSS_SIGNATURE { }
+
+// The error code range reserved by Symbian for IPSec and IPSec
+// VPN modules is [-5135, -5299] (165 error code values in total).
+// From this range, the sub-range [-5154, -5228] is reserved to
+// ipsec6. This leaves two sub-ranges, [-5135, -5153] and
+// [-5229, -5299] for use by the IPSec VPN modules.
+// From these two ranges, error code values are allocated
+// as follows:
+//
+// - IPSec Policy API: [-5135, -5147] (13 values)
+// - VPN API: [-5229, -5239] (11 values)
+// - PKI Service API: [-5240, -5252] (13 values)
+// - KMD API: [-5253, -5262] (10 values)
+// - IKE Policy Parser: [-5263, -5297] (35 values)
+// - VPN API 2: [-5298, -5298] (1 value)
+//
+// To add new error codes:
+// - Add a new range to the above list (just for clarity)
+// - Add a new ERROR_ARRAY definition to the below
+// ERROR_SET resource with startError set to the
+// beginning of the new error code range
+// - Add a new ARRAY resource to the vpnerr.ra
+// resource file corresponding to the new ERROR_ARRAY
+// definition. In the ARRAY resource, add a single
+// SINGLE_ERROR definition for each error code that your
+// source code uses.
+// NOTE. The error code value associated with each
+// SINGLE_ERROR definition depends on the startError
+// value of corresponding ERROR_ARRAY definition and
+// the position of the SINGLE_ERROR definition.
+// - Add the necessary TBUF resources to the vpnerr.ra
+// file add the corresponding rls_string definitions
+// to the vpnerr.rls file.
+// - Set the error code constant values in your source code
+// to be same as the implicit values of the corresponding
+// SINGLE_ERROR definitions in the vpnerr.ra file.
+
+RESOURCE ERROR_SET r_error_set_vpn
+ {
+ errorarrays=
+ {
+ ERROR_ARRAY
+ {
+ startError=-5135;
+ errors=r_error_array_ipsecpolapi_errors;
+ },
+ ERROR_ARRAY
+ {
+ startError=-5229;
+ errors=r_error_array_vpnapi_errors;
+ },
+ ERROR_ARRAY
+ {
+ startError=-5240;
+ errors=r_error_array_pkiserviceapi_errors;
+ },
+ ERROR_ARRAY
+ {
+ startError=-5253;
+ errors=r_error_array_kmdapi_errors;
+ },
+ ERROR_ARRAY
+ {
+ startError=-5263;
+ errors=r_error_array_ikepolparser_errors;
+ },
+ ERROR_ARRAY
+ {
+ startError=-5298;
+ errors=r_error_array_vpnapi_errors_2;
+ }
+ };
+ }
+
+#include "vpnerr.ra"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,22 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+#include <platform_paths.hrh>
+
+PRJ_MMPFILES
+vpnapi.mmp
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/group/vpnapi.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,83 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnapi
+
+*
+*/
+
+
+
+
+#include <platform_paths.hrh>
+
+
+
+TARGET vpnapi.dll
+
+TARGETTYPE dll
+
+UID 0x1000008d 0x101FD285
+
+
+
+CAPABILITY ALL -Tcb
+
+VENDORID VID_DEFAULT
+
+
+
+SOURCEPATH ../src
+
+SOURCE vpnapi.cpp
+
+
+
+SOURCEPATH ../../vpnengine/vpncommon/src
+
+SOURCE clistatic.cpp
+
+
+
+// The resource file containing IPSec VPN error messages,
+
+// generated for the system error resolver.
+
+SOURCEPATH ../data
+
+START RESOURCE vpnerr.rss
+
+TARGETPATH /RESOURCE/ERRORS
+
+LANGUAGE_IDS
+
+END
+
+
+
+USERINCLUDE ../inc
+
+USERINCLUDE ../../vpnengine/vpnmanager/inc
+
+USERINCLUDE ../../vpnengine/vpncommon/inc
+
+
+
+MW_LAYER_SYSTEMINCLUDE
+
+
+
+LIBRARY euser.lib
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/rom/vpnapi.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,25 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnapi
+*
+*/
+
+
+#ifndef __VPNAPI_IBY__
+#define __VPNAPI_IBY__
+
+data=MULTI_LINGUIFY(RSC ZRESOURCE\Errors\vpnerr ERROR_RESOURCE_DIR\vpnerr)
+file=ABI_DIR\BUILD_DIR\vpnapi.dll SHARED_LIB_DIR\vpnapi.dll
+
+#endif // __VPNAPI_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnapiimpl/src/vpnapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,484 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: The VPN API allows Symbian OS applications and servers
+* to perform VPN-specific operations.
+*
+*/
+
+
+#include "vpnapi.h"
+#include "vpnmanagerserverdefs.h"
+#include "clistatic.h"
+
+EXPORT_C RVpnServ::RVpnServ() : RSessionBase()
+/**
+ * Constructor
+ */
+ {
+ }
+
+EXPORT_C TInt RVpnServ::Connect()
+/**
+ * Opens a connection (session) to the VPN Manager server.
+ *
+ * @return KErrNone if the connection succeeds, a system-wide error code
+ * if not.
+ */
+ {
+ const TInt KVpnManagerServerStackSize = 0x4000;
+ const TInt KVpnManagerServerInitHeapSize = 0x1000;
+ const TInt KVpnManagerServerMaxHeapSize = 0x1000000;
+
+ TInt retry = 2;
+
+ for (;;)
+ {
+ TInt r=CreateSession(KVpnManagerServer,
+ Version(),
+ KDefaultMessageSlots);
+
+ if (r!=KErrNotFound && r!=KErrServerTerminated)
+ return r;
+ if (--retry==0)
+ return r;
+ r = Launcher::LaunchServer(KVpnManagerServer, KVpnManagerFile,
+ KVpnManagerUid3, KVpnManagerServerInitHeapSize,
+ KVpnManagerServerMaxHeapSize, KVpnManagerServerStackSize);
+
+ if (r!=KErrNone && r!=KErrAlreadyExists)
+ return r;
+ }
+ }
+
+EXPORT_C void RVpnServ::Close()
+/**
+ * Closes the connection (session) to the VPN Manager server.
+ */
+ {
+ RSessionBase::Close();
+ }
+
+EXPORT_C TVersion RVpnServ::Version() const
+/**
+ * Returns the version of the server with which this client is compatible.
+ *
+ * @return The version
+ */
+ {
+ return TVersion(KVpnManagerMajorVersionNumber,
+ KVpnManagerMinorVersionNumber,
+ KVpnManagerBuildVersionNumber);
+ }
+
+EXPORT_C void RVpnServ::ImportPolicy(const TDesC& aDir, TRequestStatus& aStatus)
+/**
+ * Imports one or more VPN policies to the policy store
+ * maintained by the VPN Manager.
+ *
+ * The files that constitute the VPN policies are assumed
+ * to reside in the specified directory. For each policy,
+ * the files are:
+ * <ol>
+ * <li>Policy file (REQUIRED)</li>
+ * <li>Policy information file (REQUIRED)</li>
+ * <li>CA certificate files (REQUIRED)</li>
+ * <li>Client/user private key and certificate files (OPTIONAL)</li>
+ * <li>Gateway (peer) certificate files</li>
+ * </ol>
+ *
+ * The files must follow a certain naming convention and
+ * utilize certain file formats. The naming convention and the file
+ * formats are specified in a separate document.
+ *
+ * The policies in this case can refer to the CA certificates
+ * via a BIN type reference (i.e. a certificate file name).
+ * If they do, certificates with the specified names must be
+ * imported at the same time with the policy.
+ *
+ * The policy being imported can be marked as hidden by
+ * including the value of the KHiddenPolicyIndicator constant
+ * (defined in vpnapidefs.h) in the description section of policy
+ * informationation file.
+ *
+ * The return value is returned in the aStatus argument
+ * when the request completes. This can be one of:
+ *
+ * <ol>
+ * <li>KErrNone The import was successful</li>
+ * <li>\<VpnError\> A VPN error code if the import fails for some
+ * identified reason</li>
+ * <li>\<SystemError\> A system-wide error code if an out-of-resource
+ * error occurred while processing the request</li>
+ * </ol>
+ *
+ * @param aDir An absolute path to a directory that contains the
+ * files that constitute the VPN policy. NOTE. As this method is
+ * asynchronous, this reference must point to a variable that
+ * remains valid until this method is complete (i.e. it cannot be
+ * e.g. a local variable of the calling method)
+ * @param aStatus [out] A reference to the standard request status
+ * object. On request completion, contains the return code of the request.
+ *
+ */
+ {
+ SendReceive(EVpnImportPolicy, TIpcArgs(&aDir), aStatus);
+ }
+
+EXPORT_C void RVpnServ::CancelImport()
+/**
+ * Cancels an ongoing policy import operation.
+ */
+ {
+ SendReceive(EVpnCancelImport, TIpcArgs(NULL));
+ }
+
+EXPORT_C TInt RVpnServ::EnumeratePolicies(TInt& aCount)
+/**
+ * Returns the number of installed, visible VPN policies.
+ * Policies marked as hidden (by including the
+ * KHiddenPolicyIndicator in the iDescription policy details
+ * field) are not included in the count.
+ *
+ * @param aCount [out] The policy count
+ *
+ * @return KErrNone, if the request was processed successfully;
+ * \<SystemError\> A system-wide error code if the request
+ * failed for some unexpected reason.
+ */
+ {
+ TPckg<TInt> pckgPolicyCount(aCount);
+
+ return SendReceive(EVpnEnumeratePolicies, TIpcArgs(&pckgPolicyCount));
+ }
+
+EXPORT_C TInt RVpnServ::GetPolicyInfoList(CArrayFixFlat<TVpnPolicyInfo>* aPolicyInfoList)
+/**
+ * Fills the given list with information about the installed, visible
+ * policies. The method resizes the list according to the number of
+ * installed policies. Policies marked as hidden (by including the
+ * KHiddenPolicyIndicator in the iDescription policy details field)
+ * are not included in the listing.
+ *
+ * @param aPolicyInfoList A reference to a pointer to a list
+ * of policy information structures.
+ *
+ * @return \<SystemError\> A system-wide error code if the request
+ * failed for some unexpected reason.
+ */
+ {
+ TInt ret = KErrNone;
+
+ // Get the current policy count
+ TInt policyCount;
+ ret = EnumeratePolicies(policyCount);
+ if (ret != KErrNone)
+ {
+ return ret;
+ }
+
+ // If there are no policies, we can stop here
+ if (policyCount == 0)
+ {
+ return KErrNone;
+ }
+
+ // Make sure that the (client-side) policy
+ // info array has the correct size
+ TRAP(ret, aPolicyInfoList->ResizeL(policyCount));
+ if (ret != KErrNone)
+ {
+ return ret;
+ }
+
+ // Create a writable descriptor in this thread's address space
+ // where the server will write the policy information list
+ TPtr8 policyList((TUint8*)&aPolicyInfoList->At(0), policyCount * aPolicyInfoList->Length());
+
+ return SendReceive(EVpnGetPolicyInfo, TIpcArgs(policyCount, &policyList));
+ }
+
+EXPORT_C TInt RVpnServ::GetPolicyDetails(const TVpnPolicyId& aPolicyId, TVpnPolicyDetails& aPolicyDetails)
+/**
+ * Returns detailed information about the specified policy.
+ *
+ * @param aPolicyId The ID of the policy to return information
+ * about
+ * @param aPolicyDetails [out] Detailed policy information
+ *
+ * @return KErrNone, if the request was processed successfully;
+ * KVpnErrPolicyNotFound, if the specified policy was not found;
+ * \<SystemError\> A system-wide error code if the request
+ * failed for some unexpected reason.
+ */
+ {
+ TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId);
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails);
+
+ return SendReceive(EVpnGetPolicyDetails, TIpcArgs(&pckgPolicyId, &pckgPolicyDetails));
+ }
+
+EXPORT_C TInt RVpnServ::DeletePolicy(const TVpnPolicyId& aPolicyId)
+/**
+ * Deletes the specified policy from the VPN policy store
+ * maintained by the VPN Manager.
+ *
+ * NOTE. The policy is deleted even if its active.
+ *
+ * @param aPolicyId The ID of the policy to delete
+ *
+ * @return KErrNone, if the request was processed successfully;
+ * KVpnErrPolicyNotFound, if the policy was not found;
+ * \<SystemError\> A system-wide error code if the request
+ * failed for some unexpected reason.
+ */
+ {
+ TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId);
+
+ return SendReceive(EVpnDeletePolicy, TIpcArgs(&pckgPolicyId));
+ }
+
+EXPORT_C void RVpnServ::ChangePassword(const TPckg<TVpnPolicyId>& aPolicyId, TRequestStatus& aStatus)
+/**
+ * Initiates a user dialogue for changing the password that is used
+ * to protect the private keys associated with the installed VPN
+ * policies.
+ *
+ * The return value is returned in the aStatus argument
+ * when the request completes. This can be one of:
+ * <ol>
+ * <li>KErrNone, if the request was processed successfully</li>
+ * <li>\<SystemError\> A system-wide error code if the request
+ * failed for some unexpected reason</li>
+ * </ol>
+ *
+ *
+ * @param aPolicyId The ID of the policy whose associated key
+ * protection password is to be changed (NOTE 1. this parameter has
+ * no effect at the moment as all private keys are protected with
+ * the same password. NOTE 2: As this method is asynchronous, this
+ * reference must point to a variable that remains valid until this
+ * method is complete (i.e. it cannot be e.g. a local variable of
+ * the calling method))
+ *
+ * @param aStatus [out] A reference to the standard request status
+ * object. On request completion, contains the return code of the request.
+ *
+ */
+ {
+ SendReceive(EVpnChangePassword, TIpcArgs(&aPolicyId), aStatus);
+ }
+
+EXPORT_C void RVpnServ::CancelChange()
+/**
+ * Cancels an ongoing password changing operation.
+ */
+ {
+ SendReceive(EVpnCancelChange, TIpcArgs(NULL));
+ }
+
+EXPORT_C TInt RVpnServ::GetPolicyData(const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData)
+/**
+ * Returns policy data.
+ */
+ {
+ TInt ret = KErrNone;
+ TRAP(ret, DoGetPolicyDataL(aPolicyId, aPolicyData));
+ return ret;
+ }
+
+void RVpnServ::DoGetPolicyDataL(const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData)
+ {
+ TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId);
+
+ // First get the policy size
+ TInt policySize;
+ TPckg<TInt> policySizePckg(policySize);
+
+ User::LeaveIfError(SendReceive(EVpnGetPolicySize, TIpcArgs(&pckgPolicyId, &policySizePckg)));
+
+ // Allocate a buffer to hold the policy data
+ HBufC8* policyData = HBufC8::NewL(policySize);
+ CleanupStack::PushL(policyData);
+
+ TPtr8 policyDataPtr = policyData->Des();
+
+ // Fetch the policy data
+ User::LeaveIfError(SendReceive(EVpnGetPolicyData, TIpcArgs(&pckgPolicyId, &policySizePckg, &policyDataPtr)));
+
+ aPolicyData = policyData;
+
+ CleanupStack::Pop(); // policyData
+ }
+
+// Additions to make it easier to implement OMA DM based VPN policy management
+
+EXPORT_C TInt RVpnServ::AddPolicy(TVpnPolicyDetails& aPolicyDetails, const TDesC8& aPolicyData)
+/**
+ * Adds a new VPN policy to the policy store maintained by the
+ * VPN Manager.
+ *
+ * The policy details in this case CAN include a (globally
+ * unique) policy ID for the policy. This policy ID is defined
+ * by the policy author according to the author's own rules.
+ * This is the ID that becomes also the local ID of the policy.
+ * In other words, a single global ID is used to identify a
+ * policy both inside and outside the device.
+ * If a policy with the specified ID already exists in the
+ * policy store, the method returns KErrAlreadyExists.
+ * If the policy ID is missing from policy details argument on
+ * input, a globally unique ID is automatically created for the
+ * policy. This ID is placed in the policy details argument on
+ * output.
+ *
+ * The policy details must also include a non-empty policy name.
+ * If a name is missing, the method returns KErrArgument.
+ * If the proposed policy name is already in use, a sequence number
+ * is added to the policy name. The new policy name is placed in
+ * the policy details argument on output.
+ *
+ * The policy data argument contains the policy content in the
+ * text format described in separate VPN policy format documentation.
+ * If the policy data argument is empty, the method returns the
+ * KErrArgument error code. The policy data does not include any
+ * PKI objects, as the assumption is that the PKI data associated
+ * with the policy is placed in the device's PKI store via some
+ * other mechanism and APIs. The policy in this case must refer to
+ * the CA certificates via some other reference type than BIN
+ * (file reference). BIN type references are supported only when
+ * policies are imported to the policy store with the ImportPolicy
+ * method. All supported reference types are described in the IKE
+ * policy format documentation.
+ *
+ * The policy being added can be marked as hidden by
+ * including the descriptor KHiddenPolicyIndicator in the
+ * iDescription field of the policy details argument.
+ * The policy is assumed to be visible if the iDescription
+ * field does not contain the KHiddenPolicyIndicator
+ * descriptor.
+ *
+ * @param aPolicyDetails Details (metadata) about the policy
+ * @param aPolicyData The policy data (content)
+ *
+ * @return KErrNone if the addition was successful;
+ * KErrArgument, if the policy ID is missing from policy details;
+ * \<VpnError\> A VPN error code if the addition fails for some
+ * identified reason;
+ * \<SystemError\> A system-wide error code if an out-of-resource
+ * error occurred while processing the request.
+ */
+ {
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails);
+
+ return SendReceive(EVpnAddPolicy, TIpcArgs(&pckgPolicyDetails, &aPolicyData));
+ }
+
+EXPORT_C TInt RVpnServ::UpdatePolicyDetails(TVpnPolicyDetails& aPolicyDetails)
+/**
+ * Updates the details of the specified VPN policy.
+ * The ID of the policy whose details are to be
+ * updated is specified in the policy details
+ * argument. If the ID is missing, the method returns
+ * KErrArgument. If a policy with the specified ID
+ * cannot be found, the method returns KVpnErrPolicyNotFound.
+ *
+ * The policy details must include a non-empty policy name.
+ * If a name is missing, the method returns KErrArgument.
+ * If the policy details contain a new name for the policy,
+ * the new name is checked agains existing other policy names.
+ * If the name is already in use, a sequence number is added
+ * to the policy name. The new policy name is placed in the
+ * policy details argument on output.
+ *
+ * The policy being updated can be marked as hidden by
+ * including the descriptor KHiddenPolicyIndicator in the
+ * iDescription field of the policy details argument.
+ * The policy is assumed to be visible if the iDescription
+ * field does not contain the KHiddenPolicyIndicator
+ * descriptor.
+ *
+ * @param aPolicyDetails Detailed policy information
+ *
+ * @return KErrNone, if the update was successful;
+ * \<VpnError\> A VPN error code if the addition fails for some
+ * identified reason;
+ * \<SystemError\> A system-wide error code if an out-of-resource
+ * error occurred while processing the request.
+ *
+ */
+ {
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails);
+
+ return SendReceive(EVpnUpdatePolicyDetails, TIpcArgs(&pckgPolicyDetails));
+ }
+
+EXPORT_C TInt RVpnServ::UpdatePolicyDetails(const TVpnPolicyDetails& aPolicyDetails)
+/**
+ * Updates the details of the specified VPN policy.
+ * The ID of the policy whose details are to be
+ * updated is specified in the policy details
+ * argument. If the ID is missing, the method returns
+ * KErrArgument. If a policy with the specified ID
+ * cannot be found, the method returns KVpnErrPolicyNotFound.
+ *
+ * The policy details must include a non-empty policy name.
+ * If a name is missing, the method returns KErrArgument.
+ * If the policy details contain a new name for the policy,
+ * the new name is checked agains existing other policy names.
+ * If the name is already in use, a sequence number is added
+ * to the policy name. The new policy name is placed in the
+ * policy details argument on output.
+ *
+ * The policy being updated can be marked as hidden by
+ * including the descriptor KHiddenPolicyIndicator in the
+ * iDescription field of the policy details argument.
+ * The policy is assumed to be visible if the iDescription
+ * field does not contain the KHiddenPolicyIndicator
+ * descriptor.
+ *
+ * @param aPolicyDetails Detailed policy information
+ *
+ * @return KErrNone, if the update was successful;
+ * \<VpnError\> A VPN error code if the addition fails for some
+ * identified reason;
+ * \<SystemError\> A system-wide error code if an out-of-resource
+ * error occurred while processing the request.
+ */
+ {
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails);
+
+ return SendReceive(EVpnUpdatePolicyDetails, TIpcArgs(&pckgPolicyDetails));
+ }
+
+
+EXPORT_C TInt RVpnServ::UpdatePolicyData(const TVpnPolicyId& aPolicyId, const TDesC8& aPolicyData)
+/**
+ * Updates the data of the specified VPN policy. If a policy with the
+ * specified ID cannot be found, the method returns the
+ * KVpnErrPolicyNotFound error code. If the policy ID or data argument
+ * is empty, the method returns the KErrArgument error code.
+ *
+ * @param aPolicyId The ID of the policy to update
+ * @param aPolicyData The policy data
+ *
+ * @return KErrNone, if the update was successful;
+ * \<VpnError\> A VPN error code if the update fails for some
+ * identified reason;
+ * \<SystemError\> A system-wide error code if an out-of-resource
+ * error occurred while processing the request.
+ */
+ {
+ TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId);
+
+ return SendReceive(EVpnUpdatePolicyData, TIpcArgs(&pckgPolicyId, &aPolicyData));
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnc_plat/vpnapi/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,28 @@
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for project vpnapi
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+DEFAULT
+
+PRJ_EXPORTS
+ ../inc/vpnapidefs.h /epoc32/include/vpnapidefs.h
+ ../inc/vpnapidefs.h MW_LAYER_PLATFORM_EXPORT_PATH(vpnapidefs.h)
+ ../inc/vpnnotifierdefs.h MW_LAYER_PLATFORM_EXPORT_PATH(vpnnotifierdefs.h)
+ ../inc/vpnapi.h MW_LAYER_PLATFORM_EXPORT_PATH(vpnapi.h)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnc_plat/vpnapi/inc/vpnapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,129 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: The VPN API allows Symbian OS applications and servers
+* to perform VPN-specific operations.
+*
+*/
+
+
+/**
+ @file
+ @released
+ @publishedPartner
+
+ VPN API
+ */
+
+#ifndef __VPNAPI_H__
+#define __VPNAPI_H__
+
+#include <e32std.h>
+#include <e32base.h>
+
+#include "vpnapidefs.h"
+
+/**
+ * @mainpage VPN API
+ *
+ * @section intro Overview
+ *
+ * The VPN API allows Symbian OS applications and servers to perform
+ * VPN-specific operations, especially those related to VPN policies.
+ * The operations include:
+ * <ul>
+ * <li>Importing policies</li>
+ * <li>Listing policies</li>
+ * <li>Finding out detailed information about the policies</li>
+ * <li>Deleting policies</li>
+ * <li>(*Deprecated) Changing the password that is used to protect the private keys
+ * associated with the policies</li>
+ * </ul>
+ *
+ * NOTE. Direct policy activation/deactivation is not possible through this API.
+ * This is because the use of VPNs is based on the activation/deactivation
+ * of VPN IAPs and policy activation/deactivation is a (hidden) part of this
+ * process. The activation/deactivation of VPN IAPs is similar to the
+ * activation/deactivation of any other IAPs and is thus performed via
+ * standard Symbian OS interfaces.
+ */
+
+class RVpnServ : public RSessionBase
+/**
+ * An API that allows client applications to manage VPN policies and
+ * the password that is used to protect private keys used for VPN
+ * authentication.
+ *
+ * The API follows the standard Symbian OS client-server
+ * programming patterns.
+ *
+ */
+ {
+public:
+ IMPORT_C RVpnServ(void);
+
+ IMPORT_C TInt Connect();
+ IMPORT_C void Close();
+
+ IMPORT_C TVersion Version() const;
+
+ IMPORT_C void ImportPolicy(const TDesC& aDir, TRequestStatus& aStatus);
+ IMPORT_C void CancelImport();
+
+ IMPORT_C TInt EnumeratePolicies(TInt& aCount);
+ IMPORT_C TInt GetPolicyInfoList(
+ CArrayFixFlat<TVpnPolicyInfo>* aPolicyInfoList);
+
+ IMPORT_C TInt GetPolicyDetails(
+ const TVpnPolicyId& aPolicyId, TVpnPolicyDetails& aPolicyDetails);
+
+ IMPORT_C TInt DeletePolicy(const TVpnPolicyId& aPolicyId);
+
+ /**
+ * ChangePassword / CancelChange
+ * *Deprecated!! -> To Be removed
+ * (Completes immediately with KErrNotSupported)
+ *
+ * @since S60 3.0
+ * @param aPolicyId Policy id
+ * @param aStatus async operation status.
+ */
+ IMPORT_C void ChangePassword(
+ const TPckg<TVpnPolicyId>& aPolicyId, TRequestStatus& aStatus);
+ IMPORT_C void CancelChange();
+
+ IMPORT_C TInt GetPolicyData(
+ const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData);
+
+ // New methods to facilitate OMA DM based VPN policy management
+
+ IMPORT_C TInt AddPolicy(
+ TVpnPolicyDetails& aPolicyDetails, const TDesC8& aPolicyData);
+
+ IMPORT_C TInt UpdatePolicyDetails(
+ const TVpnPolicyDetails& aPolicyDetails);
+
+ IMPORT_C TInt UpdatePolicyData(
+ const TVpnPolicyId& aPolicyId, const TDesC8& aPolicyData);
+
+ IMPORT_C TInt UpdatePolicyDetails(TVpnPolicyDetails& aPolicyDetails);
+
+private: // implementation
+ void DoGetPolicyDataL(
+ const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData);
+ };
+
+/** Another name for the API class */
+typedef RVpnServ RVpnApi;
+
+#endif // __VPNAPI_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnc_plat/vpnapi/inc/vpnapidefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,111 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN API definitions.
+*
+*/
+
+
+/**
+ @file
+ @released
+ @publishedPartner
+
+ VPN API definitions
+ */
+
+#ifndef __VPNAPIDEFS_H__
+#define __VPNAPIDEFS_H__
+
+// VPN API error codes
+// NOTE! The error code values below MUST be kept in sync with
+// the corresponding error code values defined together by
+// vpnapi/data/vpnerr.rss and vpnapi/data/vpnerr.ra
+const TInt KVpnErrNoPolicyFile = -5229;
+const TInt KVpnErrNoPolicyInfoFile = -5230;
+const TInt KVpnErrInvalidPolicyFile = -5231;
+const TInt KVpnErrPolicyNotFound = -5232;
+const TInt KVpnErrInvalidCaCertFile = -5233;
+const TInt KVpnErrPeerCertFileMissing = -5234;
+const TInt KVpnErrInvalidUserCertFile = -5235;
+const TInt KVpnErrInvalidUserPrivKeyFile = -5236;
+const TInt KVpnErrImportOngoing = -5237;
+const TInt KVpnErrPwdChangeOngoing = -5238;
+const TInt KVpnErrPolicyCountChanged = -5239;
+const TInt KVpnErrPolicySizeChanged = -5239;
+
+// Deprecated error code definitions
+const TInt KVpnErrCaCertFileMissing = -5233;
+const TInt KVpnErrUserCertFileMissing = -5235;
+const TInt KVpnErrUserPrivKeyFileMissing = -5236;
+
+// Other constants
+const TInt KMaxIdLength = 50;
+const TInt KMaxNameLength = 128;
+const TInt KMaxVersionLength = 16;
+const TInt KMaxDescriptionLength = 256;
+
+// Type definitions
+typedef TBuf<KMaxIdLength> TVpnPolicyId;
+typedef TBuf8<KMaxIdLength> TVpnPolicyId8;
+
+typedef TBuf<KMaxNameLength> TVpnPolicyName;
+
+/**
+ * Policy usage status
+ */
+enum TPolicyUsageStatus
+ {
+ EUsageStatusUnknown = 1, ///< For some reason, the usage status could not be found out
+ EUsageStatusUnused, ///< The policy is neither assigned to any IAP nor active
+ EUsageStatusAssignedToIap, ///< The policy is assigned to one or more IAPs but is not currently active
+ EUsageStatusActive, ///< The policy is assigned to one or more IAPs and is currently active
+ };
+
+/**
+ * Policy PKI status
+ */
+enum TPolicyPkiStatus
+ {
+ EPkiStatusUnknown = 1, ///< For some reason, the PKI status could not be found out
+ EPkiStatusReady, ///< The PKI information is present
+ EPkiStatusNoCert, ///< At least one of the required certificates is missing
+ EPkiStatusCertExpired, ///< At least one of the required certificates has expired
+ EPkiStatusCertNotValidYet, ///< At least one of the required certificates is not yet valid
+ };
+
+/**
+ * A compact policy information structure
+ */
+struct TVpnPolicyInfo
+ {
+ TVpnPolicyId iId; ///< Policy ID
+ TVpnPolicyName iName; ///< Policy name
+ };
+
+/**
+ * A more detailed policy information structure
+ */
+struct TVpnPolicyDetails : public TVpnPolicyInfo
+ {
+ TBuf<KMaxDescriptionLength> iDescription; ///< A short description of the policy
+ TBuf<KMaxVersionLength> iVersion; ///< The version number of the policy
+ TBuf<KMaxNameLength> iIssuerName; ///< The name of the organization or person who created the policy
+ TBuf<KMaxNameLength> iContactInfo; ///< The phone number, email address, URL or other kind of issuer contact information
+ TPolicyUsageStatus iUsageStatus; ///< Policy usage status
+ TPolicyPkiStatus iPkiStatus; ///< Policy usage status
+ };
+
+_LIT(KHiddenPolicyIndicator, "<<HIDDEN>>");
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnc_plat/vpnapi/inc/vpnnotifierdefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,184 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN notifier definitions
+*
+*/
+
+
+#ifndef __VPNNOTIFIERDEFS_H__
+#define __VPNNOTIFIERDEFS_H__
+
+/**
+ @file
+ @released
+ @publishedPartner
+
+ VPN Notifier definitions
+*/
+class TNoteDialog
+ {
+public:
+ enum TDialogId
+ {
+ EInfo = -10,
+ EWarning,
+ EError
+ };
+ };
+
+class TVpnDialogInfo
+ {
+public:
+ TVpnDialogInfo()
+ {
+ iDialogId = 0;
+ iNoteDialogId = 0;
+ }
+
+ TVpnDialogInfo(TInt aDialogId, TInt aNoteDialogId)
+ {
+ iDialogId = aDialogId;
+ iNoteDialogId = aNoteDialogId;
+ }
+
+ TInt DialogId() {return iDialogId;}
+ TInt NoteDialogId() {return iNoteDialogId;}
+
+private:
+ TInt iDialogId;
+ TInt iNoteDialogId;
+ };
+
+class TVpnDialogOutput
+ {
+public:
+ TVpnDialogOutput()
+ {
+ Clear();
+ }
+ void Clear()
+ {
+ iOutBuf.SetLength(0);
+ iOutBuf2.SetLength(0);
+ iOutInt = 0;
+ iOutInt2 = 0;
+ }
+
+public:
+ TBuf<256> iOutBuf;
+ TBuf<64> iOutBuf2;
+ TInt iOutInt;
+ TInt iOutInt2;
+ };
+
+// typedefs for backward compatibility
+// typedef new_type old_type
+typedef TVpnDialogInfo TIPSecDialogInfo;
+typedef TVpnDialogOutput TIPSecDialogOutput;
+
+
+//
+// KMD notifier definitions
+//
+const TUid KUidKmdDialogNotifier = {0x101F513F};
+
+_LIT(KKmdNotifierResource, "\\resource\\KMDNOTIFIER.RSC");
+
+class TKmdDialog
+ {
+public:
+ enum TDialogId
+ {
+ EUserPwd = 1, // MUST be greater than the last value in enum TNoteDialog::TDialogId
+ ESecurIdPin,
+ ESecurIdNextPin,
+ EChallengeResponse,
+ EUsername
+ };
+ //added here for backward compatibility
+ enum TDialogId_OLD_STYLE
+ {
+ //EUserPwd = 1, // MUST be greater than the last value in enum TNoteDialog::TDialogId
+ ESecurIDPIN = 2,
+ ESecurIDNextPIN
+ };
+ };
+
+class TKmdNoteDialog
+ {
+public:
+ enum TTextId
+ {
+ ELamTypeNotSupported = 1,
+ EAuthenticationFailed,
+ ECryptoLibraryTooWeak
+ };
+ //added here for backward compatibility
+ enum TTextId_OLD_STYLE
+ {
+ ELAMTypeNotSupported = 1//,
+ //EAuthenticationFailed,
+ //ECryptoLibraryTooWeak
+ };
+ };
+
+// typedefs for backward compatibility
+// typedef existing_type old_type
+typedef TKmdDialog TKMDDialog;
+
+typedef TKmdNoteDialog TKMDNoteDialog;
+
+//
+// PKI notifier definitions
+//
+_LIT(KPkiNotifierResource,"\\resource\\PKINOTIFIER.RSC");
+
+const TUid KUidPkiDialogNotifier = {0x101FAE08};
+
+class TPkiDialog
+ {
+public:
+ enum TDialogId
+ {
+ EEnterPwd = 1, // MUST be greater than the last value in enum TNoteDialog::TDialogId (vpnnotifierdefs.h)
+ EChangeActivePwd,
+ EInstallVpnPwd,
+ ECurrentVpnPwd,
+ EChangePwd,
+ EDefinePwd,
+ EEnterImportPwd
+ };
+ };
+
+class TPkiNoteDialog
+ {
+public:
+ enum TTextId
+ {
+ EWrongSecurityPwdNote = 1,
+ EWrongActivatePwdNote,
+ EActivatePwdErrorNote,
+ EPwdConfirmationNote,
+ ECryptoLibraryTooWeak,
+ EPwdTooShort,
+ EPwdEmpty
+ };
+ };
+
+// typedefs for backward compatibility
+// typedef new_type old_type
+typedef TPkiDialog TIPSecDialog;
+typedef TPkiNoteDialog TIPSecNoteDialog; // this was only used in pkinotifier (ipsecnotifier)
+
+#endif // __VPNNOTIFIERDEFS_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnc_plat/vpnapi/vpn_api.metaxml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,18 @@
+<?xml version="1.0" ?>
+<api id="28ea26a18e0f92a1f158b354d3598336" dataversion="1.0">
+ <name>VPN API</name>
+ <description>API for managing VPN policies.</description>
+ <type>c++</type>
+ <subsystem>vpn</subsystem>
+ <libs>
+ <lib name="vpnapi.lib" />
+ </libs>
+ <release category="domain"/>
+ <attributes>
+ <!-- This indicates wether the api provedes separate html documentation -->
+ <!-- or is the additional documentation generated from headers. -->
+ <!-- If you are unsuere then the value is "no" -->
+ <htmldocprovided>yes</htmldocprovided>
+ <adaptation>no</adaptation>
+ </attributes>
+</api>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2008-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the
+* VPN Client sis files.
+*
+*
+*/
+
+
+
+PRJ_PLATFORMS
+DEFAULT
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+ gnumakefile update_versions.mk
+ gnumakefile vpnclient_sis.mk
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/nokia_vpn_acuins_armv5.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description: Package file for project Acu Policy Installer
+;
+
+
+; LANGUAGES
+; - None (English only by default)
+
+; INSTALLATION HEADER
+#{"Nokia VPN Server Installer"},(0xA0000132),32,08,0124, TYPE=SA, RU
+
+; Product / platform version compatibility - S60 5.1 and 5.2
+[0x10283160],0,0,0,{"Series60ProductID"}
+[0x20022e6d],0,0,0,{"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+; At least one must be provided (English [EN]).
+%{"Nokia"}
+
+; Unique Vendor Name
+:"Nokia"
+
+; LIST OF FILES
+; No files!
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/nokia_vpn_client_localised_armv5_udeb.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,763 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description: Package file for project VPN Client. udeb
+;
+
+
+; LANGUAGES
+; - None (English only by default)
+&EN,FR,GE,SP,IT,SW,DA,NO,FI,AM,PO,TU,IC,RU,HU,DU,CS,SK,PL,SL,TC,HK,ZH,JA,TH,AR,TL,BG,HR,ET,FA,CF,EL,HE,IN,LV,LT,MS,BP,RO,SR,LS,UK,UR,VI,44,102,103
+
+; INSTALLATION HEADER
+; UID of acuagentcrypto
+#{"Nokia VPN",
+ "Cl. VPN Nokia",
+ "Nokia VPN-Clnt.",
+ "Nokia VPN",
+ "Client Nokia VPN",
+ "Nokia VPN-klient",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Cli. VPN Nokia",
+ "Nokia VPN is.",
+ "Nokia VPN",
+ "Клиент Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN-cl.",
+ "Nokia VPN kl.",
+ "VPN Nokia",
+ "Klient Nokia VPN",
+ "Odj. NZO Nokia",
+ "諾基亞VPN用戶端",
+ "諾基亞VPN客戶端",
+ "诺基亚VPN客户端",
+ "Nokia VPN クライアント",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN klient",
+ "مشتري Nokia VPN",
+ "RPV Nokia",
+ "Πελάτης της Nokia VPN",
+ "לקוח Nokia VPN",
+ "Klien VPN Nokia",
+ "Nokia VPN",
+ "Nokia VPT kl.",
+ "Klien Nokia VPN",
+ "VPN Nokia",
+ "Client Nokia RVP",
+ "Nokia VPN klijent",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN"},
+(0x101F5147),32,08,0124, TYPE=SA, RU
+
+; Product / platform version compatibility - S60 5.1
+[0x10283160],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; Product / platform version compatibility - S60 5.2
+[0x20022e6d],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+%{"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia"}
+
+; The non-localised, globally unique vendor name (mandatory)
+:"Nokia"
+
+; *"RDtest.key","RDtest.cer"
+; *"rd-key.pem","rd.cer"
+
+; LIST OF FILES
+
+;///////////////////////////////////////////////
+
+; ipsecpolparser; remove later
+"\epoc32\release\armv5\udeb\vpnipsecpolparser.dll"-"!:\sys\bin\vpnipsecpolparser.dll"
+
+; VPN Connection Agent
+"\epoc32\release\armv5\udeb\vpnconnagt.agt"-"!:\sys\bin\vpnconnagt.agt"
+
+; VPN Policy Parser
+"\epoc32\release\armv5\udeb\ikepolparser.dll"-"!:\sys\bin\ikepolparser.dll"
+
+; Symmetric crypto API wrapper
+"\epoc32\release\armv5\udeb\utlcrypto.dll"-"!:\sys\bin\utlcrypto.dll"
+
+; Key Management Daemon
+"\epoc32\release\armv5\udeb\kmdserver.exe"-"!:\sys\bin\kmdserver.exe"
+
+; Key Management Daemon API
+"\epoc32\release\armv5\udeb\kmdapi.dll"-"!:\sys\bin\kmdapi.dll"
+"\epoc32\release\armv5\udeb\ikecert.dll"-"!:\sys\bin\ikecert.dll"
+"\epoc32\release\armv5\udeb\ikev1lib.dll"-"!:\sys\bin\ikev1lib.dll"
+"\epoc32\release\armv5\udeb\ikev2lib.dll"-"!:\sys\bin\ikev2lib.dll"
+
+; IKEUTILS library
+"\epoc32\release\armv5\udeb\ikeutils.dll"-"!:\sys\bin\ikeutils.dll"
+
+; IKE socket plugin
+"\epoc32\release\armv5\udeb\ikesocket.dll"-"!:\sys\bin\ikesocket.dll"
+
+; VPN DM
+"\epoc32\release\armv5\udeb\dmadengine.dll"-"!:\sys\bin\dmadengine.dll"
+"\epoc32\release\armv5\udeb\dmadipsecvpn.dll"-"!:\sys\bin\dmadipsecvpn.dll"
+"\epoc32\data\z\resource\plugins\dmadipsecvpn.rsc"-"!:\resource\plugins\dmadipsecvpn.rsc"
+"\epoc32\release\armv5\udeb\dmadpki.dll"-"!:\sys\bin\dmadpki.dll"
+"\epoc32\data\z\resource\plugins\dmadpki.rsc"-"!:\resource\plugins\dmadpki.rsc"
+
+
+; VPN API ( include by platform )
+;"\epoc32\release\armv5\udeb\vpnapi.dll"-"!:\sys\bin\vpnapi.dll"
+
+;"\epoc32\data\z\resource\errors\vpnerr.r01"-"!:\resource\Errors\vpnerr.r01"
+;"\epoc32\data\z\resource\errors\vpnerr.rsc"-"!:\resource\Errors\vpnerr.rsc"
+
+; VPN Management UI
+"\epoc32\release\armv5\udeb\vpnmanagementui.dll"-"!:\sys\bin\vpnmanagementui.dll"
+
+{
+"\epoc32\data\z\resource\vpnmanagementuirsc.r01"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r02"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r03"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r04"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r05"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r06"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r07"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r08"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r09"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r10"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r13"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r14"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r15"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r16"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r17"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r18"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r25"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r26"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r27"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r28"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r29"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r30"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r31"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r32"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r33"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r37"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r39"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r42"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r45"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r49"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r50"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r51"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r54"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r57"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r59"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r67"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r68"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r70"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r76"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r78"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r79"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r83"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r93"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r94"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r96"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r44"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r102"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r103"
+}-"!:\resource\vpnmanagementuirsc.rsc"
+
+; icon and GS plugin registration file
+"\epoc32\data\z\resource\apps\vpnmanagementui.mif"-"!:\resource\apps\vpnmanagementui.mif"
+"\epoc32\data\Z\resource\plugins\vpnmanagementui.rsc"-"!:\resource\plugins\vpnmanagementui.rsc"
+
+; VPN help resources
+; Localized help files are missing, thus use only EE
+; Help resources should be already in ROM but content can be updated from SIS package
+;"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\index.xml"-"!:\resource\xhtml\01\0x10200EC4\index.xml"
+;{
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h02"
+;"\epoc32\data\z\resource\help\vpn.h03"
+;"\epoc32\data\z\resource\help\vpn.h04"
+;"\epoc32\data\z\resource\help\vpn.h05"
+;"\epoc32\data\z\resource\help\vpn.h06"
+;"\epoc32\data\z\resource\help\vpn.h07"
+;"\epoc32\data\z\resource\help\vpn.h08"
+;"\epoc32\data\z\resource\help\vpn.h09"
+;"\epoc32\data\z\resource\help\vpn.h10"
+;"\epoc32\data\z\resource\help\vpn.h13"
+;"\epoc32\data\z\resource\help\vpn.h14"
+;"\epoc32\data\z\resource\help\vpn.h15"
+;"\epoc32\data\z\resource\help\vpn.h16"
+;"\epoc32\data\z\resource\help\vpn.h17"
+;"\epoc32\data\z\resource\help\vpn.h18"
+;"\epoc32\data\z\resource\help\vpn.h25"
+;"\epoc32\data\z\resource\help\vpn.h26"
+;"\epoc32\data\z\resource\help\vpn.h27"
+;"\epoc32\data\z\resource\help\vpn.h28"
+;"\epoc32\data\z\resource\help\vpn.h29"
+;"\epoc32\data\z\resource\help\vpn.h30"
+;"\epoc32\data\z\resource\help\vpn.h31"
+;"\epoc32\data\z\resource\help\vpn.h32"
+;"\epoc32\data\z\resource\help\vpn.h33"
+;"\epoc32\data\z\resource\help\vpn.h37"
+;"\epoc32\data\z\resource\help\vpn.h39"
+;"\epoc32\data\z\resource\help\vpn.h42"
+;"\epoc32\data\z\resource\help\vpn.h45"
+;"\epoc32\data\z\resource\help\vpn.h49"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h51"
+;"\epoc32\data\z\resource\help\vpn.h54"
+;"\epoc32\data\z\resource\help\vpn.h57"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h59"
+;"\epoc32\data\z\resource\help\vpn.h67"
+;"\epoc32\data\z\resource\help\vpn.h68"
+;"\epoc32\data\z\resource\help\vpn.h70"
+;"\epoc32\data\z\resource\help\vpn.h76"
+;"\epoc32\data\z\resource\help\vpn.h78"
+;"\epoc32\data\z\resource\help\vpn.h79"
+;"\epoc32\data\z\resource\help\vpn.h83"
+;"\epoc32\data\z\resource\help\vpn.h93"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;}-"!:\resource\help\vpn.hlp"
+
+; PKI Services Server
+"\epoc32\release\armv5\udeb\pkiservice.exe"-"!:\sys\bin\pkiservice.exe"
+
+; PKI Services API
+"\epoc32\release\armv5\udeb\pkiserviceapi.dll"-"!:\sys\bin\pkiserviceapi.dll"
+
+; PKCS#10 Module
+"\epoc32\release\armv5\udeb\utlpkcs10.dll"-"!:\sys\bin\utlpkcs10.dll"
+
+; PKCS#12 Module
+"\epoc32\release\armv5\udeb\utlpkcs12.dll"-"!:\sys\bin\utlpkcs12.dll"
+
+; Base64 Module
+"\epoc32\release\armv5\udeb\utlbase64.dll"-"!:\sys\bin\utlbase64.dll"
+
+; Socket Interaction Thread
+"\epoc32\release\armv5\udeb\eventmedsit.dll"-"!:\sys\bin\eventmedsit.dll"
+
+; Event Viewer
+"\epoc32\release\armv5\udeb\eventviewer.dll"-"!:\sys\bin\eventviewer.dll"
+
+"\epoc32\data\z\resource\vpnlogmessages.rsc"-"!:\resource\vpnlogmessages.rsc"
+
+; Terminal control stubs (for downwards compatibility)
+"\epoc32\release\armv5\udeb\vpntcwrapper.dll"-"!:\sys\bin\vpntcwrapper.dll"
+
+; VPN dialog manager
+"\epoc32\release\armv5\udeb\vpndialogmanager.dll"-"!:\sys\bin\vpndialogmanager.dll"
+
+; VPN ECOM Notifier plug-in
+"\epoc32\release\armv5\udeb\vpnecomnotifier.dll"-"!:\sys\bin\vpnecomnotifier.dll"
+
+"\epoc32\data\z\resource\plugins\vpnecomnotifier.rsc"-"!:\resource\plugins\vpnecomnotifier.rsc"
+
+{
+"\epoc32\data\z\resource\vpnecomnotifier.r01"
+"\epoc32\data\z\resource\vpnecomnotifier.r02"
+"\epoc32\data\z\resource\vpnecomnotifier.r03"
+"\epoc32\data\z\resource\vpnecomnotifier.r04"
+"\epoc32\data\z\resource\vpnecomnotifier.r05"
+"\epoc32\data\z\resource\vpnecomnotifier.r06"
+"\epoc32\data\z\resource\vpnecomnotifier.r07"
+"\epoc32\data\z\resource\vpnecomnotifier.r08"
+"\epoc32\data\z\resource\vpnecomnotifier.r09"
+"\epoc32\data\z\resource\vpnecomnotifier.r10"
+"\epoc32\data\z\resource\vpnecomnotifier.r13"
+"\epoc32\data\z\resource\vpnecomnotifier.r14"
+"\epoc32\data\z\resource\vpnecomnotifier.r15"
+"\epoc32\data\z\resource\vpnecomnotifier.r16"
+"\epoc32\data\z\resource\vpnecomnotifier.r17"
+"\epoc32\data\z\resource\vpnecomnotifier.r18"
+"\epoc32\data\z\resource\vpnecomnotifier.r25"
+"\epoc32\data\z\resource\vpnecomnotifier.r26"
+"\epoc32\data\z\resource\vpnecomnotifier.r27"
+"\epoc32\data\z\resource\vpnecomnotifier.r28"
+"\epoc32\data\z\resource\vpnecomnotifier.r29"
+"\epoc32\data\z\resource\vpnecomnotifier.r30"
+"\epoc32\data\z\resource\vpnecomnotifier.r31"
+"\epoc32\data\z\resource\vpnecomnotifier.r32"
+"\epoc32\data\z\resource\vpnecomnotifier.r33"
+"\epoc32\data\z\resource\vpnecomnotifier.r37"
+"\epoc32\data\z\resource\vpnecomnotifier.r39"
+"\epoc32\data\z\resource\vpnecomnotifier.r42"
+"\epoc32\data\z\resource\vpnecomnotifier.r45"
+"\epoc32\data\z\resource\vpnecomnotifier.r49"
+"\epoc32\data\z\resource\vpnecomnotifier.r50"
+"\epoc32\data\z\resource\vpnecomnotifier.r51"
+"\epoc32\data\z\resource\vpnecomnotifier.r54"
+"\epoc32\data\z\resource\vpnecomnotifier.r57"
+"\epoc32\data\z\resource\vpnecomnotifier.r59"
+"\epoc32\data\z\resource\vpnecomnotifier.r67"
+"\epoc32\data\z\resource\vpnecomnotifier.r68"
+"\epoc32\data\z\resource\vpnecomnotifier.r70"
+"\epoc32\data\z\resource\vpnecomnotifier.r76"
+"\epoc32\data\z\resource\vpnecomnotifier.r78"
+"\epoc32\data\z\resource\vpnecomnotifier.r79"
+"\epoc32\data\z\resource\vpnecomnotifier.r83"
+"\epoc32\data\z\resource\vpnecomnotifier.r93"
+"\epoc32\data\z\resource\vpnecomnotifier.r94"
+"\epoc32\data\z\resource\vpnecomnotifier.r96"
+"\epoc32\data\z\resource\vpnecomnotifier.r44"
+"\epoc32\data\z\resource\vpnecomnotifier.r102"
+"\epoc32\data\z\resource\vpnecomnotifier.r103"
+}-"!:\resource\vpnecomnotifier.rsc"
+
+; XML Parser
+"\epoc32\release\armv5\udeb\utlxml.dll"-"!:\sys\bin\utlxml.dll"
+
+; During installation check languages that HW supports
+; and install resources only for them.
+; EN - 01 - English
+IF EXISTS ("z:\resource\avkon.r01")
+"\epoc32\data\z\resource\vpnecomnotifier.r01"-"!:\resource\vpnecomnotifier.r01"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r01"-"!:\resource\vpnmanagementui.r01"
+IF NOT EXISTS ("z:\resource\xhtml\01\0x10200EC4\index.xml")
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\index.xml"-"!:\resource\xhtml\01\0x10200EC4\index.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\keywords.xml"-"!:\resource\xhtml\01\0x10200EC4\keywords.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\meta.xml"-"!:\resource\xhtml\01\0x10200EC4\meta.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\contents.zip"-"!:\resource\xhtml\01\0x10200EC4\contents.zip"
+ENDIF
+ENDIF
+; FR - 02 - French
+IF EXISTS ("z:\resource\avkon.r02")
+"\epoc32\data\z\resource\vpnecomnotifier.r02"-"!:\resource\vpnecomnotifier.r02"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r02"-"!:\resource\vpnmanagementui.r02"
+ENDIF
+; GE - 03 - German
+IF EXISTS ("z:\resource\avkon.r03")
+"\epoc32\data\z\resource\vpnecomnotifier.r03"-"!:\resource\vpnecomnotifier.r03"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r03"-"!:\resource\vpnmanagementui.r03"
+ENDIF
+; SP - 04 - Spanish
+IF EXISTS ("z:\resource\avkon.r04")
+"\epoc32\data\z\resource\vpnecomnotifier.r04"-"!:\resource\vpnecomnotifier.r04"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r04"-"!:\resource\vpnmanagementui.r04"
+ENDIF
+; IT - 05 - Italian
+IF EXISTS ("z:\resource\avkon.r05")
+"\epoc32\data\z\resource\vpnecomnotifier.r05"-"!:\resource\vpnecomnotifier.r05"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r05"-"!:\resource\vpnmanagementui.r05"
+ENDIF
+; SW - 06 - Swedish
+IF EXISTS ("z:\resource\avkon.r06")
+"\epoc32\data\z\resource\vpnecomnotifier.r06"-"!:\resource\vpnecomnotifier.r06"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r06"-"!:\resource\vpnmanagementui.r06"
+ENDIF
+; DA - 07 - Danish
+IF EXISTS ("z:\resource\avkon.r07")
+"\epoc32\data\z\resource\vpnecomnotifier.r07"-"!:\resource\vpnecomnotifier.r07"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r07"-"!:\resource\vpnmanagementui.r07"
+ENDIF
+; NO - 08 - Norwegian
+IF EXISTS ("z:\resource\avkon.r08")
+"\epoc32\data\z\resource\vpnecomnotifier.r08"-"!:\resource\vpnecomnotifier.r08"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r08"-"!:\resource\vpnmanagementui.r08"
+ENDIF
+; FI - 09 - Finnish
+IF EXISTS ("z:\resource\avkon.r09")
+"\epoc32\data\z\resource\vpnecomnotifier.r09"-"!:\resource\vpnecomnotifier.r09"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r09"-"!:\resource\vpnmanagementui.r09"
+ENDIF
+; AM - 10 - American
+IF EXISTS ("z:\resource\avkon.r10")
+"\epoc32\data\z\resource\vpnecomnotifier.r10"-"!:\resource\vpnecomnotifier.r10"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r10"-"!:\resource\vpnmanagementui.r10"
+ENDIF
+; PO - 13 - Portuguese
+IF EXISTS ("z:\resource\avkon.r13")
+"\epoc32\data\z\resource\vpnecomnotifier.r13"-"!:\resource\vpnecomnotifier.r13"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r13"-"!:\resource\vpnmanagementui.r13"
+ENDIF
+; TU - 14 - Turkish
+IF EXISTS ("z:\resource\avkon.r14")
+"\epoc32\data\z\resource\vpnecomnotifier.r14"-"!:\resource\vpnecomnotifier.r14"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r14"-"!:\resource\vpnmanagementui.r14"
+ENDIF
+; IC - 15 - Icelandic
+IF EXISTS ("z:\resource\avkon.r15")
+"\epoc32\data\z\resource\vpnecomnotifier.r15"-"!:\resource\vpnecomnotifier.r15"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r15"-"!:\resource\vpnmanagementui.r15"
+ENDIF
+; RU - 16 - Russian
+IF EXISTS ("z:\resource\avkon.r16")
+"\epoc32\data\z\resource\vpnecomnotifier.r16"-"!:\resource\vpnecomnotifier.r16"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r16"-"!:\resource\vpnmanagementui.r16"
+ENDIF
+; HU - 17 - Hungarian
+IF EXISTS ("z:\resource\avkon.r17")
+"\epoc32\data\z\resource\vpnecomnotifier.r17"-"!:\resource\vpnecomnotifier.r17"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r17"-"!:\resource\vpnmanagementui.r17"
+ENDIF
+; DU - 18 - Dutch
+IF EXISTS ("z:\resource\avkon.r18")
+"\epoc32\data\z\resource\vpnecomnotifier.r18"-"!:\resource\vpnecomnotifier.r18"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r18"-"!:\resource\vpnmanagementui.r18"
+ENDIF
+; CS - 25 - Czech
+IF EXISTS ("z:\resource\avkon.r25")
+"\epoc32\data\z\resource\vpnecomnotifier.r25"-"!:\resource\vpnecomnotifier.r25"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r25"-"!:\resource\vpnmanagementui.r25"
+ENDIF
+; SK - 26 - Slovak
+IF EXISTS ("z:\resource\avkon.r26")
+"\epoc32\data\z\resource\vpnecomnotifier.r26"-"!:\resource\vpnecomnotifier.r26"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r26"-"!:\resource\vpnmanagementui.r26"
+ENDIF
+; PL - 27 - Polish
+IF EXISTS ("z:\resource\avkon.r27")
+"\epoc32\data\z\resource\vpnecomnotifier.r27"-"!:\resource\vpnecomnotifier.r27"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r27"-"!:\resource\vpnmanagementui.r27"
+ENDIF
+; SL - 28 - Slovenian
+IF EXISTS ("z:\resource\avkon.r28")
+"\epoc32\data\z\resource\vpnecomnotifier.r28"-"!:\resource\vpnecomnotifier.r28"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r28"-"!:\resource\vpnmanagementui.r28"
+ENDIF
+; TC - 29 - TaiwanChinese
+IF EXISTS ("z:\resource\avkon.r29")
+"\epoc32\data\z\resource\vpnecomnotifier.r29"-"!:\resource\vpnecomnotifier.r29"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r29"-"!:\resource\vpnmanagementui.r29"
+ENDIF
+; HK - 30 - HongKongChinese
+IF EXISTS ("z:\resource\avkon.r30")
+"\epoc32\data\z\resource\vpnecomnotifier.r30"-"!:\resource\vpnecomnotifier.r30"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r30"-"!:\resource\vpnmanagementui.r30"
+ENDIF
+; ZH - 31 - PrcChinese
+IF EXISTS ("z:\resource\avkon.r31")
+"\epoc32\data\z\resource\vpnecomnotifier.r31"-"!:\resource\vpnecomnotifier.r31"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r31"-"!:\resource\vpnmanagementui.r31"
+ENDIF
+; JA - 32 - Japanese
+IF EXISTS ("z:\resource\avkon.r32")
+"\epoc32\data\z\resource\vpnecomnotifier.r32"-"!:\resource\vpnecomnotifier.r32"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r32"-"!:\resource\vpnmanagementui.r32"
+ENDIF
+; TH - 33 - Thai
+IF EXISTS ("z:\resource\avkon.r33")
+"\epoc32\data\z\resource\vpnecomnotifier.r33"-"!:\resource\vpnecomnotifier.r33"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r33"-"!:\resource\vpnmanagementui.r33"
+ENDIF
+; AR - 37 - Arabic
+IF EXISTS ("z:\resource\avkon.r37")
+"\epoc32\data\z\resource\vpnecomnotifier.r37"-"!:\resource\vpnecomnotifier.r37"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r37"-"!:\resource\vpnmanagementui.r37"
+ENDIF
+; TL - 39 - Tagalog
+IF EXISTS ("z:\resource\avkon.r39")
+"\epoc32\data\z\resource\vpnecomnotifier.r39"-"!:\resource\vpnecomnotifier.r39"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r39"-"!:\resource\vpnmanagementui.r39"
+ENDIF
+; BG - 42 - Bulgarian
+IF EXISTS ("z:\resource\avkon.r42")
+"\epoc32\data\z\resource\vpnecomnotifier.r42"-"!:\resource\vpnecomnotifier.r42"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r42"-"!:\resource\vpnmanagementui.r42"
+ENDIF
+; HR - 45 - Croatian
+IF EXISTS ("z:\resource\avkon.r45")
+"\epoc32\data\z\resource\vpnecomnotifier.r45"-"!:\resource\vpnecomnotifier.r45"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r45"-"!:\resource\vpnmanagementui.r45"
+ENDIF
+; ET - 49 - Estonian
+IF EXISTS ("z:\resource\avkon.r49")
+"\epoc32\data\z\resource\vpnecomnotifier.r49"-"!:\resource\vpnecomnotifier.r49"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r49"-"!:\resource\vpnmanagementui.r49"
+ENDIF
+; FA - 50 - Farsi
+IF EXISTS ("z:\resource\avkon.r50")
+"\epoc32\data\z\resource\vpnecomnotifier.r50"-"!:\resource\vpnecomnotifier.r50"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r50"-"!:\resource\vpnmanagementui.r50"
+ENDIF
+; CF - 51 - CanadianFrench
+IF EXISTS ("z:\resource\avkon.r51")
+"\epoc32\data\z\resource\vpnecomnotifier.r51"-"!:\resource\vpnecomnotifier.r51"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r51"-"!:\resource\vpnmanagementui.r51"
+ENDIF
+; EL - 54 - Greek
+IF EXISTS ("z:\resource\avkon.r54")
+"\epoc32\data\z\resource\vpnecomnotifier.r54"-"!:\resource\vpnecomnotifier.r54"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r54"-"!:\resource\vpnmanagementui.r54"
+ENDIF
+; HE - 57 - Hebrew
+IF EXISTS ("z:\resource\avkon.r57")
+"\epoc32\data\z\resource\vpnecomnotifier.r57"-"!:\resource\vpnecomnotifier.r57"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r57"-"!:\resource\vpnmanagementui.r57"
+ENDIF
+; IN - 59 - Indonesian
+IF EXISTS ("z:\resource\avkon.r59")
+"\epoc32\data\z\resource\vpnecomnotifier.r59"-"!:\resource\vpnecomnotifier.r59"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r59"-"!:\resource\vpnmanagementui.r59"
+ENDIF
+; LV - 67 - Latvian
+IF EXISTS ("z:\resource\avkon.r67")
+"\epoc32\data\z\resource\vpnecomnotifier.r67"-"!:\resource\vpnecomnotifier.r67"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r67"-"!:\resource\vpnmanagementui.r67"
+ENDIF
+; LT - 68 - Lithuanian
+IF EXISTS ("z:\resource\avkon.r68")
+"\epoc32\data\z\resource\vpnecomnotifier.r68"-"!:\resource\vpnecomnotifier.r68"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r68"-"!:\resource\vpnmanagementui.r68"
+ENDIF
+; MS - 70 - Malay
+IF EXISTS ("z:\resource\avkon.r70")
+"\epoc32\data\z\resource\vpnecomnotifier.r70"-"!:\resource\vpnecomnotifier.r70"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r70"-"!:\resource\vpnmanagementui.r70"
+ENDIF
+; BP - 76 - BrazilianPortuguese
+IF EXISTS ("z:\resource\avkon.r76")
+"\epoc32\data\z\resource\vpnecomnotifier.r76"-"!:\resource\vpnecomnotifier.r76"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r76"-"!:\resource\vpnmanagementui.r76"
+ENDIF
+; RO - 78 - Romanian
+IF EXISTS ("z:\resource\avkon.r78")
+"\epoc32\data\z\resource\vpnecomnotifier.r78"-"!:\resource\vpnecomnotifier.r78"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r78"-"!:\resource\vpnmanagementui.r78"
+ENDIF
+; SR - 79 - Serbian
+IF EXISTS ("z:\resource\avkon.r79")
+"\epoc32\data\z\resource\vpnecomnotifier.r79"-"!:\resource\vpnecomnotifier.r79"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r79"-"!:\resource\vpnmanagementui.r79"
+ENDIF
+; LS - 83 - LatinAmericanSpanish
+IF EXISTS ("z:\resource\avkon.r83")
+"\epoc32\data\z\resource\vpnecomnotifier.r83"-"!:\resource\vpnecomnotifier.r83"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r83"-"!:\resource\vpnmanagementui.r83"
+ENDIF
+; UK - 93 - Ukrainian
+IF EXISTS ("z:\resource\avkon.r93")
+"\epoc32\data\z\resource\vpnecomnotifier.r93"-"!:\resource\vpnecomnotifier.r93"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r93"-"!:\resource\vpnmanagementui.r93"
+ENDIF
+; UR - 94 - Urdu
+IF EXISTS ("z:\resource\avkon.r94")
+"\epoc32\data\z\resource\vpnecomnotifier.r94"-"!:\resource\vpnecomnotifier.r94"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r94"-"!:\resource\vpnmanagementui.r94"
+ENDIF
+; VI - 96 - Vietnamese
+IF EXISTS ("z:\resource\avkon.r96")
+"\epoc32\data\z\resource\vpnecomnotifier.r96"-"!:\resource\vpnecomnotifier.r96"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r96"-"!:\resource\vpnmanagementui.r96"
+ENDIF
+; - 44 - Catalan
+IF EXISTS ("z:\resource\avkon.r44")
+"\epoc32\data\z\resource\vpnecomnotifier.r44"-"!:\resource\vpnecomnotifier.r44"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r44"-"!:\resource\vpnmanagementui.r44"
+ENDIF
+; - 102 - Basque
+IF EXISTS ("z:\resource\avkon.r102")
+"\epoc32\data\z\resource\vpnecomnotifier.r102"-"!:\resource\vpnecomnotifier.r102"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r102"-"!:\resource\vpnmanagementui.r102"
+; Helps do not support language id 102 yet
+;IF NOT EXISTS ("z:\resource\xhtml\102\0x10200EC4\index.xml")
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\index.xml"-"!:\resource\xhtml\102\0x10200EC4\index.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\keywords.xml"-"!:\resource\xhtml\102\0x10200EC4\keywords.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\meta.xml"-"!:\resource\xhtml\102\0x10200EC4\meta.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\contents.zip"-"!:\resource\xhtml\102\0x10200EC4\contents.zip"
+;ENDIF
+ENDIF
+; - 103 - Galicia
+IF EXISTS ("z:\resource\avkon.r103")
+"\epoc32\data\z\resource\vpnecomnotifier.r103"-"!:\resource\vpnecomnotifier.r103"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r103"-"!:\resource\vpnmanagementui.r103"
+; Helps do not support language 103 yet
+;IF NOT EXISTS ("z:\resource\xhtml\103\0x10200EC4\index.xml")
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\index.xml"-"!:\resource\xhtml\103\0x10200EC4\index.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\keywords.xml"-"!:\resource\xhtml\103\0x10200EC4\keywords.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\meta.xml"-"!:\resource\xhtml\103\0x10200EC4\meta.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\contents.zip"-"!:\resource\xhtml\103\0x10200EC4\contents.zip"
+;ENDIF
+ENDIF
+
+"\epoc32\release\armv5\udeb\vpnpolicyrecognizer.dll"-"!:\sys\bin\vpnpolicyrecognizer.dll"
+"\epoc32\data\z\resource\plugins\vpnpolicyrecognizer.rsc"-"!:\resource\plugins\vpnpolicyrecognizer.rsc"
+
+"\epoc32\release\armv5\udeb\vpnpolins.exe"-"!:\sys\bin\vpnpolins.exe"
+"\epoc32\data\z\private\10003a3f\apps\vpnpolins_reg.rsc"-"!:\Private\10003a3f\import\apps\vpnpolins_reg.rsc"
+; Embedded VPN Policy Installer sis file
+@"mVPN_vpnpolins_armv5.sis",(0xA0000131)
+
+;
+; VPN Cleaner
+;
+"\epoc32\release\armv5\udeb\vpncleaner.exe"-"!:\sys\bin\vpncleaner.exe",FR,RR,RW
+;
+; The following modules must not be deleted before VPN Cleaner has been run:
+; VPN Manager
+"\epoc32\release\armv5\udeb\vpnmanager.exe"-"!:\sys\bin\vpnmanager.exe"
+; Event Mediator
+"\epoc32\release\armv5\udeb\eventmed.exe"-"!:\sys\bin\eventmed.exe"
+; "\epoc32\winscw\c\private\101FD288\backup_registration.xml"-"!:\Private\101FD288\backup_registration.xml"
+; Event Mediator API
+"\epoc32\release\armv5\udeb\eventmedapi.dll"-"!:\sys\bin\eventmedapi.dll"
+
+; VPN Installer
+; "101f877b.txt"-"c:\Private\10202be9\persists\101f877b.txt"
+"\epoc32\release\armv5\udeb\vpnins.exe"-"!:\sys\bin\vpnins.exe",FR,RI,RW
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/nokia_vpn_client_localised_armv5_urel.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,762 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description: Package file for project VPN Client. urel
+;
+
+
+; LANGUAGES
+; - None (English only by default)
+&EN,FR,GE,SP,IT,SW,DA,NO,FI,AM,PO,TU,IC,RU,HU,DU,CS,SK,PL,SL,TC,HK,ZH,JA,TH,AR,TL,BG,HR,ET,FA,CF,EL,HE,IN,LV,LT,MS,BP,RO,SR,LS,UK,UR,VI,44,102,103
+
+; INSTALLATION HEADER
+; UID of acuagentcrypto
+#{"Nokia VPN",
+ "Cl. VPN Nokia",
+ "Nokia VPN-Clnt.",
+ "Nokia VPN",
+ "Client Nokia VPN",
+ "Nokia VPN-klient",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Cli. VPN Nokia",
+ "Nokia VPN is.",
+ "Nokia VPN",
+ "Клиент Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN-cl.",
+ "Nokia VPN kl.",
+ "VPN Nokia",
+ "Klient Nokia VPN",
+ "Odj. NZO Nokia",
+ "諾基亞VPN用戶端",
+ "諾基亞VPN客戶端",
+ "诺基亚VPN客户端",
+ "Nokia VPN クライアント",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN klient",
+ "مشتري Nokia VPN",
+ "RPV Nokia",
+ "Πελάτης της Nokia VPN",
+ "לקוח Nokia VPN",
+ "Klien VPN Nokia",
+ "Nokia VPN",
+ "Nokia VPT kl.",
+ "Klien Nokia VPN",
+ "VPN Nokia",
+ "Client Nokia RVP",
+ "Nokia VPN klijent",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN"},
+(0x101F5147),32,08,0124, TYPE=SA, RU
+
+; Product / platform version compatibility - S60 5.1
+[0x10283160],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; Product / platform version compatibility - S60 5.2
+[0x20022e6d],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+%{"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia"}
+
+; The non-localised, globally unique vendor name (mandatory)
+:"Nokia"
+
+; *"RDtest.key","RDtest.cer"
+; *"rd-key.pem","rd.cer"
+
+; LIST OF FILES
+
+;///////////////////////////////////////////////
+
+; ipsecpolparser; remove later
+"\epoc32\release\armv5\urel\vpnipsecpolparser.dll"-"!:\sys\bin\vpnipsecpolparser.dll"
+
+; VPN Connection Agent
+"\epoc32\release\armv5\urel\vpnconnagt.agt"-"!:\sys\bin\vpnconnagt.agt"
+
+; VPN Policy Parser
+"\epoc32\release\armv5\urel\ikepolparser.dll"-"!:\sys\bin\ikepolparser.dll"
+
+; Symmetric crypto API wrapper
+"\epoc32\release\armv5\urel\utlcrypto.dll"-"!:\sys\bin\utlcrypto.dll"
+
+; Key Management Daemon
+"\epoc32\release\armv5\urel\kmdserver.exe"-"!:\sys\bin\kmdserver.exe"
+
+; Key Management Daemon API
+"\epoc32\release\armv5\urel\kmdapi.dll"-"!:\sys\bin\kmdapi.dll"
+"\epoc32\release\armv5\urel\ikecert.dll"-"!:\sys\bin\ikecert.dll"
+"\epoc32\release\armv5\urel\ikev1lib.dll"-"!:\sys\bin\ikev1lib.dll"
+"\epoc32\release\armv5\urel\ikev2lib.dll"-"!:\sys\bin\ikev2lib.dll"
+
+; IKEUTILS library
+"\epoc32\release\armv5\urel\ikeutils.dll"-"!:\sys\bin\ikeutils.dll"
+
+; IKE socket plugin
+"\epoc32\release\armv5\urel\ikesocket.dll"-"!:\sys\bin\ikesocket.dll"
+
+; VPN DM
+"\epoc32\release\armv5\urel\dmadengine.dll"-"!:\sys\bin\dmadengine.dll"
+"\epoc32\release\armv5\urel\dmadipsecvpn.dll"-"!:\sys\bin\dmadipsecvpn.dll"
+"\epoc32\data\z\resource\plugins\dmadipsecvpn.rsc"-"!:\resource\plugins\dmadipsecvpn.rsc"
+"\epoc32\release\armv5\urel\dmadpki.dll"-"!:\sys\bin\dmadpki.dll"
+"\epoc32\data\z\resource\plugins\dmadpki.rsc"-"!:\resource\plugins\dmadpki.rsc"
+
+
+; VPN API (comes with platform)
+;"\epoc32\release\armv5\urel\vpnapi.dll"-"!:\sys\bin\vpnapi.dll"
+
+;"\epoc32\data\z\resource\errors\vpnerr.r01"-"!:\resource\Errors\vpnerr.r01"
+;"\epoc32\data\z\resource\errors\vpnerr.rsc"-"!:\resource\Errors\vpnerr.rsc"
+
+; VPN Management UI
+"\epoc32\release\armv5\urel\vpnmanagementui.dll"-"!:\sys\bin\vpnmanagementui.dll"
+
+{
+"\epoc32\data\z\resource\vpnmanagementuirsc.r01"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r02"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r03"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r04"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r05"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r06"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r07"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r08"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r09"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r10"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r13"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r14"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r15"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r16"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r17"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r18"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r25"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r26"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r27"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r28"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r29"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r30"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r31"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r32"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r33"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r37"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r39"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r42"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r45"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r49"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r50"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r51"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r54"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r57"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r59"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r67"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r68"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r70"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r76"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r78"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r79"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r83"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r93"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r94"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r96"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r44"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r102"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r103"
+}-"!:\resource\vpnmanagementuirsc.rsc"
+
+; icon and GS plugin registration file
+"\epoc32\data\z\resource\apps\vpnmanagementui.mif"-"!:\resource\apps\vpnmanagementui.mif"
+"\epoc32\data\Z\resource\plugins\vpnmanagementui.rsc"-"!:\resource\plugins\vpnmanagementui.rsc"
+
+; VPN help resources (not localized yet)
+; Help resources should be already in ROM but content can be updated from SIS package
+;"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\contents.zip"-"!:\resource\xhtml\01\0x10200EC4\contents.zip"
+;"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\index.xml"-"!:\resource\xhtml\01\0x10200EC4\index.xml"
+;"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\keywords.xml"-"!:\resource\xhtml\01\0x10200EC4\keywords.xml"
+;"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\meta.xml"-"!:\resource\xhtml\01\0x10200EC4\meta.xml"
+;{
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h02"
+;"\epoc32\data\z\resource\help\vpn.h03"
+;"\epoc32\data\z\resource\help\vpn.h04"
+;"\epoc32\data\z\resource\help\vpn.h05"
+;"\epoc32\data\z\resource\help\vpn.h06"
+;"\epoc32\data\z\resource\help\vpn.h07"
+;"\epoc32\data\z\resource\help\vpn.h08"
+;"\epoc32\data\z\resource\help\vpn.h09"
+;"\epoc32\data\z\resource\help\vpn.h10"
+;"\epoc32\data\z\resource\help\vpn.h13"
+;"\epoc32\data\z\resource\help\vpn.h14"
+;"\epoc32\data\z\resource\help\vpn.h15"
+;"\epoc32\data\z\resource\help\vpn.h16"
+;"\epoc32\data\z\resource\help\vpn.h17"
+;"\epoc32\data\z\resource\help\vpn.h18"
+;"\epoc32\data\z\resource\help\vpn.h25"
+;"\epoc32\data\z\resource\help\vpn.h26"
+;"\epoc32\data\z\resource\help\vpn.h27"
+;"\epoc32\data\z\resource\help\vpn.h28"
+;"\epoc32\data\z\resource\help\vpn.h29"
+;"\epoc32\data\z\resource\help\vpn.h30"
+;"\epoc32\data\z\resource\help\vpn.h31"
+;"\epoc32\data\z\resource\help\vpn.h32"
+;"\epoc32\data\z\resource\help\vpn.h33"
+;"\epoc32\data\z\resource\help\vpn.h37"
+;"\epoc32\data\z\resource\help\vpn.h39"
+;"\epoc32\data\z\resource\help\vpn.h42"
+;"\epoc32\data\z\resource\help\vpn.h45"
+;"\epoc32\data\z\resource\help\vpn.h49"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h51"
+;"\epoc32\data\z\resource\help\vpn.h54"
+;"\epoc32\data\z\resource\help\vpn.h57"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h59"
+;"\epoc32\data\z\resource\help\vpn.h67"
+;"\epoc32\data\z\resource\help\vpn.h68"
+;"\epoc32\data\z\resource\help\vpn.h70"
+;"\epoc32\data\z\resource\help\vpn.h76"
+;"\epoc32\data\z\resource\help\vpn.h78"
+;"\epoc32\data\z\resource\help\vpn.h79"
+;"\epoc32\data\z\resource\help\vpn.h83"
+;"\epoc32\data\z\resource\help\vpn.h93"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;"\epoc32\data\z\resource\help\vpn.h01"
+;}-"!:\resource\help\vpn.hlp"
+
+; PKI Services Server
+"\epoc32\release\armv5\urel\pkiservice.exe"-"!:\sys\bin\pkiservice.exe"
+; PKI Services API
+"\epoc32\release\armv5\urel\pkiserviceapi.dll"-"!:\sys\bin\pkiserviceapi.dll"
+
+
+; PKCS#10 Module
+"\epoc32\release\armv5\urel\utlpkcs10.dll"-"!:\sys\bin\utlpkcs10.dll"
+; PKCS#12 Module
+"\epoc32\release\armv5\urel\utlpkcs12.dll"-"!:\sys\bin\utlpkcs12.dll"
+; Base64 Module
+"\epoc32\release\armv5\urel\utlbase64.dll"-"!:\sys\bin\utlbase64.dll"
+; Socket Interaction Thread
+"\epoc32\release\armv5\urel\eventmedsit.dll"-"!:\sys\bin\eventmedsit.dll"
+; Event Viewer
+"\epoc32\release\armv5\urel\eventviewer.dll"-"!:\sys\bin\eventviewer.dll"
+;
+"\epoc32\data\z\resource\vpnlogmessages.rsc"-"!:\resource\vpnlogmessages.rsc"
+
+; Terminal control stubs (for downwards compatibility)
+"\epoc32\release\armv5\urel\vpntcwrapper.dll"-"!:\sys\bin\vpntcwrapper.dll"
+
+; VPN dialog manager
+"\epoc32\release\armv5\urel\vpndialogmanager.dll"-"!:\sys\bin\vpndialogmanager.dll"
+
+; VPN ECOM Notifier plug-in
+"\epoc32\release\armv5\urel\vpnecomnotifier.dll"-"!:\sys\bin\vpnecomnotifier.dll"
+
+"\epoc32\data\z\resource\plugins\vpnecomnotifier.rsc"-"!:\resource\plugins\vpnecomnotifier.rsc"
+
+{
+"\epoc32\data\z\resource\vpnecomnotifier.r01"
+"\epoc32\data\z\resource\vpnecomnotifier.r02"
+"\epoc32\data\z\resource\vpnecomnotifier.r03"
+"\epoc32\data\z\resource\vpnecomnotifier.r04"
+"\epoc32\data\z\resource\vpnecomnotifier.r05"
+"\epoc32\data\z\resource\vpnecomnotifier.r06"
+"\epoc32\data\z\resource\vpnecomnotifier.r07"
+"\epoc32\data\z\resource\vpnecomnotifier.r08"
+"\epoc32\data\z\resource\vpnecomnotifier.r09"
+"\epoc32\data\z\resource\vpnecomnotifier.r10"
+"\epoc32\data\z\resource\vpnecomnotifier.r13"
+"\epoc32\data\z\resource\vpnecomnotifier.r14"
+"\epoc32\data\z\resource\vpnecomnotifier.r15"
+"\epoc32\data\z\resource\vpnecomnotifier.r16"
+"\epoc32\data\z\resource\vpnecomnotifier.r17"
+"\epoc32\data\z\resource\vpnecomnotifier.r18"
+"\epoc32\data\z\resource\vpnecomnotifier.r25"
+"\epoc32\data\z\resource\vpnecomnotifier.r26"
+"\epoc32\data\z\resource\vpnecomnotifier.r27"
+"\epoc32\data\z\resource\vpnecomnotifier.r28"
+"\epoc32\data\z\resource\vpnecomnotifier.r29"
+"\epoc32\data\z\resource\vpnecomnotifier.r30"
+"\epoc32\data\z\resource\vpnecomnotifier.r31"
+"\epoc32\data\z\resource\vpnecomnotifier.r32"
+"\epoc32\data\z\resource\vpnecomnotifier.r33"
+"\epoc32\data\z\resource\vpnecomnotifier.r37"
+"\epoc32\data\z\resource\vpnecomnotifier.r39"
+"\epoc32\data\z\resource\vpnecomnotifier.r42"
+"\epoc32\data\z\resource\vpnecomnotifier.r45"
+"\epoc32\data\z\resource\vpnecomnotifier.r49"
+"\epoc32\data\z\resource\vpnecomnotifier.r50"
+"\epoc32\data\z\resource\vpnecomnotifier.r51"
+"\epoc32\data\z\resource\vpnecomnotifier.r54"
+"\epoc32\data\z\resource\vpnecomnotifier.r57"
+"\epoc32\data\z\resource\vpnecomnotifier.r59"
+"\epoc32\data\z\resource\vpnecomnotifier.r67"
+"\epoc32\data\z\resource\vpnecomnotifier.r68"
+"\epoc32\data\z\resource\vpnecomnotifier.r70"
+"\epoc32\data\z\resource\vpnecomnotifier.r76"
+"\epoc32\data\z\resource\vpnecomnotifier.r78"
+"\epoc32\data\z\resource\vpnecomnotifier.r79"
+"\epoc32\data\z\resource\vpnecomnotifier.r83"
+"\epoc32\data\z\resource\vpnecomnotifier.r93"
+"\epoc32\data\z\resource\vpnecomnotifier.r94"
+"\epoc32\data\z\resource\vpnecomnotifier.r96"
+"\epoc32\data\z\resource\vpnecomnotifier.r44"
+"\epoc32\data\z\resource\vpnecomnotifier.r102"
+"\epoc32\data\z\resource\vpnecomnotifier.r103"
+}-"!:\resource\vpnecomnotifier.rsc"
+
+; XML Parser
+"\epoc32\release\armv5\urel\utlxml.dll"-"!:\sys\bin\utlxml.dll"
+
+; Install only languages that HW supports
+; EN - 01 - English
+IF EXISTS ("z:\resource\avkon.r01")
+"\epoc32\data\z\resource\vpnecomnotifier.r01"-"!:\resource\vpnecomnotifier.r01"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r01"-"!:\resource\vpnmanagementui.r01"
+IF NOT EXISTS ("z:\resource\xhtml\01\0x10200EC4\index.xml")
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\index.xml"-"!:\resource\xhtml\01\0x10200EC4\index.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\keywords.xml"-"!:\resource\xhtml\01\0x10200EC4\keywords.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\meta.xml"-"!:\resource\xhtml\01\0x10200EC4\meta.xml"
+"\epoc32\data\Z\resource\xhtml\01\0x10200EC4\contents.zip"-"!:\resource\xhtml\01\0x10200EC4\contents.zip"
+ENDIF
+ENDIF
+; FR - 02 - French
+IF EXISTS ("z:\resource\avkon.r02")
+"\epoc32\data\z\resource\vpnecomnotifier.r02"-"!:\resource\vpnecomnotifier.r02"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r02"-"!:\resource\vpnmanagementui.r02"
+ENDIF
+; GE - 03 - German
+IF EXISTS ("z:\resource\avkon.r03")
+"\epoc32\data\z\resource\vpnecomnotifier.r03"-"!:\resource\vpnecomnotifier.r03"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r03"-"!:\resource\vpnmanagementui.r03"
+ENDIF
+; SP - 04 - Spanish
+IF EXISTS ("z:\resource\avkon.r04")
+"\epoc32\data\z\resource\vpnecomnotifier.r04"-"!:\resource\vpnecomnotifier.r04"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r04"-"!:\resource\vpnmanagementui.r04"
+ENDIF
+; IT - 05 - Italian
+IF EXISTS ("z:\resource\avkon.r05")
+"\epoc32\data\z\resource\vpnecomnotifier.r05"-"!:\resource\vpnecomnotifier.r05"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r05"-"!:\resource\vpnmanagementui.r05"
+ENDIF
+; SW - 06 - Swedish
+IF EXISTS ("z:\resource\avkon.r06")
+"\epoc32\data\z\resource\vpnecomnotifier.r06"-"!:\resource\vpnecomnotifier.r06"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r06"-"!:\resource\vpnmanagementui.r06"
+ENDIF
+; DA - 07 - Danish
+IF EXISTS ("z:\resource\avkon.r07")
+"\epoc32\data\z\resource\vpnecomnotifier.r07"-"!:\resource\vpnecomnotifier.r07"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r07"-"!:\resource\vpnmanagementui.r07"
+ENDIF
+; NO - 08 - Norwegian
+IF EXISTS ("z:\resource\avkon.r08")
+"\epoc32\data\z\resource\vpnecomnotifier.r08"-"!:\resource\vpnecomnotifier.r08"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r08"-"!:\resource\vpnmanagementui.r08"
+ENDIF
+; FI - 09 - Finnish
+IF EXISTS ("z:\resource\avkon.r09")
+"\epoc32\data\z\resource\vpnecomnotifier.r09"-"!:\resource\vpnecomnotifier.r09"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r09"-"!:\resource\vpnmanagementui.r09"
+ENDIF
+; AM - 10 - American
+IF EXISTS ("z:\resource\avkon.r10")
+"\epoc32\data\z\resource\vpnecomnotifier.r10"-"!:\resource\vpnecomnotifier.r10"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r10"-"!:\resource\vpnmanagementui.r10"
+ENDIF
+; PO - 13 - Portuguese
+IF EXISTS ("z:\resource\avkon.r13")
+"\epoc32\data\z\resource\vpnecomnotifier.r13"-"!:\resource\vpnecomnotifier.r13"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r13"-"!:\resource\vpnmanagementui.r13"
+ENDIF
+; TU - 14 - Turkish
+IF EXISTS ("z:\resource\avkon.r14")
+"\epoc32\data\z\resource\vpnecomnotifier.r14"-"!:\resource\vpnecomnotifier.r14"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r14"-"!:\resource\vpnmanagementui.r14"
+ENDIF
+; IC - 15 - Icelandic
+IF EXISTS ("z:\resource\avkon.r15")
+"\epoc32\data\z\resource\vpnecomnotifier.r15"-"!:\resource\vpnecomnotifier.r15"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r15"-"!:\resource\vpnmanagementui.r15"
+ENDIF
+; RU - 16 - Russian
+IF EXISTS ("z:\resource\avkon.r16")
+"\epoc32\data\z\resource\vpnecomnotifier.r16"-"!:\resource\vpnecomnotifier.r16"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r16"-"!:\resource\vpnmanagementui.r16"
+ENDIF
+; HU - 17 - Hungarian
+IF EXISTS ("z:\resource\avkon.r17")
+"\epoc32\data\z\resource\vpnecomnotifier.r17"-"!:\resource\vpnecomnotifier.r17"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r17"-"!:\resource\vpnmanagementui.r17"
+ENDIF
+; DU - 18 - Dutch
+IF EXISTS ("z:\resource\avkon.r18")
+"\epoc32\data\z\resource\vpnecomnotifier.r18"-"!:\resource\vpnecomnotifier.r18"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r18"-"!:\resource\vpnmanagementui.r18"
+ENDIF
+; CS - 25 - Czech
+IF EXISTS ("z:\resource\avkon.r25")
+"\epoc32\data\z\resource\vpnecomnotifier.r25"-"!:\resource\vpnecomnotifier.r25"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r25"-"!:\resource\vpnmanagementui.r25"
+ENDIF
+; SK - 26 - Slovak
+IF EXISTS ("z:\resource\avkon.r26")
+"\epoc32\data\z\resource\vpnecomnotifier.r26"-"!:\resource\vpnecomnotifier.r26"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r26"-"!:\resource\vpnmanagementui.r26"
+ENDIF
+; PL - 27 - Polish
+IF EXISTS ("z:\resource\avkon.r27")
+"\epoc32\data\z\resource\vpnecomnotifier.r27"-"!:\resource\vpnecomnotifier.r27"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r27"-"!:\resource\vpnmanagementui.r27"
+ENDIF
+; SL - 28 - Slovenian
+IF EXISTS ("z:\resource\avkon.r28")
+"\epoc32\data\z\resource\vpnecomnotifier.r28"-"!:\resource\vpnecomnotifier.r28"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r28"-"!:\resource\vpnmanagementui.r28"
+ENDIF
+; TC - 29 - TaiwanChinese
+IF EXISTS ("z:\resource\avkon.r29")
+"\epoc32\data\z\resource\vpnecomnotifier.r29"-"!:\resource\vpnecomnotifier.r29"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r29"-"!:\resource\vpnmanagementui.r29"
+ENDIF
+; HK - 30 - HongKongChinese
+IF EXISTS ("z:\resource\avkon.r30")
+"\epoc32\data\z\resource\vpnecomnotifier.r30"-"!:\resource\vpnecomnotifier.r30"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r30"-"!:\resource\vpnmanagementui.r30"
+ENDIF
+; ZH - 31 - PrcChinese
+IF EXISTS ("z:\resource\avkon.r31")
+"\epoc32\data\z\resource\vpnecomnotifier.r31"-"!:\resource\vpnecomnotifier.r31"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r31"-"!:\resource\vpnmanagementui.r31"
+ENDIF
+; JA - 32 - Japanese
+IF EXISTS ("z:\resource\avkon.r32")
+"\epoc32\data\z\resource\vpnecomnotifier.r32"-"!:\resource\vpnecomnotifier.r32"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r32"-"!:\resource\vpnmanagementui.r32"
+ENDIF
+; TH - 33 - Thai
+IF EXISTS ("z:\resource\avkon.r33")
+"\epoc32\data\z\resource\vpnecomnotifier.r33"-"!:\resource\vpnecomnotifier.r33"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r33"-"!:\resource\vpnmanagementui.r33"
+ENDIF
+; AR - 37 - Arabic
+IF EXISTS ("z:\resource\avkon.r37")
+"\epoc32\data\z\resource\vpnecomnotifier.r37"-"!:\resource\vpnecomnotifier.r37"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r37"-"!:\resource\vpnmanagementui.r37"
+ENDIF
+; TL - 39 - Tagalog
+IF EXISTS ("z:\resource\avkon.r39")
+"\epoc32\data\z\resource\vpnecomnotifier.r39"-"!:\resource\vpnecomnotifier.r39"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r39"-"!:\resource\vpnmanagementui.r39"
+ENDIF
+; BG - 42 - Bulgarian
+IF EXISTS ("z:\resource\avkon.r42")
+"\epoc32\data\z\resource\vpnecomnotifier.r42"-"!:\resource\vpnecomnotifier.r42"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r42"-"!:\resource\vpnmanagementui.r42"
+ENDIF
+; HR - 45 - Croatian
+IF EXISTS ("z:\resource\avkon.r45")
+"\epoc32\data\z\resource\vpnecomnotifier.r45"-"!:\resource\vpnecomnotifier.r45"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r45"-"!:\resource\vpnmanagementui.r45"
+ENDIF
+; ET - 49 - Estonian
+IF EXISTS ("z:\resource\avkon.r49")
+"\epoc32\data\z\resource\vpnecomnotifier.r49"-"!:\resource\vpnecomnotifier.r49"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r49"-"!:\resource\vpnmanagementui.r49"
+ENDIF
+; FA - 50 - Farsi
+IF EXISTS ("z:\resource\avkon.r50")
+"\epoc32\data\z\resource\vpnecomnotifier.r50"-"!:\resource\vpnecomnotifier.r50"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r50"-"!:\resource\vpnmanagementui.r50"
+ENDIF
+; CF - 51 - CanadianFrench
+IF EXISTS ("z:\resource\avkon.r51")
+"\epoc32\data\z\resource\vpnecomnotifier.r51"-"!:\resource\vpnecomnotifier.r51"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r51"-"!:\resource\vpnmanagementui.r51"
+ENDIF
+; EL - 54 - Greek
+IF EXISTS ("z:\resource\avkon.r54")
+"\epoc32\data\z\resource\vpnecomnotifier.r54"-"!:\resource\vpnecomnotifier.r54"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r54"-"!:\resource\vpnmanagementui.r54"
+ENDIF
+; HE - 57 - Hebrew
+IF EXISTS ("z:\resource\avkon.r57")
+"\epoc32\data\z\resource\vpnecomnotifier.r57"-"!:\resource\vpnecomnotifier.r57"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r57"-"!:\resource\vpnmanagementui.r57"
+ENDIF
+; IN - 59 - Indonesian
+IF EXISTS ("z:\resource\avkon.r59")
+"\epoc32\data\z\resource\vpnecomnotifier.r59"-"!:\resource\vpnecomnotifier.r59"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r59"-"!:\resource\vpnmanagementui.r59"
+ENDIF
+; LV - 67 - Latvian
+IF EXISTS ("z:\resource\avkon.r67")
+"\epoc32\data\z\resource\vpnecomnotifier.r67"-"!:\resource\vpnecomnotifier.r67"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r67"-"!:\resource\vpnmanagementui.r67"
+ENDIF
+; LT - 68 - Lithuanian
+IF EXISTS ("z:\resource\avkon.r68")
+"\epoc32\data\z\resource\vpnecomnotifier.r68"-"!:\resource\vpnecomnotifier.r68"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r68"-"!:\resource\vpnmanagementui.r68"
+ENDIF
+; MS - 70 - Malay
+IF EXISTS ("z:\resource\avkon.r70")
+"\epoc32\data\z\resource\vpnecomnotifier.r70"-"!:\resource\vpnecomnotifier.r70"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r70"-"!:\resource\vpnmanagementui.r70"
+ENDIF
+; BP - 76 - BrazilianPortuguese
+IF EXISTS ("z:\resource\avkon.r76")
+"\epoc32\data\z\resource\vpnecomnotifier.r76"-"!:\resource\vpnecomnotifier.r76"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r76"-"!:\resource\vpnmanagementui.r76"
+ENDIF
+; RO - 78 - Romanian
+IF EXISTS ("z:\resource\avkon.r78")
+"\epoc32\data\z\resource\vpnecomnotifier.r78"-"!:\resource\vpnecomnotifier.r78"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r78"-"!:\resource\vpnmanagementui.r78"
+ENDIF
+; SR - 79 - Serbian
+IF EXISTS ("z:\resource\avkon.r79")
+"\epoc32\data\z\resource\vpnecomnotifier.r79"-"!:\resource\vpnecomnotifier.r79"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r79"-"!:\resource\vpnmanagementui.r79"
+ENDIF
+; LS - 83 - LatinAmericanSpanish
+IF EXISTS ("z:\resource\avkon.r83")
+"\epoc32\data\z\resource\vpnecomnotifier.r83"-"!:\resource\vpnecomnotifier.r83"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r83"-"!:\resource\vpnmanagementui.r83"
+ENDIF
+; UK - 93 - Ukrainian
+IF EXISTS ("z:\resource\avkon.r93")
+"\epoc32\data\z\resource\vpnecomnotifier.r93"-"!:\resource\vpnecomnotifier.r93"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r93"-"!:\resource\vpnmanagementui.r93"
+ENDIF
+; UR - 94 - Urdu
+IF EXISTS ("z:\resource\avkon.r94")
+"\epoc32\data\z\resource\vpnecomnotifier.r94"-"!:\resource\vpnecomnotifier.r94"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r94"-"!:\resource\vpnmanagementui.r94"
+ENDIF
+; VI - 96 - Vietnamese
+IF EXISTS ("z:\resource\avkon.r96")
+"\epoc32\data\z\resource\vpnecomnotifier.r96"-"!:\resource\vpnecomnotifier.r96"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r96"-"!:\resource\vpnmanagementui.r96"
+ENDIF
+; - 44 - Catalan
+IF EXISTS ("z:\resource\avkon.r44")
+"\epoc32\data\z\resource\vpnecomnotifier.r44"-"!:\resource\vpnecomnotifier.r44"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r44"-"!:\resource\vpnmanagementui.r44"
+ENDIF
+; - 102 - Basque
+IF EXISTS ("z:\resource\avkon.r102")
+"\epoc32\data\z\resource\vpnecomnotifier.r102"-"!:\resource\vpnecomnotifier.r102"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r102"-"!:\resource\vpnmanagementui.r102"
+; Helps do not support language id 102 yet
+;IF NOT EXISTS ("z:\resource\xhtml\102\0x10200EC4\index.xml")
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\index.xml"-"!:\resource\xhtml\102\0x10200EC4\index.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\keywords.xml"-"!:\resource\xhtml\102\0x10200EC4\keywords.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\meta.xml"-"!:\resource\xhtml\102\0x10200EC4\meta.xml"
+;"\epoc32\data\Z\resource\xhtml\102\0x10200EC4\contents.zip"-"!:\resource\xhtml\102\0x10200EC4\contents.zip"
+;ENDIF
+ENDIF
+; - 103 - Galicia
+IF EXISTS ("z:\resource\avkon.r103")
+"\epoc32\data\z\resource\vpnecomnotifier.r103"-"!:\resource\vpnecomnotifier.r103"
+"\epoc32\data\z\resource\vpnmanagementuirsc.r103"-"!:\resource\vpnmanagementui.r103"
+; Helps do not support language 103 yet
+;IF NOT EXISTS ("z:\resource\xhtml\103\0x10200EC4\index.xml")
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\index.xml"-"!:\resource\xhtml\103\0x10200EC4\index.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\keywords.xml"-"!:\resource\xhtml\103\0x10200EC4\keywords.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\meta.xml"-"!:\resource\xhtml\103\0x10200EC4\meta.xml"
+;"\epoc32\data\Z\resource\xhtml\103\0x10200EC4\contents.zip"-"!:\resource\xhtml\103\0x10200EC4\contents.zip"
+;ENDIF
+ENDIF
+
+"\epoc32\release\armv5\urel\vpnpolicyrecognizer.dll"-"!:\sys\bin\vpnpolicyrecognizer.dll"
+"\epoc32\data\z\resource\plugins\vpnpolicyrecognizer.rsc"-"!:\resource\plugins\vpnpolicyrecognizer.rsc"
+
+
+"\epoc32\release\armv5\urel\vpnpolins.exe"-"!:\sys\bin\vpnpolins.exe"
+"\epoc32\data\z\private\10003a3f\apps\vpnpolins_reg.rsc"-"!:\Private\10003a3f\import\apps\vpnpolins_reg.rsc"
+; Embedded VPN Policy Installer sis file
+@"mVPN_vpnpolins_armv5.sis",(0xA0000131)
+
+;
+; VPN Cleaner
+;
+"\epoc32\release\armv5\urel\vpncleaner.exe"-"!:\sys\bin\vpncleaner.exe",FR,RR,RW
+;
+; The following modules must not be deleted before VPN Cleaner has been run:
+; VPN Manager
+"\epoc32\release\armv5\urel\vpnmanager.exe"-"!:\sys\bin\vpnmanager.exe"
+
+; Event Mediator
+"\epoc32\release\armv5\urel\eventmed.exe"-"!:\sys\bin\eventmed.exe"
+; "\epoc32\winscw\c\private\101FD288\backup_registration.xml"-"!:\Private\101FD288\backup_registration.xml"
+; Event Mediator API
+"\epoc32\release\armv5\urel\eventmedapi.dll"-"!:\sys\bin\eventmedapi.dll"
+
+; VPN Installer
+; "101f877b.txt"-"c:\Private\10202be9\persists\101f877b.txt"
+"\epoc32\release\armv5\urel\vpnins.exe"-"!:\sys\bin\vpnins.exe",FR,RI,RW
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/nokia_vpn_vpnpolins_armv5.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description: Package file for project VPNPolIns
+;
+
+
+; LANGUAGES
+; - None (English only by default)
+
+; INSTALLATION HEADER
+#{"Nokia VPN Policy Installer"},(0xA0000131),32,08,0124, TYPE=SA, RU
+
+; Product / platform version compatibility - S60 5.1 and 5.2
+[0x10283160],0,0,0,{"Series60ProductID"}
+[0x20022e6d],0,0,0,{"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+; At least one must be provided (English [EN]).
+%{"Nokia"}
+
+; Unique Vendor Name
+:"Nokia"
+
+; LIST OF FILES
+; No files!
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/update_versions.mk Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+#
+# Copyright (c) 2008-2008 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description: Calls version update script
+#
+
+do_nothing :
+ @rem do_nothing
+
+MAKMAKE : do_nothing
+
+BLD :
+ @echo Updating versions..
+ perl update_versions.pl
+ @echo Update done!
+
+FREEZE LIB CLEANLIB RESOURCE RELEASABLES CLEAN FINAL SAVESPACE : do_nothing
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/update_versions.pl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,120 @@
+#
+# Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+# Updates pkg-files' and vpnclient_sis.mk's version information with current date.
+# Creates temporary pkg-files with updated version.
+#
+
+use strict;
+use POSIX qw(strftime);
+use File::Copy;
+
+
+my $PLATFORM = "42";
+
+#
+# Creates a temp file and replaces line
+#
+sub replace_line_and_create_temp
+{
+ # arguments
+ my ($pattern, $replacement, $path) = @_;
+
+ # create temp file
+ my $temp_path = "temp_".$path;
+ if (-e $temp_path)
+ {
+ chmod 0666, $temp_path;
+ unlink $temp_path;
+ }
+ copy($path, $temp_path);
+ chmod 0666, $temp_path;
+
+ # update version information
+ my ($infile, $outfile);
+ open $infile, "<".$path or die "Can't open $path : $!";
+ open $outfile, ">".$temp_path or die "Can't open $temp_path : $!";
+ while (<$infile>)
+ {
+ my $line = $_;
+ if ($line =~ s/$pattern/$replacement/g)
+ {
+ print "Replaced line in $temp_path\n";
+ }
+ print $outfile $line;
+ }
+ close $infile;
+ close $outfile;
+}
+
+#
+# Replaces line
+#
+sub replace_line
+{
+ # arguments
+ my ($pattern, $replacement, $path) = @_;
+
+ # Backup
+ if (-e "$path.BACKUP")
+ {
+ chmod 0666, "$path.BACKUP";
+ unlink "$path.BACKUP";
+ }
+ chmod 0666, $path;
+ rename $path, "$path.BACKUP";
+
+ # update version information
+ my ($infile, $outfile);
+ open $infile, "<$path.BACKUP" or die "Can't open $path.BACKUP : $!";
+ open $outfile, ">$path" or die "Can't open $path : $!";
+ while (<$infile>)
+ {
+ my $line = $_;
+ if ($line =~ s/$pattern/$replacement/g)
+ {
+ print "Replaced line in $path\n";
+ }
+ print $outfile $line;
+ }
+ close $infile;
+ close $outfile;
+}
+
+my $pkgtime = strftime($PLATFORM.",%y,%m%d", localtime());
+my $mktime = strftime("%y%m%d", localtime());
+
+# nokia_vpn_vpnpolins_armv5.pkg
+replace_line_and_create_temp(
+ '^#{"Nokia VPN Policy Installer"},\(0xA0000131\),.*?,.*?,.*?, TYPE=SA, RU$',
+ "#{\"Nokia VPN Policy Installer\"},(0xA0000131),$pkgtime, TYPE=SA, RU",
+ 'nokia_vpn_vpnpolins_armv5.pkg');
+
+# nokia_vpn_client_localised_armv5_urel.pkg
+replace_line_and_create_temp(
+ '^\(0x101F5147\),.*?,.*?,.*?, TYPE=SA, RU$',
+ "(0x101F5147),$pkgtime, TYPE=SA, RU",
+ 'nokia_vpn_client_localised_armv5_urel.pkg');
+
+# nokia_vpn_client_localised_armv5_udeb.pkg
+replace_line_and_create_temp(
+ '^\(0x101F5147\),.*?,.*?,.*?, TYPE=SA, RU$',
+ "(0x101F5147),$pkgtime, TYPE=SA, RU",
+ 'nokia_vpn_client_localised_armv5_udeb.pkg');
+
+# vpnclient_sis.mk
+replace_line(
+ '^VERSION=.*?$',
+ "VERSION=$mktime",
+ 'vpnclient_sis.mk');
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/group/vpnclient_sis.mk Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,92 @@
+#
+# Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description: Creates either localised or nonlocalised mVPN Client SIS files
+#
+
+# To ensure that EPOCROOT always ends with a forward slash
+TMPROOT:=$(subst \,/,$(EPOCROOT))
+EPOCROOT:=$(patsubst %/,%,$(TMPROOT))/
+
+VERSION=091014
+RDDERDIR=../data/RDTest_02.der
+RDKEYDIR=../data/RDTest_02.key
+LOCALISATION_FILES=$(EPOCROOT)epoc32/data/Z/resource/vpnecomnotifier.r05
+S60PLATFORM=v42
+
+do_nothing :
+ @rem do_nothing
+
+MAKMAKE : do_nothing
+
+BLD :
+
+#
+# Localisation files must exist
+#
+ @echo --
+ if exist $(LOCALISATION_FILES) @echo Building localised version
+ if not exist $(LOCALISATION_FILES) @echo Localisation files are not available! Exiting..
+ if not exist $(LOCALISATION_FILES) @echo --
+ if not exist $(LOCALISATION_FILES) exit 1
+ @echo --
+
+#
+# vpn policy installer
+#
+ @echo Processing temp_nokia_vpn_vpnpolins_armv5.pkg
+ $(EPOCROOT)epoc32\tools\makesis -v temp_nokia_vpn_vpnpolins_armv5.pkg mVPN_vpnpolins_armv5.sis
+ @echo Signing created mVPN_vpnpolins_armv5.sis
+ $(EPOCROOT)epoc32\tools\signsis mVPN_vpnpolins_armv5.sis mVPN_vpnpolins_armv5.sis $(RDDERDIR) $(RDKEYDIR)
+
+#
+# If localisation files exist create localised SIS files.
+#
+# UREL
+ @echo Processing temp_nokia_vpn_client_localised_armv5_urel.pkg
+ $(EPOCROOT)epoc32\tools\makesis -v temp_nokia_vpn_client_localised_armv5_urel.pkg mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis
+ @echo Signing created mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis
+ $(EPOCROOT)epoc32\tools\signsis mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis $(RDDERDIR) $(RDKEYDIR)
+# UDEB
+ @echo Processing temp_nokia_vpn_client_localised_armv5_udeb.pkg
+ $(EPOCROOT)epoc32\tools\makesis -v temp_nokia_vpn_client_localised_armv5_udeb.pkg mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis
+ @echo Signing created mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis
+ $(EPOCROOT)epoc32\tools\signsis mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis $(RDDERDIR) $(RDKEYDIR)
+
+
+# remove policy installer
+ @echo Remove unnecessary temporary sis files
+ if exist mVPN_vpnpolins_armv5.sis erase mVPN_vpnpolins_armv5.sis
+ if exist temp_* erase temp_*
+
+CLEAN :
+ if exist mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis erase mVPN_RnD_$(S60PLATFORM)_$(VERSION)_urel.sis
+ if exist mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis erase mVPN_RnD_$(S60PLATFORM)_$(VERSION)_udeb.sis
+ if exist mVPN_vpnpolins_armv5.sis erase mVPN_vpnpolins_armv5.sis
+ if exist temp_* erase temp_*
+ if exist *.BACKUP erase *.BACKUP
+
+
+LIB : do_nothing
+
+CLEANLIB : do_nothing
+
+RESOURCE : do_nothing
+
+FREEZE : do_nothing
+
+SAVESPACE : do_nothing
+
+RELEASABLES : do_nothing
+
+FINAL : do_nothing
Binary file vpnclient_sis/stub_sis/data/101f877b.txt has changed
Binary file vpnclient_sis/stub_sis/data/101f877b.txt.vpn has changed
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/stub_sis/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2004-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the
+* VPN Client sis files.
+*
+*
+*/
+
+
+
+PRJ_PLATFORMS
+DEFAULT
+
+PRJ_EXPORTS
+../data/101f877b.txt.vpn /epoc32/data/z/private/10202be9/101f877b.txt.vpn
+../data/101f877b.txt /epoc32/WINSCW/C/private/10202be9/persists/101f877b.txt
+
+PRJ_MMPFILES
+
+ gnumakefile vpnclient_stub_sis.mk
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/stub_sis/group/stub_nokia_vpn_client_armv5.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,358 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description:
+;
+
+; ============================================================================
+; Name : stub_nokia_vpn_client_armv5.pkg
+; Part of : VPN / VPN
+; Description : Nokia VPN Client G1 S60 PACKAGE for Stub-SIS
+; Version : %version: %
+;
+; Copyright © 2006 - 2008 Nokia. All rights reserved.
+; This material, including documentation and any related computer
+; programs, is protected by copyright controlled by Nokia. All
+; rights are reserved. Copying, including reproducing, storing,
+; adapting or translating, any or all of this material requires the
+; prior written consent of Nokia. This material also contains
+; confidential information which may not be disclosed to others
+; without the prior written consent of Nokia.
+; ============================================================================
+; Template version: 4.1
+
+; LANGUAGES
+; - None (English only by default)
+&EN,FR,GE,SP,IT,SW,DA,NO,FI,AM,PO,TU,IC,RU,HU,DU,CS,SK,PL,SL,TC,HK,ZH,JA,TH,AR,TL,BG,HR,ET,FA,CF,EL,HE,IN,LV,LT,MS,BP,RO,SR,LS,UK,UR,VI,44,102,103
+
+; INSTALLATION HEADER
+; UID of acuagentcrypto
+#{"Nokia VPN",
+ "Cl. VPN Nokia",
+ "Nokia VPN-Clnt.",
+ "Nokia VPN",
+ "Client Nokia VPN",
+ "Nokia VPN-klient",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Cli. VPN Nokia",
+ "Nokia VPN is.",
+ "Nokia VPN",
+ "Клиент Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN-cl.",
+ "Nokia VPN kl.",
+ "VPN Nokia",
+ "Klient Nokia VPN",
+ "Odj. NZO Nokia",
+ "諾基亞VPN用戶端",
+ "諾基亞VPN客戶端",
+ "诺基亚VPN客户端",
+ "Nokia VPN クライアント",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN klient",
+ "مشتري Nokia VPN",
+ "RPV Nokia",
+ "Πελάτης της Nokia VPN",
+ "לקוח Nokia VPN",
+ "Klien VPN Nokia",
+ "Nokia VPN",
+ "Nokia VPT kl.",
+ "Klien Nokia VPN",
+ "VPN Nokia",
+ "Client Nokia RVP",
+ "Nokia VPN klijent",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN client",
+ "Nokia VPN",
+ "Nokia VPN",
+ "Nokia VPN"},
+(0x101F5147),32,08,0124, TYPE=SA, RU
+
+; Product / platform version compatibility - S60 5.1
+[0x10283160],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; Product / platform version compatibility - S60 5.2
+[0x20022e6d],0,0,0,{
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID",
+"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+%{"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia",
+"Nokia"}
+
+; The non-localised, globally unique vendor name (mandatory)
+:"Nokia"
+
+; LIST OF FILES
+
+;///////////////////////////////////////////////
+
+; ipsecpolparser; remove later
+""-"z:\sys\bin\vpnipsecpolparser.dll"
+
+; VPN Connection Agent
+""-"z:\sys\bin\vpnconnagt.agt"
+
+; VPN Policy Parser
+""-"z:\sys\bin\ikepolparser.dll"
+
+; Symmetric crypto API wrapper
+""-"z:\sys\bin\utlcrypto.dll"
+
+; Key Management Daemon
+""-"z:\sys\bin\kmdserver.exe"
+
+; Key Management Daemon API
+""-"z:\sys\bin\kmdapi.dll"
+
+; IKEUTILS library
+""-"z:\sys\bin\ikeutils.dll"
+
+""-"z:\sys\bin\ikecert.dll"
+""-"z:\sys\bin\ikev1lib.dll"
+""-"z:\sys\bin\ikev2lib.dll"
+
+; IKE socket plugin
+""-"z:\sys\bin\ikesocket.dll"
+
+; VPN DM
+""-"z:\sys\bin\dmadengine.dll"
+""-"z:\sys\bin\dmadipsecvpn.dll"
+""-"z:\resource\plugins\dmadipsecvpn.rsc"
+""-"z:\sys\bin\dmadpki.dll"
+""-"z:\resource\plugins\dmadpki.rsc"
+
+
+; VPN API (comes with platform)
+""-"z:\sys\bin\vpnapi.dll"
+
+; VPN Management UI
+""-"z:\sys\bin\vpnmanagementui.dll"
+
+""-"z:\resource\vpnmanagementuirsc.r*"
+
+; icon and GS plugin registration file
+""-"z:\resource\apps\vpnmanagementui.mif"
+""-"z:\resource\plugins\vpnmanagementui.rsc"
+
+; VPN help resources (not localized yet)
+; Help resources should be already in ROM but content can be updated from SIS package
+""-"z:\resource\help\vpn.h*"
+
+; PKI Services Server
+""-"z:\sys\bin\pkiservice.exe"
+; PKI Services API
+""-"z:\sys\bin\pkiserviceapi.dll"
+
+; PKCS#10 Module
+""-"z:\sys\bin\utlpkcs10.dll"
+; PKCS#12 Module
+""-"z:\sys\bin\utlpkcs12.dll"
+; Base64 Module
+""-"z:\sys\bin\utlbase64.dll"
+; Socket Interaction Thread
+""-"z:\sys\bin\eventmedsit.dll"
+; Event Viewer
+""-"z:\sys\bin\eventviewer.dll"
+;
+""-"z:\resource\vpnlogmessages.rsc"
+
+; Terminal control stubs (for downwards compatibility)
+""-"z:\sys\bin\vpntcwrapper.dll"
+
+; VPN dialog manager
+""-"z:\sys\bin\vpndialogmanager.dll"
+
+; VPN ECOM Notifier plug-in
+""-"z:\sys\bin\vpnecomnotifier.dll"
+
+""-"z:\resource\plugins\vpnecomnotifier.rsc"
+
+""-"z:\resource\vpnecomnotifier.r*"
+
+; XML Parser
+""-"z:\sys\bin\utlxml.dll"
+
+""-"z:\sys\bin\vpnpolicyrecognizer.dll"
+""-"z:\resource\plugins\vpnpolicyrecognizer.rsc"
+
+""-"z:\sys\bin\vpnpolins.exe"
+""-"z:\Private\10003a3f\import\apps\vpnpolins_reg.rsc"
+; Embedded VPN Policy Installer sis file
+@"..\..\ce_sis\sub_sisses\mVPN_vpnpolins_armv5.sis",(0xA0000131)
+
+;
+; VPN Cleaner
+;
+""-"z:\sys\bin\vpncleaner.exe"
+;
+; VPN Manager
+""-"z:\sys\bin\vpnmanager.exe"
+
+; Event Mediator
+""-"z:\sys\bin\eventmed.exe"
+
+; Event Mediator API
+""-"z:\sys\bin\eventmedapi.dll"
+
+; VPN Installer
+""-"z:\sys\bin\vpnins.exe"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/stub_sis/group/stub_vpnpolins_armv5.pkg Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+;
+; Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+; All rights reserved.
+; This component and the accompanying materials are made available
+; under the terms of "Eclipse Public License v1.0"
+; which accompanies this distribution, and is available
+; at the URL "http://www.eclipse.org/legal/epl-v10.html".
+;
+; Initial Contributors:
+; Nokia Corporation - initial contribution.
+;
+; Contributors:
+;
+; Description:
+;
+;//
+;// Nokia VPN Client, VPNPolIns
+;//
+;////////////////////////////////////////////////////////////////
+
+; LANGUAGES
+; - None (English only by default)
+
+; INSTALLATION HEADER
+#{"Nokia VPN Policy Installer Stub"},(0xA0000131),32,08,0124
+
+; Product / platform version compatibility - S60 5.1 and 5.2
+[0x10283160],0,0,0,{"Series60ProductID"}
+[0x20022e6d],0,0,0,{"Series60ProductID"}
+
+; List of localised vendor names - one per language.
+; At least one must be provided (English [EN]).
+%{"Nokia"}
+
+; Unique Vendor Name
+:"Nokia"
+
+; No files!
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/stub_sis/group/update_versions.pl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,78 @@
+#
+# Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+#
+#
+# update_versions.pl
+#
+# Updates pkg-files' and vpnclient_sis.mk's version information with current date.
+# Creates temporary pkg-files with updated version.
+#
+
+use strict;
+use POSIX qw(strftime);
+use File::Copy;
+
+
+my $PLATFORM = "41";
+
+#
+# Creates a temp file and replaces line
+#
+sub replace_line_and_create_temp
+{
+ # arguments
+ my ($pattern, $replacement, $path) = @_;
+
+ # create temp file
+ my $temp_path = "temp_".$path;
+ if (-e $temp_path)
+ {
+ chmod 0666, $temp_path;
+ unlink $temp_path;
+ }
+ copy($path, $temp_path);
+ chmod 0666, $temp_path;
+
+ # update version information
+ my ($infile, $outfile);
+ open $infile, "<".$path or die "Can't open $path : $!";
+ open $outfile, ">".$temp_path or die "Can't open $temp_path : $!";
+ while (<$infile>)
+ {
+ my $line = $_;
+ if ($line =~ s/$pattern/$replacement/g)
+ {
+ print "Replaced line in $temp_path\n";
+ }
+ print $outfile $line;
+ }
+ close $infile;
+ close $outfile;
+}
+
+my $pkgtime = strftime($PLATFORM.",%y,%m%d", localtime());
+my $mktime = strftime("%y%m%d", localtime());
+
+# stub_nokia_vpn_vpnpolins_armv5.pkg
+replace_line_and_create_temp(
+ '^#{"Nokia VPN Policy Installer Stub"},\(0xA0000131\),.*?,.*?,.*?',
+ "#{\"Nokia VPN Policy Installer Stub\"},(0xA0000131),$pkgtime",
+ 'stub_vpnpolins_armv5.pkg');
+
+# stub_nokia_vpn_client_localised_armv5.pkg
+replace_line_and_create_temp(
+ '^\(0x101F5147\),.*?,.*?,.*?$',
+ "(0x101F5147),$pkgtime",
+ 'stub_nokia_vpn_client_armv5.pkg');
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnclient_sis/stub_sis/group/vpnclient_stub_sis.mk Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,56 @@
+#
+# Copyright (c) 2006 - 2008 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description:
+# This file provides the information required for building the
+# VPN Client sis files.
+#
+
+do_nothing :
+ @rem do_nothing
+
+MAKMAKE : do_nothing
+
+BLD :
+ @echo Processing stub_vpnpolins_armv5.pkg
+ makesis -v -s stub_vpnpolins_armv5.pkg ipsecvpn_vpnpolins.SIS
+
+ @echo Processing stub_nokia_vpn_client_armv5.pkg
+ makesis -v -s stub_nokia_vpn_client_armv5.pkg ipsecvpn.SIS
+
+ @echo Export stub sis files to $(EPOCROOT)epoc32\data\z\system\install
+ copy ipsecvpn_vpnpolins.SIS $(EPOCROOT)epoc32\data\z\system\install
+ copy ipsecvpn.SIS $(EPOCROOT)epoc32\data\z\system\install
+
+CLEAN :
+ if exist ipsecvpn_vpnpolins.SIS erase ipsecvpn_vpnpolins.SIS
+ if exist $(EPOCROOT)epoc32/data/z/system/install/ipsecvpn_vpnpolins.SIS erase $(EPOCROOT)epoc32/data/z/system/install/ipsecvpn_vpnpolins.SIS
+ if exist $(EPOCROOT)epoc32/data/z/system/install/ipsecvpn.SIS erase $(EPOCROOT)epoc32/data/z/system/install/ipsecvpn.SIS
+ if exist ipsecvpn.SIS erase ipsecvpn.SIS
+ if exist *BACKUP erase *BACKUP
+
+LIB : do_nothing
+
+CLEANLIB : do_nothing
+
+RESOURCE : do_nothing
+
+FREEZE : do_nothing
+
+SAVESPACE : do_nothing
+
+RELEASABLES :
+ if exist ipsecvpn.SIS @echo ipsecvpn.SIS
+ if exist ipsecvpn_vpnpolins.SIS @echo ipsecvpn_vpnpolins.SIS
+
+FINAL : do_nothing
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/BWINS/dmadengineU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,70 @@
+EXPORTS
+ ??1CDmAdCallBack@@UAE@XZ @ 1 NONAME ; CDmAdCallBack::~CDmAdCallBack(void)
+ ??1CDmAdEngine@@UAE@XZ @ 2 NONAME ; CDmAdEngine::~CDmAdEngine(void)
+ ??1CDmAdRtNode@@UAE@XZ @ 3 NONAME ; CDmAdRtNode::~CDmAdRtNode(void)
+ ?AddChildObjectL@TDmAdUtil@@SAAAVMSmlDmDDFObject@@AAV2@ABVTDesC8@@@Z @ 4 NONAME ; class MSmlDmDDFObject & TDmAdUtil::AddChildObjectL(class MSmlDmDDFObject &, class TDesC8 const &)
+ ?AddLeafObjectL@CDmAdEngine@@QAEXABVTDesC16@@0ABVTDesC8@@0H@Z @ 5 NONAME ; void CDmAdEngine::AddLeafObjectL(class TDesC16 const &, class TDesC16 const &, class TDesC8 const &, class TDesC16 const &, int)
+ ?AddNodeObjectL@CDmAdEngine@@QAEXABVTDesC16@@0H@Z @ 6 NONAME ; void CDmAdEngine::AddNodeObjectL(class TDesC16 const &, class TDesC16 const &, int)
+ ?AddNodeObjectL@CDmAdEngine@@QAEXABVTDesC8@@0H@Z @ 7 NONAME ; void CDmAdEngine::AddNodeObjectL(class TDesC8 const &, class TDesC8 const &, int)
+ ?BuildLocallyCreatedRtNodeUriSegLC@TDmAdUtil@@SAPAVHBufC8@@AAH@Z @ 8 NONAME ; class HBufC8 * TDmAdUtil::BuildLocallyCreatedRtNodeUriSegLC(int &)
+ ?BuildRtNodeChildUriListL@TDmAdUtil@@SAXPAVMDmAdCallBack@@PAVMDmAdStoreApi@@ABVTDesC8@@2ABV?$CArrayFix@UTSmlDmMappingInfo@@@@AAVCBufBase@@@Z @ 9 NONAME ; void TDmAdUtil::BuildRtNodeChildUriListL(class MDmAdCallBack *, class MDmAdStoreApi *, class TDesC8 const &, class TDesC8 const &, class CArrayFix<struct TSmlDmMappingInfo> const &, class CBufBase &)
+ ?BuildUriL@TDmAdUtil@@SAPAVHBufC8@@ABVTDesC8@@0@Z @ 10 NONAME ; class HBufC8 * TDmAdUtil::BuildUriL(class TDesC8 const &, class TDesC8 const &)
+ ?BuildUriLC@TDmAdUtil@@SAPAVHBufC8@@ABVTDesC8@@0@Z @ 11 NONAME ; class HBufC8 * TDmAdUtil::BuildUriLC(class TDesC8 const &, class TDesC8 const &)
+ ?ChildURIListL@CDmAdEngine@@QAEXABVTDesC16@@0ABV?$CArrayFix@UTSmlDmMappingInfo@@@@HH@Z @ 12 NONAME ; void CDmAdEngine::ChildURIListL(class TDesC16 const &, class TDesC16 const &, class CArrayFix<struct TSmlDmMappingInfo> const &, int, int)
+ ?ChildURIListL@CDmAdEngine@@QAEXABVTDesC8@@0ABV?$CArrayFix@UTSmlDmMappingInfo@@@@HH@Z @ 13 NONAME ; void CDmAdEngine::ChildURIListL(class TDesC8 const &, class TDesC8 const &, class CArrayFix<struct TSmlDmMappingInfo> const &, int, int)
+ ?CommitAtomicL@CDmAdEngine@@QAEXXZ @ 14 NONAME ; void CDmAdEngine::CommitAtomicL(void)
+ ?CompareUris@TDmAdUtil@@SAHABVTDesC8@@0@Z @ 15 NONAME ; int TDmAdUtil::CompareUris(class TDesC8 const &, class TDesC8 const &)
+ ?CompleteOutstandingCmdsL@CDmAdEngine@@QAEXXZ @ 16 NONAME ; void CDmAdEngine::CompleteOutstandingCmdsL(void)
+ ?CopyCommandL@CDmAdEngine@@QAEXABVTDesC8@@0000H@Z @ 17 NONAME ; void CDmAdEngine::CopyCommandL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, int)
+ ?DeleteObjectL@CDmAdEngine@@QAEXABVTDesC16@@0H@Z @ 18 NONAME ; void CDmAdEngine::DeleteObjectL(class TDesC16 const &, class TDesC16 const &, int)
+ ?DeleteObjectL@CDmAdEngine@@QAEXABVTDesC8@@0H@Z @ 19 NONAME ; void CDmAdEngine::DeleteObjectL(class TDesC8 const &, class TDesC8 const &, int)
+ ?DesToInt@TDmAdUtil@@SAHABVTDesC16@@@Z @ 20 NONAME ; int TDmAdUtil::DesToInt(class TDesC16 const &)
+ ?DesToInt@TDmAdUtil@@SAHABVTDesC8@@@Z @ 21 NONAME ; int TDmAdUtil::DesToInt(class TDesC8 const &)
+ ?DesToUint@TDmAdUtil@@SAIABVTDesC16@@@Z @ 22 NONAME ; unsigned int TDmAdUtil::DesToUint(class TDesC16 const &)
+ ?DesToUint@TDmAdUtil@@SAIABVTDesC8@@@Z @ 23 NONAME ; unsigned int TDmAdUtil::DesToUint(class TDesC8 const &)
+ ?EndMessageL@CDmAdEngine@@QAEXXZ @ 24 NONAME ; void CDmAdEngine::EndMessageL(void)
+ ?ExecuteCommandL@CDmAdEngine@@QAEXABVTDesC8@@000H@Z @ 25 NONAME ; void CDmAdEngine::ExecuteCommandL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, int)
+ ?ExecuteCommandL@CDmAdEngine@@QAEXABVTDesC8@@0AAPAVRWriteStream@@0H@Z @ 26 NONAME ; void CDmAdEngine::ExecuteCommandL(class TDesC8 const &, class TDesC8 const &, class RWriteStream * &, class TDesC8 const &, int)
+ ?FetchLeafObjectL@CDmAdEngine@@QAEXABVTDesC16@@00HH@Z @ 27 NONAME ; void CDmAdEngine::FetchLeafObjectL(class TDesC16 const &, class TDesC16 const &, class TDesC16 const &, int, int)
+ ?FetchLeafObjectL@CDmAdEngine@@QAEXABVTDesC8@@00HH@Z @ 28 NONAME ; void CDmAdEngine::FetchLeafObjectL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, int, int)
+ ?FetchLeafObjectSizeL@CDmAdEngine@@QAEXABVTDesC8@@00HH@Z @ 29 NONAME ; void CDmAdEngine::FetchLeafObjectSizeL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, int, int)
+ ?FetchLinkL@CDmAdCallBack@@UAEXABVTDesC8@@AAVCBufBase@@AAW4TError@MSmlDmAdapter@@@Z @ 30 NONAME ; void CDmAdCallBack::FetchLinkL(class TDesC8 const &, class CBufBase &, enum MSmlDmAdapter::TError &)
+ ?FillNodeInfoL@TDmAdUtil@@SAXAAVMSmlDmDDFObject@@VTSmlDmAccessTypes@@W4TOccurence@2@W4TScope@2@W4TDFFormat@2@ABVTDesC8@@H5@Z @ 31 NONAME ; void TDmAdUtil::FillNodeInfoL(class MSmlDmDDFObject &, class TSmlDmAccessTypes, enum MSmlDmDDFObject::TOccurence, enum MSmlDmDDFObject::TScope, enum MSmlDmDDFObject::TDFFormat, class TDesC8 const &, int, class TDesC8 const &)
+ ?FindChildUriL@CDmAdCallBack@@UAEPAVHBufC8@@ABVTDesC8@@0@Z @ 32 NONAME ; class HBufC8 * CDmAdCallBack::FindChildUriL(class TDesC8 const &, class TDesC8 const &)
+ ?FirstUriSeg@TDmAdUtil@@SA?AVTPtrC8@@ABVTDesC8@@@Z @ 33 NONAME ; class TPtrC8 TDmAdUtil::FirstUriSeg(class TDesC8 const &)
+ ?GetLuidAllocL@CDmAdCallBack@@UAEPAVHBufC8@@ABVTDesC8@@@Z @ 34 NONAME ; class HBufC8 * CDmAdCallBack::GetLuidAllocL(class TDesC8 const &)
+ ?IntToDes8LC@TDmAdUtil@@SAPAVHBufC8@@H@Z @ 35 NONAME ; class HBufC8 * TDmAdUtil::IntToDes8LC(int)
+ ?IntToDes8LC@TDmAdUtil@@SAPAVHBufC8@@I@Z @ 36 NONAME ; class HBufC8 * TDmAdUtil::IntToDes8LC(unsigned int)
+ ?IntToDes8LC@TDmAdUtil@@SAPAVHBufC8@@J@Z @ 37 NONAME ; class HBufC8 * TDmAdUtil::IntToDes8LC(long)
+ ?IntToDes8LC@TDmAdUtil@@SAPAVHBufC8@@K@Z @ 38 NONAME ; class HBufC8 * TDmAdUtil::IntToDes8LC(unsigned long)
+ ?IntToDesLC@TDmAdUtil@@SAPAVHBufC16@@H@Z @ 39 NONAME ; class HBufC16 * TDmAdUtil::IntToDesLC(int)
+ ?IntToDesLC@TDmAdUtil@@SAPAVHBufC16@@I@Z @ 40 NONAME ; class HBufC16 * TDmAdUtil::IntToDesLC(unsigned int)
+ ?IntToDesLC@TDmAdUtil@@SAPAVHBufC16@@J@Z @ 41 NONAME ; class HBufC16 * TDmAdUtil::IntToDesLC(long)
+ ?IntToDesLC@TDmAdUtil@@SAPAVHBufC16@@K@Z @ 42 NONAME ; class HBufC16 * TDmAdUtil::IntToDesLC(unsigned long)
+ ?LastUriSeg@TDmAdUtil@@SA?AVTPtrC8@@ABVTDesC8@@@Z @ 43 NONAME ; class TPtrC8 TDmAdUtil::LastUriSeg(class TDesC8 const &)
+ ?Luid@CDmAdRtNode@@QBE?AVTPtrC8@@XZ @ 44 NONAME ; class TPtrC8 CDmAdRtNode::Luid(void) const
+ ?LuidTo16L@TDmAdUtil@@SAPAVHBufC16@@ABVTDesC8@@@Z @ 45 NONAME ; class HBufC16 * TDmAdUtil::LuidTo16L(class TDesC8 const &)
+ ?LuidTo8L@TDmAdUtil@@SAPAVHBufC8@@ABVTDesC16@@@Z @ 46 NONAME ; class HBufC8 * TDmAdUtil::LuidTo8L(class TDesC16 const &)
+ ?MapStatusCode@TDmAdUtil@@SA?AW4TError@MSmlDmAdapter@@H@Z @ 47 NONAME ; enum MSmlDmAdapter::TError TDmAdUtil::MapStatusCode(int)
+ ?NewL@CDmAdCallBack@@SAPAV1@PAVMSmlDmCallback@@ABVTDesC8@@@Z @ 48 NONAME ; class CDmAdCallBack * CDmAdCallBack::NewL(class MSmlDmCallback *, class TDesC8 const &)
+ ?NewL@CDmAdEngine@@SAPAV1@PAVMDmAdCallBack@@PAVMDmAdStoreApi@@PAVMDmAdDdfApi@@PAVMDmAdRtNodeDataApi@@@Z @ 49 NONAME ; class CDmAdEngine * CDmAdEngine::NewL(class MDmAdCallBack *, class MDmAdStoreApi *, class MDmAdDdfApi *, class MDmAdRtNodeDataApi *)
+ ?NewL@CDmAdRtNode@@SAPAV1@ABVTDesC8@@0PAVMDmAdCallBack@@PAVMDmAdRtNodeDataApi@@@Z @ 50 NONAME ; class CDmAdRtNode * CDmAdRtNode::NewL(class TDesC8 const &, class TDesC8 const &, class MDmAdCallBack *, class MDmAdRtNodeDataApi *)
+ ?NewLC@CDmAdCallBack@@SAPAV1@PAVMSmlDmCallback@@ABVTDesC8@@@Z @ 51 NONAME ; class CDmAdCallBack * CDmAdCallBack::NewLC(class MSmlDmCallback *, class TDesC8 const &)
+ ?NewLC@CDmAdEngine@@SAPAV1@PAVMDmAdCallBack@@PAVMDmAdStoreApi@@PAVMDmAdDdfApi@@PAVMDmAdRtNodeDataApi@@@Z @ 52 NONAME ; class CDmAdEngine * CDmAdEngine::NewLC(class MDmAdCallBack *, class MDmAdStoreApi *, class MDmAdDdfApi *, class MDmAdRtNodeDataApi *)
+ ?NumOfURISegs@TDmAdUtil@@SAHABVTDesC8@@@Z @ 53 NONAME ; int TDmAdUtil::NumOfURISegs(class TDesC8 const &)
+ ?ParseUriLC@TDmAdUtil@@SAXABVTDesC8@@AAPAV?$CArrayFix@VTPtrC8@@@@@Z @ 54 NONAME ; void TDmAdUtil::ParseUriLC(class TDesC8 const &, class CArrayFix<class TPtrC8> * &)
+ ?RemoveDotSlash@TDmAdUtil@@SA?AVTPtrC8@@ABVTDesC8@@@Z @ 55 NONAME ; class TPtrC8 TDmAdUtil::RemoveDotSlash(class TDesC8 const &)
+ ?RemoveLastUriSeg@TDmAdUtil@@SA?AVTPtrC8@@ABVTDesC8@@@Z @ 56 NONAME ; class TPtrC8 TDmAdUtil::RemoveLastUriSeg(class TDesC8 const &)
+ ?RollbackAtomicL@CDmAdEngine@@QAEXXZ @ 57 NONAME ; void CDmAdEngine::RollbackAtomicL(void)
+ ?SetLuidL@CDmAdRtNode@@QAEXABVTDesC8@@@Z @ 58 NONAME ; void CDmAdRtNode::SetLuidL(class TDesC8 const &)
+ ?SetMappingL@CDmAdCallBack@@UAEXABVTDesC8@@0@Z @ 59 NONAME ; void CDmAdCallBack::SetMappingL(class TDesC8 const &, class TDesC8 const &)
+ ?SetResultsL@CDmAdCallBack@@UAEXHAAVCBufBase@@ABVTDesC8@@@Z @ 60 NONAME ; void CDmAdCallBack::SetResultsL(int, class CBufBase &, class TDesC8 const &)
+ ?SetStatusL@CDmAdCallBack@@UAEXHH@Z @ 61 NONAME ; void CDmAdCallBack::SetStatusL(int, int)
+ ?StartAtomicL@CDmAdEngine@@QAEXXZ @ 62 NONAME ; void CDmAdEngine::StartAtomicL(void)
+ ?StreamCommittedL@CDmAdEngine@@QAEXXZ @ 63 NONAME ; void CDmAdEngine::StreamCommittedL(void)
+ ?StreamingSupport@CDmAdEngine@@QAEHAAH@Z @ 64 NONAME ; int CDmAdEngine::StreamingSupport(int &)
+ ?UpdateLeafObjectL@CDmAdEngine@@QAEXABVTDesC16@@0ABVTDesC8@@0H@Z @ 65 NONAME ; void CDmAdEngine::UpdateLeafObjectL(class TDesC16 const &, class TDesC16 const &, class TDesC8 const &, class TDesC16 const &, int)
+ ?UpdateLeafObjectL@CDmAdEngine@@QAEXABVTDesC8@@000H@Z @ 66 NONAME ; void CDmAdEngine::UpdateLeafObjectL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, int)
+ ?UpdateLeafObjectL@CDmAdEngine@@QAEXABVTDesC8@@0AAPAVRWriteStream@@0H@Z @ 67 NONAME ; void CDmAdEngine::UpdateLeafObjectL(class TDesC8 const &, class TDesC8 const &, class RWriteStream * &, class TDesC8 const &, int)
+ ?Uri@CDmAdRtNode@@QBE?AVTPtrC8@@XZ @ 68 NONAME ; class TPtrC8 CDmAdRtNode::Uri(void) const
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/EABI/dmadengineU.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+EXPORTS
+ _ZN11CDmAdEngine11EndMessageLEv @ 1 NONAME
+ _ZN11CDmAdEngine12CopyCommandLERK6TDesC8S2_S2_S2_S2_i @ 2 NONAME
+ _ZN11CDmAdEngine12StartAtomicLEv @ 3 NONAME
+ _ZN11CDmAdEngine13ChildURIListLERK6TDesC8S2_RK9CArrayFixI17TSmlDmMappingInfoEii @ 4 NONAME
+ _ZN11CDmAdEngine13ChildURIListLERK7TDesC16S2_RK9CArrayFixI17TSmlDmMappingInfoEii @ 5 NONAME
+ _ZN11CDmAdEngine13CommitAtomicLEv @ 6 NONAME
+ _ZN11CDmAdEngine13DeleteObjectLERK6TDesC8S2_i @ 7 NONAME
+ _ZN11CDmAdEngine13DeleteObjectLERK7TDesC16S2_i @ 8 NONAME
+ _ZN11CDmAdEngine14AddLeafObjectLERK7TDesC16S2_RK6TDesC8S2_i @ 9 NONAME
+ _ZN11CDmAdEngine14AddNodeObjectLERK6TDesC8S2_i @ 10 NONAME
+ _ZN11CDmAdEngine14AddNodeObjectLERK7TDesC16S2_i @ 11 NONAME
+ _ZN11CDmAdEngine15ExecuteCommandLERK6TDesC8S2_RP12RWriteStreamS2_i @ 12 NONAME
+ _ZN11CDmAdEngine15ExecuteCommandLERK6TDesC8S2_S2_S2_i @ 13 NONAME
+ _ZN11CDmAdEngine15RollbackAtomicLEv @ 14 NONAME
+ _ZN11CDmAdEngine16FetchLeafObjectLERK6TDesC8S2_S2_ii @ 15 NONAME
+ _ZN11CDmAdEngine16FetchLeafObjectLERK7TDesC16S2_S2_ii @ 16 NONAME
+ _ZN11CDmAdEngine16StreamCommittedLEv @ 17 NONAME
+ _ZN11CDmAdEngine16StreamingSupportERi @ 18 NONAME
+ _ZN11CDmAdEngine17UpdateLeafObjectLERK6TDesC8S2_RP12RWriteStreamS2_i @ 19 NONAME
+ _ZN11CDmAdEngine17UpdateLeafObjectLERK6TDesC8S2_S2_S2_i @ 20 NONAME
+ _ZN11CDmAdEngine17UpdateLeafObjectLERK7TDesC16S2_RK6TDesC8S2_i @ 21 NONAME
+ _ZN11CDmAdEngine20FetchLeafObjectSizeLERK6TDesC8S2_S2_ii @ 22 NONAME
+ _ZN11CDmAdEngine24CompleteOutstandingCmdsLEv @ 23 NONAME
+ _ZN11CDmAdEngine4NewLEP13MDmAdCallBackP13MDmAdStoreApiP11MDmAdDdfApiP18MDmAdRtNodeDataApi @ 24 NONAME
+ _ZN11CDmAdEngine5NewLCEP13MDmAdCallBackP13MDmAdStoreApiP11MDmAdDdfApiP18MDmAdRtNodeDataApi @ 25 NONAME
+ _ZN11CDmAdEngineD0Ev @ 26 NONAME
+ _ZN11CDmAdEngineD1Ev @ 27 NONAME
+ _ZN11CDmAdEngineD2Ev @ 28 NONAME
+ _ZN11CDmAdRtNode4NewLERK6TDesC8S2_P13MDmAdCallBackP18MDmAdRtNodeDataApi @ 29 NONAME
+ _ZN11CDmAdRtNode8SetLuidLERK6TDesC8 @ 30 NONAME
+ _ZN11CDmAdRtNodeD0Ev @ 31 NONAME
+ _ZN11CDmAdRtNodeD1Ev @ 32 NONAME
+ _ZN11CDmAdRtNodeD2Ev @ 33 NONAME
+ _ZN13CDmAdCallBack10FetchLinkLERK6TDesC8R8CBufBaseRN13MSmlDmAdapter6TErrorE @ 34 NONAME
+ _ZN13CDmAdCallBack10SetStatusLEii @ 35 NONAME
+ _ZN13CDmAdCallBack11SetMappingLERK6TDesC8S2_ @ 36 NONAME
+ _ZN13CDmAdCallBack11SetResultsLEiR8CBufBaseRK6TDesC8 @ 37 NONAME
+ _ZN13CDmAdCallBack13FindChildUriLERK6TDesC8S2_ @ 38 NONAME
+ _ZN13CDmAdCallBack13GetLuidAllocLERK6TDesC8 @ 39 NONAME
+ _ZN13CDmAdCallBack4NewLEP14MSmlDmCallbackRK6TDesC8 @ 40 NONAME
+ _ZN13CDmAdCallBack5NewLCEP14MSmlDmCallbackRK6TDesC8 @ 41 NONAME
+ _ZN13CDmAdCallBackD0Ev @ 42 NONAME
+ _ZN13CDmAdCallBackD1Ev @ 43 NONAME
+ _ZN13CDmAdCallBackD2Ev @ 44 NONAME
+ _ZN9TDmAdUtil10BuildUriLCERK6TDesC8S2_ @ 45 NONAME
+ _ZN9TDmAdUtil10IntToDesLCEi @ 46 NONAME
+ _ZN9TDmAdUtil10IntToDesLCEj @ 47 NONAME
+ _ZN9TDmAdUtil10IntToDesLCEl @ 48 NONAME
+ _ZN9TDmAdUtil10IntToDesLCEm @ 49 NONAME
+ _ZN9TDmAdUtil10LastUriSegERK6TDesC8 @ 50 NONAME
+ _ZN9TDmAdUtil10ParseUriLCERK6TDesC8RP9CArrayFixI6TPtrC8E @ 51 NONAME
+ _ZN9TDmAdUtil11CompareUrisERK6TDesC8S2_ @ 52 NONAME
+ _ZN9TDmAdUtil11FirstUriSegERK6TDesC8 @ 53 NONAME
+ _ZN9TDmAdUtil11IntToDes8LCEi @ 54 NONAME
+ _ZN9TDmAdUtil11IntToDes8LCEj @ 55 NONAME
+ _ZN9TDmAdUtil11IntToDes8LCEl @ 56 NONAME
+ _ZN9TDmAdUtil11IntToDes8LCEm @ 57 NONAME
+ _ZN9TDmAdUtil12NumOfURISegsERK6TDesC8 @ 58 NONAME
+ _ZN9TDmAdUtil13FillNodeInfoLER15MSmlDmDDFObject17TSmlDmAccessTypesNS0_10TOccurenceENS0_6TScopeENS0_9TDFFormatERK6TDesC8iS8_ @ 59 NONAME
+ _ZN9TDmAdUtil13MapStatusCodeEi @ 60 NONAME
+ _ZN9TDmAdUtil14RemoveDotSlashERK6TDesC8 @ 61 NONAME
+ _ZN9TDmAdUtil15AddChildObjectLER15MSmlDmDDFObjectRK6TDesC8 @ 62 NONAME
+ _ZN9TDmAdUtil16RemoveLastUriSegERK6TDesC8 @ 63 NONAME
+ _ZN9TDmAdUtil24BuildRtNodeChildUriListLEP13MDmAdCallBackP13MDmAdStoreApiRK6TDesC8S6_RK9CArrayFixI17TSmlDmMappingInfoER8CBufBase @ 64 NONAME
+ _ZN9TDmAdUtil33BuildLocallyCreatedRtNodeUriSegLCERi @ 65 NONAME
+ _ZN9TDmAdUtil8DesToIntERK6TDesC8 @ 66 NONAME
+ _ZN9TDmAdUtil8DesToIntERK7TDesC16 @ 67 NONAME
+ _ZN9TDmAdUtil8LuidTo8LERK7TDesC16 @ 68 NONAME
+ _ZN9TDmAdUtil9BuildUriLERK6TDesC8S2_ @ 69 NONAME
+ _ZN9TDmAdUtil9DesToUintERK6TDesC8 @ 70 NONAME
+ _ZN9TDmAdUtil9DesToUintERK7TDesC16 @ 71 NONAME
+ _ZN9TDmAdUtil9LuidTo16LERK6TDesC8 @ 72 NONAME
+ _ZNK11CDmAdRtNode3UriEv @ 73 NONAME
+ _ZNK11CDmAdRtNode4LuidEv @ 74 NONAME
+ _ZTI11CDmAdEngine @ 75 NONAME ; #<TI>#
+ _ZTI11CDmAdRtNode @ 76 NONAME ; #<TI>#
+ _ZTI12CDmAdCommand @ 77 NONAME ; #<TI>#
+ _ZTI13CDmAdCallBack @ 78 NONAME ; #<TI>#
+ _ZTV11CDmAdEngine @ 79 NONAME ; #<VT>#
+ _ZTV11CDmAdRtNode @ 80 NONAME ; #<VT>#
+ _ZTV12CDmAdCommand @ 81 NONAME ; #<VT>#
+ _ZTV13CDmAdCallBack @ 82 NONAME ; #<VT>#
+ _ZThn4_N13CDmAdCallBack10FetchLinkLERK6TDesC8R8CBufBaseRN13MSmlDmAdapter6TErrorE @ 83 NONAME ; #<thunk>#
+ _ZThn4_N13CDmAdCallBack10SetStatusLEii @ 84 NONAME ; #<thunk>#
+ _ZThn4_N13CDmAdCallBack11SetMappingLERK6TDesC8S2_ @ 85 NONAME ; #<thunk>#
+ _ZThn4_N13CDmAdCallBack11SetResultsLEiR8CBufBaseRK6TDesC8 @ 86 NONAME ; #<thunk>#
+ _ZThn4_N13CDmAdCallBack13FindChildUriLERK6TDesC8S2_ @ 87 NONAME ; #<thunk>#
+ _ZThn4_N13CDmAdCallBack13GetLuidAllocLERK6TDesC8 @ 88 NONAME ; #<thunk>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/bmarm/DMADENGINEU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,76 @@
+EXPORTS
+ "_._13CDmAdLuidElem" @ 1 NONAME R3UNUSED ; CDmAdLuidElem::~CDmAdLuidElem(void)
+ AddLeafObjectL__11CDmAdEngineRC7TDesC16T1RC6TDesC8T1i @ 2 NONAME ; CDmAdEngine::AddLeafObjectL(TDesC16 const &, TDesC16 const &, TDesC8 const &, TDesC16 const &, int)
+ AddNodeObjectL__11CDmAdEngineRC6TDesC8T1i @ 3 NONAME ; CDmAdEngine::AddNodeObjectL(TDesC8 const &, TDesC8 const &, int)
+ AddNodeObjectL__11CDmAdEngineRC7TDesC16T1i @ 4 NONAME ; CDmAdEngine::AddNodeObjectL(TDesC16 const &, TDesC16 const &, int)
+ BuildLocallyCreatedRtNodeUriSegLC__9TDmAdUtilRi @ 5 NONAME R3UNUSED ; TDmAdUtil::BuildLocallyCreatedRtNodeUriSegLC(int &)
+ BuildRtNodeChildUriListL__9TDmAdUtilP13MDmAdCallBackP13MDmAdStoreApiRC6TDesC8T3RCt9CArrayFix1Z18TNSmlDmMappingInfoR8CBufBase @ 6 NONAME ; TDmAdUtil::BuildRtNodeChildUriListL(MDmAdCallBack *, MDmAdStoreApi *, TDesC8 const &, TDesC8 const &, CArrayFix<TNSmlDmMappingInfo> const &, CBufBase &)
+ BuildUriLC__9TDmAdUtilRC6TDesC8T1 @ 7 NONAME R3UNUSED ; TDmAdUtil::BuildUriLC(TDesC8 const &, TDesC8 const &)
+ BuildUriL__9TDmAdUtilRC6TDesC8T1 @ 8 NONAME R3UNUSED ; TDmAdUtil::BuildUriL(TDesC8 const &, TDesC8 const &)
+ ChildURIListL__11CDmAdEngineRC6TDesC8T1RCt9CArrayFix1Z18TNSmlDmMappingInfoii @ 9 NONAME ; CDmAdEngine::ChildURIListL(TDesC8 const &, TDesC8 const &, CArrayFix<TNSmlDmMappingInfo> const &, int, int)
+ ChildURIListL__11CDmAdEngineRC7TDesC16T1RCt9CArrayFix1Z18TNSmlDmMappingInfoii @ 10 NONAME ; CDmAdEngine::ChildURIListL(TDesC16 const &, TDesC16 const &, CArrayFix<TNSmlDmMappingInfo> const &, int, int)
+ CleanupOperationDeleteCArrayPtr__13CDmAdLuidElemPv @ 11 NONAME R3UNUSED ; CDmAdLuidElem::CleanupOperationDeleteCArrayPtr(void *)
+ CommitAtomicL__11CDmAdEngine @ 12 NONAME R3UNUSED ; CDmAdEngine::CommitAtomicL(void)
+ CompareUris__9TDmAdUtilRC6TDesC8T1 @ 13 NONAME R3UNUSED ; TDmAdUtil::CompareUris(TDesC8 const &, TDesC8 const &)
+ CompleteOutstandingCmdsL__11CDmAdEngine @ 14 NONAME R3UNUSED ; CDmAdEngine::CompleteOutstandingCmdsL(void)
+ CopyCommandL__11CDmAdEngineRC6TDesC8N41i @ 15 NONAME ; CDmAdEngine::CopyCommandL(TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &, int)
+ DeleteObjectL__11CDmAdEngineRC6TDesC8T1i @ 16 NONAME ; CDmAdEngine::DeleteObjectL(TDesC8 const &, TDesC8 const &, int)
+ DeleteObjectL__11CDmAdEngineRC7TDesC16T1i @ 17 NONAME ; CDmAdEngine::DeleteObjectL(TDesC16 const &, TDesC16 const &, int)
+ DesToInt__9TDmAdUtilRC6TDesC8 @ 18 NONAME R3UNUSED ; TDmAdUtil::DesToInt(TDesC8 const &)
+ DesToInt__9TDmAdUtilRC7TDesC16 @ 19 NONAME R3UNUSED ; TDmAdUtil::DesToInt(TDesC16 const &)
+ DesToUint__9TDmAdUtilRC6TDesC8 @ 20 NONAME R3UNUSED ; TDmAdUtil::DesToUint(TDesC8 const &)
+ DesToUint__9TDmAdUtilRC7TDesC16 @ 21 NONAME R3UNUSED ; TDmAdUtil::DesToUint(TDesC16 const &)
+ EndMessageL__11CDmAdEngine @ 22 NONAME R3UNUSED ; CDmAdEngine::EndMessageL(void)
+ ExecuteCommandL__11CDmAdEngineRC6TDesC8N31i @ 23 NONAME ; CDmAdEngine::ExecuteCommandL(TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &, int)
+ ExecuteCommandL__11CDmAdEngineRC6TDesC8T1RP12RWriteStreamT1i @ 24 NONAME ; CDmAdEngine::ExecuteCommandL(TDesC8 const &, TDesC8 const &, RWriteStream *&, TDesC8 const &, int)
+ FetchLeafObjectL__11CDmAdEngineRC6TDesC8N21ii @ 25 NONAME ; CDmAdEngine::FetchLeafObjectL(TDesC8 const &, TDesC8 const &, TDesC8 const &, int, int)
+ FetchLeafObjectL__11CDmAdEngineRC7TDesC16N21ii @ 26 NONAME ; CDmAdEngine::FetchLeafObjectL(TDesC16 const &, TDesC16 const &, TDesC16 const &, int, int)
+ FetchLeafObjectSizeL__11CDmAdEngineRC6TDesC8N21ii @ 27 NONAME ; CDmAdEngine::FetchLeafObjectSizeL(TDesC8 const &, TDesC8 const &, TDesC8 const &, int, int)
+ FetchLinkL__13CDmAdCallBackRC6TDesC8R8CBufBaseRQ214CNSmlDmAdapter6TError @ 28 NONAME ; CDmAdCallBack::FetchLinkL(TDesC8 const &, CBufBase &, CNSmlDmAdapter::TError &)
+ FillNodeInfoL__9TDmAdUtilR16MNSmlDmDDFObjectG18TNSmlDmAccessTypesQ216MNSmlDmDDFObject10TOccurenceQ216MNSmlDmDDFObject6TScopeQ216MNSmlDmDDFObject9TDFFormatRC6TDesC8iT6 @ 29 NONAME ; TDmAdUtil::FillNodeInfoL(MNSmlDmDDFObject &, TNSmlDmAccessTypes, MNSmlDmDDFObject::TOccurence, MNSmlDmDDFObject::TScope, MNSmlDmDDFObject::TDFFormat, TDesC8 const &, int, TDesC8 const &)
+ FindChildUriL__13CDmAdCallBackRC6TDesC8T1 @ 30 NONAME R3UNUSED ; CDmAdCallBack::FindChildUriL(TDesC8 const &, TDesC8 const &)
+ FindLargestLocallyCreatedL__9TDmAdUtilRCt9CArrayFix1Z18TNSmlDmMappingInfo @ 31 NONAME R3UNUSED ; TDmAdUtil::FindLargestLocallyCreatedL(CArrayFix<TNSmlDmMappingInfo> const &)
+ FirstUriSeg__9TDmAdUtilRC6TDesC8 @ 32 NONAME R3UNUSED ; TDmAdUtil::FirstUriSeg(TDesC8 const &)
+ GetLuidAllocL__13CDmAdCallBackRC6TDesC8 @ 33 NONAME R3UNUSED ; CDmAdCallBack::GetLuidAllocL(TDesC8 const &)
+ IntToDes8LC__9TDmAdUtilUi @ 34 NONAME R3UNUSED ; TDmAdUtil::IntToDes8LC(unsigned int)
+ IntToDes8LC__9TDmAdUtili @ 35 NONAME R3UNUSED ; TDmAdUtil::IntToDes8LC(int)
+ IntToDesLC__9TDmAdUtilUi @ 36 NONAME R3UNUSED ; TDmAdUtil::IntToDesLC(unsigned int)
+ IntToDesLC__9TDmAdUtili @ 37 NONAME R3UNUSED ; TDmAdUtil::IntToDesLC(int)
+ LastUriSeg__9TDmAdUtilRC6TDesC8 @ 38 NONAME R3UNUSED ; TDmAdUtil::LastUriSeg(TDesC8 const &)
+ LuidTo16L__9TDmAdUtilRC6TDesC8 @ 39 NONAME R3UNUSED ; TDmAdUtil::LuidTo16L(TDesC8 const &)
+ LuidTo8L__9TDmAdUtilRC7TDesC16 @ 40 NONAME R3UNUSED ; TDmAdUtil::LuidTo8L(TDesC16 const &)
+ Luid__C11CDmAdRtNode @ 41 NONAME R3UNUSED ; CDmAdRtNode::Luid(void) const
+ Luid__C13CDmAdLuidElem @ 42 NONAME R3UNUSED ; CDmAdLuidElem::Luid(void) const
+ MapStatusCode__9TDmAdUtili @ 43 NONAME R3UNUSED ; TDmAdUtil::MapStatusCode(int)
+ NewLC__11CDmAdEngineP13MDmAdCallBackP13MDmAdStoreApiP11MDmAdDdfApiP18MDmAdRtNodeDataApiRC7TDesC16 @ 44 NONAME ; CDmAdEngine::NewLC(MDmAdCallBack *, MDmAdStoreApi *, MDmAdDdfApi *, MDmAdRtNodeDataApi *, TDesC16 const &)
+ NewLC__13CDmAdCallBackP15MNSmlDmCallbackRC6TDesC8 @ 45 NONAME R3UNUSED ; CDmAdCallBack::NewLC(MNSmlDmCallback *, TDesC8 const &)
+ NewLC__13CDmAdLuidElemRC6TDesC8 @ 46 NONAME R3UNUSED ; CDmAdLuidElem::NewLC(TDesC8 const &)
+ NewL__11CDmAdEngineP13MDmAdCallBackP13MDmAdStoreApiP11MDmAdDdfApiP18MDmAdRtNodeDataApiRC7TDesC16 @ 47 NONAME ; CDmAdEngine::NewL(MDmAdCallBack *, MDmAdStoreApi *, MDmAdDdfApi *, MDmAdRtNodeDataApi *, TDesC16 const &)
+ NewL__11CDmAdRtNodeRC6TDesC8T1P13MDmAdCallBackP18MDmAdRtNodeDataApi @ 48 NONAME ; CDmAdRtNode::NewL(TDesC8 const &, TDesC8 const &, MDmAdCallBack *, MDmAdRtNodeDataApi *)
+ NewL__13CDmAdCallBackP15MNSmlDmCallbackRC6TDesC8 @ 49 NONAME R3UNUSED ; CDmAdCallBack::NewL(MNSmlDmCallback *, TDesC8 const &)
+ NewL__13CDmAdLuidElemRC6TDesC8 @ 50 NONAME R3UNUSED ; CDmAdLuidElem::NewL(TDesC8 const &)
+ NumOfURISegs__9TDmAdUtilRC6TDesC8 @ 51 NONAME R3UNUSED ; TDmAdUtil::NumOfURISegs(TDesC8 const &)
+ ParseUriLC__9TDmAdUtilRC6TDesC8RPt9CArrayFix1Z6TPtrC8 @ 52 NONAME R3UNUSED ; TDmAdUtil::ParseUriLC(TDesC8 const &, CArrayFix<TPtrC8> *&)
+ RemoveDotSlash__9TDmAdUtilRC6TDesC8 @ 53 NONAME R3UNUSED ; TDmAdUtil::RemoveDotSlash(TDesC8 const &)
+ RemoveLastUriSeg__9TDmAdUtilRC6TDesC8 @ 54 NONAME R3UNUSED ; TDmAdUtil::RemoveLastUriSeg(TDesC8 const &)
+ RollbackAtomicL__11CDmAdEngine @ 55 NONAME R3UNUSED ; CDmAdEngine::RollbackAtomicL(void)
+ SetLuidL__11CDmAdRtNodeRC6TDesC8 @ 56 NONAME R3UNUSED ; CDmAdRtNode::SetLuidL(TDesC8 const &)
+ SetMappingL__13CDmAdCallBackRC6TDesC8T1 @ 57 NONAME R3UNUSED ; CDmAdCallBack::SetMappingL(TDesC8 const &, TDesC8 const &)
+ SetResultsL__13CDmAdCallBackiR8CBufBaseRC6TDesC8 @ 58 NONAME ; CDmAdCallBack::SetResultsL(int, CBufBase &, TDesC8 const &)
+ SetStatusL__13CDmAdCallBackii @ 59 NONAME R3UNUSED ; CDmAdCallBack::SetStatusL(int, int)
+ StartAtomicL__11CDmAdEngine @ 60 NONAME R3UNUSED ; CDmAdEngine::StartAtomicL(void)
+ StreamCommittedL__11CDmAdEngine @ 61 NONAME R3UNUSED ; CDmAdEngine::StreamCommittedL(void)
+ StreamingSupport__11CDmAdEngineRi @ 62 NONAME R3UNUSED ; CDmAdEngine::StreamingSupport(int &)
+ UpdateLeafObjectL__11CDmAdEngineRC6TDesC8N31i @ 63 NONAME ; CDmAdEngine::UpdateLeafObjectL(TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &, int)
+ UpdateLeafObjectL__11CDmAdEngineRC6TDesC8T1RP12RWriteStreamT1i @ 64 NONAME ; CDmAdEngine::UpdateLeafObjectL(TDesC8 const &, TDesC8 const &, RWriteStream *&, TDesC8 const &, int)
+ UpdateLeafObjectL__11CDmAdEngineRC7TDesC16T1RC6TDesC8T1i @ 65 NONAME ; CDmAdEngine::UpdateLeafObjectL(TDesC16 const &, TDesC16 const &, TDesC8 const &, TDesC16 const &, int)
+ Uri__C11CDmAdRtNode @ 66 NONAME R3UNUSED ; CDmAdRtNode::Uri(void) const
+ "_._11CDmAdEngine" @ 67 NONAME R3UNUSED ; CDmAdEngine::~CDmAdEngine(void)
+ "_._11CDmAdRtNode" @ 68 NONAME R3UNUSED ; CDmAdRtNode::~CDmAdRtNode(void)
+ "_._13CDmAdCallBack" @ 69 NONAME R3UNUSED ; CDmAdCallBack::~CDmAdCallBack(void)
+ AddChildObjectL__9TDmAdUtilR16MNSmlDmDDFObjectRC6TDesC8 @ 70 NONAME R3UNUSED ; TDmAdUtil::AddChildObjectL(MNSmlDmDDFObject &, TDesC8 const &)
+ IntToDes8LC__9TDmAdUtilUl @ 71 NONAME R3UNUSED ; TDmAdUtil::IntToDes8LC(unsigned long)
+ IntToDes8LC__9TDmAdUtill @ 72 NONAME R3UNUSED ; TDmAdUtil::IntToDes8LC(long)
+ IntToDesLC__9TDmAdUtilUl @ 73 NONAME R3UNUSED ; TDmAdUtil::IntToDesLC(unsigned long)
+ IntToDesLC__9TDmAdUtill @ 74 NONAME R3UNUSED ; TDmAdUtil::IntToDesLC(long)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,24 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_MMPFILES
+dmadengine.mmp
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/group/dmadengine.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project dmadengine
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET dmadengine.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x20000247
+
+CAPABILITY CAP_ECOM_PLUGIN
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE dmadcallback.cpp
+SOURCE dmadcommand.cpp
+SOURCE dmadengine.cpp
+SOURCE dmadenginenewapi.cpp
+SOURCE dmadrtnode.cpp
+SOURCE dmadutil.cpp
+
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/ecom
+
+LIBRARY euser.lib
+LIBRARY charconv.lib
+LIBRARY sysutil.lib
+LIBRARY ecom.lib
+
+DEBUGLIBRARY flogger.lib
+
+MACRO DMAD_ENGINE_EXPORT
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/DmAdRtNode.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,71 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdRtNode.
+*
+*/
+
+
+
+#ifndef __DMADRTNODE_H__
+#define __DMADRTNODE_H__
+
+#include <e32base.h>
+
+#include "dmadengineexportdef.h"
+#include "dmadcallback.h"
+#include "dmadcommand.h"
+#include "dmadrtnodedataapi.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdRtNode
+//------------------------------------------------------------------------------------------------
+class CDmAdRtNode : public CBase
+ {
+public:
+ DMAD_IMPORT_C static CDmAdRtNode* NewL(const TDesC8& aUri, const TDesC8& aLuid, MDmAdCallBack* aCallBack, MDmAdRtNodeDataApi* aRtNodeDataApi);
+ DMAD_IMPORT_C ~CDmAdRtNode();
+ DMAD_IMPORT_C TPtrC8 Uri(void) const;
+ DMAD_IMPORT_C TPtrC8 Luid(void) const;
+ DMAD_IMPORT_C void SetLuidL(const TDesC8& aLuid);
+ static void CleanupOperationDeleteCArrayPtr(TAny* aPtr);
+ void AppendCommandL(CDmAdCommand* aCommand);
+ void AddLeafObjectL(const TDesC8& aUri, const TDesC8& aObject, TInt aStatusRef);
+ void UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aObject, TInt aStatusRef);
+ TBool IsSomeChild(const TDesC8& aSomeParentUri) const;
+ TBool AreUriTypesSame(const TDesC8& aUri);
+
+ inline CArrayPtr<CDmAdCommand>* Commands(void) const;
+ inline TBool IsSomeLeafAddedToRtNode(void) const;
+ inline TBool IsJustFetched(void) const;
+ inline CDmAdRtNodeData* Data(void) const;
+ inline void SetSomeLeafAddedToRtNode(TBool aSomeLeafAddedToRtNode);
+
+private:
+ CDmAdRtNode(MDmAdRtNodeDataApi* aRtNodeDataApi);
+ void ConstructL(const TDesC8& aUri, const TDesC8& aLuid, MDmAdCallBack* aCallBack);
+
+private:
+ MDmAdRtNodeDataApi* iRtNodeDataApi;
+
+ CArrayPtr<CDmAdCommand>* iCommands;
+ HBufC8* iUri;
+ HBufC8* iLuid;
+ TBool iSomeLeafAddedToRtNode;
+ TBool iJustFetched;
+ CDmAdRtNodeData* iData;
+ };
+
+#include "dmadrtnode.inl"
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadcallback.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Call back interface
+*
+*/
+
+
+
+#ifndef __DMADCALLBACK_H__
+#define __DMADCALLBACK_H__
+
+#include <smldmadapter.h>
+
+//------------------------------------------------------------------------------------------------
+// MDmAdCallBack
+//------------------------------------------------------------------------------------------------
+class MDmAdCallBack
+ {
+ public:
+ virtual void SetResultsL(TInt aResultsRef, CBufBase& aObject, const TDesC8& aType) = 0;
+ virtual void SetStatusL(TInt aStatusRef, TInt aError) = 0;
+ virtual void SetMappingL(const TDesC8& aUri, const TDesC8& aLuid) = 0;
+ virtual void FetchLinkL(const TDesC8& aUri, CBufBase& aData, MSmlDmAdapter::TError& aStatus) = 0;
+ virtual HBufC8* GetLuidAllocL(const TDesC8& aUri) = 0;
+ virtual HBufC8* FindChildUriL(const TDesC8& aParentUri, const TDesC8& aChildLuid) = 0;
+ };
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadcallbackc.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,51 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Call back implementation
+*
+*/
+
+
+
+#ifndef __DMADCALLBACKC_H__
+#define __DMADCALLBACKC_H__
+
+#include "dmadengineexportdef.h"
+#include "dmadcallback.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdCallBack
+//------------------------------------------------------------------------------------------------
+class CDmAdCallBack : public CBase, public MDmAdCallBack
+ {
+public:
+ DMAD_IMPORT_C static CDmAdCallBack* NewL(MSmlDmCallback* aCallBack, const TDesC8& aSomeOwnUri);
+ DMAD_IMPORT_C static CDmAdCallBack* NewLC(MSmlDmCallback* aCallBack, const TDesC8& aSomeOwnUri);
+ DMAD_IMPORT_C ~CDmAdCallBack();
+
+ DMAD_IMPORT_C void SetMappingL(const TDesC8& aURI, const TDesC8& aLuid);
+ DMAD_IMPORT_C void SetStatusL(TInt aStatusRef, TInt aError);
+ DMAD_IMPORT_C void SetResultsL(TInt aResultsRef, CBufBase& aObject, const TDesC8& aType);
+ DMAD_IMPORT_C void FetchLinkL(const TDesC8& aUri, CBufBase& aData, MSmlDmAdapter::TError& aStatus);
+ DMAD_IMPORT_C HBufC8* GetLuidAllocL(const TDesC8& aUri);
+ DMAD_IMPORT_C HBufC8* FindChildUriL(const TDesC8& aParentUri, const TDesC8& aChildLuid);
+
+private:
+ void ConstructL(const TDesC8& aSomeOwnUri);
+ CDmAdCallBack(MSmlDmCallback* aCallBack);
+private:
+ MSmlDmCallback* iCallBack;
+ HBufC8* iSomeOwnUri;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadcommand.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,55 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCommand.
+*
+*/
+
+
+#ifndef __DMADCOMMAND_H__
+#define __DMADCOMMAND_H__
+
+#include <e32base.h>
+
+//------------------------------------------------------------------------------------------------
+// CDmAdCommand
+//------------------------------------------------------------------------------------------------
+class CDmAdCommand : public CBase
+ {
+public:
+ static CDmAdCommand* NewL(const TDesC8& aUri, const TInt aStatusRef, TBool aLeaf);
+ static CDmAdCommand* NewLC(const TDesC8& aUri, const TInt aStatusRef, TBool aLeaf);
+ ~CDmAdCommand();
+ static void CleanupOperationDeleteCArrayPtr(TAny* aPtr);
+
+ inline TInt StatusRef(void) const;
+ inline TInt Status(void) const;
+ inline TBool IsLeaf(void) const;
+
+private:
+ void ConstructL(const TDesC8& aUri);
+ CDmAdCommand(const TInt aStatusRef, TBool aLeaf);
+
+private:
+ CDmAdCommand();
+ void ConstructL(void);
+
+private:
+ TInt iStatusRef;
+ TInt iStatus;
+ TBool iLeaf;
+ };
+
+#include "dmadcommand.inl"
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadcommand.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Inlined command methods
+*
+*/
+
+
+
+#ifndef __DMADCOMMAND_INL__
+#define __DMADCOMMAND_INL__
+
+inline TInt CDmAdCommand::StatusRef(void) const
+ {
+ return iStatusRef;
+ }
+
+inline TInt CDmAdCommand::Status(void) const
+ {
+ return iStatus;
+ }
+
+inline TBool CDmAdCommand::IsLeaf(void) const
+ {
+ return iLeaf;
+ }
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadddfapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of MDmAdDdfApi.
+*
+*/
+
+
+
+#ifndef __DMADDDFAPI_H__
+#define __DMADDDFAPI_H__
+
+#include <smldmadapter.h>
+
+//------------------------------------------------------------------------------------------------
+// MDmAdDdfApi
+//------------------------------------------------------------------------------------------------
+class MDmAdDdfApi
+ {
+ public:
+ virtual void NotRtNodeAddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef) = 0;
+ virtual void NotRtNodeUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef) = 0;
+ virtual TInt NotRtNodeFetchLeafObjectLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, const TDesC8& /*aType*/, CBufBase*& aObject) = 0;
+ virtual void NotRtNodeDeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef) = 0;
+
+ virtual TBool IsNodeRtNodeL(const TDesC8& aUri) = 0;
+ virtual TBool IsLeafUnderRtNodeL(const TDesC8& aUri) = 0;
+ virtual TPtrC8 RtNodeUriForLeafL(const TDesC8& aLeafUri) = 0;
+ virtual TBool IsTopLevelRtNode(const TDesC8& aUri) = 0;
+ virtual HBufC8* ParentRtNodeUriForRtNodeLC(const TDesC8& aUri) = 0;
+ virtual void BuildChildUriListLC(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, CBufBase*& aCurrentList) = 0;
+ };
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadengine.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,136 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Engine
+*
+*/
+
+
+
+#ifndef __DMADENGINE_H__
+#define __DMADENGINE_H__
+
+#include <smldmadapter.h>
+#include "dmadengineexportdef.h"
+#include "dmadcallback.h"
+#include "dmadstoreapi.h"
+#include "dmadddfapi.h"
+#include "dmadrtnodedataapi.h"
+#include "DmAdRtNode.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdEngine
+//------------------------------------------------------------------------------------------------
+class CDmAdEngine : public CBase
+ {
+public:
+ DMAD_IMPORT_C static CDmAdEngine* NewL(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi);
+
+ DMAD_IMPORT_C static CDmAdEngine* NewLC(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi);
+ DMAD_IMPORT_C ~CDmAdEngine();
+
+ DMAD_IMPORT_C void ChildURIListL(const TDesC8& aUri, const TDesC8& aLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousURISegmentList, TInt aResultsRef, TInt aStatusRef);
+ DMAD_IMPORT_C void AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, const TInt aStatusRef);
+ DMAD_IMPORT_C void UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ DMAD_IMPORT_C void FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef);
+ DMAD_IMPORT_C void DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+ DMAD_IMPORT_C void CompleteOutstandingCmdsL();
+
+ DMAD_IMPORT_C void ChildURIListL(const TDesC& aUri, const TDesC& aLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousURISegmentList, const TInt aResultsRef, const TInt aStatusRef);
+ DMAD_IMPORT_C void AddNodeObjectL(const TDesC& aUri, const TDesC& aParentLuid, const TInt aStatusRef);
+ DMAD_IMPORT_C void AddLeafObjectL(const TDesC& aUri, const TDesC& aParentLuid, const TDesC8& aObject, const TDesC& aType, const TInt aStatusRef);
+ DMAD_IMPORT_C void UpdateLeafObjectL(const TDesC& aUri, const TDesC& aLuid, const TDesC8& aObject, const TDesC& aType, const TInt aStatusRef);
+ DMAD_IMPORT_C void FetchLeafObjectL(const TDesC& aUri, const TDesC& aLuid, const TDesC& aType, const TInt aResultsRef, const TInt aStatusRef);
+ DMAD_IMPORT_C void DeleteObjectL(const TDesC& aUri, const TDesC& aLuid, const TInt aStatusRef);
+ DMAD_IMPORT_C void EndMessageL();
+
+ DMAD_IMPORT_C void UpdateLeafObjectL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ DMAD_IMPORT_C void FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef);
+ DMAD_IMPORT_C void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ DMAD_IMPORT_C void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ DMAD_IMPORT_C void CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ DMAD_IMPORT_C void StartAtomicL();
+ DMAD_IMPORT_C void CommitAtomicL();
+ DMAD_IMPORT_C void RollbackAtomicL();
+ DMAD_IMPORT_C TBool StreamingSupport(TInt& aItemSize);
+ DMAD_IMPORT_C void StreamCommittedL();
+
+private:
+ void ConstructL();
+ CDmAdEngine(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi);
+
+ void DoChildUriListL(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, TInt aResultsRef, TInt aStatusRef);
+ void DoAddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef);
+ void DoUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ void DoFetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef);
+ TInt DoFetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, CBufBase*& aObject);
+ void DoDeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+ void DoCompleteOutstandingCmdsL();
+
+
+ CDmAdRtNode* FindRtNodeInBuffer(const TDesC8& aUri);
+ CDmAdRtNode* FindRtNodeInBufferByLuid(const TDesC8& aLuid, const TDesC8& aUri);
+ CDmAdRtNode* RestoreRtNodeInBufferIfNotDoneL(const TDesC8& aUri, const TDesC8& aLuid);
+ CDmAdRtNode* FetchRtNodeInBufferL(const TDesC8& aUri, const TDesC8& aLuid);
+ void CompleteCommandsL(CDmAdRtNode& aRtNode, TInt aStatus);
+ void CompleteCommandsL(CArrayPtr<CDmAdRtNode>& aRtNodes, TInt aStatus);
+ void BuildTopLevelRtNodesListLC(CArrayPtr<CDmAdRtNode>* aRtNodes,
+ CArrayPtr<CDmAdRtNode>*& aTopLevelRtNodes);
+ void BuildChildRtNodesListLC(CArrayPtr<CDmAdRtNode>* aRtNodes,
+ const TDesC8& aSomeParentUri,
+ CArrayPtr<CDmAdRtNode>*& aChildRtNodes);
+
+ void SaveRtNodesL(void);
+ TBool FindRtNodeInStoreL(const TDesC8& aLuid, const TDesC8& aUri);
+ HBufC8* ParentRtNodeLuidForRtNodeLC(const TDesC8& aUri);
+
+private:
+ MDmAdCallBack* iCallBack;
+ MDmAdStoreApi* iStoreApi;
+ MDmAdDdfApi* iDdfApi;
+ MDmAdRtNodeDataApi* iRtNodeDataApi;
+
+ CArrayPtr<CDmAdRtNode>* iRtNodes;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadengineexportdef.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Device Management Adapter Engine export definitions.
+*
+*/
+
+
+
+#ifndef __DMADENGINEEXPORTDEF_H__
+#define __DMADENGINEEXPORTDEF_H__
+
+#ifdef DMAD_ENGINE_EXPORT
+ #define DMAD_EXPORT_C EXPORT_C
+ #define DMAD_IMPORT_C IMPORT_C
+#else
+ #define DMAD_EXPORT_C
+ #define DMAD_IMPORT_C
+#endif
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadrtnode.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,48 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Inlined node methods
+*
+*/
+
+
+
+#ifndef __DMADRTNODE_INL__
+#define __DMADRTNODE_INL__
+
+inline CArrayPtr<CDmAdCommand>* CDmAdRtNode::Commands(void) const
+ {
+ return iCommands;
+ }
+
+inline TBool CDmAdRtNode::IsSomeLeafAddedToRtNode(void) const
+ {
+ return iSomeLeafAddedToRtNode;
+ }
+
+inline TBool CDmAdRtNode::IsJustFetched(void) const
+ {
+ return iJustFetched;
+ }
+
+inline CDmAdRtNodeData* CDmAdRtNode::Data(void) const
+ {
+ return iData;
+ }
+
+inline void CDmAdRtNode::SetSomeLeafAddedToRtNode(TBool aSomeLeafAddedToRtNode)
+ {
+ iSomeLeafAddedToRtNode = aSomeLeafAddedToRtNode;
+ }
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadrtnodedataapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of MDmAdRtNodeDataApi.
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATAAPI_H__
+#define __DMADRTNODEDATAAPI_H__
+
+#include <e32base.h>
+
+class MDmAdCallBack;
+class CDmAdRtNodeData;
+
+//------------------------------------------------------------------------------------------------
+// MDmAdRtNodeDataApi
+//------------------------------------------------------------------------------------------------
+class MDmAdRtNodeDataApi
+ {
+ public:
+ virtual CDmAdRtNodeData* CreateDmAdRtNodeDataL(const TDesC8& aUri, MDmAdCallBack* aCallBack) = 0;
+ virtual void DeleteDmAdRtNodeData(CDmAdRtNodeData* aDmAdRtNodeData) = 0;
+
+ virtual void UpdateLeafDataL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aObject) = 0;
+ virtual void FetchLeafObjectLC(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject) = 0;
+ virtual void SetDefaultSettingsL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri) = 0;
+ virtual TBool AreUriTypesSame(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri) = 0;
+ };
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadstoreapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of MDmAdStoreApi.
+*
+*/
+
+
+
+#ifndef __DMADSTOREAPI_H__
+#define __DMADSTOREAPI_H__
+
+#include "DmAdRtNode.h"
+
+//------------------------------------------------------------------------------------------------
+// MDmAdStoreApi
+//------------------------------------------------------------------------------------------------
+class MDmAdStoreApi
+ {
+ public:
+ virtual TBool FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri) = 0;
+ virtual void LuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList) = 0;
+ virtual void FetchRtNodeL(CDmAdRtNode& aRtNode) = 0;
+ virtual void SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes) = 0;
+ virtual void SaveChildLevelRtNodeL(CDmAdRtNode& aRtNode) = 0;
+ virtual void DeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri) = 0;
+ };
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/dmadutil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,86 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of TDmAdUtil.
+*
+*/
+
+
+
+#ifndef __DMADUTIL_H__
+#define __DMADUTIL_H__
+
+#include <smldmadapter.h>
+#include "dmadengineexportdef.h"
+#include "dmadcallback.h"
+#include "dmadstoreapi.h"
+
+_LIT8(KDmAdUriDotSlash, "./");
+_LIT8(KDmAdSeparator, "/");
+_LIT8(KDmAdMimeTypeTextPlain, "text/plain");
+_LIT8(KDmAdLocallyCreatedRtNodeUriSegPrefix, "cli");
+
+//------------------------------------------------------------------------------------------------
+// TDmAdUtil
+//------------------------------------------------------------------------------------------------
+class TDmAdUtil
+ {
+public:
+ DMAD_IMPORT_C static TInt DesToInt(const TDesC& aDes);
+ DMAD_IMPORT_C static TInt DesToInt(const TDesC8& aDes);
+ DMAD_IMPORT_C static HBufC* IntToDesLC(const TInt aInt);
+ DMAD_IMPORT_C static HBufC8* IntToDes8LC(const TInt aInt);
+ DMAD_IMPORT_C static HBufC* IntToDesLC(const TInt32 aInt32);
+ DMAD_IMPORT_C static HBufC8* IntToDes8LC(const TInt32 aInt32);
+ DMAD_IMPORT_C static TUint DesToUint(const TDesC& aDes);
+ DMAD_IMPORT_C static TUint DesToUint(const TDesC8& aDes);
+ DMAD_IMPORT_C static HBufC* IntToDesLC(const TUint aUint);
+ DMAD_IMPORT_C static HBufC8* IntToDes8LC(const TUint aUint);
+ DMAD_IMPORT_C static HBufC* IntToDesLC(const TUint32 aUint32);
+ DMAD_IMPORT_C static HBufC8* IntToDes8LC(const TUint32 aUint32);
+ DMAD_IMPORT_C static TPtrC8 LastUriSeg(const TDesC8& aUri);
+ DMAD_IMPORT_C static TPtrC8 FirstUriSeg(const TDesC8& aUri);
+ DMAD_IMPORT_C static TPtrC8 RemoveLastUriSeg(const TDesC8& aUri);
+ DMAD_IMPORT_C static TInt NumOfURISegs(const TDesC8& aUri);
+ DMAD_IMPORT_C static TPtrC8 RemoveDotSlash(const TDesC8& aUri);
+ DMAD_IMPORT_C static TInt CompareUris(const TDesC8& aUri1, const TDesC8& aUri2);
+ DMAD_IMPORT_C static HBufC8* BuildUriLC(const TDesC8& aUriPath, const TDesC8& aUriSeg);
+ DMAD_IMPORT_C static HBufC8* BuildUriL(const TDesC8& aUriPath, const TDesC8& aUriSeg);
+ DMAD_IMPORT_C static MSmlDmAdapter::TError MapStatusCode(TInt aStatus);
+ DMAD_IMPORT_C static void ParseUriLC(const TDesC8& aUri, CArrayFix<TPtrC8>*& aUriSegList);
+ DMAD_IMPORT_C static HBufC8* LuidTo8L(const TDesC& aLuid16);
+ DMAD_IMPORT_C static HBufC* LuidTo16L(const TDesC8& aLuid8);
+ DMAD_IMPORT_C static void FillNodeInfoL(MSmlDmDDFObject& aNode,
+ TSmlDmAccessTypes aAccTypes,
+ MSmlDmDDFObject::TOccurence aOccurrence,
+ MSmlDmDDFObject::TScope aScope,
+ MSmlDmDDFObject::TDFFormat aFormat,
+ const TDesC8& aDescription,
+ TBool aObjectGroup,
+ const TDesC8& aMimeType=KDmAdMimeTypeTextPlain);
+ DMAD_IMPORT_C static MSmlDmDDFObject& AddChildObjectL(MSmlDmDDFObject& aNode, const TDesC8& aNodeName);
+ DMAD_IMPORT_C static HBufC8* BuildLocallyCreatedRtNodeUriSegLC(TInt& aLargest);
+ DMAD_IMPORT_C static void BuildRtNodeChildUriListL(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ const TDesC8& aUri,
+ const TDesC8& aParentLuid,
+ const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
+ CBufBase& aCurrentList);
+
+
+private:
+ static TInt FindLargestLocallyCreated(const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList);
+
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/vpnlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,108 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging code fot the dmadpki
+*
+*/
+
+
+
+
+
+#ifndef VPNLOGGER_H
+#define VPNLOGGER_H
+
+#if defined(_DEBUG)
+
+#include <e32base.h>
+#include <flogger.h>
+
+
+NONSHARABLE_CLASS(TTraceItem)
+ {
+public:
+ inline TTraceItem(const TDesC& aTraceName);
+ inline ~TTraceItem();
+
+ inline static void TraceCleanupOperation(TAny* aItem);
+private:
+
+ HBufC* iTraceName;
+ TBool iMethodHasLeft;
+ };
+
+
+NONSHARABLE_CLASS(CVpnDebugLogger) : public CBase
+ {
+public:
+
+ inline static void InitializeDebugLoggerL(const TDesC& aFolder, const TDesC& aFileName);
+ inline static void FinalizeDebugLogger();
+ inline static void LogWrite(const TDesC& aText);
+ inline static void LogWrite(const TDesC8& aText);
+
+ inline static void LogWriteF(TRefByValue<const TDesC> aFmt, ...);
+ inline static void LogWriteF(TRefByValue<const TDesC8> aFmt, ...);
+
+
+ inline static void HexWrite(const TDesC8& aData);
+
+
+private:
+ inline void ConstructL(const TDesC& aFolder, const TDesC& aFileName);
+ inline ~CVpnDebugLogger();
+
+ inline static void TimeStamp(TDes& aBuffer);
+ inline static CVpnDebugLogger* VpnDebugLogger();
+
+ inline void WriteLogRaw(const TDesC& aLogMessage);
+
+
+ RFileLogger iFileLogger;
+ TUint iCallDepth;
+
+ TBuf<512> iDebugString;
+ friend class TTraceItem;
+
+ TUint8 iReferenceCount;
+ };
+
+#define INITIALIZE_DEBUG_LOG_L(a, b) CVpnDebugLogger::InitializeDebugLoggerL((a), (b))
+#define FINALIZE_DEBUG_LOG CVpnDebugLogger::FinalizeDebugLogger();
+
+/**
+ * Trace can't be used inside LC methods.
+ */
+#define TRACE(a) TTraceItem __trace(TPtrC((const TText *)L ## a))
+#define DEBUG_LOG(a) CVpnDebugLogger::LogWrite(a)
+#define DEBUG_LOG1(a, b) CVpnDebugLogger::LogWriteF((a), (b))
+#define DEBUG_LOG2(a, b, c) CVpnDebugLogger::LogWriteF((a), (b), (c))
+
+#define DEBUG_LOG_HEX(a) CVpnDebugLogger::HexWrite((a))
+
+#include "vpnlogger.inl"
+
+#else
+
+#define INITIALIZE_DEBUG_LOG_L(a, b)
+#define FINALIZE_DEBUG_LOG
+#define TRACE(a)
+#define DEBUG_LOG(a)
+#define DEBUG_LOG1(a, b)
+#define DEBUG_LOG2(a, b, c)
+
+#define DEBUG_LOG_HEX(a)
+
+
+#endif //!defined(_DEBUG)
+#endif //VPNLOGGER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/inc/vpnlogger.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,359 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging code fot the dmadpki
+*
+*/
+
+
+
+
+#if defined(_DEBUG)
+
+
+_LIT(KTraceOutOfMemory, "TRACE out of memory");
+
+_LIT(KInMark, ">");
+_LIT(KOutMark, "<");
+_LIT(KDepthMark, "-");
+_LIT(KSeparator, " ");
+_LIT(KLeaveFrom, "LEAVE FROM: ");
+
+
+
+void TTraceItem::TraceCleanupOperation(TAny* aItem)
+ {
+
+ TTraceItem* traceCleanupItem = static_cast<TTraceItem*>(aItem);
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+ logger->iCallDepth--;
+
+ logger->iDebugString.Zero();
+
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+ logger->iDebugString.Append(KLeaveFrom);
+ logger->iDebugString.Append(*(traceCleanupItem->iTraceName));
+ logger->WriteLogRaw(logger->iDebugString);
+
+ delete traceCleanupItem->iTraceName;
+
+ traceCleanupItem->iMethodHasLeft = ETrue;
+ }
+
+
+TTraceItem::TTraceItem(const TDesC& aTraceName)
+ {
+ iMethodHasLeft = EFalse;
+
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+
+ iTraceName = aTraceName.Alloc();
+ if (iTraceName != NULL)
+ {
+ if (logger != NULL)
+ {
+ logger->iCallDepth++;
+
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ for (TInt i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(KDepthMark);
+ }
+
+ logger->iDebugString.Append(KInMark);
+ logger->iDebugString.Append(KSeparator);
+ logger->iDebugString.Append(*iTraceName);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+ CleanupStack::PushL(TCleanupItem(TTraceItem::TraceCleanupOperation, this));
+ }
+ else
+ {
+ if (logger != NULL)
+ {
+ logger->WriteLogRaw(KTraceOutOfMemory);
+ }
+ }
+ }
+
+
+TTraceItem::~TTraceItem()
+ {
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+
+
+ if (!iMethodHasLeft)
+ {
+ if (iTraceName != NULL)
+ {
+ if (logger != NULL)
+ {
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+ logger->iDebugString.Append(KOutMark);
+ for (TInt i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(KDepthMark);
+ }
+
+ logger->iDebugString.Append(KSeparator);
+ logger->iDebugString.Append(*iTraceName);
+ logger->WriteLogRaw(logger->iDebugString);
+
+ logger->iCallDepth--;
+ }
+ delete iTraceName;
+ CleanupStack::Pop(this);
+
+ }
+ else
+ {
+ if (logger != NULL)
+ {
+ logger->WriteLogRaw(KTraceOutOfMemory);
+ }
+ }
+ }
+ }
+
+
+
+void CVpnDebugLogger::InitializeDebugLoggerL(const TDesC& aFolder, const TDesC& aFileName)
+ {
+
+ CVpnDebugLogger* self = static_cast<CVpnDebugLogger*>(Dll::Tls());
+ if (self == NULL)
+ {
+ self = new (ELeave) CVpnDebugLogger;
+ CleanupStack::PushL(self);
+ self->ConstructL(aFolder, aFileName);
+ User::LeaveIfError(Dll::SetTls(self));
+ CleanupStack::Pop(self);
+ }
+ self->iReferenceCount++;
+ }
+
+
+void CVpnDebugLogger::ConstructL(const TDesC& aFolder, const TDesC& aFileName)
+ {
+ User::LeaveIfError(iFileLogger.Connect());
+ iFileLogger.SetDateAndTime(EFalse, EFalse);
+ iFileLogger.CreateLog(aFolder, aFileName, EFileLoggingModeAppend);
+ }
+
+
+CVpnDebugLogger::~CVpnDebugLogger()
+ {
+ if ( iFileLogger.Handle() != 0 )
+ {
+ iFileLogger.Write(_L("Logger delete"));
+ iFileLogger.CloseLog();
+ }
+
+ iFileLogger.Close();
+ }
+
+
+void CVpnDebugLogger::FinalizeDebugLogger()
+ {
+ CVpnDebugLogger* self = static_cast<CVpnDebugLogger*>(Dll::Tls());
+ __ASSERT_ALWAYS(self != NULL, User::Invariant());
+
+ self->iReferenceCount--;
+
+ if (self->iReferenceCount == 0)
+ {
+ Dll::SetTls(NULL);
+ delete self;
+ }
+ }
+
+
+CVpnDebugLogger* CVpnDebugLogger::VpnDebugLogger()
+ {
+ return static_cast<CVpnDebugLogger*>(Dll::Tls());
+ }
+
+
+void CVpnDebugLogger::WriteLogRaw(const TDesC& aLogMessage)
+ {
+ iFileLogger.Write(aLogMessage);
+ }
+
+
+void CVpnDebugLogger::LogWrite(const TDesC& aText)
+ {
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+ logger->iDebugString.Append(aText);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+void CVpnDebugLogger::LogWrite(const TDesC8& aText)
+ {
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+ TInt stringLength = logger->iDebugString.Length();
+ TUint spaceLeft = logger->iDebugString.MaxLength() - stringLength;
+
+ TUint16* ptr = const_cast<TUint16*>(logger->iDebugString.Ptr() + stringLength);
+ TPtr buffer(ptr, spaceLeft);
+ buffer.Copy(aText);
+
+ logger->iDebugString.SetLength(stringLength + buffer.Length());
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+void CVpnDebugLogger::LogWriteF(TRefByValue<const TDesC> aFmt, ...)
+ {
+ VA_LIST list;
+ VA_START(list,aFmt);
+
+
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+
+ const TDesC& format = aFmt;
+
+ logger->iDebugString.AppendFormatList(format, list);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+
+void CVpnDebugLogger::LogWriteF(TRefByValue<const TDesC8> aFmt, ...)
+ {
+ TBuf8<512> buf;
+
+ VA_LIST list;
+ VA_START(list,aFmt);
+
+ const TDesC8& format = aFmt;
+ buf.FormatList(format, list);
+
+ LogWrite(buf);
+ }
+
+
+void CVpnDebugLogger::HexWrite(const TDesC8& aData)
+ {
+ const TUint KRowLength = 16; //16 bytes in one row
+
+ TBuf<128> row;
+
+ TUint rowCount = aData.Length() / KRowLength;
+ if (aData.Length() % KRowLength != 0)
+ {
+ rowCount++;
+ }
+
+ for (TInt i = 0; i < rowCount; ++i)
+ {
+ _LIT(KRowStartFormat, "%04x: ");
+ TPtrC8 rowData(aData.Mid(KRowLength*i));
+
+ row.Zero();
+ row.Format(KRowStartFormat, i*KRowLength);
+ TInt j;
+ for (j = 0; j < KRowLength; ++j)
+ {
+ if ( j < rowData.Length())
+ {
+ _LIT(KDataByteFormat, "%02x ");
+ TUint8 byte = rowData[j];
+ row.AppendFormat(KDataByteFormat, byte);
+ }
+ else
+ {
+ row.Append(_L(" "));
+ }
+ }
+
+ for (j = 0; j < KRowLength && j < rowData.Length(); ++j)
+ {
+ TUint8 byte = rowData[j];
+ if (byte >= ' ' && byte <= '~')
+ {
+ row.Append(byte);
+ }
+ else
+ {
+ row.Append(_L("."));
+ }
+ }
+
+
+ LogWrite(row);
+ }
+ }
+
+
+void CVpnDebugLogger::TimeStamp(TDes& aBuffer)
+ {
+ TTime time;
+ time.HomeTime();
+ TDateTime dateTime = time.DateTime();
+
+
+ _LIT(KFormatTxt,"%02d/%02d/%d %02d:%02d:%02d.%03d ");
+ aBuffer.Format(KFormatTxt,
+ dateTime.Day()+1,
+ TInt(dateTime.Month()+1),
+ dateTime.Year(),
+
+ dateTime.Hour(), dateTime.Minute(), dateTime.Second(),
+ dateTime.MicroSecond()
+ );
+
+
+ }
+
+
+#endif //defined(_DEBUG)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/rom/dmadengine.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project dmadengine
+*
+*/
+
+
+#ifndef __DMADENGINE_IBY__
+#define __DMADENGINE_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM dmadentine not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\dmadengine.dll SHARED_LIB_DIR\dmadengine.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __DMADENGINE_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadcallback.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,216 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Call back implementation
+*
+*/
+
+
+#include <utf.h>
+
+#include "dmadcallbackc.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+#if defined(_DEBUG)
+_LIT(KDmAdLogFolder,"vpn");
+_LIT(KDmAdLogFile,"dmadengine.log");
+#endif
+
+
+DMAD_EXPORT_C CDmAdCallBack* CDmAdCallBack::NewL(MSmlDmCallback* aCallBack, const TDesC8& aSomeOwnUri)
+ {
+
+ //Is first method called from the dmadengine
+ //This why the logging is initiated here.
+ INITIALIZE_DEBUG_LOG_L(KDmAdLogFolder, KDmAdLogFile);
+ DEBUG_LOG1(_L8("LOGGING INITIALIZED for %S"), &aSomeOwnUri);
+
+ CDmAdCallBack* self = NewLC(aCallBack, aSomeOwnUri);
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+DMAD_EXPORT_C CDmAdCallBack* CDmAdCallBack::NewLC(MSmlDmCallback* aCallBack, const TDesC8& aSomeOwnUri)
+ {
+ CDmAdCallBack* self = new (ELeave) CDmAdCallBack(aCallBack);
+ CleanupStack::PushL(self);
+ self->ConstructL(aSomeOwnUri);
+ return self;
+ }
+
+void CDmAdCallBack::ConstructL(const TDesC8& aSomeOwnUri)
+ {
+ TRACE("CDmAdCallBack::ConstructL");
+ iSomeOwnUri = aSomeOwnUri.AllocL();
+ }
+
+CDmAdCallBack::CDmAdCallBack(MSmlDmCallback* aCallBack) : iCallBack(aCallBack)
+ {
+ }
+
+DMAD_EXPORT_C CDmAdCallBack::~CDmAdCallBack()
+ {
+
+ DEBUG_LOG1(_L8("FINALIZING LOGGING %S"), iSomeOwnUri);
+ FINALIZE_DEBUG_LOG;
+
+ delete iSomeOwnUri;
+ }
+
+DMAD_EXPORT_C void CDmAdCallBack::SetResultsL(TInt aResultsRef, CBufBase& aObject, const TDesC8& aType)
+ {
+ TRACE("CDmAdCallBack::SetResultsL");
+
+ DEBUG_LOG1(_L("rref = %d"), aResultsRef);
+ DEBUG_LOG1(_L("lth = %d"), aObject.Ptr(0).Length());
+
+ DEBUG_LOG_HEX(aObject.Ptr(0));
+
+ iCallBack->SetResultsL(aResultsRef, aObject, aType);
+ }
+
+DMAD_EXPORT_C void CDmAdCallBack::SetStatusL(TInt aStatusRef, TInt aError)
+ {
+ TRACE("CDmAdCallBack::SetStatusL");
+
+ DEBUG_LOG1(_L("rref = %d"), aStatusRef);
+ DEBUG_LOG1(_L("status = %d"), aError);
+
+ iCallBack->SetStatusL(aStatusRef, TDmAdUtil::MapStatusCode(aError));
+ }
+
+DMAD_EXPORT_C void CDmAdCallBack::SetMappingL(const TDesC8& aUri, const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCallBack::SetMappingL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG(_L8("aLuid:"));
+ DEBUG_LOG_HEX(aLuid);
+
+ iCallBack->SetMappingL(aUri, aLuid);
+ }
+
+DMAD_EXPORT_C void CDmAdCallBack::FetchLinkL(const TDesC8& aUri, CBufBase& aData, MSmlDmAdapter::TError& aStatus)
+ {
+ TRACE("CDmAdCallBack::FetchLinkL");
+
+ aData.Reset();
+ iCallBack->FetchLinkL(aUri, aData, aStatus);
+
+ DEBUG_LOG1(_L("FetchLinkL status %d"), aStatus);
+ DEBUG_LOG1(_L("Data Length %d"), aData.Ptr(0).Length());
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+ DEBUG_LOG_HEX(aData.Ptr(0));
+
+ //Some adapters are a bit sloppy and returns a malformed URI, which
+ //ends with / character. This causes problems in our code.
+ //So if the last character is /, we strip it off.
+
+ TUint dataSize = aData.Size();
+ if (dataSize > 0)
+ {
+ TUint lastPosition = dataSize - 1;
+ TUint8 lastCharacter;
+ aData.Read(lastPosition, &lastCharacter, 1);
+
+ if (lastCharacter == '/')
+ {
+ DEBUG_LOG(_L("WARNING: last character is /. Stripping it off..."));
+ aData.ResizeL(lastPosition);
+ }
+
+ }
+}
+
+DMAD_EXPORT_C HBufC8* CDmAdCallBack::GetLuidAllocL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdCallBack::GetLuidAllocL");
+
+ HBufC8* luid = iCallBack->GetLuidAllocL(aUri);
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG(_L("luid:"));
+ DEBUG_LOG_HEX(*luid);
+
+#if 1 // restore adapter index (fixes agent)
+
+ HBufC8* tempLuid = iCallBack->GetLuidAllocL(*iSomeOwnUri);
+ DEBUG_LOG1(_L8("iCallBack->GetLuidAllocL(%S) called"), iSomeOwnUri);
+ delete tempLuid;
+#endif
+
+ return luid;
+ }
+
+DMAD_EXPORT_C HBufC8* CDmAdCallBack::FindChildUriL(const TDesC8& aParentUri, const TDesC8& aChildLuid)
+ {
+ TRACE("CDmAdCallBack::FindChildUriL");
+
+ DEBUG_LOG1(_L8("aParentUri = %S"), &aParentUri);
+ DEBUG_LOG(_L8("aChildLuid:"));
+ DEBUG_LOG_HEX(aChildLuid);
+
+ CBufBase* childUriList = CBufFlat::NewL(16);
+ CleanupStack::PushL(childUriList);
+ MSmlDmAdapter::TError status;
+ FetchLinkL(aParentUri, *childUriList, status);
+ if (status == MSmlDmAdapter::ENotFound)
+ {
+ DEBUG_LOG(_L("Node not found"));
+ CleanupStack::PopAndDestroy(); // childUriList
+ return 0;
+ }
+ else if (status != MSmlDmAdapter::EOk)
+ {
+ DEBUG_LOG1(_L("Operation failed with %d"), status);
+ User::Leave(KErrGeneral);
+ }
+
+ CArrayFix<TPtrC8>* uriSegList;
+ TDmAdUtil::ParseUriLC(childUriList->Ptr(0), uriSegList);
+
+ TBool found = EFalse;
+ HBufC8* uri = 0;
+ for (TInt i=0; i<uriSegList->Count(); ++i)
+ {
+ uri = TDmAdUtil::BuildUriLC(aParentUri, uriSegList->At(i));
+ HBufC8* luid = GetLuidAllocL(*uri);
+ if (luid->Compare(aChildLuid) == 0)
+ {
+ found = ETrue;
+ delete luid;
+ break;
+ }
+ CleanupStack::PopAndDestroy(); // uri
+ delete luid;
+ }
+
+ if (found)
+ {
+ CleanupStack::Pop(); // uri
+ }
+
+ CleanupStack::PopAndDestroy(2); //uriSegList, childUriList
+
+ if (found)
+ {
+ DEBUG_LOG1(_L8("Found uri %S"), uri);
+ return uri;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Uri not found"));
+ return 0;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadcommand.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,66 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCommand.
+*
+*/
+
+
+#include "dmadcommand.h"
+#include "vpnlogger.h"
+
+
+CDmAdCommand* CDmAdCommand::NewL(const TDesC8& aUri, const TInt aStatusRef, TBool aLeaf)
+ {
+ TRACE("CDmAdCommand::NewL");
+
+ CDmAdCommand *self = NewLC(aUri, aStatusRef, aLeaf);
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CDmAdCommand* CDmAdCommand::NewLC(const TDesC8& aUri, const TInt aStatusRef, TBool aLeaf)
+ {
+ CDmAdCommand *self = new (ELeave) CDmAdCommand(aStatusRef, aLeaf);
+ CleanupStack::PushL(self);
+ self->ConstructL(aUri);
+ return self;
+ }
+
+void CDmAdCommand::ConstructL(const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdCommand::ConstructL");
+ }
+
+CDmAdCommand::CDmAdCommand(const TInt aStatusRef, TBool aLeaf) :
+ iStatusRef(aStatusRef), iStatus(KErrNone), iLeaf(aLeaf)
+ {
+ TRACE("CDmAdCommand::CDmAdCommand");
+ }
+
+CDmAdCommand::~CDmAdCommand()
+ {
+ TRACE("CDmAdCommand::~CDmAdCommand");
+ }
+
+void CDmAdCommand::CleanupOperationDeleteCArrayPtr(TAny* aPtr)
+ {
+ if (aPtr == NULL)
+ {
+ return;
+ }
+ CArrayPtr<CDmAdCommand>* array = REINTERPRET_CAST(CArrayPtr<CDmAdCommand>*,aPtr);
+ array->ResetAndDestroy();
+ delete array;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadengine.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,579 @@
+/*
+* Copyright (c) 2000 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Device Management Adapter Engine.
+*
+*/
+
+
+#include <utf.h>
+#include <sysutil.h>
+
+#include "dmadengine.h"
+#include "dmadcommand.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+//===================================================================================================
+
+
+
+//===================================================================================================
+
+DMAD_EXPORT_C CDmAdEngine* CDmAdEngine::NewL(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi)
+ {
+ TRACE("CDmAdEngine::NewL");
+
+ CDmAdEngine* self = NewLC(aDmAdCallBack, aStoreApi, aDdfApi, aRtNodeDataApi);
+ CleanupStack::Pop();
+ return self;
+ }
+
+DMAD_EXPORT_C CDmAdEngine* CDmAdEngine::NewLC(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi)
+ {
+ CDmAdEngine* self = new (ELeave) CDmAdEngine(aDmAdCallBack, aStoreApi, aDdfApi, aRtNodeDataApi);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+void CDmAdEngine::ConstructL()
+ {
+ TRACE("CDmAdEngine::ConstructL");
+ iRtNodes = new (ELeave) CArrayPtrFlat<CDmAdRtNode>(4);
+ }
+
+CDmAdEngine::CDmAdEngine(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ MDmAdDdfApi* aDdfApi,
+ MDmAdRtNodeDataApi* aRtNodeDataApi) :
+ iCallBack(aDmAdCallBack), iStoreApi(aStoreApi), iDdfApi(aDdfApi), iRtNodeDataApi(aRtNodeDataApi)
+ {
+ TRACE("CDmAdEngine::CDmAdEngine");
+ }
+
+DMAD_EXPORT_C CDmAdEngine::~CDmAdEngine()
+ {
+ TRACE("CDmAdEngine::~CDmAdEngine");
+ CDmAdRtNode::CleanupOperationDeleteCArrayPtr(iRtNodes);
+ }
+
+//===================================================================================================
+
+DMAD_EXPORT_C void CDmAdEngine::ChildURIListL(const TDesC8& aUri, const TDesC8& aParentLuid,
+ const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
+ TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::ChildURIListL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aParentLuid %S"), &aParentLuid);
+ DEBUG_LOG2(_L("aResultsRef = %d, aStatusRef = %d"), aResultsRef, aStatusRef);
+
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TRAPD(err, DoChildUriListL(uri, aParentLuid, aPreviousUriSegmentList, aResultsRef, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::AddNodeObjectL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aParentLuid %S"), &aParentLuid);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TRAPD(err, DoAddNodeObjectL(uri, aParentLuid, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid,
+ const TDesC8& aObject, const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::UpdateLeafObjectL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
+ DEBUG_LOG1(_L8("aType %S"), &aType);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+
+ DEBUG_LOG(_L("Object:"));
+ DEBUG_LOG_HEX(aObject);
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TRAPD(err, DoUpdateLeafObjectL(uri, aLuid, aObject, aType, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid,
+ const TDesC8& aType, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::FetchLeafObjectL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
+ DEBUG_LOG1(_L8("aType %S"), &aType);
+ DEBUG_LOG2(_L("aResultsRef = %d, aStatusRef = %d"), aResultsRef, aStatusRef);
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TRAPD(err, DoFetchLeafObjectL(uri, aLuid, aType, aResultsRef, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DeleteObjectL");
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TRAPD(err, DoDeleteObjectL(uri, aLuid, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::CompleteOutstandingCmdsL()
+ {
+ TRACE("CDmAdEngine::CompleteOutstandingCmdsL");
+
+ TRAPD(err, DoCompleteOutstandingCmdsL());
+ if (err != KErrNone)
+ {
+ iRtNodes->ResetAndDestroy();
+ }
+ }
+
+//===================================================================================================
+
+void CDmAdEngine::DoChildUriListL(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DoChildUriListL");
+
+ CBufBase* currentList;
+ iDdfApi->BuildChildUriListLC(aUri, aParentLuid, aPreviousUriSegmentList, currentList);
+ iCallBack->SetResultsL(aResultsRef, *currentList, KNullDesC8);
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ CleanupStack::PopAndDestroy(); //currentList
+ }
+
+
+void CDmAdEngine::DoAddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DoAddNodeObjectL");
+
+ if (!iDdfApi->IsNodeRtNodeL(aUri))
+ {
+ iDdfApi->NotRtNodeAddNodeObjectL(aUri, aParentLuid, aStatusRef);
+ return;
+ }
+
+ if (FindRtNodeInStoreL(aParentLuid, aUri))
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrAlreadyExists);
+ return;
+ }
+
+ CDmAdRtNode* rtNode = FindRtNodeInBuffer(aUri);
+ if (rtNode != NULL)
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrAlreadyExists);
+ return;
+ }
+
+ if (SysUtil::FFSSpaceBelowCriticalLevelL(0, 0))
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrDiskFull);
+ return;
+ }
+
+ rtNode = CDmAdRtNode::NewL(aUri, aParentLuid, iCallBack, iRtNodeDataApi);
+ CleanupStack::PushL(rtNode);
+
+ iRtNodeDataApi->SetDefaultSettingsL(rtNode->Data(), aUri);
+ rtNode->SetSomeLeafAddedToRtNode(ETrue);
+
+ CDmAdCommand* command = CDmAdCommand::NewLC(aUri, aStatusRef, EFalse);
+ rtNode->AppendCommandL(command);
+ CleanupStack::Pop(); //command
+
+ iRtNodes->AppendL(rtNode);
+ CleanupStack::Pop(); // rtNode
+
+ }
+
+void CDmAdEngine::DoUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DoUpdateLeafObjectL");
+
+ CDmAdRtNode* rtNode = NULL;
+
+ if (!iDdfApi->IsLeafUnderRtNodeL(aUri))
+ {
+ iDdfApi->NotRtNodeUpdateLeafObjectL(aUri, aLuid, aObject, aType, aStatusRef);
+ return;
+ }
+
+ TPtrC8 rtNodeUri(iDdfApi->RtNodeUriForLeafL(aUri));
+ if (!FindRtNodeInStoreL(aLuid, rtNodeUri))
+ {
+ rtNode = FindRtNodeInBuffer(rtNodeUri);
+ if (rtNode == NULL)
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrNotFound);
+ return;
+ }
+ rtNode->AddLeafObjectL(aUri, aObject, aStatusRef);
+ return;
+ }
+
+ rtNode = RestoreRtNodeInBufferIfNotDoneL(rtNodeUri, aLuid);
+ rtNode->UpdateLeafObjectL(aUri, aObject, aStatusRef);
+ }
+
+
+void CDmAdEngine::DoFetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DoFetchLeafObjectL");
+
+ CBufBase* object = 0;
+ TInt status = DoFetchLeafObjectL(aUri, aLuid, aType, object);
+ CleanupStack::PushL(object);
+ if (status == KErrNone)
+ {
+ iCallBack->SetResultsL(aResultsRef, *object, aType);
+ }
+ iCallBack->SetStatusL(aStatusRef, status);
+ CleanupStack::PopAndDestroy(); //object
+ }
+
+TInt CDmAdEngine::DoFetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, CBufBase*& aObject)
+ {
+ TRACE("CDmAdEngine::DoFetchLeafObjectL");
+
+ TInt status = KErrNone;
+ aObject = 0;
+ if (!iDdfApi->IsLeafUnderRtNodeL(aUri))
+ {
+ status = iDdfApi->NotRtNodeFetchLeafObjectLC(aUri, aLuid, aType, aObject);
+ CleanupStack::Pop(); //aObject
+ return status;
+ }
+
+ if (aLuid.Length() == 0)
+ {
+ aObject = CBufFlat::NewL(32);
+ status = KErrNotFound;
+ return status;
+ }
+
+ TPtrC8 rtNodeUri(TDmAdUtil::RemoveLastUriSeg(aUri));
+ CDmAdRtNode* rtNode = RestoreRtNodeInBufferIfNotDoneL(rtNodeUri, aLuid);
+ iRtNodeDataApi->FetchLeafObjectLC(rtNode->Data(), aUri, aLuid, aObject);
+ CleanupStack::Pop(); //object
+ return status;
+ }
+
+
+void CDmAdEngine::DoDeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::DoDeleteObjectL");
+
+ if (aLuid.Length() == 0)
+ {
+ if (iDdfApi->IsNodeRtNodeL(aUri))
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrNotFound);
+ return;
+ }
+ iDdfApi->NotRtNodeDeleteObjectL(aUri, aLuid, aStatusRef);
+ return;
+ }
+
+ /*
+ if (IsLeaf(aUri))
+ {
+ DMADERR(DmAdErr::Printf(_L("*** CDmAdEngine::DoDeleteObjectL: %d (line=%d)\n"), KDmAdErr1, __LINE__));
+ User::Leave(KErrGeneral);
+ }
+ */
+
+ if (!iDdfApi->IsTopLevelRtNode(aUri))
+ {
+ HBufC8* parentRtNodeLuid = ParentRtNodeLuidForRtNodeLC(aUri);
+ if (parentRtNodeLuid->Compare(aLuid) == 0)
+ {
+ DEBUG_LOG(_L("Not found 1"));
+ User::Leave(KErrNotFound);
+ }
+ DEBUG_LOG(_L("Not found 2"));
+ User::Leave(KErrNotFound);
+ CleanupStack::PopAndDestroy(); //parentRtNodeLuid
+ }
+
+ iStoreApi->DeleteRtNodeL(aLuid, aUri);
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+
+void CDmAdEngine::DoCompleteOutstandingCmdsL()
+ {
+ TRACE("CDmAdEngine::DoCompleteOutstandingCmdsL");
+
+ SaveRtNodesL();
+ }
+
+//===================================================================================================
+
+CDmAdRtNode* CDmAdEngine::FindRtNodeInBuffer(const TDesC8& aUri)
+ {
+ TRACE("CDmAdEngine::FindRtNodeInBuffer");
+
+ CDmAdRtNode* rtNode = NULL;
+ TInt countRtNodes = iRtNodes->Count();
+ for (TInt i=0; i < countRtNodes; i++)
+ {
+ if (iRtNodes->At(i)->Uri().Compare(aUri) == 0)
+ {
+ rtNode = iRtNodes->At(i);
+ break;
+ }
+ }
+ return rtNode;
+ }
+
+CDmAdRtNode* CDmAdEngine::FindRtNodeInBufferByLuid(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdEngine::FindRtNodeInBufferByLuid");
+
+ CDmAdRtNode* rtNode = NULL;
+ TInt countRtNodes = iRtNodes->Count();
+ for (TInt i=0; i < countRtNodes; i++)
+ {
+ if (iRtNodes->At(i)->Luid().Compare(aLuid) == 0 &&
+ iRtNodes->At(i)->AreUriTypesSame(aUri))
+ {
+ rtNode = iRtNodes->At(i);
+ break;
+ }
+ }
+ return rtNode;
+ }
+
+CDmAdRtNode* CDmAdEngine::RestoreRtNodeInBufferIfNotDoneL(const TDesC8& aUri, const TDesC8& aLuid)
+ {
+ TRACE("CDmAdEngine::RestoreRtNodeInBufferIfNotDoneL");
+
+ CDmAdRtNode* rtNode = FindRtNodeInBufferByLuid(aLuid, aUri);
+ if (rtNode == NULL)
+ {
+ rtNode = FetchRtNodeInBufferL(aUri, aLuid);
+ }
+ return rtNode;
+ }
+
+CDmAdRtNode* CDmAdEngine::FetchRtNodeInBufferL(const TDesC8& aUri, const TDesC8& aLuid)
+ {
+ TRACE("CDmAdEngine::FetchRtNodeInBufferL");
+
+ CDmAdRtNode* rtNode = CDmAdRtNode::NewL(aUri, aLuid, iCallBack, iRtNodeDataApi);
+ CleanupStack::PushL(rtNode);
+
+ iStoreApi->FetchRtNodeL(*rtNode);
+
+ iRtNodes->AppendL(rtNode);
+ CleanupStack::Pop(); //rtNode
+ return rtNode;
+ }
+
+void CDmAdEngine::CompleteCommandsL(CDmAdRtNode& aRtNode, TInt aStatus)
+ {
+ TRACE("CDmAdEngine::CompleteCommandsL");
+
+ TInt countCommands = aRtNode.Commands()->Count();
+ for (TInt cmd=0; cmd < countCommands; cmd++)
+ {
+ CDmAdCommand* command = aRtNode.Commands()->At(cmd);
+ if (command->Status() == KErrNone)
+ {
+ if (!command->IsLeaf())
+ {
+ if (aStatus == MSmlDmAdapter::EOk)
+ {
+ iCallBack->SetMappingL(aRtNode.Uri(), aRtNode.Luid());
+ }
+ }
+ iCallBack->SetStatusL(command->StatusRef(), aStatus);
+ }
+ else
+ {
+ iCallBack->SetStatusL(command->StatusRef(), command->Status());
+ }
+ }
+ }
+
+void CDmAdEngine::CompleteCommandsL(CArrayPtr<CDmAdRtNode>& aRtNodes, TInt aStatus)
+ {
+ TRACE("CDmAdEngine::CompleteCommandsL");
+
+ for (TInt i=0; i < aRtNodes.Count(); i++)
+ {
+ CDmAdRtNode* rtNode = aRtNodes.At(i);
+ CompleteCommandsL(*rtNode, aStatus);
+ }
+ }
+
+void CDmAdEngine::BuildTopLevelRtNodesListLC(CArrayPtr<CDmAdRtNode>* aRtNodes,
+ CArrayPtr<CDmAdRtNode>*& aTopLevelRtNodes)
+ {
+ CArrayPtr<CDmAdRtNode>* rtNodesList;
+ rtNodesList = new (ELeave) CArrayPtrFlat<CDmAdRtNode>(4);
+ CleanupStack::PushL(TCleanupItem(CDmAdRtNode::CleanupOperationDeleteCArrayPtr,
+ rtNodesList));
+
+ for (TInt i=0; i < aRtNodes->Count(); i++)
+ {
+ CDmAdRtNode* rtNode = aRtNodes->At(i);
+ if (iDdfApi->IsTopLevelRtNode(rtNode->Uri()))
+ {
+ rtNodesList->AppendL(rtNode);
+ aRtNodes->Delete(i);
+ i--;
+ }
+ }
+
+ aTopLevelRtNodes = rtNodesList;
+ }
+
+void CDmAdEngine::BuildChildRtNodesListLC(CArrayPtr<CDmAdRtNode>* aRtNodes,
+ const TDesC8& aSomeParentUri,
+ CArrayPtr<CDmAdRtNode>*& aChildRtNodes)
+ {
+ CArrayPtr<CDmAdRtNode>* rtNodesList;
+ rtNodesList = new (ELeave) CArrayPtrFlat<CDmAdRtNode>(4);
+ CleanupStack::PushL(TCleanupItem(CDmAdRtNode::CleanupOperationDeleteCArrayPtr,
+ rtNodesList));
+
+ for (TInt i=0; i < aRtNodes->Count(); i++)
+ {
+ CDmAdRtNode* rtNode = aRtNodes->At(i);
+ if (rtNode->IsSomeChild(aSomeParentUri))
+ {
+ rtNodesList->AppendL(rtNode);
+ aRtNodes->Delete(i);
+ i--;
+ }
+ }
+
+ aChildRtNodes = rtNodesList;
+ }
+
+void CDmAdEngine::SaveRtNodesL(void)
+ {
+ TRACE("CDmAdEngine::SaveRtNodesL");
+
+ CArrayPtr<CDmAdRtNode>* topLevelRtNodes;
+ BuildTopLevelRtNodesListLC(iRtNodes, topLevelRtNodes);
+
+ TInt countRtNodes;
+ countRtNodes = topLevelRtNodes->Count();
+ TInt i;
+ for (i=0; i < countRtNodes; i++)
+ {
+ CDmAdRtNode* rtNode = topLevelRtNodes->At(i);
+ CArrayPtr<CDmAdRtNode>* childRtNodes;
+ BuildChildRtNodesListLC(iRtNodes, rtNode->Uri(), childRtNodes);
+
+ TRAPD(err, iStoreApi->SaveTopLevelRtNodeL(*rtNode, *childRtNodes));
+ CompleteCommandsL(*rtNode, err);
+ CompleteCommandsL(*childRtNodes, err);
+
+ CleanupStack::PopAndDestroy(); //childRtNodes
+ }
+ CleanupStack::PopAndDestroy(); //topLevelRtNodes
+
+ //child rtNodes without top level RtNode
+ countRtNodes = iRtNodes->Count();
+ for (i=0; i < countRtNodes; i++)
+ {
+ CDmAdRtNode* rtNode = iRtNodes->At(i);
+ TInt err = KErrNone;
+ if (!rtNode->IsJustFetched())
+ {
+ TRAP(err, iStoreApi->SaveChildLevelRtNodeL(*rtNode));
+ }
+ CompleteCommandsL(*rtNode, err);
+ }
+ iRtNodes->ResetAndDestroy();
+ }
+
+TBool CDmAdEngine::FindRtNodeInStoreL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdEngine::FindRtNodeInStoreL");
+
+ TBool ret = EFalse;
+
+ if (iDdfApi->IsTopLevelRtNode(aUri))
+ {
+ ret = iStoreApi->FindRtNodeL(aLuid, aUri);
+ }
+ else
+ {
+ HBufC8* parentRtNodeLuid = ParentRtNodeLuidForRtNodeLC(aUri);
+ if (parentRtNodeLuid->Compare(aLuid) == 0)
+ {
+ ret = EFalse;
+ }
+ else
+ {
+ ret = iStoreApi->FindRtNodeL(aLuid, aUri);
+ }
+ CleanupStack::PopAndDestroy(); //parentRtNodeLuid
+ }
+
+ return ret;
+ }
+
+HBufC8* CDmAdEngine::ParentRtNodeLuidForRtNodeLC(const TDesC8& aUri)
+ {
+ HBufC8* parentRtNodeUri = iDdfApi->ParentRtNodeUriForRtNodeLC(aUri);
+ HBufC8* parentRtNodeLuid = iCallBack->GetLuidAllocL(*parentRtNodeUri);
+ CleanupStack::PopAndDestroy(); // parentRtNodeUri
+ CleanupStack::PushL(parentRtNodeLuid);
+ return parentRtNodeLuid;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadenginenewapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,259 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Device Management Adapter Engine.
+*
+*/
+
+
+#include <utf.h>
+
+#include "dmadengine.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+
+DMAD_EXPORT_C void CDmAdEngine::ChildURIListL(const TDesC& /*aUri*/,
+ const TDesC& /*aParentLuid*/,
+ const CArrayFix<TSmlDmMappingInfo>& /*aPreviousUriSegmentList*/,
+ const TInt /*aResultsRef*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::ChildURIListL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::AddNodeObjectL(const TDesC& /*aUri*/,
+ const TDesC& /*aParentLuid*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::AddNodeObjectL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::AddLeafObjectL(const TDesC& /*aUri*/,
+ const TDesC& /*aParentLuid*/,
+ const TDesC8& /*aObject*/,
+ const TDesC& /*aType*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::AddLeafObjectL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::UpdateLeafObjectL(const TDesC& /*aUri*/,
+ const TDesC& /*aLuid*/,
+ const TDesC8& /*aObject*/,
+ const TDesC& /*aType*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::UpdateLeafObjectL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::FetchLeafObjectL(const TDesC& /*aUri*/,
+ const TDesC& /*aLuid*/,
+ const TDesC& /*aType*/,
+ const TInt /*aResultsRef*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::FetchLeafObjectL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::DeleteObjectL(const TDesC& /*aUri*/,
+ const TDesC& /*aLuid*/,
+ const TInt /*aStatusRef*/)
+ {
+ TRACE("CDmAdEngine::DeleteObjectL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::EndMessageL()
+ {
+ TRACE("CDmAdEngine::EndMessageL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+//===================================================================================================
+
+DMAD_EXPORT_C void CDmAdEngine::UpdateLeafObjectL(const TDesC8& /*aUri*/,
+ const TDesC8& /*aLuid*/,
+ RWriteStream*& /*aStream*/,
+ const TDesC8& /*aType*/,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::UpdateLeafObjectL");
+ DEBUG_LOG(_L("Unsupported stream method called"));
+
+ iCallBack->SetStatusL(aStatusRef, KErrGeneral);
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::FetchLeafObjectSizeL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
+ DEBUG_LOG1(_L8("aType %S"), &aType);
+ DEBUG_LOG2(_L("aResultsRef = %d, aStatusRef = %d"), aResultsRef, aStatusRef);
+
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TInt status = KErrNone;
+ CBufBase* object = 0;
+ TRAPD(err, status = DoFetchLeafObjectL(uri, aLuid, aType, object));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ return;
+ }
+ if (status != KErrNone)
+ {
+ delete object;
+ iCallBack->SetStatusL(aStatusRef, status);
+ return;
+ }
+
+ CleanupStack::PushL(object);
+ TInt objSizeInBytes = object->Size();
+ HBufC8* sizeBuf = TDmAdUtil::IntToDes8LC(objSizeInBytes);
+ object->Reset();
+ object->InsertL(0, *sizeBuf);
+
+ iCallBack->SetResultsL(aResultsRef, *object, aType);
+ iCallBack->SetStatusL(aStatusRef, status);
+ CleanupStack::PopAndDestroy(2); //sizeBuf, object
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::ExecuteCommandL");
+
+ DEBUG_LOG1(_L8("aUri %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
+
+ DEBUG_LOG(_L("Argument:"));
+ DEBUG_LOG_HEX(aArgument);
+
+ DEBUG_LOG1(_L8("aType %S"), &aType);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ if (!iDdfApi->IsLeafUnderRtNodeL(aUri))
+ {
+ iDdfApi->NotRtNodeUpdateLeafObjectL(aUri, aLuid, aArgument, aType, aStatusRef);
+ }
+ else
+ {
+ iCallBack->SetStatusL(aStatusRef, KErrNotFound);
+ }
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::ExecuteCommandL(const TDesC8& /*aUri*/,
+ const TDesC8& /*aLuid*/,
+ RWriteStream*& /*aStream*/,
+ const TDesC8& /*aType*/,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::ExecuteCommandL");
+ DEBUG_LOG(_L("Unsupported stream method called"));
+
+ iCallBack->SetStatusL(aStatusRef, KErrGeneral);
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdEngine::CopyCommandL");
+
+ DEBUG_LOG1(_L8("aTargetUri = %S"), &aTargetUri);
+ DEBUG_LOG1(_L8("aTargetLuid = %S"), &aTargetLuid);
+ DEBUG_LOG1(_L8("aSourceUri = %S"), &aSourceUri);
+ DEBUG_LOG1(_L8("aSourceLuid = %S"), &aSourceLuid);
+ DEBUG_LOG1(_L8("aType = %S"), &aType);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+
+ TInt err = KErrNone;
+ TPtrC8 sourceUri(TDmAdUtil::RemoveDotSlash(aSourceUri));
+ TInt status = KErrNone;
+ CBufBase* object = 0;
+ TRAP(err, status = DoFetchLeafObjectL(sourceUri, aSourceLuid, aType, object));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ return;
+ }
+ if (status != KErrNone)
+ {
+ delete object;
+ iCallBack->SetStatusL(aStatusRef, status);
+ return;
+ }
+
+ CleanupStack::PushL(object);
+
+ DEBUG_LOG(_L("object:"));
+ DEBUG_LOG_HEX(object->Ptr(0));
+
+ TPtrC8 targetUri(TDmAdUtil::RemoveDotSlash(aTargetUri));
+ TRAP(err, DoUpdateLeafObjectL(targetUri, aTargetLuid, object->Ptr(0), aType, aStatusRef));
+ if (err != KErrNone)
+ {
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+
+ CleanupStack::PopAndDestroy(); // object
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::StartAtomicL()
+ {
+ TRACE("CDmAdEngine::StartAtomicL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::CommitAtomicL()
+ {
+ TRACE("CDmAdEngine::CommitAtomicL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::RollbackAtomicL()
+ {
+ TRACE("CDmAdEngine::RollbackAtomicL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
+DMAD_EXPORT_C TBool CDmAdEngine::StreamingSupport(TInt& /*aItemSize*/)
+ {
+ TRACE("CDmAdEngine::StreamingSupport");
+ return EFalse;
+ }
+
+DMAD_EXPORT_C void CDmAdEngine::StreamCommittedL()
+ {
+ TRACE("CDmAdEngine::StreamCommittedL");
+ DEBUG_LOG(_L("Empty method"));
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadrtnode.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,169 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdRtNode.
+*
+*/
+
+
+#include "DmAdRtNode.h"
+#include "dmadcallback.h"
+#include "dmadcommand.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+DMAD_EXPORT_C CDmAdRtNode* CDmAdRtNode::NewL(const TDesC8& aUri, const TDesC8& aLuid, MDmAdCallBack* aCallBack, MDmAdRtNodeDataApi* aRtNodeDataApi)
+ {
+ TRACE("CDmAdRtNode::NewL");
+
+ CDmAdRtNode *self = new (ELeave) CDmAdRtNode(aRtNodeDataApi);
+ CleanupStack::PushL(self);
+ self->ConstructL(aUri, aLuid, aCallBack);
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+void CDmAdRtNode::ConstructL(const TDesC8& aUri, const TDesC8& aLuid, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNode::ConstructL");
+
+ DEBUG_LOG1(_L8("aUri: %S"), &aUri);
+ DEBUG_LOG(_L("aLuid:"));
+ DEBUG_LOG_HEX(aLuid);
+
+ iCommands = new (ELeave) CArrayPtrFlat<CDmAdCommand>(4);
+ iUri = aUri.AllocL();
+ iLuid = aLuid.AllocL();
+ iData = iRtNodeDataApi->CreateDmAdRtNodeDataL(aUri, aCallBack);
+ }
+
+CDmAdRtNode::CDmAdRtNode(MDmAdRtNodeDataApi* aRtNodeDataApi)
+ : iRtNodeDataApi(aRtNodeDataApi), iSomeLeafAddedToRtNode(EFalse), iJustFetched(ETrue)
+ {
+ TRACE("CDmAdRtNode::CDmAdRtNode");
+ }
+
+DMAD_EXPORT_C CDmAdRtNode::~CDmAdRtNode()
+ {
+ TRACE("CDmAdRtNode::~CDmAdRtNode");
+
+ CDmAdCommand::CleanupOperationDeleteCArrayPtr(iCommands);
+ delete iUri;
+ delete iLuid;
+ iRtNodeDataApi->DeleteDmAdRtNodeData(iData);
+ }
+
+DMAD_EXPORT_C TPtrC8 CDmAdRtNode::Uri(void) const
+ {
+ TRACE("CDmAdRtNode::Uri");
+
+ __ASSERT_ALWAYS(iUri != NULL, User::Invariant());
+
+ TPtrC8 ret(*iUri);
+ return ret;
+ }
+
+DMAD_EXPORT_C TPtrC8 CDmAdRtNode::Luid(void) const
+ {
+ TRACE("CDmAdRtNode::Luid");
+
+ __ASSERT_ALWAYS(iLuid != NULL, User::Invariant());
+
+ TPtrC8 ret(*iLuid);
+ return ret;
+ }
+
+DMAD_EXPORT_C void CDmAdRtNode::SetLuidL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdRtNode::SetLuidL");
+
+ DEBUG_LOG1(_L8("Node uri: %S"), iUri);
+ DEBUG_LOG(_L("aLuid:"));
+ DEBUG_LOG_HEX(aLuid);
+
+ __ASSERT_ALWAYS(aLuid.Length() > 0, User::Invariant());
+
+
+ delete iLuid;
+ iLuid = NULL;
+
+ iLuid = aLuid.AllocL();
+ }
+
+
+void CDmAdRtNode::CleanupOperationDeleteCArrayPtr(TAny* aPtr)
+ {
+ __ASSERT_ALWAYS(aPtr != NULL, User::Invariant());
+
+ CArrayPtr<CDmAdRtNode>* array = REINTERPRET_CAST(CArrayPtr<CDmAdRtNode>*,aPtr);
+ array->ResetAndDestroy();
+ delete array;
+ }
+
+
+void CDmAdRtNode::AppendCommandL(CDmAdCommand* aCommand)
+ {
+ TRACE("CDmAdRtNode::AppendCommandL");
+
+ iCommands->AppendL(aCommand);
+ iJustFetched = EFalse;
+ }
+
+void CDmAdRtNode::AddLeafObjectL(const TDesC8& aUri, const TDesC8& aObject, TInt aStatusRef)
+ {
+ TRACE("CDmAdRtNode::AddLeafObjectL");
+
+ CDmAdCommand* command = CDmAdCommand::NewLC(aUri, aStatusRef, ETrue);
+
+ iRtNodeDataApi->UpdateLeafDataL(iData, aUri, aObject);
+ iSomeLeafAddedToRtNode = ETrue;
+
+ AppendCommandL(command);
+ CleanupStack::Pop(); //command
+ }
+
+void CDmAdRtNode::UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aObject, TInt aStatusRef)
+ {
+ TRACE("CDmAdRtNode::UpdateLeafObjectL");
+
+ CDmAdCommand* command = CDmAdCommand::NewLC(aUri, aStatusRef, ETrue);
+
+ iRtNodeDataApi->UpdateLeafDataL(iData, aUri, aObject);
+
+ AppendCommandL(command);
+ CleanupStack::Pop(); //command
+ }
+
+TBool CDmAdRtNode::IsSomeChild(const TDesC8& aSomeParentUri) const
+ {
+ TRACE("CDmAdRtNode::IsSomeChild");
+
+ TPtrC8 someParentUri(TDmAdUtil::RemoveDotSlash(aSomeParentUri));
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(*iUri));
+ if (uri.Find(someParentUri) == 0)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+
+TBool CDmAdRtNode::AreUriTypesSame(const TDesC8& aUri)
+ {
+ TRACE("CDmAdRtNode::AreUriTypesSameL");
+
+ return iRtNodeDataApi->AreUriTypesSame(iData, aUri);
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadengine/src/dmadutil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,502 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of TDmAdUtil.
+*
+*/
+
+
+
+#include <utf.h>
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+//-----------------------------------------------------------------------
+
+DMAD_EXPORT_C TInt TDmAdUtil::DesToInt(const TDesC& aDes)
+ {
+ if (aDes.Length() == 0)
+ {
+ return 0;
+ }
+ TLex16 lex(aDes);
+ TInt value = 0;
+ if (lex.Val(value) != KErrNone)
+ {
+ ;
+ }
+ return value;
+ }
+
+DMAD_EXPORT_C TInt TDmAdUtil::DesToInt(const TDesC8& aDes)
+ {
+ if (aDes.Length() == 0)
+ {
+ return 0;
+ }
+ TLex8 lex(aDes);
+ TInt value = 0;
+ if (lex.Val(value) != KErrNone)
+ {
+ ;
+ }
+ return value;
+ }
+
+DMAD_EXPORT_C HBufC* TDmAdUtil::IntToDesLC(const TInt aInt)
+ {
+ HBufC* buf = HBufC::NewLC(10); //10 = max length of 32bit integer
+ TPtr ptrBuf = buf->Des();
+ ptrBuf.Num(aInt);
+ return buf;
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::IntToDes8LC(const TInt aInt)
+ {
+ HBufC8* buf = HBufC8::NewLC(10); //10 = max length of 32bit integer
+ TPtr8 ptrBuf = buf->Des();
+ ptrBuf.Num(aInt);
+ return buf;
+ }
+
+DMAD_EXPORT_C HBufC* TDmAdUtil::IntToDesLC(const TInt32 aInt32)
+ {
+ return IntToDesLC((TInt)aInt32);
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::IntToDes8LC(const TInt32 aInt32)
+ {
+ return IntToDes8LC((TInt)aInt32);
+ }
+
+//-----------------------------------------------------------------------
+
+DMAD_EXPORT_C TUint TDmAdUtil::DesToUint(const TDesC& aDes)
+ {
+ if (aDes.Length() == 0)
+ {
+ return 0;
+ }
+ TLex16 lex(aDes);
+ TUint value = 0;
+ if (lex.Val(value) != KErrNone)
+ {
+ ;
+ }
+ return value;
+ }
+
+DMAD_EXPORT_C TUint TDmAdUtil::DesToUint(const TDesC8& aDes)
+ {
+ if (aDes.Length() == 0)
+ {
+ return 0;
+ }
+ TLex8 lex(aDes);
+ TUint value = 0;
+ if (lex.Val(value) != KErrNone)
+ {
+ ;
+ }
+ return value;
+ }
+
+DMAD_EXPORT_C HBufC* TDmAdUtil::IntToDesLC(const TUint aUint)
+ {
+ HBufC* buf = HBufC::NewLC(10); //10 = max length of 32bit integer
+ TPtr ptrBuf = buf->Des();
+ ptrBuf.Num(aUint);
+ return buf;
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::IntToDes8LC(const TUint aUint)
+ {
+ HBufC8* buf = HBufC8::NewLC(10); //10 = max length of 32bit integer
+ TPtr8 ptrBuf = buf->Des();
+ ptrBuf.Num(aUint);
+ return buf;
+ }
+
+DMAD_EXPORT_C HBufC* TDmAdUtil::IntToDesLC(const TUint32 aUint32)
+ {
+ return IntToDesLC((TUint)aUint32);
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::IntToDes8LC(const TUint32 aUint32)
+ {
+ return IntToDes8LC((TUint)aUint32);
+ }
+
+//-----------------------------------------------------------------------
+
+DMAD_EXPORT_C TPtrC8 TDmAdUtil::LastUriSeg(const TDesC8& aUri)
+ {
+ TInt i;
+ for (i=aUri.Length()-1; i>=0; i--)
+ {
+ if (aUri[i] == '/')
+ {
+ break;
+ }
+ }
+ if (i==0)
+ {
+ return aUri;
+ }
+ else
+ {
+ return aUri.Mid(i+1);
+ }
+ }
+
+DMAD_EXPORT_C TPtrC8 TDmAdUtil::FirstUriSeg(const TDesC8& aUri)
+ {
+ TInt i;
+ TBool found = EFalse;
+ for (i=0; i<aUri.Length(); i++)
+ {
+ if (aUri[i] == '/')
+ {
+ found = ETrue;
+ break;
+ }
+ }
+ if (found)
+ {
+ return aUri.Left(i);
+ }
+ else
+ {
+ return aUri;
+ }
+ }
+
+DMAD_EXPORT_C TPtrC8 TDmAdUtil::RemoveLastUriSeg(const TDesC8& aUri)
+ {
+ TInt i;
+ for (i=aUri.Length()-1; i>=0; i--)
+ {
+ if (aUri[i] == '/')
+ {
+ break;
+ }
+ }
+ return aUri.Left(i);
+ }
+
+DMAD_EXPORT_C TInt TDmAdUtil::NumOfURISegs(const TDesC8& aUri)
+ {
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+ TInt numOfURISegs = 1;
+ for (TInt i=0; i<uri.Length(); i++)
+ {
+ if (uri[i] == '/')
+ {
+ numOfURISegs++;
+ }
+ }
+ return numOfURISegs;
+ }
+
+DMAD_EXPORT_C TPtrC8 TDmAdUtil::RemoveDotSlash(const TDesC8& aUri)
+ {
+ if (aUri.Find(KDmAdUriDotSlash) == 0)
+ {
+ return aUri.Right(aUri.Length() - KDmAdUriDotSlash().Length());
+ }
+ else
+ {
+ return aUri;
+ }
+ }
+
+DMAD_EXPORT_C TInt TDmAdUtil::CompareUris(const TDesC8& aUri1, const TDesC8& aUri2)
+ {
+ TPtrC8 uri1(TDmAdUtil::RemoveDotSlash(aUri1));
+ TPtrC8 uri2(TDmAdUtil::RemoveDotSlash(aUri2));
+ return uri1.Compare(uri2);
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::BuildUriLC(const TDesC8& aUriPath, const TDesC8& aUriSeg)
+ {
+ HBufC8* uri = BuildUriL(aUriPath, aUriSeg);
+ CleanupStack::PushL(uri);
+ return uri;
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::BuildUriL(const TDesC8& aUriPath, const TDesC8& aUriSeg)
+ {
+ HBufC8* uri = HBufC8::NewL(aUriPath.Length() + 1 + aUriSeg.Length());
+ TPtr8 uriDesc = uri->Des();
+ uriDesc.Copy(aUriPath);
+ uriDesc.Append(KDmAdSeparator);
+ uriDesc.Append(aUriSeg);
+ return uri;
+ }
+
+DMAD_EXPORT_C MSmlDmAdapter::TError TDmAdUtil::MapStatusCode(TInt aStatus)
+ {
+ TRACE("TDmAdUtil::MapStatusCode");
+
+
+ MSmlDmAdapter::TError dmStatus;
+ if (aStatus == KErrNone)
+ {
+ dmStatus = MSmlDmAdapter::EOk;
+ }
+ else if (aStatus == KErrNotFound)
+ {
+ dmStatus = MSmlDmAdapter::ENotFound;
+ }
+ else if (aStatus == KErrCorrupt)
+ {
+ dmStatus = MSmlDmAdapter::EInvalidObject;
+ }
+ else if (aStatus == KErrAlreadyExists)
+ {
+ dmStatus = MSmlDmAdapter::EAlreadyExists;
+ }
+ else if (aStatus == KErrTooBig)
+ {
+ dmStatus = MSmlDmAdapter::ETooLargeObject;
+ }
+ else if (aStatus == KErrDiskFull)
+ {
+ dmStatus = MSmlDmAdapter::EDiskFull;
+ }
+ /*
+ ERollbackFailed,
+ EObjectInUse,
+ ENoMemory,
+ ECommitOK,
+ ERollbackOK,
+ ECommitFailed
+ */
+ else
+ {
+ dmStatus = MSmlDmAdapter::EError;
+ }
+ return dmStatus;
+ }
+
+DMAD_EXPORT_C void TDmAdUtil::ParseUriLC(const TDesC8& aUri, CArrayFix<TPtrC8>*& aUriSegList)
+ {
+ TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
+
+ CArrayFix<TPtrC8>* uriSegList;
+ uriSegList = new (ELeave) CArrayFixFlat<TPtrC8>(8);
+ CleanupStack::PushL(uriSegList);
+
+ TPtrC8 seg;
+ TPtrC8 curr(uri);
+
+ while (curr.Length() > 0)
+ {
+ TInt offset = curr.Locate('/');
+ if (offset == KErrNotFound)
+ {
+ seg.Set(curr);
+ curr.Set(KNullDesC8);
+ }
+ else
+ {
+ seg.Set(curr.Left(offset));
+ TInt rightLth = curr.Length() - offset - 1;
+ if (rightLth <= 0)
+ {
+ DEBUG_LOG(_L("TDmAdUtil::ParseUriLC: corrupted uri"));
+ DEBUG_LOG1(_L8("URI: %S"), &aUri);
+
+ User::Leave(KErrGeneral);
+ }
+ curr.Set(curr.Right(rightLth));
+ }
+ uriSegList->AppendL(seg);
+ }
+
+ aUriSegList = uriSegList;
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::LuidTo8L(const TDesC& aLuid16)
+ {
+ HBufC8* luid8 = HBufC8::NewL(aLuid16.Length());
+ luid8->Des().Copy(aLuid16);
+ return luid8;
+ }
+
+DMAD_EXPORT_C HBufC* TDmAdUtil::LuidTo16L(const TDesC8& aLuid8)
+ {
+ HBufC* luid16 = HBufC::NewL(aLuid8.Length());
+ luid16->Des().Copy(aLuid8);
+ return luid16;
+ }
+
+//-----------------------------------------------------------------------
+
+DMAD_EXPORT_C void TDmAdUtil::FillNodeInfoL(MSmlDmDDFObject& aNode,
+ TSmlDmAccessTypes aAccTypes,
+ MSmlDmDDFObject::TOccurence aOccurrence,
+ MSmlDmDDFObject::TScope aScope,
+ MSmlDmDDFObject::TDFFormat aFormat,
+ const TDesC8& aDescription,
+ TBool aObjectGroup,
+ const TDesC8& aMimeType)
+{
+ aNode.SetAccessTypesL(aAccTypes);
+ aNode.SetOccurenceL(aOccurrence);
+ aNode.SetScopeL(aScope);
+ aNode.SetDFFormatL(aFormat);
+
+ if (aMimeType.Length() > 0)
+ {
+ aNode.AddDFTypeMimeTypeL(aMimeType);
+ }
+
+ aNode.SetDescriptionL(aDescription);
+
+ (void)aObjectGroup;
+ }
+
+DMAD_EXPORT_C MSmlDmDDFObject& TDmAdUtil::AddChildObjectL(MSmlDmDDFObject& aNode, const TDesC8& aNodeName)
+ {
+ if (aNodeName.Length() == 0)
+ {
+ MSmlDmDDFObject& object = aNode.AddChildObjectGroupL();
+ return object;
+ }
+ else
+ {
+ MSmlDmDDFObject& object = aNode.AddChildObjectL(aNodeName);
+ return object;
+ }
+ }
+
+DMAD_EXPORT_C HBufC8* TDmAdUtil::BuildLocallyCreatedRtNodeUriSegLC(TInt& aLargest)
+ {
+ ++aLargest;
+ HBufC8* number = TDmAdUtil::IntToDes8LC(aLargest);
+ HBufC8* uri = HBufC8::NewL(KDmAdLocallyCreatedRtNodeUriSegPrefix().Length() + number->Length());
+ uri->Des().Copy(KDmAdLocallyCreatedRtNodeUriSegPrefix);
+ uri->Des().Append(*number);
+ CleanupStack::PopAndDestroy(); // number
+ CleanupStack::PushL(uri);
+ return uri;
+ }
+
+TInt TDmAdUtil::FindLargestLocallyCreated(const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList)
+ {
+ TRACE("TDmAdUtil::FindLargestLocallyCreated");
+ TInt largest = 0;
+ for (TInt i=0; i < aPreviousUriSegmentList.Count(); i++)
+ {
+ const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
+ if (mappingInfo.iURISeg.Find(KDmAdLocallyCreatedRtNodeUriSegPrefix) == 0)
+ {
+ TPtrC8 numberPart(mappingInfo.iURISeg.Mid(KDmAdLocallyCreatedRtNodeUriSegPrefix().Length()));
+ TInt number = TDmAdUtil::DesToInt(numberPart);
+ if (number > largest)
+ {
+ largest = number;
+ }
+ }
+ }
+ return largest;
+ }
+
+
+void PointerArrayCleanup(TAny* item)
+ {
+ RPointerArray<HBufC8>* a = static_cast<RPointerArray<HBufC8>*>(item);
+ a->ResetAndDestroy();
+ a->Close();
+ }
+
+
+#define DMAD_DUMP_PREVIOUS_URI_SEGMENT_LIST
+
+DMAD_EXPORT_C void TDmAdUtil::BuildRtNodeChildUriListL(MDmAdCallBack* aDmAdCallBack,
+ MDmAdStoreApi* aStoreApi,
+ const TDesC8& aUri,
+ const TDesC8& aParentLuid,
+ const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
+ CBufBase& aCurrentList)
+ {
+#ifdef DMAD_DUMP_PREVIOUS_URI_SEGMENT_LIST
+ DEBUG_LOG(_L("BuildRtNodeChildUriListL:"));
+ {
+ for (TInt i=0; i < aPreviousUriSegmentList.Count(); i++)
+ {
+ const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
+
+ DEBUG_LOG1(_L("entry %d:"), i);
+ DEBUG_LOG1(_L8("Uri: %S"), &(mappingInfo.iURISeg));
+ DEBUG_LOG_HEX(mappingInfo.iURISegLUID);
+
+ }
+ }
+#endif
+
+ RPointerArray<HBufC8> luidList;
+ CleanupStack::PushL(TCleanupItem(PointerArrayCleanup, &luidList));
+
+ aStoreApi->LuidListL(aUri, aParentLuid, luidList);
+
+
+ // Finds largest number used in cli<x> named nodes.
+ TInt largest = FindLargestLocallyCreated(aPreviousUriSegmentList);
+ DEBUG_LOG1(_L("largest is cli%d"), largest);
+
+ TInt countLuidList = luidList.Count();
+ for (TInt j=0; j < countLuidList; j++)
+ {
+ const HBufC8* luidElem = luidList[j];
+
+ HBufC8* uriSeg = 0;
+
+ //Tries to find the luid from the aPreviousUriSegmentList
+ for (TInt i=0; i < aPreviousUriSegmentList.Count(); i++)
+ {
+ const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
+
+ if (mappingInfo.iURISegLUID.Compare(*luidElem) == 0)
+ {
+ uriSeg = mappingInfo.iURISeg.AllocLC();
+ break;
+ }
+ }
+
+ if (uriSeg == 0)
+ {
+ //Uri was not found from the aPreviousUriSegmentList
+ uriSeg = BuildLocallyCreatedRtNodeUriSegLC(largest);
+
+ DEBUG_LOG2(_L8("uriSeg %S, largest %d"), uriSeg, largest);
+
+ HBufC8* wholeUri = TDmAdUtil::BuildUriLC(aUri, *uriSeg);
+ aDmAdCallBack->SetMappingL(*wholeUri, *luidElem);
+ CleanupStack::PopAndDestroy(); //wholeUri
+ }
+
+ //If this is not the first element, inserts slash at the beginning
+ //of the result list.
+ if (j > 0)
+ {
+ aCurrentList.InsertL(aCurrentList.Size(), KDmAdSeparator);
+ }
+ aCurrentList.InsertL(aCurrentList.Size(), *uriSeg);
+
+ CleanupStack::PopAndDestroy(); // uriSeg
+ }
+
+ CleanupStack::PopAndDestroy(); //luidList
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/BWINS/DMADTESTU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?StartTest@TDmAdStartTest@@SAXXZ @ 1 NONAME ; public: static void __cdecl TDmAdStartTest::StartTest(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/data/1020699c.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for dmadipsecvpn.
+*
+*/
+
+CHARACTER_SET UTF8
+
+/*
+* ============================================================================
+* Name : 1020699C.rss
+* ============================================================================
+*/
+
+#include <ecom/registryinfo.rh>
+
+#define KSmlDMInterfaceUid 0x102018B4
+#include "dmadadapterimplconst.h"
+
+RESOURCE REGISTRY_INFO theRegistryInfo
+ {
+ dll_uid = KDmAdDllUid; //The DLL's 3rd UID.
+ interfaces =
+ {
+ INTERFACE_INFO
+ {
+ interface_uid = KSmlDMInterfaceUid; // DM interface UID
+ implementations =
+ {
+ IMPLEMENTATION_INFO
+ {
+ implementation_uid = KDmAdImplUid;
+ version_no = 1;
+ display_name = "";
+ default_data = "";
+ opaque_data = "";
+ }
+ };
+ }
+ };
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_MMPFILES
+dmadipsecvpn.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/group/dmadipsecvpn.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project dmadipsecvpn
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET dmadipsecvpn.dll
+TARGETTYPE PLUGIN
+UID 0x10009D8D 0x1020699C
+
+CAPABILITY CAP_ECOM_PLUGIN
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE dmadadapter.cpp
+SOURCE dmadddf.cpp
+SOURCE DmAdRtNodeData.cpp
+SOURCE dmadrtnodedataapi.cpp
+SOURCE DmAdStore.cpp
+SOURCE dmadstorevpnapcmm.cpp
+SOURCE dmadeventlog.cpp
+SOURCE eventlogger.cpp
+
+START RESOURCE ../data/1020699c.rss
+TARGET dmadipsecvpn.rsc
+END
+
+USERINCLUDE ../inc
+USERINCLUDE ../../dmadengine/inc
+USERINCLUDE ../../eventviewer/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/ecom
+
+LIBRARY euser.lib
+LIBRARY ecom.lib
+LIBRARY charconv.lib
+LIBRARY dmadengine.lib
+LIBRARY eventmedapi.lib
+LIBRARY vpnapi.lib
+LIBRARY eventviewer.lib
+LIBRARY efsrv.lib
+LIBRARY bafl.lib
+LIBRARY cmmanager.lib
+
+DEBUGLIBRARY flogger.lib
+
+MACRO DMAD_ENGINE_EXPORT
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/DmAdRtNodeData.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,150 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdRtNodeData.
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATA_H__
+#define __DMADRTNODEDATA_H__
+
+
+#include <e32base.h>
+
+#include "dmadcallback.h"
+#include "dmadstorevpnap.h"
+#include "vpnapi.h"
+
+class CX509Certificate;
+
+typedef enum
+ {
+ EDmAdUriTypeVpnAp,
+ EDmAdUriTypePolicy,
+ } TDmAdUriType;
+
+//------------------------------------------------------------------------------------------------
+// CDmAdVpnApData
+//------------------------------------------------------------------------------------------------
+class CDmAdVpnApData : public CBase
+ {
+public:
+ static CDmAdVpnApData* NewL(MDmAdCallBack* aCallBack);
+ ~CDmAdVpnApData();
+
+
+ void SetNameL(const TDesC8& aName);
+ HBufC8* NameLC(void);
+
+ void SetPolicyRefIdL(const TDesC& aPolicyRefId);
+ HBufC* PolicyRefIdLC(void);
+
+ void SetConRefL(const TDesC8& aConRef);
+ HBufC8* ConRefLC(void);
+
+ HBufC8* ThisRefLC(const TDesC8& aLuid);
+ HBufC8* PolicyRefUriLC(void);
+
+ void RestoreL(const TVpnApParms& aVpnApParms);
+ void ToStoreL(TVpnApParms& aVpnApParms);
+
+private:
+ CDmAdVpnApData(MDmAdCallBack* aCallBack);
+
+private:
+ MDmAdCallBack* iCallBack;
+
+ HBufC* iName;
+ HBufC* iPolicyRefId;
+ HBufC8* iConRef;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdPolicyData
+//------------------------------------------------------------------------------------------------
+class CDmAdPolicyData : public CBase
+ {
+public:
+ static CDmAdPolicyData* NewL(void);
+ ~CDmAdPolicyData();
+
+ void SetNameL(const TDesC8& aName);
+ HBufC8* NameLC(void);
+ void SetIdL(const TDesC8& aId);
+ HBufC8* IdLC(void);
+ void SetVersionL(const TDesC8& aVersion);
+ HBufC8* VersionLC(void);
+ void SetDescriptionL(const TDesC8& aDescription);
+ HBufC8* DescriptionLC(void);
+ void SetIssuerL(const TDesC8& aIssuer);
+ HBufC8* IssuerLC(void);
+ void SetContactL(const TDesC8& aContact);
+ HBufC8* ContactLC(void);
+ void SetContentL(const TDesC8& aContent);
+ TPtrC8 Content(void);
+ void DetailsRestoreL(const TVpnPolicyDetails& aDetails);
+ void DetailsToStoreL(TVpnPolicyDetails& aDetails);
+ void ContentRestoreL(const TDesC8& aContent);
+ TPtrC8 ContentToStore(void);
+
+private:
+ CDmAdPolicyData();
+
+private:
+ HBufC* iName;
+ HBufC* iId;
+ HBufC* iVersion;
+ HBufC* iDescription;
+ HBufC* iIssuer;
+ HBufC* iContact;
+ HBufC8* iContent;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdRtNodeData
+//------------------------------------------------------------------------------------------------
+class CDmAdRtNodeData : public CBase
+ {
+public:
+ static CDmAdRtNodeData* NewL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ ~CDmAdRtNodeData();
+ TDmAdUriType UriType(void) const;
+ static TDmAdUriType UriTypeL(const TDesC8& aUri);
+ void UpdateLeafDataL(const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+
+ inline CDmAdVpnApData* VpnApData(void) const;
+ inline CDmAdPolicyData* PolicyData(void) const;
+
+private:
+ void ConstructL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ CDmAdRtNodeData();
+ void UpdateLeafDataVpnApL(const TDesC8& aUri, const TDesC8& aObject);
+ void UpdateLeafDataPolicyL(const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectVpnApLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void FetchLeafObjectPolicyLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+
+private:
+ TDmAdUriType iUriType;
+ union
+ {
+ CDmAdVpnApData* iVpnAp;
+ CDmAdPolicyData* iPolicy;
+ } u;
+ };
+
+#include "DmAdRtNodeData.inl"
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/DmAdRtNodeData.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Inlined node data methods.
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATA_INL__
+#define __DMADRTNODEDATA_INL__
+
+inline CDmAdVpnApData* CDmAdRtNodeData::VpnApData(void) const
+ {
+ return u.iVpnAp;
+ }
+
+inline CDmAdPolicyData* CDmAdRtNodeData::PolicyData(void) const
+ {
+ return u.iPolicy;
+ }
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/DmAdStore.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,73 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdStore.
+*
+*/
+
+
+
+#ifndef __DMADSTORE_H__
+#define __DMADSTORE_H__
+
+#include <e32base.h>
+
+#include "dmadstoreapi.h"
+#include "DmAdRtNode.h"
+
+#include "dmadstorevpnap.h"
+#include "vpnapi.h"
+
+#include "eventlogger.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdStore
+//------------------------------------------------------------------------------------------------
+class CDmAdStore : public CBase, public MDmAdStoreApi
+ {
+public:
+ static CDmAdStore* NewL(void);
+ ~CDmAdStore();
+ TBool FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void LuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void FetchRtNodeL(CDmAdRtNode& aRtNode);
+ void SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void SaveChildLevelRtNodeL(CDmAdRtNode& aRtNode);
+ void DeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+
+private:
+ void ConstructL(void);
+ CDmAdStore();
+
+ TBool VpnApFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void VpnApLuidListL(RPointerArray<HBufC8>& aLuidList);
+ void VpnApFetchRtNodeL(CDmAdRtNode& aRtNode);
+ void VpnApSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void VpnApDeleteRtNodeL(const TDesC8& aLuid);
+
+ TPtrC8 PolicyRefToLuid(const TDesC& aPolicyRef);
+ TPtrC LuidToPolicyRef(const TDesC8& aLuid);
+ TBool PolicyFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void PolicyLuidListL(RPointerArray<HBufC8>& aLuidList);
+ void PolicyFetchRtNodeL(CDmAdRtNode& aRtNode);
+ void PolicySaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void PolicyDeleteRtNodeL(const TDesC8& aLuid);
+
+private:
+ CVpnAp* iVpnAp;
+ RVpnServ iVpnApi;
+
+ DEFINE_EVENT_LOGGER
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadadapter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,94 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN OMA DM Adapter
+*
+*/
+
+
+
+#ifndef __DMADADAPTER_H__
+#define __DMADADAPTER_H__
+
+#include <smldmadapter.h>
+
+#include "dmadcallbackc.h"
+#include "DmAdStore.h"
+#include "dmadddf.h"
+#include "dmadrtnodedataapic.h"
+#include "dmadengine.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdAdapter
+//------------------------------------------------------------------------------------------------
+class CDmAdAdapter : public CSmlDmAdapter
+ {
+public:
+ static CDmAdAdapter* NewL(MSmlDmCallback* aDmCallback);
+ static CDmAdAdapter* NewLC(MSmlDmCallback* aDmCallback);
+ ~CDmAdAdapter();
+
+ void DDFVersionL(CBufBase& aVersion);
+ void DDFStructureL(MSmlDmDDFObject& aDDF);
+
+ void ChildURIListL(const TDesC8& aUri, const TDesC8& aLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousURISegmentList, TInt aResultsRef, TInt aStatusRef);
+ void AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, const TInt aStatusRef);
+ void UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ void FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef);
+ void DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+ void CompleteOutstandingCmdsL();
+ void UpdateLeafObjectL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef);
+ void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void StartAtomicL();
+ void CommitAtomicL();
+ void RollbackAtomicL();
+ TBool StreamingSupport(TInt& aItemSize);
+ void StreamCommittedL();
+
+private:
+ CDmAdAdapter(MSmlDmCallback* aDmCallback);
+ void ConstructL(MSmlDmCallback* aDmCallback);
+
+private:
+ CDmAdCallBack* iCallBack;
+ CDmAdStore* iStore;
+ CDmAdDdf* iDdf;
+ CDmAdRtNodeDataApi* iRtNodeDataApi;
+ CDmAdEngine* iEngine;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadadapterimplconst.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN OMA DM Adapter constants.
+*
+*/
+
+
+
+#ifndef __DMADADAPTERIMPLCONST_H__
+#define __DMADADAPTERIMPLCONST_H__
+
+#define KDmAdDllUid 0x1020699C
+#define KDmAdImplUid 0x1020699D
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadddf.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,167 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdDdf.
+*
+*/
+
+
+
+#ifndef __DMADDDF_H__
+#define __DMADDDF_H__
+
+#include <smldmadapter.h>
+#include "dmadddfapi.h"
+#include "dmadcallback.h"
+#include "DmAdStore.h"
+#include "version.h"
+
+//------------------------------------------------------------------------------------------------
+// DDF version
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdDdfVersion, "1.0");
+
+//------------------------------------------------------------------------------------------------
+// ./NokiaIPSecVPN Type property
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdNokiaIpSecVpnRootTypeProperty, "com.nokia.devman/1.0/ipsecvpn");
+
+//------------------------------------------------------------------------------------------------
+// ./NokiaIPSecVPN/General/ClientVersion - see version.h
+//------------------------------------------------------------------------------------------------
+//_LIT8(KDmAdClientVersion, "0.0");
+
+//------------------------------------------------------------------------------------------------
+// URIs
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdOwnAdUriForGetLuidAllocLFix, "NokiaIPSecVPN/Policy"); // URI not object group level?
+
+ //------- root -----------------
+_LIT8(KDmAdNodeNokiaIpSecVpn, "NokiaIPSecVPN");
+
+ //------- common -----------------
+_LIT8(KDmAdNodeRt, "");
+_LIT8(KDmAdNodeGeneral, "General");
+
+_LIT8(KDmAdLeafClientVersion, "ClientVersion");
+_LIT8(KDmAdLeafEventLog, "EventLog");
+_LIT8(KDmAdLeafName, "Name");
+_LIT8(KDmAdLeafId, "ID");
+_LIT8(KDmAdLeafContent, "Content");
+
+ //------- AP -----------------
+_LIT8(KDmAdNodeAp, "AP");
+_LIT8(KDmAdNodePolicyRef, "PolicyRef");
+_LIT8(KDmAdLeafConRef, "ConRef");
+_LIT8(KDmAdLeafThisRef, "ThisRef");
+_LIT8(KDmAdLeafUri, "URI");
+
+ //------- Policy -----------------
+_LIT8(KDmAdNodePolicy, "Policy");
+_LIT8(KDmAdLeafVersion, "Version");
+_LIT8(KDmAdLeafDescription, "Description");
+_LIT8(KDmAdLeafIssuer, "Issuer");
+_LIT8(KDmAdLeafContact, "Contact");
+
+//------------------------------------------------------------------------------------------------
+// URI descriptions
+//------------------------------------------------------------------------------------------------
+ //------- root -----------------
+_LIT8(KDmAdDescNodeNokiaIpSecVpn, "NokiaIPSecVPN");
+
+ //------- common -----------------
+_LIT8(KDmAdDescNodeRt, "Placeholder for one set of settings");
+_LIT8(KDmAdDescNodeGeneral, "General");
+
+_LIT8(KDmAdDescLeafClientVersion, "ClientVersion");
+_LIT8(KDmAdDescLeafEventLog, "EventLog");
+_LIT8(KDmAdDescLeafName, "Name");
+_LIT8(KDmAdDescLeafId, "ID");
+_LIT8(KDmAdDescLeafContent, "Content");
+
+ //------- AP -----------------
+_LIT8(KDmAdDescNodeAp, "AP");
+_LIT8(KDmAdDescNodePolicyRef, "PolicyRef");
+_LIT8(KDmAdDescLeafConRef, "ConRef");
+_LIT8(KDmAdDescLeafThisRef, "ThisRef");
+_LIT8(KDmAdDescLeafUri, "URI");
+
+ //------- Policy -----------------
+_LIT8(KDmAdDescNodePolicy, "Policy");
+_LIT8(KDmAdDescLeafVersion, "Version");
+_LIT8(KDmAdDescLeafDescription, "Description");
+_LIT8(KDmAdDescLeafIssuer, "Issuer");
+_LIT8(KDmAdDescLeafContact, "Contact");
+
+//------------------------------------------------------------------------------------------------
+// ChildURIListL constants
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdListOfNokiaIpSecVpnChildren, "General/AP/Policy");
+
+_LIT8(KDmAdListOfPolicyXChildren, "Name/ID/Version/Description/Issuer/Contact/Content");
+_LIT8(KDmAdListOfApXChildren, "Name/ThisRef/PolicyRef/ConRef");
+
+_LIT8(KDmAdListOfPolicyRefChildren, "ID/URI");
+
+_LIT8(KDmAdListOfIpSecVpnGeneralChildren, "ClientVersion/EventLog");
+
+
+
+//------------------------------------------------------------------------------------------------
+// FetchLink URIs
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdFetchLinkAp, "AP");
+_LIT8(KDmAdFetchLinkSnap, "BearerManagementSNAP");
+_LIT8(KDmAdFetchLinkPolicy, "NokiaIPSecVPN/Policy");
+
+//------------------------------------------------------------------------------------------------
+// TDFFormat - EBool
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdDfFormatBoolTrue, "True" );
+_LIT8(KDmAdDfFormatBoolFalse, "False" );
+
+//------------------------------------------------------------------------------------------------
+// CDmAdDdf
+//------------------------------------------------------------------------------------------------
+class CDmAdDdf : public CBase, public MDmAdDdfApi
+ {
+public:
+ static CDmAdDdf* NewL(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+ static CDmAdDdf* NewLC(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+ ~CDmAdDdf();
+
+ void BuildDDFVersionL(CBufBase& aDDFVersion);
+ void BuildDDFStructureL(MSmlDmDDFObject& aDDF);
+
+ void NotRtNodeAddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef);
+ void NotRtNodeUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ TInt NotRtNodeFetchLeafObjectLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, const TDesC8& /*aType*/, CBufBase*& aObject);
+ void NotRtNodeDeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+
+ TBool IsNodeRtNodeL(const TDesC8& aUri);
+ TBool IsLeafUnderRtNodeL(const TDesC8& aUri);
+ TPtrC8 RtNodeUriForLeafL(const TDesC8& aLeafUri);
+ TBool IsTopLevelRtNode(const TDesC8& aUri);
+ HBufC8* ParentRtNodeUriForRtNodeLC(const TDesC8& aUri);
+ void BuildChildUriListLC(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, CBufBase*& aCurrentList);
+
+private:
+ CDmAdDdf(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+ void ConstructL(void);
+
+private:
+ MDmAdCallBack* iCallBack;
+ CDmAdStore* iStore;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadeventlog.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of TDmAdEventLog.
+*
+*/
+
+
+
+#ifndef __DMADEVENTLOG_H__
+#define __DMADEVENTLOG_H__
+
+#include <e32base.h>
+#include <f32file.h>
+#include <barsc.h>
+
+#include "eventviewer2.h"
+
+//------------------------------------------------------------------------------------------------
+// TDmAdEventLog
+//------------------------------------------------------------------------------------------------
+class TDmAdEventLog
+ {
+public:
+ static void DeleteLogL(void);
+ static void EventLogL(CBufBase& aEventLog);
+private:
+ static void FormatTimeL(RResourceFile& aResourceFile, TDes& aDateTimeText, TTime aTime);
+ static HBufC* CategoryTextLC(RResourceFile& aResourceFile, TLogCategory2 aCategory);
+ static void OpenResourceFileL(RFs& aFs, RResourceFile& aResourceFile, const TDesC& aFilename);
+ static HBufC* ReadResourceLC(RResourceFile& aResourceFile, TInt aMsgId);
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadrtnodedataapic.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,51 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdRtNodeDataApi.
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATAAPIC_H__
+#define __DMADRTNODEDATAAPIC_H__
+
+#include <e32base.h>
+
+#include "dmadrtnodedataapi.h"
+#include "DmAdRtNodeData.h"
+#include "dmadcallback.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdRtNodeDataApi
+//------------------------------------------------------------------------------------------------
+class CDmAdRtNodeDataApi : public CBase, public MDmAdRtNodeDataApi
+ {
+public:
+ static CDmAdRtNodeDataApi* NewL(void);
+ static CDmAdRtNodeDataApi* NewLC(void);
+ ~CDmAdRtNodeDataApi();
+
+ CDmAdRtNodeData* CreateDmAdRtNodeDataL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ void DeleteDmAdRtNodeData(CDmAdRtNodeData* aDmAdRtNodeData);
+ void UpdateLeafDataL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectLC(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void SetDefaultSettingsL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri);
+ TBool AreUriTypesSame(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri);
+
+private:
+ void ConstructL(void);
+ CDmAdRtNodeDataApi();
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/dmadstorevpnap.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,87 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN AP storer
+*
+*/
+
+
+
+#ifndef __DMADSTOREVPNAP_H__
+#define __DMADSTOREVPNAP_H__
+
+#include <e32base.h>
+#include <cmmanagerext.h>
+
+typedef TInt32 TVpnApCommsId;
+const TInt KVpnApSvrMaxFieldLength = 50;
+
+class TVpnApParms
+ {
+ public:
+ enum TRealConnRefType
+ {
+ EIapRealConnRef,
+ ESnapRealConnRef
+ };
+
+ TBuf<KVpnApSvrMaxFieldLength> iName;
+ TBuf<KVpnApSvrMaxFieldLength> iPolicyId;
+
+ TRealConnRefType iRealConnRefType;
+ TVpnApCommsId iRealConnRef;
+ };
+
+
+class RCmConnectionMethodExt;
+
+/**
+ * Store VPN AP
+ *
+ * Store VPN accesspoints data to commsdb.
+ *
+ * @lib (internal) dmadipsecvpn.lib
+ * @since S60 3.0
+ */
+class CVpnAp : public CBase
+ {
+public:
+ static CVpnAp* NewL(void);
+ ~CVpnAp();
+
+ TBool FindVpnApL(TVpnApCommsId aId);
+ void DeleteVpnApL(TVpnApCommsId aId);
+ void ListVpnApsL(RArray<TVpnApCommsId>& aIdArray);
+ void GetVpnApL(TVpnApCommsId aId, TVpnApParms& aVpnApParms);
+ TVpnApCommsId AddVpnApL(const TVpnApParms& aVpnApParms);
+ void UpdateVpnApL(TVpnApCommsId aId, const TVpnApParms& aVpnApParms);
+
+private: // implementation
+ void ConstructL(void);
+ CVpnAp();
+
+
+ void UpdateVpnApL(RCmConnectionMethodExt& aConnectionMethod,
+ const TVpnApParms& aVpnApParms);
+
+ TBool IsVpnConnectionMethodL(RCmConnectionMethodExt& aConnectionMethod) const;
+
+private: // data
+
+ RCmManagerExt iCmManagerExt;
+
+ };
+
+#endif // __DMADSTOREVPNAP_H__
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/eventlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,51 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CEventLogger.
+*
+*/
+
+
+
+#ifndef __EVENTLOGGER_H__
+#define __EVENTLOGGER_H__
+
+
+#include <e32base.h>
+
+#include "eventmediatorapi.h"
+#include "vpnapi.h"
+
+class CEventLogger : CBase
+ {
+public:
+ static CEventLogger* NewL();
+ void LogEvent(RVpnServ& vpnApi, TUint aMsgId, const TDesC* aDes1, TInt aInt1, TInt aInt2);
+ ~CEventLogger();
+
+private:
+ CEventLogger();
+ void ConstructL();
+ void LogEvent(TUint aMsgId, const TDesC8* aDes1, TInt aInt1, TInt aInt2);
+
+private:
+ REventMediator iEventMediator;
+ };
+
+#define DEFINE_EVENT_LOGGER CEventLogger* iEventLogger;
+#define INIT_EVENT_LOGGER TRAP_IGNORE(iEventLogger = CEventLogger::NewL(););
+#define RELEASE_EVENT_LOGGER delete iEventLogger; iEventLogger = NULL;
+
+#define LOG_EVENT(a, b, c, d, e) if (iEventLogger) iEventLogger->LogEvent(a, b, c, d, e);
+
+#endif // __EVENTLOGGER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/inc/log.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_H__)
+#define __LOG_H__
+
+_LIT(KLogFile,"dmad.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/rom/dmadipsecvpn.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project dmadipsecvpn
+*
+*/
+
+
+
+#ifndef __DMADIPSECVPN_IBY__
+#define __DMADIPSECVPN_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM dmadipsecvpn not included in this rom
+
+#else
+
+ECOM_PLUGIN(dmadipsecvpn.dll, dmadipsecvpn.rsc)
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __DMADIPSECVPN_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/DmAdRtNodeData.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,915 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdRtNodeData.
+*
+*/
+
+
+
+#include <utf.h>
+
+#include "DmAdRtNodeData.h"
+#include "dmadddf.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+CDmAdRtNodeData* CDmAdRtNodeData::NewL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNodeData::NewL");
+
+ CDmAdRtNodeData *self = new (ELeave) CDmAdRtNodeData();
+ CleanupStack::PushL(self);
+ self->ConstructL(aUri, aCallBack);
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+void CDmAdRtNodeData::ConstructL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNodeData::ConstructL");
+
+ iUriType = UriTypeL(aUri);
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ u.iVpnAp = CDmAdVpnApData::NewL(aCallBack);
+ break;
+ case EDmAdUriTypePolicy:
+ u.iPolicy = CDmAdPolicyData::NewL();
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+CDmAdRtNodeData::CDmAdRtNodeData()
+ {
+ TRACE("CDmAdRtNodeData::CDmAdRtNodeData");
+ }
+
+CDmAdRtNodeData::~CDmAdRtNodeData()
+ {
+ TRACE("CDmAdRtNodeData::~CDmAdRtNodeData");
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ delete u.iVpnAp;
+ break;
+ case EDmAdUriTypePolicy:
+ delete u.iPolicy;
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Invariant();
+ break;
+ }
+ }
+
+//--------------------------------------------------------------------------
+
+TDmAdUriType CDmAdRtNodeData::UriType(void) const
+ {
+ TRACE("CDmAdRtNodeData::UriType");
+ return iUriType;
+ }
+
+TDmAdUriType CDmAdRtNodeData::UriTypeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdRtNodeData::UriTypeL");
+
+ TDmAdUriType ret = EDmAdUriTypeVpnAp;
+ CArrayFix<TPtrC8>* uriSegList;
+ TDmAdUtil::ParseUriLC(aUri, uriSegList);
+
+ if (uriSegList->Count() < 2)
+ {
+ DEBUG_LOG(_L("Uri seg count < 2"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (uriSegList->At(0).Compare(KDmAdNodeNokiaIpSecVpn) == 0)
+ {
+ if (uriSegList->At(1).Compare(KDmAdNodePolicy) == 0)
+ {
+ ret = EDmAdUriTypePolicy;
+ }
+ else if (uriSegList->At(1).Compare(KDmAdNodeAp) == 0)
+ {
+ ret = EDmAdUriTypeVpnAp;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI element"));
+ User::Leave(KErrGeneral);
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI element"));
+ User::Leave(KErrGeneral);
+ }
+
+ CleanupStack::PopAndDestroy(); // uriSegList
+ return ret;
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdRtNodeData::UpdateLeafDataL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataL");
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ UpdateLeafDataVpnApL(aUri, aObject);
+ break;
+ case EDmAdUriTypePolicy:
+ UpdateLeafDataPolicyL(aUri, aObject);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataVpnApL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataVpnApL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafName) == 0)
+ {
+ u.iVpnAp->SetNameL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafId) == 0)
+ {
+ HBufC* policyRef = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aObject);
+ CleanupStack::PushL(policyRef);
+ u.iVpnAp->SetPolicyRefIdL(*policyRef);
+ CleanupStack::PopAndDestroy(policyRef);
+ }
+ else if (lastSeg.Compare(KDmAdLeafConRef) == 0)
+ {
+ u.iVpnAp->SetConRefL(aObject);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataPolicyL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataPolicyL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafName) == 0)
+ {
+ u.iPolicy->SetNameL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafId) == 0)
+ {
+ u.iPolicy->SetIdL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafVersion) == 0)
+ {
+ u.iPolicy->SetVersionL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafDescription) == 0)
+ {
+ u.iPolicy->SetDescriptionL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafIssuer) == 0)
+ {
+ u.iPolicy->SetIssuerL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafContact) == 0)
+ {
+ u.iPolicy->SetContactL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ u.iPolicy->SetContentL(aObject);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ switch (iUriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ FetchLeafObjectVpnApLC(aUri, aLuid, aObject);
+ break;
+ case EDmAdUriTypePolicy:
+ FetchLeafObjectPolicyLC(aUri, aLuid, aObject);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectVpnApLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafName) == 0)
+ {
+ HBufC8* obj = u.iVpnAp->NameLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafThisRef) == 0)
+ {
+ HBufC8* obj = u.iVpnAp->ThisRefLC(aLuid);
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafId) == 0)
+ {
+ HBufC* policyRef = u.iVpnAp->PolicyRefIdLC();
+ HBufC8* obj = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*policyRef);
+ CleanupStack::PushL(obj);
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ CleanupStack::PopAndDestroy(policyRef);
+ }
+ else if (lastSeg.Compare(KDmAdLeafUri) == 0)
+ {
+ HBufC8* obj = u.iVpnAp->PolicyRefUriLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafConRef) == 0)
+ {
+ HBufC8* obj = u.iVpnAp->ConRefLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+
+ aObject = object;
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectPolicyLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ (void)aLuid;
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafName) == 0)
+ {
+ HBufC8* obj = u.iPolicy->NameLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafId) == 0)
+ {
+ HBufC8* obj = u.iPolicy->IdLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafVersion) == 0)
+ {
+ HBufC8* obj = u.iPolicy->VersionLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafDescription) == 0)
+ {
+ HBufC8* obj = u.iPolicy->DescriptionLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafIssuer) == 0)
+ {
+ HBufC8* obj = u.iPolicy->IssuerLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafContact) == 0)
+ {
+ HBufC8* obj = u.iPolicy->ContactLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ TPtrC8 obj(u.iPolicy->Content());
+ object->InsertL(0, obj);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+
+ aObject = object;
+ }
+
+
+//======================================================================================
+//======================================================================================
+
+CDmAdVpnApData* CDmAdVpnApData::NewL(MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdVpnApData::NewL");
+
+ CDmAdVpnApData *self = new (ELeave) CDmAdVpnApData(aCallBack);
+ return self;
+ }
+
+
+CDmAdVpnApData::CDmAdVpnApData(MDmAdCallBack* aCallBack) : iCallBack(aCallBack)
+ {
+ TRACE("CDmAdVpnApData::CDmAdVpnApData");
+ }
+
+CDmAdVpnApData::~CDmAdVpnApData()
+ {
+ TRACE("CDmAdVpnApData::~CDmAdVpnApData");
+
+ delete iName;
+ delete iPolicyRefId;
+ delete iConRef;
+ }
+
+void CDmAdVpnApData::SetNameL(const TDesC8& aName)
+ {
+ TRACE("CDmAdVpnApData::SetNameL");
+
+ delete iName;
+ iName = NULL;
+ if (aName.Length() > 0)
+ {
+ iName = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aName);
+ }
+ }
+
+HBufC8* CDmAdVpnApData::NameLC(void)
+ {
+ if (iName == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iName);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdVpnApData::SetPolicyRefIdL(const TDesC& aPolicyRefId)
+ {
+ TRACE("CDmAdVpnApData::SetPolicyRefIdL");
+
+ delete iPolicyRefId;
+ iPolicyRefId = 0;
+ if (aPolicyRefId.Length() > 0)
+ {
+ iPolicyRefId = aPolicyRefId.AllocL();
+ }
+ }
+
+HBufC* CDmAdVpnApData::PolicyRefIdLC(void)
+ {
+ if (iPolicyRefId == 0)
+ {
+ return HBufC::NewLC(1);
+ }
+ HBufC* ret = iPolicyRefId->AllocLC();
+ return ret;
+ }
+
+void CDmAdVpnApData::SetConRefL(const TDesC8& aConRef)
+ {
+ TRACE("CDmAdVpnApData::SetConRefL");
+
+ delete iConRef;
+ iConRef = 0;
+ if (aConRef.Length() > 0)
+ {
+ iConRef = aConRef.AllocL();
+ }
+ }
+
+HBufC8* CDmAdVpnApData::ConRefLC(void)
+ {
+ if (iConRef == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = iConRef->AllocLC();
+ return ret;
+ }
+
+HBufC8* CDmAdVpnApData::ThisRefLC(const TDesC8& aLuid)
+ {
+ HBufC8* thisRef = iCallBack->FindChildUriL(KDmAdFetchLinkAp, aLuid);
+ if (thisRef == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ CleanupStack::PushL(thisRef);
+ return thisRef;
+ }
+
+HBufC8* CDmAdVpnApData::PolicyRefUriLC(void)
+ {
+ if (iPolicyRefId == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+
+ const TPtrC8 policyLuid((const TUint8*)iPolicyRefId->Ptr(), iPolicyRefId->Size());
+ HBufC8* refUri = iCallBack->FindChildUriL(KDmAdFetchLinkPolicy, policyLuid);
+ if (refUri == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ CleanupStack::PushL(refUri);
+ return refUri;
+ }
+
+void CDmAdVpnApData::RestoreL(const TVpnApParms& aVpnApParms)
+ {
+ TRACE("CDmAdVpnApData::RestoreL");
+
+ delete iName;
+ iName = NULL;
+ if (aVpnApParms.iName.Length() > 0)
+ {
+ iName = aVpnApParms.iName.AllocL();
+ }
+
+ delete iPolicyRefId;
+ iPolicyRefId = 0;
+ if (aVpnApParms.iPolicyId.Length() > 0)
+ {
+ iPolicyRefId = aVpnApParms.iPolicyId.AllocL();
+ }
+
+ delete iConRef;
+ iConRef = NULL;
+ if (aVpnApParms.iRealConnRef != 0)
+ {
+ HBufC8* luid = TDmAdUtil::IntToDes8LC(aVpnApParms.iRealConnRef);
+
+ switch(aVpnApParms.iRealConnRefType)
+ {
+ case TVpnApParms::EIapRealConnRef:
+ iConRef = iCallBack->FindChildUriL(KDmAdFetchLinkAp, *luid);
+ break;
+ case TVpnApParms::ESnapRealConnRef:
+ iConRef = iCallBack->FindChildUriL(KDmAdFetchLinkSnap, *luid);
+ break;
+ default:
+ User::Invariant();
+ break;
+ }
+ CleanupStack::PopAndDestroy(); // luid
+ }
+ }
+
+void CDmAdVpnApData::ToStoreL(TVpnApParms& aVpnApParms)
+ {
+ TRACE("CDmAdVpnApData::ToStoreL");
+
+ if (iName == 0)
+ {
+ aVpnApParms.iName.SetLength(0);
+ }
+ else
+ {
+ if (iName->Length() > aVpnApParms.iName.MaxLength())
+ {
+ DEBUG_LOG(_L("iName too long"));
+ User::Leave(KErrOverflow);
+ }
+ aVpnApParms.iName.Copy(*iName);
+ }
+
+ if (iPolicyRefId == 0)
+ {
+ aVpnApParms.iPolicyId.SetLength(0);
+ }
+ else
+ {
+ if (iPolicyRefId->Length() > aVpnApParms.iPolicyId.MaxLength())
+ {
+ DEBUG_LOG(_L("iPolicyRefId too long"));
+ User::Leave(KErrOverflow);
+ }
+ aVpnApParms.iPolicyId.Copy(*iPolicyRefId);
+ }
+
+ aVpnApParms.iRealConnRef = 0;
+ if (iConRef != NULL)
+ {
+ if (iConRef->Find(KDmAdFetchLinkAp) == 0)
+ {
+ aVpnApParms.iRealConnRefType = TVpnApParms::EIapRealConnRef;
+ }
+ else if (iConRef->Find(KDmAdFetchLinkSnap) == 0)
+ {
+ aVpnApParms.iRealConnRefType = TVpnApParms::ESnapRealConnRef;
+ }
+ else
+ {
+ User::Leave(KErrGeneral);
+ }
+
+ HBufC8* luid = iCallBack->GetLuidAllocL(*iConRef);
+ CleanupStack::PushL(luid);
+ if (luid->Length() > 0)
+ {
+ aVpnApParms.iRealConnRef = TDmAdUtil::DesToInt(*luid);
+ }
+ CleanupStack::PopAndDestroy(luid);
+ }
+ }
+
+//======================================================================================
+//======================================================================================
+
+CDmAdPolicyData* CDmAdPolicyData::NewL(void)
+ {
+ TRACE("CDmAdPolicyData::NewL");
+
+ CDmAdPolicyData *self = new (ELeave) CDmAdPolicyData();
+ return self;
+ }
+
+
+CDmAdPolicyData::CDmAdPolicyData()
+ {
+ TRACE("CDmAdPolicyData::CDmAdPolicyData");
+ }
+
+CDmAdPolicyData::~CDmAdPolicyData()
+ {
+ TRACE("CDmAdPolicyData::~CDmAdPolicyData");
+
+ delete iName;
+ delete iId;
+ delete iVersion;
+ delete iDescription;
+ delete iIssuer;
+ delete iContact;
+ delete iContent;
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdPolicyData::SetNameL(const TDesC8& aName)
+ {
+ TRACE("CDmAdPolicyData::SetNameL");
+
+ delete iName;
+ iName = 0;
+ if (aName.Length() > 0)
+ {
+ iName = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aName);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::NameLC(void)
+ {
+ if (iName == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iName);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetIdL(const TDesC8& aId)
+ {
+ TRACE("CDmAdPolicyData::SetIdL");
+
+ delete iId;
+ iId = NULL;
+ if (aId.Length() > 0)
+ {
+ iId = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aId);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::IdLC(void)
+ {
+ if (iId == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iId);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetVersionL(const TDesC8& aVersion)
+ {
+ TRACE("CDmAdPolicyData::SetVersionL");
+
+ delete iVersion;
+ iVersion = 0;
+ if (aVersion.Length() > 0)
+ {
+ iVersion = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aVersion);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::VersionLC(void)
+ {
+ if (iVersion == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iVersion);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetDescriptionL(const TDesC8& aDescription)
+ {
+ TRACE("CDmAdPolicyData::SetDescriptionL");
+
+ delete iDescription;
+ iDescription = NULL;
+ if (aDescription.Length() > 0)
+ {
+ iDescription = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aDescription);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::DescriptionLC(void)
+ {
+ if (iDescription == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iDescription);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetIssuerL(const TDesC8& aIssuer)
+ {
+ TRACE("CDmAdPolicyData::SetIssuerL");
+
+ delete iIssuer;
+ iIssuer = NULL;
+ if (aIssuer.Length() > 0)
+ {
+ iIssuer = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aIssuer);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::IssuerLC(void)
+ {
+ if (iIssuer == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iIssuer);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetContactL(const TDesC8& aContact)
+ {
+ TRACE("CDmAdPolicyData::SetContactL");
+
+ delete iContact;
+ iContact = NULL;
+ if (aContact.Length() > 0)
+ {
+ iContact = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aContact);
+ }
+ }
+
+HBufC8* CDmAdPolicyData::ContactLC(void)
+ {
+ if (iContact == 0)
+ {
+ return HBufC8::NewLC(1);
+ }
+ HBufC8* ret = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*iContact);
+ CleanupStack::PushL(ret);
+ return ret;
+ }
+
+void CDmAdPolicyData::SetContentL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdPolicyData::SetContentL");
+
+ delete iContent;
+ iContent = NULL;
+ if (aContent.Length() > 0)
+ {
+ iContent = aContent.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdPolicyData::Content(void)
+ {
+ TRACE("CDmAdPolicyData::Content");
+
+ TPtrC8 ret(KNullDesC8);
+ if (iContent != 0)
+ {
+ ret.Set(*iContent);
+ }
+ return ret;
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdPolicyData::DetailsRestoreL(const TVpnPolicyDetails& aDetails)
+ {
+ TRACE("CDmAdPolicyData::DetailsRestoreL");
+
+ delete iName;
+ iName = NULL;
+ if (aDetails.iName.Length() > 0)
+ {
+ iName = aDetails.iName.AllocL();
+ }
+
+ delete iId;
+ iId = 0;
+ if (aDetails.iId.Length() > 0)
+ {
+ iId = aDetails.iId.AllocL();
+ }
+
+ delete iVersion;
+ iVersion = 0;
+ if (aDetails.iVersion.Length() > 0)
+ {
+ iVersion = aDetails.iVersion.AllocL();
+ }
+
+ delete iDescription;
+ iDescription = 0;
+ if (aDetails.iDescription.Length() > 0)
+ {
+ iDescription = aDetails.iDescription.AllocL();
+ }
+
+ delete iIssuer;
+ iIssuer = 0;
+ if (aDetails.iIssuerName.Length() > 0)
+ {
+ iIssuer = aDetails.iIssuerName.AllocL();
+ }
+
+ delete iContact;
+ iContact = 0;
+ if (aDetails.iContactInfo.Length() > 0)
+ {
+ iContact = aDetails.iContactInfo.AllocL();
+ }
+ }
+
+void CDmAdPolicyData::DetailsToStoreL(TVpnPolicyDetails& aDetails)
+ {
+ TRACE("CDmAdPolicyData::DetailsToStoreL");
+
+ if (iName == 0)
+ {
+ aDetails.iName.SetLength(0);
+ }
+ else
+ {
+ if (iName->Length() > aDetails.iName.MaxLength())
+ {
+ DEBUG_LOG(_L("iName too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iName.Copy(*iName);
+ }
+
+ if (iId == 0)
+ {
+ aDetails.iId.SetLength(0);
+ }
+ else
+ {
+ if (iId->Length() > aDetails.iId.MaxLength())
+ {
+ DEBUG_LOG(_L("iId too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iId.Copy(*iId);
+ }
+
+ if (iVersion == 0)
+ {
+ aDetails.iVersion.SetLength(0);
+ }
+ else
+ {
+ if (iVersion->Length() > aDetails.iVersion.MaxLength())
+ {
+ DEBUG_LOG(_L("iVersion too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iVersion.Copy(*iVersion);
+ }
+
+ if (iDescription == 0)
+ {
+ aDetails.iDescription.SetLength(0);
+ }
+ else
+ {
+ if (iDescription->Length() > aDetails.iDescription.MaxLength())
+ {
+ DEBUG_LOG(_L("iDescription too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iDescription.Copy(*iDescription);
+ }
+
+ if (iIssuer == 0)
+ {
+ aDetails.iIssuerName.SetLength(0);
+ }
+ else
+ {
+ if (iIssuer->Length() > aDetails.iIssuerName.MaxLength())
+ {
+ DEBUG_LOG(_L("iIssuer too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iIssuerName.Copy(*iIssuer);
+ }
+
+ if (iContact == 0)
+ {
+ aDetails.iContactInfo.SetLength(0);
+ }
+ else
+ {
+ if (iContact->Length() > aDetails.iContactInfo.MaxLength())
+ {
+ DEBUG_LOG(_L("iContact too long"));
+ User::Leave(KErrOverflow);
+ }
+ aDetails.iContactInfo.Copy(*iContact);
+ }
+ }
+
+void CDmAdPolicyData::ContentRestoreL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdPolicyData::ContentRestoreL");
+
+ delete iContent;
+ iContent = NULL;
+ if (aContent.Length() > 0)
+ {
+ iContent = aContent.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdPolicyData::ContentToStore(void)
+ {
+ TRACE("CDmAdPolicyData::ContentToStore");
+
+ TPtrC8 ret(KNullDesC8);
+ if (iContent != 0)
+ {
+ ret.Set(*iContent);
+ }
+ return ret;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/DmAdStore.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,479 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdStore.
+*
+*/
+
+
+
+#include "DmAdStore.h"
+#include "DmAdRtNodeData.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+#include <vpnlogmessages.rsg>
+
+CDmAdStore* CDmAdStore::NewL(void)
+ {
+ TRACE("CDmAdStore::NewL");
+
+ CDmAdStore *self = new (ELeave) CDmAdStore();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+void CDmAdStore::ConstructL(void)
+ {
+ TRACE("CDmAdStore::ConstructL");
+
+ INIT_EVENT_LOGGER;
+
+ User::LeaveIfError(iVpnApi.Connect());
+ iVpnAp = CVpnAp::NewL();
+ }
+
+CDmAdStore::CDmAdStore()
+ {
+ }
+
+CDmAdStore::~CDmAdStore()
+ {
+ TRACE("CDmAdStore::~CDmAdStore");
+
+ iVpnApi.Close();
+ delete iVpnAp;
+
+ RELEASE_EVENT_LOGGER;
+ }
+
+TBool CDmAdStore::FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdStore::FindRtNodeL");
+
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ return VpnApFindRtNodeL(aLuid, aUri);
+ case EDmAdUriTypePolicy:
+ return PolicyFindRtNodeL(aLuid, aUri);
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ return EFalse;
+ }
+ }
+
+void CDmAdStore::LuidListL(const TDesC8& aUri, const TDesC8& /*aLuid*/, RPointerArray<HBufC8>& aLuidList)
+ {
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ VpnApLuidListL(aLuidList);
+ break;
+ case EDmAdUriTypePolicy:
+ PolicyLuidListL(aLuidList);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::FetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::FetchRtNodeL");
+
+ TDmAdUriType uriType = aRtNode.Data()->UriType();
+ switch (uriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ VpnApFetchRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypePolicy:
+ PolicyFetchRtNodeL(aRtNode);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::SaveTopLevelRtNodeL");
+
+ TDmAdUriType uriType = aRtNode.Data()->UriType();
+ switch (uriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ VpnApSaveTopLevelRtNodeL(aRtNode, aChildRtNodes);
+ break;
+ case EDmAdUriTypePolicy:
+ PolicySaveTopLevelRtNodeL(aRtNode, aChildRtNodes);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::SaveChildLevelRtNodeL(CDmAdRtNode& /*aRtNode*/)
+ {
+ TRACE("CDmAdStore::SaveChildLevelRtNodeL");
+ User::Leave(KErrGeneral);
+ }
+
+
+void CDmAdStore::DeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdStore::DeleteRtNodeL");
+
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeVpnAp:
+ VpnApDeleteRtNodeL(aLuid);
+ break;
+ case EDmAdUriTypePolicy:
+ PolicyDeleteRtNodeL(aLuid);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+//=========================================================================
+//=========================================================================
+
+TBool CDmAdStore::VpnApFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdStore::VpnApFindRtNodeL");
+
+ (void)aUri;
+ TBool ret = EFalse;
+ if (aLuid.Length() > 0)
+ {
+ if (iVpnAp->FindVpnApL(TDmAdUtil::DesToInt(aLuid)))
+ {
+ ret = ETrue;
+ }
+ }
+ return ret;
+ }
+
+void CDmAdStore::VpnApLuidListL(RPointerArray<HBufC8>& aLuidList)
+ {
+
+ TRACE("CDmAdStore::VpnApLuidListL");
+
+ RArray<TVpnApCommsId> idArray;
+ CleanupClosePushL(idArray);
+ iVpnAp->ListVpnApsL(idArray);
+
+ for (TInt i=0; i<idArray.Count(); ++i)
+ {
+ HBufC8* luid = TDmAdUtil::IntToDes8LC(idArray[i]);
+ aLuidList.AppendL(luid);
+ CleanupStack::Pop(); //luid
+ }
+
+ CleanupStack::PopAndDestroy(); //idArray
+ }
+
+void CDmAdStore::VpnApFetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::VpnApFetchRtNodeL");
+
+ TPtrC8 luid(aRtNode.Luid());
+ if (luid.Length() == 0)
+ {
+ DEBUG_LOG(_L("Luid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ CDmAdVpnApData* data = aRtNode.Data()->VpnApData();
+ TVpnApParms* vpnApParms = new (ELeave) TVpnApParms();
+ CleanupStack::PushL(vpnApParms);
+ iVpnAp->GetVpnApL(TDmAdUtil::DesToInt(luid), *vpnApParms);
+ data->RestoreL(*vpnApParms);
+ CleanupStack::PopAndDestroy(); //vpnApParms
+ }
+
+void CDmAdStore::VpnApSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::VpnApSaveTopLevelRtNodeL");
+
+ if (aChildRtNodes.Count() > 0)
+ {
+ DEBUG_LOG(_L("aChildRtNodes.Count() > 0"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (aRtNode.IsJustFetched())
+ {
+ return;
+ }
+
+ CDmAdVpnApData* data = aRtNode.Data()->VpnApData();
+
+ TVpnApParms* vpnApParms = new (ELeave) TVpnApParms();
+ CleanupStack::PushL(vpnApParms);
+ data->ToStoreL(*vpnApParms);
+
+
+ //Check the policy existence.
+ //It is possible to set the policyId to be empty, but
+ //if the policyId is set it has to be found.
+ if ( vpnApParms->iPolicyId.Length() > 0)
+ {
+ CArrayFixFlat<TVpnPolicyInfo>* policyInfoList = new (ELeave) CArrayFixFlat<TVpnPolicyInfo>(2);
+ CleanupStack::PushL(policyInfoList);
+ User::LeaveIfError(iVpnApi.GetPolicyInfoList(policyInfoList));
+
+ TBool policyFound = EFalse;
+ for (TInt i = 0; i < policyInfoList->Count(); ++i)
+ {
+ const TVpnPolicyInfo& info = (*policyInfoList)[i];
+ if (info.iId.Compare(vpnApParms->iPolicyId) == 0)
+ {
+ policyFound = ETrue;
+ break;
+ }
+ }
+ CleanupStack::PopAndDestroy(policyInfoList);
+ if (!policyFound)
+ {
+ DEBUG_LOG1(_L("Policy with id %S not found"), &(vpnApParms->iPolicyId));
+ User::Leave(KErrGeneral);
+ }
+ }
+
+ if (aRtNode.IsSomeLeafAddedToRtNode())
+ {
+
+ TUint32 id = iVpnAp->AddVpnApL(*vpnApParms);
+
+ TBuf<KVpnApSvrMaxFieldLength> buf;
+ buf.Copy(vpnApParms->iPolicyId);
+
+ if (vpnApParms->iRealConnRefType == TVpnApParms::EIapRealConnRef)
+ {
+ LOG_EVENT(iVpnApi, R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP, &buf,
+ id, vpnApParms->iRealConnRef);
+ }
+ else //Connection type is SNAP
+ {
+ __ASSERT_DEBUG(vpnApParms->iRealConnRefType == TVpnApParms::ESnapRealConnRef, User::Invariant());
+ LOG_EVENT(iVpnApi, R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP, &buf,
+ id, vpnApParms->iRealConnRef);
+
+ }
+
+ HBufC8* luid = TDmAdUtil::IntToDes8LC(id);
+ aRtNode.SetLuidL(*luid);
+ CleanupStack::PopAndDestroy(); //luid
+ }
+ else
+ {
+ TPtrC8 luid(aRtNode.Luid());
+ iVpnAp->UpdateVpnApL(TDmAdUtil::DesToInt(luid), *vpnApParms);
+ }
+
+ CleanupStack::PopAndDestroy(); //vpnApParms
+ }
+
+
+void CDmAdStore::VpnApDeleteRtNodeL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdStore::VpnApDeleteRtNodeL");
+
+ if (aLuid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ iVpnAp->DeleteVpnApL(TDmAdUtil::DesToInt(aLuid));
+ }
+
+//=========================================================================
+//=========================================================================
+
+TPtrC8 CDmAdStore::PolicyRefToLuid(const TDesC& aPolicyRef)
+ {
+ TRACE("CDmAdStore::PolicyRefToLuid");
+
+ TPtrC8 ret((const TUint8*)aPolicyRef.Ptr(), aPolicyRef.Length() * 2);
+ return ret;
+ }
+
+TPtrC CDmAdStore::LuidToPolicyRef(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdStore::LuidToPolicyRef");
+
+ TPtrC ret((const TUint16*)aLuid.Ptr(), aLuid.Length() / 2);
+ return ret;
+ }
+
+TBool CDmAdStore::PolicyFindRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::PolicyFindRtNodeL");
+
+ TBool ret = EFalse;
+ if (aLuid.Length() > 0)
+ {
+ TVpnPolicyDetails* details = new (ELeave) TVpnPolicyDetails();
+ if (iVpnApi.GetPolicyDetails(LuidToPolicyRef(aLuid), *details) == KErrNone)
+ {
+ ret = ETrue;
+ }
+ delete details;
+ }
+ return ret;
+ }
+
+
+void CDmAdStore::PolicyLuidListL(RPointerArray<HBufC8>& aLuidList)
+ {
+
+ TRACE("CDmAdStore::PolicyLuidListL");
+
+ CArrayFixFlat<TVpnPolicyInfo>* policyList;
+ policyList = new (ELeave) CArrayFixFlat<TVpnPolicyInfo>(2);
+ CleanupStack::PushL(policyList);
+
+ User::LeaveIfError(iVpnApi.GetPolicyInfoList(policyList));
+
+ for (TInt i=0; i<policyList->Count(); ++i)
+ {
+ HBufC8* luidElem = PolicyRefToLuid(policyList->At(i).iId).AllocLC();
+ aLuidList.AppendL(luidElem);
+ CleanupStack::Pop(); // luidElem
+ }
+
+ CleanupStack::PopAndDestroy(); //policyList
+ }
+
+
+void CDmAdStore::PolicyFetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::PolicyFetchRtNodeL");
+
+ TPtrC policyRef(LuidToPolicyRef(aRtNode.Luid()));
+
+ if (policyRef.Length() == 0)
+ {
+ DEBUG_LOG(_L("policyRef length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ CDmAdPolicyData* data = aRtNode.Data()->PolicyData();
+
+ TVpnPolicyDetails* details = new (ELeave) TVpnPolicyDetails();
+ CleanupStack::PushL(details);
+ if (iVpnApi.GetPolicyDetails(policyRef, *details) != KErrNone)
+ {
+ DEBUG_LOG(_L("Details not found"));
+ User::Leave(KErrNotFound);
+ }
+ data->DetailsRestoreL(*details);
+ CleanupStack::PopAndDestroy(); //details
+
+ HBufC8* policyData;
+ if (iVpnApi.GetPolicyData(policyRef, policyData) != KErrNone)
+ {
+ DEBUG_LOG(_L("Policy data not found"));
+ User::Leave(KErrNotFound);
+ }
+ CleanupStack::PushL(policyData);
+ data->ContentRestoreL(*policyData);
+ CleanupStack::PopAndDestroy(); //policyData
+ }
+
+void CDmAdStore::PolicySaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::PolicySaveTopLevelRtNodeL");
+
+ if (aChildRtNodes.Count() > 0)
+ {
+ DEBUG_LOG(_L("aChildRtNodes.Count() is more than 0"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (aRtNode.IsJustFetched())
+ {
+ return;
+ }
+
+ CDmAdPolicyData* data = aRtNode.Data()->PolicyData();
+
+ TVpnPolicyDetails* details = new (ELeave) TVpnPolicyDetails();
+ CleanupStack::PushL(details);
+ data->DetailsToStoreL(*details);
+
+ TInt err;
+ if (aRtNode.IsSomeLeafAddedToRtNode())
+ {
+ if ((err = iVpnApi.AddPolicy(*details, data->ContentToStore())) != KErrNone)
+ {
+ DEBUG_LOG1(_L("iVpnApi.AddPolicy failed with %d"), err);
+ User::Leave(err);
+ }
+ aRtNode.SetLuidL(PolicyRefToLuid(details->iId));
+ }
+ else
+ {
+ TPtrC policyRef(LuidToPolicyRef(aRtNode.Luid()));
+ if (policyRef.Compare(details->iId) != 0)
+ {
+ DEBUG_LOG(_L("Details Id doesn't match"));
+ User::Leave(KErrGeneral);
+ }
+ if ((err = iVpnApi.UpdatePolicyDetails(*details)) != KErrNone)
+ {
+ DEBUG_LOG1(_L("iVpnApi.UpdatePolicyDetails failed with %d"), err);
+ User::Leave(err);
+ }
+ if ((err = iVpnApi.UpdatePolicyData(details->iId, data->ContentToStore())) != KErrNone)
+ {
+ DEBUG_LOG1(_L("iVpnApi.UpdatePolicyData failed with %d"), err);
+ User::Leave(err);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //details
+ }
+
+
+void CDmAdStore::PolicyDeleteRtNodeL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdStore::PolicyDeleteRtNodeL");
+
+ if (aLuid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ User::LeaveIfError(iVpnApi.DeletePolicy(LuidToPolicyRef(aLuid)));
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/dmadadapter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,263 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN OMA DM Adapter
+*
+*/
+
+
+
+#include <e32base.h>
+#include <ecom/implementationproxy.h>
+
+#include "dmadadapter.h"
+#include "dmadadapterimplconst.h"
+#include "dmadengine.h"
+#include "DmAdStore.h"
+#include "dmadddf.h"
+#include "dmadrtnodedataapic.h"
+#include "vpnlogger.h"
+
+#if defined(_DEBUG)
+_LIT(KDmAdLogFolder,"vpn");
+_LIT(KDmAdLogFile,"dmadipsecvpn.txt");
+#endif
+
+
+//===================================================================================================
+
+#ifndef IMPLEMENTATION_PROXY_ENTRY
+#define IMPLEMENTATION_PROXY_ENTRY(aUid, aFuncPtr) {{aUid},(aFuncPtr)}
+#endif
+
+const TImplementationProxy ImplementationTable[] =
+ {
+ IMPLEMENTATION_PROXY_ENTRY(KDmAdImplUid, CDmAdAdapter::NewL)
+ };
+
+EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
+ {
+ aTableCount = sizeof(ImplementationTable) / sizeof(TImplementationProxy);
+ return ImplementationTable;
+ }
+
+
+//===================================================================================================
+
+CDmAdAdapter* CDmAdAdapter::NewL(MSmlDmCallback* aDmCallback)
+ {
+ CDmAdAdapter* self = NewLC(aDmCallback);
+ CleanupStack::Pop();
+ return self;
+ }
+
+CDmAdAdapter* CDmAdAdapter::NewLC(MSmlDmCallback* aDmCallback)
+ {
+ INITIALIZE_DEBUG_LOG_L(KDmAdLogFolder, KDmAdLogFile);
+ DEBUG_LOG(_L("LOGGING INITIALIZED"));
+
+ CDmAdAdapter* self = new (ELeave) CDmAdAdapter(aDmCallback);
+ CleanupStack::PushL(self);
+ self->ConstructL(aDmCallback);
+ return self;
+ }
+
+void CDmAdAdapter::ConstructL(MSmlDmCallback* aDmCallback)
+ {
+ TRACE("CDmAdAdapter::ConstructL");
+
+ iCallBack = CDmAdCallBack::NewL(aDmCallback, KDmAdOwnAdUriForGetLuidAllocLFix);
+ iStore = CDmAdStore::NewL();
+ iDdf = CDmAdDdf::NewL(iCallBack, iStore);
+ iRtNodeDataApi = CDmAdRtNodeDataApi::NewL();
+ iEngine = CDmAdEngine::NewL(iCallBack, iStore, iDdf, iRtNodeDataApi);
+ }
+
+CDmAdAdapter::CDmAdAdapter(MSmlDmCallback* aDmCallback) :
+ CSmlDmAdapter(aDmCallback)
+ {
+ TRACE("CDmAdAdapter::CDmAdAdapter");
+ }
+
+CDmAdAdapter::~CDmAdAdapter()
+ {
+ DEBUG_LOG(_L("CDmAdAdapter::~CDmAdAdapter"));
+ delete iEngine;
+ delete iRtNodeDataApi;
+ delete iDdf;
+ delete iStore;
+ delete iCallBack;
+
+ DEBUG_LOG(_L("FINALIZING LOGGING"));
+ FINALIZE_DEBUG_LOG;
+ }
+
+//===================================================================================================
+
+void CDmAdAdapter::DDFVersionL(CBufBase& aDDFVersion)
+ {
+ TRACE("CDmAdAdapter::DDFVersionL");
+ iDdf->BuildDDFVersionL(aDDFVersion);
+ }
+
+void CDmAdAdapter::DDFStructureL(MSmlDmDDFObject& aDDF)
+ {
+ TRACE("CDmAdAdapter::DDFStructureL");
+ iDdf->BuildDDFStructureL(aDDF);
+ }
+
+
+void CDmAdAdapter::ChildURIListL(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ChildURIListL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->ChildURIListL(aUri, aParentLuid, aPreviousUriSegmentList, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::AddNodeObjectL");
+
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+ DEBUG_LOG1(_L8("aParentLuid = %S"), &aParentLuid);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ iEngine->AddNodeObjectL(aUri, aParentLuid, aStatusRef);
+ }
+
+void CDmAdAdapter::UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::UpdateLeafObjectL");
+
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid = %S"), &aLuid);
+ DEBUG_LOG(_L8("aObject:"));
+ DEBUG_LOG_HEX(aObject);
+ DEBUG_LOG1(_L8("aType = %S"), &aType);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ iEngine->UpdateLeafObjectL(aUri, aLuid, aObject, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::FetchLeafObjectL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->FetchLeafObjectL(aUri, aLuid, aType, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::DeleteObjectL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->DeleteObjectL(aUri, aLuid, aStatusRef);
+ }
+
+void CDmAdAdapter::CompleteOutstandingCmdsL()
+ {
+ TRACE("CDmAdAdapter::CompleteOutstandingCmdsL");
+ iEngine->CompleteOutstandingCmdsL();
+ }
+
+void CDmAdAdapter::UpdateLeafObjectL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::UpdateLeafObjectL");
+ iEngine->UpdateLeafObjectL(aUri, aLuid, aStream, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::FetchLeafObjectSizeL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->FetchLeafObjectSizeL(aUri, aLuid, aType, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ExecuteCommandL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->ExecuteCommandL(aUri, aLuid, aArgument, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ExecuteCommandL");
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+
+ iEngine->ExecuteCommandL(aUri, aLuid, aStream, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::CopyCommandL");
+
+ iEngine->CopyCommandL(aTargetUri, aTargetLuid, aSourceUri, aSourceLuid, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::StartAtomicL()
+ {
+ TRACE("CDmAdAdapter::StartAtomicL");
+ iEngine->StartAtomicL();
+ }
+
+void CDmAdAdapter::CommitAtomicL()
+ {
+ TRACE("CDmAdAdapter::CommitAtomicL");
+ iEngine->CommitAtomicL();
+ }
+
+void CDmAdAdapter::RollbackAtomicL()
+ {
+ TRACE("CDmAdAdapter::RollbackAtomicL");
+ iEngine->RollbackAtomicL();
+ }
+
+TBool CDmAdAdapter::StreamingSupport(TInt& aItemSize)
+ {
+ TRACE("CDmAdAdapter::StreamingSupport");
+ return iEngine->StreamingSupport(aItemSize);
+ }
+
+void CDmAdAdapter::StreamCommittedL()
+ {
+ TRACE("CDmAdAdapter::StreamCommittedL");
+ iEngine->StreamCommittedL();
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/dmadddf.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,546 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdDdf.
+*
+*/
+
+
+#include <utf.h>
+
+#include "dmadddf.h"
+#include "dmadeventlog.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+CDmAdDdf* CDmAdDdf::NewL(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore)
+ {
+ TRACE("CDmAdDdf::NewL");
+
+ CDmAdDdf* self = NewLC(aDmAdCallBack, aStore);
+ CleanupStack::Pop();
+ return self;
+ }
+
+CDmAdDdf* CDmAdDdf::NewLC(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore)
+ {
+ CDmAdDdf* self = new (ELeave) CDmAdDdf(aDmAdCallBack, aStore);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+void CDmAdDdf::ConstructL(void)
+ {
+ TRACE("CDmAdDdf::ConstructL");
+ }
+
+CDmAdDdf::CDmAdDdf(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore) :
+ iCallBack(aDmAdCallBack), iStore(aStore)
+ {
+ TRACE("CDmAdDdf::CDmAdDdf");
+ }
+
+CDmAdDdf::~CDmAdDdf()
+ {
+ TRACE("CDmAdDdf::~CDmAdDdf");
+ }
+
+//===================================================================================================
+
+void CDmAdDdf::BuildDDFVersionL(CBufBase& aDDFVersion)
+ {
+ TRACE("CDmAdDdf::BuildDDFVersionL");
+ aDDFVersion.InsertL(0, KDmAdDdfVersion);
+ }
+
+void CDmAdDdf::BuildDDFStructureL(MSmlDmDDFObject& aDDF)
+ {
+ TRACE("CDmAdDdf::BuildDDFStructureL");
+
+ TSmlDmAccessTypes accessTypesExec;
+ accessTypesExec.SetReplace(); // accessTypesExec.SetExec();
+
+ TSmlDmAccessTypes accessTypesGet;
+ accessTypesGet.SetGet();
+
+ TSmlDmAccessTypes accessTypesAdd;
+ accessTypesAdd.SetAdd();
+
+ TSmlDmAccessTypes accessTypesGetAdd;
+ accessTypesGetAdd.SetGet();
+ accessTypesGetAdd.SetAdd();
+
+ TSmlDmAccessTypes accessTypesGetDelete;
+ accessTypesGetDelete.SetGet();
+ accessTypesGetDelete.SetDelete();
+
+ TSmlDmAccessTypes accessTypesAll;
+ accessTypesAll.SetGet();
+ accessTypesAll.SetAdd();
+ accessTypesAll.SetDelete();
+ accessTypesAll.SetReplace();
+
+ TSmlDmAccessTypes accessTypesNoDelete;
+ accessTypesNoDelete.SetGet();
+ accessTypesNoDelete.SetAdd();
+ accessTypesNoDelete.SetReplace();
+
+ MSmlDmDDFObject* obj;
+ MSmlDmDDFObject* objNokiaIpSecVpn;
+ MSmlDmDDFObject* objIpSecVpnGeneral;
+ MSmlDmDDFObject* objPolicy;
+ MSmlDmDDFObject* objPolicyX;
+ MSmlDmDDFObject* objAp;
+ MSmlDmDDFObject* objApX;
+ MSmlDmDDFObject* objApXPolicyRef;
+
+//----------------------------------------------------------------
+
+ objNokiaIpSecVpn = &TDmAdUtil::AddChildObjectL(aDDF, KDmAdNodeNokiaIpSecVpn);
+ TDmAdUtil::FillNodeInfoL(*objNokiaIpSecVpn,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeNokiaIpSecVpn,
+ ETrue,
+ KDmAdNokiaIpSecVpnRootTypeProperty);
+
+//----------------------------------------------------------------
+
+ objIpSecVpnGeneral = &TDmAdUtil::AddChildObjectL(*objNokiaIpSecVpn, KDmAdNodeGeneral);
+ TDmAdUtil::FillNodeInfoL(*objIpSecVpnGeneral,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeGeneral,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objIpSecVpnGeneral, KDmAdLeafClientVersion);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafClientVersion,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objIpSecVpnGeneral, KDmAdLeafEventLog);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafEventLog,
+ EFalse);
+
+//----------------------------------------------------------------
+
+ objPolicy = &TDmAdUtil::AddChildObjectL(*objNokiaIpSecVpn, KDmAdNodePolicy);
+ TDmAdUtil::FillNodeInfoL(*objPolicy,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodePolicy,
+ EFalse,
+ KNullDesC8);
+
+
+ objPolicyX = &TDmAdUtil::AddChildObjectL(*objPolicy, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objPolicyX,
+ accessTypesAll,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafId);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafId,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafVersion);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafVersion,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafDescription);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafDescription,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafIssuer);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafIssuer,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafContact);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafContact,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPolicyX, KDmAdLeafContent);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafContent,
+ EFalse);
+
+
+//----------------------------------------------------------------
+
+ objAp = &TDmAdUtil::AddChildObjectL(*objNokiaIpSecVpn, KDmAdNodeAp);
+ TDmAdUtil::FillNodeInfoL(*objAp,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeAp,
+ EFalse,
+ KNullDesC8);
+
+
+ objApX = &TDmAdUtil::AddChildObjectL(*objAp, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objApX,
+ accessTypesAll,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objApX, KDmAdLeafName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objApX, KDmAdLeafThisRef);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafThisRef,
+ EFalse);
+
+ objApXPolicyRef = &TDmAdUtil::AddChildObjectL(*objApX, KDmAdNodePolicyRef);
+ TDmAdUtil::FillNodeInfoL(*objApXPolicyRef,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodePolicyRef,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objApXPolicyRef, KDmAdLeafId);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafId,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objApXPolicyRef, KDmAdLeafUri);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafUri,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objApX, KDmAdLeafConRef);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafConRef,
+ EFalse);
+
+ }
+
+//---------------------------------------------------------------------------------------
+
+void CDmAdDdf::NotRtNodeAddNodeObjectL(const TDesC8& /*aUri*/,
+ const TDesC8& /*aParentLuid*/,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeAddNodeObjectL");
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+void CDmAdDdf::NotRtNodeUpdateLeafObjectL(const TDesC8& /*aUri*/,
+ const TDesC8& /*aLuid*/,
+ const TDesC8& /*aObject*/,
+ const TDesC8& /*aType*/,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeUpdateLeafObjectL");
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+TInt CDmAdDdf::NotRtNodeFetchLeafObjectLC(const TDesC8& aUri,
+ const TDesC8& /*aLuid*/,
+ const TDesC8& /*aType*/,
+ CBufBase*& aObject)
+ {
+ TInt status = KErrNotFound;
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafClientVersion) == 0)
+ {
+ HBufC8* version = CnvUtfConverter::ConvertFromUnicodeToUtf8L(KVersion);
+ CleanupStack::PushL(version);
+ object->InsertL(0, *version);
+ CleanupStack::PopAndDestroy(); //version
+ status = KErrNone;
+ }
+ else if (lastSeg.Compare(KDmAdLeafEventLog) == 0)
+ {
+ TDmAdEventLog::EventLogL(*object);
+ status = KErrNone;
+ }
+ aObject = object;
+ return status;
+ }
+
+void CDmAdDdf::NotRtNodeDeleteObjectL(const TDesC8& aUri,
+ const TDesC8& /*aLuid*/,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeDeleteObjectL");
+
+ TInt status = KErrNone; //KErrNotFound;
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafEventLog) == 0)
+ {
+ TDmAdEventLog::DeleteLogL();
+ status = KErrNone;
+ }
+ iCallBack->SetStatusL(aStatusRef, status);
+ }
+
+//---------------------------------------------------------------------------------------
+
+TBool CDmAdDdf::IsNodeRtNodeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdDdf::IsNodeRtNodeL");
+
+ TBool ret = EFalse;
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+
+ if (lastSeg.Compare(KDmAdLeafEventLog) == 0) // for DeleteObjectL: In this case this method is called also when URI is leaf (not always node)
+ {
+ return EFalse;
+ }
+
+ if (lastSeg.Compare(KDmAdNodeNokiaIpSecVpn) == 0 ||
+ lastSeg.Compare(KDmAdNodeGeneral) == 0 ||
+ lastSeg.Compare(KDmAdNodePolicy) == 0 ||
+ lastSeg.Compare(KDmAdNodeAp) == 0 ||
+ lastSeg.Compare(KDmAdNodePolicyRef) == 0)
+ {
+ ret = EFalse;
+ }
+ else
+ {
+ if (TDmAdUtil::NumOfURISegs(aUri) < 2)
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ TPtrC8 prevSeg = TDmAdUtil::LastUriSeg(TDmAdUtil::RemoveLastUriSeg(aUri));
+ if (prevSeg.Compare(KDmAdNodePolicy) == 0 ||
+ prevSeg.Compare(KDmAdNodeAp) == 0)
+ {
+ ret = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+ return ret;
+ }
+
+TBool CDmAdDdf::IsLeafUnderRtNodeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdDdf::IsLeafUnderRtNodeL");
+
+ TBool ret = EFalse;
+ TPtrC8 nodeUri(TDmAdUtil::RemoveLastUriSeg(aUri));
+ ret = IsNodeRtNodeL(nodeUri);
+ if (!ret)
+ {
+ TPtrC8 nodeUriSeg = TDmAdUtil::LastUriSeg(nodeUri);
+ if (nodeUriSeg.Compare(KDmAdNodePolicyRef) == 0)
+ {
+ ret = ETrue;
+ }
+ }
+ return ret;
+ }
+
+TPtrC8 CDmAdDdf::RtNodeUriForLeafL(const TDesC8& aLeafUri)
+ {
+ TRACE("CDmAdDdf::RtNodeUriForLeafL");
+
+ TPtrC8 ret;
+ TPtrC8 nodeUri(TDmAdUtil::RemoveLastUriSeg(aLeafUri));
+ TPtrC8 nodeUriSeg(TDmAdUtil::LastUriSeg(nodeUri));
+ TPtrC8 prevNodeUri(TDmAdUtil::RemoveLastUriSeg(nodeUri));
+ TPtrC8 prevNodeUriSeg(TDmAdUtil::LastUriSeg(prevNodeUri));
+
+ if (prevNodeUriSeg.Compare(KDmAdNodePolicy) == 0 ||
+ prevNodeUriSeg.Compare(KDmAdNodeAp) == 0)
+ {
+ ret.Set(nodeUri);
+ }
+ else if (nodeUriSeg.Compare(KDmAdNodePolicyRef) == 0)
+ {
+ ret.Set(prevNodeUri);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ return ret;
+ }
+
+TBool CDmAdDdf::IsTopLevelRtNode(const TDesC8& aUri)
+ {
+ TRACE("CDmAdDdf::IsTopLevelRtNode");
+
+ (void)aUri;
+ return ETrue;
+ }
+
+HBufC8* CDmAdDdf::ParentRtNodeUriForRtNodeLC(const TDesC8& /*aUri*/)
+ {
+ DEBUG_LOG(_L("CDmAdDdf::ParentRtNodeUriForRtNodeLC method not implemented"));
+ User::Leave(KErrGeneral);
+ return NULL;
+ }
+
+//---------------------------------------------------------------------------------------
+
+void CDmAdDdf::BuildChildUriListLC(const TDesC8& aUri,
+ const TDesC8& aParentLuid,
+ const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
+ CBufBase*& aCurrentList)
+ {
+ CBufBase* currentList = CBufFlat::NewL(128);
+ CleanupStack::PushL(currentList);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdNodeNokiaIpSecVpn) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfNokiaIpSecVpnChildren);
+ }
+ else if (lastSeg.Compare(KDmAdNodeGeneral) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfIpSecVpnGeneralChildren);
+ }
+ else if (lastSeg.Compare(KDmAdNodePolicyRef) == 0)
+ {
+ if (!iStore->FindRtNodeL(aParentLuid, aUri))
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ currentList->InsertL(0, KDmAdListOfPolicyRefChildren);
+ }
+ else if (lastSeg.Compare(KDmAdNodePolicy) == 0 ||
+ lastSeg.Compare(KDmAdNodeAp) == 0)
+ {
+ TDmAdUtil::BuildRtNodeChildUriListL(iCallBack, iStore, aUri, aParentLuid, aPreviousUriSegmentList, *currentList);
+ }
+ else
+ {
+ TPtrC8 prevSeg = TDmAdUtil::LastUriSeg(TDmAdUtil::RemoveLastUriSeg(aUri));
+ if (prevSeg.Compare(KDmAdNodePolicy) == 0 ||
+ prevSeg.Compare(KDmAdNodeAp) == 0)
+ {
+ if (!iStore->FindRtNodeL(aParentLuid, aUri))
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+
+ if (prevSeg.Compare(KDmAdNodePolicy) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfPolicyXChildren);
+ }
+ else if (prevSeg.Compare(KDmAdNodeAp) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfApXChildren);
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+ aCurrentList = currentList;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/dmadeventlog.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,217 @@
+/*
+* Copyright (c) 2000 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of TDmAdEventLog.
+*
+*/
+
+
+#include <utf.h>
+#include <barsread.h>
+#include "vpnlogger.h"
+
+//#include <vpnmanagementui.rsg>
+//#include <avkon.rsg>
+
+#include "dmadeventlog.h"
+
+// "dd/mm/yyyy0"
+const TInt KDmAdMaxLengthTextDateString = 11;
+
+void TDmAdEventLog::DeleteLogL(void)
+ {
+ TRACE("TDmAdEventLog::DeleteLogL");
+
+ CEventViewer* eventViewer = CEventViewer::NewL();
+ CleanupStack::PushL(eventViewer);
+ User::LeaveIfError(eventViewer->DeleteLogFile());
+ CleanupStack::PopAndDestroy(); //eventViewer
+ }
+
+void TDmAdEventLog::EventLogL(CBufBase& aEventLog)
+ {
+
+ TRACE("TDmAdEventLog::EventLogL");
+/*
+ _LIT(KResourceFileVpnLog, "\\resource\\vpnmanagementui.rsc");
+ _LIT(KResourceFileAvkon, "\\resource\\avkon.rsc");
+*/
+
+ CEventViewer* eventViewer = 0;
+ TRAPD(err, eventViewer = CEventViewer::NewL());
+ if (err == KErrNotFound)
+ {
+ return;
+ }
+ User::LeaveIfError(err);
+ CleanupStack::PushL(eventViewer);
+
+ RFs fs;
+ CleanupClosePushL(fs);
+ User::LeaveIfError(fs.Connect());
+
+ RResourceFile resourceFileVpnLog;
+ CleanupClosePushL(resourceFileVpnLog);
+
+ RResourceFile resourceFileAvkon;
+ CleanupClosePushL(resourceFileAvkon);
+
+ //OpenResourceFileL(fs, resourceFileVpnLog, KResourceFileVpnLog);
+ //OpenResourceFileL(fs, resourceFileAvkon, KResourceFileAvkon);
+
+ TEventProperties eventProperties;
+ HBufC* eventText = NULL;
+
+ TInt ret = eventViewer->GetMostRecentEvent(eventText, eventProperties);
+ while (ret == KErrNone)
+ {
+ CleanupStack::PushL(eventText);
+
+ TBuf<2 * KDmAdMaxLengthTextDateString + 3> timeBuf;
+ FormatTimeL(resourceFileAvkon, timeBuf, eventProperties.iTimeStamp);
+
+ HBufC* categoryText = CategoryTextLC(resourceFileVpnLog, eventProperties.iCategory);
+
+ _LIT(KDmAdCr, "\n");
+ _LIT(KDmAdSpace, " ");
+ HBufC* messageText = HBufC::NewLC(timeBuf.Length() +
+ KDmAdCr().Length() +
+ categoryText->Length() +
+ KDmAdSpace().Length() +
+ eventText->Length() +
+ KDmAdCr().Length());
+ messageText->Des().Copy(timeBuf);
+ messageText->Des().Append(KDmAdCr);
+ messageText->Des().Append(*categoryText);
+ messageText->Des().Append(KDmAdSpace);
+ messageText->Des().Append(*eventText);
+ messageText->Des().Append(KDmAdCr);
+
+ HBufC8* messageText8 = CnvUtfConverter::ConvertFromUnicodeToUtf8L(*messageText);
+ CleanupStack::PushL(messageText8);
+ aEventLog.InsertL(aEventLog.Size(), *messageText8);
+
+ CleanupStack::PopAndDestroy(4); // messageText8, messageText, categoryText, eventText
+
+ ret = eventViewer->GetPreviousEvent(eventText, eventProperties);
+ }
+ CleanupStack::PopAndDestroy(4); //resourceFileAvkon, resourceFileVpnLog, fs, eventViewer
+ }
+
+void TDmAdEventLog::FormatTimeL(RResourceFile& aResourceFile, TDes& aDateTimeText, TTime aTime)
+ {
+ TRACE("TDmAdEventLog::FormatTimeL");
+
+ (void)aResourceFile;
+ _LIT(KDmAdDateFromat, "%D%M%Y%/0%1%/1%2%/2%3%/3");
+ _LIT(KDmAdTimeFromat, "%-B%:0%J%:1%T%:3%+B");
+
+ // Date
+ HBufC* dateFormat = KDmAdDateFromat().AllocLC();
+ //HBufC* dateFormat = ReadResourceLC(aResourceFile, R_QTN_DATE_USUAL_WITH_ZERO);
+ //HBufC* dateFormat = StringLoader::LoadLC(R_QTN_DATE_USUAL_WITH_ZERO);
+ TBuf<KDmAdMaxLengthTextDateString> dateString;
+ aTime.FormatL(dateString, *dateFormat);
+ CleanupStack::PopAndDestroy(); //dateFormat
+
+ // Time
+ dateFormat = KDmAdTimeFromat().AllocLC();
+ //dateFormat = ReadResourceLC(aResourceFile, R_QTN_TIME_USUAL_WITH_ZERO);
+ //dateFormat = StringLoader::LoadLC(R_QTN_TIME_USUAL_WITH_ZERO);
+ TBuf<KDmAdMaxLengthTextDateString> timeString;
+ aTime.FormatL(timeString, *dateFormat);
+ CleanupStack::PopAndDestroy(); //dateFormat
+
+ TBuf<2 * KDmAdMaxLengthTextDateString + 3> timeBuf;
+
+ /*
+ TTime now;
+ now.HomeTime();
+ if ( (now.YearsFrom(aTime).Int() > 0) ||
+ (aTime.DayNoInYear() < now.DayNoInYear()))
+ {
+ timeBuf.Append(dateString);
+ _LIT(KDmAdSpaceHyphenSpace, " - ");
+ timeBuf.Append(KDmAdSpaceHyphenSpace);
+ }
+ */
+
+ timeBuf.Append(dateString);
+ _LIT(KDmAdSpaceHyphenSpace, " - ");
+ timeBuf.Append(KDmAdSpaceHyphenSpace);
+
+ timeBuf.Append(timeString);
+ aDateTimeText = timeBuf;
+ }
+
+HBufC* TDmAdEventLog::CategoryTextLC(RResourceFile& aResourceFile, TLogCategory2 aCategory)
+ {
+ (void)aResourceFile;
+ HBufC* categoryText = NULL;
+ _LIT(KDmAdInfo, "Information:");
+ _LIT(KDmAdWarning, "Warning:");
+ _LIT(KDmAdError, "Error:");
+
+ if (aCategory == ELogInfo)
+ {
+ categoryText = KDmAdInfo().AllocLC();
+ //categoryText = ReadResourceLC(aResourceFile, R_VPN_DETAIL_LOG_ENTRY_INFO);
+ //categoryText = StringLoader::LoadLC(R_VPN_DETAIL_LOG_ENTRY_INFO);
+ }
+ else if (aCategory == ELogWarning)
+ {
+ categoryText = KDmAdWarning().AllocLC();
+ //categoryText = ReadResourceLC(aResourceFile, R_VPN_DETAIL_LOG_ENTRY_WARNING);
+ //categoryText = StringLoader::LoadLC(R_VPN_DETAIL_LOG_ENTRY_WARNING);
+ }
+ else // ELogError (or ELogDebug)
+ {
+ categoryText = KDmAdError().AllocLC();
+ //categoryText = ReadResourceLC(aResourceFile, R_VPN_DETAIL_LOG_ENTRY_ERROR);
+ //categoryText = StringLoader::LoadLC(R_VPN_DETAIL_LOG_ENTRY_ERROR);
+ }
+ return categoryText;
+ }
+
+void TDmAdEventLog::OpenResourceFileL(RFs& aFs, RResourceFile& aResourceFile, const TDesC& aFilename)
+ {
+ TRACE("TDmAdEventLog::OpenResourceFileL");
+
+ TFileName resourceFileName;
+ TFileName dllName;
+
+ Dll::FileName(dllName);
+ TBuf<2> drive = dllName.Left(2); // always z: for ... ?
+
+ resourceFileName.Copy(drive);
+ resourceFileName.Append(aFilename);
+
+ aResourceFile.OpenL(aFs, resourceFileName);
+ aResourceFile.ConfirmSignatureL();
+ }
+
+HBufC* TDmAdEventLog::ReadResourceLC(RResourceFile& aResourceFile, TInt aMsgId)
+ {
+ HBufC8* resourceBuf = aResourceFile.AllocReadLC(aMsgId);
+
+ TResourceReader resourceReader;
+ resourceReader.SetBuffer(resourceBuf);
+
+ HBufC* textDataBuf = HBufC::NewL(resourceBuf->Length());
+ resourceReader.Read((void*)textDataBuf->Ptr(), resourceBuf->Length());
+ textDataBuf->Des().SetLength(resourceBuf->Length()/2);
+
+ CleanupStack::PopAndDestroy(); // resourceBuf
+ CleanupStack::PushL(textDataBuf);
+ return textDataBuf;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/dmadrtnodedataapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,104 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdRtNodeDataApi.
+*
+*/
+
+
+#include "dmadrtnodedataapic.h"
+#include "DmAdRtNodeData.h"
+#include "dmadcallback.h"
+#include "vpnlogger.h"
+
+CDmAdRtNodeDataApi* CDmAdRtNodeDataApi::NewL(void)
+ {
+ TRACE("CDmAdRtNodeDataApi::NewL");
+
+ CDmAdRtNodeDataApi* self = NewLC();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CDmAdRtNodeDataApi* CDmAdRtNodeDataApi::NewLC(void)
+ {
+ CDmAdRtNodeDataApi* self = new (ELeave) CDmAdRtNodeDataApi();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+void CDmAdRtNodeDataApi::ConstructL(void)
+ {
+ TRACE("CDmAdRtNodeDataApi::ConstructL");
+ }
+
+CDmAdRtNodeDataApi::CDmAdRtNodeDataApi()
+ {
+ TRACE("CDmAdRtNodeDataApi::CDmAdRtNodeDataApi");
+ }
+
+CDmAdRtNodeDataApi::~CDmAdRtNodeDataApi()
+ {
+ TRACE("CDmAdRtNodeDataApi::~CDmAdRtNodeDataApi");
+ }
+
+//---------------------------------------------------------------------------------------
+
+CDmAdRtNodeData* CDmAdRtNodeDataApi::CreateDmAdRtNodeDataL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNodeDataApi::CreateDmAdRtNodeDataL");
+ return CDmAdRtNodeData::NewL(aUri, aCallBack);
+ }
+
+void CDmAdRtNodeDataApi::DeleteDmAdRtNodeData(CDmAdRtNodeData* aDmAdRtNodeData)
+ {
+ TRACE("CDmAdRtNodeDataApi::DeleteDmAdRtNodeData");
+ delete aDmAdRtNodeData;
+ }
+
+void CDmAdRtNodeDataApi::UpdateLeafDataL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeDataApi::UpdateLeafDataL");
+ aDmAdRtNodeData->UpdateLeafDataL(aUri, aObject);
+ }
+
+void CDmAdRtNodeDataApi::FetchLeafObjectLC(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ aDmAdRtNodeData->FetchLeafObjectLC(aUri, aLuid, aObject);
+ }
+
+void CDmAdRtNodeDataApi::SetDefaultSettingsL(CDmAdRtNodeData* /*aDmAdRtNodeData*/, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdRtNodeDataApi::SetDefaultSettingsL");
+ }
+
+TBool CDmAdRtNodeDataApi::AreUriTypesSame(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri)
+ {
+ TRACE("CDmAdRtNodeDataApi::AreUriTypesSameL");
+
+ TDmAdUriType uriType1 = EDmAdUriTypeVpnAp;
+
+ //CDmAdRtNodeData::UriTypeL leaves if uri is unknown
+ TRAPD(err, uriType1 = CDmAdRtNodeData::UriTypeL(aUri));
+ TDmAdUriType uriType2 = aDmAdRtNodeData->UriType();
+
+ if (err == KErrNone && uriType1 == uriType2)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/dmadstorevpnapcmm.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,295 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN access point manipulation.
+*
+*/
+
+
+
+#include <cmpluginvpndef.h>
+#include <cmdestinationext.h>
+
+#include "dmadstorevpnap.h"
+#include "vpnlogger.h"
+
+using namespace CMManager;
+// ======== LOCAL FUNCTIONS ========
+
+CVpnAp* CVpnAp::NewL(void)
+ {
+ TRACE("CVpnAp::NewL");
+ CVpnAp* self = new (ELeave) CVpnAp;
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CVpnAp::CVpnAp()
+ {
+ TRACE("CVpnAp::CVpnAp");
+ }
+
+
+void CVpnAp::ConstructL()
+ {
+ TRACE("CVpnAp::ConstructL");
+
+ iCmManagerExt.OpenL();
+ }
+
+
+CVpnAp::~CVpnAp()
+ {
+ TRACE("CVpnAp::~CVpnAp");
+
+ iCmManagerExt.Close();
+ }
+
+
+TBool CVpnAp::FindVpnApL(TVpnApCommsId aId)
+ {
+ TRACE("CVpnAp::FindVpnApL");
+
+ TBool connectionFound = EFalse;
+
+ RCmConnectionMethodExt vpnConnectionMethod;
+ TRAPD(err, vpnConnectionMethod = iCmManagerExt.ConnectionMethodL( aId ));
+ CleanupClosePushL(vpnConnectionMethod);
+
+ switch(err)
+ {
+ case KErrNone:
+ if ( IsVpnConnectionMethodL(vpnConnectionMethod) )
+ {
+ connectionFound = ETrue;
+ }
+ break;
+ case KErrNotFound:
+ //do nothing
+ break;
+ default:
+ User::Leave(err);
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(); //vpnConnectionMethod
+ return connectionFound;
+ }
+
+
+void CVpnAp::DeleteVpnApL(TVpnApCommsId aId)
+ {
+ TRACE("CVpnAp::DeleteVpnApL");
+
+ RCmConnectionMethodExt vpnConnectionMethod = iCmManagerExt.ConnectionMethodL( aId );
+ CleanupClosePushL(vpnConnectionMethod);
+
+ //Check that the type of the connection is correct.
+ if ( !IsVpnConnectionMethodL(vpnConnectionMethod) )
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ if ( !vpnConnectionMethod.DeleteL() )
+ {
+ User::Leave(KErrGeneral);
+ }
+
+ CleanupStack::PopAndDestroy(); //vpnConnectionMethod
+ }
+
+
+void CVpnAp::ListVpnApsL(RArray<TVpnApCommsId>& aIdArray)
+ {
+ TRACE("CVpnAp::ListVpnApsL");
+
+ aIdArray.Reset();
+
+ //First collect all VPN connection methods from destinations
+ RArray<TUint32> destinationArray;
+ iCmManagerExt.AllDestinationsL( destinationArray );
+ CleanupClosePushL(destinationArray);
+
+ for (TInt i = 0; i < destinationArray.Count(); ++i)
+ {
+ RCmDestinationExt destination = iCmManagerExt.DestinationL( destinationArray[i] );
+ CleanupClosePushL(destination);
+
+ TInt connectionMethodCount = destination.ConnectionMethodCount();
+ for (TInt j = 0; j < connectionMethodCount; ++j)
+ {
+ RCmConnectionMethodExt connectionMethod = destination.ConnectionMethodL( j );
+ CleanupClosePushL(connectionMethod);
+ if ( IsVpnConnectionMethodL(connectionMethod) )
+ {
+ TUint32 apId = connectionMethod.GetIntAttributeL( ECmId );
+ User::LeaveIfError(aIdArray.Append(apId));
+ }
+ CleanupStack::PopAndDestroy(); //connectionMethod
+ }
+
+ CleanupStack::PopAndDestroy(); //destination
+ }
+ CleanupStack::PopAndDestroy(); //destinationArray
+
+ //Second collect VPN connection methods, which are not inside a destination.
+ RArray<TUint32> connectionMethodArray;
+ iCmManagerExt.ConnectionMethodL( connectionMethodArray );
+ CleanupClosePushL(connectionMethodArray);
+
+ for ( TInt i = 0; i < connectionMethodArray.Count(); ++i)
+ {
+ RCmConnectionMethodExt connectionMethod =
+ iCmManagerExt.ConnectionMethodL( connectionMethodArray[i] );
+ CleanupClosePushL(connectionMethod);
+ if ( IsVpnConnectionMethodL(connectionMethod) )
+ {
+ User::LeaveIfError(aIdArray.Append(connectionMethodArray[i]));
+ }
+ CleanupStack::PopAndDestroy(); //connectionMethod
+ }
+ CleanupStack::PopAndDestroy(); //connectionMethodArray
+ }
+
+
+void CVpnAp::GetVpnApL(TVpnApCommsId aId, TVpnApParms& aVpnApParms)
+ {
+ TRACE("CVpnAp::GetVpnApL");
+
+ RCmConnectionMethodExt vpnConnectionMethod = iCmManagerExt.ConnectionMethodL( aId );
+ CleanupClosePushL(vpnConnectionMethod);
+
+ //Check that the type of the connection is correct.
+ if ( !IsVpnConnectionMethodL(vpnConnectionMethod) )
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ HBufC* string = vpnConnectionMethod.GetStringAttributeL( ECmName );
+ aVpnApParms.iName = *string;
+ delete string;
+ string = NULL;
+
+ string = vpnConnectionMethod.GetStringAttributeL( EVpnServicePolicy );
+ aVpnApParms.iPolicyId = *string;
+ delete string;
+ string = NULL;
+
+ // real IAP or SNAP. ECmNextLayerIapId == EVpnIapId
+ TUint32 realConn = vpnConnectionMethod.GetIntAttributeL(EVpnIapId);
+ if (realConn != 0)
+ {
+ DEBUG_LOG1(_L("Real connection is IAP %d"), realConn);
+ aVpnApParms.iRealConnRefType = TVpnApParms::EIapRealConnRef;
+ aVpnApParms.iRealConnRef = realConn;
+ }
+ else
+ {
+ realConn = vpnConnectionMethod.GetIntAttributeL(ECmNextLayerSNAPId);
+ DEBUG_LOG1(_L("Real connection is snap %d"), realConn);
+ aVpnApParms.iRealConnRefType = TVpnApParms::ESnapRealConnRef;
+ aVpnApParms.iRealConnRef = realConn;
+ }
+
+ CleanupStack::PopAndDestroy(); //vpnConnectionMethod
+ }
+
+
+TVpnApCommsId CVpnAp::AddVpnApL(const TVpnApParms& aVpnApParms)
+ {
+ TRACE("CVpnAp::AddVpnApL");
+
+ RCmConnectionMethodExt vpnConnectionMethod =
+ iCmManagerExt.CreateConnectionMethodL( KPluginVPNBearerTypeUid );
+
+ CleanupClosePushL( vpnConnectionMethod );
+
+ UpdateVpnApL(vpnConnectionMethod, aVpnApParms);
+
+ // save changes
+ vpnConnectionMethod.UpdateL();
+
+ TUint32 apId = vpnConnectionMethod.GetIntAttributeL( ECmId );
+
+ CleanupStack::PopAndDestroy(); // vpnConnectionMethod
+
+ return apId;
+ }
+
+
+void CVpnAp::UpdateVpnApL(TVpnApCommsId aId, const TVpnApParms& aVpnApParms)
+ {
+ TRACE("CVpnAp::UpdateVpnApL");
+
+ RCmConnectionMethodExt vpnConnectionMethod = iCmManagerExt.ConnectionMethodL( aId );
+ CleanupClosePushL(vpnConnectionMethod);
+
+ //Check that the type of the connection is correct.
+ if ( !IsVpnConnectionMethodL(vpnConnectionMethod) )
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ UpdateVpnApL(vpnConnectionMethod, aVpnApParms);
+ vpnConnectionMethod.UpdateL();
+ CleanupStack::PopAndDestroy(); //vpnConnectionMethod
+ }
+
+
+void CVpnAp::UpdateVpnApL(RCmConnectionMethodExt& aConnectionMethod,
+ const TVpnApParms& aVpnApParms)
+ {
+
+ TRACE("CVpnAp::UpdateVpnApL");
+
+ __ASSERT_DEBUG( aConnectionMethod.GetBoolAttributeL(ECmVirtual), User::Invariant() );
+
+ aConnectionMethod.SetIntAttributeL( ECmNamingMethod, ENamingNothing );
+ aConnectionMethod.SetStringAttributeL( ECmName, aVpnApParms.iName );
+ aConnectionMethod.SetStringAttributeL( EVpnServicePolicy, aVpnApParms.iPolicyId );
+
+ switch(aVpnApParms.iRealConnRefType)
+ {
+ case TVpnApParms::EIapRealConnRef:
+ aConnectionMethod.SetIntAttributeL( EVpnIapId, aVpnApParms.iRealConnRef );
+ DEBUG_LOG1(_L("VPN iap uses real iap %d"), aVpnApParms.iRealConnRef);
+ DEBUG_LOG1(_L("ECmNextLayerSNAPId is %d"), aConnectionMethod.GetIntAttributeL(ECmNextLayerSNAPId));
+ break;
+ case TVpnApParms::ESnapRealConnRef:
+ aConnectionMethod.SetIntAttributeL( ECmNextLayerSNAPId, aVpnApParms.iRealConnRef );
+ DEBUG_LOG1(_L("VPN iap uses real SNAP %d"), aVpnApParms.iRealConnRef);
+ DEBUG_LOG1(_L("EVpnIapId is %d"), aConnectionMethod.GetIntAttributeL(EVpnIapId));
+ break;
+ default:
+ User::Invariant();
+ break;
+ }
+ }
+
+
+TBool CVpnAp::IsVpnConnectionMethodL(RCmConnectionMethodExt& aConnectionMethod) const
+ {
+ TBool isVPNConnectionMethod = EFalse;
+
+ if ( aConnectionMethod.GetBoolAttributeL(ECmVirtual) &&
+ aConnectionMethod.GetIntAttributeL( ECmBearerType ) == KPluginVPNBearerTypeUid)
+ {
+ isVPNConnectionMethod = ETrue;
+ }
+
+ return isVPNConnectionMethod;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadipsecvpn/src/eventlogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,130 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CEventLogger
+*
+*/
+
+#include <utf.h>
+
+#include "eventlogger.h"
+#include "vpnlogger.h"
+#include "eventviewer.h"
+
+#include "dmadadapterimplconst.h"
+#include <vpnlogmessages.rsg>
+
+_LIT(KUnknownPolicy, "unknown");
+_LIT8(KUnknownVpnAp, "unknown");
+_LIT8(KUnknownIap, "unknown");
+
+
+CEventLogger* CEventLogger::NewL()
+ {
+ CEventLogger* self = new (ELeave) CEventLogger();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CEventLogger::CEventLogger()
+ {
+ }
+
+void CEventLogger::ConstructL()
+ {
+ User::LeaveIfError(iEventMediator.Connect());
+ }
+
+CEventLogger::~CEventLogger()
+ {
+ iEventMediator.Close();
+ }
+
+void CEventLogger::LogEvent(RVpnServ& vpnApi, TUint aMsgId, const TDesC* aDes1, TInt aInt1, TInt aInt2)
+ {
+ TRACE("CEventLogger::LogEvent");
+
+ TVpnPolicyDetails policyDetails;
+
+ if (aMsgId == R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP ||
+ aMsgId == R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP)
+ {
+ // Descriptor parameter 1 is a policy ID
+ if (aDes1 && aDes1->Length() > 0)
+ {
+ TInt err = KErrNone;
+ err = vpnApi.GetPolicyDetails(*aDes1, policyDetails);
+
+ // If we cannot find the policy name...
+ if (err)
+ {
+ // ...use the policy ID as the name
+ policyDetails.iName.Copy(*aDes1);
+ }
+ }
+ else
+ {
+ // Completely unknown policy reference
+ policyDetails.iName.Copy(KUnknownPolicy);
+ }
+ }
+
+ // Make a 8 bit copy of the policy name
+
+ HBufC8* nameCopy = HBufC8::New(policyDetails.iName.Length());
+ if (!nameCopy)
+ {
+ return;
+ }
+
+ TPtr8 nameCopyPtr = nameCopy->Des();
+ CnvUtfConverter::ConvertFromUnicodeToUtf8(nameCopyPtr, policyDetails.iName);
+ LogEvent(aMsgId, nameCopy, aInt1, aInt2);
+
+ delete nameCopy;
+ }
+
+void CEventLogger::LogEvent(TUint aMsgId, const TDesC8* aDes1, TInt aInt1, TInt aInt2)
+ {
+ TRACE("CEventLogger::LogEvent 2");
+
+ TUid sourceUid = TUid::Uid(KDmAdDllUid);
+
+ TIapName vpnApName(KUnknownVpnAp);
+ TIapName realConnectionName(KUnknownIap);
+
+ switch (aMsgId)
+ {
+ case R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP:
+ EventViewer::GetIapNames(aInt1, vpnApName, aInt2, realConnectionName);
+
+ //The return value is ignored
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP,
+ 3, &vpnApName, aDes1, &realConnectionName);
+ break;
+ case R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP:
+ EventViewer::GetIapName(aInt1, vpnApName);
+ EventViewer::GetSnapName(aInt2, realConnectionName);
+
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP,
+ 3, &vpnApName, aDes1, &realConnectionName);
+
+ break;
+ default:
+ return;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/BWINS/DMADTESTU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?StartTest@TDmAdStartTest@@SAXXZ @ 1 NONAME ; public: static void __cdecl TDmAdStartTest::StartTest(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/data/102069a5.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for dmadpki.
+*
+*/
+
+CHARACTER_SET UTF8
+
+/*
+* ============================================================================
+* Name : 102069A5.rss
+* ============================================================================
+*/
+
+#include <ecom/registryinfo.rh>
+
+#define KSmlDMInterfaceUid 0x102018B4
+#include "dmadadapterimplconst.h"
+
+RESOURCE REGISTRY_INFO theRegistryInfo
+ {
+ dll_uid = KDmAdDllUid; //The DLL's 3rd UID.
+ interfaces =
+ {
+ INTERFACE_INFO
+ {
+ interface_uid = KSmlDMInterfaceUid; // DM interface UID
+ implementations =
+ {
+ IMPLEMENTATION_INFO
+ {
+ implementation_uid = KDmAdImplUid;
+ version_no = 1;
+ display_name = "";
+ default_data = "";
+ opaque_data = "";
+ }
+ };
+ }
+ };
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for project DmAdPki
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ dmadpki_test.mmp
+#else
+ dmadpki.mmp
+#endif
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/group/dmadpki.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project dmadpki
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET dmadpki.dll
+TARGETTYPE PLUGIN
+UID 0x10009D8D 0x102069A5
+
+CAPABILITY CAP_ECOM_PLUGIN
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE dmadadapter.cpp
+SOURCE dmadcertparms.cpp
+SOURCE dmadcertreqparms.cpp
+SOURCE dmadcertutil.cpp
+SOURCE dmadddf.cpp
+SOURCE dmadprivkeyparms.cpp
+SOURCE DmAdRtNodeData.cpp
+SOURCE dmadrtnodedataapi.cpp
+SOURCE DmAdStore.cpp
+SOURCE dmadstorecert.cpp
+SOURCE dmadstorecertreq.cpp
+SOURCE dmadstoreprivkey.cpp
+SOURCE dmadcertluidmappingelem.cpp
+SOURCE dmadpkcs12parms.cpp
+SOURCE dmadstorepkcs12.cpp
+
+START RESOURCE ../data/102069a5.rss
+TARGET dmadpki.rsc
+END
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../dmadengine/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../utlxml/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../utlpkcs12/inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/ecom
+
+LIBRARY euser.lib
+LIBRARY ecom.lib
+LIBRARY dmadengine.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY eventmedapi.lib
+LIBRARY utlbase64.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY crypto.lib
+LIBRARY utlcrypto.lib
+LIBRARY cryptography.lib
+LIBRARY asn1.lib
+LIBRARY charconv.lib
+LIBRARY utlxml.lib
+LIBRARY certstore.lib
+LIBRARY efsrv.lib
+LIBRARY ctframework.lib
+LIBRARY bafl.lib
+LIBRARY utlpkcs10.lib
+LIBRARY utlpkcs12.lib
+DEBUGLIBRARY flogger.lib
+
+MACRO DMAD_ENGINE_EXPORT
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/group/dmadpki_test.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,91 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project dmadpki
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET dmadpki.dll
+TARGETTYPE PLUGIN
+UID 0x10009D8D 0x102069A5
+
+CAPABILITY CAP_ECOM_PLUGIN
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE dmadadapter.cpp
+SOURCE dmadcertparms.cpp
+SOURCE dmadcertreqparms.cpp
+SOURCE dmadcertutil.cpp
+SOURCE dmadddf.cpp
+SOURCE dmadprivkeyparms.cpp
+SOURCE DmAdRtNodeData.cpp
+SOURCE dmadrtnodedataapi.cpp
+SOURCE DmAdStore.cpp
+SOURCE dmadstorecert.cpp
+SOURCE dmadstorecertreq.cpp
+SOURCE dmadstoreprivkey.cpp
+SOURCE dmadcertluidmappingelem.cpp
+SOURCE dmadpkcs12parms.cpp
+SOURCE dmadstorepkcs12.cpp
+
+START RESOURCE ../data/102069A5.rss
+TARGET dmadpki.rsc
+END
+
+LANG sc
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../dmadengine/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../utlxml/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../utlpkcs12/inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/ecom
+
+LIBRARY DMADPKI_proxy.lib
+LIBRARY euser.lib
+LIBRARY ecom.lib
+LIBRARY dmadengine.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY eventmedapi.lib
+LIBRARY utlbase64.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY crypto.lib
+LIBRARY utlcrypto.lib
+LIBRARY cryptography.lib
+LIBRARY asn1.lib
+LIBRARY charconv.lib
+LIBRARY utlxml.lib
+LIBRARY certstore.lib
+LIBRARY efsrv.lib
+LIBRARY ctframework.lib
+LIBRARY bafl.lib
+
+LIBRARY utlpkcs12.lib
+DEBUGLIBRARY flogger.lib
+
+MACRO DMAD_ENGINE_EXPORT
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/DmAdRtNodeData.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,234 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCertData
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATA_H__
+#define __DMADRTNODEDATA_H__
+
+
+#include <e32base.h>
+#include <e32cmn.h>
+
+#include "dmadcallback.h"
+#include "dmadcertparms.h"
+#include "dmadcertreqparms.h"
+#include "dmadprivkeyparms.h"
+#include "dmadpkcs12parms.h"
+#include "eventlogger.h"
+
+class CX509Certificate;
+
+typedef enum
+ {
+ EDmAdUriTypeCert,
+ EDmAdUriTypeCertReq,
+ EDmAdUriTypePrivKey,
+ EDmAdUriTypePKCS12
+ } TDmAdUriType;
+
+//------------------------------------------------------------------------------------------------
+// CDmAdCertData
+//------------------------------------------------------------------------------------------------
+class CDmAdCertData : public CBase
+ {
+public:
+ static CDmAdCertData* NewL(MDmAdCallBack* aCallBack);
+ ~CDmAdCertData();
+
+ void SetDefaultSettings();
+
+ void SetTypeL(const TDesC8& aType);
+ HBufC8* TypeLC();
+ void SetFormatL(const TDesC8& aFormat);
+ HBufC8* FormatLC();
+ void SetDeletableL(const TDesC8& aDeletable);
+ HBufC8* DeletableLC();
+ void SetTrustedL(const TDesC8& aTrusted);
+ HBufC8* TrustedLC();
+ void SetApplicabilityL(const RArray<TUid>& aApplicability);
+ const RArray<TUid>& Applicability() const;
+ void SetContentL(const TDesC8& aContent);
+ TPtrC8 Content();
+ HBufC8* SerialNumberLC();
+ HBufC8* IssuerNameLC();
+ HBufC8* FingerprintAlgLC();
+ HBufC8* FingerprintValueLC();
+ HBufC8* ValidityBeginLC();
+ HBufC8* ValidityEndLC();
+ HBufC8* SubjectNameLC();
+ HBufC8* SubjectAltNameLC();
+ HBufC8* KeyUriLC();
+ HBufC8* KeyIdLC();
+ HBufC8* KeyUsageLC();
+ HBufC8* FormatCertValidityTimeLC(const TTime& aTime);
+ HBufC8* FindKeyUriLC(const TDesC8& aKeyId);
+ void RestoreL(const CDmAdCertParms& aCertParms);
+ void ToStoreL(CDmAdCertParms& aCertParms);
+
+private:
+ void ConstructL();
+ CDmAdCertData(MDmAdCallBack* aCallBack);
+
+private:
+ MDmAdCallBack* iCallBack;
+
+ CDmAdCertParms* iCertParms;
+ CX509Certificate* iCertCx509;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdCertReqData
+//------------------------------------------------------------------------------------------------
+class CDmAdCertReqData : public CBase
+ {
+public:
+ static CDmAdCertReqData* NewL(MDmAdCallBack* aCallBack);
+ ~CDmAdCertReqData();
+
+ void SetDefaultSettings();
+ void SetSubjectNameL(const TDesC8& aSubjectName);
+ TPtrC8 SubjectName();
+ void SetRfc822NameL(const TDesC8& aRfc822Name);
+ TPtrC8 Rfc822Name();
+ void SetKeyUriL(const TDesC8& aKeyUri);
+ HBufC8* KeyUriL() const;
+ void SetKeyLength(const TDesC8& aKeyLength);
+ HBufC8* KeyLengthLC();
+
+ TPtrC8 Content();
+
+ void RestoreL(const CDmAdCertReqParms& aCertReqParms);
+ void ToStoreL(CDmAdCertReqParms& aCertReqParms);
+
+private:
+ void ConstructL();
+ CDmAdCertReqData(MDmAdCallBack* aCallBack);
+
+private:
+
+ MDmAdCallBack* iCallBack;
+ CDmAdCertReqParms* iCertReqParms;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdPrivKeyData
+//------------------------------------------------------------------------------------------------
+class CDmAdPrivKeyData : public CBase
+ {
+public:
+ static CDmAdPrivKeyData* NewL();
+ ~CDmAdPrivKeyData();
+
+ void SetDefaultSettingsL();
+ void SetKeyTypeL(const TDesC8& aKeyType);
+ HBufC8* KeyTypeLC();
+ void SetKeyLength(const TDesC8& aKeyLength);
+ HBufC8* KeyLengthLC();
+ TPtrC8 KeyId();
+
+ void RestoreL(const CDmAdPrivKeyParms& aPrivKeyParms);
+ void ToStoreL(CDmAdPrivKeyParms& aPrivKeyParms);
+
+private:
+ void ConstructL();
+ CDmAdPrivKeyData();
+
+private:
+ CDmAdPrivKeyParms* iPrivKeyParms;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdPKCS12Data
+//------------------------------------------------------------------------------------------------
+class CDmAdPKCS12Data : public CBase
+ {
+public:
+ static CDmAdPKCS12Data* NewL(/*MDmAdCallBack* aCallBack*/);
+ ~CDmAdPKCS12Data();
+
+ void SetDefaultSettings();
+
+ void SetDeletableL(const TDesC8& aDeletable);
+ HBufC8* DeletableLC();
+ void SetApplicabilityL(const RArray<TUid>& aApplicability);
+ const RArray<TUid>& Applicability() const;
+ void SetContentL(const TDesC8& aContent);
+ TPtrC8 Content();
+ void SetPasswordL(const TDesC8& aContent);
+ TPtrC8 Password();
+
+ void RestoreL(const CDmAdPKCS12Parms& aPKCS12Parms);
+ void ToStoreL(CDmAdPKCS12Parms& aPKCS12Parms);
+
+private:
+ void ConstructL();
+ CDmAdPKCS12Data();
+
+private:
+ CDmAdPKCS12Parms* iPKCS12Parms;
+ };
+
+//------------------------------------------------------------------------------------------------
+// CDmAdRtNodeData
+//------------------------------------------------------------------------------------------------
+class CDmAdRtNodeData : public CBase
+ {
+public:
+ static CDmAdRtNodeData* NewL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ ~CDmAdRtNodeData();
+ TDmAdUriType UriType() const;
+ static TDmAdUriType UriTypeL(const TDesC8& aUri);
+ void UpdateLeafDataL(const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void SetDefaultSettingsL(const TDesC8& aUri);
+
+ inline CDmAdCertData* CertData() const;
+ inline CDmAdCertReqData* CertReqData() const;
+ inline CDmAdPrivKeyData* PrivKeyData() const;
+ inline CDmAdPKCS12Data* PKCS12Data() const;
+
+private:
+ void ConstructL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ CDmAdRtNodeData();
+ void UpdateLeafDataCertL(const TDesC8& aUri, const TDesC8& aObject);
+ void UpdateLeafDataCertReqL(const TDesC8& aUri, const TDesC8& aObject);
+ void UpdateLeafDataPrivKeyL(const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectCertLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void FetchLeafObjectCertReqLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void FetchLeafObjectPrivKeyLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+
+ void UpdateLeafDataPKCS12L(const TDesC8& aUri, const TDesC8& aObject);
+ void ParseApplicabilityL(const TDesC8& aApplicabilityData,
+ RArray<TUid>& aApplicabilityList) const;
+
+
+private:
+ TDmAdUriType iUriType;
+ union
+ {
+ CDmAdCertData* iCert;
+ CDmAdCertReqData* iCertReq;
+ CDmAdPrivKeyData* iPrivKey;
+ CDmAdPKCS12Data* iPKCS12;
+ } u;
+ DEFINE_EVENT_LOGGER
+ };
+
+#include "DmAdRtNodeData.inl"
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/DmAdRtNodeData.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Inlined node data methods
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATA_INL__
+#define __DMADRTNODEDATA_INL__
+
+inline CDmAdCertData* CDmAdRtNodeData::CertData(void) const
+ {
+ return u.iCert;
+ }
+
+inline CDmAdCertReqData* CDmAdRtNodeData::CertReqData(void) const
+ {
+ return u.iCertReq;
+ }
+
+inline CDmAdPrivKeyData* CDmAdRtNodeData::PrivKeyData(void) const
+ {
+ return u.iPrivKey;
+ }
+
+inline CDmAdPKCS12Data* CDmAdRtNodeData::PKCS12Data(void) const
+ {
+ return u.iPKCS12;
+ }
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/DmAdStore.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdStore
+*
+*/
+
+
+
+#ifndef __DMADSTORE_H__
+#define __DMADSTORE_H__
+
+#include <e32base.h>
+
+#include "dmadstoreapi.h"
+#include "DmAdRtNode.h"
+
+#include "dmadstorecert.h"
+#include "dmadstorecertreq.h"
+#include "dmadstoreprivkey.h"
+#include "dmadstorepkcs12.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdStore
+//------------------------------------------------------------------------------------------------
+class CDmAdStore : public CBase, public MDmAdStoreApi
+ {
+public:
+ static CDmAdStore* NewL(MDmAdCallBack* aDmAdCallBack);
+ ~CDmAdStore();
+ TBool FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void LuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void FetchRtNodeL(CDmAdRtNode& aRtNode);
+ void SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void SaveChildLevelRtNodeL(CDmAdRtNode& aRtNode);
+ void DeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+
+ void PkiLogonL();
+ void PkiLogoffL();
+ void SetStoreTypeL(TInt aStore, TPkiServiceStoreType aStoreType);
+
+private:
+ void ConstructL(MDmAdCallBack* aDmAdCallBack);
+ CDmAdStore();
+
+ TBool CertFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void CertLuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void CertFetchRtNodeL(CDmAdRtNode& aRtNode);
+ void CertSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void CertSaveChildLevelRtNodeL(CDmAdRtNode& aRtNode);
+ void CertDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+
+ TBool CertReqFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void CertReqLuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void CertReqFetchRtNodeL(CDmAdRtNode& aRtNode);
+ void CertReqSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+ void CertReqSaveChildLevelRtNodeL(CDmAdRtNode& aRtNode);
+ void CertReqDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+
+ TBool PrivKeyFindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void PrivKeyLuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void PrivKeyFetchRtNodeL(CDmAdRtNode& aRtNode);
+ void PrivKeyDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+
+ TBool PKCS12FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri);
+ void PKCS12LuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList);
+ void PKCS12SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes);
+
+private:
+ CDmAdCert* iCert;
+ CDmAdCertReq* iCertReq;
+ CDmAdPrivKey* iPrivKey;
+ CDmAdPKCS12* iPKCS12Obj;
+
+ RPKIServiceAPI iPkiServiceApi;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadadapter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,111 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI OMA DM Adapter
+*
+*/
+
+
+
+#ifndef __DMADADAPTER_H__
+#define __DMADADAPTER_H__
+
+#include <smldmadapter.h>
+
+#include "dmadcallbackc.h"
+#include "DmAdStore.h"
+#include "dmadddf.h"
+#include "dmadrtnodedataapic.h"
+#include "dmadengine.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdAdapter
+//------------------------------------------------------------------------------------------------
+class CDmAdAdapter : public CSmlDmAdapter
+ {
+public:
+ static CDmAdAdapter* NewL(MSmlDmCallback* aDmCallback);
+ static CDmAdAdapter* NewLC(MSmlDmCallback* aDmCallback);
+ ~CDmAdAdapter();
+
+ void DDFVersionL(CBufBase& aVersion);
+ void DDFStructureL(MSmlDmDDFObject& aDDF);
+
+ void ChildURIListL(const TDesC8& aUri, const TDesC8& aLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousURISegmentList, TInt aResultsRef, TInt aStatusRef);
+ void AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, const TInt aStatusRef);
+ void UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ void FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef);
+ void DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+ void CompleteOutstandingCmdsL();
+ void UpdateLeafObjectL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef);
+ void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef);
+ void StartAtomicL();
+ void CommitAtomicL();
+ void RollbackAtomicL();
+ TBool StreamingSupport(TInt& aItemSize);
+ void StreamCommittedL();
+
+private:
+ CDmAdAdapter(MSmlDmCallback* aDmCallback);
+ void ConstructL(MSmlDmCallback* aDmCallback);
+
+ /**
+ * At the moment, only used for PKCS#12 node identification
+ * purposes
+ *
+ * @return KErrNone if the node can be added, KErrAlreadyExists
+ * if the PKCS#12 node already exists in the luid map.
+ */
+ TInt CheckNodeStatus(const TDesC8& aUri);
+
+ /**
+ * Find out whether a luid mapping for the given PKCS#12 URI
+ * already exists.
+ *
+ * @leave Leaves with KErrAlreadyExists if the luid mapping is found
+ */
+ void CheckPKCS12ExistenceL(const TDesC8& aUri);
+
+private:
+ CDmAdCallBack* iCallBack;
+ CDmAdStore* iStore;
+ CDmAdDdf* iDdf;
+ CDmAdRtNodeDataApi* iRtNodeDataApi;
+ CDmAdEngine* iEngine;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadadapterimplconst.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI OMA DM Adapter contants.
+*
+*/
+
+
+
+#ifndef __DMADADAPTERIMPLCONST_H__
+#define __DMADADAPTERIMPLCONST_H__
+
+#define KDmAdDllUid 0x102069A5
+#define KDmAdImplUid 0x102069A6
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadcertluidmappingelem.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,47 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCertLuidMappingElem.
+*
+*/
+
+
+
+#ifndef __DMADCERTLUIDMAPPINGELEM_H__
+#define __DMADCERTLUIDMAPPINGELEM_H__
+
+#include <e32base.h>
+
+class CDmAdCertLuidMappingElem : public CBase
+ {
+public:
+ static CDmAdCertLuidMappingElem* NewL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber);
+ static CDmAdCertLuidMappingElem* NewLC(const TDesC8& aIssuerName, const TDesC8& aSerialNumber);
+ ~CDmAdCertLuidMappingElem();
+ static void CleanupOperationDeleteCArrayPtr(TAny* aPtr);
+ TPtrC8 Luid() const;
+ TPtrC8 IssuerName() const;
+ TPtrC8 SerialNumber() const;
+ static HBufC8* BuildLuidL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber);
+
+private:
+ void ConstructL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber);
+ CDmAdCertLuidMappingElem();
+
+private:
+ HBufC8* iLuid;
+ HBufC8* iIssuerName;
+ HBufC8* iSerialNumber;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadcertparms.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,68 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCertParms.
+*
+*/
+
+
+
+#ifndef __DMADCERTPARMS_H__
+#define __DMADCERTPARMS_H__
+
+#include <e32base.h>
+#include <securitydefs.h>
+
+#include "pkidefs.h"
+
+
+class CDmAdCertParms : public CBase
+ {
+public:
+ static CDmAdCertParms* NewL();
+ static CDmAdCertParms* NewLC();
+ ~CDmAdCertParms();
+
+ TPKICertificateOwnerType Type() const;
+ void SetType(TPKICertificateOwnerType aType);
+
+ TBool Deletable() const;
+ void SetDeletable(TBool aDeletable);
+
+ TBool Trusted() const;
+ void SetTrusted(TBool aTrusted);
+
+ const RArray<TUid>& Applicability() const;
+ void SetApplicabilityL(const RArray<TUid>& aApplicability);
+
+ TPtrC8 Content() const;
+ void SetContentL(const TDesC8& aContent);
+
+ TPtrC8 KeyId() const;
+ void SetKeyId(const TDesC8& aKeyLuid);
+
+private:
+ CDmAdCertParms();
+
+private:
+ TPKICertificateOwnerType iType;
+ TBool iDeletable;
+ TBool iTrusted;
+ RArray<TUid> iApplicability;
+ HBufC8* iContent; //CertificateDer;
+
+ //----- only for AttachCertificateL --------
+ TKeyIdentifier iKeyId;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadcertreqparms.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCertReqParms.
+*
+*/
+
+
+
+#ifndef __DMADCERTREQPARMS_H__
+#define __DMADCERTREQPARMS_H__
+
+#include <e32base.h>
+
+class CDmAdCertReqParms : public CBase
+ {
+public:
+ static CDmAdCertReqParms* NewL();
+ static CDmAdCertReqParms* NewLC();
+ ~CDmAdCertReqParms();
+
+ TPtrC8 SubjectName() const;
+ void SetSubjectNameL(const TDesC8& aSubjectName);
+ TPtrC8 Rfc822Name() const;
+ void SetRfc822NameL(const TDesC8& aRfc822Name);
+ TInt KeyLength() const;
+ void SetKeyLength(TInt aKeyLength);
+ TPtrC8 Content() const;
+ void SetContentL(const TDesC8& aContent);
+ TPtrC KeyUri() const;
+ void SetKeyUriL(const TDesC& aContent);
+
+ TPtrC8 KeyIdentifierByUri() const;
+ void SetKeyIdentifierByUriL(const TDesC8& aKeyIdentifierByUri);
+
+private:
+ CDmAdCertReqParms();
+
+private:
+ HBufC8* iSubjectName;
+ HBufC8* iRfc822Name;
+ TInt iKeyLength;
+ HBufC8* iContent;
+
+ HBufC8* iKeyIdentifierByUri; // key luid
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadcertutil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of TDmAdCertUtil.
+*
+*/
+
+
+
+#ifndef __DMADCERTUTIL_H__
+#define __DMADCERTUTIL_H__
+
+class TDmAdCertUtil
+ {
+public:
+ static void ParseAvaL(const CX520AttributeTypeAndValue& aAva, TDes8& aOut);
+ static void CertDnL(const CX500DistinguishedName& aName, TDes8& aOut);
+ static HBufC8* Sha1DigestL(const TDesC8& aData);
+ static HBufC8* RSAKeyIdentifierLC(const TDesC8& aKeyData);
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadcertxmldefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI OMA DM Adapter definitions.
+*
+*/
+
+
+
+#ifndef __DMADCERTXMLDEFS_H__
+#define __DMADCERTXMLDEFS_H__
+
+#include <e32base.h>
+
+//------------------------------------------------------------------------------------------------
+//
+//------------------------------------------------------------------------------------------------
+_LIT8(KXmlElemCertApps, "CertApps");
+_LIT8(KXmlElemApp, "App");
+
+_LIT8(KXmlAttrId, "id");
+_LIT8(KXmlAttrName, "name");
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadddf.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,61 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdDdf
+*
+*/
+
+
+
+#ifndef __DMADDDF_H__
+#define __DMADDDF_H__
+
+#include <smldmadapter.h>
+#include "dmadddfapi.h"
+#include "dmadcallback.h"
+#include "DmAdStore.h"
+#include "dmadddf_lits.h"
+//------------------------------------------------------------------------------------------------
+// CDmAdDdf
+//------------------------------------------------------------------------------------------------
+class CDmAdDdf : public CBase, public MDmAdDdfApi
+ {
+public:
+ static CDmAdDdf* NewL(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+ static CDmAdDdf* NewLC(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+ ~CDmAdDdf();
+
+ void BuildDDFVersionL(CBufBase& aDDFVersion);
+ void BuildDDFStructureL(MSmlDmDDFObject& aDDF);
+
+ void NotRtNodeAddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef);
+ void NotRtNodeUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aObject, const TDesC8& aType, TInt aStatusRef);
+ TInt NotRtNodeFetchLeafObjectLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, const TDesC8& /*aType*/, CBufBase*& aObject);
+ void NotRtNodeDeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef);
+
+ TBool IsNodeRtNodeL(const TDesC8& aUri);
+ TBool IsLeafUnderRtNodeL(const TDesC8& aUri);
+ TPtrC8 RtNodeUriForLeafL(const TDesC8& aLeafUri);
+ TBool IsTopLevelRtNode(const TDesC8& aUri);
+ HBufC8* ParentRtNodeUriForRtNodeLC(const TDesC8& aUri);
+ void BuildChildUriListLC(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, CBufBase*& aCurrentList);
+
+private:
+ CDmAdDdf(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore);
+
+private:
+ MDmAdCallBack* iCallBack;
+ CDmAdStore* iStore;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadddf_lits.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,164 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: String literals for OMA DM PKI use
+*
+*/
+
+
+
+#ifndef __DMADDDF_LITS_H__
+#define __DMADDDF_LITS_H__
+
+
+//------------------------------------------------------------------------------------------------
+// DDF version
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdDdfVersion, "1.0");
+
+//------------------------------------------------------------------------------------------------
+// ./NokiaPKI Type property
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdNokiaPkiRootTypeProperty, "com.nokia.devman/1.0/pki");
+
+//------------------------------------------------------------------------------------------------
+// URIs
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdOwnAdUriForGetLuidAllocLFix, "NokiaPKI/Cert"); // URI not object group level?
+_LIT8(KDmAdOwnAdUriForPrivateKeys, "NokiaPKI/PrivKey");
+_LIT8(KDmAdOwnAdUriForPKCS12, "NokiaPKI/PKCS12");
+
+ //------- root -----------------
+_LIT8(KDmAdNodeNokiaPki, "NokiaPKI");
+
+ //------- common -----------------
+_LIT8(KDmAdNodeRt, "");
+_LIT8(KDmAdNodeGeneral, "General");
+
+_LIT8(KDmAdLeafCertApplications, "CertApplications");
+_LIT8(KDmAdLeafLogon, "Logon");
+_LIT8(KDmAdLeafLogoff, "Logoff");
+_LIT8(KDmAdLeafKeyStore, "KeyStore");
+_LIT8(KDmAdLeafCertStore, "CertStore");
+
+
+_LIT8(KDmAdLeafContent, "Content");
+_LIT8(KDmAdLeafSubjectName, "SubjectName");
+_LIT8(KDmAdLeafKeyId, "KeyID");
+_LIT8(KDmAdLeafKeyLength, "KeyLength");
+_LIT8(KDmAdLeafKeyURI, "KeyURI");
+
+ //------- Cert -----------------
+_LIT8(KDmAdNodeCert, "Cert");
+_LIT8(KDmAdLeafType, "Type");
+_LIT8(KDmAdLeafFormat, "Format");
+_LIT8(KDmAdLeafSerialNumber, "SerialNumber");
+_LIT8(KDmAdLeafIssuerName, "IssuerName");
+_LIT8(KDmAdLeafFingerprintAlg, "FingerprintAlg");
+_LIT8(KDmAdLeafFingerprintValue, "FingerprintValue");
+_LIT8(KDmAdLeafValidityBegin, "ValidityBegin");
+_LIT8(KDmAdLeafValidityEnd, "ValidityEnd");
+_LIT8(KDmAdLeafSubjectAltName, "SubjectAltName");
+_LIT8(KDmAdLeafKeyUsage, "KeyUsage");
+_LIT8(KDmAdLeafDeletable, "Deletable");
+_LIT8(KDmAdLeafTrusted, "Trusted");
+_LIT8(KDmAdLeafApplicability, "Applicability");
+
+ //------- CertReq -----------------
+_LIT8(KDmAdNodeCertReq, "CertReq");
+_LIT8(KDmAdLeafRfc822Name, "RFC822Name");
+
+ //------- PrivKey -----------------
+_LIT8(KDmAdNodePrivKey, "PrivKey");
+_LIT8(KDmAdLeafKeyType, "KeyType");
+
+ //------- PKCS#12 -----------------
+_LIT8(KDmAdNodePKCS12, "PKCS12");
+_LIT8(KDmAdLeafPKCS12Password, "Password");
+// Note: Nodes "Deletable" (KDmAdLeafDeletable),
+// "Applicability" (KDmAdLeafApplicability) and
+// "Content" (KDmAdLeafContent) are valid in PKCS#12
+// context as well.
+
+//------------------------------------------------------------------------------------------------
+// URI descriptions
+//------------------------------------------------------------------------------------------------
+ //------- root -----------------
+_LIT8(KDmAdDescNodeNokiaPki, "NokiaPKI");
+
+ //------- common -----------------
+_LIT8(KDmAdDescNodeRt, "Placeholder for one set of settings");
+_LIT8(KDmAdDescNodeGeneral, "General");
+
+_LIT8(KDmAdDescLeafCertApplications, "CertApplications");
+_LIT8(KDmAdDescLeafLogon, "Logon");
+_LIT8(KDmAdDescLeafLogoff, "Logoff");
+_LIT8(KDmAdDescLeafKeyStore, "KeyStore");
+_LIT8(KDmAdDescLeafCertStore, "CertStore");
+
+_LIT8(KDmAdDescLeafType, "Type");
+_LIT8(KDmAdDescLeafContent, "Content");
+_LIT8(KDmAdDescLeafStatus, "Status");
+_LIT8(KDmAdDescLeafIssuerName, "IssuerName");
+_LIT8(KDmAdDescLeafSubjectName, "SubjectName");
+_LIT8(KDmAdDescLeafSubjectAltName, "SubjectAltName");
+_LIT8(KDmAdDescLeafRfc822Name, "RFC822Name");
+_LIT8(KDmAdDescLeafKeyId, "KeyID");
+_LIT8(KDmAdDescLeafKeyLength, "KeyLength");
+
+ //------- Cert -----------------
+_LIT8(KDmAdDescNodeCert, "Cert");
+_LIT8(KDmAdDescLeafFormat, "Format");
+_LIT8(KDmAdDescLeafSerialNumber, "SerialNumber");
+_LIT8(KDmAdDescLeafFingerprintAlg, "FingerprintAlg");
+_LIT8(KDmAdDescLeafFingerprintValue, "FingerprintValue");
+_LIT8(KDmAdDescLeafValidityBegin, "ValidityBegin");
+_LIT8(KDmAdDescLeafValidityEnd, "ValidityEnd");
+_LIT8(KDmAdDescLeafKeyURI, "KeyURI");
+_LIT8(KDmAdDescLeafKeyUsage, "KeyUsage");
+_LIT8(KDmAdDescLeafDeletable, "Deletable");
+_LIT8(KDmAdDescLeafTrusted, "Trusted");
+_LIT8(KDmAdDescLeafApplicability, "Applicability");
+
+ //------- CertReq -----------------
+_LIT8(KDmAdDescNodeCertReq, "CertReq");
+_LIT8(KDmAdDescLeafKeyUri, "KeyURI");
+
+ //------- PrivKey -----------------
+_LIT8(KDmAdDescNodePrivKey, "PrivKey");
+_LIT8(KDmAdDescLeafKeyType, "KeyType");
+_LIT8(KDmAdDescLeafKeyFormat, "KeyFormat");
+
+ //------- PKCS#12 -----------------
+_LIT8(KDmAdDescNodePKCS12, "PKCS12");
+_LIT8(KDmAdDescLeafPKCS12Password, "Password");
+
+//------------------------------------------------------------------------------------------------
+// ChildURIListL constants
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdListOfNokiaPkiChildren, "Logon/Logoff/KeyStore/CertStore/General/Cert/CertReq/PrivKey/PKCS12");
+_LIT8(KDmAdListOfCertXChildren, "Type/Format/SerialNumber/IssuerName/FingerprintAlg/FingerprintValue/ValidityBegin/ValidityEnd/SubjectName/SubjectAltName/KeyURI/KeyID/KeyUsage/Deletable/Trusted/Applicability/Content");
+_LIT8(KDmAdListOfCertReqXChildren, "SubjectName/RFC822Name/KeyURI/KeyLength/Content");
+_LIT8(KDmAdListOfPrivKeyXChildren, "KeyType/KeyLength/KeyID");
+
+_LIT8(KDmAdListOfPKCS12XChildren, "Password/Deletable/Applicability/Content");
+
+_LIT8(KDmAdListOfPkiGeneralChildren, "CertApplications");
+
+//------------------------------------------------------------------------------------------------
+// TDFFormat - EBool
+//------------------------------------------------------------------------------------------------
+_LIT8(KDmAdDfFormatBoolTrue, "True" );
+_LIT8(KDmAdDfFormatBoolFalse, "False" );
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadpkcs12parms.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,60 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdPKCS12Parms
+*
+*/
+
+
+
+
+#ifndef __DMADPKCS12PARMS_H__
+#define __DMADPKCS12PARMS_H__
+
+#include <e32base.h>
+#include <securitydefs.h>
+
+#include "pkidefs.h"
+
+
+class CDmAdPKCS12Parms : public CBase
+ {
+public:
+ static CDmAdPKCS12Parms* NewL();
+ static CDmAdPKCS12Parms* NewLC();
+ ~CDmAdPKCS12Parms();
+
+ TBool Deletable() const;
+ void SetDeletable(TBool aDeletable);
+
+ const RArray<TUid>& Applicability() const;
+ void SetApplicabilityL(const RArray<TUid>& aApplicability);
+
+ TPtrC8 Content() const;
+ void SetContentL(const TDesC8& aContent);
+
+ TPtrC8 Password() const;
+ void SetPasswordL(const TDesC8& aPassword);
+
+private:
+ CDmAdPKCS12Parms();
+
+private:
+ TBool iDeletable;
+ TBool iTrusted;
+ RArray<TUid> iApplicability;
+ HBufC8* iContent; //CertificateDer;
+ HBufC8* iPassword;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadprivkeyparms.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdPrivKeyParms.
+*
+*/
+
+
+
+#ifndef __DMADPRIVKEYPARMS_H__
+#define __DMADPRIVKEYPARMS_H__
+
+#include <e32base.h>
+
+#include "pkidefs.h"
+
+class CDmAdPrivKeyParms : public CBase
+ {
+public:
+ static CDmAdPrivKeyParms* NewL();
+ static CDmAdPrivKeyParms* NewLC();
+ ~CDmAdPrivKeyParms();
+
+ TPKIKeyAlgorithm KeyType() const;
+ void SetKeyTypeL(TPKIKeyAlgorithm aType);
+ TPtrC8 KeyId() const;
+ void SetKeyIdL(const TDesC8& aKeyId);
+ TInt KeyLength() const;
+ void SetKeyLength(TInt aType);
+
+private:
+ CDmAdPrivKeyParms();
+
+private:
+ TPKIKeyAlgorithm iKeyType;
+ TInt iKeyLength;
+ HBufC8* iKeyId;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadrtnodedataapic.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdRtNodeDataApi.
+*
+*/
+
+
+
+#ifndef __DMADRTNODEDATAAPIC_H__
+#define __DMADRTNODEDATAAPIC_H__
+
+#include <e32base.h>
+
+#include "dmadrtnodedataapi.h"
+#include "DmAdRtNodeData.h"
+#include "dmadcallback.h"
+
+//------------------------------------------------------------------------------------------------
+// CDmAdRtNodeDataApi
+//------------------------------------------------------------------------------------------------
+class CDmAdRtNodeDataApi : public CBase, public MDmAdRtNodeDataApi
+ {
+public:
+ static CDmAdRtNodeDataApi* NewL();
+ static CDmAdRtNodeDataApi* NewLC();
+ ~CDmAdRtNodeDataApi();
+
+ CDmAdRtNodeData* CreateDmAdRtNodeDataL(const TDesC8& aUri, MDmAdCallBack* aCallBack);
+ void DeleteDmAdRtNodeData(CDmAdRtNodeData* aDmAdRtNodeData);
+ void UpdateLeafDataL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aObject);
+ void FetchLeafObjectLC(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject);
+ void SetDefaultSettingsL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri);
+ TBool AreUriTypesSame(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri);
+
+private:
+ CDmAdRtNodeDataApi();
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadstorecert.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,70 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCert
+*
+*/
+
+
+
+#ifndef __DMADSTORECERT_H__
+#define __DMADSTORECERT_H__
+
+#include <e32std.h>
+
+#include <x509cert.h>
+//#include <x509keys.h>
+#include <x500dn.h>
+
+#include "pkiserviceapi.h"
+#include "dmadcertparms.h"
+#include "dmadcertluidmappingelem.h"
+#include "eventlogger.h"
+
+class CDmAdCert : public CBase
+ {
+public:
+ static CDmAdCert* NewL(RPKIServiceAPI& aPkiServiceApi);
+ static CDmAdCert* NewLC(RPKIServiceAPI& aPkiServiceApi);
+ ~CDmAdCert();
+
+ TBool FindL(const TDesC8& aLuid);
+ HBufC8* AddL(const CDmAdCertParms& aData); // returns Luid
+ void UpdateL(const TDesC8& aLuid, const CDmAdCertParms& aData);
+ void FetchL(const TDesC8& aLuid, CDmAdCertParms& aData);
+ void DeleteL(const TDesC8& aLuid);
+ void ListL(RPointerArray<HBufC8>& aLuidList);
+
+private:
+ void ConstructL();
+ CDmAdCert(RPKIServiceAPI& aPkiServiceApi);
+ void ReadCertDetailsL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, CDmAdCertParms& aParms);
+ void UpdateTrustedL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, const CDmAdCertParms& aParms);
+ void UpdateApplicabilityL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, const CDmAdCertParms& aParms);
+ TPtrC8 AppendCertLuidMappingElemL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber);
+ void RemoveCertLuidMappingElem(const TDesC8& aLuid);
+ CDmAdCertLuidMappingElem* FindCertLuidMappingElemL(const TDesC8& aLuid);
+ void BuildCertLuidMappingTableL();
+ HBufC8* BuildCertRefL(const TDesC8& aCertificateDer, TBool aAppend);
+ void GetIssuerAndSerialFromCertRefLC(const TDesC8& aCertRef,
+ HBufC8*& aIssuerName,
+ HBufC8*& aSerialNumber);
+ HBufC8* CertSubjectNameL(const TDesC8& aCertificateDer);
+
+private:
+ RPKIServiceAPI* iPkiServiceApi;
+ CArrayPtr<CDmAdCertLuidMappingElem>* iCertLuidMapping;
+ DEFINE_EVENT_LOGGER
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadstorecertreq.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,59 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdCertReq.
+*
+*/
+
+
+
+#ifndef __DMADSTORECERTREQ_H__
+#define __DMADSTORECERTREQ_H__
+
+#include <e32std.h>
+#include <x509cert.h>
+
+#include "pkiserviceapi.h"
+#include "dmadcertreqparms.h"
+
+class MDmAdCallBack;
+
+class CDmAdCertReq : public CBase
+ {
+public:
+ static CDmAdCertReq* NewL(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack);
+ static CDmAdCertReq* NewLC(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack);
+ ~CDmAdCertReq();
+
+ TBool FindL(const TDesC8& aLuid);
+ HBufC8* AddL(const CDmAdCertReqParms& aData); // returns Luid
+ void UpdateL(const TDesC8& aLuid, const CDmAdCertReqParms& aData);
+ void FetchL(const TDesC8& aLuid, CDmAdCertReqParms& aData);
+ void DeleteL(const TDesC8& aLuid);
+ void ListL(RPointerArray<HBufC8>& aLuidList);
+
+private:
+ CDmAdCertReq(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack);
+ void CreateKeypairL(TPKIKeyAlgorithm aKeyAlgorithm,
+ TInt aKeyLength,
+ TPKIKeyIdentifier& aKeyIdentifier);
+ HBufC8* CertReqRefToLuidL(const TDesC& aCertReqRef);
+ HBufC* LuidToCertReqRefL(const TDesC8& aLuid);
+ void SetKeyIDMappingL(const TPKIKeyIdentifier& keyIdentifier);
+
+private:
+ RPKIServiceAPI* iPkiServiceApi;
+ MDmAdCallBack* iDmAdCallBack;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadstorepkcs12.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdPKCS12
+*
+*/
+
+
+
+#ifndef __DMADSTOREPKCS12_H__
+#define __DMADSTOREPKCS12_H__
+
+#include <e32std.h>
+#include <x509cert.h>
+#include <x500dn.h>
+
+#include "eventlogger.h"
+
+#include "pkiserviceapi.h"
+#include "dmadpkcs12parms.h"
+
+class CDmAdPKCS12 : public CBase
+ {
+public:
+ static CDmAdPKCS12* NewL(RPKIServiceAPI& aPkiServiceApi);
+ static CDmAdPKCS12* NewLC(RPKIServiceAPI& aPkiServiceApi);
+ ~CDmAdPKCS12();
+
+ HBufC8* AddL(const CDmAdPKCS12Parms& aData); // returns Luid
+
+private:
+ void ConstructL();
+ CDmAdPKCS12(RPKIServiceAPI& aPkiServiceApi);
+
+private:
+ RPKIServiceAPI* iPkiServiceApi; // ref
+ DEFINE_EVENT_LOGGER
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/dmadstoreprivkey.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,49 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of CDmAdPrivKey.
+*
+*/
+
+
+
+#ifndef __DMADSTOREPRIVKEY_H__
+#define __DMADSTOREPRIVKEY_H__
+
+#include <e32std.h>
+#include <x509cert.h>
+#include <x500dn.h>
+
+#include "pkiserviceapi.h"
+#include "dmadprivkeyparms.h"
+
+class CDmAdPrivKey : public CBase
+ {
+public:
+ static CDmAdPrivKey* NewL(RPKIServiceAPI& aPkiServiceApi);
+ static CDmAdPrivKey* NewLC(RPKIServiceAPI& aPkiServiceApi);
+ ~CDmAdPrivKey();
+
+ TBool FindL(const TDesC8& aLuid);
+ void FetchL(const TDesC8& aLuid, CDmAdPrivKeyParms& aData);
+ void DeleteL(const TDesC8& aLuid);
+ void ListL(RPointerArray<HBufC8>& aLuidList);
+
+private:
+ CDmAdPrivKey(RPKIServiceAPI& aPkiServiceApi);
+
+
+ RPKIServiceAPI* iPkiServiceApi;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/inc/log.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_H__)
+#define __LOG_H__
+
+_LIT(KLogFile,"dmad.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/rom/dmadpki.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project dmadpki
+*
+*/
+
+
+
+#ifndef __DMADPKI_IBY__
+#define __DMADPKI_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM dmadpki not included in this rom
+
+#else
+
+ECOM_PLUGIN(dmadpki.dll, dmadpki.rsc)
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __DMADPKI_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/DmAdRtNodeData.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1596 @@
+/*
+* Copyright (c) 2000-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdRtNodeData
+*
+*/
+
+
+
+#include <utf.h>
+
+#include <x509cert.h>
+#include <x509keys.h>
+#include <x500dn.h>
+#include <x509certext.h>
+
+#include "DmAdRtNodeData.h"
+#include "dmadddf.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+#include "dmadstoreprivkey.h"
+#include "pkidefs.h"
+#include "XwImpl.h"
+#include "dmadcertxmldefs.h"
+#include "XppImpl.h"
+#include <vpnlogmessages.rsg>
+
+
+// Macro to encode key usage bits
+// See method CDmAdCertData::KeyUsageLC
+#define ENC_BIT(a) \
+ if( EFalse == keyUsageExt->IsSet(a) ) \
+ { \
+ keyUsagePtr.Append('0'); \
+ } \
+ else \
+ { \
+ keyUsagePtr.Append('1'); \
+ }
+
+
+CDmAdRtNodeData* CDmAdRtNodeData::NewL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNodeData::NewL");
+
+ CDmAdRtNodeData *self = new (ELeave) CDmAdRtNodeData();
+ CleanupStack::PushL(self);
+ self->ConstructL(aUri, aCallBack);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdRtNodeData::ConstructL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdRtNodeData::ConstructL");
+
+ iUriType = UriTypeL(aUri);
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeCert:
+ u.iCert = CDmAdCertData::NewL(aCallBack);
+ break;
+ case EDmAdUriTypeCertReq:
+ u.iCertReq = CDmAdCertReqData::NewL(aCallBack);
+ break;
+ case EDmAdUriTypePrivKey:
+ u.iPrivKey = CDmAdPrivKeyData::NewL();
+ break;
+ case EDmAdUriTypePKCS12:
+ u.iPKCS12 = CDmAdPKCS12Data::NewL();
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+CDmAdRtNodeData::CDmAdRtNodeData()
+ {
+ }
+
+CDmAdRtNodeData::~CDmAdRtNodeData()
+ {
+ TRACE("CDmAdRtNodeData::~CDmAdRtNodeData");
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeCert:
+ delete u.iCert;
+ break;
+ case EDmAdUriTypeCertReq:
+ delete u.iCertReq;
+ break;
+ case EDmAdUriTypePrivKey:
+ delete u.iPrivKey;
+ break;
+ case EDmAdUriTypePKCS12:
+ delete u.iPKCS12;
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ break;
+ }
+ }
+
+//--------------------------------------------------------------------------
+
+TDmAdUriType CDmAdRtNodeData::UriType() const
+ {
+ TRACE("CDmAdRtNodeData::UriType");
+
+ return iUriType;
+ }
+
+TDmAdUriType CDmAdRtNodeData::UriTypeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdRtNodeData::UriTypeL");
+
+ TDmAdUriType ret = EDmAdUriTypeCert;
+ CArrayFix<TPtrC8>* uriSegList;
+ TDmAdUtil::ParseUriLC(aUri, uriSegList);
+
+ if (uriSegList->Count() < 2)
+ {
+ DEBUG_LOG(_L("uriSegList->Count() is less than 2"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (uriSegList->At(0).Compare(KDmAdNodeNokiaPki) == 0)
+ {
+ if (uriSegList->At(1).Compare(KDmAdNodeCert) == 0)
+ {
+ ret = EDmAdUriTypeCert;
+ }
+ else if (uriSegList->At(1).Compare(KDmAdNodeCertReq) == 0)
+ {
+ ret = EDmAdUriTypeCertReq;
+ }
+ else if (uriSegList->At(1).Compare(KDmAdNodePrivKey) == 0)
+ {
+ ret = EDmAdUriTypePrivKey;
+ }
+ else if (uriSegList->At(1).Compare(KDmAdNodePKCS12) == 0)
+ {
+ ret = EDmAdUriTypePKCS12;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ }
+
+ CleanupStack::PopAndDestroy(uriSegList);
+ return ret;
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdRtNodeData::UpdateLeafDataL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataL");
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeCert:
+ TRAPD(err, UpdateLeafDataCertL(aUri, aObject));
+ if(err != KErrNone)
+ User::Leave(err);
+ break;
+ case EDmAdUriTypeCertReq:
+ UpdateLeafDataCertReqL(aUri, aObject);
+ break;
+ case EDmAdUriTypePrivKey:
+ UpdateLeafDataPrivKeyL(aUri, aObject);
+ break;
+ case EDmAdUriTypePKCS12:
+ UpdateLeafDataPKCS12L(aUri, aObject);
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataCertL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataCertL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ u.iCert->SetContentL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafType) == 0)
+ {
+ u.iCert->SetTypeL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafFormat) == 0)
+ {
+ u.iCert->SetFormatL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafDeletable) == 0)
+ {
+ u.iCert->SetDeletableL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafTrusted) == 0)
+ {
+ u.iCert->SetTrustedL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafApplicability) == 0)
+ {
+ RArray<TUid> applicability;
+ CleanupClosePushL(applicability);
+
+ ParseApplicabilityL(aObject, applicability);
+ u.iCert->SetApplicabilityL(applicability);
+
+ CleanupStack::PopAndDestroy(); //applicability
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataCertReqL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataCertReqL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafSubjectName) == 0)
+ {
+ u.iCertReq->SetSubjectNameL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafRfc822Name) == 0)
+ {
+ u.iCertReq->SetRfc822NameL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyURI) == 0)
+ {
+ u.iCertReq->SetKeyUriL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyLength) == 0)
+ {
+ u.iCertReq->SetKeyLength(aObject);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataPrivKeyL(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataPrivKeyL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafKeyType) == 0)
+ {
+ u.iPrivKey->SetKeyTypeL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyLength) == 0)
+ {
+ u.iPrivKey->SetKeyLength(aObject);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+void CDmAdRtNodeData::UpdateLeafDataPKCS12L(const TDesC8& aUri, const TDesC8& aObject)
+ {
+ TRACE("CDmAdRtNodeData::UpdateLeafDataPKCS12L");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ u.iPKCS12->SetContentL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafDeletable) == 0)
+ {
+ u.iPKCS12->SetDeletableL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafPKCS12Password) == 0)
+ {
+ u.iPKCS12->SetPasswordL(aObject);
+ }
+ else if (lastSeg.Compare(KDmAdLeafApplicability) == 0)
+ {
+ RArray<TUid> applicability;
+ CleanupClosePushL(applicability);
+
+ ParseApplicabilityL(aObject, applicability);
+ u.iPKCS12->SetApplicabilityL(applicability);
+
+ CleanupStack::PopAndDestroy(); //applicability
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectLC(const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ switch (iUriType)
+ {
+ case EDmAdUriTypeCert:
+ FetchLeafObjectCertLC(aUri, aLuid, aObject);
+ break;
+ case EDmAdUriTypeCertReq:
+ FetchLeafObjectCertReqLC(aUri, aLuid, aObject);
+ break;
+ case EDmAdUriTypePrivKey:
+ FetchLeafObjectPrivKeyLC(aUri, aLuid, aObject);
+ break;
+ case EDmAdUriTypePKCS12:
+ // PKCS#12 special case
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectCertLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, CBufBase*& aObject)
+ {
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafType) == 0)
+ {
+ HBufC8* obj = u.iCert->TypeLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafFormat) == 0)
+ {
+ HBufC8* obj = u.iCert->FormatLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafDeletable) == 0)
+ {
+ HBufC8* obj = u.iCert->DeletableLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafTrusted) == 0)
+ {
+ HBufC8* obj = u.iCert->TrustedLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafApplicability) == 0)
+ {
+
+ DEBUG_LOG(_L("Fetching applicability"));
+ const RArray<TUid>& applicability = u.iCert->Applicability();
+
+ CXmlWriter* writer = CXmlWriter::NewL();
+ CleanupStack::PushL(static_cast<CBase*>(writer));
+ writer->AddStartTagL(KXmlElemCertApps);
+
+ DEBUG_LOG(_L("KXmlElemCertApps Start tag added"));
+
+ for (TInt i = 0; i < applicability.Count(); ++i)
+ {
+ HBufC8* idInt = TDmAdUtil::IntToDes8LC((TInt)applicability[i].iUid);
+ writer->OpenStartTagL(KXmlElemApp);
+ writer->AddAttributeL(KXmlAttrId, *idInt);
+ writer->CloseStartTagL(ETrue);
+ CleanupStack::PopAndDestroy(idInt);
+ }
+ writer->AddEndTagL(KXmlElemCertApps);
+
+ DEBUG_LOG(_L("KXmlElemCertApps end tag added"));
+
+ TPtrC8 docDataPtr(writer->DocPart(0, writer->Length()-1));
+ object->InsertL(0, docDataPtr);
+
+ DEBUG_LOG(_L("document inserted"));
+
+ CleanupStack::PopAndDestroy(static_cast<CBase*>(writer));
+
+ DEBUG_LOG(_L("writer popped"));
+ }
+ else if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ TPtrC8 obj(u.iCert->Content());
+ object->InsertL(0, obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafSerialNumber) == 0)
+ {
+ HBufC8* obj = u.iCert->SerialNumberLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafIssuerName) == 0)
+ {
+ HBufC8* obj = u.iCert->IssuerNameLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafFingerprintAlg) == 0)
+ {
+ HBufC8* obj = u.iCert->FingerprintAlgLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafFingerprintValue) == 0)
+ {
+ HBufC8* obj = u.iCert->FingerprintValueLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafValidityBegin) == 0)
+ {
+ HBufC8* obj = u.iCert->ValidityBeginLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafValidityEnd) == 0)
+ {
+ HBufC8* obj = u.iCert->ValidityEndLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafSubjectName) == 0)
+ {
+ HBufC8* obj = u.iCert->SubjectNameLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafSubjectAltName) == 0)
+ {
+ HBufC8* obj = u.iCert->SubjectAltNameLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyURI) == 0)
+ {
+ HBufC8* obj = u.iCert->KeyUriLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyId) == 0)
+ {
+ HBufC8* obj = u.iCert->KeyIdLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyUsage) == 0)
+ {
+ HBufC8* obj = u.iCert->KeyUsageLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+
+ aObject = object;
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectCertReqLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, CBufBase*& aObject)
+ {
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafSubjectName) == 0)
+ {
+ TPtrC8 obj(u.iCertReq->SubjectName());
+ object->InsertL(0, obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafRfc822Name) == 0)
+ {
+ TPtrC8 obj(u.iCertReq->Rfc822Name());
+ object->InsertL(0, obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyURI) == 0)
+ {
+ HBufC8* obj = u.iCertReq->KeyUriL();
+ CleanupStack::PushL(obj);
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(obj);
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyLength) == 0)
+ {
+ HBufC8* obj = u.iCertReq->KeyLengthLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafContent) == 0)
+ {
+ TPtrC8 obj(u.iCertReq->Content());
+ object->InsertL(0, obj);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+
+ aObject = object;
+ }
+
+void CDmAdRtNodeData::FetchLeafObjectPrivKeyLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, CBufBase*& aObject)
+ {
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafKeyType) == 0)
+ {
+ HBufC8* obj = u.iPrivKey->KeyTypeLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyLength) == 0)
+ {
+ HBufC8* obj = u.iPrivKey->KeyLengthLC();
+ object->InsertL(0, *obj);
+ CleanupStack::PopAndDestroy(); //obj
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyId) == 0)
+ {
+ TPtrC8 obj(u.iPrivKey->KeyId());
+ object->InsertL(0, obj);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrNotFound);
+ }
+
+ aObject = object;
+ }
+
+void CDmAdRtNodeData::SetDefaultSettingsL(const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdRtNodeData::SetDefaultSettingsL");
+
+ switch (iUriType)
+ {
+ case EDmAdUriTypeCert:
+ u.iCert->SetDefaultSettings();
+ break;
+ case EDmAdUriTypeCertReq:
+ u.iCertReq->SetDefaultSettings();
+ break;
+ case EDmAdUriTypePrivKey:
+ u.iPrivKey->SetDefaultSettingsL();
+ break;
+ case EDmAdUriTypePKCS12:
+ u.iPKCS12->SetDefaultSettings();
+ break;
+ default:
+ DEBUG_LOG(_L("Unknown URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+
+void CDmAdRtNodeData::ParseApplicabilityL(const TDesC8& aApplicabilityData,
+ RArray<TUid>& aApplicabilityList) const
+ {
+ TRACE("CDmAdRtNodeData::ParseApplicabilityL");
+
+ aApplicabilityList.Reset();
+
+ if (aApplicabilityData.Length() == 0)
+ {
+ return;
+ }
+
+ CDesC8ArrayFlat* parserValueArray = new (ELeave) CDesC8ArrayFlat(10);
+ CleanupStack::PushL(parserValueArray);
+ CXmlPullParser* parser = CXmlPullParser::NewLC(*parserValueArray);
+ TPtrC8 name;
+ TPtrC8 attribute;
+
+ parser->SetInput(aApplicabilityData);
+ parser->NextL();
+ parser->Name(name);
+
+ if (parser->State() != CXmlPullParser::EStateStartTag || name != KXmlElemCertApps)
+ {
+ DEBUG_LOG(_L("Wrong state or name. (Expected EStateStartTag and CertApps"));
+ DEBUG_LOG2(_L8("State = %d, name = %S"), parser->State(), &name);
+ User::Leave(KErrCorrupt);
+ }
+
+ parser->NextL();
+ while (parser->State() == CXmlPullParser::EStateText)
+ {
+ DEBUG_LOG(_L8("Found text. Ignoring it..."));
+ parser->NextL();
+ }
+
+ while (parser->State() == CXmlPullParser::EStateStartTag)
+ {
+ parser->Name(name);
+ DEBUG_LOG1(_L8("Parsed: %S"), &name);
+
+ if (name != KXmlElemApp)
+ {
+ DEBUG_LOG1(_L8("Invalid name: %S"), &name);
+ User::Leave(KErrCorrupt);
+ }
+
+ parser->AttributeValueL(KXmlAttrId, attribute);
+ TUid uid = { TDmAdUtil::DesToInt(attribute) };
+ DEBUG_LOG1(_L("Uid: 0x%x"), uid.iUid);
+
+ aApplicabilityList.Append(uid);
+ parser->NextL();
+
+ while (parser->State() == CXmlPullParser::EStateText)
+ {
+ DEBUG_LOG(_L8("Found text. Ignoring it..."));
+ parser->NextL();
+ }
+ }
+ parser->Name(name);
+
+ if (parser->State() != CXmlPullParser::EStateEndTag || name != KXmlElemCertApps)
+ {
+ DEBUG_LOG(_L("Wrong state or name. (Expected EStateEndTag and CertApps)"));
+ DEBUG_LOG2(_L8("State = %d, name = %S"), parser->State(), &name);
+ User::Leave(KErrCorrupt);
+ }
+ CleanupStack::PopAndDestroy(2); //parser, parserValueArray
+ }
+
+
+//======================================================================================
+//======================================================================================
+
+CDmAdCertData* CDmAdCertData::NewL(MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdCertData::NewL");
+
+ CDmAdCertData* self = new (ELeave) CDmAdCertData(aCallBack);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdCertData::ConstructL()
+ {
+ TRACE("CDmAdCertData::ConstructL");
+
+ iCertParms = CDmAdCertParms::NewL();
+ }
+
+CDmAdCertData::CDmAdCertData(MDmAdCallBack* aCallBack) : iCallBack(aCallBack)
+ {
+ }
+
+CDmAdCertData::~CDmAdCertData()
+ {
+ TRACE("CDmAdCertData::~CDmAdCertData");
+
+ delete iCertParms;
+ delete iCertCx509;
+ }
+
+void CDmAdCertData::SetDefaultSettings()
+ {
+ TRACE("CDmAdCertData::SetDefaultSettings");
+
+ iCertParms->SetDeletable(ETrue);
+ iCertParms->SetTrusted(ETrue);
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdCertData::SetTypeL(const TDesC8& aType)
+ {
+ TRACE("CDmAdCertData::SetType");
+
+ TInt value = TDmAdUtil::DesToInt(aType);
+
+ TPKICertificateOwnerType type = EPKICACertificate;
+ switch(value)
+ {
+ case 1:
+ type = EPKICACertificate;
+ break;
+ case 2:
+ type = EPKIUserCertificate;
+ break;
+ case 3:
+ type = EPKIPeerCertificate;
+ break;
+ default:
+ User::Leave(KErrCorrupt);
+ break;
+ }
+
+ iCertParms->SetType(type);
+ }
+
+HBufC8* CDmAdCertData::TypeLC()
+ {
+
+ TPKICertificateOwnerType type = iCertParms->Type();
+ TInt omaDmType = 0;
+ switch(type)
+ {
+ case EPKICACertificate:
+ omaDmType = 1;
+ break;
+ case EPKIUserCertificate:
+ omaDmType = 2;
+ break;
+ case EPKIPeerCertificate:
+ omaDmType = 3;
+ break;
+ default:
+ User::Leave(KErrCorrupt);
+ break;
+ }
+
+ return TDmAdUtil::IntToDes8LC(omaDmType);
+ }
+
+void CDmAdCertData::SetFormatL(const TDesC8& aFormat)
+ {
+ TRACE("CDmAdCertData::SetFormat");
+ TInt value = TDmAdUtil::DesToInt(aFormat);
+
+ if (value != 1)
+ {
+ User::Leave(KErrCorrupt);
+ }
+ }
+
+HBufC8* CDmAdCertData::FormatLC()
+ {
+ //The format is always 1, which means X509 cert.
+ return TDmAdUtil::IntToDes8LC(1);
+ }
+
+void CDmAdCertData::SetDeletableL(const TDesC8& aDeletable)
+ {
+ TRACE("CDmAdCertData::SetDeletableL");
+
+ if (aDeletable.Compare(KDmAdDfFormatBoolTrue) == 0)
+ {
+ iCertParms->SetDeletable(ETrue);
+ }
+ else if (aDeletable.Compare(KDmAdDfFormatBoolFalse) == 0)
+ {
+ iCertParms->SetDeletable(EFalse);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Comparization failed"));
+ User::Leave(KErrGeneral);
+ }
+ }
+
+HBufC8* CDmAdCertData::DeletableLC()
+ {
+ if (iCertParms->Deletable())
+ {
+ return KDmAdDfFormatBoolTrue().AllocLC();
+ }
+ else
+ {
+ return KDmAdDfFormatBoolFalse().AllocLC();
+ }
+ }
+
+void CDmAdCertData::SetTrustedL(const TDesC8& aTrusted)
+ {
+ TRACE("CDmAdCertData::SetTrustedL");
+
+ if (aTrusted.Compare(KDmAdDfFormatBoolTrue) == 0)
+ {
+ iCertParms->SetTrusted(ETrue);
+ }
+ else if (aTrusted.Compare(KDmAdDfFormatBoolFalse) == 0)
+ {
+ iCertParms->SetTrusted(EFalse);
+ }
+ else
+ {
+ DEBUG_LOG(_L("No match found"));
+ User::Leave(KErrGeneral);
+ }
+ }
+
+HBufC8* CDmAdCertData::TrustedLC()
+ {
+ if (iCertParms->Trusted())
+ {
+ return KDmAdDfFormatBoolTrue().AllocLC();
+ }
+ else
+ {
+ return KDmAdDfFormatBoolFalse().AllocLC();
+ }
+ }
+
+void CDmAdCertData::SetApplicabilityL(const RArray<TUid>& aApplicability)
+ {
+ TRACE("CDmAdCertData::SetApplicabilityL");
+
+ iCertParms->SetApplicabilityL(aApplicability);
+ }
+
+const RArray<TUid>& CDmAdCertData::Applicability() const
+ {
+ TRACE("CDmAdCertData::Applicability");
+
+ return iCertParms->Applicability();
+ }
+
+void CDmAdCertData::SetContentL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdCertData::SetContentL");
+
+ delete iCertCx509;
+ iCertCx509 = NULL;
+ iCertParms->SetContentL(aContent);
+ if (iCertParms->Content().Length() > 0)
+ {
+ iCertCx509 = CX509Certificate::NewL(iCertParms->Content());
+ }
+ }
+
+TPtrC8 CDmAdCertData::Content()
+ {
+ TRACE("CDmAdCertData::Content");
+
+ return iCertParms->Content();
+ }
+
+//-----------------
+
+HBufC8* CDmAdCertData::SerialNumberLC()
+ {
+ HBufC8* ret = NULL;
+ const TPtrC8 serialNumber(iCertCx509->SerialNumber());
+ //const TPtrC8 serialNumber(*(iCertCx509->DataElementEncoding(CX509Certificate::ESerialNumber)));
+ if (serialNumber.Length() == 0)
+ {
+ ret = HBufC8::NewLC(1);
+ }
+ else
+ {
+ ret = serialNumber.AllocLC();
+ }
+ return ret;
+ }
+
+HBufC8* CDmAdCertData::IssuerNameLC()
+ {
+ HBufC8* ret = NULL;
+ const TPtrC8 issuerName(*(iCertCx509->DataElementEncoding(CX509Certificate::EIssuerName)));
+ if (issuerName.Length() == 0)
+ {
+ ret = HBufC8::NewLC(1);
+ }
+ else
+ {
+ ret = issuerName.AllocLC();
+ }
+ return ret;
+ }
+
+HBufC8* CDmAdCertData::FingerprintAlgLC()
+ {
+ if (iCertCx509->Fingerprint().Length() == 16)
+ {
+ return TDmAdUtil::IntToDes8LC(1); // MD5
+ }
+ else
+ {
+ return TDmAdUtil::IntToDes8LC(2); // SHA1
+ }
+ }
+
+HBufC8* CDmAdCertData::FingerprintValueLC()
+ {
+ return iCertCx509->Fingerprint().AllocLC();
+ }
+
+HBufC8* CDmAdCertData::ValidityBeginLC()
+ {
+ TTime beginTime = iCertCx509->ValidityPeriod().Start();
+ return FormatCertValidityTimeLC(beginTime);
+ }
+
+HBufC8* CDmAdCertData::ValidityEndLC()
+ {
+ TTime endTime = iCertCx509->ValidityPeriod().Finish();
+ return FormatCertValidityTimeLC(endTime);
+ }
+
+HBufC8* CDmAdCertData::SubjectNameLC()
+ {
+ HBufC8* ret = NULL;
+ const TPtrC8 subjectName(*(iCertCx509->DataElementEncoding(CX509Certificate::ESubjectName)));
+ if (subjectName.Length() == 0)
+ {
+ ret = HBufC8::NewLC(1);
+ }
+ else
+ {
+ ret = subjectName.AllocLC();
+ }
+ return ret;
+ }
+
+HBufC8* CDmAdCertData::SubjectAltNameLC()
+ {
+ HBufC8* subjectAltNameExtRfc822 = HBufC8::NewLC(KMaxRfc822);
+ TPtr8 subjectAltNameExtRfc822Ptr(subjectAltNameExtRfc822->Des());
+
+ const CX509CertExtension* subjAltName;
+ subjAltName = iCertCx509->Extension(KSubjectAltName);
+ if (subjAltName)
+ {
+ CX509AltNameExt* subjectAlt = CX509AltNameExt::NewLC(subjAltName->Data());
+ if (subjectAlt)
+ {
+ const CArrayPtrFlat<CX509GeneralName>* nameArray;
+ nameArray = &subjectAlt->AltName();
+ // Search rfc822
+ for (TInt i = 0; i < nameArray->Count(); i++)
+ {
+ if(nameArray->At(i)->Tag() == EX509RFC822Name)
+ {
+ TPtrC8 data = nameArray->At(i)->Data();
+ subjectAltNameExtRfc822Ptr.Copy(data.Right(data.Length() - 2));
+ break;
+ }
+ }
+ CleanupStack::PopAndDestroy(subjectAlt);
+ }
+ }
+ return subjectAltNameExtRfc822;
+ }
+
+HBufC8* CDmAdCertData::KeyUriLC()
+ {
+ HBufC8* keyId = KeyIdLC();
+ HBufC8* keyUri = FindKeyUriLC(*keyId);
+ CleanupStack::Pop(keyUri);
+ CleanupStack::PopAndDestroy(keyId);
+ CleanupStack::PushL(keyUri);
+ return keyUri;
+ }
+
+HBufC8* CDmAdCertData::KeyIdLC()
+ {
+#if 0
+ const CSubjectPublicKeyInfo* subjectPublicKeyInfo = &iCertCx509->PublicKey();
+ if (subjectPublicKeyInfo->AlgorithmId() != ERSA)
+ {
+ return HBufC8::NewLC(1);
+ }
+
+ return TDmAdCertUtil::RSAKeyIdentifierLC(subjectPublicKeyInfo->KeyData());
+#else
+ return iCertCx509->KeyIdentifierL().AllocLC();
+#endif
+ }
+
+
+HBufC8* CDmAdCertData::KeyUsageLC()
+ {
+ const TInt KKeyUsageTxtLen = 12;
+ HBufC8* keyUsage = HBufC8::NewLC(KKeyUsageTxtLen);
+ TPtr8 keyUsagePtr(keyUsage->Des());
+
+ const CX509CertExtension* certExt = iCertCx509->Extension(KKeyUsage);
+
+ if(0 == certExt)
+ {
+ return keyUsage;
+ }
+
+ const CX509KeyUsageExt* keyUsageExt =
+ CX509KeyUsageExt::NewLC(certExt->Data());
+
+ // Encode key usage values to bstring format
+ // See IETF RFC 3641.
+ keyUsagePtr.Append('\'');
+
+ ENC_BIT( EX509DigitalSignature );
+ ENC_BIT( EX509NonRepudiation );
+ ENC_BIT( EX509KeyEncipherment );
+ ENC_BIT( EX509DataEncipherment );
+ ENC_BIT( EX509KeyAgreement );
+ ENC_BIT( EX509KeyCertSign );
+ ENC_BIT( EX509CRLSign );
+ ENC_BIT( EX509EncipherOnly );
+ ENC_BIT( EX509DecipherOnly );
+
+ keyUsagePtr.Append(_L8("'B"));
+
+ CleanupStack::PopAndDestroy(); // keyUsageExt
+
+ return keyUsage;
+ }
+
+
+HBufC8* CDmAdCertData::FormatCertValidityTimeLC(const TTime& aTime)
+ {
+ TDateTime time = aTime.DateTime();
+
+ HBufC8* ret = HBufC8::NewLC(20);
+ TPtr8 retPtr(ret->Des());
+
+ _LIT8(KFormatTxt,"%4d%02d%02dT%02d%02d%02dZ");
+ retPtr.Format(KFormatTxt,
+ time.Year(),
+ TInt(time.Month()+1),
+ // Format the month as a TInt to preserve locale independence
+ time.Day()+1,
+ // Day and month ranges begin at zero (0-30 and 0-11),
+ // so add one when formatting
+ time.Hour(),
+ time.Minute(),
+ time.Second());
+ return ret;
+ }
+
+HBufC8* CDmAdCertData::FindKeyUriLC(const TDesC8& aKeyId)
+ {
+ DEBUG_LOG(_L("CDmAdCertData::FindKeyUriLC:"));
+ DEBUG_LOG_HEX(aKeyId);
+
+ _LIT8(KDmAdPrivKeyUri, "NokiaPKI/PrivKey");
+
+#if 1
+
+ HBufC8* uri = iCallBack->FindChildUriL(KDmAdPrivKeyUri, aKeyId);
+ if (uri != 0)
+ {
+ DEBUG_LOG(_L("CDmAdCertData::FindKeyUriLC:"));
+ DEBUG_LOG_HEX(*uri);
+ }
+ else
+ {
+ DEBUG_LOG(_L("URI not found"));
+ uri = HBufC8::NewL(1);
+ }
+
+ CleanupStack::PushL(uri);
+ return uri;
+
+#else
+
+ HBufC8* ret = 0;
+
+ CBufBase* childUriList = CBufFlat::NewL(16);
+ CleanupStack::PushL(childUriList);
+ MSmlDmAdapter::TError status;
+ iCallBack->FetchLinkL(KDmAdPrivKeyUri, *childUriList, status);
+ if (status != MSmlDmAdapter::EOk)
+ {
+ DMADERR(DmAdErr::Printf(_L("***CDmAdCertData::FindKeyUriLC: %d (line=%d)\n"), KDmAdErr1, __LINE__));
+ User::Leave(KErrGeneral);
+ }
+
+ CArrayFix<TPtrC8>* uriSegList;
+ TDmAdUtil::ParseUriLC(childUriList->Ptr(0), uriSegList);
+
+ TBool found = EFalse;
+ HBufC8* uri = 0;
+ HBufC8* uriKeyId = 0;
+ for (TInt i=0; i<uriSegList->Count(); ++i)
+ {
+ uri = TDmAdUtil::BuildUriLC(KDmAdPrivKeyUri, uriSegList->At(i));
+ uriKeyId = TDmAdUtil::BuildUriLC(*uri, KDmAdLeafKeyId);
+
+ CBufBase* keyId = CBufFlat::NewL(16);
+ CleanupStack::PushL(keyId);
+ iCallBack->FetchLinkL(*uriKeyId, *keyId, status);
+ if (status != MSmlDmAdapter::EOk)
+ {
+ DMADERR(DmAdErr::Printf(_L("***CDmAdCertData::FindKeyUriLC: %d (line=%d)\n"), KDmAdErr1, __LINE__));
+ User::Leave(KErrGeneral);
+ }
+ if (keyId->Ptr(0).Compare(aKeyId) == 0)
+ {
+ found = ETrue;
+ CleanupStack::PopAndDestroy(2); // keyId, uriKeyId
+ break;
+ }
+ CleanupStack::PopAndDestroy(3); // keyId, uriKeyId, uri
+ }
+
+ if (found)
+ {
+ DMADLOG(DmAdLog::Printf(_L("CDmAdCertData::FindKeyUriLC:\n")));
+ DMADLOG(DmAdLog::HexDump(NULL, NULL, uri->Ptr(), uri->Size()));
+ CleanupStack::Pop(uri);
+ ret = uri;
+ }
+ else
+ {
+ DMADLOG(DmAdLog::Printf(_L("CDmAdCertData::FindKeyUriLC: not found\n")));
+ ret = HBufC8::NewL(1);
+ }
+
+ CleanupStack::PopAndDestroy(2); //uriSegList, childUriList
+ CleanupStack::PushL(ret);
+ return ret;
+#endif
+ }
+
+
+
+//--------------------------------------------------------------------------
+
+void CDmAdCertData::RestoreL(const CDmAdCertParms& aCertParms)
+ {
+ TRACE("CDmAdCertData::RestoreL");
+
+ iCertParms->SetType(aCertParms.Type());
+ iCertParms->SetDeletable(aCertParms.Deletable());
+ iCertParms->SetTrusted(aCertParms.Trusted());
+ iCertParms->SetApplicabilityL(aCertParms.Applicability());
+
+ delete iCertCx509;
+ iCertCx509 = 0;
+ iCertParms->SetContentL(aCertParms.Content());
+ if (iCertParms->Content().Length() > 0)
+ {
+ iCertCx509 = CX509Certificate::NewL(iCertParms->Content());
+ }
+
+ iCertParms->SetKeyId(aCertParms.KeyId()); // now NULL
+ }
+
+void CDmAdCertData::ToStoreL(CDmAdCertParms& aCertParms)
+ {
+ TRACE("CDmAdCertData::ToStoreL");
+
+ aCertParms.SetType(iCertParms->Type());
+ aCertParms.SetDeletable(iCertParms->Deletable());
+ aCertParms.SetTrusted(iCertParms->Trusted());
+ aCertParms.SetApplicabilityL(iCertParms->Applicability());
+ aCertParms.SetContentL(iCertParms->Content());
+
+ if (iCertCx509 == NULL)
+ {
+ DEBUG_LOG(_L("No cert!"));
+ User::Leave(KErrGeneral);
+ }
+ TKeyIdentifier keyId = iCertCx509->KeyIdentifierL(); //TKeyIdentifier is 20 bytes long
+ aCertParms.SetKeyId(keyId);
+ }
+
+
+
+//======================================================================================
+//======================================================================================
+
+CDmAdCertReqData* CDmAdCertReqData::NewL(MDmAdCallBack* aCallBack)
+ {
+ TRACE("CDmAdCertReqData::NewL");
+
+ CDmAdCertReqData* self = new (ELeave) CDmAdCertReqData(aCallBack);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdCertReqData::ConstructL()
+ {
+ TRACE("CDmAdCertReqData::ConstructL");
+ iCertReqParms = CDmAdCertReqParms::NewL();
+ }
+
+CDmAdCertReqData::CDmAdCertReqData(MDmAdCallBack* aCallBack) : iCallBack(aCallBack)
+ {
+ }
+
+CDmAdCertReqData::~CDmAdCertReqData()
+ {
+ TRACE("CDmAdCertReqData::~CDmAdCertReqData");
+ delete iCertReqParms;
+ }
+
+void CDmAdCertReqData::SetDefaultSettings()
+ {
+ TRACE("CDmAdCertReqData::SetDefaultSettings");
+ iCertReqParms->SetKeyLength(1024);
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdCertReqData::SetSubjectNameL(const TDesC8& aSubjectName)
+ {
+ TRACE("CDmAdCertReqData::SetSubjectNameL");
+ iCertReqParms->SetSubjectNameL(aSubjectName);
+ }
+
+TPtrC8 CDmAdCertReqData::SubjectName()
+ {
+ TRACE("CDmAdCertReqData::SubjectName");
+ return iCertReqParms->SubjectName();
+ }
+
+void CDmAdCertReqData::SetRfc822NameL(const TDesC8& aRfc822Name)
+ {
+ TRACE("CDmAdCertReqData::SetRfc822NameL");
+ iCertReqParms->SetRfc822NameL(aRfc822Name);
+ }
+
+TPtrC8 CDmAdCertReqData::Rfc822Name()
+ {
+ TRACE("CDmAdCertReqData::Rfc822Name");
+ return iCertReqParms->Rfc822Name();
+ }
+
+void CDmAdCertReqData::SetKeyUriL(const TDesC8& aKeyUri)
+ {
+ TRACE("CDmAdCertReqData::SetKeyUriL");
+
+ //We save key luid (which is also key id) to the data
+ //structure. Not the actual key uri.
+
+ HBufC8* keyId = iCallBack->GetLuidAllocL(aKeyUri);
+ CleanupStack::PushL(keyId);
+
+ if (keyId->Length() == 0)
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ iCertReqParms->SetKeyIdentifierByUriL(*keyId);
+ CleanupStack::PopAndDestroy(keyId);
+ }
+
+HBufC8* CDmAdCertReqData::KeyUriL() const
+ {
+ TRACE("CDmAdCertReqData::KeyUri");
+
+ TPtrC8 keyId = iCertReqParms->KeyIdentifierByUri();
+ HBufC8* keyUri = iCallBack->FindChildUriL(KDmAdOwnAdUriForPrivateKeys, keyId);
+ CleanupStack::PushL(keyUri);
+
+ if (keyUri->Length() == 0)
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ CleanupStack::Pop(keyUri);
+ return keyUri;
+ }
+
+void CDmAdCertReqData::SetKeyLength(const TDesC8& aKeyLength)
+ {
+ TRACE("CDmAdCertReqData::SetKeyLength");
+ iCertReqParms->SetKeyLength(TDmAdUtil::DesToInt(aKeyLength));
+ }
+
+HBufC8* CDmAdCertReqData::KeyLengthLC()
+ {
+ return TDmAdUtil::IntToDes8LC(iCertReqParms->KeyLength());
+ }
+
+//------------
+
+
+TPtrC8 CDmAdCertReqData::Content()
+ {
+ TRACE("CDmAdCertReqData::Content");
+ return iCertReqParms->Content();
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdCertReqData::RestoreL(const CDmAdCertReqParms& aCertReqParms)
+ {
+ TRACE("CDmAdCertReqData::RestoreL");
+ iCertReqParms->SetSubjectNameL(aCertReqParms.SubjectName());
+ iCertReqParms->SetRfc822NameL(aCertReqParms.Rfc822Name());
+ iCertReqParms->SetKeyLength(aCertReqParms.KeyLength());
+ iCertReqParms->SetKeyIdentifierByUriL(aCertReqParms.KeyIdentifierByUri());
+ iCertReqParms->SetContentL(aCertReqParms.Content());
+ }
+
+void CDmAdCertReqData::ToStoreL(CDmAdCertReqParms& aCertReqParms)
+ {
+ TRACE("CDmAdCertReqData::ToStoreL");
+
+ aCertReqParms.SetSubjectNameL(iCertReqParms->SubjectName());
+ aCertReqParms.SetRfc822NameL(iCertReqParms->Rfc822Name());
+ aCertReqParms.SetKeyLength(iCertReqParms->KeyLength());
+ aCertReqParms.SetKeyIdentifierByUriL(iCertReqParms->KeyIdentifierByUri());
+ aCertReqParms.SetContentL(iCertReqParms->Content());
+ }
+
+//======================================================================================
+//======================================================================================
+
+CDmAdPrivKeyData* CDmAdPrivKeyData::NewL()
+ {
+ TRACE("CDmAdPrivKeyData::NewL");
+ CDmAdPrivKeyData *self = new (ELeave) CDmAdPrivKeyData();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdPrivKeyData::ConstructL()
+ {
+ TRACE("CDmAdPrivKeyData::ConstructL");
+ iPrivKeyParms = CDmAdPrivKeyParms::NewL();
+ }
+
+CDmAdPrivKeyData::CDmAdPrivKeyData()
+ {
+ }
+
+CDmAdPrivKeyData::~CDmAdPrivKeyData()
+ {
+ TRACE("CDmAdPrivKeyData::~CDmAdPrivKeyData");
+ delete iPrivKeyParms;
+ }
+
+void CDmAdPrivKeyData::SetDefaultSettingsL()
+ {
+ TRACE("CDmAdPrivKeyData::SetDefaultSettings");
+ iPrivKeyParms->SetKeyTypeL(EPKIRSA);
+ iPrivKeyParms->SetKeyLength(2048);
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdPrivKeyData::SetKeyTypeL(const TDesC8& aKeyType)
+ {
+ TRACE("CDmAdPrivKeyData::SetKeyType");
+ TInt value = TDmAdUtil::DesToInt(aKeyType);
+
+ TPKIKeyAlgorithm keyType = EPKIRSA;
+ switch(value)
+ {
+ case 1:
+ keyType = EPKIRSA;
+ break;
+ case 2:
+ keyType = EPKIDSA;
+ break;
+ default:
+ User::Leave(KErrCorrupt);
+ break;
+ }
+
+ iPrivKeyParms->SetKeyTypeL(keyType);
+ }
+
+HBufC8* CDmAdPrivKeyData::KeyTypeLC()
+ {
+ TInt keyType = 1;
+ switch(iPrivKeyParms->KeyType())
+ {
+ case EPKIRSA:
+ keyType = 1;
+ break;
+ case EPKIDSA:
+ keyType = 2;
+ break;
+ default:
+ User::Invariant();
+ break;
+ }
+ return TDmAdUtil::IntToDes8LC(keyType);
+ }
+
+void CDmAdPrivKeyData::SetKeyLength(const TDesC8& aKeyLength)
+ {
+ TRACE("CDmAdPrivKeyData::SetKeyLength");
+ iPrivKeyParms->SetKeyLength(TDmAdUtil::DesToInt(aKeyLength));
+ }
+
+HBufC8* CDmAdPrivKeyData::KeyLengthLC()
+ {
+ return TDmAdUtil::IntToDes8LC(iPrivKeyParms->KeyLength());
+ }
+
+//------------
+
+TPtrC8 CDmAdPrivKeyData::KeyId()
+ {
+ TRACE("CDmAdPrivKeyData::KeyId");
+ return iPrivKeyParms->KeyId();
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdPrivKeyData::RestoreL(const CDmAdPrivKeyParms& aPrivKeyParms)
+ {
+ TRACE("CDmAdPrivKeyData::RestoreL");
+ iPrivKeyParms->SetKeyTypeL(aPrivKeyParms.KeyType());
+ iPrivKeyParms->SetKeyIdL(aPrivKeyParms.KeyId());
+ iPrivKeyParms->SetKeyLength(aPrivKeyParms.KeyLength());
+ }
+
+void CDmAdPrivKeyData::ToStoreL(CDmAdPrivKeyParms& aPrivKeyParms)
+ {
+ TRACE("CDmAdPrivKeyData::ToStoreL");
+ aPrivKeyParms.SetKeyTypeL(iPrivKeyParms->KeyType());
+ aPrivKeyParms.SetKeyIdL(iPrivKeyParms->KeyId());
+ aPrivKeyParms.SetKeyLength(iPrivKeyParms->KeyLength());
+ }
+
+
+
+//======================================================================================
+//======================================================================================
+
+CDmAdPKCS12Data* CDmAdPKCS12Data::NewL(/*MDmAdCallBack* aCallBack*/)
+ {
+ TRACE("CDmAdPKCS12Data::NewL");
+
+// CDmAdPKCS12Data* self = new (ELeave) CDmAdPKCS12Data(aCallBack);
+ CDmAdPKCS12Data* self = new (ELeave) CDmAdPKCS12Data();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdPKCS12Data::ConstructL()
+ {
+ TRACE("CDmAdPKCS12Data::ConstructL");
+
+ iPKCS12Parms = CDmAdPKCS12Parms::NewL();
+ }
+
+CDmAdPKCS12Data::CDmAdPKCS12Data(/*MDmAdCallBack* aCallBack*/)
+// : iCallBack(aCallBack)
+ {
+ }
+
+CDmAdPKCS12Data::~CDmAdPKCS12Data()
+ {
+ TRACE("CDmAdPKCS12Data::~CDmAdPKCS12Data");
+
+ delete iPKCS12Parms;
+ }
+
+void CDmAdPKCS12Data::SetDefaultSettings()
+ {
+ TRACE("CDmAdPKCS12Data::SetDefaultSettings");
+
+ TPtrC8 emptyPwd(KNullDesC8);
+ iPKCS12Parms->SetDeletable(ETrue);
+ TRAP_IGNORE(iPKCS12Parms->SetPasswordL(emptyPwd));
+ }
+
+//--------------------------------------------------------------------------
+
+void CDmAdPKCS12Data::SetDeletableL(const TDesC8& aDeletable)
+ {
+ TRACE("CDmAdPKCS12Data::SetDeletableL");
+
+ if (aDeletable.Compare(KDmAdDfFormatBoolTrue) == 0)
+ {
+ iPKCS12Parms->SetDeletable(ETrue);
+ }
+ else if (aDeletable.Compare(KDmAdDfFormatBoolFalse) == 0)
+ {
+ iPKCS12Parms->SetDeletable(EFalse);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Comparization failed"));
+ User::Leave(KErrGeneral);
+ }
+ }
+
+HBufC8* CDmAdPKCS12Data::DeletableLC()
+ {
+ if (iPKCS12Parms->Deletable())
+ {
+ return KDmAdDfFormatBoolTrue().AllocLC();
+ }
+ else
+ {
+ return KDmAdDfFormatBoolFalse().AllocLC();
+ }
+ }
+
+void CDmAdPKCS12Data::SetApplicabilityL(const RArray<TUid>& aApplicability)
+ {
+ TRACE("CDmAdPKCS12Data::SetApplicabilityL");
+
+ iPKCS12Parms->SetApplicabilityL(aApplicability);
+ }
+
+const RArray<TUid>& CDmAdPKCS12Data::Applicability() const
+ {
+ TRACE("CDmAdPKCS12Data::Applicability");
+
+ return iPKCS12Parms->Applicability();
+ }
+
+void CDmAdPKCS12Data::SetContentL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdPKCS12Data::SetContentL");
+
+ iPKCS12Parms->SetContentL(aContent);
+ }
+
+TPtrC8 CDmAdPKCS12Data::Content()
+ {
+ TRACE("CDmAdPKCS12Data::Content");
+
+ return iPKCS12Parms->Content();
+ }
+
+void CDmAdPKCS12Data::SetPasswordL(const TDesC8& aPassword)
+ {
+ TRACE("CDmAdPKCS12Data::SetPasswordL");
+
+ iPKCS12Parms->SetPasswordL(aPassword);
+ }
+
+TPtrC8 CDmAdPKCS12Data::Password()
+ {
+ TRACE("CDmAdPKCS12Data::Password");
+
+ return iPKCS12Parms->Password();
+ }
+
+//-----------------
+
+
+
+//--------------------------------------------------------------------------
+
+void CDmAdPKCS12Data::RestoreL(const CDmAdPKCS12Parms& aPKCS12Parms)
+ {
+ TRACE("CDmAdPKCS12Data::RestoreL");
+ iPKCS12Parms->SetDeletable(aPKCS12Parms.Deletable());
+ iPKCS12Parms->SetApplicabilityL(aPKCS12Parms.Applicability());
+ iPKCS12Parms->SetContentL(aPKCS12Parms.Content());
+ iPKCS12Parms->SetPasswordL(aPKCS12Parms.Content());
+ }
+
+void CDmAdPKCS12Data::ToStoreL(CDmAdPKCS12Parms& aPKCS12Parms)
+ {
+ TRACE("CDmAdPKCS12Data::ToStoreL");
+
+ aPKCS12Parms.SetDeletable(iPKCS12Parms->Deletable());
+ aPKCS12Parms.SetApplicabilityL(iPKCS12Parms->Applicability());
+ aPKCS12Parms.SetContentL(iPKCS12Parms->Content());
+ aPKCS12Parms.SetPasswordL(iPKCS12Parms->Password());
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/DmAdStore.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,561 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: implementation of DmAdStore
+*
+*/
+
+
+
+#include "DmAdStore.h"
+#include "DmAdRtNodeData.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+
+#include "pkcs12vpn.h"
+
+CDmAdStore* CDmAdStore::NewL(MDmAdCallBack* aDmAdCallBack)
+ {
+ TRACE("CDmAdStore::NewL");
+
+ CDmAdStore *self = new (ELeave) CDmAdStore();
+ CleanupStack::PushL(self);
+ self->ConstructL(aDmAdCallBack);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CDmAdStore::ConstructL(MDmAdCallBack* aDmAdCallBack)
+ {
+ TRACE("CDmAdStore::ConstructL");
+
+ TInt status = iPkiServiceApi.Connect();
+ DEBUG_LOG1(_L("Connect status: %d"), status);
+ User::LeaveIfError(status);
+ iCert = CDmAdCert::NewL(iPkiServiceApi);
+ iCertReq = CDmAdCertReq::NewL(iPkiServiceApi, aDmAdCallBack);
+ iPrivKey = CDmAdPrivKey::NewL(iPkiServiceApi);
+ iPKCS12Obj = CDmAdPKCS12::NewL(iPkiServiceApi);
+ }
+
+CDmAdStore::CDmAdStore()
+ {
+ TRACE("CDmAdStore::CDmAdStore");
+ }
+
+CDmAdStore::~CDmAdStore()
+ {
+ TRACE("CDmAdStore::~CDmAdStore");
+
+ iPkiServiceApi.Close();
+ delete iCert;
+ delete iCertReq;
+ delete iPrivKey;
+ delete iPKCS12Obj;
+ }
+
+TBool CDmAdStore::FindRtNodeL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdStore::FindRtNodeL");
+
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ return CertFindRtNodeL(aLuid, aUri);
+ case EDmAdUriTypeCertReq:
+ return CertReqFindRtNodeL(aLuid, aUri);
+ case EDmAdUriTypePrivKey:
+ return PrivKeyFindRtNodeL(aLuid, aUri);
+ case EDmAdUriTypePKCS12:
+ // For PKCS#12, a special case
+ return EFalse;
+ default:
+ DEBUG_LOG(_L("Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ return EFalse;
+ }
+ }
+
+void CDmAdStore::LuidListL(const TDesC8& aUri, const TDesC8& aLuid, RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdStore::LuidListL");
+
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ CertLuidListL(aUri, aLuid, aLuidList);
+ break;
+ case EDmAdUriTypeCertReq:
+ CertReqLuidListL(aUri, aLuid, aLuidList);
+ break;
+ case EDmAdUriTypePrivKey:
+ PrivKeyLuidListL(aUri, aLuid, aLuidList);
+ break;
+ case EDmAdUriTypePKCS12:
+ // For PKCS#12, a special case
+ break;
+ default:
+ DEBUG_LOG(_L("CDmAdStore::LuidListLC: Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::FetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::FetchRtNodeL");
+
+ TDmAdUriType uriType = aRtNode.Data()->UriType();
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ CertFetchRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypeCertReq:
+ CertReqFetchRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypePrivKey:
+ PrivKeyFetchRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypePKCS12:
+ // For PKCS#12, a special case
+ break;
+ default:
+ DEBUG_LOG(_L("Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::SaveTopLevelRtNodeL");
+
+ TDmAdUriType uriType = aRtNode.Data()->UriType();
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ CertSaveTopLevelRtNodeL(aRtNode, aChildRtNodes);
+ break;
+ case EDmAdUriTypeCertReq:
+ CertReqSaveTopLevelRtNodeL(aRtNode, aChildRtNodes);
+ break;
+ case EDmAdUriTypePKCS12:
+ PKCS12SaveTopLevelRtNodeL(aRtNode, aChildRtNodes);
+ break;
+ default:
+ DEBUG_LOG(_L("Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::SaveChildLevelRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::SaveChildLevelRtNodeL");
+
+ TDmAdUriType uriType = aRtNode.Data()->UriType();
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ CertSaveChildLevelRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypeCertReq:
+ CertReqSaveChildLevelRtNodeL(aRtNode);
+ break;
+ case EDmAdUriTypePKCS12:
+ // For PKCS#12, a special case
+ break;
+ default:
+ DEBUG_LOG(_L("Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+void CDmAdStore::DeleteRtNodeL(const TDesC8& aLuid, const TDesC8& aUri)
+ {
+ TRACE("CDmAdStore::DeleteRtNodeL");
+
+ TDmAdUriType uriType = CDmAdRtNodeData::UriTypeL(aUri);
+ switch (uriType)
+ {
+ case EDmAdUriTypeCert:
+ CertDeleteRtNodeL(aLuid, aUri);
+ break;
+ case EDmAdUriTypeCertReq:
+ CertReqDeleteRtNodeL(aLuid, aUri);
+ break;
+ case EDmAdUriTypePrivKey:
+ PrivKeyDeleteRtNodeL(aLuid, aUri);
+ break;
+ case EDmAdUriTypePKCS12:
+ // For PKCS#12, a special case
+ break;
+ default:
+ DEBUG_LOG(_L("Unexcepted URI type"));
+ User::Leave(KErrGeneral);
+ break;
+ }
+ }
+
+//=========================================================================
+//=========================================================================
+
+TBool CDmAdStore::CertFindRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::CertFindRtNodeL");
+
+ TBool ret = EFalse;
+ if (aLuid.Length() > 0)
+ {
+ if (iCert->FindL(aLuid))
+ {
+ ret = ETrue;
+ }
+ }
+ return ret;
+ }
+
+void CDmAdStore::CertLuidListL(const TDesC8& /*aUri*/, const TDesC8& /*aLuid*/, RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdStore::CertLuidListL");
+
+ iCert->ListL(aLuidList);
+ }
+
+void CDmAdStore::CertFetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::CertFetchRtNodeL");
+
+ TPtrC8 luid(aRtNode.Luid());
+ if (luid.Length() == 0)
+ {
+ DEBUG_LOG(_L("Zero length luid"));
+ User::Leave(KErrNotFound);
+ }
+
+ CDmAdCertData* data = aRtNode.Data()->CertData();
+ CDmAdCertParms* certParms = CDmAdCertParms::NewL();
+ CleanupStack::PushL(certParms);
+ iCert->FetchL(luid, *certParms);
+ data->RestoreL(*certParms);
+ CleanupStack::PopAndDestroy(certParms);
+ }
+
+void CDmAdStore::CertSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::CertSaveTopLevelRtNodeL");
+
+ if (aChildRtNodes.Count() > 0)
+ {
+ DEBUG_LOG(_L("ChildRtNode count > 0"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (aRtNode.IsJustFetched())
+ {
+ return;
+ }
+
+ CDmAdCertData* data = aRtNode.Data()->CertData();
+
+ CDmAdCertParms* certParms = CDmAdCertParms::NewL();
+ CleanupStack::PushL(certParms);
+
+ data->ToStoreL(*certParms);
+
+ if (aRtNode.IsSomeLeafAddedToRtNode())
+ {
+ HBufC8* luid = iCert->AddL(*certParms);
+ CleanupStack::PushL(luid);
+ aRtNode.SetLuidL(*luid);
+ CleanupStack::PopAndDestroy(luid);
+ }
+ else
+ {
+ iCert->UpdateL(aRtNode.Luid(), *certParms);
+ }
+
+ CleanupStack::PopAndDestroy(certParms);
+ }
+
+void CDmAdStore::CertSaveChildLevelRtNodeL(CDmAdRtNode& /*aRtNode*/)
+ {
+ TRACE("CDmAdStore::CertSaveChildLevelRtNodeL");
+
+ DEBUG_LOG(_L("Method not implemented"));
+ User::Leave(KErrGeneral);
+ }
+
+void CDmAdStore::CertDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::CertDeleteRtNodeL");
+
+ if (aLuid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ iCert->DeleteL(aLuid);
+ }
+
+//=========================================================================
+//=========================================================================
+
+TBool CDmAdStore::CertReqFindRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::CertReqFindRtNodeL");
+
+ TBool ret = EFalse;
+ if (aLuid.Length() > 0)
+ {
+ if (iCertReq->FindL(aLuid))
+ {
+ ret = ETrue;
+ }
+ }
+ return ret;
+ }
+
+void CDmAdStore::CertReqLuidListL(const TDesC8& /*aUri*/, const TDesC8& /*aLuid*/,RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdStore::CertReqLuidListL");
+
+ iCertReq->ListL(aLuidList);
+ }
+
+void CDmAdStore::CertReqFetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::CertReqFetchRtNodeL");
+
+ TPtrC8 luid(aRtNode.Luid());
+ if (luid.Length() == 0)
+ {
+ DEBUG_LOG(_L("luid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ CDmAdCertReqData* data = aRtNode.Data()->CertReqData();
+ CDmAdCertReqParms* CertReqParms = CDmAdCertReqParms::NewL();
+ CleanupStack::PushL(CertReqParms);
+ iCertReq->FetchL(luid, *CertReqParms);
+ data->RestoreL(*CertReqParms);
+ CleanupStack::PopAndDestroy(CertReqParms);
+ }
+
+void CDmAdStore::CertReqSaveTopLevelRtNodeL(CDmAdRtNode& aRtNode, CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::CertReqSaveTopLevelRtNodeL");
+
+ if (aChildRtNodes.Count() > 0)
+ {
+ DEBUG_LOG(_L("aChildRtNodes count > 0"));
+ User::Leave(KErrGeneral);
+ }
+
+ if (aRtNode.IsJustFetched())
+ {
+ return;
+ }
+
+ CDmAdCertReqData* data = aRtNode.Data()->CertReqData();
+
+ CDmAdCertReqParms* CertReqParms = CDmAdCertReqParms::NewL();
+ CleanupStack::PushL(CertReqParms);
+
+ data->ToStoreL(*CertReqParms);
+
+ if (aRtNode.IsSomeLeafAddedToRtNode())
+ {
+ HBufC8* luid = iCertReq->AddL(*CertReqParms);
+ CleanupStack::PushL(luid);
+ aRtNode.SetLuidL(*luid);
+ CleanupStack::PopAndDestroy(luid);
+ }
+ else
+ {
+ DEBUG_LOG(_L("aRtNode.IsSomeLeafAddedToRtNode() returned false"));
+ User::Leave(KErrGeneral);
+ /*
+ //iCertReq->UpdateL(aRtNode.Luid(), *CertReqParms);
+ CertReqDeleteRtNodeL(aRtNode.Luid(), aRtNode.Uri());
+
+ HBufC8* luid = iCertReq->AddL(*CertReqParms);
+ CleanupStack::PushL(luid);
+ aRtNode.SetLuidL(*luid);
+ iCallBack->SetMappingL(aRtNode.Uri(), aRtNode.Luid());
+ CleanupStack::PopAndDestroy(); //luid
+ */
+ }
+
+ CleanupStack::PopAndDestroy(CertReqParms);
+ }
+
+void CDmAdStore::CertReqSaveChildLevelRtNodeL(CDmAdRtNode& /*aRtNode*/)
+ {
+ TRACE("CDmAdStore::CertReqSaveChildLevelRtNodeL");
+
+ DEBUG_LOG(_L("Method not implemented"));
+ User::Leave(KErrGeneral);
+ }
+
+void CDmAdStore::CertReqDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::CertReqDeleteRtNodeL");
+
+ if (aLuid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ iCertReq->DeleteL(aLuid);
+ }
+
+//=========================================================================
+//=========================================================================
+
+TBool CDmAdStore::PrivKeyFindRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::PrivKeyFindRtNodeL");
+
+ TBool ret = EFalse;
+ if (aLuid.Length() > 0)
+ {
+ if (iPrivKey->FindL(aLuid))
+ {
+ ret = ETrue;
+ }
+ }
+ return ret;
+ }
+
+void CDmAdStore::PrivKeyLuidListL(const TDesC8& /*aUri*/, const TDesC8& /*aLuid*/, RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdStore::PrivKeyLuidListL");
+ iPrivKey->ListL(aLuidList);
+ }
+
+void CDmAdStore::PrivKeyFetchRtNodeL(CDmAdRtNode& aRtNode)
+ {
+ TRACE("CDmAdStore::PrivKeyFetchRtNodeL");
+
+ TPtrC8 luid(aRtNode.Luid());
+ if (luid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ CDmAdPrivKeyData* data = aRtNode.Data()->PrivKeyData();
+ CDmAdPrivKeyParms* PrivKeyParms = CDmAdPrivKeyParms::NewL();
+ CleanupStack::PushL(PrivKeyParms);
+ iPrivKey->FetchL(luid, *PrivKeyParms);
+ data->RestoreL(*PrivKeyParms);
+ CleanupStack::PopAndDestroy(PrivKeyParms);
+ }
+
+
+void CDmAdStore::PrivKeyDeleteRtNodeL(const TDesC8& aLuid, const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdStore::PrivKeyDeleteRtNodeL");
+
+ if (aLuid.Length() == 0)
+ {
+ DEBUG_LOG(_L("aLuid length is 0"));
+ User::Leave(KErrNotFound);
+ }
+
+ iPrivKey->DeleteL(aLuid);
+ }
+
+//=========================================================================
+//=========================================================================
+
+// PKCS#12 handling
+void CDmAdStore::PKCS12SaveTopLevelRtNodeL(CDmAdRtNode& aRtNode,
+ CArrayPtr<CDmAdRtNode>& aChildRtNodes)
+ {
+ TRACE("CDmAdStore::PKCS12SaveTopLevelRtNodeL");
+
+ if (aChildRtNodes.Count() > 0)
+ {
+ DEBUG_LOG(_L("ChildRtNode count > 0"));
+ User::Leave(KErrGeneral);
+ }
+
+ CDmAdPKCS12Data* data = aRtNode.Data()->PKCS12Data();
+
+ CDmAdPKCS12Parms* pkcs12Parms = CDmAdPKCS12Parms::NewL();
+ CleanupStack::PushL(pkcs12Parms);
+
+ // Extract parameters from data
+ data->ToStoreL(*pkcs12Parms);
+
+ // Store PKCS#12 object contents to PKI
+ iPKCS12Obj->AddL(*pkcs12Parms);
+
+ TPtrC8 uri = aRtNode.Uri();
+ DEBUG_LOG1(_L8(" Setting LUID to '%S'"), &uri);
+ aRtNode.SetLuidL(uri);
+
+ CleanupStack::PopAndDestroy(pkcs12Parms);
+ }
+
+//=========================================================================
+//=========================================================================
+void CDmAdStore::PkiLogonL()
+ {
+ TRACE("CDmAdStore::PkiLogonL");
+
+ TRequestStatus requestStatus;
+ iPkiServiceApi.Logon(requestStatus);
+ User::WaitForRequest(requestStatus);
+ TInt status = requestStatus.Int();
+ if (status != KErrNone && status != KPKIErrKeyStoreEmpty)
+ {
+ DEBUG_LOG1(_L("status = %d"), status);
+ User::Leave(status);
+ }
+ }
+
+void CDmAdStore::PkiLogoffL()
+ {
+ TRACE("CDmAdStore::PkiLogoffL");
+
+ TRequestStatus requestStatus;
+ iPkiServiceApi.Logoff(requestStatus);
+ User::WaitForRequest(requestStatus);
+ TInt status = requestStatus.Int();
+ if (status != KErrNone && status != KPKIErrKeyStoreEmpty)
+ {
+ DEBUG_LOG1(_L("status = %d"), status);
+ User::Leave(status);
+ }
+ }
+
+void CDmAdStore::SetStoreTypeL(TInt aStore, TPkiServiceStoreType aStoreType)
+ {
+ TRACE("CDmAdStore::SetStoreTypeL");
+
+ TInt status = iPkiServiceApi.SetStoreType(aStore, aStoreType);
+ if (status != KErrNone)
+ {
+ DEBUG_LOG1(_L("status = %d"), status);
+ User::Leave(status);
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadadapter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,334 @@
+/*
+* Copyright (c) 2000-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI OMA DM Adapter
+*
+*/
+
+
+
+#include <e32base.h>
+#include <implementationproxy.h>
+
+#include "dmadadapter.h"
+#include "dmadadapterimplconst.h"
+#include "dmadengine.h"
+#include "DmAdStore.h"
+#include "dmadddf.h"
+#include "dmadrtnodedataapic.h"
+#include "vpnlogger.h"
+
+#if defined(_DEBUG)
+_LIT(KDmAdLogFolder,"vpn");
+_LIT(KDmAdLogFile,"dmadpki.log");
+#endif
+
+//===================================================================================================
+
+
+#ifndef IMPLEMENTATION_PROXY_ENTRY
+#define IMPLEMENTATION_PROXY_ENTRY(aUid, aFuncPtr) {{aUid},(aFuncPtr)}
+#endif
+
+const TImplementationProxy ImplementationTable[] =
+ {
+ IMPLEMENTATION_PROXY_ENTRY(KDmAdImplUid, CDmAdAdapter::NewL)
+ };
+
+EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
+ {
+ aTableCount = sizeof(ImplementationTable) / sizeof(TImplementationProxy);
+ return ImplementationTable;
+ }
+
+
+//===================================================================================================
+
+CDmAdAdapter* CDmAdAdapter::NewL(MSmlDmCallback* aDmCallback)
+ {
+ CDmAdAdapter* self = NewLC(aDmCallback);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdAdapter* CDmAdAdapter::NewLC(MSmlDmCallback* aDmCallback)
+ {
+ INITIALIZE_DEBUG_LOG_L(KDmAdLogFolder, KDmAdLogFile);
+ DEBUG_LOG(_L("LOGGING INITIALIZED"));
+
+ CDmAdAdapter* self = new (ELeave) CDmAdAdapter(aDmCallback);
+ CleanupStack::PushL(self);
+ self->ConstructL(aDmCallback);
+ return self;
+ }
+
+void CDmAdAdapter::ConstructL(MSmlDmCallback* aDmCallback)
+ {
+ TRACE("CDmAdAdapter::ConstructL");
+
+ DEBUG_LOG(_L("ConstructL - CallBack (PKI)"));
+ iCallBack = CDmAdCallBack::NewL(aDmCallback, KDmAdOwnAdUriForGetLuidAllocLFix);
+
+ iStore = CDmAdStore::NewL(iCallBack);
+ iDdf = CDmAdDdf::NewL(iCallBack, iStore);
+
+ DEBUG_LOG(_L("ConstructL - RtNodeDataApi"));
+ iRtNodeDataApi = CDmAdRtNodeDataApi::NewL();
+ DEBUG_LOG(_L("ConstructL - Engine"));
+ iEngine = CDmAdEngine::NewL(iCallBack, iStore, iDdf, iRtNodeDataApi);
+
+ }
+
+CDmAdAdapter::CDmAdAdapter(MSmlDmCallback* aDmCallback) :
+ CSmlDmAdapter(aDmCallback)
+ {
+ }
+
+CDmAdAdapter::~CDmAdAdapter()
+ {
+ DEBUG_LOG(_L("~CDmAdAdapter (PKI)"));
+
+ delete iEngine;
+ delete iRtNodeDataApi;
+ delete iDdf;
+ delete iStore;
+ delete iCallBack;
+
+ DEBUG_LOG(_L("FINALIZING LOGGING"));
+ FINALIZE_DEBUG_LOG;
+ }
+
+//===================================================================================================
+
+void CDmAdAdapter::DDFVersionL(CBufBase& aDDFVersion)
+ {
+ TRACE("CDmAdAdapter::DDFVersionL");
+ iDdf->BuildDDFVersionL(aDDFVersion);
+ }
+
+void CDmAdAdapter::DDFStructureL(MSmlDmDDFObject& aDDF)
+ {
+ TRACE("CDmAdAdapter::DDFStructureL");
+ iDdf->BuildDDFStructureL(aDDF);
+ }
+
+
+void CDmAdAdapter::ChildURIListL(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ChildURIListL");
+ iEngine->ChildURIListL(aUri, aParentLuid, aPreviousUriSegmentList, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::AddNodeObjectL(const TDesC8& aUri, const TDesC8& aParentLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::AddNodeObjectL");
+
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+ DEBUG_LOG1(_L8("aParentLuid = %S"), &aParentLuid);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ // PKCS#12 check here
+ TInt status = CheckNodeStatus(aUri);
+
+ if (status == KErrNone)
+ {
+ iEngine->AddNodeObjectL(aUri, aParentLuid, aStatusRef);
+ }
+ else
+ {
+ // Most probable reason for error code is that the
+ // PKCS#12 node already exists in the LUID mapping
+ DEBUG_LOG2(_L("Setting status ref %d to %d"), aStatusRef, status);
+ iCallBack->SetStatusL(aStatusRef, status);
+ }
+ }
+
+TInt CDmAdAdapter::CheckNodeStatus(const TDesC8& aUri)
+ {
+ TRACE("CDmAdAdapter::CheckNodeStatusL");
+
+ // Check whether the object is a PKCS#12 one
+ TInt ret = aUri.Find(KDmAdOwnAdUriForPKCS12);
+
+ // If ret is >= 0, pkcs12 uri was identified
+ if (ret >= 0)
+ {
+ // See whether the given PKCS#12 object
+ // already exists
+ TRAP(ret, CheckPKCS12ExistenceL(aUri));
+ }
+ else
+ {
+ // Wasn't a PKCS#12 node, no further checks needed
+ ret = KErrNone;
+ }
+
+ DEBUG_LOG1(_L(" Returning with value %d"), ret);
+
+ return ret;
+ }
+
+void CDmAdAdapter::CheckPKCS12ExistenceL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdAdapter::CheckPKCS12Existence");
+ DEBUG_LOG1(_L8(" Testing with URI: '%S'"), &aUri);
+
+ HBufC8* foundUri(NULL);
+
+ // Check whether the "LUID" (actually, just the full URI)
+ // already exists...
+ DEBUG_LOG(_L(" Comparing LUID/URI to see whether PKCS#12 node exists"));
+ foundUri = iCallBack->GetLuidAllocL(aUri);
+ CleanupStack::PushL(foundUri);
+
+ if (foundUri->Length() > 0)
+ {
+ DEBUG_LOG1(_L8(" Found URI: '%S'"), foundUri);
+ DEBUG_LOG(_L(" PKCS#12 node already exists, no need to add, leaving"));
+ User::Leave(KErrAlreadyExists);
+ }
+ else
+ {
+ DEBUG_LOG(_L8(" Found URI: (empty)"));
+ DEBUG_LOG(_L(" PKCS#12 node is a new one, proceeding with add"));
+ }
+
+ CleanupStack::PopAndDestroy(foundUri);
+ }
+
+
+void CDmAdAdapter::UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid,
+ const TDesC8& aObject, const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::UpdateLeafObjectL");
+
+ DEBUG_LOG1(_L8("aUri = %S"), &aUri);
+ DEBUG_LOG1(_L8("aLuid = %S"), &aLuid);
+ DEBUG_LOG(_L8("aObject:"));
+ DEBUG_LOG_HEX(aObject);
+ DEBUG_LOG1(_L8("aType = %S"), &aType);
+ DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
+
+ TInt err = CheckNodeStatus(aUri);
+
+ if (err == KErrNone)
+ {
+ iEngine->UpdateLeafObjectL(aUri, aLuid, aObject, aType, aStatusRef);
+ }
+ else
+ {
+ // If this PKCS#12 object already existed, do nothing
+ iCallBack->SetStatusL(aStatusRef, err);
+ }
+ }
+
+void CDmAdAdapter::FetchLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid, const TDesC8& aType, TInt aResultsRef, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::FetchLeafObjectL");
+ iEngine->FetchLeafObjectL(aUri, aLuid, aType, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::DeleteObjectL");
+ iEngine->DeleteObjectL(aUri, aLuid, aStatusRef);
+ }
+
+void CDmAdAdapter::CompleteOutstandingCmdsL()
+ {
+ TRACE("CDmAdAdapter::CompleteOutstandingCmdsL");
+ iEngine->CompleteOutstandingCmdsL();
+ }
+
+void CDmAdAdapter::UpdateLeafObjectL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::UpdateLeafObjectL");
+ iEngine->UpdateLeafObjectL(aUri, aLuid, aStream, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::FetchLeafObjectSizeL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aType,
+ TInt aResultsRef,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::FetchLeafObjectSizeL");
+ iEngine->FetchLeafObjectSizeL(aUri, aLuid, aType, aResultsRef, aStatusRef);
+ }
+
+void CDmAdAdapter::ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ const TDesC8& aArgument,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ExecuteCommandL");
+ iEngine->ExecuteCommandL(aUri, aLuid, aArgument, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::ExecuteCommandL(const TDesC8& aUri,
+ const TDesC8& aLuid,
+ RWriteStream*& aStream,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::ExecuteCommandL");
+ iEngine->ExecuteCommandL(aUri, aLuid, aStream, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::CopyCommandL(const TDesC8& aTargetUri,
+ const TDesC8& aTargetLuid,
+ const TDesC8& aSourceUri,
+ const TDesC8& aSourceLuid,
+ const TDesC8& aType,
+ TInt aStatusRef)
+ {
+ TRACE("CDmAdAdapter::CopyCommandL");
+ iEngine->CopyCommandL(aTargetUri, aTargetLuid, aSourceUri, aSourceLuid, aType, aStatusRef);
+ }
+
+void CDmAdAdapter::StartAtomicL()
+ {
+ TRACE("CDmAdAdapter::StartAtomicL");
+ iEngine->StartAtomicL();
+ }
+
+void CDmAdAdapter::CommitAtomicL()
+ {
+ TRACE("CDmAdAdapter::CommitAtomicL");
+ iEngine->CommitAtomicL();
+ }
+
+void CDmAdAdapter::RollbackAtomicL()
+ {
+ TRACE("CDmAdAdapter::RollbackAtomicL");
+ iEngine->RollbackAtomicL();
+ }
+
+TBool CDmAdAdapter::StreamingSupport(TInt& aItemSize)
+ {
+ TRACE("CDmAdAdapter::StreamingSupport");
+ return iEngine->StreamingSupport(aItemSize);
+ }
+
+void CDmAdAdapter::StreamCommittedL()
+ {
+ TRACE("CDmAdAdapter::StreamCommittedL");
+ iEngine->StreamCommittedL();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadcertluidmappingelem.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,138 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCertLuidMappingElem.
+*
+*/
+
+
+//#include <utf.h>
+
+#include "dmadcertluidmappingelem.h"
+#include "utlcrypto.h"
+#include "base64.h"
+#include "vpnlogger.h"
+
+CDmAdCertLuidMappingElem* CDmAdCertLuidMappingElem::NewL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber)
+ {
+ TRACE("CDmAdCertLuidMappingElem::NewL");
+
+ CDmAdCertLuidMappingElem* self = NewLC(aIssuerName, aSerialNumber);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdCertLuidMappingElem* CDmAdCertLuidMappingElem::NewLC(const TDesC8& aIssuerName, const TDesC8& aSerialNumber)
+ {
+ CDmAdCertLuidMappingElem* self = new (ELeave) CDmAdCertLuidMappingElem();
+ CleanupStack::PushL(self);
+ self->ConstructL(aIssuerName, aSerialNumber);
+ return self;
+ }
+
+void CDmAdCertLuidMappingElem::ConstructL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber)
+ {
+ TRACE("CDmAdCertLuidMappingElem::ConstructL");
+
+ iIssuerName = aIssuerName.AllocL();
+ iSerialNumber = aSerialNumber.AllocL();
+ iLuid = BuildLuidL(aIssuerName, aSerialNumber);
+ }
+
+CDmAdCertLuidMappingElem::CDmAdCertLuidMappingElem()
+ {
+ }
+
+CDmAdCertLuidMappingElem::~CDmAdCertLuidMappingElem()
+ {
+ TRACE("CDmAdCertLuidMappingElem::~CDmAdCertLuidMappingElem");
+
+ delete iLuid;
+ delete iIssuerName;
+ delete iSerialNumber;
+ }
+
+void CDmAdCertLuidMappingElem::CleanupOperationDeleteCArrayPtr(TAny* aPtr)
+ {
+ TRACE("CDmAdCertLuidMappingElem::CleanupOperationDeleteCArrayPtr");
+
+ if (!aPtr)
+ {
+ return;
+ }
+ CArrayPtr<CDmAdCertLuidMappingElem>* array = reinterpret_cast<CArrayPtr<CDmAdCertLuidMappingElem>*>(aPtr);
+ array->ResetAndDestroy();
+ delete array;
+ }
+
+TPtrC8 CDmAdCertLuidMappingElem::Luid() const
+ {
+ TRACE("CDmAdCertLuidMappingElem::Luid");
+
+ TPtrC8 ret(KNullDesC8);
+ if (iLuid != 0)
+ {
+ ret.Set(*iLuid);
+ }
+ return ret;
+ }
+
+TPtrC8 CDmAdCertLuidMappingElem::IssuerName() const
+ {
+ TRACE("CDmAdCertLuidMappingElem::IssuerName");
+
+ TPtrC8 ret(KNullDesC8);
+ if (iIssuerName != 0)
+ {
+ ret.Set(*iIssuerName);
+ }
+ return ret;
+ }
+
+TPtrC8 CDmAdCertLuidMappingElem::SerialNumber() const
+ {
+ TRACE("CDmAdCertLuidMappingElem::SerialNumber");
+
+ TPtrC8 ret(KNullDesC8);
+ if (iSerialNumber != 0)
+ {
+ ret.Set(*iSerialNumber);
+ }
+ return ret;
+ }
+
+HBufC8* CDmAdCertLuidMappingElem::BuildLuidL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber)
+ {
+ TRACE("CDmAdCertLuidMappingElem::BuildLuidL");
+
+ CUtlMessageDigest* digester = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ CleanupStack::PushL(digester);
+
+ HBufC8* hashBuf = HBufC8::NewLC(digester->HashSize());
+ TPtr8 hashBufDesc(hashBuf->Des());
+
+ digester->Update(aIssuerName);
+ hashBufDesc.Copy(digester->Final(aSerialNumber));
+
+ TBase64Codec base64Codec;
+ HBufC8* luidB64;
+ if ((luidB64 = base64Codec.Base64EncodeLC(*hashBuf)) == NULL)
+ {
+ DEBUG_LOG(_L("No memory"));
+ User::Leave(KErrNoMemory);
+ }
+
+ CleanupStack::Pop(luidB64);
+ CleanupStack::PopAndDestroy(2); //hashBuf, digester
+ return luidB64;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadcertparms.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,140 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCertParms.
+*
+*/
+
+
+#include <utf.h>
+
+#include "dmadcertparms.h"
+#include "vpnlogger.h"
+
+CDmAdCertParms* CDmAdCertParms::NewL()
+ {
+ TRACE("CDmAdCertParms::NewL");
+
+ CDmAdCertParms* self = NewLC();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdCertParms* CDmAdCertParms::NewLC()
+ {
+ CDmAdCertParms* self = new (ELeave) CDmAdCertParms();
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdCertParms::CDmAdCertParms()
+ {
+ }
+
+CDmAdCertParms::~CDmAdCertParms()
+ {
+ TRACE("CDmAdCertParms::~CDmAdCertParms");
+
+ iApplicability.Reset();
+ iApplicability.Close();
+ delete iContent;
+ }
+
+TPKICertificateOwnerType CDmAdCertParms::Type() const
+ {
+ TRACE("CDmAdCertParms::Type");
+ return iType;
+ }
+
+void CDmAdCertParms::SetType(TPKICertificateOwnerType aType)
+ {
+ TRACE("CDmAdCertParms::SetType");
+
+ iType = aType;
+ }
+
+
+TBool CDmAdCertParms::Deletable() const
+ {
+ return iDeletable;
+ }
+
+void CDmAdCertParms::SetDeletable(TBool aDeletable)
+ {
+ TRACE("CDmAdCertParms::SetDeletable");
+
+ iDeletable = aDeletable;
+ }
+
+TBool CDmAdCertParms::Trusted() const
+ {
+ return iTrusted;
+ }
+
+void CDmAdCertParms::SetTrusted(TBool aTrusted)
+ {
+ TRACE("CDmAdCertParms::SetTrusted");
+ iTrusted = aTrusted;
+ }
+
+const RArray<TUid>& CDmAdCertParms::Applicability() const
+ {
+ return iApplicability;
+ }
+
+void CDmAdCertParms::SetApplicabilityL(const RArray<TUid>& aApplicability)
+ {
+ TRACE("CDmAdCertParms::SetApplicabilityL");
+
+ iApplicability.Reset();
+
+ for (TInt i = 0; i < aApplicability.Count(); ++i)
+ {
+ User::LeaveIfError(iApplicability.Append(aApplicability[i]));
+ }
+ }
+
+TPtrC8 CDmAdCertParms::Content() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iContent != 0)
+ {
+ ret.Set(*iContent);
+ }
+ return ret;
+ }
+
+void CDmAdCertParms::SetContentL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdCertParms::SetContentL");
+
+ delete iContent;
+ iContent = 0;
+ if (aContent.Length() > 0)
+ {
+ iContent = aContent.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdCertParms::KeyId() const
+ {
+ return iKeyId;
+ }
+
+void CDmAdCertParms::SetKeyId(const TDesC8& aKeyLuid)
+ {
+ TRACE("CDmAdCertParms::SetKeyId");
+
+ __ASSERT_ALWAYS(aKeyLuid.Length() <= iKeyId.MaxLength(), User::Invariant());
+ iKeyId = aKeyLuid;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadcertreqparms.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,136 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCertParms.
+*
+*/
+
+
+#include "dmadcertreqparms.h"
+#include "dmadstoreprivkey.h"
+
+CDmAdCertReqParms* CDmAdCertReqParms::NewL()
+ {
+ CDmAdCertReqParms* self = NewLC();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdCertReqParms* CDmAdCertReqParms::NewLC()
+ {
+ CDmAdCertReqParms* self = new (ELeave) CDmAdCertReqParms();
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdCertReqParms::CDmAdCertReqParms()
+ {
+ }
+
+CDmAdCertReqParms::~CDmAdCertReqParms()
+ {
+ delete iSubjectName;
+ delete iRfc822Name;
+ delete iContent;
+ delete iKeyIdentifierByUri; // key luid
+ }
+
+TPtrC8 CDmAdCertReqParms::SubjectName() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iSubjectName != 0)
+ {
+ ret.Set(*iSubjectName);
+ }
+ return ret;
+ }
+
+void CDmAdCertReqParms::SetSubjectNameL(const TDesC8& aSubjectName)
+ {
+ delete iSubjectName;
+ iSubjectName = 0;
+ if (aSubjectName.Length() > 0)
+ {
+ iSubjectName = aSubjectName.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdCertReqParms::Rfc822Name() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iRfc822Name != 0)
+ {
+ ret.Set(*iRfc822Name);
+ }
+ return ret;
+ }
+
+void CDmAdCertReqParms::SetRfc822NameL(const TDesC8& aRfc822Name)
+ {
+ delete iRfc822Name;
+ iRfc822Name = 0;
+ if (aRfc822Name.Length() > 0)
+ {
+ iRfc822Name = aRfc822Name.AllocL();
+ }
+ }
+
+TInt CDmAdCertReqParms::KeyLength() const
+ {
+ return iKeyLength;
+ }
+
+void CDmAdCertReqParms::SetKeyLength(TInt aKeyLength)
+ {
+ iKeyLength = aKeyLength;
+ }
+
+TPtrC8 CDmAdCertReqParms::Content() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iContent != 0)
+ {
+ ret.Set(*iContent);
+ }
+ return ret;
+ }
+
+void CDmAdCertReqParms::SetContentL(const TDesC8& aContent)
+ {
+ delete iContent;
+ iContent = 0;
+ if (aContent.Length() > 0)
+ {
+ iContent = aContent.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdCertReqParms::KeyIdentifierByUri() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iKeyIdentifierByUri != 0)
+ {
+ ret.Set(*iKeyIdentifierByUri);
+ }
+ return ret;
+ }
+
+void CDmAdCertReqParms::SetKeyIdentifierByUriL(const TDesC8& aKeyIdentifierByUri)
+ {
+ delete iKeyIdentifierByUri;
+ iKeyIdentifierByUri = 0;
+ if (aKeyIdentifierByUri.Length() > 0)
+ {
+ iKeyIdentifierByUri = aKeyIdentifierByUri.AllocL();
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadcertutil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of TDmAdCertUtil.
+*
+*/
+
+
+
+#include <x509cert.h>
+#include <x509keys.h>
+#include <x500dn.h>
+
+#include "dmadcertutil.h"
+#include "pkcs10.h"
+#include "utlcrypto.h"
+
+
+void TDmAdCertUtil::ParseAvaL(const CX520AttributeTypeAndValue& aAva, TDes8& aOut)
+ {
+ TPtrC8 attr = CPkcs10Req::AttributeTypeOidToText(aAva.Type());
+ TBuf8<32> tempOidBuf;
+ HBufC* val = NULL;
+ TRAPD(ret, val = aAva.ValueL());
+ if(ret == KErrNone)
+ {
+ CleanupStack::PushL(val);
+ if(attr.Length() == 0)
+ {
+ // Dotted oid representation
+ tempOidBuf.Copy(aAva.Type());
+ aOut.Append(tempOidBuf);
+ }
+ else
+ {
+ aOut.Append(attr);
+ }
+ aOut.Append(_L("="));
+ aOut.Append(val->Des());
+ CleanupStack::PopAndDestroy(val);
+ }
+ }
+
+void TDmAdCertUtil::CertDnL(const CX500DistinguishedName& aName, TDes8& aOut)
+ {
+ TInt count = aName.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ if(i > 0)
+ aOut.Append(_L(","));
+ const CX520AttributeTypeAndValue& ava = aName.Element(i);
+ ParseAvaL(ava, aOut);
+ }
+ }
+
+HBufC8* TDmAdCertUtil::Sha1DigestL(const TDesC8& aData)
+ {
+ CUtlMessageDigest* digester = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ CleanupStack::PushL(digester);
+
+ HBufC8* hashBuf = HBufC8::NewLC(digester->HashSize());
+ TPtr8 hashBufDesc(hashBuf->Des());
+
+ hashBufDesc.Copy(digester->Final(aData));
+ CleanupStack::Pop(hashBuf);
+ CleanupStack::PopAndDestroy(digester);
+ return hashBuf;
+ }
+
+HBufC8* TDmAdCertUtil::RSAKeyIdentifierLC(const TDesC8& aKeyData)
+ {
+ TX509KeyFactory keyFactory;
+ CRSAPublicKey* rsaKey = keyFactory.RSAPublicKeyL(aKeyData);
+ CleanupStack::PushL(rsaKey);
+ HBufC8* modulusBuffer = rsaKey->N().BufferLC();
+ HBufC8* hash = TDmAdCertUtil::Sha1DigestL(*modulusBuffer);
+ CleanupStack::PopAndDestroy(2); // modulusBuffer, rsaKey
+ CleanupStack::PushL(hash);
+ return hash;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadddf.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,882 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: ddf tree implementation of DmAdPKI
+*
+*/
+
+
+
+#include <utf.h>
+#include <certificateapps.h>
+
+#include "dmadddf.h"
+#include "dmadutil.h"
+#include "vpnlogger.h"
+#include "dmadcertxmldefs.h"
+#include "XwImpl.h"
+
+static const TInt KUserStore = 1;
+static const TInt KDeviceStore = 2;
+
+CDmAdDdf* CDmAdDdf::NewL(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore)
+ {
+ TRACE("CDmAdDdf::NewL");
+
+ CDmAdDdf* self = NewLC(aDmAdCallBack, aStore);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdDdf* CDmAdDdf::NewLC(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore)
+ {
+ CDmAdDdf* self = new (ELeave) CDmAdDdf(aDmAdCallBack, aStore);
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdDdf::CDmAdDdf(MDmAdCallBack* aDmAdCallBack, CDmAdStore* aStore) :
+ iCallBack(aDmAdCallBack), iStore(aStore)
+ {
+ TRACE("CDmAdDdf::CDmAdDdf");
+ }
+
+CDmAdDdf::~CDmAdDdf()
+ {
+ TRACE("CDmAdDdf::~CDmAdDdf");
+ }
+
+//===================================================================================================
+
+void CDmAdDdf::BuildDDFVersionL(CBufBase& aDDFVersion)
+ {
+ TRACE("CDmAdDdf::BuildDDFVersionL");
+ aDDFVersion.InsertL(0, KDmAdDdfVersion);
+ }
+
+void CDmAdDdf::BuildDDFStructureL(MSmlDmDDFObject& aDDF)
+ {
+ TRACE("CDmAdDdf::BuildDDFStructureL");
+
+ TSmlDmAccessTypes accessTypesExec;
+ accessTypesExec.SetReplace(); // accessTypesExec.SetExec();
+
+ TSmlDmAccessTypes accessTypesGet;
+ accessTypesGet.SetGet();
+
+ TSmlDmAccessTypes accessTypesAdd;
+ accessTypesAdd.SetAdd();
+
+ TSmlDmAccessTypes accessTypesGetAdd;
+ accessTypesGetAdd.SetGet();
+ accessTypesGetAdd.SetAdd();
+
+ TSmlDmAccessTypes accessTypesAll;
+ accessTypesAll.SetGet();
+ accessTypesAll.SetAdd();
+ accessTypesAll.SetDelete();
+ accessTypesAll.SetReplace();
+
+ TSmlDmAccessTypes accessTypesNoDelete;
+ accessTypesNoDelete.SetGet();
+ accessTypesNoDelete.SetAdd();
+ accessTypesNoDelete.SetReplace();
+
+ MSmlDmDDFObject* obj;
+ MSmlDmDDFObject* objNokiaPki;
+ MSmlDmDDFObject* objPkiGeneral;
+ MSmlDmDDFObject* objCert;
+ MSmlDmDDFObject* objCertX;
+ MSmlDmDDFObject* objCertReq;
+ MSmlDmDDFObject* objCertReqX;
+ MSmlDmDDFObject* objPrivKey;
+ MSmlDmDDFObject* objPrivKeyX;
+ MSmlDmDDFObject* objPKCS12;
+ MSmlDmDDFObject* objPKCS12X;
+
+
+//----------------------------------------------------------------
+
+ objNokiaPki = &TDmAdUtil::AddChildObjectL(aDDF, KDmAdNodeNokiaPki);
+ TDmAdUtil::FillNodeInfoL(*objNokiaPki,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeNokiaPki,
+ ETrue,
+ KDmAdNokiaPkiRootTypeProperty);
+
+//----------------------------------------------------------------
+
+
+ obj = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdLeafLogon);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesExec,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENull,
+ KDmAdDescLeafLogon,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdLeafLogoff);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesExec,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENull,
+ KDmAdDescLeafLogoff,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdLeafKeyStore);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesExec,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafKeyStore,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdLeafCertStore);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesExec,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafCertStore,
+ EFalse);
+
+ objPkiGeneral = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdNodeGeneral);
+ TDmAdUtil::FillNodeInfoL(*objPkiGeneral,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeGeneral,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPkiGeneral, KDmAdLeafCertApplications);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EXml,
+ KDmAdDescLeafCertApplications,
+ EFalse);
+
+//----------------------------------------------------------------
+
+ objCert = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdNodeCert);
+ TDmAdUtil::FillNodeInfoL(*objCert,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeCert,
+ EFalse,
+ KNullDesC8);
+
+ objCertX = &TDmAdUtil::AddChildObjectL(*objCert, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objCertX,
+ accessTypesAll,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafType);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafType,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafFormat);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafFormat,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafSerialNumber);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafSerialNumber,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafIssuerName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafIssuerName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafFingerprintAlg);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafFingerprintAlg,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafFingerprintValue);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafFingerprintAlg,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafValidityBegin);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafValidityBegin,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafValidityEnd);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafValidityEnd,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafSubjectName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafSubjectName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafSubjectAltName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafSubjectAltName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafKeyURI);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafKeyUri,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafKeyId);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafKeyId,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafKeyUsage);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafKeyUsage,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafDeletable);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBool,
+ KDmAdDescLeafDeletable,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafTrusted);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBool,
+ KDmAdDescLeafTrusted,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafApplicability);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesNoDelete,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EXml,
+ KDmAdDescLeafApplicability,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertX, KDmAdLeafContent);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafContent,
+ EFalse);
+
+
+//----------------------------------------------------------------
+
+ objCertReq = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdNodeCertReq);
+ TDmAdUtil::FillNodeInfoL(*objCertReq,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeCertReq,
+ EFalse,
+ KNullDesC8);
+
+
+ objCertReqX = &TDmAdUtil::AddChildObjectL(*objCertReq, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objCertReqX,
+ accessTypesAll,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertReqX, KDmAdLeafSubjectName);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafSubjectName,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertReqX, KDmAdLeafRfc822Name);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafRfc822Name,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertReqX, KDmAdLeafKeyURI);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafKeyUri,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertReqX, KDmAdLeafKeyLength);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafKeyLength,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objCertReqX, KDmAdLeafContent);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafContent,
+ EFalse);
+
+//----------------------------------------------------------------
+
+ objPrivKey = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdNodePrivKey);
+ TDmAdUtil::FillNodeInfoL(*objPrivKey,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodePrivKey,
+ EFalse,
+ KNullDesC8);
+
+
+ objPrivKeyX = &TDmAdUtil::AddChildObjectL(*objPrivKey, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objPrivKeyX,
+ accessTypesAll,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPrivKeyX, KDmAdLeafKeyType);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafKeyType,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPrivKeyX, KDmAdLeafKeyId);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafKeyId,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPrivKeyX, KDmAdLeafKeyLength);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesGetAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EInt,
+ KDmAdDescLeafKeyLength,
+ EFalse);
+
+ obj = &TDmAdUtil::AddChildObjectL(*objPrivKeyX, KDmAdLeafContent);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafContent,
+ EFalse);
+
+ //------- PKCS#12 Node definitions -----------------
+
+ DEBUG_LOG(_L("Adding PKCS#12 definitions"));
+
+ // PKCS12 root node
+ objPKCS12 = &TDmAdUtil::AddChildObjectL(*objNokiaPki, KDmAdNodePKCS12);
+ TDmAdUtil::FillNodeInfoL(*objPKCS12,
+ accessTypesGet,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EPermanent,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodePKCS12,
+ EFalse,
+ KNullDesC8);
+
+ // PKCS#12/X node
+ objPKCS12X = &TDmAdUtil::AddChildObjectL(*objPKCS12, KDmAdNodeRt);
+ TDmAdUtil::FillNodeInfoL(*objPKCS12X,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrMore,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::ENode,
+ KDmAdDescNodeRt,
+ EFalse,
+ KNullDesC8);
+
+ // PKCS#12/X/Password leaf node
+ obj = &TDmAdUtil::AddChildObjectL(*objPKCS12X, KDmAdLeafPKCS12Password);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EChr,
+ KDmAdDescLeafPKCS12Password,
+ EFalse);
+
+ // PKCS#12/X/Deletable leaf node
+ obj = &TDmAdUtil::AddChildObjectL(*objPKCS12X, KDmAdLeafDeletable);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBool,
+ KDmAdDescLeafDeletable,
+ EFalse);
+
+ // PKCS#12/X/Applicability leaf node
+ obj = &TDmAdUtil::AddChildObjectL(*objPKCS12X, KDmAdLeafApplicability);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EZeroOrOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EXml,
+ KDmAdDescLeafApplicability,
+ EFalse);
+
+ // PKCS#12/X/Content leaf node
+ obj = &TDmAdUtil::AddChildObjectL(*objPKCS12X, KDmAdLeafContent);
+ TDmAdUtil::FillNodeInfoL(*obj,
+ accessTypesAdd,
+ MSmlDmDDFObject::EOne,
+ MSmlDmDDFObject::EDynamic,
+ MSmlDmDDFObject::EBin,
+ KDmAdDescLeafContent,
+ EFalse);
+
+ DEBUG_LOG(_L("Adding PKCS#12 definitions - COMPLETE"));
+
+ }
+
+//---------------------------------------------------------------------------------------
+
+void CDmAdDdf::NotRtNodeAddNodeObjectL(const TDesC8& /*aUri*/, const TDesC8& /*aParentLuid*/, TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeAddNodeObjectL");
+
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+void CDmAdDdf::NotRtNodeUpdateLeafObjectL(const TDesC8& aUri, const TDesC8& /*aLuid*/, const TDesC8& aObject, const TDesC8& /*aType*/, TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeUpdateLeafObjectL");
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafLogon) == 0)
+ {
+ iStore->PkiLogonL();
+ }
+ else if (lastSeg.Compare(KDmAdLeafLogoff) == 0)
+ {
+ iStore->PkiLogoffL();
+ }
+ else if (lastSeg.Compare(KDmAdLeafKeyStore) == 0)
+ {
+ TInt storeFromDm = TDmAdUtil::DesToInt(aObject);
+ TPkiServiceStoreType pkiStoreType = EPkiStoreTypeAny;
+ switch(storeFromDm)
+ {
+ case KUserStore:
+ pkiStoreType = EPkiStoreTypeUser;
+ break;
+ case KDeviceStore:
+ pkiStoreType = EPkiStoreTypeDevice;
+ break;
+ default:
+ User::Leave(KPKIErrNotSupported);
+ break;
+ }
+ iStore->SetStoreTypeL(STORE_KEYSTORE, pkiStoreType);
+ }
+ else if (lastSeg.Compare(KDmAdLeafCertStore) == 0)
+ {
+ TInt storeFromDm = TDmAdUtil::DesToInt(aObject);
+ TPkiServiceStoreType pkiStoreType = EPkiStoreTypeAny;
+ switch(storeFromDm)
+ {
+ case KUserStore:
+ pkiStoreType = EPkiStoreTypeUser;
+ break;
+ case KDeviceStore:
+ pkiStoreType = EPkiStoreTypeDevice;
+ break;
+ default:
+ User::Leave(KPKIErrNotSupported);
+ break;
+ }
+
+ iStore->SetStoreTypeL(STORE_CERTSTORE, pkiStoreType);
+ }
+
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+TInt CDmAdDdf::NotRtNodeFetchLeafObjectLC(const TDesC8& aUri, const TDesC8& /*aLuid*/, const TDesC8& /*aType*/, CBufBase*& aObject)
+ {
+ TInt status = KErrNotFound;
+ CBufBase* object = CBufFlat::NewL(32);
+ CleanupStack::PushL(object);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdLeafCertApplications) == 0)
+ {
+
+ CCertificateAppInfoManager* appsMan = CCertificateAppInfoManager::NewLC();
+
+ const RArray<TCertificateAppInfo>& apps = appsMan->Applications();
+ TInt count = apps.Count();
+ CXmlWriter* writer = CXmlWriter::NewL();
+ CleanupStack::PushL(static_cast<CBase*>(writer));
+
+ writer->AddStartTagL(KXmlElemCertApps);
+ for (TInt i=0; i<count; ++i)
+ {
+ const TUid& id = apps[i].Id();
+ const TName& name = apps[i].Name();
+
+ HBufC8* idInt = TDmAdUtil::IntToDes8LC((TInt)id.iUid);
+ HBufC8* name8 = CnvUtfConverter::ConvertFromUnicodeToUtf8L(name);
+ CleanupStack::PushL(name8);
+
+ writer->OpenStartTagL(KXmlElemApp);
+ writer->AddAttributeL(KXmlAttrId, *idInt);
+ writer->AddAttributeL(KXmlAttrName, *name8);
+ writer->CloseStartTagL(ETrue);
+ CleanupStack::PopAndDestroy(2); //name8, idInt
+ }
+ writer->AddEndTagL(KXmlElemCertApps);
+ TPtrC8 docDataPtr(writer->DocPart(0, writer->Length()-1));
+ object->InsertL(object->Size(), docDataPtr);
+
+ DEBUG_LOG(_L("popping writer"));
+ CleanupStack::PopAndDestroy(static_cast<CBase*>(writer));
+ DEBUG_LOG(_L("writer popped"));
+
+ CleanupStack::PopAndDestroy(appsMan);
+ status = KErrNone;
+ }
+ aObject = object;
+ return status;
+ }
+
+void CDmAdDdf::NotRtNodeDeleteObjectL(const TDesC8& /*aUri*/, const TDesC8& /*aLuid*/, TInt aStatusRef)
+ {
+ TRACE("CDmAdDdf::NotRtNodeDeleteObjectL");
+
+ iCallBack->SetStatusL(aStatusRef, KErrNone);
+ }
+
+//---------------------------------------------------------------------------------------
+
+TBool CDmAdDdf::IsNodeRtNodeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdDdf::IsNodeRtNodeL");
+
+ TBool ret = EFalse;
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdNodeNokiaPki) == 0 ||
+ lastSeg.Compare(KDmAdNodeGeneral) == 0 ||
+ lastSeg.Compare(KDmAdNodeCert) == 0 ||
+ lastSeg.Compare(KDmAdNodeCertReq) == 0 ||
+ lastSeg.Compare(KDmAdNodePrivKey) == 0 ||
+ lastSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ if(lastSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ DEBUG_LOG(_L("LastSeg == KDmAdNodePKCS12, ret = FALSE"));
+ }
+ ret = EFalse;
+ }
+ else
+ {
+ if (TDmAdUtil::NumOfURISegs(aUri) < 2)
+ {
+ DEBUG_LOG(_L("Number of URI segments is < 2"));
+ User::Leave(KErrNotFound);
+ }
+ TPtrC8 prevSeg = TDmAdUtil::LastUriSeg(TDmAdUtil::RemoveLastUriSeg(aUri));
+ if (prevSeg.Compare(KDmAdNodeCert) == 0 ||
+ prevSeg.Compare(KDmAdNodeCertReq) == 0 ||
+ prevSeg.Compare(KDmAdNodePrivKey) == 0 ||
+ prevSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ if(prevSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ DEBUG_LOG(_L("prevSeg == KDmAdNodePKCS12, ret = TRUE"));
+ }
+ ret = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("URI segment not found"));
+ User::Leave(KErrNotFound);
+ }
+ }
+ return ret;
+ }
+
+TBool CDmAdDdf::IsLeafUnderRtNodeL(const TDesC8& aUri)
+ {
+ TRACE("CDmAdDdf::IsLeafUnderRtNodeL");
+
+ TBool ret = EFalse;
+ TPtrC8 nodeUri(TDmAdUtil::RemoveLastUriSeg(aUri));
+ ret = IsNodeRtNodeL(nodeUri);
+ return ret;
+ }
+
+
+TPtrC8 CDmAdDdf::RtNodeUriForLeafL(const TDesC8& aLeafUri)
+ {
+ TRACE("CDmAdDdf::RtNodeUriForLeafL");
+
+ TPtrC8 ret;
+ TPtrC8 nodeUri(TDmAdUtil::RemoveLastUriSeg(aLeafUri));
+ TPtrC8 prevNodeUri(TDmAdUtil::RemoveLastUriSeg(nodeUri));
+ TPtrC8 prevNodeUriSeg(TDmAdUtil::LastUriSeg(prevNodeUri));
+
+ if (prevNodeUriSeg.Compare(KDmAdNodeCert) == 0 ||
+ prevNodeUriSeg.Compare(KDmAdNodeCertReq) == 0 ||
+ prevNodeUriSeg.Compare(KDmAdNodePrivKey) == 0 ||
+ prevNodeUriSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ if (prevNodeUriSeg.Compare(KDmAdNodePKCS12) == 0)
+ {
+ DEBUG_LOG(_L("prevNodeUriSeg == KDmAdNodePKCS12"));
+ }
+ ret.Set(nodeUri);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI"));
+ User::Leave(KErrNotFound);
+ }
+ return ret;
+ }
+
+TBool CDmAdDdf::IsTopLevelRtNode(const TDesC8& /*aUri*/)
+ {
+ TRACE("CDmAdDdf::IsTopLevelRtNode");
+ return ETrue;
+ }
+
+HBufC8* CDmAdDdf::ParentRtNodeUriForRtNodeLC(const TDesC8& /*aUri*/)
+ {
+ DEBUG_LOG(_L("Method CDmAdDdf::ParentRtNodeUriForRtNodeLC not implemented"));
+ User::Leave(KErrGeneral);
+ return 0;
+ }
+
+//---------------------------------------------------------------------------------------
+
+void CDmAdDdf::BuildChildUriListLC(const TDesC8& aUri, const TDesC8& aParentLuid, const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList, CBufBase*& aCurrentList)
+ {
+ CBufBase *currentList = CBufFlat::NewL(128);
+ CleanupStack::PushL(currentList);
+
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ if (lastSeg.Compare(KDmAdNodeNokiaPki) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfNokiaPkiChildren);
+ }
+ else if (lastSeg.Compare(KDmAdNodeGeneral) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfPkiGeneralChildren);
+ }
+ else if (lastSeg.Compare(KDmAdNodeCert) == 0 ||
+ lastSeg.Compare(KDmAdNodeCertReq) == 0 ||
+ lastSeg.Compare(KDmAdNodePrivKey) == 0 ||
+ lastSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ if (lastSeg.Compare(KDmAdNodePKCS12) == 0)
+ {
+ // Special treatment for PKCS12 nodes
+ DEBUG_LOG(_L("lastSeg == KDmAdNodePKCS12"));
+ TPtrC8 lastSeg = TDmAdUtil::LastUriSeg(aUri);
+ TInt slashcount = 0;
+ TInt urisegcount = aPreviousUriSegmentList.Count();
+
+ DEBUG_LOG1(_L(" URI segment count: %d:"), urisegcount);
+
+ for (TInt i=0; i < urisegcount; i++)
+ {
+ const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
+
+ DEBUG_LOG1(_L(" SetResult URI seg entry %d:"), i);
+ DEBUG_LOG1(_L8(" Uri seg: '%S'"), &(mappingInfo.iURISeg));
+ DEBUG_LOG_HEX(mappingInfo.iURISegLUID);
+
+ // Add slash to separate between URIs (no slash after the last one or
+ // before the first one)
+ if ((slashcount > 0) && (slashcount <= urisegcount))
+ {
+ currentList->InsertL(currentList->Size(), KDmAdSeparator);
+ }
+
+ currentList->InsertL(currentList->Size(), mappingInfo.iURISeg);
+ slashcount++;
+ }
+ }
+ else
+ {
+ TDmAdUtil::BuildRtNodeChildUriListL(iCallBack, iStore, aUri, aParentLuid, aPreviousUriSegmentList, *currentList);
+ }
+
+#if 0
+ if (currentList->Size() > 0)
+ {
+ currentList->InsertL(currentList->Size(), KDmAdAppendChildSlashExt);
+ }
+ else
+ {
+ currentList->InsertL(currentList->Size(), KDmAdAppendChildExt);
+ }
+#endif
+ }
+ else
+ {
+ TPtrC8 prevSeg = TDmAdUtil::LastUriSeg(TDmAdUtil::RemoveLastUriSeg(aUri));
+ if (prevSeg.Compare(KDmAdNodeCert) == 0 ||
+ prevSeg.Compare(KDmAdNodeCertReq) == 0 ||
+ prevSeg.Compare(KDmAdNodePrivKey) == 0 ||
+ prevSeg.Compare(KDmAdNodePKCS12) == 0) // Added
+ {
+ if (prevSeg.Compare(KDmAdNodePKCS12) == 0)
+ {
+ DEBUG_LOG(_L("prevSeg == KDmAdNodePKCS12"));
+ }
+ if (!iStore->FindRtNodeL(aParentLuid, aUri))
+ {
+ DEBUG_LOG(_L("Node not found"));
+ User::Leave(KErrNotFound);
+ }
+
+ if (prevSeg.Compare(KDmAdNodeCert) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfCertXChildren);
+ }
+ else if (prevSeg.Compare(KDmAdNodeCertReq) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfCertReqXChildren);
+ }
+ else if (prevSeg.Compare(KDmAdNodePrivKey) == 0)
+ {
+ currentList->InsertL(0, KDmAdListOfPrivKeyXChildren);
+ }
+ else if (prevSeg.Compare(KDmAdNodePKCS12) == 0)
+ {
+ DEBUG_LOG(_L("inserting KDmAdListOfPKCS12XChildren to currentList"));
+
+ // Added handler for pkcs#12
+ currentList->InsertL(0, KDmAdListOfPKCS12XChildren);
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unknown URI"));
+ User::Leave(KErrNotFound);
+ }
+ }
+
+ aCurrentList = currentList;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadpkcs12parms.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,135 @@
+/*
+* Copyright (c) 2000-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdPKCS12Parms
+*
+*/
+
+
+
+
+
+#include <utf.h>
+
+#include "dmadpkcs12parms.h"
+#include "vpnlogger.h"
+
+CDmAdPKCS12Parms* CDmAdPKCS12Parms::NewL()
+ {
+ TRACE("CDmAdCertParms::NewL");
+
+ CDmAdPKCS12Parms* self = NewLC();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdPKCS12Parms* CDmAdPKCS12Parms::NewLC()
+ {
+ CDmAdPKCS12Parms* self = new (ELeave) CDmAdPKCS12Parms();
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdPKCS12Parms::CDmAdPKCS12Parms()
+ {
+ }
+
+CDmAdPKCS12Parms::~CDmAdPKCS12Parms()
+ {
+ TRACE("CDmAdCertParms::~CDmAdCertParms");
+
+ iApplicability.Reset();
+ iApplicability.Close();
+ delete iContent;
+ delete iPassword;
+ }
+
+TBool CDmAdPKCS12Parms::Deletable() const
+ {
+ return iDeletable;
+ }
+
+void CDmAdPKCS12Parms::SetDeletable(TBool aDeletable)
+ {
+ TRACE("CDmAdCertParms::SetDeletable");
+
+ iDeletable = aDeletable;
+ }
+
+const RArray<TUid>& CDmAdPKCS12Parms::Applicability() const
+ {
+ return iApplicability;
+ }
+
+void CDmAdPKCS12Parms::SetApplicabilityL(const RArray<TUid>& aApplicability)
+ {
+ TRACE("CDmAdPKCS12Parms::SetApplicabilityL");
+
+ iApplicability.Reset();
+
+ for (TInt i = 0; i < aApplicability.Count(); ++i)
+ {
+ User::LeaveIfError(iApplicability.Append(aApplicability[i]));
+ }
+ }
+
+TPtrC8 CDmAdPKCS12Parms::Content() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iContent != 0)
+ {
+ ret.Set(*iContent);
+ }
+ return ret;
+ }
+
+void CDmAdPKCS12Parms::SetContentL(const TDesC8& aContent)
+ {
+ TRACE("CDmAdPKCS12Parms::SetContentL");
+
+ delete iContent;
+ iContent = 0;
+ if (aContent.Length() > 0)
+ {
+ iContent = aContent.AllocL();
+ }
+ }
+
+TPtrC8 CDmAdPKCS12Parms::Password() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iPassword)
+ {
+ ret.Set(*iPassword);
+ }
+ return ret;
+ }
+
+void CDmAdPKCS12Parms::SetPasswordL(const TDesC8& aPassword)
+ {
+ TRACE("CDmAdPKCS12Parms::SetPasswordL");
+
+ delete iPassword;
+ iPassword = NULL;
+ if (aPassword.Length() > 0)
+ {
+ iPassword = aPassword.AllocL();
+ }
+ else
+ {
+ iPassword = HBufC8::NewL(0);
+ }
+ }
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadprivkeyparms.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,93 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdPrivKeyParms.
+*
+*/
+
+
+#include <utf.h>
+
+#include "dmadprivkeyparms.h"
+
+CDmAdPrivKeyParms* CDmAdPrivKeyParms::NewL()
+ {
+ CDmAdPrivKeyParms* self = NewLC();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdPrivKeyParms* CDmAdPrivKeyParms::NewLC()
+ {
+ CDmAdPrivKeyParms* self = new (ELeave) CDmAdPrivKeyParms();
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdPrivKeyParms::CDmAdPrivKeyParms()
+ {
+ iKeyType = EPKIRSA;
+ }
+
+CDmAdPrivKeyParms::~CDmAdPrivKeyParms()
+ {
+ delete iKeyId;
+ }
+
+TPKIKeyAlgorithm CDmAdPrivKeyParms::KeyType() const
+ {
+ return iKeyType;
+ }
+
+void CDmAdPrivKeyParms::SetKeyTypeL(TPKIKeyAlgorithm aKeyType)
+ {
+
+ if (aKeyType != EPKIRSA &&
+ aKeyType != EPKIDSA)
+ {
+ User::Leave(KErrCorrupt);
+ }
+
+ iKeyType = aKeyType;
+ }
+
+TPtrC8 CDmAdPrivKeyParms::KeyId() const
+ {
+ TPtrC8 ret(KNullDesC8);
+ if (iKeyId != 0)
+ {
+ ret.Set(*iKeyId);
+ }
+ return ret;
+ }
+
+void CDmAdPrivKeyParms::SetKeyIdL(const TDesC8& aKeyId)
+ {
+ delete iKeyId;
+ iKeyId = 0;
+ if (aKeyId.Length() > 0)
+ {
+ iKeyId = aKeyId.AllocL();
+ }
+ }
+
+TInt CDmAdPrivKeyParms::KeyLength() const
+ {
+ return iKeyLength;
+ }
+
+void CDmAdPrivKeyParms::SetKeyLength(TInt aKeyLength)
+ {
+ iKeyLength = aKeyLength;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadrtnodedataapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,92 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdRtNodeDataApi.
+*
+*/
+
+
+#include "dmadrtnodedataapic.h"
+#include "DmAdRtNodeData.h"
+#include "dmadcallback.h"
+
+CDmAdRtNodeDataApi* CDmAdRtNodeDataApi::NewL()
+ {
+ CDmAdRtNodeDataApi* self = NewLC();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdRtNodeDataApi* CDmAdRtNodeDataApi::NewLC()
+ {
+ CDmAdRtNodeDataApi* self = new (ELeave) CDmAdRtNodeDataApi();
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdRtNodeDataApi::CDmAdRtNodeDataApi()
+ {
+ }
+
+CDmAdRtNodeDataApi::~CDmAdRtNodeDataApi()
+ {
+ }
+
+//---------------------------------------------------------------------------------------
+
+CDmAdRtNodeData* CDmAdRtNodeDataApi::CreateDmAdRtNodeDataL(const TDesC8& aUri, MDmAdCallBack* aCallBack)
+ {
+ return CDmAdRtNodeData::NewL(aUri, aCallBack);
+ }
+
+void CDmAdRtNodeDataApi::DeleteDmAdRtNodeData(CDmAdRtNodeData* aDmAdRtNodeData)
+ {
+ delete aDmAdRtNodeData;
+ }
+
+void CDmAdRtNodeDataApi::UpdateLeafDataL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aObject)
+ {
+ ASSERT(aDmAdRtNodeData);
+ aDmAdRtNodeData->UpdateLeafDataL(aUri, aObject);
+ }
+
+void CDmAdRtNodeDataApi::FetchLeafObjectLC(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri, const TDesC8& aLuid, CBufBase*& aObject)
+ {
+ ASSERT(aDmAdRtNodeData);
+ aDmAdRtNodeData->FetchLeafObjectLC(aUri, aLuid, aObject);
+ }
+
+void CDmAdRtNodeDataApi::SetDefaultSettingsL(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri)
+ {
+ ASSERT(aDmAdRtNodeData);
+ aDmAdRtNodeData->SetDefaultSettingsL(aUri);
+ }
+
+TBool CDmAdRtNodeDataApi::AreUriTypesSame(CDmAdRtNodeData* aDmAdRtNodeData, const TDesC8& aUri)
+ {
+ ASSERT(aDmAdRtNodeData);
+
+ TDmAdUriType uriType1 = EDmAdUriTypeCert;
+ //CDmAdRtNodeData::UriTypeL leaves if the URI type is unknown
+ TRAPD(err, uriType1 = CDmAdRtNodeData::UriTypeL(aUri));
+ TDmAdUriType uriType2 = aDmAdRtNodeData->UriType();
+
+ if (err == KErrNone && uriType1 == uriType2)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadstorecert.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,425 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCert.
+*
+*/
+
+
+#include "dmadutil.h"
+#include "dmadstorecert.h"
+#include "vpnlogger.h"
+#include "dmadcertxmldefs.h"
+#include "XppImpl.h"
+#include "XwImpl.h"
+#include <vpnlogmessages.rsg>
+
+CDmAdCert* CDmAdCert::NewL(RPKIServiceAPI& aPkiServiceApi)
+ {
+ TRACE("CDmAdCert::NewL");
+
+ CDmAdCert* self = NewLC(aPkiServiceApi);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdCert* CDmAdCert::NewLC(RPKIServiceAPI& aPkiServiceApi)
+ {
+ CDmAdCert* self = new (ELeave) CDmAdCert(aPkiServiceApi);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+void CDmAdCert::ConstructL()
+ {
+ TRACE("CDmAdCert::ConstructL");
+ iCertLuidMapping = new (ELeave) CArrayPtrFlat<CDmAdCertLuidMappingElem>(4);
+ BuildCertLuidMappingTableL();
+ }
+
+CDmAdCert::CDmAdCert(RPKIServiceAPI& aPkiServiceApi) : iPkiServiceApi(&aPkiServiceApi)
+ {
+ }
+
+CDmAdCert::~CDmAdCert()
+ {
+ TRACE("CDmAdCert::~CDmAdCert");
+ CDmAdCertLuidMappingElem::CleanupOperationDeleteCArrayPtr(iCertLuidMapping);
+ }
+
+TBool CDmAdCert::FindL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCert::FindL");
+ if (!FindCertLuidMappingElemL(aLuid))
+ {
+ return EFalse;
+ }
+ else
+ {
+ return ETrue;
+ }
+ }
+
+HBufC8* CDmAdCert::AddL(const CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::AddL");
+
+ TPKICertificateOwnerType ownerType = aParms.Type();
+
+ HBufC8* certRef = BuildCertRefL(aParms.Content(), EFalse);
+ CleanupStack::PushL(certRef);
+ CDmAdCertLuidMappingElem* certLuidMappingElem = FindCertLuidMappingElemL(*certRef);
+ if (certLuidMappingElem)
+ {
+ DEBUG_LOG(_L("Element already exists"));
+ User::Leave(KErrAlreadyExists);
+ }
+ CleanupStack::PopAndDestroy(certRef);
+
+
+ TInt status = KErrNone;
+ if (ownerType == EPKIUserCertificate)
+ {
+ DEBUG_LOG(_L("Attaching user certificate"));
+
+ TKeyListEntry* keyListEntry = new (ELeave) TKeyListEntry;
+ CleanupStack::PushL(keyListEntry);
+
+ TPKIKeyIdentifier keyId = aParms.KeyId();
+ DEBUG_LOG(_L("Key id:"));
+ DEBUG_LOG_HEX(keyId);
+
+
+ User::LeaveIfError(iPkiServiceApi->KeyDetails(keyId,
+ *keyListEntry));
+
+ TInt keyLength = keyListEntry->iKeySize;
+
+ DEBUG_LOG(_L("Key info:"));
+ DEBUG_LOG1(_L("Object name: %S"), &(keyListEntry->iObjectName));
+ DEBUG_LOG_HEX(keyListEntry->iSubjectKeyId);
+ DEBUG_LOG1(_L("Key size: %d"), keyListEntry->iKeySize);
+ DEBUG_LOG1(_L("Algorithm: %d"), keyListEntry->iKeyAlgorithm);
+
+
+
+ CleanupStack::PopAndDestroy(); //keyListEntry
+
+ status = iPkiServiceApi->AttachCertificate(keyId,
+ aParms.Deletable(),
+ keyLength,
+ EPKIRSA,
+ aParms.Content());
+ }
+ else
+ {
+ status = iPkiServiceApi->StoreCertificate(ownerType,
+ aParms.Deletable(),
+ 0, //Key length is undefined
+ EPKIRSA,
+ aParms.Content());
+ }
+
+ if (status != KErrNone)
+ {
+ DEBUG_LOG1(_L("Operation failed with %d"), status);
+ User::Leave(status);
+ }
+
+ certRef = BuildCertRefL(aParms.Content(), ETrue);
+ CleanupStack::PushL(certRef);
+ UpdateL(*certRef, aParms);
+ CleanupStack::Pop(certRef);
+ return certRef;
+ }
+
+void CDmAdCert::UpdateL(const TDesC8& aLuid, const CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::UpdateL");
+ HBufC8* issuerName;
+ HBufC8* serialNumber;
+ GetIssuerAndSerialFromCertRefLC(aLuid, issuerName, serialNumber);
+
+ if (aParms.Type() == EPKICACertificate) // CA cert
+ {
+ UpdateTrustedL(*issuerName, *serialNumber, aParms);
+ UpdateApplicabilityL(*issuerName, *serialNumber, aParms);
+ }
+
+ CleanupStack::PopAndDestroy(2); //serialNumber, issuerName
+ }
+
+void CDmAdCert::FetchL(const TDesC8& aLuid, CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::FetchL");
+ HBufC8* issuerName;
+ HBufC8* serialNumber;
+ GetIssuerAndSerialFromCertRefLC(aLuid, issuerName, serialNumber);
+
+ //TInt certSize = 1024;
+ TInt certSize = 4096;
+ HBufC8* certBuf = NULL;
+ TPtr8 certBufDesc(NULL, 0);
+ TBool errBufferTooShortOccurred = EFalse;
+ for (;;)
+ {
+ if (certBuf)
+ {
+ CleanupStack::PopAndDestroy(certBuf);
+ }
+ certBuf = HBufC8::NewLC(certSize);
+ certBufDesc.Set(certBuf->Des());
+
+ // Both user and device certificate stores needs to be used for
+ // certificate reading. Set certificate store type to STORETYPE_ANY.
+ TPkiServiceStoreType certStoreType(EPkiStoreTypeAny);
+ User::LeaveIfError(iPkiServiceApi->CertStoreType(certStoreType));
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_CERTSTORE, EPkiStoreTypeAny));
+ TInt err = iPkiServiceApi->ReadCertificate(*issuerName,
+ *serialNumber,
+ certBufDesc);
+
+ // Set previous store type back
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_CERTSTORE, certStoreType));
+
+ if (err == KErrNone)
+ {
+ break;
+ }
+ else if (err == KPKIErrBufferTooShort)
+ {
+ if (errBufferTooShortOccurred)
+ {
+ DEBUG_LOG(_L("Buffer too short"));
+ User::Leave(KErrGeneral);
+ }
+ errBufferTooShortOccurred = ETrue;
+ User::LeaveIfError(iPkiServiceApi->GetRequiredBufferSize(certSize));
+ }
+ else
+ {
+ DEBUG_LOG1(_L("Fetch failed with %d"), err);
+ User::Leave(err);
+ }
+ }
+
+ aParms.SetContentL(*certBuf);
+ ReadCertDetailsL(*issuerName, *serialNumber, aParms);
+
+ CleanupStack::PopAndDestroy(3); //certBuf, serialNumber, issuerName
+ }
+
+void CDmAdCert::DeleteL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCert::DeleteL");
+ HBufC8* issuerName;
+ HBufC8* serialNumber;
+ GetIssuerAndSerialFromCertRefLC(aLuid, issuerName, serialNumber);
+ while (FindCertLuidMappingElemL(aLuid))
+ {
+ User::LeaveIfError(iPkiServiceApi->RemoveCertificate(*issuerName,
+ *serialNumber));
+
+ RemoveCertLuidMappingElem(aLuid);
+ }
+ CleanupStack::PopAndDestroy(2); //serialNumber, issuerName
+ }
+
+void CDmAdCert::ListL(RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdCert::ListL");
+ for (TInt i=0; i<iCertLuidMapping->Count(); ++i)
+ {
+ CDmAdCertLuidMappingElem* certLuidMappingElem = iCertLuidMapping->At(i);
+
+ HBufC8* luidElem = certLuidMappingElem->Luid().AllocLC();
+ aLuidList.AppendL(luidElem);
+ CleanupStack::Pop(luidElem);
+ }
+ }
+
+//------------------------------------------------------------------------
+
+void CDmAdCert::ReadCertDetailsL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::ReadCertDetailsL");
+ TCertificateListEntry* entry = new (ELeave) TCertificateListEntry();
+ CleanupStack::PushL(entry);
+
+ User::LeaveIfError(iPkiServiceApi->CertificateDetails(aIssuerName,
+ aSerialNumber,
+ *entry));
+
+ aParms.SetType(entry->iOwnerType);
+ aParms.SetDeletable(entry->iIsDeletable);
+
+ TBool trusted = ETrue;
+ if (entry->iOwnerType == EPKICACertificate) // CA cert
+ {
+ User::LeaveIfError(iPkiServiceApi->Trusted(aIssuerName,
+ aSerialNumber,
+ trusted));
+ }
+ aParms.SetTrusted(trusted);
+
+ if (entry->iOwnerType == EPKICACertificate) // CA cert
+ {
+ RArray<TUid> applications;
+ CleanupClosePushL(applications);
+
+ iPkiServiceApi->ApplicationsL(aIssuerName,
+ aSerialNumber,
+ applications);
+ aParms.SetApplicabilityL(applications);
+ CleanupStack::PopAndDestroy(); //applications
+ }
+
+ CleanupStack::PopAndDestroy(); // entry
+ }
+
+void CDmAdCert::UpdateTrustedL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, const CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::UpdateTrustedL");
+
+ User::LeaveIfError(iPkiServiceApi->SetTrust(aIssuerName,
+ aSerialNumber,
+ aParms.Trusted()));
+ }
+
+void CDmAdCert::UpdateApplicabilityL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber, const CDmAdCertParms& aParms)
+ {
+ TRACE("CDmAdCert::UpdateApplicabilityL");
+
+ const RArray<TUid>& applications = aParms.Applicability();
+ if (applications.Count() > 0)
+ {
+ iPkiServiceApi->SetApplicabilityL(aIssuerName,
+ aSerialNumber,
+ applications);
+ }
+ }
+
+TPtrC8 CDmAdCert::AppendCertLuidMappingElemL(const TDesC8& aIssuerName, const TDesC8& aSerialNumber)
+ {
+ TRACE("CDmAdCert::AppendCertLuidMappingElemL");
+ TPtrC8 luid(KNullDesC8);
+
+ CDmAdCertLuidMappingElem* certLuidMappingElem = CDmAdCertLuidMappingElem::NewLC(aIssuerName, aSerialNumber);
+ luid.Set(certLuidMappingElem->Luid());
+
+ iCertLuidMapping->AppendL(certLuidMappingElem);
+ CleanupStack::Pop(certLuidMappingElem);
+
+ return luid;
+ }
+
+void CDmAdCert::RemoveCertLuidMappingElem(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCert::RemoveCertLuidMappingElem");
+ for (TInt i=0; i<iCertLuidMapping->Count(); ++i)
+ {
+ CDmAdCertLuidMappingElem* certLuidMappingElem = iCertLuidMapping->At(i);
+ if (certLuidMappingElem->Luid().Compare(aLuid) == 0)
+ {
+ iCertLuidMapping->Delete(i);
+ i--;
+ delete certLuidMappingElem;
+ break;
+ }
+ }
+ }
+
+CDmAdCertLuidMappingElem* CDmAdCert::FindCertLuidMappingElemL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCert::FindCertLuidMappingElemL");
+ for (TInt i=0; i<iCertLuidMapping->Count(); ++i)
+ {
+ CDmAdCertLuidMappingElem* certLuidMappingElem = iCertLuidMapping->At(i);
+ if (certLuidMappingElem->Luid().Compare(aLuid) == 0)
+ {
+ return certLuidMappingElem;
+ }
+ }
+ return NULL;
+ }
+
+void CDmAdCert::BuildCertLuidMappingTableL()
+ {
+ TRACE("CDmAdCert::BuildCertLuidMappingTableL");
+ CArrayFix<TCertificateListEntry>* certList;
+ iPkiServiceApi->ListCertificatesL(certList);
+ CleanupStack::PushL(certList);
+
+ for (TInt i=0; i<certList->Count(); ++i)
+ {
+ TCertificateListEntry& entry = certList->At(i);
+ AppendCertLuidMappingElemL(entry.iTrustedAuthority, entry.iSerialNumber);
+ }
+
+ CleanupStack::PopAndDestroy(certList);
+ }
+
+HBufC8* CDmAdCert::BuildCertRefL(const TDesC8& aCertificateDer, TBool aAppend)
+ {
+ TRACE("CDmAdCert::BuildCertRefL");
+
+ CX509Certificate* certCx509 = CX509Certificate::NewL(aCertificateDer);
+ CleanupStack::PushL(certCx509);
+
+ const TPtrC8 issuerName(*(certCx509->DataElementEncoding(CX509Certificate::EIssuerName)));
+ const TPtrC8 serialNumber(*(certCx509->DataElementEncoding(CX509Certificate::ESerialNumber)));
+
+ HBufC8* certRef = 0;
+ if (aAppend)
+ {
+ TPtrC8 luid(AppendCertLuidMappingElemL(issuerName, serialNumber));
+ certRef = luid.AllocL();
+ }
+ else
+ {
+ certRef = CDmAdCertLuidMappingElem::BuildLuidL(issuerName, serialNumber);
+ }
+
+ CleanupStack::PopAndDestroy(certCx509);
+ return certRef;
+ }
+
+void CDmAdCert::GetIssuerAndSerialFromCertRefLC(const TDesC8& aCertRef,
+ HBufC8*& aIssuerName,
+ HBufC8*& aSerialNumber)
+ {
+ CDmAdCertLuidMappingElem* certLuidMappingElem = FindCertLuidMappingElemL(aCertRef);
+ if (!certLuidMappingElem)
+ {
+ DEBUG_LOG(_L("Mapping not found"));
+ User::Leave(KErrNotFound);
+ }
+
+ HBufC8* issuerNameHBuf = certLuidMappingElem->IssuerName().AllocLC();
+ HBufC8* serialNumberHBuf = certLuidMappingElem->SerialNumber().AllocLC();
+
+ aIssuerName = issuerNameHBuf;
+ aSerialNumber = serialNumberHBuf;
+ }
+
+HBufC8* CDmAdCert::CertSubjectNameL(const TDesC8& aCertificateDer)
+ {
+ CX509Certificate* certCx509 = CX509Certificate::NewLC(aCertificateDer);
+ HBufC16* subjectName16 = certCx509->SubjectName().DisplayNameL();
+ CleanupStack::PushL(subjectName16);
+ HBufC8* subjectName8 = HBufC8::NewL(subjectName16->Length());
+ subjectName8->Des().Copy(*subjectName16);
+ CleanupStack::PopAndDestroy(2, certCx509);
+ return subjectName8;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadstorecertreq.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,241 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdCertReq.
+*
+*/
+
+
+#include "dmadstorecertreq.h"
+#include "vpnlogger.h"
+#include "base64.h"
+#include "dmadutil.h"
+
+CDmAdCertReq* CDmAdCertReq::NewL(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack)
+ {
+ TRACE("CDmAdCertReq::NewL");
+
+ CDmAdCertReq* self = NewLC(aPkiServiceApi, aDmAdCallBack);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdCertReq* CDmAdCertReq::NewLC(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack)
+ {
+ CDmAdCertReq* self = new (ELeave) CDmAdCertReq(aPkiServiceApi, aDmAdCallBack);
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdCertReq::CDmAdCertReq(RPKIServiceAPI& aPkiServiceApi, MDmAdCallBack* aDmAdCallBack) :
+ iPkiServiceApi(&aPkiServiceApi),
+ iDmAdCallBack(aDmAdCallBack)
+ {
+ TRACE("CDmAdCertReq::CDmAdCertReq");
+ }
+
+CDmAdCertReq::~CDmAdCertReq()
+ {
+ TRACE("CDmAdCertReq::~CDmAdCertReq");
+ }
+
+TBool CDmAdCertReq::FindL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCertReq::FindL");
+
+ TBool found = EFalse;
+ HBufC* certReqRef = LuidToCertReqRefL(aLuid);
+ CleanupStack::PushL(certReqRef);
+
+ const TInt KDmAdMaxCertReqSize = 4096; // ????????
+ HBufC8* certRequest = HBufC8::NewLC(KDmAdMaxCertReqSize);
+ TPtr8 certRequestPtr(certRequest->Des());
+
+
+ TInt status = iPkiServiceApi->ReadCertificateRequest(*certReqRef,
+ certRequestPtr);
+ if (status == KErrNone)
+ {
+ found = ETrue;
+ }
+ CleanupStack::PopAndDestroy(2); //certRequest, certReqRef
+ return found;
+ }
+
+
+HBufC8* CDmAdCertReq::AddL(const CDmAdCertReqParms& aParms)
+ {
+ TRACE("CDmAdCertReq::AddL");
+
+ const TInt KDmAdMaxCertReqRefLth = KMaxFileName;
+ HBufC* certReqRef = HBufC::NewLC(KDmAdMaxCertReqRefLth);
+ TPtr certReqRefPtr(certReqRef->Des());
+
+ TPKIKeyIdentifier keyIdentifier(aParms.KeyIdentifierByUri());
+ if (keyIdentifier.Length() == 0)
+ {
+ CreateKeypairL(EPKIRSA,
+ aParms.KeyLength(),
+ keyIdentifier);
+ }
+
+ DEBUG_LOG(_L("Key ID:"));
+ DEBUG_LOG_HEX(keyIdentifier);
+
+ SetKeyIDMappingL(keyIdentifier);
+
+ TInt certReqSize;
+ iPkiServiceApi->CreateAndSaveCertificateRequestL(keyIdentifier,
+ aParms.SubjectName(), //aDistinguishedName,
+ aParms.Rfc822Name(), //aSubjectAltNameRfc822,
+ KNullDesC8, //aChallengePassword,
+ KNullDesC8, //aDnsName,
+ certReqRefPtr,
+ certReqSize);
+
+ HBufC8* luid = CertReqRefToLuidL(*certReqRef);
+ CleanupStack::PopAndDestroy(certReqRef);
+ return luid;
+ }
+
+void CDmAdCertReq::SetKeyIDMappingL(const TPKIKeyIdentifier& keyIdentifier)
+ {
+ TRACE("CDmAdCertReq::SetKeyIDMapping");
+
+ // First fetch all private key URIs
+ CBufBase* uriList = CBufFlat::NewL(16);
+ CleanupStack::PushL(uriList);
+ _LIT8(KKeyUri, "NokiaPKI/PrivKey");
+ MSmlDmAdapter::TError status;
+ iDmAdCallBack->FetchLinkL(KKeyUri, *uriList, status);
+ User::LeaveIfError(status);
+
+ // Find out key URI (cli<X>) for the newly created private key
+ CArrayFix<TPtrC8>* uriSegList;
+ TDmAdUtil::ParseUriLC(uriList->Ptr(0), uriSegList);
+ // New key URI (cli<X>) is now in uriSegList->At(0)
+ HBufC8* wholeUri = TDmAdUtil::BuildUriLC(KKeyUri, uriSegList->At(0));
+
+ iDmAdCallBack->SetMappingL(*wholeUri, keyIdentifier);
+
+ CleanupStack::PopAndDestroy(wholeUri);
+ CleanupStack::PopAndDestroy(uriSegList);
+ CleanupStack::PopAndDestroy(uriList);
+ }
+
+void CDmAdCertReq::UpdateL(const TDesC8& /*aLuid*/, const CDmAdCertReqParms& /*aParms*/)
+ {
+ TRACE("CDmAdCertReq::UpdateL");
+ DEBUG_LOG(_L("Method not implemented"));
+
+ User::Leave(KErrGeneral);
+ }
+
+void CDmAdCertReq::FetchL(const TDesC8& aLuid, CDmAdCertReqParms& aParms)
+ {
+ TRACE("CDmAdCertReq::FetchL");
+
+ HBufC* certReqRef = LuidToCertReqRefL(aLuid);
+ CleanupStack::PushL(certReqRef);
+
+ const TInt KDmAdMaxCertReqSize = 4096; // ????????
+ HBufC8* certRequest = HBufC8::NewLC(KDmAdMaxCertReqSize);
+ TPtr8 certRequestPtr(certRequest->Des());
+
+ User::LeaveIfError(iPkiServiceApi->ReadCertificateRequest(*certReqRef,
+ certRequestPtr));
+
+ TBase64Codec base64Codec;
+ HBufC8* certRequestB64Decoded;
+ if ((certRequestB64Decoded = base64Codec.Base64DecodeLC(*certRequest)) == NULL)
+ {
+ DEBUG_LOG(_L("base64Codec.Base64DecodeLC returned NULL"));
+ User::Leave(KErrNoMemory);
+ }
+
+ aParms.SetContentL(*certRequestB64Decoded);
+ //ReadCertReqDetailsL(*certReqRef, aParms); // ???????????
+ CleanupStack::PopAndDestroy(3); // certRequestB64Decoded, certRequest, certReqRef
+ }
+
+
+void CDmAdCertReq::DeleteL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCertReq::DeleteL");
+
+ HBufC* certReqRef = LuidToCertReqRefL(aLuid);
+ CleanupStack::PushL(certReqRef);
+
+ User::LeaveIfError(iPkiServiceApi->DeleteCertificateRequest(*certReqRef));
+
+ CleanupStack::PopAndDestroy(certReqRef);
+ }
+
+
+void CDmAdCertReq::ListL(RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdCertReq::ListL");
+
+ CArrayFix<TCertificateRequestListEntry>* certReqList;
+ iPkiServiceApi->ListCertificateRequestsL(certReqList);
+ CleanupStack::PushL(certReqList);
+
+ for (TInt i=0; i<certReqList->Count(); ++i)
+ {
+ TCertificateRequestListEntry& entry = certReqList->At(i);
+ HBufC8* luid = CertReqRefToLuidL(entry.iObjectName);
+ CleanupStack::PushL(luid);
+ aLuidList.AppendL(luid);
+ CleanupStack::Pop(luid);
+ }
+
+ CleanupStack::PopAndDestroy(certReqList);
+ }
+
+void CDmAdCertReq::CreateKeypairL(TPKIKeyAlgorithm aKeyAlgorithm,
+ TInt aKeyLength,
+ TPKIKeyIdentifier& aKeyIdentifier)
+ {
+ TRACE("CDmAdCertReq::CreateKeypairL");
+
+ TRequestStatus requestStatus;
+ iPkiServiceApi->GenerateKeypair(aKeyIdentifier,
+ (TUint)aKeyLength,
+ aKeyAlgorithm,
+ requestStatus);
+ User::WaitForRequest(requestStatus);
+ TInt status = requestStatus.Int();
+ if (status != KErrNone)
+ {
+ DEBUG_LOG1(_L("GenerateKeypairL returned %d"), status);
+ User::Leave(status);
+ }
+ }
+
+HBufC8* CDmAdCertReq::CertReqRefToLuidL(const TDesC& aCertReqRef)
+ {
+ TRACE("CDmAdCertReq::CertReqRefToLuidL");
+
+ HBufC8* luid = HBufC8::NewL(aCertReqRef.Length() * 2);
+ luid->Des().Copy((const TUint8*)aCertReqRef.Ptr(), aCertReqRef.Length() * 2);
+ return luid;
+ }
+
+HBufC* CDmAdCertReq::LuidToCertReqRefL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdCertReq::LuidToCertReqRefL");
+
+ HBufC* certReqRef = HBufC::NewL(aLuid.Length() / 2);
+ certReqRef->Des().Copy((const TUint16*)aLuid.Ptr(), aLuid.Length() / 2);
+ return certReqRef;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadstorepkcs12.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,96 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: implementation of CDmAdPKCS12
+*
+*/
+
+
+
+#include "dmadutil.h"
+#include "dmadstorepkcs12.h"
+#include "vpnlogger.h"
+#include "dmadcertxmldefs.h"
+#include "XppImpl.h"
+#include "XwImpl.h"
+#include "pkcs12vpn.h"
+
+#include <vpnlogmessages.rsg>
+
+CDmAdPKCS12* CDmAdPKCS12::NewL(RPKIServiceAPI& aPkiServiceApi)
+ {
+ TRACE("CDmAdPKCS12::NewL");
+
+ CDmAdPKCS12* self = NewLC(aPkiServiceApi);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdPKCS12* CDmAdPKCS12::NewLC(RPKIServiceAPI& aPkiServiceApi)
+ {
+ CDmAdPKCS12* self = new (ELeave) CDmAdPKCS12(aPkiServiceApi);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+void CDmAdPKCS12::ConstructL()
+ {
+ TRACE("CDmAdPKCS12::ConstructL");
+ }
+
+CDmAdPKCS12::CDmAdPKCS12(RPKIServiceAPI& aPkiServiceApi) : iPkiServiceApi(&aPkiServiceApi)
+ {
+ }
+
+CDmAdPKCS12::~CDmAdPKCS12()
+ {
+ TRACE("CDmAdPKCS12::~CDmAdPKCS12");
+ }
+
+HBufC8* CDmAdPKCS12::AddL(const CDmAdPKCS12Parms& aParms)
+ {
+ TRACE("CDmAdPKCS12::AddL");
+
+ DEBUG_LOG(_L("Instantiating pkcs12handler"));
+ CPKCS12Handler* pkcs12handler = CPKCS12Handler::NewLC(*iPkiServiceApi);
+
+ DEBUG_LOG(_L("Setting deletable"));
+ pkcs12handler->SetDeletable(aParms.Deletable());
+
+ DEBUG_LOG(_L("Setting applicability"));
+ pkcs12handler->SetApplicability(aParms.Applicability());
+
+ HBufC* pwd(NULL);
+ if (aParms.Password().Length() == 0)
+ {
+ DEBUG_LOG(_L("Password length is zero, no password given"));
+ pwd = HBufC::NewLC(0);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Converting password to 16bit base"));
+ pwd = HBufC::NewLC(aParms.Password().Length());
+ pwd->Des().Copy(aParms.Password());
+ }
+
+ DEBUG_LOG(_L("Storing pkcs12 object"));
+ pkcs12handler->StorePKCS12ObjectL(aParms.Content(), *pwd);
+
+ DEBUG_LOG(_L("Freeing handler resources"));
+
+ CleanupStack::PopAndDestroy(2, pkcs12handler);
+
+ return NULL;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/dmadpki/src/dmadstoreprivkey.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,123 @@
+/*
+* Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CDmAdPrivKey.
+*
+*/
+
+
+#include <asn1dec.h>
+
+#include "dmadstoreprivkey.h"
+#include "vpnlogger.h"
+
+CDmAdPrivKey* CDmAdPrivKey::NewL(RPKIServiceAPI& aPkiServiceApi)
+ {
+ TRACE("CDmAdPrivKey::NewL");
+
+ CDmAdPrivKey* self = NewLC(aPkiServiceApi);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CDmAdPrivKey* CDmAdPrivKey::NewLC(RPKIServiceAPI& aPkiServiceApi)
+ {
+ CDmAdPrivKey* self = new (ELeave) CDmAdPrivKey(aPkiServiceApi);
+ CleanupStack::PushL(self);
+ return self;
+ }
+
+CDmAdPrivKey::CDmAdPrivKey(RPKIServiceAPI& aPkiServiceApi) : iPkiServiceApi(&aPkiServiceApi)
+ {
+ TRACE("CDmAdPrivKey::CDmAdPrivKey");
+ }
+
+CDmAdPrivKey::~CDmAdPrivKey()
+ {
+ TRACE("CDmAdPrivKey::~CDmAdPrivKey");
+ }
+
+TBool CDmAdPrivKey::FindL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdPrivKey::FindL");
+
+ TBool found = EFalse;
+
+ const TInt KMaxPublicKeyLth = 512;
+ HBufC8* privKeyData = HBufC8::NewLC(KMaxPublicKeyLth);
+ TPtr8 privKeyDataPtr(privKeyData->Des());
+
+ TInt status = iPkiServiceApi->ReadPublicKey(aLuid,
+ privKeyDataPtr);
+ if (status == KErrNone)
+ {
+ found = ETrue;
+ }
+
+ CleanupStack::PopAndDestroy(privKeyData);
+ return found;
+ }
+
+void CDmAdPrivKey::FetchL(const TDesC8& aLuid, CDmAdPrivKeyParms& aParms)
+ {
+ TRACE("CDmAdPrivKey::FetchL");
+
+ TPkiServiceStoreType currentKeyStore;
+ User::LeaveIfError(iPkiServiceApi->KeyStoreType(currentKeyStore));
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_KEYSTORE, EPkiStoreTypeAny));
+
+ TKeyListEntry* entry = new (ELeave) TKeyListEntry();
+ CleanupStack::PushL(entry);
+ User::LeaveIfError(iPkiServiceApi->KeyDetails(aLuid, *entry));
+
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_KEYSTORE, currentKeyStore));
+
+ aParms.SetKeyTypeL(entry->iKeyAlgorithm);
+ aParms.SetKeyIdL(entry->iSubjectKeyId);
+ aParms.SetKeyLength(entry->iKeySize);
+
+ CleanupStack::PopAndDestroy(); // entry
+ }
+
+void CDmAdPrivKey::DeleteL(const TDesC8& aLuid)
+ {
+ TRACE("CDmAdPrivKey::DeleteL");
+
+ User::LeaveIfError(iPkiServiceApi->RemoveKeypair(aLuid));
+ }
+
+void CDmAdPrivKey::ListL(RPointerArray<HBufC8>& aLuidList)
+ {
+ TRACE("CDmAdPrivKey::ListL");
+
+ TPkiServiceStoreType currentKeyStore;
+ User::LeaveIfError(iPkiServiceApi->KeyStoreType(currentKeyStore));
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_KEYSTORE, EPkiStoreTypeAny));
+
+ CArrayFix<TKeyListEntry>* keyList;
+ iPkiServiceApi->ListKeysL(keyList);
+ CleanupStack::PushL(keyList);
+
+ User::LeaveIfError(iPkiServiceApi->SetStoreType(STORE_KEYSTORE, currentKeyStore));
+
+ for (TInt i=0; i<keyList->Count(); ++i)
+ {
+ TKeyListEntry& entry = keyList->At(i);
+ HBufC8* luidElem = entry.iSubjectKeyId.AllocLC();
+ aLuidList.AppendL(luidElem);
+ CleanupStack::Pop(luidElem);
+ }
+
+ CleanupStack::PopAndDestroy(keyList);
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/BWINS/EVENTMEDU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?WinsMain@@YAHXZ @ 1 NONAME ; int __cdecl WinsMain(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/data/backup_registration.xml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,8 @@
+<?xml version="1.0" standalone="yes"?>
+<backup_registration>
+ <passive_backup>
+ <include_directory name = "\"/>
+ </passive_backup>
+ <system_backup/>
+ <restore requires_reboot = "no"/>
+</backup_registration>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+
+eventmediator.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/group/eventmediator.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project eventmed
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+
+TARGET eventmed.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101FD288
+
+CAPABILITY ProtServ NetworkControl NetworkServices
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE eventmediator.cpp
+SOURCE eventlogger.cpp
+SOURCE eventmediatorstarter.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../sit/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY efsrv.lib
+LIBRARY eventmedsit.lib
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/inc/eventlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,278 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines event logger.
+*
+*/
+
+
+
+#ifndef _EVENTLOGGER_H_
+#define _EVENTLOGGER_H_
+
+// INCLUDES
+#include <eikenv.h>
+#include <coeutils.h>
+#include "eventmediatorapi.h"
+#include "eventmediator.h"
+
+_LIT(KEventLogFile, "eventlog.bin");
+
+
+// CLASS DECLARATION
+
+/**
+* Contains general information about a log event. When reporting a log event an object of this class
+* Should be in the begining of the data descriptor.
+*/
+class TLogEvent
+{
+/* public:
+ enum TLogCategory
+ { EInfo,
+ EWarning,
+ EError,
+ EDebug
+ };
+*/
+ public: // Methods
+ /**
+ * Standard constructors
+ */
+ TLogEvent(){};
+ TLogEvent(TUid aSource, TLogCategory aCategory, TUint aMsgId, TInt aDesCount):iSource(aSource), iCategory(aCategory),iMsgId(aMsgId),iDesCount(aDesCount){};
+
+ public: // Data
+ // enumeration of log event categories
+
+ // source of the log event
+ TUid iSource;
+ // category of the log event
+ TLogCategory iCategory;
+ // id of the log message
+ TUint iMsgId;
+ // number of data descriptors related to this iMsgId
+ TInt iDesCount;
+ };
+
+
+
+
+
+
+#define LOGFILE_MAX_LTH 20 // 20 kb
+#define KBYTES_TO_BYTES 1024
+#define ELEM_HEADER_LTH 16
+#define ELEM_TRAILER_LTH 12
+//#define FILE_HEADER_LTH 16 NOTE! moved to eventmediatorapi.h
+#define FILE_BEGIN 0
+#define END_MARK_1 0xefbeadde
+#define END_MARK_2 0xeeabedfe
+#define FILE_ID 0x474f4c45 // ELOG
+
+
+// CLASS DECLARATION
+
+/**
+* Class used to write the log file.
+*/
+class CEventLogger : public CBase
+{
+ public: //Methods
+
+ // Constructors and destructor
+
+ /**
+ * Default constructor, maximum length of log file set to LOGFILE_MAX_LTH
+ */
+ static CEventLogger* NewL(CEventMediatorServer* aServer);
+
+ /**
+ * Constructor
+ * @param aFileMaxLength: maximum length of log file in kbytes
+ */
+ CEventLogger(TInt aFileMaxLength, CEventMediatorServer* aServer);
+
+ /**
+ * Destructor
+ */
+ ~CEventLogger();
+
+ /**
+ * Writes new event to the log file.
+ * @param aEvent: descriptor containing instance of class TLogEvent
+ * and data descriptor of the event appended to it
+ */
+ void LogEvent(const TDesC8& aEvent);
+
+ private: //Methods
+
+ /**
+ * Writes new event to the log file.
+ * @param aInfo: general info on the event.
+ * @param aData: event data.
+ */
+// void LogEvent(const TLogEvent& aInfo, const TDesC8& aData);
+
+ /**
+ * Opens the log file for reading and writing.
+ * @return: Etrue if Successfull, EFalse if not
+ */
+ TBool OpenLogFile();
+
+ /**
+ * Closes the log file.
+ */
+ void CloseLogFile();
+
+ /**
+ * Reads the file header from the log file to a descriptor.
+ * @param aFileHdr: descriptor to which the header is read.
+ * @return: Etrue if Successfull, EFalse if not
+ */
+ TBool GetFileHeader(TDes8 &aFileHdr);
+
+ /**
+ * Returns the position in the file to which a new element can be written.
+ * @param aFileHdr: log file header.
+ * @param aLength: length of the element about to be written.
+ * @return: position to write the element to.
+ */
+ TInt GetElemDataPosition(TDes8 &aFileHdr, TInt aLength);
+
+ /**
+ * Saves the log file header to the log file.
+ * @param aPosition: the position to which new elements can be written.
+ * @param aFileHdr: log file header.
+ * @return: Etrue if Successfull, EFalse if not
+ */
+ TBool SaveFileHeader(TInt aPosition, TDes8 &aFileHdr);
+
+ /**
+ * Stores the log file header to a descriptor.
+ * @param aPosition: the position to which new elements can be written.
+ * @param aFirstOffset: wrapping offset
+ * @param aBuf: log file header.
+ */
+ void StoreFileHeaderInfo(TInt aPosition, TInt aFirstOffset, TDes8 &aBuf);
+
+ /**
+ * Writes new event to the log file.
+ * @param aPosition: the position to write the element to.
+ * @param aEvent: descriptor containning the element
+ * @return: the total length of the written element.
+ */
+ TInt WriteLogElem(TInt aPosition, const TDesC8& aEvent);
+
+ /**
+ * Gets the time and formats it into a TUint32 object.
+ * @return: the time stamp as an unsigned integer.
+ */
+// TUint32 GetTimeStamp();
+
+ private:
+ /**
+ * Default constructor.
+ */
+ CEventLogger(CEventMediatorServer* aServer);
+ private: //Data
+ // file server
+ RFs iFS;
+
+ // log file
+ RFile iLogFile;
+
+ // log file max length
+ TInt iFileMaxLength;
+
+ // event number, starting from 1
+ TUint32 iEventNumber;
+
+ CEventMediatorServer* iServer;
+};
+
+
+// CLASS DECLARATION
+
+/**
+* Contains log file header, basically two integers position and wrapping offset.
+*/
+class TFileHeader
+ {
+ public: // Methods
+ inline TInt32 GetPosition() const {return ((TInt32)(u.iData32[1]));};
+ inline TInt32 GetWrappingOffset() const {return ((TInt32)(u.iData32[2]));};
+ inline TInt32 GetEventNumber() const {return ((TInt32)(u.iData32[3]));};
+ inline void SetFileId() {u.iData32[0] = FILE_ID; };
+ inline void SetPosition(TInt32 aPosition) {u.iData32[1] = (TUint32)aPosition;};
+ inline void SetWrappingOffset(TInt32 aWO) {u.iData32[2] = (TUint32)aWO;};
+ inline void SetEventNumber(TInt32 aEventNumber) {u.iData32[3] = (TUint32)aEventNumber;};
+
+ private: // Data
+ union // Currently union is not needed, only iData32 is used
+ {
+ TUint32 iData32[4];
+ TUint8 iData8[8];
+ } u;
+ };
+
+
+
+// CLASS DECLARATION
+
+/**
+* Contains log element header, consisting of four integer values:
+* length: length of the data beloging to the element
+* timestamp: the time the element was written.
+* source: Uid of the reporter of the element.
+* aCategory: the gategory of the log event.
+*/
+class TElemHeader
+ {
+ public: // Methods
+
+ inline void SetEventLength(TUint32 aLength) {u.iData32[0] = (TUint32)aLength;};
+ inline void SetEventNumber(TUint32 aEventNumber) {u.iData32[1] = (TUint32)aEventNumber;};
+// inline void SetTime(TUint32 aTimeStamp) {u.iData32[2] = (TUint32)aTimeStamp;};
+ inline void SetTime(const TInt64& aTimeStamp) {u.iData32[2] = I64LOW(aTimeStamp); u.iData32[3] = I64HIGH(aTimeStamp);};
+
+ private: // Data
+ union
+ {
+ TUint32 iData32[4];
+ TUint8 iData8[8];
+ } u;
+ };
+
+
+// CLASS DECLARATION
+
+/**
+* Contains a constant log element trailer, consisting of two integer values.
+*/
+class TElemTrailer
+ {
+ public: // Methods
+ inline void SetLogEndMark() {u.iData32[0] = END_MARK_1;
+ u.iData32[1] = END_MARK_2;};
+ inline void SetEventLength(TUint32 aLength) {u.iData32[2] = (TUint32)aLength;};
+ private: // Data
+ union
+ {
+ TUint32 iData32[3];
+ TUint8 iData8[8];
+ } u;
+ };
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/inc/eventmediator.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,579 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines event mediator and the services of it.
+*
+*/
+
+
+
+/**
+ * @file eventmediator.h
+ *
+ * This module defines event mediator and the services of it.
+ *
+ */
+
+#ifndef __EVENTMEDIATOR_H__
+#define __EVENTMEDIATOR_H__
+
+// INCLUDES
+#include <e32base.h>
+#include <f32file.h>
+#include "eventmediatorapi.h"
+#include "eventmediatordefs.h"
+
+#include "sitdeathobserver.h"
+
+// FORWARD DECLARATIONS
+class CEventMediatorSession;
+class TEventContainer;
+class CEventLogger;
+
+class CSit;
+
+class CListenerContainer;
+
+// CLASS DECLARATION
+
+/**
+* Defines the event mediator server.
+*/
+class CEventMediatorServer : public CPolicyServer, public MSitDeathListener
+ {
+ friend class CEventMediatorSession; // Friend class
+
+ public: //Methods
+
+ // Constructors and destructor
+
+ /**
+ * Static constructor
+ */
+ static CEventMediatorServer* NewL(void);
+
+ /**
+ * Static constructor
+ */
+ static CEventMediatorServer* NewLC(void);
+
+ /**
+ * Destructor
+ */
+ ~CEventMediatorServer(void);
+
+ /**
+ * Creates a new session.
+ */
+ CSession2* NewSessionL(const TVersion& aVersion, const RMessage2& aMessage) const;
+
+ // Other methods
+
+ /**
+ * Reports new envent to the eventmediator server.
+ * @param aType: type of the event.
+ * @param aSpec: additional info on event.
+ * @param aData: a descriptor containing event data.
+ */
+ void ReportEventL(const TEventType aType, TDesC8* aSpec,
+ TDesC8* aData, TInt aStatus = KErrNone);
+
+ /**
+ * Completes the last message in error case.
+ * @param aError: Cause of the call of this function.
+ */
+ void CompleteLastMessage(TInt aError);
+
+ /**
+ * Finds out whether the specified client thread is a SIT
+ * thread or not
+ */
+ TBool IsClientTheSitL(const RMessage2& aMessage);
+
+ /**
+ * Starts the SIT thread if it is not running
+ */
+ void MakeSureSitIsRunningL();
+
+ /**
+ * Saves a pointer to the listening request that represents the
+ * task arrival observation request
+ */
+ void SetTaskArrivalListenerL(CListenerContainer* aListener);
+
+ /**
+ * Clears the pointer to the listening request that represents the
+ * task arrival observation request
+ */
+ void ClearTaskArrivalListener();
+
+ /**
+ * Returns the pointer to the task arrival observation request
+ */
+ CListenerContainer* TaskArrivalListener();
+
+ /**
+ * Notifies the server about a new task request that has arrived
+ */
+ void TaskRequestArrivedL(CListenerContainer* aTaskRequest);
+
+ /**
+ * Notifies the server about a new task arrival
+ * observation request that has arrived from the SIT
+ */
+ void TaskArrivalObservationRequestArrivedL();
+
+ /**
+ * Notifies the server about a new task request event
+ * specification fetching request that has arrived from
+ * the SIT.
+ */
+ void TaskRequestEventSpecFetchingRequestArrivedL(CListenerContainer* aFetchingRequest);
+
+ /**
+ * Notifies the server about a new task cancellation
+ * observation request that has arrived from the SIT.
+ */
+ void TaskCancellationObservationRequestArrivedL(CListenerContainer* aRequest);
+
+ /**
+ * Completes a pending task arrival observation
+ * request when a new task request has arrived.
+ */
+ void CompleteTaskArrivalObservationRequestL(TEventType aEventType, TDesC8* aSpec);
+
+ /**
+ * Completes a pending task request event
+ * specification fetching request.
+ */
+ void CompleteTaskRequestEventSpecFetchingRequestL(TInt aStatus, TDesC8* aEventSpec,
+ TDesC8* aTaskRequestEventSpec);
+
+ /**
+ * Tries to find a task request that is not yet
+ * being fulfilled by the SIT.
+ */
+ CListenerContainer* FindWaitingTaskRequest();
+
+ /**
+ * Retrieves the event listener object, if any, that has the
+ * specified event type and event specification ID.
+ */
+ CListenerContainer* FindListener(TEventType aEventType, TInt aEventSpecId);
+
+ /**
+ * Retrieves the event listener object, if any, that is using
+ * the SIT that has the specified thread ID and is fulfilling
+ * the specified event.
+ */
+ CListenerContainer* FindListener(TEventType aEventType, const TDesC8* aEventSpec);
+
+ /**
+ * Completes the listener that matches the specified search
+ * criteria.
+ */
+ void CompleteListener(TEventType aEventType, const TDesC8* aEventSpec, TInt aStatus);
+
+ /**
+ * Completes the listener that matches the specified search
+ * criteria.
+ */
+ void CompleteListener(CListenerContainer* aListenerPtr, TInt aStatus);
+
+ /**
+ * Returns the number of "normal" (non-sit)
+ * sessions that are present
+ */
+ TInt NormalSessionCount();
+
+ /**
+ * Completes all task requests with the specified status
+ */
+ void CompleteTaskRequests(TInt aStatus);
+
+ /**
+ * Returns a new event specification ID.
+ */
+ TInt NewEventSpecId();
+
+ TPtrC EventLogFileName(void);
+
+ public: // From MSitDeathListener
+ void SitDied();
+
+ protected:
+ /**
+ * Process any errors
+ *
+ * @param aError the leave code reported
+ */
+ TInt RunError(TInt aError);
+
+ private: // Methods
+
+ // Constructors and destructor
+
+ /**
+ * Default constructor
+ */
+ CEventMediatorServer(void);
+
+ /**
+ * Perform the second phase construction of a CVpnManagerServer
+ * object.
+ * @param aServer Pointer to the server itself.
+ */
+ void ConstructL(CEventMediatorServer* aServer);
+
+ // Other methods
+
+ /**
+ * Stops the server if the session count is zero.
+ */
+ void StopEventMediator(void);
+
+ /**
+ * Copies data describing an event to the client.
+ * @param aMessge: a message from client side sent by RConnection::FetchData
+ * @return error code, KErrNone if successfull
+ */
+ TInt CopyEventDataL(const RMessage2& aMessage);
+
+ /**
+ * Reduces listener count of a stored event by one and destroys it if count becomes zero.
+ * @param aIndex: the index of the stored event in the list.
+ */
+ void MarkStoredEventListened(TInt aIndex);
+
+ /**
+ * Sets the iShuttingDown flag.
+ */
+ void SetShuttingDown(TBool aShuttingDown);
+
+ private: //Data
+ // List of Events that have been reported but not handled by all listeners.
+ CArrayFixFlat<TEventContainer*> iStoredEvents;
+ // Number of currently existing sessions.
+ TInt iSessionCount;
+ // Log writer
+ CEventLogger* iLogger;
+ // The next event specification ID
+ // (used with SIT event listening requests)
+ TInt iNextEventSpecId;
+ // The single SIT instance
+ CSit* iSit;
+ // The single task arrival listener
+ CListenerContainer* iTaskArrivalListener;
+
+ // A flag that is set to true when
+ // the server starts going down
+ TBool iShuttingDown;
+
+ TFileName iEventLogFileName;
+
+ static const TUint iRangeCount;
+ static const TInt iRanges[];
+ static const TUint8 iElementIndex[];
+
+ static const CPolicyServer::TPolicyElement iElements[];
+ static const CPolicyServer::TPolicy iPolicy;
+
+ };
+
+// CLASS DECLARATION
+
+/**
+* Defines the session to the VPN manager server.
+*/
+class CEventMediatorSession : public CSession2
+ {
+ public: //Message types
+ enum
+ {
+ KEventMediatorListen,
+ KEventMediatorListenWithSpec,
+ KEventMediatorCancel,
+ KEventMediatorCancelWithSpec,
+ KEventMediatorCancelAll,
+ KEventMediatorReportEvent,
+ KEventMediatorReportEventWithSpec,
+ KEventMediatorFetchData,
+ KEventMediatorReportLogEvent,
+ KEventMediatorNewEventSpecId,
+ KEventMediatorDeletePrivateFiles,
+ KEventMediatorGetEventLogSize,
+ KEventMediatorGetEventLogHeader,
+ KEventMediatorGetEventLogData,
+ KEventMediatorClearEventLog
+ };
+
+ public: // Methods
+
+ // Constructors and destructor
+
+ /**
+ * Static constructor
+ */
+ static CEventMediatorSession* NewL(CEventMediatorServer* aServer, const RMessage2& aMessage);
+
+ /**
+ * Default destructor
+ */
+ ~CEventMediatorSession(void);
+
+ /**
+ * Wrapper function which Dispatches and executes the client's service calls
+ * (See Message type definition).
+ */
+ void ServiceL(const RMessage2& aMessage);
+
+ /**
+ * Checks if client is listening events of the given type and completes message
+ * sent by clients ListenToEvent function. The length of the event data and
+ * the pointer to that data are written to the message.
+ * @param aType: type of the event.
+ * @param aSpec: additional info on event.
+ * @param aData: event data.
+ * @return number of listeners for the event was listened.
+ */
+ TInt CheckEventL(const TEventType aType, const TDesC8* aSpec, const TDesC8* aData, TInt aStatus);
+
+ /**
+ * Tries to find a task request that is not being fulfilled
+ * already
+ */
+ CListenerContainer* FindWaitingTaskRequest();
+
+ /**
+ * Retrieves the event listener object, if any, that is using
+ * the SIT that is fulfilling the specified event.
+ */
+ CListenerContainer* FindListener(TEventType aEventType, TInt aEventSpecId);
+
+ /**
+ * Retrieves the event listener object, if any, that is using
+ * the SIT that is fulfilling the specified event.
+ */
+ CListenerContainer* FindListener(TEventType aEventType, const TDesC8* aEventSpec);
+
+ /**
+ * Completes the specified listener if it is owned by the
+ * session. Returns ETrue is the listener was found and
+ * completed, EFalse otherwise.
+ */
+ void CompleteListener(TEventType aEventType, const TDesC8* aEventSpec, TInt aStatus);
+
+ void CompleteTaskRequests(TInt aStatus);
+
+ TBool IsASitSession();
+
+ private: //Methods
+ // Constructors and destructor
+
+ /**
+ * Constructor
+ */
+ CEventMediatorSession(CEventMediatorServer* aServer);
+
+ /**
+ * Starts listening events of requesteed type by coping the message to iListenedEvents.
+ * @param aMessage: aMessage sent by clients ListenToEvent function.
+ * @return: error code, KErrNone if successfull.
+ */
+ TInt ListenToEventWithSpecL(const RMessage2& aMessage);
+
+ /**
+ * Starts listening events of requesteed type by coping the message to iListenedEvents.
+ * @param aMessage: aMessage sent by clients ListenToEvent function.
+ * @return: error code, KErrNone if successfull.
+ */
+ TInt ListenToEventL(const RMessage2& aMessage);
+
+ /**
+ * Reports the event contained in the message to the event mediator server.
+ * @param aMessage: aMessage sent by clients ReportEvent function.
+ * @return: error code, KErrNone if successfull.
+ */
+ void ReportEventL(const RMessage2& aMessage);
+
+ /**
+ * Reports a log event contained in the message to the event mediator server.
+ * @param aMessage: aMessage sent by clients ReportLogEvent function.
+ * @return: error code, KErrNone if successfull.
+ */
+ void ReportLogEventL(const RMessage2& aMessage);
+
+ /**
+ * Reports the event contained in the message to the event mediator server.
+ * @param aMessage: aMessage sent by clients ReportEvent function.
+ * @return: error code, KErrNone if successfull.
+ */
+ void ReportEventWithSpecL(const RMessage2& aMessage);
+
+ /**
+ * Cancels listning of one event type.
+ * @param aMessage: aMessage sent by clients CancelListenToEvent function.
+ */
+ void CancelListening(const RMessage2& aMessage);
+
+ /**
+ * Cancels listning of one event type.
+ * @param aMessage: aMessage sent by clients CancelListenToEvent function.
+ */
+ void CancelListeningWithSpecL(const RMessage2& aMessage);
+
+ /**
+ * Cancels all listening.
+ * @param aMessage: aMessage sent by clients CancelAllListening function.
+ */
+ void CancelAll();
+
+ /**
+ * Copies event data from the server to the client.
+ * @param aMessage: aMessage sent by clients FetchData function.
+ * @return: error code, KErrNone if successfull.
+ */
+ TInt FetchDataL(const RMessage2& aMessage);
+
+ /**
+ * Looks up a message from iListenedEvents.
+ * @param aType: type of the event the message is listening to.
+ * @param aIndex: the position of the message in iListenedEvents.
+ * @return ETrue if message exists, EFalse if not.
+ */
+ TBool FindListenerMsg(const TEventType aType,TInt& index);
+
+ /**
+ * Looks up a message from iListenedEvents.
+ * @param aType: type of the event the message is listening to.
+ * @param aIndex: the position of the message in iListenedEvents.
+ * @return ETrue if message exists, EFalse if not.
+ */
+ TBool FindListenerMsg(const TEventType aType,const TDesC8* aSpec,TInt& index);
+
+ /**
+ * Searches for a task request type event listening request
+ */
+ TBool FindTaskRequestListenerMsg(TInt& index);
+
+ /**
+ * Reads data that was reported with the event from client. Allocates a buffer
+ * for data and gives ownership of that buffer to caller.
+ * @param aMessage: aMessage sent by clients ReportEvent function.
+ * @return pointer to the newly created buffer containig data.
+ */
+ HBufC8* ReadEventDataFromClientL(const RMessage2& aMessage);
+
+ /**
+ * Reads specification describing the event from client. Allocates a buffer
+ * for secification and gives ownership of that buffer to caller.
+ * @param aMessage: aMessage sent with event specification.
+ * @return pointer to the newly created buffer containig data.
+ */
+ HBufC8* ReadSpecificationFromClientL(const RMessage2& aMessage);
+
+ /**
+ * Completes the specified listener and deletes it from the
+ * listener list
+ */
+ void CompleteListener(TInt aIndex, TInt aStatus);
+
+ /**
+ * Returns to the client a new event specification ID
+ */
+ void NewEventSpecIdL(const RMessage2& aMessage);
+
+ TInt DeletePrivateFiles();
+ void DeletePrivateFilesL();
+
+ TInt GetEventLogSize(const RMessage2& aMessage);
+ TInt GetEventLogHeader(const RMessage2& aMessage);
+ TInt GetEventLogData(const RMessage2& aMessage);
+ TInt ClearEventLog();
+
+ private: //Data
+ // List of messages listening to events
+ CArrayFixFlat<CListenerContainer*> iListenedEvents;
+ // Event mediator server
+ CEventMediatorServer* iServer;
+
+ RFs iFs;
+ RFile iEventLogFile;
+ TBool iEventLogFileOpen;
+ // Is this session from a SIT or not
+
+ public:
+ TBool iIsSitSession;
+ };
+
+// CLASS DECLARATION
+
+/**
+* Container for one reported event from witch it can be read by all listening sessions.
+*/
+class TEventContainer
+ {
+ public: //Methods
+ // Constructors and destructor
+
+ /**
+ * Inline constructor
+ */
+ inline TEventContainer(TInt aCount, TDesC8* aData) : iData(aData), iListenerCount(aCount){};
+
+ public: //Data
+ // Data descriptor reported with the event.
+ TDesC8* iData;
+ // number of listeners that need this event
+ TInt iListenerCount;
+ };
+
+
+// CLASS DECLARATION
+
+/**
+* Container for one reported event from which it can be read by all listening sessions
+*/
+class CListenerContainer : public CBase
+ {
+ public: //Methods
+ // Constructors and destructor
+ CListenerContainer(const RMessage2& aMessage, TDesC8* aSpec,
+ CEventMediatorServer* aServer);
+ ~CListenerContainer();
+
+ inline TEventType Type() {return (TEventType) iMessage.Int0();}
+ inline RMessage2& Message() {return iMessage;}
+ inline TDesC8* Specification() {return iSpec;}
+ void Complete(TInt status);
+
+ void AnalyzeRequestL();
+ TBool WaitingForFulfilling();
+ void MarkAsBeingFulfilled();
+ TBool BeingFulfilled();
+
+ TBool HandlesEvent(TEventType aEventType, const TDesC8* aEventSpec);
+
+ private: //Data
+ // Data descriptor reported with the event.
+ TDesC8* iSpec;
+ RMessage2 iMessage;
+ TEventType iEventType;
+ // Pointer to the event mediator server
+ CEventMediatorServer* iServer;
+ // A flag that tells whether the request
+ // is being fulfilled by the SIT or not
+ TBool iBeingFulfilledBySit;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/inc/eventmediatordefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,45 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Defines constants
+*
+*/
+
+
+
+#ifndef __EVENTMEDIATORDEFS_H__
+#define __EVENTMEDIATORDEFS_H__
+
+#include <e32base.h>
+
+static const TUid KEventMediatorUid3 = {0x101FD288};
+
+_LIT(KEventMediatorFile, "eventmed");
+_LIT(KEventMediatorServer, "!EventMediatorServer");
+
+// The server version. A version must be specified when
+// creating a session with the server
+const TUint KEventMediatorMajorVersionNumber = 0;
+const TUint KEventMediatorMinorVersionNumber = 1;
+const TUint KEventMediatorBuildVersionNumber = 1;
+
+/*// Panic codes
+enum TEventMediatorPanic
+ {
+ ECreateTrapCleanup = 1,
+ ECreateServer,
+ EBadDescriptor,
+ EBadRequest,
+ };
+*/
+#endif // __EVENTMEDIATORDEFS_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/inc/log_em.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_EM_H__)
+#define __LOG_EM_H__
+
+_LIT(KLogFile, "eventmed.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_EM_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/rom/eventmediator.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project eventmediator
+*
+*/
+
+
+
+#ifndef __EVENTMEDIATOR_IBY__
+#define __EVENTMEDIATOR_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature EVENTMEDIATOR not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\eventmed.exe PROGRAMS_DIR\eventmed.exe
+// data=EPOCROOT##epoc32\winscw\c\private\101FD288\backup_registration.xml Private\101FD288\backup_registration.xml
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __EVENTMEDIATOR_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/src/eventlogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,331 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines event logger.
+*
+*/
+
+
+
+#include <eikenv.h>
+#include <bautils.h>
+//#include "filesdef.h"
+#include "eventlogger.h"
+
+//
+//Class that writes logs events into a binary file
+
+CEventLogger::CEventLogger(CEventMediatorServer* aServer)
+{
+ iServer = aServer;
+ iFileMaxLength = KBYTES_TO_BYTES * LOGFILE_MAX_LTH;
+}
+
+CEventLogger* CEventLogger::NewL(CEventMediatorServer* aServer)
+ {
+ CEventLogger* server = new (ELeave) CEventLogger(aServer);
+ return server;
+ }
+
+CEventLogger::CEventLogger(TInt aFileMaxLength, CEventMediatorServer* aServer)
+{
+ iServer = aServer;
+ if ( aFileMaxLength == 0 || aFileMaxLength > LOGFILE_MAX_LTH )
+ iFileMaxLength = KBYTES_TO_BYTES * LOGFILE_MAX_LTH;
+ else iFileMaxLength = KBYTES_TO_BYTES * aFileMaxLength;
+}
+
+CEventLogger::~CEventLogger()
+{
+}
+
+
+
+void CEventLogger::LogEvent(const TDesC8& aEvent)
+{
+ TInt position;
+ TInt log_elem_lth;
+ TBuf8<EVENTLOG_FILE_HEADER_LTH> file_hdr;
+
+/*-------------------------------------------------------------------
+ * Log an event into the binary file. File format:
+ * 0 3 7 CL
+ * +--------------------+--------------------+---------------------+
+ * ! File Id (FI)! Current length (CL)! Wrapping offset (WO)!
+ * +--------------------+--------------------+---------------------+
+ *
+ * +-----------------------+
+ * ! Curr event number (EN)
+ * +-----------------------+
+ * where;
+ *
+ * FI = File Id 0x474f4c45 = ELOG
+ * CL = Current free position in file (=offset value)
+ * WO = Wrapping offset
+ * EN = Event number; events are numbered starting from 1
+ * Number of the last event to be logged
+ *
+ * Log event data format:
+ *
+ * Log event data format:
+ * 0 3 7 15 19
+ * +-----------+----------+------------+------------------+----------------+
+ * ! Length(L) ! Event ! TimeStamp) ! Source ! Catogory (EC)) !
+ * ! ! number(EN) (TS) ! Component (SC) !
+ * +-----------+----------+------------+------------------+----------------+ - - - - +
+ * 23 27 31 n n+12
+ * +-----------+----------+------------+------------------+
+ * ! MsgId ! Descriptor Descriptors! Trailer (TR) !
+ * ! (MI) ! count (DC) (DE) ! !
+ * +-----------+----------+------------+------------------+
+ * * where;
+ *
+ * L = Length of log element
+ * EN = Event number
+ * TS = Time stamp (TTime in TInt64 (two TUint32)
+ * SC = UID of source component
+ * EC = Event catogory (Info, warning, error, debug)
+ * MI = Message Id, defines a text string in localisation file
+ * DC = Descriptor count, number of lth-data pairs
+ * DE = Descriptors: lth,lth...,data,data,... These are used to modify
+ * the text avaibale in localisation file
+ * TR = Element trailer: endmark1, endmark2, length of log element
+ * same value as in (L)
+ *
+ *---------------------------------------------------------------------*/
+ if ( OpenLogFile() )
+ {
+ file_hdr.SetLength(EVENTLOG_FILE_HEADER_LTH);
+ if ( GetFileHeader(file_hdr) ) {
+ position = GetElemDataPosition(file_hdr, aEvent.Length());
+ if ( position ) {
+ log_elem_lth = WriteLogElem(position, aEvent);
+ if ( log_elem_lth ) {
+ position += log_elem_lth;
+ SaveFileHeader(position, file_hdr);
+ }
+ }
+ }
+
+ CloseLogFile();
+ }
+
+}
+
+TBool CEventLogger::OpenLogFile()
+{
+ TBool file_created = EFalse;
+ TInt position = 0;
+/*--------------------------------------------------------
+ * Open event log file
+ *--------------------------------------------------------*/
+ if(iFS.Connect()!=KErrNone)
+ return EFalse;
+ if ( iLogFile.Create(iFS, iServer->EventLogFileName(), EFileWrite|EFileShareAny) != KErrNone )
+ {
+ if (iLogFile.Open(iFS, iServer->EventLogFileName(), EFileWrite|EFileShareAny) != KErrNone)
+ {
+// DEB(iEngine->PrintText(_L("Error opening Trace file\n"));)
+ iFS.Close();
+ return EFalse;
+ }
+ }
+ else file_created = ETrue;
+
+ if ( file_created ) {
+ /*--------------------------------------------------------
+ * Write file header initial values to created file
+ * (Current_offset = First_elem_offset = 16)
+ *--------------------------------------------------------*/
+ TBuf8<EVENTLOG_FILE_HEADER_LTH> file_hdr;
+ file_hdr.SetLength(EVENTLOG_FILE_HEADER_LTH);
+ StoreFileHeaderInfo(EVENTLOG_FILE_HEADER_LTH, 0, file_hdr);
+ if ( SaveFileHeader(EVENTLOG_FILE_HEADER_LTH, file_hdr) == EFalse ) {
+// DEB(iEngine->PrintText(_L("File header creation error\n"));)
+ return EFalse;
+ }
+ iLogFile.Seek(ESeekStart, position); // return file pointer to file start
+ }
+
+ return ETrue;
+}
+
+void CEventLogger::CloseLogFile()
+{
+/*--------------------------------------------------------
+ * Close event log file
+ *--------------------------------------------------------*/
+ iLogFile.Close();
+ iFS.Close();
+}
+
+TBool CEventLogger::GetFileHeader(TDes8 &aBuf)
+{
+/*--------------------------------------------------------
+ * Read current log file length from file start
+ *--------------------------------------------------------*/
+ if ( iLogFile.Read(aBuf, EVENTLOG_FILE_HEADER_LTH) ) {
+ return EFalse;
+ }
+
+ return ETrue;
+}
+
+
+TInt CEventLogger::GetElemDataPosition(TDes8 &aFileHdr, TInt aLength)
+{
+ TInt position;
+/*---------------------------------------------------------------
+ * Get log element position value from file header
+ * If (position + aLength) > file max length, wrap file
+ *---------------------------------------------------------------*/
+ TFileHeader *file_hdr = (TFileHeader *)aFileHdr.Ptr();
+ position = file_hdr->GetPosition();
+ if ( ( position + aLength +
+ ELEM_HEADER_LTH + ELEM_TRAILER_LTH ) > iFileMaxLength )
+ {
+ position = EVENTLOG_FILE_HEADER_LTH; // Wrapping occurs
+ }
+ iEventNumber = file_hdr->GetEventNumber() + 1;
+
+ return position;
+}
+
+/*
+TUint32 CEventLogger::GetTimeStamp()
+{
+TTime tmp_time;
+TDateTime date;
+TUint32 time_stamp = 0;
+*/
+/*---------------------------------------------------------------
+ * Get time stamp for log element.
+ * Map the year-month-day-hour-minutes-seconds information to
+ * 32 bits into the following way:
+ * 3 2 1 0
+ * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+ * Y Y Y Y M M M M D D D D D D H H H H H H M M M M M M S S S S S S
+ * where;
+ * Bits 31-28 = Current Year - 2000 (0-15)
+ * Bits 27-24 = Current Month index (0-11))
+ * Bits 23-18 = Current Day (1-31)
+ * Bits 17-12 = Current Hour (0-23)
+ * Bits 11-7 = Current Minutes (0-59)
+ * Bits 6-0 = Current Seconds (0-59)
+ *
+ *--------------------------------------------------------------- /
+ tmp_time.HomeTime();
+ date = tmp_time.DateTime();
+
+ time_stamp |= (((TUint32)(date.Year() - 2000)) << 28);
+ time_stamp |= ((TUint32)date.Month() << 24);
+ time_stamp |= ((TUint32)date.Day() << 18);
+ time_stamp |= ((TUint32)date.Hour() << 12);
+ time_stamp |= ((TUint32)date.Minute() << 6);
+ time_stamp |= (TUint32)date.Second();
+
+ return time_stamp;
+}
+*/
+
+TBool CEventLogger::SaveFileHeader(TInt aPosition, TDes8 &aBuf)
+{
+ TInt old_position;
+ TInt wrapping_offset;
+/*---------------------------------------------------------------
+ * Save event log element position value to file header
+ * If current position < position in file header, file has wrapped.
+ * Store then wrapping offset in file header, too
+ *---------------------------------------------------------------*/
+ TFileHeader *file_hdr = (TFileHeader *)aBuf.Ptr();
+ old_position = file_hdr->GetPosition();
+ wrapping_offset = file_hdr->GetWrappingOffset();
+ if ( old_position > aPosition ) {
+ wrapping_offset = old_position; /* wrapping occurred */
+ }
+ else {
+ if ( wrapping_offset && ( wrapping_offset < aPosition ) ) {
+ wrapping_offset = 0;
+ }
+ }
+
+ StoreFileHeaderInfo(aPosition, wrapping_offset, aBuf);
+
+ old_position = 0; // not old position really, just integer with value 0 needed
+ iLogFile.Seek(ESeekStart, old_position); // return file pointer to file start
+ if ( iLogFile.Write(aBuf, EVENTLOG_FILE_HEADER_LTH) )
+ return EFalse;
+
+ return ETrue;
+}
+
+
+void CEventLogger::StoreFileHeaderInfo(TInt aPosition, TInt aWrappingOffset, TDes8 &aBuf)
+{
+
+ TFileHeader *file_hdr = (TFileHeader *)aBuf.Ptr();
+ file_hdr->SetFileId();
+ file_hdr->SetPosition(aPosition);
+ file_hdr->SetWrappingOffset(aWrappingOffset);
+ file_hdr->SetEventNumber(iEventNumber);
+
+}
+
+TInt CEventLogger::WriteLogElem(TInt aPosition, const TDesC8& aEvent)
+
+//TInt CEventLogger::WriteLogElem(TInt aPosition, const TLogEvent& aEvent, const TDesC8& aData)
+{
+ TBuf8<ELEM_HEADER_LTH> header;
+ TBuf8<ELEM_TRAILER_LTH> trailer;
+// TUint32 time_stamp;
+ TInt data_lth=aEvent.Length();
+ TInt eventLength = data_lth + ELEM_HEADER_LTH + ELEM_TRAILER_LTH;
+/*---------------------------------------------------------------
+ * Write log event data into the log file
+ * Build first log element header:
+ * log elem length + iEventNumber + time stamp
+ *---------------------------------------------------------------*/
+// time_stamp = GetTimeStamp();
+ header.SetLength(ELEM_HEADER_LTH);
+
+ TElemHeader *elem_hdr = (TElemHeader *)header.Ptr();
+ elem_hdr->SetEventLength((TUint32) eventLength);
+ elem_hdr->SetEventNumber((TUint32) iEventNumber);
+
+ TTime tmpTime;
+ const TInt64* currTime;
+ tmpTime.HomeTime();
+ currTime = &tmpTime.Int64();
+ elem_hdr->SetTime(*currTime);
+
+ trailer.SetLength(ELEM_TRAILER_LTH);
+ TElemTrailer *elem_trailer = (TElemTrailer *)trailer.Ptr();
+ elem_trailer->SetLogEndMark();
+ elem_trailer->SetEventLength((TUint32) eventLength);
+ iLogFile.Seek(ESeekStart, aPosition); // Set file pointer
+/*---------------------------------------------------------------
+ * Write log event into log element
+ *---------------------------------------------------------------*/
+ if ( iLogFile.Write(header) ) //Element header
+ return 0;
+
+ if ( iLogFile.Write(aEvent)) //log event data
+ return 0;
+
+ if ( iLogFile.Write(trailer) ) //Element trailer
+ return 0;
+
+ return eventLength;
+
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/src/eventmediator.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1354 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module contains eventmediator and the services of it.
+*
+*/
+
+
+
+/**
+ * @file eventmediator.cpp
+ *
+ * This module contains eventmediator and the services of it.
+ *
+ */
+#include <es_sock.h>
+#include "eventmediator.h"
+#include "eventlogger.h"
+#include "eventmediatordefs.h"
+#include "sit.h"
+#include "log_em.h"
+
+#define FIRST_ARGUMENT 0
+#define SECOND_ARGUMENT 1
+#define THIRD_ARGUMENT 2
+#define FOURTH_ARGUMENT 3
+
+// ============================= CEventMediatorServer =============================
+
+const TUint CEventMediatorServer::iRangeCount = 2;
+
+const TInt CEventMediatorServer::iRanges[iRangeCount] =
+ {
+ CEventMediatorSession::KEventMediatorListen,
+ CEventMediatorSession::KEventMediatorClearEventLog+1
+ };
+
+const TUint8 CEventMediatorServer::iElementIndex[iRangeCount] =
+ {
+ 0,
+ CPolicyServer::ENotSupported
+ };
+
+const CPolicyServer::TPolicyElement CEventMediatorServer::iElements[] =
+ {
+ {_INIT_SECURITY_POLICY_C1(ECapabilityNetworkControl), CPolicyServer::EFailClient},
+ };
+
+const CPolicyServer::TPolicy CEventMediatorServer::iPolicy =
+ {
+ 0, // All connect attempts are checked
+ iRangeCount, // Count of ranges
+ iRanges, // 0...9, 9...
+ iElementIndex, // Only range 1000-1008 are checked
+ iElements // The list of policy elements
+ };
+
+
+CEventMediatorServer::CEventMediatorServer(void)
+ : CPolicyServer(EPriorityNormal,iPolicy), iStoredEvents(1)
+ {
+ }
+
+CEventMediatorServer* CEventMediatorServer::NewL()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::NewL - begin\n")));
+ CEventMediatorServer* server = CEventMediatorServer::NewLC();
+ CleanupStack::Pop(); // server
+ LOG(Log::Printf(_L("CEventMediatorServer::NewL - end\n")));
+ return server;
+ }
+
+CEventMediatorServer* CEventMediatorServer::NewLC()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::NewLC - begin\n")));
+ CEventMediatorServer* server = new (ELeave) CEventMediatorServer();
+ CleanupStack::PushL(server);
+ server->ConstructL(server);
+ LOG(Log::Printf(_L("CEventMediatorServer::NewLC - end\n")));
+ return server;
+ }
+
+void CEventMediatorServer::ConstructL(CEventMediatorServer* aServer)
+ {
+ RFs fs;
+ User::LeaveIfError(fs.Connect());
+ CleanupClosePushL(fs);
+
+ fs.CreatePrivatePath(EDriveC);
+
+ TPath privateDir;
+ User::LeaveIfError(fs.PrivatePath(privateDir));
+ iEventLogFileName.Copy(privateDir);
+ iEventLogFileName.Append(KEventLogFile);
+
+ CleanupStack::PopAndDestroy(); // fs
+
+ aServer->iLogger = CEventLogger::NewL(this);
+ iSit = new (ELeave) CSit(this);
+ StartL(KEventMediatorServer);
+ }
+
+CEventMediatorServer::~CEventMediatorServer(void)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::~CEventMediatorServer\n")));
+ // Delete stored events
+ TInt nEvents = this->iStoredEvents.Count();
+ for (TInt i = 0; i < nEvents; i++)
+ {
+ delete iStoredEvents.At(i)->iData;
+ delete iStoredEvents.At(i);
+ }
+ iStoredEvents.Delete(0, iStoredEvents.Count());
+
+ // Delete log writer
+ delete iLogger;
+
+ delete iSit;
+ }
+
+// ----------------------------------------------------------------------------
+// CEventMediatorServer::StopEventMediator
+// Stops Event Mediator service if there are no sessions left.
+// ----------------------------------------------------------------------------
+//
+void CEventMediatorServer::StopEventMediator(void)
+ {
+ if (iSessionCount == 0)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::StopEventMediator - session count 0, stopping scheduler and thus the server\n")));
+ CActiveScheduler::Stop();
+ }
+ }
+
+TInt CEventMediatorServer::RunError(TInt aError)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::RunError - error = %d\n"), aError));
+ Message().Complete(aError);
+
+ // The leave will result in an early return from CServer::RunL(),
+ // skipping the call to request another message. So we issue the
+ // request here in order to keep the server running.
+ ReStart();
+
+ // Handled the error fully
+ return KErrNone;
+ }
+
+// ----------------------------------------------------------------------------
+// CEventMediatorServer::NewSessionL
+// Creates a new session and returns the handle to the session.
+// ----------------------------------------------------------------------------
+//
+CSession2* CEventMediatorServer::NewSessionL(
+ const TVersion& /*aVersion*/,
+ const RMessage2& aMessage) const
+ {
+ // New sessions are not accepted if the server is shutting down
+ // (it's just waiting for the last session (from SIT) to die)
+ if (iShuttingDown)
+ {
+ User::Leave(KErrServerTerminated);
+ }
+
+ CSession2* session = CEventMediatorSession::NewL(CONST_CAST(CEventMediatorServer*, this), aMessage);
+ return session;
+ }
+
+void CEventMediatorServer::ReportEventL(const TEventType aType, TDesC8* aSpec,
+ TDesC8* aData, TInt aStatus)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::ReportEventL - event type = %d\n"), aType));
+ TInt listenerCount = 0;
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ while (session != NULL)
+ {
+ // Some listeners listen this event with specification
+ listenerCount += session->CheckEventL(aType, aSpec, aData, aStatus);
+ // Some without specification, all events are good for them
+ if (aSpec != NULL)
+ {
+ listenerCount += session->CheckEventL(aType, NULL, aData, aStatus);
+ }
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+ if (listenerCount)
+ {
+ // Need to save the event data as it may/will be fetched later
+ TEventContainer* container = new (ELeave) TEventContainer(listenerCount, aData);
+ CleanupStack::PushL(container);
+ iStoredEvents.AppendL(container);
+ CleanupStack::Pop();
+ }
+ // Write event to log
+ if (aType == ELogEvent && iLogger)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::ReportEventL - calling iLogger->LogEvent\n")));
+ iLogger->LogEvent(*aData);
+ }
+
+ // If there are no listeners, delete data
+ if (listenerCount == 0)
+ {
+ delete aData;
+ }
+ }
+
+TInt CEventMediatorServer::CopyEventDataL(const RMessage2& aMessage)
+ {
+ TBool found = EFalse;
+ TInt i = 0;
+ TInt err = KErrNone;
+ while (!found && i < iStoredEvents.Count())
+ {
+ if (iStoredEvents.At(i)->iData == aMessage.Ptr0())
+ {
+ found = ETrue;
+ }
+ else
+ {
+ i++;
+ }
+ }
+ if (found)
+ {
+ aMessage.WriteL(SECOND_ARGUMENT, *(iStoredEvents.At(i)->iData));
+ MarkStoredEventListened(i);
+ }
+ else
+ {
+ err = KErrNotFound;
+ }
+ return err;
+ }
+
+void CEventMediatorServer::MarkStoredEventListened(TInt aIndex)
+ {
+ iStoredEvents.At(aIndex)->iListenerCount--;
+ if (iStoredEvents.At(aIndex)->iListenerCount == 0)
+ {
+ delete iStoredEvents.At(aIndex)->iData;
+ delete iStoredEvents.At(aIndex);
+ iStoredEvents.Delete(aIndex);
+ }
+ }
+
+TBool CEventMediatorServer::IsClientTheSitL(const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::IsClientTheSitL\n")));
+ TBool isClientTheSit = EFalse;
+
+ RThread clientThread;
+ User::LeaveIfError(aMessage.Client(clientThread));
+
+ if (clientThread.Id() == iSit->ThreadId())
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::IsClientTheSitL - YES\n")));
+ isClientTheSit = ETrue;
+ }
+
+ clientThread.Close();
+
+ return isClientTheSit;
+ }
+
+void CEventMediatorServer::MakeSureSitIsRunningL()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::MakeSureSitIsRunningL\n")));
+ // If the SIT has not yet been started
+ // or has died, try to start it
+ iSit->StartL();
+ }
+
+void CEventMediatorServer::SetTaskArrivalListenerL(CListenerContainer* aListener)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::SetTaskArrivalListenerL\n")));
+ if (aListener)
+ {
+ // Task arrival observation requests must
+ // come from the SIT
+ if (!IsClientTheSitL(aListener->Message()))
+ {
+ User::Leave(KErrNotSupported);
+ }
+
+ // Only one task arrival observation request
+ // is allowed to be present at the same time
+ if (iTaskArrivalListener && (aListener != iTaskArrivalListener))
+ {
+ User::Leave(KErrNotSupported);
+ }
+ }
+
+ iTaskArrivalListener = aListener;
+ }
+
+void CEventMediatorServer::ClearTaskArrivalListener()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::ClearTaskArrivalListener\n")));
+ iTaskArrivalListener = NULL;
+ }
+
+CListenerContainer* CEventMediatorServer::TaskArrivalListener()
+ {
+ return iTaskArrivalListener;
+ }
+
+void CEventMediatorServer::TaskRequestArrivedL(CListenerContainer* aTaskRequest)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::TaskRequestArrivedL\n")));
+ CompleteTaskArrivalObservationRequestL(aTaskRequest->Type(), aTaskRequest->Specification());
+ }
+
+void CEventMediatorServer::TaskArrivalObservationRequestArrivedL()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::TaskArrivalObservationRequestArrivedL\n")));
+ // Go through all pending event listening requests to see if any
+ // one of those should be passed to the SIT (i.e. if the task
+ // arrival observation request should be completed immediately)
+
+ CListenerContainer* taskRequest = FindWaitingTaskRequest();
+
+ if (taskRequest)
+ {
+ CompleteTaskArrivalObservationRequestL(taskRequest->Type(), taskRequest->Specification());
+ }
+ }
+
+void CEventMediatorServer::TaskRequestEventSpecFetchingRequestArrivedL(CListenerContainer* aFetchingRequest)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::TaskRequestEventSpecFetchingRequestArrivedL\n")));
+ TFetchTaskInfoEventSpec taskRequestInfo;
+ TPckg<TFetchTaskInfoEventSpec> taskRequestInfoDes(taskRequestInfo);
+ taskRequestInfoDes.Copy(*(aFetchingRequest->Specification()));
+
+ // Find the task request whose event specification
+ // we should return to the SIT TH
+ CListenerContainer* taskRequest = FindListener(taskRequestInfo.iEventType, taskRequestInfo.iEventSpecId);
+
+ if (taskRequest && !taskRequest->BeingFulfilled())
+ {
+ CompleteTaskRequestEventSpecFetchingRequestL(KErrNone, aFetchingRequest->Specification(),
+ taskRequest->Specification());
+ taskRequest->MarkAsBeingFulfilled();
+ }
+ else
+ {
+ CompleteTaskRequestEventSpecFetchingRequestL(KErrNotFound, aFetchingRequest->Specification(), NULL);
+ }
+ }
+
+void CEventMediatorServer::TaskCancellationObservationRequestArrivedL(CListenerContainer* aRequest)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::TaskCancellationObservationRequestArrivedL\n")));
+ // Try to find a task request event type that corresponds to the received
+ // event type. This will only succeed if the received event type is
+ // one that is used to listen to the cancellation of a task request.
+ TEventType taskRequestEventType = CSit::FindTaskRequestEventType(aRequest->Type());
+
+ // If a corresponding task request type was found...
+ if (taskRequestEventType != EUnfoundEvent)
+ {
+ // Try to find the listener container of the task request
+ CListenerContainer* taskRequest = FindListener(taskRequestEventType, aRequest->Specification());
+
+ // The listener container for the task request was not found
+ // (i.e. the task request has been cancelled or the
+ // corresponding client session has been closed), so we
+ // complete the cancellation observation request right away
+ if (taskRequest == NULL)
+ {
+ ReportEventL(aRequest->Type(), aRequest->Specification(), NULL);
+ }
+ }
+ }
+
+void CEventMediatorServer::CompleteTaskArrivalObservationRequestL(TEventType aEventType, TDesC8* aSpec)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::CompleteTaskArrivalObservationRequestL\n")));
+ if (iTaskArrivalListener)
+ {
+ // In SIT events, the event specification
+ // begins with the event specification ID
+ TEventSpec* sitEventSpec = (TEventSpec*)(aSpec->Ptr());
+
+ TTaskArrivedEventData eventData;
+ eventData.iEventType = aEventType;
+ eventData.iEventSpecId = sitEventSpec->iId;
+ TPckg<TTaskArrivedEventData> eventDataDes(eventData);
+
+ HBufC8* eventDataCopy = eventDataDes.AllocL();
+ CleanupStack::PushL(eventDataCopy);
+
+ ReportEventL(ETaskArrivedEvent, NULL, eventDataCopy);
+
+ CleanupStack::Pop(); // eventDataCopy, freed elsewhere
+ }
+ }
+
+void CEventMediatorServer::CompleteTaskRequestEventSpecFetchingRequestL(TInt aStatus, TDesC8* aEventSpec,
+ TDesC8* aTaskRequestEventSpec)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::CompleteTaskRequestEventSpecFetchingRequestL\n")));
+ // The event specification of the task request
+ // is returned to the SIT TH as event data
+ if (aTaskRequestEventSpec)
+ {
+ HBufC8* eventData = aTaskRequestEventSpec->AllocL();
+ CleanupStack::PushL(eventData);
+
+ ReportEventL(EFetchTaskInfoEvent, aEventSpec, eventData, aStatus);
+
+ CleanupStack::Pop(); // eventData, freed elsewhere
+ }
+ else
+ {
+ ReportEventL(EFetchTaskInfoEvent, aEventSpec, NULL, aStatus);
+ }
+ }
+
+CListenerContainer* CEventMediatorServer::FindWaitingTaskRequest()
+ {
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ CListenerContainer* listener = NULL;
+
+ while (session != NULL)
+ {
+ listener = session->FindWaitingTaskRequest();
+ if (listener != NULL)
+ {
+ break;
+ }
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+
+ return listener;
+ }
+
+CListenerContainer* CEventMediatorServer::FindListener(TEventType aEventType,
+ TInt aEventSpecId)
+ {
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ CListenerContainer* listener = NULL;
+
+ while (session != NULL)
+ {
+ listener = session->FindListener(aEventType, aEventSpecId);
+ if (listener != NULL)
+ {
+ break;
+ }
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+
+ return listener;
+ }
+
+CListenerContainer* CEventMediatorServer::FindListener(TEventType aEventType,
+ const TDesC8* aEventSpec)
+ {
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ CListenerContainer* listener = NULL;
+
+ while (session != NULL)
+ {
+ listener = session->FindListener(aEventType, aEventSpec);
+ if (listener != NULL)
+ {
+ break;
+ }
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+
+ return listener;
+ }
+
+void CEventMediatorServer::CompleteListener(TEventType aEventType, const TDesC8* aEventSpec, TInt aStatus)
+ {
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ while (session != NULL)
+ {
+ session->CompleteListener(aEventType, aEventSpec, aStatus);
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+ }
+
+TInt CEventMediatorServer::NormalSessionCount()
+ {
+ TInt normalSessionCount = 0;
+
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ while (session != NULL)
+ {
+ if (!(session->IsASitSession()))
+ {
+ normalSessionCount++;
+ }
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+
+ return normalSessionCount;
+ }
+
+TInt CEventMediatorServer::NewEventSpecId()
+ {
+ return ++iNextEventSpecId;
+ }
+
+TPtrC CEventMediatorServer::EventLogFileName(void)
+ {
+ TPtrC name(iEventLogFileName);
+ return name;
+ }
+
+void CEventMediatorServer::SitDied()
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::SitDied\n")));
+ CompleteTaskRequests(KErrDied);
+ }
+
+void CEventMediatorServer::CompleteTaskRequests(TInt aStatus)
+ {
+ LOG(Log::Printf(_L("CEventMediatorServer::CompleteTaskRequests\n")));
+ CEventMediatorSession* session;
+ iSessionIter.SetToFirst();
+ session = (CEventMediatorSession*) iSessionIter++;
+
+ while (session != NULL)
+ {
+ session->CompleteTaskRequests(aStatus);
+ session = (CEventMediatorSession*) iSessionIter++;
+ }
+ }
+
+void CEventMediatorServer::SetShuttingDown(TBool aShuttingDown)
+ {
+ iShuttingDown = aShuttingDown;
+ }
+
+// ============================= CEventMediatorSession =============================
+
+CEventMediatorSession* CEventMediatorSession::NewL(CEventMediatorServer* aServer, const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CEventMediatorSession::NewL - begin\n")));
+ CEventMediatorSession* self;
+ self = new (ELeave) CEventMediatorSession(aServer);
+ CleanupStack::PushL(self);
+
+ // Marks the session as a "SIT session"
+ // if the client is the SIT thread
+ self->iIsSitSession = aServer->IsClientTheSitL(aMessage);
+
+ aServer->iSessionCount++;
+
+ if ( !self->IsASitSession() )
+ {
+ User::LeaveIfError(self->iFs.Connect()); // For EventLog
+ self->iEventLogFileOpen = EFalse;
+ }
+
+ CleanupStack::Pop(); // self
+
+ LOG(Log::Printf(_L("CEventMediatorSession::NewL - end\n")));
+ return self;
+ }
+
+CEventMediatorSession::CEventMediatorSession(CEventMediatorServer* aServer)
+ : iListenedEvents(2), iServer(aServer)
+ {
+ }
+
+CEventMediatorSession::~CEventMediatorSession(void)
+ {
+ LOG(Log::Printf(_L("CEventMediatorSession::~CEventMediatorSession\n")));
+ CancelAll();
+ if (iServer)
+ {
+ TInt normalSessionCount = iServer->NormalSessionCount();
+
+ // If this too is a normal session and is dying,
+ // decrement the normal session count by one
+ if (!IsASitSession())
+ {
+ normalSessionCount--;
+
+ if (iEventLogFileOpen)
+ {
+ iEventLogFile.Close();
+ iEventLogFileOpen = EFalse;
+ }
+ iFs.Close(); // For EventLog
+
+ }
+
+ if (normalSessionCount == 0)
+ {
+ // If "normal" (non-sit) sessions are no longer present,
+ // we complete the task arrival observation request, thus
+ // causing the SIT to terminate and close its connection
+ // to this server. This should be the last connection whose
+ // closing will cause this server to terminate.
+ // NOTE. KErrCancel cannot be used here as the Event Mediator
+ // does not report it to the caller
+ LOG(Log::Printf(_L("CEventMediatorSession::~CEventMediatorSession - normal session count = 0\n")));
+ iServer->CompleteListener(ETaskArrivedEvent, NULL, KErrAbort);
+
+ // Set the server state to "shutting down". This will
+ // cause the server to discard any new connect requests
+ // with KErrServerTerminated.
+ iServer->SetShuttingDown(ETrue);
+ }
+
+ if (iServer->iSessionCount)
+ {
+ iServer->iSessionCount--;
+ }
+
+ iServer->StopEventMediator();
+ }
+ }
+
+void CEventMediatorSession::ServiceL(const RMessage2& aMessage)
+ {
+ TInt status = 0;
+
+ switch (aMessage.Function())
+ {
+ case KEventMediatorListen:
+ ListenToEventL(aMessage);
+ break;
+
+ case KEventMediatorListenWithSpec:
+ ListenToEventWithSpecL(aMessage);
+ break;
+
+ case KEventMediatorCancel:
+ CancelListening(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorCancelWithSpec:
+ CancelListeningWithSpecL(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorCancelAll:
+ CancelAll();
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorReportEvent:
+ ReportEventL(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorReportEventWithSpec:
+ ReportEventWithSpecL(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorFetchData:
+ status = FetchDataL(aMessage);
+ aMessage.Complete(status);
+ break;
+
+ case KEventMediatorReportLogEvent:
+ ReportLogEventL(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case KEventMediatorNewEventSpecId:
+ NewEventSpecIdL(aMessage);
+ aMessage.Complete(KErrNone);
+ break;
+ case KEventMediatorDeletePrivateFiles:
+ status = DeletePrivateFiles();
+ aMessage.Complete(status);
+ break;
+
+ case KEventMediatorGetEventLogSize:
+ status = GetEventLogSize(aMessage);
+ aMessage.Complete(status);
+ break;
+
+ case KEventMediatorGetEventLogHeader:
+ status = GetEventLogHeader(aMessage);
+ aMessage.Complete(status);
+ break;
+ case KEventMediatorGetEventLogData:
+ status = GetEventLogData(aMessage);
+ aMessage.Complete(status);
+ break;
+ case KEventMediatorClearEventLog:
+ status = ClearEventLog();
+ aMessage.Complete(status);
+ break;
+ default:
+ aMessage.Complete(KErrGeneral);
+ break;
+ }
+ }
+
+TInt CEventMediatorSession::ListenToEventL(const RMessage2& aMessage)
+ {
+ CListenerContainer* listener = new (ELeave) CListenerContainer(aMessage, NULL, iServer);
+ CleanupStack::PushL(listener);
+
+ iListenedEvents.AppendL(listener);
+ CleanupStack::Pop(); // listener
+
+ listener->AnalyzeRequestL();
+
+ return KErrNone;
+ }
+
+TInt CEventMediatorSession::ListenToEventWithSpecL(const RMessage2& aMessage)
+ {
+ HBufC8* specBuf = NULL;
+
+ // Read specification
+ specBuf = ReadSpecificationFromClientL(aMessage);
+ CleanupStack::PushL(specBuf);
+
+ // Ownership of specBuf is given to listener
+ CListenerContainer* listener = new (ELeave) CListenerContainer(aMessage, specBuf, iServer);
+ CleanupStack::Pop(); // specBuf
+ CleanupStack::PushL(listener);
+
+ iListenedEvents.AppendL(listener);
+ CleanupStack::Pop(); // listener
+
+ listener->AnalyzeRequestL();
+
+ return KErrNone;
+ }
+
+void CEventMediatorSession::CancelListening(const RMessage2& aMessage)
+ {
+ TInt index;
+
+ while (FindListenerMsg((TEventType)aMessage.Int0(), index))
+ {
+ CompleteListener(index, KErrCancel);
+ }
+ }
+
+void CEventMediatorSession::CancelListeningWithSpecL(const RMessage2& aMessage)
+ {
+ HBufC8* specBuf = NULL;
+ TInt index;
+
+ // Read specification
+ specBuf = ReadSpecificationFromClientL(aMessage);
+ CleanupStack::PushL(specBuf);
+
+ // Cancel listeners
+ while (FindListenerMsg((TEventType)aMessage.Int0(), specBuf, index))
+ {
+ CompleteListener(index, KErrCancel);
+ }
+ CleanupStack::PopAndDestroy(); // specBuf
+ }
+
+void CEventMediatorSession::CancelAll()
+ {
+ TInt nEvents = iListenedEvents.Count();
+ for (TInt i = 0; i < nEvents; i++)
+ {
+ iListenedEvents.At(i)->Complete(KErrCancel);
+ delete iListenedEvents.At(i);
+ iListenedEvents.At(i) = NULL;
+ }
+ iListenedEvents.Reset();
+ }
+
+void CEventMediatorSession::ReportEventL(const RMessage2& aMessage)
+ {
+ TEventType eventType = (TEventType)aMessage.Int0();
+ LOG(Log::Printf(_L("CEventMediatorSession::ReportEventL - event type = %d\n"), eventType));
+ // Read data
+ HBufC8* dataBuf = ReadEventDataFromClientL(aMessage);
+ CleanupStack::PushL(dataBuf);
+ // Report event to server
+ iServer->ReportEventL(eventType, NULL, dataBuf);
+ CleanupStack::Pop();
+ }
+
+void CEventMediatorSession::ReportEventWithSpecL(const RMessage2& aMessage)
+ {
+ TEventType eventType=(TEventType) aMessage.Int0();
+ LOG(Log::Printf(_L("CEventMediatorSession::ReportEventWithSpecL - event type = %d\n"), eventType));
+ // Read data
+ HBufC8* dataBuf = ReadEventDataFromClientL(aMessage);
+ CleanupStack::PushL(dataBuf);
+ // Read specification
+ HBufC8* specBuf = ReadSpecificationFromClientL(aMessage);
+ CleanupStack::PushL(specBuf);
+ // Report event to server
+ iServer->ReportEventL(eventType, specBuf, dataBuf);
+ CleanupStack::PopAndDestroy(); // specBuf
+ CleanupStack::Pop(); // dataBuf
+ }
+
+void CEventMediatorSession::ReportLogEventL(const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CEventMediatorSession::ReportLogEventL\n")));
+ // Read event
+ TLogEvent event;
+ TPckg<TLogEvent> eventPckg(event);
+ aMessage.ReadL(FIRST_ARGUMENT, eventPckg);
+
+ // Create one buffer to contain put everything in a normal buffer and
+ TInt lengthsDesLth = event.iDesCount * sizeof(TInt);
+ TInt position = eventPckg.Length();
+ TInt dataLength = position + lengthsDesLth + aMessage.Int2();
+ HBufC8* dataBuf = HBufC8::NewLC(dataLength);
+ TPtr8 dataPtr = dataBuf->Des();
+
+ // Copy event to buffer
+ dataPtr.Append(eventPckg);
+ // Read lengths to buffer
+ TPtr8 tmpPtr(&dataPtr[position], 0, dataLength - position);
+ aMessage.ReadL(SECOND_ARGUMENT, tmpPtr);
+ // Read descriptors to the buffer
+ position= dataPtr.Length();
+ tmpPtr.Set(&dataPtr[position], 0, dataLength - position);
+ aMessage.ReadL(THIRD_ARGUMENT, tmpPtr);
+
+ // Report event to server
+ iServer->ReportEventL(ELogEvent, NULL, dataBuf);
+ CleanupStack::Pop();
+ }
+
+TInt CEventMediatorSession::FetchDataL(const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CEventMediatorSession::FetchDataL\n")));
+ return iServer->CopyEventDataL(aMessage);
+ }
+
+TInt CEventMediatorSession::CheckEventL(const TEventType aType, const TDesC8* aSpec,
+ const TDesC8* aData, TInt aStatus)
+ {
+ TInt index;
+ TInt listenerCount = 0;
+ TInt dataLth = 0;
+ // Some events don't not have data
+ if (aData)
+ {
+ dataLth = aData->Length();
+ }
+ TPckg<TInt> lengthpckg(dataLth);
+ TPckgC<const TAny*> ptrpckg(aData);
+
+ while (FindListenerMsg(aType, aSpec, index))
+ {
+ RMessage2& listener = iListenedEvents.At(index)->Message();
+
+ if (aStatus == KErrNone)
+ {
+ // Write info about data
+ listener.WriteL(SECOND_ARGUMENT, lengthpckg);
+ listener.WriteL(THIRD_ARGUMENT, ptrpckg);
+
+ // Complete listener
+ listener.Complete(KErrNone);
+ }
+ else
+ {
+ listener.Complete(aStatus);
+ }
+
+ delete iListenedEvents.At(index);
+ iListenedEvents.Delete(index);
+ listenerCount++;
+ }
+
+ return listenerCount;
+ }
+
+TBool CEventMediatorSession::FindListenerMsg(const TEventType aType, TInt& index)
+ {
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (iListenedEvents.At(i)->Type() == aType)
+ {
+ index=i;
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+TBool CEventMediatorSession::FindListenerMsg(const TEventType aType, const TDesC8* aSpec, TInt& index)
+ {
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (iListenedEvents.At(i)->HandlesEvent(aType, aSpec))
+ {
+ index = i;
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+TBool CEventMediatorSession::FindTaskRequestListenerMsg(TInt& index)
+ {
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (CSit::EventRequiresSit(iListenedEvents.At(i)->Type()))
+ {
+ index = i;
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+HBufC8* CEventMediatorSession::ReadSpecificationFromClientL(const RMessage2& aMessage)
+ {
+ HBufC8* specBuf;
+ // Read specification descriptor length from client, create specification buffer
+ const TAny* desPtr = aMessage.Ptr3();
+ if (desPtr == NULL)
+ {
+ return NULL;
+ }
+ TInt specLength = aMessage.GetDesLength(FOURTH_ARGUMENT);
+ // Create spcification buffer
+ specBuf = HBufC8::NewLC(specLength);
+ TPtr8 ptr = specBuf->Des();
+ // Read specification
+ aMessage.ReadL(FOURTH_ARGUMENT, ptr);
+ CleanupStack::Pop(); // specBuf
+ return specBuf;
+ }
+
+HBufC8* CEventMediatorSession::ReadEventDataFromClientL(const RMessage2& aMessage)
+ {
+ HBufC8* dataBuf = NULL;
+ TInt desLength = aMessage.Int1();
+
+ if (desLength != 0) // Some events have no data
+ {
+ dataBuf = HBufC8::NewLC(desLength);
+ TPtr8 ptr = dataBuf->Des();
+ aMessage.ReadL(THIRD_ARGUMENT, ptr);
+ CleanupStack::Pop(); // dataBuf
+ }
+ return dataBuf;
+ }
+
+CListenerContainer* CEventMediatorSession::FindWaitingTaskRequest()
+ {
+ CListenerContainer* listener = NULL;
+
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (iListenedEvents.At(i)->WaitingForFulfilling())
+ {
+ listener = iListenedEvents.At(i);
+ break;
+ }
+ }
+
+ return listener;
+ }
+
+CListenerContainer* CEventMediatorSession::FindListener(TEventType aEventType,
+ TInt aEventSpecId)
+ {
+ CListenerContainer* listener = NULL;
+
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (iListenedEvents.At(i)->Type() == aEventType)
+ {
+ TEventSpec* eventSpec = (TEventSpec*)(iListenedEvents.At(i)->Specification()->Ptr());
+
+ if (eventSpec->iId == aEventSpecId)
+ {
+ listener = iListenedEvents.At(i);
+ break;
+ }
+ }
+ }
+
+ return listener;
+ }
+
+CListenerContainer* CEventMediatorSession::FindListener(TEventType aEventType,
+ const TDesC8* aEventSpec)
+ {
+ CListenerContainer* listener = NULL;
+
+ for (TInt i = 0; i < iListenedEvents.Count(); i++)
+ {
+ if (iListenedEvents.At(i)->HandlesEvent(aEventType, aEventSpec))
+ {
+ listener = iListenedEvents.At(i);
+ break;
+ }
+ }
+
+ return listener;
+ }
+
+void CEventMediatorSession::CompleteListener(TEventType aEventType,
+ const TDesC8* aEventSpec,
+ TInt aStatus)
+ {
+ TInt index;
+ while (FindListenerMsg(aEventType, aEventSpec, index))
+ {
+ CompleteListener(index, aStatus);
+ }
+ }
+
+void CEventMediatorSession::CompleteListener(TInt aIndex, TInt aStatus)
+ {
+ iListenedEvents.At(aIndex)->Complete(aStatus);
+ delete iListenedEvents.At(aIndex);
+ iListenedEvents.Delete(aIndex);
+ }
+
+void CEventMediatorSession::CompleteTaskRequests(TInt aStatus)
+ {
+ LOG(Log::Printf(_L("CEventMediatorSession::CompleteTaskRequests\n")));
+ TInt index;
+ while (FindTaskRequestListenerMsg(index))
+ {
+ CompleteListener(index, aStatus);
+ }
+ }
+
+TBool CEventMediatorSession::IsASitSession()
+ {
+ return iIsSitSession;
+ }
+
+void CEventMediatorSession::NewEventSpecIdL(const RMessage2& aMessage)
+ {
+ TInt newEventSpecId = iServer->NewEventSpecId();
+ TPckg<TInt> newEventSpecIdDes(newEventSpecId);
+ aMessage.WriteL(FIRST_ARGUMENT, newEventSpecIdDes);
+ }
+
+TInt CEventMediatorSession::DeletePrivateFiles()
+ {
+ TRAPD(err, DeletePrivateFilesL());
+ if ( err )
+ {
+ LOG(Log::Printf(_L("DeletePrivateFilesL() leave error %d\n"), err));
+ return err;
+ }
+
+ return KErrNone;
+ }
+
+void CEventMediatorSession::DeletePrivateFilesL()
+ {
+ LOG(Log::Printf(_L("DeletePrivateFilesL() called\n")));
+
+ CFileMan* fileMan = CFileMan::NewL(iFs);
+ CleanupStack::PushL(fileMan);
+
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+
+ TInt err = fileMan->RmDir(privateDir);
+ if (err != KErrNone && err != KErrPathNotFound && err != KErrNotFound)
+ {
+ User::Leave(err);
+ }
+ CleanupStack::PopAndDestroy(); //fileMan
+ }
+
+TInt CEventMediatorSession::GetEventLogSize(
+ const RMessage2& aMessage)
+ {
+ if ( iEventLogFileOpen )
+ {
+ iEventLogFile.Close();
+ iEventLogFileOpen = EFalse;
+ }
+
+ TInt err = iEventLogFile.Open(iFs, iServer->EventLogFileName(), EFileRead | EFileShareAny);
+ if ( err )
+ return err;
+
+ TInt size(0);
+ err = iEventLogFile.Size(size);
+ if ( err )
+ {
+ iEventLogFile.Close();
+ return err;
+ }
+
+ TPckg<TInt> sizePckg(size);
+ err = aMessage.Write(FIRST_ARGUMENT, sizePckg);
+ if ( err )
+ {
+ iEventLogFile.Close();
+ return err;
+ }
+
+ iEventLogFileOpen = ETrue;
+
+ return KErrNone;
+ }
+
+TInt CEventMediatorSession::GetEventLogHeader(
+ const RMessage2& aMessage)
+ {
+ TInt err(0);
+
+ if ( !iEventLogFileOpen )
+ {
+ err = iEventLogFile.Open(iFs, iServer->EventLogFileName(), EFileRead | EFileShareAny);
+ if ( err )
+ return err;
+ iEventLogFileOpen = ETrue;
+ }
+
+ TInt position = 0;
+ err = iEventLogFile.Seek(ESeekStart, position);
+ if (err != KErrNone)
+ return err;
+
+ TBuf8<EVENTLOG_FILE_HEADER_LTH> fileHeaderBuf;
+ err = iEventLogFile.Read(fileHeaderBuf, EVENTLOG_FILE_HEADER_LTH);
+ if (err != KErrNone)
+ return err;
+
+ TRAP(err, aMessage.WriteL(FIRST_ARGUMENT, fileHeaderBuf));
+ if ( err )
+ return err;
+
+ return KErrNone;
+ }
+
+TInt CEventMediatorSession::GetEventLogData(
+ const RMessage2& aMessage)
+ {
+ TInt err(0);
+
+ if ( !iEventLogFileOpen )
+ {
+ err = iEventLogFile.Open(iFs, iServer->EventLogFileName(), EFileRead | EFileShareAny);
+ if ( err )
+ return err;
+ iEventLogFileOpen = ETrue;
+ }
+
+ TInt size(0);
+ err = iEventLogFile.Size(size);
+ if ( err )
+ return err;
+
+ if ( size < EVENTLOG_FILE_HEADER_LTH )
+ return KErrNotFound;
+
+ HBufC8* eventLogFileBuf = NULL;
+ TRAP(err, eventLogFileBuf = HBufC8::NewL(size));
+ if ( err )
+ {
+ return err;
+ }
+
+ TPtr8 eventLogDataPtr(eventLogFileBuf->Des());
+ TInt position(0);
+ err = iEventLogFile.Seek(ESeekStart, position);
+ if ( err )
+ {
+ delete eventLogFileBuf;
+ return err;
+ }
+ err = iEventLogFile.Read(eventLogDataPtr); // iLogFileSize);
+ if ( err )
+ {
+ delete eventLogFileBuf;
+ return err;
+ }
+
+ TRAP( err, aMessage.WriteL(FIRST_ARGUMENT, eventLogDataPtr));
+ if ( err )
+ {
+ delete eventLogFileBuf;
+ return err;
+ }
+
+ delete eventLogFileBuf;
+ eventLogFileBuf = NULL;
+
+ return KErrNone;
+ }
+
+TInt CEventMediatorSession::ClearEventLog()
+ {
+ if ( iEventLogFileOpen )
+ {
+ iEventLogFile.Close();
+ iEventLogFileOpen = EFalse;
+ }
+
+ TInt err = iFs.Delete(iServer->EventLogFileName());
+
+ return err;
+ }
+
+
+
+// ============================= CEventMediatorServer =============================
+
+CListenerContainer::CListenerContainer(const RMessage2& aMessage, TDesC8* aSpec,
+ CEventMediatorServer* aServer)
+ : iSpec(aSpec), iMessage(aMessage), iServer(aServer)
+ {
+ iEventType = Type();
+ }
+
+void CListenerContainer::AnalyzeRequestL()
+ {
+ LOG(Log::Printf(_L("CListenerContainer::AnalyzeRequestL\n")));
+ if (CSit::EventRequiresSit(iEventType))
+ {
+ LOG(Log::Printf(_L("CListenerContainer::AnalyzeRequestL - event type = %d, requires SIT\n"), iEventType));
+ iServer->MakeSureSitIsRunningL();
+ iServer->TaskRequestArrivedL(this);
+ }
+
+ // If this event listening request is the one
+ // made by the SIT task arrival observer...
+ if (iEventType == ETaskArrivedEvent)
+ {
+ iServer->SetTaskArrivalListenerL(this);
+ iServer->TaskArrivalObservationRequestArrivedL();
+ }
+
+ // If this event listening request is one
+ // made by a SIT TH to fetch a task...
+ if (iEventType == EFetchTaskInfoEvent)
+ {
+ iServer->TaskRequestEventSpecFetchingRequestArrivedL(this);
+ }
+
+ // If the event listening request is one
+ // made by a SIT TH to listen to the cancellation
+ // of the task request it is handling
+ if (CSit::IsTaskCancellationObservationRequest(iEventType))
+ {
+ iServer->TaskCancellationObservationRequestArrivedL(this);
+ }
+ }
+
+CListenerContainer::~CListenerContainer()
+ {
+ delete iSpec;
+
+ if (iServer->TaskArrivalListener() == this)
+ {
+ iServer->ClearTaskArrivalListener();
+ }
+ }
+
+TBool CListenerContainer::HandlesEvent(TEventType aEventType, const TDesC8* aEventSpec)
+ {
+ if (iEventType == aEventType)
+ {
+ // Specs are same if both are NULL
+ if (iSpec == NULL && aEventSpec == NULL)
+ {
+ return ETrue;
+ }
+ // or data in buffers are identical
+ else if (iSpec != NULL && aEventSpec != NULL && (*iSpec) == (*aEventSpec))
+ {
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+void CListenerContainer::Complete(TInt status)
+ {
+ // If there's a SIT fulfilling this event listening
+ // request (i.e. if this is a task request) and this
+ // task request is being cancelled...
+ if (status == KErrCancel)
+ {
+ // See if we can find a task request cancellation observation
+ // event type that corresponds to this event type
+ TEventType cancelEventType = CSit::FindCancelEventType(iEventType);
+
+ if (cancelEventType != EUnfoundEvent)
+ {
+ // Complete the task request cancellation
+ // observation, if found
+ iServer->CompleteListener(cancelEventType, iSpec, KErrNone);
+ }
+ }
+
+ iMessage.Complete(status);
+ }
+
+TBool CListenerContainer::WaitingForFulfilling()
+ {
+ if (CSit::EventRequiresSit(iEventType) && !iBeingFulfilledBySit)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+
+void CListenerContainer::MarkAsBeingFulfilled()
+ {
+ iBeingFulfilledBySit = ETrue;
+ }
+
+TBool CListenerContainer::BeingFulfilled()
+ {
+ return iBeingFulfilledBySit;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediator/src/eventmediatorstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Creates and starts Event Mediator server.
+*
+*/
+
+
+
+#include "srvstarter.h"
+#include "eventmediator.h"
+
+CServer2* Starter::CreateAndStartServerL()
+ {
+ return CEventMediatorServer::NewL();
+ }
+
+TPtrC Starter::ServerName()
+ {
+ return KEventMediatorServer().Mid(0);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/BMARM/EVENTMEDAPIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,20 @@
+EXPORTS
+ __14REventMediator @ 1 NONAME R3UNUSED ; REventMediator::REventMediator(void)
+ CancelListening__14REventMediator10TEventType @ 2 NONAME R3UNUSED ; REventMediator::CancelListening(TEventType)
+ CancelListening__14REventMediator10TEventTypeR6TDesC8 @ 3 NONAME R3UNUSED ; REventMediator::CancelListening(TEventType, TDesC8 &)
+ Close__14REventMediator @ 4 NONAME R3UNUSED ; REventMediator::Close(void)
+ Connect__14REventMediator @ 5 NONAME R3UNUSED ; REventMediator::Connect(void)
+ ListenToEvent__14REventMediator10TEventTypeR14MEventObserver @ 6 NONAME R3UNUSED ; REventMediator::ListenToEvent(TEventType, MEventObserver &)
+ ListenToEvent__14REventMediator10TEventTypeR6TDesC8R14MEventObserver @ 7 NONAME ; REventMediator::ListenToEvent(TEventType, TDesC8 &, MEventObserver &)
+ ReportEvent__14REventMediator10TEventType @ 8 NONAME R3UNUSED ; REventMediator::ReportEvent(TEventType)
+ ReportEvent__14REventMediator10TEventTypeR6TDesC8 @ 9 NONAME R3UNUSED ; REventMediator::ReportEvent(TEventType, TDesC8 &)
+ ReportEvent__14REventMediator10TEventTypeR6TDesC8T2 @ 10 NONAME ; REventMediator::ReportEvent(TEventType, TDesC8 &, TDesC8 &)
+ ReportLogEvent__14REventMediatorR4TUid12TLogCategoryUiie @ 11 NONAME ; REventMediator::ReportLogEvent(TUid &, TLogCategory, unsigned int, int,...)
+ CancelAllListening__14REventMediator @ 12 NONAME R3UNUSED ; REventMediator::CancelAllListening(void)
+ NewEventSpecId__14REventMediator @ 13 NONAME R3UNUSED ; REventMediator::NewEventSpecId(void)
+ ClearEventLog__14REventMediator @ 14 NONAME R3UNUSED ; REventMediator::ClearEventLog(void)
+ DeletePrivateFiles__14REventMediator @ 15 NONAME R3UNUSED ; REventMediator::DeletePrivateFiles(void)
+ GetEventLogData__14REventMediatorR5TDes8 @ 16 NONAME R3UNUSED ; REventMediator::GetEventLogData(TDes8 &)
+ GetEventLogHeader__14REventMediatorR5TDes8 @ 17 NONAME R3UNUSED ; REventMediator::GetEventLogHeader(TDes8 &)
+ GetEventLogSize__14REventMediatorRi @ 18 NONAME R3UNUSED ; REventMediator::GetEventLogSize(int &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/BWINS/EVENTMEDAPIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,20 @@
+EXPORTS
+ ??0REventMediator@@QAE@XZ @ 1 NONAME ; REventMediator::REventMediator(void)
+ ?CancelAllListening@REventMediator@@QAEXXZ @ 2 NONAME ; void REventMediator::CancelAllListening(void)
+ ?CancelListening@REventMediator@@QAEHW4TEventType@@AAVTDesC8@@@Z @ 3 NONAME ; int REventMediator::CancelListening(enum TEventType, class TDesC8 &)
+ ?CancelListening@REventMediator@@QAEXW4TEventType@@@Z @ 4 NONAME ; void REventMediator::CancelListening(enum TEventType)
+ ?Close@REventMediator@@QAEXXZ @ 5 NONAME ; void REventMediator::Close(void)
+ ?Connect@REventMediator@@QAEHXZ @ 6 NONAME ; int REventMediator::Connect(void)
+ ?ListenToEvent@REventMediator@@QAEXW4TEventType@@AAVMEventObserver@@@Z @ 7 NONAME ; void REventMediator::ListenToEvent(enum TEventType, class MEventObserver &)
+ ?ListenToEvent@REventMediator@@QAEXW4TEventType@@AAVTDesC8@@AAVMEventObserver@@@Z @ 8 NONAME ; void REventMediator::ListenToEvent(enum TEventType, class TDesC8 &, class MEventObserver &)
+ ?NewEventSpecId@REventMediator@@QAEHXZ @ 9 NONAME ; int REventMediator::NewEventSpecId(void)
+ ?ReportEvent@REventMediator@@QAEHW4TEventType@@@Z @ 10 NONAME ; int REventMediator::ReportEvent(enum TEventType)
+ ?ReportEvent@REventMediator@@QAEHW4TEventType@@AAVTDesC8@@1@Z @ 11 NONAME ; int REventMediator::ReportEvent(enum TEventType, class TDesC8 &, class TDesC8 &)
+ ?ReportEvent@REventMediator@@QAEHW4TEventType@@AAVTDesC8@@@Z @ 12 NONAME ; int REventMediator::ReportEvent(enum TEventType, class TDesC8 &)
+ ?ReportLogEvent@REventMediator@@QAAHAAVTUid@@W4TLogCategory@@IHZZ @ 13 NONAME ; int REventMediator::ReportLogEvent(class TUid &, enum TLogCategory, unsigned int, int, ...)
+ ?ClearEventLog@REventMediator@@QAEHXZ @ 14 NONAME ; int REventMediator::ClearEventLog(void)
+ ?DeletePrivateFiles@REventMediator@@QAEHXZ @ 15 NONAME ; int REventMediator::DeletePrivateFiles(void)
+ ?GetEventLogData@REventMediator@@QAEHAAVTDes8@@@Z @ 16 NONAME ; int REventMediator::GetEventLogData(class TDes8 &)
+ ?GetEventLogHeader@REventMediator@@QAEHAAVTDes8@@@Z @ 17 NONAME ; int REventMediator::GetEventLogHeader(class TDes8 &)
+ ?GetEventLogSize@REventMediator@@QAEHAAH@Z @ 18 NONAME ; int REventMediator::GetEventLogSize(int &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/EABI/eventmedapiU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,21 @@
+EXPORTS
+ _ZN14REventMediator11ReportEventE10TEventType @ 1 NONAME
+ _ZN14REventMediator11ReportEventE10TEventTypeR6TDesC8 @ 2 NONAME
+ _ZN14REventMediator11ReportEventE10TEventTypeR6TDesC8S2_ @ 3 NONAME
+ _ZN14REventMediator13ListenToEventE10TEventTypeR14MEventObserver @ 4 NONAME
+ _ZN14REventMediator13ListenToEventE10TEventTypeR6TDesC8R14MEventObserver @ 5 NONAME
+ _ZN14REventMediator14NewEventSpecIdEv @ 6 NONAME
+ _ZN14REventMediator14ReportLogEventER4TUid12TLogCategoryjiz @ 7 NONAME
+ _ZN14REventMediator15CancelListeningE10TEventType @ 8 NONAME
+ _ZN14REventMediator15CancelListeningE10TEventTypeR6TDesC8 @ 9 NONAME
+ _ZN14REventMediator18CancelAllListeningEv @ 10 NONAME
+ _ZN14REventMediator5CloseEv @ 11 NONAME
+ _ZN14REventMediator7ConnectEv @ 12 NONAME
+ _ZN14REventMediatorC1Ev @ 13 NONAME
+ _ZN14REventMediatorC2Ev @ 14 NONAME
+ _ZN14REventMediator13ClearEventLogEv @ 15 NONAME
+ _ZN14REventMediator15GetEventLogDataER5TDes8 @ 16 NONAME
+ _ZN14REventMediator15GetEventLogSizeERi @ 17 NONAME
+ _ZN14REventMediator17GetEventLogHeaderER5TDes8 @ 18 NONAME
+ _ZN14REventMediator18DeletePrivateFilesEv @ 19 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+
+
+eventmediatorapi.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/group/eventmediatorapi.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,45 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project eventmedapi
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET eventmedapi.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x101FD289
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE EventMediatorAPI.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE clistatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../eventmediator/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../sit/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/inc/eventdefssit.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,235 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event definitions for SIT
+*
+*/
+
+
+
+#ifndef EVENTDEFSSIT_H
+#define EVENTDEFSSIT_H
+
+/*
+ * The following event types are "SIT events". When a client
+ * makes a SIT event listening request, the Event Mediator
+ * uses the SIT to fulfill the request.
+ *
+ * When the SIT completes the task that is needed to fulfill
+ * a certain SIT event listening request, the SIT reports an
+ * event to the Event Mediator. The event report contains
+ * event data that the Event Mediator passes further to the
+ * listeners of the SIT event.
+ *
+ * EGetProtocolVersionEvent
+ * Event specification: VPN policy ID
+ * Event data: Status of the task
+ * Protocol type enumeration
+ *
+ * EStartVpnConnEvent
+ * Event specification: VPN IAP ID
+ * VPN network ID
+ * Real IAP ID
+ * Real network ID
+ * VPN policy ID
+ * VPN NIF name
+ * Event data: Status of the task
+ * IKE policy handle
+ * IPSec policy handle
+ * VPN internal address information
+ *
+ * ECloseVpnConnEvent
+ * Event specification: IKE policy handle
+ * IPSec policy handle
+ * Event data: Status of the task
+ *
+ * EStartRealIapConnEvent
+ * Event specification: Real IAP ID
+ * Real network ID
+ * Event data: Status of the task
+ *
+ * EObserveRealIapConnEvent
+ * Event specification: Real IAP ID
+ * Real network ID
+ * Event data: Status of the task
+ * Real IAP connection event
+ *
+ * The following event types are SIT related event types that are
+ * used by the SIT for fetching task related information from the
+ * Event Mediator. These event types are meant only for internal
+ * use between the SIT and the Event Mediator.
+ *
+ * ETaskArrivedEvent
+ * Event specification: -
+ * Event data: Event type of the task request
+ * that requires fulfilling
+ * Event specification ID of the task
+ * request that requires fulfilling
+ *
+ * EFetchTaskInfoEvent
+ * Event specification: Event type of the task request
+ * that requires fulfilling
+ * Event specification ID of the task
+ * request that requires fulfilling
+ * Event data: One of the event specifications
+ * listed below (depends on the event
+ * type)
+ *
+ */
+
+/**
+ * Protocol version information used with EGetProtocolVersionEvent
+ */
+enum TProtocolVersion
+ {
+ EVersionUnknown = 0,
+ EVersionIp,
+ EVersionIp6
+ };
+
+/**
+ *
+ * Enumeration of deactivation types.
+ *
+ */
+enum TDeactivateType
+ {
+ EDeactivateNormal = 0,
+ EDeactivateForced
+ };
+
+
+/**
+ * Event specification for EGetProtocolVersionEvent and
+ * EGetProtocolVersionCancelEvent
+ */
+class TGetProtocolVersionEventSpec : public TEventSpec
+ {
+public:
+ inline TGetProtocolVersionEventSpec() : TEventSpec()
+ {
+ iPolicyId.Zero();
+ }
+ TVpnPolicyId iPolicyId;
+ };
+
+/**
+ * Event data for EGetProtocolVersionEvent
+ */
+class TGetProtocolVersionEventData : public TEventData
+ {
+public:
+ inline TGetProtocolVersionEventData() : TEventData(), iProtocolVersion(EVersionUnknown)
+ {}
+ TProtocolVersion iProtocolVersion;
+ };
+
+/**
+ * Event specification for EStartVpnConnEvent and EStartVpnConnCancelEvent
+ */
+class TStartVpnConnEventSpec : public TEventSpec
+ {
+public:
+ inline TStartVpnConnEventSpec() : TEventSpec()
+ {
+ iPolicyId.Zero();
+ }
+ TRealConfig iIfInfo;
+ TVpnPolicyId iPolicyId;
+ };
+
+/**
+ * Event data for EStartVpnConnEvent
+ */
+class TStartVpnConnEventData : public TEventData
+ {
+public:
+ inline TStartVpnConnEventData() : TEventData()
+ {
+ iIkePolicyHandle.iHandle = 0;
+ iIpsecPolicyHandle.iHandle = 0;
+ }
+ TPolicyHandle iIkePolicyHandle;
+ TPolicyHandle iIpsecPolicyHandle;
+ TVPNAddress iVpnAddressInfo;
+ TUint32 iIapId;
+ TUint32 iNetId;
+ };
+
+/**
+ * Event specification for ECloseVpnConnEvent and ECloseVpnConnCancelEvent
+ */
+class TCloseVpnConnEventSpec : public TEventSpec
+ {
+public:
+ inline TCloseVpnConnEventSpec()
+ :TEventSpec(),
+ iDeactivateType(EDeactivateNormal),
+ iVpnIapId(0),
+ iRealIapId(0)
+ {
+ iIkePolicyHandle.iHandle = 0;
+ iIpsecPolicyHandle.iHandle = 0;
+ }
+ TPolicyHandle iIkePolicyHandle;
+ TPolicyHandle iIpsecPolicyHandle;
+ TDeactivateType iDeactivateType;
+ TUint32 iVpnIapId;
+ TUint32 iRealIapId;
+ };
+
+/**
+ * Event data for ECloseVpnConnEvent
+ */
+typedef TEventData TCloseVpnConnEventData;
+
+/**
+ * Event specification for EStartRealIapConnEvent and
+ * EStartRealIapConnCancelEvent
+ */
+class TStartRealIapConnEventSpec : public TEventSpec
+ {
+public:
+ inline TStartRealIapConnEventSpec()
+ :TEventSpec(), iRealIapConnInfo(), iVpnIapId(0), iRealIapId(0)
+ {}
+ TConnectionInfo iRealIapConnInfo;
+ TUint32 iVpnIapId;
+ TUint32 iRealIapId;
+ };
+
+/**
+ * Event data for EStartRealIapConnEvent
+ */
+typedef TEventData TStartRealIapConnEventData;
+
+/**
+ * Event specification for EObserveRealIapConnEvent and
+ * EObserveRealIapConnCancelEvent
+ */
+typedef TStartRealIapConnEventSpec TObserveRealIapConnEventSpec;
+
+/**
+ * Event data for EObserveRealIapConnEvent
+ */
+class TObserveRealIapConnEventData : public TEventData
+ {
+public:
+ inline TObserveRealIapConnEventData()
+ : TEventData(), iInterfaceState(ESingleInterfaceStateUnknown)
+ {}
+ TSingleConnInterfaceState iInterfaceState;
+ };
+
+
+#endif // EVENTDEFSSIT_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/inc/eventmediatorapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,447 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines the API to get services from EventMediator.
+*
+*/
+
+
+
+/**
+ * @file eventmediatorapi.h
+ *
+ * This module defines the API to get services from EventMediator.
+ *
+ */
+
+#ifndef __EVENTMEDIATOR_API_H__
+#define __EVENTMEDIATOR_API_H__
+
+#include <es_enum.h>
+#include "vpnapidefs.h"
+#include "vpnmandefs.h"
+
+#define EVENTLOG_FILE_HEADER_LTH 16
+
+/**
+ *
+ * Enumeration of supported events types.
+ *
+ */
+enum TEventType
+ {
+ EUnfoundEvent,
+ ETestEvent,
+ ESystemEvents = 10000,
+ EAllInterfaceEvents,
+ ESingleInterfaceEvent,
+ ELogEvent,
+ EKmdAddressChangeEvent,
+ EKmdCertificateChangeEvent,
+ EKmdRealIapConnDownEvent,
+ // SIT events
+ EGetProtocolVersionEvent = 20000,
+ EStartVpnConnEvent,
+ ECloseVpnConnEvent,
+ EStartRealIapConnEvent,
+ EObserveRealIapConnEvent,
+ // Internal use only
+ ETaskArrivedEvent = 30000,
+ EFetchTaskInfoEvent,
+ EGetProtocolVersionCancelEvent,
+ EStartVpnConnCancelEvent,
+ ECloseVpnConnCancelEvent,
+ EStartRealIapConnCancelEvent,
+ EObserveRealIapConnCancelEvent,
+ EProgressEvent
+ };
+
+/**
+ *
+ * Enumeration of log event categories.
+ *
+ */
+enum TLogCategory
+ {
+ EInfo,
+ EWarning,
+ EError,
+ EDebug
+ };
+
+/**
+ * The following definitions are used with TEventType
+ * ESingleInterfaceEvent and EObserveRealIapConnEvent
+ */
+
+enum TSingleConnInterfaceState
+ {
+ ESingleInterfaceStateUnknown = -1,
+ ESingleInterfaceUp,
+ ESingleInterfaceDown,
+ ESingleInterfaceTerminated, // Authoritative stop
+ };
+
+class TSingleInterfaceNotification
+ {
+public:
+ TConnectionInfo iConnectionInfo;
+ TSingleConnInterfaceState iState;
+ };
+
+typedef TPckgBuf<TSingleInterfaceNotification> TSingleInterfaceNotificationBuf;
+
+/**
+ * Generic event data definition
+ */
+class TEventSpec
+ {
+public:
+ inline TEventSpec() : iId(0) {}
+ TInt iId;
+ };
+
+/**
+ * Generic event data definition
+ */
+class TEventData
+ {
+public:
+ inline TEventData() : iTaskStatus(KErrNone) {}
+ TInt iTaskStatus;
+ };
+
+/**
+ * Used by SIT to get informed about new tasks.
+ */
+class TTaskArrivedEventData
+ {
+public:
+ inline TTaskArrivedEventData()
+ :iEventType(EUnfoundEvent), iEventSpecId(0)
+ {}
+ TEventType iEventType;
+ TInt iEventSpecId;
+ };
+
+/**
+ * Used by SIT to fetch the event specification of a new task.
+ */
+typedef TTaskArrivedEventData TFetchTaskInfoEventSpec;
+
+/**
+ *
+ * MEventObserver - This class must be implemented to use ListenToEvent of EventMediatorApi
+ *
+ */
+class MEventObserver
+ {
+public:
+ /**
+ * Called by REventMediator when a listened event has been reported.
+ * @param aStatus: error code, KErrNone if successfull.
+ * @param aType: the type of the event.
+ * @param aData: a pointer to a descriptor containing reported data about the event.
+ * aData pointer is valid only during the execution of EventOccured.
+ * A copy of the descriptor must be made to store the data for later use.
+ */
+ virtual void EventOccured(TInt aStatus, TEventType aType, TDesC8* aData)=0;
+ };
+
+class CEventListener;
+
+/**
+ *
+ * REventMediator - API class for EventMediator
+ *
+ */
+class REventMediator:public RSessionBase
+ {
+/**
+ ** @internalComponent
+ */
+ friend class CEventListener;
+public:
+ /**
+ * Default constructor
+ */
+ IMPORT_C REventMediator(void);
+
+ /**
+ * Creates session to the EventMediator server. If server is
+ * not running, it is started.
+ */
+ IMPORT_C TInt Connect();
+
+ /**
+ * Closes the session to the VPN Manager.
+ */
+ IMPORT_C void Close();
+
+ /**
+ * Sends asynchronous event notification request.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ * @param aObserver: object whose EventOccured method is called when an event
+ * of type aType has been reported.
+ */
+ IMPORT_C void ListenToEvent(TEventType aType, MEventObserver& aObserver);
+
+ /**
+ * Sends asynchronous event notification request.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ * @param aEventSpec: specific info on listened event.
+ * @param aObserver: object whose EventOccured method is called when an event
+ * of type aType has been reported.
+ */
+ IMPORT_C void ListenToEvent(TEventType aType, TDesC8& aEventSpec, MEventObserver& aObserver);
+
+ /**
+ * Cancels all ListenToEvent requests concerning this event type.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ */
+ IMPORT_C void CancelListening(TEventType aType);
+
+ /**
+ * Cancels ListenToEvent request geiven with a specification.
+ * Notice that this may fail.
+ * Called after Connect() request.
+ * @param aEventSpec: specific info on listened event.
+ * @param aType: the type of the event.
+ * @return error code, KErrNone if successfull.
+ */
+ IMPORT_C TInt CancelListening(TEventType aType, TDesC8& aEventSpec);
+
+ /**
+ * Cancels all asynchronous ListenToEvent requests.
+ * Called after Connect() request.
+ */
+ IMPORT_C void CancelAllListening();
+
+ /**
+ * Sends synchronous request to report an event.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ * @param aData: a descriptor containing data about the event.
+ * @return error code, KErrNone if successfull.
+ */
+ IMPORT_C TInt ReportEvent(TEventType aType);
+
+ /**
+ * Sends synchronous request to report an event.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ * @param aData: a descriptor containing data about the event.
+ * @return error code, KErrNone if successfull.
+ */
+ IMPORT_C TInt ReportEvent(TEventType aType, TDesC8& aData);
+
+ /**
+ * Sends synchronous request to report an event.
+ * Called after Connect() request.
+ * @param aType: the type of the event.
+ * @param aEventSpec: specific info on listened event.
+ * @param aData: a descriptor containing data about the event.
+ * @return error code, KErrNone if successfull.
+ */
+ IMPORT_C TInt ReportEvent(TEventType aType, TDesC8& aEventSpec, TDesC8& aData);
+
+ /**
+ * Sends synchronous request to report an event.
+ * Called after Connect() request.
+ * @param aTSrc: source of the event.
+ * @param aCategory: category of the log event.
+ * @param aMsgId: Id of the log message.
+ * @param aDesCount: number of additional arguments (which must be of type TDesC8*).
+ * @return error code, KErrNone if successfull.
+ */
+ IMPORT_C TInt ReportLogEvent(TUid& aSrc, TLogCategory aCategory, TUint aMsgId,TInt aDesCount,...);
+
+ /**
+ * Returns a new event specification
+ * ID to be used with SIT related events.
+ */
+ IMPORT_C TInt NewEventSpecId();
+
+ /**
+ * Requests the Event Mediator to delete the files it owns.
+ */
+ IMPORT_C TInt DeletePrivateFiles();
+
+ IMPORT_C TInt GetEventLogSize(TInt& aEventLogSize);
+
+ IMPORT_C TInt GetEventLogHeader(TDes8& aEventLogHeader);
+
+ IMPORT_C TInt GetEventLogData(TDes8& aEventLogData);
+
+ IMPORT_C TInt ClearEventLog();
+
+ /**
+ * Sends a request to cancel all ListenToEvent requests concerning this
+ * event type.
+ * @param aType: the type of the event.
+ */
+ void CancelListenToEvent(TEventType aType);
+
+ /**
+ * Sends a request to cancel all ListenToEvent requests with a given
+ * specification.
+ * @param aEventSpec: specific info on listened event.
+ * @param aType: the type of the event.
+ * @return error code, KErrNone if successfull.
+ */
+ TInt CancelListenToEvent(TEventType aType, TDesC8& aEventSpec);
+
+private:
+ void CreateListenedEventsListL();
+
+ /**
+ * Sends synchronous request to get data repeorted with an event.
+ * Called after Connect() request.
+ * @param aSrvPtr: pointer to the data in the servers address space.
+ * The server checks whether this pointer is valid before using it.
+ * @param aData: a descriptor to which the datais written.
+ * @return Error status
+ */
+ TInt FetchData(TAny* aSrvPtr, TDes8& aDataDecriptor);
+
+ /**
+ * Called by ListenToEvent function.
+ * Creates a new instance of CEventListener to receive notification about the event.
+ * Adds thsi object to iListenedEvents.
+ * @param aType: the type of the event.
+ * @param aObserver: object whose EventOccured function is called when event is received.
+ * @return the new listener.
+ */
+ CEventListener* NewEventListenerL(TEventType aType, MEventObserver& aObserver);
+
+ /**
+ * Deletes listener created with NewEventListener
+ * @param aType: the type of the event.
+ */
+ void RemoveListener(CEventListener* aListener);
+
+ /**
+ * Creates EventMediator.
+ */
+ TInt StartEventMediator();
+
+ /**
+ * Looks up a listener from iListenedEvents.
+ * @param aType: type of the event the listener is waiting for.
+ * @param aIndex: the position of the listener in iListenedEvents.
+ * @return ETrue if listener exists, EFalse if not.
+ */
+ TBool FindEventListener(const TEventType aType, TInt& aIndex);
+
+ /**
+ * Looks up a listener from iListenedEvents.
+ * @param aType: type of the event the listener is waiting for.
+ * @param aEventSpec event specification
+ * @param aIndex: the position of the listener in iListenedEvents.
+ * @return ETrue if listener exists, EFalse if not.
+ */
+ TBool FindEventListener(const TEventType aType, TDesC8& aEventSpec, TInt& aIndex);
+
+ /**
+ * Reads the variable arguments of ReportLogEvent.
+ * @param aCount: Number of arguments.
+ * @param aList: list of arguments.
+ * @param aPointers: array to be filled with argument pointers.
+ * @param aLengths: array to be filled with argument lengths.
+ * @param aOverAllLength: sum of argument lengths
+ * @return error code, KErrNone if successfull.
+ */
+ TInt ReadLogArguments(TInt aCount, VA_LIST aList,TDesC8** aPointers, TInt* aLengths, TInt& aOverAllLength);
+
+private: //Data
+ // list of listeners created with function NewEventListener
+ CArrayFixFlat<CEventListener*>* iListenedEvents;
+ TInt64 iRandSeed;
+ };
+
+/**
+ *
+ * CEventListener - A class used by REventListener to Store information about the listened events.
+ *
+ */
+NONSHARABLE_CLASS(CEventListener) : public CActive
+ {
+/**
+ ** @internalComponent
+ */
+ friend class REventMediator;
+ enum TListenerState { EStateListening = 0, EStateFetchingData};
+public:
+ /**
+ * standard deconstructor
+ */
+ ~CEventListener();
+private:
+ /**
+ * Constructor.
+ * @param aType: type of the event that is listened.
+ * @param aObserver: object whose EventOccured is called when event has occured.
+ * @param aSession: pointer to the owning REventMediator object.
+ */
+ CEventListener(TEventType aType, MEventObserver& aObserver, REventMediator* aSession);
+
+ /**
+ * Implement RunL of class CActive.
+ */
+ void RunL();
+
+ /**
+ * Handles the completion of event listening request
+ */
+ void HandleListeningComplete();
+
+ /**
+ * Handles the completion of event data fetching request
+ * @param Error status
+ */
+ void HandleFetchingComplete(TInt aError);
+
+ /**
+ * Implements DoCancel of class CActive.
+ */
+ void DoCancel();
+
+private: //data
+ // buffer to receive the length of the data descriptor of an reported event.
+ TPckgBuf<TInt> iDataLengthPckg;
+ // buffer to receive the pointer to the data descriptor in servers address space.
+ TPckgBuf<TAny*> iSrvDataPtrPckg;
+ // type of the event that is listened.
+ TEventType iType;
+ // the observer given in constructor.
+ MEventObserver& iObserver;
+ // the session given in constructor
+ REventMediator* iSession;
+
+ // possible extra specifications on listened events
+ HBufC8* iSpecBuf;
+
+ // Event data
+ HBufC8* iDataBuf;
+
+ // Event data as a modifiable descriptor
+ TPtr8 iDataPtr;
+
+ // Internal state
+ TListenerState iState;
+ };
+
+#endif // __EVENTMEDIATOR_API_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/inc/log.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_H__)
+#define __LOG_H__
+
+_LIT(KLogFile,"eventmedapi.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/rom/eventmediatorapi.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project eventmediatorapi
+*
+*/
+
+
+
+#ifndef __EVENTMEDIATORAPI_IBY__
+#define __EVENTMEDIATORAPI_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature EVENTMEDIATORAPI not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\eventmedapi.dll SHARED_LIB_DIR\eventmedapi.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __EVENTMEDIATORAPI_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventmediatorapi/src/EventMediatorAPI.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,505 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines the API to EventMediator.
+*
+*/
+
+
+#include <e32std.h>
+#include "eventmediator.h"
+#include "eventmediatorapi.h"
+#include "eventlogger.h"
+#include "clistatic.h"
+#include "log.h"
+
+/**---------------------------------------------------------
+ *
+ * REventMediator class constructor
+ *
+ *----------------------------------------------------------*/
+EXPORT_C REventMediator::REventMediator() : iListenedEvents(NULL)
+ {
+ }
+
+/**---------------------------------------------------------
+ *
+ * Connect()
+ *
+ * Opens a session to EventMediator server and starts the server if it
+ * not yet started
+ *
+ * Returns: KErrNone: OK
+ * value: error
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt REventMediator::Connect(void)
+ {
+ TInt ret = KErrNone;
+ TRAP(ret, CreateListenedEventsListL());
+ if (ret != KErrNone)
+ {
+ return ret;
+ }
+
+ TInt retry=2;
+ for (;;)
+ {
+ TInt r=CreateSession(KEventMediatorServer,
+ TVersion(KEventMediatorMajorVersionNumber,
+ KEventMediatorMinorVersionNumber,
+ KEventMediatorBuildVersionNumber),
+ 2 * KDefaultMessageSlots);
+
+ if (r!=KErrNotFound && r!=KErrServerTerminated)
+ return r;
+ if (--retry==0)
+ return r;
+ r = Launcher::LaunchServer(KEventMediatorServer, KEventMediatorFile,
+ KEventMediatorUid3);
+
+ if (r!=KErrNone && r!=KErrAlreadyExists)
+ return r;
+ }
+ }
+
+void REventMediator::CreateListenedEventsListL()
+ {
+ iListenedEvents = new (ELeave) CArrayFixFlat<CEventListener*>(1);
+ }
+
+// ---------------------------------------------------------------------------
+// Closes a session to EventMediator server
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void REventMediator::Close()
+ {
+ if ( iListenedEvents )
+ {
+ TInt nEvents( iListenedEvents->Count() );
+ for (TInt i = 0; i < nEvents; i++)
+ delete iListenedEvents->At(i);
+ iListenedEvents->Delete(0,iListenedEvents->Count());
+ delete iListenedEvents;
+ iListenedEvents = NULL;
+ }
+ RSessionBase::Close();
+ }
+
+EXPORT_C void REventMediator::ListenToEvent(TEventType aType, MEventObserver& aObserver)
+ {
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, MEventObserver& aObserver)\n")));
+
+ TInt status=KErrNone;
+ CEventListener* listener=NULL;
+ TRAP(status, listener=NewEventListenerL(aType,aObserver);)
+
+ if(status==KErrNone)
+ {
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, MEventObserver& aObserver) - calling SendReceive\n")));
+
+ SendReceive(CEventMediatorSession::KEventMediatorListen,
+ TIpcArgs(aType,
+ &(listener->iDataLengthPckg),
+ &(listener->iSrvDataPtrPckg)),
+ listener->iStatus);
+
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, MEventObserver& aObserver) - SendReceive called\n")));
+
+ listener->SetActive();
+ }
+ else
+ aObserver.EventOccured(status, aType, NULL);
+ }
+
+EXPORT_C void REventMediator::ListenToEvent(TEventType aType, TDesC8& aEventSpec, MEventObserver& aObserver)
+ {
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, TDesC8& aEventSpec, MEventObserver& aObserver)\n")));
+
+ TInt status=KErrNone;
+ CEventListener* listener=NULL;
+ TRAP(status, listener=NewEventListenerL(aType,aObserver);)
+
+ if(status==KErrNone)
+ {
+ listener->iSpecBuf = aEventSpec.Alloc();
+ if (listener->iSpecBuf==NULL)
+ status = KErrNoMemory;
+ }
+
+ if(status==KErrNone)
+ {
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, TDesC8& aEventSpec, MEventObserver& aObserver) - calling SendReceive\n")));
+
+ SendReceive(CEventMediatorSession::KEventMediatorListenWithSpec,
+ TIpcArgs(aType,
+ &(listener->iDataLengthPckg),
+ &(listener->iSrvDataPtrPckg),
+ listener->iSpecBuf),
+ listener->iStatus);
+
+ LOG(Log::Printf(_L("REventMediator::ListenToEvent(TEventType aType, TDesC8& aEventSpec, MEventObserver& aObserver) - SendReceive called\n")));
+
+ listener->SetActive();
+ }
+ else
+ aObserver.EventOccured(status, aType, NULL);
+ }
+
+EXPORT_C void REventMediator::CancelListening(TEventType aType)
+ {
+ LOG(Log::Printf(_L("REventMediator::CancelListening(TEventType aType)\n")));
+
+ TInt index = -1;
+ while ( FindEventListener( aType, index ) )
+ {
+ CEventListener* listener = iListenedEvents->At( index );
+ listener->Cancel();
+ RemoveListener( listener );
+ }
+ }
+
+EXPORT_C TInt REventMediator::CancelListening(TEventType aType, TDesC8& aEventSpec)
+ {
+ LOG(Log::Printf(_L("REventMediator::CancelListening(TEventType aType, TDesC8& aEventSpec)\n")));
+
+ TInt index = -1;
+ while ( FindEventListener( aType, aEventSpec, index ) )
+ {
+ CEventListener* listener = iListenedEvents->At( index );
+ listener->Cancel();
+ RemoveListener( listener );
+ }
+
+ return KErrNone;
+ }
+
+EXPORT_C void REventMediator::CancelAllListening()
+ {
+ LOG(Log::Printf(_L("REventMediator::CancelAllListening()\n")));
+
+ while ( iListenedEvents->Count() )
+ {
+ CEventListener* listener = iListenedEvents->At( 0 );
+ listener->Cancel();
+ RemoveListener( listener );
+ }
+ }
+
+EXPORT_C TInt REventMediator::ReportEvent(TEventType aType)
+ {
+ return SendReceive(CEventMediatorSession::KEventMediatorReportEvent, TIpcArgs(aType, 0, NULL));
+ }
+
+EXPORT_C TInt REventMediator::ReportEvent(TEventType aType, TDesC8& aData)
+ {
+ return SendReceive(CEventMediatorSession::KEventMediatorReportEvent, TIpcArgs(aType, aData.Length(), &aData));
+ }
+
+EXPORT_C TInt REventMediator::ReportEvent(TEventType aType, TDesC8& aEventSpec, TDesC8& aData)
+ {
+ return SendReceive(CEventMediatorSession::KEventMediatorReportEventWithSpec, TIpcArgs(aType, aData.Length(), &aData, &aEventSpec));
+ }
+
+EXPORT_C TInt REventMediator::ReportLogEvent(TUid& aSrc, TLogCategory aCategory, TUint aMsgId, TInt aDesCount,...)
+ {
+ VA_LIST list;
+ TInt err;
+ TLogEvent event(aSrc, aCategory, aMsgId,aDesCount);
+ TPckg<TLogEvent> eventPckg(event);
+ HBufC8* desBuf=NULL;
+ TInt desBufLength;
+ // alloc array for descripor pointers
+ TDesC8** pointers = new TDesC8*[aDesCount];
+ TInt* lengths = new TInt[aDesCount];
+ TInt lengthsDesLth = aDesCount*sizeof(TInt); // length of a descriptor containing lengths array.
+
+ // read arguments to array
+ VA_START(list, aDesCount);
+ err = ReadLogArguments( aDesCount, list, pointers,lengths, desBufLength);
+ VA_END(list);
+
+ if(err==KErrNone)
+ {
+ // Read arguments to one descriptor
+ desBuf = HBufC8::New(eventPckg.Length()+lengthsDesLth+desBufLength);
+ if(desBuf==NULL)
+ err=KErrNoMemory;
+ else
+ {
+ TPtr8 desPtr= desBuf->Des();
+ desPtr.Append(eventPckg);
+ desPtr.Append((TUint8*)lengths,lengthsDesLth);
+ for(TInt i=0; i < aDesCount; i++)
+ {
+ desPtr.Append(*(pointers[i]));
+ TInt fillerLth = 4 -(lengths[i] % 4);
+ TChar filler(0);
+ if (fillerLth > 0 && fillerLth < 4)
+ {
+ desPtr.AppendFill(filler , fillerLth);
+ }
+ }
+ err=ReportEvent(ELogEvent,desPtr);
+ }
+ }
+ delete[] pointers;
+ delete[] lengths;
+ delete desBuf;
+ return err;
+ }
+
+EXPORT_C TInt REventMediator::NewEventSpecId()
+ {
+ TInt specId = 0;
+ TPckg<TInt> specIdDes(specId);
+
+ SendReceive(CEventMediatorSession::KEventMediatorNewEventSpecId, TIpcArgs(&specIdDes));
+
+ return specId;
+ }
+
+void REventMediator::CancelListenToEvent(TEventType aType)
+ {
+ LOG(Log::Printf(_L("REventMediator::CancelListenToEvent(TEventType aType)\n")));
+
+ SendReceive(CEventMediatorSession::KEventMediatorCancel, TIpcArgs(aType));
+ }
+
+TInt REventMediator::CancelListenToEvent(TEventType aType, TDesC8& aEventSpec)
+ {
+ LOG(Log::Printf(_L("REventMediator::CancelListenToEvent(TEventType aType, TDesC8& aEventSpec)\n")));
+
+ return SendReceive(CEventMediatorSession::KEventMediatorCancelWithSpec, TIpcArgs(aType, NULL, NULL, &aEventSpec));
+ }
+
+TInt REventMediator::FetchData(TAny* aSrvPtr, TDes8& aDataPtr)
+ {
+ LOG(Log::Printf(_L("REventMediator::FetchData()\n")));
+
+ TRequestStatus status;
+ SendReceive(CEventMediatorSession::KEventMediatorFetchData,
+ TIpcArgs(aSrvPtr, &aDataPtr), status);
+ User::WaitForRequest(status);
+
+ LOG_1("REventMediator::FetchData() - SendReceive called, status: %d\n",status.Int());
+ return status.Int();
+ }
+
+CEventListener* REventMediator::NewEventListenerL(TEventType aType, MEventObserver& aObserver)
+ {
+ CEventListener* listener=NULL;
+
+ listener = new (ELeave) CEventListener(aType, aObserver,this);
+ CleanupStack::PushL(listener);
+ iListenedEvents->AppendL(listener);
+ CleanupStack::Pop();
+ return listener;
+ }
+
+void REventMediator::RemoveListener(CEventListener* aListener)
+ {
+ TInt index=-1;
+ for(TInt i=0; i<iListenedEvents->Count(); i++)
+ {
+ if(iListenedEvents->At(i)==aListener)
+ {
+ index=i;
+ break;
+ }
+ }
+ if (index >=0)
+ {
+ delete iListenedEvents->At(index);
+ iListenedEvents->Delete(index);
+ }
+ }
+
+TBool REventMediator::FindEventListener(const TEventType aType, TInt& aIndex)
+ {
+ for( TInt i=0; i<iListenedEvents->Count(); i++ )
+ {
+ if( iListenedEvents->At(i)->iType == aType )
+ {
+ aIndex = i;
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+TBool REventMediator::FindEventListener(const TEventType aType, TDesC8& aEventSpec, TInt& aIndex)
+ {
+ for( TInt i=0; i<iListenedEvents->Count(); i++ )
+ {
+ if( iListenedEvents->At(i)->iType == aType &&
+ iListenedEvents->At(i)->iSpecBuf &&
+ iListenedEvents->At(i)->iSpecBuf->Des().Compare( aEventSpec ) == 0 )
+ {
+ aIndex = i;
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+TInt REventMediator::ReadLogArguments(TInt aCount, VA_LIST aList, TDesC8** aPointers, TInt* aLengths, TInt& aOverAllLength)
+ {
+ if(aPointers==NULL || aLengths==NULL)
+ return KErrNoMemory;
+ aOverAllLength=0;
+ for (TInt i=0; i<aCount; i++)
+ {
+ aPointers[i] = (TDesC8*) VA_ARG(aList, TDesC8*);
+ aLengths[i] = aPointers[i]->Length();
+ aOverAllLength += aLengths[i];
+ TInt fillerLth = 4 - (aLengths[i] % 4);
+ if (fillerLth > 0 && fillerLth < 4)
+ {
+ aOverAllLength += fillerLth;
+ }
+
+ }
+ return KErrNone;
+ }
+
+EXPORT_C TInt REventMediator::DeletePrivateFiles()
+ {
+ return SendReceive (CEventMediatorSession::KEventMediatorDeletePrivateFiles, TIpcArgs());
+ }
+
+
+EXPORT_C TInt REventMediator::GetEventLogSize(TInt& aEventLogSize)
+ {
+ TPckg<TInt> eventLogSizePckg(aEventLogSize);
+
+ return SendReceive (CEventMediatorSession::KEventMediatorGetEventLogSize,
+ TIpcArgs(&eventLogSizePckg));
+ }
+
+EXPORT_C TInt REventMediator::GetEventLogHeader(TDes8& aEventLogHeader)
+ {
+ return SendReceive (CEventMediatorSession::KEventMediatorGetEventLogHeader,
+ TIpcArgs(&aEventLogHeader));
+ }
+
+EXPORT_C TInt REventMediator::GetEventLogData(TDes8& aEventLogData)
+ {
+ return SendReceive (CEventMediatorSession::KEventMediatorGetEventLogData,
+ TIpcArgs(&aEventLogData));
+ }
+
+EXPORT_C TInt REventMediator::ClearEventLog()
+ {
+ return SendReceive (CEventMediatorSession::KEventMediatorClearEventLog, TIpcArgs());
+ }
+
+
+void CEventListener::DoCancel()
+ {
+ if (iSpecBuf)
+ iSession->CancelListenToEvent(iType, *iSpecBuf);
+ else
+ iSession->CancelListenToEvent(iType);
+ }
+
+void CEventListener::RunL() // Should it leave? no
+ {
+ LOG(Log::Printf(_L("REventMediator::RunL()\n")));
+
+ if (iState == EStateListening)
+ {
+ HandleListeningComplete();
+ }
+ }
+
+void CEventListener::HandleListeningComplete()
+ {
+ LOG(Log::Printf(_L("REventMediator::HandleListeningComplete()\n")));
+
+ // Event has occured, iSpecBuf is useless.
+ delete iSpecBuf;
+ iSpecBuf = NULL;
+
+ TInt status=iStatus.Int();
+
+ LOG(Log::Printf(_L("REventMediator::HandleListeningComplete() - status = %d\n"), status));
+
+ if (status==KErrNone)
+ {
+ TInt dataLength = iDataLengthPckg();
+ // Some events might not have data
+ if (dataLength)
+ {
+ iDataBuf = HBufC8::New(dataLength);
+ if (iDataBuf)
+ {
+ LOG(Log::Printf(_L("REventMediator::HandleListeningComplete() - going to call FetchData()\n")));
+
+ iDataPtr.Set(iDataBuf->Des());
+ TInt err = iSession->FetchData(iSrvDataPtrPckg(), iDataPtr);
+ iState = EStateFetchingData;
+ // Event reporting to the observer and listener
+ // cleanup are handled in HandleFetchingComplete
+ HandleFetchingComplete(err);
+ return;
+ }
+ else
+ status = KErrNoMemory;
+ }
+ iObserver.EventOccured(status, iType, NULL);
+ }
+ else if (status!=KErrCancel) // Cancels are not reported
+ {
+ iObserver.EventOccured(status, iType, NULL);
+ }
+
+ // Listened event has occured, so this listener is done
+ iSession->RemoveListener(this);
+ }
+
+void CEventListener::HandleFetchingComplete(TInt aError)
+ {
+ LOG(Log::Printf(_L("REventMediator::HandleFetchingComplete()\n")));
+
+ LOG(Log::Printf(_L("REventMediator::HandleFetchingComplete() - status = %d\n"), aError));
+
+ if (aError==KErrNone)
+ {
+ iObserver.EventOccured(aError, iType, iDataBuf);
+ }
+ else if (aError!=KErrCancel) // Cancels are not reported
+ {
+ iObserver.EventOccured(aError, iType, NULL);
+ }
+
+ // Listened event has occured, so this listener is done
+ iSession->RemoveListener(this);
+ }
+
+CEventListener::CEventListener(TEventType aType,MEventObserver& aObserver, REventMediator* aSession) :
+ CActive(0), iType(aType), iObserver(aObserver), iSession(aSession),
+ iDataPtr(NULL, 0), iState(EStateListening)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+CEventListener::~CEventListener()
+ {
+ Cancel();
+ delete iSpecBuf;
+ iSpecBuf = NULL;
+ delete iDataBuf;
+ iDataBuf = NULL;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/BMARM/EVENTVIEWERU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,10 @@
+EXPORTS
+ NewL__12CEventViewer @ 1 NONAME R3UNUSED ; CEventViewer::NewL(void)
+ GetEventUsingEventNumber__12CEventViewerRP7HBufC16UlR16TEventProperties @ 2 NONAME ; CEventViewer::GetEventUsingEventNumber(HBufC16 *&, unsigned long, TEventProperties &)
+ GetIapName__11EventViewerUlRt5TBuf81i50 @ 3 NONAME R3UNUSED ; EventViewer::GetIapName(unsigned long, TBuf8<50> &)
+ GetIapNames__11EventViewerUlRt5TBuf81i50UlT2 @ 4 NONAME ; EventViewer::GetIapNames(unsigned long, TBuf8<50> &, unsigned long, TBuf8<50> &)
+ GetMostRecentEvent__12CEventViewerRP7HBufC16R16TEventProperties @ 5 NONAME R3UNUSED ; CEventViewer::GetMostRecentEvent(HBufC16 *&, TEventProperties &)
+ GetNextEvent__12CEventViewerRP7HBufC16R16TEventProperties @ 6 NONAME R3UNUSED ; CEventViewer::GetNextEvent(HBufC16 *&, TEventProperties &)
+ GetPreviousEvent__12CEventViewerRP7HBufC16R16TEventProperties @ 7 NONAME R3UNUSED ; CEventViewer::GetPreviousEvent(HBufC16 *&, TEventProperties &)
+ DeleteLogFile__12CEventViewer @ 8 NONAME R3UNUSED ; CEventViewer::DeleteLogFile(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/BWINS/EVENTVIEWERU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,12 @@
+EXPORTS
+ ??1CEventViewer@@UAE@XZ @ 1 NONAME ; CEventViewer::~CEventViewer(void)
+ ?DeleteLogFile@CEventViewer@@QAEHXZ @ 2 NONAME ; int CEventViewer::DeleteLogFile(void)
+ ?GetEventUsingEventNumber@CEventViewer@@QAEHAAPAVHBufC16@@KAAUTEventProperties@@@Z @ 3 NONAME ; int CEventViewer::GetEventUsingEventNumber(class HBufC16 * &, unsigned long, struct TEventProperties &)
+ ?GetIapName@EventViewer@@SAHKAAV?$TBuf8@$0DC@@@@Z @ 4 NONAME ; int EventViewer::GetIapName(unsigned long, class TBuf8<50> &)
+ ?GetIapNames@EventViewer@@SAHKAAV?$TBuf8@$0DC@@@K0@Z @ 5 NONAME ; int EventViewer::GetIapNames(unsigned long, class TBuf8<50> &, unsigned long, class TBuf8<50> &)
+ ?GetMostRecentEvent@CEventViewer@@QAEHAAPAVHBufC16@@AAUTEventProperties@@@Z @ 6 NONAME ; int CEventViewer::GetMostRecentEvent(class HBufC16 * &, struct TEventProperties &)
+ ?GetNextEvent@CEventViewer@@QAEHAAPAVHBufC16@@AAUTEventProperties@@@Z @ 7 NONAME ; int CEventViewer::GetNextEvent(class HBufC16 * &, struct TEventProperties &)
+ ?GetPreviousEvent@CEventViewer@@QAEHAAPAVHBufC16@@AAUTEventProperties@@@Z @ 8 NONAME ; int CEventViewer::GetPreviousEvent(class HBufC16 * &, struct TEventProperties &)
+ ?NewL@CEventViewer@@SAPAV1@XZ @ 9 NONAME ; class CEventViewer * CEventViewer::NewL(void)
+ ?GetSnapName@EventViewer@@SAHKAAV?$TBuf8@$0DC@@@@Z @ 10 NONAME ; int EventViewer::GetSnapName(unsigned long, class TBuf8<50> &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/EABI/eventViewerU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,13 @@
+EXPORTS
+ _ZN11EventViewer10GetIapNameEmR5TBuf8ILi50EE @ 1 NONAME
+ _ZN11EventViewer11GetIapNamesEmR5TBuf8ILi50EEmS2_ @ 2 NONAME
+ _ZN12CEventViewer12GetNextEventERP7HBufC16R16TEventProperties @ 3 NONAME
+ _ZN12CEventViewer13DeleteLogFileEv @ 4 NONAME
+ _ZN12CEventViewer16GetPreviousEventERP7HBufC16R16TEventProperties @ 5 NONAME
+ _ZN12CEventViewer18GetMostRecentEventERP7HBufC16R16TEventProperties @ 6 NONAME
+ _ZN12CEventViewer24GetEventUsingEventNumberERP7HBufC16mR16TEventProperties @ 7 NONAME
+ _ZN12CEventViewer4NewLEv @ 8 NONAME
+ _ZTI12CEventViewer @ 9 NONAME ; #<TI>#
+ _ZTV12CEventViewer @ 10 NONAME ; #<VT>#
+ _ZN11EventViewer11GetSnapNameEmR5TBuf8ILi50EE @ 11 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/data/vpnlogmessages.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,72 @@
+/*
+* Copyright (c) 2002-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for Event viewer.
+*
+*/
+
+
+
+NAME EVVI
+
+#include <eikon.rh>
+#include <eikon.rsg>
+#include "vpnlogmessages1.lms"
+
+RESOURCE RSS_SIGNATURE { }
+RESOURCE TBUF r_vpn_msg_created_server { buf=qtn_vpn_msg_created_server; }
+RESOURCE TBUF r_vpn_msg_deleted_server { buf=qtn_vpn_msg_deleted_server; }
+RESOURCE TBUF r_vpn_msg_updated_server { buf=qtn_vpn_msg_updated_server; }
+RESOURCE TBUF r_vpn_msg_installed_policy_file { buf=qtn_vpn_msg_installed_policy_file; }
+RESOURCE TBUF r_vpn_msg_installed_policy_server { buf=qtn_vpn_msg_installed_policy_server; }
+RESOURCE TBUF r_vpn_msg_policy_install_fail { buf=qtn_vpn_msg_policy_install_fail; }
+RESOURCE TBUF r_vpn_msg_policy_update_fail { buf=qtn_vpn_msg_policy_update_fail; }
+RESOURCE TBUF r_vpn_msg_deleted_policy { buf=qtn_vpn_msg_deleted_policy; }
+RESOURCE TBUF r_vpn_msg_updated_policy { buf=qtn_vpn_msg_updated_policy; }
+RESOURCE TBUF r_vpn_msg_serv_identity_verify_fail { buf=qtn_vpn_msg_serv_identity_verify_fail; }
+RESOURCE TBUF r_vpn_msg_updated_enrollment_service { buf=qtn_vpn_msg_updated_enrollment_service; }
+RESOURCE TBUF r_vpn_msg_deleted_enrollment_service { buf=qtn_vpn_msg_deleted_enrollment_service; }
+RESOURCE TBUF r_vpn_msg_installed_enrollment_service { buf=qtn_vpn_msg_installed_enrollment_service; }
+
+RESOURCE TBUF r_vpn_msg_policy_serv_auth_fail { buf=qtn_vpn_msg_policy_serv_auth_fail; }
+RESOURCE TBUF r_vpn_msg_serv_auth_fail_client_cert_exp { buf=qtn_vpn_msg_serv_auth_fail_client_cert_exp; }
+RESOURCE TBUF r_vpn_msg_serv_auth_fail_serv_cert_exp { buf=qtn_vpn_msg_serv_auth_fail_serv_cert_exp; }
+RESOURCE TBUF r_vpn_msg_policy_serv_conn_fail { buf=qtn_vpn_msg_policy_serv_conn_fail; }
+RESOURCE TBUF r_vpn_msg_serv_err_resp_received { buf=qtn_vpn_msg_serv_err_resp_received; }
+RESOURCE TBUF r_vpn_msg_enroll_cert_policy_serv { buf=qtn_vpn_msg_enroll_cert_policy_serv; }
+RESOURCE TBUF r_vpn_msg_pol_serv_cert_enr_fail { buf=qtn_vpn_msg_pol_serv_cert_enr_fail; }
+RESOURCE TBUF r_vpn_msg_cert_installed { buf=qtn_vpn_msg_cert_installed; }
+RESOURCE TBUF r_vpn_msg_cert_install_failed { buf=qtn_vpn_msg_cert_install_failed; }
+
+RESOURCE TBUF r_vpn_msg_created_vpn_access_point_with_ap { buf=qtn_vpn_msg_created_vpn_access_point_with_ap; }
+RESOURCE TBUF r_vpn_msg_created_vpn_access_point_with_snap { buf=qtn_vpn_msg_created_vpn_access_point_with_snap; }
+RESOURCE TBUF r_vpn_msg_unspecified_error { buf=qtn_vpn_msg_unspecified_error; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_activated { buf=qtn_vpn_msg_vpn_iap_activated; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_act_failed { buf=qtn_vpn_msg_vpn_iap_act_failed; }
+
+RESOURCE TBUF r_vpn_msg_vpn_iap_act_failed_cert_not_valid { buf=qtn_vpn_msg_vpn_iap_act_failed_cert_not_valid; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_act_failed_cert_exp_miss { buf=qtn_vpn_msg_vpn_iap_act_failed_cert_exp_miss; }
+RESOURCE TBUF r_vpn_msg_real_iap_act_failed { buf=qtn_vpn_msg_real_iap_act_failed; }
+RESOURCE TBUF r_vpn_msg_vpn_gw_no_resp { buf=qtn_vpn_msg_vpn_gw_no_resp; }
+RESOURCE TBUF r_vpn_msg_vpn_gw_auth_ok { buf=qtn_vpn_msg_vpn_gw_auth_ok; }
+RESOURCE TBUF r_vpn_msg_vpn_gw_auth_fail { buf=qtn_vpn_msg_vpn_gw_auth_fail; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_deact { buf=qtn_vpn_msg_vpn_iap_deact; }
+RESOURCE TBUF r_vpn_msg_real_iap_deact { buf=qtn_vpn_msg_real_iap_deact; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_deact_timeout { buf=qtn_vpn_msg_vpn_iap_deact_timeout; }
+RESOURCE TBUF r_vpn_msg_vpn_gw_err_resp_received { buf=qtn_vpn_msg_vpn_gw_err_resp_received; }
+RESOURCE TBUF r_vpn_msg_data_dropped_due_policy { buf=qtn_vpn_msg_data_dropped_due_policy; }
+RESOURCE TBUF r_vpn_msg_vpn_iap_deact_real_iap_terminated { buf=qtn_vpn_msg_vpn_iap_deact_real_iap_terminated; }
+RESOURCE TBUF r_vpn_msg_real_iap_reactivated { buf=qtn_vpn_msg_real_iap_reactivated; }
+RESOURCE TBUF r_vpn_msg_sent_error_response { buf=qtn_vpn_msg_sent_error_response; }
+RESOURCE TBUF r_vpn_msg_addr_info_for_vpn_ap { buf=qtn_vpn_msg_addr_info_for_vpn_ap; }
+RESOURCE TBUF r_vpn_msg_cert_error { buf=qtn_vpn_msg_cert_error; }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/data/vpnlogmessages1.lms Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,300 @@
+/*
+* ==============================================================================
+* Name : vpnlogmessages1.lms
+* Part of : eventviewer
+* Description : This is a localisation file for IPSec VPN software log messages.
+* Version : %version: 3 %
+*
+* Copyright © 2003-2008 Nokia. All rights reserved.
+* This material, including documentation and any related computer
+* programs, is protected by copyright controlled by Nokia. All
+* rights are reserved. Copying, including reproducing, storing,
+* adapting or translating, any or all of this material requires the
+* prior written consent of Nokia. This material also contains
+* confidential information which may not be disclosed to others
+* without the prior written consent of Nokia.
+* ============================================================================
+* Template version: 4.1
+*
+* Syntax of a logical name entry in this file is the following:
+*
+* // d:context description (line 1)
+* // d:context description (line N)
+* // l:P_No
+* //
+* #define qtn_?feature/?module_name_?freetext "?text"
+* #define text_?feature/?module_name_?freetext "?text"
+*
+* where
+* "qtn_" or "text_" starts a logical name, which does not
+* contain dots.
+* "d:" starts description line(s), which
+* clarify entry's context with information like:
+* 1. Is a word a verb in imperative or is it a noun ?
+* - what does text "Set" mean ?
+* 2. What will replace %U (unicode text parameter) or
+* %A (8-bit text parameter) or
+* %N (number parameter) included in texts ?
+* - is it phone number or email address ?
+* "l:" starts a layout information (one line).
+* "P" and "No" are symbols in LAF's information table
+* - "P" is parent pane or current pane
+* - "No" is reference number in table
+*
+* ==============================================================================
+*/
+
+// LOCALISATION STRINGS
+
+// **VPN LOG MESSAGES
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_created_server "Created policy server '%U'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_deleted_server "Deleted policy server '%U'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_updated_server "Updated policy server '%U'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_installed_policy_file "Installed policy '%A' from file"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_installed_policy_server "Installed policy '%1A' from server '%2U'"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_policy_install_fail "Failed to install policy '%A', reason code %N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_policy_update_fail "Failed to update policy '%A', reason code %N"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_deleted_policy "Deleted policy '%A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_updated_policy "Updated policy '%1A' from server '%2A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_installed_enrollment_service "Installed enrollment service configuration for certification authority '%1A' from server '%2U'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_updated_enrollment_service "Updated enrollment service configuration for certification authority '%1A' from server '%2A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_deleted_enrollment_service "Deleted enrollment service configuration for certification authority '%1A'"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_serv_identity_verify_fail "Failed to verify identity of server '%U', reason code %N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_policy_serv_auth_fail "Failed to authenticate to policy server '%U', reason code %N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_serv_auth_fail_client_cert_exp "Failed to authenticate to policy server '%U', client certificate expired/revoked, server synchronisation required"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_serv_auth_fail_serv_cert_exp "Failed to authenticate to policy server '%U', server certificate expired, server definition must be deleted and re-created"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_policy_serv_conn_fail "Failed to connect to policy server '%1U', reason code %2N, state code %3N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_serv_err_resp_received "Received error response from server '%1U', error code %2N, state code %3N"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_enroll_cert_policy_serv "Enrolled client certificate for accessing policy server '%1U', user identity '%2A'"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_pol_serv_cert_enr_fail "Failed to enroll client certificate for accessing policy server '%1U', reason code %2N, user identity '%3A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_cert_installed "Installed certificate: %A"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_cert_install_failed "Failed to install certificate. Reason code %N, certificate: %A"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_created_vpn_access_point_with_ap "Created VPN access point '%1A', policy '%2A', Internet access point '%3A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_created_vpn_access_point_with_snap "Created VPN access point '%1A', policy '%2A', Internet destination '%3A'"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_unspecified_error "Unspecified error, source '%1A', error code %2N, state code %3N"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_activated "Activated VPN access point '%1A', IP address %2A"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_act_failed "Failed to activate VPN access point '%A', reason code %N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_act_failed_cert_not_valid "Failed to activate VPN access point '%A', client certificate not yet valid"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_act_failed_cert_exp_miss "Failed to activate VPN access point '%A', client certificate expired or missing"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_real_iap_act_failed "Failed to create Internet connection via Internet access point '%1A', VPN access point '%2A', reason code %3N"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_gw_no_resp "Received no response from VPN gateway %1A, VPN access point %2A"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_gw_auth_ok "Authenticated to VPN gateway '%1A', VPN access point %2A"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_gw_auth_fail "Failed to authenticate to VPN gateway '%1A', VPN access point '%2A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_deact "Deactivated VPN access point '%A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_real_iap_deact "Closed Internet connection established via Internet access point '%1A', VPN access point '%2A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_deact_timeout "Deactivated VPN access point %A', VPN policy timed out"
+
+//d:Detail's message in message query.
+//d:Error
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_gw_err_resp_received "Received an error response from VPN gateway '%1A', VPN access point %2A, error code %3N "
+
+//d:Detail's message in message query.
+//d:Warning
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_data_dropped_due_policy "Dropped data due to VPN policy, source address '%A', reason code %N"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_vpn_iap_deact_real_iap_terminated "Deactivated VPN access point %1A', Internet connection via Internet access point '%2A' was terminated"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_real_iap_reactivated "Reopened Internet connection via Internet access point '%1A', VPN access point '%2A'"
+
+//d:Detail's message in message query.
+//d:Information
+//l:popup_query_sat_info_window_1
+//
+#define qtn_vpn_msg_sent_error_response "Sent an error response to VPN gateway '%1A', VPN access point '%2A', error code %3N"
+#define qtn_vpn_msg_addr_info_for_vpn_ap "Address info for VPN access point '%1A': virtual IP '%2A', local IP '%3A', NAT status code %4N"
+#define qtn_vpn_msg_cert_error "Certificate error. Possible reason: subject or issuer name of certificate contains unsupported attribute. "
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+
+eventviewer.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/group/eventviewer.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project eventViewer
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET eventViewer.dll
+TARGETTYPE dll
+UID 0x1000008d 0x10200EC5
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE eventviewer.cpp
+SOURCE logfilehandler.cpp
+SOURCE eventformater.cpp
+
+// The resource file containing IPSec VPN error messages,
+// generated for the system error resolver.
+SOURCEPATH ../data
+START RESOURCE vpnlogmessages.rss
+HEADER
+TARGETPATH /resource
+END
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../data
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY efsrv.lib
+LIBRARY bafl.lib
+LIBRARY eventmedapi.lib
+LIBRARY cmmanager.lib
+LIBRARY charconv.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/inc/eventviewer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility methods for eventviewer
+*
+*/
+
+
+
+#ifndef __EVENTVIEWER__
+#define __EVENTVIEWER__
+
+#include <cdblen.h>
+
+////////////////////////////////////////////////////////
+// Typedefs
+////////////////////////////////////////////////////////
+
+typedef TBuf8<KCommsDbSvrMaxFieldLength> TIapName;
+
+
+/////////////////////////////////////////////////////////
+// EventViewer Class
+/////////////////////////////////////////////////////////
+class EventViewer
+{
+public:
+ IMPORT_C static TInt GetIapName(TUint32 aIapId, TIapName& aIapName);
+ IMPORT_C static TInt GetSnapName(TUint32 aSnapId, TIapName& aSnapName);
+
+ IMPORT_C static TInt GetIapNames(TUint32 aIapId1, TIapName& aIapName1,
+ TUint32 aIapId2, TIapName& aIapName2);
+
+
+private:
+ static void DoGetIapNameL(TUint32 aIapId, TIapName& aIapName);
+
+ static void DoGetIapNamesL(TUint32 aIapId1, TIapName& aIapName1,
+ TUint32 aIapId2, TIapName& aIapName2);
+
+ static void DoGetSnapNameL(TUint32 aSnapId, TIapName& aSnapName);
+};
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/inc/eventviewer.rls Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,28 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for eventViewer.
+*
+*/
+
+
+
+
+/*
+rls_string STRING_No_Label1 "" // empty for non-file app's
+*/
+
+rls_string STRING_r_policy_import_ok "Policy import successful %U %N OK"
+rls_string STRING_r_policy_import_failed "Policy import failed %U %N "
+rls_string STRING_r_policy_export_failed "Policy file is lost %U %N 12345 "
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/inc/eventviewer2.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,284 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Log File Handler.
+*
+*/
+
+
+#ifndef __EVENTVIEWER2__
+#define __EVENTVIEWER2__
+
+#include <gdi.h>
+#include <e32base.h>
+#include <e32std.h>
+#include <f32file.h>
+#include <barsc.h>
+#include <bautils.h>
+
+////////////////////////////////////////////////////////
+// Literals
+////////////////////////////////////////////////////////
+#include "eventmediatorapi.h"
+
+#define LOG_ELEM_TRAILER_LTH 12
+#define LOG_ELEM_HEADER_LTH 32
+#define KBYTES_TO_BYTES 1024
+//efine ELEM_HEADER_LTH 8
+#define FILE_BEGIN 0
+#define END_MARK_1 0xefbeadde
+#define END_MARK_2 0xeeabedfe
+#define LOG_FILE_ID 0x474F4C45 // ELOG
+
+
+/////////////////////////////////////////////////////////////////
+// Enumeration of log event categories.
+////////////////////////////////////////////////////////////////
+
+enum TLogCategory2
+ {
+ ELogInfo,
+ ELogWarning,
+ ELogError,
+ ELogDebug
+ };
+
+
+/////////////////////////////////////////////////////////
+// TEventProperties - data to be returned with the event
+// text to the caller
+/////////////////////////////////////////////////////////
+struct TEventProperties
+
+{
+ TUint32 iSourceComponent; // Uid of source component
+ TTime iTimeStamp; // 64 bit time stamp
+ TLogCategory2 iCategory; // Info, Warning, Error, Debug
+ TUint32 iMsgId; // MsgId in localization file
+ TUint32 iEventNumber; // Event number
+};
+
+
+/////////////////////////////////////////////////////////
+// Packed File Header
+/////////////////////////////////////////////////////////
+class TFileHeader
+{
+ public: // Methods
+ inline TInt32 GetFileId() const {return ((TInt32)(u.iData32[0]));};
+ inline TInt32 GetPositionOfNextFree() const {return ((TInt32)(u.iData32[1]));};
+ inline TInt32 GetPositionOfWrapping() const {return ((TInt32)(u.iData32[2]));};
+ inline TInt32 GetCurrEventNumber() const {return ((TInt32)(u.iData32[3]));};
+
+ private:
+ union
+ {
+ TUint32 iData32[4];
+ } u;
+};
+
+
+
+/////////////////////////////////////////////////////////
+// Unpacked File Header
+/////////////////////////////////////////////////////////
+
+class TUnpackedFileHeader
+ {
+ public:
+ TUint32 iFileId; // ELOG
+ TUint32 iPositionOfNextFree;
+ TUint32 iPositionOfWrapping;
+ TUint32 iCurrEventNumber;
+ };
+
+/////////////////////////////////////////////////////////
+// Packed Log Element
+///////////////////////////////////////////////////////
+class TLogElem
+ {
+ public: // Methods
+ inline TInt32 GetEventLength() const {return ((TInt32)(u.iData32[0]));};
+ inline TInt32 GetEventNumber() const {return ((TInt32)(u.iData32[1]));};
+ inline TInt64 GetTimeStamp() const
+ {
+ return MAKE_TINT64(u.iData32[3], u.iData32[2]);;
+ };
+ inline TInt32 GetSourceComponent() const {return ((TInt32)(u.iData32[4]));};
+ inline TLogCategory2 GetCategory() const {return ((TLogCategory2)(u.iData32[5]));};
+ inline TInt32 GetMsgId() const {return ((TInt32)(u.iData32[6]));};
+ inline TInt32 GetDescrCount() const {return ((TInt32)(u.iData32[7]));};
+
+private:
+ union
+ {
+ TUint32 iData32[8];
+ } u;
+ };
+
+/////////////////////////////////////////////////////////
+// Unpacked Log Element
+/////////////////////////////////////////////////////////
+
+class TUnpackedLogElem
+{
+ public:
+ TUint32 iEventLength;
+ TUint32 iEventNumber;
+ TInt64 iTimeStamp;
+ TUint32 iSourceComponent;
+ TLogCategory2 iCategory;
+ TUint32 iMsgId;
+ TUint32 iDescrCount;
+};
+
+/////////////////////////////////////////////////////////
+// Packed Log Element trailer
+/////////////////////////////////////////////////////////
+class TLogElemTrailer
+{
+ public: // Methods
+ inline TInt32 GetEndMark1() const {return ((TInt32)(u.iData32[0]));};
+ inline TInt32 GetEndMark2() const {return ((TInt32)(u.iData32[1]));};
+ inline TInt32 GetEventLength() const {return ((TInt32)(u.iData32[2]));};
+
+ private:
+ union
+ {
+ TUint32 iData32[3];
+ } u;
+};
+
+/////////////////////////////////////////////////////////
+// Unpacked Element trailer
+/////////////////////////////////////////////////////////
+
+class TUnpackedLogElemTrailer
+{
+ public:
+ TUint32 iEndMark1;
+ TUint32 iEndMark2;
+ TUint32 iEventLength;
+};
+
+
+/////////////////////////////////////////////////////////
+// EventViewer Class
+/////////////////////////////////////////////////////////
+class CEventViewer : public CBase
+{
+
+
+ //
+ // EventViewer API in EventViewer.cpp
+ //
+ public:
+ IMPORT_C static CEventViewer* NewL();
+ IMPORT_C ~CEventViewer();
+ void ConstructL();
+
+ IMPORT_C TInt GetMostRecentEvent (HBufC*& aEventText,
+ TEventProperties& aEventProperties);
+
+ IMPORT_C TInt GetNextEvent (HBufC*& aEventText,
+ TEventProperties& aEventProperties);
+
+ IMPORT_C TInt GetPreviousEvent (HBufC*& aEventText,
+ TEventProperties& aEventProperties);
+
+ IMPORT_C TInt GetEventUsingEventNumber(
+ HBufC*& aEventText,
+ TUint32 aEventNumber,
+ TEventProperties& aEventProperties);
+
+ IMPORT_C TInt GetOldestEvent (HBufC*& aEventText,
+ TEventProperties& aEventProperties);
+
+ IMPORT_C TInt DeleteLogFile();
+
+ //
+ // EventViewer internal functions in EventViewer.cpp
+ //
+ private:
+ TInt GetRequestedEvent( HBufC*& aEventText,
+ TEventProperties& aEventProperties,
+ TUint32 aEventNumber,
+ TInt aMethodId);
+
+ TInt GetRequestedEventL( HBufC*& aEventText,
+ TEventProperties& aEventProperties,
+ TUint32 aEventNumber,
+ TInt aMethodId);
+
+ //
+ // EventViewer internal functions in LogFileHandler.cpp
+ //
+ private:
+ TInt OpenLogFile();
+ void CloseLogFile();
+ void TakeCopyOfFileHeader(TUnpackedFileHeader& asrc,
+ TUnpackedFileHeader& adest);
+ void OpenResourceFileL();
+
+ TInt ReadWholeLogFileToMemoryBuffer();
+ TInt ReadLogFileHeader();
+ TInt CopyPackedFileHeaderToUnpackedObject( TDesC8& aFileHeader);
+ TBool IsLogFileModified();
+ TInt EventLookup(TUint32 aEventNumber);
+ TInt GetStartPositionOfLogElem(TUint32 aEndOfLogElemPosition,
+ TUint32* aLogElemPosition);
+ void CopyPackedLogElemToUnpackedObject(TUint32 iPositionOfCurrLogElem);
+ HBufC* SearchEventTextL( TUint32 aMsgId);
+ HBufC* ModifyEventText(HBufC* aEventTextSrc,
+ TUint32 aDescrCount, // Count of descriptor elements
+ TUint32 aDescrDataPosition); // Descriptors: lth data lth data....
+ HBufC* FormatEvent(TInt aDescrCount, // Count of lth/data pairs
+ const TDesC8& aDescrList, // lth lth ... data data ...
+ const TDesC& aEventString); // string got from localisation file
+ TInt AnalyseConvSpec(
+ const TDesC& SourceBuf, //
+ TInt& aOffset, // offset of conversion spec element
+ TUint32& aConvType, // U or N (KConvTypex)
+ TUint32& aSeqNumber); // Seq number included to conv spec elem
+ HBufC* GetDescriptorData (
+ TUint32 aDescrCount, // Count of lth/data pairs
+ const TDesC8& aDescrList, // lth lth ... data data ...
+ TUint32 aConvType, // KConvTypeN or KConvTypeU
+ TUint32 aDescrNumber); // Seq number of lth/data pair
+ TInt BufferAppend(HBufC*& aDestBuf,
+ const TDesC& aString);
+
+ void DoDeleteLogFileL(); // In LogFileHandler.cpp
+
+ private:
+ RFs iFS;
+ REventMediator iEventMediator;
+ TUnpackedFileHeader iCurrFileHeader;
+ TUnpackedFileHeader iPreviousFileHeader;
+ TUnpackedLogElem iUnpackedLogElem;
+ TUnpackedLogElemTrailer iLogElemTrailer;
+ TUint32 iRequestedEventNumber;
+ HBufC8* iLogFileBuf;
+ TInt iLogFileSize;
+ TInt iWrappingOccured;
+ TUint32 iPositionOfCurrLogElem;
+ RResourceFile iResourceFile;
+ HBufC* iResultBuf; // Formatted event is build to this buffer
+
+ //
+ // Current API call parameters
+ //
+ HBufC** iEventText;
+ TEventProperties* iEventProperties;
+};
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/inc/log_eventviewer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_EVENTVIEWER_H__)
+#define __LOG_EVENTVIEWER_H__
+
+_LIT(KLogFile,"eview.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_EVENTVIEWER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/rom/eventviewer.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project eventviewer
+*
+*/
+
+
+
+#ifndef __EVENTVIEWER_IBY__
+#define __EVENTVIEWER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature EVENTVIEWER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\eventviewer.dll SHARED_LIB_DIR\eventviewer.dll
+data=DATAZ_\RESOURCE_FILES_DIR\vpnlogmessages.rsc RESOURCE_FILES_DIR\vpnlogmessages.rsc
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __EVENTVIEWER_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/src/eventformater.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,449 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event formatting services.
+*
+*/
+
+
+#include "eventviewer2.h"
+
+#define KEventBufferSizeIncrement 1000
+#define KConvTypeU 1
+#define KConvTypeN 2
+#define KConvTypeA 3
+
+
+///////////////////////////////////////////////////////////////////
+// HBufC* aDestBuf = FormatEvent(TInt aDescrCount, TDesc8 aDescrList,
+// aEventString)
+//
+// This function formats an event string loaded from the localisation
+// file by replacing the conversion specification elements with the data
+// description parameters available in a log event read from the
+// log file.
+//
+// -- aDestBuf = the result of formatting. The caller have to release
+// the buffer
+// -- aDescrCount = number of data description elements (lth/data
+// pairs) in aDescrList.
+// -- aDescrList = LTH, LTH, ... , Data , Data, ...
+// -- aEventString = text containing 0 - 20 conversion specification
+// elements. The format of conversion specification elements is
+// as follows: %N %U or %iN %iU, where % starts a specification,
+// N is numeric data, U is Unicode data, i is an optional sequence
+// number of description used with this specification (1,2,3...).
+//
+///////////////////////////////////////////////////////////////////
+HBufC* CEventViewer::FormatEvent(TInt aDescrCount,
+ const TDesC8& aDescrList,
+ const TDesC& aEventString)
+ {
+ TInt err;
+ TInt beginOffset;
+ TInt convSpecOffset;
+ TInt continueToLoop;
+ TInt descrNumber;
+ TInt currDescrNumber;
+ TUint32 convType;
+ TUint32 seqNumber;
+ HBufC* descrBuf = 0;
+
+ // Allocate a buffer for the result data. This buffer will
+ // contain the modified event string. The buffer may be extended
+ // during the operation.
+
+ iResultBuf = HBufC::New( KEventBufferSizeIncrement);
+ if (iResultBuf == 0)
+ {
+ return iResultBuf;
+ }
+ //
+ // Prepare to process an event string
+ //
+ beginOffset = 0;
+ err = KErrNone;
+ continueToLoop = ETrue;
+ currDescrNumber = 0;
+ //
+ // Loop here until all conversion specifications of an event string
+ // have been processed
+ //
+ while (continueToLoop)
+ {
+
+ //
+ // Locate a conversion specification element (It begins with '%'
+ //
+
+ convSpecOffset = aEventString.Mid(beginOffset).Locate('%');
+
+ //
+ // If no prefix (%) found, copy the last or the only part
+ // of text to buffer
+ //
+
+ if (convSpecOffset == KErrNotFound)
+ {
+ TInt lth = aEventString.Length();
+ if (lth > beginOffset)
+ {
+ TPtrC tempPtr = aEventString.Mid(beginOffset, lth - beginOffset);
+ err = BufferAppend(iResultBuf,
+ tempPtr);
+ }
+ continueToLoop = EFalse;
+ continue;
+ }
+
+ //
+ // Copy the part preceding the conv spec to the destination buffer
+ //
+ TPtrC tempPtr = aEventString.Mid(beginOffset, convSpecOffset);
+ err = BufferAppend(iResultBuf,
+ tempPtr);
+ if (err != KErrNone)
+ {
+ continueToLoop = EFalse;
+ continue;
+ }
+
+ //
+ // Analyse the conversion specification element
+ //
+ beginOffset += convSpecOffset + 1;
+ err = AnalyseConvSpec(
+ aEventString,
+ beginOffset,
+ convType,
+ seqNumber);
+ if (err != KErrNone)
+ {
+ continueToLoop = EFalse;
+ continue;
+ }
+
+ //
+ // Define the seq number of the descriptor element
+ //
+
+ if (seqNumber == 0) {
+ currDescrNumber++, // no number in conv spec element
+ descrNumber = currDescrNumber;
+ }
+ else
+ {
+ descrNumber = seqNumber; // number available in conv spec element
+ }
+
+ //
+ // Find descritptor from the descriptor list and return the data
+ //
+ descrBuf = 0;
+ descrBuf = GetDescriptorData (
+ aDescrCount,
+ aDescrList,
+ convType,
+ descrNumber);
+ if (descrBuf == 0)
+ {
+ continue;
+ }
+ //
+ // Store the data got from the descriptor list to the
+ // destination buffer
+ //
+
+ err = BufferAppend(iResultBuf,
+ descrBuf->Des());
+ if (err != KErrNone)
+ {
+ continueToLoop = EFalse;
+ continue;
+ }
+ delete descrBuf;
+ descrBuf = 0;
+ beginOffset++;
+ }
+ //
+ // While loop completed
+ //
+ delete descrBuf;
+ return iResultBuf;
+ }
+///////////////////////////////////////////////////////////////////
+// GetDescriptorData - Searches the requested descriptor and
+// returns the data.
+//
+// -- returns: converted data in heap buffer. Caller must delete the
+// buffer. Null if no descriptor returned.
+//
+// -- aDescrCount defines the number of LTH/DATA pairs
+//
+// --aDescrList has the following format:
+// LTH LTH ... DATA DATA ..., where
+// -- LTH is TUint32 length of corresponding DATA
+// -- DATA is either 32-bit integer or 8-bit byte strings.
+//
+// --aConvType has value KConvTypeN (integer to desimal conversion
+// needed) or KConvTypeU (Unicode data)
+// or KConvTypeA (8-bits data)
+//
+// -- aDescrNumber is the sequence number of LTH/DATA pair (1, 2..)
+//
+//
+///////////////////////////////////////////////////////////////////
+HBufC* CEventViewer::GetDescriptorData (
+ TUint32 aDescrCount,
+ const TDesC8& aDescrList,
+ TUint32 aConvType,
+ TUint32 aDescrNumber)
+
+ {
+ HBufC* descrDataBuf = 0;
+ TBuf8<4> lthBuf;
+ TUint lth = 0;;
+
+ //
+ // Check that descriptor number is valid
+ //
+ if (aDescrNumber > aDescrCount || aDescrNumber == 0)
+ {
+ return descrDataBuf; // return Null
+ }
+
+ TInt dataOffset = 0;
+ TInt lthOffset = 0;
+ TUint32 currDescrNumber = 1;
+
+ //
+ // Search the requested LTH/DATA pair
+ //
+ TInt fillerLth = 0;
+ while (currDescrNumber <= aDescrNumber)
+ {
+ lthBuf.Copy(&aDescrList[lthOffset],4); // Copy lth to 4 byte buffer
+ lth = *(TInt*) (lthBuf.Ptr());
+ dataOffset += 4;
+ fillerLth = 0;
+ if (currDescrNumber < aDescrNumber)
+ {
+ dataOffset += lth;
+ if (lth % 4 != 0)
+ {
+ fillerLth = 4 - (lth % 4);
+ }
+ dataOffset += fillerLth; // Remainder is filler count in data
+ }
+ lthOffset += 4;
+ currDescrNumber++;
+ }
+ dataOffset += 4 * (aDescrCount - (currDescrNumber - 1)); // rest of lth fields
+
+ //
+ // Convert integer to character string
+ //
+
+ if (aConvType == KConvTypeN)
+ {
+ TInt intValue;
+ if (lth != 4)
+ {
+ return descrDataBuf; // return 0, because wrong size for integer
+ }
+ descrDataBuf = HBufC::New(16);
+ if (descrDataBuf !=0)
+ {
+ TPtr descrDataPtr(descrDataBuf->Des());
+ TPtrC8 ptr8 = aDescrList.Mid(dataOffset, 4);
+ intValue = *(TInt*) (ptr8.Ptr());
+ descrDataPtr.Num(intValue);
+ }
+ return descrDataBuf;
+ }
+ else if (aConvType == KConvTypeA)
+
+ //
+ // ConvType == A, convert 8-bit string to unicode
+ //
+ {
+ descrDataBuf = HBufC::New(lth);
+ if (descrDataBuf == 0)
+ {
+ return descrDataBuf;
+ }
+ TPtr descrDataPtr(descrDataBuf->Des());
+ TPtrC8 ptr8 = aDescrList.Mid(dataOffset, lth);
+ descrDataPtr.Copy(ptr8);
+ return descrDataBuf;
+ }
+ else
+
+ //
+ // ConvType == U, unicode string, only copy data
+ //
+ {
+ descrDataBuf = HBufC::New(lth/2);
+ if (descrDataBuf == 0)
+ {
+ return descrDataBuf;
+ }
+ TPtr descrDataPtr(descrDataBuf->Des());
+ TPtrC8 ptr8 = aDescrList.Mid(dataOffset, lth);
+ TPtrC ptr16(reinterpret_cast<const TUint16*>(ptr8.Ptr()), ptr8.Length() / 2);;
+ descrDataPtr.Copy(ptr16);
+ return descrDataBuf;
+ }
+ }
+
+///////////////////////////////////////////////////////////////////
+// AnalyseConvSpec - Analyse Conversion Specification string
+// The format of string is as follows:
+// %U or %N or %A or %sU or %sN or %sA where:
+// -- % is prefix
+// -- U means Unicode (16-bits) data
+// -- A means 8-bits data
+// -- N means numeric data
+// -- s means 1 or 2 character sequence number
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::AnalyseConvSpec(
+ const TDesC& aSourceBuf,
+ TInt& aOffset, // input/output
+ TUint32& aConvType, // U or N
+ TUint32& aSeqNumber)
+ {
+ TInt currOffset = aOffset;
+ TUint32 seqNumber = 0;
+ TUint32 convType;
+ TInt sourceDataLeft = aSourceBuf.Length() - aOffset;
+ TBuf<2> seqNumberBuf;
+
+ // One byte data should exist
+
+ if (sourceDataLeft < 1)
+ {
+ return KErrNotFound;
+ }
+
+ // Check if 1 or 2 byte long sequence number follows. Value
+ // should be 1 - 20.
+
+ if (aSourceBuf[currOffset] >= '0' &&
+ aSourceBuf[currOffset] <= '9')
+ {
+ seqNumberBuf.Copy(&aSourceBuf[currOffset], 1);
+ currOffset++;
+ sourceDataLeft--;
+
+ if (aSourceBuf[currOffset] >= '0' &&
+ aSourceBuf[currOffset] <= '9')
+ {
+ seqNumberBuf.Append(&aSourceBuf[currOffset], 1);
+ currOffset++;
+ sourceDataLeft--;
+ }
+ TLex seqNumberLex(seqNumberBuf);
+ seqNumberLex.Val(seqNumber, EDecimal);
+ if (seqNumber == 0 || seqNumber > 20)
+ {
+ return KErrNotFound;
+ }
+ }
+
+ // One byte data should exist
+
+ if (sourceDataLeft < 1)
+ {
+ return KErrNotFound;
+ }
+
+ // Check if the conversion type is U
+
+
+ if (aSourceBuf[currOffset] == 'U' ||
+ aSourceBuf[currOffset] == 'u')
+ {
+ convType = KConvTypeU;
+ }
+
+ // Check if the conversion type is N
+
+ else if
+ (aSourceBuf[currOffset] == 'N' ||
+ aSourceBuf[currOffset] == 'n')
+ {
+ convType = KConvTypeN;
+ }
+
+ // Check if the conversion type is A
+
+ else if
+ (aSourceBuf[currOffset] == 'A' ||
+ aSourceBuf[currOffset] == 'a')
+ {
+ convType = KConvTypeA;
+ }
+ else
+ {
+ return KErrNotFound;
+ }
+
+ // Return parameters to caller
+
+ aConvType = convType;
+ aOffset = currOffset;
+ aSeqNumber = seqNumber;
+ return KErrNone;
+ }
+
+
+
+///////////////////////////////////////////////////////////////
+// BufferAppend()
+// This function appends a buffer by storing a new string.
+// If the buffer does not have space enough, the function extends
+// the buffer.
+//
+///////////////////////////////////////////////////////////////
+TInt CEventViewer::BufferAppend(HBufC*& aDestBuf,
+ const TDesC& aString)
+ {
+ TInt err = KErrNone;
+ // Make sure that we have enough space for the new text
+
+ TInt spaceLeft = aDestBuf->Des().MaxLength() - aDestBuf->Des().Length();
+ if (aString.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new string + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = aDestBuf->Des().MaxLength() + aString.Length() + KEventBufferSizeIncrement;
+ HBufC* tempBuf = aDestBuf->ReAlloc(newMaxLength);
+ if (tempBuf != NULL)
+ {
+ aDestBuf = tempBuf;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ }
+ //
+ // Store current string to the buffer
+ //
+ aDestBuf->Des().Append(aString);
+ return err;
+ }
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/src/eventviewer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,653 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event viewer
+*
+*/
+
+
+
+#include <e32base.h>
+#include <f32file.h>
+#include <barsc.h>
+#include <barsread.h>
+#include <vpnlogmessages.rsg>
+#include <cmmanagerext.h>
+#include <cmdestinationext.h>
+#include <utf.h>
+
+#include "eventviewer.h"
+#include "eventviewer2.h"
+#include "log_eventviewer.h"
+
+/////////////////////////////////////////////
+// Method IDs
+////////////////////////////////////////////
+#define KGetMostRecentEvent 0
+#define KGetNextEvent 1
+#define KGetPreviousEvent 2
+#define KGetEventUsingEventNumber 3
+
+
+//////////////////////////////////////////////////////////////
+// Create EventViewer object
+/////////////////////////////////////////////////////////////
+EXPORT_C CEventViewer* CEventViewer::NewL()
+ {
+ CEventViewer *self = new (ELeave) CEventViewer();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ LOG(Log::Printf(_L("Constructing EventViewer\n")));
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+/////////////////////////////////////////////////////////////
+// CEventViewer::CEventViewer()
+// C++ default constructor
+/////////////////////////////////////////////////////////////
+//
+// CEventViewer::CEventViewer() : iEikonEnv(*iCoeEnv)
+// {
+// }
+
+//////////////////////////////////////////////////////////////
+// Phase 2 constructor
+/////////////////////////////////////////////////////////////
+void CEventViewer::ConstructL()
+ {
+ TInt status = iFS.Connect();
+ if (status != KErrNone)
+ {
+ LOG(Log::Printf(_L("iFS.Connect failed %d\n"), status));
+ User::Leave(status);
+ }
+
+ status = iEventMediator.Connect();
+ if (status != KErrNone)
+ {
+ LOG(Log::Printf(_L("iEventMediator.Connect failed %d\n"), status));
+ User::Leave(status);
+ }
+
+ status = OpenLogFile(); // Open log file and read file header
+ if (status != KErrNone)
+ {
+ LOG(Log::Printf(_L("OpenLogFile failed %d\n"), status));
+ User::Leave(status);
+ }
+ OpenResourceFileL();
+ }
+//////////////////////////////////////////////////////////////
+// Destructor
+/////////////////////////////////////////////////////////////
+CEventViewer::~CEventViewer()
+ {
+ LOG(Log::Printf(_L("Destructing EventViewer\n")));
+
+ delete iLogFileBuf;
+ iLogFileBuf = 0;
+ CloseLogFile();
+ delete iResultBuf;
+ iResultBuf = 0;
+ iResourceFile.Close();
+ iFS.Close();
+ iEventMediator.Close();
+ }
+
+//////////////////////////////////////////////////////////////
+// OpenResourceFileL()
+// Used in ConstructL to get resource file
+//////////////////////////////////////////////////////////////
+//
+void CEventViewer::OpenResourceFileL()
+ {
+ //RResourceFile resourceFile;
+ _LIT(KResourceFile, "\\resource\\vpnlogmessages.rsc");
+
+ TFileName resourceFileName(KResourceFile);
+ TFileName dllName;
+ Dll::FileName(dllName);
+ TBuf<2> drive = dllName.Left(2);
+ resourceFileName.Insert(0, drive);
+ iResourceFile.OpenL(iFS, resourceFileName);
+ iResourceFile.ConfirmSignatureL();
+ }
+
+
+//////////////////////////////////////////////////////////////
+// Release resources allocated for a call
+/////////////////////////////////////////////////////////////
+//void CEventViewer::ReleaseResourcesL()
+// {
+
+// }
+
+//////////////////////////////////////////////////////////////////
+//
+// GetMostRecentEvent
+//
+/////////////////////////////////////////////////////////////////
+EXPORT_C TInt CEventViewer::GetMostRecentEvent(
+ HBufC*& aEventText,
+ TEventProperties& aEventProperties)
+ {
+ TInt status = GetRequestedEvent(
+ aEventText,
+ aEventProperties,
+ 0, // Event number
+ KGetMostRecentEvent);
+ return status;
+ }
+//////////////////////////////////////////////////////////////////
+//
+// GetNextEvent
+//
+/////////////////////////////////////////////////////////////////
+EXPORT_C TInt CEventViewer::GetNextEvent(
+ HBufC*& aEventText,
+ TEventProperties& aEventProperties)
+ {
+ TInt status = GetRequestedEvent(
+ aEventText,
+ aEventProperties,
+ 0, // Event number
+ KGetNextEvent);
+ return status;
+ }
+
+//////////////////////////////////////////////////////////////////
+//
+// GetPrevousEvent
+//
+/////////////////////////////////////////////////////////////////
+EXPORT_C TInt CEventViewer::GetPreviousEvent(
+ HBufC*& aEventText,
+ TEventProperties& aEventProperties)
+ {
+ TInt status = GetRequestedEvent(
+ aEventText,
+ aEventProperties,
+ 0, // Event number
+ KGetPreviousEvent);
+ return status;
+ }
+
+//////////////////////////////////////////////////////////////////
+//
+// GetEventUsingEventNumber
+//
+/////////////////////////////////////////////////////////////////
+EXPORT_C TInt CEventViewer::GetEventUsingEventNumber(
+ HBufC*& aEventText,
+ TUint32 aEventNumber,
+ TEventProperties& aEventProperties)
+ {
+ TInt status = GetRequestedEvent(
+ aEventText,
+ aEventProperties,
+ aEventNumber,
+ KGetEventUsingEventNumber);
+ return status;
+ }
+
+
+//////////////////////////////////////////////////////////////////
+//
+// GetRequestedEvent - Get Requested Event
+// This is a common function for API calls. It searches the event
+// that the API user has requested. The function returns a buffer
+// containing the event text and TEventProperties structure that
+// contains some parameters relating to the event.
+//
+/////////////////////////////////////////////////////////////////
+ TInt CEventViewer::GetRequestedEvent(
+ HBufC*& aEventText,
+ TEventProperties& aEventProperties,
+ TUint32 aEventNumber,
+ TInt aMethodId)
+ {
+ TInt status = 0;
+ TRAPD (err, status = GetRequestedEventL(
+ aEventText,
+ aEventProperties,
+ aEventNumber,
+ aMethodId))
+
+ if (err != KErrNone)
+ {
+ LOG(Log::Printf(_L("API request failed, status %d\n"), err));
+
+ status = err;
+ }
+ return status;
+ }
+
+TInt CEventViewer::GetRequestedEventL(
+ HBufC*& aEventText,
+ TEventProperties& aEventProperties,
+ TUint32 aEventNumber,
+ TInt aMethodId)
+ {
+ TInt status;
+ LOG(Log::Printf(_L("API request received, method = %d\n"), aMethodId));
+
+ //
+ // Store the API parameters to this object
+ //
+ iEventText = &aEventText;
+ iEventProperties = &aEventProperties;
+ //
+ // Produce the event number that the user is requesting
+ //
+
+ switch (aMethodId)
+ {
+ case KGetMostRecentEvent:
+ {
+
+ // Read the log file to memory buffer if not yet done
+
+ if (iLogFileBuf == 0)
+ {
+
+ status = ReadWholeLogFileToMemoryBuffer();
+ if (status != KErrNone)
+ {
+ break;
+ }
+ TakeCopyOfFileHeader(iCurrFileHeader, iPreviousFileHeader);
+ }
+
+ // Check if the log file has been modified and read the log
+ // file header
+
+ else
+ {
+ status = ReadLogFileHeader();
+ if (status != KErrNone)
+ {
+ break;
+ }
+ if (IsLogFileModified())
+ {
+ TakeCopyOfFileHeader(iCurrFileHeader, iPreviousFileHeader);
+ }
+ }
+ iRequestedEventNumber = iCurrFileHeader.iCurrEventNumber;
+ break;
+ }
+
+ case KGetNextEvent:
+ {
+ iRequestedEventNumber++;
+ break;
+ }
+ case KGetPreviousEvent:
+ {
+ iRequestedEventNumber--;
+ break;
+ }
+ case KGetEventUsingEventNumber:
+ {
+ iRequestedEventNumber = aEventNumber;
+ break;
+ }
+ default:
+ {
+ break;
+ }
+ }
+ //
+ // Check the validity of requested event number
+ //
+
+ if (iRequestedEventNumber == 0 ||
+ iRequestedEventNumber > iCurrFileHeader.iCurrEventNumber ||
+ iLogFileBuf == 0) // Logfile not yet in memory
+ {
+ LOG(Log::Printf(_L("API request completed, requested event not found \n")));
+ return KErrNotFound;
+ }
+ //
+ // Search the event from the memory resident log file
+ //
+ status = EventLookup(iRequestedEventNumber);
+ if (status != KErrNone)
+ {
+ return status; // Event not found
+ }
+ //
+ // Event found, copy the packed format log element parameters to an
+ // unpacked object
+ //
+
+ CopyPackedLogElemToUnpackedObject(iPositionOfCurrLogElem);
+
+ //
+ // Search the event text relating to the MsgId
+ //
+ HBufC* eventTextBuf;
+ eventTextBuf = SearchEventTextL(iUnpackedLogElem.iMsgId);
+ if (eventTextBuf == 0)
+ {
+ return KErrNoMemory;
+ }
+
+ //
+ // Modify the event text with the descriptor data
+ // DescrPtr points to a list of following elements:
+ // TInt DataLength
+ // TInt8 Data
+ //
+
+ TUint32 descrDataPosition = iPositionOfCurrLogElem + LOG_ELEM_HEADER_LTH;
+ HBufC* modifiedEventTextBuf = ModifyEventText(
+ eventTextBuf,
+ iUnpackedLogElem.iDescrCount, // Count of descriptor elements
+ descrDataPosition); // Descriptors: lth,lth,...data,data...
+ if (modifiedEventTextBuf == 0)
+ {
+ return KErrNoMemory;
+ }
+ //
+ // An event is available, return data to the caller
+ //
+ *iEventText = modifiedEventTextBuf;
+ iResultBuf = 0;
+ iEventProperties->iEventNumber = iUnpackedLogElem.iEventNumber;
+ iEventProperties->iMsgId = iUnpackedLogElem.iMsgId;
+ TTime tmpTime(iUnpackedLogElem.iTimeStamp);
+ iEventProperties->iTimeStamp = tmpTime;
+ iEventProperties->iSourceComponent = iUnpackedLogElem.iSourceComponent;
+ iEventProperties->iCategory = iUnpackedLogElem.iCategory;
+ LOG(Log::Printf(_L("API request completed OK \n")));
+
+ return KErrNone;
+
+ }
+
+
+ //////////////////////////////////////////////////////////////////////
+ // EventLookup
+ // This function searches an event from the log file buffer that
+ // matches with the requested event number.
+ //////////////////////////////////////////////////////////////////////
+TInt CEventViewer::EventLookup(TUint32 aEventNumber)
+ {
+ TUint32 positionOfLogElemEnd = iCurrFileHeader.iPositionOfNextFree;
+ TUint32 positionOfLogElem;
+ TInt searchGoing = ETrue;
+ TInt status = KErrNone;
+ iWrappingOccured = EFalse;
+ //
+ // Loop here until matching event found or end of elements reached
+ // or any error found
+ //
+
+ while (searchGoing && status == KErrNone)
+ {
+ //
+ // Check if wrapping 1
+ //
+ if (positionOfLogElemEnd == EVENTLOG_FILE_HEADER_LTH)
+ {
+
+
+ if (iCurrFileHeader.iPositionOfWrapping != 0)
+ {
+ positionOfLogElemEnd = iCurrFileHeader.iPositionOfWrapping; // Wrapping occurs
+ iWrappingOccured = ETrue;
+ }
+ else
+ {
+ status = KErrNotFound;
+ continue;
+ }
+ }
+
+ //
+ // Produce the start position of an event
+ //
+
+ status = GetStartPositionOfLogElem( positionOfLogElemEnd,
+ &positionOfLogElem);
+ if (status != KErrNone)
+ {
+ continue;
+ }
+
+ //
+ // Check if requested event has been found
+ //
+
+ if (iUnpackedLogElem.iEventNumber != aEventNumber)
+ {
+ positionOfLogElemEnd = positionOfLogElem;
+ continue; // Not found, continue
+ }
+ //
+ // Requested event found, stop the loop
+ //
+ status = KErrNone;
+ iPositionOfCurrLogElem = positionOfLogElem;
+ searchGoing = EFalse;
+
+ }
+
+ return status;
+ }
+
+
+/////////////////////////////////////////////////////////////////////
+// SearchEventText
+// This function searches from the localization file the text string
+// relating to the MsgId parameter and allocates an buffer in which
+// it returns the data to the caller.
+//
+/////////////////////////////////////////////////////////////////////
+
+HBufC* CEventViewer::SearchEventTextL( TUint32 aMsgId)
+ {
+ HBufC8* resourceBuf = NULL;
+ HBufC* textDataBuf = NULL;
+
+ //
+ // MsgId is a code defined in epoc32\include\eventviewererr.rsg
+ // file. It refers to a message in .rsc file.
+ //
+ TInt msgNumber = STATIC_CAST(TInt, aMsgId);
+ resourceBuf = iResourceFile.AllocReadL( msgNumber);
+
+ TResourceReader resourceReader;
+
+ resourceReader.SetBuffer(resourceBuf);
+
+ textDataBuf = HBufC::New(resourceBuf->Length());
+ if (textDataBuf)
+ {
+ TPtr textDataPtr(textDataBuf->Des());
+
+ resourceReader.Read((void*)textDataBuf->Ptr(), resourceBuf->Length());
+ textDataPtr.SetLength(resourceBuf->Length()/2);
+ }
+
+ delete resourceBuf;
+ return textDataBuf;
+ }
+
+/////////////////////////////////////////////////////////////////////
+// ModifyEventText
+// This function modifies the event text by the descriptors.
+// Both the event text and descriptors are parameters of the
+// function.
+//
+/////////////////////////////////////////////////////////////////////
+
+HBufC* CEventViewer::ModifyEventText(
+ HBufC* aEventTextSrc,
+ TUint32 aDescrCount, // Count of descriptor elements
+ TUint32 aDescrDataPosition) // Descriptors: lth data lth data....
+ {
+ HBufC* modifiedEventText;
+
+ //
+ // If descriptors exist, build pointer to the first
+ // length definition. The format of descriptor data
+ // is as follows:
+ // -- TUInt32 Length of parameter 1 (lth1)
+ // -- TUInt32 Length of parameter 2 (lth2)
+ // -- TUInt32 Length of parameter n (lthx)
+ // -- TInt8[lth1] Data 1
+ // -- TInt8[lth2] Data 2
+ // -- TInt8[lthx] Data n
+ // Variable length data, The format of
+ // data is defined by the conversion
+ // specification characters in the text string
+ //
+
+ //
+ // No descriptors, return localisation data buffer
+ //
+ if (aDescrCount == 0)
+ {
+ return aEventTextSrc;
+ }
+
+ //
+ // Build TPtr8 pointer for descriptor list
+ //
+
+ TInt descrLth = iUnpackedLogElem.iEventLength -
+ LOG_ELEM_HEADER_LTH -
+ LOG_ELEM_TRAILER_LTH;
+ TPtr8 logFileBuf (iLogFileBuf->Des()); // Log file in memory
+ TPtr8 descrListPtr (const_cast<TUint8*>(logFileBuf.Ptr())+ aDescrDataPosition, // Data ptr
+ descrLth, // Data length
+ descrLth); // Max length
+ //
+ // Modify the localisation data buffer with the descriptor data
+ //
+ modifiedEventText = FormatEvent(
+ aDescrCount,
+ descrListPtr,
+ aEventTextSrc->Des());
+
+
+ delete aEventTextSrc;
+ return modifiedEventText;
+ }
+
+
+/////////////////////////////////////////////////////////////////////
+// GetIapName
+// These functions are used to convert an IAP ID to IAP name.
+//
+////////////////////////////////////////////////////////////////////
+EXPORT_C TInt EventViewer::GetIapName(TUint32 aIapId, TIapName& aIapName)
+ {
+ TRAPD(err, DoGetIapNameL(aIapId, aIapName));
+ return err;
+ }
+
+EXPORT_C TInt EventViewer::GetSnapName(TUint32 aSnapId, TIapName& aSnapName)
+ {
+ TRAPD(err, DoGetSnapNameL(aSnapId, aSnapName));
+ return err;
+ }
+
+EXPORT_C TInt EventViewer::GetIapNames(TUint32 aIapId1, TIapName& aIapName1,
+ TUint32 aIapId2, TIapName& aIapName2)
+ {
+ TRAPD(err, DoGetIapNamesL(aIapId1, aIapName1, aIapId2, aIapName2));
+ return err;
+ }
+
+void EventViewer::DoGetIapNameL(TUint32 aIapId, TIapName& aIapName)
+ {
+ using namespace CMManager;
+
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL(cmManagerExt);
+
+ RCmConnectionMethodExt connectionMethod = cmManagerExt.ConnectionMethodL( aIapId );
+ CleanupClosePushL(connectionMethod);
+
+ HBufC* cmName = connectionMethod.GetStringAttributeL(ECmName); // Ownership passed
+
+ aIapName.Copy(*cmName);
+ delete cmName;
+ cmName = NULL;
+
+ CleanupStack::PopAndDestroy(&connectionMethod);
+ CleanupStack::PopAndDestroy(&cmManagerExt);
+ }
+
+void EventViewer::DoGetIapNamesL(TUint32 aIapId1, TIapName& aIapName1,
+ TUint32 aIapId2, TIapName& aIapName2)
+ {
+ using namespace CMManager;
+
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL(cmManagerExt);
+
+ RCmConnectionMethodExt connectionMethod1 = cmManagerExt.ConnectionMethodL( aIapId1 );
+ CleanupClosePushL(connectionMethod1);
+
+ HBufC* cmName1 = connectionMethod1.GetStringAttributeL(ECmName);
+ CleanupStack::PushL(cmName1);
+
+ aIapName1.Copy(*cmName1);
+
+ RCmConnectionMethodExt connectionMethod2 = cmManagerExt.ConnectionMethodL( aIapId2 );
+ CleanupClosePushL(connectionMethod2);
+
+ HBufC* cmName2 = connectionMethod2.GetStringAttributeL(ECmName); // Ownership passed
+
+ aIapName2.Copy(*cmName2);
+
+ delete cmName2;
+ cmName2 = NULL;
+ CleanupStack::PopAndDestroy(4);
+ }
+
+
+void EventViewer::DoGetSnapNameL(TUint32 aSnapId, TIapName& aSnapName)
+ {
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL(cmManagerExt);
+
+ RCmDestinationExt destination = cmManagerExt.DestinationL( aSnapId );
+ CleanupClosePushL(destination);
+
+ HBufC* snapName16bit = destination.NameLC();
+ CnvUtfConverter::ConvertFromUnicodeToUtf8(aSnapName, *snapName16bit);
+ CleanupStack::PopAndDestroy(snapName16bit);
+
+ CleanupStack::PopAndDestroy(); //destination
+ CleanupStack::PopAndDestroy(); //cmManagerExt
+ }
+
+/////////////////////////////////////////////////////////////////////
+// DeleteLogFile
+// This function deletes the eventlog.bin file
+//
+////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CEventViewer::DeleteLogFile()
+ {
+ TRAPD(err, DoDeleteLogFileL());
+ return err;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/eventviewer/src/logfilehandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,315 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Log file handler
+*
+*/
+
+
+
+#include "eventviewer2.h"
+#include "log_eventviewer.h"
+//#include "logcommon.h"
+
+///////////////////////////////////////////////////////////////////
+// OpenLogFile
+// This function checks the state of the LogFile and tries to open
+// the file if it is not yet open. It also reads the header section
+// of the file and checks that the file is a correct log file.
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::OpenLogFile()
+ {
+ TInt status = ReadLogFileHeader();
+ if (status != KErrNone)
+ {
+ return status;
+ }
+
+ TakeCopyOfFileHeader(iCurrFileHeader, iPreviousFileHeader);
+ return KErrNone;
+ }
+
+///////////////////////////////////////////////////////////////////
+// CloseLogFile
+// This function closes the log file
+///////////////////////////////////////////////////////////////////
+void CEventViewer::CloseLogFile()
+ {
+ ;
+ }
+
+///////////////////////////////////////////////////////////////////
+// DoDeleteLogFileL
+// This function deletes the event log file
+///////////////////////////////////////////////////////////////////
+void CEventViewer::DoDeleteLogFileL()
+ {
+ CloseLogFile();
+ TInt status = iEventMediator.ClearEventLog();
+ LOG(Log::Printf(_L("Log cleared %d\n"), status));
+ if (status != KErrNone)
+ {
+ User::Leave(status);
+ }
+ }
+
+///////////////////////////////////////////////////////////////////
+// ReadWholeLogFileToMemoryBuffer()
+//
+// This function reads the whole log file to a memory buffer
+// and takes a new version of file header.
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::ReadWholeLogFileToMemoryBuffer()
+ {
+ TInt status;
+ status = iEventMediator.GetEventLogSize(iLogFileSize);
+ if (status != KErrNone)
+ {
+ return status;
+ }
+ if (iLogFileSize < EVENTLOG_FILE_HEADER_LTH)
+ {
+ return KErrNotFound;
+ }
+
+ delete iLogFileBuf;
+ iLogFileBuf = 0;
+
+ iLogFileBuf = HBufC8::New(iLogFileSize + 2048); // 2048: it can be bigger now
+ if (iLogFileBuf == 0)
+ {
+ return KErrNoMemory;
+ }
+
+ TPtr8 ptr(iLogFileBuf->Des());
+ status = iEventMediator.GetEventLogData(ptr);
+ if (status != KErrNone)
+ {
+ return status;
+ }
+
+ status = CopyPackedFileHeaderToUnpackedObject(ptr);
+ if (status != KErrNone)
+ {
+ return status;
+ }
+ return KErrNone;
+ }
+
+///////////////////////////////////////////////////////////////////
+// ReadLogFileHeader
+// This function reads the packed format file header section of the
+// event log file and copies the contents of header to the
+// caller's unpacked object.
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::ReadLogFileHeader()
+ {
+ TBuf8<EVENTLOG_FILE_HEADER_LTH> fileHeaderBuf;
+ TInt status = iEventMediator.GetEventLogHeader(fileHeaderBuf);
+ if (status != KErrNone)
+ {
+ return status;
+ }
+
+ status = CopyPackedFileHeaderToUnpackedObject(fileHeaderBuf);
+ if (status != KErrNone)
+ {
+ return status;
+ }
+
+ return KErrNone;
+ }
+
+///////////////////////////////////////////////////////////////////
+// TakeCopyOfFileHeader
+// This function takes a copy of the unpacked file header.
+///////////////////////////////////////////////////////////////////
+void CEventViewer::TakeCopyOfFileHeader(TUnpackedFileHeader& asrc,
+ TUnpackedFileHeader& adest)
+ {
+ adest.iFileId = asrc.iFileId;
+ adest.iPositionOfNextFree = asrc.iPositionOfNextFree;
+ adest.iPositionOfWrapping = asrc.iPositionOfWrapping;
+ adest.iCurrEventNumber = asrc.iCurrEventNumber;
+ }
+
+///////////////////////////////////////////////////////////////////
+// CopyPackedFileHeaderToUnpackedObject
+// This function copies the packet format file header to an
+// unpacked object.
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::CopyPackedFileHeaderToUnpackedObject( TDesC8& aFileHeader)
+ {
+
+ // Convert the TDesC8 parameter to TUint8* format
+
+ TFileHeader* fileHeader = (TFileHeader*) aFileHeader.Ptr();
+
+ // Copy the packet format header parameters to unpacked object
+
+ iCurrFileHeader.iFileId = fileHeader->GetFileId();
+ iCurrFileHeader.iPositionOfNextFree = fileHeader->GetPositionOfNextFree();
+ iCurrFileHeader.iPositionOfWrapping = fileHeader->GetPositionOfWrapping();
+ iCurrFileHeader.iCurrEventNumber = fileHeader->GetCurrEventNumber();
+
+ // Check the file Id
+
+ if (iCurrFileHeader.iFileId != LOG_FILE_ID)
+ {
+ return KErrNotFound;
+ }
+
+ return KErrNone;
+ }
+
+///////////////////////////////////////////////////////////////////
+// IsLogFileModified
+// Check if the logfile has been modified (file header is no more
+// the same as previously)
+///////////////////////////////////////////////////////////////////
+TBool CEventViewer::IsLogFileModified()
+ {
+
+ if (iCurrFileHeader.iFileId == iPreviousFileHeader.iFileId
+ &&
+ iCurrFileHeader.iPositionOfNextFree == iPreviousFileHeader.iPositionOfNextFree)
+ {
+ return EFalse;
+ }
+ return ETrue;
+ }
+
+
+
+///////////////////////////////////////////////////////////////////
+// GetStartPositionOfLogElem
+// This function calculates the start position of a log element.
+// As input parameter it has the position of the first byte
+// after the element.
+///////////////////////////////////////////////////////////////////
+TInt CEventViewer::GetStartPositionOfLogElem(TUint32 aPositionOfLogElemEnd,
+ TUint32* aPositionOfLogElem)
+ {
+
+ // Set base for the most recent log element trailer
+
+ TPtr8 logFileBuf (iLogFileBuf->Des()); // Log file in memory
+ TUint32 logElemTrailerPos = aPositionOfLogElemEnd - LOG_ELEM_TRAILER_LTH;
+
+ if (iWrappingOccured && logElemTrailerPos <= iCurrFileHeader.iPositionOfNextFree)
+ {
+
+ return KErrNotFound;
+ }
+
+ TPtr8 elemTrailer (const_cast<TUint8*>(logFileBuf.Ptr())+ logElemTrailerPos, // Data ptr
+ LOG_ELEM_TRAILER_LTH, // Data length
+ LOG_ELEM_TRAILER_LTH); // Max length
+ // Convert the TPtr8 parameter to TUint8* format
+
+ TLogElemTrailer* elemTrailerPtr = (TLogElemTrailer*) elemTrailer.Ptr();
+
+ // Copy the packet format trailer parameters to unpacked object
+
+ iLogElemTrailer.iEndMark1 = elemTrailerPtr->GetEndMark1();
+ iLogElemTrailer.iEndMark2 = elemTrailerPtr->GetEndMark2();
+ iLogElemTrailer.iEventLength = elemTrailerPtr->GetEventLength();
+
+ // Check the validity of trailer
+
+ if (iLogElemTrailer.iEndMark1 != END_MARK_1
+ ||
+ iLogElemTrailer.iEndMark2 != END_MARK_2
+ ||
+ iLogElemTrailer.iEventLength > aPositionOfLogElemEnd +
+ EVENTLOG_FILE_HEADER_LTH)
+ {
+
+ return KErrGeneral;
+ }
+
+ // Set position for the current log element
+
+ TUint32 logElemPos = aPositionOfLogElemEnd - iLogElemTrailer.iEventLength;
+
+ if (iWrappingOccured && logElemPos < iCurrFileHeader.iPositionOfNextFree)
+ {
+
+ return KErrNotFound;
+ }
+
+ TPtr8 logElem (const_cast<TUint8*>(logFileBuf.Ptr())+ logElemPos, // Data ptr
+ iLogElemTrailer.iEventLength, // Data length
+ iLogElemTrailer.iEventLength);
+
+ // Convert the TPtr8 parameter to TUint8* format
+
+ TLogElem* logElemPtr = (TLogElem*) logElem.Ptr();
+
+ // Copy the event number and event length parameters
+ // from packed format log element to unpacked object
+
+ iUnpackedLogElem.iEventLength = logElemPtr->GetEventLength();
+ iUnpackedLogElem.iEventNumber = logElemPtr->GetEventNumber();
+
+ // Verify the extracted data
+
+ if (iUnpackedLogElem.iEventNumber > iCurrFileHeader.iCurrEventNumber
+ ||
+ iUnpackedLogElem.iEventLength != iLogElemTrailer.iEventLength)
+ {
+
+ return KErrGeneral;
+ }
+
+ *aPositionOfLogElem = logElemPos;
+
+ return KErrNone;
+
+ }
+
+ //
+ // Event found, copy the packed format log element parameters to an
+ // unpacked object
+ //
+
+
+///////////////////////////////////////////////////////////////////
+// CopyPackedFileHeaderToUnpackedObject
+// This function copies the packet format log file element to an
+// unpacked object.
+///////////////////////////////////////////////////////////////////
+void CEventViewer::CopyPackedLogElemToUnpackedObject(TUint32 aPositionOfCurrLogElem)
+ {
+ // Build the log element pointer
+
+ TPtr8 logFileBuf (iLogFileBuf->Des()); // Log file in memory
+ TPtr8 logElem (const_cast<TUint8*>(logFileBuf.Ptr())+ aPositionOfCurrLogElem, // Data ptr
+ iUnpackedLogElem.iEventLength, // Data length
+ iUnpackedLogElem.iEventLength); // Max length
+
+ // Convert the TPtr8 parameter to TUint8* format
+
+ TLogElem* logElemPtr = (TLogElem*) logElem.Ptr();
+
+
+ // Copy the packet format header parameters to unpacked object
+
+ iUnpackedLogElem.iMsgId = logElemPtr->GetMsgId();
+ iUnpackedLogElem.iTimeStamp = logElemPtr->GetTimeStamp();
+ iUnpackedLogElem.iSourceComponent = logElemPtr->GetSourceComponent();
+ iUnpackedLogElem.iCategory = logElemPtr->GetCategory();
+ iUnpackedLogElem.iDescrCount = logElemPtr->GetDescrCount();
+
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/EABI/ikecertU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,57 @@
+EXPORTS
+ _ZN10CIkeCaElem4NewLEP6HBufC8 @ 1 NONAME
+ _ZN10CIkeCaElemD0Ev @ 2 NONAME
+ _ZN10CIkeCaElemD1Ev @ 3 NONAME
+ _ZN10CIkeCaElemD2Ev @ 4 NONAME
+ _ZN10CIkeCaListC1Ei @ 5 NONAME
+ _ZN10CIkeCaListC2Ei @ 6 NONAME
+ _ZN11IkePkiUtils13CastCertArrayEPK13CArrayFixFlatIPK18TCertificateISAKMPE @ 7 NONAME
+ _ZN11IkePkiUtils16CertifyIdentityLEPK16CX509CertificateR6TDesC8i @ 8 NONAME
+ _ZN11IkePkiUtils16VerifyCertChainLERK13CArrayFixFlatIP16CX509CertificateERS2_RK10CIkeCaList @ 9 NONAME
+ _ZN11IkePkiUtils18VerifyCertificateLERK13CArrayFixFlatIP17TCertPayloadIkev2ERK10CIkeCaList @ 10 NONAME
+ _ZN11IkePkiUtils18VerifyCertificateLERK13CArrayFixFlatIPK18TCertificateISAKMPERK10CIkeCaList @ 11 NONAME
+ _ZN11IkePkiUtils20GetIdentityFromCertLEhRK6TDesC8 @ 12 NONAME
+ _ZN11IkePkiUtils21VerifyIkev1SignatureLERK6TDesC8S2_RK16CX509Certificate @ 13 NONAME
+ _ZN11IkePkiUtils21VerifyIkev2SignatureLERK6TDesC8S2_RK16CX509Certificate @ 14 NONAME
+ _ZN11IkePkiUtils22GetCertSubjectNameDERLEPK16CX509CertificateR5TDes8 @ 15 NONAME
+ _ZN16CIkeV1PkiService10ReadChainLEP8CIkeDataPK6HBufC8 @ 16 NONAME
+ _ZN16CIkeV1PkiService12GetTrustedCAEv @ 17 NONAME
+ _ZN16CIkeV1PkiService14GetCertificateEv @ 18 NONAME
+ _ZN16CIkeV1PkiService14GetTrustedICA1Ev @ 19 NONAME
+ _ZN16CIkeV1PkiService14GetTrustedICA2Ev @ 20 NONAME
+ _ZN16CIkeV1PkiService14ImportCACertsLEP13CArrayFixFlatIP9TCertInfoE @ 21 NONAME
+ _ZN16CIkeV1PkiService15Ikev1SignatureLERK6TDesC8P8CIkeDataS2_R5TDes8 @ 22 NONAME
+ _ZN16CIkeV1PkiService21ReadUserCertWithNameLERK6TDesC8P8CIkeDatai @ 23 NONAME
+ _ZN16CIkeV1PkiService4NewLEP8CIkeDataR9MIkeDebug @ 24 NONAME
+ _ZN16CIkeV1PkiService6CaListEv @ 25 NONAME
+ _ZN16CIkeV1PkiServiceD0Ev @ 26 NONAME
+ _ZN16CIkeV1PkiServiceD1Ev @ 27 NONAME
+ _ZN16CIkeV1PkiServiceD2Ev @ 28 NONAME
+ _ZN16CIkeV2PkiService15Ikev2SignatureLERK6TDesC8RK12TOwnCertInfoS2_R5TDes8h @ 29 NONAME
+ _ZN16CIkeV2PkiService19InitIkeV2PkiServiceEPK8CIkeData @ 30 NONAME
+ _ZN16CIkeV2PkiService27ReadTrustedUserCertificateLEv @ 31 NONAME
+ _ZN16CIkeV2PkiService4NewLER24MIkeV2PkiServiceObserverR9MIkeDebug @ 32 NONAME
+ _ZN16CIkeV2PkiServiceD0Ev @ 33 NONAME
+ _ZN16CIkeV2PkiServiceD1Ev @ 34 NONAME
+ _ZN16CIkeV2PkiServiceD2Ev @ 35 NONAME
+ _ZN7IkeCert22GetSubjectAltNameDataLEPK16CX509Certificateh @ 36 NONAME
+ _ZN7IkeCert23GetCertificateFieldDERLEP6HBufC8i @ 37 NONAME
+ _ZN7IkeCert23GetCertificateFieldDERLEPK16CX509Certificatei @ 38 NONAME
+ _ZNK10CIkeCaElem11CertificateEv @ 39 NONAME
+ _ZNK10CIkeCaElem7KeyHashEv @ 40 NONAME
+ _ZNK16CIkeV2PkiService13TrustedCaNameEv @ 41 NONAME
+ _ZNK16CIkeV2PkiService17I1CertificateDataEv @ 42 NONAME
+ _ZNK16CIkeV2PkiService17I2CertificateDataEv @ 43 NONAME
+ _ZNK16CIkeV2PkiService19UserCertificateDataEv @ 44 NONAME
+ _ZNK16CIkeV2PkiService6CaListEv @ 45 NONAME
+ _ZTI10CIkeCaElem @ 46 NONAME ; #<TI>#
+ _ZTI10CIkeCaList @ 47 NONAME ; #<TI>#
+ _ZTI13CIkePublicKey @ 48 NONAME ; #<TI>#
+ _ZTI16CIkeV1PkiService @ 49 NONAME ; #<TI>#
+ _ZTI16CIkeV2PkiService @ 50 NONAME ; #<TI>#
+ _ZTV10CIkeCaElem @ 51 NONAME ; #<VT>#
+ _ZTV10CIkeCaList @ 52 NONAME ; #<VT>#
+ _ZTV13CIkePublicKey @ 53 NONAME ; #<VT>#
+ _ZTV16CIkeV1PkiService @ 54 NONAME ; #<VT>#
+ _ZTV16CIkeV2PkiService @ 55 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/bwins/IKECERTU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+EXPORTS
+ ??0CIkeCaList@@QAE@H@Z @ 1 NONAME ; CIkeCaList::CIkeCaList(int)
+ ??1CIkeCaElem@@UAE@XZ @ 2 NONAME ; CIkeCaElem::~CIkeCaElem(void)
+ ??1CIkeV1PkiService@@UAE@XZ @ 3 NONAME ; CIkeV1PkiService::~CIkeV1PkiService(void)
+ ??1CIkeV2PkiService@@UAE@XZ @ 4 NONAME ; CIkeV2PkiService::~CIkeV2PkiService(void)
+ ?CaList@CIkeV1PkiService@@QAEPAVCIkeCaList@@XZ @ 5 NONAME ; class CIkeCaList * CIkeV1PkiService::CaList(void)
+ ?CaList@CIkeV2PkiService@@QBEABVCIkeCaList@@XZ @ 6 NONAME ; class CIkeCaList const & CIkeV2PkiService::CaList(void) const
+ ?CastCertArray@IkePkiUtils@@CAPBV?$CArrayFixFlat@PAVTCertPayloadIkev2@@@@PBV?$CArrayFixFlat@PB$$CBVTCertificateISAKMP@@@@@Z @ 7 NONAME ; class CArrayFixFlat<class TCertPayloadIkev2 *> const * IkePkiUtils::CastCertArray(class CArrayFixFlat<class TCertificateISAKMP const *> const *)
+ ?Certificate@CIkeCaElem@@QBEPAVCX509Certificate@@XZ @ 8 NONAME ; class CX509Certificate * CIkeCaElem::Certificate(void) const
+ ?CertifyIdentityL@IkePkiUtils@@SAHPBVCX509Certificate@@AAVTDesC8@@H@Z @ 9 NONAME ; int IkePkiUtils::CertifyIdentityL(class CX509Certificate const *, class TDesC8 &, int)
+ ?GetCertSubjectNameDERL@IkePkiUtils@@SAHPBVCX509Certificate@@AAVTDes8@@@Z @ 10 NONAME ; int IkePkiUtils::GetCertSubjectNameDERL(class CX509Certificate const *, class TDes8 &)
+ ?GetCertificate@CIkeV1PkiService@@QAEPAVHBufC8@@XZ @ 11 NONAME ; class HBufC8 * CIkeV1PkiService::GetCertificate(void)
+ ?GetCertificateFieldDERL@IkeCert@@SAPAVHBufC8@@PAV2@H@Z @ 12 NONAME ; class HBufC8 * IkeCert::GetCertificateFieldDERL(class HBufC8 *, int)
+ ?GetCertificateFieldDERL@IkeCert@@SAPAVHBufC8@@PBVCX509Certificate@@H@Z @ 13 NONAME ; class HBufC8 * IkeCert::GetCertificateFieldDERL(class CX509Certificate const *, int)
+ ?GetIdentityFromCertL@IkePkiUtils@@SAPAVHBufC8@@EABVTDesC8@@@Z @ 14 NONAME ; class HBufC8 * IkePkiUtils::GetIdentityFromCertL(unsigned char, class TDesC8 const &)
+ ?GetSubjectAltNameDataL@IkeCert@@SAPAVHBufC8@@PBVCX509Certificate@@E@Z @ 15 NONAME ; class HBufC8 * IkeCert::GetSubjectAltNameDataL(class CX509Certificate const *, unsigned char)
+ ?GetTrustedCA@CIkeV1PkiService@@QAEPAVHBufC8@@XZ @ 16 NONAME ; class HBufC8 * CIkeV1PkiService::GetTrustedCA(void)
+ ?GetTrustedICA1@CIkeV1PkiService@@QAEPAVHBufC8@@XZ @ 17 NONAME ; class HBufC8 * CIkeV1PkiService::GetTrustedICA1(void)
+ ?GetTrustedICA2@CIkeV1PkiService@@QAEPAVHBufC8@@XZ @ 18 NONAME ; class HBufC8 * CIkeV1PkiService::GetTrustedICA2(void)
+ ?I1CertificateData@CIkeV2PkiService@@QBEABVTDesC8@@XZ @ 19 NONAME ; class TDesC8 const & CIkeV2PkiService::I1CertificateData(void) const
+ ?I2CertificateData@CIkeV2PkiService@@QBEABVTDesC8@@XZ @ 20 NONAME ; class TDesC8 const & CIkeV2PkiService::I2CertificateData(void) const
+ ?Ikev1SignatureL@CIkeV1PkiService@@QAEHABVTDesC8@@PAVCIkeData@@0AAVTDes8@@@Z @ 21 NONAME ; int CIkeV1PkiService::Ikev1SignatureL(class TDesC8 const &, class CIkeData *, class TDesC8 const &, class TDes8 &)
+ ?Ikev2SignatureL@CIkeV2PkiService@@QAEHABVTDesC8@@ABVTOwnCertInfo@@0AAVTDes8@@E@Z @ 22 NONAME ; int CIkeV2PkiService::Ikev2SignatureL(class TDesC8 const &, class TOwnCertInfo const &, class TDesC8 const &, class TDes8 &, unsigned char)
+ ?ImportCACertsL@CIkeV1PkiService@@QAEHPAV?$CArrayFixFlat@PAUTCertInfo@@@@@Z @ 23 NONAME ; int CIkeV1PkiService::ImportCACertsL(class CArrayFixFlat<struct TCertInfo *> *)
+ ?InitIkeV2PkiService@CIkeV2PkiService@@QAEXPBVCIkeData@@@Z @ 24 NONAME ; void CIkeV2PkiService::InitIkeV2PkiService(class CIkeData const *)
+ ?KeyHash@CIkeCaElem@@QBEABVTDesC8@@XZ @ 25 NONAME ; class TDesC8 const & CIkeCaElem::KeyHash(void) const
+ ?NewL@CIkeCaElem@@SAPAV1@PAVHBufC8@@@Z @ 26 NONAME ; class CIkeCaElem * CIkeCaElem::NewL(class HBufC8 *)
+ ?NewL@CIkeV1PkiService@@SAPAV1@PAVCIkeData@@AAVMIkeDebug@@@Z @ 27 NONAME ; class CIkeV1PkiService * CIkeV1PkiService::NewL(class CIkeData *, class MIkeDebug &)
+ ?NewL@CIkeV2PkiService@@SAPAV1@AAVMIkeV2PkiServiceObserver@@AAVMIkeDebug@@@Z @ 28 NONAME ; class CIkeV2PkiService * CIkeV2PkiService::NewL(class MIkeV2PkiServiceObserver &, class MIkeDebug &)
+ ?ReadChainL@CIkeV1PkiService@@QAEHPAVCIkeData@@PBVHBufC8@@@Z @ 29 NONAME ; int CIkeV1PkiService::ReadChainL(class CIkeData *, class HBufC8 const *)
+ ?ReadTrustedUserCertificateL@CIkeV2PkiService@@AAEXXZ @ 30 NONAME ; void CIkeV2PkiService::ReadTrustedUserCertificateL(void)
+ ?ReadUserCertWithNameL@CIkeV1PkiService@@QAEHABVTDesC8@@PAVCIkeData@@H@Z @ 31 NONAME ; int CIkeV1PkiService::ReadUserCertWithNameL(class TDesC8 const &, class CIkeData *, int)
+ ?TrustedCaName@CIkeV2PkiService@@QBEABVTDesC8@@XZ @ 32 NONAME ; class TDesC8 const & CIkeV2PkiService::TrustedCaName(void) const
+ ?UserCertificateData@CIkeV2PkiService@@QBEABVTDesC8@@XZ @ 33 NONAME ; class TDesC8 const & CIkeV2PkiService::UserCertificateData(void) const
+ ?VerifyCertChainL@IkePkiUtils@@SAPAVCX509Certificate@@ABV?$CArrayFixFlat@PAVCX509Certificate@@@@AAPAV2@ABVCIkeCaList@@@Z @ 34 NONAME ; class CX509Certificate * IkePkiUtils::VerifyCertChainL(class CArrayFixFlat<class CX509Certificate *> const &, class CX509Certificate * &, class CIkeCaList const &)
+ ?VerifyCertificateL@IkePkiUtils@@SAPAVCX509Certificate@@ABV?$CArrayFixFlat@PAVTCertPayloadIkev2@@@@ABVCIkeCaList@@@Z @ 35 NONAME ; class CX509Certificate * IkePkiUtils::VerifyCertificateL(class CArrayFixFlat<class TCertPayloadIkev2 *> const &, class CIkeCaList const &)
+ ?VerifyCertificateL@IkePkiUtils@@SAPAVCX509Certificate@@ABV?$CArrayFixFlat@PB$$CBVTCertificateISAKMP@@@@ABVCIkeCaList@@@Z @ 36 NONAME ; class CX509Certificate * IkePkiUtils::VerifyCertificateL(class CArrayFixFlat<class TCertificateISAKMP const *> const &, class CIkeCaList const &)
+ ?VerifyIkev1SignatureL@IkePkiUtils@@SAHABVTDesC8@@0ABVCX509Certificate@@@Z @ 37 NONAME ; int IkePkiUtils::VerifyIkev1SignatureL(class TDesC8 const &, class TDesC8 const &, class CX509Certificate const &)
+ ?VerifyIkev2SignatureL@IkePkiUtils@@SAHABVTDesC8@@0ABVCX509Certificate@@@Z @ 38 NONAME ; int IkePkiUtils::VerifyIkev2SignatureL(class TDesC8 const &, class TDesC8 const &, class CX509Certificate const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+*
+*/
+
+
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ ikecerttest.mmp
+#else
+ ikecert.mmp
+#endif
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/group/ikecert.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,62 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikecert
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikecert.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x10206995
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikev1pkiservice.cpp
+SOURCE ikecert.cpp
+SOURCE ikecaelem.cpp
+SOURCE ikepublickey.cpp
+SOURCE ikecalist.cpp
+SOURCE ikepkiutils.cpp
+SOURCE ikev2pkiservice.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikeutils/inc
+USERINCLUDE ../../ikev2lib/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY crypto.lib
+LIBRARY asn1.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY utlcrypto.lib
+LIBRARY utlpkcs10.lib
+LIBRARY ikepolparser.lib
+LIBRARY insock.lib
+LIBRARY charconv.lib
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/group/ikecerttest.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,65 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Test project definition file for project ikecert
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikecert.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x10206995
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikev1pkiservice.cpp
+SOURCE ikecert.cpp
+SOURCE ikecaelem.cpp
+SOURCE ikepublickey.cpp
+SOURCE ikecalist.cpp
+SOURCE ikepkiutils.cpp
+SOURCE ikev2pkiservice.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikeutils/inc
+USERINCLUDE ../../ikev2lib/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY ikecert_proxy.lib
+LIBRARY euser.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY crypto.lib
+LIBRARY asn1.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY utlcrypto.lib
+LIBRARY utlpkcs10.lib
+LIBRARY ikepolparser.lib
+LIBRARY insock.lib
+LIBRARY charconv.lib
+DEBUGLIBRARY flogger.lib
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikecaelem.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,47 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing information about one CA cert
+*
+*/
+
+
+
+#ifndef C_IKECAELEM_H
+#define C_IKECAELEM_H
+
+#include <e32base.h>
+
+class CX509Certificate;
+
+/**
+ * Class containing the certificate and it's key info.
+ *
+ * @lib IkeCert.lib
+ * @since S60 v3.0
+ */
+class CIkeCaElem : public CBase
+ {
+public:
+ IMPORT_C static CIkeCaElem* NewL(HBufC8* aCert);
+ IMPORT_C ~CIkeCaElem();
+
+ IMPORT_C CX509Certificate* Certificate() const;
+ IMPORT_C const TDesC8& KeyHash() const;
+
+private:
+ CX509Certificate* iCaCert;
+ HBufC8* iKeyInfo;
+ };
+
+#endif // C_IKECAELEM_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikecalist.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing list of CAs
+*
+*/
+
+
+
+#ifndef C_IKECALIST_H
+#define C_IKECALIST_H
+
+#include <e32base.h>
+
+
+class CIkeCaElem;
+/**
+ * CA List
+ * List of CAs
+ *
+ * @lib IkeCert
+ * @since S60 v3.0
+ */
+class CIkeCaList : public CArrayPtrFlat<CIkeCaElem>
+ {
+public:
+ IMPORT_C CIkeCaList(TInt aGranularity);
+ ~CIkeCaList();
+ CIkeCaElem* FindCaElem(const TDesC8& aKeyIdentifier) const;
+ };
+
+#endif // ? C_IKECALIST_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikecert.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,55 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: General utility methods for certificate handling
+*
+*/
+
+
+
+
+#ifndef IKECERT_H
+#define IKECERT_H
+
+
+#include <e32base.h>
+
+class CX500DistinguishedName;
+class CX509Certificate;
+
+/**
+ * General utility methods for certificate handling
+ *
+ * Contains static methods, which can be user to check thinks from
+ * certificates.
+ *
+ * @lib IkeCert.lib
+ */
+class IkeCert
+ {
+public:
+ IMPORT_C static HBufC8* GetCertificateFieldDERL(HBufC8* aCertBfr, TInt aField);
+ IMPORT_C static HBufC8* GetCertificateFieldDERL(const CX509Certificate *aCert, TInt aField);
+ static TBool AltNameExistsL(const CX509Certificate *aX509Cert, const TDesC8 &aId);
+ IMPORT_C static HBufC8* GetSubjectAltNameDataL(const CX509Certificate *aX509Cert, TUint8 aIkeIdType);
+ static HBufC8* BuildPkcs1v15HashL(const TDesC8 &aHashIn);
+ static void CleanupSequence(TAny* aArray);
+ static TInt CheckValidityPeriod(const CX509Certificate& aCert, TInt aWarningMargin, TInt aErrorMargin );
+ static TInt VerifyCertExtensionsL(const CX509Certificate& aX509Cert);
+
+private:
+ static TUint8* BERGetLengthL(TUint8* aP, TInt &aLen);
+ };
+
+
+#endif // IKECERT_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikecertconst.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE cert definitions.
+*
+*/
+
+#ifndef IKECERTCONST_H_
+#define IKECERTCONST_H_
+
+const TInt KKmdIkeNoCertFoundErr = -5261;
+
+const TInt KSubjectName = 1;
+const TInt KPublicKeyInfo = 2;
+const TInt KIssuerName = 3;
+#endif /*IKECERTCONST_H_*/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikepkiutils.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,149 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: static method for certficate handling
+*
+*/
+
+
+
+
+#ifndef IKEPKIUTILS_H
+#define IKEPKIUTILS_H
+
+#include <e32base.h>
+
+class CX509Certificate;
+class TCertPayloadIkev2;
+class CIkeCaList;
+class TCertificateISAKMP;
+class TASN1DecGeneric;
+
+class IkePkiUtils
+ {
+public:
+
+ /*
+ * Verifies an IKEv2 signature with a public of
+ * specified certificate
+ *
+ * @param aSignature Signature data verified.
+ * @param aAuthData Data signed.
+ * @param aCert Certificate which contains the public key used for verification
+ * @result ETrue if signature is vefified OK, otherwise EFalse
+ */
+ IMPORT_C static TBool VerifyIkev2SignatureL(const TDesC8& aSignature,
+ const TDesC8& aRefHash,
+ const CX509Certificate& aCerts);
+
+
+ /*
+ * Verifies an IKEv1 signature with a public of
+ * specified certificate
+ *
+ * @param aSignature Signature data verified.
+ * @param aRefHash Hash data which has been signed (= Encrypted with private key)
+ * @param aCert Certificate which contains the public key used for verification
+ * @result ETrue if signature is vefified OK, otherwise EFalse
+ */
+ IMPORT_C static TBool VerifyIkev1SignatureL(const TDesC8& aSignature,
+ const TDesC8& aRefHash,
+ const CX509Certificate& aCerts);
+
+ /*
+ * Gets IKE DER encoded Subject Name from the certificate and
+ * copy it into specified buffer
+ *
+ * @param aCert Certificate object pointer
+ * @param aSubjectName Reference to the subject name (returned)
+ * @result ETrue if operation succeeded, otherwise EFalse
+ */
+ IMPORT_C static TBool GetCertSubjectNameDERL(const CX509Certificate* aCert,
+ TDes8& aSubjectName);
+
+ /*
+ * Gets IKE identity data from specified certificate
+ *
+ * @param aIdType Specified IKE Identity type wanted.
+ * @param aCertData Certificate data from where the specified Identity data is taken
+ * @result The identity data buffer of NULL
+ */
+ IMPORT_C static HBufC8* GetIdentityFromCertL(TUint8 aIdType, const TDesC8& aCertData);
+
+
+ /*
+ * Ccertifies a specified IKE identity with
+ * Certificate Identities
+ *
+ * @param aCert Verified user certificate
+ * @param aId IKE identity data used by peer
+ * @param aIdType IKE identity type
+ * @result ETrue if Identity is certified otherwise EFalse
+ */
+ IMPORT_C static TBool CertifyIdentityL(const CX509Certificate* aCert,
+ TDesC8& aId, TInt aIdType);
+
+
+ /*
+ * Verifies the user Certificate used by the IKE peer.
+ *
+ * @param aCerts The array of IKE certificate payload(s) from where verified
+ * Certificate is found
+ * @result A pointer to a verified X509 certificate or NULL
+ */
+ IMPORT_C static CX509Certificate* VerifyCertificateL(const CArrayFixFlat<TCertPayloadIkev2*>& aCerts,
+ const CIkeCaList& aTrustedCAList);
+
+
+ /*
+ * Verifies the user Certificate used by the IKE peer.
+ *
+ * @param aCerts The array of IKE certificate payload(s) from where verified
+ * Certificate is found
+ * @result A pointer to a verified X509 certificate or NULL
+ */
+ IMPORT_C static CX509Certificate* VerifyCertificateL(const CArrayFixFlat<const TCertificateISAKMP*>& aCerts,
+ const CIkeCaList& aTrustedCAList);
+
+ IMPORT_C static CX509Certificate* VerifyCertChainL(const CArrayFixFlat<CX509Certificate*>& aCerts, CX509Certificate*& realUserCert,const CIkeCaList& aTrustedCAList);
+
+private:
+ static TBool VerifySignatureL(const TInt aIkeVersion,
+ const TDesC8& aSignature,
+ const TDesC8& aRefHash,
+ const CX509Certificate& aCert);
+
+ static CArrayPtrFlat<TASN1DecGeneric>* DecodeDERL(const TDesC8& aPtr, TInt& aPosition);
+
+ /*
+ * Verifies user certificate by taking the following actions:
+ * -- Verify the signature of the user certificate with the public
+ * key of the CA certificate.
+ * -- Check the validity of the user certificate
+ * -- Check that extension field of the user certificate are correct
+ */
+ static CX509Certificate* VerifyX509CertificateL(const CX509Certificate& aCaCert,
+ CX509Certificate& aCert);
+
+
+ static CX509Certificate* FindCaCertificateL(const CX509Certificate& aUserCert,
+ const CIkeCaList& aTrustedCAList);
+
+ static const CArrayFixFlat<TCertPayloadIkev2*>* CastCertArray(const CArrayFixFlat<const TCertificateISAKMP*>* aCerts);
+
+
+
+
+ };
+
+#endif //IKEPKIUTILS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikepublickey.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing information about one public key
+*
+*/
+
+
+
+#ifndef C_IKEPUBLICKEY_H
+#define C_IKEPUBLICKEY_H
+
+#include <e32base.h>
+#include "pkidefs.h"
+
+class CX509Certificate;
+
+/**
+ * Class containing information about one public key.
+ * Contains: key parameters, key data and key type info.
+ *
+ * @lib IkeCert.lib
+ * @since S60 v3.0
+ */
+class CIkePublicKey : public CBase
+ {
+public:
+ static CIkePublicKey* NewL(const CX509Certificate& aCert);
+ ~CIkePublicKey();
+
+ TPKIKeyAlgorithm Algorithm() const;
+ const TDesC8& KeyData() const;
+ const TDesC8& KeyParams() const;
+
+private:
+ CIkePublicKey();
+
+ HBufC8* iKeyParams;
+ HBufC8* iKeyData;
+ TPKIKeyAlgorithm iAlgorithm;
+ };
+
+#endif // ? C_PUBLICKEY_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikev1pkiservice.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,165 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI store and Certificate verification interface for IKEv1
+* plug-in
+*
+*/
+
+#ifndef C_IKEV1PKISERVICE_H
+#define C_IKEV1PKISERVICE_H
+
+#include <e32base.h>
+#include <asn1dec.h>
+
+#include "pkiserviceapi.h"
+#include "ikepolparser.h"
+
+class CX509Certificate;
+class TASN1DecGeneric;
+
+class CIkeData;
+class CIkeCaList;
+class TCertPayloadIkev2;
+class TCReqPayloadIkev2;
+class TCertificateISAKMP;
+class MIkePlugInServices;
+class MIkeDebug;
+class CIkeCaElem;
+//
+// CIkeV1PkiService Class
+//
+class CIkeV1PkiService : public CBase
+{
+ public:
+ IMPORT_C static CIkeV1PkiService* NewL( CIkeData* aIkeData,
+ MIkeDebug& aDebug );
+ IMPORT_C ~CIkeV1PkiService();
+
+
+ IMPORT_C TBool ImportCACertsL(CArrayFixFlat<TCertInfo*> *aCAList);
+ IMPORT_C TInt ReadUserCertWithNameL(const TDesC8& aTrustedCaName, CIkeData* aIkeData, TBool aDnType);
+ IMPORT_C TInt Ikev1SignatureL(const TDesC8& aTrustedCaName, CIkeData* aIkeData, const TDesC8& aHashIn, TDes8& aSignature);
+ IMPORT_C CIkeCaList* CaList();
+ IMPORT_C HBufC8* GetCertificate();
+ IMPORT_C HBufC8* GetTrustedCA();
+ IMPORT_C HBufC8* GetTrustedICA1();
+ IMPORT_C HBufC8* GetTrustedICA2();
+ IMPORT_C TInt ReadChainL(CIkeData* aIkeData, const HBufC8* aCAName);
+
+ private:
+ CIkeV1PkiService( CIkeData* aIkeData,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+ TInt ComputeSignatureL(const TDesC8& aTrustedAuthority, const TDesC8& aHashIn, TDes8& aSignature, TBool aRsaSignature);
+ TInt ReadCertificateL(const TDesC8& aTrustedAuthority, TBool aGetCACert);
+
+ /**
+ * Initialized user certificate identification member variables.
+ * The information is taken from the policy file.
+ * Only the ID data, which is available is set, other
+ * data is zeroed.
+ *
+ * @result the size of the key, if available in the policy, zero otherwise.
+ */
+ TUint InitUserCertIdentDataL();
+ TBool GetNextCaElemL();
+ TBool AddNextCaElemL(TInt& aStatus);
+ TInt GetNextCertificateL();
+ TBool CertificateReadL(TInt& aStatus);
+
+ TInt ReadCertificateL(const TPKIKeyIdentifier& aKeyIdentifier);
+ TInt ReadCertificateListL();
+ TInt GetCertificateWithKeyIdL(const TDesC16& aKeyIdString);
+ TBool GetApplUidListL(const TDesC16& aApplUidString);
+ TBool ApplUidCertListCompletedL(TInt aStatus);
+ TBool ReadNextInListL();
+
+
+#ifdef _DEBUG
+ void CertReadCompleted(TBool aCaCert, TInt aStatus, TInt aLine );
+ void HexToString(const TDesC8& aKeyId, TDes16& aKeyIdString);
+#endif
+
+
+ private:
+ TInt iOperation; // Current operation ongoing
+ RPKIServiceAPI iPkiService; // PKI Service handle
+ CIkeCaList* iTrustedCAList; // Trusted CA certificate list
+
+ TInt iCurrIndex; // Current index in name list
+ CArrayFixFlat<TCertInfo*>* iCaNameList; // CA name list delivered
+ HBufC8* iCaName; // Ca name work buffer
+ HBufC8* iCa2Name; // Level 1 Intermediate Certificate
+ HBufC8* iCa1Name; // Level 2 Intermediate Certificate
+
+ CIkeData* iIkeData; // Current policy data object
+
+ RPointerArray<CIkeCaElem> iCasTrustedByPeer; // CA name list delivered
+
+ HBufC8* iReadCertificate; // Certificate stream
+ HBufC8* iReadCertificateOrig; // Certificate stream of original own certificate
+ HBufC8* iSubjName; // Subject alt name buffer
+ HBufC8* iRfc822Name; // RFC822 name buffer
+
+ TPtr8 iCertPtr; // For Pkiserviceapi calls
+ TAny* iResArray; // For Pkiserviceapi calls
+ TBool iReallocated; // Certificate buffer enlarged
+ TInt iCertBfrSize; // Certificate buffer size
+
+ TPKIKeyIdentifier iCertKeyId; // Certficate keyid
+ RArray<TUid>* iApplUidList; // Application UID list
+ CArrayFix<TCertificateListEntry>* iCaCertList; // Applicable CA cert list
+ TInt iListIndex; // Current index in CA cert list
+ TBool iUserCertDerType; //0=ASCII, 1=DER
+ MIkeDebug& iDebug;
+
+};
+
+
+//
+// CIkePkiService operation codes (iOperation)
+//
+const TInt KNoOperation = 0;
+const TInt KBuildingCaList = 1;
+const TInt KReadingCertificate = 2;
+const TInt KProcessingApplUidList = 3;
+const TInt KBuildingApplUidList = 4;
+const TInt KSigning = 5;
+const TInt KDecrypting = 6;
+
+
+//
+// Certificate field indicators for GetCertificateFieldDERL()
+//
+
+#define IKEV2_CERT_KEYID_SIZE 20
+//
+//Extra Errors for IkeCert::VerifyCertificateL()
+//
+const TInt KCertVerifyErrBadType = 1;
+const TInt KCertVerifyErrNotValidYet = 2;
+const TInt KCertVerifyErrExpired = 3;
+const TInt KCertVerifyWithinMargin = 4;
+const TInt KCertVerifyCriticalExt = 5;
+const TInt KCertVerifyKeyUsageErr = 6;
+const TInt KCertVerifyCACertificate = 7;
+
+const TInt KDefaultErrorMargin = 3600; // Default error marginal in Validity
+
+const TInt KSha1hashLth = 20;
+const TInt KCertKeyIdLth = 20; // Certificate Key Identifier length = Length of SHA1 hash
+
+
+#endif // C_IKEV1PKISERVICE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/ikev2pkiservice.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,181 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 specifig certificate reading related stuff
+*
+*/
+
+
+#ifndef C_IKEV2PKISERVICE_H
+#define C_IKEV2PKISERVICE_H
+
+#include <e32base.h>
+
+#include "pkiserviceapi.h"
+
+class CIkeCaElem;
+class TCertInfo;
+class TCReqPayloadIkev2;
+class CIkeData;
+class CIkeCaList;
+class MIkeV2PkiServiceObserver;
+class TOwnCertInfo;
+class MIkeDebug;
+
+
+class CIkeV2PkiService : public CActive
+ {
+public:
+ enum TIkeV2PkiServiceState
+ {
+ EPkiServiceIdle = 0,
+ EBuildingCaList,
+ EReadingCertificate,
+ EReadingCertificateChain
+ };
+
+
+
+ IMPORT_C static CIkeV2PkiService* NewL(MIkeV2PkiServiceObserver& aObserver, MIkeDebug& aDebug);
+ IMPORT_C ~CIkeV2PkiService();
+
+
+ /**
+ * Reads all the CA certs defined in the list to the memory.
+ *
+ * This method is completed by calling:
+ * MIkeV2PkiServiceObserver::IkeV2PkiInitComleteL
+ *
+ * @param aCAList List of CA's, which are retrieved.
+ */
+ IMPORT_C void InitIkeV2PkiService(const CIkeData* aIkeData);
+
+ /*
+ * Computes IKEv2 signature with a specified private key.
+ * Actually a signature computed happens by referring the related certificate
+ * when the PKI store produces the signature with corresponding private key.
+ *
+ * @param aTrustedAuthority Trusted CA name coded either in ASN1 (DN) format or ASCII format
+ * @param aOwnCertInfo Own cert info from the IKE policy
+ * @param aMsgOctets Message data signed. A SHA1 hash is calculated over these message
+ * octets and result is encoded as PKCS1v15 signature before
+ * encrypted with private key
+ * @result signature length.
+ */
+ IMPORT_C TInt Ikev2SignatureL(const TDesC8& aTrustedAuthority,
+ const TOwnCertInfo& aOwnCertInfo,
+ const TDesC8& aMsgOctets,
+ TDes8& aSignature, TUint8 aAuthMeth);
+
+
+ /**
+ * Returns a list of trusted CA certificates.
+ * If the InitIkeV2PkiService method is not called
+ * successfully before this method is called an
+ * empty list is returned.
+ *
+ * @result a list of trusted CA certificates.
+ */
+ IMPORT_C const CIkeCaList& CaList() const;
+
+
+ /**
+ *
+ */
+ IMPORT_C const TDesC8& UserCertificateData() const;
+
+ IMPORT_C const TDesC8& I2CertificateData() const;
+ IMPORT_C const TDesC8& I1CertificateData() const;
+ /**
+ * Returns the name of the trsuted authority of
+ * user certificate.
+ *
+ * If no user certificates are loaded an empty string is returned.
+ *
+ * @result the name of the trusted authority of the user certificate.
+ */
+ IMPORT_C const TDesC8& TrustedCaName() const;
+
+protected:
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+private:
+ CIkeV2PkiService(MIkeV2PkiServiceObserver& aObserver, MIkeDebug& aDebug);
+ void ConstructL();
+
+ void ReadTrustedUserCertificateL();
+ void ReadUserCertificateL(const TDesC8& aTrustedAuthority, TBool aGetCACert);
+ void ReadCertificateChainL();
+
+
+ void InitIkeV2PkiServiceL();
+ void ImportNextCaElemFromIkeDataListL();
+ void BuildingCaListRunL();
+ void ReadUserCertificateRunL();
+ void ReadCertificateChainRunL();
+
+ static void CIkeV2PkiServiceApplUidArrayCleanup(TAny* any);
+
+
+ void SignalObserverL(TInt aStatus);
+private:
+ MIkeV2PkiServiceObserver& iObserver;
+ MIkeDebug& iDebug;
+
+ RPKIServiceAPI iPkiService; // PKI Service handle
+ TIkeV2PkiServiceState iState; // Current state
+
+ HBufC8* iCaName; // Ca name work buffer
+ const CIkeData* iIkeData; // Current policy data object
+
+
+ HBufC8* iReadCertificate; // Certificate stream
+ TPtr8 iCertPtr; // For Pkiserviceapi calls
+
+ HBufC8* iSubjName; // Subject alt name buffer
+ HBufC8* iRfc822Name; // RFC822 name buffer
+ TPKIKeyIdentifier iCertKeyId; // Certficate keyid
+
+ TAny* iResArray; // For Pkiserviceapi calls
+
+ RPointerArray<CIkeCaElem> iCasTrustedByPeer; // CA name list delivered
+ CArrayFixFlat<TCertInfo>* iIkeDataCAList;
+ CIkeCaList* iTrustedCAList; // Trusted CA certificate list
+ HBufC8* iUserCertificate;
+ HBufC8* i2Certificate; // Intermediate certificate Level 2
+ HBufC8* i2CertificateName;
+ HBufC8* i1Certificate; // Intermediate certificate Level 1
+ };
+
+
+/**
+* IKE PKI service request complete
+* @internalComponent
+*/
+class MIkeV2PkiServiceObserver
+{
+ public:
+ /**
+ * IKE PKI service operation completed
+ * @internalComponent
+ * @param aStatus completion status of operation
+ * @param aObject pointer to CIkePkiService object
+ *
+ */
+ virtual void IkeV2PkiInitCompleteL(TInt aStatus)=0;
+};
+
+
+#endif //C_IKEV2PKISERVICE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/vpnlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,108 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging code fot the dmadpki
+*
+*/
+
+
+
+
+
+#ifndef VPNLOGGER_H
+#define VPNLOGGER_H
+
+#if defined(_DEBUG)
+
+#include <e32base.h>
+#include <flogger.h>
+
+
+NONSHARABLE_CLASS(TTraceItem)
+ {
+public:
+ inline TTraceItem(const TDesC& aTraceName);
+ inline ~TTraceItem();
+
+ inline static void TraceCleanupOperation(TAny* aItem);
+private:
+
+ HBufC* iTraceName;
+ TBool iMethodHasLeft;
+ };
+
+
+NONSHARABLE_CLASS(CVpnDebugLogger) : public CBase
+ {
+public:
+
+ inline static void InitializeDebugLoggerL(const TDesC& aFolder, const TDesC& aFileName);
+ inline static void FinalizeDebugLogger();
+ inline static void LogWrite(const TDesC& aText);
+ inline static void LogWrite(const TDesC8& aText);
+
+ inline static void LogWriteF(TRefByValue<const TDesC> aFmt, ...);
+ inline static void LogWriteF(TRefByValue<const TDesC8> aFmt, ...);
+
+
+ inline static void HexWrite(const TDesC8& aData);
+
+
+private:
+ inline void ConstructL(const TDesC& aFolder, const TDesC& aFileName);
+ inline ~CVpnDebugLogger();
+
+ inline static void TimeStamp(TDes& aBuffer);
+ inline static CVpnDebugLogger* VpnDebugLogger();
+
+ inline void WriteLogRaw(const TDesC& aLogMessage);
+
+
+ RFileLogger iFileLogger;
+ TUint iCallDepth;
+
+ TBuf<512> iDebugString;
+ friend class TTraceItem;
+
+ TUint8 iReferenceCount;
+ };
+
+#define INITIALIZE_DEBUG_LOG_L(a, b) CVpnDebugLogger::InitializeDebugLoggerL((a), (b))
+#define FINALIZE_DEBUG_LOG CVpnDebugLogger::FinalizeDebugLogger();
+
+/**
+ * Trace can't be used inside LC methods.
+ */
+#define TRACE(a) TTraceItem __trace(TPtrC((const TText *)L ## a))
+#define DEBUG_LOG(a) CVpnDebugLogger::LogWrite(a)
+#define DEBUG_LOG1(a, b) CVpnDebugLogger::LogWriteF((a), (b))
+#define DEBUG_LOG2(a, b, c) CVpnDebugLogger::LogWriteF((a), (b), (c))
+
+#define DEBUG_LOG_HEX(a) CVpnDebugLogger::HexWrite((a))
+
+#include "vpnlogger.inl"
+
+#else
+
+#define INITIALIZE_DEBUG_LOG_L(a, b)
+#define FINALIZE_DEBUG_LOG
+#define TRACE(a)
+#define DEBUG_LOG(a)
+#define DEBUG_LOG1(a, b)
+#define DEBUG_LOG2(a, b, c)
+
+#define DEBUG_LOG_HEX(a)
+
+
+#endif //!defined(_DEBUG)
+#endif //VPNLOGGER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/inc/vpnlogger.inl Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,359 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging code fot the dmadpki
+*
+*/
+
+
+
+
+#if defined(_DEBUG)
+
+
+_LIT(KTraceOutOfMemory, "TRACE out of memory");
+
+_LIT(KInMark, ">");
+_LIT(KOutMark, "<");
+_LIT(KDepthMark, "-");
+_LIT(KSeparator, " ");
+_LIT(KLeaveFrom, "LEAVE FROM: ");
+
+
+
+void TTraceItem::TraceCleanupOperation(TAny* aItem)
+ {
+
+ TTraceItem* traceCleanupItem = static_cast<TTraceItem*>(aItem);
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+ logger->iCallDepth--;
+
+ logger->iDebugString.Zero();
+
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+ logger->iDebugString.Append(KLeaveFrom);
+ logger->iDebugString.Append(*(traceCleanupItem->iTraceName));
+ logger->WriteLogRaw(logger->iDebugString);
+
+ delete traceCleanupItem->iTraceName;
+
+ traceCleanupItem->iMethodHasLeft = ETrue;
+ }
+
+
+TTraceItem::TTraceItem(const TDesC& aTraceName)
+ {
+ iMethodHasLeft = EFalse;
+
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+
+ iTraceName = aTraceName.Alloc();
+ if (iTraceName != NULL)
+ {
+ if (logger != NULL)
+ {
+ logger->iCallDepth++;
+
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ for (TInt i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(KDepthMark);
+ }
+
+ logger->iDebugString.Append(KInMark);
+ logger->iDebugString.Append(KSeparator);
+ logger->iDebugString.Append(*iTraceName);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+ CleanupStack::PushL(TCleanupItem(TTraceItem::TraceCleanupOperation, this));
+ }
+ else
+ {
+ if (logger != NULL)
+ {
+ logger->WriteLogRaw(KTraceOutOfMemory);
+ }
+ }
+ }
+
+
+TTraceItem::~TTraceItem()
+ {
+ CVpnDebugLogger* logger = CVpnDebugLogger::VpnDebugLogger();
+
+
+ if (!iMethodHasLeft)
+ {
+ if (iTraceName != NULL)
+ {
+ if (logger != NULL)
+ {
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+ logger->iDebugString.Append(KOutMark);
+ for (TInt i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(KDepthMark);
+ }
+
+ logger->iDebugString.Append(KSeparator);
+ logger->iDebugString.Append(*iTraceName);
+ logger->WriteLogRaw(logger->iDebugString);
+
+ logger->iCallDepth--;
+ }
+ delete iTraceName;
+ CleanupStack::Pop(this);
+
+ }
+ else
+ {
+ if (logger != NULL)
+ {
+ logger->WriteLogRaw(KTraceOutOfMemory);
+ }
+ }
+ }
+ }
+
+
+
+void CVpnDebugLogger::InitializeDebugLoggerL(const TDesC& aFolder, const TDesC& aFileName)
+ {
+
+ CVpnDebugLogger* self = static_cast<CVpnDebugLogger*>(Dll::Tls());
+ if (self == NULL)
+ {
+ self = new (ELeave) CVpnDebugLogger;
+ CleanupStack::PushL(self);
+ self->ConstructL(aFolder, aFileName);
+ User::LeaveIfError(Dll::SetTls(self));
+ CleanupStack::Pop(self);
+ }
+ self->iReferenceCount++;
+ }
+
+
+void CVpnDebugLogger::ConstructL(const TDesC& aFolder, const TDesC& aFileName)
+ {
+ User::LeaveIfError(iFileLogger.Connect());
+ iFileLogger.SetDateAndTime(EFalse, EFalse);
+ iFileLogger.CreateLog(aFolder, aFileName, EFileLoggingModeAppend);
+ }
+
+
+CVpnDebugLogger::~CVpnDebugLogger()
+ {
+ if ( iFileLogger.Handle() != 0 )
+ {
+ iFileLogger.Write(_L("Logger delete"));
+ iFileLogger.CloseLog();
+ }
+
+ iFileLogger.Close();
+ }
+
+
+void CVpnDebugLogger::FinalizeDebugLogger()
+ {
+ CVpnDebugLogger* self = static_cast<CVpnDebugLogger*>(Dll::Tls());
+ __ASSERT_ALWAYS(self != NULL, User::Invariant());
+
+ self->iReferenceCount--;
+
+ if (self->iReferenceCount == 0)
+ {
+ Dll::SetTls(NULL);
+ delete self;
+ }
+ }
+
+
+CVpnDebugLogger* CVpnDebugLogger::VpnDebugLogger()
+ {
+ return static_cast<CVpnDebugLogger*>(Dll::Tls());
+ }
+
+
+void CVpnDebugLogger::WriteLogRaw(const TDesC& aLogMessage)
+ {
+ iFileLogger.Write(aLogMessage);
+ }
+
+
+void CVpnDebugLogger::LogWrite(const TDesC& aText)
+ {
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+ logger->iDebugString.Append(aText);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+void CVpnDebugLogger::LogWrite(const TDesC8& aText)
+ {
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+ TInt stringLength = logger->iDebugString.Length();
+ TUint spaceLeft = logger->iDebugString.MaxLength() - stringLength;
+
+ TUint16* ptr = const_cast<TUint16*>(logger->iDebugString.Ptr() + stringLength);
+ TPtr buffer(ptr, spaceLeft);
+ buffer.Copy(aText);
+
+ logger->iDebugString.SetLength(stringLength + buffer.Length());
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+void CVpnDebugLogger::LogWriteF(TRefByValue<const TDesC> aFmt, ...)
+ {
+ VA_LIST list;
+ VA_START(list,aFmt);
+
+
+ CVpnDebugLogger* logger = VpnDebugLogger();
+ logger->iDebugString.Zero();
+ CVpnDebugLogger::TimeStamp(logger->iDebugString);
+
+ if (logger->iCallDepth > 0)
+ {
+ for (TUint i = 0; i < logger->iCallDepth; ++i)
+ {
+ logger->iDebugString.Append(_L(" "));
+ }
+ logger->iDebugString.Append(_L(" "));
+ }
+
+
+ const TDesC& format = aFmt;
+
+ logger->iDebugString.AppendFormatList(format, list);
+ logger->WriteLogRaw(logger->iDebugString);
+ }
+
+
+
+void CVpnDebugLogger::LogWriteF(TRefByValue<const TDesC8> aFmt, ...)
+ {
+ TBuf8<512> buf;
+
+ VA_LIST list;
+ VA_START(list,aFmt);
+
+ const TDesC8& format = aFmt;
+ buf.FormatList(format, list);
+
+ LogWrite(buf);
+ }
+
+
+void CVpnDebugLogger::HexWrite(const TDesC8& aData)
+ {
+ const TUint KRowLength = 16; //16 bytes in one row
+
+ TBuf<128> row;
+
+ TUint rowCount = aData.Length() / KRowLength;
+ if (aData.Length() % KRowLength != 0)
+ {
+ rowCount++;
+ }
+
+ for (TInt i = 0; i < rowCount; ++i)
+ {
+ _LIT(KRowStartFormat, "%04x: ");
+ TPtrC8 rowData(aData.Mid(KRowLength*i));
+
+ row.Zero();
+ row.Format(KRowStartFormat, i*KRowLength);
+ TInt j;
+ for (j = 0; j < KRowLength; ++j)
+ {
+ if ( j < rowData.Length())
+ {
+ _LIT(KDataByteFormat, "%02x ");
+ TUint8 byte = rowData[j];
+ row.AppendFormat(KDataByteFormat, byte);
+ }
+ else
+ {
+ row.Append(_L(" "));
+ }
+ }
+
+ for (j = 0; j < KRowLength && j < rowData.Length(); ++j)
+ {
+ TUint8 byte = rowData[j];
+ if (byte >= ' ' && byte <= '~')
+ {
+ row.Append(byte);
+ }
+ else
+ {
+ row.Append(_L("."));
+ }
+ }
+
+
+ LogWrite(row);
+ }
+ }
+
+
+void CVpnDebugLogger::TimeStamp(TDes& aBuffer)
+ {
+ TTime time;
+ time.HomeTime();
+ TDateTime dateTime = time.DateTime();
+
+
+ _LIT(KFormatTxt,"%02d/%02d/%d %02d:%02d:%02d.%03d ");
+ aBuffer.Format(KFormatTxt,
+ dateTime.Day()+1,
+ TInt(dateTime.Month()+1),
+ dateTime.Year(),
+
+ dateTime.Hour(), dateTime.Minute(), dateTime.Second(),
+ dateTime.MicroSecond()
+ );
+
+
+ }
+
+
+#endif //defined(_DEBUG)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/rom/ikecert.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project ikecert
+*
+*/
+
+
+
+#ifndef __IKECERT_IBY__
+#define __IKECERT_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKECERT not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikecert.dll SHARED_LIB_DIR\ikecert.dll
+
+#endif
+
+#endif // __IKECERT_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikecaelem.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,73 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing information about one CA cert
+*
+*/
+
+
+
+
+#include <x509cert.h>
+
+#include "ikecaelem.h"
+#include "ikecert.h"
+#include "utlcrypto.h"
+#include "ikev1pkiservice.h"
+#include "ikecertconst.h"
+
+EXPORT_C CIkeCaElem* CIkeCaElem::NewL(HBufC8* aCert)
+ {
+ ASSERT(aCert);
+ CIkeCaElem* CaElem = new (ELeave) CIkeCaElem();
+ CleanupStack::PushL(CaElem);
+ CaElem->iCaCert = CX509Certificate::NewL(*aCert);
+ delete aCert;
+ HBufC8* PublicKeyInfo = IkeCert::GetCertificateFieldDERL(CaElem->iCaCert, KPublicKeyInfo);
+ CleanupStack::PushL(PublicKeyInfo);
+
+ //
+ // Calculate "Key Id" value as a SHA1 hash Subject Public Key Info element
+ // (specified so in IKEv2 draft)
+ //
+ CaElem->iKeyInfo = HBufC8::NewL(IKEV2_CERT_KEYID_SIZE);
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ TPtrC8 InData(PublicKeyInfo->Des());
+ TPtrC8 KeyId = Digest->Final(InData);
+ CaElem->iKeyInfo->Des().Copy(KeyId);
+ delete Digest;
+
+ CleanupStack::PopAndDestroy(PublicKeyInfo);
+ CleanupStack::Pop(CaElem);
+ return CaElem;
+ }
+
+
+EXPORT_C CIkeCaElem::~CIkeCaElem()
+ {
+ delete iCaCert;
+ delete iKeyInfo;
+ }
+
+
+EXPORT_C CX509Certificate* CIkeCaElem::Certificate() const
+ {
+ return iCaCert;
+ }
+
+
+EXPORT_C const TDesC8& CIkeCaElem::KeyHash() const
+ {
+ return *iKeyInfo;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikecalist.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,54 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing list of CAs
+*
+*/
+
+
+
+#include "ikecalist.h"
+#include "ikecaelem.h"
+
+
+EXPORT_C CIkeCaList::CIkeCaList(TInt aGranularity)
+:CArrayPtrFlat<CIkeCaElem>(aGranularity)
+ {
+ }
+
+
+CIkeCaList::~CIkeCaList()
+ {
+ ResetAndDestroy();
+ }
+
+CIkeCaElem* CIkeCaList::FindCaElem(const TDesC8& aKeyIdentifier) const
+ {
+ //
+ // Find a CIkeCaElem element using aKeyIdentifier as search argument
+ //
+ CIkeCaElem* result = NULL;
+ TInt i = 0;
+ TInt count = Count();
+ while ( i < count )
+ {
+ CIkeCaElem* caElem = At(i);
+ if ( caElem->KeyHash().Compare(aKeyIdentifier) == 0 )
+ {
+ result = caElem;
+ break;
+ }
+ i ++;
+ }
+ return result;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikecert.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,344 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: General utility methods for certificate handling
+*
+*/
+
+
+
+#include <x509cert.h>
+
+#include "ikecert.h"
+#include "ikev1pkiservice.h"
+#include "ikev2const.h"
+#include "ikecaelem.h"
+#include "ikecertconst.h"
+
+
+const TUint8 Pkcs1v15Sha1Header[15] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14};
+
+
+TUint8* IkeCert::BERGetLengthL(TUint8* aP, TInt &aLen)
+{
+ ASSERT(aP);
+ aP++; // skip tag
+ if (*aP <= 127)
+ {
+ aLen = *aP;
+ aP++;
+ }
+ else if (*aP == 0x81)
+ {
+ aP++;
+ aLen = *aP;
+ aP++;
+ }
+ else if (*aP == 0x82)
+ {
+ aP++;
+ aLen = *aP;
+ aP++;
+ aLen *= 256;
+ aLen += *aP;
+ aP++;
+ }
+ else {
+ User::Leave(KErrGeneral);
+ }
+ return aP;
+}
+
+
+EXPORT_C HBufC8* IkeCert::GetCertificateFieldDERL(const CX509Certificate* aCert, TInt aField)
+{
+ if ( !aCert )
+ return NULL;
+ const TPtrC8 SignedData = aCert->SignedDataL();
+ if ( SignedData.Length() == 0 )
+ return NULL;
+ TUint8* Ptr = (TUint8*)SignedData.Ptr();
+ TUint8* FieldPtr;
+ HBufC8* FieldBfr = NULL;
+ TInt length = 0;
+ // begin sequence
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ // context specific a0 03
+ if (*Ptr==0xa0)
+ Ptr += 2;
+ // version
+ if (*Ptr==2)
+ {
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ }
+ // seq number
+ if (*Ptr==2)
+ {
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ }
+ // sign algorithm
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ // issuer name
+ FieldPtr = Ptr;
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ if ( aField == KIssuerName )
+ {
+ FieldBfr = HBufC8::NewL(Ptr - FieldPtr);
+ FieldBfr->Des().Copy(FieldPtr, (Ptr - FieldPtr));
+ }
+ // validity period
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ // subject name
+ FieldPtr = Ptr;
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ if ( aField == KSubjectName )
+ {
+ FieldBfr = HBufC8::NewL(Ptr - FieldPtr);
+ FieldBfr->Des().Copy(FieldPtr, (Ptr - FieldPtr));
+ }
+ // public key info
+ FieldPtr = Ptr;
+ Ptr = IkeCert::BERGetLengthL(Ptr, length);
+ Ptr += length;
+ if ( aField == KPublicKeyInfo )
+ {
+ FieldBfr = HBufC8::NewL(Ptr - FieldPtr);
+ FieldBfr->Des().Copy(FieldPtr, (Ptr - FieldPtr));
+ }
+
+ return FieldBfr;
+}
+
+
+HBufC8* IkeCert::BuildPkcs1v15HashL(const TDesC8 &aHashIn)
+{
+ //
+ // Build Pkcs1v15 format ASN1 header for specified hash.
+ // Current implementation supports only hash algorithm SHA1 so
+ // the aHashIn length data MUST be exactly the length of SHA1 hash
+ // (20 bytes)
+ //
+ HBufC8* Pkcs1v15Hash = NULL;
+
+ ASSERT( aHashIn.Length() == 20 );
+
+ Pkcs1v15Hash = HBufC8::NewL(20 + sizeof(Pkcs1v15Sha1Header));
+ if ( Pkcs1v15Hash )
+ {
+ Pkcs1v15Hash->Des().Copy((TUint8*)Pkcs1v15Sha1Header, sizeof(Pkcs1v15Sha1Header));
+ Pkcs1v15Hash->Des().Append(aHashIn);
+ }
+ return Pkcs1v15Hash;
+}
+
+
+EXPORT_C HBufC8* IkeCert::GetCertificateFieldDERL(HBufC8* aCertBfr, TInt aField)
+{
+ if ( !aCertBfr )
+ return NULL;
+ CX509Certificate* Cert = CX509Certificate::NewL(*aCertBfr);
+ CleanupStack::PushL(Cert);
+ HBufC8* Field = IkeCert::GetCertificateFieldDERL(Cert, aField);
+ CleanupStack::PopAndDestroy(Cert);
+ return Field;
+}
+
+
+TBool IkeCert::AltNameExistsL(const CX509Certificate *aX509Cert, const TDesC8 &aId)
+{
+ ASSERT(aX509Cert);
+ const CX509CertExtension *AltNameExt = aX509Cert->Extension(KSubjectAltName);
+ CX509GeneralName *NameId = CX509GeneralName::NewLC(aId);
+ TBool found = EFalse;
+ if (AltNameExt)
+ {
+ CX509AltNameExt* AltExt = CX509AltNameExt::NewLC(AltNameExt->Data());
+ const CArrayPtrFlat<CX509GeneralName>&Names = AltExt->AltName();
+ TInt Count = Names.Count();
+ for (TInt i = 0; i < Count; i++)
+ {
+ const CX509GeneralName *Name = Names.At(i);
+ if (NameId->Tag() == Name->Tag() &&
+ NameId->Data() == Name->Data())
+ {
+ found = ETrue;
+ break;
+ }
+ }
+ CleanupStack::PopAndDestroy(AltExt);
+ }
+ CleanupStack::PopAndDestroy(NameId);
+ return found;
+}
+
+
+EXPORT_C HBufC8* IkeCert::GetSubjectAltNameDataL(const CX509Certificate* aX509Cert, TUint8 aIkeIdType)
+{
+ ASSERT(aX509Cert);
+ HBufC8* Identity = NULL;
+ const CX509CertExtension* AltNameExt = aX509Cert->Extension(KSubjectAltName);
+
+ if ( AltNameExt )
+ {
+ TGNType SubjAltNameType;
+ switch ( aIkeIdType )
+ {
+ case ID_IPV4_ADDR:
+ SubjAltNameType = EX509IPAddress;
+ break;
+ case ID_FQDN:
+ SubjAltNameType = EX509DNSName;
+ break;
+ case ID_RFC822_ADDR:
+ SubjAltNameType = EX509RFC822Name;
+ break;
+ case ID_IPV6_ADDR:
+ SubjAltNameType = EX509IPAddress;
+ break;
+ default:
+ SubjAltNameType = EX509RFC822Name;
+ break;
+ }
+ CX509AltNameExt* AltExt = CX509AltNameExt::NewLC(AltNameExt->Data());
+ const CArrayPtrFlat<CX509GeneralName>&Names = AltExt->AltName();
+ TInt count = Names.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ const CX509GeneralName *Name = Names.At(i);
+ if ( Name->Tag() == SubjAltNameType )
+ {
+ //
+ // Allocate buffer and Copy subject alt name data to it (type tag and length is not copied !)
+ //
+ Identity = HBufC8::NewL(Name->Data().Length() - 2);
+ Identity->Des().Copy(((TUint8*)(Name->Data().Ptr()) + 2), (Name->Data().Length() - 2));
+ break;
+ }
+ }
+ CleanupStack::PopAndDestroy(AltExt);
+
+ }
+ return Identity;
+}
+
+
+TInt IkeCert::CheckValidityPeriod(const CX509Certificate& aCert, TInt aWarningMargin, TInt aErrorMargin )
+{
+ TInt Status = KErrNone;
+ TTime current;
+ current.UniversalTime();
+ TTimeIntervalSeconds ErrorMargin(aErrorMargin);
+ TTime StartTime = aCert.ValidityPeriod().Start();
+ TTime FinishTime = aCert.ValidityPeriod().Finish();
+ if ( (current + ErrorMargin) < StartTime )
+ {
+ Status = KCertVerifyErrNotValidYet;
+ }
+ else
+ {
+ if (current > (FinishTime + ErrorMargin) )
+ {
+ Status = KCertVerifyErrExpired;
+ }
+ else
+ {
+ //
+ // If a warning margin defined, check is the certificate within that
+ //
+ if ( aWarningMargin )
+ {
+ TTimeIntervalSeconds WarningMargin(aWarningMargin);
+ if ( (current + WarningMargin) > (FinishTime + ErrorMargin) ) {
+ Status = KCertVerifyWithinMargin;
+ }
+ }
+ }
+ }
+
+ return Status;
+}
+
+//
+// Verify certificate extensions
+//
+TInt IkeCert::VerifyCertExtensionsL(const CX509Certificate& aX509Cert)
+{
+ TInt Status = KErrNone;
+ const CArrayPtrFlat<CX509CertExtension>& CertExtensions = aX509Cert.Extensions();
+ CX509CertExtension* Extension;
+ TInt Count = CertExtensions.Count();
+ TInt i = 0;
+
+ while ( i < Count )
+ {
+ Extension = CertExtensions.At(i);
+ if ( Extension->Id() == KKeyUsage )
+ {
+ //
+ // KeyUsage extension MUST have either digitalSignature or
+ // nonRepudiation bit set
+ //
+ CX509KeyUsageExt* KeyUsage = CX509KeyUsageExt::NewL(Extension->Data());
+ if ( !KeyUsage->IsSet(EX509DigitalSignature) && !KeyUsage->IsSet(EX509NonRepudiation) )
+ {
+ delete KeyUsage;
+ Status = KCertVerifyKeyUsageErr;
+ break;
+ }
+ else delete KeyUsage;
+ }
+ else if ( Extension->Id() == KBasicConstraints )
+ {
+ //
+ // BasicConstraints extension MUST NOT have CA indicator
+ //
+ CX509BasicConstraintsExt* BasicConstraints = CX509BasicConstraintsExt::NewL(Extension->Data());
+ if ( BasicConstraints->IsCA() )
+ {
+ delete BasicConstraints;
+ Status = KCertVerifyCACertificate;
+ break;
+ }
+ else delete BasicConstraints;
+ }
+ else if ( Extension->Id() != KSubjectAltName && Extension->Critical() )
+ {
+ //
+ // Unsupported critical section ==> Certificate NOT accepted
+ //
+ Status = KCertVerifyCriticalExt;
+ break;
+ }
+
+ i++;
+ }
+
+ return Status;
+}
+
+
+void IkeCert::CleanupSequence(TAny* aArray)
+ {
+ ASSERT(aArray);
+ CArrayPtrFlat<TASN1DecGeneric>* array = reinterpret_cast<CArrayPtrFlat<TASN1DecGeneric>*>(aArray);
+ ASSERT(array);
+ array->ResetAndDestroy();
+ delete array;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikepkiutils.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,587 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: static method for certficate handling
+*
+*/
+
+#include <x509cert.h>
+#include <asn1dec.h>
+#include <x500dn.h>
+
+#include "ikepkiutils.h"
+#include "ikev1pkiservice.h"
+#include "ikepublickey.h"
+#include "utlcrypto.h"
+#include "ikecert.h"
+#include "ikecalist.h"
+#include "ikecaelem.h"
+#include "ikev2const.h"
+#include "ikev2payloads.h"
+#include "ikecertconst.h"
+
+EXPORT_C TBool IkePkiUtils::CertifyIdentityL(const CX509Certificate* aCert,
+ TDesC8& aId, TInt aIdType)
+
+ {
+ TBool status = EFalse;
+ if ( aCert )
+ {
+ //
+ // Check that specified identity exist in current certificate
+ // data. If aIdType type is ID_DER_ASN1_DN, identity must match
+ // with Certificate Subject name.
+ // All other aIdTypes ara checked against SubjectAltNames data,
+ // if present
+ //
+ if ( aIdType == ID_DER_ASN1_DN )
+ {
+ //
+ // Binary DER encoding of an ASN.1 X.500 Distinguished Name identity
+ // is certified by comparing it to peer certificate subject name
+ //
+
+ CX500DistinguishedName* asn1DnName = CX500DistinguishedName::NewLC(aId);
+ status = asn1DnName->ExactMatchL(aCert->SubjectName());
+ CleanupStack::PopAndDestroy(asn1DnName);
+
+ }
+ else
+ {
+ //
+ // Other identity types are certified by comparing it to the SubjectAltName field
+ //
+ HBufC8* idBuf = HBufC8::NewLC(aId.Length() + 2);
+ TUint8* idHdr = (TUint8*)idBuf->Des().Ptr();
+ idHdr[1] = (TUint8)aId.Length();
+
+ switch ( aIdType )
+ {
+ case ID_IPV4_ADDR:
+ idHdr[0] = 0x87;
+ break;
+ case ID_FQDN:
+ idHdr[0] = 0x82;
+ break;
+ case ID_RFC822_ADDR:
+ idHdr[0] = 0x81;
+ break;
+ case ID_IPV6_ADDR:
+ idHdr[0] = 0x87;
+ break;
+ default:
+ idHdr = NULL;
+ break;
+ }
+
+ if ( idHdr )
+ {
+ Mem::Copy(&idHdr[2], aId.Ptr(), aId.Length());
+ TPtrC8 ptrId(idHdr, (aId.Length() + 2));
+ status = IkeCert::AltNameExistsL(aCert, ptrId);
+ }
+ CleanupStack::PopAndDestroy(); //IdBuf
+ }
+ }
+
+ return status;
+ }
+
+
+EXPORT_C TBool IkePkiUtils::VerifyIkev2SignatureL(const TDesC8& aSignature,
+ const TDesC8& aAuthData,
+ const CX509Certificate& aCert)
+ {
+ //
+ // Calculate SHA1 hash over aAuthdata to build reference hash and
+ // verify IKEv2 signature with it
+ //
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ CleanupStack::PushL(Digest);
+ TPtrC8 RefHash = Digest->Final(aAuthData);
+ TBool Status = VerifySignatureL(MAJORV2, aSignature, RefHash, aCert);
+ CleanupStack::PopAndDestroy(Digest);
+
+ return Status;
+ }
+
+
+EXPORT_C TBool IkePkiUtils::VerifyIkev1SignatureL(const TDesC8& aSignature,
+ const TDesC8& aRefHash,
+ const CX509Certificate& aCert)
+ {
+ //
+ // Verify IKEv1 signature.
+ //
+ return VerifySignatureL(MAJORV1, aSignature, aRefHash, aCert);
+ }
+
+
+EXPORT_C HBufC8* IkePkiUtils::GetIdentityFromCertL(TUint8 aIdType, const TDesC8& aCertData)
+ {
+ //
+ // Get IKE Identity data from specified Certificate data. The Id
+ // type parameter specifies the field of Certificate from where the
+ // Identity data is taken
+ //
+ HBufC8* identity;
+ CX509Certificate* cert = CX509Certificate::NewL(aCertData);
+ CleanupStack::PushL(cert);
+ if ( (aIdType == ID_DER_ASN1_DN) || (aIdType == ID_NOT_DEFINED) || (aIdType > ID_IPV6_ADDR) )
+ {
+ //
+ // DER encoded ASN.1 X.500 Distinguished Name as IKE identity
+ // Get Id data from certificate subject name
+ //
+ identity = IkeCert::GetCertificateFieldDERL(cert, KSubjectName);
+ }
+ else
+ {
+ //
+ // Get IKE Identity from own certifate subject alt name extension (according to IdType value)
+ //
+ identity = IkeCert::GetSubjectAltNameDataL(cert, aIdType);
+ }
+ CleanupStack::PopAndDestroy(cert);
+
+ return identity;
+ }
+
+
+EXPORT_C TBool IkePkiUtils::GetCertSubjectNameDERL(const CX509Certificate* aCert,
+ TDes8& aSubjectName)
+ {
+ TBool status = ETrue;
+ HBufC8* nameBfr = IkeCert::GetCertificateFieldDERL(aCert, KSubjectName);
+ if ( nameBfr && ( nameBfr->Des().Length() <= aSubjectName.MaxLength() ) )
+ {
+ aSubjectName.Copy(nameBfr->Des());
+ delete nameBfr;
+ }
+ else
+ {
+ aSubjectName.SetLength(0);
+ status = EFalse;
+ }
+
+ return status;
+ }
+
+
+EXPORT_C CX509Certificate* IkePkiUtils::VerifyCertificateL(const CArrayFixFlat<const TCertificateISAKMP*>& aCerts,
+ const CIkeCaList& aTrustedCAList)
+ {
+ const CArrayFixFlat<TCertPayloadIkev2*>* certificateArray = IkePkiUtils::CastCertArray(&aCerts);
+ return VerifyCertificateL(*certificateArray, aTrustedCAList);
+
+ }
+
+
+EXPORT_C CX509Certificate* IkePkiUtils::VerifyCertificateL(const CArrayFixFlat<TCertPayloadIkev2*>& aCerts,
+ const CIkeCaList& aTrustedCAList)
+ {
+ //
+ // Find a requested certificate or chain of certificates from IKE certificate payload array
+ // using trusted CA list (iTrustedCAList).
+ // When requested certificate found verify this certificate.
+ //
+ CX509Certificate* certOk = NULL;
+ CX509Certificate* caCert = NULL;
+ CX509Certificate* currCert=NULL;
+ const TCertPayloadIkev2* firstCertPayload=NULL;
+ const TCertPayloadIkev2* certPayload = aCerts.At(0);
+ __ASSERT_DEBUG(certPayload != NULL, User::Invariant());
+ CArrayFixFlat<CX509Certificate*>* caArray=new (ELeave) CArrayFixFlat<CX509Certificate*> (aCerts.Count());
+ CleanupStack::PushL(caArray);
+ for ( TInt i = 0; i < aCerts.Count(); i++ )
+ {
+ const TCertPayloadIkev2* currCertPayload=aCerts.At(i);
+ __ASSERT_DEBUG(currCertPayload != NULL, User::Invariant());
+ if ( currCertPayload->GetEncoding() == X509_CERTIFICATE_SIGN )
+ {
+ firstCertPayload=currCertPayload;
+ const TPtrC8 CertStream(currCertPayload->Certificate(),
+ (TPayloadIkev2::Cast(currCertPayload)->GetLength() -
+ TCertPayloadIkev2::Size()));
+ currCert = CX509Certificate::NewLC(CertStream);
+ caArray->AppendL(currCert);
+ }
+ }
+ if ( caArray->Count() == 1)
+ {
+ const TPtrC8 userCertStream(firstCertPayload->Certificate(),
+ (TPayloadIkev2::Cast(firstCertPayload)->GetLength() -
+ TCertPayloadIkev2::Size()));
+ firstCertPayload=NULL;
+ CX509Certificate* clientCert = CX509Certificate::NewLC(userCertStream);
+ caCert = IkePkiUtils::FindCaCertificateL(*clientCert, aTrustedCAList);
+ if ( caCert )
+ {
+ certOk = IkePkiUtils::VerifyX509CertificateL(*caCert, *clientCert);
+ if ( certOk ) // CertOk = clientCert
+ {
+ CleanupStack::Pop(clientCert); // CertOk = Cert
+ clientCert=NULL;
+
+ CleanupStack::PopAndDestroy(currCert);
+ currCert=NULL;
+
+ CleanupStack::PopAndDestroy(caArray);
+ caArray=NULL;
+
+ return certOk;
+ }
+ }
+ CleanupStack::PopAndDestroy(clientCert); // Cert
+ clientCert=NULL;
+
+ CleanupStack::PopAndDestroy(currCert);
+ currCert=NULL;
+
+ CleanupStack::PopAndDestroy(caArray);
+ caArray=NULL;
+ return NULL;
+ }
+ if ( caArray->Count()>1 ) //if certificate chain is received
+ {
+ CX509Certificate* userCert=NULL;
+ CX509Certificate* certChainRoot = IkePkiUtils::VerifyCertChainL(*caArray, userCert, aTrustedCAList);
+
+ CX509Certificate* realUserCert=userCert; //Real user certificate found from chain as a parameter by reference
+
+ //cleaning
+ TInt certCount=caArray->Count();
+ for ( TInt i=0; i<certCount ;i++)
+ CleanupStack::Pop();
+ CleanupStack::Pop(caArray);
+ for ( TInt i=0; i<certCount ;i++)
+ {
+ CX509Certificate* itemPtr=caArray->At(i);
+ if ( realUserCert != itemPtr && certChainRoot != itemPtr )
+ delete itemPtr;
+ }
+ for ( TInt i=0; i<certCount ;i++)
+ caArray->Delete(0);
+ delete caArray;
+
+ if ( certChainRoot )
+ caCert = IkePkiUtils::FindCaCertificateL(*certChainRoot, aTrustedCAList);
+ else
+ caCert=NULL;
+ if ( caCert )
+ certOk = IkePkiUtils::VerifyX509CertificateL(*caCert, *certChainRoot);
+ if ( certChainRoot != userCert )
+ delete certChainRoot;
+ if ( certOk )
+ return realUserCert;
+
+ else
+ return NULL;
+ }
+ return NULL;
+ }
+
+
+EXPORT_C const CArrayFixFlat<TCertPayloadIkev2*>* IkePkiUtils::CastCertArray(const CArrayFixFlat<const TCertificateISAKMP*>* aCerts)
+ {
+ return reinterpret_cast<const CArrayFixFlat<TCertPayloadIkev2*>*>(aCerts);
+ }
+
+
+CX509Certificate* IkePkiUtils::VerifyX509CertificateL(const CX509Certificate& aCaCert,
+ CX509Certificate& aCert)
+ {
+ TPKIKeyAlgorithm reqKeyType = EPKIInvalidAlgorithm;
+
+ switch (aCert.SigningAlgorithm().AsymmetricAlgorithm().Algorithm())
+ {
+ case ERSA:
+ reqKeyType = EPKIRSA;
+ break;
+ case EDSA:
+ reqKeyType = EPKIDSA;
+ break;
+ default:
+ break;
+ }
+
+ if ( reqKeyType == EPKIInvalidAlgorithm )
+ return NULL;
+
+ CIkePublicKey* pubKey = CIkePublicKey::NewL(aCaCert);
+ if ( !pubKey )
+ return NULL;
+
+ if ( reqKeyType != pubKey->Algorithm() )
+ {
+ delete pubKey;
+ return NULL;
+ }
+ CleanupStack::PushL(pubKey);
+ TInt ret = KErrNotSupported;
+ TBool valid = EFalse;
+
+ switch (pubKey->Algorithm())
+ {
+ case EPKIRSA:
+ TRAP(ret, valid = aCert.VerifySignatureL(pubKey->KeyData()));
+ break;
+
+ case EPKIDSA:
+ {
+ TX509KeyFactory keyFactory;
+ CDSAParameters* params = keyFactory.DSAParametersL(pubKey->KeyParams());
+ CleanupStack::PushL(params);
+
+ CSigningKeyParameters*sgkp = CSigningKeyParameters::NewLC();
+ sgkp->SetDSAParamsL(*params);
+ aCert.SetParametersL(*sgkp);
+ TRAP(ret, valid = aCert.VerifySignatureL(pubKey->KeyData()));
+ CleanupStack::PopAndDestroy(sgkp);
+ CleanupStack::PopAndDestroy(params);
+ break;
+ }
+
+ case EPKIInvalidAlgorithm:
+ break;
+ }
+
+ CX509Certificate* ValidCert = NULL;
+ if ( valid && (ret == KErrNone) )
+ {
+ //
+ // One hour error margin, no warning margin
+ //
+ ret = IkeCert::CheckValidityPeriod(aCert, 0, KDefaultErrorMargin);
+ if ( ret == KErrNone )
+ {
+ //
+ // Verify certificate extensions
+ //
+ ret = IkeCert::VerifyCertExtensionsL(aCert);
+ if ( ret == KErrNone || ret == KCertVerifyCACertificate )
+ ValidCert = &aCert;
+ }
+ }
+
+ CleanupStack::PopAndDestroy(pubKey);
+ return ValidCert;
+}
+
+
+CX509Certificate* IkePkiUtils::FindCaCertificateL(const CX509Certificate& aUserCert,
+ const CIkeCaList& aTrustedCAList)
+ {
+ //
+ // Find a CA certificate from Trusted CA list (iTrustedCAList) for
+ // specified user certificate
+ //
+ const CX500DistinguishedName& issuerName = aUserCert.IssuerName();
+ CX509Certificate* caCert = NULL;
+
+ for (TInt i = 0; i < aTrustedCAList.Count(); i++)
+ {
+ //
+ // Find CA certificate for current user certificate by
+ // comparing certificate issuer name to the subject name of a
+ // CA certificate
+ //
+ caCert = aTrustedCAList.At(i)->Certificate();
+ if ( issuerName.ExactMatchL(caCert->SubjectName()) )
+ {
+ break;
+ }
+ caCert = NULL;
+ }
+
+ return caCert;
+ }
+
+
+TBool IkePkiUtils::VerifySignatureL(TInt aIkeVersion,
+ const TDesC8& aSignature,
+ const TDesC8& aRefHash,
+ const CX509Certificate& aCert)
+ {
+ //
+ // Verify IKE signature.
+ //
+ TBool status = EFalse;
+
+ if ( aSignature.Length() > 0 )
+ {
+ CIkePublicKey* publicKey = CIkePublicKey::NewL(aCert);
+ if ( !publicKey )
+ {
+ return EFalse;
+ }
+
+ CleanupStack::PushL(publicKey);
+
+ switch (publicKey->Algorithm())
+ {
+ case EPKIRSA:
+ {
+ HBufC8 *resBuf;
+ TUtlCrypto::RsaPublicKeyDecryptL(publicKey->KeyData(), aSignature, resBuf);
+ CleanupStack::PushL(resBuf);
+
+ if ( aIkeVersion == MAJORV1 )
+ {
+ //
+ // Because IKEv1 signature is not a "real" PKCS1
+ // encoded signature but pure private encrypted has
+ // signature is verified by using RSA public key
+ // decrypt and result comparison to reference hash
+ //
+ status = (aRefHash.Compare(*resBuf) == 0); //Compare the result with the hash to see if they match
+ }
+ else
+ {
+ //
+ // IKEv2(n) signature is encoded as PKCS1v1_5
+ // signature (EMSA-PKCS1-v1_5)
+ // ASN1 encoding of signature is the following:
+ // DigestInfo::=SEQUENCE{
+ // digestAlgorithm AlgorithmIdentifier,
+ // digest OCTET STRING }
+ //
+ CArrayPtrFlat<TASN1DecGeneric>* seq = NULL;
+ TInt position = 0;
+
+ TRAPD(err, seq = DecodeDERL(*resBuf, position));
+ if ( err == KErrNone )
+ {
+ TCleanupItem CleanupSeq(IkeCert::CleanupSequence, seq);
+ CleanupStack::PushL(CleanupSeq);
+ if (seq->Count() == 2)
+ {
+ //
+ // Currently the digestAlgorithm is not
+ // verified, but only digest value itself is
+ // compared with reference hash.
+ // ( see CPKCS1SignatureResult::DoVerifyL() in
+ // x509cert.cpp)
+ //
+ const TASN1DecGeneric* gen2 = seq->At(1);
+ TPtrC8 digest(gen2->GetContentDER());
+ status = (aRefHash.Compare(digest) == 0);
+ }
+ CleanupStack::PopAndDestroy(); //CleanupSeq
+ }
+ else
+ {
+ //
+ // Verify signature as pure encrypted (SHA1)
+ // hash as old IKEv1 style "signature"
+ //
+ //DEB(iService.PrintText(_L("Old IKEv1 style signature used by IKEv2 peer !\n"));)
+ status = (aRefHash.Compare(*resBuf) == 0); //Compare the result with the hash to see if they match
+ }
+ }
+ CleanupStack::PopAndDestroy(resBuf);
+ break;
+ }
+ case EPKIDSA:
+ {
+ const TPtrC8 sigR = aSignature.Left(aSignature.Length() / 2);
+ const TPtrC8 sigS = aSignature.Right(aSignature.Length() / 2);
+
+ status = TUtlCrypto::DsaVerifySignatureL(publicKey->KeyData(),
+ publicKey->KeyParams(),
+ sigR, sigS, aRefHash);
+ break;
+ }
+ default: //Only RSA and DSA are valid
+ User::Invariant();
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(publicKey);
+ }
+ return status;
+ }
+
+
+CArrayPtrFlat<TASN1DecGeneric>* IkePkiUtils::DecodeDERL(const TDesC8& aPtr, TInt& aPosition)
+ {
+ TASN1DecSequence decSeq;
+ CArrayPtrFlat<TASN1DecGeneric>* seq = decSeq.DecodeDERLC(aPtr, aPosition);
+ CleanupStack::Pop(seq);
+ return seq;
+ }
+
+EXPORT_C CX509Certificate* IkePkiUtils::VerifyCertChainL(const CArrayFixFlat<CX509Certificate*>& aCerts, CX509Certificate*& realUserCert, const CIkeCaList& aTrustedCAList)
+ {
+ CX509Certificate* currCaCert=NULL;
+ CX509Certificate* certOk=NULL;
+ CArrayFixFlat<const CX500DistinguishedName*>* issuerArray=new (ELeave) CArrayFixFlat<const CX500DistinguishedName*> (aCerts.Count());
+ CArrayFixFlat<const CX500DistinguishedName*>* subjectArray=new (ELeave) CArrayFixFlat<const CX500DistinguishedName*> (aCerts.Count());
+ CleanupStack::PushL(issuerArray);
+ CleanupStack::PushL(subjectArray);
+ for ( TInt i = 0; i < aCerts.Count(); i++ )
+ {
+ issuerArray->AppendL(&aCerts.At(i)->IssuerName());
+ subjectArray->AppendL(&aCerts.At(i)->SubjectName());
+ }
+ TInt userCertIndex=0;
+ TInt caCertIndex=0;
+
+ //find UserCert from aCerts array if not in first certificate payload
+ for ( TInt i = 0; i < (aCerts.Count()); i++ )
+ {
+ for ( TInt j = 0; j < (aCerts.Count()); j++ )
+ {
+ caCertIndex=j;
+ if ( i!=caCertIndex )
+ {
+ const CX500DistinguishedName& issuerNameStr=*issuerArray->At(j);
+ if ( issuerNameStr.ExactMatchL(*subjectArray->At(i)) )
+ userCertIndex=i+1;
+ }
+ }
+ if ( userCertIndex == i && i!=caCertIndex )
+ break;
+ userCertIndex=i;
+ }
+ CleanupStack::PopAndDestroy(subjectArray);
+ CleanupStack::PopAndDestroy(issuerArray);
+ CX509Certificate* currCert = aCerts.At(userCertIndex);
+ TInt currCertIndex=0;
+ realUserCert=currCert;
+ //Verify chain and return highest CA
+ while ( currCertIndex < aCerts.Count())
+ {
+ CX509Certificate* trustedCaCert = IkePkiUtils::FindCaCertificateL(*currCert, aTrustedCAList);
+ if ( trustedCaCert )
+ return currCert;
+ else
+ {
+ for ( TInt j = 0; j < aCerts.Count(); j++ )
+ {
+ currCaCert = aCerts.At(j);
+ if ( currCert->IssuerName().ExactMatchL(currCaCert->SubjectName()))
+ {
+ certOk = IkePkiUtils::VerifyX509CertificateL(*currCaCert, *currCert);
+ if ( certOk )
+ break;
+ }
+ }
+ if ( !certOk ) //if chain is malicious break and return NULL
+ break;
+ currCertIndex++;
+ currCert=currCaCert;
+ }
+ }
+ return NULL;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikepublickey.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class containing information about one public key.
+*
+*/
+
+
+
+
+#include <x509cert.h>
+#include "ikepublickey.h"
+
+//
+// CPublickey Class
+//
+CIkePublicKey* CIkePublicKey::NewL(const CX509Certificate& aCert)
+ {
+ CIkePublicKey* PubKey = new (ELeave) CIkePublicKey();
+ CleanupStack::PushL(PubKey);
+
+ switch ( aCert.PublicKey().AlgorithmId() )
+ {
+ case ERSA:
+ PubKey->iAlgorithm = EPKIRSA;
+ PubKey->iKeyData = HBufC8::NewL(aCert.PublicKey().KeyData().Length());
+ PubKey->iKeyData->Des().Copy(aCert.PublicKey().KeyData());
+ CleanupStack::Pop(PubKey); //PubKey only removed from cleanup stack
+ break;
+
+ case EDSA:
+ PubKey->iAlgorithm = EPKIDSA;
+ PubKey->iKeyData = HBufC8::NewL(aCert.PublicKey().KeyData().Length());
+ PubKey->iKeyData->Des().Copy(aCert.PublicKey().KeyData());
+ PubKey->iKeyParams = HBufC8::NewL(aCert.PublicKey().EncodedParams().Length());
+ PubKey->iKeyParams->Des().Copy(aCert.PublicKey().EncodedParams());
+ CleanupStack::Pop(PubKey); //PubKey only removed from cleanup stack
+ break;
+
+ default:
+ CleanupStack::PopAndDestroy(PubKey);
+ PubKey = NULL;
+ break;
+ }
+
+ return PubKey;
+ }
+
+
+CIkePublicKey::CIkePublicKey()
+:iAlgorithm(EPKIInvalidAlgorithm)
+ {
+ }
+
+
+CIkePublicKey::~CIkePublicKey()
+ {
+ delete iKeyParams;
+ delete iKeyData;
+ }
+
+
+TPKIKeyAlgorithm CIkePublicKey::Algorithm() const
+ {
+ return iAlgorithm;
+ }
+
+
+const TDesC8& CIkePublicKey::KeyData() const
+ {
+ return *iKeyData;
+ }
+
+
+const TDesC8& CIkePublicKey::KeyParams() const
+ {
+ return *iKeyParams;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikev1pkiservice.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1067 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI store and Certificate verification interface class
+* implementation for IKEv1 plug-in
+*
+*/
+
+#include <x500dn.h>
+#include <x509cert.h>
+#include <asn1dec.h>
+#include <utf.h>
+
+#include "ikedebug.h"
+#include "ikev1pkiservice.h"
+#include "utlcrypto.h"
+#include "ikecert.h"
+#include "ikecaelem.h"
+#include "ikepublickey.h"
+#include "ikecalist.h"
+#include "ikepkiutils.h"
+#include "pkcs10.h"
+#include "vpnapidefs.h"
+#include "pkiutil.h"
+#include "ikecertconst.h"
+
+//
+// CIkeV1PkiService Class
+//
+_LIT8(KEmptyString, "");
+
+
+EXPORT_C CIkeV1PkiService* CIkeV1PkiService::NewL(
+ CIkeData* aIkeData,
+ MIkeDebug& aDebug
+)
+{
+ CIkeV1PkiService* self =
+ new (ELeave) CIkeV1PkiService(aIkeData, aDebug);
+
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+}
+
+
+CIkeV1PkiService::CIkeV1PkiService(
+ CIkeData* aIkeData,
+ MIkeDebug& aDebug
+) :
+ iOperation(KNoOperation),
+ iIkeData(aIkeData),
+ iCertPtr(NULL, 0),
+ iCertBfrSize(2048),
+ iDebug(aDebug)
+{
+}
+
+
+void CIkeV1PkiService::ConstructL()
+{
+ User::LeaveIfError(iPkiService.Connect());
+
+ // Set certificate store type to device certificate store,
+ // if Own_cert_type is defined as "DEVICE"
+ if ( iIkeData->iClientCertType != NULL )
+ {
+ TPtrC16 certStoreType = iIkeData->iClientCertType->GetData();
+ if ( certStoreType.CompareF(_L("DEVICE")) == 0 )
+ {
+ User::LeaveIfError(iPkiService.SetStoreType(EPkiStoreTypeDevice));
+ }
+ else
+ {
+ User::LeaveIfError(iPkiService.SetStoreType(EPkiStoreTypeUser));
+ }
+ }
+
+ iTrustedCAList = new (ELeave) CIkeCaList(2);
+ iReadCertificate = HBufC8::NewL(iCertBfrSize);
+
+
+ //The code assumes that these are not NULL.
+ //Reallocated, when needed
+ iSubjName = HBufC8::NewL(2);
+ iRfc822Name = HBufC8::NewL(2);
+}
+
+
+EXPORT_C CIkeV1PkiService::~CIkeV1PkiService()
+{
+ if ( iApplUidList )
+ {
+ iApplUidList->Reset();
+ delete iApplUidList;
+ }
+
+ if ( iCaCertList )
+ {
+ iCaCertList->Reset();
+ delete iCaCertList;
+ }
+
+ delete iTrustedCAList;
+
+ iCasTrustedByPeer.Reset();
+ iCasTrustedByPeer.Close();
+
+ delete iCaName;
+ delete iCa1Name;
+ delete iCa2Name;
+
+ delete iReadCertificate;
+ delete iSubjName;
+ delete iRfc822Name;
+
+
+ iPkiService.Close();
+}
+
+
+EXPORT_C TBool CIkeV1PkiService::ImportCACertsL(
+ CArrayFixFlat<TCertInfo*> *aCAList
+)
+{
+ DEBUG_LOG(_L("-> CIkeV1PkiService::ImportCACertsL"));
+
+ //
+ // Build trusted CA certificate list into CIkeV1PkiService object
+ // aCAList call parameter array contains the list of trusted CA:s
+ // (names in ASCII format).
+ // Read corresponding certificate from PKI store and if found,
+ // add a new element (=CIkeCaElem) into CIkeCaList
+ //
+ TBool Status = EFalse;
+
+ if ( aCAList && aCAList->Count() )
+ {
+ delete iCaName;
+
+ iCaName = NULL;
+ iCaName = HBufC8::NewL(256);
+ iCaNameList = aCAList;
+ iCurrIndex = 0;
+ iOperation = KBuildingCaList;
+
+ Status = GetNextCaElemL();
+ }
+
+ return Status;
+}
+
+
+//
+// CIkeV1PkiService::ReadCertWithNameL
+// This method is used to read a certificate from the PKI store.
+// Input parameters:
+// -- const TDesC8& Trusted CA name
+// -- TBool aGetCACert
+// ETrue = Read a CA certificate; EFalse read an user certificate
+// Output parameters:
+// -- X509 certificate into iReadCertificate buffer
+//
+EXPORT_C TInt CIkeV1PkiService::ReadUserCertWithNameL(
+ const TDesC8& aTrustedCaName, CIkeData* aIkeData, TBool aDnType)
+
+{
+ iIkeData = aIkeData;
+
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = HBufC8::NewL(aTrustedCaName.Length());
+ iCaName->Des().Copy(aTrustedCaName);
+
+ delete iReadCertificate;
+ iReadCertificate=NULL;
+
+ TInt Status = ReadCertificateL(*iCaName, EFalse);
+
+ iUserCertDerType=aDnType;
+ return Status;
+}
+EXPORT_C TInt CIkeV1PkiService::ReadChainL(CIkeData* aIkeData, const HBufC8* aCAName)
+{
+ iIkeData = aIkeData;
+ delete iReadCertificate;
+ iReadCertificate=NULL;
+ //read own certificate
+ TInt Status = ReadCertificateL(KEmptyString, EFalse);
+ TInt StatusICA1 = KErrNotFound;
+ TInt StatusICA2 = KErrNotFound;
+ TInt StatusICA = KErrNotFound;
+
+ if ( Status == KErrNone )
+ {
+ iReadCertificateOrig = HBufC8::NewL(iReadCertificate->Length());
+ TPtr8 iReadCertCopy(iReadCertificateOrig->Des());
+ iReadCertCopy.Copy(iReadCertificate->Des());
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iReadCertificate, KIssuerName);
+
+ //Read ICA2
+ StatusICA2 = ReadCertificateL(KEmptyString, ETrue);
+
+ if ( StatusICA2 != KErrNone)
+ {
+ delete iReadCertificateOrig;
+ iReadCertificateOrig=NULL;
+ return KErrNotFound;
+ }
+ }
+ if ( Status == KErrNone && StatusICA2 == KErrNone)
+ {
+
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iReadCertificate, KIssuerName);
+ delete iCa2Name;
+ iCa2Name=NULL;
+ iCa2Name = GetCertificate();
+
+ CX500DistinguishedName* dn=NULL;
+ CX500DistinguishedName* asn1DnNameofICaName = NULL;
+ dn = CX500DistinguishedName::NewLC(*aCAName);
+ asn1DnNameofICaName = CX500DistinguishedName::NewLC(*iCaName);
+
+ if ( asn1DnNameofICaName->ExactMatchL(*dn) )
+
+ {
+ StatusICA=KErrNone;
+ //read ICA1
+ StatusICA1 = ReadCertificateL(KEmptyString, ETrue);
+ if ( StatusICA1 != KErrNone)
+ {
+ delete iReadCertificateOrig;
+ iReadCertificateOrig=NULL;
+
+ CleanupStack::PopAndDestroy(asn1DnNameofICaName);
+ asn1DnNameofICaName=NULL;
+
+ CleanupStack::PopAndDestroy(dn);
+ dn=NULL;
+
+ return KErrNotFound;
+ }
+ }
+ else
+ {
+ StatusICA1 = ReadCertificateL(KEmptyString, ETrue);
+ if ( StatusICA1 == KErrNotFound)
+ {
+ delete iReadCertificateOrig;
+ iReadCertificateOrig=NULL;
+
+ CleanupStack::PopAndDestroy(asn1DnNameofICaName);
+ asn1DnNameofICaName=NULL;
+
+ CleanupStack::PopAndDestroy(dn);
+ dn=NULL;
+
+ return KVpnErrInvalidCaCertFile;
+ }
+ else
+ StatusICA1=KErrNone;
+ }
+ CleanupStack::PopAndDestroy(asn1DnNameofICaName);
+ asn1DnNameofICaName=NULL;
+
+ CleanupStack::PopAndDestroy(dn);
+ dn=NULL;
+
+ }
+
+ if ( Status == KErrNone && StatusICA1 == KErrNone && StatusICA2 == KErrNone)
+ {
+ if ( StatusICA == KErrNotFound )
+ {
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iReadCertificate, KIssuerName);
+ }
+ delete iCa1Name;
+ iCa1Name=NULL;
+ iCa1Name = GetCertificate();
+
+ CX500DistinguishedName* dn=NULL;
+ CX500DistinguishedName* asn1DnNameofICaName = NULL;
+
+ dn = CX500DistinguishedName::NewLC(*aCAName);
+
+ asn1DnNameofICaName = CX500DistinguishedName::NewLC(*iCaName);
+
+ if ( asn1DnNameofICaName->ExactMatchL(*dn) )
+ {
+ delete iCaName;
+ iCaName=NULL;
+ iCaName=HBufC8::NewL(aCAName->Length());
+ iCaName->Des().Copy(*aCAName);
+
+ TInt Status = ReadCertificateL(KEmptyString, ETrue);
+
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iCa2Name, KSubjectName);
+
+ delete iReadCertificate;
+ iReadCertificate=iReadCertificateOrig;
+ iReadCertificateOrig=NULL;
+
+ CleanupStack::PopAndDestroy(asn1DnNameofICaName);
+ asn1DnNameofICaName=NULL;
+
+ CleanupStack::PopAndDestroy(dn);
+ dn=NULL;
+
+ if ( Status!=KErrNone )
+ return KVpnErrInvalidCaCertFile;
+ else
+ return KErrNone;
+ }
+ else
+ {
+ delete iReadCertificate;
+
+ iReadCertificate=iReadCertificateOrig;
+ iReadCertificateOrig=NULL;
+ delete iReadCertificateOrig;
+
+ delete iReadCertificate;
+ iReadCertificate=NULL;
+
+ CleanupStack::PopAndDestroy(asn1DnNameofICaName);
+ asn1DnNameofICaName=NULL;
+
+ CleanupStack::PopAndDestroy(dn);
+ dn=NULL;
+
+ return KErrNotFound;
+ }
+ }
+ return KErrNotFound;
+}
+
+//
+// CIkeV1PkiService::Ikev1SignatureL
+// This method is used to compute IKEv1 signature with a specified private key.
+// Actually a signature computed happens by referring the related certificate
+// when the PKI store produces the signature with corresponding private key.
+// Parameters:
+// -- const TDesC8& aTrustedAuthority
+// Trusted CA name coded either in ASN1 (DN) format or ASCII format
+// -- CIkeData* aHostData
+// Related IKE configuration section. Used to get IdentitySubjectName or
+// Identity Rfc822 Name information for actual PKI service ReadCertificateL
+// method call
+// -- const TDesC8& aHashIn
+// Hash data signed (in matter of fact the hash data is simply
+// encrypted with private key)
+// Return:
+// -- TInt, sign length
+//
+EXPORT_C TInt CIkeV1PkiService::Ikev1SignatureL(
+ const TDesC8& aTrustedCaName,
+ CIkeData* aIkeData,
+ const TDesC8& aHashIn,
+ TDes8& aSignature
+)
+{
+ iIkeData = aIkeData;
+ return ComputeSignatureL(aTrustedCaName, aHashIn, aSignature, EFalse);
+}
+
+
+EXPORT_C CIkeCaList* CIkeV1PkiService::CaList()
+{
+ return iTrustedCAList;
+}
+
+
+EXPORT_C HBufC8* CIkeV1PkiService::GetCertificate()
+{
+ HBufC8* Cert = iReadCertificate;
+ iReadCertificate = NULL;
+ return Cert;
+}
+
+
+EXPORT_C HBufC8* CIkeV1PkiService::GetTrustedCA()
+{
+ HBufC8* Cert = iCaName;
+ iCaName = NULL;
+ return Cert;
+}
+
+
+EXPORT_C HBufC8* CIkeV1PkiService::GetTrustedICA1()
+{
+ HBufC8* Cert = iCa1Name;
+ iCa1Name = NULL;
+ return Cert;
+}
+
+EXPORT_C HBufC8* CIkeV1PkiService::GetTrustedICA2()
+{
+ HBufC8* Cert = iCa2Name;
+ iCa2Name = NULL;
+ return Cert;
+}
+
+TInt CIkeV1PkiService::ComputeSignatureL(
+ const TDesC8& aTrustedAuthority,
+ const TDesC8& aHashIn,
+ TDes8& aSignature,
+ TBool aRsaSignature
+)
+{
+ DEBUG_LOG(_L("-> CIkeV1PkiService::ComputeSignatureL"));
+
+ TPKIKeyAlgorithm keyAlgorithm = EPKIRSA;
+ TUint keySize = InitUserCertIdentDataL();
+ HBufC8* Asn1EncodedHash = NULL;
+ TPtrC8 hashIn(aHashIn);
+
+ if ( aRsaSignature )
+ {
+ //
+ // Build PKCS1v15 format signature (ASN1 encoded)
+ //
+ Asn1EncodedHash = IkeCert::BuildPkcs1v15HashL(aHashIn);
+
+ ASSERT( Asn1EncodedHash != NULL );
+ hashIn.Set(Asn1EncodedHash->Des());
+ }
+
+ TInt SignLth = 0;
+ TInt err = iPkiService.Sign(aTrustedAuthority, *iSubjName, *iRfc822Name,
+ EX509DigitalSignature, keySize,
+ keyAlgorithm, hashIn, aSignature);
+
+ if (err == KErrNone)
+ {
+ SignLth = aSignature.Length();
+ }
+
+ DEBUG_LOG2(_L("Sign returned %d, length=%d"), err, SignLth);
+ User::LeaveIfError(err);
+
+ delete Asn1EncodedHash;
+ return SignLth;
+}
+
+
+TInt CIkeV1PkiService::ReadCertificateL(
+ const TDesC8& aTrustedAuthority, TBool aGetCACert
+)
+{
+ //
+ // Read certificate from PKI store using pkiserviceapi
+ //
+ DEBUG_LOG(
+ _L("-> ReadCertificateL(aTrustedAuthority, aGetCACert)")
+ );
+
+ TInt Status = KErrNone;
+ TPKIKeyAlgorithm keyAlgorithm = EPKIRSA;
+ TPKICertificateOwnerType ownerType;
+ TUint keySize = 0;
+
+ if (aGetCACert)
+ {
+ DEBUG_LOG(_L("Reading CA certificate"));
+
+ ownerType = EPKICACertificate;
+
+ //Init CA cert ident data.
+ //aTrustedAuthority (issuer) checking for CA certs is not supported.
+ if ( aTrustedAuthority.Length() == 0 )
+ {
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = iCaName->AllocL();
+ iRfc822Name->Des().Zero();
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Reading User certificate"));
+ ownerType = EPKIUserCertificate;
+ keySize = InitUserCertIdentDataL();
+ }
+
+ for (;;) // Only for easy exits...
+ {
+ if ( iReallocated )
+ {
+ //
+ // Allocate a new buffer for ASN1 coded certificate read from
+ // PKI store. Buffer size is now asked from pkiserviceapi
+ //
+ delete iReadCertificate;
+ iReadCertificate = NULL;
+ TInt RealCertSize;
+
+ if ( iPkiService.GetRequiredBufferSize(RealCertSize) == KErrNone )
+ iCertBfrSize = (RealCertSize | 0x3) + 1;
+ // Try double size in error case
+ else iCertBfrSize = (iCertBfrSize << 1);
+ }
+
+ if ( !iReadCertificate )
+ {
+ iReadCertificate=NULL;
+ iReadCertificate = HBufC8::NewL(iCertBfrSize);
+ }
+
+ iCertPtr.Set(iReadCertificate->Des());
+ iCertPtr.Zero();
+
+ TRequestStatus status;
+ iPkiService.ReadCertificateL(aTrustedAuthority,
+ *iSubjName, *iRfc822Name,
+ ownerType, keySize,
+ keyAlgorithm, iCertPtr,
+ &iResArray, status);
+
+
+ User::WaitForRequest(status);
+ Status = status.Int();
+ iPkiService.Finalize(iResArray);
+ iResArray = NULL;
+
+ if ( (Status == KPKIErrBufferTooShort) && !iReallocated )
+ {
+ //
+ // Certificate buffer was too small try to read once more if
+ // not already tried
+ //
+ iReallocated = ETrue;
+ }
+ else
+ {
+ if ( Status == KErrNone )
+ {
+ //iReadCertificate->Des().SetLength(iCertPtr.Length());
+ iReallocated = EFalse;
+ }
+ break;
+ }
+
+ }
+
+ DEBUG_LOG(
+ _L("<- ReadCertificateL(aTrustedAuthority, aGetCACert)")
+ );
+
+ return Status;
+}
+
+
+TUint CIkeV1PkiService::InitUserCertIdentDataL()
+{
+ DEBUG_LOG(_L("-> CIkeV1PkiService::InitUserCertIdentDataL"));
+ __ASSERT_ALWAYS(iIkeData != NULL, User::Invariant());
+
+ TUint keySize = 0; // Default: Length is undefined
+
+ if ( !iReallocated )
+ {
+ //
+ // Get possible user identity information from current IKE policy
+ // section and convert it from 16-bit Unicode into UTF-8 format
+ //
+ TInt Lth = 3*( iIkeData->iOwnCert.iSubjectDnSuffix.Length() );
+
+ if ( Lth )
+ {
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = HBufC8::NewL(Lth);
+
+ TPtr8 dn8 = iSubjName->Des();
+ TPtrC16 dn16( iIkeData->iOwnCert.iSubjectDnSuffix );
+
+ if ( 0 != CnvUtfConverter::ConvertFromUnicodeToUtf8(
+ dn8, dn16 ) )
+ {
+ User::Leave(KErrCorrupt);
+ }
+ }
+ else
+ {
+ iSubjName->Des().Zero();
+ }
+
+ Lth = iIkeData->iOwnCert.iRfc822NameFqdn.Length();
+
+ if ( Lth )
+ {
+ delete iRfc822Name;
+ iRfc822Name = NULL;
+ iRfc822Name = HBufC8::NewL(Lth);
+ iRfc822Name->Des().Copy(iIkeData->iOwnCert.iRfc822NameFqdn);
+ }
+ else
+ {
+ iRfc822Name->Des().Zero();
+ }
+
+ if ( iIkeData->iOwnCert.iPrivateKeyLength )
+ {
+ keySize = iIkeData->iOwnCert.iPrivateKeyLength;
+ }
+ }
+
+ DEBUG_LOG(_L("<- CIkeV1PkiService::InitUserCertIdentDataL"));
+ return keySize;
+}
+
+
+TBool CIkeV1PkiService::GetNextCaElemL()
+{
+ //
+ // Get next CA certificate from PKI store using current CA name in
+ // iCaNameList.
+ //
+ DEBUG_LOG(_L("-> CIkeV1PkiService::GetNextCaElemL"));
+
+ TCertInfo* CertInfo;
+ TBool Ret;
+
+ Ret = EFalse;
+ TInt Status;
+
+ while ( iCurrIndex < iCaNameList->Count() )
+ {
+ CertInfo = iCaNameList->At(iCurrIndex);
+
+ if ( CertInfo->iFormat == CA_NAME )
+ {
+ TPtr8 dn8 = iCaName->Des();
+ TPtrC16 dn16( CertInfo->iData );
+
+ if ( 0 != CnvUtfConverter::ConvertFromUnicodeToUtf8(
+ dn8, dn16
+ ) )
+ {
+ User::Leave(KErrCorrupt);
+ }
+
+ Status = ReadCertificateL(KEmptyString, ETrue);
+ Ret |= AddNextCaElemL(Status);
+ }
+ else if ( CertInfo->iFormat == KEY_ID )
+ {
+ Status = GetCertificateWithKeyIdL(CertInfo->iData);
+ Ret |= AddNextCaElemL(Status);
+ }
+ else if ( CertInfo->iFormat == APPL_UID )
+ {
+ Ret |= GetApplUidListL(CertInfo->iData);
+ }
+ else
+ {
+ Ret |= EFalse;
+ iCurrIndex ++;
+ DEBUG_LOG1(
+ _L("Unsupported CA certificate element format = %d"),
+ CertInfo->iFormat
+ );
+ }
+
+ }
+
+ iCaNameList = NULL;
+
+ DEBUG_LOG(_L("<- CIkeV1PkiService::GetNextCaElemL"));
+ return Ret;
+}
+
+
+TBool CIkeV1PkiService::AddNextCaElemL(TInt& aStatus)
+{
+ DEBUG_LOG(_L("-> CIkeV1PkiService::AddNextCaElemL()"));
+
+ //
+ // CA has been read PKI store. Build and add a new CIkeCaElem to CIkeCaList
+ //
+#ifdef _DEBUG
+ CertReadCompleted(ETrue, aStatus, __LINE__);
+#endif // _DEBUG
+
+ if (aStatus == KErrNotFound)
+ {
+ DEBUG_LOG(_L(" Leave: status == KErrNotFound"));
+ User::Leave(KVpnErrInvalidCaCertFile);
+ }
+
+ TBool Ret;
+
+ if ( aStatus == KErrNone )
+ {
+ ASSERT(iReadCertificate);
+ HBufC8* CaCert = iReadCertificate; // Link CA buffer to CIkeCaElem
+ CaCert->Des().SetLength(iCertPtr.Length());
+ iReadCertificate = NULL;
+ CleanupStack::PushL(CaCert);
+ CIkeCaElem* CaElem = CIkeCaElem::NewL(CaCert);
+ CleanupStack::Pop(CaCert);
+ CleanupStack::PushL(CaElem);
+ iTrustedCAList->AppendL(CaElem);
+ CleanupStack::Pop(CaElem);
+
+ if ( iOperation == KProcessingApplUidList )
+ iListIndex ++;
+ else iCurrIndex ++;
+
+ Ret = ETrue;
+ }
+ else
+ {
+ if ( iOperation == KProcessingApplUidList )
+ iListIndex ++;
+ else iCurrIndex ++;
+
+ Ret = EFalse;
+ }
+
+ DEBUG_LOG(_L("<- CIkeV1PkiService::AddNextCaElemL()"));
+
+ return Ret;
+}
+
+TInt CIkeV1PkiService::GetNextCertificateL()
+{
+ DEBUG_LOG(_L("-> CIkeV1PkiService::GetNextCertificateL"));
+ //
+ // Get next user certificate from PKI store using either Key
+ // identifier or CA name as read argument
+ //
+ TInt Status = KErrNotFound;
+ if ( iCasTrustedByPeer.Count() > 0 )
+ {
+ CIkeCaElem* CaElem = iCasTrustedByPeer[0];
+ iCasTrustedByPeer.Remove(0);
+ iOperation = KReadingCertificate;
+
+ HBufC8* CaName = IkeCert::GetCertificateFieldDERL(
+ CaElem->Certificate(), KSubjectName
+ );
+
+ if ( CaName )
+ {
+ delete iCaName;
+ iCaName = CaName;
+ ReadCertificateL(*iCaName, EFalse);
+ Status = KErrNone;
+ }
+
+ }
+
+ DEBUG_LOG(_L("<- CIkeV1PkiService::GetNextCertificateL"));
+ return Status;
+}
+
+
+TBool CIkeV1PkiService::CertificateReadL(TInt& aStatus)
+{
+ //
+ // A Certificate has been read PKI store.
+ // Build X509 certificate object from certificate data
+ //
+#ifdef _DEBUG
+ CertReadCompleted(EFalse, aStatus, __LINE__);
+#endif // _DEBUG
+ TBool Status = ETrue;
+
+ if ( aStatus == KErrNone )
+ {
+ iReallocated = EFalse;
+ iReadCertificate->Des().SetLength(iCertPtr.Length());
+ }
+ else
+ {
+ if ( (aStatus == KPKIErrBufferTooShort) && !iReallocated )
+ {
+ //
+ // Certificate buffer was too small try to read once more if
+ // not already tried
+ //
+ Status = EFalse;
+ aStatus = KErrNone;
+ iReallocated = ETrue;
+ ReadCertificateL(*iCaName, EFalse);
+ }
+
+ if ( (aStatus != KErrNone) && ( aStatus != KPKIErrBufferTooShort) )
+ {
+ //
+ // User certificate not found from PKI store, try to read next
+ //
+ iReallocated = EFalse;
+ aStatus = GetNextCertificateL();
+
+ if ( aStatus == KErrNone )
+ {
+ Status = EFalse;
+ }
+ }
+ }
+
+ return Status;
+}
+
+
+TInt CIkeV1PkiService::ReadCertificateL(const TPKIKeyIdentifier& aKeyIdentifier)
+{
+ //
+ // Read certificate from PKI store using pkiserviceapi
+ //
+ TRequestStatus status;
+
+ for (;;) // Only for easy exits...
+ {
+ if ( iReallocated )
+ {
+ //
+ // Allocate a new buffer for ASN1 coded certificate read from
+ // PKI store. Buffer size is now asked from pkiserviceapi
+ //
+ delete iReadCertificate;
+ iReadCertificate = NULL;
+ TInt RealCertSize;
+
+ if ( iPkiService.GetRequiredBufferSize(RealCertSize) == KErrNone )
+ iCertBfrSize = (RealCertSize | 0x3) + 1;
+ // Try double size in error case
+ else iCertBfrSize = (iCertBfrSize << 1);
+ }
+
+ if ( !iReadCertificate )
+ iReadCertificate = HBufC8::NewL(iCertBfrSize);
+
+ iCertPtr.Set((TUint8*)iReadCertificate->Ptr(), 0, iCertBfrSize);
+
+ iPkiService.ReadCertificateL(aKeyIdentifier, iCertPtr,
+ &iResArray, status);
+
+ User::WaitForRequest(status);
+ iPkiService.Finalize(iResArray);
+ iResArray = NULL;
+
+ if ( (status.Int() == KPKIErrBufferTooShort) && !iReallocated )
+ {
+ //
+ // Certificate buffer was too small try to read once more if
+ // not already tried
+ //
+ iReallocated = ETrue;
+ }
+ else
+ {
+ if ( status.Int() == KErrNone )
+ {
+ iReadCertificate->Des().SetLength(iCertPtr.Length());
+ iReallocated = EFalse;
+ }
+ break;
+ }
+
+ }
+
+ return status.Int();
+}
+
+
+TInt CIkeV1PkiService::ReadCertificateListL()
+{
+ //
+ // Read certificate list with Application UID:s
+ //
+ if ( iCaCertList )
+ {
+ iCaCertList->Reset();
+ delete iCaCertList;
+ iCaCertList = NULL;
+ }
+
+ iOperation = KBuildingApplUidList;
+
+ iPkiService.ListApplicableCertificatesL(
+ (const RArray<TUid>&)(*iApplUidList), iCaCertList
+ );
+
+ return KErrNone;
+}
+
+
+TInt CIkeV1PkiService::GetCertificateWithKeyIdL(const TDesC16& aKeyIdString)
+{
+ TInt Status;
+
+ if ( IkeParser::TextToHexOctets(aKeyIdString, iCertKeyId) )
+ Status = ReadCertificateL(iCertKeyId);
+ else Status = KErrArgument;
+
+ return Status;
+}
+
+
+TBool CIkeV1PkiService::GetApplUidListL(const TDesC16& aApplUidString)
+{
+ //
+ // Build application UID array to get trusted CA certificate list
+ // from PKI service.
+ //
+ if ( iApplUidList )
+ {
+ iApplUidList->Reset();
+ delete iApplUidList;
+ iApplUidList = NULL;
+ }
+
+ iApplUidList = IkeParser::GetApplUidListL(aApplUidString);
+
+ TBool Status = (iApplUidList->Count() != 0);
+
+ if ( Status )
+ {
+ TInt Ret = ReadCertificateListL();
+ Status = ( Ret == KErrNone);
+ iListIndex = 0;
+
+ Status = ApplUidCertListCompletedL(Ret);
+ }
+
+ return Status;
+}
+
+
+TBool CIkeV1PkiService::ApplUidCertListCompletedL(TInt aStatus)
+{
+ DEBUG_LOG2(
+ _L("Certificate list read completed, status= %d, list elem count= %d"),
+ aStatus, iCaCertList->Count()
+ );
+ DEBUG_LOG1(
+ _L(" APPL UID(s) = %S\n"), &iCaNameList->At(iCurrIndex)->iData
+ );
+
+ TBool Ret;
+
+ if ( (aStatus == KErrNone) && iCaCertList->Count() )
+ {
+ //
+ // Start to read in trusted CA certificates provided in list
+ //
+ iOperation = KProcessingApplUidList;
+ Ret = ReadNextInListL();
+ }
+ else
+ {
+ //
+ // No trusted CA certificates found with current application
+ // UID:s. Continue processing CA elements
+ //
+ Ret = EFalse;
+ iOperation = KBuildingCaList;
+ iCurrIndex ++;
+
+ }
+
+ return Ret;
+}
+
+
+TBool CIkeV1PkiService::ReadNextInListL()
+{
+ TBool Status = EFalse;
+
+ TInt Ret;
+
+ while ( iListIndex < iCaCertList->Count() )
+ {
+ Ret = ReadCertificateL(iCaCertList->At(iListIndex).iSubjectKeyId);
+ if ( AddNextCaElemL(Ret) )
+ Status = ETrue;
+ }
+
+ iCurrIndex ++;
+
+ return Status;
+}
+
+
+#ifdef _DEBUG
+
+void CIkeV1PkiService::CertReadCompleted(TBool aCaCert, TInt aStatus, TInt aLine )
+{
+ TBuf<320>DebugMsg;
+ if ( aCaCert )
+ {
+ ASSERT( iCurrIndex < iCaNameList->Count() );
+ DebugMsg.Format(_L("Trusted CA certificate read completed with status = %d (line = %d)"),
+ aStatus, aLine);
+ DebugMsg.AppendFormat(_L(" ; Search criteria: "));
+ TCertInfo* CertInfo = iCaNameList->At(iCurrIndex);
+ switch ( CertInfo->iFormat )
+ {
+ case CA_NAME:
+ DebugMsg.AppendFormat(_L("CA_NAME = %S\n"), &CertInfo->iData);
+ break;
+ case KEY_ID:
+ DebugMsg.AppendFormat(_L("KEY_ID = %S\n"), &CertInfo->iData);
+ break;
+ default:
+ TBuf<48> KeyIdString;
+ ASSERT( iListIndex < iCaCertList->Count() );
+ HexToString(iCaCertList->At(iListIndex).iSubjectKeyId, KeyIdString);
+ DebugMsg.AppendFormat(_L("APPL_UID/<KEY_ID> = %S\n"), &KeyIdString);
+ break;
+ }
+ }
+ else
+ {
+ DEBUG_LOG2(_L("End user certificate read completed with status = %d (line = %d)\n"),
+ aStatus, aLine);
+ }
+ DEBUG_LOG(DebugMsg);
+}
+
+void CIkeV1PkiService::HexToString(const TDesC8& aKeyId, TDes16& aKeyIdString)
+{
+ TInt i = 0;
+ TUint x;
+ TUint y;
+
+ while (i < aKeyId.Length())
+ {
+ x = (TUint)aKeyId[i];
+ for ( TInt j = 4; j >= 0; j -= 4 )
+ {
+ y = (x >> j) & 0xf;
+ TChar ch(y);
+ if ( y < 0xa )
+ ch += 0x30;
+ else if ( (y > 9) && (y < 0x10) )
+ ch += (0x61 - 0xa);
+ else ch += (0x30 - ch);
+ aKeyIdString.Append(ch);
+ }
+ i ++;
+ }
+}
+
+#endif //_DEBUG
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikecert/src/ikev2pkiservice.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,812 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 specifig certificate reading related stuff
+*
+*/
+
+#include <x500dn.h>
+#include <x509cert.h>
+#include <asn1dec.h>
+
+#include "ikev2pkiservice.h"
+#include "utlcrypto.h"
+#include "ikecert.h"
+#include "ikecaelem.h"
+#include "ikecalist.h"
+#include "ikedebug.h"
+#include "ikepolparser.h"
+#include "ikev2const.h"
+#include "ikecertconst.h"
+//
+// CIkePkiService Class
+//
+_LIT8(KEmptyString, "");
+
+
+const TInt KDefaultCertificateBufferSize = 2048;
+
+//
+// Certificate field indicators for GetCertificateFieldDERL()
+//
+
+#ifdef _DEBUG
+
+#define SET_ACTIVE DEBUG_LOG2(_L("CIkeV2PkiService::SetActive (0x%x) %d\n"), this, __LINE__);\
+ SetActive()
+
+#else
+
+#define SET_ACTIVE SetActive()
+
+#endif
+
+
+EXPORT_C CIkeV2PkiService* CIkeV2PkiService::NewL(MIkeV2PkiServiceObserver& aObserver, MIkeDebug& aDebug)
+ {
+ CIkeV2PkiService* self = new (ELeave) CIkeV2PkiService(aObserver, aDebug);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkeV2PkiService::CIkeV2PkiService(MIkeV2PkiServiceObserver& aObserver, MIkeDebug& aDebug)
+ :CActive(EPriorityStandard),
+ iObserver(aObserver),
+ iDebug(aDebug),
+ iState(EPkiServiceIdle),
+ iCertPtr(NULL, 0)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+void CIkeV2PkiService::ConstructL()
+ {
+ User::LeaveIfError(iPkiService.Connect());
+
+ iTrustedCAList = new (ELeave) CIkeCaList(2);
+ iReadCertificate = HBufC8::NewL(KDefaultCertificateBufferSize);
+ iCertPtr.Set(iReadCertificate->Des());
+
+ //The code assumes that these are not NULL.
+ //Reallocated, when needed
+ iSubjName = HBufC8::NewL(2);
+ iRfc822Name = HBufC8::NewL(2);
+ }
+
+
+EXPORT_C CIkeV2PkiService::~CIkeV2PkiService()
+ {
+ Cancel();
+
+ delete iUserCertificate;
+ delete i1Certificate;
+ delete i2Certificate;
+ delete i2CertificateName;
+ delete iTrustedCAList;
+
+ iCasTrustedByPeer.Reset();
+ iCasTrustedByPeer.Close();
+
+ delete iCaName;
+ delete iReadCertificate;
+ delete iSubjName;
+ delete iRfc822Name;
+
+ iPkiService.Close();
+ }
+
+
+void CIkeV2PkiService::DoCancel()
+ {
+
+ iPkiService.CancelPendingOperation();
+ iState = EPkiServiceIdle;
+
+ delete iCaName;
+ iCaName = NULL;
+
+ __ASSERT_DEBUG(iReadCertificate != NULL, User::Invariant());
+ iReadCertificate->Des().Zero();
+
+
+ __ASSERT_DEBUG(iSubjName != NULL, User::Invariant());
+ iSubjName->Des().Zero();
+
+ __ASSERT_DEBUG(iRfc822Name != NULL, User::Invariant());
+ iRfc822Name->Des().Zero();
+
+
+ iCasTrustedByPeer.Reset();
+
+ delete iIkeDataCAList;
+ iIkeDataCAList = NULL;
+
+ iTrustedCAList->ResetAndDestroy();
+ }
+
+
+TInt CIkeV2PkiService::RunError(TInt /*aError*/)
+ {
+ //Currently RunL may leave.
+ //But we seem to ignore the possible leave.
+
+ return KErrNone;
+ }
+
+
+EXPORT_C void CIkeV2PkiService::ReadTrustedUserCertificateL()
+ {
+ __ASSERT_ALWAYS(!IsActive(), User::Invariant());
+ __ASSERT_ALWAYS(iTrustedCAList != NULL, User::Invariant());
+ __ASSERT_ALWAYS(iIkeData->iOwnCert.iOwnCertExists, User::Invariant());
+
+ iCasTrustedByPeer.Reset();
+
+ for (TInt i = 0; i < iTrustedCAList->Count(); ++i)
+ {
+ CIkeCaElem* caElem = (*iTrustedCAList)[i];
+ User::LeaveIfError(iCasTrustedByPeer.Append(caElem));
+ }
+
+
+ iState = EReadingCertificate;
+
+ if (iTrustedCAList->Count() > 0)
+ {
+ CIkeCaElem* CaElem = iCasTrustedByPeer[0];
+ HBufC8* caName = IkeCert::GetCertificateFieldDERL(CaElem->Certificate(), KSubjectName);
+ if (caName == NULL)
+ {
+ User::Leave(KErrArgument);
+ }
+ delete iCaName;
+ iCaName = caName;
+
+ ReadUserCertificateL(*iCaName, EFalse);
+ }
+ else
+ {
+ //No CA's found.
+ //We can't read anything
+ User::Leave(KErrNotFound);
+ }
+ }
+
+
+EXPORT_C TInt CIkeV2PkiService::Ikev2SignatureL(const TDesC8& aTrustedAuthority,
+ const TOwnCertInfo& aOwnCertInfo,
+ const TDesC8& aMsgOctets,
+ TDes8& aSignature, TUint8 aAuthMeth)
+ {
+ __ASSERT_ALWAYS(!IsActive(), User::Invariant());
+
+ TPKIKeyAlgorithm keyAlgorithm = EPKIRSA;
+ TInt length = aOwnCertInfo.iSubjectDnSuffix.Length();
+ if ( length )
+ {
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = HBufC8::NewL(length);
+ iSubjName->Des().Copy(aOwnCertInfo.iSubjectDnSuffix);
+ }
+ else
+ {
+ iSubjName->Des().Zero();
+ }
+
+ length = aOwnCertInfo.iRfc822NameFqdn.Length();
+ if ( length )
+ {
+ delete iRfc822Name;
+ iRfc822Name = NULL;
+ iRfc822Name = HBufC8::NewL(length);
+ iRfc822Name->Des().Copy(aOwnCertInfo.iRfc822NameFqdn);
+ }
+ else
+ {
+ iRfc822Name->Des().Zero();
+ }
+
+ //
+ // Build PKCS1v15 format signature (ASN1 encoded) for RSA and SHA1 for DSA
+ //
+ CUtlMessageDigest* digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ CleanupStack::PushL(digest);
+ HBufC8* asn1EncodedHash =NULL;
+ HBufC8* DSSHash = NULL;
+
+ switch( aAuthMeth )
+ {
+ case RSA_DIGITAL_SIGN:
+ asn1EncodedHash = IkeCert::BuildPkcs1v15HashL(digest->Final(aMsgOctets));
+ User::LeaveIfNull(asn1EncodedHash);
+ CleanupStack::PopAndDestroy(digest);
+ CleanupStack::PushL(asn1EncodedHash);
+ User::LeaveIfError(iPkiService.Sign(aTrustedAuthority, *iSubjName, *iRfc822Name,
+ EX509DigitalSignature, aOwnCertInfo.iPrivateKeyLength,
+ keyAlgorithm, *asn1EncodedHash, aSignature));
+ CleanupStack::PopAndDestroy(asn1EncodedHash);
+ DEBUG_LOG(_L("Signing Auth data using RSA key."));
+ break;
+ case DSS_DIGITAL_SIGN:
+ DSSHash = HBufC8::New(20);
+ DSSHash->Des().Append(digest->Final(aMsgOctets));
+ CleanupStack::PopAndDestroy(digest);
+ CleanupStack::PushL(DSSHash);
+ User::LeaveIfError(iPkiService.Sign(aTrustedAuthority, *iSubjName, *iRfc822Name,
+ EX509DigitalSignature, aOwnCertInfo.iPrivateKeyLength,
+ keyAlgorithm, *DSSHash, aSignature));
+ CleanupStack::PopAndDestroy(DSSHash);
+ DEBUG_LOG(_L("Signing Auth data using DSA key."));
+ break;
+ default:
+ DEBUG_LOG1(_L("Authentication method %d not supported when using digital signatures."), aAuthMeth);
+ User::Leave(KErrNotSupported);
+ break;
+ }
+
+ return aSignature.Length();
+ }
+
+
+EXPORT_C const CIkeCaList& CIkeV2PkiService::CaList() const
+ {
+ return *iTrustedCAList;
+ }
+
+
+EXPORT_C const TDesC8& CIkeV2PkiService::UserCertificateData() const
+ {
+ if (iUserCertificate != NULL)
+ {
+ return *iUserCertificate;
+ }
+ else
+ {
+ return KEmptyString;
+ }
+ }
+
+EXPORT_C const TDesC8& CIkeV2PkiService::I2CertificateData() const
+ {
+ if (i2Certificate != NULL)
+ {
+ return *i2Certificate;
+ }
+ else
+ {
+ return KEmptyString;
+ }
+ }
+
+EXPORT_C const TDesC8& CIkeV2PkiService::I1CertificateData() const
+ {
+ if (i1Certificate != NULL)
+ {
+ return *i1Certificate;
+ }
+ else
+ {
+ return KEmptyString;
+ }
+ }
+
+
+EXPORT_C const TDesC8& CIkeV2PkiService::TrustedCaName() const
+ {
+ if ( i2CertificateName != NULL )
+ {
+ return *i2CertificateName;
+ }
+ if (iCaName != NULL)
+ {
+ return *iCaName;
+ }
+ else
+ {
+ return KEmptyString;
+ }
+ }
+
+
+void CIkeV2PkiService::ReadUserCertificateL(const TDesC8& aTrustedAuthority, TBool aGetCACert)
+ {
+ __ASSERT_DEBUG(iReadCertificate != NULL, User::Invariant());
+ //
+ // Read certificate from PKI store using pkiserviceapi
+ //
+ TPKIKeyAlgorithm keyAlgorithm = EPKIRSA;
+ TPKICertificateOwnerType ownerType;
+ TUint keySize = 0;
+
+ if ( aGetCACert )
+ {
+ ownerType = EPKICACertificate;
+
+ //Init CA cert ident data.
+ //aTrustedAuthority (issuer) checking for CA certs is not supported.
+ //__ASSERT_ALWAYS(aTrustedAuthority.Length() == 0, User::Invariant());
+ if ( aTrustedAuthority.Length() == 0 )
+ {
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = iCaName->AllocL();
+ iRfc822Name->Des().Zero();
+ }
+ }
+ else
+ {
+ ownerType = EPKIUserCertificate;
+ TInt length = iIkeData->iOwnCert.iSubjectDnSuffix.Length();
+ if ( length )
+ {
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = HBufC8::NewL(length);
+ iSubjName->Des().Copy(iIkeData->iOwnCert.iSubjectDnSuffix);
+ }
+ else
+ {
+ iSubjName->Des().Zero();
+ }
+
+ length = iIkeData->iOwnCert.iRfc822NameFqdn.Length();
+ if ( length )
+ {
+ delete iRfc822Name;
+ iRfc822Name = NULL;
+ iRfc822Name = HBufC8::NewL(length);
+ iRfc822Name->Des().Copy(iIkeData->iOwnCert.iRfc822NameFqdn);
+ }
+ else
+ {
+ iRfc822Name->Des().Zero();
+ }
+ keySize = iIkeData->iOwnCert.iPrivateKeyLength;
+ }
+ iPkiService.ReadCertificateL(aTrustedAuthority,
+ *iSubjName, *iRfc822Name,
+ ownerType, keySize,
+ keyAlgorithm, iCertPtr,
+ &iResArray, iStatus);
+ SET_ACTIVE;
+ }
+
+
+void CIkeV2PkiService::CIkeV2PkiServiceApplUidArrayCleanup(TAny* any)
+ {
+ RArray<TUid>* applUidList = reinterpret_cast<RArray<TUid>*>(any);
+ applUidList->Reset();
+ applUidList->Close();
+ delete applUidList;
+ }
+
+
+void CIkeV2PkiService::RunL()
+ {
+ DEBUG_LOG1(_L("CIkeV2PkiService::RunL: Status %d"), iStatus.Int());
+
+ //
+ // A PKI service operation completed. Take actions according to
+ // iOperation code
+ //
+
+ TInt err = KErrNone;
+
+ TInt status = iStatus.Int();
+
+ iPkiService.Finalize(iResArray);
+ iResArray = NULL;
+
+
+ switch ( iState )
+ {
+ case EBuildingCaList:
+ TRAP(err, BuildingCaListRunL());
+ break;
+ case EReadingCertificate:
+ TRAP(err, ReadUserCertificateRunL());
+ break;
+ case EReadingCertificateChain:
+ TRAP(err, ReadCertificateChainRunL());
+ break;
+ default:
+ DEBUG_LOG(_L("RunL called in unknown state"));
+ User::Invariant();
+ break;
+ }
+
+ if ( err != KErrNone )
+ {
+ DEBUG_LOG(_L("Operation completed. Signalling observer."));
+
+ SignalObserverL(err);
+ }
+ }
+
+
+void CIkeV2PkiService::ReadUserCertificateRunL()
+ {
+ //
+ // A Certificate has been read PKI store.
+ // Build X509 certificate object from certificate data
+ //
+ switch(iStatus.Int())
+ {
+ case KErrNone:
+ iUserCertificate = iReadCertificate->AllocL();
+ iReadCertificate->Des().Zero();
+ SignalObserverL(KErrNone);
+ break;
+ case KPKIErrBufferTooShort:
+ {
+ //
+ // Allocate a new buffer for ASN1 coded certificate read from PKI store
+ // Buffer size is now asked from pkiserviceapi
+ //
+ TInt realCertSize;
+ User::LeaveIfError(iPkiService.GetRequiredBufferSize(realCertSize));
+
+ delete iReadCertificate;
+ iReadCertificate = NULL;
+
+ iReadCertificate = HBufC8::NewL(realCertSize);
+ iCertPtr.Set(iReadCertificate->Des());
+
+ ReadUserCertificateL(*iCaName, EFalse);
+ }
+ break;
+ case KPKIErrNotFound:
+ {
+ //
+ // Get next user certificate from PKI store using either Key
+ // identifier or CA name as read argument
+ //
+ iCasTrustedByPeer.Remove(0);
+ if ( iCasTrustedByPeer.Count() > 0 )
+ {
+
+ CIkeCaElem* CaElem = iCasTrustedByPeer[0];
+ HBufC8* caName = IkeCert::GetCertificateFieldDERL(CaElem->Certificate(), KSubjectName);
+ if (caName == NULL)
+ {
+ User::Leave(KErrArgument);
+ }
+ delete iCaName;
+ iCaName = caName;
+ caName=NULL;
+ delete caName;
+ ReadUserCertificateL(*iCaName, EFalse);
+ }
+ else
+ {
+ User::Leave(KErrNotFound);
+ }
+ }
+ break;
+ case KErrNotFound:
+ ReadCertificateChainL();
+ break;
+ default:
+ User::Leave(iStatus.Int());
+ break;
+ }
+ }
+
+
+void CIkeV2PkiService::BuildingCaListRunL()
+ {
+
+ switch(iStatus.Int())
+ {
+ case KErrNone:
+ {
+ iIkeDataCAList->Delete(0);
+
+ ASSERT(iReadCertificate);
+ HBufC8* caCert = iReadCertificate; // Link CA buffer to CIkeCaElem
+ CleanupStack::PushL(caCert);
+
+ iReadCertificate = NULL;
+ iReadCertificate = HBufC8::NewL(KDefaultCertificateBufferSize);
+ iCertPtr.Set(iReadCertificate->Des());
+
+
+ CIkeCaElem* caElem = CIkeCaElem::NewL(caCert);
+ CleanupStack::Pop(caCert);
+ CleanupStack::PushL(caElem);
+
+ //Append ca cert to list, if not already present.
+ if (iTrustedCAList->FindCaElem(caElem->KeyHash()) == NULL)
+ {
+ iTrustedCAList->AppendL(caElem);
+ CleanupStack::Pop(caElem);
+ }
+ else
+ {
+ CleanupStack::PopAndDestroy(caElem);
+ }
+
+ if (iIkeDataCAList->Count() > 0)
+ {
+ ImportNextCaElemFromIkeDataListL();
+ }
+ else
+ {
+
+ if (iIkeData->iOwnCert.iOwnCertExists)
+ {
+ ReadTrustedUserCertificateL();
+ }
+ else
+ {
+ SignalObserverL(KErrNone);
+ }
+ }
+ }
+ break;
+ case KPKIErrBufferTooShort:
+ {
+
+ DEBUG_LOG(_L("Buffer too short"));
+
+ TInt certSize = 0;
+ User::LeaveIfError(iPkiService.GetRequiredBufferSize(certSize));
+
+ __ASSERT_DEBUG(iCertPtr.MaxLength() < certSize, User::Invariant());
+
+ delete iReadCertificate;
+ iReadCertificate = NULL;
+ iReadCertificate = HBufC8::NewL(certSize);
+ iCertPtr.Set(iReadCertificate->Des());
+
+ //Tries to reimport the certificate.
+ ImportNextCaElemFromIkeDataListL();
+ }
+ break;
+ default:
+ DEBUG_LOG1(_L("Error code %d"), iStatus.Int());
+ User::Leave(iStatus.Int());
+ break;
+ }
+ }
+
+
+EXPORT_C void CIkeV2PkiService::InitIkeV2PkiService(const CIkeData* aIkeData)
+ {
+ __ASSERT_DEBUG(iState == EPkiServiceIdle, User::Invariant());
+ __ASSERT_DEBUG(iIkeDataCAList == NULL, User::Invariant());
+ __ASSERT_DEBUG(aIkeData->iCAList != NULL, User::Invariant());
+ __ASSERT_DEBUG(aIkeData->iCAList->Count() > 0, User::Invariant());
+ __ASSERT_DEBUG(iIkeData == NULL, User::Invariant());
+
+ iIkeData = aIkeData;
+
+ iState = EBuildingCaList;
+ TRAPD(err, InitIkeV2PkiServiceL());
+ if (err != KErrNone)
+ {
+ iStatus = KRequestPending;
+ SET_ACTIVE;
+
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, err);
+ }
+ }
+
+
+void CIkeV2PkiService::InitIkeV2PkiServiceL()
+ {
+ if (iIkeData->iClientCertType != NULL)
+ {
+ if (iIkeData->iClientCertType->GetData().Compare(_L("DEVICE")) == 0)
+ {
+ User::LeaveIfError(iPkiService.SetStoreType(EPkiStoreTypeDevice));
+ }
+ else
+ {
+ User::LeaveIfError(iPkiService.SetStoreType(EPkiStoreTypeUser));
+ }
+ }
+
+ iIkeDataCAList = new (ELeave) CArrayFixFlat<TCertInfo>(2);
+ for (TInt i = 0; i < iIkeData->iCAList->Count(); ++i)
+ {
+ const TCertInfo* info = (*iIkeData->iCAList)[i];
+ iIkeDataCAList->AppendL(*info);
+ }
+
+ ImportNextCaElemFromIkeDataListL();
+ }
+
+
+void CIkeV2PkiService::ImportNextCaElemFromIkeDataListL()
+ {
+ __ASSERT_DEBUG(iIkeDataCAList != NULL, User::Invariant());
+ __ASSERT_DEBUG(iIkeDataCAList->Count() > 0, User::Invariant());
+
+ const TCertInfo certInfo = (*iIkeDataCAList)[0];
+ switch(certInfo.iFormat)
+ {
+ case CA_NAME:
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = HBufC8::NewL(certInfo.iData.Length());
+ iSubjName->Des().Copy(certInfo.iData);
+ iPkiService.ReadCertificateL(KEmptyString,
+ *iSubjName, KEmptyString,
+ EPKICACertificate, 0,
+ EPKIRSA, iCertPtr,
+ &iResArray, iStatus);
+ SET_ACTIVE;
+ break;
+ case KEY_ID:
+ if (!IkeParser::TextToHexOctets(certInfo.iData, iCertKeyId))
+ {
+ User::Leave(KErrArgument);
+ }
+ iPkiService.ReadCertificateL(iCertKeyId, iCertPtr,
+ &iResArray, iStatus);
+ SET_ACTIVE;
+ break;
+ case APPL_UID:
+ {
+ //Get the list of applicable CA certs and appends it
+ //to the original list, which was defined in the policy.
+ //After this removes the currently handled node and
+ //calls the method recursively.
+ RArray<TUid>* applUidList = IkeParser::GetApplUidListL(certInfo.iData);
+ CleanupStack::PushL(TCleanupItem(CIkeV2PkiServiceApplUidArrayCleanup,
+ applUidList));
+
+ CArrayFix<TCertificateListEntry>* applicableCaCertList;
+ iPkiService.ListApplicableCertificatesL(*applUidList, applicableCaCertList);
+
+ CleanupStack::PopAndDestroy(); //applUidList
+
+ if (applicableCaCertList->Count() > 0)
+ {
+ CleanupStack::PushL(applicableCaCertList);
+ TCertInfo* info = new (ELeave) TCertInfo;
+ CleanupDeletePushL(info);
+ for (TInt i = 0; i < applicableCaCertList->Count(); i++)
+ {
+ const TCertificateListEntry& entry = (*applicableCaCertList)[i];
+ info->iFormat = CA_NAME;
+ info->iData.Zero();
+ info->iData.Copy(entry.iIdentitySubjectName);
+
+ iIkeDataCAList->AppendL(*info);
+ DEBUG_LOG1(_L("Appending Applicable cert to the list (%S)"), &(info->iData));
+
+ }
+
+ CleanupStack::PopAndDestroy(info);
+ CleanupStack::PopAndDestroy(applicableCaCertList);
+
+ iIkeDataCAList->Delete(0);
+ ImportNextCaElemFromIkeDataListL();
+ }
+ else
+ {
+ delete applicableCaCertList;
+ applicableCaCertList = NULL;
+
+ iStatus = KRequestPending;
+ SET_ACTIVE;
+
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNotFound);
+ }
+ }
+ break;
+ default:
+ User::Leave(KErrArgument);
+ break;
+ }
+ }
+
+void CIkeV2PkiService::ReadCertificateChainL()
+ {
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iCasTrustedByPeer[0]->Certificate(), KSubjectName);;
+ iState = EReadingCertificateChain;
+ ReadUserCertificateL(KEmptyString, EFalse);
+ }
+
+void CIkeV2PkiService::ReadCertificateChainRunL()
+ {
+ TInt err;
+ HBufC8* issuerName=NULL;
+ TRAP(err, issuerName = IkeCert::GetCertificateFieldDERL(iReadCertificate, KIssuerName));
+ if (err!=KErrNone)
+ {
+ err=KKmdIkeNoCertFoundErr;
+ User::Leave(err);
+ }
+ if ( issuerName->Compare(iCaName->Des())==0)
+ {
+ iReadCertificate->Des().Zero();
+ delete issuerName;
+ issuerName = NULL;
+ SignalObserverL(KErrNone);
+ }
+ else
+ {
+ delete issuerName;
+ issuerName = NULL;
+ delete iCaName;
+ iCaName = NULL;
+ iCaName = IkeCert::GetCertificateFieldDERL(iReadCertificate, KIssuerName);
+ delete iSubjName;
+ iSubjName = NULL;
+ iSubjName = iCaName->AllocL();
+ if ( !iUserCertificate)
+ iUserCertificate = iReadCertificate->AllocL();
+ else if ( !i2Certificate )
+ {
+ i2Certificate = iReadCertificate->AllocL();
+ i2CertificateName= IkeCert::GetCertificateFieldDERL(i2Certificate, KSubjectName);
+ }
+ else if ( !i1Certificate)
+ i1Certificate = iReadCertificate->AllocL();
+
+ iPkiService.ReadCertificateL(KEmptyString,
+ *iSubjName, KEmptyString,
+ EPKICACertificate, 0,
+ EPKIRSA, iCertPtr,
+ &iResArray, iStatus);
+ SET_ACTIVE;
+ }
+
+ }
+
+void CIkeV2PkiService::SignalObserverL(TInt aStatus)
+{
+ DEBUG_LOG1(_L("CIkeV2PkiService::SignalObserverL: Signalling with %d"), aStatus);
+
+ if (aStatus != KErrNone)
+ {
+ delete iUserCertificate;
+ iUserCertificate = NULL;
+
+ delete iCaName;
+ iCaName = NULL;
+
+ iCertPtr.Zero();
+
+ iTrustedCAList->ResetAndDestroy(); // Trusted CA certificate list
+
+ }
+
+ iIkeData = NULL;
+
+ iSubjName->Des().Zero();
+ iRfc822Name->Des().Zero();
+
+ iCertKeyId.Zero();
+ iResArray = NULL;
+
+ iCasTrustedByPeer.Reset();
+
+ delete iIkeDataCAList;
+ iIkeDataCAList = NULL;
+
+ iState = EPkiServiceIdle;
+ iObserver.IkeV2PkiInitCompleteL(aStatus);
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/EABI/ikepolparserU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+EXPORTS
+ _ZN10TIkeParser10MainParseLEP13CIkeDataArray @ 1 NONAME
+ _ZN10TIkeParser12BufferAppendERP6HBufC8RK6TDesC8 @ 2 NONAME
+ _ZN10TIkeParser16GeneralInfoWriteEmmiRP6HBufC8 @ 3 NONAME
+ _ZN10TIkeParser16GeneralInfoWriteEmmiiRP6HBufC8 @ 4 NONAME
+ _ZN10TIkeParser17ParseIKESectionsLEP13CIkeDataArray @ 5 NONAME
+ _ZN10TIkeParser5WriteEP8CIkeDataRP6HBufC8 @ 6 NONAME
+ _ZN10TIkeParser6ParseLEP8CIkeData @ 7 NONAME
+ _ZN10TIkeParser9MainWriteEP8CIkeDataRP6HBufC8 @ 8 NONAME
+ _ZN10TIkeParserC1ERK7TDesC16i @ 9 NONAME
+ _ZN10TIkeParserC1Ev @ 10 NONAME
+ _ZN10TIkeParserC2ERK7TDesC16i @ 11 NONAME
+ _ZN10TIkeParserC2Ev @ 12 NONAME
+ _ZN10TSecParser16ParseGeneralDataEP12CGeneralData @ 13 NONAME
+ _ZN10TSecParser5WriteEP14CSecurityPieceRP6HBufC8 @ 14 NONAME
+ _ZN12CGeneralDataC1EPS_ @ 15 NONAME
+ _ZN12CGeneralDataC1Ev @ 16 NONAME
+ _ZN12CGeneralDataC2EPS_ @ 17 NONAME
+ _ZN12CGeneralDataC2Ev @ 18 NONAME
+ _ZN13CIkeDataArray10ConstructLEPS_ @ 19 NONAME
+ _ZN13CIkeDataArray4NewLEPS_ @ 20 NONAME
+ _ZN13CIkeDataArray4NewLEi @ 21 NONAME
+ _ZN13CIkeDataArray5CopyLEPS_ @ 22 NONAME
+ _ZN13CIkeDataArray5EmptyEv @ 23 NONAME
+ _ZN13CIkeDataArrayD0Ev @ 24 NONAME
+ _ZN13CIkeDataArrayD1Ev @ 25 NONAME
+ _ZN13CIkeDataArrayD2Ev @ 26 NONAME
+ _ZN14CSecurityPiece10ConstructLEi @ 27 NONAME
+ _ZN14CSecurityPiece8SetInfoLERK7TDesC16 @ 28 NONAME
+ _ZN14CSecurityPieceD0Ev @ 29 NONAME
+ _ZN14CSecurityPieceD1Ev @ 30 NONAME
+ _ZN14CSecurityPieceD2Ev @ 31 NONAME
+ _ZN14TGeneralParser5ParseEP12CGeneralData @ 32 NONAME
+ _ZN14TGeneralParserC1ERK7TDesC16 @ 33 NONAME
+ _ZN14TGeneralParserC2ERK7TDesC16 @ 34 NONAME
+ _ZN8CIkeData10ConstructLEPKS_ @ 35 NONAME
+ _ZN8CIkeData4NewLEPKS_ @ 36 NONAME
+ _ZN8CIkeData4NewLEv @ 37 NONAME
+ _ZN8CIkeData5CopyLEPKS_ @ 38 NONAME
+ _ZN8CIkeDataD0Ev @ 39 NONAME
+ _ZN8CIkeDataD1Ev @ 40 NONAME
+ _ZN8CIkeDataD2Ev @ 41 NONAME
+ _ZN9IkeParser15GetApplUidListLERK7TDesC16 @ 42 NONAME
+ _ZN9IkeParser15TextToHexOctetsERK7TDesC16R5TDes8 @ 43 NONAME
+ _ZN9IkeParser16TextToHexOctetsLERK7TDesC16 @ 44 NONAME
+ _ZTI13CIkeDataArray @ 45 NONAME ; #<TI>#
+ _ZTI14CSecurityPiece @ 46 NONAME ; #<TI>#
+ _ZTI8CIkeData @ 47 NONAME ; #<TI>#
+ _ZTV13CIkeDataArray @ 48 NONAME ; #<VT>#
+ _ZTV14CSecurityPiece @ 49 NONAME ; #<VT>#
+ _ZTV8CIkeData @ 50 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/bwins/IKEPOLPARSERU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+EXPORTS
+ ??0CGeneralData@@QAE@PAV0@@Z @ 1 NONAME ; CGeneralData::CGeneralData(class CGeneralData *)
+ ??0CGeneralData@@QAE@XZ @ 2 NONAME ; CGeneralData::CGeneralData(void)
+ ??0TGeneralParser@@QAE@ABVTDesC16@@@Z @ 3 NONAME ; TGeneralParser::TGeneralParser(class TDesC16 const &)
+ ??0TIkeParser@@QAE@ABVTDesC16@@H@Z @ 4 NONAME ; TIkeParser::TIkeParser(class TDesC16 const &, int)
+ ??0TIkeParser@@QAE@XZ @ 5 NONAME ; TIkeParser::TIkeParser(void)
+ ??1CIkeData@@UAE@XZ @ 6 NONAME ; CIkeData::~CIkeData(void)
+ ??1CIkeDataArray@@UAE@XZ @ 7 NONAME ; CIkeDataArray::~CIkeDataArray(void)
+ ??1CSecurityPiece@@UAE@XZ @ 8 NONAME ; CSecurityPiece::~CSecurityPiece(void)
+ ?BufferAppend@TIkeParser@@SAHAAPAVHBufC8@@ABVTDesC8@@@Z @ 9 NONAME ; int TIkeParser::BufferAppend(class HBufC8 * &, class TDesC8 const &)
+ ?ConstructL@CIkeDataArray@@QAEXPAV1@@Z @ 10 NONAME ; void CIkeDataArray::ConstructL(class CIkeDataArray *)
+ ?ConstructL@CSecurityPiece@@QAEXH@Z @ 11 NONAME ; void CSecurityPiece::ConstructL(int)
+ ?CopyL@CIkeDataArray@@QAEXPAV1@@Z @ 12 NONAME ; void CIkeDataArray::CopyL(class CIkeDataArray *)
+ ?Empty@CIkeDataArray@@QAEXXZ @ 13 NONAME ; void CIkeDataArray::Empty(void)
+ ?GeneralInfoWrite@TIkeParser@@SAHKKHAAPAVHBufC8@@@Z @ 14 NONAME ; int TIkeParser::GeneralInfoWrite(unsigned long, unsigned long, int, class HBufC8 * &)
+ ?GeneralInfoWrite@TIkeParser@@SAHKKHHAAPAVHBufC8@@@Z @ 15 NONAME ; int TIkeParser::GeneralInfoWrite(unsigned long, unsigned long, int, int, class HBufC8 * &)
+ ?GetApplUidListL@IkeParser@@SAPAV?$RArray@VTUid@@@@ABVTDesC16@@@Z @ 16 NONAME ; class RArray<class TUid> * IkeParser::GetApplUidListL(class TDesC16 const &)
+ ?MainParseL@TIkeParser@@QAEXPAVCIkeDataArray@@@Z @ 17 NONAME ; void TIkeParser::MainParseL(class CIkeDataArray *)
+ ?MainWrite@TIkeParser@@SAHPAVCIkeData@@AAPAVHBufC8@@@Z @ 18 NONAME ; int TIkeParser::MainWrite(class CIkeData *, class HBufC8 * &)
+ ?NewL@CIkeData@@SAPAV1@XZ @ 19 NONAME ; class CIkeData * CIkeData::NewL(void)
+ ?NewL@CIkeDataArray@@SAPAV1@H@Z @ 20 NONAME ; class CIkeDataArray * CIkeDataArray::NewL(int)
+ ?NewL@CIkeDataArray@@SAPAV1@PAV1@@Z @ 21 NONAME ; class CIkeDataArray * CIkeDataArray::NewL(class CIkeDataArray *)
+ ?Parse@TGeneralParser@@QAEHPAVCGeneralData@@@Z @ 22 NONAME ; int TGeneralParser::Parse(class CGeneralData *)
+ ?ParseGeneralData@TSecParser@@QAEHPAVCGeneralData@@@Z @ 23 NONAME ; int TSecParser::ParseGeneralData(class CGeneralData *)
+ ?ParseIKESectionsL@TIkeParser@@QAEXPAVCIkeDataArray@@@Z @ 24 NONAME ; void TIkeParser::ParseIKESectionsL(class CIkeDataArray *)
+ ?ParseL@TIkeParser@@QAEXPAVCIkeData@@@Z @ 25 NONAME ; void TIkeParser::ParseL(class CIkeData *)
+ ?SetInfoL@CSecurityPiece@@QAEXABVTDesC16@@@Z @ 26 NONAME ; void CSecurityPiece::SetInfoL(class TDesC16 const &)
+ ?TextToHexOctets@IkeParser@@SAHABVTDesC16@@AAVTDes8@@@Z @ 27 NONAME ; int IkeParser::TextToHexOctets(class TDesC16 const &, class TDes8 &)
+ ?TextToHexOctetsL@IkeParser@@SAPAVHBufC8@@ABVTDesC16@@@Z @ 28 NONAME ; class HBufC8 * IkeParser::TextToHexOctetsL(class TDesC16 const &)
+ ?Write@TIkeParser@@SAHPAVCIkeData@@AAPAVHBufC8@@@Z @ 29 NONAME ; int TIkeParser::Write(class CIkeData *, class HBufC8 * &)
+ ?Write@TSecParser@@SAHPAVCSecurityPiece@@AAPAVHBufC8@@@Z @ 30 NONAME ; int TSecParser::Write(class CSecurityPiece *, class HBufC8 * &)
+ ?ConstructL@CIkeData@@QAEXPBV1@@Z @ 31 NONAME ; void CIkeData::ConstructL(class CIkeData const *)
+ ?CopyL@CIkeData@@QAEXPBV1@@Z @ 32 NONAME ; void CIkeData::CopyL(class CIkeData const *)
+ ?NewL@CIkeData@@SAPAV1@PBV1@@Z @ 33 NONAME ; class CIkeData * CIkeData::NewL(class CIkeData const *)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+ikepolparser.mmp
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/group/ikepolparser.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikepolparser
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikepolparser.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101fae09
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikepolparser.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY insock.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/inc/ikepolparser.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,444 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE policy parser main module
+*
+*/
+
+
+
+#ifndef __IKEPOLPARSER_H
+#define __IKEPOLPARSER_H
+
+#include <f32file.h>
+#include <badesca.h>
+#include <in_sock.h>
+
+#define FIRST_SEC_PARSER_VERSION 1
+#define SEC_PARSER_VERSION 3
+
+#define IKE_HOST_SEPARATOR _L("[HOST]")
+#define IKE_SEPARATOR _L("[IKE]")
+#define IKE_HOST_SEPARATOR_LEN 6
+#define IKE_GENERAL_SEPARATOR _L("[GENERAL]")
+#define IKE_GENERAL_SEPARATOR_LEN 9
+
+#define MAX_INFO_SIZE 1024
+#define PIECE_AVG_LENGTH 2048
+
+const TInt KIkePolicyBufferSizeIncrement = 6000;
+
+const TInt KNokiaNattDefaultPort = 9872;
+
+//Security Ike Parser Error codes
+// NOTE! The error code values below MUST be kept in sync with
+// the corresponding error code values defined together by
+// vpnapi/data/vpnerr.rss and vpnapi/data/vpnerr.ra
+const TInt KSecParserErrMode = -5263;
+const TInt KSecParserErrNotify = -5264;
+const TInt KSecParserErrCommit = -5265;
+const TInt KSecParserErrIpsecExpire = -5266;
+const TInt KSecParserErrSendCert = -5267;
+const TInt KSecParserErrInitialContact = -5268;
+const TInt KSecParserErrResponderLifetime = -5269;
+const TInt KSecParserErrReplayStatus = -5270;
+const TInt KSecParserErrGroupDesc_II = -5271;
+const TInt KSecParserErrProposal = -5272;
+const TInt KSecParserErrEncrAlg = -5273;
+const TInt KSecParserErrAuthMethod = -5274;
+const TInt KSecParserErrHashAlg = -5275;
+const TInt KSecParserErrGroupDesc = -5276;
+const TInt KSecParserErrGroupType = -5277;
+const TInt KSecParserErrLifeBytes = -5278;
+const TInt KSecParserErrLifeSecs = -5279;
+const TInt KSecParserErrPRF = -5280;
+const TInt KSecParserErrPreKey = -5281;
+const TInt KSecParserErrPreFormat = -5282;
+const TInt KSecParserErrCA = -5283;
+const TInt KSecParserErrOwnCerts = -5284;
+const TInt KSecParserErrOwnName = -5285;
+const TInt KSecParserErrOwnKey = -5286;
+const TInt KSecParserErrPeerCerts = -5287;
+const TInt KSecParserErrPeerAddr = -5288;
+const TInt KSecParserErrPeerMask = -5289;
+const TInt KSecParserErrMaxLifetimeSec = -5290;
+const TInt KSecParserErrMaxLifetimeKB = -5291;
+const TInt KSecParserErrMaxRetrans = -5292;
+const TInt KSecParserErrNoSeparator = -5293;
+const TInt KSecParserErrCRACKLAMType = -5294;
+const TInt KSecParserErrUseIntAddr = -5295;
+const TInt KSecParserErrUseNATProbe = -5296;
+const TInt KSecParserErrUnknown = -5297;
+
+
+
+//Values for the choice lists used in the .RSS
+enum {IKE_PARSER_MAIN,
+ IKE_PARSER_AGGRESSIVE}; //Modes
+enum {IKE_PARSER_DES_CBC,
+ IKE_PARSER_DES3_CBC,
+ IKE_PARSER_AES_CBC};
+enum {IKE_PARSER_PRE_SHARED,
+ IKE_PARSER_DSS_SIG,
+ IKE_PARSER_RSA_SIG,
+ IKE_PARSER_RSA_ENCR,
+ IKE_PARSER_RSA_REV_ENCR,
+ IKE_PARSER_CRACK};
+enum {IKE_PARSER_MD5,
+ IKE_PARSER_SHA1};
+enum {IKE_PARSER_MODP_768 = 1,
+ IKE_PARSER_MODP_1024 = 2,
+ IKE_PARSER_MODP_1536 = 5,
+ IKE_PARSER_MODP_2048 = 14};
+enum {IKE_PARSER_DEFAULT,
+ IKE_PARSER_MODP};
+enum {IKE_PARSER_NONE,
+ IKE_PARSER_DES3_CBC_MAC};
+
+//CRACK Legacy Authentication types
+#define IKE_PARSER_CRACK_PASSWORD 1
+
+//------------------------------------------------------------------------
+//
+// IKE Parser
+//
+//------------------------------------------------------------------------
+
+//Data on a single proposal
+struct TProposalData
+{
+ TUint8 iEncrAlg;
+ TUint8 iAuthMeth;
+ TUint8 iHashAlg;
+ TUint8 iGroupDesc;
+ TUint8 iGroupType;
+ TUint8 iPRF;
+ TUint32 iLifetimeKb;
+ TUint32 iLifetimeSec;
+ TInt iEncrKeyLth;
+
+ TProposalData *iNext; //Used for chaining
+ TProposalData *iPrev; //to make easier changing the order
+
+};
+
+
+static const TUint KMaxPresharedKeyLength = 256;
+enum TKeyFormat
+{
+ STRING_KEY = 0,
+ HEX_KEY = 1
+};
+
+struct TPresharedKeyData
+{
+ TBuf<KMaxPresharedKeyLength> iKey;
+ TKeyFormat iFormat;
+};
+
+enum TCertFormat
+{
+ PEM_CERT = 0,
+ BIN_CERT = 1,
+ CA_NAME = 2,
+ KEY_ID = 3,
+ APPL_UID = 4
+};
+
+
+//RSA Encryption peer public keys
+struct TCertInfo
+{
+ TCertFormat iFormat;
+ TFileName iData;
+};
+
+
+enum TIdentityAsRfc822Name
+ {
+ EIdentityAsRfc822NameUndefined = 0,
+ EIdentityAsRfc822NameYes = 1,
+ EIdentityAsRfc822NameNo = 2
+ };
+
+//Own certificates
+struct TOwnCertInfo
+{
+ TCertFormat iFormat;
+ TFileName iData; //File containing the peer RSA public key
+ TBuf<128> iRfc822NameFqdn;
+ TIdentityAsRfc822Name iIdentityAsRfc822Name;
+ TBuf<256> iSubjectDnSuffix;
+ TInt iPrivateKeyLength;
+ TInt iOwnCertExists; // 0 = no own cert 1 = own cert exists
+};
+
+class TStringData
+{
+ public:
+ TStringData() :iBfr(NULL) {}
+ TStringData(HBufC16* aBfr) :iBfr(aBfr) {}
+ ~TStringData() {delete iBfr;}
+ static inline TStringData* NewL(TInt aLth)
+ {
+ HBufC16* Databfr = HBufC16::NewL(aLth);
+ TStringData* StringData = new (ELeave)TStringData(Databfr);
+ return StringData;
+ }
+ static inline TStringData* NewL(const TPtrC16& aString)
+ {
+ TStringData* Obj = TStringData::NewL(aString.Length());
+ Obj->iBfr->Des().Copy(aString);
+ return Obj;
+ }
+ inline TPtrC16 GetData()
+ {
+ TPtrC16 DataPtr(NULL, 0);
+ if ( iBfr )
+ DataPtr.Set(iBfr->Des());
+ return DataPtr;
+ }
+ inline HBufC8* GetAsciiDataL()
+ {
+ HBufC8* Bfr8 = NULL;
+ if ( iBfr )
+ {
+ Bfr8 = HBufC8::NewL(iBfr->Des().Length());
+ Bfr8->Des().Copy(iBfr->Des());
+ }
+ return Bfr8;
+ }
+
+ private:
+ HBufC16* iBfr; // Variable length data buffer
+
+};
+
+
+class CIkeData : public CBase
+{
+public:
+ IMPORT_C static CIkeData* NewL();
+ IMPORT_C static CIkeData* NewL(const CIkeData *aData);
+ IMPORT_C void ConstructL(const CIkeData *aData);
+
+ EXPORT_C ~CIkeData();
+ IMPORT_C void CopyL(const CIkeData *aData);
+ void Empty();
+private:
+ CIkeData();
+public:
+ TStringData* iFQDNAddr; //Peer host address in FQDN format
+ TInetAddr iAddr; //Peer host address
+ TInetAddr iMask; //Peer host mask
+ TInetAddr iDnsServer;
+ TUint8 iMode;
+ TUint8 iIkeVersion; //Preferred IKE version
+ TUint8 iIdType; //IKE Phase 1 identity type code. Integer value according to rfc2407
+ TUint8 iRemoteIdType;
+ TBool iSkipRemoteIdCheck;
+ TBuf<128> iFQDN;
+ TStringData* iRemoteIdentity;
+ TBool iAcceptPartialRemoteId;
+
+ TBool iNotify;
+ TBool iCommit; //COMMIT bit processing
+ TBool iInitialContact; //INITIAL-CONTACT sending
+ TBool iResponderLifetime; //RESPONDER_LIFETIME sending
+ TBool iReplayStatus; //REPLAY_STATUS sending
+ TBool iIpsecExpires; //IPSEC SAs expire with ISAKMP SAs
+ TBool iAlwaysSendCert; //Sends a Cert without even if NOT receiving a CR
+
+// Private IKE extension
+ TBool iUseInternalAddr;
+ TBool iUseNatProbing;
+ TBool iUseXauth; //Use XAUTH defined in <draft-beaulieu-ike-xauth-02.txt>
+ TBool iUseCfgMode; //Use CFG-MODE defined in <draft-dukes-ike-mode-cfg-01.txt>
+ TBool iUseMobIke; //Use MOBIKE Ikev2 extension<draft-ietf-mobike-protocol-04.txt>
+ TInt iEspUdpPort; //Port value for IPSEC ESP encapsulation (= In NAT-traversal)
+ TInt iNatKeepAlive; //NAT keep alive timeout in seconds (if zero not used)
+ TUint8 iDscp; //DSCP tag
+ TInt iDPDHeartBeat; //DPD Heart beat timeout in seconds (if zero not used)
+ TInt iRekeyingThreshold; //Rekeying threshold value
+ TUint8 iGroupDesc_II;
+ TUint8 iCRACKLAMType; //CRACK Legacy Authentication Method type
+ TStringData* iCRACKLAMUserName;
+ TStringData* iCRACKLAMPassword;
+ TStringData* iClientCertType;
+ TUint8 iEAPProtocol;
+ TUint8 iEAPReserved;
+ TBool iEAPHideIdentity;
+ TStringData* iEAPRealmPrefix;
+ TStringData* iEAPManualRealm;
+ TStringData* iEAPManualUserName;
+ TBool iCARequired; //If RSA based authentication method is used then at least one CA is required
+ TBool iCAFound; //CAs section
+ TInt iNumProp;
+ TProposalData *iPropList;
+ TPresharedKeyData iPresharedKey;
+ TCertInfo iCA; // Left for backward compatibility
+ CArrayFixFlat<TCertInfo*> *iCAList; // For multiple CAs
+ TOwnCertInfo iOwnCert;
+ TCertInfo iPrivKey;
+ TCertInfo iPeerCert;
+
+};
+
+
+class CIkeDataArray : public CArrayFixFlat<CIkeData*>
+{
+public:
+ IMPORT_C static CIkeDataArray* NewL(TInt aGranularity);
+ IMPORT_C static CIkeDataArray* NewL(CIkeDataArray *aData);
+ IMPORT_C void ConstructL(CIkeDataArray *aData);
+
+ IMPORT_C ~CIkeDataArray();
+ IMPORT_C void CopyL(CIkeDataArray *aData);
+ IMPORT_C void Empty();
+private:
+ CIkeDataArray(TInt aGranularity);
+ CIkeDataArray(CIkeDataArray *aData);
+public:
+ //General Data
+ TUint32 iMaxLifetimeSec;
+ TUint32 iMaxLifetimeKB;
+ TInt iMaxRetrans;
+ TInt iMaxTraceFileSize;
+};
+
+class TIkeParser : public TLex
+{
+public:
+ IMPORT_C TIkeParser();
+ IMPORT_C TIkeParser(const TDesC &aStr, TInt aVersion = SEC_PARSER_VERSION);
+ IMPORT_C void MainParseL(CIkeDataArray *aIkeList);
+ IMPORT_C void ParseL(CIkeData *aConf);
+ IMPORT_C static TInt MainWrite(CIkeData *aConf, HBufC8*& aPolBfr);
+ IMPORT_C static TInt GeneralInfoWrite(
+ TUint32 aMaxLifetimeSec, TUint32 aMaxLifetimeKB,
+ TInt aMaxRetrans, HBufC8*& aPolBfr);
+ IMPORT_C static TInt GeneralInfoWrite(
+ TUint32 aMaxLifetimeSec, TUint32 aMaxLifetimeKB,
+ TInt aMaxRetrans, TInt aMaxTraceFileSize, HBufC8*& aPolBfr);
+ IMPORT_C static TInt Write(CIkeData *aConf, HBufC8*& aPolBfr);
+ IMPORT_C void ParseIKESectionsL(CIkeDataArray *aIkeList);
+ IMPORT_C static TInt BufferAppend( HBufC8*& aPolBfr, const TDesC8& aText);
+
+private:
+ TInt ParseGeneralData(CIkeDataArray *aIkeList);
+ void ParseIkePieceL(CIkeData *aIkeData, TInt aVersion, TPtrC& aSectionName);
+ void DoMainParseL(CIkeDataArray *aIkeList, TPtrC& aSectionName);
+ TInt ParseProposals(CIkeData *aConf);
+ TInt ParsePresharedKeys(CIkeData *aConf);
+ TInt ParseCAs(CIkeData *aConf);
+ TInt ParseCAItem(CIkeData *aConf, TCertInfo *aCA, TPtrC& aToken);
+ void ParseCAListL(CIkeData *aConf, TInt aCACount, TPtrC& aToken);
+ TInt ParseOwnCerts(CIkeData *aConf);
+ TInt ParsePeerCerts(CIkeData *aConf);
+ TInt CheckPolicy(CIkeData* aConf);
+ TPtrC GetRestOfLine();
+ TInt ParseFileName(TDes& aFileName);
+
+ static TBufC<16> TextMode(const TInt aMode);
+ static TBufC<16> TextEncrAlg(const TInt aAlg, const TInt aKeyLth);
+ static TBufC<16> TextAuthMethod(const TInt aMethod);
+ static TBufC<16> TextHashAlg(const TInt aAlg);
+ static TBufC<16> TextGroupDesc(const TInt aDesc);
+ static TBufC<16> TextGroupType(const TInt aType);
+ static TBufC<16> TextPRF(const TInt aPRF);
+ static TBufC<16> TextFormat(const TKeyFormat aFormat);
+ static TBufC<16> CertFormat(TCertFormat aFormat);
+ static TBufC<16> TextLAMType(const TUint8 aLAMType);
+private:
+ TInt iVersion;
+};
+
+
+class CGeneralData : public CBase
+{
+public:
+ IMPORT_C CGeneralData();
+ IMPORT_C CGeneralData(CGeneralData* aData);
+public:
+ TInt iDeactivationTimeout;
+};
+
+
+
+//------------------------------------------------------------------------
+//Multiple Security Info combined
+class CSecurityPiece : public CBase
+{
+public:
+ IMPORT_C void ConstructL(TInt aSize = 64); //default 64 bytes description
+ inline HBufC *Info() {return iInfo;}
+ IMPORT_C void SetInfoL(const TDesC &aDes); //needed to resize it if needed
+ inline CIkeData *IkeData() {return iIkeData;}
+ inline CGeneralData *GeneralData(){return iGeneralData;}
+ IMPORT_C ~CSecurityPiece();
+
+private:
+ HBufC* iInfo;
+ CIkeData *iIkeData;
+ CGeneralData *iGeneralData;
+};
+
+typedef CArrayFixFlat<CSecurityPiece *> CPiecesList;
+
+//
+// class TSecParser
+//
+
+class TSecParser : public TLex
+{
+public:
+ IMPORT_C TSecParser(const TDesC &aDes);
+ IMPORT_C TInt ParseL(CSecurityPiece *aPiece_data);
+ IMPORT_C static TInt Write(CSecurityPiece *aPiece_data, HBufC8*& aPolBfr);
+ IMPORT_C TInt ParseGeneralData(CGeneralData* aData);
+private:
+ TBool CheckVersion();
+ void ParseInfoL(CSecurityPiece *aPiece_data);
+ void NextTag();
+ TInt DoParseL(CSecurityPiece *aPiece_data, TBool aIncludeIKE);
+ TInt ParseGeneral(CGeneralData *aGeneralData);
+
+ static TInt WriteVersion(HBufC8*& aPolBfr);
+ static TInt WriteInfo(CSecurityPiece *aPiece_data, HBufC8*& aPolBfr);
+ static TInt WriteIke(CSecurityPiece *aPiece_data, HBufC8*& aPolBfr);
+
+private:
+ TInt iVersion; //File version
+};
+
+class TGeneralParser : public TLex
+{
+public:
+ IMPORT_C TGeneralParser(const TDesC &aStr);
+ IMPORT_C TInt Parse(CGeneralData *aData);
+};
+
+class IkeParser
+{
+ public:
+ IMPORT_C static RArray<TUid>* GetApplUidListL(const TDesC16& aApplUidString);
+ IMPORT_C static HBufC8* TextToHexOctetsL(const TDesC16& aTextString);
+ IMPORT_C static TBool TextToHexOctets(const TDesC16& aTextString, TDes8& aHexOctets);
+
+ private:
+ void static NextHexaDigit(TLex& aUidString);
+ TBool static DeHex(const TUint16* aUcStr, TInt aStrLen, TUint8* aDstBfr);
+ TBool static HexVal(TUint8& c);
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/rom/ikepolparser.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project ikepolparser
+*
+*/
+
+
+
+
+#ifndef __IKEPOLPARSER_IBY__
+#define __IKEPOLPARSER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKEPOLPARSER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikepolparser.dll SHARED_LIB_DIR\ikepolparser.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __IKEPOLPARSER_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikepolparser/src/ikepolparser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,2499 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE policy parser main module
+*
+*/
+
+
+
+#include <e32std.h>
+#include <coeutils.h>
+#include "ikepolparser.h"
+
+//
+// EXPORTed functions
+//
+
+//---------------------------------------------------------------------------
+//
+// IKE Policy Parsing
+//
+//---------------------------------------------------------------------------
+
+//
+//CIkeData -> contains the ike data
+//
+CIkeData::CIkeData() : iIkeVersion(1)
+ {
+ }
+
+EXPORT_C CIkeData* CIkeData::NewL()
+ {
+ return new (ELeave) CIkeData();
+ }
+
+EXPORT_C CIkeData* CIkeData::NewL(const CIkeData *aData)
+ {
+ CIkeData* self = new (ELeave) CIkeData();
+ CleanupStack::PushL(self);
+ self->ConstructL(aData);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+EXPORT_C void CIkeData::ConstructL(const CIkeData *aData)
+ {
+ CopyL(aData);
+ }
+
+EXPORT_C CIkeData::~CIkeData()
+ {
+ delete iRemoteIdentity;
+ delete iEAPRealmPrefix;
+ delete iEAPManualRealm;
+ delete iEAPManualUserName;
+ delete iCRACKLAMUserName;
+ delete iCRACKLAMPassword;
+ delete iClientCertType;
+ delete iFQDNAddr;
+ Empty();
+ }
+
+EXPORT_C void CIkeData::CopyL(const CIkeData* aData)
+ {
+ if ( aData == NULL )
+ {
+ User::Leave( KErrNoMemory );
+ }
+
+ Empty(); //Free the previous info
+ iAddr = aData->iAddr; //Peer host address
+ iMask = aData->iMask; //Peer host mask
+ if (aData->iFQDNAddr)
+ iFQDNAddr=TStringData::NewL(aData->iFQDNAddr->GetData());
+ iMode = aData->iMode;
+ iNotify = aData->iNotify;
+ iFQDN.Copy(aData->iFQDN);
+ iIdType = aData->iIdType;
+ iGroupDesc_II = aData->iGroupDesc_II;
+ iAcceptPartialRemoteId = aData->iAcceptPartialRemoteId;
+ iIkeVersion = aData->iIkeVersion;
+ iCommit = aData->iCommit;
+ iIpsecExpires = aData->iIpsecExpires;
+ iAlwaysSendCert = aData->iAlwaysSendCert;
+ iInitialContact = aData->iInitialContact; //INITIAL-CONTACT sending
+ iResponderLifetime = aData->iResponderLifetime; //RESPONDER_LIFETIME sending
+ iReplayStatus = aData->iReplayStatus; //RESPONDER_LIFETIME sending
+ iCRACKLAMType = aData->iCRACKLAMType; //CRACK LAM type
+ if (aData->iCRACKLAMUserName)
+ iCRACKLAMUserName=TStringData::NewL(aData->iCRACKLAMUserName->GetData());
+ if (aData->iCRACKLAMPassword)
+ iCRACKLAMPassword=TStringData::NewL(aData->iCRACKLAMPassword->GetData());
+ iUseInternalAddr = aData->iUseInternalAddr;
+ iUseNatProbing = aData->iUseNatProbing;
+ iEspUdpPort = aData->iEspUdpPort;
+ iNatKeepAlive = aData->iNatKeepAlive;
+ iDscp = aData->iDscp;
+ iDPDHeartBeat = aData->iDPDHeartBeat;
+ iRekeyingThreshold = aData->iRekeyingThreshold;
+ iUseXauth = aData->iUseXauth;
+ iUseCfgMode = aData->iUseCfgMode;
+ iUseMobIke = aData->iUseMobIke;
+
+ iRemoteIdType = aData->iRemoteIdType;
+ iSkipRemoteIdCheck = aData->iSkipRemoteIdCheck;
+ if ( aData->iRemoteIdentity )
+ iRemoteIdentity = TStringData::NewL(aData->iRemoteIdentity->GetData());
+ iEAPProtocol = aData->iEAPProtocol;
+ iEAPHideIdentity = aData->iEAPHideIdentity;
+ if ( aData->iEAPRealmPrefix )
+ iEAPRealmPrefix = TStringData::NewL(
+ aData->iEAPRealmPrefix->GetData());
+ if ( aData->iEAPManualRealm )
+ iEAPManualRealm = TStringData::NewL(
+ aData->iEAPManualRealm->GetData());
+ if ( aData->iEAPManualUserName )
+ iEAPManualUserName = TStringData::NewL(
+ aData->iEAPManualUserName->GetData());
+ if (aData->iClientCertType)
+ iClientCertType = TStringData::NewL(aData->iClientCertType->GetData());
+
+ iNumProp = aData->iNumProp;
+ TProposalData* prop = NULL;
+ TProposalData* prev = NULL;
+ TProposalData* tmp_prop = aData->iPropList;
+ for (TInt i=0; i < iNumProp; i++)
+ {
+ prop = new (ELeave) TProposalData;
+ *prop = *tmp_prop;
+ if (prev)
+ prev->iNext = prop;
+ else //first
+ iPropList = prop;
+
+ prop->iPrev = prev;
+ prev = prop;
+ tmp_prop = tmp_prop->iNext;
+ }
+ if (prop)
+ prop->iNext = NULL;
+
+ iPresharedKey = aData->iPresharedKey;
+ iCA = aData->iCA;
+ iOwnCert = aData->iOwnCert;
+ iPrivKey = aData->iPrivKey;
+ iPeerCert = aData->iPeerCert;
+
+ if ( aData->iCAList )
+ {
+ TInt count( aData->iCAList->Count() );
+ iCAList = new (ELeave) CArrayFixFlat<TCertInfo*>(count);
+
+ for ( TInt x(0); x < count; x++ )
+ {
+ TCertInfo* ca_copy = new (ELeave) TCertInfo;
+ CleanupStack::PushL(ca_copy);
+ *ca_copy = *(aData->iCAList->At(x));
+ iCAList->AppendL(ca_copy);
+ CleanupStack::Pop(ca_copy);
+ }
+ }
+ }
+
+void CIkeData::Empty()
+ {
+ TProposalData* prop = iPropList;
+ TProposalData* next_prop;
+ while (prop)
+ {
+ next_prop = prop->iNext;
+ delete prop;
+ prop = next_prop;
+ }
+ if ( iCAList )
+ {
+ for (TInt i(0); i<iCAList->Count(); ++i)
+ {
+ delete iCAList->At(i);
+ iCAList->At(i) = NULL;
+ }
+ iCAList->Reset();
+ delete iCAList;
+ iCAList = NULL;
+ }
+ }
+
+
+//
+// CIkeDataArray
+//
+CIkeDataArray::CIkeDataArray(TInt aGranularity)
+ :CArrayFixFlat<CIkeData*>(aGranularity)
+ {
+ }
+
+EXPORT_C CIkeDataArray* CIkeDataArray::NewL(TInt aGranularity)
+ {
+ ASSERT(aGranularity);
+ return new (ELeave) CIkeDataArray(aGranularity);
+ }
+
+CIkeDataArray::CIkeDataArray(CIkeDataArray* aData)
+ :CArrayFixFlat<CIkeData*>(aData ? aData->Count() : 0)
+ {
+ }
+
+EXPORT_C CIkeDataArray* CIkeDataArray::NewL(CIkeDataArray* aData)
+ {
+ User::LeaveIfNull(aData);
+ ASSERT(aData->Count());
+ CIkeDataArray* self = new (ELeave) CIkeDataArray(aData);
+ CleanupStack::PushL(self);
+ self->ConstructL(aData);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+EXPORT_C void CIkeDataArray::ConstructL(CIkeDataArray *aData)
+ {
+ CopyL(aData);
+ }
+
+EXPORT_C CIkeDataArray::~CIkeDataArray()
+ {
+ Empty();
+ }
+
+//Constructs this from the data in aData
+EXPORT_C void CIkeDataArray::CopyL(CIkeDataArray* aData)
+ {
+ User::LeaveIfNull(aData);
+ CIkeData* ike_data(NULL);
+ for (TInt i(0); i < aData->Count(); i++)
+ {
+ ike_data = CIkeData::NewL(aData->At(i));
+ AppendL(ike_data);
+ }
+ iMaxLifetimeKB = aData->iMaxLifetimeKB;
+ iMaxLifetimeSec = aData->iMaxLifetimeSec;
+ iMaxRetrans = aData->iMaxRetrans;
+ iMaxTraceFileSize = aData->iMaxTraceFileSize;
+ }
+
+EXPORT_C void CIkeDataArray::Empty()
+ {
+ for (TInt i(0); i < Count(); i++)
+ {
+ delete At(i);
+ }
+ Reset();
+ }
+
+
+
+//
+//TIKEParser -> parses the ike data from a descriptor or writes it to a file
+//
+// Symbian change - start
+#ifdef __VC32__
+#pragma warning(disable : 4097) // typedef-name used as synonym for class-name
+#endif
+// Symbian change - end
+EXPORT_C TIkeParser::TIkeParser() : TLex(), iVersion(0)
+{
+
+}
+
+EXPORT_C TIkeParser::TIkeParser(const TDesC &aStr, TInt aVersion) : TLex(aStr), iVersion(aVersion)
+{
+
+}
+
+//Parses the Main ike file
+EXPORT_C void TIkeParser::MainParseL(CIkeDataArray *aIkeList)
+{
+ TPtrC ikeHostSeparator = IKE_HOST_SEPARATOR;
+ DoMainParseL(aIkeList, ikeHostSeparator);
+}
+
+EXPORT_C void TIkeParser::ParseIKESectionsL(CIkeDataArray *aIkeList)
+{
+ TPtrC ikeSeparator = IKE_SEPARATOR;
+ DoMainParseL(aIkeList, ikeSeparator);
+}
+
+void TIkeParser::DoMainParseL(CIkeDataArray* aIkeList, TPtrC& aSectionName)
+{
+ ASSERT( aIkeList );
+
+ TPtrC token(NULL,0);
+
+ while (!Eos())
+ {
+ token.Set(NextToken());
+ if (token.Compare(aSectionName)==0)
+ {
+ CIkeData* ike_piece = CIkeData::NewL();
+ CleanupStack::PushL(ike_piece);
+ ParseIkePieceL(ike_piece, SEC_PARSER_VERSION, //Always the latest because is generated by the program itself
+ aSectionName);
+ aIkeList->AppendL(ike_piece);
+ CleanupStack::Pop(ike_piece);
+ }
+ else if (token.Compare(IKE_GENERAL_SEPARATOR)==0)
+ {
+ //Always the latest because is generated by the program itself
+ User::LeaveIfError(ParseGeneralData(aIkeList));
+ }
+ }
+}
+
+
+//Only 2 sections of general data (max lifetimes)
+TInt TIkeParser::ParseGeneralData(CIkeDataArray* aIkeList)
+{
+ ASSERT(aIkeList);
+
+ TLex sub_num; //Used for number conversion
+ TInt err = KErrNone;
+ TPtrC token(NULL,0);
+ while (!Eos() && err==KErrNone)
+ {
+ Mark();
+ token.Set(NextToken());
+ if (token.CompareF(_L("ISAKMP_SA_MAX_LIFETIME_SEC:")) == 0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(aIkeList->iMaxLifetimeSec,EDecimal)!=KErrNone)
+ err = KSecParserErrMaxLifetimeSec;
+ }
+ else if (token.CompareF(_L("ISAKMP_SA_MAX_LIFETIME_KB:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(aIkeList->iMaxLifetimeKB,EDecimal)!=KErrNone)
+ err = KSecParserErrMaxLifetimeKB;
+ }
+ else if (token.CompareF(_L("ISAKMP_MAX_RETRANS:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(aIkeList->iMaxRetrans)!=KErrNone)
+ err = KSecParserErrMaxRetrans;
+ }
+ else if (token.CompareF(_L("TRACE_FILE_SIZE:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(aIkeList->iMaxTraceFileSize)!=KErrNone)
+ err = KSecParserErrMaxRetrans;
+ }
+
+ else if (token.Compare(IKE_HOST_SEPARATOR)==0) //END of general section
+ {
+ UnGetToMark(); //Ungets the token
+ return KErrNone;
+ }
+ else if (token.Compare(IKE_GENERAL_SEPARATOR)==0)//END of general section
+ {
+ UnGetToMark(); //Ungets the token
+ return KErrNone;
+ }
+ else if (token.Compare(IKE_SEPARATOR)==0)//END of general section
+ {
+ UnGetToMark(); //Ungets the token
+ return KErrNone;
+ }
+ //others ignored
+ }
+
+ return err;
+}
+
+void TIkeParser::ParseIkePieceL(CIkeData* aIkeData, TInt aVersion, TPtrC& aSectionName)
+{
+ TInt pos = Remainder().Find(aSectionName);
+ if (pos != KErrNotFound)
+ {
+ TPtr ike_ptr((TUint16*)Remainder().Ptr(),pos, pos); //Until the next section
+
+ TIkeParser parser(ike_ptr, aVersion);
+ parser.ParseL(aIkeData);
+ Assign(Remainder().Mid(pos)); //rest of the text to parse
+ }
+ else //No more tags
+ {
+ TIkeParser parser(Remainder(), aVersion);
+ parser.ParseL(aIkeData);
+ Assign(Remainder().Mid(Remainder().Length()));
+ }
+}
+
+EXPORT_C void TIkeParser::ParseL(CIkeData* aConf)
+{
+ ASSERT(aConf);
+
+ TInt err = KErrNone;
+ TInt errCA= KErrNone;
+ TPtrC token(NULL,0);
+ TLex sub_num; //Used for number conversion
+
+ while (!Eos() && err==KErrNone)
+ {
+ //General Data
+ token.Set(NextToken());
+ if (token.CompareF(_L("ADDR:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+
+ err = aConf->iAddr.Input(token);
+ if (err != KErrNone)
+ {
+ err = KSecParserErrPeerAddr;
+ aConf->iFQDNAddr = TStringData::NewL(token);
+ }
+ if (iVersion >= 2) //Incorporated in version 2
+ {
+ token.Set(NextToken());
+ err = aConf->iMask.Input(token);
+ if (err != KErrNone)
+ err = KSecParserErrPeerMask;
+ }
+ }
+ else if (token.CompareF(_L("DNS_SERVER:"))==0)
+ {
+ token.Set(NextToken());
+
+ err = aConf->iDnsServer.Input(token);
+ if (err != KErrNone)
+ {
+ err = KSecParserErrUnknown;
+ }
+ }
+ else if (token.CompareF(_L("MODE:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("Main"))==0)
+ aConf->iMode = IKE_PARSER_MAIN;
+ else if (token.CompareF(_L("Aggressive"))==0)
+ aConf->iMode = IKE_PARSER_AGGRESSIVE;
+ else
+ err = KSecParserErrMode;
+ }
+ else if (token.CompareF(_L("IKE_VERSION:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ sub_num.Val(aConf->iIkeVersion, EDecimal);
+ if ( aConf->iIkeVersion != 2 )
+ aConf->iIkeVersion = 1; // IKE version 1 is currently the default
+ }
+ else if (token.CompareF(_L("SEND_NOTIFICATION:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iNotify = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iNotify = EFalse;
+ else
+ err = KSecParserErrNotify;
+ }
+ else if (token.CompareF(_L("FQDN:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iFQDN.Copy(token);
+ }
+ else if (token.CompareF(_L("ID_TYPE:"))==0) //CompareF ignores case
+ {
+ // Specifies IKE Phase 1 Identity type. Integer value specified in rfc2407
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iIdType, EDecimal)!= KErrNone )
+ aConf->iIdType = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("REMOTE_ID_TYPE:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iRemoteIdType, EDecimal)!= KErrNone )
+ aConf->iRemoteIdType = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("REMOTE_IDENTITY:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iRemoteIdentity = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("ACCEPT_PARTIAL_REMOTE_ID:"))==0) //CompareF ignores case
+ {
+ aConf->iAcceptPartialRemoteId = EFalse;
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iAcceptPartialRemoteId = ETrue;
+ }
+ else if (token.CompareF(_L("SKIP_REMOTE_ID_CHECK:"))==0) //CompareF ignores case
+ {
+ aConf->iSkipRemoteIdCheck = EFalse;
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iSkipRemoteIdCheck = ETrue;
+ }
+ else if (token.CompareF(_L("GROUP_DESCRIPTION_II:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("MODP_768"))==0)
+ aConf->iGroupDesc_II = IKE_PARSER_MODP_768;
+ else if (token.CompareF(_L("MODP_1024"))==0)
+ aConf->iGroupDesc_II = IKE_PARSER_MODP_1024;
+ else if (token.CompareF(_L("MODP_1536"))==0)
+ aConf->iGroupDesc_II = IKE_PARSER_MODP_1536;
+ else if (token.CompareF(_L("MODP_2048"))==0)
+ aConf->iGroupDesc_II = IKE_PARSER_MODP_2048;
+ else
+ {
+ err = KSecParserErrGroupDesc_II;
+ }
+ }
+ else if (token.CompareF(_L("USE_COMMIT:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iCommit = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iCommit = EFalse;
+ else
+ err = KSecParserErrCommit;
+ }
+ else if (token.CompareF(_L("IPSEC_EXPIRE:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iIpsecExpires = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iIpsecExpires = EFalse;
+ else
+ err = KSecParserErrIpsecExpire;
+ }
+ else if (token.CompareF(_L("SEND_CERT:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iAlwaysSendCert = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iAlwaysSendCert = EFalse;
+ else
+ err = KSecParserErrSendCert;
+ }
+ else if (token.CompareF(_L("INITIAL_CONTACT:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iInitialContact = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iInitialContact = EFalse;
+ else
+ err = KSecParserErrInitialContact;
+ }
+ else if (token.CompareF(_L("RESPONDER_LIFETIME:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iResponderLifetime = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iResponderLifetime = EFalse;
+ else
+ err = KSecParserErrResponderLifetime;
+ }
+ else if (token.CompareF(_L("REPLAY_STATUS:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iReplayStatus = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iReplayStatus = EFalse;
+ else
+ err = KSecParserErrReplayStatus;
+ }
+ else if (token.CompareF(_L("CRACK_LAM_TYPE:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+
+ //There is no difference between SECUREID nowadays. So both values are
+ //mapped to IKE_PARSER_CRACK_PASSWORD
+ if (token.CompareF(_L("PASSWORD"))==0 || token.CompareF(_L("SECURID"))==0)
+ aConf->iCRACKLAMType = IKE_PARSER_CRACK_PASSWORD;
+ else
+ {
+ err = KSecParserErrCRACKLAMType;
+ }
+ }
+ else if (token.CompareF(_L("CRACK_LAM_USERNAME:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iCRACKLAMUserName = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("CRACK_LAM_PASSWORD:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iCRACKLAMPassword = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("OWN_CERT_TYPE:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iClientCertType = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("USE_INTERNAL_ADDR:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iUseInternalAddr = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iUseInternalAddr = EFalse;
+ else
+ err = KSecParserErrUseIntAddr;
+ }
+ else if (token.CompareF(_L("USE_NAT_PROBE:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iUseNatProbing = ETrue;
+ else if (token.CompareF(_L("False"))==0)
+ aConf->iUseNatProbing = EFalse;
+ else
+ err = KSecParserErrUseNATProbe;
+ }
+ else if (token.CompareF(_L("ESP_UDP_PORT:"))==0) //CompareF ignores case
+ {
+ // Specifies port value for IPSEC ESP encapsulation
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iEspUdpPort) != KErrNone )
+ aConf->iEspUdpPort = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("NAT_KEEPALIVE:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iNatKeepAlive) != KErrNone )
+ aConf->iNatKeepAlive = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("DSCP_VALUE:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iDscp, EDecimal) != KErrNone )
+ aConf->iDscp = 0; // In error situation, set id value to reserved (= Not defined)
+ aConf->iDscp <<= 2;
+ }
+ else if (token.CompareF(_L("DPD_HEARTBEAT:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iDPDHeartBeat) != KErrNone )
+ aConf->iDPDHeartBeat = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("REKEYING_THRESHOLD:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iRekeyingThreshold) != KErrNone )
+ aConf->iRekeyingThreshold = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("USE_XAUTH:"))==0) //CompareF ignores case
+ {
+ aConf->iUseXauth = EFalse;
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iUseXauth = ETrue;
+ }
+ else if (token.CompareF(_L("USE_MODE_CFG:"))==0) //CompareF ignores case
+ {
+ aConf->iUseCfgMode = EFalse;
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iUseCfgMode = ETrue;
+ }
+ else if (token.CompareF(_L("USE_MOBIKE:"))==0) //CompareF ignores case
+ {
+ aConf->iUseMobIke = EFalse;
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iUseMobIke = ETrue;
+ }
+ else if (token.CompareF(_L("EAP_PROTOCOL:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if ( sub_num.Val(aConf->iEAPProtocol, EDecimal)!= KErrNone )
+ aConf->iEAPProtocol = 0; // In error situation, set id value to reserved (= Not defined)
+ }
+ else if (token.CompareF(_L("EAP_REALM_PREFIX:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iEAPRealmPrefix = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("EAP_MANUAL_REALM:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iEAPManualRealm = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("EAP_MANUAL_USERNAME:"))==0) //CompareF ignores case
+ {
+ token.Set(GetRestOfLine());
+ aConf->iEAPManualUserName = TStringData::NewL(token);
+ }
+ else if (token.CompareF(_L("EAP_HIDE_IDENTITY:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("True"))==0)
+ aConf->iEAPHideIdentity = ETrue;
+ else aConf->iEAPHideIdentity = EFalse;
+ }
+
+ else if (token.CompareF(_L("PROPOSALS:"))==0) //CompareF ignores case
+ err = ParseProposals(aConf);
+ //Preshared Keys List
+ else if (token.CompareF(_L("PRESHARED_KEYS:"))==0) //CompareF ignores case
+ err = ParsePresharedKeys(aConf);
+ //CAs Data
+ else if (token.CompareF(_L("CAs:"))==0) //CompareF ignores case
+ {
+ err = ParseCAs(aConf);
+ if (!err)
+ aConf->iCAFound=ETrue;
+ } //Own Certs List
+ else if (token.CompareF(_L("OWN_CERTS:"))==0) //CompareF ignores case
+ err = ParseOwnCerts(aConf);
+ //PeerCerts List
+ else if (token.CompareF(_L("PEER_CERTS:"))==0) //CompareF ignores case
+ err = ParsePeerCerts(aConf);
+ }
+ if ( err == KErrNone )
+ errCA=CheckPolicy(aConf);
+ if (errCA)
+ err=errCA;
+ User::LeaveIfError(err);
+}
+
+TInt TIkeParser::CheckPolicy(CIkeData* aConf)
+{
+ TInt errno=KErrNone;
+ if (aConf->iCARequired && !aConf->iCAFound)
+ errno=KSecParserErrCA;
+ return errno;
+}
+
+EXPORT_C TInt TIkeParser::BufferAppend(HBufC8*& aPolBfr, const TDesC8& aText)
+{
+ TInt err = KErrNone;
+ // Make sure that we have enough space for the new text
+
+ TInt spaceLeft = aPolBfr->Des().MaxLength() - aPolBfr->Des().Length();
+ if (aText.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = aPolBfr->Des().MaxLength()
+ + aText.Length() + KIkePolicyBufferSizeIncrement;
+ HBufC8* tempBfr = aPolBfr->ReAlloc(newMaxLength);
+ if (tempBfr)
+ {
+ aPolBfr = tempBfr;
+ }
+ else
+ {
+ return KErrNoMemory;
+ }
+ }
+ aPolBfr->Des().Append(aText);
+ return err;
+}
+
+
+//Writes one Host Info.
+EXPORT_C TInt TIkeParser::MainWrite(CIkeData *aConf, HBufC8*& aPolBfr)
+{
+
+ TBuf8<IKE_HOST_SEPARATOR_LEN> buf;
+ buf.Copy(IKE_HOST_SEPARATOR);
+ TInt err = BufferAppend(aPolBfr, buf);
+
+ if (err != KErrNone)
+ return err;
+ err = BufferAppend(aPolBfr, (_L8("\n")));
+ if (err != KErrNone)
+ return err;
+ return Write(aConf, aPolBfr);
+}
+
+//Writes some IKE General Data. ("Old Version" no trace file size)
+EXPORT_C TInt TIkeParser::GeneralInfoWrite(TUint32 aMaxLifetimeSec,
+ TUint32 aMaxLifetimeKB, TInt aMaxRetrans, HBufC8*& aPolBfr)
+{
+ return GeneralInfoWrite(aMaxLifetimeSec, aMaxLifetimeKB,
+ aMaxRetrans, 0, aPolBfr);
+}
+
+//Writes some IKE General Data. ("New Version")
+EXPORT_C TInt TIkeParser::GeneralInfoWrite(TUint32 aMaxLifetimeSec,
+ TUint32 aMaxLifetimeKB, TInt aMaxRetrans,
+ TInt aMaxTraceFileSize, HBufC8*& aPolBfr)
+{
+ TBuf8<40> line;
+
+ TBuf8<IKE_GENERAL_SEPARATOR_LEN> buf;
+ buf.Copy(IKE_GENERAL_SEPARATOR);
+ TInt err = BufferAppend(aPolBfr, buf);
+
+ if (err != KErrNone)
+ return err;
+ err = BufferAppend(aPolBfr, (_L8("\n")));
+ if (err != KErrNone)
+ return err;
+
+ line.Format(_L8("ISAKMP_SA_MAX_LIFETIME_SEC: %u\n"),aMaxLifetimeSec);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Format(_L8("ISAKMP_SA_MAX_LIFETIME_KB: %u\n"),aMaxLifetimeKB);
+ err = BufferAppend(aPolBfr, line);
+
+ line.Format(_L8("ISAKMP_MAX_RETRANS: %u\n"),aMaxRetrans);
+ err = BufferAppend(aPolBfr, line);
+
+ line.Format(_L8("TRACE_FILE_SIZE: %u\n"), aMaxTraceFileSize);
+ err = BufferAppend(aPolBfr, line);
+
+ return err;
+
+}
+
+
+EXPORT_C TInt TIkeParser::Write(CIkeData* aConf, HBufC8*& aPolBfr)
+{
+ ASSERT(aConf);
+
+ TBuf8<1024> line;
+ TInt err = KErrNone;
+ TBuf<39> addr_buf;
+ TBuf<39> mask_buf;
+
+ TBuf8<39> addr8;
+ TBuf8<39> mask8;
+
+ line.Append(_L8("ADDR: "));
+ if (!aConf->iAddr.IsUnspecified())
+ aConf->iAddr.OutputWithScope(addr_buf);
+ else
+ addr_buf.Copy(_L("0.0.0.0"));
+ if (!aConf->iMask.IsUnspecified())
+ aConf->iMask.OutputWithScope(mask_buf);
+ else //only happens with version 1 (no mask)
+ mask_buf.Copy(_L("255.255.255.255"));
+
+ addr8.Copy(addr_buf);
+ line.Append(addr8);
+ line.Append(_L(" "));
+ mask8.Copy(mask_buf);
+ line.Append(mask8);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+
+
+ if (!aConf->iDnsServer.IsUnspecified())
+ {
+ aConf->iDnsServer.OutputWithScope(addr_buf);
+ line = _L8("DNS_SERVER: ");
+ addr8.Copy(addr_buf);
+ line.Append(addr8);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+
+ }
+
+
+
+
+ if ( (aConf->iMode == IKE_PARSER_MAIN) || (aConf->iMode == IKE_PARSER_AGGRESSIVE) )
+ {
+ line.Copy(_L8("MODE: "));
+ line.Append(TextMode(aConf->iMode));
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ if ( aConf->iIkeVersion != 0 )
+ {
+ line.Format(_L8("IKE_VERSION: %d\n"), aConf->iIkeVersion);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ line.Copy(_L8("SEND_NOTIFICATION: "));
+ if (aConf->iNotify)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ if (aConf->iFQDN.Length() > 0)
+ {
+ line.Copy(_L8("FQDN: "));
+ line.Append(aConf->iFQDN);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if (aConf->iIdType != 0)
+ {
+ line.Format(_L8("ID_TYPE: %d\n"), aConf->iIdType);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ if ( aConf->iRemoteIdentity )
+ {
+ line.Copy(_L8("REMOTE_IDENTITY: "));
+ line.Append(aConf->iRemoteIdentity->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if (aConf->iRemoteIdType != 0)
+ {
+ line.Format(_L8("REMOTE_ID_TYPE: %d\n"), aConf->iRemoteIdType);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ line.Copy(_L8("ACCEPT_PARTIAL_REMOTE_ID: "));
+ if (aConf->iAcceptPartialRemoteId)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("SKIP_REMOTE_ID_CHECK: "));
+ if (aConf->iSkipRemoteIdCheck)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ if (aConf->iGroupDesc_II != 0)
+ {
+ line.Copy(_L8("GROUP_DESCRIPTION_II: "));
+ line.Append(TextGroupDesc(aConf->iGroupDesc_II));
+ line.Append(_L("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ line.Copy(_L8("USE_COMMIT: "));
+ if (aConf->iCommit)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("IPSEC_EXPIRE: "));
+ if (aConf->iIpsecExpires)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("SEND_CERT: "));
+ if (aConf->iAlwaysSendCert)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("INITIAL_CONTACT: "));
+ if (aConf->iInitialContact)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("RESPONDER_LIFETIME: "));
+ if (aConf->iResponderLifetime)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("REPLAY_STATUS: "));
+ if (aConf->iReplayStatus)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ if ( aConf->iCRACKLAMType == IKE_PARSER_CRACK_PASSWORD )
+ {
+ line.Copy(_L8("CRACK_LAM_TYPE: "));
+ line.Append(TextLAMType(aConf->iCRACKLAMType));
+ line.Append(_L("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ //IKE Private (Nokia VPN specific) extensions
+ line.Copy(_L8("USE_INTERNAL_ADDR: "));
+ if (aConf->iUseInternalAddr)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("USE_NAT_PROBE: "));
+ if (aConf->iUseNatProbing)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ if (aConf->iEspUdpPort != 0)
+ {
+ line.Format(_L8("ESP_UDP_PORT: %d\n"), aConf->iEspUdpPort);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ line.Format(_L8("NAT_KEEPALIVE: %d\n"), aConf->iNatKeepAlive);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Format(_L8("DSCP_VALUE: %d\n"), aConf->iDscp >> 2);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Format(_L8("DPD_HEARTBEAT: %d\n"), aConf->iDPDHeartBeat);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Format(_L8("REKEYING_THRESHOLD: %d\n"), aConf->iRekeyingThreshold);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("USE_XAUTH: "));
+ if (aConf->iUseXauth)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("USE_MODE_CFG: "));
+ if (aConf->iUseCfgMode)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ line.Copy(_L8("USE_MOBIKE: "));
+ if (aConf->iUseMobIke)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ if ( aConf->iCRACKLAMUserName )
+ {
+ line.Copy(_L8("CRACK_LAM_USERNAME: "));
+ line.Append(aConf->iCRACKLAMUserName->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if ( aConf->iCRACKLAMPassword )
+ {
+ line.Copy(_L8("CRACK_LAM_PASSWORD: "));
+ line.Append(aConf->iCRACKLAMPassword->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if ( aConf->iClientCertType )
+ {
+ line.Copy(_L8("OWN_CERT_TYPE: "));
+ line.Append(aConf->iClientCertType->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ if ( aConf->iEAPProtocol != 0 )
+ {
+ line.Format(_L8("EAP_PROTOCOL: %d\n"), aConf->iEAPProtocol);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ line.Copy(_L8("EAP_HIDE_IDENTITY: "));
+ if (aConf->iEAPHideIdentity)
+ line.Append(_L("TRUE\n"));
+ else
+ line.Append(_L("FALSE\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if ( aConf->iEAPRealmPrefix )
+ {
+ line.Copy(_L8("EAP_REALM_PREFIX: "));
+ line.Append(aConf->iEAPRealmPrefix->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if ( aConf->iEAPManualRealm )
+ {
+ line.Copy(_L8("EAP_MANUAL_REALM: "));
+ line.Append(aConf->iEAPManualRealm->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ if ( aConf->iEAPManualUserName )
+ {
+ line.Copy(_L8("EAP_MANUAL_USERNAME: "));
+ line.Append(aConf->iEAPManualUserName->GetData());
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ //Proposals
+ line.Format(_L8("PROPOSALS: %d\n"), aConf->iNumProp);
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ TProposalData* prop = aConf->iPropList;
+ for (TInt i=0; i<aConf->iNumProp; i++)
+ {
+ line.Copy(_L8("ENC_ALG: "));
+ line.Append(TextEncrAlg(prop->iEncrAlg, prop->iEncrKeyLth));
+ line.Append(_L8("\nAUTH_METHOD: "));
+ line.Append(TextAuthMethod(prop->iAuthMeth));
+ line.Append(_L8("\nHASH_ALG: "));
+ line.Append(TextHashAlg(prop->iHashAlg));
+ line.Append(_L8("\nGROUP_DESCRIPTION: "));
+ line.Append(TextGroupDesc(prop->iGroupDesc));
+ line.Append(_L8("\nGROUP_TYPE: "));
+ line.Append(TextGroupType(prop->iGroupType));
+ line.AppendFormat(_L8("\nLIFETIME_KBYTES: %d"),prop->iLifetimeKb);
+ line.AppendFormat(_L8("\nLIFETIME_SECONDS: %d"),prop->iLifetimeSec);
+ line.Append(_L8("\nPRF: "));
+ line.Append(TextPRF(prop->iPRF));
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ prop = prop->iNext;
+ }
+
+ if (aConf->iPresharedKey.iKey.Length() > 0)
+ {
+ line.Copy(_L8("PRESHARED_KEYS:\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ line.Copy(_L("FORMAT: "));
+ line.Append(TextFormat(aConf->iPresharedKey.iFormat));
+ line.AppendFormat(_L8("\nKEY: %d "),aConf->iPresharedKey.iKey.Length());
+ line.Append(aConf->iPresharedKey.iKey);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ //
+ //CAS
+ //Support for multiple CAs
+ //
+ if ( aConf->iCAList )
+ {
+ TInt ca_count = aConf->iCAList->Count();
+ line.Copy(_L("CAs: "));
+ line.AppendNum(ca_count);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+
+ for (TInt i=0; i < ca_count; i++)
+ {
+ line.Copy(_L(" FORMAT: "));
+ line.Append(CertFormat(aConf->iCAList->At(i)->iFormat));
+ line.Append(_L("\n DATA: "));
+ line.Append(aConf->iCAList->At(i)->iData);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+ }
+
+ //Own Certs
+ if (aConf->iOwnCert.iOwnCertExists)
+ {
+ line.Copy(_L8("OWN_CERTS:\n"));
+ if (aConf->iOwnCert.iData.Length() > 0)
+ {
+ line.Append(_L8(" FORMAT: "));
+ line.Append(CertFormat(aConf->iOwnCert.iFormat));
+ line.Append(_L8("\n DATA: "));
+ line.Append(aConf->iOwnCert.iData);
+ line.Append(_L8("\n PRIVATE_KEY_FORMAT: "));
+ line.Append(CertFormat(aConf->iPrivKey.iFormat));
+ line.Append(_L8("\n PRIVATE_KEY_DATA: "));
+ line.Append(aConf->iPrivKey.iData);
+ line.Append(_L8("\n"));
+ line.AppendFormat(_L8("\n PRIVATE_KEY_LENGTH: %d"), aConf->iOwnCert.iPrivateKeyLength);
+ }
+
+ // Always included
+ line.Append(_L8("\n SUBJECT_DN_SUFFIX: "));
+ line.Append(aConf->iOwnCert.iSubjectDnSuffix);
+ TInt identityType;
+ if (aConf->iOwnCert.iIdentityAsRfc822Name == EIdentityAsRfc822NameUndefined)
+ {
+ identityType = 2;
+ }
+ else if (aConf->iOwnCert.iIdentityAsRfc822Name == EIdentityAsRfc822NameNo)
+ {
+ identityType = 0;
+ }
+ else
+ {
+ identityType = 1;
+ }
+ line.AppendFormat(_L8("\n IDENTITY_AS_RFC822NAME: %d"), identityType);
+
+ line.Append(_L8("\n RFC822NAME_FQDN: "));
+ line.Append(aConf->iOwnCert.iRfc822NameFqdn);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ //Peer Certs
+ if (aConf->iPeerCert.iData.Length() > 0)
+ {
+ line.Format(_L8("PEER_CERTS:"));
+ line.Append(_L8(" FORMAT: "));
+ line.Append(CertFormat(aConf->iPeerCert.iFormat));
+ line.Append(_L8("\n DATA: "));
+ line.Append(aConf->iPeerCert.iData);
+ line.Append(_L8("\n"));
+ err = BufferAppend(aPolBfr, line);
+ if (err != KErrNone)
+ return err;
+ }
+
+ return KErrNone;
+}
+
+TInt TIkeParser::ParseProposals(CIkeData* aConf)
+{
+ ASSERT(aConf);
+
+ TLex sub_num = NextToken(); //Used for number conversion
+ if (sub_num.Val(aConf->iNumProp) != KErrNone)
+ return KSecParserErrProposal;
+
+ if (aConf->iNumProp == 0)
+ {
+ aConf->iPropList = NULL;
+ return KErrNone;
+ }
+
+ TPtrC token(NULL,0);
+ TProposalData* prev_prop = NULL;
+ TInt err = KErrNone;
+ TInt authMethodFound=0;
+ //At least one proposal!
+ for (TInt i=0; i<aConf->iNumProp; i++) //All the proposals
+ {
+ TProposalData* prop = NULL;
+ prop = new TProposalData;
+ if (!prop)
+ return KErrNoMemory;
+
+ prop->iNext = NULL;
+ if (i==0) //First proposal
+ aConf->iPropList = prop;
+ else
+ prev_prop->iNext = prop;
+
+ prop->iPrev = prev_prop;
+ authMethodFound=0;
+ token.Set(NextToken());
+
+ if (token.CompareF(_L("ENC_ALG:"))==0) //CompareF ignores case
+ {
+ prop->iEncrKeyLth = 0; // = Use Default key length
+ token.Set(NextToken());
+ if (token.CompareF(_L("DES-CBC"))==0)
+ prop->iEncrAlg = IKE_PARSER_DES_CBC;
+ else if (token.CompareF(_L("3DES-CBC"))==0)
+ prop->iEncrAlg = IKE_PARSER_DES3_CBC;
+ else if (token.CompareF(_L("AES128-CBC"))==0)
+ {
+ prop->iEncrKeyLth = 128;
+ prop->iEncrAlg = IKE_PARSER_AES_CBC;
+ }
+ else if (token.CompareF(_L("AES192-CBC"))==0)
+ {
+ prop->iEncrKeyLth = 192;
+ prop->iEncrAlg = IKE_PARSER_AES_CBC;
+ }
+ else if (token.CompareF(_L("AES256-CBC"))==0)
+ {
+ prop->iEncrKeyLth = 256;
+ prop->iEncrAlg = IKE_PARSER_AES_CBC;
+ }
+ else
+ {
+ err = KSecParserErrEncrAlg;
+ break;
+ }
+ }
+ else
+ {
+ err = KSecParserErrEncrAlg;
+ break;
+ }
+
+ token.Set(NextToken());
+ if (token.CompareF(_L("AUTH_METHOD:"))==0) //CompareF ignores case
+ {
+ authMethodFound=1;
+ token.Set(NextToken());
+ if (token.CompareF(_L("RSA_SIGNATURES"))==0)
+ {
+ prop->iAuthMeth = IKE_PARSER_RSA_SIG;
+ aConf->iCARequired=ETrue;
+ }
+ else if (token.CompareF(_L("DSS_SIGNATURES"))==0)
+ {
+ prop->iAuthMeth = IKE_PARSER_DSS_SIG;
+ aConf->iCARequired=ETrue;
+ }
+ else if (token.CompareF(_L("RSA_ENCRYPT"))==0)
+ {
+ prop->iAuthMeth = IKE_PARSER_RSA_ENCR;
+ aConf->iCARequired=ETrue;
+ }
+ else if (token.CompareF(_L("RSA_REV_ENCRYPT"))==0)
+ {
+ prop->iAuthMeth = IKE_PARSER_RSA_REV_ENCR;
+ aConf->iCARequired=ETrue;
+ }
+ else if (token.CompareF(_L("PRE-SHARED"))==0)
+ prop->iAuthMeth = IKE_PARSER_PRE_SHARED;
+ else if (token.CompareF(_L("IKE-CRACK"))==0)
+ {
+ prop->iAuthMeth = IKE_PARSER_CRACK;
+ aConf->iCARequired=ETrue;
+ }
+ else
+ {
+ err = KSecParserErrAuthMethod;
+ break;
+ //ErrorL(R_PARSE_ERROR_AUTH_METHOD);
+ }
+ }
+ else
+ {
+ if (aConf->iEAPProtocol<1)
+ {
+ err = KSecParserErrAuthMethod;
+ break;
+ }
+ }
+ if (aConf->iEAPProtocol>0)
+ prop->iAuthMeth=IKE_PARSER_PRE_SHARED;
+ if (authMethodFound==1)
+ token.Set(NextToken());
+ if (token.CompareF(_L("HASH_ALG:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("MD5"))==0)
+ prop->iHashAlg = IKE_PARSER_MD5;
+ else if (token.CompareF(_L("SHA1"))==0)
+ prop->iHashAlg = IKE_PARSER_SHA1;
+ else
+ {
+ err = KSecParserErrHashAlg;
+ break;
+ }
+ }
+ else
+ {
+ err = KSecParserErrHashAlg;
+ break;
+ }
+ token.Set(NextToken());
+ if (token.CompareF(_L("GROUP_DESCRIPTION:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("MODP_768"))==0)
+ prop->iGroupDesc = IKE_PARSER_MODP_768;
+ else if (token.CompareF(_L("MODP_1024"))==0)
+ prop->iGroupDesc = IKE_PARSER_MODP_1024;
+ else if (token.CompareF(_L("MODP_1536"))==0)
+ prop->iGroupDesc = IKE_PARSER_MODP_1536;
+ else if (token.CompareF(_L("MODP_2048"))==0)
+ prop->iGroupDesc = IKE_PARSER_MODP_2048;
+ else
+ {
+ err = KSecParserErrGroupDesc;
+ break;
+ }
+ }
+ else
+ {
+ err = KSecParserErrGroupDesc;
+ break;
+ }
+
+ token.Set(NextToken());
+ if (token.CompareF(_L("GROUP_TYPE:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("MODP"))==0)
+ prop->iGroupType = IKE_PARSER_MODP;
+ else if(token.CompareF(_L("DEFAULT"))==0)
+ prop->iGroupType = IKE_PARSER_DEFAULT;
+ else
+ {
+ err = KSecParserErrGroupType;
+ break;
+ }
+ }
+ else
+ {
+ err = KSecParserErrGroupType;
+ break;
+ }
+
+ token.Set(NextToken());
+ if (token.CompareF(_L("LIFETIME_KBYTES:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(prop->iLifetimeKb,EDecimal)!=KErrNone)
+ {
+ err = KSecParserErrLifeBytes;
+ break;
+ }
+ token.Set(NextToken());
+ }
+ else
+ {
+ prop->iLifetimeKb=0;
+ }
+ if (token.CompareF(_L("LIFETIME_SECONDS:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(prop->iLifetimeSec,EDecimal)!=KErrNone)
+ {
+ err = KSecParserErrLifeSecs;
+ break;
+ }
+ }
+ else
+ {
+ err = KSecParserErrLifeSecs;
+ break;
+ }
+
+ Mark();
+
+ token.Set(NextToken());
+
+ // PRF is an optional parameter, so if it doesn't exist, just use
+ // the default value and unget to mark (so that the rest of the parsing
+ // won't fail).
+ if (token.CompareF(_L("PRF:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("3DES-CBC-MAC"))==0)
+ prop->iPRF = IKE_PARSER_DES3_CBC_MAC;
+ else if (token.CompareF(_L("NONE"))==0)
+ prop->iPRF = IKE_PARSER_NONE;
+ else
+ {
+ err = KSecParserErrPRF;
+ break;
+ }
+ }
+ else
+ {
+ prop->iPRF = IKE_PARSER_NONE;
+ UnGetToMark();
+ }
+
+ prev_prop = prop; //Save as previous proposal
+ } //Proposals loop
+
+ return err;
+}
+
+
+TInt TIkeParser::ParsePresharedKeys(CIkeData* aConf)
+{
+ ASSERT(aConf);
+
+ TPtrC token(NULL, 0);
+ TLex sub_num; //Used for number conversion
+ TInt j = 0;
+ TInt num=0;
+
+ TPresharedKeyData *key = &aConf->iPresharedKey;
+ token.Set(NextToken());
+
+ if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("HEX_FORMAT"))==0)
+ key->iFormat = HEX_KEY;
+ else if (token.CompareF(_L("STRING_FORMAT"))==0)
+ key->iFormat = STRING_KEY;
+ else
+ return KSecParserErrPreFormat;
+ }
+ else
+ return KSecParserErrPreKey;
+
+ token.Set(NextToken());
+ if (token.CompareF(_L("KEY:"))==0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(num)!=KErrNone)
+ return KSecParserErrPreKey;
+
+ if (num > KMaxPresharedKeyLength)
+ {
+ //Key is too long for our buffer.
+ return KSecParserErrPreKey;
+ }
+
+ if (key->iFormat == HEX_KEY && (num % 2) != 0)
+ {
+ //HEX encoded keys must contains even number of characters.
+ //(Because each byte is expressed by two characters.)
+ return KSecParserErrPreKey;
+ }
+ }
+ else
+ return KSecParserErrPreKey;
+
+ SkipSpaceAndMark();
+
+ if (key->iFormat == STRING_KEY)
+ {
+ for (j = 0; j < num && (!Eos()) ; j++) //Parse the key char to char because it contains blanks
+ key->iKey.Append(Get());
+ }
+ else if (key->iFormat == HEX_KEY)
+ {
+ //Make sure that key contains a valid hex decim number.
+ for (j = 0; j < num && (!Eos()) ; j++)
+ {
+ TChar c = Get();
+ if (c >= TChar('0') && c <= TChar('9') ||
+ c >= TChar('a') && c <= TChar('f') ||
+ c >= TChar('A') && c <= TChar('F'))
+ {
+ key->iKey.Append(c);
+ }
+ else
+ {
+ return KSecParserErrPreKey;
+ }
+
+ }
+ }
+
+ if (j<num)
+ return KSecParserErrPreKey;
+
+ return KErrNone;
+}
+
+
+TInt TIkeParser::ParseCAItem(CIkeData* /*aConf*/, TCertInfo* aCA, TPtrC& aToken)
+{
+ ASSERT(aCA);
+
+ if (aToken.CompareF(_L("FORMAT:")) == 0 ) //CompareF ignores case
+ {
+ aToken.Set(NextToken());
+ if (aToken.CompareF(_L("PEM"))==0)
+ aCA->iFormat = PEM_CERT;
+ else if (aToken.CompareF(_L("BIN"))==0)
+ aCA->iFormat = BIN_CERT;
+ else if (aToken.CompareF(_L("NAME"))==0)
+ aCA->iFormat = CA_NAME;
+ else if (aToken.CompareF(_L("KEYID"))==0)
+ aCA->iFormat = KEY_ID;
+ else if (aToken.CompareF(_L("APPLUID"))==0)
+ aCA->iFormat = APPL_UID;
+ else
+ return KSecParserErrCA;
+ }
+ else
+ {
+ return KSecParserErrCA;
+ }
+
+ aToken.Set(NextToken());
+ if ( aToken.CompareF(_L("DATA:")) == 0) //CompareF ignores case
+ {
+ switch(aCA->iFormat)
+ {
+ case CA_NAME: //falls through
+ case APPL_UID:
+ {
+ aCA->iData = GetRestOfLine(); //ASCII format CA name or Appl uid list
+ // Check if data contains empty attributes
+ if( KErrNotFound != aCA->iData.FindF(_L("=,")) || KErrNotFound != aCA->iData.FindF(_L("=\"\"")))
+ {
+ return KSecParserErrCA;
+ }
+ }
+ break;
+ case BIN_CERT:
+ return ParseFileName(aCA->iData);
+ //No break needed
+ default:
+ aCA->iData = NextToken(); //PEM cert or Key identifier
+ break;
+ }
+
+ return KErrNone;
+ }
+ else
+ {
+ return KSecParserErrCA;
+ }
+}
+
+void TIkeParser::ParseCAListL(CIkeData* aConf, TInt aCACount, TPtrC& aToken)
+{
+ ASSERT(aConf);
+
+ aConf->iCAList = new (ELeave) CArrayFixFlat<TCertInfo*>(aCACount);
+
+ while ( aCACount )
+ {
+ TCertInfo* ca_name = new (ELeave) TCertInfo;
+ CleanupStack::PushL(ca_name);
+ User::LeaveIfError(ParseCAItem(aConf, ca_name, aToken));
+ aConf->iCAList->AppendL(ca_name);
+ CleanupStack::Pop(ca_name);
+
+ aCACount--;
+ if ( aCACount )
+ aToken.Set(NextToken()); // Enter to next "FORMAT" tag
+ }
+}
+
+/**---------------------------------------------------------------
+ *
+ * Parse CAs section in host (=IKE) configuration.
+ * There is two possibilities:
+ * CAs:
+ * FORMAT: BIN
+ * DATA: jps-SecurID-1_0-ca.cer
+ * This supports only one CA (This format may be removed later)
+ * CAs: 2
+ * FORMAT: BIN
+ * DATA: jps-SecurID-1_0-ca.cer
+ * FORMAT: BIN
+ * DATA: jps-SecurID-1_1-ca.cer
+ * This supports several CA:s. Exact CA count is in line CAs: x
+ *
+ *----------------------------------------------------------------*/
+TInt TIkeParser::ParseCAs(CIkeData* aConf)
+{
+ TInt ca_count = 0;
+ TPtrC token(NULL, 0);
+ token.Set(NextToken());
+
+ if ( token.CompareF(_L("FORMAT:")) == 0 ) //CompareF ignores case
+ {
+ ca_count = 1;
+ }
+ else
+ {
+ TLex sub_num = token;
+ if ( (sub_num.Val(ca_count) != KErrNone) || (ca_count == 0) )
+ {
+ return KSecParserErrCA;
+ }
+ token.Set(NextToken()); // Enter to the first "FORMAT" tag
+ }
+
+ TInt err = KErrNone;
+ TRAP(err, ParseCAListL(aConf, ca_count, token);)
+ return err;
+}
+
+TInt TIkeParser::ParseOwnCerts(CIkeData* aConf)
+{
+ ASSERT(aConf);
+
+ TPtrC token(NULL,0);
+
+ TInt nMandatoryFields=0;
+ TInt err=KErrNone;
+ TBool endOfSection=EFalse;
+ TOwnCertInfo *own_cert = &aConf->iOwnCert;
+ own_cert->iOwnCertExists = 0;
+ TCertInfo *priv_key = &aConf->iPrivKey;
+
+ while (!endOfSection && err==KErrNone)
+ {
+ Mark();
+ token.Set(NextToken());
+
+ if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ token.Set(NextToken());
+ if (token.CompareF(_L("BIN"))==0)
+ own_cert->iFormat = BIN_CERT;
+ else if (token.CompareF(_L("NAME"))==0)
+ own_cert->iFormat = CA_NAME;
+ else
+ err=KSecParserErrOwnCerts;
+ }
+
+ else if (token.CompareF(_L("DATA:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ err = ParseFileName(own_cert->iData);
+ }
+
+ //Private key part
+ else if (token.CompareF(_L("PRIVATE_KEY_FORMAT:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ token.Set(NextToken());
+ if (token.CompareF(_L("PEM"))==0)
+ priv_key->iFormat = PEM_CERT;
+ else if (token.CompareF(_L("BIN"))==0)
+ priv_key->iFormat = BIN_CERT;
+ else
+ err=KSecParserErrOwnCerts;
+ }
+
+ else if (token.CompareF(_L("PRIVATE_KEY_DATA:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ err = ParseFileName(priv_key->iData);
+ }
+ // new stuff // error codes?
+ else if (token.CompareF(_L("SUBJECT_DN_SUFFIX:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ own_cert->iSubjectDnSuffix = GetRestOfLine();
+ // Check if data contains empty attributes
+ if( KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=,")) ||
+ KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=\"\"")))
+ {
+ return KSecParserErrOwnCerts;
+ }
+ }
+
+ else if (token.CompareF(_L("IDENTITY_AS_RFC822NAME:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ token.Set(NextToken());
+ if (token.CompareF(_L("1"))==0)
+ own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameYes;
+ else if (token.CompareF(_L("0"))==0)
+ own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameNo;
+ else
+ own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameUndefined;
+ }
+ else if (token.CompareF(_L("RFC822NAME_FQDN:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ own_cert->iRfc822NameFqdn = NextToken();
+ }
+
+ else if (token.CompareF(_L("PRIVATE_KEY_LENGTH:"))==0) //CompareF ignores case
+ {
+ nMandatoryFields++;
+ TLex sub_num = NextToken();
+ if (sub_num.Val(own_cert->iPrivateKeyLength)!=KErrNone)
+ err= KSecParserErrOwnCerts;
+ }
+ else
+ {
+ UnGetToMark(); // current token didn't belong to this section
+ endOfSection=ETrue;
+ }
+ }
+ if (nMandatoryFields<1) // Some mandatory fields are missing
+ {
+ err= KSecParserErrOwnCerts;
+ }
+ else
+ {
+ own_cert->iOwnCertExists = 1; // Write Own Certs
+ }
+ return err;
+}
+
+
+TInt TIkeParser::ParsePeerCerts(CIkeData* aConf)
+{
+ ASSERT(aConf);
+
+ TPtrC token(NULL, 0);
+
+ TCertInfo *peer_cert = &aConf->iPeerCert;
+ token.Set(NextToken());
+ if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case
+ {
+ token.Set(NextToken());
+ if (token.CompareF(_L("PEM"))==0)
+ peer_cert->iFormat = PEM_CERT;
+ else if (token.CompareF(_L("BIN"))==0)
+ peer_cert->iFormat = BIN_CERT;
+ else
+ return KSecParserErrPreFormat;
+ }
+ else
+ return KSecParserErrPreKey;
+
+ token.Set(NextToken());
+ if (token.CompareF(_L("DATA:"))==0) //CompareF ignores case
+ peer_cert->iData = NextToken(); //Filename or PEM cert
+ else
+ return KSecParserErrPreKey;
+
+ return KErrNone;
+}
+
+TBufC<16> TIkeParser::TextMode(const TInt aMode)
+{
+ TBufC<16> ret;
+
+ switch (aMode)
+ {
+ case IKE_PARSER_MAIN:
+ ret=_L("Main");
+ break;
+ case IKE_PARSER_AGGRESSIVE:
+ ret=_L("Aggressive");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextEncrAlg(const TInt aAlg, const TInt aKeyLth)
+{
+ TBufC<16> ret;
+
+ switch (aAlg)
+ {
+ case IKE_PARSER_DES_CBC:
+ ret=_L("DES-CBC");
+ break;
+ case IKE_PARSER_DES3_CBC:
+ ret=_L("3DES-CBC");
+ break;
+ case IKE_PARSER_AES_CBC:
+ if ( aKeyLth == 256 )
+ ret=_L("AES256-CBC");
+ else if ( aKeyLth == 192 )
+ ret=_L("AES192-CBC");
+ else ret=_L("AES128-CBC");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextAuthMethod(const TInt aMethod)
+{
+ TBufC<16> ret;
+
+ switch (aMethod)
+ {
+ case IKE_PARSER_RSA_SIG:
+ ret=_L("RSA_SIGNATURES");
+ break;
+ case IKE_PARSER_DSS_SIG:
+ ret=_L("DSS_SIGNATURES");
+ break;
+ case IKE_PARSER_RSA_ENCR:
+ ret=_L("RSA_ENCRYPT");
+ break;
+ case IKE_PARSER_RSA_REV_ENCR:
+ ret=_L("RSA_REV_ENCRYPT");
+ break;
+ case IKE_PARSER_PRE_SHARED:
+ ret=_L("PRE-SHARED");
+ break;
+ case IKE_PARSER_CRACK:
+ ret=_L("IKE-CRACK");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextHashAlg(const TInt aAlg)
+{
+ TBufC<16> ret;
+
+ switch (aAlg)
+ {
+ case IKE_PARSER_MD5:
+ ret=_L("MD5");
+ break;
+ case IKE_PARSER_SHA1:
+ ret=_L("SHA1");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextGroupDesc(const TInt aDesc)
+{
+ TBufC<16> ret;
+
+ switch (aDesc)
+ {
+ case IKE_PARSER_MODP_768:
+ ret=_L("MODP_768");
+ break;
+ case IKE_PARSER_MODP_1024:
+ ret=_L("MODP_1024");
+ break;
+ case IKE_PARSER_MODP_1536:
+ ret=_L("MODP_1536");
+ break;
+ case IKE_PARSER_MODP_2048:
+ ret=_L("MODP_2048");
+ break;
+ default:
+ break;
+ }
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextGroupType(const TInt aType)
+{
+ TBufC<16> ret;
+
+ switch (aType)
+ {
+ case IKE_PARSER_DEFAULT:
+ ret=_L("DEFAULT");
+ break;
+ case IKE_PARSER_MODP:
+ ret=_L("MODP");
+ break;
+ default:
+ break;
+ }
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextPRF(const TInt aPRF)
+{
+ TBufC<16> ret;
+
+ switch (aPRF)
+ {
+ case IKE_PARSER_NONE:
+ ret=_L("NONE");
+ break;
+ case IKE_PARSER_DES3_CBC_MAC:
+ ret=_L("3DES-CBC-MAC");
+ break;
+ default:
+ break;
+ }
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextFormat(const TKeyFormat aFormat)
+{
+ TBufC<16> ret;
+
+ switch (aFormat)
+ {
+ case HEX_KEY:
+ ret=_L("HEX_FORMAT");
+ break;
+ case STRING_KEY:
+ default:
+ ret=_L("STRING_FORMAT");
+ break;
+ }
+ return ret;
+}
+
+TBufC<16> TIkeParser::CertFormat(TCertFormat aFormat)
+{
+ TBufC<16> ret;
+
+ switch (aFormat)
+ {
+ case PEM_CERT:
+ ret=_L("PEM");
+ break;
+ case BIN_CERT:
+ ret=_L("BIN");
+ break;
+ case CA_NAME:
+ ret=_L("NAME");
+ break;
+ case KEY_ID:
+ ret=_L("KEYID");
+ break;
+ case APPL_UID:
+ ret=_L("APPLUID");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+TBufC<16> TIkeParser::TextLAMType(const TUint8 aLAMType)
+{
+ TBufC<16> ret;
+
+ switch (aLAMType)
+ {
+ case IKE_PARSER_CRACK_PASSWORD:
+ ret=_L("PASSWORD");
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+
+TPtrC TIkeParser::GetRestOfLine()
+{
+ TChar chr=Get();
+ while(chr.IsSpace() && chr!='\n' && chr!='\r')
+ chr=Get();
+ UnGet();
+ Mark();
+ chr=Get(); // Fix for empty rest of line
+ while(!Eos() && chr!='\n' && chr!='\r')
+ chr=Get();
+ if (!Eos())
+ UnGet();
+ return MarkedToken();
+}
+
+
+TInt TIkeParser::ParseFileName(TDes& aFileName)
+{
+ //Get the rest of the line
+ //Trim trailing white spaces from the file name
+ TPtrC fileName = GetRestOfLine();
+ HBufC* fileNameCopy = fileName.Alloc();
+ if (fileNameCopy == NULL)
+ {
+ return KErrNoMemory;
+ }
+ fileNameCopy->Des().TrimRight();
+ fileName.Set(fileName.Left(fileNameCopy->Length()));
+ delete fileNameCopy;
+
+ aFileName = fileName;
+
+ return KErrNone;
+}
+
+
+TBool TSecParser::CheckVersion()
+{
+ TPtrC token(NULL, 0);
+ TLex version_num;
+
+ token.Set(NextToken());
+ if (token.Compare(_L("SECURITY_FILE_VERSION:"))==0)
+ {
+ version_num = NextToken();
+ if (version_num.Val(iVersion)!=KErrNone)
+ return EFalse;
+ if ((iVersion < FIRST_SEC_PARSER_VERSION) || (iVersion > SEC_PARSER_VERSION))
+ return EFalse;
+ }
+ else
+ return EFalse;
+
+ return ETrue;
+}
+
+void TSecParser::ParseInfoL(CSecurityPiece* aPiece_data)
+{
+ ASSERT(aPiece_data);
+
+ HBufC* buf = HBufC::NewLC(MAX_INFO_SIZE);
+ TPtr ptr = buf->Des();
+ TChar ch = Get();
+ TInt i=0;
+
+ ch = Get();
+ while (((ch==' ') || (ch=='\n')) && (!Eos()))
+ ch = Get();
+ while ((ch!='[') && (!Eos()) && i < MAX_INFO_SIZE)
+ {
+ ptr.Append(ch);
+ i++;
+ ch = Get();
+ }
+
+ if (i == MAX_INFO_SIZE) //The rest is ignored
+ {
+ ch = Get();
+ while ( (ch != '[') && (!Eos()) )
+ ch = Get();
+ }
+
+ if (ch =='[')
+ {
+ UnGet(); // the '['
+ if (ptr.Length() > 0) //If empty no \n
+ ptr.SetLength(ptr.Length() - 1); //eliminates the \n at the end
+ }
+ aPiece_data->SetInfoL(ptr);
+ CleanupStack::PopAndDestroy(buf);
+}
+
+TInt TSecParser::ParseGeneral(CGeneralData *aGeneralData)
+{
+ TInt err;
+ TInt pos = Remainder().Find(_L("[")); //The segment is until the next tag or Eos()
+ if (pos!=KErrNotFound)
+ {
+
+ TPtr gen_ptr((TUint16 *)Remainder().Ptr(),pos, pos); //Until the next section
+
+ TGeneralParser parser(gen_ptr);
+ err = parser.Parse(aGeneralData);
+ Assign(Remainder().Mid(pos)); //rest of the text to parse
+ }
+ else //No more tags
+ {
+ TGeneralParser parser(Remainder());
+ err = parser.Parse(aGeneralData);
+ }
+
+ return (err);
+}
+
+
+void TSecParser::NextTag()
+{
+ while (!Eos())
+ if (Get() == '[' )
+ {
+ UnGet(); //Next tag found
+ return;
+ }
+
+}
+
+//Puts the security file data into string format to be saved to disk.
+EXPORT_C TInt TSecParser::Write(CSecurityPiece *aPiece_data, HBufC8*& aPolBfr)
+{
+ TInt err;
+
+ err = WriteVersion(aPolBfr);
+ if (err != KErrNone)
+ return err;
+
+ err = WriteInfo(aPiece_data, aPolBfr);
+ if (err != KErrNone)
+ return err;
+
+ return err = WriteIke(aPiece_data, aPolBfr);
+}
+
+TInt TSecParser::WriteVersion(HBufC8*& aPolBfr)
+{
+ TBuf8<32> buf;
+ buf.Format(_L8("SECURITY_FILE_VERSION: %d\n"), SEC_PARSER_VERSION);
+ return TIkeParser::BufferAppend(aPolBfr, buf);
+}
+
+TInt TSecParser::WriteInfo(CSecurityPiece* aPiece_data, HBufC8*& aPolBfr)
+{
+ ASSERT(aPiece_data);
+
+ TInt err;
+
+ TBuf8<MAX_INFO_SIZE> buf = _L8("[INFO]\n");
+ err = TIkeParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+
+ buf.Copy(aPiece_data->Info()->Des());
+ err = TIkeParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+ return TIkeParser::BufferAppend(aPolBfr, (_L8("\n")));
+}
+
+TInt TSecParser::WriteIke(CSecurityPiece* aPiece_data, HBufC8*& aPolBfr)
+{
+ ASSERT(aPiece_data);
+
+ TBuf8<6> buf = _L8("[IKE]\n");
+ TInt err = TIkeParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+ return TIkeParser::Write(aPiece_data->IkeData(), aPolBfr);
+}
+
+
+//
+//CSecurityPiece
+//
+
+EXPORT_C void CSecurityPiece::ConstructL(TInt aSize)
+{
+ iInfo = HBufC::NewL(aSize);
+ iIkeData = CIkeData::NewL();
+ iGeneralData = new (ELeave) CGeneralData();
+}
+
+EXPORT_C void CSecurityPiece::SetInfoL(const TDesC &aDes)
+{
+ if (aDes.Length() > iInfo->Des().MaxLength())
+ iInfo = iInfo->ReAllocL(aDes.Length()); //ReAllocs if needed
+
+ iInfo->Des().Copy(aDes);
+}
+
+EXPORT_C CSecurityPiece::~CSecurityPiece()
+{
+ delete iInfo;
+ delete iIkeData;
+ delete iGeneralData;
+}
+
+
+
+
+EXPORT_C CGeneralData::CGeneralData()
+{
+}
+
+EXPORT_C CGeneralData::CGeneralData(CGeneralData* aData)
+{
+ ASSERT(aData);
+ iDeactivationTimeout = aData->iDeactivationTimeout;
+}
+
+EXPORT_C TGeneralParser::TGeneralParser(const TDesC &aStr) : TLex(aStr)
+ {
+ }
+
+EXPORT_C TInt TGeneralParser::Parse(CGeneralData* aData)
+{
+ ASSERT(aData);
+
+ TLex sub_num; //Used for number conversion
+ TInt err = KErrNone;
+ TPtrC token(NULL,0);
+ while (!Eos() && err==KErrNone)
+ {
+ Mark();
+ token.Set(NextToken());
+ if (token.CompareF(_L("POLICY_AUTO_DEACTIVATION_TIMEOUT:")) == 0) //CompareF ignores case
+ {
+ sub_num = NextToken();
+ if (sub_num.Val(aData->iDeactivationTimeout)!=KErrNone)
+ err = KErrGeneral; //change ??
+ }
+ }
+ return err;
+}
+
+
+EXPORT_C TInt TSecParser::ParseGeneralData(CGeneralData* aData)
+{
+ TPtrC token(NULL, 0);
+ TInt ret;
+
+ if (!CheckVersion())
+ return KErrNotSupported; //Invalid file or version
+ while (!Eos())
+ {
+ token.Set(NextToken());
+ if (token.Compare(_L("[GENERAL]"))==0)
+ {
+ ret = ParseGeneral(aData);
+ if (ret !=KErrNone)
+ return ret;
+ }
+ else //Unknown Tag Ignored
+ NextTag();
+
+ }
+
+ return KErrNone;
+}
+
+//
+// IkeParser
+//
+EXPORT_C RArray<TUid>* IkeParser::GetApplUidListL(
+ const TDesC16& aApplUidString)
+ {
+ //
+ // Build application UID array from Application Uid text string
+ //
+ RArray<TUid>* applUidList = new (ELeave) RArray<TUid>(1);
+ CleanupStack::PushL( applUidList );
+ TLex ApplUids(aApplUidString);
+ TUint32 Uid;
+ TUid ApplUid;
+ IkeParser::NextHexaDigit(ApplUids);
+
+ while ( !ApplUids.Eos() )
+ {
+ if ( ApplUids.Val(Uid, EHex) != KErrNone )
+ {
+ break; // Error
+ }
+ ApplUid.iUid = Uid;
+ User::LeaveIfError( applUidList->Append(ApplUid) );
+ IkeParser::NextHexaDigit(ApplUids);
+ }
+ CleanupStack::Pop( applUidList );
+ return applUidList;
+ }
+
+EXPORT_C HBufC8* IkeParser::TextToHexOctetsL(const TDesC16& aTextString)
+{
+ TInt Lth = (aTextString.Length() + 1)/2;
+ HBufC8* HexOctets = HBufC8::NewL((Lth | 3) + 1);
+ if ( DeHex(aTextString.Ptr(), aTextString.Length(), (TUint8*)HexOctets->Ptr()) )
+ HexOctets->Des().SetLength(Lth);
+
+ return HexOctets;
+}
+
+EXPORT_C TBool IkeParser::TextToHexOctets(const TDesC16& aTextString, TDes8& aHexOctets)
+{
+ TBool Status;
+ TInt Lth = ((aTextString.Length() + 1)/2);
+ if ( aHexOctets.MaxLength() >= Lth )
+ {
+ Status = DeHex(aTextString.Ptr(), aTextString.Length(), (TUint8*)aHexOctets.Ptr());
+ if ( !Status )
+ Lth = 0;
+ }
+ else
+ {
+ Status = EFalse;
+ Lth = 0;
+ }
+ aHexOctets.SetLength(Lth);
+
+ return Status;
+}
+
+TBool IkeParser::DeHex(const TUint16* aUcStr, TInt aStrLen, TUint8* aDstBfr)
+{
+ TBool Status = ETrue;
+ TUint8 d1, d2;
+
+ while ( (aStrLen > 0) && Status )
+ {
+ d1 = (TUint8)(*aUcStr & 0xff);
+ Status &= HexVal(d1);
+ aUcStr ++;
+ if ( aStrLen > 1 )
+ {
+ d2 = (TUint8)(*aUcStr & 0xff);
+ Status &= HexVal(d2);
+ }
+ else d2 = 0;
+ aUcStr ++;
+ aStrLen -= 2;
+ *aDstBfr++ = (TUint8)(d1 * 16 + d2);
+ }
+ return Status;
+}
+
+TBool IkeParser::HexVal(TUint8& c)
+{
+ TBool Status = ( c >= 'a' && c <= 'f');
+ if ( Status )
+ c = (TUint8)(c - 'a' + 10);
+ else
+ {
+ Status = (c >= 'A' && c <= 'F');
+ if ( Status )
+ c = (TUint8)(c - 'A' + 10);
+ else
+ {
+ Status = (c >= '0' && c <= '9');
+ if ( Status )
+ c = (TUint8)(c - '0');
+ }
+ }
+ return Status;
+}
+
+void IkeParser::NextHexaDigit(TLex& aUidString)
+{
+ TChar ch;
+
+ while ( !aUidString.Eos() )
+ {
+ ch = aUidString.Peek();
+ if ( ch.IsHexDigit() )
+ {
+ break;
+ }
+ aUidString.Inc();
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/bwins/ikesocketu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?NewL@CIkeConnectionInterface@@SAPAV1@AAVMIkeDebug@@@Z @ 1 NONAME ; class CIkeConnectionInterface * CIkeConnectionInterface::NewL(class MIkeDebug &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/eabi/ikesocketu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,7 @@
+EXPORTS
+ _ZN23CIkeConnectionInterface4NewLER9MIkeDebug @ 1 NONAME
+ _ZTI13CDataTransfer @ 2 NONAME ; #<TI>#
+ _ZTI23CIkeConnectionInterface @ 3 NONAME ; #<TI>#
+ _ZTV13CDataTransfer @ 4 NONAME ; #<VT>#
+ _ZTV23CIkeConnectionInterface @ 5 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building.
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+
+#ifdef VPNCLIENT_USE_STUBS
+ikesocket_test.mmp
+#else
+ikesocket.mmp
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/group/ikesocket.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikesocket
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikesocket.dll
+TARGETTYPE dll
+UID 0x1000008d 0x20000407
+
+CAPABILITY All -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+
+SOURCE connobserver.cpp
+SOURCE datatransfer.cpp
+SOURCE ikeconnectioninterface.cpp
+SOURCE ikeconnection.cpp
+SOURCE localaddressresolver.cpp
+SOURCE receivequeueitem.cpp
+SOURCE receiver.cpp
+SOURCE sender.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../ikev2lib/inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY commdb.lib
+LIBRARY extendedconnpref.lib
+LIBRARY netmeta.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/group/ikesocket_test.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Test project definition file for project ikesocket
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikesocket.dll
+TARGETTYPE dll
+UID 0x1000008d 0x20000407
+
+CAPABILITY All -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+
+SOURCE connobserver.cpp
+SOURCE datatransfer.cpp
+SOURCE ikeconnectioninterface.cpp
+SOURCE ikeconnection.cpp
+SOURCE localaddressresolver.cpp
+SOURCE receivequeueitem.cpp
+SOURCE receiver.cpp
+SOURCE sender.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../ikev2lib/inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY ikesocket_proxy.lib
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY commdb.lib
+LIBRARY extendedconnpref.lib
+LIBRARY netmeta.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/connobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,138 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Link connection status observer
+*
+*/
+
+#ifndef C_CONNOBSERVER_H
+#define C_CONNOBSERVER_H
+
+// INCLUDES
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+
+class MIkeDebug;
+class RConnection;
+
+/**
+ * Link disconnection callback interface.
+ *
+ * Callback interface for notifying about link disconnection.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( MConnObserverCallback )
+ {
+public:
+ /**
+ * Notifies about link disconnection.
+ *
+ * @param aStatus Link disconnection status
+ */
+ virtual void LinkDisconnected( const TInt aStatus ) = 0;
+ };
+
+/**
+ * Link connection status observer.
+ *
+ * This class provides functionality for observing when link connection has
+ * been disconnected.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( CConnObserver ) : private CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ *
+ * @param aConnection Connection which is used for observing
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CConnObserver* NewL( RConnection& aConnection,
+ MConnObserverCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CConnObserver();
+
+ /**
+ * Requests notification about link disconnection. Link disconnection will
+ * be notified via MConnObserverCallback callback interface, when link has
+ * been disconnected.
+ */
+ void NotifyDisconnect();
+
+ /**
+ * Cancels link disconnection notification request.
+ */
+ void CancelNotify();
+
+private:
+
+// from base class CActive
+
+ /**
+ * From CActive.
+ * Handles an active object's request completion event about link
+ * disconnection progress notification. Notifies client about link
+ * disconnection via callback interface. Does not leave.
+ */
+ void RunL();
+
+ /**
+ * From CActive.
+ * Implements cancellation of a link disconnection progress notification.
+ */
+ void DoCancel();
+
+private:
+ CConnObserver( RConnection& aConnection,
+ MConnObserverCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+private: // data
+ /**
+ * Connection used for observing link disconnection.
+ * Not own.
+ */
+ RConnection& iConnection;
+
+ /**
+ * Buffer for Network Interface Progress.
+ * Own.
+ */
+ TNifProgressBuf iProgressBuf;
+
+ /**
+ * Callback interface for notifying link disconnection.
+ * Not own.
+ */
+ MConnObserverCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_CONNOBSERVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/datatransfer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,431 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Data transfer functionality
+*
+*/
+
+
+#ifndef C_DATATRANSFER_H
+#define C_DATATRANSFER_H
+
+#include <in_sock.h>
+#include "ikedatainterface.h"
+#include "sender.h"
+#include "receiver.h"
+#include "receivequeueitem.h"
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+
+class CLocalAddressResolver;
+class MIkeDebug;
+
+/**
+ * Data transfer callback interface.
+ *
+ * Callback interface for informing fatal error in data transfer.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( MDataTransferCallback )
+ {
+public:
+ enum TErrorType
+ {
+ ESendError,
+ EReceiveError
+ };
+
+ /**
+ * Notifies that data transfer error has occured.
+ *
+ * @param aError Error value
+ * @param aErrorType Error type
+ */
+ virtual void DataTransferError( const TInt aError,
+ const TErrorType aErrorType ) = 0;
+ };
+
+/**
+ * Data transfer class.
+ *
+ * This class provides functionality for transferring UDP data. This class
+ * implements data interface (MIkeDataInterface) which can be used
+ * by the client of data interface to send and receive UDP data. Received data
+ * is queued until client reads received data.
+ *
+ * Before instance of this class can be used for transferring data, owner of
+ * the instance must set IKE major version and request opening of sockets.
+ * When data transferring is no more needed, owner can request closing of
+ * sockets. Fatal data transfer errors are notified to owner through
+ * error callback interface (MDataTransferCallback).
+ *
+ * This class owns sockets for local ports 500 and 4500 which are used for
+ * both sending and receiving UDP data. This class owns also third socket
+ * which is used if the client of data interface sends Nokia NAT keepalive
+ * packet.
+ *
+ * @lib ikesocket.lib
+ */
+class CDataTransfer : public CBase,
+ public MIkeDataInterface,
+ public MSenderCallback,
+ public MReceiverCallback
+ {
+public:
+
+ /**
+ * Two-phased constructor.
+ * @param aSocketServer Socket server
+ * @param aConnection Connection
+ * @param aCallback Error callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CDataTransfer* NewL( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ CLocalAddressResolver& aLocalAddressResolver,
+ MDataTransferCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CDataTransfer();
+
+ /**
+ * Sets IKE major version. IKE major version must be set before data
+ * interface is used for data transfer.
+ *
+ * @param aIkeMajorVersion IKE major version
+ */
+ void SetIkeMajorVersion( const IkeSocket::TIkeMajorVersion aIkeMajorVersion );
+
+ /**
+ * Sets IP version. IP version must be set before data interface is used
+ * for getting local IP address.
+ *
+ * @param aIpVersion IP version
+ */
+ void SetIpVersion( const IkeSocket::TIpVersion aIpVersion );
+
+ /**
+ * Opens sockets. Sockets for ports 500 and 4500 are bound to specified
+ * local IP address.
+ *
+ * @param aLocalIp Local IP address which is used to bind sockets (for ports
+ * 500 and 4500).
+ */
+ TInt OpenSockets( const TInetAddr& aLocalIp );
+
+ /**
+ * Closes sockets.
+ */
+ void CloseSockets();
+
+// from base class MIkeDataInterface
+
+ /**
+ * Sends UDP data.
+ *
+ * @param aLocalPort Local port
+ * @param aDestAddr Destination IP address/port
+ * @param aUdpData UDP data
+ * @param aDscp DSCP value
+ * @param aStatus Completion status (returned)
+ * -KErrArgument if local port is neither 500 or 4500, and
+ * destination port does not equal local port
+ * (equal when Nokia NAT keepalive packet
+ * sent)
+ * -KErrDisconnected if connection is disconnected
+ */
+ void SendUdpData( const TInt aLocalPort,
+ const TInetAddr& aDestAddr,
+ const TDesC8& aUdpData,
+ const TUint aDscp,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels sending.
+ */
+ void CancelSend();
+
+ /**
+ * Starts to receive UDP data. Completes when data is available or error
+ * has occured.
+ *
+ * @param aUdpData Received UDP data (returned)
+ * @param aSrcAddr Source IP address/port (returned)
+ * @param aLocalPort Local port (returned)
+ * @param aStatus Completion status (returned)
+ * -KErrDisconnected if connection is disconnected
+ */
+ void ReceiveUdpData( HBufC8*& aUdpData,
+ TInetAddr& aSrcAddr,
+ TInt& aLocalPort,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels receive request.
+ */
+ void CancelReceive();
+
+ /**
+ * Clears data which has been received.
+ */
+ void ClearReceivedData();
+
+ /**
+ * Stops receiving. Clears data which has been received.
+ */
+ void StopReceive();
+
+ /**
+ * Gets local IP address of interface.
+ *
+ * @param aLocalIp Local IP address (returned)
+ * @return Error status. KErrNotFound if address is not found.
+ */
+ TInt GetLocalAddress( TInetAddr& aLocalIp );
+
+// from base class MSenderCallback
+
+ /**
+ * Notification about completed send.
+ */
+ void SendCompleted( const TInt aStatus );
+
+// from base class MReceiverCallback
+
+ /**
+ * Notification that data has been received. Receiving is continued
+ * automatically by receiver.
+ *
+ * @param aUdpData Received UDP data. Ownership transferred.
+ * @param aSrcAddr Source address
+ * @param aLocalPort Local port
+ */
+ void DataReceived( HBufC8* aUdpData,
+ const TInetAddr& aSrcAddr,
+ const TInt aLocalPort );
+
+ /**
+ * Notification about receive error. Receiving has been stopped by receiver.
+ *
+ * @param aStatus Error status
+ */
+ void ReceiveError( const TInt aStatus );
+
+private:
+
+ CDataTransfer( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ CLocalAddressResolver& aLocalAddressResolver,
+ MDataTransferCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+ /**
+ * Opens specified socket.
+ *
+ * @param aSocket Socket
+ * @return Error value
+ */
+ TInt OpenSocket( RSocket& aSocket );
+
+ /**
+ * Binds specified socket to local IP address/port.
+ * @param aSocket Socket
+ * @param aLocalIp Local IP address
+ * @param aLocalPort Local port
+ * @return Error value
+ */
+ TInt BindSocket( RSocket& aSocket,
+ const TInetAddr& aLocalIp,
+ const TInt aLocalPort );
+
+ /**
+ * Cancels sending.
+ *
+ * @param aCompletionStatus Client completion status
+ */
+ void DoCancelSend( const TInt aCompletionStatus = KErrCancel );
+
+ /**
+ * Cancels receiving.
+ *
+ * @param aCompletionStatus Client completion status
+ */
+ void DoCancelReceive( const TInt aCompletionStatus = KErrCancel );
+
+ /**
+ * Completes send to client.
+ *
+ * @param aStatus Send status
+ */
+ void CompleteSendToClient( const TInt aStatus );
+
+ /**
+ * Completes receive to client.
+ *
+ * @param aStatus Receive status
+ */
+ void CompleteReceiveToClient( const TInt aStatus );
+
+ /**
+ * Receives more data if receiving not requested to be stopped.
+ */
+ void ReceiveData();
+
+ /**
+ * Cleans up data from receive queue.
+ */
+ void CleanupReceiveQueue();
+
+private: // data
+
+ /**
+ * Socket server.
+ * Not own.
+ */
+ RSocketServ& iSocketServer;
+
+ /**
+ * Connection used for data transfer.
+ * Not own.
+ */
+ RConnection& iConnection;
+
+ /**
+ * Pointer to client's request status for sending
+ * Not own.
+ */
+ TRequestStatus* iClientStatusSend;
+
+ /**
+ * Pointer to client's request status for receiving.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusReceive;
+
+ /**
+ * Pointer to client's heap descriptor pointer (HBufC8*) variable. Variable
+ * will contain received message data, after receive has been completed
+ * successfully to client.
+ * Not own.
+ */
+ HBufC8** iClientMsgReceive;
+
+ /**
+ * Pointer to client's address variable. Variable will contain source
+ * address from which data has been received, after receive has been
+ * completed successfully to client.
+ * Not own.
+ */
+ TInetAddr* iClientSrcAddrReceive;
+
+ /**
+ * Pointer to client's address variable. Variable will contain local
+ * port from which data has been received, after receive has been
+ * completed successfully to client.
+ * Not own.
+ */
+ TInt* iClientLocalPort;
+
+ /**
+ * Socket for port 500.
+ * Own.
+ */
+ RSocket iSocket;
+
+ /**
+ * Socket for port 4500.
+ * Own.
+ */
+ RSocket iSocketNAT;
+
+ /**
+ * Socket for Nokia NAT port.
+ * Own.
+ */
+ RSocket iSocketNokiaNAT;
+
+ /**
+ * Local Nokia NAT port.
+ * Own.
+ */
+ TInt iLocalNokiaNATPort;
+
+ /**
+ * Informs if sockets are open or not.
+ * Own.
+ */
+ TBool iSocketsOpen;
+
+ /**
+ * Informs if receiving is stopped or not.
+ * Own.
+ */
+ TBool iReceivingStopped;
+
+ /**
+ * Receiver for port 500.
+ * Own.
+ */
+ CReceiver* iReceiver;
+
+ /**
+ * Receiver for port 4500.
+ * Own.
+ */
+ CReceiver* iReceiverNAT;
+
+ /**
+ * Sender.
+ * Own.
+ */
+ CSender* iSender;
+
+ /**
+ * Queue containing received data.
+ * Own.
+ */
+ RArray<TReceiveQueueItem> iReceiveQueue;
+
+ /**
+ * Local address resolver.
+ * Not own.
+ */
+ CLocalAddressResolver& iLocalAddressResolver;
+
+ /**
+ * IP version.
+ * Own.
+ */
+ IkeSocket::TIpVersion iIpVersion;
+
+ /**
+ * Error callback interface.
+ * Not own.
+ */
+ MDataTransferCallback& iErrorCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_DATATRANSFER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/ikeconnection.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,291 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE connection
+*
+*/
+
+
+#ifndef C_IKECONNECTION_H
+#define C_IKECONNECTION_H
+
+#include <e32base.h>
+#include <in_sock.h>
+#include <commdbconnpref.h>
+#include <extendedconnpref.h>
+#include "connobserver.h"
+#include "datatransfer.h"
+#include "ikeconnectioninterface.h"
+
+// FORWARD DECLARATIONS
+class CConnObserver;
+class CDataTransfer;
+class CLocalAddressResolver;
+class MIkeDebug;
+class RSocketServ;
+
+/**
+ * IKE socket connection class.
+ *
+ * This class provides functionality for managing VPN AP's real network
+ * connection. This class implements IKE socket connection interface
+ * (CIkeConnectionInterface).
+ *
+ * This class owns data transfer object, which implements data interface
+ * (MIkeDataInterface). Possible fatal data transfer errors are handled
+ * in this class.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( CIkeConnection ) : public CIkeConnectionInterface,
+ public MDataTransferCallback,
+ public MConnObserverCallback
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDebug Debug trace interface
+ */
+ static CIkeConnection* NewL( MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CIkeConnection();
+
+ /**
+ * Opens data interface.
+ *
+ * @param aIkeMajorVersion IKE major version
+ * @param aIpVersion IP protocol version
+ * @return Data interface
+ */
+ MIkeDataInterface& OpenDataInterfaceL( const TIkeMajorVersion aIkeMajorVersion,
+ const TIpVersion aIpVersion );
+
+// from base class MIkeConnectionInterface
+
+ void StartConnection( const TUint32 aIapId,
+ const TUint32 aSnapId,
+ TRequestStatus& aStatus,
+ const TBool aForcedRoaming = EFalse );
+ void CancelStartConnection();
+ void StopConnection();
+ void ResolveFQDNAddress( const TDesC& aFQDN,
+ TNameEntry& aNameEntry,
+ TRequestStatus& aStatus );
+ void CancelResolveFQDNAddress();
+ void NotifyDisconnect( TRequestStatus& aStatus );
+ void CancelNotifyDisconnect();
+ TUint32 IapId() const;
+ TUint32 NetId() const;
+ TUint32 SnapId() const;
+ TInt GetLocalAddress( const TIpVersion aIpVersion,
+ TInetAddr& aLocalIp );
+
+// from base class MDataTransferCallback
+
+ /**
+ * Notification about fatal data transfer error.
+ *
+ * @param aError Error value
+ * @param aErrorType Error type
+ */
+ void DataTransferError( const TInt aError,
+ const TErrorType aErrorType );
+
+// from base class MConnObserverCallback
+
+ /**
+ * Notification about link disconnection.
+ *
+ * @param aStatus Link disconnection status
+ */
+ void LinkDisconnected( const TInt aStatus );
+
+private:
+
+ enum TConnectionState
+ {
+ EIdle,
+ EConnecting,
+ EResolvingFQDN,
+ EConnected
+ };
+
+ CIkeConnection( MIkeDebug& aDebug );
+
+ void ConstructL();
+
+ /**
+ * Creates connection preferences for SNAP usage.
+ * @param aSnapId SNAP id
+ * @param aForcedRoaming Indicates whether forced roaming is enabled or
+ * disabled for SNAP
+ */
+ void CreateSnapPreferencesL( const TUint32 aSnapId,
+ const TBool aForcedRoaming );
+
+ /**
+ * Cleans connection preferences created for SNAP usage.
+ */
+ void CleanSnapPreferences();
+
+ /**
+ * Updates IAP id and NET id.
+ */
+ void UpdateRealIapData();
+
+ /**
+ * Handles completion of asynchronous request in EConnecting state.
+ */
+ void DoStateAfterConnecting();
+
+ /**
+ * Handles completion of asynchronous request in EResolvingFQDN state.
+ */
+ void DoStateAfterResolvingFQDN();
+
+ /**
+ * Implements cancellation of connection starting.
+ */
+ void DoCancelStartConnection();
+
+ /**
+ * Implements cancellation of FQDN address resolving.
+ */
+ void DoCancelResolveFQDNAddress();
+
+ // from base class CActive
+
+ /**
+ * From CActive.
+ * Handles an active object's request completion event.
+ */
+ void RunL();
+
+ /**
+ * From CActive.
+ * Implements cancellation of an active request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * Connection state.
+ * Own.
+ */
+ TConnectionState iState;
+
+ /**
+ * Socket server.
+ * Own.
+ */
+ RSocketServ iSocketServer;
+
+ /**
+ * Network connection.
+ * Own.
+ */
+ RConnection iConnection;
+
+ /**
+ * Host resolver.
+ * Own.
+ */
+ RHostResolver iResolver;
+
+ /**
+ * IP version.
+ * Own.
+ */
+ TIpVersion iIpVersion;
+
+ /**
+ * IAP id.
+ * Own.
+ */
+ TUint32 iIapId;
+
+ /**
+ * NET id.
+ * Own.
+ */
+ TUint32 iNetId;
+
+ /**
+ * SNAP id.
+ * Own.
+ */
+ TUint32 iSnapId;
+
+ /**
+ * Connection preferences.
+ * Own.
+ */
+ TCommDbConnPref iPrefs;
+
+ /**
+ * Extended connection preferences.
+ * Own.
+ */
+ TExtendedConnPref iExtendedPrefs;
+
+ /**
+ * Connection preferences list.
+ * Own.
+ */
+ TConnPrefList iConnPrefList;
+
+ /**
+ * Pointer to client's request status. Used for starting connection and
+ * resolving FQDN address.
+ * Not own.
+ */
+ TRequestStatus* iClientStatus;
+
+ /**
+ * Pointer to client's request status. Used for requesting disconnect
+ * notification.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusNotifyDisconnect;
+
+ /**
+ * Data transfer object.
+ * Own.
+ */
+ CDataTransfer* iDataTransfer;
+
+ /**
+ * Link status observer.
+ * Own.
+ */
+ CConnObserver* iLinkObserver;
+
+ /**
+ * Local address resolver.
+ * Own.
+ */
+ CLocalAddressResolver* iLocalAddressResolver;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+
+ };
+
+#endif // C_IKECONNECTION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/ikeconnectioninterface.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,164 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE socket connection interface
+*
+*/
+
+
+#ifndef C_IKECONNECTIONINTERFACE_H
+#define C_IKECONNECTIONINTERFACE_H
+
+#include <e32base.h>
+#include <in_sock.h>
+#include "ikesocketdefs.h"
+
+using namespace IkeSocket;
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+class MIkeDataInterface;
+class RSocketServer;
+
+/**
+ * IKE socket connection interface.
+ *
+ * This interface defines functionality for managing VPN AP's real network
+ * connection.
+ *
+ * Data interface (MIkeDataInterface) needs to be opened via this class. Data
+ * interface is closed automatically, when instance of connection interface
+ * (this interface) is deleted.
+ *
+ * @lib ikesocket.lib
+ */
+
+class CIkeConnectionInterface : protected CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDebug Debug trace interface
+ */
+ IMPORT_C static CIkeConnectionInterface* NewL( MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ virtual ~CIkeConnectionInterface();
+
+ /**
+ * Opens data interface.
+ *
+ * @param aIkeMajorVersion IKE major version
+ * @param aIpVersion IP protocol version
+ * @return Data interface
+ */
+ virtual MIkeDataInterface& OpenDataInterfaceL( const TIkeMajorVersion aIkeMajorVersion,
+ const TIpVersion aIpVersion ) = 0;
+
+ /**
+ * Establishes connection for specified SNAP (destination) or IAP.
+ *
+ * @param aIapId IAP id
+ * @param aSnapId SNAP id
+ * @param aStatus Completion status (returned)
+ * @param aForcedRoaming Indicates whether forced roaming is enabled or
+ * disabled for SNAP
+ */
+ virtual void StartConnection( const TUint32 aIapId,
+ const TUint32 aSnapId,
+ TRequestStatus& aStatus,
+ const TBool aForcedRoaming = EFalse ) = 0;
+
+ /**
+ * Cancels connection establishment.
+ *
+ */
+ virtual void CancelStartConnection() = 0;
+
+ /**
+ * Closes the connection.
+ *
+ */
+ virtual void StopConnection() = 0;
+
+ /**
+ * Resolves an IP address from FQDN address.
+ *
+ * @param aFQDN Fully Qualified Domain Name
+ * @param aNameEntry Result of name resolution (returned)
+ * @param aStatus Completion status (returned)
+ */
+ virtual void ResolveFQDNAddress( const TDesC& aFQDN,
+ TNameEntry& aNameEntry,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels FQDN address resolving.
+ *
+ */
+ virtual void CancelResolveFQDNAddress() = 0;
+
+ /**
+ * Starts listening disconnect notification.
+ *
+ * @param aStatus Disconnection status (returned)
+ */
+ virtual void NotifyDisconnect( TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels notifying of disconnect indication.
+ *
+ */
+ virtual void CancelNotifyDisconnect() = 0;
+
+ /**
+ * Returns IAP id.
+ *
+ * @return IAP id
+ */
+ virtual TUint32 IapId() const = 0;
+
+ /**
+ * Returns NET id.
+ *
+ * @return NET id
+ */
+ virtual TUint32 NetId() const = 0;
+
+ /**
+ * Returns SNAP id.
+ *
+ * @return SNAP id
+ */
+ virtual TUint32 SnapId() const = 0;
+
+ /**
+ * Gets local IP address of interface.
+ *
+ * @param aIpVersion IP version of local IP address
+ * @param aLocalIp Local IP address (returned)
+ * @return Error status. KErrNotFound if address is not found.
+ */
+ virtual TInt GetLocalAddress( const TIpVersion aIpVersion,
+ TInetAddr& aLocalIp ) = 0;
+
+protected:
+
+ CIkeConnectionInterface( TInt aPriority );
+
+ };
+
+
+#endif // C_IKECONNECTIONINTERFACE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/ikedatainterface.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,104 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE socket data interface
+*
+*/
+
+
+#ifndef M_IKEDATAINTERFACE_H
+#define M_IKEDATAINTERFACE_H
+
+#include <in_sock.h>
+
+/**
+ * IKE socket data transfer interface.
+ *
+ * This interface defines functionality for sending and receiving UDP data.
+ *
+ * After client has started receiving, data is queued to receive queue. Queud
+ * data will be cleared, when clients stops receiving, or connection has been
+ * disconnected.
+ *
+ * @lib ikesocket.lib
+ */
+class MIkeDataInterface
+ {
+public:
+
+ /**
+ * Sends UDP data.
+ *
+ * @param aLocalPort Local port
+ * @param aDestAddr Destination IP address/port
+ * @param aUdpData UDP data
+ * @param aDscp DSCP value
+ * @param aStatus Completion status (returned)
+ * -KErrArgument if local port is neither 500 or 4500, and
+ * destination port does not equal local port
+ * (equal when Nokia NAT keepalive packet
+ * sent)
+ * -KErrDisconnected if connection is disconnected
+ */
+ virtual void SendUdpData( const TInt aLocalPort,
+ const TInetAddr& aDestAddr,
+ const TDesC8& aUdpData,
+ const TUint aDscp,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels sending.
+ */
+ virtual void CancelSend() = 0;
+
+ /**
+ * Starts to receive UDP data. Completes when data is available or error
+ * has occured.
+ *
+ * @param aUdpData Received UDP data (returned)
+ * @param aSrcAddr Source IP address/port (returned)
+ * @param aLocalPort Local port (returned)
+ * @param aStatus Completion status (returned)
+ * -KErrDisconnected if connection is disconnected
+ */
+ virtual void ReceiveUdpData( HBufC8*& aUdpData,
+ TInetAddr& aSrcAddr,
+ TInt& aLocalPort,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels receive request.
+ */
+ virtual void CancelReceive() = 0;
+
+ /**
+ * Clears data which has been received.
+ */
+ virtual void ClearReceivedData() = 0;
+
+ /**
+ * Stops receiving. Clears data which has been received.
+ */
+ virtual void StopReceive() = 0;
+
+ /**
+ * Gets local IP address of interface.
+ *
+ * @param aLocalIp Local IP address (returned)
+ * @return Error status. KErrNotFound if address is not found.
+ */
+ virtual TInt GetLocalAddress( TInetAddr& aLocalIp ) = 0;
+ };
+
+
+#endif // M_IKEDATAINTERFACE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/ikesocketassert.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Special assert macros for IKE socket
+*
+*/
+
+
+#ifndef IKESOCKETASSERT_H
+#define IKESOCKETASSERT_H
+
+#include "ikedebug.h"
+
+#ifdef _DEBUG
+
+#define IKESOCKET_ASSERT(cond) if(!(cond)){ DEBUG_LOG(_L("ASSERTION FAILED")); DEBUG_LOG1(_L("%s, "), __FILE__); DEBUG_LOG1(_L("%d"), __LINE__); User::Invariant();}
+#define IKESOCKET_INVARIANT() DEBUG_LOG(_L("ASSERTION FAILED")); DEBUG_LOG1(_L("%s, "), __FILE__); DEBUG_LOG1(_L("%d"), __LINE__); User::Invariant()
+
+#else
+
+#define IKESOCKET_ASSERT(cond)
+#define IKESOCKET_INVARIANT()
+
+#endif
+
+#endif // IKESOCKETASSERT_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/ikesocketdefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE socket definitions
+*
+*/
+
+
+#ifndef IKESOCKETDEFS_H
+#define IKESOCKETDEFS_H
+
+namespace IkeSocket
+ {
+ const TInt KIkePort500( 500 );
+ const TInt KIkePort4500( 4500 );
+
+ enum TIkeMajorVersion
+ {
+ EIkeMajorV1 = 1,
+ EIkeMajorV2 = 2
+ };
+
+ enum TIpVersion
+ {
+ EIPv4 = 4,
+ EIPv6 = 6
+ };
+ }
+
+#endif // IKESOCKETDEFS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/localaddressresolver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,159 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Local address resolver
+*
+*/
+
+
+#ifndef C_LOCALADDRRESOLVER_H
+#define C_LOCALADDRRESOLVER_H
+
+#include <in_sock.h>
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+
+/**
+ * Local address resolver.
+ *
+ * This class resolves local IP addresses (IPv4 and/or IPv6) for network
+ * connection (RConnection).
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( CLocalAddressResolver ) : public CBase
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aSocketServer Socket server
+ * @param aConnection RConnection which is used for resolving
+ * @param aDebug Debug trace interface
+ */
+ static CLocalAddressResolver* NewL( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ MIkeDebug& aDebug);
+
+ /**
+ * Destructor.
+ */
+ ~CLocalAddressResolver();
+
+ /**
+ * Returns information about whether local IP address has been resolved.
+ * @param aIpVersion IP version of local address (IPv4/IPv6)
+ * @return Local IP address resolved or not.
+ */
+ TBool HasIPAddr( const IkeSocket::TIpVersion aIpVersion ) const;
+
+ /**
+ * Returns resolved local IP address.
+ * @param aIpVersion IP version of local address (IPv4/IPv6)
+ * @return Local IP address.
+ */
+ const TInetAddr& IPAddr( const IkeSocket::TIpVersion aIpVersion ) const;
+
+ /**
+ * Refreshes local IP addresses (IPv4 and/or IPv6).
+ * @param aIpVersion IP version of local address (IPv4/IPv6)
+ * @return Local IP address.
+ */
+ TInt RefreshLocalAddresses();
+
+ /**
+ * Gets local IP address of interface.
+ *
+ * @param aIpVersion IP version of local IP address
+ * @param aLocalIp Local IP address (returned)
+ * @return Error status. KErrNotFound if address is not found.
+ */
+ TInt GetLocalAddress( const IkeSocket::TIpVersion aIpVersion,
+ TInetAddr& aLocalIp );
+
+private:
+
+ CLocalAddressResolver( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+ /**
+ * Mathches information of an interface and the connection.
+ * @param aInfo Information of interface
+ * @return aQuery Query for interface
+ */
+ TBool Match( const TSoInetInterfaceInfo& aInfo,
+ const TSoInetIfQuery& aQuery) const;
+
+ /**
+ * Sets local IP address if not yet set.
+ * @param aAddr IP address
+ */
+ void SetAddressIfNotSet( const TInetAddr& aAddr );
+
+ /**
+ * Sets local IPv4 address if not yet set.
+ * @param aAddr IP address
+ */
+ void SetIPv4AddressIfNotSet( const TInetAddr& aAddr );
+
+ /**
+ * Sets local IPv6 address if not yet set.
+ * @param aAddr IP address
+ */
+ void SetIPv6AddressIfNotSet( const TInetAddr& aAddr );
+
+private: // data
+ /**
+ * IAP id of the connection.
+ * Own.
+ */
+ TUint32 iIapId;
+
+ /**
+ * Socket server.
+ * Not own.
+ */
+ RSocketServ& iSocketServer;
+
+ /**
+ * Connection.
+ * Not own.
+ */
+ RConnection& iConnection;
+
+ /**
+ * Local IPv4 address.
+ * Own.
+ */
+ TInetAddr iIPv4Addr;
+
+ /**
+ * Local IPv6 address.
+ * Own.
+ */
+ TInetAddr iIPv6Addr;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_LOCALADDRRESOLVER_H
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/receivequeueitem.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,91 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receive queue item
+*
+*/
+
+
+#ifndef T_RECEIVEQUEUEITEM_H
+#define T_RECEIVEQUEUEITEM_H
+
+#include <in_sock.h>
+
+/**
+ * Item in receive queue
+ *
+ * Item contains information related to received UDP data. Items are stored
+ * in receive queue while they are waiting to be read by the client.
+ *
+ * @lib ikesocket.lib
+ */
+class TReceiveQueueItem
+ {
+public:
+
+ /**
+ * Constructor.
+ *
+ * @param aUdpData UDP data
+ * @param aSrcAddr Source IP address/port
+ * @param aLocalPort Local port
+ */
+ TReceiveQueueItem( HBufC8* aUdpData,
+ const TInetAddr& aSrcAddr,
+ const TInt aLocalPort );
+
+ /**
+ * Returns UDP data.
+ *
+ * @return Udp data
+ */
+ HBufC8* UdpData() const;
+
+ /**
+ * Returns source address.
+ *
+ * @return Source address
+ */
+ const TInetAddr& SrcAddr() const;
+
+ /**
+ * Returns local port.
+ *
+ * @return Local port
+ */
+ TInt LocalPort() const;
+
+private:
+
+ /**
+ * Udp data
+ * Own.
+ */
+ HBufC8* iUdpData;
+
+ /**
+ * Source address
+ * Own.
+ */
+ TInetAddr iSrcAddr;
+
+ /**
+ * Local port
+ * Own.
+ */
+ TInt iLocalPort;
+
+ };
+
+
+#endif // T_RECEIVEQUEUEITEM_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/receiver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,235 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver for UDP data
+*
+*/
+
+
+#ifndef C_RECEIVER_H
+#define C_RECEIVER_H
+
+#include <e32base.h>
+#include <in_sock.h>
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+
+/**
+ * Receiver callback interface.
+ *
+ * Callback interface for informing that data has been received or error
+ * has occured.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( MReceiverCallback )
+ {
+public:
+ /**
+ * Notifies that data has been received. Receiving is continued
+ * automatically.
+ *
+ * @param aUdpData Received UDP data. Ownership transferred.
+ * @param aSrcAddr Source address
+ * @param aLocalPort Local port
+ */
+ virtual void DataReceived( HBufC8* aUdpData,
+ const TInetAddr& aSrcAddr,
+ const TInt aLocalPort ) = 0;
+
+ /**
+ * Notifies about receive error. Receiving has been stopped.
+ *
+ * @param aStatus Error status
+ */
+ virtual void ReceiveError( const TInt aStatus ) = 0;
+ };
+
+/**
+ * Receiver of UDP data.
+ *
+ * This class provides functionality for receiving UDP data from specified
+ * socket (RSocket). Notification that data has been received and unhandled
+ * errors in receiving are notified via MReceiverCallback callback interface.
+ * Received data will be ignored, if data does not correspond to specified
+ * IKE major version.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( CReceiver ) : private CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aSocket Socket which is used for receiving
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CReceiver* NewL( RSocket& aSocket,
+ MReceiverCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CReceiver();
+
+ /**
+ * Sets IKE major version.
+ *
+ * @param aIkeMajorVersion IKE major version
+ */
+ void SetIkeMajorVersion( const IkeSocket::TIkeMajorVersion aIkeMajorVersion );
+
+ /**
+ * Starts receiving UDP data. Notification that data has been received or
+ * notification about unhandled errors will be done via MReceiverCallback
+ * callback interface.
+ *
+ * IKE major version must be set before receiving is started. Received data
+ * will be ignored, if data does not correspond to specified IKE major
+ * version.
+ */
+ void Receive();
+
+ /**
+ * Cancels receiving.
+ */
+ void CancelReceive();
+
+private:
+
+ enum TReceiverState
+ {
+ EIdle, // Idle
+ EWaitingData, // Waiting data to become available for reading
+ EReceiving // Receiving data
+ };
+
+ CReceiver( RSocket& aSocket,
+ MReceiverCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+ /**
+ * Waits for data to become available for reading.
+ */
+ void WaitDataAvailable();
+
+ /**
+ * Receives data from socket.
+ */
+ void ReceiveDataL();
+
+ /**
+ * Handles received data.
+ */
+ void HandleDataReceivedL();
+
+ /**
+ * Handles error in receiving.
+ */
+ void HandleError( const TInt aStatus );
+
+ /**
+ * Notifies client that data has been received.
+ */
+ void NotifyDataReceived();
+
+
+// from base class CActive
+
+ /**
+ * From CActive.
+ * Handles a leave occurring in RunL().
+ *
+ * @param aError The leave code
+ */
+ TInt RunError( TInt aError );
+
+ /**
+ * From CActive.
+ * Handles an active object's request completion event about available data
+ * or received data.
+ */
+ void RunL();
+
+ /**
+ * From CActive.
+ * Implements cancellation of an active request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * Receiver state.
+ * Own.
+ */
+ TReceiverState iState;
+
+ /**
+ * Message data.
+ * Own.
+ */
+ HBufC8* iMsg;
+
+ /**
+ * Message pointer.
+ * Own.
+ */
+ TPtr8 iMsgPtr;
+
+ /**
+ * Flags for Ioctl command.
+ * Own.
+ */
+ TPckgBuf< TUint > iFlags;
+
+ /**
+ * Source address.
+ * Own.
+ */
+ TInetAddr iSrcAddr;
+
+ /**
+ * IKE major version.
+ * Own.
+ */
+ TUint iIkeMajorVersion;
+
+ /**
+ * Socket.
+ * Not own.
+ */
+ RSocket& iSocket;
+
+ /**
+ * Callback for completing receiving.
+ * Not own.
+ */
+ MReceiverCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_RECEIVER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/inc/sender.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,161 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender for UDP data
+*
+*/
+
+
+#ifndef C_SENDER_H
+#define C_SENDER_H
+
+#include <e32base.h>
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+
+class MIkeDebug;
+
+/**
+ * Sender callback interface.
+ *
+ * Callback interface for informing completion of sending.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( MSenderCallback )
+ {
+public:
+ /**
+ * Notifies about completed sending.
+ *
+ * @param aStatus Completion status
+ */
+ virtual void SendCompleted( const TInt aStatus ) = 0;
+ };
+
+/**
+ * Sender of UDP data.
+ *
+ * This class provides functionality for sending UDP data. Completion of
+ * sending is notified via MSenderCallback callback interface.
+ *
+ * @lib ikesocket.lib
+ */
+NONSHARABLE_CLASS( CSender ) : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aSocket Socket for local port 500
+ * @param aSocketNAT Socket for local port 4500
+ * @param aSocketNokiaNAT Socket for Nokia NAT port
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CSender* NewL( RSocket& aSocket,
+ RSocket& aSocketNAT,
+ RSocket& aSocketNokiaNAT,
+ MSenderCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CSender();
+
+ /**
+ * Sends UDP data.
+ *
+ * @param aLocalPort Local port
+ * @param aDestAddr Destination IP address/port
+ * @param aUdpData UDP data
+ * @param aDscp DSCP value
+ * @return Error value
+ */
+ TInt SendUdpData( const TInt aLocalPort,
+ const TInetAddr& aDestAddr,
+ const TDesC8& aUdpData,
+ const TUint aDscp );
+
+// from base class CActive
+
+ /**
+ * From CActive.
+ * Handles an active object's request completion event about sending.
+ */
+ void RunL();
+
+ /**
+ * From CActive.
+ * Implements cancellation of sending.
+ */
+ void DoCancel();
+
+private:
+
+ CSender( RSocket& aSocket,
+ RSocket& aSocketNAT,
+ RSocket& aSocketNokiaNAT,
+ MSenderCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+
+private: // data
+
+ /**
+ * Socket for port 500.
+ * Not own.
+ */
+ RSocket& iSocket;
+
+ /**
+ * Socket for port 4500.
+ * Not own.
+ */
+ RSocket& iSocketNAT;
+
+ /**
+ * Socket for Nokia NAT port.
+ * Not own.
+ */
+ RSocket& iSocketNokiaNAT;
+
+ /**
+ * Local port used for sending.
+ * Own.
+ */
+ TInt iLocalPort;
+
+ /**
+ * Destination address used for sending.
+ * Own.
+ */
+ TInetAddr iDestAddr;
+
+ /**
+ * Sender callback for completing sending.
+ * Not own.
+ */
+ MSenderCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_SENDER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/rom/ikesocket.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project ikesocket
+*
+*/
+
+
+
+#ifndef __IKESOCKET_IBY__
+#define __IKESOCKET_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKESOCKET not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikesocket.dll SHARED_LIB_DIR\ikesocket.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/connobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,124 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Link connection status observer
+*
+*/
+
+
+// INCLUDE FILES
+#include "connobserver.h"
+#include "ikedebug.h"
+#include "ikesocketassert.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CConnObserver* CConnObserver::NewL( RConnection& aConnection,
+ MConnObserverCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CConnObserver* self = new (ELeave) CConnObserver( aConnection,
+ aCallback,
+ aDebug );
+
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CConnObserver::~CConnObserver()
+ {
+ DEBUG_LOG( _L("CConnObserver::~CConnObserver") );
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Requests notification about link disconnection.
+// ---------------------------------------------------------------------------
+//
+void CConnObserver::NotifyDisconnect()
+ {
+ IKESOCKET_ASSERT( !IsActive() );
+
+ iConnection.ProgressNotification( iProgressBuf,
+ iStatus,
+ KLinkLayerClosed );
+ DEBUG_LOG( _L("RConnection::ProgressNotification() started") );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels link disconnection notification request.
+// ---------------------------------------------------------------------------
+//
+void CConnObserver::CancelNotify()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CConnObserver::CConnObserver( RConnection& aConnection,
+ MConnObserverCallback& aCallback,
+ MIkeDebug& aDebug )
+ :CActive(EPriorityStandard),
+ iConnection( aConnection ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add(this); //Added to the Active Scheduler
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CConnObserver::ConstructL()
+ {
+ DEBUG_LOG( _L("CConnObserver::ConstructL") );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of progress notification.
+// ---------------------------------------------------------------------------
+//
+void CConnObserver::RunL()
+ {
+ DEBUG_LOG1( _L("CConnObserver::RunL(), iStatus=%d"), iStatus.Int() );
+ iCallback.LinkDisconnected( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Cancels progress notification.
+// ---------------------------------------------------------------------------
+//
+void CConnObserver::DoCancel()
+ {
+ iConnection.CancelProgressNotification();
+ DEBUG_LOG( _L("RConnection::CancelProgressNotification() called") );
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/datatransfer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,577 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Data transfer functionality
+*
+*/
+
+
+#include "datatransfer.h"
+#include "ikemsgheader.h"
+#include "ikev2const.h"
+#include "localaddressresolver.h"
+#include "ikedebug.h"
+#include "ikesocketassert.h"
+
+using namespace IkeSocket;
+
+const TInt KReceiveQueueMaxCount( 10 );
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CDataTransfer* CDataTransfer::NewL( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ CLocalAddressResolver& aLocalAddressResolver,
+ MDataTransferCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CDataTransfer* self = new (ELeave) CDataTransfer( aSocketServer,
+ aConnection,
+ aLocalAddressResolver,
+ aCallback,
+ aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CDataTransfer::~CDataTransfer()
+ {
+ DEBUG_LOG( _L("CDataTransfer::~CDataTransfer") );
+
+ CloseSockets();
+ iReceiveQueue.Close();
+
+ delete iSender;
+ delete iReceiver;
+ delete iReceiverNAT;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CDataTransfer::CDataTransfer( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ CLocalAddressResolver& aLocalAddressResolver,
+ MDataTransferCallback& aCallback,
+ MIkeDebug& aDebug )
+ : iSocketServer( aSocketServer ),
+ iConnection( aConnection ),
+ iLocalNokiaNATPort( 0 ),
+ iLocalAddressResolver( aLocalAddressResolver ),
+ iErrorCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::ConstructL()
+ {
+ DEBUG_LOG( _L("CDataTransfer::ConstructL") );
+
+ iSender = CSender::NewL( iSocket,
+ iSocketNAT,
+ iSocketNokiaNAT,
+ *this,
+ iDebug );
+ iReceiver = CReceiver::NewL( iSocket,
+ *this,
+ iDebug );
+
+ iReceiverNAT = CReceiver::NewL( iSocketNAT,
+ *this,
+ iDebug );
+ }
+
+// ---------------------------------------------------------------------------
+// Sets IKE major version to receivers.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::SetIkeMajorVersion( const TIkeMajorVersion aIkeMajorVersion )
+ {
+ IKESOCKET_ASSERT( iReceiver );
+ IKESOCKET_ASSERT( iReceiverNAT );
+
+ iReceiver->SetIkeMajorVersion( aIkeMajorVersion );
+ iReceiverNAT->SetIkeMajorVersion( aIkeMajorVersion );
+ }
+
+// ---------------------------------------------------------------------------
+// Sets IP version.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::SetIpVersion( const IkeSocket::TIpVersion aIpVersion )
+ {
+ iIpVersion = aIpVersion;
+ }
+
+// ---------------------------------------------------------------------------
+// Opens sockets and binds sockets for ports 500 and 4500.
+// ---------------------------------------------------------------------------
+//
+TInt CDataTransfer::OpenSockets( const TInetAddr& aLocalIp )
+ {
+ IKESOCKET_ASSERT( !iSocketsOpen );
+
+ // Open sockets
+ TInt err = OpenSocket( iSocket );
+
+ if ( err == KErrNone )
+ {
+ err = OpenSocket( iSocketNAT );
+
+ if ( err == KErrNone )
+ {
+ err = OpenSocket( iSocketNokiaNAT );
+ }
+ }
+
+ // Bind sockets for ports 500 and 4500
+ if ( err == KErrNone )
+ {
+ err = BindSocket( iSocket, aLocalIp, KIkePort500 );
+
+ if ( err == KErrNone )
+ {
+ err = BindSocket( iSocketNAT, aLocalIp, KIkePort4500 );
+ }
+ }
+
+ if ( err == KErrNone )
+ {
+ iSocketsOpen = ETrue;
+ }
+ else
+ {
+ // Close sockets if error
+ iSocket.Close();
+ iSocketNAT.Close();
+ iSocketNokiaNAT.Close();
+ iSocketsOpen = EFalse;
+ }
+
+ DEBUG_LOG1( _L("CDataTransfer::OpenSockets, err=%d"), err );
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// Closes sockets.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CloseSockets()
+ {
+ DEBUG_LOG1( _L("CDataTransfer::CloseSockets, sockets open=%d"),
+ iSocketsOpen );
+
+ if ( iSocketsOpen )
+ {
+ // Cancel send and receive.
+ DoCancelSend( KErrDisconnected );
+ DoCancelReceive( KErrDisconnected );
+
+ // Stop receiving.
+ StopReceive();
+
+ // Close sockets.
+ iSocket.Close();
+ iSocketNAT.Close();
+ iSocketNokiaNAT.Close();
+
+ iSocketsOpen = EFalse;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Sends UDP data.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::SendUdpData( const TInt aLocalPort,
+ const TInetAddr& aDestAddr,
+ const TDesC8& aUdpData,
+ const TUint aDscp,
+ TRequestStatus& aStatus )
+ {
+ TInt err( KErrNone );
+
+ IKESOCKET_ASSERT( iClientStatusSend == NULL );
+ IKESOCKET_ASSERT( iSender );
+
+ iClientStatusSend = &aStatus;
+ *iClientStatusSend = KRequestPending;
+
+ if ( !iSocketsOpen )
+ {
+ err = KErrDisconnected;
+ }
+
+ if ( err == KErrNone )
+ {
+ if ( ( aLocalPort != KIkePort500 ) &&
+ ( aLocalPort != KIkePort4500 ) )
+ {
+ // Nokia NAT keepalive packet.
+ if ( aLocalPort == aDestAddr.Port() )
+ {
+ if ( iLocalNokiaNATPort == 0 )
+ {
+ // Set Nokia NAT Port if not set.
+ err = iSocketNokiaNAT.SetLocalPort( aLocalPort );
+
+ if ( err == KErrNone )
+ {
+ iLocalNokiaNATPort = aLocalPort;
+ }
+ }
+ else if ( iLocalNokiaNATPort != aLocalPort )
+ {
+ // Nokia NAT port cannot be changed
+ // during connection.
+ err = KErrArgument;
+ }
+ else
+ {
+ err = KErrNone;
+ }
+ }
+ else
+ {
+ // Local port does not match destination port.
+ err = KErrArgument;
+ }
+ }
+ }
+
+ if ( err == KErrNone )
+ {
+ err = iSender->SendUdpData( aLocalPort,
+ aDestAddr,
+ aUdpData,
+ aDscp );
+ }
+
+ if ( err )
+ {
+ CompleteSendToClient( err );
+ }
+ }
+
+
+// ---------------------------------------------------------------------------
+// Cancels sending.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CancelSend()
+ {
+ DoCancelSend();
+ }
+
+// ---------------------------------------------------------------------------
+// Receives UDP data.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::ReceiveUdpData( HBufC8*& aUdpData,
+ TInetAddr& aSrcAddr,
+ TInt& aLocalPort,
+ TRequestStatus& aStatus )
+ {
+ IKESOCKET_ASSERT( iClientStatusReceive == NULL );
+ IKESOCKET_ASSERT( iClientMsgReceive == NULL );
+ IKESOCKET_ASSERT( iClientSrcAddrReceive == NULL );
+ IKESOCKET_ASSERT( iClientLocalPort == NULL );
+
+ // Store client data.
+ iClientStatusReceive = &aStatus;
+ *iClientStatusReceive = KRequestPending;
+ iClientMsgReceive = &aUdpData;
+ iClientSrcAddrReceive = &aSrcAddr;
+ iClientLocalPort = &aLocalPort;
+
+ if ( !iSocketsOpen )
+ {
+ CompleteReceiveToClient( KErrDisconnected );
+ return;
+ }
+
+ iReceivingStopped = EFalse;
+
+ TInt count = iReceiveQueue.Count();
+ if ( count < KReceiveQueueMaxCount )
+ {
+ ReceiveData();
+ }
+
+ if ( count )
+ {
+ // Data is already available.
+ CompleteReceiveToClient( KErrNone );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels receive request.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CancelReceive()
+ {
+ if ( iClientStatusReceive )
+ {
+ CompleteReceiveToClient( KErrCancel );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Clears available data.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::ClearReceivedData()
+ {
+ DEBUG_LOG( _L("CDataTransfer::ClearReceivedData") );
+
+ CleanupReceiveQueue();
+ ReceiveData();
+ }
+
+// ---------------------------------------------------------------------------
+// Stops receiving. Available data is cleared.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::StopReceive()
+ {
+ DEBUG_LOG( _L("CDataTransfer::StopReceive") );
+
+ CleanupReceiveQueue();
+ DoCancelReceive( KErrCancel );
+ iReceivingStopped = ETrue;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local IP address.
+// ---------------------------------------------------------------------------
+//
+TInt CDataTransfer::GetLocalAddress( TInetAddr& aLocalIp )
+ {
+ IKESOCKET_ASSERT( iIpVersion == EIPv4 || iIpVersion == EIPv6 );
+ return iLocalAddressResolver.GetLocalAddress( iIpVersion, aLocalIp );
+ }
+
+// ---------------------------------------------------------------------------
+// Notification about completed send from sender.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::SendCompleted( const TInt aStatus )
+ {
+ CompleteSendToClient( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Notification that data has been received.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::DataReceived( HBufC8* aUdpData,
+ const TInetAddr& aSrcAddr,
+ const TInt aLocalPort )
+ {
+ // Store message to receive queue.
+ TReceiveQueueItem item( aUdpData, // Ownership transferred.
+ aSrcAddr,
+ aLocalPort );
+ TInt err = iReceiveQueue.Append( item );
+
+ if ( iReceiveQueue.Count() >= KReceiveQueueMaxCount )
+ {
+ // Queue is full. Cancel receiving.
+ iReceiver->CancelReceive();
+ iReceiverNAT->CancelReceive();
+ }
+
+ if ( iClientStatusReceive )
+ {
+ CompleteReceiveToClient( KErrNone );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Notification about receive error.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::ReceiveError( const TInt aStatus )
+ {
+ if ( iClientStatusReceive )
+ {
+ CompleteReceiveToClient( aStatus );
+ }
+
+ StopReceive();
+
+ iErrorCallback.DataTransferError( aStatus,
+ MDataTransferCallback::EReceiveError );
+ }
+
+// ---------------------------------------------------------------------------
+// Opens socket.
+// ---------------------------------------------------------------------------
+//
+TInt CDataTransfer::OpenSocket( RSocket& aSocket )
+ {
+ TInt err = aSocket.Open( iSocketServer,
+ KAfInet,
+ KSockDatagram,
+ KProtocolInetUdp,
+ iConnection );
+ if ( err == KErrNone )
+ {
+ // Enable multiple binds to same port
+ err = aSocket.SetOpt( KSoReuseAddr, KSolInetIp, 1 );
+ }
+
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// Binds socket.
+// ---------------------------------------------------------------------------
+//
+TInt CDataTransfer::BindSocket( RSocket& aSocket,
+ const TInetAddr& aLocalIp,
+ const TInt aLocalPort )
+ {
+ TInt err( KErrNone );
+ TInetAddr localAddr( aLocalIp );
+
+ localAddr.SetPort( aLocalPort );
+ err = aSocket.Bind( localAddr );
+
+#ifdef _DEBUG
+ TBuf<100> txt_addr;
+ aLocalIp.Output( txt_addr );
+ DEBUG_LOG3( _L("Bind socket, address:port=%S:%d, err=%d"),
+ &txt_addr, aLocalPort, err );
+#endif
+
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels sending.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::DoCancelSend( const TInt aCompletionStatus )
+ {
+ iSender->Cancel();
+
+ if ( iClientStatusSend )
+ {
+ CompleteSendToClient( aCompletionStatus );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels receiving.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::DoCancelReceive( const TInt aCompletionStatus )
+ {
+ iReceiver->CancelReceive();
+ iReceiverNAT->CancelReceive();
+
+ if ( iClientStatusReceive )
+ {
+ CompleteReceiveToClient( aCompletionStatus );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Completes send to client.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CompleteSendToClient( const TInt aStatus )
+ {
+ IKESOCKET_ASSERT( iClientStatusSend );
+
+ User::RequestComplete( iClientStatusSend, aStatus );
+ iClientStatusSend = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Completes receive to client.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CompleteReceiveToClient( const TInt aStatus )
+ {
+ IKESOCKET_ASSERT( iClientStatusReceive );
+ IKESOCKET_ASSERT( iClientMsgReceive );
+ IKESOCKET_ASSERT( iClientSrcAddrReceive );
+ IKESOCKET_ASSERT( iClientLocalPort );
+
+ TInt count = iReceiveQueue.Count();
+
+ if ( ( aStatus == KErrNone ) && count )
+ {
+ // Get oldest item from receive queue.
+ TReceiveQueueItem item = iReceiveQueue[0];
+ iReceiveQueue.Remove( 0 );
+ *iClientMsgReceive = item.UdpData(); // Transfer ownership.
+ *iClientSrcAddrReceive = item.SrcAddr();
+ *iClientLocalPort = item.LocalPort();
+
+ // Need to receive more data if queue was full.
+ ReceiveData();
+ }
+
+ // Complete receive.
+ User::RequestComplete( iClientStatusReceive, aStatus );
+ iClientStatusReceive = NULL;
+ iClientMsgReceive = NULL;
+ iClientSrcAddrReceive = NULL;
+ iClientLocalPort = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Receives more data if receiving not requested to be stopped.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::ReceiveData()
+ {
+ if ( !iReceivingStopped )
+ {
+ iReceiver->Receive();
+ iReceiverNAT->Receive();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cleans up data from receive queue.
+// ---------------------------------------------------------------------------
+//
+void CDataTransfer::CleanupReceiveQueue()
+ {
+ while ( iReceiveQueue.Count() )
+ {
+ delete iReceiveQueue[0].UdpData();
+ iReceiveQueue.Remove( 0 );
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/ikeconnection.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,551 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE socket connection
+*
+*/
+
+
+#include "ikeconnection.h"
+#include "datatransfer.h"
+#include "localaddressresolver.h"
+#include "ikedebug.h"
+#include "ikesocketassert.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkeConnection* CIkeConnection::NewL( MIkeDebug& aDebug )
+ {
+ CIkeConnection* self = new (ELeave) CIkeConnection( aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkeConnection::~CIkeConnection()
+ {
+ DEBUG_LOG1( _L("CIkeConnection::~CIkeConnection this=0x%x"), this );
+
+ if ( iDataTransfer )
+ {
+ iDataTransfer->CloseSockets();
+ }
+
+ DoCancelResolveFQDNAddress();
+ DoCancelStartConnection();
+
+ delete iLocalAddressResolver;
+ delete iDataTransfer;
+ delete iLinkObserver;
+
+ iConnection.Close();
+ iSocketServer.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkeConnection::CIkeConnection( MIkeDebug& aDebug )
+ : CIkeConnectionInterface( EPriorityStandard ),
+ iState( EIdle ),
+ iExtendedPrefs(),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this ); // Added to the Active Scheduler
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::ConstructL()
+ {
+ DEBUG_LOG1( _L("CIkeConnection::ConstructL, this=0x%x"), this );
+
+ User::LeaveIfError( iSocketServer.Connect() );
+ iLocalAddressResolver = CLocalAddressResolver::NewL( iSocketServer,
+ iConnection,
+ iDebug );
+ iDataTransfer = CDataTransfer::NewL( iSocketServer,
+ iConnection,
+ *iLocalAddressResolver,
+ *this,
+ iDebug );
+ iLinkObserver = CConnObserver::NewL( iConnection,
+ *this,
+ iDebug );
+ }
+
+// ---------------------------------------------------------------------------
+// Opens data interface.
+// ---------------------------------------------------------------------------
+//
+MIkeDataInterface& CIkeConnection::OpenDataInterfaceL( const TIkeMajorVersion aIkeMajorVersion,
+ const TIpVersion aIpVersion )
+ {
+ IKESOCKET_ASSERT( aIpVersion == EIPv4 || aIpVersion == EIPv6 );
+ DEBUG_LOG2( _L("CIkeConnection::OpenDataInterfaceL, IKE version=%d, IP version=%d"),
+ aIkeMajorVersion, aIpVersion );
+
+ // Store IP version.
+ iIpVersion = aIpVersion;
+
+ // Get local IP address.
+ User::LeaveIfError( iLocalAddressResolver->RefreshLocalAddresses() );
+ TBool hasIPAddr = iLocalAddressResolver->HasIPAddr( aIpVersion );
+ if ( !hasIPAddr )
+ {
+ User::Leave( KErrNotFound );
+ }
+ TInetAddr localIp = iLocalAddressResolver->IPAddr( aIpVersion );
+
+ // Open sockets.
+ User::LeaveIfError( iDataTransfer->OpenSockets( localIp ) );
+
+ // Set IKE major version.
+ iDataTransfer->SetIkeMajorVersion( aIkeMajorVersion );
+
+ // Set IP version
+ iDataTransfer->SetIpVersion( aIpVersion );
+
+ DEBUG_LOG( _L("Data interface open.") );
+
+ // Return data interface.
+ return *iDataTransfer;
+ }
+
+// ---------------------------------------------------------------------------
+// Starts connection.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::StartConnection( const TUint32 aIapId,
+ const TUint32 aSnapId,
+ TRequestStatus& aStatus,
+ const TBool aForcedRoaming )
+ {
+ IKESOCKET_ASSERT( iState == EIdle );
+ IKESOCKET_ASSERT( iClientStatus == NULL );
+
+ DEBUG_LOG3( _L("CIkeConnection::StartConnection, IAP id=%d, SNAP id=%d, forced roaming=%d"),
+ aIapId, aSnapId, aForcedRoaming );
+
+ iState = EConnecting;
+
+ iClientStatus = &aStatus;
+ *iClientStatus = KRequestPending;
+ iIapId = aIapId;
+ iSnapId = aSnapId;
+
+ TInt err( iConnection.Open( iSocketServer ) );
+
+ if ( err == KErrNone )
+ {
+ // Start connection.
+ if ( iSnapId ) // SNAP
+ {
+ TRAP( err, CreateSnapPreferencesL( iSnapId,
+ aForcedRoaming ) );
+ if ( err == KErrNone )
+ {
+ iConnection.Start( iConnPrefList, iStatus );
+ }
+ }
+ else // IAP
+ {
+ // Create preference overrides.
+ iPrefs.SetDialogPreference( ECommDbDialogPrefDoNotPrompt );
+ iPrefs.SetIapId( iIapId );
+ iConnection.Start( iPrefs, iStatus );
+ }
+ }
+
+ if ( err != KErrNone )
+ {
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+
+ User::RequestComplete( ownStatus, err );
+ return;
+ }
+
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels connection starting.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::CancelStartConnection()
+ {
+ DEBUG_LOG( _L("CIkeConnection::CancelStartConnection") );
+
+ DoCancelStartConnection();
+ }
+
+// ---------------------------------------------------------------------------
+// Stops connection.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::StopConnection()
+ {
+ IKESOCKET_ASSERT( iLinkObserver );
+ IKESOCKET_ASSERT( iDataTransfer );
+
+ DEBUG_LOG( _L("CIkeConnection::StopConnection") );
+
+ iLinkObserver->CancelNotify();
+
+ CancelResolveFQDNAddress();
+ CancelStartConnection();
+
+ iDataTransfer->CloseSockets();
+ iConnection.Close();
+
+ iState = EIdle;
+ }
+
+// ---------------------------------------------------------------------------
+// Resolves FQDN address.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::ResolveFQDNAddress( const TDesC& aFQDN,
+ TNameEntry& aNameEntry,
+ TRequestStatus& aStatus )
+ {
+ IKESOCKET_ASSERT( iState == EConnected );
+ DEBUG_LOG1( _L("CIkeConnection::ResolveAddress, aFQDN=%S"), &aFQDN );
+
+ iState = EResolvingFQDN;
+
+ iClientStatus = &aStatus;
+ *iClientStatus = KRequestPending;
+
+ TInt err = iResolver.Open( iSocketServer,
+ KAfInet,
+ KProtocolInetUdp,
+ iConnection );
+
+ if ( err )
+ {
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+
+ User::RequestComplete( ownStatus, err );
+ return;
+ }
+
+ iResolver.GetByName( aFQDN, aNameEntry, iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::CancelResolveFQDNAddress()
+ {
+ DEBUG_LOG( _L("CIkeConnection::CancelResolveFQDNAddress") );
+
+ DoCancelResolveFQDNAddress();
+ }
+
+// ---------------------------------------------------------------------------
+// Request notification about disconnection.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::NotifyDisconnect( TRequestStatus& aStatus )
+ {
+ IKESOCKET_ASSERT( iClientStatusNotifyDisconnect == NULL );
+ DEBUG_LOG( _L("CIkeConnection::NotifyDisconnect") );
+
+ iClientStatusNotifyDisconnect = &aStatus;
+ *iClientStatusNotifyDisconnect = KRequestPending;
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels disconnect notification request.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::CancelNotifyDisconnect()
+ {
+ IKESOCKET_ASSERT( iClientStatusNotifyDisconnect );
+ DEBUG_LOG( _L("CIkeConnection::CancelNotifyDisconnect") );
+
+ User::RequestComplete( iClientStatusNotifyDisconnect, KErrCancel );
+ iClientStatusNotifyDisconnect = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns IAP id.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkeConnection::IapId() const
+ {
+ return iIapId;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns Net id.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkeConnection::NetId() const
+ {
+ return iNetId;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns SNAP id.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkeConnection::SnapId() const
+ {
+ return iSnapId;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local IP address.
+// ---------------------------------------------------------------------------
+//
+TInt CIkeConnection::GetLocalAddress( const TIpVersion aIpVersion,
+ TInetAddr& aLocalIp )
+ {
+ IKESOCKET_ASSERT( aIpVersion == EIPv4 || aIpVersion == EIPv6 );
+ return iLocalAddressResolver->GetLocalAddress( aIpVersion, aLocalIp );
+ }
+
+// ---------------------------------------------------------------------------
+// Creates connection preferences for SNAP usage. Connection preferences
+// list is constructed.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::CreateSnapPreferencesL( const TUint32 aSnapId,
+ const TBool aForcedRoaming )
+ {
+ CleanSnapPreferences();
+
+ iExtendedPrefs.SetSnapId( aSnapId );
+ iExtendedPrefs.SetForcedRoaming( aForcedRoaming );
+
+ iConnPrefList.AppendL( &iExtendedPrefs );
+ }
+
+// ---------------------------------------------------------------------------
+// Cleans connection preferences created for SNAP usage.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::CleanSnapPreferences()
+ {
+ while( iConnPrefList.Count() > 0 )
+ {
+ iConnPrefList.Remove( 0 );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Updates IAP id and NET id.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::UpdateRealIapData()
+ {
+ _LIT( KIapId, "IAP\\Id" );
+ _LIT( KNetId, "IAP\\IAPNetwork" );
+
+ iConnection.GetIntSetting( KIapId, iIapId );
+ iConnection.GetIntSetting( KNetId, iNetId );
+
+ DEBUG_LOG2( _L("CIkeConnection::UpdateRealIapData, IAP id=%d, NET id=%d"),
+ iIapId, iNetId );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of asynchronous request in EConnecting state.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DoStateAfterConnecting()
+ {
+ IKESOCKET_ASSERT( iLinkObserver );
+ IKESOCKET_ASSERT( iState == EConnecting );
+
+ CleanSnapPreferences();
+
+ TInt err( iStatus.Int() );
+
+ if ( err == KErrNone )
+ {
+ // Update IAP and Net ids.
+ UpdateRealIapData();
+
+ // Start observing when link is disconnected.
+ iLinkObserver->NotifyDisconnect();
+
+ iState = EConnected;
+ }
+ else
+ {
+ iConnection.Close();
+ iState = EIdle;
+ }
+
+ User::RequestComplete( iClientStatus, err );
+ iClientStatus = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of asynchronous request in EResolvingFQDN state.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DoStateAfterResolvingFQDN()
+ {
+ IKESOCKET_ASSERT( iState == EResolvingFQDN );
+
+ // Back to connected state.
+ iState = EConnected;
+ iResolver.Close();
+
+ User::RequestComplete( iClientStatus, iStatus.Int() );
+ iClientStatus = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Implements cancellation of connection starting.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DoCancelStartConnection()
+ {
+ if ( iState == EConnecting )
+ {
+ IKESOCKET_ASSERT( iClientStatus );
+
+ Cancel();
+
+ iState = EIdle;
+ iConnection.Close();
+
+ CleanSnapPreferences();
+
+ User::RequestComplete( iClientStatus, KErrCancel );
+ iClientStatus = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Implements cancellation of FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DoCancelResolveFQDNAddress()
+ {
+ if ( iState == EResolvingFQDN )
+ {
+ IKESOCKET_ASSERT( iClientStatus );
+
+ Cancel();
+
+ iState = EConnected;
+ iResolver.Close();
+
+ User::RequestComplete( iClientStatus, KErrCancel );
+ iClientStatus = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Handles request completion event about asynchronous connection starting or
+// FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::RunL()
+ {
+ DEBUG_LOG2( _L("CIkeConnection::RunL, iState=%d, iStatus=%d"),
+ iState, iStatus.Int() );
+
+ switch ( iState )
+ {
+ case EConnecting:
+ DoStateAfterConnecting();
+ break;
+ case EResolvingFQDN:
+ DoStateAfterResolvingFQDN();
+ break;
+ default:
+ IKESOCKET_ASSERT( EFalse );
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Implements cancellation of asynchronous connection starting or FQDN address
+// resolving.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DoCancel()
+ {
+ DEBUG_LOG1( _L("CIkeConnection::DoCancel, iState=%d"),
+ iState );
+
+ switch ( iState )
+ {
+ case EConnecting:
+ iConnection.Stop();
+ break;
+ case EResolvingFQDN:
+ iResolver.Cancel();
+ break;
+ default:
+ IKESOCKET_ASSERT( EFalse );
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles notifcation about fatal data transfer error.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::DataTransferError( const TInt aError,
+ const TErrorType /*aErrorType*/ )
+ {
+ DEBUG_LOG1( _L("CIkeConnection::DataTransferError, aError=%d"),
+ aError );
+
+ // Disconnect link and notify client about disconnection.
+ LinkDisconnected( aError );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles notifcation about link disconnection.
+// ---------------------------------------------------------------------------
+//
+void CIkeConnection::LinkDisconnected( const TInt aStatus )
+ {
+ // Stop connection.
+ StopConnection();
+
+ if ( iClientStatusNotifyDisconnect )
+ {
+ User::RequestComplete( iClientStatusNotifyDisconnect, aStatus );
+ iClientStatusNotifyDisconnect = NULL;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/ikeconnectioninterface.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE socket connection interface
+*
+*/
+
+
+#include <e32base.h>
+#include "ikeconnectioninterface.h"
+#include "ikeconnection.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+EXPORT_C CIkeConnectionInterface* CIkeConnectionInterface::NewL( MIkeDebug& aDebug )
+ {
+ return CIkeConnection::NewL( aDebug );
+ }
+
+CIkeConnectionInterface::~CIkeConnectionInterface()
+ {
+ }
+
+CIkeConnectionInterface::CIkeConnectionInterface( TInt aPriority )
+ : CActive( aPriority )
+ {
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/localaddressresolver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,299 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Local address resolver
+*
+*/
+
+
+// INCLUDE FILES
+#include "localaddressresolver.h"
+#include "ikedebug.h"
+#include "ikesocketassert.h"
+
+using namespace IkeSocket;
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CLocalAddressResolver* CLocalAddressResolver::NewL( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ MIkeDebug& aDebug )
+ {
+ CLocalAddressResolver* self =
+ new ( ELeave ) CLocalAddressResolver( aSocketServer,
+ aConnection,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor
+// ---------------------------------------------------------------------------
+//
+CLocalAddressResolver::~CLocalAddressResolver()
+ {
+ DEBUG_LOG( _L("CLocalAddressResolver::~CLocalAddressResolver") );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor
+// ---------------------------------------------------------------------------
+//
+CLocalAddressResolver::CLocalAddressResolver( RSocketServ& aSocketServer,
+ RConnection& aConnection,
+ MIkeDebug& aDebug )
+ : iSocketServer( aSocketServer ),
+ iConnection( aConnection ),
+ iDebug( aDebug )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CLocalAddressResolver::ConstructL()
+ {
+ DEBUG_LOG( _L("CLocalAddressResolver::ConstructL") );
+ }
+
+// ---------------------------------------------------------------------------
+// Return information whether local IP address has been resolved or not.
+// ---------------------------------------------------------------------------
+//
+TBool CLocalAddressResolver::HasIPAddr( const TIpVersion aIpVersion ) const
+ {
+ IKESOCKET_ASSERT( aIpVersion == EIPv4 || aIpVersion == EIPv6 );
+
+ TBool hasIPAddr( EFalse );
+
+ if ( aIpVersion == EIPv4 &&
+ !iIPv4Addr.IsUnspecified() )
+ {
+ hasIPAddr = ETrue;
+ }
+ else if ( aIpVersion == EIPv6 &&
+ !iIPv6Addr.IsUnspecified() )
+ {
+ hasIPAddr = ETrue;
+ }
+ return hasIPAddr;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns local IP address.
+// ---------------------------------------------------------------------------
+//
+const TInetAddr& CLocalAddressResolver::IPAddr( const TIpVersion aIpVersion ) const
+ {
+ IKESOCKET_ASSERT( aIpVersion == EIPv4 || aIpVersion == EIPv6 );
+
+ if ( aIpVersion == EIPv4)
+ {
+ return iIPv4Addr;
+ }
+
+ return iIPv6Addr;
+ }
+
+// ---------------------------------------------------------------------------
+// Refreshes local IP addresses for the connection
+// ---------------------------------------------------------------------------
+//
+TInt CLocalAddressResolver::RefreshLocalAddresses()
+ {
+ // Get IAP Id of the connection
+ _LIT( KIapId, "IAP\\Id" );
+ TInt ret = iConnection.GetIntSetting( KIapId, iIapId ) ;
+
+ if ( ret == KErrNone )
+ {
+ RSocket socket;
+ ret = socket.Open( iSocketServer,
+ KAfInet,
+ KSockDatagram,
+ KProtocolInetUdp,
+ iConnection );
+
+ // Initialize IP addresses
+ iIPv4Addr.Init( KAfInet );
+ iIPv6Addr.Init( KAfInet );
+
+ if ( ret == KErrNone )
+ {
+ // Begin enumeration of network interfaces.
+ TInt err = socket.SetOpt( KSoInetEnumInterfaces,
+ KSolInetIfCtrl );
+ if ( err == KErrNone )
+ {
+ // Return details of the first interface in the enumeration.
+ TPckgBuf<TSoInetInterfaceInfo> details;
+ err = socket.GetOpt( KSoInetNextInterface,
+ KSolInetIfCtrl,
+ details );
+
+ while ( err == KErrNone )
+ {
+ // Query IAP for the interface.
+ TPckgBuf<TSoInetIfQuery> query;
+ query().iName = details().iName;
+ err = socket.GetOpt( KSoInetIfQueryByName,
+ KSolInetIfQuery,
+ query );
+
+ if ( err == KErrNone )
+ {
+ // Match information of the interface with the
+ // connection.
+ if ( Match( details(), query() ) )
+ {
+ // Match found. Set local IP address if not yet
+ // set.
+ SetAddressIfNotSet( details().iAddress );
+ }
+ }
+ // Return details of the next interface. If the interface
+ // has multiple addresses then details for each address
+ // are returned separately in the enumeration.
+ err = socket.GetOpt( KSoInetNextInterface,
+ KSolInetIfCtrl,
+ details );
+ }
+ }
+ socket.Close();
+ }
+ }
+
+ DEBUG_LOG1( _L("CLocalAddressResolver::RefreshLocalAddresses, ret=%d"), ret );
+ return ret;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local IP address.
+// ---------------------------------------------------------------------------
+//
+TInt CLocalAddressResolver::GetLocalAddress( const TIpVersion aIpVersion,
+ TInetAddr& aLocalIp )
+ {
+ IKESOCKET_ASSERT( aIpVersion == EIPv4 || aIpVersion == EIPv6 );
+ DEBUG_LOG1( _L("CLocalAddressResolver::GetLocalAddress, aIpVersion=%d"),
+ aIpVersion);
+
+ TInt ret = RefreshLocalAddresses();
+
+ if ( ret )
+ {
+ return ret;
+ }
+
+ if ( HasIPAddr( aIpVersion ) )
+ {
+ aLocalIp = IPAddr( aIpVersion );
+ }
+ else
+ {
+ ret = KErrNotFound;
+ }
+ return ret;
+ }
+
+// ---------------------------------------------------------------------------
+// Mathches information of an interface and the connection.
+// ---------------------------------------------------------------------------
+//
+TBool CLocalAddressResolver::Match(
+ const TSoInetInterfaceInfo& aInfo,
+ const TSoInetIfQuery& aQuery ) const
+ {
+ TBool match = EFalse;
+ if ( !aInfo.iAddress.IsUnspecified() &&
+ !aInfo.iAddress.IsLoopback() &&
+ !aInfo.iAddress.IsLinkLocal() &&
+ aQuery.iZone[1] == iIapId ) // Match IAPs of interface and connection
+ {
+ match = ETrue;
+ }
+ return match;
+ }
+
+// ---------------------------------------------------------------------------
+// Sets local IP address if not set.
+// ---------------------------------------------------------------------------
+//
+void CLocalAddressResolver::SetAddressIfNotSet( const TInetAddr& aAddr )
+ {
+ TInetAddr addr = aAddr;
+
+ if ( addr.Family() == KAfInet ) // IPv4 address
+ {
+ SetIPv4AddressIfNotSet( addr );
+ }
+ else if ( addr.Family() == KAfInet6 )
+ {
+ if ( addr.IsV4Mapped() ) // IPv4 mapped address
+ {
+ addr.ConvertToV4();
+ SetIPv4AddressIfNotSet( addr );
+ }
+ else // IPv6 address
+ {
+ SetIPv6AddressIfNotSet( addr );
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Sets local IPv4 address if not set.
+// ---------------------------------------------------------------------------
+//
+void CLocalAddressResolver::SetIPv4AddressIfNotSet( const TInetAddr& aAddr )
+ {
+ if ( iIPv4Addr.IsUnspecified() )
+ {
+#ifdef _DEBUG
+ TBuf<100> txt_addr;
+ aAddr.Output( txt_addr );
+ DEBUG_LOG1( _L("CLocalAddressResolver::SetIPv4AddressIfNotSet, address=%S"),
+ &txt_addr );
+#endif
+
+ iIPv4Addr = aAddr;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Sets local IPv6 address if not set.
+// ---------------------------------------------------------------------------
+//
+void CLocalAddressResolver::SetIPv6AddressIfNotSet( const TInetAddr& aAddr )
+ {
+ if ( iIPv6Addr.IsUnspecified() )
+ {
+#ifdef _DEBUG
+ TBuf<100> txt_addr;
+ aAddr.Output( txt_addr );
+ DEBUG_LOG1( _L("CLocalAddressResolver::SetIPv6AddressIfNotSet, address=%S"),
+ &txt_addr );
+#endif
+
+ iIPv6Addr = aAddr;
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/receivequeueitem.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,64 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receive queue item
+*
+*/
+
+
+// INCLUDE FILES
+#include "receivequeueitem.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Constructor
+// ---------------------------------------------------------------------------
+//
+TReceiveQueueItem::TReceiveQueueItem( HBufC8* aUdpData,
+ const TInetAddr& aSrcAddr,
+ const TInt aLocalPort )
+ : iUdpData( aUdpData ),
+ iSrcAddr( aSrcAddr ),
+ iLocalPort( aLocalPort )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Returns UDP data.
+// ---------------------------------------------------------------------------
+//
+HBufC8* TReceiveQueueItem::UdpData() const
+ {
+ return iUdpData;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns source address.
+// ---------------------------------------------------------------------------
+//
+const TInetAddr& TReceiveQueueItem::SrcAddr() const
+ {
+ return iSrcAddr;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns local port.
+// ---------------------------------------------------------------------------
+//
+TInt TReceiveQueueItem::LocalPort() const
+ {
+ return iLocalPort;
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/receiver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,365 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver for UDP data
+*
+*/
+
+
+#include <es_sock.h>
+#include "receiver.h"
+#include "ikemsgheader.h"
+#include "ikev2const.h"
+#include "ikesocketdefs.h"
+#include "ikedebug.h"
+#include "ikesocketassert.h"
+
+using namespace IkeSocket;
+
+const TInt KMaxIkePacketSize( 65536 ); // Maximum size for UDP packet
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CReceiver* CReceiver::NewL( RSocket& aSocket,
+ MReceiverCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CReceiver* self = new (ELeave) CReceiver( aSocket,
+ aCallback,
+ aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CReceiver::~CReceiver()
+ {
+ DEBUG_LOG( _L("CReceiver::~CReceiver") );
+ Cancel();
+ delete iMsg;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CReceiver::CReceiver( RSocket& aSocket,
+ MReceiverCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iState( EIdle ),
+ iMsgPtr( 0, 0, 0 ),
+ iSocket( aSocket ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this ); // Added to the Active Scheduler
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::ConstructL()
+ {
+ DEBUG_LOG( _L("CReceiver::ConstructL") );
+ }
+
+// ---------------------------------------------------------------------------
+// Sets IKE major version.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::SetIkeMajorVersion( const TIkeMajorVersion aIkeMajorVersion )
+ {
+ IKESOCKET_ASSERT( aIkeMajorVersion == EIkeMajorV1 ||
+ aIkeMajorVersion == EIkeMajorV2 );
+
+ iIkeMajorVersion = aIkeMajorVersion;
+ }
+
+// ---------------------------------------------------------------------------
+// Starts receive.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::Receive()
+ {
+ IKESOCKET_ASSERT( iIkeMajorVersion == EIkeMajorV1 ||
+ iIkeMajorVersion == EIkeMajorV2 );
+
+ if ( iState == EIdle )
+ {
+ WaitDataAvailable();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels receive.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::CancelReceive()
+ {
+ Cancel();
+
+ delete iMsg;
+ iMsg = NULL;
+ iMsgPtr.Set( 0, 0, 0 );
+
+ iState = EIdle;
+ }
+
+// ---------------------------------------------------------------------------
+// Waits for data to become available for reading.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::WaitDataAvailable()
+ {
+ IKESOCKET_ASSERT( iState == EIdle );
+ IKESOCKET_ASSERT( !IsActive() );
+
+ iState = EWaitingData;
+ delete iMsg;
+ iMsg = NULL;
+
+ iFlags() = KSockSelectRead | KSockSelectExcept;
+
+ iSocket.Ioctl( KIOctlSelect,
+ iStatus,
+ &iFlags,
+ KSOLSocket );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Receives data from socket.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::ReceiveDataL()
+ {
+ IKESOCKET_ASSERT( !IsActive() );
+
+ iState = EReceiving;
+
+ TInt bytesPending( 0 );
+ TInt err = iSocket.GetOpt( KSOReadBytesPending,
+ KSOLSocket,
+ bytesPending );
+
+ User::LeaveIfError( err );
+
+ if ( bytesPending > KMaxIkePacketSize )
+ {
+ // KMaxIkePacketSize (65536) is max message size supported.
+ bytesPending = KMaxIkePacketSize;
+ }
+
+ iMsg = HBufC8::NewL( bytesPending );
+ iMsgPtr.Set( iMsg->Des() );
+
+ iSocket.RecvFrom( iMsgPtr,
+ iSrcAddr,
+ 0,
+ iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Handles receive of data.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::HandleDataReceivedL()
+ {
+#ifdef _DEBUG
+ TBuf<100> txt_addr;
+ iSrcAddr.Output( txt_addr );
+ TUint32 port = iSrcAddr.Port();
+ DEBUG_LOG3( _L("CReceiver::HandleDataReceivedL, local port=%d, src address:port=%S:%d"),
+ iSocket.LocalPort(), &txt_addr, port );
+#endif
+
+ TInt msgLength = iMsgPtr.Length();
+ if ( msgLength <= TInt(ISAKMP_HDR_SIZE) )
+ {
+ // Message size smaller than header size.
+ User::Leave( KErrArgument );
+ }
+
+ // Check if <non-ESP marker> is in the beginning of IKE message.
+ // <non-ESP marker> is related to the NAT traversal and it should
+ // exist only if IKE messages received through port 4500.
+ // However, we accept <non-ESP marker> also in IKE message
+ // received through normal IKE port (500).
+ const ThdrISAKMP* ikeHdr = ThdrISAKMP::Ptr( iMsgPtr );
+ TUint32 octets = BigEndian::Get32( (TUint8*)(ikeHdr) );
+ TBool nonEspMarker = ( octets == NON_ESP_MARKER );
+ if ( nonEspMarker )
+ {
+ ikeHdr = ikeHdr->GotoOffset( NON_ESP_MARKER_SIZE );
+ msgLength -= NON_ESP_MARKER_SIZE;
+ if ( msgLength <= TInt(ISAKMP_HDR_SIZE) )
+ {
+ // Message size smaller than header size.
+ User::Leave( KErrArgument );
+ }
+ }
+
+ // Because the received data can be any UDP data transmitted to
+ // IKE port(s), some checks are done before packet is processed. Length
+ // value read from header must be greater than ISAKMP_HDR_SIZE.
+ TInt ikeMsgLength = ikeHdr->GetLength();
+ if ( ikeMsgLength <= TInt(ISAKMP_HDR_SIZE) )
+ {
+ User::Leave( KErrArgument );
+ }
+
+ // IKE major version in packet MUST be as client expects (1 or 2).
+ TUint8 majorVersion = ikeHdr->GetMajorVersion();
+ if ( majorVersion != iIkeMajorVersion )
+ {
+ User::Leave( KErrArgument );
+ }
+
+ NotifyDataReceived();
+ }
+
+// ---------------------------------------------------------------------------
+// Handles error in receiving.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::HandleError( const TInt aStatus )
+ {
+ DEBUG_LOG1( _L("CReceiver::HandleError, aStatus=%d"), aStatus );
+
+ delete iMsg;
+ iMsg = NULL;
+ iMsgPtr.Set( 0, 0, 0 );
+ iState = EIdle;
+
+ if ( aStatus == KErrDied ||
+ aStatus == KErrServerTerminated ||
+ aStatus == KErrNoMemory )
+ {
+ // Fatal error. Notify client.
+ iCallback.ReceiveError( aStatus );
+ }
+ else
+ {
+ // Error is not fatal. Restart receiving
+ Receive();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Notifies client that data has been received.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::NotifyDataReceived()
+ {
+ TInetAddr srcAddr = iSrcAddr;
+ TInt localPort = iSocket.LocalPort();
+ HBufC8* msg = iMsg;
+
+ iMsg = NULL;
+ iMsgPtr.Set( 0, 0, 0 );
+ iState = EIdle;
+
+ // Continue receiving.
+ Receive();
+
+ iCallback.DataReceived( msg, // Ownership transferred
+ srcAddr,
+ localPort );
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Handles a leave occurring in RunL().
+// ---------------------------------------------------------------------------
+//
+TInt CReceiver::RunError( TInt aError )
+ {
+ HandleError( aError );
+ return KErrNone;
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Handles request completion event about available data or received data.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::RunL()
+ {
+ IKESOCKET_ASSERT( iState == EWaitingData ||
+ iState == EReceiving );
+ DEBUG_LOG2( _L("CReceiver::RunL, iState=%d, iStatus=%d"),
+ iState, iStatus.Int() );
+
+ if ( iStatus.Int() )
+ {
+ HandleError( iStatus.Int() );
+ return;
+ }
+
+ switch ( iState )
+ {
+ case EWaitingData:
+ {
+ ReceiveDataL();
+ break;
+ }
+ case EReceiving:
+ {
+ HandleDataReceivedL();
+ break;
+ }
+ default:
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Implements cancellation of an active request.
+// ---------------------------------------------------------------------------
+//
+void CReceiver::DoCancel()
+ {
+ IKESOCKET_ASSERT( iState == EWaitingData ||
+ iState == EReceiving );
+ DEBUG_LOG1( _L("CReceiver::DoCancel, iState=%d"),
+ iState );
+
+ switch ( iState )
+ {
+ case EWaitingData:
+ {
+ iSocket.CancelIoctl();
+ break;
+ }
+ case EReceiving:
+ {
+ iSocket.CancelRecv();
+ break;
+ }
+ default:
+ break;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikesocket/src/sender.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,171 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender for UDP data
+*
+*/
+
+
+#include "sender.h"
+#include "ikesocketdefs.h"
+#include "ikedebug.h"
+
+using namespace IkeSocket;
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CSender* CSender::NewL( RSocket& aSocket,
+ RSocket& aSocketNAT,
+ RSocket& aSocketNokiaNAT,
+ MSenderCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CSender* self = new (ELeave) CSender( aSocket,
+ aSocketNAT,
+ aSocketNokiaNAT,
+ aCallback,
+ aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CSender::~CSender()
+ {
+ DEBUG_LOG( _L("CSender::~CSender") );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CSender::CSender( RSocket& aSocket,
+ RSocket& aSocketNAT,
+ RSocket& aSocketNokiaNAT,
+ MSenderCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iSocket( aSocket ),
+ iSocketNAT( aSocketNAT ),
+ iSocketNokiaNAT( aSocketNokiaNAT ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this ); // Added to the Active Scheduler
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CSender::ConstructL()
+ {
+ DEBUG_LOG( _L("CSender::ConstructL") );
+ }
+
+// ---------------------------------------------------------------------------
+// Sends UDP data.
+// ---------------------------------------------------------------------------
+//
+TInt CSender::SendUdpData( const TInt aLocalPort,
+ const TInetAddr& aDestAddr,
+ const TDesC8& aUdpData,
+ const TUint aDscp )
+ {
+ RSocket* socket = NULL;
+ iLocalPort = aLocalPort;
+ iDestAddr = aDestAddr;
+
+ if ( iLocalPort == 500 )
+ {
+ socket = &iSocket;
+ }
+ else if ( iLocalPort == 4500 )
+ {
+ socket = &iSocketNAT;
+ }
+ else
+ {
+ socket = &iSocketNokiaNAT;
+ }
+
+ TInt err = socket->SetOpt( KSoIpTOS, KSolInetIp, aDscp );
+
+ if ( err == KErrNone )
+ {
+ err = socket->SetOpt( KSoUdpSynchronousSend, KSolInetUdp, 1 );
+ }
+
+ if ( err == KErrNone )
+ {
+ socket->SendTo( aUdpData, iDestAddr, 0, iStatus );
+ SetActive();
+ }
+
+#ifdef _DEBUG
+ TBuf<100> txt_addr;
+ iDestAddr.Output( txt_addr );
+ TUint32 port = iDestAddr.Port();
+ DEBUG_LOG3( _L("Sending UDP data, local port=%d, dest address:port=%S:%d"),
+ iLocalPort, &txt_addr, port );
+ DEBUG_LOG2( _L(" DSCP=%d, err=%d"), aDscp, err );
+#endif
+
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Handles request completion event about sending.
+// ---------------------------------------------------------------------------
+//
+void CSender::RunL()
+ {
+ DEBUG_LOG1( _L("CSender::RunL, iStatus=%d"),
+ iStatus.Int() );
+
+ iCallback.SendCompleted( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From CActive
+// Implements cancellation of sending.
+// ---------------------------------------------------------------------------
+//
+void CSender::DoCancel()
+ {
+ DEBUG_LOG1( _L("CSender::DoCancel, iLocalPort=%d"),
+ iLocalPort );
+
+ if ( iLocalPort == KIkePort500 )
+ {
+ iSocket.CancelSend();
+ }
+ else if ( iLocalPort == KIkePort4500 )
+ {
+ iSocketNAT.CancelSend();
+ }
+ else
+ {
+ iSocketNokiaNAT.CancelSend();
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/bwins/ikeutilsu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+EXPORTS
+ ?CopyL@CInternalAddress@@QAEXABV1@@Z @ 1 NONAME ; void CInternalAddress::CopyL(class CInternalAddress const &)
+ ?Match@TIkeSendQueueItem@@SAHABV1@0@Z @ 2 NONAME ; int TIkeSendQueueItem::Match(class TIkeSendQueueItem const &, class TIkeSendQueueItem const &)
+ ?AddSAL@CPFKeySocketIf@@QAEXABVTIpsecSAData@@@Z @ 3 NONAME ; void CPFKeySocketIf::AddSAL(class TIpsecSAData const &)
+ ?NewL@CInternalAddress@@SAPAV1@ABV1@@Z @ 4 NONAME ; class CInternalAddress * CInternalAddress::NewL(class CInternalAddress const &)
+ ??0TIpsecSAData@@QAE@XZ @ 5 NONAME ; TIpsecSAData::TIpsecSAData(void)
+ ?UdpData@TIkeSendQueueItem@@QAEPAVHBufC8@@XZ @ 6 NONAME ; class HBufC8 * TIkeSendQueueItem::UdpData(void)
+ ?Dscp@TIkeSendQueueItem@@QBEEXZ @ 7 NONAME ; unsigned char TIkeSendQueueItem::Dscp(void) const
+ ?UpdateSAL@CPFKeySocketIf@@QAEXABVTIpsecSAData@@@Z @ 8 NONAME ; void CPFKeySocketIf::UpdateSAL(class TIpsecSAData const &)
+ ??0CIpsecSaSpecList@@QAE@XZ @ 9 NONAME ; CIpsecSaSpecList::CIpsecSaSpecList(void)
+ ??4TIpsecSALifetime@@QAEAAV0@ABV0@@Z @ 10 NONAME ; class TIpsecSALifetime & TIpsecSALifetime::operator=(class TIpsecSALifetime const &)
+ ?Address@TPfkeyAddress@@QBEABVTInetAddr@@XZ @ 11 NONAME ; class TInetAddr const & TPfkeyAddress::Address(void) const
+ ??0CInternalAddress@@QAE@H@Z @ 12 NONAME ; CInternalAddress::CInternalAddress(int)
+ ?NewL@CIpsecPolicyUtil@@SAPAV1@XZ @ 13 NONAME ; class CIpsecPolicyUtil * CIpsecPolicyUtil::NewL(void)
+ ?BuildVPNAddrInfo@VPNAddrInfo@@SAXPBVCInternalAddress@@ABVTInetAddr@@AAVTVPNAddress@@AAVMIkeDebug@@@Z @ 14 NONAME ; void VPNAddrInfo::BuildVPNAddrInfo(class CInternalAddress const *, class TInetAddr const &, class TVPNAddress &, class MIkeDebug &)
+ ?NewL@CPFKeySocketIf@@SAPAV1@PAVMPFKeyMessageListener@@AAVMIkeDebug@@@Z @ 15 NONAME ; class CPFKeySocketIf * CPFKeySocketIf::NewL(class MPFKeyMessageListener *, class MIkeDebug &)
+ ?BuildUdpEncExtensionData@PFKeyExtDataUtil@@SAXAAVTDes8@@KHHGGABVTInetAddr@@1@Z @ 16 NONAME ; void PFKeyExtDataUtil::BuildUdpEncExtensionData(class TDes8 &, unsigned long, int, int, unsigned short, unsigned short, class TInetAddr const &, class TInetAddr const &)
+ ??0TIpsecSALifetime@@QAE@KAB_J00@Z @ 17 NONAME ; TIpsecSALifetime::TIpsecSALifetime(unsigned long, long long const &, long long const &, long long const &)
+ ??0TIkeSendQueueItem@@QAE@PAVHBufC8@@@Z @ 18 NONAME ; TIkeSendQueueItem::TIkeSendQueueItem(class HBufC8 *)
+ ?SelectorCount@TPfkeyTs@@QBEHXZ @ 19 NONAME ; int TPfkeyTs::SelectorCount(void) const
+ ?GetIpsecSaSpi@CIpsecSaSpiRetriever@@QAEXKEABVTInetAddr@@0@Z @ 20 NONAME ; void CIpsecSaSpiRetriever::GetIpsecSaSpi(unsigned long, unsigned char, class TInetAddr const &, class TInetAddr const &)
+ ??0TIkeSendQueueItem@@QAE@PAVHBufC8@@ABVTInetAddr@@HE@Z @ 21 NONAME ; TIkeSendQueueItem::TIkeSendQueueItem(class HBufC8 *, class TInetAddr const &, int, unsigned char)
+ ?AcquireSAError@CPFKeySocketIf@@QAEXABVTIpsecSAData@@H@Z @ 22 NONAME ; void CPFKeySocketIf::AcquireSAError(class TIpsecSAData const &, int)
+ ?DeleteSA@CPFKeySocketIf@@QAEXKABVTInetAddr@@0E@Z @ 23 NONAME ; void CPFKeySocketIf::DeleteSA(unsigned long, class TInetAddr const &, class TInetAddr const &, unsigned char)
+ ?Selector@TPfkeyTs@@QBEABVTPfKeySelector@@H@Z @ 24 NONAME ; class TPfKeySelector const & TPfkeyTs::Selector(int) const
+ ?LocalPort@TIkeSendQueueItem@@QBEHXZ @ 25 NONAME ; int TIkeSendQueueItem::LocalPort(void) const
+ ?FlushSAs@CPFKeySocketIf@@QAEXXZ @ 26 NONAME ; void CPFKeySocketIf::FlushSAs(void)
+ ?NewL@CIpsecSaSpiRetriever@@SAPAV1@AAVMIpsecSaSpiRetrieverCallback@@AAVCPFKeySocketIf@@@Z @ 27 NONAME ; class CIpsecSaSpiRetriever * CIpsecSaSpiRetriever::NewL(class MIpsecSaSpiRetrieverCallback &, class CPFKeySocketIf &)
+ ?GetIpseSaSpecListLC@CIpsecPolicyUtil@@QAEPAVCIpsecSaSpecList@@VTInetAddr@@000HK@Z @ 28 NONAME ; class CIpsecSaSpecList * CIpsecPolicyUtil::GetIpseSaSpecListLC(class TInetAddr, class TInetAddr, class TInetAddr, class TInetAddr, int, unsigned long)
+ ?DestAddr@TIkeSendQueueItem@@QAEABVTInetAddr@@XZ @ 29 NONAME ; class TInetAddr const & TIkeSendQueueItem::DestAddr(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/eabi/ikeutilsu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,49 @@
+EXPORTS
+ _ZN11VPNAddrInfo16BuildVPNAddrInfoEPK16CInternalAddressRK9TInetAddrR11TVPNAddressR9MIkeDebug @ 1 NONAME
+ _ZN12TIpsecSADataC1Ev @ 2 NONAME
+ _ZN12TIpsecSADataC2Ev @ 3 NONAME
+ _ZN14CPFKeySocketIf14AcquireSAErrorERK12TIpsecSADatai @ 4 NONAME
+ _ZN14CPFKeySocketIf4NewLEP21MPFKeyMessageListenerR9MIkeDebug @ 5 NONAME
+ _ZN14CPFKeySocketIf6AddSALERK12TIpsecSAData @ 6 NONAME
+ _ZN14CPFKeySocketIf8DeleteSAEmRK9TInetAddrS2_h @ 7 NONAME
+ _ZN14CPFKeySocketIf8FlushSAsEv @ 8 NONAME
+ _ZN14CPFKeySocketIf9UpdateSALERK12TIpsecSAData @ 9 NONAME
+ _ZN16CInternalAddress4NewLERKS_ @ 10 NONAME
+ _ZN16CInternalAddress5CopyLERKS_ @ 11 NONAME
+ _ZN16CInternalAddressC1Ei @ 12 NONAME
+ _ZN16CInternalAddressC2Ei @ 13 NONAME
+ _ZN16CIpsecPolicyUtil19GetIpseSaSpecListLCE9TInetAddrS0_S0_S0_im @ 14 NONAME
+ _ZN16CIpsecPolicyUtil4NewLEv @ 15 NONAME
+ _ZN16CIpsecSaSpecListC1Ev @ 16 NONAME
+ _ZN16CIpsecSaSpecListC2Ev @ 17 NONAME
+ _ZN16PFKeyExtDataUtil24BuildUdpEncExtensionDataER5TDes8miittRK9TInetAddrS4_ @ 18 NONAME
+ _ZN16TIpsecSALifetimeC1EmRKxS1_S1_ @ 19 NONAME
+ _ZN16TIpsecSALifetimeC2EmRKxS1_S1_ @ 20 NONAME
+ _ZN16TIpsecSALifetimeaSERKS_ @ 21 NONAME
+ _ZN17TIkeSendQueueItem5MatchERKS_S1_ @ 22 NONAME
+ _ZN17TIkeSendQueueItem7UdpDataEv @ 23 NONAME
+ _ZN17TIkeSendQueueItem8DestAddrEv @ 24 NONAME
+ _ZN17TIkeSendQueueItemC1EP6HBufC8 @ 25 NONAME
+ _ZN17TIkeSendQueueItemC1EP6HBufC8RK9TInetAddrih @ 26 NONAME
+ _ZN17TIkeSendQueueItemC2EP6HBufC8 @ 27 NONAME
+ _ZN17TIkeSendQueueItemC2EP6HBufC8RK9TInetAddrih @ 28 NONAME
+ _ZN20CIpsecSaSpiRetriever13GetIpsecSaSpiEmhRK9TInetAddrS2_ @ 29 NONAME
+ _ZN20CIpsecSaSpiRetriever4NewLER28MIpsecSaSpiRetrieverCallbackR14CPFKeySocketIf @ 30 NONAME
+ _ZNK13TPfkeyAddress7AddressEv @ 31 NONAME
+ _ZNK17TIkeSendQueueItem4DscpEv @ 32 NONAME
+ _ZNK17TIkeSendQueueItem9LocalPortEv @ 33 NONAME
+ _ZNK8TPfkeyTs13SelectorCountEv @ 34 NONAME
+ _ZNK8TPfkeyTs8SelectorEi @ 35 NONAME
+ _ZTI14CPFKeySocketIf @ 36 NONAME
+ _ZTI16CInternalAddress @ 37 NONAME
+ _ZTI16CIpsecPolicyUtil @ 38 NONAME
+ _ZTI19TPfkeySupportedAuth @ 39 NONAME
+ _ZTI20CIpsecSaSpiRetriever @ 40 NONAME
+ _ZTI22TPfkeySupportedEncrypt @ 41 NONAME
+ _ZTV14CPFKeySocketIf @ 42 NONAME
+ _ZTV16CInternalAddress @ 43 NONAME
+ _ZTV16CIpsecPolicyUtil @ 44 NONAME
+ _ZTV19TPfkeySupportedAuth @ 45 NONAME
+ _ZTV20CIpsecSaSpiRetriever @ 46 NONAME
+ _ZTV22TPfkeySupportedEncrypt @ 47 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+
+
+PRJ_PLATFORMS
+
+
+
+PRJ_EXPORTS
+
+
+
+PRJ_MMPFILES
+
+ikeutils.mmp
+
+
+
+PRJ_TESTMMPFILES
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/group/ikeutils.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikeutils
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET ikeutils.dll
+TARGETTYPE dll
+
+UID 0x1000008d 0x2001E609
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikesendqueueitem.cpp
+SOURCE internaladdress.cpp
+SOURCE ipsecpolicyutil.cpp
+SOURCE ipsecsadata.cpp
+SOURCE ipsecsalifetime.cpp
+SOURCE ipsecsalist.cpp
+SOURCE ipsecsaspiretriever.cpp
+SOURCE pfkeyextdatautil.cpp
+SOURCE pfkeymsg.cpp
+SOURCE pfkeysocketif.cpp
+SOURCE vpnaddrinfo.cpp
+
+USERINCLUDE .
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY esock.lib
+LIBRARY euser.lib
+LIBRARY insock.lib
+LIBRARY ipsecpolapi.lib
+LIBRARY lib_pfkey.lib
+LIBRARY random.lib
+
+CAPABILITY ALL -Tcb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/dhparameters.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,146 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Prime and generator values for modular Diffie-Hellman groups
+*
+*/
+
+
+
+#ifndef _DH_PARAMETERS_H_
+#define _DH_PARAMETERS_H_
+
+#include <e32def.h>
+
+
+//Group 1
+//Equivalent to FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+// 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+// EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+// E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF
+#define MODP_768_PRIME_LENGTH 96 //bytes TUint8 (2 hex each)
+
+const TUint8 MODP_768_PRIME[MODP_768_PRIME_LENGTH] =
+ {255,255,255,255, 255,255,255,255, 201,15,218,162, 33,104,194,52,
+ 196,198,98,139, 128,220,28,209, 41,2,78,8, 138,103,204,116,
+ 2,11,190,166, 59,19,155,34, 81,74,8,121, 142,52,4,221,
+ 239,149,25,179, 205,58,67,27, 48,43,10,109, 242,95,20,55,
+ 79,225,53,109, 109,81,194,69, 228,133,181,118, 98,94,126,198,
+ 244,76,66,233, 166,58,54,32, 255,255,255,255, 255,255,255,255};
+
+#define MODP_768_GENERATOR_LENGTH 1 //TUint characters
+const TUint8 MODP_768_GENERATOR[MODP_768_GENERATOR_LENGTH]={2};
+
+
+//Group 2
+//Equivalent to FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+// 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+// EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+// E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+// EE386bFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381
+// FFFFFFFF FFFFFFFF
+#define MODP_1024_PRIME_LENGTH 128 //bytes TUint8 (2 hex each)
+
+const TUint8 MODP_1024_PRIME[MODP_1024_PRIME_LENGTH] =
+ {0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xC9,0x0F,0xDA,0xA2
+ ,0x21,0x68,0xC2,0x34 ,0xC4,0xC6,0x62,0x8B ,0x80,0xDC,0x1C,0xD1
+ ,0x29,0x02,0x4E,0x08 ,0x8A,0x67,0xCC,0x74 ,0x02,0x0B,0xBE,0xA6
+ ,0x3B,0x13,0x9B,0x22 ,0x51,0x4A,0x08,0x79 ,0x8E,0x34,0x04,0xDD
+ ,0xEF,0x95,0x19,0xB3 ,0xCD,0x3A,0x43,0x1B ,0x30,0x2B,0x0A,0x6D
+ ,0xF2,0x5F,0x14,0x37 ,0x4F,0xE1,0x35,0x6D ,0x6D,0x51,0xC2,0x45
+ ,0xE4,0x85,0xB5,0x76 ,0x62,0x5E,0x7E,0xC6 ,0xF4,0x4C,0x42,0xE9
+ ,0xA6,0x37,0xED,0x6B ,0x0B,0xFF,0x5C,0xB6 ,0xF4,0x06,0xB7,0xED
+ ,0xEE,0x38,0x6b,0xFB ,0x5A,0x89,0x9F,0xA5 ,0xAE,0x9F,0x24,0x11
+ ,0x7C,0x4B,0x1F,0xE6 ,0x49,0x28,0x66,0x51 ,0xEC,0xE6,0x53,0x81
+ ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF };
+
+#define MODP_1024_GENERATOR_LENGTH 1 //TUint characters
+const TUint8 MODP_1024_GENERATOR[MODP_1024_GENERATOR_LENGTH]={2};
+
+
+//Group 5
+//Equivalent to FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+// 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+// EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+// E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+// EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D
+// C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F
+// 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+// 670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF
+#define MODP_1536_PRIME_LENGTH 192 //bytes TUint8 (2 hex each)
+
+const TUint8 MODP_1536_PRIME[MODP_1536_PRIME_LENGTH] =
+ {0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xC9,0x0F,0xDA,0xA2
+ ,0x21,0x68,0xC2,0x34 ,0xC4,0xC6,0x62,0x8B ,0x80,0xDC,0x1C,0xD1
+ ,0x29,0x02,0x4E,0x08 ,0x8A,0x67,0xCC,0x74 ,0x02,0x0B,0xBE,0xA6
+ ,0x3B,0x13,0x9B,0x22 ,0x51,0x4A,0x08,0x79 ,0x8E,0x34,0x04,0xDD
+ ,0xEF,0x95,0x19,0xB3 ,0xCD,0x3A,0x43,0x1B ,0x30,0x2B,0x0A,0x6D
+ ,0xF2,0x5F,0x14,0x37 ,0x4F,0xE1,0x35,0x6D ,0x6D,0x51,0xC2,0x45
+ ,0xE4,0x85,0xB5,0x76 ,0x62,0x5E,0x7E,0xC6 ,0xF4,0x4C,0x42,0xE9
+ ,0xA6,0x37,0xED,0x6B ,0x0B,0xFF,0x5C,0xB6 ,0xF4,0x06,0xB7,0xED
+ ,0xEE,0x38,0x6b,0xFB ,0x5A,0x89,0x9F,0xA5 ,0xAE,0x9F,0x24,0x11
+ ,0x7C,0x4B,0x1F,0xE6 ,0x49,0x28,0x66,0x51 ,0xEC,0xE4,0x5B,0x3D
+ ,0xC2,0x00,0x7C,0xB8 ,0xA1,0x63,0xBF,0x05 ,0x98,0xDA,0x48,0x36
+ ,0x1C,0x55,0xD3,0x9A ,0x69,0x16,0x3F,0xA8 ,0xFD,0x24,0xCF,0x5F
+ ,0x83,0x65,0x5D,0x23 ,0xDC,0xA3,0xAD,0x96 ,0x1C,0x62,0xF3,0x56
+ ,0x20,0x85,0x52,0xBB ,0x9E,0xD5,0x29,0x07 ,0x70,0x96,0x96,0x6D
+ ,0x67,0x0C,0x35,0x4E ,0x4A,0xBC,0x98,0x04 ,0xF1,0x74,0x6C,0x08
+ ,0xCA,0x23,0x73,0x27, 0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF };
+
+#define MODP_1536_GENERATOR_LENGTH 1 //TUint characters
+const TUint8 MODP_1536_GENERATOR[MODP_1536_GENERATOR_LENGTH]={2};
+
+
+//Group 14
+//Equivalent to FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+// 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+// EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+// E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+// EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D
+// C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F
+// 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+// 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B
+// E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9
+// DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510
+// 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF
+#define MODP_2048_PRIME_LENGTH 256
+
+const TUint8 MODP_2048_PRIME[MODP_2048_PRIME_LENGTH] =
+ {0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xC9,0x0F,0xDA,0xA2
+ ,0x21,0x68,0xC2,0x34 ,0xC4,0xC6,0x62,0x8B ,0x80,0xDC,0x1C,0xD1
+ ,0x29,0x02,0x4E,0x08 ,0x8A,0x67,0xCC,0x74 ,0x02,0x0B,0xBE,0xA6
+ ,0x3B,0x13,0x9B,0x22 ,0x51,0x4A,0x08,0x79 ,0x8E,0x34,0x04,0xDD
+ ,0xEF,0x95,0x19,0xB3 ,0xCD,0x3A,0x43,0x1B ,0x30,0x2B,0x0A,0x6D
+ ,0xF2,0x5F,0x14,0x37 ,0x4F,0xE1,0x35,0x6D ,0x6D,0x51,0xC2,0x45
+ ,0xE4,0x85,0xB5,0x76 ,0x62,0x5E,0x7E,0xC6 ,0xF4,0x4C,0x42,0xE9
+ ,0xA6,0x37,0xED,0x6B ,0x0B,0xFF,0x5C,0xB6 ,0xF4,0x06,0xB7,0xED
+ ,0xEE,0x38,0x6B,0xFB ,0x5A,0x89,0x9F,0xA5 ,0xAE,0x9F,0x24,0x11
+ ,0x7C,0x4B,0x1F,0xE6 ,0x49,0x28,0x66,0x51 ,0xEC,0xE4,0x5B,0x3D
+ ,0xC2,0x00,0x7C,0xB8 ,0xA1,0x63,0xBF,0x05 ,0x98,0xDA,0x48,0x36
+ ,0x1C,0x55,0xD3,0x9A ,0x69,0x16,0x3F,0xA8 ,0xFD,0x24,0xCF,0x5F
+ ,0x83,0x65,0x5D,0x23 ,0xDC,0xA3,0xAD,0x96 ,0x1C,0x62,0xF3,0x56
+ ,0x20,0x85,0x52,0xBB ,0x9E,0xD5,0x29,0x07 ,0x70,0x96,0x96,0x6D
+ ,0x67,0x0C,0x35,0x4E ,0x4A,0xBC,0x98,0x04 ,0xF1,0x74,0x6C,0x08
+ ,0xCA,0x18,0x21,0x7C ,0x32,0x90,0x5E,0x46 ,0x2E,0x36,0xCE,0x3B
+ ,0xE3,0x9E,0x77,0x2C ,0x18,0x0E,0x86,0x03 ,0x9B,0x27,0x83,0xA2
+ ,0xEC,0x07,0xA2,0x8F ,0xB5,0xC5,0x5D,0xF0 ,0x6F,0x4C,0x52,0xC9
+ ,0xDE,0x2B,0xCB,0xF6 ,0x95,0x58,0x17,0x18 ,0x39,0x95,0x49,0x7C
+ ,0xEA,0x95,0x6A,0xE5 ,0x15,0xD2,0x26,0x18 ,0x98,0xFA,0x05,0x10
+ ,0x15,0x72,0x8E,0x5A ,0x8A,0xAC,0xAA,0x68 ,0xFF,0xFF,0xFF,0xFF
+ ,0xFF,0xFF,0xFF,0xFF };
+
+#define MODP_2048_GENERATOR_LENGTH 1
+const TUint8 MODP_2048_GENERATOR[MODP_2048_GENERATOR_LENGTH]={2};
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ikemsgheader.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,165 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE message header class
+*
+*/
+
+#ifndef _IKE_MSG_HEADER_H_
+#define _IKE_MSG_HEADER_H_
+
+#include <e32base.h>
+
+#define ISAKMP_COOKIE_SIZE 8
+#define IKEV2_SPI_SIZE 8
+typedef TBuf8<ISAKMP_COOKIE_SIZE> TCookie;
+typedef TBuf8<IKEV2_SPI_SIZE> TIkeSPI;
+
+#define ISAKMP_HDR_SIZE sizeof(ThdrISAKMP)
+#define IKEV2_HDR_SIZE sizeof(ThdrISAKMP)
+
+#define IKE_PORT 500
+#define FLOATED_IKE_PORT 4500
+#define NON_ESP_MARKER 0x0
+#define NON_ESP_MARKER_SIZE 4 // Corresponds IPSEC SPI size
+
+//
+// NAT flags
+//
+#define LOCAL_END_NAT 0x1
+#define REMOTE_END_NAT 0x2
+#define MOBIKE_USED 0x4
+
+//
+// These macro definitions takes care of 16- and 32-bit data packing and
+// unpacking.
+// The following assumptions are in use for macros:
+// -- The connection memory is a little-endian configured (= Intel format)
+// -- A macro does always an unconditional conversion for the parameter data
+// PUTxx(d, s) = Source data is supposed to be in "Network order". Data
+// is stored to *p as little-endian.
+// GETxx(s) = Source data is supposed to be in memory as little-endian.
+// Macro return data in "Network order"
+//
+#define PUT16(d, s) \
+ (*(unsigned char*)((unsigned char*)(d)+1)) = (unsigned char)((s) & 0xff);\
+ (*(unsigned char*)(d)) = (unsigned char)(((s) >> 8 ) & 0xff)
+
+#define PUT32(d, s) \
+ (*(unsigned char*)((unsigned char*)(d)+3)) = (unsigned char)((s) & 0xff);\
+ (*(unsigned char*)((unsigned char*)(d)+2)) = (unsigned char)(((s) >> 8 ) & 0xff);\
+ (*(unsigned char*)((unsigned char*)(d)+1)) = (unsigned char)(((s) >> 16) & 0xff);\
+ (*(unsigned char*)(d)) = (unsigned char)(((s) >> 24) & 0xff)
+
+#define GET16(s) \
+ (((unsigned short)(*((unsigned char*)(s)+1))) | \
+ ((unsigned short)(*(unsigned char*)(s)) << 8 ))
+
+#define GET32(s) \
+ (((unsigned int)(*((unsigned char*)(s)+3))) | \
+ (((unsigned int)(*((unsigned char*)(s)+2))) << 8 ) | \
+ (((unsigned int)(*((unsigned char*)(s)+1))) << 16 ) | \
+ ((unsigned int)(*(unsigned char*)(s)) << 24 ))
+
+
+//
+// IKEv2 MESSAGE FIXED HEADER
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! IKE_SA Initiator's SPI !
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! IKE_SA Responder's SPI !
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Message ID !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+// IKEv1 MESSAGE FIXED HEADER
+//
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Initiator !
+// ! Cookie !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Responder !
+// ! Cookie !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Message ID !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class ThdrISAKMP
+{
+public:
+ static inline const ThdrISAKMP* Ptr(const TDes8& aMsg, TInt aOffset) { return (ThdrISAKMP*)(aMsg.Ptr() + aOffset); }
+ static inline const ThdrISAKMP* Ptr(const TDes8& aMsg) { return (ThdrISAKMP*)aMsg.Ptr(); }
+ static inline TInt Size() { return sizeof(ThdrISAKMP); }
+ inline const ThdrISAKMP* GotoOffset(TUint8 aOffset) const { return (const ThdrISAKMP*)((char*)this + aOffset); }
+ inline TUint8* Next() const { return (TUint8*)((char*)this + sizeof(ThdrISAKMP)); }
+ inline TCookie GetCookieI() const
+ { TCookie c;
+ c.Copy(&u.iData8[0],ISAKMP_COOKIE_SIZE);
+ return c;
+ }
+ inline void GetSPI_I(TIkeSPI& aSPI) const { aSPI.Copy(&u.iData8[0], IKEV2_SPI_SIZE); }
+ inline TUint32 GetSPI_I_Low32() const { return GET32(&u.iData32[1]); }
+ inline TUint32 GetNegotiationID_I() const { return GET32(&u.iData32[0]); }
+ inline TCookie GetCookieR() const
+ { TCookie c;
+ c.Copy(&u.iData8[8],ISAKMP_COOKIE_SIZE);
+ return c;
+ }
+ inline void GetSPI_R(TIkeSPI& aSPI) const { aSPI.Copy(&u.iData8[8], IKEV2_SPI_SIZE); }
+ inline TUint32 GetSPI_R_Low32() const { return GET32(&u.iData32[3]); }
+ inline TUint32 GetNegotiationID_R() const { return GET32(&u.iData32[2]); }
+ inline void SetCookieI(const TCookie& aCookie)
+ { Mem::Copy(&u.iData8[0], aCookie.Ptr(), ISAKMP_COOKIE_SIZE); }
+ inline void SetSPI_I(const TIkeSPI& aSPI) {Mem::Copy(&u.iData8[0],aSPI.Ptr(),IKEV2_SPI_SIZE); }
+ inline void SetCookieR(const TCookie& aCookie)
+ { Mem::Copy(&u.iData8[8],aCookie.Ptr(),ISAKMP_COOKIE_SIZE); }
+ inline void SetSPI_R(const TIkeSPI& aSPI) { Mem::Copy(&u.iData8[8],aSPI.Ptr(),IKEV2_SPI_SIZE); }
+ inline TUint8 GetPayload() const { return u.iData8[16]; }
+ inline void SetPayload(TUint8 aPayload) { u.iData8[16] = aPayload; }
+ inline TUint8 GetVersion() const { return u.iData8[17]; }
+ inline TUint8 GetMajorVersion() const { return (TUint8)(u.iData8[17] >> 4); }
+ inline TUint8 GetMinorVersion() const { return (TUint8)(u.iData8[17] & 0xf); }
+ inline void SetVersion(TUint8 aVersion) { u.iData8[17] = aVersion; }
+ inline TUint8 GetExchange() const { return u.iData8[18]; }
+ inline void SetExchange(TUint8 aType) { u.iData8[18] = aType; }
+ inline TUint8 GetFlags() const { return u.iData8[19]; }
+ inline void SetFlags(TUint8 aFlags) { u.iData8[19] = aFlags; }
+ inline TUint32 GetMessageId() const { return GET32(&u.iData32[5]); }
+ inline void SetMessageId(TUint32 aId) { PUT32(&u.iData32[5], aId); }
+ inline TUint32 GetLength() const { return GET32(&u.iData32[6]); }
+ inline void SetLength(TUint32 aLength) { PUT32(&u.iData32[6], aLength); }
+private:
+ union
+ {
+ TUint32 iData32[7];
+ TUint16 iData16[14];
+ TUint8 iData8[28];
+ } u;
+};
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ikesendqueueitem.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,119 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE send queue item
+*
+*/
+
+
+#ifndef T_IKESENDQUEUEITEM_H
+#define T_IKESENDQUEUEITEM_H
+
+// INCLUDES
+#include <in_sock.h>
+
+/**
+ * Item in send queue
+ *
+ * Item contains information needed to send a UDP data. Items are stored
+ * in send queue while they are waiting for sending.
+ *
+ * @lib ikeutils.lib
+ */
+class TIkeSendQueueItem
+ {
+public:
+
+ /**
+ * Constructor.
+ *
+ * @param aUdpData UDP data
+ * @param aDestAddr Destination IP address
+ * @param aLocalPort Local port
+ * @param aDscp DSCP value
+ */
+ IMPORT_C TIkeSendQueueItem( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp );
+
+ /**
+ * Constructor with message identification parameter. Constructs object
+ * which should be used for matching with Match() method.
+ * @param aUdpData UDP data
+ */
+ IMPORT_C TIkeSendQueueItem( HBufC8* aUdpData );
+
+ /**
+ * Determines whether two objects match. Items match if their
+ * message identification is same.
+ * @param aItemOne First item
+ * @param aItemTwo Second item
+ * @return Match or not
+ */
+ IMPORT_C static TBool Match( const TIkeSendQueueItem& aItemOne,
+ const TIkeSendQueueItem& aItemTwo );
+
+ /**
+ * Gets UDP data.
+ * @return UDP data.
+ */
+ IMPORT_C HBufC8* UdpData();
+
+ /**
+ * Gets destination IP address.
+ * @return Destination IP address
+ */
+ IMPORT_C const TInetAddr& DestAddr();
+
+ /**
+ * Gets local port.
+ * @return Local port.
+ */
+ IMPORT_C TInt LocalPort() const;
+
+ /**
+ * Gets DSCP value.
+ * @return DSCP value.
+ */
+ IMPORT_C TUint8 Dscp() const;
+
+private:
+
+ /**
+ * UDP data.
+ * Own.
+ */
+ HBufC8* iUdpData;
+
+ /**
+ * Destination IP address
+ * Own.
+ */
+ TInetAddr iDestAddr;
+
+ /**
+ * Local port.
+ * Own.
+ */
+ TInt iLocalPort;
+
+ /**
+ * DSCP value.
+ * Own.
+ */
+ TUint8 iDscp;
+ };
+
+
+#endif // T_IKESENDQUEUEITEM_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/internaladdress.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Internal address structure
+*
+*/
+
+
+#ifndef C_INTERNALADDRESS_H
+#define C_INTERNALADDRESS_H
+
+#include <in_sock.h>
+
+/**
+ * Internal address structure.
+ * This class contains internal address in secure network and all DNS
+ * addresses related to that secure network.
+ *
+ * @lib ikeutils.lib
+ */
+class CInternalAddress : public CArrayPtrFlat<TInetAddr>
+ {
+ public:
+ /**
+ * Constructor.
+ * @param aGranularity Granularity
+ */
+ IMPORT_C CInternalAddress( TInt aGranularity );
+
+ /**
+ * Destructor.
+ */
+ ~CInternalAddress();
+
+ /**
+ * Two-phased constructor.
+ * @param aInternalAddress Internal address
+ */
+ IMPORT_C static CInternalAddress* NewL( const CInternalAddress& aInternalAddress );
+
+ /**
+ * Copies internal address.
+ * @param aInternalAddress Internal address
+ */
+ IMPORT_C void CopyL( const CInternalAddress& aData );
+
+ public: // data
+
+ /**
+ * Internal address.
+ * Own.
+ */
+ TInetAddr iClientIntAddr;
+ };
+
+#endif // C_INTERNALADDRESS_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ipsecpolicyutil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,66 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility class for using IPSec policy server
+*
+*/
+
+
+#ifndef C_IPSECPOLICYUTIL_H
+#define C_IPSECPOLICYUTIL_H
+
+#include <e32base.h>
+#include <ipsecpolapi.h>
+
+// FORWARD DECLARATIONS
+class CIpsecSaSpecList;
+class TInetAddr;
+
+class CIpsecPolicyUtil : public CBase
+ {
+public:
+
+ IMPORT_C static CIpsecPolicyUtil* NewL();
+ ~CIpsecPolicyUtil() ;
+
+
+ /**
+ * Gets acceptable IPsec policies for specified selectors.
+ *
+ * @param aLocalAddr IP address, including possible port, of the local end selector
+ * @param aLocalMask Local end selector mask
+ * @param aRemoteAddr IP address, including possible port, of the remote end selector
+ * @param aRemoteMask Remote end selector mask
+ * @param aProtocol Protocol id
+ * @param aVpnNetId VPN net id
+ */
+ IMPORT_C CIpsecSaSpecList* GetIpseSaSpecListLC( TInetAddr aLocalAddr, TInetAddr aLocalMask,
+ TInetAddr aRemoteAddr, TInetAddr aRemoteMask,
+ TInt aProtocol, TUint32 aVpnNetId );
+
+private:
+ CIpsecPolicyUtil();
+ void ConstructL();
+
+private: // data
+
+ /**
+ * IPSec policy server.
+ * Own.
+ */
+ RIpsecPolicyServ iIpsecPolicyServ;
+
+ };
+
+
+#endif // C_IPSECPOLICYUTIL_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ipsecsadata.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,70 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec SA data structure for PFKEY Update and Add primitives
+*
+*/
+
+
+#ifndef T_IPSECSADATA_H
+#define T_IPSECSADATA_H
+
+#include <e32base.h>
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+class TIpsecSALifetime;
+
+/**
+ * IPSec SA data structure.
+ *
+ * @lib ikeutils.lib
+ */
+class TIpsecSAData
+ {
+public:
+ TIpsecSAData();
+
+public: // data
+ TUint8 iSAType;
+ TUint32 iSeq;
+ TInetAddr iSrc;
+ TInetAddr iDst;
+ TUint8 iProtocol;
+ TPtr8 iSrcIdent;
+ TUint16 iSrcIdType;
+ TPtr8 iDstIdent;
+ TUint16 iDstIdType;
+ TUint32 iPid;
+ TUint32 iSPI;
+ TUint8 iAuthAlg;
+ TUint8 iEncrAlg;
+ TPtrC8 iAuthKey;
+ TPtrC8 iEncrKey;
+ TUint32 iFlags;
+ TUint8 iReplayWindowLength;
+//
+// Private Nokia VPN specific extensions
+//
+ TInetAddr iInternalAddress;
+//
+// Genereric private format PFKEY extension. In this phase extesion consists
+// Information for ESP UDP encapsulation (NAT Traversal)
+//
+ TPtrC8 iGenericExtension;
+
+ TIpsecSALifetime* iHard;
+ TIpsecSALifetime* iSoft;
+ };
+
+#endif // T_IPSECSADATA_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ipsecsalifetime.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,46 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec SA lifetime structure
+*
+*/
+
+
+#ifndef T_IPSECSALIFETIME_H
+#define T_IPSECSALIFETIME_H
+
+#include <e32base.h>
+
+/**
+ * IPSec SA lifetime structure.
+ *
+ * @lib ikeutils.lib
+ */
+class TIpsecSALifetime
+ {
+public:
+ IMPORT_C TIpsecSALifetime( TUint32 aAllocations,
+ const TInt64& aBytes,
+ const TInt64& aAddtime,
+ const TInt64& aUsetime );
+
+ IMPORT_C TIpsecSALifetime& operator=( const TIpsecSALifetime& aSource );
+
+public: // data
+ TUint32 iAllocations;
+ TInt64 iBytes;
+ TInt64 iAddtime;
+ TInt64 iUsetime;
+ };
+
+#endif // T_IPSECSALIFETIME_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ipsecsalist.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Structure for storing IPSec SA Specs
+*
+*/
+
+
+#ifndef C_IPSECSALIST_H
+#define C_IPSECSALIST_H
+
+#include <e32base.h>
+#include <ipsecpolapi.h>
+
+class CIpsecSaSpecList : public CArrayFixFlat<struct TIpsecSaSpec>
+ {
+public:
+ IMPORT_C CIpsecSaSpecList();
+ };
+
+#endif // C_IPSECSALIST_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/ipsecsaspiretriever.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,102 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Active object that retrieves an SPI value for IPsec SA
+*
+*/
+
+
+#ifndef IPSECSASPIRETRIEVER_H_
+#define IPSECSASPIRETRIEVER_H_
+
+#include <e32base.h>
+
+/**
+ * A Callback interface for IPsec SA SPI value retriever.
+ * Callback interface which is used by CIpsecSaSpiRetriever object to
+ * notify about completion of IPsec SA SPI retrieve
+ *
+ * @lib ikeutils.lib
+ */
+class MIpsecSaSpiRetrieverCallback
+ {
+public:
+
+ /**
+ * Notifies about completion of IPsec SPI SA retrieve.
+ *
+ * @param aSpiRequestId Id of the SPI retrieve request.
+ * @param aStatus Completion status
+ * @param aSpi SPI value
+ */
+ virtual void IpsecSaSpiRetrieved(TUint32 aSpiRequestId,
+ TInt aStatus,
+ TUint32 aSpi) = 0;
+
+ };
+
+class CPFKeySocketIf;
+class TInetAddr;
+
+/**
+ * Retrieves new IPsec SA SPI value from the IPsec
+ *
+ * @lib ikeutils.lib
+ */
+class CIpsecSaSpiRetriever : public CActive
+ {
+public:
+
+ /**
+ * Constructs new IPsec SA SPI retriever.
+ *
+ * @param aRetrieverCallback Used callback interface
+ * @param aSocketIf Used PFKey socket interface.
+ */
+ IMPORT_C static CIpsecSaSpiRetriever* NewL(MIpsecSaSpiRetrieverCallback& aRetrieverCallback,
+ CPFKeySocketIf& aSocketIf);
+ ~CIpsecSaSpiRetriever();
+
+ /**
+ * Issues new IPsec SA SPI retrieve request.
+ * The completation of the SPI retrieve request is notified by using
+ * MIpsecSaSpiRetrieverCallback interface.
+ *
+ * @param aSpiRequestId Id for the SPI request.
+ * @param aIpsecProtocol Used IPsec protocol.
+ * Possible values are SADB_SATYPE_AH and SADB_SATYPE_ESP.
+ * @param aSrc Source address of the IPsec SA.
+ * If SRC_SPECIFIC is not set in the IPsec policy can be set to Unspecified.
+ * @param aDst Destination address of the IPsec SA.
+ */
+ IMPORT_C void GetIpsecSaSpi(const TUint32 aSpiRequestId,
+ const TUint8 aIpsecProtocol,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst);
+
+private:
+ CIpsecSaSpiRetriever(MIpsecSaSpiRetrieverCallback& aRetrieverCallback,
+ CPFKeySocketIf& aSocketIf);
+
+ void RunL();
+ void DoCancel();
+ TInt RunError(TInt aStatus);
+
+ MIpsecSaSpiRetrieverCallback& iRetrieverCallback;
+ CPFKeySocketIf& iSocketIf;
+
+ TUint32 iSpi;
+ TUint32 iSpiRequestId;
+ };
+
+#endif /* IPSECSASPIRETRIEVER_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/pfkeyextdatautil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,57 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN PFKEY extension data utility
+*
+*/
+
+
+#ifndef PFKEYEXTDATAUTIL_H
+#define PFKEYEXTDATAUTIL_H
+
+#include <e32base.h>
+
+/**
+ * PFKEY extension data utility class
+ *
+ * PFKEY extension data utility class for building generic PFKEY API extension
+ * data.
+ *
+ * @lib ikeutils.lib
+ */
+class PFKeyExtDataUtil
+ {
+public:
+ /**
+ * This static method builds a generic PFKEY API extension data which is
+ * needed for IPSEC do UDP encapsulation/decapsulation for ESP packet.
+ * @param aExtData Generic extension data (returned)
+ * @param aNAT_D_Flags NAT_D flags
+ * @param aNATDetected Informs if NAT detected (local end behind NAT)
+ * @param aNokiaNATProbeUsed Nokia NAT probe used
+ * @param aUdpEncapsPort UDP encapsulation port
+ * @param aKeepAliveTimeout Keep alive timeout
+ * @param aDestinAddr Destination address
+ * @param aOriginalAddr Peer original address
+ */
+ EXPORT_C static void BuildUdpEncExtensionData( TDes8& aExtData,
+ TUint32 aNAT_D_Flags,
+ TBool aNATDetected,
+ TBool aNokiaNATProbeUsed,
+ TUint16 aUdpEncapsPort,
+ TUint16 aKeepAliveTimeout,
+ const TInetAddr& aDestinAddr,
+ const TInetAddr& aOriginalAddr );
+ };
+
+#endif // PFKEYEXTDATAUTIL_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/pfkeymsg.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,250 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Key management daemon PFKEY message module.
+*
+*/
+
+#ifndef PFKEYMSG_H
+#define PFKEYMSG_H
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include <lib_pfkey.h>
+
+#include <networking/pfkeyv2.h>
+#include <networking/pfkeyext.h>
+
+//
+// Classes for handling PFKEY structures.
+//
+
+class TPfkeyBase
+ {
+public:
+ const struct sadb_msg* iMsg;
+ TPfkeyBase();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyAssociation
+ {
+public:
+ const struct sadb_sa* iExt;
+ TPfkeyAssociation();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyLifetime
+ {
+public:
+ const struct sadb_lifetime* iExt;
+ TPfkeyLifetime();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyAddress
+ {
+public:
+ const struct sadb_address* iExt;
+ const TInetAddr* iAddr;
+ TPfkeyAddress();
+ IMPORT_C const TInetAddr& Address() const;
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyKey
+ {
+public:
+ const struct sadb_key* iExt;
+ TPtrC8 iData;
+ TPfkeyKey();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyIdentity
+ {
+public:
+ const struct sadb_ident* iExt;
+ TPtrC8 iData;
+ TPfkeyIdentity();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeySensitivity
+ {
+public:
+ const struct sadb_sens* iExt;
+ TPtrC8 iSensBitmap;
+ TPtrC8 iIntegBitmap;
+ TPfkeySensitivity();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeyProposal
+ {
+public:
+ const struct sadb_prop* iExt;
+ const struct sadb_comb* iComb;
+ TInt iNumComb;
+ TPfkeyProposal();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfkeySupported
+ {
+public:
+ const struct sadb_supported* iExt;
+ const struct sadb_alg* iAlg;
+ TInt iNumAlg;
+ TPfkeySupported();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ virtual void AlgString( TDes &aStr,
+ TUint8 aAlg ) const = 0;
+ };
+
+class TPfkeySupportedAuth : public TPfkeySupported
+ {
+public:
+ void AlgString( TDes &aStr,
+ TUint8 aAlg ) const;
+ static void Alg2String( TDes &aStr,
+ TUint8 aAlg );
+ };
+
+class TPfkeySupportedEncrypt : public TPfkeySupported
+ {
+public:
+ void AlgString( TDes &aStr,
+ TUint8 aAlg ) const;
+ static void Alg2String( TDes &aStr,
+ TUint8 aAlg );
+ };
+
+class TPfkeySpirange
+ {
+public:
+ const struct sadb_spirange* iExt;
+ TPfkeySpirange();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+class TPfKeySelector: public sadb_x_selector
+ {
+public:
+ TInetAddr iSrc;
+ TInetAddr iDst;
+ };
+
+class TPfkeyTs
+ {
+public:
+ const struct sadb_x_ts* iExt;
+ TPfkeyTs();
+ IMPORT_C TInt SelectorCount() const;
+ IMPORT_C const TPfKeySelector& Selector( TInt aIndex ) const;
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+
+class TPFkeyPrivExt
+ {
+public:
+ const struct sadb_gen_ext* iExt;
+ TPtrC8 iData;
+ TPFkeyPrivExt();
+
+#ifdef _DEBUG
+ void String( TDes &aStr,
+ const TDesC &aLabel ) const;
+#endif
+ };
+
+
+//
+// Internal presentation of the PF_KEY message
+//
+class TPfkeyMessage
+ {
+public:
+ //
+ // Construct internal presentation from the PFKEY bytestream message
+ TPfkeyMessage( TPfkeyRecvMsg& aMsg );
+ TPfkeyMessage();
+ TInt iError; // == KErrNone, if message format valid.
+ TPfkeyBase iBase;
+ TPfkeyAssociation iSa;
+ TPfkeyLifetime iCurrent;
+ TPfkeyLifetime iHard;
+ TPfkeyLifetime iSoft;
+ TPfkeyAddress iSrcAddr;
+ TPfkeyAddress iDstAddr;
+ TPfkeyAddress iProxyAddr;
+ TPfkeyKey iAuthKey;
+ TPfkeyKey iEncryptKey;
+ TPfkeyIdentity iSrcIdent;
+ TPfkeyIdentity iDstIdent;
+ TPfkeySensitivity iSensitivity;
+ TPfkeyProposal iProposal;
+ TPfkeySupportedAuth iAuthAlgs;
+ TPfkeySupportedEncrypt iEncryptAlgs;
+ TPfkeySpirange iSpirange;
+ TPfkeyTs iTs;
+ TPFkeyPrivExt iPrivateExtension; // For ESP UDP encapsulation
+ };
+
+#endif // PFKEYMSG_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/pfkeysocketif.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,118 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN PFKEY socket interface
+*
+*/
+
+#ifndef C_PFKEYSOCKET_H
+#define C_PFKEYSOCKET_H
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include <lib_pfkey.h>
+#include "pfkeymsg.h"
+
+// FORWARD DECLARATIONS
+class TIpsecSAData;
+class RSocketServ;
+class MIkeDebug;
+
+class MPFKeyMessageListener
+ {
+public:
+ virtual void PfkeyMessageReceived( const TPfkeyMessage& aReq ) = 0;
+ };
+
+
+class TPendingSpiRequest
+ {
+public:
+ TPendingSpiRequest(TUint32& aSpi, TRequestStatus& aClientStatus):
+ iSpi(aSpi), iClientStatus(aClientStatus){}
+
+ TUint32& iSpi;
+ TRequestStatus& iClientStatus;
+ };
+
+//
+// Register for ESP
+// and stay listening the PFKEY socket
+//
+class CPFKeySocketIf : public CActive
+ {
+public:
+ IMPORT_C static CPFKeySocketIf* NewL( MPFKeyMessageListener* aListener,
+ MIkeDebug& aDebug );
+ ~CPFKeySocketIf() ;
+
+ //PFKEY related functions
+ void GetSpi( const TUint8 aType,
+ const TUint32 aSeq,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ TUint32& aSpi,
+ TRequestStatus& aClientStatus);
+ void CancelGetSpi(TRequestStatus& aClientStatus);
+
+ IMPORT_C void AcquireSAError( const TIpsecSAData& aSAData,
+ const TInt aError );
+
+ IMPORT_C void UpdateSAL( const TIpsecSAData& aSAData );
+
+ IMPORT_C void AddSAL( const TIpsecSAData& aSAData );
+
+ IMPORT_C void DeleteSA( const TUint32 aSPI,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ const TUint8 aProtocol );
+
+ IMPORT_C void FlushSAs();
+
+private:
+ CPFKeySocketIf( MPFKeyMessageListener* aListener,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+ void AddUpdateSAL( const TUint8 aType,
+ const TIpsecSAData& aSAData );
+
+ TUint32 NewSpi();
+
+#ifdef _DEBUG
+ void ShowMessageL( TPfkeyRecvMsg& aMsg );
+#endif
+
+// from base class CActive
+ void RunL();
+ void DoCancel();
+ TInt RunError( TInt aError );
+
+protected: // data
+ MPFKeyMessageListener* iListener;
+
+private: // data
+
+ RSocketServ iSocketServer;
+ RSADB iSadb;
+
+ TPfkeyRecvMsg iMsg;
+ TUint32 iSeq;
+ TUint32 iSpiBase;
+
+ MIkeDebug& iDebug;
+
+ RArray<TPendingSpiRequest> iPendingSpiRequests;
+ };
+
+#endif // C_PFKEYSOCKET_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/inc/vpnaddrinfo.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,56 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility for building internal address info.
+*
+*/
+
+
+#ifndef VPNADDRINFO_H
+#define VPNADDRINFO_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class CInternalAddress;
+class MIkeDebug;
+class TInetAddr;
+class TVPNAddress;
+
+/**
+ * VPN address info utility.
+ *
+ * Utility class for building internal address info.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class VPNAddrInfo
+ {
+public:
+
+ /**
+ * Builds internal address info object.
+ * @param aInternalAddr Internal address
+ * @param aDnsServerAddr DNS server address
+ * @param aVPNAddress Internal address info (returned)
+ * @param aDebug Debug trace interface
+ */
+ EXPORT_C static void BuildVPNAddrInfo( const CInternalAddress* aInternalAddr,
+ const TInetAddr& aDnsServerAddr,
+ TVPNAddress& aVPNAddress,
+ MIkeDebug& aDebug );
+
+ };
+
+
+#endif // VPNADDRINFO_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/rom/ikeutils.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* ikeutils
+*
+*/
+
+
+
+#ifndef __IKEUTILS_IBY__
+#define __IKEUTILS_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKEUTILS not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikeutils.dll SHARED_LIB_DIR\ikeutils.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __IKEUTILS_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ikesendqueueitem.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,100 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE send queue item
+*
+*/
+
+
+// INCLUDE FILES
+#include "ikesendqueueitem.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Constructor
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TIkeSendQueueItem::TIkeSendQueueItem( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp )
+ : iUdpData( aUdpData ),
+ iDestAddr( aDestAddr ),
+ iLocalPort( aLocalPort ),
+ iDscp( aDscp )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor with message identification parameter. Constructs object
+// which should be used for matching with Match() method.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TIkeSendQueueItem::TIkeSendQueueItem( HBufC8* aUdpData )
+ : iUdpData( aUdpData ),
+ iDestAddr( TInetAddr() ),
+ iLocalPort( 0 ),
+ iDscp( 0 )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Determines whether two objects match.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TBool TIkeSendQueueItem::Match( const TIkeSendQueueItem& aItemOne,
+ const TIkeSendQueueItem& aItemTwo )
+ {
+ if ( aItemOne.iUdpData == aItemTwo.iUdpData )
+ {
+ return ETrue;
+ }
+ return EFalse;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets UDP data.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C HBufC8* TIkeSendQueueItem::UdpData()
+ {
+ return iUdpData;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets destination IP address.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C const TInetAddr& TIkeSendQueueItem::DestAddr()
+ {
+ return iDestAddr;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local port.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TInt TIkeSendQueueItem::LocalPort() const
+ {
+ return iLocalPort;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets DSCP value.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TUint8 TIkeSendQueueItem::Dscp() const
+ {
+ return iDscp;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/internaladdress.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,49 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Internal address structure
+*
+*/
+
+
+// CLASS HEADER
+#include "internaladdress.h"
+
+EXPORT_C CInternalAddress::CInternalAddress( TInt aGranularity )
+ : CArrayPtrFlat<TInetAddr>( aGranularity )
+ {
+ }
+
+CInternalAddress::~CInternalAddress()
+ {
+ ResetAndDestroy();
+ }
+
+EXPORT_C CInternalAddress* CInternalAddress::NewL( const CInternalAddress& aData )
+ {
+ CInternalAddress* internalAddr = new (ELeave) CInternalAddress(1);
+ internalAddr->CopyL(aData);
+ return internalAddr;
+ }
+
+EXPORT_C void CInternalAddress::CopyL( const CInternalAddress& aData )
+ {
+ for ( TInt i=0; i<aData.Count(); i++ )
+ {
+ TInetAddr* dns_addr = new (ELeave) TInetAddr(*(aData.At(i)));
+ CleanupStack::PushL(dns_addr);
+ AppendL(dns_addr);
+ CleanupStack::Pop();
+ }
+ iClientIntAddr = aData.iClientIntAddr;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ipsecpolicyutil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,112 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility class for using IPSec policy server
+*
+*/
+
+
+#include "ipsecsalist.h"
+
+// CLASS HEADER
+#include "ipsecpolicyutil.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C CIpsecPolicyUtil* CIpsecPolicyUtil::NewL()
+ {
+ CIpsecPolicyUtil* self = new (ELeave) CIpsecPolicyUtil();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIpsecPolicyUtil::~CIpsecPolicyUtil()
+ {
+ iIpsecPolicyServ.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIpsecPolicyUtil::CIpsecPolicyUtil()
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIpsecPolicyUtil::ConstructL()
+ {
+ User::LeaveIfError( iIpsecPolicyServ.Connect() );
+ }
+
+// ---------------------------------------------------------------------------
+// Get acceptable IPsec policies for specified selectors. Get all acceptable
+// SA specifications with sequential GetIPSecSAInfo() method calls.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C CIpsecSaSpecList* CIpsecPolicyUtil::GetIpseSaSpecListLC( TInetAddr aLocalAddr, TInetAddr aLocalMask,
+ TInetAddr aRemoteAddr, TInetAddr aRemoteMask,
+ TInt aProtocol, TUint32 aVpnNetId )
+ {
+ CIpsecSaSpecList* ipsecSaList = new (ELeave)CIpsecSaSpecList();
+ CleanupStack::PushL(ipsecSaList);
+
+ aLocalAddr.ConvertToV4Mapped();
+ aLocalMask.ConvertToV4Mapped();
+ aRemoteAddr.ConvertToV4Mapped();
+ aRemoteAddr.SetScope(aVpnNetId);
+ aRemoteMask.ConvertToV4Mapped();
+
+
+ TIpsecSelectorInfo selectorInfo;
+ selectorInfo.iLocal = aLocalAddr;
+ selectorInfo.iLocalMask = aLocalMask;
+ selectorInfo.iRemote = aRemoteAddr;
+ selectorInfo.iRemoteMask = aRemoteMask;
+ selectorInfo.iProtocol = aProtocol;
+ selectorInfo.iSaIndex = 0;
+ TPckg<TIpsecSelectorInfo> pckgSelectorInfo(selectorInfo);
+ TIpsecSaSpec saInfo;
+ do
+ {
+ TRequestStatus requestStatus;
+ TPckg<TIpsecSaSpec> pckgSASpec(saInfo);
+
+ iIpsecPolicyServ.MatchSelector( pckgSelectorInfo,
+ pckgSASpec,
+ requestStatus );
+ User::WaitForRequest(requestStatus);
+ User::LeaveIfError(requestStatus.Int());
+
+ ipsecSaList->AppendL(saInfo);
+ selectorInfo.iSaIndex++;
+ }
+ while(saInfo.iMoreSasExist);
+
+ return ipsecSaList;
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ipsecsadata.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec SA data structure for PFKEY Update and Add primitives
+*
+*/
+
+
+// CLASS HEADER
+#include "ipsecsadata.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TIpsecSAData::TIpsecSAData()
+ : iSAType(0),
+ iSeq(0),
+ iSrc(),
+ iDst(),
+ iProtocol(0),
+ iSrcIdent(0,0),
+ iSrcIdType(0),
+ iDstIdent(0,0),
+ iDstIdType(0),
+ iPid(0),
+ iSPI(0),
+ iAuthAlg(0),
+ iEncrAlg(0),
+ iAuthKey(0,0),
+ iEncrKey(0,0),
+ iFlags(0),
+ iReplayWindowLength(0),
+ iInternalAddress(),
+ iGenericExtension(0,0),
+ iHard(0),
+ iSoft(0)
+ {
+ };
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ipsecsalifetime.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec SA lifetime structure
+*
+*/
+
+
+// CLASS HEADER
+#include "ipsecsalifetime.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TIpsecSALifetime::TIpsecSALifetime( TUint32 aAllocations,
+ const TInt64& aBytes,
+ const TInt64& aAddtime,
+ const TInt64& aUsetime )
+ : iAllocations( aAllocations ),
+ iBytes(aBytes),
+ iAddtime(aAddtime),
+ iUsetime(aUsetime)
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Assignment operator.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TIpsecSALifetime& TIpsecSALifetime::operator=( const TIpsecSALifetime& aSource )
+ {
+ if ( this != &aSource )
+ {
+ iAllocations = aSource.iAllocations;
+ iBytes = aSource.iBytes;
+ iAddtime = aSource.iAddtime;
+ iUsetime = aSource.iUsetime;
+ }
+ return *this;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ipsecsalist.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Structure for storing IPSec SA Specs
+*
+*/
+
+
+// CLASS HEADER
+#include "ipsecsalist.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C CIpsecSaSpecList::CIpsecSaSpecList()
+ : CArrayFixFlat<struct TIpsecSaSpec>(1)
+ {
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/ipsecsaspiretriever.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD server
+*
+*/
+
+
+#include "ipsecsaspiretriever.h"
+#include "pfkeysocketif.h"
+
+EXPORT_C CIpsecSaSpiRetriever* CIpsecSaSpiRetriever::NewL(MIpsecSaSpiRetrieverCallback& aRetrieverCallback,
+ CPFKeySocketIf& aSocketIf)
+ {
+ CIpsecSaSpiRetriever* self = new (ELeave) CIpsecSaSpiRetriever(aRetrieverCallback, aSocketIf);
+ return self;
+ }
+
+CIpsecSaSpiRetriever::CIpsecSaSpiRetriever(MIpsecSaSpiRetrieverCallback& aRetrieverCallback,
+ CPFKeySocketIf& aSocketIf)
+:CActive(EPriorityStandard), iRetrieverCallback(aRetrieverCallback), iSocketIf(aSocketIf)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+CIpsecSaSpiRetriever::~CIpsecSaSpiRetriever()
+ {
+ Cancel();
+ }
+
+EXPORT_C void CIpsecSaSpiRetriever::GetIpsecSaSpi(const TUint32 aSpiRequestId,
+ const TUint8 aIpsecProtocol,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst)
+ {
+ iSpiRequestId = aSpiRequestId;
+ iSocketIf.GetSpi(aIpsecProtocol, aSpiRequestId, aSrc, aDst, iSpi, iStatus);
+ SetActive();
+ }
+
+
+void CIpsecSaSpiRetriever::RunL()
+ {
+ iRetrieverCallback.IpsecSaSpiRetrieved(iSpiRequestId, iStatus.Int(), iSpi);
+ }
+
+void CIpsecSaSpiRetriever::DoCancel()
+ {
+ iSocketIf.CancelGetSpi(iStatus);
+ }
+
+TInt CIpsecSaSpiRetriever::RunError(TInt /*aStatus*/)
+ {
+ User::Invariant(); //RunL should never leave
+ return KErrNone;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/pfkeyextdatautil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,110 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN PFKEY extension data utility
+*
+*/
+
+
+#include <in_sock.h>
+#include <networking/pfkeyv2.h>
+#include <networking/pfkeyext.h>
+
+#include "ikemsgheader.h"
+#include "pfkeyextdatautil.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// This static method builds a generic PFKEY API extension data for IPSEC.
+// This data contains all parameters needed by the IPSEC to do UDP
+// encapsulation/decpsulation for ESP packet. Generic extension data format is
+// LID format begining with four bytes extension header. Extension header
+// consists two bytes extension length and two bytes extension ID. LID format
+// consists from one byte length, one byte ID and parameter data.
+// Buffer format: HL,HID,LID,LID,...LID
+// Generic extension data buffer handling macros are defined in pfkeyext.h
+// (common macros with IPSEC)
+// ---------------------------------------------------------------------------
+//
+void PFKeyExtDataUtil::BuildUdpEncExtensionData( TDes8& aExtData,
+ TUint32 aNAT_D_Flags,
+ TBool aNATDetected,
+ TBool aNokiaNATProbeUsed,
+ TUint16 aUdpEncapsPort,
+ TUint16 aKeepAliveTimeout,
+ const TInetAddr& aDestinAddr,
+ const TInetAddr& aOriginalAddr )
+ {
+ if ( aNAT_D_Flags )
+ {
+ aUdpEncapsPort = FLOATED_IKE_PORT; // for IETF specified ESP UDP encapsulation
+ if ( ( aNAT_D_Flags & LOCAL_END_NAT ) == 0 )
+ {
+ aKeepAliveTimeout = 0; // Local end is not behind NAT, no keepalive needed
+ }
+ }
+ else
+ {
+ //
+ // Nokia specific NAT traversal info (=ESP UDP tunneling)
+ // If aNATDetected is true connection is over NAT:ted
+ // network (=local end behind NAT). UDP encapsulation shall
+ // then be done using configured port iEspUdpPort. If that
+ // value is undefined default port 9872 shall be used then.
+ // If aNATDetected is false and aNokiaNATProbeUsed is true
+ // the NAT probe procedure has confirmed that there is no
+ // NAT device between. ESP UDP encapsulation port is zeroed
+ // then to avoid unnecessary ESP UDP encapsulation.
+ // If aNokiaNATProbeUsed is false ESP UDP encapsulation is done
+ // without probing, if any aUdpEncapsPort is defined
+ //
+ if ( !aNATDetected && aNokiaNATProbeUsed )
+ {
+ aUdpEncapsPort = 0;
+ }
+ }
+
+ if ( aUdpEncapsPort == 0 )
+ {
+ aExtData.SetLength(0); // No extension data needed
+ return;
+ }
+
+ TPfkeyGenExtension NatExtension( aExtData, ESP_UDP_ENCAPSULATION_EXT );
+
+ NatExtension.StoreParameter( UDP_ENCAPSULATION_PORT,
+ 2,
+ (TUint8*)&aUdpEncapsPort );
+
+ if ( aKeepAliveTimeout )
+ {
+ NatExtension.StoreParameter( NAT_KEEPALIVE_TIMEOUT,
+ 2,
+ (TUint8*)&aKeepAliveTimeout );
+ }
+
+ if ( aNAT_D_Flags & REMOTE_END_NAT )
+ {
+ NatExtension.StoreParameter( DESTINATION_ADDRESS,
+ sizeof(TInetAddr),
+ (TUint8*)&aDestinAddr );
+ }
+
+ if ( aOriginalAddr.Family() != KAFUnspec )
+ {
+ NatExtension.StoreParameter( PEER_ORIGINAL_ADDRESS,
+ sizeof(TInetAddr),
+ (TUint8*)&aOriginalAddr );
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/pfkeymsg.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,722 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Key management daemon PFKEY message module.
+*
+*/
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include <eikenv.h>
+
+#include "pfkeymsg.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+#ifdef _DEBUG
+//
+// Convert to String methods
+//
+// TPfkeyBase::String
+// Convert Base Message Header to printable string
+//
+
+void TPfkeyBase::String(TDes &aStr, const TDesC &aLabel) const
+ {
+
+ if (!iMsg)
+ return;
+
+ aStr.Append(aLabel);
+ aStr.AppendFormat(_L("#%d.%d "),
+ (int)iMsg->sadb_msg_seq,
+ (int)iMsg->sadb_msg_pid);
+ switch (iMsg->sadb_msg_type)
+ {
+ case SADB_GETSPI:
+ aStr.Append(_L("GETSPI"));
+ break;
+ case SADB_UPDATE:
+ aStr.Append(_L("UPDATE"));
+ break;
+ case SADB_ADD:
+ aStr.Append(_L("ADD"));
+ break;
+ case SADB_DELETE:
+ aStr.Append(_L("DELETE"));
+ break;
+ case SADB_GET:
+ aStr.Append(_L("GET"));
+ break;
+ case SADB_ACQUIRE:
+ aStr.Append(_L("ACQUIRE"));
+ break;
+ case SADB_REGISTER:
+ aStr.Append(_L("REGISTER"));
+ break;
+ case SADB_EXPIRE:
+ aStr.Append(_L("EXPIRE"));
+ break;
+ case SADB_FLUSH:
+ aStr.Append(_L("FLUSH"));
+ break;
+ case SADB_DUMP:
+ aStr.Append(_L("DUMP"));
+ break;
+ default:
+ aStr.AppendFormat(_L("UNKNOWN(%d)"),
+ iMsg->sadb_msg_type);
+ break;
+ }
+ if (iMsg->sadb_msg_version != PF_KEY_V2)
+ aStr.AppendFormat(_L("(V%d)"), (int)iMsg->sadb_msg_version);
+
+ if (iMsg->sadb_msg_errno)
+ {
+ aStr.AppendFormat(_L("(Errno%d)"), (int)iMsg->sadb_msg_errno);
+ }
+ else
+ aStr.Append(_L("[ok] "));
+ switch (iMsg->sadb_msg_satype)
+ {
+ case SADB_SATYPE_AH:
+ aStr.Append(_L("AH"));
+ break;
+ case SADB_SATYPE_ESP:
+ aStr.Append(_L("ESP"));
+ break;
+ case SADB_SATYPE_UNSPEC:
+ aStr.Append('*');
+ break;
+ default:
+ aStr.AppendFormat(_L("UNKNOWN=%d"), (int)iMsg->sadb_msg_satype);
+ break;
+ }
+ }
+
+void TPfkeyAssociation::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (!iExt)
+ return;
+ aStr.Append(aLabel);
+ if (iExt->sadb_sa_encrypt || iExt->sadb_sa_auth)
+ {
+ aStr.Append('(');
+ if (iExt->sadb_sa_encrypt)
+ TPfkeySupportedEncrypt::Alg2String(aStr, iExt->sadb_sa_encrypt);
+ aStr.Append(',');
+ if (iExt->sadb_sa_auth)
+ TPfkeySupportedAuth::Alg2String(aStr, iExt->sadb_sa_auth);
+ aStr.Append(')');
+ }
+
+ switch (iExt->sadb_sa_state)
+ {
+ case SADB_SASTATE_LARVAL:
+ aStr.Append(_L(" LARVAL"));
+ break;
+ case SADB_SASTATE_MATURE:
+ aStr.Append(_L(" MATURE"));
+ break;
+ case SADB_SASTATE_DYING:
+ aStr.Append(_L(" DYING"));
+ break;
+ case SADB_SASTATE_DEAD:
+ aStr.Append(_L(" DEAD"));
+ break;
+ default:
+ aStr.AppendFormat(_L(" UNKNOWN=%d"), (int)iExt->sadb_sa_state);
+ break;
+ }
+ aStr.AppendFormat(_L(" SPI=%x"), (int)ByteOrder::Swap32(iExt->sadb_sa_spi));
+ if (iExt->sadb_sa_replay)
+ aStr.AppendFormat(_L(" Replay=%d"), (int)iExt->sadb_sa_replay);
+ }
+
+void TPfkeyAddress::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (!iExt)
+ return;
+ aStr.Append(aLabel);
+ if (iAddr)
+ {
+ TBuf<39> addr;
+ iAddr->OutputWithScope(addr);
+ aStr.Append(addr);
+ if (iExt->sadb_address_proto)
+ aStr.AppendFormat(_L(" proto=%d"), iExt->sadb_address_proto);
+ if (iAddr->Port())
+ aStr.AppendFormat(_L(" port=%d"), iAddr->Port());
+ }
+ }
+
+void TPfkeyKey::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (iExt)
+ aStr.Append(aLabel);
+ }
+
+void TPfkeyLifetime::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (!iExt)
+ return;
+ aStr.Append(aLabel);
+ aStr.Append((TChar)'(');
+ aStr.AppendNum(iExt->sadb_lifetime_allocations);
+ aStr.Append((TChar)',');
+ aStr.AppendNum(iExt->sadb_lifetime_bytes);
+ aStr.Append((TChar)',');
+ aStr.AppendNum(iExt->sadb_lifetime_addtime);
+ aStr.Append((TChar)',');
+ aStr.AppendNum(iExt->sadb_lifetime_usetime);
+ aStr.Append((TChar)')');
+ }
+
+void TPfkeySupported::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (!iExt)
+ return;
+ aStr.Append(aLabel);
+ for (int i = 0; i < iNumAlg; ++i)
+ {
+ AlgString(aStr, iAlg[i].sadb_alg_id);
+ if (iAlg[i].sadb_alg_minbits == iAlg[i].sadb_alg_maxbits)
+ aStr.AppendFormat
+ (_L("(IV=%d,key=%d)"),
+ (int)iAlg[i].sadb_alg_ivlen,
+ (int)iAlg[i].sadb_alg_maxbits);
+ else
+ aStr.AppendFormat
+ (_L("(IV=%d,%d<=key<=%d)"),
+ (int)iAlg[i].sadb_alg_ivlen,
+ (int)iAlg[i].sadb_alg_minbits,
+ (int)iAlg[i].sadb_alg_maxbits);
+ }
+ }
+
+void TPfkeyIdentity::String(TDes &aStr, const TDesC &aLabel) const
+{
+
+#ifdef _UNICODE
+ if (iExt)
+ {
+ aStr.Append(aLabel);
+ if (iData.Length() == 0)
+ return;
+ HBufC *unibuf = HBufC::New(iData.Length());
+ if (!unibuf)
+ return;
+ unibuf->Des().Copy(iData);
+ aStr.Append(unibuf->Des());
+ delete unibuf;
+ }
+#else
+ if (iExt)
+ {
+ aStr.Append(aLabel);
+ aStr.Append(iData);
+ }
+#endif
+}
+
+void TPfkeySensitivity::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (iExt)
+ {
+ aStr.Append(aLabel);
+ }
+ }
+
+void TPfkeyProposal::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (!iExt)
+ return;
+ aStr.Append(aLabel);
+ if (iExt->sadb_prop_replay)
+ aStr.AppendFormat(_L("replay=%d"), (int)iExt->sadb_prop_replay);
+ for (int i = 0; i < iNumComb; i++)
+ {
+ aStr.AppendFormat(_L(" %d:("), i+1);
+ if (iComb[i].sadb_comb_flags & SADB_SAFLAGS_PFS)
+ aStr.Append(_L("PFS "));
+ if (iComb[i].sadb_comb_encrypt)
+ {
+ TPfkeySupportedEncrypt::Alg2String(aStr, iComb[i].sadb_comb_encrypt);
+ aStr.AppendFormat(_L("[%d..%d]"),
+ iComb[i].sadb_comb_encrypt_minbits,
+ iComb[i].sadb_comb_encrypt_maxbits);
+ }
+ if (iComb[i].sadb_comb_auth)
+ {
+ aStr.Append(',');
+ TPfkeySupportedAuth::Alg2String(aStr, iComb[i].sadb_comb_auth);
+ aStr.AppendFormat(_L("[%d..%d]"),
+ iComb[i].sadb_comb_auth_minbits,
+ iComb[i].sadb_comb_auth_maxbits);
+ }
+ if (iComb[i].sadb_comb_soft_allocations ||
+ iComb[i].sadb_comb_soft_bytes != 0 ||
+ iComb[i].sadb_comb_soft_addtime != 0||
+ iComb[i].sadb_comb_soft_usetime != 0)
+ {
+ aStr.AppendFormat(_L(" soft=(%d,"), (int)iComb[i].sadb_comb_soft_allocations);
+ aStr.AppendNum(iComb[i].sadb_comb_soft_bytes);
+ aStr.Append(',');
+ aStr.AppendNum(iComb[i].sadb_comb_soft_addtime);
+ aStr.Append(',');
+ aStr.AppendNum(iComb[i].sadb_comb_soft_usetime);
+ aStr.Append(')');
+ }
+ if (iComb[i].sadb_comb_hard_allocations ||
+ iComb[i].sadb_comb_hard_bytes != 0 ||
+ iComb[i].sadb_comb_hard_addtime != 0 ||
+ iComb[i].sadb_comb_hard_usetime != 0)
+ {
+ aStr.AppendFormat(_L(" hard=(%d,"), (int)iComb[i].sadb_comb_hard_allocations);
+ aStr.AppendNum(iComb[i].sadb_comb_hard_bytes);
+ aStr.Append(',');
+ aStr.AppendNum(iComb[i].sadb_comb_hard_addtime);
+ aStr.Append(',');
+ aStr.AppendNum(iComb[i].sadb_comb_hard_usetime);
+ aStr.Append(')');
+ }
+ aStr.Append(')');
+ }
+ }
+
+void TPfkeySpirange::String(TDes &aStr,const TDesC &aLabel) const
+ {
+ if (iExt)
+ {
+ aStr.Append(aLabel);
+ }
+ }
+
+void TPfkeyTs::String(TDes &aStr,const TDesC &aLabel) const
+ {
+ if (iExt)
+ {
+ for (TInt i = 0; i < SelectorCount(); ++i)
+ {
+ const TPfKeySelector& selector = Selector(i);
+
+ TBuf<50> src;
+ TBuf<50> dst;
+
+ selector.iSrc.OutputWithScope(src);
+ selector.iDst.OutputWithScope(dst);
+
+ aStr.AppendFormat(_L("%S[%d] proto=%d src=%S:%d, dst=%S:%d" ),
+ &aLabel, i, selector.sadb_x_selector_proto,
+ &src, selector.iSrc.Port(),
+ &dst, selector.iDst.Port());
+
+
+ }
+ }
+ }
+
+void TPFkeyPrivExt::String(TDes &aStr, const TDesC &aLabel) const
+ {
+ if (iExt)
+ aStr.Append(aLabel);
+ }
+
+#endif //#ifdef _DEBUG
+
+
+TPfkeyBase::TPfkeyBase()
+ : iMsg( 0 )
+ {
+ }
+
+TPfkeyAssociation::TPfkeyAssociation()
+ : iExt( 0 )
+ {
+ }
+
+TPfkeyLifetime::TPfkeyLifetime()
+ : iExt( 0 )
+ {
+ }
+
+TPfkeyAddress::TPfkeyAddress()
+ : iExt(0), iAddr(0)
+ {
+ }
+
+EXPORT_C const TInetAddr& TPfkeyAddress::Address() const
+ {
+ return *iAddr;
+ }
+
+TPfkeyKey::TPfkeyKey()
+ : iExt( 0 )
+ {
+ }
+
+TPfkeyIdentity::TPfkeyIdentity()
+ : iExt( 0 )
+ {
+ }
+
+TPfkeySensitivity::TPfkeySensitivity()
+ : iExt(0)
+ {
+ }
+
+TPfkeyProposal::TPfkeyProposal()
+ : iExt( 0 ),
+ iComb( 0 ),
+ iNumComb( 0 )
+ {
+ }
+
+TPfkeySupported::TPfkeySupported()
+ : iExt( 0 ),
+ iAlg( 0 ),
+ iNumAlg( 0 )
+ {
+ }
+
+void TPfkeySupportedAuth::AlgString( TDes &aStr,
+ TUint8 aAlg ) const
+ {
+ Alg2String( aStr, aAlg );
+ }
+
+void TPfkeySupportedAuth::Alg2String(TDes &aStr, TUint8 aAlg)
+ {
+ switch (aAlg)
+ {
+ case SADB_AALG_MD5HMAC:
+ aStr.Append(_L("md5hmac"));
+ break;
+ case SADB_AALG_SHA1HMAC:
+ aStr.Append(_L("sha1hmac"));
+ break;
+ default:
+ aStr.AppendFormat(_L("%d"), (int)aAlg);
+ }
+ }
+
+void TPfkeySupportedEncrypt::AlgString( TDes &aStr,
+ TUint8 aAlg ) const
+ {
+ Alg2String( aStr, aAlg );
+ }
+
+void TPfkeySupportedEncrypt::Alg2String(TDes &aStr, TUint8 aAlg)
+ {
+ switch (aAlg)
+ {
+ case SADB_EALG_DESCBC:
+ aStr.Append(_L("descbc"));
+ break;
+ case SADB_EALG_3DESCBC:
+ aStr.Append(_L("3descbc"));
+ break;
+ case SADB_EALG_NULL:
+ aStr.Append(_L("null"));
+ break;
+ case 4:
+ aStr.Append(_L("rc5"));
+ break;
+ case 5:
+ aStr.Append(_L("idea"));
+ break;
+ case 6:
+ aStr.Append(_L("cast"));
+ break;
+ case 7:
+ aStr.Append(_L("blowfish"));
+ break;
+ case 8:
+ aStr.Append(_L("3idea"));
+ break;
+ case 9:
+ aStr.Append(_L("desiv32"));
+ break;
+ case 10:
+ aStr.Append(_L("rc4"));
+ break;
+ case 12:
+ aStr.Append(_L("aes"));
+ break;
+
+ default:
+ aStr.AppendFormat(_L("%d"), (int)aAlg);
+ }
+ }
+
+TPfkeySpirange::TPfkeySpirange()
+ : iExt( 0 )
+ {
+ }
+
+TPfkeyTs::TPfkeyTs()
+ : iExt(0)
+ {
+ }
+
+EXPORT_C TInt TPfkeyTs::SelectorCount() const
+ {
+ return (iExt != NULL) ? iExt->sadb_x_ts_numsel : 0;
+ }
+
+EXPORT_C const TPfKeySelector& TPfkeyTs::Selector(TInt aIndex) const
+ {
+ __ASSERT_DEBUG(iExt != NULL, User::Invariant());
+ __ASSERT_DEBUG(iExt->sadb_x_ts_numsel > aIndex, User::Invariant());
+
+ TPfKeySelector *selector = (TPfKeySelector*)((TUint8*)iExt + sizeof(struct sadb_x_ts));
+ return selector[aIndex];
+ }
+
+TPFkeyPrivExt::TPFkeyPrivExt()
+ : iExt( 0 )
+ {
+ }
+
+//
+// TPfkeyMessage
+//
+TPfkeyMessage::TPfkeyMessage()
+ : iError( KErrNone )
+ {
+ }
+
+//
+// Construct TPfkeyMesage from a PF_KEY v2 byte stream (aMsg)
+//
+TPfkeyMessage::TPfkeyMessage(TPfkeyRecvMsg& aMsg)
+ {
+ const TUint8 *p = aMsg.Ptr();
+ TInt length = aMsg.Length();
+
+ iError = KErrArgument;
+ if (length < (TInt)sizeof(sadb_msg))
+ return; // EMSGSIZE (impossible message size)
+
+ // Base Message Header
+ iBase.iMsg = (struct sadb_msg *)p;
+ if (iBase.iMsg->sadb_msg_version != PF_KEY_V2)
+ return; // EINVAL
+ // SADB_ACQUIRE response can have sadb_msg_errno set to non-zero value
+ if (iBase.iMsg->sadb_msg_errno && (iBase.iMsg->sadb_msg_type != SADB_ACQUIRE))
+ return; // EINVAL (should be set zero by sender)
+ if (iBase.iMsg->sadb_msg_len * 8 != length)
+ return; // EMSGSIZE (incorrect message length)
+ // SADB_ACQUIRE response can have sadb_msg_reserved set to non-zero value
+ if (iBase.iMsg->sadb_msg_reserved && (iBase.iMsg->sadb_msg_type != SADB_ACQUIRE))
+ return; // EINVAL (unused parts must be zeroed)
+ p += sizeof(struct sadb_msg);
+ length -= sizeof(struct sadb_msg);
+
+ // Extension headers
+ // Some general rules:
+ // - only one instance of an extension type is valid
+ while (length > 0)
+ {
+ struct sadb_ext *ext = (struct sadb_ext *)p;
+ int ext_len = ext->sadb_ext_len;
+ int data_len, data_len2;
+
+ if (ext_len < 1)
+ return; // EINVAL (bad message format)
+ ext_len *= 8;
+ if (ext_len > length)
+ return; // EINVAL
+ switch (ext->sadb_ext_type)
+ {
+ case SADB_EXT_RESERVED:
+ return; // EINVAL (bad mesage format)
+
+ case SADB_EXT_SA:
+ if (iSa.iExt)
+ return; // EINVAL
+ iSa.iExt = (struct sadb_sa *)p;
+ break;
+
+ case SADB_EXT_LIFETIME_CURRENT:
+ if (iCurrent.iExt)
+ return; // EINVAL;
+ iCurrent.iExt = (struct sadb_lifetime *)p;
+ break;
+
+ case SADB_EXT_LIFETIME_HARD:
+ if (iHard.iExt)
+ return;
+ iHard.iExt = (struct sadb_lifetime *)p;
+ break;
+
+ case SADB_EXT_LIFETIME_SOFT:
+ if (iSoft.iExt)
+ return;
+ iSoft.iExt = (struct sadb_lifetime *)p;
+ break;
+
+ case SADB_EXT_ADDRESS_SRC:
+ if (iSrcAddr.iExt)
+ return;
+ if (ext_len != sizeof(struct sadb_address) + sizeof(TInetAddr))
+ return;
+ iSrcAddr.iExt = (struct sadb_address *)p;
+ iSrcAddr.iAddr = (TInetAddr *)(p + sizeof(struct sadb_address));
+ break;
+
+ case SADB_EXT_ADDRESS_DST:
+ if (iDstAddr.iExt)
+ return;
+ if (ext_len != sizeof(struct sadb_address) + sizeof(TInetAddr))
+ return;
+ iDstAddr.iExt = (struct sadb_address *)p;
+ iDstAddr.iAddr = (TInetAddr *)(p + sizeof(struct sadb_address));
+ break;
+
+ case SADB_EXT_ADDRESS_PROXY:
+ if (iProxyAddr.iExt)
+ return;
+ if (ext_len != sizeof(struct sadb_address) + sizeof(TInetAddr))
+ return;
+ iProxyAddr.iExt = (struct sadb_address *)p;
+ iProxyAddr.iAddr = (TInetAddr *)(p + sizeof(struct sadb_address));
+ break;
+
+ case SADB_EXT_KEY_AUTH:
+ if (iAuthKey.iExt)
+ return;
+ iAuthKey.iExt = (struct sadb_key *)p;
+ data_len = (iAuthKey.iExt->sadb_key_bits + 7) / 8;
+ if (data_len == 0 || data_len + (int)sizeof(struct sadb_key) > ext_len)
+ return;
+ iAuthKey.iData.Set(p + sizeof(struct sadb_key), data_len);
+ break;
+
+ case SADB_EXT_KEY_ENCRYPT:
+ if (iEncryptKey.iExt)
+ return;
+ iEncryptKey.iExt = (struct sadb_key *)p;
+ data_len = (iEncryptKey.iExt->sadb_key_bits + 7) / 8;
+ if (data_len == 0 || data_len + (int)sizeof(struct sadb_key) > ext_len)
+ return;
+ iEncryptKey.iData.Set(p + sizeof(struct sadb_key), data_len);
+ break;
+
+ case SADB_EXT_IDENTITY_SRC:
+ {
+ if (iSrcIdent.iExt)
+ return;
+ iSrcIdent.iExt = (struct sadb_ident *)p;
+ data_len = ext_len - sizeof(struct sadb_ident);
+ if (data_len < 0)
+ return;
+ iSrcIdent.iData.Set(p + sizeof(struct sadb_ident), data_len);
+ TInt i = iSrcIdent.iData.Locate((TChar)0);
+ if (i >= 0)
+ iSrcIdent.iData.Set(iSrcIdent.iData.Ptr(), i);
+ break;
+ }
+
+ case SADB_EXT_IDENTITY_DST:
+ {
+ if (iDstIdent.iExt)
+ return;
+ iDstIdent.iExt = (struct sadb_ident *)p;
+ data_len = ext_len - sizeof(struct sadb_ident);
+ if (data_len < 0)
+ return;
+ iDstIdent.iData.Set(p + sizeof(struct sadb_ident), data_len);
+ TInt i = iDstIdent.iData.Locate((TChar)0);
+ if (i >= 0)
+ iDstIdent.iData.Set(iDstIdent.iData.Ptr(), i);
+ break;
+ }
+
+ case SADB_EXT_SENSITIVITY:
+ if (iSensitivity.iExt)
+ return;
+ iSensitivity.iExt = (struct sadb_sens *)p;
+ data_len = iSensitivity.iExt->sadb_sens_sens_len * 8;
+ iSensitivity.iSensBitmap.Set(p + sizeof(struct sadb_sens), data_len);
+ data_len2 = iSensitivity.iExt->sadb_sens_integ_len * 8;
+ iSensitivity.iSensBitmap.Set(p + (sizeof(struct sadb_sens) + data_len),
+ data_len2);
+ if (data_len + data_len2 + (int)sizeof(struct sadb_sens) > ext_len)
+ return;
+ break;
+
+ case SADB_EXT_PROPOSAL:
+ if (iProposal.iExt)
+ return;
+ iProposal.iExt = (struct sadb_prop *)p;
+ iProposal.iNumComb = (ext_len - sizeof(struct sadb_prop)) / sizeof(struct sadb_comb);
+ iProposal.iComb = (struct sadb_comb *)(p + sizeof(struct sadb_prop));
+ break;
+
+ case SADB_EXT_SUPPORTED_AUTH:
+ if (iAuthAlgs.iExt)
+ return;
+ iAuthAlgs.iExt = (struct sadb_supported *)p;
+ iAuthAlgs.iNumAlg = (ext_len - sizeof(struct sadb_supported)) / sizeof(struct sadb_alg);
+ iAuthAlgs.iAlg = (struct sadb_alg *)(p + sizeof(struct sadb_supported));
+ break;
+
+ case SADB_EXT_SUPPORTED_ENCRYPT:
+ if (iEncryptAlgs.iExt)
+ return;
+ iEncryptAlgs.iExt = (struct sadb_supported *)p;
+ iEncryptAlgs.iNumAlg = (ext_len - sizeof(struct sadb_supported)) / sizeof(struct sadb_alg);
+ iEncryptAlgs.iAlg = (struct sadb_alg *)(p + sizeof(struct sadb_supported));
+ break;
+
+ case SADB_EXT_SPIRANGE:
+ if (iSpirange.iExt)
+ return;
+ iSpirange.iExt = (struct sadb_spirange *)p;
+ break;
+
+ /**---------------------------------------------------------------
+ *
+ * PFKEY API general private extension.
+ *
+ *----------------------------------------------------------------*/
+ case SADB_PRIV_GENERIC_EXT:
+ if (iPrivateExtension.iExt)
+ return;
+ iPrivateExtension.iExt = (struct sadb_gen_ext *)p;
+ data_len = (ext_len - sizeof(struct sadb_gen_ext));
+ if (data_len > ext_len)
+ return;
+ iPrivateExtension.iData.Set(p + sizeof(struct sadb_gen_ext), data_len);
+ break;
+
+
+ case SADB_X_EXT_TS:
+ if (iTs.iExt)
+ return;
+ iTs.iExt = (struct sadb_x_ts *)p;
+ break;
+
+ default:
+ // Unknown extensions must be ignored, not an error!
+ break;
+ }
+ p += ext_len;
+ length -= ext_len;
+ }
+ if (length != 0)
+ return;
+
+ iError = KErrNone; // Message unpacked successfully
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/pfkeysocketif.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,423 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of VPN PFKEY socket interface
+*
+*/
+
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include <eikenv.h>
+#include <pfkey_send.h>
+#include <random.h>
+#include "pfkeysocketif.h"
+#include "pfkeymsg.h"
+#include "ipsecsadata.h"
+#include "ipsecsalifetime.h"
+#include "ikedebug.h"
+
+const TInt KDefaultPID( 0x2001E609 ); // UID3 of ikeutils.dll
+
+// ======== MEMBER FUNCTIONS ========
+
+EXPORT_C CPFKeySocketIf* CPFKeySocketIf::NewL( MPFKeyMessageListener* aListener,
+ MIkeDebug& aDebug )
+ {
+ CPFKeySocketIf* reader = new ( ELeave ) CPFKeySocketIf( aListener, aDebug );
+ CleanupStack::PushL( reader );
+ reader->ConstructL();
+ CleanupStack::Pop( reader );
+ return reader;
+ }
+
+//
+// CPFKeySocketIf::~CPFKeySocketIf
+//
+CPFKeySocketIf::~CPFKeySocketIf()
+ {
+ Cancel();
+ iPendingSpiRequests.Close();
+ iSadb.Close();
+ iSocketServer.Close();
+ }
+
+//
+// CPFKeySocketIf::CPFKeySocketIf
+//
+CPFKeySocketIf::CPFKeySocketIf( MPFKeyMessageListener* aListener,
+ MIkeDebug& aDebug )
+: CActive( EPriorityNormal ),
+ iListener( aListener ),
+ iSeq( 0 ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+//
+// CPFKeySocketIf::ConstructL()
+// Open and activate the socket input
+//
+void CPFKeySocketIf::ConstructL()
+ {
+ TPtr8 ptr( (TUint8*)&iSpiBase, sizeof( iSpiBase ) );
+ ptr.SetLength( sizeof( iSpiBase ) );
+ TRandom::RandomL( ptr );
+ iSpiBase &= 0x7fffffff;
+
+ User::LeaveIfError( iSocketServer.Connect() );
+ User::LeaveIfError( iSadb.Open( iSocketServer ) );
+
+ //
+ // Register for ACQUIRE messages
+ //
+ TPfkeySendMsg reg( SADB_REGISTER, SADB_SATYPE_ESP, ++iSeq, KDefaultPID );
+ TRequestStatus status;
+ iSadb.FinalizeAndSend( reg, status );
+ User::WaitForRequest( status );
+ DEBUG_LOG1( _L("Register for ESP, status=%d"), iStatus.Int() );
+
+ iMsg.Reset();
+ iSadb.ReadRequest( iMsg, iStatus );
+ SetActive();
+ }
+
+
+void CPFKeySocketIf::GetSpi( const TUint8 aType,
+ const TUint32 aSeq,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ TUint32& aSpi,
+ TRequestStatus& aClientStatus)
+ {
+ /*Params:
+ aType:SADB_SATYPE_AH,SADB_SATYPE_ESP from prop_II
+ aSeq: Seq number for the message
+ aSrc,aDst: Src & dst addresses
+ */
+ TRequestStatus status;
+ TUint32 start = NewSpi();
+
+ TPfkeySendMsg msg( SADB_GETSPI, aType, aSeq, (TUint32)&aClientStatus );
+ msg.Add( Int2Type<SADB_EXT_ADDRESS_SRC>(), aSrc );
+ msg.Add( Int2Type<SADB_EXT_ADDRESS_DST>(), aDst );
+ msg.Add( Int2Type<SADB_EXT_SPIRANGE>(), start );
+
+ aClientStatus = KRequestPending;
+ TPendingSpiRequest pendingSpiRequest(aSpi, aClientStatus);
+ TInt err = iPendingSpiRequests.Append(pendingSpiRequest);
+
+ if (err == KErrNone)
+ {
+ iSadb.FinalizeAndSend( msg, status );
+ User::WaitForRequest( status );
+ }
+ else
+ {
+ TRequestStatus* status = &aClientStatus;
+ User::RequestComplete(status, err);
+ }
+ }
+
+
+void CPFKeySocketIf::CancelGetSpi(TRequestStatus& aClientStatus)
+ {
+ for (TInt i = 0; i < iPendingSpiRequests.Count(); ++i)
+ {
+ TPendingSpiRequest& pendingSpiRequest = iPendingSpiRequests[i];
+ if (&pendingSpiRequest.iClientStatus == &aClientStatus)
+ {
+ pendingSpiRequest.iSpi = 0;
+ TRequestStatus* status = &pendingSpiRequest.iClientStatus;
+ iPendingSpiRequests.Remove(i);
+ User::RequestComplete(status, KErrCancel);
+ break;
+ }
+ }
+ }
+
+
+// Sends Acquire with errno informing about key management failure.
+EXPORT_C void CPFKeySocketIf::AcquireSAError( const TIpsecSAData& aSAData,
+ const TInt aError )
+ {
+ TRequestStatus status;
+ TInt err = -aError;
+ TPfkeySendMsg msg( SADB_ACQUIRE,
+ aSAData.iSAType,
+ aSAData.iSeq,
+ aSAData.iPid );
+
+ struct sadb_msg& msgHdr = msg.MsgHdr();
+ msgHdr.sadb_msg_errno = (TUint8) err;
+ msgHdr.sadb_msg_reserved = (TUint16) ( err>>8 );
+
+ msg.Add( Int2Type<SADB_EXT_SA>(), aSAData.iSPI );
+ msg.Add( Int2Type<SADB_EXT_ADDRESS_DST>(), aSAData.iDst );
+ iSadb.FinalizeAndSend( msg, status );
+ User::WaitForRequest( status );
+ }
+
+EXPORT_C void CPFKeySocketIf::UpdateSAL( const TIpsecSAData& aSAData )
+ {
+ AddUpdateSAL( SADB_UPDATE, aSAData );
+ }
+
+EXPORT_C void CPFKeySocketIf::AddSAL( const TIpsecSAData& aSAData )
+ {
+ AddUpdateSAL( SADB_ADD, aSAData );
+ }
+
+EXPORT_C void CPFKeySocketIf::DeleteSA( const TUint32 aSPI,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ const TUint8 aProtocol )
+ {
+ TRequestStatus status;
+ TPfkeySendMsg msg( SADB_DELETE,
+ aProtocol );
+ msg.Add( Int2Type<SADB_EXT_SA>(), aSPI );
+ msg.Add( Int2Type<SADB_EXT_ADDRESS_SRC>(), aSrc );
+ msg.Add( Int2Type<SADB_EXT_ADDRESS_DST>(), aDst );
+ iSadb.FinalizeAndSend( msg, status );
+ User::WaitForRequest( status );
+ }
+
+EXPORT_C void CPFKeySocketIf::FlushSAs()
+ {
+ TRequestStatus status;
+ TPfkeySendMsg msg( SADB_FLUSH,
+ SADB_SATYPE_UNSPEC,
+ ++iSeq,
+ KDefaultPID );
+ iSadb.FinalizeAndSend( msg, status );
+ User::WaitForRequest( status );
+ DEBUG_LOG1( _L("Request FLUSH, iStatus=%d"), iStatus.Int() );
+ }
+
+//Updates an SA from the SA database.
+//SPI in Net order.
+void CPFKeySocketIf::AddUpdateSAL( const TUint8 aType,
+ const TIpsecSAData &aSAData )
+ {
+ TRequestStatus status;
+ TPfkeySendMsg* msg = new( ELeave ) TPfkeySendMsg( aType,
+ aSAData.iSAType,
+ aSAData.iSeq,
+ aSAData.iPid );
+ msg->Add( Int2Type<SADB_EXT_SA>(),
+ aSAData.iSPI,
+ aSAData.iAuthAlg,
+ aSAData.iEncrAlg,
+ SADB_SASTATE_MATURE,
+ aSAData.iReplayWindowLength,
+ aSAData.iFlags );
+
+ if( aSAData.iHard )
+ {
+ msg->Add( Int2Type<SADB_EXT_LIFETIME_HARD>(),
+ aSAData.iHard->iAllocations,
+ aSAData.iHard->iBytes,
+ aSAData.iHard->iAddtime,
+ aSAData.iHard->iUsetime);
+ }
+ if( aSAData.iSoft )
+ {
+ msg->Add( Int2Type<SADB_EXT_LIFETIME_SOFT>(),
+ aSAData.iSoft->iAllocations,
+ aSAData.iSoft->iBytes,
+ aSAData.iSoft->iAddtime,
+ aSAData.iSoft->iUsetime);
+ }
+ msg->Add( Int2Type<SADB_EXT_ADDRESS_SRC>(),
+ aSAData.iSrc,
+ aSAData.iProtocol );
+ msg->Add( Int2Type<SADB_EXT_ADDRESS_DST>(),
+ aSAData.iDst,
+ aSAData.iProtocol );
+
+ // Deliver internal address for IPSEC4
+ if ( aSAData.iFlags & SADB_SAFLAGS_INT_ADDR )
+ msg->Add( Int2Type<SADB_EXT_ADDRESS_PROXY>(),
+ aSAData.iInternalAddress );
+
+ if ( aSAData.iAuthKey.Length() > 0 )
+ {
+ msg->Add( Int2Type<SADB_EXT_KEY_AUTH>(),
+ aSAData.iAuthKey );
+ }
+ if ( aSAData.iEncrKey.Length() > 0 )
+ {
+ msg->Add( Int2Type<SADB_EXT_KEY_ENCRYPT>(),
+ aSAData.iEncrKey );
+ }
+ if ( aSAData.iSrcIdent.Length() > 0 )
+ {
+ msg->Add( Int2Type<SADB_EXT_IDENTITY_SRC>(),
+ aSAData.iSrcIdent,
+ aSAData.iSrcIdType );
+ }
+ if ( aSAData.iDstIdent.Length() > 0 )
+ {
+ msg->Add( Int2Type<SADB_EXT_IDENTITY_DST>(),
+ aSAData.iDstIdent,
+ aSAData.iDstIdType );
+ }
+
+ // Deliver generic private PFKEY API extension, if exist.
+ // In this phase extension can consists NAT traversal information for ESP UDP encapsulation (done by IPSEC)
+ if ( aSAData.iGenericExtension.Length() )
+ {
+ msg->Add( Int2Type<SADB_PRIV_GENERIC_EXT>(),
+ aSAData.iGenericExtension );
+ }
+
+ iSadb.FinalizeAndSend( *msg, status );
+ User::WaitForRequest( status );
+ delete msg;
+ }
+
+TUint32 CPFKeySocketIf::NewSpi()
+ {
+ iSpiBase++;
+ return iSpiBase;
+ }
+
+//
+// SocketReader::ShowMessage
+// Output actual "payload" messages (e.g. PFKEY)
+//
+#ifdef _DEBUG
+void CPFKeySocketIf::ShowMessageL( TPfkeyRecvMsg &aMsg )
+ {
+ HBufC* buffer = HBufC::NewL( 1000 );
+ TPtr str( buffer->Des() );
+ TPfkeyMessage msg( aMsg );
+
+ if ( msg.iError )
+ {
+ str.Format( _L("Received malformed PFKEY msg of %d bytes: %d\n"),
+ aMsg.Length(), msg.iError );
+ }
+ else
+ {
+ msg.iBase.String( str, _L(" ") );
+ msg.iSa.String( str, _L(" ") );
+ msg.iCurrent.String( str, _L(" C=") );
+ msg.iHard.String( str, _L(" H=") );
+ msg.iSoft.String( str, _L(" S=") );
+ msg.iSrcAddr.String( str, _L(" SRC=") );
+ msg.iDstAddr.String( str, _L(" DST=") );
+ msg.iProxyAddr.String( str, _L(" PROXY=") );
+ msg.iAuthKey.String( str, _L(" AUTHKEY=") );
+ msg.iEncryptKey.String( str, _L(" ENCRYPTKEY=") );
+ msg.iSrcIdent.String( str, _L(" SRCI=") );
+ msg.iDstIdent.String( str, _L(" DSTI=") );
+ msg.iSensitivity.String( str, _L(" SENS=") );
+ msg.iProposal.String( str, _L(" PROP=") );
+ msg.iAuthAlgs.String( str, _L(" AUTH=") );
+ msg.iEncryptAlgs.String( str, _L(" ENCR=") );
+ msg.iSpirange.String( str, _L(" SPIR=") );
+ msg.iTs.String( str, _L(" TS=") );
+ msg.iPrivateExtension.String( str, _L(" GEN_EXT=") );
+ }
+ DEBUG_LOG( str );
+
+ delete buffer;
+ buffer = NULL;
+ }
+#endif
+
+//
+// CPFKeySocketIf::RunL
+// Called when request completed
+//
+void CPFKeySocketIf::RunL()
+ {
+ if ( iStatus.Int() != KErrNone )
+ {
+ DEBUG_LOG1( _L("Socket read, iStatus=%d"), iStatus.Int() );
+ }
+
+#ifdef _DEBUG
+ TRAP_IGNORE( ShowMessageL( iMsg ) );
+#endif
+
+ TPfkeyMessage msg(iMsg);
+ if ( ( msg.iError == KErrNone ) &&
+ ( msg.iBase.iMsg->sadb_msg_errno == KErrNone ) ) // No error
+ {
+ switch ( msg.iBase.iMsg->sadb_msg_type )
+ {
+ case SADB_GETSPI:
+ for (TInt i = 0; i < iPendingSpiRequests.Count(); ++i)
+ {
+ TPendingSpiRequest& pendingSpiRequest = iPendingSpiRequests[i];
+ if ((TUint32)&pendingSpiRequest.iClientStatus == msg.iBase.iMsg->sadb_msg_pid)
+ {
+ pendingSpiRequest.iSpi = msg.iSa.iExt->sadb_sa_spi;
+ TRequestStatus* status = &pendingSpiRequest.iClientStatus;
+ iPendingSpiRequests.Remove(i);
+ User::RequestComplete(status, KErrNone);
+ break;
+ }
+ }
+ break;
+ case SADB_ADD: // Fall through
+ case SADB_UPDATE: // Fall through
+ case SADB_ACQUIRE: // Fall through
+ case SADB_EXPIRE: // Fall through
+ iListener->PfkeyMessageReceived( msg );
+ break;
+
+ default:
+ break;
+ }
+ }
+ else
+ {
+ DEBUG_LOG2( _L("Error in Pfkey message, iError=%d, sadb_msg_errno=%d"),
+ iStatus.Int(), msg.iBase.iMsg->sadb_msg_errno );
+ }
+ iMsg.Reset();
+ iSadb.ReadRequest( iMsg, iStatus ); // Start a new read
+ SetActive();
+ }
+
+//
+// CPFKeySocketIf::DoCancel
+// Called when a pending request should be cancelled
+//
+void CPFKeySocketIf::DoCancel()
+ {
+ iSadb.CancelRecv();
+ }
+
+//
+// CPFKeySocketIf::RunError
+// Called when RunL() leaves
+//
+TInt CPFKeySocketIf::RunError( TInt aError )
+ {
+ DEBUG_LOG1( _L("CPFKeySocketIf::RunError() aError=%d, PFKEY message lost"),
+ aError );
+ aError = aError;
+
+ iMsg.Reset();
+ iSadb.ReadRequest( iMsg, iStatus ); // Start a new read.
+ SetActive();
+
+ return KErrNone; // Active scheduler Error() method NOT called
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikeutils/src/vpnaddrinfo.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,74 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility for building internal address info.
+*
+*/
+
+
+#include "ikedebug.h"
+#include "internaladdress.h"
+#include "vpnmandefs.h"
+
+// CLASS HEADER
+#include "vpnaddrinfo.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Build internal address info object from internal address information.
+// ---------------------------------------------------------------------------
+//
+void VPNAddrInfo::BuildVPNAddrInfo( const CInternalAddress* aInternalAddr,
+ const TInetAddr& aDnsServerAddr,
+ TVPNAddress& aVPNAddress,
+ MIkeDebug& aDebug )
+ {
+ __ASSERT_DEBUG( aInternalAddr != NULL,
+ User::Invariant() );
+
+ aVPNAddress.iVPNIfAddr = aInternalAddr->iClientIntAddr;
+
+ //
+ // Add DNS address(es) to the virtual TVPNAddress object
+ //
+ TInt dnsCount = aInternalAddr->Count();
+ if ( dnsCount )
+ {
+ aVPNAddress.iVPNIfDNS1 = *(aInternalAddr->At(0));
+ if ( dnsCount > 1 )
+ {
+ aVPNAddress.iVPNIfDNS2 = *(aInternalAddr->At(1));
+ }
+ }
+ else
+ {
+ if ( aDnsServerAddr.Address() != KAFUnspec )
+ {
+#ifdef _DEBUG
+ TBuf<39> addrBuf;
+ aDnsServerAddr.OutputWithScope( addrBuf );
+ aDebug.LogWriteF(_L("DNS Server Address in IKE data %S"), &addrBuf);
+#endif //_DEBUG
+ aVPNAddress.iVPNIfDNS1 = aDnsServerAddr;
+ }
+ else
+ {
+#ifdef _DEBUG
+ aDebug.LogWrite(_L("DNS server not defined in policy"));
+#endif // _DEBUG
+ }
+ }
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/EABI/ikev1libU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ _Z12Ikev1PlugInLR17MKmdEventLoggerIfR9MIkeDebug @ 1 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/bwins/IKEV1LIBU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?Ikev1PlugInL@@YAPAVMIkePluginIf@@AAVMKmdEventLoggerIf@@AAVMIkeDebug@@@Z @ 1 NONAME ; class MIkePluginIf * Ikev1PlugInL(class MKmdEventLoggerIf &, class MIkeDebug &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+ikev1lib.mmp
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/group/ikev1lib.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,77 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikev1lib
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikev1lib.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x10206994
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikev1crack.cpp
+SOURCE ikev1crypto.cpp
+SOURCE ikev1dialog.cpp
+SOURCE ikev1extra.cpp
+SOURCE ikev1infonegotiation.cpp
+SOURCE ikev1keepalive.cpp
+SOURCE ikev1natdiscovery.cpp
+SOURCE ikev1negotiation.cpp
+SOURCE ikev1payload.cpp
+SOURCE ikev1plugin.cpp
+SOURCE ikev1pluginsession.cpp
+SOURCE ikev1private.cpp
+SOURCE ikev1receiver.cpp
+SOURCE ikev1sa.cpp
+SOURCE ikev1sender.cpp
+SOURCE ikev1timeout.cpp
+SOURCE ikev1trans.cpp
+SOURCE ikev1isakmpstream.cpp
+SOURCE ikev1nokianattkeepalive.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikecert/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY efsrv.lib
+LIBRARY utlcrypto.lib
+LIBRARY ikecert.lib
+LIBRARY ikepolparser.lib
+LIBRARY ikesocket.lib
+LIBRARY random.lib
+LIBRARY ikeutils.lib
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1SA.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,116 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 SA
+*
+*/
+
+
+#ifndef C_IKEV1SA_H
+#define C_IKEV1SA_H
+
+#include "ikev1SAdata.h"
+#include "ikev1keepalive.h"
+
+#define SECOND 1000000 // One second is 1000000 us. (1 us. per tick)
+#define ISAKMP_DELETE_TIME 2*SECOND //Expiration time for a ISAKMP SA after it's erased
+
+class CIkev1PluginSession;
+class CIkev1NokiaNattKeepAlive;
+class MIkeDebug;
+
+//List of the IPSEC SAs negotiated by the ISAKMP SA
+NONSHARABLE_CLASS(CIpsecSPIList) : public CArrayPtrFlat<TIpsecSPI>
+{
+ public:
+ CIpsecSPIList(TInt aGranularity);
+ ~CIpsecSPIList();
+};
+
+NONSHARABLE_CLASS(CIkev1SA) : public CTimer, public MDpdHeartBeatEventHandler
+{
+ public:
+ static CIkev1SA* NewL( CIkev1PluginSession& aPluginSession,
+ TIkev1SAData& aIkev1SAdata,
+ CSARekeyInfo* aSaRekey,
+ MIkeDebug& aDebug );
+ ~CIkev1SA();
+
+ void UpdateSAL( TBool aExpired,
+ TIkev1SAData* aIkev1SAdata );
+ void ExpireSA();
+ void AddIpsecSPIL( TIpsecSPI& aIpsecSpi );
+ TBool FindIpsecSPI( TUint32 aSPI,
+ TBool aInbound );
+ TBool DeleteIpsecSPI( TUint32 aSPI,
+ TBool aInbound );
+ /**
+ * Deletes IPsec SAs and sends delete payload to the GW.
+ */
+ void DeleteIpsecSAs();
+ /**
+ * Deletes IPsec SAs without sending delete payload to the GW.
+ * Used when connection is lost.
+ */
+ void DeleteIpsecSAsForced();
+ void SetExpired();
+ inline TBool IsExpired() {return iExpired;}
+ void EventHandlerL();
+
+ inline void SetDeactivating( TBool aDeactivating ) { iDeactivating = aDeactivating; }
+ inline TBool IsDeactivating() { return iDeactivating; }
+
+ void CancelRekey();
+
+ protected:
+ //
+ // CActive methods
+ //
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+ private:
+ CIkev1SA( CIkev1PluginSession& aPluginSession,
+ MIkeDebug& aDebug );
+ void ConstructL( TIkev1SAData& aIkev1SAdata,
+ CSARekeyInfo* aSaRekey );
+
+ void StartTimer();
+
+ public:
+ TIkev1SAData iHdr; // Common negotiation info
+ CIpsecSPIList* iSPIList; //Contains a SPIs List to know the direction when a delete received
+
+ private:
+ CIkev1PluginSession& iPluginSession;
+
+ TUint32 iRemainingTime; //Timer remaining
+ TUint32 iRemainingKB; //KB life remaining
+ TUint32 iCurrentBytes; //Bytes life currently added
+
+ TUint32 iLeftOverTime; //Time remaining after rekey started
+ TBool iRekeyed; //Rekeyed SA
+
+ CIkeV1KeepAlive* iIkeKeepAlive; // Pointer to common IKE keepalive object
+
+ TBool iExpired; //The ISAKMP SA may be expired but waiting possible delete IPSEC SA msgs that arrive after
+
+ CIkev1NokiaNattKeepAlive *iNokiaNatt; // Pointer to Nokia NAT-T keepalive object
+
+ TBool iDeactivating;
+
+ MIkeDebug& iDebug;
+};
+
+#endif // C_IKEV1SA_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1SAdata.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,220 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 SA data definition
+*
+*/
+
+
+#ifndef T_IKEV1SADATA_H
+#define T_IKEV1SADATA_H
+
+#include "internaladdress.h"
+#include "ikemsgheader.h"
+#include "ikev1payloads.h"
+
+class CIkeData;
+
+#define IKEV1_KEY_MATERIAL_SIZE 64
+#define IKEV1_MAX_IV_SIZE 20 //Max hash algorithm output size
+#define DEFAULT_MAX_ISAKMP_LIFETIME 28000 //for security reasons
+
+// Class TIkev1SAData is the IKEv1 SA parameter definition
+// which is used to pass SA information between IKE server and IKEv1
+// plug-in.
+class TIkev1SAData
+{
+public:
+ TIkev1SAData()
+ :iCookie_I(),
+ iCookie_R(),
+ iSAId(0),
+ iSAState(0),
+ iInitiator(EFalse),
+ iDPDSupported(EFalse),
+ iFamiliarPeer(EFalse),
+ iNAT_T_Required(EFalse),
+ iAutoLogin(EFalse),
+ iNAT_D_Flags(0),
+ iIkeData(NULL),
+ iLocalAddr(),
+ iRemoteAddr(),
+ iDestinAddr(),
+ iVirtualIp(NULL),
+ iSeq(0),
+ iPrevExchange(0),
+ iFlags(0),
+ iEncrAlg(0),
+ iHashAlg(0),
+ iAuthMethod(0),
+ iGroupDesc(0),
+ iGroupType(0),
+ iKeyLength(0),
+ iPRF(0),
+ iLifeTimeSecs(0),
+ iLifeTimeKB(0),
+ iDPDRetry(0),
+ iDPDSequence(0),
+ iPendingDPDSequence(0),
+ iExpectedDPDSequence(0),
+ iLastIKEMsgInfo(),
+ iLastMsg(NULL)
+ {}
+ inline void CleanUp()
+ {
+ delete iVirtualIp;
+ iVirtualIp = NULL;
+ delete iLastMsg;
+ iLastMsg = NULL;
+ }
+ inline void StoreVirtualIp(CInternalAddress* aVirtualIp)
+ {
+ delete iVirtualIp;
+ iVirtualIp = aVirtualIp;
+ }
+ inline void CopyL(TIkev1SAData& aSrc)
+ {
+ CInternalAddress* SavedVip = iVirtualIp;
+ HBufC8* SavedLastMsg = iLastMsg;
+ Mem::Copy((TUint8*)&iCookie_I, (TUint8*)&aSrc.iCookie_I, sizeof(TIkev1SAData));
+ iVirtualIp = SavedVip;
+ iLastMsg = SavedLastMsg;
+ if ( aSrc.iVirtualIp )
+ {
+ StoreVirtualIp(CInternalAddress::NewL(*(aSrc.iVirtualIp)));
+ }
+ if ( aSrc.iLastMsg &&
+ aSrc.iLastMsg != iLastMsg )
+ {
+ delete iLastMsg;
+ iLastMsg = aSrc.iLastMsg->AllocL();
+ }
+ }
+
+public:
+ TCookie iCookie_I; // Initiator Cookie
+ TCookie iCookie_R; // Responder Cookie
+ TUint32 iSAId; // Internal negotiation Id
+
+ TInt iSAState; // IKE SA State
+ TBool iInitiator; // TRUE if local end is initiator
+ TBool iDPDSupported; // Both ends support DPD
+ TBool iFamiliarPeer; // Nokia VPN implementation detected in peer
+ TBool iNAT_T_Required; // True when NAT detected between local end and peer
+ TBool iAutoLogin; // SA negotiated due RKMD::Activate request
+ TUint32 iNAT_D_Flags; // If not zero, there is NAT between sites
+
+ CIkeData* iIkeData;
+
+ TInetAddr iLocalAddr;
+ TInetAddr iRemoteAddr; // Remote Address ("From Policy")
+ TInetAddr iDestinAddr; // Current peer destination address and port
+ CInternalAddress* iVirtualIp; // Virtual IP address (and DNS addresses)
+
+ TUint32 iSeq; // For PFKEY API
+ TUint8 iPrevExchange; // Used to process the last msg of Phase I
+ TUint8 iFlags; // Flags in the msg header
+ //
+ // Selected IKE SA proposal
+ //
+ TUint16 iEncrAlg; //OAKLEY encryption function
+ TUint16 iHashAlg; //OAKLEY hash function
+ TUint16 iAuthMethod; //OAKLEY authentication function
+ TUint16 iGroupDesc; //OAKLEY GROUP
+ TUint16 iGroupType; //OAKLEY GROUP type
+ TUint16 iKeyLength; //Encryption key length
+ TUint16 iPRF; //Reserved
+ TUint32 iLifeTimeSecs; //SA lifetime seconds
+ TUint32 iLifeTimeKB; //SA lifetime KiloBytes
+
+ //
+ // IKE SA DPD (keep alive) protocol parameters
+ //
+ TInt iDPDRetry;
+ TUint32 iDPDSequence;
+ TUint32 iPendingDPDSequence;
+ TUint32 iExpectedDPDSequence;
+
+ // Last IKE msg info
+ TLastIKEMsg iLastIKEMsgInfo;
+ HBufC8* iLastMsg;
+ TInetAddr iLastRemoteAddr;
+
+ //
+ // IKEv1 keymaterial
+ //
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID; //KEY used for encryption/decryption of messages
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_d; //KEY used to derive keys for non-ISAKMP SAs
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_a; //KEY used for authentication of ISAKMP messages
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_e; //KEY used for encryption/decryption of ISAKMP messages
+
+ TBuf8<IKEV1_MAX_IV_SIZE> iIV; //normal IV
+ TBuf8<IKEV1_MAX_IV_SIZE> iLastIV; //Saves the last IV of PHASE_I to compute iNotifIV everytime and the first IV in Quick mode
+
+};
+
+
+class CSARekeyInfo : public CBase
+{
+ public:
+ static CSARekeyInfo* NewL(const TCookie& aICookie, const TCookie& aRCookie,
+ CInternalAddress* aInternalAddr)
+ {
+ return new (ELeave) CSARekeyInfo(aICookie, aRCookie, aInternalAddr);
+ }
+ ~CSARekeyInfo()
+ {
+ delete iInternalAddr;
+ }
+
+ inline const TCookie& GetCookieI() { return iCookie_I;}
+ inline const TCookie& GetCookieR() { return iCookie_R;}
+ inline CInternalAddress* GetInternalAddr()
+ {
+ CInternalAddress* VirtualIp = iInternalAddr;
+ iInternalAddr = NULL;
+ return VirtualIp;
+ }
+
+ private:
+ CSARekeyInfo(const TCookie& aICookie, const TCookie& aRCookie,
+ CInternalAddress* aInternalAddr)
+ :iCookie_I(aICookie),
+ iCookie_R(aRCookie),
+ iInternalAddr(aInternalAddr)
+ {}
+
+ private:
+ TCookie iCookie_I; // Initiator Cookie of the IKE SA rekeyed
+ TCookie iCookie_R; // Responder Cookie of the IKE SA rekeyed
+ CInternalAddress* iInternalAddr;
+
+};
+
+
+class TIpsecSPI
+{
+ public:
+ TIpsecSPI()
+ :iSrcAddr(), iDstAddr(), iSPI(0), iInbound(EFalse), iProtocol(0)
+ {};
+ public:
+ TInetAddr iSrcAddr;
+ TInetAddr iDstAddr;
+ TUint32 iSPI;
+ TBool iInbound; // Inbound = ETrue
+ TUint8 iProtocol;
+ TUint8 iReserved[3];
+};
+
+#endif // T_IKEV1SADATA_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1crack.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,124 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 Crack authentication
+*
+*/
+
+#ifndef IKEV1CRACK_H
+#define IKEV1CRACK_H
+
+#include <e32base.h>
+#include "ikev1dialog.h"
+
+/*---------------------------------------------------------------------------
+ *
+ * CRACK return codes for public methods
+ *
+ *---------------------------------------------------------------------------*/
+#define CRACK_SUCCESS 0
+#define CRACK_CONTINUE 0x1
+#define CRACK_IGNORE_MSG 0x2
+#define CRACK_FAILED 0x4
+
+/*---------------------------------------------------------------------------
+ *
+ * CRACK iState flags
+ *
+ *---------------------------------------------------------------------------*/
+#define WAITING_USER_RSP 0x1
+#define WAITING_PEER_RSP 0x2
+#define CHALLENGE_RECEIVED 0x4
+#define CRACK_AUTHENTICATED 0x8
+#define SHOW_ERROR_DIALOG 0x10
+#define SECURID_NEXT_PIN_MODE 0x20
+
+/*---------------------------------------------------------------------------
+ *
+ * CAuthDialogInfo class
+ *
+ *---------------------------------------------------------------------------*/
+#define DIALOG_INFO_ID 0xfedcba98
+#define XAUTH_DIALOG_ID 0x76543210
+
+class CIkev1Negotiation;
+class TNotificationISAKMP;
+class TCHREISAKMP;
+class ThdrISAKMP;
+class CIkev1PluginSession;
+class MIkeDebug;
+
+class CAuthDialogInfo : public CBase
+ {
+public:
+ CAuthDialogInfo(CIkev1PluginSession* aPluginSession, TUint32 aObjId, TUint32 aSAId, TUint32 aMsgId)
+ { iPluginSession = aPluginSession; iSAId = aSAId; iObjId = aObjId; iMsgId = aMsgId; }
+ ~CAuthDialogInfo() {iObjId = 0;}
+ inline CIkev1PluginSession* PluginSession() { return iPluginSession;}
+ inline TUint32 SAId() { return iSAId;}
+ inline TUint32 GetObjId() { return iObjId;}
+ inline TUint32 GetMsgId() { return iMsgId;}
+
+private:
+ TUint32 iObjId; // Object identifier
+ CIkev1PluginSession* iPluginSession; // Plugin session pointer
+ TUint32 iSAId; // SA id of CIkev1Negotiation
+ TUint32 iMsgId; // Transaction exchange message ID
+
+public:
+// Credentials data get from user with asynchronous dialog
+ HBufC8 *iUsername;
+ HBufC8 *iSecret;
+ HBufC8 *iDomain;
+ };
+
+
+NONSHARABLE_CLASS(CIKECRACKNegotiation) : public CBase, public MIkeDialogComplete
+{
+public:
+ CIKECRACKNegotiation( MIkeDebug& aDebug );
+ ~CIKECRACKNegotiation();
+ TInt ConstructL(TInt aLAMType, CIkev1Negotiation *aNegotiation, const TDesC &aDomain);
+ TInt ExecuteCRACKMsgL(const ThdrISAKMP &aHdr);
+ TInt ProcessUserResponseL(CAuthDialogInfo *aUserInfo);
+ TInt CrackAuthenticationFailedL(const TNotificationISAKMP *aNotifPayload);
+
+ TInt DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain);
+
+
+private:
+ TInt GetDataL(HBufC8* aChallenge);
+ TInt GetDatafromUserL(HBufC8 *aChallenge);
+ TInt GetUNPWDFromPolicyL();
+ TInt ProcessCHREAttibutesL(const TCHREISAKMP *aCHRE_PAYLOAD);
+ void SendCredentialsL(TUint16 aAttr1, TUint16 aAttr2, TUint16 aAttr3,
+ HBufC8* aBfr1, HBufC8* aBfr2, HBufC8* aBfr3);
+
+private:
+ TInt iLAMType; // Legacy Authentication Method type code
+ TInt iState; // CRACK negotiation state
+ TInt iMsgCount; // CRACK message count xmitted (does not contain retries)
+
+ CIkev1PluginSession* iPluginSession; // IKEv1 plugin session
+ CIkev1Negotiation* iNegotiation; // Current negotiation object (related to CRACK)
+ CIkev1Dialog* iDialog; // Pending dialog object
+ CAuthDialogInfo* iDialogInfo; // Dialog info object
+
+ HBufC8 *iUserName; // Saved for User name caching
+ HBufC8 *iDomain; // Fixed domain value for this CRACK negotiation
+
+ MIkeDebug& iDebug;
+};
+
+
+#endif // IKEV1CRACK_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1crypto.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Cryptographic Intermediate Layer to use and change any crypto library easily.
+*
+*/
+
+#ifndef IKEV1CRYPTO_H
+#define IKEV1CRYPTO_H
+
+#include <e32base.h>
+#include "ikev1isakmpct.h"
+
+
+class CUtlDiffieHellman;
+
+NONSHARABLE_CLASS(CIkeKeys) : public CBase
+{
+public:
+ static CIkeKeys* NewL(const TDesC8& aN,const TDesC8& aG);
+ HBufC8 *GetPubKey();
+ void XValueL();
+ const HBufC8* KValueL(const TDesC8& aY) const;
+ inline TInt ModulusLength() {return iModuluslength;}
+
+ ~CIkeKeys();
+private:
+ CUtlDiffieHellman* iDHKey;
+ const HBufC8* iPubKey;
+ TInt iModuluslength;
+};
+
+
+// SSL function implementation using Symbian apis
+// - des_ede3_cbc_encrypt
+#define DES_ENCRYPT 1
+#define DES_DECRYPT 0
+
+#define HMAC_MD5_SIZE 128
+#define HMAC_SHA1_SIZE 160
+
+#define DESCBC_KEY_LEN 8
+#define DESCBC_IV_LEN 8
+
+#define AESCBC_DEF_KEY_LEN 16
+#define AESCBC_IV_LEN 16
+
+#define DEFAULT_NONCE_SIZE 128/8 //128 bits = 16 bytes
+
+#define PAD_SIZE 64 + 2 * DEFAULT_NONCE_SIZE + 1000
+
+//DH functions
+CIkeKeys* GeneratePubPrivKeysL(TUint aGroupDesc);
+HBufC8* ComputeAgreedKeyL(TUint aGroupDesc, const TDesC8 &aPeerPublicKey, CIkeKeys *aOwnKeys);
+
+//
+//Symmetric encryption/decryption functions
+//
+void DecryptL(const TUint8* aInputPayload, TUint8* aOutputPayload, TUint32 aLength, TDes8 &aIV, TDesC8& aKey, TUint16 aEncrAlg);
+TBool EncryptL(TDes8& aInputPayload, TDes8& aOutputPayload,TDes8 &aIV, TDesC8& aKey , TUint16 aEncrAlg);
+void Cipher3DesL(TUint8 *aInData, TInt aInDataLen, const TDesC8 &aPrfKey, TDes8 &aIV, TDes8 &aPrfOutput);
+
+//
+//Message Digest Algorithms
+//
+void MD5HashL(const TDesC8 &aInData, TDes8& aOutData);
+void SHA1HashL(const TDesC8 &aInData, TDes8& aOutData);
+
+void MD5HmacL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData);
+void SHA1HmacL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData);
+
+//The length of aInData must be less than PAD_SIZE. The caller of this function
+//has to take care of handling the size of this parameter.
+void Hmac3DesCbcL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData);
+
+TInt SymmetricCipherL(TUint8 *aInput, TUint8 *aOutput, TInt aLength,
+ TUint8 *aKey, TUint8 *aIV, TBool aEncr, TInt aEncAlg = DES_CBC);
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1dialog.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,142 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkeDialog class headers
+*
+*/
+
+#ifndef C_IKEV1DIALOG_H
+#define C_IKEV1DIALOG_H
+
+
+#include <e32base.h>
+#include <f32file.h>
+#include "vpnnotifierdefs.h"
+
+class CIkev1Dialog;
+class CIkev1PluginSession;
+class RFs;
+class MIkeDebug;
+
+/**
+* IKE dialog complete
+* @internalComponent
+*/
+class MIkeDialogComplete
+{
+ public:
+ /**
+ * IKE dialog completed
+ * @internalComponent
+ *
+ */
+ virtual TInt DialogCompleteL(CIkev1Dialog* aDialog, TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)=0;
+};
+
+
+
+NONSHARABLE_CLASS(CDialogTimeout) : public CTimer
+{
+public:
+ CDialogTimeout( MIkeDebug& aDebug );
+ ~CDialogTimeout();
+ void ConstructL(CIkev1Dialog* aDialog);
+
+protected:
+ // will cancel the current dialog
+ void RunL();
+ void DoCancel();
+
+protected: // data
+ CIkev1Dialog* iDialog; //Needed to cancel a dialog
+
+private: // data
+ MIkeDebug& iDebug;
+};
+
+
+NONSHARABLE_CLASS(CIkev1Dialog) : public CActive
+{
+public:
+ static CIkev1Dialog* NewL( CIkev1PluginSession* aPluginSession,
+ CIkev1Dialog** aToQueAnchor,
+ MIkeDebug& aDebug );
+ CIkev1Dialog( MIkeDebug& aDebug );
+ ~CIkev1Dialog();
+
+ void GetAsyncUNPWDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void GetAsyncUNAMEDialog(TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void GetAsyncSecureidDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void GetAsyncSecureNextPinDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void GetAsyncRespDialog(TPtr8 aChallenge, TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void ShowErrorDialogL(TInt aDialogType, TAny *aUserInfo, MIkeDialogComplete* aCallback);
+ void StoreUserNameL(TPtr8 aUserName);
+ void StartDialogL();
+ TInt GetSyncUNPWCacheDialog(TDes& aUserName, TDes& aPassword);
+
+ static TInt GetSyncUNPWDialog(TDes& aUserName, TDes& aPassword);
+ static void PurgeDialogQueue(CIkev1Dialog* aQueuedDialog);
+
+ inline CIkev1PluginSession* PluginSession() { return iPluginSession;}
+ inline CIkev1Dialog* NextDialog() { return iNext;}
+ inline MIkeDialogComplete* Callback() { return iCallback;}
+ inline TAny* UserInfo() { return iUserInfo;}
+
+protected:
+ // active object stuff, completion and cancel callback functions
+ void RunL();
+ void DoCancel();
+
+private:
+ void ConstructL(CIkev1PluginSession* aPluginSession, CIkev1Dialog* *aToQueAnchor);
+ void LaunchDialogL();
+ TInt QueueDialog(CIkev1Dialog* aDialog);
+ void DeQueueDialog(CIkev1Dialog* aDialog);
+ HBufC8* CreateDialogInput(TIPSecDialogInfo& aDialogInfo, TBool aUserNameCache);
+ HBufC8* GetUserNameFromFile();
+ static TBool BuildEncryptionKey(const TDesC8& aSalt, TDes8& aEncryptionKey);
+ static TInt LauchSyncDialog(const TDesC8& aInput, TDes8& aOutput);
+ static HBufC8* ConvertPwdToOctetString(TDesC &aUnicodeBfr);
+
+private:
+ CIkev1PluginSession* iPluginSession;
+ RFs iFs;
+ CIkev1Dialog** iToQueAnchor; // Waiting queue anchor
+ CIkev1Dialog* iNext; // For waiting queue
+ TAny* iUserInfo;
+ MIkeDialogComplete* iCallback;
+ TInt iDialogType;
+ CDialogTimeout* iTimeout;
+ RNotifier iNotifier;
+ HBufC8* iInputData;
+ TPckgBuf<TIPSecDialogOutput> iResponseBuf;
+ MIkeDebug& iDebug;
+};
+
+/**--------------------------------------------------------------------------
+ *
+ * Structure TUserNameFileHdr
+ * User name (encrypted) cache file header.
+ * In this file is cached the last user name used in legacy
+ * authentication.
+ *
+ *--------------------------------------------------------------------------*/
+#define USER_NAME_FILE_ID 0xcccccccc
+struct TUserNameFileHdr
+{
+ TUint8 iSalt[8];
+ TUint8 iIV[8];
+ TUint32 iFileId;
+};
+
+#endif // C_IKEV1DIALOG_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1extra.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,250 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Key management daemon extra module.
+*
+*/
+
+#ifndef IKEV1EXTRA_H
+#define IKEV1EXTRA_H
+
+//
+// Structures to manage proposal and attribute lists
+//
+
+#include <in_sock.h>
+#include <e32base.h>
+#include "ikev1isakmpct.h"
+
+//Maximum size of the SPI. 16 is ISAKMP SPI, others SPI are defined by its DOI
+//but the supported ones have a smaller size (AH=? , ESP=? )
+#define MAX_SPI_SIZE ISAKMP_SPI_SIZE
+#define ISAKMP_SPI_SIZE 16
+
+#define MAX_LIFE_DURATION 16 //up to 2^16 secs. or KBytes
+#define MAX_PRIME_SIZE 256 //the biggest is Oakley group 2 prime is 256 hex digits
+#define MAX_GEN_SIZE 2 //the biggest is Oakley group 3 generator is 2 hex digits. (Could be fix size)
+#define MAX_CURVE_SIZE 6 //the biggest is Oakley group 3 curve B is 6 hex digits.
+#define MAX_ORDER_SIZE 48 //the biggest is Oakley group 4 order is 48 hex digits.
+//
+// Start numbers for Proposal-and Transform payload numbering
+//
+#define FIRST_ISAKMP_PROPOSAL 0
+#define FIRST_IPSEC_PROPOSAL 0
+#define FIRST_ISAKMP_TRANSFORM 0
+#define FIRST_IPSEC_TRANSFORM 0
+
+
+// Attribute comparison errors
+// Leave -1 free to use KErrNotFound for empty lists
+const TInt KErrTransformID = -2; //different transform IDs
+const TInt KErrEncrAlg = -3; //different encr algs.
+const TInt KErrHashAlg = -4; //different hash algs.
+const TInt KErrAuthMethod = -5; //different auth. methods.
+const TInt KErrGroupDesc = -6;
+const TInt KErrGroupType = -7;
+const TInt KErrGroupPrime = -8;
+const TInt KErrGroupGen1 = -9;
+const TInt KErrGroupGen2 = -10;
+const TInt KErrGroupCurveA = -11;
+const TInt KErrGroupCurveB = -12;
+const TInt KErrPRF = -13;
+const TInt KErrKeyLength = -14;
+const TInt KErrFieldSize = -15;
+const TInt KErrGroupOrder = -16;
+const TInt KErrLifeTime = -17;
+const TInt KErrLifeSize = -18;
+//const TInt KErrTransfNum = -19;
+const TInt KErrEncMode = -20;
+const TInt KErrAuthAlg = -21;
+const TInt KErrKeyRounds = -22;
+const TInt KErrComprDicSize = -23;
+const TInt KErrComprPrivAlg = -24;
+const TInt KErrTransformNum = -25;
+const TInt KErrPropProtocol = -26; //Proposals have different protocol.
+const TInt KErrNoTransforms = -27; //Proposal has no transforms
+const TInt KErrNoRemoteProposals= -28; //Remote Proposals list is empty
+const TInt KErrNoLocalProposals = -29; //Local Proposals list is empty
+const TInt KErrPropNumberMismatch= -30; //The proposals lists have fiferent number of AND'd proposals
+
+
+//Global functions
+TInt Desc8ToTInt64(const TDesC8 &aLifetime, TInt64 &aTime); //Puts the data in the descriptor into a TInt64
+TInt PrefixLen(TInetAddr& anAddr); //returns the prefix length of a mask
+void PrefixMask(TInetAddr &anAddr, TInt aPrefixLen, TInt aFamily); //Creates a addr. mask of aPrefixLen length
+
+enum TLifeType {LIFETIME, LIFESIZE, NOLIFE};
+//Mantains SA attrib info for Phase I negotiation. Defined by IKE RFC 2409
+class TAttrib
+{
+public:
+ TAttrib()
+ {
+ iTransformNum=0;
+ iTransformID=0;
+ iEncrAlg=0;
+ iHashAlg=0;
+ iAuthMethod=0;
+ iGroupDesc=0;
+ iGroupType=0;
+ iPRF=0;
+ iKeyLength=0;
+ iFieldSize=0;
+ iXauthUsed=EFalse;
+ iRole=0;
+
+ iNext=NULL;
+ };
+ TInt Compare(TAttrib& aAttr, TBool aIsRelaxed);
+
+public:
+ TUint8 iTransformNum; //Transform number
+ TUint8 iTransformID; //Transform ID
+ TUint16 iEncrAlg; //OAKLEY encryption function (part of EHAO/EHAS)
+ TUint16 iHashAlg; //OAKLEY hash function (part of EHAO/EHAS)
+ TUint16 iAuthMethod; //OAKLEY authentication function(part of EHAO/EHAS)
+ TUint16 iGroupDesc; //OAKLEY GROUP
+ TUint16 iGroupType;
+ TBuf8<MAX_PRIME_SIZE> iGroupPrime;
+ TBuf8<MAX_GEN_SIZE> iGroupGen1;
+ TBuf8<MAX_GEN_SIZE> iGroupGen2;
+ TBuf8<MAX_CURVE_SIZE> iGroupCurveA;
+ TBuf8<MAX_CURVE_SIZE> iGroupCurveB;
+ //TUint16 iLifeType; //Not needed
+ TBuf8<MAX_LIFE_DURATION> iLifeDurationSecs;
+ TBuf8<MAX_LIFE_DURATION> iLifeDurationKBytes;
+ TUint16 iPRF;
+ TUint16 iKeyLength;
+ TUint16 iFieldSize;
+ TBuf8<MAX_ORDER_SIZE> iGroupOrder;
+
+ TBool iXauthUsed; // Used for iAuthMethod value modification
+ TInt iRole; // Used for iAuthMethod value modification
+
+ TAttrib *iNext;
+
+};
+
+class TProposal
+{
+public: //To ensure correct initialization
+ TProposal()
+ {
+ iProposalNum=0;
+ iProtocol=0;
+ iNumTransforms=0;
+ iAttrList=NULL;
+ }
+public:
+ TUint8 iProposalNum;
+ TUint8 iProtocol; // Protocol ID in use
+ TBuf8<MAX_SPI_SIZE> iSPI; // SPI in the current exchange. SPI is in network order
+ TUint8 iNumTransforms;
+
+ TAttrib *iAttrList; //Contains the list of transforms and attribs
+ //Only ONE proposal in Phase I
+ //TProposal *iNext;
+};
+
+class TTransModifier
+{
+public:
+ TTransModifier() : iReducedLifeSecs(NULL,0), iReducedLifeKBytes(NULL,0) {} ;
+public:
+ TInt iPropNum; //Local proposal number selected
+ TInt iTransNum; //Remote transform number selected
+ TPtrC8 iReducedLifeSecs; //Own lifetime (in case is smaller then received)
+ TPtrC8 iReducedLifeKBytes; //Own lifesize (in case is smaller then received)
+ TUint8 iReplayWindowLength;
+};
+
+NONSHARABLE_CLASS(CTransModifierList) : public CArrayPtrFlat<TTransModifier>
+{
+public:
+ CTransModifierList(TInt aGranularity);
+ ~CTransModifierList();
+};
+
+//#define MAX_ALG_DATA 1024 //4 + ?? vendor data
+#define MAX_ALG_DATA 16 //Feature not supported, size reduced
+//Mantains SA attrib info for Phase II negotiation. Defined by IPSEC DOI (RFC 2407)
+class TAttrib_II
+{
+public:
+ TAttrib_II();
+ TInt Compare(TAttrib_II& aAttr, TBool aRelaxed);
+ void Copy(TAttrib_II &aAttr);
+public:
+ TUint8 iTransformNum; //Transform number
+ TUint8 iTransformID; //Transform ID
+ TBuf8<MAX_LIFE_DURATION> iLifeDurationSecs;
+ //TBool iLifetimeReduced;
+ TBuf8<MAX_LIFE_DURATION> iLifeDurationKBytes;
+ //TBool iLifesizeReduced;
+ TUint16 iGroupDesc; //OAKLEY GROUP
+ TUint16 iEncMode; //Encapsulation Mode
+ TUint16 iAuthAlg; //HMAC
+ TUint16 iKeyLength;
+ TUint16 iKeyRounds;
+ TUint16 iComprDicSize; //Compress Dictionary size
+ TBuf8<MAX_ALG_DATA> iComprPrivAlg;
+
+ //TAttrib_II *iNext; //to make a list
+};
+
+class TChosenAttrib_II : public TAttrib_II
+{
+public:
+ TChosenAttrib_II() : TAttrib_II(), iReducedLifeSecs(NULL,0), iReducedLifeKBytes(NULL,0) {} ;
+public:
+ TPtrC8 iReducedLifeSecs;
+ TPtrC8 iReducedLifeKBytes;
+};
+
+NONSHARABLE_CLASS(CAttrib_IIList) : public CArrayPtrFlat<TAttrib_II>
+{
+public:
+ CAttrib_IIList(TInt aGranularity);
+ ~CAttrib_IIList();
+};
+
+NONSHARABLE_CLASS(CProposal_II) : public CBase
+{
+public: //To ensure correct initialization
+
+ void ConstructL(TInt aGranularity = 1);
+ ~CProposal_II();
+// TInt Match(CProposal_II *aRemoteProp, TBool aRelaxed);
+ TInt Match(CProposal_II *aRemoteProp, TBool aRelaxed, TInt* aLocalNbr);
+
+public:
+ TUint8 iProposalNum;
+ TUint8 iProtocol; // Protocol ID in use
+ TUint8 iReplayWindowLength; // replay window size in bits
+ TBuf8<MAX_SPI_SIZE> iSPI; // SPI in the current exchange. SPI is in network order
+ TUint8 iNumTransforms;
+
+ //TAttrib_II *iAttrList; //Contains the list of transforms and attribs
+ CAttrib_IIList *iAttrList; //Contains the list of transforms and attribs
+ //CProposal_II *iNext;
+};
+
+
+NONSHARABLE_CLASS(CProposal_IIList) : public CArrayPtrFlat<CProposal_II>
+{
+public:
+ CProposal_IIList(TInt aGranularity);
+ TInt MultiMatchL(CProposal_IIList *aRemoteProp, TBool aRelaxed, CTransModifierList *aTransArray);
+ ~CProposal_IIList();
+};
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1filesdef.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 1999-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSEC/IKE configuration file macros
+*
+*/
+
+
+//
+// Includes the path of all the relevant security files and directories
+//
+
+#ifndef IKEV1FILESDEF_H
+#define IKEV1FILESDEF_H
+
+//Global Keys file
+#define DEFAULT_IKE_FILE _L("C:\\System\\Data\\Security\\IPSEC\\ike.conf")
+
+#define USER_NAME_CACHE_FILE _L("un")
+
+#endif // IKEV1FILESDEF_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1infonegotiation.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,60 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkev1InfoNegotiation class
+*
+*/
+
+#ifndef C_IKEV1INFONEGOTIATION_H
+#define C_IKEV1INFONEGOTIATION_H
+
+#include <e32base.h>
+
+class CIkev1Negotiation;
+class CIkev1PluginSession;
+class ThdrISAKMP;
+class TPayloadISAKMP;
+class TNotificationISAKMP;
+class MIkeDebug;
+class MKmdEventLoggerIf;
+class TInetAddr;
+
+class CIkev1InfoNegotiation : public CBase
+{
+ friend class TIkev1IsakmpStream;
+ friend class CIkev1PlugIn;
+
+public:
+ CIkev1InfoNegotiation( CIkev1PluginSession& aPluginSession,
+ CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug );
+ void ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort );
+
+ MKmdEventLoggerIf& EventLogger();
+
+private:
+ void InfoExchangeL( const ThdrISAKMP& aHdr );
+ TBool ProcessNotificationL( const TPayloadISAKMP* aPayload, TBool aEncrypted );
+ TBool ProcessDeleteL( const TPayloadISAKMP* aPayload );
+ TBool ProcessDPDNotifyL( TNotificationISAKMP* aNotify );
+
+private:
+ CIkev1PluginSession& iPluginSession;
+ CIkev1Negotiation& iNegotiation;
+ TUint32 iMessageId;
+ MIkeDebug& iDebug;
+};
+
+#endif // C_IKEV1INFONEGOTIATION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1isakmpct.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,456 @@
+/*
+* Copyright (c) 1999-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: key management daemon ISAKMP constants
+*
+*/
+
+
+//
+// ISAKMP constants defines in RFC 2409 (IKE) and 2407(IPSEC DOI)
+//
+
+#ifndef ISAKMPCT_H
+#define ISAKMPCT_H
+
+//
+// All Headers with values in network byte order
+//
+
+#define DEFAULT_IPSEC_SA_LIFETIME 28000 //RFC 2407 (DOI)
+#define MIN_ISAKMP_PAYLOAD_SIZE 4
+
+//Version of the implementation 1.0
+#define MAJOR 1
+#define MINOR 0
+
+//
+// ISAKMP HEADER
+//
+//Flags
+#define ISAKMP_HDR_EFLAG 0x1 // Encryption Bit
+#define ISAKMP_HDR_CFLAG 0x2 // Commit Bit
+#define ISAKMP_HDR_AFLAG 0x4 // Authentication Only Bit
+
+//Payload types
+#define ISAKMP_PAYLOAD_NONE 0 // (Terminator)
+#define ISAKMP_PAYLOAD_SA 1 // Security Association
+#define ISAKMP_PAYLOAD_P 2 // Proposal
+#define ISAKMP_PAYLOAD_T 3 // Transform
+#define ISAKMP_PAYLOAD_KE 4 // Key Exchange
+#define ISAKMP_PAYLOAD_ID 5 // Identification
+#define ISAKMP_PAYLOAD_CERT 6 // Certificate
+#define ISAKMP_PAYLOAD_CR 7 // Certificate Request
+#define ISAKMP_PAYLOAD_HASH 8 // Hash
+#define ISAKMP_PAYLOAD_SIG 9 // Signature
+#define ISAKMP_PAYLOAD_NONCE 10 // Nonce
+#define ISAKMP_PAYLOAD_NOTIF 11 // Notification
+#define ISAKMP_PAYLOAD_D 12 // Delete
+#define ISAKMP_PAYLOAD_VID 13 // Vendor ID
+#define ISAKMP_PAYLOAD_PRIVATE 128 // Private use (up to 255)
+
+#define ISAKMP_EXCHANGE_NONE 0 // None
+#define ISAKMP_EXCHANGE_BASE 1 // Base
+#define ISAKMP_EXCHANGE_ID 2 // Identity Protection (Main mode in IKE)
+#define ISAKMP_EXCHANGE_AUTH 3 // Authentication Only
+#define ISAKMP_EXCHANGE_AGGR 4 // Agressive
+#define ISAKMP_EXCHANGE_INFO 5 // Informational
+//#define ISAKMP_EXCHANGE_DOI 32 // DOI Specific (32..255)
+//Additional Exchanges Defined
+#define IKE_QUICK_MODE 32 //Quick Mode
+#define IKE_NEW_GROUP_MODE 33 //New Group Mode
+
+
+//Protocol number for IPSEC DOI (=1) //ProtocolId in Proposal Payload
+#define PROTO_ISAKMP 1
+#define PROTO_IPSEC_AH 2
+#define PROTO_IPSEC_ESP 3
+#define PROTO_IPCOMP 4
+
+//Transform ID's (RFC 2407)
+//for ISAKMP
+#define KEY_IKE 1 //Oakley
+//for IPSEC_AH
+#define AH_MD5 2 //MUST
+#define AH_SHA 3 //MUST
+#define AH_DES 4
+//for IPSEC_ESP
+#define ESP_DES_IV64 1
+#define ESP_DES 2 //MUST
+#define ESP_3DES 3 //Strongly encouraged
+#define ESP_RC5 4
+#define ESP_IDEA 5
+#define ESP_CAST 6
+#define ESP_BLOWFISH 7
+#define ESP_3IDEA 8
+#define ESP_DES_IV32 9
+#define ESP_RC4 10
+#define ESP_NULL 11 //MUST
+//for IPCOMP
+#define IPCOMP_OUI 1
+#define IPCOMP_DEFLATE 2
+#define IPCOMP_LZS 3
+
+//SA ATTRIBUTES Identifiers Phase I (RFC 2409)
+#define OAKLEY_ATTR_TYPE_ENCR_ALG 1
+#define OAKLEY_ATTR_TYPE_HASH_ALG 2
+#define OAKLEY_ATTR_TYPE_AUTH_METH 3
+#define OAKLEY_ATTR_TYPE_GROUP_DESC 4
+#define OAKLEY_ATTR_TYPE_GROUP_TYPE 5
+#define OAKLEY_ATTR_TYPE_GROUP_PRIME 6
+#define OAKLEY_ATTR_TYPE_GROUP_GEN1 7
+#define OAKLEY_ATTR_TYPE_GROUP_GEN2 8
+#define OAKLEY_ATTR_TYPE_GROUP_CRVA 9 //Group curve A
+#define OAKLEY_ATTR_TYPE_GROUP_CRVB 10 //Group curve B
+#define OAKLEY_ATTR_TYPE_LIFE_TYPE 11
+#define OAKLEY_ATTR_TYPE_LIFE_DUR 12
+#define OAKLEY_ATTR_TYPE_PRF 13
+#define OAKLEY_ATTR_TYPE_KEY_LEN 14
+#define OAKLEY_ATTR_TYPE_FIELD_SIZE 15
+#define OAKLEY_ATTR_TYPE_GROUP_ORDER 16
+
+//Values for each of the attributes
+//encription algorithms
+#define DES_CBC 1
+#define IDEA_CBC 2
+#define BLOWFISH_CBC 3
+#define RC5_R16_B64_CBC 4
+#define DES3_CBC 5
+#define CAST_CBC 6
+#define AES_CBC 7 //From <draft-ietf-ipsec-ciph-aes-cbc-04.txt>
+
+#define ESP_DES_CBC 2
+#define ESP_3DES_CBC 3
+#define ESP_NULL 11
+#define ESP_AES_CBC 12
+
+//hash algorithms
+#define HASH_MD5 1
+#define HASH_SHA1 2
+#define HASH_TIGER 3
+//authentication methods
+#define PRE_SHARED 1 //pre-shared key
+#define DSS_SIG 2 //DSS signatures
+#define RSA_SIG 3 //RSA signatures
+#define RSA_ENCR 4 //Encryption with RSA
+#define RSA_REV_ENCR 5 //Revised encryption with RSA
+
+//group descriptions
+#define MODP_768 1 //default 768-bit MODP group (section 6.1)
+#define MODP_1024 2 //alternate 1024-bit MODP group (section 6.2)
+#define EC2N_155 3 //EC2N group on GP[2^155] (section 6.3) 3
+#define EC2N_185 4 //EC2N group on GP[2^185] (section 6.4) 4
+#define MODP_1536 5 //alternate 1536-bit MODP group (draft-ietf-ipsec-ike-modp-groups-04.txt)
+#define MODP_2048 14 //IETF RFC 3526
+#define OAKLEY_DEFAULT_GROUP MODP_768 //default group. Not sure if needed.
+//Group Types
+#define MODP 1 //(modular exponentiation group)
+#define ECP 2 //(elliptic curve group over GF[P])
+#define EC2N 3 //(elliptic curve group over GF[2^N])
+//Life Type
+#define SECONDS 1
+#define KBYTES 2
+
+//PRF
+#define OAKLEY_PRF_3DES_CBC_MAC 1 //Only one implemented by now
+
+//Current DOI's in use
+#define IPSEC_DOI 1
+
+//SA ATTRIBUTES Identifiers Phase II (RFC 2407) iDOI
+#define DOI_ATTR_TYPE_LIFE_TYPE 1
+#define DOI_ATTR_TYPE_LIFE_DUR 2
+#define DOI_ATTR_TYPE_GROUP_DESC 3
+#define DOI_ATTR_TYPE_ENC_MODE 4
+#define DOI_ATTR_TYPE_AUTH_ALG 5
+#define DOI_ATTR_TYPE_KEY_LEN 6
+#define DOI_ATTR_TYPE_KEY_ROUNDS 7
+#define DOI_ATTR_TYPE_COMP_DIC_SIZE 8
+#define DOI_ATTR_TYPE_COMP_PRIV_ALG 9
+//Values for each of the attributes of PHASE_II
+
+//Life type as Phase I
+//Encapsulation Mode
+#define DOI_TUNNEL 1
+#define DOI_TRANSPORT 2
+//Authentication Algorithm values
+#define DOI_HMAC_MD5 1
+#define DOI_HMAC_SHA 2
+#define DOI_DES_MAC 3
+#define DOI_KPDK 4
+
+#define IPSEC_SIT_IDENTITY_ONLY 0x1 //As defined in RFC 2407 DOI for ISAKMP
+#define IPSEC_SIT_SECRECY 0x2
+#define IPSEC_SIT_INTEGRITY 0x4
+
+//ID Types for IPSEC DOI
+#define ID_IPV4_ADDR 1
+#define ID_FQDN 2
+#define ID_USER_FQDN 3
+#define ID_IPV4_ADDR_SUBNET 4
+#define ID_IPV6_ADDR 5
+#define ID_IPV6_ADDR_SUBNET 6
+#define ID_IPV4_ADDR_RANGE 7
+#define ID_IPV6_ADDR_RANGE 8
+#define ID_DER_ASN1_DN 9
+#define ID_DER_ASN1_GN 10
+#define ID_KEY_ID 11
+
+//Certificate Types
+#define NONE 0
+#define PKCS 1 //PKCS #7 wrapped X.509 certificate
+#define PGP 2 //PGP Certificate
+#define DNS 3 //DNS Signed Key
+#define X509_CERT_SIG 4 //X.509 Certificate - Signature
+#define X509_CERT_KE 5 //X.509 Certificate - Key Exchange
+#define KERBEROS 6 //Kerberos Tokens
+#define CRL 7 //Certificate Revocation List (CRL)
+#define ARL 8 //Authority Revocation List (ARL)8
+#define SPKI 9 //SPKI Certificate
+#define X509_CERT_ATTR 10 //X.509 Certificate - Attribute
+
+//NOTIFY MESSAGES - ERROR TYPES
+#define INVALID_PAYLOAD_TYPE 1
+#define DOI_NOT_SUPPORTED 2
+#define SITUATION_NOT_SUPPORTED 3
+#define INVALID_COOKIE 4
+#define INVALID_MAJOR_VERSION 5
+#define INVALID_MINOR_VERSION 6
+#define INVALID_EXCHANGE_TYPE 7
+#define INVALID_FLAGS 8
+#define INVALID_MESSAGE_ID 9
+#define INVALID_PROTOCOL_ID 10
+#define INVALID_SPI 11
+#define INVALID_TRANSFORM_ID 12
+#define ATTRIBUTES_NOT_SUPPORTED 13
+#define NO_PROPOSAL_CHOSEN 14
+#define BAD_PROPOSAL_SYNTAX 15
+#define PAYLOAD_MALFORMED 16
+#define INVALID_KEY_INFORMATION 17
+#define INVALID_ID_INFORMATION 18
+#define INVALID_CERT_ENCODING 19
+#define INVALID_CERTIFICATE 20
+#define CERT_TYPE_UNSUPPORTED 21
+#define INVALID_CERT_AUTHORITY 22
+#define INVALID_HASH_INFORMATION 23
+#define AUTHENTICATION_FAILED 24
+#define INVALID_SIGNATURE 25
+#define ADDRESS_NOTIFICATION 26
+#define NOTIFY_SA_LIFETIME 27
+#define CERTIFICATE_UNAVAILABLE 28
+#define UNSUPPORTED_EXCHANGE_TYPE 29
+#define UNEQUAL_PAYLOAD_LENGTHS 30
+
+//RESERVED (Future Use) 31 - 8191
+//Private Use 8192 - 16383
+
+//NOTIFY MESSAGES - STATUS TYPES
+#define CONNECTED 16384
+//RESERVED (Future Use) 16385 - 24575
+//DOI-specific codes 24576 - 32767
+#define DOI_RESPONDER_LIFETIME 24576
+#define DOI_REPLAY_STATUS 24577
+#define DOI_INITIAL_CONTACT 24578
+//Private Use 32768 - 40959
+//RESERVED (Future Use) 40960 - 65535
+
+//
+// Notify message types for Dead Peer Detection (DPD) defined in
+// <draft-ietf-ipsec-dpd-04.txt>
+//
+#define DPD_R_U_THERE 36136
+#define DPD_R_U_THERE_ACK 36137
+
+//
+// IKE CRACK constants defines in <draft-harkins-ipsra-crack-00.txt>
+//
+
+//authentication method
+#define IKE_A_CRACK 128 //CRACK authentication
+
+//Challenge/Response payload (CHRE)
+#define ISAKMP_PAYLOAD_CHRE 128 //CHRE payload
+
+
+//Legacy Authentication types
+#define CRACK_PASSWORD 1
+
+//LAM attributes (in CHRE payload)
+#define CRACK_T_USERNAME 16390 //Variable
+#define CRACK_T_SECRET 16391 //Variable
+#define CRACK_T_DOMAIN 16392 //Variable
+#define CRACK_T_PIN 16393 //Variable
+#define CRACK_T_CHALLENGE 16394 //Variable
+#define CRACK_T_MESSAGE 16395 //Variable
+#define CRACK_T_FIN 16396 //Basic
+
+//CRACK Finish attribute values
+#define CRACK_FIN_SUCCESS 1
+#define CRACK_FIN_MORE 2
+
+//
+// Definitions for Private Internal Address payload
+//
+
+// Internal Address payload
+#define ISAKMP_INT_NETWORK 247 //INTNET payload
+
+//Internal Address attributes
+#define PRI_INTERNAL_ADDRESS 24001 //Variable
+#define PRI_INTERNAL_DNS 24002 //Variable
+#define PRI_INTERNAL_WINS 24003 //Variable
+
+//
+// Definitions for expanded Vendor ID payload options
+//
+#define VENDOR_OPTION_HASH 1
+#define VENDOR_OPTION_NAT_TRAVERSAL 2
+#define VENDOR_OPTION_VERSION 3
+
+#define NOKIA_UDP_ENCAPS_PORT 9872
+#define UDP_KEEPALIVE_TIME 30 // Default value 30 seconds
+
+// NAT Discovery and NAT original address payloads (
+#define IETF_NAT_DISCOVERY 130 // 15 in draft version 05 and later
+#define IETF_NAT_ORIG_ADDR 131 // 16 in draft version 05 and later
+#define IETF_RFC_NAT_DISCOVERY 20 // 15 in draft version 05 and later
+#define IETF_RFC_NAT_ORIG_ADDR 21 // 16 in draft version 05 and later
+
+// Encapsulation modes with NAT-traversal
+#define UDP_ENC_TUNNEL 61443 // 3 in draft version 03 and later
+#define UDP_ENC_TRANSPORT 61444 // 4 in draft version 03 and later
+#define UDP_RFC_ENC_TUNNEL 3 // 3 in draft version 03 and later
+#define UDP_RFC_ENC_TRANSPORT 4 // 4 in draft version 03 and later
+
+//
+// Definitions related to Extended Authentication (XAUTH) (draft-beaulieu-ike-xauth-02.txt)
+// and to The ISAKMP Configuration Method (MODE-CFG) (draft-dukes-ike-mode-cfg-01.txt)
+// The ISAKMP Configuration Method defines an ISAKMP exchange called Transaction Exchange.
+// Both XAUTH and MODE-CFG uses that ISAKMP exchange.
+//
+#define ISAKMP_EXCHANGE_TRANSACT 6 // Transaction exchange
+
+//
+// XAUTH Notification via Authentication Method Types
+// The following values relate to the ISAKMP authentication method
+// attribute used in proposals. They optionally allow an XAUTH
+// implementation to propose use of extended authentication after the
+// initial phase 1 authentication. Values are taken from the private
+// use range defined in [IKE] and should be used among mutually
+// consenting parties.
+//
+#define XAUTHInitPreShared 65001
+#define XAUTHRespPreShared 65002
+#define XAUTHInitDSS 65003
+#define XAUTHRespDSS 65004
+#define XAUTHInitRSA 65005
+#define XAUTHRespRSA 65006
+#define XAUTHInitRSAEncryption 65007
+#define XAUTHRespRSAEncryption 65008
+#define XAUTHInitRSARevisedEncr 65009
+#define XAUTHRespRSARevisedEncr 65010
+#define XAUTHInitIndicator (TUint16)0x1
+#define XAUTHMethodBase (TUint16)65000
+#define XAUTHScaler (TUint16)0x1
+
+//
+// Attribute Payload (draft-dukes-ike-mode-cfg-01.txt)
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload ! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Type ! RESERVED ! Identifier !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Attributes ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+#define ISAKMP_PAYLOAD_ATTRIBUTES 14 // Attributes payload
+
+//
+// Configuration message types used within the Type field of an Attribute ISAKMP payload
+// (draft-dukes-ike-mode-cfg-01.txt)
+//
+#define ISAKMP_CFG_REQUEST 1 // Configure request
+#define ISAKMP_CFG_REPLY 2 // Configure reply
+#define ISAKMP_CFG_SET 3 // Configure set
+#define ISAKMP_CFG_ACK 4 // Configure ack
+
+//
+// Configuration Attribute values within an Attributes Payload
+// (draft-dukes-ike-mode-cfg-01.txt)
+//
+#define ATTR_INTERNAL_IP4_ADDR 1 // Internal IPv4 address (=Virtual IP)
+#define ATTR_INTERNAL_IP4_MASK 2 // Internal IPv4 mask
+#define ATTR_INTERNAL_IP4_DNS 3 // Internal DNS address
+#define ATTR_INTERNAL_IP4_NBNS 4 // Internal NBNS address
+#define ATTR_INTERNAL_ADDR_EXPIRY 5 // Internal Address expiry time
+#define ATTR_INTERNAL_IP4_DHCP 6 // Internal DHCP address
+#define ATTR_APPLICATION_VERSION 7 // Application version data
+#define ATTR_INTERNAL_IP6_ADDR 8 // Internal IPv6 address (=Virtual IP)
+#define ATTR_INTERNAL_IP6_MASK 9 // Internal IPv6 mask
+#define ATTR_INTERNAL_IP6_DNS 10 // Internal DNS address
+#define ATTR_INTERNAL_IP6_NBNS 11 // Internal NBNS address
+#define ATTR_INTERNAL_IP6_DHCP 12 // Internal DHCP address
+#define ATTR_INTERNAL_IP4_SUBNET 13 // Internal IPv4 subnet (=policy selector)
+#define ATTR_SUPPORTED_ATTRIBUTES 14 // Supported attributes info data
+#define ATTR_INTERNAL_IP6_SUBNET 15 // Internal IPv6 subnet (=policy selector)
+
+//
+// Extended Authentication Attribute values within an Attributes Payload
+// (draft-beaulieu-ike-xauth-02.txt)
+//
+#define ATTR_XAUTH_TYPE 16520 // Extended authentication type code
+#define ATTR_USER_NAME 16521 // User name data
+#define ATTR_PASSWORD 16522 // Password data
+#define ATTR_PASSCODE 16523 // Passcode data
+#define ATTR_MESSAGE 16524 // Message data
+#define ATTR_CHALLENGE 16525 // Challenge data
+#define ATTR_DOMAIN 16526 // Domain name data
+#define ATTR_STATUS 16527 // Status value
+#define ATTR_NEXT_PIN 16528 // Next PIN value
+#define ATTR_ANSWER 16529 // Answer data
+
+//
+// Additional Extended Authentication Attribute values within an
+// Attributes Payload.
+// (draft-ietf-ipsec-isakmp-xauth-04.txt)
+//
+#define ATTR_PIX_XAUTH_TYPE 13 // Extended authentication type code
+#define ATTR_PIX_USER_NAME 14 // User name data
+#define ATTR_PIX_PASSWORD 15 // Password data
+#define ATTR_PIX_PASSCODE 16 // Passcode data
+#define ATTR_PIX_MESSAGE 17 // Message data
+#define ATTR_PIX_CHALLENGE 18 // Challenge data
+#define ATTR_PIX_DOMAIN 19 // Domain name data
+#define ATTR_PIX_STATUS 20 // Status value
+
+//
+// Extended Authentication type values
+// (draft-beaulieu-ike-xauth-02.txt)
+//
+#define ATTR_XAUTH_GENERIC 0 // Generic authentication type code
+#define ATTR_XAUTH_RADIUS_CHAP 1 // RADIUS CHAP authentication type code
+#define ATTR_XAUTH_OTP 2 // OTP authentication type code
+#define ATTR_XAUTH_SKEY 3 // S/KEY authentication type code
+
+//
+// Extended Authentication Set status values
+// (draft-beaulieu-ike-xauth-02.txt)
+//
+#define ATTR_STATUS_OK 1
+#define ATTR_STATUS_FAIL 0
+
+#endif // ISAKMPCT_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1isakmpstream.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Stream class definition for ISAKMP
+*
+*/
+
+
+#ifndef IKEV1ISAKMPSTREAM_H
+#define IKEV1ISAKMPSTREAM_H
+
+#include <e32base.h>
+
+
+class CIkev1Negotiation;
+class TInetAddr;
+class TAttrib;
+class TIdentISAKMP;
+class TAttrib_II;
+class MIkeDebug;
+
+//
+// Constructing outgoing message
+//
+class TIkev1IsakmpStream
+{
+public:
+ TIkev1IsakmpStream( MIkeDebug& aDebug );
+ void IsakmpInit(CIkev1Negotiation *aSession);
+ void IsakmpSa();
+ void IsakmpKeyL();
+ void IsakmpOwnIdentL();
+ void IsakmpPeerIdentL();
+ void IsakmpCertificateL();
+ void IsakmpCertificateReqL();
+ void IsakmpHashL();
+ void IsakmpHashContL();
+ void IsakmpSignatureL();
+ void IsakmpNonce();
+ void IsakmpNotification(TUint16 aType, TUint8 aProtocol, TUint8* aNotifData = NULL, TInt aLth = 0);
+ void IsakmpReplayStatus(TUint8 aProtocol, TUint32 aSPI, TUint8 aReplayWindowLength);
+ void IsakmpResponderLifetime(TUint8 aProtocol, TUint32 aSPI, const TDesC8 &aLifetime, const TDesC8 &aLifesize);
+ void IsakmpDelete(TDesC8 &aSPI, TUint8 aProtocol);
+ void IsakmpChre(TUint16 aLAMType, TUint16 aAttr1, HBufC8 *aBfr1,
+ TUint16 aAttr2, HBufC8 *aBfr2, TUint16 aAttr3, HBufC8 *aBfr3);
+ void IsakmpVendorId(TInt aID_Type, TUint8 *aICOOKIE, TUint8 *aRCOOKIE, TInetAddr &aLocalAddr,
+ TUint8 *aGenericVidData = NULL, TInt aGenericVidLth = 0);
+ void IsakmpIntnet(TUint32 aIpv4Addr);
+ void IsakmpNatD(TBool aRfcNatt,TDesC8 &aHash);
+ void IsakmpAttributes(TUint8 aMsgType, TUint16 aIdentifier, TDesC8 &aAttributes);
+
+private:
+ void IsakmpProposal();
+ void IsakmpTransform(TUint8 *aTransform, TUint8 aNumTransforms);
+ void IsakmpAttrib(TUint8 *aTransform);
+ void IsakmpAttrib1(TAttrib *aTransform);
+ void IsakmpAttrib2(TAttrib_II *aTransform);
+ void IsakmpChreAttrib(TUint16 aType, HBufC8 *aBfr);
+ void IsakmpIdentL(TBool aIsOwn); //Own or Peer
+ void Isakmp_Phase1_IdL(TDes8& aIdData, TIdentISAKMP& aIdPayload);
+
+private:
+ CIkev1Negotiation *iNegotiation;//const
+ TUint8 *iNextPayload;
+ TUint8 *iPropNextPayload; //Used for Proposals to avoid overwritting the SA next
+ //field which has to be filled by other payloads
+ TUint8 *iTransfNextPayload; //For Transforms
+ TInt iHash_pos; //Stores a position to insert the hash in PHASE_II
+ MIkeDebug& iDebug;
+
+public:
+ TBuf8<4096> iBuf;
+ TBool iError; //ETrue if any error building the message
+ };
+
+
+
+#endif // IKEV1ISAKMPSTREAM_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1keepalive.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,96 @@
+/*
+* Copyright (c) 2005-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 keep alive object
+*
+*/
+
+
+#ifndef C_IKEV1KEEPALIVE_H
+#define C_IKEV1KEEPALIVE_H
+
+#include <in_sock.h> // TInetAddr
+
+class CIkev1PluginSession;
+class CEchoSender;
+
+/**
+* IKE keepalive event handler
+* @internalComponent
+*/
+class MDpdHeartBeatEventHandler
+{
+ public:
+ /**
+ * IKE PKI service operation completed
+ * @internalComponent
+ * @param aStatus completion status of operation
+ * @param aObject pointer to CIkePkiService object
+ *
+ */
+ virtual void EventHandlerL()=0;
+};
+
+
+NONSHARABLE_CLASS(CIkeV1KeepAlive) : public CTimer
+{
+ public:
+ static CIkeV1KeepAlive* NewL( CIkev1PluginSession& aPluginSession,
+ TInt aPort,
+ TInetAddr& aDestAddr,
+ TInt NatKeepAlive,
+ TInt DpdKeepAlive,
+ MDpdHeartBeatEventHandler* aHandler,
+ TUint8 aDscp = 0 );
+ ~CIkeV1KeepAlive();
+
+ protected:
+ //
+ // CActive methods
+ //
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+ private: // implementation
+ CIkeV1KeepAlive( CIkev1PluginSession& aPluginSession,
+ TInt aPort,
+ TInetAddr& aDestAddr,
+ TInt NatKeepAlive,
+ TInt DpdKeepAlive,
+ MDpdHeartBeatEventHandler* aHandler,
+ TUint8 aDscp );
+ void ConstructL();
+ void StartTimer();
+
+ private: // data
+ MDpdHeartBeatEventHandler* iCallback;
+ CIkev1PluginSession& iPluginSession;
+
+ TInt iPort;
+
+ /** Data to send in keepalive packet */
+ TBuf8<1> iMsg;
+
+ TInt iNatKeepAlive;
+ TInt iDpdKeepAlive;
+
+ TInt iCurrDPDTimeLeft;
+ TInt iRemainingTime;
+
+ TInetAddr iDestAddr;
+
+ TUint8 iDscp;
+};
+
+#endif // C_IKEV1KEEPALIVE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1natdiscovery.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,71 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Negotiation of NAT-Traversal in the IKE
+*
+*/
+
+
+#ifndef C_IKEV1NATDISCOVERY_H
+#define C_IKEV1NATDISCOVERY_H
+
+#include <e32base.h>
+
+class TIkev1IsakmpStream;
+class CProposal_IIList;
+class TVendorISAKMP;
+class TNATDISAKMP;
+class TNATOaISAKMP;
+class TInetAddr;
+
+// Class CIkev1NatDiscovery implents negotiation of NAT-Traversal.
+// The current implementation follows IETF <draft-ietf-ipsec-nat-t-ike-03.txt>.
+class CIkev1NatDiscovery : public CBase
+ {
+public:
+ CIkev1NatDiscovery(){};
+ static CIkev1NatDiscovery* NewL(TUint32 aNatFlags);
+ ~CIkev1NatDiscovery() {};
+ void BuildNatVendorId(TIkev1IsakmpStream &aMsg);
+ void BuildRfcNatVendorId(TIkev1IsakmpStream &aMsg);
+ TBool CheckNatVendorId(const TVendorISAKMP *aVendorPayload);
+ TBool CheckRfcNatVendorId(const TVendorISAKMP *aVendorPayload);
+ void BuildDiscoveryPayloadsL(TIkev1IsakmpStream &aMsg, TUint16 aHashType,
+ TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr);
+ TUint32 CheckDiscoveryPayloadsL(const CArrayFixFlat<const TNATDISAKMP *> *aNatDPayloadArray,
+ TUint16 aHashType, TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr);
+
+ void BuildNatOaPayload(TIkev1IsakmpStream &aMsg, TInetAddr &aLocalAddr, CProposal_IIList *aProposalList);
+ TBool GetPeerOriginalAddress(const TNATOaISAKMP *aNatOaPayload, TInetAddr& aRemoteOrigAddr, CProposal_IIList *aProposalList);
+
+private:
+ void CalculateAddrPortHashL(TUint16 aHashType,
+ TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr);
+ TBool CompareHashData(TUint8 *aHashData, TUint32 aHashLth, TDesC8 &aReferenceHash);
+
+
+ TBool iSupport; // ETrue = Both ends supports current draft
+ TBool iRfcSupport; //ETrue = Both ends support current RFC
+ TBuf8<16> iIetfNattVidHash; // NAT-T vendor id string (= md5("draft-ietf-ipsec-nat-t-ike-05")
+ TBuf8<16> iIetfRfcNattVidHash; // NAT-T vendor id string (= md5("RFC 3947")
+ TBool iHashExists; // ETrue = Hash data below has been calculated
+ TBuf8<32> iLocalAddrPortHash; // value of the HASH(CKY-I | CKY-R | Local_IP | Port)
+ TBuf8<32> iRemoteAddrPortHash; // value of the HASH(CKY-I | CKY-R | Remote_IP | Port)
+
+ };
+
+
+#endif // C_IKEV1NATDISCOVERY_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1negotiation.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,532 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 negotiation.
+*
+*/
+
+#ifndef C_IKEV1NEGOTIATION_H
+#define C_IKEV1NEGOTIATION_H
+
+#include <e32base.h>
+
+#include "ikev1payloads.h"
+#include "ikev1extra.h"
+#include "ikev1SAdata.h"
+#include "ikepolparser.h"
+#include "ipsecsaspiretriever.h"
+
+#define INITIATOR 0
+#define RESPONDER 1
+
+#define PHASE_I 1 //Used to identify the PHASE number
+#define PHASE_II 2
+
+#define OAKLEY_DEFAULT_NONCE_SIZE 128/8 //128 bits = 16 bytes
+#define ISAKMP_HEADER_SIZE 28
+#define ISAKMP_HASH_SIZE 24 //Size for 3des_cbc return value
+#define MAX_PRF_LENGTH 24 //In bytes corresponds to 3DES_CBC
+#define MAX_RETRANS_TIMER 10 //Isakmp packet retransmission timer
+#define MAX_RETRANS_COUNT 7 //Maximum retransmission count
+
+//Vendor ID type codes values
+#define HASH_VENDOR_ID 0 //Contains only a vendor specific hash
+#define EXPANDED_VENDOR_ID 1 //Contains NAT probing data and a vendor specific hash
+#define IETF_NATT_VENDOR_ID 2 //Vendor ID for draft <draft-ietf-ipsec-nat-t-ike-03>
+#define IETF_RFC_NATT_VENDOR_ID 3
+
+const TInt KMaxDpdRetryCount( 2 );
+
+struct TSPINode
+{
+ TInt iPropNum; //Proposal #
+ TUint32 iSeq; //Sequence # in the GETSPI msg
+ TUint32 iSPI; //Received SPI
+};
+
+class TPfkeyMessage;
+class CIkev1PluginSession;
+class CAuthDialogInfo;
+class CIkev1Timeout;
+class CX509Certificate;
+class CIkeKeys;
+class CIkeV1PkiService;
+class TSAISAKMP;
+class TPayloadISAKMP;
+class TKeyISAKMP;
+class TIdentISAKMP;
+class TCertificateISAKMP;
+class TSignatureISAKMP;
+class THashISAKMP;
+class TNotificationISAKMP;
+class TVendorISAKMP;
+class TINTNETISAKMP;
+class TProposalISAKMP;
+class CIkev1NatDiscovery;
+class CIKECRACKNegotiation;
+class CTransNegotiation;
+class TIkev1IsakmpStream;
+class MIkeDebug;
+class MKmdEventLoggerIf;
+class CPFKeySocketIf;
+
+//
+// Class CIkev1Negotiation: Contains all the info for each negotiation in progress
+//
+NONSHARABLE_CLASS(CIkev1Negotiation) : public CBase,
+ public MIpsecSaSpiRetrieverCallback
+ {
+ friend class CIkev1InfoNegotiation;
+ friend class TIkev1IsakmpStream;
+ friend class CIKECRACKNegotiation;
+ friend class CTransNegotiation;
+ friend class CIkev1Payloads;
+
+public:
+ static CIkev1Negotiation* NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator,
+ const TCookie& aResponder );
+
+ static CIkev1Negotiation* NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator,
+ TBool aAutoLogin );
+
+ static CIkev1Negotiation* NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ TIkev1SAData* aIkev1SAdata,
+ TUint aRole,
+ const TPfkeyMessage *aReq = NULL );
+
+ static CIkev1Negotiation* NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ TBool aAutoLogin );
+
+ static CIkev1Negotiation* NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TPfkeyMessage& aReq );
+
+ ~CIkev1Negotiation();
+
+ TBool ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aRemote,
+ TInt aLocalPort );
+ TBool ExecutePhase2L( const ThdrISAKMP& aHdr,
+ const TInetAddr& aRemote,
+ TInt aLocalPort );
+ TBool ExecuteTransactionL( const ThdrISAKMP &aHdr,
+ const TInetAddr& aRemote,
+ TInt aLocalPort );
+ void InitNegotiationL();
+ void InitPhase2L();
+ //used by the timer
+ void ReSendL();
+
+ inline TUint32 AcqSeq() {return iAcquireSeq;}
+ inline TInt GetNotifyStatus() {return iReceivedNotify;}
+ inline void SetNotifyStatus(TInt aStatus) {if (iReceivedNotify == KErrNone) iReceivedNotify = aStatus;}
+ inline TBool Autologin() {return iAutoLogin;}
+ inline TBool Finished() {return iFinished;}
+ inline void SetFinished() {iFinished = ETrue;}
+ inline void SetRekeyInfo(CSARekeyInfo* aSARekeyInfo) { iSARekeyInfo = aSARekeyInfo;}
+ inline TUint32 SAId() {return iSAId;}
+ TIkev1IsakmpStream* SaveIkeMsgBfr(TIkev1IsakmpStream* aMsg);
+ void AuthDialogCompletedL(CAuthDialogInfo *aUserInfo);
+ TInt32 RandomMessageId();
+ void SendDeleteL(TUint8 aProtocol, TUint32 aIpsecSPI = 0); //Send a Delete payload for the negotiation
+ void SendKeepAliveMsgL(TIkev1SAData* aSa);
+
+ TBool IsRekeyingIkeSa();
+ void PreparePhase2L(const TPfkeyMessage &aReq);
+
+ MKmdEventLoggerIf& EventLogger();
+
+// from base class MIpsecSaSpiRetrieverCallback
+
+ /**
+ * Notification about completion of IPsec SPI SA retrieve.
+ *
+ * @param aSpiRequestId Id of the SPI retrieve request.
+ * @param aStatus Completion status
+ * @param aSpi SPI value
+ */
+ void IpsecSaSpiRetrieved(TUint32 aSpiRequestId,
+ TInt aStatus,
+ TUint32 aSpi);
+
+private:
+
+ CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug );
+ CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator );
+ CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote );
+
+ void ConstructL( TBool aAutoLogin );
+ //When receiving an acquire
+ void ConstructL( const TPfkeyMessage& aReq );
+ // To create a negotiation form an existing ISAKMP SA either as negotiator or responder
+ void ConstructL( TIkev1SAData* aIkev1SAdata,
+ TUint aRole,
+ const TPfkeyMessage *aReq = NULL );
+
+ void GetAcquireDataL(const TPfkeyMessage &aReq);
+ void CommonConstructL();
+ TBool BuildProposals1L();
+ TInt BuildProposals2L();
+ //Packet processing functions
+ TBool ProcessHeaderL(const ThdrISAKMP &aHdr);
+ //received packet processing depending on the stage
+ TBool ProcessStage1L(const ThdrISAKMP &aHdr); //Checks SA from INITIATOR
+ TBool ProcessStage2L(const ThdrISAKMP &aHdr); //Checks SA from RESPONDER
+ TBool ProcessStage3MainL(const ThdrISAKMP &aHdr); //Checks KE,NONCE from INITIATOR
+ TBool ProcessStage3AggrL(const ThdrISAKMP &aHdr);//Checks ID,AUTH from RESPONDER
+ TBool ProcessStage4L(const ThdrISAKMP &aHdr); //Checks KE,NONCE from RESPONDER
+ TBool ProcessStage5L(const ThdrISAKMP &aHdr); //Checks ID,AUTH from INITIATOR
+ TBool ProcessStage6L(const ThdrISAKMP &aHdr); //Checks ID,AUTH from RESPONDER
+ TBool ProcessStage7L(const ThdrISAKMP &aHdr); //CRACK authentication going
+ TBool ProcessStage1Phase2L(const ThdrISAKMP &aHdr);//Checks HASH(1),SA,KE,NONCE,ID from INITIATOR
+ TBool ProcessStage2Phase2L(const ThdrISAKMP &aHdr);//Checks HASH(2),SA from RESPONDER
+ TBool ProcessStage3Phase2L(const ThdrISAKMP &aHdr);//Checks HASH(3) from INITIATOR/RESPONDER
+ TBool ProcessCONNECTEDL(const ThdrISAKMP &aHdr);//Checks HASH(INF, NOTIF) from RESPONDER
+ TBool ProcessSAL(const TSAISAKMP *aPayload, TUint8 *aRecvProposals);
+ TBool ProcessProposalsL(const TPayloadISAKMP *aPayload,TUint32 aLengthLeft, TUint8 *aRecvProposals);
+ TInt ProcessTransformsL(const TPayloadISAKMP *aPayload,TUint32 aLengthLeft);
+ TInt ProcessTransforms2L(const TPayloadISAKMP *aPayload,CProposal_II *aProp,TUint32 aLengthLeft);
+ TInt ProcessAttributesL(const TPayloadISAKMP *aPayload,TAttrib *aAttrib); //checks and return the SA attributes
+ TInt ProcessAttributes2L(const TPayloadISAKMP *aPayload,TAttrib_II *aAttrib,TUint8 aProtocol); //checks and return the SA attributes
+ TBool ProcessKeyL(const TKeyISAKMP *aKey); //check payload and stores public key value
+ TBool ProcessNonceL(const TPayloadISAKMP *aPayload);
+ TBool ProcessStage1_II_IDsL(const TIdentISAKMP *aInit_ID_payload,const TIdentISAKMP *aResp_ID_payload, CProposal_IIList *aRecv_proposals);
+ TBool ProcessStage2_II_IDsL(const TIdentISAKMP *aInit_ID_payload,const TIdentISAKMP *aResp_ID_payload);//, CProposal_IIList *aRecv_proposals);
+ TBool CheckIdentL(const TPayloadISAKMP *aPayload);
+ TBool ProcessCertificateReqL(const TCertificateReqISAKMP *aCertReq);
+ TBool ProcessCertificateReqArrayL(const CArrayFixFlat<const TCertificateReqISAKMP *> *aCRPayloadArray);
+ TBool ProcessCertificateArrayL(CArrayFixFlat<const TCertificateISAKMP *> *aCertArray);
+ TBool ProcessSignatureL(const TSignatureISAKMP *aPayload);
+ TBool ProcessHashL(const THashISAKMP *aHashPayload);
+ TBool ProcessHash2L(const ThdrISAKMP &aHdr, const THashISAKMP *aHashPayload, TUint aPadding);
+ TBool ProcessNotificationL(const TNotificationISAKMP *aNotifPayload);
+ TBool ProcessResponderLifetimeL(const TNotificationISAKMP *aNotifPayload);
+ TBool ProcessReplayStatus(const TNotificationISAKMP *aNotifPayload);
+ TBool ProcessInitialContactL(const TNotificationISAKMP *notif_payload);
+ void ProcessVendorL(CArrayFixFlat<const TVendorISAKMP*>* aVids);
+ void ProcessIntAddrL(const TINTNETISAKMP *aIntnetPayload);
+
+ TBool Phase_IExchangeL(const ThdrISAKMP &aHdr);
+ TBool Phase_IIExchangeL(const ThdrISAKMP &aHdr);
+ void QuickModeReplyL();
+ void MainModeReplyL();
+ void AggressiveReplyL();
+
+ //Certificate reading functions
+ TBool ReadCAsL(CArrayFixFlat<TCertInfo*> *aCAList);
+ TBool ReadOwnCertL();
+
+ TCookie CreateCookieL() const;
+ TBool CheckCookies(const TCookie& aInit, const TCookie& aResp);
+ TBool CheckPayloadCode(TUint8 aPayload);
+ TBool CheckVersionL(TUint8 aVersion);
+ TBool CheckExchangeTypeL(TUint8 aType);
+ TBool CheckFlagsL(TUint8 aFlags);
+ TBool CheckMessageIdL(TUint32 aId);
+ TBool CheckDOI(TUint32 aDOI);
+ TBool CheckSituationL(TUint32 aSIT);
+ TBool CheckGenericPayloadL(const TPayloadISAKMP *aPayload);
+ TBool CheckProtocolL(TUint8 aProtocol); //checks if protocol supported
+ TBool CheckSPIL(const TProposalISAKMP *aProposal); //checks if the SPI is valid
+ TBool CheckTransformID(TUint8 aProtocol,TUint8 aID);
+
+ //SA Attributes checking functions
+ TBool CheckEncrAlg(TUint16 aValue);
+ TBool CheckHashAlg(TUint16 aValue);
+ TBool CheckAuthMethod(TUint16 aValue);
+ TBool CheckGroupDesc(TUint16 aValue);
+ TBool CheckGroupType(TUint16 aValue);
+ TBool CheckGroupPrime(const TUint8* aValue, TUint16 length);
+ TBool CheckGroupGen(const TUint8* aValue, TUint16 length);
+ TBool CheckGroupCurve(const TUint8* aValue, TUint16 length);
+ TBool CheckLifeType(TUint16 aValue);
+ TBool CheckLifeDuration(const TUint8* aValue, TUint16 length);
+ TBool CheckPRF(TUint16 aValue);
+ TBool CheckKeyLength(TUint16 aValue,TUint8 aID,TUint8 aProtocol);
+ TBool CheckFieldSize(TUint16 aValue);
+ TBool CheckGroupOrder(const TUint8* aValue, TUint16 length);
+ TBool CheckEncMode(TUint16 aValue);
+ TBool CheckAuthAlg(TUint16 aValue);
+
+ //Certificate payload checks
+ TBool CertifyRemoteIdentityL(const TIdentISAKMP *aIdPayload);
+ TInt CheckEncodingL(TUint8 aEncoding);
+
+
+ //Signatures
+ TBool VerifySignatureL(CX509Certificate *aCert,TUint8 *iHash, TInt aLength,TUint8 *aSig,TUint aSigLength);
+
+
+ //Diffie-Hellman Exchange Routines
+ TBool ComputeDHPublicValueL();
+ void ComputeNonceL();
+
+ //Hash and Signature computation
+ void ComputeHashrL(TDes8 &aHash);
+ void ComputeHash1L(TDes8 &aHash);
+ void ComputeHash2L(TDes8& aHash,TInt aStage,const TUint8 *aHashMsg=NULL,TInt aHashMsgLen=0);
+ TBool VerifyHash2L(const THashISAKMP *iHash,const TUint8 *aHashMsg=NULL,TInt aHashMsgLen=0);
+ TBool VerifyInformationalHashL(const THashISAKMP *aHash,const TPayloadISAKMP *aPayload, TUint32 iMessageId);
+ void ComputeHashInfL(TDes8& aHash,const TUint8 *aHashMsg,TInt aHashMsgLen);
+
+ //Send a Notification packet informing of an error.
+ void SendNotifyL(TUint16 aError);
+
+ void CheckSendResponderLifetime(TIkev1IsakmpStream &aMsg);
+ static TPtrC ExchangeType(TUint8 aExchange);
+ static void TextPayload(TDes &aBuf, TUint8 aPayload);
+ static TPtrC TextNotifyType(TUint16 aNotif);
+
+ //PFKEY related functions
+ void AcquireSAErrorResponse(TInt aError);
+ void GetSPIL();
+ void ReceiveSPIL(TUint32 aSPI, TUint32 aSeq);
+
+ void UpdateSADatabaseL();
+
+ void ComputeLifetimes_II(const TDesC8 &aLifetime, const TDesC8 &aLifesize, TInt64 &aTime, TInt64 &aBytes);
+
+ //CRACK related functions
+ TBool StartCRACKAuthL();
+
+ TBool IsakmpPhase1CompletedL();
+
+ //Socket
+ void SendL(TIkev1IsakmpStream &aMsg);
+
+ inline TUint Role() {return iRole;}
+ inline CIkev1PluginSession* PluginSession() {return iPluginSession;}
+ TInt HashLength(); //Output size for PRF algorithm
+
+ TUint32 ISAKMPEncrKeyLength(TUint8 aAlgId) const; //in bytes
+ TUint32 HMAC_KeyLength(TUint8 aId) const;
+
+ //builds the correct key using the values in iNegotiation
+ TBool ComputeKeysL();
+ void ComputeKeys2L(const CProposal_II *aProp, TInt aKeyLen, TSPINode &aInboundSpiNode, TDes8& aOutboundKey_II, TDes8& aInboundKey_II);
+ void ComputePRFL(TDes8 &prf_output, const TDesC8 &prf_key, const TDesC8 &prf_data);
+ TBool InitIVL(); //Initial IV value
+ TBool ComputeIVL(TDes8 &aIV, TInt32 aMessageId); //subsequent IV computations
+ //Encryption routines
+ void AppendAttributeError(TInt aErr, TDes &aBuf) const;
+ void SaveISAKMPSAL();
+ void CreateChosenProposalL(CProposal_IIList* aPropList, TInt aPropNum, CTransModifierList *aTransArray);
+ TBool ExamineRemoteIdentity(const TDesC8& aRemoteIdInPolicy);
+ TBool ProcessIdentityData(const TDesC8& aIdentity, TUint8* aToIdType, TInetAddr* aToIpAddr1, TInetAddr* aToIpAddr2);
+
+ void DpdNotifyMessageReceivedL(TIkev1SAData* aSa, TUint16 aMsgType, TUint32 aSequence);
+ TUint32 GetNextSequence(TUint32 aSequence);
+ void SendDpdNotifyMessageL(TUint16 aMsgType, TUint32 aSequence);
+
+ TInt ErrorStatus();
+ void SetErrorStatus(TInt aStatus);
+
+ void SendAndSaveIkeMsgL( const TDesC8& aIkeMsg,
+ TInetAddr& aDestAddr,
+ TBool aUseNatPort );
+
+ TBool IsRetransmit(TLastIKEMsg& aRef);
+ void SaveRetransmitInfo(TLastIKEMsg& aRef);
+ void SaveLastMsgL();
+
+public:
+ TCookie iCookie_I; // Initiator Cookie (Used with responder to create KEYID)
+ TCookie iCookie_R; // Responder Cookie
+ TUint32 iSAId;
+ TUint32 iMessageId; // Message Id. o during Phase I
+ CIkev1Negotiation *iNext; // A link field to maintain negotiations.
+
+private:
+ //Data relevant to the host
+ CIkeData *iHostData;
+
+ //Internal Data
+ TInetAddr iLocalAddr;
+ TInetAddr iRemoteAddr; // Remote Address (Gateway or end host)
+
+
+ TUint iRole; // If we are PHASE I Initiator or Responder
+ TUint iPhase; // Phase I or II
+ TUint iStage; // Negotiation Stage
+
+ //Header Data
+ TUint8 iExchange; // IKE mode in use (Main, agressive,...)
+ TUint8 iPrevExchange; // Used to process the last msg of Phase I
+
+ TUint8 iFlags; // Own flags to use when sending a msg header
+ TUint8 iRecvFlags; // Received flags in the last msg header
+ TBool iCommitBitSet; // If true the Commit bit has been set by this host
+ TUint32 iNotifyMessageId; // Message Id. for Informational Exchanges
+ TLastIKEMsg iLastIKEMsgInfo;// Information of the last received IKE message
+
+ //SA Data
+ TUint8 *iSAPayload; // Initiator SA payload (used in the hash computation). Generic payload NOT included
+ TInt iSAPayloadSize;
+ TUint32 iDOI; // Must be IPSEC = 1
+
+ //Proposal/transform list Phase I and II
+ TProposal iProposal_I; // Contains proposed SA attrib for Phase I with it's attr list
+ TProposal iChosenProposal_I;
+ CProposal_IIList *iProposal_IIList; //Contains the Phase_II Proposal List (PROPOSED)
+ CProposal_IIList *iChosenProp_IIList; //Contains the Phase_II Proposal List (Received from the remote peer)
+
+
+ TInt iProposalNum; //Accepted proposed proposal. Needed to know which are the valid SPIs in the next list
+ CArrayFixFlat<TSPINode> *iInboundSPIList;
+
+ //Keys (DH Generated public value when own)
+ CIkeKeys *iOwnKeys; //Contains own public and private keys
+ HBufC8 *iOwnPublicKey;
+ TPtrC8 iOwnPublicKey_ptr;
+ TBuf8<MAX_PRIME_SIZE> iPeerPublicKey; //(gxr)
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID; //KEY used for encryption/decryption of messages
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_d; //KEY used to derive keys for non-ISAKMP SAs
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_a; //KEY used for authentication of ISAKMP messages
+ TBuf8<IKEV1_KEY_MATERIAL_SIZE> iSKEYID_e; //KEY used for encryption/decryption of ISAKMP messages
+
+ //IV used by des_cbc and des3_cbc is 8 and for AES 16
+ TBuf8<IKEV1_MAX_IV_SIZE> iIV; //normal IV
+ TBuf8<IKEV1_MAX_IV_SIZE> iLastIV; //Saves the last IV of PHASE_I to compute iNotifIV everytime and the first IV in Quick mode
+ TInt iIVSize; //Current IV/cipher block size
+
+ //Perfect Forward Secrecy
+ TBool iPFS;
+
+ //Replay Window Length
+ //TInt8 iReplayWindowLength;
+
+ //Nonces
+ TBuf8<MAX_PRIME_SIZE> iNONCE_I;
+ TBuf8<MAX_PRIME_SIZE> iNONCE_R;
+
+ //IDENTITY info
+ TUint8 *iPeerIdentPayload; //Full Peer ID payload for HASH_I/R computation.Generic payload NOT included
+ TInt iPeerIdentPayloadSize;
+ TUint8 *iOwnIdentPayload; //Full own ID payload for HASH_I/R computation.Generic payload NOT included
+ TInt iOwnIdentPayloadSize;
+ //TUint8 iIDType;
+ TUint16 iIDLocalPort;
+ TUint16 iIDRemotePort;
+ TUint8 iIDProtocol;
+ TBool iIDReceived;
+
+ TBool iSwapRemoteIdType;
+ TBool iDefaultRemoteID; //To avoid updating the Remote ID if a default is being used
+ TInetAddr iRemoteAddr1_ID_II;// Remote proxy Address, subnet or initial range
+ TInetAddr iRemoteAddr2_ID_II;// Remote proxy mask or end range
+ TUint8 iRemoteIDType_II;
+ TBool iDefaultLocalID; //To avoid updating the Local ID if a default is being used
+ TInetAddr iLocalAddr1_ID_II; // Local proxy Address, subnet or initial range
+ TInetAddr iLocalAddr2_ID_II; // Local proxy mask or end range if implemented
+ TUint8 iLocalIDType_II;
+
+ //
+ //IETF NAT Traversal information
+ //
+ CIkev1NatDiscovery *iNatDiscovery; // IETF NAT traversal control object pointer
+ TUint32 iNAT_D_Flags; // If not zero, there is NAT between sites
+ TInetAddr iLastRemoteAddr; // Last detected remote address
+ TInetAddr iRemoteOriginalAddr; // Private address of the remote end
+
+ //
+ //NAT Traversal information
+ //
+ TBool iFamiliarPeer; // Nokia VPN implementation detected in peer
+ TBool iNAT_T_Required; // True when NAT detected between local end and peer
+
+ //
+ // Dead peer detection support
+ //
+ TBool iDPDSupported; // Both ends support DPD
+
+ //
+ //Internal address information received from Nokia VPN gateway
+ //
+ CInternalAddress *iInternalAddr; //Internal address and possible DNS addresses
+
+ //
+ // Certificates
+ //
+ TUint8 iEncoding;
+ CX509Certificate *iPeerX509Cert; //Received X509 certificate (or read in RSA encryption if already stored).
+
+ //
+ // Trusted CA certificates list
+ //
+ HBufC8* iPeerTrustedCA; //Trusted CA (of peer)
+ HBufC8* iICA1; //Level 1 Intermediate certificate
+ HBufC8* iICA2; //Level 2 Intermediate certificate
+ HBufC8* iCA;
+ HBufC8* iOwnCert; //Certificate in use
+
+ TBool iSendCert; //Tells if is Required to send our cert in next stage (Told in a Cert Req.)
+ TBool iCertRequested; //Tells whether we've requested a CERT through a CR
+
+ //PFKEY related data
+ TBool iAcquirePending; //Informs if Acquire is pending
+ TUint32 iAcquireSeq; //Seq num received in the acquire msg. will be used for UPDATE
+ TUint32 iSeq; //Current Seq. num will be used in GETSPI
+ TUint32 iPfkeyAcquirePID; //PID in the acquire msg. will be used in GETSPI
+ TUint8 iPendingSPI; // Used for GetSPI and Receive in case there are many SPI to request
+
+ //Miscellanious data
+ HBufC8* iLastMsg; // Last message sent (Used for retransmissions).
+ CIkev1Timeout *iTimer; // Timer to retry sending a message
+ TInt iRetryNum; // Number of retry in the current message
+ TBool iFinished; //Tells if the negotiation is finished to destroy it
+ TBool iAutoLogin; //If ETrue, Negotiation started by policy activation
+ TInt iReceivedNotify; //Status value of (the first) received Notify payload
+ TUint32 iLengthLeft; //Use to check the size of a payload is not bigger than the data left to process
+
+ //References to objects
+ CIkev1PluginSession* iPluginSession; // IKEv1 plugin session
+ CIkeV1PkiService* iPkiService;
+ CIKECRACKNegotiation* iCRACKneg;
+ CTransNegotiation* iTransactionNeg;
+ CSARekeyInfo* iSARekeyInfo;
+ TIkev1IsakmpStream* iSavedIkeMsgBfr;
+ TBool iVendorIDRfc;
+
+ TBool iPhaseIIAfterIkeSaRekey; // Start PhaseII after IKE SA rekeying
+ TInt64 iHardLifetime;
+
+ CIpsecSaSpiRetriever* iIpsecSaSpiRetriever;
+ CPFKeySocketIf& iPFKeySocketIf;
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_IKEV1NEGOTIATION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1nokianattkeepalive.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,84 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Keepalive object for Nokia IPsec over NAT
+*
+*/
+
+
+#ifndef C_IKEV1NOKIANATTKEEPALIVE_H
+#define C_IKEV1NOKIANATTKEEPALIVE_H
+
+#include <in_sock.h> // TInetAddr
+
+class CIkev1PluginSession;
+class MIkeDebug;
+
+/**
+ * Nokia IPsec over NAT keepalive object. Sends
+ * UDP packets to specified host with specified
+ * interval to keep NAT mapping alive. Constructing
+ * the object starts sending and sending is stopped
+ * when destruction happens.
+ * @internalComponent
+ */
+NONSHARABLE_CLASS(CIkev1NokiaNattKeepAlive) : public CBase
+ {
+
+public: // Public constructor and destructor
+ static CIkev1NokiaNattKeepAlive* NewL( CIkev1PluginSession& aPluginSession,
+ TInetAddr& aDestAddr,
+ TUint16 aPort,
+ TUint aInterval,
+ MIkeDebug& aDebug );
+ virtual ~CIkev1NokiaNattKeepAlive();
+
+private: // Private constructors
+
+ CIkev1NokiaNattKeepAlive( CIkev1PluginSession& aPluginSession,
+ TInetAddr& aDestAddr,
+ TUint16 aPort,
+ MIkeDebug& aDebug );
+ void ConstructL( TUint aInterval );
+
+private:
+
+ /**
+ * Send
+ * Sends keepalive packet
+ */
+ void Send();
+
+ /**
+ * PeriodicCallback
+ * Callback function which is called everytime
+ * the interval is reached.
+ */
+ static TInt PeriodicCallback(TAny *aPtr);
+
+private:
+ CIkev1PluginSession& iPluginSession;
+
+ TInetAddr iDestAddr;
+ TUint iPort;
+
+ /** Data to send in keepalive packet */
+ TBuf8<1> iMsg;
+
+ CPeriodic *iTimer;
+
+ MIkeDebug& iDebug;
+
+ };
+
+#endif // C_IKEV1NOKIANATTKEEPALIVE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1payload.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkev1payload class
+*
+*/
+
+#ifndef IKEV1PAYLOAD_H
+#define IKEV1PAYLOAD_H
+
+#include <e32base.h>
+
+
+class ThdrISAKMP;
+class CIkev1Negotiation;
+class TSAISAKMP;
+class TKeyISAKMP;
+class TNonceISAKMP;
+class THashISAKMP;
+class TSignatureISAKMP;
+class TNATOaISAKMP;
+class TCHREISAKMP;
+class TINTNETISAKMP;
+class TAttributeISAKMP;
+class TIdentISAKMP;
+class TCertificateISAKMP;
+class TCertificateReqISAKMP;
+class TNotificationISAKMP;
+class TDeleteISAKMP;
+class TVendorISAKMP;
+class TNATDISAKMP;
+class TPayloadISAKMP;
+class MIkeDebug;
+
+//
+// Processing incoming message
+//
+NONSHARABLE_CLASS(CIkev1Payloads) : public CBase
+ {
+public:
+ ~CIkev1Payloads();
+ static CIkev1Payloads* NewL( const ThdrISAKMP &aHdr,
+ CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug );
+ TBool ParsePayloadsL(const ThdrISAKMP &aHdr);
+
+ const TSAISAKMP* iSa;
+ const TKeyISAKMP* iKe;
+ const TNonceISAKMP* iNonce;
+ const THashISAKMP* iHash;
+ const TSignatureISAKMP* iSign;
+
+ const TNATOaISAKMP* iNatOa;
+ const TCHREISAKMP* iChre;
+ const TINTNETISAKMP* iIaddr;
+ const TAttributeISAKMP* iAttr;
+
+ CArrayFixFlat<const TIdentISAKMP*>* iIds;
+ CArrayFixFlat<const TCertificateISAKMP*>* iCerts;
+ CArrayFixFlat<const TCertificateReqISAKMP*>* iCertReqs;
+ CArrayFixFlat<const TNotificationISAKMP*>* iNotifs;
+ CArrayFixFlat<const TDeleteISAKMP*>* iDeletes;
+ CArrayFixFlat<const TVendorISAKMP*>* iVids;
+ CArrayFixFlat<const TNATDISAKMP*>* iNatDs;
+
+ CArrayFixFlat<const TPayloadISAKMP*>* iGenPlds;
+
+ TUint iPadding;
+
+private:
+ CIkev1Payloads( CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug );
+
+ CIkev1Negotiation& iNegotiation;
+ MIkeDebug& iDebug;
+ };
+
+#endif //IKEV1PAYLOAD_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1payloads.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,713 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 payload handling.
+*
+*/
+
+#ifndef IKEV1PAYLOADS_H
+#define IKEV1PAYLOADS_H
+
+#include <e32math.h>
+#include "ikemsgheader.h"
+#include "ikev1isakmpct.h"
+
+//
+// GENERIC PAYLOAD HEADER
+//
+class TPayloadISAKMP
+ {
+public:
+ TPayloadISAKMP() {u.iData32[0] = 0; }
+ inline TUint8 GetPayload() const;
+ inline void SetPayload(TUint8 aPayload);
+ inline TUint16 GetLength() const;
+ inline void SetLength(TUint16 aLength);
+ inline TUint8 GetReserved() const;
+ inline void SetReserved(TUint8 aVal);
+ inline const TUint8 *SpecificData() const
+ { return (TUint8 *)((char *)this + sizeof(*this)); } //returns a * to the specific data of this payload
+ inline const TUint SpecificDataLen() const
+ { return (GetLength() - sizeof(*this)); } //returns a * to the specific data of this payload
+ inline const TPayloadISAKMP *Next() const
+ { return (TPayloadISAKMP *)((char *)this + GetLength()); }
+
+private:
+ union
+ {
+ TUint32 iData32[1];
+ TUint16 iData16[2];
+ TUint8 iData8[4];
+ } u;
+ };
+inline TUint8 TPayloadISAKMP::GetPayload() const { return u.iData8[0]; }
+inline void TPayloadISAKMP::SetPayload(TUint8 aPayload) { u.iData8[0] = aPayload; }
+inline TUint16 TPayloadISAKMP::GetLength() const { return (TUint16)GET16(&u.iData8[2]); }
+inline void TPayloadISAKMP::SetLength(TUint16 aLength) { PUT16(&u.iData8[2], aLength); }
+inline TUint8 TPayloadISAKMP::GetReserved() const { return u.iData8[1]; }
+inline void TPayloadISAKMP::SetReserved(TUint8 aVal) { u.iData8[1] = aVal; }
+
+//
+// SA PAYLOAD
+//
+
+
+class TProposalISAKMP;
+
+//Plus Variable field (Labeled Domain Identifier) from IPSEC DOI (included in length if present)
+//use TSAPayloadISAKMP to decodify its values;
+
+class TSAPayloadISAKMP
+{
+ public:
+ inline TSAPayloadISAKMP() {iReserved=0;}
+
+ public:
+ inline TUint16 GetLength() const { return (TUint16)GET16(&iLength); }
+ inline void SetLength(TUint16 aLength) { PUT16(iLength, aLength); }
+ inline TUint16 GetReserved() const { return iReserved; } //No need to swap because always 0
+ inline const TSAPayloadISAKMP *Next() const //next payload
+ { return (TSAPayloadISAKMP *)((TUint8 *)this + GetLength()); }
+ inline const TUint32 *Data() const
+ { return (TUint32 *)(this + sizeof(*this)); } //returns the address of the data field
+
+ private:
+ TUint16 iLength;
+ TUint16 iReserved;
+};
+//followed by a variable size field of the length indicated
+
+class TSAISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint32 Size() const { return sizeof(TSAISAKMP); } //sizeof OK because aligned
+ inline TUint32 GetDOI() const { return GET32(&iDOI); }
+ inline void SetDOI(TUint32 aDOI) { PUT32(&iDOI, aDOI); }
+ inline TUint32 GetSIT() const { return GET32(&iSIT); }
+ inline void SetSIT(TUint32 aSIT) { PUT32(&iSIT, aSIT); }
+ inline TUint GetSITLength() const
+ {
+ if ( GetDOI() == IPSEC_DOI) //IPSEC DOI has SPI of size 4 octets
+ return 4;
+ return 0;
+ }
+ inline TBool HasLDId() const
+ {
+ TUint32 sit=(IPSEC_SIT_SECRECY | IPSEC_SIT_INTEGRITY);
+ if ((GetDOI()==IPSEC_DOI) && (GetSIT() & sit))
+ return ETrue; //DOI and (SECRECY or INTEGRITY) supported
+
+ return EFalse;
+ }
+ static inline TSAISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TSAISAKMP *)aPayload; }
+ inline TUint32 *Data() const
+ { return (TUint32 *)(this + sizeof(*this)); } //returns the address of the data field following the header
+ TPayloadISAKMP* Payload() const
+ {
+ TUint size= sizeof(*this); //fixed size
+ if (!HasLDId())
+ return (TPayloadISAKMP *) ((TUint8*)this + size);
+ size += 4; //Labeled Domain Identifier payload size
+ TUint32 *d=Data();
+ TSAPayloadISAKMP *p = (TSAPayloadISAKMP *)++d;
+ TInt32 res;
+
+ for (TInt i=0; i < 4; i++)
+ {
+ if (i % 2==0) //Fields 1 and 3 in bytes
+ Math::Int(res, p->GetLength() / 4);
+ else //Fields 2, 4 in bits
+ Math::Int(res, p->GetLength() / 32);
+
+ size += res+1;
+ }
+
+ return (TPayloadISAKMP *) ((TUint8 *)this + size);
+ }
+
+ TUint32 iDOI;
+ TUint32 iSIT;
+};
+
+class TTransformISAKMP;
+class TProposalISAKMP : public TPayloadISAKMP
+ {
+public:
+ inline TUint32 Size() const { return sizeof(TProposalISAKMP); }//sizeof OK because aligned
+ inline TUint8 GetNum() const { return iNum; };
+ inline void SetNum(TUint8 aPayload) { iNum = aPayload; };
+ inline TUint8 GetProtocol() const { return iProtocol; };
+ inline void SetProtocol(TUint8 aPayload) { iProtocol = aPayload; };
+ inline TUint8 GetSPISize() const { return iSPISize; };
+ inline void SetSPISize(TUint8 aPayload) { iSPISize = aPayload; };
+ inline TUint8 GetNumTrans() const { return iNumTrans; };
+ inline void SetNumTrans(TUint8 aPayload) { iNumTrans = aPayload; };
+ //inline TUint32 GetSPI() const { return iSPI; };
+ //inline void SetSPI(TUint32 aSPI) { iSPI = aSPI; };
+ static inline TProposalISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TProposalISAKMP *)aPayload; }
+ inline const TPayloadISAKMP* Payload() const //next payload (transform)
+ { return (TPayloadISAKMP*)((TUint8*)this + sizeof(*this) + GetSPISize()); }
+ inline const TUint8 *SPI() {return (const TUint8 *)((TUint8*)this + sizeof(*this));} //* to the SPI
+ //void String(TDes &aStr) const;
+
+//private:
+ TUint8 iNum; //Proposal Number
+ TUint8 iProtocol; //Protocol ID for the current negotiation PROTO_ISAKMP, PROTO_IPSEC_AH, PROTO_IPSEC_ESP, ...
+ TUint8 iSPISize; //size in octets. For ISAKMP should be from 0 to 16. If >0 SPI ignored
+ TUint8 iNumTrans; //Num of transformations
+ //TUint32 iSPI; //Variable size (depends on protocol). No Padding.
+ };
+
+
+class TDataISAKMP;
+class TTransformISAKMP : public TPayloadISAKMP
+ {
+public:
+ inline TTransformISAKMP() {iReserved=0;}
+public:
+ inline TUint32 Size() const { return sizeof(TTransformISAKMP); } //sizeof OK because aligned
+ inline TUint8 GetNum() const { return iNum; };
+ inline void SetNum(TUint8 aPayload) { iNum = aPayload; };
+ inline TUint8 GetID() const { return iID; };
+ inline void SetID(TUint8 aPayload) { iID = aPayload; };
+ inline TUint16 GetReserved() const { return (TUint16)GET16(&iReserved); };
+ static inline TTransformISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TTransformISAKMP *)aPayload; }
+ inline TDataISAKMP *SAAttrib() const {return (TDataISAKMP *)((TUint8*)this + sizeof(*this)); } //* to SA attributes
+ //void String(TDes &aStr) const;
+
+//private:
+ //TPayloadISAKMP iHdr; //Generic part
+ TUint8 iNum; //Transform Number
+ TUint8 iID; //Transform ID for the current negotiation AH, ESP, OSPF, TLS, ...
+ TUint16 iReserved; //always set to 0
+};
+
+
+
+class TKeyISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TKeyISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TKeyISAKMP *)aPayload; }
+ //void String(TDes &aStr) const;
+ inline TUint8 *KeyData() const {return ((TUint8*)this + sizeof(*this)); } //* to keyData
+
+};
+
+
+//would require a few modifications for DOI != IPSECDOI
+class TIdentISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint8 GetIDType() const { return iIDType; }
+ inline void SetIDType(TUint8 aIDType) { iIDType=aIDType; }
+ //IPSEC DOI Specific routines
+ inline TUint8 GetProtocol() const { return iProtocolID; }
+ inline void SetProtocol(TUint8 aProtocolID) { iProtocolID = aProtocolID; };
+ inline TUint16 GetPort() const { return (TUint16)GET16(&iPort); }
+ inline void SetPort(TUint16 aPort) { PUT16(&iPort, aPort); }
+ //
+ static inline TIdentISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TIdentISAKMP *)aPayload; }
+ //TBool String(TDes &aStr,TUint aLength) const;
+ inline TUint8 *IDData() const {return ((TUint8*)this + sizeof(*this)); } //* to identity data
+ inline TUint16 IDDataLen() const {return (TUint16)(GetLength() - sizeof(*this)); } //Length of the payload data
+public:
+ TUint8 iIDType;
+ //IPSEC DOI Specific fields
+ TUint8 iProtocolID;
+ TUint16 iPort;
+
+};
+
+
+
+//Used for certificate
+//WARNING:Do not use sizeof this class, better Size because size of returns aligned size and not the real.
+class TCertificateISAKMP: public TPayloadISAKMP
+{
+public:
+ inline TUint8 GetEncoding() const { return iEncoding; }
+ inline void SetEncoding(TUint8 aEncoding) { iEncoding = aEncoding; }
+ static inline TUint16 Size() {return (sizeof(TPayloadISAKMP) + sizeof(TUint8));} //TUint8 is iEncoding
+ inline TUint16 CertDataLen() const {return (TUint16)(GetLength()-Size()); } //* to certificate data
+ inline TUint8 *CertData() const {return ((TUint8*)this + Size()); }
+ //+1 for iEncoding.Cannot use sizeof(*this) because is not aligned and returns 8 instead of 5
+
+ static inline TCertificateISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TCertificateISAKMP *)aPayload; }
+
+ TUint8 iEncoding; // Certificate Encoding
+
+};
+
+
+
+//Used for certificate Request payloads
+class TCertificateReqISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint8 GetEncoding() const { return iEncoding; }
+ inline void SetEncoding(TUint8 aEncoding) { iEncoding= aEncoding; }
+ static inline TUint16 Size() {return (sizeof(TPayloadISAKMP) + sizeof(TUint8));} //TUint8 is iEncoding
+ static inline TCertificateReqISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TCertificateReqISAKMP *)aPayload; }
+ inline TUint16 CertReqDataLen() const {return (TUint16)(GetLength() - Size()); } //* to certificate data
+ inline TUint8 *CertReqData() const {return ((TUint8*)this + Size()); }
+
+ TUint8 iEncoding; // Certificate Encoding
+
+};
+
+class THashISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline THashISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (THashISAKMP *)aPayload; }
+ inline TUint8 *Data() const {return ((TUint8*)this + sizeof(*this)); } //pointer to hash data
+ inline TUint16 DataLen() const {return (TUint16)(GetLength() - sizeof(*this)); } //pointer to hash data
+ //TBool String(TDes &aStr,TUint aLength) const;
+};
+
+
+class TSignatureISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TSignatureISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TSignatureISAKMP *)aPayload; }
+ inline TUint16 GetDataLength() const //Length of the data part in bytes
+ { return (TUint16)(GetLength() - sizeof(*this));}
+ inline TUint8 *SigData() const {return ((TUint8*)this + sizeof(*this)); } //pointer to signature data
+
+};
+
+class TNonceISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TNonceISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TNonceISAKMP *)aPayload; }
+
+ inline TUint8 *NonceData() const {return ((TUint8*)this + sizeof(*this)); } //* to Nonce Data
+ inline TUint16 NonceDataLen() const {return (TUint16)(GetLength() - sizeof(*this)); } //* to Nonce Data
+};
+
+
+
+class TNotificationISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint32 GetDOI() const { return GET32(&iDOI); };
+ inline void SetDOI(TUint32 aDOI) { PUT32(&iDOI, aDOI); };
+ inline TUint8 GetProtocol() const { return iProtocol; };
+ inline void SetProtocol(TUint8 aPayload) { iProtocol = aPayload; };
+ inline TUint8 GetSPISize() const { return iSPISize; };
+ inline void SetSPISize(TUint8 aPayload) { iSPISize = aPayload; };
+ inline TUint16 GetMsgType() const { return (TUint16)GET16(&iMsgType); };
+ inline void SetMsgType(TUint16 aMsgType) { PUT16(&iMsgType, aMsgType); };
+ inline TUint8 *GetSPI() const { return ((TUint8*)this + sizeof(*this)); }; //returns the SPI Data
+ inline TUint8 *GetNotifData() const { return ((TUint8*)this + sizeof(*this) + iSPISize); }; //returns the Notification Data
+ inline TUint16 GetNotifDataSize() const { return (TUint16)(GetLength() - (sizeof(*this) + iSPISize)); };//returns the Notification Data Length
+
+ static inline TNotificationISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TNotificationISAKMP *)aPayload; }
+
+ TUint32 iDOI; //Domain Of Interpretation
+ TUint8 iProtocol; //Protocol ID for the current notification
+ TUint8 iSPISize; //size in octets. For ISAKMP should be from 0 to 16. If >0 SPI ignored
+ TUint16 iMsgType; //Notify msg type. See constants.
+ //Plus the variable fields SPI and Notification Data (both included in length)
+private:
+ inline void MsgTypeToStr(TDes &aBuf, TUint16 aMsgType) const
+ {
+#ifdef _DEBUG
+ switch (aMsgType)
+ {
+ //NOTIFY MESSAGES - ERROR TYPES
+ case INVALID_PAYLOAD_TYPE:
+ aBuf = _L("INVALID_PAYLOAD_TYPE");
+ break;
+ case DOI_NOT_SUPPORTED:
+ aBuf = _L("DOI_NOT_SUPPORTED");
+ break;
+ case SITUATION_NOT_SUPPORTED:
+ aBuf = _L("SITUATION_NOT_SUPPORTED");
+ break;
+ case INVALID_COOKIE:
+ aBuf = _L("INVALID_COOKIE");
+ break;
+ case INVALID_MAJOR_VERSION:
+ aBuf = _L("INVALID_MAJOR_VERSION");
+ break;
+ case INVALID_MINOR_VERSION:
+ aBuf = _L("INVALID_MINOR_VERSION");
+ break;
+ case INVALID_EXCHANGE_TYPE:
+ aBuf = _L("INVALID_EXCHANGE_TYPE");
+ break;
+ case INVALID_FLAGS:
+ aBuf = _L("INVALID_FLAGS");
+ break;
+ case INVALID_MESSAGE_ID:
+ aBuf = _L("INVALID_MESSAGE_ID");
+ break;
+ case INVALID_PROTOCOL_ID:
+ aBuf = _L("INVALID_PROTOCOL_ID");
+ break;
+ case INVALID_SPI:
+ aBuf = _L("INVALID_SPI");
+ break;
+ case INVALID_TRANSFORM_ID:
+ aBuf = _L("INVALID_SPI");
+ break;
+ case ATTRIBUTES_NOT_SUPPORTED:
+ aBuf = _L("ATTRIBUTES_NOT_SUPPORTED");
+ break;
+ case NO_PROPOSAL_CHOSEN:
+ aBuf = _L("NO_PROPOSAL_CHOSEN");
+ break;
+ case BAD_PROPOSAL_SYNTAX:
+ aBuf = _L("BAD_PROPOSAL_CHOSEN");
+ break;
+ case PAYLOAD_MALFORMED:
+ aBuf = _L("PAYLOAD_MALFORMED");
+ break;
+ case INVALID_KEY_INFORMATION:
+ aBuf = _L("INVALID_KEY_INFORMATION");
+ break;
+ case INVALID_ID_INFORMATION:
+ aBuf = _L("INVALID_ID_INFORMATION");
+ break;
+ case INVALID_CERT_ENCODING:
+ aBuf = _L("INVALID_CERT_ENCODING");
+ break;
+ case INVALID_CERTIFICATE:
+ aBuf = _L("INVALID_CERTIFICATE");
+ break;
+ case CERT_TYPE_UNSUPPORTED:
+ aBuf = _L("CERT_TYPE_UNSUPPORTED");
+ break;
+ case INVALID_CERT_AUTHORITY:
+ aBuf = _L("INVALID_CERT_AUTHORITY");
+ break;
+ case INVALID_HASH_INFORMATION:
+ aBuf = _L("INVALID_HASH_INFORMATION");
+ break;
+ case AUTHENTICATION_FAILED:
+ aBuf = _L("AUTHENTICATION_FAILED");
+ break;
+ case INVALID_SIGNATURE:
+ aBuf = _L("INVALID_SIGNATURE");
+ break;
+ case ADDRESS_NOTIFICATION:
+ aBuf = _L("ADDRESS_NOTIFICATION");
+ break;
+ case NOTIFY_SA_LIFETIME:
+ aBuf = _L("NOTIFY_SA_LIFETIME");
+ break;
+ case CERTIFICATE_UNAVAILABLE:
+ aBuf = _L("CERTIFICATE_UNAVAILABLE");
+ break;
+ case UNSUPPORTED_EXCHANGE_TYPE:
+ aBuf = _L("UNSUPPORTED_EXCHANGE_TYPE");
+ break;
+ case UNEQUAL_PAYLOAD_LENGTHS:
+ aBuf = _L("UNEQUAL_PAYLOAD_LENGTHS");
+ break;
+ case CONNECTED:
+ aBuf = _L("CONNECTED");
+ break;
+ default:
+ if ((aMsgType>30) && (aMsgType < 8192))
+ aBuf.Format(_L("ERROR RESERVED Future Use (%d)"),aMsgType);
+ else if ((aMsgType>8191) && (aMsgType < 16384))
+ aBuf.Format(_L("ERROR Private Use (%d)"),aMsgType);
+ else if (((aMsgType>16384) && (aMsgType < 24576)) || ((aMsgType>40959) && (aMsgType < 65536)))
+ aBuf.Format(_L("STATUS RESERVED Future Use (%d)"),aMsgType);
+ else if ((aMsgType>24575) && (aMsgType < 32768))
+ aBuf.Format(_L("STATUS DOI Specific (%d)"),aMsgType);
+ else if ((aMsgType>32767) && (aMsgType < 40959))
+ aBuf.Format(_L("STATUS Private Use (%d)"),aMsgType);
+ else
+ aBuf.Format(_L("UNKNOWN ERROR (%d)"),aMsgType);
+ }
+#else
+ (void)aBuf;
+ (void)aMsgType;
+#endif
+ }
+
+ inline void ProtocolToStr(TDes& aBuf, TUint16 aProtocol) const
+ {
+#ifdef _DEBUG
+
+ switch (aProtocol)
+ {
+ //Protocol number for IPSEC DOI (=1)
+ case PROTO_ISAKMP:
+ aBuf = _L("PROTO_ISAKMP");
+ break;
+ case PROTO_IPSEC_AH:
+ aBuf = _L("PROTO_IPSEC_AH");
+ break;
+ case PROTO_IPSEC_ESP:
+ aBuf = _L("PROTO_IPSEC_ESP");
+ break;
+ case PROTO_IPCOMP:
+ aBuf = _L("PROTO_IPCOMP");
+ break;
+ default:
+ aBuf.Format(_L("Unknown (%d) "),aProtocol);
+ }
+#else
+ (void)aBuf;
+ (void)aProtocol;
+#endif
+ }
+
+
+};
+
+class TDeleteISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint32 DOI() const { return GET32(&iDOI); };
+ inline void SetDOI(TUint32 aDOI) { PUT32(&iDOI, aDOI); };
+ inline TUint8 Protocol() const { return iProtocol; };
+ inline void SetProtocol(TUint8 aPayload) { iProtocol = aPayload; };
+ inline TUint8 SPISize() const { return iSPISize; };
+ inline void SetSPISize(TUint8 aPayload) { iSPISize = aPayload; };
+ inline TUint16 NumSPI() const { return (TUint16)GET16(&iNumSPI); };
+ inline void SetNumSPI(TUint16 aNumSPI) { PUT16(&iNumSPI, aNumSPI); };
+
+ static inline TDeleteISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TDeleteISAKMP *)aPayload; }
+ inline TUint8 *SPIList() const {return ((TUint8*)this + sizeof(*this)); } //* to Vendor ID Data
+ inline TUint8 *SPI(TUint i) const {return ((TUint8*)this + sizeof(*this) + i * SPISize()); } //i-th SPI
+ inline void String(TDes &aStr) const
+ {
+#ifdef _DEBUG
+ aStr.Append(_L(" Delete payload "));
+ aStr.AppendFormat(_L(" DOI= %u"), DOI());
+ aStr.AppendFormat(_L(" Prot=%u "), Protocol());
+ aStr.AppendFormat(_L(" SPIsize= %u"), SPISize());
+ aStr.AppendFormat(_L(" #SPI=%u "), NumSPI());
+ //2 variable size fields
+
+ //TUint8 *p=((TUint8 *)Payload());
+ TUint8 *p;
+ for (TInt i=0; i < NumSPI(); i++)
+ {
+ aStr.AppendFormat(_L(" #SPI(%d)="),i);
+ p=SPI(i);
+ for (TUint j=0 ; j < SPISize() ; j++)
+ {
+ if (j%4==0)
+ aStr.AppendFormat(_L(" "));
+ aStr.AppendFormat(_L("%02.2x"), p[j]); //not sure SPI
+ }
+ }
+#else
+ (void)aStr;
+#endif
+ }
+
+ TUint32 iDOI; //Domain Of Interpretation
+ TUint8 iProtocol; //Protocol ID for the current notification
+ TUint8 iSPISize; //size in octets. For ISAKMP should be from 0 to 16. If >0 SPI ignored
+ TUint16 iNumSPI; //# of SPIs to be deleted
+ //Plus iNumSPI variable fields SPI
+};
+
+
+class TVendorISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TVendorISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TVendorISAKMP *)aPayload; }
+ inline TUint8 *VIDData() const {return ((TUint8*)this + sizeof(*this)); } //* to Vendor ID Data
+
+};
+
+class TCHREISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TCHREISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TCHREISAKMP *)aPayload; }
+ inline TUint16 GetLAMtype() const { return (TUint16)GET16(&iLAMType); }
+ inline void SetLAMtype(TUint16 aLength) { PUT16(&iLAMType, aLength); }
+ inline TUint16 GetCHREReserved() const { return iReserved; }
+ inline void SetCHREReserved() { iReserved = 0; }
+ inline TDataISAKMP *CHREAttrib() const {return (TDataISAKMP *)((TUint8*)this + sizeof(*this)); } //* to CHRE attributes
+ //void String(TDes &aStr) const;
+ TUint16 iLAMType; //LAM type
+ TUint16 iReserved; //reserved must be zero
+};
+
+class TINTNETISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TINTNETISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TINTNETISAKMP *)aPayload; }
+ inline TDataISAKMP *INTNETAttrib() const {return (TDataISAKMP *)((TUint8*)this + sizeof(*this)); } //* to INTNET attributes
+ //void String(TDes &aStr) const;
+};
+
+class TNATDISAKMP : public TPayloadISAKMP
+{
+public:
+ static inline TNATDISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TNATDISAKMP *)aPayload; }
+ inline TUint8 *HashData() const {return ((TUint8*)this + sizeof(*this)); } //* to NAT D hash data
+ inline TUint32 HashLth() const {return (GetLength() - sizeof(*this)); };
+};
+
+
+class TNATOaISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint8 GetIDType() const { return iIDType; }
+ inline void SetIDType(TUint8 aIDType) { iIDType=aIDType; }
+ inline void SetReservedFields() { iReserved8=0; PUT16(iReserved16, 0); }
+ //
+ static inline TNATOaISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TNATOaISAKMP *)aPayload; }
+
+ inline TUint8 *OAData() const {return ((TUint8*)this + sizeof(*this)); } //* to identity data
+ inline TUint16 OADDataLen() const {return (TUint16)(GetLength() - sizeof(*this)); } //Length of the payload data
+public:
+ TUint8 iIDType;
+ //IPSEC DOI Specific fields
+ TUint8 iReserved8;
+ TUint16 iReserved16;
+
+};
+
+class TAttributeISAKMP : public TPayloadISAKMP
+{
+public:
+ inline TUint8 CfgMsgType() const { return iCfgMsgType; }
+ inline void SetCfgMsgType(TUint8 aMsgType) { iCfgMsgType=aMsgType; }
+ inline void SetReservedField() { iReserved8=0;}
+ inline TUint16 Identifier() const { return (TUint16)GET16(&iIdentifier);}
+ inline void SetIdentifier(TUint16 aIdentifier) { PUT16(&iIdentifier, aIdentifier); }
+ //
+ static inline TAttributeISAKMP *Ptr(const TPayloadISAKMP *aPayload)
+ { return (TAttributeISAKMP *)aPayload; }
+ inline TDataISAKMP *AttrData() const {return (TDataISAKMP *)((TUint8*)this + sizeof(*this)); } //* to attribute data
+ inline TInt AttrDataLen() const {return (TInt)(GetLength() - sizeof(*this)); } //Length of the payload data
+public:
+ TUint8 iCfgMsgType;
+ TUint8 iReserved8;
+ TUint16 iIdentifier;
+
+};
+
+
+//
+// DATA ATTRIBUTES
+//
+class TDataISAKMP
+ {
+public:
+ TDataISAKMP(){u.iData32[0] = 0;}
+ inline TBool IsBasic() const {return ((u.iData8[0] & 0x80) != 0);} //return if basic attrib or variable
+ inline void SetBasic(TBool aIsBasic)
+ {
+ if (aIsBasic)
+ u.iData8[0] |= 0x80;
+ else u.iData8[0] &= 0x7F;
+ }
+ inline TUint16 Type() const { return (TUint16)(GET16(&u.iData16[0]) & (TUint16)0x7FFF);}
+ inline void SetType(TUint16 aType)
+ {
+ u.iData8[1] = (TUint8)(aType & 0x00ff);
+ u.iData8[0] &= 0x80;
+ u.iData8[0] |= ((TUint8)(aType >> 8)) & 0x7F;
+ }
+ inline TUint16 Length() const
+ {
+ if (!IsBasic())
+ return (TUint16)GET16(&u.iData16[1]);
+ return 0; //No length needed
+ }
+ inline void SetLength(TUint16 aLength) { if (!IsBasic()) PUT16(&u.iData16[1], aLength); }
+ inline TUint16 Value() const
+ {
+ if (IsBasic())
+ return (TUint16)GET16(&u.iData16[1]);
+ return 0;
+ }
+ inline void SetValue(TUint16 aValue) { if (IsBasic()) PUT16(&u.iData16[1], aValue);}
+ inline TUint8 *VarValue() const
+ {
+ if (!IsBasic())
+ return ((TUint8*)this + sizeof(*this));
+ return NULL;
+ }
+ inline TUint Size() { return (sizeof(*this) + Length());} //return attr header full size
+ inline TDataISAKMP *Next() {return (TDataISAKMP *)((TUint8*)this + sizeof(*this) + Length());} //next attribute
+public:
+ union
+ {
+ TUint32 iData32[1];
+ TUint16 iData16[2];
+ TUint8 iData8[4];
+ } u;
+ };
+//Plus Length() bytes if variable attrib;
+
+//
+// TLastIKEMsg
+// This class is used to detect possible IKE message retransmission from peer.
+// The following information is stored to object data in consturctor:
+// -- IKE message length (octets iData8[0], iData8[1] and iData8[2])
+// -- Next payload code (iData8[3])
+// -- IP checksum over entire IKE message (iData32[1])
+//
+class TLastIKEMsg
+ {
+public:
+ inline TLastIKEMsg() { u.iData32[0] = 0; u.iData32[1] = 0;}
+ inline TLastIKEMsg(const ThdrISAKMP& aHdr)
+ {
+ u.iData32[0] = aHdr.GetLength();
+ TUint16 *End = (TUint16*)((TUint8*)&aHdr + (u.iData32[0] & 0xfffffffe));
+ TUint16 *Ptr = (TUint16*)&aHdr;
+ u.iData8[3] = aHdr.GetPayload(); // MUST NOT be stored before length value !
+ TUint32 sum = 0;
+ while ( Ptr < End ) sum += *Ptr++;
+ u.iData32[1] = sum;
+ }
+ inline TBool IsUninitialized()
+ {
+ if (u.iData32[0] == 0 && u.iData32[1] == 0)
+ return ETrue;
+ return EFalse;
+ }
+ inline void Store(TLastIKEMsg& aRef)
+ { aRef.u.iData32[0] = u.iData32[0]; aRef.u.iData32[1] = u.iData32[1]; }
+ inline TBool IsReTransmit(TLastIKEMsg& aRef)
+ { return ((u.iData32[0] == aRef.u.iData32[0]) && (u.iData32[1] == aRef.u.iData32[1]));}
+private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint8 iData8[8];
+ } u;
+ };
+
+
+#endif // IKEV1PAYLOADS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1plugin.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,176 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 protocol plugin interface.
+*
+*/
+
+#ifndef C_IKEV1PLUGIN_H
+#define C_IKEV1PLUGIN_H
+
+#include <e32base.h>
+
+#include "ikepluginif.h"
+#include "pfkeysocketif.h"
+
+// FORWARD DECLARATIONS
+class CIkev1PluginSession;
+class CIpsecPolicyUtil;
+class CIpsecSaSpecList;
+class CPFKeySocketIf;
+class MIkeDataInterface;
+class MIkeDebug;
+class MKmdEventLoggerIf;
+class TIpsecSPI;
+class TInetAddr;
+
+/**
+* Ikev1 protocol plugin
+* @internalComponent
+*/
+/**
+ * IKEv1 protocol plugin.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+
+NONSHARABLE_CLASS(CIkev1Plugin) : public CBase,
+ public MIkePluginIf,
+ public MPFKeyMessageListener
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aEventLogger Event logger interface
+ * @param aDebug Debug trace interface
+ */
+ static CIkev1Plugin* NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ /**
+ * Destructor.
+ */
+ ~CIkev1Plugin();
+
+ /**
+ * Handles IKE plugin session deletion.
+ * @param aPluginSession IKE plugin session
+ */
+ void IkePluginSessionDeleted( CIkev1PluginSession* aPluginSession );
+
+ /**
+ * Gets acceptable IPsec policies for specified selectors.
+ *
+ * @param aLocalAddr IP address, including possible port, of the local end selector
+ * @param aLocalMask Local end selector mask
+ * @param aRemoteAddr IP address, including possible port, of the remote end selector
+ * @param aRemoteMask Remote end selector mask
+ * @param aProtocol Protocol id
+ * @param aVpnNetId VPN net id
+ */
+ CIpsecSaSpecList* GetIpseSaSpecListLC( const TInetAddr& aLocalAddr, const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr, const TInetAddr& aRemoteMask,
+ TInt aProtocol, TUint32 aVpnNetId );
+
+ /**
+ * Returns UID.
+ */
+ TUint32 Uid();
+
+ /**
+ * Returns event logger interface.
+ */
+ MKmdEventLoggerIf& EventLogger();
+
+
+// Methods to build and send PFKEY API primitives to IPsec
+
+ void AcquireSAError( TIpsecSAData& aSAData,
+ TInt aError );
+
+ void UpdateSAL( TIpsecSAData& aSaData );
+
+ void AddSAL( TIpsecSAData& aSaData );
+
+ void DeleteIpsecSA( TIpsecSPI& aIpsecSpi );
+
+ void DeleteIpsecSA( TUint32 aSPI,
+ TInetAddr& aSrc,
+ TInetAddr& aDst,
+ TUint8 aProtocol );
+
+// from base class MIkePluginIf
+
+ /**
+ * From MIkePluginIf.
+ * Creates IKEv1 plugin session.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aDataInterface IKE data interface.
+ * @return IKEv1 plugin session. Ownership transferred.
+ */
+ MIkePluginSessionIf* CreateSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface );
+
+// from base class MPFKeyMessageListener
+
+ /**
+ * From MPFKeyMessageListener.
+ * Handles received PFKEY message.
+ * @param aPfkeyMessage PFKEY message
+ */
+ void PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage );
+
+private:
+ CIkev1Plugin( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+
+private:
+
+ /**
+ * VPN PF key socket.
+ * Own.
+ */
+ CPFKeySocketIf* iPFKeySocket;
+
+ /**
+ * IPSec policy util.
+ * Own.
+ */
+ CIpsecPolicyUtil* iIpsecPolicyUtil;
+
+ /**
+ * IKEv1 plugin sessions.
+ * Not own.
+ */
+ RArray<CIkev1PluginSession*> iPluginSessions;
+
+ /**
+ * Event logger.
+ * Not own.
+ */
+ MKmdEventLoggerIf& iEventLogger;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_IKEV1PLUGIN_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1pluginsession.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,723 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 plugin session
+*
+*/
+
+
+#ifndef C_IKEV1PLUGINSESSION_H
+#define C_IKEV1PLUGINSESSION_H
+
+#include <in_sock.h>
+
+#include "vpnmandefs.h"
+#include "ikemsgheader.h"
+#include "ikepluginsessionif.h"
+#include "ikev1receiver.h"
+#include "ikev1sender.h"
+#include "ikesendqueueitem.h"
+
+// FORWARD DECLARATIONS
+class CIkev1Plugin;
+class CIkev1Dialog;
+class CIkev1Negotiation;
+class CIkev1PluginSession;
+class CInternalAddress;
+class TDeleteISAKMP;
+class CAuthDialogInfo;
+class CIkev1SA;
+class TIkev1SAData;
+class CSARekeyInfo;
+class TIpsecSPI;
+class MIkeDebug;
+class ThdrISAKMP;
+class TPfkeyMessage;
+class TIpsecSAData;
+class MKmdEventLoggerIf;
+class CIpsecSaSpecList;
+class CPFKeySocketIf;
+
+NONSHARABLE_CLASS(CIkev1PluginSession) : public CBase,
+ public MIkePluginSessionIf,
+ public MIkev1ReceiverCallback,
+ public MIkev1SenderCallback
+
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aDataInterface Data interface
+ * @param aPlugin IKE plugin
+ * @param aPFKeySocketIf PF key socket interface
+ * @param aDebug Debug trace interface
+ */
+ static CIkev1PluginSession* NewL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev1Plugin& aPlugin,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CIkev1PluginSession();
+
+ /**
+ * Handles IKE SA deletion request.
+ * @param aIkev1SaData IKEv1 SA data
+ * @param aSilentClose Silent close
+ */
+ TBool DeleteIkeSA( TIkev1SAData* aIkev1SAdata,
+ TBool aSilentClose = EFalse );
+
+ /**
+ * Handles IKE SA rekeying request.
+ * @param aIkev1SaData IKEv1 SA data
+ * @param aSaRekeyInfo Rekey info
+ */
+ void RekeyIkeSAL( TIkev1SAData* aIkev1SaData,
+ CSARekeyInfo* aSaRekeyInfo );
+
+ /**
+ * Handles IKE SA keepalive request.
+ * @param aIkev1SaData IKEv1 SA data
+ */
+ void KeepAliveIkeSAL( TIkev1SAData* aIkev1SaData );
+
+ /**
+ * Creates IKE SA.
+ * @param aIkev1SaData IKEv1 SA data
+ * @param aSaRekeyInfo Rekey info
+ */
+ void CreateIkev1SAL( TIkev1SAData& aIkev1SaData,
+ CSARekeyInfo* aSaRekeyInfo );
+
+ /**
+ * Updates IKE SA.
+ * @param aSaId SA id
+ * @param aExpired Expired
+ * @param aIkev1SaData IKEv1 SA data
+ */
+ void UpdateIkev1SAL( TUint32 aSaId,
+ TBool aExpired,
+ TIkev1SAData* aIkev1SaData = NULL );
+
+ /**
+ * Expires IKE SA.
+ * @param aSaId SA id
+ */
+ void ExpireIkev1SA( TUint32 aSaId );
+
+ /**
+ * Removes IKE SA.
+ * @param aIkev1Sa IKE SA
+ * @param aStatus Error status
+ */
+ void RemoveIkeSA( CIkev1SA* aIkev1Sa,
+ TInt aStatus );
+
+// IKE SA find methods
+
+ CIkev1SA* FindIkev1SA();
+ CIkev1SA* FindIkev1SA( const TCookie& aCookie_I,
+ const TCookie& aCookie_R );
+ CIkev1SA* FindIkev1SAWithId( TUint32 aSaId );
+ CIkev1SA* FindIkev1SA( const TInetAddr& aAddr );
+ CIkev1SA* FindIkev1SA( const TInetAddr& aAddr,
+ TUint32 aInboundSpi );
+
+ TIkev1SAData* FindIkev1SAData();
+ TIkev1SAData* FindIkev1SAData( const TCookie& aCookie_I,
+ const TCookie& aCookie_R );
+ TIkev1SAData* FindIkev1SAData( TUint32 aSaId );
+ TIkev1SAData* FindIkev1SAData( const TInetAddr& aAddr,
+ TUint32 aInboundSpi );
+ TIkev1SAData* FindIkev1SADataWithAddr( const TInetAddr& aAddr );
+
+ /**
+ * Handles IPsec SA deletion request.
+ * @param aIkev1SaData IKEv1 SA data
+ * @param aIpsecSpi IPsec SPI
+ */
+ void DeleteIpsecSAL( TIkev1SAData* aIkev1SaData,
+ TIpsecSPI* aIpsecSpi );
+
+ /**
+ * Deletes IPsec SAs.
+ * @param aSaId SA id
+ */
+ void DeleteIpsecSAs( TUint32 aSAId );
+
+ /**
+ * Deletes IPsec SPI.
+ * @param aSaId SA id
+ * @param aSpi SPI
+ * @param aInbound Inbound
+ */
+ TBool DeleteIpsecSpi( TUint32 aSaId,
+ TUint32 aSpi,
+ TBool aInbound = EFalse );
+
+ /**
+ * Adds IPsec SPI to IKE SA.
+ * @param aSaId SA id
+ * @param aIpsecSpi IPsec SPI
+ */
+ void AddIpsecSPIToSAL( TUint32 aSaId,
+ TIpsecSPI& aIpsecSpi );
+
+ /**
+ * Returns dialog anchor.
+ */
+ CIkev1Dialog** DialogAnchor();
+
+ /**
+ * Returns debug trace interface.
+ */
+ MIkeDebug& Debug();
+
+ /**
+ * Gets SA id.
+ */
+ TUint32 GetSAId();
+
+ /**
+ * Deletes ISAKMP SAs.
+ * @param aDeletePayload Delete payload which identifies ISAKMP/IKE SA.
+ * @param aInfoNegotiation Negotiation object used by CIkev1InfoNegotiation
+ * object.
+ */
+ void DeleteISAKMPSAsL( TDeleteISAKMP* aDeletePayload,
+ const CIkev1Negotiation& aInfoNegotiation );
+
+ /**
+ * Requests sending of IKE message.
+ * @param aIkeMsg IKE message
+ * @param aDestAddr Destination IP address/port
+ * @param aUseNatPort NAT used or not
+ */
+ void SendIkeMsgL( const TDesC8& aIkeMsg,
+ TInetAddr& aDestAddr,
+ TBool aUseNatPort );
+
+ /**
+ * Gets local IP address.
+ * @param aAddr Local IP address (returned)
+ * @return Error value
+ */
+ TInt GetLocalAddress( TInetAddr& aAddr );
+
+ /**
+ * Sends NAT keep-alive packet.
+ * @param aDestAddr Destination IP address/port
+ * @param Keep-alive data
+ * @param aDscp DSCP value
+ */
+ void SendNatKeepAliveL( TInetAddr& aDestAddr,
+ const TDesC8& aData,
+ TUint8 aDscp );
+
+ /**
+ * Sends Nokia NAT keep-alive packet.
+ * @param aDestAddr Destination IP address/port
+ * @param Keep-alive data
+ * @param aDscp DSCP value
+ */
+ void SendNokiaNatKeepAliveL( TInetAddr& aDestAddr,
+ const TDesC8& aData,
+ TUint8 aDscp );
+
+ /**
+ * Handles completion of IKE SA establishment.
+ * @param aStatus Completion status
+ * @param aInternalAddress Internal address. Ownership transferred.
+ */
+ void IkeSaCompleted( TInt aStatus,
+ CInternalAddress* aInternalAddress = NULL );
+
+ /**
+ * Deletes negotiation object.
+ * @param aNegotiation Negotiation
+ */
+ void DeleteNegotiation( CIkev1Negotiation* aNegotiation );
+
+ // Negotiation linking and finding methods
+ void LinkNegotiation( CIkev1Negotiation* aNegotiation );
+ CIkev1Negotiation* FirstNegotiation();
+ CIkev1Negotiation* FindNegotiation( TUint32 aSaId );
+ CIkev1Negotiation* FindNegotiation( TCookie aInit,
+ TCookie aResp,
+ TUint8 aExchange,
+ TUint32 aMsgId );
+ void RemoveNegotiation( CIkev1Negotiation* aNegotiation );
+
+ /**
+ * Handles completion of authentication dialog processing.
+ * @param aUserInfo User info
+ * @return Error value
+ */
+ TInt AuthDialogCompletedL( CAuthDialogInfo* aUserInfo );
+
+ /**
+ * Handles change of internal address.
+ * @param aInternalAddr Internal address
+ * @return Informs if internal address differs from existing internal address
+ */
+ TBool InternalAddressChangedL( const CInternalAddress& aInternalAddr );
+
+ /**
+ * Gets acceptable IPsec policies for specified selectors.
+ *
+ * @param aLocalAddr IP address, including possible port, of the local end selector
+ * @param aLocalMask Local end selector mask
+ * @param aRemoteAddr IP address, including possible port, of the remote end selector
+ * @param aRemoteMask Remote end selector mask
+ * @param aProtocol Protocol id
+ * @param aVpnNetId VPN net id
+ */
+ CIpsecSaSpecList* GetIpseSaSpecListLC( const TInetAddr& aLocalAddr, const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr, const TInetAddr& aRemoteMask,
+ TInt aProtocol );
+
+ /**
+ * Handles fatal error.
+ * @param aStatus Error status
+ */
+ void HandleError( TInt aStatus );
+
+ /**
+ * Returns error status.
+ * @return Error status
+ */
+ TInt ErrorStatus();
+
+ /**
+ * Sets error status.
+ * @param aStatus Error status
+ */
+ void SetErrorStatus( TInt aStatus );
+
+ /**
+ * Returns VPN IAP id.
+ * @return VPN IAP id
+ */
+ TUint32 VpnIapId();
+
+ /**
+ * Returns VPN interface index.
+ */
+ TUint32 VpnInterfaceIndex();
+
+ /**
+ * Returns IKE policy data.
+ * @return IKE policy data
+ */
+ CIkeData& IkeData();
+
+ /**
+ * Returns UID.
+ * @return UID
+ */
+ TUint32 Uid();
+
+ /**
+ * Returns event logger interface.
+ * @return Eveng logger interface
+ */
+ MKmdEventLoggerIf& EventLogger();
+
+ /**
+ * Returns internal address (NULL if does not exist).
+ * @return Internal address. Ownership transferred.
+ */
+ CInternalAddress* InternalAddressL();
+
+
+// PFKEY related methods
+
+ /**
+ * Matches destination address to remote address in IKE policy data.
+ * @param aDestAddr Destination IP address
+ * @return ETrue if matches.
+ */
+ TBool MatchDestinationAddress( const TInetAddr& aDestAddr );
+
+ /**
+ * Handles received PFKEY message.
+ * @param aPfkeyMessage PFKEY message
+ */
+ void PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage );
+
+// Methods to build and send PFKEY API primitives to IPsec
+
+ void GetIpsecSPI( TUint8 aType,
+ TUint32 aSeq,
+ TInetAddr& aSrc,
+ TInetAddr& aDst );
+
+ void AcquireSAError( TIpsecSAData& aSAData,
+ TInt aError );
+
+ void UpdateSAL( TIpsecSAData& aSaData );
+
+ void AddSAL( TIpsecSAData& aSaData );
+
+ void DeleteIpsecSA( TIpsecSPI& aIpsecSpi );
+
+ void DeleteIpsecSA( TUint32 aSPI,
+ TInetAddr& aSrc,
+ TInetAddr& aDst,
+ TUint8 aProtocol );
+
+// from base class MIkePluginSessionIf
+
+ /**
+ * From MIkePluginSessionIf.
+ * Starts negotiation with a peer.
+ * @param aIkeData IKE policy data
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus Completion status (returned)
+ */
+ void NegotiateWithHost( const CIkeData& aIkeData,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus );
+
+ /**
+ * From MIkePluginSessionIf.
+ * Cancels negotiate request. DeleteSession() method needs to be called
+ * after this method to delete session.
+ */
+ void CancelNegotiateWithHost();
+
+ /**
+ * From MIkePluginSessionIf.
+ * Deletes session. IKE/IPSec SA:s are deleted.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to peer)
+ * @param aStatus Completion status (returned)
+ */
+ void DeleteSession( const TBool aSilentClose,
+ TRequestStatus& aStatus );
+
+ /**
+ * From MIkePluginSessionIf.
+ * Cancels deletion requests. IKE/IPSec SA:s are deleted.
+ */
+ void CancelDeleteSession();
+
+ /**
+ * From MIkePluginSessionIf.
+ * Requests notification about error condition.
+ * @param aStatus Completion status (returned)
+ */
+ void NotifyError( TRequestStatus& aStatus );
+
+ /**
+ * From MIkePluginSessionIf.
+ * Cancels error notification request.
+ */
+ void CancelNotifyError();
+
+ /**
+ * From MIkePluginSessionIf.
+ * Requests notification about change of internal address.
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus KErrNone. Error condition needs to be indicated via
+ * NotifyError() method. (returned)
+ */
+ virtual void NotifyInternalAddressChanged( TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus );
+
+ /**
+ * From MIkePluginSessionIf.
+ * Cancels internal address change notification request.
+ */
+ void CancelNotifyInternalAddressChanged();
+
+// from base class MIkev1ReceiverCallback
+
+ /**
+ * From MIkev1ReceiverCallback.
+ * Notification about received IKE message.
+ * @param aIkeMsg IKE message
+ * @param aSrcAddr Source IP address/port
+ * @param aLocalPort Local port
+ */
+ void IkeMsgReceivedL( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort );
+
+ /**
+ * From MIkev1ReceiverCallback.
+ * Notification about receive error.
+ * @param aStatus Error value
+ */
+ void ReceiveError( TInt aError );
+
+
+// from base class MIkev1SenderCallback
+
+ /**
+ * From MIkev1SenderCallback.
+ * Notification about completion sending.
+ * @param aStatus Completion status
+ */
+ void SendUdpDataCompleted( TInt aStatus );
+
+private:
+
+ CIkev1PluginSession( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev1Plugin& aPlugin,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+ /**
+ * Handles received PFKEY message.
+ * @param aPfkeyMessage PFKEY message
+ */
+ void DoPfkeyMessageReceivedL( const TPfkeyMessage& aPfkeyMessage );
+
+ /**
+ * Deletes IKE SAs.
+ * @param aSilentClose silent close
+ * @return Deactivation started or not.
+ */
+ TBool DeleteSAsWithHost( TBool aSilentClose );
+
+ /**
+ * Requests sending of UDP data.
+ * @param aUdpData UDP data. Ownership transferred.
+ * @param aDestAddr Destination IP address/port
+ * @param aLocalPort Local port
+ * @param aDscp DSCP value
+ */
+ void DoSendUdpDataL( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp );
+ /**
+ * Sends UDP data.
+ * @param aUdpData UDP data. Ownership transferred.
+ * @param aDestAddr Destination IP address/port
+ * @param aLocalPort Local port
+ * @param aDscp DSCP value
+ */
+ void DoSendUdpData( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp );
+
+ /**
+ * Handles starting of negotiation with a peer.
+ * @param aIkeData IKE policy data
+ */
+ void DoNegotiateWithHostL( const CIkeData& aIkeData );
+
+ /**
+ * Handles fatal error.
+ * @param aError Error status
+ */
+ void DoHandleError( TInt aError );
+
+ /**
+ * Handles completion of client's negotiate request.
+ * @param aStatus Status
+ */
+ void DoCompleteNegotiateWithHost( TInt aStatus );
+
+ /**
+ * Handles completion of client's delete session request.
+ * @param aStatus Status
+ */
+ void DoCompleteDeleteSession( TInt aStatus );
+
+ /**
+ * Handles completion of client's notify error request.
+ * @param aStatus Status
+ */
+ void DoCompleteNotifyError( TInt aStatus );
+
+ /**
+ * Handles completion of client's notify internal address change request.
+ * @param aStatus Status
+ */
+ void DoCompleteInternalAddressChanged( TInt aStatus );
+
+ /**
+ * Cancels data transfer.
+ */
+ void DoCancelDataTransfer();
+
+ /**
+ * Empties send queue.
+ */
+ void DoEmptySendQueue();
+
+private: // data
+
+ /**
+ * VPN IAP id.
+ * Own.
+ */
+ TUint32 iVpnIapId;
+
+ /**
+ * VPN NET id.
+ * Own.
+ */
+ TUint32 iVpnNetId;
+
+ /**
+ * VPN interface index.
+ * Own.
+ */
+ TInt iVpnInterfaceIndex;
+
+ /**
+ * IKE policy data.
+ * Own.
+ */
+ CIkeData* iIkeData;
+
+ /**
+ * IKEv1 negotiations.
+ * Own.
+ */
+ CIkev1Negotiation* iFirstNegotiation;
+
+ /**
+ * Dialog wait queue. Used by CIkeDialog class.
+ * Own.
+ */
+ CIkev1Dialog* iDialogWaitQueue;
+
+ /**
+ * SA id seed.
+ * Own.
+ */
+ TUint32 iSAIdSeed;
+
+ /**
+ * IKE message send queue.
+ * Own.
+ */
+ RArray<TIkeSendQueueItem> iSendQueue;
+
+ /**
+ * IKEv1 SAs.
+ * Own.
+ */
+ RPointerArray<CIkev1SA> iIkev1SAs;
+
+ /**
+ * Local IP address.
+ * Own.
+ */
+ TInetAddr iLocalAddr;
+
+ /**
+ * Receiver.
+ * Own.
+ */
+ CIkev1Receiver* iReceiver;
+
+ /**
+ * Sender.
+ * Own.
+ */
+ CIkev1Sender* iSender;
+
+ /**
+ * Internal address.
+ * Own.
+ */
+ CInternalAddress* iInternalAddress;
+
+ /**
+ * Error status.
+ * Own.
+ */
+ TInt iErrorStatus;
+
+ /**
+ * Client's negotiate requests status.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusNegotiate;
+
+ /**
+ * Client's internal address variable for negotiate request.
+ * Not own.
+ */
+ TVPNAddress* iClientIaNegotiate;
+
+ /**
+ * Client's delete session requests status.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusDelete;
+
+ /**
+ * Client's notify error requests status.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusNotifyError;
+
+ /**
+ * Client's notify IA change requests status.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusNotifyIaChange;
+
+ /**
+ * Client's internal address variable for notify request.
+ * Not own.
+ */
+ TVPNAddress* iClientIaNotify;
+
+ /**
+ * Data interface.
+ * Not own.
+ */
+ MIkeDataInterface& iDataInterface;
+
+ /**
+ * IKEv1 plugin.
+ * Not own.
+ */
+ CIkev1Plugin& iPlugin;
+
+ /**
+ * VPN PF key socket.
+ * Not own.
+ */
+ CPFKeySocketIf& iPFKeySocketIf;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_IKEV1PLUGINSESSION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1private.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,179 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This module contains the private vendor specific extension of IKE.
+* All of the current private extensions are related to Nokia VPN gateway
+* and shall be used ONLY when the EPOC IKE is acting as a Nokia VPN remote
+* access client.
+* The following private extension are implemented:
+*
+* 1) Internal Address payload usage
+* Internal address payload is used to the deliver a secure network
+* adderess and secure network DNS address(es) from VPN gateway to a client.
+* The Internal address payloads are used in the last two IKE main mode
+* messages as follows:
+*
+* Client (initiator) Gateway (responder)
+* .. SA, KE ... --->
+* <--- ..SA, KE ...
+* HDR*, INT_ADDR --->
+* <--- HDR*, INT_ADDR
+*
+* Client sends an INT_ADDR payload with PRI_INTERNAL_ADDRESS attribute
+* Attribute value is 0.0.0.0.
+*
+* Gateway responds with an INT_ADDR payload with PRI_INTERNAL_ADDRESS
+* attribute containing client internal address x.y.z.w
+* Gateway INT_ADDR payload may also contain attributes PRI_INTERNAL_DNS and
+* PRI_INTERNAL_WINS. PRI_INTERNAL_DNS contains a list of DNS IP addresses and
+* PRI_INTERNAL_WINS a list of WINS IP addresses.
+*
+*
+* 2) The NAT Traversal probing
+* The expanded Vendor-Id payload usage for the NAT Traversal probing.
+* The expanded Vendor-Id payloads contains the following information:
+*
+* Client (initiator) Gateway (responder)
+* VID(hash, ip_addr, port) --->
+* <--- VID(hash, detected_ip_addr,
+* detected_port)
+*
+* Client sends a expanded Vendor-Id payload containing the following information:
+* hash = Nokia VPN vendor specific hash data (used to recognize peer)
+* ip_addr = Client IKE own IP address
+* port = Client IKE own port (=500)
+*
+* Gateway responds with expanded Vendor-Id payload containing the following information:
+* hash = Nokia VPN vendor specific hash data (used to recognize peer)
+* detected_ip_addr = Client IP address as detected in received IKE message
+* IP header (=source IP address)
+* detected_port = Client port as detected in received IKE message
+* UDP header (=source port)
+*
+* Both client and gateway do the following examination
+* if ( ip_addr != detected_ip_addr ) || ( port != detected_port )
+* then NAT Traversal shall be used IPSEC ESP traffic between
+* the client and gateway
+*
+* Nokia VPN specific NAT Traversal means that IPSEC ESP traffic shall be
+* capsulated with UDP header.
+* The used UDP port for that purpose is 9872
+*/
+
+#ifndef IKEV1PRIVATE_H
+#define IKEV1PRIVATE_H
+
+#include <f32file.h>
+#include "ikemsgheader.h"
+
+
+class TIkev1IsakmpStream;
+class CIkeIPSocket;
+class CIkeData;
+class TVendorISAKMP;
+class TINTNETISAKMP;
+class CInternalAddress;
+class TInetAddr;
+
+TInt ConstructVendorId(TBool aNATProbe,
+ TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr,
+ TVendorISAKMP *vendor_payload);
+TInt BuildVendorIdHash(TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TUint8 *hash_data);
+TBool ProcessVendorId(TBool *aFamiliarPeer,
+ TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr,
+ TVendorISAKMP *aVendorPayload);
+void BuildDPDVendorId(TIkev1IsakmpStream &aMsg);
+TBool CheckDPDVendorId(const TVendorISAKMP *aVendorPayload);
+CInternalAddress* ProcessIntNetL(TINTNETISAKMP *aIntNetpayload);
+
+TBool InsertVPNInterfaceL(CInternalAddress *aInternalAddr, CIkeIPSocket *aSocket, TUint32 *aIfNbr, RFs *aFS);
+TBool RemoveVPNInterfaceL(CInternalAddress *aInternalAddr, CIkeIPSocket *aSocket, TUint32 *aIfNbr, RFs *aFS);
+TBool AddVPNRoute(CInternalAddress *aInternalAddr, CIkeIPSocket *aSocket,
+ TInetAddr &aDstAddr, TInetAddr &aDstMask);
+TInt CheckCredentials(CIkeData *aHostData);
+/*---------------------------------------------------------------------------
+ *
+ * Expanded Vendor Id payload option VENDOR_OPTION_NAT_TRAVERSAL handling:
+ * 1 2 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! sin_lth ! sin_family ! sin_port !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! sin_addr !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! !
+ * . Zero * 2(?) .
+ * ! !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *
+ *---------------------------------------------------------------------------*/
+#define SIN_LTH 16 // VENDOR_OPTION_NAT_TRAVERSAL data part length
+#define SIN_FAMILY 2 // = IPv4 Address
+
+
+class TNATTOption
+ {
+public:
+ inline void InitOption() { Mem::FillZ(&u.iData8[0], SIN_LTH);
+ u.iData8[0] = SIN_LTH; u.iData8[1] = SIN_FAMILY;}
+ inline void SetPort(TUint16 aPort) { PUT16(&u.iData8[2], aPort);}
+ inline void SetAddress(TUint32 aAddr) { PUT32(&u.iData8[4], aAddr);}
+ inline TUint16 GetPort() {return (TUint16)GET16(&u.iData8[2]);}
+ inline TUint32 GetAddress() {return (TUint32)GET32(&u.iData8[4]);}
+private:
+ union
+ {
+ TUint32 iData32[4];
+ TUint16 iData16[8];
+ TUint8 iData8[16];
+ } u;
+ };
+
+/*---------------------------------------------------------------------------
+ *
+ * Expanded Vendor Id payload option VENDOR_OPTION_VERSION handling:
+ * 1 2 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! MAJOR VERSION ! MINOR VERSION !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *---------------------------------------------------------------------------*/
+#define VERSION_LTH 4 // VENDOR_OPTION_VERSION data part length
+#define MAJOR_VERSION 3 // ???????????!!!!!!!!!!!!!!!!????????????
+#define MINOR_VERSION 3 // ???????????!!!!!!!!!!!!!!!!????????????
+
+class TVersionOption
+ {
+public:
+ inline void SetVersion(TUint16 aMajor,
+ TUint16 aMinor) { PUT16(&u.iData8[0], aMajor);
+ PUT16(&u.iData8[2], aMinor);}
+private:
+ union
+ {
+ TUint32 iData32[1];
+ TUint16 iData16[2];
+ TUint8 iData8[4];
+ } u;
+ };
+
+#endif // IKEV1PRIVATE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1receiver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,150 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver of UDP datagrams
+*
+*/
+
+
+#ifndef C_IKEV1RECEIVER_H
+#define C_IKEV1RECEIVER_H
+
+#include <e32base.h>
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+class MIkeDataInterface;
+class ThdrISAKMP;
+
+/**
+ * IKEv1 receiver callback interface.
+ * Callback interface which is used by CIkev1Receiver object to notify
+ * about received IKE message.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+NONSHARABLE_CLASS(MIkev1ReceiverCallback)
+ {
+public:
+ /**
+ * Notifies about received IKE message.
+ * @param aIkeMsg IKE message
+ * @param aSrcAddr Source IP address/port
+ * @param aLocalPort Local port
+ */
+ virtual void IkeMsgReceivedL( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort ) = 0;
+
+ /**
+ * Notifies about receive error.
+ * @param aStatus Error value
+ */
+ virtual void ReceiveError( TInt aError ) = 0;
+ };
+
+/**
+ * IKEv1 receiver.
+ * Active object provides functionality for receiving UDP datagrams.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev1Receiver) : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDataInterface IKE data interface
+ * @param aCallback Callback interface
+ */
+ static CIkev1Receiver* NewL( MIkeDataInterface& aDataInterface,
+ MIkev1ReceiverCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CIkev1Receiver();
+
+ /**
+ * Starts receiving.
+ */
+ void StartReceive();
+
+private:
+
+ CIkev1Receiver( MIkeDataInterface& aDataInterface,
+ MIkev1ReceiverCallback& aCallback );
+
+ void ConstructL();
+
+ /**
+ * Receives UDP data.
+ */
+ void DoReceive();
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of receive.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of receive.
+ */
+ void DoCancel();
+
+ /**
+ * From CActive
+ * Handles a leave occurring in RunL().
+ * @param aError The leave code
+ * @return KErrNone
+ */
+ TInt RunError( TInt aError );
+
+private: // data
+
+ /**
+ * UDP data.
+ * Own.
+ */
+ HBufC8* iUdpData;
+
+ /**
+ * Source IP address/port.
+ * Own.
+ */
+ TInetAddr iSrcAddr;
+
+ /**
+ * Local port.
+ * Own.
+ */
+ TInt iLocalPort;
+
+ /**
+ * IKE data interface.
+ * Not own.
+ */
+ MIkeDataInterface& iDataInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkev1ReceiverCallback& iCallback;
+ };
+
+#endif // C_IKEV1RECEIVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1sender.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,130 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender of UDP datagrams
+*
+*/
+
+
+#ifndef C_IKEV1SENDER_H
+#define C_IKEV1SENDER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class MIkeDataInterface;
+class MIkeDebug;
+class TInetAddr;
+
+/**
+ * IKEv1 sender callback interface.
+ * Callback interface which is used by CIkev1Sender object to notify
+ * about completion of sending.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+NONSHARABLE_CLASS(MIkev1SenderCallback)
+ {
+public:
+ /**
+ * Notifies about completion of sending.
+ * @param aStatus Completion status
+ */
+ virtual void SendUdpDataCompleted( TInt aStatus ) = 0;
+
+ };
+
+/**
+ * IKEv1 sender.
+ * Active object provides functionality for sending UDP datagrams.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev1Sender) : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDataInterface IKE data interface
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CIkev1Sender* NewL( MIkeDataInterface& aDataInterface,
+ MIkev1SenderCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CIkev1Sender();
+
+ /**
+ * Sends UDP data.
+ * @param aUdpData UDP data. Ownership transferred.
+ * @param aDestAddr Destination IP address/port
+ * @param aLocalPort Local port
+ * @param aDscp DSCP value
+ */
+ void SendUdpData( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp );
+
+private:
+
+ CIkev1Sender( MIkeDataInterface& aDataInterface,
+ MIkev1SenderCallback& aCallback,
+ MIkeDebug& aDebug );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous sending.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous sending.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * UDP data.
+ * Own.
+ */
+ HBufC8* iUdpData;
+
+ /**
+ * IKE data interface.
+ * Not own.
+ */
+ MIkeDataInterface& iDataInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkev1SenderCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_IKEV1SENDER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1timeout.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,46 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Header for timer class used by IKEv1
+*
+*/
+
+#ifndef C_IKEV1TIMEOUT_H
+#define C_IKEV1TIMEOUT_H
+
+#include <e32base.h>
+
+class CIkev1Negotiation;
+
+NONSHARABLE_CLASS(CIkev1Timeout) : public CTimer
+ {
+public:
+ static CIkev1Timeout* NewL(CIkev1Negotiation& aNegotiation);
+
+ //destructor
+ ~CIkev1Timeout();
+
+ void IssueRequest(TTimeIntervalMicroSeconds32 anInterval);
+protected:
+
+ //Cancel Packet Sending
+ void RunL();
+
+private:
+ CIkev1Timeout(CIkev1Negotiation& aNegotiation);
+
+ CIkev1Negotiation& iNegotiation;
+ };
+
+
+#endif // C_IKEV1TIMEOUT_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/inc/ikev1trans.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,155 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE transaction exchange implementation.
+*
+*/
+
+
+#ifndef IKEV1TRANS_H
+#define IKEV1TRANS_H
+
+#include "ikev1dialog.h"
+#include "ikev1payloads.h"
+
+/*---------------------------------------------------------------------------
+ *
+ * Transaction exchange return codes (returned by ExecuteL() method)
+ *
+ *---------------------------------------------------------------------------*/
+#define TRANSACTION_SUCCESS 0
+#define TRANSACTION_CONTINUE 0x1
+#define TRANSACTION_IGNORE 0x2
+#define TRANSACTION_FAILED 0x4
+
+#define IV_LTH 20
+/**--------------------------------------------------------------------------
+ *
+ * Structure TTransExchange
+ * Contains parameter data related one ISAKMP Transaction exchange
+ *
+ *--------------------------------------------------------------------------*/
+struct TTransExchange
+{
+ TUint32 iMessageId;
+ TUint16 iIdentifier;
+ TUint16 iXauthType;
+ TInt iRole;
+ TBuf8<IV_LTH> iIV;
+ TTransExchange()
+ {
+ iMessageId = 0;
+ iIdentifier = 0;
+ iXauthType = 0;
+ iRole = 0;
+ };
+};
+
+
+class CIkev1Negotiation;
+class ThdrISAKMP;
+class CAuthDialogInfo;
+class CInternalAddress;
+class TIkev1IsakmpStream;
+class MIkeDebug;
+class TInetAddr;
+
+/**--------------------------------------------------------------------------
+ *
+ * CTransNegotiation class
+ * Handles ISAKMP transaction exchange messages
+ * Both the ISAKMP Configuration Method <draft-dukes-ike-mode-cfg-01.txt> and
+ * Extended Authentication within IKE (XAUTH) <draft-beaulieu-ike-xauth-02.txt>
+ * has been implemented using ISAKMP transaction exchange messages.
+ * This class handles both the transaction exchange message handling and
+ * config mode/XAUTH protocol processing.
+ *
+ *--------------------------------------------------------------------------*/
+NONSHARABLE_CLASS(CTransNegotiation) : public CArrayFixFlat<TTransExchange *>, public MIkeDialogComplete
+{
+public:
+ ~CTransNegotiation();
+ static CTransNegotiation* NewL( TBool aUseXauth,
+ TBool aUseCfgMode,
+ CIkev1PluginSession* aPluginSession,
+ CIkev1Negotiation* aNegotiation,
+ MIkeDebug& aDebug );
+ TInt ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort );
+ TInt ProcessUserResponseL(CAuthDialogInfo *aDialogInfo );
+ TInt TransactionFailedL(const TNotificationISAKMP *aNotifPayload);
+ TBool GetIV(TUint32 aMsgId, TDes8& aIV);
+ TBool SetIV(TUint32 aMsgId, TDes8& aIV);
+ CInternalAddress* GetInternalAddr()
+ {
+ CInternalAddress* ia = iInternalAddr;
+ iInternalAddr = NULL;
+ return ia;
+ }
+ static TUint16 GetAuthMethod(TUint16 aAuthMethod, TBool aXauthUsed, TInt aRole);
+ static void BuildXauthVendorId(TIkev1IsakmpStream &aMsg);
+
+ TInt DialogCompleteL(CIkev1Dialog* aDialog, TAny* aUserInfo, HBufC8* aUsername,
+ HBufC8* aSecret, HBufC8* aDomain);
+ TInt BuildConfigRequestL();
+
+private:
+ TTransExchange* FindExchange(TUint32 aMsgId);
+ TTransExchange* AddExchangeL(TUint32 aMsgId, TUint8 aRole);
+ TUint16 GetIdentifier()
+ {
+ iIdentifierBase --;
+ if ( (iIdentifierBase & 0xffff) == 0 )
+ iIdentifierBase --;
+ return (TUint16)iIdentifierBase;
+ }
+ TInt TransactionExchangeL(const ThdrISAKMP &aHdr);
+ TInt ProcessAttributesL(const TAttributeISAKMP *aAttr);
+ TInt ProcessCfgModeAttrsL(TDataISAKMP* aAttr, TInt aLth);
+ TInt ProcessXauthRequestL(TDataISAKMP* aAttr, TInt aLth);
+ TInt ProcessXauthStatusL(TDataISAKMP* aAttr, TInt aLth);
+ TInt CheckTransactionStatusL(TInt aStatus);
+ void AddAttributeData(TDes8& aAttrBfr, TInt aType, TInt aLth, TUint8* aData);
+ void BuildAndSendMessageL(TDesC8& aAttrBfr, TUint8 aMsgType);
+ CTransNegotiation( TInt aGranularity,
+ TBool aUseXauth,
+ TBool aUseCfgMode,
+ CIkev1PluginSession* aPluginSession,
+ CIkev1Negotiation* aNegotiation,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+private:
+ CIkev1PluginSession* iPluginSession;
+ CIkev1Negotiation* iNegotiation;
+ CInternalAddress* iInternalAddr;
+ TTransExchange* iCurrExchange;
+ CIkev1Dialog* iDialog;
+ CAuthDialogInfo* iDialogInfo;
+ HBufC8* iUserName; // Saved for User name caching
+
+ TBool iUseXauth;
+ TBool iUseCfgMode;
+ TUint32 iIdentifierBase;
+ TUint32 iRequestFlags;
+ TBool iXauthCompleted;
+ TBool iCfgModeCompleted;
+ TBool iUseOlderPIXXauth; // use draft-ietf-ipsec-isakmp-xauth-04.txt
+
+ TLastIKEMsg iLastTransMsgInfo;
+ MIkeDebug& iDebug;
+};
+
+
+#endif // IKEV1TRANS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/rom/ikev1lib.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* IKEv1 Protocol Plug-in
+*
+*/
+
+
+
+#ifndef __IKEV1LIB_IBY__
+#define __IKEV1LIB_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKEV1LIB not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikev1lib.dll SHARED_LIB_DIR\ikev1lib.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __IKEV1LIB_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1crack.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,510 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 Crack authentication
+*
+*/
+
+
+#include "ikev1crack.h"
+#include "ikedebug.h"
+#include "ikev1pluginsession.h"
+#include "ikev1timeout.h"
+#include "ikev1negotiation.h"
+#include "ikev1payload.h"
+#include "ikev1isakmpstream.h"
+#include "ikepolparser.h"
+
+
+//
+// Class that implements IKE CRACK authentication method
+//
+
+CIKECRACKNegotiation::CIKECRACKNegotiation( MIkeDebug& aDebug )
+ : iState( 0 ),
+ iDebug( aDebug )
+ {
+ }
+
+CIKECRACKNegotiation::~CIKECRACKNegotiation()
+{
+/*-------------------------------------------------------------------
+ *
+ * Delete pending dialog - and dialog info objects
+ *
+ *-------------------------------------------------------------------*/
+#ifdef _DEBUG
+ if ( iNegotiation ) DEBUG_LOG(_L("CRACK object deleted"));
+#endif // _DEBUG
+
+ delete iDialog;
+ delete iDialogInfo;
+ delete iUserName;
+ delete iDomain;
+}
+
+
+TInt CIKECRACKNegotiation::ConstructL(TInt aLAMType, CIkev1Negotiation *aNegotiation, const TDesC &aDomain)
+{
+/*------------------------------------------------------------------------
+ *
+ * This method initializes actions to get authencation information from user.
+ * The authentication information is requested from user with LAM type
+ * specific dialog.
+ *
+ *------------------------------------------------------------------------*/
+ if ( aLAMType != CRACK_PASSWORD || !aNegotiation )
+ {
+#ifdef _DEBUG
+ if ( aNegotiation )
+ DEBUG_LOG(_L("CRACK object construction failed, unsupported LAM type"));
+#endif // _DEBUG
+ return CRACK_FAILED;
+ }
+ iNegotiation = aNegotiation;
+ iPluginSession = aNegotiation->iPluginSession;
+ iLAMType = aLAMType;
+ if ( aDomain.Length() > 0 )
+ {
+ //
+ // Allocate buffer for domain name attribute
+ // (to convey Group Name information)
+ //
+ iDomain = HBufC8::NewL(aDomain.Length());
+ iDomain->Des().Copy(aDomain);
+ DEBUG_LOG(_L("CRACK Domain attribute saved"));
+ }
+
+ DEBUG_LOG(_L("CRACK authentication started"));
+
+ return GetDataL(NULL); /* No challenge data */
+}
+
+
+TInt CIKECRACKNegotiation::ExecuteCRACKMsgL(const ThdrISAKMP &aHdr)
+{
+/*---------------------------------------------------------------------------
+ *
+ * IKE message received during CRACK authentication phase:
+ * <--- HDRx*, CHRE or <--- HDRx*, NOTIFICATION
+ * Process CHRE/Notification payload in IKE message
+ *
+ *--------------------------------------------------------------------------*/
+ if ( ( iState & WAITING_PEER_RSP ) == 0 ) {
+ /*--------------------------------------------------------
+ * Not waiting a response from gateway, ignore packet
+ *--------------------------------------------------------*/
+ return CRACK_IGNORE_MSG;
+ }
+ iState &= ~WAITING_PEER_RSP;
+
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *iNegotiation, iDebug);
+ if (!payload)
+ {
+ return CRACK_FAILED;
+ }
+ CleanupStack::PushL(payload);
+ TInt status;
+
+ if ( payload->iChre )
+ {
+ TInt i = 0;
+ while ( i < payload->iNotifs->Count() )
+ {
+ /*----------------------------------------------------------------------
+ *
+ * A Notification payload received in IKE main/aggressive/information
+ * exchange. If this is not a INITIAL-CONTACT notification it is
+ * interpreted as a CRACK authentication failure indicated by the gateway.
+ *
+ *----------------------------------------------------------------------*/
+ if ( !iNegotiation->ProcessNotificationL(payload->iNotifs->At(i)) ) {
+ CleanupStack::PopAndDestroy(); //payload
+ return CrackAuthenticationFailedL(payload->iNotifs->At(i));
+ }
+ i ++;
+ }
+
+ if ( payload->iIaddr ) {
+ /*----------------------------------------------------------------------
+ *
+ * An Internal Address payload received in IKE main/aggressive exchange.
+ *
+ *----------------------------------------------------------------------*/
+ iNegotiation->ProcessIntAddrL(payload->iIaddr);
+ }
+ /*----------------------------------------------------------------------
+ *
+ * Process attributes in CHRE payload
+ *
+ *----------------------------------------------------------------------*/
+ status = ProcessCHREAttibutesL(payload->iChre);
+ }
+ else {
+ status = CRACK_CONTINUE;
+ DEBUG_LOG(_L("No CHRE payload in IKE CRACK message"));
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+ return status;
+
+}
+
+TInt CIKECRACKNegotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo )
+{
+/*---------------------------------------------------------------------------
+ *
+ * A response received from client user (through asynchronous dialog)
+ * Build an IKE message with an appropriate CHRE payload attributes
+ * and send message it to gateway.
+ *
+ *-------------------------------------------------------------------------*/
+ if ( iState & WAITING_USER_RSP )
+ {
+ iState &= ~(WAITING_USER_RSP + SECURID_NEXT_PIN_MODE);
+ delete iDialog; /* delete dialog object */
+ iDialog = NULL;
+
+ TUint16 attr1 = 0;
+ TUint16 attr2 = 0;
+ TUint16 attr3 = 0;
+ HBufC8* bfr1 = NULL;
+ HBufC8* bfr2 = NULL;
+ HBufC8* bfr3 = NULL;
+
+ /*--------------------------------------------------------
+ *
+ * Store attributes according to LAM type
+ *
+ *--------------------------------------------------------*/
+ switch ( iLAMType )
+ {
+ case CRACK_PASSWORD:
+ /*--------------------------------------------------
+ * Possible attributes: User name, Secret, Domain
+ *-------------------------------------------------*/
+ attr1 = CRACK_T_USERNAME;
+ bfr1 = aDialogInfo->iUsername;
+ attr2 = CRACK_T_SECRET;
+ bfr2 = aDialogInfo->iSecret;
+ bfr3 = iDomain;
+ if ( bfr3 )
+ attr3 = CRACK_T_DOMAIN;
+ break;
+
+ default:
+ break;
+ }
+
+ SendCredentialsL(attr1, attr2, attr3, bfr1, bfr2, bfr3);
+ }
+
+ delete aDialogInfo; /* release dialog info object */
+ iDialogInfo = NULL; /* reset dialog info pointer */
+
+ return CRACK_CONTINUE;
+}
+
+TInt CIKECRACKNegotiation::GetDataL(HBufC8* aChallenge)
+{
+ if ( iLAMType == CRACK_PASSWORD &&
+ iNegotiation->iHostData->iCRACKLAMUserName &&
+ iNegotiation->iHostData->iCRACKLAMPassword)
+ {
+ return GetUNPWDFromPolicyL();
+ }
+ else
+ {
+ return GetDatafromUserL(aChallenge);
+ }
+}
+
+TInt CIKECRACKNegotiation::GetDatafromUserL(HBufC8* /*aChallenge*/)
+{
+ TInt status = CRACK_CONTINUE;
+ /*---------------------------------------------------------------
+ *
+ * Get CRACK authentication information from user according to
+ * current LAM type
+ *
+ *---------------------------------------------------------------*/
+ iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug );
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, iNegotiation->SAId(), 0);
+ iNegotiation->iTimer->Cancel(); //Cancel previous timer because reply received & processed
+ DEBUG_LOG(_L("Timer Cancelled!"));
+ iNegotiation->iRetryNum = 0;
+
+ switch ( iLAMType )
+ {
+ case CRACK_PASSWORD:
+ /*--------------------------------------------------
+ * Request User name and password (domain) from user
+ *-------------------------------------------------*/
+ iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+ break;
+
+ default:
+ status = CRACK_FAILED;
+ break;
+ }
+
+ iState |= WAITING_USER_RSP + SHOW_ERROR_DIALOG;
+
+ return status;
+}
+
+TInt CIKECRACKNegotiation::GetUNPWDFromPolicyL()
+{
+ ASSERT(iLAMType == CRACK_PASSWORD);
+
+ iNegotiation->iTimer->Cancel(); //Cancel previous timer because reply received & processed
+ DEBUG_LOG(_L("Timer Cancelled!"));
+ iNegotiation->iRetryNum = 0;
+
+ /*--------------------------------------------------------
+ *
+ * Store attributes: User name, Secret, Domain
+ *
+ *--------------------------------------------------------*/
+
+ TUint16 attr1 = CRACK_T_USERNAME;
+ HBufC8* bfr1 = iNegotiation->iHostData->iCRACKLAMUserName->GetAsciiDataL();
+ CleanupStack::PushL(bfr1);
+ TUint16 attr2 = CRACK_T_SECRET;
+ HBufC8* bfr2 = iNegotiation->iHostData->iCRACKLAMPassword->GetAsciiDataL();
+ CleanupStack::PushL(bfr2);
+ HBufC8* bfr3 = iDomain;
+ TUint16 attr3 = 0;
+ if ( bfr3 )
+ {
+ attr3 = CRACK_T_DOMAIN;
+ }
+
+ SendCredentialsL(attr1, attr2, attr3, bfr1, bfr2, bfr3);
+
+ CleanupStack::PopAndDestroy(2); // bfr1, bfr2
+
+ return CRACK_CONTINUE;
+}
+
+void CIKECRACKNegotiation::SendCredentialsL(TUint16 aAttr1, TUint16 aAttr2, TUint16 aAttr3,
+ HBufC8* aBfr1, HBufC8* aBfr2, HBufC8* aBfr3)
+{
+ TIkev1IsakmpStream* msg = iNegotiation->SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+ msg->IsakmpInit(iNegotiation);
+ msg->IsakmpOwnIdentL(); /* Dummy ID for Crypto Cluster */
+ msg->IsakmpChre((TUint16)iLAMType, aAttr1, aBfr1, aAttr2, aBfr2, aAttr3, aBfr3);
+
+ if ( iNegotiation->iFamiliarPeer && iNegotiation->iHostData->iUseInternalAddr )
+ {
+ //
+ // Request Internal address from gateway
+ //
+ msg->IsakmpIntnet(0); /* null IPV4 address as parameter */
+ }
+
+ if ( iNegotiation->iHostData->iInitialContact )
+ {
+ //
+ // Initial contact notification added as the last payload into IKE message
+ //
+ if (!iPluginSession->FindIkev1SADataWithAddr(iNegotiation->iRemoteAddr)) //Only sent if no ISAKMP SA established
+ {
+ DEBUG_LOG(_L("Constructing INITIAL-CONTACT"));
+ msg->IsakmpNotification(DOI_INITIAL_CONTACT, PROTO_ISAKMP);
+ }
+ }
+
+ iNegotiation->SendL(*msg);
+
+ //
+ // Take a copy of user name buffer in dialog info. This user name
+ // is cached into user name file if current CRACK negotiation is
+ // succeeded
+ //
+ if ( aBfr1 )
+ {
+ delete iUserName; // Delete old user name buffer for sure
+ iUserName = NULL;
+ iUserName = HBufC8::New(aBfr1->Length() + 16); // 16 bytes space for padding
+ if ( iUserName )
+ {
+ iUserName->Des().Copy(aBfr1->Des());
+ }
+ }
+
+ iState |= WAITING_PEER_RSP;
+ iMsgCount++;
+}
+
+TInt CIKECRACKNegotiation::ProcessCHREAttibutesL(const TCHREISAKMP *aCHRE)
+{
+/*---------------------------------------------------------------------------
+ *
+ * CHRE payload received from gateway. Process attributes in payload
+ * according to current LAM type.
+ * Assure first that LAM type in payload corresponds configured LAM type
+ * in CRACK object
+ *
+ *--------------------------------------------------------------------------*/
+ TInt length = (TInt)aCHRE->GetLength();
+ if ( STATIC_CAST(TUint, length) < sizeof(TCHREISAKMP) ) {
+ return CRACK_FAILED;
+ }
+
+ length -= sizeof(TCHREISAKMP); /* Attribute data lengt in payload */
+ if ( (aCHRE->GetCHREReserved() != 0) || (aCHRE->GetLAMtype() != iLAMType )) {
+ return CRACK_FAILED;
+ }
+
+ TDataISAKMP *attr = aCHRE->CHREAttrib();
+ HBufC8 *challenge = NULL;
+ TInt status = CRACK_CONTINUE;
+ TBool get_user_data = EFalse;
+ TUint16 fin;
+
+ while ( length > 0 ) {
+
+ length = length - attr->Size();
+ if ( length < 0 ) {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Length mismatch in the attibutes)"));
+ return CRACK_FAILED;
+ }
+ switch ( attr->Type() ) {
+
+ case CRACK_T_MESSAGE:
+ if ( attr->IsBasic() ) { /* MUST be variable */
+ return CRACK_FAILED;
+ }
+ break;
+
+ case CRACK_T_FIN:
+ if ( !attr->IsBasic() ) { /* MUST be basic */
+ return CRACK_FAILED;
+ }
+ fin = attr->Value();
+ if ( fin == CRACK_FIN_SUCCESS ) {
+ DEBUG_LOG(_L("CRACK authentication OK"));
+ status = CRACK_SUCCESS;
+ if ( iUserName ) {
+ //
+ // Cache user name into user name file
+ //
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ CleanupStack::PushL(Dialog);
+ TInt err(KErrNone);
+ TRAP(err, Dialog->StoreUserNameL(iUserName->Des()));
+#ifdef _DEBUG
+ if (err == KErrNone)
+ DEBUG_LOG(_L("User Name caching succeeded"));
+ DEBUG_LOG(_L("User Name caching failed"));
+#endif
+ CleanupStack::PopAndDestroy();
+ }
+ }
+ else {
+ if ( fin == CRACK_FIN_MORE ) {
+ iState |= SECURID_NEXT_PIN_MODE;
+ DEBUG_LOG(_L("CRACK SecurID Next pin mode entered"));
+ get_user_data = ETrue; /* SecurID "Next code2 */
+ }
+ else {
+ status = CRACK_FAILED; /* Illegal FIN value */
+ }
+ }
+ break;
+
+ default:
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED (Invalid attribute in CHRE)"));
+ return CRACK_FAILED;
+ }
+
+ attr = attr->Next();
+ }
+
+ if ( get_user_data ) {
+ /*---------------------------------------------------
+ * Get information from user
+ *---------------------------------------------------*/
+ status = GetDatafromUserL(challenge);
+ if ( challenge )
+ CleanupStack::PopAndDestroy(); /* delete challenge */
+ }
+
+ return status;
+
+}
+
+
+TInt CIKECRACKNegotiation::CrackAuthenticationFailedL(const TNotificationISAKMP *aNotifPayload)
+{
+ (void)aNotifPayload;
+/*---------------------------------------------------------------------------
+ *
+ * The gateway has sent a Notification payload which indicates that CRACK
+ * authentication is failed.
+ * Display proper error dialog and return CRACK_FAILED status
+ *
+ *--------------------------------------------------------------------------*/
+ iNegotiation->iTimer->Cancel(); //Cancel timer because authentication failed
+ DEBUG_LOG(_L("CRACK authentication failed!"));
+
+ if ( (iState & (CRACK_AUTHENTICATED + WAITING_USER_RSP + SHOW_ERROR_DIALOG)) ==
+ SHOW_ERROR_DIALOG ) {
+ // Dialog object shall be delete in Dialog->RunL when dialog completed
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ Dialog->ShowErrorDialogL(TVpnNoteDialog::EKmdAuthenticationFailed, NULL, NULL);
+ iState &= ~SHOW_ERROR_DIALOG;
+ }
+
+ return CRACK_FAILED;
+
+}
+
+//
+// The implementation for class MIkeDialogComplete virtual function
+//
+TInt CIKECRACKNegotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo,
+ HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)
+{
+/*---------------------------------------------------------------------------
+ *
+ * A response received from client user (through asynchronous dialog)
+ * This method is introduced as a TUserCallback for CGetIKEPassword dialog
+ * object is created. When the dialog is completed this callback function
+ * is called to deliver Credentials data for CHRE payload attributes.
+ * Store credential buffers to CAuthDialogInfo object and call engine
+ * entry
+ *
+ *-------------------------------------------------------------------------*/
+ TUint32 obj_id = 1;
+ CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo;
+ DEBUG_LOG1(_L("CIKECRACKNegotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo);
+
+ if ( info )
+ {
+ obj_id = info->GetObjId();
+ DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id);
+ if ( obj_id == DIALOG_INFO_ID )
+ {
+ info->iUsername = aUsername;
+ info->iSecret = aSecret;
+ info->iDomain = aDomain;
+ obj_id = info->PluginSession()->AuthDialogCompletedL(info);
+ }
+ }
+
+ return obj_id;
+}
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1crypto.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,369 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Crypto Layer to use and change any cryptolibrary easily.
+* Contains all the cryptographic functions used in IKEv1.
+*
+*/
+
+
+
+#include "ikev1crypto.h"
+#include "ikemsgheader.h"
+#include "dhparameters.h"
+#include "utlcrypto.h"
+
+CIkeKeys* CIkeKeys::NewL(const TDesC8& aN, const TDesC8& aG)
+{
+ CIkeKeys *keys = new (ELeave) CIkeKeys();
+ keys->iDHKey = TUtlCrypto::MakeDiffieHellmanL(aN, aG);
+ keys->iModuluslength = aN.Length();
+ return keys;
+}
+
+CIkeKeys::~CIkeKeys()
+{
+ delete iDHKey;
+}
+
+
+HBufC8* CIkeKeys::GetPubKey()
+{
+ HBufC8* DHPublicKey = (HBufC8*)iPubKey;
+ iPubKey = NULL; // Exclusive ownership of iPubKey buffer is returned to caller
+ return DHPublicKey;
+}
+
+void CIkeKeys::XValueL()
+{
+ iPubKey = iDHKey->GenerateXL();
+}
+
+
+const HBufC8* CIkeKeys::KValueL(const TDesC8& aY) const
+{
+ return iDHKey->CompleteKL(aY);
+}
+
+
+
+
+//Generates a group of parameters depending on the group.
+CIkeKeys *CreateDHKeyL(TUint aGroupDesc)
+{
+ TPtrC8 prime_ptr(NULL, 0);
+ TPtrC8 gen_ptr(NULL, 0);
+
+ switch (aGroupDesc)
+ {
+ case MODP_768:
+ prime_ptr.Set((TUint8 *)&MODP_768_PRIME[0], MODP_768_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_768_GENERATOR[0], MODP_768_GENERATOR_LENGTH);
+ break;
+ case MODP_1024:
+ prime_ptr.Set((TUint8 *)&MODP_1024_PRIME[0], MODP_1024_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_1024_GENERATOR[0], MODP_1024_GENERATOR_LENGTH);
+ break;
+ case MODP_1536:
+ prime_ptr.Set((TUint8 *)&MODP_1536_PRIME[0], MODP_1536_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_1536_GENERATOR[0], MODP_1536_GENERATOR_LENGTH);
+ break;
+ case MODP_2048:
+ prime_ptr.Set((TUint8 *)&MODP_2048_PRIME[0], MODP_2048_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_2048_GENERATOR[0], MODP_2048_GENERATOR_LENGTH);
+ break;
+ case EC2N_155:
+ case EC2N_185:
+ return NULL;
+ default: //Cannot happen because checked before!!!
+ return NULL;
+ }
+
+ CIkeKeys *arg = CIkeKeys::NewL(prime_ptr, gen_ptr);
+
+ return arg;
+}
+
+CIkeKeys *GeneratePubPrivKeysL(TUint aGroupDesc)
+{
+ CIkeKeys *dh_key = CreateDHKeyL(aGroupDesc);
+ if (!dh_key)
+ return NULL;
+ dh_key->XValueL(); //Initializes the public and private keys.
+
+ return dh_key;
+
+}
+
+HBufC8* ComputeAgreedKeyL(TUint /*aGroupDesc*/, const TDesC8 &aPeerPublicKey, CIkeKeys *aOwnKeys)
+{
+ if(!aOwnKeys)
+ return NULL;
+
+ return (HBufC8*)aOwnKeys->KValueL(aPeerPublicKey);
+}
+
+void DecryptL(const TUint8* aInputPayload, TUint8* aOutputPayload, TUint32 aLength, TDes8& aIV, TDesC8& aKey, TUint16 aEncrAlg)
+{
+ TUtlCrypto::TUtlSymmetricCipherId CipherId = TUtlCrypto::EUtlSymmetricCipherAesCbc; // Defaults
+ TInt IVLth = AESCBC_IV_LEN;
+
+ if ( aEncrAlg == DES3_CBC )
+ {
+ CipherId = TUtlCrypto::EUtlSymmetricCipher3DesCbc;
+ IVLth = DESCBC_IV_LEN;
+ }
+ else if ( aEncrAlg == DES_CBC)
+ {
+ CipherId = TUtlCrypto::EUtlSymmetricCipherDesCbc;
+ IVLth = DESCBC_IV_LEN;
+ }
+ //
+ // Construct cipher object for symmetric decrypt operation
+ //
+ TPtrC8 iv_ptr(aIV.Ptr(), IVLth);
+ TPtrC8 ciphertext(aInputPayload, aLength);
+ TPtr8 plaintext(aOutputPayload, aLength);
+
+ CUtlSymmetricCipher* UtlCipher = TUtlCrypto::MakeSymmetricDecryptorL(CipherId,
+ aKey,
+ iv_ptr);
+
+ CleanupStack::PushL(UtlCipher);
+ UtlCipher->ProcessFinalL(ciphertext, plaintext);
+ CleanupStack::PopAndDestroy();
+ aIV.Copy(&aInputPayload[aLength - IVLth], IVLth); //Next IV (last 8 bytes of ciphertext)
+
+}
+
+TBool EncryptL(TDes8& aInputPayload, TDes8& aOutputPayload, TDes8& aIV, TDesC8& aKey, TUint16 aEncrAlg)
+{
+ TUtlCrypto::TUtlSymmetricCipherId CipherId = TUtlCrypto::EUtlSymmetricCipherAesCbc; // Defaults
+ TInt CbLth = AESCBC_IV_LEN;
+
+ if ( aEncrAlg == DES3_CBC )
+ {
+ CipherId = TUtlCrypto::EUtlSymmetricCipher3DesCbc;
+ CbLth = DESCBC_IV_LEN;
+ }
+ else if ( aEncrAlg == DES_CBC)
+ {
+ CipherId = TUtlCrypto::EUtlSymmetricCipherDesCbc;
+ CbLth = DESCBC_IV_LEN;
+ }
+ TPtrC8 iv_ptr(aIV.Ptr(), CbLth);
+ //
+ // Add padding, if needed
+ //
+ TUint padding_bytes = (aInputPayload.Length() - ISAKMP_HDR_SIZE) % CbLth;
+ if (padding_bytes != 0) //Padd with 0 at the end if needed
+ {
+ TChar c(0);
+ aInputPayload.AppendFill(c,CbLth-padding_bytes); //Append at the end
+ }
+ //
+ // ISAKMP fixed header not encrypted
+ //
+ TPtrC8 plaintext(aInputPayload.Ptr() + ISAKMP_HDR_SIZE, aInputPayload.Length() - ISAKMP_HDR_SIZE);//skip hdr
+ aOutputPayload.Copy(aInputPayload.Ptr(), ISAKMP_HDR_SIZE); //The same HDR in output
+
+ TPtr8 ciphertext((TUint8 *)aOutputPayload.Ptr() + ISAKMP_HDR_SIZE, 0, aInputPayload.Length() - ISAKMP_HDR_SIZE);//skip hdr
+ //
+ // Construct cipher object for symmetric decrypt operation
+ //
+ CUtlSymmetricCipher* UtlCipher = TUtlCrypto::MakeSymmetricEncryptorL(CipherId,
+ aKey,
+ iv_ptr);
+ CleanupStack::PushL(UtlCipher);
+ UtlCipher->ProcessFinalL(plaintext, ciphertext);
+ CleanupStack::PopAndDestroy();
+ //
+ // Next IV (last cipher block of encrypted buffer)
+ //
+ aOutputPayload.SetLength(ISAKMP_HDR_SIZE + ciphertext.Length());
+ aIV.Copy(aOutputPayload.Ptr() + aOutputPayload.Length() - CbLth, CbLth);
+
+ return ETrue;
+
+}
+
+
+void MD5HashL(const TDesC8 &aInData, TDes8& aOutData)
+{
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestMd5);
+ aOutData.Copy(Digest->Final(aInData));
+ delete Digest;
+}
+
+void SHA1HashL(const TDesC8 &aInData, TDes8& aOutData)
+{
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ aOutData.Copy(Digest->Final(aInData));
+ delete Digest;
+}
+
+void MD5HmacL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData)
+{
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestMd5,
+ aKeyData);
+ aOutData.Copy(Digest->Final(aInData));
+ delete Digest;
+}
+
+void SHA1HmacL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData)
+{
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1,
+ aKeyData);
+ aOutData.Copy(Digest->Final(aInData));
+ delete Digest;
+}
+
+void Hmac3DesCbcL(const TDesC8 &aInData, TDes8& aOutData, const TDesC8& aKeyData)
+{
+ TUint8 *pad = new (ELeave) TUint8[PAD_SIZE];
+ TInt pad_len = 0;
+ CleanupStack::PushL(pad);
+ TBuf8<8> iv;
+ TBuf8<24> prf_key2;
+ TPtrC8 prf_key_ptr;
+
+ if ( aKeyData.Length() < 24) //if less than 24 bits the rest must be 0's
+ {
+ prf_key2.FillZ(24);
+ prf_key2.Copy(aKeyData);
+ prf_key2.SetLength(24);
+ prf_key_ptr.Set(prf_key2);
+ }
+ else
+ {
+ prf_key_ptr.Set(aKeyData);
+ }
+ iv.FillZ(8);
+ Mem::Copy(pad, aInData.Ptr(), aInData.Length());
+ pad_len = aInData.Length();
+ if ( pad_len & 0x07 ) //Add padding to align to byte pieces??????????
+ {
+ Mem::FillZ(&pad[pad_len], 7);
+ pad_len += 7;
+ pad_len = (pad_len & 65528) + 8;
+ }
+ Cipher3DesL(pad, pad_len, prf_key_ptr, iv, aOutData);
+
+ CleanupStack::PopAndDestroy(); //pad
+
+}
+
+void Cipher3DesL(TUint8 *aInData, TInt aInDataLen, const TDesC8 &aPrfKey, TDes8 &aIV, TDes8 &aOutData)
+{
+
+ TPtrC8 iv_ptr(aIV.Ptr(), DESCBC_IV_LEN);
+ TPtrC8 key_ptr(aPrfKey.Ptr(), 3*DESCBC_KEY_LEN);
+
+ HBufC8 *des_input = HBufC8::NewL(aInDataLen + 8);
+ CleanupStack::PushL(des_input);
+ TPtr8 des_input_ptr((TUint8 *)des_input->Des().Ptr(), aInDataLen + 8, aInDataLen + 8); //Contains the PRF input text
+ TPtrC8 plain_input_text(aInData, aInDataLen);//skip hdr
+ //
+ // Construct cipher object for symmetric decrypt operation
+ //
+ CUtlSymmetricCipher* UtlCipher = TUtlCrypto::MakeSymmetricEncryptorL(TUtlCrypto::EUtlSymmetricCipher3DesCbc,
+ key_ptr,
+ iv_ptr);
+ CleanupStack::PushL(UtlCipher);
+
+ HBufC8 *des_output= HBufC8::NewL(des_input_ptr.Length() + UtlCipher->BlockSize());
+ CleanupStack::PushL(des_output);
+ TPtr8 des_output_ptr((TUint8 *)des_output->Des().Ptr(), des_input_ptr.Length() + UtlCipher->BlockSize());
+
+ UtlCipher->ProcessFinalL(plain_input_text, des_output_ptr);
+ TPtrC8 tmp_input_data(&des_output_ptr[des_output_ptr.Length() - 8], 8); //Input Data to the 2nd 8-bit chunk encryption
+ UtlCipher->Reset(); //Restart
+ UtlCipher->ProcessFinalL(tmp_input_data, aOutData);
+
+ // Do second eight bytes
+ des_input_ptr.Copy(aOutData);
+ des_input_ptr.Append(plain_input_text); //reattach the input data
+ UtlCipher->Reset(); //Restart
+ UtlCipher->ProcessFinalL(des_input_ptr, des_output_ptr);
+
+ tmp_input_data.Set(&des_output_ptr[des_output_ptr.Length() - 8], 8);
+ TPtr8 out_data_ptr((TUint8 *)aOutData.Ptr() + 8, 0, 8);
+ UtlCipher->Reset(); //Restart
+ UtlCipher->ProcessFinalL(tmp_input_data, out_data_ptr);
+
+ // Do third eight bytes
+ Mem::Copy((TUint8 *)des_input_ptr.Ptr(), aOutData.Ptr() + 8, 8); //last 8 bytes of previous result put at the beginning
+ //The length of des_input_ptr won't change so the data after byte 8 is still used!!!
+ UtlCipher->Reset(); //Restart
+ UtlCipher->ProcessFinalL(des_input_ptr, des_output_ptr);
+
+ tmp_input_data.Set(&des_output_ptr[des_output_ptr.Length() - 8], 8);
+ out_data_ptr.Set((TUint8 *)aOutData.Ptr() + 16, 0, 8); //the last 8 bytes (16 to 23)
+ UtlCipher->Reset(); //Restart
+ UtlCipher->ProcessFinalL(tmp_input_data, out_data_ptr);
+
+ aOutData.SetLength(24);
+
+ CleanupStack::PopAndDestroy(3); // des_output, UtlCipher and des_input
+}
+
+TInt SymmetricCipherL(TUint8 *aInput, TUint8 *aOutput, TInt aLength,
+ TUint8 *aKey, TUint8 *aIV, TBool aEncr, TInt aEncAlg)
+{
+ (void)aEncAlg;
+ TPtrC8 iv_ptr(aIV, DESCBC_IV_LEN );
+ TPtrC8 key_ptr(aKey, DESCBC_IV_LEN);
+
+ CUtlSymmetricCipher* UtlCipher;
+ if ( aEncr ) {
+ //
+ // Add padding (according RFC 1423) and encrypt data
+ //
+ TInt PaddingBytes = 8 - (aLength % 8);
+ for ( TInt i = 0; i < PaddingBytes; i++ ) {
+ *(aInput + aLength + i) = (TUint8)PaddingBytes;
+ }
+ aLength += PaddingBytes;
+ UtlCipher = TUtlCrypto::MakeSymmetricEncryptorL(TUtlCrypto::EUtlSymmetricCipherDesCbc,
+ key_ptr, iv_ptr);
+ }
+ else {
+ //
+ // Decrypt data
+ //
+ UtlCipher = TUtlCrypto::MakeSymmetricDecryptorL(TUtlCrypto::EUtlSymmetricCipherDesCbc,
+ key_ptr, iv_ptr);
+ }
+ CleanupStack::PushL(UtlCipher);
+ TPtrC8 inp(aInput, aLength);
+ TPtr8 outp(aOutput, aLength);
+ UtlCipher->ProcessFinalL(inp, outp);
+ CleanupStack::PopAndDestroy();
+
+ if ( !aEncr ) {
+ //
+ // Remove padding from decrypted data
+ //
+ TUint8 PaddingLth = *(aOutput + aLength - 1);
+ if ( PaddingLth < 9 )
+ aLength -= (TInt)PaddingLth; // Ok padding count
+ else aLength = 0;
+ }
+
+ return aLength;
+
+}
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1dialog.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,665 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkeDialog class implementation
+*
+*/
+
+#include <random.h>
+
+#include "ikev1dialog.h"
+#include "dhparameters.h"
+#include "ikedebug.h"
+#include "ikev1pluginsession.h"
+#include "ikev1crypto.h"
+#include "ikev1filesdef.h"
+
+
+CIkev1Dialog::CIkev1Dialog( MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iDebug( aDebug )
+{
+ CActiveScheduler::Add(this); //Added to the Active Scheduler
+}
+
+CIkev1Dialog::~CIkev1Dialog()
+{
+ DEBUG_LOG(_L("CIkev1Dialog destructed"));
+
+ DeQueueDialog(this);
+
+ if(iTimeout)
+ {
+ iTimeout->Cancel();
+ }
+ Cancel(); // Dialog itself
+
+ delete iTimeout;
+ delete iInputData;
+
+ iFs.Close();
+}
+
+void CIkev1Dialog::PurgeDialogQueue(CIkev1Dialog* aQueuedDialog)
+{
+ CIkev1Dialog* NextDialog;
+ while ( aQueuedDialog ) {
+ NextDialog = aQueuedDialog->iNext;
+ delete aQueuedDialog;
+ aQueuedDialog = NextDialog;
+ }
+}
+
+void CIkev1Dialog::DoCancel()
+{
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ iNotifier.Close();
+ DEBUG_LOG(_L("CIkev1Dialog::DoCancel() OK"));
+}
+
+void CIkev1Dialog::ConstructL(CIkev1PluginSession* aPluginSession, CIkev1Dialog* *aToQueAnchor)
+{
+ User::LeaveIfError(iFs.Connect());
+ iTimeout = new (ELeave) CDialogTimeout( iDebug );
+ iTimeout->ConstructL(this);
+ iToQueAnchor = aToQueAnchor;
+ iPluginSession = aPluginSession;
+}
+
+CIkev1Dialog* CIkev1Dialog::NewL( CIkev1PluginSession* aPluginSession,
+ CIkev1Dialog** aToQueAnchor,
+ MIkeDebug& aDebug )
+{
+ CIkev1Dialog* Dialog = new (ELeave) CIkev1Dialog( aDebug );
+ Dialog->ConstructL( aPluginSession, aToQueAnchor );
+
+ return Dialog;
+}
+
+void CIkev1Dialog::StoreUserNameL(TPtr8 aUserName)
+{
+/*--------------------------------------------------------------------
+ *
+ * Store specified user name into cache file (used as init value in
+ * the next user name specific dialog).
+ * User name shall be encrypted (DES) before stored into cache file.
+ *
+ *---------------------------------------------------------------------*/
+
+
+ if (aUserName.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ //
+ // Allocate buffer for file header and encrypted key
+ //
+
+ HBufC8* HeaderBfr = HBufC8::NewLC(aUserName.Length() + sizeof(TUserNameFileHdr) + 32);
+
+ TUserNameFileHdr* FileHeader = (TUserNameFileHdr*)HeaderBfr->Ptr();
+ //
+ // Get random data values for salt and IV.
+ //
+ TPtr8 ptr((TUint8*)FileHeader, sizeof(TUserNameFileHdr));
+ ptr.SetLength(sizeof(TUserNameFileHdr));
+ TRandom::RandomL(ptr);
+
+ FileHeader->iFileId = USER_NAME_FILE_ID;
+ //
+ // Build encryption key from just created salt data and fixed
+ // secret passphrase using MD5 hash
+ //
+ TBuf8<16> EncryptionKey;
+ TPtr8 SaltPtr((TUint8*)FileHeader->iSalt, 8, 8);
+ User::LeaveIfError(CIkev1Dialog::BuildEncryptionKey(SaltPtr, EncryptionKey));
+ //
+ // Encrypt user name data with just created key.
+ // Because DES is used as encryption algorithm, the eight first
+ // octets of created encryption octets is used as encryption key.
+ //
+ TInt EncrLth = 0;
+ EncrLth = SymmetricCipherL((TUint8*)aUserName.Ptr(),
+ ((TUint8*)FileHeader + sizeof(TUserNameFileHdr)),
+ aUserName.Length(), FileHeader->iIV, (TUint8*)EncryptionKey.Ptr(), ETrue);
+ if ( EncrLth )
+ {
+ //
+ // Write encrypted data into user name file
+ //
+ RFile NameFile;
+
+ TBuf<128> Ppath;
+ User::LeaveIfError(iFs.PrivatePath(Ppath));
+
+ Ppath.Append(USER_NAME_CACHE_FILE);
+ TInt err = iFs.CreatePrivatePath(EDriveC);
+ if (err != KErrNone &&
+ err != KErrAlreadyExists)
+ {
+ User::Leave(err);
+ }
+ User::LeaveIfError(NameFile.Replace(iFs, Ppath, EFileShareAny|EFileWrite));
+
+ TPtrC8 EncryptedData((TUint8*)FileHeader, sizeof(TUserNameFileHdr) + EncrLth);
+
+ NameFile.Write(EncryptedData);
+ NameFile.Close();
+ }
+
+ CleanupStack::PopAndDestroy(); // Delete encryption buffer
+}
+
+/*--------------------------------------------------------------------
+ *
+ * Asynchronous dialog is completed.
+ *
+ *---------------------------------------------------------------------*/
+void CIkev1Dialog::RunL()
+{
+ TInt delete_obj = 1;
+ HBufC8 *un_bfr = NULL;
+ HBufC8 *pw_bfr = NULL;
+ CIkev1Dialog* NextDialog = iNext;
+
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ iNotifier.Close();
+
+ if ( iStatus.Int() == KErrNone )
+ {
+ if ( iCallback )
+ {
+ TIPSecDialogOutput& resp = iResponseBuf();
+ un_bfr = ConvertPwdToOctetString(resp.iOutBuf);
+ pw_bfr = ConvertPwdToOctetString(resp.iOutBuf2);
+ }
+ }
+
+ if ( iCallback )
+ {
+ TInt err;
+ TRAP(err, delete_obj = iCallback->DialogCompleteL(this, iUserInfo,
+ un_bfr, //User name
+ pw_bfr, //Password
+ NULL)); //domain
+ delete un_bfr;
+ delete pw_bfr;
+ if ( err != KErrNone )
+ delete_obj = 1;
+ }
+
+ if ( delete_obj )
+ {
+ delete this;
+ }
+
+ //
+ // Start a dialog from wait queue if there is some
+ //
+ if ( NextDialog )
+ NextDialog->StartDialogL();
+}
+
+
+/*--------------------------------------------------------------------
+ *
+ * Get user name and password data for Legacy authentication
+ * This is a synchronous dialog which does NOT convert user name and
+ * password data into the 8-bit ASCII text
+ *
+ *---------------------------------------------------------------------*/
+TInt CIkev1Dialog::GetSyncUNPWDialog(TDes& aUserName, TDes& aPassword)
+{
+TIPSecDialogOutput output;
+
+
+ TIPSecDialogInfo dialog_input(TKMDDialog::EUserPwd, 0);
+
+ TPckgBuf<TIPSecDialogInfo> InfoBuf(dialog_input);//package it in appropriate buf
+
+ TPckgBuf<TIPSecDialogOutput> ResponseBuf(output);//create the buf to receive the response
+
+ TInt status = LauchSyncDialog(InfoBuf, ResponseBuf);
+ if ( status == KErrNone ) {
+ TIPSecDialogOutput& resp = ResponseBuf();
+ aUserName = resp.iOutBuf;
+ aPassword = resp.iOutBuf2;
+ }
+
+ return status;
+}
+
+/*--------------------------------------------------------------------
+ *
+ * Get user name and password data for Legacy authentication
+ * This is a synchronous dialog which does NOT convert user name and
+ * password data into the 8-bit ASCII text
+ * Uses username cache
+ *
+ *---------------------------------------------------------------------*/
+TInt CIkev1Dialog::GetSyncUNPWCacheDialog(TDes& aUserName, TDes& aPassword)
+{
+ TInt status = KErrGeneral;
+ TIPSecDialogOutput output;
+
+ TIPSecDialogInfo dialog_input(TKMDDialog::EUserPwd, 0);
+
+ iInputData = CreateDialogInput(dialog_input, ETrue);// TRUE = Use user name cache
+
+ TPckgBuf<TIPSecDialogOutput> ResponseBuf(output);//create the buf to receive the response
+
+ if ( iInputData )
+ status = LauchSyncDialog((TPckgBuf<TIPSecDialogInfo>&)*iInputData, ResponseBuf);
+
+ if ( status == KErrNone ) {
+ TIPSecDialogOutput& resp = ResponseBuf();
+ aUserName = resp.iOutBuf;
+ aPassword = resp.iOutBuf2;
+ }
+
+ return status;
+}
+
+void CIkev1Dialog::ShowErrorDialogL(TInt aDialogText, TAny *aUserInfo, MIkeDialogComplete* aCallback )
+{
+ iDialogType = TNoteDialog::EInfo;
+ iUserInfo = aUserInfo;
+ iCallback = aCallback; // For asynchronous dialog RunL
+
+ TIPSecDialogInfo dialog_input(TNoteDialog::EInfo, aDialogText);
+ iInputData = CreateDialogInput(dialog_input, EFalse);// FALSE = Do not use user name cache
+ if ( iInputData )
+ LaunchDialogL(); //launch the dialog
+}
+
+/*--------------------------------------------------------------------
+ *
+ * Get user name and password data for Legacy authentication
+ *
+ *---------------------------------------------------------------------*/
+void CIkev1Dialog::GetAsyncUNPWDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback)
+{
+ DEBUG_LOG2(_L("CIkev1Dialog::GetAsyncUNPWDialogL(), aUserInfo = %x, aCallback = %x"), aUserInfo, aCallback);
+
+ iDialogType = TKMDDialog::EUserPwd;
+ iUserInfo = aUserInfo;
+ iCallback = aCallback; // For asynchronous dialog RunL
+
+ TIPSecDialogInfo dialog_input(TKMDDialog::EUserPwd, 0);
+ iInputData = CreateDialogInput(dialog_input, ETrue);// TRUE = Use user name cache
+ if ( iInputData )
+ LaunchDialogL(); //launch the dialog
+}
+
+/*--------------------------------------------------------------------
+ *
+ * Get user name and Secure ID pin data for Legacy authentication
+ *
+ *---------------------------------------------------------------------*/
+void CIkev1Dialog::GetAsyncSecureidDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback)
+{
+ DEBUG_LOG2(_L("CIkev1Dialog::GetAsyncSecureidDialogL(), aUserInfo = %x, aCallback = %x"), aUserInfo, aCallback);
+
+ iDialogType = TKMDDialog::ESecurIdPin;
+ iUserInfo = aUserInfo;
+ iCallback = aCallback; // For asynchronous dialog RunL
+
+ TIPSecDialogInfo dialog_input(TKMDDialog::ESecurIdPin, 0);
+ iInputData = CreateDialogInput(dialog_input, ETrue);// TRUE = Use user name cache
+ if ( iInputData )
+ LaunchDialogL(); //launch the dialog
+}
+
+/*--------------------------------------------------------------------
+ *
+ * Get user name and Secure ID next pin data for Legacy authentication
+ *
+ *---------------------------------------------------------------------*/
+void CIkev1Dialog::GetAsyncSecureNextPinDialogL(TAny *aUserInfo, MIkeDialogComplete* aCallback)
+{
+ DEBUG_LOG2(_L("CIkev1Dialog::GetAsyncSecureNextPinDialogL(), aUserInfo = %x, aCallback = %x"), aUserInfo, aCallback);
+
+ iDialogType = TKMDDialog::ESecurIdNextPin;
+ iUserInfo = aUserInfo;
+ iCallback = aCallback; // For asynchronous dialog RunL
+
+ TIPSecDialogInfo dialog_input(TKMDDialog::ESecurIdNextPin, 0);
+ iInputData = CreateDialogInput(dialog_input, ETrue);// TRUE = Use user name cache
+ if ( iInputData )
+ LaunchDialogL(); //launch the dialog
+}
+
+
+/*--------------------------------------------------------------------
+ *
+ * For future use (for challenge/response type Legacy authentication)
+ *
+ *---------------------------------------------------------------------*/
+void CIkev1Dialog::GetAsyncUNAMEDialog(TAny* /*aUserInfo*/, MIkeDialogComplete* /*aCallback*/)
+{
+}
+
+void CIkev1Dialog::GetAsyncRespDialog(TPtr8 /*aChallenge*/, TAny* /*aUserInfo*/, MIkeDialogComplete* /*aCallback*/)
+{
+}
+
+
+///////////////////////////////////////////////////////////////////////////////
+//
+// Private methods
+//
+///////////////////////////////////////////////////////////////////////////////
+HBufC8* CIkev1Dialog::CreateDialogInput(TIPSecDialogInfo& aDialogInfo, TBool aUserNameCache)
+{
+ //
+ // Create dialog input data buffer. Concatenate cached user name
+ // string into input data if requested and if cached name exists
+ //
+ HBufC8* DialogInput;
+ HBufC8* UserName = NULL;
+ TInt UserNameLth = 0;
+ TPckgBuf<TIPSecDialogInfo> infoBuf(aDialogInfo);
+
+ if ( aUserNameCache ) {
+ UserName = GetUserNameFromFile();
+ if ( UserName )
+ UserNameLth = UserName->Length();
+ }
+
+ DialogInput = HBufC8::New(sizeof(TIPSecDialogInfo) + UserNameLth);
+ if ( DialogInput ) {
+ DialogInput->Des().Copy(infoBuf);
+ if ( UserName ) {
+ DialogInput->Des().Append(UserName->Des());
+ delete UserName;
+ }
+ }
+
+ return DialogInput;
+}
+
+void CIkev1Dialog::LaunchDialogL()
+{
+ //
+ // Launch the dialog if there is no dialog already going
+ //
+ if ( QueueDialog(this) == 1 )
+ {
+ StartDialogL();
+ }
+}
+
+void CIkev1Dialog::StartDialogL()
+{
+ //
+ // Start an asynchronous dialog
+ //
+ User::LeaveIfError(iNotifier.Connect());
+ iNotifier.StartNotifierAndGetResponse(iStatus,
+ KUidVpnDialogNotifier,
+ (TPckgBuf<TIPSecDialogInfo>&)(*iInputData),
+ iResponseBuf);
+ SetActive();
+}
+
+
+TInt CIkev1Dialog::LauchSyncDialog(const TDesC8& aInput, TDes8& aOutput)
+{
+ RNotifier notifier;
+ TInt err = notifier.Connect();
+ if(err != KErrNone)
+ {
+ return err;
+ }
+
+ TRequestStatus status;
+ notifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier, aInput, aOutput);
+ User::WaitForRequest( status );
+
+ notifier.CancelNotifier(KUidVpnDialogNotifier);
+ notifier.Close();
+
+ return status.Int();
+}
+
+TInt CIkev1Dialog::QueueDialog(CIkev1Dialog* aDialog)
+{
+ TInt DialogCount = 1;
+ aDialog->iNext = NULL;
+ CIkev1Dialog* QueuedDialog = *aDialog->iToQueAnchor;
+
+ if ( QueuedDialog )
+ {
+ DialogCount ++;
+ while ( QueuedDialog->iNext ) {
+ QueuedDialog = QueuedDialog->iNext;
+ DialogCount ++;
+ }
+ QueuedDialog->iNext = aDialog;
+ }
+ else *aDialog->iToQueAnchor = aDialog;
+
+ return DialogCount;
+}
+
+void CIkev1Dialog::DeQueueDialog(CIkev1Dialog* aDialog)
+{
+ CIkev1Dialog* PreviousDialog = NULL;
+ CIkev1Dialog* QueuedDialog = *aDialog->iToQueAnchor;
+
+ while ( QueuedDialog ) {
+ if ( QueuedDialog == aDialog ) {
+ if ( PreviousDialog )
+ PreviousDialog->iNext = QueuedDialog->iNext;
+ else *aDialog->iToQueAnchor = QueuedDialog->iNext;
+ }
+ PreviousDialog = QueuedDialog;
+ QueuedDialog = QueuedDialog->iNext;
+ }
+}
+
+HBufC8* CIkev1Dialog::GetUserNameFromFile()
+{
+/*--------------------------------------------------------------------
+ *
+ * Get user name default value from encrypted cache file
+ *
+ *---------------------------------------------------------------------*/
+ //
+ // Allocate buffer for file header and encrypted key
+ //
+ HBufC8* UserNameBfr = NULL;
+ RFile UserNameFile;
+ if ( UserNameFile.Open(iFs, USER_NAME_CACHE_FILE, EFileRead) == KErrNone ) {
+ TInt FileSize = 0;
+ UserNameFile.Size(FileSize);
+ if ( (FileSize > 0) && (FileSize < 256) ) {
+ HBufC8* FileData = HBufC8::New(FileSize);
+ if ( FileData ) {
+ //
+ // Read encrypted file data into the allocated buffer.
+ //
+ TPtr8 FileDataPtr(FileData->Des());
+ if ( UserNameFile.Read(FileDataPtr) == KErrNone ) {
+ //
+ // Build decryption key and decrypt user name data.
+ // Both salt data needed in key generation and IV
+ // value required in decryption are found from
+ // encrypted file header
+ //
+ TUserNameFileHdr* FileHeader = (TUserNameFileHdr*)FileData->Ptr();
+ if ( FileHeader->iFileId == USER_NAME_FILE_ID ) {
+ TBuf8<16> DecryptionKey;
+ TPtr8 SaltPtr((TUint8*)FileHeader->iSalt, 8, 8);
+ if ( CIkev1Dialog::BuildEncryptionKey(SaltPtr, DecryptionKey) ) {
+ TInt EncrLth = FileSize - sizeof(TUserNameFileHdr);
+ TUint8* UserNameRawPtr = (TUint8*)FileHeader + sizeof(TUserNameFileHdr);
+ TInt err;
+ TRAP(err, EncrLth = SymmetricCipherL(UserNameRawPtr, UserNameRawPtr, EncrLth,
+ FileHeader->iIV, (TUint8*)DecryptionKey.Ptr(), EFalse));
+ if ( (err == KErrNone) && EncrLth ) {
+ //
+ // Allocate a HBufC8 for decrypted user name
+ //
+ UserNameBfr = HBufC8::New(EncrLth);
+ if ( UserNameBfr )
+ UserNameBfr->Des().Copy(UserNameRawPtr, EncrLth);
+ }
+ }
+ }
+ }
+ delete FileData;
+ }
+ }
+ }
+
+ UserNameFile.Close();
+ return UserNameBfr;
+}
+
+
+HBufC8 *CIkev1Dialog::ConvertPwdToOctetString(TDesC &aUnicodeBfr)
+{
+/*--------------------------------------------------------------------
+ *
+ * Convert password from Unicode string to 8-bit octet string
+ *
+ *---------------------------------------------------------------------*/
+ HBufC8 *octet_data = HBufC8::New(aUnicodeBfr.Length());
+ if ( octet_data ) {
+ TPtr8 ptr8(octet_data->Des());
+ ptr8.Copy(aUnicodeBfr);
+ }
+ return octet_data;
+}
+
+
+
+TBool CIkev1Dialog::BuildEncryptionKey(const TDesC8& aSalt, TDes8& aEncryptionKey)
+{
+/*--------------------------------------------------------------------
+ *
+ * Build encryption key for user name data cipher.
+ * The encryption key is created as follows:
+ * DH group 5 (MODP 1536) prime is used as passphrase seed so
+ * that MODP_1536_PRIME_LENGTH/4 octets of seed is taken from prime
+ * starting from position MODP_1536_PRIME_LENGTH/2.
+ * The specified salt is concatenated with that data.
+ * The MD5 hash over that shall be the encryption key (max key then
+ * 128 bits)
+ *
+ *---------------------------------------------------------------------*/
+ //
+ // Allocate buffer for key seed data
+ //
+ HBufC8* SeedDataBfr = HBufC8::New(aSalt.Length() + MODP_1536_PRIME_LENGTH/4);
+ if ( !SeedDataBfr )
+ return EFalse;
+
+ TPtr8 SeedDataPtr(SeedDataBfr->Des());
+ TPtrC8 PassPhrasePtr((TUint8 *)&MODP_1536_PRIME[MODP_1536_PRIME_LENGTH/2],
+ MODP_1536_PRIME_LENGTH/4);
+ SeedDataPtr.Copy(PassPhrasePtr);
+ SeedDataPtr.Append(aSalt);
+
+ TInt err;
+ TRAP(err, MD5HashL(SeedDataPtr, aEncryptionKey));
+
+ delete SeedDataBfr;
+
+ if ( err == KErrNone )
+ return ETrue;
+ else return EFalse;
+
+}
+
+
+
+/**-------------------------------------------------------
+ *
+ * CDialogTimeout class
+ * This timeout class used to check user dialog displayed
+ * shall be completed in reasonable time (now 90 seconds).
+ * This class is used the following way:
+ * -- When a CIkev1Dialog class object is constructed one
+ * CDialogTimeout object is constructed as well. These
+ * objects are linked together.
+ * -- If user dialog completes normally (within 90 seconds)
+ * CDialogTimeout is cancelled in CIkev1Dialog.RunL().
+ * -- If timeout expires, CIkev1Dialog is completed via CDialogTimeout.RunL()
+ *
+ *--------------------------------------------------------*/
+CDialogTimeout::CDialogTimeout( MIkeDebug& aDebug )
+ : CTimer( EPriorityStandard ),
+ iDebug( aDebug )
+{
+ CActiveScheduler::Add(this); //Adds itself to the scheduler only the first time
+}
+
+CDialogTimeout::~CDialogTimeout()
+{
+ DEBUG_LOG(_L("CDialogTimeout destructed"));
+ if (IsActive())
+ Cancel();
+}
+
+void CDialogTimeout::ConstructL(CIkev1Dialog *aDialog)
+{
+ CTimer::ConstructL();
+ iDialog = aDialog;
+ After(90*1000000); //Start dialog timer
+}
+
+void CDialogTimeout::DoCancel()
+{
+ DEBUG_LOG(_L("CDialogTimeout cancelled"));
+ CTimer::DoCancel();
+}
+
+void CDialogTimeout::RunL()
+{
+ DEBUG_LOG(_L("CKmdDialog timeout occurred"));
+ TInt delete_dialog = 1;
+ CIkev1Dialog* NextDialog = iDialog->NextDialog();
+ MIkeDialogComplete* Callback = iDialog->Callback();
+
+ if ( Callback )
+ {
+ TInt err;
+ DEBUG_LOG2(_L("Calling DialogCompleteL(), UserInfo = %x, Callback = %x"), (TUint32)iDialog->UserInfo(), (TUint32)Callback);
+ TRAP(err, delete_dialog = Callback->DialogCompleteL(iDialog,
+ iDialog->UserInfo(),
+ NULL, //User name
+ NULL, //Password
+ NULL)); //domain
+ DEBUG_LOG2(_L("DialogCompleteL() completed, err = %d, delete_dialog = %d"), err, delete_dialog);
+ if ( err != KErrNone )
+ delete_dialog = 1;
+ }
+ if ( delete_dialog )
+ {
+ delete iDialog;
+ iDialog = NULL;
+ }
+
+ //
+ // Start a dialog from wait queue if there is some
+ //
+ if ( NextDialog )
+ {
+ DEBUG_LOG(_L("Next dialog started from dialog timer"));
+ NextDialog->StartDialogL();
+ }
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1extra.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,501 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Key management daemon extra module.
+*
+*/
+
+
+#include <e32math.h>
+
+#include "ikev1extra.h"
+
+//////////////////////////////////////////////////////////////7
+//
+// Global functions
+//
+//Puts the data in the descriptor into a TInt64
+TInt Desc8ToTInt64(const TDesC8 &aLifetime, TInt64 &aTime)
+{
+ TUint32 high,low;
+
+ //Seconds lifetime
+ //TAttrib_II *attr_II = aProp->iAttrList->At(0); //presume only 1 transform for each proposal
+ TUint len = aLifetime.Length();
+ TInt high_len = 0;
+ if (len > 0)
+ {
+ if (len > sizeof(aTime))
+ {
+ //LogError(_L("Phase_II Lifetime(sec) Overflowed Setting to maximum value"));
+ aTime = MAKE_TINT64(KMaxTInt,KMaxTUint);
+ return KErrOverflow;
+ }
+ else
+ {
+ if (len <= sizeof(TUint))
+ high = 0;
+ else
+ {
+ high_len = len - sizeof(TUint);
+ Mem::Copy(&high, aLifetime.Ptr(), high_len); //The first total_length - sizeof(TUint) bytes
+ high = ByteOrder::Swap32(high);
+ high = high >> (sizeof(TUint)*8 - len*8); //To set the correct value (shift in bits)
+ len = sizeof(TUint); //remaining length
+ }
+
+ Mem::Copy(&low, aLifetime.Ptr() + high_len , len);
+ low = ByteOrder::Swap32(low);
+ low = low >> (sizeof(TUint)*8 - len*8); //To set the correct value (shift in bits)
+ aTime = MAKE_TINT64(high,low );
+ }
+ }
+ else
+ aTime = 0;
+
+ return KErrNone;
+}
+
+//Creates an addr. mask of aPrefixLen length
+void PrefixMask(TInetAddr &anAddr, TInt aPrefixLen, TInt aFamily)
+{
+ if (aFamily == STATIC_CAST(TInt, KAfInet))
+ {
+ TUint32 addr = 0;
+ if ( aPrefixLen ) {
+ addr = INET_ADDR(255,255,255,255);
+ addr <<= 32 - aPrefixLen;
+ }
+ anAddr.SetAddress(addr);
+ anAddr.SetFamily(KAfInet);
+ }
+ else //KAfInet6
+ anAddr.PrefixMask(aPrefixLen); //This method only works for IPv6
+
+}
+
+TInt PrefixLen(TInetAddr& anAddr)
+{
+ TIp6Addr ip6addr = anAddr.Ip6Address();
+ TInt length;
+ TInt i;
+
+ switch (anAddr.Family())
+ {
+ case KAfInet:
+ TReal bit;
+ TInt err;
+ TInt mask8;
+
+ length = 32;
+
+ for (i = 0; i < length; i++)
+ {
+ err = Math::Pow(bit,2,i % 8);
+ if (err != KErrNone)
+ return err;
+ mask8 = ip6addr.u.iAddr8[(TInt)(i/8)] & (TInt)bit;
+ if (mask8 == (TInt)bit) //The bit is 1
+ break;
+ }
+
+ return length - i;//length of the mask
+
+ case KAfInet6:
+ i = 3; // index to a n-bit chunk of an address
+ length = 128; // first assumption on length of the prefix
+
+ // start counting the 32 bit zero chunks from end
+ while (ip6addr.u.iAddr32[i] == 0)
+ {
+ length -= 32;
+ if (--i < 0)
+ return 0; // zero length prefix
+ }
+
+ // switch to 16 bit chunks
+ i = i * 2 + 1;
+ if (ip6addr.u.iAddr16[i] == 0)
+ {
+ length -= 16;
+ i--;
+ }
+
+ // switch to 8 bit chunks
+ i = i * 2 + 1;
+ if (ip6addr.u.iAddr8[i] == 0)
+ {
+ length -= 8;
+ i--;
+ }
+
+ // switch to 1 bit chunks
+ {
+ TUint8 octet = ip6addr.u.iAddr8[i];
+ for (i = 1; (octet & i) == 0; i <<= 1)
+ length--;
+ }
+
+ return length;
+
+ default:
+ return KErrNotSupported;
+ }
+}
+
+
+
+////////////////////////////////////////////////////////////////////////////////////
+//
+//class TAttrib
+//
+//aIsRelaxed indicates theat the lifetimes won't be compared
+TInt TAttrib::Compare(TAttrib& aAttr, TBool aIsRelaxed)
+{
+ if (iTransformID != aAttr.iTransformID)
+ return KErrTransformID;
+ if (iEncrAlg != aAttr.iEncrAlg)
+ return KErrEncrAlg;
+ if (iHashAlg != aAttr.iHashAlg)
+ return KErrHashAlg;
+ if (iAuthMethod != aAttr.iAuthMethod)
+ return KErrAuthMethod;
+ if (iGroupDesc != aAttr.iGroupDesc)
+ return KErrGroupDesc;
+ if ((iGroupType != aAttr.iGroupType) &&
+ (!(iGroupType == 0) && (aAttr.iGroupType == MODP))) //MODP is the default type so is the same as 0
+ return KErrGroupType;
+ if (iGroupPrime.Compare(aAttr.iGroupPrime)!=0)
+ return KErrGroupPrime;
+ if (iGroupGen1.Compare(aAttr.iGroupGen1)!=0)
+ return KErrGroupGen1;
+ if (iGroupGen2.Compare(aAttr.iGroupGen2)!=0)
+ return KErrGroupGen2;
+ if (iGroupCurveA.Compare(aAttr.iGroupCurveA)!=0)
+ return KErrGroupCurveA;
+ if (iGroupCurveB.Compare(aAttr.iGroupCurveB)!=0)
+ return KErrGroupCurveB;
+ if (iPRF != aAttr.iPRF)
+ return KErrPRF;
+ if (iKeyLength != aAttr.iKeyLength)
+ {
+ if ( iEncrAlg != AES_CBC )
+ return KErrKeyLength;
+ else
+ {
+ if ( !( aIsRelaxed && (iKeyLength == 128) && (aAttr.iKeyLength == 0)) )
+ return KErrKeyLength;
+ }
+
+ }
+ if (iFieldSize != aAttr.iFieldSize)
+ return KErrFieldSize;
+ if (iGroupOrder.Compare(aAttr.iGroupOrder)!=0)
+ return KErrGroupOrder;
+
+ if (!aIsRelaxed) //If relaxed lifetimes don't need to match
+ {
+ if (iLifeDurationSecs.Compare(aAttr.iLifeDurationSecs)!=0)
+ return KErrLifeTime;
+ if (iLifeDurationKBytes.Compare(aAttr.iLifeDurationKBytes)!=0)
+ return KErrLifeSize;
+ }
+ return KErrNone;
+}
+
+//
+//class CTransModifierList : public CArrayPtr<TTransModifier>
+//
+CTransModifierList::CTransModifierList(TInt aGranularity) : CArrayPtrFlat<TTransModifier>(aGranularity)
+{
+
+}
+
+CTransModifierList::~CTransModifierList()
+{
+ ResetAndDestroy();
+}
+
+//
+//class TAttrib_II
+//
+TAttrib_II::TAttrib_II()
+{
+ iTransformNum=0;
+ iTransformID=0;
+ iGroupDesc=0;
+ iEncMode=0;
+ iAuthAlg=0;
+ iKeyLength=0;
+ iKeyRounds=0;
+ iComprDicSize=0;
+};
+
+TInt TAttrib_II::Compare(TAttrib_II& aAttr, TBool aRelaxed)
+{
+ TBuf8<MAX_ALG_DATA> iComprPrivAlg;
+
+// if (iTransformNum != aAttr.iTransformNum) //Transform number
+// return KErrTransformNum; // Test retired
+ if ( iTransformID != aAttr.iTransformID ) //Transform ID
+ return KErrTransformID;
+
+ if ((iGroupDesc != aAttr.iGroupDesc) &&
+ (!(iGroupDesc == 0) && (aAttr.iGroupDesc == MODP_768))) //OAKLEY GROUP
+ return KErrGroupDesc;
+ if (iEncMode != aAttr.iEncMode) //Encapsulation Mode
+ return KErrEncMode;
+ if (iAuthAlg != aAttr.iAuthAlg) //HMAC
+ return KErrAuthAlg;
+
+ if (iKeyLength != aAttr.iKeyLength)
+ {
+ if ( iTransformID != ESP_AES_CBC )
+ return KErrKeyLength;
+ else
+ {
+ if (!( ((iKeyLength == 128) && (aAttr.iKeyLength == 0) )
+ ||
+ ((iKeyLength == 0) && (aAttr.iKeyLength == 128) ) ))
+ return KErrKeyLength;
+ }
+ }
+
+ if (iKeyRounds != aAttr.iKeyRounds)
+ {
+ if ( iTransformID != ESP_AES_CBC )
+ return KErrKeyRounds;
+ if ( (iKeyRounds != 0 || aAttr.iKeyRounds != 10) // 10 AES default rounds
+ &&
+ (iKeyRounds != 10 || aAttr.iKeyRounds != 0) )
+ return KErrKeyRounds;
+ }
+ if (iComprDicSize != aAttr.iComprDicSize) //Compress Dictionary size
+ return KErrComprDicSize;
+ if (iComprPrivAlg.Compare(aAttr.iComprPrivAlg)!=0)
+ return KErrComprPrivAlg;
+
+ if (!aRelaxed)
+ {
+ if (iLifeDurationSecs.Compare(aAttr.iLifeDurationSecs)!=0)
+ return KErrLifeTime;
+ if (iLifeDurationKBytes.Compare(aAttr.iLifeDurationKBytes)!=0)
+ return KErrLifeSize;
+ }
+ return KErrNone;
+}
+
+void TAttrib_II::Copy(TAttrib_II &aAttr)
+{
+ iTransformNum = aAttr.iTransformNum; //Transform number
+ iTransformID = aAttr.iTransformID; //Transform ID
+ iLifeDurationSecs.Copy(aAttr.iLifeDurationSecs);
+ iLifeDurationKBytes.Copy(aAttr.iLifeDurationKBytes);
+ iGroupDesc = aAttr.iGroupDesc; //OAKLEY GROUP
+ iEncMode = aAttr.iEncMode; //Encapsulation Mode
+ iAuthAlg = aAttr.iAuthAlg; //HMAC
+ iKeyLength = aAttr.iKeyLength;
+ iKeyRounds = aAttr.iKeyRounds;
+ iComprDicSize = aAttr.iComprDicSize; //Compress Dictionary size
+ iComprPrivAlg.Copy(aAttr.iComprPrivAlg);
+}
+
+//
+//class CAttrib_IIList
+//
+
+CAttrib_IIList::CAttrib_IIList(TInt aGranularity) : CArrayPtrFlat<TAttrib_II>(aGranularity)
+{
+
+}
+
+CAttrib_IIList::~CAttrib_IIList()
+{
+ ResetAndDestroy();
+}
+
+//
+//class CProposal_II
+//
+
+void CProposal_II::ConstructL(TInt aGranularity)
+{
+ iAttrList = new (ELeave) CAttrib_IIList(aGranularity); //Default to granularity 1
+}
+
+CProposal_II::~CProposal_II()
+{
+ delete iAttrList;
+}
+
+//Compares that aProp matches with one of the sets of attributes of this proposal and the Protocol
+//aRelaxed indicates if the comparison includes the lifetimes or not.
+//Returns KErrNotFound if no match or the transf num (>=0) if match
+TInt CProposal_II::Match(CProposal_II *aRemoteProp, TBool aRelaxed, TInt* aLocalNbr )
+{
+
+ if (iProtocol != aRemoteProp->iProtocol)
+ return KErrPropProtocol;
+
+ TInt ret = KErrNoTransforms;
+ TInt i, j, count2;
+ TInt count = iAttrList->Count();
+ //
+ // Compare all transforms in the peer proposal to the all local proposals defined
+ //
+ for (i = 0; i < count ; i++)
+ {
+ j = 0;
+ count2 = aRemoteProp->iAttrList->Count();
+
+ for (j = 0; j < count2 ; j++)
+ {
+ ret = iAttrList->At(i)->Compare(*aRemoteProp->iAttrList->At(j), aRelaxed);
+ if (ret == KErrNone) {
+ if ( aLocalNbr )
+ *aLocalNbr = i;
+ return j;
+ }
+ }
+ }
+ //No matching set of attributes
+ return ret; //return the last error
+}
+
+
+
+//
+//class CProposal_IIList
+//
+
+CProposal_IIList::CProposal_IIList(TInt aGranularity) : CArrayPtrFlat<CProposal_II>(aGranularity)
+{
+
+}
+
+CProposal_IIList::~CProposal_IIList()
+{
+ ResetAndDestroy();
+}
+
+//IMPORTANT: assume all the proposals in this have the same number so they are AND'd
+//If more than one proposal number in this the method won't work
+//aTransArray contains the num of transform matching for each proposal
+//Returns the Remote proposal num that matches (>=0) or an error (<0, see list)
+TInt CProposal_IIList::MultiMatchL(CProposal_IIList *aRemoteProp, TBool aRelaxed, CTransModifierList *aTransArray)
+{
+ CProposal_II *rem_prop; //remote proposal
+ TInt trans_num = KErrNoRemoteProposals;
+ TInt local_num;
+ TInt i1 = 0, i2;
+ TInt prop_numII = aRemoteProp->At(0)->iProposalNum; //Proposed by the peer
+
+ if ( Count() == 0 )
+ return KErrNoLocalProposals;
+
+ CProposal_II *prop1 = At(0); //First proposal in this
+ TInt count2 = aRemoteProp->Count();
+ TTransModifier *tmodif;
+
+ //loop through the remote proposals list. The local is restarted for every new remote proposal num.
+ for ( i2 = 0; i2 < count2 ; i2++ )
+ {
+ rem_prop = aRemoteProp->At(i2);
+
+ if ( rem_prop->iProposalNum == prop_numII )
+ {
+ // Find matching transform from proposal
+ trans_num = prop1->Match(rem_prop, aRelaxed, &local_num);
+
+ if ( trans_num >= 0 ) //There's a match
+ {
+ tmodif = new (ELeave) TTransModifier();
+ CleanupStack::PushL(tmodif);
+ tmodif->iPropNum = prop1->iProposalNum; // Store local proposal number
+ tmodif->iTransNum = trans_num; // Store remote transform index in proposal
+ tmodif->iReplayWindowLength = prop1->iReplayWindowLength; //to update SAD correctly
+ tmodif->iReducedLifeSecs.Set(prop1->iAttrList->At(local_num)->iLifeDurationSecs);
+ tmodif->iReducedLifeKBytes.Set(prop1->iAttrList->At(local_num)->iLifeDurationKBytes);
+ aTransArray->AppendL(tmodif); //add to the array and go for the next
+ CleanupStack::Pop(); //tmodif safe
+ if ( (i1 + 1) < Count() ) //still proposals left in 'this' list
+ {
+ prop1 = At(i1++);
+ if ( (i2 + 1) == count2 ) //last proposal
+ return KErrPropNumberMismatch; //No match because more local than remote proposals
+ continue;
+ }
+
+ if (i2 < (count2 - 1))
+ {
+ //No more local proposals and still remote left
+ if (aRemoteProp->At(i2+1)->iProposalNum == prop_numII)
+ { //num mismatch begin again the local proposals loop
+ i1 = 0;
+ prop1 = At(0); //First proposal in this
+ aTransArray->Reset(); //Empties all the array because the current match is not valid
+ for (i2++; i2 < count2 ; i2++) //go for next remote proposal and
+ {
+ rem_prop = aRemoteProp->At(i2);
+ if (rem_prop->iProposalNum != prop_numII)
+ {
+ prop_numII = rem_prop->iProposalNum; //new proposal number to consider
+ i2--; //To fetch the correct proposal at the begining of the external loop
+ break; //next number found break the loop
+ }
+ }
+ continue; //Main loop continues
+ }
+ }
+
+ break; //Loop finished. Acceptable proposal found !
+ }
+ else //No transform matches so proposals lists don't match
+ { //look for the next remote proposal group (number)
+ i1 = 0;
+ prop1 = At(0); //First proposal in this
+ aTransArray->Reset(); //Empties all the array because the current match is not valid
+ i2++; //next proposal
+ if (i2 == count2)
+ return trans_num; //Error in the last transform
+ for (; i2 < count2 ; i2++)
+ {
+ rem_prop = aRemoteProp->At(i2);
+ if ( rem_prop->iProposalNum != prop_numII )
+ {
+ prop_numII = rem_prop->iProposalNum; //new proposal number to consider
+ i2--; //To fetch the correct proposal at the begining of the external loop
+ break; //next number found break the loop
+ }
+ }
+ continue; //Main loop continues
+ }
+ }
+ else //New group of AND'd remote proposals
+ {
+ i1 = 0;
+ prop1 = At(0);
+ prop_numII = rem_prop->iProposalNum; //new proposal num
+ aTransArray->Reset(); //Empties all the array
+ i2 --; //To fetch the correct proposal at the begining of the external loop
+ }
+
+ }
+
+ if ( trans_num >= 0 )
+ {
+ return prop_numII; //Remote proposal num that matches
+ }
+ //Otherwise fails the comparison
+ return trans_num; //No match. Returns last error in a transform
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1infonegotiation.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,363 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkev1InfoNegotiation class
+*
+*/
+
+#include <vpnlogmessages.rsg>
+
+#include "ikev1infonegotiation.h"
+#include "ikev1negotiation.h"
+#include "ikev1SAdata.h"
+#include "ikev1isakmpct.h"
+#include "ikedebug.h"
+#include "ikev1pluginsession.h"
+#include "ikev1negotiation.h"
+#include "ikev1crypto.h"
+#include "ikev1payload.h"
+#include "ikev1crack.h"
+#include "ikev1trans.h"
+#include "kmdapi.h"
+#include "kmdeventloggerif.h"
+
+
+CIkev1InfoNegotiation::CIkev1InfoNegotiation( CIkev1PluginSession& aPluginSession,
+ CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug )
+ : iPluginSession( aPluginSession ),
+ iNegotiation( aNegotiation ),
+ iDebug( aDebug )
+{
+}
+
+#ifdef _DEBUG
+void CIkev1InfoNegotiation::ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort )
+#else
+void CIkev1InfoNegotiation::ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& /*aSrcAddr*/,
+ TInt /*aLocalPort*/ )
+#endif
+{
+ const ThdrISAKMP *hdr = NULL;
+ TUint8 *msg=NULL;
+ TBuf8<IKEV1_MAX_IV_SIZE> tmp_IV; //Temporal IV. Used to update the real one if the msg OK
+
+ iMessageId = aHdr.GetMessageId(); //Saves the ID to compute IV and hash
+ if (aHdr.GetFlags() & ISAKMP_HDR_EFLAG) //if encrypted
+ {
+ DEBUG_LOG(_L("Received message (encr)."));
+ msg = new (ELeave) TUint8[aHdr.GetLength()]; //to place the new msg
+ CleanupStack::PushL(msg);
+
+ Mem::Copy(msg,(TUint8 *)&aHdr, sizeof(aHdr)); //The header is not encrypted
+
+ DEBUG_LOG(_L("Message ID recv:"));
+#ifdef _DEBUG
+ TUint32 swap_id = ByteOrder::Swap32(iMessageId);
+ DEBUG_LOG_ARRAY((TUint8 *)&swap_id, sizeof(iMessageId));
+ DEBUG_LOG(_L("Notif IV:"));
+#endif // _DEBUG
+ //Notify and Phase II requires a recomputing of IV
+
+ if (iNegotiation.iLastIV.Length() != 0)
+ tmp_IV.Copy(iNegotiation.iLastIV);
+ else //iLastIV not yet computed so current iIV is used
+ tmp_IV.Copy(iNegotiation.iIV);
+ iNegotiation.ComputeIVL(tmp_IV, iMessageId);
+
+ DEBUG_LOG(_L("Decrypting..."));
+
+ DecryptL((TUint8 *)aHdr.Next(),&msg[sizeof(aHdr)], aHdr.GetLength()-sizeof(aHdr), tmp_IV, iNegotiation.iSKEYID_e, iNegotiation.iChosenProposal_I.iAttrList->iEncrAlg);
+ hdr=(ThdrISAKMP *)msg; //decrypted msg
+ }
+ else
+ hdr = &aHdr;
+
+ DEBUG_LOG(_L("Received message."));
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8*)hdr,(TUint16)hdr->GetLength() );
+ TInetAddr localAddr;
+ iPluginSession.GetLocalAddress( localAddr );
+ localAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, aSrcAddr, localAddr );
+#endif // _DEBUG
+ InfoExchangeL(*hdr);
+ if (msg) //If used erase it (when encryption)
+ CleanupStack::PopAndDestroy();
+}
+
+MKmdEventLoggerIf& CIkev1InfoNegotiation::EventLogger()
+{
+ return iPluginSession.EventLogger();
+}
+
+//No phase dependant. May inform of an error or general status info
+void CIkev1InfoNegotiation::InfoExchangeL(const ThdrISAKMP &aHdr)
+{
+ iNegotiation.iLengthLeft = aHdr.GetLength(); //Used to check the size in the payload are OK
+
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, iNegotiation, iDebug);
+ if (!payload)
+ return;
+ CleanupStack::PushL(payload);
+
+ TInt i;
+ TBool notif_ok = EFalse;
+ //If the message contains a hash
+ if ( payload->iHash )
+ {
+ if ( payload->iNotifs->Count() )
+ {
+ //Checks if the hash value is OK. Here because need the notification payload
+ if (!iNegotiation.VerifyInformationalHashL(payload->iHash, payload->iNotifs->At(0), iMessageId))
+ {
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED (Informational hash)"));
+ iNegotiation.SendNotifyL(AUTHENTICATION_FAILED);
+ }
+ else //Hash OK
+ {
+ i = 0;
+ while ( i < payload->iNotifs->Count() )
+ {
+ notif_ok = ProcessNotificationL(payload->iNotifs->At(i), ETrue);
+ if ( !notif_ok )
+ break;
+ i ++;
+ }
+ }
+ }
+ else if ( payload->iDeletes->Count() )
+ {
+ if (!iNegotiation.VerifyInformationalHashL(payload->iHash, payload->iDeletes->At(0), iMessageId))
+ {
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED (Informational hash)"));
+ iNegotiation.SendNotifyL(AUTHENTICATION_FAILED);
+ }
+ else
+ { //Hash OK
+ if ( !iNegotiation.iAutoLogin && iNegotiation.iCRACKneg )
+ iNegotiation.iCRACKneg->CrackAuthenticationFailedL(NULL);
+ if ( !iNegotiation.iAutoLogin && iNegotiation.iTransactionNeg )
+ iNegotiation.iTransactionNeg->TransactionFailedL(NULL);
+ i = 0;
+ while ( i < payload->iDeletes->Count() )
+ {
+ notif_ok = ProcessDeleteL(payload->iDeletes->At(0));
+ if (!notif_ok)
+ break;
+ i ++;
+ }
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("PAYLOAD_MALFORMED (no hash or delete payload)"));
+ iNegotiation.SendNotifyL(PAYLOAD_MALFORMED);
+ }
+ }
+ else //No hash sent
+ {
+ if (aHdr.GetFlags() & ISAKMP_HDR_EFLAG) //if encrypted
+ {
+ DEBUG_LOG(_L("PAYLOAD_MALFORMED (Hash required)"));
+ iNegotiation.SendNotifyL(PAYLOAD_MALFORMED);
+ }
+ else //Not encrypted so not hash required
+ {
+ i = 0;
+ while ( i < payload->iNotifs->Count() )
+ {
+ notif_ok = ProcessNotificationL(payload->iNotifs->At(i), EFalse);
+ if ( !notif_ok )
+ break;
+ i ++;
+ }
+ }
+ }
+
+ if ( notif_ok ) {
+ const TNotificationISAKMP* notif = NULL;
+ if ( payload->iNotifs->Count() )
+ notif = payload->iNotifs->At(0);
+ if ( iNegotiation.iCRACKneg ) {
+ if ( !iNegotiation.iAutoLogin )
+ iNegotiation.iCRACKneg->CrackAuthenticationFailedL(notif);
+ iNegotiation.SetErrorStatus(KKmdIkeAuthFailedErr);
+ iNegotiation.AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+ }
+ if ( iNegotiation.iTransactionNeg ) {
+ if ( !iNegotiation.iAutoLogin )
+ iNegotiation.iTransactionNeg->TransactionFailedL(notif);
+ iNegotiation.SetErrorStatus(KKmdIkeAuthFailedErr);
+ iNegotiation.AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+
+}
+
+
+//Handles Notification Payload
+TBool CIkev1InfoNegotiation::ProcessNotificationL(const TPayloadISAKMP *aPayload, TBool aEncrypted)
+{
+#ifdef _DEBUG
+ TBuf<80> str;
+#endif // _DEBUG
+ TNotificationISAKMP *notif = TNotificationISAKMP::Ptr(aPayload);
+ if (!iNegotiation.CheckDOI(notif->GetDOI()))
+ {
+ DEBUG_LOG(_L("DOI_NOT_SUPPORTED in NOT Payload Message."));
+ return EFalse;
+ }
+ TBool Status;
+ TUint16 MsgType = notif->GetMsgType();
+
+ if ( (MsgType == DPD_R_U_THERE || MsgType == DPD_R_U_THERE_ACK) && aEncrypted )
+ {
+ return ProcessDPDNotifyL(notif);
+ }
+
+ if ( MsgType <= UNEQUAL_PAYLOAD_LENGTHS )
+ {
+#ifdef _DEBUG
+ str.Copy(_L("Error/Status Type: "));
+#endif // _DEBUG
+ Status = ETrue;
+ iNegotiation.SetNotifyStatus(MsgType);
+
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_ERR_RESP_RECEIVED,
+ MsgType,
+ iPluginSession.VpnIapId(),
+ &(iNegotiation.iRemoteAddr) );
+ }
+ else
+ {
+#ifdef _DEBUG
+ str.Copy(_L("Unexpected info notification: "));
+#endif // _DEBUG
+ Status = EFalse;
+ }
+#ifdef _DEBUG
+ str.Append(CIkev1Negotiation::TextNotifyType(MsgType));
+ DEBUG_LOG(str);
+#endif // _DEBUG
+ return Status;
+}
+
+//
+// Process DPD R-U_THERE / R-U-THERE-ACK
+// When a R-U-THERE notify received it processes as follows:
+// -- Find an ISAKMP SA with SPI in notify message
+// -- Pass DPD notify message for further processing into
+// CIkev1Negotiation::NotifyMessageReceived() via iNegotiation reference
+//
+TBool CIkev1InfoNegotiation::ProcessDPDNotifyL(TNotificationISAKMP* aNotify)
+{
+
+ if ( aNotify->GetSPISize() == (2 * ISAKMP_COOKIE_SIZE) && (aNotify->GetNotifDataSize() == 4))
+ {
+ TCookie cookie_I, cookie_R;
+ cookie_I.Copy(aNotify->GetSPI(), ISAKMP_COOKIE_SIZE);
+ cookie_R.Copy((aNotify->GetSPI() + ISAKMP_COOKIE_SIZE), ISAKMP_COOKIE_SIZE);
+
+ TIkev1SAData* Sa = iPluginSession.FindIkev1SAData(cookie_I, cookie_R);
+ if ( !Sa )
+ {
+ Sa = iPluginSession.FindIkev1SAData(cookie_R, cookie_I);
+#ifdef _DEBUG
+ if (Sa) DEBUG_LOG(_L("ISAKMP SA found for DPD notify message with CKY_R+CKY_I"));
+#endif // _DEBUG
+ }
+ if ( Sa && Sa->iDPDSupported )
+ {
+ TUint32 Sequence = GET32(aNotify->GetNotifData());
+ iNegotiation.DpdNotifyMessageReceivedL(Sa, aNotify->GetMsgType(), Sequence);
+ }
+#ifdef _DEBUG
+ else DEBUG_LOG(_L("No ISAKMP SA found for DPD notify message"));
+#endif // _DEBUG
+ }
+#ifdef _DEBUG
+ else DEBUG_LOG(_L("Illegal SPI- or notify data length in DPD message"));
+#endif // _DEBUG
+
+ return EFalse;
+}
+
+//Handles Delete Payload
+TBool CIkev1InfoNegotiation::ProcessDeleteL(const TPayloadISAKMP *aPayload)
+{
+TDeleteISAKMP *delete_payload = TDeleteISAKMP::Ptr(aPayload);
+
+#ifdef _DEBUG
+ TBuf<1200> msg;
+ DEBUG_LOG(_L("Delete Payload received!!!"));
+ delete_payload->String(msg);
+ DEBUG_LOG(msg);
+#endif // _DEBUG
+ if (!iNegotiation.CheckDOI(delete_payload->DOI()))
+ {
+ DEBUG_LOG(_L("DOI_NOT_SUPPORTED in delete payload"));
+ return EFalse;
+ }
+
+ TUint8 protocol = delete_payload->Protocol();
+ TUint32 spi;
+ TInetAddr remote_addr(iNegotiation.iRemoteAddr);
+ remote_addr.SetPort(KInetPortAny);
+
+ TInt err = KErrNone;
+ if ( protocol == PROTO_ISAKMP )
+ {
+ iPluginSession.DeleteISAKMPSAsL( delete_payload, iNegotiation );
+ }
+ else //IPSEC AH or ESP (others will be discarded by the kernel)
+ {
+ if (delete_payload->SPISize() != sizeof(TUint32))
+ {
+ DEBUG_LOG(_L("Bad SPI Size for a IPsec SA. (SA Not deleted)"));
+ }
+ TIpsecSPI IpsecSpi;
+ for (TInt i=0; i < delete_payload->NumSPI(); i++) //Shouldn't be more than one
+ {
+ Mem::Copy((TUint8*)&spi, delete_payload->SPI(i),sizeof(TUint32));
+ if (err == KErrNone)
+ {
+ //The right one is the Outbound(Local->Remote) one to avoid sending when deleted at the other side
+ //The opposite if sending a Delete
+ IpsecSpi.iSrcAddr = iNegotiation.iLocalAddr;
+ IpsecSpi.iDstAddr = remote_addr;
+ IpsecSpi.iSPI = spi;
+ IpsecSpi.iProtocol = protocol;
+ IpsecSpi.iInbound = EFalse;
+ if (iPluginSession.DeleteIpsecSpi(iNegotiation.SAId(), spi, EFalse))
+ {
+ DEBUG_LOG(_L("Deleting IPsec SA"));
+ iPluginSession.DeleteIpsecSA(IpsecSpi.iSPI, IpsecSpi.iSrcAddr, IpsecSpi.iDstAddr,
+ IpsecSpi.iProtocol);
+ }
+ }
+ else
+ {
+ DEBUG_LOG1(_L("IPsec SA with SPI=%x not deleted"), ByteOrder::Swap32(spi));
+ }
+ }
+ }
+
+ return ETrue;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1isakmpstream.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1373 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Stream class implementation for ISAKMP
+*
+*/
+
+
+#include "ikev1isakmpstream.h"
+#include "ikemsgheader.h"
+#include "ikev1negotiation.h"
+#include "ikedebug.h"
+#include "ikev1trans.h"
+#include "ikecalist.h"
+#include "ikecaelem.h"
+#include "ikepolparser.h"
+#include "ikev1crypto.h"
+#include "ikev1pkiservice.h"
+#include "ikev1private.h"
+#include "ikepkiutils.h"
+#include "ikev1natdiscovery.h"
+
+//
+// TIkev1IsakmpStream
+//
+
+TIkev1IsakmpStream::TIkev1IsakmpStream( MIkeDebug& aDebug )
+ : iDebug( aDebug )
+ {
+ }
+
+void TIkev1IsakmpStream::IsakmpInit(CIkev1Negotiation *aSession)
+{
+ ThdrISAKMP hdr;
+
+ iError = EFalse;
+ iNegotiation = aSession; //stores it to avoid passing it for all the functions
+ DEBUG_LOG(_L("[HDR]"));
+ hdr.SetCookieI(iNegotiation->iCookie_I);
+ hdr.SetCookieR(iNegotiation->iCookie_R);
+ hdr.SetPayload(0); //Is set later through the pointer iNextPayload
+ hdr.SetVersion(0x10); //MAJOR=1 MINOR=0
+ hdr.SetExchange(iNegotiation->iExchange);
+ hdr.SetFlags(iNegotiation->iFlags);
+ if ((iNegotiation->iExchange == ISAKMP_EXCHANGE_ID) || (iNegotiation->iExchange == ISAKMP_EXCHANGE_AGGR))
+ hdr.SetMessageId(0);
+ else //QUICK mode ,INFORMATIONAL Mode or Transaction exchange
+ hdr.SetMessageId(iNegotiation->iMessageId);
+
+ iBuf.SetLength(0); //Set correctly when sending SendL()
+ iBuf.Copy((TUint8 *)&hdr, sizeof(hdr)); //Always called the first so not Append
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + 16); //saves the adress.
+ //Will be filled by the next called function
+}
+
+
+void TIkev1IsakmpStream::IsakmpSa()
+{
+ TSAISAKMP sa;
+ DEBUG_LOG(_L("[SA]"));
+ sa.SetPayload(0); //Not proposal or transform RFC. After reserved is already 0
+ sa.SetDOI(iNegotiation->iDOI); //Always the same. Otherwise should be the one contained in CIkev1Negotiation
+ sa.SetSIT(IPSEC_SIT_IDENTITY_ONLY); //That means no Labeled Domain Identifier
+
+ *iNextPayload = ISAKMP_PAYLOAD_SA; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ //Will be filled by the next called function
+
+ TUint16 pos=(TUint16)iBuf.Length(); //save the position to know the total size later and insert it
+ iBuf.SetLength(pos + sizeof(sa)); //leave room to insert later the proposal
+ //including the SPI
+ IsakmpProposal();
+ sa.SetLength((TUint16)(iBuf.Length() - pos));
+ TBuf8<sizeof(sa)> aux;
+ aux.Append((TUint8 *)&sa, sizeof(sa));
+ iBuf.Replace(pos,aux.Length(),aux);
+
+}
+
+//SPI not included yet.
+//Sends msg stage 2. Should be used for phase 2 as well
+void TIkev1IsakmpStream::IsakmpProposal()
+{
+ TProposalISAKMP proposal;
+ TUint16 pos = 0;
+ TUint8 next_payload = ISAKMP_PAYLOAD_T; // default: more than one transform
+
+ if (iNegotiation->iPhase == PHASE_I)
+ {
+ TProposal *prop;
+
+ if (iNegotiation->iRole==INITIATOR)
+ {
+ prop=&iNegotiation->iProposal_I;
+ }
+ else
+ {
+ prop=&iNegotiation->iChosenProposal_I;
+ }
+ proposal.SetPayload(ISAKMP_PAYLOAD_NONE); //Only one proposal
+ proposal.SetNum(prop->iProposalNum);
+ proposal.SetProtocol(prop->iProtocol);
+ proposal.SetSPISize(0);
+ proposal.SetNumTrans(prop->iNumTransforms);
+ pos=(TUint16)iBuf.Length(); //save the position to insert later
+ //including the SPI
+ iBuf.SetLength(pos + sizeof(proposal)); //leave room to insert later the proposal
+ TAttrib *attr=prop->iAttrList;
+ for (TInt i=0; i < proposal.GetNumTrans(); i++) //Adds all the transforms
+ {
+ if ( !attr->iNext )
+ next_payload = ISAKMP_PAYLOAD_NONE; // Last trasnform
+ IsakmpTransform((TUint8 *)attr, next_payload);
+ attr=attr->iNext;
+ }
+ proposal.SetLength((TUint16)(iBuf.Length() - pos));
+ TBuf8<sizeof(proposal) + MAX_SPI_SIZE> aux;
+ aux.Append((TUint8 *)&proposal, sizeof(proposal));
+ //aux.Append(prop->iSPI); //insert the SPI
+ iBuf.Replace(pos,aux.Length(),aux);
+ return;
+ }
+
+ //PHASE_II
+ TAttrib_II *attr_II=NULL;
+ CProposal_IIList *propII_List = NULL;
+ CProposal_II *propII = NULL;
+ TBuf8<MAX_SPI_SIZE> SPI;
+ TInt i, index = 0;
+ TUint32 in_spi;
+ TUint8 num_transforms;
+ CArrayFixFlat<TSPINode> *list = iNegotiation->iInboundSPIList;
+
+ if (iNegotiation->iRole==INITIATOR)
+ propII_List = iNegotiation->iProposal_IIList;
+ else //RESPONDER
+ {
+ for (index = 0; index < list->Count(); index++)
+ {
+ if (list->At(index).iPropNum == iNegotiation->iProposalNum)
+ break;
+ }
+ propII_List = iNegotiation->iChosenProp_IIList;
+ }
+
+ TInt count = propII_List->Count();
+
+ for (i = 0; i < count; i++)
+ {
+ propII = propII_List->At(i);
+ //Choose the correct SPI
+ if (iNegotiation->iRole==INITIATOR)
+ SPI = propII->iSPI;
+ else //RESPONDER
+ {
+ in_spi = list->At(index).iSPI;
+ SPI.Copy((TUint8 *)&in_spi, sizeof(TUint32));
+ index++;
+ }
+
+ if (i == count - 1) //Last proposal
+ proposal.SetPayload(ISAKMP_PAYLOAD_NONE);
+ else //There are more
+ proposal.SetPayload(ISAKMP_PAYLOAD_P);
+
+ num_transforms = propII->iNumTransforms;
+ proposal.SetNum(propII->iProposalNum);
+ proposal.SetProtocol(propII->iProtocol);
+ proposal.SetNumTrans(num_transforms);
+ proposal.SetSPISize((TUint8)SPI.Length()); //The chosen contains the inbound SPI
+ pos=(TUint16)iBuf.Length(); //save the position to insert later
+ iBuf.SetLength(pos + sizeof(proposal) + proposal.GetSPISize()); //leave room to insert later the proposal
+ //including the SPI
+ for (TInt j = 0; j < num_transforms; j++) //Adds all the transforms
+ {
+ attr_II = propII->iAttrList->At(j);
+ if ( (num_transforms - j) == 1 )
+ next_payload = ISAKMP_PAYLOAD_NONE; // Last trasnform
+ IsakmpTransform((TUint8 *)attr_II, next_payload);
+ }
+ proposal.SetLength((TUint16)(iBuf.Length() - pos));
+ TBuf8<sizeof(proposal) + MAX_SPI_SIZE> aux;
+ aux.Append((TUint8 *)&proposal, sizeof(proposal));
+ aux.Append(SPI); //insert the SPI
+ iBuf.Replace(pos, aux.Length(), aux);
+
+ }
+
+}
+
+//Transform data received as TUint8 to allow both TAttrib and TAttrib_II
+void TIkev1IsakmpStream::IsakmpTransform(TUint8 *aTransform, TUint8 aNextPayload)
+{
+ TTransformISAKMP transf;
+
+ //transf.SetNum(1);//SHOULD BE the selected transform but Linux doesn't let it use it!!!
+ if (iNegotiation->iPhase == PHASE_I)
+ {
+ TAttrib *attr=(TAttrib *)aTransform;
+ transf.SetNum(attr->iTransformNum);
+ transf.SetID(attr->iTransformID);
+ transf.SetPayload(aNextPayload);
+ }
+ else //PHASE_II
+ {
+ TAttrib_II *attr_II=(TAttrib_II *)aTransform;
+ transf.SetNum(attr_II->iTransformNum);
+ transf.SetID(attr_II->iTransformID);
+ transf.SetPayload(aNextPayload);
+ }
+
+ TInt pos=iBuf.Length(); //save the position to insert later
+ iBuf.SetLength(pos + sizeof(transf)); //leave room to insert later
+ IsakmpAttrib(aTransform);
+ transf.SetLength((TUint16)(iBuf.Length() - pos));
+ TBuf8<sizeof(transf)> aux;
+ aux.Append((TUint8 *)&transf, sizeof(transf));
+ iBuf.Replace(pos,aux.Length(),aux);
+}
+
+
+//Creates a data payload with the desired SA attributes. either Phase I or II
+void TIkev1IsakmpStream::IsakmpAttrib(TUint8 *aTransform)
+{
+ if (iNegotiation->iPhase == PHASE_I)
+ IsakmpAttrib1((TAttrib *)aTransform);
+ else //PHASE_II
+ IsakmpAttrib2((TAttrib_II *)aTransform);
+}
+
+//Phase_I attributes
+void TIkev1IsakmpStream::IsakmpAttrib1(TAttrib *aTransform)
+{
+ TDataISAKMP attr;
+ TUint length;
+ TUint16 val;
+ TAttrib trans;
+
+ trans=*aTransform;
+
+ val=trans.iEncrAlg;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_ENCR_ALG);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iHashAlg;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_HASH_ALG);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=CTransNegotiation::GetAuthMethod(trans.iAuthMethod, trans.iXauthUsed, trans.iRole);
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_AUTH_METH);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iGroupDesc;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_DESC);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iGroupType;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_TYPE);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ length=trans.iGroupPrime.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_PRIME);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupPrime);
+ }
+
+ length=trans.iGroupGen1.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_GEN1);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupGen1);
+ }
+
+ length=trans.iGroupGen2.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_GEN2);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupGen2);
+ }
+
+ length=trans.iGroupCurveA.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_CRVA);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupCurveA);
+ }
+
+ length=trans.iGroupCurveB.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_CRVB);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupCurveB);
+ }
+
+ length=trans.iLifeDurationSecs.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(SECONDS);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iLifeDurationSecs);
+
+ }
+
+ length=trans.iLifeDurationKBytes.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(KBYTES);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iLifeDurationKBytes);
+
+ }
+
+ val=trans.iPRF;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_PRF);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iKeyLength;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_KEY_LEN);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iFieldSize;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_FIELD_SIZE);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ length=trans.iGroupOrder.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_GROUP_ORDER);
+ attr.SetLength((TUint16)(sizeof(attr)+length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iGroupOrder);
+ }
+}
+
+
+//Phase_II attributes
+void TIkev1IsakmpStream::IsakmpAttrib2(TAttrib_II *aTransform)
+{
+ TDataISAKMP attr;
+ TUint length;
+ TUint16 val;
+
+ TAttrib_II trans=*aTransform;
+ length=trans.iLifeDurationSecs.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(SECONDS);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ attr.SetBasic(EFalse);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)length);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iLifeDurationSecs.Ptr(),trans.iLifeDurationSecs.Length());
+
+
+ }
+
+ length=trans.iLifeDurationKBytes.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(KBYTES);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ attr.SetBasic(EFalse);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)length);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iLifeDurationKBytes.Ptr(),trans.iLifeDurationKBytes.Length());
+
+ }
+
+ if (iNegotiation->iPFS)
+ { //Only sent if PFS in use. The same used in Phase I
+ val = trans.iGroupDesc;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_GROUP_DESC);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+ }
+
+ val=trans.iEncMode;
+ if (val != 0)
+ {
+ //
+ // If ESP UDP encapsulation required (because of NAT device in between)
+ // modify encapsulation type code values
+ //
+ if ( iNegotiation->iNAT_D_Flags ) {
+ if ( val == DOI_TUNNEL )
+ val = UDP_ENC_TUNNEL;
+ else val = UDP_ENC_TRANSPORT;
+ }
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_ENC_MODE);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iAuthAlg;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_AUTH_ALG);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iKeyLength;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_KEY_LEN);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iKeyRounds;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_KEY_ROUNDS);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ val=trans.iComprDicSize;
+ if (val != 0)
+ {
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_COMP_DIC_SIZE);
+ attr.SetValue(val);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ }
+
+ length=trans.iComprPrivAlg.Length();
+ if (length!=0)
+ {
+ attr.SetBasic(EFalse);
+ attr.SetType(DOI_ATTR_TYPE_COMP_PRIV_ALG);
+ attr.SetLength((TUint16)(length));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(trans.iComprPrivAlg);
+ }
+
+}
+
+
+//Adds the key payload to the buffer
+void TIkev1IsakmpStream::IsakmpKeyL()
+{
+ TKeyISAKMP key_payload;
+
+ if (!iNegotiation->ComputeDHPublicValueL()) //Computes the required key values. Needed to ComputeKeys
+ return; //No key payload generated
+ TPtrC8 key_ptr(iNegotiation->iOwnPublicKey_ptr);
+ TInt PadLth = 0;
+ TInt ModLth = iNegotiation->iOwnKeys->ModulusLength();
+ if ( ModLth > key_ptr.Length() )
+ {
+ PadLth = ModLth - key_ptr.Length();
+ DEBUG_LOG(_L("[KE(filled)]"));
+ }
+ DEBUG_LOG(_L("[KE]"));
+ key_payload.SetLength((TUint16)(sizeof(key_payload) + ModLth));
+ *iNextPayload = ISAKMP_PAYLOAD_KE; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)&key_payload, sizeof(key_payload));
+ if ( PadLth )
+ {
+ TChar zero(0);
+ iBuf.AppendFill(zero, PadLth); //Fill prepending zero bits to DH public value
+ }
+ iBuf.Append(key_ptr); //variable size DH public value
+}
+
+void TIkev1IsakmpStream::IsakmpOwnIdentL()
+{
+ IsakmpIdentL(ETrue);
+}
+
+void TIkev1IsakmpStream::IsakmpPeerIdentL()
+{
+ IsakmpIdentL(EFalse);
+}
+
+void TIkev1IsakmpStream::IsakmpIdentL(TBool aIsOwn)
+{
+ TIdentISAKMP id_payload;
+
+ TBuf8<256> buf; //Max size for FQDN or DER ASN1 DN
+ // (buf should be allocated from heap !!)
+ TUint32 num;
+ const TUint8 *pnum;
+
+ //DOI IPSEC
+ if (iNegotiation->iPhase == PHASE_I)
+ id_payload.SetProtocol(KProtocolInetUdp);
+ else
+ id_payload.SetProtocol(iNegotiation->iIDProtocol); //defined when receiving the acquire (INIT) or when receiveind the ID payload (RESP)
+
+ if (aIsOwn) //Own ID!
+ {
+ if (iNegotiation->iPhase == PHASE_I)
+ {
+ DEBUG_LOG(_L("[IDi]"));
+ Isakmp_Phase1_IdL(buf, id_payload);
+ }
+ else //PHASE_II
+ {
+ DEBUG_LOG(_L("[IDci]"));
+ id_payload.SetIDType(iNegotiation->iLocalIDType_II);
+
+ id_payload.SetPort(iNegotiation->iIDLocalPort); //defined when receiving the acquire (INIT) or when receiveind the ID payload (RESP)
+
+ switch (iNegotiation->iLocalIDType_II)
+ {
+ case ID_IPV4_ADDR:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + sizeof(TUint32))); //IPV4 addr TInt32
+ num = ByteOrder::Swap32(iNegotiation->iLocalAddr1_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ break;
+ case ID_IPV6_ADDR:
+ if (iNegotiation->iLocalAddr.IsV4Mapped())
+ {
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + sizeof(TUint32))); //IPV4 addr TInt32
+ id_payload.SetIDType(ID_IPV4_ADDR);
+ num = ByteOrder::Swap32(iNegotiation->iLocalAddr.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ }
+ else
+ {
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 16)); //IPV6 size is 16
+ pnum = &iNegotiation->iLocalAddr1_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ }
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 2*sizeof(TUint32))); //IPV4 addr TInt32
+ num = ByteOrder::Swap32(iNegotiation->iLocalAddr1_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ num = ByteOrder::Swap32(iNegotiation->iLocalAddr2_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 32)); //one IPV6 addr size is 16
+ pnum = &iNegotiation->iLocalAddr1_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ pnum = &iNegotiation->iLocalAddr2_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ break;
+ //No need for a default. Must be controlled way before when acquire or IDs received
+ }
+ }
+ }
+ else //Peer Id.
+ {
+ if (iNegotiation->iPhase == PHASE_I)
+ {
+ DEBUG_LOG(_L("[IDr]"));
+ Isakmp_Phase1_IdL(buf, id_payload);
+ }
+ else //PHASE_II
+ {
+ DEBUG_LOG(_L("[IDcr]"));
+ id_payload.SetIDType(iNegotiation->iRemoteIDType_II);
+
+ id_payload.SetPort(iNegotiation->iIDRemotePort); //defined when receiving the acquire (INIT) or when receiving the ID payload (RESP)
+
+ switch (iNegotiation->iRemoteIDType_II)
+ {
+ case ID_IPV4_ADDR:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + sizeof(TUint32))); //IPV4 addr TInt32
+ num = ByteOrder::Swap32(iNegotiation->iRemoteAddr1_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ break;
+ case ID_IPV6_ADDR:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 16)); //IPV6 size is 16
+ pnum = &iNegotiation->iRemoteAddr1_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 2*sizeof(TUint32))); //IPV4 addr TInt32
+ num = ByteOrder::Swap32(iNegotiation->iRemoteAddr1_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ num = ByteOrder::Swap32(iNegotiation->iRemoteAddr2_ID_II.Address());//Put in network order
+ pnum= (TUint8*)#
+ buf.Append(pnum,sizeof(TUint32));
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ id_payload.SetLength((TUint16)(sizeof(id_payload) + 32)); //one IPV6 addr size is 16
+ pnum = &iNegotiation->iRemoteAddr1_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ pnum = &iNegotiation->iRemoteAddr2_ID_II.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ buf.Append(pnum, 16);
+ break;
+ default:
+ DEBUG_LOG(_L("Bad Remote Phase_II ID type"));
+ iNegotiation->SetFinished();
+ return;
+ //No need for a default. Must be controlled way before when acquire or IDs received
+ }
+ }
+ }
+ *iNextPayload = ISAKMP_PAYLOAD_ID; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the adress.
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)&id_payload, sizeof(id_payload));
+ iBuf.Append(buf); //variable size
+
+ //stores the payload to be used in HASH_R/I computation (Only for phase I)
+ if ((iNegotiation->iPhase == PHASE_I) && (aIsOwn))
+ {
+ TUint8 *p_ident=iNextPayload+sizeof(TPayloadISAKMP); //Data field
+
+ iNegotiation->iOwnIdentPayloadSize=id_payload.GetLength()-sizeof(TPayloadISAKMP); //without the generic part!
+
+ if (iNegotiation->iOwnIdentPayload) //in case it contains info
+ {
+ delete iNegotiation->iOwnIdentPayload;
+ iNegotiation->iOwnIdentPayload = NULL;
+ }
+ iNegotiation->iOwnIdentPayload = new (ELeave) TUint8[iNegotiation->iOwnIdentPayloadSize]; //Generic payload NOT included
+ Mem::Copy(iNegotiation->iOwnIdentPayload,p_ident,iNegotiation->iOwnIdentPayloadSize);
+ }
+
+}
+
+void TIkev1IsakmpStream::Isakmp_Phase1_IdL(TDes8& aIdData, TIdentISAKMP& aIdPayload)
+{
+ if ( iNegotiation->iNAT_D_Flags )
+ aIdPayload.SetPort(0);
+ else aIdPayload.SetPort(IKE_PORT);
+
+ TBool IdOk = EFalse;
+ TUint8 IdType = iNegotiation->iHostData->iIdType;
+ if (IdType == ID_USER_FQDN || IdType == ID_DER_ASN1_DN)
+ {
+ if (!iNegotiation->iOwnCert) //If not yet read
+ {
+ iNegotiation->ReadOwnCertL();
+ }
+ }
+ if ( iNegotiation->iOwnCert && iNegotiation->iPkiService )
+ {
+ //
+ // Priority 1 : Use IKE identity based on local certificate
+ //
+ TPtrC8 Cert(iNegotiation->iOwnCert->Des());
+ HBufC8* CertIdBfr = IkePkiUtils::GetIdentityFromCertL(IdType, Cert);
+ if ( CertIdBfr )
+ {
+ if ( CertIdBfr->Des().Length() <= aIdData.MaxLength() )
+ {
+ aIdData.Copy(CertIdBfr->Des());
+ if ( IdType == 0 )
+ IdType = ID_DER_ASN1_DN;
+ IdOk = ETrue;
+ }
+ delete CertIdBfr;
+ }
+ }
+
+ if ( !IdOk )
+ {
+ //
+ // Priority 2 : Use identity defined in policy
+ //
+ TInt DataLength = iNegotiation->iHostData->iFQDN.Length();
+ IdType = iNegotiation->iHostData->iIdType;
+ if ( ( DataLength > 0 ) && ( DataLength <= aIdData.MaxLength()) )
+ {
+ if ( (IdType != ID_KEY_ID) && (IdType != ID_USER_FQDN) && (IdType != ID_FQDN) )
+ IdType = ID_KEY_ID;
+ aIdData.Copy(iNegotiation->iHostData->iFQDN);
+ IdOk = ETrue;
+ }
+ }
+
+ if ( !IdOk )
+ {
+ //
+ // Priority 3 : Build local id from own IP address
+ //
+ TUint32 num;
+ const TUint8 *pnum;
+ if ((iNegotiation->iLocalAddr.Family() == KAfInet) || iNegotiation->iLocalAddr.IsV4Mapped() )
+ {
+ IdType = ID_IPV4_ADDR;
+ num = ByteOrder::Swap32(iNegotiation->iLocalAddr.Address());//Put in network order
+ pnum = (TUint8*)#
+ aIdData.Copy(pnum, sizeof(TUint32));
+ }
+ else
+ {
+ IdType = ID_IPV6_ADDR;
+ pnum = &iNegotiation->iLocalAddr.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ aIdData.Copy(pnum, 16);
+ }
+ }
+
+ aIdPayload.SetLength((TUint16)(sizeof(aIdPayload) + aIdData.Length()));
+ aIdPayload.SetIDType(IdType);
+
+}
+
+
+
+void TIkev1IsakmpStream::IsakmpCertificateL()
+{
+ TCertificateISAKMP *cert;
+
+ if (!iNegotiation->iSendCert) //Set by a received cert request or ourselves if initiator
+ return;
+
+ if (!iNegotiation->iOwnCert) //If not yet read
+ {
+ if (!iNegotiation->ReadOwnCertL())
+ {
+ iNegotiation->SetFinished();
+ return;
+ }
+ }
+ DEBUG_LOG(_L("[CERT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_CERT; //Fills the previous payload next field
+ cert = (TCertificateISAKMP*)(iBuf.Ptr() + iBuf.Length());
+ iNextPayload = (TUint8 *)cert;//saves the adress.Will be filled by the next called function
+
+ TPtr8 cert_ptr((TUint8 *)iBuf.Ptr() + iBuf.Length() + TCertificateISAKMP::Size(), 0, iBuf.MaxLength() - iBuf.Length()); //Pointer to the Cert. Data
+
+ cert_ptr.Copy(iNegotiation->iOwnCert->Des());
+ cert->SetReserved(0);
+ cert->SetLength((TUint16)(TCertificateISAKMP::Size() + cert_ptr.Size()));
+ cert->SetEncoding(iNegotiation->iEncoding); //If responder the same as initiator, otherwise any? (now only X509)
+ iBuf.SetLength(iBuf.Length() + TCertificateISAKMP::Size() + cert_ptr.Size()); //The new info just added
+ if ( iNegotiation->iICA2 )
+ {
+ DEBUG_LOG(_L("[Level 2 INTERMEDIATE CERT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_CERT; //Fills the previous payload next field
+ cert = (TCertificateISAKMP*)(iBuf.Ptr() + iBuf.Length());
+ iNextPayload = (TUint8 *)cert;//saves the adress.Will be filled by the next called function
+
+ TPtr8 cert_ptr((TUint8 *)iBuf.Ptr() + iBuf.Length() + TCertificateISAKMP::Size(), 0, iBuf.MaxLength() - iBuf.Length()); //Pointer to the Cert. Data
+
+ cert_ptr.Copy(iNegotiation->iICA2->Des());
+ cert->SetReserved(0);
+ cert->SetLength((TUint16)(TCertificateISAKMP::Size() + cert_ptr.Size()));
+ cert->SetEncoding(iNegotiation->iEncoding); //If responder the same as initiator, otherwise any? (now only X509)
+ iBuf.SetLength(iBuf.Length() + TCertificateISAKMP::Size() + cert_ptr.Size()); //The new info just added
+ }
+ if ( iNegotiation->iICA1 )
+ {
+ DEBUG_LOG(_L("[Level 1 INTERMEDIATE CERT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_CERT; //Fills the previous payload next field
+ cert = (TCertificateISAKMP*)(iBuf.Ptr() + iBuf.Length());
+ iNextPayload = (TUint8 *)cert;//saves the adress.Will be filled by the next called function
+
+ TPtr8 cert_ptr((TUint8 *)iBuf.Ptr() + iBuf.Length() + TCertificateISAKMP::Size(), 0, iBuf.MaxLength() - iBuf.Length()); //Pointer to the Cert. Data
+
+ cert_ptr.Copy(iNegotiation->iICA1->Des());
+ cert->SetReserved(0);
+ cert->SetLength((TUint16)(TCertificateISAKMP::Size() + cert_ptr.Size()));
+ cert->SetEncoding(iNegotiation->iEncoding); //If responder the same as initiator, otherwise any? (now only X509)
+ iBuf.SetLength(iBuf.Length() + TCertificateISAKMP::Size() + cert_ptr.Size()); //The new info just added
+ }
+}
+
+
+void TIkev1IsakmpStream::IsakmpCertificateReqL()
+{
+ if ( !iNegotiation->iPkiService || !iNegotiation->iPkiService->CaList())
+ return;
+ CIkeCaList* CaList = iNegotiation->iPkiService->CaList();
+ TCertificateReqISAKMP cert_req;
+ CX509Certificate *ca_cert;
+ TInt count = CaList->Count();
+ TInt i = 0;
+
+ while ( i < count ) {
+
+ DEBUG_LOG(_L("[CR]"));
+ ca_cert = CaList->At(i)->Certificate();
+ *iNextPayload = ISAKMP_PAYLOAD_CR; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address. Will be filled by the next called function
+ TPtr8 certreq_data_ptr((TUint8 *)iBuf.Ptr() + iBuf.Length() + TCertificateReqISAKMP::Size(), 0, iBuf.MaxLength() - iBuf.Length()); //Pointer to the CertReq. Data
+ IkePkiUtils::GetCertSubjectNameDERL(ca_cert, certreq_data_ptr);
+ cert_req.SetLength((TUint16)(TCertificateReqISAKMP::Size() + certreq_data_ptr.Size()));
+ cert_req.SetEncoding(iNegotiation->iEncoding); //If responder the same as initiator, otherwise any? (now only X509)
+ iBuf.Append((TUint8 *)&cert_req, TCertificateReqISAKMP::Size());
+ iBuf.SetLength(iBuf.Length()+ certreq_data_ptr.Size());
+
+ i ++;
+ }
+
+ iNegotiation->iCertRequested = ETrue;
+}
+
+
+void TIkev1IsakmpStream::IsakmpHashL()
+{
+ DEBUG_LOG(_L("[HASH]"));
+ THashISAKMP hash_payload;
+ TBuf8<ISAKMP_HASH_SIZE> hash;
+ TUint8 exchange = ThdrISAKMP::Ptr(iBuf)->GetExchange();
+ switch (exchange)
+ {
+ case ISAKMP_EXCHANGE_ID: //Main mode
+ case ISAKMP_EXCHANGE_AGGR: //Main mode
+ *iNextPayload = ISAKMP_PAYLOAD_HASH; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the adress.
+
+ if (iNegotiation->iRole==INITIATOR)
+ {
+ DEBUG_LOG(_L("[HASH_I]"));
+ iNegotiation->ComputeHash1L(hash); //Must be done after Isakmp_IDENT to have the correct Id payload
+ hash_payload.SetLength((TUint16)(hash.Length() + sizeof(THashISAKMP)));
+ iBuf.Append((TUint8 *)&hash_payload, sizeof(hash_payload));
+ //iBuf.Append(iNegotiation->iHASH_I,iNegotiation->iHASH_ILen);
+ iBuf.Append(hash);
+
+ }
+ else //RESP
+ {
+ DEBUG_LOG(_L("[HASH_R]"));
+ iNegotiation->ComputeHashrL(hash); //Must be done after Isakmp_IDENT to have the correct Id payload
+ hash_payload.SetLength((TUint16)(hash.Length() + sizeof(THashISAKMP)));
+ iBuf.Append((TUint8 *)&hash_payload, sizeof(hash_payload));
+ //iBuf.Append(iNegotiation->iHASH_R,iNegotiation->iHASH_RLen);
+ iBuf.Append(hash);
+ }
+ break;
+
+ case IKE_QUICK_MODE:
+ *iNextPayload = ISAKMP_PAYLOAD_HASH; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the adress.
+ switch (iNegotiation->iStage)
+ {
+ case 1://Require 2-stage hash payload construction
+ case 2:
+ case 4:
+ iHash_pos=iBuf.Length(); //Saves the pos to put the payload later in Isakmp_HASH_cont
+ //Leaves free space for the buffer
+ iBuf.SetLength(iBuf.Length() + sizeof(THashISAKMP) + iNegotiation->HashLength());
+ break;
+ default: //stage 3
+ DEBUG_LOG(_L("[HASH(3)]"));
+ iNegotiation->ComputeHash2L(hash, iNegotiation->iStage);
+ hash_payload.SetLength((TUint16)(hash.Length() + sizeof(THashISAKMP)));
+ iBuf.Append((TUint8 *)&hash_payload, sizeof(hash_payload));
+ iBuf.Append(hash); //Puts the hash in the correct position. iHashPos fills by Isakmp_HASH()
+ }
+ break;
+
+ case ISAKMP_EXCHANGE_INFO:
+ case ISAKMP_EXCHANGE_TRANSACT:
+ *iNextPayload = ISAKMP_PAYLOAD_HASH; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ iHash_pos = iBuf.Length(); //Saves the pos to put the payload later in Isakmp_HASH_cont
+ //Leaves free space for the buffer
+ iBuf.SetLength(iBuf.Length() + sizeof(THashISAKMP) + iNegotiation->HashLength());
+ break;
+
+ default:
+ DEBUG_LOG(_L("ISAKMP_HASH payload build error"));
+ iNegotiation->SetFinished();
+ }
+}
+
+//Insert the hash in the designed position. Only Phase_II stage 1 or 2
+void TIkev1IsakmpStream::IsakmpHashContL()
+{
+ THashISAKMP hash;
+ TBuf8<ISAKMP_HASH_SIZE> tmp_hash;
+
+ //to put the correct next_payload value we check in the buffer because the next
+ //payload will have updated the value there
+ THashISAKMP *fake_hdr=(THashISAKMP *)(iBuf.Ptr() + iHash_pos);
+ hash.SetPayload(fake_hdr->GetPayload());
+ TInt hash_len=sizeof(THashISAKMP) + iNegotiation->HashLength();
+ hash.SetLength((TUint16)hash_len);
+ tmp_hash.Copy((TUint8 *)&hash,sizeof(hash));
+ iBuf.Replace(iHash_pos, tmp_hash.Length(),tmp_hash);
+ iHash_pos += tmp_hash.Length();
+
+ TUint8 *hashMsg=((TUint8 *)iBuf.Ptr() + sizeof(ThdrISAKMP) + hash_len); //Msg to hash
+ TInt hashMsgLen= iBuf.Length()- sizeof(ThdrISAKMP) - hash_len;
+ switch (iNegotiation->iExchange)
+ {
+ case IKE_QUICK_MODE:
+ if (iNegotiation->iStage != 4)
+ iNegotiation->ComputeHash2L(tmp_hash, iNegotiation->iStage, hashMsg, hashMsgLen);
+ else //Send CONNECT message is informational although in Quick mode
+ iNegotiation->ComputeHashInfL(tmp_hash, hashMsg, hashMsgLen);
+ break;
+ case ISAKMP_EXCHANGE_INFO:
+ case ISAKMP_EXCHANGE_TRANSACT:
+ iNegotiation->ComputeHashInfL(tmp_hash, hashMsg, hashMsgLen);
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP_HASH_contL"));
+ iNegotiation->SetFinished();
+ }
+ iBuf.Replace(iHash_pos,tmp_hash.Length(),tmp_hash); //Puts the hash in the correct position. iHashPos fills by Isakmp_HASH()
+}
+
+void TIkev1IsakmpStream::IsakmpSignatureL()
+{
+ TSignatureISAKMP sig;
+ TBuf8<ISAKMP_HASH_SIZE> hash;
+
+ DEBUG_LOG(_L("[SIG]"));
+ if ( !iNegotiation->iPkiService )
+ return;
+
+ //DSS only allows SHA1 as hash
+ TUint16 tmp = iNegotiation->iChosenProposal_I.iAttrList->iHashAlg; //save the value to compute the hash with SHA1 if using DSS
+
+ //First computes hash
+ if (iNegotiation->iRole==INITIATOR)
+ {
+ iNegotiation->ComputeHash1L(hash); //Must be done after Isakmp_IDENT to have the correct Id payload
+ }
+ else
+ {
+ iNegotiation->ComputeHashrL(hash); //Must be done after Isakmp_IDENT to have the correct Id payload
+ }
+ iNegotiation->iChosenProposal_I.iAttrList->iHashAlg = tmp; //Restore the value after computing the hash
+
+ *iNextPayload = ISAKMP_PAYLOAD_SIG; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ //Will be filled by the next called function
+ TSignatureISAKMP *p_sig=(TSignatureISAKMP *)(iBuf.Ptr() + iBuf.Length()); //To update the payload size later
+ iBuf.Append((TUint8 *)&sig, sizeof(sig));
+
+ TPtr8 sig_data_ptr((TUint8 *)(iBuf.Ptr() + iBuf.Length()), iBuf.MaxLength() - iBuf.Length());
+
+ DEBUG_LOG1(_L("sig_data_ptr length=%d"), sig_data_ptr.Length());
+ if ( iNegotiation->iPkiService->Ikev1SignatureL(iNegotiation->iPeerTrustedCA->Des(),
+ iNegotiation->iHostData,
+ hash, sig_data_ptr) == 0 )
+ {
+ DEBUG_LOG(_L("Signature Computation failed!"));
+ }
+
+ DEBUG_LOG(_L("Signature"));
+ iBuf.SetLength(iBuf.Length() + sig_data_ptr.Length()); //updates the buffer size
+ p_sig->SetLength((TUint16)(sizeof(sig) + sig_data_ptr.Length())); //Puts the correct length in the buffer
+}
+
+//Adds the Nonce payload to the buffer
+void TIkev1IsakmpStream::IsakmpNonce()
+{
+ TNonceISAKMP nonce_payload;
+
+ //iNegotiation->ComputeNonce(); //Nonce to be sent
+ nonce_payload.SetLength((TUint16)(sizeof(nonce_payload) + OAKLEY_DEFAULT_NONCE_SIZE));
+ *iNextPayload = ISAKMP_PAYLOAD_NONCE; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)&nonce_payload, sizeof(nonce_payload));
+ if (iNegotiation->iRole==INITIATOR)
+ {
+ DEBUG_LOG(_L("[NONCE_I]"));
+ iBuf.Append(iNegotiation->iNONCE_I); //variable size
+ }
+ else
+ {
+ DEBUG_LOG(_L("[NONCE_R]"));
+ iBuf.Append(iNegotiation->iNONCE_R); //variable size
+ }
+
+}
+
+//Adds the Notification payload to the buffer
+void TIkev1IsakmpStream::IsakmpNotification(TUint16 aType, TUint8 aProtocol, TUint8* aNotifData, TInt aDataLth)
+{
+ TNotificationISAKMP notif;
+
+ TBuf8<2*ISAKMP_COOKIE_SIZE> spi;
+
+ spi.Copy(iNegotiation->iCookie_I);
+ spi.Append(iNegotiation->iCookie_R);
+
+ DEBUG_LOG(_L("[NOT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_NOTIF; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ TUint16 length = (TUint16)(sizeof(notif) + spi.Length() + aDataLth);
+
+ notif.SetLength(length);
+ notif.SetDOI(iNegotiation->iDOI);
+ notif.SetProtocol(aProtocol);
+ notif.SetSPISize((TUint8)spi.Length());
+ notif.SetMsgType(aType);
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)¬if, sizeof(notif)); //Header
+ iBuf.Append(spi); //insert the SPI
+
+ if ( aNotifData && aDataLth )
+ iBuf.Append(aNotifData, aDataLth); //Add Notification data
+
+}
+
+//Adds the Notification payload to the buffer
+void TIkev1IsakmpStream::IsakmpReplayStatus(TUint8 aProtocol, TUint32 aSPI, TUint8 aReplayWindowLength)
+{
+ TNotificationISAKMP notif;
+ TUint32 data;
+
+ DEBUG_LOG(_L("[NOT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_NOTIF; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ notif.SetLength((TUint16)(sizeof(notif) + sizeof(aSPI) + sizeof(data))); //No Notification Data yet!!!
+ notif.SetDOI(iNegotiation->iDOI);
+ notif.SetProtocol(aProtocol);
+ notif.SetSPISize(sizeof(aSPI)); //No SPI sent
+ notif.SetMsgType(DOI_REPLAY_STATUS);
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)¬if, sizeof(notif)); //Header
+ iBuf.Append((TUint8 *)&aSPI, sizeof(aSPI)); //Insert the SPI
+
+ // Notification Data: 0 if replay detection disabled
+ // 1 if replay detection enabled
+
+ if (aReplayWindowLength > 0)
+ data = ByteOrder::Swap32(1);
+ else
+ data = 0;
+ iBuf.Append((TUint8 *)&data, sizeof(data));
+
+}
+
+//Adds the Notification payload to the buffer
+void TIkev1IsakmpStream::IsakmpResponderLifetime(TUint8 aProtocol, TUint32 aSPI, const TDesC8 &aLifetime, const TDesC8 &aLifesize)
+{
+ TNotificationISAKMP notif;
+ TDataISAKMP attr;
+
+ DEBUG_LOG(_L("[NOT]"));
+ *iNextPayload = ISAKMP_PAYLOAD_NOTIF; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+
+ //Notification payload + spi + attribs lifetype and life value
+ TInt attrlen = 0;
+ if (aLifetime.Length() > 0)
+ attrlen = 2*sizeof(attr) + aLifetime.Length();
+ if (aLifesize.Length() > 0)
+ attrlen += 2*sizeof(attr) + aLifesize.Length();
+ if (attrlen == 0) //No lifevalues to send
+ return;
+
+ notif.SetLength((TUint16)(sizeof(notif) + sizeof(aSPI) + attrlen));
+ notif.SetDOI(iNegotiation->iDOI);
+ notif.SetProtocol(aProtocol);
+ notif.SetSPISize(sizeof(aSPI)); //No SPI sent
+ notif.SetMsgType(DOI_RESPONDER_LIFETIME);
+ //Will be filled by the next called function
+ iBuf.Append((TUint8 *)¬if, sizeof(notif)); //Header
+ iBuf.Append((TUint8 *)&aSPI, sizeof(aSPI)); //Insert the SPI
+
+ //Lifetime
+ if (aLifetime.Length() > 0)
+ {
+ //LifeType
+ attr.SetBasic(ETrue);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(SECONDS);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ //Life Value
+ attr.SetBasic(EFalse);
+ attr.SetType(DOI_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)(aLifetime.Length()));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(aLifetime);
+ }
+
+ //Lifesize
+ if (aLifesize.Length() > 0)
+ {
+ //LifeType
+ attr.SetBasic(ETrue);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_TYPE);
+ attr.SetValue(KBYTES);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+ //Life Value
+ attr.SetBasic(EFalse);
+ attr.SetType(OAKLEY_ATTR_TYPE_LIFE_DUR);
+ attr.SetLength((TUint16)(aLifesize.Length()));
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ iBuf.Append(aLifesize);
+ }
+}
+
+
+//Only send 1 SPI for the ISAKMP SA, AH or ESP
+void TIkev1IsakmpStream::IsakmpDelete(TDesC8 &aSPI, TUint8 aProtocol)
+{
+ TDeleteISAKMP delete_payload;
+
+ DEBUG_LOG(_L("[DEL]"));
+
+ *iNextPayload = ISAKMP_PAYLOAD_D; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+
+ delete_payload.SetLength((TUint16)(sizeof(delete_payload) + aSPI.Length())); //No Notification Data yet!!!
+ delete_payload.SetDOI(iNegotiation->iDOI);
+ delete_payload.SetProtocol(aProtocol);
+ delete_payload.SetSPISize((TUint8)aSPI.Length());
+ delete_payload.SetNumSPI(1);
+
+ iBuf.Append((TUint8 *)&delete_payload, sizeof(delete_payload)); //Header
+ iBuf.Append(aSPI); //insert the SPI
+}
+
+//Adds the Vendor ID payload to the buffer
+void TIkev1IsakmpStream::IsakmpVendorId(TInt aID_Type,
+ TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr,
+ TUint8 *aGenericVidData, TInt aGenericVidLth )
+{
+
+ *iNextPayload = ISAKMP_PAYLOAD_VID; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());
+
+ if ( (aID_Type == IETF_NATT_VENDOR_ID || aID_Type == IETF_RFC_NATT_VENDOR_ID) && aGenericVidData ) {
+ TVendorISAKMP vendor_payload;
+ vendor_payload.SetLength((TUint16)(sizeof(vendor_payload) + aGenericVidLth));
+ iBuf.Append((TUint8 *)&vendor_payload, sizeof(vendor_payload)); //Header
+ iBuf.Append(aGenericVidData, aGenericVidLth); //Data
+ return;
+ }
+/*--------------------------------------------------------
+ *
+ * If an expanded Vendor Id required build it, otherwise
+ * use "old" style" short Vendor Id,
+ *
+ *--------------------------------------------------------*/
+ TBool ExpandedVID;
+
+ if ( aID_Type == EXPANDED_VENDOR_ID )
+ ExpandedVID = ETrue;
+ else ExpandedVID = EFalse;
+
+ TInt payload_lth = ConstructVendorId(ExpandedVID,
+ aICOOKIE,
+ aRCOOKIE,
+ aLocalAddr,
+ (TVendorISAKMP*)iNextPayload);
+ iBuf.SetLength(iBuf.Length() + payload_lth); //The new info just added
+
+}
+
+
+void TIkev1IsakmpStream::IsakmpChre(TUint16 aLAMType, TUint16 aAttr1, HBufC8 *aBfr1,
+ TUint16 aAttr2, HBufC8 *aBfr2, TUint16 aAttr3, HBufC8 *aBfr3)
+{
+ TCHREISAKMP chre_payload;
+
+ DEBUG_LOG(_L("[CHRE]"));
+
+ *iNextPayload = ISAKMP_PAYLOAD_CHRE; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+ /*----------------------------------------------------
+ * Fill generic payload header fields (except length)
+ *----------------------------------------------------*/
+ chre_payload.SetLAMtype(aLAMType);
+ chre_payload.SetCHREReserved();
+ TInt pos = iBuf.Length(); //save the position to insert later
+ iBuf.SetLength(pos + sizeof(chre_payload)); //leave room to insert later
+
+ /*----------------------------------------------------
+ * Store CHRE payload attribute data
+ *----------------------------------------------------*/
+ if ( aAttr1 !=0 )
+ IsakmpChreAttrib(aAttr1, aBfr1);
+ if ( aAttr2 !=0 )
+ IsakmpChreAttrib(aAttr2, aBfr2);
+ if ( aAttr3 !=0 )
+ IsakmpChreAttrib(aAttr3, aBfr3);
+ /*----------------------------------------------------
+ * Store correct payload length
+ *----------------------------------------------------*/
+ chre_payload.SetLength((TUint16)(iBuf.Length() - pos));
+ TBuf8<sizeof(chre_payload)> aux;
+ aux.Append((TUint8 *)&chre_payload, sizeof(chre_payload));
+ iBuf.Replace(pos, aux.Length(), aux);
+}
+
+void TIkev1IsakmpStream::IsakmpChreAttrib(TUint16 aType, HBufC8 *aBfr)
+{
+ /*----------------------------------------------------
+ * Store CHRE payload attribute data (variable length)
+ *----------------------------------------------------*/
+ TDataISAKMP attr;
+ TUint length;
+ attr.SetBasic(EFalse);
+ attr.SetType(aType);
+ if ( aBfr )
+ length = aBfr->Length();
+ else length = 0;
+ attr.SetLength((TUint16)length);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+ if ( length )
+ iBuf.Append(aBfr->Ptr(),length);
+}
+
+
+void TIkev1IsakmpStream::IsakmpIntnet(TUint32 aIpv4Addr)
+{
+ /*----------------------------------------------------------
+ * Build inititor (=client) private Internal Address payload
+ * Payload contains only PRI_INTERNAL_ADDRESS attribute coded
+ * as a basic attribute with value 0.
+ *---------------------------------------------------------*/
+ TINTNETISAKMP intnet_payload;
+ TDataISAKMP attr;
+
+ DEBUG_LOG(_L("[IA]"));
+
+ *iNextPayload = ISAKMP_INT_NETWORK; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+
+ intnet_payload.SetLength((TUint16)(sizeof(intnet_payload) +
+ (2 + 2))); //basic attribute
+ iBuf.Append((TUint8 *)&intnet_payload,
+ sizeof(intnet_payload)); //Payload Header
+ attr.SetBasic(ETrue);
+ attr.SetType(PRI_INTERNAL_ADDRESS);
+ attr.SetValue((TUint16)aIpv4Addr);
+ iBuf.Append((TUint8 *)&attr, sizeof(attr));
+
+}
+
+void TIkev1IsakmpStream::IsakmpNatD(TBool aRfcNatt, TDesC8 &aHash)
+{
+ /*------------------------------------------------------------
+ * Build NAT-D related to NAT discovery.
+ * Payload data is a hash data defined as follows:
+ * HASH = HASH(CKY-I | CKY-R | IP | Port)
+ * using the negotiated HASH algorithm
+ *---------------------------------------------------------*/
+ TNATDISAKMP nat_d_payload;
+
+ DEBUG_LOG(_L("[NAT_D]"));
+
+ if ( aRfcNatt )
+ *iNextPayload = IETF_RFC_NAT_DISCOVERY; //Fills the previous payload next field
+ else
+ *iNextPayload = IETF_NAT_DISCOVERY; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+
+ nat_d_payload.SetLength((TUint16)(sizeof(nat_d_payload) + aHash.Length()));
+ iBuf.Append((TUint8 *)&nat_d_payload, sizeof(nat_d_payload)); //Header
+ iBuf.Append(aHash); //Data
+
+}
+
+void TIkev1IsakmpStream::IsakmpAttributes(TUint8 aMsgType, TUint16 aIdentifier, TDesC8 &aAttributes)
+{
+ /*------------------------------------------------------------
+ * Build Attributes payload. (used with config-mode and XAUTH)
+ *---------------------------------------------------------*/
+ TAttributeISAKMP attr_payload;
+ attr_payload.SetCfgMsgType(aMsgType);
+ attr_payload.SetReservedField();
+ attr_payload.SetIdentifier(aIdentifier);
+
+ DEBUG_LOG(_L("[ATTR]"));
+
+ *iNextPayload = ISAKMP_PAYLOAD_ATTRIBUTES; //Fills the previous payload next field
+ iNextPayload = (TUint8 *)(iBuf.Ptr() + iBuf.Length());//saves the address.
+
+ attr_payload.SetLength((TUint16)(sizeof(attr_payload) + aAttributes.Length()));
+ iBuf.Append((TUint8 *)&attr_payload, sizeof(attr_payload)); //Header
+ iBuf.Append(aAttributes); //Data
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1keepalive.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,189 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 keep alive object
+*
+*/
+
+
+#include <eikenv.h>
+#include <es_sock.h>
+#include <e32math.h>
+#include "ikedebug.h"
+#include "ikev1keepalive.h"
+#include "ikev1pluginsession.h"
+
+_LIT8(KMsgContent, "\xff");
+
+CIkeV1KeepAlive* CIkeV1KeepAlive::NewL( CIkev1PluginSession& aPluginSession,
+ TInt aPort,
+ TInetAddr& aDestAddr,
+ TInt NatKeepAlive,
+ TInt DpdKeepAlive,
+ MDpdHeartBeatEventHandler* aHandler,
+ TUint8 aDscp )
+ {
+ CIkeV1KeepAlive* self = new (ELeave) CIkeV1KeepAlive( aPluginSession,
+ aPort,
+ aDestAddr,
+ NatKeepAlive,
+ DpdKeepAlive,
+ aHandler,
+ aDscp );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+
+
+CIkeV1KeepAlive::CIkeV1KeepAlive( CIkev1PluginSession& aPluginSession,
+ TInt aPort,
+ TInetAddr& aDestAddr,
+ TInt aNatKeepAlive,
+ TInt aDpdKeepAlive,
+ MDpdHeartBeatEventHandler* aHandler,
+ TUint8 aDscp )
+ : CTimer( EPriorityStandard ),
+ iPluginSession( aPluginSession ),
+ iPort( aPort ),
+ iMsg( KMsgContent )
+ {
+ iDestAddr = aDestAddr;
+ iNatKeepAlive = aNatKeepAlive;
+ iDpdKeepAlive = aDpdKeepAlive;
+ iCallback = aHandler;
+ iDscp = aDscp;
+ CActiveScheduler::Add( this );
+ }
+
+//Destructor
+CIkeV1KeepAlive::~CIkeV1KeepAlive()
+ {
+ Cancel();
+ }
+
+
+void CIkeV1KeepAlive::ConstructL()
+ {
+ //
+ // If NAT keepalive timoeut allocate (and initialize) a TIkeXmitBfr data buffer for
+ // NAT keepalive. Allocate a data buffer for special "Echo request"
+ // keepalive message, if proprietary "Nokia NAT Traversal is used".
+ // Start keep alive timer
+ //
+ CTimer::ConstructL();
+
+ if ( (iNatKeepAlive >= iDpdKeepAlive) && (iDpdKeepAlive != 0) && iCallback )
+ iNatKeepAlive = 0; // Not needed
+
+ if ( iNatKeepAlive )
+ {
+ iDestAddr.SetPort(iPort);
+
+ iRemainingTime = iNatKeepAlive;
+ if ( iCallback )
+ iCurrDPDTimeLeft = iDpdKeepAlive - iNatKeepAlive;
+ else iDpdKeepAlive = 0;
+ }
+ else
+ {
+ iRemainingTime = iDpdKeepAlive;
+ }
+
+ StartTimer();
+ }
+
+
+void CIkeV1KeepAlive::DoCancel()
+ {
+ CTimer::DoCancel();
+ }
+
+void CIkeV1KeepAlive::RunL()
+ {
+ if ( iRemainingTime == 0 )
+ {
+ TBool DpdEvent = EFalse;
+ if ( iDpdKeepAlive )
+ {
+ if ( ( iCurrDPDTimeLeft == 0 ) && iCallback )
+ {
+ //
+ // Call DPD event handler
+ //
+ DpdEvent = ETrue;
+ iCallback->EventHandlerL();
+ iRemainingTime = iDpdKeepAlive;
+ }
+ }
+
+ if ( iNatKeepAlive )
+ {
+ //
+ // Send a NAT keepalive message(s)
+ //
+ if ( !DpdEvent )
+ {
+ iPluginSession.SendNatKeepAliveL( iDestAddr,
+ iMsg,
+ iDscp );
+ }
+
+ iRemainingTime = iNatKeepAlive;
+
+ if ( iDpdKeepAlive )
+ {
+ if ( DpdEvent )
+ {
+ iCurrDPDTimeLeft = iDpdKeepAlive - iNatKeepAlive;
+ }
+ else
+ {
+ if ( iCurrDPDTimeLeft < iNatKeepAlive )
+ {
+ iRemainingTime = iCurrDPDTimeLeft;
+ iCurrDPDTimeLeft = 0;
+ }
+ else iCurrDPDTimeLeft -= iNatKeepAlive;
+ }
+ }
+ }
+ }
+
+ StartTimer();
+ }
+
+TInt CIkeV1KeepAlive::RunError(TInt /*aError*/)
+ {
+ return KErrNone;
+ }
+
+void CIkeV1KeepAlive::StartTimer()
+ {
+ if ( iRemainingTime > KMaxTInt/1000000 ) //To avoid overflowing the Timer
+ {
+ iRemainingTime -= KMaxTInt/1000000;
+ After(KMaxTInt);
+ }
+ else //No overflow
+ {
+ if ( iRemainingTime )
+ {
+ After(iRemainingTime*1000000);
+ }
+ iRemainingTime = 0;
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1natdiscovery.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,355 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Negotiation of NAT-Traversal in the IKE
+*
+*/
+
+
+#include "ikev1natdiscovery.h"
+#include "ikev1crypto.h"
+#include "ikev1negotiation.h"
+#include "ikev1isakmpstream.h"
+
+// "03" version hash data
+//const TUint8 IETF_NATT_VID_DATA[16] = {0x7d, 0x94, 0x19, 0xa6, 0x53, 0x10, 0xca, 0x6f,
+// 0x2c, 0x17, 0x9d, 0x92, 0x15, 0x52, 0x9d, 0x56};
+_LIT8(KIetfNatTHashSeed,"draft-ietf-ipsec-nat-t-ike-03");
+_LIT8(KIetfRfcNatTHashSeed,"RFC 3947");
+
+CIkev1NatDiscovery* CIkev1NatDiscovery::NewL(TUint32 aNatFlags)
+{
+ CIkev1NatDiscovery* NatDiscovery = new (ELeave)CIkev1NatDiscovery();
+
+ if ( aNatFlags )
+ {
+ NatDiscovery->iSupport = ETrue; // Caller forces support indicator to OK
+ NatDiscovery->iRfcSupport= ETrue;
+ }
+ else
+ {
+ NatDiscovery->iSupport = EFalse;
+ NatDiscovery->iRfcSupport= EFalse;
+ }
+
+
+ //
+ // Build Vendor string for NAT discovery. This string is used later in
+ // a ISAKMP phase 1 Vendor Id payload to inform remote host that local
+ // end supprts NAT Traversal.
+ // The vendor string is produced as the following hash:
+ // Vendor Id string = MD5("draft-ietf-ipsec-nat-t-ike-03")
+ //
+ MD5HashL(KIetfNatTHashSeed, NatDiscovery->iIetfNattVidHash); // Calculate hash value
+ MD5HashL(KIetfRfcNatTHashSeed, NatDiscovery->iIetfRfcNattVidHash); // Calculate hash value
+
+ return NatDiscovery;
+}
+
+void CIkev1NatDiscovery::BuildNatVendorId(TIkev1IsakmpStream &aMsg)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This method builds a NAT traversal related Vendor ID payload and adds it into
+ * the IKE message. The vendor id content is the following:
+ * MD5 hash of "draft-ietf-ipsec-nat-t-ike-05" (calculated earlier in NewL())
+ *
+ *---------------------------------------------------------------------------------------*/
+ TInetAddr DummyAddr;
+
+ aMsg.IsakmpVendorId(IETF_NATT_VENDOR_ID,
+ NULL, NULL, DummyAddr, // These parameters has no relevance with IETF_NATT_VID_DATA
+ (TUint8*)iIetfNattVidHash.Ptr(), iIetfNattVidHash.Length());
+
+
+}
+
+void CIkev1NatDiscovery::BuildRfcNatVendorId(TIkev1IsakmpStream &aMsg)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This method builds a NAT traversal related Vendor ID payload and adds it into
+ * the IKE message. The vendor id content is the following:
+ * MD5 hash of "RFC 3947" (calculated earlier in NewL())
+ *
+ *---------------------------------------------------------------------------------------*/
+ TInetAddr DummyAddr;
+
+ aMsg.IsakmpVendorId(IETF_RFC_NATT_VENDOR_ID,
+ NULL, NULL, DummyAddr, // These parameters has no relevance with IETF_NATT_VID_DATA
+ (TUint8*)iIetfRfcNattVidHash.Ptr(), iIetfRfcNattVidHash.Length());
+
+
+}
+
+TBool CIkev1NatDiscovery::CheckNatVendorId(const TVendorISAKMP *aVendorPayload)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This method checks does the remote end support IETF NAT traversal <draft-ietf-ipsec-nat-t-ike-03>
+ * The vendor id content MUST be the following:
+ *
+ *---------------------------------------------------------------------------------------*/
+ TInt vid_lth = aVendorPayload->GetLength() - sizeof(TPayloadISAKMP);
+ if ( vid_lth == iIetfNattVidHash.Length() ) {
+ if ( Mem::Compare(aVendorPayload->VIDData(), vid_lth, iIetfNattVidHash.Ptr(), vid_lth) == 0 ) {
+ iSupport = ETrue; // Remote end supports IETF NAT traversal
+ }
+ }
+
+ return iSupport;
+
+}
+
+TBool CIkev1NatDiscovery::CheckRfcNatVendorId(const TVendorISAKMP *aVendorPayload)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This method checks does the remote end support IETF NAT traversal RFC 3947
+ * The vendor id content MUST be the following:
+ *
+ *---------------------------------------------------------------------------------------*/
+ TInt vid_lth = aVendorPayload->GetLength() - sizeof(TPayloadISAKMP);
+ if ( vid_lth == iIetfRfcNattVidHash.Length() ) {
+ if ( Mem::Compare(aVendorPayload->VIDData(), vid_lth, iIetfRfcNattVidHash.Ptr(), vid_lth) == 0 ) {
+ //iSupport = ETrue; // Remote end supports IETF NAT traversal according to IETF draft 03
+ iRfcSupport= ETrue; // Remote end supports IETF NAT traversal according to RFC 3947
+ }
+ }
+ return iRfcSupport;
+}
+
+
+void CIkev1NatDiscovery::BuildDiscoveryPayloadsL(TIkev1IsakmpStream &aMsg, TUint16 aHashType,
+ TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This builds NAT Discovery payloads for negotiation.
+ * from draft-ietf-ipsec-nat-t-ike-03;
+ * "
+ * The purpose of the NAT-D payload is twofold, It not only detects the
+ * presence of NAT between two IKE peers, it also detects where the NAT is.
+ * The location of the NAT device is important in that the keepalives need
+ * to initiate from the peer "behind" the NAT.
+ *
+ * To detect the NAT between the two hosts, we need to detect if the IP
+ * address or the port changes along the path. This is done by sending the
+ * hashes of IP address and port of both source and destination addresses
+ * from each end to another. When both ends calculate those hashes and get
+ * same result they know there is no NAT between. If the hashes do not
+ * match, somebody translated the address or port between, meaning we need
+ * to do NAT-Traversal to get IPsec packet through.
+ *
+ * If the sender of the packet does not know his own IP address (in case of
+ * multiple interfaces, and implementation don't know which is used to
+ * route the packet out), he can include multiple local hashes to the
+ * packet (as separate NAT-D payloads). In this case the NAT is detected if
+ * and only if none of the hashes match.
+ *
+ * The hashes are sent as a series of NAT-D (NAT discovery) payloads. Each
+ * payload contains one hash, so in case of multiple hashes, multiple NAT-D
+ * payloads are sent. In normal case there is only two NAT-D payloads.
+ *
+ * The format of the NAT-D packet is
+ *
+ * 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
+ * +---------------+---------------+---------------+---------------+
+ * | Next Payload | RESERVED | Payload length |
+ * +---------------+---------------+---------------+---------------+
+ * ~ HASH of the address and port ~
+ * +---------------+---------------+---------------+---------------+
+ *
+ * The payload type for the NAT discovery payload is 130 (XXX CHANGE).
+ *
+ * The HASH is calculated as follows:
+ *
+ * HASH = HASH(CKY-I | CKY-R | IP | Port)
+ *
+ * using the negotiated HASH algorithm. All data inside the HASH is in the
+ * network byte-order. The IP is 4 octets for the IPv4 address and 16
+ * octets for the IPv6 address. The port number is encoded as 2 octet
+ * number in network byte-order. The first NAT-D payload contains the
+ * remote ends IP address and port (i.e the destination address of the UDP
+ * packet). The rest of the NAT-D payloads contain possible local end IP
+ * addresses and ports (i.e all possible source addresses of the UDP packet)."
+ *
+ *---------------------------------------------------------------------------------------*/
+ if ( iSupport || iRfcSupport) {
+ CalculateAddrPortHashL(aHashType, aICOOKIE, aRCOOKIE, aLocalAddr, aRemoteAddr);
+
+ aMsg.IsakmpNatD(iRfcSupport, iRemoteAddrPortHash); // NAT-D payload with HASH(CKY-I | CKY-R | Remote_IP | Remote_Port)
+ aMsg.IsakmpNatD(iRfcSupport, iLocalAddrPortHash); // NAT-D payload with HASH(CKY-I | CKY-R | Local_IP | Local_Port)
+ }
+}
+
+TUint32 CIkev1NatDiscovery::CheckDiscoveryPayloadsL(const CArrayFixFlat<const TNATDISAKMP *> *aNatDPayloadArray,
+ TUint16 aHashType, TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This check NAT Discovery payloads received from remote end.
+ * from draft-ietf-ipsec-nat-t-ike-03;
+ * "
+ * If there is no NAT between then the first NAT-D payload should match one
+ * of the local NAT-D packet (i.e the local NAT-D payloads this host is
+ * sending out), and the one of the other NAT-D payloads must match the
+ * remote ends IP address and port. If the first check fails (i.e first
+ * NAT-D payload does not match any of the local IP addresses and ports),
+ * then it means that there is dynamic NAT between, and this end should
+ * start sending keepalives as defined in the <draft-ietf-ipsec-udp-encaps-03.txt>.
+ *
+ *---------------------------------------------------------------------------------------*/
+ TUint32 NatFlags = 0;
+
+ if ( iSupport || iRfcSupport ) {
+
+ TInt count = aNatDPayloadArray->Count();
+ if ( count > 1 ) {
+ //
+ // Check that the first hash corresponds current local address port pair
+ //
+ CalculateAddrPortHashL(aHashType, aICOOKIE, aRCOOKIE, aLocalAddr, aRemoteAddr);
+
+ const TNATDISAKMP *NatDPayload = aNatDPayloadArray->At(0);
+ if ( !CompareHashData(NatDPayload->HashData(), NatDPayload->HashLth(), iLocalAddrPortHash) ) {
+ NatFlags |= LOCAL_END_NAT; //Local end is behind a NAT device
+ }
+
+ //
+ // Check the rest of NAT discovery payloads. One of them must correspond remote hash data
+ // calculated in local end
+ //
+ NatFlags |= REMOTE_END_NAT; // Remote end is behind a NAT device (as default)
+
+ for ( TInt i = 1; (i < count); i++ )
+ {
+ NatDPayload = aNatDPayloadArray->At(i);
+ if ( CompareHashData(NatDPayload->HashData(), NatDPayload->HashLth(), iRemoteAddrPortHash) ) {
+ NatFlags &= ~REMOTE_END_NAT; //Remote end is NOT behind a NAT device
+ break;
+ }
+
+ }
+ }
+
+ }
+
+ return NatFlags;
+
+}
+
+
+void CIkev1NatDiscovery::BuildNatOaPayload(TIkev1IsakmpStream &aMsg, TInetAddr &aLocalAddr, CProposal_IIList *aProposalList)
+{
+(void)aMsg; (void)aLocalAddr; (void)aProposalList;
+ return;
+}
+
+TBool CIkev1NatDiscovery::GetPeerOriginalAddress(const TNATOaISAKMP *aNatOaPayload, TInetAddr& aRemoteOrigAddr, CProposal_IIList *aProposalList)
+{
+(void)aNatOaPayload; (void)aRemoteOrigAddr; (void)aProposalList;
+ aRemoteOrigAddr.Init(KAFUnspec); // Set address value undefined
+ return EFalse;
+}
+
+
+
+void CIkev1NatDiscovery::CalculateAddrPortHashL(TUint16 aHashType,
+ TUint8 *aICOOKIE, TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr)
+{
+ if ( iHashExists ) {
+ return; //Hash has been already calculated
+ }
+/**---------------------------------------------------------------------------------------
+ *
+ * Calculate HASH = HASH(CKY-I | CKY-R | IP | Port) both for local- and remote IP address/port
+ *
+ *---------------------------------------------------------------------------------------*/
+ TBuf8<64> in_data;
+ const TUint8 *pnum;
+ TUint32 ipv4addr;
+ TUint16 port;
+
+ in_data.Append(aICOOKIE, ISAKMP_COOKIE_SIZE);
+ in_data.Append(aRCOOKIE, ISAKMP_COOKIE_SIZE);
+
+ TInetAddr HashAddr = aLocalAddr;
+ HashAddr.SetPort(500); //Set local port to default IKE port value
+ TInt i = 0;
+
+ while ( i < 2 ) {
+
+ if ( HashAddr.Family() == KAfInet ) {
+ ipv4addr = ByteOrder::Swap32(HashAddr.Address());//Put in network order
+ pnum = (TUint8*)&ipv4addr;
+ in_data.Append(pnum, sizeof(TUint32));
+ }
+ else {
+ if ( HashAddr.IsV4Mapped() ) {
+ HashAddr.ConvertToV4(); // IPv4 format
+ ipv4addr = ByteOrder::Swap32(HashAddr.Address());//Put in network order
+ pnum = (TUint8*)&ipv4addr;
+ in_data.Append(pnum, sizeof(TUint32));
+ }
+ else {
+ pnum = &HashAddr.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ in_data.Append(pnum, 16);
+ }
+ }
+
+ port = ByteOrder::Swap16(HashAddr.Port());//Put in network order
+ pnum = (TUint8*)&port;
+ in_data.Append(pnum, sizeof(TUint16));
+
+ if ( i ) {
+ if ( aHashType == HASH_MD5 )
+ MD5HashL(in_data, iRemoteAddrPortHash); // Calculate hash value
+ else SHA1HashL(in_data, iRemoteAddrPortHash);
+ }
+ else {
+ if ( aHashType == HASH_MD5 )
+ MD5HashL(in_data, iLocalAddrPortHash); // Calculate hash value
+ else SHA1HashL(in_data, iLocalAddrPortHash);
+ }
+ in_data.SetLength(ISAKMP_COOKIE_SIZE + ISAKMP_COOKIE_SIZE); // Reset lenght to Icookie + Rcookie
+ HashAddr = aRemoteAddr; // Process remote address next
+
+ i ++;
+ }
+
+ iHashExists = ETrue;
+
+}
+
+TBool CIkev1NatDiscovery::CompareHashData(TUint8 *aHashData, TUint32 aHashLth, TDesC8 &aReferenceHash)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * Compare current hash data to the reference hash data provided
+ *
+ *---------------------------------------------------------------------------------------*/
+ TBool result = EFalse;
+
+ if ( (TInt)aHashLth == aReferenceHash.Length() ) {
+ if ( Mem::Compare(aHashData, aHashLth, aReferenceHash.Ptr(), aHashLth) == 0 ) {
+ result = ETrue;
+ }
+ }
+
+ return result;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1negotiation.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,8306 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1/IPSEC SA negotiation
+*
+*/
+
+#include <x509cert.h>
+#include <x500dn.h>
+#include <random.h>
+#include <vpnlogmessages.rsg>
+
+#include "ikev1negotiation.h"
+#include "ikedebug.h"
+#include "ikev1isakmpstream.h"
+#include "ikev1timeout.h"
+#include "ikev1payload.h"
+#include "ikev1plugin.h"
+#include "ikev1crack.h"
+#include "ikev1trans.h"
+#include "ipsecsadata.h"
+#include "ipsecsalifetime.h"
+#include "pfkeymsg.h"
+#include "kmdapi.h"
+#include "ikev1pkiservice.h"
+#include "ikev1crypto.h"
+#include "ikev1natdiscovery.h"
+#include "ikev1private.h"
+#include "vpnapidefs.h"
+#include "ikepkiutils.h"
+#include "vpnclientuids.h"
+#include "ikecalist.h"
+#include "ikecaelem.h"
+#include "ikecert.h"
+#include "ikev1pluginsession.h"
+#include "ikesocketdefs.h"
+#include "kmdeventloggerif.h"
+#include "pfkeyextdatautil.h"
+#include "ipsecsalist.h"
+
+const TInt KSubjectName = 1;
+
+/////////////////////////////////////////////////////////////////////////////////
+// CIkev1Negotiation related stuff
+/////////////////////////////////////////////////////////////////////////////////
+
+
+//
+//Proto negotiation to send a informational payload and be destroyed
+//
+CIkev1Negotiation* CIkev1Negotiation::NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator,
+ const TCookie& aResponder )
+ {
+ CIkev1Negotiation* self = new ( ELeave ) CIkev1Negotiation( aPluginSession,
+ aPFKeySocketIf,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->iRemoteAddr = aRemote;
+ self->iCookie_I = aInitiator;
+ self->iCookie_R = aResponder;
+ self->iExchange = ISAKMP_EXCHANGE_INFO;
+ self->iDOI = IPSEC_DOI;
+ self->iTimer = CIkev1Timeout::NewL( *self );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+CIkev1Negotiation* CIkev1Negotiation::NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator,
+ TBool aAutoLogin )
+ {
+ CIkev1Negotiation* self = new ( ELeave ) CIkev1Negotiation( aPluginSession,
+ aPFKeySocketIf,
+ aDebug,
+ aRemote,
+ aInitiator );
+ CleanupStack::PushL( self );
+ self->ConstructL( aAutoLogin );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+CIkev1Negotiation* CIkev1Negotiation::NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ TIkev1SAData* aIkev1SAdata,
+ TUint aRole,
+ const TPfkeyMessage *aReq )
+ {
+ CIkev1Negotiation* self = new ( ELeave ) CIkev1Negotiation( aPluginSession,
+ aPFKeySocketIf,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL( aIkev1SAdata, aRole, aReq );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+
+CIkev1Negotiation* CIkev1Negotiation::NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ TBool aAutoLogin )
+ {
+ CIkev1Negotiation* self = new ( ELeave ) CIkev1Negotiation( aPluginSession,
+ aPFKeySocketIf,
+ aDebug,
+ aRemote );
+ CleanupStack::PushL( self );
+ self->iCookie_I = self->CreateCookieL();
+ self->ConstructL( aAutoLogin );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+CIkev1Negotiation* CIkev1Negotiation::NewL( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TPfkeyMessage& aReq )
+ {
+ CIkev1Negotiation* self = new ( ELeave ) CIkev1Negotiation( aPluginSession,
+ aPFKeySocketIf,
+ aDebug,
+ aRemote );
+ CleanupStack::PushL( self );
+ self->iCookie_I = self->CreateCookieL();
+ self->ConstructL( aReq );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+//
+// Destructor
+//
+CIkev1Negotiation::~CIkev1Negotiation()
+ {
+ DEBUG_LOG1( _L("CIkev1Negotiation::~CIkev1Negotiation this=0x%x"), this );
+
+
+ if ( iRole == INITIATOR &&
+ iAcquirePending )
+ {
+ // Response with error to pending Acquire.
+ AcquireSAErrorResponse( KKmdIkeNegotFailed );
+ }
+
+ delete iIpsecSaSpiRetriever;
+ delete iSavedIkeMsgBfr;
+
+ if( iPluginSession )
+ {
+ iPluginSession->RemoveNegotiation( this );
+ }
+
+ iCookie_I.FillZ(ISAKMP_COOKIE_SIZE);
+
+ if(iTimer)
+ {
+ iTimer->Cancel();
+ delete iTimer;
+ }
+
+ delete iOwnCert;
+ delete iPeerX509Cert;
+ delete iPeerTrustedCA; // Peer trusted CA name
+ delete iICA1;
+ delete iICA2;
+
+ delete iPkiService; // Trusted CA certificate list
+
+ delete iSAPayload;
+ delete iPeerIdentPayload;
+ delete iOwnIdentPayload;
+
+ //Keys
+ delete iOwnKeys; //structure containing the public and private keys
+ delete iOwnPublicKey; //Public Key
+
+ //Phase_I Proposal
+ TAttrib *attr;
+ while ((attr = iProposal_I.iAttrList) != NULL)
+ {
+ iProposal_I.iAttrList = attr->iNext;
+ delete attr;
+ }
+
+ delete iChosenProposal_I.iAttrList; //Only one transformation chosen
+
+ //Phase_II proposals (include transformations)
+ delete iProposal_IIList;
+
+ //Phase_II chosen Proposal
+ delete iChosenProp_IIList;
+ delete iInboundSPIList;
+ delete iCRACKneg;
+ delete iTransactionNeg; // Transaction exchange
+ delete iInternalAddr;
+ delete iNatDiscovery;
+ delete iSARekeyInfo;
+ delete iLastMsg;
+}
+
+
+//
+// CIkev1Negotiation
+// Constructor for remote initiated negotiation
+//
+CIkev1Negotiation::CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote,
+ const TCookie& aInitiator )
+ : iCookie_I( aInitiator ),
+ iRemoteAddr( aRemote ),
+ iPluginSession( aPluginSession ),
+ iPFKeySocketIf( aPFKeySocketIf ),
+ iDebug( aDebug )
+{
+
+ DEBUG_LOG1( _L("CIkev1Negotiation::CIkev1Negotiation, RESPONDER this=0x%x"), this );
+ iCookie_R.FillZ(ISAKMP_COOKIE_SIZE);
+ iSAId = iPluginSession->GetSAId();
+ iPluginSession->LinkNegotiation(this);
+ iRole = RESPONDER;
+ iStage = 1; //next phase for the responder is 2
+}
+
+//
+// Constructor for local initiated negotiation
+//
+
+CIkev1Negotiation::CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug,
+ const TInetAddr& aRemote )
+ : iRemoteAddr( aRemote ),
+ iPluginSession( aPluginSession ),
+ iPFKeySocketIf( aPFKeySocketIf ),
+ iDebug( aDebug )
+{
+ DEBUG_LOG1( _L("CIkev1Negotiation::CIkev1Negotiation, INITIATOR this=0x%x"), this );
+ iCookie_I.FillZ(ISAKMP_COOKIE_SIZE);
+ iCookie_R.FillZ(ISAKMP_COOKIE_SIZE);
+ iSAId = iPluginSession->GetSAId();
+ iPluginSession->LinkNegotiation(this);
+ iRole = INITIATOR;
+ iStage = 0;
+}
+
+//
+// Constructor for Phase II initiated negotiations
+//
+
+CIkev1Negotiation::CIkev1Negotiation( CIkev1PluginSession* aPluginSession,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug )
+ : iPluginSession( aPluginSession ),
+ iPFKeySocketIf( aPFKeySocketIf ),
+ iDebug( aDebug )
+{
+ DEBUG_LOG1( _L("CIkev1Negotiation::CIkev1Negotiation, this=0x%x"), this );
+ iCookie_I.FillZ(ISAKMP_COOKIE_SIZE);
+ iCookie_R.FillZ(ISAKMP_COOKIE_SIZE);
+ iSAId = iPluginSession->GetSAId();
+ iPluginSession->LinkNegotiation(this);
+}
+
+//Used when creating a negotiation as a RESPONDER!
+//Used also when Initiator (= Phase 1 negotiation stated by the policy activation)
+//Leaves if error detected
+void CIkev1Negotiation::ConstructL(TBool aAutoLogin)
+{
+ iIpsecSaSpiRetriever = CIpsecSaSpiRetriever::NewL( *this,
+ iPFKeySocketIf );
+
+ iAutoLogin = aAutoLogin;
+ CommonConstructL();
+}
+
+
+//Used when an Acquire is received
+//Leaves if error detected
+void CIkev1Negotiation::ConstructL(const TPfkeyMessage &aReq)
+{
+ iIpsecSaSpiRetriever = CIpsecSaSpiRetriever::NewL( *this,
+ iPFKeySocketIf );
+
+ CommonConstructL();
+ GetAcquireDataL(aReq);
+}
+
+//Used when initiating a new Phase II negotiation from a negotiated ISAKMP SA.
+void CIkev1Negotiation::ConstructL( TIkev1SAData* aSA,
+ TUint aRole,
+ const TPfkeyMessage *aReq )
+{
+
+ iIpsecSaSpiRetriever = CIpsecSaSpiRetriever::NewL( *this,
+ iPFKeySocketIf );
+
+ iPhase = PHASE_II;
+
+ //Almost like common construct
+ iTimer = CIkev1Timeout::NewL(*this);
+
+ //Phase II proposal lists
+ iProposal_IIList = new (ELeave) CProposal_IIList(1);
+
+ iRemoteAddr.SetPort(IKE_PORT);
+
+ iSeq = aSA->iSeq;
+ iLocalAddr = aSA->iLocalAddr;
+ iRemoteAddr = aSA->iRemoteAddr; // Remote Address from peer
+ iLastRemoteAddr = aSA->iDestinAddr; // Remote Address last transmitted
+
+ iLastIKEMsgInfo = aSA->iLastIKEMsgInfo;
+ iLastMsg = HBufC8::NewL(4096);
+ if ( aSA->iLastMsg != NULL )
+ {
+ *iLastMsg = *aSA->iLastMsg;
+ }
+
+ iRole = aRole; // If we are initiator or responder
+
+ //Header Data
+ iCookie_I = aSA->iCookie_I; // Initiator Cookie (Used with responder to create KEYID)
+ iCookie_R = aSA->iCookie_R; // Responder Cookie
+ iPrevExchange = aSA->iPrevExchange;
+ iExchange = IKE_QUICK_MODE;
+
+ iMessageId = RandomMessageId();
+
+ iFlags = aSA->iFlags; // Flags in the msg header
+
+// iNotifyMessageId = aSA->iHdr.iNotifyMessageId; // Message Id. for Informational Exchanges
+
+ //SA Data
+ iDOI = IPSEC_DOI;
+
+ iChosenProposal_I.iProtocol = PROTO_ISAKMP;
+ iChosenProposal_I.iProposalNum = 0;
+// iChosenProposal_I.iSPI.Copy(aSA->iChosenProposal_I.iSPI);
+ iChosenProposal_I.iNumTransforms = 1;
+ iChosenProposal_I.iAttrList = new (ELeave) TAttrib; //allocated now and deleted when destroying the obj
+// *iChosenProposal_I.iAttrList = *aSA->iChosenProposal_I.iAttrList;
+ iChosenProposal_I.iAttrList->iEncrAlg = aSA->iEncrAlg;
+ iChosenProposal_I.iAttrList->iHashAlg = aSA->iHashAlg;
+ iChosenProposal_I.iAttrList->iGroupDesc = aSA->iGroupDesc;
+ iChosenProposal_I.iAttrList->iGroupType = aSA->iGroupType;
+ iChosenProposal_I.iAttrList->iKeyLength = aSA->iKeyLength;
+ if ( aSA->iLifeTimeSecs )
+ iChosenProposal_I.iAttrList->iLifeDurationSecs.Copy((TUint8 *)&aSA->iLifeTimeSecs, sizeof(TUint32));
+ if ( aSA->iLifeTimeKB )
+ iChosenProposal_I.iAttrList->iLifeDurationKBytes.Copy((TUint8 *)&aSA->iLifeTimeKB, sizeof(TUint32));
+
+
+ iHostData = aSA->iIkeData;
+ if ( iHostData->iCAList && iHostData->iCAList->Count() )
+ {
+ iPkiService = CIkeV1PkiService::NewL(iHostData, iDebug);
+ }
+
+ if (aRole == INITIATOR)
+ {
+ GetAcquireDataL(*aReq); //Data needed from the acquire
+ }
+ else //RESPONDER
+ {
+ iAcquireSeq = 1; //msg Seq. number
+ }
+
+ //
+ //NAT Traversal data
+ //
+ iFamiliarPeer = aSA->iFamiliarPeer;
+ iNAT_T_Required = aSA->iNAT_T_Required;
+
+ //
+ //Copy an Internal address object (if exists) to the new negotiation
+ //
+ if ( aSA->iVirtualIp )
+ {
+ iInternalAddr = CInternalAddress::NewL(*(aSA->iVirtualIp));
+ }
+
+ iNAT_D_Flags = aSA->iNAT_D_Flags;
+ if ( iNAT_D_Flags ) {
+ //
+ // Use IETF specified NAT traversal
+ //
+ iNatDiscovery = CIkev1NatDiscovery::NewL(aSA->iNAT_D_Flags);
+ }
+
+ //Keys (DH Generated public value when own)
+ iSKEYID.Copy(aSA->iSKEYID);
+ iSKEYID_d.Copy(aSA->iSKEYID_d);
+ iSKEYID_a.Copy(aSA->iSKEYID_a);
+ iSKEYID_e.Copy(aSA->iSKEYID_e);
+
+ //IV used by des_cbc and des3_cbc is 8 but digest returns 16 bytes for MDx and 20 for SHS (first 8 used)
+ iIV = aSA->iIV; //normal IV
+ iIVSize = iIV.Length();
+
+ iLastIV = aSA->iLastIV; //Saves the last IV of PHASE_I to compute iNotifIV everytime
+
+ //Nonces
+// iNONCE_I = aSA->iNONCE_I;
+// iNONCE_R = aSA->iNONCE_R;
+ //
+ // If the ISAKMP SA (=aSA) has been originally negotiated due the policy activation (iAutoLogin = ETrue)
+ // The iLocalAddr maybe then undefined in aSA.
+ // If local end is acting as an initiator, method GetAcquireDataL updates iLocalAddr in CIkev1Negotiation object.
+ // In that case take iLocalAddr value from there and store it to CIsakmpSa (aSA) object.
+ // If local end is acting as a responder, resolve iLocalAddr value.
+ //
+ if ( aSA->iAutoLogin )
+ {
+ if ( aRole == INITIATOR)
+ iLocalAddr = aSA->iLocalAddr;
+ else User::LeaveIfError( iPluginSession->GetLocalAddress( iLocalAddr ) );
+ }
+ iDPDSupported = aSA->iDPDSupported;
+
+ iSAId = aSA->iSAId; // Reference to existin ISAKMP SA
+ iStage = 1; //if initiator the stage will be set in a subsequent call to InitPhase_IIL()
+}
+
+//Leaves if error detected
+void CIkev1Negotiation::CommonConstructL()
+{
+ iPhase = PHASE_I;
+ iTimer = CIkev1Timeout::NewL(*this);
+
+ //Phase II proposal lists
+ iProposal_IIList = new (ELeave) CProposal_IIList(1);
+
+ iRemoteAddr.SetPort(IKE_PORT);
+
+ iHostData = &iPluginSession->IkeData();
+ if (!iHostData)
+ {
+ DEBUG_LOG(_L("The host has no data. Negotiation aborted"));
+ User::Leave(KKmdIkeNoPolicyErr);
+ }
+
+ if ( iHostData->iCAList && iHostData->iCAList->Count() )
+ {
+ iPkiService = CIkeV1PkiService::NewL(iHostData, iDebug);
+ TInt stat ( EFalse );
+ stat=ReadCAsL(iHostData->iCAList); // Build trusted CA list
+ if ( !stat )
+ {
+ SetErrorStatus( KVpnErrInvalidCaCertFile );
+ User::Leave(KVpnErrInvalidCaCertFile);
+ }
+ }
+ iSendCert = iHostData->iAlwaysSendCert; //If true will always be sent, otherwise only with a CR
+
+ //Proposals
+ if (!BuildProposals1L())
+ {
+ SetFinished();
+ User::Leave(KKmdIkePolicyFileErr); //if any error returns
+ }
+
+ iEncoding = X509_CERT_SIG; //Only type in use
+
+ iChosenProposal_I.iAttrList = new (ELeave) TAttrib; //allocated now and deleted when destroying the obj
+ User::LeaveIfError( iPluginSession->GetLocalAddress( iLocalAddr ) );
+
+ //PFKEY data (is overwritten if initiator because we use the data given in the acquire
+
+ iAcquireSeq = 1;//msg Seq. number of acquire needed for the UPDATE
+ iSeq = 1; //Sequence number for pfkey messages
+
+ iLastRemoteAddr = iRemoteAddr; // Used as destination address when sending data
+#ifdef _DEBUG
+ TBuf<40> txt_addr;
+ iRemoteAddr.OutputWithScope(txt_addr);
+#endif
+
+ iLastMsg = HBufC8::NewL(4096);
+
+ DEBUG_LOG1( _L("New negotiation with Host %S"),
+ &txt_addr );
+
+ if ( !iHostData->iUseNatProbing && iHostData->iEspUdpPort == 0 )
+ {
+ //
+ // Use IETF specified NAT traversal
+ //
+ iNatDiscovery = CIkev1NatDiscovery::NewL(0);
+ }
+
+ if ( iRole == RESPONDER )
+ {
+ //
+ // Get base value internal address (=VPN virtual IP)
+ //
+ iInternalAddr = iPluginSession->InternalAddressL();
+ }
+}
+
+
+TBool CIkev1Negotiation::ReadCAsL(CArrayFixFlat<TCertInfo*> *aCAList)
+{
+
+ TBool Status = iPkiService->ImportCACertsL(aCAList);
+
+#ifdef _DEBUG
+ if ( !Status )
+ {
+ DEBUG_LOG( _L("Trusted CA list creation failed!") );
+ }
+#endif // _DEBUG
+
+ return Status;
+
+}
+
+TBool CIkev1Negotiation::ReadOwnCertL()
+{
+ //
+ // Read own certificate from PKI store using own trusted CA as
+ // specified issuer
+ //
+ TBool Status = EFalse;
+ _LIT(KVpnApplUid, "101F7993");
+ if ( iPkiService && iHostData->iCAList )
+ {
+ TCertInfo* CertInfo;
+ HBufC8* CAName = HBufC8::NewLC(256);
+ TInt i = 0;
+ if ( iHostData->iCAList->At(0)->iData!=KVpnApplUid )
+ {
+ while ( i < iHostData->iCAList->Count() )
+ {
+
+ CertInfo = iHostData->iCAList->At(i);
+ CAName->Des().Copy(CertInfo->iData); // Assure that CA name is in ASCII format
+ if ( iPkiService->ReadUserCertWithNameL(CAName->Des(), iHostData, EFalse) == KErrNone )
+ {
+ Status = ETrue;
+ delete iOwnCert; // delete old if exists
+ iOwnCert = iPkiService->GetCertificate();
+ delete iPeerTrustedCA; // for sure
+ iPeerTrustedCA = iPkiService->GetTrustedCA();
+ CleanupStack::PopAndDestroy(CAName); //CAName
+ CAName=NULL;
+ break;
+ }
+ i ++;
+ }
+ if (!Status)
+ {
+ CleanupStack::PopAndDestroy(CAName);
+ CAName=NULL;
+ }
+ }
+ else
+ {
+ CIkeCaList* trustedCaList = iPkiService->CaList();
+ CleanupStack::PopAndDestroy(CAName);
+ CAName=NULL;
+ while ( i < trustedCaList->Count() )
+ {
+
+ CIkeCaElem* CaElem = (*trustedCaList)[i];
+ CAName = IkeCert::GetCertificateFieldDERL(CaElem->Certificate(), KSubjectName);
+ if (CAName == NULL)
+ {
+ User::Leave(KErrArgument);
+ }
+ CleanupStack::PushL(CAName);
+ if ( iPkiService->ReadUserCertWithNameL(*CAName, iHostData, ETrue) == KErrNone)
+ {
+ Status = ETrue;
+ delete iOwnCert; // delete old if exists
+ iOwnCert = iPkiService->GetCertificate();
+ delete iPeerTrustedCA;
+ iPeerTrustedCA = iPkiService->GetTrustedCA();
+ CleanupStack::PopAndDestroy(CAName);
+ CAName=NULL;
+
+
+ break;
+ }
+ i ++;
+
+ CleanupStack::PopAndDestroy(CAName);
+ CAName=NULL;
+ }
+ }
+ if ( !Status )
+ {
+ DEBUG_LOG( _L("Error loading Own Certificate!") );
+ }
+ }
+ return Status;
+}
+
+
+
+void CIkev1Negotiation::GetAcquireDataL(const TPfkeyMessage &aReq)
+{
+ // ACQUIRE Contains: <Base, Addr(Src & Dest) (Addr(Proxy)), (Ident(S & D)), (Sensitivity), Proposal>
+
+ iLocalAddr = *aReq.iSrcAddr.iAddr; //Copies our own address because it's the only way to know it
+
+ //Phase II proposals
+ //Only one combination received so only one transform
+ CProposal_II *prop_II = new (ELeave) CProposal_II();
+ CleanupStack::PushL(prop_II);
+ prop_II->ConstructL();
+ iProposal_IIList->AppendL(prop_II);
+ CleanupStack::Pop(); //prop_II safe in case of leave
+
+ prop_II->iProposalNum = FIRST_IPSEC_PROPOSAL;
+ prop_II->iNumTransforms = 1;
+ prop_II->iReplayWindowLength = aReq.iProposal.iExt->sadb_prop_replay;
+ TAttrib_II *attr_II = new (ELeave) TAttrib_II();
+ CleanupStack::PushL(attr_II);
+ prop_II->iAttrList->AppendL(attr_II); //added into the proposal so it's safe if function leaves
+ CleanupStack::Pop(); //attr_II safe in case of leave
+
+ attr_II->iTransformNum = FIRST_IPSEC_TRANSFORM;
+
+ if (aReq.iBase.iMsg->sadb_msg_satype==SADB_SATYPE_AH)
+ {
+ prop_II->iProtocol = PROTO_IPSEC_AH;
+ if (aReq.iProposal.iComb->sadb_comb_auth == SADB_AALG_MD5HMAC)
+ {
+ attr_II->iTransformID = AH_MD5;
+ attr_II->iAuthAlg = DOI_HMAC_MD5;
+ }
+ else if (aReq.iProposal.iComb->sadb_comb_auth == SADB_AALG_SHA1HMAC)
+ {
+ attr_II->iTransformID=AH_SHA;
+ attr_II->iAuthAlg = DOI_HMAC_SHA;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unsupported Authentication Algorithm in Acquire"));
+ SetFinished();
+ return;
+ }
+ // No auth with variable encryption
+ }
+ else if (aReq.iBase.iMsg->sadb_msg_satype == SADB_SATYPE_ESP)
+ {
+ prop_II->iProtocol=PROTO_IPSEC_ESP;
+ /* Request ESP from peer host */
+
+ attr_II->iTransformID = aReq.iProposal.iComb->sadb_comb_encrypt;
+ switch ( attr_II->iTransformID )
+ {
+ case ESP_DES_CBC:
+ case ESP_3DES_CBC:
+ case ESP_NULL:
+ break;
+
+ case ESP_AES_CBC:
+ attr_II->iKeyLength = aReq.iProposal.iComb->sadb_comb_encrypt_maxbits;
+ break;
+
+ default:
+ DEBUG_LOG(_L("IPsec Encryption algorithm is not implemented. Wrong algorithms file"));
+ SetFinished();
+ return;
+
+ }
+ if (aReq.iProposal.iComb->sadb_comb_auth != SADB_AALG_NONE)
+ {
+ if (aReq.iProposal.iComb->sadb_comb_auth == SADB_AALG_MD5HMAC)
+ attr_II->iAuthAlg = DOI_HMAC_MD5;
+ else if (aReq.iProposal.iComb->sadb_comb_auth == SADB_AALG_SHA1HMAC)
+ attr_II->iAuthAlg = DOI_HMAC_SHA;
+ else
+ {
+ DEBUG_LOG(_L("Unsupported Authentication Algorithm in Acquire"));
+ SetFinished();
+ return;
+ }
+ }
+ }
+
+ //Check if PFS in use...
+ if (aReq.iProposal.iComb->sadb_comb_flags & SADB_SAFLAGS_PFS)
+ {
+ iPFS=ETrue;
+ switch (iHostData->iGroupDesc_II)
+ {
+ case IKE_PARSER_MODP_768:
+ attr_II->iGroupDesc = MODP_768;
+ break;
+ case IKE_PARSER_MODP_1024:
+ attr_II->iGroupDesc = MODP_1024;
+ break;
+ case IKE_PARSER_MODP_1536:
+ attr_II->iGroupDesc = MODP_1536;
+ break;
+ case IKE_PARSER_MODP_2048:
+ attr_II->iGroupDesc = MODP_2048;
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Group description)"));
+ SetFinished();
+ return;
+ }
+ }
+ else
+ {
+ iPFS=EFalse;
+ attr_II->iGroupDesc = 0; //No group assigned because no PFS
+ }
+
+ if (aReq.iProposal.iComb->sadb_comb_flags & SADB_SAFLAGS_TUNNEL)
+ {
+ attr_II->iEncMode = DOI_TUNNEL;
+ }
+ else
+ {
+ attr_II->iEncMode = DOI_TRANSPORT;
+ }
+
+ iIDLocalPort = (TUint16)aReq.iSrcAddr.iAddr->Port();
+ iIDRemotePort = (TUint16)aReq.iDstAddr.iAddr->Port();
+ iIDProtocol = aReq.iDstAddr.iExt->sadb_address_proto; //May be needed for phase II ID
+
+ //Source Identity
+ if (aReq.iSrcIdent.iExt)
+ {
+ if (aReq.iSrcIdent.iExt->sadb_ident_type == SADB_IDENTTYPE_PREFIX)
+ {
+ if ( !ProcessIdentityData(aReq.iSrcIdent.iData, &iLocalIDType_II,
+ &iLocalAddr1_ID_II, &iLocalAddr2_ID_II) )
+ {
+ SetFinished();
+ return;
+ }
+ }
+ else //Invalid identity type
+ {
+ DEBUG_LOG1(_L("Invalid Local identity type (%d)"), aReq.iSrcIdent.iExt->sadb_ident_type);
+ SetFinished();
+ return;
+ }
+ }
+ else
+ {
+ //We need to assign a default address if other info is to be sent in the same payload
+ if (attr_II->iEncMode == DOI_TUNNEL || iIDLocalPort != 0 || iIDRemotePort != 0 ||
+ iIDProtocol != 0 || aReq.iDstIdent.iExt)
+ {
+ DEBUG_LOG(_L("Local Identity not defined and needed. Using Own address as local identity."));
+ iLocalAddr1_ID_II = iLocalAddr;
+ if ((iLocalAddr.Family() == KAfInet) || iLocalAddr.IsV4Mapped() )
+ iLocalIDType_II = ID_IPV4_ADDR;
+ else
+ iLocalIDType_II = ID_IPV6_ADDR;
+ iDefaultLocalID = ETrue; //Must be sent but won't be used when updating the SAD
+ }
+ }
+
+ //Destination Identity
+ if (aReq.iDstIdent.iExt)
+ {
+ if (aReq.iDstIdent.iExt->sadb_ident_type == SADB_IDENTTYPE_PREFIX)
+ {
+ if ( !ProcessIdentityData(aReq.iDstIdent.iData, &iRemoteIDType_II,
+ &iRemoteAddr1_ID_II, &iRemoteAddr2_ID_II) )
+ {
+ SetFinished();
+ return;
+ }
+ }
+ else //Invalid identity type
+ {
+
+ DEBUG_LOG1( _L("Invalid Destination identity type (%d)"), aReq.iDstIdent.iExt->sadb_ident_type );
+ SetFinished();
+ return;
+ }
+ }
+ else
+ {
+ //
+ // RemoteID_II is required only if LocalID_II already exists
+ // If transports mode
+ // Build RemoteID_II for Quick mode negotiation from specified remote IP address
+ // else Use subnet 0/0 as remote id
+ //
+ if ( iLocalIDType_II != 0 )
+ {
+ if ( attr_II->iEncMode == DOI_TUNNEL ) {
+ if ( iLocalIDType_II == ID_IPV4_ADDR || iLocalIDType_II == ID_IPV4_ADDR_SUBNET ) {
+ iRemoteAddr1_ID_II.Init(KAfInet);
+ iRemoteAddr2_ID_II.Init(KAfInet);
+ iRemoteIDType_II = ID_IPV4_ADDR_SUBNET;
+ }
+ else {
+ iRemoteAddr1_ID_II.Init(KAfInet6);
+ iRemoteAddr2_ID_II.Init(KAfInet6);
+ iRemoteIDType_II = ID_IPV6_ADDR_SUBNET;
+ }
+ }
+ else {
+ iRemoteAddr1_ID_II = *aReq.iDstAddr.iAddr;
+ if ( iRemoteAddr1_ID_II.Family() == KAfInet6 )
+ iRemoteIDType_II = ID_IPV6_ADDR;
+ else iRemoteIDType_II = ID_IPV4_ADDR;
+ }
+ iDefaultRemoteID = ETrue; //Must be sent but won't be used when updating the SAD
+ }
+ }
+
+ //Only Hard Lifetimes taken into account
+ TInt64 lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_addtime;
+ iHardLifetime = aReq.iProposal.iComb->sadb_comb_hard_addtime;
+
+ if ( lifetime64 == 0 )
+ {
+ lifetime64 = iHardLifetime;
+ }
+
+ TUint high = 0;
+ TUint low = 0;
+ if (lifetime64!=0)
+ {
+ high = ByteOrder::Swap32(I64HIGH(lifetime64));
+ if (high > 0)
+ attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high));
+ low = ByteOrder::Swap32(I64LOW(lifetime64));
+ attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low));
+ }
+
+ //Bytes lifetime
+ lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_bytes;
+ lifetime64 = (lifetime64/1024); //Bytes to KB
+ if (lifetime64 != 0)
+ {
+ high = ByteOrder::Swap32(I64HIGH(lifetime64));
+ if (high > 0)
+ attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high));
+ low = ByteOrder::Swap32(I64LOW(lifetime64));
+ attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low));
+ }
+
+ //Save some pf_key data to use later in PFKEY_UPDATE msg
+ iAcquireSeq = aReq.iBase.iMsg->sadb_msg_seq; //msg Seq. number
+ iPfkeyAcquirePID = aReq.iBase.iMsg->sadb_msg_pid; //msg PID.
+ iAcquirePending = ETrue;
+ DEBUG_LOG2( _L("Acq seq= %d , PID= %d"), iAcquireSeq, iPfkeyAcquirePID );
+
+}
+
+//
+// CIkev1Negotiation::ExecuteL()
+// An ISAKMP message has been received belonging to this negotiation.
+// Process the message and advance the negotiation session to appropriate
+// next state/stage.
+//
+TBool CIkev1Negotiation::ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aRemote,
+ TInt aLocalPort )
+{
+ aLocalPort = aLocalPort;
+
+ TBool ret=EFalse;
+ const ThdrISAKMP *hdr;
+ TUint8 *msg = NULL; //to place the new msg
+ TBuf8<IKEV1_MAX_IV_SIZE> tmp_IV(iIV); //Temporal IV. Used to update the real one if the msg OK
+
+ TLastIKEMsg msg_info(aHdr); //For retransmitted IKE msg detection
+ if ( IsRetransmit(msg_info) ) {
+ DEBUG_LOG(_L("Retransmitted IKE message received."));
+ TBool FloatedPort = EFalse;
+ if ( iNAT_D_Flags & (REMOTE_END_NAT + LOCAL_END_NAT) )
+ FloatedPort = ETrue;
+ TPtr8 lastMsg(iLastMsg->Des());
+ iPluginSession->SendIkeMsgL(lastMsg, iLastRemoteAddr, FloatedPort);
+ return EFalse;
+ }
+
+ if ( iPhase == PHASE_II &&
+ aHdr.GetExchange() != IKE_QUICK_MODE )
+ {
+ DEBUG_LOG(_L("Bad packet (retransmission?)"));
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8 *)&aHdr, (TUint16)aHdr.GetLength() );
+ TInetAddr dstAddr;
+ iPluginSession->GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, iRemoteAddr, dstAddr );
+#endif // _DEBUG
+
+ SetFinished();
+ return EFalse; //Bad packet, is a retransmission
+ }
+
+ iLastRemoteAddr = aRemote; //Save last remote address (used in NAT cases)
+
+ iLengthLeft = aHdr.GetLength(); //Used to check the size in the payload are OK
+
+ DEBUG_LOG2( _L("---------- Phase %d - Stage %d ----------"), iPhase, iStage );
+
+ if ((iStage==1) && (iPhase==PHASE_I)) //Only saved for the first message
+ iExchange = aHdr.GetExchange();
+
+ DEBUG_LOG1( _L("Exchange %d"), aHdr.GetExchange() );
+
+ if (aHdr.GetFlags() & ISAKMP_HDR_EFLAG) //if encrypted
+ {
+ //before anything, prints the packet
+ DEBUG_LOG(_L("Received message (encr)."));
+ DEBUG_LOG(_L("Decrypting..."));
+ msg = new (ELeave)(TUint8[aHdr.GetLength()]); //to place the new msg
+ CleanupStack::PushL(msg);
+
+ Mem::Copy(msg,(TUint8 *)&aHdr,sizeof(aHdr)); //The header is not encrypted
+
+ if ((iPhase==PHASE_II) && (iStage == 1))
+ {
+ iMessageId = aHdr.GetMessageId(); //Saves the ID to compute IV
+ DEBUG_LOG(_L("Quick IV:"));
+ ComputeIVL(iIV, iMessageId);
+ }
+
+ DecryptL((TUint8 *)aHdr.Next(),&msg[sizeof(aHdr)], aHdr.GetLength()-sizeof(aHdr),iIV, iSKEYID_e, iChosenProposal_I.iAttrList->iEncrAlg);
+ if ((iStage == 6 && iExchange == ISAKMP_EXCHANGE_ID) ||
+ (iStage == 3 && iExchange == ISAKMP_EXCHANGE_AGGR))
+ {
+ iLastIV.Copy(iIV); //Saves last IV in Phase 1
+ DEBUG_LOG(_L("Last IV Saved!"));
+ }
+ hdr=(ThdrISAKMP *)msg; //decrypted msg
+
+ }
+ else if (iFlags & ISAKMP_HDR_EFLAG) // IKE message SHOULD be encrypted
+ {
+ hdr=&aHdr; //no encryption
+ DEBUG_LOG(_L("Received message."));
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8 *)hdr, (TUint16)hdr->GetLength() );
+ TInetAddr dstAddr;
+ iPluginSession->GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, iRemoteAddr, dstAddr );
+#endif // _DEBUG
+ DEBUG_LOG(_L("The message is NOT encrypted (ignored)"));
+ return EFalse;
+ }
+ else
+ hdr=&aHdr; //no encryption
+
+ DEBUG_LOG(_L("Received message."));
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8 *)hdr, (TUint16)hdr->GetLength() );
+ TInetAddr dstAddr;
+ iPluginSession->GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, iRemoteAddr, dstAddr );
+#endif // _DEBUG
+
+ if (iPhase==PHASE_I)
+ ret = Phase_IExchangeL(*hdr);//MAIN MODE && AGGRESSIVE MODE
+ else
+ {
+ ret = Phase_IIExchangeL(*hdr);//QUICK MODE
+ }
+ if (!ret) //Incorrect packet. Restore the IV
+ {
+ DEBUG_LOG(_L("Restoring previous IV"));
+ iIV.Copy(tmp_IV);
+ }
+ else //correct packet
+ {
+ SaveRetransmitInfo(msg_info); // store new last received IKE message info
+ }
+
+ if ( msg ) //If used erase it (when encryption)
+ CleanupStack::PopAndDestroy();
+
+ return ret;
+}
+
+TBool CIkev1Negotiation::ExecutePhase2L( const ThdrISAKMP &aHdr,
+ const TInetAddr &aRemote,
+ TInt aLocalPort )
+{
+ return ExecuteL( aHdr, aRemote, aLocalPort );
+}
+
+//
+// CIkev1Negotiation::ExecuteTransactionL
+// An ISAKMP Transaction exchange message received.
+// Call CTransNegotiation::ExecuteL method and process returned status
+//
+TBool CIkev1Negotiation::ExecuteTransactionL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aRemote,
+ TInt aLocalPort )
+{
+ TInt status;
+ TBool ret = ETrue;
+ if ( iTransactionNeg ) {
+ status = iTransactionNeg->ExecuteL( aHdr, aRemote, aLocalPort );
+ if ( status == TRANSACTION_SUCCESS ) {
+ //
+ // XAUTH / CONFIG-MODE completed succesfully
+ //
+ IsakmpPhase1CompletedL();
+ }
+ else {
+ if ( status == TRANSACTION_FAILED ) {
+ //
+ // XAUTH / CONFIG-MODE completed succesfully
+ //
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_AUTH_FAIL,
+ KKmdIkeAuthFailedErr,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ SendDeleteL(PROTO_ISAKMP);
+ SetFinished();
+ }
+ }
+ }
+ else ret = EFalse;
+
+ return ret;
+}
+
+
+//
+// CIkev1Negotiation::AuthDialogCompletedL
+// Authentication dialog is completed. Check CAuthDialogInfo object ID
+// and call eithet CIKECRACKNegotiation::ProcessUserResponseL or
+// CTransNegotiation::ProcessUserResponseL to handle dialog data
+//
+void CIkev1Negotiation::AuthDialogCompletedL(CAuthDialogInfo *aUserInfo)
+{
+ if ( !aUserInfo || (!aUserInfo->iUsername && !aUserInfo->iSecret) )
+ {
+ DEBUG_LOG(_L("Legacy authentication cancelled by user!"));
+ SendDeleteL(PROTO_ISAKMP);
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_AUTH_FAIL,
+ KErrCancel,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ SetErrorStatus(KErrCancel);
+ return;
+ }
+
+ TInt status;
+
+ if ( aUserInfo->GetObjId() == XAUTH_DIALOG_ID )
+ {
+ if ( iTransactionNeg )
+ status = iTransactionNeg->ProcessUserResponseL(aUserInfo);
+ else status = TRANSACTION_FAILED;
+
+ if ( status == TRANSACTION_FAILED )
+ {
+ /*--------------------------------------------------------
+ *
+ * XAUTH negotiation failed. Negotiation shall be deleted
+ *
+ *--------------------------------------------------------*/
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_AUTH_FAIL,
+ status,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ SetErrorStatus(KKmdIkeAuthFailedErr);
+ AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+ }
+ }
+ else
+ {
+ if ( iCRACKneg )
+ status = iCRACKneg->ProcessUserResponseL(aUserInfo);
+ else status = CRACK_FAILED;
+
+ if ( status == CRACK_FAILED )
+ {
+ /*--------------------------------------------------------
+ *
+ * Crack negotiation failed. Negotiation shall be deleted
+ *
+ *--------------------------------------------------------*/
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_AUTH_FAIL,
+ status,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ SetErrorStatus(KKmdIkeAuthFailedErr);
+ AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+ }
+ }
+}
+
+
+//
+// CIkev1Negotiation::StartCRACKAuthL
+// Start CRACK authentication phase of IKE phase I negotiation
+// - Create CIKECRACKNegotiation object and call it`s ConstructL
+// - Set iStage variable to 7 to indicate that CRACK authentication
+// is going
+//
+TBool CIkev1Negotiation::StartCRACKAuthL()
+{
+TInt status;
+
+ iStage = 7;
+
+ if ( !iCRACKneg ) {
+ iCRACKneg = new(ELeave) CIKECRACKNegotiation( iDebug );
+ TBuf<2> DummyDomain;
+ //
+ // If the IKE Id-type value is configured to value "Opaque
+ // String" and iFQDN length is larger than zero in the current
+ // policy ==> iFQDN value contains "Group name" value
+ // which shall be conveyed to the peer in CRACK "Domain name"
+ // attribute
+ //
+ iFlags |= ISAKMP_HDR_EFLAG; //From now on encryption is used
+
+ if ( (iHostData->iIdType == ID_KEY_ID) && (iHostData->iFQDN.Length() > 0 ) )
+ status = iCRACKneg->ConstructL(iHostData->iCRACKLAMType, this, iHostData->iFQDN);
+ else status = iCRACKneg->ConstructL(iHostData->iCRACKLAMType, this, DummyDomain);
+ if ( status == CRACK_FAILED ) {
+ return EFalse;
+ }
+ }
+
+ return ETrue;
+}
+
+//
+// CIkev1Negotiation::IsakmpPhase1CompletedL
+// This method is called when an ISAKMP phase 1 negotiation is succesfully
+// completed. The following actions are taken:
+// -- If either Extended authentication or/and Config mode required
+// If iTransactionNeg data member exists it means that XAUTH/CONFIG mode
+// has been succesfully completed.
+// If iTransactionNeg data member is NULL, XAUTH/CONFIG mode shall be initiated
+// -- If No XAUTH/CONFIG mode (or if XAUTH/CONFIG mode already completed).
+// If iAutoLogin is TRUE save ISAKMP SA and deconstruct negotiation.
+// If iAutoLogin is False, save ISAKMP SA and;
+// if negotiation role is initiator continue with Quick mode exchange.
+// if negotiation role is responder deconstruct negotiation.
+//
+TBool CIkev1Negotiation::IsakmpPhase1CompletedL()
+{
+ TBool Status;
+
+ if ( iTransactionNeg ) {
+ //
+ // Try to get Internal address information and delete iTransactionNeg
+ //
+ delete iInternalAddr;
+ iInternalAddr = iTransactionNeg->GetInternalAddr();
+ delete iTransactionNeg;
+ iTransactionNeg = NULL;
+ }
+ else {
+ if ( (iRole == INITIATOR) && (iHostData->iUseXauth || iHostData->iUseCfgMode) )
+ {
+ TBool useModeCfg;
+ if ( iSARekeyInfo )
+ useModeCfg = EFalse; // Use existing virtual Ip, if any
+ else
+ useModeCfg = iHostData->iUseCfgMode;
+
+ iTransactionNeg = CTransNegotiation::NewL( iHostData->iUseXauth,
+ useModeCfg,
+ iPluginSession,
+ this,
+ iDebug );
+
+ // If only MODE_CFG is needed a request is sent
+ if(useModeCfg && !iHostData->iUseXauth)
+ iTransactionNeg->BuildConfigRequestL();
+
+ iStage = 8;
+ return ETrue;
+ }
+ }
+
+ SaveISAKMPSAL();
+
+ if ( iAutoLogin ) {
+ //
+ // ISAKMP Phase 1 completed. Quick mode is NOT started because there is no acquire pending
+ // but phase 1 negotiation is started by the policy activation.
+ //
+ CInternalAddress* internalAddr = NULL;
+ if ( iInternalAddr != NULL )
+ {
+ internalAddr = CInternalAddress::NewL(*iInternalAddr);
+ }
+ iPluginSession->IkeSaCompleted(KErrNone, internalAddr);
+ SetFinished(); // Causes negotiation object destruction
+ iAutoLogin = EFalse;
+ Status = EFalse;
+ }
+ else {
+ if ( iRole == INITIATOR ) {
+ TBool internalAddressChanged = EFalse;
+ if ( iInternalAddr ) {
+ //
+ // Report internal IP address changed event
+ //
+ internalAddressChanged = iPluginSession->InternalAddressChangedL(*iInternalAddr);
+ }
+ if ( (!iSARekeyInfo ||
+ iPhaseIIAfterIkeSaRekey) &&
+ !internalAddressChanged )
+ {
+ iPhaseIIAfterIkeSaRekey = EFalse;
+ iPrevExchange = iExchange; //Needed to know how to begin Phase II (Sending or receiving)
+ iExchange = IKE_QUICK_MODE;
+ iPhase = PHASE_II;
+ iStage = 1;
+ Status = ETrue;
+ iMessageId = RandomMessageId();
+ InitPhase2L(); //Immediately inits PHASE_II. No reply expected.
+ }
+ else {
+ //
+ // Rekeyed IKE SA or internal address changed. No IKE quick mode started
+ // Pending acquire will be failed, if internal address has changed.
+ //
+ SetFinished();
+ Status = EFalse;
+ }
+ }
+ else {
+ SetFinished(); // Causes negotiation object destruction
+ Status = EFalse;
+ }
+ }
+
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogInfo,
+ R_VPN_MSG_VPN_GW_AUTH_OK,
+ KErrNone,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+
+ TInt NatStatus = iNAT_D_Flags; // Record "IETF" NAT status
+ if ( NatStatus == 0 )
+ {
+ if ( iNAT_T_Required )
+ NatStatus = 4; // Local end is NAT:ted (discovered via "Nokia" NAT-T)
+ else if ( !iHostData->iUseNatProbing )
+ NatStatus = iHostData->iEspUdpPort; // "Forced" ESP UDP encapsulation ?
+ }
+
+ TInetAddr localAddr;
+ iPluginSession->GetLocalAddress( localAddr );
+ LOG_KMD_EVENT2( MKmdEventLoggerIf::KLogInfo,
+ R_VPN_MSG_ADDR_INFO_FOR_VPN_AP,
+ NatStatus, iPluginSession->VpnIapId(),
+ (iInternalAddr ? &iInternalAddr->iClientIntAddr : NULL),
+ &localAddr );
+
+ return Status;
+}
+
+
+//Sends the initial IKE packets to start the negotiation. PHASE I
+void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1
+{
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+
+ TInt vendor_id_type;
+
+ //Main mode stage 1
+
+ switch (iHostData->iMode)
+ {
+ case IKE_PARSER_MAIN:
+ iExchange = ISAKMP_EXCHANGE_ID; // Identity Protection (Main mode in IKE)
+ DEBUG_LOG(_L("IKE: Initiating negotiation (Main Mode)"));
+ break;
+ case IKE_PARSER_AGGRESSIVE:
+ iExchange = ISAKMP_EXCHANGE_AGGR; // Agressive
+ DEBUG_LOG(_L("IKE: Initiating negotiation (Aggressive Mode)"));
+ break;
+ default:
+ DEBUG_LOG1(_L("Bad Mode used (%d)"), iHostData->iMode);
+ return;
+ }
+ iStage = 1;
+ DEBUG_LOG2(_L("---------- Phase %d - Stage %d ----------"),iPhase, iStage);
+
+ iCookie_R.FillZ(ISAKMP_COOKIE_SIZE); //Set responder Cookie to 0
+
+ iDOI = IPSEC_DOI;
+ iEncoding = X509_CERT_SIG; //Only cert Allowed
+ msg->IsakmpInit(this);
+ msg->IsakmpSa();
+
+ const TUint8 *ptr = msg->iBuf.Ptr() + sizeof(ThdrISAKMP);
+ const TSAISAKMP *sa = (TSAISAKMP*)ptr;
+ //Generic payload NOT included
+ iSAPayloadSize = sa->GetLength() - sizeof(TPayloadISAKMP);
+ delete iSAPayload;
+ iSAPayload = NULL;
+ iSAPayload = new (ELeave) TUint8[iSAPayloadSize];
+ ptr += sizeof(TPayloadISAKMP);
+ Mem::Copy(iSAPayload, ptr,iSAPayloadSize);
+
+ TBool cert_required = EFalse; //If any proposal requires a cert to send a CR if needed
+ TBool preshared_key = EFalse; //Preshared key authentication
+ TBool crack_used = EFalse;
+
+ TAttrib *transf = iProposal_I.iAttrList;
+ for (TInt i=0; (i < iProposal_I.iNumTransforms) && (!cert_required); i++)
+ {
+ switch (transf->iAuthMethod)
+ {
+ case RSA_SIG: //Proposals involving certificates
+ case DSS_SIG:
+ cert_required = ETrue;
+ break;
+ case IKE_A_CRACK:
+ cert_required = ETrue;
+ crack_used = ETrue;
+ break;
+ default: // No cert involved
+ preshared_key = ETrue;
+ transf = transf->iNext;
+ }
+ }
+
+ if (crack_used &&
+ !iHostData->iCRACKLAMUserName &&
+ !iHostData->iCRACKLAMPassword)
+ {
+ TBuf<256> UserName;
+ TBuf<64> Password;
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ if (KErrNone != Dialog->GetSyncUNPWCacheDialog(UserName, Password))
+ {
+ DEBUG_LOG(_L("Failed to get credentials for crack auth!"));
+ SetFinished();
+ delete Dialog;
+ return;
+ }
+ iHostData->iCRACKLAMUserName = TStringData::NewL(UserName);
+ iHostData->iCRACKLAMPassword = TStringData::NewL(Password);
+ delete Dialog;
+ }
+
+ if (iExchange == ISAKMP_EXCHANGE_AGGR) //Aggressive contains more payloads
+ {
+ if ( preshared_key && !cert_required ) {
+ //
+ // Only pre-shared key authentication proposal(s) exists
+ // Check if is necessary to ask user name/password (= IKE ID/preshared key)
+ // from user
+ //
+ if ( CheckCredentials(iHostData) != KErrNone ) {
+ DEBUG_LOG(_L("Failed to get credentials for Aggressive pre-shared auth!"));
+ SetFinished();
+ return;
+ }
+ }
+ ComputeNonceL(); //Nonce to be sent
+ if ( cert_required && !iOwnCert )
+ ReadOwnCertL(); // For possible DER ASN1 distuingish name Ident
+ msg->IsakmpKeyL();
+ msg->IsakmpNonce();
+ msg->IsakmpOwnIdentL();
+
+ //For aggressive mode we send a CR if a cert is going to be needed
+ if ((!iPeerX509Cert) && (cert_required))
+ {
+ msg->IsakmpCertificateReqL();
+ }
+ if ( iHostData->iUseNatProbing )
+ vendor_id_type = EXPANDED_VENDOR_ID;
+ else vendor_id_type = HASH_VENDOR_ID;
+ msg->IsakmpVendorId(vendor_id_type,
+ (TUint8*)iCookie_I.Ptr(),
+ (TUint8*)iCookie_R.Ptr(), iLocalAddr);
+
+ }
+
+ if ( iHostData->iDPDHeartBeat != 0 )
+ BuildDPDVendorId(*msg);
+
+ if ( iNatDiscovery ) {
+ iNatDiscovery->BuildNatVendorId(*msg);
+ iNatDiscovery->BuildRfcNatVendorId(*msg);
+ }
+
+ if ( iHostData->iUseXauth || iHostData->iUseCfgMode ) {
+ CTransNegotiation::BuildXauthVendorId(*msg);
+ }
+
+ SendL(*msg);
+ iStage = 2;
+}
+
+//Builds the proposal list from the structure in the engine
+TBool CIkev1Negotiation::BuildProposals1L()
+{
+ TProposalData *p_list = iHostData->iPropList;
+
+ if (!p_list)
+ {
+ DEBUG_LOG(_L("ERROR: No proposals in the configuration file. Negotiation Cancelled"));
+ return EFalse;
+ }
+ iProposal_I.iSPI.FillZ(4); //filled with 0 (not send anyway)
+ iProposal_I.iProposalNum = FIRST_ISAKMP_PROPOSAL;
+ iProposal_I.iProtocol = PROTO_ISAKMP;
+ iProposal_I.iNumTransforms = 0;
+
+ TUint8 trans_num = FIRST_ISAKMP_TRANSFORM;
+
+ TAttrib *prev=NULL,*attrlist=NULL;
+
+ while ( p_list )
+ {
+ iProposal_I.iNumTransforms ++;
+ attrlist = new (ELeave) TAttrib;
+ if (!iProposal_I.iAttrList) //First transform
+ iProposal_I.iAttrList=attrlist; //attrlist safe
+ if (prev)
+ prev->iNext = attrlist;
+ prev = attrlist;
+
+ attrlist->iTransformID = KEY_IKE; //only one allowed by Protocol ISAKMP (KEY_IKE)
+ attrlist->iTransformNum = trans_num;
+ trans_num++;
+ switch (p_list->iEncrAlg)
+ {
+ case IKE_PARSER_DES_CBC:
+ attrlist->iEncrAlg=DES_CBC; //DES_CBC
+ break;
+ case IKE_PARSER_DES3_CBC:
+ attrlist->iEncrAlg=DES3_CBC; //DES3_CBC
+ break;
+ case IKE_PARSER_AES_CBC:
+ attrlist->iEncrAlg = AES_CBC; //AES_CBC
+ attrlist->iKeyLength = (TUint16)p_list->iEncrKeyLth;
+ if (!attrlist->iKeyLength)
+ attrlist->iKeyLength = 128; //default AES key size
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Encryption algorithm)"));
+ return EFalse;
+ }
+ switch (p_list->iHashAlg)
+ {
+ case IKE_PARSER_MD5:
+ attrlist->iHashAlg=HASH_MD5; //HASH_MD5
+ break;
+ case IKE_PARSER_SHA1:
+ attrlist->iHashAlg=HASH_SHA1; //HASH_SHA1
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Hash algorithm)"));
+ return EFalse;
+ }
+ switch (p_list->iAuthMeth)
+ {
+ case IKE_PARSER_RSA_SIG:
+ attrlist->iAuthMethod=RSA_SIG;
+ break;
+ case IKE_PARSER_DSS_SIG:
+ attrlist->iAuthMethod=DSS_SIG;
+ break;
+ case IKE_PARSER_PRE_SHARED:
+ attrlist->iAuthMethod=PRE_SHARED;
+ break;
+ case IKE_PARSER_CRACK:
+ attrlist->iAuthMethod=IKE_A_CRACK; //CRACK authentication
+ break;
+
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Authentication Method)"));
+ return EFalse;
+ }
+
+ switch (p_list->iGroupDesc)
+ {
+ case IKE_PARSER_MODP_768:
+ attrlist->iGroupDesc = MODP_768;
+ break;
+ case IKE_PARSER_MODP_1024:
+ attrlist->iGroupDesc = MODP_1024;
+ break;
+ case IKE_PARSER_MODP_1536:
+ attrlist->iGroupDesc = MODP_1536;
+ break;
+ case IKE_PARSER_MODP_2048:
+ attrlist->iGroupDesc = MODP_2048;
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Group description)"));
+ return EFalse;
+ }
+
+ switch (p_list->iGroupType)
+ {
+ case IKE_PARSER_MODP:
+ attrlist->iGroupType = MODP;
+ break;
+ case IKE_PARSER_DEFAULT:
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad Group Type)"));
+ return EFalse;
+ }
+
+ switch (p_list->iPRF)
+ {
+ case IKE_PARSER_DES3_CBC_MAC:
+ attrlist->iPRF=OAKLEY_PRF_3DES_CBC_MAC;
+ break;
+ case IKE_PARSER_NONE:
+ break;
+ default:
+ DEBUG_LOG(_L("ISAKMP Proposals error (Bad PRF specified)"));
+ return EFalse;
+ }
+
+ TUint32 lifetime = ByteOrder::Swap32(p_list->iLifetimeSec);
+ if (lifetime)
+ attrlist->iLifeDurationSecs.Copy((TUint8 *)&lifetime, sizeof(lifetime));
+
+ lifetime = ByteOrder::Swap32(p_list->iLifetimeKb);
+ if (lifetime)
+ attrlist->iLifeDurationKBytes.Copy((TUint8 *)&lifetime, sizeof(lifetime));
+
+ //
+ // Store parameters for extended authentication
+ //
+ attrlist->iXauthUsed = iHostData->iUseXauth;
+ attrlist->iRole = iRole;
+
+ p_list = p_list->iNext;
+
+ }
+ attrlist->iNext=NULL; //Last transform
+
+
+ return ETrue;
+}
+
+//Builds Phase_II proposals from the config. file to when acting as RESPONDER to see if
+//proposals received are acceptable.
+TInt CIkev1Negotiation::BuildProposals2L()
+{
+ CIpsecSaSpecList* SaList = NULL;
+ TInetAddr empty_addr; //empty address
+ TInt err = KErrNone;
+
+ TRAP(err,
+ if ( iLocalIDType_II == 0 ) //Local ID not received (so remote neither) so it's the same as gateway
+ {
+ TInetAddr localSelector(iLocalAddr);
+ localSelector.SetPort(iIDLocalPort);
+ TInetAddr remoteSelector(iRemoteAddr);
+ remoteSelector.SetPort(iIDRemotePort);
+
+ SaList = iPluginSession->GetIpseSaSpecListLC(localSelector, empty_addr,
+ remoteSelector, empty_addr,
+ iIDProtocol );
+ }
+ else // either none or both (RFC 2409 5.5 so we must have both)
+ {
+ TInetAddr localSelector(iLocalAddr1_ID_II);
+ localSelector.SetPort(iIDLocalPort);
+ TInetAddr remoteSelector(iRemoteAddr1_ID_II);
+ remoteSelector.SetPort(iIDRemotePort);
+
+
+ SaList = iPluginSession->GetIpseSaSpecListLC(localSelector,
+ iLocalAddr2_ID_II,
+ remoteSelector,
+ iRemoteAddr2_ID_II,
+ iIDProtocol );
+ }
+
+ CleanupStack::Pop(SaList);
+ );
+
+ if (err != KErrNone)
+ return err;
+
+ CleanupStack::PushL(SaList);
+
+ //Phase II proposals
+
+ CProposal_II *prop = NULL;
+ TAttrib_II *attr_II = NULL;
+ const TIpsecSaSpec *spec = NULL;
+ TInt count = SaList->Count();
+ TInt i = 0;
+
+ while ( i < count )
+ {
+ prop = new (ELeave) CProposal_II();
+ CleanupStack::PushL(prop);
+ prop->ConstructL(1);
+ iProposal_IIList->AppendL(prop);
+ CleanupStack::Pop(); //prop safe
+ //
+ // Only 1 proposal which may be AND'd (many prop with same num) if many bundles
+ // Only 1 transform because no OR'ing implemented in IPSEC
+ //
+ prop->iProposalNum = FIRST_IPSEC_PROPOSAL;
+ prop->iNumTransforms = 1;
+
+ attr_II = new (ELeave) TAttrib_II();
+ CleanupStack::PushL(attr_II);
+ prop->iAttrList->AppendL(attr_II);
+ CleanupStack::Pop(); //attr_II safe
+
+ attr_II->iTransformNum = FIRST_IPSEC_TRANSFORM;
+
+ spec = &(SaList->At(i));
+
+ if (spec->iType == SADB_SATYPE_AH)
+ {
+ prop->iProtocol=PROTO_IPSEC_AH;
+ if (spec->iAalg == SADB_AALG_MD5HMAC)
+ {
+ attr_II->iTransformID = AH_MD5;
+ attr_II->iAuthAlg = DOI_HMAC_MD5;
+ }
+ else if (spec->iAalg == SADB_AALG_SHA1HMAC)
+ {
+ attr_II->iTransformID=AH_SHA;
+ attr_II->iAuthAlg = DOI_HMAC_SHA;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unsupported Authentication Algorithm in IPsec Policy"));
+ err = KKmdIkeNoProposalErr;
+ break;
+ }
+ // No auth with variable encryption
+ }
+ else if (spec->iType == SADB_SATYPE_ESP)
+ {
+ prop->iProtocol = PROTO_IPSEC_ESP;
+ // Request ESP from peer host
+
+ attr_II->iTransformID = spec->iEalg;
+ switch ( attr_II->iTransformID )
+ {
+ case ESP_DES_CBC:
+ case ESP_3DES_CBC:
+ case ESP_NULL:
+ break;
+
+ case ESP_AES_CBC:
+ attr_II->iKeyLength = spec->iEalgLen; //If 0 it won't be sent
+ break;
+
+ default:
+ DEBUG_LOG(_L("IPsec Encryption algorithm is not implemented. Wrong algorithms file"));
+ err = KKmdIkeNoProposalErr;
+ break;
+ }
+
+ if (err != KErrNone)
+ {
+ break;
+ }
+
+ if (spec->iAalg != SADB_AALG_NONE)
+ {
+ if (spec->iAalg == SADB_AALG_MD5HMAC)
+ attr_II->iAuthAlg = DOI_HMAC_MD5;
+ else if (spec->iAalg == SADB_AALG_SHA1HMAC)
+ attr_II->iAuthAlg = DOI_HMAC_SHA;
+ else
+ {
+ DEBUG_LOG(_L("Unsupported Authentication Algorithm in IPsec Policy"));
+ err = KKmdIkeNoProposalErr;
+ break;
+ }
+ }
+ }
+
+ //Check if PFS in use...
+ iPFS = spec->iPfs;
+
+ if (spec->iTransportMode)
+ attr_II->iEncMode = DOI_TRANSPORT;
+ else attr_II->iEncMode = DOI_TUNNEL;
+
+ //////////////////////////////////////////////////////////
+ //
+ // Check if remote identity defined in Security Policy
+ // If it is not set iDefaultLocalID = ETrue.
+ // This prevents destination identity information to IPSEC
+ // in PFKEY Update- and Add primitives
+ // (see UpdateSADatabaseL() method)
+ //
+ //////////////////////////////////////////////////////////
+ if ( spec->iRemoteIdentity.Length() == 0 )
+ iDefaultLocalID = ETrue;
+ if ( !ExamineRemoteIdentity(spec->iRemoteIdentity) )
+ {
+ DEBUG_LOG(_L("Remote Identity mismatch with IPsec Policy"));
+ err = KKmdIkeNoProposalErr;
+ break;
+ }
+
+ //Only Hard Lifetimes taken into account
+ TInt64 lifetime64 = spec->iHard.iAddTime;
+ TUint high = 0;
+ TUint low = 0;
+ if (lifetime64!=0)
+ {
+ high = ByteOrder::Swap32(I64HIGH(lifetime64));
+ if (high > 0)
+ attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high));
+ low = ByteOrder::Swap32(I64LOW(lifetime64));
+ attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low));
+ }
+
+ //Bytes lifetime
+ lifetime64 = spec->iHard.iBytes;
+ lifetime64 = (lifetime64/1024); //Bytes to KB
+ if (lifetime64 != 0)
+ {
+ high = ByteOrder::Swap32(I64HIGH(lifetime64));
+ if (high > 0)
+ attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high));
+ low = ByteOrder::Swap32(I64LOW(lifetime64));
+ attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low));
+ }
+ if (iPFS)
+ {
+ switch (iHostData->iGroupDesc_II)
+ {
+ case IKE_PARSER_MODP_768:
+ attr_II->iGroupDesc = MODP_768;
+ break;
+ case IKE_PARSER_MODP_1024:
+ attr_II->iGroupDesc = MODP_1024;
+ break;
+ case IKE_PARSER_MODP_1536:
+ attr_II->iGroupDesc = MODP_1536;
+ break;
+ case IKE_PARSER_MODP_2048:
+ attr_II->iGroupDesc = MODP_2048;
+ break;
+ default: //Shouldn't happen but the error will be detected later
+ err = KKmdIkeNoProposalErr;
+ break;
+ }
+
+ if (err != KErrNone)
+ {
+ break;
+ }
+ }
+
+ prop->iReplayWindowLength = spec->iReplayWindowLength;
+
+ i ++;
+ } //while
+
+ if (err != KErrNone)
+ {
+ delete iProposal_IIList;
+ iProposal_IIList = NULL;
+ }
+
+ CleanupStack::PopAndDestroy(SaList); //SAList
+
+ return err;
+}
+
+TBool CIkev1Negotiation::ExamineRemoteIdentity(const TDesC8& aRemoteIdInPolicy)
+{
+ //////////////////////////////////////////////////////////////////
+ //
+ // This method is called when we are acting as a Quick mode responder.
+ // The purpose of this method is compare remote Identity information
+ // received in Quick Mode IKE message (=IDi) to the remote Identity
+ // information in the local Ipsec Policy.
+ // If Identitiea are NOT matching the FALSE response is returned.
+ // There is the following special "kludge" is done in these test:
+ // Identity IPv4 address and IPv4 subnet with prefix 32 are
+ // interpreted to be same as well as IPv6 address and IPv6 subnet
+ // with prefix 128. When this situation occurs a special flag
+ // (iSwapRemoteIdType = ETrue) is set in CIkev1Negotiation object
+ //
+ //////////////////////////////////////////////////////////////////
+ TBool AddrMatch;
+ TInetAddr IpAddr;
+ TInetAddr IpMask;
+ TUint8 IdType;
+ TInt PrefixLength = 0;
+ TInetAddr* PrefixPtr = NULL;
+
+ if ( !ProcessIdentityData(aRemoteIdInPolicy, &IdType, &IpAddr, &IpMask) )
+ return EFalse;
+
+ AddrMatch = IpAddr.Match(iRemoteAddr1_ID_II);
+
+ if ( AddrMatch )
+ {
+ if ( (IdType == ID_IPV4_ADDR_SUBNET ) || (IdType == ID_IPV6_ADDR_SUBNET) )
+ {
+ //
+ // Identity in policy is IP subnet
+ //
+ if ( iRemoteIDType_II == IdType )
+ {
+ //
+ // Both identity in policy and identity in IKE IDi payload are
+ // IP subnets. The subnet masks MUST match, too
+ //
+ AddrMatch = IpMask.Match(iRemoteAddr2_ID_II);
+ }
+ else
+ {
+ if ( ( (IdType == ID_IPV4_ADDR_SUBNET ) && (iRemoteIDType_II == ID_IPV4_ADDR)) ||
+ ( (IdType == ID_IPV6_ADDR_SUBNET ) && (iRemoteIDType_II == ID_IPV6_ADDR)))
+ {
+ //
+ // Identity in IKE IDi payload is an IP address
+ // Do the special check: There must be full mask in the
+ // subnet identity configured in policy
+ //
+ if ( IdType == ID_IPV6_ADDR_SUBNET )
+ PrefixLength = 128;
+ else PrefixLength = 32;
+ PrefixPtr = &IpMask;
+ DEBUG_LOG(_L("Peer is using IP address IDi, full mask subnet required in local end!"));
+ }
+ else AddrMatch = EFalse;
+ }
+ }
+ else
+ {
+ //
+ // Identity in policy is IP address.
+ //
+ if ( ( (IdType == ID_IPV4_ADDR ) && (iRemoteIDType_II == ID_IPV4_ADDR_SUBNET)) ||
+ ( (IdType == ID_IPV6_ADDR ) && (iRemoteIDType_II == ID_IPV6_ADDR_SUBNET)))
+ {
+ //
+ // Identity in IKE IDi payload is an IP subnet
+ // Do the special check: There must be full mask in the
+ // subnet identity in IKE IDi payload
+ //
+ if ( IdType == ID_IPV6_ADDR )
+ PrefixLength = 128;
+ else PrefixLength = 32;
+ PrefixPtr = &iRemoteAddr2_ID_II;
+ DEBUG_LOG(_L("An IP address ID used in local end, full mask subnet required in peer IDi!"));
+ }
+ else if ( iRemoteIDType_II != IdType )
+ AddrMatch = EFalse;
+
+ }
+ }
+
+ if ( PrefixPtr )
+ {
+ if ( PrefixLength == PrefixLen(*PrefixPtr) )
+ {
+ iSwapRemoteIdType = ETrue;
+ DEBUG_LOG(_L("Required ID OK, modified remote IDi informed to IPsec!"));
+ }
+ else AddrMatch = EFalse;
+ }
+
+ return AddrMatch;
+}
+
+TBool CIkev1Negotiation::ProcessIdentityData(const TDesC8& aIdentity, TUint8* aToIdType,
+ TInetAddr* aToIpAddr1, TInetAddr* aToIpAddr2)
+{
+ if ( !aToIdType || !aToIpAddr1 || !aToIpAddr2 )
+ return EFalse;
+
+ aToIpAddr1->Init(KAFUnspec);
+ aToIpAddr2->Init(KAFUnspec);
+ *aToIdType = 0;
+
+ if ( aIdentity.Length() )
+ {
+ TInt offset = aIdentity.Find(_L8("/"));
+
+ switch (offset)
+ {
+ case KErrNotFound: //Simple address
+ {
+#ifdef _UNICODE
+ HBufC *unibuf = HBufC::New(aIdentity.Length());
+ if ( !unibuf )
+ return EFalse;
+ unibuf->Des().Copy(aIdentity);
+ if ( aToIpAddr1->Input(unibuf->Des()) != KErrNone )
+ {
+ delete unibuf;
+ DEBUG_LOG(_L("Bad IP address identity!"));
+ return EFalse;
+ }
+ delete unibuf;
+#else
+ if (aToIpAddr1->Input(aIdentity) != KErrNone)
+ {
+ DEBUG_LOG(_L("Bad IP address identity!"));
+ return EFalse;
+ }
+#endif
+ if ( aToIpAddr1->Family() == KAfInet )
+ *aToIdType = ID_IPV4_ADDR;
+ else *aToIdType = ID_IPV6_ADDR;
+ break;
+ }
+
+ default: //Subnet
+ {
+ //addr1 - subnet
+ TInt prefix_len;
+#ifdef _UNICODE
+ HBufC *unibuf = HBufC::New(aIdentity.Length());
+ if ( !unibuf )
+ return EFalse;
+ unibuf->Des().Copy(aIdentity);
+ TPtrC addr_buf(unibuf->Ptr(), offset);
+ if (aToIpAddr1->Input(addr_buf) != KErrNone)
+ {
+ delete unibuf;
+ DEBUG_LOG(_L("Bad Subnet Identity address!"));
+ return EFalse;
+ }
+ TPtrC prefix_ptr(unibuf->Ptr() + offset + 1, unibuf->Length() - offset - 1);
+#else
+ TPtrC addr_buf(aIdentity.Ptr(), offset);
+ if (aToIpAddr1->.Input(addr_buf) != KErrNone)
+ {
+ DEB(LogError(_L("Bad Subnet Identity address!"));)
+ return EFalse;
+ }
+ TPtrC prefix_ptr(aIdentity.Ptr() + offset + 1, aIdentity.Length() - offset - 1);
+#endif
+ //addr2 - mask
+ TLex lex(prefix_ptr);
+ if (lex.Val(prefix_len) != KErrNone)
+ {
+ DEBUG_LOG(_L("Bad Subnet Identity PREFIX Length!"));
+ return EFalse;
+ }
+#ifdef _UNICODE
+ delete unibuf;
+#endif
+ if ( aToIpAddr1->Family() == KAfInet )
+ {
+ if ( prefix_len > 32 )
+ {
+ DEBUG_LOG(_L("Bad Subnet Identity: Prefix too long!"));
+ return EFalse;
+ }
+ *aToIdType = ID_IPV4_ADDR_SUBNET;
+ PrefixMask(*aToIpAddr2, prefix_len, KAfInet);
+ }
+ else //KAfInet6
+ {
+ if ( prefix_len > 128 )
+ {
+ DEBUG_LOG(_L("Bad Subnet Identity: Prefix too long!"));
+ return EFalse;
+ }
+ *aToIdType = ID_IPV6_ADDR_SUBNET;
+ PrefixMask(*aToIpAddr2, prefix_len, KAfInet);
+ }
+
+ }
+
+ } //end switch
+ }
+
+ return ETrue;
+}
+
+//First msg of PHASE_II as initiator
+void CIkev1Negotiation::InitPhase2L()
+{
+ //Quick mode stage 1
+ DEBUG_LOG(_L("-------- IKE: Initiating PHASE II --------"));
+ iPhase = PHASE_II;
+ iDOI=IPSEC_DOI;
+ iStage = 1;
+
+ GetSPIL();
+ //the rest will be done in ReceiveSPI
+}
+
+//Requests an SPI from the kernel
+
+void CIkev1Negotiation::GetSPIL()
+{
+ CProposal_IIList *propII_List;
+ CProposal_II *prop=NULL;
+ TUint8 sa_type = 0;
+
+ DEBUG_LOG1(_L("GetSPI in stage: %d"), iStage);
+
+ iInboundSPIList = new (ELeave) CArrayFixFlat<TSPINode>(1);
+
+ if (iRole == RESPONDER) //If Phase II proposal Chosen
+ propII_List = iChosenProp_IIList; //If RESPONDER
+ else
+ propII_List = iProposal_IIList; //If INITIATOR
+
+ TInt i, count = propII_List->Count();
+ for (i = 0; i < count; i++) //May have many Phase_II proposals
+ {
+ prop = propII_List->At(i);
+ if (prop->iProtocol == PROTO_IPSEC_AH)
+ sa_type = SADB_SATYPE_AH;
+ else if (prop->iProtocol == PROTO_IPSEC_ESP)
+ sa_type = SADB_SATYPE_ESP;
+ else
+ sa_type = 0; //Unknown Protocol
+
+ TInetAddr myAddr(iLocalAddr);
+ if ( myAddr.IsUnspecified() )
+ User::LeaveIfError( iPluginSession->GetLocalAddress( myAddr ) );
+ TInetAddr peerAddr(iRemoteAddr);
+ peerAddr.SetPort(0);
+ TSPINode node;
+ node.iPropNum = prop->iProposalNum;
+ node.iSeq = iSeq;
+ iInboundSPIList->AppendL(node);
+
+
+ __ASSERT_DEBUG( iIpsecSaSpiRetriever != NULL,
+ User::Invariant() );
+ iIpsecSaSpiRetriever->Cancel();
+ iIpsecSaSpiRetriever->GetIpsecSaSpi( iSeq++, sa_type, peerAddr, myAddr );
+ iPendingSPI++; //To know when all received in ReceiveSPIL()
+ }
+
+ DEBUG_LOG1(_L("GetSPI seq= %d"), iSeq);
+}
+
+//aSPI received in Network order.
+void CIkev1Negotiation::ReceiveSPIL(TUint32 aSPI, TUint32 aSeq)
+{
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+
+ DEBUG_LOG2(_L("ReceiveSPIL: SPI=%x, Seq=%u"), ByteOrder::Swap32(aSPI), aSeq);
+
+ CProposal_IIList *propII_List = iProposal_IIList;
+ TInt i;
+ for (i = 0; i < iInboundSPIList->Count(); i++)
+ {
+ if (iInboundSPIList->At(i).iSeq == aSeq)
+ {
+ iInboundSPIList->At(i).iSPI = aSPI;
+ break;
+ }
+ //prop = prop->iNext; //To assign the SPI to the correct proposal
+ }
+ if (iRole==INITIATOR)
+ propII_List->At(i)->iSPI.Copy((TUint8*)&aSPI,sizeof(TUint32)); //needed to send it to the other Peer
+
+ if (--iPendingSPI) // Check if still waiting for some SPI
+ return;
+
+ iExchange = IKE_QUICK_MODE; //Current mode being used.
+ //Builds and send the packet
+
+ if ((iHostData->iCommit) && (iRole==RESPONDER)) //Responder && if commit bit used we set the flag
+ iFlags |= ISAKMP_HDR_CFLAG; //Sets the Commit bit if this side set it else
+
+ msg->IsakmpInit(this);
+ msg->IsakmpHashL();
+ msg->IsakmpSa();
+ ComputeNonceL(); //Computes a new Nonce for PHASE_II
+ msg->IsakmpNonce();
+ if (iPFS) //Only sent if PFS in use...
+ msg->IsakmpKeyL();
+
+ if (iStage==1) //Initiator
+ {
+ //
+ // If Internal address private extension used change iLocalAddr1_ID_II to
+ // correspond that address
+ //
+ if ( iInternalAddr ) {
+ iLocalAddr1_ID_II = iInternalAddr->iClientIntAddr;
+ iLocalIDType_II = ID_IPV4_ADDR;
+ iDefaultLocalID = ETrue;
+ }
+ DEBUG_LOG(_L("PhaseII IV:")); //New IV for phase II
+ ComputeIVL(iIV, iMessageId);
+ //IDs must be sent if TUNNEL mode or is explicitly specified in the acquire
+ if ((!iLocalAddr1_ID_II.IsUnspecified()) || (!iRemoteAddr1_ID_II.IsUnspecified()) ||
+ (iIDProtocol != 0) || (iIDLocalPort != 0) || (iIDRemotePort != 0))
+ {
+ msg->IsakmpOwnIdentL(); //Own proxy
+ msg->IsakmpPeerIdentL(); //Peer Proxy
+ }
+ }
+ else if (iStage==2) //Responder
+ {
+ if (iIDReceived) //If received we send it back, otherwise no
+ {
+ msg->IsakmpPeerIdentL();
+ msg->IsakmpOwnIdentL();
+ }
+ if (iHostData->iResponderLifetime)
+ CheckSendResponderLifetime(*msg); //Adds to the message the RESPONDER_LIFETIME payload if needed
+ }
+ else return;
+
+ if (iHostData->iReplayStatus)
+ {
+ DEBUG_LOG(_L("Constructing REPLAY-STATUS"));
+
+ TInt i;
+ CProposal_II *prop;
+ for (i = 0 ; i < iProposal_IIList->Count(); i++)
+ {
+ prop = iProposal_IIList->At(i);
+ msg->IsakmpReplayStatus(prop->iProtocol, iInboundSPIList->At(i).iSPI, prop->iReplayWindowLength);
+ }
+ }
+ msg->IsakmpHashContL(); //inserts the hash in the correct position of the buffer
+ SendL(*msg);
+
+ iStage++; //Next stage
+}
+
+void CIkev1Negotiation::AcquireSAErrorResponse(TInt aError)
+ {
+ DEBUG_LOG(_L("CIkev1Negotiation::AcquireSAErrorResponse"));
+
+ if ( iProposal_IIList )
+ {
+ for ( TInt j=0; j<iProposal_IIList->Count(); j++ )
+ {
+ TIpsecSAData sa_data;
+ sa_data.iSeq = iAcquireSeq;
+ sa_data.iPid = iPfkeyAcquirePID;
+ sa_data.iSPI = 0;
+ sa_data.iDst = iRemoteAddr;
+
+ CProposal_II* prop_II = iProposal_IIList->At( j );
+
+ if ( prop_II->iProtocol == PROTO_IPSEC_AH )
+ {
+ sa_data.iSAType = SADB_SATYPE_AH;
+ }
+ else if ( prop_II->iProtocol == PROTO_IPSEC_ESP )
+ {
+ sa_data.iSAType = SADB_SATYPE_ESP;
+ }
+ iPluginSession->AcquireSAError( sa_data, aError );
+ }
+ }
+ iAcquirePending = EFalse;
+ }
+
+//Will update the outbound
+void CIkev1Negotiation::UpdateSADatabaseL()
+{
+#ifdef _DEBUG
+ TBuf<40> addr_buf;
+#endif
+ TUint8 sa_type=0;
+ TUint8 auth_alg=0;
+ TUint8 encr_alg=0;
+ TUint32 updateSPI,addSPI;
+ TIpsecSAData sa_data;
+ TBool TunnelMode;
+ //
+ // Received Phase II key (Might be Auth + Encr keys)
+ // (Buffers are allocated for max 1024 bits key material
+ HBufC8* outboundKey_II = HBufC8::NewLC(128);
+ HBufC8* inboundKey_II = HBufC8::NewLC(128);
+ TPtrC8 in_authKey(0,0), out_authKey(0,0);
+ TPtrC8 in_encrKey(0,0), out_encrKey(0,0);
+ //Identities
+#ifdef _UNICODE
+ TBuf<80> id_work;
+#endif
+ HBufC8* local_id = HBufC8::NewLC(128);
+ HBufC8* remote_id = HBufC8::NewLC(128);
+ // ESP UDP Encapsulation extension data
+ HBufC8* gen_ext_data = HBufC8::NewLC(128);
+ TPtr8 GenExtData((TUint8*)gen_ext_data->Ptr(), 0, gen_ext_data->Des().MaxLength());
+
+ DEBUG_LOG(_L("---UPDATING SAD---"));
+
+ if ((!iDefaultLocalID) && (iLocalIDType_II != 0))
+ {
+ switch (iLocalIDType_II)
+ {
+ case ID_IPV4_ADDR:
+ case ID_IPV6_ADDR:
+#ifdef _UNICODE
+ iLocalAddr1_ID_II.OutputWithScope(id_work);
+ local_id->Des().Copy(id_work);
+#else
+ iLocalAddr1_ID_II.OutputWithScope(local_id->Des());
+#endif
+ break;
+
+ case ID_IPV4_ADDR_SUBNET:
+ case ID_IPV6_ADDR_SUBNET:
+#ifdef _UNICODE
+ iLocalAddr1_ID_II.OutputWithScope(id_work);
+ local_id->Des().Copy(id_work);
+#else
+ iLocalAddr1_ID_II.OutputWithScope(local_id->Des());
+#endif
+ local_id->Des().AppendFormat(_L8("/%d"),PrefixLen(iLocalAddr2_ID_II)); //PrefixLen can't fail because checked before
+ break;
+ default: //Should never come here
+ DEBUG_LOG1(_L("Local ID type %d not supported"), iLocalIDType_II);
+ CleanupStack::PopAndDestroy(5); //key buffer, identities and ESP UDP encaps data
+ return;
+ }
+ }
+
+ if ((!iDefaultRemoteID) && (iRemoteIDType_II != 0) )
+ {
+ switch (iRemoteIDType_II)
+ {
+ case ID_IPV4_ADDR:
+ case ID_IPV6_ADDR:
+#ifdef _UNICODE
+ iRemoteAddr1_ID_II.OutputWithScope(id_work);
+ remote_id->Des().Copy(id_work);
+#else
+ iRemoteAddr1_ID_II.OutputWithScope(remote_id->Des());
+#endif
+ if ( iSwapRemoteIdType )
+ {
+ if ( iRemoteIDType_II == ID_IPV4_ADDR )
+ remote_id->Des().AppendFormat(_L8("/%d"), 32);
+ else remote_id->Des().AppendFormat(_L8("/%d"), 128);
+ }
+ break;
+
+ case ID_IPV4_ADDR_SUBNET:
+ case ID_IPV6_ADDR_SUBNET:
+#ifdef _UNICODE
+ iRemoteAddr1_ID_II.OutputWithScope(id_work);
+ remote_id->Des().Copy(id_work);
+#else
+ iRemoteAddr1_ID_II.OutputWithScope(remote_id->Des());
+#endif
+ if ( !iSwapRemoteIdType )
+ remote_id->Des().AppendFormat(_L8("/%d"),PrefixLen(iRemoteAddr2_ID_II)); //PrefixLen can't fail because checked before
+ break;
+
+ default: //Should never come here
+ DEBUG_LOG1(_L("Remote ID type %d not supported"), iRemoteIDType_II);
+ CleanupStack::PopAndDestroy(5); //key buffer, identities and ESP UDP encaps data
+ return;
+ }
+ }
+
+ TUint32 flags = 0;
+ if (iPFS)
+ {
+ flags = SADB_SAFLAGS_PFS;
+ DEBUG_LOG(_L("PFS enabled"));
+ }
+
+ TUint32 addPID;
+ if (iRole==INITIATOR)
+ addPID = iPfkeyAcquirePID; //Require to remove the Larval SA
+ else
+ addPID = iPluginSession->Uid();
+
+ DEBUG_LOG2(_L("SAD seq= %d , PID= %d"), iAcquireSeq, addPID);
+
+ TInt i, j;
+ for (i = 0; i < iInboundSPIList->Count(); i++)
+ {
+ if (iInboundSPIList->At(i).iPropNum == iProposalNum)
+ break;
+ }
+
+ CProposal_II *prop;
+ TSPINode inboundspi_node;
+ TInt key_len, encr_len, auth_len;
+ TChosenAttrib_II *attr_II;
+ TInt count = iChosenProp_IIList->Count();
+
+ for (j = 0 ; j < count; j++)
+ {
+ prop = iChosenProp_IIList->At(j);
+ inboundspi_node = iInboundSPIList->At(i);
+ attr_II = (TChosenAttrib_II *)prop->iAttrList->At(0); //only 1 transform is chosen no matter how many there are
+ if (prop->iProtocol == PROTO_IPSEC_AH)
+ {
+
+ sa_type = SADB_SATYPE_AH;
+ encr_alg = 0;
+ auth_alg = attr_II->iTransformID;
+ auth_len = (TInt)HMAC_KeyLength((TUint8)auth_alg);
+
+ TPtr8 AHOutKey((TUint8*)outboundKey_II->Ptr(), 0, outboundKey_II->Des().MaxLength());
+ TPtr8 AHInKey((TUint8*)inboundKey_II->Ptr(), 0, inboundKey_II->Des().MaxLength());
+
+ ComputeKeys2L(prop, auth_len, inboundspi_node, AHOutKey, AHInKey);
+ in_encrKey.Set(NULL, 0);
+ out_encrKey.Set(NULL, 0);
+ in_authKey.Set(inboundKey_II->Ptr(), auth_len/8);
+ out_authKey.Set(outboundKey_II->Ptr(),auth_len/8);
+ }
+ else if (prop->iProtocol == PROTO_IPSEC_ESP)
+ {
+ sa_type = SADB_SATYPE_ESP;
+ encr_alg = attr_II->iTransformID;
+ if (attr_II->iKeyLength!=0)
+ encr_len = attr_II->iKeyLength;
+ else //not sent means constant size or variable and use default
+ {
+ switch ( encr_alg )
+ {
+ case ESP_DES_CBC:
+ encr_len = 64;
+ break;
+ case ESP_3DES_CBC:
+ encr_len = 3*64;
+ break;
+ case ESP_NULL:
+ encr_len = 0;
+ break;
+ case ESP_AES_CBC:
+ encr_len = 128;
+ break;
+ default:
+ encr_len = 0;
+ break;
+
+ }
+ }
+
+ if (attr_II->iAuthAlg==DOI_HMAC_MD5)
+ auth_alg = SADB_AALG_MD5HMAC;
+ else if (attr_II->iAuthAlg==DOI_HMAC_SHA)
+ auth_alg = SADB_AALG_SHA1HMAC;
+ else
+ auth_alg = 0;
+
+ auth_len = (TInt)HMAC_KeyLength((TUint8)auth_alg);
+ key_len = encr_len + auth_len;
+
+ TPtr8 ESPOutKey((TUint8*)outboundKey_II->Ptr(), 0, outboundKey_II->Des().MaxLength());
+ TPtr8 ESPInKey((TUint8*)inboundKey_II->Ptr(), 0, inboundKey_II->Des().MaxLength());
+ ComputeKeys2L(prop, key_len, inboundspi_node, ESPOutKey, ESPInKey);
+
+ in_encrKey.Set(inboundKey_II->Ptr(), encr_len/8);
+ out_encrKey.Set(outboundKey_II->Ptr(), encr_len/8);
+
+ //If no HMAC selected the next instr does nothing because size will be 0
+ in_authKey.Set(inboundKey_II->Ptr() + in_encrKey.Length(),auth_len/8);
+ out_authKey.Set(outboundKey_II->Ptr() + out_encrKey.Length(),auth_len/8);
+ //
+ // Nokia specific NAT traversal info (=ESP UDP tunneling)
+ // If iNAT_T_Required is true connection is over NAT:ted
+ // newtork (=local end behind NAT).
+ //
+ if ( iNAT_T_Required ) {
+ flags |= SADB_SAFLAGS_NAT_T;
+ }
+ }
+ else
+ {
+ DEBUG_LOG1(_L("Unknown IPsec protocol %d"), prop->iProtocol);
+ CleanupStack::PopAndDestroy(5); //key buffer, identities and ESP UDP encaps data
+ return;
+ }
+
+ updateSPI = inboundspi_node.iSPI;
+ Mem::Copy((TUint8*)&addSPI, prop->iSPI.Ptr(), sizeof(TUint32));
+
+ TInetAddr local_addr(iLocalAddr);
+ local_addr.SetPort(iIDLocalPort);
+ TInetAddr remote_addr(iRemoteAddr);
+ remote_addr.SetPort(iIDRemotePort);
+
+ //This will be always outbound
+
+ TInt64 time(0), bytes(0);
+ TPtrC8 time_ptr(attr_II->iLifeDurationSecs);
+ TPtrC8 bytes_ptr(attr_II->iLifeDurationKBytes);
+ if (attr_II->iReducedLifeSecs.Length() != 0)
+ time_ptr.Set(attr_II->iReducedLifeSecs);
+
+ if (attr_II->iReducedLifeKBytes.Length() != 0)
+ bytes_ptr.Set(attr_II->iReducedLifeKBytes);
+
+ ComputeLifetimes_II(time_ptr, bytes_ptr, time, bytes);
+ if (time == 0) //default lifetime applied
+ time = DEFAULT_IPSEC_SA_LIFETIME;
+
+ if (iHardLifetime > time)
+ {
+ DEBUG_LOG2(_L("Time %u, hard lifetime %d"),
+ I64LOW(time), I64LOW(iHardLifetime));
+ time = iHardLifetime;
+ }
+
+ if (attr_II->iEncMode==DOI_TUNNEL)
+ {
+ TunnelMode = ETrue;
+ DEBUG_LOG(_L("TUNNEL MODE"));
+#ifdef _DEBUG
+ iLocalAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG1(_L("Local ID: net %S"), &addr_buf);
+
+ if ((iLocalIDType_II == ID_IPV4_ADDR_SUBNET) || (iLocalIDType_II == ID_IPV6_ADDR_SUBNET))
+ {
+ iLocalAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG1(_L(", mask %S"), &addr_buf);
+ }
+ DEBUG_LOG1(_L(" (port %d)"), iIDLocalPort);
+ iRemoteAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG1(_L("Remote ID: addr %S"), &addr_buf);
+ if ((iRemoteIDType_II == ID_IPV4_ADDR_SUBNET) || (iRemoteIDType_II == ID_IPV6_ADDR_SUBNET))
+ {
+ iRemoteAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG1(_L(", mask %S"), &addr_buf);
+ }
+ DEBUG_LOG1(_L(" (port %d)"), iIDRemotePort);
+#endif // _DEBUG
+
+ }
+ else {
+ TunnelMode = EFalse;
+ DEBUG_LOG(_L("TRANSPORT MODE"));
+ }
+ DEBUG_LOG1(_L("Sec Lifetime set to %u"),I64LOW(time));
+ DEBUG_LOG1(_L("KB Lifetime set to %u"),I64LOW(bytes));
+
+ //Inbound SA.
+ sa_data.iSAType = sa_type;
+ sa_data.iSeq = iAcquireSeq;
+ sa_data.iSrc = remote_addr;
+ sa_data.iDst = local_addr;
+ sa_data.iProtocol = iIDProtocol;
+ sa_data.iSrcIdType = iRemoteIDType_II;
+ sa_data.iDstIdType = iLocalIDType_II;
+ sa_data.iSrcIdent.Set((TUint8 *)remote_id->Ptr(), remote_id->Length(), remote_id->Length());
+ sa_data.iDstIdent.Set((TUint8 *)local_id->Ptr(), local_id->Length(), local_id->Length());
+ sa_data.iPid = iPluginSession->Uid();
+ sa_data.iSPI = updateSPI;
+ sa_data.iAuthAlg = auth_alg;
+ sa_data.iEncrAlg = encr_alg;
+ sa_data.iAuthKey.Set(in_authKey);
+ sa_data.iEncrKey.Set(in_encrKey);
+ TIpsecSALifetime lifetime(0, bytes, time, 0);
+ sa_data.iHard = &lifetime;
+ sa_data.iReplayWindowLength = prop->iReplayWindowLength;
+
+ if ( (sa_type == SADB_SATYPE_ESP) && (GenExtData.Length() == 0) ) {
+ //
+ // Store possible NAT traversal info for IPSEC to do ESP UDP encapsulation correctly
+ //
+ PFKeyExtDataUtil::BuildUdpEncExtensionData( GenExtData,
+ iNAT_D_Flags,
+ (flags & SADB_SAFLAGS_NAT_T),
+ iHostData->iUseNatProbing,
+ (TUint16)iHostData->iEspUdpPort,
+ UDP_KEEPALIVE_TIME,
+ iLastRemoteAddr,
+ iRemoteOriginalAddr );
+ }
+
+ if ( GenExtData.Length() ) {
+ sa_data.iGenericExtension.Set(GenExtData);
+ }
+
+ if ( TunnelMode ) {
+ //
+ // Get VPN interface index
+ //
+ TUint32 vpnInterfaceIndex = iPluginSession->VpnInterfaceIndex();
+ if ( vpnInterfaceIndex != 0 )
+ {
+ sa_data.iInternalAddress.Init( KAfInet6 );
+ sa_data.iInternalAddress.SetScope( vpnInterfaceIndex );
+ flags |= SADB_SAFLAGS_INT_ADDR;
+ }
+ }
+ sa_data.iFlags = flags;
+ iPluginSession->UpdateSAL(sa_data);
+ TIpsecSPI SpiData;
+ SpiData.iProtocol = sa_type;
+ SpiData.iSrcAddr = remote_addr;
+ SpiData.iDstAddr = local_addr;
+ SpiData.iSPI = updateSPI;
+ SpiData.iInbound = ETrue;
+ iPluginSession->AddIpsecSPIToSAL(iSAId, SpiData);
+
+ sa_data.iFlags &= ~SADB_SAFLAGS_INT_ADDR; //No VPN interface index to outbound SA
+ //Outbound SA.
+ //First check there's no other SA with the same parameters and
+ //erase it if happens (very unlikely, but still possible)
+ SpiData.iDstAddr = remote_addr;
+ SpiData.iSrcAddr = local_addr;
+ SpiData.iSPI = addSPI;
+ SpiData.iInbound = EFalse;
+ if ( iPluginSession->DeleteIpsecSpi(iSAId, addSPI, EFalse) )
+ {
+ DEBUG_LOG(_L("Deleting previously negotiated IPsec SA"));
+ iPluginSession->DeleteIpsecSA(SpiData.iSPI, SpiData.iSrcAddr, SpiData.iDstAddr,
+ SpiData.iProtocol);
+ }
+ //Some changes in the SA, the rest is the same
+ sa_data.iSrc = local_addr;
+ sa_data.iDst = remote_addr;
+ sa_data.iSrcIdType = iLocalIDType_II;
+ sa_data.iDstIdType = iRemoteIDType_II;
+ sa_data.iSrcIdent.Set((TUint8 *)local_id->Ptr(), local_id->Length(), local_id->Length());
+ sa_data.iDstIdent.Set((TUint8 *)remote_id->Ptr(), remote_id->Length(), remote_id->Length());
+ sa_data.iPid = addPID;
+ sa_data.iSPI = addSPI;
+ sa_data.iAuthKey.Set(out_authKey);
+ sa_data.iEncrKey.Set(out_encrKey);
+
+ iPluginSession->AddSAL(sa_data);
+ iPluginSession->AddIpsecSPIToSAL(iSAId, SpiData);
+
+ i++; //To get the correct SPIs from iInboundSPIList
+ } //end for
+
+ CleanupStack::PopAndDestroy(5); //key buffer, identities and ESP UDP encaps data
+
+ iAcquirePending = EFalse;
+
+}
+
+void CIkev1Negotiation::ComputeLifetimes_II(const TDesC8 &aLifetime, const TDesC8 &aLifesize, TInt64 &aTime, TInt64 &aBytes)
+{
+ TInt64 maxnum = MAKE_TINT64(0x7fffffffu, 0xffffffffu);
+
+ if (Desc8ToTInt64(aLifetime, aTime) != KErrNone)
+ {
+ DEBUG_LOG(_L("Phase_II Lifetime(sec) Overflowed Setting to maximum value"));
+ }
+ if (Desc8ToTInt64(aLifesize, aBytes) != KErrNone) {
+ DEBUG_LOG(_L("Phase_II Lifetime(kbytes) Overflowed Setting to maximum value"));
+ }
+ else
+ { if (aBytes < maxnum / 1024) //Make sure no overflow
+ aBytes = aBytes * 1024; //KB to Bytes
+ else
+ {
+ aBytes = MAKE_TINT64(KMaxTInt, KMaxTUint);
+ DEBUG_LOG(_L("Phase_II Lifetime(kbytes) Overflowed Setting to maximum value"));
+ }
+ }
+
+}
+
+
+TBool CIkev1Negotiation::Phase_IExchangeL(const ThdrISAKMP &aHdr)
+{
+ if (!ProcessHeaderL(aHdr))
+ return EFalse;
+
+ DEBUG_LOG2(_L("---------- Phase %d - Stage %d ----------"),iPhase, iStage);
+ if (iPhase == PHASE_I)
+ {
+ if (aHdr.GetExchange() == ISAKMP_EXCHANGE_ID)
+ MainModeReplyL(); //Main Mode
+ else
+ AggressiveReplyL(); //Aggressive Mode
+ }
+ else
+ {
+ QuickModeReplyL();
+ }
+ return ETrue;
+}
+
+TBool CIkev1Negotiation::Phase_IIExchangeL(const ThdrISAKMP &aHdr)
+{
+ if (!ProcessHeaderL(aHdr))
+ return EFalse;
+
+ DEBUG_LOG2(_L("---------- Phase %d - Stage %d ----------"),iPhase, iStage);
+
+ QuickModeReplyL();
+
+ return ETrue;
+}
+
+void CIkev1Negotiation::QuickModeReplyL()
+{
+
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+ switch(iStage)
+ {
+ //INITIATOR cases
+ case 3: //Send last message (if no COMMIT)
+ msg->IsakmpInit(this);
+ msg->IsakmpHashL();
+ SendL(*msg);
+ iStage = 4;
+
+ if (iRecvFlags & ISAKMP_HDR_CFLAG) //Commit Bit set
+ return; //Not finished yet. We wait for CONNECTED
+
+ //No Commot bit, Update SA database
+ UpdateSADatabaseL();
+ SetFinished(); //No more stages.
+ break;
+ case 1:
+ DEBUG_LOG(_L("QuickModeReplyL in Stage 1 ?"));
+ break;
+ case 5: //Send last message (extra message waiting for commit(
+ //No more processing required
+ SetFinished(); //No more stages.
+ break;
+ //RESPONDER cases
+ case 2:
+ GetSPIL();
+ //rest done in receiveSPI
+ break;
+ case 4:
+ if (iRecvFlags & ISAKMP_HDR_CFLAG) //Commit Bit set
+ {
+ DEBUG_LOG(_L("Sending CONNECTED Status message"));
+ msg->IsakmpInit(this);
+
+ //HASH Payload only if payload protected with encryption
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ msg->IsakmpHashL();
+
+ msg->IsakmpNotification(CONNECTED, iChosenProp_IIList->At(0)->iProtocol);
+
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ msg->IsakmpHashContL();
+
+ SendL(*msg);
+ }
+ SetFinished();
+ break;
+ }
+}
+
+//Builds and sends a Phase I reply for Main Mode
+void CIkev1Negotiation::MainModeReplyL()
+{
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+ TInt vendor_type;
+
+ switch(iStage)
+ {
+ //
+ //RESPONDER replies
+ //
+ case 2:
+ msg->IsakmpInit(this);
+ msg->IsakmpSa();
+ if ( iHostData->iDPDHeartBeat != 0 )
+ BuildDPDVendorId(*msg);
+ if ( iNatDiscovery ) {
+ iNatDiscovery->BuildNatVendorId(*msg);
+ iNatDiscovery->BuildRfcNatVendorId(*msg);
+ }
+ SendL(*msg);
+ iStage = 3;
+ break;
+ case 4:
+ ComputeNonceL(); //Nonce to be sent
+ msg->IsakmpInit(this);
+ msg->IsakmpKeyL();
+ msg->IsakmpNonce();
+ if (((iChosenProposal_I.iAttrList->iAuthMethod == RSA_SIG) ||
+ (iChosenProposal_I.iAttrList->iAuthMethod == DSS_SIG)) && !iPeerX509Cert)
+ msg->IsakmpCertificateReqL();
+ if ( iNatDiscovery ) {
+ iNatDiscovery->BuildDiscoveryPayloadsL(*msg, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ }
+ SendL(*msg);
+ iStage = 5; //next stage
+ iFlags |= ISAKMP_HDR_EFLAG; //From now on encryption is used
+ if (!ComputeKeysL()) //Generates keying material for encryption stages
+ return; //error don't send reply packet
+ break;
+ case 6:
+ msg->IsakmpInit(this);
+
+ switch(iChosenProposal_I.iAttrList->iAuthMethod)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ msg->IsakmpOwnIdentL();
+ msg->IsakmpCertificateL();
+ msg->IsakmpSignatureL();
+ break;
+ case PRE_SHARED:
+ msg->IsakmpOwnIdentL();
+ msg->IsakmpHashL();
+ break;
+ }
+
+ if ( iHostData->iInitialContact &&
+ iRole == INITIATOR &&
+ iSARekeyInfo == NULL )
+ {
+ DEBUG_LOG(_L("Constructing INITIAL-CONTACT"));
+ msg->IsakmpNotification(DOI_INITIAL_CONTACT, PROTO_ISAKMP); //Not protected by the hash!
+ }
+
+ SendL(*msg);
+
+ IsakmpPhase1CompletedL();
+ break;
+ //
+ //INITIATOR replies
+ //
+ case 3:
+ ComputeNonceL(); //Nonce to be sent
+ msg->IsakmpInit(this);
+ msg->IsakmpKeyL();
+ msg->IsakmpNonce();
+ if ( iChosenProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && !iPeerX509Cert )
+ {
+ msg->IsakmpCertificateReqL();
+ }
+ if ( iHostData->iUseNatProbing )
+ vendor_type = EXPANDED_VENDOR_ID;
+ else vendor_type = HASH_VENDOR_ID;
+ msg->IsakmpVendorId(vendor_type,
+ (TUint8*)iCookie_I.Ptr(),
+ (TUint8*)iCookie_R.Ptr(), iLocalAddr);
+ if ( iNatDiscovery )
+ {
+ iNatDiscovery->BuildDiscoveryPayloadsL(*msg, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ }
+ SendL(*msg);
+ iStage = 4; //next stage
+ break;
+
+ case 5:
+ iFlags |= ISAKMP_HDR_EFLAG; //From now on encryption is used
+ if (!ComputeKeysL()) //Generates keying material for encryption stages
+ return; //error don't send reply packet
+
+ msg->IsakmpInit(this);
+
+ switch(iChosenProposal_I.iAttrList->iAuthMethod)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ msg->IsakmpOwnIdentL(); //Also fills iOwnIdentPayload!
+ msg->IsakmpCertificateL();
+ msg->IsakmpSignatureL();
+ if (!iPeerX509Cert)
+ msg->IsakmpCertificateReqL();
+ break;
+ case PRE_SHARED:
+ msg->IsakmpOwnIdentL();
+ msg->IsakmpHashL();
+ break;
+ }
+
+
+ if ( iFamiliarPeer && iHostData->iUseInternalAddr )
+ msg->IsakmpIntnet(0); /* null IPV4 address as parameter */
+
+ if ( iHostData->iInitialContact &&
+ !iPluginSession->FindIkev1SADataWithAddr(iRemoteAddr) &&
+ iRole == INITIATOR &&
+ iSARekeyInfo == NULL )
+ {
+ DEBUG_LOG(_L("Constructing INITIAL-CONTACT"));
+ msg->IsakmpNotification(DOI_INITIAL_CONTACT, PROTO_ISAKMP); //Not protected by the hash!
+ }
+
+ SendL(*msg);
+ iStage = 6; //next stage
+
+ break;
+ case 7:
+ // CRACK authentication going. No actions required here !
+ break;
+ default:
+ DEBUG_LOG1(_L("Main mode Wrong Phase number requested (%d) !!"),iStage);
+ }
+
+}
+
+
+//Builds and sends a Phase I reply for Aggressive Mode
+void CIkev1Negotiation::AggressiveReplyL()
+{
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+
+ switch(iStage)
+ {
+ case 2://RESPONDER Sends the 2nd msg. of the exchange
+ ComputeNonceL(); //Nonce to be sent
+ msg->IsakmpInit(this);
+ msg->IsakmpSa();
+ msg->IsakmpKeyL();
+ msg->IsakmpNonce();
+ msg->IsakmpOwnIdentL();
+
+ if (!ComputeKeysL()) //Needed to compute hash before computing signature
+ {
+ return;
+ }
+
+ if ( iHostData->iDPDHeartBeat != 0 )
+ BuildDPDVendorId(*msg);
+ if ( iNatDiscovery ) {
+ iNatDiscovery->BuildNatVendorId(*msg);
+ iNatDiscovery->BuildRfcNatVendorId(*msg);
+ iNatDiscovery->BuildDiscoveryPayloadsL(*msg, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ }
+
+ switch (iChosenProposal_I.iAttrList->iAuthMethod)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ msg->IsakmpCertificateL();
+ msg->IsakmpSignatureL();
+ if (!iPeerX509Cert) //No stored cert so send a CR
+ {
+ msg->IsakmpCertificateReqL();
+ }
+ break;
+ case PRE_SHARED:
+ msg->IsakmpHashL();
+ break;
+ }
+ SendL(*msg);
+
+ iStage = 3; //next stage
+
+ break;
+ case 3://INITIATOR
+ iFlags |= ISAKMP_HDR_EFLAG; //From now on encryption is used
+ msg->IsakmpInit(this);
+ if ( iNatDiscovery ) {
+ iNatDiscovery->BuildDiscoveryPayloadsL(*msg, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ }
+
+ switch (iChosenProposal_I.iAttrList->iAuthMethod)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ msg->IsakmpCertificateL();
+ msg->IsakmpSignatureL();
+ break;
+ case PRE_SHARED:
+ msg->IsakmpHashL();
+ break;
+ }
+ if ( iHostData->iInitialContact &&
+ !iPluginSession->FindIkev1SADataWithAddr(iRemoteAddr) &&
+ iRole == INITIATOR &&
+ iSARekeyInfo == NULL ) //Only sent if no ISAKMP SA established
+ {
+ DEBUG_LOG(_L("Constructing INITIAL-CONTACT"));
+ msg->IsakmpNotification(DOI_INITIAL_CONTACT, PROTO_ISAKMP); //Not protected by the hash!
+ }
+
+ SendL(*msg);
+ IsakmpPhase1CompletedL();
+ break;
+ case 4:
+ // Aggressive mode as responder completed
+ DEBUG_LOG(_L("Aggressive mode as responder completed"));
+ break;
+
+ case 7:
+ // CRACK authentication going. No actions required here !
+ break;
+ default:
+ DEBUG_LOG1(_L("Main mode Wrong Phase number requested (%d) !! "),iStage);
+ }
+
+}
+
+void CIkev1Negotiation::SaveISAKMPSAL()
+{
+ //
+ // Create a new IKEv1 SA object
+ //
+ TIkev1SAData SaData;
+ SaData.iCookie_I = iCookie_I;
+ SaData.iCookie_R = iCookie_R;
+ SaData.iSAId = iSAId;
+ SaData.iSAState = 0;
+ SaData.iInitiator = (iRole == INITIATOR);
+ SaData.iAutoLogin = iAutoLogin;
+ SaData.iDPDSupported = iDPDSupported;
+ SaData.iFamiliarPeer = iFamiliarPeer;
+ SaData.iNAT_T_Required = iNAT_T_Required;
+ SaData.iNAT_D_Flags = iNAT_D_Flags;
+ SaData.iIkeData = iHostData;
+ SaData.iLocalAddr = iLocalAddr;
+ SaData.iRemoteAddr = iRemoteAddr;
+ SaData.iDestinAddr = iLastRemoteAddr;
+ SaData.iVirtualIp = iInternalAddr;
+ SaData.iSeq = iSeq;
+ SaData.iPrevExchange = iPrevExchange;
+ SaData.iFlags = iFlags;
+
+ SaData.iEncrAlg = iChosenProposal_I.iAttrList->iEncrAlg;
+ SaData.iHashAlg = iChosenProposal_I.iAttrList->iHashAlg;
+ SaData.iGroupDesc = iChosenProposal_I.iAttrList->iGroupDesc;
+ SaData.iGroupType = iChosenProposal_I.iAttrList->iGroupType;
+ SaData.iKeyLength = iChosenProposal_I.iAttrList->iKeyLength;
+
+ TUint32 Lifetime = 0;
+ TUint Len = iChosenProposal_I.iAttrList->iLifeDurationSecs.Length();
+ if (Len > 0)
+ {
+ if (Len > sizeof(TUint32))
+ {
+ Lifetime = KMaxTUint32;
+ }
+ else // (len <= sizeof(TUint32))
+ {
+ Mem::Copy(&Lifetime, iChosenProposal_I.iAttrList->iLifeDurationSecs.Ptr(), Len);
+ Lifetime = ByteOrder::Swap32(Lifetime);
+ Lifetime = Lifetime >> (sizeof(TUint32)*8 - Len*8); //To set the correct value (shift in bits)
+ }
+ }
+ SaData.iLifeTimeSecs = Lifetime;
+
+ Lifetime = 0;
+ Len = iChosenProposal_I.iAttrList->iLifeDurationKBytes.Length();
+ if (Len > 0)
+ {
+ if (Len > sizeof(TUint32))
+ {
+ Lifetime = KMaxTUint32;
+ }
+ else // (len <= sizeof(TUint32))
+ {
+ Mem::Copy(&Lifetime, iChosenProposal_I.iAttrList->iLifeDurationKBytes.Ptr(), Len);
+ Lifetime = ByteOrder::Swap32(Lifetime);
+ Lifetime = Lifetime >> (sizeof(TUint32)*8 - Len*8); //To set the correct value (shift in bits)
+ }
+ }
+ SaData.iLifeTimeKB = Lifetime;
+
+ SaData.iSKEYID = iSKEYID;
+ SaData.iSKEYID_d = iSKEYID_d;
+ SaData.iSKEYID_a = iSKEYID_a;
+ SaData.iSKEYID_e = iSKEYID_e;
+ SaData.iLastIV = iLastIV;
+ SaData.iIV = iIV;
+
+ if ( iDPDSupported && iHostData->iDPDHeartBeat )
+ {
+ //
+ // Initialize DPD protocol parameters in TIkev1SAData
+ //
+ TPtr8 ptr((TUint8*)&SaData.iDPDSequence, sizeof(TUint32));
+ ptr.SetLength(sizeof(TUint32));
+ TRandom::RandomL(ptr);
+ SaData.iDPDSequence &= 0x7fffffff;
+ SaData.iDPDRetry = 0;
+ SaData.iPendingDPDSequence = 0;
+ SaData.iExpectedDPDSequence = 0;
+ }
+
+ iLastIKEMsgInfo.Store(SaData.iLastIKEMsgInfo);
+ SaData.iLastMsg = iLastMsg;
+ iPluginSession->CreateIkev1SAL(SaData, iSARekeyInfo); // Add rekey info later
+}
+
+TBool CIkev1Negotiation::ProcessHeaderL(const ThdrISAKMP &aHdr)
+{
+ //checks on the header
+ if (!CheckCookies(aHdr.GetCookieI(), aHdr.GetCookieR()))
+ return EFalse;
+
+ if (iStage == 1)
+ {
+ if (iPhase == PHASE_I)
+ {
+ iCookie_I = aHdr.GetCookieI(); //save initiator cookie
+ iCookie_R = CreateCookieL(); //create responder cookie
+ }
+ iMessageId = aHdr.GetMessageId();
+ }
+
+ //checks on the header
+ if (!CheckPayloadCode(aHdr.GetPayload()))
+ return EFalse;
+
+ if (!CheckVersionL(aHdr.GetVersion()))
+ return EFalse;
+
+ if (!CheckExchangeTypeL(aHdr.GetExchange()))
+ return EFalse;
+
+ if (!CheckFlagsL(aHdr.GetFlags()))
+ return EFalse;
+ iRecvFlags = aHdr.GetFlags(); //Save the flags for later use
+
+ if (!CheckMessageIdL(aHdr.GetMessageId()))
+ return EFalse;
+
+ iLengthLeft -= ISAKMP_HEADER_SIZE; //Updates the length left in the buffer
+
+ //EVEN stages RESPONDER, ODD ones INITIATOR
+ DEBUG_LOG(_L("Processing packet..."));
+ if (iPhase == PHASE_I)
+ {
+ switch (iStage)
+ {
+ case 1:
+ if (!ProcessStage1L(aHdr))
+ return EFalse;
+ break;
+ case 2:
+ if (!ProcessStage2L(aHdr))
+ return EFalse;
+ break;
+ case 3:
+ if (iExchange == ISAKMP_EXCHANGE_ID)
+ {
+ if (!ProcessStage3MainL(aHdr))
+ return EFalse;
+ }
+ else //ISAKMP_EXCHANGE_AGGR
+ {
+ if (!ProcessStage3AggrL(aHdr))
+ return EFalse;
+ }
+ break;
+ case 4:
+ if (!ProcessStage4L(aHdr))
+ return EFalse;
+ break;
+ case 5:
+ if (!ProcessStage5L(aHdr))
+ return EFalse;
+ break;
+ case 6:
+ if (!ProcessStage6L(aHdr))
+ return EFalse;
+ break;
+ case 7:
+ if (!ProcessStage7L(aHdr)) /* For CRACK negotiation */
+ return EFalse;
+ break;
+ default:
+ return EFalse;
+ }
+ }
+ else //PHASE_II
+ {
+ switch (iStage)
+ {
+ case 1:
+ if (!ProcessStage1Phase2L(aHdr))
+ return EFalse;
+ break;
+ case 2:
+ if (!ProcessStage2Phase2L(aHdr))
+ return EFalse;
+ break;
+ case 3:
+ if (!ProcessStage3Phase2L(aHdr))
+ return EFalse;
+ break;
+ case 4:
+ if (!ProcessCONNECTEDL(aHdr))
+ return EFalse;
+ break;
+ default:
+ DEBUG_LOG(_L("Quick Bad Stage"));
+ }
+ }
+ return ETrue;
+}
+
+//Process payloads appearing in Stage 1. Responder Role
+TBool CIkev1Negotiation::ProcessStage1L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ //SA Payload processing (all modes)
+ if (!ProcessSAL(payload->iSa, NULL))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Process vendor ID:s
+ ProcessVendorL(payload->iVids);
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ switch (auth_method)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ //Process the possible CR payloads
+ if ( !ProcessCertificateReqArrayL(payload->iCertReqs) ) {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Process the possible CERT payloads
+ if ( !ProcessCertificateArrayL(payload->iCerts) ) {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+
+ if (iExchange == ISAKMP_EXCHANGE_ID)
+ {
+ if ( payload->iKe || payload->iNonce || payload->iHash || payload->iSign ||
+ payload->iIds->Count() )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+ else //ISAKMP_EXCHANGE_AGGR
+ {
+ if ( !payload->iKe || !payload->iNonce || (payload->iIds->Count() != 1) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Key Payload processing (all modes)
+ if (!ProcessKeyL(payload->iKe))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ TIdentISAKMP* id_payload = (TIdentISAKMP*)payload->iIds->At(0); // The first ID
+ TNonceISAKMP* nonce_payload = (TNonceISAKMP*)payload->iNonce;
+
+ //Nonce Payload processing
+ if (!ProcessNonceL(nonce_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //ID Payload processing
+ if (!CheckIdentL(id_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Save the ident payload for HASH_I/R computing
+ delete iPeerIdentPayload;
+ iPeerIdentPayload = NULL;
+ iPeerIdentPayloadSize = id_payload->GetLength() - sizeof(TPayloadISAKMP);
+ iPeerIdentPayload = new (ELeave) TUint8[iPeerIdentPayloadSize];
+ Mem::Copy(iPeerIdentPayload,((TUint8 *)id_payload)+sizeof(TPayloadISAKMP),iPeerIdentPayloadSize);
+
+ if ( iNatDiscovery )
+ {
+ if ( payload->iNatDs->Count() )
+ {
+ iNAT_D_Flags = iNatDiscovery->CheckDiscoveryPayloadsL(payload->iNatDs, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ if ( iNAT_D_Flags )
+ iLastRemoteAddr.SetPort(FLOATED_IKE_PORT);
+ }
+ else
+ {
+ if ( iLastRemoteAddr.Port() == FLOATED_IKE_PORT )
+ iNAT_D_Flags |= LOCAL_END_NAT;
+ }
+ }
+
+ }//end aggressive
+
+
+ CleanupStack::PopAndDestroy(); //payload
+ iStage = 2;
+ return ETrue;
+
+}
+
+//Process payloads appearing in Stage 3. Initiator Role
+TBool CIkev1Negotiation::ProcessStage2L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ iCookie_R = aHdr.GetCookieR(); //Save the responder Cookie
+
+ //SA Payload processing (all modes)
+ if (!ProcessSAL(payload->iSa, NULL)) {
+ CleanupStack::PopAndDestroy(); // payload
+ return EFalse;
+ }
+
+ ProcessVendorL(payload->iVids);
+
+ if ( iAutoLogin && (iLocalAddr.Family() == KAFUnspec ) ) {
+ User::LeaveIfError( iPluginSession->GetLocalAddress( iLocalAddr ) ); //No local address, get it now (used later with NAT traversal)
+ }
+
+ //NOW we know the auth method chosen!
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ switch (auth_method)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ //Process the possible CR payloads
+ if ( !ProcessCertificateReqArrayL(payload->iCertReqs) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if (!ProcessCertificateArrayL(payload->iCerts))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ if (iExchange == ISAKMP_EXCHANGE_ID)
+ {
+ if ( payload->iKe || payload->iNonce || payload->iHash || payload->iSign ||
+ payload->iIds->Count() )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+ else //ISAKMP_EXCHANGE_AGGR
+ {
+ if ( !payload->iKe ||
+ !payload->iNonce ||
+ (!payload->iHash && auth_method == PRE_SHARED) // hash is a must only with PSK
+ || (payload->iIds->Count() != 1) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Key Payload processing (all modes)
+ if (!ProcessKeyL(payload->iKe))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ TIdentISAKMP* id_payload = (TIdentISAKMP*)payload->iIds->At(0); // The first ID
+ TNonceISAKMP* nonce_payload = (TNonceISAKMP*)payload->iNonce;
+
+ //Nonce Payload processing
+ if (!ProcessNonceL(nonce_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //ID Payload processing
+ if (!CheckIdentL(id_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Save the ident payload for HASH_I/R computing
+ delete iPeerIdentPayload;
+ iPeerIdentPayload = NULL;
+ iPeerIdentPayloadSize = id_payload->GetLength()-sizeof(TPayloadISAKMP);
+ iPeerIdentPayload = new (ELeave) TUint8[iPeerIdentPayloadSize];
+ Mem::Copy(iPeerIdentPayload,((TUint8 *)id_payload)+sizeof(TPayloadISAKMP),iPeerIdentPayloadSize);
+
+ if (!ComputeKeysL()) //Computes the keys to be used. Needed to compute HASH_R
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ switch (auth_method)
+ {
+ case PRE_SHARED:
+ if (!ProcessHashL(payload->iHash))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ DEBUG_LOG(_L("HASH OK!"));
+ break;
+ case RSA_SIG:
+ case DSS_SIG:
+ case IKE_A_CRACK:
+ //Signature payload processing and checking
+ if (!ProcessSignatureL(payload->iSign)) {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if ( auth_method == IKE_A_CRACK ) {
+ CleanupStack::PopAndDestroy(); //payload
+ return StartCRACKAuthL();
+ }
+ else {
+ if (!CertifyRemoteIdentityL(id_payload))
+ {
+ DEBUG_LOG(_L("ProcessStage2L RSA_SIG CertifyRemoteIdentityL failed"));
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED"));
+ SetErrorStatus( KKmdIkeAuthFailedErr );
+ SendNotifyL(AUTHENTICATION_FAILED);
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+ break;
+
+ default:
+ break;
+
+ }
+
+ if ( iNatDiscovery && payload->iNatDs->Count()) {
+ iNAT_D_Flags = iNatDiscovery->CheckDiscoveryPayloadsL(payload->iNatDs, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ if ( iNAT_D_Flags )
+ iLastRemoteAddr.SetPort(FLOATED_IKE_PORT);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+
+ iStage = 3;
+ return ETrue;
+}
+
+// Process payloads appearing in Stage 4. Order NOT relevant. Only Main Mode
+// Handles message: HDR, KE, [HASH(1),] <IDii>PubKey_r, <Ni>PubKey_r for RSAENCR
+// Handles message: HDR, KE, Ni for the rest [CERTREQ] in certificates
+TBool CIkev1Negotiation::ProcessStage3MainL(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( payload->iSa || !payload->iNonce || payload->iHash || payload->iSign )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ //Process payloads
+ //Main mode (ONLY)
+ //Key Payload processing (all methods)
+ if (!ProcessKeyL(payload->iKe))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ if ((auth_method == RSA_SIG) || (auth_method == DSS_SIG))
+ {
+ //Process the possible CR payloads
+ if ( !ProcessCertificateReqArrayL(payload->iCertReqs) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+
+ TNonceISAKMP* nonce_payload = (TNonceISAKMP*)payload->iNonce;
+
+ ProcessVendorL(payload->iVids);
+
+ if ( iNatDiscovery && payload->iNatDs->Count() )
+ {
+ iNAT_D_Flags = iNatDiscovery->CheckDiscoveryPayloadsL(payload->iNatDs, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ if ( iNAT_D_Flags )
+ iLastRemoteAddr.SetPort(FLOATED_IKE_PORT);
+ }
+
+ //Nonce Payload processing (all methods)
+ TBool Status = ProcessNonceL(nonce_payload);
+ if ( Status )
+ {
+ iStage = 4;
+ }
+ CleanupStack::PopAndDestroy(); //payload
+
+ return Status;
+}
+
+
+//Process payloads appearing in 3(Aggressive). Order NOT relevant
+TBool CIkev1Negotiation::ProcessStage3AggrL(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ //Mode-dependent processing
+ switch (auth_method)
+ {
+ case PRE_SHARED:
+ //Hash payload processing
+ if (!ProcessHashL(payload->iHash))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ DEBUG_LOG(_L("HASH OK!"));
+ break;
+ case RSA_SIG:
+ case DSS_SIG:
+ //Certificate payload processing
+ if (!ProcessCertificateArrayL(payload->iCerts))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Signature payload processing
+ if (!ProcessSignatureL(payload->iSign))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ ProcessVendorL(payload->iVids);
+
+ if ( iNatDiscovery && payload->iNatDs->Count() ) {
+ iNAT_D_Flags = iNatDiscovery->CheckDiscoveryPayloadsL(payload->iNatDs, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ if ( iNAT_D_Flags )
+ iLastRemoteAddr.SetPort(FLOATED_IKE_PORT);
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+
+ iFlags |= ISAKMP_HDR_EFLAG; //From now on encryption is used
+ IsakmpPhase1CompletedL();
+ iStage = 4;
+ return ETrue;
+
+}
+
+
+//Process payloads appearing in Stage 5. Order NOT relevant. ONLY for MAIN Mode
+// Preshared and signatures: HDR, KE, Nr
+// RSA Encr. : HDR, <IDir>PubKey_i, <Nr_b>PubKey_i
+// RSA Revised Encr. : HDR, <Nr_b>PubKey_i , <KE_b>Ke_r, <IDir>Ke_r
+TBool CIkev1Negotiation::ProcessStage4L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( payload->iSa || !payload->iNonce || !payload->iKe )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ if ((auth_method == RSA_SIG) || (auth_method == DSS_SIG))
+ {
+ //Process the possible CR payloads
+ if ( !ProcessCertificateReqArrayL(payload->iCertReqs) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+
+ //Key Payload processing (all methods)
+ if (!ProcessKeyL(payload->iKe))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if ( auth_method != PRE_SHARED ) {
+ if (!ProcessCertificateArrayL(payload->iCerts)) {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+ TNonceISAKMP* nonce_payload = (TNonceISAKMP*)payload->iNonce;
+
+ //Nonce Payload processing (all modes)
+ TBool Status = ProcessNonceL(nonce_payload);
+ if (!Status)
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ ProcessVendorL(payload->iVids);
+
+ if ( iNatDiscovery && payload->iNatDs->Count() )
+ {
+ iNAT_D_Flags = iNatDiscovery->CheckDiscoveryPayloadsL(payload->iNatDs, iChosenProposal_I.iAttrList->iHashAlg,
+ (TUint8*)iCookie_I.Ptr(), (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr, iLastRemoteAddr);
+ if ( iNAT_D_Flags )
+ iLastRemoteAddr.SetPort(FLOATED_IKE_PORT);
+ }
+
+ if ( auth_method == IKE_A_CRACK )
+ {
+ /*---------------------------------------------------
+ * Process message: HDR, [CERT], KEr, Nr, SIG
+ * - Verify CRACK signature and if OK
+ * - Initialize CRACK authentication
+ *---------------------------------------------------*/
+ Status = ComputeKeysL();
+ if ( Status ) //Generates keying material for encryption stages
+ {
+ Status = ProcessSignatureL(payload->iSign);
+ if ( Status ) //Signature payload processing and checking
+ {
+ Status = StartCRACKAuthL();
+ }
+ }
+ }
+ else
+ {
+ iStage = 5;
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+ return Status;
+}
+
+
+//Process payloads appearing in Stage 6. Order NOT relevant
+TBool CIkev1Negotiation::ProcessStage5L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+ if ( payload->iSa || payload->iNonce || payload->iKe )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+ TIdentISAKMP* id_payload = NULL;
+ // ID Payload processing (all modes)
+ if ( payload->iIds->Count() != 1 )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ id_payload = (TIdentISAKMP*)payload->iIds->At(0); // The first ID
+ if (!CheckIdentL(id_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Save the ident payload for HASH_I/R computing
+ delete iPeerIdentPayload;
+ iPeerIdentPayload = NULL;
+ iPeerIdentPayloadSize=id_payload->GetLength()-sizeof(TPayloadISAKMP);
+ iPeerIdentPayload = new (ELeave) TUint8[iPeerIdentPayloadSize];
+ Mem::Copy(iPeerIdentPayload,((TUint8 *)id_payload)+sizeof(TPayloadISAKMP),iPeerIdentPayloadSize);
+
+ //Mode-dependent processing
+ switch (auth_method)
+ {
+ case PRE_SHARED:
+ //Hash payload processing
+ if (!ProcessHashL(payload->iHash))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ DEBUG_LOG(_L("HASH OK!"));
+ break;
+ case RSA_SIG:
+ case DSS_SIG:
+ //Certificate payload processing
+ if (!ProcessCertificateArrayL(payload->iCerts))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if (!CertifyRemoteIdentityL(id_payload))
+ {
+ DEBUG_LOG(_L("ProcessStage5L RSA_SIG CertifyRemoteIdentityL failed"));
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED"));
+ SetErrorStatus( KKmdIkeAuthFailedErr );
+ SendNotifyL(AUTHENTICATION_FAILED);
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Signature payload processing and checking
+ if (!ProcessSignatureL(payload->iSign))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Process the possible CR payloads (needed if we are responder)
+ if ( iRole == RESPONDER )
+ {
+ if ( !ProcessCertificateReqArrayL(payload->iCertReqs) )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if ( !iOwnCert )
+ ReadOwnCertL(); // Peer does not required a specific cert. Get any
+ }
+ break;
+
+ default:
+ break;
+ }//end switch
+
+ // Process notification payloads
+ TInt i = 0;
+ while ( i < payload->iNotifs->Count() ) {
+ if (!ProcessNotificationL(payload->iNotifs->At(i)))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ i ++;
+ }
+
+ ProcessVendorL(payload->iVids);
+
+ CleanupStack::PopAndDestroy(); //payload
+
+ if (iExchange == ISAKMP_EXCHANGE_ID)
+ iStage = 6;
+ else iStage = 3;
+
+ return ETrue;
+}
+
+
+//Process payloads appearing in Stage 6(Main) Order NOT relevant
+TBool CIkev1Negotiation::ProcessStage6L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+ if ( payload->iSa || payload->iNonce || payload->iKe )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+ TIdentISAKMP* id_payload = NULL;
+ //ID Payload processing (all modes)
+ if ( payload->iIds->Count() != 1 )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ id_payload = (TIdentISAKMP*)payload->iIds->At(0); // The first ID
+ if (!CheckIdentL(id_payload))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Save the ident payload for HASH_I/R computing
+ delete iPeerIdentPayload;
+ iPeerIdentPayload = NULL;
+ iPeerIdentPayloadSize=id_payload->GetLength()-sizeof(TPayloadISAKMP);
+ iPeerIdentPayload = new (ELeave) TUint8[iPeerIdentPayloadSize];
+ Mem::Copy(iPeerIdentPayload,((TUint8 *)id_payload)+sizeof(TPayloadISAKMP),iPeerIdentPayloadSize);
+
+ //Mode-dependent processing
+ switch (auth_method)
+ {
+ case PRE_SHARED:
+ //Hash payload processing
+ if (!ProcessHashL(payload->iHash))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ DEBUG_LOG(_L("HASH OK!"));
+ break;
+ case RSA_SIG:
+ case DSS_SIG:
+ //Certificate payload processing
+ if (!ProcessCertificateArrayL(payload->iCerts))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ if (!CertifyRemoteIdentityL(id_payload))
+ {
+ DEBUG_LOG(_L("ProcessStage6L RSA_SIG CertifyRemoteIdentityL failed"));
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED"));
+ SetErrorStatus( KKmdIkeAuthFailedErr );
+ SendNotifyL(AUTHENTICATION_FAILED);
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //Signature payload processing and checking
+ if (!ProcessSignatureL(payload->iSign))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ break;
+ default:
+ break;
+ }
+
+ // Process notification payloads
+ TInt i = 0;
+ while ( i < payload->iNotifs->Count() ) {
+ if (!ProcessNotificationL(payload->iNotifs->At(i)))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ i ++;
+ }
+
+ ProcessVendorL(payload->iVids);
+ // Internal address payload processing
+ ProcessIntAddrL(payload->iIaddr);
+
+ CleanupStack::PopAndDestroy(); //payload
+
+ return IsakmpPhase1CompletedL();
+
+}
+
+//Process payloads appearing in Stage 7 = CRACK authentication going
+TBool CIkev1Negotiation::ProcessStage7L(const ThdrISAKMP &aHdr)
+{
+TBool status = ETrue;
+TInt crack_status;
+
+ if ( iCRACKneg ) {
+ crack_status = iCRACKneg->ExecuteCRACKMsgL(aHdr);
+
+ switch ( crack_status ) {
+
+ case CRACK_SUCCESS:
+ /*-------------------------------------------------------
+ * CRACK authentication has been succesfully completed
+ * Take actions to start Quick mode negotiation
+ *------------------------------------------------------*/
+ delete iCRACKneg;
+ iCRACKneg = NULL;
+ iLastIV.Copy(iIV); //Saves last IV in Phase 1
+ DEBUG_LOG(_L("Last IV Saved!"));
+ IsakmpPhase1CompletedL();
+ break;
+
+ case CRACK_CONTINUE:
+ /*----------------------------------------------------------
+ * CRACK authentication continues, no further actions needed
+ *----------------------------------------------------------*/
+ break;
+
+ case CRACK_IGNORE_MSG:
+ /*----------------------------------------------------------
+ * CRACK authentication continues, received message ignored
+ *----------------------------------------------------------*/
+ status = EFalse;
+ break;
+
+ default:
+ /*----------------------------------------------------------
+ * CRACK authentication failed, negotiation failed
+ *----------------------------------------------------------*/
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_AUTH_FAIL,
+ KKmdIkeAuthFailedErr,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ status = EFalse;
+ SetErrorStatus(KKmdIkeAuthFailedErr);
+ AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+ break;
+
+ }
+ }
+
+ return status;
+}
+
+//Called as a RESPONDER for PHASE_II
+//Checks HASH(1),SA,KE,NONCE,[ID,ID] from INITIATOR
+TBool CIkev1Negotiation::ProcessStage1Phase2L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( !payload->iSa || !payload->iNonce )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Payload Processing
+
+ CProposal_IIList *recv_proposals = new (ELeave) CProposal_IIList(1); //, *prop
+ CleanupStack::PushL(recv_proposals);
+
+ //SA
+ if (!ProcessSAL(payload->iSa, (TUint8 *)recv_proposals))
+ {
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+
+ //ID payloads (if existing)
+ if ( payload->iIds->Count() == 2 )
+ {
+ if (!ProcessStage1_II_IDsL(payload->iIds->At(0), payload->iIds->At(1), recv_proposals))
+ {
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+ }
+ else if ( payload->iIds->Count() != 0 )
+ {
+ DEBUG_LOG(_L("Unsupported Phase II ID payload count"));
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+ //After ID to know what address to search in the "SAD"
+ TInt err = BuildProposals2L();
+ if (err != KErrNone)
+ {
+ DEBUG_LOG(_L("NO_PROPOSAL_CHOSEN: No policy matching"));
+ SendNotifyL(NO_PROPOSAL_CHOSEN);
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+
+ //Contains the transform nums matching if multiple proposals
+ CTransModifierList *trans_array = new (ELeave) CTransModifierList(1);
+ CleanupStack::PushL(trans_array);
+
+ TInt num = iProposal_IIList->MultiMatchL(recv_proposals, iRole == RESPONDER, trans_array);//If RESPONDER relaxed comparison (no lifetimes checked)
+ iProposalNum = num; // Set to num not 1
+#ifdef _DEBUG
+ TBuf<128> err_buf;
+#endif
+ if (num < 0)
+ {
+#ifdef _DEBUG
+ err_buf.Copy(_L("NO_PROPOSAL_CHOSEN: Phase II proposal not accepted - "));
+ AppendAttributeError(num, err_buf);
+ DEBUG_LOG(err_buf);
+#endif
+ SetErrorStatus( KKmdIkeNoProposalErr );
+ SendNotifyL(NO_PROPOSAL_CHOSEN);
+ CleanupStack::PopAndDestroy(3); //transarray + recv_proposals + payload
+ return EFalse;
+ }
+
+ //Copy the chosen transform
+ //Actually is the same one as recv_proposals because we should always receive a single proposal with a single transform.
+ CreateChosenProposalL(recv_proposals, num, trans_array);
+
+ CleanupStack::PopAndDestroy(2); //transarray + recv_proposals
+
+ //Process the possible NOTIFICATION payloads
+ for (TInt i = 0; i < payload->iNotifs->Count(); i++)
+ {
+ if (!ProcessNotificationL(payload->iNotifs->At(i)))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+
+ if (!ProcessNonceL(payload->iNonce))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //HASH
+ if (!ProcessHash2L(aHdr, payload->iHash, payload->iPadding))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ if (!ProcessKeyL(payload->iKe))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ ProcessVendorL(payload->iVids);
+
+ if ( iNatDiscovery ) {
+ iNAT_D_Flags |= iNatDiscovery->GetPeerOriginalAddress(payload->iNatOa, iRemoteOriginalAddr, iChosenProp_IIList);
+ }
+
+ CleanupStack::PopAndDestroy(); //notif_payload_array
+ iStage = 2;
+ return ETrue;
+}
+
+//Creates a new proposal list from a selected part of another list (Certain proposal and transforms)
+void CIkev1Negotiation::CreateChosenProposalL(CProposal_IIList* aPropList, TInt aPropNum, CTransModifierList *aTransArray)
+{
+
+ CProposal_II *prop, *new_propII;
+ TAttrib_II *attr_II;
+ TChosenAttrib_II *new_attr_II;
+ TInt count = aPropList->Count();
+ TInt i = 0;
+ TInt j = 0;
+
+ //
+ // Find selected proroposal from list
+ //
+ while ( i < count)
+ {
+ if (aPropList->At(i)->iProposalNum == aPropNum)
+ break;
+ i ++;
+ }
+
+ TTransModifier *tmodif;
+ TInt64 own_time, own_bytes, peer_time, peer_bytes;
+ delete iChosenProp_IIList; //Must be erased because can contain data from previous retransmissions
+ iChosenProp_IIList = NULL;
+ iChosenProp_IIList = new (ELeave) CProposal_IIList(1);
+ while ( i < count )
+ {
+ prop = aPropList->At(i);
+ if ( prop->iProposalNum != aPropNum)
+ break; // Stop, another Proposal
+
+ new_propII = new (ELeave) CProposal_II();
+ CleanupStack::PushL(new_propII);
+ new_propII->ConstructL(1);
+ iChosenProp_IIList->AppendL(new_propII);
+ CleanupStack::Pop(); //new_propII safe
+
+ new_propII->iProtocol = prop->iProtocol;
+ new_propII->iNumTransforms = 1; //We only choose 1 transform for each proposal
+ new_propII->iProposalNum = (TUint8)aPropNum;
+ new_propII->iSPI.Copy(prop->iSPI);
+ tmodif = aTransArray->At(j);
+ new_propII->iReplayWindowLength = tmodif->iReplayWindowLength;
+
+ attr_II = prop->iAttrList->At(tmodif->iTransNum); //look for the chosen transform in the prop
+ ComputeLifetimes_II(tmodif->iReducedLifeSecs, tmodif->iReducedLifeKBytes, own_time, own_bytes);
+ ComputeLifetimes_II(attr_II->iLifeDurationSecs, attr_II->iLifeDurationKBytes, peer_time, peer_bytes);
+
+ //Only copy the chosen transform
+ new_attr_II = new (ELeave) TChosenAttrib_II();
+ CleanupStack::PushL(new_attr_II);
+ new_attr_II->Copy(*attr_II);
+ if ((peer_time > own_time) && (own_time != 0))
+ {
+ new_attr_II->iReducedLifeSecs.Set(tmodif->iReducedLifeSecs);
+ DEBUG_LOG1(_L("Lifetime bigger than the one set. Reducing to %d"), own_time);
+ }
+ else
+ new_attr_II->iReducedLifeSecs.Set(NULL, 0);
+
+ if ((peer_bytes > own_bytes) && (own_bytes != 0))
+ {
+ new_attr_II->iReducedLifeKBytes.Set(tmodif->iReducedLifeKBytes);
+ DEBUG_LOG1(_L("Lifesize bigger than the one set. Reducing to %d"), own_bytes);
+ }
+ else
+ new_attr_II->iReducedLifeKBytes.Set(NULL, 0);
+
+ new_propII->iAttrList->AppendL(new_attr_II);
+ CleanupStack::Pop(); //new_attrII safe
+
+ j++; // Next transform modifer
+ i++; // Next proposal
+
+ }
+}
+
+
+//Called as a INITIATOR for PHASE_II
+//Checks HASH(1),SA, ,NONCE,[KE] [ID,ID] from RESPONDER
+TBool CIkev1Negotiation::ProcessStage2Phase2L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( !payload->iSa || !payload->iNonce )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ CProposal_IIList *recv_proposals = new (ELeave) CProposal_IIList(1);
+ CleanupStack::PushL(recv_proposals);
+
+ //SA
+ if (!ProcessSAL(payload->iSa, (TUint8 *)recv_proposals))
+ {
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+
+ //ID payloads (if existing)
+ if ( payload->iIds->Count() == 2 )
+ {
+ if (!ProcessStage2_II_IDsL(payload->iIds->At(0), payload->iIds->At(1)))
+ {
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+ }
+ else if ( payload->iIds->Count() != 0 )
+ {
+ DEBUG_LOG(_L("Unsupported Phase II ID payload count"));
+ CleanupStack::PopAndDestroy(2); //recv_proposals + payload
+ return EFalse;
+ }
+
+ //Contains the transform nums matching if multiple proposals
+ CTransModifierList *trans_array = new (ELeave) CTransModifierList(1);
+ CleanupStack::PushL(trans_array);
+
+ //Check the received proposals match the proposed one (Got from
+ //acquire msg.)
+ TInt num = iProposal_IIList->MultiMatchL(recv_proposals, iRole == RESPONDER, trans_array);//If RESPONDER relaxed comparison (no lifetimes checked)
+#ifdef _DEBUG
+ TBuf<128> err_buf;
+#endif
+ if (num < 0)
+ {
+#ifdef _DEBUG
+ err_buf.Copy(_L("BAD_PROPOSAL_SYNTAX: Phase II reply doesn't match proposal - "));
+ AppendAttributeError(num, err_buf);
+ DEBUG_LOG(err_buf);
+#endif
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ CleanupStack::PopAndDestroy(3); //transarray + recv_proposals + payload
+ return EFalse;
+ }
+ // iProposalNum set to correspond local proposal numbering
+ iProposalNum = trans_array->At(0)->iPropNum;
+ //Copy the chosen transform
+ CreateChosenProposalL(recv_proposals, num, trans_array);
+
+ CleanupStack::PopAndDestroy(2); //transarray + recv_proposals
+
+ //Process the possible NOTIFICATION payloads
+ for (TInt i = 0; i < payload->iNotifs->Count(); i++)
+ {
+ if (!ProcessNotificationL(payload->iNotifs->At(i)))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ }
+ //NONCE
+ if (!ProcessNonceL(payload->iNonce))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //HASH
+ if (!ProcessHash2L(aHdr, payload->iHash, payload->iPadding))
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+ //KEY (if present (PFS))
+ if (!ProcessKeyL(payload->iKe))
+ {
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ ProcessVendorL(payload->iVids);
+
+ if ( iNatDiscovery ) {
+ iNAT_D_Flags |= iNatDiscovery->GetPeerOriginalAddress(payload->iNatOa, iRemoteOriginalAddr, iChosenProp_IIList);
+ }
+
+ if ( iRecvFlags & ISAKMP_HDR_CFLAG ) //Commit Bit set
+ {
+ iFlags |= ISAKMP_HDR_CFLAG; //Sets the Commit bit if this side set it else
+ DEBUG_LOG(_L("SAD update delayed until CONNECTED received"));
+ }
+
+ CleanupStack::PopAndDestroy(); //payload
+ iStage = 3;
+ return ETrue;
+
+}
+
+TBool CIkev1Negotiation::ProcessStage3Phase2L(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( payload->iSa || payload->iNonce || payload->iKe || payload->iIds->Count() != 0 )
+ {
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Hash Payload
+ TBool Status = ProcessHash2L(aHdr, payload->iHash, payload->iPadding);
+ if ( Status )
+ {
+ //END OF THE PHASE II (Quick mode) negotiation.
+ //Now we need to update the PFKEY SA database
+ ProcessVendorL(payload->iVids);
+ UpdateSADatabaseL();
+ iStage = 4;
+ }
+ CleanupStack::PopAndDestroy(); //payload
+ return Status;
+}
+
+TBool CIkev1Negotiation::ProcessCONNECTEDL(const ThdrISAKMP &aHdr)
+{
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *this, iDebug);
+ if (!payload)
+ return EFalse;
+
+ CleanupStack::PushL(payload);
+
+ if ( !payload->iHash || (payload->iNotifs->Count() != 1) || payload->iSa ||
+ payload->iNonce || payload->iKe || (payload->iIds->Count() != 0) )
+ {
+ DEBUG_LOG(_L("PAYLOAD_MALFORMED (no hash or notfic payload)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ CleanupStack::PopAndDestroy(); //payload
+ return EFalse;
+ }
+
+ //Checks if the hash value is OK. Here because need the
+ //notification payload
+ const TNotificationISAKMP* notif_payload = payload->iNotifs->At(0);
+ TBool Status = VerifyInformationalHashL(payload->iHash, notif_payload, iMessageId);
+ if ( Status )
+ { //Hash OK
+ if ((notif_payload->GetDOI() == IPSEC_DOI) && (notif_payload->GetMsgType() == CONNECTED))
+ {
+ //END OF THE PHASE II (Quick mode) negotiation.
+ //Now we need to update the PFKEY SA database
+ DEBUG_LOG(_L("CONNECTED message received. Updating SAD"));
+ UpdateSADatabaseL();
+ iStage = 5;
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED (Informational hash)"));
+ SetErrorStatus( KKmdIkeAuthFailedErr );
+ SendNotifyL(AUTHENTICATION_FAILED);
+ }
+ CleanupStack::PopAndDestroy(); //payload
+ return Status;
+}
+
+//returns KErrNone if OK, otherwise error already treated.
+TBool CIkev1Negotiation::ProcessSAL(const TSAISAKMP *aSA, TUint8 *aRecvProposals)
+{
+ //payload not present
+ if (!aSA)
+ {
+ DEBUG_LOG(_L("NO SA PAYLOAD"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ //requires a special length check to know the proposals and transforms are not bigger than
+ //the size specified in th SA
+ TUint32 SALengthLeft = aSA->GetLength() - aSA->Size();
+
+ TUint8 next_payload = aSA->GetPayload();
+ if ((next_payload == ISAKMP_PAYLOAD_P) || (next_payload == ISAKMP_PAYLOAD_T))
+ {
+ DEBUG_LOG(_L("INVALID_PAYLOAD_TYPE (Bad next payload for the SA)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PAYLOAD_TYPE); // Payloads and transforms are processed as a part of the SA,
+ return EFalse;
+ }
+
+ TUint32 doi=aSA->GetDOI();
+ if (!CheckDOI(doi))
+ {
+ DEBUG_LOG(_L("DOI_NOT_SUPPORTED in SA payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(DOI_NOT_SUPPORTED); //send the informational exchange
+ return EFalse;
+ }
+
+ if (iStage == 1)
+ iDOI = doi;
+
+ //Process SITuation depending on DOI. In this implementation always is IPSEC DOI
+ if (!CheckSituationL(aSA->GetSIT()))
+ return EFalse;
+
+ if (aSA->HasLDId()) //If no Labeled Domain Identifier no more processing for the SA
+ {
+ DEBUG_LOG(_L("Label Domain Identifier (LDI) not supported"));
+ return EFalse;
+ }
+
+ if (iPhase==PHASE_I) //Only used in Phase_I. PHASE_II hashs check it directly from received paylaod
+ {
+ //Store the SA payload for further calculations in Hash.
+ if (iRole==RESPONDER)
+ {
+ iSAPayloadSize = aSA->GetLength()-sizeof(TPayloadISAKMP);
+ delete iSAPayload;
+ iSAPayload = NULL;
+ iSAPayload = new (ELeave) (TUint8[iSAPayloadSize]); //Generic payload NOT included
+ Mem::Copy(iSAPayload,(((TUint8 *)aSA)+sizeof(TPayloadISAKMP)),iSAPayloadSize);
+ }
+ }
+ const TPayloadISAKMP *payload = aSA->Payload();
+ return ProcessProposalsL(payload, SALengthLeft, aRecvProposals);
+}
+
+
+//Do the process required for proposals and transforms. The aPayload given must be a proposal
+TBool CIkev1Negotiation::ProcessProposalsL(const TPayloadISAKMP *aPayload, TUint32 aLengthLeft, TUint8 *aRecvProposals)
+{
+ TProposalISAKMP *proposal;
+ const TPayloadISAKMP *ppayload=aPayload;
+ TUint8 payType = ppayload->GetPayload();
+ TUint32 len_left;
+ CProposal_IIList *recv_proposals = (CProposal_IIList *)aRecvProposals;
+ CProposal_II *auxProp_II;
+ TBool found = EFalse; //At least 1 transform matching
+
+ //Many Proposals. The RESPONDER MUST choose a transform for each proposal or reject the
+ //full suite of attributes.
+ do
+ {
+ //General payload check
+ if ((payType != ISAKMP_PAYLOAD_NONE) && (payType != ISAKMP_PAYLOAD_P))
+ {
+ DEBUG_LOG(_L("INVALID_PAYLOAD_TYPE (Bad next payload for the proposal)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PAYLOAD_TYPE);
+ return EFalse;
+ }
+
+ if (aPayload->GetReserved() != 0) //Must be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ //requires special length check
+ if ((aPayload->GetLength() < MIN_ISAKMP_PAYLOAD_SIZE) || (aPayload->GetLength() > aLengthLeft))
+ {
+ DEBUG_LOG(_L("BAD PAYLOAD SIZE"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ aLengthLeft -= aPayload->GetLength(); //dcreases the length of the prop. and its transforms
+
+ proposal = TProposalISAKMP::Ptr(ppayload);
+
+
+ if (!CheckProtocolL(proposal->GetProtocol()))
+ return EFalse;
+
+ if (!CheckSPIL(proposal))
+ return EFalse;
+
+ len_left = proposal->GetLength() - (proposal->Size() + proposal->GetSPISize());
+ //len_left contains the length of the transforms only
+
+ TInt ret = KErrNotFound;
+ if (iPhase == PHASE_I)
+ {
+ iChosenProposal_I.iProtocol = proposal->GetProtocol();
+ iChosenProposal_I.iSPI.Copy((TUint8 *)proposal->SPI(), proposal->GetSPISize());
+ iChosenProposal_I.iNumTransforms = 1; //Phase I only one transf chosen
+ iChosenProposal_I.iProposalNum = proposal->GetNum();//Not compulsory but preferable to speed up the search process in the peer
+
+ ret = ProcessTransformsL(ppayload,len_left);
+
+ if (ret == KErrNone)
+ return ETrue;//valid transform found
+ else if (ret != KErrNotFound)
+ {
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ return EFalse;
+ }
+ //If not found there may be other proposal to check
+ }
+ else //PHASE_II
+ {
+ auxProp_II = new (ELeave) CProposal_II();
+ CleanupStack::PushL(auxProp_II);
+ auxProp_II->ConstructL(proposal->GetNumTrans());
+ auxProp_II->iProtocol=proposal->GetProtocol();
+ auxProp_II->iSPI.Copy((TUint8 *)proposal->SPI(), proposal->GetSPISize());
+ auxProp_II->iNumTransforms = proposal->GetNumTrans(); //Number of transforms in the proposal
+ auxProp_II->iProposalNum = proposal->GetNum(); //Proposal num
+
+ ret = ProcessTransforms2L(ppayload, auxProp_II, len_left);
+ if (ret==KErrNone)//valid transform found
+ {
+ //Adds the new proposal to the list of chosen proposals
+ recv_proposals->AppendL(auxProp_II);
+ CleanupStack::Pop(); //auxProp_II safe
+ found = ETrue;
+ //go for the next proposal
+ }
+ else
+ {
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED"));
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ CleanupStack::PopAndDestroy(); //delete auxProp_II; //delete the current proposal
+ return EFalse;
+ }
+ }
+
+ payType = ppayload->GetPayload();
+ ppayload = ppayload->Next(); //Next payload if there's any
+ } while (payType!=ISAKMP_PAYLOAD_NONE); //Proposal loop
+
+ if (!found)
+ {
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED"));
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ return EFalse;
+ }
+
+ return found;
+}
+
+//processes all the PHASE I transforms. The parameter payload is the proposal containing
+//the transforms to be able to access the # of transforms.
+//Returns if any transform accepted (KErrNone) or not (KErrNotFound) or processing error (KErrGeneral)
+TInt CIkev1Negotiation::ProcessTransformsL(const TPayloadISAKMP *aPayload,TUint32 aLengthLeft)
+{
+ DEBUG_LOG(_L("-> CIkev1Negotiation::ProcessTransformsL()"));
+ TUint16 reason;
+ TInt ret = KErrGeneral;
+ const TTransformISAKMP *transf;
+ const TProposalISAKMP *proposal=TProposalISAKMP::Ptr(aPayload);
+ //First transform. Not Next() because would be the next proposal or non-sa payload
+ const TPayloadISAKMP *tpayload=proposal->Payload();
+
+ TInt payType = tpayload->GetPayload(); //Type of the payload following the first transform
+ transf = TTransformISAKMP::Ptr(tpayload);
+
+ TInt numTransf = (TInt)transf->GetNum(); // First transform number
+ TInt lastTransf = numTransf + (TInt)proposal->GetNumTrans(); // Last transform number
+
+ while ( numTransf < lastTransf )
+ {
+ //only permited payload codes
+ if ((payType != ISAKMP_PAYLOAD_NONE) && (payType != ISAKMP_PAYLOAD_T))
+ {
+ DEBUG_LOG(_L("INVALID_PAYLOAD_TYPE (Bad next payload for the transform)"));
+ SendNotifyL(INVALID_PAYLOAD_TYPE);
+ return KErrGeneral;
+ }
+
+ if (tpayload->GetReserved() != 0) //Must be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return KErrGeneral;
+ }
+
+ //requires special length check
+ if ((tpayload->GetLength() < MIN_ISAKMP_PAYLOAD_SIZE) || (tpayload->GetLength() > aLengthLeft))
+ {
+ DEBUG_LOG(_L("BAD PAYLOAD SIZE"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return KErrGeneral;
+ }
+
+ if (!CheckTransformID(PROTO_ISAKMP,transf->GetID()))
+ {
+ DEBUG_LOG(_L(" Continue"));
+
+ numTransf++; // Next supposed transform #
+ payType = tpayload->GetPayload();
+ tpayload = tpayload->Next(); //next payload (transform)
+ transf = TTransformISAKMP::Ptr(tpayload);
+
+ continue; //If fails, transform discarded!, not error
+ }
+
+ if ( transf->GetNum() != numTransf ) //Not the correct #
+ {
+ DEBUG_LOG1(_L("BAD_PROPOSAL_SYNTAX (Non conscutive transform number (%d)"),transf->GetNum());
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrGeneral"));
+ return KErrGeneral;
+ }
+
+ if (transf->GetReserved() != 0 ) //Should be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrGeneral"));
+ return KErrGeneral;
+ }
+
+ numTransf++; // Next supposed transform #
+ //Attributes to be checked depending on Transf ID
+ TAttrib attrib;
+
+ ret = ProcessAttributesL(tpayload, &attrib);
+
+ if (ret != KErrNone)
+ {
+ if (ret != KErrNotFound)
+ {
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrGeneral"));
+ return KErrGeneral; //Error in the attributes. Already reported
+ }
+ //Not accepted but correct
+ }
+ else // Accepted attributes if (AttrChosen(attrib))
+ {
+ //Checks the response or proposal is the same as one of our proposals
+ TAttrib *attr_list = iProposal_I.iAttrList;
+ TInt ret = KErrNotFound;
+#ifdef _DEBUG
+ TBuf<256> buf;
+#endif
+ while (attr_list && (ret != KErrNone) )
+ {
+ ret = attrib.Compare(*attr_list, iRole==RESPONDER); //If RESPONDER relaxed comparison (no lifetimes checked)
+ if (ret != KErrNone)
+ {
+#ifdef _DEBUG
+ DEBUG_LOG1(_L("Transform #%d not matching proposal Reason: "), attrib.iTransformNum);
+ AppendAttributeError(ret, buf);
+ DEBUG_LOG(buf);
+#endif
+ }
+ attr_list = attr_list->iNext; //next transform proposed
+
+ }
+ if (ret == KErrNone)
+ {
+ *iChosenProposal_I.iAttrList = attrib;
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrNone"));
+ return KErrNone; //If the attibute are supported there's no need to check more SA
+ }
+ else //No proposal matches
+ {
+ if ( numTransf == lastTransf ) //Is there more transforms to check
+ {
+ if (iRole == INITIATOR)
+ {
+ reason = BAD_PROPOSAL_SYNTAX;
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Phase I reply don't match proposal)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ }
+ else
+ {
+ reason = NO_PROPOSAL_CHOSEN;
+ DEBUG_LOG(_L("NO_PROPOSAL_CHOSEN (Received Proposal doesn't match accepted attributes (Check own proposals))"));
+ }
+ SendNotifyL(reason);
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrNotFound"));
+ return KErrNotFound;
+ }
+ }
+ }
+
+ payType = tpayload->GetPayload();
+ tpayload = tpayload->Next(); //next payload (transform)
+ transf = TTransformISAKMP::Ptr(tpayload);
+
+ }
+
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransformsL() KErrNotFound"));
+
+ //if reaches this point meanse no transform accepted in this proposal
+ //Notifies to the upper level
+ return KErrNotFound;
+
+}
+
+
+//Logs the error when comparing a proposal
+//void CIkev1Negotiation::LogAttributeError(TInt aTransformNum, TInt aErr)
+void CIkev1Negotiation::AppendAttributeError(TInt aErr, TDes &aBuf) const
+{
+#ifndef _DEBUG
+ (void)aErr;
+ (void)aBuf;
+#endif
+
+#ifdef _DEBUG
+ switch (aErr)
+ {
+ case KErrNotFound:
+ aBuf.Append(_L("No proposals\n"));
+ break;
+ case KErrTransformID:
+ aBuf.Append(_L("Different Transform Algorithm\n"));
+ break;
+ case KErrEncrAlg:
+ aBuf.Append(_L("Different Encryption Algorithm\n"));
+ break;
+ case KErrHashAlg:
+ aBuf.Append(_L("Different Hash Algorithm\n"));
+ break;
+ case KErrAuthMethod:
+ aBuf.Append(_L("Different Authentication Method\n"));
+ break;
+ case KErrGroupDesc:
+ aBuf.Append(_L("Different Group Description\n"));
+ break;
+ case KErrGroupType:
+ aBuf.Append(_L("Different Group Type\n"));
+ break;
+ case KErrGroupPrime:
+ aBuf.Append(_L("Different Group Prime\n"));
+ break;
+ case KErrGroupGen1:
+ aBuf.Append(_L("Different Group Generator 1\n"));
+ break;
+ case KErrGroupGen2:
+ aBuf.Append(_L("Different Group Generator 2\n"));
+ break;
+ case KErrGroupCurveA:
+ aBuf.Append(_L("Different Group Curve A\n"));
+ break;
+ case KErrGroupCurveB:
+ aBuf.Append(_L("Different Group Curve A\n"));
+ break;
+ case KErrPRF:
+ aBuf.Append(_L("Different PRF\n"));
+ break;
+ case KErrKeyLength:
+ aBuf.Append(_L("Different Key Length\n"));
+ break;
+ case KErrFieldSize:
+ aBuf.Append(_L("Different Field Size\n"));
+ break;
+ case KErrGroupOrder:
+ aBuf.Append(_L("Different Group Order\n"));
+ break;
+ case KErrLifeTime:
+ aBuf.Append(_L("Different Lifetime\n"));
+ break;
+ case KErrLifeSize:
+ aBuf.Append(_L("Different LifeSize\n"));
+ break;
+ case KErrEncMode:
+ aBuf.Append(_L("Different Encapsulation Mode\n"));
+ break;
+ case KErrAuthAlg:
+ aBuf.Append(_L("Different Authentication Algorithm\n"));
+ break;
+ case KErrKeyRounds:
+ aBuf.Append(_L("Different Key Rounds\n"));
+ break;
+ case KErrComprDicSize:
+ aBuf.Append(_L("Different Compress Dictionary Size\n"));
+ break;
+ case KErrComprPrivAlg:
+ aBuf.Append(_L("Different Compress Private Algorithm\n"));
+ break;
+ case KErrTransformNum:
+ aBuf.Append(_L("Different Transform Num.\n"));
+ break;
+ case KErrPropProtocol:
+ aBuf.Append(_L("Proposals have different protocol.\n"));
+ break;
+ case KErrNoTransforms:
+ aBuf.Append(_L("Proposal has no transforms \n"));
+ break;
+ case KErrNoRemoteProposals:
+ aBuf.Append(_L("Remote Proposals list is empty\n"));
+ break;
+ case KErrNoLocalProposals:
+ aBuf.Append(_L("Local Proposals list is empty\n"));
+ break;
+ case KErrPropNumberMismatch:
+ aBuf.Append(_L("The proposals lists have diferent number of AND'd proposals"));
+ break;
+ default:
+ aBuf.Append(_L("Unknown\n"));
+ }
+#endif
+}
+
+//processes all the PHASE II transforms. The parameter payload is the proposal containing
+//the transforms to be able to access the # of transforms.
+//Returns if any transform accepted (KErrNone) or not (KErrNotFound) or processing error (KErrGeneral)
+TInt CIkev1Negotiation::ProcessTransforms2L(const TPayloadISAKMP *aPayload,CProposal_II *aProp,TUint32 aLengthLeft)
+{
+ DEBUG_LOG(_L("-> CIkev1Negotiation::ProcessTransforms2L()"));
+
+ TInt ret;
+ const TTransformISAKMP *transf;
+ const TProposalISAKMP *proposal=TProposalISAKMP::Ptr(aPayload);
+ //First transform. Not Next() because would be the next proposal or non-sa payload
+ const TPayloadISAKMP *tpayload = proposal->Payload();
+
+ TAttrib_II *attr_II = NULL;
+ TInt payType = tpayload->GetPayload(); //Type of the payload following the first transform
+ transf = TTransformISAKMP::Ptr(tpayload);
+
+ TInt numTransf = (TInt)transf->GetNum(); // First transform number
+ TInt lastTransf = numTransf + (TInt)proposal->GetNumTrans(); // Last transform number
+
+ while ( numTransf < lastTransf )
+ {
+ //only permited payload codes
+ if ((payType != ISAKMP_PAYLOAD_NONE) && (payType != ISAKMP_PAYLOAD_T))
+ {
+ DEBUG_LOG(_L("INVALID_PAYLOAD_TYPE (Bad next payload for the transform)"));
+ SendNotifyL(INVALID_PAYLOAD_TYPE);
+ return KErrGeneral;
+ }
+
+ if (tpayload->GetReserved() != 0) //Must be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return KErrGeneral;
+ }
+
+ //requires special length check
+ if ((tpayload->GetLength() < MIN_ISAKMP_PAYLOAD_SIZE) || (tpayload->GetLength() > aLengthLeft))
+ {
+ DEBUG_LOG(_L("BAD PAYLOAD SIZE"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return KErrGeneral;
+ }
+
+ if (!CheckTransformID(aProp->iProtocol,transf->GetID()))
+ {
+ DEBUG_LOG(_L(" Transform doesn't match, moving on to the next one"));
+ payType = tpayload->GetPayload();
+ tpayload = tpayload->Next(); //next payload (transform)
+ transf = TTransformISAKMP::Ptr(tpayload);
+ numTransf++; // Next supposed transform #
+ continue; //If fails, transform discarded!, not error
+ }
+
+ if ( transf->GetNum() != numTransf ) //Not the correct #. Must be consecutive
+ {
+ DEBUG_LOG1(_L("BAD_PROPOSAL_SYNTAX (Non conscutive transform number (%d)"),transf->GetNum());
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+
+ if (transf->GetReserved() != 0 ) //Must be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return KErrGeneral;
+ }
+
+ //Attributes to be checked depending on Transf ID
+ attr_II = new (ELeave) TAttrib_II();
+ CleanupStack::PushL(attr_II);
+ ret = ProcessAttributes2L(tpayload, attr_II, aProp->iProtocol);
+ if (ret != KErrNone) //Some invalid attribute
+ {
+ DEBUG_LOG(_L(" Invalid attribute"));
+ CleanupStack::PopAndDestroy(); //delete attr_II;
+ if (ret != KErrNotFound)
+ return KErrGeneral; //Error in the attributes. Already reported
+ else //Invalid transform- Ignored
+ {
+ DEBUG_LOG2(_L("Transform %d of proposal %d ignored"), transf->GetNum(), aProp->iProposalNum);
+ }
+ }
+ else //Accepted, must check if really proposed or if matches the configuration if RESPONDER
+ {
+ DEBUG_LOG(_L(" Adding new attribute"));
+ aProp->iAttrList->AppendL(attr_II); //Add the new attribute
+ CleanupStack::Pop(); //attr_II saf
+ }
+ payType = tpayload->GetPayload();
+ tpayload = tpayload->Next(); //next payload (transform)
+ transf = TTransformISAKMP::Ptr(tpayload);
+ numTransf++; // Next supposed transform #
+
+ }
+
+ //No valid transform found
+ if (aProp->iAttrList->Count() == 0)
+ {
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransforms2L() KErrNotFound"));
+ return KErrNotFound;
+ }
+
+ DEBUG_LOG(_L("<- CIkev1Negotiation::ProcessTransforms2L() KErrNone"));
+ return KErrNone;
+}
+
+
+//Copies and checks the values of the attributes. The parameter aPayload must be a transform
+//aAttrib will contain the sent attributes if the return value is KErrNone, otherwise should be
+//ignore because there was an error reading them (KErrGeneral) or the transform was not accepted (KErrNotFound)
+TInt CIkev1Negotiation::ProcessAttributesL(const TPayloadISAKMP *aPayload, TAttrib *aAttrib)
+{
+ const TTransformISAKMP *transf = TTransformISAKMP::Ptr(aPayload);
+ TInt length= aPayload->GetLength() - sizeof(*transf); //To process the attribs
+ TDataISAKMP *attr= transf->SAAttrib();
+
+ aAttrib->iTransformNum = transf->GetNum();
+ aAttrib->iTransformID = transf->GetID();
+ //
+ // Store parameters for extended authentication
+ //
+ aAttrib->iXauthUsed = iHostData->iUseXauth;
+ aAttrib->iRole = iRole;
+
+ TUint16 lifeType = 0; //No type assigned yet
+ TUint32 lifeValue = 0; //No value assigned yet
+ TUint16 val;
+
+ while ( length>0 )
+ {
+ length = length - attr->Size();
+ if (length<0) //Mismatch between lengths!!!
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Length mismatch in the attibutes)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ switch (attr->Type())
+ {
+ case OAKLEY_ATTR_TYPE_ENCR_ALG:
+ if (!CheckEncrAlg(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iEncrAlg=attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_HASH_ALG:
+ if (!CheckHashAlg(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iHashAlg = attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_AUTH_METH:
+ val = CTransNegotiation::GetAuthMethod(attr->Value(), iHostData->iUseXauth, iRole);
+ if (!CheckAuthMethod(val))
+ return KErrNotFound;
+ aAttrib->iAuthMethod = val;
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_DESC:
+ if (!CheckGroupDesc(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iGroupDesc = attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_TYPE:
+ if (!CheckGroupType(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iGroupType = attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_PRIME:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupPrime.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupPrime.Copy(attr->VarValue(),attr->Length());
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_GEN1:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupGen1.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupGen1.Copy(attr->VarValue(),attr->Length());
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_GEN2:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupGen2.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupGen2.Copy(attr->VarValue(),attr->Length());
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_CRVA:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupCurveA.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupCurveA.Copy(attr->VarValue(),attr->Length());
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_CRVB:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupCurveB.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupCurveB.Copy(attr->VarValue(),attr->Length());
+ break;
+ case OAKLEY_ATTR_TYPE_LIFE_TYPE:
+ lifeType = attr->Value();
+ if (!CheckLifeType(lifeType))
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Invalid lifetime type)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ break;
+ case OAKLEY_ATTR_TYPE_LIFE_DUR:
+ if (attr->IsBasic())
+ {
+ lifeValue = ByteOrder::Swap32(attr->Value());
+ if (lifeType == SECONDS)
+ aAttrib->iLifeDurationSecs.Copy((TUint8 *)&lifeValue, sizeof(lifeValue));
+ else if (lifeType == KBYTES)
+ aAttrib->iLifeDurationKBytes.Copy((TUint8 *)&lifeValue, sizeof(lifeValue));
+ else
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Invalid lifetime type)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ }
+ else //Not basic
+ {
+ if (lifeType == SECONDS)
+ aAttrib->iLifeDurationSecs.Copy(attr->VarValue(),attr->Length());
+ else if (lifeType == KBYTES)
+ aAttrib->iLifeDurationKBytes.Copy(attr->VarValue(),attr->Length());
+ else
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Invalid lifetime type)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ }
+ break;
+ case OAKLEY_ATTR_TYPE_PRF:
+ if (!CheckPRF(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iPRF=attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_KEY_LEN:
+ aAttrib->iKeyLength = attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_FIELD_SIZE:
+ if (!CheckFieldSize(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iFieldSize=attr->Value();
+ break;
+ case OAKLEY_ATTR_TYPE_GROUP_ORDER:
+ if (attr->IsBasic())
+ {
+ val = attr->Value();
+ aAttrib->iGroupOrder.Copy((TUint8*)&val, sizeof(val));
+ }
+ else
+ aAttrib->iGroupOrder.Copy(attr->VarValue(),attr->Length());
+ break;
+ default:
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED (Invalid attribute number)"));
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ return KErrGeneral;
+ }
+ attr = attr->Next();
+ }
+
+ //Done here to ensure both received
+ if (aAttrib->iKeyLength !=0)
+ if (!CheckKeyLength(aAttrib->iKeyLength, (TUint8)aAttrib->iEncrAlg ,PROTO_ISAKMP))
+ return KErrNotFound;
+
+ return KErrNone;
+}
+
+//Copies and checks the values of the attributes. The parameter aPayload must be a transform
+//aAttrib will contain the sent attributes if the return value is KErrNone, otherwise should be
+//ignore because there was an error reading them (KErrGeneral) or the transform was not accepted (KErrNotFound)
+TInt CIkev1Negotiation::ProcessAttributes2L(const TPayloadISAKMP *aPayload, TAttrib_II *aAttrib,TUint8 aProtocol)
+{
+ const TTransformISAKMP *transf = TTransformISAKMP::Ptr(aPayload);
+ TInt length= aPayload->GetLength() - sizeof(*transf); //To process the attribs
+
+ aAttrib->iTransformNum = transf->GetNum();
+ aAttrib->iTransformID = transf->GetID();
+ TDataISAKMP *attr= transf->SAAttrib();
+ TUint16 lifeType = 0; //No type assigned yet
+ TUint32 lifeValue = 0;
+ while (length>0)
+ {
+ length = length - attr->Size();
+ if (length<0) //Mismatch between lengths!!!
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Length mismatch in the attibutes)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ switch (attr->Type())
+ {
+ case DOI_ATTR_TYPE_LIFE_TYPE:
+ lifeType=attr->Value();
+ if (!CheckLifeType(lifeType))
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (Invalid lifetime type)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ break;
+ case DOI_ATTR_TYPE_LIFE_DUR:
+ if (attr->IsBasic())
+ {
+ lifeValue = ByteOrder::Swap32(attr->Value());
+ if (lifeType==SECONDS)
+ aAttrib->iLifeDurationSecs.Copy((TUint8 *)&lifeValue, sizeof(lifeValue));
+ else if (lifeType==KBYTES)
+ aAttrib->iLifeDurationKBytes.Copy((TUint8 *)&lifeValue, sizeof(lifeValue));
+ else
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (No lifetime type received)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ }
+ else
+ {
+ if (lifeType==SECONDS)
+ aAttrib->iLifeDurationSecs.Copy(attr->VarValue(),attr->Length());
+ else if (lifeType==KBYTES)
+ aAttrib->iLifeDurationKBytes.Copy(attr->VarValue(),attr->Length());
+ else
+ {
+ DEBUG_LOG(_L("BAD_PROPOSAL_SYNTAX (No lifetime type received)"));
+ SendNotifyL(BAD_PROPOSAL_SYNTAX);
+ return KErrGeneral;
+ }
+ }
+ lifeType = 0; //Cannot received another lifetime without setting the type again
+ break;
+ case DOI_ATTR_TYPE_GROUP_DESC:
+ if (!CheckGroupDesc(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iGroupDesc=attr->Value();
+ break;
+ case DOI_ATTR_TYPE_ENC_MODE: //Encapsulation Mode
+ if (!CheckEncMode(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iEncMode=attr->Value();
+ if ( aAttrib->iEncMode == UDP_ENC_TUNNEL || aAttrib->iEncMode == UDP_RFC_ENC_TUNNEL )
+ aAttrib->iEncMode = DOI_TUNNEL;
+ if ( aAttrib->iEncMode == UDP_ENC_TRANSPORT || aAttrib->iEncMode == UDP_RFC_ENC_TRANSPORT)
+ aAttrib->iEncMode = DOI_TRANSPORT;
+ break;
+ case DOI_ATTR_TYPE_AUTH_ALG:
+ if (!CheckAuthAlg(attr->Value()))
+ return KErrNotFound;
+ aAttrib->iAuthAlg=attr->Value();
+ break;
+ case DOI_ATTR_TYPE_KEY_LEN:
+ aAttrib->iKeyLength = attr->Value();
+ break;
+ case DOI_ATTR_TYPE_KEY_ROUNDS:
+ aAttrib->iKeyRounds=attr->Value();
+ break;
+/*
+ case DOI_ATTR_TYPE_COMP_DIC_SIZE: //Compress Dictionary size
+ aAttrib->iComprDicSize=attr->Value();
+ break;
+ case DOI_ATTR_TYPE_COMP_PRIV_ALG: //Compress Dictionary size
+ aAttrib->iComprPrivAlg=attr->Value();
+ break;
+*/
+ default:
+ DEBUG_LOG(_L("ATTRIBUTES_NOT_SUPPORTED (Invalid attribute number)"));
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ return KErrGeneral;
+ }
+ attr = attr->Next();
+ }
+
+ if (lifeType != 0) //Type set but not sent
+ {
+ DEBUG_LOG(_L("Lifetime type set but value not sent!"));
+ return KErrNotFound;
+ }
+
+ if (aAttrib->iKeyLength !=0)
+ if (!CheckKeyLength(aAttrib->iKeyLength,transf->GetID(),aProtocol)) //Check key length correct
+ return KErrNotFound;
+
+ return KErrNone;
+}
+
+
+//returns KErrNone if OK, otherwise error already treated.
+TBool CIkev1Negotiation::ProcessKeyL(const TKeyISAKMP *aKey)
+{
+ //const TKeyISAKMP *key = TKeyISAKMP::Ptr(aPayload);
+
+ //payload not present
+ if (iPhase==PHASE_I)
+ {
+ if (!aKey)
+ {
+ DEBUG_LOG(_L("NO KEY Payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+ //Doesn't return yet because it needs to copy the received key
+ }
+ else //PHASE_II
+ {
+ if (!aKey)
+ {
+ if (iPFS)
+ {
+ DEBUG_LOG(_L("KEY Payload Expected (PFS is enabled)"));
+ return EFalse;
+ }
+
+ return ETrue;
+
+ }
+ else // Key present
+ {
+ if (!iPFS)
+ {
+ DEBUG_LOG(_L("KEY Payload NOT Expected (PFS is disabled)"));
+ return EFalse;
+ }
+ //Doesn't return yet because it needs to copy the received key
+ }
+ }
+
+ //stores the public key sent by the other peer. Only if key received and PFS enabled (PHASE II only)
+ iPeerPublicKey.Copy(aKey->KeyData(), aKey->GetLength() - sizeof(*aKey));
+ return ETrue;
+}
+
+
+TBool CIkev1Negotiation::ProcessNonceL(const TPayloadISAKMP *aPayload)
+{
+ const TNonceISAKMP *nonce = TNonceISAKMP::Ptr(aPayload);
+
+ //payload not present
+ if (!nonce)
+ {
+ DEBUG_LOG(_L("NO NONCE PAYLOAD"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ //stores the nonce sent by the other peer
+ if (iRole==RESPONDER)
+ iNONCE_I.Copy(nonce->NonceData(),nonce->NonceDataLen());
+ else
+ iNONCE_R.Copy(nonce->NonceData(),nonce->NonceDataLen());
+
+ return ETrue;
+
+}
+
+TBool CIkev1Negotiation::ProcessStage1_II_IDsL(const TIdentISAKMP *aInit_ID_payload,const TIdentISAKMP *aResp_ID_payload, CProposal_IIList *aRecv_proposals)
+{
+ //IDci
+ //First we check the received IDs to be able to build the proposals for phase_II
+ TInt32 addr; //Contains a numeric IPv4 addr to be sent
+ TBuf<40> addr_buf; //Contains a text IPv4/IPv6 addr to be sent
+
+ TIp6Addr ip6addr; //IPV6 raw address
+
+ //We receive the peer proxy address or gateway client
+ TAttrib_II *attr_II = aRecv_proposals->At(0)->iAttrList->At(0);
+ if (aInit_ID_payload) //ID Payload received
+ {
+ iIDReceived = ETrue;
+ if (!CheckIdentL(aInit_ID_payload))
+ return EFalse;
+
+ iIDRemotePort = aInit_ID_payload->GetPort();
+ iIDProtocol = aInit_ID_payload->GetProtocol();
+ iRemoteIDType_II = aInit_ID_payload->GetIDType();
+
+ switch (aInit_ID_payload->GetIDType())
+ {
+ case ID_IPV4_ADDR:
+ Mem::Copy((TUint8 *)&addr, aInit_ID_payload->IDData(),sizeof(TInt32));
+ iRemoteAddr1_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ DEBUG_LOG(_L("Remote ID received"));
+ DEBUG_LOG(_L("Setting Remote ID to:"));
+ iRemoteAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (iRemoteAddr.Match(iRemoteAddr1_ID_II))
+ iDefaultRemoteID = ETrue; //Must be sent but won't be used when updating the SAD
+ else if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Received ID MUST match the Remote addr in Transport mode)"));
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ Mem::Copy((TUint8 *)&addr, aInit_ID_payload->IDData(),sizeof(TInt32)); //Address
+ iRemoteAddr1_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ Mem::Copy((TUint8 *)&addr, aInit_ID_payload->IDData() + sizeof(TInt32),sizeof(TInt32)); //Mask
+ iRemoteAddr2_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ iRemoteAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(_L("Setting Remote ID to: addr = "));
+ DEBUG_LOG(addr_buf);
+ iRemoteAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(_L(" mask = "));
+ DEBUG_LOG(addr_buf);
+ if (PrefixLen(iRemoteAddr2_ID_II) < KErrNone) //Invalid Mask (can't be > 32 bec. we get only 4 bytes)
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Invalid peer proxy mask for type ID_IPV4_ADDR_SUBNET)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ if (!iRemoteAddr.Match(iRemoteAddr1_ID_II, iRemoteAddr2_ID_II))
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Remote ID MUST match the net & mask received)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ }
+ break;
+ case ID_IPV6_ADDR:
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ iRemoteAddr1_ID_II.SetAddress(ip6addr);
+ DEBUG_LOG(_L("Remote ID received"));
+ DEBUG_LOG(_L("Setting Remote ID to:"));
+ iRemoteAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (iRemoteAddr.Match(iRemoteAddr1_ID_II))
+ iDefaultRemoteID = ETrue; //Must be sent but won't be used when updating the SAD
+ else if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Remote ID doesn't match received IDi in Transport mode)"));
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8)); //Address
+ iRemoteAddr1_ID_II.SetAddress(ip6addr);
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData() + sizeof(ip6addr.u.iAddr8), sizeof(ip6addr.u.iAddr8)); //Mask
+ iRemoteAddr2_ID_II.SetAddress(ip6addr);
+ DEBUG_LOG(_L("Remote ID (subnet) received"));
+ DEBUG_LOG(_L("Setting Remote ID to: addr = "));
+ iRemoteAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ DEBUG_LOG(_L(" mask = "));
+ iRemoteAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (PrefixLen(iRemoteAddr2_ID_II) < 0) //Invalid Mask
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Invalid peer proxy mask for type ID_IPV6_ADDR_SUBNET)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ if (!iRemoteAddr.Match(iRemoteAddr1_ID_II, iRemoteAddr2_ID_II))
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Remote ID MUST match the net & mask received)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ }
+ break;
+ default: //redundant. Detected in CheckIdentL()
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (ID Type not supported)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }//switch
+ }
+ else //No id received (That means we're negotiating directly with the end host) (RFC 2409 5.5)
+ {
+ //For TRANSPORT we don't need to do anything
+ iIDLocalPort = 0;
+ iIDRemotePort = 0;
+ iIDProtocol = 0;
+ return ETrue; //No need to check the Responder ID if no Initiator ID received
+ }
+
+ //IDcr
+ //Receive our proxy. We don't know it because we are responders so the other peer tells us who does it
+ //want to communicate with
+ if (aResp_ID_payload) //ID Payload received
+ {
+ if (!CheckIdentL(aResp_ID_payload))
+ return EFalse;
+
+ iIDLocalPort = aResp_ID_payload->GetPort();
+ iLocalIDType_II = aResp_ID_payload->GetIDType();
+ if (iIDProtocol != aResp_ID_payload->GetProtocol()) //Must be the same sent in the IDCi
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Local ID Protocol different from Remote ID Protocol. Must be the same)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+
+ switch (aResp_ID_payload->GetIDType())
+ {
+ case ID_IPV4_ADDR:
+ Mem::Copy((TUint8 *)&addr, aResp_ID_payload->IDData(),sizeof(TInt32));
+ iLocalAddr1_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ DEBUG_LOG(_L("Local ID received"));
+ DEBUG_LOG(_L("Setting Local ID to:"));
+ iLocalAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if ( iInternalAddr ) {
+ //
+ // Check ID against internal address instead of local address
+ //
+ if (iInternalAddr->iClientIntAddr.Match(iLocalAddr1_ID_II))
+ iDefaultLocalID = ETrue; //Must be sent but won't be used when updating the SAD
+ }
+ else {
+ if (iLocalAddr.Match(iLocalAddr1_ID_II))
+ iDefaultLocalID = ETrue; //Must be sent but won't be used when updating the SAD
+ else if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Local ID MUST match the net & mask received)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ }
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ Mem::Copy((TUint8 *)&addr, aResp_ID_payload->IDData(),sizeof(TInt32)); //Address
+ iLocalAddr1_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ Mem::Copy((TUint8 *)&addr, aResp_ID_payload->IDData() + sizeof(TInt32),sizeof(TInt32)); //Mask
+ iLocalAddr2_ID_II.SetAddress(ByteOrder::Swap32(addr));
+ DEBUG_LOG(_L("Setting Local ID to: addr = "));
+ iLocalAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ DEBUG_LOG(_L(" mask = "));
+ iLocalAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (PrefixLen(iLocalAddr2_ID_II) < 0) //Invalid Mask
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Invalid Remote ID mask for type ID_IPV4_ADDR_SUBNET)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ if (!iLocalAddr.Match(iLocalAddr1_ID_II, iLocalAddr2_ID_II))
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Local ID MUST match the net & mask received)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ }
+ break;
+ case ID_IPV6_ADDR:
+ Mem::Copy(&ip6addr.u.iAddr8, aResp_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ //iOwnProxyAddr.SetAddress(ip6addr);
+ iLocalAddr1_ID_II.SetAddress(ip6addr);
+ DEBUG_LOG(_L("Own Proxy received"));
+ DEBUG_LOG(_L("Setting Own Proxy address to:"));
+ iLocalAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (iLocalAddr.Match(iLocalAddr1_ID_II))
+ iDefaultLocalID = ETrue; //Must be sent but won't be used when updating the SAD
+ else if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Local ID MUST match the net & mask received)"));
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ Mem::Copy(&ip6addr.u.iAddr8, aResp_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8)); //Address
+ iLocalAddr1_ID_II.SetAddress(ip6addr);
+ Mem::Copy(&ip6addr.u.iAddr8, aResp_ID_payload->IDData() + sizeof(ip6addr.u.iAddr8), sizeof(ip6addr.u.iAddr8)); //Mask
+ iLocalAddr2_ID_II.SetAddress(ip6addr);
+ DEBUG_LOG(_L("Setting Own Proxy to: addr = "));
+ iLocalAddr1_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ DEBUG_LOG(_L(" mask = "));
+ iLocalAddr2_ID_II.OutputWithScope(addr_buf);
+ DEBUG_LOG(addr_buf);
+ if (PrefixLen(iLocalAddr2_ID_II) < 0) //Invalid Mask
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Invalid Remote ID mask for type ID_IPV6_ADDR_SUBNET)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ if (attr_II->iEncMode == DOI_TRANSPORT)
+ {
+ if (!iLocalAddr.Match(iLocalAddr1_ID_II, iLocalAddr2_ID_II))
+ {
+ DEBUG_LOG(_L("ADDRESS_NOTIFICATION (Local ID MUST match the net & mask received)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ADDRESS_NOTIFICATION);
+ return EFalse;
+ }
+ }
+ break;
+ default:
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (ID Type not supported)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }//switch
+ }
+
+ return ETrue;
+}
+
+
+TBool CIkev1Negotiation::ProcessStage2_II_IDsL(const TIdentISAKMP *aInit_ID_payload,const TIdentISAKMP *aResp_ID_payload)//, CProposal_IIList *aRecv_proposals)
+{
+ TInt32 addr4_int; //Contains a numeric IPv4 addr to be sent
+ TIp6Addr ip6addr; //IPV6 raw address
+ TInetAddr tmp_addr;
+ //Here we check the initator proxy (Our client) sent by us has been received correctly
+ if (aInit_ID_payload) //ID Payload received
+ {
+ if (!CheckIdentL(aInit_ID_payload))
+ return EFalse;
+
+ if (aInit_ID_payload->GetPort() != iIDLocalPort)
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Local ID Port different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+
+ if (aInit_ID_payload->GetProtocol() != iIDProtocol)
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Local ID Protocol different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+
+ switch (aInit_ID_payload->GetIDType())
+ {
+ case ID_IPV4_ADDR:
+ Mem::Copy((TUint8 *)&addr4_int,aInit_ID_payload->IDData(),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ if (!tmp_addr.Match(iLocalAddr1_ID_II))
+ {
+ DEBUG_LOG(_L("Wrong Own ID received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ //Subnet
+ Mem::Copy((TUint8 *)&addr4_int,aInit_ID_payload->IDData(),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ if (!tmp_addr.Match(iLocalAddr1_ID_II))
+ {
+ //The ID subnet is not the one we sent!
+ DEBUG_LOG(_L("Wrong Own ID subnet received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ //Mask
+ Mem::Copy((TUint8 *)&addr4_int,aInit_ID_payload->IDData() + sizeof(TInt32),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ if (!tmp_addr.Match(iLocalAddr2_ID_II))
+ {
+ //The ID mask is not the one we sent!
+ DEBUG_LOG(_L("Wrong Own ID mask received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR:
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ if (!tmp_addr.Match(iLocalAddr1_ID_II))
+ {
+ //The ID is not the one we sent!
+ DEBUG_LOG(_L("Wrong Local ID received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ //subnet
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ if (!tmp_addr.Match(iLocalAddr1_ID_II))
+ {
+ //The ID is not the one we sent!
+ DEBUG_LOG(_L("Wrong Local ID subnet received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ //mask
+ Mem::Copy(&ip6addr.u.iAddr8, aInit_ID_payload->IDData() + sizeof(ip6addr.u.iAddr8), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ if (!tmp_addr.Match(iLocalAddr2_ID_II))
+ {
+ //The ID is not the one we sent!
+ DEBUG_LOG(_L("Wrong Local ID mask received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ default:
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (ID Type not supported)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }//switch
+ }
+ else //No id sent (That means we're negotiating directly with the end host
+ {
+ if (!iLocalAddr1_ID_II.IsUnspecified())
+ {
+ DEBUG_LOG(_L("IDci expected and not received!"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ }
+
+ //We receive the peer (responder) proxy address or gateway client
+ if (aResp_ID_payload) //ID Payload received
+ {
+ if (!CheckIdentL(aResp_ID_payload))
+ return EFalse;
+
+ if (aResp_ID_payload->GetPort() != iIDRemotePort)
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Remote Port different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+
+ if (aResp_ID_payload->GetProtocol() != iIDProtocol)
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Responder ID Protocol different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+
+ switch (aResp_ID_payload->GetIDType())
+ {
+ case ID_IPV4_ADDR:
+ Mem::Copy((TUint8 *)&addr4_int,aResp_ID_payload->IDData(),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ DEBUG_LOG(_L("IDcr received"));
+ if (!iRemoteAddr1_ID_II.Match(tmp_addr))
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Wrong Remote ID, doesn't match sent one)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV4_ADDR_SUBNET:
+ //subnet address
+ Mem::Copy((TUint8 *)&addr4_int,aResp_ID_payload->IDData(),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ if (!tmp_addr.Match(iRemoteAddr1_ID_II))
+ {
+ //The ID subnet is not the one we sent!
+ DEBUG_LOG(_L("Wrong Remote ID subnet received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ //Mask address
+ Mem::Copy((TUint8 *)&addr4_int,aResp_ID_payload->IDData() + sizeof(TInt32),sizeof(TInt32));
+ tmp_addr.SetAddress(ByteOrder::Swap32(addr4_int));
+ if (!tmp_addr.Match(iRemoteAddr2_ID_II))
+ {
+ //The ID mask is not the one we sent!
+ DEBUG_LOG(_L("Wrong Remote ID mask received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR:
+ Mem::Copy(&ip6addr.u.iAddr8,aResp_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ DEBUG_LOG(_L("IDcr received"));
+ if (!iRemoteAddr1_ID_II.Match(tmp_addr))
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Wrong ID, doesn't match sent proxy)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ case ID_IPV6_ADDR_SUBNET:
+ //subnet
+ Mem::Copy(&ip6addr.u.iAddr8, aResp_ID_payload->IDData(), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ if (!tmp_addr.Match(iRemoteAddr1_ID_II))
+ {
+ //The ID is not the one we sent!
+ DEBUG_LOG(_L("Wrong Remote ID subnet received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ //mask
+ Mem::Copy(&ip6addr.u.iAddr8, aResp_ID_payload->IDData() + sizeof(ip6addr.u.iAddr8), sizeof(ip6addr.u.iAddr8));
+ tmp_addr.SetAddress(ip6addr);
+ if (!tmp_addr.Match(iRemoteAddr2_ID_II))
+ {
+ //The ID is not the one we sent!
+ DEBUG_LOG(_L("Wrong Remote ID mask received (Different from the one sent)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ break;
+ default: //Only these 2 modes make sense no reason for subnets or range
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION (Remote ID Type not supported)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }//switch
+ }
+ else //No id sent (That means we're negotiating directly with the end host. We check it's TRUE!
+ {
+ if (!iRemoteAddr1_ID_II.IsUnspecified())
+ {
+ DEBUG_LOG(_L("IDcr expected and not received!"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ }
+
+ return ETrue;
+}
+
+
+TBool CIkev1Negotiation::CheckIdentL(const TPayloadISAKMP *aPayload)
+{
+ const TIdentISAKMP *ident = TIdentISAKMP::Ptr(aPayload);
+
+ //payload not present
+ if (!ident)
+ {
+ DEBUG_LOG(_L("NO ID PAYLOAD"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ if (iPhase == PHASE_I)
+ {
+ TUint8 protocol = ident->GetProtocol();
+ if ((protocol != KProtocolInetUdp) && (protocol != 0))
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION: Bad Phase I Protocol (Only UDP(17) or 0 accepted)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ TUint16 port = ident->GetPort();
+ if ((port != 0) && (port != IKE_PORT) && (port != FLOATED_IKE_PORT) )
+ {
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION: Invalid Bad Phase I Port. (Only 0, 500 or 4500 accepted)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ switch (ident->GetIDType())
+ {
+ case ID_IPV4_ADDR:
+ case ID_IPV6_ADDR:
+ case ID_FQDN:
+ case ID_USER_FQDN:
+ case ID_DER_ASN1_DN:
+ break;
+ default:
+ DEBUG_LOG(_L("INVALID_ID_INFORMATION: Invalid Type (Only IPV4/IPV6/User FQDN and DER ASN1 DN accepted in PHASE I)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_ID_INFORMATION);
+ return EFalse;
+ }
+ }
+
+ return ETrue;
+}
+
+
+//Certificate Request Payload processing (all modes).
+TBool CIkev1Negotiation::ProcessCertificateReqL(const TCertificateReqISAKMP *aCertReq)
+{
+ if (iChosenProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK)
+ {
+ DEBUG_LOG(_L("CR ignored when CRACK auth !)"));
+ return ETrue;
+ }
+
+ TInt ret = CheckEncodingL(aCertReq->GetEncoding());
+ switch (ret)
+ {
+ case KErrGeneral:
+ return EFalse;
+ case KErrNotSupported: //Not supported but not an error, just ignored
+ return ETrue;
+ }
+
+ if ( !iPkiService )
+ return EFalse;
+ TBool Status = EFalse;
+ //
+ // No specific CA asked. Find a certificate using own trusted CA list
+ //
+ if ( ReadOwnCertL())
+ {
+ Status = ETrue;
+ }
+
+ return Status;
+
+}
+
+
+//Certificate Request Payload(s) processing (all modes).
+TBool CIkev1Negotiation::ProcessCertificateReqArrayL(const CArrayFixFlat<const TCertificateReqISAKMP *> *aCRPayloadArray)
+{
+
+ TInt count = aCRPayloadArray->Count();
+ if ( count == 0 )
+ {
+ return ETrue; // No Certificate requests
+ }
+
+ if ( ProcessCertificateReqL(aCRPayloadArray->At(0)) )
+ {
+ DEBUG_LOG(_L("User Certificate required by peer found"));
+ iSendCert = ETrue; //Requires sending our cert in next interchange where allowed/expected, otherwise not sent
+ return ETrue;
+ }
+ HBufC8* CAName = NULL;
+ CIkeCaList* trustedCaList = iPkiService->CaList();
+
+ TInt Status=0;
+
+ for (TInt i=0; i < trustedCaList->Count(); i++)
+ {
+ CIkeCaElem* CaElem = (*trustedCaList)[i];
+
+ CAName = IkeCert::GetCertificateFieldDERL(CaElem->Certificate(), KSubjectName);
+ CleanupStack::PushL(CAName);
+
+ TRAP_IGNORE(Status=iPkiService->ReadChainL(iHostData, CAName));
+
+ CleanupStack::PopAndDestroy(CAName);
+ CAName=NULL;
+
+ if ( Status == KErrNone )
+ {
+ delete iOwnCert;
+ iOwnCert = iPkiService->GetCertificate();
+
+ iICA1 = iPkiService->GetTrustedICA1();
+
+ iICA2 = iPkiService->GetTrustedICA2();
+
+ iPeerTrustedCA = iPkiService->GetTrustedCA();
+
+ iSendCert = ETrue; //Requires sending our cert in next interchange where allowed/expected, otherwise not sent
+
+ DEBUG_LOG(_L("Certificate chain Found!"));
+ return ETrue;
+ }
+ }
+
+
+ if ( Status == KVpnErrInvalidCaCertFile)
+ {
+ SetErrorStatus(KVpnErrInvalidCaCertFile);
+
+ SendNotifyL(CERTIFICATE_UNAVAILABLE);
+
+ DEBUG_LOG(_L("Certificate chain read failed!"));
+
+ return EFalse;
+ }
+
+ SetErrorStatus(KKmdIkeNoCertFoundErr);
+ SendNotifyL(CERTIFICATE_UNAVAILABLE);
+ DEBUG_LOG(_L("Certificate Chain r!"));
+
+ return EFalse;
+}
+
+//Certificate Payload(s) processing (all modes).
+TBool CIkev1Negotiation::ProcessCertificateArrayL(CArrayFixFlat<const TCertificateISAKMP *>* aCertArray)
+{
+ TBool Status;
+ if ( iCertRequested )
+ Status = EFalse;
+ else Status = ETrue;
+
+ if ( iPkiService && aCertArray->Count() )
+ {
+ const CIkeCaList* trustedCaList = iPkiService->CaList();
+ CX509Certificate* PeerCert = IkePkiUtils::VerifyCertificateL(*aCertArray,
+ *trustedCaList);
+ if ( PeerCert )
+ {
+ delete iPeerX509Cert;
+ iPeerX509Cert = PeerCert;
+ DEBUG_LOG(_L("Peer Certificate is OK"));
+ Status = ETrue;
+ }
+ else
+ {
+ Status = EFalse;
+ DEBUG_LOG(_L("Peer Certificate is rejected"));
+ }
+ }
+
+ return Status;
+}
+
+//Checks the signature sent by the peer host
+TBool CIkev1Negotiation::ProcessSignatureL(const TSignatureISAKMP *aSigPayload)
+{
+ TBool ret;
+ //payload not present
+ if (!aSigPayload || !iPeerX509Cert )
+ {
+ DEBUG_LOG(_L("NO SIG PAYLOAD"));
+ SetErrorStatus(KKmdIkePeerAuthFailed);
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ //DSS only allows SHA1 as hash
+ TUint16 tmp = iChosenProposal_I.iAttrList->iHashAlg;
+ if (iChosenProposal_I.iAttrList->iAuthMethod==DSS_SIG)
+ iChosenProposal_I.iAttrList->iHashAlg = HASH_SHA1;
+
+ TBuf8<ISAKMP_HASH_SIZE> hash;
+ //Verify the peer signature
+ if (iRole==RESPONDER)
+ {
+ ComputeHash1L(hash); //Computes the value of iHASH_I the signature checking
+ //Nothing else to compute.
+ }
+ else //Initiator
+ {
+ ComputeHashrL(hash); //Computes the value of CRACK digest for signature checking
+ }
+
+ ret = VerifySignatureL(iPeerX509Cert, (TUint8 *)hash.Ptr(), hash.Length(), aSigPayload->SigData(),aSigPayload->GetDataLength());
+
+ //restores the value of the Hash alg.
+ iChosenProposal_I.iAttrList->iHashAlg = tmp;
+
+ if (!ret)
+ {
+ DEBUG_LOG(_L("INVALID_SIGNATURE 2"));
+ SetErrorStatus(KKmdIkePeerAuthFailed);
+ SendNotifyL(INVALID_SIGNATURE);
+ return EFalse;
+ }
+
+ DEBUG_LOG(_L("Peer Signature is OK"));
+ return ETrue;
+}
+
+
+TBool CIkev1Negotiation::ProcessHashL(const THashISAKMP *aHashPayload)
+{
+ TBool Status = EFalse;
+ if (aHashPayload)
+ {
+ //Compute peer's hash
+ TBuf8<ISAKMP_HASH_SIZE> hash;
+ if ( (iStage == 6) || ((iStage == 2) && (iExchange == ISAKMP_EXCHANGE_AGGR)))
+ ComputeHashrL(hash);
+ else ComputeHash1L(hash);
+ Status = (Mem::Compare((TUint8 *)hash.Ptr(), hash.Length(), aHashPayload->Data(), aHashPayload->DataLen()) == 0 );
+ if ( !Status )
+ {
+ DEBUG_LOG(_L("INVALID_HASH_INFORMATION"));
+ SendNotifyL(INVALID_HASH_INFORMATION);
+ }
+ }
+
+ return Status;
+}
+
+
+TBool CIkev1Negotiation::ProcessHash2L(const ThdrISAKMP &aHdr, const THashISAKMP *aHashPayload, TUint aPadding)
+{
+ TBool Status = EFalse;
+ if ( aHashPayload )
+ {
+ TUint8* hashMsg = (TUint8*)aHashPayload->Next();
+ TInt hashMsgLen = aHdr.GetLength() - sizeof(aHdr) - aHashPayload->GetLength() - aPadding;
+ Status = VerifyHash2L(aHashPayload, hashMsg, hashMsgLen);
+ if (!Status)
+ {
+ DEBUG_LOG(_L("INVALID_HASH_INFORMATION"));
+ SendNotifyL(INVALID_HASH_INFORMATION);
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("PAYLOAD_MALFORMED"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ }
+
+ return Status;
+}
+
+
+//Check a notification Payload inserted in a normal exchange (MAIN , AGGR, QUICK)
+TBool CIkev1Negotiation::ProcessNotificationL(const TNotificationISAKMP *aNotifPayload)
+{
+ if (!aNotifPayload)
+ return ETrue; //optional so noting happens
+
+ if (!CheckDOI(aNotifPayload->GetDOI()))
+ {
+ DEBUG_LOG(_L("Bad DOI in the NOT payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(DOI_NOT_SUPPORTED); //send the informational exchange
+ return EFalse;
+ }
+
+ switch(aNotifPayload->GetMsgType())
+ {
+ case DOI_RESPONDER_LIFETIME:
+ return ProcessResponderLifetimeL(aNotifPayload);
+ case DOI_REPLAY_STATUS:
+ return ProcessReplayStatus(aNotifPayload);
+ case DOI_INITIAL_CONTACT:
+ return ProcessInitialContactL(aNotifPayload);
+ default:
+ DEBUG_LOG(_L("INVALID MESSAGE TYPE in NOT payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+}
+
+
+//Processes a RESPONDER-LIFETIME NOT payload
+TBool CIkev1Negotiation::ProcessResponderLifetimeL(const TNotificationISAKMP *aNotifPayload)
+{
+ TBuf8<2 * ISAKMP_COOKIE_SIZE> spi, own_neg_spi;
+ DEBUG_LOG(_L("Processing RESPONDER-LIFETIME"));
+
+
+ if (!((iPhase == PHASE_II) && (iStage == 2)))
+ {
+ if ( iPhase == PHASE_I ) {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME payload in phase 1, ignored !!"));
+ return ETrue;
+ }
+ else {
+ DEBUG_LOG(_L("Unexpected RESPONDER-LIFETIME payload (Bad stage)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PAYLOAD_TYPE);
+ return EFalse;
+ }
+ }
+
+ TUint8 protocol = aNotifPayload->GetProtocol();
+ if ((protocol != PROTO_IPSEC_AH) && (protocol != PROTO_IPSEC_ESP) &&
+ (protocol != PROTO_ISAKMP) && (protocol != 0))
+ {
+ DEBUG_LOG(_L("Bad protocol in the RESPONDER-LIFETIME payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PROTOCOL_ID);
+ return EFalse;
+ }
+
+ TUint8 spi_size = aNotifPayload->GetSPISize();
+ CProposal_II *prop;
+ TInt i;
+ //If SPI sent
+ switch (spi_size)
+ {
+ case 2 * ISAKMP_COOKIE_SIZE: //ISAKMP spi
+ spi.Copy(aNotifPayload->GetSPI(), aNotifPayload->GetSPISize());
+ own_neg_spi.Copy(iCookie_I);
+ own_neg_spi.Append(iCookie_R);
+
+ if (spi.Compare(own_neg_spi) != 0)
+ {
+ DEBUG_LOG(_L("Invalid SPI size in the RESPONDER-LIFETIME payload. Payload ignored"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+ if (iChosenProp_IIList->Count() > 1)
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME ignored. More than one SA (need a IPsec SPI to know which one to use) "));
+ return EFalse;
+ }
+ prop = iChosenProp_IIList->At(0); //Only one proposal
+ break;
+ case 0: //Compatibility with Alchemy cc500
+ if (iChosenProp_IIList->Count() > 1)
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME ignored. More than one SA (need a IPsec SPI to know which one to use) "));
+ return EFalse;
+ }
+
+ prop = iChosenProp_IIList->At(0); //Only one proposal
+ break;
+ case sizeof(TUint32): //IPSEC SPI
+ spi.Copy(aNotifPayload->GetSPI(), aNotifPayload->GetSPISize());
+ prop = NULL; //Only for the debugger, the loop will have at least one proposal
+ for (i = 0; i < iChosenProp_IIList->Count(); i++)
+ {
+ prop = iChosenProp_IIList->At(i); //Only one proposal
+ if (((prop->iSPI.Compare(spi) == 0) && prop->iProtocol == protocol)) //right prop
+ break;
+ }
+
+ if (i == iChosenProp_IIList->Count()) //No prop matches
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME ignored. IPsec SPI doesn't match any chosen proposal"));
+ return EFalse;
+ }
+ break;
+ default:
+ DEBUG_LOG(_L("Bad SPI size in the RESPONDER-LIFETIME payload"));
+ return EFalse;
+ }
+ TAttrib_II *transform = prop->iAttrList->At(0); //Only one transform
+ TInt data_len = aNotifPayload->GetNotifDataSize();
+ TUint8 *data_ptr = aNotifPayload->GetNotifData();
+ TUint16 lifeType = 0; //No type assigned yet
+ TInt64 lifeValue = 0; //No type assigned yet
+ TInt64 lifeValue32;
+ TInt64 curr_lifeValue = 0;
+ TInt32 duration;
+
+ TDataISAKMP *attr = (TDataISAKMP*)data_ptr;
+ while (data_len > 0)
+ {
+ data_len = data_len - attr->Size();
+ if (data_len < 0) //Mismatch between lengths!!!
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME (Length mismatch in the attibutes)"));
+ return EFalse;
+ }
+ switch (attr->Type())
+ {
+ case DOI_ATTR_TYPE_LIFE_TYPE:
+ case OAKLEY_ATTR_TYPE_LIFE_TYPE:
+ lifeType = attr->Value();
+ if (!CheckLifeType(lifeType))
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME (Invalid lifetime type)"));
+ return EFalse;
+ }
+ break;
+ case DOI_ATTR_TYPE_LIFE_DUR:
+ case OAKLEY_ATTR_TYPE_LIFE_DUR:
+ if (attr->IsBasic())
+ {
+ duration = ByteOrder::Swap32(attr->Value());
+ lifeValue = MAKE_TINT64(0, duration);
+ lifeValue32 = I64LOW(lifeValue);
+ if (lifeType == SECONDS)
+ {
+ Desc8ToTInt64(transform->iLifeDurationSecs, curr_lifeValue); //can't fail
+ if (lifeValue < curr_lifeValue)
+ transform->iLifeDurationSecs.Copy((TUint8 *)&lifeValue32, sizeof(lifeValue32));
+ }
+ else if (lifeType == KBYTES)
+ {
+ Desc8ToTInt64(transform->iLifeDurationKBytes, curr_lifeValue); //can't fail
+ if (lifeValue < curr_lifeValue)
+ transform->iLifeDurationKBytes.Copy((TUint8 *)&lifeValue32, sizeof(lifeValue32));
+ }
+ else
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME (Invalid lifetime type)"));
+ return EFalse;
+ }
+ }
+ else //Not basic
+ {
+ TPtrC8 ptr(attr->VarValue(),attr->Length());
+
+ if (lifeType == SECONDS)
+ {
+ if (Desc8ToTInt64(ptr, lifeValue) != KErrNone)
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME Lifetime(Sec) Overflowed Setting to maximum value"));
+ }
+ Desc8ToTInt64(transform->iLifeDurationSecs, curr_lifeValue); //can't fail
+ if (lifeValue < curr_lifeValue)
+ transform->iLifeDurationSecs.Copy(attr->VarValue(),attr->Length());
+ }
+ else if (lifeType == KBYTES)
+ {
+ if (Desc8ToTInt64(ptr, lifeValue) != KErrNone)
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME Lifetime(KBytes) Overflowed Setting to maximum value"));
+ }
+ Desc8ToTInt64(transform->iLifeDurationKBytes, curr_lifeValue); //can't fail
+ if (lifeValue < curr_lifeValue)
+ transform->iLifeDurationKBytes.Copy(attr->VarValue(),attr->Length());
+ }
+ else
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME (Invalid lifetime type)"));
+ return EFalse;
+ }
+ }
+ break;
+ default:
+ DEBUG_LOG1(_L("RESPONDER-LIFETIME (Invalid attribute (%d) received)"), attr->Type());
+ return EFalse;
+ }//switch
+ attr = attr->Next();
+ }//while
+
+ return ETrue;
+}
+
+//Processes a REPLAY-STATUS NOT payload
+TBool CIkev1Negotiation::ProcessReplayStatus(const TNotificationISAKMP *aNotifPayload)
+{
+ TBuf8<2 * ISAKMP_COOKIE_SIZE> spi, own_neg_spi;
+
+ DEBUG_LOG(_L("Processing REPLAY-STATUS"));
+
+ if (!((iPhase == PHASE_II) && ((iStage == 1) || (iStage == 2))))
+ {
+ DEBUG_LOG(_L("Unexpected REPLAY-STATUS payload (Bad stage)"));
+ return EFalse;
+ }
+
+ TUint8 protocol = aNotifPayload->GetProtocol();
+ if ((protocol != PROTO_IPSEC_AH) && (protocol != PROTO_IPSEC_ESP) &&
+ (protocol != PROTO_ISAKMP) && (protocol != 0))
+ {
+ DEBUG_LOG(_L("Bad protocol in the REPLAY-STATUS payload"));
+ return EFalse;
+ }
+
+ TInt i;
+ TUint8 spi_size = aNotifPayload->GetSPISize();
+ CProposal_II *prop;
+ //If SPI sent
+ switch (spi_size)
+ {
+ case 2 * ISAKMP_COOKIE_SIZE: //ISAKMP spi
+ spi.Copy(aNotifPayload->GetSPI(), aNotifPayload->GetSPISize());
+ own_neg_spi.Copy(iCookie_I);
+ own_neg_spi.Append(iCookie_R);
+ if (spi.Compare(own_neg_spi) != 0)
+ {
+ DEBUG_LOG(_L("Invalid SPI size in the REPLAY-STATUS payload. Payload ignored"));
+ return EFalse;
+ }
+ if (iChosenProp_IIList->Count() > 1)
+ {
+ DEBUG_LOG(_L("REPLAY-STATUS ignored. More than one IPsec SA (need an IPsec SPI to know which one to use) "));
+ return EFalse;
+ }
+ break;
+ case 0: //Compatibility with Alchemy cc500
+ if (iChosenProp_IIList->Count() > 1)
+ {
+ DEBUG_LOG(_L("RESPONDER-LIFETIME ignored. More than one SA (need a IPsec SPI to know which one to use) "));
+ return EFalse;
+ }
+ prop = iChosenProp_IIList->At(0); //Only one proposal
+ break;
+ case sizeof(TUint32): //IPSEC SPI
+ spi.Copy(aNotifPayload->GetSPI(), aNotifPayload->GetSPISize());
+ for (i = 0; i < iChosenProp_IIList->Count(); i++)
+ {
+ prop = iChosenProp_IIList->At(i); //Only one proposal
+ if (((prop->iSPI.Compare(spi) == 0) && prop->iProtocol == protocol)) //right prop
+ break;
+ }
+ if (i == iChosenProp_IIList->Count()) //No prop matches
+ {
+ DEBUG_LOG(_L("REPLAY-STATUS ignored. IPsec SPI doesn't match any chosen proposal"));
+ return EFalse;
+ }
+ break;
+ default:
+ DEBUG_LOG(_L("Bad SPI size in the REPLAY-STATUS payload"));
+ return EFalse;
+ }
+
+ TInt data_len = aNotifPayload->GetNotifDataSize();
+ TUint32 *data = (TUint32 *)aNotifPayload->GetNotifData();
+ if (STATIC_CAST(TUint, data_len) < sizeof(*data))
+ {
+ DEBUG_LOG(_L("REPLAY-STATUS (Length mismatch in the attibutes)"));
+ return EFalse;
+ }
+
+#ifdef _DEBUG
+ if (ByteOrder::Swap32(*data) == 0)
+ DEBUG_LOG(_L("Anti-Replay Disabled on Peer Host"));
+ else
+ DEBUG_LOG(_L("Anti-Replay Enabled on Peer Host"));
+#endif
+ return ETrue;
+}
+
+
+TBool CIkev1Negotiation::ProcessInitialContactL(const TNotificationISAKMP *aNotifPayload)
+{
+ TBuf8<2 * ISAKMP_COOKIE_SIZE> spi, neg_spi;
+
+ DEBUG_LOG(_L("Processing INITIAL-CONTACT"));
+ // 7 = CRACK
+ if (!(iPhase == PHASE_I && (iStage == 5 || iStage == 6 || iStage == 7)))
+ {
+ DEBUG_LOG(_L("Unexpected INITIAL-CONTACT payload (Bad stage)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PAYLOAD_TYPE);
+ return EFalse;
+ }
+
+ if (aNotifPayload->GetProtocol() != PROTO_ISAKMP &&
+ aNotifPayload->GetProtocol() != 0 )
+
+ {
+ DEBUG_LOG(_L("Bad protocol in the INITIAL_CONTACT payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_PROTOCOL_ID);
+ return EFalse;
+ }
+
+ if (aNotifPayload->GetSPISize() != 2 * ISAKMP_COOKIE_SIZE)
+ {
+ DEBUG_LOG(_L("Bad SPI size in the INITIAL_CONTACT payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+ spi.Copy(aNotifPayload->GetSPI(), aNotifPayload->GetSPISize());
+ neg_spi.Copy(iCookie_I);
+ neg_spi.Append(iCookie_R);
+
+ if (spi.Compare(neg_spi) != 0)
+ {
+ DEBUG_LOG(_L("Invalid SPI size in the INITIAL_CONTACT payload"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+
+ if ( iRole == RESPONDER )
+ {
+ // Expired SAs are not returned.
+ TIkev1SAData* sa = iPluginSession->FindIkev1SADataWithAddr( iRemoteAddr );
+ while ( sa != NULL )
+ {
+ iPluginSession->UpdateIkev1SAL( sa->iSAId, ETrue );
+ sa = iPluginSession->FindIkev1SADataWithAddr( iRemoteAddr );
+ }
+
+ // Delete other ongoing negotiations.
+ CIkev1Negotiation* next = iPluginSession->FirstNegotiation();
+ while ( next != NULL )
+ {
+ CIkev1Negotiation* current = next;
+ next = current->iNext;
+ if ( current != this )
+ {
+ delete current;
+ }
+ }
+ }
+
+ return ETrue;
+}
+
+
+
+void CIkev1Negotiation::ProcessVendorL(CArrayFixFlat<const TVendorISAKMP*>* aVids)
+{
+ TBool result;
+ TInt i = 0;
+
+ while ( i < aVids->Count() )
+ {
+ TVendorISAKMP* VendorPayload = (TVendorISAKMP*)aVids->At(i);
+ DEBUG_LOG(_L("Vendor ID received!\nHex: "));
+ DEBUG_LOG_ARRAY(VendorPayload->VIDData(), VendorPayload->GetLength() - sizeof(*VendorPayload));
+
+ if ( iLocalAddr.Family() == KAFUnspec )
+ User::LeaveIfError( iPluginSession->GetLocalAddress( iLocalAddr ) ); // No local address info, get it !
+
+ result = EFalse;
+ iNAT_T_Required = ProcessVendorId(&result,
+ (TUint8*)iCookie_I.Ptr(),
+ (TUint8*)iCookie_R.Ptr(),
+ iLocalAddr,
+ VendorPayload);
+ if ( result )
+ {
+ iFamiliarPeer = result;
+#ifdef _DEBUG
+ DEBUG_LOG(_L("Nokia VPN gateway in peer!"));
+ if ( iNAT_T_Required ) {
+ DEBUG_LOG(_L("NAT Traversal needed!"));
+ if ( !iHostData->iUseNatProbing )
+ DEBUG_LOG(_L(" NAT probe not requested! NAT-T not used!"));
+ }
+#endif // _DEBUG
+ iNAT_T_Required = iNAT_T_Required & iHostData->iUseNatProbing;
+ }
+ else
+ {
+ if ( CheckDPDVendorId(VendorPayload) )
+ {
+ DEBUG_LOG(_L("Peer supports IETF Dead Peer Detection!"));
+ iDPDSupported = ETrue;
+ }
+ else if ( iNatDiscovery )
+ {
+ result = iNatDiscovery->CheckNatVendorId(VendorPayload);
+ if ( result )
+ {
+ DEBUG_LOG(_L("Peer supports IETF (draft-03) NAT Traversal!"));
+ }
+ else
+ {
+ result = iNatDiscovery->CheckRfcNatVendorId(VendorPayload);
+ if ( result )
+ {
+ iVendorIDRfc=ETrue;
+ DEBUG_LOG(_L("Peer supports IETF NAT Traversal!"));
+ }
+ }
+ }
+ }
+
+ i ++;
+ }
+
+}
+
+//
+//Process Internal address payload received
+//
+void CIkev1Negotiation::ProcessIntAddrL(const TINTNETISAKMP *aIntnetPayload)
+{
+ if ( aIntnetPayload && iFamiliarPeer && iHostData->iUseInternalAddr ) {
+ delete iInternalAddr; //delete if already exists (old)
+ iInternalAddr = NULL;
+ iInternalAddr = ProcessIntNetL((TINTNETISAKMP*) aIntnetPayload);
+#ifdef _DEBUG
+ if ( iInternalAddr) {
+ TBuf<80> buf;
+ TBuf<40> txt_addr;
+ iInternalAddr->iClientIntAddr.OutputWithScope(txt_addr);
+ DEBUG_LOG1(_L("Internal address received: %S"),&txt_addr);
+ }
+#endif
+ }
+}
+
+//Computes the hash for phase II
+void CIkev1Negotiation::ComputeHash2L(TDes8& aHash, TInt aStage, const TUint8 *aHashMsg, TInt aHashMsgLen)
+{
+
+ HBufC8* prf_data =
+ HBufC8::NewLC(((aHashMsgLen + iNONCE_I.Length() + iNONCE_R.Length() + (2*sizeof(TUint32))) | 0x3) + 1);
+
+ if (aStage == 3)
+ prf_data->Des().Append(0);
+
+ TUint32 id = ByteOrder::Swap32(iMessageId);
+ prf_data->Des().Append((TUint8*)&id,sizeof(iMessageId));
+ DEBUG_LOG(_L("ID"));
+ switch (aStage)
+ {
+ case 2:
+ prf_data->Des().Append(iNONCE_I);
+ //No break is intended
+ case 1:
+ prf_data->Des().Append(aHashMsg,aHashMsgLen);
+ break;
+ case 3:
+
+ prf_data->Des().Append(iNONCE_I);
+ DEBUG_LOG(_L("iNONCE_I"));
+ prf_data->Des().Append(iNONCE_R);
+ DEBUG_LOG(_L("iNONCE_R"));
+ break;
+ default:
+ CleanupStack::PopAndDestroy(); //prf_data
+ return;
+ }
+
+ DEBUG_LOG1(_L("Hash_II(%d) prf"),aStage);
+
+ ComputePRFL(aHash, iSKEYID_a, prf_data->Des());
+
+ DEBUG_LOG(_L("HASH"));
+
+ CleanupStack::PopAndDestroy(); //prf_data
+
+}
+
+//Computes the hash for a protected informational exchange
+void CIkev1Negotiation::ComputeHashInfL(TDes8& aHash, const TUint8 *aHashMsg, TInt aHashMsgLen)
+{
+
+ HBufC8* prf_data =
+ HBufC8::NewLC(((aHashMsgLen + sizeof(iMessageId)) | 0x3) + 1);
+
+ //prf(SKEYID_a, M_ID | N/D)
+ TUint32 id = ByteOrder::Swap32(iMessageId);
+ prf_data->Des().Append((TUint8*)&id, sizeof(iMessageId));
+
+ prf_data->Des().Append(aHashMsg, aHashMsgLen);
+
+ DEBUG_LOG(_L("Hash_NOT prf"));
+
+ ComputePRFL(aHash, iSKEYID_a, prf_data->Des());
+
+ DEBUG_LOG(_L("HASH"));
+
+ CleanupStack::PopAndDestroy(); //prf_data
+
+}
+
+//Verifies that aHash is correct
+TBool CIkev1Negotiation::VerifyHash2L(const THashISAKMP *aHash,const TUint8 *aHashMsg, TInt aHashMsgLen)
+{
+ TBuf8<ISAKMP_HASH_SIZE> tmp_hash;
+
+ ComputeHash2L(tmp_hash, iStage, aHashMsg, aHashMsgLen); //Computes the specified phase II hash
+
+ TBool Status = (Mem::Compare((TUint8*)tmp_hash.Ptr(), tmp_hash.Length(), aHash->Data(), aHash->DataLen()) == 0);
+
+ return Status;
+}
+
+//Verifies the hash of a Notification or Delete payload
+// Used also to verify the hash of Transaction exchange (Attribute payload)
+TBool CIkev1Negotiation::VerifyInformationalHashL(const THashISAKMP *aHash,const TPayloadISAKMP *aPayload, TUint32 aMessageId)
+{
+ TBuf8<MAX_PRF_LENGTH> tmp_hash;
+
+ TUint32 tmp_id = ByteOrder::Swap32(aMessageId);
+ HBufC8 *prf_buf = HBufC8::NewLC(sizeof(tmp_id) + aPayload->GetLength());
+ prf_buf->Des().Copy((TUint8 *)&tmp_id , sizeof(tmp_id));
+ prf_buf->Des().Append((TUint8 *)aPayload, aPayload->GetLength());
+
+ ComputePRFL(tmp_hash, iSKEYID_a, prf_buf->Des());
+ TPtrC8 hash_ptr(aHash->Data(),aHash->DataLen());
+ TBool b = (tmp_hash.Compare(hash_ptr)==0);
+ CleanupStack::PopAndDestroy(); //prf_buf
+ return (b);
+}
+
+
+//Computes Own Nonce using current time a seed
+void CIkev1Negotiation::ComputeNonceL()
+{
+ DEBUG_LOG(_L("Computed NONCE."));
+ if (iRole==INITIATOR)
+ {
+ iNONCE_I.SetLength(OAKLEY_DEFAULT_NONCE_SIZE);
+ TRandom::RandomL(iNONCE_I);
+ }
+ else
+ {
+ iNONCE_R.SetLength(OAKLEY_DEFAULT_NONCE_SIZE);
+ TRandom::RandomL(iNONCE_R);
+ }
+}
+
+//Computes HASH_R value
+void CIkev1Negotiation::ComputeHashrL(TDes8 &aHash)
+{
+ TInt id_size = 0;
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ DEBUG_LOG(_L("Computing HASH_R"));
+
+ if ( auth_method != IKE_A_CRACK ) {
+ if (iRole==INITIATOR)
+ { //peer id. payload
+ id_size = iPeerIdentPayloadSize;
+ DEBUG_LOG(_L("PeerID"));
+ }
+ else
+ { //Own identification payload
+ id_size = iOwnIdentPayloadSize;
+ DEBUG_LOG(_L("OwnID"));
+ }
+ }
+
+ DEBUG_LOG(_L("SKEYID"));
+
+ HBufC8 *prf_data;
+ if (iRole==INITIATOR) //peer id. payload
+ {
+ prf_data = HBufC8::NewLC(iPeerPublicKey.Length() + iOwnPublicKey_ptr.Length() + iCookie_R.Length()
+ + iCookie_I.Length() + iSAPayloadSize + id_size);
+ prf_data->Des().Copy(iPeerPublicKey);
+ prf_data->Des().Append(iOwnPublicKey_ptr);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iSAPayload,iSAPayloadSize); //stored at the begining
+ if ( auth_method != IKE_A_CRACK )
+ prf_data->Des().Append(iPeerIdentPayload, iPeerIdentPayloadSize);
+ }
+ else //RESPONDER
+ {
+ prf_data = HBufC8::NewLC(iOwnPublicKey_ptr.Length() + iPeerPublicKey.Length() + iCookie_R.Length()
+ + iCookie_I.Length() + iSAPayloadSize + id_size);
+ prf_data->Des().Copy(iOwnPublicKey_ptr);
+ prf_data->Des().Append(iPeerPublicKey);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iSAPayload,iSAPayloadSize); //stored at the begining
+ if ( auth_method != IKE_A_CRACK )
+ prf_data->Des().Append(iOwnIdentPayload, iOwnIdentPayloadSize);
+ }
+
+ DEBUG_LOG(_L("PRF"));
+
+ ComputePRFL(aHash, iSKEYID, prf_data->Des());
+
+ CleanupStack::PopAndDestroy(); //prf_data
+
+ DEBUG_LOG(_L("HASH_R"));
+
+}
+
+
+//Computes the value of iHASH_I
+void CIkev1Negotiation::ComputeHash1L(TDes8 &aHash)
+{
+ TInt id_size = 0;
+ TUint16 auth_method = iChosenProposal_I.iAttrList->iAuthMethod;
+
+ DEBUG_LOG(_L("Computing HASH_I"));
+
+ if ( auth_method != IKE_A_CRACK ) {
+ if (iRole==INITIATOR) //Own identification payload
+ {
+ id_size = iOwnIdentPayloadSize;
+ DEBUG_LOG(_L("OwnID"));
+ }
+ else //peer id. payload
+ {
+ id_size = iPeerIdentPayloadSize;
+ DEBUG_LOG(_L("PeerID"));
+ }
+ }
+
+
+ DEBUG_LOG(_L("SKEYID"));
+
+ HBufC8 *prf_data;
+ if (iRole==INITIATOR)
+ {
+ prf_data = HBufC8::NewLC(iOwnPublicKey_ptr.Length() + iPeerPublicKey.Length() + iCookie_I.Length()
+ + iCookie_R.Length() + iSAPayloadSize + id_size);
+ prf_data->Des().Copy(iOwnPublicKey_ptr);
+ prf_data->Des().Append(iPeerPublicKey);
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(iSAPayload,iSAPayloadSize); //stored at the begining
+ if ( auth_method != IKE_A_CRACK )
+ prf_data->Des().Append(iOwnIdentPayload,iOwnIdentPayloadSize);
+ }
+ else //RESPONDER
+ {
+ prf_data = HBufC8::NewLC(iPeerPublicKey.Length() + iOwnPublicKey_ptr.Length() + iCookie_I.Length()
+ + iCookie_R.Length() + iSAPayloadSize + id_size);
+ prf_data->Des().Copy(iPeerPublicKey);
+ prf_data->Des().Append(iOwnPublicKey_ptr);
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(iSAPayload,iSAPayloadSize); //stored at the begining
+
+ if ( auth_method != IKE_A_CRACK )
+ prf_data->Des().Append(iPeerIdentPayload, iPeerIdentPayloadSize);
+ }
+
+ DEBUG_LOG(_L("PRF"));
+
+ ComputePRFL(aHash, iSKEYID, prf_data->Des());
+ CleanupStack::PopAndDestroy(); //prf_buf
+ DEBUG_LOG(_L("HASH_I"));
+}
+
+
+//Checks the encryption alg is valid
+TBool CIkev1Negotiation::CheckEncrAlg(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case DES_CBC:
+ case DES3_CBC:
+ case AES_CBC:
+ return ETrue;
+ case IDEA_CBC:
+ case BLOWFISH_CBC:
+ case RC5_R16_B64_CBC:
+ case CAST_CBC:
+ DEBUG_LOG(_L("Not implemented Encr algorithm"));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+ }
+ DEBUG_LOG(_L("Bad Encr algorithm"));
+
+ return ETrue; // Unknown attribute value NOT a fatal error !
+}
+
+
+
+TBool CIkev1Negotiation::CheckHashAlg(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case HASH_MD5:
+ case HASH_SHA1:
+ return ETrue;
+ case HASH_TIGER:
+ DEBUG_LOG(_L("Not implemented Hash algorithm"));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+ }
+ DEBUG_LOG(_L("Bad Hash algorithm"));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+
+}
+
+
+TBool CIkev1Negotiation::CheckAuthMethod(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case PRE_SHARED:
+ if (iHostData->iPresharedKey.iKey.Length()==0) //No preshared key defined
+ {
+ DEBUG_LOG(_L("Authentication method error (No Preshared key available"));
+ return EFalse;
+ }
+ return ETrue;
+ case RSA_SIG:
+ case DSS_SIG:
+ case IKE_A_CRACK:
+ return ETrue;
+ }
+ DEBUG_LOG(_L("Bad Authentication method"));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+
+}
+
+TBool CIkev1Negotiation::CheckGroupDesc(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case MODP_768:
+ case MODP_1024:
+ case MODP_1536:
+ case MODP_2048:
+ return ETrue;
+ case EC2N_155:
+ case EC2N_185:
+ break;
+ }
+
+ return ETrue; // Unknown attribute value NOT a fatal error !
+}
+
+
+TBool CIkev1Negotiation::CheckGroupType(TUint16 aValue)
+{
+ switch(aValue)
+ {
+ case MODP:
+ return ETrue;
+ case ECP:
+ case EC2N:
+ break;
+ }
+
+ return ETrue; // Unknown attribute value NOT a fatal error !
+
+}
+
+TBool CIkev1Negotiation::CheckGroupPrime(const TUint8* /* aValue */, TUint16 /* length */)
+{
+ return ETrue;
+}
+
+TBool CIkev1Negotiation::CheckGroupGen(const TUint8* /* aValue */, TUint16 /* length */)
+{
+ return ETrue;
+}
+
+TBool CIkev1Negotiation::CheckGroupCurve(const TUint8* /* aValue */, TUint16 /* length */)
+{
+ return ETrue;
+}
+
+//Used for Phase I and II
+TBool CIkev1Negotiation::CheckLifeType(TUint16 aValue)
+{
+ switch(aValue)
+ {
+ case SECONDS:
+ case KBYTES:
+ return ETrue;
+ }
+ return EFalse;
+}
+
+TBool CIkev1Negotiation::CheckLifeDuration(const TUint8* /* aValue */, TUint16 /* length */)
+{
+ return ETrue;
+}
+
+TBool CIkev1Negotiation::CheckPRF(TUint16 aValue)
+{
+ if (aValue!=OAKLEY_PRF_3DES_CBC_MAC)
+ {
+ DEBUG_LOG(_L("Bad PRF"));
+ return EFalse;
+ }
+ return ETrue;
+}
+
+TBool CIkev1Negotiation::CheckKeyLength(TUint16 /*aValue*/,TUint8 aID,TUint8 aProtocol)
+{
+ TBool Status = ETrue;
+ switch (aProtocol)
+ {
+ case PROTO_ISAKMP:
+ if ( aID != AES_CBC )
+ {
+ Status = EFalse; //all other supported algs have fixed size
+ DEBUG_LOG(_L("Key length specified with fixed ISAKMP encryption algorithm"));
+ }
+ break;
+ case PROTO_IPSEC_AH:
+ Status = EFalse; //Supported algorithms have fixed key length
+ DEBUG_LOG(_L("Key length specified with fixed AH integrity algorithm"));
+ break;
+ case PROTO_IPSEC_ESP:
+ if ( aID != ESP_AES_CBC )
+ {
+ Status = EFalse;
+ DEBUG_LOG(_L("Key length specified with fixed ESP encryption algorithm"));
+ }
+ break;
+ default: //Unsupported SA type
+ Status = EFalse; //Supported algorithms have fixed key length
+ break;
+ }
+
+ return Status;
+}
+
+TBool CIkev1Negotiation::CheckFieldSize(TUint16 /* aValue */)
+{
+ DEBUG_LOG(_L("Field size not supported"));
+ return EFalse;
+}
+
+TBool CIkev1Negotiation::CheckGroupOrder(const TUint8* /* aValue */, TUint16 /* length */)
+{
+ DEBUG_LOG(_L("Group Order not supported "));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+}
+
+//Encapsulation mode
+TBool CIkev1Negotiation::CheckEncMode(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case DOI_TUNNEL:
+ case DOI_TRANSPORT:
+ return ETrue;
+ case UDP_ENC_TUNNEL:
+ case UDP_RFC_ENC_TUNNEL:
+// case UDP_ENC_TRANSPORT:
+ if ( iNAT_D_Flags )
+ return ETrue;
+ break;
+ }
+
+ DEBUG_LOG(_L("Bad Encapsulation mode"));
+ return EFalse;
+
+}
+
+//defined authentication algorithm types. Other are invalid.
+TBool CIkev1Negotiation::CheckAuthAlg(TUint16 aValue)
+{
+ switch (aValue)
+ {
+ case DOI_HMAC_MD5:
+ case DOI_HMAC_SHA:
+ return ETrue;
+ case DOI_DES_MAC:
+ case DOI_KPDK:
+ DEBUG_LOG(_L("Unimplemented Auhentication Algorithm"));
+ }
+ DEBUG_LOG(_L("Bad Auhentication Algorithm"));
+ return ETrue; // Unknown attribute value NOT a fatal error !
+}
+
+//By now only X509_CERT_SIG. Tristate error codes:
+//KErrNone -> accepted
+//KErrNotSupported ignored but no error Notification.
+//KErrGeneral: NOT accepted
+TInt CIkev1Negotiation::CheckEncodingL(TUint8 aEncoding)
+{
+ switch (aEncoding)
+ {
+ case X509_CERT_SIG://X.509 Certificate - Signature
+ break;
+ case CRL://Certificate Revocation List (CRL)
+ DEBUG_LOG(_L("WARNING: CRL ignored because not supported"));
+ return KErrNotSupported; //No notification, just ignored!
+ case PKCS://PKCS #7 wrapped X.509 certificate
+ case PGP://PGP Certificate
+ case DNS ://DNS Signed Key
+ case X509_CERT_KE://X.509 Certificate - Key Exchange
+ case KERBEROS://Kerberos Tokens
+ case ARL://Authority Revocation List (ARL)
+ case SPKI://SPKI Certificate
+ case X509_CERT_ATTR://X.509 Certificate - Attribute
+ DEBUG_LOG(_L("CERT_TYPE_UNSUPPORTED (not supported CERT type)"));
+ SendNotifyL(CERT_TYPE_UNSUPPORTED);
+ return KErrNotSupported; // No notification, just ignored!
+
+ default://Invalid encoding type
+ DEBUG_LOG(_L("INVALID_CERT_ENCODING (not existent CERT type)"));
+ SendNotifyL(INVALID_CERT_ENCODING);
+ return KErrNotSupported; // No notification, just ignored!
+
+ }
+
+ return KErrNone;
+}
+
+
+//Provisional (Uses as a seed time, Address and port)
+TCookie CIkev1Negotiation::CreateCookieL() const
+{
+ TCookie c;
+ //Cookie generation is Random no longer uses known data like addr
+ //or port (wrong?)
+ c.SetLength(ISAKMP_COOKIE_SIZE);
+ TRandom::RandomL(c);
+ return c;
+}
+
+TInt32 CIkev1Negotiation::RandomMessageId()
+{
+ TTime tmp_time;
+ tmp_time.UniversalTime();
+ TInt64 seed = tmp_time.Int64();
+ TInt32 rand = Math::Rand(seed);
+ return rand;
+}
+
+TBool CIkev1Negotiation::CheckCookies(const TCookie& aInit, const TCookie& aResp)
+ {
+ TCookie NULL_COOKIE;
+ NULL_COOKIE.FillZ(ISAKMP_COOKIE_SIZE);
+
+ if ( iCookie_I.Compare(NULL_COOKIE) != 0 &&
+ iCookie_I.Compare(aInit) != 0 )
+ {
+ DEBUG_LOG(_L("Initiator COOKIE incorrect"));
+ return EFalse;
+ }
+ if ( iCookie_R.Compare(NULL_COOKIE) != 0 &&
+ iCookie_R.Compare(aResp) != 0 )
+ {
+ DEBUG_LOG(_L("Responder COOKIE incorrect"));
+ return EFalse;
+ }
+
+ return ETrue;
+ }
+
+//Checks if the payload value is correct
+TBool CIkev1Negotiation::CheckPayloadCode(TUint8 aPayload)
+{
+ switch (aPayload)
+ {
+ case ISAKMP_PAYLOAD_NONE:
+ case ISAKMP_PAYLOAD_SA:
+ case ISAKMP_PAYLOAD_P:
+ case ISAKMP_PAYLOAD_T:
+ case ISAKMP_PAYLOAD_KE:
+ case ISAKMP_PAYLOAD_ID:
+ case ISAKMP_PAYLOAD_CERT:
+ case ISAKMP_PAYLOAD_CR:
+ case ISAKMP_PAYLOAD_HASH:
+ case ISAKMP_PAYLOAD_SIG:
+ case ISAKMP_PAYLOAD_NONCE:
+ case ISAKMP_PAYLOAD_NOTIF:
+ case ISAKMP_PAYLOAD_D:
+ case ISAKMP_PAYLOAD_VID:
+ case ISAKMP_PAYLOAD_ATTRIBUTES:
+ case ISAKMP_PAYLOAD_CHRE:
+ case ISAKMP_INT_NETWORK:
+ case IETF_NAT_DISCOVERY:
+ case IETF_RFC_NAT_DISCOVERY:
+ case IETF_NAT_ORIG_ADDR:
+ case IETF_RFC_NAT_ORIG_ADDR:
+ return ETrue; //supported payload type
+ }
+ DEBUG_LOG1(_L("INVALID_PAYLOAD_TYPE (%x)"),aPayload);
+ return EFalse;
+
+}
+
+
+//Checks if the version (major,minor) is supported
+TBool CIkev1Negotiation::CheckVersionL(TUint8 aVersion)
+{
+ if (aVersion >> 4 > MAJOR)
+ {
+ DEBUG_LOG(_L("INVALID_MAJOR_VERSION"));
+ SendNotifyL(INVALID_MAJOR_VERSION);
+ return EFalse;
+ }
+
+ if (aVersion & (0x0f) > MINOR)
+ {
+ DEBUG_LOG(_L("INVALID_MINOR_VERSION"));
+ SendNotifyL(INVALID_MINOR_VERSION);
+ return EFalse;
+ }
+
+ return ETrue; //version correct
+}
+
+//Checks if the exchange type is valid and the same as in the negotiation
+TBool CIkev1Negotiation::CheckExchangeTypeL(TUint8 aType)
+{
+ switch (aType)
+ {
+ case ISAKMP_EXCHANGE_ID: //Main
+ case ISAKMP_EXCHANGE_AGGR: // Agressive
+ case ISAKMP_EXCHANGE_INFO:
+ case IKE_QUICK_MODE:
+ //invalid Exchange Type Not the same being used and not an error notification
+ if (aType != iExchange)
+ {
+ DEBUG_LOG(_L("INVALID_EXCHANGE_TYPE")); //send the informational exchange
+ SendNotifyL(INVALID_EXCHANGE_TYPE); //send the informational exchange
+ return EFalse; //invalid Exchange Type
+ }
+ break;
+ case ISAKMP_EXCHANGE_BASE: // Base
+ case ISAKMP_EXCHANGE_NONE: // Identity Protection (Main mode in IKE)
+ case ISAKMP_EXCHANGE_AUTH: // Authentication Only
+ case IKE_NEW_GROUP_MODE: // New Group Mode
+ DEBUG_LOG(_L("INVALID_EXCHANGE_TYPE")); //send the informational exchange
+ SendNotifyL(UNSUPPORTED_EXCHANGE_TYPE); //send the informational exchange
+ return EFalse;
+ }
+
+ return ETrue;
+}
+
+//Checks the non-relevant bits are 0. Other comprovations are done when needed
+TBool CIkev1Negotiation::CheckFlagsL(TUint8 aFlags)
+{
+ if (aFlags >> 3 != 0)
+ {
+ DEBUG_LOG(_L("INVALID_FLAGS")); //send the informational exchange
+ SendNotifyL(INVALID_FLAGS); //send the informational exchange
+ return EFalse;
+ }
+
+ return ETrue;
+}
+
+//Checks the Id has a correct value. 0 in Phase I, the correct one in Phase II
+TBool CIkev1Negotiation::CheckMessageIdL(TUint32 aId)
+{
+ if (aId != iMessageId) //iMessageId will be 0 during Phase I
+ {
+ DEBUG_LOG2(_L("INVALID_MESSAGE_ID %u (neg=%u)"),aId, iMessageId);
+ SendNotifyL(INVALID_MESSAGE_ID); //send the informational exchange
+ return EFalse;
+ }
+ return ETrue;
+}
+
+//Checks the DOI is valid
+TBool CIkev1Negotiation::CheckDOI(TUint32 aDOI)
+{
+ if (aDOI > IPSEC_DOI) //Not IPSEC nor ISAKMP DOI
+ return EFalse;
+
+ return ETrue;
+}
+
+//Checks the SIT is valid
+TBool CIkev1Negotiation::CheckSituationL(TUint32 aSIT)
+{
+ //Secrecy and integrity not yet supported
+ if ((aSIT & IPSEC_SIT_SECRECY) || (aSIT & IPSEC_SIT_INTEGRITY))
+ {
+ DEBUG_LOG(_L("SITUATION_NOT_SUPPORTED")); //send the informational exchange
+ SendNotifyL(SITUATION_NOT_SUPPORTED); //send the informational exchange
+ return EFalse;
+ }
+
+ return ETrue;
+}
+//check the generic payload is OK. Correct payload + Reserved==0
+TBool CIkev1Negotiation::CheckGenericPayloadL(const TPayloadISAKMP *aPayload)
+{
+ if (!CheckPayloadCode(aPayload->GetPayload()))
+ return EFalse;
+
+ if (aPayload->GetReserved() != 0) //Must be always 0
+ {
+ DEBUG_LOG(_L("INVALID RESERVED FIELD"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ if ((aPayload->GetLength() < MIN_ISAKMP_PAYLOAD_SIZE) || (aPayload->GetLength() > iLengthLeft))
+ {
+ DEBUG_LOG(_L("BAD PAYLOAD SIZE"));
+ SendNotifyL(PAYLOAD_MALFORMED);
+ return EFalse;
+ }
+
+ iLengthLeft -= aPayload->GetLength(); //Updates the length left in the buffer
+
+ return ETrue;
+
+}
+
+//checks if protocol supported
+TBool CIkev1Negotiation::CheckProtocolL(TUint8 aProtocol)
+{
+ switch (aProtocol)
+ {
+ //PHASE_I Protocol
+ case PROTO_ISAKMP: //Only when establishing own SA??
+ if (iPhase != PHASE_I)
+ {
+ DEBUG_LOG(_L("INVALID_PROTOCOL_ID (ISAKMP only allowed in Phase I)"));
+ SendNotifyL(INVALID_PROTOCOL_ID);
+ return EFalse;
+ }
+ return ETrue;
+
+ //PHASE_II Protocols
+ case PROTO_IPSEC_AH:
+ case PROTO_IPSEC_ESP:
+ if (iPhase != PHASE_II)
+ {
+ DEBUG_LOG1(_L("INVALID_PROTOCOL_ID (Prot (%u) only allowed in Phase II)"),aProtocol);
+ SendNotifyL(INVALID_PROTOCOL_ID);
+ return EFalse;
+ }
+ return ETrue;
+ }
+ DEBUG_LOG1(_L("INVALID_PROTOCOL_ID (Unknown Protocol (%u))"),aProtocol);
+ SendNotifyL(INVALID_PROTOCOL_ID);
+ return EFalse;
+}
+
+TBool CIkev1Negotiation::CheckSPIL(const TProposalISAKMP *aProposal)
+{
+
+ TUint size=aProposal->GetSPISize();
+ if (iPhase == PHASE_I)
+ {
+ if (size > MAX_SPI_SIZE)
+ {
+ DEBUG_LOG(_L("INVALID_SPI (Bad Size)"));
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+ }
+ else //Phase II
+ {
+ TUint32 spi = 0;
+ if (aProposal->GetSPISize() > sizeof(TUint32))
+ {
+ DEBUG_LOG(_L("INVALID_SPI (Too big. Max. is 32 bits)"));
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+ Mem::Copy((TUint8 *)&spi, ((TProposalISAKMP *)aProposal)->SPI(), aProposal->GetSPISize());
+ spi = ByteOrder::Swap32(spi);
+ if (spi < 256) //The first 256 are reserved
+ {
+ DEBUG_LOG(_L("INVALID_SPI (spi's < 256 are RESERVED)"));
+ SendNotifyL(INVALID_SPI);
+ return EFalse;
+ }
+ }
+ return ETrue;
+}
+
+//Checks for transform payloads. MUST NOT abort processing, just discard the payload
+TBool CIkev1Negotiation::CheckTransformID(TUint8 aProtocol,TUint8 aID)
+{
+ switch (aProtocol)
+ {
+ case PROTO_ISAKMP:
+ if (aID != KEY_IKE)
+ return EFalse;
+ break;
+
+ case PROTO_IPSEC_AH:
+ if ( (aID != AH_MD5) && (aID != AH_SHA))
+ {
+ DEBUG_LOG(_L("Unsupported Authentication Algorithm"));
+ return EFalse;
+ }
+ break;
+ case PROTO_IPSEC_ESP:
+ switch ( aID )
+ {
+ case ESP_DES_CBC:
+ case ESP_3DES_CBC:
+ case ESP_NULL:
+ case ESP_AES_CBC:
+ break;
+ default:
+ DEBUG_LOG(_L("Unsupported Encryption Algorithm"));
+ return EFalse;
+ }
+ break;
+
+ default:
+ return EFalse;
+ }
+
+ return ETrue;
+}
+
+
+//Diffie-Hellman key exchange
+//The info in iNegotiation MUST be correct
+TBool CIkev1Negotiation::ComputeDHPublicValueL()
+{
+ TUint desc;
+ if (iPhase == PHASE_I)
+ {
+ //If aggressive sends the SA and KE at the same time b4 knowing the chosen group.
+ //The group in the first proposed transform is chosen. Shouldn't be transforms with
+ //different groups sent. Checked when using the configuration tool?
+ if ((iExchange == ISAKMP_EXCHANGE_AGGR) && (iRole == INITIATOR))
+ desc = iProposal_I.iAttrList->iGroupDesc;
+ else
+ desc = iChosenProposal_I.iAttrList->iGroupDesc;
+ }
+ else
+ {
+ if (iRole == INITIATOR) //We have to use one of the proposals because we don't have the reply yet
+ //Anyay only one group can be specified for phase II so it's fine
+ desc = iProposal_IIList->At(0)->iAttrList->At(0)->iGroupDesc;
+ else //RESPONDER
+ desc = iChosenProp_IIList->At(0)->iAttrList->At(0)->iGroupDesc;
+ }
+
+ delete iOwnKeys; //Happens in phase II because we may recalculate the DH value.
+ iOwnKeys = NULL;
+ delete iOwnPublicKey; // Happens in phase II because we may recalculate the DH value.
+ iOwnPublicKey = NULL;
+
+ iOwnKeys = GeneratePubPrivKeysL(desc);
+ if (!iOwnKeys)
+ {
+ DEBUG_LOG(_L("Error generating DH public and private keys"));
+ return EFalse;
+ }
+ iOwnPublicKey = iOwnKeys->GetPubKey(); //save the public key in a buffer to have easy access
+ iOwnPublicKey_ptr.Set(iOwnPublicKey->Des());
+ return ETrue;
+}
+
+
+//Initial IV computation
+//Pre:Requires correct Public keys alredy stored!!!
+TBool CIkev1Negotiation::InitIVL()
+{
+ HBufC8* prf_data =
+ HBufC8::NewLC(((iOwnPublicKey_ptr.Length() + iPeerPublicKey.Length()) | 0x3) + 1);
+
+ if (iRole == INITIATOR)
+ {
+ prf_data->Des().Copy(iOwnPublicKey_ptr);
+ prf_data->Des().Append(iPeerPublicKey);
+
+ }
+ else //RESPONDER
+ {
+ prf_data->Des().Copy(iPeerPublicKey);
+ prf_data->Des().Append(iOwnPublicKey_ptr);
+ }
+ if (iChosenProposal_I.iAttrList->iHashAlg == HASH_MD5)
+ MD5HashL(prf_data->Des(), iIV);
+ else SHA1HashL(prf_data->Des(), iIV);
+
+ if (iChosenProposal_I.iAttrList->iEncrAlg == AES_CBC )
+ iIVSize = 16;
+ else iIVSize = 8;
+ iIV.SetLength(iIVSize);
+ DEBUG_LOG(_L("Init"));
+
+ CleanupStack::PopAndDestroy(); //prf_data
+
+ return ETrue;
+}
+
+
+
+//subsequent IV computations. Like when send notifications or beginning of Phase II
+TBool CIkev1Negotiation::ComputeIVL(TDes8 &aIV, TInt32 aMessageId)
+{
+ HBufC8* prf_data =
+ HBufC8::NewLC(((aIV.Length() + sizeof(aMessageId)) | 0x3) + 1);
+
+ if ((iChosenProposal_I.iAttrList->iEncrAlg != DES3_CBC) &&
+ (iChosenProposal_I.iAttrList->iEncrAlg != AES_CBC) &&
+ (iChosenProposal_I.iAttrList->iEncrAlg != DES_CBC))
+ {
+ return EFalse;
+ }
+ //former IV
+ prf_data->Des().Copy(aIV);
+ //Message ID
+ TInt32 id = ByteOrder::Swap32(aMessageId); //Needed to add it
+
+ prf_data->Des().Append((TUint8 *)&id, sizeof(id));
+
+ DEBUG_LOG(_L("prf"));
+ if (iChosenProposal_I.iAttrList->iHashAlg == HASH_MD5)
+ MD5HashL(prf_data->Des(), aIV);
+ else SHA1HashL(prf_data->Des(), aIV);
+
+ DEBUG_LOG(_L("Computed IV"));
+
+ CleanupStack::PopAndDestroy(); //prf_data
+ return ETrue;
+}
+
+//Generates all the keying material SKEYID,SKEYID_d,SKEYID_a,SKEYID_e
+TBool CIkev1Negotiation::ComputeKeysL()
+{
+ TUint desc;
+ //If aggressive sends the SA and KE at the same time b4 knowing the chosen group.
+ //The group in the first proposed transform is chosen. Shouldn't be transforms with
+ //different groups sent
+ if ((iExchange == ISAKMP_EXCHANGE_AGGR) && (iRole == INITIATOR))
+ desc = iProposal_I.iAttrList->iGroupDesc;
+ else
+ desc = iChosenProposal_I.iAttrList->iGroupDesc;
+ //
+ //Computes agreed key
+ //
+ HBufC8* agreedKey = ComputeAgreedKeyL(desc, iPeerPublicKey, iOwnKeys); //(gxy)
+ if ( !agreedKey ) {
+ DEBUG_LOG(_L("DH secret creation failed (ComputeAgreedKeyL)"));
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(INVALID_KEY_INFORMATION);
+ return EFalse;
+ }
+ CleanupStack::PushL(agreedKey); //agreedKey
+
+ // Use prf and agreed DH-key to generate keying material
+ HBufC8* prf_data =
+ HBufC8::NewLC(((iNONCE_I.Length() + iNONCE_R.Length() + 2*ISAKMP_COOKIE_SIZE) | 0x3) + 1);
+ HBufC8* prf_key =
+ HBufC8::NewLC(((iNONCE_I.Length() + iNONCE_R.Length() ) | 0x3) + 1);
+
+ DEBUG_LOG(_L("Agreed Key."));
+
+ switch(iChosenProposal_I.iAttrList->iAuthMethod)
+ {
+ case RSA_SIG:
+ case DSS_SIG:
+ case IKE_A_CRACK:
+ //For signatures:
+ //SKEYID = prf(Ni_b|Nr_b, g^xy)
+ //key
+ prf_key->Des().Copy(iNONCE_I);
+ prf_key->Des().Append(iNONCE_R);
+ ComputePRFL(iSKEYID, prf_key->Des(), agreedKey->Des());
+ break;
+ case PRE_SHARED:
+ {
+ //pre-shared keys:
+ //SKEYID=prf(pre_shared key, Ni_b | Nr_b);
+ //data
+ prf_data->Des().Copy(iNONCE_I.Ptr(),iNONCE_I.Length());
+ prf_data->Des().Append(iNONCE_R.Ptr(),iNONCE_R.Length());
+ DEBUG_LOG(_L("Pre-shared Key"));
+#ifdef _UNICODE
+ HBufC8 *preshared_key_buf = HBufC8::NewLC(iHostData->iPresharedKey.iKey.Length());
+ preshared_key_buf->Des().Copy(iHostData->iPresharedKey.iKey);
+ TPtrC8 preshared_key_ptr(preshared_key_buf->Des());
+#else
+ TPtrC8 preshared_key_ptr(iHostData->iPresharedKey.iKey);
+#endif
+ ComputePRFL(iSKEYID, preshared_key_ptr, prf_data->Des());
+#ifdef _UNICODE
+ CleanupStack::PopAndDestroy(); //presharedkey_buf
+#endif
+ }
+ break;
+ default://method not implemented
+ DEBUG_LOG1(_L("ATTRIBUTES_NOT_SUPPORTED:Auth Method %d not supported "),iChosenProposal_I.iAttrList->iAuthMethod);
+ SetErrorStatus( KKmdIkeNegotFailed );
+ SendNotifyL(ATTRIBUTES_NOT_SUPPORTED);
+ return EFalse;
+ }
+
+ CleanupStack::PopAndDestroy(2); //prf_data and prf_key
+ prf_data =
+ HBufC8::NewLC(((agreedKey->Length() + iSKEYID.Length() + 2*ISAKMP_COOKIE_SIZE + 4) | 0x3) + 1);
+
+ prf_data->Des().Copy(agreedKey->Des());
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(0);
+ ComputePRFL(iSKEYID_d, iSKEYID, prf_data->Des());
+
+ prf_data->Des().Copy(iSKEYID_d);
+ prf_data->Des().Append(agreedKey->Des());
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(1);
+ ComputePRFL(iSKEYID_a, iSKEYID, prf_data->Des());
+
+ prf_data->Des().Copy(iSKEYID_a);
+ prf_data->Des().Append(agreedKey->Des());
+ prf_data->Des().Append(iCookie_I);
+ prf_data->Des().Append(iCookie_R);
+ prf_data->Des().Append(2);
+ ComputePRFL(iSKEYID_e, iSKEYID, prf_data->Des());
+
+ agreedKey->Des().FillZ(); // Zeroe DH secret g^xy
+
+ //Builds the IV
+ if (!InitIVL())
+ {
+ DEBUG_LOG(_L("Error Computing IV"));
+ return EFalse;
+ }
+ if (iExchange == ISAKMP_EXCHANGE_AGGR)
+ {
+ iLastIV.Copy(iIV); //Saves last IV in Phase 1
+ iLastIV.SetLength(iIVSize);
+ DEBUG_LOG(_L("Last IV Saved!"));
+ }
+
+ //if key extension required:
+ TUint8 *key;
+ TInt key_len=0;
+ TInt total_key_len = ISAKMPEncrKeyLength((TUint8)iChosenProposal_I.iAttrList->iEncrAlg);
+ if (iSKEYID_e.Length() < total_key_len)
+ {
+ DEBUG_LOG(_L("Extending encrytion key..."));
+ key = new (ELeave) TUint8[total_key_len*2];
+ CleanupStack::PushL(key);
+ key[0] = 0;
+ TPtr8 kx0_ptr(key, 1, 1);
+ TPtr8 kx1_ptr(key, 0, total_key_len * 2);
+ ComputePRFL(kx1_ptr, iSKEYID_e, kx0_ptr); //K1=prf(SKEYID_e,0)
+ key_len += kx1_ptr.Length();
+
+ while (key_len < total_key_len)
+ {
+ kx0_ptr.Set(&key[key_len - kx1_ptr.Length()], kx1_ptr.Length(), total_key_len);
+ kx1_ptr.Set(&key[key_len], 0, total_key_len);
+ ComputePRFL(kx1_ptr, iSKEYID_e, kx0_ptr); //Kx=prf(SKEYID_e,K<x-1>)
+ key_len += kx1_ptr.Length();
+ }
+ iSKEYID_e.Copy(key, total_key_len);
+ CleanupStack::PopAndDestroy(); //key
+ DEBUG_LOG(_L(" SKEYID_e (EXTENDED)"));
+ }
+ else
+ {
+ iSKEYID_e.SetLength(total_key_len);
+ DEBUG_LOG(_L(" SKEYID_e"));
+ }
+
+ DEBUG_LOG(_L(" Init IV"));
+
+ CleanupStack::PopAndDestroy(2); //prf_data and agreedKey
+
+ return ETrue;
+}
+
+//Computes the IPSEC keys needed for each IPSEC SA
+//KEYMAT = prf(SKEY_ID, protocol | SPI | Ni_b | Nr_b)
+//if PFS:
+//KEYMAT = prf(SKEY_ID, g(qm)^xy | protocol | SPI | Ni_b | Nr_b)
+void CIkev1Negotiation::ComputeKeys2L(const CProposal_II *aProp, TInt aKeyLen, TSPINode &aInboundSpiNode, TDes8& aOutboundKey_II, TDes8& aInboundKey_II)
+{
+ DEBUG_LOG(_L("Computing PHASE II keys "));
+
+ aOutboundKey_II.SetLength(0);
+ aInboundKey_II.SetLength(0);
+ DEBUG_LOG(_L("Total Computed Key Length="));
+ DEBUG_LOG_NUM(aKeyLen);
+
+ HBufC8* agreedKey = NULL; //g(qm)^xy
+ TInt prf_len = iSKEYID_d.Length() + iNONCE_I.Length() + iNONCE_R.Length() + 8; // 8 for protocol and SPI
+
+ if (iPFS)
+ {
+ agreedKey = ComputeAgreedKeyL(iChosenProp_IIList->At(0)->iAttrList->At(0)->iGroupDesc, iPeerPublicKey, iOwnKeys);
+ if ( !agreedKey )
+ User::Leave(KErrGeneral);
+ CleanupStack::PushL(agreedKey);
+ prf_len += agreedKey->Length();
+ DEBUG_LOG(_L(" Agreed Key"));
+ }
+#ifdef _DEBUG
+ else DEBUG_LOG(_L("(NO PFS)"));
+#endif // _DEBUG
+
+ DEBUG_LOG(_L("Protocol:"));
+ DEBUG_LOG_NUM(aProp->iProtocol);
+
+ TUint32 in_spi = aInboundSpiNode.iSPI; //inbound spi in Network Order
+ DEBUG_LOG(_L("InSPI:"));
+ DEBUG_LOG_NUM(ByteOrder::Swap32(in_spi));
+ TUint32 out_spi;
+ Mem::Copy((TUint8 *)&out_spi, aProp->iSPI.Ptr(), aProp->iSPI.Length());
+ DEBUG_LOG1(_L("OutSPI: %x"), out_spi);
+ //Inbound and outbound calculations only differ in the SPI
+ //If the key is not long enough we need to extend it
+ TPtr8 key_ptr((TUint8 *)aOutboundKey_II.Ptr() + aOutboundKey_II.Length(), 0, aOutboundKey_II.MaxLength());
+
+ HBufC8* prf_data = HBufC8::NewLC((prf_len | 0x3) + 1);
+
+ while ((aOutboundKey_II.Length() * 8) < aKeyLen) //include the key extension algorithm
+ {
+ prf_data->Des().Copy(key_ptr);
+ if (agreedKey)//Only used if PFS
+ {
+ prf_data->Des().Append(agreedKey->Des());
+ }
+ prf_data->Des().Append(&aProp->iProtocol, sizeof(aProp->iProtocol));
+ prf_data->Des().Append(aProp->iSPI.Ptr(),aProp->iSPI.Length());
+ prf_data->Des().Append(iNONCE_I);
+ prf_data->Des().Append(iNONCE_R);
+ key_ptr.Set((TUint8 *)aOutboundKey_II.Ptr() + aOutboundKey_II.Length(), 0, aOutboundKey_II.MaxLength() - aOutboundKey_II.Length());
+ ComputePRFL(key_ptr, iSKEYID_d, prf_data->Des());
+ aOutboundKey_II.SetLength(aOutboundKey_II.Length() + key_ptr.Length());
+ }
+
+ key_ptr.Set((TUint8 *)aInboundKey_II.Ptr() + aInboundKey_II.Length(), 0, aOutboundKey_II.MaxLength());
+ while ((aInboundKey_II.Length() * 8) < aKeyLen) //include the key extension algorithm
+ {
+ prf_data->Des().Copy(key_ptr);
+ if (agreedKey)//Only used if PFS
+ {
+ prf_data->Des().Append(agreedKey->Des());
+ }
+ prf_data->Des().Append(&aProp->iProtocol,sizeof(aProp->iProtocol));
+ prf_data->Des().Append((TUint8 *)&in_spi, sizeof(TUint32));
+ prf_data->Des().Append(iNONCE_I);
+ prf_data->Des().Append(iNONCE_R);
+
+ key_ptr.Set((TUint8 *)aInboundKey_II.Ptr() + aInboundKey_II.Length(), 0, aInboundKey_II.MaxLength() - aInboundKey_II.Length());
+ ComputePRFL(key_ptr, iSKEYID_d, prf_data->Des());
+ aInboundKey_II.SetLength(aInboundKey_II.Length() + key_ptr.Length());
+ }
+
+ if ( agreedKey )
+ CleanupStack::PopAndDestroy(2); //prf_data and agreedKey
+ else CleanupStack::PopAndDestroy(); //prf_data
+
+}
+
+
+/* This function is called by oakley module to do pseudo random computation for
+ given data */
+//IMPORTANT: If some func added or modified check MAX_PRF_LENGTH is correct in ike.h
+
+void CIkev1Negotiation::ComputePRFL(TDes8 &prf_output, const TDesC8 &prf_key, const TDesC8 &prf_data)
+{
+// All actions taken are moved into the crypto module IKE_CRYPTO.CPP
+
+ if ( iChosenProposal_I.iAttrList->iPRF == OAKLEY_PRF_3DES_CBC_MAC)
+ {
+ DEBUG_LOG(_L("PRF (3DES_CBC_MAC)"));
+ Hmac3DesCbcL(prf_data, prf_output, prf_key);
+ }
+ else
+ {
+ // Use HMAC version of the negotiated hash function as default PRF
+ if ( iChosenProposal_I.iAttrList->iHashAlg == HASH_MD5 ) {
+ DEBUG_LOG(_L("PRF (MD5)"));
+ MD5HmacL(prf_data, prf_output, prf_key);
+ }
+ else {
+ if ( iChosenProposal_I.iAttrList->iHashAlg == HASH_SHA1 ) {
+ DEBUG_LOG(_L("PRF (SHA1)"));
+ SHA1HmacL(prf_data, prf_output, prf_key);
+ }
+ }
+ }
+
+}
+
+
+//NOTE: Must be called after ProcessCertificate() !!!
+TBool CIkev1Negotiation::CertifyRemoteIdentityL(const TIdentISAKMP *aIdPayload)
+{
+ TBool Status = EFalse;
+ TInt id_len = aIdPayload->IDDataLen();
+
+ if ( id_len && iPkiService && iPeerX509Cert )
+ {
+ TPtrC8 IdData((TUint8 *)aIdPayload->IDData(), id_len);
+
+ // Leave is trapped and handled here because the event log is easily accessible
+ // and in the upper layers it would not be possible to identify the
+ // cause of the error based on the generic leave code.
+ TRAPD(err, Status = IkePkiUtils::CertifyIdentityL(iPeerX509Cert, IdData, (TInt)aIdPayload->GetIDType()));
+
+ if( KErrNotSupported == err )
+ {
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_CERT_ERROR,
+ KErrNotSupported,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ }
+
+#ifdef _DEBUG
+ if (Status)
+ DEBUG_LOG(_L("Remote identity has been certified"));
+#endif // _DEBUG
+ }
+
+ return Status;
+}
+
+
+//Digests aHash with the key in aCert and compares it to the stored value aSig
+//Needs to be check after the Signature payload has been processed
+TBool CIkev1Negotiation::VerifySignatureL(CX509Certificate *aCert,TUint8 *aHash, TInt aHashLength,TUint8 *aSig, TUint aSigLength)
+{
+
+ TBool ret = EFalse;
+ if ( iPkiService )
+ {
+ TPtrC8 Signature(aSig, aSigLength);
+ TPtrC8 RefHash(aHash, aHashLength);
+ ret = IkePkiUtils::VerifyIkev1SignatureL(Signature, RefHash, *aCert);
+ }
+
+ return ret;
+
+
+}
+
+//NOTE!!! The func sets iFinished to TRUE always so after detecting an error the communication finishes.
+//If it doesn't have to iFinished should be set outside the function.
+void CIkev1Negotiation::SendNotifyL(TUint16 aError)
+{
+ SetFinished(); //Ends the negotiation (error condition detected) If CONNECTED also should end
+
+#ifdef _DEBUG
+ TBuf<60> buf;
+ DEBUG_LOG(_L("SendNotifyL(), Reason: "));
+ buf.Append(TextNotifyType(aError));
+ DEBUG_LOG(buf);
+#endif // _DEBUG
+ TUint8 protocol = PROTO_ISAKMP;
+ TUint8 tmp_exchange = iExchange;
+ TUint32 tmp_msg_id = iMessageId;
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+ //If configured to send notification payloads for errors
+ if (iHostData->iNotify)
+ {
+ iExchange = ISAKMP_EXCHANGE_INFO;
+ iMessageId = RandomMessageId();
+ msg->IsakmpInit(this);
+
+ //HASH Payload only if payload protected with encyption
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ msg->IsakmpHashL();
+
+ if (iPhase == PHASE_I)
+ protocol = iChosenProposal_I.iProtocol;
+ else
+ {
+ if (iChosenProp_IIList) //May be the begining of PHASE_II when still not decided
+ protocol = iChosenProp_IIList->At(0)->iProtocol;
+ }
+ msg->IsakmpNotification(aError, protocol);
+
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ {
+ msg->IsakmpHashContL();
+ }
+
+ iExchange = tmp_exchange;
+ iMessageId = tmp_msg_id;
+
+ SendL(*msg);
+
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_SENT_ERROR_RESPONSE,
+ aError,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ }
+
+}
+
+
+//Hash function key length (in bytes)
+TInt CIkev1Negotiation::HashLength()
+{
+ if (iChosenProposal_I.iAttrList->iPRF == OAKLEY_PRF_3DES_CBC_MAC)
+ return 24;
+
+ //If no PRF hash alg used instead.
+ if (iChosenProposal_I.iAttrList->iPRF==0)
+ {
+ if (iChosenProposal_I.iAttrList->iHashAlg==HASH_MD5)
+ return HMAC_MD5_SIZE/8; //16 bytes
+ //return MD5_DIGEST_LENGTH;
+ else if (iChosenProposal_I.iAttrList->iHashAlg==HASH_SHA1)
+ return HMAC_SHA1_SIZE/8;
+ //return SHA_DIGEST_LENGTH;
+ }
+
+ return 0;
+}
+
+
+//Could be done using directly iEncrAlg from the chosen transform (in bytes)
+TUint32 CIkev1Negotiation::ISAKMPEncrKeyLength(TUint8 aAlgId) const
+{
+ TUint32 KeyLth = 0;
+ switch (aAlgId) {
+ case DES_CBC:
+ KeyLth = 8;
+ break;
+ case DES3_CBC:
+ KeyLth = 24;
+ break;
+ case AES_CBC:
+ if ( iChosenProposal_I.iAttrList->iKeyLength )
+ KeyLth = (TUint32)(iChosenProposal_I.iAttrList->iKeyLength/8);
+ else KeyLth = 16; // default
+ break;
+ default:
+ break;
+ }
+
+ return KeyLth;
+}
+
+TIkev1IsakmpStream* CIkev1Negotiation::SaveIkeMsgBfr(TIkev1IsakmpStream* aMsg)
+{
+ delete iSavedIkeMsgBfr;
+ iSavedIkeMsgBfr = aMsg;
+ return aMsg;
+}
+
+//Returns the key length (in bits) of an algorithm for iAuth (TAttrib_II) field when protocol is AH
+TUint32 CIkev1Negotiation::HMAC_KeyLength(TUint8 aId) const
+{
+ if (aId == SADB_AALG_MD5HMAC)
+ return (HMAC_MD5_SIZE);
+ else if (aId == SADB_AALG_SHA1HMAC)
+ return (HMAC_SHA1_SIZE);
+
+ return (0); // Error
+}
+
+//Exchange Type
+TPtrC CIkev1Negotiation::TextNotifyType(TUint16 aNotif)
+{
+#ifndef _DEBUG
+ (void)aNotif;
+#endif
+
+#ifdef _DEBUG
+ //TBuf<35> err;
+ switch(aNotif)
+ {
+ case INVALID_PAYLOAD_TYPE:
+ return _L("INVALID_PAYLOAD_TYPE");
+ case DOI_NOT_SUPPORTED:
+ return _L("DOI_NOT_SUPPORTED");
+ case SITUATION_NOT_SUPPORTED:
+ return _L("SITUATION_NOT_SUPPORTED");
+ case INVALID_COOKIE:
+ return _L("INVALID_COOKIE");
+ case INVALID_MAJOR_VERSION:
+ return _L("INVALID_MAJOR_VERSION");
+ case INVALID_MINOR_VERSION:
+ return _L("INVALID_MINOR_VERSION");
+ case INVALID_EXCHANGE_TYPE:
+ return _L("INVALID_EXCHANGE_TYPE");
+ case INVALID_FLAGS:
+ return _L("INVALID_FLAGS");
+ case INVALID_MESSAGE_ID:
+ return _L("INVALID_MESSAGE_ID");
+ case INVALID_PROTOCOL_ID:
+ return _L("INVALID_PROTOCOL_ID");
+ case INVALID_SPI:
+ return _L("INVALID_SPI");
+ case INVALID_TRANSFORM_ID:
+ return _L("INVALID_TRANSFORM_ID");
+ case ATTRIBUTES_NOT_SUPPORTED:
+ return _L("ATTRIBUTES_NOT_SUPPORTED");
+ case NO_PROPOSAL_CHOSEN:
+ return _L("NO_PROPOSAL_CHOSEN");
+ case BAD_PROPOSAL_SYNTAX:
+ return _L("BAD_PROPOSAL_SYNTAX");
+ case PAYLOAD_MALFORMED:
+ return _L("PAYLOAD_MALFORMED");
+ case INVALID_KEY_INFORMATION:
+ return _L("INVALID_KEY_INFORMATION");
+ case INVALID_ID_INFORMATION:
+ return _L("INVALID_ID_INFORMATION");
+ case INVALID_CERT_ENCODING:
+ return _L("INVALID_CERT_ENCODING");
+ case INVALID_CERTIFICATE:
+ return _L("INVALID_CERTIFICATE");
+ case CERT_TYPE_UNSUPPORTED:
+ return _L("CERT_TYPE_UNSUPPORTED");
+ case INVALID_CERT_AUTHORITY:
+ return _L("INVALID_CERT_AUTHORITY");
+ case INVALID_HASH_INFORMATION:
+ return _L("INVALID_HASH_INFORMATION");
+ case AUTHENTICATION_FAILED:
+ return _L("AUTHENTICATION_FAILED");
+ case INVALID_SIGNATURE:
+ return _L("INVALID_SIGNATURE");
+ case ADDRESS_NOTIFICATION:
+ return _L("ADDRESS_NOTIFICATION");
+ case NOTIFY_SA_LIFETIME:
+ return _L("NOTIFY_SA_LIFETIME");
+ case CERTIFICATE_UNAVAILABLE:
+ return _L("CERTIFICATE_UNAVAILABLE");
+ case UNSUPPORTED_EXCHANGE_TYPE:
+ return _L("UNSUPPORTED_EXCHANGE_TYPE");
+ case UNEQUAL_PAYLOAD_LENGTHS:
+ return _L("UNEQUAL_PAYLOAD_LENGTHS");
+ case CONNECTED:
+ return _L("CONNECTED");
+ case DOI_RESPONDER_LIFETIME:
+ return _L("RESPONDER_LIFETIME");
+ case DOI_REPLAY_STATUS:
+ return _L("REPLAY_STATUS");
+ case DOI_INITIAL_CONTACT:
+ return _L("INITIAL_CONTACT");
+ }
+ return _L("Unknown ");
+#else
+ return NULL;
+#endif
+}
+
+
+void CIkev1Negotiation::TextPayload(TDes &aBuf, TUint8 aPayload)
+{
+#ifndef _DEBUG
+ (void)aBuf;
+ (void)aPayload;
+#endif
+
+#ifdef _DEBUG
+ switch(aPayload)
+ {
+ case ISAKMP_PAYLOAD_NONE:// (Terminator)
+ aBuf = _L("ISAKMP_PAYLOAD_NONE");
+ break;
+ case ISAKMP_PAYLOAD_SA:// Security Association
+ aBuf = _L("ISAKMP_PAYLOAD_SA");
+ break;
+ case ISAKMP_PAYLOAD_P:// Proposal
+ aBuf = _L("ISAKMP_PAYLOAD_P");
+ break;
+ case ISAKMP_PAYLOAD_T:// Transform
+ aBuf = _L("ISAKMP_PAYLOAD_T");
+ break;
+ case ISAKMP_PAYLOAD_KE:// Key Exchange
+ aBuf = _L("ISAKMP_PAYLOAD_KE");
+ break;
+ case ISAKMP_PAYLOAD_ID:// Identification
+ aBuf = _L("ISAKMP_PAYLOAD_ID");
+ break;
+ case ISAKMP_PAYLOAD_CERT:// Certificate
+ aBuf = _L("ISAKMP_PAYLOAD_CERT");
+ break;
+ case ISAKMP_PAYLOAD_CR:// Certificate Request
+ aBuf = _L("ISAKMP_PAYLOAD_CR");
+ break;
+ case ISAKMP_PAYLOAD_HASH:// Hash
+ aBuf = _L("ISAKMP_PAYLOAD_HASH");
+ break;
+ case ISAKMP_PAYLOAD_SIG:// Signature
+ aBuf = _L("ISAKMP_PAYLOAD_SIG");
+ break;
+ case ISAKMP_PAYLOAD_NONCE:// Nonce
+ aBuf = _L("ISAKMP_PAYLOAD_NONCE");
+ break;
+ case ISAKMP_PAYLOAD_NOTIF:// Notification
+ aBuf = _L("ISAKMP_PAYLOAD_NOTIF");
+ break;
+ case ISAKMP_PAYLOAD_D:// Delete
+ aBuf = _L("ISAKMP_PAYLOAD_D");
+ break;
+ case ISAKMP_PAYLOAD_VID:// Vendor ID
+ aBuf = _L("ISAKMP_PAYLOAD_VID");
+ break;
+ case ISAKMP_PAYLOAD_PRIVATE:// Private use (up to 255)
+ aBuf = _L("ISAKMP_PAYLOAD_PRIVATE");
+ break;
+ default:
+ aBuf.Format(_L("Unknown (%d) "),aPayload);
+ }
+#endif
+}
+
+//Sends the built message through the socket
+void CIkev1Negotiation::SendL(TIkev1IsakmpStream &aMsg)
+{
+ if (aMsg.iError)
+ {
+ DEBUG_LOG(_L("Error Building message"));
+ return;
+ }
+ TBuf8<IKEV1_MAX_IV_SIZE> tmp_IV;
+
+ ThdrISAKMP *hdr = (ThdrISAKMP *)aMsg.iBuf.Ptr();
+ hdr->SetLength(aMsg.iBuf.Length());
+ DEBUG_LOG(_L("Sending (clear)..."));
+
+ TBool FloatedPort = EFalse;
+ if ( iNAT_D_Flags & (REMOTE_END_NAT + LOCAL_END_NAT) )
+ FloatedPort = ETrue;
+
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( aMsg.iBuf.Ptr(), aMsg.iBuf.Length() );
+ TInetAddr localAddr;
+ iPluginSession->GetLocalAddress( localAddr );
+ TInt port = ( FloatedPort ? IkeSocket::KIkePort4500 : IkeSocket::KIkePort500 );
+ localAddr.SetPort( port );
+ TRACE_MSG_IKEV1( ikeMsgPtr, localAddr, iLastRemoteAddr );
+#endif // _DEBUG
+
+ TPtr8 lastMsg(iLastMsg->Des());
+
+ if (hdr->GetFlags() & ISAKMP_HDR_EFLAG)
+ {
+ DEBUG_LOG(_L("Encrypting..."));
+
+ if (hdr->GetExchange()==ISAKMP_EXCHANGE_INFO || hdr->GetExchange()==ISAKMP_EXCHANGE_TRANSACT )
+ {
+ if ( hdr->GetExchange()==ISAKMP_EXCHANGE_TRANSACT )
+ {
+ //
+ // Get current IV via CTransNegotiation object linked into
+ // CIkev1Negotiation
+ //
+ if ( !iTransactionNeg ||
+ !iTransactionNeg->GetIV(hdr->GetMessageId(), tmp_IV) )
+ {
+ DEBUG_LOG(_L("Send error ! Cannot get Transaction IV !"));
+ return;
+ }
+ DEBUG_LOG(_L("Transaction IV"));
+ EncryptL(aMsg.iBuf, lastMsg, tmp_IV, iSKEYID_e, iChosenProposal_I.iAttrList->iEncrAlg);
+ iTransactionNeg->SetIV(hdr->GetMessageId(), tmp_IV);
+ }
+ else
+ {
+ if (iLastIV.Length() != 0)
+ tmp_IV.Copy(iLastIV);
+ else //iLastIV not yet computed so current iIV is used
+ tmp_IV.Copy(iIV);
+ ComputeIVL(tmp_IV, hdr->GetMessageId());
+ DEBUG_LOG(_L("Notif IV"));
+ EncryptL(aMsg.iBuf, lastMsg, tmp_IV, iSKEYID_e, iChosenProposal_I.iAttrList->iEncrAlg);
+ }
+
+ }
+ else //Normal exchange MAIN, AGGR or QUICK
+ {
+ DEBUG_LOG(_L("IV"));
+ EncryptL(aMsg.iBuf, lastMsg, iIV, iSKEYID_e, iChosenProposal_I.iAttrList->iEncrAlg);
+ DEBUG_LOG(_L("New IV (dec)"));
+ //Saves last iIV in Phase 1
+ if (((iStage==6) && (iExchange == ISAKMP_EXCHANGE_ID)) ||
+ ((iStage==3) && (iExchange == ISAKMP_EXCHANGE_AGGR)))
+ {
+ iLastIV.Copy(iIV);
+ DEBUG_LOG(_L("Last IV Saved!"));
+ }
+ }
+
+ DEBUG_LOG(_L("Sending ..."));
+ DEBUG_LOG1(_L("EncrLen = %d"), lastMsg.Length());
+ }
+ else
+ {
+ lastMsg.Copy(aMsg.iBuf);
+ }
+
+ hdr = (ThdrISAKMP *)lastMsg.Ptr();
+ hdr->SetLength(lastMsg.Length()); //Set the total length!!!
+
+ if (hdr->GetExchange() == ISAKMP_EXCHANGE_INFO)
+ {
+ SendAndSaveIkeMsgL(lastMsg, iLastRemoteAddr, FloatedPort); //No timers!
+ }
+ else //Normal msg.
+ {
+ iTimer->Cancel(); //Cancel previous timer because reply received & processed
+ DEBUG_LOG(_L("Timer Cancelled!"));
+ iRetryNum = 0;
+ SendAndSaveIkeMsgL(lastMsg, iLastRemoteAddr, FloatedPort);
+ iTimer->IssueRequest(MAX_RETRANS_TIMER * 1000000); // 1000000 = 1 second
+ }
+
+}
+
+
+void CIkev1Negotiation::ReSendL()
+{
+ //Will resend a packet in the interval (MAX_RETRANS_TIMER/2 , MAX_RETRANS_TIMER)
+ if ( iRetryNum < MAX_RETRANS_COUNT )
+ {
+ DEBUG_LOG2(_L("---------- Phase %d - Stage %d ----------"),iPhase, iStage - 1);
+ DEBUG_LOG1(_L("ReSending(%d)..."), iRetryNum);
+ TBool FloatedPort = EFalse;
+ if ( iNAT_D_Flags & (REMOTE_END_NAT + LOCAL_END_NAT) )
+ FloatedPort = ETrue;
+ TPtr8 lastMsg(iLastMsg->Des());
+ iPluginSession->SendIkeMsgL(lastMsg, iLastRemoteAddr, FloatedPort);
+ //next retransmission between MAX_RETRANS_TIMER/2 and MAX_RETRANS_TIMER seconds
+ TTime tmp_time;
+ TReal secs = 0;
+ tmp_time.UniversalTime();
+ TInt64 seed = tmp_time.Int64();
+ TInt rand = Math::Rand(seed);
+ TInt err = Math::Round(secs, rand / (KMaxTInt / MAX_RETRANS_TIMER/2), 0);
+ secs = Math::Round(secs, secs + MAX_RETRANS_TIMER/2, 0);
+ if ((!secs) || (err != KErrNone))
+ secs = MAX_RETRANS_TIMER/2;
+ iTimer->IssueRequest((TInt)secs * 1000000); // 1000000 = 1 second
+ iRetryNum++;
+ }
+ else
+ {
+ SendDeleteL(PROTO_ISAKMP);
+ if ( iPhase == PHASE_I )
+ {
+ DEBUG_LOG(_L("Max num retries reached!!!"));
+ }
+ else
+ {
+ DEBUG_LOG(_L("Quick mode failed, Max num retries reached!!!"));
+ }
+
+ if ( iPhase == PHASE_I &&
+ iPluginSession->FindIkev1SA() == NULL )
+ {
+ // Set error status in Phase 1, if there are no IKE SAs.
+ if ( GetNotifyStatus() )
+ SetErrorStatus(KKmdIkeNoProposalErr);
+ else SetErrorStatus(KKmdIkeNoResponseErr);
+ }
+
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_NO_RESP,
+ ErrorStatus(),
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+ iPluginSession->DeleteNegotiation( this );
+ }
+}
+
+void CIkev1Negotiation::SendDeleteL(TUint8 aProtocol, TUint32 aIpsecSPI)
+{
+ TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+
+ TBuf8<MAX_SPI_SIZE> SPI;
+
+ DEBUG_LOG(_L("Sending Delete payload..."));
+
+ //Creates a DUMMY negotiation with the info to send the packet
+ TUint8 tmp_exchange = iExchange;
+ iExchange=ISAKMP_EXCHANGE_INFO; //Set the exchange type as info
+
+ msg->IsakmpInit(this);
+
+ //HASH Payload only if payload protected with encyption
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ msg->IsakmpHashL();
+
+ if (aProtocol == PROTO_ISAKMP) //ISAKMP SPI are the cookies
+ {
+ SPI.Copy(iCookie_I);
+ SPI.Append(iCookie_R);
+ }
+ else //IPSECSPI
+ {
+ SPI.Copy((TUint8 *)&aIpsecSPI, sizeof(TUint32));
+ }
+ msg->IsakmpDelete(SPI, aProtocol);
+
+ if (iFlags & ISAKMP_HDR_EFLAG)
+ {
+ msg->IsakmpHashContL();
+ }
+ DEBUG_LOG(_L("Sending Delete Payload..."));
+ SendL(*msg);
+
+ iExchange = tmp_exchange;
+}
+
+void CIkev1Negotiation::CheckSendResponderLifetime(TIkev1IsakmpStream &aMsg)
+{
+ TInt count = iChosenProp_IIList->Count();
+ CProposal_II *prop;
+ TChosenAttrib_II *attr_II;
+ TSPINode inboundspi_node;
+ TInt j;
+ for (j = 0 ; j < count; j++) //Check all the chosen proposals (Probably one)
+ {
+ prop = iChosenProp_IIList->At(j);
+ inboundspi_node = iInboundSPIList->At(j);
+ attr_II = (TChosenAttrib_II *)prop->iAttrList->At(0); //only 1 transform is chosen no matter how many there are
+
+ if ((attr_II->iReducedLifeSecs.Length() != 0) || (attr_II->iReducedLifeKBytes.Length() != 0)) //Any lifetime to update
+ aMsg.IsakmpResponderLifetime(prop->iProtocol, inboundspi_node.iSPI, attr_II->iReducedLifeSecs, attr_II->iReducedLifeKBytes);
+
+ }
+}
+
+
+/**--------------------------------------------------------------------
+ *
+ * The following methods are used to implement the Dead Peer Detection
+ * protocol defined in <draft-ietf-ipsec-dpd-04.txt>
+ * When timeout expires the R-U-THERE notify message is transmitted
+ * if there has not been any activity during the last timeout
+ *
+ *--------------------------------------------------------------------*/
+void CIkev1Negotiation::DpdNotifyMessageReceivedL(TIkev1SAData* aSa, TUint16 aMsgType, TUint32 aSequence)
+{
+
+ if ( aMsgType == DPD_R_U_THERE )
+ {
+ //
+ // -- Assure that sequence number in notify data is what expected
+ // -- If ok, transmit a R-U-THERE-ACK
+ //
+ DEBUG_LOG(_L("DPD R-U-THERE Notify received"));
+ if ( (aSa->iExpectedDPDSequence == aSequence) || (aSa->iExpectedDPDSequence == 0) )
+ {
+ aSa->iExpectedDPDSequence = GetNextSequence(aSequence);
+ DEBUG_LOG(_L("Sending DPD R-U-THERE_ACK notify"));
+ SendDpdNotifyMessageL(DPD_R_U_THERE_ACK, aSequence);
+ iPluginSession->UpdateIkev1SAL(aSa->iSAId, EFalse, aSa);
+ }
+#ifdef _DEBUG
+ else DEBUG_LOG(_L("Wrong sequence number in DPD notify message"));
+#endif // _DEBUG
+ }
+ else if ( aMsgType == DPD_R_U_THERE_ACK )
+ {
+ //
+ // -- Assure that sequence number in notify data is corresponds
+ // current pending sequence
+ //
+ DEBUG_LOG(_L("DPD R-U-THERE-ACK Notify received"));
+ if ( aSa->iPendingDPDSequence == aSequence )
+ {
+ aSa->iPendingDPDSequence = 0;
+ aSa->iDPDRetry = 0;
+ iPluginSession->UpdateIkev1SAL(aSa->iSAId, EFalse, aSa);
+ }
+#ifdef _DEBUG
+ else DEBUG_LOG(_L("Wrong sequence number in DPD notify ack message"));
+#endif // _DEBUG
+ }
+}
+
+void CIkev1Negotiation::SendKeepAliveMsgL(TIkev1SAData* aSa)
+{
+ if ( aSa->iDPDRetry > KMaxDpdRetryCount )
+ {
+ //
+ // DPD Retry count exhausted, current IKE SA in interpreted to
+ // be closed
+ //
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+ R_VPN_MSG_VPN_GW_NO_RESP,
+ KKmdIkeNoResponseErr,
+ iPluginSession->VpnIapId(),
+ &iRemoteAddr );
+
+ iPluginSession->DeleteIpsecSAs(aSa->iSAId);
+ iPluginSession->UpdateIkev1SAL(aSa->iSAId, ETrue);
+ }
+ else
+ {
+ //
+ // Send DPD R-U-THERE notify message
+ //
+ if ( aSa->iPendingDPDSequence == 0 )
+ {
+ aSa->iPendingDPDSequence = aSa->iDPDSequence;
+ aSa->iDPDSequence = GetNextSequence(aSa->iDPDSequence);
+ }
+ else
+ {
+ aSa->iDPDRetry ++;
+ }
+ DEBUG_LOG(_L("Sending DPD R-U-THERE notify"));
+ SendDpdNotifyMessageL(DPD_R_U_THERE, aSa->iPendingDPDSequence);
+ }
+ SetFinished();
+}
+
+MKmdEventLoggerIf& CIkev1Negotiation::EventLogger()
+{
+ return iPluginSession->EventLogger();
+}
+
+void CIkev1Negotiation::IpsecSaSpiRetrieved(TUint32 aSpiRequestId,
+ TInt aStatus,
+ TUint32 aSpi)
+{
+ DEBUG_LOG3(_L("IPsec SA SPI retrieved, seq=%d, SPI=%d, status=%d"),
+ aSpiRequestId, aSpi, aStatus);
+ if ( aStatus == KErrNone )
+ {
+ TRAP( aStatus, ReceiveSPIL( aSpi, aSpiRequestId ) );
+ }
+ else
+ {
+ iPluginSession->HandleError( aStatus );
+ }
+}
+
+TBool CIkev1Negotiation::IsRekeyingIkeSa()
+{
+ return ( iSARekeyInfo != NULL );
+}
+
+void CIkev1Negotiation::PreparePhase2L(const TPfkeyMessage &aReq)
+{
+ DEBUG_LOG(_L("Prepare for Phase II"));
+ GetAcquireDataL(aReq);
+ iPhaseIIAfterIkeSaRekey = ETrue;
+}
+
+TUint32 CIkev1Negotiation::GetNextSequence(TUint32 aSequence)
+{
+ aSequence ++;
+ if ( aSequence == 0 )
+ aSequence = 1;
+ return aSequence;
+}
+
+void CIkev1Negotiation::SendDpdNotifyMessageL(TUint16 aMsgType, TUint32 aSequence)
+{
+ iExchange = ISAKMP_EXCHANGE_INFO;
+ iMessageId = RandomMessageId();
+ TIkev1IsakmpStream* Msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+ Msg->IsakmpInit(this);
+ Msg->IsakmpHashL();
+ TUint32 NotifData = ByteOrder::Swap32(aSequence);
+ Msg->IsakmpNotification(aMsgType, PROTO_ISAKMP, (TUint8*)&NotifData, sizeof(NotifData));
+ Msg->IsakmpHashContL();
+ SendL(*Msg);
+}
+
+TInt CIkev1Negotiation::ErrorStatus()
+{
+ TInt ret( KErrNone );
+ if ( iPluginSession )
+ {
+ ret = iPluginSession->ErrorStatus();
+ }
+ return ret;
+}
+
+void CIkev1Negotiation::SetErrorStatus(TInt aStatus)
+{
+ SetFinished();
+ iPluginSession->SetErrorStatus(aStatus);
+}
+
+void CIkev1Negotiation::SendAndSaveIkeMsgL( const TDesC8& aIkeMsg,
+ TInetAddr& aDestAddr,
+ TBool aUseNatPort )
+{
+ iPluginSession->SendIkeMsgL( aIkeMsg, aDestAddr, aUseNatPort );
+ SaveLastMsgL();
+}
+
+
+TBool CIkev1Negotiation::IsRetransmit(TLastIKEMsg& aRef)
+{
+ TBool isRetransmit(EFalse);
+ if (iLastIKEMsgInfo.IsUninitialized())
+ {
+ TIkev1SAData* ikev1SAData = iPluginSession->FindIkev1SAData(iSAId);
+ if (ikev1SAData && ikev1SAData->iLastIKEMsgInfo.IsReTransmit(aRef))
+ {
+ isRetransmit = ETrue;
+ }
+ }
+ else
+ {
+ isRetransmit = iLastIKEMsgInfo.IsReTransmit(aRef);
+ }
+ return isRetransmit;
+}
+
+void CIkev1Negotiation::SaveRetransmitInfo(TLastIKEMsg& aRef)
+{
+ aRef.Store(iLastIKEMsgInfo);
+ TIkev1SAData* ikev1SAData = iPluginSession->FindIkev1SAData(iSAId);
+ if (ikev1SAData != NULL)
+ {
+ aRef.Store(ikev1SAData->iLastIKEMsgInfo);
+ }
+}
+
+void CIkev1Negotiation::SaveLastMsgL()
+{
+ if ( iLastMsg != NULL )
+ {
+ TIkev1SAData* ikev1SAData = iPluginSession->FindIkev1SAData(iSAId);
+ if ( ikev1SAData != NULL )
+ {
+ delete ikev1SAData->iLastMsg;
+ ikev1SAData->iLastMsg = iLastMsg->AllocL();
+ }
+ }
+}
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1nokianattkeepalive.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,96 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Keepalive object for Nokia IPsec over NAT
+*
+*/
+
+
+
+#include "ikedebug.h"
+#include "ikev1pluginsession.h"
+#include <commdbconnpref.h> // TCommDbConnPref
+#include "ikev1nokianattkeepalive.h" // CIkev1NokiaNattKeepAlive
+
+_LIT8(KMsgContent, "\xff");
+
+CIkev1NokiaNattKeepAlive* CIkev1NokiaNattKeepAlive::NewL( CIkev1PluginSession& aPluginSession,
+ TInetAddr& aDestAddr,
+ TUint16 aPort,
+ TUint aInterval,
+ MIkeDebug& aDebug )
+ {
+ CIkev1NokiaNattKeepAlive *self = new (ELeave) CIkev1NokiaNattKeepAlive( aPluginSession,
+ aDestAddr,
+ aPort,
+ aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL(aInterval);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CIkev1NokiaNattKeepAlive::~CIkev1NokiaNattKeepAlive()
+ {
+ if (iTimer)
+ {
+ iTimer->Cancel();
+ delete iTimer;
+ iTimer = NULL;
+ }
+
+ }
+
+CIkev1NokiaNattKeepAlive::CIkev1NokiaNattKeepAlive( CIkev1PluginSession& aPluginSession,
+ TInetAddr& aDestAddr,
+ TUint16 aPort,
+ MIkeDebug& aDebug )
+: iPluginSession(aPluginSession),
+ iDestAddr(aDestAddr),
+ iPort(aPort),
+ iMsg(KMsgContent),
+ iDebug(aDebug)
+ {
+ iDestAddr.SetPort(iPort);
+ }
+
+
+void CIkev1NokiaNattKeepAlive::ConstructL(TUint aInterval)
+ {
+ /*
+ * Set up periodic timer
+ */
+
+ // Interval and initial delay
+ TTimeIntervalMicroSeconds32 interval(aInterval * 1000000);
+
+ iTimer = CPeriodic::NewL(CActive::EPriorityStandard);
+ iTimer->Start(interval, interval,
+ TCallBack(CIkev1NokiaNattKeepAlive::PeriodicCallback, this));
+ DEBUG_LOG(_L("CIkev1NokiaNattKeepAlive::ConstructL(aInterval) Constructed"));
+ }
+
+void CIkev1NokiaNattKeepAlive::Send()
+ {
+ TRAPD( err, iPluginSession.SendNokiaNatKeepAliveL( iDestAddr, iMsg, 0 ) );
+ err = err;
+ DEBUG_LOG1(_L("CIkev1NokiaNattKeepAlive::Send() Request sending of keepalive packet, err=%d"), err);
+ }
+
+TInt CIkev1NokiaNattKeepAlive::PeriodicCallback(TAny *aPtr)
+ {
+ CIkev1NokiaNattKeepAlive *self = static_cast<CIkev1NokiaNattKeepAlive*>(aPtr);
+ self->Send();
+ return KErrNone;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1payload.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,213 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CIkev1payload class
+*
+*/
+
+#include "ikev1payload.h"
+#include "ikev1negotiation.h"
+#include "ikedebug.h"
+
+//
+// CIkePayloads
+//
+
+CIkev1Payloads::CIkev1Payloads( CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug )
+ : iNegotiation( aNegotiation ),
+ iDebug( aDebug )
+{
+}
+
+
+CIkev1Payloads::~CIkev1Payloads()
+{
+ delete iIds;
+ delete iCerts;
+ delete iCertReqs;
+ delete iNotifs;
+ delete iDeletes;
+ delete iVids;
+ delete iNatDs;
+ delete iGenPlds;
+}
+
+
+CIkev1Payloads* CIkev1Payloads::NewL( const ThdrISAKMP& aHdr,
+ CIkev1Negotiation& aNegotiation,
+ MIkeDebug& aDebug )
+{
+ CIkev1Payloads* Payloads = new (ELeave) CIkev1Payloads( aNegotiation,
+ aDebug );
+ CleanupStack::PushL(Payloads);
+
+ Payloads->iIds = new (ELeave) CArrayFixFlat<const TIdentISAKMP *>(4);
+ Payloads->iCerts = new (ELeave) CArrayFixFlat<const TCertificateISAKMP *>(4);
+ Payloads->iCertReqs = new (ELeave) CArrayFixFlat<const TCertificateReqISAKMP *>(4);
+ Payloads->iNotifs = new (ELeave) CArrayFixFlat<const TNotificationISAKMP *>(4);
+ Payloads->iDeletes = new (ELeave) CArrayFixFlat<const TDeleteISAKMP *>(4);
+ Payloads->iVids = new (ELeave) CArrayFixFlat<const TVendorISAKMP *>(4);
+ Payloads->iNatDs = new (ELeave) CArrayFixFlat<const TNATDISAKMP *>(4);
+ Payloads->iGenPlds = new (ELeave) CArrayFixFlat<const TPayloadISAKMP *>(4);
+
+ if ( !Payloads->ParsePayloadsL(aHdr) )
+ {
+ CleanupStack::PopAndDestroy();
+ Payloads = NULL;
+ }
+ else CleanupStack::Pop();
+
+ return Payloads;
+}
+
+TBool CIkev1Payloads::ParsePayloadsL(const ThdrISAKMP &aHdr)
+{
+
+ TBool Status = ETrue;
+ TUint16 ptype = aHdr.GetPayload();
+ const TPayloadISAKMP* payload = (const TPayloadISAKMP*)aHdr.Next();
+ iPadding = aHdr.GetLength() - sizeof(aHdr);
+
+ while ( ptype != ISAKMP_PAYLOAD_NONE )
+ {
+
+ if (!iNegotiation.CheckGenericPayloadL(payload)) //Checks the generic payload is OK
+ {
+ Status = EFalse;
+ break;
+ }
+
+ switch (ptype)
+ {
+
+ case ISAKMP_PAYLOAD_SA: //also includes proposal and transform
+ DEBUG_LOG(_L("[SA]"));
+ if ( !iSa ) // Only one SA payload (The first)
+ iSa = TSAISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_KE:
+ DEBUG_LOG(_L("[KE]"));
+ if ( !iKe ) // Only one KE payload (The first)
+ iKe = TKeyISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_ID:
+ DEBUG_LOG(_L("[ID]"));
+ iIds->AppendL(TIdentISAKMP::Ptr(payload));
+ break;
+
+ case ISAKMP_PAYLOAD_CERT:
+ DEBUG_LOG(_L("[CERT]"));
+ iCerts->AppendL(TCertificateISAKMP::Ptr(payload));
+ break;
+
+ case ISAKMP_PAYLOAD_CR:
+ DEBUG_LOG(_L("[CR]"));
+ iCertReqs->AppendL(TCertificateReqISAKMP::Ptr(payload));
+ break;
+
+ case ISAKMP_PAYLOAD_HASH:
+ DEBUG_LOG(_L("[HASH]"));
+ if ( !iHash ) // Only one HASH payload (The first)
+ iHash = THashISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_SIG:
+ DEBUG_LOG(_L("[SIG]"));
+ if ( !iSign ) // Only one HASH payload (The first)
+ iSign = TSignatureISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_NONCE:
+ DEBUG_LOG(_L("[NONCE]"));
+ if ( !iNonce ) // Only one NONCE payload (The first)
+ iNonce = TNonceISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_NOTIF:
+ DEBUG_LOG(_L("[NOTIF]"));
+ iNotifs->AppendL(TNotificationISAKMP::Ptr(payload));
+ break;
+
+ case ISAKMP_PAYLOAD_D:
+ DEBUG_LOG(_L("[DELETE]"));
+ iDeletes->AppendL(TDeleteISAKMP::Ptr(payload));
+ break;
+
+ case ISAKMP_PAYLOAD_VID:
+ DEBUG_LOG(_L("[VID]"));
+ iVids->AppendL(TVendorISAKMP::Ptr(payload));
+ break;
+
+ //
+ // Extensions payloads
+ //
+ case ISAKMP_PAYLOAD_ATTRIBUTES:
+ DEBUG_LOG(_L("[ATTR]"));
+ if ( !iAttr ) // Only one ATTR payload (The first)
+ iAttr = TAttributeISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_PAYLOAD_CHRE:
+ DEBUG_LOG(_L("[CHRE]"));
+ if ( !iChre ) // Only one CHRE payload (The first)
+ iChre = TCHREISAKMP::Ptr(payload);
+ break;
+
+ case ISAKMP_INT_NETWORK:
+ DEBUG_LOG(_L("[IA]"));
+ if ( !iIaddr ) // Only one IA payload (The first)
+ iIaddr = TINTNETISAKMP::Ptr(payload);
+ break;
+
+ case IETF_NAT_DISCOVERY:
+ DEBUG_LOG(_L("[NAT-D]"));
+ iNatDs->AppendL(TNATDISAKMP::Ptr(payload));
+ break;
+
+ case IETF_RFC_NAT_DISCOVERY:
+ DEBUG_LOG(_L("[NAT-D]"));
+ iNatDs->AppendL(TNATDISAKMP::Ptr(payload));
+ break;
+
+ case IETF_NAT_ORIG_ADDR:
+ DEBUG_LOG(_L("[NAT-OA]"));
+ if ( !iNatOa ) // Only one NONCE payload (The first)
+ iNatOa = TNATOaISAKMP::Ptr(payload);
+ break;
+
+ case IETF_RFC_NAT_ORIG_ADDR:
+ DEBUG_LOG(_L("[NAT-OA]"));
+ if ( !iNatOa ) // Only one NONCE payload (The first)
+ iNatOa = TNATOaISAKMP::Ptr(payload);
+ break;
+ //
+ // Unknown payloads are queued into iGenPlds array
+ //
+ default:
+ DEBUG_LOG1(_L("[PL TYPE (%d)]"),ptype);
+ iGenPlds->AppendL(payload);
+ break;
+
+ }
+
+ iPadding -= payload->GetLength();
+ ptype = payload->GetPayload();
+ payload = payload->Next();
+ }
+
+ return Status;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1plugin.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,240 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 protocol plugin
+*
+*/
+
+#include "ikedebug.h"
+#include "ikeplugindefs.h"
+#include "ikev1pluginsession.h"
+#include "ikev1SAdata.h"
+#include "ipsecpolicyutil.h"
+#include "pfkeysocketif.h"
+
+// CLASS HEADER
+#include "ikev1plugin.h"
+
+// ======== GLOBAL FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Creates IKEv1 plugin instance.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C MIkePluginIf* Ikev1PlugInL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CIkev1Plugin* plugin = CIkev1Plugin::NewL( aEventLogger, aDebug );
+ return plugin;
+ }
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Plugin* CIkev1Plugin::NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CIkev1Plugin* self = new ( ELeave ) CIkev1Plugin( aEventLogger, aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Plugin::~CIkev1Plugin()
+ {
+ __ASSERT_DEBUG( iPluginSessions.Count() == 0,
+ User::Invariant() );
+ iPluginSessions.Close();
+ delete iPFKeySocket;
+ delete iIpsecPolicyUtil;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Plugin::CIkev1Plugin( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ : iEventLogger( aEventLogger ),
+ iDebug( aDebug )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Plugin::ConstructL()
+ {
+ iPFKeySocket = CPFKeySocketIf::NewL( this,
+ iDebug );
+
+ iIpsecPolicyUtil = CIpsecPolicyUtil::NewL();
+ }
+
+// ---------------------------------------------------------------------------
+// Removes IKE plugin session from array.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Plugin::IkePluginSessionDeleted( CIkev1PluginSession* aPluginSession )
+ {
+ for ( TInt i=0; i<iPluginSessions.Count(); i++ )
+ {
+ if ( iPluginSessions[i] == aPluginSession )
+ {
+ iPluginSessions.Remove( i );
+ break;
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Gets acceptable IPsec policies for specified selectors.
+// ---------------------------------------------------------------------------
+//
+CIpsecSaSpecList* CIkev1Plugin::GetIpseSaSpecListLC( const TInetAddr& aLocalAddr, const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr, const TInetAddr& aRemoteMask,
+ TInt aProtocol, TUint32 aVpnNetId )
+ {
+ return iIpsecPolicyUtil->GetIpseSaSpecListLC( aLocalAddr, aLocalMask,
+ aRemoteAddr, aRemoteMask,
+ aProtocol, aVpnNetId );
+ }
+
+// Methods to build and send PFKEY API primitives to IPsec
+
+void CIkev1Plugin::AcquireSAError( TIpsecSAData& aSAData,
+ TInt aError )
+ {
+ iPFKeySocket->AcquireSAError( aSAData, aError );
+ }
+
+void CIkev1Plugin::UpdateSAL( TIpsecSAData& aSaData )
+ {
+ iPFKeySocket->UpdateSAL( aSaData );
+ }
+
+void CIkev1Plugin::AddSAL( TIpsecSAData& aSaData )
+ {
+ iPFKeySocket->AddSAL( aSaData );
+ }
+
+void CIkev1Plugin::DeleteIpsecSA( TIpsecSPI& aIpsecSpi )
+ {
+ iPFKeySocket->DeleteSA( aIpsecSpi.iSPI,
+ aIpsecSpi.iSrcAddr,
+ aIpsecSpi.iDstAddr,
+ aIpsecSpi.iProtocol );
+ }
+
+void CIkev1Plugin::DeleteIpsecSA( TUint32 aSPI,
+ TInetAddr& aSrc,
+ TInetAddr& aDst,
+ TUint8 aProtocol )
+ {
+ iPFKeySocket->DeleteSA( aSPI, aSrc, aDst, aProtocol );
+ }
+
+// ---------------------------------------------------------------------------
+// Creates IKEv1 plugin session.
+// ---------------------------------------------------------------------------
+//
+MIkePluginSessionIf* CIkev1Plugin::CreateSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface )
+ {
+ CIkev1PluginSession* pluginSession = CIkev1PluginSession::NewL( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ aDataInterface,
+ *this,
+ *iPFKeySocket,
+ iDebug );
+ TInt err = iPluginSessions.Append( pluginSession );
+
+ if ( err != KErrNone )
+ {
+ delete pluginSession;
+ pluginSession = NULL;
+ User::Leave( err );
+ }
+
+ return pluginSession;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles PFKEY message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Plugin::PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage )
+ {
+ switch ( aPfkeyMessage.iBase.iMsg->sadb_msg_type )
+ {
+ case SADB_ACQUIRE:
+ {
+ for ( TInt i=0; i< iPluginSessions.Count(); i++ )
+ {
+ if ( iPluginSessions[i]->MatchDestinationAddress( aPfkeyMessage.iDstAddr.Address() ) )
+ {
+ iPluginSessions[i]->PfkeyMessageReceived( aPfkeyMessage );
+ break;
+ }
+ }
+ break;
+ }
+
+ case SADB_EXPIRE:
+ {
+ for ( TInt i=0; i< iPluginSessions.Count(); i++ )
+ {
+ if ( iPluginSessions[i]->MatchDestinationAddress( aPfkeyMessage.iSrcAddr.Address() ) )
+ {
+ iPluginSessions[i]->PfkeyMessageReceived( aPfkeyMessage );
+ break;
+ }
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ }
+
+
+// ---------------------------------------------------------------------------
+// Returns UID.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkev1Plugin::Uid()
+ {
+ return KIkeV1PluginUid3.iUid;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns event logger interface.
+// ---------------------------------------------------------------------------
+//
+MKmdEventLoggerIf& CIkev1Plugin::EventLogger()
+ {
+ return iEventLogger;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1pluginsession.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1924 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 plugin session
+*
+*/
+
+
+#include <random.h>
+#include <vpnlogmessages.rsg>
+#include "ikev1plugin.h"
+#include "ikedebug.h"
+#include "ikev1negotiation.h"
+#include "ikev1isakmpstream.h"
+#include "pfkeymsg.h"
+#include "ikepolparser.h"
+#include "kmdapi.h"
+#include "ikev1crack.h"
+#include "ikev1infonegotiation.h"
+#include "ikev1SA.h"
+#include "ikev1sender.h"
+#include "ikesocketdefs.h"
+#include "ikedatainterface.h"
+#include "vpnaddrinfo.h"
+#include "ipsecsaspiretriever.h"
+
+// CLASS HEADER
+#include "ikev1pluginsession.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1PluginSession* CIkev1PluginSession::NewL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev1Plugin& aPlugin,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug )
+ {
+ CIkev1PluginSession* self = new ( ELeave ) CIkev1PluginSession( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ aDataInterface,
+ aPlugin,
+ aPFKeySocketIf,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1PluginSession::~CIkev1PluginSession()
+ {
+ // Cancel client's requests.
+ DoCompleteNegotiateWithHost( KErrCancel );
+ DoCompleteDeleteSession( KErrCancel );
+ DoCompleteNotifyError( KErrCancel );
+ DoCompleteInternalAddressChanged( KErrCancel );
+
+ if ( iDialogWaitQueue )
+ {
+ CIkev1Dialog::PurgeDialogQueue( iDialogWaitQueue );
+ }
+
+ CIkev1Negotiation* negotiation;
+ while ( iFirstNegotiation )
+ {
+ negotiation = iFirstNegotiation;
+ delete negotiation; // destructor removes object from queue, too
+ }
+
+ DoEmptySendQueue();
+ iSendQueue.Close();
+
+ while ( iIkev1SAs.Count() )
+ {
+ CIkev1SA* ikev1SA = iIkev1SAs[0];
+ iIkev1SAs.Remove(0);
+ delete ikev1SA;
+ }
+ iIkev1SAs.Close();
+
+ delete iReceiver;
+ delete iSender;
+ delete iIkeData;
+ delete iInternalAddress;
+
+ iPlugin.IkePluginSessionDeleted( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1PluginSession::CIkev1PluginSession( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev1Plugin& aPlugin,
+ CPFKeySocketIf& aPFKeySocketIf,
+ MIkeDebug& aDebug )
+: iVpnIapId( aVpnIapId ),
+ iVpnNetId( aVpnNetId ),
+ iVpnInterfaceIndex( aVpnInterfaceIndex ),
+ iDataInterface( aDataInterface ),
+ iPlugin( aPlugin ),
+ iPFKeySocketIf( aPFKeySocketIf ),
+ iDebug( aDebug )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::ConstructL()
+ {
+ TPtr8 ptr( (TUint8*)&iSAIdSeed, sizeof(iSAIdSeed) );
+ ptr.SetLength( sizeof(iSAIdSeed) );
+ TRandom::RandomL( ptr );
+ iSAIdSeed &= 0x7fffffff; // Reset the most significant bit
+
+ iReceiver = CIkev1Receiver::NewL( iDataInterface,
+ *this );
+ iSender = CIkev1Sender::NewL( iDataInterface,
+ *this,
+ iDebug );
+
+ DEBUG_LOG1( _L("CIkev1PluginSession::ConstructL, SAId seed: %d"),
+ iSAIdSeed );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles IKE SA deletion request.
+// ---------------------------------------------------------------------------
+//
+TBool CIkev1PluginSession::DeleteIkeSA( TIkev1SAData* aIkev1SaData,
+ TBool aSilentClose )
+ {
+ //
+ // An IKE SA delete request received
+ // Check first does there exists an ongoing negotiation on this IKE
+ // SA deleted and delete this block.
+ // Allocate a new negotiation with TIkev1SAData and initiate IKE SA
+ // deletion request
+ //
+ DEBUG_LOG1( _L("Deleting IKEv1 SA SAID = %d"),
+ aIkev1SaData->iSAId );
+
+ CIkev1Negotiation* negotiation = FindNegotiation( aIkev1SaData->iSAId );
+ while ( negotiation )
+ {
+ delete negotiation; // destructor removes object from queue, too
+ negotiation = FindNegotiation( aIkev1SaData->iSAId );
+ }
+
+ TBool started( EFalse );
+
+ if ( !aSilentClose )
+ {
+ DeleteIpsecSAs( aIkev1SaData->iSAId );
+
+ TRAPD( err,
+ {
+ // Trap the SendDeleteL -- it can fail, but the failure won't be fatal
+ // (delete payload just won't be sent)
+ negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ aIkev1SaData,
+ RESPONDER ); // Nevermind INITIATOR or RESPONDER
+ negotiation->SendDeleteL( PROTO_ISAKMP );
+ } );
+
+ delete negotiation;
+ negotiation = NULL;
+
+ if ( err == KErrNone )
+ {
+ // DELETE payload sent succesfully.
+ DEBUG_LOG( _L("CIkev1PluginSession::DeleteIkeSAL() IKEv1 delete send OK") );
+ started = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG1( _L("CIkev1PluginSession::DeleteIkeSAL() IKEv1 delete send failed, err=%d"), err );
+ }
+ }
+#ifdef _DEBUG
+ else
+ {
+ DEBUG_LOG( _L("Forced close, no delete payload(s) sent"));
+ }
+#endif
+ ExpireIkev1SA( aIkev1SaData->iSAId ); // Set expired to delete IKE SA
+
+ if ( FindIkev1SA() == NULL &&
+ FirstNegotiation() == NULL )
+ {
+ // Set error status, when expired IKE SA was the only IKE SA and there
+ // is no ongoing negotiation.
+ iErrorStatus = KKmdIkeNegotFailed;
+ }
+
+ return started;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles IKE SA rekeying request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::RekeyIkeSAL( TIkev1SAData* aIkev1SaData,
+ CSARekeyInfo* aSaRekeyInfo )
+ {
+ CIkev1Negotiation* negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ aIkev1SaData->iRemoteAddr,
+ EFalse );
+ CleanupStack::PushL( negotiation );
+ negotiation->SetRekeyInfo( aSaRekeyInfo );
+ negotiation->InitNegotiationL();
+ if ( negotiation->Finished() )
+ {
+ CleanupStack::PopAndDestroy( negotiation );
+ }
+ else
+ {
+ CleanupStack::Pop( negotiation );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles IKE SA keepalive request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::KeepAliveIkeSAL( TIkev1SAData* aIkev1SaData )
+ {
+ CIkev1Negotiation* negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ aIkev1SaData,
+ RESPONDER );
+ CleanupStack::PushL( negotiation );
+ negotiation->SendKeepAliveMsgL( aIkev1SaData );
+ if ( negotiation->Finished() )
+ {
+ CleanupStack::PopAndDestroy( negotiation );
+ }
+ else
+ {
+ CleanupStack::Pop( negotiation );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Creates IKE SA.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::CreateIkev1SAL( TIkev1SAData& aIkev1SaData,
+ CSARekeyInfo* aSaRekey )
+ {
+ CIkev1SA* ikev1SA = CIkev1SA::NewL( *this,
+ aIkev1SaData,
+ aSaRekey,
+ iDebug );
+
+ if ( !aIkev1SaData.iInitiator )
+ {
+ // Move SPI list from previous IKE SA to new IKE SA
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* previousSA = iIkev1SAs[i];
+ if ( previousSA->iSPIList != NULL )
+ {
+ DEBUG_LOG(_L("Move SPI list to new IKE SA"));
+ delete ikev1SA->iSPIList;
+ ikev1SA->iSPIList = previousSA->iSPIList;
+ previousSA->iSPIList = new (ELeave) CIpsecSPIList(1); // Dummy;
+ break;
+ }
+ }
+ }
+
+ // Cancel IKE SA rekeying from other IKE SAs.
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* cancelSA = iIkev1SAs[i];
+ cancelSA->CancelRekey();
+ }
+
+ CleanupStack::PushL( ikev1SA );
+ iIkev1SAs.AppendL( ikev1SA );
+ CleanupStack::Pop( ikev1SA );
+ }
+
+// ---------------------------------------------------------------------------
+// Updates IKE SA.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::UpdateIkev1SAL( TUint32 aSaId,
+ TBool aExpired,
+ TIkev1SAData* aIkev1SaData )
+ {
+ if ( !aExpired )
+ {
+ CIkev1SA* Ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( Ikev1SA )
+ {
+ Ikev1SA->UpdateSAL( aExpired, aIkev1SaData );
+ }
+ }
+ else
+ {
+ ExpireIkev1SA( aSaId );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Expires IKE SA.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::ExpireIkev1SA( TUint32 aSaId )
+ {
+ CIkev1SA* ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( ikev1SA )
+ {
+ ikev1SA->ExpireSA();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Removes IKE SA.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::RemoveIkeSA( CIkev1SA* aIkev1Sa,
+ TInt aStatus )
+ {
+ TInt dpdRetryCount( 0 );
+
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( aIkev1Sa == sa )
+ {
+ // Remove IKE SA from array.
+ dpdRetryCount = sa->iHdr.iDPDRetry;
+ iIkev1SAs.Remove(i);
+ delete sa;
+ break;
+ }
+ }
+
+ if ( (iErrorStatus == KErrNone) &&
+ (dpdRetryCount > KMaxDpdRetryCount) &&
+ (FindIkev1SA() == NULL) )
+ {
+ // If DPD retry count was reached for only IKE SA, set error status.
+ iErrorStatus = KKmdIkeNoResponseErr;
+ }
+
+ // If session deletion has been requested, complete session deletion
+ // request.
+ DoCompleteDeleteSession( aStatus );
+
+ // If fatal error has occured, complete error notification.
+ if ( iErrorStatus != KErrNone )
+ {
+ DoHandleError( iErrorStatus );
+ }
+ }
+
+// IKE SA find methods.
+
+CIkev1SA* CIkev1PluginSession::FindIkev1SA()
+ {
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( (!sa->IsExpired()) )
+ {
+ return sa;
+ }
+ }
+ return NULL;
+ }
+
+CIkev1SA* CIkev1PluginSession::FindIkev1SA( const TCookie& aCookie_I,
+ const TCookie& aCookie_R )
+ {
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( (sa->iHdr.iCookie_I == aCookie_I) &&
+ (sa->iHdr.iCookie_R == aCookie_R) &&
+ (!sa->IsExpired()) )
+ {
+ return sa;
+ }
+ }
+ return NULL;
+ }
+
+CIkev1SA* CIkev1PluginSession::FindIkev1SAWithId( TUint32 aSaId )
+ {
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( (sa->iHdr.iSAId == aSaId) &&
+ (!sa->IsExpired()) )
+ {
+ return sa;
+ }
+ }
+ return NULL;
+ }
+
+CIkev1SA* CIkev1PluginSession::FindIkev1SA( const TInetAddr& aAddr )
+ {
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( sa->iHdr.iRemoteAddr.Match(aAddr) &&
+ (!sa->IsExpired()) )
+ {
+ return sa;
+ }
+ }
+ return NULL;
+ }
+
+CIkev1SA* CIkev1PluginSession::FindIkev1SA( const TInetAddr& aAddr,
+ TUint32 aInboundSpi )
+ {
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( sa->iHdr.iRemoteAddr.Match(aAddr) &&
+ (!sa->IsExpired()) )
+ {
+ if ( sa->FindIpsecSPI(aInboundSpi, ETrue) )
+ {
+ return sa;
+ }
+ }
+ }
+ return NULL;
+ }
+
+TIkev1SAData* CIkev1PluginSession::FindIkev1SAData()
+ {
+ TIkev1SAData* saData = NULL;
+ CIkev1SA* ikev1SA = FindIkev1SA();
+ if ( ikev1SA )
+ {
+ saData = (TIkev1SAData*)&ikev1SA->iHdr;
+ }
+ return saData;
+ }
+
+TIkev1SAData* CIkev1PluginSession::FindIkev1SAData( const TCookie& aCookie_I,
+ const TCookie& aCookie_R )
+ {
+ TIkev1SAData* saData = NULL;
+ CIkev1SA* ikev1SA = FindIkev1SA( aCookie_I, aCookie_R );
+ if ( ikev1SA )
+ {
+ saData = (TIkev1SAData*)&ikev1SA->iHdr;
+ }
+ return saData;
+ }
+
+TIkev1SAData* CIkev1PluginSession::FindIkev1SAData( TUint32 aSaId )
+ {
+ TIkev1SAData* saData = NULL;
+ CIkev1SA* ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( ikev1SA )
+ {
+ saData = (TIkev1SAData*)&ikev1SA->iHdr;
+ }
+ return saData;
+ }
+
+TIkev1SAData* CIkev1PluginSession::FindIkev1SAData( const TInetAddr& aAddr,
+ TUint32 aInboundSpi )
+ {
+ TIkev1SAData* saData = NULL;
+ CIkev1SA* ikev1SA = FindIkev1SA( aAddr, aInboundSpi );
+ if ( ikev1SA )
+ {
+ saData = (TIkev1SAData*)&ikev1SA->iHdr;
+ }
+ return saData;
+ }
+
+TIkev1SAData* CIkev1PluginSession::FindIkev1SADataWithAddr( const TInetAddr& aAddr )
+ {
+ TIkev1SAData* saData = NULL;
+ CIkev1SA* ikev1SA = FindIkev1SA( aAddr );
+ if ( ikev1SA )
+ {
+ saData = (TIkev1SAData*)&ikev1SA->iHdr;
+ }
+ return saData;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles IPsec SA deletion request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DeleteIpsecSAL( TIkev1SAData* aIkev1SaData,
+ TIpsecSPI* aIpsecSpi )
+ {
+ //
+ // Send a delete payload for specified IPSec SA
+ //
+ CIkev1Negotiation* negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ aIkev1SaData,
+ RESPONDER );
+ CleanupStack::PushL( negotiation );
+ negotiation->SendDeleteL( aIpsecSpi->iProtocol,
+ aIpsecSpi->iSPI );
+ CleanupStack::PopAndDestroy( negotiation );
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes IPsec SAs.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DeleteIpsecSAs( TUint32 aSaId )
+ {
+ CIkev1SA* ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( ikev1SA )
+ {
+ ikev1SA->DeleteIpsecSAs();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes IPsec SPI.
+// ---------------------------------------------------------------------------
+//
+TBool CIkev1PluginSession::DeleteIpsecSpi( TUint32 aSaId,
+ TUint32 aSpi,
+ TBool aInbound )
+ {
+ TBool status = EFalse;
+ CIkev1SA* ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( ikev1SA )
+ {
+ status = ikev1SA->DeleteIpsecSPI( aSpi, aInbound );
+ }
+ return status;
+ }
+
+// ---------------------------------------------------------------------------
+// Adds IPsec SPI to IKE SA.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::AddIpsecSPIToSAL( TUint32 aSaId,
+ TIpsecSPI& aIpsecSpi )
+ {
+ CIkev1SA* ikev1SA = FindIkev1SAWithId( aSaId );
+ if ( ikev1SA )
+ {
+ ikev1SA->AddIpsecSPIL( aIpsecSpi );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Returns dialog anchor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Dialog** CIkev1PluginSession::DialogAnchor()
+ {
+ return &iDialogWaitQueue;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns debug trace interface.
+// ---------------------------------------------------------------------------
+//
+MIkeDebug& CIkev1PluginSession::Debug()
+ {
+ return iDebug;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets SA id.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkev1PluginSession::GetSAId()
+ {
+ iSAIdSeed++;
+ return iSAIdSeed;
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes ISAKMP SAs.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DeleteISAKMPSAsL( TDeleteISAKMP* aDeletePayload,
+ const CIkev1Negotiation& aInfoNegotiation )
+ {
+ TCookie cookie_I, cookie_R;
+
+ // It should always be only one.
+ for ( TInt i=0; i < aDeletePayload->NumSPI(); i++ )
+ {
+ if ( aDeletePayload->SPISize() < 2 * ISAKMP_COOKIE_SIZE ) //The ISAKMPSA SPI is the union of both cookies
+ {
+ DEBUG_LOG( _L("Bad SPI Size for a ISAKMP SA. (SA Not deleted)") );
+ return;
+ }
+ cookie_I.Copy( aDeletePayload->SPI(i), ISAKMP_COOKIE_SIZE );
+ cookie_R.Copy( aDeletePayload->SPI(i) + ISAKMP_COOKIE_SIZE,
+ ISAKMP_COOKIE_SIZE);
+
+ CIkev1Negotiation* neg = iFirstNegotiation;
+ while ( neg )
+ {
+ CIkev1Negotiation* current = neg;
+ neg = neg->iNext;
+
+ // Delete any active negotiations with the same cookies.
+ // Currently used negotiation is not deleted.
+ if ( ( current != &aInfoNegotiation ) &&
+ ( current->iCookie_I == cookie_I ) &&
+ ( current->iCookie_R == cookie_R ) )
+ {
+ DEBUG_LOG( _L("Active negotiation deleted.") );
+ delete current;
+ current = NULL;
+ }
+ }
+
+ // Expire IKE SA.
+ TIkev1SAData* sa = FindIkev1SAData( cookie_I, cookie_R );
+ if ( sa )
+ {
+ UpdateIkev1SAL( sa->iSAId, ETrue );
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local IP address.
+// ---------------------------------------------------------------------------
+//
+TInt CIkev1PluginSession::GetLocalAddress( TInetAddr& aAddr )
+ {
+ TInt err( KErrNone );
+ if ( iLocalAddr.IsUnspecified() )
+ {
+ err = iDataInterface.GetLocalAddress( iLocalAddr );
+ }
+
+ aAddr = iLocalAddr;
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// Sends IKE message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::SendIkeMsgL( const TDesC8& aIkeMsg,
+ TInetAddr& aDestAddr,
+ TBool aUseNatPort )
+ {
+ // Construct buffer for storing IKE message data.
+ TInt localPort = ( aUseNatPort ?
+ IkeSocket::KIkePort4500 :
+ IkeSocket::KIkePort500 );
+ TInt length = aIkeMsg.Length();
+ if ( localPort == IkeSocket::KIkePort4500 )
+ {
+ // Reserve space for <non-ESP marker>.
+ length += NON_ESP_MARKER_SIZE;
+ }
+ HBufC8* ikeMsg = HBufC8::NewL( length );
+ TPtr8 ptr = ikeMsg->Des();
+ if ( localPort == IkeSocket::KIkePort4500 )
+ {
+ // Append <non-ESP marker> to the beginning of IKE message.
+ TUint32 nonEspMarker = NON_ESP_MARKER;
+ TUint8* nonEspPtr = (TUint8*)&nonEspMarker;
+ ptr.Append( nonEspPtr, NON_ESP_MARKER_SIZE );
+ }
+ // Append IKE message data to descriptor.
+ ptr.Append( aIkeMsg );
+
+ DoSendUdpDataL( ikeMsg, // Ownership transferred.
+ aDestAddr,
+ localPort,
+ 0 );
+ }
+
+// ---------------------------------------------------------------------------
+// Sends NAT keep-alive packet.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::SendNatKeepAliveL( TInetAddr& aDestAddr,
+ const TDesC8& aData,
+ TUint8 aDscp )
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::SendNatKeepAliveL"));
+ HBufC8* udpData = HBufC8::NewL( aData.Length() );
+ *udpData = aData;
+ TInt localPort = aDestAddr.Port();
+ DoSendUdpDataL( udpData, // Ownership transferred.
+ aDestAddr,
+ localPort,
+ aDscp );
+ }
+
+// ---------------------------------------------------------------------------
+// Sends Nokia NAT keep-alive packet.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::SendNokiaNatKeepAliveL( TInetAddr& aDestAddr,
+ const TDesC8& aData,
+ TUint8 aDscp )
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::SendNokiaNatKeepAliveL"));
+ SendNatKeepAliveL( aDestAddr,
+ aData,
+ aDscp );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of IKE SA establishment.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::IkeSaCompleted( TInt aStatus,
+ CInternalAddress* aInternalAddress )
+ {
+ delete iInternalAddress;
+ iInternalAddress = aInternalAddress;
+
+ DoCompleteNegotiateWithHost( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes negotiation object.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DeleteNegotiation( CIkev1Negotiation* aNegotiation )
+ {
+ TInt err = ErrorStatus();
+ delete aNegotiation;
+
+ if ( err == KErrNone &&
+ (iClientStatusNegotiate != NULL ||
+ iClientStatusDelete != NULL) &&
+ (FindIkev1SA() == NULL) )
+ {
+ // If negotiate or delete session request has been issued, and
+ // there are no IKE SAs, client is completed with error.
+ err = KKmdIkeNegotFailed;
+ }
+
+ DEBUG_LOG1(_L("IKEv1 negotiation deleted, status=%d"),
+ err );
+
+ if ( err != KErrNone )
+ {
+ //
+ // IKE negotiation failed.
+ //
+ DoHandleError( err );
+ }
+ }
+
+// Negotiation linking and find methods.
+
+void CIkev1PluginSession::LinkNegotiation( CIkev1Negotiation* aNegotiation )
+ {
+ aNegotiation->iNext = iFirstNegotiation;
+ iFirstNegotiation = aNegotiation;
+ }
+
+CIkev1Negotiation* CIkev1PluginSession::FirstNegotiation()
+ {
+ return iFirstNegotiation;
+ }
+
+CIkev1Negotiation* CIkev1PluginSession::FindNegotiation( TCookie aInit,
+ TCookie aResp,
+ TUint8 aExchange,
+ TUint32 aMsgId )
+ {
+ CIkev1Negotiation* negotiation;
+ TCookie NULL_COOKIE;
+ NULL_COOKIE.FillZ(ISAKMP_COOKIE_SIZE);
+
+ if ( aExchange == ISAKMP_EXCHANGE_INFO )
+ {
+ for ( negotiation = iFirstNegotiation;
+ negotiation;
+ negotiation = negotiation->iNext )
+ {
+ if ( (negotiation->iCookie_I.Compare(aInit) == 0 ) &&
+ ((negotiation->iCookie_R.Compare(aResp) == 0 ) ||
+ (negotiation->iCookie_R.Compare(NULL_COOKIE) == 0)) )
+ {
+ return negotiation;
+ }
+ }
+
+ }
+ else
+ {
+ for ( negotiation = iFirstNegotiation;
+ negotiation;
+ negotiation = negotiation->iNext )
+ {
+ if ( negotiation->iCookie_I.Compare(aInit) == 0 )
+ {
+ if ( (negotiation->iMessageId == aMsgId) ||
+ (negotiation->iMessageId == 0) )
+ {
+ if ( (negotiation->iCookie_R.Compare(aResp) == 0 ) ||
+ (negotiation->iCookie_R.Compare(NULL_COOKIE) == 0) ||
+ (aResp.Compare(NULL_COOKIE) == 0) )
+ {
+ return negotiation;
+ }
+ }
+ }
+ }
+ }
+
+ return NULL; // Not found
+ }
+
+CIkev1Negotiation* CIkev1PluginSession::FindNegotiation( TUint32 aSaId )
+ {
+ //
+ // Find IKEv1 negotiation object using SA id as search argument
+ //
+ CIkev1Negotiation* negotiation = iFirstNegotiation;
+ while ( negotiation )
+ {
+ if ( negotiation->SAId() == aSaId )
+ {
+ break;
+ }
+
+ negotiation = negotiation->iNext;
+ }
+ return negotiation;
+ }
+
+void CIkev1PluginSession::RemoveNegotiation( CIkev1Negotiation* aNegotiation )
+ {
+ CIkev1Negotiation* prev = NULL;
+ CIkev1Negotiation* negotiation = iFirstNegotiation;
+
+ while ( negotiation )
+ {
+ if ( negotiation == aNegotiation )
+ {
+ if ( prev )
+ {
+ prev->iNext = negotiation->iNext;
+ }
+ else
+ {
+ iFirstNegotiation = negotiation->iNext;
+ }
+ break;
+ }
+ prev = negotiation;
+ negotiation = negotiation->iNext;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of authentication dialog processing.
+// ---------------------------------------------------------------------------
+//
+TInt CIkev1PluginSession::AuthDialogCompletedL( CAuthDialogInfo* aUserInfo )
+ {
+ CIkev1Negotiation* negotiation = FindNegotiation( aUserInfo->SAId() );
+ if ( negotiation )
+ {
+ DEBUG_LOG1( _L("Dialog completed for SAID: %d"),
+ aUserInfo->SAId() );
+
+ negotiation->AuthDialogCompletedL(aUserInfo);
+ if ( negotiation->Finished() )
+ {
+ DeleteNegotiation( negotiation );
+ }
+ return KErrNone;
+ }
+ DEBUG_LOG1( _L("Dialog completed, no negotiation found for SAID: %d"),
+ aUserInfo->SAId() );
+ return KErrNotFound;
+ }
+
+
+// ---------------------------------------------------------------------------
+// Handles change of internal address.
+// ---------------------------------------------------------------------------
+//
+TBool CIkev1PluginSession::InternalAddressChangedL( const CInternalAddress& aInternalAddr )
+ {
+ TBool internalAddressChanged( ETrue );
+
+ if ( iInternalAddress )
+ {
+ if ( iInternalAddress->iClientIntAddr.Match(aInternalAddr.iClientIntAddr) )
+ {
+ internalAddressChanged = EFalse;
+ }
+ }
+
+ delete iInternalAddress;
+ iInternalAddress = NULL;
+ iInternalAddress = CInternalAddress::NewL( aInternalAddr );
+
+ if ( internalAddressChanged )
+ {
+ DoCompleteInternalAddressChanged( KErrNone );
+ }
+
+ return internalAddressChanged;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets acceptable IPsec policies for specified selectors.
+// ---------------------------------------------------------------------------
+//
+CIpsecSaSpecList* CIkev1PluginSession::GetIpseSaSpecListLC( const TInetAddr& aLocalAddr, const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr, const TInetAddr& aRemoteMask,
+ TInt aProtocol )
+
+ {
+ return iPlugin.GetIpseSaSpecListLC( aLocalAddr, aLocalMask,
+ aRemoteAddr, aRemoteMask,
+ aProtocol, iVpnNetId );
+ }
+
+// ---------------------------------------------------------------------------
+// Matches destination address to remote address in IKE policy data.
+// ---------------------------------------------------------------------------
+//
+TBool CIkev1PluginSession::MatchDestinationAddress( const TInetAddr& aDestAddr )
+ {
+ TBool match( EFalse );
+
+ if ( iIkeData )
+ {
+ match = iIkeData->iAddr.Match( aDestAddr );
+ }
+ return match;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles fatal error.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::HandleError( TInt aStatus )
+ {
+ DoHandleError( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Returns error status.
+// ---------------------------------------------------------------------------
+//
+TInt CIkev1PluginSession::ErrorStatus()
+ {
+ return iErrorStatus;
+ }
+
+// ---------------------------------------------------------------------------
+// Sets error status.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::SetErrorStatus( TInt aStatus )
+ {
+ if ( iErrorStatus == KErrNone )
+ {
+ iErrorStatus = aStatus;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Returns VPN IAP id.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkev1PluginSession::VpnIapId()
+ {
+ return iVpnIapId;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns VPN interface index.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkev1PluginSession::VpnInterfaceIndex()
+ {
+ return iVpnInterfaceIndex;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns IKE policy data.
+// ---------------------------------------------------------------------------
+//
+CIkeData& CIkev1PluginSession::IkeData()
+ {
+ __ASSERT_DEBUG( iIkeData != NULL,
+ User::Invariant() );
+ return *iIkeData;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns UID.
+// ---------------------------------------------------------------------------
+//
+TUint32 CIkev1PluginSession::Uid()
+ {
+ return iPlugin.Uid();
+ }
+
+// ---------------------------------------------------------------------------
+// Returns event logger interface.
+// ---------------------------------------------------------------------------
+//
+MKmdEventLoggerIf& CIkev1PluginSession::EventLogger()
+ {
+ return iPlugin.EventLogger();
+ }
+
+// ---------------------------------------------------------------------------
+// Returns internal address (NULL if does not exist).
+// ---------------------------------------------------------------------------
+//
+CInternalAddress* CIkev1PluginSession::InternalAddressL()
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::InternalAddressL"));
+
+ CInternalAddress* internalAddress = NULL;
+ if ( iInternalAddress != NULL )
+ {
+ internalAddress = CInternalAddress::NewL( *iInternalAddress );
+ }
+ return internalAddress;
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkev1SenderCallback
+// Handles completion of sending.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::SendUdpDataCompleted( TInt aStatus )
+ {
+ if ( iSendQueue.Count() != 0 )
+ {
+ // Send queue is not empty.
+ // Send next item from queue.
+ TIkeSendQueueItem item = iSendQueue[0];
+ HBufC8* udpData = item.UdpData();
+ TInetAddr destAddr = item.DestAddr();
+ TInt localPort = item.LocalPort();
+ TUint8 dscp = item.Dscp();
+ iSendQueue.Remove(0);
+ DoSendUdpData( udpData,
+ destAddr,
+ localPort,
+ dscp );
+
+ }
+ else
+ {
+ // IKE message send queue is empty.
+ // If session deletion has been requested, complete request.
+ DoCompleteDeleteSession( aStatus );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles PFKEY message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage )
+ {
+ TRAPD( err, DoPfkeyMessageReceivedL( aPfkeyMessage) );
+ err = err;
+ DEBUG_LOG1(_L("CIkev1PluginSession::PfkeyMessageReceivedL, err=%d"), err);
+ }
+
+// Methods to build and send PFKEY API primitives to IPsec
+
+void CIkev1PluginSession::AcquireSAError( TIpsecSAData& aSAData,
+ TInt aError )
+ {
+ iPlugin.AcquireSAError( aSAData, aError );
+ }
+
+void CIkev1PluginSession::UpdateSAL( TIpsecSAData& aSaData )
+ {
+ iPlugin.UpdateSAL( aSaData );
+ }
+
+void CIkev1PluginSession::AddSAL( TIpsecSAData& aSaData )
+ {
+ iPlugin.AddSAL( aSaData );
+ }
+
+void CIkev1PluginSession::DeleteIpsecSA( TIpsecSPI& aIpsecSpi )
+ {
+ iPlugin.DeleteIpsecSA( aIpsecSpi );
+ }
+
+void CIkev1PluginSession::DeleteIpsecSA( TUint32 aSPI,
+ TInetAddr& aSrc,
+ TInetAddr& aDst,
+ TUint8 aProtocol )
+ {
+ iPlugin.DeleteIpsecSA( aSPI, aSrc, aDst, aProtocol );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Starts negotiation with a peer.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::NegotiateWithHost( const CIkeData& aIkeData,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus )
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::NegotiateWithHost"));
+ __ASSERT_DEBUG( iClientStatusNegotiate == NULL,
+ User::Invariant() );
+
+ // Store client's request status and internal address.
+ iClientStatusNegotiate = &aStatus;
+ *iClientStatusNegotiate = KRequestPending;
+ iClientIaNegotiate = &aInternalAddress;
+
+ TRAPD( err, DoNegotiateWithHostL( aIkeData ) );
+
+ if ( err != KErrNone )
+ {
+ DoCompleteNegotiateWithHost( err );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Cancels negotiate request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::CancelNegotiateWithHost()
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::CancelNegotiateWithHost"));
+
+ if ( iClientStatusNegotiate != NULL )
+ {
+ // Completion is enough as deletion of session is requested after
+ // cancellation.
+ DoCompleteNegotiateWithHost( KErrCancel );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Deletes session.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DeleteSession( const TBool aSilentClose,
+ TRequestStatus& aStatus )
+ {
+ DEBUG_LOG1(_L("CIkev1PluginSession::DeleteSession, silent=%d"),
+ aSilentClose);
+
+ iClientStatusDelete = &aStatus;
+ *iClientStatusDelete = KRequestPending;
+
+ TBool deactivatingStarted = DeleteSAsWithHost( aSilentClose );
+ if ( !deactivatingStarted )
+ {
+ DoCompleteDeleteSession( KErrNone );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Cancels deletion requests.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::CancelDeleteSession()
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::CancelDeleteSession"));
+
+ if ( iClientStatusDelete != NULL )
+ {
+ // Delete SAs silently.
+ DeleteSAsWithHost( ETrue );
+
+ DoCancelDataTransfer();
+
+ User::RequestComplete( iClientStatusDelete, KErrCancel );
+ iClientStatusDelete = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Requests notification about error condition.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::NotifyError( TRequestStatus& aStatus )
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::NotifyError"));
+
+ iClientStatusNotifyError = &aStatus;
+ *iClientStatusNotifyError = KRequestPending;
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Cancels error notification request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::CancelNotifyError()
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::CancelNotifyError"));
+
+ if ( iClientStatusNotifyError != NULL )
+ {
+ User::RequestComplete( iClientStatusNotifyError, KErrCancel );
+ iClientStatusNotifyError = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Requests notification about change of internal address.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::NotifyInternalAddressChanged( TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus )
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::NotifyInternalAddressChanged"));
+ __ASSERT_DEBUG( iClientStatusNotifyIaChange == NULL,
+ User::Invariant() );
+
+ iClientStatusNotifyIaChange = &aStatus;
+ *iClientStatusNotifyIaChange = KRequestPending;
+ iClientIaNotify = &aInternalAddress;
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionIf
+// Cancels internal address change notification request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::CancelNotifyInternalAddressChanged()
+ {
+ DEBUG_LOG(_L("CIkev1PluginSession::CancelNotifyInternalAddressChanged"));
+
+ if ( iClientStatusNotifyIaChange != NULL )
+ {
+ DoCompleteInternalAddressChanged( KErrCancel );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkev1ReceiverCallback
+// Handles notification about received IKE message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::IkeMsgReceivedL( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort )
+ {
+ CIkev1Negotiation* negotiation = NULL;
+ TIkev1SAData* sa = NULL;
+
+ TUint8 exchange = aIkeMsg.GetExchange();
+ negotiation = FindNegotiation( aIkeMsg.GetCookieI(),
+ aIkeMsg.GetCookieR(),
+ exchange,
+ aIkeMsg.GetMessageId() );
+
+ if ( exchange == ISAKMP_EXCHANGE_INFO || exchange == ISAKMP_EXCHANGE_TRANSACT )
+ {
+#ifdef _DEBUG
+ if ( exchange == ISAKMP_EXCHANGE_INFO )
+ {
+ DEBUG_LOG( _L("---ISAKMP_EXCHANGE_INFO message received---") );
+ }
+ else
+ {
+ DEBUG_LOG( _L("---ISAKMP_EXCHANGE_TRANSACTION message received---") );
+ }
+#endif
+ TBool inactive = EFalse;
+ if ( !negotiation )
+ {
+ if ( exchange == ISAKMP_EXCHANGE_INFO )
+ {
+ sa = FindIkev1SAData( aIkeMsg.GetCookieI(),
+ aIkeMsg.GetCookieR() );
+ if ( sa )
+ {
+ negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ sa,
+ RESPONDER );
+ }
+ }
+ if ( !negotiation )
+ {
+ DEBUG_LOG( _L("Cannot find a matching negotiation") );
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8 *)&aIkeMsg, (TUint16)aIkeMsg.GetLength() );
+ TInetAddr dstAddr;
+ GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, aSrcAddr, dstAddr );
+#endif // _DEBUG
+ return; //Not found
+ }
+ CleanupStack::PushL( negotiation );
+ inactive = ETrue; //Not enqueued because not active. Only used to process the packet
+ }
+
+ if ( exchange == ISAKMP_EXCHANGE_INFO )
+ {
+ CIkev1InfoNegotiation* info_neg = new (ELeave) CIkev1InfoNegotiation( *this,
+ *negotiation,
+ iDebug );
+ CleanupStack::PushL( info_neg );
+ // Update the negotiation state
+ info_neg->ExecuteL( aIkeMsg,
+ aSrcAddr,
+ aLocalPort );
+ CleanupStack::PopAndDestroy( info_neg );
+
+ if ( inactive )
+ {
+ CleanupStack::PopAndDestroy( negotiation );
+ }
+ else
+ {
+ if ( negotiation->Finished() )
+ {
+ DeleteNegotiation( negotiation );
+ }
+ }
+ }
+ else
+ {
+ //
+ // An ISAKMP transaction exchange message received
+ // The handling of this requires that there exists a
+ // CTransNegotiation object pointer linked into current
+ // CIkev1Negotiation object
+ //
+ if ( negotiation )
+ {
+ if ( negotiation->ExecuteTransactionL( aIkeMsg,
+ aSrcAddr,
+ aLocalPort ) )
+ {
+ if ( negotiation->Finished() )
+ {
+ DeleteNegotiation( negotiation );
+ }
+ }
+ else
+ {
+ DEBUG_LOG( _L("Unexpected Transaction excange message") );
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8 *)&aIkeMsg, (TUint16)aIkeMsg.GetLength() );
+ TInetAddr dstAddr;
+ GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, aSrcAddr, dstAddr );
+#endif // _DEBUG
+ }
+ }
+ }
+ return;
+ }
+
+ //
+ // IKE Main, Aggressive and Quick mode exchanges
+ //
+ if ( negotiation )
+ {
+ negotiation->ExecuteL( aIkeMsg, aSrcAddr, aLocalPort );
+ if ( negotiation->Finished() )
+ {
+ DeleteNegotiation( negotiation );
+ }
+ return;
+ }
+ DEBUG_LOG( _L("No active negotiation found...Searching existing PHASE_II") );
+
+ TBool status;
+ sa = FindIkev1SAData( aIkeMsg.GetCookieI(),
+ aIkeMsg.GetCookieR() );
+ if ( sa )
+ {
+ DEBUG_LOG( _L("Creating a NEW IKE Phase 2 Negotiation") );
+
+ TRAPD( err, negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ sa,
+ RESPONDER ) );
+ if ( err == KErrNone )
+ {
+ CleanupStack::PushL( negotiation );
+ status = negotiation->ExecutePhase2L( aIkeMsg, aSrcAddr, aLocalPort );
+ if ( status && !negotiation->Finished() )
+ {
+ //Negotiation OK
+ CleanupStack::Pop(); //negotiation safe
+ return;
+ }
+ CleanupStack::PopAndDestroy();
+ }
+ return;
+ }
+ else
+ {
+ TCookie NULL_COOKIE;
+ NULL_COOKIE.FillZ(ISAKMP_COOKIE_SIZE);
+ if ( aIkeMsg.GetCookieR() == NULL_COOKIE )
+ {
+ //
+ // This is the initial opening message from a remote host
+ // Start a new negotiation
+ //
+ DEBUG_LOG( _L("Creating a NEW IKE Phase 1 Negotiation") );
+ TRAPD( err, negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ aSrcAddr,
+ aIkeMsg.GetCookieI(),
+ EFalse ) );
+
+ if ( err == KErrNone )
+ {
+ CleanupStack::PushL( negotiation );
+ status = negotiation->ExecuteL( aIkeMsg, aSrcAddr, aLocalPort );
+ if ( status && !negotiation->Finished() )
+ {
+ //Negotiation OK
+ CleanupStack::Pop(); //negotiation safe
+ return;
+ }
+ CleanupStack::PopAndDestroy( negotiation );
+ }
+ return;
+ }
+ }
+
+ if ( !negotiation )
+ {
+ DEBUG_LOG( _L("Cannot find a matching negotiation") );
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr((TUint8 *)&aIkeMsg, (TUint16)aIkeMsg.GetLength());
+ TInetAddr dstAddr;
+ GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, aSrcAddr, dstAddr );
+#endif // _DEBUG
+ return;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkev1ReceiverCallback
+// Handles notification about receive error.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::ReceiveError( TInt aError )
+ {
+ HandleError( aError );
+ }
+
+// ---------------------------------------------------------------------------
+// Requests sending of UDP data.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoSendUdpDataL( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp )
+ {
+ if ( !iSender->IsActive() &&
+ iSendQueue.Count() == 0 )
+ {
+ // Sending is not in progress and send queue is empty.
+ // Start sending UDP data.
+ DoSendUdpData( aUdpData,
+ aDestAddr,
+ aLocalPort,
+ aDscp );
+ }
+ else
+ {
+ // Store buffer into send queue for later sending.
+ TIkeSendQueueItem item = TIkeSendQueueItem( aUdpData,
+ aDestAddr,
+ aLocalPort,
+ aDscp );
+ iSendQueue.Append( item );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Sends UDP data.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoSendUdpData( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp )
+ {
+ __ASSERT_DEBUG( aUdpData != NULL,
+ User::Invariant() );
+
+ iSender->SendUdpData( aUdpData, aDestAddr, aLocalPort, aDscp );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles PFKEY message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoPfkeyMessageReceivedL( const TPfkeyMessage& aPfkeyMessage )
+ {
+ //
+ // Process received PFKEY message according to message type
+ //
+#ifdef _DEBUG
+ TBuf<40> txt_addr;
+#endif
+
+ TIkev1SAData* ikev1SAdata = NULL;
+ CIkev1Negotiation* negotiation = NULL;
+
+ switch ( aPfkeyMessage.iBase.iMsg->sadb_msg_type )
+ {
+ case SADB_ACQUIRE:
+ //
+ // A request to negotiate an IPSEC SA received
+ // Try to find an existing IKE SA with remote address
+ //
+#ifdef _DEBUG
+ aPfkeyMessage.iDstAddr.Address().OutputWithScope( txt_addr );
+#endif
+ ikev1SAdata = FindIkev1SADataWithAddr( aPfkeyMessage.iDstAddr.Address() );
+ if ( ikev1SAdata )
+ {
+ //
+ // An IKE SA found for Acquire. Get a negotiation
+ // object for IKE Quick mode SA exchange
+ //
+ negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ ikev1SAdata,
+ INITIATOR,
+ &aPfkeyMessage );
+ CleanupStack::PushL( negotiation );
+ negotiation->InitPhase2L(); //Because is initiator
+ DEBUG_LOG1( _L("IKEv1 SA found for Acquire IP: %S"), &txt_addr );
+ CleanupStack::Pop();
+ }
+ else
+ {
+ //
+ // No IKE SA found for Acquire.
+ //
+ // If rekeying is in progress, IKE Quick mode SA exchange
+ // is started after Phase I has completed.
+ //
+ CIkev1Negotiation* negotiation = iFirstNegotiation;
+ while ( negotiation != NULL )
+ {
+ if ( negotiation->IsRekeyingIkeSa() )
+ {
+ break;
+ }
+ negotiation = negotiation->iNext;
+ }
+ if ( negotiation != NULL )
+ {
+ negotiation->PreparePhase2L( aPfkeyMessage );
+ DEBUG_LOG1( _L("Negotiation found for Acquire IP: %S"), &txt_addr );
+ break;
+ }
+
+ //
+ // Otherwise we shall start a new IKE SA negotiation to
+ // defined destination address.
+ //
+ negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ (TInetAddr&)aPfkeyMessage.iDstAddr.Address(),
+ aPfkeyMessage );
+ CleanupStack::PushL( negotiation );
+ negotiation->InitNegotiationL();
+ if ( negotiation->Finished() )
+ {
+ CleanupStack::PopAndDestroy();
+ }
+ else
+ {
+ CleanupStack::Pop();
+ }
+ DEBUG_LOG1( _L("Negotiate a new IKE SA for Acquire IP: %S"), &txt_addr );
+ }
+ break;
+
+ case SADB_EXPIRE:
+ //
+ // An IPSEC SA has been expired.
+ // Try to find an existing IKE SA with source address
+ // (= inbound SA destination address)
+ //
+#ifdef _DEBUG
+ aPfkeyMessage.iDstAddr.Address().OutputWithScope( txt_addr );
+#endif
+ ikev1SAdata = FindIkev1SAData( aPfkeyMessage.iSrcAddr.Address(),
+ aPfkeyMessage.iSa.iExt->sadb_sa_spi );
+ if ( ikev1SAdata )
+ {
+ //
+ // An IKE SA found for Expire. Get a negotiation
+ // object for IKE Informational exchange
+ //
+ if ( DeleteIpsecSpi(ikev1SAdata->iSAId,
+ aPfkeyMessage.iSa.iExt->sadb_sa_spi,
+ ETrue) )
+ {
+ negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ ikev1SAdata,
+ RESPONDER );
+ CleanupStack::PushL( negotiation );
+ negotiation->SendDeleteL( aPfkeyMessage.iBase.iMsg->sadb_msg_satype,
+ aPfkeyMessage.iSa.iExt->sadb_sa_spi );
+ CleanupStack::PopAndDestroy();
+ DEBUG_LOG3(_L("Notifying SGW, IPsec SA Expiration (addr = %S, spi = %x , proto = %d)"), &txt_addr,
+ ByteOrder::Swap32(aPfkeyMessage.iSa.iExt->sadb_sa_spi), aPfkeyMessage.iDstAddr.iExt->sadb_address_proto);
+ }
+ }
+ else
+ {
+ DEBUG_LOG1( _L("No IKE SA found Expire IP: %S"), &txt_addr );
+ }
+ break;
+
+ default:
+ break;
+
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes IKE SAs.
+// ---------------------------------------------------------------------------
+//
+TBool CIkev1PluginSession::DeleteSAsWithHost( TBool aSilentClose )
+ {
+ DEBUG_LOG( _L("Deactivating IKEv1 SA:s") );
+
+ //
+ // For sure check if there is any ongoing negotiations for this
+ // and delete these negotiations immediatelly.
+ //
+ while ( iFirstNegotiation )
+ {
+ CIkev1Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = negotiation->iNext;
+ delete negotiation;
+ }
+
+ TInt deactivatingStarted( EFalse );
+ for ( TInt i=0;i<iIkev1SAs.Count();i++ )
+ {
+ CIkev1SA* sa = iIkev1SAs[i];
+ if ( !sa->IsExpired() )
+ {
+ TIkev1SAData& ikeSaData = sa->iHdr;
+ deactivatingStarted = DeleteIkeSA( &ikeSaData, aSilentClose );
+ }
+ }
+
+ return deactivatingStarted;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles starting of negotiation with a peer.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoNegotiateWithHostL( const CIkeData& aIkeData )
+ {
+ __ASSERT_DEBUG( iIkeData == NULL,
+ User::Invariant() );
+
+ iIkeData = CIkeData::NewL( &aIkeData );
+
+ // Start ISAKMP Phase 1 negotiation to the specified gateway immediately
+ // if the Internal VPN address feature is enabled in policy (= IA payload
+ // or CONFIG-MODE). Otherwise postpone negotiation.
+ if ( !aIkeData.iUseInternalAddr &&
+ !aIkeData.iUseCfgMode )
+ {
+ DEBUG_LOG(_L("Negotiation postponed."));
+ User::RequestComplete( iClientStatusNegotiate, KErrNone );
+ iClientStatusNegotiate = NULL;
+ return;
+ }
+
+ CIkev1Negotiation* negotiation = CIkev1Negotiation::NewL( this,
+ iPFKeySocketIf,
+ iDebug,
+ iIkeData->iAddr,
+ ETrue );
+ CleanupStack::PushL( negotiation );
+ negotiation->InitNegotiationL();
+ if ( negotiation->Finished() )
+ {
+ CleanupStack::PopAndDestroy( negotiation );
+ User::Leave( KKmdIkeNegotFailed );
+ }
+ else
+ {
+ CleanupStack::Pop( negotiation );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles fatal error.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoHandleError( TInt aError )
+ {
+ DEBUG_LOG1(_L("CIkev1PluginSession::DoHandleError, err=%d"), aError);
+
+ while ( iFirstNegotiation )
+ {
+ CIkev1Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = negotiation->iNext;
+ delete negotiation;
+ }
+
+ while ( iIkev1SAs.Count() )
+ {
+ CIkev1SA* ikev1SA = iIkev1SAs[0];
+ iIkev1SAs.Remove(0);
+ delete ikev1SA;
+ }
+
+ // Complete client's requests.
+ DoCompleteNegotiateWithHost( aError );
+ DoCompleteDeleteSession( aError );
+ DoCompleteNotifyError( aError );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's negotiate request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoCompleteNegotiateWithHost( TInt aStatus )
+ {
+ if ( iClientStatusNegotiate != NULL )
+ {
+ if ( aStatus == KErrNone )
+ {
+ if ( iInternalAddress != NULL )
+ {
+ __ASSERT_DEBUG( iIkeData != NULL,
+ User::Invariant() );
+ // Build internal address for client.
+ VPNAddrInfo::BuildVPNAddrInfo( iInternalAddress,
+ iIkeData->iDnsServer,
+ *iClientIaNegotiate,
+ iDebug );
+ }
+ }
+
+ // Complete client's request.
+ DEBUG_LOG1(_L("CIkev1PluginSession::DoCompleteNegotiateWithHost, aStatus=%d"),
+ aStatus);
+ User::RequestComplete( iClientStatusNegotiate, aStatus );
+ iClientStatusNegotiate = NULL;
+ iClientIaNegotiate = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's delete session request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoCompleteDeleteSession( TInt aStatus )
+ {
+ if ( iClientStatusDelete != NULL )
+ {
+ DoCancelDataTransfer();
+
+ DEBUG_LOG1(_L("CIkev1PluginSession::DoCompleteDeleteSession, aStatus=%d"),
+ aStatus);
+ User::RequestComplete( iClientStatusDelete, aStatus );
+ iClientStatusDelete = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's notify error request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoCompleteNotifyError( TInt aStatus )
+ {
+ if ( iClientStatusNotifyError != NULL )
+ {
+ DoCancelDataTransfer();
+
+ DEBUG_LOG1(_L("CIkev1PluginSession::DoCompleteNotifyError, aStatus=%d"),
+ aStatus);
+ User::RequestComplete( iClientStatusNotifyError, aStatus );
+ iClientStatusNotifyError = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's notify internal address change request.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoCompleteInternalAddressChanged( TInt aStatus )
+ {
+ if ( iClientStatusNotifyIaChange != NULL )
+ {
+ DEBUG_LOG1(_L("CIkev1PluginSession::DoCompleteInternalAddressChange, aStatus=%d"),
+ aStatus);
+
+ if ( aStatus == KErrNone )
+ {
+ if ( iInternalAddress != NULL )
+ {
+ // Build internal address for client.
+ VPNAddrInfo::BuildVPNAddrInfo( iInternalAddress,
+ iIkeData->iDnsServer,
+ *iClientIaNotify,
+ iDebug );
+ }
+ }
+
+ if ( aStatus != KErrNone &&
+ aStatus != KErrCancel )
+ {
+ HandleError( aStatus);
+ return;
+ }
+
+ User::RequestComplete( iClientStatusNotifyIaChange, aStatus );
+ iClientStatusNotifyIaChange = NULL;
+ iClientIaNotify = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels data transfer.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoCancelDataTransfer()
+ {
+ iReceiver->Cancel();
+ iDataInterface.StopReceive();
+ DoEmptySendQueue();
+ iSender->Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Empties send queue.
+// ---------------------------------------------------------------------------
+//
+void CIkev1PluginSession::DoEmptySendQueue()
+ {
+ while ( iSendQueue.Count() )
+ {
+ TIkeSendQueueItem item = iSendQueue[0];
+ HBufC8* udpData = item.UdpData();
+ iSendQueue.Remove(0);
+ delete udpData;
+ udpData = NULL;
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1private.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,550 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This module contains the private vendor specific extension of IKE.
+* All of the current private extensions are related to Nokia VPN gateway
+* and shall be used ONLY when the EPOC IKE is acting as a Nokia VPN remote
+* access client.
+* The following private extension are implemented:
+*
+* 1) Internal Address payload usage
+* Internal address payload is used to the deliver a secure network
+* adderess and secure network DNS address(es) from VPN gateway to a client.
+* The Internal address payloads are used in the last two IKE main mode
+* messages as follows:
+*
+* Client (initiator) Gateway (responder)
+* .. SA, KE ... --->
+* <--- ..SA, KE ...
+* HDR*, INT_ADDR --->
+* <--- HDR*, INT_ADDR
+*
+* Client sends an INT_ADDR payload with PRI_INTERNAL_ADDRESS attribute
+* Attribute value is 0.0.0.0.
+*
+* Gateway responds with an INT_ADDR payload with PRI_INTERNAL_ADDRESS
+* attribute containing client internal address x.y.z.w
+* Gateway INT_ADDR payload may also contain attributes PRI_INTERNAL_DNS and
+* PRI_INTERNAL_WINS. PRI_INTERNAL_DNS contains a list of DNS IP addresses and
+* PRI_INTERNAL_WINS a list of WINS IP addresses.
+*
+*
+* 2) The NAT Traversal probing
+* The expanded Vendor-Id payload usage for the NAT Traversal probing.
+* The expanded Vendor-Id payloads contains the following information:
+*
+* Client (initiator) Gateway (responder)
+* VID(hash, ip_addr, port) --->
+* <--- VID(hash, detected_ip_addr,
+* detected_port)
+*
+* Client sends a expanded Vendor-Id payload containing the following information:
+* hash = Nokia VPN vendor specific hash data (used to recognize peer)
+* ip_addr = Client IKE own IP address
+* port = Client IKE own port (=500)
+*
+* Gateway responds with expanded Vendor-Id payload containing the following information:
+* hash = Nokia VPN vendor specific hash data (used to recognize peer)
+* detected_ip_addr = Client IP address as detected in received IKE message
+* IP header (=source IP address)
+* detected_port = Client port as detected in received IKE message
+* UDP header (=source port)
+*
+* Both client and gateway do the following examination
+* if ( ip_addr != detected_ip_addr ) || ( port != detected_port )
+* then NAT Traversal shall be used IPSEC ESP traffic between
+* the client and gateway
+*
+* Nokia VPN specific NAT Traversal means that IPSEC ESP traffic shall be
+* capsulated with UDP header.
+* The used UDP port for that purpose is 9872
+*
+*/
+
+#include "ikev1private.h"
+#include "ikev1dialog.h"
+#include "ikev1negotiation.h"
+#include "ikev1isakmpstream.h"
+
+#include "ikepolparser.h"
+
+const TUint8 BASE_VID_DATA[16] = {0x06, 0x3d, 0xf4, 0x13, 0x91, 0xa9, 0x19, 0xa2,
+ 0x5a, 0x61, 0xa8, 0x7c, 0x45, 0x02, 0x5f, 0xaf};
+
+const TUint8 DPD_VID_DATA[16] = {0xAF, 0xCA, 0xD7, 0x13, 0x68, 0xA1, 0xF1, 0xC9,
+ 0x6B, 0x86, 0x96, 0xFC, 0x77, 0x57, 0x01, 0x00};
+
+TInt BuildVendorIdHash(TUint8 *aICOOKIE, TUint8 *aRCOOKIE, TUint8 *hash_data)
+{
+/*--------------------------------------------------------------------------------
+ *
+ * Build Vendor Id hash data
+ *
+ *------------------------------------------------------------------------*/
+//
+// base = MD5("Network Alchemy, Inc., Version 1.0"); /* ASCII-Z end null included)
+//
+TInt i;
+
+ Mem::Copy(hash_data, &BASE_VID_DATA[0], 16); /* Hash base (MD5) */
+
+ for ( i = 0; i < (ISAKMP_COOKIE_SIZE * 2); i++ ) {
+
+ if ( i < ISAKMP_COOKIE_SIZE )
+ *(hash_data + i) ^= *(aICOOKIE + i);
+ else *(hash_data + i) ^= *(aRCOOKIE + (i - ISAKMP_COOKIE_SIZE));
+
+ }
+
+ return 16;
+}
+
+
+TInt ConstructVendorId(TBool aNATProbe,
+ TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr,
+ TVendorISAKMP *aVendorPayload)
+{
+/*------------------------------------------------------------------------
+ *
+ * This method constructs a Vendor ID payload. If aNATProbe is TRUE
+ * an expanded format Vendor ID is constructed.
+ * Both Vendor ID formats contains a Nokia VPN vendor specific hash data
+ * which constructed as follows:
+ * base = MD5("Network Alchemy, Inc., Version 1.0"); ASCII-Z end null included)
+ * base = BASE_VID_DATA;
+ * Then the Vendor ID hash is consructed xor:ing ISAKMP cookies to hash as follows:
+ *
+ * for ( i = 0; i < (ISAKMP_COOKIE_SIZE * 2); i++ ) {
+ * if ( i < ISAKMP_COOKIE_SIZE )
+ * base[i] ^= ICOOKIE[i];
+ * else base[i] ^= RCOOKIE[i - ISAKMP_COOKIE_SIZE];
+ * }
+ *
+ * The expanded vendor ID payload looks like so:
+ *
+ * General payload header (next payload is "real" next payload)
+ * General payload header (next payload is "VENDOR_OPTION_NAT_TRAVERSAL")
+ * option hash
+ * General payload header (next payload is "VENDOR_OPTION_VERSION")
+ * option VENDOR_OPTION_NAT_TRAVERSAL
+ * General payload header (next payload is "NULL")
+ * option VENDOR_OPTION_VERSION
+ *
+ * Expanded vendor id format is format is as follows:
+ *
+ * 1 2 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! Next Payload ! RESERVED ! Payload Length = 44 !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! OPTION_NAT_T ! RESERVED ! Hash_lth + 4 = 20 !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! Nokia VPN Vendor specific hash !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! OPTION_VERSION! RESERVED ! OPTION_NAT_T_LTH + 4 = 20 !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! sin_lth ! sin_family ! sin_port !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! sin_addr !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! !
+ * . Zero * 2(?) .
+ * ! !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! 0 ! RESERVED ! OPTION_VERSION + 4 = 8 !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! MAJOR VERSION ! MINOR VERSION !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *
+ *------------------------------------------------------------------------*/
+ TVendorISAKMP *nat_vendor_id;
+ TVendorISAKMP *ver_vendor_id;
+ TNATTOption *nat_t_option;
+ TVersionOption *version_option;
+ TUint8 *next_payload;
+ TUint32 vid_lth;
+ TInetAddr own_addr = aLocalAddr;
+
+ next_payload = (TUint8 *)aVendorPayload;
+ *next_payload = ISAKMP_PAYLOAD_NONE; /* zeroe next payload field for sure */
+
+ if ( aNATProbe ) {
+ /*------------------------------------------------------------
+ *
+ * Build expanded Vendor Id payload
+ * Build first VENDOR_OPTION_NAT_TRAVERSAL payload
+ *
+ *-----------------------------------------------------------*/
+ nat_vendor_id = (TVendorISAKMP*)((TUint8*)aVendorPayload +
+ sizeof(TPayloadISAKMP) +
+ sizeof(TPayloadISAKMP) + 16); //bypass hash
+ next_payload = (TUint8 *)nat_vendor_id;
+ *next_payload = VENDOR_OPTION_VERSION;
+ nat_vendor_id->SetReserved(0);
+ nat_vendor_id->SetLength(sizeof(TPayloadISAKMP) + SIN_LTH);
+ nat_t_option = (TNATTOption*)nat_vendor_id->VIDData();
+ nat_t_option->InitOption();
+ nat_t_option->SetPort(500);
+ if ( own_addr.IsV4Mapped() )
+ own_addr.ConvertToV4();
+ nat_t_option->SetAddress(own_addr.Address());
+ /*------------------------------------------------------------
+ *
+ * Build next VENDOR_OPTION_VERSION payload
+ * Set major version X and minor Y.
+ *
+ *-----------------------------------------------------------*/
+ ver_vendor_id = (TVendorISAKMP*)((TUint8*)nat_vendor_id +
+ sizeof(TPayloadISAKMP) + SIN_LTH); //bypass NAT-T
+ next_payload = (TUint8 *)ver_vendor_id;
+ *next_payload = ISAKMP_PAYLOAD_NONE;
+ ver_vendor_id->SetReserved(0);
+ ver_vendor_id->SetLength(sizeof(TPayloadISAKMP) + VERSION_LTH);
+ version_option = (TVersionOption*)ver_vendor_id->VIDData();
+ version_option->SetVersion(MAJOR_VERSION, MINOR_VERSION);
+
+ /*------------------------------------------------------------
+ *
+ * Build "upper" Vendor Id payload general header
+ *
+ *-----------------------------------------------------------*/
+ vid_lth = sizeof(TPayloadISAKMP) + /* "outer" Vendor ID payload */
+ sizeof(TPayloadISAKMP) + 16 + /* VENDOR_OPTION_HASH */
+ sizeof(TPayloadISAKMP) + SIN_LTH + /* VENDOR_OPTION_NAT_TRAVERSAL */
+ sizeof(TPayloadISAKMP) + VERSION_LTH;/* VENDOR_OPTION_VERSION */
+ aVendorPayload->SetLength((TUint16)vid_lth);
+ aVendorPayload->SetReserved(0);
+
+ aVendorPayload = (TVendorISAKMP*)((TUint8*)aVendorPayload + sizeof(TPayloadISAKMP));
+ next_payload = (TUint8 *)aVendorPayload;
+ *next_payload = VENDOR_OPTION_NAT_TRAVERSAL;
+ }
+ else {
+ vid_lth = sizeof(TPayloadISAKMP) + 16;
+ }
+ /*------------------------------------------------------------
+ *
+ * Store Hash data into Vendor Id payload
+ *
+ *-----------------------------------------------------------*/
+ aVendorPayload->SetReserved(0);
+ aVendorPayload->SetLength((TUint16)sizeof(TPayloadISAKMP) + 16);
+
+ BuildVendorIdHash(aICOOKIE, aRCOOKIE,
+ aVendorPayload->VIDData());
+
+ return vid_lth;
+
+}
+
+
+TBool ProcessVendorId(TBool *aFamiliarPeer,
+ TUint8 *aICOOKIE,
+ TUint8 *aRCOOKIE,
+ TInetAddr &aLocalAddr,
+ TVendorISAKMP *aVendorPayload)
+{
+/*-------------------------------------------------------------------------
+ *
+ * Process Vendor Id payload received from peer.
+ * The following actions taken:
+ * -- Check if a Nokia VPN implementation i peer (recognize hash in Vendor Id)
+ * -- If Nokia VPN implementation detected process possible
+ * VENDOR_OPTION_NAT_TRAVERSAL in expanded Vendor Id payload
+ *
+ *------------------------------------------------------------------------*/
+ TBool nokia_vpn_peer = EFalse;
+ TBool nat_t_required = EFalse;
+ TVendorISAKMP *option_payload;
+ TNATTOption *nat_t_option;
+ TInt vid_lth;
+ TInt tmp_lth;
+ TInt hash_lth;
+ TUint16 ptype;
+ TUint16 detected_port;
+ TUint8 ref_hash[20];
+ TInetAddr detected_addr;
+ TInetAddr reference_addr = aLocalAddr;
+
+ vid_lth = aVendorPayload->GetLength() - sizeof(TPayloadISAKMP);
+ if ( vid_lth > 15 ) {
+ /*-------------------------------------------------------
+ *
+ * Check if expanded Vendor Id format
+ *
+ *-------------------------------------------------------*/
+ tmp_lth = vid_lth;
+ ptype = ISAKMP_PAYLOAD_NONE;
+ hash_lth = BuildVendorIdHash(aICOOKIE, aRCOOKIE, ref_hash);
+ option_payload = aVendorPayload;
+ if ( vid_lth > hash_lth ) {
+ /*---------------------------------------------------------------------
+ *
+ * An expanded format Vendor Id, bypass "outer" payload general header
+ * And do sanity check for VENDOR_OPTION_HASH option payload
+ *
+ *--------------------------------------------------------------------*/
+ option_payload = (TVendorISAKMP*)((TUint8*)option_payload + sizeof(TPayloadISAKMP));
+ ptype = option_payload->GetPayload();
+ tmp_lth = option_payload->GetLength();
+ if ( tmp_lth == (sizeof(TPayloadISAKMP) + 16 ) )
+// &&
+// ( option_payload->GetReserved() == 0 ) ) { //Must be always 0
+ tmp_lth -= sizeof(TPayloadISAKMP);
+ else tmp_lth = 0;
+ }
+
+ if ( tmp_lth == hash_lth ) {
+ /*---------------------------------------------
+ *
+ * Check that Vendor Id hash match
+ *
+ *---------------------------------------------*/
+ if ( Mem::Compare(option_payload->VIDData(), tmp_lth, ref_hash, hash_lth) == 0 ) {
+ /*-----------------------------------------------------------
+ *
+ * Process other Vendor Id option payload(s)
+ * In this phase only VENDOR_OPTION_NAT_TRAVERSAL is processed
+ * other options are ignored
+ *
+ *-----------------------------------------------------------*/
+ nokia_vpn_peer = ETrue;
+ tmp_lth += sizeof(TPayloadISAKMP);
+ option_payload = (TVendorISAKMP*)((TUint8*)option_payload + tmp_lth);
+
+ while ( ptype != ISAKMP_PAYLOAD_NONE ) {
+
+ if ( vid_lth <= tmp_lth ) {
+ break;
+ }
+ hash_lth = option_payload->GetLength();
+ tmp_lth += hash_lth;
+ if ( ( hash_lth < (MIN_ISAKMP_PAYLOAD_SIZE + SIN_LTH) ) ) {
+// &&
+// ( option_payload->GetReserved() != 0 ) ) } //Must be always 0
+ break;
+ }
+ if ( ptype == VENDOR_OPTION_NAT_TRAVERSAL ) {
+ if ( reference_addr.IsV4Mapped() )
+ reference_addr.ConvertToV4();
+ hash_lth -= sizeof(TPayloadISAKMP); /* option data length */
+ nat_t_option = (TNATTOption*)((TUint8*)option_payload + sizeof(TPayloadISAKMP));
+ detected_port = nat_t_option->GetPort();
+ detected_addr.SetAddress(nat_t_option->GetAddress());
+ if ( (detected_port != 500) /* Port changed */
+ ||
+ !(detected_addr.Match(reference_addr))) { /* address changed */
+ nat_t_required = ETrue;
+ }
+ break;
+ }
+
+ ptype = option_payload->GetPayload(); //Next payload
+ option_payload = (TVendorISAKMP*)((TUint8*)option_payload + hash_lth);
+
+ }
+ }
+ }
+
+ }
+
+ if ( aFamiliarPeer )
+ *aFamiliarPeer = nokia_vpn_peer;
+
+ return nat_t_required;
+
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Function BuildDPDVendorId()
+ * This method builds a Dead Peer Detection (DPD) related Vendor ID
+ * payload and adds it into the IKE message. The vendor id is
+ * specified in the draft <draft-ietf-ipsec-dpd-04.txt> and its
+ * content is the following:
+ * 1
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! !M!M!
+ * ! HASHED_VENDOR_ID !J!N!
+ * ! !R!R!
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ * Hash data is,
+ * {0xAF, 0xCA, 0xD7, 0x13, 0x68, 0xA1, 0xF1, 0xC9, 0x6B, 0x86, 0x96,
+ * 0xFC, 0x77, 0x57}, and MJR and MNR
+ * MJR = 1 and MNR = 0
+ *
+ *--------------------------------------------------------------------*/
+void BuildDPDVendorId(TIkev1IsakmpStream &aMsg)
+{
+ TInetAddr DummyAddr;
+
+ aMsg.IsakmpVendorId(IETF_NATT_VENDOR_ID,
+ NULL, NULL, DummyAddr, // These parameters has no relevance with IETF_NATT_VID_DATA
+ (TUint8*)DPD_VID_DATA,
+ sizeof(DPD_VID_DATA));
+}
+
+TBool CheckDPDVendorId(const TVendorISAKMP *aVendorPayload)
+{
+/**---------------------------------------------------------------------------------------
+ *
+ * This method checks does the remote end support DPD draft <draft-ietf-ipsec-dpd-04.txt>
+ *
+ *---------------------------------------------------------------------------------------*/
+ TInt vid_lth = aVendorPayload->GetLength() - sizeof(TPayloadISAKMP);
+ if ( vid_lth == sizeof(DPD_VID_DATA) )
+ {
+ if ( Mem::Compare(aVendorPayload->VIDData(), vid_lth, (TUint8*)DPD_VID_DATA, vid_lth) == 0 )
+ return ETrue; // Remote end supports DPD draft
+ }
+ return EFalse;
+}
+
+TInt CheckCredentials(CIkeData *aHostData )
+{
+/*-------------------------------------------------------------------------
+ *
+ * This function is called by CNegotiation::InitNegotiationL() method
+ * when the current IKE proposal defines aggresssive mode exchange with
+ * pre-shared key authentication.
+ * The following special actions are taken:
+ * -- If no pre-shared key data is defined, launch a dialog where
+ * user name and password information is asked from the user.
+ * -- User name information is store to current CIkeData iFQDN field
+ * (represent IKE identification)
+ * -- Password data shall be stored to current CIkeData iPresharedKey field
+ *
+ * This functionality is related to Checkpoint gateway.
+ * To use Aggressive mode exchange and pre-shared key authentication like
+ * this implement kind of "legacy authentication method" for IKE where
+ * client (=initiator) authentication is based on user name/password pair.
+ * User name is sent from initiator (=client) to responder (=Checkpoint GW)
+ * in the IKE ID payload. However, the password data is NOT transmitted in
+ * any payload, but it is used as pre-shared key in both ends.
+ * (= Checkpoint gateway shall use user name data received in IKE ID payload
+ * as a reference to the correct pre-shared key)
+ *
+ *------------------------------------------------------------------------*/
+ if ( !aHostData || aHostData->iPresharedKey.iKey.Length() )
+ return KErrNone;
+
+ aHostData->iPresharedKey.iFormat = STRING_KEY;
+ aHostData->iFQDN.SetLength(0); // Override FQDN in host data with user name
+
+ return CIkev1Dialog::GetSyncUNPWDialog(aHostData->iFQDN, aHostData->iPresharedKey.iKey);
+}
+
+
+CInternalAddress* ProcessIntNetL(TINTNETISAKMP *aIntNetpayload)
+{
+/*-------------------------------------------------------------------------
+ *
+ * Process Internal address payload received (sanity check already done)
+ * Process payload attributes as follows:
+ * -- Parse PRI_INTERNAL_ADDRESS attribute and store value to aInternalAddr
+ * -- Parse PRI_INTERNAL_DNS attributes and build list of DNS addresses
+ * There exists an own attribute for all DNS addresses
+ * -- Ignore other attributes (=PRI_INTERNAL_WINS)
+ *
+ * In this phase only IPv4 Internal addresses are supported by the
+ * Nokia VPN gateway
+ *
+ *------------------------------------------------------------------------*/
+ TInt length = (TInt)aIntNetpayload->GetLength();
+ if ( STATIC_CAST(TUint, length) < sizeof(TINTNETISAKMP) ) {
+ return NULL;
+ }
+
+ length -= sizeof(TINTNETISAKMP); /* Attribute data lengt in payload */
+
+ TUint32 ipv4_addr;
+ TBool internal_address = EFalse;
+ TInetAddr *dns_addr;
+ CInternalAddress *InternalAddr = new (ELeave)CInternalAddress(1);
+ CleanupStack::PushL(InternalAddr);
+ TDataISAKMP *attr = aIntNetpayload->INTNETAttrib();
+
+ while ( length > 0 ) {
+
+ length = length - attr->Size();
+ if ( length < 0 ) {
+ CleanupStack::PopAndDestroy(); /* delete InternalAddr */
+ return NULL;
+ }
+ switch ( attr->Type() ) {
+
+ case PRI_INTERNAL_ADDRESS:
+ /*-----------------------------------------------------------
+ * Internal address received from gateway. If several
+ * Internal address attributes detected use the first address
+ *------------------------------------------------------------*/
+ if ( attr->IsBasic() || ( attr->Length() != 4) ) {
+ CleanupStack::PopAndDestroy(); /* delete InternalAddr */
+ return NULL;
+ }
+ if ( !internal_address ) {
+ internal_address = ETrue;
+ ipv4_addr = GET32(attr->VarValue());
+ ipv4_addr = ByteOrder::Swap32(ipv4_addr); //NOT IN NETWORK ORDER !!!!
+ InternalAddr->iClientIntAddr.SetAddress(ipv4_addr);
+ }
+ break;
+
+ case PRI_INTERNAL_DNS:
+ /*-----------------------------------------------------------
+ * Internal DNS address received from gateway
+ *------------------------------------------------------------*/
+ if ( attr->IsBasic() || ( attr->Length() != 4 ) ) {
+ CleanupStack::PopAndDestroy(); /* delete InternalAddr */
+ return NULL;
+ }
+ ipv4_addr = GET32(attr->VarValue());
+ ipv4_addr = ByteOrder::Swap32(ipv4_addr); //NOT IN NETWORK ORDER !!!!
+ dns_addr = new(ELeave)TInetAddr;
+ CleanupStack::PushL(dns_addr);
+ dns_addr->SetAddress(ipv4_addr);
+ InternalAddr->AppendL(dns_addr);
+ CleanupStack::Pop(); /* delete dns_addr */
+ break;
+
+ default:
+ /*-----------------------------------------------------------
+ * Other attributes (WINS address) are ignored
+ *------------------------------------------------------------*/
+ break;
+ }
+
+ attr = attr->Next();
+ }
+
+ if ( !internal_address ) {
+ /*-----------------------------------------------------
+ * No client internal address defined.
+ * Internal address negotiation failed
+ *----------------------------------------------------*/
+ delete InternalAddr;
+ InternalAddr = NULL;
+ }
+
+ CleanupStack::Pop(); // Remove InternalAddr from cleanup stack
+
+ return InternalAddr;
+}
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1receiver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,165 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver of UDP datagrams
+*
+*/
+
+
+#include <in_sock.h>
+
+#include "ikedatainterface.h"
+#include "ikemsgheader.h"
+
+// CLASS HEADER
+#include "ikev1receiver.h"
+
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Receiver* CIkev1Receiver::NewL( MIkeDataInterface& aDataInterface,
+ MIkev1ReceiverCallback& aCallback )
+ {
+ CIkev1Receiver* self = new (ELeave) CIkev1Receiver( aDataInterface,
+ aCallback );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Receiver::~CIkev1Receiver()
+ {
+ Cancel();
+
+ delete iUdpData;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Receiver::CIkev1Receiver( MIkeDataInterface& aDataInterface,
+ MIkev1ReceiverCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iUdpData( NULL ),
+ iDataInterface( aDataInterface ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Receiver::ConstructL()
+ {
+ StartReceive();
+ }
+
+// ---------------------------------------------------------------------------
+// Starts receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Receiver::StartReceive()
+ {
+ DoReceive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Receiver::RunL()
+ {
+ if ( iStatus.Int() == KErrNone )
+ {
+ __ASSERT_DEBUG( iUdpData != NULL,
+ User::Invariant() );
+
+ const ThdrISAKMP* ikeHdr = ThdrISAKMP::Ptr( iUdpData->Des() );
+ TInt msgLth = iUdpData->Length();
+
+ // Ignore possible <non-ESP marker> in the beginning of IKE message.
+ TUint32 ikeMsgHdrOctets = GET32( ikeHdr );
+ if ( ikeMsgHdrOctets == NON_ESP_MARKER )
+ {
+ ikeHdr = ikeHdr->GotoOffset( NON_ESP_MARKER_SIZE );
+ msgLth -= NON_ESP_MARKER_SIZE;
+ }
+
+ iCallback.IkeMsgReceivedL( *ikeHdr, iSrcAddr, iLocalPort );
+ }
+ else
+ {
+ iCallback.ReceiveError( iStatus.Int() );
+ }
+
+ delete iUdpData;
+ iUdpData = NULL;
+
+ if ( iStatus.Int() == KErrNone )
+ {
+ // Continue receiving.
+ DoReceive();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Receiver::DoCancel()
+ {
+ iDataInterface.CancelReceive();
+
+ delete iUdpData;
+ iUdpData = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Handles a leave occurring in RunL().
+// Handles cancellation of receive.
+// ---------------------------------------------------------------------------
+//
+TInt CIkev1Receiver::RunError( TInt aError )
+ {
+ delete iUdpData;
+ iUdpData = NULL;
+
+ iCallback.ReceiveError( aError );
+ return KErrNone;
+ }
+
+// ---------------------------------------------------------------------------
+// Receives UDP data.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Receiver::DoReceive()
+ {
+ iDataInterface.ReceiveUdpData( iUdpData, iSrcAddr, iLocalPort, iStatus );
+ SetActive();
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1sa.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,471 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv1 SA
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikev1SA.h"
+#include "ikev1SAdata.h"
+#include "ikev1keepalive.h"
+#include "ikev1nokianattkeepalive.h" // CIkev1NokiaNattKeepAlive
+#include "ikepolparser.h"
+#include "ikesocketdefs.h"
+#include "ikev1pluginsession.h"
+
+CIkev1SA* CIkev1SA::NewL( CIkev1PluginSession& aPluginSession,
+ TIkev1SAData& aIkev1SAdata,
+ CSARekeyInfo* aSaRekey,
+ MIkeDebug& aDebug )
+{
+ CIkev1SA *sa = new (ELeave) CIkev1SA( aPluginSession, aDebug );
+ sa->ConstructL( aIkev1SAdata, aSaRekey );
+ return sa;
+}
+
+
+//Constructor
+CIkev1SA::CIkev1SA( CIkev1PluginSession& aPluginSession,
+ MIkeDebug& aDebug )
+ : CTimer( EPriorityStandard ),
+ iPluginSession( aPluginSession ),
+ iDebug( aDebug )
+{
+ CActiveScheduler::Add(this);
+}
+
+void CIkev1SA::ConstructL(TIkev1SAData& aIkev1SAdata, CSARekeyInfo* aSaRekey)
+{
+ CTimer::ConstructL();
+ iHdr.CopyL(aIkev1SAdata);
+
+ if ( aSaRekey )
+ {
+ //
+ // Rekeyed IKE SA. Try to find "original" IKE SA and move IPSEC
+ // SPI list from that SA to the new rekeyed one.
+ // If "original" IKE SA is found, (re)start expiration timer
+ // with rekey "left over" time.
+ //
+ iRekeyed = ETrue;
+ CIkev1SA *OrigSA = iPluginSession.FindIkev1SA(aSaRekey->GetCookieI(), aSaRekey->GetCookieR());
+ if ( OrigSA )
+ {
+ DEBUG_LOG(_L("ISAKMP SA Rekeyed, SPI list moved from original SA"));
+ iSPIList = OrigSA->iSPIList;
+ OrigSA->iSPIList = NULL;
+ OrigSA->iSPIList = new (ELeave) CIpsecSPIList(1); // Dummy
+ if ( OrigSA->IsActive() )
+ {
+ OrigSA->Cancel();
+ OrigSA->iRemainingTime = 0;
+ OrigSA->iLeftOverTime = 0;
+ DEBUG_LOG1(_L("Rekeyed SA expiration time set to %u"),OrigSA->iRemainingTime);
+ OrigSA->StartTimer();
+ }
+ }
+ }
+
+ if ( !iSPIList )
+ iSPIList = new (ELeave) CIpsecSPIList(4);
+
+ TInt DPDHeartbeat;
+
+ if ( iHdr.iDPDSupported && iHdr.iIkeData->iDPDHeartBeat )
+ DPDHeartbeat = iHdr.iIkeData->iDPDHeartBeat;
+ else DPDHeartbeat = 0;
+
+ TInt KeepAliveTimeout = 0;
+ TInt port = IkeSocket::KIkePort500;
+ TUint32 NATKeepAlive = (iHdr.iNAT_D_Flags & LOCAL_END_NAT);
+ if ( NATKeepAlive || iHdr.iNAT_T_Required )
+ {
+ KeepAliveTimeout = (TInt)iHdr.iIkeData->iNatKeepAlive;
+ if ( NATKeepAlive )
+ {
+ port = IkeSocket::KIkePort4500;
+ if ( KeepAliveTimeout == 0 )
+ KeepAliveTimeout = 120; // If not configured use 2 minutes
+ }
+ }
+
+ if ( DPDHeartbeat || KeepAliveTimeout )
+ {
+ iIkeKeepAlive = CIkeV1KeepAlive::NewL( iPluginSession,
+ port,
+ (TInetAddr&)iHdr.iDestinAddr,
+ KeepAliveTimeout,
+ DPDHeartbeat,
+ (MDpdHeartBeatEventHandler*)this );
+ }
+
+ // Nokia NAT-T needed
+ if (!NATKeepAlive &&
+ iHdr.iNAT_T_Required &&
+ (KeepAliveTimeout > 0) )
+ {
+ // Start Nokia IPsec over NAT keepalive handler
+ TInetAddr addr = (TInetAddr)iHdr.iDestinAddr;
+
+ // NAT-T default ESP UDP port
+ TInt port(KNokiaNattDefaultPort);
+ if (iHdr.iIkeData->iEspUdpPort)
+ port = iHdr.iIkeData->iEspUdpPort;
+
+ iNokiaNatt = CIkev1NokiaNattKeepAlive::NewL( iPluginSession,
+ addr,
+ port,
+ KeepAliveTimeout,
+ iDebug );
+ }
+
+ if ( !iHdr.iVirtualIp && aSaRekey )
+ {
+ //
+ // Rekeyed IKE SA. No virtual IP address received in IKE SA
+ // negotiation. Get "old" virtual IP address saved into
+ // CSARekeyInfo object (if any).
+ //
+ iHdr.StoreVirtualIp(aSaRekey->GetInternalAddr());
+ }
+
+
+ //Lifetime in seconds
+ iRemainingTime = iHdr.iLifeTimeSecs;
+ if ( iRemainingTime == 0 )
+ iRemainingTime = DEFAULT_MAX_ISAKMP_LIFETIME;
+
+ //
+ // Check if IKE SA rekeying threshold value (per cent) defined
+ // If it is (value is between 70 - 95), use that per cent value
+ // as IKE SA timeout (Rekey for a new IKE SA is started then)
+ // "Left over" time is the expiration timeout for rekeyed IKE SA
+ // value which is used when rekey negotiation is started.
+ // The minimum value for that is set to 30 seconds
+ //
+ TInt RekeyThreshold = iHdr.iIkeData->iRekeyingThreshold;
+ if ( RekeyThreshold != 0 )
+ {
+ if ( RekeyThreshold < 70 )
+ RekeyThreshold = 70;
+ else if ( RekeyThreshold > 95 )
+ RekeyThreshold = 95;
+ DEBUG_LOG1(_L("Negotiated ISAKMP Lifetime set to %u"),iRemainingTime);
+ iLeftOverTime = iRemainingTime - ((iRemainingTime/100.0) * RekeyThreshold);
+ iRemainingTime -= iLeftOverTime;
+ if ( iLeftOverTime < 30 )
+ iLeftOverTime = 30;
+ }
+
+ DEBUG_LOG1(_L("ISAKMP Lifetime set to %u"),iRemainingTime);
+
+ //Lifetime in Kb
+ iRemainingKB = iHdr.iLifeTimeKB;
+ DEBUG_LOG1(_L("ISAKMP KB Lifetime set to %u"),iRemainingKB);
+
+ StartTimer();
+
+}
+
+//Destructor
+CIkev1SA::~CIkev1SA()
+{
+ Cancel();
+
+ //Delete the IPSEC SAs as well if desired
+ if ( iHdr.iIkeData && iSPIList)
+ {
+ for (TInt i = 0; i < iSPIList->Count(); i++)
+ {
+ TIpsecSPI* spi_node = iSPIList->At(i);
+ iPluginSession.DeleteIpsecSA( spi_node->iSPI,
+ spi_node->iSrcAddr,
+ spi_node->iDstAddr,
+ spi_node->iProtocol );
+ }
+ }
+
+ iHdr.CleanUp();
+ //Deletes the SPI List
+ delete iSPIList;
+ delete iIkeKeepAlive;
+ delete iNokiaNatt;
+}
+
+
+void CIkev1SA::SetExpired()
+{
+ DEBUG_LOG(_L("CIkev1SA::SetExpired"));
+
+ if ( !iExpired ) //If already expired do nothing to avoid renewing the expiration timer.
+ {
+ DEBUG_LOG(_L("SA is still active. Expiring it..."));
+
+ iExpired = ETrue;
+ //if ( iHdr.iIkeData->iIpsecExpires )
+ //{
+ //DEB(iEngine->PrintText(_L("iIpsecExpires is ETrue\n"));)
+ for (TInt i = 0; i < iSPIList->Count(); i++)
+ {
+ DEBUG_LOG(_L("Deleting IPsec SA"));
+ TIpsecSPI* spi_node = iSPIList->At(i);
+ iPluginSession.DeleteIpsecSA( spi_node->iSPI,
+ spi_node->iSrcAddr,
+ spi_node->iDstAddr,
+ spi_node->iProtocol );
+ }
+ //}
+ Cancel(); //Cancel the current timer
+ After(ISAKMP_DELETE_TIME);
+ }
+}
+
+void CIkev1SA::UpdateSAL(TBool aExpired, TIkev1SAData* aIkev1SAdata)
+{
+ DEBUG_LOG(_L("CIkev1SA::UpdateSAL"));
+
+ if ( aExpired )
+ {
+ ExpireSA();
+ }
+ else
+ {
+ DEBUG_LOG(_L("Not expiring SA"));
+ if ( aIkev1SAdata )
+ {
+ iHdr.CopyL(*aIkev1SAdata);
+ }
+ }
+}
+
+void CIkev1SA::ExpireSA()
+ {
+ DEBUG_LOG(_L("Expiring SA"));
+ SetExpired();
+ }
+
+void CIkev1SA::DoCancel()
+{
+ CTimer::DoCancel();
+}
+
+void CIkev1SA::RunL()
+{
+
+ DEBUG_LOG(_L("CIkev1SA::RunL"));
+ if (!iExpired) //Still alive so that's a normal Lifetime Expiration
+ {
+ DEBUG_LOG(_L("Sa is not expired"));
+
+ if (iRemainingTime > 0) //Timer still no finished
+ {
+ StartTimer();
+ return;
+ }
+
+ if ( iLeftOverTime )
+ {
+ //
+ // Start IKE phase 1 rekey operation
+ //
+ iRemainingTime = iLeftOverTime;
+ iLeftOverTime = 0;
+ CSARekeyInfo* SARekeyInfo = CSARekeyInfo::NewL(iHdr.iCookie_I, iHdr.iCookie_R, iHdr.iVirtualIp);
+
+ iHdr.iVirtualIp = NULL; //Exclusive ownership of the object moved to TSARekeyInfo
+ DEBUG_LOG(_L("Starting ISAKMP SA rekeying "));
+ CleanupStack::PushL(SARekeyInfo);
+ iPluginSession.RekeyIkeSAL(&iHdr, SARekeyInfo);
+ CleanupStack::Pop(SARekeyInfo);
+ StartTimer();
+ }
+ else
+ {
+ DEBUG_LOG(_L("**\n---ISAKMP SA Deleted---- Lifetime expired**"));
+ iPluginSession.DeleteIkeSA(&iHdr, EFalse); // "Normal" close
+ SetExpired();
+ }
+ }
+ else
+ { //Expired must be erased Completely after the default waiting time
+
+ DEBUG_LOG(_L("Deleting IKE Sa"));
+ iPluginSession.RemoveIkeSA( this, iStatus.Int() );
+ }
+
+}
+
+TInt CIkev1SA::RunError(TInt aError)
+ {
+ DEBUG_LOG1(_L("CIkev1SA::RunError, err=%d"), aError);
+ iPluginSession.HandleError(aError);
+ return KErrNone;
+ }
+
+void CIkev1SA::StartTimer()
+{
+ if (iRemainingTime > KMaxTInt/SECOND) //To avoid overflowing the Timer
+ {
+ iRemainingTime -= KMaxTInt/SECOND;
+ After(KMaxTInt);
+ }
+ else //No overflow
+ {
+ After(iRemainingTime*SECOND);
+ iRemainingTime = 0;
+ }
+}
+
+//Adds a new node to the List of SPIs to know the direction if it has to be deleted.
+void CIkev1SA::AddIpsecSPIL(TIpsecSPI& aIpsecSpi)
+{
+ TIpsecSPI* spi_node = new (ELeave) TIpsecSPI;
+ CleanupStack::PushL(spi_node);
+ iSPIList->AppendL(spi_node);
+ CleanupStack::Pop();
+ spi_node->iSrcAddr = aIpsecSpi.iSrcAddr;
+ spi_node->iDstAddr = aIpsecSpi.iDstAddr;
+ spi_node->iSPI = aIpsecSpi.iSPI;
+ spi_node->iProtocol = aIpsecSpi.iProtocol;
+ spi_node->iInbound = aIpsecSpi.iInbound;
+}
+
+TBool CIkev1SA::FindIpsecSPI(TUint32 aSPI, TBool aInbound)
+{
+ TIpsecSPI *spi_node;
+ for (TInt i = 0; i < iSPIList->Count(); i++)
+ {
+ spi_node = iSPIList->At(i);
+ if ( (spi_node->iSPI == aSPI) && (spi_node->iInbound == aInbound) )
+ {
+ return ETrue;
+ }
+ }
+
+ return EFalse;
+}
+
+//
+//Deletes a TIpsecSPI matching aSPI
+//
+TBool CIkev1SA::DeleteIpsecSPI(TUint32 aSPI, TBool aInbound)
+{
+ TIpsecSPI *spi_node;
+ for (TInt i = 0; i < iSPIList->Count(); i++)
+ {
+ spi_node = iSPIList->At(i);
+ if ( (spi_node->iSPI == aSPI) && (spi_node->iInbound == aInbound) )
+ {
+ delete spi_node;
+ iSPIList->Delete(i);
+ return ETrue;
+ }
+ }
+
+ return EFalse;
+}
+
+//
+// Flush all Ipsec SA:s bound to this IKE SA from SADB and send Delete
+// payload for all inbound SAs
+//
+void CIkev1SA::DeleteIpsecSAs()
+{
+ TIpsecSPI* spi_node;
+ TInt c = iSPIList->Count();
+ for (TInt i = 0; i < c; i++)
+ {
+ spi_node = iSPIList->At(i);
+ if ( spi_node->iInbound )
+ {
+ //Only the inbound ones notified to avoid receiving packets using an expired SA
+ //The opposite if receiving a Delete
+ DEBUG_LOG1(_L("Sending ISAKMP Delete payload for IPSec SPI %x"),
+ (int)ByteOrder::Swap32(spi_node->iSPI));
+
+ // Call to delete may fail (delete sends DELETE payloads, and the data connection
+ // may not be open anymore). This is non-fatal, however.
+ TRAPD(err, iPluginSession.DeleteIpsecSAL(&iHdr, spi_node));
+ if (err == KErrNone)
+ {
+ // DELETE sent successfully
+ DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA delete OK"));
+ }
+ else if (err == KErrNotFound)
+ {
+ // Non-fatal leave occured (couldn't send DELETE due to invalid connection)
+ // We can still continue purging IPSEC SAs.
+ DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA delete failed due non-existing connection. Non-fatal, continuing"));
+ }
+ else
+ {
+ // Fatal leave (e.g. out of memory etc)
+ DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA deletion error. Fatal."));
+ iPluginSession.HandleError(err);
+ return;
+ }
+ }
+ iPluginSession.DeleteIpsecSA(spi_node->iSPI, spi_node->iSrcAddr, spi_node->iDstAddr, spi_node->iProtocol);
+ delete spi_node;
+ }
+ iSPIList->Reset(); //Empties the full list at once
+}
+
+//
+// void CIkev1SA::DeleteIpsecSAsForced()
+//
+void CIkev1SA::DeleteIpsecSAsForced()
+{
+ TIpsecSPI* spi_node;
+ TInt c = iSPIList->Count();
+ for (TInt i = 0; i < c; i++)
+ {
+ spi_node = iSPIList->At(i);
+ iPluginSession.DeleteIpsecSA( spi_node->iSPI,
+ spi_node->iSrcAddr,
+ spi_node->iDstAddr,
+ spi_node->iProtocol );
+ delete spi_node;
+ }
+ iSPIList->Reset();
+}
+
+void CIkev1SA::EventHandlerL()
+{
+ //
+ // The implementation for class MDpdHeartBeatEventHandler virtual function
+ // This method is called by an CIkeKeepAlive object instance when
+ // DPD heartbeat timeout has elapsed.
+ //
+ if ( !iExpired && iSPIList->Count() )
+ iPluginSession.KeepAliveIkeSAL(&iHdr);
+}
+
+void CIkev1SA::CancelRekey()
+ {
+ if ( iLeftOverTime != 0 )
+ {
+ DEBUG_LOG1(_L("CIkev1SA::CancelRekey, remaining time=%d"), iLeftOverTime );
+ iRemainingTime = iLeftOverTime;
+ iLeftOverTime = 0;
+ }
+ }
+
+//
+//class CIpsecSPIList : public CArrayPtr<TIpsecSPI>
+//
+CIpsecSPIList::CIpsecSPIList(TInt aGranularity) : CArrayPtrFlat<TIpsecSPI>(aGranularity){}
+CIpsecSPIList::~CIpsecSPIList() {ResetAndDestroy();}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1sender.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,139 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender of UDP datagrams
+*
+*/
+
+
+#include <in_sock.h>
+
+#include "ikedatainterface.h"
+#include "ikedebug.h"
+#include "ikesocketdefs.h"
+#include "ikemsgheader.h"
+
+// CLASS HEADER
+#include "ikev1sender.h"
+
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Sender* CIkev1Sender::NewL( MIkeDataInterface& aDataInterface,
+ MIkev1SenderCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CIkev1Sender* self = new (ELeave) CIkev1Sender( aDataInterface,
+ aCallback,
+ aDebug );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Sender::~CIkev1Sender()
+ {
+ HBufC8* udpData = iUdpData;
+ iUdpData = NULL;
+
+ // Sending is not completed via callback interface.
+ Cancel();
+
+ delete udpData;
+ udpData = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev1Sender::CIkev1Sender( MIkeDataInterface& aDataInterface,
+ MIkev1SenderCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iUdpData( NULL ),
+ iDataInterface( aDataInterface ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Sends IKE message.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Sender::SendUdpData( HBufC8* aUdpData,
+ const TInetAddr& aDestAddr,
+ TInt aLocalPort,
+ TUint8 aDscp )
+ {
+ __ASSERT_DEBUG( iUdpData == NULL,
+ User::Invariant() );
+
+ Cancel();
+
+ iUdpData = aUdpData;
+
+ // Send IKE message.
+ DEBUG_LOG( _L("CIkev1Sender::SendUdpData, sending..."));
+ iDataInterface.SendUdpData( aLocalPort,
+ aDestAddr,
+ *aUdpData,
+ aDscp,
+ iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of sending.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Sender::RunL()
+ {
+ DEBUG_LOG1( _L("CIkev1Sender::RunL, status=%d"),
+ iStatus.Int() );
+
+ if ( iUdpData != NULL )
+ {
+ delete iUdpData;
+ iUdpData = NULL;
+
+ iCallback.SendUdpDataCompleted( iStatus.Int() );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of sending.
+// ---------------------------------------------------------------------------
+//
+void CIkev1Sender::DoCancel()
+ {
+ DEBUG_LOG( _L("CIkev1Sender::DoCancel"));
+
+ iDataInterface.CancelSend();
+ if ( iUdpData != NULL )
+ {
+ delete iUdpData;
+ iUdpData = NULL;
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1timeout.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,64 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Source for timer class used by IKEv1
+*
+*/
+
+#include "ikev1timeout.h"
+#include "ikev1negotiation.h"
+
+
+CIkev1Timeout* CIkev1Timeout::NewL(CIkev1Negotiation& aNegotiation)
+ {
+ CIkev1Timeout* self = new (ELeave) CIkev1Timeout(aNegotiation);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkev1Timeout::CIkev1Timeout(CIkev1Negotiation& aNegotiation)
+ : CTimer(EPriorityStandard),
+ iNegotiation(aNegotiation)
+ {
+ CActiveScheduler::Add(this); //Adds itself to the scheduler only the first time
+ }
+
+
+CIkev1Timeout::~CIkev1Timeout()
+ {
+ if (IsActive())
+ Cancel();
+ }
+
+
+//Issues next RunL execution
+void CIkev1Timeout::IssueRequest(TTimeIntervalMicroSeconds32 anInterval)
+ {
+ After(anInterval); //Also sets the object as Active
+ }
+
+
+// CPacketTimeout
+// will send all the packets. One packet each Time
+void CIkev1Timeout::RunL()
+ {
+ iNegotiation.ReSendL();
+ }
+
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev1lib/src/ikev1trans.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1148 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE transaction exchange implementation.
+*
+*/
+
+/**-------------------------------------------------------------------
+ *
+ * Class CTransNegotiation
+ * This class is used to handle ISAKMP Transaction exchange messages.
+ * Transaction exchange has been defined in the IETF draft which specifies
+ * The ISAKMP Configuration Method <draft-dukes-ike-mode-cfg-01.txt>.
+ * This same two message configuration transaction is also used in IETF draft
+ * Extended Authentication within IKE (XAUTH) <draft-beaulieu-ike-xauth-02.txt>.
+ * CTransNegotiation class implements these IETF drafts, too.
+ *
+ *--------------------------------------------------------------------*/
+
+#include "ikev1trans.h"
+#include "ikedebug.h"
+#include "ikev1pluginsession.h"
+#include "ikev1negotiation.h"
+#include "ikev1payload.h"
+#include "ikev1timeout.h"
+#include "ikev1crack.h"
+#include "ikev1isakmpstream.h"
+#include "ikev1crypto.h"
+
+const TUint8 XAUTH_VID_DATA[8] = {0x09, 0x00, 0x26, 0x89, 0xdf, 0xd6, 0xb7, 0x12};
+const TUint8 CISCO_UNITY_VID_DATA[16] = {0x12, 0xf5, 0xf2, 0x8c, 0x45, 0x71, 0x68, 0xa9,
+ 0x70, 0x2d, 0x9f, 0xe2, 0x74, 0xcc, 0x01, 0x00};
+
+
+CTransNegotiation::CTransNegotiation( TInt aGranularity,
+ TBool aUseXauth,
+ TBool aUseCfgMode,
+ CIkev1PluginSession* aPluginSession,
+ CIkev1Negotiation* aNegotiation,
+ MIkeDebug& aDebug )
+ :CArrayFixFlat<TTransExchange*>(aGranularity),
+ iPluginSession(aPluginSession),
+ iNegotiation(aNegotiation),
+ iUseXauth(aUseXauth),
+ iUseCfgMode(aUseCfgMode),
+ iDebug(aDebug)
+{
+}
+
+
+/**-------------------------------------------------------------------
+ *
+ * Method New()
+ * Creates an instance of CTransNegotiation class if either
+ * usage of XAUTH or CFG-MODE has been requested.
+ *
+ *--------------------------------------------------------------------*/
+CTransNegotiation* CTransNegotiation::NewL(TBool aUseXauth, TBool aUseCfgMode,
+ CIkev1PluginSession* aPluginSession,
+ CIkev1Negotiation* aNegotiation,
+ MIkeDebug& aDebug )
+{
+ CTransNegotiation* Neg = new (ELeave) CTransNegotiation( 1,
+ aUseXauth,
+ aUseCfgMode,
+ aPluginSession,
+ aNegotiation,
+ aDebug );
+ CleanupStack::PushL(Neg);
+ Neg->ConstructL();
+ CleanupStack::Pop(Neg);
+ return Neg;
+}
+/**-------------------------------------------------------------------
+ *
+ * Deconstruct method
+ *
+ *--------------------------------------------------------------------*/
+CTransNegotiation::~CTransNegotiation()
+{
+ DEBUG_LOG(_L("Transaction exchange object deleted"));
+
+ delete iInternalAddr;
+ delete iDialog;
+ delete iDialogInfo;
+ delete iUserName;
+
+ for ( TInt i = 0; i < Count(); i++ )
+ {
+ delete At(i);
+ }
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ConstructL()
+ * -- Links CKmdEngine- and CNegotiation object pointers to CTransNegotiation
+ * -- If only CONFIG-MODE requested, start corresponding transaction exchange.
+ *
+ *--------------------------------------------------------------------*/
+void CTransNegotiation::ConstructL()
+{
+ if ( !iPluginSession || !iNegotiation || (!iUseXauth && !iUseCfgMode))
+ {
+ User::Leave(KErrArgument);
+ }
+
+ DEBUG_LOG(_L("Transaction exchange object constructed"));
+ if ( !iUseXauth )
+ {
+ iXauthCompleted = ETrue;
+ iNegotiation->iTimer->Cancel(); // Stop retransmission timer
+ }
+ else
+ {
+ if ( !iUseCfgMode )
+ iCfgModeCompleted = ETrue;
+ DEBUG_LOG(_L("Starting to Wait XAUTH request"));
+ }
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method GetAuthMethod()
+ * This static method converts the authentication method value from
+ * "normal" IKE attribute value (specified in RFC2409) to the attribute
+ * value indicate XAUTH usage after IKE phase 1. This conversion is done
+ * into the opposite direction when call parameter (aAuthMethod) have
+ * already value indicating Xauth usage.
+ *
+ *--------------------------------------------------------------------*/
+TUint16 CTransNegotiation::GetAuthMethod(TUint16 aAuthMethod, TBool aXauthUsed, TInt aRole)
+{
+ if ( aXauthUsed ) {
+ if ( aAuthMethod >= XAUTHInitPreShared && aAuthMethod <= XAUTHRespRSARevisedEncr) {
+ aAuthMethod -= XAUTHMethodBase;
+ aAuthMethod = (TUint16)((aAuthMethod >> XAUTHScaler) | XAUTHScaler);
+ }
+ else {
+ if ( aAuthMethod >= PRE_SHARED && aAuthMethod <= RSA_REV_ENCR ) {
+ aAuthMethod = (TUint16)((aAuthMethod << XAUTHScaler) + XAUTHMethodBase);
+ if ( aRole == INITIATOR )
+ aAuthMethod -= XAUTHScaler;
+ }
+ }
+ }
+ return aAuthMethod;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method BuildXauthVendorId()
+ * This method builds a XAUTH related Vendor ID payload and adds it into
+ * the IKE message. The vendor id is specified in the draft
+ * <draft-beaulieu-ike-xauth-02.txt> and its content is the following:
+ * ["0x09002689DFD6B712"])
+ * Both ISAKMP mode-cfg and extended authentication (XAUTH) can be
+ * implemented in some VPN SGWs according to the older mode-cfg and
+ * xauth drafts:
+ * <draft-ietf-ipsec-isakmp-mode-cfg-04.txt> and
+ * <draft-ietf-ipsec-isakmp-xauth-04.txt>
+ *
+ *--------------------------------------------------------------------*/
+void CTransNegotiation::BuildXauthVendorId(TIkev1IsakmpStream &aMsg)
+{
+ TInetAddr DummyAddr;
+
+ aMsg.IsakmpVendorId(IETF_NATT_VENDOR_ID,
+ NULL, NULL, DummyAddr, // These parameters has no relevance with IETF_NATT_VID_DATA
+ (TUint8*)XAUTH_VID_DATA, sizeof(XAUTH_VID_DATA));
+
+ aMsg.IsakmpVendorId(IETF_NATT_VENDOR_ID,
+ NULL, NULL, DummyAddr, // These parameters has no relevance with IETF_NATT_VID_DATA
+ (TUint8*)CISCO_UNITY_VID_DATA,
+ sizeof(CISCO_UNITY_VID_DATA));
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method GetIV()
+ * Get IV for transaction exchange specified with message id parameter:
+ * Find corresponding exchange structure and copy IV to caller
+ * If no exchange found, return EFALSE status to indicate error.
+ *
+ *--------------------------------------------------------------------*/
+TBool CTransNegotiation::GetIV(TUint32 aMsgId, TDes8& aIV)
+{
+ TBool status = ETrue;
+ TTransExchange *exchange = FindExchange(aMsgId);
+ if ( exchange )
+ aIV.Copy(exchange->iIV);
+ else status = EFalse;
+
+ return status;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method SetIV()
+ * Set IV for transaction exchange specified with message id parameter:
+ * Find corresponding exchange structure and store specified IV to
+ * exchange structure
+ * If no exchange found, return EFALSE status to indicate error.
+ *
+ *--------------------------------------------------------------------*/
+TBool CTransNegotiation::SetIV(TUint32 aMsgId, TDes8& aIV)
+{
+ TBool status = ETrue;
+ TTransExchange *exchange = FindExchange(aMsgId);
+ if ( exchange )
+ exchange->iIV.Copy(aIV);
+ else status = EFalse;
+
+ return status;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ProcessUserResponseL()
+ * ProcessUserResponseL() builds a XAUTH reply message from authentication
+ * credentials linked into the current CAuthDialogInfo object.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo )
+{
+ //
+ // Find a transaction exchange structure for current message
+ //
+ TInt lth = 0;
+ iCurrExchange = FindExchange(aDialogInfo->GetMsgId());
+
+ if ( iCurrExchange && iRequestFlags ) {
+ //
+ // Allocate a buffer for Attribute payload.
+ // Calculate first required buffer length
+ //
+ if ( aDialogInfo->iUsername )
+ lth += (aDialogInfo->iUsername->Length() + 4);
+ if ( aDialogInfo->iSecret )
+ lth += (aDialogInfo->iSecret->Length() + 4);
+
+ HBufC8 *attributes = HBufC8::NewL(lth + 4);
+ CleanupStack::PushL(attributes);
+ TPtr8 attr_ptr(attributes->Des());
+ TUint16 AttrType;
+
+ if ( iRequestFlags & (1 << (ATTR_PASSWORD - ATTR_XAUTH_TYPE)) ) {
+ //
+ // Add Xauth type attribute. Value is taken from current exchange structure
+ //
+ if ( iUseOlderPIXXauth )
+ AttrType = ATTR_PIX_XAUTH_TYPE;
+ else AttrType = ATTR_XAUTH_TYPE;
+ AddAttributeData(attr_ptr, AttrType, 2, (TUint8*)&iCurrExchange->iXauthType);
+ }
+
+ if ( aDialogInfo->iUsername ) {
+ //
+ // Add user name attribute.
+ //
+ if ( iUseOlderPIXXauth )
+ AttrType = ATTR_PIX_USER_NAME;
+ else AttrType = ATTR_USER_NAME;
+
+ AddAttributeData(attr_ptr, AttrType, aDialogInfo->iUsername->Length(),
+ (TUint8*)aDialogInfo->iUsername->Ptr());
+ //
+ // Take a copy of user name buffer in dialog info. This user name
+ // is cached into user name file if current CRACK negotiation is
+ // succeeded
+ //
+ delete iUserName; // Delete old user name buffer for sure
+ iUserName = HBufC8::New(aDialogInfo->iUsername->Length() + 16); // 16 bytes space for padding
+ if ( iUserName ) {
+ iUserName->Des().Copy(aDialogInfo->iUsername->Des());
+ }
+ }
+
+ if ( aDialogInfo->iSecret ) {
+ //
+ // Add either password, passcode or next pin attribute.
+ // Check from iRequestFlags which one was requested by the gateway
+ //
+ if ( iUseOlderPIXXauth )
+ AttrType = ATTR_PIX_PASSWORD; // default;
+ else AttrType = ATTR_PASSWORD; // default
+
+ switch ( iRequestFlags ) {
+
+ case (1 << (ATTR_PASSCODE - ATTR_XAUTH_TYPE)):
+ if ( iUseOlderPIXXauth )
+ AttrType = ATTR_PIX_PASSCODE;
+ else AttrType = ATTR_PASSCODE;
+ break;
+
+ case (1 << (ATTR_NEXT_PIN - ATTR_XAUTH_TYPE)):
+ AttrType = ATTR_NEXT_PIN;
+ break;
+
+ default:
+ break;
+
+ }
+ AddAttributeData(attr_ptr, AttrType, aDialogInfo->iSecret->Length(),
+ (TUint8*)aDialogInfo->iSecret->Ptr());
+ }
+
+ BuildAndSendMessageL(attr_ptr, ISAKMP_CFG_REPLY);
+
+ CleanupStack::PopAndDestroy(); //attributes
+
+ iRequestFlags = 0;
+
+ }
+
+ delete iDialog; // delete dialog object
+ delete aDialogInfo; // release dialog info object
+ iDialog = NULL;
+ iDialogInfo = NULL;
+
+ return TRANSACTION_CONTINUE;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method TransactionFailedL()
+ * TransactionFailedL() is called when a notificatio/delete payload
+ * has been received in the middle of a transaction exchange.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::TransactionFailedL(const TNotificationISAKMP *aNotifPayload)
+{
+
+ (void)aNotifPayload;
+ iNegotiation->iTimer->Cancel(); //Cancel timer because authentication failed
+ DEBUG_LOG(_L("Transaction exchange stopped by the gateway!"));
+ //
+ // Dialog object shall be delete in Dialog->RunL when dialog completed
+ //
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ Dialog->ShowErrorDialogL(TVpnNoteDialog::EKmdAuthenticationFailed, NULL, NULL);
+
+ return TRANSACTION_FAILED;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ExecuteL()
+ * Processes a received ISAKMP transaction exchange message.
+ * The received message MUST be an encrypted transaction exchange message
+ * otherwise it is silently discarded.
+ * Current TTransExchange structure is found, IV value calculated and
+ * ISAKMP message decrypted.
+ * TransactionExchangeL() method returns to the caller the following status codes:
+ * (Corresponding CRACK status codes defined in ike_crack.h)
+ * -- TRANSACTION_SUCCESS (0) =
+ * Transaction exchange(s) has been succesfully completed.
+ * Normal operation can continue and CTransNegotiation object can be deleted.
+ * -- TRANSACTION_CONTINUE (1) =
+ * Received message succesfully processed.
+ * Transaction exchange(s) shall still continue.
+ * -- TRANSACTION_IGNORE (2) =
+ * Received message ignored. Transaction exchange(s) shall still continue.
+ * -- TRANSACTION_FAILED (4) =
+ * Transaction exchange(s) has been failed (either CONFIG-MODE or XAUTH).
+ * Current CNegotiation object as well as CTransNegotiation object can
+ * be deleted. (= corresponding ISAKMP phase 1 negotiation shall be deleted).
+ *
+ *--------------------------------------------------------------------*/
+#ifdef _DEBUG
+TInt CTransNegotiation::ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort )
+#else
+TInt CTransNegotiation::ExecuteL( const ThdrISAKMP& aHdr,
+ const TInetAddr& /*aSrcAddr*/,
+ TInt /*aLocalPort*/ )
+#endif
+{
+ DEBUG_LOG(_L("Received message (encr)."));
+
+ TLastIKEMsg msg_info(aHdr); //For retransmitted IKE msg detection
+ if ( iLastTransMsgInfo.IsReTransmit(msg_info) ) {
+ DEBUG_LOG(_L("Retransmitted Transaction message received, silently discarded !"));
+ return TRANSACTION_IGNORE;
+ }
+ TUint32 status = TRANSACTION_IGNORE; // default
+ TUint32 msg_id;
+ TBuf8<IV_LTH> tmp_IV; //Temporal IV. Used to update the real one if the msg OK
+ const ThdrISAKMP *hdr = NULL;
+ TUint8 *msg = NULL;
+ msg_id = aHdr.GetMessageId(); //Saves the ID to compute IV and hash
+
+ if (aHdr.GetFlags() & ISAKMP_HDR_EFLAG) //if encrypted
+ {
+ msg = new (ELeave) TUint8[aHdr.GetLength()]; //to place the new msg
+ CleanupStack::PushL(msg);
+
+ Mem::Copy(msg, (TUint8 *)&aHdr, sizeof(aHdr)); //The header is not encrypted
+
+#ifdef _DEBUG
+ DEBUG_LOG(_L("Message ID recv:"));
+ TUint32 swap_id = ByteOrder::Swap32(msg_id);
+ DEBUG_LOG_ARRAY((TUint8 *)&swap_id, sizeof(msg_id));
+ DEBUG_LOG(_L("Transaction IV:"));
+#endif // _DEBUG
+ //
+ // Find a transaction exchange structure for current message
+ //
+ iCurrExchange = FindExchange(msg_id);
+ if ( !iCurrExchange )
+ iCurrExchange = AddExchangeL(msg_id, RESPONDER); // Add a new transaction exchange
+ //
+ // Adjust IV value for transaction exchange.
+ // There is now two situations:
+ // 1) There already exists an IV in exchange structure
+ // (received message is a reply for an earlier sent request)
+ // 2) There is no IV in exchange structure
+ // (received message is a new request/set message from peer)
+ // A new IV is built from CNegotiation.iLastIV and current message ID
+ //
+ if ( iCurrExchange->iIV.Length() == 0 ) {
+ iCurrExchange->iIV.Copy(iNegotiation->iLastIV);
+ iNegotiation->ComputeIVL(iCurrExchange->iIV, msg_id);
+ }
+ tmp_IV.Copy(iCurrExchange->iIV); // Make a copy of current IV
+
+ DEBUG_LOG(_L("Decrypting..."));
+
+ DecryptL((TUint8 *)aHdr.Next(),&msg[sizeof(aHdr)], (aHdr.GetLength()-sizeof(aHdr)),
+ iCurrExchange->iIV, iNegotiation->iSKEYID_e,
+ iNegotiation->iChosenProposal_I.iAttrList->iEncrAlg);
+ hdr = (ThdrISAKMP *)msg; //decrypted msg
+
+#ifdef _DEBUG
+ const TPtrC8 ikeMsgPtr( (TUint8*)hdr,(TUint16)hdr->GetLength() );
+ TInetAddr dstAddr;
+ iPluginSession->GetLocalAddress( dstAddr );
+ dstAddr.SetPort( aLocalPort );
+ TRACE_MSG_IKEV1( ikeMsgPtr, aSrcAddr, dstAddr );
+#endif // _DEBUG
+
+ status = TransactionExchangeL(*hdr);
+
+ if ( status == TRANSACTION_IGNORE ) {
+ //
+ // Current message ignored, restore saved IV to exchange structure
+ //
+ iCurrExchange->iIV.Copy(tmp_IV);
+ }
+ }
+ else
+ hdr = &aHdr;
+
+ if (msg) //If used erase it (when encryption)
+ CleanupStack::PopAndDestroy();
+
+ if ( status == TRANSACTION_CONTINUE )
+ msg_info.Store(iLastTransMsgInfo); // store new last received IKE message info
+
+ return status;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method TransactionExchangeL()
+ * The ISAKMP transaction exchange message MUST be the following format:
+ * HDR*, HASH, ATTR
+ * Where the HASH payload contains the prf output, using SKEYID_a as
+ * the key, and the M-ID (ISAKMP header Message ID) unique to this
+ * exchange concatenated with all of the payloads after the HASH
+ * payload. In other words, the hash for the above exchange is:
+ * HASH = prf( SKEYID_a, M-ID | ATTR )
+ * Multiple ATTR payloads MAY NOT be present in the Transaction Exchange.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::TransactionExchangeL(const ThdrISAKMP &aHdr)
+{
+ TUint32 status;
+ iNegotiation->iLengthLeft = aHdr.GetLength(); //Used to check the size in the payload are OK
+
+ CIkev1Payloads* payload = CIkev1Payloads::NewL(aHdr, *iNegotiation, iDebug);
+ if (!payload)
+ {
+ return TRANSACTION_FAILED;
+ }
+ CleanupStack::PushL(payload);
+
+ if ( payload->iHash && payload->iAttr )
+ {
+ //
+ // Check if the hash value is OK.
+ //
+ if (!iNegotiation->VerifyInformationalHashL(payload->iHash, payload->iAttr,
+ iCurrExchange->iMessageId))
+ {
+ DEBUG_LOG(_L("AUTHENTICATION_FAILED (Transaction hash)"));
+ CleanupStack::PopAndDestroy(); //payload
+ return TRANSACTION_FAILED;
+ }
+ status = ProcessAttributesL(payload->iAttr);
+ CleanupStack::PopAndDestroy(); //payload
+ return status;
+ }
+ CleanupStack::PopAndDestroy(); //payload
+ DEBUG_LOG(_L("Erroneous Transaction Exchange message received"));
+ return TRANSACTION_FAILED;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ProcessAttributesL()
+ * ProcessAttributesL() method parses the data attributes in received
+ * attribute payload. If the iRole data member of current exchange structure
+ * contains value INITIATOR, attribute payload is a CONFIG-MODE Reply
+ * which should contain CONFIG-MODE attributes.
+ * If the iRole data member of current exchange structure
+ * contains value RESPONDER, attribute payload is either a XAUTH Request or Set.
+ * These primitives should contain XAUTH attributes.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::ProcessAttributesL(const TAttributeISAKMP *aAttr)
+{
+ TInt length = (TInt)aAttr->GetLength();
+ if ( STATIC_CAST(TUint, length) < sizeof(TAttributeISAKMP) ) {
+ return TRANSACTION_FAILED;
+ }
+
+ TInt status;
+ TUint8 cfg_msg_type = aAttr->CfgMsgType();
+ TUint16 identifier = aAttr->Identifier();
+
+ if ( iCurrExchange->iRole == INITIATOR ) {
+ //
+ // Config mode transaction. The current message should be a reply.
+ // Identifier value must also match to value in current exchange structure.
+ //
+ if ( cfg_msg_type != ISAKMP_CFG_REPLY ) {
+// ||
+// ( iCurrExchange->iIdentifier != identifier ) ) {
+ return TRANSACTION_FAILED;
+ }
+ status = ProcessCfgModeAttrsL(aAttr->AttrData(), aAttr->AttrDataLen());
+ }
+ else {
+ //
+ // XAUTH mode transaction. The current message should be either request
+ // or set.
+ //
+ if ( (cfg_msg_type != ISAKMP_CFG_REQUEST) && (cfg_msg_type != ISAKMP_CFG_SET) ) {
+ return TRANSACTION_FAILED;
+ }
+ iCurrExchange->iIdentifier = identifier;
+ if ( cfg_msg_type == ISAKMP_CFG_REQUEST )
+ status = ProcessXauthRequestL(aAttr->AttrData(), aAttr->AttrDataLen());
+ else status = ProcessXauthStatusL(aAttr->AttrData(), aAttr->AttrDataLen());
+ }
+
+ return CheckTransactionStatusL(status);
+
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ProcessCfgModeAttrs()
+ * ProcessCfgModeAttrs parses CONFIG-MODE reply message attributes
+ * received from gateway. In this phase the following attributes are used:
+ * -- INTERNAL_IP4_ADDRESS = Client virtual IPv4 address in secure network
+ * -- INTERNAL_IP6_ADDRESS = Client virtual IPv6 address in secure network
+ * -- INTERNAL_IP4_DNS = DNS address(es) in secure network
+ *
+ * All other attributes are silently discarded
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::ProcessCfgModeAttrsL(TDataISAKMP* aAttr, TInt aLth)
+{
+
+ TBool ia_received = EFalse;
+ TUint32 ipv4_addr;
+ TIp6Addr ipv6_addr; //IPV6 raw address
+ TInetAddr *dns_addr;
+
+ delete iInternalAddr; // delete old CInternalAddress for sure
+ iInternalAddr = NULL;
+ CInternalAddress *InternalAddr = new (ELeave)CInternalAddress(1);
+ CleanupStack::PushL(InternalAddr);
+
+ while ( aLth > 0 ) {
+
+ aLth = aLth - aAttr->Size();
+ if ( aLth < 0 ) {
+ DEBUG_LOG(_L("CONFIG-MODE REPLY ERROR (Length mismatch in the attibutes)"));
+ CleanupStack::PopAndDestroy(); // InternalAddr
+ return TRANSACTION_FAILED;
+ }
+ switch ( aAttr->Type() ) {
+
+ case ATTR_INTERNAL_IP4_ADDR:
+ //
+ // A Virtual IPv4 address received.
+ // Store value to CInternalAddress object
+ //
+ if ( !aAttr->IsBasic() && (aAttr->Length() == 4) ) {
+ if ( !ia_received ) {
+ ia_received = ETrue;
+ ipv4_addr = GET32(aAttr->VarValue());
+ InternalAddr->iClientIntAddr.SetAddress(ipv4_addr);
+ }
+ }
+ break;
+
+ case ATTR_INTERNAL_IP6_ADDR:
+ //
+ // A Virtual IPv6 address received.
+ // Store value to CInternalAddress object
+ //
+ if ( !aAttr->IsBasic() && (aAttr->Length() == 16) ) {
+ if ( !ia_received ) {
+ ia_received = ETrue;
+ Mem::Copy(&ipv6_addr.u.iAddr8, aAttr->VarValue(), sizeof(ipv6_addr.u.iAddr8));
+ InternalAddr->iClientIntAddr.SetAddress(ipv6_addr);
+ }
+ }
+ break;
+
+ case ATTR_INTERNAL_IP4_DNS:
+ //
+ // Internal DNS address received.
+ // Add value to CInternalAddress object
+ //
+ if ( !aAttr->IsBasic() && (aAttr->Length() == 4) ) {
+ ipv4_addr = GET32(aAttr->VarValue());
+ dns_addr = new(ELeave)TInetAddr;
+ CleanupStack::PushL(dns_addr);
+ dns_addr->SetAddress(ipv4_addr);
+ InternalAddr->AppendL(dns_addr);
+ CleanupStack::Pop(); // dns_addr
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ aAttr = aAttr->Next();
+ }
+
+ CleanupStack::Pop(); // InternalAddr
+ iInternalAddr = InternalAddr;
+
+ iCfgModeCompleted = ETrue;
+
+ DEBUG_LOG(_L("CONFIG-MODE completed, reply received!"));
+
+ return TRANSACTION_SUCCESS;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ProcessXauthRequest()
+ * ProcessXauthRequest parses XAUTH request message attributes
+ * received from gateway.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::ProcessXauthRequestL(TDataISAKMP* aAttr, TInt aLth)
+{
+ TInt status = TRANSACTION_CONTINUE;
+ TUint16 xauth_type = ATTR_XAUTH_GENERIC;
+ TUint32 request_flags = 0;
+ TPtr8 challenge(NULL, 0);
+ TUint16 attr_type;
+
+ while ( aLth > 0 ) {
+
+ aLth = aLth - aAttr->Size();
+ if ( aLth < 0 ) {
+ DEBUG_LOG(_L("XAUTH REQUEST ERROR (Length mismatch in the attibutes)"));
+ return TRANSACTION_FAILED;
+ }
+ attr_type = aAttr->Type();
+ //
+ // Check does the VPN gateway support older XAUTH draft version
+ // draft-ietf-ipsec-isakmp-xauth-04.txt.
+ // The check is based on attribute type values. In the older
+ // draft attribute values are defined in range (13-20) and in the newer
+ // "de-facto" draft-beaulieu-ike-xauth-02.txt the same
+ // attribute values are in "private use" range (16520-16529)
+ //
+ if ( attr_type < ATTR_XAUTH_TYPE )
+ iUseOlderPIXXauth = ETrue;
+
+ switch ( attr_type ) {
+
+ case ATTR_XAUTH_TYPE:
+ case ATTR_PIX_XAUTH_TYPE:
+ //
+ // Extended authentication type requested
+ //
+ if ( aAttr->IsBasic() ) { // Basic attribute
+ request_flags |= (1 << (ATTR_XAUTH_TYPE - ATTR_XAUTH_TYPE));
+ iCurrExchange->iXauthType = aAttr->Value();
+ }
+ break;
+
+ case ATTR_USER_NAME:
+ case ATTR_PASSWORD:
+ case ATTR_PASSCODE:
+ case ATTR_PIX_USER_NAME:
+ case ATTR_PIX_PASSWORD:
+ case ATTR_PIX_PASSCODE:
+ //
+ // Handles the following attribute values:
+ // -- User name
+ // -- Password
+ // -- Passcode
+ // Set a corresponding bit request flags. Parameter contents has
+ // no meaning in request
+ //
+ if ( !aAttr->IsBasic() ) { // Variable length
+ if ( attr_type < ATTR_USER_NAME )
+ request_flags |= (1 << (attr_type - ATTR_PIX_XAUTH_TYPE));
+ else request_flags |= (1 << (attr_type - ATTR_XAUTH_TYPE));
+ }
+ break;
+
+ case ATTR_MESSAGE:
+ case ATTR_PIX_MESSAGE:
+ //
+ // Message data attribute (NOT USED IN THIS PHASE)
+ //
+ break;
+
+ case ATTR_CHALLENGE:
+ case ATTR_PIX_CHALLENGE:
+ //
+ // Challenge data attribute
+ //
+ if ( !aAttr->IsBasic() && aAttr->Length() ) {
+ request_flags |= (1 << (ATTR_CHALLENGE - ATTR_XAUTH_TYPE));
+ challenge.Set(aAttr->VarValue(), aAttr->Length(), aAttr->Length());
+ }
+ break;
+
+ case ATTR_DOMAIN:
+ case ATTR_STATUS:
+ case ATTR_PIX_DOMAIN:
+ case ATTR_PIX_STATUS:
+ //
+ // Domain and status attributes (NOT USED IN THIS PHASE)
+ //
+ break;
+
+ case ATTR_NEXT_PIN:
+ if ( !aAttr->IsBasic() ) { // Variable length
+ request_flags |= (1 << (ATTR_NEXT_PIN - ATTR_XAUTH_TYPE));
+ }
+ break;
+
+ case ATTR_ANSWER:
+ //
+ // Answer data attribute (NOT USED IN THIS PHASE)
+ //
+ break;
+
+ default:
+ break;
+ }
+
+ aAttr = aAttr->Next();
+ }
+
+ //
+ // Check if there already exist a authentication credentials request active
+ // (= iRequestFlags are not zero). If there is ignore current message.
+ //
+ if ( iRequestFlags == 0 ) {
+ iRequestFlags = request_flags;
+ }
+ else {
+ request_flags = 0;
+ status = TRANSACTION_IGNORE;
+ }
+ //
+ // Examine request_flags and show appropriate dialog to get requested
+ // authentication credentials from user
+ //
+ switch ( request_flags & ~(1 << (ATTR_XAUTH_TYPE - ATTR_XAUTH_TYPE)) ) {
+
+ case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_PASSWORD - ATTR_XAUTH_TYPE))):
+ //
+ // User name/Password authentication required
+ //
+ iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+ iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+ break;
+
+ case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_PASSCODE - ATTR_XAUTH_TYPE))):
+ //
+ // User name/Secure ID authentication required
+ //
+ iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+ iDialog->GetAsyncSecureidDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+ break;
+
+ case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_NEXT_PIN - ATTR_XAUTH_TYPE))):
+ //
+ // User name/Secure ID next pin required
+ //
+ iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+ iDialog->GetAsyncSecureNextPinDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+ break;
+
+ case ( (1 << (ATTR_CHALLENGE - ATTR_XAUTH_TYPE)) ):
+ //
+ // User Challenge response dialog
+ //
+ if ( xauth_type == ATTR_XAUTH_RADIUS_CHAP )
+ {
+ iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+ iDialog->GetAsyncRespDialog(challenge, iDialogInfo, (MIkeDialogComplete*)this);
+ }
+ break;
+
+ default:
+ break;
+
+ }
+
+ return status;
+
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method ProcessXauthStatus()
+ * ProcessXauthStatus parses XAUTH Set message attributes received from gateway.
+ * Only Status attribute has any relevance in Set message.
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::ProcessXauthStatusL(TDataISAKMP* aAttr, TInt aLth)
+{
+ TBuf8<16> attributes;
+ TInt status = TRANSACTION_CONTINUE;
+ TInt16 attr_status;
+
+ while ( aLth > 0 ) {
+
+ aLth = aLth - aAttr->Size();
+ if ( aLth < 0 ) {
+ DEBUG_LOG(_L("XAUTH SET ERROR (Length mismatch in the attibutes)"));
+ return TRANSACTION_FAILED;
+ }
+
+ switch ( aAttr->Type() ) {
+
+ case ATTR_STATUS:
+ case ATTR_PIX_STATUS:
+ //
+ // Status code from gateway
+ //
+ if ( aAttr->IsBasic() ) { // Basic attribute
+ attr_status = aAttr->Value();
+ if ( attr_status == ATTR_STATUS_OK )
+ status = TRANSACTION_SUCCESS;
+ else status = TRANSACTION_FAILED;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ aAttr = aAttr->Next();
+ }
+
+ if ( status != TRANSACTION_CONTINUE ) {
+ //
+ // Send Transaction exchange ACK
+ //
+ TUint16 AttrType;
+ if ( iUseOlderPIXXauth )
+ AttrType = ATTR_PIX_STATUS;
+ else AttrType = ATTR_STATUS;
+
+ AddAttributeData(attributes, AttrType, 2, (TUint8*)&attr_status);
+ BuildAndSendMessageL(attributes, ISAKMP_CFG_ACK);
+ if ( status == TRANSACTION_SUCCESS ) {
+ DEBUG_LOG(_L("XAUTH authentication succeeded!"));
+ iXauthCompleted = ETrue;
+ if ( iUserName ) {
+ //
+ // Cache user name into user name file
+ //
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ CleanupStack::PushL(Dialog);
+ TInt err(KErrNone);
+ TRAP(err, Dialog->StoreUserNameL(iUserName->Des()));
+#ifdef _DEBUG
+ if (err == KErrNone)
+ DEBUG_LOG(_L("User Name caching succeeded"));
+ else DEBUG_LOG(_L("User Name caching failed"));
+#endif // _DEBUG
+ CleanupStack::PopAndDestroy();
+ }
+ }
+ else {
+ DEBUG_LOG(_L("XAUTH authentication failed!"));
+ // Dialog object shall be delete in Dialog->RunL when dialog completed
+ CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ Dialog->ShowErrorDialogL(TVpnNoteDialog::EKmdAuthenticationFailed, NULL, NULL);
+ }
+ }
+
+ return status;
+}
+
+/**--------------------------------------------------------------------------------
+ *
+ * Method CheckTransactionStatusL()
+ * CheckTransactionStatus is after an incoming ISAKMP transaction exchange message
+ * has been processed. This method decides the actions shall be taken next:
+ * -- If current status (= call parameter) is continue, ignore or failed
+ * ==> Same status is returned
+ * -- If current status is success and XAUTH completed.
+ * ==> CONFIG MODE actions are started (= Config mode request is transmitted)
+ * -- If current status is success and CONFIG MODE completed.
+ * ==> XAUTH actions are started. (= We shall just wait for XAUTH request)
+ * -- If current status is success and both CONFIG-MODE and XAUTH completed
+ * ==> TRANSACTION_SUCCESS status is returned
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::CheckTransactionStatusL(TInt aStatus)
+{
+ if ( aStatus == TRANSACTION_SUCCESS || aStatus == TRANSACTION_CONTINUE ) {
+ //
+ // Stop retransmission timer
+ //
+ iNegotiation->iTimer->Cancel();
+
+ if ( aStatus == TRANSACTION_SUCCESS ) {
+ if ( iXauthCompleted ) {
+ if ( !iCfgModeCompleted ) {
+ aStatus = BuildConfigRequestL();
+ }
+ }
+ else {
+ if ( !iXauthCompleted ) {
+ aStatus = TRANSACTION_CONTINUE;
+ }
+ }
+ }
+ }
+
+ return aStatus;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method BuildConfigRequestL()
+ * BuildConfigRequestL() builds the CONFIG-MODE request message.
+ * In this phase requests the following parameters from gateway:
+ * -- Client virtual IP in secure network = INTERNAL_IP4_ADDRESS, INTERNAL_IP4_NETMASK
+ * (INTERNAL_IP6_ADDRESS, INTERNAL_IP6_NETMASK)
+ * -- DNS address(es) in secure network = INTERNAL_IP4_DNS
+ *
+ *--------------------------------------------------------------------*/
+TInt CTransNegotiation::BuildConfigRequestL()
+{
+
+ TBuf8<16> attributes;
+
+ TUint32 message_id = iNegotiation->RandomMessageId();
+
+ iCurrExchange = AddExchangeL(message_id, INITIATOR); //Add a new transaction exchange
+ iCurrExchange->iIdentifier = GetIdentifier();
+
+ iCurrExchange->iIV.Copy(iNegotiation->iLastIV); // Calculate base IV for ..
+ iNegotiation->ComputeIVL(iCurrExchange->iIV, message_id); // transaction message
+
+ AddAttributeData(attributes, ATTR_INTERNAL_IP4_ADDR, 0, NULL);
+ AddAttributeData(attributes, ATTR_INTERNAL_IP4_DNS, 0, NULL);
+
+ BuildAndSendMessageL(attributes, ISAKMP_CFG_REQUEST);
+ DEBUG_LOG(_L("CONFIG-MODE started, request xmitted!"));
+
+ return TRANSACTION_CONTINUE;
+
+
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method AddAttributeData()
+ * AddAttributeData() method adds one attribute data to an attribute buffer
+ *
+ *--------------------------------------------------------------------*/
+void CTransNegotiation::AddAttributeData(TDes8& aAttrBfr, TInt aType, TInt aLth, TUint8* aData)
+{
+ TDataISAKMP attr;
+ if ( aType == ATTR_STATUS || aType == ATTR_XAUTH_TYPE ||
+ aType == ATTR_PIX_STATUS || aType == ATTR_PIX_XAUTH_TYPE) {
+ //
+ // Add a basic length attribute
+ //
+ attr.SetBasic(ETrue);
+ attr.SetType((TUint16)aType);
+ if ( aData )
+ attr.SetValue(*(TUint16*)aData);
+ aAttrBfr.Append((TUint8 *)&attr, sizeof(attr));
+ }
+ else {
+ //
+ // Add a variable length attribute
+ //
+ attr.SetBasic(EFalse);
+ attr.SetType((TUint16)aType);
+ attr.SetLength((TUint16)(aLth));
+ aAttrBfr.Append((TUint8 *)&attr, sizeof(attr));
+ if ( aLth )
+ aAttrBfr.Append(aData, aLth);
+ }
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method BuildAndSendMessageL()
+ * BuildAndSendMessage() method builds ISAKMP transaction exchange message
+ * and transmits it using CNegotiation class send() method.
+ * The payload format of a transaction exchange message is the following:
+ * HDR*, HASH, ATTR
+ * Where the HASH payload contains the prf output, using SKEYID_a as
+ * the key, and the M-ID (ISAKMP header Message ID) unique to this
+ * exchange concatenated with all of the payloads after the HASH
+ * payload. In other words, the hash for the above exchange is:
+ * HASH = prf( SKEYID_a, M-ID | ATTR )
+ *
+ *--------------------------------------------------------------------*/
+void CTransNegotiation::BuildAndSendMessageL(TDesC8& aAttrBfr, TUint8 aMsgType)
+{
+ TIkev1IsakmpStream* msg = iNegotiation->SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
+
+ TUint32 saved_msg_id = iNegotiation->iMessageId;
+ TUint8 saved_exchange = iNegotiation->iExchange;
+ iNegotiation->iMessageId = iCurrExchange->iMessageId; // used in method Isakmp_INIT()
+ iNegotiation->iExchange = ISAKMP_EXCHANGE_TRANSACT; // used in method Isakmp_INIT()
+
+ msg->IsakmpInit(iNegotiation);
+ msg->IsakmpHashL();
+ msg->IsakmpAttributes(aMsgType, iCurrExchange->iIdentifier, aAttrBfr);
+ msg->IsakmpHashContL();
+
+ iNegotiation->SendL(*msg);
+
+ iNegotiation->iMessageId = saved_msg_id;
+ iNegotiation->iExchange = saved_exchange;
+
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method FindExchange()
+ * FindExchange() method finds a exchange strcuture for a specified message id
+ *
+ *--------------------------------------------------------------------*/
+TTransExchange* CTransNegotiation::FindExchange(TUint32 aMsgId)
+{
+ TTransExchange *exchange;
+ TInt i = 0;
+
+ while ( i < Count() )
+ {
+ exchange = At(i);
+ if ( exchange->iMessageId == aMsgId )
+ return exchange;
+ i ++;
+ }
+
+ return NULL;
+}
+
+/**-------------------------------------------------------------------
+ *
+ * Method AddExchangeL()
+ * AddExchangeL() method allocates a new exchange structure and adds it
+ * to exchange array.
+ *
+ *--------------------------------------------------------------------*/
+TTransExchange* CTransNegotiation::AddExchangeL(TUint32 aMsgId, TUint8 aRole )
+{
+
+ TTransExchange *exchange = new(ELeave)TTransExchange;
+ exchange->iMessageId = aMsgId;
+ exchange->iRole = aRole;
+ exchange->iIV.SetLength(0);
+ AppendL(exchange);
+
+ return exchange;
+}
+
+//
+// The implementation for class MIkeDialogComplete virtual function
+//
+TInt CTransNegotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo,
+ HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)
+{
+/*---------------------------------------------------------------------------
+ *
+ * A response received from client user (through asynchronous dialog)
+ * This method is introduced as a TUserCallback for CGetIKEPassword dialog
+ * object is created. When the dialog is completed this callback function
+ * is called to deliver Credentials data for CHRE payload attributes.
+ * Store credential buffers to CAuthDialogInfo object and call engine
+ * entry
+ *
+ *-------------------------------------------------------------------------*/
+ TUint32 obj_id = 1;
+ CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo;
+ DEBUG_LOG1(_L("CIKECRACKNegotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo);
+
+ if ( info )
+ {
+ obj_id = info->GetObjId();
+ DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id);
+ if ( obj_id == XAUTH_DIALOG_ID )
+ {
+ info->iUsername = aUsername;
+ info->iSecret = aSecret;
+ info->iDomain = aDomain;
+ obj_id = info->PluginSession()->AuthDialogCompletedL(info);
+ }
+ }
+
+ return obj_id;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/EABI/ikev2libU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ _Z12Ikev2PlugInLR17MKmdEventLoggerIfR9MIkeDebug @ 1 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/bwins/IKEV2LIBU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?Ikev2PlugInL@@YAPAVMIkePluginIf@@AAVMKmdEventLoggerIf@@AAVMIkeDebug@@@Z @ 1 NONAME ; class MIkePluginIf * Ikev2PlugInL(class MKmdEventLoggerIf &, class MIkeDebug &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ ikev2libtest.mmp
+#else
+ ikev2lib.mmp
+#endif
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/group/ikev2lib.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,84 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project ikev2lib
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikev2lib.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x10206993
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikev2plugin.cpp
+SOURCE ikev2negotiation.cpp
+SOURCE ikemsgrec.cpp
+SOURCE ikecrypto.cpp
+SOURCE ikev2retransmittimer.cpp
+SOURCE ikev2proposal.cpp
+SOURCE ikev2pfkey.cpp
+SOURCE ipsecproposal.cpp
+SOURCE ipsecselectors.cpp
+SOURCE ikev2natt.cpp
+SOURCE Ikev2Config.cpp
+SOURCE Ikev2EapInterface.cpp
+SOURCE ikev2mobike.cpp
+SOURCE ikev2keepalive.cpp
+SOURCE ikev2sa.cpp
+SOURCE ikev2pluginsession.cpp
+SOURCE ikev2sender.cpp
+SOURCE ikev2receiver.cpp
+SOURCE ikev2message.cpp
+SOURCE ikev2identity.cpp
+SOURCE ikev2trafficselector.cpp
+SOURCE ikev2ipsecsarekeydata.cpp
+SOURCE ikev2deactivationtimer.cpp
+SOURCE ikev2ipsecsadata.cpp
+SOURCE ikev2sadata.cpp
+SOURCE ikev2acquire.cpp
+SOURCE ikev2expire.cpp
+SOURCE ikev2messagesendqueue.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../ikecert/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY ecom.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY ipsecpolapi.lib
+LIBRARY utlcrypto.lib
+LIBRARY ikecert.lib
+LIBRARY random.lib
+LIBRARY ikeutils.lib
+LIBRARY ikepolparser.lib
+LIBRARY bafl.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/group/ikev2libtest.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,85 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Test project definition file for project ikev2lib
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET ikev2lib.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x10206993
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE ikev2plugin.cpp
+SOURCE ikev2negotiation.cpp
+SOURCE ikemsgrec.cpp
+SOURCE ikecrypto.cpp
+SOURCE ikev2retransmittimer.cpp
+SOURCE ikev2proposal.cpp
+SOURCE ikev2pfkey.cpp
+SOURCE ipsecproposal.cpp
+SOURCE ipsecselectors.cpp
+SOURCE ikev2natt.cpp
+SOURCE ikev2config.cpp
+SOURCE ikev2eapinterface.cpp
+SOURCE ikev2mobike.cpp
+SOURCE ikev2keepalive.cpp
+SOURCE ikev2sa.cpp
+SOURCE ikev2pluginsession.cpp
+SOURCE ikev2sender.cpp
+SOURCE ikev2receiver.cpp
+SOURCE ikev2message.cpp
+SOURCE ikev2identity.cpp
+SOURCE ikev2trafficselector.cpp
+SOURCE ikev2ipsecsarekeydata.cpp
+SOURCE ikev2deactivationtimer.cpp
+SOURCE ikev2ipsecsadata.cpp
+SOURCE ikev2sadata.cpp
+SOURCE ikev2acquire.cpp
+SOURCE ikev2expire.cpp
+SOURCE ikev2messagesendqueue.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../ikecert/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY ikelibs_proxy.lib
+LIBRARY euser.lib
+LIBRARY ecom.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY ipsecpolapi.lib
+LIBRARY utlcrypto.lib
+LIBRARY ikecert.lib
+LIBRARY random.lib
+LIBRARY ikeutils.lib
+LIBRARY ikepolparser.lib
+LIBRARY bafl.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikecrypto.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Cryptographic Intermediate Layer to use and change any crypto library easily.
+*
+*/
+
+#ifndef __IKECRYPTO_H_
+#define __IKECRYPTO_H__
+
+
+#include <e32base.h>
+#include "utlcrypto.h"
+
+NONSHARABLE_CLASS(CDHKeys) : public CBase
+{
+public:
+ static CDHKeys* NewL(const TDesC8& aN,const TDesC8& aG);
+ static CDHKeys* CreateDHKeyL(TUint aGroupDesc);
+ HBufC8* ComputeAgreedKeyL(const TDesC8 &aPeerPublicKey);
+ HBufC8* GetPubKey();
+ void XValueL();
+ inline const HBufC8* KValueL(const TDesC8& aY) const {return iDHKey->CompleteKL(aY);}
+ inline TInt ModulusLength() {return iModuluslength;}
+ ~CDHKeys();
+private:
+ CUtlDiffieHellman* iDHKey;
+ const HBufC8* iPubKey;
+ TInt iModuluslength;
+};
+
+
+class IkeCrypto
+{
+public:
+ static void DecryptL(const TUint8* aInputPayload, TUint8* aOutputPayload, TInt aLength, TUint8* aIV,
+ const TDesC8& aKey, TUint16 aEncrAlg);
+ static void EncryptL(const TDesC8& aInput, TPtr8& aOutput, const TDesC8& aIv, const TDesC8& aKey, TUint16 aEncrAlg);
+ static TInt IntegHMACL(const TDesC8& aInput, TDes8& aChecksum, const TDesC8& aKeyData, TUint16 aIntegAlg);
+ static HBufC8* PrfhmacL(const TDesC8& aInput, const TDesC8& aKeyData, TUint16 aPrfAlg);
+ static HBufC8* PrfL(const TDesC8& aInput, TUint16 aPrfAlg);
+ static TInt AlgorithmInfo(TUint16 aTransform, TUint16 aAlgCode, TInt* aBlockLth=NULL,
+ TUtlCrypto::TUtlSymmetricCipherId* aCipherId=NULL,
+ TUtlCrypto::TUtlMessageDigestId* aDigestId=NULL);
+ static HBufC8* GenerateKeyingMaterialL(const TDesC8& aK, const TDesC8& aS, TInt aKeyMatLth, TUint16 aPRFAlg);
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikemsgrec.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,73 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Received IKE message handling rules.
+*
+*/
+#ifndef _IKEMSGREC_H_
+#define _IKEMSGREC_H_
+#include "ikev2payloads.h"
+
+class TIkev2SAData;
+
+NONSHARABLE_CLASS(CIkev2Payloads) : public CBase
+ {
+public:
+ static CIkev2Payloads* NewL(const ThdrISAKMP &aHdr, const TIkev2SAData& aIkeV2SaData);
+ static CIkev2Payloads* NewL(TPayloadIkev2* aPayload, TUint8 aPayloadType, TIkev2SAData& aIkeV2SaData);
+ ~CIkev2Payloads();
+
+ ThdrISAKMP* GetIkeMsg();
+ TInt Status();
+ void SetStatus(TInt aStatus);
+ TBool Encrypted();
+ TInt ParsePayloadL(TPayloadIkev2* aPayload, TUint16 aPlType);
+
+private:
+ CIkev2Payloads(const TIkev2SAData& aIkeV2SaData);
+ void ConstructL();
+
+ TInt ParsePayloadsL(TPayloadIkev2* aPayload, TInt aLength, TUint16 aPlType, TUint16 aRefPlType );
+ void DecryptEncrPayloadL(TPayloadIkev2* aPayload);
+
+public:
+ TPayloadIkev2* iSa;
+ TKEPayloadIkev2* iKe;
+ TPayloadIkev2* iNonce;
+ TAuthPayloadIkev2* iAuth;
+ TIDPayloadIkev2* iIdI;
+ TIDPayloadIkev2* iIdR;
+ TTSPayloadIkev2* iTsI;
+ TTSPayloadIkev2* iTsR;
+ TPayloadIkev2* iEncr;
+ TCPPayloadIkev2* iCp;
+ TPayloadIkev2* iEap;
+
+ CArrayFixFlat<TProposalIkev2*>* iProps;
+ CArrayFixFlat<TTransformIkev2*>* iTrans;
+ CArrayFixFlat<TCertPayloadIkev2*>* iCerts;
+ CArrayFixFlat<TCReqPayloadIkev2*>* iCertReqs;
+ CArrayFixFlat<TNotifPayloadIkev2*>* iNotifs;
+ CArrayFixFlat<TDeletePlIkev2*>* iDeletes;
+ CArrayFixFlat<TVendorPlIkev2*>* iVids;
+
+ CArrayFixFlat<TPayloadIkev2*>* iGenPlds;
+
+private:
+ const TIkev2SAData& iIkeV2SaData;
+ ThdrISAKMP* iIkeMsg;
+ TBool iEncrypted;
+ TInt iStatus;
+
+ };
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2EapInterface.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,124 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: "intermediate" class between
+* CIkev2Negotiation class of ikev2plugin and ECOM plug-in
+*
+*/
+#ifndef __IKEV2EAPINTERFACE_H_
+#define __IKEV2EAPINTERFACE_H_
+
+#include <e32base.h>
+#include <abs_eap_vpn_if.h> // MAbsEapVpnInterface
+
+class CIkeData;
+class TPayloadIkev2;
+class CEapVpnInterface;
+class MIkeDebug;
+
+class MIkev2EapIfObserver
+ {
+public:
+ virtual void SendEapDataL(HBufC8* aEapData) = 0;
+ virtual void EapEventL(TInt aEvent) = 0;
+ };
+
+/**
+ * CIkev2EapIf
+ *
+ * CIkev2EapIf is an "intermediate" class between
+ * CIkev2Negotiation class of ikev2plugin and ECOM plug-in (eapplugin)
+ * which provides access into general EAP protocol implementation in
+ * system. CIkev2EapIf implements also the callback functions required
+ * by the EAP ECOM plug-in.
+ *
+ * @lib internal ikev2lib.lib
+ * @since S60 3.0
+ */
+NONSHARABLE_CLASS(CIkev2EapIf) : public CBase, public MAbsEapVpnInterface
+ {
+public:
+
+ /**
+ * NewL
+ *
+ * @since S60 3.0
+ * @param aNeg IKE negotiation. Must be != NULL. Ownership not taken.
+ * @param aEapType EAP type.
+ * @param aIkeData Ref to IKE data. Ownership not taken.
+ * @param aDebug Debug trace interface
+ * @return self
+ */
+ static CIkev2EapIf* NewL(MIkev2EapIfObserver& aEapIfObserver,
+ TUint8 aEapType,
+ CIkeData* aIkeData,
+ MIkeDebug& aDebug);
+
+ ~CIkev2EapIf();
+ inline TInt Status() {return iErrorStatus;}
+ inline HBufC8* Identity()
+ {
+ HBufC8* Id = (HBufC8*)iIdentity;
+ iIdentity = 0;
+ return Id;
+ }
+ inline HBufC8* MSK()
+ {
+ HBufC8* msk = (HBufC8*)iMSK;
+ iMSK = NULL;
+ return msk;
+ }
+ void ErrorStopL() {};
+ void EapDataInbound(TPayloadIkev2* aEapPayload);
+ void QueryIdentity();
+
+ /**
+ * From MAbsEapVpnInterface.
+ * Implementation of pure virtual methods
+ */
+ void EapOutboundL(HBufC8* aResponse);
+ void EapIdentityResponseL(HBufC8* aIdentity);
+ void EapSharedKeyL(HBufC8* aSharedKey);
+ void EapIndication(TNotification aNotification);
+
+private: // implementation
+
+ CIkev2EapIf(MIkev2EapIfObserver& aEapIfObserver, TUint8 aEapType, MIkeDebug& aDebug);
+ void ConstructL(CIkeData* aIkeData);
+
+private: // data
+ MIkev2EapIfObserver& iEapIfObserver;
+ CEapVpnInterface* iEapPlugin; // Own: ECOM plug-in
+ HBufC8* iIdentity; // Identity buffer
+ HBufC8* iMSK; // Preshared key
+ TInt iErrorStatus; // Error status, if construct fails
+ TUint8 iEapType;
+ TUint8 iReserved[3]; // Dummy for alignment
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+};
+
+//
+// Internal EAP event codes used in IKEv2 plug-in EapEventL() calls
+//
+const TInt KEapEventSuccess = 0;
+const TInt KEapEventGetIdentity = 1;
+const TInt KEapEventGetPSK = 2;
+const TInt KEapEventFailed = 3;
+
+#endif // __IKEV2EAPINTERFACE_H_
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2Negotiation.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,329 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 negotiation
+*
+*/
+#ifndef _IKEV2NEGOTIATION_H_
+#define _IKEV2NEGOTIATION_H_
+
+#include <x509cert.h>
+
+#include "ikev2SAdata.h"
+#include "ikev2natt.h"
+#include "pfkeymsg.h"
+#include "ikev2payloads.h"
+#include "ikev2mobike.h"
+#include "ikev2retransmittimer.h"
+#include "ikecrypto.h"
+#include "ikemsgrec.h"
+#include "kmdapi.h"
+#include "ikev2pkiservice.h"
+#include "ikecert.h"
+#include "ipsecsaspiretriever.h"
+#include "ikev2ipsecsadata.h"
+#include "ikev2EapInterface.h"
+
+static const TUint16 KMaxSendAttemps = 6;
+
+#define DEF_MSG_ID_WINDOW 1
+
+#define IKEV2_DEF_NONCE_SIZE (160/8) //160 bits = 20 bytes
+#define IKEV2_MIN_NONCE_SIZE (128/8) //128 bits = 16 bytes
+#define IKEV2_DEF_LIFETIME 14400 //4 hours
+
+//
+// IKE/IPSEC SA negotiation states
+//
+const TInt KStateIdle = 0;
+const TInt KStateIkeInitPkiService = 1;
+const TInt KStateIkeSaInitRequest = 2;
+const TInt KStateIkeSaAuthRequest = 4;
+const TInt KStateIkeWaitingId = 5;
+const TInt KStateIkeSaEapStarted = 6;
+const TInt KStateIkeSaEapGoing = 7;
+
+const TInt KStateIkeSaInitResponse = 11;
+const TInt KStateIkeSaAuthWaitSpi = 12;
+const TInt KStateIkeSaAuthResponse = 14;
+
+
+const TInt KStateIkeSaCompleted = 20;
+
+const TInt KStateIkeChildSARequest = 21;
+const TInt KStateIkeChildSAResponse = 22;
+
+const TInt KStateIkeSARekeyRequest = 23;
+const TInt KStateIkeSARekeyResponse = 24;
+
+const TInt KStateIkeInfoRequest = 31;
+const TInt KStateIkeInfoResponse = 32;
+const TInt KStateIkeDeleteRequest = 33;
+const TInt KStateIkeDeleteResponse = 34;
+const TInt KStateChildDeleteRequest = 35;
+const TInt KStateChildDeleteResponse = 36;
+
+class CIkev2PluginSession;
+class CPFKeySocketIf;
+class CIkev2Config;
+class CIkeData;
+class CIkev2Acquire;
+class CIkev2Expire;
+class MKmdEventLoggerIf;
+class MIkeDebug;
+class CIkeV2Message;
+class CIkeV2Identity;
+class CIkev2MessageSendQueue;
+
+/**
+ * CIkev2Negotiation
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev2Negotiation) : public CBase,
+ public MIkeV2PkiServiceObserver,
+ public MIpsecSaSpiRetrieverCallback,
+ public MIkev2EapIfObserver,
+ public MIkev2RetransmitTimerCallback
+ {
+ friend class Ikev2MobIke;
+
+public:
+
+ /**
+ * NewL
+ *
+ * @since S60 ?S60_version
+ * @param aControl Plugin control. Must be != NULL
+ * ownership not taken.
+ * @param aIkeData ?description
+ * @param aVpnIapId ?description
+ * @param aPhysicalInterfaceAddress IP address of the physical connection with scope.
+ * @param aRemote ?description
+ * @return self
+ */
+ static CIkev2Negotiation* NewL(CIkev2PluginSession& aIkeV2PlugInSession,
+ CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger,
+ CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug,
+ CIkeData* aIkeData,
+ TUint32 aVpnIapId,
+ TUint32 aSAId,
+ TInetAddr aPhysicalInterfaceAddress,
+ TInetAddr aRemoteAddress);
+
+ /**
+ * NewL
+ *
+ * @since S60 ?S60_version
+ * @param aControl Plugin control. Must be != NULL
+ * ownership not taken.
+ * @param aSAId ?description
+ * @return self
+ */
+ static CIkev2Negotiation* NewL(CIkev2PluginSession& aIkeV2PlugInSession,
+ CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger,
+ CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug,
+ TIkev2SAData& aIkev2SAdata);
+
+ ~CIkev2Negotiation();
+
+ void StartIkeSANegotiationL();
+ TBool StartRespondingL(const ThdrISAKMP& aIkeMessage);
+ void StartIkeSADeleteL();
+ void ProcessIkeMessageL(const ThdrISAKMP& aIkeMessage, const TInetAddr& aRemote, TUint16 aLocalPort);
+ void ProcessAcquireL(const TPfkeyMessage& aPfkeyMessage);
+ void ProcessExpireL(const TPfkeyMessage& aPfkeyMessage);
+ void StartIpsecSaRekeyingL(const TPfkeyMessage &aPfkeyMsg);
+ void BuildIkeSaRekeyMsgL(TBool aRequest);
+
+ void SendKeepAliveMsgL();
+
+ TBool Stopped();
+
+ void CancelOperation();
+
+// from base class MIkeV2PkiServiceObserver
+ void IkeV2PkiInitCompleteL(TInt aStatus);
+
+// from base class MIpsecSaSpiRetrieverCallback
+ void IpsecSaSpiRetrieved(TUint32 aSpiRequestId,
+ TInt aStatus,
+ TUint32 aSpi);
+
+
+// from base class MIkev2EapIfObserver
+ void SendEapDataL(HBufC8* aEapData);
+ void EapEventL(TInt aEvent);
+
+// from base class MIkev2RetransmitTimerCallback
+
+ /**
+ * From MIkev2RetransmitTimerCallback
+ * Request IKE request resend.
+ */
+ void RetransmitRequest();
+
+private: // implementation
+ CIkev2Negotiation(CIkev2PluginSession& aIkeV2PlugInSession,
+ CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger,
+ CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug,
+ TUint32 aSaId);
+ void ConstructL();
+
+ TBool ImplicitChildSa();
+ HBufC8* PeekProposedSa();
+ HBufC8* GetProposedSa();
+ void SetProposedSa(HBufC8* aSaPl);
+
+ CIkev2Acquire** GetAcquireQue();
+ CIkev2Expire** GetExpireQue();
+ TBool RequestsPending();
+ void SetNotifyCode(TInt aMsgType);
+ TInt GetNotifyCode();
+ void StoreNotifyData32(TUint32 aData);
+ void StoreNotifyData16(TUint16 aData);
+ TUint8* NotifyData(TInt& aDataLth);
+ TInetAddr GetLocalAddr() const;
+
+ void IkeSaCompletedL();
+ void IkeSaFailed(TInt aStatus = KKmdIkeNoResponseErr);
+ void IpsecSANegotiatedL();
+ void CheckNotifyCodeL(CIkev2Payloads* IkeMsg);
+ void CreateIkeSPI(TIkeSPI& aSPI, TBool aRekey=EFalse);
+ void GetNatStatus(TBool aSupported, const TInetAddr& aRemote);
+ void GetIpsecSPI(CIkev2Acquire* aAcquire);
+
+ void GetNonceDataL(TBool aInitiator);
+ void GetOwnIdentityL(TBool aEapIdResponse=EFalse);
+
+ void LoadEapPluginL();
+ TBool InitPkiServiceL();
+ void StartIkeSaInitL();
+ void SendIkeAuthMessageL();
+
+ void ContinueIkeNegotiationL();
+ void BuildChildSAMessageL(CIkev2Acquire* aAcquire, TBool aInitiator);
+ void BuildDeleteRequestL(CIkev2Expire* aExpire);
+
+ //Send the ike message. Claims the ownership of the message.
+ void SendIkeMsgL(CIkeV2Message* aMsg);
+
+ TBool ProcessIkeSaInitL(CIkev2Payloads* aIkeMsg, const TInetAddr& aRemote);
+ TBool ProcessIkeAuthL(CIkev2Payloads* aIkeMsg);
+ TBool ProcessChildSaL(CIkev2Payloads* aIkeMsg);
+ TBool ProcessInfoMsgL(CIkev2Payloads* aIkeMsg);
+ TBool ProcessIkeSARekeyL(CIkev2Payloads* aIkeMsg);
+ TBool ProcessDeletePayloadsL(const CArrayFixFlat<TDeletePlIkev2*>& aDeletes, TBool aRequest);
+ TBool ProcessNotifyPayloadsL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys, TBool aRequest, TInt aExchange);
+ TBool ProcessCookieL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys, TBool aRequest);
+ void ProcessInvalidKePayloadNotifyL();
+
+ void GenerateIkeKeysL(TIkev2SAData* aRekeydSaData=NULL);
+
+ void SaveSignedDataL(TBool aLocal, const TDesC8& aIkeMsg);
+ void AddIdToSignedDataL(TBool aLocal, HBufC8* aSigned, const TDesC8& aIdData);
+ HBufC8* SignAuthDataL(const TDesC8& aAuthData, TUint8 aAuthMethod);
+ TBool AddIdAndAuthenticatePeerL(CIkev2Payloads* aIkeMsg);
+ TBool AuthenticatePeerL(TAuthPayloadIkev2* aAuth);
+ TBool VerifyPeerCertificateL(CArrayFixFlat<TCertPayloadIkev2*>* aCerts, TIDPayloadIkev2* aId );
+
+ TBool ProcessKeyExchangeL(TKEPayloadIkev2* aKePayload, TUint16 aGroup);
+
+ void AppendKEPayloadL(CIkeV2Message& aIkeMsg, TUint16 aDHGroup);
+
+ TPayloadIkev2* PadEncrPayload(HBufC8* aMsg, TPayloadIkev2* aEncrPl);
+ TUint16 TotalLength( TPayloadIkev2* aLoad, TPayloadIkev2* aLoad2 );
+ TBool CheckPayloadsOrder(CIkev2Payloads* aIkeMsg, TUint8 aExchange, TBool aResponse);
+ TPayloadIkev2* BuildI2CertPayload(HBufC8* aMsg, TPayloadIkev2* aPrevPl);
+ TPayloadIkev2* BuildI1CertPayload(HBufC8* aMsg, TPayloadIkev2* aPrevPl);
+
+ void IpsecSaSpiRetrievedL(TUint32 aSpiRequestId, TUint32 aSpi);
+
+ /**
+ * Handles IKE datagram resend.
+ */
+ void DoRetransmitL(TBool aResponse=EFalse);
+
+public: // Data
+ //
+ // Header Data (Common with IKEv2 SA)
+ //
+ TIkev2SAData iHdr; // Common negotiation info for IKE SA
+ TIkeV2IpsecSAData iChild; // Common negotiation info for IPSEC SA
+ CIkev2PluginSession& iIkeV2PlugInSession; // IKEv2 plugin engine
+
+
+ CIkev2Negotiation* iNext; // A link field to maintain negotiations.
+
+private: // Data
+
+ CPFKeySocketIf& iPfKeySocketIf;
+ MKmdEventLoggerIf& iEventLogger;
+ CIkev2MessageSendQueue& iMessageSendQue;
+ MIkeDebug& iDebug;
+
+ CIpsecSaSpiRetriever* iSpiRetriever;
+
+ TInt iState; // Negotiation State
+ TUint32 iSAid_Rekey;// Rekeyed SAid
+ TIkeSPI iSPI_Rekey; // Local SPI for rekeyed IKE SA
+ TBool iStopped; // Negotiation failed indicator
+ TBool iDeleteIkeSA; // A notify message received from peer which requires IKE SA to be deleted
+ TBool iChildSARejected; // A notify message received which indicates that Child SA is not accepted
+
+ TBool iDeactivateGoing; // Negotiation started due deactivate
+ TBool iCookieReturned; // Cookie returned to responder
+ TBool iPkiAuthRequired; // Private key signature is required as authentication
+ TBool iEapCompleted; // EAP authentication completed succesfully
+ TBool iPeerIdInSignedData; // Peer id has already been added to signed data
+ TBool iRekeyCollision; // Rekey collision occurred
+ TBool iProcessEvents; // Indicates whether the object is accepting events (not accepting when destructor called)
+
+ CIkev2RetransmitTimer* iTimer; // Timer to retransmit IKE request message
+ CDHKeys* iDHKeys; // Diffie-Hellman calculation object
+ CIkev2NatT* iNatNotify; // Pointer to IKEv2 NAT Traversal object
+ CIkev2Config* iConfigMode; // Pointer to IKEv2 Config object
+ CIkev2EapIf* iEapPlugin; // Pointer to IKEv2 EAP interface object
+ CIkeV2PkiService* iPkiService; // Pointer to PKI service Interface object
+ HBufC8* iSavedSaInit; // Saved IKE_SA_INIT request (waiting PKI service init)
+ HBufC8* iProposedSA; // Proposed IKE/IPSEC SA payload content
+ HBufC8* iDHPublicPeer; // Diffie-Hellman Public value (peer)
+ HBufC8* iNonce_I; // Initiator Nonce
+ HBufC8* iNonce_R; // Responder Nonce
+ HBufC8* iAuthMsgInit; // Signed octet buffer (for initiator AUTH payload)
+ HBufC8* iAuthMsgResp; // Signed octet buffer (for responder AUTH payload)
+ HBufC8* iPresharedKey; // Configured preshared key- or EAP MSK data buffer
+
+ CIkeV2Identity* iLocalIdentity;
+ CIkeV2Identity* iRemoteIdentity;
+
+ CX509Certificate* iPeerCert; // Verified peer certificate
+
+ TUint16 iSendAttempt;
+ TInt iNotifyCode; // Error status for Notification payload
+ TInt iNotifyDataLth; // Notify data length
+ TUint8 iNotifyData[4]; // Short notify data packed into network order
+
+ CIkev2Acquire* iChildSaRequest;// On going Child SA request
+ CIkev2Acquire* iAcquireFirst; // Pending PFKEY Acquire request
+ CIkev2Expire* iExpireFirst; // Pending PFKEY Expire request
+
+ TInt iDHGroupGuess; //Number of DH group guess retries for IKE_SA_INIT resquest
+ };
+#endif // _IKEV2NEGOTIATION_H_
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2SA.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,79 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 SA data definition
+*
+*/
+
+#ifndef _IKEV2SA_H_
+#define _IKEV2SA_H_
+
+#include "ikev2SAdata.h"
+#include "ikev2keepalive.h"
+
+class CIkev2PluginSession;
+class TIkeV2IpsecSAData;
+class MIkeDebug;
+
+//
+// Class CIkev2SA
+//
+NONSHARABLE_CLASS(CIkev2SA) : public CTimer, public MIkeV2DpdHeartBeatEventHandler
+ {
+public:
+ static CIkev2SA* NewL(CIkev2PluginSession& aIkeV2PluginSession,
+ TIkev2SAData& aIkev2SAdata,
+ MIkeDebug& aDebug);
+ ~CIkev2SA();
+
+ void UpdateL(TIkev2SAData* aIkev2SAdata, TIkeV2IpsecSAData* aIpsecSAData);
+ TBool RemoteAddrChanged(TInetAddr& aNewIp);
+ TIkeV2IpsecSAData* RemoveIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi);
+ TIkeV2IpsecSAData* FindIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi, TBool aRemove);
+ void DeleteIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi);
+ void EventHandlerL();
+ TIkeV2IpsecSAData* GetIpsecSaQue();
+ void SetIpsecSaQue(TIkeV2IpsecSAData* aQue);
+
+private:
+ CIkev2SA(CIkev2PluginSession& aIkeV2PluginSession, MIkeDebug& aDebug);
+ void ConstructL(TIkev2SAData& aIkev2SAdata);
+ void StartTimer();
+ void DeleteIpsecSas(TIkeV2IpsecSAData* aSa);
+ void LinkIpsecSa(TIkeV2IpsecSAData* aSa);
+ void PurgeIpsecDataQue();
+
+protected:
+ //
+ // CActive methods
+ //
+ void DoCancel();
+ void RunL();
+
+public:
+ //
+ // Header Data
+ //
+ TIkev2SAData iIkeV2SaData; // Common negotiation info
+ CIkev2SA* iNext; // A link field to maintain negotiations.
+
+private:
+ CIkev2PluginSession& iIkeV2PluginSession;
+ MIkeDebug& iDebug;
+ TIkeV2IpsecSAData* iIpsecSaQue; // Ipsec SA information queue
+ CIkeV2KeepAlive* iIkeKeepAlive; // Pointer to common IKE keepalive object
+ TUint32 iRemainingTime; // Current lifetime left
+
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2SAdata.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,151 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 SA data definition
+* Class TIkev2SAData is the IKEv2 SA parameter definition which
+* is used to pass SA information between IKE server and IKEv2
+* plug-in.
+*
+*/
+#ifndef __IKEV2SADATA_H__
+#define __IKEV2SADATA_H__
+#include <e32def.h>
+#include <in_sock.h>
+#include "ikemsgheader.h"
+#include "internaladdress.h"
+#include "ipsecsadata.h"
+#include "ipsecsalifetime.h"
+#include "ikev2message.h"
+
+class CIkeData;
+
+#define SECOND 1000000 // One second is 1000000 us. (1 us. per tick)
+
+//
+// Private generic PFKEY extension type value
+//
+#define IKEV2_KEY_MATERIAL_SIZE 40
+#define IKEV2_MAX_IV_SIZE 16
+
+class TIkev2SAData
+{
+public:
+ TIkev2SAData();
+
+ void CleanUp();
+ void FreeRespMsg();
+ void FreeRequestMsg();
+ void StoreVirtualIp(const TInetAddr& aVirtualAddr);
+ void SaveRespMsg(CIkeV2Message* aRespMsg);
+ void SaveRequestMsg(CIkeV2Message* aRequestMsg);
+ void Copy(TIkev2SAData& aSrc);
+ TUint32 SaId() const;
+ void SetSaId(TUint32 aSaId);
+ TIkeSPI& SpiI();
+ void SetSpiI(const TIkeSPI& aSpiI);
+ TIkeSPI& SpiR();
+ void SetSpiR(const TIkeSPI& aSpiR);
+
+ void GenerateIkeKeyDerivatesL(const TDesC8& aSKEYSEED,TUint16 aPrfAlg,
+ const TDesC8& aNonceI, const TDesC8& aNonceR);
+
+ /**
+ * Gets the request message ID we should use in our next
+ * request.
+ */
+ TUint32 NextRequestId() const;
+
+ /**
+ * Get the message ID we expecting see
+ * in a next received response.
+ */
+ TUint32 ExpectedResponseId() const;
+
+ /**
+ * Get the message ID we expecting see
+ * in a next received request. We should
+ * also use this message ID in our
+ * corresponding response.
+ */
+ TUint32 ExpectedRequestId() const;
+
+
+private:
+ TUint32 iSAId; // Internal negotiation Id
+ TIkeSPI iSPI_I; // Initiator SPI
+ TIkeSPI iSPI_R; // Responder SPI
+
+public:
+
+ TInt iSAState; // IKE SA State
+ TBool iInitiator; // TRUE if local end is initiator
+
+ CIkeData* iIkeData;
+ TUint32 iVpnIapId;
+
+ TInetAddr iLocalAddr; // The address of the physical interface we are using.
+ TInetAddr iVirtualAddr; // The address assigned to the VPN interface by the SGW.
+ TInetAddr iRemoteAddr; // Remote Address ("From Policy")
+ TInetAddr iDestinAddr; // Current peer destination address and port.
+ // (Is different that iRemoteAddr, if the SGW is behind NAT)
+
+ TUint32 iNATFlags; // If not zero, there is NAT between sites
+ TBool iFloatedPort; // If true floated port used (and NON-ESP-MARKER)
+
+ TUint32 iWindowSize; // Message ID window size (currently 1)
+ CIkeV2Message* iLastResponse; // The last IKE response message buffer
+ CIkeV2Message* iLastRequest; // The last IKE response message buffer
+ TInt iRespRetryCount;// Count of response retries tranmitted in sequence
+
+ //
+ // Selected IKE SA proposal
+ //
+ TUint16 iEncrAlg; // Encryption algorithm (transform ID 1)
+ TUint16 iPRFAlg; // Pseudo Random function (transform ID 2)
+ TUint16 iIntegAlg; // Integrity algorithm (transform ID 3)
+ TUint16 iDHGroup; // Diffie Hellmann Group(transform ID 4)
+
+ TUint16 iEAPType; // EAP type if any
+ TUint16 iAuthMethod; // Authentication method selected
+ TUint32 iLifetime; // Local lifetime in seconds
+ TInt iCipherKeyLth; // Cipher key length
+ TInt iCipherBlkLth; // Cipher block length
+ TInt iIntChkSumLth; // Integrity checksum length
+ TBool iMobikeUsed; // MOBIKE protocol supported by both ends
+ //
+ // IKEv2 keymaterial
+ //
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_d;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_ai;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_ar;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_ei;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_er;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_pi;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> iSK_pr;
+};
+
+
+//
+// IKE SA states
+//
+const TInt KSaStateNotDefined = 0;
+const TInt KSaStateReady = 1;
+/*
+const TInt KSaStateRekeying = 2;
+const TInt KSaStateWaitingChildSa = 3;
+const TInt KSaStateDeleting = 4;
+const TInt KSaStateNotifying = 5;
+const TInt KSaStateRoaming = 6;
+*/
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2acquire.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,133 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Acquire definition
+* Class CIkev2Acquire is a IKEv2 specific data structure
+* containing information needed, when establishing a new
+* IPsec SA
+*/
+
+
+#ifndef __IKEV2ACQUIRE_H__
+#define __IKEV2ACQUIRE_H__
+
+#include <e32base.h>
+
+#include "ipsecsalifetime.h"
+
+class TPfkeyMessage;
+class TInetAddr;
+struct TIpsecSaSpec;
+class CIpsecSARekeyData;
+class TIkeV2TrafficSelector;
+
+//
+//
+// CIkev2Acquire
+// This class is used to handle PFKEY Acquire primitives received from
+// Ipsec plug-in.
+//
+
+NONSHARABLE_CLASS(CIkev2Acquire) : public CBase
+{
+ public:
+ static CIkev2Acquire* NewL(const TPfkeyMessage& aPfkeyMessage, TUint32 aId,
+ const TInetAddr& aLocalAddr, TUint16 aDHGroup, TBool aImplicitSa,
+ const TIpsecSaSpec* aSaSpec = 0, const CIpsecSARekeyData* aRekeyData = 0);
+ static CIkev2Acquire* NewL(TUint32 aId, HBufC8* aSa,
+ CArrayFix<TIkeV2TrafficSelector>* aTS_i,
+ CArrayFix<TIkeV2TrafficSelector>* aTS_r );
+ static void Link(CIkev2Acquire* aAcquire, CIkev2Acquire** aAnchor);
+ static CIkev2Acquire* Find(TUint32 aId, CIkev2Acquire** aAnchor, TBool aRemove=EFalse);
+ static void PurgeQue(CIkev2Acquire** aAnchor);
+ static TBool Responding(CIkev2Acquire** aAnchor);
+ static CIkev2Acquire* GetNext(CIkev2Acquire** aAnchor, TBool aResponse);
+ static void SetFirst(CIkev2Acquire* aAcquire, CIkev2Acquire** aAnchor);
+ static CIkev2Acquire* PeekFirst(CIkev2Acquire** aAnchor);
+ static CIkev2Acquire* RemoveFromQue(TUint32 aId, CIkev2Acquire** aAnchor);
+
+ TUint32 Id();
+ TPtrC8 SPI_In();
+ TPtrC8 SPI_Out();
+ TPtrC8 SPI_ToBeRekeyed();
+ void SetSPI_In(const TDesC8& aSPI);
+ void SetSPI_Out(const TDesC8& aSPI);
+ void SetSPI_ToBeRekeyed(const TDesC8& aSPI);
+ TUint16 DHGroup();
+ void DHGroup(TUint16 aDHGroup);
+ TBool Transport();
+ void SetTransport();
+ TBool Response();
+ void SetResponse();
+ void SetHardLifetime(const TIpsecSALifetime& aHard );
+ TIpsecSALifetime* HardLifetime();
+ void SetSoftLifetime(const TIpsecSALifetime& aSoft );
+ TIpsecSALifetime* SoftLifetime();
+ TUint8 ReplayWindow();
+ void SetReplayWindow(TUint8 aReplayWindow);
+ TUint32 Pid();
+ void SetPid(TUint32 aPfKeyPid);
+ TUint32 Seq();
+ void SetSeq(TUint32 aPfKeySeq);
+ void SetVirtualIp();
+ TBool ForVirtualIp();
+ TBool SrcSpecific();
+ void SetSrcSpecific(TBool aSrcSpecific);
+ TUint8 IpsecProtocol();
+ void SetIpsecProtocol(TUint8 aProtocol);
+
+ HBufC8* LocalId();
+ HBufC8* RemoteId();
+ HBufC8* SA()const;
+ void AddIpsecSpiToSa(const TDesC8& aSpi);
+ const CArrayFix<TIkeV2TrafficSelector>& TS_i();
+ const CArrayFix<TIkeV2TrafficSelector>& TS_r();
+ void ReplaceSA(HBufC8* aSA);
+ void ReplaceTS_i(CArrayFix<TIkeV2TrafficSelector>* aTS);
+ void ReplaceTS_r(CArrayFix<TIkeV2TrafficSelector>* aTS);
+ void ReplaceLocalId(HBufC8* aId);
+ void ReplaceRemoteId(HBufC8* aId);
+
+ CIkev2Acquire(TInt aId);
+ ~CIkev2Acquire();
+
+ private:
+ void ConstructL(const TPfkeyMessage& aReq, const TInetAddr& aLocalAddr, TUint16 aDHGroup, TBool aImplicitSa,
+ const TIpsecSaSpec* aSaSpec, const CIpsecSARekeyData* aRekeyData);
+
+ private:
+ TUint32 iId; // Unique sequence number for GETSPI
+ TBuf8<4> iSPIIn; // Ipsec SPI value in (local SPI)
+ TBuf8<4> iSPIOut; // Ipsec SPI value out (remote SPI)
+ TBuf8<4> iSPIToBeRekeyed;// Ipsec SPI value of IPSec SA to be rekeyed
+ TUint32 iDHGroup; // DH group for PFS
+ TBool iTransport; // Transport Mode requested
+ TBool iResponse; // Object is for Child SA response
+ TBool iSrcSpecific; // Requested SA is "local address" specific
+ TBool iForVirtualIp; // This Acquire is just for getting virtual IP
+ TInt iReplayWindow; // Ipsec replay window value
+ TInt iProtocol; // Ipsec protocol
+ TUint32 iPfKeyPid; // Saved from PFKEY Acquire
+ TUint32 iPfKeySeq; // Saved from PFKEY Acquire
+ TIpsecSALifetime iHard;
+ TIpsecSALifetime iSoft;
+ HBufC8* iSA; // Ipsec SA payload built from Pfkey Acquire
+
+ CArrayFix<TIkeV2TrafficSelector>* iTS_i; // Local Traffic selector info
+ CArrayFix<TIkeV2TrafficSelector>* iTS_r; // Remote Traffic selector info
+ HBufC8* iLocalId; // Local Id data, if any
+ HBufC8* iRemoteId; // Remote Id data, if any
+ CIkev2Acquire* iNext; // Next pending acquire
+};
+
+#endif /* __IKEV2ACQUIRE_H__ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2config.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This class is used to handle IKEv2 configuration payload attributes.
+*
+*/
+#ifndef __IKEV2CONFIG_H_
+#define __IKEV2CONFIG_H_
+#include <e32base.h>
+#include "vpnmandefs.h"
+
+class CIkev2Acquire;
+class TCPPayloadIkev2;
+class TDataAttributes;
+class TInetAddr;
+//
+//
+// CIkev2Config
+// This class is used to handle IKEv2 config payload attributes
+//
+
+NONSHARABLE_CLASS(CIkev2Config) : public CBase
+{
+ public:
+ static CIkev2Config* NewL(CIkev2Acquire* aAcquire, TInetAddr* aRemoteIp=NULL);
+ ~CIkev2Config();
+ TBool ProcessCpL(TCPPayloadIkev2* aCpPayload);
+ TPtrC8 Cp() const;
+ TUint8 CpType() const;
+ TUint32 ExpireTime() const;
+ TVPNAddress VirtualIp();
+
+
+ private:
+ void ConstructL(CIkev2Acquire* aAcquire, TInetAddr* aRemoteIp);
+ TInt AddAttribute(TDataAttributes* aAttr, TUint8 aType, TInt aLth, TUint8* aData);
+
+ private:
+ TBool iRequestGoing; // CP Request going
+ TUint32 iAddressExpiry; // Address expiration time
+ HBufC8* iCp; // CP Payload buffer
+ TUint8 iCpType;
+ TVPNAddress iVIP; // Virtual IP
+};
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2const.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,266 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 constants.
+*
+*/
+
+
+#ifndef _IKEV2CONST_H_
+#define _IKEV2CONST_H_
+
+#include <e32def.h>
+
+//
+// All Headers with values in network byte order
+//
+#define MIN_IKEV2_PAYLOAD_SIZE 4
+
+
+//Version
+#define MAJORV2 2
+#define MAJORV1 1
+#define MINOR 0
+#define MAJOR2MINOR0 (MAJORV2 << 4)
+
+//
+// IKEv2 HEADER FLAGS (bits 0-2 reserved for IKEv1)
+//
+#define IKEV2_INITIATOR 0x8 // Original Initiator Bit
+#define IKEV2_HIGHER_VERSION 0x10 // Higher version supported
+#define IKEV2_RESPONSE_MSG 0x20 // Current message is a response
+
+//
+// IKEv2 EXCHANGE TYPES
+//
+#define IKE_SA_INIT 34
+#define IKE_AUTH 35
+#define CREATE_CHILD_SA 36
+#define INFORMATIONAL 37
+
+//
+//Payload types
+//
+#define IKEV2_PAYLOAD_NONE 0 // (Terminator)
+#define IKEV2_PAYLOAD_SA 33 // Security Association
+#define IKEV2_PAYLOAD_PROP 2 // Proposal
+#define IKEV2_PAYLOAD_TRANS 3 // Transform
+#define IKEV2_PAYLOAD_KE 34 // Key Exchange
+#define IKEV2_PAYLOAD_ID_I 35 // Identification (Initiator)
+#define IKEV2_PAYLOAD_ID_R 36 // Identification (Responder)
+#define IKEV2_PAYLOAD_CERT 37 // Certificate
+#define IKEV2_PAYLOAD_CR 38 // Certificate Request
+#define IKEV2_PAYLOAD_AUTH 39 // Authentication
+#define IKEV2_PAYLOAD_NONCE 40 // Nonce
+#define IKEV2_PAYLOAD_NOTIF 41 // Notification
+#define IKEV2_PAYLOAD_DELETE 42 // Delete
+#define IKEV2_PAYLOAD_VID 43 // Vendor ID
+#define IKEV2_PAYLOAD_TS_I 44 // Traffic selector (initiator)
+#define IKEV2_PAYLOAD_TS_R 45 // Traffic selector (Responder)
+#define IKEV2_PAYLOAD_ENCR 46 // Encrypted
+#define IKEV2_PAYLOAD_CONFIG 47 // Configuration
+#define IKEV2_PAYLOAD_EAP 48 // Extensible Authentication
+
+#define IKEV2_PAYLOAD_PRIVATE 128 // Private use (up to 255)
+
+//
+// Critical bit in general paylaod header
+// Encrypted bit is an internal definition to indicate that received
+// payload was encrypted (=received inside encrypted payload)
+//
+#define IKEV2_PL_CRITICAL 0x80
+#define IKEV2_PL_ENCRYPTED 0x01
+#define IKEV2_PL_SELECTED 0x02
+
+//
+// Protocol ID values
+//
+#define IKEV2_PROT_NONE 0
+#define IKEV2_PROTOCOL 1
+#define IKEV2_IPSEC_AH 2
+#define IKEV2_IPSEC_ESP 3
+
+//
+// Transform type values
+//
+#define IKEV2_ENCR 1 // IKE and ESP
+#define IKEV2_PRF 2 // IKE
+#define IKEV2_INTEG 3 // IKE, AH, optional in ESP
+#define IKEV2_DH 4 // IKE, optional AH and ESP
+#define IKEV2_ESN 5 // optional AH and ESP
+
+//
+// Transform ID values for encryption algorithm type
+//
+
+#define ENCR_DES_IV64 1 // RFC1827
+#define ENCR_DES 2 // RFC2405
+#define ENCR_3DES 3 // RFC2451
+#define ENCR_RC5 4 // RFC2451
+#define ENCR_IDEA 5 // RFC2451
+#define ENCR_CAST 6 // RFC2451
+#define ENCR_BLOWFISH 7 // RFC2451
+#define ENCR_3IDEA 8 // RFC2451
+#define ENCR_DES_IV32 9 //
+#define ENCR_NULL 11 // RFC2410
+#define ENCR_AES_CBC 12 // RFC3602
+#define ENCR_AES_CTR 13 // RFC3664
+
+//
+// Attribute type values (used only with encryption algorithm transform)
+//
+#define IKEV2_ENCR_KEY_LTH 14 //
+
+//
+// Transform ID values for Pseudo-random Function type
+//
+#define PRF_HMAC_MD5 1 // RFC2104
+#define PRF_HMAC_SHA1 2 // RFC2104
+#define PRF_HMAC_TIGER 3 // RFC2104
+#define PRF_AES128_CBC 4 // RFC3664
+
+//
+// Transform ID values for Integrity Algorithm type
+//
+#define AUTH_HMAC_MD5_96 1 // RFC2403
+#define AUTH_HMAC_SHA1_96 2 // RFC2403
+#define AUTH_DES_MAC 3 //
+#define AUTH_KPDK_MD5 4 // RFC1826
+#define AUTH_AES_XCBC_96 5 // RFC3566
+
+//
+// Transform ID values for Diffie-Hellman group type
+//
+#define DH_GROUP_768 1 // Appendix B
+#define DH_GROUP_1024 2 // Appendix B
+#define DH_GROUP_1536 5 // RFC3526
+#define DH_GROUP_2048 14 // RFC3526
+
+
+//
+//NOTIFY MESSAGES - ERROR TYPES
+//
+#define UNSUPPORTED_CRITICAL_PAYLOAD 1
+#define INVALID_IKE_SPI 4
+#define INVALID_MAJOR_VERSION 5
+#define INVALID_SYNTAX 7
+#define INVALID_MESSAGE_ID 9
+#define INVALID_SPI 11
+#define NO_PROPOSAL_CHOSEN 14
+#define INVALID_KE_PAYLOAD 17
+#define AUTHENTICATION_FAILED 24
+#define SINGLE_PAIR_REQUIRED 34
+#define NO_ADDITIONAL_SAS 35
+#define INTERNAL_ADDRESS_FAILURE 36
+#define FAILED_CP_REQUIRED 37
+#define TS_UNACCEPTABLE 38
+#define INVALID_SELECTORS 39
+
+//
+// NOTIFY MESSAGES - STATUS TYPES
+//
+#define INITIAL_CONTACT 16384
+#define SET_WINDOW_SIZE 16385
+#define ADDITIONAL_TS_POSSIBLE 16386
+#define IPCOMP_SUPPORTED 16387
+#define NAT_DETECTION_SOURCE_IP 16388
+#define NAT_DETECTION_DESTINATION_IP 16389
+#define COOKIE 16390
+#define USE_TRANSPORT_MODE 16391
+#define HTTP_CERT_LOOKUP_SUPPORTED 16392
+#define REKEY_SA 16393
+#define ESP_TFC_PADDING_NOT_SUPPORTED 16394
+#define NON_FIRST_FRAGMENTS_ALSO 16395
+
+//
+// NOTIFY MESSAGES CODES FOR MOBIKE
+//
+#define MOBIKE_SUPPORTED 16396
+#define ADDITIONAL_IPV4_ADDRESS 16397
+#define ADDITIONAL_IPV6_ADDRESS 16398
+#define UPDATE_SA_ADDRESS 16400
+#define COOKIE2 16401
+#define NAT_PREVENTION 16402 //Is this the same as NO_NATS_ALLOWED?
+// NOTIFY MESSAGES ERROR CODES FOR MOBIKE
+#define UNACCPETABLE_ADDRESSES 9500
+#define NAT_PREVENTED 9501
+
+//
+// IKEv2 Identity type codes
+//
+#define ID_NOT_DEFINED 0
+#define ID_IPV4_ADDR 1
+#define ID_FQDN 2
+#define ID_RFC822_ADDR 3
+#define ID_IPV4_ADDR_SUBNET 4 // For IPSEC ID:s
+#define ID_IPV6_ADDR 5
+#define ID_IPV6_ADDR_SUBNET 6 // For IPSEC ID:s
+#define ID_DER_ASN1_DN 9
+#define ID_KEY_ID 11
+
+//
+// IKEv2 Authentication methods
+//
+#define RSA_DIGITAL_SIGN 1
+#define PRESHARED_KEY 2
+#define DSS_DIGITAL_SIGN 3
+
+//
+// IKEv2 Traffic selector type values
+//
+#define TS_IPV4_ADDR_RANGE 7
+#define TS_IPV6_ADDR_RANGE 8
+
+//
+// IKEv2 CFG Types (For Config payload)
+//
+#define CFG_REQUEST 1
+#define CFG_REPLY 2
+#define CFG_SET 3
+#define CFG_ACK 4
+
+//
+// IKEv2 Configuration attributes
+//
+#define INTERNAL_IP4_ADDRESS 1 // 0 or 4 octets
+#define INTERNAL_IP4_NETMASK 2 // 0 or 4 octets
+#define INTERNAL_IP4_DNS 3 // 0 or 4 octets
+#define INTERNAL_IP4_NBNS 4 // 0 or 4 octets
+#define INTERNAL_ADDRESS_EXPIRY 5 // 0 or 4 octets
+#define INTERNAL_IP4_DHCP 6 // 0 or 4 octets
+#define APPLICATION_VERSION 7 // 0 or more
+#define INTERNAL_IP6_ADDRESS 8 // 0 or 16
+#define INTERNAL_IP6_DNS 10 // 0 or 16 octets
+#define INTERNAL_IP6_NBNS 11 // 0 or 16 octets
+#define INTERNAL_IP6_DHCP 12 // 0 or 16 octets
+#define INTERNAL_IP4_SUBNET 13 // 0 or 8 octets
+#define SUPPORTED_ATTRIBUTES 14 // Multiple of 2
+#define INTERNAL_IP6_SUBNET 15 // 17 octets
+
+//
+// IKEv2 Certificate Encoding codes
+//
+#define PKCS7_WRAPPED_X509_CERT 1
+#define PGP_CERTIFICATE 2
+#define DNS_SIGNED_KEY 3
+#define X509_CERTIFICATE_SIGN 4
+#define KERBEROS_TOKEN 6
+#define CERT_REVOCATION_LIST 7
+#define AUTHORITY_REVOCATION_LIST 8
+#define SPKI_CERTIFICATE 9
+#define X509_CERTIFICATE_ATTRIBUTE 10
+#define RAW_RSA_KEY 11
+#define HASH_AND_URL_X509_CERT 12
+#define HASH_AND_URL_X509_BUNDLE 13
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2deactivationtimer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,64 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Timer to trigger cancellation of session deletion.
+*
+*/
+
+#ifndef C_IKEV2DEACTIVATIONTIMER_H
+#define C_IKEV2DEACTIVATIONTIMER_H
+
+#include <e32base.h>
+
+/**
+ * Deactivation timer callback interface.
+ * Callback interface which is used by CIkev2DeactivationTimer object to
+ * notify about deactivation timeout.
+ *
+ */
+NONSHARABLE_CLASS(MIkev2DeactivationTimerCallback)
+ {
+public:
+ /**
+ * Notifies about deactivation timeout.
+ */
+ virtual void DeactivationTimeout() = 0;
+ };
+
+
+/**
+ * Deactivation timer.
+ *
+ */
+NONSHARABLE_CLASS(CIkev2DeactivationTimer) : public CTimer
+{
+public:
+ static CIkev2DeactivationTimer* NewL(MIkev2DeactivationTimerCallback& aCallback);
+ ~CIkev2DeactivationTimer();
+
+ /**
+ * Issues a request to the timer.
+ */
+ void IssueRequest();
+
+protected:
+ void RunL();
+
+private:
+ CIkev2DeactivationTimer(MIkev2DeactivationTimerCallback& aCallback);
+
+ MIkev2DeactivationTimerCallback& iCallback;
+
+};
+
+#endif // C_IKEV2DEACTIVATIONTIMER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2expire.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* CExpire. This class is used to handle PFKEY Expire primitives received
+* from IPSec plug-in.
+*
+*/
+#ifndef __IKEV2EXPIRE_H__
+#define __IKEV2EXPIRE_H__
+
+#include <e32base.h>
+
+class TPfkeyMessage;
+//
+//
+// CIkev2Expire
+// This class is used to handle PFKEY Expire primitives received from
+// Ipsec plug-in.
+//
+class CIkev2Expire : public CBase
+{
+ public:
+ CIkev2Expire() {}
+ ~CIkev2Expire() {}
+ static CIkev2Expire* NewL(const TPfkeyMessage& aPfkeyMessage);
+ static CIkev2Expire* GetNext(CIkev2Expire** aAnchor);
+ static void Link(CIkev2Expire* aExpire, CIkev2Expire** aAnchor);
+ static void PurgeQue(CIkev2Expire** aAnchor);
+ TPtrC8 SPI();
+ void SetSPI(const TDesC8& aSPI);
+ TUint8 Protocol();
+ void SetProtocol(TUint8 aProt);
+
+ private:
+ TBuf8<4> iSPI; // Ipsec SPI value in (local SPI)
+ TUint8 iProtocol; // Ipsec protocol code
+ TUint8 iReserved[3]; // For alignment
+ CIkev2Expire* iNext; // Next pending acquire
+
+};
+
+#endif /* __IKEV2EXPIRE_H__ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2identity.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,53 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Identity data structure for IKEv2
+*
+*/
+
+#ifndef IKEV2IDENTITY_H_
+#define IKEV2IDENTITY_H_
+
+#include <e32base.h>
+
+NONSHARABLE_CLASS(CIkeV2Identity) : public CBase
+ {
+public:
+ static CIkeV2Identity* NewL(TUint8 aIdType, const TDesC8& aIdentity);
+ ~CIkeV2Identity();
+
+ TUint8 IdType() const;
+ TPtrC8 Identity() const;
+
+ /**
+ * Returns id payload data, excluding the
+ * IKE payload fixed header:
+ *
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! ID Type ! RESERVED |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ! !
+ * ~ Identification Data ~
+ * ! !
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ */
+ TPtrC8 PayloadData() const;
+
+private:
+ void ConstructL(TUint8 aIdType, const TDesC8& aIdentity);
+
+ HBufC8* iIdPayloadData;
+ };
+
+#endif /* IKEV2IDENTITY_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2ipsecsadata.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,75 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 IPsec SA data definition
+* Class TIkeV2IpsecSAData is the IKEv2 specific version of
+* IPsec SA parameter definition which
+* is used to pass SA information between store IPsec SA
+* information internally by the IKEv2 plugin.
+*
+*/
+
+#ifndef __IKEV2IPSECSADATA_H__
+#define __IKEV2IPSECSADATA_H__
+
+#include <e32base.h>
+
+class CIpsecSARekeyData;
+class MIkeDebug;
+
+class TIkeV2IpsecSAData
+ {
+public:
+ TIkeV2IpsecSAData(MIkeDebug& aDebug);
+ void Copy(const TIkeV2IpsecSAData& aSrc);
+ //void StoreKeyMaterial(HBufC8* aKeyMaterial);
+ void PurgeKeyMaterial();
+ void DeleteRekeyData();
+
+ void GenerateIpsecKeysL(const TDesC8& aSKd,
+ const TDesC8& aGPowIr,
+ const TDesC8& aNonceI,
+ const TDesC8& aNonceR,
+ TUint16 aPrfAlg);
+
+public:
+
+
+ TBuf8<4> iSPI_In; // Local SPI
+ TBuf8<4> iSPI_Out; // Remote SPI
+
+//
+// Selected IPSEC SA proposal
+//
+ TUint16 iEncrAlg; // Encryption algorithm (transform ID 1)
+ TUint16 iIntegAlg; // Integrity algorithm (transform ID 3)
+ TUint8 iSaType; // AH, ESP SA type from pfkeyv2.h
+ TUint8 iESN; // 0 = no ESN; 1 = ESN with ESP
+ TInt iCipherKeyLth; // Cipher key length
+ TInt iIntegKeyLth; // Integrity key length
+ TBool iTransport; // if Transport mode value is ETrue
+ TBool iSrcSpecific; // if IPSec SA is source specific is ETrue
+
+ CIpsecSARekeyData* iRekeyData;
+//
+// IPSEC keymaterial buffers
+//
+ HBufC8* iKeyMaterial; // Cipher key buffer
+ TIkeV2IpsecSAData* iNext; // Next Ipsec SA pair
+
+private:
+ MIkeDebug& iDebug;
+ };
+
+
+#endif /* __IKEV2IPSECSADATA_H__ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2ipsecsarekeydata.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,84 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Rekey data
+*
+*/
+
+#ifndef IKEV2IPSECSAREKEYDATA_H_
+#define IKEV2IPSECSAREKEYDATA_H_
+
+#include <e32base.h>
+#include "ipsecsalifetime.h"
+#include "ikev2trafficselector.h"
+
+class TIkeV2TrafficSelector;
+
+NONSHARABLE_CLASS(CIpsecSARekeyData) : public CBase
+ {
+public:
+ static CIpsecSARekeyData* NewL(const TInt aReplayWindow,
+ const TIpsecSALifetime* aHard,
+ const TIpsecSALifetime* aSoft,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_i,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_r,
+ const TDesC8& aLocalId, const TDesC8& aRemoteId);
+ ~CIpsecSARekeyData();
+
+ TInt ReplayWindow() const;
+ TIpsecSALifetime HardLifetime() const;
+ TIpsecSALifetime SoftLifetime() const;
+
+ const TPtrC8 LocalId() const;
+ const TPtrC8 RemoteId() const;
+
+ /**
+ * Copies the initiator side traffic selectors.
+ * Ownership is transferrer
+ */
+ CArrayFix<TIkeV2TrafficSelector>* TsIL() const;
+
+ /**
+ * Copies the responder side traffic selectors.
+ * Ownership is transferrer
+ */
+ CArrayFix<TIkeV2TrafficSelector>* TsRL() const;
+private:
+ CIpsecSARekeyData(const TInt aReplayWindow,
+ const TIpsecSALifetime* aHard,
+ const TIpsecSALifetime* aSoft);
+
+ void ConstructL(const CArrayFix<TIkeV2TrafficSelector>& aTS_i,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_r,
+ const TDesC8& aLocalId, const TDesC8& aRemoteId);
+
+
+
+ CArrayFix<TIkeV2TrafficSelector>* CopyTsL(const CArrayFix<TIkeV2TrafficSelector>& aTS) const;
+
+ //
+ // Saved from Acquire object for possible IPSec SA rekeying
+ //
+ TInt iReplayWindow;
+ TIpsecSALifetime iHard;
+ TIpsecSALifetime iSoft;
+
+
+ CArrayFix<TIkeV2TrafficSelector>* iTS_i;
+ CArrayFix<TIkeV2TrafficSelector>* iTS_r;
+ HBufC8* iLocalId;
+ HBufC8* iRemoteId;
+ };
+
+
+#endif /* IKEV2IPSECSAREKEYDATA_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2keepalive.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,72 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Common keep alive object
+*
+*/
+
+#ifndef _IKEV2KEEPALIVE_H_
+#define _IKEV2KEEPALIVE_H_
+
+
+#include <e32base.h>
+#include <in_sock.h>
+
+class CIkev2PluginSession;
+
+/**
+* IKE keepalive event handler
+* @internalComponent
+*/
+class MIkeV2DpdHeartBeatEventHandler
+{
+ public:
+ /**
+ * IKE PKI service operation completed
+ * @internalComponent
+ * @param aStatus completion status of operation
+ * @param aObject pointer to CIkePkiService object
+ *
+ */
+ virtual void EventHandlerL()=0;
+};
+
+
+NONSHARABLE_CLASS(CIkeV2KeepAlive) : public CTimer
+{
+ public:
+ static CIkeV2KeepAlive* NewL(TInt DpdKeepAlive,
+ MIkeV2DpdHeartBeatEventHandler& aHandler);
+ ~CIkeV2KeepAlive();
+
+ protected:
+ //
+ // CActive methods
+ //
+ void DoCancel();
+ void RunL();
+
+ private: // implementation
+ CIkeV2KeepAlive(TInt DpdKeepAlive,
+ MIkeV2DpdHeartBeatEventHandler& aHandler);
+ void ConstructL();
+ void StartTimer();
+
+ private: // data
+ MIkeV2DpdHeartBeatEventHandler& iCallback;
+
+ TInt iDpdKeepAlive;
+ TInt iRemainingTime;
+};
+
+#endif //_IKEV2KEEPALIVE_H_
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2message.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,377 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class to represent IKEv2 payloads and to construct IKEv2 datagrams
+*
+*/
+
+#ifndef IKEV2MESSAGE_H_
+#define IKEV2MESSAGE_H_
+
+#include <e32base.h>
+
+class CIkeCaList;
+class CDesC8Array;
+class TIkeV2TrafficSelector;
+class CIkeV2Identity;
+
+NONSHARABLE_CLASS(CIkeV2Payload) : public CBase
+ {
+public:
+ ~CIkeV2Payload();
+
+ TUint8 NextPayload() const;
+ void SetNextPayload(TUint8 aNextPayload);
+
+ TUint16 PayloadLength() const;
+ void SetPayloadLength(TUint16 aLength);
+
+ TPtrC8 PayloadData() const;
+ TUint8 PayloadType() const;
+
+protected:
+ CIkeV2Payload(TUint8 aPayloadType);
+
+ HBufC8* iPayloadData;
+
+private:
+ TUint8 iPayloadType;
+ };
+
+
+NONSHARABLE_CLASS(CIkevV2CertReqPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkevV2CertReqPayload* NewL(const CIkeCaList& aCaList);
+
+private:
+ CIkevV2CertReqPayload();
+ void ConstructL(const CIkeCaList& aCaList);
+ };
+
+NONSHARABLE_CLASS(CIkevV2CertPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkevV2CertPayload* NewL(const TDesC8& aCertData);
+
+private:
+ CIkevV2CertPayload();
+ void ConstructL(const TDesC8& aCertData);
+ };
+
+
+
+NONSHARABLE_CLASS(CIkevV2SaPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkevV2SaPayload* NewL(const TDesC8& aSaData);
+
+private:
+ CIkevV2SaPayload();
+ void ConstructL(const TDesC8& aSaData);
+
+ };
+
+
+NONSHARABLE_CLASS(CIkevV2KePayload) : public CIkeV2Payload
+ {
+public:
+ static CIkevV2KePayload* NewL(TUint16 aDHGroup, const TDesC8& aKeData);
+
+private:
+ CIkevV2KePayload();
+ void ConstructL(TUint16 aDHGroup, const TDesC8& aKeData);
+ };
+
+
+NONSHARABLE_CLASS(CIkevV2NoncePayload) : public CIkeV2Payload
+ {
+public:
+ static CIkevV2NoncePayload* NewL(const TDesC8& aNonceData);
+
+private:
+ CIkevV2NoncePayload();
+ void ConstructL(const TDesC8& aNonceData);
+ };
+
+
+NONSHARABLE_CLASS(CIkevV2IdPayload) : public CIkeV2Payload
+ {
+protected:
+ CIkevV2IdPayload(TUint8 aPayloadType);
+ void ConstructL(const CIkeV2Identity& aIdentity);
+ };
+
+NONSHARABLE_CLASS(CIkevV2IdiPayload) : public CIkevV2IdPayload
+ {
+public:
+ static CIkevV2IdiPayload* NewL(const CIkeV2Identity& aIdentity);
+
+private:
+ CIkevV2IdiPayload();
+ };
+
+
+NONSHARABLE_CLASS(CIkevV2IdrPayload) : public CIkevV2IdPayload
+ {
+public:
+ static CIkevV2IdrPayload* NewL(const CIkeV2Identity& aIdentity);
+
+private:
+ CIkevV2IdrPayload();
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2AuthPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2AuthPayload* NewL(TUint8 aAuthMethod, const TDesC8& aAuthData);
+
+private:
+ CIkeV2AuthPayload();
+ void ConstructL(TUint8 aAuthMethod, const TDesC8& aAuthData);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2NotifyPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2NotifyPayload* NewL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData);
+
+private:
+ CIkeV2NotifyPayload();
+ void ConstructL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2ConfigurationPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2ConfigurationPayload* NewL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData);
+
+private:
+ CIkeV2ConfigurationPayload();
+ void ConstructL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2VendorIdPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2VendorIdPayload* NewL(const TDesC8& aVendorIdData);
+
+private:
+ CIkeV2VendorIdPayload();
+ void ConstructL(const TDesC8& aVendorIdData);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2DeletePayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2DeletePayload* NewL(TUint8 aProtocolId, const CDesC8Array& aSpiList);
+
+private:
+ CIkeV2DeletePayload();
+ void ConstructL(TUint8 aProtocolId, const CDesC8Array& aSpiList);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2EapPayload) : public CIkeV2Payload
+ {
+public:
+ static CIkeV2EapPayload* NewL(const TDesC8& aEapData);
+
+private:
+ CIkeV2EapPayload();
+ void ConstructL(const TDesC8& aEapData);
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2TsPayload) : public CIkeV2Payload
+ {
+protected:
+ CIkeV2TsPayload(TUint aPayloadType);
+ void ConstructL(const CArrayFix<TIkeV2TrafficSelector>& aTsList);
+ };
+
+class CIkeV2TsiPayload : public CIkeV2TsPayload
+ {
+public:
+ static CIkeV2TsiPayload* NewL(const CArrayFix<TIkeV2TrafficSelector>& aTsList);
+
+private:
+ CIkeV2TsiPayload();
+ };
+
+NONSHARABLE_CLASS(CIkeV2TsrPayload) : public CIkeV2TsPayload
+ {
+public:
+ static CIkeV2TsrPayload* NewL(const CArrayFix<TIkeV2TrafficSelector>& aTsList);
+
+private:
+ CIkeV2TsrPayload();
+ };
+
+
+NONSHARABLE_CLASS(CIkeV2EncryptedPayload) : public CIkeV2TsPayload
+ {
+public:
+ static CIkeV2EncryptedPayload* NewL(TUint aBlockSize);
+
+ TUint BlockSize() const;
+ TPtrC8 InitializationVector() const;
+
+ void SetContentLength(TUint16 aLength);
+private:
+ CIkeV2EncryptedPayload();
+ void ConstructL(TUint aBlockSize);
+
+ TUint iBlockSize;
+ };
+
+class MIkeDebug;
+class TInetAddr;
+
+NONSHARABLE_CLASS(CIkeV2Message) : public CBase
+ {
+public:
+
+ /**
+ * Constructs new IKE message.
+ *
+ * @param aInitiatorSpi Initiator SPI
+ * @param aResponderSpi Responder SPI
+ * @param aExchangeType Type of the exchange. Possible values are:
+ * IKE_SA_INIT, IKE_AUTH, CREATE_CHILD_SA and INFORMATIONAL.
+ * @param aFlags Message flags. Possible flags are:
+ * IKEV2_INITIATOR and IKEV2_RESPONSE_MSG.
+ */
+ static CIkeV2Message* NewL(const TDesC8& aInitiatorSpi,
+ const TDesC8& aResponderSpi,
+ TUint8 aExchangeType,
+ TBool aIntiator,
+ TBool aResponse,
+ TUint32 aMessageId,
+ MIkeDebug& aDebug);
+ ~CIkeV2Message();
+
+ TPtrC8 InitiatorSpi()const;
+ TPtrC8 ResponderSpi() const;
+
+ TUint8 NextPayload() const;
+
+ TUint8 MajorVersion() const;
+ TUint8 MinorVersion() const;
+
+ TUint8 ExchangeType() const;
+
+ TUint8 Flags() const;
+
+ TUint32 MessageId() const;
+
+ TUint32 Length() const;
+
+ void AppendCertReqPayloadL(const CIkeCaList& aCaList);
+ void AppendCertPayloadL(const TDesC8& aCertificateData);
+ void AppendSaPayloadL(const TDesC8& aSaData);
+ void AppendKePayloadL(TUint16 aDHGroup, const TDesC8& aKeData);
+ void AppendNoncePayloadL(const TDesC8& aNonceData);
+ void AppendIdiPayloadL(const CIkeV2Identity& aIdentity);
+ void AppendIdrPayloadL(const CIkeV2Identity& aIdentity);
+ void AppendAuthPayloadL(TUint8 aAuthMethod, const TDesC8& aAuthData);
+ void AppendNotifyPayloadL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData);
+
+ /**
+ * A special method for adding a cookie notify in the
+ * beginning of an existing ike message.
+ */
+ void PrependCookieNotifyPayloadL(const TDesC8& aCookieData);
+
+ void AppendConfigurationPayloadL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData);
+ void AppendVendorIdPayloadL(const TDesC8& aVendorIdData);
+ void AppendDeletePayloadL(TUint8 aProtocolId, const CDesC8Array& aSpiList);
+ void AppendEapPayloadL(const TDesC8& aEapData);
+ void AppendTsiPayloadL(const CArrayFix<TIkeV2TrafficSelector>& aTsList);
+ void AppendTsrPayloadL(const CArrayFix<TIkeV2TrafficSelector>& aTsList);
+
+ /**
+ * Adds the encrypted payload to the message.
+ * The added encrypted payload has to be the first added payload.
+ */
+ void AppendEncryptedPayloadL(TUint aBlockSize);
+
+
+ /**
+ * Gets the ike message datagram, which is ready to be
+ * send to the receiver.
+ *
+ * @param aEncryptionAlgorith Encryption algorithm to be used to encrypt the datagram.
+ * If the message does not contain an encryption payload, this
+ * parameter is ignored.
+ * @param aEncryptionKey Encryption key used to used to encrypt the datagram.
+ * If the message does not contain an encryption payload, this
+ * parameter is ignored.
+ * @param aIntegrityAlgorithm Algorithm used to calculate the integrity checks sum.
+ * If the message does not contain an encryption payload, this
+ * parameter is ignored.
+ * @param aSourceAddress Source address of the datagram. Needed for message tracing in
+ * debug builds.
+ * @param aDestinationAddress Destination address of the datagram. Needed for message tracing in
+ * debug builds.
+ */
+ void PrepareIkeMessageDatagramL(TUint16 aEncryptionAlgorithm,
+ const TDesC8& aEncryptionKey,
+ TUint16 aIntegrityAlgorithm,
+ const TDesC8& aIntegrityKey,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress);
+
+ TPtrC8 IkeMessageDatagram() const;
+private:
+ CIkeV2Message(MIkeDebug& aDebug);
+ void ConstructL(const TDesC8& aInitiatorSpi,
+ const TDesC8& aResponderSpi,
+ TUint8 aExchangeType,
+ TBool aIntiator,
+ TBool aResponse,
+ TUint32 aMessageId);
+
+ void AppendPayloadL(CIkeV2Payload* aPayload);
+
+ void SetFlags(TUint8 aFlags);
+ void SetLength(TUint32 aDatagramLength);
+ void SetNextPayload(TUint8 aNextPayload);
+
+
+ MIkeDebug& iDebug;
+ HBufC8* iIkeV2MessageHeader;
+ RPointerArray<CIkeV2Payload> iPayloads;
+
+ TBool iModified;
+ HBufC8* iIkeV2Datagram;
+ };
+
+#endif /* IKEV2MESSAGE_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2messagesendqueue.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,87 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 IKE message send que.
+*
+*/
+
+#ifndef IKEV2MESSAGESENDQUEUE_H_
+#define IKEV2MESSAGESENDQUEUE_H_
+
+#include <e32base.h>
+#include <in_sock.h>
+#include "ikev2sender.h"
+
+
+class MIkeDataInterface;
+class MIkeDebug;
+
+class TIkeMsgWaitQueueObject
+ {
+public:
+ TPtrC8 iIkeMsg;
+ TBool iFloatedPort;
+ };
+
+
+NONSHARABLE_CLASS(CIkev2MessageSendQueue) : public CActive,
+ public MIkev2SenderCallback
+ {
+public:
+ static CIkev2MessageSendQueue* NewL(MIkeDataInterface& aDataInterface,
+ const TInetAddr& aDestinationAddress,
+ TUint8 aDscp,
+ TUint aNatKeepAliveInterval,
+ MIkeDebug& aDebug);
+ ~CIkev2MessageSendQueue();
+
+ void SendIkeMessageL(const TPtrC8 aIkeMsg, TBool aFloatedPort);
+ void CancelSend(const TPtrC8& aIkeMsg);
+
+ void CancelAll();
+
+ void NewSaBehindNatL(TUint aSaId);
+ void SaBehindNatDeleted(TUint aSaId);
+
+protected:
+ void SendIkeMsgCompleted( TInt aStatus );
+
+ void RunL();
+ void DoCancel();
+
+private:
+ CIkev2MessageSendQueue(MIkeDataInterface& aDataInterface,
+ const TInetAddr& aDestinationAddress,
+ TUint8 aDscp,
+ TUint aNatKeepAliveInterval,
+ MIkeDebug& aDebug);
+ void ConstructL();
+ void ArmKeepaliveTimer();
+
+ MIkeDataInterface& iDataInterface;
+ TUint iNatKeepAliveInterval;
+ TInetAddr iDestinationAddress;
+ TUint8 iDscp;
+ MIkeDebug& iDebug;
+
+ CIkev2Sender* iSender;
+ RTimer iNatKeepaliveTimer;
+
+ RArray<TIkeMsgWaitQueueObject> iIkeMsgSendBuffer; //IkeMsgs waiting for send
+ TPtrC8 iIkeMsgInSending; //IkeMsgs, which is currently in sending
+
+ RArray<TUint> iSasBehindNat;
+ TUint iRemainingTime;
+ };
+
+#endif /* IKEV2MESSAGESENDQUEUE_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2mobike.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Mobility and Multihoming Protocol.
+*
+*/
+#ifndef _IKEV2MOBIKE_H_
+#define _IKEV2MOBIKE_H_
+
+class CIkev2Negotiation;
+class TNotifPayloadIkev2;
+
+class Ikev2MobIke
+ {
+public:
+ static TBool ProcessNotifysL(CIkev2Negotiation* aNegotiation,
+ const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys,
+ TBool aRequest, TInt Exchange);
+ static TBool SendUpdateSaAddrNotifyL(CIkev2Negotiation* aNegotiation);
+
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2natt.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,49 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Class CIkev2NatT implements NAT Traversal functionality specified in IKEv2.
+*
+*/
+#ifndef _IKEV2NATT_H_
+#define _IKEV2NATT_H_
+
+class TNotifPayloadIkev2;
+class TInetAddr;
+
+class CIkev2NatT : public CBase
+ {
+public:
+ CIkev2NatT(){};
+ static CIkev2NatT* NewL(const TInetAddr& aSourceAddr, const TInetAddr& aDestinationAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi);
+ ~CIkev2NatT() {delete iSrcNotify; delete iDstNotify; }
+
+ static TUint32 CheckPeerNotifysL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys,
+ const TInetAddr& aLocalAddr, const TInetAddr& aRemoteAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi, TBool& aSupported);
+ TPtrC8 SourceNofify() const { return *iSrcNotify;}
+ TPtrC8 DestinNofify() const { return *iDstNotify;}
+
+private:
+ void ConstructL(const TInetAddr& aSourceAddr, const TInetAddr& aDestinationAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi);
+
+ HBufC8* GenerateNatDetectionHashL(const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi,
+ TInetAddr aIpAddress, TUint16 aPort) const;
+
+ HBufC8* iSrcNotify;
+ HBufC8* iDstNotify;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2payloads.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,571 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Payload classes.
+*
+*/
+#ifndef _IKEV2PAYLOADS_H_
+#define _IKEV2PAYLOADS_H_
+#include "ikev2const.h"
+#include "ikemsgheader.h"
+
+//
+// GENERIC PAYLOAD HEADER
+//
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TPayloadIkev2
+{
+ public:
+ static inline TInt Size() { return sizeof(TPayloadIkev2); }
+ static inline TPayloadIkev2* Cast(const TAny* aPayload) { return (TPayloadIkev2*)aPayload; }
+ inline void Init() { PUT32(&u.iData8[0], 0);}
+ inline TUint8 GetNextPayload() { return u.iData8[0]; }
+ inline void SetNextPayload(TUint8 aPayload) { u.iData8[0] = aPayload; }
+ inline TUint16 GetLength() const { return (TUint16)GET16(&u.iData8[2]); }
+ inline void SetLength(TUint16 aLength) { PUT16(&u.iData8[2], aLength); }
+ inline TBool GetCritical() const { return ((u.iData8[1] & IKEV2_PL_CRITICAL) == IKEV2_PL_CRITICAL); }
+ inline void SetReserved() { u.iData8[1] &= IKEV2_PL_CRITICAL; }
+ inline void SetCritical() { u.iData8[1] |= IKEV2_PL_CRITICAL; }
+ inline TUint8* PayloadPtr() { return (TUint8 *)((char *)this); }
+ inline TUint8* PayloadData() const
+ { return (TUint8 *)((char *)this + sizeof(*this)); } //returns a * to the specific data of this payload
+ inline const TUint PlDataLen() const
+ { if ( GetLength() > sizeof(*this) )
+ return (GetLength() - sizeof(*this));
+ else return 0;
+ } //returns a * to the specific data of this payload
+ inline TPayloadIkev2 *Next() const
+ { return (TPayloadIkev2 *)((char *)this + GetLength()); }
+ //
+ // The following methods are used to manage "ENCRYPTED" bit (0)
+ // in payload reserved field. This bit is set to 1 when a
+ // payload has been received within a encrypted payload.
+ // Encrypted bit is NEVER set into transmitted payload.
+ //
+ inline TBool Encrypted() const { return ((u.iData8[1] & IKEV2_PL_ENCRYPTED) == IKEV2_PL_ENCRYPTED); }
+ inline void SetEncrypted() { u.iData8[1] |= IKEV2_PL_ENCRYPTED; }
+ inline void ResetEncrypted() { u.iData8[1] &= ~IKEV2_PL_ENCRYPTED; }
+
+ private:
+ union
+ {
+ TUint32 iData32[1];
+ TUint16 iData16[2];
+ TUint8 iData8[4];
+ } u;
+};
+
+#define TSAPayload TPayloadIkev2
+#define TNoncePayload TPayloadIkev2
+#define TVendorPlIkev2 TPayloadIkev2
+#define TEAPPayloadIkev2 TPayloadIkev2
+//
+// Transform Attributes
+//
+// In this phase there is only one attribute defined for IKEv2 which is
+// encryption key length for transform type Encryption Algorithm
+//
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// !A! Attribute Type ! AF=0 Attribute Length !
+// !F! ! AF=1 Attribute Value !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! AF=0 Attribute Value !
+// ! AF=1 Not Transmitted !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TDataAttributes
+{
+ public:
+ inline TInt Size() const { return sizeof(*this); }
+ inline TBool IsBasic() const {return ((u.iData8[0] & 0x80) != 0);} //return if basic attrib or variable
+ inline void SetBasic() { u.iData8[0] |= 0x80;}
+ inline void SetVariable() { u.iData8[0] &= 0x7f;}
+ inline TUint16 GetType() { return TUint16(GET16(&u.iData16[0]) & 0x7fff);}
+ inline void SetType(TUint16 aType) { PUT16(&u.iData16[0], aType);}
+ inline TUint16 GetValue() { return TUint16(GET16(&u.iData16[1]));}
+ inline void SetValue(TUint16 aValue) { PUT16(&u.iData16[1], aValue); }
+ inline TUint8* Data() {return (TUint8*)((TUint8*)this + Size());}
+ inline TDataAttributes* Next()
+ {
+ if ( IsBasic() )
+ return (TDataAttributes*)((TUint8*)this + Size());
+ else return (TDataAttributes*)((TUint8*)this + (Size() + (TInt)GetValue()));
+ }
+
+ private:
+ union
+ {
+ TUint32 iData32[1];
+ TUint16 iData16[2];
+ TUint8 iData8[4];
+ } u;
+};
+
+//
+// Transform Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! 0 (last) or 3 ! RESERVED ! Transform Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// !Transform Type ! RESERVED ! Transform ID !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Transform Attributes ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TTransformIkev2
+{
+ public:
+ static inline TTransformIkev2* Cast(const TAny* aPayload) { return (TTransformIkev2*)aPayload; }
+ inline void Init() { PUT32(&u.iData8[0], 0);}
+ inline TInt Size() const { return sizeof(*this); }
+ inline TUint8 GetType() const { return u.iData8[4]; };
+ inline void SetType(TUint8 aPayload) { u.iData8[4] = aPayload; };
+ inline TUint16 GetID() const { return (TUint16)GET16(&u.iData16[3]); };
+ inline void SetID(TUint16 aId) { PUT16(&u.iData16[3], aId); };
+ inline void SetReserved() { u.iData8[5] = 0; };
+ inline TDataAttributes* Attributes() const {return (TDataAttributes*)((TUint8*)this + Size()); }
+ //
+ // The following methods are used to manage "SELECTED" bit (0)
+ // in teh Transform payload reserved field. This bit is set to 1 when
+ // the transform payload has been selected into acceptable
+ // proposal.
+ // "SELECTED" is NEVER set into transmitted payload.
+ //
+ inline TBool IsSelected() { return ((u.iData8[5] & IKEV2_PL_SELECTED) == IKEV2_PL_SELECTED);}
+ inline void Selected() { u.iData8[5] |= IKEV2_PL_SELECTED; }
+ inline void NotSelected() { u.iData8[5] &= ~IKEV2_PL_SELECTED; }
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Proposal Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! 0 (last) or 2 ! RESERVED ! Proposal Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Proposal # ! Protocol ID ! SPI Size !# of Transforms!
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ~ SPI (variable) ~
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ <Transforms> ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TProposalIkev2
+{
+ public:
+ static inline TProposalIkev2 *Cast(const TAny* aPayload) { return (TProposalIkev2 *)aPayload;}
+ inline TInt Size() const { return sizeof(*this); }
+ inline TUint8 GetNum() const { return u.iData8[4]; }
+ inline void SetNum(TUint8 aNumber) { u.iData8[4] = aNumber; }
+ inline TUint8 GetProtocol() const { return u.iData8[5]; }
+ inline void SetProtocol(TUint8 aProtocol) { u.iData8[5] = aProtocol; }
+ inline TUint8 GetSPISize() const { return u.iData8[6]; }
+ inline void SetSPISize(TUint8 aSpiSize) { u.iData8[6] = aSpiSize; }
+ inline TUint8 GetNumTrans() const { return u.iData8[7]; };
+ inline void SetNumTrans(TUint8 aNumber) { u.iData8[7] = aNumber; }
+ inline TTransformIkev2* TransformPl() const //next payload (transform)
+ { return (TTransformIkev2*)((TUint8*)this + sizeof(*this) + GetSPISize()); }
+ inline TUint8 *SPI() {return (TUint8 *)((TUint8*)this + sizeof(*this));} //*to the SPI
+ inline void GetIpsecSPI(TUint32* aSPI) const {Mem::Copy( (TUint8*)aSPI, ((TUint8*)this + sizeof(*this)), 4); }
+ inline void SetIpsecSPI(TUint32 aSPI) { Mem::Copy(((TUint8*)this + sizeof(*this)), (TUint8*)&aSPI, 4); }
+ inline TInt PropHdrLth() const { return (Size() + (TInt)GetSPISize()); }
+ inline TBool Last() const { return u.iData8[0] == 0;}
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Key Exchange Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! DH Group # ! RESERVED !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Key Exchange Data ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TKEPayloadIkev2
+{
+ public:
+ static inline TKEPayloadIkev2 *Cast(const TAny* aPayload) { return (TKEPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TKEPayloadIkev2); }
+ inline TUint16 GetDHGroup() const { return (TUint16)GET16(&u.iData16[2]); };
+ inline void SetDHGroup(TUint16 aGroup) { PUT16(&u.iData16[2], aGroup); };
+ inline void SetReserved() { PUT16(&u.iData16[3], 0); };
+ inline TUint8 *DHPublic() {return (TUint8 *)((TUint8*)this + sizeof(*this));}
+ inline TUint8 GetNextPayload() { return u.iData8[0]; }
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Identification Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! ID Type ! RESERVED |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Identification Data ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TIDPayloadIkev2
+{
+ public:
+ static inline TIDPayloadIkev2 *Cast(const TAny* aPayload) { return (TIDPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TIDPayloadIkev2); }
+ inline TUint8 GetIdType() { return u.iData8[4]; };
+ inline void SetIdType(TUint8 aIdType) { u.iData8[4] = aIdType; };
+ inline void SetReserved() { PUT16(&u.iData16[3], 0); u.iData8[5] = 0; };
+ inline TUint8 *IdData() {return (TUint8*)((TUint8*)this + sizeof(*this));}
+ inline TUint8 GetNextPayload() { return u.iData8[0]; }
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Authentication Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Auth Method ! RESERVED !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Authentication Data ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TAuthPayloadIkev2
+{
+ public:
+ static inline TAuthPayloadIkev2 *Cast(const TAny* aPayload) { return (TAuthPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TAuthPayloadIkev2); }
+ inline TUint8 GetAuthMethod() { return u.iData8[4]; };
+ inline void SetAuthMethod(TUint8 aMethod) { u.iData8[4] = aMethod; };
+ inline void SetReserved() { PUT16(&u.iData16[3], 0); u.iData8[5] = 0; };
+ inline TUint8 *AuthData() {return (TUint8*)((TUint8*)this + sizeof(*this));}
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Traffic Selector Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Number of TSs ! RESERVED !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ <Traffic Selectors> ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TTSPayloadIkev2
+{
+ public:
+ static inline TTSPayloadIkev2 *Cast(const TAny* aPayload) { return (TTSPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TTSPayloadIkev2); }
+ inline TUint8 GetNumberOfTs() { return u.iData8[4]; };
+ inline void SetNumberOfTs(TUint8 aNumber) { u.iData8[4] = aNumber; };
+ inline void SetReserved() { PUT16(&u.iData16[3], 0); u.iData8[5] = 0; };
+ inline TUint8* TrafficSelectors() {return (TUint8*)((TUint8*)this + sizeof(*this));}
+ inline TUint8 GetNextPayload() { return u.iData8[0]; }
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Traffic Selector
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! TS Type !IP Protocol ID*| Selector Length |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// | Start Port* | End Port* |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Starting Address* ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Ending Address* ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TTrafficSelector
+{
+ public:
+ static inline TTrafficSelector* Cast(const TAny* aPayload) { return (TTrafficSelector *)aPayload;}
+ static inline TInt Size() { return sizeof(TTrafficSelector); }
+ inline void Init() { PUT32(&u.iData8[0], 0); PUT32(&u.iData8[4], 0); };
+ inline void SetLength(TUint16 aLth) { PUT16(&u.iData8[2], aLth); };
+ inline void SetType(TUint8 aType) { u.iData8[0] = aType; };
+ inline void SetProtocol(TUint8 aProt) { u.iData8[1] = aProt; };
+ inline void SetStartPort(TUint16 aPort) { PUT16(&u.iData8[4], aPort); };
+ inline void SetEndPort(TUint16 aPort) { PUT16(&u.iData8[6], aPort); };
+ inline TUint16 Length() const { return (TUint16)GET16(&u.iData8[2]); };
+ inline TUint16 StartPort() const { return (TUint16)GET16(&u.iData8[4]); };
+ inline TUint16 EndPort() const { return (TUint16)GET16(&u.iData8[6]); };
+ inline TUint8 Protocol() const { return u.iData8[1]; };
+ inline TUint8 Type() const { return u.iData8[0]; };
+ inline const TUint8 *Addresses() const {return (TUint8*)((TUint8*)this + sizeof(*this));}
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+
+//
+// Certificate Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Cert Encoding ! !
+// +-+-+-+-+-+-+-+-+ !
+// ~ Certificate Data ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TCertPayloadIkev2
+{
+ public:
+ static inline TCertPayloadIkev2 *Cast(const TAny* aPayload) { return (TCertPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TPayloadIkev2) + sizeof(char); }
+ inline TUint8 GetEncoding() const { return u.iData8[4]; };
+ inline void SetEncoding(TUint8 aEncoding) { u.iData8[4] = aEncoding; };
+ inline TUint8 *Certificate() const {return (TUint8*)((TUint8*)this + Size());}
+ inline TUint8 GetNextPayload() const { return u.iData8[0]; }
+
+ private:
+ union
+ {
+ TUint8 iData8[5];
+ } u;
+};
+//
+// Certificate Request Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Cert Encoding ! !
+// +-+-+-+-+-+-+-+-+ !
+// ~ Certification Authority ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TCReqPayloadIkev2
+{
+ public:
+ static inline TCReqPayloadIkev2 *Cast(const TAny* aPayload) { return (TCReqPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TPayloadIkev2) + sizeof(char); }
+ inline TUint8 GetEncoding() const { return u.iData8[4]; };
+ inline void SetEncoding(TUint8 aEncoding) { u.iData8[4] = aEncoding; };
+ inline TUint8* Authority() const {return (TUint8*)((TUint8*)this + Size());}
+ inline TUint8 GetNextPayload() { return u.iData8[0]; }
+
+ private:
+ union
+ {
+ TUint8 iData8[5];
+ } u;
+};
+
+//
+// Notify Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Protocol ID ! SPI Size ! Notify Message Type !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Security Parameter Index (SPI) ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Notification Data ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TNotifPayloadIkev2
+{
+ public:
+ static inline TNotifPayloadIkev2 *Cast(const TAny* aPayload) { return (TNotifPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TNotifPayloadIkev2); }
+ inline TUint8 GetProtocolId() { return u.iData8[4]; };
+ inline void SetProtocolId(TUint8 aProtId) { u.iData8[4] = aProtId; };
+ inline TUint8 GetSPISize() const { return u.iData8[5]; }
+ inline void SetSPISize(TUint8 aSpiSize) { u.iData8[5] = aSpiSize; }
+ inline TUint16 GetMsgType() const { return (TUint16)GET16(&u.iData16[3]); };
+ inline void SetMsgType(TUint16 aType) { PUT16(&u.iData16[3], aType); };
+ inline TUint8* SPI() {return (TUint8*)((TUint8*)this + sizeof(*this));}
+ inline TUint8* NotifData() const {return (TUint8*)((TUint8*)this + Size() + GetSPISize());}
+ inline TUint NotifDataLength() const { return TPayloadIkev2::Cast(this)->GetLength() - Size() - GetSPISize(); }
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Delete Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Protocol ID ! SPI Size ! # of SPIs !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Security Parameter Index(es) (SPI) ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TDeletePlIkev2
+{
+ public:
+ static inline TDeletePlIkev2 *Cast(const TAny* aPayload) { return (TDeletePlIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TDeletePlIkev2); }
+ inline TUint8 GetProtocolId() const { return u.iData8[4]; };
+ inline void SetProtocolId(TUint8 aProtId) { u.iData8[4] = aProtId; };
+ inline TUint8 GetSPISize() const { return u.iData8[5]; }
+ inline void SetSPISize(TUint8 aSpiSize) { u.iData8[5] = aSpiSize; }
+ inline TUint16 GetNbrOfSpis() const { return (TUint16)GET16(&u.iData16[3]); };
+ inline void SetNbrOfSpis(TUint16 aType) { PUT16(&u.iData16[3], aType); };
+ inline const TUint8* SPIs() const {return (TUint8*)((TUint8*)this + sizeof(*this));}
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+//
+// Configuration Payload
+// 1 2 3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! Next Payload !C! RESERVED ! Payload Length !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! CFG Type ! RESERVED !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// ! !
+// ~ Configuration Attributes ~
+// ! !
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+class TCPPayloadIkev2
+{
+ public:
+ static inline TCPPayloadIkev2 *Cast(const TAny* aPayload) { return (TCPPayloadIkev2 *)aPayload;}
+ static inline TInt Size() { return sizeof(TCPPayloadIkev2); }
+ inline TUint8 GetCFGType() { return u.iData8[4]; };
+ inline void SetCFGType(TUint8 aCFGType) { u.iData8[4] = aCFGType; };
+ inline void SetReserved() { PUT16(&u.iData16[3], 0); u.iData8[5] = 0; };
+ inline TDataAttributes* Attributes() {return (TDataAttributes*)((TUint8*)this + sizeof(*this));}
+
+ private:
+ union
+ {
+ TUint32 iData32[2];
+ TUint16 iData16[4];
+ TUint8 iData8[8];
+ } u;
+
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2pfkey.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility methods to handle PFKEY messaging
+*
+*/
+#ifndef __IKEV2PFKEY
+#define __IKEV2PFKEY
+
+#include <e32base.h>
+
+class CIkev2Acquire;
+class TIkeV2IpsecSAData;
+class TIkev2SAData;
+class CIkev2PluginSession;
+
+class Ikev2Pfkey
+{
+ public:
+ static void UpdateIpsecSaDataBaseL(const TIkev2SAData& aIkev2SA,
+ const TIkeV2IpsecSAData& aChild,
+ CIkev2PluginSession& aIkePluginSession,
+ CIkev2Acquire& aAcquire);
+
+ static CIkev2Acquire* DeleteInboundSPI(const TIkev2SAData& aIkev2SA,
+ CIkev2PluginSession& aIkePluginSession,
+ CIkev2Acquire* aAcquire);
+
+ private:
+ static const TUint8* GetIpsecKeys(TPtrC8* aEncrKey, TPtrC8* aIntegKey, const TUint8* aKeyMaterial, TInt aCipherKeyLth, TInt aIntegKeyLth);
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2plugin.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE v2 Protocol plug-in.
+*
+*/
+#if !defined(__IKEV2PLUGIN_H__)
+#define __IKEV2PLUGIN_H__
+
+#include <e32base.h>
+#include <ipsecpolapi.h>
+
+#include "ikepluginif.h"
+#include "pfkeysocketif.h"
+
+class CIkev2PluginSession;
+class CIpsecSaSpecList;
+class CIpsecPolicyUtil;
+
+
+NONSHARABLE_CLASS(CIkev2PlugIn) : public CBase,
+ public MIkePluginIf,
+ public MPFKeyMessageListener
+
+/**
+* IKEv2 protocol plugin
+* @internalComponent
+*/
+ {
+public:
+ static CIkev2PlugIn* NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ ~CIkev2PlugIn();
+
+ MIkePluginSessionIf* CreateSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aIkeDataInterface );
+
+ void PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage );
+ void PluginSessionDeleted(const MIkePluginSessionIf* aDeletedSession);
+
+private:
+ CIkev2PlugIn( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+
+ RPointerArray<CIkev2PluginSession> iPluginSessions;
+ MKmdEventLoggerIf& iEventLogger;
+ MIkeDebug& iDebug;
+
+ CPFKeySocketIf* iPfKeySocketIf;
+ CIpsecPolicyUtil* iIpsecPolicyUtil;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2pluginsession.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,303 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 plugin session, handles one IKEv2 vpn connection
+*
+*/
+
+#ifndef C_IKEV2PLUGINSESSION_H
+#define C_IKEV2PLUGINSESSION_H
+
+#include <e32base.h>
+
+#include "ikepluginsessionif.h"
+#include "ikev2receiver.h"
+#include "ikev2deactivationtimer.h"
+
+
+class MIkeDataInterface;
+class CIkev2PlugIn;
+class MKmdEventLoggerIf;
+class MIkeDebug;
+class CIkev2Negotiation;
+class CIkev2SA;
+class TIkev2SAData;
+class TIkeV2IpsecSAData;
+class CIkev2Receiver;
+class TIpsecSaSpec;
+class TIpsecSAData;
+class TPfkeyMessage;
+class CIpsecSaSpecList;
+class CPFKeySocketIf;
+class CIpsecPolicyUtil;
+class CIkev2MessageSendQueue;
+
+
+NONSHARABLE_CLASS(CIkev2PluginSession) : public CBase,
+ public MIkePluginSessionIf,
+ public MIkev2ReceiverCallback,
+ public MIkev2DeactivationTimerCallback
+ {
+public:
+ static CIkev2PluginSession* NewL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev2PlugIn& aPlugin,
+ CPFKeySocketIf& aPfKeySocketIf,
+ CIpsecPolicyUtil& aIpsecPolicyUtil,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ ~CIkev2PluginSession();
+
+ /**
+ * Starts negotiation with a peer.
+ *
+ * @param aIkeData IKE policy data
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus Completion status (returned)
+ */
+ void NegotiateWithHost( const CIkeData& aIkeData,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels negotiate request. DeleteSession() method needs to be called
+ * after this method to delete session.
+ */
+ void CancelNegotiateWithHost();
+
+ /**
+ * Deletes session. IKE/IPSec SA:s are deleted.
+ *
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to peer)
+ * @param aStatus Completion status (returned)
+ */
+ void DeleteSession( const TBool aSilentClose,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels deletion requests. IKE/IPSec SA:s are deleted.
+ */
+ void CancelDeleteSession();
+
+ void NotifyError( TRequestStatus& aStatus );
+
+ /**
+ * Cancels error notification request.
+ */
+ void CancelNotifyError();
+
+
+ /**
+ * Requests notification about change of internal address.
+ *
+ * @param aStatus Completion status (returned)
+ */
+ void NotifyInternalAddressChanged( TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels internal address notification request.
+ */
+ void CancelNotifyInternalAddressChanged();
+
+ void IkeMessageReceivedL( const ThdrISAKMP& aIkeMessage,
+ const TInetAddr &aRemote,
+ TUint16 aLocalPort );
+
+ void LinkNegotiation( CIkev2Negotiation* aNegotiation );
+ void RemoveNegotiation( CIkev2Negotiation* aNegotiation );
+
+ CIkev2SA* FindIkev2SA( TUint32 aSAId,
+ TInt aRequiredState,
+ TInt aNewState );
+ TBool UpdateIkev2SAL( TIkev2SAData* aIkev2SAData,
+ TIkeV2IpsecSAData* aIpsecSAData );
+ TIkeV2IpsecSAData* FindIpsecSAData( TUint32 aSAId,
+ const TDesC8& aSpi,
+ TBool aInbound );
+ void DeleteIkev2SA( TUint32 aSAId );
+
+ TUint32 GetSAId();
+ TBool CreateIkev2SAL( TIkev2SAData& aIkev2SAData );
+
+ void IkeSaCompleted( TInt aStatus,
+ TVPNAddress& aInternalAddress );
+ void VirtualIpChanged( TVPNAddress& VirtualIp );
+
+ void StartResponding();
+ void StopResponding();
+
+ void DeleteIpsecSAData( TUint32 aSAId,
+ const TDesC8& aSpi,
+ TBool aInbound );
+
+ void IkeSaDeleted( TInt aStatus );
+
+ CIpsecSaSpecList* GetIPsecSaSpecListL( const TInetAddr& aLocalAddr,
+ const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr,
+ const TInetAddr& aRemoteMask,
+ TInt aProtocol );
+
+ TBool InheritIpsecSas( TUint32 aDstSAId,
+ TUint32 aSrcSAId );
+
+ TUint32 VpnInterfaceIndex() const;
+ TBool RemoteAddrChanged( TIkev2SAData* aIkev2SAData,
+ TInetAddr& aNewIp );
+
+ void KeepAliveIkeSAL( TIkev2SAData* aIkev2SAdata );
+ CIkev2Negotiation* FindNegotiation( TUint32 aSAId,
+ TInt aRequiredState );
+
+ TBool DeleteIkeSAL( TIkev2SAData* aIkev2SAdata,
+ TBool aNormal );
+ void RekeyIkeSAL( TIkev2SAData* aIkev2SAdata );
+
+ void DeleteIpsecSA( const TUint32 aSPI,
+ const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ const TUint8 aProtocol );
+
+ void AddSAL( const TIpsecSAData& aSAData );
+ void UpdateSAL( const TIpsecSAData& aSAData );
+
+ void PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage );
+
+ TBool MatchDestinationAddress( const TInetAddr& aDestAddr ) const;
+
+// from base class MIkev2ReceiverCallback
+
+ /**
+ * From MIkev2ReceiverCallback.
+ * Notification about received IKE message.
+ * @param aIkeMsg IKE message
+ * @param aSrcAddr Source IP address/port
+ * @param aLocalPort Local port
+ */
+ void IkeMsgReceived( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort);
+
+ /**
+ * From MIkev2ReceiverCallback.
+ * Notification about receive error.
+ * @param aStatus Error value
+ */
+ void ReceiveError( TInt aError );
+
+
+// from base class MIkev2DeactivationTimerCallback
+
+ /**
+ * From MIkev2DeactivationTimerCallback
+ * Notification about deactivation timeout.
+ */
+ void DeactivationTimeout();
+
+
+private:
+ CIkev2PluginSession( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev2PlugIn& aPlugin,
+ CPFKeySocketIf& aPfKeySocketIf,
+ CIpsecPolicyUtil& aIpsecPolicyUtil,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+
+ void DoNegotiateWithHostL( const CIkeData& aIkeData );
+ void DoDeleteIkeSAExhangeL( TIkev2SAData& aIkev2SAdata );
+
+ TIkev2SAData* FindIkev2SAData( TUint32 aSAId,
+ TInt aRequiredState,
+ TInt aNewState );
+ TBool CheckIkeMessageHeader( const ThdrISAKMP& aIkeMessage,
+ TUint32& NegotiationId );
+ void PfkeyMessageReceivedL( const TPfkeyMessage& aPfkeyMessage );
+
+ /**
+ * Handles completion of client's negotiate request.
+ * @param aStatus Status
+ */
+ void DoCompleteNegotiateWithHost( TInt aStatus );
+
+ /**
+ * Handles completion of client's delete session request.
+ * @param aStatus Status
+ */
+ void DoCompleteDeleteSession( TInt aStatus );
+
+ /**
+ * Handles completion of client's notify error request.
+ * @param aStatus Status
+ */
+ void DoCompleteNotifyError( TInt aStatus );
+
+ /**
+ * Cancels active operations.
+ */
+ void DoCancelActiveOperations();
+
+ /**
+ * Cancels data transfer.
+ */
+ void DoCancelDataTransfer();
+
+private: // data
+
+ TUint32 iVpnIapId;
+ TUint32 iVpnNetId;
+ MIkeDataInterface& iDataInterface;
+ CIkev2PlugIn& iPlugin;
+ CPFKeySocketIf& iPfKeySocketIf;
+ CIpsecPolicyUtil& iIpsecPolicyUtil;
+ MKmdEventLoggerIf& iEventLogger;
+ MIkeDebug& iDebug;
+
+ TUint32 iSAIdSeed;
+ TUint32 iVpnInterfaceIndex;
+
+
+ TRequestStatus* iClientStatusNegotiate;
+ TVPNAddress* iInternalAddress; //Not owned by this class
+ CIkeData* iIkeData;
+
+ CIkev2Negotiation* iFirstNegotiation;
+ CIkev2SA* iFirstIkev2SA;
+
+ TRequestStatus* iClientStatusDelete;
+
+ CIkev2Receiver* iReceiver;
+ CIkev2MessageSendQueue* iMessageSendQue;
+
+ TRequestStatus* iClientStatusInternalAddressChange;
+ TVPNAddress* iChangedInternalAddress;
+
+ TUint32 iCurrIkeSaRespCount;
+
+ TRequestStatus* iClientStatusNotifyError;
+
+ CIkev2DeactivationTimer* iDeactivationTimer;
+ TBool iActivated;
+ };
+
+
+#endif //C_IKEV2PLUGINSESSION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2proposal.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,73 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Proposal handling.
+*
+*/
+
+
+#ifndef __IKEV2PROPOSAL_H_
+#define __IKEV2PROPOSAL_H_
+#include <e32base.h>
+#include "ikepolparser.h"
+#include "ikemsgheader.h"
+
+class CIkev2Payloads;
+class TPayloadIkev2;
+class TProposalIkev2;
+class TTransformIkev2;
+class CIkeV2Identity;
+class TIkev2SAData;
+class TIkeV2IpsecSAData;
+
+class Ikev2Proposal
+{
+public:
+ static HBufC8* FromPolicyToProposaL(TIkev2SAData& aIkeSaData,
+ const TDesC8& aRekeySpi,
+ TInt aDHGroupGuess,
+ TBool aRekey=EFalse);
+ static HBufC8* BuildSaResponseL(TProposalIkev2* aAcceptedProp, CIkev2Payloads* aAcceptedTrans);
+ static TBool GetSelectedProposalData(TIkev2SAData& aIkev2SaData,
+ TIkeV2IpsecSAData& aChildSaData,
+ const CIkev2Payloads& aAcceptedProp,
+ const TProposalIkev2& aProp);
+ static TBool VerifySaResponseL(TIkev2SAData& aIkeSaData,
+ TIkeV2IpsecSAData& aIpsecSaData,
+ const TDesC8& aReferenceSaData,
+ const CIkev2Payloads& aRespProp);
+ static TBool VerifySaRequestAndGetProposedSaBufferL(TIkev2SAData& aIkeSaData,
+ TIkeV2IpsecSAData& aIpsecSaData,
+ const TDesC8& aReferenceSaData,
+ const CIkev2Payloads& aProposed,
+ HBufC8*& aProposedSaBuffer);
+ static TBool VerifyProposaL(CIkev2Payloads* aReference, TProposalIkev2* aProposal, TIkev2SAData& aIkev2SaData);
+ static TBool CompareTransforms(CArrayFixFlat<TTransformIkev2*>* aRefTrans,
+ CArrayFixFlat<TTransformIkev2*>* aTrans);
+ static HBufC8* GetPSKFromPolicyL(CIkeData* aHostData);
+ static TBool IkeSaRekey(CIkev2Payloads* aIkeMsg);
+ static TBool GetRekeySpi(CIkev2Payloads* aIkeMsg, TIkeSPI& aSPI);
+ static void ChangeSpiInProposal(HBufC8* aSaBfr, TIkeSPI& aSPI);
+ static TUint16 GetDHGroup(TInt aDHGroup);
+ static CIkeV2Identity* GetRemoteIdentityL(CIkeData* aHostData);
+
+ static inline TBool PkiServiceNeeded(CIkeData* aHostData)
+ {
+ ASSERT(aHostData);
+ if ( aHostData->iCAList && aHostData->iCAList->Count() )
+ return ETrue;
+ else return EFalse;
+ }
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2receiver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,154 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver of UDP datagrams
+*
+*/
+
+
+#ifndef C_IKEV2RECEIVER_H
+#define C_IKEV2RECEIVER_H
+
+#include <e32base.h>
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+class MIkeDataInterface;
+class ThdrISAKMP;
+
+/**
+ * IKEv2 receiver callback interface.
+ * Callback interface which is used by CIkev2Receiver object to notify
+ * about received IKE message.
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(MIkev2ReceiverCallback)
+ {
+public:
+ /**
+ * Notifies about received IKE message.
+ *
+ * @param aIkeMsg IKE message
+ * @param aSrcAddr Source IP address/port
+ * @param aLocalPort Local port
+ */
+ virtual void IkeMsgReceived( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort ) = 0;
+
+ /**
+ * Notifies about receive error.
+ * @param aStatus Error value
+ */
+ virtual void ReceiveError( TInt aError ) = 0;
+ };
+
+/**
+ * IKEv2 receiver.
+ * Active object provides functionality for receiving UDP datagrams.
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev2Receiver) : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDataInterface IKE data interface
+ * @param aCallback Callback interface
+ */
+ static CIkev2Receiver* NewL( MIkeDataInterface& aDataInterface,
+ MIkev2ReceiverCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CIkev2Receiver();
+
+ /**
+ * Starts receiving.
+ */
+ void StartReceive();
+
+ /**
+ * Stops receiving.
+ */
+ void StopReceive();
+
+private:
+
+ CIkev2Receiver( MIkeDataInterface& aDataInterface,
+ MIkev2ReceiverCallback& aCallback );
+
+ void ConstructL();
+
+ /**
+ * Receives UDP data.
+ */
+ void DoReceive();
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of receive.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of receive.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * UDP data.
+ * Own.
+ */
+ HBufC8* iUdpData;
+
+ /**
+ * Source IP address/port.
+ * Own.
+ */
+ TInetAddr iSrcAddr;
+
+ /**
+ * Local port.
+ * Own.
+ */
+ TInt iLocalPort;
+
+ /**
+ * Informs if data is received.
+ * Own.
+ */
+ TBool iReceivingData;
+
+ /**
+ * IKE data interface.
+ * Not own.
+ */
+ MIkeDataInterface& iDataInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkev2ReceiverCallback& iCallback;
+ };
+
+#endif // C_Ikev2Receiver_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2retransmittimer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,69 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Timer to trigger IKE request resend, if do not obtain a reply
+*
+*/
+
+#ifndef C_IKEV2RETRANSMITTIMER_H
+#define C_IKEV2RETRANSMITTIMER_H
+
+#include <e32base.h>
+
+/**
+ * IKEv2 retransmit timer callback interface.
+ * Callback interface which is used by CIkev2RetransmitTimer object to request
+ * IKE request resend.
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(MIkev2RetransmitTimerCallback)
+ {
+public:
+ /**
+ * Request IKE request resend.
+ */
+ virtual void RetransmitRequest() = 0;
+ };
+
+/**
+ * IKEv2 retransmit timer.
+ * Triggers IKE request retransmit after timeout.
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev2RetransmitTimer) : public CTimer
+{
+public:
+ static CIkev2RetransmitTimer* NewL( MIkev2RetransmitTimerCallback& aCallback );
+ ~CIkev2RetransmitTimer();
+
+ /**
+ * Issues a reques to the timer.
+ * The actual time out value is calculated:
+ * timeout = aSendAttempt * 1 second;
+ *
+ * @param aSendAttempt the current send attempt count
+ */
+ void IssueRequest( TUint16 aSendAttempt );
+
+protected:
+ void RunL();
+
+private:
+ CIkev2RetransmitTimer( MIkev2RetransmitTimerCallback& aCallback );
+
+private: // data
+ MIkev2RetransmitTimerCallback& iCallback;
+};
+#endif // C_IKEV2RETRANSMITTIMER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2sender.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,116 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender of UDP datagrams
+*
+*/
+
+
+#ifndef C_IKEV2SENDER_H
+#define C_IKEV2SENDER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class MIkeDataInterface;
+class TInetAddr;
+
+/**
+ * IKEv2 sender callback interface.
+ * Callback interface which is used by CIkev2Sender object to notify
+ * about completion of sending.
+ *
+ * @lib internal (ikev2lib.lib)
+ */
+NONSHARABLE_CLASS(MIkev2SenderCallback)
+ {
+public:
+ /**
+ * Notifies about completion of sending.
+ *
+ * @param aStatus Completion status
+ * @param aMsg IKE message
+ */
+ virtual void SendIkeMsgCompleted( TInt aStatus ) = 0;
+
+ };
+
+/**
+ * IKEv1 sender.
+ * Active object provides functionality for sending UDP datagrams.
+ *
+ * @lib internal (ikev1lib.lib)
+ */
+NONSHARABLE_CLASS(CIkev2Sender) : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aDataInterface IKE data interface
+ * @param aCallback Callback interface
+ */
+ static CIkev2Sender* NewL( MIkeDataInterface& aDataInterface,
+ MIkev2SenderCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CIkev2Sender();
+
+ /**
+ * Sends IKE message.
+ * @param aLocalPort Local port
+ * @param aDestAddr Destination IP address/port
+ * @param aIkeMsg IKE message
+ */
+ void SendIkeMsg( TInt aLocalPort,
+ TInetAddr& aDestAddr,
+ TUint8 aDscp,
+ const TDesC8& aIkeMsg );
+
+
+private:
+
+ CIkev2Sender( MIkeDataInterface& aDataInterface,
+ MIkev2SenderCallback& aCallback );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous sending.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous sending.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * IKE data interface.
+ * Not own.
+ */
+ MIkeDataInterface& iDataInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkev2SenderCallback& iCallback;
+ };
+
+#endif // C_IKEV2SENDER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ikev2trafficselector.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,73 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class that represents traffic selectors in IKEv2
+*
+*/
+
+
+#ifndef IKEV2TRAFFICSELECTOR_H_
+#define IKEV2TRAFFICSELECTOR_H_
+
+#include <e32base.h>
+#include <in_sock.h>
+
+class TIkeV2TrafficSelector
+ {
+public:
+
+ /**
+ * Parses the traffic selector from IKEv2 datagrams
+ * TrafficSelector payloads TrafficSelector
+ *
+ * If the traffic selector can not be parsed, the method leaves with
+ * KErrArgument.
+ */
+ static TIkeV2TrafficSelector* NewL(const TDesC8& aIkeV2TrafficSector);
+
+ TIkeV2TrafficSelector(TInetAddr aStartingAddress, TInetAddr aEndingAddress, TUint8 aProtocolId);
+ TIkeV2TrafficSelector(const TIkeV2TrafficSelector& aTrafficSelector);
+
+ TInetAddr StartingAddress() const;
+ TInetAddr EndingAddress() const;
+ TInetAddr Mask() const;
+
+ TUint8 ProtocolId() const;
+
+ /**
+ * Possible values are:
+ * TS_IPV4_ADDR_RANGE and TS_IPV6_ADDR_RANGE
+ */
+ TUint8 Type() const;
+ HBufC8* IdFromTsL() const;
+
+ bool operator>(const TIkeV2TrafficSelector& aOtherSelector) const;
+ bool operator<(const TIkeV2TrafficSelector& aOtherSelector) const;
+ bool operator!=(const TIkeV2TrafficSelector& aOtherSelector) const;
+ bool operator==(const TIkeV2TrafficSelector& aOtherSelector) const;
+ bool operator>=(const TIkeV2TrafficSelector& aOtherSelector) const;
+ bool operator<=(const TIkeV2TrafficSelector& aOtherSelector) const;
+
+private:
+
+ TInetAddr CalcuateMask() const;
+
+ TInetAddr iStartingAddress; //start address and port
+ TInetAddr iEndingAddress; //end address and port
+
+ TInetAddr iMask; //Calculated from iStartingAddress and iEndingAddress
+ TUint8 iProtocolId;
+ };
+
+
+#endif /* IKEV2TRAFFICSELECTOR_H_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ipsecproposal.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec Proposal handling.
+*
+*/
+
+#ifndef __IPSECPROPOSAL_H_
+#define __IPSECPROPOSAL_H_
+#include <e32base.h>
+
+class TPfkeyMessage;
+class TPayloadIkev2;
+class CIpsecSaSpecList;
+
+class IpsecProposal
+{
+public:
+ static HBufC8* BuildIpsecSaRequestL(const TPfkeyMessage& aPfkeyMessage, TUint16 aDHGroup);
+ static HBufC8* BuildIpsecSaRequestL(const TUint8 aSaType,
+ const TUint8 aEncryptAlg, const TUint16 aEncryptMaxbits,
+ const TUint8 aAuthAlg, const TUint16 aFlags, TUint16 aDHGroup);
+ static HBufC8* BuildIpsecSaFromPolicyL(const CIpsecSaSpecList& aSaList, TUint16 aDhGroup);
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/inc/ipsecselectors.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,54 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec Traffic Selector handling.
+*
+*/
+
+#ifndef __IPSECSELECTORS_H_
+#define __IPSECSELECTORS_H_
+#include <e32base.h>
+
+class TPfkeyMessage;
+class TTSPayloadIkev2;
+class TTrafficSelector;
+class TInetAddr;
+class TPfkeyIdentity;
+class CIkev2Acquire;
+class CIkev2PluginSession;
+class CIkev2Payloads;
+class TIkeV2TrafficSelector;
+class CIkev2PluginSession;
+
+class IpsecSelectors
+{
+public:
+ /**
+ * Add aDhGroup, if PFS is used.
+ */
+ static CIkev2Acquire* GetIpsecPolicyL(CIkev2PluginSession& aPluginSession, CIkev2Payloads* aIkeMsg, TInt aDhGroup = 0);
+ static CIkev2Acquire* BuildVirtualAcquireL(CIkev2PluginSession& aPluginSession);
+ static TBool VerifyTrafficSelectorsL(CIkev2Acquire* aAcquire, TTSPayloadIkev2* aTsI, TTSPayloadIkev2* aTsR );
+ static void BuildTrafficSelectorsL(CIkev2Acquire* aAcquire, const TInetAddr& aLocalAddr,
+ const TPfkeyIdentity& aSrcIdent, const TPfkeyIdentity& aDstIdent,
+ TUint8 aProtocol);
+ static TIkeV2TrafficSelector IdentityToSelectorL(const TDesC8& aIdentity, TUint8 aProtocol=0);
+ static TBool GetRangeEndAddresses(TInetAddr& aStartAddr, TInetAddr& aEndAddr, TInt aPrefixLen);
+ static TBool ValidataTs(const CArrayFix<TIkeV2TrafficSelector>& aTsRef,
+ const CArrayFix<TIkeV2TrafficSelector>& aTs);
+ static TBool CheckPorts(TUint16 aStartRef, TUint16 aEndRef, TUint16 aStart, TUint16 aEnd );
+ static TBool CheckAddresses(TUint8 aType, TUint8* aRefAddresses, TUint8* aAddresses );
+
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/rom/ikev2lib.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* IKEv2 Protocol Plug-in
+*
+*/
+
+
+
+#ifndef __IKEV2LIB_IBY__
+#define __IKEV2LIB_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature IKEV2LIB not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\ikev2lib.dll SHARED_LIB_DIR\ikev2lib.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __IKEV2LIB_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/Ikev2Config.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,273 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This class is used to handle IKEv2 configuration payload attributes.
+*
+*/
+
+#include "ikedebug.h"
+#include "ikev2config.h"
+#include "ikev2payloads.h"
+#include "ikev2const.h"
+#include "internaladdress.h"
+#include "ipsecselectors.h"
+#include "ikev2acquire.h"
+#include "ikev2trafficselector.h"
+
+CIkev2Config* CIkev2Config::NewL(CIkev2Acquire* aAcquire, TInetAddr* aRemoteIp)
+{
+ CIkev2Config* Config = new (ELeave)CIkev2Config();
+ CleanupStack::PushL(Config);
+ Config->ConstructL(aAcquire, aRemoteIp);
+ CleanupStack::Pop(Config);
+ return Config;
+}
+
+CIkev2Config::~CIkev2Config()
+ {
+ delete iCp;
+ }
+
+
+TBool CIkev2Config::ProcessCpL(TCPPayloadIkev2* Cp)
+{
+ ASSERT(Cp);
+ //
+ // Process received CP payload according to message type
+ // If CP request is going and reply received parse attributes to get
+ // Virtual IP and possible DNS addresses. If INTERNAL_ADDRESS_EXPIRY
+ // present save it into object too. (used as IKE SA lifetime).
+ // If CP request received sanity check attributes (CFG_REPLY has
+ // already been built on constructor ConstructL().
+ // All other messages (CFG_SET and CFG_ACK) are silently discarded
+ //
+ TBool Status = EFalse;
+
+ if ( (Cp->GetCFGType() == CFG_REQUEST) || (Cp->GetCFGType() == CFG_REPLY) )
+ {
+ Status = ETrue;
+
+ TInt AttrLth;
+ TUint32 Ipv4Addr;
+ TIp6Addr Ipv6Addr; //IPV6 raw address
+ TDataAttributes* Attribute = Cp->Attributes();
+ TInt Lth = (TInt)(TPayloadIkev2::Cast(Cp)->GetLength()) - TCPPayloadIkev2::Size();
+
+ while ( Status && Lth )
+ {
+ AttrLth = (TInt)Attribute->GetValue();
+ switch ( Attribute->GetType() )
+ {
+
+ case INTERNAL_IP4_ADDRESS:
+ if ( (AttrLth == 0) || (AttrLth == 4) )
+ {
+ if (AttrLth == 4)
+ {
+ Ipv4Addr = GET32(Attribute->Data());
+ iVIP.iVPNIfAddr.SetAddress(Ipv4Addr);
+ }
+ }
+ else Status = EFalse;
+ break;
+
+ case INTERNAL_IP4_DNS:
+ if ( (AttrLth == 0) || (AttrLth == 4) )
+ {
+ if (AttrLth == 4)
+ {
+ Ipv4Addr = GET32(Attribute->Data());
+
+ //Only two DNS server addresses supported
+ if (iVIP.iVPNIfDNS1.IsUnspecified())
+ {
+ iVIP.iVPNIfDNS1.SetAddress(Ipv4Addr);
+ }
+ else if (iVIP.iVPNIfDNS2.IsUnspecified())
+ {
+ iVIP.iVPNIfDNS2.SetAddress(Ipv4Addr);
+ }
+ }
+ }
+ else Status = EFalse;
+ break;
+
+ case INTERNAL_ADDRESS_EXPIRY:
+ if ( (AttrLth == 0) || (AttrLth == 4) )
+ {
+ if ( AttrLth == 4 )
+ {
+ iAddressExpiry = GET32(Attribute->Data());
+ }
+ }
+ else Status = EFalse;
+ break;
+
+ case INTERNAL_IP6_ADDRESS:
+ if ( (AttrLth == 0) || (AttrLth == 16) )
+ {
+ if ( (AttrLth == 16))
+ {
+ Mem::Copy(&Ipv6Addr.u.iAddr8, Attribute->Data(), sizeof(Ipv6Addr.u.iAddr8));
+ iVIP.iVPNIfAddr.SetAddress(Ipv6Addr);
+ }
+ }
+ else Status = EFalse;
+ break;
+
+ default:
+ //
+ // All other parameters are just ignored
+ //
+ break;
+
+ }
+
+ AttrLth += Attribute->Size();
+ if ( Lth < AttrLth )
+ {
+ Status = EFalse;
+ break; // Error
+ }
+ else Lth -= AttrLth;
+
+ Attribute = Attribute->Next();
+
+ }
+
+ if ( !Status && Cp->GetCFGType() != CFG_REPLY)
+ {
+ delete iCp;
+ iCp = NULL;
+ }
+ }
+
+ return Status;
+}
+
+void CIkev2Config::ConstructL(CIkev2Acquire* aAcquire, TInetAddr* aRemoteIp)
+{
+ ASSERT(aAcquire);
+ //
+ // Build either Config Payload Request or Reply depending on
+ // CIkev2Acquire object "role".
+ // If CIkev2Acquire is a request (=not response) build CFG_REQUEST
+ // If CIkev2Acquire is a response) build CFG_REPLY and replace initiator
+ // Traffic selector in CIkev2Acquire with Traffic selector containing
+ // "dummy" Virtual IP address built from CIkev2Acquire ID.
+ //
+ iCp = HBufC8::NewL(80);
+ TDataAttributes* Attributes = reinterpret_cast<TDataAttributes*>(const_cast<TUint8*>(iCp->Ptr()));
+ TInt AttrLth = 0;
+
+ if ( !aAcquire->Response() )
+ {
+ iCpType = CFG_REQUEST;
+ AttrLth += AddAttribute(Attributes, INTERNAL_IP4_ADDRESS, 0, NULL);
+ Attributes = Attributes->Next();
+ AttrLth += AddAttribute(Attributes, INTERNAL_IP4_DNS, 0, NULL);
+ }
+ else
+ {
+ //
+ // Build "dummy" virtual IPv4
+ //
+ iCpType = CFG_REPLY;
+ TUint32 virtualIp = aAcquire->Id();
+ if ( !aRemoteIp ||
+ ((aRemoteIp->Family() == KAfInet6) && !aRemoteIp->IsV4Mapped() && !aRemoteIp->IsV4Compat()))
+ {
+ //
+ // "Dummy" virtual IPv4 is created from CIkev2Acquire object Id
+ // data. The address format is the following: 10.x.y.z where bit 1 is always 0
+ //
+ virtualIp = aAcquire->Id();
+ virtualIp &= 0xfdfdfd;
+ virtualIp |= 0x0a000000;
+ }
+ else
+ {
+ //
+ // "Dummy" virtual IPv4 is created from original peer
+ // address as follows:
+ // Original address: x.y.z.w ==> Virtual IP: 10.y.z.w
+ // If original address: 10.y.z.w ==> Virtual IP: 172.y.z.w
+ //
+ virtualIp = aRemoteIp->Address();
+ if ( (virtualIp & 0xff000000 ) != 0x0a000000)
+ virtualIp = (virtualIp & 0xffffff) | 0x0a000000;
+ else virtualIp = (virtualIp & 0xffffff) | 0xac000000;
+ }
+ TInetAddr Ipv4Addr;
+ Ipv4Addr.SetAddress(virtualIp);
+ virtualIp = ByteOrder::Swap32(virtualIp);
+ AttrLth += AddAttribute(Attributes, INTERNAL_IP4_ADDRESS, 4, (TUint8*)&virtualIp);
+
+ //
+ // Replace original Initiator Traffic selector with new based
+ // on "virtualIp"
+ //
+ __ASSERT_DEBUG(aAcquire->TS_i().Count() > 0, User::Invariant());
+ TUint8 Protocol = aAcquire->TS_i()[0].ProtocolId();
+
+ CArrayFix<TIkeV2TrafficSelector>* newSelectors =
+ new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(newSelectors);
+ TIkeV2TrafficSelector selector(Ipv4Addr, Ipv4Addr, Protocol);
+ newSelectors->AppendL(selector);
+ aAcquire->ReplaceTS_i(newSelectors);
+ CleanupStack::Pop(newSelectors);
+ }
+ iCp->Des().SetLength(AttrLth);
+}
+
+TInt CIkev2Config::AddAttribute(TDataAttributes* aAttr, TUint8 aType, TInt aLth, TUint8* aData)
+{
+ ASSERT(aAttr);
+ //
+ // Set R-Bit zero by adding attribute as variable length attribute
+ //
+ aAttr->SetVariable();
+ aAttr->SetType(aType);
+ aAttr->SetValue((TUint16)aLth);
+ if ( aLth && aData )
+ Mem::Copy(aAttr->Data(), aData, aLth);
+
+ return (aLth + aAttr->Size());
+}
+
+TPtrC8 CIkev2Config::Cp() const
+ {
+ __ASSERT_DEBUG(iCp != NULL, User::Invariant());
+ return *iCp;
+ }
+
+
+TUint8 CIkev2Config::CpType()const
+ {
+ return iCpType;
+ }
+
+TUint32 CIkev2Config::ExpireTime() const
+ {
+ return iAddressExpiry;
+ }
+
+
+TVPNAddress CIkev2Config::VirtualIp()
+ {
+ TVPNAddress Vip = iVIP;
+ iVIP = TVPNAddress();
+ return Vip;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/Ikev2EapInterface.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,165 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of classes CIkev2EapIf.
+*
+*/
+
+#include <eap_vpn_if.h>
+#include "ikedebug.h"
+#include "ikev2EapInterface.h"
+#include "ikev2payloads.h"
+#include "ikev2const.h"
+#include "ikepolparser.h"
+#include "ikev2plugin.h"
+
+CIkev2EapIf* CIkev2EapIf::NewL(MIkev2EapIfObserver& aEapIfObserver, TUint8 aEapType, CIkeData* aIkeData, MIkeDebug& aDebug)
+ {
+ CIkev2EapIf* eapIf = new (ELeave)CIkev2EapIf(aEapIfObserver, aEapType, aDebug);
+ CleanupStack::PushL(eapIf);
+ eapIf->ConstructL(aIkeData);
+ CleanupStack::Pop(eapIf);
+ return eapIf;
+ }
+
+CIkev2EapIf::CIkev2EapIf(MIkev2EapIfObserver& aEapIfObserver, TUint8 aEapType, MIkeDebug& aDebug)
+:iEapIfObserver(aEapIfObserver), iEapType(aEapType), iDebug(aDebug)
+ {
+ }
+
+void CIkev2EapIf::ConstructL(CIkeData* aIkeData)
+ {
+ //
+ // Construct EAP ECOM plug-in library.
+ // If ECOM plug-in loading fails return an error instead of leaving
+ //
+ DEBUG_LOG(_L("Constructing CEappluginInterface"));
+ iEapPlugin = CEapVpnInterface::NewL(this, ETrue);
+ DEBUG_LOG(_L("Starting CEappluginInterface"));
+ iEapPlugin->StartL(iEapType);
+
+ HBufC8* RealmPrefixBfr = NULL;
+ HBufC8* ManualRealmBfr = NULL;
+ HBufC8* ManualUserNameBfr = NULL;
+ TPtrC8 RealmPrefix(NULL,0);
+ TPtrC8 ManualRealm(NULL,0);
+ TPtrC8 ManualUserName(NULL,0);
+ TBool HideIdentity(EFalse);
+ if ( aIkeData )
+ {
+ HideIdentity = aIkeData->iEAPHideIdentity;
+ if ( aIkeData->iEAPRealmPrefix )
+ {
+ RealmPrefixBfr = aIkeData->iEAPRealmPrefix->GetAsciiDataL();
+ if ( RealmPrefixBfr )
+ RealmPrefix.Set(RealmPrefixBfr->Des());
+ }
+ if ( aIkeData->iEAPManualRealm )
+ {
+ ManualRealmBfr = aIkeData->iEAPManualRealm->GetAsciiDataL();
+ if ( ManualRealmBfr )
+ ManualRealm.Set(ManualRealmBfr->Des());
+ }
+ if ( aIkeData->iEAPManualUserName )
+ {
+ ManualUserNameBfr = aIkeData->iEAPManualUserName->GetAsciiDataL();
+ if ( ManualUserNameBfr )
+ ManualUserName.Set(ManualUserNameBfr->Des());
+ }
+ }
+
+ DEBUG_LOG(_L("Calling CEappluginInterface::EapConfigure"));
+ iErrorStatus = iEapPlugin->EapConfigure(
+ ManualUserName, ManualRealm, RealmPrefix, HideIdentity);
+
+ delete RealmPrefixBfr;
+ delete ManualRealmBfr;
+ delete ManualUserNameBfr;
+ }
+
+CIkev2EapIf::~CIkev2EapIf()
+ {
+ delete iEapPlugin;
+ delete iIdentity;
+ delete iMSK;
+ }
+
+void CIkev2EapIf::EapDataInbound(TPayloadIkev2* aEapPayload)
+ {
+ ASSERT(aEapPayload);
+ //
+ // Pass EAP payload data to EAP plug-in as inbound data
+ //
+ TInt Lth = (TInt)aEapPayload->PlDataLen();
+ TPtrC8 EapData(aEapPayload->PayloadData(), Lth);
+
+ DEBUG_LOG(_L("Calling CEappluginInterface::EapInbound"));
+ iEapPlugin->EapInbound(EapData);
+ }
+
+void CIkev2EapIf::QueryIdentity()
+ {
+ //
+ // Query identity information from EAP plugin for IKE Id
+ //
+ DEBUG_LOG(_L("Calling CEappluginInterface::QueryIdentity"));
+ iEapPlugin->QueryIdentity();
+ }
+
+void CIkev2EapIf::EapOutboundL(HBufC8* aResponse)
+ {
+ //
+ // Pass outgoing EAP data to IKEv2 plug-in
+ //
+ DEBUG_LOG(_L("Data received from CEappluginInterface"));
+ iEapIfObserver.SendEapDataL(aResponse);
+ }
+
+void CIkev2EapIf::EapIdentityResponseL(HBufC8* aResponse)
+ {
+ //
+ // Pass Identity data to IKEv2 plug-in
+ //
+ DEBUG_LOG(_L("Identity received from CEappluginInterface"));
+
+ delete iIdentity;
+ iIdentity = aResponse;
+
+ iEapIfObserver.EapEventL(KEapEventGetIdentity);
+ }
+
+void CIkev2EapIf::EapSharedKeyL(HBufC8* aResponse)
+ {
+ //
+ // Pass pre-shared key material to IKEv2 plug-in
+ //
+ DEBUG_LOG(_L("MSK received from CEappluginInterface"));
+
+ delete iMSK;
+ iMSK = aResponse;
+
+ iEapIfObserver.EapEventL(KEapEventGetPSK);
+ }
+
+void CIkev2EapIf::EapIndication(TNotification aNotification)
+ {
+ //
+ // Pass EAP notification to IKEv2 plug-in
+ //
+ DEBUG_LOG1(_L("EAP indication received from CEappluginInterface: %d"), aNotification);
+
+ TRAP_IGNORE( aNotification == ESuccess ?
+ iEapIfObserver.EapEventL(KEapEventSuccess) :
+ iEapIfObserver.EapEventL(KEapEventFailed) );
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikecrypto.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,332 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Intermediate class between IKEv2 and crypto library.
+*
+*/
+
+
+#include "dhparameters.h"
+#include "ikecrypto.h"
+#include "ikev2const.h"
+
+CDHKeys* CDHKeys::NewL(const TDesC8& aN, const TDesC8& aG)
+{
+ CDHKeys *keys = new (ELeave) CDHKeys();
+ keys->iDHKey = TUtlCrypto::MakeDiffieHellmanL(aN, aG);
+ keys->iModuluslength = aN.Length();
+ return keys;
+}
+
+CDHKeys* CDHKeys::CreateDHKeyL(TUint aGroupDesc)
+{
+ TPtrC8 prime_ptr(NULL, 0);
+ TPtrC8 gen_ptr(NULL, 0);
+
+ switch (aGroupDesc)
+ {
+ case DH_GROUP_768:
+ prime_ptr.Set((TUint8 *)&MODP_768_PRIME[0], MODP_768_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_768_GENERATOR[0], MODP_768_GENERATOR_LENGTH);
+ break;
+ case DH_GROUP_1024:
+ prime_ptr.Set((TUint8 *)&MODP_1024_PRIME[0], MODP_1024_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_1024_GENERATOR[0], MODP_1024_GENERATOR_LENGTH);
+ break;
+ case DH_GROUP_1536:
+ prime_ptr.Set((TUint8 *)&MODP_1536_PRIME[0], MODP_1536_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_1536_GENERATOR[0], MODP_1536_GENERATOR_LENGTH);
+ break;
+ case DH_GROUP_2048:
+ prime_ptr.Set((TUint8 *)&MODP_2048_PRIME[0], MODP_2048_PRIME_LENGTH);
+ gen_ptr.Set((TUint8 *)&MODP_2048_GENERATOR[0], MODP_2048_GENERATOR_LENGTH);
+ break;
+ default: //Cannot happen because checked before!!!
+ User::Leave(KErrNotSupported);
+ }
+
+ CDHKeys *DhKeys = CDHKeys::NewL(prime_ptr, gen_ptr);
+
+ return DhKeys;
+}
+
+HBufC8* CDHKeys::ComputeAgreedKeyL(const TDesC8 &aPeerPublicKey)
+{
+ return (HBufC8*)KValueL(aPeerPublicKey);
+}
+
+
+HBufC8* CDHKeys::GetPubKey()
+{
+ HBufC8* DHPublicKey = (HBufC8*)iPubKey;
+ iPubKey = NULL; // Exclusive ownership of iPubKey buffer is returned to caller
+ return DHPublicKey;
+}
+
+void CDHKeys::XValueL()
+{
+ if ( !iPubKey )
+ iPubKey = iDHKey->GenerateXL();
+}
+
+CDHKeys::~CDHKeys()
+{
+ delete iDHKey;
+}
+
+
+void IkeCrypto::DecryptL(const TUint8* aInput, TUint8* aOutput, TInt aLength,
+ TUint8* aIV, const TDesC8& aKey, TUint16 aEncrAlg)
+{
+ TUtlCrypto::TUtlSymmetricCipherId CipherId;
+ TInt IVLth;
+ IkeCrypto::AlgorithmInfo(IKEV2_ENCR, aEncrAlg, &IVLth, &CipherId);
+
+ if ( !aInput || !aOutput || !aIV )
+ User::Leave(KErrArgument);
+
+ TPtrC8 IvPtr(aIV, IVLth);
+ TPtrC8 CipherText(aInput, aLength);
+ TPtr8 PlainText(aOutput, aLength);
+
+ CUtlSymmetricCipher* UtlCipher =
+ TUtlCrypto::MakeSymmetricDecryptorL(CipherId, aKey, IvPtr);
+ CleanupStack::PushL(UtlCipher);
+ UtlCipher->ProcessFinalL(CipherText, PlainText);
+ CleanupStack::PopAndDestroy(UtlCipher);
+}
+
+
+void IkeCrypto::EncryptL(const TDesC8& aInput, TPtr8& aOutput,
+ const TDesC8& aIv, const TDesC8& aKey, TUint16 aEncrAlg)
+{
+ TUtlCrypto::TUtlSymmetricCipherId CipherId;
+ TInt CbLth;
+ IkeCrypto::AlgorithmInfo(IKEV2_ENCR, aEncrAlg, &CbLth, &CipherId);
+
+ __ASSERT_DEBUG(CbLth == aIv.Length(), User::Invariant());
+ __ASSERT_DEBUG(aInput.Length() % CbLth == 0, User::Invariant());
+ __ASSERT_DEBUG(aInput.Length() <= aOutput.MaxLength(), User::Invariant());
+
+ CUtlSymmetricCipher* UtlCipher =
+ TUtlCrypto::MakeSymmetricEncryptorL(CipherId, aKey, aIv);
+ CleanupStack::PushL(UtlCipher);
+ UtlCipher->ProcessFinalL(aInput, aOutput);
+ CleanupStack::PopAndDestroy(UtlCipher);
+}
+
+TInt IkeCrypto::IntegHMACL(const TDesC8& aInput, TDes8& aChecksum, const TDesC8& aKeyData, TUint16 aIntegAlg)
+{
+ TUtlCrypto::TUtlMessageDigestId DigestId;
+ TInt HmacLth;
+ IkeCrypto::AlgorithmInfo(IKEV2_INTEG, aIntegAlg, &HmacLth, NULL, &DigestId);
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(DigestId, aKeyData);
+
+ const TPtrC8 hash = Digest->Final(aInput);
+
+ //We don't always use the whole hash.
+ //(e.g., HMAC-SHA1-96 uses only first 12 bytes)
+ __ASSERT_DEBUG(hash.Length() >= HmacLth, User::Invariant());
+
+ aChecksum = hash.Left(HmacLth);
+ delete Digest;
+
+ return HmacLth;
+}
+
+HBufC8* IkeCrypto::PrfhmacL(const TDesC8& aInput, const TDesC8& aKeyData, TUint16 aPrfAlg)
+{
+ TUtlCrypto::TUtlMessageDigestId DigestId;
+ TInt PrfLth;
+ IkeCrypto::AlgorithmInfo(IKEV2_PRF, aPrfAlg, &PrfLth, NULL, &DigestId);
+ CUtlMessageDigest* Digest = TUtlCrypto::MakeMessageDigesterL(DigestId, aKeyData);
+ CleanupStack::PushL(Digest);
+
+ HBufC8* checksum = Digest->Final(aInput).AllocL();
+
+ CleanupStack::PopAndDestroy(Digest);
+
+ return checksum;
+
+}
+
+HBufC8* IkeCrypto::PrfL(const TDesC8& aInput, TUint16 aPrfAlg)
+{
+ TUtlCrypto::TUtlMessageDigestId DigestId;
+ TInt PrfLth;
+ IkeCrypto::AlgorithmInfo(IKEV2_PRF, aPrfAlg, &PrfLth, NULL, &DigestId);
+ CUtlMessageDigest* digest = TUtlCrypto::MakeMessageDigesterL(DigestId);
+ CleanupStack::PushL(digest);
+
+ HBufC8* hash = digest->Final(aInput).AllocL();
+
+ CleanupStack::PopAndDestroy(digest);
+
+ return hash;
+
+}
+
+TInt IkeCrypto::AlgorithmInfo(TUint16 aTransform, TUint16 aAlgCode, TInt* aBlockLth,
+ TUtlCrypto::TUtlSymmetricCipherId* aCipherId,
+ TUtlCrypto::TUtlMessageDigestId* aDigestId)
+{
+ TInt KeyLth = 0;
+ TInt BlockLth = 0;
+
+ switch ( aTransform )
+ {
+ case IKEV2_ENCR:
+ switch ( aAlgCode )
+ {
+ case ENCR_DES:
+ KeyLth = 8;
+ BlockLth = 8;
+ if ( aCipherId )
+ *aCipherId = TUtlCrypto::EUtlSymmetricCipherDesCbc;
+ break;
+
+ case ENCR_3DES:
+ KeyLth = 24;
+ BlockLth = 8;
+ if ( aCipherId )
+ *aCipherId = TUtlCrypto::EUtlSymmetricCipher3DesCbc;
+ break;
+
+ case ENCR_AES_CBC:
+ KeyLth = 0;
+ BlockLth = 16;
+ if ( aCipherId )
+ *aCipherId = TUtlCrypto::EUtlSymmetricCipherAesCbc;
+ break;
+
+ case ENCR_NULL:
+ KeyLth = 0;
+ BlockLth = 0;
+ break;
+ default:
+ break;
+ }
+ break;
+
+ case IKEV2_PRF:
+ switch ( aAlgCode )
+ {
+ case PRF_HMAC_MD5:
+ KeyLth = 16;
+ BlockLth = 16;
+ if ( aDigestId )
+ *aDigestId = TUtlCrypto::EUtlMessageDigestMd5;
+ break;
+
+ case PRF_HMAC_SHA1:
+ KeyLth = 20;
+ BlockLth = 20;
+ if ( aDigestId )
+ *aDigestId = TUtlCrypto::EUtlMessageDigestSha1;
+ break;
+
+ default:
+ break;
+ }
+ break;
+
+ case IKEV2_INTEG:
+ switch ( aAlgCode )
+ {
+ case AUTH_HMAC_MD5_96:
+ KeyLth = 16;
+ BlockLth = 12;
+ if ( aDigestId )
+ *aDigestId = TUtlCrypto::EUtlMessageDigestMd5;
+ break;
+
+ case AUTH_HMAC_SHA1_96:
+ KeyLth = 20;
+ BlockLth = 12;
+ if ( aDigestId )
+ *aDigestId = TUtlCrypto::EUtlMessageDigestSha1;
+ break;
+
+ default:
+ break;
+ }
+ break;
+
+ default:
+ break;
+
+ }
+
+ if ( aBlockLth )
+ *aBlockLth = BlockLth;
+
+ return KeyLth;
+
+}
+
+HBufC8* IkeCrypto::GenerateKeyingMaterialL(const TDesC8& aK, const TDesC8& aS, TInt aKeyMatLth, TUint16 aPRFAlg)
+{
+ //
+ // Since the amount of keying material needed may be greater than
+ // the size of the output of the prf algorithm prf+ is used as
+ // follows prf+ (K,S) = T1 | T2 | T3 | T4 | ...
+ // where: T1 = prf (K, S | 0x01)
+ // T2 = prf (K, T1 | S | 0x02) ..
+ // TN = prf (K, TN-1 | S | 0xN ) ;[ N < 256 ]
+ //
+ TInt PrfKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_PRF, aPRFAlg, NULL);
+ TInt S_Lth = aS.Length();
+ TUint8 IterCount = (TUint8)((aKeyMatLth/PrfKeyLth) + 1);
+ HBufC8* KeyMat = HBufC8::NewL((IterCount * PrfKeyLth) + S_Lth + 1);
+ CleanupStack::PushL(KeyMat);
+ TPtr8 KeyMatPtr(KeyMat->Des());
+
+ TUint8 i = 1;
+ //
+ // Produce key material T1 | T2 | T3 | T4 | ...
+ //
+
+ HBufC8* tValue = NULL;
+ HBufC8* inputBuffer = HBufC8::NewLC(PrfKeyLth + aS.Length() + sizeof(i));
+ TPtr8 inputBufferPtr(inputBuffer->Des());
+ while ( i <= IterCount )
+ {
+ inputBufferPtr.Zero();
+ if (tValue != NULL)
+ {
+ inputBufferPtr.Append(*tValue);
+ }
+ //
+ // Append value S into key material buffer and concatenate 8 bit integer
+ // value i into S
+ //
+ inputBufferPtr.Append(aS);
+ inputBufferPtr.Append(&i, sizeof(i));
+
+ delete tValue;
+ tValue = NULL;
+ //
+ // Calculate TN = prf (SKEYSEED, TN-1 | S | 0xN)
+ //
+ tValue = IkeCrypto::PrfhmacL(*inputBuffer, aK, aPRFAlg);
+ KeyMatPtr.Append(*tValue);
+ i++;
+ }
+ delete tValue;
+
+ CleanupStack::PopAndDestroy(inputBuffer);
+ CleanupStack::Pop(); // Keymat
+
+ return KeyMat;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikemsgrec.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,452 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Received IKE message handling rules.
+*
+*/
+
+#include "ikev2SAdata.h"
+#include "ikemsgrec.h"
+#include "ikecrypto.h"
+//
+// CIkev2Payloads
+//
+
+CIkev2Payloads::CIkev2Payloads(const TIkev2SAData& aIkeV2SaData)
+:iIkeV2SaData(aIkeV2SaData)
+{
+}
+
+CIkev2Payloads::~CIkev2Payloads()
+{
+ delete iProps;
+ delete iTrans;
+ delete iCerts;
+ delete iCertReqs;
+ delete iNotifs;
+ delete iDeletes;
+ delete iVids;
+ delete iGenPlds;
+}
+
+CIkev2Payloads* CIkev2Payloads::NewL(const ThdrISAKMP &aHdr, const TIkev2SAData& aIkeV2SaData)
+{
+ CIkev2Payloads* Payloads = new (ELeave) CIkev2Payloads(aIkeV2SaData);
+ CleanupStack::PushL(Payloads);
+
+ Payloads->ConstructL();
+
+ Payloads->iIkeMsg = (ThdrISAKMP*)&aHdr; // Save pointer to IKE message data
+ TInt Lth = aHdr.GetLength() - ThdrISAKMP::Size();
+ Payloads->ParsePayloadsL(TPayloadIkev2::Cast(aHdr.Next()), Lth, aHdr.GetPayload(), IKEV2_PAYLOAD_NONE);
+
+ CleanupStack::Pop(Payloads);
+
+ return Payloads;
+}
+
+CIkev2Payloads* CIkev2Payloads::NewL(TPayloadIkev2* aPayload, TUint8 aPayloadType, TIkev2SAData& aIkeV2SaData)
+{
+ User::LeaveIfNull((TAny*)aPayload);
+ CIkev2Payloads* Payloads = new (ELeave) CIkev2Payloads(aIkeV2SaData);
+ CleanupStack::PushL(Payloads);
+
+ Payloads->ConstructL();
+
+ Payloads->ParsePayloadsL(aPayload, aPayload->GetLength(), aPayloadType, aPayloadType);
+
+ CleanupStack::Pop(Payloads);
+
+ return Payloads;
+}
+
+TBool CIkev2Payloads::ParsePayloadL(TPayloadIkev2* aPayload, TUint16 aPlType)
+{
+ User::LeaveIfNull((TAny*)aPayload);
+
+ if ( aPlType == IKEV2_PAYLOAD_SA )
+ iProps->Reset();
+ else if ( aPlType == IKEV2_PAYLOAD_PROP )
+ iTrans->Reset();
+ if ( ParsePayloadsL(aPayload, aPayload->GetLength(), aPlType, aPlType) != 0 )
+ return EFalse;
+ else return ETrue;
+}
+
+void CIkev2Payloads::ConstructL()
+{
+ iProps = new (ELeave) CArrayFixFlat<TProposalIkev2 *>(4);
+ iTrans = new (ELeave) CArrayFixFlat<TTransformIkev2 *>(4);
+ iCerts = new (ELeave) CArrayFixFlat<TCertPayloadIkev2 *>(4);
+ iCertReqs = new (ELeave) CArrayFixFlat<TCReqPayloadIkev2 *>(2);
+ iNotifs = new (ELeave) CArrayFixFlat<TNotifPayloadIkev2 *>(2);
+ iDeletes = new (ELeave) CArrayFixFlat<TDeletePlIkev2 *>(2);
+ iVids = new (ELeave) CArrayFixFlat<TVendorPlIkev2 *>(2);
+ iGenPlds = new (ELeave) CArrayFixFlat<TPayloadIkev2 *>(2);
+}
+
+
+TInt CIkev2Payloads::ParsePayloadsL(TPayloadIkev2* aPayload, TInt aLength, TUint16 aPlType, TUint16 aRefPlType )
+{
+ ASSERT(aPayload);
+ TBool Critical;
+ TInt PlLth;
+ TInt RefLth;
+
+ while ( aPlType != IKEV2_PAYLOAD_NONE )
+ {
+ PlLth = aPayload->GetLength();
+ RefLth = TPayloadIkev2::Size();
+
+ if ( ( aLength < TPayloadIkev2::Size() ) || (aLength < PlLth) )
+ {
+ if ( aLength && ( aRefPlType != IKEV2_PAYLOAD_SA ))
+ SetStatus(INVALID_SYNTAX); // Payload length mismatch !!
+ return aLength;
+ }
+
+ if ( (aRefPlType != IKEV2_PAYLOAD_NONE) && (aRefPlType != aPlType) )
+ {
+ SetStatus(INVALID_SYNTAX); // Illegal payload type !!
+ return aLength;
+ }
+
+ Critical = aPayload->GetCritical();
+
+ switch ( aPlType )
+ {
+ case IKEV2_PAYLOAD_PROP:
+ iProps->AppendL(TProposalIkev2::Cast(aPayload));
+ //
+ // Parse Transform payloads within a Proposal payload
+ // (recursively)
+ //
+ ParsePayloadsL(TPayloadIkev2::Cast(TProposalIkev2::Cast(aPayload)->TransformPl()),
+ (PlLth - TProposalIkev2::Cast(aPayload)->PropHdrLth()),
+ IKEV2_PAYLOAD_TRANS, IKEV2_PAYLOAD_TRANS);
+ if ( Status() )
+ return aLength;
+ break;
+
+ case IKEV2_PAYLOAD_TRANS:
+ RefLth = TTransformIkev2::Cast(aPayload)->Size();
+ iTrans->AppendL(TTransformIkev2::Cast(aPayload));
+ break;
+
+ case IKEV2_PAYLOAD_SA: //also includes proposal and transform
+ if ( !iSa ) // Only one SA payload (The first)
+ {
+ iSa = aPayload;
+ //
+ // Parse Proposal payloads within a SA payload
+ // (recursively)
+ //
+ ParsePayloadsL(TPayloadIkev2::Cast(aPayload->PayloadData()), aPayload->PlDataLen(),
+ IKEV2_PAYLOAD_PROP, IKEV2_PAYLOAD_PROP);
+ if ( Status() )
+ return aLength;
+ }
+ break;
+
+ case IKEV2_PAYLOAD_KE:
+ RefLth = TKEPayloadIkev2::Size();
+ if ( !iKe ) // Only one KE payload (The first)
+ {
+ iKe = TKEPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_ID_I:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TIDPayloadIkev2::Size();
+ if ( !iIdI ) // Only one Initiator ID payload (The first)
+ {
+ iIdI = TIDPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_ID_R:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TIDPayloadIkev2::Size();
+ if ( !iIdR ) // Only one Responder ID payload (The first)
+ {
+ iIdR = TIDPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_CERT:
+ RefLth = TCertPayloadIkev2::Size();
+ iCerts->AppendL(TCertPayloadIkev2::Cast(aPayload));
+ break;
+
+ case IKEV2_PAYLOAD_CR:
+ RefLth = TCReqPayloadIkev2::Size();
+ iCertReqs->AppendL(TCReqPayloadIkev2::Cast(aPayload));
+ break;
+
+ case IKEV2_PAYLOAD_AUTH:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // Auth payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TAuthPayloadIkev2::Size();
+ if ( !iAuth ) // Only one Authentication payload (The first)
+ {
+ iAuth = TAuthPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_NONCE:
+ if ( !iNonce )
+ { // Only one SA payload (The first)
+ iNonce = aPayload;
+ }
+ break;
+
+ case IKEV2_PAYLOAD_NOTIF:
+ RefLth = TNotifPayloadIkev2::Size();
+ iNotifs->AppendL(TNotifPayloadIkev2::Cast(aPayload));
+ break;
+
+ case IKEV2_PAYLOAD_DELETE:
+ RefLth = TDeletePlIkev2::Size();
+ iDeletes->AppendL(TDeletePlIkev2::Cast(aPayload));
+ break;
+
+ case IKEV2_PAYLOAD_VID:
+ iVids->AppendL(aPayload);
+ break;
+
+ case IKEV2_PAYLOAD_TS_I:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TTSPayloadIkev2::Size();
+ if ( !iTsI ) // Only one Initiator ID payload (The first)
+ {
+ iTsI = TTSPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_TS_R:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TTSPayloadIkev2::Size();
+ if ( !iTsR ) // Only one Initiator ID payload (The first)
+ {
+ iTsR = TTSPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_ENCR:
+ if ( !iEncr ) // Only one Initiator ID payload (The first)
+ {
+ DecryptEncrPayloadL(aPayload);
+ iEncr = aPayload;
+ }
+ else SetStatus(INVALID_SYNTAX); // Only ONE encrypted payload per message
+ if ( Status() )
+ return aLength;
+ break;
+
+ case IKEV2_PAYLOAD_CONFIG:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ RefLth = TCPPayloadIkev2::Size();
+ if ( !iCp ) // Only one Config payload (The first)
+ {
+ iCp = TCPPayloadIkev2::Cast(aPayload);
+ }
+ break;
+
+ case IKEV2_PAYLOAD_EAP:
+ if ( !Encrypted() )
+ {
+ SetStatus(INVALID_SYNTAX); // ID payload MUST be encrypted
+ return aLength;
+ }
+ if ( !iEap ) // Only one Config payload (The first)
+ {
+ iEap = aPayload;
+ }
+ break;
+
+ //
+ // Unknown payload detected. If Critical bit is not set
+ //
+ //
+ default:
+ if ( Critical )
+ {
+ SetStatus(UNSUPPORTED_CRITICAL_PAYLOAD);
+ return aLength;
+ }
+ else iGenPlds->AppendL(aPayload);
+ break;
+
+ }
+
+ if ( PlLth < RefLth )
+ {
+ SetStatus(INVALID_SYNTAX); // Length mismatch
+ return aLength;
+ }
+
+ aLength -= PlLth;
+ aPlType = aPayload->GetNextPayload();
+ aPayload = aPayload->Next();
+ }
+
+ if ( aLength )
+ SetStatus(INVALID_SYNTAX); // Length mismatch
+
+ return aLength;
+}
+
+void CIkev2Payloads::DecryptEncrPayloadL(TPayloadIkev2* aPayload)
+{
+ ASSERT(aPayload);
+ //
+ // Process Encrypted Payload
+ // 1 2 3
+ // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! Next Payload !C! RESERVED ! Payload Length !
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! Initialization Vector !
+ // ! (length is block size for encryption algorithm) !
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! Encrypted IKE Payloads !
+ // + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! ! Padding (0-255 octets) !
+ // +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
+ // ! ! Pad Length !
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ~ Integrity Checksum Data ~
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ //
+ // Save integrity checksum from encrypted payload tail the
+ // integrity checksum length is defined by used integrity algorithm
+ //
+ TInt CheksumLth = iIkeV2SaData.iIntChkSumLth;
+ TInt CbcLth = iIkeV2SaData.iCipherBlkLth;
+ TInt EmbeddedLth = aPayload->GetLength();
+ if ( EmbeddedLth < (CheksumLth + CbcLth) )
+ {
+ SetStatus(INVALID_SYNTAX);
+ return;
+ }
+ TUint8* MsgChecksum = (TUint8*)aPayload + EmbeddedLth - CheksumLth;
+ TBuf8<IKEV2_KEY_MATERIAL_SIZE> CheckSum;
+ //
+ // Decrypt encryption payload content and payload tail the
+ // integrity checksum length is defined by used integrity algorithm
+ //
+
+ TInt EntireLth = iIkeMsg->GetLength() - iIkeV2SaData.iIntChkSumLth;
+ TInt EncryptedDataLength = aPayload->GetLength() - (iIkeV2SaData.iIntChkSumLth + iIkeV2SaData.iCipherBlkLth + TPayloadIkev2::Size());
+ TUint8* IvPtr = aPayload->PayloadData();
+ TUint8* EncryptedData = IvPtr + iIkeV2SaData.iCipherBlkLth;
+
+ TPtrC8 entireDataPtr((TUint8*)iIkeMsg, EntireLth);
+ if ( iIkeV2SaData.iInitiator )
+ {
+ IkeCrypto::IntegHMACL(entireDataPtr, CheckSum, iIkeV2SaData.iSK_ar, iIkeV2SaData.iIntegAlg);
+ IkeCrypto::DecryptL(EncryptedData, EncryptedData, EncryptedDataLength, IvPtr, iIkeV2SaData.iSK_er, iIkeV2SaData.iEncrAlg);
+ }
+ else
+ {
+ IkeCrypto::IntegHMACL(entireDataPtr, CheckSum, iIkeV2SaData.iSK_ai, iIkeV2SaData.iIntegAlg);
+ IkeCrypto::DecryptL(EncryptedData, EncryptedData, EncryptedDataLength, IvPtr, iIkeV2SaData.iSK_ei, iIkeV2SaData.iEncrAlg);
+ }
+
+
+ //
+ // Check that integrity cheksum is correct
+ //
+ if ( Mem::Compare(MsgChecksum, CheksumLth ,CheckSum.Ptr(), CheksumLth) != 0 )
+ {
+ SetStatus(INVALID_SYNTAX); // Length mismatch
+ return;
+ }
+ //
+ // Process embedded payloads inside the encrypted payload
+ // - Bypass IV in the begin of encrypted payload data
+ // - Assure that padded "embedded" payloads have length which
+ // equals with multiple of CBC block length
+ // - Ignore padding bytes from that length
+ //
+ EmbeddedLth -= (CheksumLth + CbcLth + TPayloadIkev2::Size());
+ if ( EmbeddedLth % CbcLth )
+ {
+ SetStatus(INVALID_SYNTAX);
+ return;
+ }
+ MsgChecksum --; // Move pointer to padding length
+ if ( EmbeddedLth < (TInt)*MsgChecksum )
+ {
+ SetStatus(INVALID_SYNTAX);
+ return;
+ }
+ EmbeddedLth -= (TInt)*MsgChecksum;
+ EmbeddedLth --; // Pad Length itself
+ TPayloadIkev2* EmbeddedPl = TPayloadIkev2::Cast(aPayload->PayloadData() + CbcLth);
+
+ iEncrypted = ETrue; // Set encrypted indicator
+
+ ParsePayloadsL(EmbeddedPl, EmbeddedLth,
+ aPayload->GetNextPayload(), IKEV2_PAYLOAD_NONE);
+
+}
+
+ThdrISAKMP* CIkev2Payloads::GetIkeMsg()
+{
+ return iIkeMsg;
+}
+
+
+TInt CIkev2Payloads::Status()
+{
+ return iStatus;
+}
+
+
+void CIkev2Payloads::SetStatus(TInt aStatus)
+{
+ if ( iStatus == 0) iStatus = aStatus;
+}
+
+
+TBool CIkev2Payloads::Encrypted()
+{
+ return iEncrypted;
+}
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2acquire.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,531 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Acquire definition
+* Class CIkev2Acquire is a IKEv2 specific data structure
+* containing information needed, when establishing a new
+* IPsec SA
+*/
+
+#include <ipsecpolapi.h>
+
+#include "ikev2acquire.h"
+#include "pfkeymsg.h"
+#include "ipsecproposal.h"
+#include "ipsecselectors.h"
+#include "ikev2payloads.h"
+#include "ikev2ipsecsarekeydata.h"
+
+_LIT8(KZeroDesc, "");
+//
+//
+// CIkev2Acquire
+//
+// This class is used to handle PFKEY Acquire primitives received from
+// Ipsec plug-in.
+//
+//
+CIkev2Acquire::CIkev2Acquire(TInt aId)
+:iId(aId), iSPIIn(0), iSPIOut(0), iSPIToBeRekeyed(0), iDHGroup(0),
+ iTransport(EFalse), iResponse(EFalse), iSrcSpecific(ETrue), iForVirtualIp(EFalse),
+ iReplayWindow(0), iProtocol(SADB_SATYPE_ESP), iPfKeyPid(0), iPfKeySeq(0),
+ iHard(0,0,0,0), iSoft(0,0,0,0),
+ iSA(0), iTS_i(0), iTS_r(0), iLocalId(0), iRemoteId(0), iNext(0)
+ {
+ }
+
+
+CIkev2Acquire::~CIkev2Acquire()
+{
+ delete iSA;
+ iSA = NULL;
+ delete iTS_i;
+ iTS_i = NULL;
+ delete iTS_r;
+ iTS_r = NULL;
+ delete iLocalId;
+ iLocalId = NULL;
+ delete iRemoteId;
+ iRemoteId = NULL;
+}
+
+void CIkev2Acquire::ConstructL(const TPfkeyMessage& aReq, const TInetAddr& aLocalAddr,
+ TUint16 aDHGroup, TBool aImplicitSa,
+ const TIpsecSaSpec* aSaSpec, const CIpsecSARekeyData* aRekeyData)
+{
+ SetIpsecProtocol(aReq.iBase.iMsg->sadb_msg_satype);
+ SetPid(aReq.iBase.iMsg->sadb_msg_pid);
+ SetSeq(aReq.iBase.iMsg->sadb_msg_seq);
+ iSrcSpecific = !(aReq.iSrcAddr.iAddr->IsUnspecified());
+
+ if (!aRekeyData)
+ {
+ // SADB_ACQUIRE was received
+ if ( aReq.iProposal.iComb->sadb_comb_flags & SADB_SAFLAGS_PFS )
+ {
+ iDHGroup = (TUint32)aDHGroup;
+ }
+
+ if ( aReq.iProposal.iComb->sadb_comb_flags & SADB_SAFLAGS_TUNNEL )
+ {
+ iTransport = EFalse;
+ }
+ else
+ {
+ iTransport = ETrue;
+ }
+
+ iHard.iAllocations = aReq.iProposal.iComb->sadb_comb_hard_allocations;
+ iHard.iBytes = aReq.iProposal.iComb->sadb_comb_hard_bytes;
+ iHard.iAddtime = aReq.iProposal.iComb->sadb_comb_hard_addtime;
+ iHard.iUsetime = aReq.iProposal.iComb->sadb_comb_hard_usetime;
+
+ iSoft.iAllocations = aReq.iProposal.iComb->sadb_comb_soft_allocations;
+ iSoft.iBytes = aReq.iProposal.iComb->sadb_comb_soft_bytes;
+ iSoft.iAddtime = aReq.iProposal.iComb->sadb_comb_soft_addtime;
+ iSoft.iUsetime = aReq.iProposal.iComb->sadb_comb_soft_usetime;
+
+ SetReplayWindow(aReq.iProposal.iExt->sadb_prop_replay);
+
+ //
+ // Build SA payload (including Proposal and Transform payload)
+ // using parameters in TPfkeyMessage
+ //
+ if ( aImplicitSa )
+ {
+ aDHGroup = 0; // No D-H group used with ipmplicit SA although PFS defined
+ }
+ iSA = IpsecProposal::BuildIpsecSaRequestL(aReq, aDHGroup);
+
+ //
+ // Build Traffic selectors using parameters in TPfkeyMessage.
+ // For some reason the selectors are build using identity
+ // fields.
+ //
+ IpsecSelectors::BuildTrafficSelectorsL(this, aLocalAddr,
+ aReq.iSrcIdent, aReq.iDstIdent,
+ aReq.iDstAddr.iExt->sadb_address_proto);
+ //
+ // Store identity information from TPfkeyMessage to Acquire
+ //
+ if ( aReq.iSrcIdent.iExt )
+ {
+ iLocalId = HBufC8::NewL(aReq.iSrcIdent.iData.Length());
+ iLocalId->Des().Copy(aReq.iSrcIdent.iData);
+ }
+ else
+ {
+ iLocalId = KZeroDesc().AllocL();
+ }
+
+ if ( aReq.iDstIdent.iExt )
+ {
+ iRemoteId = HBufC8::NewL(aReq.iDstIdent.iData.Length());
+ iRemoteId->Des().Copy(aReq.iDstIdent.iData);
+ }
+ else
+ {
+ iRemoteId = KZeroDesc().AllocL();
+ }
+ }
+ else
+ {
+ // SADB_EXPIRE was received due to soft lifetime expiration
+ TUint16 flags = (TUint16)(aReq.iSa.iExt->sadb_sa_flags | (aSaSpec->iTransportMode ? 0 : SADB_SAFLAGS_TUNNEL));
+ if ( flags & SADB_SAFLAGS_PFS )
+ {
+ iDHGroup = (TUint32)aDHGroup;
+ }
+
+ if ( flags & SADB_SAFLAGS_TUNNEL )
+ {
+ iTransport = EFalse;
+ }
+ else
+ {
+ iTransport = ETrue;
+ }
+
+ if ( aImplicitSa )
+ {
+ aDHGroup = 0; // No D-H group used with ipmplicit SA although PFS defined
+ }
+
+ iSA = IpsecProposal::BuildIpsecSaRequestL(iProtocol,
+ aSaSpec->iEalg, aSaSpec->iEalgLen, aSaSpec->iAalg,
+ flags, aDHGroup);
+
+ iReplayWindow = aRekeyData->ReplayWindow();
+ iHard = aRekeyData->HardLifetime();
+ iSoft = aRekeyData->SoftLifetime();
+
+ iTS_i = aRekeyData->TsIL();
+ iTS_r = aRekeyData->TsRL();
+
+
+ iLocalId = aRekeyData->LocalId().AllocL();
+ iRemoteId = aRekeyData->RemoteId().AllocL();
+
+ iResponse = EFalse;
+ }
+}
+
+
+CIkev2Acquire* CIkev2Acquire::NewL(const TPfkeyMessage& aPfkeyMessage, TUint32 aId,
+ const TInetAddr& aLocalAddr, TUint16 aDHGroup, TBool aImplicitSa,
+ const TIpsecSaSpec* aSaSpec, const CIpsecSARekeyData* aRekeyData)
+{
+ CIkev2Acquire* Acquire = new (ELeave)CIkev2Acquire(aId);
+ CleanupStack::PushL(Acquire);
+ Acquire->ConstructL(aPfkeyMessage, aLocalAddr, aDHGroup, aImplicitSa, aSaSpec, aRekeyData);
+ CleanupStack::Pop(Acquire);
+ return Acquire;
+}
+
+
+void CIkev2Acquire::AddIpsecSpiToSa(const TDesC8& aSpi)
+ {
+ __ASSERT_DEBUG(aSpi.Length() == 4, User::Invariant());
+
+ TUint8* saBuffer = const_cast<TUint8*>(iSA->Ptr());
+ TProposalIkev2* Prop = TProposalIkev2::Cast(saBuffer);
+
+ while ( Prop )
+ {
+ TUint32 spiValue = 0;
+ TPtr8 spiValueDesc(reinterpret_cast<TUint8*>(&spiValue), sizeof(spiValue));
+ spiValueDesc = aSpi;
+ Prop->SetIpsecSPI(spiValue);
+ if ( !Prop->Last() )
+ {
+ Prop = TProposalIkev2::Cast(TPayloadIkev2::Cast(Prop)->Next());
+ }
+ else
+ {
+ Prop = NULL;
+ }
+ }
+ }
+
+
+CIkev2Acquire* CIkev2Acquire::NewL(TUint32 aId, HBufC8* aSa,
+ CArrayFix<TIkeV2TrafficSelector>* aTS_i,
+ CArrayFix<TIkeV2TrafficSelector>* aTS_r )
+{
+ CIkev2Acquire* Acquire = new (ELeave)CIkev2Acquire(aId);
+ Acquire->iSA = aSa;
+ Acquire->iTS_i = aTS_i;
+ Acquire->iTS_r = aTS_r;
+ return Acquire;
+}
+
+void CIkev2Acquire::Link(CIkev2Acquire* aAcquire, CIkev2Acquire** aAnchor)
+{
+ ASSERT(aAcquire && aAnchor);
+ aAcquire->iNext = NULL;
+ CIkev2Acquire* Last = *aAnchor;
+ if ( Last )
+ {
+ while ( Last->iNext )
+ {
+ Last = Last->iNext;
+ }
+ Last->iNext = aAcquire;
+ }
+ else *aAnchor = aAcquire;
+}
+
+CIkev2Acquire* CIkev2Acquire::Find(TUint32 aId, CIkev2Acquire** aAnchor, TBool aRemove)
+{
+ ASSERT(aAnchor);
+ CIkev2Acquire* Prev = NULL;
+ CIkev2Acquire* Elem = *aAnchor;
+ while ( Elem )
+ {
+ if ( Elem->iId == aId )
+ {
+ if ( aRemove )
+ {
+ if ( Prev )
+ Prev->iNext = Elem->iNext;
+ else *aAnchor = Elem->iNext;
+ }
+ break;
+ }
+ Prev = Elem;
+ Elem = Elem->iNext;
+ }
+ return Elem;
+}
+
+CIkev2Acquire* CIkev2Acquire::GetNext(CIkev2Acquire** aAnchor, TBool aResponse)
+{
+ ASSERT(aAnchor);
+ CIkev2Acquire* Elem = *aAnchor;
+ while ( Elem )
+ {
+ if ( Elem->SPI_In().Length() > 0 && (Elem->Response() == aResponse) )
+ {
+ RemoveFromQue(Elem->Id(), aAnchor);
+ break;
+ }
+ Elem = Elem->iNext;
+ }
+ return Elem;
+}
+
+TBool CIkev2Acquire::Responding(CIkev2Acquire** aAnchor)
+{
+ ASSERT(aAnchor);
+ CIkev2Acquire* Elem = *aAnchor;
+ while ( Elem )
+ {
+ if ( Elem->Response() )
+ {
+ return ETrue;
+ }
+ Elem = Elem->iNext;
+ }
+ return EFalse;
+}
+
+
+void CIkev2Acquire::PurgeQue(CIkev2Acquire** aAnchor)
+{
+ ASSERT(aAnchor);
+ CIkev2Acquire* Elem = *aAnchor;
+ while ( Elem )
+ {
+ RemoveFromQue(Elem->Id(), aAnchor);
+ delete Elem;
+ Elem = *aAnchor;
+ }
+}
+
+void CIkev2Acquire::SetFirst(CIkev2Acquire* aAcquire, CIkev2Acquire** aAnchor)
+ {
+ ASSERT(aAcquire && aAnchor);
+ aAcquire->iNext = *aAnchor;
+ *aAnchor = aAcquire;
+ }
+
+CIkev2Acquire* CIkev2Acquire::PeekFirst(CIkev2Acquire** aAnchor)
+ {
+ return *aAnchor;
+ }
+
+CIkev2Acquire* CIkev2Acquire::RemoveFromQue(TUint32 aId, CIkev2Acquire** aAnchor)
+ {
+ return CIkev2Acquire::Find(aId, aAnchor, ETrue);
+ }
+
+TUint32 CIkev2Acquire::Id()
+ {
+ return iId;
+ }
+
+TPtrC8 CIkev2Acquire::SPI_In()
+ {
+ return iSPIIn;
+ }
+
+TPtrC8 CIkev2Acquire::SPI_Out()
+ {
+ return iSPIOut;
+ }
+
+TPtrC8 CIkev2Acquire::SPI_ToBeRekeyed()
+ {
+ return iSPIToBeRekeyed;
+ }
+
+void CIkev2Acquire::SetSPI_In(const TDesC8& aSPI)
+ {
+ iSPIIn = aSPI;
+ }
+
+void CIkev2Acquire::SetSPI_Out(const TDesC8& aSPI)
+ {
+ iSPIOut = aSPI;
+ }
+
+void CIkev2Acquire::SetSPI_ToBeRekeyed(const TDesC8& aSPI)
+ {
+ iSPIToBeRekeyed = aSPI;
+ }
+
+TUint16 CIkev2Acquire::DHGroup()
+ {
+ return (TUint16)iDHGroup;
+ }
+
+void CIkev2Acquire::DHGroup(TUint16 aDHGroup)
+ {
+ iDHGroup = aDHGroup;
+ }
+
+TBool CIkev2Acquire::Transport()
+ {
+ return iTransport;
+ }
+
+void CIkev2Acquire::SetTransport()
+ {
+ iTransport = ETrue;
+ }
+
+TBool CIkev2Acquire::Response()
+ {
+ return iResponse;
+ }
+
+void CIkev2Acquire::SetResponse()
+ {
+ iResponse = ETrue;
+ }
+
+void CIkev2Acquire::SetHardLifetime(const TIpsecSALifetime& aHard )
+ {
+ iHard = aHard;
+ }
+
+TIpsecSALifetime* CIkev2Acquire::HardLifetime()
+ {
+ return &iHard;
+ }
+
+void CIkev2Acquire::SetSoftLifetime(const TIpsecSALifetime& aSoft )
+ {
+ iSoft = aSoft;
+ }
+
+TIpsecSALifetime* CIkev2Acquire::SoftLifetime()
+ {
+ return &iSoft;
+ }
+
+TUint8 CIkev2Acquire::ReplayWindow()
+ {
+ return (TUint8)iReplayWindow;
+ }
+
+void CIkev2Acquire::SetReplayWindow(TUint8 aReplayWindow)
+ {
+ iReplayWindow = (TInt)aReplayWindow;
+ }
+
+TUint32 CIkev2Acquire::Pid()
+ {
+ return iPfKeyPid;
+ }
+
+void CIkev2Acquire::SetPid(TUint32 aPfKeyPid)
+ {
+ iPfKeyPid = aPfKeyPid;
+ }
+
+TUint32 CIkev2Acquire::Seq()
+ {
+ return iPfKeySeq;
+ }
+
+void CIkev2Acquire::SetSeq(TUint32 aPfKeySeq)
+ {
+ iPfKeySeq = aPfKeySeq;
+ }
+
+void CIkev2Acquire::SetVirtualIp()
+ {
+ iForVirtualIp = ETrue;
+ }
+
+TBool CIkev2Acquire::ForVirtualIp()
+ {
+ return iForVirtualIp;
+ }
+
+TBool CIkev2Acquire::SrcSpecific()
+ {
+ return iSrcSpecific;
+ }
+
+void CIkev2Acquire::SetSrcSpecific(TBool aSrcSpecific)
+ {
+ iSrcSpecific = aSrcSpecific;
+ }
+
+TUint8 CIkev2Acquire::IpsecProtocol()
+ {
+ return (TUint8)iProtocol;
+ }
+
+void CIkev2Acquire::SetIpsecProtocol(TUint8 aProtocol)
+ {
+ iProtocol = (TInt)aProtocol;
+ }
+
+HBufC8* CIkev2Acquire::LocalId()
+ {
+ return iLocalId;
+ }
+
+HBufC8* CIkev2Acquire::RemoteId()
+ {
+ return iRemoteId;
+ }
+
+HBufC8* CIkev2Acquire::SA()const
+ {
+ return iSA;
+ }
+
+const CArrayFix<TIkeV2TrafficSelector>& CIkev2Acquire::TS_i()
+ {
+ return *iTS_i;
+ }
+
+const CArrayFix<TIkeV2TrafficSelector>& CIkev2Acquire::TS_r()
+ {
+ return *iTS_r;
+ }
+
+void CIkev2Acquire::ReplaceSA(HBufC8* aSA)
+ {
+ delete iSA;
+ iSA = aSA;
+ }
+
+void CIkev2Acquire::ReplaceTS_i(CArrayFix<TIkeV2TrafficSelector>* aTS)
+ {
+ delete iTS_i;
+ iTS_i = aTS;
+ }
+
+void CIkev2Acquire::ReplaceTS_r(CArrayFix<TIkeV2TrafficSelector>* aTS)
+ {
+ delete iTS_r;
+ iTS_r = aTS;
+ }
+
+void CIkev2Acquire::ReplaceLocalId(HBufC8* aId)
+ {
+ delete iLocalId;
+ iLocalId = aId;
+ }
+
+void CIkev2Acquire::ReplaceRemoteId(HBufC8* aId)
+ {
+ delete iRemoteId;
+ iRemoteId = aId;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2deactivationtimer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,57 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Timer to trigger cancellation of session deletion.
+*
+*/
+
+
+#include "ikev2deactivationtimer.h"
+
+// Deactivation timeout value.
+static const TUint KDeactivationTimeout = 2000000; //microseconds
+
+CIkev2DeactivationTimer* CIkev2DeactivationTimer::NewL(MIkev2DeactivationTimerCallback& aCallback)
+ {
+ CIkev2DeactivationTimer* self = new (ELeave) CIkev2DeactivationTimer(aCallback);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop();
+
+ return self;
+ }
+
+
+CIkev2DeactivationTimer::CIkev2DeactivationTimer(MIkev2DeactivationTimerCallback& aCallback)
+ : CTimer(EPriorityStandard),
+ iCallback(aCallback)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+CIkev2DeactivationTimer::~CIkev2DeactivationTimer()
+ {
+ Cancel();
+ }
+
+void CIkev2DeactivationTimer::IssueRequest()
+ {
+ After(KDeactivationTimeout);
+ }
+
+
+void CIkev2DeactivationTimer::RunL()
+ {
+ iCallback.DeactivationTimeout();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2expire.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,95 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* CIkev2Expire. This class is used to handle PFKEY Expire primitives received
+* from IPSec plug-in.
+*
+*/
+#include "ikev2expire.h"
+#include "pfkeymsg.h"
+
+//
+// CIkev2Expire
+//
+// This class is used to handle PFKEY Expire primitives received from
+// Ipsec plug-in.
+//
+
+CIkev2Expire* CIkev2Expire::NewL(const TPfkeyMessage& aPfkeyMessage)
+{
+ CIkev2Expire* Expire = new (ELeave)CIkev2Expire();
+ TPtrC8 spiPtr(reinterpret_cast<const TUint8*>(&aPfkeyMessage.iSa.iExt->sadb_sa_spi),
+ sizeof(aPfkeyMessage.iSa.iExt->sadb_sa_spi));
+ Expire->SetSPI(spiPtr);
+ Expire->SetProtocol(aPfkeyMessage.iBase.iMsg->sadb_msg_satype);
+ return Expire;
+}
+
+void CIkev2Expire::Link(CIkev2Expire* aExpire, CIkev2Expire** aAnchor)
+{
+ ASSERT(aExpire && aAnchor);
+ aExpire->iNext = NULL;
+ CIkev2Expire* Last = *aAnchor;
+ if ( Last )
+ {
+ while ( Last->iNext )
+ {
+ Last = Last->iNext;
+ }
+ Last->iNext = aExpire;
+ }
+ else *aAnchor = aExpire;
+}
+
+CIkev2Expire* CIkev2Expire::GetNext(CIkev2Expire** aAnchor)
+{
+ ASSERT(aAnchor);
+ CIkev2Expire* Elem = *aAnchor;
+ if ( Elem )
+ *aAnchor = Elem->iNext;
+ return Elem;
+}
+
+void CIkev2Expire::PurgeQue(CIkev2Expire** aAnchor)
+{
+ ASSERT(aAnchor);
+ CIkev2Expire* Elem = *aAnchor;
+ while ( Elem )
+ {
+ *aAnchor = Elem->iNext;
+ delete Elem;
+ Elem = *aAnchor;
+ }
+}
+
+TPtrC8 CIkev2Expire::SPI()
+ {
+ return iSPI;
+ }
+
+void CIkev2Expire::SetSPI(const TDesC8& aSPI)
+ {
+ iSPI = aSPI;
+ }
+
+TUint8 CIkev2Expire::Protocol()
+ {
+ return iProtocol;
+ }
+
+void CIkev2Expire::SetProtocol(TUint8 aProt)
+ {
+ iProtocol = aProt;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2identity.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+
+#include "ikev2identity.h"
+
+static const TUint16 KHeaderLength = 4;
+
+CIkeV2Identity* CIkeV2Identity::NewL(TUint8 aIdType, const TDesC8& aIdentity)
+ {
+ CIkeV2Identity* self = new (ELeave) CIkeV2Identity;
+ CleanupStack::PushL(self);
+ self->ConstructL(aIdType, aIdentity);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+void CIkeV2Identity::ConstructL(TUint8 aIdType, const TDesC8& aIdentity)
+ {
+ _LIT8(KReserverField, "\0\0\0");
+
+ iIdPayloadData = HBufC8::NewL(KHeaderLength + aIdentity.Length());
+ TPtr8 idPayloadDataPtr = iIdPayloadData->Des();
+
+ idPayloadDataPtr.Append(&aIdType, sizeof(aIdType));
+ idPayloadDataPtr.Append(KReserverField);
+ idPayloadDataPtr.Append(aIdentity);
+ }
+
+
+CIkeV2Identity::~CIkeV2Identity()
+ {
+ delete iIdPayloadData;
+ }
+
+
+TUint8 CIkeV2Identity::IdType() const
+ {
+ return (*iIdPayloadData)[0];
+ }
+
+
+TPtrC8 CIkeV2Identity::Identity() const
+ {
+ return iIdPayloadData->Mid(KHeaderLength);
+ }
+
+TPtrC8 CIkeV2Identity::PayloadData() const
+ {
+ return *iIdPayloadData;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2ipsecsadata.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,107 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 IPsec sa data
+*
+*/
+
+#include "ikev2ipsecsadata.h"
+#include "ikedebug.h"
+#include "ikev2ipsecsarekeydata.h"
+#include "ikecrypto.h"
+#include "ikev2const.h"
+
+TIkeV2IpsecSAData::TIkeV2IpsecSAData(MIkeDebug& aDebug)
+:iSPI_In(0), iSPI_Out(0),
+ iEncrAlg(0), iIntegAlg(0),
+ iSaType(0), iESN(0),
+ iCipherKeyLth(0), iIntegKeyLth(0),
+ iTransport(EFalse), iSrcSpecific(EFalse),
+ iRekeyData(NULL), iKeyMaterial(NULL),
+ iNext(NULL), iDebug(aDebug)
+ {
+ }
+
+
+void TIkeV2IpsecSAData::Copy(const TIkeV2IpsecSAData& aSrc)
+ {
+ Mem::Copy((TUint8*)&iSPI_In, (TUint8*)&aSrc.iSPI_In, sizeof(TIkeV2IpsecSAData));
+ iNext = NULL;
+ }
+
+/*
+void TIkeV2IpsecSAData::StoreKeyMaterial(HBufC8* aKeyMaterial)
+ {
+ PurgeKeyMaterial();
+ iKeyMaterial = aKeyMaterial;
+ }
+*/
+
+void TIkeV2IpsecSAData::PurgeKeyMaterial()
+ {
+ if ( iKeyMaterial )
+ {
+ iKeyMaterial->Des().FillZ(); // Wipe out key material data from buffer
+ delete iKeyMaterial;
+ iKeyMaterial = NULL;
+ }
+ }
+
+
+void TIkeV2IpsecSAData::DeleteRekeyData()
+ {
+ if ( iRekeyData )
+ {
+ delete iRekeyData;
+ iRekeyData = NULL;
+ }
+ }
+
+void TIkeV2IpsecSAData::GenerateIpsecKeysL(const TDesC8& aSKd,
+ const TDesC8& aGPowIr,
+ const TDesC8& aNonceI,
+ const TDesC8& aNonceR,
+ TUint16 aPrfAlg)
+{
+ //
+ // Generate Ipsec keying material.
+ // Keying material is created as follows: KEYMAT = prf+(SK_d, Ni | Nr)
+ // If PFS used Keying material is: KEYMAT = prf+(SK_d, g^ir (new) | Ni | Nr )
+ //
+ HBufC8* s = HBufC8::NewLC(aGPowIr.Length() + aNonceI.Length() + aNonceR.Length());
+ TPtr8 sPtr = s->Des();
+ //
+ // Append Nonce data into keymaterial work buffer S
+ //
+ sPtr = aGPowIr;
+ sPtr.Append(aNonceI);
+ sPtr.Append(aNonceR);
+
+ TInt KeyMatLth = 0;
+ if ( iEncrAlg )
+ { if ( iCipherKeyLth == 0)
+ iCipherKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_ENCR, iEncrAlg, NULL);
+ KeyMatLth = 2*iCipherKeyLth;
+ }
+ if ( iIntegAlg )
+ {
+ iIntegKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_INTEG, iIntegAlg, NULL);
+ KeyMatLth += 2*iIntegKeyLth;
+ }
+
+ PurgeKeyMaterial();
+ iKeyMaterial = IkeCrypto::GenerateKeyingMaterialL(aSKd, *s, KeyMatLth, aPrfAlg);
+ CleanupStack::PopAndDestroy(s);
+}
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2ipsecsarekeydata.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,148 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+#include "ikev2ipsecsarekeydata.h"
+
+_LIT8(KZeroDescriptor, "");
+
+CIpsecSARekeyData* CIpsecSARekeyData::NewL(const TInt aReplayWindow,
+ const TIpsecSALifetime* aHard,
+ const TIpsecSALifetime* aSoft,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_i,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_r,
+ const TDesC8& aLocalId, const TDesC8& aRemoteId)
+ {
+ CIpsecSARekeyData* self =
+ new (ELeave)CIpsecSARekeyData(aReplayWindow, aHard, aSoft);
+ CleanupStack::PushL(self);
+ self->ConstructL(aTS_i, aTS_r, aLocalId, aRemoteId);
+ CleanupStack::Pop();
+ return self;
+ }
+
+
+CIpsecSARekeyData::CIpsecSARekeyData(const TInt aReplayWindow,
+ const TIpsecSALifetime* aHard,
+ const TIpsecSALifetime* aSoft)
+:iReplayWindow(aReplayWindow), iHard(*aHard), iSoft(*aSoft),
+ iTS_i(0), iTS_r(0), iLocalId(0), iRemoteId(0)
+ {
+ }
+
+
+void CIpsecSARekeyData::ConstructL(const CArrayFix<TIkeV2TrafficSelector>& aTS_i,
+ const CArrayFix<TIkeV2TrafficSelector>& aTS_r,
+ const TDesC8& aLocalId, const TDesC8& aRemoteId)
+ {
+
+ iTS_i = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(aTS_i.Count());
+ for (TInt i = 0; i < aTS_i.Count(); i++)
+ {
+ iTS_i->AppendL(aTS_i[i]);
+ }
+
+ iTS_r = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(aTS_r.Count());
+ for (TInt i = 0; i < aTS_r.Count(); i++)
+ {
+ iTS_r->AppendL(aTS_r[i]);
+ }
+
+ iLocalId = aLocalId.AllocL();
+ iRemoteId = aRemoteId.AllocL();
+ }
+
+
+CIpsecSARekeyData::~CIpsecSARekeyData()
+ {
+ delete iTS_i;
+ delete iTS_r;
+ delete iLocalId;
+ delete iRemoteId;
+ }
+
+
+TInt CIpsecSARekeyData::ReplayWindow() const
+ {
+ return iReplayWindow;
+ }
+
+
+TIpsecSALifetime CIpsecSARekeyData::HardLifetime() const
+ {
+ return iHard;
+ }
+
+
+TIpsecSALifetime CIpsecSARekeyData::SoftLifetime() const
+ {
+ return iSoft;
+ }
+
+const TPtrC8 CIpsecSARekeyData::LocalId() const
+ {
+ if (iLocalId == NULL)
+ {
+ return KZeroDescriptor();
+ }
+ else
+ {
+ return TPtrC8(*iLocalId);
+ }
+ }
+
+
+const TPtrC8 CIpsecSARekeyData::RemoteId() const
+ {
+ if (iRemoteId == NULL)
+ {
+ return KZeroDescriptor();
+ }
+ else
+ {
+ return TPtrC8(*iRemoteId);
+ }
+ }
+
+
+CArrayFix<TIkeV2TrafficSelector>* CIpsecSARekeyData::TsIL() const
+ {
+ __ASSERT_DEBUG(iTS_i != NULL, User::Invariant());
+ return CopyTsL(*iTS_i);
+ }
+
+
+CArrayFix<TIkeV2TrafficSelector>* CIpsecSARekeyData::TsRL() const
+ {
+ __ASSERT_DEBUG(iTS_r != NULL, User::Invariant());
+ return CopyTsL(*iTS_r);
+ }
+
+
+CArrayFix<TIkeV2TrafficSelector>* CIpsecSARekeyData::CopyTsL(const CArrayFix<TIkeV2TrafficSelector>& aTS) const
+ {
+ CArrayFix<TIkeV2TrafficSelector>* selectorList = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(2);
+ CleanupStack::PushL(selectorList);
+
+ for (TInt i = 0; i < aTS.Count(); ++i)
+ {
+ TIkeV2TrafficSelector selectorCopy(aTS[i]);
+ selectorList->AppendL(selectorCopy);
+ }
+ CleanupStack::Pop(selectorList);
+ return selectorList;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2keepalive.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,95 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Common keep alive object
+*
+*/
+
+
+#include "ikev2keepalive.h"
+#include "ikemsgheader.h"
+#include "ikev2pluginsession.h"
+
+CIkeV2KeepAlive* CIkeV2KeepAlive::NewL(TInt DpdKeepAlive, MIkeV2DpdHeartBeatEventHandler& aHandler)
+{
+ CIkeV2KeepAlive* self = new (ELeave) CIkeV2KeepAlive(DpdKeepAlive, aHandler);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+}
+
+
+//Constructor
+CIkeV2KeepAlive::CIkeV2KeepAlive(TInt aDpdKeepAlive,
+ MIkeV2DpdHeartBeatEventHandler& aHandler)
+: CTimer(EPriorityStandard), iCallback(aHandler), iDpdKeepAlive(aDpdKeepAlive)
+{
+ __ASSERT_DEBUG(iDpdKeepAlive > 0, User::Invariant());
+ CActiveScheduler::Add(this);
+}
+
+//Destructor
+CIkeV2KeepAlive::~CIkeV2KeepAlive()
+{
+ if (IsActive())
+ Cancel();
+}
+
+
+void CIkeV2KeepAlive::ConstructL()
+{
+ //
+ // If NAT keepalive timoeut allocate (and initialize) a TIkeXmitBfr data buffer for
+ // NAT keepalive. Allocate a data buffer for special "Echo request"
+ // keepalive message, if proprietary "Nokia NAT Traversal is used".
+ // Start keep alive timer
+ //
+ CTimer::ConstructL();
+
+ iRemainingTime = iDpdKeepAlive;
+ StartTimer();
+}
+
+
+void CIkeV2KeepAlive::DoCancel()
+{
+ CTimer::DoCancel();
+}
+
+void CIkeV2KeepAlive::RunL()
+{
+ if ( iRemainingTime == 0 && iDpdKeepAlive)
+ {
+ iCallback.EventHandlerL();
+ iRemainingTime = iDpdKeepAlive;
+ }
+ StartTimer();
+}
+
+void CIkeV2KeepAlive::StartTimer()
+{
+
+ if ( iRemainingTime > KMaxTInt/1000000 ) //To avoid overflowing the Timer
+ {
+ iRemainingTime -= KMaxTInt/1000000;
+ After(KMaxTInt);
+ }
+ else //No overflow
+ {
+ if ( iRemainingTime )
+ After(iRemainingTime*1000000);
+ iRemainingTime = 0;
+ }
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2message.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1293 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+#include <es_sock.h>
+#include <badesca.h>
+#include <random.h>
+
+#include "ikev2message.h"
+#include "ikev2const.h"
+#include "ikecalist.h"
+#include "ikecaelem.h"
+#include "ikev2trafficselector.h"
+#include "ikecrypto.h"
+#include "ikev2identity.h"
+#include "ikemsgheader.h"
+#include "ikedebug.h"
+
+static const TUint8 KMessageIdFieldOffset = 20;
+
+static const TUint KIkePayloadGenericHeaderLength = 4;
+static const TUint8 KLengthFieldOffset = 2;
+
+static const TUint32 KSha1Length = 20;
+static const TUint32 KCertReqHeaderLength = 5;
+static const TUint32 KCertHeaderLength = 5;
+static const TUint32 KSaHeaderLength = 4;
+static const TUint32 KKeHeaderLength = 8;
+static const TUint32 KNonceHeaderLength = 4;
+static const TUint32 KAuthHeaderLength = 8;
+static const TUint32 KNotifyHeaderLength = 8;
+static const TUint32 KConfigurationHeaderLength = 8;
+static const TUint32 KVendorIdHeaderLength = 4;
+static const TUint32 KDeleteHeaderLength = 8;
+static const TUint32 KEapHeaderLength = 4;
+static const TUint32 KTsHeaderLength = 8;
+static const TUint32 KEncryptedHeaderLength = 4;
+
+_LIT8(KNonEspMarker, "\0\0\0\0");
+
+CIkeV2Payload::CIkeV2Payload(TUint8 aPayloadType)
+:iPayloadType(aPayloadType)
+ {
+ }
+
+
+CIkeV2Payload::~CIkeV2Payload()
+ {
+ delete iPayloadData;
+ }
+
+TUint8 CIkeV2Payload::PayloadType() const
+ {
+ return iPayloadType;
+ }
+
+
+TUint8 CIkeV2Payload::NextPayload() const
+ {
+ __ASSERT_DEBUG(iPayloadData->Length() >= KIkePayloadGenericHeaderLength,
+ User::Invariant());
+
+ return (*iPayloadData)[0];
+ }
+
+
+void CIkeV2Payload::SetNextPayload(TUint8 aNextPayload)
+ {
+ __ASSERT_DEBUG(iPayloadData->Length() >= KIkePayloadGenericHeaderLength,
+ User::Invariant());
+
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr[0] = aNextPayload;
+ }
+
+
+TUint16 CIkeV2Payload::PayloadLength() const
+ {
+ __ASSERT_DEBUG(iPayloadData->Length() >= KIkePayloadGenericHeaderLength,
+ User::Invariant());
+
+ return BigEndian::Get16(iPayloadData->Ptr() + KLengthFieldOffset);
+ }
+
+
+void CIkeV2Payload::SetPayloadLength(TUint16 aLength)
+ {
+ __ASSERT_DEBUG(iPayloadData->Length() >= KIkePayloadGenericHeaderLength,
+ User::Invariant());
+ const TUint KLengthPosition = 2;
+
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&aLength), aLength);
+ TPtrC8 length(reinterpret_cast<TUint8*>(&aLength), sizeof(aLength));
+
+ TPtr8 lengthPtr(iPayloadData->Des().MidTPtr(KLengthPosition,
+ length.Length()));
+ lengthPtr = length;
+ }
+
+TPtrC8 CIkeV2Payload::PayloadData() const
+ {
+ return TPtrC8(*iPayloadData);
+ }
+
+
+CIkevV2CertReqPayload* CIkevV2CertReqPayload::NewL(const CIkeCaList& aCaList)
+ {
+ CIkevV2CertReqPayload* self = new (ELeave) CIkevV2CertReqPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aCaList);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+
+CIkevV2CertReqPayload::CIkevV2CertReqPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_CR)
+ {
+ }
+
+
+void CIkevV2CertReqPayload::ConstructL(const CIkeCaList& aCaList)
+ {
+ __ASSERT_DEBUG(aCaList.Count() > 0, User::Invariant());
+ TUint16 length = (aCaList.Count() * KSha1Length) + KCertReqHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TUint8 encoding = X509_CERTIFICATE_SIGN;
+ TPtrC8 encodingPtr(&encoding, sizeof(encoding));
+ payloadDataPtr.Append(encodingPtr);
+
+ for (TUint i = 0; i < aCaList.Count(); ++i)
+ {
+ payloadDataPtr.Append(aCaList[i]->KeyHash());
+ }
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2CertPayload* CIkevV2CertPayload::NewL(const TDesC8& aCertData)
+ {
+ CIkevV2CertPayload* self = new (ELeave) CIkevV2CertPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aCertData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkevV2CertPayload::CIkevV2CertPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_CERT)
+ {
+
+ }
+
+
+void CIkevV2CertPayload::ConstructL(const TDesC8& aCertData)
+ {
+ TUint16 length = aCertData.Length() + KCertHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TUint8 encoding = X509_CERTIFICATE_SIGN;
+ TPtrC8 encodingPtr(&encoding, sizeof(encoding));
+ payloadDataPtr.Append(encodingPtr);
+ payloadDataPtr.Append(aCertData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2SaPayload* CIkevV2SaPayload::NewL(const TDesC8& aSaData)
+ {
+ CIkevV2SaPayload* self = new (ELeave) CIkevV2SaPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aSaData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkevV2SaPayload::CIkevV2SaPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_SA)
+ {
+ }
+
+
+void CIkevV2SaPayload::ConstructL(const TDesC8& aSaData)
+ {
+ TUint16 length = aSaData.Length() + KSaHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ payloadDataPtr.Append(aSaData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2KePayload* CIkevV2KePayload::NewL(TUint16 aDHGroup, const TDesC8& aKeData)
+ {
+ CIkevV2KePayload* self = new (ELeave) CIkevV2KePayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aDHGroup, aKeData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkevV2KePayload::CIkevV2KePayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_KE)
+ {
+ }
+
+void CIkevV2KePayload::ConstructL(TUint16 aDHGroup, const TDesC8& aKeData)
+ {
+ static const TUint8 KReservedFieldLength = 2;
+
+ TUint16 length = aKeData.Length() + KKeHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&aDHGroup), aDHGroup);
+ TPtrC8 dhGroupPtr(reinterpret_cast<TUint8*>(&aDHGroup), sizeof(aDHGroup));
+ payloadDataPtr.Append(dhGroupPtr);
+
+ //Leave reserved bytes zero
+ payloadDataPtr.SetLength(payloadDataPtr.Length() + KReservedFieldLength);
+ TPtr8 reservedBytes = payloadDataPtr.RightTPtr(KReservedFieldLength);
+ reservedBytes.FillZ();
+
+ payloadDataPtr.Append(aKeData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2NoncePayload* CIkevV2NoncePayload::NewL(const TDesC8& aNonceData)
+ {
+ CIkevV2NoncePayload* self = new (ELeave) CIkevV2NoncePayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aNonceData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkevV2NoncePayload::CIkevV2NoncePayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_NONCE)
+ {
+ }
+
+
+void CIkevV2NoncePayload::ConstructL(const TDesC8& aNonceData)
+ {
+ TUint16 length = aNonceData.Length() + KNonceHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ payloadDataPtr.Append(aNonceData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2IdPayload::CIkevV2IdPayload(TUint8 aPayloadType)
+:CIkeV2Payload(aPayloadType)
+ {
+ }
+
+void CIkevV2IdPayload::ConstructL(const CIkeV2Identity& aIdentity)
+ {
+ TPtrC8 idPayloadData = aIdentity.PayloadData();
+ TUint32 length = idPayloadData.Length() + KIkePayloadGenericHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ payloadDataPtr.Append(idPayloadData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkevV2IdiPayload* CIkevV2IdiPayload::NewL(const CIkeV2Identity& aIdentity)
+ {
+ CIkevV2IdiPayload* self = new (ELeave) CIkevV2IdiPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aIdentity);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkevV2IdiPayload::CIkevV2IdiPayload()
+:CIkevV2IdPayload(IKEV2_PAYLOAD_ID_I)
+ {
+ }
+
+
+CIkevV2IdrPayload* CIkevV2IdrPayload::NewL(const CIkeV2Identity& aIdentity)
+ {
+ CIkevV2IdrPayload* self = new (ELeave) CIkevV2IdrPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aIdentity);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkevV2IdrPayload::CIkevV2IdrPayload()
+:CIkevV2IdPayload(IKEV2_PAYLOAD_ID_R)
+ {
+ }
+
+
+CIkeV2AuthPayload* CIkeV2AuthPayload::NewL(TUint8 aAuthMethod, const TDesC8& aAuthData)
+ {
+ CIkeV2AuthPayload* self = new (ELeave) CIkeV2AuthPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aAuthMethod, aAuthData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2AuthPayload::CIkeV2AuthPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_AUTH)
+ {
+ }
+
+
+void CIkeV2AuthPayload::ConstructL(TUint8 aAuthMethod, const TDesC8& aAuthData)
+ {
+ static const TUint8 KReservedFieldLength = 3;
+
+ TUint32 length = aAuthData.Length() + KAuthHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TPtrC8 authTypePtr(&aAuthMethod, sizeof(aAuthMethod));
+ payloadDataPtr.Append(authTypePtr);
+ //Leave reserved bytes zero
+ payloadDataPtr.SetLength(payloadDataPtr.Length() + KReservedFieldLength);
+ TPtr8 reservedField = payloadDataPtr.RightTPtr(KReservedFieldLength);
+ reservedField.FillZ();
+
+ payloadDataPtr.Append(aAuthData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2NotifyPayload* CIkeV2NotifyPayload::NewL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData)
+ {
+ CIkeV2NotifyPayload* self = new (ELeave) CIkeV2NotifyPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aProtocolId, aSpi, aNotifyType, aNotifyData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2NotifyPayload::CIkeV2NotifyPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_NOTIF)
+ {
+ }
+
+
+void CIkeV2NotifyPayload::ConstructL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData)
+ {
+ TUint32 length = aSpi.Length() + aNotifyData.Length() + KNotifyHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TPtrC8 protocolIdPtr(&aProtocolId, sizeof(aProtocolId));
+ TUint8 spiSize = aSpi.Length();
+ TPtrC8 spiSizePtr(&spiSize, sizeof(spiSize));
+
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&aNotifyType), aNotifyType);
+ TPtrC8 notifyTypePtr(reinterpret_cast<TUint8*>(&aNotifyType), sizeof(aNotifyType));
+
+
+ payloadDataPtr.Append(protocolIdPtr);
+ payloadDataPtr.Append(spiSizePtr);
+ payloadDataPtr.Append(notifyTypePtr);
+ payloadDataPtr.Append(aSpi);
+ payloadDataPtr.Append(aNotifyData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2ConfigurationPayload* CIkeV2ConfigurationPayload::NewL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData)
+ {
+ CIkeV2ConfigurationPayload* self = new (ELeave) CIkeV2ConfigurationPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aCfgType, aConfigurationData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2ConfigurationPayload::CIkeV2ConfigurationPayload()
+: CIkeV2Payload(IKEV2_PAYLOAD_CONFIG)
+ {
+ }
+
+
+void CIkeV2ConfigurationPayload::ConstructL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData)
+ {
+ static const TUint8 KReservedFieldLength = 3;
+
+ TUint32 length = aConfigurationData.Length() + KConfigurationHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TPtrC8 cfgTypePtr(reinterpret_cast<TUint8*>(&aCfgType), sizeof(aCfgType));
+ payloadDataPtr.Append(cfgTypePtr);
+
+ //Leave reserved bytes zero
+ payloadDataPtr.SetLength(payloadDataPtr.Length() + KReservedFieldLength);
+ TPtr8 reservedField = payloadDataPtr.RightTPtr(KReservedFieldLength);
+ reservedField.FillZ();
+
+ payloadDataPtr.Append(aConfigurationData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2VendorIdPayload* CIkeV2VendorIdPayload::NewL(const TDesC8& aVendorIdData)
+ {
+ CIkeV2VendorIdPayload* self = new (ELeave) CIkeV2VendorIdPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aVendorIdData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2VendorIdPayload::CIkeV2VendorIdPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_VID)
+ {
+ }
+
+
+void CIkeV2VendorIdPayload::ConstructL(const TDesC8& aVendorIdData)
+ {
+ TUint32 length = aVendorIdData.Length() + KVendorIdHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ payloadDataPtr.Append(aVendorIdData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2DeletePayload* CIkeV2DeletePayload::NewL(TUint8 aProtocolId,
+ const CDesC8Array& aSpiList)
+ {
+ CIkeV2DeletePayload* self = new (ELeave) CIkeV2DeletePayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aProtocolId, aSpiList);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2DeletePayload::CIkeV2DeletePayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_DELETE)
+ {
+ }
+
+
+void CIkeV2DeletePayload::ConstructL(TUint8 aProtocolId, const CDesC8Array& aSpiList)
+ {
+ TUint16 spiCount = aSpiList.Count();
+ TUint8 spiLength = (spiCount > 0) ? aSpiList[0].Length() : 0;
+ TUint32 length = KDeleteHeaderLength + (spiCount * spiLength);
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ TPtrC8 protocolIdPtr(&aProtocolId, sizeof(aProtocolId));
+ TPtrC8 spiLengthPtr(&spiLength, sizeof(spiLength));
+
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&spiCount), spiCount);
+ TPtrC8 spiCountPtr(reinterpret_cast<TUint8*>(&spiCount), sizeof(spiCount));
+
+ payloadDataPtr.Append(protocolIdPtr);
+ payloadDataPtr.Append(spiLengthPtr);
+ payloadDataPtr.Append(spiCountPtr);
+
+ for (TInt i = 0; i < aSpiList.Count(); ++i)
+ {
+ const TDesC8& spi = aSpiList[i];
+ __ASSERT_DEBUG(spi.Length() == spiLength, User::Invariant());
+ payloadDataPtr.Append(spi);
+ }
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2EapPayload* CIkeV2EapPayload::NewL(const TDesC8& aEapData)
+ {
+ CIkeV2EapPayload* self = new (ELeave) CIkeV2EapPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aEapData);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2EapPayload::CIkeV2EapPayload()
+:CIkeV2Payload(IKEV2_PAYLOAD_EAP)
+ {
+ }
+
+
+void CIkeV2EapPayload::ConstructL(const TDesC8& aEapData)
+ {
+ TUint32 length = aEapData.Length() + KEapHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+ SetPayloadLength(length);
+
+ payloadDataPtr.Append(aEapData);
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+
+CIkeV2TsPayload::CIkeV2TsPayload(TUint aPayloadType)
+:CIkeV2Payload(aPayloadType)
+ {
+ }
+
+
+void CIkeV2TsPayload::ConstructL(const CArrayFix<TIkeV2TrafficSelector>& aTsList)
+ {
+ //selector format:
+ // 1 2 3
+ // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! TS Type !IP Protocol ID*| Selector Length |
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // | Start Port* | End Port* |
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! !
+ // ~ Starting Address* ~
+ // ! !
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ // ! !
+ // ~ Ending Address* ~
+ // ! !
+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ const TUint16 KIpv4SelectorLength = 2*4 + 2*4; //fixed selector header + 2*IPv4 address length
+ const TUint16 KIpv6SelectorLength = 2*4 + 2*16;//fixed selector header + 2*IPv6 address length
+
+ TUint8 tsCount = aTsList.Count();
+ __ASSERT_DEBUG(tsCount > 0, User::Invariant());
+
+
+ TUint32 length = KTsHeaderLength;
+
+ TUint i;
+ for (i = 0; i < aTsList.Count(); ++i)
+ {
+ if (aTsList[i].Type() == TS_IPV4_ADDR_RANGE)
+ {
+ length += KIpv4SelectorLength; //fixed selector header + 2*IPv4 address length
+ }
+ else
+ {
+ __ASSERT_DEBUG(aTsList[i].Type() == TS_IPV6_ADDR_RANGE, User::Invariant());
+ length += KIpv6SelectorLength; //fixed selector header + 2*IPv6 address length
+ }
+ }
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+
+ const TPtrC8 tsCountPtr(&tsCount, sizeof(tsCount));
+ payloadDataPtr.Append(tsCountPtr);
+
+ _LIT(KReservedField, "\0\0\0");
+ payloadDataPtr.Append(KReservedField);
+
+ for (i = 0; i < aTsList.Count(); ++i)
+ {
+ TBuf8<KIpv6SelectorLength> selector;
+ selector.Zero();
+ const TIkeV2TrafficSelector& selectorData = aTsList[i];
+ TUint8 type = selectorData.Type();
+ selector.Append(&type, sizeof(type));
+
+ TUint8 protocol = selectorData.ProtocolId();
+ selector.Append(&protocol, sizeof(protocol));
+
+ TUint16 selectorLength = 0;
+ if (selectorData.Type() == TS_IPV4_ADDR_RANGE)
+ {
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&selectorLength), KIpv4SelectorLength);
+ }
+ else
+ {
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&selectorLength), KIpv6SelectorLength);
+ }
+ selector.Append(reinterpret_cast<TUint8*>(&selectorLength), sizeof(selectorLength));
+
+ TInetAddr startAddress = selectorData.StartingAddress();
+ TInetAddr endAddress = selectorData.EndingAddress();
+
+ TUint16 startPort = startAddress.Port();
+ TUint16 endPort = endAddress.Port();
+
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&startPort), startPort);
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&endPort), endPort);
+
+ selector.Append(reinterpret_cast<TUint8*>(&startPort), sizeof(startPort));
+ selector.Append(reinterpret_cast<TUint8*>(&endPort), sizeof(endPort));
+
+ if (selectorData.Type() == TS_IPV4_ADDR_RANGE)
+ {
+ TUint32 start = 0;
+ TUint32 end = 0;
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&start), startAddress.Address());
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&end), endAddress.Address());
+
+ selector.Append(reinterpret_cast<TUint8*>(&start), sizeof(start));
+ selector.Append(reinterpret_cast<TUint8*>(&end), sizeof(end));
+ }
+ else
+ {
+ TPtrC8 start(&startAddress.Ip6Address().u.iAddr8[0], 16);
+ TPtrC8 end(&endAddress.Ip6Address().u.iAddr8[0], 16);
+ selector.Append(start);
+ selector.Append(end);
+ }
+ payloadDataPtr.Append(selector);
+ }
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+
+CIkeV2TsiPayload* CIkeV2TsiPayload::NewL(const CArrayFix<TIkeV2TrafficSelector>& aTsList)
+ {
+ CIkeV2TsiPayload* self = new (ELeave) CIkeV2TsiPayload();
+ CleanupStack::PushL(self);
+ self->ConstructL(aTsList);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2TsiPayload::CIkeV2TsiPayload()
+:CIkeV2TsPayload(IKEV2_PAYLOAD_TS_I)
+ {
+
+ }
+
+
+CIkeV2TsrPayload* CIkeV2TsrPayload::NewL(const CArrayFix<TIkeV2TrafficSelector>& aTsList)
+ {
+ CIkeV2TsrPayload* self = new (ELeave) CIkeV2TsrPayload();
+ CleanupStack::PushL(self);
+ self->ConstructL(aTsList);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2TsrPayload::CIkeV2TsrPayload()
+:CIkeV2TsPayload(IKEV2_PAYLOAD_TS_R)
+ {
+ }
+
+
+CIkeV2EncryptedPayload* CIkeV2EncryptedPayload::NewL(TUint aBlockSize)
+ {
+ CIkeV2EncryptedPayload* self = new (ELeave) CIkeV2EncryptedPayload;
+ CleanupStack::PushL(self);
+ self->ConstructL(aBlockSize);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2EncryptedPayload::CIkeV2EncryptedPayload()
+:CIkeV2TsPayload(IKEV2_PAYLOAD_ENCR)
+ {
+ }
+
+
+void CIkeV2EncryptedPayload::ConstructL(TUint aBlockSize)
+ {
+ TUint32 length = aBlockSize + KEncryptedHeaderLength;
+
+ iPayloadData = HBufC8::NewL(length);
+ TPtr8 payloadDataPtr(iPayloadData->Des());
+ payloadDataPtr.SetLength(KIkePayloadGenericHeaderLength);
+ payloadDataPtr.FillZ();
+
+ SetPayloadLength(length);
+ payloadDataPtr.SetLength(length);
+
+ TPtr8 Iv = payloadDataPtr.MidTPtr(KEncryptedHeaderLength);
+ Iv.SetLength(aBlockSize);
+ TRandom::RandomL(Iv);
+
+ iBlockSize = aBlockSize;
+
+ __ASSERT_DEBUG(PayloadLength() == iPayloadData->Length(), User::Invariant());
+ }
+
+TUint CIkeV2EncryptedPayload::BlockSize() const
+ {
+ return iBlockSize;
+ }
+
+TPtrC8 CIkeV2EncryptedPayload::InitializationVector() const
+ {
+ return iPayloadData->Right(iBlockSize);
+ }
+
+void CIkeV2EncryptedPayload::SetContentLength(TUint16 aLength)
+ {
+ //Set the payload length to be: header + Iv + content
+ SetPayloadLength(aLength + iPayloadData->Length());
+ }
+
+static const TUint KDefaultMessageSize = 4096;
+static const TUint32 KIkeV2MsgHeaderLength = 28;
+static const TUint8 KIkeV2Version = 2 << 4;
+
+CIkeV2Message* CIkeV2Message::NewL(const TDesC8& aInitiatorSpi,
+ const TDesC8& aResponderSpi,
+ TUint8 aExchangeType,
+ TBool aIntiator,
+ TBool aResponse,
+ TUint32 aMessageId,
+ MIkeDebug& aDebug)
+ {
+ CIkeV2Message* self = new (ELeave)CIkeV2Message(aDebug);
+ CleanupStack::PushL(self);
+ self->ConstructL(aInitiatorSpi,
+ aResponderSpi,
+ aExchangeType,
+ aIntiator,
+ aResponse,
+ aMessageId);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkeV2Message::CIkeV2Message(MIkeDebug& aDebug)
+:iDebug(aDebug), iModified(ETrue)
+ {
+ }
+
+
+void CIkeV2Message::ConstructL(const TDesC8& aInitiatorSpi,
+ const TDesC8& aResponderSpi,
+ TUint8 aExchangeType,
+ TBool aIntiator,
+ TBool aResponse,
+ TUint32 aMessageId)
+ {
+ __ASSERT_DEBUG(aInitiatorSpi.Length() == 8, User::Invariant());
+ __ASSERT_DEBUG(aResponderSpi.Length() == 8, User::Invariant());
+
+ iIkeV2MessageHeader = HBufC8::NewL(KDefaultMessageSize);
+ TPtr8 messageDataPtr = iIkeV2MessageHeader->Des();
+
+
+ const TPtrC8 versionPtr(&KIkeV2Version, sizeof(TUint8));
+ const TPtrC8 exchangeTypePtr(&aExchangeType, sizeof(TUint8));
+
+ TUint8 flags = (aIntiator) ? IKEV2_INITIATOR : 0;
+ flags |= (aResponse) ? IKEV2_RESPONSE_MSG : 0;
+
+
+ const TPtrC8 flagsPtr(&flags, sizeof(flags));
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&aMessageId), aMessageId);
+ const TPtrC8 messageIdPtr(reinterpret_cast<TUint8*>(&aMessageId), sizeof(TUint32));
+
+ TUint32 length;
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&length), KIkeV2MsgHeaderLength);
+ const TPtrC8 lengthPtr(reinterpret_cast<TUint8*>(&length), sizeof(TUint32));
+
+ //Add SPIs
+ messageDataPtr.Append(aInitiatorSpi);
+ messageDataPtr.Append(aResponderSpi);
+
+ //Left next payload as zero
+ TUint8 nextPayload = 0;
+ TPtrC8 nextPayloadPtr(&nextPayload, sizeof(nextPayload));
+ messageDataPtr.Append(nextPayloadPtr);
+
+ messageDataPtr.Append(versionPtr);
+ messageDataPtr.Append(exchangeTypePtr);
+ messageDataPtr.Append(flagsPtr);
+ messageDataPtr.Append(messageIdPtr);
+ messageDataPtr.Append(lengthPtr);
+
+ __ASSERT_DEBUG(iIkeV2MessageHeader->Length() == KIkeV2MsgHeaderLength, User::Invariant());
+ }
+
+
+CIkeV2Message::~CIkeV2Message()
+ {
+ delete iIkeV2Datagram;
+ delete iIkeV2MessageHeader;
+ iPayloads.ResetAndDestroy();
+ iPayloads.Close();
+ }
+
+
+TPtrC8 CIkeV2Message::InitiatorSpi()const
+ {
+ TUint KInitiatorSpiPosition = 0;
+ TUint KSpiLength = 8;
+
+ return iIkeV2MessageHeader->Mid(KInitiatorSpiPosition, KSpiLength);
+ }
+
+
+TPtrC8 CIkeV2Message::ResponderSpi() const
+ {
+ TUint KResponderSpiPosition = 8;
+ TUint KSpiLength = 8;
+
+ return iIkeV2MessageHeader->Mid(KResponderSpiPosition, KSpiLength);
+ }
+
+
+TUint8 CIkeV2Message::Flags() const
+ {
+ TUint KFlagsPosition = 19;
+ return (*iIkeV2MessageHeader)[KFlagsPosition];
+ }
+
+
+TUint32 CIkeV2Message::MessageId() const
+ {
+ __ASSERT_DEBUG(iIkeV2MessageHeader->Length() >= KIkeV2MsgHeaderLength, User::Invariant());
+ const TUint8* messageIdPtr = iIkeV2MessageHeader->Ptr() + KMessageIdFieldOffset;
+ return BigEndian::Get32(messageIdPtr);
+
+ }
+
+
+void CIkeV2Message::AppendCertReqPayloadL(const CIkeCaList& aCaList)
+ {
+ __ASSERT_DEBUG(aCaList.Count() > 0, User::Invariant());
+
+ CIkevV2CertReqPayload* certReqPayload = CIkevV2CertReqPayload::NewL(aCaList);
+ AppendPayloadL(certReqPayload);
+ }
+
+
+void CIkeV2Message::AppendCertPayloadL(const TDesC8& aCertificateData)
+ {
+ CIkevV2CertPayload* certPayload = CIkevV2CertPayload::NewL(aCertificateData);
+ AppendPayloadL(certPayload);
+ }
+
+
+void CIkeV2Message::AppendSaPayloadL(const TDesC8& aSaData)
+ {
+ CIkevV2SaPayload* saPayload = CIkevV2SaPayload::NewL(aSaData);
+ AppendPayloadL(saPayload);
+ }
+
+
+void CIkeV2Message::AppendKePayloadL(TUint16 aDHGroup, const TDesC8& aKeData)
+ {
+ CIkevV2KePayload* kePayload = CIkevV2KePayload::NewL(aDHGroup, aKeData);
+ AppendPayloadL(kePayload);
+ }
+
+
+void CIkeV2Message::AppendNoncePayloadL(const TDesC8& aNonceData)
+ {
+ CIkevV2NoncePayload* noncePayload = CIkevV2NoncePayload::NewL(aNonceData);
+ AppendPayloadL(noncePayload);
+ }
+
+
+void CIkeV2Message::AppendIdiPayloadL(const CIkeV2Identity& aIdentity)
+ {
+ CIkevV2IdiPayload* idiPayload = CIkevV2IdiPayload::NewL(aIdentity);
+ AppendPayloadL(idiPayload);
+ }
+
+
+void CIkeV2Message::AppendIdrPayloadL(const CIkeV2Identity& aIdentity)
+ {
+ CIkevV2IdrPayload* idrPayload = CIkevV2IdrPayload::NewL(aIdentity);
+ AppendPayloadL(idrPayload);
+ }
+
+void CIkeV2Message::AppendAuthPayloadL(TUint8 aAuthMethod, const TDesC8& aAuthData)
+ {
+ CIkeV2AuthPayload* authPayload = CIkeV2AuthPayload::NewL(aAuthMethod, aAuthData);
+ AppendPayloadL(authPayload);
+ }
+
+
+void CIkeV2Message::AppendNotifyPayloadL(TUint8 aProtocolId,
+ const TDesC8& aSpi,
+ TUint16 aNotifyType,
+ const TDesC8& aNotifyData)
+ {
+ CIkeV2NotifyPayload* notifyPayload = CIkeV2NotifyPayload::NewL(aProtocolId, aSpi,
+ aNotifyType, aNotifyData);
+ AppendPayloadL(notifyPayload);
+ }
+
+void CIkeV2Message::PrependCookieNotifyPayloadL(const TDesC8& aCookieData)
+ {
+ _LIT8(KZeroDesc, "");
+ CIkeV2NotifyPayload* notifyPayload = CIkeV2NotifyPayload::NewL(0, KZeroDesc,
+ COOKIE, aCookieData);
+
+ delete iIkeV2Datagram;
+ iIkeV2Datagram = NULL;
+ iModified = ETrue;
+
+ if (iPayloads.Count() > 0)
+ {
+ notifyPayload->SetNextPayload(iPayloads[0]->PayloadType());
+ }
+
+ TInt err = iPayloads.Insert(notifyPayload, 0);
+ if (err != KErrNone)
+ {
+ delete notifyPayload;
+ User::Leave(err);
+ }
+
+ SetNextPayload(notifyPayload->PayloadType());
+ }
+
+
+void CIkeV2Message::AppendConfigurationPayloadL(TUint8 aCfgType,
+ const TDesC8& aConfigurationData)
+ {
+ CIkeV2ConfigurationPayload* configPayload =
+ CIkeV2ConfigurationPayload::NewL(aCfgType, aConfigurationData);
+ AppendPayloadL(configPayload);
+ }
+
+
+void CIkeV2Message::AppendVendorIdPayloadL(const TDesC8& aVendorIdData)
+ {
+ CIkeV2VendorIdPayload* vendorIdPayload = CIkeV2VendorIdPayload::NewL(aVendorIdData);
+ AppendPayloadL(vendorIdPayload);
+ }
+
+void CIkeV2Message::AppendDeletePayloadL(TUint8 aProtocolId, const CDesC8Array& aSpiList)
+ {
+ CIkeV2DeletePayload* deletePayload = CIkeV2DeletePayload::NewL(aProtocolId, aSpiList);
+ AppendPayloadL(deletePayload);
+ }
+
+
+void CIkeV2Message::AppendEapPayloadL(const TDesC8& aEapData)
+ {
+ CIkeV2EapPayload* eapPayload = CIkeV2EapPayload::NewL(aEapData);
+ AppendPayloadL(eapPayload);
+ }
+
+
+void CIkeV2Message::AppendTsiPayloadL(const CArrayFix<TIkeV2TrafficSelector>& aTsList)
+ {
+ CIkeV2TsiPayload* tsPayload = CIkeV2TsiPayload::NewL(aTsList);
+ AppendPayloadL(tsPayload);
+ }
+
+
+void CIkeV2Message::AppendTsrPayloadL(const CArrayFix<TIkeV2TrafficSelector>& aTsList)
+ {
+ CIkeV2TsrPayload* tsPayload = CIkeV2TsrPayload::NewL(aTsList);
+ AppendPayloadL(tsPayload);
+ }
+
+
+void CIkeV2Message::AppendEncryptedPayloadL(TUint aBlockSize)
+ {
+ __ASSERT_DEBUG(iPayloads.Count() == 0, User::Invariant());
+ CIkeV2EncryptedPayload* encryptedPayload = CIkeV2EncryptedPayload::NewL(aBlockSize);
+ AppendPayloadL(encryptedPayload);
+ }
+
+void CIkeV2Message::PrepareIkeMessageDatagramL(TUint16 aEncryptionAlgorith,
+ const TDesC8& aEncryptionKey,
+ TUint16 aIntegrityAlgorithm,
+ const TDesC8& aIntegrityKey,
+#ifdef _DEBUG
+ const TInetAddr& aSourceAddress,
+#else
+ const TInetAddr& /*aSourceAddress*/,
+#endif
+ const TInetAddr& aDestinationAddress)
+ {
+ __ASSERT_DEBUG(iPayloads.Count() > 0, User::Invariant());
+
+ if (iModified)
+ {
+ __ASSERT_DEBUG(iIkeV2Datagram == NULL, User::Invariant());
+
+ if (iPayloads[0]->PayloadType() == IKEV2_PAYLOAD_ENCR)
+ {
+ //Datagram is should be encrypted
+ //Calculate the length of the padding
+ CIkeV2EncryptedPayload* encryptedPayload = static_cast<CIkeV2EncryptedPayload*>(iPayloads[0]);
+ TUint encryptedDataLength = 0;
+ for(TInt i = 1; i < iPayloads.Count(); ++i)
+ {
+ encryptedDataLength += iPayloads[i]->PayloadLength();
+ }
+
+ //If the data length is multiple of the blocksize, we add full block length
+ //of padding. Otherwise we just add padding enough to fill the block.
+ TUint8 paddingLength = encryptedPayload->BlockSize() -
+ encryptedDataLength % encryptedPayload->BlockSize();
+ //The last octet of the padding tells the length of the padding.
+ //we just use that value to fill the entire padding.
+ TInt integrityCheckSumLength = 0;
+ IkeCrypto::AlgorithmInfo(IKEV2_INTEG, aIntegrityAlgorithm, &integrityCheckSumLength);
+
+
+ //The length of the whole datagram:
+ TUint32 datagramLength = iIkeV2MessageHeader->Length() +
+ encryptedPayload->PayloadLength() +
+ encryptedDataLength +
+ paddingLength +
+ integrityCheckSumLength;
+
+ //Update header fields
+ SetLength(datagramLength);
+ encryptedPayload->SetContentLength((TUint16)(encryptedDataLength +
+ paddingLength +
+ integrityCheckSumLength));
+
+ //Allocate buffer, which has space for the whole datagram. (+ Non ESP marker)
+ HBufC8* datagram = HBufC8::NewLC(datagramLength + KNonEspMarker().Length());
+ TPtr8 datagramPtr = datagram->Des();
+
+ datagramPtr = *iIkeV2MessageHeader;
+ datagramPtr.Append(encryptedPayload->PayloadData());
+
+ //buffer for data, which is encrypted
+ HBufC8* encryptionSource = HBufC8::NewLC(encryptedDataLength +
+ paddingLength);
+ TPtr8 encryptionSourcePtr = encryptionSource->Des();
+
+ for (TInt i = 1; i < iPayloads.Count(); ++i)
+ {
+ const CIkeV2Payload* pl = iPayloads[i];
+ __ASSERT_DEBUG(pl->PayloadData().Length() == pl->PayloadLength(), User::Invariant());
+
+ encryptionSourcePtr.Append(pl->PayloadData());
+ datagramPtr.Append(pl->PayloadData()); //This is because we want to trace the datagram
+ }
+
+
+ //Last byte of the padding has to be the length of the padding.
+ //We fillup the whole padding with this same number
+ TUint8 paddingValue = paddingLength - 1;
+ for (TInt i = 0; i < paddingLength; ++i)
+ {
+ encryptionSourcePtr.Append(&paddingValue, 1);
+ datagramPtr.Append(&paddingValue, 1);
+ }
+
+
+ datagramPtr.SetLength(datagram->Length() + integrityCheckSumLength);
+ TRACE_MSG(*datagram, aSourceAddress, aDestinationAddress,
+ (CIkePcapTrace::TEncryptionType)aEncryptionAlgorith);
+ datagramPtr.SetLength(datagram->Length() - integrityCheckSumLength);
+
+ //Extracts the data, which is encrypted.
+ //(Excludes IKE hdr, Encrypted payload hdr and Iv)
+ TPtr8 encryptionBuffer = datagramPtr.MidTPtr(iIkeV2MessageHeader->Length() +
+ KEncryptedHeaderLength +
+ encryptedPayload->BlockSize());
+ __ASSERT_DEBUG(encryptionBuffer.Length() == encryptionSource->Length(), User::Invariant());
+ encryptionBuffer.SetLength(0);
+ IkeCrypto::EncryptL(*encryptionSource, encryptionBuffer,
+ encryptedPayload->InitializationVector(),
+ aEncryptionKey, aEncryptionAlgorith);
+
+ CleanupStack::PopAndDestroy(encryptionSource);
+
+ //Extracts the space for the checksum from the end of the buffer
+ TUint lengthWithoutItegrityCheckSum = datagramPtr.Length();
+ datagramPtr.SetLength(lengthWithoutItegrityCheckSum + integrityCheckSumLength);
+ TPtr8 checksum = datagramPtr.MidTPtr(lengthWithoutItegrityCheckSum);
+
+ //Extracts the source for the integrity checksum calculation
+ TPtrC8 integrityCheckSumSource = datagram->Left(lengthWithoutItegrityCheckSum);
+ IkeCrypto::IntegHMACL(integrityCheckSumSource, checksum, aIntegrityKey, aIntegrityAlgorithm);
+
+ CleanupStack::Pop(datagram);
+ iIkeV2Datagram = datagram;
+ }
+ else
+ {
+ //calculate the length of unencrypted datagram
+ TUint datagramLength = iIkeV2MessageHeader->Length();
+ for (TInt i = 0; i < iPayloads.Count(); ++i)
+ {
+ datagramLength += iPayloads[i]->PayloadLength();
+ }
+ SetLength(datagramLength);
+
+ iIkeV2Datagram = HBufC8::NewL(datagramLength + KNonEspMarker().Length());
+ TPtr8 ikeV2DatargramPtr = iIkeV2Datagram->Des();
+ ikeV2DatargramPtr.Append(*iIkeV2MessageHeader);
+
+ for (TInt i = 0; i < iPayloads.Count(); ++i)
+ {
+ ikeV2DatargramPtr.Append(iPayloads[i]->PayloadData());
+ }
+ TRACE_MSG(*iIkeV2Datagram, aSourceAddress, aDestinationAddress,
+ (CIkePcapTrace::TEncryptionType)aEncryptionAlgorith);
+
+ }
+
+ if (aDestinationAddress.Port() == FLOATED_IKE_PORT)
+ {
+ //insert non esp marker
+ iIkeV2Datagram->Des().Insert(0, KNonEspMarker);
+ }
+ iModified = EFalse;
+ }
+
+ __ASSERT_DEBUG(!iModified && iIkeV2Datagram != NULL, User::Invariant());
+ }
+
+
+TPtrC8 CIkeV2Message::IkeMessageDatagram() const
+ {
+ __ASSERT_DEBUG(!iModified && iIkeV2Datagram != NULL, User::Invariant());
+ return *iIkeV2Datagram;
+ }
+
+
+void CIkeV2Message::AppendPayloadL(CIkeV2Payload* aPayload)
+ {
+ TInt err = iPayloads.Append(aPayload);
+ if (err != KErrNone)
+ {
+ delete aPayload;
+ User::Leave(err);
+ }
+
+ if (iPayloads.Count() > 1)
+ {
+ iPayloads[iPayloads.Count() - 2]->SetNextPayload(aPayload->PayloadType());
+ }
+ else
+ {
+ SetNextPayload(aPayload->PayloadType());
+ }
+
+ delete iIkeV2Datagram;
+ iIkeV2Datagram = NULL;
+ iModified = ETrue;
+ }
+
+void CIkeV2Message::SetLength(TUint32 aDatagramLength)
+ {
+ static const TUint KLengthFieldPosition = 6*4;
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&aDatagramLength), aDatagramLength);
+ TPtr8 lengthField = iIkeV2MessageHeader->Des().MidTPtr(KLengthFieldPosition, sizeof(aDatagramLength));
+ lengthField = TPtrC8(reinterpret_cast<TUint8*>(&aDatagramLength), sizeof(aDatagramLength));
+ }
+
+
+void CIkeV2Message::SetNextPayload(TUint8 aNextPayload)
+ {
+ const TUint KNextPayloadPosition = 16;
+ TPtr8 ikeHeaderPtr = iIkeV2MessageHeader->Des();
+ ikeHeaderPtr[KNextPayloadPosition] = aNextPayload;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2messagesendqueue.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,236 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 IKE message send que.
+*
+*/
+
+#include "ikev2messagesendqueue.h"
+#include "ikemsgheader.h"
+#include "ikedebug.h"
+
+_LIT8(KKeepaliveData, 0xff);
+
+CIkev2MessageSendQueue* CIkev2MessageSendQueue::NewL(MIkeDataInterface& aDataInterface,
+ const TInetAddr& aDestinationAddress,
+ TUint8 aDscp,
+ TUint aNatKeepAliveInterval,
+ MIkeDebug& aDebug)
+ {
+ CIkev2MessageSendQueue* self = new (ELeave) CIkev2MessageSendQueue(aDataInterface,
+ aDestinationAddress,
+ aDscp,
+ aNatKeepAliveInterval,
+ aDebug);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkev2MessageSendQueue::CIkev2MessageSendQueue(MIkeDataInterface& aDataInterface,
+ const TInetAddr& aDestinationAddress,
+ TUint8 aDscp,
+ TUint aNatKeepAliveInterval,
+ MIkeDebug& aDebug)
+:CActive(EPriorityStandard),
+ iDataInterface(aDataInterface),
+ iNatKeepAliveInterval(aNatKeepAliveInterval),
+ iDestinationAddress(aDestinationAddress),
+ iDscp(aDscp),
+ iDebug(aDebug)
+ {
+ CActiveScheduler::Add(this);
+
+ if (iNatKeepAliveInterval == 0)
+ {
+ iNatKeepAliveInterval = 120;
+ }
+ }
+
+
+void CIkev2MessageSendQueue::ConstructL()
+ {
+ iSender = CIkev2Sender::NewL( iDataInterface,
+ *this);
+ User::LeaveIfError(iNatKeepaliveTimer.CreateLocal());
+ }
+
+
+CIkev2MessageSendQueue::~CIkev2MessageSendQueue()
+ {
+ Cancel();
+ iNatKeepaliveTimer.Close();
+ iSasBehindNat.Close();
+ delete iSender;
+ iIkeMsgSendBuffer.Reset();
+ iIkeMsgSendBuffer.Close();
+ }
+
+void CIkev2MessageSendQueue::SendIkeMessageL(const TPtrC8 aIkeMsg,
+ TBool aFloatedPort)
+ {
+ Cancel();
+ if (!iSender->IsActive())
+ {
+ iIkeMsgInSending.Set(aIkeMsg);
+ TUint port = (aFloatedPort) ? FLOATED_IKE_PORT : IKE_PORT;
+
+#ifdef _DEBUG
+ TBuf<80> destAddr;
+ iDestinationAddress.Output(destAddr);
+ DEBUG_LOG3(_L("No sending active. Message sent immediately to %S:%d DSCP=%d."), &destAddr, port, iDscp);
+#endif //_DEBUG
+ iDestinationAddress.SetPort(port);
+ iSender->SendIkeMsg(port, iDestinationAddress, iDscp, iIkeMsgInSending);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Sending in progress, message added to send queue."));
+ TIkeMsgWaitQueueObject waitObject = { aIkeMsg, aFloatedPort };
+ User::LeaveIfError(iIkeMsgSendBuffer.Append(waitObject));
+ }
+ }
+
+
+void CIkev2MessageSendQueue::CancelSend(const TPtrC8& aIkeMsg)
+ {
+ DEBUG_LOG(_L("Sending of one datagram canceled."));
+ if (aIkeMsg.Ptr() == iIkeMsgInSending.Ptr())
+ {
+ __ASSERT_DEBUG(iSender->IsActive(), User::Invariant());
+ //The NAT keepalive timer should not be active, because sending
+ //is in progress.
+ __ASSERT_DEBUG(!IsActive(), User::Invariant());
+ iSender->Cancel();
+ iIkeMsgInSending.Set(NULL, 0);
+ // Send next message from queue.
+ SendIkeMsgCompleted( KErrCancel );
+ }
+ else
+ {
+ for (TUint i = 0; i < iIkeMsgSendBuffer.Count(); ++i)
+ {
+ if (iIkeMsgSendBuffer[i].iIkeMsg.Ptr() == aIkeMsg.Ptr())
+ {
+ iIkeMsgSendBuffer.Remove(i);
+ break;
+ }
+ }
+ }
+ }
+
+void CIkev2MessageSendQueue::SendIkeMsgCompleted( TInt /*aStatus*/ )
+ {
+ DEBUG_LOG(_L("Ike message send complete."));
+ iIkeMsgInSending.Set(NULL, 0);
+
+ if (iIkeMsgSendBuffer.Count() > 0)
+ {
+ TIkeMsgWaitQueueObject& waitObject = iIkeMsgSendBuffer[0];
+ TUint port = (waitObject.iFloatedPort) ? FLOATED_IKE_PORT : 500;
+ iSender->SendIkeMsg(port, iDestinationAddress, iDscp, waitObject.iIkeMsg);
+ iIkeMsgSendBuffer.Remove(0);
+ iIkeMsgInSending.Set(waitObject.iIkeMsg);
+ }
+ else if (iSasBehindNat.Count() > 0 && iNatKeepAliveInterval > 0)
+ {
+ ArmKeepaliveTimer();
+ }
+ }
+
+
+void CIkev2MessageSendQueue::CancelAll()
+ {
+ iSender->Cancel();
+ iIkeMsgSendBuffer.Reset();
+ }
+
+
+void CIkev2MessageSendQueue::NewSaBehindNatL(TUint aSaId)
+ {
+ DEBUG_LOG1(_L("CIkev2MessageSendQueue::NewSaBehindNatL: SaId=%d"), aSaId);
+ __ASSERT_DEBUG(iSasBehindNat.Find(aSaId) == KErrNotFound, User::Invariant());
+ User::LeaveIfError(iSasBehindNat.Append(aSaId));
+ if (!iSender->IsActive() && iNatKeepAliveInterval > 0)
+ {
+ //No sending acticve arm the nat keepalive timer.
+ ArmKeepaliveTimer();
+ }
+ }
+
+
+void CIkev2MessageSendQueue::SaBehindNatDeleted(TUint aSaId)
+ {
+ DEBUG_LOG1(_L("CIkev2MessageSendQueue::SaBehindNatDeleted: SaId=%d"), aSaId);
+ TInt index = iSasBehindNat.Find(aSaId);
+ __ASSERT_DEBUG(index >= 0, User::Invariant());
+ iSasBehindNat.Remove(index);
+ if (iSasBehindNat.Count() == 0)
+ {
+ //Cancel keepalive timer
+ Cancel();
+ }
+ }
+
+void CIkev2MessageSendQueue::RunL()
+ {
+ //Send the NAT keepalive
+
+ __ASSERT_DEBUG(!iSender->IsActive(), User::Invariant());
+ __ASSERT_DEBUG(iSasBehindNat.Count() > 0 && iNatKeepAliveInterval > 0, User::Invariant());
+
+ if (iRemainingTime == 0)
+ {
+ DEBUG_LOG(_L("Sending NAT keepalive"));
+ iSender->SendIkeMsg(FLOATED_IKE_PORT, iDestinationAddress, iDscp, KKeepaliveData);
+ }
+ else if (iRemainingTime > KMaxTInt/1000000)
+ {
+ iRemainingTime -= KMaxTInt/1000000;
+ iNatKeepaliveTimer.After(iStatus, KMaxTInt);
+ SetActive();
+ }
+ else
+ {
+ iNatKeepaliveTimer.After(iStatus, iRemainingTime*1000000);
+ iRemainingTime = 0;
+ SetActive();
+ }
+ }
+
+void CIkev2MessageSendQueue::DoCancel()
+ {
+ iNatKeepaliveTimer.Cancel();
+ iRemainingTime = 0;
+ DEBUG_LOG(_L("Keepalive timer canceled"));
+ }
+
+void CIkev2MessageSendQueue::ArmKeepaliveTimer()
+ {
+ DEBUG_LOG(_L("CIkev2MessageSendQueue::ArmKeepaliveTimer"));
+ //Arm NAT keepalive timer.
+ if (iNatKeepAliveInterval > KMaxTInt/1000000 )
+ {
+ iRemainingTime = iNatKeepAliveInterval - KMaxTInt/1000000;
+ iNatKeepaliveTimer.After(iStatus, KMaxTInt);
+ }
+ else
+ {
+ iRemainingTime = 0;
+ iNatKeepaliveTimer.After(iStatus, iNatKeepAliveInterval * 1000000);
+ }
+ SetActive();
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2mobike.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,227 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Mobility and Multihoming Protocol.
+*
+*/
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include "ikedebug.h"
+#include "ikev2mobike.h"
+#include "ikev2SAdata.h"
+#include "ikemsgrec.h"
+#include "ikev2payloads.h"
+#include "ikev2const.h"
+#include "ikev2Negotiation.h"
+#include "ikev2plugin.h"
+#include "ikev2natt.h"
+#include "ikev2proposal.h"
+#include "ikev2pluginsession.h"
+
+_LIT8(KZeroDesc, "");
+
+TBool Ikev2MobIke::ProcessNotifysL(CIkev2Negotiation* aNegotiation,
+ const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys,
+ TBool aRequest, TInt aExchange)
+{
+ __ASSERT_DEBUG(aNegotiation, User::Invariant());
+ if ( !aNegotiation->iHdr.iIkeData->iUseMobIke )
+ {
+ return EFalse;
+ }
+
+ TInt MsgType;
+ TNotifPayloadIkev2* Payload;
+ TPtrC8 Cookie2(NULL,0);
+ TBool NatDetection = EFalse;
+ TBool Status = EFalse;
+ TInt Count = aNotifys.Count();
+ TInt i = 0;
+
+ while ( i < Count )
+ {
+
+ Payload = aNotifys.At(i);
+ MsgType = (TInt)Payload->GetMsgType();
+ //
+ // Process possible MOBIKE Notify messages
+ //
+ switch ( MsgType )
+ {
+
+ case MOBIKE_SUPPORTED:
+ //
+ // Remote end supports MOBIKE protocol
+ //
+ aNegotiation->iHdr.iMobikeUsed = ETrue;
+ aNegotiation->iHdr.iFloatedPort = ETrue; // Floated port used for now
+ aNegotiation->iHdr.iDestinAddr.SetPort(FLOATED_IKE_PORT);
+ break;
+
+ case ADDITIONAL_IPV4_ADDRESS:
+ case ADDITIONAL_IPV6_ADDRESS:
+ //
+ // Additional IP addresses Notify
+ //
+ if ( aNegotiation->iHdr.iMobikeUsed && (aExchange == INFORMATIONAL) )
+ {
+ Status = ETrue;
+ }
+ break;
+
+ case UPDATE_SA_ADDRESS:
+ //
+ // Peer informs about the IP address change
+ //
+ if ( aNegotiation->iHdr.iMobikeUsed && aRequest && (aExchange == INFORMATIONAL) )
+ {
+ aNegotiation->iIkeV2PlugInSession.RemoteAddrChanged(&aNegotiation->iHdr, aNegotiation->iHdr.iDestinAddr);
+ Status = ETrue;
+ }
+ break;
+
+ case COOKIE2:
+ //
+ // Peer informs about the IP address change
+ //
+ if ( aNegotiation->iHdr.iMobikeUsed && aRequest && (aExchange == INFORMATIONAL) )
+ {
+ Cookie2.Set(Payload->NotifData(), Payload->NotifDataLength());
+ Status = ETrue;
+ }
+ break;
+
+ case NAT_PREVENTION:
+ //
+ // NAT Prevention Notify
+ //
+ if ( aNegotiation->iHdr.iMobikeUsed )
+ {
+ if ( aExchange == INFORMATIONAL )
+ Status = ETrue;
+ }
+ break;
+
+ case UNACCPETABLE_ADDRESSES:
+ case NAT_PREVENTED:
+ if ( aNegotiation->iHdr.iMobikeUsed )
+ {
+ if ( aExchange == INFORMATIONAL )
+ Status = ETrue;
+ }
+ break;
+
+ case NAT_DETECTION_SOURCE_IP:
+ case NAT_DETECTION_DESTINATION_IP:
+ if ( aNegotiation->iHdr.iMobikeUsed && (aExchange == INFORMATIONAL))
+ {
+ NatDetection = ETrue;
+ Status = ETrue;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ i ++;
+ }
+
+ if ( Status && aRequest && (aExchange == INFORMATIONAL) )
+ {
+ //
+ // Build informational response to MOBIKE request
+ //
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(aNegotiation->iHdr.SpiI(),
+ aNegotiation->iHdr.SpiR(),
+ INFORMATIONAL,
+ aNegotiation->iHdr.iInitiator,
+ ETrue,
+ aNegotiation->iHdr.ExpectedRequestId(),
+ aNegotiation->iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(aNegotiation->iHdr.iCipherBlkLth);
+
+ if ( Cookie2.Ptr() )
+ {
+ //
+ // Peer is using COOKIE2. Return COOKIE2 payload data as such
+ //
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, COOKIE, Cookie2);
+ }
+ if ( NatDetection )
+ {
+ //
+ // Peer is using NAT_DETECTION_*_IP payloads. Build corresponding response
+ //
+ TBool NatDetectOk;
+ TInetAddr DummyIp;
+ DummyIp.SetAddress(KInetAddrNone); // 0.0.0.0
+ TUint32 NATFlags = CIkev2NatT::CheckPeerNotifysL(aNotifys, DummyIp, aNegotiation->iHdr.iDestinAddr, FLOATED_IKE_PORT,
+ ikeMsg->InitiatorSpi(), ikeMsg->ResponderSpi(),
+ NatDetectOk);
+ if ( NatDetectOk )
+ {
+ aNegotiation->iHdr.iNATFlags = NATFlags;
+ aNegotiation->GetNatStatus(NatDetectOk, aNegotiation->iHdr.iDestinAddr);
+ }
+ CIkev2NatT* NatNotify = CIkev2NatT::NewL(DummyIp, aNegotiation->iHdr.iDestinAddr,
+ FLOATED_IKE_PORT,
+ ikeMsg->InitiatorSpi(), ikeMsg->ResponderSpi());
+ CleanupStack::PushL(NatNotify);
+
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_SOURCE_IP,
+ NatNotify->SourceNofify());
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_DESTINATION_IP,
+ NatNotify->DestinNofify());
+
+ CleanupStack::PopAndDestroy(NatNotify);
+ }
+
+ aNegotiation->SendIkeMsgL(ikeMsg);
+ aNegotiation->iIkeV2PlugInSession.UpdateIkev2SAL(&aNegotiation->iHdr, NULL);
+ if ( (aNegotiation->iState != KStateIkeInfoRequest) && (aNegotiation->iState != KStateIkeDeleteRequest) && (aNegotiation->iState != KStateIkeDeleteResponse) )
+ aNegotiation->iState = KStateIkeInfoResponse;
+ }
+ //
+ // else
+ // Currently there is no need to examine any MOBIKE Notify payloads
+ // present in Informational response
+ //
+
+ return Status;
+}
+
+TBool Ikev2MobIke::SendUpdateSaAddrNotifyL(CIkev2Negotiation* aNegotiation)
+{
+ ASSERT(aNegotiation);
+
+ //we support only changing of our address.
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(aNegotiation->iHdr.SpiI(),
+ aNegotiation->iHdr.SpiR(),
+ INFORMATIONAL,
+ aNegotiation->iHdr.iInitiator,
+ EFalse,
+ aNegotiation->iHdr.NextRequestId(),
+ aNegotiation->iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(aNegotiation->iHdr.iCipherBlkLth);
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROT_NONE, KZeroDesc, UPDATE_SA_ADDRESS, KZeroDesc);
+
+ aNegotiation->SendIkeMsgL(ikeMsg);
+
+ aNegotiation->iState = KStateIkeInfoRequest;
+
+ return ETrue;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2natt.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,145 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Class CIkev2NatT implements NAT Traversal functionality specified in IKEv2.
+*
+*/
+#include <in_sock.h>
+#include "ikev2natt.h"
+#include "ikev2SAdata.h"
+#include "ikev2payloads.h"
+#include "ikev2const.h"
+#include "ikecrypto.h"
+
+CIkev2NatT* CIkev2NatT::NewL(const TInetAddr& aSourceAddr, const TInetAddr& aDestinationAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi)
+{
+ CIkev2NatT* self = new (ELeave)CIkev2NatT();
+ CleanupStack::PushL(self);
+ self->ConstructL(aSourceAddr, aDestinationAddr, aPort, aInitiatorSpi, aResponderSpi);
+ CleanupStack::Pop(self);
+
+ return self;
+}
+
+void CIkev2NatT::ConstructL(const TInetAddr& aSourceAddr, const TInetAddr& aDestinationAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi)
+{
+ iSrcNotify = GenerateNatDetectionHashL(aInitiatorSpi, aResponderSpi,
+ aSourceAddr, aPort);
+
+ iDstNotify = GenerateNatDetectionHashL(aInitiatorSpi, aResponderSpi,
+ aDestinationAddr, aPort);
+}
+
+TUint32 CIkev2NatT::CheckPeerNotifysL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys,
+ const TInetAddr& aLocalAddr, const TInetAddr& aRemoteAddr, TUint16 aPort,
+ const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi, TBool& aSupported)
+{
+ //
+ // Check does there exists NAT_DETECTION_SOURCE_IP and NAT_DETECTION_DESTINATION_IP
+ // Notify payload. If found compare payload data to local end NAT
+ // traversal data as follows:
+ // -- NAT_DETECTION_SOURCE_IP Notifys are examined against local Notify
+ // payload iDstIdentiy data: If no match found
+ // ==> Peer is behind NAT
+ // -- NAT_DETECTION_DESTINATION_IP Notify is examined against local Notify
+ // payload iSrcIdentiy data: If no match found
+ // ==> Local end behind NAT
+ //
+ aSupported = EFalse;
+ TInt Count = aNotifys.Count();
+
+ CIkev2NatT* RefObj = CIkev2NatT::NewL(aLocalAddr, aRemoteAddr, aPort,
+ aInitiatorSpi, aResponderSpi);
+
+ TNotifPayloadIkev2* PeerNotify;
+ TUint32 PeerLth;
+ TBool SrcMatch = EFalse;
+ TBool DstMatch = EFalse;
+ TUint32 NatFlags = 0;
+ TInt i = 0;
+
+ while ( i < Count )
+ {
+ PeerNotify = aNotifys.At(i);
+ if ( (PeerNotify->GetMsgType() == NAT_DETECTION_SOURCE_IP) && !SrcMatch )
+ {
+ NatFlags |= REMOTE_END_NAT;
+ PeerLth = TPayloadIkev2::Cast(PeerNotify)->GetLength() - (TUint32)(PeerNotify->Size() + PeerNotify->GetSPISize());
+ const TPtrC8 peerNotify(PeerNotify->NotifData(), PeerLth);
+ if ( RefObj->DestinNofify().Compare(peerNotify) == 0)
+ {
+ SrcMatch = ETrue;
+ NatFlags &= ~REMOTE_END_NAT;
+ }
+ }
+ else if ( (PeerNotify->GetMsgType() == NAT_DETECTION_DESTINATION_IP) && !DstMatch )
+ {
+ aSupported = ETrue;
+ NatFlags |= LOCAL_END_NAT;
+ PeerLth = TPayloadIkev2::Cast(PeerNotify)->GetLength() - (TUint32)(PeerNotify->Size() + PeerNotify->GetSPISize());
+ const TPtrC8 peerNotify(PeerNotify->NotifData(), PeerLth);
+ if ( RefObj->SourceNofify().Compare(peerNotify) == 0 )
+ {
+ DstMatch = ETrue;
+ NatFlags &= ~LOCAL_END_NAT;
+ }
+ }
+ i ++;
+ }
+
+ delete RefObj;
+ return NatFlags;
+}
+
+HBufC8* CIkev2NatT::GenerateNatDetectionHashL(const TDesC8& aInitiatorSpi, const TDesC8& aResponderSpi,
+ TInetAddr aIpAddress, TUint16 aPort ) const
+{
+ __ASSERT_DEBUG( aInitiatorSpi.Length() == IKEV2_SPI_SIZE, User::Invariant());
+ __ASSERT_DEBUG( aResponderSpi.Length() == IKEV2_SPI_SIZE, User::Invariant());
+
+ //
+ // Calculate HASH = SHA1(SPIS | IP | Port) both for local- and remote IP address/port
+ //
+ TBuf8<64> hashInData;
+
+ hashInData.Append(aInitiatorSpi);
+ hashInData.Append(aResponderSpi);
+
+ if ( aIpAddress.Family() == KAfInet )
+ {
+ TUint32 ipv4addr = ByteOrder::Swap32(aIpAddress.Address());//Put in network order
+ hashInData.Append(reinterpret_cast<TUint8*>(&ipv4addr), sizeof(ipv4addr));
+ }
+ else
+ {
+ if ( aIpAddress.IsV4Mapped() )
+ {
+ aIpAddress.ConvertToV4(); // IPv4 format
+ TUint32 ipv4addr = ByteOrder::Swap32(aIpAddress.Address());//Put in network order
+ hashInData.Append(reinterpret_cast<TUint8*>(&ipv4addr), sizeof(ipv4addr));
+ }
+ else
+ {
+ const TUint8* addr = &aIpAddress.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ hashInData.Append(addr, 16);
+ }
+ }
+
+ aPort = ByteOrder::Swap16(aPort);
+ hashInData.Append(reinterpret_cast<TUint8*>(&aPort), sizeof(aPort));
+
+ return IkeCrypto::PrfL(hashInData, PRF_HMAC_SHA1);
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2negotiation.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,4059 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2/IPSEC SA negotiation
+*
+*/
+
+#include <random.h>
+#include <in_sock.h>
+
+#include "ikev2Negotiation.h"
+#include "ikedebug.h"
+#include "ikev2natt.h"
+#include "ikev2mobike.h"
+#include "ikev2proposal.h"
+#include "ikev2SAdata.h"
+#include "ikev2pluginsession.h"
+#include "ikev2pfkey.h"
+#include "ikev2config.h"
+#include "ikev2EapInterface.h"
+#include "ikev2payloads.h"
+#include "ikev2const.h"
+#include "ikemsgrec.h"
+#include "ipsecproposal.h"
+#include "ipsecselectors.h"
+#include "ikepolparser.h"
+#include "kmdapi.h"
+#include "ikecaelem.h"
+#include "ikecalist.h"
+#include "ikepkiutils.h"
+#include "vpnapidefs.h"
+#include "kmdeventloggerif.h"
+#include "ipsecsalist.h"
+#include "ikev2message.h"
+#include "ikev2identity.h"
+#include "ikev2acquire.h"
+#include "ikev2expire.h"
+#include "ikev2ipsecsarekeydata.h"
+#include "ikev2messagesendqueue.h"
+
+_LIT8(KIkev2PSKData, "Key Pad for IKEv2");
+_LIT8(KZeroDesc, "");
+
+CIkev2Negotiation* CIkev2Negotiation::NewL(CIkev2PluginSession& aIkeV2PlugInSession,
+ CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger,
+ CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug,
+ CIkeData* aIkeData,
+ TUint32 aVpnIapId,
+ TUint32 aSaId,
+ TInetAddr aPhysicalInterfaceAddress,
+ TInetAddr aRemoteAddress)
+ {
+
+ CIkev2Negotiation* self = new (ELeave) CIkev2Negotiation(aIkeV2PlugInSession, aPfKeySocketIf,
+ aEventLogger, aMessageSendQue,
+ aDebug, aSaId);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+
+ self->iHdr.iIkeData = aIkeData;
+ self->iHdr.iVpnIapId = aVpnIapId;
+ self->iProcessEvents = ETrue;
+ self->iHdr.iRemoteAddr = aRemoteAddress;
+ self->iHdr.iRemoteAddr.SetPort(IKE_PORT);
+
+ //
+ // Get IP address information for IKE SA negotiation
+ // Remote address is taken from current IKE policy data (CIkeData)
+ // Local address is resolved via IKE policy using policy handle
+ //
+ if ( self->iHdr.iRemoteAddr.IsUnspecified() )
+ {
+ self->iHdr.iRemoteAddr = self->iHdr.iIkeData->iAddr;
+ self->iHdr.iRemoteAddr.SetPort(IKE_PORT);
+ }
+ self->iHdr.iDestinAddr = self->iHdr.iRemoteAddr;
+ self->iHdr.iLocalAddr = aPhysicalInterfaceAddress;
+ TInt Scope = self->iHdr.iRemoteAddr.Scope();
+ if ( Scope )
+ self->iHdr.iLocalAddr.SetScope(Scope); // Set local scope same with remote scope
+
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkev2Negotiation* CIkev2Negotiation::NewL(CIkev2PluginSession& aIkeV2PlugInSession,
+ CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger,
+ CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug,
+ TIkev2SAData& aIkev2SAdata)
+ {
+ CIkev2Negotiation* self = new (ELeave) CIkev2Negotiation(aIkeV2PlugInSession, aPfKeySocketIf,
+ aEventLogger, aMessageSendQue,
+ aDebug, aIkev2SAdata.SaId());
+ CleanupStack::PushL(self);
+ self->ConstructL();
+
+ self->iHdr.Copy(aIkev2SAdata);
+ self->iState = KStateIkeSaCompleted;
+
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkev2Negotiation::CIkev2Negotiation(CIkev2PluginSession& aIkeV2PlugInSession, CPFKeySocketIf& aPfKeySocketIf,
+ MKmdEventLoggerIf& aEventLogger, CIkev2MessageSendQueue& aMessageSendQue,
+ MIkeDebug& aDebug, TUint32 aSaId)
+: iChild(aDebug), iIkeV2PlugInSession(aIkeV2PlugInSession), iPfKeySocketIf(aPfKeySocketIf),
+ iEventLogger(aEventLogger), iMessageSendQue(aMessageSendQue),iDebug(aDebug), iDHGroupGuess(1)
+ {
+ DEBUG_LOG1(_L("CIkev2Negotiation::CIkev2Negotiation: 0x%08x"), this);
+
+ iHdr.SetSaId(aSaId);
+ iHdr.iWindowSize = DEF_MSG_ID_WINDOW;
+ }
+
+
+void CIkev2Negotiation::ConstructL()
+ {
+ iTimer = CIkev2RetransmitTimer::NewL(*this);
+ iSpiRetriever = CIpsecSaSpiRetriever::NewL(*this, iPfKeySocketIf);
+
+ iIkeV2PlugInSession.LinkNegotiation(this); // <- takes ownership of this
+ iProcessEvents = ETrue;
+ }
+
+
+CIkev2Negotiation::~CIkev2Negotiation()
+ {
+
+ delete iSpiRetriever;
+ // Turn off event processing to prevent EAPVPNIF event
+ iProcessEvents = EFalse;
+ delete iTimer;
+
+ DEBUG_LOG1(_L("CIkev2Negotiation::~CIkev2Negotiation: 0x%08x"), this);
+ iIkeV2PlugInSession.RemoveNegotiation(this);
+
+ iHdr.CleanUp();
+
+ //
+ // Purge Acquire, Expire and Info message queues
+ //
+ CIkev2Acquire::PurgeQue(GetAcquireQue());
+ CIkev2Expire::PurgeQue(GetExpireQue());
+
+ delete iPeerCert;
+ delete iSavedSaInit;
+ delete iProposedSA;
+ delete iDHKeys;
+ delete iDHPublicPeer;
+ delete iNonce_I;
+ delete iNonce_R;
+ delete iAuthMsgInit;
+ delete iAuthMsgResp;
+ delete iRemoteIdentity;
+ delete iLocalIdentity;
+ delete iNatNotify;
+ delete iConfigMode;
+ delete iEapPlugin;
+ delete iPkiService;
+ delete iPresharedKey;
+ delete iChildSaRequest;
+ }
+
+void CIkev2Negotiation::StartIkeSANegotiationL()
+ {
+ __ASSERT_DEBUG(iChildSaRequest == NULL, User::Invariant());
+
+ //This method should be called only if we have IA in use.
+ //Otherwise the negotiation should start with ProcessAcquire
+ __ASSERT_DEBUG(iHdr.iIkeData->iUseInternalAddr, User::Invariant());
+
+ //
+ // This method is called when an IKE SA negotiation is started due
+ // a RKMD::Activate() request with policy that uses IA.
+ //
+ iHdr.iInitiator = ETrue;
+ LoadEapPluginL();
+
+ GetNonceDataL(ETrue);
+
+ CIkev2Acquire* Acquire = IpsecSelectors::BuildVirtualAcquireL(iIkeV2PlugInSession);
+ CleanupStack::PushL(Acquire);
+
+ if ( !InitPkiServiceL() )
+ {
+ //No PkiService Needed.
+ //Continue by requesting SPI for IPsecSA.
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ //
+ // Get SPI for inbound SA with PFKEY GETSPI primitive
+ //
+ GetIpsecSPI(Acquire);
+ }
+ else
+ {
+ iChildSaRequest = Acquire;
+ }
+ CleanupStack::Pop(Acquire);
+ }
+
+TBool CIkev2Negotiation::StartRespondingL(const ThdrISAKMP& aIkeMessage)
+ {
+ //
+ // This method is called when local end is going to ACT as a
+ // responder of an IKE SA negotiation.
+ // Initialize PKI service usage, if needed. Because PKI service
+ // initialisation is an asynchronous operation we must take a copy
+ // of incoming IKE message from where it is processed when PKI
+ // service initialisation is completed.
+ //
+ TBool Status( InitPkiServiceL() );
+ if ( Status )
+ {
+ TInt MsgLth = (TInt)aIkeMessage.GetLength();
+ delete iSavedSaInit;
+ iSavedSaInit = NULL;
+ iSavedSaInit = HBufC8::NewL(MsgLth);
+ iSavedSaInit->Des().Copy((TUint8*)&aIkeMessage, MsgLth);
+ }
+ return !Status;
+ }
+
+void CIkev2Negotiation::StartIkeSADeleteL()
+{
+ //
+ // This method is called when an IKE SA shall be deleted either due
+ // IKE SA timeout or due a RKMD::Deactivate() request
+ //
+ BuildDeleteRequestL(NULL);
+}
+
+
+void CIkev2Negotiation::IkeSaCompletedL()
+{
+
+ //
+ // This method is when an IKE SA negotiation has been succesfully
+ // completed.
+ // The following actions are taken:
+ // -- Get Virtual IP from iConfigMode object, if present and
+ // modify IKE SA lifetime if Virtual Ip expiration time is
+ // shorter than configured iKE SA lifetime
+ // -- Create a new IKE SA object, if not a rekeyd IKE SA
+ // -- If activation going, call IkeSaCompleted method in plug-in
+ //
+ TVPNAddress VirtualIp;
+ if ( iConfigMode )
+ {
+ VirtualIp = iConfigMode->VirtualIp();
+ iHdr.StoreVirtualIp(VirtualIp.iVPNIfAddr);
+ TUint32 ExpireTime = iConfigMode->ExpireTime();
+ if ( ExpireTime && (ExpireTime < iHdr.iLifetime) )
+ iHdr.iLifetime = ExpireTime;
+ }
+
+ if(!iIkeV2PlugInSession.FindIkev2SA(iHdr.SaId(), KSaStateNotDefined, KSaStateNotDefined))
+ {
+ iIkeV2PlugInSession.CreateIkev2SAL(iHdr);
+ }
+
+ iIkeV2PlugInSession.IkeSaCompleted(KErrNone, VirtualIp);
+
+ iEventLogger.LogEvent(MKmdEventLoggerIf::KLogInfo, R_VPN_MSG_VPN_GW_AUTH_OK, KErrNone,
+ iHdr.iVpnIapId, &iHdr.iRemoteAddr);
+ iEventLogger.LogEvent(MKmdEventLoggerIf::KLogInfo, R_VPN_MSG_ADDR_INFO_FOR_VPN_AP,
+ iHdr.iNATFlags, iHdr.iVpnIapId,
+ (!VirtualIp.iVPNIfAddr.IsUnspecified() ? &(VirtualIp.iVPNIfAddr) : NULL));
+
+ if ( iChildSaRequest )
+ {
+ IpsecSANegotiatedL();
+ }
+ if ( RequestsPending() )
+ {
+ ContinueIkeNegotiationL();
+ }
+ else
+ {
+ if ( !iHdr.iInitiator )
+ {
+ iIkeV2PlugInSession.StopResponding();
+ delete this; // Current negotiation can be deleted
+ }
+ else iStopped = ETrue;
+ }
+}
+
+void CIkev2Negotiation::IkeSaFailed(TInt Status)
+ {
+ //
+ // This method is when a IKE SA negotiation has failed
+ // The following actions are taken:
+ //
+
+ TVPNAddress dummyVirtualIp;
+
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+
+ if ( !iHdr.iInitiator )
+ iIkeV2PlugInSession.StopResponding();
+
+ if ( (iSendAttempt <= KMaxSendAttemps ) &&
+ ((iState == KStateIkeSaEapStarted) ||
+ (iState == KStateIkeSaEapGoing)))
+ iDeleteIkeSA = ETrue;
+ else iStopped = ETrue;
+
+ iEventLogger.LogEvent(MKmdEventLoggerIf::KLogError, R_VPN_MSG_REAL_IAP_ACT_FAILED, Status,
+ iHdr.iVpnIapId, &iHdr.iRemoteAddr);
+
+ iIkeV2PlugInSession.IkeSaCompleted(Status, dummyVirtualIp);
+ }
+
+void CIkev2Negotiation::IpsecSANegotiatedL()
+{
+ //
+ // This method is when an Ipsec SA negotiation has been succesfully
+ // completed.
+ // -- Update Ipsec SADB using PFKEY Update and Add primitives
+ // -- Find a new IKE SA object and queue Ipsec SA data into it
+ // -- Try to start a new exchange from queue, if there is nothing
+ // to start in queues mark current negotiation stopped
+ //
+ iChild.iSrcSpecific = iChildSaRequest->SrcSpecific();
+ Ikev2Pfkey::UpdateIpsecSaDataBaseL(iHdr, iChild, iIkeV2PlugInSession, *iChildSaRequest);
+
+ CIpsecSARekeyData* rekeyData =
+ CIpsecSARekeyData::NewL(iChildSaRequest->ReplayWindow(),
+ iChildSaRequest->HardLifetime(),
+ iChildSaRequest->SoftLifetime(),
+ iChildSaRequest->TS_i(),
+ iChildSaRequest->TS_r(),
+ *iChildSaRequest->LocalId(),
+ *iChildSaRequest->RemoteId());
+
+ iChild.PurgeKeyMaterial(); // Ipsec Keymaterial not saved into IKE SA
+ iChild.DeleteRekeyData();
+ iChild.iRekeyData = rekeyData;
+
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, &iChild);
+
+ delete iChildSaRequest;
+ iChildSaRequest = NULL;
+
+ if ( RequestsPending() )
+ ContinueIkeNegotiationL();
+ else
+ { if ( iState == KStateIkeChildSAResponse )
+ delete this;
+ else iStopped = ETrue;
+ }
+}
+
+
+void CIkev2Negotiation::ProcessIkeMessageL(const ThdrISAKMP& aIkeMessage,
+ const TInetAddr& aRemote,
+ TUint16 aLocalPort)
+ {
+ //
+ // Start to process received IKE message by constructing a
+ // CIkev2Payloads object. CIkev2Payloads construction takes also
+ // care of the decryption of an Encrypted payload if present.
+ //
+ TBool Status( ETrue );
+
+ CIkev2Payloads* IkeMsg = CIkev2Payloads::NewL(aIkeMessage, iHdr);
+ CleanupStack::PushL(IkeMsg);
+
+ DEBUG_LOG2(_L("Process IKE message, SAID=%d, Msg ID=%d"),
+ iHdr.SaId(), aIkeMessage.GetMessageId());
+ if ( IkeMsg->Status() )
+ {
+ //
+ // An error occurred during IKE message parsing
+ //
+ SetNotifyCode(IkeMsg->Status());
+ DEBUG_LOG1(_L("Error in parsing of received IKE message: %d"), IkeMsg->Status());
+
+ if ( !iHdr.iInitiator && iState == KStateIdle )
+ {
+ iStopped = ETrue; // Negotiation object shall be released
+ }
+ else
+ {
+ CheckNotifyCodeL(IkeMsg);
+ }
+ CleanupStack::PopAndDestroy(IkeMsg); // IkeMsg
+ return;
+ }
+
+ if ( (iHdr.iNATFlags & (REMOTE_END_NAT + MOBIKE_USED)) &&
+ IkeMsg->Encrypted() )
+ {
+ //
+ // Received IKE message contains Encrypted payload. Save source
+ // IP as new destination IP to negotiation object
+ //
+ iHdr.iDestinAddr = aRemote;
+ iHdr.iDestinAddr.SetPort(FLOATED_IKE_PORT);
+ }
+
+ TPtrC8 ikeMsgDes((TUint8*)&aIkeMessage, aIkeMessage.GetLength());
+
+ TInetAddr localAddr(iHdr.iLocalAddr);
+ localAddr.SetPort(aLocalPort);
+ TRACE_MSG(ikeMsgDes, aRemote, localAddr,
+ (CIkePcapTrace::TEncryptionType)iHdr.iEncrAlg);
+
+ //
+ // Process received IKE message according to Exchange type
+ //
+ switch ( aIkeMessage.GetExchange() )
+ {
+ case IKE_SA_INIT:
+ DEBUG_LOG(_L("IKE_SA_INIT message received"));
+ Status = ProcessIkeSaInitL(IkeMsg, aRemote);
+ if ( !Status )
+ IkeSaFailed(KKmdIkeNegotFailed);
+ break;
+
+ case IKE_AUTH:
+ DEBUG_LOG(_L("IKE_AUTH message received"));
+ Status = ProcessIkeAuthL(IkeMsg);
+ if ( !Status )
+ IkeSaFailed(KKmdIkeAuthFailedErr);
+ break;
+
+ case CREATE_CHILD_SA:
+ DEBUG_LOG(_L("CREATE_CHILD_SA message received"));
+ Status = ProcessChildSaL(IkeMsg);
+ break;
+
+ case INFORMATIONAL:
+ DEBUG_LOG(_L("INFORMATION message received"));
+ Status = ProcessInfoMsgL(IkeMsg);
+ break;
+
+ default:
+ DEBUG_LOG(_L("UNKNOWN message received\n"));
+ Status = EFalse; // Negotiation object shall be released
+ break;
+ }
+
+ if ( !Status )
+ {
+ if ( iDeleteIkeSA )
+ {
+ //
+ // Used IKE SA shall be deleted due the fatal error occurred.
+ //
+ iDeleteIkeSA = EFalse;
+ iIkeV2PlugInSession.DeleteIkev2SA(iHdr.SaId());
+ BuildDeleteRequestL(NULL);
+ }
+ else
+ {
+ CheckNotifyCodeL(IkeMsg);
+ }
+ }
+ CleanupStack::PopAndDestroy(IkeMsg);
+}
+
+void CIkev2Negotiation::ProcessAcquireL(const TPfkeyMessage &aPfkeyMsg)
+ {
+ //
+ // Process received PFKEY Acquire primitive
+ // There is now the following possibilities:
+ // -- There already exists an IKE SA so new IPSEC SA is negotiated
+ // using IKE_CHILD_SA exchange
+ // -- The is no IKE SA yet.
+ // IPSEC SA can be negotiated concatenated during IKE_AUTH.
+ // If Virtual IP is specified, the CP payload is used to get
+ // that virtual IP address.
+ //
+ CIkev2Acquire* Acquire = CIkev2Acquire::NewL(aPfkeyMsg, iIkeV2PlugInSession.GetSAId(),
+ GetLocalAddr(),
+ Ikev2Proposal::GetDHGroup(iHdr.iIkeData->iGroupDesc_II), ImplicitChildSa());
+
+ if ( iState == KStateIdle )
+ {
+ CleanupStack::PushL(Acquire);
+ LoadEapPluginL();
+ iHdr.iInitiator = ETrue;
+ GetNonceDataL(ETrue); // For IKE SA
+ if ( iHdr.iIkeData->iUseInternalAddr )
+ {
+ CArrayFix<TIkeV2TrafficSelector>* TsI = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsI);
+
+ TInetAddr StartIp;
+ TInetAddr EndIp;
+ StartIp.SetAddress(KInetAddrNone); // 0.0.0.0
+ StartIp.SetPort(0);
+ EndIp.SetAddress(KInetAddrAll); // 255.255.255.255
+ EndIp.SetPort(0xffff);
+
+ TIkeV2TrafficSelector ts(StartIp, EndIp,
+ aPfkeyMsg.iDstAddr.iExt->sadb_address_proto);
+ TsI->AppendL(ts);
+ CleanupStack::Pop(TsI);
+ Acquire->ReplaceTS_i(TsI);
+ Acquire->SetVirtualIp();
+ }
+
+ if ( InitPkiServiceL() )
+ {
+ // Store Acquire to wait PKI service init
+ iChildSaRequest = Acquire;
+ CleanupStack::Pop(Acquire);
+ return;
+ }
+ CleanupStack::Pop(Acquire);
+ }
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ GetIpsecSPI(Acquire);
+ }
+
+
+void CIkev2Negotiation::ProcessExpireL(const TPfkeyMessage &aPfkeyMsg)
+ {
+ //
+ // Process received PFKEY Expire primitive
+ // Try to find first IPSEC SA data from the "parent" IKE SA and set
+ // inbound SA to zero in TIpsecSAData
+ //
+ TPtrC8 spi(reinterpret_cast<const TUint8*>(&aPfkeyMsg.iSa.iExt->sadb_sa_spi),
+ sizeof(aPfkeyMsg.iSa.iExt->sadb_sa_spi));
+
+ TIkeV2IpsecSAData* SaData =
+ iIkeV2PlugInSession.FindIpsecSAData(iHdr.SaId(), spi, ETrue);
+ if ( !SaData )
+ {
+ DEBUG_LOG(_L("PFKEY Expire received but no SA data found, stop negotiation"));
+
+ iStopped = ETrue;
+ return;
+ }
+ SaData->iSPI_In.Zero();
+ CIkev2Expire* Expire = CIkev2Expire::NewL(aPfkeyMsg);
+ CIkev2Expire::Link(Expire, GetExpireQue());
+
+ ContinueIkeNegotiationL();
+}
+
+void CIkev2Negotiation::StartIpsecSaRekeyingL(const TPfkeyMessage &aPfkeyMsg)
+{
+
+ TPtrC8 spi(reinterpret_cast<const TUint8*>(&aPfkeyMsg.iSa.iExt->sadb_sa_spi),
+ sizeof(aPfkeyMsg.iSa.iExt->sadb_sa_spi));
+ TIkeV2IpsecSAData* SaData =
+ iIkeV2PlugInSession.FindIpsecSAData(iHdr.SaId(), spi, ETrue);
+ if ( !SaData )
+ {
+ DEBUG_LOG(_L("No IPSec SA data found, stop rekeying"));
+ iStopped = ETrue;
+ return;
+ }
+
+ iStopped = ETrue;
+
+ CArrayFix<TIkeV2TrafficSelector>* tsIArray = SaData->iRekeyData->TsIL();
+ CleanupStack::PushL(tsIArray);
+
+ CArrayFix<TIkeV2TrafficSelector>* tsRArray = SaData->iRekeyData->TsRL();
+ CleanupStack::PushL(tsRArray);
+
+ __ASSERT_DEBUG(tsIArray->Count() > 0, User::Invariant());
+ __ASSERT_DEBUG(tsRArray->Count() > 0, User::Invariant());
+
+ TIkeV2TrafficSelector tsI = (*tsIArray)[0];
+ TIkeV2TrafficSelector tsR = (*tsRArray)[0];
+
+ CleanupStack::PopAndDestroy(tsRArray);
+ CleanupStack::PopAndDestroy(tsIArray);
+
+
+ TInetAddr localSelector;
+ TInetAddr localSelectorMask;
+
+ TInetAddr remoteSelector;
+ TInetAddr remoteSelectorMask;
+
+ if (iHdr.iInitiator)
+ {
+ localSelector = tsI.StartingAddress();
+ localSelectorMask = tsI.Mask();
+
+ remoteSelector = tsR.StartingAddress();
+ remoteSelectorMask = tsR.Mask();
+ }
+ else
+ {
+ localSelector = tsR.StartingAddress();
+ localSelectorMask = tsR.Mask();
+
+ remoteSelector = tsI.StartingAddress();
+ remoteSelectorMask = tsI.Mask();
+ }
+
+ CIpsecSaSpecList* SaList = iIkeV2PlugInSession.GetIPsecSaSpecListL(localSelector, localSelectorMask, //local address/port info
+ remoteSelector, remoteSelectorMask,
+ aPfkeyMsg.iDstAddr.iExt->sadb_address_proto);
+
+
+ CleanupStack::PushL(SaList);
+ __ASSERT_DEBUG(SaList != NULL, User::Invariant());
+ __ASSERT_DEBUG(SaList->Count() > 0, User::Invariant());
+ iStopped = EFalse;
+
+ const TIpsecSaSpec& saSpec = SaList->At(0);
+
+ CIkev2Acquire* Acquire = CIkev2Acquire::NewL(aPfkeyMsg, iIkeV2PlugInSession.GetSAId(), GetLocalAddr(),
+ Ikev2Proposal::GetDHGroup(iHdr.iIkeData->iGroupDesc_II), ImplicitChildSa(),
+ &saSpec, SaData->iRekeyData);
+ CleanupStack::PopAndDestroy(SaList); //SaList
+
+ Acquire->SetSPI_ToBeRekeyed(spi);
+
+ if ( iState == KStateIdle )
+ {
+ CleanupStack::PushL(Acquire);
+ LoadEapPluginL();
+ iHdr.iInitiator = ETrue;
+ GetNonceDataL(ETrue); // For IKE SA
+ if ( iHdr.iIkeData->iUseInternalAddr )
+ {
+ CArrayFix<TIkeV2TrafficSelector>* TsI = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsI);
+
+ TInetAddr StartIp;
+ TInetAddr EndIp;
+ StartIp.SetAddress(KInetAddrNone); // 0.0.0.0
+ StartIp.SetPort(0);
+ EndIp.SetAddress(KInetAddrAll); // 255.255.255.255
+ EndIp.SetPort(0xffff);
+
+ TIkeV2TrafficSelector ts(StartIp, EndIp,
+ aPfkeyMsg.iDstAddr.iExt->sadb_address_proto);
+ TsI->AppendL(ts);
+ Acquire->ReplaceTS_i(TsI);
+ CleanupStack::Pop(TsI);
+ Acquire->SetVirtualIp();
+ }
+
+ if ( InitPkiServiceL() )
+ {
+ iChildSaRequest = Acquire; // Store Acquire to wait PKI service init
+ CleanupStack::Pop(Acquire);
+ return;
+ }
+ CleanupStack::Pop(Acquire);
+ }
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ GetIpsecSPI(Acquire);
+}
+
+void CIkev2Negotiation::GetIpsecSPI(CIkev2Acquire* aAcquire)
+ {
+ ASSERT(aAcquire);
+ //
+ // Get SPI for inbound SA with PFKEY GETSPI primitive
+ //
+ TInetAddr DstAddr;
+ if ( aAcquire->SrcSpecific() )
+ DstAddr = iHdr.iLocalAddr;
+ else DstAddr.Init(0);
+ DstAddr.SetPort(0);
+ TInetAddr SrcAddr = iHdr.iRemoteAddr;
+ SrcAddr.SetPort(0);
+
+ iSpiRetriever->GetIpsecSaSpi(aAcquire->Id(),
+ aAcquire->IpsecProtocol(),
+ SrcAddr, DstAddr);
+ }
+
+
+void CIkev2Negotiation::IpsecSaSpiRetrieved(TUint32 aSpiRequestId,
+ TInt aStatus,
+ TUint32 aSpi)
+ {
+ if (aStatus == KErrNone)
+ {
+ TRAP(aStatus, IpsecSaSpiRetrievedL(aSpiRequestId, aSpi));
+ }
+
+ if (aStatus != KErrNone)
+ {
+ //Leave that we have not been able to handle
+ //above layers. We bail out and report error.
+ iIkeV2PlugInSession.DeleteIkev2SA(iHdr.SaId());
+ iIkeV2PlugInSession.IkeSaDeleted(aStatus);
+ delete this;
+ }
+ }
+
+void CIkev2Negotiation::CancelOperation()
+ {
+ if ( iTimer != NULL )
+ {
+ iTimer->Cancel();
+ }
+ if ( iSpiRetriever != NULL )
+ {
+ iSpiRetriever->Cancel();
+ }
+ }
+
+void CIkev2Negotiation::IpsecSaSpiRetrievedL(TUint32 aSpiRequestId, TUint32 aSpi)
+ {
+ DEBUG_LOG(_L("CIkev2Negotiation::SpiRetrievedL"));
+
+ //
+ // Ipsec SPI received. Find an Acquire object for received SPI and
+ // save SPI into found object.
+ //
+ CIkev2Acquire* Acquire = CIkev2Acquire::Find(aSpiRequestId, GetAcquireQue());
+ __ASSERT_DEBUG(Acquire, User::Invariant());
+
+ TPtrC8 spiPtr(reinterpret_cast<TUint8*>(&aSpi), sizeof(aSpi));
+ Acquire->SetSPI_In(spiPtr);
+ //
+ // Ipsec SPI received. Find an Acquire object for received SPI and
+ // save SPI into found object.
+ //
+ ContinueIkeNegotiationL();
+ }
+
+void CIkev2Negotiation::ContinueIkeNegotiationL()
+{
+ //
+ // This method takes actions according to current state (iState) of
+ // the negotiation.
+ //
+ CIkev2Acquire* Acquire;
+ CIkev2Expire* Expire;
+
+ switch ( iState )
+ {
+ case KStateIdle:
+ //
+ // Start IKE_SA_INIT exchange
+ //
+ StartIkeSaInitL();
+ break;
+
+ case KStateIkeSaAuthWaitSpi:
+ {
+ //
+ // Complete IKE_AUTH exchange (with concatenated Child SA)
+ //
+ iChildSaRequest = CIkev2Acquire::GetNext(GetAcquireQue(), ETrue);
+
+ DEBUG_LOG(_L("CIkev2Negotiation::ContinueIkeNegotiationL"));
+ DEBUG_LOG1(_L("iChildSaRequest is %d"), (TInt)iChildSaRequest);
+
+ SendIkeAuthMessageL();
+ }
+ break;
+
+ case KStateIkeSaCompleted:
+ //
+ // There is no activity going on this negotiation
+ // If there is something in request queues start process
+ // them in the following order:
+ // -- Check if there is something in info queue (NIY)
+ // -- Check if there is something in expire queue (NIY)
+ // -- Check if there is ready responses in acquire queue
+ // -- Check if there is ready request in acquire queue
+ //
+ Expire = CIkev2Expire::GetNext(GetExpireQue());
+ if ( Expire )
+ {
+ CleanupStack::PushL(Expire);
+ BuildDeleteRequestL(Expire);
+ CleanupStack::PopAndDestroy(Expire);
+ }
+ else
+ {
+ Acquire = CIkev2Acquire::GetNext(GetAcquireQue(), ETrue);
+ if ( Acquire )
+ {
+ BuildChildSAMessageL(Acquire, EFalse);
+ }
+ else
+ {
+ Acquire = CIkev2Acquire::GetNext(GetAcquireQue(), EFalse);
+ BuildChildSAMessageL(Acquire, ETrue);
+ }
+ }
+ break;
+
+ default:
+ break;
+ }
+}
+
+void CIkev2Negotiation::StartIkeSaInitL()
+ {
+ //
+ // Create Initiator SPI for the new IKE SA
+ //
+ CreateIkeSPI(iHdr.SpiI());
+
+ //
+ // Get required peer identity from policy (IDr)
+ //
+ iRemoteIdentity = Ikev2Proposal::GetRemoteIdentityL(iHdr.iIkeData);
+
+ __ASSERT_ALWAYS(iHdr.iInitiator, User::Invariant());
+ //
+ // Build and send the first IKE_SA_INIT message (request)
+ // HDR, SAi1, KEi, Ni, N[NAT_SRC], N[NAT_DST]
+ //
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ IKE_SA_INIT,
+ iHdr.iInitiator,
+ EFalse,
+ iHdr.NextRequestId(),
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+
+ HBufC8* saBfr = Ikev2Proposal::FromPolicyToProposaL(iHdr, iSPI_Rekey, iDHGroupGuess);
+ CleanupStack::PushL(saBfr);
+ ikeMsg->AppendSaPayloadL(*saBfr);
+ CleanupStack::Pop(saBfr);
+ SetProposedSa(saBfr);
+
+ AppendKEPayloadL(*ikeMsg, iHdr.iDHGroup);
+ ikeMsg->AppendNoncePayloadL(*iNonce_I);
+ if ( !iHdr.iIkeData->iUseNatProbing )
+ {
+ delete iNatNotify;
+ iNatNotify = NULL;
+
+ TInetAddr LocalIp;
+ if ( iHdr.iIkeData->iUseMobIke )
+ LocalIp.SetAddress(KInetAddrNone);
+ else LocalIp = iHdr.iLocalAddr;
+ iNatNotify = CIkev2NatT::NewL(
+ LocalIp, iHdr.iRemoteAddr, IKE_PORT, ikeMsg->InitiatorSpi(), ikeMsg->ResponderSpi());
+
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_SOURCE_IP,
+ iNatNotify->SourceNofify());
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_DESTINATION_IP,
+ iNatNotify->DestinNofify());
+ }
+ CleanupStack::Pop(ikeMsg);
+
+ SendIkeMsgL(ikeMsg);
+ iState = KStateIkeSaInitRequest;
+ }
+
+void CIkev2Negotiation::SendIkeAuthMessageL()
+{
+ //
+ // Build and send IKE_AUTH message
+ // IKE_AUTH message sent by the initiator is the following:
+ // HDR(A,B), SK {IDi, [CERT] [CERTREQ], [IDr], [AUTH], [CP], [SAi2,
+ // TSi, TSr]}
+ // IKE_AUTH message sent by the responder is the following:
+ // HDR(A,B), SK {IDr, [CERT,] AUTH, [CP], [SAr2, TSi, TSr]}
+ // CERT and CERTREQ payloads are added into message on when needed.
+ // AUTH payload is missing from initiators message when EAP in use.
+ // IPSEC SA:s are not always negotiated within IKE_AUTH messages.
+ // In this sitution SAx2, TSi and TSr payloads shall be missing.
+ // CP payload is used the Virtual IP address (secure network DNS
+ // IP:s) for client Virtual IP interface.
+ // Initiators CP payload shall contain CFG_REQUEST and and
+ // responders CP payload CFG_REPLY.
+ // When CP payload is used IKE_AUTH message MUST always contain
+ // IPSEC SA negotiation payloads within.
+ // In case INITIAL_CONTACT is used, the first IKE_AUTH request on given
+ // IKE SA contains INITIAL_CONTACT Notification Payload that is added in
+ // the end of the IKE_AUTH message.
+ //
+
+ if ( !iLocalIdentity )
+ {
+ //
+ // Own identity does not exists yet. Do not build IKE_AUTH
+ // message now
+ //
+ iState = KStateIkeWaitingId;
+ return;
+ }
+
+ TUint32 MsgId = (iHdr.iInitiator) ? iHdr.NextRequestId() : iHdr.ExpectedRequestId();
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ IKE_AUTH,
+ iHdr.iInitiator,
+ !iHdr.iInitiator, //Initiator sends only requests
+ MsgId,
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+
+ __ASSERT_DEBUG(iLocalIdentity != NULL, User::Invariant());
+ if (iHdr.iInitiator)
+ {
+ ikeMsg->AppendIdiPayloadL(*iLocalIdentity);
+ }
+ else
+ {
+ ikeMsg->AppendIdrPayloadL(*iLocalIdentity);
+ }
+
+ if ( iPkiService &&
+ iPkiService->UserCertificateData().Length() > 0)
+ {
+ ikeMsg->AppendCertPayloadL(iPkiService->UserCertificateData());
+ }
+
+ if ( iPkiService &&
+ iPkiService->I2CertificateData().Length() > 0)
+ {
+ ikeMsg->AppendCertPayloadL(iPkiService->I2CertificateData());
+ }
+
+ if ( iPkiService &&
+ iPkiService->I1CertificateData().Length() > 0)
+ {
+ ikeMsg->AppendCertPayloadL(iPkiService->I1CertificateData());
+ }
+
+ if ( iHdr.iInitiator && iHdr.iIkeData->iInitialContact )
+ {
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROT_NONE, KZeroDesc, INITIAL_CONTACT, KZeroDesc);
+ }
+
+
+ if ( iHdr.iInitiator && iPkiService != NULL && iPkiService->CaList().Count() > 0)
+ {
+ ikeMsg->AppendCertReqPayloadL(iPkiService->CaList());
+ }
+
+ if ( iHdr.iInitiator && iRemoteIdentity )
+ {
+ //
+ // Add IDr payload
+ //
+ ikeMsg->AppendIdrPayloadL(*iRemoteIdentity);
+ }
+ if ( !iEapPlugin )
+ {
+ HBufC8* authData = NULL;
+ if ( iHdr.iInitiator )
+ {
+ authData = SignAuthDataL(*iAuthMsgInit, (TUint8)iHdr.iAuthMethod);
+ }
+ else
+ {
+ authData = SignAuthDataL(*iAuthMsgResp, (TUint8)iHdr.iAuthMethod);
+ }
+ CleanupStack::PushL(authData);
+ ikeMsg->AppendAuthPayloadL(iHdr.iAuthMethod, *authData);
+ CleanupStack::PopAndDestroy(authData);
+ }
+ if ( iHdr.iIkeData->iUseMobIke )
+ {
+ //
+ // Add MOBIKE_SUPPORTED notify payload
+ //
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROT_NONE,
+ KZeroDesc,
+ MOBIKE_SUPPORTED,
+ KZeroDesc);
+ }
+
+
+ //
+ // Add Child SA and Traffic selector payloads into IKE_AUTH message
+ // if required
+ //
+ if ( iChildSaRequest )
+ {
+ iChild.iSPI_In = iChildSaRequest->SPI_In();
+ iChildSaRequest->AddIpsecSpiToSa(iChild.iSPI_In);
+ if ( iChildSaRequest->ForVirtualIp() )
+ {
+ //
+ // As Virtual Ip from peer SGW using Config Payload
+ // Build CP request data by constructing CIkev2Config Object
+ //
+ if ( !iConfigMode )
+ iConfigMode = CIkev2Config::NewL(iChildSaRequest);
+
+ ikeMsg->AppendConfigurationPayloadL(iConfigMode->CpType(), iConfigMode->Cp());
+ }
+ ikeMsg->AppendSaPayloadL(*iChildSaRequest->SA());
+
+ ikeMsg->AppendTsiPayloadL(iChildSaRequest->TS_i());
+ ikeMsg->AppendTsrPayloadL(iChildSaRequest->TS_r());
+ }
+
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+
+ if ( iHdr.iInitiator )
+ {
+ if ( iEapPlugin )
+ iState = KStateIkeSaEapStarted;
+ else iState = KStateIkeSaAuthRequest;
+ }
+ else
+ {
+ iState = KStateIkeSaCompleted;
+ IkeSaCompletedL();
+ }
+
+}
+
+void CIkev2Negotiation::SendKeepAliveMsgL()
+ {
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ INFORMATIONAL,
+ iHdr.iInitiator,
+ EFalse,
+ iHdr.NextRequestId(),
+ iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ SendIkeMsgL(ikeMsg);
+ iState = KStateIkeInfoRequest;
+
+ DEBUG_LOG(_L("CIkev2Negotiation::SendKeepAliveMsgL"));
+ }
+
+
+void CIkev2Negotiation::BuildChildSAMessageL(
+ CIkev2Acquire* aAcquire, TBool aInitiator)
+ {
+ ASSERT(aAcquire);
+ //
+ // Build and send CREATE_CHILD_SA message
+ // CREATE_CHILD_SA request message sent is the following:
+ // HDR(A,B), SK {[N], SA, Ni, [KEi], [TSi, TSr]}
+ // CREATE_CHILD_SA response message is the following:
+ // HDR(A,B), SK {SA, Nr, [KEi], [TSi, TSr]}
+ //
+ iChild.iSPI_In = aAcquire->SPI_In();
+ iChildSaRequest = aAcquire;
+ //TPayloadIkev2* PreviousPayload;
+ //TPayloadIkev2* EncrPayload;
+ GetNonceDataL(aInitiator);
+ aAcquire->AddIpsecSpiToSa(aAcquire->SPI_In());
+
+ TUint32 MsgId = (aInitiator) ? iHdr.NextRequestId() : iHdr.ExpectedRequestId();
+
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ CREATE_CHILD_SA,
+ iHdr.iInitiator,
+ !aInitiator,
+ MsgId,
+ iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+
+ if (aInitiator && aAcquire->SPI_ToBeRekeyed().Length() > 0)
+ {
+ ikeMsg->AppendNotifyPayloadL(aAcquire->IpsecProtocol(),
+ aAcquire->SPI_ToBeRekeyed(),
+ REKEY_SA, KZeroDesc);
+ }
+ ikeMsg->AppendSaPayloadL(*aAcquire->SA());
+
+ if ( aInitiator )
+ {
+ ikeMsg->AppendNoncePayloadL(*iNonce_I);
+ }
+ else
+ {
+ ikeMsg->AppendNoncePayloadL(*iNonce_R);
+ }
+
+ delete iDHKeys; // Delete old DH object
+ iDHKeys = NULL;
+ if ( aAcquire->DHGroup() )
+ {
+ AppendKEPayloadL(*ikeMsg, aAcquire->DHGroup());
+ }
+ ikeMsg->AppendTsiPayloadL(aAcquire->TS_i());
+ ikeMsg->AppendTsrPayloadL(aAcquire->TS_r());
+
+ SendIkeMsgL(ikeMsg);
+
+ if ( aInitiator )
+ {
+ iState = KStateIkeChildSARequest;
+ }
+ else
+ {
+ if (iDHKeys && iDHPublicPeer)
+ {
+ HBufC8* g_ir = iDHKeys->ComputeAgreedKeyL(iDHPublicPeer->Des());
+ CleanupStack::PushL(g_ir);
+
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, *g_ir,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+
+ g_ir->Des().FillZ(); // Wipe out shared secret value from buffer
+ CleanupStack::PopAndDestroy(); //g_ir
+ }
+ else
+ {
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, KZeroDesc,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+ }
+
+ IpsecSANegotiatedL();
+ iState = KStateIkeChildSAResponse;
+ }
+}
+
+void CIkev2Negotiation::BuildDeleteRequestL(CIkev2Expire* aExpire)
+{
+ //
+ // Build and send INFORMATIONAL exchange message with delete payload
+ // HDR(A,B), SK {D}
+ // If CIkev2Expire object defined, build a Delete payload with Ipsec
+ // SPI and protocl stored into CIkev2Expire object. If no CIkev2Expire build
+ // Delete payload for IKE SA.
+ //
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ INFORMATIONAL,
+ iHdr.iInitiator,
+ EFalse,
+ iHdr.NextRequestId(),
+ iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+
+ CDesC8Array* spiArray = new (ELeave) CDesC8ArrayFlat(2);
+ CleanupStack::PushL(spiArray);
+ if ( aExpire )
+ {
+ spiArray->AppendL(aExpire->SPI());
+ ikeMsg->AppendDeletePayloadL(aExpire->Protocol(), *spiArray);
+ }
+ else
+ {
+ ikeMsg->AppendDeletePayloadL(IKEV2_PROTOCOL, *spiArray);
+ }
+ CleanupStack::PopAndDestroy(spiArray);
+
+ SendIkeMsgL(ikeMsg);
+ DEBUG_LOG(_L("CIkev2Negotiation::BuildDeleteRequestL() Delete send OK"));
+
+ if ( aExpire )
+ {
+ iState = KStateChildDeleteRequest;
+ }
+ else
+ {
+ iState = KStateIkeDeleteRequest;
+ }
+}
+
+void CIkev2Negotiation::BuildIkeSaRekeyMsgL(TBool aRequest)
+{
+ //
+ // Build and send CHILD_SA exchange message which contains IKE SA
+ // rekey message (either request or response)
+ // HDR, SA, Nonce, KE
+ //
+ HBufC8* SaBfr;
+ HBufC8* Nonce;
+ TUint32 MsgId;
+
+ if ( aRequest )
+ {
+ // Get a new SA Id for rekeyed IKE SA
+ iSAid_Rekey = iIkeV2PlugInSession.GetSAId();
+ CreateIkeSPI(iSPI_Rekey, ETrue);
+ SaBfr = Ikev2Proposal::FromPolicyToProposaL(iHdr, iSPI_Rekey, iDHGroupGuess, ETrue);
+ SetProposedSa(SaBfr); // Save SA payload buffer
+ GetNonceDataL(ETrue);
+ Nonce = iNonce_I;
+ MsgId = iHdr.NextRequestId();
+ }
+ else
+ {
+ SaBfr = PeekProposedSa();
+ Ikev2Proposal::ChangeSpiInProposal(SaBfr, iSPI_Rekey);
+ GetNonceDataL(EFalse);
+ Nonce = iNonce_R;
+ MsgId = iHdr.ExpectedRequestId();
+ }
+
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ CREATE_CHILD_SA,
+ iHdr.iInitiator,
+ !aRequest,
+ MsgId,
+ iDebug);
+
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ ikeMsg->AppendSaPayloadL(*SaBfr);
+ ikeMsg->AppendNoncePayloadL(*Nonce);
+ AppendKEPayloadL(*ikeMsg, iHdr.iDHGroup);
+
+ SendIkeMsgL(ikeMsg);
+
+ if ( aRequest )
+ {
+ iState = KStateIkeSARekeyRequest;
+ }
+}
+
+void CIkev2Negotiation::CheckNotifyCodeL(CIkev2Payloads* aIkeMsg)
+ {
+ ASSERT(aIkeMsg);
+ //
+ // Some error has occurred during incoming IKE message handling
+ // Build an error response with specified Notify message type
+ //
+ TInt MsgType( GetNotifyCode() );
+
+ if ( MsgType )
+ {
+ //
+ // Build and error response/request with Notify payload
+ // If received message with error condition is a request
+ // Notify payload is transmitted in the response IKE message
+ // of ongoing exchange (with erronous request message id)
+ // If received message with error conditions is a response
+ // an informational exchange is initiated with Notify payload
+ //
+ CIkeV2Message* XmitHdr = NULL;
+ TBool Response(aIkeMsg->GetIkeMsg()->GetFlags() & IKEV2_RESPONSE_MSG);
+ if ( Response )
+ {
+ iState = KStateIkeInfoRequest;
+ TUint32 MsgId = aIkeMsg->GetIkeMsg()->GetMessageId();
+ XmitHdr = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ INFORMATIONAL,
+ iHdr.iInitiator,
+ EFalse,
+ MsgId,
+ iDebug);
+
+ }
+ else
+ {
+ XmitHdr = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ aIkeMsg->GetIkeMsg()->GetExchange(),
+ iHdr.iInitiator,
+ ETrue,
+ iHdr.ExpectedRequestId(),
+ iDebug);
+ }
+
+ if (aIkeMsg->Encrypted())
+ {
+ XmitHdr->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ }
+
+ TInt notifyDataLength = 0;
+ TUint8* notifyData = NotifyData(notifyDataLength);
+
+ if (notifyDataLength == 0)
+ {
+ XmitHdr->AppendNotifyPayloadL(IKEV2_PROT_NONE, KZeroDesc, MsgType, KZeroDesc);
+ }
+ else
+ {
+ TPtrC8 notifyDataPtrC(notifyData, notifyDataLength);
+ XmitHdr->AppendNotifyPayloadL(IKEV2_PROT_NONE, KZeroDesc, MsgType, notifyDataPtrC);
+ iNotifyDataLth = 0; //Reset notifydata
+ }
+
+ SendIkeMsgL(XmitHdr);
+
+ iEventLogger.LogEvent(MKmdEventLoggerIf::KLogError, R_VPN_MSG_SENT_ERROR_RESPONSE,
+ MsgType, iHdr.iVpnIapId, &iHdr.iRemoteAddr);
+ }
+ }
+
+
+void CIkev2Negotiation::GetNatStatus(TBool aSupported, const TInetAddr& aRemote)
+{
+ //
+ // Examine NAT discovery status (from iHdr.iNATFlags) and set
+ // floated port usage indicator, if required.
+ //
+ if ( aSupported )
+ {
+ if ( iHdr.iNATFlags & (REMOTE_END_NAT + LOCAL_END_NAT) )
+ {
+ if ( iHdr.iNATFlags & REMOTE_END_NAT )
+ {
+ //
+ // Remote end is behind NAT. Save current source IP to be
+ // used as further destination address.
+ // When remote and is behind NAT it is supposed that it
+ // must be pure mapping between public- and private IP
+ // addresses (remote NAPT is NOT supported)
+ //
+ DEBUG_LOG(_L("Remote end is behind NAT"));
+ iHdr.iDestinAddr = aRemote; // Remote end behind NAT, use current source IP as destin
+ }
+
+ if ( iHdr.iNATFlags & LOCAL_END_NAT )
+ {
+ DEBUG_LOG(_L("NAT discovery result: Local end is behind NAT"));
+ }
+ iHdr.iFloatedPort = ETrue;
+ iHdr.iDestinAddr.SetPort(FLOATED_IKE_PORT);
+ }
+ else
+ {
+ if ( iHdr.iMobikeUsed )
+ {
+ iHdr.iFloatedPort = ETrue;
+ iHdr.iDestinAddr.SetPort(FLOATED_IKE_PORT);
+ }
+ DEBUG_LOG(_L("NAT discovery result: There is no NAT between negotiating ends"));
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("NAT discovery operation failed"));
+ }
+}
+
+void CIkev2Negotiation::CreateIkeSPI(TIkeSPI& aSPI, TBool aRekey)
+{
+ //
+ // Create IKE SPI for local end.
+ // The SPI value is created from the following "parameters" in
+ // IKEv2 negotiation object:
+ // - The first 4 octets of SPI value are the SAId (32 bit value)
+ // - The last 4 octets of SPI contains "pseudo random" value:
+ // X = (SAId + negotiation object pointer) >> (SAId & 3)
+ //
+ TUint32 SpiValue1;
+ TUint32 SpiValue2;
+ if ( aRekey )
+ SpiValue1 = iSAid_Rekey;
+ else SpiValue1 = iHdr.SaId();
+ Mem::Copy((TUint8*)&SpiValue2, (TUint8*)this, 4);
+ SpiValue2 = (SpiValue2 + SpiValue1) >> (SpiValue1 & 3);
+ PUT32(aSPI.Ptr(), SpiValue1);
+ PUT32((aSPI.Ptr() + 4), SpiValue2);
+ aSPI.SetLength(IKEV2_SPI_SIZE);
+}
+
+void CIkev2Negotiation::LoadEapPluginL()
+{
+ //
+ // If EAP configured in policy, construct EAP interface object to
+ // communicate EAP ECOM plug-in
+ // If consruction causes an error, stop negotiation request
+ //
+ iHdr.iEAPType = iHdr.iIkeData->iEAPProtocol;
+ if ( !iEapPlugin && iHdr.iEAPType )
+ {
+ iEapPlugin = CIkev2EapIf::NewL(*this, (TUint8)iHdr.iEAPType, iHdr.iIkeData, iDebug);
+ TInt Status = iEapPlugin->Status();
+ if ( Status != KErrNone )
+ {
+ iStopped = ETrue;
+ }
+ else iEapPlugin->QueryIdentity();
+ }
+}
+
+TBool CIkev2Negotiation::InitPkiServiceL()
+{
+ DEBUG_LOG(_L("-> CIkev2Negotiation::InitPkiServiceL"));
+ //
+ // If EAP configured in policy, construct EAP interface object to
+ // communicate EAP ECOM plug-in
+ // If consruction causes an error, return corresponding error code
+ // to stop negotiation request
+ //
+ TBool Status = EFalse;
+ if ( !iPkiService && Ikev2Proposal::PkiServiceNeeded(iHdr.iIkeData) )
+ {
+ iPkiService = CIkeV2PkiService::NewL(*this, iDebug);
+
+ if (iHdr.iIkeData->iCAList->Count() == 0)
+ {
+ User::Leave(KVpnErrInvalidCaCertFile);
+ }
+
+ iPkiService->InitIkeV2PkiService(iHdr.iIkeData);
+ iState = KStateIkeInitPkiService;
+ Status = ETrue;
+ }
+
+ DEBUG_LOG(_L("<- CIkev2Negotiation::InitPkiServiceL"));
+ return Status;
+}
+
+
+void CIkev2Negotiation::SendIkeMsgL(CIkeV2Message* aMsg)
+{
+ ASSERT(aMsg);
+
+ TPtrC8 encryptionKey;
+ TPtrC8 integrityKey;
+ if ( iHdr.iInitiator )
+ {
+ encryptionKey.Set(iHdr.iSK_ei);
+ integrityKey.Set(iHdr.iSK_ai);
+ }
+ else
+ {
+ encryptionKey.Set(iHdr.iSK_er);
+ integrityKey.Set(iHdr.iSK_ar);
+ }
+
+ TInetAddr sourceAddr(iHdr.iLocalAddr);
+ if (iHdr.iFloatedPort)
+ {
+ sourceAddr.SetPort(FLOATED_IKE_PORT);
+ }
+ else
+ {
+ sourceAddr.SetPort(IKE_PORT);
+ }
+ aMsg->PrepareIkeMessageDatagramL(iHdr.iEncrAlg, encryptionKey,
+ iHdr.iIntegAlg, integrityKey,
+ sourceAddr, iHdr.iDestinAddr);
+ iMessageSendQue.SendIkeMessageL(aMsg->IkeMessageDatagram(), iHdr.iFloatedPort);
+
+ if (aMsg->Flags() & IKEV2_RESPONSE_MSG )
+ {
+ iHdr.SaveRespMsg(aMsg);
+ iHdr.iRespRetryCount = 0;
+ }
+ else
+ {
+ iSendAttempt = 1;
+ iTimer->Cancel();
+ iTimer->IssueRequest(iSendAttempt); // Start retry timer
+
+ iHdr.SaveRequestMsg(aMsg);
+ }
+}
+
+void CIkev2Negotiation::RetransmitRequest()
+ {
+ TRAPD(err, DoRetransmitL(EFalse));
+ if ( err != KErrNone )
+ {
+ iIkeV2PlugInSession.IkeSaDeleted( err );
+ }
+ }
+
+void CIkev2Negotiation::DoRetransmitL(TBool aResponse)
+{
+ if ( aResponse )
+ {
+ //
+ // Peer has retransmitted a request, retransmit last response
+ // message saved.
+ //
+ if ( iHdr.iLastResponse && (iHdr.iRespRetryCount <= KMaxSendAttemps) )
+ {
+ iHdr.iRespRetryCount ++;
+ //iHdr.iLastResponse = NULL;
+ DEBUG_LOG3(_L("IKE response message rexmitted on SAId: %d , Retry: %d , State: %d"), iHdr.SaId(), iHdr.iRespRetryCount, iState );
+
+ iMessageSendQue.SendIkeMessageL(iHdr.iLastResponse->IkeMessageDatagram(),
+ iHdr.iFloatedPort);
+ }
+ else iStopped = ETrue;
+ }
+ else
+ {
+ //
+ // No response received to a transmitted IKE request message
+ // Retransmit message if retry count not exhausted
+ //
+ DEBUG_LOG(_L("No response received for transmitted IKE request."));
+
+ iSendAttempt++;
+ iMessageSendQue.CancelSend(iHdr.iLastRequest->IkeMessageDatagram());
+
+ if ( iSendAttempt <= KMaxSendAttemps )
+ {
+ DEBUG_LOG3(_L("IKE Message rexmitted on SAId: %d , State: %d , Retry: %d"),iHdr.SaId(), iState, iSendAttempt );
+ iMessageSendQue.SendIkeMessageL(iHdr.iLastRequest->IkeMessageDatagram(),
+ iHdr.iFloatedPort);
+ iTimer->IssueRequest(iSendAttempt); // Restart retry timer
+ }
+ else
+ {
+ DEBUG_LOG3(_L("Transmit retry count reached on SAId: %d , State: %d , retry: %d"),iHdr.SaId(), iState, iSendAttempt );
+ if ( iState < KStateIkeSaCompleted )
+ {
+ IkeSaFailed(KKmdIkeNegotFailed); // IKE SA negotiation going
+ }
+ else
+ {
+ iIkeV2PlugInSession.DeleteIkev2SA(iHdr.SaId());
+ iIkeV2PlugInSession.IkeSaDeleted(KKmdIkeNoResponseErr); //IKE SA deletion going
+ delete this;
+ }
+ }
+ }
+ }
+
+
+void CIkev2Negotiation::IkeV2PkiInitCompleteL(TInt aStatus)
+ {
+
+ DEBUG_LOG(_L("-> CIkev2Negotiation::IkeV2PkiInitCompleteL"));
+ //
+ // The implementation for class MPkiServiceComplete virtual function
+ // This method is called when a PKI service operation is
+ // completed.
+ //
+
+ __ASSERT_ALWAYS( iPkiService != NULL, User::Invariant());
+ __ASSERT_ALWAYS(iState == KStateIkeInitPkiService, User::Invariant());
+
+ switch(aStatus)
+ {
+ case KErrNone:
+ //
+ // PKI service object has been constructed
+ // Start IKE_SA_INIT exchange
+ //
+ iState = KStateIdle;
+ if ( iChildSaRequest )
+ {
+ CIkev2Acquire* Acquire = iChildSaRequest;
+ iChildSaRequest = NULL;
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ GetIpsecSPI(Acquire);
+ }
+ else if ( iSavedSaInit )
+ {
+ TPtr8 IkeMsg(iSavedSaInit->Des());
+ const ThdrISAKMP* IkeMessage = ThdrISAKMP::Ptr(IkeMsg);
+ ProcessIkeMessageL(*IkeMessage, iHdr.iRemoteAddr, IKE_PORT);
+ if ( Stopped() )
+ delete this;
+ }
+ break;
+ case KErrNotFound:
+ DEBUG_LOG(_L("IKEv2 CA certificate retrieve failed. Certificate not found"));
+ IkeSaFailed(KVpnErrInvalidCaCertFile);
+ break;
+ default:
+ {
+ DEBUG_LOG1(_L("IKEv2 CA certificate retrieve failed (%d)"), aStatus);
+ IkeSaFailed(aStatus);
+ }
+ break;
+ }
+
+ DEBUG_LOG(_L("<- CIkev2Negotiation::IkeV2PkiInitCompleteL"));
+ }
+
+
+void CIkev2Negotiation::SendEapDataL(HBufC8* aEapData)
+{
+ //
+ // Send an IKE containing an EAP payload (within Encrypted Payload)
+ // The entire EAP payload data is provided in aEapData buffer
+ //
+ CleanupStack::PushL(aEapData);
+ if ( iState == KStateIkeSaEapGoing )
+ {
+ __ASSERT_DEBUG(iHdr.iInitiator, User::Invariant());
+
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(), iHdr.SpiR(),
+ IKE_AUTH,
+ iHdr.iInitiator,
+ EFalse,
+ iHdr.NextRequestId(),
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ ikeMsg->AppendEapPayloadL(*aEapData);
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+ }
+ CleanupStack::PopAndDestroy(aEapData);
+}
+
+void CIkev2Negotiation::EapEventL(TInt aEvent)
+ {
+ // See whether the object is accepting any events
+ // (it is, by default, but will not take events during destruction phase)
+ if (!iProcessEvents)
+ {
+ return;
+ }
+ //
+ // An event idicated by the EAP plugin process event according to
+ // event type
+ //
+ switch ( aEvent )
+ {
+ case KEapEventSuccess:
+ if ( (iState == KStateIkeSaEapGoing) || (iState == KStateIkeSaEapStarted) )
+ {
+ //
+ // EAP auhtentication succeeded.
+ // Build IKE message HDR, SK {AUTH}
+ //
+ __ASSERT_DEBUG( iHdr.iInitiator, User::Invariant());
+
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(), iHdr.SpiR(),
+ IKE_AUTH,
+ iHdr.iInitiator,
+ EFalse,
+ iHdr.NextRequestId(),
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+
+
+ HBufC8* authData = SignAuthDataL(*iAuthMsgInit, (TUint8)iHdr.iAuthMethod);
+ CleanupStack::PushL(authData);
+ ikeMsg->AppendAuthPayloadL(iHdr.iAuthMethod, *authData);
+ CleanupStack::PopAndDestroy(authData);
+
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+ iState = KStateIkeSaAuthRequest;
+ iEapCompleted = ETrue;
+ }
+ break;
+
+ case KEapEventGetIdentity:
+ GetOwnIdentityL(ETrue); // Gets the Identity from EAP plugin
+ if ( iState == KStateIkeWaitingId )
+ {
+ //
+ // Identity data provided by the EAP plug-in
+ // Complete local signed data and send the first
+ // IKE_AUTH message
+ //
+ AddIdToSignedDataL(ETrue, iAuthMsgInit, iLocalIdentity->PayloadData());
+ SendIkeAuthMessageL();
+ }
+ break;
+
+ case KEapEventGetPSK:
+ if ( iState == KStateIkeSaEapGoing )
+ {
+ //
+ // Preshared key provided by the EAP plug-in
+ // Get key data and link it into negotiation object
+ //
+ iPresharedKey = iEapPlugin->MSK();
+ }
+ break;
+
+ default: // = KEapEventFailed
+ //
+ // EAP authentication is failed. Stop negotiation
+ //
+ IkeSaFailed(KKmdIkeAuthFailedErr); // IKE SA negotiation going
+ break;
+ }
+ }
+
+TBool CIkev2Negotiation::ProcessIkeSaInitL(CIkev2Payloads* aIkeMsg, const TInetAddr& aRemote)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Process IKE message of exchange type IKE_SA_INIT
+ //
+ ThdrISAKMP* IkeHdr = aIkeMsg->GetIkeMsg(); // IKE Message fixed header
+ TBool Response = IkeHdr->GetFlags() & IKEV2_RESPONSE_MSG;
+ TBool Initiator = IkeHdr->GetFlags() & IKEV2_INITIATOR;
+ TUint32 MsgId = IkeHdr->GetMessageId();
+
+ if ( iHdr.iInitiator )
+ {
+ if ( Initiator ) {
+ DEBUG_LOG1(_L("IKEv2 Message with Orig_Init-bit in wrong state: %d"), iState);
+ return ETrue;
+ }
+ if ( !Response )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message is not response; state: %d"), iState);
+ return ETrue;
+ }
+ if ( MsgId != iHdr.ExpectedResponseId() )
+ {
+ DEBUG_LOG1(_L("Wrong message id in response; state: %d"), iState);
+ return ETrue;
+ }
+
+ if (iState == KStateIkeSaInitRequest)
+ {
+ //record responder SPI
+ aIkeMsg->GetIkeMsg()->GetSPI_R(iHdr.SpiR());
+
+ //
+ // Received message should be a response to a
+ // IKE_SA_INIT request transmitted.
+ //
+ if (IkeHdr->GetPayload() == IKEV2_PAYLOAD_NOTIF)
+ {
+ return ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, EFalse, IKE_SA_INIT);
+ }
+ //
+ // Response message should be format:
+ // HDR(A,B), SAr1, KEr, Nr, [CERTREQ]
+ //
+ if ( !CheckPayloadsOrder(aIkeMsg, IKE_SA_INIT, ETrue) )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_SA_INIT response: %d"), iState);
+ return EFalse;
+ }
+ if ( !Ikev2Proposal::VerifySaResponseL(iHdr, iChild, *PeekProposedSa(), *aIkeMsg) )
+ {
+ DEBUG_LOG1(_L("Unaccepted SA content in IKE_SA_INIT response: %d"),iState);
+ return EFalse;
+ }
+ if ( aIkeMsg->iNonce->PlDataLen() < IKEV2_MIN_NONCE_SIZE )
+ {
+ DEBUG_LOG1(_L("Nonce data too short %d"), iState);
+ return EFalse;
+ }
+
+ if ( iNatNotify )
+ {
+ TBool Supported;
+ TInetAddr LocalIp;
+ if ( iHdr.iIkeData->iUseMobIke )
+ LocalIp.SetAddress(KInetAddrNone);
+ else LocalIp = iHdr.iLocalAddr;
+
+#ifdef _DEBUG
+ TBuf<80> debugBuf;
+ DEBUG_LOG(_L("Calculating NAT detection:"));
+ LocalIp.Output(debugBuf);
+ DEBUG_LOG2(_L("LocalIp %S:%d"), &debugBuf, IKE_PORT);
+ iHdr.iRemoteAddr.Output(debugBuf);
+ DEBUG_LOG2(_L("RemoteIp %S:%d"), &debugBuf, IKE_PORT);
+#endif
+
+ iHdr.iNATFlags = CIkev2NatT::CheckPeerNotifysL(*aIkeMsg->iNotifs, LocalIp, iHdr.iRemoteAddr, IKE_PORT,
+ iHdr.SpiI(), iHdr.SpiR(), Supported);
+ GetNatStatus(Supported, aRemote);
+ }
+
+ delete iNonce_R;
+ iNonce_R = NULL;
+
+ iNonce_R = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ iNonce_R->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ if ( !ProcessKeyExchangeL((TKEPayloadIkev2*)aIkeMsg->iKe, iHdr.iDHGroup) )
+ {
+ return EFalse;
+ }
+
+ //
+ // IKE_SA_INIT request is completed enter IKE_AUTH
+ //
+ GenerateIkeKeysL();
+ TPtrC8 ikeHdrPtr((TUint8*)IkeHdr, IkeHdr->GetLength());
+ SaveSignedDataL(EFalse, ikeHdrPtr); // Save IKE_AUTH message 2
+
+ //We ignore possible cert req payloads and just work
+ //according our policy
+ if ( !iHdr.iEAPType &&
+ (iHdr.iAuthMethod == RSA_DIGITAL_SIGN || iHdr.iAuthMethod == DSS_DIGITAL_SIGN) )
+ {
+ SaveSignedDataL(ETrue, iHdr.iLastRequest->IkeMessageDatagram()); // Own identity not yet saved to signed data
+
+ GetOwnIdentityL(); // Get own Identity from Certificate (or policy)
+ AddIdToSignedDataL(ETrue, iAuthMsgInit, iLocalIdentity->PayloadData());
+ }
+ else
+ {
+ //
+ // Check if "implicit" Child SA exchange required
+ // by getting request CIkev2Acquire object from queue
+ //
+ GetOwnIdentityL();
+ SaveSignedDataL(ETrue, iHdr.iLastRequest->IkeMessageDatagram()); // Own identity saved to signed data
+ }
+ iChildSaRequest = CIkev2Acquire::GetNext(GetAcquireQue(), EFalse);
+ SendIkeAuthMessageL();
+ }
+ else
+ {
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("IKE_SA_INIT response received in state %d"), iState);
+ }
+ }
+ else {
+ if ( !Initiator )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message without Orig_Init-bit in wrong, state: %d"), iState);
+ return ETrue;
+ }
+ if ( Response )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message is not request, state: %d"), iState);
+ return ETrue;
+ }
+
+ switch ( iState )
+ {
+ case KStateIdle:
+ case KStateIkeSaInitResponse:
+ //Record Initiator SPI
+ aIkeMsg->GetIkeMsg()->GetSPI_I(iHdr.SpiI());
+ iHdr.SpiI().SetLength(IKEV2_SPI_SIZE);
+
+ //
+ // Received message should be an IKE_SA_INIT request
+ // Request message should be format:
+ // HDR(A,0), SAi1, KEi, Ni, [CERTREQ]
+ //
+ {
+ if ( !CheckPayloadsOrder(aIkeMsg, IKE_SA_INIT, EFalse) )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_SA_INIT request: %d"), iState);
+ return EFalse;
+ }
+ if ( MsgId != iHdr.ExpectedRequestId() ) {
+ if ( iHdr.iLastResponse != NULL &&
+ MsgId == iHdr.iLastResponse->MessageId() &&
+ iState == KStateIkeSaInitResponse )
+ {
+ //
+ // Retransmission of an earlier IKE_SA_INIT
+ // request. Retransmit current IKE_SA_INIT
+ // response (if retry count not exhausted)
+ //
+ DoRetransmitL(ETrue);
+ return ETrue;
+ }
+ else {
+ DEBUG_LOG1(_L("Wrong message id in request, state: %d"), iState);
+ return EFalse;
+ }
+ }
+ if ( iState == KStateIkeSaInitResponse )
+ return EFalse; // IKE_SA_INIT request retry with a new message ID
+ iIkeV2PlugInSession.StartResponding();
+
+ //
+ // Build a SA payload from current IKE policy and
+ // verify received IKE SA request with it
+ //
+ HBufC8* SaBfr = Ikev2Proposal::FromPolicyToProposaL(iHdr, iSPI_Rekey, iDHGroupGuess);
+ CleanupStack::PushL(SaBfr);
+ HBufC8* proposedSa = NULL;
+ TBool SaOk = Ikev2Proposal::VerifySaRequestAndGetProposedSaBufferL(iHdr, iChild,
+ *SaBfr, *aIkeMsg,
+ proposedSa);
+ CleanupStack::PopAndDestroy();
+ if ( !SaOk )
+ {
+ DEBUG_LOG1(_L("Unaccepted SA content in IKE_SA_INIT request: %d"),iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ return EFalse;
+ }
+ SetProposedSa(proposedSa);
+ proposedSa = NULL;
+ if ( aIkeMsg->iNonce->PlDataLen() < IKEV2_MIN_NONCE_SIZE )
+ {
+ DEBUG_LOG1(_L("Nonce data too short %d"), iState);
+ return EFalse;
+ }
+
+ //Check peer NAT status
+ TBool useNatDetection = EFalse;
+ if ( !iHdr.iIkeData->iUseNatProbing )
+ {
+ TInetAddr LocalIp;
+ if ( iHdr.iIkeData->iUseMobIke )
+ LocalIp.SetAddress(KInetAddrNone);
+ else LocalIp = iHdr.iLocalAddr;
+ iHdr.iNATFlags = CIkev2NatT::CheckPeerNotifysL(*aIkeMsg->iNotifs, LocalIp,
+ iHdr.iRemoteAddr, IKE_PORT,
+ iHdr.SpiI(), iHdr.SpiR(), useNatDetection);
+ }
+
+ if ( !ProcessKeyExchangeL((TKEPayloadIkev2*)aIkeMsg->iKe, iHdr.iDHGroup) )
+ return EFalse;
+
+
+ //
+ // Create own SPI (responder)
+ //
+ CreateIkeSPI(iHdr.SpiR());
+ delete iNonce_I;
+ iNonce_I = NULL;
+ iNonce_I = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ iNonce_I->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ GetNonceDataL(EFalse);
+
+ TPtrC8 ikeHdrPtr((TUint8*)IkeHdr, IkeHdr->GetLength());
+ SaveSignedDataL(EFalse, ikeHdrPtr); // Save IKE_AUTH message 2
+
+ //
+ // Build IKE_SA_INIT response message: HDR, SAr1, KEr, Nr, [CERTREQ]
+ //
+ __ASSERT_DEBUG(!iHdr.iInitiator, User::Invariant());
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(), iHdr.SpiR(),
+ IKE_SA_INIT,
+ iHdr.iInitiator,
+ ETrue,
+ iHdr.ExpectedRequestId(),
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+
+ HBufC8* saBfr = Ikev2Proposal::FromPolicyToProposaL(iHdr, iSPI_Rekey, iDHGroupGuess);
+ CleanupStack::PushL(saBfr);
+ ikeMsg->AppendSaPayloadL(*saBfr);
+ CleanupStack::Pop(saBfr);
+ SetProposedSa(saBfr);
+
+ AppendKEPayloadL(*ikeMsg, iHdr.iDHGroup);
+ ikeMsg->AppendNoncePayloadL(*iNonce_R);
+
+ if ( iPkiService )
+ {
+ ikeMsg->AppendCertReqPayloadL(iPkiService->CaList());
+ }
+
+ if ( useNatDetection )
+ {
+ delete iNatNotify;
+ iNatNotify = NULL;
+
+ TInetAddr LocalIp;
+ if ( iHdr.iIkeData->iUseMobIke )
+ LocalIp.SetAddress(KInetAddrNone);
+ else LocalIp = iHdr.iLocalAddr;
+
+
+ iNatNotify = CIkev2NatT::NewL(LocalIp, iHdr.iRemoteAddr, IKE_PORT, ikeMsg->InitiatorSpi(), ikeMsg->ResponderSpi());
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_SOURCE_IP,
+ iNatNotify->SourceNofify());
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_DESTINATION_IP,
+ iNatNotify->DestinNofify());
+ }
+ GetNatStatus(useNatDetection, aRemote);
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+ GenerateIkeKeysL();
+
+ SaveSignedDataL(ETrue, ikeMsg->IkeMessageDatagram()); // Own identity is not yet saved to signed data
+ iState = KStateIkeSaInitResponse;
+ }
+ break;
+
+ default:
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("IKE_SA_INIT message received in state %d"), iState);
+ break;
+
+ }
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessIkeAuthL(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Process IKE message of exchange type IKE_AUTH
+ //
+ ThdrISAKMP* IkeHdr = aIkeMsg->GetIkeMsg(); // IKE Message fixed header
+ TBool Response = IkeHdr->GetFlags() & IKEV2_RESPONSE_MSG;
+ TBool Initiator = IkeHdr->GetFlags() & IKEV2_INITIATOR;
+ TUint32 MsgId = IkeHdr->GetMessageId();
+
+ if ( iHdr.iInitiator )
+ {
+ if ( Initiator )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message with Orig_Init-bit in wrong state: %d"), iState);
+ return ETrue;
+ }
+ if ( !Response )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message is not response; state: %d"), iState);
+ return ETrue;
+ }
+ if ( MsgId != iHdr.ExpectedResponseId() )
+ {
+ DEBUG_LOG1(_L("Wrong message id in response; state: %d"), iState);
+ return ETrue;
+ }
+
+ switch ( iState )
+ {
+ case KStateIkeSaAuthRequest:
+ DEBUG_LOG(_L("Handling IKE_AUTH response"));
+ //
+ // Received message should be a response to a
+ // IKE_AUTH request transmitted.
+ // Response message should be format:
+ // HDR(A,B), SK {IDr, [CERT,] AUTH, [CP], SAr2, TSi, TSr}
+ //
+ if ( aIkeMsg->iEncr )
+ {
+ ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, EFalse, IKE_AUTH);
+ if ( iDeleteIkeSA )
+ {
+ DEBUG_LOG1(_L("Error Notify in IKE_AUTH response: %d"), iState);
+
+ //Because we are just in IKE_AUTH no IKE_SAs exists --> we don't
+ //want to delete one. So we set iDeleteIkeSA back to false.
+ iDeleteIkeSA = EFalse;
+
+ return EFalse;
+ }
+ }
+ if ( !CheckPayloadsOrder(aIkeMsg, IKE_AUTH, ETrue) )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_AUTH response: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+
+ if ( iChildSaRequest && !iChildSARejected && !aIkeMsg->iSa )
+ {
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ }
+
+ return EFalse;
+ }
+ DEBUG_LOG(_L("IKE_AUTH payload order check passed"));
+ TBool Status;
+ if ( iEapCompleted )
+ {
+ Status = AuthenticatePeerL(aIkeMsg->iAuth);
+ }
+ else
+ {
+ if ( iPkiService && !VerifyPeerCertificateL(aIkeMsg->iCerts, aIkeMsg->iIdR) )
+ {
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ Status = AddIdAndAuthenticatePeerL(aIkeMsg);
+ }
+ if ( !Status )
+ {
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ //
+ // If implicit Child SA negotiation requested,
+ // verify IPSEC SA- and Traffic selector payloads, too
+ //
+ if ( iChildSaRequest )
+ {
+ DEBUG_LOG(_L("Processing CHILD_SA creation"));
+ if ( !iChildSARejected )
+ {
+ if ( !Ikev2Proposal::VerifySaResponseL(iHdr, iChild, *iChildSaRequest->SA(), *aIkeMsg) )
+ {
+ DEBUG_LOG1(_L("Unaccepted SA payload content in IKE_AUTH response: %d"),iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ DEBUG_LOG(_L("SA response verified"));
+ if ( !IpsecSelectors::VerifyTrafficSelectorsL(iChildSaRequest, (TTSPayloadIkev2*)aIkeMsg->iTsI, (TTSPayloadIkev2*)aIkeMsg->iTsR ) )
+ {
+ DEBUG_LOG1(_L("Unaccepted Traffic Selectors in IKE_AUTH response: %d"),iState);
+ SetNotifyCode(TS_UNACCEPTABLE);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ DEBUG_LOG(_L("Traffic selectors verified"));
+ if ( aIkeMsg->iCp )
+ {
+ if ( iConfigMode )
+ {
+ iConfigMode->ProcessCpL(aIkeMsg->iCp);
+ }
+ else
+ {
+ DEBUG_LOG(_L("Unsolicited CP payload in IKE_AUTH response"));
+ }
+ }
+ iChildSaRequest->SetSPI_Out(iChild.iSPI_Out);
+ DEBUG_LOG(_L("Generating IPsec keys"));
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, KZeroDesc,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+ DEBUG_LOG(_L("IPsec keys generated"));
+ }
+ else
+ {
+ DEBUG_LOG1(_L("Implicit CHILD_SA rejected Notify in IKE_AUTH response: %d"), iState);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ }
+ }
+ //
+ // IKE_AUTH request is completed and IKE SA has been
+ // negotiated
+ //
+ IkeSaCompletedL();
+ break;
+
+ case KStateIkeSaEapStarted:
+ //
+ // Received message should be an IKE_AUTH response
+ // containing an EAP payload.
+ // The content of received IKE message shall be:
+ // HDR, SK {IDr, [CERT,] AUTH, EAP }
+ //
+ if ( !aIkeMsg->iEncr || !aIkeMsg->iIdR || !aIkeMsg->iAuth || !aIkeMsg->iEap )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_AUTH response: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ if ( iPkiService && !VerifyPeerCertificateL(aIkeMsg->iCerts, aIkeMsg->iIdR) )
+ {
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ if ( !AddIdAndAuthenticatePeerL(aIkeMsg) )
+ {
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ iState = KStateIkeSaEapGoing;
+ iEapPlugin->EapDataInbound(aIkeMsg->iEap);
+ break;
+
+ case KStateIkeSaEapGoing:
+ //
+ // Received message should be an IKE_AUTH response
+ // containing an EAP payload.
+ // The content of received IKE message shall be:
+ // HDR, SK {EAP}
+ //
+ if ( !aIkeMsg->iEncr || !aIkeMsg->iEap )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_AUTH response: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ iEapPlugin->EapDataInbound(aIkeMsg->iEap);
+ break;
+
+ default:
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("IKE_AUTH response received in state %d"), iState);
+ break;
+
+ }
+ }
+ else
+ {
+ if ( !Initiator )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message without Orig_Init-bit in wrong, state: %d"), iState);
+ return ETrue;
+ }
+ if ( Response )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message is not request, state: %d"), iState);
+ return ETrue;
+ }
+ switch ( iState )
+ {
+ case KStateIkeSaInitResponse:
+ case KStateIkeSaCompleted:
+ //
+ // Received message should be an IKE_AUTH request
+ // Request message should be format:
+ // HDR(A,B), SK {IDi, [CERT,] [CERTREQ,] [IDr,] AUTH, SAi2, TSi, TSr}
+ //
+ if ( !CheckPayloadsOrder(aIkeMsg, IKE_AUTH, EFalse) )
+ {
+ DEBUG_LOG1(_L("Erroneous IKE_AUTH request: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ if ( MsgId != iHdr.ExpectedRequestId() ) {
+ if ( iHdr.iLastResponse != NULL &&
+ MsgId == iHdr.iLastResponse->MessageId() &&
+ iState == KStateIkeSaCompleted )
+ {
+ //
+ // Retransmission of an earlier IKE_SA_INIT
+ // request. Retransmit current IKE_SA_INIT
+ // response (if retry count not exhausted)
+ //
+ DoRetransmitL(ETrue);
+ return ETrue;
+ }
+ else {
+ DEBUG_LOG1(_L("Wrong message id in request, state: %d"), iState);
+ SetNotifyCode(INVALID_MESSAGE_ID);
+ StoreNotifyData32(MsgId);
+ return EFalse;
+ }
+ }
+ if ( iState == KStateIkeSaCompleted )
+ return EFalse; // IKE_AUTH request retry with a new message ID
+
+ //if ( aIkeMsg->iEncr )
+ //{
+ ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, EFalse, IKE_AUTH);
+ if ( iDeleteIkeSA )
+ {
+ DEBUG_LOG1(_L("Error Notify in IKE_AUTH response: %d"), iState);
+ return EFalse;
+ }
+ //}
+
+ if ( iPkiService && !VerifyPeerCertificateL(aIkeMsg->iCerts, aIkeMsg->iIdI) )
+ {
+ DEBUG_LOG(_L("Peer certificate validation failed."));
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ if ( !AddIdAndAuthenticatePeerL(aIkeMsg) )
+ {
+ SetNotifyCode(AUTHENTICATION_FAILED);
+ return EFalse;
+ }
+ //
+ // Process "concatenated" Child SA- and Traffic
+ // Selector payloads if present
+ //
+ if ( aIkeMsg->iSa )
+ {
+ DEBUG_LOG(_L("IKE_AUTH request has SA and TS payload."));
+ CIkev2Acquire* Acquire = IpsecSelectors::GetIpsecPolicyL(iIkeV2PlugInSession, aIkeMsg);
+ if ( !Acquire )
+ {
+ DEBUG_LOG1(_L("Unaccepted Traffic Selectors in IKE_AUTH request: %d"),iState);
+ SetNotifyCode(TS_UNACCEPTABLE);
+ return EFalse;
+ }
+ CleanupStack::PushL(Acquire);
+ HBufC8* proposedSaBuffer = NULL;
+ if (!Ikev2Proposal::VerifySaRequestAndGetProposedSaBufferL(iHdr, iChild,
+ *Acquire->SA(), *aIkeMsg,
+ proposedSaBuffer))
+ {
+ CleanupStack::PopAndDestroy(Acquire);
+ DEBUG_LOG1(_L("Unaccepted SA content in IKE_AUTH request: %d"),iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ return EFalse;
+ }
+ SetProposedSa(proposedSaBuffer);
+ proposedSaBuffer = NULL;
+ //
+ // Replace SA payload buffer in CIkev2Acquire with
+ // selected SA payload built in VerifySaRequestL
+ //
+ CleanupStack::Pop(Acquire);
+ Acquire->ReplaceSA(GetProposedSa());
+ Acquire->SetSPI_Out(iChild.iSPI_Out);
+ Acquire->SetResponse();
+ if ( iChild.iTransport )
+ {
+
+ Acquire->SetTransport();
+ }
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ DEBUG_LOG(_L("Acquire linked."));
+
+ if ( aIkeMsg->iCp )
+ {
+ //
+ // CP payload received as IKE SA responder
+ // Handle CP payload and return "dummy"
+ // virtual IP to initiator.
+ //
+ delete iConfigMode;
+ iConfigMode = NULL;
+ iConfigMode = CIkev2Config::NewL(Acquire, (TInetAddr*)&iHdr.iRemoteAddr);
+ iConfigMode->ProcessCpL(aIkeMsg->iCp);
+ Acquire->SetVirtualIp();
+ }
+ //
+ // Get SPI for new inbound SA
+ //
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, KZeroDesc,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+
+ if ( iPkiService && !iEapPlugin &&
+ aIkeMsg->iCertReqs &&
+ aIkeMsg->iCertReqs->Count() )
+ {
+ GetOwnIdentityL(); // Get own Identity from Certificate (or policy)
+ AddIdToSignedDataL(ETrue, iAuthMsgResp, iLocalIdentity->PayloadData());
+
+ CIkev2Acquire* Acquire = CIkev2Acquire::PeekFirst(GetAcquireQue());
+ if ( Acquire )
+ {
+ GetIpsecSPI(Acquire);
+ iState = KStateIkeSaAuthWaitSpi;
+ }
+ else
+ {
+ DEBUG_LOG(_L("CIkev2Acquire::PeekFirst returned NULL."));
+ DEBUG_LOG(_L("Sending IKE_AUTH response."));
+ SendIkeAuthMessageL();
+ }
+
+ }
+ else
+ {
+ GetOwnIdentityL();
+ AddIdToSignedDataL(ETrue, iAuthMsgResp, iLocalIdentity->PayloadData());
+ GetIpsecSPI(Acquire);
+ iState = KStateIkeSaAuthWaitSpi;
+ }
+ }
+ else
+ {
+ if ( iPkiService && !iEapPlugin &&
+ aIkeMsg->iCertReqs &&
+ aIkeMsg->iCertReqs->Count() )
+ {
+ GetOwnIdentityL(); // Get own Identity from Certificate (or policy)
+ AddIdToSignedDataL(ETrue, iAuthMsgResp, iLocalIdentity->PayloadData());
+
+ CIkev2Acquire* Acquire = CIkev2Acquire::PeekFirst(GetAcquireQue());
+ if ( Acquire )
+ {
+ GetIpsecSPI(Acquire);
+ iState = KStateIkeSaAuthWaitSpi;
+ }
+ else
+ {
+ SendIkeAuthMessageL();
+ }
+ }
+ else
+ {
+ //
+ // Build and send an IKE_AUTH response
+ //
+ GetOwnIdentityL();
+ AddIdToSignedDataL(ETrue, iAuthMsgResp, iLocalIdentity->PayloadData());
+ SendIkeAuthMessageL();
+ }
+ }
+ break;
+
+ default:
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("IKE_SA_INIT message received in state %d"), iState);
+ break;
+ }
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessChildSaL(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Process IKE message of exchange type CREATE_CHILD_SA
+ //
+ TUint16 PfsDHGroup;
+ ThdrISAKMP* IkeHdr = aIkeMsg->GetIkeMsg(); // IKE Message fixed header
+ TBool Response = IkeHdr->GetFlags() & IKEV2_RESPONSE_MSG;
+ TBool Initiator = IkeHdr->GetFlags() & IKEV2_INITIATOR;
+ TUint32 MsgId = IkeHdr->GetMessageId();
+
+ if ( iHdr.iInitiator )
+ {
+ if ( Initiator )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message with Orig_Init-bit in wrong state: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ }
+ else
+ {
+ if ( !Initiator )
+ {
+ DEBUG_LOG1(_L("IKEv2 Message without Orig_Init-bit in wrong state: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ }
+
+ if ( Response )
+ {
+ //
+ // CREATE_CHILD_SA response message received
+ //
+ switch ( iState )
+ {
+ case KStateIkeChildSARequest:
+ //
+ // Received message should be a response to a
+ // CREATE_CHILD_SA request transmitted.
+ // Response message should be format:
+ // HDR(A,B), SK { SA, Nr, [KEr], [TSi, TSr]}
+ //
+ if ( MsgId != iHdr.ExpectedResponseId() )
+ {
+ DEBUG_LOG1(_L("Wrong message id in response; state: %d"), iState);
+
+ SetNotifyCode(INVALID_MESSAGE_ID);
+ StoreNotifyData32(MsgId);
+ return EFalse;
+ }
+ if ( aIkeMsg->iEncr )
+ {
+ ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, EFalse, CREATE_CHILD_SA);
+ if ( iDeleteIkeSA )
+ {
+ DEBUG_LOG1(_L("Error Notify in CREATE_CHILD_SA response: %d"), iState);
+ return EFalse;
+ }
+ if ( iChildSARejected )
+ {
+ DEBUG_LOG1(_L("CHILD_SA rejected Notify in CREATE_CHILD_SA response: %d"), iState);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ iStopped = ETrue;
+ return EFalse;
+ }
+ }
+ if ( !CheckPayloadsOrder(aIkeMsg, CREATE_CHILD_SA, ETrue) )
+ {
+ DEBUG_LOG1(_L("Erroneous CREATE_CHILD_SA response: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ if ( aIkeMsg->iNonce->PlDataLen() < IKEV2_MIN_NONCE_SIZE )
+ {
+ DEBUG_LOG1(_L("Nonce data too short %d"), iState);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ iStopped = ETrue;
+ return EFalse;
+ }
+
+ if ( !Ikev2Proposal::VerifySaResponseL(iHdr, iChild, *iChildSaRequest->SA(), *aIkeMsg) )
+ {
+ DEBUG_LOG1(_L("Unaccepted SA content in CREATE_CHILD_SA response: %d"),iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ if ( !IpsecSelectors::VerifyTrafficSelectorsL(iChildSaRequest, (TTSPayloadIkev2*)aIkeMsg->iTsI, (TTSPayloadIkev2*)aIkeMsg->iTsR ) )
+ {
+ DEBUG_LOG1(_L("Unaccepted Traffic Selectors in CREATE_CHILD_SA response: %d"),iState);
+ SetNotifyCode(TS_UNACCEPTABLE);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ delete iNonce_R;
+ iNonce_R = NULL;
+ iNonce_R = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ iNonce_R->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ PfsDHGroup = iChildSaRequest->DHGroup();
+ if ( PfsDHGroup )
+ {
+ if ( !ProcessKeyExchangeL((TKEPayloadIkev2*)aIkeMsg->iKe, PfsDHGroup) )
+ {
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ HBufC8* g_ir = iDHKeys->ComputeAgreedKeyL(iDHPublicPeer->Des());
+ CleanupStack::PushL(g_ir);
+
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, *g_ir,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+
+
+ g_ir->Des().FillZ(); // Wipe out shared secret value from buffer
+ CleanupStack::PopAndDestroy(); //g_ir
+
+ }
+ else if ( aIkeMsg->iKe )
+ {
+ DEBUG_LOG1(_L("Unsolicted Key Exchange payload present in CREATE_CHILD_SA response: %d"),iState);
+ SetNotifyCode(INVALID_KE_PAYLOAD);
+ iChildSaRequest = Ikev2Pfkey::DeleteInboundSPI(iHdr, iIkeV2PlugInSession, iChildSaRequest);
+ return EFalse;
+ }
+ else
+ {
+ iChild.GenerateIpsecKeysL(iHdr.iSK_d, KZeroDesc,
+ *iNonce_I, *iNonce_R, iHdr.iPRFAlg);
+
+ }
+ //
+ // CREATE_CHILD_SA request is completed Update
+ //
+ IpsecSANegotiatedL();
+ break;
+
+ case KStateIkeSARekeyRequest:
+ //
+ // Received message should be a response to a
+ // IKE SA rekey CHILD_SA request transmitted.
+ // Response message should be format:
+ // HDR(A,B), SK { SA, Nr, KEr }
+ //
+ if ( CheckPayloadsOrder(aIkeMsg, CREATE_CHILD_SA, ETrue) && aIkeMsg->iKe )
+ {
+ DEBUG_LOG1(_L("IKE SA rekey message received as CHILD_SA response: %d"), iState);
+ ProcessIkeSARekeyL(aIkeMsg);
+ }
+ else
+ {
+ DEBUG_LOG1(_L("Erroneous IKE SA rekey message received as CHILD_SA response: %d"),iState);
+ }
+ //iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL, EFalse);
+ BuildDeleteRequestL(NULL); // Delete IKE SA rekeyed
+ iIkeV2PlugInSession.DeleteIkev2SA(iHdr.SaId());
+ break;
+
+ default:
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("CREATE_CHILD_SA response received in state %d"), iState);
+ break;
+
+ }
+ }
+ else
+ {
+ //
+ // CREATE_CHILD_SA request message received
+ //
+ if ( MsgId != iHdr.ExpectedRequestId() ) {
+ if ( iHdr.iLastResponse != NULL &&
+ MsgId == iHdr.iLastResponse->MessageId() )
+ {
+ //
+ // Retransmission of an earlier request.
+ // Retransmit current response
+ //
+ iState = KStateIkeChildSAResponse;
+ DoRetransmitL(ETrue);
+ return ETrue;
+ }
+ else {
+ DEBUG_LOG1(_L("Wrong message id in request, state: %d"), iState);
+ SetNotifyCode(INVALID_MESSAGE_ID);
+ StoreNotifyData32(MsgId);
+ return EFalse;
+ }
+ }
+
+ if ( iState >= KStateIkeSaCompleted )
+ {
+ //
+ // Received CREATE_CHILD_SA message can be one of the
+ // following:
+ // -- Create new Ipsec SA request:
+ // HDR(A,B), SK { SA, Nr, [KEi], [TSi, TSr]}
+ // -- Rekey Ipsec SA request:
+ // HDR(A,B), SK { N, SA, Ni, [KEi], [TSi, TSr]}
+ // -- Rekey IKE SA request:
+ // HDR(A,B), SK { SA, Ni, KEi}
+ //
+ if ( !CheckPayloadsOrder(aIkeMsg, CREATE_CHILD_SA, EFalse) )
+ {
+ DEBUG_LOG1(_L("Erroneous CREATE_CHILD_SA request: %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ return EFalse;
+ }
+ //
+ // Check is the current request an IKE SA rekey by checking
+ // Proposal payload protocol value
+ //
+ if ( Ikev2Proposal::IkeSaRekey(aIkeMsg) )
+ {
+ TBool Status;
+ if ( iState == KStateIkeSARekeyRequest )
+ {
+ DEBUG_LOG1(_L("IKE SA Rekey collision for SAID: %d"), iHdr.SaId());
+ SetNotifyCode(NO_ADDITIONAL_SAS);
+ Status = EFalse;
+ }
+ else
+ {
+ DEBUG_LOG1(_L("IKE SA Rekey started by peer for SAID: %d"), iHdr.SaId());
+ iState = KStateIkeSARekeyResponse;
+ Status = ProcessIkeSARekeyL(aIkeMsg);
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL);
+ }
+ return Status;
+ }
+ if ( CIkev2Acquire::Responding(GetAcquireQue()) )
+ {
+ DEBUG_LOG1(_L("CREATE_CHILD_SA IKE SA request already pending: %d"), iState);
+ SetNotifyCode(NO_ADDITIONAL_SAS);
+ return EFalse;
+ }
+
+ //
+ // Get acceptable Ipsec policy for peer defined traffic
+ // selectors (and peer address)
+ //
+ CIkev2Acquire* Acquire = IpsecSelectors::GetIpsecPolicyL(iIkeV2PlugInSession, aIkeMsg,
+ iHdr.iIkeData->iGroupDesc_II);
+ if ( !Acquire )
+ {
+ DEBUG_LOG1(_L("Unaccepted Traffic Selectors in CREATE_CHILD_SA request: %d"),iState);
+ SetNotifyCode(TS_UNACCEPTABLE);
+ return EFalse;
+ }
+ CleanupStack::PushL(Acquire);
+ HBufC8* proposedSaBuffer = NULL;
+ if (!Ikev2Proposal::VerifySaRequestAndGetProposedSaBufferL(iHdr, iChild, *Acquire->SA(),
+ *aIkeMsg, proposedSaBuffer))
+ {
+ CleanupStack::PopAndDestroy(Acquire);
+ DEBUG_LOG1(_L("Unaccepted SA content in CREATE_CHILD_SA request: %d"),iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ return EFalse;
+ }
+ this->SetProposedSa(proposedSaBuffer);
+ proposedSaBuffer = NULL;
+ delete iNonce_I;
+ iNonce_I = NULL;
+ iNonce_I = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ iNonce_I->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ if ( aIkeMsg->iKe )
+ {
+ PfsDHGroup = Acquire->DHGroup();
+ if ( PfsDHGroup == 0 )
+ {
+ PfsDHGroup = Ikev2Proposal::GetDHGroup(iHdr.iIkeData->iGroupDesc_II);
+ Acquire->DHGroup(PfsDHGroup);
+ }
+ if ( !ProcessKeyExchangeL((TKEPayloadIkev2*)aIkeMsg->iKe, PfsDHGroup) )
+ {
+ CleanupStack::PopAndDestroy(Acquire);
+ return EFalse;
+ }
+ }
+ CleanupStack::Pop(Acquire);
+ Acquire->SetSPI_Out(iChild.iSPI_Out);
+ Acquire->SetResponse();
+ if ( iChild.iTransport )
+ Acquire->SetTransport();
+ CIkev2Acquire::Link(Acquire, GetAcquireQue());
+ //
+ // Get SPI for new inbound SA
+ //
+ GetIpsecSPI(Acquire);
+ }
+ else
+ {
+ //
+ // Ignore received message silently
+ //
+ DEBUG_LOG1(_L("CREATE_CHILD_SA request received in state %d"), iState);
+ }
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessIkeSARekeyL(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Process IKE SA rekey message (as IKE_CHILD_SA exchange)
+ // HDR(A,B), SK { SA, Nonce, KE}
+ //
+
+
+ if ( (iState == KStateIkeSARekeyRequest) || (iState == KStateIkeSARekeyResponse) )
+ {
+ //
+ // Received CREATE_CHILD_SA message for IKE SA rekey must
+ // look like the following: HDR(A,B), SK { SA, Ni, [KEi]}
+ // Allocate a new CIkev2Negotiation object for new IKE SA
+ //
+ //
+ CIkev2Negotiation* NewSA = new (ELeave) CIkev2Negotiation(iIkeV2PlugInSession, iPfKeySocketIf,
+ iEventLogger, iMessageSendQue, iDebug, 0);
+ CleanupStack::PushL(NewSA);
+
+ //Do not copy the previous sent request and response:
+ CIkeV2Message* lastResponse = iHdr.iLastResponse;
+ iHdr.iLastResponse = NULL;
+ CIkeV2Message* lastRequest = iHdr.iLastRequest;
+ iHdr.iLastRequest = NULL;
+ NewSA->iHdr.Copy(iHdr);
+ iHdr.iLastResponse = lastResponse;
+ iHdr.iLastRequest = lastRequest;
+
+
+ NewSA->iHdr.iWindowSize = 1;
+ NewSA->iHdr.iEncrAlg = 0;
+ NewSA->iHdr.iPRFAlg = 0;
+ NewSA->iHdr.iIntegAlg = 0;
+ NewSA->iHdr.iDHGroup = 0;
+ NewSA->iHdr.iAuthMethod = 0;
+ NewSA->iHdr.iCipherKeyLth = 0;
+ NewSA->iHdr.iCipherBlkLth = 0;
+ NewSA->iHdr.iIntChkSumLth = 0;
+
+ if ( iState == KStateIkeSARekeyRequest )
+ {
+ NewSA->iHdr.iInitiator = ETrue;
+ NewSA->iHdr.SetSaId(iSAid_Rekey);
+ NewSA->iHdr.SetSpiI(iSPI_Rekey);
+ NewSA->iNonce_I = iNonce_I; // Nonce was created in BuildIkeSaRekeyMsgL() earlier
+ NewSA->iDHKeys = iDHKeys; // DH keys object was created in BuildIkeSaRekeyMsgL() earlier
+ iNonce_I = NULL;
+ iDHKeys = NULL;
+ }
+ else
+ {
+ NewSA->iHdr.iInitiator = EFalse;
+ NewSA->iHdr.SetSaId(iIkeV2PlugInSession.GetSAId()); // Get a new SA Id
+ NewSA->CreateIkeSPI(NewSA->iHdr.SpiR());
+ }
+ //
+ // Build a SA payload from current IKE policy and
+ // verify received IKE SA request with it
+ //
+ HBufC8* SaBfr = Ikev2Proposal::FromPolicyToProposaL(NewSA->iHdr, NewSA->iSPI_Rekey, NewSA->iDHGroupGuess, ETrue);
+ CleanupStack::PushL(SaBfr);
+ HBufC8* proposedSaBuffer = NULL;
+ TBool SaOk = Ikev2Proposal::VerifySaRequestAndGetProposedSaBufferL(NewSA->iHdr, NewSA->iChild,
+ *SaBfr, *aIkeMsg, proposedSaBuffer);
+ CleanupStack::PopAndDestroy();
+ if ( iState == KStateIkeSARekeyRequest )
+ SaOk &= Ikev2Proposal::GetRekeySpi(aIkeMsg, NewSA->iHdr.SpiR());
+ else SaOk &= Ikev2Proposal::GetRekeySpi(aIkeMsg, NewSA->iHdr.SpiI());
+ if ( !SaOk )
+ {
+ DEBUG_LOG1(_L("Unaccepted SA content in IKE_SA Rekey request: %d"), iState);
+ SetNotifyCode(NO_PROPOSAL_CHOSEN);
+ CleanupStack::PopAndDestroy(NewSA);
+ return EFalse;
+ }
+ NewSA->SetProposedSa(proposedSaBuffer);
+ proposedSaBuffer = NULL;
+ if ( aIkeMsg->iNonce->PlDataLen() < IKEV2_MIN_NONCE_SIZE )
+ {
+ DEBUG_LOG1(_L("Nonce data too short in IKE_SA Rekey request %d"), iState);
+ SetNotifyCode(INVALID_SYNTAX);
+ CleanupStack::PopAndDestroy(NewSA);
+ return EFalse;
+ }
+ if ( iState == KStateIkeSARekeyRequest )
+ {
+ NewSA->iNonce_R = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ NewSA->iNonce_R->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ }
+ else
+ {
+ NewSA->iNonce_I = HBufC8::NewL(aIkeMsg->iNonce->PlDataLen());
+ NewSA->iNonce_I->Des().Copy(aIkeMsg->iNonce->PayloadData(), aIkeMsg->iNonce->PlDataLen());
+ }
+
+ if ( !NewSA->ProcessKeyExchangeL((TKEPayloadIkev2*)aIkeMsg->iKe, NewSA->iHdr.iDHGroup) )
+ {
+ //If there was notify code set, copy it to current negotiation before destroying NewSa
+ if(NewSA->GetNotifyCode())
+ {
+ SetNotifyCode(NewSA->GetNotifyCode());
+ }
+ TInt dataLth(0);
+ TUint8* notifyData = NewSA->NotifyData(dataLth);
+ if(dataLth == 2)
+ {
+ StoreNotifyData16(GET16(notifyData));
+ }
+ else if(dataLth == 4)
+ {
+ StoreNotifyData32(GET32(notifyData));
+ }
+ CleanupStack::PopAndDestroy(NewSA);
+ return EFalse;
+ }
+
+ if ( iState == KStateIkeSARekeyResponse )
+ {
+ //
+ // Build IKE SA rekey response (CHILD_SA response):
+ // HDR, SAr, Nr, KEr
+ //
+ iDHKeys = NewSA->iDHKeys; // To calculate own DH value
+ iSPI_Rekey = NewSA->iHdr.SpiR();
+ SetProposedSa(NewSA->GetProposedSa());
+ BuildIkeSaRekeyMsgL(EFalse);
+ NewSA->iNonce_R = iNonce_R; // Nonce is created in BuildIkeSaRekeyMsgL()
+ iNonce_R = NULL;
+ iDHKeys = NULL;
+ }
+ //
+ // Generate key material for new IKE SA
+ //
+ NewSA->GenerateIkeKeysL(&iHdr);
+
+ //
+ // Create a new IKE SA and swap IPSec SA from rekeyed IKE SA
+ // to the new just created SA
+ //
+ iIkeV2PlugInSession.CreateIkev2SAL(NewSA->iHdr);
+ iIkeV2PlugInSession.InheritIpsecSas(NewSA->iHdr.SaId(), iHdr.SaId());
+
+ CleanupStack::PopAndDestroy(NewSA);
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessInfoMsgL(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Process IKE message of exchange type INFORMATIONAL
+ // HDR, SK {[N,] [D,] [CP,] ...}
+ // Only encyrpted and authenitcated are processed.
+ //
+ if ( !aIkeMsg->Encrypted() )
+ {
+ if ( iState == KStateIdle)
+ iStopped = ETrue;
+ return EFalse;
+ }
+ ThdrISAKMP* IkeHdr = aIkeMsg->GetIkeMsg(); // IKE Message fixed header
+ TBool Response = IkeHdr->GetFlags() & IKEV2_RESPONSE_MSG;
+ TUint32 MsgId = IkeHdr->GetMessageId();
+
+ if ( Response )
+ {
+ if ( (iState == KStateIkeInfoRequest) || (iState == KStateIkeDeleteRequest) )
+ {
+ //
+ // A response received to a transmitted Informational request
+ //
+ DEBUG_LOG(_L("Response received to a transmitted Informational request"));
+
+ if ( MsgId == iHdr.ExpectedResponseId() )
+ {
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL);
+ if ( iState == KStateIkeDeleteRequest )
+ {
+ iIkeV2PlugInSession.IkeSaDeleted(KErrNone); //IKE SA deletion going
+ }
+ else
+ {
+ if ( aIkeMsg->iNotifs->Count() )
+ {
+ ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, EFalse, INFORMATIONAL);
+ }
+ }
+ iStopped = ETrue;
+ return EFalse;
+ }
+ }
+ else if ( iState == KStateChildDeleteRequest )
+ {
+ //
+ // A response received to a transmitted Child SA delete request
+ //
+ if ( aIkeMsg->iDeletes->Count() )
+ {
+ ProcessDeletePayloadsL(*aIkeMsg->iDeletes, EFalse);
+ }
+
+ //
+ // Update sequence numbers and IKE SA data
+ //
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL);
+ iStopped = ETrue;
+ return EFalse;
+ }
+ }
+ else
+ {
+ //
+ // A Informational request received. Process request according
+ // to payload content and send informational response.
+ //
+ DEBUG_LOG1(_L("INFORMATIONAL request received in state %d"), iState);
+ if ( MsgId == iHdr.ExpectedRequestId() )
+ {
+ TBool BuildResponse = ETrue;
+ if ( aIkeMsg->iDeletes->Count() )
+ {
+ BuildResponse = ProcessDeletePayloadsL(*aIkeMsg->iDeletes, ETrue);
+ }
+ if ( aIkeMsg->iNotifs->Count() )
+ {
+ BuildResponse = ProcessNotifyPayloadsL(*aIkeMsg->iNotifs, ETrue, INFORMATIONAL);
+ }
+ if ( BuildResponse )
+ {
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ INFORMATIONAL,
+ iHdr.iInitiator,
+ ETrue,
+ iHdr.ExpectedRequestId(),
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+ if ( (iState != KStateIkeInfoRequest) && (iState != KStateIkeDeleteRequest) && (iState != KStateIkeDeleteResponse) )
+ {
+ iState = KStateIkeInfoResponse;
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL);
+ }
+ }
+ }
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessNotifyPayloadsL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys,
+ TBool aRequest, TInt aExchange)
+{
+ if ( Ikev2MobIke::ProcessNotifysL(this, aNotifys, aRequest, aExchange) )
+ {
+ return EFalse; // Notify payload(s) was processed by MOBIKE protocol
+ }
+
+ TInt MsgType;
+ TNotifPayloadIkev2* Payload;
+ TInt Count = aNotifys.Count();
+ TInt i = 0;
+
+ while ( i < Count )
+ {
+ Payload = aNotifys.At(i);
+ MsgType = (TInt)Payload->GetMsgType();
+ DEBUG_LOG1(_L("Received Notify payload message type %d"), MsgType);
+ //
+ // Process possible error type Notify messages
+ //
+ if (aExchange == IKE_SA_INIT)
+ {
+ switch ( MsgType )
+ {
+ case INVALID_SYNTAX:
+ //Fall through
+ case NO_PROPOSAL_CHOSEN:
+ return EFalse;
+ case INVALID_KE_PAYLOAD:
+ ProcessInvalidKePayloadNotifyL();
+ return ETrue;
+ case COOKIE:
+ return ProcessCookieL(aNotifys, aRequest);
+ default:
+ break;
+ }
+ }
+ else
+ {
+ switch ( MsgType )
+ {
+ case UNSUPPORTED_CRITICAL_PAYLOAD:
+ case INVALID_SYNTAX:
+ case INVALID_MESSAGE_ID:
+ case AUTHENTICATION_FAILED:
+ case INTERNAL_ADDRESS_FAILURE:
+ case FAILED_CP_REQUIRED:
+ //
+ // When some of these error types received IKE SA shall
+ // corresponding IKE SA shall be deleted
+ //
+ iDeleteIkeSA = ETrue;
+ break;
+
+ case NO_PROPOSAL_CHOSEN:
+ case SINGLE_PAIR_REQUIRED:
+ case NO_ADDITIONAL_SAS:
+ case TS_UNACCEPTABLE:
+ case INVALID_SELECTORS:
+ //
+ // When some of these error types received within
+ // IKE_AUTH or CREATE_CHILD_SA exchange (in response)
+ // Child SA request is interpreted to be failed
+ //
+ if ( ((aExchange == IKE_AUTH) || (aExchange == CREATE_CHILD_SA) ) && !aRequest )
+ iChildSARejected = ETrue;
+ break;
+
+ default:
+ break;
+ }
+ }
+
+ i++;
+ }
+
+ return ETrue;
+}
+
+TBool CIkev2Negotiation::ProcessCookieL(const CArrayFixFlat<TNotifPayloadIkev2*>& aNotifys, TBool aRequest)
+{
+
+ //
+ // Special handling for COOKIE Notify payload.
+ // The following actions are taken:
+ // - Assure that the first Notify payload in array is cookie
+ // - When the COOKIE is received in response (aRequest = EFalse)
+ // - Retransmit IKE_SA_INIT request again in format:
+ // HDR(A,0), N(COOKIE), SAi1, KEi, Ni, [Nat Notifies]
+ // - When the COOKIE is received in request (aRequest = ETrue)
+ // - Assure that COOKIE returned by the initiator is the we
+ // have earlier transmitted.
+ //
+ if ( aNotifys.Count() )
+ {
+ const TNotifPayloadIkev2* NotifyPayload = aNotifys.At(0);
+ if ( NotifyPayload->GetMsgType() == COOKIE && !aRequest)
+ {
+ //
+ // Local end COOKIE usage has not been implemented yet
+ //
+
+ //
+ // Init a new IKE message buffer and copy received COOKIE
+ // Notify to the first payload. Concatenate then all
+ // payloads from original IKE_SA_INIT request to this new
+ // IKE message (and set next payload field in Notify)
+ //
+ DEBUG_LOG1(_L("Cookie received, IKE_SA_INIT repeated: %d"), iState);
+ if ( iCookieReturned )
+ {
+ //
+ // One cookie already returned. Avoid cookie-loop
+ // by stopping ongoing IKE_SA_INIT exchange
+ //
+ DEBUG_LOG(_L("Cookie already returned once, IKE_SA_INIT exchange stopped"));
+ return EFalse;
+ }
+ CIkeV2Message* originalIkeSaInitRequest = iHdr.iLastRequest;
+ const TPtrC8 cookieData(NotifyPayload->NotifData(), NotifyPayload->NotifDataLength());
+ originalIkeSaInitRequest->PrependCookieNotifyPayloadL(cookieData);
+ iHdr.iLastRequest = NULL; //claims the ownership of the message
+
+ SendIkeMsgL(originalIkeSaInitRequest);
+ iTimer->Cancel(); // Reset transmit retry timer
+ iTimer->IssueRequest(iSendAttempt); // Start retry timer
+ iCookieReturned = ETrue;
+ return ETrue;
+ }
+ }
+ DEBUG_LOG1(_L("Cookie required, NO COOKIE Notify found: %d"), iState);
+
+ return EFalse;
+}
+
+
+
+TBool CIkev2Negotiation::ProcessDeletePayloadsL(const CArrayFixFlat<TDeletePlIkev2*>& aDeletes,
+ TBool aRequest)
+{
+ //
+ // Process delete payloads received.
+ //
+ CDesC8ArrayFlat* SpiList = NULL;
+ TUint8 Protocol = IKEV2_PROT_NONE;
+
+ for (TInt i = 0; i < aDeletes.Count(); ++i)
+ {
+ const TDeletePlIkev2* Payload = aDeletes.At(i);
+ Protocol = Payload->GetProtocolId();
+ switch ( Protocol )
+ {
+ case IKEV2_PROTOCOL:
+ //
+ // Deletion of current existing IKE SA. All IPSEC SA:s
+ // negotiated within IKE SA are deleted implicitly
+ //
+ iIkeV2PlugInSession.DeleteIkev2SA(iHdr.SaId());
+ delete SpiList;
+ SpiList = NULL;
+ i = aDeletes.Count(); // Stop outer while loop
+ iState = KStateIkeDeleteResponse; // Set next state here
+ break;
+
+ case IKEV2_IPSEC_AH:
+ case IKEV2_IPSEC_ESP:
+ if ( Payload->GetSPISize() == 4 )
+ {
+ //
+ // Delete Ipsec SPI:s from IKE SA (and IPSEC SADB)
+ // If Delete payload received within Info request
+ // build inbound SPI list of corresponding inbound
+ // SA:s
+ //
+ TUint SpiCount = (TInt)Payload->GetNbrOfSpis();
+ if ( TPayloadIkev2::Cast(Payload)->GetLength() ==
+ ( TDeletePlIkev2::Size() + 4*SpiCount) )
+ {
+ const TUint8* Spis = Payload->SPIs();
+ if ( aRequest && !SpiList )
+ {
+ SpiList = new (ELeave) CDesC8ArrayFlat(2);
+ CleanupStack::PushL(SpiList);
+ }
+ while ( SpiCount )
+ {
+ TPtrC8 Spi(Spis, 4);
+ if ( SpiList )
+ {
+ const TIkeV2IpsecSAData* IpsecSa =
+ iIkeV2PlugInSession.FindIpsecSAData(iHdr.SaId(), Spi, EFalse);
+ if ( IpsecSa && IpsecSa->iSPI_In.Length() > 0 )
+ {
+ SpiList->AppendL(IpsecSa->iSPI_In);
+ }
+ }
+ iIkeV2PlugInSession.DeleteIpsecSAData(iHdr.SaId(), Spi, EFalse);
+ Spis += 4;
+ SpiCount--;
+ }
+ }
+ }
+ break;
+ default:
+ break;
+ }
+ }
+
+ if ( SpiList )
+ {
+ //
+ // Build Informational exchange response with a
+ // Delete payload containing SPI:s of corresponding
+ // inbound SA:s.
+ //
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ INFORMATIONAL,
+ iHdr.iInitiator,
+ ETrue,
+ iHdr.ExpectedRequestId(), iDebug);
+ CleanupStack::PushL(ikeMsg);
+ ikeMsg->AppendEncryptedPayloadL(iHdr.iCipherBlkLth);
+ ikeMsg->AppendDeletePayloadL(Protocol, *SpiList);
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+ CleanupStack::PopAndDestroy(SpiList);
+ iState = KStateIkeInfoResponse;
+ iIkeV2PlugInSession.UpdateIkev2SAL(&iHdr, NULL);
+ aRequest = EFalse;
+ }
+
+ return aRequest;
+}
+
+void CIkev2Negotiation::ProcessInvalidKePayloadNotifyL()
+{
+ // Build and send new IKE_SA_INIT message (request) with another DH group #
+ // HDR, SAi1, KEi, Ni, N[NAT_SRC], N[NAT_DST]
+ //
+ iDHGroupGuess++;
+ delete iDHKeys; // Delete old DH object
+ iDHKeys = NULL;
+ iHdr.iDHGroup = 0;
+
+ TUint32 lastRequestMsgId = 0;
+ if(iHdr.iLastRequest != NULL)
+ {
+ lastRequestMsgId = iHdr.iLastRequest->MessageId();
+ }
+
+ CIkeV2Message* ikeMsg = CIkeV2Message::NewL(iHdr.SpiI(),
+ iHdr.SpiR(),
+ IKE_SA_INIT,
+ iHdr.iInitiator,
+ EFalse,
+ lastRequestMsgId,
+ iDebug);
+ CleanupStack::PushL(ikeMsg);
+
+ HBufC8* saBfr = Ikev2Proposal::FromPolicyToProposaL(iHdr, iSPI_Rekey, iDHGroupGuess);
+ CleanupStack::PushL(saBfr);
+ ikeMsg->AppendSaPayloadL(*saBfr);
+ CleanupStack::Pop(saBfr);
+ SetProposedSa(saBfr);
+
+ AppendKEPayloadL(*ikeMsg, iHdr.iDHGroup);
+ ikeMsg->AppendNoncePayloadL(*iNonce_I);
+ if ( !iHdr.iIkeData->iUseNatProbing )
+ {
+ delete iNatNotify;
+ iNatNotify = NULL;
+
+ TInetAddr LocalIp;
+ if ( iHdr.iIkeData->iUseMobIke )
+ LocalIp.SetAddress(KInetAddrNone);
+ else LocalIp = iHdr.iLocalAddr;
+ iNatNotify = CIkev2NatT::NewL(
+ LocalIp, iHdr.iRemoteAddr, IKE_PORT, ikeMsg->InitiatorSpi(), ikeMsg->ResponderSpi());
+
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_SOURCE_IP,
+ iNatNotify->SourceNofify());
+ ikeMsg->AppendNotifyPayloadL(IKEV2_PROTOCOL, KZeroDesc, NAT_DETECTION_DESTINATION_IP,
+ iNatNotify->DestinNofify());
+ }
+
+ CleanupStack::Pop(ikeMsg);
+ SendIkeMsgL(ikeMsg);
+
+ iState = KStateIkeSaInitRequest;
+}
+
+
+
+void CIkev2Negotiation::GetNonceDataL(TBool aInitiator)
+{
+ //
+ // Get random data for local nonce
+ //
+ HBufC8* Nonce;
+ if ( aInitiator )
+ {
+ Nonce = HBufC8::NewL(IKEV2_DEF_NONCE_SIZE);
+ delete iNonce_I;
+ iNonce_I = Nonce;
+ }
+ else
+ {
+ Nonce = HBufC8::NewL(IKEV2_DEF_NONCE_SIZE);
+ delete iNonce_R;
+ iNonce_R = Nonce;
+ }
+ TPtr8 RandOctet(Nonce->Des());
+ RandOctet.SetLength(IKEV2_DEF_NONCE_SIZE);
+ TRandom::RandomL(RandOctet);
+}
+
+void CIkev2Negotiation::GetOwnIdentityL(TBool aEapIdResponse)
+{
+ if ( iLocalIdentity )
+ {
+ return; // We already have own identity data
+ }
+
+ //
+ // The own IKE identity data is built with the following system:
+ // -- If Own Certificate exist take try to get identity data from it
+ // If no Certificate or identity cannot be get from certificate
+ // -- If EAP used use identity speficied by the EAP plugin
+ // -- If EAP not used, get own identity data information from current IKE policy
+ // If no identity information found use local IP address as
+ // identity. Own IKE Identity information is stored in iLocalIdentity
+ // buffer (linked into negotiation object) in format of Identity
+ // payload (TIDPayloadIkev2)
+ //
+
+
+ HBufC8* IdBfr = NULL;
+ TUint8 IdType = ID_NOT_DEFINED;
+
+
+ //Try to get the identity from the user certificate
+ if ( iPkiService && iPkiService->UserCertificateData().Length() > 0 )
+ {
+ IdType = iHdr.iIkeData->iIdType;
+ IdBfr = IkePkiUtils::GetIdentityFromCertL(IdType, iPkiService->UserCertificateData());
+ if ( IdBfr != NULL)
+ {
+ if (IdType == ID_NOT_DEFINED)
+ {
+ IdType = ID_DER_ASN1_DN;
+ }
+ }
+ else
+ {
+ //We didn't get the ID data from the user certificate.
+ //Make sure that the type is set to not defined.
+ IdType = ID_NOT_DEFINED;
+ }
+ }
+
+ //If we didn't get the identity from the user certificate,
+ //try to get it from the EAP plugin.
+ if ( IdType == ID_NOT_DEFINED && iEapPlugin )
+ {
+ __ASSERT_DEBUG(IdBfr == NULL, User::Invariant());
+ //
+ // Try to get Own identity data from EAP Plug-in
+ //
+ IdBfr = iEapPlugin->Identity();
+ if ( IdBfr != NULL && IdBfr->Length() )
+ {
+ //
+ // Identity data provided by EAP plug-in. Define IKE Id type
+ // value according to Identity data content. If Id data
+ // contains realm (format username@realm) Id type
+ // ID_RFC822_ADDR is used. If no realm in ID use type ID_KEY_ID
+ //
+ TInt offset = IdBfr->Find(_L8("@"));
+ IdType = ( offset == KErrNotFound ) ? ID_KEY_ID : ID_RFC822_ADDR;
+ }
+ else
+ {
+ delete IdBfr;
+ IdBfr = NULL;
+ if ( !aEapIdResponse )
+ return; // Identity not yet available continue waiting
+ }
+ }
+
+ //If we don't have identity so far, try to get it from the
+ //policy:
+ if ( IdType == ID_NOT_DEFINED &&
+ iHdr.iIkeData->iIdType != ID_NOT_DEFINED &&
+ iHdr.iIkeData->iFQDN.Length() > 0)
+ {
+ __ASSERT_DEBUG(IdBfr == NULL, User::Invariant());
+ IdBfr = HBufC8::NewL(iHdr.iIkeData->iFQDN.Length());
+ IdBfr->Des().Copy(iHdr.iIkeData->iFQDN);
+ IdType = iHdr.iIkeData->iIdType;
+ }
+
+
+ //If we have not been able to get the identity so far, we are using the default
+ //identity, which is our own IP address.
+ if ( IdType == ID_NOT_DEFINED)
+ {
+ __ASSERT_DEBUG(IdBfr == NULL, User::Invariant());
+ if ( (iHdr.iLocalAddr.Family()== KAfInet) || iHdr.iLocalAddr.IsV4Mapped() )
+ {
+ TUint32 num = ByteOrder::Swap32(iHdr.iLocalAddr.Address());//Put in network order
+ IdBfr = HBufC8::NewL(sizeof(num));
+ IdBfr->Des().Append(reinterpret_cast<TUint8*>(&num), sizeof(num));
+ IdType = ID_IPV4_ADDR;
+ }
+ else
+ {
+ IdBfr = HBufC8::NewL(16);
+ const TUint8* pnum = &iHdr.iLocalAddr.Ip6Address().u.iAddr8[0]; //Address in a bytestream
+ IdBfr->Des().Append(pnum, 16);
+ IdType = ID_IPV6_ADDR;
+ }
+ }
+
+ __ASSERT_DEBUG((IdType != ID_NOT_DEFINED && IdBfr != NULL), User::Invariant());
+ CleanupStack::PushL(IdBfr);
+ iLocalIdentity = CIkeV2Identity::NewL(IdType, *IdBfr);
+ CleanupStack::PopAndDestroy(IdBfr);
+}
+
+
+void CIkev2Negotiation::GenerateIkeKeysL(TIkev2SAData* aRekeydSaData)
+{
+ //
+ // Generate IKE keying material. Start by calculating
+ // Diffie-Hellman secret.
+ //
+ User::LeaveIfNull(iDHPublicPeer);
+ if ( !iDHKeys )
+ {
+ iDHKeys = CDHKeys::CreateDHKeyL(iHdr.iDHGroup);
+ iDHKeys->XValueL(); // Calculate own DH public value
+ }
+ HBufC8* g_ir = iDHKeys->ComputeAgreedKeyL(iDHPublicPeer->Des());
+ CleanupStack::PushL(g_ir);
+ delete iDHKeys;
+ iDHKeys = NULL;
+
+ HBufC8* Ni_Nr;
+ HBufC8* SKEYSEED;
+ TUint16 prfAlg(0);
+
+ if ( aRekeydSaData )
+ {
+ //
+ // Calculate IKE keying material seed SKEYDSEED = prf(SK_d(old), [g^ir (new)] | Ni | Nr)
+ //
+ Ni_Nr = HBufC8::NewL(g_ir->Length() + iNonce_I->Length() + iNonce_R->Length());
+ CleanupStack::PushL(Ni_Nr);
+ Ni_Nr->Des().Copy(g_ir->Des());
+ Ni_Nr->Des().Append(iNonce_I->Des());
+ Ni_Nr->Des().Append(iNonce_R->Des());
+
+ prfAlg = aRekeydSaData->iPRFAlg;
+ SKEYSEED = IkeCrypto::PrfhmacL(*Ni_Nr, aRekeydSaData->iSK_d, prfAlg);
+ CleanupStack::PushL(SKEYSEED);
+ }
+ else
+ {
+ //
+ // Calculate IKE keying material seed SKEYDSEED = prf(Ni | Nr, g^ir)
+ //
+ Ni_Nr = HBufC8::NewL(iNonce_I->Length() + iNonce_R->Length());
+ CleanupStack::PushL(Ni_Nr);
+ Ni_Nr->Des().Copy(iNonce_I->Des());
+ Ni_Nr->Des().Append(iNonce_R->Des());
+
+ prfAlg = iHdr.iPRFAlg;
+ SKEYSEED = IkeCrypto::PrfhmacL(*g_ir, *Ni_Nr, prfAlg);
+ CleanupStack::PushL(SKEYSEED);
+ }
+
+ g_ir->Des().FillZ(); // Wipe out shared secret value from buffer
+
+ iHdr.GenerateIkeKeyDerivatesL(SKEYSEED->Des(),prfAlg, *iNonce_I, *iNonce_R);
+ SKEYSEED->Des().FillZ(); // Wipe out SKEYSEED value from buffer
+
+ CleanupStack::PopAndDestroy(3); //g_ir , Ni_Nr and SKEYSEED
+}
+
+
+void CIkev2Negotiation::SaveSignedDataL(TBool aLocal, const TDesC8& aIkeMsg)
+{
+ //
+ // Allocate buffer for signed octets needed for IKE SA
+ // authentication with AUTH payload.
+ // The signed octet contains the following data:
+ // Initiator:
+ // - IKE_SA_INIT message content (message number 1)
+ // concatenated with responder nonce data and value
+ // prf(SK_pi,IDi") where IDi" is initiator ID data without fixed
+ // payload header
+ //
+ // Responder:
+ // - IKE_SA_INIT message content (message number 2)
+ // concatenated with initiator nonce data and value
+ // prf(SK_pr,IDr") where IDr" is responder ID data without fixed
+ // payload header
+ //
+ TInt SignedLth = aIkeMsg.Length(); // Initial value
+ HBufC8* Nonce;
+ HBufC8** SignedBfrPtr;
+ if ( aLocal )
+ {
+ if ( iHdr.iInitiator )
+ {
+ SignedBfrPtr = &iAuthMsgInit;
+ Nonce = iNonce_R;
+ }
+ else {
+ SignedBfrPtr = &iAuthMsgResp;
+ Nonce = iNonce_I;
+ }
+ }
+ else
+ {
+ if ( iHdr.iInitiator )
+ {
+ SignedBfrPtr = &iAuthMsgResp;
+ Nonce = iNonce_I;
+ }
+ else
+ {
+ SignedBfrPtr = &iAuthMsgInit;
+ Nonce = iNonce_R;
+ }
+ }
+
+ SignedLth += Nonce->Length() + IkeCrypto::AlgorithmInfo(IKEV2_PRF, iHdr.iPRFAlg);
+ HBufC8* Signed = HBufC8::NewL(SignedLth);
+ Signed->Des().Copy(aIkeMsg);
+ Signed->Des().Append(Nonce->Des());
+
+ if ( aLocal && iLocalIdentity )
+ {
+ //
+ // Add value prf(SK_px,IDx") into local signed data buffer end
+ //
+ AddIdToSignedDataL(ETrue, Signed, iLocalIdentity->PayloadData());
+ }
+
+ delete *SignedBfrPtr;
+ *SignedBfrPtr = Signed;
+}
+
+
+void CIkev2Negotiation::AddIdToSignedDataL(TBool aLocal, HBufC8* aSigned, const TDesC8& aIdData)
+{
+ ASSERT(aSigned);
+ //
+ // Add value prf(SK_px,IDx") into signed data buffer end
+ //
+
+ HBufC8* signedIdData = NULL;;
+ if ( iHdr.iInitiator )
+ {
+ if ( aLocal )
+ {
+ signedIdData = IkeCrypto::PrfhmacL(aIdData, iHdr.iSK_pi, iHdr.iPRFAlg);
+ }
+ else
+ {
+ signedIdData = IkeCrypto::PrfhmacL(aIdData, iHdr.iSK_pr, iHdr.iPRFAlg);
+ }
+ }
+ else
+ {
+ if ( aLocal )
+ {
+ signedIdData = IkeCrypto::PrfhmacL(aIdData, iHdr.iSK_pr, iHdr.iPRFAlg);
+ }
+ else
+ {
+ signedIdData = IkeCrypto::PrfhmacL(aIdData, iHdr.iSK_pi, iHdr.iPRFAlg);
+ }
+ }
+ aSigned->Des().Append(*signedIdData);
+ delete signedIdData;
+}
+
+HBufC8* CIkev2Negotiation::SignAuthDataL(const TDesC8& aAuthData, TUint8 aAuthMethod)
+{
+ //
+ // Sign aMsgData according to authentication method parameter
+ //
+ HBufC8* signedAuthData = NULL;
+
+ if ( iPkiService &&
+ iPkiService->TrustedCaName().Length() > 0 &&
+ iPkiService->UserCertificateData().Length() > 0 )
+ {
+ //
+ // Message data <msg octets> is signed using private key
+ //
+ TPtrC8 TrustedCa(iPkiService->TrustedCaName());
+ signedAuthData = HBufC8::NewLC(320); // reserved for sign (aware for 2048 bits signatures)
+ TPtr8 signedAuthDataPtr(signedAuthData->Des());
+
+ iPkiService->Ikev2SignatureL(TrustedCa, iHdr.iIkeData->iOwnCert, aAuthData, signedAuthDataPtr, aAuthMethod);
+ CleanupStack::Pop(signedAuthData);
+ }
+ else
+ {
+ //
+ // Message data is signed using negotiated PRF function as
+ // follows:
+ // AUTH =
+ // prf(prf(Shared Secret,"Key Pad for IKEv2"), <msg octets>)
+ // If EAP method that creates a shared key as a side effect of
+ // authentication used, this shared key is used as Shared Secret
+ // Otherwise preshared key configured into policy is used as
+ // Shared secret.
+ //
+ if ( !iPresharedKey )
+ iPresharedKey = Ikev2Proposal::GetPSKFromPolicyL(iHdr.iIkeData);
+ //
+ // Calculate KEY = prf(Shared Secret,"Key Pad for IKEv2")
+ //
+ HBufC8* PskKey = IkeCrypto::PrfhmacL(KIkev2PSKData, *iPresharedKey, iHdr.iPRFAlg);
+ CleanupStack::PushL(PskKey);
+ //
+ // Calculate prf(KEY, <msg octets>)
+ //
+ signedAuthData = IkeCrypto::PrfhmacL(aAuthData, *PskKey, iHdr.iPRFAlg);
+ CleanupStack::PopAndDestroy(PskKey);
+ }
+ return signedAuthData;
+}
+
+TBool CIkev2Negotiation::AddIdAndAuthenticatePeerL(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Verify that authentication payload of peer is correct
+ // To do this the signed data octets of peer must be filled with
+ // value: prf(SK_px,IDx")
+ // So the peer ID payload must be verified first.
+ //
+ HBufC8* Signed;
+ TIDPayloadIkev2* Id;
+ if ( iHdr.iInitiator )
+ {
+ Signed = iAuthMsgResp;
+ Id = (TIDPayloadIkev2*)aIkeMsg->iIdR;
+ }
+ else
+ {
+ Signed = iAuthMsgInit;
+ Id = (TIDPayloadIkev2*)aIkeMsg->iIdI;
+ }
+ if ( !Signed || !Id )
+ return EFalse;
+
+ if ( !iPeerIdInSignedData )
+ {
+ TUint16 IdLth = TPayloadIkev2::Cast(Id)->GetLength();
+ if ( IdLth < TIDPayloadIkev2::Size() )
+ {
+ DEBUG_LOG1(_L("Peer ID payload too short; Length %d"), IdLth);
+ return EFalse;
+ }
+ //
+ // Add value prf(SK_px,IDx") into peer signed data buffer end
+ //
+ TPayloadIkev2* idPayload = TPayloadIkev2::Cast(Id);
+ TPtrC8 idPtr(idPayload->PayloadData(), (idPayload->GetLength() - TPayloadIkev2::Size()));
+ AddIdToSignedDataL(EFalse, Signed, idPtr);
+ iPeerIdInSignedData = ETrue;
+ }
+
+ return AuthenticatePeerL(aIkeMsg->iAuth);
+
+}
+
+TBool CIkev2Negotiation::AuthenticatePeerL(TAuthPayloadIkev2* aAuth)
+{
+ //
+ // Authenticate peer tication payload of peer is correct
+ // To do this the signed data octets of peer must be filled with
+ // value: prf(SK_px,IDx")
+ // So the peer ID payload must be verified first.
+ //
+ HBufC8* Signed;
+ if ( iHdr.iInitiator )
+ Signed = iAuthMsgResp;
+ else Signed = iAuthMsgInit;
+
+ if ( !Signed || !aAuth )
+ return EFalse;
+
+ TUint16 AuthLth = TPayloadIkev2::Cast(aAuth)->GetLength();
+ if ( AuthLth < TAuthPayloadIkev2::Size() )
+ {
+ DEBUG_LOG1(_L("Peer Auth payload too short; Length %d"), AuthLth);
+ return EFalse;
+ }
+ AuthLth = (TUint16)(AuthLth - TAuthPayloadIkev2::Size());
+ TBool Status = EFalse;
+
+ if ( aAuth->GetAuthMethod() == PRESHARED_KEY )
+ {
+ DEBUG_LOG(_L("Authenticating SGW with PSK"));
+ //
+ // Pre shared key authentication is not accepted for peer if we
+ // have requested an certificate from peer (PKI authentication
+ // required)
+ //
+ if ( !iPkiAuthRequired )
+ {
+ HBufC8* AuthRef = SignAuthDataL(*Signed, PRESHARED_KEY);
+ CleanupStack::PushL(AuthRef);
+ if ( AuthRef->Length() == AuthLth )
+ {
+ Status = (Mem::Compare(AuthRef->Ptr(), AuthRef->Length(), aAuth->AuthData(), AuthLth ) == 0);
+ }
+ CleanupStack::PopAndDestroy(); // AuthRef
+ }
+ }
+ else
+ {
+ //
+ // Authentication based on PKI (private key signature)
+ //
+ if ( iPkiService && iPeerCert )
+ {
+ DEBUG_LOG(_L("Authenticating SGW with certs"));
+
+ TPtrC8 AuthData(Signed->Des());
+ TPtrC8 Signature(aAuth->AuthData(), AuthLth);
+ Status = IkePkiUtils::VerifyIkev2SignatureL(Signature, AuthData, *iPeerCert);
+ iPkiAuthRequired = EFalse;
+ }
+ }
+ if (Status)
+ {
+ DEBUG_LOG(_L("SGW authentication success"));
+ }
+ else
+ {
+ DEBUG_LOG(_L("SGW authentication failed"));
+ }
+
+ return Status;
+}
+
+
+TBool CIkev2Negotiation::VerifyPeerCertificateL(CArrayFixFlat<TCertPayloadIkev2*>* aCerts, TIDPayloadIkev2* aId )
+{
+ TBool Status = EFalse;
+
+ const CIkeCaList& trustedCaList = iPkiService->CaList();
+ CX509Certificate* PeerCert = IkePkiUtils::VerifyCertificateL(*aCerts, trustedCaList);
+
+ if ( PeerCert && aId )
+ {
+ CleanupStack::PushL(PeerCert);
+ TPtrC8 IdData(aId->IdData(), (TPayloadIkev2::Cast(aId)->GetLength() - TIDPayloadIkev2::Size()));
+ Status = IkePkiUtils::CertifyIdentityL(PeerCert, IdData, (TInt)aId->GetIdType());
+ if ( Status )
+ {
+ DEBUG_LOG(_L("IDr matches the SGW certificate"));
+ if (iRemoteIdentity && !iHdr.iIkeData->iSkipRemoteIdCheck ) //iRemoteIdentity if the REMOTE_IF from the policy
+ {
+ //TIDPayloadIkev2* peerIdentityPayload = TIDPayloadIkev2::Cast(iRemoteIdentity->Ptr());
+ if (iRemoteIdentity->IdType() == aId->GetIdType())
+ {
+ TPtrC8 idPtr(aId->IdData(),
+ TPayloadIkev2::Cast(aId)->GetLength() - TIDPayloadIkev2::Size());
+ TPtrC8 peerIdentityPtr(iRemoteIdentity->Identity());
+
+ //Check if we accept partial remote id
+ if (iHdr.iIkeData->iAcceptPartialRemoteId &&
+ iRemoteIdentity->IdType() == ID_FQDN &&
+ peerIdentityPtr.Length() > idPtr.Length())
+ {
+ DEBUG_LOG(_L("Using PARTIAL_REMOTE_ID_CHECK"));
+ peerIdentityPtr.Set(peerIdentityPtr.Right(idPtr.Length()));
+ }
+ if (idPtr.Compare(peerIdentityPtr) == 0)
+ {
+ DEBUG_LOG(_L("IDr matches the REMOTE_ID"));
+ Status = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("IDr does not match the REMOTE_ID"));
+ Status = EFalse;
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("IDr payload ID does not match REMOTE_ID_TYPE"));
+ Status = EFalse;
+ }
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("IDr does not match the SGW certificate"));
+ }
+
+ if ( Status )
+ {
+ CleanupStack::Pop(PeerCert);
+ delete iPeerCert;
+ iPeerCert = PeerCert;
+ }
+ else CleanupStack::PopAndDestroy(PeerCert);
+ }
+ return Status;
+}
+
+
+TBool CIkev2Negotiation::ProcessKeyExchangeL(TKEPayloadIkev2* aKePayload, TUint16 aGroup)
+{
+ //
+ // Process key exchange payload received from peer
+ //
+ if ( !aKePayload )
+ {
+ DEBUG_LOG1(_L("Key Exchange payload not present, required Group %d"), aGroup);
+ SetNotifyCode(INVALID_KE_PAYLOAD);
+ StoreNotifyData16(aGroup);
+ return EFalse;
+ }
+ TUint16 PlLth = TPayloadIkev2::Cast(aKePayload)->GetLength();
+ if (( PlLth <= TKEPayloadIkev2::Size() ) || ( aKePayload->GetDHGroup() != aGroup ))
+ {
+ DEBUG_LOG1(_L("Peer Key Exchange DH group does not match, Group %d"), aKePayload->GetDHGroup());
+ SetNotifyCode(INVALID_KE_PAYLOAD);
+ StoreNotifyData16(aGroup);
+ return EFalse;
+ }
+ if ( !iDHKeys )
+ iDHKeys = CDHKeys::CreateDHKeyL(aGroup);
+ PlLth = (TUint16)(PlLth - TKEPayloadIkev2::Size());
+ if ( PlLth != iDHKeys->ModulusLength() )
+ {
+ DEBUG_LOG1(_L("Peer DH public value length does not match group, Length %d"), PlLth);
+ SetNotifyCode(INVALID_KE_PAYLOAD);
+ StoreNotifyData16(aGroup);
+ return EFalse;
+ }
+ delete iDHPublicPeer;
+ iDHPublicPeer = NULL;
+ iDHPublicPeer = HBufC8::NewL(PlLth);
+ iDHPublicPeer->Des().Copy(aKePayload->DHPublic(), PlLth);
+
+ return ETrue;
+}
+
+void CIkev2Negotiation::AppendKEPayloadL(CIkeV2Message& aIkeMsg, TUint16 aDHGroup)
+{
+ if ( !iDHKeys )
+ iDHKeys = CDHKeys::CreateDHKeyL(aDHGroup);
+
+ iDHKeys->XValueL(); // Calculate own DH public value
+ HBufC8* dHPublic = iDHKeys->GetPubKey(); //save the public key in a buffer to have easy access
+ User::LeaveIfNull(dHPublic);
+ CleanupStack::PushL(dHPublic);
+
+ TInt modulusLength = iDHKeys->ModulusLength();
+ HBufC8* kePayloadData = HBufC8::NewLC(modulusLength);
+ TPtr8 kePayloadDataPtr(kePayloadData->Des());
+
+ __ASSERT_DEBUG(modulusLength == dHPublic->Length(), User::Invariant());
+
+ kePayloadDataPtr.Append(*dHPublic);
+ kePayloadDataPtr.SetLength(modulusLength); //adds zero padding, if needed
+
+ aIkeMsg.AppendKePayloadL(aDHGroup, *kePayloadData);
+
+ CleanupStack::PopAndDestroy(kePayloadData);
+ CleanupStack::PopAndDestroy(dHPublic);
+}
+
+
+
+TBool CIkev2Negotiation::CheckPayloadsOrder(CIkev2Payloads* aIkeMsg, TUint8 aExchange, TBool aResponse)
+ {
+ switch ( aExchange )
+ {
+ case IKE_SA_INIT:
+ if(!aIkeMsg->iSa || !aIkeMsg->iKe || !aIkeMsg->iNonce) return EFalse;
+ if(aIkeMsg->iSa->GetNextPayload() != IKEV2_PAYLOAD_KE) return EFalse;
+ if(aIkeMsg->iKe->GetNextPayload() != IKEV2_PAYLOAD_NONCE) return EFalse;
+ break;
+
+ case IKE_AUTH:
+ if(!iEapPlugin)
+ {
+ if(!aIkeMsg->iEncr || !aIkeMsg->iAuth || !aIkeMsg->iSa || !aIkeMsg->iTsI || !aIkeMsg->iTsR)
+ {
+ DEBUG_LOG(_L("1"));
+ return EFalse;
+ }
+ if(aIkeMsg->iSa->GetNextPayload() != IKEV2_PAYLOAD_TS_I)
+ {
+ DEBUG_LOG(_L("2"));
+ return EFalse;
+ }
+ if(aIkeMsg->iTsI->GetNextPayload() != IKEV2_PAYLOAD_TS_R)
+ {
+ DEBUG_LOG(_L("3"));
+ return EFalse;
+ }
+
+ if(aResponse)
+ {
+ if(!aIkeMsg->iIdR)
+ {
+ DEBUG_LOG(_L("4"));
+ return EFalse;
+ }
+ if(!aIkeMsg->iCerts || aIkeMsg->iCerts->Count() == 0)
+ {
+ if(aIkeMsg->iIdR->GetNextPayload() != IKEV2_PAYLOAD_AUTH)
+ {
+ DEBUG_LOG(_L("5"));
+ return EFalse;
+ }
+ }
+ else
+ {
+ if(aIkeMsg->iIdR->GetNextPayload() != IKEV2_PAYLOAD_CERT)
+ {
+ DEBUG_LOG(_L("6"));
+ return EFalse;
+ }
+ TInt c = aIkeMsg->iCerts->Count();
+ if(aIkeMsg->iCerts->At(c-1)->GetNextPayload() != IKEV2_PAYLOAD_AUTH)
+ {
+ DEBUG_LOG(_L("7"));
+ return EFalse;
+ }
+ }
+ }
+ else
+ {
+ if(!aIkeMsg->iIdI)
+ {
+ DEBUG_LOG(_L("8"));
+ return EFalse;
+ }
+ if(aIkeMsg->iCerts && aIkeMsg->iCerts->Count() != 0)
+ {
+ if(aIkeMsg->iIdI->GetNextPayload() != IKEV2_PAYLOAD_CERT)
+ {
+ DEBUG_LOG(_L("9"));
+ return EFalse;
+ }
+ }
+ if(aIkeMsg->iCertReqs && aIkeMsg->iCertReqs->Count() != 0)
+ {
+ TInt c = aIkeMsg->iCertReqs->Count();
+ if(aIkeMsg->iIdR && aIkeMsg->iCertReqs->At(c-1)->GetNextPayload() != IKEV2_PAYLOAD_ID_R)
+ {
+ DEBUG_LOG(_L("10"));
+ return EFalse;
+ }
+ if(!aIkeMsg->iIdR && aIkeMsg->iCertReqs->At(c-1)->GetNextPayload() != IKEV2_PAYLOAD_AUTH)
+ {
+ DEBUG_LOG(_L("11"));
+ return EFalse;
+ }
+ }
+ if(aIkeMsg->iIdR && aIkeMsg->iIdR->GetNextPayload() != IKEV2_PAYLOAD_AUTH)
+ {
+ DEBUG_LOG(_L("12"));
+ return EFalse;
+ }
+ }
+ }
+ break;
+
+ case CREATE_CHILD_SA:
+ if(!aIkeMsg->iEncr || !aIkeMsg->iSa || !aIkeMsg->iNonce) return EFalse;
+ if(aIkeMsg->iSa->GetNextPayload() != IKEV2_PAYLOAD_NONCE) return EFalse;
+ if(aIkeMsg->iKe && aIkeMsg->iNonce->GetNextPayload() != IKEV2_PAYLOAD_KE) return EFalse;
+ if(aIkeMsg->iTsI)
+ {
+ if(aIkeMsg->iKe && aIkeMsg->iKe->GetNextPayload() != IKEV2_PAYLOAD_TS_I) return EFalse;
+ if(!aIkeMsg->iKe && aIkeMsg->iNonce->GetNextPayload() != IKEV2_PAYLOAD_TS_I) return EFalse;
+ if(aIkeMsg->iTsI->GetNextPayload() != IKEV2_PAYLOAD_TS_R) return EFalse;
+ }
+ break;
+
+ default:
+ break;
+ }
+ DEBUG_LOG(_L("13"));
+ return ETrue;
+ }
+
+
+TBool CIkev2Negotiation::Stopped()
+ {
+ return iStopped;
+ }
+
+
+TBool CIkev2Negotiation::ImplicitChildSa()
+ {
+ return (iState < KStateIkeSaCompleted);
+ }
+
+
+HBufC8* CIkev2Negotiation::PeekProposedSa()
+ {
+ return iProposedSA;
+ }
+
+
+HBufC8* CIkev2Negotiation::GetProposedSa()
+ {
+ HBufC8* Sa = iProposedSA;
+ iProposedSA = NULL;
+ return Sa;
+ }
+
+
+void CIkev2Negotiation::SetProposedSa(HBufC8* aSaPl)
+ {
+ delete iProposedSA;
+ iProposedSA = aSaPl;
+ }
+
+
+CIkev2Acquire** CIkev2Negotiation::GetAcquireQue()
+ {
+ return &iAcquireFirst;
+ }
+
+
+CIkev2Expire** CIkev2Negotiation::GetExpireQue()
+ {
+ return &iExpireFirst;
+ }
+
+
+TBool CIkev2Negotiation::RequestsPending()
+ {
+ return (iAcquireFirst || iExpireFirst);
+ }
+
+
+void CIkev2Negotiation::SetNotifyCode(TInt aMsgType)
+ {
+ if (iNotifyCode == 0)
+ iNotifyCode = aMsgType;
+ }
+
+
+TInt CIkev2Negotiation::GetNotifyCode()
+ {
+ return iNotifyCode;
+ }
+
+
+void CIkev2Negotiation::StoreNotifyData32(TUint32 aData)
+ {
+ PUT32(iNotifyData, aData);
+ iNotifyDataLth = 4;
+ }
+
+
+void CIkev2Negotiation::StoreNotifyData16(TUint16 aData)
+ {
+ PUT16(iNotifyData, aData);
+ iNotifyDataLth = 2;
+ }
+
+
+TUint8* CIkev2Negotiation::NotifyData(TInt& aDataLth)
+ {
+ aDataLth = iNotifyDataLth;
+ if ( iNotifyDataLth )
+ return iNotifyData;
+ else return NULL;
+ }
+
+
+TInetAddr CIkev2Negotiation::GetLocalAddr() const
+ {
+ if ( iHdr.iVirtualAddr.IsUnspecified() )
+ {
+ return iHdr.iLocalAddr;
+ }
+ else
+ {
+ return iHdr.iVirtualAddr;
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2pfkey.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,279 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility methods to handle PFKEY messaging
+*
+*/
+
+#include "ikev2pfkey.h"
+#include "ikev2pluginsession.h"
+#include "ikev2SAdata.h"
+#include "ipsecsadata.h"
+#include "pfkeyextdatautil.h"
+#include "ikev2acquire.h"
+#include "ikev2trafficselector.h"
+#include "ikev2ipsecsadata.h"
+#include <networking/pfkeyv2.h>
+#include "ikev2const.h"
+
+static const TUid KIkeV2PlugInUid3 = { 0x10206993 };
+
+void Ikev2Pfkey::UpdateIpsecSaDataBaseL(const TIkev2SAData& aIkev2SA,
+ const TIkeV2IpsecSAData& aChild,
+ CIkev2PluginSession& aIkePluginSession,
+ CIkev2Acquire& aAcquire)
+{
+ //
+ // Fill Ipsec SA info int TSAData object for PFKEY Update/Add
+ // primitives. Take local and remote identity data from CIkev2Acquire object
+ //
+ __ASSERT_DEBUG(aChild.iKeyMaterial != NULL, User::Invariant());
+
+ TUint16 LocalPort = 0;
+ TUint16 RemotePort = 0;
+ TUint8 LocalIdType = 0;
+ TUint8 RemoteIdType = 0;
+ TUint8 Protocol = 0;
+ const CArrayFix<TIkeV2TrafficSelector>& TsI = aAcquire.TS_i();
+ const CArrayFix<TIkeV2TrafficSelector>& TsR = aAcquire.TS_r();
+
+ __ASSERT_DEBUG(TsI.Count() > 0, User::Invariant());
+ __ASSERT_DEBUG(TsR.Count() > 0, User::Invariant());
+
+ HBufC8* localId = aAcquire.LocalId();
+ HBufC8* remoteId = NULL;
+
+
+ if ( aAcquire.RemoteId() )
+ {
+ remoteId = aAcquire.RemoteId()->AllocLC();
+ }
+ else
+ {
+ if ( aAcquire.Response() )
+ {
+ remoteId = TsI[0].IdFromTsL();
+ CleanupStack::PushL(remoteId);
+ }
+ else
+ {
+ remoteId = TsR[0].IdFromTsL();
+ CleanupStack::PushL(remoteId);
+ }
+ }
+
+ //
+ // Build Encryption and integrity keys for Ipsec SA:s
+ // Keying material MUST be taken from the expanded KEYMAT in the
+ // following order:
+ // - All keys for SAs carrying data from the initiator to the responder
+ // are taken before SAs going in the reverse direction.
+ // If a single protocol has both encryption and authentication keys,
+ // the encryption key is taken from the first octets of KEYMAT and
+ // the authentication key is taken from the next octets.
+ //
+ const TUint8* KeyMat = aChild.iKeyMaterial->Des().Ptr();
+ TPtrC8 InAuthKey(NULL,0), OutAuthKey(NULL,0);
+ TPtrC8 InEncrKey(NULL,0), OutEncrKey(NULL,0);
+
+ if ( aChild.iSaType == SADB_SATYPE_ESP )
+ {
+ if ( aAcquire.Response() )
+ {
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&InEncrKey, &InAuthKey, KeyMat, aChild.iCipherKeyLth, aChild.iIntegKeyLth);
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&OutEncrKey, &OutAuthKey, KeyMat, aChild.iCipherKeyLth, aChild.iIntegKeyLth);
+ }
+ else
+ {
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&OutEncrKey, &OutAuthKey, KeyMat, aChild.iCipherKeyLth, aChild.iIntegKeyLth);
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&InEncrKey, &InAuthKey, KeyMat, aChild.iCipherKeyLth, aChild.iIntegKeyLth);
+ }
+ }
+ else
+ { // SADB_SATYPE_AH
+ if ( aAcquire.Response() )
+ {
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&InEncrKey, &InAuthKey, KeyMat, 0, aChild.iIntegKeyLth);
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&OutEncrKey, &OutAuthKey, KeyMat, 0, aChild.iIntegKeyLth);
+ }
+ else
+ {
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&OutEncrKey, &OutAuthKey, KeyMat, 0, aChild.iIntegKeyLth);
+ KeyMat = Ikev2Pfkey::GetIpsecKeys(&InEncrKey, &InAuthKey, KeyMat, 0, aChild.iIntegKeyLth);
+ }
+ }
+ TIpsecSAData SaData;
+ TUint32 SadbFlags;
+ if (aAcquire.DHGroup())
+ SadbFlags = SADB_SAFLAGS_PFS;
+ else SadbFlags = 0;
+
+ if ( !aChild.iTransport )
+ {
+ SaData.iInternalAddress.Init(KAfInet6);
+ SaData.iInternalAddress.SetScope(aIkePluginSession.VpnInterfaceIndex());
+ SadbFlags |= SADB_SAFLAGS_INT_ADDR;
+ }
+
+ //
+ // Inbound SA
+ //
+ SaData.iSAType = aChild.iSaType;
+ if ( aAcquire.Response() )
+ SaData.iSeq = aAcquire.Id();
+ else SaData.iSeq = aAcquire.Seq();
+ SaData.iPid = KIkeV2PlugInUid3.iUid;
+ SaData.iSrc = aIkev2SA.iRemoteAddr;
+ SaData.iSrc.SetPort(RemotePort);
+ if ( aAcquire.SrcSpecific() )
+ {
+ SaData.iDst = aIkev2SA.iLocalAddr;
+ SaData.iDst.SetPort(LocalPort);
+ }
+ else SaData.iDst.Init(0);
+ SaData.iProtocol = Protocol;
+ SaData.iSrcIdType = RemoteIdType;
+ SaData.iDstIdType = LocalIdType;
+ SaData.iSrcIdent.Set(remoteId->Des());
+ if ( !aAcquire.Response() && localId != NULL)
+ SaData.iDstIdent.Set(localId->Des());
+
+ TUint32 spi;
+ TPtr8 spiPtr(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ spiPtr = aChild.iSPI_In;
+ SaData.iSPI = spi;
+ switch ( aChild.iIntegAlg )
+ {
+ case AUTH_HMAC_MD5_96:
+ SaData.iAuthAlg = SADB_AALG_MD5HMAC;
+ break;
+
+ case AUTH_HMAC_SHA1_96:
+ SaData.iAuthAlg = SADB_AALG_SHA1HMAC;
+ break;
+
+ default:
+ SaData.iAuthAlg = 0;
+ break;
+ }
+ SaData.iEncrAlg = aChild.iEncrAlg; // Should correspond PFKEY2.H !
+ SaData.iAuthKey.Set(InAuthKey);
+ SaData.iEncrKey.Set(InEncrKey);
+ SaData.iHard = aAcquire.HardLifetime();
+ SaData.iSoft = aAcquire.SoftLifetime();
+ SaData.iReplayWindowLength = aAcquire.ReplayWindow();
+ SaData.iFlags = SadbFlags;
+
+ //
+ // Get the following implementation specific information for PFKEY
+ // primitives:
+ // -- ESP UDP encapsulation info, if a NAT device detected
+ // -- Interface index for tunnel mode inbound SA
+ //
+ HBufC8* GenExt = NULL;
+ if ( aIkev2SA.iNATFlags )
+ {
+ GenExt = HBufC8::NewLC(128);
+ TPtr8 GenExtPtr = GenExt->Des();
+ TInetAddr DummyAddr;
+ DummyAddr.SetFamily(KAFUnspec);
+ PFKeyExtDataUtil::BuildUdpEncExtensionData(GenExtPtr, aIkev2SA.iNATFlags,
+ EFalse, EFalse, 0, 0,
+ aIkev2SA.iDestinAddr, DummyAddr);
+ }
+ else
+ {
+ GenExt = HBufC8::NewLC(1);
+ }
+ SaData.iGenericExtension.Set(*GenExt);
+
+ aIkePluginSession.UpdateSAL(SaData);
+
+ SaData.iFlags &= ~SADB_SAFLAGS_INT_ADDR; //No VPN interface index to outbound SA
+ //
+ // Outbound SA. Some changes in the SA, the rest is the same
+ //
+ if ( !aAcquire.Response() )
+ SaData.iPid = aAcquire.Pid(); // Use Acquire PID for OUT SA when initiator
+ if ( aAcquire.SrcSpecific() )
+ {
+ SaData.iSrc = aIkev2SA.iLocalAddr;
+ SaData.iSrc.SetPort(LocalPort);
+ }
+ else SaData.iSrc.Init(0);
+ SaData.iDst = aIkev2SA.iRemoteAddr;
+ SaData.iDst.SetPort(RemotePort);
+ SaData.iSrcIdType = LocalIdType;
+ SaData.iDstIdType = RemoteIdType;
+ SaData.iSrcIdent.Set(localId->Des());
+ SaData.iDstIdent.Set(remoteId->Des());
+
+ spiPtr = aChild.iSPI_Out;
+ SaData.iSPI = spi;
+ SaData.iAuthKey.Set(OutAuthKey);
+ SaData.iEncrKey.Set(OutEncrKey);
+
+ aIkePluginSession.AddSAL(SaData);
+
+ CleanupStack::PopAndDestroy(GenExt);
+ CleanupStack::PopAndDestroy(remoteId);
+
+}
+
+CIkev2Acquire* Ikev2Pfkey::DeleteInboundSPI(const TIkev2SAData& aIkev2SA,
+ CIkev2PluginSession& aIkePluginSession,
+ CIkev2Acquire* aAcquire)
+{
+ //
+ // Issue PFKEY Delete SA for Inbound SPI in CIkev2Acquire object and
+ // delete CIkev2Acquire object then
+ //
+ if ( aAcquire )
+ {
+ TInetAddr LocalAddr;
+ if ( aAcquire->SrcSpecific() )
+ LocalAddr = aIkev2SA.iLocalAddr;
+ else LocalAddr.Init(0);
+ LocalAddr.SetPort(0);
+ TInetAddr RemoteAddr = aIkev2SA.iRemoteAddr;
+ RemoteAddr.SetPort(0);
+
+ TUint32 spi;
+ TPtr8 spiPtr(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ spiPtr = aAcquire->SPI_In();
+ aIkePluginSession.DeleteIpsecSA(spi, RemoteAddr, LocalAddr, aAcquire->IpsecProtocol());
+ delete aAcquire;
+ }
+
+ return NULL;
+}
+
+const TUint8* Ikev2Pfkey::GetIpsecKeys(TPtrC8* aEncrKey, TPtrC8* aIntegKey, const TUint8* aKeyMaterial, TInt aCipherKeyLth, TInt aIntegKeyLth )
+{
+ if ( aCipherKeyLth && aKeyMaterial)
+ {
+ ASSERT(aEncrKey);
+ aEncrKey->Set(aKeyMaterial, aCipherKeyLth);
+ aKeyMaterial += aCipherKeyLth;
+ }
+
+ if ( aIntegKeyLth )
+ {
+ ASSERT(aIntegKey && aKeyMaterial);
+ aIntegKey->Set(aKeyMaterial, aIntegKeyLth);
+ aKeyMaterial += aIntegKeyLth;
+ }
+
+ return aKeyMaterial;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2plugin.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,139 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 protocol plugin
+*
+*/
+
+#include <random.h>
+#include <in_sock.h>
+
+#include "ikev2plugin.h"
+#include "ikedebug.h"
+#include "ikev2pluginsession.h"
+#include "ipsecpolicyutil.h"
+
+
+EXPORT_C MIkePluginIf* Ikev2PlugInL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ return CIkev2PlugIn::NewL(aEventLogger, aDebug);
+ }
+
+CIkev2PlugIn* CIkev2PlugIn::NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CIkev2PlugIn* self = new (ELeave) CIkev2PlugIn(aEventLogger, aDebug);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CIkev2PlugIn::CIkev2PlugIn( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+: iEventLogger(aEventLogger), iDebug(aDebug)
+ {
+ }
+
+
+void CIkev2PlugIn::ConstructL()
+ {
+ iPfKeySocketIf = CPFKeySocketIf::NewL(this, iDebug);
+ iIpsecPolicyUtil = CIpsecPolicyUtil::NewL();
+ }
+
+
+CIkev2PlugIn::~CIkev2PlugIn()
+ {
+ delete iIpsecPolicyUtil;
+ delete iPfKeySocketIf;
+
+ __ASSERT_DEBUG( iPluginSessions.Count() == 0,
+ User::Invariant() );
+ iPluginSessions.Close();
+ }
+
+
+MIkePluginSessionIf* CIkev2PlugIn::CreateSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aIkeDataInterface )
+ {
+ CIkev2PluginSession* pluginSession = CIkev2PluginSession::NewL( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ aIkeDataInterface,
+ *this,
+ *iPfKeySocketIf,
+ *iIpsecPolicyUtil,
+ iEventLogger,
+ iDebug );
+ TInt err = iPluginSessions.Append( pluginSession );
+
+ if ( err != KErrNone )
+ {
+ delete pluginSession;
+ pluginSession = NULL;
+ User::Leave( err );
+ }
+
+ return pluginSession;
+ }
+
+void CIkev2PlugIn::PluginSessionDeleted(const MIkePluginSessionIf* aDeletedSession)
+ {
+ for (TInt i = 0; i < iPluginSessions.Count(); ++i)
+ {
+ if (iPluginSessions[i] == aDeletedSession)
+ {
+ iPluginSessions.Remove(i);
+ }
+ }
+ }
+
+void CIkev2PlugIn::PfkeyMessageReceived( const TPfkeyMessage& aPfkeyMessage )
+ {
+ switch ( aPfkeyMessage.iBase.iMsg->sadb_msg_type )
+ {
+ case SADB_ADD: // Fall through
+ case SADB_ACQUIRE:
+ {
+ for ( TInt i=0; i< iPluginSessions.Count(); i++ )
+ {
+ if ( iPluginSessions[i]->MatchDestinationAddress( aPfkeyMessage.iDstAddr.Address() ) )
+ {
+ iPluginSessions[i]->PfkeyMessageReceived( aPfkeyMessage );
+ break;
+ }
+ }
+ break;
+ }
+
+ case SADB_EXPIRE:
+ {
+ for ( TInt i=0; i< iPluginSessions.Count(); i++ )
+ {
+ if ( iPluginSessions[i]->MatchDestinationAddress( aPfkeyMessage.iSrcAddr.Address() ) )
+ {
+ iPluginSessions[i]->PfkeyMessageReceived( aPfkeyMessage );
+ break;
+ }
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2pluginsession.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1177 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+#include <random.h>
+
+#include "ikev2pluginsession.h"
+#include "ikev2plugin.h"
+#include "ikev2Negotiation.h"
+#include "ikepolparser.h"
+#include "ikedebug.h"
+#include "ikev2SA.h"
+#include "ikev2SAdata.h"
+#include "ikedatainterface.h"
+#include "ipsecsadata.h"
+#include "ikev2pfkey.h"
+#include "ipsecsalist.h"
+#include "ipsecpolicyutil.h"
+#include "ikev2messagesendqueue.h"
+
+
+CIkev2PluginSession* CIkev2PluginSession::NewL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev2PlugIn& aPlugin,
+ CPFKeySocketIf& aPfKeySocketIf,
+ CIpsecPolicyUtil& aIpsecPolicyUtil,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CIkev2PluginSession* self = new (ELeave) CIkev2PluginSession( aVpnIapId, aVpnNetId,
+ aVpnInterfaceIndex, aDataInterface,
+ aPlugin, aPfKeySocketIf, aIpsecPolicyUtil,
+ aEventLogger, aDebug );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkev2PluginSession::CIkev2PluginSession( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aDataInterface,
+ CIkev2PlugIn& aPlugin,
+ CPFKeySocketIf& aPfKeySocketIf,
+ CIpsecPolicyUtil& aIpsecPolicyUtil,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+: iVpnIapId(aVpnIapId), iVpnNetId(aVpnNetId), iDataInterface(aDataInterface), iPlugin(aPlugin),
+ iPfKeySocketIf(aPfKeySocketIf), iIpsecPolicyUtil(aIpsecPolicyUtil), iEventLogger(aEventLogger),
+ iDebug(aDebug), iVpnInterfaceIndex(aVpnInterfaceIndex)
+ {
+ }
+
+
+void CIkev2PluginSession::ConstructL()
+ {
+ TPtr8 ptr((TUint8*)&iSAIdSeed, sizeof(iSAIdSeed));
+ ptr.SetLength(sizeof(iSAIdSeed));
+ TRandom::RandomL(ptr);
+ iSAIdSeed &= 0x7fffffff; // Reset the most significant bit
+ DEBUG_LOG1(_L("CIkev2Plugin::ConstructL, SAId seed: %d"), iSAIdSeed );
+ }
+
+
+CIkev2PluginSession::~CIkev2PluginSession()
+ {
+ //Makes sure that all the negotiations and
+ //Sa data structures are deleted:
+ while ( iFirstNegotiation )
+ {
+ CIkev2Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = iFirstNegotiation->iNext;
+
+ delete negotiation;
+ }
+
+ while(iFirstIkev2SA)
+ {
+ CIkev2SA* ikeV2Sa = iFirstIkev2SA;
+ iFirstIkev2SA = ikeV2Sa->iNext;
+
+ delete ikeV2Sa;
+ }
+
+ delete iMessageSendQue;
+ delete iReceiver;
+ delete iIkeData;
+ delete iDeactivationTimer;
+
+ iPlugin.PluginSessionDeleted(this);
+ }
+
+
+void CIkev2PluginSession::NegotiateWithHost( const CIkeData& aIkeData,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus )
+ {
+ __ASSERT_DEBUG(iClientStatusNegotiate == NULL,
+ User::Invariant());
+
+ iClientStatusNegotiate = &aStatus;
+ *iClientStatusNegotiate = KRequestPending;
+
+ iInternalAddress = &aInternalAddress;
+
+ TRAPD(err, DoNegotiateWithHostL(aIkeData));
+ if (err != KErrNone)
+ {
+ DoCompleteNegotiateWithHost(err);
+ }
+ }
+
+
+void CIkev2PluginSession::DoNegotiateWithHostL( const CIkeData& aIkeData )
+ {
+ iIkeData = CIkeData::NewL(&aIkeData);
+
+ iReceiver = CIkev2Receiver::NewL( iDataInterface,
+ *this );
+
+ iMessageSendQue = CIkev2MessageSendQueue::NewL(iDataInterface,
+ iIkeData->iAddr,
+ iIkeData->iDscp,
+ iIkeData->iNatKeepAlive,
+ iDebug);
+
+
+ TInetAddr physicalAddr;
+ iDataInterface.GetLocalAddress(physicalAddr);
+ TInetAddr sgwAddr(iIkeData->iAddr);
+
+ // Negotiation ownership is transferred to the plugin
+ // before leave can occur.
+ iSAIdSeed++;
+
+ if (aIkeData.iUseInternalAddr)
+ {
+ CIkev2Negotiation* Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf, iEventLogger,
+ *iMessageSendQue, iDebug, iIkeData,
+ iVpnIapId, iSAIdSeed,
+ physicalAddr, sgwAddr);
+
+ Negotiation->StartIkeSANegotiationL();
+ }
+ else
+ {
+ //If internall addressing is not in use, we do not do anything else
+ //in this phase. The actual IKE negotiation is trickered by an Acquire
+ //PFKEY message from the IPsec, when there is actual data between the SGW and
+ //the phone.
+ DoCompleteNegotiateWithHost( KErrNone);
+ }
+ }
+
+
+void CIkev2PluginSession::CancelNegotiateWithHost()
+ {
+
+ if (iClientStatusNegotiate != NULL)
+ {
+ //If the Negotiate with host is cancelled we pretty much do a silent close
+ //for the connection
+
+ while ( iFirstNegotiation )
+ {
+ CIkev2Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = iFirstNegotiation->iNext;
+
+ delete negotiation;
+ }
+
+ while(iFirstIkev2SA)
+ {
+ CIkev2SA* ikeV2Sa = iFirstIkev2SA;
+ iFirstIkev2SA = ikeV2Sa->iNext;
+
+ delete ikeV2Sa;
+ }
+ DoCompleteNegotiateWithHost(KErrCancel);
+ }
+ }
+
+
+void CIkev2PluginSession::DeleteSession( const TBool aSilentClose,
+ TRequestStatus& aStatus )
+ {
+ DEBUG_LOG1(_L("Deactivating IKE SA:s for vpn iap %d"), iVpnIapId);
+
+ __ASSERT_DEBUG(iClientStatusDelete == NULL, User::Invariant());
+ iClientStatusDelete = &aStatus;
+ *iClientStatusDelete = KRequestPending;
+
+ TInt err = KErrNone;
+ TBool doSilentClose = aSilentClose;
+ //Deletes all ongoing ike negotiations
+ while ( iFirstNegotiation )
+ {
+ CIkev2Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = iFirstNegotiation->iNext;
+
+ delete negotiation;
+ }
+
+ TBool deactivating = EFalse;
+ while(iFirstIkev2SA)
+ {
+ CIkev2SA* ikeV2Sa = iFirstIkev2SA;
+ iFirstIkev2SA = ikeV2Sa->iNext;
+
+ if (!doSilentClose)
+ {
+ TRAP(err, DoDeleteIkeSAExhangeL(ikeV2Sa->iIkeV2SaData));
+ if (err == KErrNone)
+ {
+ deactivating = ETrue;
+ }
+ else
+ {
+ //If we can't start the IKE SA delete exhange,
+ //we do following expection handling:
+ //1. Possible already active delete exhanges can continue as they were.
+ //2. The IKE SA, which delete exchange failured, is deleted silently.
+ //3. The rest of the IKE SAs are deleted silently.
+ //4. The caller is notified with the error returned by the failed delete
+ // exchange attempt, if no delete exhanges are in progress.
+ //5. If there is ongoing delete exhange(s), the caller is notified with the
+ // status of last delete exhange, which completes.
+ DEBUG_LOG1(_L("CIkev2PluginSession::DeleteSession: Can't start IKE SA delete exhange (%d)"),
+ err );
+ doSilentClose = ETrue;
+ }
+ }
+ delete ikeV2Sa;
+ }
+
+ if (deactivating)
+ {
+ TRAP( err, iDeactivationTimer = CIkev2DeactivationTimer::NewL(*this) );
+ }
+
+ if (deactivating &&
+ err == KErrNone)
+ {
+ iDeactivationTimer->IssueRequest();
+ }
+ else
+ {
+ delete iIkeData;
+ iIkeData = NULL;
+ DoCompleteDeleteSession(err);
+ }
+ }
+
+
+void CIkev2PluginSession::DoDeleteIkeSAExhangeL(TIkev2SAData& aIkev2SAdata)
+ {
+ DEBUG_LOG1(_L("Deleting IKE SA SAID = %d"), aIkev2SAdata.SaId());
+
+ __ASSERT_DEBUG(iFirstNegotiation == NULL, User::Invariant());
+
+ CIkev2Negotiation* negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug, aIkev2SAdata);
+ CleanupStack::PushL(negotiation);
+ negotiation->StartIkeSADeleteL();
+ CleanupStack::Pop(negotiation);
+
+ __ASSERT_DEBUG( !negotiation->Stopped(), User::Invariant() );
+
+ }
+
+
+void CIkev2PluginSession::CancelDeleteSession()
+ {
+ if (iClientStatusDelete != NULL)
+ {
+ //If the delete sessionis cancelled we pretty much do a silent close
+ //for the connection
+ iMessageSendQue->CancelAll();
+ iReceiver->Cancel();
+ delete iDeactivationTimer;
+ iDeactivationTimer = NULL;
+
+ while ( iFirstNegotiation )
+ {
+ CIkev2Negotiation* negotiation = iFirstNegotiation;
+ iFirstNegotiation = iFirstNegotiation->iNext;
+
+ delete negotiation;
+ }
+
+ while(iFirstIkev2SA)
+ {
+ CIkev2SA* ikeV2Sa = iFirstIkev2SA;
+ iFirstIkev2SA = ikeV2Sa->iNext;
+
+ delete ikeV2Sa;
+ }
+ DoCompleteDeleteSession(KErrCancel);
+ }
+ }
+
+
+void CIkev2PluginSession::NotifyError( TRequestStatus& aStatus )
+ {
+ aStatus = KRequestPending;
+ iClientStatusNotifyError = &aStatus;
+ }
+
+void CIkev2PluginSession::CancelNotifyError()
+ {
+ if (iClientStatusNotifyError != NULL)
+ {
+ DoCompleteNotifyError(KErrCancel);
+ }
+ }
+
+
+void CIkev2PluginSession::NotifyInternalAddressChanged( TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus )
+ {
+ __ASSERT_DEBUG(iClientStatusInternalAddressChange == NULL,
+ User::Invariant());
+
+ __ASSERT_DEBUG(iChangedInternalAddress == NULL,
+ User::Invariant());
+
+
+ iClientStatusInternalAddressChange = &aStatus;
+ *iClientStatusInternalAddressChange = KRequestPending;
+
+ iChangedInternalAddress = &aInternalAddress;
+ }
+
+
+void CIkev2PluginSession::CancelNotifyInternalAddressChanged()
+ {
+ if (iClientStatusInternalAddressChange != NULL)
+ {
+ __ASSERT_DEBUG(iChangedInternalAddress != NULL, User::Invariant());
+ iChangedInternalAddress = NULL;
+ User::RequestComplete(iClientStatusInternalAddressChange, KErrCancel);
+ }
+ }
+
+
+void CIkev2PluginSession::LinkNegotiation(CIkev2Negotiation* aNegotiation)
+{
+ ASSERT(aNegotiation);
+ aNegotiation->iNext = iFirstNegotiation;
+ iFirstNegotiation = aNegotiation;
+}
+
+
+void CIkev2PluginSession::RemoveNegotiation(CIkev2Negotiation* aNegotiation)
+ {
+ CIkev2Negotiation* Prev = NULL;
+ CIkev2Negotiation* Neg = iFirstNegotiation;
+
+ while ( Neg )
+ {
+ if ( Neg == aNegotiation )
+ {
+ if ( Prev )
+ Prev->iNext = Neg->iNext;
+ else iFirstNegotiation = Neg->iNext;
+ break;
+ }
+ Prev = Neg;
+ Neg = Neg->iNext;
+ }
+ }
+
+//
+// Find an IKEv2 SA using SA Id as search argument
+//
+CIkev2SA* CIkev2PluginSession::FindIkev2SA(TUint32 aSAId, TInt aRequiredState, TInt aNewState)
+{
+ CIkev2SA* Sa = iFirstIkev2SA;
+ while ( Sa )
+ {
+ if ( ( Sa->iIkeV2SaData.SaId() == aSAId )
+ &&
+ ( ( aRequiredState == KSaStateNotDefined) ||
+ ( aRequiredState == Sa->iIkeV2SaData.iSAState ) ) )
+ {
+ if ( aNewState != KSaStateNotDefined )
+ Sa->iIkeV2SaData.iSAState = aNewState;
+ break;
+ }
+ Sa = Sa->iNext;
+ }
+ return Sa;
+}
+
+
+TBool CIkev2PluginSession::UpdateIkev2SAL(TIkev2SAData* aIkev2SAData, TIkeV2IpsecSAData* aIpsecSAData)
+ {
+ ASSERT(aIkev2SAData);
+ CIkev2SA* Ikev2SA = FindIkev2SA(aIkev2SAData->SaId(), KSaStateNotDefined, KSaStateNotDefined);
+ if ( Ikev2SA )
+ {
+ Ikev2SA->UpdateL(aIkev2SAData, aIpsecSAData);
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+
+TIkeV2IpsecSAData* CIkev2PluginSession::FindIpsecSAData(TUint32 aSAId, const TDesC8& aSpi, TBool aInbound)
+ {
+ __ASSERT_ALWAYS(aSpi.Length() == 4, User::Invariant());
+
+ _LIT8(KZeroSpi, "");
+ TIkeV2IpsecSAData* SaData = NULL;
+ CIkev2SA* Ikev2SA = FindIkev2SA(aSAId, KSaStateNotDefined, KSaStateNotDefined);
+ if ( Ikev2SA )
+ {
+ if ( aInbound )
+ SaData = Ikev2SA->FindIpsecSaData(aSpi, KZeroSpi, EFalse);
+ else SaData = Ikev2SA->FindIpsecSaData(KZeroSpi, aSpi, EFalse);
+ }
+ return SaData;
+ }
+
+
+//
+// Delete an IKEv2 SA using SA Id as search argument
+//
+void CIkev2PluginSession::DeleteIkev2SA(TUint32 aSAId)
+{
+ CIkev2SA* Sa = iFirstIkev2SA;
+ CIkev2SA* PrevSa = NULL;
+ while ( Sa )
+ {
+ if ( Sa->iIkeV2SaData.SaId() == aSAId )
+ {
+ if ( PrevSa )
+ {
+ PrevSa->iNext = Sa->iNext;
+ }
+ else
+ {
+ iFirstIkev2SA = Sa->iNext;
+ }
+ if (Sa->iIkeV2SaData.iFloatedPort)
+ {
+ iMessageSendQue->SaBehindNatDeleted(Sa->iIkeV2SaData.SaId());
+ }
+ delete Sa;
+ break;
+ }
+ PrevSa = Sa;
+ Sa = Sa->iNext;
+ }
+}
+
+TUint32 CIkev2PluginSession::GetSAId()
+ {
+ iSAIdSeed++;
+ return iSAIdSeed;
+ }
+
+TBool CIkev2PluginSession::CreateIkev2SAL(TIkev2SAData& aIkev2SAData)
+ {
+ CIkev2SA* Ikev2SA = CIkev2SA::NewL(*this, aIkev2SAData, iDebug);
+ if (aIkev2SAData.iFloatedPort)
+ {
+ CleanupStack::PushL(Ikev2SA);
+ iMessageSendQue->NewSaBehindNatL(aIkev2SAData.SaId());
+ CleanupStack::Pop(Ikev2SA);
+ }
+ Ikev2SA->iNext = iFirstIkev2SA;
+ iFirstIkev2SA = Ikev2SA;
+
+ return ETrue;
+ }
+
+void CIkev2PluginSession::IkeSaCompleted(TInt aStatus, TVPNAddress& aInternalAddress)
+{
+ if (iClientStatusNegotiate != NULL)
+ {
+ //This is the first IKE sa of this session
+ if (!aInternalAddress.iVPNIfAddr.IsUnspecified())
+ {
+ *iInternalAddress = aInternalAddress;
+ }
+
+ // Completion is postponed, if IPsec SAs have not yet been updated.
+ if (iActivated ||
+ aStatus != KErrNone)
+ {
+ DoCompleteNegotiateWithHost(aStatus);
+ }
+ }
+ else if (aStatus == KErrNone)
+ {
+ //This is not the first IKE SA in this session.
+ //If IA has changed we notify the possible address change
+ if(!aInternalAddress.iVPNIfAddr.IsUnspecified())
+ {
+ VirtualIpChanged(aInternalAddress);
+ }
+ }
+ else if(iClientStatusNotifyError != NULL)
+ {
+ //Ike sa establishmet has failed.
+ DoCompleteNotifyError(aStatus);
+ }
+}
+
+
+void CIkev2PluginSession::VirtualIpChanged(TVPNAddress& aVirtualIp)
+ {
+ if (iClientStatusInternalAddressChange != NULL)
+ {
+ __ASSERT_DEBUG(iChangedInternalAddress != NULL, User::Invariant());
+ *iChangedInternalAddress = aVirtualIp;
+ User::RequestComplete(iClientStatusInternalAddressChange, KErrNone);
+ iChangedInternalAddress = NULL;
+ }
+ }
+
+void CIkev2PluginSession::StartResponding()
+ {
+ iCurrIkeSaRespCount++;
+ }
+
+
+void CIkev2PluginSession::StopResponding()
+ {
+ if (iCurrIkeSaRespCount)
+ {
+ iCurrIkeSaRespCount--;
+ }
+ }
+
+
+void CIkev2PluginSession::DeleteIpsecSAData(TUint32 aSAId, const TDesC8& aSpi, TBool aInbound)
+ {
+ __ASSERT_DEBUG(aSpi.Length() == 4, User::Invariant());
+ _LIT8(KZeroSpi, "");
+ CIkev2SA* Ikev2SA = FindIkev2SA(aSAId, KSaStateNotDefined, KSaStateNotDefined);
+ if ( Ikev2SA )
+ {
+ if ( aInbound )
+ Ikev2SA->DeleteIpsecSaData(aSpi, KZeroSpi);
+ else Ikev2SA->DeleteIpsecSaData(KZeroSpi, aSpi);
+ }
+ }
+
+void CIkev2PluginSession::IkeSaDeleted(TInt aStatus)
+ {
+ if (iClientStatusDelete != NULL)
+ {
+ DoCompleteDeleteSession(aStatus);
+ }
+ else if (aStatus != KErrNone && iClientStatusNotifyError != NULL)
+ {
+ DoCompleteNotifyError(aStatus);
+ }
+ else if (aStatus != KErrNone && iClientStatusNegotiate != NULL)
+ {
+ TVPNAddress dummyVirtualIp;
+ IkeSaCompleted(aStatus,dummyVirtualIp);
+ }
+ }
+
+
+CIpsecSaSpecList* CIkev2PluginSession::GetIPsecSaSpecListL( const TInetAddr& aLocalAddr, const TInetAddr& aLocalMask,
+ const TInetAddr& aRemoteAddr, const TInetAddr& aRemoteMask,
+ TInt aProtocol )
+ {
+ CIpsecSaSpecList* saSpecList = iIpsecPolicyUtil.GetIpseSaSpecListLC( aLocalAddr, aLocalMask,
+ aRemoteAddr, aRemoteMask,
+ aProtocol, iVpnNetId );
+ CleanupStack::Pop(saSpecList);
+
+ return saSpecList;
+ }
+
+
+TBool CIkev2PluginSession::InheritIpsecSas(TUint32 aDstSAId, TUint32 aSrcSAId)
+ {
+ CIkev2SA* DstIkev2SA = FindIkev2SA(aDstSAId, KSaStateNotDefined, KSaStateNotDefined);
+ if ( DstIkev2SA )
+ {
+ CIkev2SA* SrcIkev2SA = FindIkev2SA(aSrcSAId, KSaStateNotDefined, KSaStateNotDefined);
+ if ( SrcIkev2SA )
+ {
+ DstIkev2SA->SetIpsecSaQue(SrcIkev2SA->GetIpsecSaQue());
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+
+TUint32 CIkev2PluginSession::VpnInterfaceIndex() const
+ {
+ return iVpnInterfaceIndex;
+ }
+
+TBool CIkev2PluginSession::RemoteAddrChanged(TIkev2SAData* aIkev2SAData, TInetAddr& aNewIp)
+ {
+ __ASSERT_DEBUG(aIkev2SAData, User::Invariant());
+ CIkev2SA* Ikev2SA = FindIkev2SA(aIkev2SAData->SaId(), KSaStateNotDefined, KSaStateNotDefined);
+ if ( Ikev2SA )
+ return Ikev2SA->RemoteAddrChanged(aNewIp);
+ else return ETrue;
+ }
+
+void CIkev2PluginSession::KeepAliveIkeSAL(TIkev2SAData* aIkev2SAdata)
+ {
+ ASSERT(aIkev2SAdata);
+ CIkev2Negotiation* Negotiation = FindNegotiation(aIkev2SAdata->SaId(), KSaStateNotDefined);
+ if ( Negotiation )
+ {
+ //There is already some negotiation going on this SA, don't send keep-alive
+ return;
+ }
+
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug, *aIkev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ Negotiation->SendKeepAliveMsgL();
+ if ( Negotiation->Stopped() )
+ {
+ CleanupStack::PopAndDestroy(Negotiation);
+ }
+ else
+ {
+ CleanupStack::Pop(Negotiation);
+ }
+ }
+
+CIkev2Negotiation* CIkev2PluginSession::FindNegotiation(TUint32 aSAId, TInt aRequiredState)
+ {
+ //
+ // Find IKEv2 negotiation object using SAId as search argument
+ //
+ CIkev2Negotiation* Neg = iFirstNegotiation;
+ while ( Neg )
+ {
+ if ( ( Neg->iHdr.SaId() == aSAId )
+ &&
+ ( ( aRequiredState == KSaStateNotDefined) ||
+ ( aRequiredState == Neg->iHdr.iSAState ) ) )
+ {
+ break;
+ }
+
+ Neg = Neg->iNext;
+ }
+ return Neg;
+ }
+
+TBool CIkev2PluginSession::DeleteIkeSAL(TIkev2SAData* aIkev2SAdata, TBool aNormal)
+ {
+ ASSERT(aIkev2SAdata);
+ //
+ // An IKE SA delete request received
+ // Check first does there exists an ongoing negotiation on this IKE
+ // SA deleted and delete this block.
+ // Allocate a new negotiation with TIkev2SAData and initiate IKE SA
+ // deletion request
+ //
+ DEBUG_LOG1(_L("Deleting IKE SA SAID = %d"), aIkev2SAdata->SaId());
+
+ CIkev2Negotiation* Negotiation = FindNegotiation(aIkev2SAdata->SaId(), KSaStateNotDefined);
+ while ( Negotiation )
+ {
+ delete Negotiation; // destructor removes object from queue, too
+ Negotiation = FindNegotiation(aIkev2SAdata->SaId(), KSaStateNotDefined);
+ }
+
+ TBool Started = EFalse;
+ if ( aNormal )
+ {
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug, *aIkev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ Negotiation->StartIkeSADeleteL();
+ CleanupStack::Pop(Negotiation);
+ if ( Negotiation->Stopped() )
+ delete Negotiation;
+ else Started = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Forced close, no delete payload(s) sent"));
+ }
+
+ DeleteIkev2SA(aIkev2SAdata->SaId());
+
+ return Started;
+ }
+
+void CIkev2PluginSession::RekeyIkeSAL(TIkev2SAData* aIkev2SAdata)
+ {
+ ASSERT(aIkev2SAdata);
+ //
+ // Rekey specified IKE SA
+ //
+ DEBUG_LOG1(_L("Starting to rekey IKE SA SAID = %d"), aIkev2SAdata->SaId());
+ CIkev2Negotiation* Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug, *aIkev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ Negotiation->BuildIkeSaRekeyMsgL(ETrue);
+ if ( Negotiation->Stopped() )
+ CleanupStack::PopAndDestroy(Negotiation);
+ else CleanupStack::Pop(Negotiation);
+ }
+
+void CIkev2PluginSession::IkeMsgReceived( const ThdrISAKMP& aIkeMsg,
+ const TInetAddr& aSrcAddr,
+ TInt aLocalPort)
+ {
+ TRAPD(err, IkeMessageReceivedL(aIkeMsg, aSrcAddr, aLocalPort));
+ if (err != KErrNone)
+ {
+ //Leave that we have not been able to handle
+ //above layers. We close the connection and report an error.
+ IkeSaDeleted(err);
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkev2ReceiverCallback
+// Handles notification about receive error.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::ReceiveError( TInt aError )
+ {
+ IkeSaDeleted( aError );
+ }
+
+void CIkev2PluginSession::IkeMessageReceivedL(const ThdrISAKMP& aIkeMessage,
+ const TInetAddr &aRemote,
+ TUint16 aLocalPort)
+ {
+
+ //
+ // Do sanity check Parse incoming IKE message
+ //
+ TUint32 NegotiationId;
+ if ( !CheckIkeMessageHeader(aIkeMessage, NegotiationId) )
+ return; // Format error in received IKE message header
+
+ TBool CleanUpUsed = EFalse;
+ CIkev2Negotiation* Negotiation;
+ if ( NegotiationId )
+ {
+ //
+ // Try to find ongoing IKEv2 negotiation with Id
+ //
+ Negotiation = FindNegotiation(NegotiationId, KSaStateNotDefined);
+ if ( !Negotiation )
+ {
+ if (!(aIkeMessage.GetFlags() & IKEV2_RESPONSE_MSG))
+ {
+ //
+ // Try to find an IKEv2 SA with negotiation ID
+ //
+ TIkev2SAData* Ikev2SAdata = FindIkev2SAData(NegotiationId,
+ KSaStateNotDefined, KSaStateNotDefined);
+ if ( Ikev2SAdata )
+ {
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug, *Ikev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ CleanUpUsed = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("Receive IKE message cannot be associated"));
+ return;
+ }
+ }
+ else
+ {
+ DEBUG_LOG(_L("Received response message, but we don't have associated negotiation"));
+ DEBUG_LOG(_L("--> Message silently discarded."));
+ return;
+ }
+ }
+ }
+ else
+ {
+ //
+ // Negotiation ID has zero value. This must be an IKE_SA_INIT
+ // message from peer where Responder SPI has zero value
+ // Get a new negotiation object
+ //
+
+ TInetAddr localAddr;
+ iDataInterface.GetLocalAddress(localAddr);
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf, iEventLogger,
+ *iMessageSendQue, iDebug,
+ iIkeData, iVpnIapId, this->GetSAId(),
+ localAddr,
+ aRemote);
+ CleanupStack::PushL(Negotiation);
+ if ( !Negotiation->StartRespondingL(aIkeMessage) )
+ {
+ if ( Negotiation->Stopped() )
+ CleanupStack::PopAndDestroy(Negotiation);
+ else CleanupStack::Pop(Negotiation);
+ return;
+ }
+ CleanUpUsed = ETrue;
+ }
+
+ Negotiation->ProcessIkeMessageL(aIkeMessage, (TInetAddr&)aRemote, aLocalPort);
+ if ( CleanUpUsed )
+ CleanupStack::Pop(Negotiation);
+
+ if ( Negotiation->Stopped() )
+ delete Negotiation;
+ }
+
+TBool CIkev2PluginSession::CheckIkeMessageHeader(const ThdrISAKMP& aIkeMessage, TUint32& NegotiationId)
+ {
+ //
+ // Do the following sanity checks to incoming IKE message fixed
+ // header
+ // -- Check that Exchange type has some value specified in IKEv2
+ // -- Check that Next Payload has some value specified in IKEv2
+ // -- Check that Inititor SPI has not "zero" value
+ //
+ TUint8 ExchangeType = aIkeMessage.GetExchange();
+ if ( (ExchangeType < IKE_SA_INIT) || (ExchangeType > INFORMATIONAL) )
+ {
+ DEBUG_LOG1(_L("Unsupported Exchange Type: %d"),ExchangeType);
+ return EFalse;
+ }
+
+ TUint32 SPI_I_Low = aIkeMessage.GetSPI_I_Low32();
+ TUint32 NegotiationId_I = aIkeMessage.GetNegotiationID_I();
+ if ( (SPI_I_Low == 0 ) && ( NegotiationId_I == 0 ) )
+ {
+ DEBUG_LOG(_L("Initiator SPI has zero value !\n"));
+ return EFalse;
+ }
+ //
+ // The negotiation id is a 32-bit (not zero) id value which
+ // unambiguously identiefies an IKEv2 negotiation object (CIkev2Negotiation).
+ // This negotiation id is packed into the SPI value ( 32 most
+ // significant bits of SPI) defined by the local end (=us).
+ // Get the negotiation id from local SPI in IKE message
+ // according to Initiator Bit in received IKE message header
+ // flags.
+ // Initiator = 1 ==> Get negotiation id from responder SPI
+ // Initiator = 0 ==> Get negotiation id from initiator SPI
+ //
+ aIkeMessage.GetFlags();
+ if ( aIkeMessage.GetFlags() & IKEV2_INITIATOR )
+ NegotiationId = aIkeMessage.GetNegotiationID_R();
+ else NegotiationId = NegotiationId_I;
+
+ return ETrue;
+ }
+
+
+void CIkev2PluginSession::DeleteIpsecSA( const TUint32 aSPI, const TInetAddr& aSrc,
+ const TInetAddr& aDst, const TUint8 aProtocol )
+ {
+ iPfKeySocketIf.DeleteSA(aSPI, aSrc, aDst, aProtocol);
+ }
+
+
+void CIkev2PluginSession::AddSAL( const TIpsecSAData& aSAData )
+ {
+ iPfKeySocketIf.AddSAL( aSAData );
+ }
+
+
+void CIkev2PluginSession::UpdateSAL( const TIpsecSAData& aSAData )
+ {
+ iPfKeySocketIf.UpdateSAL( aSAData );
+ }
+
+
+TIkev2SAData* CIkev2PluginSession::FindIkev2SAData(TUint32 aSAId, TInt aRequiredState, TInt aNewState)
+ {
+ TIkev2SAData* SaData = NULL;
+ CIkev2SA* Ikev2SA = FindIkev2SA(aSAId, aRequiredState, aNewState);
+ if ( Ikev2SA )
+ SaData = (TIkev2SAData*)&Ikev2SA->iIkeV2SaData;
+ return SaData;
+ }
+
+void CIkev2PluginSession::PfkeyMessageReceived(const TPfkeyMessage& aPfkeyMessage)
+ {
+ TRAPD(err, PfkeyMessageReceivedL(aPfkeyMessage));
+ if (err != KErrNone)
+ {
+ //Leave that we have not been able to handle
+ //above layers. We close the connection and report an error.
+ IkeSaDeleted(err);
+ }
+ }
+
+void CIkev2PluginSession::PfkeyMessageReceivedL(const TPfkeyMessage& aPfkeyMessage)
+ {
+ //
+ // Process received PFKEY message according to message type
+ //
+ TIkev2SAData* Ikev2SAdata = NULL;
+ CIkev2Negotiation* Negotiation = NULL;
+ TBool CleanUpUsed = EFalse;
+
+ __ASSERT_DEBUG(aPfkeyMessage.iBase.iMsg->sadb_msg_type != SADB_GETSPI, User::Invariant());
+ switch ( aPfkeyMessage.iBase.iMsg->sadb_msg_type )
+ {
+ case SADB_ADD:
+ {
+ if ( !iActivated )
+ {
+ DEBUG_LOG(_L("Updating of IPsec SAs completed"));
+ iActivated = ETrue;
+ TVPNAddress dummyVirtualIp;
+ IkeSaCompleted(KErrNone,dummyVirtualIp);
+ }
+ break;
+ case SADB_ACQUIRE:
+ if ( iClientStatusDelete != NULL )
+ {
+ DEBUG_LOG(_L("Acquire ignored because of ongoing deactivation."));
+ return;
+ }
+ if (iFirstIkev2SA != NULL)
+ {
+ Ikev2SAdata = &(iFirstIkev2SA->iIkeV2SaData);
+ }
+ if ( Ikev2SAdata )
+ {
+ DEBUG_LOG(_L("Found IKE SA for the acquire"));
+ //
+ // An IKE SA found for Acquire. Get a negotiation
+ // object for IKE Child SA exchange
+ //
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf,
+ iEventLogger, *iMessageSendQue,
+ iDebug,*Ikev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ CleanUpUsed = ETrue;
+ }
+ else
+ {
+ DEBUG_LOG(_L("No IKE SA for the Acquire. Creating new."));
+ //
+ // No IKE SA found for Acquire not ongoing
+ // negotiation found for defined destination
+ // address.
+ // We shall start a new IKE SA negotiation to
+ // defined destination address. Find first the IKE
+ // policy for that destination address.
+ //
+ TInetAddr localAddr;
+ this->iDataInterface.GetLocalAddress(localAddr);
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf, iEventLogger,
+ *iMessageSendQue, iDebug, iIkeData,
+ iVpnIapId, GetSAId(),
+ localAddr,
+ *(aPfkeyMessage.iDstAddr.iAddr));
+ CleanupStack::PushL(Negotiation);
+ CleanUpUsed = ETrue;
+ }
+ Negotiation->ProcessAcquireL(aPfkeyMessage);
+ if ( CleanUpUsed )
+ CleanupStack::Pop(Negotiation);
+ if ( Negotiation->Stopped() )
+ delete Negotiation;
+ break;
+
+ case SADB_EXPIRE:
+ if (aPfkeyMessage.iSoft.iExt)
+ {
+ //
+ // An IPSEC SA soft lifetime has expired.
+ //
+ // Try to find an existing IKE SA with remote address
+ //
+ if (iFirstIkev2SA != NULL)
+ {
+ Ikev2SAdata = &(iFirstIkev2SA->iIkeV2SaData);
+ }
+ if ( Ikev2SAdata )
+ {
+ //
+ // An IKE SA found for soft expire. Get a negotiation
+ // object for IKE Child SA exchange
+ //
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf, iEventLogger,
+ *iMessageSendQue, iDebug, *Ikev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ DEBUG_LOG(_L("IKE SA found for soft expire IP."));
+
+ Negotiation->StartIpsecSaRekeyingL(aPfkeyMessage);
+ CleanupStack::Pop(Negotiation);
+ if ( Negotiation->Stopped() )
+ delete Negotiation;
+ }
+ else
+ {
+ DEBUG_LOG(_L("No IKE SA found for soft expire IP"));
+ }
+ }
+ else
+ {
+ //
+ // An IPSEC SA has been expired.
+ // Try to find an existing IKE SA with remote address
+ //
+ if (iFirstIkev2SA != NULL)
+ {
+ Ikev2SAdata = &(iFirstIkev2SA->iIkeV2SaData);
+ }
+ if ( Ikev2SAdata )
+ {
+ //
+ // An IKE SA found for Expire. Get a negotiation
+ // object for IKE Informational exchange
+ //
+ Negotiation = CIkev2Negotiation::NewL(*this, iPfKeySocketIf, iEventLogger,
+ *iMessageSendQue, iDebug, *Ikev2SAdata);
+ CleanupStack::PushL(Negotiation);
+ DEBUG_LOG(_L("IKE SA found for Expire IP"));
+
+ Negotiation->ProcessExpireL(aPfkeyMessage);
+ CleanupStack::Pop(Negotiation);
+ if ( Negotiation->Stopped() )
+ delete Negotiation;
+ }
+ else
+ {
+ DEBUG_LOG(_L("No IKE SA found Expire IP"));
+ }
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ }
+
+TBool CIkev2PluginSession::MatchDestinationAddress( const TInetAddr& aDestAddr ) const
+ {
+ TBool match( EFalse );
+
+ if ( iIkeData )
+ {
+ match = iIkeData->iAddr.Match( aDestAddr );
+ }
+ return match;
+ }
+
+void CIkev2PluginSession::DeactivationTimeout()
+ {
+ IkeSaDeleted(KErrTimedOut);
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's negotiate request.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::DoCompleteNegotiateWithHost( TInt aStatus )
+ {
+ if ( aStatus != KErrNone )
+ {
+ DoCancelActiveOperations();
+ }
+ else
+ {
+ iActivated = ETrue;
+ }
+
+ User::RequestComplete( iClientStatusNegotiate, aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's delete session request.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::DoCompleteDeleteSession( TInt aStatus )
+ {
+ delete iIkeData;
+ iIkeData = NULL;
+ delete iDeactivationTimer;
+ iDeactivationTimer = NULL;
+
+ if ( aStatus != KErrCancel )
+ {
+ DoCancelActiveOperations();
+ }
+ User::RequestComplete( iClientStatusDelete, aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Handles completion of client's notify error request.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::DoCompleteNotifyError( TInt aStatus )
+ {
+ if ( aStatus != KErrCancel )
+ {
+ DoCancelActiveOperations();
+ }
+ User::RequestComplete( iClientStatusNotifyError, aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels active operations.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::DoCancelActiveOperations()
+ {
+ // Cancel active negotiation operations.
+ CIkev2Negotiation* negotiation = iFirstNegotiation;
+ while ( negotiation != NULL )
+ {
+ negotiation->CancelOperation();
+ negotiation = negotiation->iNext;
+ }
+
+ // Cancel active IKE SA operations.
+ CIkev2SA* ikev2Sa = iFirstIkev2SA;
+ while( ikev2Sa != NULL )
+ {
+ ikev2Sa->Cancel();
+ ikev2Sa = ikev2Sa->iNext;
+ }
+
+ DoCancelDataTransfer();
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels data transfer.
+// ---------------------------------------------------------------------------
+//
+void CIkev2PluginSession::DoCancelDataTransfer()
+ {
+ if ( iReceiver != NULL )
+ {
+ iReceiver->StopReceive();
+ }
+ if ( iMessageSendQue != NULL )
+ {
+ iMessageSendQue->Cancel();
+ iMessageSendQue->CancelAll();
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2proposal.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,788 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 Proposal handling.
+*
+*/
+
+
+#include <e32math.h>
+#include <in_sock.h>
+#include "ikedebug.h"
+#include "ikev2proposal.h"
+#include "ikev2SAdata.h"
+#include "ikev2payloads.h"
+#include "ikemsgrec.h"
+#include "ikev2const.h"
+#include "ikev2plugin.h"
+#include "ikepolparser.h"
+#include "ikev2identity.h"
+#include "ikev2ipsecsadata.h"
+#include "ikev2Negotiation.h"
+#include <networking/pfkeyv2.h>
+
+HBufC8* Ikev2Proposal::FromPolicyToProposaL(TIkev2SAData& aIkeSaData,
+ const TDesC8& aRekeySpi,
+ TInt aDHGroupGuess,
+ TBool aRekey)
+{
+ //
+ // Build IKE SA proposal from IKE policy data
+ // Because proposal information is presented as "IKEv1"
+ // proposals in policy these are presented as sequence of
+ // proposals. All these transforms contains 4 different type transform
+ // payloads.
+ //
+ TProposalData* PropList = aIkeSaData.iIkeData->iPropList;
+
+ if ( !aRekey )
+ {
+ aIkeSaData.iEAPType = aIkeSaData.iIkeData->iEAPProtocol;
+ }
+
+ if (!PropList)
+ {
+ User::LeaveIfNull(PropList);
+ }
+
+ HBufC8* saData = HBufC8::NewL(512); //512 should be enough for all Proposals
+
+ TUint8 PropNum = 1;
+ TUint16 SaLth = 0;
+ TUint16 PropLth;
+ TUint16 TranLth;
+ TUint16 PRF;
+ TUint16 DHGroup;
+
+ TProposalIkev2* Proposal = TProposalIkev2::Cast(saData->Ptr());
+ TProposalIkev2* Next = Proposal;
+ TTransformIkev2* Transform;
+ TDataAttributes* Attributes;
+
+ while ( PropList )
+ {
+
+ Proposal = Next;
+ TPayloadIkev2::Cast(Proposal)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Proposal)->SetNextPayload(IKEV2_PAYLOAD_PROP);
+ Proposal->SetNum(PropNum);
+ Proposal->SetProtocol(IKEV2_PROTOCOL);
+ if ( aRekey )
+ {
+ Proposal->SetSPISize(IKEV2_SPI_SIZE);
+ Mem::Copy(Proposal->SPI(), aRekeySpi.Ptr(), IKEV2_SPI_SIZE);
+ }
+ else Proposal->SetSPISize(0);
+ Proposal->SetNumTrans(4);
+ PropLth = (TUint16)Proposal->PropHdrLth();
+
+ Transform = Proposal->TransformPl();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetType(IKEV2_ENCR); // Encryption Algorithm transform (1)
+ Transform->SetReserved();
+ TranLth = (TUint16)Transform->Size();
+
+ switch ( PropList->iEncrAlg )
+ {
+ case IKE_PARSER_DES_CBC:
+ Transform->SetID(ENCR_DES);
+ break;
+ case IKE_PARSER_DES3_CBC:
+ Transform->SetID(ENCR_3DES);
+ break;
+ case IKE_PARSER_AES_CBC:
+ Transform->SetID(ENCR_AES_CBC);
+ //
+ // Add key length attribute to transform data
+ //
+ Transform->SetID(ENCR_AES_CBC);
+ Attributes = Transform->Attributes();
+ Attributes->SetType(IKEV2_ENCR_KEY_LTH);
+ Attributes->SetBasic();
+ if (PropList->iEncrKeyLth)
+ Attributes->SetValue((TUint16)PropList->iEncrKeyLth);
+ else Attributes->SetValue(128); //default AES key size
+ TranLth = (TUint16)(TranLth + Attributes->Size());
+ break;
+ default:
+ Transform->SetID(ENCR_3DES); // Use 3DES as default
+ break;
+ }
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetType(IKEV2_INTEG); // Integrity Algorithm (3)
+ Transform->SetReserved();
+ TranLth = (TUint16)Transform->Size();
+
+ switch ( PropList->iHashAlg )
+ {
+ case IKE_PARSER_MD5:
+ Transform->SetID(AUTH_HMAC_MD5_96);
+ PRF = IKE_PARSER_MD5;
+ break;
+ case IKE_PARSER_SHA1:
+ Transform->SetID(AUTH_HMAC_SHA1_96);
+ PRF = IKE_PARSER_SHA1;
+ break;
+ default:
+ Transform->SetID(AUTH_HMAC_SHA1_96);
+ PRF = IKE_PARSER_SHA1;
+ break;
+ }
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetType(IKEV2_PRF); // Pseudo-random Function (2)
+ Transform->SetReserved();
+ TranLth = (TUint16)Transform->Size();
+
+ if ( PropList->iPRF )
+ PRF = PropList->iPRF;
+ switch ( PRF )
+ {
+ case IKE_PARSER_MD5:
+ Transform->SetID(PRF_HMAC_MD5);
+ break;
+ case IKE_PARSER_SHA1:
+ Transform->SetID(PRF_HMAC_SHA1);
+ break;
+ default:
+ Transform->SetID(AUTH_HMAC_SHA1_96);
+ break;
+ }
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+
+
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ Transform->SetType(IKEV2_DH); // Diffie-Hellman Group (4)
+ Transform->SetReserved();
+ TranLth = (TUint16)Transform->Size();
+
+
+ DHGroup = (PropList->iGroupDesc == 0) ? aIkeSaData.iIkeData->iGroupDesc_II :
+ PropList->iGroupDesc;
+
+ DHGroup = Ikev2Proposal::GetDHGroup(DHGroup);
+ Transform->SetID(DHGroup);
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+
+ if ( PropNum == aDHGroupGuess)
+ {
+ if (aIkeSaData.iDHGroup == 0)
+ aIkeSaData.iDHGroup = DHGroup; // Preferred group for initial KE payload
+ switch ( PropList->iAuthMeth )
+ {
+ case IKE_PARSER_DSS_SIG:
+ aIkeSaData.iAuthMethod = DSS_DIGITAL_SIGN;
+ break;
+
+ case IKE_PARSER_RSA_SIG:
+ case IKE_PARSER_RSA_REV_ENCR:
+ aIkeSaData.iAuthMethod = RSA_DIGITAL_SIGN;
+ break;
+
+ default:
+ aIkeSaData.iAuthMethod = PRESHARED_KEY;
+ break;
+
+ }
+ }
+
+ if ( aIkeSaData.iLifetime == 0 )
+ aIkeSaData.iLifetime = PropList->iLifetimeSec; // Init lifetime
+ else if ( PropList->iLifetimeSec && (aIkeSaData.iLifetime > PropList->iLifetimeSec) )
+ aIkeSaData.iLifetime = PropList->iLifetimeSec; // Take shorter time
+
+ PropLth = (TUint16)(PropLth + TranLth);
+ SaLth = (TUint16)(SaLth + PropLth);
+ TPayloadIkev2::Cast(Proposal)->SetLength(PropLth);
+
+ PropNum ++;
+ Next = (TProposalIkev2*)TPayloadIkev2::Cast(Proposal)->Next();
+ PropList = PropList->iNext;
+ }
+
+ if ( aIkeSaData.iLifetime == 0 )
+ aIkeSaData.iLifetime = IKEV2_DEF_LIFETIME;
+ TPayloadIkev2::Cast(Proposal)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+
+ saData->Des().SetLength(SaLth);
+
+ return saData;
+
+}
+
+HBufC8* Ikev2Proposal::GetPSKFromPolicyL(CIkeData* aHostData)
+{
+ ASSERT(aHostData);
+ //
+ // Get Preshared Key from IKE policy and return in to caller in
+ // HBufc8.
+ //
+ HBufC8 *PSK = NULL;
+ if ( aHostData->iPresharedKey.iFormat == STRING_KEY )
+ {
+ PSK = HBufC8::NewL(aHostData->iPresharedKey.iKey.Length());
+ PSK->Des().Copy(aHostData->iPresharedKey.iKey);
+ }
+ else if ( aHostData->iPresharedKey.iFormat == HEX_KEY )
+ {
+ PSK = HBufC8::NewL(aHostData->iPresharedKey.iKey.Length() / 2);
+
+
+ for(TInt i = 0; i < aHostData->iPresharedKey.iKey.Length(); i += 2)
+ {
+ TPtrC hexByte(aHostData->iPresharedKey.iKey.Mid(i, 2));
+ TLex lex(hexByte);
+ TUint8 value;
+ User::LeaveIfError(lex.Val(value, EHex));
+
+ PSK->Des().Append(&value, 1);
+ }
+
+ }
+
+ return PSK;
+}
+
+TUint16 Ikev2Proposal::GetDHGroup(TInt aDHGroup)
+{
+ //
+ // Map DH group Enum value used in IKE policy to the real DH group
+ // transform type value used in IKEv2 negotiation
+ // If aDHGroup parameter is not defined mapping is done to
+ // iGroupDesc_II data member value in CIkeData
+ //
+ TUint16 DHTransId = 0;
+ switch ( aDHGroup )
+ {
+ case IKE_PARSER_MODP_768:
+ DHTransId = DH_GROUP_768;
+ break;
+ case IKE_PARSER_MODP_1024:
+ DHTransId = DH_GROUP_1024;
+ break;
+ case IKE_PARSER_MODP_1536:
+ DHTransId = DH_GROUP_1536;
+ break;
+ case IKE_PARSER_MODP_2048:
+ DHTransId = DH_GROUP_2048;
+ break;
+ default:
+ break;
+ }
+
+ return DHTransId;
+}
+
+HBufC8* Ikev2Proposal::BuildSaResponseL(TProposalIkev2* aAcceptedProp, CIkev2Payloads* aAcceptedTrans)
+{
+ ASSERT(aAcceptedProp && aAcceptedTrans);
+ HBufC8* SaRespBfr = HBufC8::NewL(256); //256 should be enough response
+
+ //
+ // Build SA response payload based on Transform payloads which are
+ // marked to be "SELECTED" in request proposal
+ //
+ TProposalIkev2* Proposal = TProposalIkev2::Cast(const_cast<TUint8*>(SaRespBfr->Ptr()));
+ TUint16 PropLth = (TUint16)aAcceptedProp->PropHdrLth();
+ Mem::Copy((TUint8*)Proposal, (TUint8*)aAcceptedProp, PropLth);
+
+ TTransformIkev2* Transform = Proposal->TransformPl();
+ TTransformIkev2* LastTrans = Transform;
+ TTransformIkev2* AccTransform;
+ TUint8 NbrOfTransforms = 0;
+ TInt TranCount = aAcceptedTrans->iTrans->Count();
+ for ( TInt i = 0; i < TranCount; ++i )
+ {
+ AccTransform = (TTransformIkev2*)aAcceptedTrans->iTrans->At(i);
+ if ( AccTransform->IsSelected() )
+ {
+ NbrOfTransforms ++;
+ Mem::Copy((TUint8*)Transform, (TUint8*)AccTransform, TPayloadIkev2::Cast(AccTransform)->GetLength());
+ Transform->NotSelected(); // Reset selected bit !
+ PropLth = (TUint16)(PropLth + TPayloadIkev2::Cast(AccTransform)->GetLength());
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ LastTrans = Transform;
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ }
+ }
+ TPayloadIkev2::Cast(LastTrans)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ TPayloadIkev2::Cast(Proposal)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ TPayloadIkev2::Cast(Proposal)->SetLength(PropLth);
+ Proposal->SetNumTrans(NbrOfTransforms);
+ SaRespBfr->Des().SetLength(PropLth);
+
+ return SaRespBfr;
+}
+
+
+TBool Ikev2Proposal::GetSelectedProposalData(TIkev2SAData& aIkev2SaData,
+ TIkeV2IpsecSAData& aChildSaData,
+ const CIkev2Payloads& aAcceptedProp,
+ const TProposalIkev2& aProp)
+{
+ //
+ // Get IKE SA algorithm information from Transform payload which are
+ // marked to be "SELECTED"
+ //
+ TTransformIkev2* Transform;
+ TDataAttributes* Attribute;
+ TUint16 EncrAlg;
+ TInt KeyLth;
+ TUint8 ExistingTypes = 0;
+ TUint8 RequiredTypes;
+ TUint8 Protocol = aProp.GetProtocol();
+ switch ( Protocol )
+ {
+ case IKEV2_IPSEC_AH:
+ {
+ RequiredTypes = (1 << IKEV2_INTEG);
+ aChildSaData.iSaType = SADB_SATYPE_AH;
+ TUint32 spi = 0;
+ aProp.GetIpsecSPI(&spi);
+ aChildSaData.iSPI_Out = TPtrC8(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ }
+ break;
+ case IKEV2_IPSEC_ESP:
+ {
+ RequiredTypes = (1 << IKEV2_ENCR);
+ aChildSaData.iSaType = SADB_SATYPE_ESP;
+ TUint32 spi = 0;
+ aProp.GetIpsecSPI(&spi);
+ aChildSaData.iSPI_Out = TPtrC8(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ }
+ break;
+ default: //IKEV2_PROTOCOL:
+ RequiredTypes = ((1 << IKEV2_ENCR) | (1 << IKEV2_PRF) | (1 << IKEV2_INTEG) | (1 << IKEV2_DH));
+ break;
+ }
+
+ TInt TranCount = aAcceptedProp.iTrans->Count();
+
+ for ( TInt i = 0; i < TranCount; ++i )
+ {
+ Transform = (TTransformIkev2*)aAcceptedProp.iTrans->At(i);
+ if ( Transform->IsSelected() )
+ {
+ Transform->NotSelected(); // Reset private "selected" bit
+ switch ( Transform->GetType() )
+ {
+ case IKEV2_ENCR:
+ ExistingTypes |= (1 << IKEV2_ENCR);
+ EncrAlg = Transform->GetID();
+ if ( Protocol == IKEV2_PROTOCOL )
+ aIkev2SaData.iEncrAlg = EncrAlg;
+ else aChildSaData.iEncrAlg = EncrAlg;
+ if ( EncrAlg == ENCR_AES_CBC )
+ {
+ //
+ // Get encryption key length from attributes
+ // (or use default key length 128 bit)
+ //
+ if ( TPayloadIkev2::Cast(Transform)->GetLength() > Transform->Size() )
+ {
+ Attribute = Transform->Attributes();
+ KeyLth = (Attribute->GetValue() >> 3); // byte length
+ }
+ else KeyLth = 16; // default: 16 bytes = 128 bits
+ if ( Protocol == IKEV2_PROTOCOL )
+ aIkev2SaData.iCipherKeyLth = KeyLth;
+ else aChildSaData.iCipherKeyLth = KeyLth;
+ }
+ break;
+
+ case IKEV2_PRF:
+ ExistingTypes |= (1 << IKEV2_PRF);
+ if ( Protocol == IKEV2_PROTOCOL )
+ aIkev2SaData.iPRFAlg = Transform->GetID();
+ break;
+
+ case IKEV2_INTEG:
+ ExistingTypes |= (1 << IKEV2_INTEG);
+ if ( Protocol == IKEV2_PROTOCOL )
+ aIkev2SaData.iIntegAlg = Transform->GetID();
+ else aChildSaData.iIntegAlg = Transform->GetID();
+ break;
+
+ case IKEV2_DH:
+ ExistingTypes |= (1 << IKEV2_DH);
+ if ( Protocol == IKEV2_PROTOCOL )
+ aIkev2SaData.iDHGroup = Transform->GetID();
+ break;
+
+ case IKEV2_ESN:
+ ExistingTypes |= (1 << IKEV2_ESN);
+ if ( Protocol != IKEV2_PROTOCOL )
+ aChildSaData.iESN = (TUint8)Transform->GetID();
+ break;
+
+ default:
+ break;
+
+ }
+ }
+
+ }
+
+ return ((RequiredTypes & ExistingTypes) == RequiredTypes);
+}
+
+TBool Ikev2Proposal::VerifySaResponseL(TIkev2SAData& aIkeSaData,
+ TIkeV2IpsecSAData& aIpsecSaData,
+ const TDesC8& aReferenceSaData,
+ const CIkev2Payloads& aRespProp)
+{
+ //
+ // Verify content of an IKE SA response to proposed IKE SA transform
+ // list. The IKE SA proposal selected by peer MUST contain one
+ // proposal and transform selected from our SA proposal
+ //
+ if ( aRespProp.iProps->Count() != 1 )
+ return EFalse;
+
+ TBool Status = EFalse;
+ TPtrC8 unprocessedReferenceSaData(aReferenceSaData);
+
+ while(!Status && unprocessedReferenceSaData.Length() > 0)
+ {
+ TPayloadIkev2* referenceProposal = TPayloadIkev2::Cast(unprocessedReferenceSaData.Ptr());
+ CIkev2Payloads* OwnProp = CIkev2Payloads::NewL(referenceProposal, IKEV2_PAYLOAD_PROP, aIkeSaData);
+ CleanupStack::PushL(OwnProp);
+
+ //Something is seriously wrong, if we can't parse our own reference data
+ __ASSERT_DEBUG(OwnProp->Status() == KErrNone, User::Invariant());
+
+ TProposalIkev2* Prop = (TProposalIkev2*)aRespProp.iProps->At(0);
+ Status = Ikev2Proposal::VerifyProposaL(OwnProp, Prop, aIkeSaData);
+ if ( Status )
+ {
+ Status = Ikev2Proposal::GetSelectedProposalData(aIkeSaData, aIpsecSaData, aRespProp, *Prop);
+ }
+ CleanupStack::PopAndDestroy(OwnProp);
+ unprocessedReferenceSaData.Set(unprocessedReferenceSaData.Mid(referenceProposal->GetLength()));
+ }
+
+ return Status;
+}
+
+TBool Ikev2Proposal::VerifySaRequestAndGetProposedSaBufferL(TIkev2SAData& aIkeSaData,
+ TIkeV2IpsecSAData& aIpsecSaData,
+ const TDesC8& aReferenceSaData,
+ const CIkev2Payloads& aProposed,
+ HBufC8*& aProposedSaBuffer)
+{
+ __ASSERT_DEBUG(aReferenceSaData.Length() > 0, User::Invariant());
+
+
+ //
+ // Verify content of an IKE SA request against a reference
+ // proposals built according to the local policy.
+ //
+ if ( !aProposed.iSa )
+ return EFalse;
+
+ TBool Status = EFalse;
+ TPtrC8 unprocessedReferenceSaData(aReferenceSaData);
+ while (!Status && unprocessedReferenceSaData.Length() > 0)
+ {
+ TPayloadIkev2* referenceSa = TPayloadIkev2::Cast(unprocessedReferenceSaData.Ptr());
+ unprocessedReferenceSaData.Set(unprocessedReferenceSaData.Mid(referenceSa->GetLength()));
+ CIkev2Payloads* OwnProp = CIkev2Payloads::NewL(referenceSa, IKEV2_PAYLOAD_PROP, aIkeSaData);
+ //If we can't parse our own reference proposal something is seriously wrong.
+ __ASSERT_DEBUG(OwnProp->Status() == KErrNone, User::Invariant());
+ CleanupStack::PushL(OwnProp);
+
+
+ CIkev2Payloads* PeerProp = CIkev2Payloads::NewL((TPayloadIkev2*)aProposed.iSa, IKEV2_PAYLOAD_SA, aIkeSaData);
+ CleanupStack::PushL(PeerProp);
+ Status = (PeerProp->Status() == KErrNone);
+ if ( Status )
+ {
+ Status = EFalse;
+ TInt PropCount = PeerProp->iProps->Count();
+ for ( TInt i = 0; i < PropCount; ++i )
+ {
+ TProposalIkev2* Prop = (TProposalIkev2*)PeerProp->iProps->At(i);
+ Status = Ikev2Proposal::VerifyProposaL(OwnProp, Prop, aIkeSaData);
+ if ( Status )
+ {
+ //
+ // Build SA response payload and pick up algorithm
+ // information into negotiation object
+ //
+
+ HBufC8* SaRespBfr = NULL;
+ TRAPD(err, SaRespBfr = Ikev2Proposal::BuildSaResponseL(Prop, PeerProp));
+ if (err == KErrNone)
+ {
+ aProposedSaBuffer = SaRespBfr;
+ Status = Ikev2Proposal::GetSelectedProposalData(aIkeSaData, aIpsecSaData, *PeerProp, *Prop);
+ }
+ else
+ {
+ Status = EFalse;
+ }
+ break;
+ }
+ }
+ }
+ CleanupStack::PopAndDestroy(PeerProp);
+ CleanupStack::PopAndDestroy(OwnProp);
+ }
+ return Status;
+}
+
+TBool Ikev2Proposal::IkeSaRekey(CIkev2Payloads* aIkeMsg)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Check is the current IKE message an IKE SA rekey request
+ // Should be format: HDR(A,B), SK { SA, Ni, KEi }
+ // where proposal protcol should be IKEV2_PROTOCOL
+ //
+ TBool Status = EFalse;
+ if ( aIkeMsg->iProps->Count() && !aIkeMsg->iTsI && !aIkeMsg->iTsR )
+ {
+ TProposalIkev2* Prop = (TProposalIkev2*)aIkeMsg->iProps->At(0);
+ Status = (Prop->GetProtocol() == IKEV2_PROTOCOL);
+ }
+ return Status;
+}
+
+TBool Ikev2Proposal::GetRekeySpi(CIkev2Payloads* aIkeMsg, TIkeSPI& aSPI)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Get remote ends IKE SPI from the first Proposal of IKE message
+ //
+ TBool Status = EFalse;
+ if ( aIkeMsg->iProps->Count() )
+ {
+ TProposalIkev2* Proposal = (TProposalIkev2*)aIkeMsg->iProps->At(0);
+ if ( Proposal->GetSPISize() == IKEV2_SPI_SIZE )
+ {
+ Mem::Copy( (TUint8*)aSPI.Ptr(), Proposal->SPI(), IKEV2_SPI_SIZE);
+ Status = ETrue;
+ }
+ }
+ return Status;
+}
+
+void Ikev2Proposal::ChangeSpiInProposal(HBufC8* aSaBfr, TIkeSPI& aSPI)
+{
+ ASSERT(aSaBfr);
+ TProposalIkev2* Proposal = TProposalIkev2::Cast(aSaBfr->Ptr());
+ Mem::Copy(Proposal->SPI(), (TUint8*)aSPI.Ptr(), IKEV2_SPI_SIZE);
+}
+
+TBool Ikev2Proposal::VerifyProposaL(CIkev2Payloads* aReference, TProposalIkev2* aProposal, TIkev2SAData& aIkev2SaData)
+{
+ //
+ // Find a matching proposal for "candidate" from reference payload
+ // chain. This implementation does not support the AND of sequental
+ // proposals (for example proposal which defines (ESP and AH))
+ //
+ if ( !aProposal || !aReference || (aReference->iProps->Count() == 0) )
+ return EFalse;
+
+ CIkev2Payloads* Prop = CIkev2Payloads::NewL(TPayloadIkev2::Cast(aProposal), IKEV2_PAYLOAD_PROP, aIkev2SaData);
+ CleanupStack::PushL(Prop);
+ TBool Status = ( Prop->Status() == KErrNone );
+ if ( Status )
+ {
+
+ Status = EFalse;
+ TInt PropCount = aReference->iProps->Count();
+ TProposalIkev2* RefProp;
+
+ for ( TInt i = 0; i < PropCount; ++i )
+ {
+ RefProp = (TProposalIkev2*)aReference->iProps->At(i);
+ if ( !aReference->ParsePayloadL(TPayloadIkev2::Cast(RefProp), IKEV2_PAYLOAD_PROP ))// Transforms from Proposal
+ break;
+ if ( aReference->iTrans->Count() == 0 )
+ break;
+ if ( RefProp->GetProtocol() != aProposal->GetProtocol() )
+ continue;
+ //
+ // Compare transforms within proposals
+ //
+ Status = Ikev2Proposal::CompareTransforms(aReference->iTrans, Prop->iTrans);
+ if ( Status )
+ break; // Match found
+ }
+ }
+ CleanupStack::PopAndDestroy(Prop);
+
+ return Status;
+}
+
+TBool Ikev2Proposal::CompareTransforms(CArrayFixFlat<TTransformIkev2*>* aRefTrans,
+ CArrayFixFlat<TTransformIkev2*>* aTrans)
+{
+ ASSERT(aTrans && aRefTrans);
+ //
+ // "Select" matching transforms from transform list (aTrans).
+ // Transforms from aTrans array is marked "SELECTED" if there is a
+ // matching transform in aRefTrans array for existing transform
+ // types.
+ //
+ TUint8 TransType;
+ TTransformIkev2* Trans;
+ TTransformIkev2* RefTrans;
+ TDataAttributes* Attribute;
+
+ TInt TranCount2;
+ TUint16 Lth;
+ TUint8 ExistingTypes = 0;
+ TUint8 MatchingTypes = 0;
+ TInt TranCount = aTrans->Count();
+ TInt i;
+
+ for ( i = 0; i < TranCount; ++i )
+ {
+ Trans = aTrans->At(i);
+ TransType = Trans->GetType();
+ if ( (TransType < IKEV2_ENCR ) || (TransType > IKEV2_ESN) )
+ break; // Unknown transform type (error)
+
+ ExistingTypes |= (1 << TransType);
+ TranCount2 = aRefTrans->Count();
+
+ for ( TInt j = 0; j < TranCount2; ++j )
+ {
+ RefTrans = aRefTrans->At(j);
+
+ if ( (TransType != RefTrans->GetType()) || (Trans->GetID() != RefTrans->GetID()) )
+ continue;
+ //
+ // Matching transform type and ID. Check is there any
+ // attributes in transform (in this phase only IKEV2_ENCR
+ // transform type can contain an attribute AES key length)
+ //
+ Lth = TPayloadIkev2::Cast(Trans)->GetLength();
+ if ( Lth >= Trans->Size() )
+ {
+ if (( TransType == IKEV2_ENCR ) && (Trans->GetID() == ENCR_AES_CBC) )
+ {
+ TUint16 KeyLth = 128;
+ TUint16 RefKeyLth = 128;
+ if ( Lth > Trans->Size() )
+ {
+ Attribute = Trans->Attributes();
+ Lth = (TUint16)(Lth - Trans->Size());
+ if ( (Lth == Attribute->Size()) && Attribute->IsBasic() && (Attribute->GetType() == IKEV2_ENCR_KEY_LTH) )
+ KeyLth = Attribute->GetValue();
+ }
+ if ( TPayloadIkev2::Cast(RefTrans)->GetLength() > Trans->Size() )
+ {
+ Attribute = RefTrans->Attributes();
+ RefKeyLth = Attribute->GetValue();
+ }
+ if ( KeyLth != RefKeyLth )
+ continue; // Not matching attribute
+ }
+ }
+ //
+ // Mark current transform "SELECTED"
+ //
+ if ( (MatchingTypes & (1 << TransType) ) == 0 )
+ {
+ Trans->Selected();
+ MatchingTypes |= (1 << TransType);
+ }
+ break;
+ }
+ }
+
+ TBool Status = (ExistingTypes == MatchingTypes);
+ if ( !Status )
+ {
+ //
+ // No match ! Reset "SELECTED" indicator from transforms
+ //
+ i = 0;
+ while ( i < TranCount )
+ {
+ Trans = (TTransformIkev2*)aTrans->At(i);
+ Trans->NotSelected();
+ i ++;
+ }
+ }
+
+ return Status;
+
+}
+
+CIkeV2Identity* Ikev2Proposal::GetRemoteIdentityL(CIkeData* aHostData)
+{
+ ASSERT(aHostData);
+ CIkeV2Identity* identity = NULL;
+
+ if ( aHostData->iRemoteIdentity )
+ {
+ TPtrC16 idData = aHostData->iRemoteIdentity->GetData();
+ TUint8 idType = aHostData->iRemoteIdType;
+ if ( (idType == ID_IPV4_ADDR) || (idType == ID_IPV6_ADDR) )
+ {
+ //
+ // If configured remote id type is either IPv4- or IPv6 address
+ // convert ASCII format address data into hexa octet string IP
+ // address format: IPv4 address shall be represented as four
+ // octet string and Ipv6 address as 16 octet string
+ //
+ TInetAddr ipAddr;
+ if ( ipAddr.Input(idData) == KErrNone )
+ {
+ if ( idType == ID_IPV4_ADDR )
+ {
+ TUint32 ipv4 = ByteOrder::Swap32(ipAddr.Address());
+ TPtrC8 ipv4Ptr(reinterpret_cast<TUint8*>(&ipv4), sizeof(ipv4));
+ identity = CIkeV2Identity::NewL(idType, ipv4Ptr);
+ }
+ else
+ {
+ TPtrC8 IPv6Ptr(&ipAddr.Ip6Address().u.iAddr8[0], 16);
+ identity = CIkeV2Identity::NewL(idType, IPv6Ptr);
+ }
+ }
+ }
+ else
+ {
+ if ( (idType != ID_FQDN) && (idType != ID_RFC822_ADDR) )
+ {
+ idType = ID_FQDN; // Default
+ }
+
+ HBufC8* id = HBufC8::NewLC(idData.Length());
+ TPtr8 idPtr(id->Des());
+ idPtr.Copy(idData);
+ identity = CIkeV2Identity::NewL(idType, *id);
+ CleanupStack::PopAndDestroy(id);
+ }
+ }
+
+ return identity;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2receiver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,165 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Receiver of UDP datagrams
+*
+*/
+
+
+#include <in_sock.h>
+
+#include "ikedatainterface.h"
+#include "ikemsgheader.h"
+
+// CLASS HEADER
+#include "ikev2receiver.h"
+
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Receiver* CIkev2Receiver::NewL( MIkeDataInterface& aDataInterface,
+ MIkev2ReceiverCallback& aCallback )
+ {
+ CIkev2Receiver* self = new (ELeave) CIkev2Receiver( aDataInterface,
+ aCallback );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Receiver::~CIkev2Receiver()
+ {
+ StopReceive();
+
+ delete iUdpData;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Receiver::CIkev2Receiver( MIkeDataInterface& aDataInterface,
+ MIkev2ReceiverCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iUdpData( NULL ),
+ iDataInterface( aDataInterface ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::ConstructL()
+ {
+ StartReceive();
+ }
+
+// ---------------------------------------------------------------------------
+// Starts receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::StartReceive()
+ {
+ iReceivingData = ETrue;
+ DoReceive();
+ }
+
+// ---------------------------------------------------------------------------
+// Stops receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::StopReceive()
+ {
+ iReceivingData = EFalse;
+ Cancel();
+ iDataInterface.StopReceive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::RunL()
+ {
+ if ( iStatus.Int() == KErrNone )
+ {
+ __ASSERT_DEBUG( iUdpData != NULL,
+ User::Invariant() );
+
+ const ThdrISAKMP* ikeHdr = ThdrISAKMP::Ptr( iUdpData->Des() );
+ TInt msgLth = iUdpData->Length();
+
+ // Ignore possible <non-ESP marker> in the beginning of IKE message.
+ TUint32 ikeMsgHdrOctets = GET32( ikeHdr );
+ if ( ikeMsgHdrOctets == NON_ESP_MARKER )
+ {
+ ikeHdr = ikeHdr->GotoOffset( NON_ESP_MARKER_SIZE );
+ msgLth -= NON_ESP_MARKER_SIZE;
+ }
+
+ iCallback.IkeMsgReceived( *ikeHdr, iSrcAddr, iLocalPort );
+ }
+
+ delete iUdpData;
+ iUdpData = NULL;
+
+ if ( iStatus.Int() == KErrNone )
+ {
+ if ( iReceivingData )
+ {
+ // Continue receiving.
+ DoReceive();
+ }
+ }
+ else
+ {
+ iCallback.ReceiveError( iStatus.Int() );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of receive.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::DoCancel()
+ {
+ iDataInterface.CancelReceive();
+
+ delete iUdpData;
+ iUdpData = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Receives UDP data.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Receiver::DoReceive()
+ {
+ iDataInterface.ReceiveUdpData( iUdpData, iSrcAddr, iLocalPort, iStatus );
+ SetActive();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2retransmittimer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Timer to tricket IKE datagram resend, if do not obtain a reply
+*
+*/
+
+#include "ikev2retransmittimer.h"
+
+//The actual time out value is calculated:
+//timeout = send_attempt * KRetryTimeOutBaseMicroSeconds;
+//So the time out value increases by geometric serie,
+//not exponenially like recommended by the RFC
+static const TUint KRetryTimeOutBaseMicroSeconds = 1 * 1000000; //microseconds
+
+
+CIkev2RetransmitTimer* CIkev2RetransmitTimer::NewL( MIkev2RetransmitTimerCallback& aCallback )
+ {
+ CIkev2RetransmitTimer* self = new (ELeave) CIkev2RetransmitTimer( aCallback );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CIkev2RetransmitTimer::CIkev2RetransmitTimer( MIkev2RetransmitTimerCallback& aCallback )
+ : CTimer(EPriorityStandard),
+ iCallback(aCallback)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+CIkev2RetransmitTimer::~CIkev2RetransmitTimer()
+ {
+ Cancel();
+ }
+
+void CIkev2RetransmitTimer::IssueRequest( TUint16 aSendAttempt )
+ {
+ TTimeIntervalMicroSeconds32 interval = (aSendAttempt * KRetryTimeOutBaseMicroSeconds);
+ After(interval);
+ }
+
+void CIkev2RetransmitTimer::RunL()
+ {
+ iCallback.RetransmitRequest();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2sa.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,293 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 SA
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikev2SA.h"
+#include "ikepolparser.h"
+#include "ikev2ipsecsadata.h"
+#include "ikev2pluginsession.h"
+
+CIkev2SA* CIkev2SA::NewL(CIkev2PluginSession& aIkeV2PluginSession, TIkev2SAData& aIkev2SAdata, MIkeDebug& aDebug)
+{
+ CIkev2SA *sa = new (ELeave) CIkev2SA(aIkeV2PluginSession, aDebug);
+ sa->ConstructL(aIkev2SAdata);
+ return sa;
+}
+
+
+CIkev2SA::CIkev2SA(CIkev2PluginSession& aIkeV2PluginSession, MIkeDebug& aDebug)
+:CTimer(EPriorityStandard), iIkeV2PluginSession(aIkeV2PluginSession), iDebug(aDebug)
+{
+ CActiveScheduler::Add(this);
+}
+
+
+void CIkev2SA::ConstructL(TIkev2SAData& aIkev2SAdata)
+{
+ CTimer::ConstructL();
+ iIkeV2SaData.Copy(aIkev2SAdata);
+ //
+ // Calculate lifetime value for the new IKE SA
+ // The jitter value is adjusted from SA internal ID (SAId mod 8)
+ //
+ iRemainingTime = iIkeV2SaData.iLifetime + (iIkeV2SaData.SaId() % 8);
+ iIkeV2SaData.iSAState = KSaStateReady;
+
+ TInt DPDHeartbeat = 0;
+ if ( iIkeV2SaData.iIkeData->iDPDHeartBeat )
+ DPDHeartbeat = iIkeV2SaData.iIkeData->iDPDHeartBeat;
+
+ if ( DPDHeartbeat )
+ {
+ iIkeKeepAlive = CIkeV2KeepAlive::NewL(DPDHeartbeat, *this);
+ }
+
+ DEBUG_LOG2(_L("IKEv2 SA constructed, SAId: %d, Lifetime: %d"), iIkeV2SaData.SaId(), iRemainingTime);
+
+ StartTimer();
+}
+
+
+CIkev2SA::~CIkev2SA()
+{
+ if (IsActive())
+ Cancel();
+ PurgeIpsecDataQue();
+ iIkeV2SaData.CleanUp();
+ delete iIkeKeepAlive;
+}
+
+
+void CIkev2SA::DoCancel()
+{
+ CTimer::DoCancel();
+}
+
+void CIkev2SA::UpdateL(TIkev2SAData* aIkev2SAdata, TIkeV2IpsecSAData* aIpsecSAdata)
+{
+ DEBUG_LOG(_L("CIkev2SA::UpdateL"));
+
+ if ( aIkev2SAdata )
+ {
+ //
+ // Update IKE Sa data information and reset/restart IKE SA lifetime
+ //
+ iIkeV2SaData.Copy(*aIkev2SAdata);
+ iIkeV2SaData.iSAState = KSaStateReady;
+ }
+ if ( aIpsecSAdata )
+ {
+ //
+ // Link an Ipsec SA pair information into IKE SA
+ //
+ TIkeV2IpsecSAData* IpsecSA = new (ELeave) TIkeV2IpsecSAData(iDebug);
+ IpsecSA->Copy(*aIpsecSAdata);
+ LinkIpsecSa(IpsecSA);
+ DEBUG_LOG3(_L("Ipsec SA added into IKE SA, SAId: %d, In SPI: %d, Out SPI: %d"),
+ iIkeV2SaData.SaId(), &aIpsecSAdata->iSPI_In, &aIpsecSAdata->iSPI_Out);
+ }
+}
+
+TBool CIkev2SA::RemoteAddrChanged(TInetAddr& aNewIp)
+{
+
+#if __DEBUG
+ TBuf<40> txt_addr;
+ aNewIp.OutputWithScope(txt_addr);
+ DEBUG_LOG2(_L("Remote IP changed IKE SA: %d, new address %S"), iIkeV2SaData.SaId(), &txt_addr);
+#endif //__DEBUG
+ aNewIp = aNewIp; //To silence UREL warnings: contents of DEB macro invisible in UREL builds
+
+ return ETrue;
+}
+
+
+TIkeV2IpsecSAData* CIkev2SA::RemoveIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi)
+{
+ return FindIpsecSaData(aInSpi, aOutSpi, ETrue);
+}
+
+
+TIkeV2IpsecSAData* CIkev2SA::FindIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi, TBool aRemove)
+{
+
+ __ASSERT_DEBUG( aInSpi.Length() == 4 || aInSpi.Length() == 0, User::Invariant() );
+ __ASSERT_DEBUG( aOutSpi.Length() == 4 || aOutSpi.Length() == 0, User::Invariant() );
+ __ASSERT_DEBUG( aInSpi.Length() != 0 || aOutSpi.Length() != 0, User::Invariant() );
+
+ TInt Found = 0;
+ if ( aInSpi.Length() > 0 )
+ Found ++;
+ if ( aOutSpi.Length() > 0 )
+ Found ++;
+ if ( Found == 0 )
+ return NULL;
+
+ TInt Match;
+ TIkeV2IpsecSAData* Prev = NULL;
+ TIkeV2IpsecSAData* Sa = iIpsecSaQue;
+
+ while ( Sa )
+ {
+ Match = 0;
+ if ( aInSpi.Length() > 0 && (aInSpi.Compare(Sa->iSPI_In) == 0))
+ Match ++;
+ if ( aOutSpi.Length() > 0 && (aOutSpi.Compare(Sa->iSPI_Out) == 0) )
+ Match ++;
+ if ( Match == Found )
+ {
+ if ( aRemove )
+ {
+ if ( Prev )
+ Prev->iNext = Sa->iNext;
+ else iIpsecSaQue = Sa->iNext;
+ }
+ break;
+ }
+ Prev = Sa;
+ Sa = Sa->iNext;
+ }
+ return Sa;
+}
+
+void CIkev2SA::DeleteIpsecSaData(const TDesC8& aInSpi, const TDesC8& aOutSpi)
+{
+ TIkeV2IpsecSAData* SaData = FindIpsecSaData(aInSpi, aOutSpi, ETrue);
+ if ( SaData )
+ {
+ SaData->PurgeKeyMaterial();
+ SaData->DeleteRekeyData();
+ DeleteIpsecSas(SaData);
+ delete SaData;
+ }
+}
+
+void CIkev2SA::LinkIpsecSa(TIkeV2IpsecSAData* aSa)
+{
+ ASSERT(aSa);
+ aSa->iNext = iIpsecSaQue;
+ iIpsecSaQue = aSa;
+}
+
+void CIkev2SA::PurgeIpsecDataQue()
+{
+
+ TIkeV2IpsecSAData* Sa = iIpsecSaQue;
+ while ( iIpsecSaQue )
+ {
+ iIpsecSaQue = Sa->iNext;
+ Sa->PurgeKeyMaterial();
+ Sa->DeleteRekeyData();
+ DeleteIpsecSas(Sa);
+ delete Sa;
+ Sa = iIpsecSaQue;
+ }
+}
+
+void CIkev2SA::DeleteIpsecSas(TIkeV2IpsecSAData* aSa)
+{
+ ASSERT(aSa);
+ TInetAddr LocalAddr;
+ if ( aSa->iSrcSpecific )
+ LocalAddr = iIkeV2SaData.iLocalAddr;
+ else LocalAddr.Init(0);
+ LocalAddr.SetPort(0);
+ TInetAddr RemoteAddr = iIkeV2SaData.iRemoteAddr;
+ RemoteAddr.SetPort(0);
+ if ( aSa->iSPI_In.Length() > 0 )
+ {
+ TUint32 spi;
+ TPtr8 spiPtr(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ spiPtr = aSa->iSPI_In;
+ iIkeV2PluginSession.DeleteIpsecSA(spi, RemoteAddr, LocalAddr, aSa->iSaType);
+ }
+ if ( aSa->iSPI_Out.Length() > 0 )
+ {
+ TUint32 spi;
+ TPtr8 spiPtr(reinterpret_cast<TUint8*>(&spi), sizeof(spi));
+ spiPtr = aSa->iSPI_Out;
+ iIkeV2PluginSession.DeleteIpsecSA(spi, LocalAddr, RemoteAddr, aSa->iSaType);
+ }
+}
+
+
+void CIkev2SA::RunL()
+{
+ //
+ // If IKE SA lifetime expired, delete IKE SA if there is no
+ // active IPSEC SA:s alive. If there is rekey IKE SA.
+ //
+ DEBUG_LOG2(_L("CIkev2SA::RunL, SAId=%d, remaining time=%d"),
+ iIkeV2SaData.SaId(), iRemainingTime );
+ if (iRemainingTime == 0)
+ {
+ if ( iIpsecSaQue )
+ {
+ iIkeV2PluginSession.RekeyIkeSAL(&iIkeV2SaData);
+ }
+ else
+ {
+ iIkeV2PluginSession.DeleteIkeSAL(&iIkeV2SaData, ETrue); // "Normal" close
+ }
+ }
+ else StartTimer();
+
+}
+
+void CIkev2SA::StartTimer()
+{
+ if (iRemainingTime > KMaxTInt/SECOND) //To avoid overflowing the Timer
+ {
+ iRemainingTime -= KMaxTInt/SECOND;
+ After(KMaxTInt);
+ }
+ else //No overflow
+ {
+ After(iRemainingTime*SECOND);
+ iRemainingTime = 0;
+ }
+}
+
+
+void CIkev2SA::EventHandlerL()
+{
+ //
+ // The implementation for class MDpdHeartBeatEventHandler virtual function
+ // This method is called by an CIkeKeepAlive object instance when
+ // DPD heartbeat timeout has elapsed.
+ //
+ iIkeV2PluginSession.KeepAliveIkeSAL(&iIkeV2SaData);
+}
+
+
+TIkeV2IpsecSAData* CIkev2SA::GetIpsecSaQue()
+{
+ TIkeV2IpsecSAData* Que = iIpsecSaQue;
+ iIpsecSaQue = NULL;
+ return Que;
+}
+
+
+void CIkev2SA::SetIpsecSaQue(TIkeV2IpsecSAData* aQue)
+{
+ if (aQue != NULL)
+ {
+ LinkIpsecSa(aQue);
+ }
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2sadata.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,259 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKEv2 SA data definition
+* Class TIkev2SAData is the IKEv2 SA parameter definition which
+* is used to pass SA information between IKE server and IKEv2
+* plug-in.
+*
+*/
+
+#include "ikev2SAdata.h"
+#include "ikecrypto.h"
+#include "ikev2const.h"
+
+TIkev2SAData::TIkev2SAData()
+://iSAId(0),
+ iSPI_I(),
+ iSPI_R(),
+ iSAState(0),
+ iInitiator(EFalse),
+ iIkeData(NULL),
+ iVpnIapId(0),
+ iLocalAddr(),
+ iVirtualAddr(),
+ iRemoteAddr(),
+ iDestinAddr(),
+ iNATFlags(0),
+ iFloatedPort(EFalse),
+ iWindowSize(0),
+ iRespRetryCount(0),
+ iEncrAlg(0),
+ iPRFAlg(0),
+ iIntegAlg(0),
+ iDHGroup(0),
+ iEAPType(0),
+ iAuthMethod(0),
+ iLifetime(0),
+ iCipherKeyLth(0),
+ iCipherBlkLth(0),
+ iIntChkSumLth(0),
+ iMobikeUsed(EFalse)
+ {
+ iSPI_I.SetLength(iSPI_I.MaxLength());
+ iSPI_I.FillZ();
+
+ iSPI_R.SetLength(iSPI_R.MaxLength());
+ iSPI_R.FillZ();
+ }
+
+
+void TIkev2SAData::CleanUp()
+ {
+ FreeRespMsg();
+ FreeRequestMsg();
+ }
+
+
+void TIkev2SAData::FreeRespMsg()
+ {
+ delete iLastResponse;
+ iLastResponse = NULL;
+ }
+
+
+void TIkev2SAData::FreeRequestMsg()
+ {
+ delete iLastRequest;
+ iLastRequest = NULL;
+ }
+
+
+void TIkev2SAData::StoreVirtualIp(const TInetAddr& aVirtualAddr)
+ {
+ iVirtualAddr = aVirtualAddr;
+ }
+
+
+void TIkev2SAData::SaveRespMsg(CIkeV2Message* aRespMsg)
+ {
+ FreeRespMsg();
+ iLastResponse = aRespMsg;
+ }
+
+
+void TIkev2SAData::SaveRequestMsg(CIkeV2Message* aRequestMsg)
+ {
+ FreeRequestMsg();
+ iLastRequest = aRequestMsg;
+ }
+
+
+void TIkev2SAData::Copy(TIkev2SAData& aSrc)
+ {
+ TInetAddr savedVirtualAddr = iVirtualAddr;
+ CIkeV2Message* savedLastResponse = iLastResponse;
+ CIkeV2Message* savedLastRequest = iLastRequest;
+
+ Mem::Copy((TUint8*)&iSAId, (TUint8*)&aSrc.iSAId, sizeof(TIkev2SAData));
+
+ if (iLastResponse != NULL)
+ {
+ delete savedLastResponse;
+ aSrc.iLastResponse = NULL;
+ }
+ else
+ {
+ iLastResponse = savedLastResponse;
+ }
+
+ if (iLastRequest != NULL)
+ {
+ delete savedLastRequest;
+ aSrc.iLastRequest = NULL;
+ }
+ else
+ {
+ iLastRequest = savedLastRequest;
+ }
+
+ if ( iVirtualAddr.IsUnspecified() )
+ iVirtualAddr = savedVirtualAddr;
+ }
+
+
+TUint32 TIkev2SAData::SaId() const
+ {
+ return iSAId;
+ }
+
+
+void TIkev2SAData::SetSaId(TUint32 aSaId)
+ {
+ iSAId = aSaId;
+ }
+
+
+TIkeSPI& TIkev2SAData::SpiI()
+ {
+ return iSPI_I;
+ }
+
+
+void TIkev2SAData::SetSpiI(const TIkeSPI& aSpiI)
+ {
+ iSPI_I = aSpiI;
+ }
+
+
+TIkeSPI& TIkev2SAData::SpiR()
+ {
+ return iSPI_R;
+ }
+
+
+void TIkev2SAData::SetSpiR(const TIkeSPI& aSpiR)
+{
+ iSPI_R = aSpiR;
+}
+
+void TIkev2SAData::GenerateIkeKeyDerivatesL(const TDesC8& aSKEYSEED,TUint16 aPrfAlg,
+ const TDesC8& aNonceI, const TDesC8& aNonceR)
+{
+ //
+ // Generate IKE keying information from SKEYDSEED (its
+ // derivates).
+ // SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr
+ // = prf+ (SKEYSEED, Ni | Nr | SPIi | SPIr )
+ // Since the amount of keying material needed may be greater than
+ // the size of the output of the prf algorithm prf+ is used as
+ // follows prf+ (SKEYSEED,S) = T1 | T2 | T3 | T4 | ...
+ // where: T1 = prf (SKEYSEED, S | 0x01)
+ // T2 = prf (SKEYSEED, T1 | S | 0x02) ..
+ // TN = prf (SKEYSEED, TN-1 | S | 0xN ) ;[ N < 256 ]
+ // Calculate first required key material length:
+ // Length of SK_d = Length of PRF algorithm output
+ // Length of SK_ai and SK_ar = Length of integrity algorithm key
+ // Length of SK_ei and SK_er = Length of cipher algorithm key
+ // Length of SK_pi and SK_pr = Length of PRF output
+ //
+ TInt EncKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_ENCR, iEncrAlg, &iCipherBlkLth);
+ if ( iCipherKeyLth == 0 )
+ iCipherKeyLth = EncKeyLth;
+ TInt IntKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_INTEG, iIntegAlg, &iIntChkSumLth);
+ TInt PrfKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_PRF, iPRFAlg, NULL);
+ TInt KeyMatLth = 2*iCipherKeyLth + 2*IntKeyLth + 3*PrfKeyLth;
+ HBufC8* S = HBufC8::NewL(aNonceI.Length() + aNonceR.Length() + 2*IKEV2_SPI_SIZE);
+ CleanupStack::PushL(S);
+ //
+ // Copy value S = (Ni | Nr | SPIi | SPIr) into work buffer S
+ //
+ S->Des().Copy(aNonceI);
+ S->Des().Append(aNonceR);
+ S->Des().Append(SpiI());
+ S->Des().Append(SpiR());
+
+ HBufC8* KeyMat = IkeCrypto::GenerateKeyingMaterialL(aSKEYSEED, S->Des(), KeyMatLth, aPrfAlg);
+ //
+ // Store derived key material into negotiation object in the
+ // following order: Key material =
+ // SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr
+ //
+ TUint8* KeyMatBfr = (TUint8*)KeyMat->Ptr(); // Keymaterial buffer start
+ iSK_d.Copy(KeyMatBfr, PrfKeyLth);
+ KeyMatBfr += PrfKeyLth;
+ iSK_ai.Copy(KeyMatBfr,IntKeyLth );
+ KeyMatBfr += IntKeyLth;
+ iSK_ar.Copy(KeyMatBfr, IntKeyLth);
+ KeyMatBfr += IntKeyLth;
+ iSK_ei.Copy(KeyMatBfr, iCipherKeyLth);
+ KeyMatBfr += iCipherKeyLth;
+ iSK_er.Copy(KeyMatBfr, iCipherKeyLth);
+ KeyMatBfr += iCipherKeyLth;
+ iSK_pi.Copy(KeyMatBfr,PrfKeyLth );
+ KeyMatBfr += PrfKeyLth;
+ iSK_pr.Copy(KeyMatBfr, PrfKeyLth);
+
+ KeyMat->Des().FillZ(); // Wipe out key material (T1 | T2 | ...) data from buffer
+ delete KeyMat;
+
+ CleanupStack::PopAndDestroy(); //S
+}
+
+
+TUint32 TIkev2SAData::NextRequestId() const
+{
+ TUint32 msgId = 0;
+ if(iLastRequest != NULL)
+ {
+ msgId = iLastRequest->MessageId() + 1;
+ }
+ return msgId;
+}
+
+
+TUint32 TIkev2SAData::ExpectedResponseId() const
+{
+ __ASSERT_DEBUG(iLastRequest != NULL, User::Invariant());
+ return iLastRequest->MessageId();
+}
+
+TUint32 TIkev2SAData::ExpectedRequestId() const
+{
+ TUint32 msgId = 0;
+ if(iLastResponse != NULL)
+ {
+ msgId = iLastResponse->MessageId() + 1;
+ }
+ return msgId;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2sender.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,101 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Sender of UDP datagrams
+*
+*/
+
+
+#include <in_sock.h>
+
+#include "ikedatainterface.h"
+
+// CLASS HEADER
+#include "ikev2sender.h"
+
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Sender* CIkev2Sender::NewL( MIkeDataInterface& aDataInterface,
+ MIkev2SenderCallback& aCallback )
+ {
+ CIkev2Sender* self = new (ELeave) CIkev2Sender( aDataInterface,
+ aCallback );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Sender::~CIkev2Sender()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkev2Sender::CIkev2Sender( MIkeDataInterface& aDataInterface,
+ MIkev2SenderCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iDataInterface( aDataInterface ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Sends IKE message.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Sender::SendIkeMsg( TInt aLocalPort,
+ TInetAddr& aDestAddr,
+ TUint8 aDscp,
+ const TDesC8& aIkeMsg )
+ {
+ Cancel();
+ iDataInterface.SendUdpData( aLocalPort,
+ aDestAddr,
+ aIkeMsg,
+ aDscp,
+ iStatus );
+ SetActive();
+ }
+
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of sending.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Sender::RunL()
+ {
+ iCallback.SendIkeMsgCompleted( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of sending.
+// ---------------------------------------------------------------------------
+//
+void CIkev2Sender::DoCancel()
+ {
+ iDataInterface.CancelSend();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ikev2trafficselector.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,384 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+#include "ikev2trafficselector.h"
+#include "ikev2const.h"
+#include "ikev2payloads.h"
+
+TIkeV2TrafficSelector* TIkeV2TrafficSelector::NewL(const TDesC8& aIkeV2TrafficSector)
+ {
+ static const TUint16 KIpv4SelectorLength = 16;
+ static const TUint16 KIpv6SelectorLength = 48;
+
+ if (aIkeV2TrafficSector.Length() != KIpv4SelectorLength &&
+ aIkeV2TrafficSector.Length() != KIpv6SelectorLength)
+ {
+ User::Leave(KErrArgument);
+ }
+
+
+ const TTrafficSelector* selector =
+ reinterpret_cast<const TTrafficSelector*>(aIkeV2TrafficSector.Ptr());
+
+
+ TInetAddr startAddr;
+ TInetAddr endAddr;
+
+ const TUint8* addresses = selector->Addresses();
+ if ( selector->Type() == TS_IPV4_ADDR_RANGE )
+ {
+ if (aIkeV2TrafficSector.Length() != KIpv4SelectorLength)
+ {
+ User::Leave(KErrArgument);
+ }
+ TUint32 startA = *(reinterpret_cast<const TUint32*>(addresses));
+ TUint32 endA = *(reinterpret_cast<const TUint32*>(addresses + 4));
+
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&startA), startA);
+ BigEndian::Put32(reinterpret_cast<TUint8*>(&endA), endA);
+
+ startAddr.SetAddress(startA);
+ endAddr.SetAddress(endA);
+
+ }
+ else
+ {
+ if (aIkeV2TrafficSector.Length() != KIpv6SelectorLength ||
+ selector->Type() != TS_IPV6_ADDR_RANGE)
+ {
+ User::Leave(KErrArgument);
+ }
+ TIp6Addr startA;
+ TIp6Addr endA;
+
+ Mem::Copy(startA.u.iAddr8, addresses, 16);
+ Mem::Copy(endA.u.iAddr8, addresses+16, 16);
+
+ startAddr.SetAddress(startA);
+ endAddr.SetAddress(endA);
+ }
+
+ TUint16 startPort = selector->StartPort();
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&startPort), startPort);
+ startAddr.SetPort(startPort);
+
+ TUint16 endPort = selector->EndPort();
+ BigEndian::Put16(reinterpret_cast<TUint8*>(&endPort), endPort);
+ endAddr.SetPort(endPort);
+
+ return new (ELeave) TIkeV2TrafficSelector(startAddr, endAddr, selector->Protocol());
+ }
+
+
+TIkeV2TrafficSelector::TIkeV2TrafficSelector(TInetAddr aStartingAddress, TInetAddr aEndingAddress, TUint8 aProtocolId)
+:iStartingAddress(aStartingAddress), iEndingAddress(aEndingAddress), iProtocolId(aProtocolId)
+ {
+ __ASSERT_DEBUG(iStartingAddress.Family() == iEndingAddress.Family() &&
+ iStartingAddress.IsV4Compat() == iEndingAddress.IsV4Compat() &&
+ iStartingAddress.IsV4Mapped() == iEndingAddress.IsV4Mapped(), User::Invariant());
+
+ iMask = CalcuateMask();
+ }
+
+
+TIkeV2TrafficSelector::TIkeV2TrafficSelector(const TIkeV2TrafficSelector& aTrafficSelector)
+ {
+ iStartingAddress = aTrafficSelector.iStartingAddress;
+ iEndingAddress = aTrafficSelector.iEndingAddress;
+
+ iProtocolId = aTrafficSelector.iProtocolId;
+
+ __ASSERT_DEBUG(iStartingAddress.Family() == iEndingAddress.Family() &&
+ iStartingAddress.IsV4Compat() == iEndingAddress.IsV4Compat() &&
+ iStartingAddress.IsV4Mapped() == iEndingAddress.IsV4Mapped(), User::Invariant());
+ iMask = CalcuateMask();
+ }
+
+
+TInetAddr TIkeV2TrafficSelector::StartingAddress() const
+ {
+ return iStartingAddress;
+ }
+
+
+TInetAddr TIkeV2TrafficSelector::EndingAddress() const
+ {
+ return iEndingAddress;
+ }
+
+TInetAddr TIkeV2TrafficSelector::Mask() const
+ {
+ return iMask;
+ }
+
+TUint8 TIkeV2TrafficSelector::ProtocolId() const
+ {
+ return iProtocolId;
+ }
+
+TUint8 TIkeV2TrafficSelector::Type() const
+ {
+ __ASSERT_DEBUG(iStartingAddress.Family() == iEndingAddress.Family() &&
+ iStartingAddress.IsV4Compat() == iEndingAddress.IsV4Compat() &&
+ iStartingAddress.IsV4Mapped() == iEndingAddress.IsV4Mapped(), User::Invariant());
+
+ if (iStartingAddress.Family() == KAfInet ||
+ iStartingAddress.IsV4Compat() ||
+ iStartingAddress.IsV4Mapped())
+ {
+ return TS_IPV4_ADDR_RANGE;
+ }
+ else
+ {
+ return TS_IPV6_ADDR_RANGE;
+ }
+ }
+
+
+HBufC8* TIkeV2TrafficSelector::IdFromTsL() const
+ {
+ TInetAddr idAddr = iStartingAddress;
+ idAddr.SetPort(0);
+ TInt prefix = 0;
+ if (Type() == TS_IPV4_ADDR_RANGE)
+ {
+ TUint32 startIp = iStartingAddress.Address();
+ TUint32 endIp = iEndingAddress.Address();
+ TUint32 mask = ~(endIp ^ startIp);
+ TUint32 m = 1;
+ while ( prefix < 32 )
+ {
+ if ( mask & ( m << prefix) )
+ break;
+ prefix ++;
+ }
+ prefix = 32 - prefix;
+ idAddr = TInetAddr(startIp);
+ }
+ else
+ {
+ prefix = 128; // NOT IMPLEMENTED YET
+ }
+
+ HBufC* idString = HBufC::NewLC(512);
+ TPtr idStringPtr = idString->Des();
+ idAddr.Output(idStringPtr);
+ idStringPtr.AppendFormat(_L("/%d"), prefix);
+
+ HBufC8* idString8 = HBufC8::NewL(idString->Length());
+ TPtr8 idString8Ptr = idString8->Des();
+ idString8Ptr.Copy(*idString);
+ CleanupStack::PopAndDestroy(idString);
+
+ return idString8;
+ }
+
+TInetAddr TIkeV2TrafficSelector::CalcuateMask() const
+ {
+ TInetAddr mask;
+ if ( Type() == TS_IPV4_ADDR_RANGE )
+ {
+ TUint32 A = iStartingAddress.Address();
+ TUint32 M = iEndingAddress.Address();
+ TUint32 X = 0x80000000;
+ TUint32 Y = 0;
+ M = ~(A ^ M); //Gets the bits that are 1 in both addresses
+ for ( TInt i = 0; i < 32; ++i )
+ {
+ if ( (M & X) == 0 )
+ {
+ M &= Y;
+ break;
+ }
+ Y |= X;
+ X = (X >> 1);
+ }
+ mask.SetAddress(M);
+ }
+ else
+ {
+ TIp6Addr startAddr = iStartingAddress.Ip6Address();
+ TIp6Addr endAddr = iEndingAddress.Ip6Address();
+ TIp6Addr m;
+ Mem::FillZ(m.u.iAddr8, 16);
+
+ TUint8 c = 0xff;
+ for ( TInt i = 0; i < 16; ++i )
+ {
+ if ( c == 0xff )
+ c = (TUint8)(~(startAddr.u.iAddr8[i] ^ endAddr.u.iAddr8[i])); // Convert range to mask
+ if ( (c != 0) && (c != 0xff) )
+ {
+ TUint8 z = 0x80;
+ TUint8 w = 0;
+ for ( TInt j = 0; j < 8; ++j )
+ {
+ if ( (c & z) == 0 )
+ {
+ c &= w;
+ break;
+ }
+ w |= z;
+ z = (TUint8)(z >> 1);
+ }
+ m.u.iAddr8[i] = c;
+ c = 0;
+ }
+ else
+ {
+ m.u.iAddr8[i] = c;
+ }
+ }
+ mask.SetAddress(m);
+ }
+ return mask;
+ }
+
+bool TIkeV2TrafficSelector::operator>(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ if (Type() != aOtherSelector.Type())
+ {
+ //types do not match.
+ return false;
+ }
+
+ if (operator==(aOtherSelector))
+ {
+ //selectors are equal
+ return false;
+ }
+
+ return operator>=(aOtherSelector);
+ }
+
+
+bool TIkeV2TrafficSelector::operator<(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ if (operator==(aOtherSelector))
+ {
+ //selectors are equal
+ return false;
+ }
+
+ //The operator
+ return operator<=(aOtherSelector);
+ }
+
+bool TIkeV2TrafficSelector::operator!=(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ return !operator==(aOtherSelector);
+ }
+
+bool TIkeV2TrafficSelector::operator==(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ return (iStartingAddress == aOtherSelector.iStartingAddress &&
+ iEndingAddress == aOtherSelector.iEndingAddress);
+ }
+
+bool TIkeV2TrafficSelector::operator>=(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ if (Type() != aOtherSelector.Type())
+ {
+ //types do not match.
+ return false;
+ }
+
+ if (operator==(aOtherSelector))
+ {
+ //selectors are equal
+ return true;
+ }
+
+ return !operator<(aOtherSelector);
+ }
+
+bool TIkeV2TrafficSelector::operator<=(const TIkeV2TrafficSelector& aOtherSelector) const
+ {
+ if (Type() != aOtherSelector.Type())
+ {
+ //types do not match.
+ return false;
+ }
+
+ if (operator==(aOtherSelector))
+ {
+ //selectors are equal
+ return true;
+ }
+
+ if (iStartingAddress.Port() < aOtherSelector.iStartingAddress.Port() ||
+ iEndingAddress.Port() > aOtherSelector.iEndingAddress.Port())
+ {
+ //Port range of this is bigger
+ return false;
+ }
+
+ if (Type() == TS_IPV4_ADDR_RANGE)
+ {
+ if (iStartingAddress.Address() >= aOtherSelector.iStartingAddress.Address() &&
+ iEndingAddress.Address() <= aOtherSelector.iEndingAddress.Address())
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ else
+ {
+ __ASSERT_DEBUG(Type() == TS_IPV6_ADDR_RANGE, User::Invariant());
+
+ const TIp6Addr& thisStart = iStartingAddress.Ip6Address();
+ const TIp6Addr& thisEnd = iEndingAddress.Ip6Address();
+
+ const TIp6Addr& otherStart = aOtherSelector.iStartingAddress.Ip6Address();
+ const TIp6Addr& otherEnd = aOtherSelector.iEndingAddress.Ip6Address();
+
+ TInt i;
+ for (i = 0; i < 4; i++)
+ {
+ if (thisStart.u.iAddr32[i] > otherStart.u.iAddr32[i])
+ {
+ //this start address is bigger
+ break;
+ }
+ else if (thisStart.u.iAddr32[i] < otherStart.u.iAddr32[i])
+ {
+ //this start address is smaller.
+ return false;
+ }
+ }
+
+ for (i = 0; i < 4; i++)
+ {
+ if (thisEnd.u.iAddr32[i] < otherEnd.u.iAddr32[i])
+ {
+ //this end address is smaller
+ break;
+ }
+ else if (thisEnd.u.iAddr32[i] > otherEnd.u.iAddr32[i])
+ {
+ //this end address is bigger
+ return false;
+ }
+ }
+ return true;
+ }
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ipsecproposal.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,326 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Ipsec Proposal handling
+*
+*/
+#include <ipsecpolapi.h>
+#include "ikedebug.h"
+#include "ipsecproposal.h"
+#include "ikev2proposal.h"
+#include "ikev2payloads.h"
+#include "ikemsgrec.h"
+#include "ikev2const.h"
+#include <networking/pfkeyv2.h>
+#include "pfkeymsg.h"
+#include "ipsecsalist.h"
+
+HBufC8* IpsecProposal::BuildIpsecSaRequestL(const TPfkeyMessage& aPfkeyMessage, TUint16 aDHGroup)
+{
+ return BuildIpsecSaRequestL(aPfkeyMessage.iBase.iMsg->sadb_msg_satype,
+ aPfkeyMessage.iProposal.iComb->sadb_comb_encrypt,
+ aPfkeyMessage.iProposal.iComb->sadb_comb_encrypt_maxbits,
+ aPfkeyMessage.iProposal.iComb->sadb_comb_auth,
+ aPfkeyMessage.iProposal.iComb->sadb_comb_flags,
+ aDHGroup);
+}
+
+
+HBufC8* IpsecProposal::BuildIpsecSaRequestL(const TUint8 aSaType, const TUint8 aEncryptAlg,
+ const TUint16 aEncryptMaxbits,
+ const TUint8 aAuthAlg, const TUint16 aFlags,
+ TUint16 aDHGroup)
+{
+ //
+ // Build Ipsec SA proposal from PFKEY acquire primitive policy data
+ // In this phase PFKEY Aqcuire contains only one proposal
+ // (transform)
+ //
+ HBufC8* proposal = HBufC8::NewL(1024);
+
+ TUint8 TransCnt = 0;
+ TBool IntegAlg = EFalse;
+ TUint16 SaLth = 0;
+ TUint16 TranLth = 0;
+ TUint16 PropLth = 0;
+
+ TProposalIkev2* Proposal = TProposalIkev2::Cast(const_cast<TUint8*>(proposal->Ptr()));
+ TTransformIkev2* Transform = NULL;
+ TDataAttributes* Attributes;
+
+ TPayloadIkev2::Cast(Proposal)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Proposal)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ Proposal->SetNum(1);
+ Proposal->SetSPISize(4); // SPI value shall be added later to proposal
+ PropLth = (TUint16)Proposal->PropHdrLth();
+
+ switch ( aSaType )
+ {
+ case SADB_SATYPE_AH:
+ Proposal->SetProtocol(IKEV2_IPSEC_AH);
+ IntegAlg = ETrue;
+ break;
+
+ case SADB_SATYPE_ESP:
+ TransCnt ++;
+ Proposal->SetProtocol(IKEV2_IPSEC_ESP);
+ Transform = Proposal->TransformPl();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetReserved();
+ Transform->SetType(IKEV2_ENCR); // Encryption Algorithm transform (1)
+ TranLth = (TUint16)Transform->Size();
+
+ switch ( aEncryptAlg )
+ {
+ case ENCR_DES:
+ Transform->SetID(ENCR_DES);
+ break;
+
+ case ENCR_3DES:
+ Transform->SetID(ENCR_3DES);
+ break;
+
+ case ENCR_NULL:
+ Transform->SetID(ENCR_NULL);
+ break;
+
+ case ENCR_AES_CBC:
+ Transform->SetID(ENCR_AES_CBC);
+ //
+ // Variable key length algorithm. Get key length
+ // attribute to transform data.
+ //
+ Attributes = Transform->Attributes();
+ Attributes->SetType(IKEV2_ENCR_KEY_LTH);
+ Attributes->SetBasic();
+ if ( aEncryptMaxbits )
+ Attributes->SetValue(aEncryptMaxbits);
+ else Attributes->SetValue(128); //default AES key size
+ TranLth = (TUint16)(TranLth + Attributes->Size());
+ break;
+
+ default:
+ User::Leave(KErrNotSupported);
+ break;
+ }
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+ if ( aAuthAlg != SADB_AALG_NONE )
+ IntegAlg = ETrue;
+ break;
+
+ default:
+ User::Leave(KErrNotSupported);
+ break;
+ }
+
+ if ( IntegAlg )
+ {
+ TransCnt ++;
+ if ( Transform )
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ else Proposal->TransformPl();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetType(IKEV2_INTEG); // Integrity Algorithm transform
+ Transform->SetReserved();
+ TranLth = (TUint16)Transform->Size();
+ switch ( aAuthAlg )
+ {
+ case SADB_AALG_MD5HMAC:
+ Transform->SetID(AUTH_HMAC_MD5_96);
+ break;
+
+ case SADB_AALG_SHA1HMAC:
+ Transform->SetID(AUTH_HMAC_SHA1_96);
+ break;
+
+ default:
+ User::Leave(KErrNotSupported);
+ }
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+ }
+
+ if ( (aDHGroup != 0 ) && (aFlags & SADB_SAFLAGS_PFS) )
+ {
+ TransCnt ++;
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ Transform->SetType(IKEV2_DH); // Diffie-Hellman Group (4)
+ Transform->SetReserved();
+ Transform->SetID(aDHGroup);
+ TranLth = (TUint16)Transform->Size();
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+ }
+ //
+ // Add ESN trasnform to Proposal with fixed value not used (0)
+ //
+ TransCnt ++;
+ Transform = (TTransformIkev2*)TPayloadIkev2::Cast(Transform)->Next();
+ TPayloadIkev2::Cast(Transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ Transform->SetType(IKEV2_ESN); // ESN (5) [64-bit sequence numbers with ESP]
+ Transform->SetReserved();
+ Transform->SetID(0);
+ TranLth = (TUint16)Transform->Size();
+ TPayloadIkev2::Cast(Transform)->SetLength(TranLth);
+ PropLth = (TUint16)(PropLth + TranLth);
+
+ TPayloadIkev2::Cast(Transform)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ Proposal->SetNumTrans(TransCnt);
+ TPayloadIkev2::Cast(Proposal)->SetLength(PropLth);
+ SaLth = (TUint16)(SaLth + PropLth);
+
+ proposal->Des().SetLength(SaLth);
+
+ HBufC8 *reAllocatedProposal = proposal->ReAlloc(proposal->Length());
+ if (reAllocatedProposal != NULL)
+ {
+ proposal = reAllocatedProposal;
+ }
+
+ return proposal;
+}
+
+
+HBufC8* IpsecProposal::BuildIpsecSaFromPolicyL(const CIpsecSaSpecList& aSaList, TUint16 aDhGroup)
+{
+ __ASSERT_DEBUG(aSaList.Count() > 0, User::Invariant());
+
+ static const TUint KProposalMaxLength = 64;
+ static const TUint KSpiSize = 4;
+ HBufC8* saData = HBufC8::NewL(KProposalMaxLength);
+ TPtr8 saDataPtr = saData->Des();
+
+ const TIpsecSaSpec& saSpec = aSaList.At(0);
+ TProposalIkev2* proposal = TProposalIkev2::Cast(saDataPtr.Ptr());
+ TPayloadIkev2::Cast(proposal)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(proposal)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ proposal->SetNum(1);
+ proposal->SetSPISize(KSpiSize); // SPI value shall be added later to proposal
+
+
+ TTransformIkev2* transform = NULL;
+
+ TUint8 transformCount = 0;
+ switch ( saSpec.iType )
+ {
+ case SADB_SATYPE_AH:
+ proposal->SetProtocol(IKEV2_IPSEC_AH);
+ saDataPtr.SetLength(proposal->Size() + KSpiSize);
+ break;
+
+ case SADB_SATYPE_ESP:
+ {
+ transformCount++;
+ proposal->SetProtocol(IKEV2_IPSEC_ESP);
+ transform = proposal->TransformPl();
+ TPayloadIkev2::Cast(transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ transform->SetReserved();
+ transform->SetType(IKEV2_ENCR); // Encryption Algorithm transform (1)
+
+ TUint16 tranformLength = transform->Size();
+
+ transform->SetID(saSpec.iEalg);
+ if ( saSpec.iEalg == ENCR_AES_CBC )
+ {
+ //
+ // Variable key length algorithm. Get key length
+ // attribute to transform data.
+ //
+ TDataAttributes* attributes = transform->Attributes();
+ attributes->SetType(IKEV2_ENCR_KEY_LTH);
+ attributes->SetBasic();
+ if ( saSpec.iEalgLen )
+ attributes->SetValue((TUint16)saSpec.iEalgLen);
+ else attributes->SetValue(128); //default AES key size
+ tranformLength += (TUint16)attributes->Size();
+ }
+ TPayloadIkev2::Cast(transform)->SetLength(tranformLength);
+ saDataPtr.SetLength(proposal->Size() + KSpiSize + tranformLength);
+ }
+ break;
+
+ default:
+ break;
+
+ }
+
+ if ( saSpec.iType == SADB_SATYPE_AH ||
+ (saSpec.iType == SADB_SATYPE_ESP && saSpec.iAalg != SADB_AALG_NONE) )
+ {
+ transformCount++;
+ if ( transform )
+ {
+ transform = (TTransformIkev2*)TPayloadIkev2::Cast(transform)->Next();
+ }
+ else
+ {
+ transform = proposal->TransformPl();
+ }
+
+ TPayloadIkev2::Cast(transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ transform->SetType(IKEV2_INTEG); // Integrity Algorithm transform
+ transform->SetReserved();
+ switch ( saSpec.iAalg )
+ {
+ case SADB_AALG_MD5HMAC:
+ transform->SetID(AUTH_HMAC_MD5_96);
+ break;
+
+ case SADB_AALG_SHA1HMAC:
+ transform->SetID(AUTH_HMAC_SHA1_96);
+ break;
+
+ default:
+ break;
+ }
+ TPayloadIkev2::Cast(transform)->SetLength(transform->Size());
+ saDataPtr.SetLength(saDataPtr.Length() + transform->Size());
+ }
+
+ if ( (aDhGroup != 0 ) && saSpec.iPfs )
+ {
+ transformCount++;
+ transform = (TTransformIkev2*)TPayloadIkev2::Cast(transform)->Next();
+ TPayloadIkev2::Cast(transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(transform)->SetNextPayload(IKEV2_PAYLOAD_TRANS);
+ transform->SetType(IKEV2_DH); // Diffie-Hellman Group (4)
+ transform->SetReserved();
+ transform->SetID(aDhGroup);
+ TPayloadIkev2::Cast(transform)->SetLength(transform->Size());
+ saDataPtr.SetLength(saDataPtr.Length() + transform->Size());
+ }
+
+ transformCount++;
+ transform = (TTransformIkev2*)TPayloadIkev2::Cast(transform)->Next();
+ TPayloadIkev2::Cast(transform)->Init(); // Initialize Payload general header
+ TPayloadIkev2::Cast(transform)->SetNextPayload(IKEV2_PAYLOAD_NONE);
+ transform->SetType(IKEV2_ESN); // ESN (5) [64-bit sequence numbers with ESP]
+ transform->SetReserved();
+ transform->SetID(0);
+ TPayloadIkev2::Cast(transform)->SetLength(transform->Size());
+ saDataPtr.SetLength(saDataPtr.Length() + transform->Size());
+
+ proposal->SetNumTrans(transformCount);
+ TPayloadIkev2::Cast(proposal)->SetLength(saDataPtr.Length());
+
+ return saData;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/ikev2lib/src/ipsecselectors.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,585 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Ipsec Traffic Selector handling
+*
+*/
+
+#include <in_sock.h>
+#include <ipsecpolapi.h>
+#include "ikedebug.h"
+#include "ipsecselectors.h"
+#include "ikev2payloads.h"
+#include "ikev2pluginsession.h"
+#include "ikev2proposal.h"
+#include "ikemsgrec.h"
+#include "ikev2const.h"
+#include "ipsecproposal.h"
+#include "pfkeymsg.h"
+#include "ipsecsalist.h"
+#include "ikev2trafficselector.h"
+#include "ikev2acquire.h"
+#include <networking/pfkeyv2.h>
+
+CIkev2Acquire* IpsecSelectors::GetIpsecPolicyL(CIkev2PluginSession& aPluginSession, CIkev2Payloads* aIkeMsg, TInt aDhGroup)
+{
+ ASSERT(aIkeMsg);
+ //
+ // Examine is there available policy for Traffic selectors present
+ // in current CREATE_CHILD_SA request. Use Initiator traffic
+ // selector for policy check.
+
+ //If there is no traffic selector, we stop the processing
+ TTSPayloadIkev2* TsIPl = aIkeMsg->iTsI;
+ if ( !TsIPl || (TsIPl->GetNumberOfTs() < 1) )
+ {
+ return NULL;
+ }
+
+ TTSPayloadIkev2* TsRPl = aIkeMsg->iTsR;
+ if ( !TsRPl || (TsRPl->GetNumberOfTs() < 1) )
+ {
+ return NULL;
+ }
+
+ //Parse both selectors
+ CArrayFix<TIkeV2TrafficSelector>* proposedTsI = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(2);
+ CleanupStack::PushL(proposedTsI);
+
+ CArrayFix<TIkeV2TrafficSelector>* proposedTsR = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(2);
+ CleanupStack::PushL(proposedTsR);
+
+ TInt i = 0;
+ const TTrafficSelector* sel = TTrafficSelector::Cast(TsIPl->TrafficSelectors());
+ for (i = 0; i < TsIPl->GetNumberOfTs(); ++i)
+ {
+ TPtrC8 selPtr(reinterpret_cast<const TUint8*>(sel), sel->Length());
+ TIkeV2TrafficSelector* selector = TIkeV2TrafficSelector::NewL(selPtr);
+ CleanupStack::PushL(selector);
+ proposedTsI->AppendL(*selector);
+ CleanupStack::PopAndDestroy(selector);
+
+ sel = reinterpret_cast<const TTrafficSelector*>(reinterpret_cast<const TUint8*>(sel) + sel->Length());
+ }
+
+
+ i = 0;
+ sel = TTrafficSelector::Cast(TsRPl->TrafficSelectors());
+ for (i = 0; i < TsRPl->GetNumberOfTs(); ++i)
+ {
+ TPtrC8 selPtr(reinterpret_cast<const TUint8*>(sel), sel->Length());
+ TIkeV2TrafficSelector* selector = TIkeV2TrafficSelector::NewL(selPtr);
+ CleanupStack::PushL(selector);
+ proposedTsR->AppendL(*selector);
+ CleanupStack::PopAndDestroy(selector);
+
+ sel = reinterpret_cast<const TTrafficSelector*>(reinterpret_cast<const TUint8*>(sel) + sel->Length());
+ }
+
+ __ASSERT_DEBUG(proposedTsI->Count() > 0, User::Invariant());
+ //The policy is retrieved by using the firts initiator selector.
+ TInetAddr mask = (*proposedTsI)[0].Mask();
+
+ //Takes only the network part of the address
+ TInetAddr addr;
+ addr.SetAddress((*proposedTsI)[0].StartingAddress().Address() & mask.Address());
+ addr.SetPort(0);
+
+ TInetAddr DummyIp;
+ DummyIp.SetAddress(KInetAddrNone); // 0.0.0.0
+ DummyIp.SetPort(0);
+
+ CIpsecSaSpecList* SaList = NULL;
+ TRAPD(err, SaList = aPluginSession.GetIPsecSaSpecListL(DummyIp, DummyIp, // No local address/port info
+ addr, mask, // for any peer address and port
+ (*proposedTsI)[0].ProtocolId())); // Protocol
+
+ if (err != KErrNone)
+ {
+ CleanupStack::PopAndDestroy(proposedTsR);
+ CleanupStack::PopAndDestroy(proposedTsI);
+
+ return NULL;
+ }
+ CleanupStack::PushL(SaList);
+ const TIpsecSaSpec& Spec = SaList->At(0);
+
+ __ASSERT_DEBUG(SaList->Count() > 0, User::Invariant());
+ HBufC8* Sa = IpsecProposal::BuildIpsecSaFromPolicyL(*SaList, aDhGroup);
+
+ CleanupStack::PushL(Sa);
+
+ CIkev2Acquire* Acquire = CIkev2Acquire::NewL(aPluginSession.GetSAId(), Sa, proposedTsI, proposedTsR);
+
+ CleanupStack::Pop(Sa);
+ CleanupStack::PushL(Acquire);
+
+ TIpsecSALifetime hard(Spec.iHard.iAllocations, Spec.iHard.iBytes, Spec.iHard.iAddTime, Spec.iHard.iUseTime);
+ TIpsecSALifetime soft(Spec.iSoft.iAllocations, Spec.iSoft.iBytes, Spec.iSoft.iAddTime, Spec.iSoft.iUseTime);
+ Acquire->SetHardLifetime(hard);
+ Acquire->SetSoftLifetime(soft);
+
+ //
+ // Set SrcSpecific information to correspond MOBIKE configuration.
+ // Actually SrcSpecific should be available in TIpsecSaSpec.
+ //
+ HBufC8* remoteId = NULL;
+ if ( Spec.iRemoteIdentity.Length() )
+ {
+ //
+ // Copy remote identity from policy and queue it to CIkev2Acquire
+ // object
+ //
+ remoteId = Spec.iRemoteIdentity.AllocL();
+
+ }
+ else
+ {
+ remoteId = HBufC8::NewL(1);
+ }
+ Acquire->ReplaceRemoteId(remoteId);
+
+ HBufC8* localId = NULL;
+ if ( Spec.iLocalIdentity.Length() )
+ {
+ //
+ // Copy remote identity from policy and queue it to CIkev2Acquire
+ // object
+ //
+ localId = Spec.iLocalIdentity.AllocL();
+
+ }
+ else
+ {
+ localId = HBufC8::NewL(1);
+ }
+ Acquire->ReplaceLocalId(localId);
+
+ CleanupStack::Pop(Acquire);
+ CleanupStack::PopAndDestroy(SaList);
+ CleanupStack::Pop(proposedTsR);
+ CleanupStack::Pop(proposedTsI);
+
+ return Acquire;
+}
+
+CIkev2Acquire* IpsecSelectors::BuildVirtualAcquireL(CIkev2PluginSession& aPluginSession)
+{
+ //
+ // Build CIkev2Acquire object and related Ipsec SA- ja Traffic selector
+ // Payloads. These payload is used in conjunction with CP payload
+ // in IKE_AUTH exchange.
+ // To get an Virtual Ip with CP payload we must also create (for
+ // some unintelligible reason) create an pair of Ipsec SA:s.
+ // The following actions are taken:
+ // -- Try first if the "all host" selector is available in
+ // current Ipsec policy and if it build Virtual acquire for full
+ // address range (0.0.0.0 - 255.255.255.255)
+ // -- If "all host" selector is not available, we going to use
+ // "UMA" Ipsec ESP profiles as Ipsec SA proposal.
+ // The traffic selectors are set so that we asking Ipsec SA:s
+ // between requested Virtual Ip and Remote SGW Ip
+ // (single address all ports and protocols)
+ //
+ HBufC8* Sa = 0;
+
+ TIpsecSALifetime hard(0,0,0,0);
+ TIpsecSALifetime soft(0,0,0,0);
+
+ TInetAddr StartIp(KInetAddrNone, 0); // 0.0.0.0
+ TInetAddr EndIp(KInetAddrAll, 0xFFFF); // 255.255.255.255
+
+ CIpsecSaSpecList* SaList = aPluginSession.GetIPsecSaSpecListL(StartIp, StartIp, // for any local address and port
+ StartIp, StartIp, // for any peer address and port
+ 0); // Any protocol
+ CleanupStack::PushL(SaList);
+ __ASSERT_DEBUG(SaList->Count() > 0, User::Invariant());
+
+ //
+ // Build Ipsec proposal for implicit SA negotiatited within IKE
+ // SA AUTH exchange
+ //
+ const TIpsecSaSpec& Spec = SaList->At(0);
+ Sa = IpsecProposal::BuildIpsecSaFromPolicyL(*SaList, 0); // 0 = DH Group
+ CleanupStack::PushL(Sa);
+
+ CArrayFix<TIkeV2TrafficSelector>* TsI = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsI);
+ TIkeV2TrafficSelector selector(StartIp, EndIp, 0);
+ TsI->AppendL(selector);
+
+ CArrayFix<TIkeV2TrafficSelector>* TsR = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsR);
+ selector = TIkeV2TrafficSelector(StartIp, EndIp, 0);
+ TsR->AppendL(selector);
+
+ hard.iAllocations = Spec.iHard.iAllocations;
+ hard.iBytes = Spec.iHard.iBytes;
+ hard.iAddtime = Spec.iHard.iAddTime;
+ hard.iUsetime = Spec.iHard.iUseTime;
+ soft.iAllocations = Spec.iSoft.iAllocations;
+ soft.iBytes = Spec.iSoft.iBytes;
+ soft.iAddtime = Spec.iSoft.iAddTime;
+ soft.iUsetime = Spec.iSoft.iUseTime;
+
+ CIkev2Acquire* Acquire = CIkev2Acquire::NewL(aPluginSession.GetSAId(), Sa, TsI, TsR);
+ CleanupStack::Pop(TsR);
+ CleanupStack::Pop(TsI);
+ CleanupStack::Pop(Sa);
+
+ CleanupStack::PushL(Acquire);
+ HBufC8* identity = Spec.iRemoteIdentity.AllocL();
+ Acquire->ReplaceRemoteId(identity);
+ identity = NULL;
+
+ identity = Spec.iLocalIdentity.AllocL();
+ Acquire->ReplaceLocalId(identity);
+ identity = NULL;
+
+ Acquire->SetVirtualIp();
+ Acquire->SetHardLifetime(hard);
+ Acquire->SetSoftLifetime(soft);
+
+ CleanupStack::Pop(Acquire);
+ CleanupStack::PopAndDestroy(); // SaList
+
+ return Acquire;
+}
+
+TBool IpsecSelectors::VerifyTrafficSelectorsL(CIkev2Acquire* aAcquire, TTSPayloadIkev2* aTsI, TTSPayloadIkev2* aTsR )
+{
+ ASSERT(aAcquire);
+
+ if (aTsI == NULL || aTsR == NULL)
+ {
+ return EFalse;
+ }
+ //
+ // Compare Traffic selectors CIkev2Acquire object to Traffic selectors
+ // received in CREATE_CHILD_SA response.
+ //
+ const CArrayFix<TIkeV2TrafficSelector>& TsI_Ref = aAcquire->TS_i();
+ const CArrayFix<TIkeV2TrafficSelector>& TsR_Ref = aAcquire->TS_r();
+ __ASSERT_DEBUG(TsI_Ref.Count() > 0 && TsR_Ref.Count() > 0, User::Invariant());
+
+ //
+ // Check has the peer been narrowed requested Traffic selectors
+ //
+ CArrayFix<TIkeV2TrafficSelector>* TsI = new (ELeave)CArrayFixFlat<TIkeV2TrafficSelector>(2);
+ CleanupStack::PushL(TsI);
+ CArrayFix<TIkeV2TrafficSelector>* TsR = new (ELeave)CArrayFixFlat<TIkeV2TrafficSelector>(2);
+ CleanupStack::PushL(TsR);
+
+ TInt i = 0;
+ const TTrafficSelector* sel = TTrafficSelector::Cast(aTsI->TrafficSelectors());
+ const TUint8* payloadEnd = reinterpret_cast<TUint8*>(aTsI) + TPayloadIkev2::Cast(aTsI)->GetLength();
+ for (i = 0; i < aTsI->GetNumberOfTs(); ++i)
+ {
+ if (reinterpret_cast<const TUint8*>(sel) > payloadEnd ||
+ reinterpret_cast<const TUint8*>(sel) + sel->Length() > payloadEnd)
+ {
+ CleanupStack::PopAndDestroy(TsR);
+ CleanupStack::PopAndDestroy(TsI);
+ return EFalse;
+ }
+
+ TPtrC8 selPtr(reinterpret_cast<const TUint8*>(sel), sel->Length());
+ TIkeV2TrafficSelector* selector = TIkeV2TrafficSelector::NewL(selPtr);
+ CleanupStack::PushL(selector);
+ TsI->AppendL(*selector);
+ CleanupStack::PopAndDestroy(selector);
+
+ sel = reinterpret_cast<const TTrafficSelector*>(reinterpret_cast<const TUint8*>(sel) + sel->Length());
+ }
+
+
+ sel = TTrafficSelector::Cast(aTsR->TrafficSelectors());
+ payloadEnd = reinterpret_cast<TUint8*>(aTsR) + TPayloadIkev2::Cast(aTsR)->GetLength();
+ for (i = 0; i < aTsR->GetNumberOfTs(); ++i)
+ {
+ if (reinterpret_cast<const TUint8*>(sel) > payloadEnd ||
+ reinterpret_cast<const TUint8*>(sel) + sel->Length() > payloadEnd)
+ {
+ CleanupStack::PopAndDestroy(TsR);
+ CleanupStack::PopAndDestroy(TsI);
+ return EFalse;
+ }
+ TPtrC8 selPtr(reinterpret_cast<const TUint8*>(sel), sel->Length());
+ TIkeV2TrafficSelector* selector = TIkeV2TrafficSelector::NewL(selPtr);
+ CleanupStack::PushL(selector);
+ TsR->AppendL(*selector);
+ CleanupStack::PopAndDestroy(selector);
+
+ sel = reinterpret_cast<const TTrafficSelector*>(reinterpret_cast<const TUint8*>(sel) + sel->Length());
+ }
+
+ if ( !ValidataTs(TsI_Ref, *TsI) ||
+ !ValidataTs(TsR_Ref, *TsR) )
+ {
+ delete TsI;
+ delete TsR;
+ return EFalse;
+ }
+ aAcquire->ReplaceTS_i(TsI);
+ aAcquire->ReplaceTS_r(TsR);
+
+ CleanupStack::Pop(TsR);
+ CleanupStack::Pop(TsI);
+
+ return ETrue;
+}
+
+
+
+void IpsecSelectors::BuildTrafficSelectorsL(CIkev2Acquire* aAcquire, const TInetAddr& aLocalAddr,
+ const TPfkeyIdentity& aSrcIdent, const TPfkeyIdentity& aDstIdent,
+ TUint8 aProtocol)
+{
+ //
+ // Build Traffic Selectors payload from PFKEY Acquire primitive
+ // Identity data
+ //
+ CArrayFix<TIkeV2TrafficSelector>* TsIBfr = NULL;
+ CArrayFix<TIkeV2TrafficSelector>* TsRBfr = NULL;
+ if ( aDstIdent.iExt && (aDstIdent.iExt->sadb_ident_type == SADB_IDENTTYPE_PREFIX))
+ {
+ TsRBfr = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsRBfr);
+ if ( ( !aLocalAddr.IsUnspecified()) ||
+ ( aSrcIdent.iExt && (aSrcIdent.iExt->sadb_ident_type == SADB_IDENTTYPE_PREFIX)))
+ {
+ TsIBfr = new (ELeave) CArrayFixFlat<TIkeV2TrafficSelector>(1);
+ CleanupStack::PushL(TsIBfr);
+ }
+ }
+
+ if ( TsIBfr )
+ {
+ ASSERT(aAcquire);
+ //
+ // If local address pointer defined, local address is used as
+ // initiator Traffic selector (single address "range")
+ // Else Use Source Identity data to build inititor Traffic selector
+ //
+ if ( !aLocalAddr.IsUnspecified() )
+ {
+ TInetAddr startAddress = aLocalAddr;
+ startAddress.SetPort(0);
+
+ TInetAddr endAddress = aLocalAddr;
+ endAddress.SetPort(0xffff);
+
+ TIkeV2TrafficSelector selector(startAddress, endAddress, aProtocol);
+ TsIBfr->AppendL(selector);
+ }
+ else
+ {
+ TIkeV2TrafficSelector selector = IpsecSelectors::IdentityToSelectorL(aSrcIdent.iData, aProtocol);
+ TsIBfr->AppendL(selector);
+
+ }
+ CleanupStack::Pop(TsIBfr);
+ aAcquire->ReplaceTS_i(TsIBfr);
+ }
+
+ if ( TsRBfr )
+ {
+ ASSERT(aAcquire);
+ //
+ // Build responder Traffic selector from destination Identity data
+ //
+ TIkeV2TrafficSelector selector = IpsecSelectors::IdentityToSelectorL(aDstIdent.iData, aProtocol);
+ TsRBfr->AppendL(selector);
+ CleanupStack::Pop(TsRBfr); // TsRBfr
+ aAcquire->ReplaceTS_r(TsRBfr);
+ }
+}
+
+
+TIkeV2TrafficSelector IpsecSelectors::IdentityToSelectorL(const TDesC8& aIdentity, TUint8 aProtocol)
+{
+ //
+ // Convert text format Identity data to Range start and end address
+ // needed into Traffic selector
+ //
+ TInetAddr StartAddr;
+ TInetAddr EndAddr;
+ TInt Lth = aIdentity.Length();
+
+ if (aIdentity.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ TInt offset = aIdentity.Find(_L8("/"));
+ switch (offset)
+ {
+ case KErrNotFound: //Simple address
+ {
+ HBufC *unibuf = HBufC::NewL(aIdentity.Length());
+ unibuf->Des().Copy(aIdentity);
+ if ( StartAddr.Input(unibuf->Des()) != KErrNone )
+ {
+ delete unibuf;
+ User::Leave(KErrArgument);
+ }
+ delete unibuf;
+ EndAddr = StartAddr; // Range start and end addresses are same
+ break;
+ }
+
+ default: //Subnet
+ {
+ //addr1 - Start address of range
+ TInt prefix_len;
+ HBufC *unibuf = HBufC::NewL(aIdentity.Length());
+ unibuf->Des().Copy(aIdentity);
+ TPtrC addr_buf(unibuf->Ptr(), offset);
+ if ( StartAddr.Input(addr_buf) != KErrNone )
+ {
+ delete unibuf;
+ User::Leave(KErrArgument);
+ }
+ TPtrC prefix_ptr(unibuf->Ptr() + offset + 1, unibuf->Length() - offset - 1);
+ //addr2 - End address of range
+ TLex lex(prefix_ptr);
+ if ( lex.Val(prefix_len) != KErrNone )
+ {
+ delete unibuf;
+ User::Leave(KErrArgument);
+ }
+ delete unibuf;
+ if ( !IpsecSelectors::GetRangeEndAddresses(StartAddr, EndAddr, prefix_len) )
+ User::Leave(KErrArgument);
+ }
+
+ } //end switch
+
+ StartAddr.SetPort(0x0);
+ EndAddr.SetPort(0xffff);
+ return TIkeV2TrafficSelector(StartAddr, EndAddr, aProtocol);
+}
+
+TBool IpsecSelectors::GetRangeEndAddresses(TInetAddr& aStartAddr, TInetAddr& aEndAddr, TInt aPrefixLen)
+{
+ //
+ // Convert start address / prefix length to range start address /
+ // end address pair
+ //
+ if ( aStartAddr.Family() == KAfInet )
+ {
+ TUint32 Mask;
+ if ( aPrefixLen > 32 )
+ return EFalse;
+ if ( aPrefixLen )
+ Mask = (~0UL << ((32 - (aPrefixLen & 31)) & 31));
+ else Mask = 0;
+ TUint32 Start = (aStartAddr.Address() & Mask);
+ TUint32 End = Start | (~Mask);
+ aStartAddr.SetAddress(Start);
+ aEndAddr.SetAddress(End);
+ }
+ else //KAfInet6
+ {
+ if ( aPrefixLen > 128 )
+ return EFalse;
+ aStartAddr.Prefix(aStartAddr, aPrefixLen); // For sure
+ TUint32 M = (~0UL >> (aPrefixLen & 31));
+ TIp6Addr S = aStartAddr.Ip6Address();
+ TIp6Addr E;
+ aPrefixLen >>= 5;
+ TInt i;
+ for (i = 0; i < aPrefixLen; i++)
+ E.u.iAddr32[i] = S.u.iAddr32[i];
+
+ i <<= 2;
+ E.u.iAddr8[i] = (TUint8)(S.u.iAddr8[i] | (M >> 24)); i++;
+ E.u.iAddr8[i] = (TUint8)(S.u.iAddr8[i] | (M >> 16)); i++;
+ E.u.iAddr8[i] = (TUint8)(S.u.iAddr8[i] | (M >> 8)); i++;
+ E.u.iAddr8[i] = (TUint8)(S.u.iAddr8[i] | M); i++;
+
+ i >>= 2;
+ while (i < 4)
+ E.u.iAddr32[i++] = ~0UL;
+
+ aStartAddr.SetAddress(S);
+ aEndAddr.SetAddress(E);
+ }
+
+ return ETrue;
+
+}
+
+
+TBool IpsecSelectors::ValidataTs(const CArrayFix<TIkeV2TrafficSelector>& aTsRef,
+ const CArrayFix<TIkeV2TrafficSelector>& aTs)
+{
+ //For every selector in aTs, there must be a same or wider selector in aTsRef.
+ for (TInt i = 0; i < aTs.Count(); ++i)
+ {
+ TInt j;
+ const TIkeV2TrafficSelector& selector = aTs[i];
+ for (j = 0; j < aTsRef.Count(); ++j)
+ {
+ const TIkeV2TrafficSelector& refSelector = aTsRef[j];
+ if (selector <= refSelector)
+ {
+ break;
+ }
+ }
+ if (j == aTsRef.Count())
+ {
+ //No selector found
+ return EFalse;
+ }
+ }
+ return ETrue;
+}
+
+
+TBool IpsecSelectors::CheckPorts(TUint16 aStartRef, TUint16 aEndRef, TUint16 aStart, TUint16 aEnd )
+{
+ //
+ // Check that current port range narrowed intersection of reference
+ // port range
+ //
+ if ( (aStartRef > aStart) || (aEndRef < aEnd) || (aStart > aEnd) )
+ return EFalse;
+
+ return ETrue;
+
+}
+
+TBool IpsecSelectors::CheckAddresses(TUint8 aType, TUint8* aRefAddresses, TUint8* aAddresses )
+{
+ //
+ // Check that current address range narrowed intersection of reference
+ // address range
+ //
+ if ( aType == TS_IPV4_ADDR_RANGE )
+ {
+ ASSERT(aRefAddresses && aAddresses);
+
+ //
+ // Comparison is done as 32 bit integers
+ //
+ TUint32 StartRef = GET32(aRefAddresses);
+ TUint32 EndRef = GET32(aRefAddresses + 4);
+ TUint32 Start = GET32(aAddresses);
+ TUint32 End = GET32(aAddresses + 4);
+ if ( (StartRef > Start) || (EndRef < End) || (Start > End) )
+ return EFalse;
+ }
+
+ return ETrue;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/EABI/kmdapiU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,10 @@
+EXPORTS
+ _ZN4RKMD17StopVpnConnectionEmN18TKmdStopConnection5TTypeE @ 1 NONAME
+ _ZN4RKMD7ConnectEv @ 2 NONAME
+ _ZNK4RKMD13CancelResolveEv @ 3 NONAME
+ _ZNK4RKMD14CancelActivateEv @ 4 NONAME
+ _ZNK4RKMD14ResolveAddressEmRK7TDesC16R8TPckgBufI11TNameRecordER14TRequestStatus @ 5 NONAME
+ _ZNK4RKMD19StartRealConnectionEmR5TPckgI24TVpnRealConnectionParamsER14TRequestStatus @ 6 NONAME
+ _ZNK4RKMD25CancelStartRealConnectionEv @ 7 NONAME
+ _ZNK4RKMD8ActivateEmRK7TDesC16RK6TDesC8R5TPckgI11TVPNAddressER14TRequestStatus @ 8 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/bwins/kmdapiu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,10 @@
+EXPORTS
+ ?Activate@RKMD@@QBEXKABVTDesC16@@ABVTDesC8@@AAV?$TPckg@VTVPNAddress@@@@AAVTRequestStatus@@@Z @ 1 NONAME ; void RKMD::Activate(unsigned long, class TDesC16 const &, class TDesC8 const &, class TPckg<class TVPNAddress> &, class TRequestStatus &) const
+ ?CancelActivate@RKMD@@QBEXXZ @ 2 NONAME ; void RKMD::CancelActivate(void) const
+ ?CancelResolve@RKMD@@QBEXXZ @ 3 NONAME ; void RKMD::CancelResolve(void) const
+ ?CancelStartRealConnection@RKMD@@QBEXXZ @ 4 NONAME ; void RKMD::CancelStartRealConnection(void) const
+ ?Connect@RKMD@@QAEHXZ @ 5 NONAME ; int RKMD::Connect(void)
+ ?ResolveAddress@RKMD@@QBEXKABVTDesC16@@AAV?$TPckgBuf@VTNameRecord@@@@AAVTRequestStatus@@@Z @ 6 NONAME ; void RKMD::ResolveAddress(unsigned long, class TDesC16 const &, class TPckgBuf<class TNameRecord> &, class TRequestStatus &) const
+ ?StartRealConnection@RKMD@@QBEXKAAV?$TPckg@VTVpnRealConnectionParams@@@@AAVTRequestStatus@@@Z @ 7 NONAME ; void RKMD::StartRealConnection(unsigned long, class TPckg<class TVpnRealConnectionParams> &, class TRequestStatus &) const
+ ?StopVpnConnection@RKMD@@QAEHKW4TType@TKmdStopConnection@@@Z @ 8 NONAME ; int RKMD::StopVpnConnection(unsigned long, enum TKmdStopConnection::TType)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,29 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+kmdapi.mmp
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/group/kmdapi.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,41 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project kmdapi
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET kmdapi.dll
+TARGETTYPE DLL
+UID 0x1000008d 0x101f5140
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE kmdapi.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE clistatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdserver/inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../vpncommon/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/inc/kmdapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,167 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD api
+*
+*/
+
+#ifndef R_KMD_H
+#define R_KMD_H
+
+#include "vpnmandefs.h"
+
+//
+// KMD API Error codes
+// NOTE! The error code values below MUST be kept in sync with
+// the corresponding error code values defined together by
+// vpnapi/data/vpnerr.rss and vpnapi/data/vpnerr.ra
+//
+const TInt KKmdTooWeakCryptoLib = -5253;
+const TInt KKmdNoAlgorithmsFile = -5254;
+const TInt KKmdIkePolicyFileErr = -5255;
+const TInt KKmdIkeNegotFailed = -5256;
+const TInt KKmdIkeNoResponseErr = -5257;
+const TInt KKmdIkeNoProposalErr = -5258;
+const TInt KKmdIkeAuthFailedErr = -5259;
+const TInt KKmdIkePeerAuthFailed = -5260;
+const TInt KKmdIkeNoCertFoundErr = -5261;
+const TInt KKmdIkeNoPolicyErr = -5262;
+
+/**
+ * VPN real connection parameters.
+ *
+ * @lib kmdapi.lib
+ */
+class TVpnRealConnectionParams
+ {
+public:
+ /**
+ * Real IAP Id.
+ * Own.
+ */
+ TUint32 iRealIapId;
+
+ /**
+ * Real NET Id.
+ * Own.
+ */
+ TUint32 iRealNetId;
+ };
+
+/**
+ * Enumeration of VPN connection stopping types.
+ *
+ * @lib kmdapi.lib
+ */
+class TKmdStopConnection
+ {
+public:
+ enum TType
+ {
+ ENormal = 0,
+ EForced
+ };
+ };
+
+/**
+ * KMD API.
+ * A handle to KMD server.
+ *
+ * @lib kmdapi.lib
+ */
+class RKMD : public RSessionBase
+ {
+public:
+
+ /**
+ * Creates session to KMD server. If server is not running, it is started.
+ */
+ IMPORT_C TInt Connect();
+
+ /**
+ * Start a real network connection.
+ * Outstanding request can be cancelled any time by calling
+ * CancelStartConnection().
+ *
+ * @param aVpnIapId Used VPN IAP Id
+ * @param aRealConfig If request completes with KErrNone, contains IAP
+ * and NET Ids of used real network connecetion
+ * (returned).
+ * @param aStatus Completes with KErrNone if real network connection
+ * is successfully opened (returned).
+ *
+ */
+ IMPORT_C void StartRealConnection( TUint32 aVpnIapId,
+ TPckg<TVpnRealConnectionParams>& aRealConfig,
+ TRequestStatus& aStatus ) const;
+
+ /**
+ * Cancel starting of real network connection.
+ */
+ IMPORT_C void CancelStartRealConnection() const;
+
+
+ /**
+ * Asynchronous activation command to activate VPN connection (IKE policy).
+ * If there is no virtual IP address protocols configured the activate
+ * request completes immediatelly.
+ *
+ * @param aVpnIapId Used VPN IAP Id
+ * @param aVpnIfName VPN interface name
+ * @param aIkeConf IKE policy data
+ * @param aVPNAddress Contains the IP config of the VPN connection, when
+ * request completes (returned).
+ * @param aStatus Completion status, KErrNone if successfull (returned).
+ */
+ IMPORT_C void Activate( TUint32 aVpnIapId,
+ const TDesC& aVpnIfName,
+ const TDesC8& aIkeConf,
+ TVPNAddressPckg& aVPNAddress,
+ TRequestStatus& aStatus ) const;
+
+ /**
+ * Cancels ongoing activate request.
+ */
+ IMPORT_C void CancelActivate() const;
+
+ /**
+ * Stops VPN connection.
+ * @param aVpnIapId Used VPN IAP
+ * @param aType: Specifies stopping type.
+ * ENormal = All IKE and IPSEC SA:s related to VPN connection
+ * shall be deleted (= ISAKMP delete payload is transmitted
+ * to SA peer)
+ * EForced = Delete payload is not transmitted to SA peer.
+ */
+ IMPORT_C TInt StopVpnConnection( TUint32 aVpnIapId,
+ TKmdStopConnection::TType aType = TKmdStopConnection::ENormal );
+
+ /**
+ * Resolve an IP address from FQDN.
+ * There can be only one outstanding query per session.
+ * @param aVpnIapId Used VPN IAP Id
+ * @param aFqdn: Domain Name to be resolved.
+ * @param aResult: Result of name resolution (returned)
+ * @param aStatus: Completion status (returned)
+ */
+ IMPORT_C void ResolveAddress( TUint32 aVpnIapId,
+ const TDesC& aFqdn,
+ TNameEntry& aResult,
+ TRequestStatus& aStatus ) const;
+ /**
+ * Cancel outstanding resolve address query.
+ */
+ IMPORT_C void CancelResolve() const;
+ };
+
+#endif // R_KMD_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/rom/kmdapi.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* Key Management Daemon API
+*
+*/
+
+
+
+#ifndef __KMDAPI_IBY__
+#define __KMDAPI_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature KMDAPI not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\kmdapi.dll SHARED_LIB_DIR\kmdapi.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __KMDSERVER_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdapi/src/kmdapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,148 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Key Management Daemon API
+*
+*/
+
+// EXTERNAL INCLUDES
+#include <e32std.h>
+#include <e32math.h>
+
+// INTERNAL INCLUDES
+#include "kmdserver.h"
+#include "clistatic.h"
+
+// CLASS HEADER
+#include "kmdapi.h"
+
+// ---------------------------------------------------------------------------
+// Opens a session to KMD server and starts the server if it is not yet
+// started.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TInt RKMD::Connect()
+ {
+ TInt retry=2;
+ for ( ;; )
+ {
+ TInt r = CreateSession( KKmdServerName,
+ TVersion( KKmdServMajorVersion,
+ KKmdServMinorVersion,
+ KKmdServBuildVersion),
+ KDefaultMessageSlots );
+
+ if ( r != KErrNotFound && r != KErrServerTerminated )
+ {
+ return r;
+ }
+ if ( --retry == 0 )
+ {
+ return r;
+ }
+ r = Launcher::LaunchServer( KKmdServerName,
+ KKmdServerImg,
+ KServerUid3,
+ KMyServerInitHeapSize,
+ KMyServerMaxHeapSize,
+ KMyServerStackSize );
+ if ( r != KErrNone && r != KErrAlreadyExists )
+ {
+ return r;
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Start a real network connection.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::StartRealConnection( TUint32 aVpnIapId,
+ TPckg<TVpnRealConnectionParams>& aRealConfig,
+ TRequestStatus& aStatus ) const
+ {
+ SendReceive( CKmdServer::KKmdStartConnection,
+ TIpcArgs( aVpnIapId, &aRealConfig ),
+ aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels ongoing activate request.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::CancelStartRealConnection() const
+ {
+ SendReceive( CKmdServer::KKmdCancelStartConnection );
+ }
+
+// ---------------------------------------------------------------------------
+// Asynchronous Activate request.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::Activate( TUint32 aVpnIapId,
+ const TDesC& aVpnIfName,
+ const TDesC8& aIkeConf,
+ TVPNAddressPckg& aVPNAddress,
+ TRequestStatus& aStatus ) const
+ {
+ SendReceive( CKmdServer::KKmdActivateAsync,
+ TIpcArgs( aVpnIapId,
+ &aVpnIfName,
+ &aIkeConf,
+ &aVPNAddress ),
+ aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels ongoing Activate request.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::CancelActivate() const
+ {
+ SendReceive( CKmdServer::KKmdCancelActivateAsync );
+ }
+
+// ---------------------------------------------------------------------------
+// Stops specified VPN connection.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C TInt RKMD::StopVpnConnection( TUint32 aVpnIapId,
+ TKmdStopConnection::TType aType )
+ {
+ return SendReceive( CKmdServer::KKmdStopConnection,
+ TIpcArgs( aVpnIapId, aType ) );
+ }
+
+// ---------------------------------------------------------------------------
+// Resolve an IP address from FQDN.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::ResolveAddress( TUint32 aVpnIapId,
+ const TDesC& aFqdn,
+ TNameEntry& aResult,
+ TRequestStatus& aStatus ) const
+ {
+ SendReceive( CKmdServer::KKmdResolveAddress,
+ TIpcArgs( aVpnIapId, &aFqdn, &aResult ),
+ aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancel outstanding ResolveAddress query.
+// ---------------------------------------------------------------------------
+//
+EXPORT_C void RKMD::CancelResolve() const
+ {
+ SendReceive( CKmdServer::KKmdCancelResolveAddress );
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/bwins/KMDSERVERU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?RunKmdServer@@YAHPAX@Z @ 1 NONAME ; int __cdecl RunKmdServer(void *)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ kmdservertest.mmp
+#else
+ kmdserver.mmp
+#endif
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/group/kmdserver.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,75 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project kmdserver
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET kmdserver.exe
+TARGETTYPE exe
+UID 0x1000008d 0x1000088A
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE activationstarter.cpp
+SOURCE connectionstarter.cpp
+SOURCE connectionstopper.cpp
+SOURCE disconnectionobserver.cpp
+SOURCE fqdnresolver.cpp
+SOURCE errorobserver.cpp
+SOURCE iachangeobserver.cpp
+SOURCE ikepluginhandler.cpp
+SOURCE ikepluginsessionhandler.cpp
+SOURCE ikepcaptrace.cpp
+SOURCE kmddebuglogger.cpp
+SOURCE kmdeventlogger.cpp
+SOURCE kmdserver.cpp
+SOURCE kmdsession.cpp
+SOURCE kmdstarter.cpp
+SOURCE secpolpayload.cpp
+SOURCE secpolreader.cpp
+SOURCE vpnconnection.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../eventviewer/inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/networking
+
+LIBRARY bafl.lib
+LIBRARY cmmanager.lib
+LIBRARY efsrv.lib
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY eventmedapi.lib
+LIBRARY eventviewer.lib
+LIBRARY ikesocket.lib
+LIBRARY ikepolparser.lib
+LIBRARY insock.lib
+LIBRARY ipsecpolapi.lib
+DEBUGLIBRARY flogger.lib
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/group/kmdservertest.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,77 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Test project definition file for project kmdserver
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET kmdserver.exe
+TARGETTYPE exe
+UID 0x1000008d 0x1000088A
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE activationstarter.cpp
+SOURCE connectionstarter.cpp
+SOURCE connectionstopper.cpp
+SOURCE disconnectionobserver.cpp
+SOURCE fqdnresolver.cpp
+SOURCE errorobserver.cpp
+SOURCE iachangeobserver.cpp
+SOURCE ikepluginhandler.cpp
+SOURCE ikepluginsessionhandler.cpp
+SOURCE ikepcaptrace.cpp
+SOURCE kmddebuglogger.cpp
+SOURCE kmdeventlogger.cpp
+SOURCE kmdserver.cpp
+SOURCE kmdsession.cpp
+SOURCE kmdstarter.cpp
+SOURCE secpolpayload.cpp
+SOURCE secpolreader.cpp
+SOURCE vpnconnection.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../eventviewer/inc
+USERINCLUDE ../../ikesocket/inc
+USERINCLUDE ../../ikeutils/inc
+
+MW_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE /epoc32/include/networking
+
+LIBRARY kmd_proxy.lib
+LIBRARY ikesocket_proxy.lib
+LIBRARY bafl.lib
+LIBRARY cmmanager.lib
+LIBRARY efsrv.lib
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY eventmedapi.lib
+LIBRARY eventviewer.lib
+LIBRARY ikesocket.lib
+LIBRARY ikepolparser.lib
+LIBRARY insock.lib
+LIBRARY ipsecpolapi.lib
+DEBUGLIBRARY flogger.lib
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/activationstarter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,156 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors activating
+*
+*/
+
+
+#ifndef C_ACTIVATIONSTARTER_H
+#define C_ACTIVATIONSTARTER_H
+
+#include <e32base.h>
+#include <in_sock.h>
+
+#include "vpnmandefs.h"
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class CIkeData;
+class CVpnConnection;
+class MIkeDebug;
+class TVPNAddress;
+
+/**
+ * Activation starter callback interface.
+ * Callback interface which is used by CActivationStarter object to notify
+ * about completion of activation.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MActivationStarterCallback
+ {
+public:
+ /**
+ * Notifies about completion of activation.
+ * @param aStatus Completion status
+ * @param aVirtualIp Internal address info
+ */
+ virtual void ActivationCompleted( TInt aStatus,
+ const TVPNAddress& aVirtualIp ) = 0;
+ };
+
+
+/**
+ * Activating starter.
+ * Active object provides functionality for starting activating.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CActivationStarter : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aConnection VPN connection object
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CActivationStarter* NewL( CVpnConnection& aConnection,
+ MActivationStarterCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CActivationStarter();
+
+ /**
+ * Starts activating. Completion is notified via
+ * MActivatingStarterCallback interface.
+ * @param aIkeConf IKE policy data
+ * @param aVpnIfName VPN interface name
+ */
+ void Activate( CIkeData& aIkeData,
+ const TDesC& aVpnIfName );
+
+private:
+
+ CActivationStarter( CVpnConnection& aConnection,
+ MActivationStarterCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Gets VPN interface index.
+ * @param aVpnIfName VPN interface name
+ * @param aVpnInterfaceIndex VPN interface index (returned)
+ * @return Error code
+ */
+ TInt GetVpnInterfaceIndex( const TDesC& aVpnIfName,
+ TUint32& aVpnInterfaceIndex );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous activating.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous activating.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * Internal address.
+ * Own.
+ */
+ TVPNAddress iInternalAddress;
+
+ /**
+ * IP version.
+ * Own.
+ */
+ IkeSocket::TIpVersion iIpVersion;
+
+ /**
+ * DNS server address from IKE policy data.
+ * Own.
+ */
+ TInetAddr iDnsServerAddr;
+
+ /**
+ * VPN connection object.
+ * Not own.
+ */
+ CVpnConnection& iConnection;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MActivationStarterCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_ACTIVATIONSTARTER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/connectionstarter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,112 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors the real connection starting
+*
+*/
+
+
+#ifndef C_CONNECTIONSTARTER_H
+#define C_CONNECTIONSTARTER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class CVpnConnection;
+
+/**
+ * Connection starter callback interface.
+ * Callback interface which is used by CConnectionStarter object to notify
+ * about completion of real network connection's starting.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MConnectionStarterCallback
+ {
+public:
+ /**
+ * Notifies about completion of real connection starting.
+ * @param aStatus Completion status
+ * @param aRealIapId IAP Id of started connection
+ * @param aRealNetId Net Id of started connection
+ */
+ virtual void RealConnectionStarted( TInt aStatus,
+ TInt aRealIapId,
+ TInt aRealNetId ) = 0;
+ };
+
+
+/**
+ * Connection starter.
+ * Active object provides functionality for starting of real network
+ * connection.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CConnectionStarter : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aConnection VPN connection object
+ * @param aCallback Callback interface
+ */
+ static CConnectionStarter* NewL( CVpnConnection& aConnection,
+ MConnectionStarterCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CConnectionStarter();
+
+ /**
+ * Starts real network connection. Completion is notified via
+ * MConnectionStarterCallback interface.
+ */
+ void StartRealConnection();
+
+private:
+
+ CConnectionStarter( CVpnConnection& aConnection,
+ MConnectionStarterCallback& aCallback );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous connection starting request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous connection starting request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * VPN connection object.
+ * Not own.
+ */
+ CVpnConnection& iConnection;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MConnectionStarterCallback& iCallback;
+ };
+
+#endif // C_CONNECTIONSTARTER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/connectionstopper.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,107 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors stopping of connection
+*
+*/
+
+
+#ifndef C_CONNECTIONSTOPPER_H
+#define C_CONNECTIONSTOPPER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class CVpnConnection;
+
+/**
+ * Connection stopper callback interface.
+ * Callback interface which is used by CConnectionStopper object to notify
+ * about completion of VPN connection stopping.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MConnectionStopperCallback
+ {
+public:
+ /**
+ * Notifies about completion of VPN connection stopping.
+ * @param aStatus Completion status
+ */
+ virtual void VpnConnectionStopped( TInt aStatus ) = 0;
+ };
+
+/**
+ * Connection stopper.
+ * Active object provides functionality for stopping of VPN connection.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CConnectionStopper : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aConnection VPN connection object
+ * @param aCallback Callback interface
+ */
+ static CConnectionStopper* NewL( CVpnConnection& aVpnConnection,
+ MConnectionStopperCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CConnectionStopper();
+
+ /**
+ * Stops VPN connection. Completion is notified via MConnectionStopperCallback
+ * interface.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to remote host)
+ */
+ void StopVpnConnection( TBool aSilentClose );
+
+private:
+ CConnectionStopper( CVpnConnection& aVpnConnection,
+ MConnectionStopperCallback& aCallback );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous connection stopping request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous connection stopping request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * VPN connection object.
+ * Not own.
+ */
+ CVpnConnection& iVpnConnection;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MConnectionStopperCallback& iCallback;
+ };
+
+#endif // C_CONNECTIONSTOPPER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/disconnectionobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,107 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors link disconnection
+*
+*/
+
+
+#ifndef C_DISCONNECTIONOBSERVER_H
+#define C_DISCONNECTIONOBSERVER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class CIkeConnectionInterface;
+
+/**
+ * Disconnection observer callback interface.
+ * Callback interface which is used by CDisconnectionObserver object to notify
+ * about link disconnection.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MDisconnectionObserverCallback
+ {
+public:
+ /**
+ * Notifies about disconnection.
+ * @param aStatus Completion status
+ */
+ virtual void DisconnectIndication( TInt aStatus ) = 0;
+ };
+
+/**
+ * Disconnection observer.
+ * Active object provides functionality for notifying link disconnection.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CDisconnectionObserver : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aIkeConnectionInterface IKE connection interface
+ * @param aCallback Callback interface
+ */
+ static CDisconnectionObserver* NewL( CIkeConnectionInterface& aIkeConnectionInterface,
+ MDisconnectionObserverCallback& aCallback );
+
+ /**
+ * Destructor.
+ */
+ ~CDisconnectionObserver();
+
+ /**
+ * Starts observing Link disconnection. Link disconnection is notified via
+ * MDisconnectionObserverCallback interface.
+ */
+ void StartObserving();
+
+private:
+
+ CDisconnectionObserver( CIkeConnectionInterface& aIkeConnectionInterface,
+ MDisconnectionObserverCallback& aCallback );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous notification request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous notification request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * IKE connection interface.
+ * Not own.
+ */
+ CIkeConnectionInterface& iIkeConnectionInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MDisconnectionObserverCallback& iCallback;
+ };
+
+
+#endif // C_DISCONNECTIONOBSERVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/errorobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,103 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors IKE plugin session error
+*
+*/
+
+
+#ifndef C_ERROROBSERVER_H
+#define C_ERROROBSERVER_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+class MIkePluginSessionIf;
+class MIkePluginSessionHandlerCallback;
+
+/**
+ * Error observer.
+ * Active object that provides functionality for observing IKE plugin session
+ * error.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CErrorObserver : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aIkePluginSession IKE plugin session
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CErrorObserver* NewL( MIkePluginSessionIf& aIkePluginSession,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CErrorObserver();
+
+ /**
+ * Starts observing internal address change.
+ */
+ void StartObserving();
+
+private:
+
+ CErrorObserver( MIkePluginSessionIf& aIkePluginSession,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous notification request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous notification request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * IKE plugin session.
+ * Not own.
+ */
+ MIkePluginSessionIf& iIkePluginSession;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkePluginSessionHandlerCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_ERROROBSERVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/fqdnresolver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,122 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors the completion of FQDN resolve.
+*
+*/
+
+
+#ifndef C_FQDNRESOLVER_H
+#define C_FQDNRESOLVER_H
+
+#include <e32base.h>
+#include <es_sock.h>
+
+// FORWARD DECLARATIONS
+class CVpnConnection;
+
+/**
+ * FQDN resolver callback interface.
+ * Callback interface which is used by CFqdnResolver object to notify
+ * about completion of FQDN address resolving.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MFqdnResolverCallback
+ {
+public:
+ /**
+ * Notifies about completion of FQDN address resolving.
+ * @param aStatus Completion status
+ * @param aNameEntry Result of name resolution
+ */
+ virtual void AddressResolveCompleted( const TInt aStatus,
+ const TNameEntry aNameEntry ) = 0;
+ };
+
+/**
+ * FQDN address resolver.
+ * Active object provides functionality for resolving an IP address from FQDN
+ * address.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CFqdnResolver : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aConnection VPN connection object
+ * @param aCallback Callback interface
+ */
+ static CFqdnResolver* NewL( CVpnConnection& aConnection,
+ MFqdnResolverCallback& aCallback );
+ /**
+ * Destructor.
+ */
+ ~CFqdnResolver();
+
+ /**
+ * Resolves IP address from FQDN address. Completion is notified via
+ * MFqdnResolverCallback interface.
+ * @param aFqdn FQDN address. Ownership transferred.
+ */
+ void ResolveAddress( HBufC* aFqdn );
+
+private:
+
+ CFqdnResolver( CVpnConnection& aConnection,
+ MFqdnResolverCallback& aCallback );
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous resolving request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous resolving request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * VPN connection object.
+ * Not own.
+ */
+ CVpnConnection& iConnection;
+
+ /**
+ * FQDN address
+ * Own.
+ */
+ HBufC* iFqdn;
+
+ /**
+ * Name entry.
+ * Own.
+ */
+ TNameEntry iNameEntry;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MFqdnResolverCallback& iCallback;
+ };
+
+#endif // C_FQDNRESOLVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/iachangeobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,126 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors internal address change
+*
+*/
+
+
+#ifndef C_IACHANGEOBSERVER_H
+#define C_IACHANGEOBSERVER_H
+
+#include <e32base.h>
+#include "eventmediatorapi.h"
+
+// FORWARD DECLARATIONS
+class CInternalAddress;
+class MIkeDebug;
+class MIkePluginSessionIf;
+class TInetAddr;
+
+/**
+ * IA change observer.
+ * Active object that provides functionality for observing internal address
+ * change.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CIaChangeObserver : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aVpnIapId VPN IAP id
+ * @param aDnsServerAddr DNS server address from IKE policy
+ * @param aIkePluginSession IKE plugin session
+ * @param aDebug Debug trace interface
+ */
+ static CIaChangeObserver* NewL( TUint32 aVpnIapId,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionIf& aIkePluginSession,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CIaChangeObserver();
+
+ /**
+ * Starts observing internal address change.
+ */
+ void StartObserving();
+
+private:
+
+ CIaChangeObserver( TUint32 aVpnIapId,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionIf& aIkePluginSession,
+ MIkeDebug& aDebug );
+
+ void ConstructL();
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous notification request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous notification request.
+ */
+ void DoCancel();
+
+private: // data
+
+ /**
+ * Event mediator.
+ * Own.
+ */
+ REventMediator iEventMediator;
+
+ /**
+ * VPN IAP Id.
+ * Own.
+ */
+ TUint32 iVpnIapId;
+
+ /**
+ * DNS server address.
+ * Own.
+ */
+ TInetAddr iDnsServerAddr;
+
+ /**
+ * Internal address.
+ * Own.
+ */
+ TVPNAddress iInternalAddress;
+
+ /**
+ * IKE plugin session.
+ * Not own.
+ */
+ MIkePluginSessionIf& iIkePluginSession;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_IACHANGEOBSERVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikedebug.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,82 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Definitions for logging in debug builds
+*
+*/
+
+#ifndef M_IKEDEBUG_H
+#define M_IKEDEBUG_H
+
+#include <e32base.h>
+
+#ifndef _DEBUG
+
+class MIkeDebug
+ {
+public:
+ };
+
+
+#define DEBUG_LOG(a)
+#define DEBUG_LOG1(a, b)
+#define DEBUG_LOG2(a, b, c)
+#define DEBUG_LOG3(a, b, c, d)
+#define DEBUG_LOG_ARRAY(a, b)
+#define DEBUG_LOG_NUM(a)
+#define TRACE_MSG(aMsg, aSrcAddr, aDstAddr, aEncryptType)
+
+#else
+
+#include "ikepcaptrace.h"
+
+// FORWARD DECLARATIONS
+class TInetAddr;
+
+/**
+ * KMD debug interface for logging in debug builds.
+ * @lib internal (kmdserver.exe)
+ */
+class MIkeDebug
+ {
+public:
+
+ virtual void LogWrite( const TDesC& aText ) = 0;
+ virtual void LogWrite( const TDesC8& aText ) = 0;
+
+ virtual void LogWriteF( TRefByValue<const TDesC> aFmt, ... ) = 0;
+ virtual void LogWriteF( TRefByValue<const TDesC8> aFmt, ... ) = 0;
+
+ virtual void LogWriteArray( const TUint8* aArray, TInt aLength ) = 0;
+
+ virtual void LogWriteNum( TUint aNum ) = 0;
+
+ virtual void TraceMessage( const TDesC8& aMessage,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ CIkePcapTrace::TEncryptionType aEncryptionType ) = 0;
+
+ };
+
+#define DEBUG_LOG(a) iDebug.LogWrite((a))
+#define DEBUG_LOG1(a, b) iDebug.LogWriteF((a), (b))
+#define DEBUG_LOG2(a, b, c) iDebug.LogWriteF((a), (b), (c))
+#define DEBUG_LOG3(a, b, c, d) iDebug.LogWriteF((a), (b), (c), (d))
+#define DEBUG_LOG_ARRAY(a, b) iDebug.LogWriteArray((a), (b))
+#define DEBUG_LOG_NUM(a) iDebug.LogWriteNum((a))
+
+#define TRACE_MSG(aMsg, aSrcAddr, aDstAddr, aEncryptType) iDebug.TraceMessage((aMsg), (aSrcAddr), (aDstAddr), (aEncryptType))
+#define TRACE_MSG_IKEV1(aMsg, aSrcAddr, aDstAddr ) iDebug.TraceMessage((aMsg), (aSrcAddr), (aDstAddr), (CIkePcapTrace::EEncrDes))
+
+#endif //_DEBUG
+#endif //M_IKEDEBUG_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikepcaptrace.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class that logs ike messages in pcap format
+*
+*/
+
+#ifndef IKEPCAPTRACE_H
+#define IKEPCAPTRACE_H
+
+#include <f32file.h>
+
+class TInetAddr;
+
+/**
+ * PCap tracer of IKE messages.
+ *
+ * Class that logs ike messages in pcap format
+ *
+ */
+class CIkePcapTrace : public CBase
+ {
+public:
+ enum TEncryptionType
+ {
+ EEncrDes = 2,
+ EEncrDes3 = 3,
+ EEncrAesCbc = 12
+ };
+
+ static CIkePcapTrace* NewL(const TDesC& aLogFolder);
+ ~CIkePcapTrace();
+
+
+ /**
+ * Traces the IKE message.
+ *
+ * @param aMessage Traced IKE message
+ * @param aSourceAddress IP address of the message sender (only IPv4 is supported)
+ * @param aDestinationAddress IP address of the message receiver (only IPv4 is supported)
+ * @param aEncryptionType Used encryption algorithm.
+ * If the aMessage datagram is IKEv1 or if the IKEv2 datagram
+ * does not contain encryption payload this parameter is not used.
+ */
+ void TraceMessage(const TDesC8& aMessage,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ TEncryptionType aEncryptionType);
+
+private:
+ CIkePcapTrace();
+ void ConstructL(const TDesC& aLogFolder);
+
+ void DoTraceMessage(TPtr8& aMsgCopy,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ TEncryptionType aEncryptionType);
+
+
+ TInt WritePcapHeader();
+
+ TInt WriteRecordHeader(TUint32 aIkeMsgLength);
+ TInt WriteIpAndUdpHeader(const TDesC8& aMessage,
+ TInetAddr aSourceAddress,
+ TInetAddr aDestinationAddress);
+ TInt WriteNonEspMarker();
+ TInt WriteIkeMessage(TPtr8& aMsgCopy, TEncryptionType aEncryptionType);
+ TInt WriteIkeV1Message(TPtr8& aMsgCopy);
+ TInt WriteIkeV2Message(TPtr8& aMsgCopy, TEncryptionType aEncryptionType);
+
+
+ RFs iFileServer;
+ RFile iPcapFile;
+
+ TBool iWriteTrace;
+ };
+
+#endif //IKEPCAPTRACE_H
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikeplugindefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE plugin definitions
+*
+*/
+
+
+#ifndef IKEPLUGINDEFS_H
+#define IKEPLUGINDEFS_H
+
+#include <e32uid.h>
+
+typedef TUid TIkePluginId;
+
+const TUid KIkePluginUid1 = { KDynamicLibraryUidValue };
+const TUid KIkePluginUid2 = { KSharedLibraryUidValue };
+
+const TUid KIkeV1PluginUid3 = { 0x10206994 };
+const TUid KIkeV2PluginUid3 = { 0x10206993 };
+
+const TInt KIkeV1( 1 );
+const TInt KIkeV2( 2 );
+const TInt KIkePluginMaxCount( 2 );
+
+#endif // IKEPLUGINDEFS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikepluginhandler.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,155 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handler of an IKE protocol plugin
+*
+*/
+
+
+#ifndef C_IKEPLUGINHANDLER_H
+#define C_IKEPLUGINHANDLER_H
+
+#include <e32base.h>
+#include "ikepluginsessionhandler.h"
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class CIkePluginSessionHandler;
+class MIkeDebug;
+class MIkePluginIf;
+class MKmdEventLoggerIf;
+
+/**
+ * IKE plugin handler.
+ * IKE plugin specific handler for creating and deleting IKE plugin sessions.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CIkePluginHandler : public CBase
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aIkeVersion IKE version
+ * @param aEventLogger Event logger
+ * @param aDebug Debug trace interface
+ */
+ static CIkePluginHandler* NewL( TInt aIkeVersion,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CIkePluginHandler();
+
+ /**
+ * Creates IKE plugin session.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aIpVersion IP version
+ * @param aDnsServer DNS server from IKE policy
+ * @param aConnection IKE connection interface
+ * @param aCallback Callback interface
+ * @return Handler of IKE plugin session
+ */
+ CIkePluginSessionHandler& CreateIkePluginSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServer,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginSessionHandlerCallback& aCallback );
+
+ /**
+ * Deletes IKE plugin session which matches VPN IAP id. Does nothing if
+ * session is not found.
+ * @param aVpnIapId VPN IAP Id
+ */
+ void DeleteIkePluginSession( TUint32 aVpnIapId );
+
+private:
+ CIkePluginHandler( TInt aIkeVersion,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+
+ /**
+ * Creates IKE plugin session.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aIpVersion IP version
+ * @param aDnsServerAddr DNS server address from IKE policy
+ * @param aConnection IKE connection interface
+ * @param aCallback Callback interface
+ */
+ CIkePluginSessionHandler& DoCreateIkePluginSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServerAddr,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginSessionHandlerCallback& aCallback );
+
+ /**
+ * Loads IKE plugin.
+ */
+ void LoadIkePluginL();
+
+ /**
+ * Unloads IKE plugin.
+ */
+ void UnloadIkePlugin();
+
+private: // data
+
+ /**
+ * IKE version.
+ * Own.
+ */
+ TInt iIkeVersion;
+
+ /**
+ * Handle for IKE plugin library.
+ * Own.
+ */
+ RLibrary iLibrary;
+
+ /**
+ * IKE plugin.
+ * Own.
+ */
+ MIkePluginIf* iIkePlugin;
+
+ /**
+ * IKE plugin session handlers.
+ * Own.
+ */
+ RPointerArray<CIkePluginSessionHandler> iIkePluginSessions;
+
+ /**
+ * Event logger.
+ * Not own.
+ */
+ MKmdEventLoggerIf& iEventLogger;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_IKEPLUGINHANDLER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikepluginif.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE protocol plugin interface
+*
+*/
+
+
+#ifndef M_IKEPLUGINIF_H
+#define M_IKEPLUGINIF_H
+
+#include <e32base.h>
+
+// FORWARD DECLARATIONS
+class MIkeDataInterface;
+class MIkeDebug;
+class MIkePluginSessionIf;
+class MKmdEventLoggerIf;
+
+/**
+ * IKE protocol plugin interface.
+ *
+ * IKE protocol plugin interface provides functionality for creating IKE
+ * protocol plugin sessions.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MIkePluginIf
+ {
+public:
+
+ /**
+ * Destructor.
+ */
+ virtual ~MIkePluginIf() {};
+
+ /**
+ * Creates IKE protocol plugin session.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aDataInterface IKE data interface
+ * @return IKE protocol plugin session interface. Ownership transferred.
+ */
+ virtual MIkePluginSessionIf* CreateSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ MIkeDataInterface& aIkeDataInterface ) = 0;
+ };
+
+
+/**
+ * Method prototype to create new protocol plugin
+ */
+typedef MIkePluginIf* (*CreateIkePluginL)(MKmdEventLoggerIf&, MIkeDebug&);
+
+#endif // M_IKEPLUGINIF_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikepluginsessionhandler.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,242 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handler of an IKE protocol plugin session
+*
+*/
+
+
+#ifndef C_IKEPLUGINSESSIONHANDLER_H
+#define C_IKEPLUGINSESSIONHANDLER_H
+
+#include <e32base.h>
+#include "vpnmandefs.h"
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class CErrorObserver;
+class CIaChangeObserver;
+class CIkeData;
+class CIkeConnectionInterface;
+class CIkePluginSessionCloser;
+class CInternalAddress;
+class MIkeDataInterface;
+class MIkeDebug;
+class MIkePluginIf;
+class MIkePluginSessionIf;
+class TInetAddr;
+
+/**
+ * IKE plugin session handler callback interface.
+ * Callback interface which is used by CIkePluginSessionHandler object to
+ * notify about completion of negotiate and delete session requests.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MIkePluginSessionHandlerCallback
+ {
+public:
+ /**
+ * Notifies about completion of negotiate request.
+ * @param aStatus Completion status
+ * @param aInternalAddress Internal address
+ */
+ virtual void NegotiationStarted( TInt aStatus,
+ const TVPNAddress& aInternalAddress ) = 0;
+ /**
+ * Notifies about completion of delete session request.
+ * @param aStatus Completion status
+ */
+ virtual void IkePluginSessionClosed( TInt aStatus ) = 0;
+
+ /**
+ * Notifies about IKE plugin session error.
+ * @param aStatus Completion status
+ */
+ virtual void IkePluginSessionError( TInt aStatus ) = 0;
+ };
+
+/**
+ * IKE plugin session handler.
+ * Provides functionality for handling IKE plugin session.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CIkePluginSessionHandler : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aIkeVersion IKE version
+ * @param aIpVersion IP version
+ * @param aDnsServerAddr DNS server address from IKE policy
+ * @param aConnection IKE connection interface
+ * @param aIkePlugin IKE plugin
+ * @param aCallback Callback interface
+ * @param aDebug Debug trace interface
+ */
+ static CIkePluginSessionHandler* NewLC( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIkeMajorVersion aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServerAddr,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginIf& aIkePlugin,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug );
+ /**
+ * Destructor. IKE plugin session object is deleted.
+ */
+ ~CIkePluginSessionHandler();
+
+ /**
+ * Starts negotiation with a remote host.
+ * @param aIkeData IKE policy data
+ */
+ void NegotiateWithHost( const CIkeData& aIkeData );
+
+ /**
+ * Cancels negotiation request.
+ */
+ void CancelNegotiateWithHost();
+
+ /**
+ * Deletes session. Silent close can be requested when normal close is
+ * already active. IKE plugin session object is not deleted.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to remote host)
+ */
+ void DeleteSession( TBool aSilentClose );
+
+ /**
+ * Cancels session deletion requests. IKE/IPSec SA:s are deleted. IKE
+ * plugin session object is not deleted.
+ */
+ void CancelDeleteSession();
+
+ /**
+ * Returns VPN IAP Id.
+ * @return VPN IAP Id
+ */
+ TInt VpnIapId() const;
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous request.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous request.
+ */
+ void DoCancel();
+
+private:
+ enum TState
+ {
+ EIdle,
+ ENegotiatingWithHost,
+ ENegotiated,
+ EDeletingSession
+ };
+
+ CIkePluginSessionHandler( TUint32 aVpnIapId,
+ IkeSocket::TIkeMajorVersion aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug );
+
+ void ConstructL( TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ const TInetAddr& aDnsServer,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginIf& aIkePlugin );
+
+private: // data
+
+ /**
+ * State.
+ * Own.
+ */
+ TState iState;
+
+ /**
+ * VPN IAP Id.
+ * Own.
+ */
+ TUint32 iVpnIapId;
+
+ /**
+ * IKE version.
+ * Own.
+ */
+ IkeSocket::TIkeMajorVersion iIkeVersion;
+
+ /**
+ * IP version.
+ * Own.
+ */
+ IkeSocket::TIpVersion iIpVersion;
+
+ /**
+ * IKE plugin session interface.
+ * Own.
+ */
+ MIkePluginSessionIf* iIkePluginSession;
+
+ /**
+ * Internal address.
+ * Own.
+ */
+ TVPNAddress iInternalAddress;
+
+ /**
+ * IKE plugin session error observer.
+ * Own.
+ */
+ CErrorObserver* iErrorObserver;
+
+ /**
+ * Internal address change observer.
+ * Own.
+ */
+ CIaChangeObserver* iIaChangeObserver;
+
+ /**
+ * IKE data interface.
+ * Not own.
+ */
+ MIkeDataInterface* iIkeDataInterface;
+
+ /**
+ * Callback interface.
+ * Not own.
+ */
+ MIkePluginSessionHandlerCallback& iCallback;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+
+#endif // C_IKEPLUGINSESSIONHANDLER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/ikepluginsessionif.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,106 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IKE protocol plugin session interface
+*
+*/
+
+
+#ifndef M_IKEPLUGINSESSIONIF_H
+#define M_IKEPLUGINSESSIONIF_H
+
+#include <e32base.h>
+#include "vpnmandefs.h"
+
+// FORWARD DECLARATIONS
+class CIkeData;
+class MIkeDataInterface;
+
+/**
+ * IKE protocol plugin session interface.
+ *
+ * Session interface for handling an IKE connection with a remote host.
+ * Separate session is required for each VPN connection.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MIkePluginSessionIf
+ {
+public:
+
+ /**
+ * Destructor.
+ */
+ virtual ~MIkePluginSessionIf() {};
+
+ /**
+ * Starts negotiation with a remote host.
+ * @param aIkeData IKE policy data
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus Completion status (returned)
+ */
+ virtual void NegotiateWithHost( const CIkeData& aIkeData,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels negotiate request. DeleteSession() method needs to be called
+ * after this method to delete session.
+ */
+ virtual void CancelNegotiateWithHost() = 0;
+
+ /**
+ * Deletes session. IKE/IPSec SA:s are deleted.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to remote host)
+ * @param aStatus Completion status (returned)
+ */
+ virtual void DeleteSession( const TBool aSilentClose,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels deletion requests. IKE/IPSec SA:s are deleted.
+ */
+ virtual void CancelDeleteSession() = 0;
+
+ /**
+ * Requests notification about error condition. Error notification causes
+ * IKE plugin session to be deleted silently and link disconnected. IKE
+ * plugin session needs to cleanup session, before notifying error.
+ * @param aStatus Completion status (returned)
+ */
+ virtual void NotifyError( TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels error notification request.
+ */
+ virtual void CancelNotifyError() = 0;
+
+ /**
+ * Requests notification about change of internal address.
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus KErrNone or KErrCancel. Error condition needs to be
+ * indicated via NotifyError() method. (returned)
+ */
+ virtual void NotifyInternalAddressChanged( TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus ) = 0;
+
+ /**
+ * Cancels internal address change notification request.
+ */
+ virtual void CancelNotifyInternalAddressChanged() = 0;
+
+ };
+
+
+#endif // M_IKEPLUGINSESSIONIF_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmddebuglogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,82 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Write logs in debug builds
+*
+*/
+
+
+#ifndef C_KMDDEBUGLOGGER_H
+#define C_KMDDEBUGLOGGER_H
+
+#include <e32base.h>
+#include <flogger.h>
+
+#include "ikedebug.h"
+
+/**
+ * KMD debug logger.
+ * Logger for writing logs in debug builds.
+ * @lib internal (kmdserver.exe)
+ */
+class CKmdDebugLogger : public CBase,
+ public MIkeDebug
+ {
+public:
+
+ /**
+ * Two-phased constructor.
+ */
+ static CKmdDebugLogger* NewL();
+
+ /**
+ * Destructor.
+ */
+ ~CKmdDebugLogger();
+
+#ifdef _DEBUG
+
+ void LogWrite( const TDesC& aText );
+ void LogWrite( const TDesC8& aText );
+
+ void LogWriteF( TRefByValue<const TDesC> aFmt, ... );
+ void LogWriteF( TRefByValue<const TDesC8> aFmt, ... );
+
+ void LogWriteArray( const TUint8* aArray, TInt aLength );
+
+ void LogWriteNum( TUint aNum );
+
+ void TraceMessage( const TDesC8& aMessage,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ CIkePcapTrace::TEncryptionType aEncryptionType );
+
+private:
+ void ConstructL();
+
+ /**
+ * File logger.
+ * Own.
+ */
+ RFileLogger iFileLogger;
+
+ /**
+ * PCap tracer.
+ * Own.
+ */
+ CIkePcapTrace* iIkePcapTrace;
+
+#endif // _DEBUG
+ };
+
+#endif // C_KMDDEBUGLOGGER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmdeventlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,110 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD event logger
+*
+*/
+
+
+#ifndef C_KMDEVENTLOGGER_H
+#define C_KMDEVENTLOGGER_H
+
+#include "kmdeventloggerif.h"
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+
+/**
+ * KMD event logger.
+ *
+ * Handles logging of KMD specific events to event log.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CKmdEventLogger : public CBase,
+ public MKmdEventLoggerIf
+ {
+public:
+
+ /**
+ * Two-phased constructor.
+ * @param aDebug Debug trace interface
+ */
+ static CKmdEventLogger* NewL( MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CKmdEventLogger();
+
+// from base class MKmdEventLoggerIf
+
+ /**
+ * From MKmdEventLoggerIf
+ * Writes event to event log.
+ *
+ * @param aCategory Log event category
+ * @param aMsgId Msg Id
+ * @param aStatus Status
+ * @param aVpnIapId VPN IAP Id
+ * @param aSgwIp SGW IP address
+ * @param aLocalAddr Local IP address
+ */
+ void LogEvent( TLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aGwIp,
+ const TInetAddr* aLocalAddr = NULL );
+
+ /**
+ * From MKmdEventLoggerIf
+ * Writes event to event log.
+ *
+ * @param aCategory Log event category
+ * @param aMsgId Msg Id
+ * @param aStatus Status
+ * @param aVpnIapId VPN IAP Id
+ * @param aSgwIp SGW IP address
+ * @param aLocalAddr Local IP address
+ */
+ void LogEvent( TKmdLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aGwIp,
+ const TInetAddr* aLocalAddr = NULL );
+
+private:
+ CKmdEventLogger( MIkeDebug& aDebug );
+
+ void ConstructL();
+
+private: // data
+
+ /**
+ * Event mediator.
+ * Own.
+ */
+ REventMediator iEventMediator;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+
+ };
+
+
+#endif // C_KMDEVENTLOGGER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmdeventloggerif.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,89 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD event logger interface
+*
+*/
+
+
+#ifndef M_KMDEVENTLOGGERIF_H
+#define M_KMDEVENTLOGGERIF_H
+
+#include <e32base.h>
+
+#include "eventlogger.h"
+#include "eventmediatorapi.h"
+
+// FORWARD DECLARATIONS
+class TInetAddr;
+
+#define LOG_KMD_EVENT(a,b,c,d,e) EventLogger().LogEvent(a,b,c,d,e);
+#define LOG_KMD_EVENT2(a,b,c,d,e,f) EventLogger().LogEvent(a,b,c,d,e,f);
+
+/**
+ * KMD event logger interface.
+ *
+ * Logger interface for logging KMD specific events to event log.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class MKmdEventLoggerIf
+ {
+public:
+
+ enum TKmdLogCategory
+ {
+ KLogInfo = 0,
+ KLogWarning,
+ KLogError,
+ KLogDebug
+ };
+
+ /**
+ * Writes event to event log.
+ *
+ * @param aCategory Log event category
+ * @param aMsgId Msg Id
+ * @param aStatus Status
+ * @param aVpnIapId VPN IAP Id
+ * @param aSgwIp SGW IP address
+ * @param aLocalAddr Local IP address
+ */
+ virtual void LogEvent( TLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aSgwIp,
+ const TInetAddr* aLocalAddr = NULL ) = 0;
+
+ /**
+ * Writes event to event log.
+ *
+ * @param aCategory Log event category
+ * @param aMsgId Msg Id
+ * @param aStatus Status
+ * @param aVpnIapId VPN IAP Id
+ * @param aSgwIp SGW IP address
+ * @param aLocalAddr Local IP address
+ */
+ virtual void LogEvent( TKmdLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aSgwIp,
+ const TInetAddr* aLocalAddr = NULL ) = 0;
+
+ };
+
+
+#endif // M_KMDEVENTLOGGERIF_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmdserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,230 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD server
+*
+*/
+
+
+#ifndef C_KMDSERVER_H
+#define C_KMDSERVER_H
+
+#include <e32base.h>
+
+#include "ikesocketdefs.h"
+#include "vpnmandefs.h"
+
+_LIT( KKmdServerName, "!KMD server" );
+_LIT( KKmdServerImg, "kmdserver" );
+
+const TUid KServerUid3 = { 0x1000088A };
+
+const TInt KMyServerStackSize = 0x2000; // 8KB
+const TInt KMyServerInitHeapSize = 0x1000; // 4KB
+const TInt KMyServerMaxHeapSize = 0x1000000; // 16MB
+
+const TInt KKmdServMajorVersion = 1;
+const TInt KKmdServMinorVersion = 0;
+const TInt KKmdServBuildVersion = 0;
+
+// FORWARD DECLARATIONS
+class CIkeConnectionInterface;
+class CIkePluginHandler;
+class CIkePluginSessionHandler;
+class CKmdSession;
+class CVpnConnection;
+class CKmdDebugLogger;
+class CKmdEventLogger;
+class CSecpolReader;
+class MIkeDebug;
+class MIkePluginSessionHandlerCallback;
+
+/**
+ * KMD server.
+ * Implementation of KMD (Key Management Daemon) server. Handles creating of
+ * server-side client sessions.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CKmdServer : public CPolicyServer
+ {
+public:
+
+ /** KMD commands */
+ enum
+ {
+ KKmdStartConnection,
+ KKmdCancelStartConnection,
+ KKmdActivateAsync,
+ KKmdCancelActivateAsync,
+ KKmdStopConnection,
+ KKmdResolveAddress,
+ KKmdCancelResolveAddress
+ };
+
+ /**
+ * Two-phased constructor. Called from kmd_starter.
+ */
+ static CKmdServer* NewL();
+
+ /**
+ * Destructor.
+ */
+ ~CKmdServer();
+
+ /**
+ * Informs KMD server that KMD session has been closed.
+ */
+ void KmdSessionClosed();
+
+ /**
+ * Creates VPN connection object.
+ * @param aVpnIapId VPN IAP Id
+ */
+ CVpnConnection& CreateVpnConnectionL( TUint32 aVpnIapId );
+
+ /**
+ * Gets VPN connection object.
+ * @param aVpnIapId VPN IAP Id
+ */
+ CVpnConnection& GetVpnConnectionL( TUint32 aVpnIapId );
+
+ /**
+ * Deletes VPN connection object.
+ * @param aVpnIapId VPN IAP Id
+ */
+ void DeleteVpnConnection( TUint32 aVpnIapId );
+
+ /**
+ * Creates IKE plugin session.
+ * @param aIkeVersion IKE version
+ * @param aIpVersion IP version
+ * @param aConnection IKE connection interface
+ * @param aVpnIapId VPN IAP id
+ * @param aVpnNetId VPN NET id
+ * @param aVpnInterfaceIndex VPN interface index
+ * @param aDnsServerAddr DNS server address from IKE policy.
+ * @param aCallback Callback interface
+ * @return IKE plugin session handler
+ */
+ CIkePluginSessionHandler& CreateIkePluginSessionL( TInt aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ CIkeConnectionInterface& aConnection,
+ TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionHandlerCallback& aCallback );
+ /**
+ * Deletes IKE plugin session.
+ * @param aIkeVersion IKE version
+ * @param aVpnIapId VPN IAP Id
+ */
+ void DeleteIkePluginSession( TInt aIkeVersion,
+ TUint32 aVpnIapId );
+
+ /**
+ * Returns debug trace interface.
+ */
+ MIkeDebug& Debug();
+
+// from base class CPolicyServer
+
+ CSession2* NewSessionL( const TVersion& aVersion,
+ const RMessage2& aMessage ) const;
+
+private:
+ CKmdServer();
+ void ConstructL();
+
+ /**
+ * Stops KMD server if there are no more KMD sessions or VPN connections.
+ */
+ void StopKmdServer();
+
+private: // data
+
+ /**
+ * KMD session count.
+ * Own.
+ */
+ mutable TInt32 iSessionCount;
+
+ /**
+ * VPN connections.
+ * Own.
+ */
+ RPointerArray<CVpnConnection> iVpnConnections;
+
+ /**
+ * IKE plugin handlers.
+ * Own.
+ */
+ CIkePluginHandler* iIkePluginHandlers[2];
+
+ /**
+ * Debug logger.
+ * Own.
+ */
+ CKmdDebugLogger* iDebugLogger;
+
+ /**
+ * Event logger.
+ * Own.
+ */
+ CKmdEventLogger* iEventLogger;
+
+ /**
+ * Secpol reader.
+ * Own.
+ */
+ CSecpolReader* iSecpolReader;
+
+ /**
+ * Policy server.
+ * Own.
+ */
+ RIpsecPolicyServ iIpsecPolicyServ;
+
+ /**
+ * KMD server range count.
+ * Own.
+ */
+ static const TUint iKmdServerRangeCount;
+
+ /**
+ * KMD server ranges.
+ * Own.
+ */
+ static const TInt iKmdServerRanges[];
+
+ /**
+ * KMD server element index.
+ * Own.
+ */
+ static const TUint8 iKmdServerElementIndex[];
+
+ /**
+ * KMD server elements.
+ * Own.
+ */
+ static const CPolicyServer::TPolicyElement iKmdServerElements[];
+
+ /**
+ * KMD server policy.
+ * Own.
+ */
+ static const CPolicyServer::TPolicy iKmdServerPolicy;
+ };
+
+#endif // C_KMDSERVER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmdserver.pan Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD server panic definitions
+*
+*/
+
+
+#ifndef KMDSERVER_PAN
+#define KMDSERVER_PAN
+
+_LIT( KKmdPanicCategory, "KMDServerPanic" );
+
+enum TKmdServerPanics
+ {
+ EKmdPanicIllegalCommand = 0,
+ EKmdPanicRequestAlreadyPending
+ };
+
+#endif // KMDSERVER_PAN
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/kmdsession.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,209 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Server side session of KMD server
+*
+*/
+
+
+#ifndef C_KMDSESSION_H
+#define C_KMDSESSION_H
+
+#include <e32base.h>
+#include <es_sock.h>
+
+#include "activationstarter.h"
+#include "connectionstarter.h"
+#include "connectionstopper.h"
+#include "fqdnresolver.h"
+
+// FORWARD DECLARATIONS
+class CKmdServer;
+class CKmdSessionHandler;
+class MIkeDebug;
+class TVPNAddress;
+
+/**
+ * KMD session.
+ * Server side session of KMD server. Handles client requests.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CKmdSession : public CSession2,
+ public MActivationStarterCallback,
+ public MConnectionStarterCallback,
+ public MConnectionStopperCallback,
+ public MFqdnResolverCallback
+ {
+public:
+
+ /**
+ * Two-phased constructor.
+ * @param aServer KMD server
+ * @param aDebug Debug trace interface
+ */
+ static CKmdSession* NewL( CKmdServer& aServer,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CKmdSession();
+
+// from base class CSession2
+
+ /**
+ * From CSession2
+ * Handles client request.
+ *
+ * @param aMessage Message request
+ */
+ void ServiceL( const RMessage2& aMessage );
+
+// from base class MConnectionStarterCallback
+
+ /**
+ * From MConnectionStarterCallback
+ * Notification about completion of real connection starting.
+ *
+ * @param aStatus Completion status
+ * @param aRealIapId IAP Id of started connection
+ * @param aRealNetId Net Id of started connection
+ */
+ void RealConnectionStarted( TInt aStatus,
+ TInt aRealIapId,
+ TInt aRealNetId );
+
+// from base class MConnectionStopperCallback
+
+ /**
+ * From MConnectionStopperCallback
+ * Notification about completion of VPN connection stopping.
+ *
+ * @param aStatus Completion status
+ */
+ void VpnConnectionStopped( TInt aStatus );
+
+// from base class MFqdnResolverCallback
+
+ /**
+ * From MFqdnResolverCallback
+ * Notifies about completion of FQDN address resolving.
+ *
+ * @param aStatus Completion status
+ * @param aNameEntry Result of name resolution
+ */
+ void AddressResolveCompleted( TInt aStatus,
+ TNameEntry aNameEntry );
+
+// from base class MActivationStarterCallback
+
+ /**
+ * From MActivationStarterCallback
+ * Notification about completion of activation.
+ *
+ * @param aStatus Completion status
+ * @param aVirtualIp Internal address info
+ */
+ void ActivationCompleted( TInt aStatus,
+ const TVPNAddress& aVirtualIp );
+
+private:
+ CKmdSession( CKmdServer& aServer,
+ MIkeDebug& aDebug );
+
+ /**
+ * Cancels real connection starting.
+ */
+ void DoCancelStartConnection();
+
+ /**
+ * Cancels activating
+ */
+ void DoCancelActivate();
+
+ /**
+ * Cancels FQDN address resolving.
+ */
+ void DoCancelResolveAddress();
+
+private: // data
+ /**
+ * KMD server.
+ * Not own.
+ */
+ CKmdServer& iServer;
+
+ /**
+ * VPN IAP Id.
+ * Not own.
+ */
+ TUint32 iVpnIapId;
+
+ /**
+ * Connection starter active object.
+ * Own.
+ */
+ CConnectionStarter* iConnectionStarter;
+
+ /**
+ * Connection stopper active object.
+ * Own.
+ */
+ CConnectionStopper* iConnectionStopper;
+
+ /**
+ * FQDN address resolver active object.
+ * Own.
+ */
+ CFqdnResolver* iFqdnResolver;
+
+ /**
+ * Activation starter active object.
+ * Own.
+ */
+ CActivationStarter* iActivationStarter;
+
+ /**
+ * Pending start connection message.
+ * Own.
+ */
+ RMessage2 iPendingStartConnection;
+
+ /**
+ * Pending stop connection message.
+ * Own.
+ */
+ RMessage2 iPendingStopConnection;
+
+ /**
+ * Pending FQDN resolve message.
+ * Own.
+ */
+ RMessage2 iPendingFqdnResolve;
+
+ /**
+ * Pending activate message.
+ * Own.
+ */
+ RMessage2 iPendingActivate;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+
+ };
+
+#endif // C_KMDSESSION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/secpolpayload.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,91 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security policy module payload structures
+*
+*/
+
+
+#ifndef T_SECPOLPAYLOAD_H
+#define T_SECPOLPAYLOAD_H
+
+#include <ip4_hdr.h>
+#include <ip6_hdr.h>
+
+// FORWARD DECLARATIONS
+class TInet6Options;
+class TInet6HeaderFragment;
+class TInet6HeaderRouting;
+class TInet6HeaderAH;
+class TInet6HeaderESP;
+class TInet6HeaderICMP;
+class TInet6HeaderTCP;
+class TInet6HeaderUDP;
+
+/**
+ * THdrIP4 class.
+ * Class for dumping IPv4 IP header.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class THdrIP4 : public TInet6HeaderIP4
+ {
+public:
+ void Dump( TDes& aStr, TInt aLength );
+ TBool IsUnicast();
+ };
+
+/**
+ * THdrIP6 class.
+ * Class for dumping IPv6 IP header.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class THdrIP6 : public TInet6HeaderIP
+ {
+public:
+ void Dump( TDes &aStr, TInt aLength );
+ TBool IsUnicast();
+ };
+
+/**
+ * Secpol payload.
+ * Payload structure for reading message from Secpol reader.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class TSecpolPayload
+ {
+public:
+ TSecpolPayload( const TUint8* aPtr );
+
+ void Dump( TDes &aStr, TInt aLength, TInt aProtocol );
+
+public: // data
+ union
+ {
+ const TUint8* iRaw;
+ const TInet6HeaderESP* iESP;
+ const TInet6HeaderAH* iAH;
+ const TInet6HeaderIP* iIP6;
+ const TInet6HeaderIP4* iIP4;
+ const TInet6HeaderTCP* iTCP;
+ const TInet6HeaderUDP* iUDP;
+ const TInet6HeaderICMP* iICMP;
+ const TInet6Options* iOPT;
+ const TInet6HeaderRouting* iRTH;
+ const TInet6HeaderFragment* iFRH;
+ };
+ };
+
+#endif // T_SECPOLPAYLOAD_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/secpolreader.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,117 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security policy module
+*
+*/
+
+
+#ifndef C_SECPOLREADER_H
+#define C_SECPOLREADER_H
+
+#include <es_sock.h>
+#include <in_sock.h>
+
+// FORWARD DECLARATIONS
+class MIkeDebug;
+class MKmdEventLoggerIf;
+
+const TInt KMaxSecpolMsgSize( 1000 );
+
+/**
+ * Secpol reader.
+ * Class for reading messages from SECPOL socket.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CSecpolReader : public CActive
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aEventLogger Event logger
+ * @param aDebug Debug trace interface
+ */
+ static CSecpolReader* NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+
+ /**
+ * Destructor.
+ */
+ ~CSecpolReader();
+
+// from base class CActive
+
+ /**
+ * From CActive
+ * Handles completion of asynchronous reading.
+ */
+ void RunL();
+
+ /**
+ * From CActive
+ * Handles cancellation of asynchronous reading.
+ */
+ void DoCancel();
+
+private:
+ CSecpolReader( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+ /**
+ * Returns event logger.
+ * @return Event logger
+ */
+ MKmdEventLoggerIf& EventLogger();
+
+private: // data
+
+ /**
+ * Socket server.
+ * Own.
+ */
+ RSocketServ iSocketServer;
+
+ /**
+ * Secpol socket.
+ * Own.
+ */
+ RSocket iSocket;
+
+ /**
+ * Secpol message.
+ * Own.
+ */
+ TBuf8<KMaxSecpolMsgSize> iMsg;
+
+ /**
+ * Remote source address.
+ * Own.
+ */
+ TInetAddr iAddr;
+
+ /**
+ * Event logger.
+ * Not own.
+ */
+ MKmdEventLoggerIf& iEventLogger;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_SECPOLREADER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/inc/vpnconnection.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,328 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN connection specific structures
+*
+*/
+
+
+#ifndef C_VPNCONNECTION_H
+#define C_VPNCONNECTION_H
+
+#include <e32base.h>
+#include <in_sock.h>
+#include "vpnmandefs.h"
+#include "disconnectionobserver.h"
+#include "eventmediatorapi.h"
+#include "ikepluginsessionhandler.h"
+#include "ikesocketdefs.h"
+
+// FORWARD DECLARATIONS
+class CIkeConnectionInterface;
+class CIkeData;
+class CIkePluginSessionInterface;
+class CKmdServer;
+class MIkeDebug;
+
+/**
+ * VPN connection.
+ * VPN connection class provides VPN connection specific functionality for
+ * managing real network connection and connection with remote IKE host.
+ *
+ * @lib internal (kmdserver.exe)
+ */
+class CVpnConnection : public CBase,
+ public MDisconnectionObserverCallback,
+ public MIkePluginSessionHandlerCallback
+ {
+public:
+ /**
+ * Two-phased constructor.
+ * @param aVpnIapId VPN IAP Id
+ * @param aServer KMD server
+ * @param aDebug Debug trace interface
+ */
+ static CVpnConnection* NewLC( TUint32 aVpnIapId,
+ CKmdServer& aServer,
+ MIkeDebug& aDebug );
+ /**
+ * Destructor.
+ */
+ ~CVpnConnection();
+
+ /**
+ * Starts real network connection.
+ * @param aStatus Completion status (returned)
+ */
+ void StartRealConnection( TRequestStatus& aStatus );
+
+ /**
+ * Cancels connection starting.
+ */
+ void CancelStartRealConnection();
+
+ /**
+ * Resolves an IP address from FQDN address.
+ * @param aFqdn FQDN address
+ * @param aNameEntry Result of name resolution (returned)
+ * @param aStatus Completion status (returned)
+ */
+ void ResolveAddress( const TDesC& aFqdn,
+ TNameEntry& aNameEntry,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels resolving.
+ */
+ void CancelResolveAddress();
+
+ /**
+ * Starts negotiation with a remote host.
+ * @param aIkeData IKE policy data
+ * @param aVpnInterfaceIndex
+ * @param aIpVersion IP version
+ * @param aInternalAddress Internal address (returned)
+ * @param aStatus Completion status (returned)
+ */
+ void NegotiateWithHost( CIkeData& aIkeData,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels negotiation.
+ */
+ void CancelNegotiateWithHost();
+
+ /**
+ * Stops VPN connection.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to remote host)
+ * @param aStatus Completion status (returned)
+ */
+ void StopVpnConnection( TBool aSilentClose,
+ TRequestStatus& aStatus );
+
+ /**
+ * Cancels VPN connection stopping. VPN connection is stopped silently.
+ */
+ void CancelStopVpnConnection();
+
+ /**
+ * Gets local IP address of real network interface.
+ *
+ * @param aIpVersion IP version of local IP address
+ * @param aLocalIp Local IP address (returned)
+ * @return Error status. KErrNotFound if address is not found.
+ */
+ TInt GetLocalAddress( const IkeSocket::TIpVersion aIpVersion,
+ TInetAddr& aLocalIp );
+
+ /**
+ * Returns VPN IAP Id.
+ * @return VPN IAP Id
+ */
+ TInt VpnIapId() const;
+
+ /**
+ * Returns real IAP Id.
+ * @return Real IAP Id
+ */
+ TInt RealIapId() const;
+
+ /**
+ * Returns real NET Id.
+ * @return Real NET Id
+ */
+ TInt RealNetId() const;
+
+// from base class MDisconnectionObserverCallback
+
+ /**
+ * Notification about link disconnection. VPN connection is stopped silently.
+ * @param aStatus Completion status
+ */
+ void DisconnectIndication( TInt aStatus );
+
+// from base class MIkePluginSessionHandlerCallback
+
+ /**
+ * From MIkePluginSessionHandlerCallback
+ * Notification about completion of negotiate request.
+ * @param aStatus Completion status
+ * @param aInternalAddress Internal address.
+ */
+ void NegotiationStarted( TInt aStatus,
+ const TVPNAddress& aInternalAddress );
+ /**
+ * From MIkePluginSessionHandlerCallback
+ * Notification about completion of delete session request. Real
+ * network connection is closed.
+ * @param aStatus Completion status
+ */
+ void IkePluginSessionClosed( TInt aStatus );
+
+ /**
+ * From MIkePluginSessionHandlerCallback
+ * Notification about IKE plugin session error.
+ * @param aStatus Completion status
+ */
+ void IkePluginSessionError( TInt aStatus );
+
+
+private:
+ CVpnConnection( TUint32 aVpnIapId,
+ CKmdServer& aServer,
+ MIkeDebug& aDebug );
+ void ConstructL();
+
+ /**
+ * Cancels negotiation..
+ */
+ void DoCancelNegotiateWithHost();
+
+ /**
+ * Stops VPN connection.
+ */
+ void DoStopVpnConnection( TBool aSilentClose );
+
+ /**
+ * Cancels VPN connection stopping. VPN connection is stopped silently.
+ */
+ void DoCancelStopVpnConnection();
+
+ /**
+ * Deletes IKE plugin session.
+ * @param aSilentClose Specified if a silent close in question (Delete
+ * payloads not transmitted to remote host)
+ */
+ void DoDeleteSession( TBool aSilentClose );
+
+ /**
+ * Cancels session deletion.
+ */
+ void DoCancelDeleteSession();
+
+ /**
+ * Stops real network connection.
+ * @param aStatus Disconnect event status to be reported.
+ */
+ void DoStopRealConnection( TInt aStatus );
+
+ /**
+ * Reports disconnect event via Event Mediator API.
+ * @param aStatus Completion status
+ */
+ void DoReportDisconnectEvent( TInt aStatus );
+
+private: // data
+
+ /**
+ * KMD server.
+ * Not own.
+ */
+ CKmdServer& iServer;
+
+ /**
+ * IKE version.
+ * Own.
+ */
+ TInt iIkeVersion;
+
+ /**
+ * VPN IAP id.
+ * Own.
+ */
+ TUint32 iVpnIapId;
+
+ /**
+ * VPN NET id.
+ * Own.
+ */
+ TUint32 iVpnNetId;
+
+ /**
+ * Real IAP id.
+ * Own.
+ */
+ TInt iRealIapId;
+
+ /**
+ * Real NET id.
+ * Own.
+ */
+ TInt iRealSnapId;
+
+ /**
+ * Informs if disconnect event has been received.
+ * Own.
+ */
+ TInt iDisconnectEventReceived;
+
+ /**
+ * Disconnection status.
+ * Own.
+ */
+ TInt iDisconnectionStatus;
+
+ /**
+ * IKE connection interface.
+ * Own.
+ */
+ CIkeConnectionInterface* iIkeConnection;
+
+ /**
+ * Disconnection observer.
+ * Own.
+ */
+ CDisconnectionObserver* iDisconnectionObserver;
+
+ /**
+ * IKE plugin session handler.
+ * Not own.
+ */
+ CIkePluginSessionHandler* iIkePluginSessionHandler;
+
+ /**
+ * Event mediator.
+ * Own.
+ */
+ REventMediator iEventMediator;
+
+ /**
+ * Client's request status for starting of negotiation.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusNegotiate;
+
+ /**
+ * Client's internal address.
+ * Not own.
+ */
+ TVPNAddress* iClientInternalAddress;
+
+ /**
+ * Client's request status for VPN connection's stopping.
+ * Not own.
+ */
+ TRequestStatus* iClientStatusStopVpnConnection;
+
+ /**
+ * Debug trace interface.
+ * Not own.
+ */
+ MIkeDebug& iDebug;
+ };
+
+#endif // C_VPNCONNECTION_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/rom/kmdserver.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project
+* Key Management Daemon
+*
+*/
+
+
+
+#ifndef __KMDSERVER_IBY__
+#define __KMDSERVER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature KMDSERVER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\kmdserver.exe PROGRAMS_DIR\kmdserver.exe
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __KMDSERVER_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/activationstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,197 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors activating
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikepolparser.h"
+#include "internaladdress.h"
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "activationstarter.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CActivationStarter* CActivationStarter::NewL( CVpnConnection& aConnection,
+ MActivationStarterCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CActivationStarter* self = new ( ELeave ) CActivationStarter( aConnection,
+ aCallback,
+ aDebug );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CActivationStarter::~CActivationStarter()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CActivationStarter::CActivationStarter( CVpnConnection& aConnection,
+ MActivationStarterCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iConnection( aConnection ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Starts asynchronous activating.
+// ---------------------------------------------------------------------------
+//
+void CActivationStarter::Activate( CIkeData& aIkeData,
+ const TDesC& aVpnIfName )
+ {
+ TUint32 vpnInterfaceIndex( 0 );
+ TInt err = GetVpnInterfaceIndex( aVpnIfName,
+ vpnInterfaceIndex );
+
+ if ( err != KErrNone )
+ {
+ TRequestStatus* status = &iStatus;
+ *status = KRequestPending;
+ SetActive();
+
+ User::RequestComplete( status, err );
+ return;
+ }
+
+ TInetAddr remoteAddr = aIkeData.iAddr;
+ iIpVersion = IkeSocket::EIPv4;
+ if ( remoteAddr.Family() == KAfInet6 &&
+ !remoteAddr.IsV4Mapped() )
+ {
+ iIpVersion = IkeSocket::EIPv6;
+ }
+ iDnsServerAddr = aIkeData.iDnsServer;
+
+ iConnection.NegotiateWithHost( aIkeData,
+ vpnInterfaceIndex,
+ iIpVersion,
+ iInternalAddress,
+ iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// Gets VPN interface index.
+// ---------------------------------------------------------------------------
+//
+TInt CActivationStarter::GetVpnInterfaceIndex( const TDesC& aVpnIfName,
+ TUint32& aVpnInterfaceIndex )
+ {
+ TInt err( KErrNone );
+ RSocketServ ss;
+ err = ss.Connect();
+
+ if ( err == KErrNone )
+ {
+ RSocket socket;
+ err = socket.Open( ss,
+ KAfInet,
+ KSockDatagram,
+ KProtocolInetIp );
+
+ if ( err == KErrNone )
+ {
+ TPckgBuf<TSoInetIfQuery> opt;
+ opt().iName = aVpnIfName;
+
+ err = socket.GetOpt( KSoInetIfQueryByName,
+ KSolInetIfQuery,
+ opt );
+ if ( err == KErrNone )
+ {
+ aVpnInterfaceIndex = opt().iZone[0]; // VPN Interface index
+ }
+ }
+ socket.Close();
+ }
+
+ ss.Close();
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous activating.
+// ---------------------------------------------------------------------------
+//
+void CActivationStarter::RunL()
+ {
+ TInt err( iStatus.Int() );
+
+ if ( err == KErrNone )
+ {
+ if ( iInternalAddress.iVPNIfAddr.IsUnspecified() )
+ {
+ TInetAddr localAddr;
+ err = iConnection.GetLocalAddress( iIpVersion, localAddr );
+
+ if ( err == KErrNone )
+ {
+ iInternalAddress.iVPNIfAddr = localAddr;
+ }
+ }
+ }
+
+ if ( err == KErrNone &&
+ iInternalAddress.iVPNIfDNS1.IsUnspecified() )
+ {
+ if ( iDnsServerAddr.Address() != KAFUnspec )
+ {
+#ifdef _DEBUG
+ TBuf<39> addrBuf;
+ iDnsServerAddr.OutputWithScope( addrBuf );
+ DEBUG_LOG1(_L("DNS Server Address in IKE data %S"), &addrBuf);
+#endif //_DEBUG
+ iInternalAddress.iVPNIfDNS1 = iDnsServerAddr;
+ }
+ else
+ {
+ DEBUG_LOG(_L("DNS server not defined in policy"));
+ }
+ }
+
+ iCallback.ActivationCompleted( err, iInternalAddress );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous activating.
+// ---------------------------------------------------------------------------
+//
+void CActivationStarter::DoCancel()
+ {
+ iConnection.CancelNegotiateWithHost();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/connectionstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,102 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors the real connection starting
+*
+*/
+
+
+// INTERNAL HEADERS
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "connectionstarter.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStarter* CConnectionStarter::NewL( CVpnConnection& aConnection,
+ MConnectionStarterCallback& aCallback )
+ {
+ CConnectionStarter* self = new ( ELeave ) CConnectionStarter( aConnection,
+ aCallback );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStarter::~CConnectionStarter()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStarter::CConnectionStarter( CVpnConnection& aConnection,
+ MConnectionStarterCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iConnection( aConnection ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Starts connection asynchronously.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStarter::StartRealConnection()
+ {
+ iConnection.StartRealConnection( iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous connection starting.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStarter::RunL()
+ {
+ TInt realIapId = 0;
+ TInt realNetworkId = 0;
+
+ if ( iStatus.Int() == KErrNone )
+ {
+ realIapId = iConnection.RealIapId();
+ realNetworkId = iConnection.RealNetId();
+ }
+
+ iCallback.RealConnectionStarted( iStatus.Int(),
+ realIapId,
+ realNetworkId );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous connection starting.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStarter::DoCancel()
+ {
+ iConnection.CancelStartRealConnection();
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/connectionstopper.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors stopping of connection
+*
+*/
+
+
+// INTERNAL INCLUDES
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "connectionstopper.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStopper* CConnectionStopper::NewL( CVpnConnection& aVpnConnection,
+ MConnectionStopperCallback& aCallback )
+ {
+ CConnectionStopper* self = new ( ELeave ) CConnectionStopper( aVpnConnection,
+ aCallback );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStopper::~CConnectionStopper()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CConnectionStopper::CConnectionStopper( CVpnConnection& aVpnConnection,
+ MConnectionStopperCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iVpnConnection( aVpnConnection ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Stops VPN connection asynchronously.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStopper::StopVpnConnection( TBool aSilentClose )
+ {
+ iVpnConnection.StopVpnConnection( aSilentClose, iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous connection stopping.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStopper::RunL()
+ {
+ iCallback.VpnConnectionStopped( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous connection stopping.
+// ---------------------------------------------------------------------------
+//
+void CConnectionStopper::DoCancel()
+ {
+ iVpnConnection.CancelStopVpnConnection();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/disconnectionobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,91 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors link disconnection
+*
+*/
+
+
+// INTERNAL HEADERS
+#include "ikeconnectioninterface.h"
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "disconnectionobserver.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CDisconnectionObserver* CDisconnectionObserver::NewL( CIkeConnectionInterface& aIkeConnectionInterface,
+ MDisconnectionObserverCallback& aCallback )
+ {
+ CDisconnectionObserver* self = new (ELeave) CDisconnectionObserver( aIkeConnectionInterface,
+ aCallback );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CDisconnectionObserver::~CDisconnectionObserver()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CDisconnectionObserver::CDisconnectionObserver( CIkeConnectionInterface& aIkeConnectionInterface,
+ MDisconnectionObserverCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iIkeConnectionInterface( aIkeConnectionInterface ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Requests asynchronous link disconnection notification.
+// ---------------------------------------------------------------------------
+//
+void CDisconnectionObserver::StartObserving()
+ {
+ iIkeConnectionInterface.NotifyDisconnect( iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CDisconnectionObserver::RunL()
+ {
+ iCallback.DisconnectIndication( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CDisconnectionObserver::DoCancel()
+ {
+ iIkeConnectionInterface.CancelNotifyDisconnect();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/errorobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,107 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors IKE plugin session error
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikepluginsessionif.h"
+#include "ikepluginsessionhandler.h"
+
+// CLASS HEADER
+#include "errorobserver.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CErrorObserver* CErrorObserver::NewL( MIkePluginSessionIf& aIkePluginSession,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CErrorObserver* self = new (ELeave) CErrorObserver( aIkePluginSession,
+ aCallback,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CErrorObserver::~CErrorObserver()
+ {
+ Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CErrorObserver::CErrorObserver( MIkePluginSessionIf& aIkePluginSession,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iIkePluginSession( aIkePluginSession ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+void CErrorObserver::ConstructL()
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Requests asynchronous error notification.
+// ---------------------------------------------------------------------------
+//
+void CErrorObserver::StartObserving()
+ {
+ iIkePluginSession.NotifyError( iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CErrorObserver::RunL()
+ {
+ DEBUG_LOG1(_L("IKE plugin session error=%d"), iStatus.Int());
+ iCallback.IkePluginSessionError( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CErrorObserver::DoCancel()
+ {
+ iIkePluginSession.CancelNotifyError();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/fqdnresolver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,97 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors the completion of FQDN resolve.
+*
+*/
+
+
+// INTERNAL INCLUDES
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "fqdnresolver.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CFqdnResolver* CFqdnResolver::NewL( CVpnConnection& aConnection,
+ MFqdnResolverCallback& aCallback )
+ {
+ CFqdnResolver* self = new (ELeave) CFqdnResolver( aConnection, aCallback );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CFqdnResolver::~CFqdnResolver()
+ {
+ Cancel();
+
+ __ASSERT_DEBUG( iFqdn == NULL, User::Invariant() );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CFqdnResolver::CFqdnResolver( CVpnConnection& aConnection,
+ MFqdnResolverCallback& aCallback )
+ : CActive( EPriorityStandard ),
+ iConnection( aConnection ),
+ iCallback( aCallback )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Resolves an IP address from FQDN address asynchronously.
+// ---------------------------------------------------------------------------
+//
+void CFqdnResolver::ResolveAddress( HBufC* aFqdn )
+ {
+ iFqdn = aFqdn;
+ iConnection.ResolveAddress( *iFqdn, iNameEntry, iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CFqdnResolver::RunL()
+ {
+ delete iFqdn;
+ iFqdn = NULL;
+
+ iCallback.AddressResolveCompleted( iStatus.Int(), iNameEntry );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Cancels FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CFqdnResolver::DoCancel()
+ {
+ iConnection.CancelResolveAddress();
+
+ delete iFqdn;
+ iFqdn = NULL;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/iachangeobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,139 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: active object, that monitors internal address change
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikepluginsessionif.h"
+#include "internaladdress.h"
+#include "eventmediatorapi.h"
+
+// CLASS HEADER
+#include "iachangeobserver.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIaChangeObserver* CIaChangeObserver::NewL( TUint32 aVpnIapId,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionIf& aIkePluginSession,
+ MIkeDebug& aDebug )
+ {
+ CIaChangeObserver* self = new (ELeave) CIaChangeObserver( aVpnIapId,
+ aDnsServerAddr,
+ aIkePluginSession,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIaChangeObserver::~CIaChangeObserver()
+ {
+ Cancel();
+ iEventMediator.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIaChangeObserver::CIaChangeObserver( TUint32 aVpnIapId,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionIf& aIkePluginSession,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iVpnIapId( aVpnIapId ),
+ iDnsServerAddr( aDnsServerAddr ),
+ iIkePluginSession( aIkePluginSession ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+void CIaChangeObserver::ConstructL()
+ {
+ User::LeaveIfError( iEventMediator.Connect() );
+ }
+
+// ---------------------------------------------------------------------------
+// Requests asynchronous internal address change notification.
+// ---------------------------------------------------------------------------
+//
+void CIaChangeObserver::StartObserving()
+ {
+ iIkePluginSession.NotifyInternalAddressChanged( iInternalAddress,
+ iStatus );
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CIaChangeObserver::RunL()
+ {
+ __ASSERT_DEBUG( iStatus.Int() == KErrNone ||
+ iStatus.Int() == KErrCancel,
+ User::Invariant() );
+
+ if ( iStatus.Int() == KErrNone )
+ {
+ // VPN NET id is not needed in reporting internal address change.
+ TConnectionInfo connectionInfo( iVpnIapId, 0 );
+ TConnectionInfoBuf pckgConnectionInfo( connectionInfo );
+
+ TVPNAddressPckg pckgVpnAddress( iInternalAddress );
+ TInt err = iEventMediator.ReportEvent( EKmdAddressChangeEvent,
+ pckgConnectionInfo,
+ pckgVpnAddress );
+ err = err;
+
+#ifdef _DEBUG
+ TBuf<80> txt_addr;
+ iInternalAddress.iVPNIfAddr.OutputWithScope(txt_addr);
+ DEBUG_LOG3(_L("Internal address changed to %S, VPN IAP id=%d, err=%d"),
+ &txt_addr, iVpnIapId, err );
+#endif
+
+ StartObserving();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous notification request.
+// ---------------------------------------------------------------------------
+//
+void CIaChangeObserver::DoCancel()
+ {
+ iIkePluginSession.CancelNotifyInternalAddressChanged();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/ikepcaptrace.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,417 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class that logs ike messages in pcap format
+*
+*/
+
+#include <bautils.h>
+#include <in_sock.h>
+
+#include "ikepcaptrace.h"
+
+_LIT(KLogDirectoryFormat, "c:\\logs\\%S\\");
+_LIT(KTraceFileName, "ikemsg.pcap");
+
+static const TUint KIpAndUdpHeaderLength = 28;
+static const TUint KFixedHdrLength = 28;
+static const TUint KNonEspMarkerLength = 4;
+static const TInt KNatPort = 4500;
+
+_LIT(KUnixTimeZeroDes, "19700101:000000.000000");
+static const TTime KUnixTimeZero(KUnixTimeZeroDes);
+
+#define SWAP_BYTE_ORDER32(a) ((a) >> 24) | ((a) >> 8 & 0xff00) |((a) << 8 & 0xff0000) | ((a) << 24);
+#define SWAP_BYTE_ORDER16(a) ((a) >> 8 | (a) << 8)
+
+CIkePcapTrace* CIkePcapTrace::NewL(const TDesC& aLogFolder)
+ {
+ CIkePcapTrace* self = new (ELeave) CIkePcapTrace();
+ CleanupStack::PushL(self);
+ self->ConstructL(aLogFolder);
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CIkePcapTrace::CIkePcapTrace()
+ {
+ }
+
+
+void CIkePcapTrace::ConstructL(const TDesC& aLogFolder)
+ {
+ User::LeaveIfError(iFileServer.Connect());
+
+ TFileName* traceFileName = new (ELeave) TFileName;
+ CleanupDeletePushL(traceFileName);
+ traceFileName->Format(KLogDirectoryFormat, &aLogFolder);
+
+ if (BaflUtils::FolderExists(iFileServer, *traceFileName))
+ {
+ traceFileName->Append(KTraceFileName);
+
+ if (BaflUtils::FileExists(iFileServer, *traceFileName))
+ {
+ TInt position = 0;
+ User::LeaveIfError(iPcapFile.Open(iFileServer, *traceFileName, EFileWrite));
+ User::LeaveIfError(iPcapFile.Seek(ESeekEnd, position));
+ }
+ else
+ {
+ User::LeaveIfError(iPcapFile.Create(iFileServer, *traceFileName, EFileWrite));
+ TInt err = WritePcapHeader();
+ if (err != KErrNone)
+ {
+ iPcapFile.Close();
+ User::LeaveIfError(iFileServer.Delete(*traceFileName));
+ User::Leave(err);
+ }
+ }
+ iWriteTrace = ETrue;
+ }
+ else
+ {
+ iWriteTrace = EFalse;
+ }
+ CleanupStack::PopAndDestroy(traceFileName);
+ }
+
+
+CIkePcapTrace::~CIkePcapTrace()
+ {
+ iPcapFile.Close();
+ iFileServer.Close();
+ }
+
+void CIkePcapTrace::TraceMessage(const TDesC8& aMessage,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ TEncryptionType aEncryptionType)
+ {
+ if (iWriteTrace)
+ {
+ HBufC8* msgCopy = aMessage.Alloc();
+ if (msgCopy != NULL)
+ {
+ TPtr8 msgCopyPtr = msgCopy->Des();
+ DoTraceMessage(msgCopyPtr, aSourceAddress, aDestinationAddress,
+ aEncryptionType);
+ }
+ delete msgCopy;
+ msgCopy = NULL;
+ }
+ }
+
+
+
+void CIkePcapTrace::DoTraceMessage(TPtr8& aMsgCopy,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ TEncryptionType aEncryptionType)
+ {
+
+ if ((aSourceAddress.Family() == KAfInet ||
+ aSourceAddress.IsV4Compat() ||
+ aSourceAddress.IsV4Mapped()) &&
+ (aDestinationAddress.Family() == KAfInet ||
+ aDestinationAddress.IsV4Compat() ||
+ aDestinationAddress.IsV4Mapped()))
+ {
+ TInt length = aMsgCopy.Length();
+ if (aSourceAddress.Port() == KNatPort)
+ {
+ length+=KNonEspMarkerLength;
+ }
+ WriteRecordHeader(length);
+ WriteIpAndUdpHeader(aMsgCopy, aSourceAddress, aDestinationAddress);
+ if ( aSourceAddress.Port() == KNatPort )
+ {
+ WriteNonEspMarker();
+ }
+ WriteIkeMessage(aMsgCopy, aEncryptionType);
+ iPcapFile.Flush();
+ }
+ }
+
+
+TInt CIkePcapTrace::WriteRecordHeader(TUint32 aIkeMsgLength)
+ {
+ static const TUint KRecordHeaderLength = 4;
+ TUint32 recordHeader[KRecordHeaderLength];
+
+ TUint32 currentSeconds = 0;
+ TTime currentTime;
+ currentTime.HomeTime();
+
+ TTimeIntervalSeconds secondsFrom;
+ if (currentTime.SecondsFrom(KUnixTimeZero, secondsFrom) == KErrNone)
+ {
+ currentSeconds = secondsFrom.Int();
+ }
+
+ TUint32 microseconds = currentTime.DateTime().MicroSecond();
+
+ recordHeader[0] = currentSeconds;
+ recordHeader[1] = microseconds;
+ recordHeader[2] = aIkeMsgLength + KIpAndUdpHeaderLength;
+ recordHeader[3] = aIkeMsgLength + KIpAndUdpHeaderLength;
+
+ TPtrC8 recordHdrPtr((TUint8*)recordHeader, KRecordHeaderLength * sizeof(TUint32));
+ return iPcapFile.Write(recordHdrPtr);
+ }
+
+TInt CIkePcapTrace::WriteIpAndUdpHeader(const TDesC8& aMessage,
+ TInetAddr aSourceAddress,
+ TInetAddr aDestinationAddress)
+ {
+ static const TUint KIpHeaderLength = 20;
+ static const TUint KUdpHeaderLength = KIpAndUdpHeaderLength - KIpHeaderLength;
+
+ //Generate IP header
+ aSourceAddress.ConvertToV4();
+ aDestinationAddress.ConvertToV4();
+
+ TUint32 source = SWAP_BYTE_ORDER32(aSourceAddress.Address());
+ TUint32 destination = SWAP_BYTE_ORDER32(aDestinationAddress.Address());
+
+ TUint8 ipAndUdpHeader[] = { 0x45, 0x00, 0x13, 0x88,
+ 0x00, 0x28, 0x00, 0x00,
+ 0xfe, 0x11, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, //source IP address
+ 0x00, 0x00, 0x00, 0x00, //destination IP address
+ 0x00, 0x00, 0x00, 0x00, //udp header
+ 0x00, 0x00, 0x00, 0x00};
+
+ Mem::Copy(ipAndUdpHeader + 12, &source, sizeof(source)); //copies the source address to header
+ Mem::Copy(ipAndUdpHeader + 16, &destination, sizeof(destination)); //copies the source address to header
+
+
+ //Generate UDP header
+ TUint16 sourcePort = aSourceAddress.Port();
+ TUint16 destinationPort = aDestinationAddress.Port();
+ TUint16 udpDatagramLength = KUdpHeaderLength + aMessage.Length();
+ if ( sourcePort == KNatPort )
+ {
+ udpDatagramLength += KNonEspMarkerLength;
+ }
+ sourcePort = SWAP_BYTE_ORDER16(sourcePort);
+ destinationPort = SWAP_BYTE_ORDER16(destinationPort);
+ udpDatagramLength = SWAP_BYTE_ORDER16(udpDatagramLength);
+
+ TUint8* udpHeader = ipAndUdpHeader + KIpHeaderLength;
+ Mem::Copy(udpHeader, &sourcePort, sizeof(sourcePort));
+ Mem::Copy(udpHeader + 2, &destinationPort, sizeof(destinationPort));
+ Mem::Copy(udpHeader + 4, &udpDatagramLength, sizeof(udpDatagramLength));
+
+ TPtrC8 headerPtr(ipAndUdpHeader, KIpAndUdpHeaderLength);
+ return iPcapFile.Write(headerPtr);
+ }
+
+TInt CIkePcapTrace::WriteNonEspMarker()
+ {
+ TUint8 nonEspMarker[] = { 0x00, 0x00, 0x00, 0x00 };
+
+ TPtrC8 ptr(nonEspMarker, KNonEspMarkerLength);
+ return iPcapFile.Write(ptr);
+ }
+
+TInt CIkePcapTrace::WriteIkeMessage(TPtr8& aMsgCopy, TEncryptionType aEncryptionType)
+ {
+ const TInt KVersionPosition = 17;
+
+ TInt err = KErrNone;
+ if (aMsgCopy.Length() < KFixedHdrLength)
+ {
+ //This is a bit too short for an IKE packet.
+ //Just write the packet to log anyway. It might give some info to someone.
+ err = iPcapFile.Write(aMsgCopy);
+ }
+ else
+ {
+ //Version check:
+ if (aMsgCopy[KVersionPosition] == 0x10)
+ {
+ err = WriteIkeV1Message(aMsgCopy);
+ }
+ else
+ {
+ err = WriteIkeV2Message(aMsgCopy, aEncryptionType);
+ }
+ }
+
+ return err;
+ }
+
+
+TInt CIkePcapTrace::WriteIkeV1Message(TPtr8& aMsgCopy)
+ {
+ //This should already be checked by the caller.
+ __ASSERT_DEBUG(aMsgCopy.Length() >= KFixedHdrLength, User::Invariant());
+
+ const TUint KEncryptionBitPosition = 19;
+ const TUint KFirstNextPayloadPosition = 16;
+ const TUint KFixedPayloadHdrLength = 4;
+
+ const TUint8 KPayloadNone = 0x00;
+ const TUint8 KPayloadHash = 0x08;
+ const TUint8 KPayloadSignature = 0x09;
+ const TUint8 KPayloadReservedRangeStart = 0x0E;
+
+ aMsgCopy[KEncryptionBitPosition] = aMsgCopy[KEncryptionBitPosition] & 0xFE;
+
+ TUint8 nextPayloadId = aMsgCopy[KFirstNextPayloadPosition];
+ TPtr8 msgEnd(aMsgCopy.MidTPtr(KFixedHdrLength));
+
+ while(nextPayloadId != KPayloadNone &&
+ msgEnd.Length() > KFixedPayloadHdrLength)
+ {
+ //Read the lenght of the payload
+ TUint16 payloadLength = ((TUint16)msgEnd[2]) << 8 | msgEnd[3];
+
+ if (nextPayloadId == KPayloadHash ||
+ nextPayloadId == KPayloadSignature ||
+ nextPayloadId >= KPayloadReservedRangeStart)
+ {
+ if(msgEnd.Length() >= payloadLength &&
+ payloadLength >= KFixedPayloadHdrLength )
+ {
+ // Zero out payload data.
+ TUint16 dataLength = payloadLength - KFixedPayloadHdrLength;
+ TPtr8 payloadData = msgEnd.MidTPtr(KFixedPayloadHdrLength, dataLength);
+ payloadData.FillZ();
+ }
+ else
+ {
+ //There seems to be something wrong with the packet.
+ //Zero out the rest of the packet and write it to the log.
+ msgEnd.FillZ();
+ msgEnd[0] = KPayloadNone;
+ }
+ }
+
+ nextPayloadId = msgEnd[0];
+ if (nextPayloadId != KPayloadNone &&
+ msgEnd.Length() >= payloadLength)
+ {
+ msgEnd.Set(msgEnd.MidTPtr(payloadLength));
+ }
+ else
+ {
+ msgEnd.Set(msgEnd.MidTPtr(msgEnd.Length()));
+ }
+ }
+
+ return iPcapFile.Write(aMsgCopy);
+ }
+
+
+TInt CIkePcapTrace::WriteIkeV2Message(TPtr8& aMsgCopy, TEncryptionType aEncryptionType)
+ {
+ //This should already be checked by the caller.
+ __ASSERT_DEBUG(aMsgCopy.Length() >= KFixedHdrLength, User::Invariant());
+
+ const TUint KFirstNextPayloadPosition = 16;
+ const TUint KFixedPayloadHdrLength = 4;
+
+ const TUint8 KPayloadNone = 0x00;
+ const TUint8 KEncryptedPayload = 0x2e;
+ const TUint8 KAuthPayload = 0x27;
+ const TUint8 KEapPayload = 0x30;
+
+ TUint8 nextPayloadId = aMsgCopy[KFirstNextPayloadPosition];
+ TPtr8 msgEnd(aMsgCopy.MidTPtr(KFixedHdrLength));
+ while(nextPayloadId != KPayloadNone &&
+ msgEnd.Length() > KFixedPayloadHdrLength)
+ {
+ //Read the lenght of the payload
+ TUint16 payloadLength = ((TUint16)msgEnd[2]) << 8 | msgEnd[3];
+
+ switch(nextPayloadId)
+ {
+ case KEncryptedPayload:
+ //change the encrypted payload length to match
+ //the initialization vector length.
+ msgEnd[2] = 0x00;
+ switch(aEncryptionType)
+ {
+ case EEncrDes: //falls through
+ case EEncrDes3:
+ msgEnd[3] = 0x0c;
+ break;
+ case EEncrAesCbc:
+ msgEnd[3] = 0x14;
+ break;
+ }
+ payloadLength = msgEnd[3];
+ break;
+ case KAuthPayload:
+ {
+ const TUint8 KAuthPayloadHdrLength = 8;
+ if (payloadLength > KAuthPayloadHdrLength &&
+ msgEnd.Length() >= payloadLength)
+ {
+ // Zero out payload data.
+ TPtr8 authData = msgEnd.MidTPtr(KAuthPayloadHdrLength,
+ payloadLength - KAuthPayloadHdrLength);
+ authData.FillZ();
+ }
+ }
+ break;
+ case KEapPayload:
+ {
+ const TUint8 KTotalFixEapHdrLength = 9;
+ if (payloadLength > KTotalFixEapHdrLength &&
+ msgEnd.Length() >= payloadLength)
+ {
+ // Zero out payload data.
+ TPtr8 eapTypeData = msgEnd.MidTPtr(KTotalFixEapHdrLength,
+ payloadLength - KTotalFixEapHdrLength);
+ eapTypeData.FillZ();
+ }
+ }
+ break;
+ }
+ nextPayloadId = msgEnd[0];
+ if (nextPayloadId != KPayloadNone &&
+ msgEnd.Length() >= payloadLength)
+ {
+ msgEnd.Set(msgEnd.MidTPtr(payloadLength));
+ }
+ else
+ {
+ msgEnd.Set(msgEnd.MidTPtr(msgEnd.Length()));
+ }
+ }
+
+ return iPcapFile.Write(aMsgCopy);
+ }
+
+
+TInt CIkePcapTrace::WritePcapHeader()
+ {
+ static const TUint KPcapHeaderLength = 24;
+ TUint8 pCapHeader[] = { 0xd4, 0xc3, 0xb2, 0xa1, // magic number
+ 0x02, 0x00, 0x04, 0x00, //major, minor version
+ 0x00, 0x00, 0x00, 0x00, //time offset
+ 0x00, 0x00, 0x00, 0x00, // accuracy of timestamps
+ 0xff, 0xff, 0x00, 0x00, // max length of captured packets, in octets
+ 0x0c, 0x00, 0x00, 0x00, // data link type
+ };
+
+ TPtrC8 pCapHeaderPtr(pCapHeader, KPcapHeaderLength);
+ return iPcapFile.Write(pCapHeaderPtr);
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/ikepluginhandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,218 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handler of an IKE protocol plugin
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikeplugindefs.h"
+#include "ikepluginif.h"
+#include "ikepluginsessionhandler.h"
+#include "kmdeventloggerif.h"
+
+// CLASS HEADER
+#include "ikepluginhandler.h"
+
+_LIT( KIkePluginPaths, "" ); // No additional paths.
+_LIT( KIkeV1Library, "ikev1lib" );
+_LIT( KIkeV2Library, "ikev2lib" );
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginHandler* CIkePluginHandler::NewL( TInt aIkeVersion,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CIkePluginHandler* self = new ( ELeave ) CIkePluginHandler( aIkeVersion,
+ aEventLogger,
+ aDebug );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginHandler::~CIkePluginHandler()
+ {
+ __ASSERT_DEBUG( iIkePluginSessions.Count() == 0,
+ User::Invariant() );
+ iIkePluginSessions.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginHandler::CIkePluginHandler( TInt aIkeVersion,
+ MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ : iIkeVersion( aIkeVersion ),
+ iEventLogger( aEventLogger ),
+ iDebug( aDebug )
+ {
+ __ASSERT_DEBUG( ( iIkeVersion == KIkeV1 ||
+ iIkeVersion == KIkeV2 ),
+ User::Invariant() );
+ }
+
+// ---------------------------------------------------------------------------
+// Creates IKE plugin session.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler& CIkePluginHandler::CreateIkePluginSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServer,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginSessionHandlerCallback& aCallback )
+ {
+ CIkePluginSessionHandler* sessionHandler = NULL;
+ TRAPD( err, sessionHandler = &DoCreateIkePluginSessionL( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ aIpVersion,
+ aDnsServer,
+ aConnection,
+ aCallback ) );
+
+ if ( err != KErrNone )
+ {
+ DeleteIkePluginSession( aVpnIapId );
+ User::Leave( err );
+ }
+
+ return *sessionHandler;
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes IKE plugin session. IKE plugin is unloaded if there are no more
+// sessions.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginHandler::DeleteIkePluginSession( TUint32 aVpnIapId )
+ {
+ TInt count = iIkePluginSessions.Count();
+
+ for ( TInt i=0; i<count; i++ )
+ {
+ if ( iIkePluginSessions[i]->VpnIapId() == aVpnIapId )
+ {
+ CIkePluginSessionHandler* sessionHandler = iIkePluginSessions[i];
+ iIkePluginSessions.Remove( i );
+ delete sessionHandler;
+ sessionHandler = NULL;
+ break;
+ }
+ }
+
+ if ( iIkePluginSessions.Count() == 0 )
+ {
+ UnloadIkePlugin();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Creates IKE plugin session. IKE plugin is loaded if not yet loaded.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler& CIkePluginHandler::DoCreateIkePluginSessionL( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServerAddr,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginSessionHandlerCallback& aCallback )
+ {
+ if ( iIkePluginSessions.Count() == 0 )
+ {
+ LoadIkePluginL();
+ }
+
+ CIkePluginSessionHandler* sessionHandler = CIkePluginSessionHandler::NewLC( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ IkeSocket::TIkeMajorVersion(iIkeVersion),
+ aIpVersion,
+ aDnsServerAddr,
+ aConnection,
+ *iIkePlugin,
+ aCallback,
+ iDebug );
+ iIkePluginSessions.AppendL( sessionHandler );
+ CleanupStack::Pop( sessionHandler );
+
+ return *sessionHandler;
+ }
+
+// ---------------------------------------------------------------------------
+// Loads IKE plugin.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginHandler::LoadIkePluginL()
+ {
+ TInt status( KErrNone );
+
+ switch( iIkeVersion )
+ {
+ case KIkeV1:
+ {
+ TUidType uidType( KIkePluginUid1, KIkePluginUid2, KIkeV1PluginUid3 );
+ status = iLibrary.Load( KIkeV1Library, KIkePluginPaths, uidType );
+ break;
+ }
+ case KIkeV2:
+ {
+ TUidType uidType( KIkePluginUid1, KIkePluginUid2, KIkeV2PluginUid3 );
+ status = iLibrary.Load( KIkeV2Library, KIkePluginPaths, uidType );
+ break;
+ }
+ default:
+ {
+ status = KErrNotSupported;
+ break;
+ }
+ }
+
+ DEBUG_LOG2( _L("Loading IKE plugin library, IKE version=%d, status=%d"), iIkeVersion, status );
+ User::LeaveIfError( status );
+
+ CreateIkePluginL factoryMethodL = reinterpret_cast<CreateIkePluginL>( iLibrary.Lookup(1) );
+ TRAPD( err, ( iIkePlugin = factoryMethodL( iEventLogger, iDebug ) ) );
+ if ( err != KErrNone )
+ {
+ DEBUG_LOG1( _L("Could not create IKE plugin, err=%d"), err );
+ UnloadIkePlugin();
+ User::Leave( err );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Unloads IKE plugin.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginHandler::UnloadIkePlugin()
+ {
+ DEBUG_LOG1( _L("Unloading IKE Plugin library, IKE version=%d"), iIkeVersion );
+ delete iIkePlugin;
+ iIkePlugin = NULL;
+ iLibrary.Close();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/ikepluginsessionhandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,287 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handler of an IKE protocol plugin session
+*
+*/
+
+
+#include <in_sock.h>
+
+#include "errorobserver.h"
+#include "iachangeobserver.h"
+#include "ikeconnectioninterface.h"
+#include "ikedebug.h"
+#include "ikepluginif.h"
+#include "ikepluginsessionif.h"
+#include "ikesocketdefs.h"
+#include "internaladdress.h"
+
+// CLASS HEADER
+#include "ikepluginsessionhandler.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler* CIkePluginSessionHandler::NewLC( TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIkeMajorVersion aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ const TInetAddr& aDnsServerAddr,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginIf& aIkePlugin,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug )
+ {
+ CIkePluginSessionHandler* self = new (ELeave) CIkePluginSessionHandler( aVpnIapId,
+ aIkeVersion,
+ aIpVersion,
+ aCallback,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL( aVpnNetId,
+ aVpnInterfaceIndex,
+ aDnsServerAddr,
+ aConnection,
+ aIkePlugin );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler::~CIkePluginSessionHandler()
+ {
+ Cancel();
+
+ delete iErrorObserver;
+ delete iIaChangeObserver;
+ delete iIkePluginSession;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler::CIkePluginSessionHandler( TUint32 aVpnIapId,
+ IkeSocket::TIkeMajorVersion aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ MIkePluginSessionHandlerCallback& aCallback,
+ MIkeDebug& aDebug )
+ : CActive( EPriorityStandard ),
+ iVpnIapId( aVpnIapId ),
+ iIkeVersion( aIkeVersion ),
+ iIpVersion( aIpVersion ),
+ iCallback( aCallback ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::ConstructL( TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ const TInetAddr& aDnsServerAddr,
+ CIkeConnectionInterface& aConnection,
+ MIkePluginIf& aIkePlugin )
+ {
+ if ( iIkeDataInterface == NULL )
+ {
+ iIkeDataInterface = &aConnection.OpenDataInterfaceL( iIkeVersion,
+ iIpVersion );
+ }
+
+ iIkePluginSession = aIkePlugin.CreateSessionL( iVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ *iIkeDataInterface );
+
+ iErrorObserver = CErrorObserver::NewL( *iIkePluginSession,
+ iCallback,
+ iDebug );
+
+ iIaChangeObserver = CIaChangeObserver::NewL( iVpnIapId,
+ aDnsServerAddr,
+ *iIkePluginSession,
+ iDebug );
+
+ DEBUG_LOG(_L("IKE plugin session created."));
+ }
+
+// ---------------------------------------------------------------------------
+// Starts negotiation with a remote host asynchronously.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::NegotiateWithHost( const CIkeData& aIkeData )
+ {
+ __ASSERT_DEBUG( iState == EIdle,
+ User::Invariant() );
+ iIkePluginSession->NegotiateWithHost( aIkeData,
+ iInternalAddress,
+ iStatus );
+ SetActive();
+ iState = ENegotiatingWithHost;
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels negotiation request.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::CancelNegotiateWithHost()
+ {
+ if ( iState == ENegotiatingWithHost &&
+ IsActive() )
+ {
+ Cancel();
+ TVPNAddress empty;
+ iCallback.NegotiationStarted( KErrCancel,
+ empty );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes session.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::DeleteSession( TBool aSilentClose )
+ {
+ iErrorObserver->Cancel();
+ iIaChangeObserver->Cancel();
+
+ if ( iState == ENegotiated )
+ {
+ // Delete session asynchronously.
+ iIkePluginSession->DeleteSession( aSilentClose, iStatus );
+ SetActive();
+ iState = EDeletingSession;
+ }
+ else if ( iState == EDeletingSession )
+ {
+ // Session deletion is already in progress. Cancelling it deletes
+ // session silently.
+ CancelDeleteSession();
+ }
+ else if ( iState == EIdle )
+ {
+ // Session deletion can be requested, if negotiate request has failed.
+ // In this case, it is enough to complete request.
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+
+ User::RequestComplete( ownStatus, KErrNone );
+ }
+ else
+ {
+ ASSERT( EFalse );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels session deletion request.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::CancelDeleteSession()
+ {
+ if ( IsActive() )
+ {
+ Cancel();
+ iCallback.IkePluginSessionClosed( KErrCancel );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Returns VPN IAP Id.
+// ---------------------------------------------------------------------------
+//
+TInt CIkePluginSessionHandler::VpnIapId() const
+ {
+ return iVpnIapId;
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous request.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::RunL()
+ {
+ DEBUG_LOG2( _L("CIkePluginSessionHandler::RunL, iState=%d, iStatus=%d"),
+ iState, iStatus.Int() );
+
+ switch ( iState )
+ {
+ case ENegotiatingWithHost:
+ if ( iStatus.Int() == KErrNone )
+ {
+ iErrorObserver->StartObserving();
+ iIaChangeObserver->StartObserving();
+ iState = ENegotiated;
+ }
+ else
+ {
+ iState = EIdle;
+ }
+ // Ownership of internal address transferred.
+ iCallback.NegotiationStarted( iStatus.Int(),
+ iInternalAddress );
+ break;
+ case EDeletingSession: // Fall through
+ case EIdle:
+ iState = EIdle;
+ iCallback.IkePluginSessionClosed( iStatus.Int() );
+ break;
+ default:
+ ASSERT( EFalse );
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous request.
+// ---------------------------------------------------------------------------
+//
+void CIkePluginSessionHandler::DoCancel()
+ {
+ DEBUG_LOG1( _L("CIkePluginSessionHandler::DoCancel, iState=%d"),
+ iState );
+
+ switch ( iState )
+ {
+ case ENegotiatingWithHost:
+ iIkePluginSession->CancelNegotiateWithHost();
+ iInternalAddress = TVPNAddress();
+ // Session deletion is needed later, if negotiate request has
+ // already been completed from IKE plugin session.
+ iState = ENegotiated;
+ break;
+ case EDeletingSession:
+ iIkePluginSession->CancelDeleteSession();
+ iState = EIdle;
+ break;
+ case EIdle:
+ break;
+ default:
+ ASSERT( EFalse );
+ break;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/kmddebuglogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,217 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Write logs in debug builds
+*
+*/
+
+
+// CLASS HEADER
+#include "kmddebuglogger.h"
+
+#if defined(_DEBUG)
+_LIT(KLogFolder,"vpn");
+_LIT(KLogFile,"kmd.txt");
+#endif
+
+// ======== MEMBER FUNCTIONS ========
+
+#ifndef _DEBUG
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdDebugLogger* CKmdDebugLogger::NewL()
+ {
+ CKmdDebugLogger* self = new ( ELeave ) CKmdDebugLogger;
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CKmdDebugLogger::~CKmdDebugLogger()
+ {
+ }
+
+#else
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdDebugLogger* CKmdDebugLogger::NewL()
+ {
+ CKmdDebugLogger* self = new ( ELeave ) CKmdDebugLogger;
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CKmdDebugLogger::~CKmdDebugLogger()
+ {
+ delete iIkePcapTrace;
+ iFileLogger.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::ConstructL()
+ {
+ User::LeaveIfError( iFileLogger.Connect() );
+ iFileLogger.SetDateAndTime( ETrue, ETrue );
+ iFileLogger.CreateLog( KLogFolder, KLogFile, EFileLoggingModeAppend );
+
+ iIkePcapTrace = CIkePcapTrace::NewL(KLogFolder);
+ }
+
+// ---------------------------------------------------------------------------
+// Writes to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWrite( const TDesC& aText )
+ {
+ const TInt KMaxLineWidth( 100 );
+ const TInt textLength( aText.Length() );
+ TInt charsLeft( textLength );
+
+ while ( charsLeft )
+ {
+ if ( charsLeft >= KMaxLineWidth )
+ {
+ // Write next KMaxLineWidth chars.
+ iFileLogger.Write( aText.Mid( textLength-charsLeft, KMaxLineWidth ) );
+ charsLeft -= KMaxLineWidth;
+ }
+ else
+ {
+ // Write remaining chars (<KMaxLineWidth chars).
+ iFileLogger.Write( aText.Mid( textLength-charsLeft, charsLeft ) );
+ charsLeft = 0;
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Writes to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWrite( const TDesC8& aText )
+ {
+ const TInt KMaxLineWidth( 100 );
+ const TInt textLength( aText.Length() );
+ TInt charsLeft( textLength );
+
+ while ( charsLeft )
+ {
+ if ( charsLeft >= KMaxLineWidth )
+ {
+ // Write next KMaxLineWidth chars.
+ iFileLogger.Write( aText.Mid( textLength-charsLeft, KMaxLineWidth ) );
+ charsLeft -= KMaxLineWidth;
+ }
+ else
+ {
+ // Write remaining chars (<KMaxLineWidth chars).
+ iFileLogger.Write( aText.Mid( textLength-charsLeft, charsLeft ) );
+ charsLeft = 0;
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Writes to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWriteF( TRefByValue<const TDesC> aFmt, ... )
+ {
+ VA_LIST list;
+ VA_START( list, aFmt );
+
+ iFileLogger.WriteFormat( aFmt, list );
+ }
+
+// ---------------------------------------------------------------------------
+// Writes to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWriteF( TRefByValue<const TDesC8> aFmt, ... )
+ {
+ VA_LIST list;
+ VA_START( list,aFmt );
+
+ iFileLogger.WriteFormat( aFmt, list );
+ }
+
+// ---------------------------------------------------------------------------
+// Writes array to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWriteArray( const TUint8* aArray, TInt aLength )
+ {
+ ASSERT(aArray);
+ HBufC *buf = HBufC::New( aLength*4+1 ); // max 3 num and a blank (+1 for /n)
+ if ( !buf )
+ {
+ return;
+ }
+
+ for ( TInt i=0; i<aLength; i++ )
+ {
+ if ( i%4 == 0 )
+ {
+ buf->Des().AppendFormat(_L(" "));
+ }
+ buf->Des().AppendFormat( _L("%02.2x"), aArray[i] ); // key Data byte2byte
+ }
+
+ LogWrite( buf->Des() );
+
+ delete buf;
+ buf = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Writes number to log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::LogWriteNum( TUint aNum )
+ {
+ const TInt KMaxNumLength( 20 );
+ TBuf<KMaxNumLength> buf;
+ buf.AppendFormat( _L("%u\n"), aNum ); // key Data byte2byte
+ LogWrite( buf );
+ }
+
+// ---------------------------------------------------------------------------
+// Writes message to PCap log.
+// ---------------------------------------------------------------------------
+//
+void CKmdDebugLogger::TraceMessage(const TDesC8& aMessage,
+ const TInetAddr& aSourceAddress,
+ const TInetAddr& aDestinationAddress,
+ CIkePcapTrace::TEncryptionType aEncryptionType)
+ {
+ iIkePcapTrace->TraceMessage(aMessage,
+ aSourceAddress, aDestinationAddress,
+ aEncryptionType);
+ }
+
+
+#endif //_DEBUG
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/kmdeventlogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,305 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD event logger
+*
+*/
+
+
+#include <e32base.h>
+#include <vpnlogmessages.rsg>
+#include "eventviewer.h"
+#include "ikedebug.h"
+#include "vpnclientuids.h"
+
+// CLASS HEADER
+#include "kmdeventlogger.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdEventLogger* CKmdEventLogger::NewL( MIkeDebug& aDebug )
+ {
+ CKmdEventLogger* self = new ( ELeave ) CKmdEventLogger( aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CKmdEventLogger::~CKmdEventLogger()
+ {
+ iEventMediator.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdEventLogger::CKmdEventLogger( MIkeDebug& aDebug )
+ : iDebug( aDebug )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CKmdEventLogger::ConstructL()
+ {
+ User::LeaveIfError( iEventMediator.Connect() );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MKmdEventLoggerIf
+// Writes event to event log.
+// ---------------------------------------------------------------------------
+//
+void CKmdEventLogger::LogEvent( TLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aGwIp,
+ const TInetAddr* aLocalAddr )
+ {
+ TUid uid = TUid::Uid( KUidKmdServer );
+
+ TBuf<40> ipAddr16;
+ TBuf8<40> ipAddr;
+ TBuf8<40> localIpAddr;
+ TIapName vpnAccessPointName;
+ TInt addrIndex = KErrNotFound;
+ TInt iapIndex = KErrNotFound;
+ TInt statusIndex = KErrNotFound;
+ TInt realIpIndex = KErrNotFound;
+ TInt desCount = 0;
+ TUint8* pointers[4];
+ TInt lengths[4];
+
+ switch ( aMsgId )
+ {
+ case R_VPN_MSG_VPN_GW_NO_RESP:
+ case R_VPN_MSG_VPN_GW_AUTH_FAIL:
+ case R_VPN_MSG_VPN_GW_AUTH_OK:
+ addrIndex = 0;
+ iapIndex = 1;
+ break;
+
+ case R_VPN_MSG_VPN_GW_ERR_RESP_RECEIVED:
+ case R_VPN_MSG_SENT_ERROR_RESPONSE:
+ addrIndex = 0;
+ iapIndex = 1;
+ statusIndex = 2;
+ break;
+
+ case R_VPN_MSG_DATA_DROPPED_DUE_POLICY:
+ addrIndex = 0;
+ statusIndex = 1;
+ break;
+
+ case R_VPN_MSG_ADDR_INFO_FOR_VPN_AP:
+ iapIndex = 0;
+ addrIndex = 1;
+ realIpIndex = 2;
+ statusIndex = 3;
+ break;
+
+ case R_VPN_MSG_REAL_IAP_ACT_FAILED:
+ realIpIndex = 0;
+ iapIndex = 1;
+ statusIndex = 2;
+ break;
+
+ default:
+ break;
+ }
+
+ if ( addrIndex != KErrNotFound )
+ {
+ desCount ++;
+ pointers[addrIndex] = (TUint8*)ipAddr.Ptr();
+ if ( aGwIp )
+ {
+ aGwIp->Output(ipAddr16);
+ ipAddr.Copy(ipAddr16);
+ lengths[addrIndex] = ipAddr.Length();
+ }
+ else
+ {
+ lengths[addrIndex] = 0;
+ }
+ }
+
+ if ( statusIndex != KErrNotFound )
+ {
+ desCount ++;
+ pointers[statusIndex] = (TUint8*)&aStatus;
+ lengths[statusIndex] = sizeof(aStatus);
+ }
+
+ if ( iapIndex != KErrNotFound )
+ {
+ //
+ // VPN IAP id shall be converted to VPN access point name using
+ // eventviewer API.
+ //
+ desCount ++;
+ pointers[iapIndex] = (TUint8*)vpnAccessPointName.Ptr();
+ if ( aVpnIapId != 0 )
+ {
+ EventViewer::GetIapName(aVpnIapId, vpnAccessPointName);
+ lengths[iapIndex] = vpnAccessPointName.Length();
+ }
+ else
+ {
+ lengths[iapIndex] = 0;
+ }
+ }
+
+ if ( realIpIndex != KErrNotFound )
+ {
+ desCount ++;
+ pointers[realIpIndex] = (TUint8*)localIpAddr.Ptr();
+ ipAddr16.SetLength(0);
+ if ( aLocalAddr != NULL )
+ {
+ aLocalAddr->Output(ipAddr16);
+ }
+ localIpAddr.Copy(ipAddr16);
+ lengths[realIpIndex] = localIpAddr.Length();
+ }
+
+ TInt ret( KErrNone );
+
+ switch ( desCount )
+ {
+ case 0:
+ {
+ ret = iEventMediator.ReportLogEvent( uid,
+ aCategory,
+ aMsgId,
+ 0 );
+ }
+ break;
+
+ case 1:
+ {
+ TPtr8 parm1(pointers[0], lengths[0], lengths[0]);
+ ret = iEventMediator.ReportLogEvent( uid,
+ aCategory,
+ aMsgId,
+ 1,
+ &parm1 );
+ }
+ break;
+
+ case 2:
+ {
+ TPtr8 parm1(pointers[0], lengths[0], lengths[0]);
+ TPtr8 parm2(pointers[1], lengths[1], lengths[1]);
+ ret = iEventMediator.ReportLogEvent( uid,
+ aCategory,
+ aMsgId,
+ 2,
+ &parm1,
+ &parm2 );
+ }
+ break;
+
+ case 3:
+ {
+ TPtr8 parm1(pointers[0], lengths[0], lengths[0]);
+ TPtr8 parm2(pointers[1], lengths[1], lengths[1]);
+ TPtr8 parm3(pointers[2], lengths[2], lengths[2]);
+ ret = iEventMediator.ReportLogEvent( uid,
+ aCategory,
+ aMsgId,
+ 3,
+ &parm1,
+ &parm2,
+ &parm3 );
+ }
+ break;
+
+ case 4:
+ {
+ TPtr8 parm1(pointers[0], lengths[0], lengths[0]);
+ TPtr8 parm2(pointers[1], lengths[1], lengths[1]);
+ TPtr8 parm3(pointers[2], lengths[2], lengths[2]);
+ TPtr8 parm4(pointers[3], lengths[3], lengths[3]);
+ ret = iEventMediator.ReportLogEvent( uid,
+ aCategory,
+ aMsgId,
+ 4,
+ &parm1,
+ &parm2,
+ &parm3,
+ &parm4 );
+ }
+ break;
+
+ default:
+ ret = ret;
+ break;
+
+ }
+
+ DEBUG_LOG3( _L("Logging event %x with %d parameters, report status = %d"),
+ aMsgId, desCount, ret );
+
+ }
+
+// ---------------------------------------------------------------------------
+// From class MKmdEventLoggerIf
+// Writes event to event log.
+// ---------------------------------------------------------------------------
+//
+void CKmdEventLogger::LogEvent( TKmdLogCategory aCategory,
+ TInt aMsgId,
+ TInt aStatus,
+ TUint32 aVpnIapId,
+ const TInetAddr* aGwIp,
+ const TInetAddr* aLocalAddr )
+ {
+ TLogCategory logCategory;
+ switch ( aCategory )
+ {
+ case KLogInfo:
+ logCategory = EInfo;
+ break;
+ case KLogWarning:
+ logCategory = EWarning;
+ break;
+ case KLogError:
+ logCategory = EError;
+ break;
+ default:
+ logCategory = EDebug;
+ break;
+ }
+
+ LogEvent( logCategory,
+ aMsgId,
+ aStatus,
+ aVpnIapId,
+ aGwIp,
+ aLocalAddr );
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/kmdserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,329 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD server
+*
+*/
+
+
+// INTERNAL INCLUDES
+#include "ikedebug.h"
+#include "ikeplugindefs.h"
+#include "ikepluginhandler.h"
+#include "kmddebuglogger.h"
+#include "kmdeventlogger.h"
+#include "kmdsession.h"
+#include "secpolreader.h"
+#include "vpnconnection.h"
+
+// CLASS HEADER
+#include "kmdserver.h"
+
+const TUint CKmdServer::iKmdServerRangeCount = 2;
+
+const TInt CKmdServer::iKmdServerRanges[iKmdServerRangeCount] =
+ {
+ CKmdServer::KKmdStartConnection,
+ CKmdServer::KKmdCancelResolveAddress+1
+ };
+
+const TUint8 CKmdServer::iKmdServerElementIndex[iKmdServerRangeCount] =
+ {
+ 0,
+ CPolicyServer::ENotSupported
+ };
+
+const CPolicyServer::TPolicyElement CKmdServer::iKmdServerElements[] =
+ {
+ {_INIT_SECURITY_POLICY_C1(ECapabilityNetworkControl),
+ CPolicyServer::EFailClient},
+ };
+
+const CPolicyServer::TPolicy CKmdServer::iKmdServerPolicy =
+ {
+ 0, // All connect attempts are checked
+ iKmdServerRangeCount, // Count of ranges
+ iKmdServerRanges, // 0-6, 7...
+ iKmdServerElementIndex, // Only range 0-6 are checked
+ iKmdServerElements // The list of policy elements
+ };
+
+const TInt KIkeV1PluginHandlerIndex( 0 );
+const TInt KIkeV2PluginHandlerIndex( 1 );
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdServer* CKmdServer::NewL()
+ {
+ CKmdServer* self = new ( ELeave ) CKmdServer;
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CKmdServer::~CKmdServer()
+ {
+ iIpsecPolicyServ.Close();
+ iVpnConnections.ResetAndDestroy();
+ iVpnConnections.Close();
+ delete iIkePluginHandlers[0];
+ delete iIkePluginHandlers[1];
+ delete iSecpolReader;
+ delete iEventLogger;
+
+#ifdef _DEBUG
+ if ( iDebugLogger != NULL )
+ {
+ iDebugLogger->LogWrite(_L("KMD server stopped."));
+ }
+#endif
+ delete iDebugLogger;
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdServer::CKmdServer() :
+ CPolicyServer( EPriorityStandard, iKmdServerPolicy )
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CKmdServer::ConstructL()
+ {
+ iDebugLogger = CKmdDebugLogger::NewL();
+
+#ifdef _DEBUG
+ iDebugLogger->LogWrite(_L("------------------------------------------------------"));
+ iDebugLogger->LogWrite(_L("Starting KMD server."));
+ iDebugLogger->LogWrite(_L("------------------------------------------------------"));
+#endif
+
+ User::LeaveIfError( iIpsecPolicyServ.Connect() );
+ iEventLogger = CKmdEventLogger::NewL( *iDebugLogger );
+ iSecpolReader = CSecpolReader::NewL( *iEventLogger,
+ *iDebugLogger );
+ iIkePluginHandlers[KIkeV1PluginHandlerIndex] = CIkePluginHandler::NewL( KIkeV1,
+ *iEventLogger,
+ *iDebugLogger );
+ iIkePluginHandlers[KIkeV2PluginHandlerIndex] = CIkePluginHandler::NewL( KIkeV2,
+ *iEventLogger,
+ *iDebugLogger );
+
+ StartL( KKmdServerName );
+
+#ifdef _DEBUG
+ iDebugLogger->LogWrite(_L("KMD server started."));
+#endif
+ }
+
+// ---------------------------------------------------------------------------
+// Information that KMD session has been closed.
+// ---------------------------------------------------------------------------
+//
+void CKmdServer::KmdSessionClosed()
+ {
+ iSessionCount--;
+ __ASSERT_DEBUG(iSessionCount >= 0, User::Invariant());
+
+ StopKmdServer();
+ }
+
+// ---------------------------------------------------------------------------
+// Creates VPN connection object.
+// ---------------------------------------------------------------------------
+//
+CVpnConnection& CKmdServer::CreateVpnConnectionL(TUint32 aVpnIapId)
+ {
+#ifndef _DEBUG
+ for ( TInt i = 0; i < iVpnConnections.Count(); ++i )
+ {
+ __ASSERT_DEBUG( iVpnConnections[i]->VpnIapId() != aVpnIapId, User::Invariant() );
+ }
+#endif //_DEBUG
+
+ CVpnConnection* newConnection = CVpnConnection::NewLC( aVpnIapId,
+ *this,
+ *iDebugLogger );
+ User::LeaveIfError( iVpnConnections.Append( newConnection ) );
+ CleanupStack::Pop( newConnection );
+
+ return *newConnection;
+ }
+
+// ---------------------------------------------------------------------------
+// Gets VPN connection object.
+// ---------------------------------------------------------------------------
+//
+CVpnConnection& CKmdServer::GetVpnConnectionL( TUint32 aVpnIapId )
+ {
+ CVpnConnection* connection = NULL;
+ for ( TInt i = 0; i < iVpnConnections.Count(); ++i )
+ {
+ CVpnConnection* c = iVpnConnections[i];
+ if ( c->VpnIapId() == aVpnIapId )
+ {
+ connection = c;
+ break;
+ }
+ }
+
+ if ( connection == NULL )
+ {
+ User::Leave( KErrNotFound );
+ }
+ return *connection;
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes VPN connection object.
+// ---------------------------------------------------------------------------
+//
+void CKmdServer::DeleteVpnConnection( TUint32 aVpnIapId )
+ {
+ TInt connectionCount = iVpnConnections.Count();
+ for ( TInt i = 0; i < connectionCount; ++i )
+ {
+ CVpnConnection* c = iVpnConnections[i];
+ if ( c->VpnIapId() == aVpnIapId )
+ {
+ iVpnConnections.Remove( i );
+ delete c;
+ break;
+ }
+ }
+
+ StopKmdServer();
+ }
+
+// ---------------------------------------------------------------------------
+// Creates IKE plugin session.
+// ---------------------------------------------------------------------------
+//
+CIkePluginSessionHandler& CKmdServer::CreateIkePluginSessionL( TInt aIkeVersion,
+ IkeSocket::TIpVersion aIpVersion,
+ CIkeConnectionInterface& aConnection,
+ TUint32 aVpnIapId,
+ TUint32 aVpnNetId,
+ TUint32 aVpnInterfaceIndex,
+ const TInetAddr& aDnsServerAddr,
+ MIkePluginSessionHandlerCallback& aCallback )
+ {
+ TInt index( 0 );
+ switch ( aIkeVersion )
+ {
+ case KIkeV1:
+ {
+ index = KIkeV1PluginHandlerIndex;
+ break;
+ }
+ case KIkeV2:
+ {
+ index = KIkeV2PluginHandlerIndex;
+ break;
+ }
+ default:
+ {
+ ASSERT( EFalse );
+ }
+ }
+ return iIkePluginHandlers[index]->CreateIkePluginSessionL( aVpnIapId,
+ aVpnNetId,
+ aVpnInterfaceIndex,
+ aIpVersion,
+ aDnsServerAddr,
+ aConnection,
+ aCallback );
+ }
+
+// ---------------------------------------------------------------------------
+// Deletes IKE plugin session.
+// ---------------------------------------------------------------------------
+//
+void CKmdServer::DeleteIkePluginSession( TInt aIkeVersion,
+ TUint32 aVpnIapId )
+ {
+ TInt index( 0 );
+ switch ( aIkeVersion )
+ {
+ case KIkeV1:
+ {
+ index = KIkeV1PluginHandlerIndex;
+ break;
+ }
+ case KIkeV2:
+ {
+ index = KIkeV2PluginHandlerIndex;
+ break;
+ }
+ default:
+ {
+ ASSERT( EFalse );
+ break;
+ }
+ }
+ iIkePluginHandlers[index]->DeleteIkePluginSession( aVpnIapId );
+ }
+
+// ---------------------------------------------------------------------------
+// Returns debug trace interface.
+// ---------------------------------------------------------------------------
+//
+MIkeDebug& CKmdServer::Debug()
+ {
+ __ASSERT_DEBUG( iDebugLogger != NULL,
+ User::Invariant() );
+
+ return *iDebugLogger;
+ }
+
+// ---------------------------------------------------------------------------
+// Creates a server-side session object.
+// ---------------------------------------------------------------------------
+//
+CSession2* CKmdServer::NewSessionL( const TVersion& /*aVersion*/,
+ const RMessage2& /*aMessage*/) const
+ {
+ CKmdSession* session = CKmdSession::NewL( *const_cast<CKmdServer*>( this ),
+ *iDebugLogger );
+ iSessionCount++;
+ return session;
+ }
+
+// ---------------------------------------------------------------------------
+// Stops KMD server if there exist neither client sessions nor active
+// connections.
+// ---------------------------------------------------------------------------
+//
+void CKmdServer::StopKmdServer()
+ {
+ if ( iSessionCount == 0 &&
+ iVpnConnections.Count() == 0 )
+ {
+ // Stop scheduluder that was started by RunServerL().
+ CActiveScheduler::Stop();
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/kmdsession.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,423 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Server side session of KMDServer
+*
+*/
+
+
+#include "ikedebug.h"
+#include "ikepolparser.h"
+#include "kmdserver.h"
+#include "kmdapi.h"
+#include "kmdserver.pan"
+
+// CLASS HEADER
+#include "kmdsession.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdSession* CKmdSession::NewL( CKmdServer& aServer,
+ MIkeDebug& aDebug )
+ {
+ CKmdSession* self = new ( ELeave ) CKmdSession( aServer, aDebug );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CKmdSession::~CKmdSession()
+ {
+ DEBUG_LOG( _L("CKmdSession::~CKmdSession") );
+
+ DoCancelStartConnection();
+ DoCancelActivate();
+ DoCancelResolveAddress();
+
+ iServer.KmdSessionClosed();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CKmdSession::CKmdSession( CKmdServer& aServer,
+ MIkeDebug& aDebug )
+ : iServer( aServer ),
+ iDebug( aDebug )
+ {
+ DEBUG_LOG( _L("CKmdSession::CKmdSession") );
+ }
+
+// ---------------------------------------------------------------------------
+// From class CSession2.
+// Handles the servicing of a client request from KMD API.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::ServiceL( const RMessage2& aMessage )
+ {
+ switch ( aMessage.Function() )
+ {
+ case CKmdServer::KKmdStartConnection:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdStartConnection"));
+
+ if ( iConnectionStarter != NULL )
+ {
+ aMessage.Panic( KKmdPanicCategory,
+ EKmdPanicRequestAlreadyPending );
+ }
+ else
+ {
+ __ASSERT_DEBUG( iPendingStartConnection.IsNull(),
+ User::Invariant() );
+ iVpnIapId = aMessage.Int0();
+
+ // Create new VPN connection object and start connection.
+ CVpnConnection& vpnConnection = iServer.CreateVpnConnectionL( iVpnIapId );
+ TRAPD( err, iConnectionStarter = CConnectionStarter::NewL( vpnConnection, *this ) );
+ if ( err != KErrNone )
+ {
+ iServer.DeleteVpnConnection( iVpnIapId );
+ User::Leave( err );
+ }
+ iPendingStartConnection = aMessage;
+ iConnectionStarter->StartRealConnection();
+ }
+ break;
+ }
+ case CKmdServer::KKmdCancelStartConnection:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdCancelStartConnection"));
+
+ DoCancelStartConnection();
+ aMessage.Complete( KErrNone );
+ break;
+ }
+ case CKmdServer::KKmdActivateAsync:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdActivateAsync"));
+
+ if ( iActivationStarter != NULL )
+ {
+ aMessage.Panic( KKmdPanicCategory,
+ EKmdPanicRequestAlreadyPending );
+ }
+ else
+ {
+ __ASSERT_DEBUG( iPendingActivate.IsNull(),
+ User::Invariant() );
+ iVpnIapId = aMessage.Int0();
+ CVpnConnection* vpnConnection = NULL;
+ TRAPD( err, vpnConnection = &iServer.GetVpnConnectionL( iVpnIapId ) );
+
+ if ( err != KErrNone )
+ {
+ __ASSERT_DEBUG( err == KErrNotFound, User::Invariant() );
+ aMessage.Complete( KErrArgument );
+ }
+ else
+ {
+ // Read VPN interface name.
+ HBufC* vpnIfName = HBufC::NewLC( aMessage.GetDesLength( 1 ) );
+ TPtr vpnIfNameDes = vpnIfName->Des();
+ aMessage.ReadL( 1, vpnIfNameDes );
+
+ CIkeDataArray* ikeList = CIkeDataArray::NewL( 1 );
+ CleanupStack::PushL( ikeList );
+
+ // Read 8 bit IKE policy data.
+ HBufC8* ikePolicy8 = HBufC8::NewLC( aMessage.GetDesLength( 2 ) );
+ TPtr8 policyDes8 = ikePolicy8->Des();
+ aMessage.ReadL( 2, policyDes8 );
+
+ // Copy read IKE policy data to 16 bit buffer.
+ HBufC* ikeConf = HBufC::NewL( policyDes8.Length() );
+ TPtr ikeConfPtr = ikeConf->Des();
+ ikeConfPtr.Copy( policyDes8 );
+ CleanupStack::PopAndDestroy( ikePolicy8 );
+ CleanupStack::PushL( ikeConf );
+
+ // Parse IKE policy data.
+ TIkeParser ikeParser( *ikeConf );
+ ikeParser.MainParseL( ikeList );
+ CleanupStack::PopAndDestroy( ikeConf );
+
+ // Get first IKE policy section.
+ CIkeData* ikeData = NULL;
+ if (ikeList->Count() > 0)
+ {
+ ikeData = (*ikeList)[0];
+ }
+ else
+ {
+ User::Leave( KKmdIkePolicyFileErr );
+ }
+
+ // Start negotiation.
+ iActivationStarter = CActivationStarter::NewL( *vpnConnection,
+ *this,
+ iServer.Debug() );
+ iPendingActivate = aMessage;
+ iActivationStarter->Activate( *ikeData,
+ vpnIfNameDes );
+
+ CleanupStack::PopAndDestroy( ikeList );
+ CleanupStack::PopAndDestroy( vpnIfName );
+ }
+ }
+ break;
+ }
+ case CKmdServer::KKmdCancelActivateAsync:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdCancelActivateAsync"));
+
+ DoCancelActivate();
+ aMessage.Complete( KErrNone );
+ break;
+ }
+ case CKmdServer::KKmdStopConnection:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdStopConnection"));
+
+ if ( iConnectionStopper != NULL )
+ {
+ aMessage.Panic( KKmdPanicCategory,
+ EKmdPanicRequestAlreadyPending );
+ }
+ else
+ {
+ __ASSERT_DEBUG( iPendingStopConnection.IsNull(),
+ User::Invariant() );
+
+ TUint32 vpnIapId = aMessage.Int0();
+ TKmdStopConnection::TType type = (TKmdStopConnection::TType)aMessage.Int1();
+
+ CVpnConnection& connection = iServer.GetVpnConnectionL( vpnIapId );
+ iConnectionStopper = CConnectionStopper::NewL( connection, *this );
+
+ iPendingStopConnection = aMessage;
+ iConnectionStopper->StopVpnConnection( type == TKmdStopConnection::EForced );
+ }
+ break;
+ }
+ case CKmdServer::KKmdResolveAddress:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdResolveAddress"));
+
+ if ( iFqdnResolver != NULL )
+ {
+ aMessage.Panic( KKmdPanicCategory,
+ EKmdPanicRequestAlreadyPending );
+ }
+ else
+ {
+ __ASSERT_DEBUG( iPendingFqdnResolve.IsNull(),
+ User::Invariant() );
+ iVpnIapId = aMessage.Int0();
+ CVpnConnection* vpnConnection = NULL;
+ TRAPD( err, vpnConnection = &iServer.GetVpnConnectionL( iVpnIapId ) );
+ if ( err != KErrNone )
+ {
+ __ASSERT_DEBUG( err == KErrNotFound, User::Invariant() );
+ aMessage.Complete( KErrArgument );
+ }
+ else
+ {
+ HBufC* fqdn = HBufC::NewLC( aMessage.GetDesLengthL( 1 ) );
+ TPtr fqdnDes = fqdn->Des();
+ aMessage.ReadL( 1, fqdnDes );
+
+ iFqdnResolver = CFqdnResolver::NewL( *vpnConnection, *this );
+ iPendingFqdnResolve = aMessage;
+ iFqdnResolver->ResolveAddress( fqdn );
+ CleanupStack::Pop( fqdn );
+ }
+ }
+ break;
+ }
+ case CKmdServer::KKmdCancelResolveAddress:
+ {
+ DEBUG_LOG(_L("CKmdSession::ServiceL, KKmdCancelResolveAddress"));
+
+ DoCancelResolveAddress();
+ aMessage.Complete( KErrNone );
+ break;
+ }
+ default:
+ {
+ DEBUG_LOG1(_L("CKmdSession::ServiceL, illegal command=%d"),
+ aMessage.Function());
+
+ aMessage.Panic( KKmdPanicCategory, EKmdPanicIllegalCommand );
+ break;
+ }
+ }
+
+ }
+
+// ---------------------------------------------------------------------------
+// From class MConnectionStarterCallback.
+// Notification about completion of real connection starting.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::RealConnectionStarted( TInt aStatus,
+ TInt aRealIap,
+ TInt aRealNetwork )
+ {
+ DEBUG_LOG3(_L("Real connection started, status=%d, IAP id=%d, NET id=%d"),
+ aStatus, aRealIap, aRealNetwork );
+
+ __ASSERT_DEBUG( !iPendingStartConnection.IsNull(), User::Invariant() );
+
+ delete iConnectionStarter;
+ iConnectionStarter = NULL;
+
+ if ( aStatus == KErrNone )
+ {
+ TVpnRealConnectionParams realConfig = { aRealIap, aRealNetwork };
+ TPckg<TVpnRealConnectionParams> realConfigPckg( realConfig );
+
+ aStatus = iPendingStartConnection.Write( 1, realConfigPckg );
+ }
+ iPendingStartConnection.Complete( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MConnectionStopperCallback.
+// Notification about completion of VPN connection stopping.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::VpnConnectionStopped( TInt aStatus )
+ {
+ DEBUG_LOG1(_L("VPN connection stopped, status=%d"), aStatus );
+
+ __ASSERT_DEBUG( !iPendingStopConnection.IsNull(), User::Invariant() );
+
+ delete iConnectionStopper;
+ iConnectionStopper = NULL;
+
+ iPendingStopConnection.Complete( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MFqdnResolverCallback.
+// Notifies about completion of FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::AddressResolveCompleted( TInt aStatus,
+ TNameEntry aNameEntry )
+ {
+ DEBUG_LOG1(_L("FQDN address resolving completed, status=%d"), aStatus );
+
+ __ASSERT_DEBUG( !iPendingFqdnResolve.IsNull(),
+ User::Invariant() );
+
+ delete iFqdnResolver;
+ iFqdnResolver = NULL;
+
+ if ( aStatus == KErrNone )
+ {
+ aStatus = iPendingFqdnResolve.Write( 2, aNameEntry );
+ }
+
+ iPendingFqdnResolve.Complete( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MActivationStarterCallback.
+// Notification about completion of activation.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::ActivationCompleted( TInt aStatus,
+ const TVPNAddress& aVirtualIp )
+ {
+ DEBUG_LOG1(_L("Activation completed, status=%d"), aStatus );
+
+ __ASSERT_DEBUG( !iPendingActivate.IsNull(),
+ User::Invariant() );
+
+ if ( aStatus == KErrNone )
+ {
+ TVPNAddressPckg addrPkcg( aVirtualIp );
+ aStatus = iPendingActivate.Write( 3, addrPkcg );
+ }
+ iPendingActivate.Complete( aStatus );
+
+ delete iActivationStarter;
+ iActivationStarter = NULL;
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels real connection starting.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::DoCancelStartConnection()
+ {
+ if ( iConnectionStarter )
+ {
+ __ASSERT_DEBUG( !iPendingStartConnection.IsNull(),
+ User::Invariant() );
+
+ delete iConnectionStarter; // Cancels ongoing connection starting.
+ iConnectionStarter = NULL;
+
+ iPendingStartConnection.Complete( KErrCancel );
+
+ // Delete VPN connection object.
+ iServer.DeleteVpnConnection( iVpnIapId );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels activating.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::DoCancelActivate()
+ {
+ if ( iActivationStarter )
+ {
+ __ASSERT_DEBUG( !iPendingActivate.IsNull(),
+ User::Invariant() );
+
+ delete iActivationStarter; // Cancels ongoing activation.
+ iActivationStarter = NULL;
+
+ iPendingActivate.Complete( KErrCancel );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels FQDN address resolving.
+// ---------------------------------------------------------------------------
+//
+void CKmdSession::DoCancelResolveAddress()
+ {
+ if ( iFqdnResolver )
+ {
+ __ASSERT_DEBUG( !iPendingFqdnResolve.IsNull(),
+ User::Invariant() );
+
+ delete iFqdnResolver; // Cancels ongoing resolving.
+ iFqdnResolver = NULL;
+
+ iPendingFqdnResolve.Complete( KErrCancel );
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/kmdstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: KMD starter
+*
+*/
+
+
+#include "srvstarter.h"
+#include "kmdserver.h"
+
+CServer2* Starter::CreateAndStartServerL()
+ {
+ return CKmdServer::NewL();
+ }
+
+TPtrC Starter::ServerName()
+ {
+ return KKmdServerName().Mid(0);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/secpolpayload.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,275 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security policy module payload structures
+*
+*/
+
+
+#include <ext_hdr.h>
+#include <tcp_hdr.h>
+#include <udp_hdr.h>
+#include <icmp6_hdr.h>
+
+// CLASS HEADER
+#include "secpolpayload.h"
+
+// ======== LOCAL FUNCTIONS ========
+
+#ifdef _DEBUG
+static TInt IsShort( TDes &aStr, const TDesC &aName, TInt aMin, TInt aLength )
+ {
+ aStr.Append( aName );
+ if ( aMin <= aLength )
+ {
+ return 0;
+ }
+ aStr.Append(_L(".. truncated"));
+ return 1;
+ }
+#endif
+
+// ======== MEMBER FUNCTIONS ========
+
+//
+// IPv4 HDR Dump routine
+//
+void THdrIP4::Dump( TDes &aStr, TInt /*aLength*/ )
+ {
+#ifndef _DEBUG
+ (void)aStr;
+#endif
+
+#ifdef _DEBUG
+ const TInt KMaxBufLength( 40 );
+ TBuf<KMaxBufLength> buf;
+ TInetAddr addr;
+
+ addr.SetAddress( SrcAddr() );
+ addr.OutputWithScope( buf );
+ aStr.Append( _L(" src=") );
+ aStr.Append( buf );
+ addr.SetAddress( DstAddr() );
+ addr.OutputWithScope( buf );
+ aStr.Append( _L(" dst=") );
+ aStr.Append( buf );
+#endif
+ }
+
+TBool THdrIP4::IsUnicast()
+ {
+ TInetAddr addr;
+ TUint32 ip4Addr = DstAddr();
+ addr.SetAddress( ip4Addr );
+ TBool status = addr.IsUnicast();
+ if ( status != KErrNone )
+ {
+ //
+ // If at least 7 leftmost bits in address are set to 1 this
+ // address is interpreted to be IPv4 subnet broadcast
+ //
+ status = ( ( ip4Addr & 0x7f ) != 0x7f );
+ }
+ return status;
+ }
+
+//
+// IPv6 HDR Dump routine
+//
+void THdrIP6::Dump( TDes &aStr, TInt /*aLength*/ )
+ {
+#ifndef _DEBUG
+ (void)aStr;
+#endif
+
+#ifdef _DEBUG
+ const TInt KMaxBufLength( 40 );
+ TBuf<KMaxBufLength> buf;
+ TInetAddr addr;
+
+ addr.SetAddress( SrcAddr() );
+ addr.OutputWithScope( buf );
+ aStr.Append( _L(" src=") );
+ aStr.Append( buf );
+ addr.SetAddress( DstAddr() );
+ addr.OutputWithScope( buf );
+ aStr.Append( _L(" dst=") );
+ aStr.Append( buf );
+#endif
+ }
+
+TBool THdrIP6::IsUnicast()
+ {
+ TInetAddr addr;
+ addr.SetAddress( DstAddr() );
+ return addr.IsUnicast();
+ }
+
+TSecpolPayload::TSecpolPayload( const TUint8* aPtr )
+ : iRaw( aPtr )
+ {
+ }
+
+void TSecpolPayload::Dump( TDes &aStr, TInt aLength, TInt aProtocol )
+ {
+#ifndef _DEBUG
+ (void)aStr;
+ (void)aLength;
+ (void)aProtocol;
+#endif
+
+#ifdef _DEBUG
+ for (;;)
+ {
+ TInt skip;
+ switch ( aProtocol )
+ {
+ case 50: // ESP
+ if ( IsShort( aStr,
+ _L(" ESP"),
+ iESP->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aStr.AppendFormat( _L("(spi=%x,seq=%d)"),
+ ByteOrder::Swap32( iESP->SPI() ),
+ iESP->Sequence() );
+ return; // Cannot go past ESP
+ case 51:
+ if ( IsShort( aStr,
+ _L(" AH"),
+ iAH->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aStr.AppendFormat(_L("(spi=%x,seq=%d,protcol=%d)"),
+ iAH->SPI(), iAH->Sequence(), iAH->NextHeader() );
+ skip = iAH->HeaderLength();
+ aProtocol = iAH->NextHeader();
+ break; // AH
+ case 4:
+ if ( IsShort( aStr,
+ _L(" IP4-in-IP"),
+ iIP4->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ ((THdrIP4 *)iIP4)->Dump(aStr, aLength);
+ skip = iIP4->HeaderLength();
+ aProtocol = iIP4->Protocol();
+ break;
+ case 1: // Fall through
+ case 58:
+ if ( IsShort( aStr,
+ _L(" ICMP"),
+ iICMP->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aStr.AppendFormat(_L("(type=%d,code=%d)"),
+ iICMP->Type(), iICMP->Code() );
+ return;
+ case 6:
+ if ( IsShort( aStr,
+ _L(" TCP"),
+ iTCP->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aStr.AppendFormat(_L("(src=%d,dst=%d)"),
+ iTCP->SrcPort(), iTCP->DstPort());
+ return;
+ case 17:
+ if ( IsShort( aStr,
+ _L(" UDP"),
+ iUDP->MinHeaderLength(),
+ aLength ) )
+ return;
+ aStr.AppendFormat(_L("(src=%d,dst=%d)"),
+ iUDP->SrcPort(), iUDP->DstPort());
+ return;
+ case KProtocolInet6Ipip:
+ if ( IsShort( aStr,
+ _L(" IP6-in-IP"),
+ iIP6->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ ((THdrIP6 *)iIP6)->Dump( aStr, aLength );
+ skip = iIP6->HeaderLength();
+ aProtocol = iIP6->NextHeader();
+ break;
+ case KProtocolInet6HopOptions:
+ if ( IsShort( aStr,
+ _L(" HBH"),
+ iOPT->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ skip = iOPT->HeaderLength();
+ aProtocol = iOPT->NextHeader();
+ break;
+ case KProtocolInet6RoutingHeader:
+ if ( IsShort( aStr,
+ _L(" RTH"),
+ iRTH->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aProtocol = iRTH->NextHeader();
+ skip = iRTH->HeaderLength();
+ break;
+ case KProtocolInet6Fragment:
+ if ( IsShort( aStr,
+ _L(" FRAG"),
+ iFRH->MinHeaderLength(),
+ aLength ) )
+ {
+ return;
+ }
+ aStr.AppendFormat(_L("(prot=%d,id=%d,offset=%d)"),
+ iFRH->NextHeader(), iFRH->Id(), iFRH->FragmentOffset());
+ if ( iFRH->MFlag() )
+ {
+ aStr.Append(_L(" More"));
+ }
+ return;
+ case KProtocolInet6NoNextHeader:
+ aStr.AppendFormat(_L(" NNH"));
+ return;
+ case KProtocolInet6DestinationOptions:
+ if ( IsShort( aStr,
+ _L(" DOP"),
+ iOPT->MinHeaderLength(),
+ aLength ) )
+ return;
+ skip = iOPT->HeaderLength();
+ aProtocol = iOPT->NextHeader();
+ break;
+ default:
+ aStr.AppendFormat(_L(" protocol=%d"), aProtocol);
+ return;
+ }
+ aLength -= skip;
+ iRaw += skip;
+ }
+#endif
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/secpolreader.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,287 @@
+/*
+* Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security policy module
+*
+*/
+
+
+#include <es_sock.h>
+#include <in_sock.h>
+#include <networking/ipsecerr.h>
+#include <vpnlogmessages.rsg>
+#include "ikedebug.h"
+#include "kmdeventloggerif.h"
+#include "secpolpayload.h"
+
+// CLASS HEADER
+#include "secpolreader.h"
+
+// ======== LOCAL FUNCTIONS ========
+
+#ifdef _DEBUG
+
+// ---------------------------------------------------------------------------
+// Returns error description.
+// ---------------------------------------------------------------------------
+//
+static const TPtrC IpsecError( TInt aReason )
+ {
+ switch ( aReason )
+ {
+ case EIpsec_RMBUF: return _L("RMBUF operation failed unexcpectedly");
+ //
+ // AH and ESP
+ //
+ case EIpsec_CorruptPacketIn: return _L("Truncated or corrupt packet or header");
+ case EIpsec_CorruptPacketOut: return _L("Corrupt packet after IPSEC operations");
+ case EIpsec_EspInboundSA: return _L("The inbound SA for ESP does not exist");
+ case EIpsec_EspAuthentication: return _L("Authentication check failed in ESP");
+ case EIpsec_EspAuthAlg: return _L("Required auth algorithm for ESP not available/installed");
+ case EIpsec_EspEncrAlg: return _L("Required encrypt algorithm for ESP not available/installed");
+ case EIpsec_AhAuthAlg: return _L("Required auth algorithm for AH not available/installed");
+ case EIpsec_AhInboundSA: return _L("The inbound SA for AH does not exist");
+ case EIpsec_AhIcvLength: return _L("ICV length in packet does not match algorithm");
+ case EIpsec_AhAuthentication: return _L("Authentication check failed in AH");
+ case EIpsec_PacketLength: return _L("Invalid/corrupt length of the packet");
+ case EIpsec_DataAlignment: return _L("Data not aligned by block size (ESP)");
+ case EIpsec_EspPadByte: return _L("The ESP pad byte content is invalid");
+ case EIpsec_EspPadLength: return _L("The ESP pad length is corrupt (probably wrong key)");
+ case EIpsec_ReplayDuplicate: return _L("Duplicate packet (replay window test)");
+ //
+ // SECPOL
+ //
+ case EIpsec_OutboundNotFound: return _L("Outbound SA does not exist, ACQUIRE started");
+ case EIpsec_OutboundPending: return _L("Outbooud SA does not exits, ACQUIRE pending");
+ case EIpsec_NoSelectorMatch: return _L("None of the policy selectors matched");
+ case EIpsec_MaxTransforms: return _L("Incoming packet exceed configured max limit of transforms");
+ case EIpsec_TooFewTransforms: return _L("Policy requires IPSEC, none or too little was present");
+ case EIpsec_TunnelMismatch: return _L("Tunnelmode does not match the policy");
+ case EIpsec_MismatchedSA: return _L("Applied SA does not match the policy");
+ case EIpsec_UnrequiredSA: return _L("Applied SA where policy has none");
+ case EIpsec_TooManyTransforms: return _L("Incoming packet had more transforms than policy requires");
+ case EIpsec_NoBundle: return _L("Incoming packet had transforms, but policy doesn't require any");
+ //
+ // IPv6 additions
+ //
+ case EIpsec_AhRMBufSplit: return _L("Inbound AH processing failed (Memory?)");
+ case EIpsec_AhPacketTooLong: return _L("Outbound packet would exeed 2**16-1 with AH");
+ case EIpsec_AhSequenceWrap: return _L("Outbound sequence # wrapped around for this SA");
+ case EIpsec_EspSequenceWrap: return _L("Outbound sequence # wrapped around for this SA");
+ case EIpsec_EspBadCipherBlockSize: return _L("Configuration error, cipher block size must be < 256");
+ case EIpsec_AcquireFailed: return _L("Acquiring SA failed (no SA available or negotiated)");
+ //
+ // Detail reasons for SA not matching the SA spec in the policy
+ // (replace one EIpsec_MismatchedSA with multiple detail errors)
+ //
+ case EIpsec_MismatchedDestination: return _L("SA destination does not match (internal error?)");
+ case EIpsec_MismatchedType: return _L("SA Type (AH/ESP) does not match");
+ case EIpsec_MismatchedPFS: return _L("PFS bit is not same");
+ case EIpsec_MismatchedAuthAlg: return _L("Auth algorithm doesn't match");
+ case EIpsec_MismatchedEncryptAlg: return _L("Encrypt algorithm doesn't match");
+ case EIpsec_MismatchReplayWindow: return _L("ReplayWindow length is shorter than required");
+ case EIpsec_MismatchSource: return _L("source address does not match");
+ case EIpsec_MismatchProxy: return _L("proxy address does not match");
+ case EIpsec_MismatchSourcePort: return _L("source port does not match");
+ case EIpsec_MismatchDestinationPort:return _L("destination port does not match");
+ case EIpsec_MismatchProtocol: return _L("protocol does not match");
+ case EIpsec_MismatchSourceIdentity: return _L("source identity does not match");
+ case EIpsec_MismatchDestinationIdentity: return _L("destination identity does not match");
+
+ case EIpsec_BadCipherKey: return _L("Key in SA is too short (for the algorithm) or is weak");
+ case EIpsec_UnknownCipherNumber: return _L("Attempting to use algorithm number that is not known");
+ case EIpsec_UnknownDigestNumber: return _L("Attempting to use algorithm number that is not known");
+ case EIpsec_UnavailableCipher: return _L("No installed library implements the cipher");
+ case EIpsec_UnavailableDigest: return _L("No installed library implements the digest");
+ //
+ // Temporary place for new errors
+ //
+ case EIpsec_IcmpError: return _L("An ICMP error report containing AH or ESP (for INET6)");
+ case EIpsec_LostSA: return _L("An SA has been lost between Apply and Verify, expired? (for SECPOL)");
+ case EIpsec_NoInnerSource: return _L("Cannot find inner-src for outbound packet when tunneling (for SECPOL)");
+ //
+ // Special code for NAT Traversal
+ //
+ case EIpsec_NotANATTPacket: return _L("UDP packet is NOT a NAT Taversal packet");
+ case EIpsec_FragmentMismatch: return _L("IPSEC on fragment is not same as before, packet dropped");
+
+ default:
+ return _L("Unknown reason");
+ }
+ }
+
+#endif
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CSecpolReader* CSecpolReader::NewL( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+ {
+ CSecpolReader* self = new (ELeave) CSecpolReader( aEventLogger,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CSecpolReader::~CSecpolReader()
+ {
+ DEBUG_LOG(_L("CSecpolReader::~CSecpolReader"));
+ Cancel();
+ iSocket.Close();
+ iSocketServer.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CSecpolReader::CSecpolReader( MKmdEventLoggerIf& aEventLogger,
+ MIkeDebug& aDebug )
+: CActive( EPriorityStandard ),
+ iEventLogger( aEventLogger ),
+ iDebug( aDebug )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CSecpolReader::ConstructL()
+ {
+ TInetAddr addr;
+ User::LeaveIfError( iSocketServer.Connect() );
+ User::LeaveIfError( iSocket.Open( iSocketServer, _L("secpol6") ) );
+ addr.SetAddress( KInetAddrNone );
+ addr.SetPort( 0 );
+ User::LeaveIfError( iSocket.Bind( addr ) );
+ iSocket.RecvFrom( iMsg, iAddr, 0, iStatus );
+ SetActive();
+ DEBUG_LOG(_L("CSecpolReader::ConstructL - constructed"));
+ }
+
+// ---------------------------------------------------------------------------
+// Returns event logger.
+// ---------------------------------------------------------------------------
+//
+MKmdEventLoggerIf& CSecpolReader::EventLogger()
+ {
+ return iEventLogger;
+ }
+
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles completion of asynchronous reading.
+// ---------------------------------------------------------------------------
+//
+void CSecpolReader::RunL()
+ {
+#ifdef _DEBUG
+ TBuf<40> buf;
+ TBuf<1000> str;
+ TInt protocol = -1;
+#endif // _DEBUG
+ TInt len = 0;
+ TBool processEvent;
+ TSecpolPayload packet( iMsg.Ptr() );
+
+ DEBUG_LOG1(_L("Secpol read, status=%d"), iStatus.Int());
+ __ASSERT_DEBUG( iStatus.Int() == KErrNone,
+ User::Invariant() );
+ if ( iStatus.Int() == KErrNone )
+ {
+ switch ( packet.iIP4->Version() )
+ {
+ case 4:
+ processEvent = ((THdrIP4 *)packet.iRaw)->IsUnicast();
+ if ( processEvent )
+ {
+#ifdef _DEBUG
+ ((THdrIP4 *)packet.iRaw)->Dump( str, iMsg.Length() );
+ protocol = packet.iIP4->Protocol();
+#endif // _DEBUG
+ len = packet.iIP4->HeaderLength();
+ }
+ break;
+ case 6:
+ processEvent = ((THdrIP6 *)packet.iRaw)->IsUnicast();
+ if ( processEvent )
+ {
+#ifdef _DEBUG
+ ((THdrIP6 *)packet.iRaw)->Dump( str, iMsg.Length() );
+ protocol = packet.iIP6->NextHeader();
+#endif // _DEBUG
+ len = packet.iIP6->HeaderLength();
+ }
+ break;
+ default:
+ processEvent = ETrue;
+#ifdef _DEBUG
+ str.Format( _L("Unknown IP protocol version %d"),
+ (TInt)packet.iIP4->Version() );
+#endif // _DEBUG
+ break;
+ }
+
+ if ( processEvent )
+ {
+ if ( len )
+ {
+ packet.iRaw += len;
+#ifdef _DEBUG
+ packet.Dump( str, iMsg.Length()-len, protocol );
+#endif // _DEBUG
+ }
+#ifdef _DEBUG
+ str.Append( _L(" from ") );
+ (TInetAddr::Cast(iAddr)).OutputWithScope( buf );
+ str.Append( buf );
+ str.Append( _L(" because ") );
+ str.Append( IpsecError( iAddr.Port() ) );
+ str.AppendFormat( _L(" (%d)"), iAddr.Port() );
+ DEBUG_LOG(str);
+#endif // _DEBUG
+
+ LOG_KMD_EVENT( MKmdEventLoggerIf::KLogWarning,
+ R_VPN_MSG_DATA_DROPPED_DUE_POLICY,
+ (TInt)iAddr.Port(),
+ 0,
+ &iAddr );
+ }
+ }
+
+ iSocket.RecvFrom( iMsg, iAddr, 0, iStatus ); // start a new read
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// From class CActive
+// Handles cancellation of asynchronous reading.
+// ---------------------------------------------------------------------------
+//
+void CSecpolReader::DoCancel()
+ {
+ iSocket.CancelRecv();
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/kmdserver/src/vpnconnection.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,490 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN connection specific structures
+*
+*/
+
+
+#include <cmmanagerext.h>
+#include <cmpluginvpndef.h>
+
+#include "disconnectionobserver.h"
+#include "ikeconnectioninterface.h"
+#include "ikedebug.h"
+#include "ikeplugindefs.h"
+#include "ikepluginsessionhandler.h"
+#include "ikepolparser.h"
+#include "ikesocketdefs.h"
+#include "kmdapi.h" // For error codes
+#include "kmdserver.h"
+
+// CLASS HEADER
+#include "vpnconnection.h"
+
+// ======== MEMBER FUNCTIONS ========
+
+// ---------------------------------------------------------------------------
+// Two-phased constructor.
+// ---------------------------------------------------------------------------
+//
+CVpnConnection* CVpnConnection::NewLC( TUint32 aVpnIapId,
+ CKmdServer& aServer,
+ MIkeDebug& aDebug )
+ {
+ CVpnConnection* self = new ( ELeave ) CVpnConnection( aVpnIapId,
+ aServer,
+ aDebug );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor.
+// ---------------------------------------------------------------------------
+//
+CVpnConnection::~CVpnConnection()
+ {
+ DEBUG_LOG1( _L("CVpnConnection::~CVpnConnection, VPN IAP id=%d"),
+ iVpnIapId );
+
+ delete iDisconnectionObserver;
+ delete iIkeConnection;
+
+ iEventMediator.Close();
+ }
+
+// ---------------------------------------------------------------------------
+// Constructor.
+// ---------------------------------------------------------------------------
+//
+CVpnConnection::CVpnConnection( TUint32 aVpnIapId,
+ CKmdServer& aServer,
+ MIkeDebug& aDebug )
+ : iServer( aServer ),
+ iVpnIapId( aVpnIapId ),
+ iDisconnectEventReceived( EFalse ),
+ iIkePluginSessionHandler( NULL ),
+ iDebug( aDebug )
+ {
+ DEBUG_LOG1( _L("CVpnConnection::CVpnConnection, VPN IAP id=%d"),
+ iVpnIapId );
+ }
+
+// ---------------------------------------------------------------------------
+// Second phase construction.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::ConstructL()
+ {
+ User::LeaveIfError( iEventMediator.Connect() );
+
+ using namespace CMManager;
+
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL( cmManagerExt );
+
+ RCmConnectionMethodExt vpnConnectionMethod = cmManagerExt.ConnectionMethodL( iVpnIapId );
+ CleanupClosePushL( vpnConnectionMethod );
+
+ iVpnNetId = vpnConnectionMethod.GetIntAttributeL( ECmNetworkId );
+ iRealIapId = vpnConnectionMethod.GetIntAttributeL( EVpnIapId );
+ iRealSnapId = vpnConnectionMethod.GetIntAttributeL( ECmNextLayerSNAPId );
+
+ CleanupStack::PopAndDestroy( &vpnConnectionMethod );
+ CleanupStack::PopAndDestroy( &cmManagerExt );
+
+ __ASSERT_DEBUG( iRealIapId != 0 || iRealSnapId != 0, User::Invariant() );
+
+ iIkeConnection = CIkeConnectionInterface::NewL( iDebug );
+ iDisconnectionObserver = CDisconnectionObserver::NewL( *iIkeConnection, *this );
+ iDisconnectionObserver->StartObserving();
+ }
+
+// ---------------------------------------------------------------------------
+// Starts real network connection.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::StartRealConnection( TRequestStatus& aStatus )
+ {
+ __ASSERT_DEBUG( iRealIapId != 0 || iRealSnapId != 0, User::Invariant() );
+ iIkeConnection->StartConnection( iRealIapId, iRealSnapId, aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels real connection starting.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::CancelStartRealConnection()
+ {
+ iIkeConnection->CancelStartConnection();
+ }
+
+// ---------------------------------------------------------------------------
+// Resolves an IP address from FQDN address.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::ResolveAddress( const TDesC& aFqdn,
+ TNameEntry& aNameEntry,
+ TRequestStatus& aStatus )
+ {
+ iIkeConnection->ResolveFQDNAddress( aFqdn, aNameEntry, aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels resolving.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::CancelResolveAddress()
+ {
+ iIkeConnection->CancelResolveFQDNAddress();
+ }
+
+// ---------------------------------------------------------------------------
+// Starts negotiation with a remote host.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::NegotiateWithHost( CIkeData& aIkeData,
+ TUint32 aVpnInterfaceIndex,
+ IkeSocket::TIpVersion aIpVersion,
+ TVPNAddress& aInternalAddress,
+ TRequestStatus& aStatus )
+ {
+ __ASSERT_DEBUG( iClientStatusNegotiate == NULL,
+ User::Invariant() );
+
+ // Store client's request status and internal address.
+ iClientStatusNegotiate = &aStatus;
+ *iClientStatusNegotiate = KRequestPending;
+ iClientInternalAddress = &aInternalAddress;
+
+ TInt err( KErrNone );
+ if ( aIkeData.iIkeVersion == KIkeV1 || aIkeData.iIkeVersion == KIkeV2 )
+ {
+ // Create IKE plugin session.
+ iIkeVersion = aIkeData.iIkeVersion;
+
+ if ( iIkePluginSessionHandler == NULL )
+ {
+ TRAP( err, iIkePluginSessionHandler = &iServer.CreateIkePluginSessionL( iIkeVersion,
+ aIpVersion,
+ *iIkeConnection,
+ iVpnIapId,
+ iVpnNetId,
+ aVpnInterfaceIndex,
+ aIkeData.iDnsServer.Address(),
+ *this ) );
+ }
+ }
+ else
+ {
+ err = KKmdIkePolicyFileErr;
+ }
+
+ if ( err != KErrNone )
+ {
+ User::RequestComplete( iClientStatusNegotiate, err );
+ iClientStatusNegotiate = NULL;
+ return;
+ }
+
+ if ( aIkeData.iAddr.Family() == KAfInet )
+ {
+ aIkeData.iAddr.ConvertToV4Mapped();
+ aIkeData.iMask.ConvertToV4Mapped();
+ }
+ aIkeData.iAddr.SetScope( RealNetId() );
+
+ // Start negotiation.
+ iIkePluginSessionHandler->NegotiateWithHost( aIkeData );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels negotiation.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::CancelNegotiateWithHost()
+ {
+ DoCancelNegotiateWithHost();
+ }
+
+
+// ---------------------------------------------------------------------------
+// Stops VPN connection.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::StopVpnConnection( TBool aSilentClose,
+ TRequestStatus& aStatus )
+ {
+ __ASSERT_DEBUG( iClientStatusStopVpnConnection == NULL,
+ User::Invariant() );
+
+ // Store client's request status.
+ iClientStatusStopVpnConnection = &aStatus;
+ *iClientStatusStopVpnConnection = KRequestPending;
+
+ DoStopVpnConnection( aSilentClose );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels VPN connection stoppping. VPN Connection is stopped silently.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::CancelStopVpnConnection()
+ {
+ DoCancelStopVpnConnection();
+ }
+
+// ---------------------------------------------------------------------------
+// Gets local address of real network interface.
+// ---------------------------------------------------------------------------
+//
+TInt CVpnConnection::GetLocalAddress( const IkeSocket::TIpVersion aIpVersion,
+ TInetAddr& aLocalIp )
+ {
+ return iIkeConnection->GetLocalAddress( aIpVersion, aLocalIp );
+ }
+
+// ---------------------------------------------------------------------------
+// Returns VPN IAP Id.
+// ---------------------------------------------------------------------------
+//
+TInt CVpnConnection::VpnIapId() const
+ {
+ return iVpnIapId;
+ }
+
+// ---------------------------------------------------------------------------
+// Returns real IAP Id.
+// ---------------------------------------------------------------------------
+//
+TInt CVpnConnection::RealIapId() const
+ {
+ return iIkeConnection->IapId();
+ }
+
+// ---------------------------------------------------------------------------
+// Returns real NET Id.
+// ---------------------------------------------------------------------------
+//
+TInt CVpnConnection::RealNetId() const
+ {
+ return iIkeConnection->NetId();
+ }
+
+// ---------------------------------------------------------------------------
+// From class MDisconnectionObserverCallback.
+// Notification about link disconnection. VPN connection is stopped.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DisconnectIndication( TInt aStatus )
+ {
+ // Store disconnection status for reporting it to client.
+ iDisconnectEventReceived = ETrue;
+ iDisconnectionStatus = aStatus;
+
+ DEBUG_LOG1( _L("Link disconnected, status=%d"),
+ iDisconnectionStatus );
+
+ if ( iDisconnectionStatus == KErrNone )
+ {
+ iDisconnectionStatus = KErrDisconnected;
+ }
+
+ // Stop VPN connection silently.
+ DoStopVpnConnection( ETrue );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionHandlerCallback.
+// Notification about completion of negotiate request.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::NegotiationStarted( TInt aStatus,
+ const TVPNAddress& aInternalAddress )
+ {
+ __ASSERT_DEBUG( iIkePluginSessionHandler != NULL,
+ User::Invariant() );
+
+ DEBUG_LOG1( _L("NegotiateWithHost completed, status=%d"),
+ aStatus );
+
+ // Use disconnection status for reporting if set.
+ if ( iDisconnectEventReceived )
+ {
+ aStatus = iDisconnectionStatus;
+ }
+
+ if ( iClientStatusNegotiate != NULL )
+ {
+ *iClientInternalAddress = aInternalAddress;
+
+ // Complete client's request.
+ User::RequestComplete( iClientStatusNegotiate, aStatus );
+ iClientInternalAddress = NULL;
+ iClientStatusNegotiate = NULL;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionHandlerCallback.
+// Notification about completion of delete session request. IKE plugin
+// session object is deleted and real connection stopped.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::IkePluginSessionClosed( TInt aStatus )
+ {
+ __ASSERT_DEBUG( iIkePluginSessionHandler != NULL,
+ User::Invariant() );
+
+ DEBUG_LOG1( _L("IKE plugin session closed, status=%d"),
+ aStatus );
+
+ iServer.DeleteIkePluginSession( iIkeVersion, iVpnIapId );
+ iIkePluginSessionHandler = NULL;
+
+ DoStopRealConnection( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// From class MIkePluginSessionHandlerCallback.
+// Notification about IKE plugin session error.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::IkePluginSessionError( TInt aStatus )
+ {
+ // Stop VPN connection silently.
+ DisconnectIndication( aStatus );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels negotiation.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoCancelNegotiateWithHost()
+ {
+ if ( iIkePluginSessionHandler )
+ {
+ iIkePluginSessionHandler->CancelNegotiateWithHost();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Stops VPN connection.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoStopVpnConnection( TBool aSilentClose )
+ {
+ if ( iIkePluginSessionHandler == NULL )
+ {
+ // Stop real connection immediately.
+ DoStopRealConnection( KErrNone );
+ }
+ else
+ {
+ DoCancelNegotiateWithHost();
+
+ // Delete IKE plugin session first.
+ DoDeleteSession( aSilentClose );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels VPN connection stopping. VPN Connection is stopped silently.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoCancelStopVpnConnection()
+ {
+ DoCancelDeleteSession();
+
+ if ( iIkePluginSessionHandler != NULL )
+ {
+ iServer.DeleteIkePluginSession( iIkeVersion, iVpnIapId );
+ iIkePluginSessionHandler = NULL;
+ }
+
+ DoStopRealConnection( KErrCancel );
+ }
+
+// ---------------------------------------------------------------------------
+// Starts deletion of IKE plugin session.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoDeleteSession( TBool aSilentClose )
+ {
+ __ASSERT_DEBUG( iIkePluginSessionHandler != NULL,
+ User::Invariant() );
+
+ iIkePluginSessionHandler->DeleteSession( aSilentClose );
+ }
+
+// ---------------------------------------------------------------------------
+// Cancels deletion of IKE plugin session. IKE plugin session is deleted
+// silently.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoCancelDeleteSession()
+ {
+ if ( iIkePluginSessionHandler != NULL )
+ {
+ iIkePluginSessionHandler->CancelDeleteSession();
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// Stops real network connection.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoStopRealConnection( TInt aStatus )
+ {
+ iDisconnectionObserver->Cancel();
+ iIkeConnection->StopConnection();
+
+ // Use disconnection status for reporting if set.
+ if ( iDisconnectEventReceived )
+ {
+ aStatus = iDisconnectionStatus;
+ }
+
+ if ( iClientStatusStopVpnConnection )
+ {
+ // Complete client's request.
+ User::RequestComplete( iClientStatusStopVpnConnection, aStatus );
+ iClientStatusStopVpnConnection = NULL;
+ }
+ DoReportDisconnectEvent( aStatus );
+
+ // Delete VPN connection object.
+ iServer.DeleteVpnConnection( iVpnIapId );
+ }
+
+// ---------------------------------------------------------------------------
+// Reports disconnect event via Event Mediator API.
+// ---------------------------------------------------------------------------
+//
+void CVpnConnection::DoReportDisconnectEvent( TInt aStatus )
+ {
+ TPckg<TUint32> connInfoDes( iVpnIapId );
+ TEventData info;
+ info.iTaskStatus = aStatus;
+ TPckg<TEventData> infoDes( info );
+
+ DEBUG_LOG2( _L("Report disconnect event via event mediator, VPN IAP Id=%d, status=%d"),
+ iVpnIapId, aStatus );
+
+ iEventMediator.ReportEvent( EKmdRealIapConnDownEvent,
+ connInfoDes,
+ infoDes );
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/bwins/pkiserviceu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?WinsMain@@YAHXZ @ 1 NONAME ; int __cdecl WinsMain(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/group/PKIService.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,75 @@
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project pkiservice
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET pkiservice.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101FAE07
+
+CAPABILITY CAP_SERVER CommDD NetworkControl
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE pkiservice.cpp
+SOURCE pkisession.cpp
+SOURCE pkimapper.cpp
+SOURCE pkiwrapper.cpp
+SOURCE pkisupport.cpp
+SOURCE pkiservicestarter.cpp
+SOURCE certificaterequeststore.cpp
+SOURCE keyoperationprovider.cpp
+SOURCE pkiservicesigner.cpp
+SOURCE pkiservicedecryptor.cpp
+SOURCE logonservices.cpp
+SOURCE keymanager.cpp
+SOURCE keyoperationqueue.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY CTFramework.lib
+LIBRARY certstore.lib
+LIBRARY euser.lib
+LIBRARY efsrv.lib
+LIBRARY utlpkcs10.lib
+LIBRARY utlbase64.lib
+LIBRARY utlcrypto.lib
+LIBRARY bafl.lib
+LIBRARY x500.lib
+LIBRARY x509.lib
+LIBRARY crypto.lib
+LIBRARY cryptography.lib
+LIBRARY random.lib
+LIBRARY pbe.lib
+LIBRARY eventmedapi.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2000 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the
+* whole of a IPSeMan.dll.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+
+PKIService.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/PKIMapper.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,232 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CPKIMapper class holds the information required to map API set
+* to use the storage model which is not native for that API.
+*
+*/
+
+
+
+#if !defined (__PKIMAPPER_H__)
+#define __PKIMAPPER_H__
+
+#include <e32base.h>
+#include <securitydefs.h>
+
+#include "pkidefs.h"
+#include "pkiserviceclientservercommon.h"
+
+class TSecurityObjectDescriptor;
+class CX500DistinguishedName;
+class CX520AttributeTypeAndValue;
+
+enum TValidity
+{
+ EValid,
+ EExpired,
+ ENotValidYet
+};
+
+
+/**
+ * CMapDescriptor
+ *
+ * Maintains information of installed certificates and keys
+ *
+ * @lib internal (pkiservice.exe)
+ * @since S60 v3.0
+ */
+class CMapDescriptor : public CBase
+{
+ public:
+ CMapDescriptor()
+ {
+ iOwnerType = EPKICACertificate;
+ iKeySize = 0;
+ iKeyAlgorithm = EPKIInvalidAlgorithm;
+ };
+
+ ~CMapDescriptor()
+ {
+ delete iTrustedAuthority;
+ iTrustedAuthority = NULL;
+ delete iIdentitySubjectName;
+ iIdentitySubjectName = NULL;
+ delete iIdentityRfc822Name;
+ iIdentityRfc822Name = NULL;
+ delete iSerialNumber;
+ iSerialNumber = NULL;
+ iApplUids.Close();
+ };
+ CMapDescriptor(TSecurityObjectDescriptor& aDesc);
+ CMapDescriptor& operator=(CMapDescriptor& aMapDesc);
+ void SetMapObjectName(const TDesC& aFilename) {iObjectName.Copy(aFilename);};
+ TBool IsMatchingL(TSecurityObjectDescriptor &aDesc,
+ const TBool aInfoOnly,
+ TPkiServiceStoreType aCertStoreType) const;
+
+ TBool IsEqual(CMapDescriptor &aDesc);
+ void SetMapSubjectKeyId(const TPKIKeyIdentifier &aKeyId)
+ {
+ iSubjectKeyId.Copy(aKeyId);
+ };
+ void SetMapOwnerType(const TPKICertificateOwnerType aOwnerType) {iOwnerType = aOwnerType;};
+ void SetMapKeyUsageDer(const TDesC8 &aKeyUsage)
+ {
+ iKeyUsageDer.Copy(aKeyUsage);
+ }; // Optional if only certificate is needed
+ // Key usage is not defined in the filter, this will be checked separately
+ void SetMapKeySize(const TUint aKeySize) {iKeySize = aKeySize;}; // Optional if only certificate is needed
+ // Issuer and serial are not defined in the filter, these will be checked separately
+ void SetMapTrustedAuthorityL(const TDesC8 &aTrustedAuthority)
+ {
+ delete iTrustedAuthority;
+ iTrustedAuthority = NULL;
+ iTrustedAuthority = aTrustedAuthority.AllocL();
+ };
+ void SetMapIdentitySubjectNameL(const TDesC8 &aIdentitySubjectName)
+ {
+ delete iIdentitySubjectName;
+ iIdentitySubjectName = NULL;
+ iIdentitySubjectName = aIdentitySubjectName.AllocL();
+ };
+ void SetMapIdentityRfc822NameL(const TDesC8 &aIdentityRfc822Name)
+ {
+ delete iIdentityRfc822Name;
+ iIdentityRfc822Name = NULL;
+ iIdentityRfc822Name = aIdentityRfc822Name.AllocL();
+ };
+ void SetMapSerialNumberL(const TDesC8 &aSerialNumber)
+ {
+ delete iSerialNumber;
+ iSerialNumber = NULL;
+ iSerialNumber = aSerialNumber.AllocL();
+ };
+
+ void SetCertStoreType(TPkiServiceStoreType aCertStoreType);
+
+ void SetMapKeyAlgorithm(const TPKIKeyAlgorithm &aKeyAlgorithm) {iKeyAlgorithm = aKeyAlgorithm;};
+ void SetMapStartTime(const TTime &aTime) {iStartTime = aTime;};
+ void SetMapEndTime(const TTime &aTime) {iEndTime = aTime;};
+ void SetMapTrusted(const TBool &aTrusted) {iIsTrusted = aTrusted;};
+ void SetMapIsDeletable(const TBool &aIsDeletable) {iIsDeletable = aIsDeletable;};
+ void SetMapApplications(const RArray<TUid> &aApplications) {for(TInt i=0; i<aApplications.Count();i++){ iApplUids.Append(aApplications[i]);}};
+
+ TBool IsMatchingCertStore(const TDesC& aCertStoreName);
+
+ public: // data
+ // No get methods introduced, values are used directly!
+
+ /// Key or certificate: used internally, depends on the operation
+ /// Own: Cert TrustedAuthority
+ HBufC8* iTrustedAuthority;
+ HBufC8* iIdentitySubjectName; // Identity subject name
+ HBufC8* iIdentityRfc822Name; // Identity subjectAltName rfc822 name
+ HBufC8* iSerialNumber; // Serialnumber
+ TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key
+ TPKICertificateOwnerType iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set
+ TBuf8<KMaxUsageDer> iKeyUsageDer; // Der format flags
+ TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+ TUint iKeySize; // Key size
+ TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA
+ TTime iStartTime;
+ TTime iEndTime;
+ TBool iIsDeletable;
+ TBool iIsTrusted;
+ RArray<TUid> iApplUids;
+ TPkiServiceStoreType iCertStoreType;
+};
+
+/**
+ * CPKIMapper
+ *
+ * Maintains array of CMapDescriptor objects
+ *
+ * @lib internal (pkiservice.exe)
+ * @since S60 v3.0
+ */
+class CPKIMapper : public CBase
+{
+ public:
+ // Constructors, destructor
+ // When constructing an invocation, check if some key/certificate has been manually removed.
+ static CPKIMapper* NewL();
+ static TValidity CertValidity(const TTime &aStartTime, const TTime &aEndTime);
+ ~CPKIMapper();
+
+ ////////////////////////////////////////////////////////////////////////////////////////////
+ // Mapping methods
+ ////////////////////////////////////////////////////////////////////////////////////////////
+ // These are new methods, which will be called from ipsecmanager when importing policy or deleting a certificate/key
+ // In acuagent, these will be called after user key has been generated and authorized by CA
+ TInt AddMapping(CMapDescriptor &aMap);
+ TInt DeleteMapping(CMapDescriptor &aDesc);
+ CMapDescriptor& GetMapDescriptorAtIndex(TInt aIndex);
+ // One-to-one mapping functions
+ void GetCertificateKeyIdL(TSecurityObjectDescriptor &aDescriptor, TPKIKeyIdentifier &aKeyId,
+ TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const;
+
+ TInt ResolveCertMappingL(TSecurityObjectDescriptor &aDescriptor, TDes16 &aFilename,
+ TInt &aIndex, const TBool aInfoOnly,
+ TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const;
+
+ TInt CertCount(void);
+ TInt ApplicableCertCount(const RArray<TUid>& aUidArray);
+ TInt GetCertListL(const RMessage2& aMessage, TPkiServiceStoreType aStoreType, TBool aDescUsed = EFalse);
+ void GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray);
+
+ // Function to check whether the given certificate is unique (doesn't exist in cert store)
+ TBool CertificateIsUniqueL(const TDesC8& aCertData);
+
+ // Function that returns a guaranteedly unique certificate label.
+ void GenerateUniqueNameL(const TDesC8& aCertData, TDes& aName,
+ TCertificateOwnerType aOwnerType = ECACertificate);
+ void SetCacheCreated();
+ TBool CacheCreated();
+
+ private: // implementation
+
+ void DeleteMapping(TInt aIndex);
+ TBool LabelIsUnique(const TDesC& aLabel) const;
+ void LogMap(CMapDescriptor& aDescriptor) const;
+ void LogSearchArguments(TSecurityObjectDescriptor& aDescriptor) const;
+
+ private: // C'tor
+
+ CPKIMapper();
+ void ConstructL();
+
+ private: // data
+ TBool iCacheCreated;
+ TInt iCount;
+ /// Used when generating uniqname
+
+ RPointerArray<CMapDescriptor>* iMapping;
+ TPckgBuf<TSecurityObjectDescriptor> iCurrentDescriptor;
+ TBuf<MAX_FILENAME_LENGTH> iObjectName;
+};
+
+class PkiUtil
+{
+ public:
+ static TBool MatchL(const CX500DistinguishedName& aDn1,
+ const CX500DistinguishedName& aDn2);
+
+ private:
+ static TBool HasElementL(const CX500DistinguishedName& aDn,
+ const CX520AttributeTypeAndValue& aElement);
+};
+
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/certificaterequeststore.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,60 @@
+/*
+* Copyright (c) 2007 - 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class, which handles storing and accessing certificate requests.
+*
+*/
+
+
+
+
+#ifndef C_CERTIFICATEREQUESTSTORE_H
+#define C_CERTIFICATEREQUESTSTORE_H
+
+#include <e32base.h>
+#include <f32file.h>
+
+#include "pkidefs.h"
+
+/**
+ * Class, which handles storing and accessing certificate requests.
+ *
+ * @since S60 v3.2
+ */
+class CCertificateRequestStore : public CBase
+ {
+
+public:
+
+ static CCertificateRequestStore* NewL();
+ ~CCertificateRequestStore();
+
+ TInt CertReqCountL();
+ CArrayFixFlat<TCertificateRequestListEntry>* GetCertReqListLC();
+
+ HBufC* SaveCertRequestLC(const TDesC8& aCertReqData);
+ HBufC8* ReadCertRequestLC(const TDesC& aCertReqObjectName);
+ void DeleteCertRequestL(const TDesC& aCertReqObjectName);
+
+private:
+
+ void ConstructL();
+
+ TFileName* GetNewCertReqFileNameLC();
+
+ RFs iFileSession;
+ TFileName iPrivatePath;
+ };
+
+
+#endif // C_CERTIFICATEREQUESTSTORE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/keymanager.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,114 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI server main module
+*
+*/
+
+
+
+
+#ifndef C_KEYMANAGER_H
+#define C_KEYMANAGER_H
+
+#include <e32base.h>
+#include <unifiedkeystore.h>
+#include "pkidefs.h"
+
+class CUnifiedKeyStore;
+class CCTKeyInfo;
+class CLogonServices;
+
+/**
+ * A class that handles simple access to the keypairs.
+ *
+ * This class provieds following simple key access functionality:
+ * key pair removal, key pair generation, key pair import and public key
+ * export.
+ */
+class CKeyManager : public CActive
+ {
+public:
+ static CKeyManager* NewL(CLogonServices& aLogonServices);
+ ~CKeyManager();
+
+ void RemoveKeyPair(const TPKIKeyIdentifier& aKeyId,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aClientStatus);
+
+ void GenerateKeyPair(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TUint aKeySize,
+ TPKIKeyAlgorithm aKeyAlgorithm,
+ TPKIKeyIdentifier& aKeyId,
+ TRequestStatus& aClientStatus);
+
+ void ImportKeyPair(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TDesC8& aKeyData,
+ TPKIKeyIdentifier& aKeyId,
+ TRequestStatus& aClientStatus);
+
+ void ExportPublicKey(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TPKIKeyIdentifier& aKeyId,
+ HBufC8*& aPublicKeyData,
+ TRequestStatus& aClientStatus);
+
+
+protected:
+
+ void RunL();
+ void DoCancel();
+ void RunError();
+
+private:
+ enum TKeyManagerState
+ {
+ EKeyManagerIdle = 0,
+ ERetrievingKeyPairForRemove,
+ ERemovingKeyPair,
+ EGeneratingKeyPair,
+ EImportingKeyPair,
+ ESettingManagementPolicy,
+ ESettingUsePolicy,
+ ERetrievingKeyListForExport,
+ EExportingPublicKey
+ };
+
+ CKeyManager(CLogonServices& aLogonServices);
+ void ConstructL();
+ void Cleanup();
+
+ TInt GetKeyIndex(TInt aUsedKeyStore, const RMPointerArray<CCTKeyInfo>& aKeysList) const;
+
+ HBufC* GetUniqueNameL() const;
+ CCTKeyInfo::EKeyAlgorithm ConvertPKIAlgorithm(TPKIKeyAlgorithm aAlg) const;
+
+ CLogonServices& iLogonServices;
+ TKeyManagerState iState;
+
+ TRequestStatus* iClientStatus;
+ CUnifiedKeyStore* iUnifiedKeyStore; //Not owned by this class
+ RMPointerArray<CCTKeyInfo> iKeysList;
+
+ TInt iUsedKeyStore;
+
+ HBufC* iObjectName;
+ HBufC8** iPublicKeyData; //Now owned by this class
+ TPKIKeyIdentifier* iKeyId; //Not owned by this class
+ CCTKeyInfo* iKeyInfo; //Not owned by this class
+ };
+
+#endif //C_KEYMANAGER_H
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/keyoperationprovider.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,151 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI server main module
+*
+*/
+
+
+
+
+#ifndef C_KEYOPERATIONPROVIDER_H
+#define C_KEYOPERATIONPROVIDER_H
+
+#include <e32base.h>
+#include <f32file.h>
+#include <unifiedkeystore.h>
+#include "pkidefs.h"
+
+class CUnifiedKeyStore;
+class CPKISession;
+class CPkiServiceSigner;
+class CPkiServiceDecryptor;
+class CLogonServices;
+class CKeyManager;
+class CKeyOperationQueue;
+
+/**
+* A class that collects all the keyoperation functionality.
+*
+* The instance of this class is owned by CKeyOperationQueue, which
+* calls the methods according to the client request. When an operation
+* is completed the CKeyPairOperationProvider calls the associated callback
+* from CKeyOperationQueue.
+*
+* The Initialize operation must be completed succesfully, before any other
+* requests can be made to this class.
+*
+* Any current time, there can be only one request under process.
+*/
+class CKeyPairOperationProvider : public CActive
+ {
+public:
+ static CKeyPairOperationProvider* NewL(CKeyOperationQueue& aKeyOperationQueue);
+ ~CKeyPairOperationProvider();
+
+ /**
+ * Initializes the keystore.
+ * This is an asynchronous method.
+ * CPKISession::KeyStoreInitComplete is called when this
+ * request is completed.
+ */
+ void Initialize();
+ void GetKeyPairList(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore);
+
+ /**
+ * Decrypts the data using key specified in aKeyId.
+ * The key has to be stored in the store defined by
+ * method SetKeyStore.
+ */
+ void Decrypt(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aEncryptedData,
+ TInt aOutputLength);
+
+ void Sign(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aDataToBeSigned);
+
+ void GetPublicKey(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore);
+
+ void Logon();
+ void Logoff();
+ void ChangePassword();
+
+ void RemoveKeyPair(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore);
+ void GenerateKeyPair(const TUint aKeySize, TPKIKeyAlgorithm aKeyAlgorithm, TInt aUsedKeyStore);
+
+ void ImportKeyPair(HBufC8* aKeyData, TInt aUsedKeyStore); //Takes the ownership of the data
+
+protected:
+ void RunL();
+ void DoCancel();
+ TInt RunError(TInt aError);
+
+private:
+ enum TKeyOperation
+ {
+ EKeyOperationIdle = 0,
+ EKeyOperationInitialize,
+ EKeyOperationSetPassPhraseTimeout,
+ EKeyOperationGetKeyList,
+ EKeyOperationGetKeyDetails,
+ EKeyOperationDecrypting,
+ EKeyOperationSigning,
+ EKeyOperationPublicKeyExport,
+ EKeyOperationLogon,
+ EKeyOperationLogoff,
+ EKeyOperationLogonForChangePassword,
+ EKeyOperationChangingPassword,
+ EKeyOperationRemoveKeyPair,
+ EKeyOperationGeneratingKeyPair,
+ EKeyOperationImportingKeyPair
+ };
+
+ CKeyPairOperationProvider(CKeyOperationQueue& aKeyOperationQueue);
+ void ConstructL();
+
+
+ void DecryptL(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aEncryptedData,
+ TInt aOutputLength);
+
+ void CleanupCryptoOperation();
+
+ CArrayFixFlat<TKeyListEntry>* MakeKeyEntryListL(RMPointerArray<CCTKeyInfo> aKeysList,
+ TInt aUsedKeyStore) const;
+
+ TBool iIsInitialized;
+ TKeyOperation iKeyOperation;
+
+ CKeyOperationQueue& iKeyOperationQueue;
+ RFs iFileServer;
+ CUnifiedKeyStore* iUnifiedKeyStore;
+ TInt iUsedKeyStore; //Not owned by this instance.
+
+ RMPointerArray<CCTKeyInfo> iKeysList;
+
+ HBufC8* iInputData; //Used by Decrypt and Sign operations.
+ HBufC8* iOutputData; //Used by Decrypt and Sign operations.
+ TPtr8 iOutputDataPtr;
+
+ TPKIKeyIdentifier iKeyId; //Used by store and generate keypair
+
+ CPkiServiceDecryptor* iPkiDecryptor;
+ CPkiServiceSigner* iPkiSigner;
+ CLogonServices* iLogonService;
+ CKeyManager* iKeyManager;
+ };
+
+#endif // C_KEYOPERATIONPROVIDER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/keyoperationqueue.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,124 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A task que to serialize the key operations among session.
+*
+*/
+
+
+
+#ifndef C_KEYOPERATIONQUEUE_H
+#define C_KEYOPERATIONQUEUE_H
+
+#include <e32base.h>
+
+#include "pkidefs.h"
+
+class CPKISession;
+class CKeyPairOperationProvider;
+class CPKIMapper;
+
+
+/**
+ * A queueing class for keypair operations.
+ *
+ * This class queues the keypairoperations issued by client sessions.
+ * The keyoperations are queued, because only one session handle to
+ * CUnifiedKeystore can be open in this process and the CUnifiedKeystore
+ * can't handle concurrent asynchronous operations simultaniously. Only one
+ * session handle can be open to CUnifiedKeystore, because of the required
+ * Login/Logoff functionality.
+ *
+ * Server side session add the operations to que by calling AddOperationL.
+ * The operations are handled one at the time. When the operation is completed, the
+ * key operation queue signals the associated RMessage.
+ *
+ * Rest of the operations are call backs, which are used to signal, that the current
+ * operation is completed.
+ *
+ */
+class CKeyOperationQueue : public CBase
+ {
+public:
+ static CKeyOperationQueue* NewL(CPKIMapper& aMapper);
+ ~CKeyOperationQueue();
+
+ void AddOperationL(CPKISession& aOwner,
+ const RMessage2& aMessage,
+ TInt aUsedKeyStore,
+ TPkiServiceStoreType aUsedCertStore);
+
+
+ void KeyStoreInitComplete(TInt aStatus);
+
+ /**
+ * Transfers the ownership of aKeyList.
+ */
+ void KeyPairListComplete(TInt aStatus, CArrayFixFlat<TKeyListEntry>* aKeyList);
+
+ /**
+ * Transfers the ownership of aDecryptedData.
+ */
+ void DecryptComplete(TInt aStatus, HBufC8* aDecryptedData);
+
+ /**
+ * Transfers the ownership of aSignedData.
+ */
+ void SignComplete(TInt aStatus, HBufC8* aSignedData);
+
+ /**
+ * Transfers the ownership of aPublicKeyData.
+ */
+ void GetPublicKeyCompleted(TInt aStatus, HBufC8* aPublicKeyData);
+
+ void LogonCompleted(TInt aStatus);
+ void LogoffCompleted(TInt aStatus);
+ void PasswordChangeCompleted(TInt aStatus);
+ void KeyPairRemoveCompleted(TInt aStatus);
+ void KeyGenerationCompleted(TInt aStatus, TPKIKeyIdentifier& aKeyId);
+ void StoreKeyPairCompleted(TInt aStatus, TPKIKeyIdentifier& aKeyId);
+
+
+private:
+
+ class TKeyOperation
+ {
+ public:
+ TKeyOperation(CPKISession& aOwner,
+ const RMessage2& aMessage,
+ TInt aUsedKeyStore,
+ TPkiServiceStoreType aUsedCertStore);
+
+ CPKISession& iOwner;
+ const RMessage2 iMessage;
+ TInt iUsedKeyStore;
+ TPkiServiceStoreType iUsedCertStore;
+ };
+
+
+ CKeyOperationQueue(CPKIMapper& aMapper);
+ void ConstructL();
+
+ void StartNextOperation();
+ void ServiceL(TKeyOperation& aOperation);
+
+ void CompleteCurrentOperation(TInt aStatus);
+
+ CPKIMapper& iMapper;
+ RPointerArray<TKeyOperation> iOperationQue;
+ TKeyOperation* iCurrentOperation;
+
+ CKeyPairOperationProvider* iKeyOperationProvider;
+ };
+
+#endif //C_KEYOPERATIONQUEUE_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/log_r6.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_R6_H__)
+#define __LOG_R6_H__
+
+_LIT(KLogFile,"pkiservice.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_R6_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/logonservices.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,72 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides logon and logoff functionality.
+*
+*/
+
+
+
+#ifndef C_LOGONSERVICES_H
+#define C_LOGONSERVICES_H
+
+#include <e32base.h>
+
+class CUnifiedKeyStore;
+
+class CLogonServices : public CActive
+ {
+public:
+ static CLogonServices* NewL(CUnifiedKeyStore& aUnifiedKeyStore);
+ ~CLogonServices();
+
+
+ void Logon(TRequestStatus& aClientStatus);
+ void Logoff(TRequestStatus& aClientStatus);
+ void ChangePassword(TRequestStatus& aClientStatus);
+
+ //Used by explicit login
+ void SetAuthenticationObject(MCTAuthenticationObject* aAuthenticationObject);
+
+ TBool LogonCompleted() const;
+
+ void RunL();
+ void DoCancel();
+
+private:
+ enum TLogonServiceState
+ {
+ ELogonServiceIdle = 0,
+ ELogonServiceAlreadyLoggedIn,
+ ELogonServiceListingKeys,
+ ELogonServiceOpeningAuthentication,
+ ELogonServiceClosingAuthentication,
+ ELogonServiceChangingPassword
+ };
+
+ CLogonServices(CUnifiedKeyStore& aUnifiedKeyStore);
+ void ConstructL();
+
+ void Cleanup();
+
+ CUnifiedKeyStore& iUnifiedKeyStore;
+ TRequestStatus* iClientStatus;
+ TLogonServiceState iState;
+
+ MCTKeyStoreManager* iUserKeyStore; //Not owned by this class
+ RMPointerArray<CCTKeyInfo> iKeysList;
+ MCTAuthenticationObject* iAuthenticationObject;
+ };
+
+#endif //C_LOGONSERVICES_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiservice.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,76 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI server main module
+*
+*/
+
+
+
+#ifndef __PKISERVICE_H__
+#define __PKISERVICE_H__
+
+#include <e32base.h>
+
+class CPKIMapper;
+class CSuspendedShutdown;
+class CCertificateRequestStore;
+class CKeyOperationQueue;
+
+class CPKIService:public CPolicyServer
+{
+ public:
+ static CPKIService* NewL(void);
+ virtual ~CPKIService(void);
+
+ CSession2* NewSessionL(const TVersion& aVersion, const RMessage2& aMessage) const;
+ void SessionDeleted();
+
+ CCertificateRequestStore& CertificateRequestStore();
+
+ private:
+ CPKIService();
+ void ConstructL();
+
+ static const TUint iRangeCount;
+ static const TInt iRanges[];
+ static const TUint8 iElementIndex[];
+
+ static const CPolicyServer::TPolicyElement iElements[];
+ static const CPolicyServer::TPolicy iPolicy;
+
+ mutable TInt iSessionCount;
+
+ CCertificateRequestStore *iCertificateRequestStore;
+ CSuspendedShutdown *iShutdown;
+ TBool iStopImmediately;
+ CPKIMapper *iMapper;
+ CKeyOperationQueue *iKeyOperationQueue;
+};
+
+class CSuspendedShutdown : public CActive
+{
+ public:
+ CSuspendedShutdown();
+ void Construct();
+ ~CSuspendedShutdown();
+ void ArmShutdown();
+ private:
+ void DoCancel();
+ void RunL();
+ private:
+ RTimer iTimer;
+};
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiserviceassert.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: a special assert macros used in pkiservice.
+*
+*/
+
+
+
+#ifndef PKISERVICEASSERT_H
+#define PKISERVICEASSERT_H
+
+#include "log_r6.h"
+
+#if defined(_DEBUG)
+
+#define PKISERVICE_ASSERT(cond) if(!(cond)){ LOG_("ASSERTION FAILED"); LOG8_1("%s, ", __FILE__); LOG8_1("%d", __LINE__); User::Invariant();}
+#define PKISERVICE_INVARIANT() LOG_("ASSERTION FAILED"); LOG8_1("%s, ", __FILE__); LOG8_1("%d", __LINE__); User::Invariant()
+
+#else
+
+#define PKISERVICE_ASSERT(cond)
+#define PKISERVICE_INVARIANT()
+
+#endif
+
+
+#endif //PKISERVICEASSERT_H
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiserviceclientservercommon.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,311 @@
+/*
+* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Collects data type used by both client and server.
+*
+*/
+
+
+
+
+#ifndef PKI_SERVICE_CLIENT_SERVER_COMMON_H
+#define PKI_SERVICE_CLIENT_SERVER_COMMON_H
+
+#include "pkidefs.h"
+
+static const TUid KPkiServiceUid3 = {0x101FAE07};
+_LIT(KPkiServerName,"!PKIserver");
+_LIT(KPkiServerImg,"pkiservice");
+
+
+const TInt KPkiMajorVersion = 1;
+const TInt KPkiMinorVersion = 0;
+const TInt KPkiBuildVersion = 0;
+
+
+const TInt KMyServerInitHeapSize=0x1000; // 4KB
+const TInt KMyServerMaxHeapSize=0x1000000; // 16MB
+const TInt KMyServerStackSize=0x2000; // 8KB
+
+namespace PkiService
+ {
+ enum TPkiServiceCommands
+ {
+ ELogon, // 0
+ EChangePassword, // 1
+ ESignWithKeyId, // 2
+ ESignWithCert, // 3
+ EDecrypt, // 4
+ EStoreKeypair, // 5
+ EGenerateKeypair, // 6
+ ECancelPendingOperation, // 7
+ EGetRequiredBufferSize, // 8
+ EReadPublicKey, // 9
+ EReadCertificate, // 10
+ EStoreCertificate, // 11
+ EAttachCertificate, // 12
+ ERemoveKeypair, // 13
+ ERemoveCertificate, // 14
+ ECertCount, // 15
+ EInitialize, // 16
+ ESaveCertificateRequest, // 17
+ EReadCertificateRequest, // 18
+ EDeleteCertificateRequest, // 19
+ ESetTrust, // 20
+ ETrusted, // 21
+ EKeyCount, // 22
+ EGetKeyList, // 23
+ EGetCertList, // 24
+ ESetApplicability, // 25
+ EApplications, // 26
+ EGetCertDetails, // 27
+ ELogoff, // 28
+ ECertReqCount, // 29
+ EGetCertReqList, // 30
+ EGetKeyDetails, // 31
+ EApplicableCertCount, // 32
+ EGetApplicableCertList, // 33
+ ESetCertStoreType, // 34
+ ESetKeyStoreType, // 35
+ ESetStoreType, // 36
+ EGetCertStoreType, // 37
+ EGetKeyStoreType, // 38
+ ESetInformational // 39
+ };
+ }
+
+
+
+const TInt KKeyUsageNotUsed = 0x5A5A5A5A;
+
+/**
+* Internal class. Not used by the API
+*/
+
+class TSecurityObjectDescriptor
+{
+ public:
+ TSecurityObjectDescriptor()
+ :iTrustedAuthority(),
+ iTrustedAuthorityUsed(EFalse),
+ iIdentitySubjectName(),
+ iIdentitySubjectNameUsed(EFalse),
+ iIdentityRfc822Name(),
+ iIdentityRfc822NameUsed(EFalse),
+ iSerialNumber(),
+ iSerialNumberUsed(EFalse),
+ iSubjectKeyId(),
+ iSubjectKeyIdUsed(EFalse),
+ iOwnerType(EPKICACertificate),
+ iOwnerTypeUsed(EFalse),
+ iKeyUsage( (TPKIKeyUsage) 0),
+ iKeyUsageDer(),
+ iKeyUsageUsed(EFalse),
+ iKeySize(0),
+ iKeySizeUsed(EFalse),
+ iKeyAlgorithm(EPKIInvalidAlgorithm),
+ iKeyAlgorithmUsed(EFalse),
+ iObjectSize(EFalse),
+ iEncrypted(EFalse),
+ iObjectName(),
+ iObjectNameUsed(EFalse),
+ iIsDeletable(EFalse),
+ iIsDeletableUsed(EFalse)
+ {};
+
+ void SetSubjectKeyId(const TPKIKeyIdentifier &aKeyId)
+ {
+ if(aKeyId.Length() > 0)
+ {
+ iSubjectKeyId.Copy(aKeyId);
+ iSubjectKeyIdUsed = ETrue;
+ }
+ else
+ {
+ iSubjectKeyIdUsed = EFalse;
+ }
+ };
+ void SetOwnerType(const TPKICertificateOwnerType aOwnerType)
+ {
+ iOwnerType = aOwnerType;
+ iOwnerTypeUsed = ETrue;
+ };
+ void SetKeyUsage(const TPKIKeyUsage aKeyUsage) // Optional if only certificate is needed
+ {
+ if((TInt)aKeyUsage != KKeyUsageNotUsed)
+ {
+ iKeyUsage = aKeyUsage;
+ iKeyUsageUsed = ETrue;
+ }
+ else
+ {
+ iKeyUsage = (TPKIKeyUsage)0;
+ iKeyUsageUsed = EFalse;
+ }
+ };
+ // Key usage is not defined in the filter, this will be checked separately
+ void SetKeySize(const TUint aKeySize)
+ {
+ if(aKeySize != 0)
+ {
+ iKeySize = aKeySize;
+ iKeySizeUsed = ETrue;
+ }
+ else
+ {
+ iKeySizeUsed = EFalse;
+ }
+ }; // Optional if only certificate is needed
+ void SetObjectName(const TDesC &aObjectName)
+ {
+ if(aObjectName.Length() > 0)
+ {
+ iObjectName.Copy(aObjectName);
+ iObjectNameUsed = ETrue;
+ }
+ else
+ {
+ iObjectNameUsed = EFalse;
+ }
+ };
+ // Issuer and serial are not defined in the filter, these will be checked separately
+ void SetTrustedAuthority(const TDesC8 &aTrustedAuthority)
+ {
+ if(aTrustedAuthority.Length() > 0)
+ {
+ iTrustedAuthority.Copy(aTrustedAuthority);
+ iTrustedAuthorityUsed = ETrue;
+ }
+ else
+ {
+ iTrustedAuthorityUsed = EFalse;
+ }
+ };
+ void SetIdentitySubjectName(const TDesC8 &aIdentitySubjectName)
+ {
+ if(aIdentitySubjectName.Length() > 0)
+ {
+ iIdentitySubjectName.Copy(aIdentitySubjectName);
+ iIdentitySubjectNameUsed = ETrue;
+ }
+ else
+ {
+ iIdentitySubjectNameUsed = EFalse;
+ }
+ };
+ void SetIdentityRfc822Name(const TDesC8 &aIdentityRfc822Name)
+ {
+ if(aIdentityRfc822Name.Length() > 0)
+ {
+ iIdentityRfc822Name.Copy(aIdentityRfc822Name);
+ iIdentityRfc822NameUsed = ETrue;
+ }
+ else
+ {
+ iIdentityRfc822NameUsed = EFalse;
+ }
+ };
+ void SetSerialNumber(const TDesC8 &aSerialNumber)
+ {
+ if(aSerialNumber.Length() > 0)
+ {
+ iSerialNumber.Copy(aSerialNumber);
+ iSerialNumberUsed = ETrue;
+ }
+ else
+ {
+ iSerialNumberUsed = EFalse;
+ }
+ };
+ void SetKeyAlgorithm(const TPKIKeyAlgorithm &aKeyAlgorithm)
+ {
+ iKeyAlgorithm = aKeyAlgorithm;
+ iKeyAlgorithmUsed = ETrue;
+ };
+ void SetIsDeletable(const TUint &aIsDeletable)
+ {
+ iIsDeletable = aIsDeletable;
+ iIsDeletableUsed = ETrue;
+ };
+ void Reset()
+ {
+ iObjectNameUsed = EFalse;
+ iTrustedAuthorityUsed = EFalse;
+ iIdentitySubjectNameUsed = EFalse;
+ iIdentityRfc822NameUsed = EFalse;
+ iSubjectKeyIdUsed = EFalse;
+ iOwnerTypeUsed = EFalse;
+ iKeyUsageUsed = EFalse;
+ iKeySizeUsed = EFalse;
+ iKeyAlgorithmUsed = EFalse;
+ };
+ TSecurityObjectDescriptor& operator=(const TSecurityObjectDescriptor& aDesc)
+ {
+ if (this != &aDesc)
+ {
+ this->iObjectName = aDesc.iObjectName;
+ this->iObjectNameUsed = aDesc.iObjectNameUsed;
+ this->iTrustedAuthority = aDesc.iTrustedAuthority;
+ this->iTrustedAuthorityUsed = aDesc.iTrustedAuthorityUsed;
+ this->iIdentitySubjectName = aDesc.iIdentitySubjectName;
+ this->iIdentitySubjectNameUsed = aDesc.iIdentitySubjectNameUsed;
+ this->iIdentityRfc822Name = aDesc.iIdentityRfc822Name;
+ this->iIdentityRfc822NameUsed = aDesc.iIdentityRfc822NameUsed;
+ this->iSerialNumber = aDesc.iSerialNumber;
+ this->iSerialNumberUsed = aDesc.iSerialNumberUsed;
+ this->iSubjectKeyId = aDesc.iSubjectKeyId;
+ this->iSubjectKeyIdUsed = aDesc.iSubjectKeyIdUsed;
+ this->iOwnerType = aDesc.iOwnerType;
+ this->iOwnerTypeUsed = aDesc.iOwnerTypeUsed;
+ this->iKeyUsage = aDesc.iKeyUsage;
+ this->iKeyUsageDer = aDesc.iKeyUsageDer;
+ this->iKeyUsageUsed = aDesc.iKeyUsageUsed;
+ this->iKeySize = aDesc.iKeySize;
+ this->iKeySizeUsed = aDesc.iKeySizeUsed;
+ this->iKeyAlgorithm = aDesc.iKeyAlgorithm;
+ this->iKeyAlgorithmUsed = aDesc.iKeyAlgorithmUsed;
+ this->iIsDeletable = aDesc.iIsDeletable;
+ this->iIsDeletableUsed = aDesc.iIsDeletableUsed;
+ }
+ return *this;
+ };
+
+ // No get methods introduced, values are used directly!
+ TBuf8<KMaxX500DN> iTrustedAuthority; // Cert TrustedAuthority
+ TBool iTrustedAuthorityUsed;
+ TBuf8<KMaxX500DN> iIdentitySubjectName; // Identity subject name
+ TBool iIdentitySubjectNameUsed;
+ TBuf8<KMaxRfc822> iIdentityRfc822Name; // Identity subjectAltName rfc822 name
+ TBool iIdentityRfc822NameUsed;
+ TBuf8<KMaxSerial> iSerialNumber; // Serialnumber
+ TBool iSerialNumberUsed;
+ TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key
+ TBool iSubjectKeyIdUsed;
+ TPKICertificateOwnerType iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set
+ TBool iOwnerTypeUsed;
+ TPKIKeyUsage iKeyUsage; // Key usage flags
+ TBuf8<KMaxUsageDer> iKeyUsageDer; // Der format flags
+ TBool iKeyUsageUsed;
+ TUint iKeySize; // Key size
+ TBool iKeySizeUsed;
+ TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA
+ TBool iKeyAlgorithmUsed;
+ TBool iObjectSize; // Byte size of the referenced security object
+ TBool iEncrypted; // Only used for passing aEncrypted parameter from client to server
+ TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+ TBool iObjectNameUsed;
+ TBool iIsDeletable; //
+ TBool iIsDeletableUsed;
+};
+
+#endif // PKI_SERVICE_CLIENT_SERVER_COMMON_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiserviceconstants.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Constants used in PKIService module
+*
+*/
+
+
+
+#ifndef PKISERVICECONSTANTS_H
+#define PKISERVICECONSTANTS_H
+
+const TInt STORETYPE_DEVICE_CERT_ID = 0x101FB668;
+const TInt STORETYPE_DEVICE_KEY_ID = 0x101FB66A;
+const TInt STORETYPE_USER_CERT_ID = 0x101F501A;
+const TInt STORETYPE_USER_KEY_ID = 0x101F7333;
+
+const TInt STORETYPE_ANY_KEY_ID = 0x0; //Not a real uid. Just used internally
+
+// Constants for cert store types
+_LIT(KUserCertStore, "Software certificate store");
+_LIT(KDeviceCertStore, "device certstore");
+
+
+
+#endif //PKISERVICECONSTANTS_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiservicedecryptor.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,81 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides a decrypt operation.
+*
+*/
+
+
+
+#ifndef C_PKISERVICEDECRYPTOR_H
+#define C_PKISERVICEDECRYPTOR_H
+
+#include <e32base.h>
+#include <unifiedkeystore.h>
+
+#include "pkidefs.h"
+
+class MCTKeyStoreManager;
+class CLogonServices;
+
+
+/**
+ * A class that decrypts data using a private key.
+ *
+ * This class handles the decryption of a data, which is
+ * encrypted by using a public key from a stored keypair.
+ */
+class CPkiServiceDecryptor : public CActive
+ {
+public:
+ static CPkiServiceDecryptor* NewL(CLogonServices& aLogonServices);
+ ~CPkiServiceDecryptor();
+
+ void Decrypt(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aEncryptedData,
+ TPtr8& aPlainTextData,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aClientstatus);
+
+
+ void RunL();
+ void DoCancel();
+
+private:
+ enum TDecryptorState
+ {
+ EDecryptorIdle = 0,
+ EDecryptorGettingKey,
+ EDecryptorOpeningDecryptor,
+ EDecryptorDecrypting
+ };
+
+ CPkiServiceDecryptor(CLogonServices& aLogonServices);
+ void Cleanup();
+
+ CLogonServices& iLogonServices;
+ TDecryptorState iState;
+ CUnifiedKeyStore* iKeyStore; //Not owned by this class
+ TInt iUsedKeyStore;
+ const TDesC8* iInput; //Not owned by this class
+ TPtr8* iPlainText;//Not owned by this class
+ TRequestStatus* iClientStatus;
+
+ MCTDecryptor* iDecryptor;
+ RMPointerArray<CCTKeyInfo> iKeysList;
+
+ CCTKeyInfo* iKeyInfo;
+ };
+
+#endif //C_PKISERVICEDECRYPTOR_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiservicesigner.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,84 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides a signing operation.
+*
+*/
+
+
+
+#ifndef C_PKISERVICESIGNER_H
+#define C_PKISERVICESIGNER_H
+
+#include <e32base.h>
+
+#include "pkidefs.h"
+
+class MCTKeyStoreManager;
+class CLogonServices;
+
+/**
+ * This class signs a given data by using a stored private key.
+ */
+class CPkiServiceSigner : public CActive
+ {
+public:
+ static CPkiServiceSigner* NewL(CLogonServices& aLogonServices);
+ ~CPkiServiceSigner();
+
+ void Sign(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aDataToBeSigned,
+ HBufC8*& aSignature,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aStatus);
+
+
+ void DoCancel();
+ void RunL();
+
+private:
+ enum TSignerState
+ {
+ ESignerIdle = 0,
+ ESignerGettingKey,
+ ESignerOpeningSigner,
+ ESignerSigning
+ };
+
+ CPkiServiceSigner(CLogonServices& aLogonServices);
+ void Cleanup();
+
+ CLogonServices& iLogonServices;
+
+ TSignerState iState;
+ TRequestStatus* iClientStatus;
+ CUnifiedKeyStore* iKeyStore; //Not owned by this class
+ TInt iUsedKeyStore;
+ TPtrC8 iInput; //Not owned by this class
+ HBufC8** iOutputBuffer;//Not owned by this class
+
+ const CCTKeyInfo* iUsedKeyInfo;
+
+ MRSASigner* iRsaSigner;
+ MDSASigner* iDsaSigner;
+
+ CRSASignature* iRsaSignature;
+ CDSASignature* iDsaSignature;
+
+ RMPointerArray<CCTKeyInfo> iKeysList;
+ };
+
+#endif //C_PKISERVICESIGNER_H
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkisession.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,76 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A server side session object. Owns instances of the CPKIService and
+* CPKIWrapper classes. All requests to the service objects go through
+* this object.
+*
+*/
+
+
+
+#ifndef __PKISESSION__
+#define __PKISESSION__
+
+#include <e32base.h>
+#include <unifiedkeystore.h>
+#include "pkidefs.h"
+#include "keyoperationprovider.h"
+
+class CPKIWrapper;
+class CPKIService;
+class CPKIMapper;
+class CKeyOperationQueue;
+
+class CPKISession: public CSession2//, public MKeyOperationObserver
+
+{
+ public:
+ static CPKISession* NewL(CPKIService& aServer,
+ CPKIMapper& aMapper,
+ CKeyOperationQueue& aKeyOperationQueue);
+ virtual ~CPKISession(void);
+
+ void ServiceL(const RMessage2& aMessage);
+
+ void SetRequiredBufferSize(TInt aSize);
+ void SetKeyList(CArrayFixFlat<TKeyListEntry> *aKeyList);
+ void InitializeWrapperL(const RMessage2& aMessage);
+
+
+private:
+ CPKISession(CPKIService& aServer, CPKIMapper& aMapper, CKeyOperationQueue& aKeyOperationQueue);
+ void ConstructL();
+ //void InitializeL(const RMessage2& aMessage);
+
+ /**
+ * Set the used key store.
+ */
+ void SetKeyStoreL(TPkiServiceStoreType aStoreType);
+ TPkiServiceStoreType KeyStore() const;
+
+ CPKIService &iServer;
+ CPKIMapper &iMapper;
+ CKeyOperationQueue &iKeyOperationQueue;
+
+ CPKIWrapper *iWrapper;
+ RArray<TUid> iUidArray;
+ TInt iApplCount;
+
+ TInt iUsedKeyStore;
+ CArrayFixFlat<TKeyListEntry> *iKeyList;
+ TInt iRequiredBufferSize;
+};
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkisupport.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,226 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: CPKISupport class implements the PKI interface for Symbian
+* PKI storage.
+*
+*/
+
+
+
+#ifndef __PKISUPPORT_H__
+#define __PKISUPPORT_H__
+
+#include <mctkeystore.h>
+#include "pkidefs.h"
+#include "eventmediatorapi.h" // for logging
+
+class CPKIWrapper;
+class CMapDescriptor;
+class TSecurityObjectDescriptor;
+class CUnifiedCertStore;
+class MCTWritableCertStore;
+class CCTCertInfo;
+class CCertAttributeFilter;
+
+enum TSubState
+{
+ ESSComplete,
+ ESSContinue,
+ ESSCompleteRequest,
+};
+
+enum TInitPhaseState
+{
+ EInitDone = 0,
+ EInitContinueInitialize,
+ EInitInitializeCertStore,
+ EInitRetrieveCertList,
+ EInitCompleteImportCerts,
+};
+
+enum TPending
+{
+ ENoPendingOperation,
+ EInitializeCertStore,
+ EListCerts,
+ EListDevCerts,
+ ECertAdd,
+ ECertRetrieve,
+ ECertRemove,
+ ESetTrust,
+ ETrusted,
+ ESetApplicability,
+ EApplications,
+ EIsApplicable,
+};
+
+
+/**
+ * Implements PKI support.
+ *
+ * @lib (internal) pkiservice.exe
+ * @since S60 v3.0
+ */
+class CPKISupport : public CActive
+{
+ public:
+
+ // Constructors, destructor
+ static CPKISupport* NewL(
+ CPKIMapper& aMapper, CPKIWrapper& aWrapper);
+ static CPKISupport* NewLC(
+ CPKIMapper& aMapper, CPKIWrapper& aWrapper);
+
+
+ ~CPKISupport();
+
+ void StartInitializeL(const RMessage2& aMessage);
+ void SetCurrentFunction(TInt aFunc);
+
+ // Certificate Data manipulation
+ void StoreCertificateL(const TDesC &aLabel,
+ TCertificateOwnerType aOwnerType, const TDesC8 &aBufferPtr,
+ const TBool& aIsDeletable, TRequestStatus& aStatus);
+
+ void AttachCertificateL(const TDesC &aLabel,
+ const TPKIKeyIdentifier &aKeyId,
+ const TDesC8 &aBufferPtr, TRequestStatus& aStatus);
+
+ void RetrieveCertificateL(const TDesC &aLabel,
+ TPtr8 &aBufferPtr, const TPKICertificateOwnerType& aType,
+ TRequestStatus& aStatus);
+
+ void RemoveCertificateL(const TDesC &aLabel,
+ TRequestStatus& aStatus);
+
+ void SelectCertificateL(const TDesC &aLabel,
+ const TPKICertificateOwnerType& aType = EPKICACertificate);
+
+ // Asynchronous sertificate store request
+ void GetCertificateStoreListAsync();
+
+ // Helper methods
+ TInt GetRequiredBufferSize();
+ void SetCallerStatusPending(TRequestStatus& aStatus);
+ void CompleteCallerStatus(TInt aError);
+ void SetTrustL(
+ const TDesC &aLabel, TBool aTrusted, TRequestStatus& aStatus);
+ void TrustedL(const TDesC &aLabel, TRequestStatus& aStatus);
+ void SetApplicabilityL(
+ const TDesC &aLabel, const RArray<TUid>& aApplUids,
+ TRequestStatus& Status);
+ void ApplicationsL(const TDesC &aLabel, TRequestStatus& Status);
+
+ inline void SetCertStoreType(TPkiServiceStoreType aStoreType)
+ {
+ iCertStoreType = aStoreType;
+ };
+
+ inline const TPkiServiceStoreType CertStoreType() const
+ {
+ return iCertStoreType;
+ };
+
+ private: // implementation
+ CPKISupport(CPKIMapper& aMapper, CPKIWrapper& aWrapper);
+ void ConstructL();
+
+ void CancelCurrentOperation();
+ CCTKeyInfo::EKeyAlgorithm ConvertPKIAlgorithm(TPKIKeyAlgorithm aAlg);
+ TPKIKeyAlgorithm ConvertSymbianAlgorithm(CCTKeyInfo::EKeyAlgorithm aAlg);
+ void FindInterfacesL();
+ void ListAllCertificatesL();
+ void ReadNextCertForImportL();
+ void SaveCertInfoToCacheL();
+ TBool GetApplicationsOfCTFCertL();
+
+ void ContinueStoreCertificateL();
+ void ContinueRetrieveCertificate();
+ void ContinueStoreCertifiedKeypairL();
+ void ContinueRemoveCertificate();
+ void ContinueSetTrust();
+ void ContinueSetApplicability();
+ void ContinueApplications();
+ void ContinueTrusted();
+ void DoRunOperationL();
+ void DoRunLoggedInOperationL();
+
+ // Function to remove all MIDP2 certificates from the
+ // local listing (MIDP2 certs shouldn't be supported by VPN)
+ void CleanupCertListL();
+
+ // CActive methods
+ void RunL();
+ void DoCancel();
+ TInt RunError(TInt aError);
+
+ /**
+ * Used for logging.
+ * Exctracts certificate info from the parameters
+ * and inserts result into iCertInfoForLogging.
+ * Result string looks like this:
+ * \nLabel: <label> \nOwner: <owner> \nSubject: <subject> \nIssuer: <issuer>"
+ *
+ * @param aLabel Label of the certificate
+ * @param aOwnerType Owner of the certificate
+ * @param aBufferPtr The certificate
+ */
+ void ExtractCertInfoL(const TDesC& aLabel,
+ const TCertificateOwnerType& aOwnerType,
+ const TDesC8& aBufferPtr);
+
+ /**
+ * Logs certificate storing into VPN client UI log.
+ *
+ * @param aError 0 if storing succeeded
+ */
+ void LogCertStoring(TInt aError);
+
+ private: // data
+ CPKIMapper &iMapper;
+ CPKIWrapper &iWrapper;
+
+ TPending iPending;
+ TPtr8 iImportCertDataPtr;
+
+ RFs iFSession;
+ CUnifiedCertStore *iCertStore;
+ MCTWritableCertStore *iWritableCertStore;
+ TRequestStatus *iCallerStatus;
+ TInt iSupportStatus;
+ TPtr8 *iOutBufferPtr;
+ TInt iCurrentFunction;
+ TInitPhaseState iInitState;
+ TSubState iSubState;
+ RMPointerArray<CCTCertInfo> *iCerts;
+ CCertAttributeFilter *iCertFilter;
+ RMessage2 iMessage;
+ TKeyIdentifier iKeyId;
+ TInt iRequiredBufferLength;
+ TBool iTrusted;
+ RArray<TUid> iApplUids;
+ TInt iImportCounter;
+ CMapDescriptor *iImportCertMapping;
+ HBufC8 *iImportCertData;
+ TBool iToggleSwitch;
+
+ TPkiServiceStoreType iCertStoreType;
+ TInt iDeviceCertStoreIndex;
+ MCTWritableCertStore* iWritableDeviceCertStore;
+
+ REventMediator iEventMediator; // for logging
+ HBufC8* iCertInfoForLogging;
+
+};
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/pkiwrapper.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,133 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Defines common API for handling PKI certificates and keys.
+*
+*/
+
+
+
+#if !defined (__PKIWRAPPER_H__)
+#define __PKIWRAPPER_H__
+
+#include <e32base.h>
+
+#include "pkidefs.h"
+#include "pkiserviceclientservercommon.h"
+
+class CMapDescriptor;
+class CPKISupport;
+class CPKIMapper;
+
+class CPKIWrapper : public CActive
+{
+ public:
+
+ // Constructors, destructor
+ static CPKIWrapper* NewL(CPKIMapper& aMapper);
+ ~CPKIWrapper();
+
+ ////////////////////////////////////////////////////////////////////////////////////////////
+ // Interface
+ ////////////////////////////////////////////////////////////////////////////////////////////
+ TInt InitOperation(const RMessage2& aMessage);
+ void CancelPendingOperation();
+ TInt GetRequiredBufferSizeL(const RMessage2& aMessage);
+ void CompleteRequestAndCleanupL();
+
+ void InitializeL(const RMessage2& aMessage);
+ void SetTrusted(TBool aValue);
+ void SetApplications(const RArray<TUid>& aApplUids);
+
+ void SetCertStoreType(TPkiServiceStoreType aStoreType);
+
+ TPkiServiceStoreType CertStoreType() const;
+
+ void SetInformational(const TBool aInfoOnly);
+
+ static void SaveIdentityL(CMapDescriptor &aCertMapping,
+ const TDesC8& aCertDataIn,
+ TCertificateOwnerType aOwner);
+ private: // From CActive
+ void RunL();
+ void DoCancel();
+ TInt RunError(TInt aError);
+
+ private: // implementation
+ CPKIWrapper(CPKIMapper& aMapper);
+ void ConstructL();
+
+ // ===================================================================================================================
+ // Start phase functions
+ // ===================================================================================================================
+ void StartSetTrustL();
+ void StartTrustedL();
+ void StartSetApplicabilityL();
+ void StartApplicationsL();
+
+ void StartRemoveCertificateL();
+
+ // Certificate operations
+ void StartReadCertificateL();
+ // Peer or CA certificate
+ void StartStoreCertificateL();
+ // Enrollrd certificate
+ void StartAttachCertificateL();
+
+ // ===================================================================================================================
+ // Execution phase functions
+ // ===================================================================================================================
+ // Crypto operations
+ void ExecuteSetTrustL();
+ void ExecuteTrustedL();
+ void ExecuteSetApplicabilityL();
+ void ExecuteApplicationsL();
+ void ExecuteRemoveCertificateL();
+
+ // Certificate operations
+ void ExecuteReadCertificateL();
+ // Peer or CA certificate
+ void ExecuteStoreCertificateL();
+ // Enrollrd certificate
+ void ExecuteAttachCertificateL();
+
+
+ enum TWrapperState
+ {
+ EExecute,
+ EComplete
+ };
+
+
+ CPKIMapper& iMapper;
+ CPKISupport* iPKISupport;
+ TInt iIndex;
+ CMapDescriptor* iCurrentMapping;
+ TBuf<MAX_FILENAME_LENGTH>* iObjectName;
+ TInt iCurrentStatus;
+ TWrapperState iCurrentState;
+ TPckgBuf<TSecurityObjectDescriptor> iCurrentDescriptor;
+ RMessage2 iMessage;
+ HBufC8* iCertBuffer;
+ TPtr8 iPtrCertBuffer;
+ TInt iRequiredBufferLength;
+ RArray<TUid> iUidArray;
+ TUint iCount;
+ TUint iMaxCount;
+ TBool iTrusted;
+
+ TBool iInfoOnly;
+
+};
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/rom/pkiservice.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project pkiservice
+*
+*/
+
+
+
+#ifndef __PKISERVICE_IBY__
+#define __PKISERVICE_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature PKISERVICE not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\pkiservice.exe PROGRAMS_DIR\pkiservice.exe
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __PKISERVICE_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/certificaterequeststore.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,201 @@
+/*
+* Copyright (c) 2007 - 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class, which handles storing and accessing certificate requests.
+*
+*/
+
+
+
+#include <bautils.h>
+
+#include "certificaterequeststore.h"
+
+
+_LIT(KCertReqPat, "*.req");
+_LIT(KCertReqFileNameFormat, "certreq(%d).req");
+
+
+CCertificateRequestStore* CCertificateRequestStore::NewL()
+ {
+ CCertificateRequestStore* self = new (ELeave) CCertificateRequestStore;
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+void CCertificateRequestStore::ConstructL()
+ {
+ User::LeaveIfError(iFileSession.Connect());
+ User::LeaveIfError(iFileSession.PrivatePath(iPrivatePath));
+ User::LeaveIfError(iFileSession.SetSessionPath(iPrivatePath));
+ }
+
+
+CCertificateRequestStore::~CCertificateRequestStore()
+ {
+ iFileSession.Close();
+ }
+
+
+TInt CCertificateRequestStore::CertReqCountL()
+ {
+ TInt count(0);
+
+ TFindFile* fileFinder = new (ELeave) TFindFile(iFileSession);
+ CleanupDeletePushL(fileFinder);
+
+ CDir* fileList = NULL;
+ TInt err = fileFinder->FindWildByDir(KCertReqPat, iPrivatePath, fileList);
+
+ switch(err)
+ {
+ case KErrNone:
+ count = fileList->Count();
+ delete fileList;
+ fileList = NULL;
+ break;
+ case KErrNotFound:
+ //No saved requests.
+ //Returns zero.
+ break;
+ default:
+ User::Leave(err);
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(fileFinder);
+ return count;
+
+ }
+
+
+
+CArrayFixFlat<TCertificateRequestListEntry>* CCertificateRequestStore::GetCertReqListLC()
+ {
+ CArrayFixFlat<TCertificateRequestListEntry>* list =
+ new (ELeave) CArrayFixFlat<TCertificateRequestListEntry>(3);
+ CleanupStack::PushL(list);
+
+ TCertificateRequestListEntry certReqInfo;
+
+ TFindFile* fileFinder = new (ELeave)TFindFile(iFileSession);
+ CleanupDeletePushL(fileFinder);
+
+ CDir* fileList;
+ TInt err = fileFinder->FindWildByDir(KCertReqPat, iPrivatePath, fileList);
+
+ switch(err)
+ {
+ case KErrNone:
+ CleanupStack::PushL(fileList);
+ for (TInt i = 0; i < fileList->Count(); i++)
+ {
+ certReqInfo.iObjectName = (*fileList)[i].iName;
+ list->AppendL(certReqInfo);
+ }
+ CleanupStack::PopAndDestroy(); // fileList
+ break;
+ case KErrNotFound:
+ //No saved requests.
+ //Returns zero length array.
+ break;
+ default:
+ User::Leave(err);
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(fileFinder);
+ return list;
+ }
+
+
+HBufC* CCertificateRequestStore::SaveCertRequestLC(const TDesC8& aCertReqData)
+ {
+
+ TFileName* certReqFileName = GetNewCertReqFileNameLC();
+
+ RFile certReqFile;
+ User::LeaveIfError(certReqFile.Create(iFileSession, *certReqFileName, EFileWrite));
+ CleanupClosePushL(certReqFile);
+
+ TInt err = certReqFile.Write(aCertReqData);
+
+ CleanupStack::PopAndDestroy(); //certReqFile
+
+ if (err != KErrNone)
+ {
+ //Just in case
+ iFileSession.Delete(*certReqFileName);
+ User::Leave(err);
+ }
+
+
+ HBufC* certReqObjectName = certReqFileName->AllocL();
+ CleanupStack::PopAndDestroy(certReqFileName);
+ CleanupStack::PushL(certReqObjectName);
+
+ return certReqObjectName;
+ }
+
+
+HBufC8* CCertificateRequestStore::ReadCertRequestLC(const TDesC& aCertReqObjectName)
+ {
+ RFile file;
+ User::LeaveIfError(file.Open(iFileSession, aCertReqObjectName, EFileRead));
+ CleanupClosePushL(file);
+
+ TInt requestSize(0);
+ User::LeaveIfError(file.Size(requestSize));
+
+ HBufC8* requestData = HBufC8::NewLC(requestSize);
+ TPtr8 requestDataPtr(requestData->Des());
+
+ User::LeaveIfError(file.Read(requestDataPtr));
+
+ CleanupStack::Pop(requestData);
+ CleanupStack::PopAndDestroy(); //file
+
+ CleanupStack::PushL(requestData);
+
+ return requestData;
+ }
+
+
+void CCertificateRequestStore::DeleteCertRequestL(const TDesC& aCertReqObjectName)
+ {
+ User::LeaveIfError(iFileSession.Delete(aCertReqObjectName));
+ }
+
+
+TFileName* CCertificateRequestStore::GetNewCertReqFileNameLC()
+ {
+ TFileName* fileName = new (ELeave) TFileName;
+ CleanupDeletePushL(fileName);
+
+ TInt i = 0;
+ do
+ {
+ fileName->Format(KCertReqFileNameFormat, i);
+ if (!BaflUtils::FileExists(iFileSession, *fileName))
+ {
+ break;
+ }
+ ++i;
+ }while(i > 0); //loop infinite.
+
+ return fileName;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/keymanager.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,539 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class, which provides operation for deleting, saving and creating keypairs.
+*
+*/
+
+
+
+#include <mctauthobject.h>
+
+#include "keymanager.h"
+#include "logonservices.h"
+#include "utlcrypto.h"
+#include "base64.h"
+#include "pkiserviceassert.h"
+#include "pkiserviceconstants.h"
+
+const TTimeIntervalYears KValidityPeriod(20);
+_LIT_SECURITY_POLICY_C1(KSymbianKeyStoreMgmtPolicy, ECapabilityWriteDeviceData);
+_LIT_SECURITY_POLICY_C1(KSymbianKeyStoreUsePolicy, ECapabilityReadDeviceData);
+
+CKeyManager* CKeyManager::NewL(CLogonServices& aLogonServices)
+ {
+ CKeyManager* self = new (ELeave) CKeyManager(aLogonServices);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CKeyManager::CKeyManager(CLogonServices& aLogonServices)
+:CActive(EPriorityNormal), iLogonServices(aLogonServices)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+void CKeyManager::ConstructL()
+ {
+ }
+
+
+CKeyManager::~CKeyManager()
+ {
+ Cleanup();
+ }
+
+
+void CKeyManager::RemoveKeyPair(const TPKIKeyIdentifier& aKeyId,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == EKeyManagerIdle);
+ PKISERVICE_ASSERT(iClientStatus == NULL);
+ PKISERVICE_ASSERT(aUsedKeyStore == STORETYPE_USER_KEY_ID ||
+ aUsedKeyStore == STORETYPE_DEVICE_KEY_ID ||
+ aUsedKeyStore == STORETYPE_ANY_KEY_ID);
+
+
+ iState = ERetrievingKeyPairForRemove;
+
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ iUsedKeyStore = aUsedKeyStore;
+ iUnifiedKeyStore = &aUnifiedKeyStore;
+
+ TCTKeyAttributeFilter filter;
+ filter.iKeyId = aKeyId;
+
+ iUnifiedKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ }
+
+
+void CKeyManager::GenerateKeyPair(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TUint aKeySize,
+ TPKIKeyAlgorithm aKeyAlgorithm,
+ TPKIKeyIdentifier& aKeyId,
+ TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == EKeyManagerIdle);
+ PKISERVICE_ASSERT(iObjectName == NULL);
+ PKISERVICE_ASSERT(iClientStatus == NULL);
+ PKISERVICE_ASSERT(aUsedKeyStore == STORETYPE_USER_KEY_ID ||
+ aUsedKeyStore == STORETYPE_DEVICE_KEY_ID ||
+ aUsedKeyStore == STORETYPE_ANY_KEY_ID);
+
+ iState = EGeneratingKeyPair;
+
+ iKeyId = &aKeyId;
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ iUnifiedKeyStore = &aUnifiedKeyStore;
+
+ if (aUsedKeyStore == STORETYPE_ANY_KEY_ID)
+ {
+ //If any type is used the key is greated in
+ //user store.
+ aUsedKeyStore = STORETYPE_USER_KEY_ID;
+ }
+
+ TRAPD(err, iObjectName = GetUniqueNameL());
+ if (err == KErrNone)
+ {
+ TTime startDate;
+ TTime endDate;
+ startDate.UniversalTime();
+ endDate.UniversalTime();
+ endDate += KValidityPeriod;
+
+ TInt keyStoreCount = iUnifiedKeyStore->KeyStoreManagerCount();
+ TInt i = 0;
+ for (i = 0; i < keyStoreCount; ++i)
+ {
+ MCTKeyStoreManager& keyStore = iUnifiedKeyStore->KeyStoreManager(i);
+ if (keyStore.Token().TokenType().Type().iUid == aUsedKeyStore)
+ {
+ break;
+ }
+ }
+ PKISERVICE_ASSERT(i < keyStoreCount);
+
+
+ iUnifiedKeyStore->CreateKey(i, EPKCS15UsageSignDecrypt,
+ aKeySize,
+ *iObjectName,
+ ConvertPKIAlgorithm(aKeyAlgorithm),
+ CKeyInfoBase::EExtractable,
+ startDate,
+ endDate,
+ iKeyInfo,
+ iStatus);
+ SetActive();
+
+ }
+ else
+ {
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+
+ User::RequestComplete(ownStatus, err);
+ }
+ }
+
+
+void CKeyManager::ImportKeyPair(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TDesC8& aKeyData,
+ TPKIKeyIdentifier& aKeyId,
+ TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == EKeyManagerIdle);
+ PKISERVICE_ASSERT(iObjectName == NULL);
+ PKISERVICE_ASSERT(iClientStatus == NULL);
+ PKISERVICE_ASSERT(aUsedKeyStore == STORETYPE_USER_KEY_ID ||
+ aUsedKeyStore == STORETYPE_DEVICE_KEY_ID ||
+ aUsedKeyStore == STORETYPE_ANY_KEY_ID);
+
+
+ iState = EImportingKeyPair;
+
+ iKeyId = &aKeyId;
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ iUnifiedKeyStore = &aUnifiedKeyStore;
+
+ if (aUsedKeyStore == STORETYPE_ANY_KEY_ID)
+ {
+ //If any type is used the key is greated in
+ //user store.
+ aUsedKeyStore = STORETYPE_USER_KEY_ID;
+ }
+
+
+ TRAPD(err, iObjectName = GetUniqueNameL());
+ if (err == KErrNone)
+ {
+ TTime startDate;
+ TTime endDate;
+ startDate.UniversalTime();
+ endDate.UniversalTime();
+ endDate += KValidityPeriod;
+
+ TInt keyStoreCount = iUnifiedKeyStore->KeyStoreManagerCount();
+ TInt i = 0;
+ for (i = 0; i < keyStoreCount; ++i)
+ {
+ MCTKeyStoreManager& keyStore = iUnifiedKeyStore->KeyStoreManager(i);
+ if (keyStore.Token().TokenType().Type().iUid == aUsedKeyStore)
+ {
+ break;
+ }
+ }
+ PKISERVICE_ASSERT(i < keyStoreCount);
+
+
+ iUnifiedKeyStore->ImportKey(i, aKeyData,
+ EPKCS15UsageSignDecrypt,
+ *iObjectName,
+ CKeyInfoBase::EExtractable,
+ startDate,
+ endDate,
+ iKeyInfo,
+ iStatus);
+ SetActive();
+ }
+ else
+ {
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+
+ User::RequestComplete(ownStatus, err);
+ }
+ }
+
+
+void CKeyManager::ExportPublicKey(CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ const TPKIKeyIdentifier& aKeyId,
+ HBufC8*& aPublicKeyData,
+ TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == EKeyManagerIdle);
+ PKISERVICE_ASSERT(iPublicKeyData == NULL);
+ PKISERVICE_ASSERT(iClientStatus == NULL);
+ PKISERVICE_ASSERT(aUsedKeyStore == STORETYPE_USER_KEY_ID ||
+ aUsedKeyStore == STORETYPE_DEVICE_KEY_ID ||
+ aUsedKeyStore == STORETYPE_ANY_KEY_ID);
+
+ iState = ERetrievingKeyListForExport;
+ iPublicKeyData = &aPublicKeyData;
+ iUsedKeyStore = aUsedKeyStore;
+
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ iUnifiedKeyStore = &aUnifiedKeyStore;
+
+
+ TCTKeyAttributeFilter filter;
+ filter.iKeyId = aKeyId;
+
+ iUnifiedKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ }
+
+
+
+void CKeyManager::RunL()
+ {
+ if (iStatus.Int() == KErrNone)
+ {
+ switch(iState)
+ {
+ case ERetrievingKeyPairForRemove:
+ {
+ TInt keyIndex = GetKeyIndex(iUsedKeyStore, iKeysList);
+ if ( keyIndex >= 0)
+ {
+ iState = ERemovingKeyPair;
+ iUnifiedKeyStore->DeleteKey(iKeysList[keyIndex]->Handle(), iStatus);
+ SetActive();
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrNotFound);
+ }
+ }
+ break;
+ case ERemovingKeyPair:
+ Cleanup();
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ break;
+ case EImportingKeyPair: //falls through
+ case EGeneratingKeyPair:
+ {
+ iState = ESettingManagementPolicy;
+
+ MCTAuthenticationObject* authObject = iKeyInfo->Protector();
+ if (authObject != NULL)
+ {
+ //authObject is NULL for device store
+ iLogonServices.SetAuthenticationObject(authObject);
+ }
+
+ iUnifiedKeyStore->SetManagementPolicy(iKeyInfo->Handle(),
+ KSymbianKeyStoreMgmtPolicy,
+ iStatus);
+ SetActive();
+ }
+ break;
+ case ESettingManagementPolicy:
+ iState = ESettingUsePolicy;
+ iUnifiedKeyStore->SetUsePolicy(iKeyInfo->Handle(),
+ KSymbianKeyStoreUsePolicy,
+ iStatus);
+ SetActive();
+ break;
+ case ESettingUsePolicy:
+ *iKeyId = iKeyInfo->ID();
+ Cleanup();
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ case ERetrievingKeyListForExport:
+ {
+ TInt keyIndex = GetKeyIndex(iUsedKeyStore, iKeysList);
+ if ( keyIndex >= 0)
+ {
+ iState = EExportingPublicKey;
+ TCTTokenObjectHandle tokenHandle = iKeysList[keyIndex]->Handle();
+ iUnifiedKeyStore->ExportPublic(tokenHandle, *iPublicKeyData, iStatus);
+ SetActive();
+
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrNotFound);
+ }
+ }
+ break;
+ case EExportingPublicKey:
+ {
+ iState = EKeyManagerIdle;
+
+ if (iStatus.Int() == KErrNone)
+ {
+ TPtr8 publicKeyPtr = (*iPublicKeyData)->Des();
+
+ // Fix length and strip header (not a
+ // perfect solution!), but certificate
+ // enrollment request wants to have
+ // only PKCS#1 key data.
+ TInt tempLength = 0;
+ TInt skip = 0;
+ if(publicKeyPtr[1] == 0x82)
+ {
+ tempLength = (publicKeyPtr[2] << 8) + publicKeyPtr[3] + 4 - 0x18;
+ skip = 0x18;
+ }
+ else
+ {
+ tempLength = publicKeyPtr[2] + 3 - 0x16;
+ skip = 0x16;
+ }
+
+ PKISERVICE_ASSERT(tempLength <= publicKeyPtr.MaxLength());
+ publicKeyPtr.Copy(publicKeyPtr.Ptr() + skip, tempLength);
+ }
+ Cleanup();
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ }
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ }
+
+
+void CKeyManager::DoCancel()
+ {
+ switch(iState)
+ {
+ case ERetrievingKeyListForExport: //falls through
+ case ERetrievingKeyPairForRemove:
+ iUnifiedKeyStore->CancelList();
+ break;
+ case ERemovingKeyPair:
+ iUnifiedKeyStore->CancelDeleteKey();
+ break;
+ case EGeneratingKeyPair:
+ iUnifiedKeyStore->CancelCreateKey();
+ break;
+ case EImportingKeyPair:
+ iUnifiedKeyStore->CancelImportKey();
+ break;
+ case ESettingManagementPolicy:
+ iUnifiedKeyStore->CancelSetManagementPolicy();
+ break;
+ case ESettingUsePolicy:
+ iUnifiedKeyStore->CancelSetUsePolicy();
+ break;
+ case EExportingPublicKey:
+ iUnifiedKeyStore->CancelExportPublic();
+ delete *iPublicKeyData;
+ *iPublicKeyData = NULL;
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ }
+ Cleanup();
+ User::RequestComplete(iClientStatus, KErrCancel);
+ }
+
+
+void CKeyManager::RunError()
+ {
+ //RunL doesn't leave
+ PKISERVICE_INVARIANT();
+ }
+
+void CKeyManager::Cleanup()
+ {
+ iState = EKeyManagerIdle;
+
+ iPublicKeyData = NULL;
+
+ if (iKeyInfo != NULL)
+ {
+ iKeyInfo->Release();
+ iKeyInfo = NULL;
+ }
+ iKeysList.Close();
+
+ delete iObjectName;
+ iObjectName = NULL;
+
+ iUnifiedKeyStore = NULL;
+
+ iUsedKeyStore = 0;
+ }
+
+
+HBufC* CKeyManager::GetUniqueNameL() const
+ {
+ TBuf<MAX_FILENAME_LENGTH> date;
+ TTime time;
+ TDateTime dateTime;
+
+ time.HomeTime();
+ dateTime = time.DateTime();
+
+ TBuf8<16> dateString;
+
+ _LIT8(KFormatTxt,"%4d%02d%02d%02d%02d%02d%02d");
+ dateString.Format(KFormatTxt,
+ dateTime.Year(),
+ dateTime.Month()+1,
+ // Format the month as a TInt to preserve locale independence
+ dateTime.Day()+1,
+ // Day and month ranges begin at zero (0-30 and 0-11),
+ // so add one when formatting
+ dateTime.Hour(), dateTime.Minute(), dateTime.Second(), dateTime.MicroSecond()
+ );
+
+ TPKISHA1Hash hash;
+ CUtlMessageDigest* digester = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ CleanupStack::PushL(digester);
+ TPtrC8 hashValue = digester->Final(dateString);
+
+ TBase64Codec base64Codec;
+ HBufC8* uniqueName8 = base64Codec.Base64EncodeLC(hashValue);
+ TPtr8 uniqueName8Ptr = uniqueName8->Des();
+
+ // Replace /
+ for(TInt i = 0; i < uniqueName8->Length(); i++)
+ {
+ if(uniqueName8Ptr[i] == '/')
+ {
+ uniqueName8Ptr[i] = '_';
+ }
+ }
+
+ HBufC* uniqueName = HBufC::NewL(uniqueName8->Length());
+ uniqueName->Des().Copy(*uniqueName8);
+
+ CleanupStack::PopAndDestroy(uniqueName8);
+ CleanupStack::PopAndDestroy(digester);
+
+ return uniqueName;
+ }
+
+
+CCTKeyInfo::EKeyAlgorithm CKeyManager::ConvertPKIAlgorithm(TPKIKeyAlgorithm aAlg) const
+ {
+ CCTKeyInfo::EKeyAlgorithm algorithm = CCTKeyInfo::EInvalidAlgorithm;
+
+ switch(aAlg)
+ {
+ case EPKIRSA:
+ algorithm = CCTKeyInfo::ERSA;
+ break;
+ case EPKIDSA:
+ algorithm = CCTKeyInfo::EDSA;
+ break;
+ case EPKIDH:
+ algorithm = CCTKeyInfo::EDH;
+ break;
+ default:
+ break;
+ }
+ return algorithm;
+ }
+
+
+TInt CKeyManager::GetKeyIndex(TInt aUsedKeyStore, const RMPointerArray<CCTKeyInfo>& aKeysList) const
+ {
+ TInt i;
+ for (i = 0; i < aKeysList.Count(); ++i)
+ {
+ if (aUsedKeyStore == STORETYPE_ANY_KEY_ID ||
+ aUsedKeyStore == aKeysList[i]->Token().TokenType().Type().iUid)
+ {
+ break;
+ }
+ }
+ if ( i >= aKeysList.Count())
+ {
+ i = KErrNotFound;
+ }
+
+ return i;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/keyoperationprovider.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,532 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class, which provides keypair operations.
+*
+*/
+
+
+#include <asymmetric.h>
+
+#include "keyoperationprovider.h"
+#include "pkiservicesigner.h"
+#include "pkiservicedecryptor.h"
+#include "pkisession.h"
+#include "pkidefs.h"
+#include "logonservices.h"
+#include "keymanager.h"
+#include "pkiserviceassert.h"
+#include "keyoperationqueue.h"
+
+static const TInt KTimeoutNever = -1;
+
+CKeyPairOperationProvider* CKeyPairOperationProvider::NewL(CKeyOperationQueue& aKeyOperationQueue)
+ {
+ CKeyPairOperationProvider* self = new (ELeave)CKeyPairOperationProvider(aKeyOperationQueue);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CKeyPairOperationProvider::CKeyPairOperationProvider(CKeyOperationQueue& aKeyOperationQueue)
+:CActive(EPriorityStandard), iKeyOperationQueue(aKeyOperationQueue), iOutputDataPtr(NULL, 0)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+void CKeyPairOperationProvider::ConstructL()
+ {
+ User::LeaveIfError(iFileServer.Connect());
+ iUnifiedKeyStore = CUnifiedKeyStore::NewL(iFileServer);
+ iLogonService = CLogonServices::NewL(*iUnifiedKeyStore);
+ iKeyManager = CKeyManager::NewL(*iLogonService);
+ iPkiSigner = CPkiServiceSigner::NewL(*iLogonService);
+ iPkiDecryptor = CPkiServiceDecryptor::NewL(*iLogonService);
+ }
+
+
+CKeyPairOperationProvider::~CKeyPairOperationProvider()
+ {
+ Cancel();
+
+ delete iPkiDecryptor;
+ delete iPkiSigner;
+ delete iKeyManager;
+ delete iLogonService;
+ delete iUnifiedKeyStore;
+ iFileServer.Close();
+ }
+
+
+void CKeyPairOperationProvider::Initialize()
+ {
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationInitialize;
+ if (!iIsInitialized)
+ {
+ iUnifiedKeyStore->Initialize(iStatus);
+ SetActive();
+ }
+ else
+ {
+ TRequestStatus* ownStatus = &iStatus;
+ *ownStatus = KRequestPending;
+ SetActive();
+ User::RequestComplete(ownStatus, KErrNone);
+ }
+ }
+
+
+void CKeyPairOperationProvider::GetKeyPairList(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationGetKeyList;
+ iUsedKeyStore = aUsedKeyStore;
+
+ TCTKeyAttributeFilter filter;
+ if (aKeyId.Length() > 0)
+ {
+ filter.iKeyId = aKeyId;
+ }
+
+ iUnifiedKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::Decrypt(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aEncryptedData,
+ TInt aOutputLength)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+ PKISERVICE_ASSERT(aKeyId.Length() > 0);
+
+ iKeyOperation = EKeyOperationDecrypting;
+ TRAPD(err, DecryptL(aKeyId, aUsedKeyStore, aEncryptedData, aOutputLength));
+ if (err != KErrNone)
+ {
+ iStatus = KRequestPending;
+ TRequestStatus* ownStatus = &iStatus;
+ SetActive();
+
+ User::RequestComplete(ownStatus, err);
+ }
+ }
+
+
+void CKeyPairOperationProvider::DecryptL(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aEncryptedData,
+ TInt aOutputLength)
+ {
+ PKISERVICE_ASSERT(iKeysList.Count() == 0);
+ PKISERVICE_ASSERT(iInputData == NULL);
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationDecrypting);
+
+ iInputData = aEncryptedData;
+ iOutputData = HBufC8::NewL(aOutputLength);
+ iOutputDataPtr.Set(iOutputData->Des());
+
+ iPkiDecryptor->Decrypt(aKeyId,
+ *iInputData,
+ iOutputDataPtr,
+ *iUnifiedKeyStore,
+ aUsedKeyStore,
+ iStatus);
+
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::Sign(const TPKIKeyIdentifier& aKeyId,
+ TInt aUsedKeyStore,
+ HBufC8* aDataToBeSigned)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+ PKISERVICE_ASSERT(aKeyId.Length() > 0);
+ PKISERVICE_ASSERT(iKeysList.Count() == 0);
+ PKISERVICE_ASSERT(iInputData == NULL);
+
+
+ iKeyOperation = EKeyOperationSigning;
+ iInputData = aDataToBeSigned;
+
+ iPkiSigner->Sign(aKeyId,
+ *iInputData,
+ iOutputData,
+ *iUnifiedKeyStore,
+ aUsedKeyStore,
+ iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::Logon()
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationLogon;
+ iLogonService->Logon(iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::Logoff()
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationLogoff;
+ iLogonService->Logoff(iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::ChangePassword()
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ if (iLogonService->LogonCompleted())
+ {
+ iKeyOperation = EKeyOperationChangingPassword;
+ iLogonService->ChangePassword(iStatus);
+ }
+ else
+ {
+ iKeyOperation = EKeyOperationLogonForChangePassword;
+ iLogonService->Logon(iStatus);
+ }
+
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::RemoveKeyPair(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationRemoveKeyPair;
+
+ iKeyManager->RemoveKeyPair(aKeyId, *iUnifiedKeyStore, aUsedKeyStore, iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::GenerateKeyPair(const TUint aKeySize,
+ TPKIKeyAlgorithm aKeyAlgorithm,
+ TInt aUsedKeyStore)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationGeneratingKeyPair;
+
+ iKeyManager->GenerateKeyPair(*iUnifiedKeyStore, aUsedKeyStore, aKeySize,
+ aKeyAlgorithm, iKeyId, iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::ImportKeyPair(HBufC8* aKeyData, TInt aUsedKeyStore)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationImportingKeyPair;
+ iInputData = aKeyData;
+
+ iKeyManager->ImportKeyPair(*iUnifiedKeyStore, aUsedKeyStore, *iInputData, iKeyId, iStatus);
+ SetActive();
+ }
+
+
+void CKeyPairOperationProvider::GetPublicKey(const TPKIKeyIdentifier& aKeyId, TInt aUsedKeyStore)
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ PKISERVICE_ASSERT(!IsActive());
+ PKISERVICE_ASSERT(iKeyOperation == EKeyOperationIdle);
+
+ iKeyOperation = EKeyOperationPublicKeyExport;
+
+ iKeyManager->ExportPublicKey(*iUnifiedKeyStore, aUsedKeyStore, aKeyId, iOutputData, iStatus);
+ SetActive();
+ }
+
+
+
+void CKeyPairOperationProvider::RunL()
+ {
+ switch(iKeyOperation)
+ {
+ case EKeyOperationInitialize:
+ {
+ iKeyOperation = EKeyOperationIdle;
+ TInt err = iStatus.Int();
+ if (err == KErrNone)
+ {
+ if (!iIsInitialized)
+ {
+ iKeyOperation = EKeyOperationSetPassPhraseTimeout;
+ iUnifiedKeyStore->SetPassphraseTimeout(KTimeoutNever, iStatus);
+ SetActive();
+ }
+ else
+ {//keystore is already initialized
+ iKeyOperationQueue.KeyStoreInitComplete(err);
+ }
+ }
+ else
+ {
+ iKeyOperationQueue.KeyStoreInitComplete(err);
+ }
+ }
+ break;
+ case EKeyOperationSetPassPhraseTimeout:
+ iKeyOperation = EKeyOperationIdle;
+ if (iStatus.Int() == KErrNone)
+ {
+ iIsInitialized = ETrue;
+ }
+ iKeyOperationQueue.KeyStoreInitComplete(iStatus.Int());
+ break;
+ case EKeyOperationGetKeyList:
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ iKeyOperation = EKeyOperationIdle;
+
+ CArrayFixFlat<TKeyListEntry>* list = NULL;
+ TInt err = iStatus.Int();
+ if (err == KErrNone)
+ {
+ TRAP(err, list = MakeKeyEntryListL(iKeysList, iUsedKeyStore));
+ }
+ CleanupCryptoOperation();
+ iKeyOperationQueue.KeyPairListComplete(err, list);
+ }
+ break;
+ case EKeyOperationDecrypting:
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ iKeyOperation = EKeyOperationIdle;
+ HBufC8* plainTextData = NULL;
+ if (iStatus.Int() == KErrNone)
+ {
+ plainTextData = iOutputData;
+ iOutputData = NULL;
+ }
+ CleanupCryptoOperation();
+ iKeyOperationQueue.DecryptComplete(iStatus.Int(), plainTextData);
+ }
+ break;
+ case EKeyOperationSigning:
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ iKeyOperation = EKeyOperationIdle;
+ HBufC8* data = iOutputData;
+ iOutputData = NULL;
+ CleanupCryptoOperation();
+ iKeyOperationQueue.SignComplete(iStatus.Int(), data);
+ }
+ break;
+ case EKeyOperationPublicKeyExport:
+ {
+ PKISERVICE_ASSERT(iIsInitialized);
+ iKeyOperation = EKeyOperationIdle;
+
+ PKISERVICE_ASSERT((iStatus.Int() == KErrNone && iOutputData != NULL) ||
+ (iStatus.Int() != KErrNone && iOutputData == NULL));
+
+ HBufC8* publicKeyData = iOutputData;
+ iOutputData = NULL;
+ CleanupCryptoOperation();
+ iKeyOperationQueue.GetPublicKeyCompleted(iStatus.Int(), publicKeyData);
+ }
+ break;
+ case EKeyOperationLogon:
+ iKeyOperation = EKeyOperationIdle;
+ iKeyOperationQueue.LogonCompleted(iStatus.Int());
+ break;
+ case EKeyOperationLogoff:
+ iKeyOperation = EKeyOperationIdle;
+ iKeyOperationQueue.LogoffCompleted(iStatus.Int());
+ break;
+ case EKeyOperationLogonForChangePassword:
+ iKeyOperation = EKeyOperationIdle;
+ if (iStatus.Int() == KErrNone)
+ {
+ iKeyOperation = EKeyOperationChangingPassword;
+ iLogonService->ChangePassword(iStatus);
+ SetActive();
+ }
+ else
+ {
+ iKeyOperationQueue.PasswordChangeCompleted(iStatus.Int());
+ }
+ break;
+ case EKeyOperationChangingPassword:
+ iKeyOperation = EKeyOperationIdle;
+ iKeyOperationQueue.PasswordChangeCompleted(iStatus.Int());
+ break;
+ case EKeyOperationRemoveKeyPair:
+ iKeyOperation = EKeyOperationIdle;
+ iKeyOperationQueue.KeyPairRemoveCompleted(iStatus.Int());
+ break;
+ case EKeyOperationGeneratingKeyPair:
+ {
+ iKeyOperation = EKeyOperationIdle;
+ TPKIKeyIdentifier keyId = iKeyId;
+ iKeyId.Zero();
+ iKeyOperationQueue.KeyGenerationCompleted(iStatus.Int(), keyId);
+ }
+ break;
+ case EKeyOperationImportingKeyPair:
+ {
+ delete iInputData;
+ iInputData = NULL;
+ iKeyOperation = EKeyOperationIdle;
+ TPKIKeyIdentifier keyId = iKeyId;
+ iKeyId.Zero();
+ iKeyOperationQueue.StoreKeyPairCompleted(iStatus.Int(), keyId);
+ }
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ }
+ }
+
+
+void CKeyPairOperationProvider::DoCancel()
+ {
+ switch(iKeyOperation)
+ {
+ case EKeyOperationInitialize:
+ PKISERVICE_ASSERT(!iIsInitialized);
+ iUnifiedKeyStore->CancelInitialize();
+ break;
+ case EKeyOperationSetPassPhraseTimeout:
+ iUnifiedKeyStore->CancelSetPassphraseTimeout();
+ break;
+ case EKeyOperationGetKeyList:
+ PKISERVICE_ASSERT(iIsInitialized);
+ iUnifiedKeyStore->CancelList();
+ break;
+ case EKeyOperationDecrypting:
+ //Deletes and cancels the decryptor also
+ CleanupCryptoOperation();
+ break;
+ case EKeyOperationSigning:
+ //Deletes and cancels the signer also.
+ CleanupCryptoOperation();
+ break;
+ case EKeyOperationLogon: //falls through
+ case EKeyOperationLogoff: //falls through
+ case EKeyOperationLogonForChangePassword: //falls through
+ case EKeyOperationChangingPassword:
+ iLogonService->Cancel();
+ break;
+ case EKeyOperationRemoveKeyPair: //falls through
+ case EKeyOperationGeneratingKeyPair://falls through
+ case EKeyOperationImportingKeyPair://falls through
+ case EKeyOperationPublicKeyExport:
+ iKeyManager->Cancel();
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ }
+ iKeyOperation = EKeyOperationIdle;
+ }
+
+
+TInt CKeyPairOperationProvider::RunError(TInt aError)
+ {
+ //This is not be called, because the RunL doesn't
+ //leave.
+ PKISERVICE_INVARIANT();
+ return aError;
+ }
+
+
+CArrayFixFlat<TKeyListEntry>* CKeyPairOperationProvider::MakeKeyEntryListL(RMPointerArray<CCTKeyInfo> aKeysList,
+ TInt aUsedKeyStore) const
+ {
+ CArrayFixFlat<TKeyListEntry>* list = new (ELeave) CArrayFixFlat<TKeyListEntry>(2);
+ CleanupStack::PushL(list);
+
+ for (TInt i = 0; i < aKeysList.Count(); ++i)
+ {
+ const CCTKeyInfo* info = aKeysList[i];
+ if (aUsedKeyStore == 0 ||
+ aUsedKeyStore == aKeysList[i]->Token().TokenType().Type().iUid)
+ {
+ TKeyListEntry keyInfo;
+ keyInfo.iObjectName = info->Label();
+ keyInfo.iSubjectKeyId = info->ID();
+ keyInfo.iKeySize = info->Size(); // Key size
+ switch(info->Algorithm())
+ {
+ case CCTKeyInfo::ERSA:
+ keyInfo.iKeyAlgorithm = EPKIRSA;
+ break;
+ case CCTKeyInfo::EDSA:
+ keyInfo.iKeyAlgorithm = EPKIDSA;
+ break;
+ case CCTKeyInfo::EDH:
+ keyInfo.iKeyAlgorithm = EPKIDH;
+ break;
+ default:
+ keyInfo.iKeyAlgorithm = EPKIInvalidAlgorithm;
+ break;
+ }
+ list->AppendL(keyInfo);
+ }
+ }
+ CleanupStack::Pop(list);
+ return list;
+ }
+
+
+
+void CKeyPairOperationProvider::CleanupCryptoOperation()
+ {
+ delete iInputData;
+ iInputData = NULL;
+
+ delete iOutputData;
+ iOutputData = NULL;
+ iKeysList.Close();
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/keyoperationqueue.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,525 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A task que to serialize the key operations among session.
+*
+*/
+
+
+
+#include "keyoperationqueue.h"
+#include "pkiserviceclientservercommon.h"
+#include "keyoperationprovider.h"
+#include "PKIMapper.h"
+#include "pkisession.h"
+#include "pkiserviceassert.h"
+
+#include "log_r6.h"
+
+CKeyOperationQueue::TKeyOperation::TKeyOperation(CPKISession& aOwner,
+ const RMessage2& aMessage,
+ TInt aUsedKeyStore,
+ TPkiServiceStoreType aUsedCertStore)
+:iOwner(aOwner), iMessage(aMessage), iUsedKeyStore(aUsedKeyStore), iUsedCertStore(aUsedCertStore)
+ {
+ }
+
+
+
+CKeyOperationQueue* CKeyOperationQueue::NewL(CPKIMapper& aMapper)
+ {
+ CKeyOperationQueue* self = new (ELeave) CKeyOperationQueue(aMapper);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CKeyOperationQueue::CKeyOperationQueue(CPKIMapper& aMapper)
+:iMapper(aMapper)
+ {
+ }
+
+
+void CKeyOperationQueue::ConstructL()
+ {
+ iKeyOperationProvider = CKeyPairOperationProvider::NewL(*this);
+ }
+
+CKeyOperationQueue::~CKeyOperationQueue()
+ {
+ PKISERVICE_ASSERT(iOperationQue.Count() == 0);
+ PKISERVICE_ASSERT(iCurrentOperation == NULL);
+
+ delete iKeyOperationProvider;
+ iOperationQue.Close();
+ }
+
+
+
+void CKeyOperationQueue::AddOperationL(CPKISession& aOwner,
+ const RMessage2& aMessage,
+ TInt aUsedKeyStore,
+ TPkiServiceStoreType aUsedCertStore)
+ {
+ TKeyOperation* operation = new (ELeave) TKeyOperation(aOwner, aMessage,
+ aUsedKeyStore, aUsedCertStore);
+ CleanupDeletePushL(operation);
+ User::LeaveIfError(iOperationQue.Append(operation));
+ CleanupStack::Pop(operation);
+
+ if (iCurrentOperation == NULL)
+ {
+ PKISERVICE_ASSERT(iOperationQue.Count() == 1);
+ //No operations in progress.
+ //Handle the new one.
+ StartNextOperation();
+ }
+ }
+
+
+
+
+void CKeyOperationQueue::StartNextOperation()
+ {
+ PKISERVICE_ASSERT(iOperationQue.Count() > 0);
+ PKISERVICE_ASSERT(iCurrentOperation == NULL);
+
+ iCurrentOperation = iOperationQue[0];
+ iOperationQue.Remove(0);
+
+ TRAPD(err, ServiceL(*iCurrentOperation));
+ if (err != KErrNone)
+ {
+ iCurrentOperation->iMessage.Complete(err);
+ iCurrentOperation = NULL;
+
+ if (iOperationQue.Count() > 0)
+ {
+ StartNextOperation();
+ }
+ }
+ }
+
+
+void CKeyOperationQueue::ServiceL(TKeyOperation& aOperation)
+ {
+ switch(aOperation.iMessage.Function())
+ {
+ case PkiService::EInitialize:
+ iKeyOperationProvider->Initialize();
+ break;
+ case PkiService::EKeyCount:
+ {
+ TPKIKeyIdentifier keyId;
+ keyId.Zero();
+
+ iKeyOperationProvider->GetKeyPairList(keyId, aOperation.iUsedKeyStore);
+ }
+ break;
+
+ case PkiService::EGetKeyDetails:
+ {
+ TPKIKeyIdentifier keyId;
+ aOperation.iMessage.ReadL(1, keyId);
+
+ iKeyOperationProvider->GetKeyPairList(keyId, aOperation.iUsedKeyStore);
+ }
+ break;
+ case PkiService::EDecrypt:
+ {
+ TPKIKeyIdentifier keyId;
+ aOperation.iMessage.ReadL(0, keyId);
+
+ if (keyId.Length() > 0)
+ {
+ HBufC8* encryptedData = HBufC8::NewLC(aOperation.iMessage.GetDesLength(1));
+ TPtr8 encryptedDataPtr = encryptedData->Des();
+ aOperation.iMessage.ReadL(1, encryptedDataPtr);
+
+ CleanupStack::Pop(encryptedData);
+ //Transfer the ownership of the encryptedData
+
+ TInt outputBufferMaxLength = aOperation.iMessage.GetDesMaxLength(2);
+ User::LeaveIfError(outputBufferMaxLength);
+ iKeyOperationProvider->Decrypt(keyId, aOperation.iUsedKeyStore, encryptedData,
+ outputBufferMaxLength);
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ break;
+ case PkiService::ESignWithKeyId:
+ {
+ TPKIKeyIdentifier keyId;
+ aOperation.iMessage.ReadL(0, keyId);
+
+ if (keyId.Length() > 0)
+ {
+ HBufC8* dataIn = HBufC8::NewLC(aOperation.iMessage.GetDesLength(1));
+ TPtr8 dataInPtr = dataIn->Des();
+ aOperation.iMessage.ReadL(1, dataInPtr);
+
+ //transfers the dataIn buffer ownership
+ CleanupStack::Pop(dataIn);
+ iKeyOperationProvider->Sign(keyId, aOperation.iUsedKeyStore, dataIn);
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ break;
+ case PkiService::ESignWithCert:
+ {
+ TSecurityObjectDescriptor *securityObjectDesc = new (ELeave) TSecurityObjectDescriptor;
+ CleanupDeletePushL(securityObjectDesc);
+
+ TPckg<TSecurityObjectDescriptor> securityObjectDescPacketBuffer(*securityObjectDesc);
+ aOperation.iMessage.ReadL(0, securityObjectDescPacketBuffer);
+
+ TPKIKeyIdentifier keyId;
+ iMapper.GetCertificateKeyIdL(*securityObjectDesc, keyId,
+ aOperation.iUsedCertStore);
+
+ CleanupStack::PopAndDestroy(securityObjectDesc);
+
+ if (keyId.Length() > 0)
+ {
+ HBufC8* dataIn = HBufC8::NewLC(aOperation.iMessage.GetDesLength(1));
+ TPtr8 dataInPtr = dataIn->Des();
+ aOperation.iMessage.ReadL(1, dataInPtr);
+
+ //transfers the dataIn buffer ownership
+ CleanupStack::Pop(dataIn);
+ iKeyOperationProvider->Sign(keyId, aOperation.iUsedKeyStore, dataIn);
+
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ break;
+ case PkiService::EReadPublicKey:
+ {
+ TPKIKeyIdentifier keyId;
+ aOperation.iMessage.ReadL(0, keyId);
+
+ if (keyId.Length() > 0)
+ {
+ iKeyOperationProvider->GetPublicKey(keyId, aOperation.iUsedKeyStore);
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ break;
+ case PkiService::ELogon:
+ iKeyOperationProvider->Logon();
+ break;
+ case PkiService::ELogoff:
+ iKeyOperationProvider->Logoff();
+ break;
+ case PkiService::EChangePassword:
+ iKeyOperationProvider->ChangePassword();
+ break;
+ case PkiService::ERemoveKeypair:
+ {
+ TPKIKeyIdentifier keyId;
+ aOperation.iMessage.ReadL(0, keyId);
+
+ if (keyId.Length() > 0)
+ {
+ iKeyOperationProvider->RemoveKeyPair(keyId, aOperation.iUsedKeyStore);
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ break;
+ case PkiService::EGenerateKeypair:
+ {
+ TUint keySize = aOperation.iMessage.Int1();
+ TPKIKeyAlgorithm keyAlgorithm = static_cast<TPKIKeyAlgorithm>(aOperation.iMessage.Int2());
+ iKeyOperationProvider->GenerateKeyPair(keySize, keyAlgorithm, aOperation.iUsedKeyStore);
+ }
+ break;
+ case PkiService::EStoreKeypair:
+ {
+ HBufC8* keyData = HBufC8::NewLC(aOperation.iMessage.GetDesLength(1));
+ TPtr8 keyDataPtr = keyData->Des();
+ aOperation.iMessage.ReadL(1, keyDataPtr);
+
+ CleanupStack::Pop(keyData);
+ iKeyOperationProvider->ImportKeyPair(keyData, aOperation.iUsedKeyStore);
+ }
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+
+ }
+
+
+void CKeyOperationQueue::CompleteCurrentOperation(TInt aStatus)
+ {
+ TKeyOperation* operation = iCurrentOperation;
+ iCurrentOperation = NULL;
+
+ operation->iMessage.Complete(aStatus);
+ delete operation;
+
+ if (iOperationQue.Count() > 0)
+ {
+ StartNextOperation();
+ }
+ }
+
+
+void CKeyOperationQueue::KeyStoreInitComplete(TInt aStatus)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EInitialize);
+
+ if (aStatus == KErrNone)
+ {
+ TRAPD(err, iCurrentOperation->iOwner.InitializeWrapperL(iCurrentOperation->iMessage));
+ if (err != KErrNone && iCurrentOperation->iMessage.Handle() != NULL)
+ {
+ CompleteCurrentOperation(err);
+ }
+ else
+ {
+ delete iCurrentOperation;
+ iCurrentOperation = NULL;
+ if (iOperationQue.Count() > 0)
+ {
+ StartNextOperation();
+ }
+ }
+ }
+ else
+ {
+ CompleteCurrentOperation(aStatus);
+ }
+ }
+
+
+void CKeyOperationQueue::KeyPairListComplete(TInt aStatus, CArrayFixFlat<TKeyListEntry>* aKeyList)
+ {
+
+ PKISERVICE_ASSERT((aStatus == KErrNone && aKeyList != NULL) ||
+ (aStatus != KErrNone && aKeyList == NULL));
+
+ if (iCurrentOperation->iMessage.Function() == PkiService::EKeyCount)
+ {
+ //If we are getting key count, we save the
+ //iKeyList, because the next call will be the list
+ //retrieve.
+
+ if (aStatus == KErrNone)
+ {
+ iCurrentOperation->iOwner.SetKeyList(aKeyList);
+ CompleteCurrentOperation(aKeyList->Count());
+ }
+ else
+ {
+ CompleteCurrentOperation(aStatus);
+ }
+ }
+ else
+ {
+ //If we are just retrieving a key details.
+ //We can clean up the key list at the end.
+
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EGetKeyDetails);
+ if (aStatus == KErrNone)
+ {
+ if (aKeyList->Count() > 0)
+ {
+ const TKeyListEntry& entry = (*aKeyList)[0];
+ const TPckg<TKeyListEntry> listEntryBuf(entry);
+ TInt err = iCurrentOperation->iMessage.Write(0, listEntryBuf);
+
+ //We should newer get overflow,
+ //because API knows the length of the result.
+ __ASSERT_DEBUG(err != KErrOverflow, User::Invariant());
+
+ CompleteCurrentOperation(err);
+ }
+ else
+ {
+ CompleteCurrentOperation(KPKIErrNotFound);
+ }
+ }
+ else
+ {
+ CompleteCurrentOperation(aStatus);
+ }
+ delete aKeyList;
+ }
+ }
+
+
+void CKeyOperationQueue::DecryptComplete(TInt aStatus, HBufC8* aDecryptedData)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EDecrypt);
+
+
+ PKISERVICE_ASSERT((aStatus == KErrNone && aDecryptedData != NULL) ||
+ (aStatus != KErrNone && aDecryptedData == NULL));
+
+
+ if (aDecryptedData != NULL)
+ {
+ aStatus = iCurrentOperation->iMessage.Write(2, *aDecryptedData);
+ if (aStatus == KErrOverflow)
+ {
+ iCurrentOperation->iOwner.SetRequiredBufferSize(aDecryptedData->Length());
+ aStatus = KPKIErrBufferTooShort;
+ }
+ delete aDecryptedData;
+ }
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::SignComplete(TInt aStatus, HBufC8* aSignedData)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::ESignWithKeyId ||
+ iCurrentOperation->iMessage.Function() == PkiService::ESignWithCert);
+
+ PKISERVICE_ASSERT((aStatus == KErrNone && aSignedData != NULL) ||
+ (aStatus != KErrNone && aSignedData == NULL));
+
+
+ if (aSignedData != NULL)
+ {
+ aStatus = iCurrentOperation->iMessage.Write(2, *aSignedData);
+ if (aStatus == KErrOverflow)
+ {
+ iCurrentOperation->iOwner.SetRequiredBufferSize(aSignedData->Length());
+ aStatus = KPKIErrBufferTooShort;
+ }
+
+ delete aSignedData;
+ }
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::GetPublicKeyCompleted(TInt aStatus, HBufC8* aPublicKeyData)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EReadPublicKey);
+
+ PKISERVICE_ASSERT((aStatus == KErrNone && aPublicKeyData != NULL) ||
+ (aStatus != KErrNone && aPublicKeyData == NULL));
+
+
+ if (aPublicKeyData != NULL)
+ {
+ aStatus = iCurrentOperation->iMessage.Write(1, *aPublicKeyData);
+ if (aStatus == KErrOverflow)
+ {
+ iCurrentOperation->iOwner.SetRequiredBufferSize(aPublicKeyData->Length());
+ aStatus = KPKIErrBufferTooShort;
+ }
+ delete aPublicKeyData;
+ }
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::LogonCompleted(TInt aStatus)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::ELogon);
+
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::LogoffCompleted(TInt aStatus)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::ELogoff);
+
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::PasswordChangeCompleted(TInt aStatus)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EChangePassword);
+
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::KeyPairRemoveCompleted(TInt aStatus)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::ERemoveKeypair);
+
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::KeyGenerationCompleted(TInt aStatus, TPKIKeyIdentifier& aKeyId)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EGenerateKeypair);
+
+ if (aStatus == KErrNone)
+ {
+ aStatus = iCurrentOperation->iMessage.Write(0, aKeyId);
+ if (aStatus == KErrOverflow)
+ {
+ iCurrentOperation->iOwner.SetRequiredBufferSize(aKeyId.Length());
+ aStatus = KPKIErrBufferTooShort;
+ }
+
+ }
+ CompleteCurrentOperation(aStatus);
+ }
+
+
+void CKeyOperationQueue::StoreKeyPairCompleted(TInt aStatus, TPKIKeyIdentifier& aKeyId)
+ {
+ PKISERVICE_ASSERT(iCurrentOperation != NULL);
+ PKISERVICE_ASSERT(iCurrentOperation->iMessage.Function() == PkiService::EStoreKeypair);
+
+ if (aStatus == KErrNone)
+ {
+ aStatus = iCurrentOperation->iMessage.Write(0, aKeyId);
+ if (aStatus == KErrOverflow)
+ {
+ iCurrentOperation->iOwner.SetRequiredBufferSize(aKeyId.Length());
+ aStatus = KPKIErrBufferTooShort;
+ }
+ }
+ CompleteCurrentOperation(aStatus);
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/logonservices.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,258 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides logon and logoff functionality.
+*
+*/
+
+
+#include <unifiedkeystore.h>
+#include <mctauthobject.h>
+
+#include "logonservices.h"
+#include "pkidefs.h"
+#include "pkiserviceassert.h"
+#include "pkiserviceconstants.h"
+
+CLogonServices* CLogonServices::NewL(CUnifiedKeyStore& aUnifiedKeyStore)
+ {
+ CLogonServices* self = new (ELeave) CLogonServices(aUnifiedKeyStore);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ return self;
+ }
+
+
+CLogonServices::CLogonServices(CUnifiedKeyStore& aUnifiedKeyStore)
+:CActive(EPriorityStandard), iUnifiedKeyStore(aUnifiedKeyStore)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+void CLogonServices::ConstructL()
+ {
+ }
+
+
+CLogonServices::~CLogonServices()
+ {
+ Cancel();
+ }
+
+
+void CLogonServices::Logon(TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == ELogonServiceIdle);
+ iState = ELogonServiceListingKeys;
+
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ if (iAuthenticationObject == NULL)
+ {
+ //First find the User key store
+ TInt keyStoreCount = iUnifiedKeyStore.KeyStoreManagerCount();
+ TInt i = 0;
+ for (i = 0; i < keyStoreCount; ++i)
+ {
+ MCTKeyStoreManager& keyStore = iUnifiedKeyStore.KeyStoreManager(i);
+ if (keyStore.Token().TokenType().Type().iUid == STORETYPE_USER_KEY_ID)
+ {
+ iUserKeyStore = &keyStore;
+ TCTKeyAttributeFilter filter;
+ iUserKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ break;
+ }
+ }
+
+ if (i == keyStoreCount)
+ {
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, KPKIErrNotSupported);
+ }
+ }
+ else
+ {
+ //Logon already done
+ iState = ELogonServiceAlreadyLoggedIn;
+
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, KErrNone);
+ }
+ }
+
+
+void CLogonServices::Logoff(TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == ELogonServiceIdle);
+ iState = ELogonServiceClosingAuthentication;
+
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ if (iAuthenticationObject != NULL)
+ {
+ iAuthenticationObject->Close(iStatus);
+ SetActive();
+ }
+ else
+ {
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, KErrNone);
+ }
+ }
+
+
+void CLogonServices::SetAuthenticationObject(MCTAuthenticationObject* aAuthenticationObject)
+ {
+ if (iAuthenticationObject == NULL)
+ {
+ iAuthenticationObject = aAuthenticationObject;
+ }
+ }
+
+
+void CLogonServices::ChangePassword(TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iState == ELogonServiceIdle);
+ PKISERVICE_ASSERT(LogonCompleted());
+
+ iState = ELogonServiceChangingPassword;
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ iAuthenticationObject->ChangeReferenceData(iStatus);
+ SetActive();
+ }
+
+
+void CLogonServices::RunL()
+ {
+ if (iStatus.Int() == KErrNone)
+ {
+ switch(iState)
+ {
+ case ELogonServiceAlreadyLoggedIn:
+ iState = ELogonServiceIdle;
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ case ELogonServiceListingKeys:
+ iState = ELogonServiceIdle;
+ if (iKeysList.Count() > 0)
+ {
+ iState = ELogonServiceOpeningAuthentication;
+
+ CCTKeyInfo* keyInfo = iKeysList[0];
+ iAuthenticationObject = keyInfo->Protector();
+ iAuthenticationObject->Open(iStatus);
+ SetActive();
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrKeyStoreEmpty);
+ }
+ break;
+ case ELogonServiceOpeningAuthentication:
+ iState = ELogonServiceIdle;
+ Cleanup();
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ case ELogonServiceClosingAuthentication:
+ iState = ELogonServiceIdle;
+ iAuthenticationObject = NULL;
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ case ELogonServiceChangingPassword:
+ iState = ELogonServiceIdle;
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+
+ }
+ else
+ {
+ Cleanup();
+ iState = ELogonServiceIdle;
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ }
+
+
+void CLogonServices::DoCancel()
+ {
+ switch(iState)
+ {
+ case ELogonServiceListingKeys:
+ iUserKeyStore->CancelList();
+ break;
+ case ELogonServiceOpeningAuthentication:
+ iAuthenticationObject->CancelOpen();
+ iAuthenticationObject = NULL;
+ break;
+ case ELogonServiceClosingAuthentication:
+ if (iAuthenticationObject != NULL)
+ {
+ iAuthenticationObject->CancelClose();
+ iAuthenticationObject = NULL;
+ }
+ //else do nothing
+ break;
+ case ELogonServiceChangingPassword:
+ iAuthenticationObject->CancelChangeReferenceData();
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+
+ Cleanup();
+ iState = ELogonServiceIdle;
+ User::RequestComplete(iClientStatus, KErrCancel);
+ }
+
+
+void CLogonServices::Cleanup()
+ {
+ iKeysList.Close();
+ }
+
+
+TBool CLogonServices::LogonCompleted() const
+ {
+ if (iState == ELogonServiceIdle &&
+ iAuthenticationObject != NULL)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkimapper.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,984 @@
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* CPKIMapper class holds the information required to map API set to
+* use the storage model which is not native for that API.
+*
+*/
+
+
+#include <x500dn.h>
+#include <x509cert.h>
+
+#include "PKIMapper.h"
+#include "pkcs10.h"
+#include "log_r6.h"
+#include "pkiserviceassert.h"
+
+
+CMapDescriptor::CMapDescriptor(TSecurityObjectDescriptor &aDesc)
+ {
+ this->iSubjectKeyId = aDesc.iSubjectKeyId;
+ this->iOwnerType = aDesc.iOwnerType;
+ this->iKeySize = aDesc.iKeySize;
+ this->iKeyAlgorithm = aDesc.iKeyAlgorithm;
+ this->iIsDeletable = aDesc.iIsDeletable;
+ }
+
+CMapDescriptor& CMapDescriptor::operator=(CMapDescriptor& aMapDesc)
+{
+ delete this->iTrustedAuthority;
+ this->iTrustedAuthority = NULL;
+ if(aMapDesc.iTrustedAuthority != NULL)
+ {
+ this->iTrustedAuthority = aMapDesc.iTrustedAuthority->Des().AllocL(); // Cert TrustedAuthority
+ }
+ delete this->iIdentitySubjectName;
+ this->iIdentitySubjectName = NULL;
+ if(aMapDesc.iIdentitySubjectName != NULL)
+ {
+ this->iIdentitySubjectName = aMapDesc.iIdentitySubjectName->Des().AllocL(); // Identity subject name
+ }
+ delete this->iIdentityRfc822Name;
+ this->iIdentityRfc822Name = NULL;
+ if(aMapDesc.iIdentityRfc822Name != NULL)
+ {
+ this->iIdentityRfc822Name = aMapDesc.iIdentityRfc822Name->Des().AllocL(); // Identity subjectAltName rfc822 name
+ }
+ delete this->iSerialNumber;
+ this->iSerialNumber = NULL;
+ if(aMapDesc.iSerialNumber != NULL)
+ {
+ this->iSerialNumber = aMapDesc.iSerialNumber->Des().AllocL(); // Serialnumber
+ }
+
+ this->iSubjectKeyId = aMapDesc.iSubjectKeyId; // SHA1 hash of the corresponding private key
+ this->iOwnerType = aMapDesc.iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set
+ this->iKeyUsageDer = aMapDesc.iKeyUsageDer; // Der format flags
+ this->iObjectName = aMapDesc.iObjectName;
+ this->iKeySize = aMapDesc.iKeySize; // Key size
+ this->iKeyAlgorithm = aMapDesc.iKeyAlgorithm; // RSA, DSA
+ this->iStartTime = aMapDesc.iStartTime;
+ this->iEndTime = aMapDesc.iEndTime;
+ this->iIsDeletable = aMapDesc.iIsDeletable;
+ TInt i;
+ for(i=0;i<aMapDesc.iApplUids.Count();i++)
+ {
+ this->iApplUids.Append(aMapDesc.iApplUids[i]);
+ }
+
+ this->iCertStoreType = aMapDesc.iCertStoreType;
+ return *this;
+}
+
+
+TBool CMapDescriptor::IsMatchingL(TSecurityObjectDescriptor &aDesc,
+ const TBool aInfoOnly,
+ TPkiServiceStoreType aCertStoreType) const
+ {
+ TBool match(EFalse);
+
+ LOG(Log::Printf(_L("Matching")));
+ LOG_1(" Pure informational: %d", aInfoOnly);
+
+ LOG(Log::Printf(_L("Matching: certificate %S"), &iObjectName));
+ for(;;)
+ {
+ if (aDesc.iOwnerType != EPKICACertificate &&
+ aCertStoreType != EPkiStoreTypeAny)
+ {
+ if (iCertStoreType != aCertStoreType)
+ {
+ LOG(Log::Printf(_L(" Store doesn't match, aborting")));
+ match = EFalse;
+ break;
+ }
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Skipping store check, not relevant")));
+ }
+
+
+ if (aDesc.iSubjectKeyIdUsed)
+ {
+ if(iSubjectKeyId == aDesc.iSubjectKeyId)
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+ }
+
+ if(aDesc.iTrustedAuthorityUsed)
+ {
+ if(iTrustedAuthority == NULL)
+ {
+ match = EFalse;
+ break;
+ }
+ else
+ {
+ CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iTrustedAuthority);
+ CX500DistinguishedName* dnSuffix2;
+ TInt popCount = 3;
+
+ // ASN1 or plain text
+ if((aDesc.iTrustedAuthority[0] != 0x30)
+ || ((aDesc.iTrustedAuthority[1] != 0x81)
+ && (aDesc.iTrustedAuthority[1] != 0x82)
+ && ((aDesc.iTrustedAuthority[1] + 2) != aDesc.iTrustedAuthority.Length())))
+ {
+ HBufC8* name2Der;
+ CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der,
+ aDesc.iTrustedAuthority,
+ EFalse, KNullDesC8);
+ CleanupStack::PushL(name2Der);
+
+ dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der);
+ }
+ else
+ {
+ dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iTrustedAuthority);
+ popCount = 2;
+ }
+
+
+ if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2))
+ {
+ match = ETrue;
+ CleanupStack::PopAndDestroy(popCount);
+ }
+ else
+ {
+ match = EFalse;
+ CleanupStack::PopAndDestroy(popCount);
+ break;
+ }
+ }
+ }
+ if(aDesc.iOwnerTypeUsed)
+ {
+ if(iOwnerType == aDesc.iOwnerType)
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+ }
+ if(aDesc.iSerialNumberUsed)
+ {
+ if ((iSerialNumber != NULL) && ((*iSerialNumber).Compare(aDesc.iSerialNumber) == 0))
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+ }
+
+ if(aDesc.iIdentitySubjectNameUsed)
+ {
+ if(iIdentitySubjectName == NULL)
+ {
+ match = EFalse;
+ break;
+ }
+ else
+ {
+ CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iIdentitySubjectName);
+ CX500DistinguishedName* dnSuffix2;
+ TInt popCount = 3;
+ // ASN1 or plain text
+ if((aDesc.iIdentitySubjectName[0] != 0x30)
+ || ((aDesc.iIdentitySubjectName[1] != 0x81)
+ && (aDesc.iIdentitySubjectName[1] != 0x82)
+ && ((aDesc.iIdentitySubjectName[1] + 2) != aDesc.iIdentitySubjectName.Length())))
+ {
+ HBufC8* name2Der;
+ CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der,
+ aDesc.iIdentitySubjectName,
+ EFalse, KNullDesC8);
+ CleanupStack::PushL(name2Der);
+
+ dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der);
+ }
+ else
+ {
+ dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iIdentitySubjectName);
+ popCount = 2;
+ }
+
+ if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2))
+ {
+ CleanupStack::PopAndDestroy(popCount);
+ match = ETrue;
+ }
+ else
+ {
+ CleanupStack::PopAndDestroy(popCount);
+ match = EFalse;
+ break;
+ }
+ }
+ }
+
+ if(aDesc.iIdentityRfc822NameUsed)
+ {
+ if(iIdentityRfc822Name == NULL)
+ {
+ match = EFalse;
+ break;
+ }
+ else
+ {
+ TInt bytes = aDesc.iIdentityRfc822Name.Length();
+ TPtrC8 tail = (*iIdentityRfc822Name).Right(bytes);
+ if (tail.CompareF(aDesc.iIdentityRfc822Name) == 0)
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+ }
+ }
+
+ if(aDesc.iKeyUsageUsed)
+ {
+ CX509KeyUsageExt* tempUsage = NULL;
+ if(iKeyUsageDer.Length() != 0)
+ {
+ tempUsage = CX509KeyUsageExt::NewL(iKeyUsageDer);
+ }
+ if((tempUsage == NULL) || tempUsage->IsSet(aDesc.iKeyUsage))
+ {
+ delete tempUsage;
+ match = ETrue;
+ }
+ else
+ {
+ delete tempUsage;
+ match = EFalse;
+ break;
+ }
+ }
+
+ if(aDesc.iKeySizeUsed)
+ {
+ if(iKeySize == aDesc.iKeySize)
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+ }
+
+ if (match && !aInfoOnly)
+ {
+ TValidity val = CPKIMapper::CertValidity(iStartTime, iEndTime);
+ // Treat future certificates as valid
+ if((val == EValid) || (val == ENotValidYet))
+ {
+ match = ETrue;
+ }
+ else
+ {
+ LOG_("Matching: Expired, and not an informational request");
+ match = EFalse;
+ break;
+ }
+ }
+
+ break;
+ }
+
+ return match;
+ }
+
+TBool CMapDescriptor::IsEqual(CMapDescriptor &aDesc)
+ {
+ TBool match = EFalse;
+
+ for(;;)
+ {
+ if((iTrustedAuthority != NULL) && (aDesc.iTrustedAuthority != NULL) && (iTrustedAuthority->Des().Compare(*aDesc.iTrustedAuthority) == 0))
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+
+ if((iSerialNumber != NULL) && (aDesc.iSerialNumber != NULL) && (iSerialNumber->Des().Compare(*aDesc.iSerialNumber) == 0))
+ {
+ match = ETrue;
+ }
+ else
+ {
+ match = EFalse;
+ break;
+ }
+
+ break;
+ }
+
+ return match;
+ }
+
+
+void CMapDescriptor::SetCertStoreType(TPkiServiceStoreType aCertStoreType)
+ {
+ iCertStoreType = aCertStoreType;
+ }
+
+CPKIMapper* CPKIMapper::NewL()
+ {
+ CPKIMapper* self = new (ELeave) CPKIMapper();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CPKIMapper::~CPKIMapper()
+ {
+ if ( iMapping )
+ {
+ iMapping->ResetAndDestroy();
+ delete iMapping;
+ }
+ }
+
+
+CPKIMapper::CPKIMapper()
+ {
+ }
+
+void CPKIMapper::ConstructL()
+ {
+ LOG_("CPKIMapper::ConstructL");
+ // Allocate mapping vector. Approx granularity 20
+ iMapping = new (ELeave) RPointerArray<CMapDescriptor>(20);
+ }
+
+void CPKIMapper::SetCacheCreated()
+ {
+ iCacheCreated = ETrue;
+ }
+TBool CPKIMapper::CacheCreated()
+ {
+ return iCacheCreated;
+ }
+
+TInt CPKIMapper::AddMapping(CMapDescriptor& aMap)
+ {
+ // Insert as first element, so that newest object will be found first
+ return iMapping->Insert(&aMap, 0);
+ }
+
+void CPKIMapper::LogMap(CMapDescriptor &aDescriptor) const
+ {
+ TInt len = aDescriptor.iSubjectKeyId.Length();
+ LOG(Log::Printf(_L("====CertificateObject====\n")));
+ LOG(Log::Printf(_L("ObjectName: %S\n"), &(aDescriptor.iObjectName)));
+ LOG(Log::Printf(_L("KeyId:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iSubjectKeyId.Ptr(), len));
+ }
+
+
+void CPKIMapper::DeleteMapping(TInt aIndex)
+ {
+ // Delete mapping at index
+ LOG(Log::Printf(_L("Delete mapping entry")));
+ LogMap(*(*iMapping)[aIndex]);
+ delete (*iMapping)[aIndex];
+ iMapping->Remove(aIndex);
+ iMapping->Compress();
+ }
+
+TInt CPKIMapper::DeleteMapping(CMapDescriptor &aDesc)
+ {
+ TInt status(KErrNotFound);
+
+ for(TInt i(0); i < iMapping->Count(); i++)
+ {
+ if((*iMapping)[i]->IsEqual(aDesc))
+ {
+ DeleteMapping(i);
+ status = KErrNone;
+ break;
+ }
+ }
+ return status;
+ }
+
+TInt CPKIMapper::CertCount()
+ {
+ TInt count(0);
+
+ for(TInt i(0); i < iMapping->Count(); i++)
+ {
+ CMapDescriptor* mapping = (*iMapping)[i];
+ count++;
+ if (CertValidity(mapping->iStartTime, mapping->iEndTime) == EExpired)
+ {
+ // do not count expider certificates
+ count--;
+ }
+ }
+ iCount = count;
+ return count;
+ }
+
+TInt CPKIMapper::ApplicableCertCount(const RArray<TUid>& aUidArray)
+{
+ TInt count(0);
+ TBool uidMatch(EFalse);
+
+ for(TInt i(0); i < iMapping->Count(); i++)
+ {
+ CMapDescriptor* mapping = (*iMapping)[i];
+ if(mapping->iOwnerType == EPKICACertificate)
+ {
+ if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+ {
+ uidMatch = EFalse;
+ for(TInt j = 0; j < mapping->iApplUids.Count(); j++)
+ {
+ for(TInt k = 0; k < aUidArray.Count(); k++)
+ {
+ if(mapping->iApplUids[j].iUid == aUidArray[k].iUid)
+ {
+ uidMatch = ETrue;
+ break;
+ }
+ }
+ if(uidMatch)
+ {
+ count++;
+ break;
+ }
+ }
+ }
+ }
+ }
+ iCount = count;
+ return count;
+}
+
+
+TInt CPKIMapper::GetCertListL(const RMessage2 &aMessage, TPkiServiceStoreType aStoreType,
+ TBool aDescUsed)
+{
+ TInt pos = 0;
+ TInt iLast = 0;
+ TInt iFirst = 0;
+
+ if(aDescUsed)
+ {
+ aMessage.ReadL(1, iCurrentDescriptor);
+ TSecurityObjectDescriptor& secDesc = iCurrentDescriptor();
+ TInt status = ResolveCertMappingL(
+ iCurrentDescriptor(), iObjectName, iFirst, EFalse, aStoreType);
+ if(status == KErrNone)
+ {
+ iCount = 1;
+ iLast = iFirst + 1;
+ }
+ }
+ else
+ {
+ iLast = iMapping->Count();
+ }
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(iCount * sizeof(TCertificateListEntry));
+ TCertificateListEntry certInfo;
+
+ for(TInt i = iFirst; i < iLast; i++)
+ {
+ CMapDescriptor* mapping = (*iMapping)[i];
+ if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+ {
+ certInfo.iObjectName = mapping->iObjectName;
+ certInfo.iOwnerType = mapping->iOwnerType;
+ if(mapping->iTrustedAuthority != NULL)
+ {
+ certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority);
+ }
+ if(mapping->iIdentitySubjectName != NULL)
+ {
+ certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName);
+ }
+ if(mapping->iSerialNumber != NULL)
+ {
+ certInfo.iSerialNumber = *(mapping->iSerialNumber);
+ }
+ certInfo.iSubjectKeyId = mapping->iSubjectKeyId;
+ certInfo.iKeySize = mapping->iKeySize; // Key size
+ certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm; // RSA, DSA
+ certInfo.iIsDeletable = mapping->iIsDeletable; // IsDeletable
+
+ list->Write(pos * sizeof(TCertificateListEntry),
+ (TAny*)&certInfo,
+ sizeof(TCertificateListEntry));
+ pos++;
+ if(pos >= iCount)
+ {
+ break;
+ }
+ }
+ }
+ TPtr8 ptrList = list->Ptr(0);
+ aMessage.WriteL(0, ptrList);
+
+ CleanupStack::PopAndDestroy(1); // list
+ return KErrNone;
+}
+
+
+void CPKIMapper::GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray)
+{
+ TBool uidMatch = EFalse;
+ TInt pos(0);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(iCount * sizeof(TCertificateListEntry));
+ TCertificateListEntry certInfo;
+
+ for(TInt i = 0; (i < iMapping->Count()) && (pos < iCount); i++)
+ {
+ CMapDescriptor* mapping = (*iMapping)[i];
+ if(mapping->iOwnerType == EPKICACertificate)
+ {
+ if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+ {
+ uidMatch = EFalse;
+ for(TInt j = 0; j < mapping->iApplUids.Count(); j++)
+ {
+ for(TInt k = 0; k < aUidArray.Count(); k++)
+ {
+ if(mapping->iApplUids[j].iUid == aUidArray[k].iUid)
+ {
+ uidMatch = ETrue;
+ break;
+ }
+ }
+ if(uidMatch)
+ {
+ certInfo.iObjectName = mapping->iObjectName;
+ certInfo.iOwnerType = mapping->iOwnerType;
+ if(mapping->iTrustedAuthority != NULL)
+ {
+ certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority);
+ }
+ if(mapping->iIdentitySubjectName != NULL)
+ {
+ certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName);
+ }
+ if(mapping->iSerialNumber != NULL)
+ {
+ certInfo.iSerialNumber = *(mapping->iSerialNumber);
+ }
+ certInfo.iSubjectKeyId = mapping->iSubjectKeyId;
+ certInfo.iKeySize = mapping->iKeySize; // Key size
+ certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm; // RSA, DSA
+ certInfo.iIsDeletable = mapping->iIsDeletable; // IsDeletable
+
+ list->Write(pos * sizeof(TCertificateListEntry),
+ (TAny*)&certInfo,
+ sizeof(TCertificateListEntry));
+ pos++;
+ break;
+ }
+ }
+ }
+ }
+ }
+ TPtr8 ptrList = list->Ptr(0);
+ aMessage.WriteL(0, ptrList);
+
+ CleanupStack::PopAndDestroy(1); // list
+}
+
+
+
+CMapDescriptor& CPKIMapper::GetMapDescriptorAtIndex(TInt aIndex)
+{
+ PKISERVICE_ASSERT(aIndex < iMapping->Count());
+ return *(*iMapping)[aIndex];
+}
+
+
+void CPKIMapper::GetCertificateKeyIdL(TSecurityObjectDescriptor &aDescriptor, TPKIKeyIdentifier &aKeyId,
+ TPkiServiceStoreType aStoreType) const
+ {
+ LOG(Log::Printf(_L("-> CPKIMapper::GetCertificateKeyIdL"), aStoreType));
+ aKeyId.Zero();
+
+ TInt index;
+
+ TFileName* fileName = new (ELeave) TFileName;
+ CleanupDeletePushL(fileName);
+ fileName->Zero();
+
+ TInt status = ResolveCertMappingL(aDescriptor, *fileName, index, EFalse, aStoreType);
+
+ CleanupStack::PopAndDestroy(fileName);
+
+
+ if(status == KErrNone)
+ {
+ aKeyId.Copy((*iMapping)[index]->iSubjectKeyId);
+ }
+ else
+ {
+ LOG(Log::Printf(_L("ResolveKeyMapping: key NOT found\n")));
+ LogSearchArguments(aDescriptor);
+ }
+ LOG(Log::Printf(_L("<- CPKIMapper::GetCertificateKeyIdL"), aStoreType));
+ }
+
+/**
+ Check whether the given label is unique among all VPN certs.
+ @return True only if the given label doesn't exist
+*/
+TBool CPKIMapper::LabelIsUnique(const TDesC& aLabel) const
+ {
+ for (TInt i(0); i < iMapping->Count(); i++)
+ {
+ if ((*iMapping)[i]->iObjectName.Compare(aLabel) == 0)
+ {
+ return EFalse;
+ }
+ }
+ return ETrue;
+ }
+
+/**
+ Check whether the given certificate already exists among VPN certs.
+ @return True only if the given certificate does not exist in VPN's cert list.
+*/
+TBool CPKIMapper::CertificateIsUniqueL(const TDesC8& aCertData)
+ {
+ TBool ret(ETrue);
+
+ LOG(Log::Printf(_L("Verifying the uniqueness of certificate:")));
+
+ CX509Certificate* certificate = CX509Certificate::NewLC(aCertData);
+ const TPtrC8* issuername = certificate->DataElementEncoding(CX509Certificate::EIssuerName);
+ const TPtrC8* subjectname = certificate->DataElementEncoding(CX509Certificate::ESubjectName);
+
+ HBufC* issuerdispname = certificate->IssuerName().DisplayNameL();
+ CleanupStack::PushL(issuerdispname);
+ HBufC* subjectdispname = certificate->SubjectName().DisplayNameL();
+ CleanupStack::PushL(subjectdispname);
+
+ TInt count(iMapping->Count());
+
+ for (TInt i(0); i < count; i++)
+ {
+ CMapDescriptor* mapitem = (*iMapping)[i];
+
+ // Use subject name for uniqueness criterion
+ if (mapitem->iIdentitySubjectName)
+ {
+ if (subjectname->Compare(*(mapitem->iIdentitySubjectName)) == 0)
+ {
+ LOG(Log::Printf(_L("Found an existing cert that matches subject")));
+ if (issuername->Compare(*(mapitem->iTrustedAuthority)) == 0)
+ {
+ ret = EFalse;
+ break;
+ }
+ }
+ }
+ else if (mapitem->iTrustedAuthority && (subjectname->Compare(*issuername) == 0))
+ {
+ if (subjectname->Compare(*(mapitem->iTrustedAuthority)) == 0)
+ {
+ LOG(Log::Printf(_L("Found an existing cert that matches subject (CA)")));
+ ret = EFalse;
+ break;
+ }
+ }
+ }
+
+ CleanupStack::PopAndDestroy(3, certificate); // issuerdispname, subjectdispname
+
+ return ret;
+ }
+
+/**
+ Generates an unique label name for a certificate, based on its subject name.
+ @param1 The binary data describing the certificate
+ @param2 Return value for the generated unique name
+ @param3 Certificate owner type -- currently not supported.
+ @return none
+*/
+void CPKIMapper::GenerateUniqueNameL(
+ const TDesC8 &aCertData, TDes& aName,
+ TCertificateOwnerType /*aOwnerType*/ )
+ {
+ LOG(Log::Printf(_L("CPKIMapper::GenerateUniqueNameL() entry")));
+
+ CX509Certificate* certificate = CX509Certificate::NewLC(aCertData);
+
+ HBufC* baseline = certificate->SubjectName().DisplayNameL();
+ CleanupStack::PushL(baseline);
+ // +5 for (999) suffix
+ HBufC* variation = HBufC::NewLC(baseline->Length() + 5);
+ variation->Des().Append(*baseline);
+
+ if (baseline->Length() == 0)
+ {
+ TPtr ptr = variation->Des();
+ ptr.Format(_L("(1)"));
+ }
+
+ // See whether the initial label is already unique
+ TInt iter(2);
+ while (!LabelIsUnique(*variation))
+ {
+ // Iterate a new version of the label
+ if (iter > 999)
+ {
+ // too long name, just go with the previous.
+ break;
+ }
+ TPtr ptr = variation->Des();
+ ptr.Format(_L("%S(%d)"), &(*baseline), iter);
+ iter++;
+ }
+
+ // Sanity check for string lengths
+ aName = variation->Left(MAX_FILENAME_LENGTH);
+
+ CleanupStack::PopAndDestroy(3); //variation, baseline, certificate
+
+ LOG(Log::Printf(_L("CPKIMapper::GenerateUniqueNameL() exit")));
+ }
+
+TInt CPKIMapper::ResolveCertMappingL(TSecurityObjectDescriptor &aDescriptor, TDes16 &aFilename,
+ TInt &aIndex, const TBool aInfoOnly,
+ TPkiServiceStoreType aStoreType) const
+ {
+ TInt i;
+ TInt status = KErrNotFound;
+ TInt foundIndex = -1;
+ TTime furthestEndTime = TTime(0);
+
+ LOG(Log::Printf(_L("Resolving cert mapping, STORETYPE: %d\n"), aStoreType));
+
+ LOG(LogSearchArguments(aDescriptor));
+
+ // Scan available mappings
+ for(i = 0; i < iMapping->Count(); i++)
+ {
+ // Bypass entry in case that function leaves
+ // (issuer/subject name can be invalid)
+ CMapDescriptor* mapping = (*iMapping)[i];
+ if(mapping->IsMatchingL(aDescriptor, aInfoOnly, aStoreType))
+ {
+ // If we found a match, process it further
+ _LIT(KMidp2Label, "MIDP2");
+ TBuf<12> buf;
+ buf.Append(KMidp2Label);
+ // Discard all MIDP2 certificates to avoid label-mapping problem
+ if (buf.Compare(mapping->iObjectName) != 0)
+ {
+ if(mapping->iEndTime > furthestEndTime)
+ {
+ furthestEndTime = mapping->iEndTime;
+ foundIndex = i;
+ LOG(Log::Printf(_L("Resolve cert mapping: Tentatively found a suitable one")));
+ // Continue to search the longest lasting certificate
+ }
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Found a cert, but it was a MIDP2 one - continuing search")));
+ }
+ }
+ }
+
+ if(foundIndex == -1)
+ {
+ LOG(Log::Printf(_L("Resolve cert mapping: No matching certificate found")));
+ status = KErrNotFound;
+ }
+ else
+ {
+ aFilename.Zero();
+ status = KErrNone;
+ if(status == KErrNone)
+ {
+ aFilename.Append((*iMapping)[foundIndex]->iObjectName);
+ status = KErrNone;
+ aIndex = foundIndex;
+ }
+ LOG(Log::Printf(_L("ResolveCertMapping: certificate found\n")));
+ LogSearchArguments(aDescriptor);
+ LOG(Log::Printf(_L("ResolveCertMapping: Object info\n")));
+ LogMap(*(*iMapping)[aIndex]);
+ }
+ return status;
+ }
+
+
+TValidity CPKIMapper::CertValidity(const TTime &aStartTime, const TTime &aEndTime)
+ {
+ TTimeIntervalSeconds tolerance(120);
+ TTime currentTime;
+ currentTime.UniversalTime();
+
+ if (aEndTime <= currentTime)
+ {
+ return EExpired;
+ }
+
+ if (aStartTime >= currentTime + tolerance)
+ {
+ return ENotValidYet;
+ }
+
+ return EValid;
+ }
+
+void CPKIMapper::LogSearchArguments(TSecurityObjectDescriptor &aDescriptor) const
+ {
+ TBuf<256> temp;
+ LOG(Log::Printf(_L("====Object Search arguments====\n")));
+ if(aDescriptor.iTrustedAuthorityUsed)
+ {
+ temp.Copy(aDescriptor.iTrustedAuthority);
+ if((aDescriptor.iTrustedAuthority[0] != 0x30)
+ || ((aDescriptor.iTrustedAuthority[1] != 0x81)
+ && (aDescriptor.iTrustedAuthority[1] != 0x82)
+ && ((aDescriptor.iTrustedAuthority[1] + 2) != aDescriptor.iTrustedAuthority.Length())))
+ {
+ LOG(Log::Printf(_L("Trusted authority: %S\n"), &temp));
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Trusted authority:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iTrustedAuthority.Ptr(), aDescriptor.iTrustedAuthority.Length()));
+ }
+ }
+ if(aDescriptor.iIdentitySubjectNameUsed)
+ {
+ temp.Copy(aDescriptor.iIdentitySubjectName);
+ if((aDescriptor.iIdentitySubjectName[0] != 0x30)
+ || ((aDescriptor.iIdentitySubjectName[1] != 0x81)
+ && (aDescriptor.iIdentitySubjectName[1] != 0x82)
+ && ((aDescriptor.iIdentitySubjectName[1] + 2) != aDescriptor.iIdentitySubjectName.Length())))
+ {
+ LOG(Log::Printf(_L("SubjectName: %S\n"), &temp));
+ }
+ else
+ {
+ LOG(Log::Printf(_L("SubjectName:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iIdentitySubjectName.Ptr(), aDescriptor.iIdentitySubjectName.Length()));
+ }
+ }
+ if(aDescriptor.iIdentityRfc822NameUsed)
+ {
+ temp.Copy(aDescriptor.iIdentityRfc822Name);
+ LOG(Log::Printf(_L("Rfc822Name: %S\n"), &temp));
+ }
+ if(aDescriptor.iSerialNumberUsed)
+ {
+ LOG(Log::Printf(_L("SerialNumber:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iSerialNumber.Ptr(), aDescriptor.iSerialNumber.Length()));
+ }
+ if(aDescriptor.iSubjectKeyIdUsed)
+ {
+ LOG(Log::Printf(_L("KeyId:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iSubjectKeyId.Ptr(), aDescriptor.iSubjectKeyId.Length()));
+ }
+ if(aDescriptor.iOwnerTypeUsed)
+ {
+ LOG(Log::Printf(_L("OwnerType: %d\n"), aDescriptor.iOwnerType));
+ }
+ if(aDescriptor.iKeyUsageUsed)
+ {
+ LOG(Log::Printf(_L("KeyUsage:")));
+ LOG(Log::HexDump(NULL, NULL, aDescriptor.iKeyUsageDer.Ptr(), aDescriptor.iKeyUsageDer.Length()));
+ }
+ if(aDescriptor.iKeySizeUsed)
+ {
+ LOG(Log::Printf(_L("KeySize: %d\n"), aDescriptor.iKeySize));
+ }
+ if(aDescriptor.iKeyAlgorithmUsed)
+ {
+ LOG(Log::Printf(_L("KeyAlgorithm: %d\n"), aDescriptor.iKeyAlgorithm));
+ }
+ }
+
+TBool PkiUtil::MatchL(const CX500DistinguishedName& aDn1, const CX500DistinguishedName& aDn2)
+{
+ if((aDn1.Count() == 0) || (aDn2.Count() == 0))
+ {
+ return EFalse;
+ }
+
+ if (aDn1.Count() < aDn2.Count())
+ {
+ return EFalse;
+ }
+ else
+ {
+ // For each field in aDn2, aDn1 must contain a field with the same value
+ for (TInt i = 0; i < aDn2.Count(); i++)
+ {
+ if (!HasElementL(aDn1, aDn2.Element(i)))
+ {
+ return EFalse;
+ }
+ }
+ }
+
+ return ETrue;
+}
+
+TBool PkiUtil::HasElementL(const CX500DistinguishedName& aDn, const CX520AttributeTypeAndValue& aElement)
+{
+ for (TInt i = 0; i < aDn.Count(); i++)
+ {
+ if (aElement.ExactMatchL(aDn.Element(i)))
+ {
+ return ETrue;
+ }
+ }
+ return EFalse;
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkiservice.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,179 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI server main module
+*
+*/
+
+
+
+#include "pkiservice.h"
+#include "pkisession.h"
+#include "PKIMapper.h"
+#include "pkiserviceclientservercommon.h"
+#include "certificaterequeststore.h"
+#include "keyoperationqueue.h"
+#include "log_r6.h"
+#include "pkiserviceassert.h"
+
+const TUint CPKIService::iRangeCount = 2;
+
+const TInt CPKIService::iRanges[iRangeCount] =
+ {
+ PkiService::ELogon,
+ PkiService::ESetInformational+1
+ };
+
+const TUint8 CPKIService::iElementIndex[iRangeCount] =
+ {
+ 0,
+ CPolicyServer::ENotSupported
+ };
+
+const CPolicyServer::TPolicyElement CPKIService::iElements[] =
+ {
+ {_INIT_SECURITY_POLICY_C1(ECapabilityNetworkControl), CPolicyServer::EFailClient},
+ };
+
+const CPolicyServer::TPolicy CPKIService::iPolicy =
+ {
+ 0, // All connect attempts are checked
+ iRangeCount, // Count of ranges
+ iRanges, // 0-25, 26...
+ iElementIndex, // Only range 0-25§ are checked
+ iElements // The list of policy elements
+ };
+
+CPKIService::CPKIService(void):CPolicyServer(EPriorityStandard,iPolicy)
+ {
+ iSessionCount = 0;
+ }
+
+
+CPKIService::~CPKIService(void)
+ {
+ delete iKeyOperationQueue;
+ delete iMapper;
+ delete iShutdown;
+ delete iCertificateRequestStore;
+ }
+
+
+CPKIService* CPKIService::NewL(void)
+ {
+ CPKIService* self = new (ELeave) CPKIService;
+ CleanupStack::PushL(self);
+
+ self->ConstructL();
+
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+void CPKIService::ConstructL()
+ {
+ //Makes sure private path exists
+ RFs fileServer;
+ User::LeaveIfError(fileServer.Connect());
+ CleanupClosePushL(fileServer);
+ TInt err = fileServer.CreatePrivatePath(EDriveC);
+ if (err != KErrNone &&
+ err != KErrAlreadyExists)
+ {
+ User::Leave(err);
+ }
+ CleanupStack::PopAndDestroy(); //fileServer
+
+ iCertificateRequestStore = CCertificateRequestStore::NewL();
+ iShutdown = new (ELeave) CSuspendedShutdown();
+ iShutdown->Construct();
+
+ iMapper = CPKIMapper::NewL();
+ iKeyOperationQueue = CKeyOperationQueue::NewL(*iMapper);
+
+
+ StartL(KPkiServerName);
+ }
+
+
+CSession2* CPKIService::NewSessionL(const TVersion& /*aVersion*/, const RMessage2& /*aMessage*/) const
+ {
+ iShutdown->Cancel();
+ CSession2* session = CPKISession::NewL(*const_cast<CPKIService*>(this), *iMapper, *iKeyOperationQueue);
+ iSessionCount++;
+ return session;
+ }
+
+void CPKIService::SessionDeleted()
+ {
+ LOG_("-> CPKIService::SessionDeleted()");
+ iSessionCount--;
+
+ LOG_1("iSessionCount (%d)", iSessionCount);
+ PKISERVICE_ASSERT(iSessionCount >= 0);
+
+
+ if (iSessionCount == 0)
+ {
+ if (iStopImmediately)
+ {
+ CActiveScheduler::Stop();
+ }
+ else
+ {
+ iShutdown->ArmShutdown();
+ }
+ }
+ LOG_("<- CPKIService::SessionDeleted()");
+ }
+
+CCertificateRequestStore& CPKIService::CertificateRequestStore()
+ {
+ return *iCertificateRequestStore;
+ }
+
+
+const TInt KSuspendTime = 240000000; // 240 sec
+//const TInt KSuspendTime = 5000000; // 5 sec
+
+CSuspendedShutdown::CSuspendedShutdown() : CActive(EPriorityStandard)
+{
+}
+
+void CSuspendedShutdown::Construct()
+{
+ iTimer.CreateLocal();
+ CActiveScheduler::Add(this);
+}
+
+CSuspendedShutdown::~CSuspendedShutdown()
+{
+ iTimer.Close();
+}
+
+void CSuspendedShutdown::ArmShutdown()
+{
+ iTimer.After(iStatus, KSuspendTime);
+ SetActive();
+}
+
+void CSuspendedShutdown::DoCancel()
+{
+ iTimer.Cancel();
+}
+
+void CSuspendedShutdown::RunL()
+{
+ CActiveScheduler::Stop();
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkiservicedecryptor.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,176 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides a decrypt operation.
+*
+*/
+
+
+
+#include "pkiservicedecryptor.h"
+#include "logonservices.h"
+#include "pkiserviceconstants.h"
+#include "pkiserviceassert.h"
+
+CPkiServiceDecryptor* CPkiServiceDecryptor::NewL(CLogonServices& aLogonServices)
+ {
+ CPkiServiceDecryptor* self = new (ELeave)CPkiServiceDecryptor(aLogonServices);
+ return self;
+ }
+
+
+CPkiServiceDecryptor::CPkiServiceDecryptor(CLogonServices& aLogonServices)
+:CActive(EPriorityStandard), iLogonServices(aLogonServices)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+CPkiServiceDecryptor::~CPkiServiceDecryptor()
+ {
+ Cancel();
+ }
+
+
+void CPkiServiceDecryptor::Decrypt(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aEncryptedData,
+ TPtr8& aPlainTextData,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aClientStatus)
+ {
+ PKISERVICE_ASSERT(iKeyStore == NULL);
+ PKISERVICE_ASSERT(iInput == NULL);
+ PKISERVICE_ASSERT(iDecryptor == NULL);
+ PKISERVICE_ASSERT(iKeysList.Count() == 0);
+ PKISERVICE_ASSERT(iState == EDecryptorIdle);
+
+ iState = EDecryptorGettingKey;
+
+ iInput = &aEncryptedData;
+ iPlainText = &aPlainTextData;
+ iKeyStore = &aUnifiedKeyStore;
+ iUsedKeyStore = aUsedKeyStore;
+ aClientStatus = KRequestPending;
+ iClientStatus = &aClientStatus;
+
+ TCTKeyAttributeFilter filter;
+ filter.iKeyId = aKeyId;
+
+ iKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ }
+
+
+void CPkiServiceDecryptor::RunL()
+ {
+ if (iStatus == KErrNone)
+ {
+ switch(iState)
+ {
+ case EDecryptorGettingKey:
+ iState = EDecryptorIdle;
+ TInt keyIndex;
+ for (keyIndex = 0; keyIndex < iKeysList.Count(); keyIndex++)
+ {
+ if (iUsedKeyStore == STORETYPE_ANY_KEY_ID ||
+ iUsedKeyStore == iKeysList[keyIndex]->Token().TokenType().Type().iUid)
+ {
+ break;
+ }
+ }
+
+ if (keyIndex < iKeysList.Count())
+
+ {
+ iKeyInfo = iKeysList[keyIndex];
+ TCTTokenObjectHandle tokeHandle = iKeyInfo->Handle();
+
+ iState = EDecryptorOpeningDecryptor;
+ iKeyStore->Open(tokeHandle, iDecryptor, iStatus);
+ SetActive();
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrNotFound);
+ }
+
+ break;
+ case EDecryptorOpeningDecryptor:
+ iState = EDecryptorDecrypting;
+ iDecryptor->Decrypt(*iInput, *iPlainText, iStatus);
+ SetActive();
+ break;
+ case EDecryptorDecrypting:
+ iState = EDecryptorIdle;
+ if (iKeyInfo->Protector() != NULL)
+ {
+ //authObject is NULL for device store
+ iLogonServices.SetAuthenticationObject(iKeyInfo->Protector());
+ }
+
+ Cleanup();
+ User::RequestComplete(iClientStatus, KErrNone);
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+ }
+ else
+ {
+ iState = EDecryptorIdle;
+ Cleanup();
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ }
+
+
+void CPkiServiceDecryptor::DoCancel()
+ {
+ switch(iState)
+ {
+ case EDecryptorGettingKey:
+ iKeyStore->CancelList();
+ break;
+ case EDecryptorOpeningDecryptor:
+ iKeyStore->CancelOpen();
+ break;
+ case EDecryptorDecrypting:
+ iDecryptor->CancelDecrypt();
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+ Cleanup();
+ iState = EDecryptorIdle;
+ User::RequestComplete(iClientStatus, KErrCancel);
+ }
+
+
+void CPkiServiceDecryptor::Cleanup()
+ {
+ if (iDecryptor != NULL)
+ {
+ iDecryptor->Release();
+ iDecryptor = NULL;
+ }
+
+ iKeyInfo = NULL;
+ iKeysList.Close();
+ iInput = NULL;
+ iKeyStore = NULL;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkiservicesigner.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,267 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: A class that provides a signing operation.
+*
+*/
+
+
+
+#include <unifiedkeystore.h>
+#include <asymmetric.h>
+
+#include "pkiservicesigner.h"
+#include "logonservices.h"
+#include "pkidefs.h"
+#include "pkiserviceconstants.h"
+#include "pkiserviceassert.h"
+
+CPkiServiceSigner* CPkiServiceSigner::NewL(CLogonServices& aLogonServices)
+ {
+ CPkiServiceSigner* self = new (ELeave) CPkiServiceSigner(aLogonServices);
+ return self;
+ }
+
+
+CPkiServiceSigner::CPkiServiceSigner(CLogonServices& aLogonServices)
+:CActive(EPriorityStandard), iLogonServices(aLogonServices)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+CPkiServiceSigner::~CPkiServiceSigner()
+ {
+ Cancel();
+ }
+
+
+void CPkiServiceSigner::Sign(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aDataToBeSigned,
+ HBufC8*& aSignature,
+ CUnifiedKeyStore& aUnifiedKeyStore,
+ TInt aUsedKeyStore,
+ TRequestStatus& aStatus)
+ {
+ PKISERVICE_ASSERT(iState == ESignerIdle);
+ PKISERVICE_ASSERT(iClientStatus == NULL);
+ PKISERVICE_ASSERT(iKeyStore == NULL);
+ PKISERVICE_ASSERT(iOutputBuffer == NULL);
+ PKISERVICE_ASSERT(iRsaSigner == NULL);
+ PKISERVICE_ASSERT(iDsaSigner == NULL);
+ PKISERVICE_ASSERT(iRsaSignature == NULL);
+ PKISERVICE_ASSERT(iDsaSignature == NULL);
+ PKISERVICE_ASSERT(iKeysList.Count() == 0);
+
+
+ iState = ESignerGettingKey;
+
+
+ iInput.Set(aDataToBeSigned);
+
+ iOutputBuffer = &aSignature;
+ iKeyStore = &aUnifiedKeyStore;
+ iUsedKeyStore = aUsedKeyStore;
+ aStatus = KRequestPending;
+ iClientStatus = &aStatus;
+
+
+ TCTKeyAttributeFilter filter;
+ filter.iKeyId = aKeyId;
+
+ iKeyStore->List(iKeysList, filter, iStatus);
+ SetActive();
+ }
+
+
+void CPkiServiceSigner::DoCancel()
+ {
+ switch(iState)
+ {
+ case ESignerGettingKey:
+ iKeyStore->CancelList();
+ break;
+ case ESignerOpeningSigner:
+ iKeyStore->CancelOpen();
+ break;
+ case ESignerSigning:
+ if (iRsaSigner != NULL)
+ {
+ PKISERVICE_ASSERT(iDsaSigner == NULL);
+ iRsaSigner->CancelSign();
+ }
+ else
+ {
+ PKISERVICE_ASSERT(iDsaSigner != NULL);
+ PKISERVICE_ASSERT(iRsaSigner == NULL );
+ iDsaSigner->CancelSign();
+ }
+ Cleanup();
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+ iState = ESignerIdle;
+ Cleanup();
+ User::RequestComplete(iClientStatus, KErrCancel);
+ }
+
+
+void CPkiServiceSigner::RunL()
+ {
+ if (iStatus.Int() == KErrNone)
+ {
+ switch(iState)
+ {
+ case ESignerGettingKey:
+ iState = ESignerIdle;
+
+ TInt keyIndex;
+ for (keyIndex = 0; keyIndex < iKeysList.Count(); keyIndex++)
+ {
+ if (iUsedKeyStore == STORETYPE_ANY_KEY_ID ||
+ iUsedKeyStore == iKeysList[keyIndex]->Token().TokenType().Type().iUid)
+ {
+ break;
+ }
+ }
+
+ if (keyIndex < iKeysList.Count())
+ {
+ iUsedKeyInfo = iKeysList[keyIndex];
+ TCTTokenObjectHandle tokenHandle = iUsedKeyInfo->Handle();
+ switch(iUsedKeyInfo->Algorithm())
+ {
+ case CKeyInfoBase::ERSA:
+ iState = ESignerOpeningSigner;
+ iKeyStore->Open(tokenHandle, iRsaSigner, iStatus);
+ SetActive();
+ break;
+ case CKeyInfoBase::EDSA:
+ iState = ESignerOpeningSigner;
+ iKeyStore->Open(tokenHandle, iDsaSigner, iStatus);
+ SetActive();
+ break;
+ default:
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrNotSupported);
+ break;
+ }
+ }
+ else
+ {
+ Cleanup();
+ User::RequestComplete(iClientStatus, KPKIErrNotFound);
+ }
+
+ break;
+ case ESignerOpeningSigner:
+ iState = ESignerSigning;
+ if (iRsaSigner != NULL)
+ {
+ PKISERVICE_ASSERT(iDsaSigner == NULL);
+ iRsaSigner->Sign(iInput, iRsaSignature, iStatus);
+ SetActive();
+ }
+ else
+ {
+ PKISERVICE_ASSERT(iDsaSigner != NULL);
+ iDsaSigner->Sign(iInput, iDsaSignature, iStatus);
+ SetActive();
+ }
+ break;
+ case ESignerSigning:
+ iState = ESignerIdle;
+
+ if (iUsedKeyInfo->Protector() != NULL)
+ {
+ //authObject is NULL for device store
+ iLogonServices.SetAuthenticationObject(iUsedKeyInfo->Protector());
+ }
+
+
+ TRAPD(err,
+ if (iRsaSignature != NULL)
+ {
+ PKISERVICE_ASSERT(iDsaSignature == NULL);
+
+ const TInteger& integer = iRsaSignature->S();
+ *iOutputBuffer = integer.BufferLC();
+ CleanupStack::Pop(*iOutputBuffer);
+ }
+ else
+ {
+ PKISERVICE_ASSERT(iDsaSignature != NULL);
+
+ const TInteger& integerR = iDsaSignature->R();
+ HBufC8* rBuf = integerR.BufferLC();
+
+ const TInteger& integerS = iDsaSignature->S();
+ HBufC8* sBuf = integerS.BufferLC();
+
+ (*iOutputBuffer) = HBufC8::NewL(rBuf->Length() + sBuf->Length());
+ TPtr8 outputBufferPtr = (*iOutputBuffer)->Des();
+ outputBufferPtr.Append(*rBuf);
+ outputBufferPtr.Append(*sBuf);
+
+ CleanupStack::PopAndDestroy(sBuf);
+ CleanupStack::PopAndDestroy(rBuf);
+ }
+ );
+ Cleanup();
+ User::RequestComplete(iClientStatus, err);
+ break;
+ default:
+ PKISERVICE_INVARIANT();
+ break;
+ }
+ }
+ else
+ {
+ iState = ESignerIdle;
+ Cleanup();
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ }
+
+
+void CPkiServiceSigner::Cleanup()
+ {
+ iUsedKeyInfo = NULL;
+
+ delete iRsaSignature;
+ iRsaSignature = NULL;
+
+ delete iDsaSignature;
+ iDsaSignature = NULL;
+
+
+ if (iRsaSigner != NULL)
+ {
+ iRsaSigner->Release();
+ iRsaSigner = NULL;
+ }
+
+ if (iDsaSigner != NULL)
+ {
+ iDsaSigner->Release();
+ iDsaSigner = NULL;
+ }
+
+ iKeysList.Close();
+
+ iOutputBuffer = NULL;
+ iKeyStore = NULL;
+
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkiservicestarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Creates and starts PKI Service.
+*
+*/
+
+
+
+#include "srvstarter.h"
+#include "pkiservice.h"
+#include "pkiserviceclientservercommon.h"
+
+CServer2* Starter::CreateAndStartServerL()
+ {
+ return CPKIService::NewL();
+ }
+
+TPtrC Starter::ServerName()
+ {
+ return KPkiServerName().Mid(0);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkisession.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,416 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A server side session object. Owns instances of the CPKIService
+* and CPKIWrapper classes. All requests to the service objects go
+* through this object.
+*
+*/
+
+
+
+#include "pkisession.h"
+#include "pkiservice.h"
+#include "PKIMapper.h"
+#include "pkiwrapper.h"
+#include "certificaterequeststore.h"
+#include "keyoperationqueue.h"
+#include "pkiserviceconstants.h"
+
+#include "log_r6.h"
+#include "pkiserviceassert.h"
+
+static const TInt KBufferSizeNotDefined = -1;
+
+CPKISession* CPKISession::NewL(CPKIService& aServer,
+ CPKIMapper& aMapper,
+ CKeyOperationQueue& aKeyOperationQueue)
+ {
+ CPKISession* self;
+ self = new (ELeave) CPKISession(aServer, aMapper, aKeyOperationQueue);
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+
+CPKISession::CPKISession(CPKIService& aServer, CPKIMapper& aMapper, CKeyOperationQueue& aKeyOperationQueue)
+:iServer(aServer), iMapper(aMapper),
+ iKeyOperationQueue(aKeyOperationQueue), iRequiredBufferSize(KBufferSizeNotDefined)
+ {
+ }
+
+
+void CPKISession::ConstructL()
+{
+ LOG_("-> CPKISession::ConstructL()");
+ iWrapper = CPKIWrapper::NewL(iMapper);
+ LOG_("<- CPKISession::ConstructL()");
+}
+
+/**---------------------------------------------------------
+ *
+ * ~CPKISession(void)
+ *
+ *----------------------------------------------------------*/
+CPKISession::~CPKISession(void)
+ {
+ LOG_("-> CPKISession::~CPKISession()");
+
+ delete iKeyList;
+ delete iWrapper;
+ iUidArray.Close();
+
+ iServer.SessionDeleted();
+ LOG_("<- CPKISession::~CPKISession()");
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ServiceL(const RMessage& aMessage)
+ *
+ *----------------------------------------------------------*/
+void CPKISession::ServiceL(const RMessage2& aMessage)
+ {
+ TInt Status = KErrNone;
+ TInt count = 0;
+
+ LOG_1("CPKISession::ServiceL: function = %d", aMessage.Function());
+
+ switch(aMessage.Function())
+ {
+ case PkiService::ECancelPendingOperation:
+ iWrapper->CancelPendingOperation();
+ aMessage.Complete(Status);
+ break;
+
+ case PkiService::EGetRequiredBufferSize:
+ if (iRequiredBufferSize == KBufferSizeNotDefined)
+ {
+ Status = iWrapper->GetRequiredBufferSizeL(aMessage);
+ }
+ else
+ {
+ TPckg<TInt> pckgSize(iRequiredBufferSize);
+ aMessage.WriteL(0, pckgSize);
+ aMessage.Complete(KErrNone);
+ }
+ break;
+
+ case PkiService::ECertCount:
+ count = iMapper.CertCount();
+ aMessage.Complete(count); // Status <==> count
+ break;
+
+ case PkiService::EApplicableCertCount:
+ {
+ TInt aC = 0;
+ TPckg<TInt> pckgApplCount(aC);
+ aMessage.ReadL(0, pckgApplCount);
+
+ // Read applications
+ // Allocate list for applications
+ CBufFlat* list = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(list);
+ list->ResizeL(aC * sizeof(TUid));
+ TPtr8 ptrList = list->Ptr(0);
+ aMessage.ReadL(1, ptrList);
+ iUidArray.Close();
+ if(aC > 0)
+ {
+ TUid tempUid;
+ for (TInt i = 0; i < aC; i++)
+ {
+ list->Read(i * sizeof(TUid), (TAny*)&tempUid, sizeof(TUid));
+ iUidArray.Append(tempUid);
+ }
+ }
+ CleanupStack::PopAndDestroy(1); // list
+
+ TInt matchCount = iMapper.ApplicableCertCount(iUidArray);
+ aMessage.Complete(matchCount); // Status <==> count
+ }
+ break;
+ case PkiService::EGetCertDetails:
+ Status = iMapper.GetCertListL(aMessage, iWrapper->CertStoreType(), ETrue);
+ aMessage.Complete(Status);
+ break;
+ case PkiService::EGetCertList:
+ iMapper.GetCertListL(aMessage, iWrapper->CertStoreType());
+ aMessage.Complete(KErrNone);
+ break;
+
+ case PkiService::EGetApplicableCertList:
+ iMapper.GetApplicableCertListL(aMessage, iUidArray);
+ aMessage.Complete(KErrNone);
+ break;
+
+ case PkiService::EGetKeyList:
+ {
+ PKISERVICE_ASSERT(iKeyList != NULL);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TKeyListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(iKeyList->Count() * sizeof(TKeyListEntry));
+
+ for(TInt i = 0; i < iKeyList->Count(); i++)
+ {
+ const TKeyListEntry& keyInfo = (*iKeyList)[i];
+ list->Write(i * sizeof(TKeyListEntry),
+ (TAny*)&keyInfo,
+ sizeof(TKeyListEntry));
+ }
+ TPtr8 ptrList = list->Ptr(0);
+ aMessage.WriteL(0, ptrList);
+ CleanupStack::PopAndDestroy(list); // list
+
+ delete iKeyList;
+ iKeyList = NULL;
+ aMessage.Complete(KErrNone);
+ }
+ break;
+
+ case PkiService::ECertReqCount:
+ count = iServer.CertificateRequestStore().CertReqCountL();
+ aMessage.Complete(count); // Status <==> count
+ break;
+
+ case PkiService::EGetCertReqList:
+ {
+ CArrayFixFlat<TCertificateRequestListEntry>* certReqList =
+ iServer.CertificateRequestStore().GetCertReqListLC();
+
+ TUint bufferGranularity = sizeof(TCertificateRequestListEntry);
+ if (certReqList->Count() > 0)
+ {
+ bufferGranularity = bufferGranularity * certReqList->Count();
+ }
+ CBufFlat* list = CBufFlat::NewL(bufferGranularity);
+ CleanupStack::PushL(list);
+
+ if (certReqList->Count() > 0)
+ {
+ list->ResizeL(sizeof(TCertificateRequestListEntry) * certReqList->Count());
+ }
+
+ for (TInt i = 0; i < certReqList->Count(); ++i)
+ {
+ const TCertificateRequestListEntry &certReqInfo = (*certReqList)[i];
+ list->Write(i * sizeof(TCertificateRequestListEntry),
+ &certReqInfo,
+ sizeof(TCertificateRequestListEntry));
+
+ }
+ TPtr8 ptrList = list->Ptr(0);
+ aMessage.WriteL(0, ptrList);
+
+ CleanupStack::PopAndDestroy(list);
+ CleanupStack::PopAndDestroy(certReqList);
+
+ aMessage.Complete(KErrNone);
+ }
+ break;
+
+ case PkiService::ESaveCertificateRequest:
+ {
+ TInt requestSize = aMessage.GetDesLength(0);
+ HBufC8* request = HBufC8::NewLC(requestSize);
+ TPtr8 requestPtr = request->Des();
+
+ TKeyIdentifier keyId;
+
+ aMessage.ReadL(0, requestPtr);
+ aMessage.ReadL(2, keyId); //keyId is ignored.
+
+ HBufC* certRequestRef =
+ iServer.CertificateRequestStore().SaveCertRequestLC(*request);
+
+ aMessage.WriteL(1, *certRequestRef);
+
+ CleanupStack::PopAndDestroy(certRequestRef);
+ CleanupStack::PopAndDestroy(request);
+
+ aMessage.Complete(KErrNone);
+ }
+ break;
+
+ case PkiService::EReadCertificateRequest:
+ {
+ TInt certRequestRefSize = aMessage.GetDesLength(0);
+ HBufC *certRequestRef = HBufC::NewLC(certRequestRefSize);
+ TPtr certRequestRefPtr = certRequestRef->Des();
+
+ aMessage.ReadL(0, certRequestRefPtr);
+
+ if (certRequestRef->Length() == 0)
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ HBufC8* certificateRequest =
+ iServer.CertificateRequestStore().ReadCertRequestLC(*certRequestRef);
+
+ if (aMessage.GetDesMaxLength(1) >= certificateRequest->Length())
+ {
+ aMessage.WriteL(1, *certificateRequest);
+ aMessage.Complete(KErrNone);
+ }
+ else
+ {
+ iRequiredBufferSize = certificateRequest->Length();
+ aMessage.Complete(KPKIErrBufferTooShort);
+ }
+
+ CleanupStack::PopAndDestroy(certificateRequest);
+ CleanupStack::PopAndDestroy(certRequestRef);
+
+ }
+ break;
+
+ case PkiService::EDeleteCertificateRequest:
+ {
+ TInt certRequestRefSize = aMessage.GetDesLength(0);
+ HBufC *certRequestRef = HBufC::NewLC(certRequestRefSize);
+ TPtr certRequestRefPtr = certRequestRef->Des();
+
+ aMessage.ReadL(0, certRequestRefPtr);
+
+ iServer.CertificateRequestStore().DeleteCertRequestL(*certRequestRef);
+
+ CleanupStack::PopAndDestroy(certRequestRef);
+ aMessage.Complete(KErrNone);
+ }
+ break;
+ case PkiService::ESetCertStoreType:
+ iWrapper->SetCertStoreType(static_cast<TPkiServiceStoreType>(aMessage.Int0()));
+ aMessage.Complete(KErrNone);
+ break;
+
+ case PkiService::ESetKeyStoreType:
+ SetKeyStoreL(static_cast<TPkiServiceStoreType>(aMessage.Int0()));
+ aMessage.Complete(KErrNone);
+ break;
+
+ case PkiService::ESetStoreType:
+ iWrapper->SetCertStoreType(static_cast<TPkiServiceStoreType>(aMessage.Int0()));
+ SetKeyStoreL(static_cast<TPkiServiceStoreType>(aMessage.Int1()));
+ aMessage.Complete(KErrNone);
+ break;
+
+ case PkiService::EGetCertStoreType:
+ {
+ Status = iWrapper->CertStoreType();
+ aMessage.Complete(Status);
+ break;
+ }
+
+ case PkiService::EGetKeyStoreType:
+ {
+ Status = KeyStore();
+ aMessage.Complete(Status);
+ break;
+ }
+
+ case PkiService::ESetInformational:
+ {
+ iWrapper->SetInformational(aMessage.Int0());
+ aMessage.Complete(KErrNone);
+ }
+ break;
+
+ case PkiService::EInitialize://falls through
+ case PkiService::EKeyCount: //falls through
+ case PkiService::EGetKeyDetails: //falls through
+ case PkiService::EDecrypt: //falls through
+ case PkiService::ESignWithKeyId: //falls through
+ case PkiService::ESignWithCert: //falls through
+ case PkiService::EReadPublicKey: //falls through
+ case PkiService::ELogon: //falls through
+ case PkiService::ELogoff: //falls through
+ case PkiService::EChangePassword: //falls through
+ case PkiService::ERemoveKeypair: //falls through
+ case PkiService::EGenerateKeypair: //falls through
+ case PkiService::EStoreKeypair: //falls through
+ iKeyOperationQueue.AddOperationL(*this, aMessage,
+ iUsedKeyStore, iWrapper->CertStoreType());
+ break;
+ default:
+ iRequiredBufferSize = KBufferSizeNotDefined;
+ Status = iWrapper->InitOperation(aMessage);
+ break;
+ }
+ }
+
+
+void CPKISession::SetKeyStoreL(TPkiServiceStoreType aStoreType)
+ {
+ switch(aStoreType)
+ {
+ case EPkiStoreTypeAny:
+ iUsedKeyStore = STORETYPE_ANY_KEY_ID;
+ break;
+ case EPkiStoreTypeUser:
+ iUsedKeyStore = STORETYPE_USER_KEY_ID;
+ break;
+ case EPkiStoreTypeDevice:
+ iUsedKeyStore = STORETYPE_DEVICE_KEY_ID;
+ break;
+ default:
+ User::Leave(KPKIErrNotSupported);
+ break;
+ }
+ }
+
+
+TPkiServiceStoreType CPKISession::KeyStore() const
+ {
+
+ TPkiServiceStoreType usedStore = EPkiStoreTypeAny;
+ switch(iUsedKeyStore)
+ {
+ case STORETYPE_USER_KEY_ID:
+ usedStore = EPkiStoreTypeUser;
+ break;
+ case STORETYPE_DEVICE_KEY_ID:
+ usedStore = EPkiStoreTypeDevice;
+ break;
+ case STORETYPE_ANY_KEY_ID:
+ usedStore = EPkiStoreTypeAny;
+ break;
+ default:
+ PKISERVICE_ASSERT(iUsedKeyStore == 0);
+ break;
+ }
+ return usedStore;
+ }
+
+
+void CPKISession::SetRequiredBufferSize(TInt aSize)
+ {
+ iRequiredBufferSize = aSize;
+ }
+
+
+void CPKISession::SetKeyList(CArrayFixFlat<TKeyListEntry> *aKeyList)
+ {
+ iKeyList = aKeyList;
+ }
+
+
+void CPKISession::InitializeWrapperL(const RMessage2& aMessage)
+ {
+ iWrapper->InitializeL(aMessage);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkisupport.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1324 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* CPKISupport class implements the PKI interface for Symbian Certificate
+* storage.
+*
+*/
+
+
+
+#include <securitydefs.h>
+#include <cctcertinfo.h>
+#include <x509cert.h>
+#include <ccertattributefilter.h>
+#include <asymmetric.h>
+#include <unifiedcertstore.h>
+#include <mctwritablecertstore.h>
+
+#include "pkiwrapper.h"
+#include "PKIMapper.h"
+#include "pkisupport.h"
+#include "pkisession.h"
+#include "log_r6.h"
+#include "pkiserviceassert.h"
+#include "pkiserviceconstants.h"
+#include <vpnlogmessages.rsg>
+
+
+CPKISupport* CPKISupport::NewLC(CPKIMapper& aMapper, CPKIWrapper& aWrapper)
+ {
+ CPKISupport* self = new (ELeave)CPKISupport(aMapper, aWrapper);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ return self;
+ }
+
+CPKISupport* CPKISupport::NewL(CPKIMapper& aMapper, CPKIWrapper& aWrapper)
+ {
+ CPKISupport* self = CPKISupport::NewLC(aMapper, aWrapper);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CPKISupport::ConstructL()
+ {
+ User::LeaveIfError(iEventMediator.Connect());
+ }
+
+CPKISupport::~CPKISupport()
+ {
+ LOG_("CPKISupport::~CPKISupport");
+ Cancel();
+
+ if(iCerts != NULL)
+ {
+ iCerts->Close();
+ delete iCerts;
+ }
+ delete iCertFilter;
+ delete iCertStore;
+ iFSession.Close();
+ iApplUids.Close();
+ delete iImportCertMapping;
+ delete iImportCertData;
+ iEventMediator.Close();
+ delete iCertInfoForLogging;
+ iCertInfoForLogging = NULL;
+ }
+
+CPKISupport::CPKISupport(CPKIMapper& aMapper, CPKIWrapper& aWrapper)
+ :CActive(CActive::EPriorityStandard),
+ iMapper(aMapper),
+ iWrapper(aWrapper),
+ iPending(ENoPendingOperation),
+ iImportCertDataPtr(NULL, 0)
+ {
+ LOG_("-> CPKISupport::CPKISupport()\n");
+ CActiveScheduler::Add(this);
+
+ SetCertStoreType(EPkiStoreTypeAny);
+ LOG_("<- CPKISupport::CPKISupport()\n");
+ }
+
+// ---------------------------------------------------------------------------
+// StartInitializeL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::StartInitializeL(const RMessage2& aMessage)
+ {
+ LOG_("-> CPKISupport::StartInitialize()");
+ User::LeaveIfError(iFSession.Connect());
+ iCertStore = CUnifiedCertStore::NewL(iFSession, ETrue);
+ PKISERVICE_ASSERT(!iCerts);
+ iCerts = new (ELeave) RMPointerArray<CCTCertInfo>;
+
+ iMessage = aMessage;
+ iCallerStatus = NULL;
+ iSupportStatus = KErrNone;
+
+ iInitState = EInitInitializeCertStore;
+ iCertStore->Initialize(iStatus);
+ iPending = EInitializeCertStore;
+ SetActive();
+
+ LOG_("<- CPKISupport::StartInitialize()");
+ }
+
+
+// ---------------------------------------------------------------------------
+// FindInterfacesL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::FindInterfacesL()
+ {
+ TInt i(0);
+
+ // Find writable cert interface
+ LOG(Log::Printf(_L("Find interfaces")));
+
+ TBool allStoresFound(EFalse);
+
+ MCTWritableCertStore* certStore;
+
+ TInt storeCount = iCertStore->WritableCertStoreCount();
+ LOG_1("Found %d cert stores\n", storeCount);
+
+
+ // Find both user and device cert stores
+ for(i = 0; i < storeCount; i++)
+ {
+ certStore= &(iCertStore->WritableCertStore(i));
+
+ if(certStore->Token().Label().Compare(KUserCertStore) == 0)
+ {
+ // found the user cert store... See if device cert store
+ // was already found as well
+ iWritableCertStore = certStore;
+
+ LOG(Log::Printf(_L("Found writable user certificate store\n")));
+
+ if (!allStoresFound)
+ {
+ allStoresFound = ETrue;
+ }
+ else
+ {
+ break;
+ }
+ }
+ else if (certStore->Token().Label().Compare(KDeviceCertStore) == 0)
+ {
+
+ // found the device cert store
+ iWritableDeviceCertStore = certStore;
+
+ LOG(Log::Printf(_L("Found writable device certificate store\n")));
+
+ // See if user cert store was already found as well
+ if (!allStoresFound)
+ {
+ allStoresFound = ETrue;
+ }
+ else
+ {
+ break;
+ }
+ }
+ }
+
+ if (iWritableDeviceCertStore == NULL)
+ {
+ LOG(Log::Printf(_L("Note: Device cert store not found\n")));
+ }
+ }
+
+
+// ---------------------------------------------------------------------------
+// ContinueImportCTFObjectsL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ListAllCertificatesL()
+{
+ LOG_("-> CPKISupport::ListAllCertificatesL");
+
+ PKISERVICE_ASSERT( !iCertFilter );
+ iCertFilter = CCertAttributeFilter::NewL();
+
+ iSupportStatus = KErrNone;
+ iInitState = EInitRetrieveCertList;
+ iImportCounter = 0;
+ iToggleSwitch = EFalse;
+
+ // Get list of all known certificates
+ GetCertificateStoreListAsync();
+ LOG_("<- CPKISupport::ListAllCertificatesL");
+}
+
+
+
+// ---------------------------------------------------------------------------
+// ImportCTFCertsL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ReadNextCertForImportL()
+{
+ LOG_("-> CPKISupport::ImportNextCertL()");
+ PKISERVICE_ASSERT(iImportCounter < iCerts->Count());
+
+ if(iImportCounter == 0)
+ {
+ LOG_1("Import %d certificates\n", iCerts->Count());
+ }
+
+ LOG_1("Import certificate:%d", iImportCounter);
+ LOG_1("Label: %S", &((*iCerts)[iImportCounter]->Label()));
+
+ PKISERVICE_ASSERT((*iCerts)[iImportCounter]->CertificateFormat() == EX509Certificate);
+
+ TSecurityObjectDescriptor descriptor;
+ descriptor.SetSubjectKeyId(
+ (*iCerts)[iImportCounter]->SubjectKeyId());
+ descriptor.SetOwnerType(
+ (TPKICertificateOwnerType)(*iCerts)[iImportCounter]->
+ CertificateOwnerType());
+ descriptor.SetIsDeletable(
+ (*iCerts)[iImportCounter]->IsDeletable());
+
+ delete iImportCertMapping;
+ iImportCertMapping = NULL;
+ iImportCertMapping = new (ELeave) CMapDescriptor(descriptor);
+
+ iImportCertMapping->SetMapObjectName((*iCerts)[iImportCounter]->Label());
+
+ delete iImportCertData;
+ iImportCertData = NULL;
+ iImportCertData = HBufC8::NewL((*iCerts)[iImportCounter]->Size());
+ iImportCertDataPtr.Set(iImportCertData->Des());
+
+ LOG_(" Values set OK, retrieving");
+ iCertStore->Retrieve(
+ *(*iCerts)[iImportCounter], iImportCertDataPtr, iStatus);
+ iPending = ECertRetrieve;
+ SetActive();
+ LOG_("<- CPKISupport::ImportCTFCertsL() SetActive() and ret: EFalse");
+}
+
+// ---------------------------------------------------------------------------
+// ImportOneCTFCertL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SaveCertInfoToCacheL()
+ {
+ if((iImportCertMapping != NULL) && (iImportCertData != NULL))
+ {
+ LOG_("Saving cert info to cache");
+
+ CX509Certificate* certificate = CX509Certificate::NewLC(iImportCertDataPtr);
+ const CSubjectPublicKeyInfo& publicKeyInfo = certificate->PublicKey();
+ const TPtrC8 keyData = publicKeyInfo.KeyData();
+
+ TX509KeyFactory keyFactory;
+ switch(publicKeyInfo.AlgorithmId())
+ {
+ case ERSA:
+ {
+ iImportCertMapping->iKeyAlgorithm = EPKIRSA;
+ const CRSAPublicKey* keyRSA = keyFactory.RSAPublicKeyL( keyData );
+ const TInteger& n = keyRSA->N();
+ iImportCertMapping->iKeySize = n.BitCount();
+ delete keyRSA;
+ }
+ break;
+ case EDSA:
+ {
+ iImportCertMapping->iKeyAlgorithm = EPKIDSA;
+ TPtrC8 params = publicKeyInfo.EncodedParams();
+ const CDSAPublicKey* keyDSA = keyFactory.DSAPublicKeyL( params, keyData );
+ const TInteger& y = keyDSA->Y();
+ iImportCertMapping->iKeySize = y.BitCount();
+ delete keyDSA;
+ }
+ break;
+ default:
+ iImportCertMapping->iKeyAlgorithm = EPKIInvalidAlgorithm;
+ break;
+ }
+ CleanupStack::PopAndDestroy(certificate);
+
+ iWrapper.SaveIdentityL(*iImportCertMapping,
+ iImportCertDataPtr,
+ ((*iCerts)[iImportCounter])->CertificateOwnerType());
+
+ TInt storeType = (*iCerts)[iImportCounter]->Token().TokenType().Type().iUid;
+ if ( storeType == STORETYPE_DEVICE_CERT_ID )
+ {
+ iImportCertMapping->SetCertStoreType(EPkiStoreTypeDevice);
+ }
+ else if ( storeType == STORETYPE_USER_CERT_ID )
+ {
+ iImportCertMapping->SetCertStoreType(EPkiStoreTypeUser);
+ }
+ else
+ {
+ iImportCertMapping->SetCertStoreType(EPkiStoreTypeAny);
+ }
+
+ for(TInt i=0;i<iApplUids.Count();i++)
+ {
+ iImportCertMapping->iApplUids.Append(iApplUids[i]);
+ }
+ User::LeaveIfError(
+ iMapper.AddMapping(*iImportCertMapping) );
+
+ iApplUids.Close();
+
+ iImportCertMapping = NULL;
+ iImportCounter++;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// GetApplicationsOfCTFCertL
+// ---------------------------------------------------------------------------
+//
+TBool CPKISupport::GetApplicationsOfCTFCertL()
+{
+ LOG_("-> CPKISupport::GetApplicationsOfCTFCertL()");
+ if((iImportCertMapping != NULL) && (iImportCertData != NULL))
+ {
+ if(iToggleSwitch == EFalse)
+ {
+ if((*iCerts)[iImportCounter]->CertificateOwnerType() == ECACertificate)
+ {
+ PKISERVICE_ASSERT(iApplUids.Count() == 0);
+
+ iToggleSwitch = ETrue;
+ // Get applications
+ iCertStore->Applications(*(*iCerts)[iImportCounter], iApplUids, iStatus);
+ iPending = EApplications;
+ LOG_("<- CPKISupport::GetApplicationsOfCTFCertL() SetActive(), ret: ETrue");
+ SetActive();
+ return ETrue;
+ }
+ else
+ {
+ LOG_("<- CPKISupport::GetApplicationsOfCTFCertL() Not a CA cert, ret: EFalse");
+ return EFalse;
+ }
+ }
+ else
+ {
+ LOG_("<- CPKISupport::GetApplicationsOfCTFCertL() iToggleSwitch == ETrue, ret: EFalse");
+ iToggleSwitch = EFalse;
+ return EFalse;
+ }
+ }
+ else
+ {
+ return EFalse;
+ }
+}
+
+
+// ---------------------------------------------------------------------------
+// CancelCurrentOperation
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::CancelCurrentOperation()
+ {
+ LOG_1("CPKISupport::CancelCurrentOperation iPending: %d", iPending);
+ MCTWritableCertStore* certStore(NULL);
+ switch(iPending)
+ {
+ case ENoPendingOperation:
+ // No pending operation
+ PKISERVICE_ASSERT( iStatus.Int() != KRequestPending);
+ break;
+ case EInitializeCertStore:
+ // FALLTROUGH
+ case EListCerts:
+ // FALLTROUGH
+ case EListDevCerts:
+ // FALLTROUGH
+ case ECertRetrieve:
+ // FALLTROUGH
+ case ECertRemove:
+ // FALLTROUGH
+ case ESetTrust:
+ // FALLTROUGH
+ case ETrusted:
+ // FALLTROUGH
+ case ESetApplicability:
+ // FALLTROUGH
+ case EApplications:
+ // FALLTROUGH
+ case EIsApplicable:
+ PKISERVICE_ASSERT( iCertStore );
+ iCertStore->Cancel();
+ break;
+ case ECertAdd:
+ if (iCertStoreType == EPkiStoreTypeDevice)
+ {
+ LOG_("CPKISupport::CancelCurrentOperation cancelling device cert store op");
+ certStore = iWritableDeviceCertStore;
+ }
+ else if (iCertStoreType == EPkiStoreTypeUser)
+ {
+ LOG_("CPKISupport::CancelCurrentOperation cancelling user cert store op");
+ certStore = iWritableCertStore;
+ }
+ else
+ {
+ LOG_("CPKISupport::CancelCurrentOperation cancelling user cert store op (unknown store type was defined)");
+ certStore = iWritableCertStore;
+ }
+ PKISERVICE_ASSERT( certStore );
+ certStore->CancelAdd();
+ break;
+ default:
+ LOG_("CPKISupport::CancelCurrentOperation - default");
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// ConvertPKIAlgorithm
+// ---------------------------------------------------------------------------
+//
+CCTKeyInfo::EKeyAlgorithm CPKISupport::ConvertPKIAlgorithm(TPKIKeyAlgorithm aAlg)
+{
+ CCTKeyInfo::EKeyAlgorithm algorithm = CCTKeyInfo::EInvalidAlgorithm;
+
+ switch(aAlg)
+ {
+ case EPKIRSA:
+ algorithm = CCTKeyInfo::ERSA;
+ break;
+ case EPKIDSA:
+ algorithm = CCTKeyInfo::EDSA;
+ break;
+ case EPKIDH:
+ algorithm = CCTKeyInfo::EDH;
+ break;
+ default:
+ break;
+ }
+ return algorithm;
+}
+
+// ---------------------------------------------------------------------------
+// ConvertSymbianAlgorithm
+// ---------------------------------------------------------------------------
+//
+TPKIKeyAlgorithm CPKISupport::ConvertSymbianAlgorithm(CCTKeyInfo::EKeyAlgorithm aAlg)
+{
+ TPKIKeyAlgorithm algorithm = EPKIInvalidAlgorithm;
+
+ switch(aAlg)
+ {
+ case ERSA:
+ algorithm = EPKIRSA;
+ break;
+ case EDSA:
+ algorithm = EPKIDSA;
+ break;
+ case EDH:
+ algorithm = EPKIDH;
+ break;
+ default:
+ break;
+ }
+ return algorithm;
+}
+
+// ---------------------------------------------------------------------------
+// CActive methods
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::RunL()
+ {
+ LOG_1("CPKISupport::RunL err:%d", iStatus.Int());
+
+ iSupportStatus = iStatus.Int();
+ if((iSupportStatus == KErrNotSupported) &&
+ iToggleSwitch && (iInitState == EInitCompleteImportCerts))
+ {
+ // Some implementations of MIDP2 certstore return KErrNotSupported
+ // when calling iCertStore->Applications()
+ LOG_1("CPKISupport::RunL ignore error :%d", iSupportStatus);
+ iSupportStatus = KErrNone;
+ }
+
+ iPending = ENoPendingOperation;
+ if(iSupportStatus == KErrNone)
+ {
+ DoRunOperationL();
+ }
+ else
+ {
+ iSubState = ESSCompleteRequest;
+ }
+
+ if(iSubState == ESSCompleteRequest)
+ {
+ if(iInitState != EInitDone)
+ {
+ iMessage.Complete(iSupportStatus);
+ }
+ else
+ {
+ CompleteCallerStatus( iSupportStatus );
+ }
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// GetRequiredBufferSize
+// ---------------------------------------------------------------------------
+//
+TInt CPKISupport::GetRequiredBufferSize()
+ {
+ LOG_1("CPKISupport::GetRequiredBufferSize:%d", iRequiredBufferLength);
+ return iRequiredBufferLength;
+ }
+
+// ---------------------------------------------------------------------------
+// SetCallerStatusPending
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SetCallerStatusPending(TRequestStatus& aStatus)
+ {
+ iCallerStatus = &aStatus;
+ aStatus = KRequestPending;
+ }
+
+// ---------------------------------------------------------------------------
+// CompleteCallerStatus
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::CompleteCallerStatus(TInt aError)
+ {
+ LOG_("-> CPKISupport::CompleteCallerStatus");
+ if(iCallerStatus)
+ {
+ if(iCurrentFunction == PkiService::EStoreCertificate ||
+ iCurrentFunction == PkiService::EAttachCertificate)
+ LogCertStoring(aError);
+
+ LOG_("Completing caller status");
+ User::RequestComplete(iCallerStatus, aError);
+ }
+ else
+ {
+ LOG_("Completing rmessage");
+ iMessage.Complete(aError);
+ }
+ LOG_("<- CPKISupport::CompleteCallerStatus");
+ }
+
+// ---------------------------------------------------------------------------
+// LogCertStoring
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::LogCertStoring(TInt aError)
+ {
+ TUid uId(KPkiServiceUid3);
+ if(aError == KErrNone)
+ iEventMediator.ReportLogEvent(uId, EInfo, R_VPN_MSG_CERT_INSTALLED, 1, iCertInfoForLogging);
+ else
+ {
+ TPckgBuf<TInt> int1Des(aError);
+ iEventMediator.ReportLogEvent(uId, EError, R_VPN_MSG_CERT_INSTALL_FAILED, 2, &int1Des, iCertInfoForLogging);
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// DoCancel
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::DoCancel()
+ {
+ LOG_1("CPKISupport::DoCancel:%d", iStatus.Int());
+ CancelCurrentOperation();
+ CompleteCallerStatus( iStatus.Int() );
+ }
+
+// ---------------------------------------------------------------------------
+// RunError
+// ---------------------------------------------------------------------------
+//
+TInt CPKISupport::RunError(TInt aError)
+ {
+ LOG_1("RunError status = %d", aError);
+ CompleteCallerStatus( aError );
+ return KErrNone;
+ }
+
+// ---------------------------------------------------------------------------
+// SetCurrentFunction
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SetCurrentFunction(TInt aFunc)
+ {
+ iCurrentFunction = aFunc;
+ iSubState = ESSComplete;
+ }
+
+
+// ---------------------------------------------------------------------------
+// StoreCertificateL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::StoreCertificateL(const TDesC &aLabel,
+ TCertificateOwnerType aOwnerType,
+ const TDesC8 &aBufferPtr,
+ const TBool& aIsDeletable,
+ TRequestStatus& aStatus)
+{
+ LOG_("Store certificate");
+ iSupportStatus = KErrNone;
+ SetCallerStatusPending( aStatus );
+ iKeyId.Zero();
+
+ MCTWritableCertStore* certStore(NULL);
+
+ CX509Certificate* tempCert = CX509Certificate::NewLC(aBufferPtr);
+ iKeyId = tempCert->KeyIdentifierL();
+ CleanupStack::PopAndDestroy();
+
+ if(aOwnerType == EUserCertificate)
+ {
+ if (iCertStoreType == EPkiStoreTypeDevice)
+ {
+ LOG(Log::Printf(_L(" Using device cert store\n")));
+ certStore = iWritableDeviceCertStore;
+ }
+ else if (iCertStoreType == EPkiStoreTypeUser)
+ {
+ LOG(Log::Printf(_L(" Using user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ else if (iCertStoreType == EPkiStoreTypeAny)
+ {
+ LOG(Log::Printf(_L(" Any cert store type, using user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ else
+ {
+ LOG(Log::Printf(_L(" Error: Unknown cert store type, defaulting to user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ }
+ else
+ {
+ certStore = iWritableCertStore;
+ }
+
+ certStore->Add(aLabel, EX509Certificate,
+ aOwnerType, NULL, NULL,
+ aBufferPtr, aIsDeletable, iStatus);
+
+ ExtractCertInfoL(aLabel, aOwnerType, aBufferPtr);
+
+ iPending = ECertAdd;
+ SetActive();
+}
+
+// ---------------------------------------------------------------------------
+// ExtractCertInfoL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ExtractCertInfoL(const TDesC& aLabel,
+ const TCertificateOwnerType& aOwnerType,
+ const TDesC8& aBufferPtr)
+{
+ _LIT8(KFormat,"Type: %S, Label: %S, Subject: %S, Issuer: %S");
+
+ TBuf8<4> type;
+ if(aOwnerType == EPKICACertificate)
+ type.Copy(_L8("CA"));
+ else
+ type.Copy(_L8("USER"));
+
+ CX509Certificate* tempCert = CX509Certificate::NewLC(aBufferPtr);
+
+ HBufC* subject = tempCert->SubjectL();
+ CleanupStack::PushL(subject);
+
+ HBufC* issuer = tempCert->IssuerL();
+ CleanupStack::PushL(issuer);
+
+ // Calculates size of
+ // "Type: <type> Label: <label> Subject: <subject> Issuer: <issuer>"
+ TInt bufSize(((TDesC8)KFormat).Length() + type.Length() + aLabel.Length() + subject->Length() + issuer->Length());
+ delete iCertInfoForLogging; iCertInfoForLogging = NULL;
+ iCertInfoForLogging = HBufC8::NewL(bufSize);
+
+ TPtr8 ptrLogMsg = iCertInfoForLogging->Des();
+ ptrLogMsg.Format(KFormat, &type, &aLabel, subject, issuer);
+
+ CleanupStack::PopAndDestroy(issuer);
+ CleanupStack::PopAndDestroy(subject);
+ CleanupStack::PopAndDestroy(tempCert);
+}
+
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::AttachCertificateL(const TDesC& aLabel,
+ const TPKIKeyIdentifier &aKeyId, const TDesC8 &aBufferPtr,
+ TRequestStatus& aStatus)
+{
+ TKeyIdentifier tempKeyId;
+ CX509Certificate* certificate = CX509Certificate::NewLC(aBufferPtr);
+
+ LOG_("Attach certificate");
+
+ iSupportStatus = KErrNone;
+ iKeyId = aKeyId;
+
+ ExtractCertInfoL(aLabel, EUserCertificate, aBufferPtr);
+
+ // fetch the keyId from the certificate
+ tempKeyId = certificate->KeyIdentifierL();
+ // If given keyId is empty, use the keyId from the certificate
+ if(iKeyId.Length() == 0)
+ {
+ iKeyId = tempKeyId;
+ }
+
+ SetCallerStatusPending( aStatus );
+ CleanupStack::PopAndDestroy(certificate); // certificate
+
+ iSubState = ESSComplete;
+
+ MCTWritableCertStore* certStore(NULL);
+
+ LOG(Log::Printf(_L("-------------------"));
+
+ TBuf<256> buf;
+ buf.Format(_L("Attaching certificate '%S'"), &aLabel);
+ Log::Printf(buf);
+ Log::Printf(_L("Certificate's KEY ID:"));
+ Log::HexDump(NULL, NULL, iKeyId.Ptr(), iKeyId.Length());
+ );
+ if (iCertStoreType == EPkiStoreTypeDevice)
+ {
+ LOG(Log::Printf(_L("CPKISupport::ContinueAttachCertificate() Using device cert store\n")));
+ certStore = iWritableDeviceCertStore;
+ }
+ else if (iCertStoreType == EPkiStoreTypeUser)
+ {
+ LOG(Log::Printf(_L("CPKISupport::ContinueAttachCertificate() Using user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ else if (iCertStoreType == EPkiStoreTypeAny)
+ {
+ LOG(Log::Printf(_L("CPKISupport::ContinueAttachCertificate() Any cert store, using user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Error: Unknown cert store type, defaulting to user cert store\n")));
+ certStore = iWritableCertStore;
+ }
+ LOG(Log::Printf(_L("-------------------")));
+
+ certStore->Add(aLabel,
+ EX509Certificate,
+ EUserCertificate,
+ &iKeyId,
+ NULL,
+ aBufferPtr,
+ iStatus);
+ iPending = ECertAdd;
+ SetActive();
+}
+
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::RetrieveCertificateL(const TDesC &aLabel,
+ TPtr8 &aBufferPtr, const TPKICertificateOwnerType& aType,
+ TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("Retrieve certificate\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ iOutBufferPtr = &aBufferPtr;
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel, aType);
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueRetrieveCertificate()
+{
+ iSubState = ESSComplete;
+ iPending = ECertRetrieve;
+
+ TUint certificateSize = (*iCerts)[0]->Size();
+ iRequiredBufferLength = certificateSize;
+ if (certificateSize <= iOutBufferPtr->MaxLength())
+ {
+ iCertStore->Retrieve(*(*iCerts)[0], *iOutBufferPtr, iStatus);
+ SetActive();
+ }
+ else
+ {
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, KPKIErrBufferTooShort);
+ }
+}
+
+
+/**
+ Removes all unnecessary certificates from the certificate
+ list before generating the local mapping data.
+ More specifically, all MIDP2 and non X509 certificates are removed.
+ (MIDP2 certificates can never have a "VPN" trust setting.)
+
+ iListCleaned instance variable is used to limit the frequency
+ of this cleanup - it's only necessary once, during PKI startup.
+*/
+void CPKISupport::CleanupCertListL()
+ {
+ LOG_("Removing invalid certs (MIDP2 certs)");
+ if (iCerts)
+ {
+ TInt certcount = iCerts->Count();
+ _LIT(KMidp2Label, "MIDP2");
+ LOG_1("Total cert count, before cleanup: %d", iCerts->Count());
+ RMPointerArray<CCTCertInfo> removedInfos;
+ CleanupClosePushL(removedInfos);
+ for (TInt i = certcount - 1; i >= 0; i--)
+ {
+ CCTCertInfo* info = (*iCerts)[i];
+ if (info->Label().Compare(KMidp2Label) == 0 ||
+ info->CertificateFormat() != EX509Certificate)
+ {
+ // CCTCertInfo has private destructor
+ removedInfos.AppendL( info );
+ iCerts->Remove(i);
+ continue;
+ }
+ }
+ CleanupStack::PopAndDestroy(); // removedInfos
+ iCerts->Compress();
+ LOG_1("Total cert count, after cleanup: %d", iCerts->Count());
+ }
+ else
+ {
+ LOG_("Certs list empty!");
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// DoRunOperationL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::DoRunOperationL()
+ {
+ LOG_1("CPKISupport::DoRunOperationL iInitState:%d", iInitState);
+ LOG_1("CPKISupport::DoRunOperationL iCurrentFunction:%d",
+ iCurrentFunction);
+ LOG_1("CPKISupport::DoRunOperationL iSubState:%d", iSubState);
+
+ switch(iInitState)
+ {
+ case EInitDone:
+ DoRunLoggedInOperationL();
+ break;
+
+ case EInitInitializeCertStore:
+ if(iMapper.CacheCreated())
+ {
+ FindInterfacesL();
+ iInitState = EInitDone;
+ iMessage.Complete(KErrNone);
+ return;
+ }
+ else
+ {
+ iMapper.SetCacheCreated();
+ FindInterfacesL();
+ ListAllCertificatesL();
+ }
+ break;
+ case EInitRetrieveCertList:
+ LOG_("CPKISupport::DoRunOperationL() EInitRetrieveCertList");
+ // Cert list might be new. Remove all MIDP2 certificates first,
+ // if it hasn't been already done
+ CleanupCertListL();
+ iInitState = EInitCompleteImportCerts;
+
+ //Falls through
+ case EInitCompleteImportCerts:
+ LOG_("CPKISupport::DoRunOperationL() EInitCompleteImportCerts");
+ if(GetApplicationsOfCTFCertL())
+ {
+ LOG_(" Getting cert's applications returned with FALSE, breaking");
+ break;
+ }
+ SaveCertInfoToCacheL(); // Handles one certificate, if found
+ if(iImportCounter < iCerts->Count())
+ {
+ ReadNextCertForImportL();
+ }
+ else
+ {
+ LOG_(" All certificates imported, doing clean ups");
+ // Cleanup
+
+ delete iImportCertMapping;
+ iImportCertMapping = NULL;
+
+ delete iImportCertData;
+ iImportCertData = NULL;
+
+ iCerts->Close();
+
+ delete iCertFilter;
+ iCertFilter = NULL;
+ iInitState = EInitDone;
+ iMessage.Complete(KErrNone);
+ }
+ break; // repeat
+ default:
+ PKISERVICE_INVARIANT();
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ } // End switch(iInitState)
+
+ }
+
+// ---------------------------------------------------------------------------
+// DoRunLoggedInOperationL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::DoRunLoggedInOperationL()
+ {
+ LOG_1("CPKISupport::DoRunLoggedInOperationL iCurrentFunction:%d",
+ iCurrentFunction);
+ LOG_1("CPKISupport::DoRunLoggedInOperationL iSubState:%d", iSubState);
+
+ switch(iCurrentFunction)
+ {
+ case PkiService::EAttachCertificate:
+ switch(iSubState)
+ {
+ case ESSComplete:
+ iSubState = ESSCompleteRequest;
+ break;
+ default:
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ break;
+
+ case PkiService::EReadCertificate:
+ switch(iSubState)
+ {
+ case ESSContinue:
+ {
+ if(iCerts->Count() > 1)
+ {
+ LOG(Log::Printf(_L("Duplicate Certificate\n")));
+ iSubState = ESSCompleteRequest;
+ iSupportStatus = KErrNotFound;
+ }
+ else if (iCerts->Count() < 1)
+ {
+ LOG(Log::Printf(_L("No matching certificates found\n")));
+ iSubState = ESSCompleteRequest;
+ iSupportStatus = KErrNotFound;
+ }
+ else if ((((*iCerts)[0])->CertificateOwnerType() == EUserCertificate) &&
+ (((iCertStoreType == EPkiStoreTypeDevice) && (((*iCerts)[0])->Token().Label().Compare(KDeviceCertStore)!=0)) ||
+ ((iCertStoreType == EPkiStoreTypeUser) && (((*iCerts)[0])->Token().Label().Compare(KUserCertStore)!=0))))
+ {
+ LOG_1("User certificate's certificate info does not match certificate store type. Store type is: %d", iCertStoreType);
+ iSubState = ESSCompleteRequest;
+ iSupportStatus = KErrNotFound;
+ }
+ else
+ {
+ ContinueRetrieveCertificate();
+ }
+ break;
+ }
+ case ESSComplete:
+ iSubState = ESSCompleteRequest;
+ break;
+ default:
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ break;
+
+ case PkiService::ESetTrust:
+ case PkiService::ETrusted:
+ switch(iSubState)
+ {
+ case ESSContinue:
+ {
+ if(iCerts->Count() != 1)
+ {
+ iSubState = ESSCompleteRequest;
+ iSupportStatus = KErrNotFound;
+ }
+ else
+ {
+ if(iCurrentFunction == PkiService::ESetTrust)
+ {
+ ContinueSetTrust();
+ }
+ else
+ {
+ ContinueTrusted();
+ }
+ }
+ break;
+ }
+ case ESSComplete:
+ if(iCurrentFunction == PkiService::ETrusted)
+ {
+ iWrapper.SetTrusted(iTrusted);
+ }
+ iSubState = ESSCompleteRequest;
+ break;
+ default:
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ break;
+
+ case PkiService::ESetApplicability:
+ case PkiService::EApplications:
+ switch(iSubState)
+ {
+ case ESSContinue:
+ {
+ if(iCerts->Count() != 1)
+ {
+ iSubState = ESSCompleteRequest;
+ iSupportStatus = KErrNotFound;
+ }
+ else
+ {
+ if(iCurrentFunction == PkiService::ESetApplicability)
+ {
+ ContinueSetApplicability();
+ }
+ else if(iCurrentFunction == PkiService::EApplications)
+ {
+ ContinueApplications();
+ }
+ else
+ {
+ PKISERVICE_INVARIANT();
+ }
+ }
+ break;
+ }
+ case ESSComplete:
+ if(iCurrentFunction == PkiService::EApplications)
+ {
+ iWrapper.SetApplications(iApplUids);
+ }
+
+ iSubState = ESSCompleteRequest;
+ break;
+ default:
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ break;
+
+ case PkiService::ERemoveCertificate:
+ switch(iSubState)
+ {
+ case ESSContinue:
+ if(iCerts->Count() != 1)
+ {
+ iSupportStatus = KPKIErrNotFound;
+ iSubState = ESSCompleteRequest;
+ }
+ else
+ {
+ ContinueRemoveCertificate();
+ }
+ break;
+ case ESSComplete:
+ iSubState = ESSCompleteRequest;
+ break;
+ default:
+ iSupportStatus = KPKIErrUnexpectedState;
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ break;
+ default:
+ iSubState = ESSCompleteRequest;
+ break;
+ }
+ }
+
+
+
+
+
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::RemoveCertificateL(const TDesC &aLabel,
+ TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("Remove certificate\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel);
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueRemoveCertificate()
+{
+ iCertStore->Remove(*(*iCerts)[0], iStatus);
+ iPending = ECertRemove;
+ iSubState = ESSComplete;
+ SetActive();
+}
+
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SetTrustL(const TDesC &aLabel,
+ TBool aTrusted, TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("SetTrust\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ iTrusted = aTrusted;
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel);
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueSetTrust()
+{
+ iSubState = ESSComplete;
+ iCertStore->SetTrust(*(*iCerts)[0], iTrusted, iStatus);
+ iPending = ESetTrust;
+ SetActive();
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::TrustedL(const TDesC &aLabel, TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("Trusted\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel);
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueTrusted()
+{
+ iSubState = ESSComplete;
+ iCertStore->Trusted(*(*iCerts)[0], iTrusted, iStatus);
+ iPending = ETrusted;
+ SetActive();
+}
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SetApplicabilityL(const TDesC &aLabel, const RArray<TUid>& aApplUids, TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("SetApplicability\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ iApplUids.Close();
+ for(TInt i = 0;i<aApplUids.Count();i++)
+ {
+ iApplUids.Append(aApplUids[i]);
+ }
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel);
+}
+
+// ---------------------------------------------------------------------------
+// ContinueSetApplicability
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueSetApplicability()
+ {
+ PKISERVICE_ASSERT(iCerts && iCerts->Count());
+ iSubState = ESSComplete;
+ iCertStore->SetApplicability(*(*iCerts)[0], iApplUids, iStatus);
+ iPending = ESetApplicability;
+ SetActive();
+ }
+
+// ---------------------------------------------------------------------------
+// ?description_if_needed
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ApplicationsL(const TDesC &aLabel, TRequestStatus& aStatus)
+{
+ LOG(Log::Printf(_L("Applications\n")));
+ iSupportStatus = KErrNone;
+ iCerts->Close();
+ iSubState = ESSContinue;
+ SetCallerStatusPending( aStatus );
+ SelectCertificateL(aLabel);
+}
+
+// ---------------------------------------------------------------------------
+// ContinueApplications
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::ContinueApplications()
+{
+ iSubState = ESSComplete;
+ iApplUids.Close();
+ iCertStore->Applications(*(*iCerts)[0], iApplUids, iStatus);
+ iPending = EApplications;
+ SetActive();
+}
+
+
+// ---------------------------------------------------------------------------
+// SelectCertificateL
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::SelectCertificateL(const TDesC &aLabel,
+ const TPKICertificateOwnerType& aType )
+{
+ delete iCertFilter;
+ iCertFilter = NULL;
+ iCertFilter = CCertAttributeFilter::NewL();
+
+ LOG(Log::Printf(_L(" Select by label: %S\n"), &aLabel));
+ iCertFilter->SetLabel(aLabel);
+ if (aType != 0)
+ {
+ LOG_1(" Select by owner type: %d", aType);
+ iCertFilter->SetOwnerType(TCertificateOwnerType(aType));
+ }
+ GetCertificateStoreListAsync();
+}
+
+
+
+// ---------------------------------------------------------------------------
+// GetCertificateStoreListAsync()
+// ---------------------------------------------------------------------------
+//
+void CPKISupport::GetCertificateStoreListAsync()
+ {
+ LOG_1("-> CPKISupport::GetCertificateStoreListAsync() iSubState:%d",
+ iSubState );
+ // preconditions
+ PKISERVICE_ASSERT( iCerts && iCertFilter && iStatus != KRequestPending );
+ LOG_1("CPKISupport::GetSertificateStoreListAsync iSubState:%d",
+ iSubState );
+
+ // Get list of all known certificates
+ iCertStore->List(*iCerts, *iCertFilter, iStatus);
+ iPending = EListCerts;
+ SetActive();
+ LOG_("<- CPKISupport::GetCertificateStoreListAsync()");
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/src/pkiwrapper.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,853 @@
+/*
+* Copyright (c) 2006 - 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A class wrapping symbian certificate storage for use by PKI service clients.
+*
+*/
+
+
+
+#include <x509cert.h>
+
+#include "pkiwrapper.h"
+#include "PKIMapper.h"
+#include "pkisession.h"
+#include "pkisupport.h"
+#include "log_r6.h"
+
+
+
+CPKIWrapper* CPKIWrapper::NewL(CPKIMapper& aMapper)
+ {
+ CPKIWrapper* self = new (ELeave) CPKIWrapper(aMapper);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+CPKIWrapper::~CPKIWrapper()
+ {
+ LOG_("-> CPKIWrapper::~CPKIWrapper()");
+ Cancel();
+ delete iCurrentMapping;
+ delete iObjectName;
+ delete iCertBuffer;
+ iUidArray.Close();
+
+ delete iPKISupport;
+ LOG_("<- CPKIWrapper::~CPKIWrapper()");
+ }
+
+CPKIWrapper::CPKIWrapper(CPKIMapper& aMapper)
+ :CActive(CActive::EPriorityStandard),
+ iMapper(aMapper),
+ iPtrCertBuffer(0,0)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+void CPKIWrapper::ConstructL()
+ {
+ LOG_("-> CPKIWrapper::ConstructL()");
+ iObjectName = new (ELeave) TBuf<MAX_FILENAME_LENGTH>;
+ iPKISupport = CPKISupport::NewL(iMapper, *this);
+
+ SetCertStoreType(EPkiStoreTypeAny);
+ SetInformational(EFalse);
+
+ LOG_("<- CPKIWrapper::ConstructL()");
+ }
+
+//====================================================================================================================================
+/**
+* Initialize
+*/
+//====================================================================================================================================
+void CPKIWrapper::InitializeL(const RMessage2& aMessage)
+{
+ LOG_("CPKIWrapper::InitializeL()");
+ iPKISupport->StartInitializeL(aMessage);
+}
+
+
+//====================================================================================================================================
+/**
+* Initialization routine
+*/
+//====================================================================================================================================
+TInt CPKIWrapper::InitOperation(const RMessage2& aMessage)
+{
+ if (IsActive())
+ {
+ LOG(Log::Printf(_L("Pkiservice busy. Function %d\n"), aMessage.Function()));
+ return KPKIErrServiceBusy;
+ }
+
+ LOG(Log::Printf(_L("InitOperation function %d\n"), aMessage.Function()));
+ iCurrentStatus = KErrNone; // Clear status
+ iCurrentState = EExecute; // Set state
+ iMessage = aMessage; // Save message
+ iPKISupport->SetCurrentFunction(iMessage.Function());
+ iIndex = KErrNotFound;
+
+ // Trigger function
+ iStatus = KRequestPending;
+ SetActive();
+ TRequestStatus *status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+
+ return KErrNone;
+}
+
+/**---------------------------------------------------------
+ *
+ * CancelPendingOperation
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::CancelPendingOperation()
+{
+ Cancel();
+
+ delete iCertBuffer;
+ iCertBuffer = NULL;
+}
+
+/**---------------------------------------------------------
+ *
+ * GetRequiredBufferSize
+ *
+ *----------------------------------------------------------*/
+TInt CPKIWrapper::GetRequiredBufferSizeL(const RMessage2& aMessage)
+{
+ iCurrentStatus = KErrNone; // Clear status
+ LOG(Log::Printf(_L("Start Function %d\n"), iMessage.Function()));
+ iMessage = aMessage; // Save message
+ CompleteRequestAndCleanupL();
+ return iCurrentStatus;
+}
+
+//====================================================================================================================================
+/**
+* Starter routines
+*/
+//====================================================================================================================================
+
+void CPKIWrapper::SetTrusted(TBool aValue)
+{
+ iTrusted = aValue;
+}
+
+void CPKIWrapper::SetApplications(const RArray<TUid>& aApplUids)
+{
+ iUidArray.Close();
+ for(TInt i=0;i<aApplUids.Count();i++)
+ {
+ iUidArray.Append(aApplUids[i]);
+ }
+}
+
+
+/**---------------------------------------------------------
+ *
+ * StartReadCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartReadCertificateL()
+ {
+ LOG(Log::Printf(_L("StartReadCertificate\n")));
+ iMessage.ReadL(0, iCurrentDescriptor);
+ TInt outDataSize = iMessage.GetDesMaxLength(1);
+ iCertBuffer = HBufC8::NewL(outDataSize);
+ iPtrCertBuffer.Set(iCertBuffer->Des()); // A pointer for changing the contents of buf
+ }
+
+
+
+/**---------------------------------------------------------
+ *
+ * StartStoreCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartStoreCertificateL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ iObjectName->Copy(iCurrentDescriptor().iObjectName);
+ TInt inDataSize = iMessage.GetDesLength(1);
+ iCertBuffer = HBufC8::NewL(inDataSize);
+ iPtrCertBuffer.Set(iCertBuffer->Des()); // A pointer for changing the contents of buf
+ iMessage.ReadL(1, iPtrCertBuffer);
+ }
+
+/**---------------------------------------------------------
+ *
+ * StartAttachCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartAttachCertificateL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ iObjectName->Copy(iCurrentDescriptor().iObjectName);
+
+ TInt inDataSize = iMessage.GetDesLength(1);
+ iCertBuffer = HBufC8::NewL(inDataSize);
+ iPtrCertBuffer.Set(iCertBuffer->Des()); // A pointer for changing the contents of buf
+ iMessage.ReadL(1, iPtrCertBuffer);
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * StartRemoveCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartRemoveCertificateL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ }
+
+/**---------------------------------------------------------
+ *
+ * StartSetTrustL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartSetTrustL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ TPckg<TBool> pckgTrusted(iTrusted);
+ iMessage.ReadL(1, pckgTrusted, 0);
+ }
+
+/**---------------------------------------------------------
+ *
+ * StartTrustedL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartTrustedL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * StartSetApplicabilityL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartSetApplicabilityL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ TPckg<TUint> pckgCount(iCount);
+ iMessage.ReadL(1, pckgCount);
+ // Allocate list for applications
+ CBufFlat* list = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(list);
+ list->ResizeL(iCount * sizeof(TUid));
+ TPtr8 ptrList = list->Ptr(0);
+ iMessage.ReadL(2, ptrList);
+ iUidArray.Close();
+ if(iCount > 0)
+ {
+ TUid tempUid;
+ for (TUint i = 0; i < iCount; i++)
+ {
+ list->Read(i * sizeof(TUid), (TAny*)&tempUid, sizeof(TUid));
+ iUidArray.Append(tempUid);
+ }
+ }
+ CleanupStack::PopAndDestroy(1); // list
+ }
+
+/**---------------------------------------------------------
+ *
+ * StartApplicationsL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::StartApplicationsL()
+ {
+ iMessage.ReadL(0, iCurrentDescriptor);
+ TPckg<TUint> pckgCount(iMaxCount);
+ iMessage.ReadL(1, pckgCount);
+ }
+
+
+//====================================================================================================================================
+/**
+* Continuation routines
+* Activate active object if necessary
+*/
+//====================================================================================================================================
+
+
+/**---------------------------------------------------------
+ *
+ * ExecuteReadCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteReadCertificateL()
+ {
+ TInt index;
+
+ LOG(Log::Printf(_L("CPKIWrapper::ExecuteReadCertificateL()\n")));
+ iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
+ index, iInfoOnly,
+ iPKISupport->CertStoreType());
+ if(iCurrentStatus == KErrNone)
+ {
+ TSecurityObjectDescriptor sdesc = iCurrentDescriptor();
+ iCurrentState = EComplete;
+ iPKISupport->RetrieveCertificateL(*iObjectName, iPtrCertBuffer, sdesc.iOwnerType, iStatus);
+ SetActive();
+ }
+ LOG_1("CPKIWrapper::ExecuteReadCertificateL() exit:%d", iCurrentStatus);
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ExecuteStoreCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteStoreCertificateL()
+ {
+ LOG(Log::Printf(_L("CPKIWrapper::ExecuteStoreCertificateL()\n")));
+
+ if (iPtrCertBuffer.Length() > 0)
+ {
+ // See whether the certificate already exists in the store
+ TBool certIsNew = iMapper.CertificateIsUniqueL(
+ iPtrCertBuffer);
+
+ if (certIsNew)
+ {
+ LOG(Log::Printf(_L("Creating new certificate entry\n")));
+ delete iCurrentMapping;
+ iCurrentMapping = NULL;
+ iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
+ iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName);
+ iCurrentMapping->SetMapObjectName(*iObjectName);
+ SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType);
+
+ TPkiServiceStoreType storeType = iPKISupport->CertStoreType();
+ if (storeType == EPkiStoreTypeAny)
+ {
+ storeType = EPkiStoreTypeUser;
+ }
+ iCurrentMapping->SetCertStoreType(storeType);
+
+ if(iCurrentStatus == KErrNone)
+ {
+ LOG(Log::Printf(_L("Status OK, identity saved\n")));
+ iCurrentStatus = KErrNone;
+ iCurrentState = EComplete;
+ LOG(Log::Printf(_L("Storing CERT with LABEL:")));
+ LOG(Log::Printf(iCurrentMapping->iObjectName));
+ iPKISupport->StoreCertificateL(iCurrentMapping->iObjectName,
+ (TCertificateOwnerType)iCurrentDescriptor().iOwnerType,
+ iPtrCertBuffer, iCurrentDescriptor().iIsDeletable, iStatus);
+ LOG(Log::Printf(_L("CERT stored\n")));
+ SetActive();
+ }
+ }
+ else
+ {
+ // Identical certificate already existed, no need to add this one.
+ // Set current status to KErrBadName so that the operations can
+ // continue (any other error would halt the process)
+ LOG(Log::Printf(_L("Certificate already exists, not adding")));
+ iCurrentStatus = KErrBadName;
+ }
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Certificate buffer invalid")));
+ iCurrentStatus = KErrGeneral;
+ }
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ExecuteAttachCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteAttachCertificateL()
+ {
+ LOG(Log::Printf(_L("ExecuteAttachCertificateL")));
+
+ iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName, EUserCertificate);
+
+ delete iCurrentMapping;
+ iCurrentMapping = NULL;
+ iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
+ iCurrentMapping->SetMapObjectName(*iObjectName);
+ SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType);
+
+ TPkiServiceStoreType storeType = iPKISupport->CertStoreType();
+ if (storeType == EPkiStoreTypeAny)
+ {
+ storeType = EPkiStoreTypeUser;
+ }
+ iCurrentMapping->SetCertStoreType(storeType);
+ if(iCurrentStatus == KErrNone)
+ {
+ iCurrentStatus = KErrNone;
+ iCurrentState = EComplete;
+ LOG(Log::Printf(_L("Attaching certificate")));
+ LOG(Log::Printf(iCurrentMapping->iObjectName));
+ iPKISupport->AttachCertificateL(iCurrentMapping->iObjectName, iCurrentDescriptor().iSubjectKeyId, iPtrCertBuffer, iStatus);
+ LOG(Log::Printf(_L("Certificate attached")));
+ SetActive();
+ }
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ExecuteRemoveCertificateL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteRemoveCertificateL()
+ {
+ TInt index;
+
+ iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(),
+ *iObjectName, index, iInfoOnly,
+ iPKISupport->CertStoreType());
+ if(iCurrentStatus == KErrNone)
+ {
+ delete iCurrentMapping;
+ iCurrentMapping = NULL;
+ iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
+ *iCurrentMapping = iMapper.GetMapDescriptorAtIndex(index);
+ iCurrentState = EComplete;
+ iPKISupport->RemoveCertificateL(*iObjectName, iStatus);
+ SetActive();
+ }
+ }
+
+/**---------------------------------------------------------
+ *
+ * ExecuteSetTrustL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteSetTrustL()
+ {
+ TInt index;
+
+ iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
+ index, iInfoOnly,
+ iPKISupport->CertStoreType());
+ if(iCurrentStatus == KErrNone)
+ {
+ const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
+ if (mapping.iOwnerType == EPKICACertificate)
+ {
+ iCurrentState = EComplete;
+ iPKISupport->SetTrustL(*iObjectName, iTrusted, iStatus);
+ SetActive();
+ }
+ else
+ {
+ iCurrentStatus = KErrArgument;
+ }
+ }
+ }
+
+/**---------------------------------------------------------
+ *
+ * ExecuteTrustedL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteTrustedL()
+ {
+ TInt index;
+
+ iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
+ index, iInfoOnly,
+ iPKISupport->CertStoreType());
+ if(iCurrentStatus == KErrNone)
+ {
+ iCurrentState = EComplete;
+ iPKISupport->TrustedL(*iObjectName, iStatus);
+ SetActive();
+ }
+ }
+
+/**---------------------------------------------------------
+ *
+ * ExecuteSetApplicabilityL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteSetApplicabilityL()
+ {
+ TInt index(KErrNotFound);
+ iCurrentStatus = iMapper.ResolveCertMappingL(
+ iCurrentDescriptor(), *iObjectName,
+ index, iInfoOnly,
+ iPKISupport->CertStoreType());
+
+ // Save index
+ iIndex = index;
+ if(iCurrentStatus == KErrNone)
+ {
+ LOG_1("ExecuteSetApplicabilityL:%d", iIndex);
+ iCurrentState = EComplete;
+ iPKISupport->SetApplicabilityL(*iObjectName, iUidArray, iStatus);
+ SetActive();
+ }
+ }
+
+/**---------------------------------------------------------
+ *
+ * ExecuteApplicationsL
+ *
+ *----------------------------------------------------------*/
+void CPKIWrapper::ExecuteApplicationsL()
+{
+ TInt index;
+
+ iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
+ index, iInfoOnly,
+ iPKISupport->CertStoreType());
+ iUidArray.Close();
+ if(iCurrentStatus == KErrNone)
+ {
+ iCurrentState = EComplete;
+ iPKISupport->ApplicationsL(*iObjectName, iStatus);
+ SetActive();
+ }
+}
+
+
+//====================================================================================================================================
+/*
+* Completion functions
+*/
+//====================================================================================================================================
+void CPKIWrapper::CompleteRequestAndCleanupL()
+ {
+ switch (iMessage.Function())
+ {
+ case PkiService::EGetRequiredBufferSize:
+ if (iCurrentStatus == KErrNone)
+ {
+ TPckg<TInt> pckgSize(iRequiredBufferLength);
+ iMessage.WriteL(0, pckgSize);
+ }
+ break;
+
+ case PkiService::EReadCertificate:
+ if (iCurrentStatus == KErrNone)
+ {
+ iMessage.WriteL(1, iPtrCertBuffer);
+ }
+ break;
+
+ case PkiService::EStoreCertificate:
+ // FALLTROUGH
+ case PkiService::EAttachCertificate:
+ if (iCurrentStatus == KErrNone)
+ {
+ User::LeaveIfError(
+ iMapper.AddMapping(*iCurrentMapping) );
+ iCurrentMapping = NULL;
+ }
+ if (iCurrentStatus == KErrBadName)
+ {
+ // Already exists
+ iCurrentStatus = KErrNone;
+ }
+ break;
+
+ case PkiService::ERemoveCertificate:
+ if (iCurrentStatus == KErrNone)
+ {
+ iMapper.DeleteMapping(*iCurrentMapping);
+ }
+ break;
+
+ case PkiService::ESetApplicability:
+ if (iCurrentStatus == KErrNone)
+ {
+ iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Close();
+ TUint i;
+ for(i=0;i<iCount;i++)
+ {
+ iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Append(iUidArray[i]);
+ }
+ }
+ break;
+
+ case PkiService::ETrusted:
+ if (iCurrentStatus == KErrNone)
+ {
+ TPckgC<TBool> pckgTrusted(iTrusted);
+ iMessage.WriteL(1, pckgTrusted);
+ }
+ break;
+
+ case PkiService::EApplications:
+ if (iCurrentStatus == KErrNone)
+ {
+ TUint pos = 0;
+ CBufFlat* list = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(list);
+ iCount = iUidArray.Count();
+ if(iCount > iMaxCount)
+ {
+ // Prevent overrun
+ iCount = iMaxCount;
+ }
+ list->ResizeL(iCount * sizeof(TUid));
+
+ for(TUint i = 0; i < iCount; i++)
+ {
+ list->Write(pos * sizeof(TUid),
+ (TAny*)&iUidArray[i].iUid,
+ sizeof(TUid));
+ pos++;
+ }
+
+ TPckgC<TUint> pckgCount(iCount);
+ iMessage.WriteL(1, pckgCount);
+ TPtr8 ptrList = list->Ptr(0);
+ iMessage.WriteL(2, ptrList);
+
+ CleanupStack::PopAndDestroy(1); // list
+ }
+ break;
+ }
+
+ LOG(Log::Printf(_L("Complete function %d, status %d\n"),
+ iMessage.Function(), iCurrentStatus));
+
+ delete iCertBuffer;
+ delete iCurrentMapping;
+ iCurrentMapping = NULL;
+ iCertBuffer = NULL;
+ iMessage.Complete(iCurrentStatus);
+ }
+
+
+
+//====================================================================================================================================
+/*
+* Active object functions
+*/
+//====================================================================================================================================
+void CPKIWrapper::RunL()
+ {
+ TRequestStatus *status = &iStatus;
+ iCurrentStatus = iStatus.Int(); // Status from interface active object
+ switch (iCurrentState)
+ {
+ case EExecute:
+ // Begin case EExecute
+ if(iCurrentStatus == KErrNone)
+ {
+ switch ( iMessage.Function() )
+ {
+ case PkiService::ESetTrust:
+ StartSetTrustL();
+ ExecuteSetTrustL();
+ break;
+
+ case PkiService::ETrusted:
+ StartTrustedL();
+ ExecuteTrustedL();
+ break;
+
+ case PkiService::ESetApplicability:
+ StartSetApplicabilityL();
+ ExecuteSetApplicabilityL();
+ break;
+
+ case PkiService::EApplications:
+ StartApplicationsL();
+ ExecuteApplicationsL();
+ break;
+
+ case PkiService::EReadCertificate:
+ StartReadCertificateL();
+ ExecuteReadCertificateL();
+ break;
+
+ case PkiService::EStoreCertificate:
+ StartStoreCertificateL();
+ ExecuteStoreCertificateL();
+ break;
+
+ case PkiService::EAttachCertificate:
+ StartAttachCertificateL();
+ ExecuteAttachCertificateL();
+ break;
+
+ case PkiService::ERemoveCertificate:
+ StartRemoveCertificateL();
+ ExecuteRemoveCertificateL();
+ break;
+ default:
+ iCurrentStatus = KPKIErrNotSupported;
+ iCurrentState = EComplete;
+ break;
+ }
+ }
+ if(iCurrentStatus != KErrNone)
+ {
+ // Trigger completion
+ iCurrentState = EComplete;
+ iStatus = KRequestPending;
+ SetActive();
+ User::RequestComplete(status, iCurrentStatus);
+ }
+ break;
+ // End case EExecute
+
+ case EComplete:
+ // Begin case EComplete
+ if(iCurrentStatus == KPKIErrBufferTooShort)
+ {
+ iRequiredBufferLength = iPKISupport->GetRequiredBufferSize();
+ }
+ if (iMessage.Function() == PkiService::ELogon)
+ {
+ iCurrentStatus = iStatus.Int();
+ }
+ CompleteRequestAndCleanupL();
+ break;
+ // End case EComplete
+ default:
+ LOG_1("CPKIWrapper::RunL unknown State:%d", iCurrentState);
+ break;
+ }
+ }
+
+TInt CPKIWrapper::RunError(TInt aError)
+ {
+ LOG(Log::Printf(_L("CPKIWrapper::RunError, Complete function %d, status %d\n"), iMessage.Function(), aError));
+ delete iCertBuffer;
+ delete iCurrentMapping;
+ iCurrentMapping = NULL;
+ iCertBuffer = NULL;
+
+ iMessage.Complete(aError);
+ return KErrNone;
+ }
+
+void CPKIWrapper::DoCancel()
+ {
+ LOG_1("Cancel function %d", iMessage.Function());
+ if ( iPKISupport )
+ {
+ iPKISupport->Cancel();
+ }
+ iMessage.Complete(KErrCancel);
+ }
+
+
+
+void CPKIWrapper::SaveIdentityL(CMapDescriptor &aCertDesc,
+ const TDesC8& aCertDataIn,
+ TCertificateOwnerType aOwner)
+{
+ LOG(Log::Printf(_L("CPKIWrapper::SaveIdentityL()\n")));
+
+ CX509Certificate* certificate = CX509Certificate::NewLC(aCertDataIn);
+
+ // Validity period
+ aCertDesc.SetMapStartTime(certificate->ValidityPeriod().Start());
+ aCertDesc.SetMapEndTime(certificate->ValidityPeriod().Finish());
+
+
+ // Copy issuer
+ const TPtrC8* issuer = certificate->DataElementEncoding(CX509Certificate::EIssuerName);
+ aCertDesc.SetMapTrustedAuthorityL(*issuer);
+
+ // Copy subject name
+ const TPtrC8* subject = certificate->DataElementEncoding(CX509Certificate::ESubjectName);
+ aCertDesc.SetMapIdentitySubjectNameL(*subject);
+
+ // Copy rfc822 name from subjectAlt name
+ const CX509CertExtension* subjAltName = certificate->Extension(KSubjectAltName);
+ if(subjAltName != NULL)
+ {
+ CX509AltNameExt* subjectAlt = CX509AltNameExt::NewLC(subjAltName->Data());
+ if(subjectAlt != NULL)
+ {
+ const CArrayPtrFlat<CX509GeneralName> *nameArray;
+ nameArray = &subjectAlt->AltName();
+ // Search rfc822
+ for(TInt i = 0; i < nameArray->Count(); i++)
+ {
+ if(nameArray->At(i)->Tag() == EX509RFC822Name)
+ {
+ TPtrC8 data = nameArray->At(i)->Data();
+ aCertDesc.SetMapIdentityRfc822NameL(data.Right(data.Length() - 2));
+ break;
+ }
+ }
+ }
+ CleanupStack::PopAndDestroy(subjectAlt);
+ }
+
+ // Key usage
+ const CX509CertExtension* keyUsage = certificate->Extension(KKeyUsage);
+ if((keyUsage != NULL) && keyUsage->Critical())
+ {
+ aCertDesc.iKeyUsageDer.Copy(keyUsage->Data());
+ }
+
+ // Serial number
+ const TPtrC8* serial = certificate->DataElementEncoding(CX509Certificate::ESerialNumber);
+ if(serial != NULL)
+ {
+ aCertDesc.SetMapSerialNumberL(*serial);
+ }
+
+ // Set Subject Key Identifier if we are handling CA
+ if(aOwner == ECACertificate)
+ {
+ TPKIKeyIdentifier keyId = certificate->SubjectKeyIdentifierL();
+ aCertDesc.SetMapSubjectKeyId(keyId);
+ }
+
+ CleanupStack::PopAndDestroy(certificate);
+
+
+ if(CPKIMapper::CertValidity(aCertDesc.iStartTime, aCertDesc.iEndTime) == EExpired)
+ {
+ LOG(Log::Printf(_L("Certificate expired\n")));
+ }
+}
+
+
+void CPKIWrapper::SetCertStoreType(TPkiServiceStoreType aStoreType)
+ {
+ LOG(Log::Printf(_L("CPKIWrapper: SETTING CERT STORE TYPE: %d\n"), aStoreType));
+ iPKISupport->SetCertStoreType(aStoreType);
+ }
+
+
+
+TPkiServiceStoreType CPKIWrapper::CertStoreType() const
+ {
+ return iPKISupport->CertStoreType();
+ }
+
+void CPKIWrapper::SetInformational(const TBool aInfoOnly)
+ {
+ iInfoOnly = aInfoOnly;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/EABI/PKIServiceAPIU.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,45 @@
+EXPORTS
+ _ZN14RPKIServiceAPI12StoreKeypairER5TBuf8ILi20EERK6TDesC8R14TRequestStatus @ 1 NONAME
+ _ZN14RPKIServiceAPI14ChangePasswordER14TRequestStatus @ 2 NONAME
+ _ZN14RPKIServiceAPI15GenerateKeypairER5TBuf8ILi20EEj16TPKIKeyAlgorithmR14TRequestStatus @ 3 NONAME
+ _ZN14RPKIServiceAPI15ReadCertificateERK6TDesC8S2_R5TDes8 @ 4 NONAME
+ _ZN14RPKIServiceAPI16ReadCertificateLERK5TBuf8ILi20EER5TDes8PPvR14TRequestStatus @ 5 NONAME
+ _ZN14RPKIServiceAPI16ReadCertificateLERK6TDesC8S2_S2_24TPKICertificateOwnerTypej16TPKIKeyAlgorithmR5TDes8PPvR14TRequestStatus @ 6 NONAME
+ _ZN14RPKIServiceAPI16SetInformationalEi @ 7 NONAME
+ _ZN14RPKIServiceAPI17ListCertificatesLERP9CArrayFixI21TCertificateListEntryE @ 8 NONAME
+ _ZN14RPKIServiceAPI17StoreCertificateLE24TPKICertificateOwnerTypej16TPKIKeyAlgorithmRK6TDesC8PPvR14TRequestStatus @ 9 NONAME
+ _ZN14RPKIServiceAPI18AttachCertificateLERK5TBuf8ILi20EEj16TPKIKeyAlgorithmRK6TDesC8PPvR14TRequestStatus @ 10 NONAME
+ _ZN14RPKIServiceAPI21GetRequiredBufferSizeERi @ 11 NONAME
+ _ZN14RPKIServiceAPI22CancelPendingOperationEv @ 12 NONAME
+ _ZN14RPKIServiceAPI27ListApplicableCertificatesLERK6RArrayI4TUidERP9CArrayFixI21TCertificateListEntryE @ 13 NONAME
+ _ZN14RPKIServiceAPI32CreateAndSaveCertificateRequestLERK5TBuf8ILi20EERK6TDesC8S6_S6_S6_R6TDes16Ri @ 14 NONAME
+ _ZN14RPKIServiceAPI5CloseEv @ 15 NONAME
+ _ZN14RPKIServiceAPI5LogonER14TRequestStatus @ 16 NONAME
+ _ZN14RPKIServiceAPI6LogoffER14TRequestStatus @ 17 NONAME
+ _ZN14RPKIServiceAPI7ConnectEv @ 18 NONAME
+ _ZN14RPKIServiceAPI8FinalizeEPv @ 19 NONAME
+ _ZN14RPKIServiceAPI9ListKeysLERP9CArrayFixI13TKeyListEntryE @ 20 NONAME
+ _ZN14RPKIServiceAPIC1Ev @ 21 NONAME
+ _ZN14RPKIServiceAPIC2Ev @ 22 NONAME
+ _ZNK14RPKIServiceAPI10KeyDetailsERK5TBuf8ILi20EER13TKeyListEntry @ 23 NONAME
+ _ZNK14RPKIServiceAPI12KeyStoreTypeER20TPkiServiceStoreType @ 24 NONAME
+ _ZNK14RPKIServiceAPI12SetStoreTypeE20TPkiServiceStoreType @ 25 NONAME
+ _ZNK14RPKIServiceAPI12SetStoreTypeEi20TPkiServiceStoreType @ 26 NONAME
+ _ZNK14RPKIServiceAPI13ApplicationsLERK6TDesC8S2_R6RArrayI4TUidE @ 27 NONAME
+ _ZNK14RPKIServiceAPI13CertStoreTypeER20TPkiServiceStoreType @ 28 NONAME
+ _ZNK14RPKIServiceAPI13ReadPublicKeyERK5TBuf8ILi20EER5TDes8 @ 29 NONAME
+ _ZNK14RPKIServiceAPI13RemoveKeypairERK5TBuf8ILi20EE @ 30 NONAME
+ _ZNK14RPKIServiceAPI16StoreCertificateE24TPKICertificateOwnerTypeRKij16TPKIKeyAlgorithmRK6TDesC8 @ 31 NONAME
+ _ZNK14RPKIServiceAPI17AttachCertificateERK5TBuf8ILi20EERKij16TPKIKeyAlgorithmRK6TDesC8 @ 32 NONAME
+ _ZNK14RPKIServiceAPI17RemoveCertificateERK6TDesC8S2_ @ 33 NONAME
+ _ZNK14RPKIServiceAPI17SetApplicabilityLERK6TDesC8S2_RK6RArrayI4TUidE @ 34 NONAME
+ _ZNK14RPKIServiceAPI18CertificateDetailsERK6TDesC8S2_R21TCertificateListEntry @ 35 NONAME
+ _ZNK14RPKIServiceAPI22ReadCertificateRequestERK7TDesC16R5TDes8 @ 36 NONAME
+ _ZNK14RPKIServiceAPI24DeleteCertificateRequestERK7TDesC16 @ 37 NONAME
+ _ZNK14RPKIServiceAPI24ListCertificateRequestsLERP9CArrayFixI28TCertificateRequestListEntryE @ 38 NONAME
+ _ZNK14RPKIServiceAPI4SignERK5TBuf8ILi20EERK6TDesC8R5TDes8 @ 39 NONAME
+ _ZNK14RPKIServiceAPI4SignERK6TDesC8S2_S2_13TX509KeyUsagej16TPKIKeyAlgorithmS2_R5TDes8 @ 40 NONAME
+ _ZNK14RPKIServiceAPI7DecryptERK5TBuf8ILi20EERK6TDesC8R5TDes8 @ 41 NONAME
+ _ZNK14RPKIServiceAPI7TrustedERK6TDesC8S2_Ri @ 42 NONAME
+ _ZNK14RPKIServiceAPI8SetTrustERK6TDesC8S2_RKi @ 43 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/bwins/pkiserviceapiu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+EXPORTS
+ ??0RPKIServiceAPI@@QAE@XZ @ 1 NONAME ; RPKIServiceAPI::RPKIServiceAPI(void)
+ ?ApplicationsL@RPKIServiceAPI@@QBEXABVTDesC8@@0AAV?$RArray@VTUid@@@@@Z @ 2 NONAME ; void RPKIServiceAPI::ApplicationsL(class TDesC8 const &, class TDesC8 const &, class RArray<class TUid> &) const
+ ?AttachCertificate@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@ABHIW4TPKIKeyAlgorithm@@ABVTDesC8@@@Z @ 3 NONAME ; int RPKIServiceAPI::AttachCertificate(class TBuf8<20> const &, int const &, unsigned int, enum TPKIKeyAlgorithm, class TDesC8 const &) const
+ ?AttachCertificateL@RPKIServiceAPI@@QAEXABV?$TBuf8@$0BE@@@IW4TPKIKeyAlgorithm@@ABVTDesC8@@PAPAXAAVTRequestStatus@@@Z @ 4 NONAME ; void RPKIServiceAPI::AttachCertificateL(class TBuf8<20> const &, unsigned int, enum TPKIKeyAlgorithm, class TDesC8 const &, void * *, class TRequestStatus &)
+ ?CancelPendingOperation@RPKIServiceAPI@@QAEHXZ @ 5 NONAME ; int RPKIServiceAPI::CancelPendingOperation(void)
+ ?CertStoreType@RPKIServiceAPI@@QBEHAAW4TPkiServiceStoreType@@@Z @ 6 NONAME ; int RPKIServiceAPI::CertStoreType(enum TPkiServiceStoreType &) const
+ ?CertificateDetails@RPKIServiceAPI@@QBEHABVTDesC8@@0AAVTCertificateListEntry@@@Z @ 7 NONAME ; int RPKIServiceAPI::CertificateDetails(class TDesC8 const &, class TDesC8 const &, class TCertificateListEntry &) const
+ ?ChangePassword@RPKIServiceAPI@@QAEXAAVTRequestStatus@@@Z @ 8 NONAME ; void RPKIServiceAPI::ChangePassword(class TRequestStatus &)
+ ?Close@RPKIServiceAPI@@QAEXXZ @ 9 NONAME ; void RPKIServiceAPI::Close(void)
+ ?Connect@RPKIServiceAPI@@QAEHXZ @ 10 NONAME ; int RPKIServiceAPI::Connect(void)
+ ?CreateAndSaveCertificateRequestL@RPKIServiceAPI@@QAEXABV?$TBuf8@$0BE@@@ABVTDesC8@@111AAVTDes16@@AAH@Z @ 11 NONAME ; void RPKIServiceAPI::CreateAndSaveCertificateRequestL(class TBuf8<20> const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDes16 &, int &)
+ ?Decrypt@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@ABVTDesC8@@AAVTDes8@@@Z @ 12 NONAME ; int RPKIServiceAPI::Decrypt(class TBuf8<20> const &, class TDesC8 const &, class TDes8 &) const
+ ?DeleteCertificateRequest@RPKIServiceAPI@@QBEHABVTDesC16@@@Z @ 13 NONAME ; int RPKIServiceAPI::DeleteCertificateRequest(class TDesC16 const &) const
+ ?Finalize@RPKIServiceAPI@@QAEXPAX@Z @ 14 NONAME ; void RPKIServiceAPI::Finalize(void *)
+ ?GenerateKeypair@RPKIServiceAPI@@QAEXAAV?$TBuf8@$0BE@@@IW4TPKIKeyAlgorithm@@AAVTRequestStatus@@@Z @ 15 NONAME ; void RPKIServiceAPI::GenerateKeypair(class TBuf8<20> &, unsigned int, enum TPKIKeyAlgorithm, class TRequestStatus &)
+ ?GetRequiredBufferSize@RPKIServiceAPI@@QAEHAAH@Z @ 16 NONAME ; int RPKIServiceAPI::GetRequiredBufferSize(int &)
+ ?KeyDetails@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@AAVTKeyListEntry@@@Z @ 17 NONAME ; int RPKIServiceAPI::KeyDetails(class TBuf8<20> const &, class TKeyListEntry &) const
+ ?KeyStoreType@RPKIServiceAPI@@QBEHAAW4TPkiServiceStoreType@@@Z @ 18 NONAME ; int RPKIServiceAPI::KeyStoreType(enum TPkiServiceStoreType &) const
+ ?ListApplicableCertificatesL@RPKIServiceAPI@@QAEXABV?$RArray@VTUid@@@@AAPAV?$CArrayFix@VTCertificateListEntry@@@@@Z @ 19 NONAME ; void RPKIServiceAPI::ListApplicableCertificatesL(class RArray<class TUid> const &, class CArrayFix<class TCertificateListEntry> * &)
+ ?ListCertificateRequestsL@RPKIServiceAPI@@QBEXAAPAV?$CArrayFix@VTCertificateRequestListEntry@@@@@Z @ 20 NONAME ; void RPKIServiceAPI::ListCertificateRequestsL(class CArrayFix<class TCertificateRequestListEntry> * &) const
+ ?ListCertificatesL@RPKIServiceAPI@@QAEXAAPAV?$CArrayFix@VTCertificateListEntry@@@@@Z @ 21 NONAME ; void RPKIServiceAPI::ListCertificatesL(class CArrayFix<class TCertificateListEntry> * &)
+ ?ListKeysL@RPKIServiceAPI@@QAEXAAPAV?$CArrayFix@VTKeyListEntry@@@@@Z @ 22 NONAME ; void RPKIServiceAPI::ListKeysL(class CArrayFix<class TKeyListEntry> * &)
+ ?Logoff@RPKIServiceAPI@@QAEXAAVTRequestStatus@@@Z @ 23 NONAME ; void RPKIServiceAPI::Logoff(class TRequestStatus &)
+ ?Logon@RPKIServiceAPI@@QAEXAAVTRequestStatus@@@Z @ 24 NONAME ; void RPKIServiceAPI::Logon(class TRequestStatus &)
+ ?ReadCertificate@RPKIServiceAPI@@QAEHABVTDesC8@@0AAVTDes8@@@Z @ 25 NONAME ; int RPKIServiceAPI::ReadCertificate(class TDesC8 const &, class TDesC8 const &, class TDes8 &)
+ ?ReadCertificateL@RPKIServiceAPI@@QAEXABV?$TBuf8@$0BE@@@AAVTDes8@@PAPAXAAVTRequestStatus@@@Z @ 26 NONAME ; void RPKIServiceAPI::ReadCertificateL(class TBuf8<20> const &, class TDes8 &, void * *, class TRequestStatus &)
+ ?ReadCertificateL@RPKIServiceAPI@@QAEXABVTDesC8@@00W4TPKICertificateOwnerType@@IW4TPKIKeyAlgorithm@@AAVTDes8@@PAPAXAAVTRequestStatus@@@Z @ 27 NONAME ; void RPKIServiceAPI::ReadCertificateL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, enum TPKICertificateOwnerType, unsigned int, enum TPKIKeyAlgorithm, class TDes8 &, void * *, class TRequestStatus &)
+ ?ReadCertificateRequest@RPKIServiceAPI@@QBEHABVTDesC16@@AAVTDes8@@@Z @ 28 NONAME ; int RPKIServiceAPI::ReadCertificateRequest(class TDesC16 const &, class TDes8 &) const
+ ?ReadPublicKey@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@AAVTDes8@@@Z @ 29 NONAME ; int RPKIServiceAPI::ReadPublicKey(class TBuf8<20> const &, class TDes8 &) const
+ ?RemoveCertificate@RPKIServiceAPI@@QBEHABVTDesC8@@0@Z @ 30 NONAME ; int RPKIServiceAPI::RemoveCertificate(class TDesC8 const &, class TDesC8 const &) const
+ ?RemoveKeypair@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@@Z @ 31 NONAME ; int RPKIServiceAPI::RemoveKeypair(class TBuf8<20> const &) const
+ ?SetApplicabilityL@RPKIServiceAPI@@QBEXABVTDesC8@@0ABV?$RArray@VTUid@@@@@Z @ 32 NONAME ; void RPKIServiceAPI::SetApplicabilityL(class TDesC8 const &, class TDesC8 const &, class RArray<class TUid> const &) const
+ ?SetInformational@RPKIServiceAPI@@QAEXH@Z @ 33 NONAME ; void RPKIServiceAPI::SetInformational(int)
+ ?SetStoreType@RPKIServiceAPI@@QBEHHW4TPkiServiceStoreType@@@Z @ 34 NONAME ; int RPKIServiceAPI::SetStoreType(int, enum TPkiServiceStoreType) const
+ ?SetStoreType@RPKIServiceAPI@@QBEHW4TPkiServiceStoreType@@@Z @ 35 NONAME ; int RPKIServiceAPI::SetStoreType(enum TPkiServiceStoreType) const
+ ?SetTrust@RPKIServiceAPI@@QBEHABVTDesC8@@0ABH@Z @ 36 NONAME ; int RPKIServiceAPI::SetTrust(class TDesC8 const &, class TDesC8 const &, int const &) const
+ ?Sign@RPKIServiceAPI@@QBEHABV?$TBuf8@$0BE@@@ABVTDesC8@@AAVTDes8@@@Z @ 37 NONAME ; int RPKIServiceAPI::Sign(class TBuf8<20> const &, class TDesC8 const &, class TDes8 &) const
+ ?Sign@RPKIServiceAPI@@QBEHABVTDesC8@@00W4TX509KeyUsage@@IW4TPKIKeyAlgorithm@@0AAVTDes8@@@Z @ 38 NONAME ; int RPKIServiceAPI::Sign(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, enum TX509KeyUsage, unsigned int, enum TPKIKeyAlgorithm, class TDesC8 const &, class TDes8 &) const
+ ?StoreCertificate@RPKIServiceAPI@@QBEHW4TPKICertificateOwnerType@@ABHIW4TPKIKeyAlgorithm@@ABVTDesC8@@@Z @ 39 NONAME ; int RPKIServiceAPI::StoreCertificate(enum TPKICertificateOwnerType, int const &, unsigned int, enum TPKIKeyAlgorithm, class TDesC8 const &) const
+ ?StoreCertificateL@RPKIServiceAPI@@QAEXW4TPKICertificateOwnerType@@IW4TPKIKeyAlgorithm@@ABVTDesC8@@PAPAXAAVTRequestStatus@@@Z @ 40 NONAME ; void RPKIServiceAPI::StoreCertificateL(enum TPKICertificateOwnerType, unsigned int, enum TPKIKeyAlgorithm, class TDesC8 const &, void * *, class TRequestStatus &)
+ ?StoreKeypair@RPKIServiceAPI@@QAEXAAV?$TBuf8@$0BE@@@ABVTDesC8@@AAVTRequestStatus@@@Z @ 41 NONAME ; void RPKIServiceAPI::StoreKeypair(class TBuf8<20> &, class TDesC8 const &, class TRequestStatus &)
+ ?Trusted@RPKIServiceAPI@@QBEHABVTDesC8@@0AAH@Z @ 42 NONAME ; int RPKIServiceAPI::Trusted(class TDesC8 const &, class TDesC8 const &, int &) const
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for project pkiserviceapi
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+
+pkiserviceapisymb.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/group/pkiserviceapisymb.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project pkiserviceapi
+*
+*/
+
+#include <platform_paths.hrh>
+
+
+TARGET pkiserviceapi.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101FAE06
+
+//CAPABILITY ProtServ NetworkControl NetworkServices
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE pkiserviceapi.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE clistatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../pkiservice/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../vpncommon/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY utlpkcs10.lib
+LIBRARY certstore.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/inc/pkidefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,127 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI definitions module
+*
+*/
+
+
+
+#ifndef __PKIDEFS_H__
+#define __PKIDEFS_H__
+
+#include <x509certext.h>
+
+const TInt MAX_FILENAME_LENGTH = 64;
+const TInt SHORT_FILENAME_LENGTH = 64;
+
+const TUint32 KMaxX500DN = 256;
+const TUint32 KMaxRfc822 = 64;
+const TUint32 KMaxUsageDer = 16;
+const TUint32 KMaxSerial = 128;
+
+
+// Certificate / Key Store type identifiers
+enum TPkiServiceStoreType
+ {
+ EPkiStoreTypeAny = 0,
+ EPkiStoreTypeUser = 0x01,
+ EPkiStoreTypeDevice = 0x10
+ };
+
+// Certificate / Key Store identifiers
+const TInt STORE_KEYSTORE = 1;
+const TInt STORE_CERTSTORE = 2;
+
+
+
+/**
+* Definitions used by PKI Service API
+*/
+const TInt KPKISHA1HashLengthBytes = 20;
+typedef TBuf8<KPKISHA1HashLengthBytes> TPKISHA1Hash;
+
+typedef TPKISHA1Hash TPKIKeyIdentifier;
+
+// PKI Service API error codes
+// NOTE! The error code values below MUST be kept in sync with
+// the corresponding error code values defined together by
+// vpnapi/data/vpnerr.rss and vpnapi/data/vpnerr.ra
+const TInt KPKIErrWrongObjectType = -5240;
+const TInt KPKIErrObjectUninitialized = -5241;
+const TInt KPKIErrPassword = -5242;
+const TInt KPKIErrServiceBusy = -5243;
+const TInt KPKIErrCancel = -5244;
+const TInt KPKIErrBufferTooShort = -5245;
+const TInt KPKIErrCertRequestParam = -5246;
+const TInt KPKIErrCertRequest = -5247;
+const TInt KPKIErrNotFound = -5248;
+const TInt KPKIErrAmbiguous = -5249;
+const TInt KPKIErrNotSupported = -5250;
+const TInt KPKIErrUnexpectedState = -5251;
+const TInt KPKIErrKeyStoreEmpty = -5252;
+
+
+enum TPKICertificateOwnerType
+{
+ EPKICACertificate,
+ EPKIUserCertificate,
+ EPKIPeerCertificate
+};
+
+
+enum TPKIKeyAlgorithm
+{
+ EPKIInvalidAlgorithm = 0,
+ EPKIRSA = 1,
+ EPKIDSA = 2,
+ EPKIDH = 3
+};
+
+
+typedef TX509KeyUsage TPKIKeyUsage;
+
+
+
+class TCertificateRequestListEntry
+{
+ public:
+ TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+};
+
+
+class TCertificateListEntry
+{
+ public:
+ TPKICertificateOwnerType iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set
+ TBuf8<KMaxX500DN> iTrustedAuthority; // Cert TrustedAuthority
+ TBuf8<KMaxX500DN> iIdentitySubjectName; // Identity subject name
+ TBuf8<KMaxSerial> iSerialNumber; // Serialnumber
+ TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key
+ TPkiServiceStoreType iStoreType;
+ TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+ TUint iKeySize; // Key size
+ TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA
+ TBool iIsDeletable; //
+};
+
+class TKeyListEntry
+{
+ public:
+ TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+ TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key
+ TUint iKeySize; // Key size
+ TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA
+};
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/inc/pkiserviceapi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,559 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI Service API
+*
+*/
+
+
+
+/**
+ * $file pkiserviceapi.h
+ *
+ * PKI server API module
+ *
+ */
+
+#ifndef __PKISERVICEAPI_H__
+#define __PKISERVICEAPI_H__
+
+#include "pkidefs.h"
+
+/**
+ * @mainpage PKI Service API
+ *
+ * @section intro Overview
+ *
+ * PKI Service API is an interface to a module called PKI Service.
+ * PKI Service is responsible of maintaining PKI keys and certificates
+ * and it provides a set of operations addressed to these objects, such as:
+ *
+ * <ul>
+ * <li>Save keypair</li>
+ * <li>Create keypair</li>
+ * <li>Save certificate</li>
+ * <li>Attach enrolled certificate to a generated key</li>
+ * <li>Sign using specified key</li>
+ * <li>Decrypt using specified key</li>
+ * <li>Read public key of a generated key</li>
+ * <li>Read certificate</li>
+ * <li>Remove keypaiR</li>
+ * <li>Remove certificate</li>
+ * <li>Build PKCS#10 certificate enrollment request for a generated key</li>
+ * </ul>
+ *
+ * PKI Service is implemented upon the Symbian Crypto Token Framework (CTF).
+ * CFT concept supports different types of stores to hold the PKI tokens.
+ * Main store types are: file store and WIM based store.
+ *
+ * Only one asynchronous operation can be pending at any time. KPKIErrServiceBusy status code will be returned,
+ * if any function except CancelPendingOperation is called.
+*/
+
+/**
+ * PKI Service API
+ *
+ * The API follows the standard Symbian OS client-server
+ * programming patterns.
+ */
+class RPKIServiceAPI:public RSessionBase
+{
+ /**
+ @internalComponent
+ */
+ public:
+ /**
+ * Constructor
+ */
+ IMPORT_C RPKIServiceAPI(void);
+ /**
+ * Opens a connection (session) to the PKI server.
+ *
+ * @return KErrNone if the connection succeeds, a system-wide error code
+ * if not.
+ */
+ IMPORT_C TInt Connect();
+ /**
+ * Closes the connection (session) to the PKI server.
+ */
+ IMPORT_C void Close();
+
+ /**
+ * Lock keystore
+ * PIN code must be given again to unlock the keystore
+ *
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ *
+ */
+ IMPORT_C void Logoff(TRequestStatus& aRequestStatus);
+
+ /**
+ * All operations referencing to private keys require a PIN,
+ * which protects the private key storage.
+ * The given PIN is valid until the service is terminated.
+ * By giving the PIN using the Logon function, you can avoid
+ * PIN dialogs during other private key operations.
+ *
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ *
+ */
+ IMPORT_C void Logon(TRequestStatus& aRequestStatus);
+
+ /**
+ * Cancel the latest asynchronous operation
+ *
+ * @return Synchronous general error code
+ */
+ IMPORT_C TInt CancelPendingOperation();
+
+ /**
+ * This function returns the required buffer size for the operation
+ * which has failed with error code KPKIErrBufferTooShort
+ *
+ * @return Synchronous general error code
+ */
+ IMPORT_C TInt GetRequiredBufferSize(TInt &aSize);
+
+ /**
+ * Change existing PIN value. Decrypts the key store using the old PIN
+ * and encrypts the contents with the new PIN
+ *
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ *
+ */
+ IMPORT_C void ChangePassword(TRequestStatus& aRequestStatus);
+
+ /**
+ * Sign using key specified by given SHA1 hash
+ *
+ * @param aKeyId Idenfies the key used in signing
+ * @param aHashIn The data to be signed
+ * @param aSignature [out] The result of the signing operation
+ */
+ IMPORT_C TInt Sign(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aHashIn, TDes8& aSignature) const;
+
+ /**
+ * Sign using the key specified by arguments of the corresponding user certificate
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aIdentitySubjectName Text or ASN1 format string representing part of the subject name of the certificate.
+ * @param aIdentityRfc822Name Text format string representing rfc822Name in subjectAltName.
+ * @param aKeyUsage Usage bits of the certified key. Use 'OR' to build a required bit combination.
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aHashIn Data to be signed.
+ * @param aSignature [out] Returned signature value.
+ *
+ */
+ IMPORT_C TInt Sign(const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKIKeyUsage aKeyUsage,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aHashIn,
+ TDes8& aSignature) const;
+
+ /**
+ * Decrypt using the key specified by given SHA1 hash
+ *
+ * @param aKeyId Idenfies the key used in decrypting
+ * @param aDataIn The data to be decrypted
+ * @param aDataOut [out] The result of the decryption operation
+ */
+ IMPORT_C TInt Decrypt(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aDataIn, TDes8& aDataOut) const;
+
+ /**
+ * Store keypair having listed characteristics, returns keyId (SHA1 hash of the key)
+ *
+ * @param aKeyId [out] Returned keyId
+ * @param aKeyDataIn A descriptor of the buffer containing keypair bytes (ASN1 or encrypted PKCS#5 format).
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void StoreKeypair(TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aKeyDataIn,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * Generate keypair having given characteristics
+ *
+ * @param aKeyId [out] Returned keyId
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void GenerateKeypair(TPKIKeyIdentifier& aKeyId,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * Read public key of a generated keypair
+ *
+ * @param aKeyId Idenfies the key used.
+ * @param aDataOut [out] Returned public key bytes in ASN1 format.
+ */
+ IMPORT_C TInt ReadPublicKey(const TPKIKeyIdentifier& aKeyId,
+ TDes8& aDataOut) const;
+
+ /**
+ * Read a certificate having listed characteristics
+ * For CA certificates, only aTrustedAuthority, aOwnerType and aCert parameters meaningful.
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aIdentitySubjectName Text or ASN1 format string representing part of the subject name of the certificate.
+ * @param aIdentityRfc822Name Text format string representing rfc822Name in subjectAltName.
+ * @param aOwnerType Type of the requested certificate.
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aCert [out] Returned ASN1 encoded certificate.
+ * @param aResArray [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void ReadCertificateL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKICertificateOwnerType aOwnerType,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ TDes8 &aCert,
+ TAny **aResArray,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * Read a certificate having listed characteristics
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ * @param aCert [out] Returned ASN1 encoded certificate.
+ */
+ IMPORT_C TInt ReadCertificate(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TDes8 &aCert);
+
+ /**
+ * Read a certificate having listed characteristics
+ * @param aKeyId SubjectKeyID.
+ * @param aCert [out] Returned ASN1 encoded certificate.
+ * @param aResArray [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void ReadCertificateL(const TPKIKeyIdentifier& aKeyId,
+ TDes8 &aCert,
+ TAny **aResArray,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * List all certificates
+ * @param aCertList [out] Returned list of certificates.
+ */
+ IMPORT_C void ListCertificatesL(CArrayFix<TCertificateListEntry> *&aCertList);
+
+ /**
+ * List CA certificates applicable for all requested applications
+ * @param aApplications List of applications
+ * @param aCertList [out] Returned list of certificates.
+ */
+ IMPORT_C void ListApplicableCertificatesL(const RArray<TUid>& aApplications,
+ CArrayFix<TCertificateListEntry> *&aCertList);
+
+ /**
+ * List all keys. Returns list of all keys stored in the device.
+ *
+ * @param aKeyList [out] Returned list of keys.
+ */
+ IMPORT_C void ListKeysL(CArrayFix<TKeyListEntry> *&aKeyList);
+
+
+ /**
+ * Store a certificate having listed characteristics
+ * For CA certificates, only aOwnerType and aDataIn parameters are meaningful.
+ *
+ * @param aOwnerType Type of the certificate.
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aDataIn A descriptor of the buffer conatining ASN1 coded certificate bytes.
+ * @param aResArray [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void StoreCertificateL(const TPKICertificateOwnerType aOwnerType,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn,
+ TAny **aResArray,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * Store a certificate having listed characteristics
+ * For CA certificates, only aOwnerType and aDataIn parameters are meaningful.
+ *
+ * @param aOwnerType Type of the certificate.
+ * @param aIsDeletable true if certificate is deletable
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aDataIn A descriptor of the buffer conatining ASN1 coded certificate bytes.
+ */
+ IMPORT_C TInt StoreCertificate(const TPKICertificateOwnerType aOwnerType,
+ const TBool& aIsDeletable,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn) const;
+
+ /**
+ * Attach a user certificate having listed characteristics to a generated key identified by keyId
+ *
+ * @param aKeyId Idenfies the key to attach the certificate
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aDataIn A descriptor of the buffer conatining ASN1 coded certificate bytes.
+ * @param aResArray [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+ * @param aRequestStatus [out] A reference to the request status object. On
+ * request completion, contains the return code of the request.
+ */
+ IMPORT_C void AttachCertificateL(const TPKIKeyIdentifier& aKeyId,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn,
+ TAny **aResArray,
+ TRequestStatus& aRequestStatus);
+
+ /**
+ * Attach a user certificate having listed characteristics to a generated key identified by keyId
+ *
+ * @param aKeyId Idenfies the key to attach the certificate
+ * @param aIsDeletable true if certificate is deletable
+ * @param aKeySize Size of the key in bits.
+ * @param aKeyAlgorithm Algorithm of the key.
+ * @param aDataIn A descriptor of the buffer conatining ASN1 coded certificate bytes.
+ */
+ IMPORT_C TInt AttachCertificate(const TPKIKeyIdentifier& aKeyId,
+ const TBool& aIsDeletable,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn) const;
+
+ /**
+ * Remove keypair identified by keyId
+ *
+ * @param aKeyId Idenfies the key used
+ */
+ IMPORT_C TInt RemoveKeypair(const TPKIKeyIdentifier& aKeyId) const;
+
+ /**
+ * Remove certificate identified by listed characteristics
+ * For CA certificates, only aTrustedAuthority and aOwnerType parameters meaningful.
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ */
+ IMPORT_C TInt RemoveCertificate(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber) const;
+
+
+ /**
+ * Creates and saves a certificate request
+ *
+ * @param aKeyId KeyId of the key for which the certificate will be generated
+ * @param aSubjectName Subject name of the certificate owner
+ * @param aSubjectAltName SubjectAlt name of the certificate owner
+ * @param aChallengePw ChallengePw of the certificate owner
+ * @param aDNSName DNS name of the certificate owner
+ * @param aCertRequestRef Identifier of the returned certificate request
+ * @param arequestLength [out] Length of the ertificate request
+ */
+ IMPORT_C void CreateAndSaveCertificateRequestL(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aSubjectName,
+ const TDesC8& aSubjectAltNameRfc822,
+ const TDesC8& aChallengePw,
+ const TDesC8& aDNSName,
+ TDes& aCertRequestRef,
+ TInt& aRequestLength);
+
+ /**
+ * Reads a certificate request
+ *
+ * @param aCertRequestRef Identifier of the certificate request
+ * @param aCertRequest [out] Certificate request data
+ */
+ IMPORT_C TInt ReadCertificateRequest(const TDesC& aCertRequestRef,
+ TDes8& aCertRequest) const;
+
+ /**
+ * Deletes a certificate request
+ *
+ * @param aCertRequestRef Identifier of the certificate request
+ */
+ IMPORT_C TInt DeleteCertificateRequest(const TDesC& aCertRequestRef) const;
+
+ /**
+ * ReleaseResources. Must be called every time when an asyncronous request has completed and synchronously returned TAny **aResArray.
+ *
+ * @param aResObject Object pointer returned as a result in an earlier asynchronous operation.
+ *
+ */
+ IMPORT_C void Finalize(TAny *aResObject);
+
+ /**
+ * Change trust setting of a certificate in Symbian certificate store
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ * @param aTrusted ETrue, if trusted; EFalse, otherwise
+ */
+ IMPORT_C TInt SetTrust(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ const TBool& aTrusted) const;
+
+ /**
+ * Read trust setting of a certificate in Symbian certificate store
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ * @param aTrusted returns ETrue, if trusted; EFalse, otherwise
+ */
+ IMPORT_C TInt Trusted(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TBool& aTrusted) const;
+
+ /**
+ * Set applications of a certificate in Symbian certificate store
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ * @param aApplications list of applications (uids) for whom the certificate is applicable
+ */
+ IMPORT_C void SetApplicabilityL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ const RArray<TUid>& aApplications) const;
+
+ /**
+ * Get applications of a certificate in Symbian certificate store
+ *
+ * @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+ * @param aSerialNumber serial number of the certificate
+ * @param aApplications list of applications (uids) for whom the certificate is applicable
+ */
+ IMPORT_C void ApplicationsL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ RArray<TUid>& aApplications) const;
+
+ /**
+ * Get certificate details of a certificate in Symbian certificate store
+ *
+ * @param aKeyId SubjectKeyID
+ * @param aCertDetails details of a certificate
+ */
+ IMPORT_C TInt CertificateDetails(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TCertificateListEntry &aCertDetails) const;
+
+ /**
+ * Get details of a key.
+ * This method searches the key from both the User store
+ * and device cert store.
+ *
+ * @param aKeyId SubjectKeyID
+ * @param aKeyDetails [out] Returned details of a key.
+ *
+ * @return KErrNone if no error occured or an error code.
+ */
+ IMPORT_C TInt KeyDetails(const TPKIKeyIdentifier& aKeyId,
+ TKeyListEntry &aKeyDetails) const;
+
+
+
+ /**
+ * List all certificate request
+ * @param aCertReqList [out] Returned list of certificates.
+ */
+ IMPORT_C void ListCertificateRequestsL(CArrayFix<TCertificateRequestListEntry> *&aCertReqList) const;
+
+ /**
+ * Specify which certificate store to use for keystore AND certstore operations within this
+ * PKI session. This setting can be changed at any time, and all subsequent operations will
+ * use the specified store type until the state is changed again.
+ *
+ * If SetStoreType is not called, then both cert store and key store are set to type
+ * STORETYPE_USER.
+ *
+ * Options are:
+ * STORETYPE_DEVICE: Use device keystore / certstore (will not prompt for password)
+ * STORETYPE_USER: Use user keystore / certstore (will prompt for password)
+ * STORETYPE_ANY: Use device and user keystore / certstore
+ *
+ * @param aStoreType Desired store type for all consequent operations on both
+ * certificate store and key store. Supported values:
+ * STORETYPE_DEVICE, STORETYPE_USER, STORETYPE_ANY.
+ *
+ * @return KErrNone iff store type was changed successfully.
+ */
+ IMPORT_C TInt SetStoreType(TPkiServiceStoreType aStoreType) const;
+
+ /**
+ * Specify the store type for EITHER the keystore OR the certstore.
+ *
+ * @param aStore Either STORE_KEYSTORE or STORE_CERTSTORE.
+ * @param aStoreType Desired store type for all operations on the specified store.
+ * Supported values: STORETYPE_DEVICE, STORETYPE_USER, STORETYPE_ANY.
+ *
+ * @return KErrNone iff store type was changed successfully.
+ */
+ IMPORT_C TInt SetStoreType(TInt aStore, TPkiServiceStoreType aStoreType) const;
+
+ /**
+ * Get cert store type.
+ *
+ * @param aStoreType [out] Either STORETYPE_DEVICE, STORETYPE_USER or STORETYPE_ANY.
+ *
+ * @return KErrNone iff store type supported
+ */
+ IMPORT_C TInt CertStoreType(TPkiServiceStoreType& aStoreType) const;
+
+ /**
+ * Get key store type.
+ *
+ * @param aStoreType [out] Either STORETYPE_DEVICE, STORETYPE_USER or STORETYPE_ANY.
+ *
+ * @return KErrNone iff store type supported
+ */
+ IMPORT_C TInt KeyStoreType(TPkiServiceStoreType& aStoreType) const;
+
+ /**
+ * Makes every subsequent certificate-related query an informational one.
+ * Informational, in this context, means that even expired certificates
+ * turn up in queries / searches. This should only be set when the certificate
+ * isn't used for any functional purpose -- i.e. only when using the certificate
+ * data to display certificate details on VPN UI Policy Details view.
+ *
+ * @param aInfoOnly If ETrue, all subsequent queries will produce results
+ * that include expired certificates; if EFalse, only
+ * temporally valid certificates will be included.
+ */
+ IMPORT_C void SetInformational(const TBool aInfoOnly);
+
+
+ private:
+ static TBool Pkcs10SignCallbackL(const TDesC8& aDigest, TDes8& aSignature,
+ const TPKIKeyIdentifier& aKeyId,
+ TAny* aContext);
+};
+
+#endif
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/rom/pkiserviceapi.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project pkiserviceapi
+*
+*/
+
+
+
+#ifndef __PKISERVICEAPI_IBY__
+#define __PKISERVICEAPI_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature PKISERVICEAPI not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\pkiserviceapi.dll SHARED_LIB_DIR\pkiserviceapi.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __PKISERVICEAPI_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiserviceapi/src/pkiserviceapi.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1223 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKI Service API
+*
+*/
+
+
+
+#include <e32std.h>
+#include <e32math.h>
+
+#include "pkiserviceapi.h"
+#include "clistatic.h"
+#include "pkcs10.h"
+#include "pkiserviceclientservercommon.h"
+#include "pkisession.h"
+
+#include <certificateapps.h>
+
+
+/**---------------------------------------------------------
+ *
+ * RPKIServiceAPI class constructor
+ *
+ *----------------------------------------------------------*/
+
+EXPORT_C RPKIServiceAPI::RPKIServiceAPI()
+ {
+ }
+
+EXPORT_C TInt RPKIServiceAPI::Connect()
+//
+// Connect to the server attempting to start it if necessary
+//
+ {
+ TInt retry=2;
+ for (;;)
+ {
+ TInt r=CreateSession(KPkiServerName,
+ TVersion(KPkiMajorVersion,
+ KPkiMinorVersion,
+ KPkiBuildVersion),
+ KDefaultMessageSlots);
+
+ if (r!=KErrNotFound && r!=KErrServerTerminated)
+ {
+ if (r == KErrNone)
+ {
+ r = SendReceive(PkiService::EInitialize,TIpcArgs(NULL));
+ if (r != KErrNone)
+ {
+ RSessionBase::Close();
+ }
+ }
+ return r;
+ }
+ if (--retry==0)
+ return r;
+ r = Launcher::LaunchServer(KPkiServerName, KPkiServerImg,
+ KPkiServiceUid3, KMyServerInitHeapSize,
+ KMyServerMaxHeapSize, KMyServerStackSize);
+
+ if (r!=KErrNone && r!=KErrAlreadyExists)
+ return r;
+ }
+ }
+
+/**---------------------------------------------------------
+ *
+ * Logon(TRequestStatus& aRequestStatus)
+ *
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::Logon(TRequestStatus& aRequestStatus)
+ {
+ SendReceive(PkiService::ELogon,TIpcArgs(NULL), aRequestStatus);
+ }
+
+/**----------------------------------------------------------
+* Lock keystore
+* PIN code must be given again to unlock the keystore
+*
+* @param aRequestStatus [out] A reference to the request status object. On
+* request completion, contains the return code of the request.
+*
+*-------------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::Logoff(TRequestStatus& aRequestStatus)
+ {
+ SendReceive(PkiService::ELogoff,TIpcArgs(NULL), aRequestStatus);
+ }
+
+
+
+/**---------------------------------------------------------
+ *
+ * ChangePassword(TRequestStatus& aRequestStatus)
+ *
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ChangePassword(TRequestStatus& aRequestStatus)
+ {
+ SendReceive(PkiService::EChangePassword,TIpcArgs(NULL), aRequestStatus);
+ }
+
+/**---------------------------------------------------------
+ *
+ * SignL(const TDesC8& aKeyId, const TDesC8& aHashIn, TDes8& aSignature,
+ * TAny **aResourceObject, TRequestStatus& aRequestStatus)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::Sign(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aHashIn,
+ TDes8& aSignature) const
+ {
+ return SendReceive(PkiService::ESignWithKeyId, TIpcArgs(&aKeyId, &aHashIn, &aSignature));
+ }
+
+/**---------------------------------------------------------
+ *
+ * SignL(const TDesC8& aTrustedAuthority, const TPKICertificateOwnerType aOwnerType, const TPKIKeyUsage aKeyUsage,
+ * const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm, const TDesC8& aHashIn, TDes8& aSignature,
+ * TAny **aResourceObject, TRequestStatus& aRequestStatus)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::Sign(const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKIKeyUsage aKeyUsage,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aHashIn,
+ TDes8& aSignature) const
+ {
+ TInt err = KErrNone;
+
+ TSecurityObjectDescriptor *privateKeyDesc = new TSecurityObjectDescriptor;
+ if (privateKeyDesc != NULL)
+ {
+ privateKeyDesc->SetTrustedAuthority(aTrustedAuthority);
+ privateKeyDesc->SetIdentitySubjectName(aIdentitySubjectName);
+ privateKeyDesc->SetIdentityRfc822Name(aIdentityRfc822Name);
+ privateKeyDesc->SetOwnerType(EPKIUserCertificate); // Always user cert
+ privateKeyDesc->SetKeyUsage(aKeyUsage);
+ privateKeyDesc->SetKeySize(aKeySize);
+ privateKeyDesc->SetKeyAlgorithm(aKeyAlgorithm);
+
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*privateKeyDesc);
+
+ //Send request to the server
+ err = SendReceive (PkiService::ESignWithCert, TIpcArgs(&pckgTSecurityObjectDescriptor, &aHashIn, &aSignature));
+
+ delete privateKeyDesc;
+ privateKeyDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * TInt DecryptL(const TDesC8& aKeyId, const TDesC8& aDataIn, TDes8& aDataOut,
+ * TAny **aResourceObject, TRequestStatus& aRequestStatus)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::Decrypt(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aDataIn,
+ TDes8& aDataOut) const
+ {
+ return SendReceive (PkiService::EDecrypt, TIpcArgs(&aKeyId, &aDataIn, &aDataOut));
+ }
+
+/**---------------------------------------------------------
+ *
+ * StoreKeypairL(TDesC8& aKeyId, const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm,
+ * const TDesC8& aKeyDataIn, TBool aEncrypted, TRequestStatus& aRequestStatus)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::StoreKeypair(TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aKeyDataIn,
+ TRequestStatus& aRequestStatus)
+ {
+
+ SendReceive (PkiService::EStoreKeypair,
+ TIpcArgs(&aKeyId, &aKeyDataIn),
+ aRequestStatus);
+ }
+
+/**---------------------------------------------------------
+ *
+ * GenerateKeypairL(TDesC8& aKeyId, const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm,
+ * TRequestStatus& requestStatus)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::GenerateKeypair(TPKIKeyIdentifier& aKeyId,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ TRequestStatus& aRequestStatus)
+ {
+
+ __ASSERT_DEBUG(aKeyAlgorithm == EPKIRSA || aKeyAlgorithm == EPKIDSA, User::Invariant());
+
+ SendReceive (PkiService::EGenerateKeypair,
+ TIpcArgs(&aKeyId, aKeySize, static_cast<TUint>(aKeyAlgorithm)),
+ aRequestStatus);
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * CancelPendingOperation()
+ *
+ *
+ * Returns:
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::CancelPendingOperation()
+ {
+ //Send request to the server
+ return SendReceive (PkiService::ECancelPendingOperation, TIpcArgs(NULL));
+ }
+
+/**---------------------------------------------------------
+ *
+ * GetRequiredBufferSize
+ *
+ *
+ * Returns:
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::GetRequiredBufferSize(TInt &aSize)
+ {
+ TInt size;
+ TPckg<TInt> pckgSize(size);
+ TInt ret = SendReceive (PkiService::EGetRequiredBufferSize, TIpcArgs(&pckgSize));
+ aSize = size;
+ return ret;
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ReadPublicKeyL(const TDesC8& aKeyId, TDes8& aDataOut)
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::ReadPublicKey(const TPKIKeyIdentifier& aKeyId,
+ TDes8& aDataOut) const
+ {
+ return SendReceive (PkiService::EReadPublicKey,
+ TIpcArgs(&aKeyId, &aDataOut));
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * ReadCertificateL(const TDesC8& aTrustedAuthority, const TPKICertificateOwnerType aOwnerType, const TPKIKeyUsage aKeyUsage,
+ * const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm, HBufC8 *&aCert)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ReadCertificateL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKICertificateOwnerType aOwnerType,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ TDes8 &aCert,
+ TAny **aResourceObject,
+ TRequestStatus& aRequestStatus)
+ {
+ TPckgBuf<TSecurityObjectDescriptor> *pckgTSecurityObjectDescriptor = new (ELeave) TPckgBuf<TSecurityObjectDescriptor>();
+ CleanupStack::PushL(pckgTSecurityObjectDescriptor);
+ TSecurityObjectDescriptor& certDesc = (*pckgTSecurityObjectDescriptor)();
+
+ if (aTrustedAuthority.Length() > 0)
+ {
+ certDesc.SetTrustedAuthority(aTrustedAuthority);
+ }
+
+ if (aIdentitySubjectName.Length() > 0)
+ {
+ certDesc.SetIdentitySubjectName(aIdentitySubjectName);
+ }
+
+ if (aIdentityRfc822Name.Length() > 0)
+ {
+ certDesc.SetIdentityRfc822Name(aIdentityRfc822Name);
+ }
+
+ if (aKeySize != 0)
+ {
+ certDesc.SetKeySize(aKeySize);
+ }
+
+ if(aOwnerType != EPKICACertificate)
+ {
+ certDesc.SetKeyUsage(EX509DigitalSignature);
+ certDesc.SetKeyAlgorithm(aKeyAlgorithm);
+ }
+
+ certDesc.SetOwnerType(aOwnerType);
+
+ //Send request to the server
+ SendReceive (PkiService::EReadCertificate, TIpcArgs(pckgTSecurityObjectDescriptor, &aCert), aRequestStatus);
+ CleanupStack::Pop();
+
+ *aResourceObject = pckgTSecurityObjectDescriptor;
+ }
+
+/**---------------------------------------------------------
+ *
+ * ReadCertificateL
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::ReadCertificate(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TDes8 &aCert)
+{
+ TInt err = KErrNone;
+
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ //Send request to the server
+ err = SendReceive (PkiService::EReadCertificate, TIpcArgs(&pckgTSecurityObjectDescriptor,
+ &aCert));
+
+ delete certDesc;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+}
+
+
+/**--------------------------------------------------------------------------
+* Read a certificate having listed characteristics
+* @param aKeyId SubjectKeyID.
+* @param aCert [out] Returned ASN1 encoded certificate.
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+* @param aRequestStatus [out] A reference to the request status object. On
+* request completion, contains the return code of the request.
+*---------------------------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ReadCertificateL(const TPKIKeyIdentifier& aKeyId,
+ TDes8 &aCert,
+ TAny **aResourceObject,
+ TRequestStatus& aRequestStatus)
+{
+ TPckgBuf<TSecurityObjectDescriptor> *pckgTSecurityObjectDescriptor = new (ELeave) TPckgBuf<TSecurityObjectDescriptor>();
+ CleanupStack::PushL(pckgTSecurityObjectDescriptor);
+ TSecurityObjectDescriptor& certDesc = (*pckgTSecurityObjectDescriptor)();
+
+ certDesc.SetSubjectKeyId(aKeyId);
+
+ //Send request to the server
+ SendReceive (PkiService::EReadCertificate, TIpcArgs(pckgTSecurityObjectDescriptor, &aCert), aRequestStatus);
+ CleanupStack::Pop();
+
+ *aResourceObject = pckgTSecurityObjectDescriptor;
+}
+
+
+/**---------------------------------------------------------
+ *
+ * ListCertificatesL
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ListCertificatesL(CArrayFix<TCertificateListEntry> *&aCertList)
+{
+ TInt certCount = SendReceive(PkiService::ECertCount, TIpcArgs(NULL));
+
+ TInt certListGranularity = certCount;
+ if (certListGranularity == 0)
+ {
+ certListGranularity = 1;
+ }
+
+ CArrayFix<TCertificateListEntry>* certList;
+ certList = new (ELeave) CArrayFixFlat<TCertificateListEntry>(certListGranularity);
+ if (certCount == 0)
+ {
+ aCertList = certList;
+ return;
+ }
+
+ CleanupStack::PushL(certList);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(certCount * sizeof(TCertificateListEntry));
+
+ TPtr8 ptrList = list->Ptr(0);
+
+ User::LeaveIfError(SendReceive (PkiService::EGetCertList, TIpcArgs(&ptrList)));
+
+ TCertificateListEntry certInfo;
+ for (TInt i = 0; i < certCount; i++)
+ {
+ list->Read(i * sizeof(TCertificateListEntry), (TAny*)&certInfo, sizeof(TCertificateListEntry));
+ certList->AppendL(certInfo);
+ }
+
+ CleanupStack::PopAndDestroy(1); // list
+ CleanupStack::Pop(); // certList
+
+ aCertList = certList;
+}
+
+/**---------------------------------------------------------
+* List CA certificates applicable for all requested applications
+* @param aApplications List of applications
+* @param aCertList [out] Returned list of certificates.
+* @param aRequestStatus [out] A reference to the request status object. On
+* request completion, contains the return code of the request.
+*---------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ListApplicableCertificatesL(const RArray<TUid>& aApplications,
+ CArrayFix<TCertificateListEntry>*& aCertList)
+{
+
+ TPckgC<TInt> applCount(aApplications.Count());
+ // Allocate a buffer for the application uid list
+ CBufFlat* applList = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(applList);
+ applList->ResizeL(aApplications.Count() * sizeof(TUid));
+
+ TInt i = 0;
+ for(i=0;i<aApplications.Count();i++)
+ {
+ applList->Write(i * sizeof(TUid), (TAny*)&(aApplications[i]), sizeof(TUid));
+ }
+
+ // Application Uid list
+ TPtr8 ptrList = applList->Ptr(0);
+
+ TInt certCount = SendReceive(PkiService::EApplicableCertCount, TIpcArgs(&applCount, &ptrList));
+
+ CleanupStack::PopAndDestroy(1); // applList
+ TInt certListGranularity = certCount;
+ if (certListGranularity == 0)
+ {
+ certListGranularity = 1;
+ }
+
+ CArrayFix<TCertificateListEntry>* certList;
+ certList = new (ELeave) CArrayFixFlat<TCertificateListEntry>(certListGranularity);
+ if (certCount == 0)
+ {
+ aCertList = certList;
+ return;
+ }
+
+ CleanupStack::PushL(certList);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(certCount * sizeof(TCertificateListEntry));
+
+ TPtr8 ptrList2 = list->Ptr(0);
+
+ User::LeaveIfError(SendReceive (PkiService::EGetApplicableCertList, TIpcArgs(&ptrList2)));
+
+ TCertificateListEntry certInfo;
+ for (i = 0; i < certCount; i++)
+ {
+ list->Read(i * sizeof(TCertificateListEntry), (TAny*)&certInfo, sizeof(TCertificateListEntry));
+ certList->AppendL(certInfo);
+ }
+
+ CleanupStack::PopAndDestroy(1); // list
+ CleanupStack::Pop(); // certList
+
+ aCertList = certList;
+}
+
+
+
+/**---------------------------------------------------------
+ *
+ * ListKeysL
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ListKeysL(CArrayFix<TKeyListEntry> *&aKeyList)
+{
+ TInt keyCount = SendReceive(PkiService::EKeyCount, TIpcArgs(NULL));
+ User::LeaveIfError(keyCount);
+
+ TInt keyListGranularity = keyCount;
+ if (keyListGranularity == 0)
+ {
+ keyListGranularity = 1;
+ }
+
+ CArrayFix<TKeyListEntry>* keyList;
+ keyList = new (ELeave) CArrayFixFlat<TKeyListEntry>(keyListGranularity);
+ if (keyCount == 0)
+ {
+ aKeyList = keyList;
+ return;
+ }
+
+ CleanupStack::PushL(keyList);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TKeyListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(keyCount * sizeof(TKeyListEntry));
+
+ TPtr8 ptrList = list->Ptr(0);
+
+ User::LeaveIfError(SendReceive (PkiService::EGetKeyList, TIpcArgs(&ptrList)));
+
+ TKeyListEntry keyInfo;
+ for (TInt i = 0; i < keyCount; i++)
+ {
+ list->Read(i * sizeof(TKeyListEntry), (TAny*)&keyInfo, sizeof(TKeyListEntry));
+ keyList->AppendL(keyInfo);
+ }
+
+ CleanupStack::PopAndDestroy(1); // list
+ CleanupStack::Pop(); // keyList
+
+ aKeyList = keyList;
+}
+
+
+/**---------------------------------------------------------
+ *
+ * StoreCertificateL(const TPKICertificateOwnerType aOwnerType,
+ * const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm, const TDesC8& aDataIn)
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::StoreCertificateL(const TPKICertificateOwnerType aOwnerType,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn,
+ TAny **aResourceObject,
+ TRequestStatus& aRequestStatus)
+ {
+ __ASSERT_DEBUG(aDataIn.Length() > 0, User::Invariant());
+
+ TPckgBuf<TSecurityObjectDescriptor> *pckgTSecurityObjectDescriptor = new (ELeave) TPckgBuf<TSecurityObjectDescriptor>();
+ CleanupStack::PushL(pckgTSecurityObjectDescriptor);
+ TSecurityObjectDescriptor& certDesc = (*pckgTSecurityObjectDescriptor)();
+
+ certDesc.SetOwnerType(aOwnerType);
+ certDesc.SetKeySize(aKeySize);
+ certDesc.SetKeyAlgorithm(aKeyAlgorithm);
+ certDesc.SetIsDeletable(ETrue);
+
+ //Send request to the server
+ SendReceive (PkiService::EStoreCertificate, TIpcArgs(pckgTSecurityObjectDescriptor, &aDataIn), aRequestStatus);
+ CleanupStack::Pop();
+
+ *aResourceObject = pckgTSecurityObjectDescriptor;
+ }
+
+
+/**------------------------------------------------------------------------
+* Store a certificate having listed characteristics
+* For CA certificates, only aOwnerType and aDataIn parameters are meaningful.
+*
+* @param aOwnerType Type of the certificate.
+* @param aLabel Label of the key
+* @param aCertFormat certificate format
+* @param aIsDeletable true if certificate is deletable
+* @param aKeySize Size of the key in bits.
+* @param aKeyAlgorithm Algorithm of the key.
+* @param aDataIn A descriptor of the buffer conatining ASN1 coded certificate bytes.
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+* @param aRequestStatus [out] A reference to the request status object. On
+* request completion, contains the return code of the request.
+*----------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::StoreCertificate(const TPKICertificateOwnerType aOwnerType,
+ const TBool& aIsDeletable,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn) const
+ {
+ __ASSERT_DEBUG(aDataIn.Length() > 0, User::Invariant());
+
+ TInt err = KErrNone;
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetOwnerType(aOwnerType);
+ certDesc->SetKeySize(aKeySize);
+ certDesc->SetKeyAlgorithm(aKeyAlgorithm);
+ certDesc->SetIsDeletable(aIsDeletable);
+
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ //Send request to the server
+ err = SendReceive (PkiService::EStoreCertificate,
+ TIpcArgs(&pckgTSecurityObjectDescriptor, &aDataIn));
+
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+
+ return err;
+ }
+
+
+
+/**---------------------------------------------------------
+ *
+ * AttachCertificateL(const TDesC8& aKeyId,
+ * const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm, const TDesC8& aDataIn)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::AttachCertificateL(const TPKIKeyIdentifier& aKeyId,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn,
+ TAny **aResourceObject,
+ TRequestStatus& aRequestStatus)
+ {
+
+ __ASSERT_DEBUG(aDataIn.Length() > 0, User::Invariant());
+
+ TPckgBuf<TSecurityObjectDescriptor> *pckgTSecurityObjectDescriptor = new (ELeave) TPckgBuf<TSecurityObjectDescriptor>();
+ CleanupStack::PushL(pckgTSecurityObjectDescriptor);
+ TSecurityObjectDescriptor& certDesc = (*pckgTSecurityObjectDescriptor)();
+
+ certDesc.SetSubjectKeyId(aKeyId);
+ certDesc.SetOwnerType(EPKIUserCertificate);
+ certDesc.SetKeySize(aKeySize);
+ certDesc.SetKeyAlgorithm(aKeyAlgorithm);
+
+ //Send request to the server
+ SendReceive (PkiService::EAttachCertificate, TIpcArgs(pckgTSecurityObjectDescriptor, &aDataIn), aRequestStatus);
+ CleanupStack::Pop();
+
+ *aResourceObject = pckgTSecurityObjectDescriptor;
+ }
+
+/**--------------------------------------------------------------------------------
+* Attach a user certificate having listed characteristics to a
+* generated key identified by keyId
+*
+* @param aKeyId Idenfies the key to attach the certificate
+* @param aIsDeletable true if certificate is deletable
+* @param aKeySize Size of the key in bits.
+* @param aKeyAlgorithm Algorithm of the key.
+* @param aDataIn A descriptor of the buffer containing ASN1
+* coded certificate bytes.
+* @return the return code of the request.
+*---------------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::AttachCertificate(const TPKIKeyIdentifier& aKeyId,
+ const TBool& aIsDeletable,
+ const TUint aKeySize,
+ const TPKIKeyAlgorithm aKeyAlgorithm,
+ const TDesC8& aDataIn) const
+ {
+
+ __ASSERT_DEBUG(aDataIn.Length() > 0, User::Invariant());
+
+ TInt err(KErrNone);
+ TSecurityObjectDescriptor* certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetSubjectKeyId(aKeyId);
+ certDesc->SetOwnerType(EPKIUserCertificate);
+ certDesc->SetKeySize(aKeySize);
+ certDesc->SetKeyAlgorithm(aKeyAlgorithm);
+ certDesc->SetIsDeletable(aIsDeletable);
+
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ //Send request to the server
+ err = SendReceive (PkiService::EAttachCertificate, TIpcArgs(&pckgTSecurityObjectDescriptor, &aDataIn));
+
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+
+ return err;
+ }
+
+
+
+
+/**---------------------------------------------------------
+ *
+ * RemoveKeypairL(const TDesC8& aKeyId)
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::RemoveKeypair(const TPKIKeyIdentifier& aKeyId) const
+ {
+ return SendReceive(PkiService::ERemoveKeypair, TIpcArgs(&aKeyId));
+ }
+
+
+/**---------------------------------------------------------
+ *
+ * RemoveCertificateL(const TDesC8& aTrustedAuthority, const TPKICertificateOwnerType aOwnerType, const TPKIKeyUsage aKeyUsage,
+ * const TUint aKeySize, const TPKIKeyAlgorithm aKeyAlgorithm)
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::RemoveCertificate(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber) const
+ {
+ TInt err = KErrNone;
+
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ //Send request to the server
+ err = SendReceive (PkiService::ERemoveCertificate, TIpcArgs(&pckgTSecurityObjectDescriptor));
+
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+}
+
+/**---------------------------------------------------------
+ *
+ * Pkcs10SignCallbackL
+ *
+ *----------------------------------------------------------*/
+TBool RPKIServiceAPI::Pkcs10SignCallbackL(const TDesC8& aDigest, TDes8& aSignature,
+ const TPKIKeyIdentifier& aKeyId,
+ TAny* aContext)
+{
+ RPKIServiceAPI *pkiServiceApi = STATIC_CAST(RPKIServiceAPI*, aContext);
+ User::LeaveIfError(pkiServiceApi->Sign(aKeyId, aDigest, aSignature));
+ return ETrue;
+}
+
+
+/**---------------------------------------------------------
+ *
+ * CreateAndSaveCertificateRequestL
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::CreateAndSaveCertificateRequestL(const TPKIKeyIdentifier& aKeyId,
+ const TDesC8& aSubjectName,
+ const TDesC8& aSubjectAltNameRfc822,
+ const TDesC8& aChallengePw,
+ const TDesC8& aDNSName,
+ TDes& aCertRequestRef,
+ TInt& aRequestLength)
+{
+ TBuf8<2> testPublicKey;
+ HBufC8 *publicKeyBuffer = NULL;
+
+ TInt bSize = 0;
+
+ // Get public key
+ TInt err = ReadPublicKey(aKeyId, testPublicKey);
+ if(err == KPKIErrBufferTooShort)
+ {
+ GetRequiredBufferSize(bSize);
+ }
+ else if(err == KErrNone)
+ {
+ return;
+ }
+ else
+ {
+ User::Leave(err);
+ }
+
+ publicKeyBuffer = HBufC8::NewLC(bSize);
+ TPtr8 publicKeyBufferDes = publicKeyBuffer->Des();
+ err = ReadPublicKey(aKeyId, publicKeyBufferDes);
+ User::LeaveIfError(err);
+
+ CPkcs10Req *pkcs10Instance = new (ELeave) CPkcs10Req;
+ CleanupStack::PushL(pkcs10Instance);
+
+ if (pkcs10Instance->SetDistinguishedNameExtendedL(aSubjectName) != KErrNone)
+ {
+ User::Leave(KPKIErrCertRequestParam);
+ }
+ if (pkcs10Instance->SetSubjectAltNameRfc822(aSubjectAltNameRfc822) != KErrNone)
+ {
+ User::Leave(KPKIErrCertRequestParam);
+ }
+ if (pkcs10Instance->SetChallengePw(aChallengePw) != KErrNone)
+ {
+ User::Leave(KPKIErrCertRequestParam);
+ }
+ if (pkcs10Instance->SetDNSName(aDNSName) != KErrNone)
+ {
+ User::Leave(KPKIErrCertRequestParam);
+ }
+ if (pkcs10Instance->SetPublicKey(publicKeyBufferDes) != KErrNone)
+ {
+ User::Leave(KPKIErrCertRequestParam);
+ }
+
+ TSignCallback signCallBackL = Pkcs10SignCallbackL;
+ HBufC8* certRequest = pkcs10Instance->CreateCertificateRequestLC(
+ HASH_TYPE_MD5, aKeyId, ETrue, EFalse, signCallBackL, this);
+ if (!certRequest)
+ {
+ CleanupStack::PopAndDestroy(2); // publicKeyBuffer, pkcs10Instance
+ User::Leave(KPKIErrCertRequest);
+ }
+ //Send request to the server
+
+ TRequestStatus requestStatus;
+ SendReceive (PkiService::ESaveCertificateRequest, TIpcArgs(certRequest, &aCertRequestRef, &aKeyId), requestStatus);
+ User::WaitForRequest(requestStatus);
+ aRequestLength = certRequest->Length();
+ CleanupStack::PopAndDestroy(3); // certRequesr, publicKeyBuffer, pkcs10Instance
+ User::LeaveIfError(requestStatus.Int());
+}
+
+
+/**---------------------------------------------------------
+ *
+ * ReadCertificateRequest
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::ReadCertificateRequest(const TDesC& aCertRequestRef,
+ TDes8& aCertRequest) const
+{
+ //Send request to the server
+ return SendReceive (PkiService::EReadCertificateRequest, TIpcArgs(&aCertRequestRef, &aCertRequest));
+}
+
+/**---------------------------------------------------------
+ *
+ * DeleteCertificateRequest
+ *
+ *----------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::DeleteCertificateRequest(const TDesC& aCertRequestRef) const
+{
+ //Send request to the server
+ return SendReceive (PkiService::EDeleteCertificateRequest, TIpcArgs(&aCertRequestRef));
+}
+
+/**---------------------------------------------------------
+ *
+ * Finalize
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::Finalize(TAny *aResourceObject)
+ {
+ if(aResourceObject != NULL)
+ {
+ delete static_cast<TPckgBuf<TSecurityObjectDescriptor>*>(aResourceObject);
+ }
+ }
+
+
+/**-----------------------------------------------------------------------
+* Change trust setting of a certificate in Symbian certificate store
+*
+* @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+* @param aSerialNumber serial number of the certificate
+* @param aTrusted ETrue, if trusted; EFalse, otherwise
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+* @param aRequestStatus [out] A reference to the request status object. On
+* request completion, contains the return code of the request.
+*------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::SetTrust(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ const TBool& aTrusted) const
+{
+ TInt err = KErrNone;
+
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ TPckgC<TBool> trust(aTrusted);
+ //Send request to the server
+ err = SendReceive (PkiService::ESetTrust, TIpcArgs(&pckgTSecurityObjectDescriptor, &trust));
+
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+}
+
+
+/**---------------------------------------------------------------------------
+* Read trust setting of a certificate in Symbian certificate store
+*
+* @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+* @param aSerialNumber serial number of the certificate
+* @param aTrusted returns ETrue, if trusted; EFalse, otherwise
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+*---------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::Trusted(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TBool& aTrusted) const
+{
+ TInt err = KErrNone;
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+ TPckg<TBool> trust(aTrusted);
+
+ //Send request to the server
+ err = SendReceive (PkiService::ETrusted, TIpcArgs(&pckgTSecurityObjectDescriptor, &trust));
+
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+}
+
+
+/**---------------------------------------------------------------------------
+* Set applications of a certificate in Symbian certificate store
+*
+* @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+* @param aSerialNumber serial number of the certificate
+* @param aApplications list of applications (uids) for whom the certificate is applicable
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+*---------------------------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::SetApplicabilityL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ const RArray<TUid>& aApplications) const
+{
+ TSecurityObjectDescriptor *certDesc = new (ELeave) TSecurityObjectDescriptor;
+ CleanupStack::PushL(certDesc);
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+
+ TPckgC<TInt> applCount(aApplications.Count());
+ // Allocate a buffer for the application uid list
+ CBufFlat* applList = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(applList);
+ applList->ResizeL(aApplications.Count() * sizeof(TUid));
+
+ TInt i = 0;
+ for(i=0;i<aApplications.Count();i++)
+ {
+ applList->Write(i * sizeof(TUid), (TAny*)&(aApplications[i]), sizeof(TUid));
+ }
+
+ // Application Uid list
+ TPtr8 ptrList = applList->Ptr(0);
+
+ //Send request to the server
+ User::LeaveIfError(SendReceive (PkiService::ESetApplicability, TIpcArgs(&pckgTSecurityObjectDescriptor, &applCount, &ptrList)));
+ CleanupStack::PopAndDestroy(applList);
+ CleanupStack::PopAndDestroy(); //certDesc
+}
+
+
+/**---------------------------------------------------------------------------
+* Get applications of a certificate in Symbian certificate store
+*
+* @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+* @param aSerialNumber serial number of the certificate
+* @param aApplications list of applications (uids) for whom the certificate is applicable
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+*---------------------------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ApplicationsL(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ RArray<TUid>& aApplications) const
+{
+ TSecurityObjectDescriptor *certDesc = new (ELeave) TSecurityObjectDescriptor;
+ CleanupStack::PushL(certDesc);
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+ TInt count = 0;
+ TPckg<TInt> pckgCount(count);
+ // Allocate a buffer for the application uid list
+ CBufFlat* applList = CBufFlat::NewL(sizeof(TUid));
+ CleanupStack::PushL(applList);
+ // Reserve space for applications
+ CCertificateAppInfoManager* appsMan = CCertificateAppInfoManager::NewLC();
+ const RArray<TCertificateAppInfo>& apps = appsMan->Applications();
+ applList->ResizeL(apps.Count() * sizeof(TUid));
+ count = apps.Count();
+ CleanupStack::PopAndDestroy(1); // appsMan
+
+ // Application Uid list
+ TPtr8 ptrList = applList->Ptr(0);
+
+ //Send request to the server
+ User::LeaveIfError(SendReceive (PkiService::EApplications, TIpcArgs(&pckgTSecurityObjectDescriptor, &pckgCount, &ptrList)));
+
+ TUid temp;
+ for (TInt i = 0; i < count; i++)
+ {
+ applList->Read(i * sizeof(TUid), (TAny*)&temp, sizeof(TUid));
+ aApplications.Append(temp);
+ }
+ CleanupStack::PopAndDestroy(1); // applList
+ CleanupStack::PopAndDestroy(); //certDesc
+}
+
+
+/**---------------------------------------------------------------------------
+* Get certificate details of a certificate in Symbian certificate store
+*
+* @param aTrustedAuthority Text or ASN1 format subtree name of the CA
+* @param aSerialNumber serial number of the certificate
+* @param aCertDetails details of a certificate
+* @param aResourceObject [out] This returned object must be given as a parameter in the Finalize call when this function has completed.
+*---------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::CertificateDetails(const TDesC8& aTrustedAuthority,
+ const TDesC8& aSerialNumber,
+ TCertificateListEntry &aCertDetails) const
+{
+ TInt err = KErrNone;
+ TSecurityObjectDescriptor *certDesc = new TSecurityObjectDescriptor;
+ if (certDesc != NULL)
+ {
+ certDesc->SetTrustedAuthority(aTrustedAuthority);
+ certDesc->SetSerialNumber(aSerialNumber);
+ TPckg<TSecurityObjectDescriptor> pckgTSecurityObjectDescriptor(*certDesc);
+
+
+ TPckg<TCertificateListEntry> certDetails(aCertDetails);
+
+ //Send request to the server
+ err = SendReceive (PkiService::EGetCertDetails, TIpcArgs(&certDetails, &pckgTSecurityObjectDescriptor));
+ delete certDesc;
+ certDesc = NULL;
+ }
+ else
+ {
+ err = KErrNoMemory;
+ }
+ return err;
+}
+
+
+/**-------------------------------------------------------------------------
+* Get details of a key
+* @param aKeyId SubjectKeyID
+* @param aKeyDetails [out] Returned details of a key.
+*-------------------------------------------------------------------------*/
+EXPORT_C TInt RPKIServiceAPI::KeyDetails(const TPKIKeyIdentifier& aKeyId,
+ TKeyListEntry &aKeyDetails) const
+{
+ TPckg<TKeyListEntry> keyDetails(aKeyDetails);
+
+ //Send request to the server
+ return SendReceive (PkiService::EGetKeyDetails, TIpcArgs(&keyDetails, &aKeyId));
+}
+
+
+/**---------------------------------------------------------------------------
+* List all certificate request
+* @param aCertReqList [out] Returned list of certificates.
+*---------------------------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::ListCertificateRequestsL(
+ CArrayFix<TCertificateRequestListEntry> *&aCertReqList) const
+{
+ // Get request count
+ TInt reqCount = SendReceive(PkiService::ECertReqCount, TIpcArgs(NULL));
+
+ TInt reqListGranularity = reqCount;
+ if (reqListGranularity == 0)
+ {
+ reqListGranularity = 1;
+ }
+
+ CArrayFix<TCertificateRequestListEntry>* reqList;
+ reqList = new (ELeave) CArrayFixFlat<TCertificateRequestListEntry>(reqListGranularity);
+ if (reqCount == 0)
+ {
+ aCertReqList = reqList;
+ return;
+ }
+
+ CleanupStack::PushL(reqList);
+
+ CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateRequestListEntry));
+ CleanupStack::PushL(list);
+ list->ResizeL(reqCount * sizeof(TCertificateRequestListEntry));
+
+ TPtr8 ptrList = list->Ptr(0);
+
+ User::LeaveIfError(SendReceive (PkiService::EGetCertReqList, TIpcArgs(&ptrList)));
+
+ TCertificateRequestListEntry reqRef;
+ for (TInt i = 0; i < reqCount; i++)
+ {
+ list->Read(i * sizeof(TCertificateRequestListEntry), (TAny*)&reqRef, sizeof(TCertificateRequestListEntry));
+ reqList->AppendL(reqRef);
+ }
+
+ CleanupStack::PopAndDestroy(1); // list
+ CleanupStack::Pop(); // reqList
+
+ aCertReqList = reqList;
+}
+
+
+
+
+/**---------------------------------------------------------
+ *
+ * Close()
+ *
+ * Closes a session to PKIService
+ *
+ *
+ *----------------------------------------------------------*/
+EXPORT_C void RPKIServiceAPI::Close(void)
+{
+ RSessionBase::Close();
+}
+
+
+/**
+ * Set store types (either device or user stores used)
+ *
+ */
+EXPORT_C TInt RPKIServiceAPI::SetStoreType(TPkiServiceStoreType aStoreType) const
+ {
+ TInt ret = KErrNone;
+ TInt type(aStoreType);
+ // Make sure a valid store type has been specified
+ TPckgC<TInt> storeType(aStoreType);
+
+ // Use the requested store type for both cert and key stores.
+ ret = SendReceive(PkiService::ESetCertStoreType, TIpcArgs(type));
+ if (ret == KErrNone)
+ {
+ ret = SendReceive(PkiService::ESetKeyStoreType, TIpcArgs(type));
+ }
+
+ return ret;
+ }
+
+EXPORT_C TInt RPKIServiceAPI::SetStoreType(TInt aStore,
+ TPkiServiceStoreType aStoreType) const
+ {
+ TInt ret = KErrNone;
+
+ switch (aStore)
+ {
+ case STORE_KEYSTORE:
+ ret = SendReceive (PkiService::ESetKeyStoreType, TIpcArgs(aStoreType));
+ break;
+ case STORE_CERTSTORE:
+ ret = SendReceive (PkiService::ESetCertStoreType, TIpcArgs(aStoreType));
+ break;
+ default:
+ ret = KErrNotSupported;
+ }
+
+ return ret;
+ }
+
+EXPORT_C TInt RPKIServiceAPI::CertStoreType(TPkiServiceStoreType& aStoreType) const
+ {
+ aStoreType = static_cast<TPkiServiceStoreType>(SendReceive(PkiService::EGetCertStoreType));
+ return KErrNone;
+ }
+
+EXPORT_C TInt RPKIServiceAPI::KeyStoreType(TPkiServiceStoreType& aStoreType) const
+ {
+ aStoreType = static_cast<TPkiServiceStoreType>(SendReceive(PkiService::EGetKeyStoreType));
+ return KErrNone;
+ }
+
+EXPORT_C void RPKIServiceAPI::SetInformational(const TBool aInfoOnly)
+ {
+ SendReceive(PkiService::ESetInformational, TIpcArgs(aInfoOnly));
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/BMARM/EVENTMEDSITU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,10 @@
+EXPORTS
+ __4CSitP17MSitDeathListener @ 1 NONAME R3UNUSED ; CSit::CSit(MSitDeathListener *)
+ FindCancelEventType__4CSit10TEventType @ 2 NONAME R3UNUSED ; CSit::FindCancelEventType(TEventType)
+ FindTaskRequestEventType__4CSit10TEventType @ 3 NONAME R3UNUSED ; CSit::FindTaskRequestEventType(TEventType)
+ IsTaskCancellationObservationRequest__4CSit10TEventType @ 4 NONAME R3UNUSED ; CSit::IsTaskCancellationObservationRequest(TEventType)
+ StartL__4CSit @ 5 NONAME R3UNUSED ; CSit::StartL(void)
+ ThreadId__4CSit @ 6 NONAME R3UNUSED ; CSit::ThreadId(void)
+ "_._4CSit" @ 7 NONAME R3UNUSED ; CSit::~CSit(void)
+ EventRequiresSit__4CSit10TEventType @ 8 NONAME R3UNUSED ; CSit::EventRequiresSit(TEventType)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/EABI/eventmedsitU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,15 @@
+EXPORTS
+ _ZN4CSit16EventRequiresSitE10TEventType @ 1 NONAME
+ _ZN4CSit19FindCancelEventTypeE10TEventType @ 2 NONAME
+ _ZN4CSit24FindTaskRequestEventTypeE10TEventType @ 3 NONAME
+ _ZN4CSit36IsTaskCancellationObservationRequestE10TEventType @ 4 NONAME
+ _ZN4CSit6StartLEv @ 5 NONAME
+ _ZN4CSit8ThreadIdEv @ 6 NONAME
+ _ZN4CSitC1EP17MSitDeathListener @ 7 NONAME
+ _ZN4CSitC2EP17MSitDeathListener @ 8 NONAME
+ _ZN4CSitD0Ev @ 9 NONAME
+ _ZN4CSitD1Ev @ 10 NONAME
+ _ZN4CSitD2Ev @ 11 NONAME
+ _ZTI4CSit @ 12 NONAME ; #<TI>#
+ _ZTV4CSit @ 13 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/bwins/EVENTMEDSITU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,10 @@
+EXPORTS
+ ??0CSit@@QAE@PAVMSitDeathListener@@@Z @ 1 NONAME ; public: __thiscall CSit::CSit(class MSitDeathListener *)
+ ??1CSit@@UAE@XZ @ 2 NONAME ; public: virtual __thiscall CSit::~CSit(void)
+ ?EventRequiresSit@CSit@@SAHW4TEventType@@@Z @ 3 NONAME ; public: static int __cdecl CSit::EventRequiresSit(enum TEventType)
+ ?FindCancelEventType@CSit@@SA?AW4TEventType@@W42@@Z @ 4 NONAME ; public: static enum TEventType __cdecl CSit::FindCancelEventType(enum TEventType)
+ ?FindTaskRequestEventType@CSit@@SA?AW4TEventType@@W42@@Z @ 5 NONAME ; public: static enum TEventType __cdecl CSit::FindTaskRequestEventType(enum TEventType)
+ ?IsTaskCancellationObservationRequest@CSit@@SAHW4TEventType@@@Z @ 6 NONAME ; public: static int __cdecl CSit::IsTaskCancellationObservationRequest(enum TEventType)
+ ?StartL@CSit@@QAEXXZ @ 7 NONAME ; public: void __thiscall CSit::StartL(void)
+ ?ThreadId@CSit@@QAE?AVTThreadId@@XZ @ 8 NONAME ; public: class TThreadId __thiscall CSit::ThreadId(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+sit.mmp
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/group/sit.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project eventmedsit
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET eventmedsit.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101FD28D
+
+CAPABILITY ProtServ NetworkControl NetworkServices
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE sit.cpp
+SOURCE sitdeathobserver.cpp
+SOURCE taskarrivalobserver.cpp
+SOURCE taskhandler.cpp
+SOURCE taskhandlercreator.cpp
+SOURCE protocolversiongetter.cpp
+SOURCE vpnconnstarter.cpp
+SOURCE realiapconnobserver.cpp
+SOURCE vpnconncloser.cpp
+SOURCE eventlogger.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../kmdapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpnipsecpolparser/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../eventviewer/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../../vpnui/vpnecomnotifier/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY esock.lib
+LIBRARY insock.lib
+LIBRARY commdb.lib
+LIBRARY eventmedapi.lib
+LIBRARY vpnapi.lib
+LIBRARY kmdapi.lib
+LIBRARY ipsecpolapi.lib
+LIBRARY ikepolparser.lib
+LIBRARY vpnipsecpolparser.lib
+LIBRARY eventviewer.lib
+LIBRARY featmgr.lib
+LIBRARY cmmanager.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/eventlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,69 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event logger
+*
+*/
+
+
+
+// @file eventlogger.h
+
+#ifndef __EVENTLOGGER_H__
+#define __EVENTLOGGER_H__
+
+#include <e32base.h>
+#include <in_sock.h>
+#include <vpnlogmessages.rsg>
+
+#include "eventmediatorapi.h"
+#include "eventviewer.h"
+
+const TInt KMaxIpAddressLength = 64;
+
+_LIT8(KUnknownVpnAp, "Unknown VPN access point");
+_LIT8(KUnknownIap, "Unknown IAP");
+
+const TInt R_VPN_MSG_VPN_IAP_ACT_START = KMaxTInt;
+const TInt R_VPN_MSG_VPN_IAP_ACT_END = KMaxTInt - 1;
+const TInt R_VPN_MSG_VPN_IAP_ACT_CANCEL = KMaxTInt - 2;
+
+
+NONSHARABLE_CLASS(CEventLogger) : CBase
+ {
+public:
+ static CEventLogger* NewL(REventMediator& aEventMediator, TUint32 aVpnIapId, TUint32 aRealIapId);
+ void LogEvent(TUint aMsgId, TAny* aAnyPtr, TInt aStatusCode, TInt aReasonCode);
+ ~CEventLogger();
+
+private:
+ CEventLogger(REventMediator& aEventMediator, TUint32 aVpnIapId, TUint32 aRealIapId);
+ void ConstructL();
+
+ TInt DoLogEvent(TUint aMsgId, TAny* aAnyPtr, TInt aStatusCode, TInt aReasonCode);
+
+private:
+ TIapName iVpnApName;
+ TIapName iRealApName;
+ REventMediator& iEventMediator;
+ TUint32 iVpnIapId;
+ TUint32 iRealIapId;
+ };
+
+#define DEFINE_EVENT_LOGGER CEventLogger* iEventLogger;
+#define INIT_EVENT_LOGGER(a, b, c) TRAP_IGNORE(iEventLogger = CEventLogger::NewL(a, b, c););
+#define RELEASE_EVENT_LOGGER delete iEventLogger; iEventLogger = NULL;
+
+#define LOG_EVENT(a, b, c, d) if (iEventLogger) iEventLogger->LogEvent(a, b, c, d);
+
+#endif // __EVENTLOGGER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/log.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_H__)
+#define __LOG_H__
+
+_LIT(KLogFile,"sit.txt");
+
+#include "logcommon.h"
+
+// Ádditional debugging macros
+
+#ifdef _DEBUG
+#define DEB(a) a
+#else
+#define DEB(a)
+#endif
+
+#endif // __LOG_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/protocolversiongetter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,66 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for getting IP version
+*
+*/
+
+
+
+// @file protocolversiongetter.h
+
+#ifndef __PROTOCOL_VERSION_GETTER_H__
+#define __PROTOCOL_VERSION_GETTER_H__
+
+#include "sit.h"
+#include "taskhandler.h"
+#include "vpnapi.h"
+#include "eventdefssit.h"
+
+// Task handling states
+const TInt KStateGetProtocolVersion = 1;
+
+/**
+ * Protocol version getter task handler
+ */
+NONSHARABLE_CLASS(CProtocolVersionGetter) : public CTaskHandler
+ {
+public:
+ static CProtocolVersionGetter* NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ ~CProtocolVersionGetter();
+
+private: // From CTaskHandler
+ void StartTaskHandling();
+ void ChangeStateL();
+ void CancelOngoingOperation();
+ void ReportResult(TInt aStatus);
+
+private:
+ CProtocolVersionGetter(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ void ConstructL();
+
+ void StateGetProtocolVersionL();
+
+ void GetProtocolVersionL();
+ void ParseProtocolVersionL(const TDesC8& aPolicyData);
+
+private:
+ TPckgBuf<TGetProtocolVersionEventSpec> iEventSpecDes;
+ TGetProtocolVersionEventData iEventData;
+
+ RVpnServ iVpnServ;
+ };
+
+#endif // __PROTOCOL_VERSION_GETTER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/realiapconnobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,64 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for listening to the real interface
+*
+*/
+
+
+
+// @file realiapconnobserver.h
+
+#ifndef __REAL_IAP_CONN_OBSERVER_H__
+#define __REAL_IAP_CONN_OBSERVER_H__
+
+#include "sit.h"
+#include "taskhandler.h"
+#include "eventdefssit.h"
+
+// Task handler states
+const TInt KStateStartObserving = 1;
+const TInt KStateFinishObserving = 2;
+
+/**
+ * Real IAP connection observer task handler
+ */
+NONSHARABLE_CLASS(CRealIapConnObserver) : public CTaskHandler
+ {
+public:
+ static CRealIapConnObserver* NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ ~CRealIapConnObserver();
+
+public: // From MEventObserver
+ void EventOccured(TInt aStatus, TEventType aType, TDesC8* aData);
+
+private: // From CTaskHandler
+ void StartTaskHandling();
+ void ChangeStateL();
+ void CancelOngoingOperation();
+ void ReportResult(TInt aStatus);
+
+private:
+ CRealIapConnObserver(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ void ConstructL();
+
+ void StateStartObservingL();
+ void StateFinishObserving();
+
+private:
+ TPckgBuf<TObserveRealIapConnEventSpec> iEventSpecDes;
+ };
+
+#endif // __REAL_IAP_CONN_OBSERVER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/sit.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,86 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Socket Interaction Thread implementation.
+*
+*/
+
+
+
+#ifndef __SIT_H__
+#define __SIT_H__
+
+#include <e32std.h>
+#include <e32base.h>
+
+#include "eventmediatorapi.h"
+#include "sitdeathobserver.h"
+
+#ifndef TRAP_IGNORE
+#define TRAP_IGNORE(_s) {TInt _ignore;TTrap __t;if (__t.Trap(_ignore)==0){_s;TTrap::UnTrap();}}
+#endif
+
+_LIT(KSitName, "SocketInteractionThread");
+
+static const TUid KUidSit = {0x101FD28D};
+
+enum TSitPanic
+ {
+ EPanicUnknownEventType = 1,
+ EPanicInvalidTaskHandlerState,
+ EPanicUnexpectedEventOccured
+ };
+
+const TUint KSitMaxHeapSize = 0x80000; // 512 kB
+
+/**
+ * Socket Interaction Thread implementation
+ */
+class CSit : public CBase, public MSitDeathListener
+ {
+/**
+ ** @internalComponent
+ */
+public:
+ IMPORT_C CSit(MSitDeathListener* aSitDeathListener);
+ IMPORT_C ~CSit();
+
+ IMPORT_C void StartL();
+ IMPORT_C static TBool EventRequiresSit(TEventType aEventType);
+ IMPORT_C TThreadId ThreadId();
+ IMPORT_C static TEventType FindTaskRequestEventType(TEventType aCancelEventType);
+ IMPORT_C static TEventType FindCancelEventType(TEventType aTaskRequestEventType);
+ IMPORT_C static TBool IsTaskCancellationObservationRequest(TEventType aEventType);
+
+public: // From MSitDeathListener
+ void SitDied();
+
+public:
+ static HBufC16* To16BitL(const TDesC8& aDes);
+
+private:
+ void StartWorkingL();
+ void StartThreadL();
+
+ static TInt ThreadFunction(TAny* aParameters);
+
+private:
+ RThread* iTaskThread;
+
+ CSitDeathObserver* iSitDeathObserver;
+ MSitDeathListener* iSitDeathListener;
+
+ TEventType iEventType;
+ };
+
+#endif // __SIT_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/sitdeathobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,54 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: SIT thread death observer
+*
+*/
+
+
+
+// @file sitdeathobserver.h
+
+#ifndef __SIT_DEATH_OBSERVER_H__
+#define __SIT_DEATH_OBSERVER_H__
+
+#include <e32base.h>
+
+class MSitDeathListener
+ {
+public:
+ virtual void SitDied() = 0;
+ };
+
+/**
+ * SIT thread death observer
+ */
+NONSHARABLE_CLASS(CSitDeathObserver) : public CActive
+ {
+public:
+ CSitDeathObserver(TThreadId aThreadId, MSitDeathListener* aSitDeathListener);
+ ~CSitDeathObserver();
+
+ void StartObservingL();
+
+private: // From CActive
+ void DoCancel();
+ void RunL();
+
+private:
+ RThread iThreadToObserve;
+ TThreadId iThreadId;
+ MSitDeathListener* iSitDeathListener;
+ };
+
+#endif // __SIT_DEATH_OBSERVER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/taskarrivalobserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,90 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Combined task arrival observer and task handler manager
+*
+*/
+
+
+
+// @file taskarrivalobserver.h
+
+#ifndef __TASK_ARRIVAL_OBSERVER_H__
+#define __TASK_ARRIVAL_OBSERVER_H__
+
+#include "sit.h"
+#include "taskhandler.h"
+
+const TInt KUnfoundIndex = -1;
+
+class CAsyncCleaner;
+
+/**
+ * Combined task handler arrival observer and task handler manager.
+ */
+NONSHARABLE_CLASS(CTaskArrivalObserver) : public CAsyncOneShot, public MEventObserver, public MTaskHandlerManager
+ {
+public:
+ static CTaskArrivalObserver* NewL();
+ ~CTaskArrivalObserver();
+
+private: // From CAsyncOneShot
+ void RunL();
+
+public:
+ void Start();
+ void Cancel();
+ void DeleteTaskHandler(CTaskHandler* aTaskHandler);
+ void DeleteAsyncCleaner(CAsyncCleaner* aAsyncCleaner);
+
+private: // From MEventObserver
+ void EventOccured(TInt aStatus, TEventType aType, TDesC8* aData);
+
+private: // From MTaskHandlerManager
+ void TaskHandlerComplete(CTaskHandler* handler);
+ void TaskHandlerFatalError(CTaskHandler* handler, TInt aError);
+
+private: // Construction
+ CTaskArrivalObserver();
+ void ConstructL();
+
+private: // Implementation
+ void LaunchTaskHandlerL(const TTaskArrivedEventData& aEventSpec);
+ CTaskHandler* CreateTaskHandlerL(const TTaskArrivedEventData& aEventSpec);
+ TInt FindTaskHandler(CTaskHandler* aTaskHandler);
+ TInt FindAsyncCleaner(CAsyncCleaner* aAsyncCleaner);
+ void AsyncDeleteTaskHandler(CTaskHandler* aTaskHandler);
+
+private:
+ REventMediator iEventMediator;
+ CArrayPtrFlat<CTaskHandler>* iTaskHandlerList;
+ CArrayPtrFlat<CAsyncCleaner>* iAsyncCleanerList;
+ CTaskHandler* iTaskHandlerToDelete;
+ };
+
+NONSHARABLE_CLASS(CAsyncCleaner) : public CAsyncOneShot
+ {
+public:
+ CAsyncCleaner(CTaskArrivalObserver* aTaskArrivalObserver,
+ CTaskHandler* aTaskHandlerToDelete);
+ void Start();
+
+private: // From CAsyncOneShot
+ void RunL();
+
+private:
+ CTaskArrivalObserver* iTaskArrivalObserver;
+ CTaskHandler* iTaskHandlerToDelete;
+ };
+
+#endif // __TASK_ARRIVAL_OBSERVER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/taskhandler.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,96 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Base class for all task handlers
+*
+*/
+
+
+
+// @file taskhandler.h
+
+#ifndef __TASK_HANDLER_H__
+#define __TASK_HANDLER_H__
+
+#include "sit.h"
+
+class MTaskHandlerManager;
+
+/**
+ * Parent class of all task handlers
+ */
+NONSHARABLE_CLASS(CTaskHandler) : public CActive, public MEventObserver
+ {
+public:
+ CTaskHandler(MTaskHandlerManager* aManager, const TTaskArrivedEventData& aTaskInfo,
+ TEventType aCancelEventType, TDes8* iEventSpecPtr);
+ void Start();
+ void TaskDone();
+ void SetDelayedTaskEnd(TBool aDelayedTaskEnd);
+
+public: // From MEventObserver
+ void EventOccured(TInt aStatus, TEventType aType, TDesC8* aData);
+
+private: // From CActive
+ void DoCancel();
+ void RunL();
+
+protected: // From CActive
+ TInt RunError(TInt aError);
+
+private:
+ void OnFetchTaskInfoEvent(TInt aStatus, TDesC8* aData);
+ void OnTaskRequestCancelledEvent(TInt aStatus);
+
+protected:
+ virtual void StartTaskHandling() = 0;
+ virtual void ReportResult(TInt aStatus) = 0;
+
+ void GotoState(TInt aState);
+ void SetCurrState(TInt aState);
+ void SetNextState(TInt aState);
+ TInt CurrState();
+ TInt NextState();
+ virtual void ChangeStateL() = 0;
+ virtual void CancelOngoingOperation() = 0;
+
+ void ReportEvent(TEventType aEventType, TDesC8& aEventSpec, TDesC8& aEventData);
+ void TaskComplete(TInt aStatus = KErrNone);
+ void FatalError(TInt aStatus);
+
+protected:
+ MTaskHandlerManager* iManager;
+ const TTaskArrivedEventData& iTaskInfo;
+ TEventType iCancelEventType;
+ TDes8* iEventSpecPtr;
+
+ TInt iCurrState;
+ TInt iNextState;
+
+ TBool iDelayedTaskEnd;
+
+public:
+ REventMediator iEventMediator;
+ };
+
+/**
+ * An interface that the manager of task handlers must implement
+ */
+class MTaskHandlerManager
+ {
+public:
+ virtual void TaskHandlerComplete(CTaskHandler* aTaskHandler) = 0;
+ virtual void TaskHandlerFatalError(CTaskHandler* aTaskHandler, TInt aError) = 0;
+ };
+
+#endif // __TASK_HANDLER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/taskhandlercreator.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Provides set of static functions, e.g. for creating particular task handler.
+*
+*/
+
+
+
+#ifndef __TASK_HANDLER_CREATOR_H__
+#define __TASK_HANDLER_CREATOR_H__
+
+#include "sit.h"
+
+class MTaskHandlerManager;
+class CTaskHandler;
+
+class TaskHandlerCreator
+ {
+public:
+ static TBool EventRequiresSit(TEventType aEventType);
+ static TEventType FindTaskRequestEventType(TEventType aCancelEventType);
+ static TEventType FindCancelEventType(TEventType aTaskRequestEventType);
+ static TBool IsTaskCancellationObservationRequest(TEventType aEventType);
+ static CTaskHandler* CreateTaskHandlerL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aEventSpec);
+ };
+
+#endif // __TASK_HANDLER_CREATOR_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/vpnconncloser.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,71 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for closing VPN connection
+*
+*/
+
+
+
+// @file vpnconncloser.h
+
+#ifndef __VPN_CONN_CLOSER_H__
+#define __VPN_CONN_CLOSER_H__
+
+#include "sit.h"
+#include "taskhandler.h"
+#include "kmdapi.h"
+#include "ipsecpolapi.h"
+#include "eventlogger.h"
+#include "eventdefssit.h"
+
+// Task handling states
+const TInt KStateDeactivateKmd = 1;
+const TInt KStateUnloadIpsecPolicy = 2;
+const TInt KStateAfterUnloadIpsecPolicy = 3;
+
+/**
+ * Protocol version getter task handler
+ */
+NONSHARABLE_CLASS(CVpnConnCloser) : public CTaskHandler
+ {
+public:
+ static CVpnConnCloser* NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ ~CVpnConnCloser();
+
+private: // From CTaskHandler
+ void StartTaskHandling();
+ void ChangeStateL();
+ void CancelOngoingOperation();
+ void ReportResult(TInt aStatus);
+
+private:
+ CVpnConnCloser(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ void ConstructL();
+
+ void StateDeactivateKmdL();
+ void StateUnloadIpsecPolicy();
+ void StateAfterUnloadIpsecPolicy();
+
+private:
+ TPckgBuf<TCloseVpnConnEventSpec> iEventSpecDes;
+
+ RKMD iKmdServ;
+ RIpsecPolicyServ iPolicyServ;
+
+ DEFINE_EVENT_LOGGER
+ };
+
+#endif // __VPN_CONN_CLOSER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/inc/vpnconnstarter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,132 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN connection starter
+*
+*/
+
+#ifndef __VPN_CONN_STARTER_H__
+#define __VPN_CONN_STARTER_H__
+
+#include "sit.h"
+#include "taskhandler.h"
+#include "vpnapi.h"
+#include "kmdapi.h"
+#include "ipsecpolapi.h"
+#include "eventlogger.h"
+#include "spdb.h" // CSecPolBundleList
+#include "eventdefssit.h"
+
+class CIkeData;
+
+/**
+ * VPN connection starter task handler
+ *
+ * @lib (internal) eventmedsit.lib
+ * @since S60 3.0
+ */
+NONSHARABLE_CLASS(CVpnConnStarter) : public CTaskHandler
+ {
+public:
+ static CVpnConnStarter* NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ ~CVpnConnStarter();
+
+private: // From CTaskHandler
+ void StartTaskHandling();
+ void ChangeStateL();
+ void CancelOngoingOperation();
+ void ReportResult(TInt aStatus);
+
+private: // From CActive
+ TInt RunError(TInt aError);
+
+private:
+ CVpnConnStarter(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo);
+ void ConstructL();
+
+ void StateStartRealIap();
+ void StateRealIapConnectedL();
+ void StateGetVpnPolicyL();
+ void StateActivateKmdL();
+ void StateAfterActivateKmdL();
+ void StateLoadIpsecPolicy();
+ void StateAfterLoadIpsecPolicyL();
+ void StateActivateIpsecPolicy();
+ void StateAfterActivateIpsecPolicyL();
+
+ void RollbackProcess();
+ void ResolveIpsecFQDNL(CSecPolBundleList* aSecPolBundleList);
+ void ResolveIkeFQDNL(CIkeData* aIkeData);
+ TInetAddr ResolveFQDNL(const TDesC& aAddress);
+
+ /**
+ * FormCustomTrafficSelectorsL
+ * Store custom traffic selectors for IPsec
+ * if there's something in IKE policy that requires
+ * them. Nokia specific NAT-T is one feature that
+ * needs custom traffic selectors.
+ * @param aIkeData CIkeData pointer
+ */
+ void FormCustomTrafficSelectorsL(CIkeData *aIkeData);
+
+ /**
+ * InsertCustomTrafficSelectorsL
+ * Insert custom traffic selectors to policy buffer
+ * made by ipsecpolparser. Custom selector definitions
+ * are inserted right after [POLICY]\n string.
+ */
+ void InsertCustomTrafficSelectorsL();
+
+ void GetIkePolicyFromVpnPolicyL(const TDesC& aVpnPolicy);
+ void GetIpsecPolicyFromVpnPolicyL(const TDesC& aVpnPolicy);
+ void LoadIpsecPolicy();
+
+ void IsDhcpEnabledL(TBool& aDhcpEnabled);
+
+#if defined(__PFX_MIP4__)
+ TBool IsMip4FeaturePresent(void);
+#endif
+
+private: // data
+ TPckgBuf<TStartVpnConnEventSpec> iEventSpecDes;
+
+ RVpnServ iVpnServ;
+ RKMD iKmdServ;
+ RIpsecPolicyServ iPolicyServ;
+
+ HBufC8* iIkePolicyData;
+ HBufC8* iIpsecPolicyData;
+
+ // Custom IPsec traffic selectors
+ HBufC8 *iCustomTs;
+
+ TPolicyHandlePckg iIpsecPolicyHandleDes;
+
+ TUint iProcessingFlags;
+
+ TVPNAddress iVpnAddressInfo;
+ TVPNAddressPckg iVpnAddressInfoDes;
+
+ TUint32 iVpnIapId;
+
+ TVpnRealConnectionParams iIfInfo;
+ TPckg<TVpnRealConnectionParams> iIfInfoDes;
+
+ TZoneInfoSetPckg iZoneInfoSetDes;
+
+ DEFINE_EVENT_LOGGER
+ };
+
+#endif // __VPN_CONN_STARTER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/rom/eventmedsit.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project eventmedsit
+*
+*/
+
+
+
+#ifndef __EVENTMEDSIT_IBY__
+#define __EVENTMEDSIT_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature EVENTMEDSIT not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\eventmedsit.dll SHARED_LIB_DIR\eventmedsit.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __EVENTMEDSIT_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/eventlogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,159 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logs events related to the SIT tasks.
+*
+*/
+
+#include <ipsecpolapi.h>
+
+#include "sit.h"
+#include "eventlogger.h"
+#include "log.h"
+#include "eventmediatorapi.h"
+#include "vpnconnstarter.h"
+
+
+/**
+ * Used to log events related to the SIT tasks.
+ */
+CEventLogger* CEventLogger::NewL(REventMediator& aEventMediator, TUint32 aVpnIapId, TUint32 aRealIapId)
+ {
+ LOG(Log::Printf(_L("CEventLogger::NewL - begin\n")));
+ CEventLogger* self = new (ELeave) CEventLogger(aEventMediator, aVpnIapId, aRealIapId);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ LOG(Log::Printf(_L("CEventLogger::NewL - end\n")));
+ return self;
+ }
+
+CEventLogger::CEventLogger(REventMediator& aEventMediator, TUint32 aVpnIapId, TUint32 aRealIapId)
+ : iEventMediator(aEventMediator), iVpnIapId(aVpnIapId), iRealIapId(aRealIapId)
+ {
+ }
+
+void CEventLogger::ConstructL()
+ {
+ // Set default access point names just
+ // in case the real name fetching fails
+ iVpnApName.Copy(KUnknownVpnAp);
+ iRealApName.Copy(KUnknownIap);
+
+ EventViewer::GetIapNames(iVpnIapId, iVpnApName, iRealIapId, iRealApName);
+ }
+
+CEventLogger::~CEventLogger()
+ {
+ LOG(Log::Printf(_L("CEventLogger::~CEventLogger\n")));
+ }
+
+void CEventLogger::LogEvent(TUint aMsgId, TAny* aAnyPtr, TInt aStatusCode, TInt aReasonCode)
+ {
+ DoLogEvent( aMsgId, aAnyPtr, aStatusCode, aReasonCode );
+ }
+
+TInt CEventLogger::DoLogEvent(TUint aMsgId, TAny* aAnyPtr, TInt aStatusCode, TInt aReasonCode)
+ {
+ TBuf<KMaxIpAddressLength> ifAddr;
+ TBuf8<KMaxIpAddressLength> ifAddr8;
+
+ TPckgBuf<TInt> statusCodeDes(aStatusCode);
+
+ TUid sourceUid = (TUid)(KUidSit);
+
+ TInt ret = KErrNone;
+
+ switch (aMsgId)
+ {
+ case R_VPN_MSG_VPN_IAP_ACTIVATED:
+ if (aStatusCode == KErrNone)
+ {
+ static_cast<TInetAddr*>(aAnyPtr)->Output(ifAddr);
+ ifAddr8.Copy(ifAddr);
+
+ ret = iEventMediator.ReportLogEvent(sourceUid, EInfo, aMsgId, 2,
+ &iVpnApName, &ifAddr8);
+ }
+ break;
+
+ case R_VPN_MSG_VPN_IAP_ACT_FAILED:
+ if (aStatusCode == KKmdIkeNoCertFoundErr)
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EError,
+ R_VPN_MSG_VPN_IAP_ACT_FAILED_CERT_EXP_MISS,
+ 1, &iVpnApName);
+ }
+ else if (aStatusCode != KErrNone && aStatusCode != KErrCancel)
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EError, aMsgId, 2,
+ &iVpnApName, &statusCodeDes);
+ }
+ break;
+
+ case R_VPN_MSG_REAL_IAP_ACT_FAILED:
+ if (aStatusCode != KErrNone && aStatusCode != KErrCancel)
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EError, aMsgId, 3,
+ &iRealApName, &iVpnApName, &statusCodeDes);
+ }
+ break;
+
+ case R_VPN_MSG_VPN_IAP_DEACT:
+ if (aStatusCode == KErrNone ||
+ aStatusCode == EUnknownPolicyHandle)
+ {
+ if (aReasonCode == EDeactivateForced)
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_VPN_IAP_DEACT_REAL_IAP_TERMINATED, 2,
+ &iVpnApName, &iRealApName);
+ }
+ else
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EInfo, aMsgId, 1,
+ &iVpnApName);
+ }
+ }
+ break;
+
+ case R_VPN_MSG_REAL_IAP_REACTIVATED:
+ if (aStatusCode == KErrNone)
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EInfo, aMsgId, 2,
+ &iRealApName, &iVpnApName);
+ }
+ else
+ {
+ ret = iEventMediator.ReportLogEvent(sourceUid, EError, R_VPN_MSG_REAL_IAP_ACT_FAILED, 3,
+ &iRealApName, &iVpnApName, &statusCodeDes);
+ }
+ break;
+
+ case R_VPN_MSG_VPN_IAP_ACT_START:
+ // NSSM removal
+ break;
+
+ case R_VPN_MSG_VPN_IAP_ACT_CANCEL:
+ break;
+
+ case R_VPN_MSG_VPN_IAP_ACT_END:
+ break;
+
+ default:
+ return ret;
+ }
+
+ LOG(Log::Printf(_L("Logged event %d, logging status = %d\n"), aMsgId, ret));
+ return ret;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/protocolversiongetter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,168 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for getting IP version.
+*
+*/
+
+
+
+#include "protocolversiongetter.h"
+#include "ipsecpolparser.h"
+#include "log.h"
+
+CProtocolVersionGetter* CProtocolVersionGetter::NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ {
+ CProtocolVersionGetter* self = new (ELeave) CProtocolVersionGetter(aManager, aTaskInfo);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CProtocolVersionGetter::CProtocolVersionGetter(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ : CTaskHandler(aManager, aTaskInfo, EGetProtocolVersionCancelEvent, &iEventSpecDes)
+ {
+ }
+
+void CProtocolVersionGetter::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iEventMediator.Connect());
+ User::LeaveIfError(iVpnServ.Connect());
+ }
+
+CProtocolVersionGetter::~CProtocolVersionGetter()
+ {
+ Cancel();
+ iEventMediator.Close();
+ iVpnServ.Close();
+ }
+
+void CProtocolVersionGetter::StartTaskHandling()
+ {
+ GotoState(KStateGetProtocolVersion);
+ }
+
+void CProtocolVersionGetter::ChangeStateL()
+ {
+ switch (NextState())
+ {
+ case KStateGetProtocolVersion:
+ StateGetProtocolVersionL();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CProtocolVersionGetter::CancelOngoingOperation()
+ {
+ switch (CurrState())
+ {
+ case KStateGetProtocolVersion:
+ // There's no ongoing external request to cancel
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CProtocolVersionGetter::StateGetProtocolVersionL()
+ {
+ SetCurrState(KStateGetProtocolVersion);
+
+ // The protocol version getting process
+ // consists of one step only
+ GetProtocolVersionL();
+
+ TaskComplete(KErrNone);
+ }
+
+void CProtocolVersionGetter::ReportResult(TInt aStatus)
+ {
+ // Report the process status and protocol version
+ // information to the Event Mediator
+
+ iEventData.iTaskStatus = aStatus;
+ // Protocol version is already in iEventData
+
+ TPckg<TGetProtocolVersionEventData> eventDataDes(iEventData);
+ ReportEvent(EGetProtocolVersionEvent, iEventSpecDes, eventDataDes);
+ }
+
+void CProtocolVersionGetter::GetProtocolVersionL()
+ {
+ HBufC8* policyData = NULL;
+
+ // Load policy data via VPN Manager
+ User::LeaveIfError(iVpnServ.GetPolicyData(iEventSpecDes().iPolicyId, policyData));
+ CleanupStack::PushL(policyData);
+
+ ParseProtocolVersionL(*policyData);
+
+ CleanupStack::PopAndDestroy(); // policyData
+ }
+
+void CProtocolVersionGetter::ParseProtocolVersionL(const TDesC8& aPolicyData)
+ {
+ // Parse the data
+ CIpSecurityPiece* pieceData = new (ELeave) CIpSecurityPiece;
+ CleanupStack::PushL(pieceData);
+ pieceData->ConstructL();
+
+ // Copy policy to 16bit buffer
+ TInt length = aPolicyData.Length();
+ HBufC *policyDataHBufC16 = HBufC::NewL(length);
+ CleanupStack::PushL(policyDataHBufC16);
+ TPtr ptr(policyDataHBufC16->Des());
+ ptr.Copy(aPolicyData);
+
+ TIpSecParser parser(ptr); // Store policy to secparser
+ TInt err = parser.ParseAndIgnoreIKEL(pieceData);
+ if (err != KErrNone)
+ {
+ HBufC* errorInfo = HBufC16::NewL(200);
+ errorInfo->Des().Copy(pieceData->iErrorInfo);
+ LOG(TPtr ptr = errorInfo->Des(); Log::Printf(_L("Parsing error info: %S\n"), &ptr));
+ delete errorInfo;
+ CleanupStack::PopAndDestroy(2); // pieceData, policyDataHBufC16
+ User::Leave(err);
+ }
+
+ CleanupStack::PopAndDestroy(1); // policyDataHBufC16
+
+ CSecurityPolicy *securityPolicy = pieceData->Policies();
+ CSelectorList* selectorList = securityPolicy->SelectorList();
+ TInt selectorCount = selectorList->Count();
+ for (TInt i = 0; i < selectorCount; i++)
+ {
+ CPolicySelector *policySelector = selectorList->At(i);
+ if (policySelector->iRemote.Family() == KAfInet6)
+ {
+ iEventData.iProtocolVersion = EVersionIp6;
+ CleanupStack::PopAndDestroy(1); // pieceData
+ return;
+ }
+ }
+ if (selectorCount > 0)
+ {
+ iEventData.iProtocolVersion = EVersionIp;
+ }
+
+ CleanupStack::PopAndDestroy(1); // pieceData
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/realiapconnobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,151 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for listening to the real interface
+*
+*/
+
+// @file realiapconnobserver.cpp
+
+#include "realiapconnobserver.h"
+#include "log.h"
+
+CRealIapConnObserver* CRealIapConnObserver::NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ {
+ CRealIapConnObserver* self = new (ELeave) CRealIapConnObserver(aManager, aTaskInfo);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CRealIapConnObserver::CRealIapConnObserver(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ : CTaskHandler(aManager, aTaskInfo, EObserveRealIapConnCancelEvent, &iEventSpecDes)
+ {
+ }
+
+void CRealIapConnObserver::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iEventMediator.Connect());
+ }
+
+CRealIapConnObserver::~CRealIapConnObserver()
+ {
+ Cancel();
+ iEventMediator.Close();
+ }
+
+void CRealIapConnObserver::StartTaskHandling()
+ {
+ GotoState(KStateStartObserving);
+ }
+
+void CRealIapConnObserver::ChangeStateL()
+ {
+ switch (NextState())
+ {
+ case KStateStartObserving:
+ StateStartObservingL();
+ break;
+
+ case KStateFinishObserving:
+ StateFinishObserving();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CRealIapConnObserver::CancelOngoingOperation()
+ {
+ TPckg<TUint32> connInfoDes(iEventSpecDes().iVpnIapId);
+
+ switch (CurrState())
+ {
+ case KStateStartObserving:
+ // Cancel connection observation
+ iEventMediator.CancelListening(EKmdRealIapConnDownEvent, connInfoDes);
+ break;
+
+ case KStateFinishObserving:
+ // There's no ongoing external request to cancel
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CRealIapConnObserver::StateStartObservingL()
+ {
+ SetCurrState(KStateStartObserving);
+
+ TPckg<TUint32> connInfoDes(iEventSpecDes().iVpnIapId);
+ iEventMediator.ListenToEvent(EKmdRealIapConnDownEvent, connInfoDes, *this);
+ }
+
+void CRealIapConnObserver::EventOccured(TInt aStatus, TEventType aType, TDesC8* aData)
+ {
+ LOG(Log::Printf(_L("CRealIapConnObserver::EventOccured\n")));
+
+ if (aType == EKmdRealIapConnDownEvent)
+ {
+ // An erroneous aStatus would indicate that the event listening
+ // itself would have failed somehow. We interpret that so that
+ // in that case we just wouldn't get a notice if the real IAP
+ // connection goes down. If it would go down, application
+ // data would cease to move and the application or the user
+ // would notice that at some point and close the VPN connection.
+ if (aStatus == KErrNone)
+ {
+ LOG(Log::Printf(_L("CRealIapConnObserver::EventOccured (KMD informed that real IAP is down\n")));
+
+ TEventData eventData;
+ TPckg<TEventData> eventDataDes(eventData);
+ eventDataDes.Copy(*aData);
+
+ iStatus = eventData.iTaskStatus;
+
+ GotoState(KStateFinishObserving);
+ }
+ }
+ else
+ {
+ // Call the base class implementation to handle the event
+ CTaskHandler::EventOccured(aStatus, aType, aData);
+ }
+ }
+
+void CRealIapConnObserver::StateFinishObserving()
+ {
+ SetCurrState(KStateFinishObserving);
+
+ TaskComplete(iStatus.Int());
+ }
+
+void CRealIapConnObserver::ReportResult(TInt aStatus)
+ {
+ // Report the connection shutdown with status
+ // information to the Event Mediator
+
+ TObserveRealIapConnEventData eventData;
+
+ eventData.iTaskStatus = aStatus;
+
+ TPckg<TObserveRealIapConnEventData> eventDataDes(eventData);
+ ReportEvent(EObserveRealIapConnEvent, iEventSpecDes, eventDataDes);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/sit.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,202 @@
+/*
+* Copyright (c) 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Socket Interaction Thread implementation.
+*
+*/
+
+
+
+#include <e32math.h>
+#include "sit.h"
+#include "sitdeathobserver.h"
+#include "taskarrivalobserver.h"
+#include "taskhandlercreator.h"
+#include "log.h"
+
+// Exports
+
+EXPORT_C CSit::CSit(MSitDeathListener* aSitDeathListener)
+ : iTaskThread(NULL), iSitDeathListener(aSitDeathListener)
+ {
+ LOG(Log::Printf(_L("CSit::CSit\n")));
+ }
+
+EXPORT_C CSit::~CSit()
+ {
+ LOG(Log::Printf(_L("CSit::~CSit\n")));
+ delete iSitDeathObserver;
+
+ if (iTaskThread != NULL)
+ {
+ LOG(Log::Printf(_L("CSit::~CSit - closing task thread\n")));
+ iTaskThread->Close();
+ }
+ delete iTaskThread;
+ }
+
+EXPORT_C void CSit::StartL()
+ {
+ LOG(Log::Printf(_L("CSit::StartL\n")));
+
+ // Only start the thread if it is not already running
+ if (!iTaskThread)
+ {
+ LOG(Log::Printf(_L("CSit::StartL - thread not running, starting it\n")));
+ StartThreadL();
+ }
+ }
+
+EXPORT_C TThreadId CSit::ThreadId()
+ {
+ if (iTaskThread)
+ {
+ return iTaskThread->Id();
+ }
+ else
+ {
+ return 0;
+ }
+ }
+
+EXPORT_C TBool CSit::EventRequiresSit(TEventType aEventType)
+ {
+ return TaskHandlerCreator::EventRequiresSit(aEventType);
+ }
+
+EXPORT_C TEventType CSit::FindTaskRequestEventType(TEventType aCancelEventType)
+ {
+ return TaskHandlerCreator::FindTaskRequestEventType(aCancelEventType);
+ }
+
+EXPORT_C TEventType CSit::FindCancelEventType(TEventType aTaskRequestEventType)
+ {
+ return TaskHandlerCreator::FindCancelEventType(aTaskRequestEventType);
+ }
+
+EXPORT_C TBool CSit::IsTaskCancellationObservationRequest(TEventType aEventType)
+ {
+ return TaskHandlerCreator::IsTaskCancellationObservationRequest(aEventType);
+ }
+
+// Internals
+
+
+void CSit::StartThreadL()
+ {
+ LOG(Log::Printf(_L("CSit::StartThreadL\n")));
+ TName threadName(KSitName);
+
+ iTaskThread = new (ELeave) RThread;
+
+ TInt ret = iTaskThread->Create(threadName,
+ ThreadFunction,
+ KDefaultStackSize,
+ KMinHeapSize,
+ KSitMaxHeapSize,
+ this,
+ EOwnerProcess);
+
+ LOG(Log::Printf(_L("CSit::StartThreadL - iTaskThread->Create returned %d\n"), ret));
+ User::LeaveIfError(ret);
+
+ iSitDeathObserver = new (ELeave) CSitDeathObserver(iTaskThread->Id(), this);
+ iSitDeathObserver->StartObservingL();
+
+ iTaskThread->Resume();
+ }
+
+TInt CSit::ThreadFunction(TAny* aParameters)
+ {
+ LOG(Log::Printf(_L("CSit::ThreadFunction - begin\n")));
+ __UHEAP_MARK;
+
+ CTrapCleanup* cleanup = CTrapCleanup::New();
+
+ TInt ret = KErrNoMemory;
+
+ if (cleanup)
+ {
+ CSit* const sit = STATIC_CAST(CSit*, aParameters);
+ TRAP(ret, sit->StartWorkingL());
+ delete cleanup;
+ }
+
+ __UHEAP_MARKEND;
+
+ LOG(Log::Printf(_L("CSit::ThreadFunction - end\n")));
+ return ret;
+ }
+
+void CSit::StartWorkingL()
+ {
+ LOG(Log::Printf(_L("CSit::StartWorkingL - begin\n")));
+ // Create and install the active scheduler we need
+ CActiveScheduler* scheduler = new(ELeave) CActiveScheduler;
+ CleanupStack::PushL(scheduler);
+ CActiveScheduler::Install(scheduler);
+
+ // Create the task arrival observer active object
+ CTaskArrivalObserver* taskArrivalObserver = CTaskArrivalObserver::NewL();
+ CleanupStack::PushL(taskArrivalObserver);
+
+ // Start observing task arrivals
+ taskArrivalObserver->Start();
+
+ // Start running active objects
+ CActiveScheduler::Start();
+
+ // Cleanup the task handler and scheduler
+ CleanupStack::PopAndDestroy(2); // taskArrivalObserver, scheduler
+
+ LOG(Log::Printf(_L("CSit::StartWorkingL - end\n")));
+ }
+
+void CSit::SitDied()
+ {
+ LOG(Log::Printf(_L("CSit::SitDied\n")));
+
+ if (iTaskThread != NULL)
+ {
+ iTaskThread->Close();
+ delete iTaskThread;
+ iTaskThread = NULL;
+
+ iSitDeathListener->SitDied();
+
+ // We must delete the observer object as well.
+ // With this, the StartThreadL method works
+ // correctly as it creates a new observer.
+ delete iSitDeathObserver;
+ iSitDeathObserver = NULL;
+ }
+ }
+
+HBufC16* CSit::To16BitL(const TDesC8& aDes)
+ {
+ HBufC16* desCopy;
+
+ TInt desLength = aDes.Length();
+
+ if (desLength > 0)
+ {
+ desCopy = HBufC16::NewL(desLength);
+ desCopy->Des().Copy(aDes);
+ }
+ else
+ {
+ desCopy = HBufC16::NewL(1);
+ }
+
+ return desCopy;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/sitdeathobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: SIT thread death observer.
+*
+*/
+
+
+
+#include "sitdeathobserver.h"
+
+CSitDeathObserver::CSitDeathObserver(const TThreadId aThreadId, MSitDeathListener* aSitDeathListener)
+ : CActive(EPriorityNormal), iThreadId(aThreadId), iSitDeathListener(aSitDeathListener)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+CSitDeathObserver::~CSitDeathObserver()
+ {
+ Cancel();
+ }
+
+void CSitDeathObserver::StartObservingL()
+ {
+ User::LeaveIfError(iThreadToObserve.Open(iThreadId));
+ iThreadToObserve.Logon(iStatus);
+ SetActive();
+ }
+
+void CSitDeathObserver::DoCancel()
+ {
+ iThreadToObserve.LogonCancel(iStatus);
+ iThreadToObserve.Close();
+ }
+
+void CSitDeathObserver::RunL()
+ {
+ iSitDeathListener->SitDied();
+ iThreadToObserve.Close();
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/taskarrivalobserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,312 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Combined task arrival observer and task handler manager.
+*
+*/
+
+
+
+#include "taskarrivalobserver.h"
+#include "taskhandlercreator.h"
+#include "log.h"
+
+CTaskArrivalObserver* CTaskArrivalObserver::NewL()
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::NewL - begin\n")));
+ CTaskArrivalObserver* self = new (ELeave) CTaskArrivalObserver();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ LOG(Log::Printf(_L("CTaskArrivalObserver::NewL - end\n")));
+ return self;
+ }
+
+CTaskArrivalObserver::CTaskArrivalObserver()
+ : CAsyncOneShot(EPriorityNormal)
+ {
+ }
+
+void CTaskArrivalObserver::ConstructL()
+ {
+ User::LeaveIfError(iEventMediator.Connect());
+ iTaskHandlerList = new (ELeave) CArrayPtrFlat<CTaskHandler>(2);
+ iAsyncCleanerList = new (ELeave) CArrayPtrFlat<CAsyncCleaner>(2);
+ }
+
+CTaskArrivalObserver::~CTaskArrivalObserver()
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::~CTaskArrivalObserver\n")));
+ Cancel();
+ iEventMediator.Close();
+ if (iTaskHandlerList)
+ {
+ iTaskHandlerList->ResetAndDestroy();
+ delete iTaskHandlerList;
+ }
+ if (iAsyncCleanerList)
+ {
+ iAsyncCleanerList->ResetAndDestroy();
+ delete iAsyncCleanerList;
+ }
+ }
+
+void CTaskArrivalObserver::Start()
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::Start\n")));
+ iEventMediator.ListenToEvent(ETaskArrivedEvent, *this);
+ }
+
+void CTaskArrivalObserver::Cancel()
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::Cancel\n")));
+ iEventMediator.CancelListening(ETaskArrivedEvent);
+ }
+
+void CTaskArrivalObserver::EventOccured(TInt aStatus, TEventType /*aType*/, TDesC8* aData)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::EventOccured\n")));
+ if (aStatus == KErrNone && aData)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::EventOccured - launching a new task handler\n")));
+ // The event specification of the task request is delivered
+ // to us as the event data of the task arrivat event
+ TTaskArrivedEventData eventSpec;
+ TPckg<TTaskArrivedEventData> eventSpecDes(eventSpec);
+ eventSpecDes.Copy(*aData);
+
+ TRAPD(ret, LaunchTaskHandlerL(eventSpec));
+
+ // Not being able to create a task handler means that
+ // the client that has issued the corresponding task
+ // request would never be served. This is a fatal error
+ // and not acceptable. Thus, we we need to terminate the
+ // SIT thread in order to notify the Event Mediator and
+ // its clients about problems.
+ if (ret != KErrNone)
+ {
+ CActiveScheduler::Stop();
+ return;
+ }
+
+ // Continue observing the
+ // arrival of new tasks
+ Start();
+ }
+ else
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::EventOccured - stopping the scheduler and thus the SIT\n")));
+ // We cannot receive new tasks anymore
+ // so the SIT can be terminated
+ CActiveScheduler::Stop();
+ }
+ }
+
+void CTaskArrivalObserver::LaunchTaskHandlerL(const TTaskArrivedEventData& aEventSpec)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::LaunchTaskHandlerL\n")));
+ // A new task has arrived so create a task handler for it
+ CTaskHandler* taskHandler = CreateTaskHandlerL(aEventSpec);
+
+ // Add the handler to the list of active handlers
+ iTaskHandlerList->AppendL(taskHandler);
+
+ // And start performing the task
+ taskHandler->Start();
+ }
+
+CTaskHandler* CTaskArrivalObserver::CreateTaskHandlerL(const TTaskArrivedEventData& aEventSpec)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::CreateTaskHandlerL\n")));
+ CTaskHandler* taskHandler = NULL;
+
+ taskHandler = TaskHandlerCreator::CreateTaskHandlerL(this, aEventSpec);
+
+ if (!taskHandler)
+ {
+ User::Panic(KSitName, EPanicUnknownEventType);
+ }
+
+ return taskHandler;
+ }
+
+TInt CTaskArrivalObserver::FindTaskHandler(CTaskHandler* aTaskHandler)
+ {
+ TInt foundIndex = KUnfoundIndex;
+
+ for (TInt i = 0; i < iTaskHandlerList->Count(); i++)
+ {
+ if (iTaskHandlerList->At(i) == aTaskHandler)
+ {
+ foundIndex = i;
+ break;
+ };
+ }
+
+ return foundIndex;
+ }
+
+TInt CTaskArrivalObserver::FindAsyncCleaner(CAsyncCleaner* aAsyncCleaner)
+ {
+ TInt foundIndex = KUnfoundIndex;
+
+ for (TInt i = 0; i < iAsyncCleanerList->Count(); i++)
+ {
+ if (iAsyncCleanerList->At(i) == aAsyncCleaner)
+ {
+ foundIndex = i;
+ break;
+ };
+ }
+
+ return foundIndex;
+ }
+
+void CTaskArrivalObserver::TaskHandlerComplete(CTaskHandler* aTaskHandler)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::TaskHandlerComplete\n")));
+
+ // In the case several task handlers delete themselves at about the
+ // same time, we need to have a separate cleaner instance for each.
+ // Otherwise we'll get panic E32USER-CBase 42 (SetActive called
+ // while active object is already active).
+
+ // NOTE. Each asyncCleaner instance will cause itself to be deleted
+ CAsyncCleaner* asyncCleaner = new CAsyncCleaner(this, aTaskHandler);
+ if (asyncCleaner)
+ {
+ // Add the handler to a list of cleaners. This list
+ // is needed to handle some rare cases where the SIT
+ // thread dies before one or more async cleaners get
+ // the chance to delete themselves. Such cleaner
+ // instances get destroyed by the CTaskArrivalObserver
+ // destructor.
+ TRAP_IGNORE(iAsyncCleanerList->AppendL(asyncCleaner));
+ // Initiate the task handler delete operation
+ asyncCleaner->Start();
+ }
+ else
+ {
+ // Backup - just in case asyncCleaner could not be created
+ AsyncDeleteTaskHandler(aTaskHandler);
+ }
+ }
+
+void CTaskArrivalObserver::AsyncDeleteTaskHandler(CTaskHandler* aTaskHandler)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::AsyncDeleteTaskHandler\n")));
+ iTaskHandlerToDelete = aTaskHandler;
+ Call();
+ }
+
+void CTaskArrivalObserver::RunL() // Called as a result of AsyncDeleteTaskHandler
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::RunL\n")));
+
+ DeleteTaskHandler(iTaskHandlerToDelete);
+
+ iTaskHandlerToDelete = NULL;
+ }
+
+void CTaskArrivalObserver::DeleteTaskHandler(CTaskHandler* aTaskHandler)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::DeleteTaskHandler\n")));
+
+ // The specified task handler has done its
+ // job succesfully so it can be deleted
+ TInt taskHandlerIndex = FindTaskHandler(aTaskHandler);
+
+ if (taskHandlerIndex != KUnfoundIndex)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::DeleteTaskHandler - deleting task handler\n")));
+ // Delete the task handler
+ delete iTaskHandlerList->At(taskHandlerIndex);
+ // Delete the list item
+ iTaskHandlerList->Delete(taskHandlerIndex);
+ // Deleting elements from the array does not cause
+ // the array buffer to be automatically compressed.
+ // Compress it to return excess space to the heap
+ // as task handlers come and go.
+ iTaskHandlerList->Compress();
+ }
+ else
+ {
+ //
+ delete aTaskHandler;
+ }
+ }
+
+void CTaskArrivalObserver::DeleteAsyncCleaner(CAsyncCleaner* aAsyncCleaner)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::DeleteAsyncCleaner\n")));
+
+ // The specified asynchronous cleaner
+ // has done its job and be deleted
+ TInt asyncCleanerIndex = FindAsyncCleaner(aAsyncCleaner);
+
+ if (asyncCleanerIndex != KUnfoundIndex)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::DeleteAsyncCleaner - deleting async cleaner\n")));
+ // Delete the cleaner object
+ delete iAsyncCleanerList->At(asyncCleanerIndex);
+ // Delete the list item
+ iAsyncCleanerList->Delete(asyncCleanerIndex);
+ // Deleting elements from the array does not cause
+ // the array buffer to be automatically compressed.
+ // Compress it to return excess space to the heap
+ // as cleaner objects come and go.
+ iAsyncCleanerList->Compress();
+ }
+ else
+ {
+ // Always delete the cleaner instance even
+ // though it have not been added to the list
+ delete aAsyncCleaner;
+ }
+ }
+
+void CTaskArrivalObserver::TaskHandlerFatalError(CTaskHandler* /*aTaskHandler*/, TInt /*aError*/)
+ {
+ LOG(Log::Printf(_L("CTaskArrivalObserver::TaskHandlerFatalError - stopping the scheduler and thus the SIT\n")));
+ // The specified task handler has encountered a fatal error
+ // indicating that it cannot fulfill the task request it was
+ // created to fulfill, meaning that the client that has issued
+ // the corresponding task request would never be served. This
+ // is a fatal error and not acceptable. Thus, we we need to
+ // terminate the SIT thread in order to notify the Event Mediator
+ // and its clients about problems.
+ CActiveScheduler::Stop();
+ }
+
+// CAsyncCleaner
+
+CAsyncCleaner::CAsyncCleaner(CTaskArrivalObserver* aTaskArrivalObserver,
+ CTaskHandler* aTaskHandlerToDelete)
+ : CAsyncOneShot(EPriorityNormal), iTaskArrivalObserver(aTaskArrivalObserver),
+ iTaskHandlerToDelete(aTaskHandlerToDelete)
+ {
+ }
+
+void CAsyncCleaner::Start()
+ {
+ Call();
+ }
+
+void CAsyncCleaner::RunL()
+ {
+ // Delete the task handler
+ iTaskArrivalObserver->DeleteTaskHandler(iTaskHandlerToDelete);
+
+ // Delete this cleaner object instance as well
+ iTaskArrivalObserver->DeleteAsyncCleaner(this);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/taskhandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,194 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Base class for all task handlers.
+*
+*/
+
+
+
+#include "taskhandler.h"
+#include "log.h"
+
+CTaskHandler::CTaskHandler(MTaskHandlerManager* aManager, const TTaskArrivedEventData& aTaskInfo,
+ TEventType aCancelEventType, TDes8* aEventSpecPtr)
+ : CActive(EPriorityNormal), iManager(aManager), iTaskInfo(aTaskInfo),
+ iCancelEventType(aCancelEventType), iEventSpecPtr(aEventSpecPtr)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::CTaskHandler - iCancelEventType = %d\n"), iCancelEventType));
+ }
+
+void CTaskHandler::Start()
+ {
+ LOG(Log::Printf(_L("CTaskHandler::Start\n")));
+ // First fetch the event specification of the
+ // task request that we are supposed to fulfill
+ TPckg<TTaskArrivedEventData> taskInfoDes(iTaskInfo);
+ iEventMediator.ListenToEvent(EFetchTaskInfoEvent, taskInfoDes, *this);
+ // Operation continues from CTaskHandler::EventOccured
+ // that calls StartTaskHandlingL if all goes well
+ }
+
+void CTaskHandler::RunL()
+ {
+ ChangeStateL();
+ }
+
+void CTaskHandler::GotoState(TInt aState)
+ {
+ SetNextState(aState);
+ SetActive();
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+
+void CTaskHandler::SetCurrState(TInt aState)
+ {
+ iCurrState = aState;
+ }
+
+void CTaskHandler::SetNextState(TInt aState)
+ {
+ iNextState = aState;
+ }
+
+TInt CTaskHandler::CurrState()
+ {
+ return iCurrState;
+ }
+
+TInt CTaskHandler::NextState()
+ {
+ return iNextState;
+ }
+
+void CTaskHandler::DoCancel()
+ {
+ LOG(Log::Printf(_L("CTaskHandler::DoCancel\n")));
+ // Cancel listening to the task cancellation
+ iEventMediator.CancelListening(iCancelEventType, *iEventSpecPtr);
+
+ CancelOngoingOperation();
+
+ TaskDone();
+ }
+
+TInt CTaskHandler::RunError(TInt aError)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::RunError - error = %d\n"), aError));
+ TaskComplete(aError);
+ return KErrNone;
+ }
+
+void CTaskHandler::EventOccured(TInt aStatus, TEventType aType, TDesC8* aData)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::EventOccured\n")));
+ if (aType == EFetchTaskInfoEvent)
+ {
+ OnFetchTaskInfoEvent(aStatus, aData);
+ }
+ else if (aType == iCancelEventType)
+ {
+ OnTaskRequestCancelledEvent(aStatus);
+ }
+ else
+ {
+ User::Panic(KSitName, EPanicUnexpectedEventOccured);
+ }
+ }
+
+void CTaskHandler::OnFetchTaskInfoEvent(TInt aStatus, TDesC8* aData)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::OnFetchTaskInfoEvent\n")));
+ if (aStatus == KErrNone && aData)
+ {
+ // Copy the task request event specification
+ // so that the actual task handler can start using it
+ iEventSpecPtr->Copy(*aData);
+
+ // Listen to the cancellation of this task
+ iEventMediator.ListenToEvent(iCancelEventType, *iEventSpecPtr, *this);
+
+ StartTaskHandling();
+ }
+ else if (aStatus == KErrNotFound)
+ {
+ // The task request was cancelled before
+ // we had the change to get its data
+ TaskDone();
+ }
+ else
+ {
+ FatalError(aStatus);
+ }
+ }
+
+void CTaskHandler::OnTaskRequestCancelledEvent(TInt aStatus)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::OnTaskRequestCancelledEvent\n")));
+ if (aStatus == KErrNone)
+ {
+ // Event Mediator tells that the task request
+ // has been cancelled so we stop performing the task
+ Cancel();
+ }
+ else if (aStatus != KErrCancel)
+ {
+ FatalError(aStatus);
+ }
+ }
+
+void CTaskHandler::TaskComplete(TInt aError)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::TaskComplete - aError = %d\n"), aError));
+ // Cancel listening to the task cancellation
+ iEventMediator.CancelListening(iCancelEventType, *iEventSpecPtr);
+
+ ReportResult(aError);
+ }
+
+void CTaskHandler::ReportEvent(TEventType aEventType, TDesC8& aEventSpec, TDesC8& aEventData)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::ReportEvent - aEventType = %d\n"), aEventType));
+ TInt ret = iEventMediator.ReportEvent(aEventType, aEventSpec, aEventData);
+
+ if (ret != KErrNone)
+ {
+ FatalError(ret);
+ }
+ else
+ {
+ TaskDone();
+ }
+ }
+
+void CTaskHandler::TaskDone()
+ {
+ LOG(Log::Printf(_L("CTaskHandler::TaskDone\n")));
+ if (!iDelayedTaskEnd)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::TaskDone - calling iManager->TaskHandlerComplete\n")));
+ iManager->TaskHandlerComplete(this);
+ }
+ }
+
+void CTaskHandler::FatalError(TInt aError)
+ {
+ LOG(Log::Printf(_L("CTaskHandler::FatalError - error = %d\n"), aError));
+ iManager->TaskHandlerFatalError(this, aError);
+ }
+
+void CTaskHandler::SetDelayedTaskEnd(TBool aDelayedTaskEnd)
+ {
+ iDelayedTaskEnd = aDelayedTaskEnd;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/taskhandlercreator.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,154 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Provides set of static functions, e.g. for creating particular task handler.
+*
+*/
+
+
+
+#include "taskhandlercreator.h"
+#include "protocolversiongetter.h"
+#include "realiapconnobserver.h"
+#include "vpnconncloser.h"
+#include "vpnconnstarter.h"
+
+CTaskHandler* TaskHandlerCreator::CreateTaskHandlerL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aEventSpec)
+ {
+ CTaskHandler* taskHandler = NULL;
+
+ switch (aEventSpec.iEventType)
+ {
+ case EGetProtocolVersionEvent:
+ taskHandler = CProtocolVersionGetter::NewL(aManager, aEventSpec);
+ break;
+
+ case EStartVpnConnEvent:
+ taskHandler = CVpnConnStarter::NewL(aManager, aEventSpec);
+ break;
+
+ case ECloseVpnConnEvent:
+ taskHandler = CVpnConnCloser::NewL(aManager, aEventSpec);
+ break;
+
+ case EObserveRealIapConnEvent:
+ taskHandler = CRealIapConnObserver::NewL(aManager, aEventSpec);
+ break;
+
+ default:
+ break;
+ }
+
+ return taskHandler;
+ }
+
+TBool TaskHandlerCreator::EventRequiresSit(TEventType aEventType)
+ {
+ TBool eventRequiresSit = EFalse;
+
+ switch (aEventType)
+ {
+ case EGetProtocolVersionEvent:
+ case EStartVpnConnEvent:
+ case ECloseVpnConnEvent:
+ case EObserveRealIapConnEvent:
+ eventRequiresSit = ETrue;
+ break;
+
+ default:
+ break;
+ }
+
+ return eventRequiresSit;
+ }
+
+TEventType TaskHandlerCreator::FindTaskRequestEventType(TEventType aCancelEventType)
+ {
+ TEventType taskRequestEventType = EUnfoundEvent;
+
+ switch (aCancelEventType)
+ {
+ case EGetProtocolVersionCancelEvent:
+ taskRequestEventType = EGetProtocolVersionEvent;
+ break;
+
+ case EStartVpnConnCancelEvent:
+ taskRequestEventType = EStartVpnConnEvent;
+ break;
+
+ case ECloseVpnConnCancelEvent:
+ taskRequestEventType = ECloseVpnConnEvent;
+ break;
+
+ case EObserveRealIapConnCancelEvent:
+ taskRequestEventType = EObserveRealIapConnEvent;
+ break;
+
+ default:
+ break;
+ }
+
+ return taskRequestEventType;
+ }
+
+TEventType TaskHandlerCreator::FindCancelEventType(TEventType aTaskRequestEventType)
+ {
+ TEventType cancelEventType = EUnfoundEvent;
+
+ switch (aTaskRequestEventType)
+ {
+ case EGetProtocolVersionEvent:
+ cancelEventType = EGetProtocolVersionCancelEvent;
+ break;
+
+ case EStartVpnConnEvent:
+ cancelEventType = EStartVpnConnCancelEvent;
+ break;
+
+ case ECloseVpnConnEvent:
+ cancelEventType = ECloseVpnConnCancelEvent;
+ break;
+
+ case EObserveRealIapConnEvent:
+ cancelEventType = EObserveRealIapConnCancelEvent;
+ break;
+
+ default:
+ break;
+ }
+
+ return cancelEventType;
+ }
+
+TBool TaskHandlerCreator::IsTaskCancellationObservationRequest(TEventType aEventType)
+ {
+ TBool isTaskCancellationObservationRequest = EFalse;
+
+ switch (aEventType)
+ {
+ case EGetProtocolVersionCancelEvent:
+ case EStartVpnConnCancelEvent:
+ case ECloseVpnConnCancelEvent:
+ case EStartRealIapConnCancelEvent:
+ case EObserveRealIapConnCancelEvent:
+ isTaskCancellationObservationRequest = ETrue;
+ break;
+
+ default:
+ break;
+ }
+
+ return isTaskCancellationObservationRequest;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/vpnconncloser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,146 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Task handler for closing VPN connection.
+*
+*/
+
+
+
+#include "vpnconncloser.h"
+#include "kmdapi.h"
+#include "log.h"
+
+CVpnConnCloser* CVpnConnCloser::NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ {
+ CVpnConnCloser* self = new (ELeave) CVpnConnCloser(aManager, aTaskInfo);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CVpnConnCloser::CVpnConnCloser(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ : CTaskHandler(aManager, aTaskInfo, ECloseVpnConnCancelEvent, &iEventSpecDes)
+ {
+ }
+
+void CVpnConnCloser::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iEventMediator.Connect());
+ User::LeaveIfError(iKmdServ.Connect());
+ User::LeaveIfError(iPolicyServ.Connect());
+ }
+
+CVpnConnCloser::~CVpnConnCloser()
+ {
+ Cancel();
+ iEventMediator.Close();
+ iKmdServ.Close();
+ iPolicyServ.Close();
+ RELEASE_EVENT_LOGGER;
+ }
+
+void CVpnConnCloser::StartTaskHandling()
+ {
+ DEB(LOG(Log::Printf(_L("Starting VPN IAP deactivation\n")));)
+ INIT_EVENT_LOGGER(iEventMediator, iEventSpecDes().iVpnIapId, iEventSpecDes().iRealIapId);
+ GotoState(KStateDeactivateKmd);
+ }
+
+void CVpnConnCloser::ChangeStateL()
+ {
+ switch (NextState())
+ {
+ case KStateDeactivateKmd:
+ StateDeactivateKmdL();
+ break;
+
+ case KStateUnloadIpsecPolicy:
+ StateUnloadIpsecPolicy();
+ break;
+
+ case KStateAfterUnloadIpsecPolicy:
+ StateAfterUnloadIpsecPolicy();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CVpnConnCloser::CancelOngoingOperation()
+ {
+ switch (CurrState())
+ {
+ case KStateDeactivateKmd:
+ case KStateAfterUnloadIpsecPolicy:
+ // There's no ongoing external request to cancel
+ break;
+
+ case KStateUnloadIpsecPolicy:
+ DEB(LOG(Log::Printf(_L("Canceling Ipsec policy unload\n")));)
+ iPolicyServ.CancelUnload();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CVpnConnCloser::StateDeactivateKmdL()
+ {
+ SetCurrState(KStateDeactivateKmd);
+ TInt err = iKmdServ.StopVpnConnection( iEventSpecDes().iVpnIapId,
+ (TKmdStopConnection::TType)iEventSpecDes().iDeactivateType );
+ DEB(LOG(Log::Printf(_L("VPN connection stopped, VPN IAP id=%d, err=%d\n"),
+ iEventSpecDes().iVpnIapId, err ));)
+ GotoState(KStateUnloadIpsecPolicy);
+ }
+
+void CVpnConnCloser::StateUnloadIpsecPolicy()
+ {
+ SetCurrState(KStateUnloadIpsecPolicy);
+
+ iPolicyServ.UnloadPolicy(iEventSpecDes().iIpsecPolicyHandle, iStatus);
+ DEB(LOG(Log::Printf(_L("Ipsec policy unloaded, handle = %d\n"), iEventSpecDes().iIpsecPolicyHandle));)
+ SetNextState(KStateAfterUnloadIpsecPolicy);
+ SetActive();
+ }
+
+void CVpnConnCloser::StateAfterUnloadIpsecPolicy()
+ {
+ SetCurrState(KStateAfterUnloadIpsecPolicy);
+ DEB(LOG(Log::Printf(_L("VPN IAP deactivation completed, Ipsec policy unload status = %d\n"), iStatus.Int()));)
+
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_DEACT, NULL, iStatus.Int(), iEventSpecDes().iDeactivateType);
+
+ TaskComplete(iStatus.Int());
+ }
+
+void CVpnConnCloser::ReportResult(TInt aStatus)
+ {
+ // Report the close operation status
+ // information to the Event Mediator
+
+ TCloseVpnConnEventData eventData;
+
+ eventData.iTaskStatus = aStatus;
+
+ TPckg<TCloseVpnConnEventData> eventDataDes(eventData);
+ ReportEvent(ECloseVpnConnEvent, iEventSpecDes, eventDataDes);
+ iKmdServ.Close();
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/sit/src/vpnconnstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,652 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN connection starter
+*
+*/
+
+#include <e32base.h>
+#include <commsdat.h>
+#include <cmmanagerext.h>
+
+#if defined(__PFX_MIP4__)
+#include <FeatMgr.h>
+#endif
+
+#include "vpnconnstarter.h"
+#include "ikepolparser.h"
+#include "ipsecpolparser.h"
+#include "log.h"
+
+// Task handling states
+enum TConnStarterState
+ {
+ KStateStartRealIap,
+ KStateRealIapConnected,
+ KStateGetVpnPolicy,
+ KStateActivateKmd,
+ KStateAfterActivateKmd,
+ KStateLoadIpsecPolicy,
+ KStateAfterLoadIpsecPolicy,
+ KStateActivateIpsecPolicy,
+ KStateAfterActivateIpsecPolicy
+ };
+
+
+CVpnConnStarter* CVpnConnStarter::NewL(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ {
+ LOG(Log::Printf(_L("CVpnConnStarter::NewL - begin\n")));
+ CVpnConnStarter* self = new (ELeave) CVpnConnStarter(aManager, aTaskInfo);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ LOG(Log::Printf(_L("CVpnConnStarter::NewL - end\n")));
+ return self;
+ }
+
+CVpnConnStarter::CVpnConnStarter(MTaskHandlerManager* aManager,
+ const TTaskArrivedEventData& aTaskInfo)
+ : CTaskHandler(aManager, aTaskInfo, EStartVpnConnCancelEvent, &iEventSpecDes),
+ iVpnAddressInfoDes(iVpnAddressInfo),
+ iIfInfoDes(iIfInfo)
+ {
+ iIfInfo.iRealIapId = 0;
+ iIfInfo.iRealNetId = 0;
+ }
+
+void CVpnConnStarter::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iEventMediator.Connect());
+ User::LeaveIfError(iVpnServ.Connect());
+ User::LeaveIfError(iKmdServ.Connect());
+ User::LeaveIfError(iPolicyServ.Connect());
+#if defined(__PFX_MIP4__)
+ FeatureManager::InitializeLibL();
+#endif
+ }
+
+CVpnConnStarter::~CVpnConnStarter()
+ {
+ LOG(Log::Printf(_L("CVpnConnStarter::~CVpnConnStarter\n")));
+ Cancel();
+ iEventMediator.Close();
+ iVpnServ.Close();
+ iKmdServ.Close();
+ iPolicyServ.Close();
+
+ delete iIkePolicyData;
+ delete iIpsecPolicyData;
+ delete iCustomTs;
+
+ RELEASE_EVENT_LOGGER;
+#if defined(__PFX_MIP4__)
+ FeatureManager::UnInitializeLib();
+#endif
+ }
+
+void CVpnConnStarter::StartTaskHandling()
+ {
+ // Read input parameters.
+ // Changing the content of iEventSpecDes is not allowed
+ iVpnIapId = iEventSpecDes().iIfInfo.iVpnIapId;
+ GotoState(KStateStartRealIap);
+ }
+
+void CVpnConnStarter::ChangeStateL()
+ {
+ switch (NextState())
+ {
+ case KStateStartRealIap:
+ StateStartRealIap();
+ break;
+
+ case KStateRealIapConnected:
+ StateRealIapConnectedL();
+ break;
+
+ case KStateGetVpnPolicy:
+ StateGetVpnPolicyL();
+ break;
+
+ case KStateLoadIpsecPolicy:
+ StateLoadIpsecPolicy();
+ break;
+
+ case KStateAfterLoadIpsecPolicy:
+ StateAfterLoadIpsecPolicyL();
+ break;
+
+ case KStateActivateIpsecPolicy:
+ StateActivateIpsecPolicy();
+ break;
+
+ case KStateAfterActivateIpsecPolicy:
+ StateAfterActivateIpsecPolicyL();
+ break;
+
+ case KStateActivateKmd:
+ StateActivateKmdL();
+ break;
+
+ case KStateAfterActivateKmd:
+ StateAfterActivateKmdL();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+ }
+
+void CVpnConnStarter::CancelOngoingOperation()
+ {
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_ACT_CANCEL, NULL, 0, 0);
+
+ switch (CurrState())
+ {
+ case KStateStartRealIap:
+ DEB(LOG(Log::Printf(_L("Canceling start real connection\n") ));)
+ iKmdServ.CancelStartRealConnection();
+ break;
+ case KStateRealIapConnected:
+ case KStateGetVpnPolicy:
+ case KStateAfterActivateKmd:
+ case KStateAfterLoadIpsecPolicy:
+ case KStateAfterActivateIpsecPolicy:
+ // There's no ongoing external request to cancel
+ break;
+
+ case KStateActivateKmd:
+ DEB(LOG(Log::Printf(_L("Canceling KMD activate\n") ));)
+ iKmdServ.CancelActivate();
+ break;
+
+ case KStateLoadIpsecPolicy:
+ DEB(LOG(Log::Printf(_L("Canceling Ipsec policy load\n") ));)
+ iPolicyServ.CancelLoad();
+ break;
+
+ case KStateActivateIpsecPolicy:
+ DEB(LOG(Log::Printf(_L("Canceling Ipsec policy activate\n") ));)
+ iPolicyServ.CancelActivate();
+ break;
+
+ default:
+ User::Panic(KSitName, EPanicInvalidTaskHandlerState);
+ }
+
+ RollbackProcess();
+ }
+
+void CVpnConnStarter::StateStartRealIap()
+ {
+ SetCurrState(KStateStartRealIap);
+
+ DEB(LOG(Log::Printf(_L("StateStartRealIap, VPN IAP Id:%d\n"),
+ iVpnIapId));)
+ iKmdServ.StartRealConnection(iVpnIapId, iIfInfoDes, iStatus);
+ SetNextState(KStateRealIapConnected);
+ SetActive();
+ }
+
+void CVpnConnStarter::StateRealIapConnectedL()
+ {
+ SetCurrState(KStateRealIapConnected);
+ DEB(LOG(Log::Printf(_L("StateRealIapConnected:%d\n"), iStatus.Int()));)
+ User::LeaveIfError( iStatus.Int() );
+ INIT_EVENT_LOGGER(iEventMediator,
+ iVpnIapId, iIfInfoDes().iRealIapId);
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_ACT_START, this, 0, 0);
+ GotoState(KStateGetVpnPolicy);
+ }
+
+void CVpnConnStarter::StateGetVpnPolicyL()
+ {
+ SetCurrState(KStateGetVpnPolicy);
+
+ HBufC8* vpnPolicyData = NULL;
+ DEB(LOG(Log::Printf(_L("Starting to get VPN policy: %S\n"),
+ &(iEventSpecDes().iPolicyId) ));)
+ // Get VPN policy data
+ User::LeaveIfError(
+ iVpnServ.GetPolicyData(iEventSpecDes().iPolicyId, vpnPolicyData));
+ CleanupStack::PushL(vpnPolicyData);
+
+ // Convert to 16 bit
+ HBufC16* vpnPolicyData16 = CSit::To16BitL(*vpnPolicyData);
+ CleanupStack::PushL(vpnPolicyData16);
+
+ // Buffer containing Nokia NAT-T specific traffic selectors
+ // if specified in IKE policy
+ delete iCustomTs;
+ iCustomTs = NULL;
+ iCustomTs = HBufC8::NewL(256);
+
+ // Extract IKE and IPSec policies from the VPN policy
+ // Also stores custom Traffic Selectors if needed
+ GetIkePolicyFromVpnPolicyL(*vpnPolicyData16);
+ DEB(LOG(Log::Printf(_L("IKE policy parsing succeeded\n")));)
+
+ GetIpsecPolicyFromVpnPolicyL(*vpnPolicyData16);
+ DEB(LOG(Log::Printf(_L("Ipsec policy parsing succeeded\n")));)
+
+ // Insert stored traffic selectors to IPsec policy
+ InsertCustomTrafficSelectorsL();
+
+ // Custom traffic selectors are no longer needed since
+ // they were given to IPsec in above
+ delete iCustomTs;
+ iCustomTs = NULL;
+
+ CleanupStack::PopAndDestroy(2); // vpnPolicyData16, vpnPolicyData
+
+ GotoState(KStateLoadIpsecPolicy);
+ }
+
+void CVpnConnStarter::StateActivateKmdL()
+ {
+ SetCurrState(KStateActivateKmd);
+
+ DEB(LOG(Log::Printf(_L("Starting KMD activate\n")));)
+ iKmdServ.Activate(iVpnIapId,
+ iEventSpecDes().iIfInfo.iVPNIfName,
+ *iIkePolicyData,
+ iVpnAddressInfoDes,
+ iStatus);
+
+ SetNextState(KStateAfterActivateKmd);
+ SetActive();
+ }
+
+void CVpnConnStarter::StateAfterActivateKmdL()
+ {
+ SetCurrState(KStateAfterActivateKmd);
+
+ DEB(LOG(Log::Printf(
+ _L("KMD activate completed, status = %d, VPN IAP Id = %d\n"),
+ iStatus.Int(), iVpnIapId));)
+ // Leave if KMD activation failed
+ User::LeaveIfError(iStatus.Int());
+
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_ACTIVATED,
+ &(iVpnAddressInfo.iVPNIfAddr), iStatus.Int(), 0);
+
+ TaskComplete(KErrNone);
+ }
+
+void CVpnConnStarter::StateLoadIpsecPolicy()
+ {
+ SetCurrState(KStateLoadIpsecPolicy);
+
+ DEB(LOG(Log::Printf(_L("Starting to load Ipsec policy\n")));)
+ LoadIpsecPolicy();
+
+ SetNextState(KStateAfterLoadIpsecPolicy);
+ SetActive();
+ }
+
+void CVpnConnStarter::StateAfterLoadIpsecPolicyL()
+ {
+ SetCurrState(KStateAfterLoadIpsecPolicy);
+ DEB(LOG(Log::Printf(
+ _L("Ipsec policy load completed, status = %d\n"), iStatus.Int()));)
+ // Log some debug data if policy loading failed
+ if (iStatus.Int() == ESelectorConflict)
+ {
+ DEB(TPolicyNameInfo conflictInfo;)
+ DEB(TInt err = iPolicyServ.GetDebugInfo(conflictInfo, KConflictingPolicyInfo));
+
+ DEB(if (!err))
+ DEB(LOG(Log::Printf(_L("Additional debug info: %S\n"), &conflictInfo));)
+ }
+
+ if (iStatus.Int() == EParsingError)
+ {
+ DEB(typedef TBuf<200> TParsingErrorInfo;)
+ DEB(TParsingErrorInfo errorInfo;)
+ DEB(TInt err = iPolicyServ.GetDebugInfo(errorInfo, KParsingErrorInfo));
+
+ DEB(if (!err))
+ DEB(LOG(Log::Printf(_L("Additional debug info: %S\n"), &errorInfo));)
+ }
+
+ // Leave if policy loading failed
+ User::LeaveIfError(iStatus.Int());
+
+ GotoState(KStateActivateIpsecPolicy);
+ }
+
+void CVpnConnStarter::StateActivateIpsecPolicy()
+ {
+ SetCurrState(KStateActivateIpsecPolicy);
+
+ DEB(LOG(Log::Printf(_L("Activating Ipsec policy, handle = %d\n"), iIpsecPolicyHandleDes()));)
+ iPolicyServ.ActivatePolicy(iIpsecPolicyHandleDes(), iStatus);
+
+ SetNextState(KStateAfterActivateIpsecPolicy);
+ SetActive();
+ }
+
+void CVpnConnStarter::StateAfterActivateIpsecPolicyL()
+ {
+ DEB(LOG(Log::Printf(_L("Ipsec policy activated, status = %d\n"), iStatus.Int()));)
+
+ User::LeaveIfError(iStatus.Int());
+
+ GotoState(KStateActivateKmd);
+ }
+
+void CVpnConnStarter::ReportResult(TInt aStatus)
+ {
+ DEB(LOG(Log::Printf(_L("CVpnConnStarter::ReportResult\n")));)
+ // Report the startup result with associated
+ // information to the Event Mediator
+ TStartVpnConnEventData eventData;
+
+ eventData.iTaskStatus = aStatus;
+
+ if (aStatus == KErrNone)
+ {
+ eventData.iIkePolicyHandle.iHandle = iVpnIapId;
+ eventData.iIpsecPolicyHandle = iIpsecPolicyHandleDes();
+ eventData.iVpnAddressInfo = iVpnAddressInfo;
+ eventData.iIapId = iIfInfo.iRealIapId;
+ eventData.iNetId = iIfInfo.iRealNetId;
+ DEB(LOG(Log::Printf(_L("Iap:%d Net:%d\n"),
+ eventData.iIapId, eventData.iNetId));)
+ }
+
+ TPckg<TStartVpnConnEventData> eventDataDes(eventData);
+
+ ReportEvent(EStartVpnConnEvent, iEventSpecDes, eventDataDes);
+
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_ACT_END,
+ &(iEventSpecDes().iPolicyId), aStatus, 0);
+ }
+
+TInt CVpnConnStarter::RunError(TInt aError)
+ {
+ LOG_EVENT(R_VPN_MSG_VPN_IAP_ACT_FAILED, NULL, aError, 0);
+
+ RollbackProcess();
+ TaskComplete(aError);
+ return KErrNone;
+ }
+
+void CVpnConnStarter::RollbackProcess()
+ {
+ // If the VPN connection activation process
+ // fails at some point, we may need to reverse
+ // some of the actions that we've done:
+ // - If the KMD has been activated (the IKE policy has been loaded),
+ // deactivate KMD (unload IKE policy)
+ // - If the IPSec policy has been loaded and activated,
+ // unload the policy
+ // No actions are needed regarding the real IAP connection
+ // as it will be closed by the system in the lack of users.
+
+ DEB(LOG(Log::Printf(_L("Deactivating IKE policy due VPN activation error, VPN IAP Id = %d\n"),iVpnIapId));)
+ iKmdServ.StopVpnConnection(iVpnIapId, TKmdStopConnection::ENormal);
+
+ if (iIpsecPolicyHandleDes().iHandle != 0)
+ {
+ DEB(LOG(Log::Printf(_L("Unloading Ipsec policy due VPN activation error, VPN IAP Id = %d\n"),iVpnIapId));)
+ TRequestStatus status;
+ iPolicyServ.UnloadPolicy(iIpsecPolicyHandleDes(), status);
+ User::WaitForRequest(status);
+ }
+ }
+
+void CVpnConnStarter::ResolveIpsecFQDNL(CSecPolBundleList* aSecPolBundleList)
+ {
+ if (aSecPolBundleList)
+ {
+ for (TInt i(0); i<aSecPolBundleList->Count(); ++i)
+ {
+ CSecpolBundleItem* item = aSecPolBundleList->At(i);
+ HBufC* dnsname = item->iTunnelEpFQDN;
+
+ TInetAddr result = ResolveFQDNL(*dnsname);
+ // 39 for ipv6
+ TBuf<39> ipAddress;
+ result.Output( ipAddress );
+ item->iTunnel.Input(ipAddress);
+ DEB(LOG(Log::Printf(_L("Resolved:%S\n"), &ipAddress));)
+ }
+ }
+ }
+
+void CVpnConnStarter::ResolveIkeFQDNL(CIkeData* aIkeData)
+ {
+ ASSERT(aIkeData);
+ if (aIkeData->iFQDNAddr)
+ {
+ TInetAddr result = ResolveFQDNL(aIkeData->iFQDNAddr->GetData());
+ // 39 for ipv6
+ TBuf<39> ipAddress;
+ result.Output( ipAddress );
+ aIkeData->iAddr.Input(ipAddress);
+ DEB(LOG(Log::Printf(_L("Resolved:%S\n"), &ipAddress));)
+ }
+ }
+
+TInetAddr CVpnConnStarter::ResolveFQDNL(const TDesC& aAddress)
+ {
+ DEB(LOG(Log::Printf(_L("ResolveFQDNL:%S\n"), &aAddress));)
+ TRequestStatus status;
+ TNameEntry result;
+ iKmdServ.ResolveAddress(iVpnIapId, aAddress, result, status);
+ User::WaitForRequest(status);
+ User::LeaveIfError(status.Int());
+ TInetAddr address(result().iAddr);
+ return address;
+ }
+
+void CVpnConnStarter::FormCustomTrafficSelectorsL(CIkeData *aIkeData)
+ {
+ // Add Nokia NAT-T specific traffic selectors to IPsec
+ // custom traffic selector buffer
+ if (aIkeData->iUseNatProbing)
+ {
+ // Default port for Nokia NAT-T
+ TInt port(KNokiaNattDefaultPort);
+ if (aIkeData->iEspUdpPort)
+ port = aIkeData->iEspUdpPort;
+
+ TBuf8<39> addr, mask;
+ TBuf<39> buffer;
+ aIkeData->iAddr.Output(buffer);
+ addr.Copy(buffer);
+ aIkeData->iMask.Output(buffer);
+ mask.Copy(buffer);
+
+ HBufC8 *tsBuffer = HBufC8::NewLC(128);
+ tsBuffer->Des().Format(_L8("remote %S %S local_port %d = { }\n"),
+ &addr, &mask, port);
+ DEB(LOG(Log::Printf(_L8("Custom TS:%S\n"), tsBuffer));)
+ // Make sure that TS fits in the ts buffer
+ if (iCustomTs->Des().MaxLength() < iCustomTs->Length() + tsBuffer->Length())
+ {
+ iCustomTs = iCustomTs->ReAllocL(iCustomTs->Length() + tsBuffer->Length());
+ }
+ iCustomTs->Des().Append(*tsBuffer);
+ CleanupStack::PopAndDestroy(tsBuffer);
+ }
+ }
+
+void CVpnConnStarter::InsertCustomTrafficSelectorsL()
+ {
+ _LIT8(KSearchTerm, "[POLICY]\n");
+ TInt pos = iIpsecPolicyData->Find(KSearchTerm);
+ if (pos != KErrNotFound)
+ {
+ HBufC8 *newIpsecPolicyData = HBufC8::NewL(
+ iIpsecPolicyData->Length() + iCustomTs->Length());
+ pos += KSearchTerm().Length();
+
+ // Add data to "[POLICY]\n"
+ newIpsecPolicyData->Des().Append(iIpsecPolicyData->Des().Left(pos));
+
+ // Add custom traffic selectors
+ newIpsecPolicyData->Des().Append(*iCustomTs);
+
+ // Add rest of the original data
+ newIpsecPolicyData->Des().Append(iIpsecPolicyData->Des().Right(
+ iIpsecPolicyData->Length() - pos));
+
+ delete iIpsecPolicyData;
+ iIpsecPolicyData = newIpsecPolicyData;
+
+ DEB(LOG(Log::Write(*iIpsecPolicyData)));
+ }
+ }
+
+void CVpnConnStarter::GetIkePolicyFromVpnPolicyL(const TDesC& aVpnPolicy)
+ {
+ CIkeDataArray* ikeList = CIkeDataArray::NewL(1);
+ CleanupStack::PushL(ikeList);
+
+ TIkeParser ikeParser(aVpnPolicy);
+ ikeParser.ParseIKESectionsL(ikeList);
+
+ iIkePolicyData = HBufC8::NewL(KIkePolicyBufferSizeIncrement);
+ const TInt maxRetrans(8);
+ const TInt maxTraceFileSize(16);
+ User::LeaveIfError(ikeParser.GeneralInfoWrite(ikeList->iMaxLifetimeSec,
+ ikeList->iMaxLifetimeKB,
+ maxRetrans,
+ maxTraceFileSize,
+ iIkePolicyData));
+
+ for (TInt i(0); i < ikeList->Count(); i++)
+ {
+ CIkeData* ikeData = ikeList->At(i);
+ ResolveIkeFQDNL(ikeData);
+ FormCustomTrafficSelectorsL(ikeData);
+ User::LeaveIfError(ikeParser.MainWrite(ikeData, iIkePolicyData));
+ }
+
+ CleanupStack::PopAndDestroy(ikeList);
+ }
+
+void CVpnConnStarter::GetIpsecPolicyFromVpnPolicyL(const TDesC& aVpnPolicy)
+ {
+ CIpSecurityPiece* pieceData = new (ELeave) CIpSecurityPiece;
+ CleanupStack::PushL(pieceData);
+ pieceData->ConstructL();
+
+ TIpSecParser parser(aVpnPolicy);
+
+ TInt ret = parser.ParseAndIgnoreIKEL(pieceData);
+
+ if (ret != KErrNone)
+ {
+ HBufC* errorInfo = HBufC16::NewL(200);
+ errorInfo->Des().Copy(pieceData->iErrorInfo);
+ LOG(TPtr ptr = errorInfo->Des(); Log::Printf(_L("Parsing error info: %S\n"), &ptr));
+ delete errorInfo;
+ CleanupStack::PopAndDestroy(); // pieceData
+ User::Leave(ret);
+ }
+
+ ResolveIpsecFQDNL(pieceData->FQDNAddressListL());
+
+ iIpsecPolicyData = HBufC8::NewL(KPolicyBufferSizeIncrement);
+ ret = parser.Write(pieceData, iIpsecPolicyData);
+
+ if (ret != KErrNone)
+ {
+ LOG(Log::Printf(_L("Ipsec policy write error: %d\n"), ret));
+ CleanupStack::PopAndDestroy(); // pieceData
+ User::Leave(ret);
+ }
+
+ CleanupStack::PopAndDestroy(); // pieceData
+ }
+
+void CVpnConnStarter::LoadIpsecPolicy()
+ {
+ // Specify network IDs for tunnel end-point and selector definitions
+ iZoneInfoSetDes().iSelectorZone.iScope = KScopeNetwork;
+ iZoneInfoSetDes().iSelectorZone.iId = iEventSpecDes().iIfInfo.iVpnNetId;
+ iZoneInfoSetDes().iEndPointZone.iScope = KScopeNetwork;
+ iZoneInfoSetDes().iEndPointZone.iId = iIfInfo.iRealNetId;
+
+ LOG(Log::Printf(_L("CVpnConnStarter::LoadIpsecPolicy - VPN NET ID=%d, Real NET ID=%d\n"),
+ iEventSpecDes().iIfInfo.iVpnNetId, iIfInfo.iRealNetId ));
+
+#if defined(__PFX_MIP4__)
+
+ if (IsMip4FeaturePresent())
+ {
+ LOG(Log::Printf(_L("CVpnConnStarter::LoadIpsecPolicy - MIPv4 present, adding MIPv4 bypass selectors\n")));
+ iProcessingFlags = KAddIkeBypassSelectors | KAddMip4BypassSelectors;
+ }
+ else
+ {
+ LOG(Log::Printf(_L("CVpnConnStarter::LoadIpsecPolicy - MIPv4 NOT present, NOT adding MIPv4 bypass selectors\n")));
+ iProcessingFlags = KAddIkeBypassSelectors;
+ }
+
+#else
+
+ LOG(Log::Printf(_L("CVpnConnStarter::LoadIpsecPolicy - MIPv4 NOT present, NOT adding MIPv4 bypass selectors\n")));
+ iProcessingFlags = KAddIkeBypassSelectors;
+
+#endif // __PFX_MIP4__
+
+ // Check from commdb wether "real" interface uses DHCP
+ // and if it does, KAddDhcpBypassSelectors is added to
+ // the processing flags
+
+ TBool dhcpEnabled = EFalse;
+ TRAPD(err, IsDhcpEnabledL(dhcpEnabled));
+
+ if (!err && dhcpEnabled)
+ {
+ iProcessingFlags |= KAddDhcpBypassSelectors;
+ }
+
+ iPolicyServ.LoadPolicy(*iIpsecPolicyData, iIpsecPolicyHandleDes,
+ iStatus, iZoneInfoSetDes, iProcessingFlags);
+ }
+
+void CVpnConnStarter::IsDhcpEnabledL(TBool& aDhcpEnabled)
+ {
+ using namespace CMManager;
+
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL(cmManagerExt);
+
+ RCmConnectionMethodExt connectionMethod = cmManagerExt.ConnectionMethodL( iIfInfo.iRealIapId );
+ CleanupClosePushL(connectionMethod);
+
+ aDhcpEnabled = connectionMethod.GetBoolAttributeL(ECmIPAddFromServer);
+ if (!aDhcpEnabled)
+ {
+ aDhcpEnabled = connectionMethod.GetBoolAttributeL(ECmIPDNSAddrFromServer);
+ }
+
+ CleanupStack::PopAndDestroy(2);
+ }
+
+#if defined(__PFX_MIP4__)
+
+TBool CVpnConnStarter::IsMip4FeaturePresent(void)
+ {
+ return FeatureManager::FeatureSupported(KFeatureIdMIPv4);
+ }
+
+#endif // __PFX_MIP4__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/EABI/utlbase64U.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,8 @@
+EXPORTS
+ _ZN12TBase64Codec12Base64DecodeERK6TDesC8RK5TDes8 @ 1 NONAME
+ _ZN12TBase64Codec12Base64EncodeERK6TDesC8RK5TDes8 @ 2 NONAME
+ _ZN12TBase64Codec14Base64DecodeLCERK6TDesC8 @ 3 NONAME
+ _ZN12TBase64Codec14Base64EncodeLCERK6TDesC8 @ 4 NONAME
+ _ZN12TBase64CodecC1Ev @ 5 NONAME
+ _ZN12TBase64CodecC2Ev @ 6 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/bmarm/utlbase64u.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,7 @@
+EXPORTS
+ Base64DecodeLC__12TBase64CodecRC6TDesC8 @ 1 NONAME ; TBase64Codec::Base64DecodeLC(TDesC8 const &)
+ Base64Decode__12TBase64CodecRC6TDesC8RC5TDes8 @ 2 NONAME ; TBase64Codec::Base64Decode(TDesC8 const &, TDes8 const &)
+ Base64EncodeLC__12TBase64CodecRC6TDesC8 @ 3 NONAME ; TBase64Codec::Base64EncodeLC(TDesC8 const &)
+ Base64Encode__12TBase64CodecRC6TDesC8RC5TDes8 @ 4 NONAME ; TBase64Codec::Base64Encode(TDesC8 const &, TDes8 const &)
+ __12TBase64Codec @ 5 NONAME ; TBase64Codec::TBase64Codec(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/bwins/UTLBASE64U.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,7 @@
+EXPORTS
+ ??0TBase64Codec@@QAE@XZ @ 1 NONAME ; public: __thiscall TBase64Codec::TBase64Codec(void)
+ ?Base64Decode@TBase64Codec@@QAEHABVTDesC8@@ABVTDes8@@@Z @ 2 NONAME ; public: int __thiscall TBase64Codec::Base64Decode(class TDesC8 const &,class TDes8 const &)
+ ?Base64DecodeLC@TBase64Codec@@QAEPAVHBufC8@@ABVTDesC8@@@Z @ 3 NONAME ; public: class HBufC8 * __thiscall TBase64Codec::Base64DecodeLC(class TDesC8 const &)
+ ?Base64Encode@TBase64Codec@@QAEHABVTDesC8@@ABVTDes8@@@Z @ 4 NONAME ; public: int __thiscall TBase64Codec::Base64Encode(class TDesC8 const &,class TDes8 const &)
+ ?Base64EncodeLC@TBase64Codec@@QAEPAVHBufC8@@ABVTDesC8@@@Z @ 5 NONAME ; public: class HBufC8 * __thiscall TBase64Codec::Base64EncodeLC(class TDesC8 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+utlbase64.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/group/utlbase64.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project utlbase64
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET utlbase64.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101F6EBA
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE base64.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/inc/base64.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,48 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Base64 encoder/decoder
+*
+*/
+
+
+
+#ifndef _BASE64_H_
+#define _BASE64_H_
+
+#define B64_NOP_CHR '='
+#define B64_LINEBREAK '\n'
+#define B64_NOP_VAL 254
+#define B64_IGN 255
+#define MAXLINELEN 76
+
+// encoding table
+static const TUint8 Kb64 [] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+
+class TBase64Codec
+{
+ public:
+ // Public interface
+ IMPORT_C TInt Base64Encode(const TDesC8 &aRawData, const TDes8 &aEncodedData);
+ IMPORT_C TInt Base64Decode(const TDesC8 &aEncodedData, const TDes8 &aDecodedData);
+ IMPORT_C HBufC8* Base64EncodeLC(const TDesC8 &aRawData);
+ IMPORT_C HBufC8* Base64DecodeLC(const TDesC8 &aEncodedData);
+ IMPORT_C TBase64Codec();
+
+ private:
+ TUint8 iD64[256]; /* decoding table */
+ void InitBase64(void);
+};
+
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/rom/utlbase64.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project utlbase64.
+*
+*/
+
+
+
+#ifndef __UTLBASE64_IBY__
+#define __UTLBASE64_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature UTLBASE64 not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\utlbase64.dll SHARED_LIB_DIR\utlbase64.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __UTLBASE64_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlbase64/src/base64.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,221 @@
+/*
+* Copyright (c) 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Base64 encoder/decoder
+*
+*/
+
+
+
+#include <eikenv.h>
+#include "base64.h"
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Constructor
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TBase64Codec::TBase64Codec()
+{
+ // Initialize base64
+ InitBase64();
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Initialize decoding array
+////////////////////////////////////////////////////////////////////////////////////////
+void TBase64Codec::InitBase64(void)
+{
+ TUint8 i;
+ Mem::Fill(iD64, sizeof(iD64), B64_IGN);
+ for (i=0;i<sizeof(Kb64);i++)
+ {
+ iD64[Kb64[i]]=i;
+ }
+ iD64[B64_NOP_CHR]=B64_NOP_VAL;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Base64 encoding function using buffers allocated by the caller
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt TBase64Codec::Base64Encode(const TDesC8 &aRawData, const TDes8 &aEncodedData)
+{
+ TInt i;
+ TInt j;
+ TInt datalen;
+ TUint8 block[3];
+ const TUint8 *fromPtr;
+ TUint8 *toPtr;
+ TUint count = 0;
+ TInt lengthIncludingLinebreaks;
+ TInt lengthWithoutLinebreaks;
+
+
+ i=0;
+ fromPtr = aRawData.Ptr();
+ toPtr = CONST_CAST(TUint8*, aEncodedData.Ptr());
+ datalen = aRawData.Size();
+ lengthWithoutLinebreaks = ((datalen + 3)/ 3) * 4;
+ lengthIncludingLinebreaks = lengthWithoutLinebreaks + (lengthWithoutLinebreaks) / MAXLINELEN - ((lengthWithoutLinebreaks % MAXLINELEN)?0:1);
+ if(aEncodedData.MaxLength() < lengthIncludingLinebreaks)
+ return KErrArgument;
+
+ for (j=0;j<datalen;j+=3)
+ {
+ /* 11111100>>2 */
+ /* 00000011<<4 + 11110000>>4 */
+ /* 00001111<<2 + 11000000>>6 */
+ /* 00111111 */
+ Mem::FillZ(block, 3);
+ Mem::Copy(block, &fromPtr[j], datalen-j<3?datalen-j:3);
+ toPtr[i++] = Kb64[(block[0]&0xfc)>>2];
+ toPtr[i++] = Kb64[((block[0]&0x03)<<4)+(block[1]>>4)];
+ if (datalen-j>1)
+ {
+ toPtr[i++] = Kb64[((block[1]&0x0f)<<2)+(block[2]>>6)];
+ }
+ else
+ {
+ toPtr[i++] = B64_NOP_CHR;
+ }
+ if (datalen-j>2)
+ {
+ toPtr[i++]=Kb64[block[2]&0x3f];
+ }
+ else
+ {
+ toPtr[i++] = B64_NOP_CHR;
+ }
+ count += 4;
+ // Add linebreaks every 76th characters
+ // Don't add it after the last full length line
+ if(count >= MAXLINELEN && j < datalen - 3)
+ {
+ toPtr[i++] = B64_LINEBREAK;
+ count = 0;
+ }
+ }
+
+ CONST_CAST(TDes8 &, aEncodedData).SetLength(i);
+ return KErrNone;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Base64 decoding function using buffers allocated by the caller
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt TBase64Codec::Base64Decode(const TDesC8 &aEncodedData, const TDes8 &aDecodedData)
+{
+ TInt i;
+ TInt j;
+ TInt k;
+ TInt blocklen;
+ TInt datalen;
+ const TUint8 *fromPtr;
+ TUint8 *toPtr;
+
+ TUint8 c = 0;
+ TUint8 block[4];
+
+ InitBase64();
+
+ i=0;
+ j=0;
+ fromPtr = aEncodedData.Ptr();
+ toPtr = CONST_CAST(TUint8*, aDecodedData.Ptr());
+ datalen = aEncodedData.Size();
+ if(aDecodedData.MaxLength() < (datalen / 4) * 3)
+ return KErrArgument;
+
+ while ((datalen > 0) && (j <= datalen))
+ {
+ blocklen=0;
+ Mem::Fill(block,'\0',sizeof(block));
+ for (k=0;k<4;k++) /* skip non base64 characters */
+ {
+ while (j++ <= datalen && (c=iD64[*fromPtr++])==B64_IGN) {;}
+ if (j<=datalen)
+ {
+ block[k]=c;
+ if (c!=B64_NOP_VAL)
+ {
+ blocklen++;
+ }
+ else
+ {
+ block[k]=0;
+ }
+ }
+ else
+ {
+ block[k]=0;
+ }
+ }
+ if (blocklen)
+ {
+ toPtr[i+0] = STATIC_CAST(TUint8, (block[0]<<2) + (block[1]>>4));
+
+ if(blocklen > 1)
+ toPtr[i+1] = STATIC_CAST(TUint8, ((block[1]&0x0f)<<4) + (block[2]>>2));
+
+ if(blocklen > 2)
+ toPtr[i+2] = STATIC_CAST(TUint8, ((block[2]&0x03)<<6) + (block[3]));
+
+ i+=blocklen-1;
+ }
+ }
+ CONST_CAST(TDes8 &, aDecodedData).SetLength(i);
+ return KErrNone;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Base64 encoding function, buffer allocated by the function and returned to the caller
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C HBufC8* TBase64Codec::Base64EncodeLC(const TDesC8 &aRawData)
+{
+ HBufC8 *outBuf = NULL;
+ TInt rCode;
+ TUint lengthIncludingLinebreaks;
+ TUint lengthWithoutLinebreaks;
+
+ lengthWithoutLinebreaks =((aRawData.Length() + 3)/ 3) * 4;
+ lengthIncludingLinebreaks = lengthWithoutLinebreaks + (lengthWithoutLinebreaks) / MAXLINELEN - ((lengthWithoutLinebreaks % MAXLINELEN)?0:1);
+ outBuf = HBufC8::NewLC(lengthIncludingLinebreaks);
+ TPtr8 outDes = outBuf->Des();
+ rCode = Base64Encode(aRawData, outDes);
+ if(rCode != KErrNone)
+ {
+ CleanupStack::Pop();
+ delete outBuf;
+ outBuf = NULL;
+ }
+ return (outBuf);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Base64 decoding function, buffer allocated by the function and returned to the caller
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C HBufC8* TBase64Codec::Base64DecodeLC(const TDesC8 &aEncodedData)
+{
+ HBufC8 *outBuf = NULL;
+ TInt rCode;
+
+ outBuf = HBufC8::NewLC(((aEncodedData.Length() / 4) * 3));
+ TPtr8 outDes = outBuf->Des();
+ rCode = Base64Decode(aEncodedData, outDes);
+ if(rCode != KErrNone)
+ {
+ CleanupStack::Pop();
+ delete outBuf;
+ outBuf = NULL;
+ }
+ return (outBuf);
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/EABI/utlcryptou.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+EXPORTS
+ _ZN10TUtlCrypto13CryptoVersionEv @ 1 NONAME
+ _ZN10TUtlCrypto18MakeDiffieHellmanLERK6TDesC8S2_ @ 2 NONAME
+ _ZN10TUtlCrypto19DsaVerifySignatureLERK6TDesC8S2_S2_S2_S2_ @ 3 NONAME
+ _ZN10TUtlCrypto19IsWeakCryptoLibraryEv @ 4 NONAME
+ _ZN10TUtlCrypto20MakeMessageDigesterLENS_19TUtlMessageDigestIdERK6TDesC8 @ 5 NONAME
+ _ZN10TUtlCrypto20RsaPublicKeyDecryptLERK6TDesC8S2_RP6HBufC8 @ 6 NONAME
+ _ZN10TUtlCrypto20RsaPublicKeyEncryptLERK6TDesC8S2_RP6HBufC8 @ 7 NONAME
+ _ZN10TUtlCrypto23MakeSymmetricDecryptorLENS_21TUtlSymmetricCipherIdERK6TDesC8S3_ @ 8 NONAME
+ _ZN10TUtlCrypto23MakeSymmetricEncryptorLENS_21TUtlSymmetricCipherIdERK6TDesC8S3_ @ 9 NONAME
+ _ZN17CUtlDiffieHellman10CompleteKLERK6TDesC8 @ 10 NONAME
+ _ZN17CUtlDiffieHellman10GenerateXLEv @ 11 NONAME
+ _ZN17CUtlDiffieHellmanD0Ev @ 12 NONAME
+ _ZN17CUtlDiffieHellmanD1Ev @ 13 NONAME
+ _ZN17CUtlDiffieHellmanD2Ev @ 14 NONAME
+ _ZN17CUtlMessageDigest10ReplicateLEv @ 15 NONAME
+ _ZN17CUtlMessageDigest5CopyLEv @ 16 NONAME
+ _ZN17CUtlMessageDigest5FinalERK6TDesC8 @ 17 NONAME
+ _ZN17CUtlMessageDigest5FinalEv @ 18 NONAME
+ _ZN17CUtlMessageDigest5ResetEv @ 19 NONAME
+ _ZN17CUtlMessageDigest6UpdateERK6TDesC8 @ 20 NONAME
+ _ZN17CUtlMessageDigestD0Ev @ 21 NONAME
+ _ZN17CUtlMessageDigestD1Ev @ 22 NONAME
+ _ZN17CUtlMessageDigestD2Ev @ 23 NONAME
+ _ZN19CUtlSymmetricCipher13ProcessFinalLERK6TDesC8R5TDes8 @ 24 NONAME
+ _ZN19CUtlSymmetricCipher5ResetEv @ 25 NONAME
+ _ZN19CUtlSymmetricCipher7ProcessERK6TDesC8R5TDes8 @ 26 NONAME
+ _ZN19CUtlSymmetricCipherD0Ev @ 27 NONAME
+ _ZN19CUtlSymmetricCipherD1Ev @ 28 NONAME
+ _ZN19CUtlSymmetricCipherD2Ev @ 29 NONAME
+ _ZNK17CUtlMessageDigest8HashSizeEv @ 30 NONAME
+ _ZNK17CUtlMessageDigest9BlockSizeEv @ 31 NONAME
+ _ZNK19CUtlSymmetricCipher15MaxOutputLengthEi @ 32 NONAME
+ _ZNK19CUtlSymmetricCipher20MaxFinalOutputLengthEi @ 33 NONAME
+ _ZNK19CUtlSymmetricCipher7KeySizeEv @ 34 NONAME
+ _ZNK19CUtlSymmetricCipher9BlockSizeEv @ 35 NONAME
+ _ZTI17CUtlDiffieHellman @ 36 NONAME ; #<TI>#
+ _ZTI17CUtlMessageDigest @ 37 NONAME ; #<TI>#
+ _ZTI19CUtlSymmetricCipher @ 38 NONAME ; #<TI>#
+ _ZTV17CUtlDiffieHellman @ 39 NONAME ; #<VT>#
+ _ZTV17CUtlMessageDigest @ 40 NONAME ; #<VT>#
+ _ZTV19CUtlSymmetricCipher @ 41 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/bmarm/UTLCRYPTOU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+EXPORTS
+ "_._19CUtlSymmetricCipher" @ 1 NONAME R3UNUSED ; CUtlSymmetricCipher::~CUtlSymmetricCipher(void)
+ BlockSize__C19CUtlSymmetricCipher @ 2 NONAME R3UNUSED ; CUtlSymmetricCipher::BlockSize(void) const
+ CompleteKL__17CUtlDiffieHellmanRC6TDesC8 @ 3 NONAME R3UNUSED ; CUtlDiffieHellman::CompleteKL(TDesC8 const &)
+ CopyL__17CUtlMessageDigest @ 4 NONAME R3UNUSED ; CUtlMessageDigest::CopyL(void)
+ DsaVerifySignatureL__10TUtlCryptoRC6TDesC8N41 @ 5 NONAME ; TUtlCrypto::DsaVerifySignatureL(TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &, TDesC8 const &)
+ Final__17CUtlMessageDigest @ 6 NONAME R3UNUSED ; CUtlMessageDigest::Final(void)
+ Final__17CUtlMessageDigestRC6TDesC8 @ 7 NONAME R3UNUSED ; CUtlMessageDigest::Final(TDesC8 const &)
+ GenerateXL__17CUtlDiffieHellman @ 8 NONAME R3UNUSED ; CUtlDiffieHellman::GenerateXL(void)
+ HashSize__C17CUtlMessageDigest @ 9 NONAME R3UNUSED ; CUtlMessageDigest::HashSize(void) const
+ IsWeakCryptoLibrary__10TUtlCrypto @ 10 NONAME R3UNUSED ; TUtlCrypto::IsWeakCryptoLibrary(void)
+ KeySize__C19CUtlSymmetricCipher @ 11 NONAME R3UNUSED ; CUtlSymmetricCipher::KeySize(void) const
+ MakeDiffieHellmanL__10TUtlCryptoRC6TDesC8T1 @ 12 NONAME R3UNUSED ; TUtlCrypto::MakeDiffieHellmanL(TDesC8 const &, TDesC8 const &)
+ MakeMessageDigesterL__10TUtlCryptoQ210TUtlCrypto19TUtlMessageDigestIdRC6TDesC8 @ 13 NONAME R3UNUSED ; TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::TUtlMessageDigestId, TDesC8 const &)
+ MakeSymmetricDecryptorL__10TUtlCryptoQ210TUtlCrypto21TUtlSymmetricCipherIdRC6TDesC8T2 @ 14 NONAME R3UNUSED ; TUtlCrypto::MakeSymmetricDecryptorL(TUtlCrypto::TUtlSymmetricCipherId, TDesC8 const &, TDesC8 const &)
+ MakeSymmetricEncryptorL__10TUtlCryptoQ210TUtlCrypto21TUtlSymmetricCipherIdRC6TDesC8T2 @ 15 NONAME R3UNUSED ; TUtlCrypto::MakeSymmetricEncryptorL(TUtlCrypto::TUtlSymmetricCipherId, TDesC8 const &, TDesC8 const &)
+ MaxFinalOutputLength__C19CUtlSymmetricCipheri @ 16 NONAME R3UNUSED ; CUtlSymmetricCipher::MaxFinalOutputLength(int) const
+ MaxOutputLength__C19CUtlSymmetricCipheri @ 17 NONAME R3UNUSED ; CUtlSymmetricCipher::MaxOutputLength(int) const
+ ProcessFinalL__19CUtlSymmetricCipherRC6TDesC8R5TDes8 @ 18 NONAME R3UNUSED ; CUtlSymmetricCipher::ProcessFinalL(TDesC8 const &, TDes8 &)
+ Process__19CUtlSymmetricCipherRC6TDesC8R5TDes8 @ 19 NONAME R3UNUSED ; CUtlSymmetricCipher::Process(TDesC8 const &, TDes8 &)
+ ReplicateL__17CUtlMessageDigest @ 20 NONAME R3UNUSED ; CUtlMessageDigest::ReplicateL(void)
+ Reset__17CUtlMessageDigest @ 21 NONAME R3UNUSED ; CUtlMessageDigest::Reset(void)
+ Reset__19CUtlSymmetricCipher @ 22 NONAME R3UNUSED ; CUtlSymmetricCipher::Reset(void)
+ RsaPublicKeyDecryptL__10TUtlCryptoRC6TDesC8T1RP6HBufC8 @ 23 NONAME R3UNUSED ; TUtlCrypto::RsaPublicKeyDecryptL(TDesC8 const &, TDesC8 const &, HBufC8 *&)
+ RsaPublicKeyEncryptL__10TUtlCryptoRC6TDesC8T1RP6HBufC8 @ 24 NONAME R3UNUSED ; TUtlCrypto::RsaPublicKeyEncryptL(TDesC8 const &, TDesC8 const &, HBufC8 *&)
+ Update__17CUtlMessageDigestRC6TDesC8 @ 25 NONAME R3UNUSED ; CUtlMessageDigest::Update(TDesC8 const &)
+ "_._17CUtlDiffieHellman" @ 26 NONAME R3UNUSED ; CUtlDiffieHellman::~CUtlDiffieHellman(void)
+ "_._17CUtlMessageDigest" @ 27 NONAME R3UNUSED ; CUtlMessageDigest::~CUtlMessageDigest(void)
+ BlockSize__C17CUtlMessageDigest @ 28 NONAME R3UNUSED ; CUtlMessageDigest::BlockSize(void) const
+ CryptoVersion__10TUtlCrypto @ 29 NONAME R3UNUSED ; TUtlCrypto::CryptoVersion(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/bwins/UTLCRYPTOU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+EXPORTS
+ ??1CUtlDiffieHellman@@UAE@XZ @ 1 NONAME ; CUtlDiffieHellman::~CUtlDiffieHellman(void)
+ ??1CUtlMessageDigest@@UAE@XZ @ 2 NONAME ; CUtlMessageDigest::~CUtlMessageDigest(void)
+ ??1CUtlSymmetricCipher@@UAE@XZ @ 3 NONAME ; CUtlSymmetricCipher::~CUtlSymmetricCipher(void)
+ ?BlockSize@CUtlMessageDigest@@QBEHXZ @ 4 NONAME ; int CUtlMessageDigest::BlockSize(void) const
+ ?BlockSize@CUtlSymmetricCipher@@QBEHXZ @ 5 NONAME ; int CUtlSymmetricCipher::BlockSize(void) const
+ ?CompleteKL@CUtlDiffieHellman@@QAEPBVHBufC8@@ABVTDesC8@@@Z @ 6 NONAME ; class HBufC8 const * CUtlDiffieHellman::CompleteKL(class TDesC8 const &)
+ ?CopyL@CUtlMessageDigest@@QAEPAVCMessageDigest@@XZ @ 7 NONAME ; class CMessageDigest * CUtlMessageDigest::CopyL(void)
+ ?DsaVerifySignatureL@TUtlCrypto@@SAHABVTDesC8@@0000@Z @ 8 NONAME ; int TUtlCrypto::DsaVerifySignatureL(class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &, class TDesC8 const &)
+ ?Final@CUtlMessageDigest@@QAE?AVTPtrC8@@ABVTDesC8@@@Z @ 9 NONAME ; class TPtrC8 CUtlMessageDigest::Final(class TDesC8 const &)
+ ?Final@CUtlMessageDigest@@QAE?AVTPtrC8@@XZ @ 10 NONAME ; class TPtrC8 CUtlMessageDigest::Final(void)
+ ?GenerateXL@CUtlDiffieHellman@@QAEPBVHBufC8@@XZ @ 11 NONAME ; class HBufC8 const * CUtlDiffieHellman::GenerateXL(void)
+ ?HashSize@CUtlMessageDigest@@QBEHXZ @ 12 NONAME ; int CUtlMessageDigest::HashSize(void) const
+ ?IsWeakCryptoLibrary@TUtlCrypto@@SAHXZ @ 13 NONAME ; int TUtlCrypto::IsWeakCryptoLibrary(void)
+ ?KeySize@CUtlSymmetricCipher@@QBEHXZ @ 14 NONAME ; int CUtlSymmetricCipher::KeySize(void) const
+ ?MakeDiffieHellmanL@TUtlCrypto@@SAPAVCUtlDiffieHellman@@ABVTDesC8@@0@Z @ 15 NONAME ; class CUtlDiffieHellman * TUtlCrypto::MakeDiffieHellmanL(class TDesC8 const &, class TDesC8 const &)
+ ?MakeMessageDigesterL@TUtlCrypto@@SAPAVCUtlMessageDigest@@W4TUtlMessageDigestId@1@ABVTDesC8@@@Z @ 16 NONAME ; class CUtlMessageDigest * TUtlCrypto::MakeMessageDigesterL(enum TUtlCrypto::TUtlMessageDigestId, class TDesC8 const &)
+ ?MakeSymmetricDecryptorL@TUtlCrypto@@SAPAVCUtlSymmetricCipher@@W4TUtlSymmetricCipherId@1@ABVTDesC8@@1@Z @ 17 NONAME ; class CUtlSymmetricCipher * TUtlCrypto::MakeSymmetricDecryptorL(enum TUtlCrypto::TUtlSymmetricCipherId, class TDesC8 const &, class TDesC8 const &)
+ ?MakeSymmetricEncryptorL@TUtlCrypto@@SAPAVCUtlSymmetricCipher@@W4TUtlSymmetricCipherId@1@ABVTDesC8@@1@Z @ 18 NONAME ; class CUtlSymmetricCipher * TUtlCrypto::MakeSymmetricEncryptorL(enum TUtlCrypto::TUtlSymmetricCipherId, class TDesC8 const &, class TDesC8 const &)
+ ?MaxFinalOutputLength@CUtlSymmetricCipher@@QBEHH@Z @ 19 NONAME ; int CUtlSymmetricCipher::MaxFinalOutputLength(int) const
+ ?MaxOutputLength@CUtlSymmetricCipher@@QBEHH@Z @ 20 NONAME ; int CUtlSymmetricCipher::MaxOutputLength(int) const
+ ?Process@CUtlSymmetricCipher@@QAEXABVTDesC8@@AAVTDes8@@@Z @ 21 NONAME ; void CUtlSymmetricCipher::Process(class TDesC8 const &, class TDes8 &)
+ ?ProcessFinalL@CUtlSymmetricCipher@@QAEXABVTDesC8@@AAVTDes8@@@Z @ 22 NONAME ; void CUtlSymmetricCipher::ProcessFinalL(class TDesC8 const &, class TDes8 &)
+ ?ReplicateL@CUtlMessageDigest@@QAEPAVCMessageDigest@@XZ @ 23 NONAME ; class CMessageDigest * CUtlMessageDigest::ReplicateL(void)
+ ?Reset@CUtlMessageDigest@@QAEXXZ @ 24 NONAME ; void CUtlMessageDigest::Reset(void)
+ ?Reset@CUtlSymmetricCipher@@QAEXXZ @ 25 NONAME ; void CUtlSymmetricCipher::Reset(void)
+ ?RsaPublicKeyDecryptL@TUtlCrypto@@SAXABVTDesC8@@0AAPAVHBufC8@@@Z @ 26 NONAME ; void TUtlCrypto::RsaPublicKeyDecryptL(class TDesC8 const &, class TDesC8 const &, class HBufC8 * &)
+ ?RsaPublicKeyEncryptL@TUtlCrypto@@SAXABVTDesC8@@0AAPAVHBufC8@@@Z @ 27 NONAME ; void TUtlCrypto::RsaPublicKeyEncryptL(class TDesC8 const &, class TDesC8 const &, class HBufC8 * &)
+ ?Update@CUtlMessageDigest@@QAEXABVTDesC8@@@Z @ 28 NONAME ; void CUtlMessageDigest::Update(class TDesC8 const &)
+ ?CryptoVersion@TUtlCrypto@@SA?AW4TUtlCryptoVersion@1@XZ @ 29 NONAME ; public: static enum TUtlCrypto::TUtlCryptoVersion __cdecl TUtlCrypto::CryptoVersion(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,25 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for project utlcrypto
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+utlcryptonew.mmp
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/group/utlcryptonew.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project utlcrypto
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET utlcrypto.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101FAE04
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE utlcryptonew.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY hash.lib
+LIBRARY x509.lib
+LIBRARY cryptography.lib
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/inc/utlcrypto.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,162 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Class definition of TUtlCrypto.
+*
+*/
+
+
+
+#if !defined(__UTLCRYPTO_H__)
+#define __UTLCRYPTO_H__
+
+#include <e32std.h>
+
+class CSymmetricCipher;
+class CDH;
+class CDHKeyPair;
+class CMessageDigest;
+class CDSASignature;
+class TUtlCrypto;
+
+
+class CUtlSymmetricCipher : public CBase
+/**
+* Symmetric cipher
+* @internalComponent
+*/
+ {
+ friend class TUtlCrypto;
+public:
+ IMPORT_C ~CUtlSymmetricCipher();
+
+ IMPORT_C void Process(const TDesC8& aInput, TDes8& aOutput);
+ IMPORT_C void ProcessFinalL(const TDesC8& aInput, TDes8& aOutput);
+ IMPORT_C TInt MaxOutputLength(TInt aInputTextLength) const;
+ IMPORT_C TInt MaxFinalOutputLength(TInt aInputTextLength) const;
+ IMPORT_C void Reset();
+ IMPORT_C TInt BlockSize() const;
+ IMPORT_C TInt KeySize() const;
+private:
+ CUtlSymmetricCipher();
+private:
+ CSymmetricCipher* iSymmetricCipher;
+ };
+
+
+class CUtlMessageDigest : public CBase
+/**
+* Message digester
+* @internalComponent
+*/
+ {
+ friend class TUtlCrypto;
+public:
+ IMPORT_C ~CUtlMessageDigest();
+
+ IMPORT_C CMessageDigest* ReplicateL(void);
+ IMPORT_C void Update(const TDesC8& aMessage);
+ IMPORT_C TPtrC8 Final(const TDesC8& aMessage);
+ IMPORT_C TPtrC8 Final(void);
+ IMPORT_C CMessageDigest* CopyL(void);
+ IMPORT_C TInt BlockSize(void) const;
+ IMPORT_C TInt HashSize(void) const;
+ IMPORT_C void Reset(void);
+
+private:
+ CUtlMessageDigest();
+private:
+ CMessageDigest* iMessageDigest;
+ };
+
+
+class CUtlDiffieHellman : public CBase
+/**
+* Diffie-Hellman key exchange
+* @internalComponent
+*/
+ {
+ friend class TUtlCrypto;
+public:
+ IMPORT_C ~CUtlDiffieHellman();
+ IMPORT_C const HBufC8* GenerateXL(void);
+ IMPORT_C const HBufC8* CompleteKL(const TDesC8& aY);
+
+private:
+ CUtlDiffieHellman();
+private:
+ CDHKeyPair* iDhKeyPair;
+ CDH* iDhKeyAgreement;
+ TInt iModulusLength;
+ };
+
+
+class TUtlCrypto
+/**
+* Crypto factory
+* @internalComponent
+*/
+ {
+public:
+ enum TUtlSymmetricCipherId
+ {
+ EUtlSymmetricCipherDesCbc, ///< DES
+ EUtlSymmetricCipher3DesCbc, ///< 3DES
+ EUtlSymmetricCipherAesCbc ///< AES
+ };
+
+ enum TUtlMessageDigestId
+ {
+ EUtlMessageDigestMd5, ///< MD5
+ EUtlMessageDigestSha1 ///< SHA1
+ };
+
+ enum TUtlCryptoVersion
+ {
+ EUtlCryptoVersionOld, ///< not Symbian crypto library
+ EUtlCryptoVersionSymbian1 ///< Symbian crypto library
+ };
+
+public:
+ IMPORT_C static CUtlSymmetricCipher* MakeSymmetricEncryptorL(TUtlSymmetricCipherId aCipherId,
+ const TDesC8& aKey,
+ const TDesC8& aIv=KNullDesC8);
+ IMPORT_C static CUtlSymmetricCipher* MakeSymmetricDecryptorL(TUtlSymmetricCipherId aCipherId,
+ const TDesC8& aKey,
+ const TDesC8& aIv=KNullDesC8);
+
+ IMPORT_C static CUtlMessageDigest* MakeMessageDigesterL(TUtlMessageDigestId aDigestId,
+ const TDesC8& aHmacKey=KNullDesC8);
+
+ IMPORT_C static CUtlDiffieHellman* MakeDiffieHellmanL(const TDesC8& aN, const TDesC8& aG);
+
+ IMPORT_C static void RsaPublicKeyEncryptL(const TDesC8& aPublicKeyData,
+ const TDesC8& aPlaintext,
+ HBufC8*& aCiphertext);
+
+ IMPORT_C static void RsaPublicKeyDecryptL(const TDesC8& aPublicKeyData,
+ const TDesC8& aCiphertext,
+ HBufC8*& aPlaintext);
+
+ IMPORT_C static TBool DsaVerifySignatureL(const TDesC8& aPublicKeyData,
+ const TDesC8& aDsaParams,
+ const TDesC8& aDsaSignatureR,
+ const TDesC8& aDsaSignatureS,
+ const TDesC8& aHashData);
+
+ IMPORT_C static TBool IsWeakCryptoLibrary(void);
+
+ IMPORT_C static TUtlCryptoVersion CryptoVersion(void);
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/rom/utlcrypto.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project utlcrypto
+*
+*/
+
+
+
+#ifndef __UTLCRYPTO_IBY__
+#define __UTLCRYPTO_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature UTLCRYPTO not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\utlcrypto.dll SHARED_LIB_DIR\utlcrypto.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __UTLCRYPTO_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlcrypto/src/utlcryptonew.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,620 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: New Symbian crypto API
+*
+*/
+
+
+
+#define DummyForLeaveScanL(a)
+
+#include "msymmetriccipher.h"
+#include <bufferedtransformation.h>
+#include <cbcmode.h>
+#include <des.h>
+#include <3des.h>
+#include <rijndael.h>
+#include <padding.h>
+#include <hash.h>
+
+#include <asymmetrickeys.h>
+#include <asymmetric.h>
+#include <bigint.h>
+#include <random.h>
+#include <cryptostrength.h>
+#include <x509keys.h>
+#include <x509cert.h>
+
+#include "utlcrypto.h"
+
+
+
+EXPORT_C CUtlSymmetricCipher::~CUtlSymmetricCipher()
+/**
+* Destructor.
+*/
+ {
+ delete iSymmetricCipher;
+ }
+
+EXPORT_C void CUtlSymmetricCipher::Process(const TDesC8& aInput, TDes8& aOutput)
+/**
+* Runs the underlying transformation on aInput and appends the result to
+* aOutput.
+* @param aInput The input data to be processed.
+* @param aOutput The resulting processed data appended to aOutput. aOutput must
+* have MaxOutputLength() empty bytes remaining in its length.
+*/
+ {
+ iSymmetricCipher->Process(aInput, aOutput);
+ }
+
+EXPORT_C void CUtlSymmetricCipher::ProcessFinalL(const TDesC8& aInput, TDes8& aOutput)
+/**
+* Pads aInput to be block aligned using the underlying padding system, if any,
+* and then runs the underlying transformation on aInput, and appends the result
+* to aOutput.
+* @param aInput The input data to be processed.
+* @param aOutput The resulting, possibly padded, processed data appended to
+* aOutput. aOutput must have MaxFinalOutputLength() empty bytes remaining in
+* its length.
+*/
+ {
+ //Do dot call ProcessFinalL, but Process, because CPaddingNone is used.
+ //ProcessFinalL causes panic in this case.
+ DummyForLeaveScanL(1);
+ iSymmetricCipher->Process(aInput, aOutput);
+ }
+
+EXPORT_C TInt CUtlSymmetricCipher::MaxOutputLength(TInt aInputTextLength) const
+/**
+* Gets a tight upper bound on the number of bytes that would be returned by a
+* call to Process() with aInputLength bytes of data.
+* @param aInputLength The length of data to be supplied to Process() in bytes.
+* @return The length of data which would result from a call to Process() with
+* an aInputLength number of bytes.
+*/
+ {
+ return iSymmetricCipher->MaxOutputLength(aInputTextLength);
+ }
+
+EXPORT_C TInt CUtlSymmetricCipher::MaxFinalOutputLength(TInt aInputTextLength) const
+/**
+* Gets as tight an upper bound as possible on the number of bytes that would
+* be returned by a call to ProcessFinalL() with aInputLength bytes of data.
+* @param aInputLength The length of data to be supplied to Process() in bytes.
+* @return An upper bound on the length of data which would result from a call to
+* ProcessFinalL() with an aInputLength number of bytes.
+*/
+ {
+ return iSymmetricCipher->MaxFinalOutputLength(aInputTextLength);
+ }
+
+EXPORT_C void CUtlSymmetricCipher::Reset()
+/**
+* Resets the cipher back to its original state. Clears all its buffers.
+*/
+ {
+ iSymmetricCipher->Reset();
+ }
+
+EXPORT_C TInt CUtlSymmetricCipher::BlockSize() const
+/**
+* Gets the block size in bytes (1 for stream ciphers).
+* @return Block size of underlying cipher in bytes.
+*/
+ {
+ return iSymmetricCipher->BlockSize();
+ }
+
+EXPORT_C TInt CUtlSymmetricCipher::KeySize() const
+/**
+* Gets the key size in bits.
+* @return Key size in bits.
+*/
+ {
+ return iSymmetricCipher->KeySize();
+ }
+
+CUtlSymmetricCipher::CUtlSymmetricCipher()
+ {
+ ;
+ }
+
+//--------------------------------------------------------
+
+EXPORT_C CUtlMessageDigest::~CUtlMessageDigest()
+/**
+* Destructor.
+*/
+ {
+ delete iMessageDigest;
+ }
+
+EXPORT_C CMessageDigest* CUtlMessageDigest::ReplicateL(void)
+/**
+* Creates a brand new reset CMessageDigest object containing no state
+* information from the current object. To make a copy of a message
+* digest with its internal state intact, see CopyL().
+*/
+ {
+ return iMessageDigest->ReplicateL();
+ }
+
+EXPORT_C void CUtlMessageDigest::Update(const TDesC8& aMessage)
+/**
+* Adds data to the internal representation of messages to be hashed
+* @param aMessage Data to be included in the hash.
+*/
+ {
+ iMessageDigest->Update(aMessage);
+ }
+
+EXPORT_C TPtrC8 CUtlMessageDigest::Final(const TDesC8& aMessage)
+/**
+* Adds aMessage to the internal representation of data to be hashed,
+* returns a TPtrC8 of the finalised hash of all the previously
+* appended messages, and calls Reset().
+*
+* @param aMessage Data to be included in the hash
+*
+* @return TPtrC8 A descriptor pointer to the buffer containing the
+* resulting hash.
+*/
+ {
+ return iMessageDigest->Final(aMessage);
+ }
+
+EXPORT_C TPtrC8 CUtlMessageDigest::Final(void)
+/**
+* Returns a TPtrC8 of the finalised hash of all the previously
+* appended messages and then calls Reset().
+*
+* @return TPtrC8 A descriptor pointer to the buffer containing the
+* resulting hash.
+*/
+ {
+ return iMessageDigest->Final();
+ }
+
+EXPORT_C CMessageDigest* CUtlMessageDigest::CopyL(void)
+/**
+* Creates a new CMessageDigest object with the exact same state as
+* the current object. This function copies all internal state of the
+* message digest. To create a new CMessageDigest object without the
+* state of the current object, see ReplicateL().
+*/
+ {
+ return iMessageDigest->CopyL();
+ }
+
+EXPORT_C TInt CUtlMessageDigest::BlockSize(void) const
+/**
+* Returns the internal block size of the message digest.
+* @return TInt internal block size of message digest in bytes.
+*/
+ {
+ return iMessageDigest->BlockSize();
+ }
+
+EXPORT_C TInt CUtlMessageDigest::HashSize(void) const
+/**
+* Returns the size of the message digest output.
+* @return TInt output size of the message digest in bytes.
+*/
+ {
+ return iMessageDigest->HashSize();
+ }
+
+EXPORT_C void CUtlMessageDigest::Reset(void)
+/**
+* Resets the internal state of the message digest. A reset hash
+* object loses all internal state representing the hashed data. A
+* reset message digest is suitable to begin a new, distinct hash of
+* different data. Any previously returned TPtrC8 from a call to
+* Final() remains valid until any subsequent call to Update() or
+* Final().
+*/
+ {
+ iMessageDigest->Reset();
+ }
+
+
+CUtlMessageDigest::CUtlMessageDigest()
+ {
+ ;
+ }
+
+//--------------------------------------------------------
+
+EXPORT_C CUtlDiffieHellman::~CUtlDiffieHellman()
+/**
+* Destructor.
+*/
+ {
+ delete iDhKeyPair;
+ delete iDhKeyAgreement;
+ //delete iKBuf;
+ }
+
+EXPORT_C const HBufC8* CUtlDiffieHellman::GenerateXL(void)
+/**
+* Generates a new Diffie-Hellman key exchange.
+* @return HBufC8* X.
+*/
+ {
+ const CDHPublicKey* dhPublicKey = &iDhKeyPair->PublicKey();
+ const TInteger* x = &dhPublicKey->X();
+ HBufC8* resultBuf = NULL;
+ HBufC8* xBuf = x->BufferLC();
+
+ TInt padLength = iModulusLength - xBuf->Length();
+ if ( padLength > 0 )
+ {
+ // Fill prepending zero bits to DH public value.
+ resultBuf = HBufC8::NewL(iModulusLength);
+ TChar zero(0);
+ resultBuf->Des().AppendFill(zero, padLength);
+ resultBuf->Des().Append(*xBuf);
+ CleanupStack::PopAndDestroy(xBuf);
+ }
+ else
+ {
+ CleanupStack::Pop(xBuf);
+ resultBuf = xBuf;
+ }
+
+ return resultBuf;
+ }
+
+EXPORT_C const HBufC8* CUtlDiffieHellman::CompleteKL(const TDesC8& aY)
+/**
+* Completes a Diffie-Hellman key exchange.
+* @param aY Y.
+* @return HBufC8* K.
+*/
+ {
+ const CDHPrivateKey* privateKey = &iDhKeyPair->PrivateKey();
+
+ RInteger n = RInteger::NewL(privateKey->N());
+ CleanupClosePushL(n);
+ RInteger g = RInteger::NewL(privateKey->G());
+ CleanupClosePushL(g);
+ RInteger Y = RInteger::NewL(aY);
+ CleanupClosePushL(Y);
+
+ CDHPublicKey* dhPublicKeyY = CDHPublicKey::NewL(n, g, Y);
+ CleanupStack::Pop(3); // Y, g, n
+ CleanupStack::PushL(dhPublicKeyY);
+
+ const HBufC8* kBuf = iDhKeyAgreement->AgreeL(*dhPublicKeyY);
+
+ CleanupStack::PopAndDestroy(); // dhPublicKeyY
+
+ //delete iKBuf;
+ //iKBuf = const_cast<HBufC8*>(kBuf);
+ //return iKBuf;
+ return kBuf;
+ }
+
+CUtlDiffieHellman::CUtlDiffieHellman()
+ {
+ ;
+ }
+
+//--------------------------------------------------------
+
+EXPORT_C CUtlSymmetricCipher*
+TUtlCrypto::MakeSymmetricEncryptorL(TUtlSymmetricCipherId aCipherId,
+ const TDesC8& aKey,
+ const TDesC8& aIv)
+/**
+* Makes symmetric block encryptor without padding.
+* @param aCipherId Cipher id.
+* @param aKey Key.
+* @param aIv Initialization vector.
+* @return CUtlSymmetricCipher* Pointer to symmetric cipher.
+*/
+ {
+ CSymmetricCipher* cipher = 0;
+ CBlockTransformation* block = 0;
+
+ switch (aCipherId)
+ {
+ case EUtlSymmetricCipherDesCbc:
+ block = CDESEncryptor::NewLC(aKey);
+ block = CModeCBCEncryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ case EUtlSymmetricCipher3DesCbc:
+ block = C3DESEncryptor::NewLC(aKey);
+ block = CModeCBCEncryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ case EUtlSymmetricCipherAesCbc:
+ block = CAESEncryptor::NewLC(aKey);
+ block = CModeCBCEncryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ default:
+ User::Leave(KErrGeneral);
+ break;
+ }
+
+ if (cipher == 0) // it's a block cipher -> make a buffered version
+ {
+ CPadding* padding = CPaddingNone::NewLC();
+ cipher = CBufferedEncryptor::NewL(block, padding);
+ CleanupStack::Pop(); //padding - owned by cipher
+ CleanupStack::Pop(); //block - owned by cipher
+ }
+ else
+ {
+ //-- it's a stream cipher -> everything is already made
+ }
+
+ CleanupStack::PushL(cipher);
+ CUtlSymmetricCipher* utlCipher = new (ELeave) CUtlSymmetricCipher();
+ utlCipher->iSymmetricCipher = cipher;
+ CleanupStack::Pop(); //cipher - owned by utlCipher
+
+ return utlCipher;
+ }
+
+
+EXPORT_C CUtlSymmetricCipher*
+TUtlCrypto::MakeSymmetricDecryptorL(TUtlSymmetricCipherId aCipherId,
+ const TDesC8& aKey,
+ const TDesC8& aIv)
+/**
+* Makes symmetric block decryptor without padding.
+* @param aCipherId Cipher id.
+* @param aKey Key.
+* @param aIv Initialization vector.
+* @return CUtlSymmetricCipher* Pointer to symmetric cipher.
+*/
+ {
+ if (aKey.Length() < 1)
+ {
+ User::Leave(KErrArgument);
+ }
+ CSymmetricCipher* cipher = 0;
+ CBlockTransformation* block = 0;
+
+ switch (aCipherId)
+ {
+ case EUtlSymmetricCipherDesCbc:
+ block = CDESDecryptor::NewLC(aKey);
+ block = CModeCBCDecryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ case EUtlSymmetricCipher3DesCbc:
+ block = C3DESDecryptor::NewLC(aKey);
+ block = CModeCBCDecryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ case EUtlSymmetricCipherAesCbc:
+ block = CAESDecryptor::NewLC(aKey);
+ block = CModeCBCDecryptor::NewL(block, aIv);
+ CleanupStack::Pop(); //1st block owned by 2nd
+ CleanupStack::PushL(block);//2nd block
+ break;
+ default:
+ User::Leave(KErrGeneral);
+ break;
+ }
+
+ if (cipher == 0) // it's a block cipher -> make a buffered version
+ {
+ CPadding* padding = CPaddingNone::NewLC();
+ cipher = CBufferedDecryptor::NewL(block, padding);
+ CleanupStack::Pop(); //padding - owned by cipher
+ CleanupStack::Pop(); //block - owned by cipher
+ }
+ else
+ {
+ //-- it's a stream cipher -> everything is already made
+ }
+
+ CleanupStack::PushL(cipher);
+ CUtlSymmetricCipher* utlCipher = new (ELeave) CUtlSymmetricCipher();
+ utlCipher->iSymmetricCipher = cipher;
+ CleanupStack::Pop(); //cipher - owned by utlCipher
+
+ return utlCipher;
+ }
+
+EXPORT_C CUtlMessageDigest*
+TUtlCrypto::MakeMessageDigesterL(TUtlMessageDigestId aDigestId,
+ const TDesC8& aHmacKey)
+/**
+* Makes message digester.
+* @param aDigestId Digest id.
+* @param aHmacKey HMAC key, if HMAC.
+* @return CUtlMessageDigest* Pointer to message digester.
+*/
+ {
+ CMessageDigest* digest = 0;
+
+ switch (aDigestId)
+ {
+ case EUtlMessageDigestMd5:
+ digest = CMD5::NewL();
+ break;
+ case EUtlMessageDigestSha1:
+ digest = CSHA1::NewL();
+ break;
+ default:
+ User::Leave(KErrGeneral);
+ break;
+ }
+ CleanupStack::PushL(digest);
+
+ if (aHmacKey.Length() > 0)
+ {
+ digest = CHMAC::NewL(aHmacKey, digest);
+ CleanupStack::Pop(); //original digest - owned by CHMAC
+ CleanupStack::PushL(digest);
+ }
+
+ CUtlMessageDigest* utlMessageDigest = new (ELeave) CUtlMessageDigest();
+ utlMessageDigest->iMessageDigest = digest;
+ CleanupStack::Pop(); //digest - owned by utlMessageDigest
+
+ return utlMessageDigest;
+ }
+
+EXPORT_C CUtlDiffieHellman*
+TUtlCrypto::MakeDiffieHellmanL(const TDesC8& aN, const TDesC8& aG)
+/**
+* Makes Diffie-Hellman key exchange object.
+* @param aN N.
+* @param aG G.
+* @return CUtlDiffieHellman* Pointer to Diffie-Hellman key exchange object.
+*/
+ {
+ RInteger n = RInteger::NewL(aN);
+ CleanupClosePushL(n);
+ RInteger g = RInteger::NewL(aG);
+ CleanupClosePushL(g);
+
+ CDHKeyPair* dhKeyPair = CDHKeyPair::NewL(n, g);
+ CleanupStack::PushL(dhKeyPair);
+
+ CDH* dhKeyAgreement = CDH::NewLC(dhKeyPair->PrivateKey());
+
+ CUtlDiffieHellman* utlDiffieHellman = new (ELeave) CUtlDiffieHellman();
+ utlDiffieHellman->iDhKeyAgreement = dhKeyAgreement;
+ utlDiffieHellman->iDhKeyPair = dhKeyPair;
+ utlDiffieHellman->iModulusLength = aN.Length();
+ CleanupStack::Pop(2); //dhKeyAgreement, dhKeyPair
+ CleanupStack::Pop(2); // g, n
+
+ return utlDiffieHellman;
+ }
+
+EXPORT_C void TUtlCrypto::RsaPublicKeyEncryptL(const TDesC8& aPublicKeyData,
+ const TDesC8& aPlaintext,
+ HBufC8*& aCiphertext)
+/**
+* RSA encrypts the plain text with the public key.
+* @param aPublicKeyData Public key.
+* @param aPlaintext Plain text.
+* @param aCiphertext Cipher text.
+*/
+ {
+ CX509RSAPublicKey* publicKey = CX509RSAPublicKey::NewLC(aPublicKeyData);
+ CRSAPKCS1v15Encryptor* rsaEncryptor = CRSAPKCS1v15Encryptor::NewLC(*publicKey);
+
+ TInt publicKeySize = 2048; //publicKey->Size()
+ TInt encrLth = publicKeySize / 8;
+ HBufC8* ciphertext = HBufC8::NewLC(encrLth);
+ TPtr8 ciphertextDesc(ciphertext->Des());
+
+ rsaEncryptor->EncryptL(aPlaintext, ciphertextDesc);
+
+ CleanupStack::Pop(); //ciphertext
+ CleanupStack::PopAndDestroy(2); //rsaEncryptor, publicKey
+ aCiphertext = ciphertext;
+ }
+
+EXPORT_C void TUtlCrypto::RsaPublicKeyDecryptL(const TDesC8& aPublicKeyData,
+ const TDesC8& aCiphertext,
+ HBufC8*& aPlaintext)
+/**
+* RSA decrypts the cipher text with the public key.
+* @param aPublicKeyData Public key.
+* @param aCiphertext Cipher text.
+* @param aPlaintext Plain text.
+*/
+ {
+ CX509RSAPublicKey* publicKey = CX509RSAPublicKey::NewLC(aPublicKeyData);
+ CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*publicKey);
+
+ RInteger S = RInteger::NewL(aCiphertext);
+ CleanupClosePushL(S);
+ CRSASignature* signature = CRSASignature::NewL(S);
+ CleanupStack::Pop(); //S
+ CleanupStack::PushL(signature);
+
+ aPlaintext = verifier->InverseSignLC(*signature);
+
+ CleanupStack::Pop(); //aPlaintext
+ CleanupStack::PopAndDestroy(3); //signature, verifier, publicKey
+ }
+
+EXPORT_C TBool TUtlCrypto::DsaVerifySignatureL(const TDesC8& aPublicKeyData,
+ const TDesC8& aDsaParams,
+ const TDesC8& aDsaSignatureR,
+ const TDesC8& aDsaSignatureS,
+ const TDesC8& aHashData)
+/**
+* Verifies DSA signature.
+* @param aPublicKeyData Public key.
+* @param aDsaParams DSA parameters.
+* @param aDsaSignatureR R.
+* @param aDsaSignatureS S.
+* @param aHashData Hash data.
+* @return TBool Verify signature status: ETrue, if OK.
+*/
+ {
+ TBool ret;
+ TX509KeyFactory keyFactory;
+ CDSAParameters* params = keyFactory.DSAParametersL(aDsaParams);
+ CleanupStack::PushL(params);
+ CDSAPublicKey* key = keyFactory.DSAPublicKeyL(*params, aPublicKeyData);
+ CleanupStack::PushL(key);
+
+ RInteger R = RInteger::NewL(aDsaSignatureR);
+ CleanupClosePushL(R);
+ RInteger S = RInteger::NewL(aDsaSignatureS);
+ CleanupClosePushL(S);
+ CDSASignature* signature = CDSASignature::NewL(R, S);
+ CleanupStack::Pop(2); //S, R
+ CleanupStack::PushL(signature);
+
+ CDSAVerifier* verifier = CDSAVerifier::NewLC(*key);
+ ret = verifier->VerifyL(aHashData, *signature);
+
+ CleanupStack::PopAndDestroy(4); //verifier, signature, key, params
+ return ret;
+ }
+
+EXPORT_C TBool TUtlCrypto::IsWeakCryptoLibrary(void)
+/**
+* Tests the strength of the crypto libary.
+* @return TBool ETrue, if weak crypto library.
+*/
+ {
+ TCrypto::TStrength strength = TCrypto::Strength();
+ if (strength == TCrypto::EWeak)
+ return ETrue;
+ else
+ return EFalse;
+ }
+
+EXPORT_C TUtlCrypto::TUtlCryptoVersion TUtlCrypto::CryptoVersion(void)
+/**
+* Returns the version of the crypto libary.
+* @return TUtlCryptoVersion, crypto version
+*/
+ {
+ return EUtlCryptoVersionSymbian1;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/EABI/utlpkcs10U.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,16 @@
+EXPORTS
+ _ZN10CPkcs10Req10SetDNSNameERK6TDesC8 @ 1 NONAME
+ _ZN10CPkcs10Req12SetPublicKeyERK6TDesC8 @ 2 NONAME
+ _ZN10CPkcs10Req14SetChallengePwERK6TDesC8 @ 3 NONAME
+ _ZN10CPkcs10Req20SetDistinguishedNameERK6TDesC8 @ 4 NONAME
+ _ZN10CPkcs10Req22AttributeTypeOidToTextERK7TDesC16 @ 5 NONAME
+ _ZN10CPkcs10Req23SetSubjectAltNameRfc822ERK6TDesC8 @ 6 NONAME
+ _ZN10CPkcs10Req26CreateCertificateRequestLCE9THashTypeRK5TBuf8ILi20EEiiPFiRK6TDesC8R5TDes8S4_PvESA_ @ 7 NONAME
+ _ZN10CPkcs10Req29SetDistinguishedNameExtendedLERK6TDesC8 @ 8 NONAME
+ _ZN10CPkcs10Req34BuildDistinguishedNameDerFromTextLERP6HBufC8RK6TDesC8iS5_ @ 9 NONAME
+ _ZN10CPkcs10ReqD0Ev @ 10 NONAME
+ _ZN10CPkcs10ReqD1Ev @ 11 NONAME
+ _ZN10CPkcs10ReqD2Ev @ 12 NONAME
+ _ZTI10CPkcs10Req @ 13 NONAME ; #<TI>#
+ _ZTV10CPkcs10Req @ 14 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/bwins/UTLPKCS10U.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,12 @@
+EXPORTS
+ ??1CPkcs10Req@@UAE@XZ @ 1 NONAME ; CPkcs10Req::~CPkcs10Req(void)
+ ?AttributeTypeOidToText@CPkcs10Req@@SA?AVTPtrC8@@ABVTDesC16@@@Z @ 2 NONAME ; class TPtrC8 CPkcs10Req::AttributeTypeOidToText(class TDesC16 const &)
+ ?BuildDistinguishedNameDerFromTextL@CPkcs10Req@@SAXAAPAVHBufC8@@ABVTDesC8@@H1@Z @ 3 NONAME ; void CPkcs10Req::BuildDistinguishedNameDerFromTextL(class HBufC8 * &, class TDesC8 const &, int, class TDesC8 const &)
+ ?CreateCertificateRequestLC@CPkcs10Req@@QAEPAVHBufC8@@W4THashType@@ABV?$TBuf8@$0BE@@@HHP6AHABVTDesC8@@AAVTDes8@@1PAX@Z4@Z @ 4 NONAME ; class HBufC8 * CPkcs10Req::CreateCertificateRequestLC(enum THashType, class TBuf8<20> const &, int, int, int (*)(class TDesC8 const &, class TDes8 &, class TBuf8<20> const &, void *), void *)
+ ?SetChallengePw@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 5 NONAME ; int CPkcs10Req::SetChallengePw(class TDesC8 const &)
+ ?SetDNSName@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 6 NONAME ; int CPkcs10Req::SetDNSName(class TDesC8 const &)
+ ?SetDistinguishedName@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 7 NONAME ; int CPkcs10Req::SetDistinguishedName(class TDesC8 const &)
+ ?SetDistinguishedNameExtendedL@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 8 NONAME ; int CPkcs10Req::SetDistinguishedNameExtendedL(class TDesC8 const &)
+ ?SetPublicKey@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 9 NONAME ; int CPkcs10Req::SetPublicKey(class TDesC8 const &)
+ ?SetSubjectAltNameRfc822@CPkcs10Req@@QAEHABVTDesC8@@@Z @ 10 NONAME ; int CPkcs10Req::SetSubjectAltNameRfc822(class TDesC8 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+utlpkcs10.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/group/utlpkcs10.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project utlpkcs10
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET utlpkcs10.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101F6EB9
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE pkcs10.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY utlbase64.lib
+LIBRARY utlcrypto.lib
+LIBRARY asn1.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/inc/pkcs10.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,192 @@
+/*
+* Copyright (c) 2003 - 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Pkcs10 certificate request.
+*
+*/
+
+
+
+#ifndef _PKCS10_H_
+#define _PKCS10_H_
+#include "pkidefs.h"
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Definitions
+////////////////////////////////////////////////////////////////////////////////////////
+#define SHA1_HASH_LTH 20
+#define MD5_HASH_LTH 16
+#define ASN1_MAX_LENGTH 0xffff
+#define ASN1_MAX_INTEGER 0xffff
+#define MAX_SIGNATURE_LENGTH 512
+#define ASN1_SHORT_TAG_HDR_LTH 2
+#define ASN1_LONG_TAG_HDR_LTH 4
+#define ASN1_NULL_LTH 2
+#define ASN1_CONSTRUCTED 0x20
+#define ASN1_CONTEXT_SPECIFIC 0x80
+#define COMMON_NAME_OID_LTH 3
+#define KEY_TYPE_RSA_OID_LTH 9
+#define SUBJECTALTNAME_EMAIL_OID_LTH 9
+#define SUBJECTALTNAME_OID_LTH 3
+#define CHALLENGEPW_OID_LTH 9
+#define MD5WITHRSA_OID_LTH 9
+#define MD5SIGNATURE_OID_LTH 8
+#define SHA1WITHRSA_OID_LTH 9
+#define PKCS10_EXTENSION_OID_LTH 9
+#define DC_OID_LTH 10
+
+enum THashType {HASH_TYPE_MD5, HASH_TYPE_SHA1};
+const TUint8 KCommonNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x03};
+const TUint8 KEmailAddressOid[SUBJECTALTNAME_EMAIL_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01};
+const TUint8 KSubjectAltNameOid[SUBJECTALTNAME_OID_LTH] = {0x55, 0x1D, 0x11};
+const TUint8 KChallengePWOid[CHALLENGEPW_OID_LTH] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07};
+const TUint8 KKeyTypeRSAOid[KEY_TYPE_RSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01};
+const TUint8 KMd5WithRSAEncryptionOid[MD5WITHRSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04};
+const TUint8 KMd5SignatureOid[MD5SIGNATURE_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05};
+const TUint8 KSha1WithRSAEncryptionOid[SHA1WITHRSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05};
+const TUint8 KPkcs10ExtensionOid[PKCS10_EXTENSION_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E};
+
+#define HEADERLENGTH 40
+#define TRAILERLENGTH 37
+#define HEADER _L("-----BEGIN NEW CERTIFICATE REQUEST-----\n")
+#define TRAILER _L("\n-----END NEW CERTIFICATE REQUEST-----")
+
+#define StoreINTValue(d, s) \
+ (*(unsigned char*)((unsigned char*)(d)+3)) = (unsigned char)((s) & 0xff);\
+ (*(unsigned char*)((unsigned char*)(d)+2)) = (unsigned char)(((s) >> 8 ) & 0xff);\
+ (*(unsigned char*)((unsigned char*)(d)+1)) = (unsigned char)(((s) >> 16) & 0xff);\
+ (*(unsigned char*)(d)) = (unsigned char)(((s) >> 24) & 0xff)
+
+typedef TBool (*TSignCallback)(const TDesC8 &aHash, TDes8 &aSig, const TPKIKeyIdentifier &aPrivKey, TAny* aContext);
+
+class TIndexPair
+{
+ public:
+ TUint startIndex;
+ TUint endIndex;
+};
+
+const TUint8 KCountryNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x06};
+const TUint8 KOrganizationNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x0a};
+const TUint8 KOrganizationalUnitNameOid[COMMON_NAME_OID_LTH] = {0x55,0x04, 0x0b};
+const TUint8 KLocalityNameOid[COMMON_NAME_OID_LTH]= {0x55, 0x04, 0x07};
+const TUint8 KStateOrProvinceNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x08};
+const TUint8 KTitleOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x0c};
+const TUint8 KCommonNOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x03};
+const TUint8 KGivenNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2a};
+const TUint8 KSurnameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x04};
+const TUint8 KInitialsOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2b};
+const TUint8 KGenerationQualifierOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2c};
+const TUint8 KDNQualifierOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2e};
+const TUint8 KSerialNumberOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x05};
+const TUint8 KDomainComponentOid[DC_OID_LTH] = {0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19};
+
+const TUint KNullAttributeIndex = 0;
+const TUint KCountryNameIndex = 1;
+const TUint KOrganizationNameIndex = 2;
+const TUint KOrganizationalUnitNameIndex = 3;
+const TUint KLocalityNameIndex = 4;
+const TUint KStateOrProvinceNameIndex = 5;
+const TUint KTitleIndex = 6;
+const TUint KCommonNameIndex = 7;
+const TUint KGivenNameIndex = 8;
+const TUint KSurnameIndex = 9;
+const TUint KInitialsIndex = 10;
+const TUint KGenerationQualifierIndex = 11;
+const TUint KDNQualifierIndex = 12;
+const TUint KSerialNumberIndex = 13;
+const TUint KDomainComponentIndex = 14;
+
+_LIT8(KCountryName, "C");
+_LIT8(KOrganizationName, "O");
+_LIT8(KOrganizationalUnitName, "OU");
+_LIT8(KLocalityName, "L");
+_LIT8(KStateOrProvinceName, "ST");
+_LIT8(KTitle, "TITLE");
+_LIT8(KCommonName, "CN");
+_LIT8(KGivenName, "GIVENNAME");
+_LIT8(KSurname, "SN");
+_LIT8(KInitials, "INITIALS");
+_LIT8(KGenerationQualifier, "GENERATIONQUALIFIER");
+_LIT8(KDNQualifier, "DNQUALIFIER");
+_LIT8(KSerialNumber, "SERIALNUMBER");
+_LIT8(KDomainComponent, "DC");
+
+_LIT8(KDot, ".");
+
+//////////////////////////////////////////////////////////////////////////////
+// Class CPkcs10Req
+//////////////////////////////////////////////////////////////////////////////
+class CPkcs10Req : public CBase
+{
+ public:
+#ifdef __EABI__
+ /** Cause vtable & typeinfo to be exported */
+ IMPORT_C CPkcs10Req() {};
+#endif
+ IMPORT_C ~CPkcs10Req();
+ //////////////////////////////////////////////////////////////////////
+ // Visible interface
+ //////////////////////////////////////////////////////////////////////
+ // Setting parameters for PKCS#10 request
+ //////////////////////////////////////////////////////////////////////
+ IMPORT_C TInt SetDistinguishedName(const TDesC8 &aDistinguishedName);
+ IMPORT_C TInt SetSubjectAltNameRfc822(const TDesC8 &aSubjectAltNameRfc822);
+ IMPORT_C TInt SetChallengePw(const TDesC8 &aChallengePw);
+ IMPORT_C TInt SetDNSName(const TDesC8 &aDNSName);
+ IMPORT_C TInt SetPublicKey(const TDesC8 &aPublicKeyBits);
+ IMPORT_C TInt SetDistinguishedNameExtendedL(const TDesC8 &aDistinguishedName);
+ //////////////////////////////////////////////////////////////////////
+ // Create PKCS#10 request
+ //////////////////////////////////////////////////////////////////////
+ IMPORT_C HBufC8* CreateCertificateRequestLC(THashType aSignatureAlgorithmId, const TPKIKeyIdentifier& aPrivateKeyFilename, TBool aDoBase64, TBool aDoPEM, TSignCallback aSignCallBack, TAny* aSignCallBackContext);
+ // Static functions
+ IMPORT_C static void BuildDistinguishedNameDerFromTextL(HBufC8 *&derBuffer, const TDesC8 &aDistinguishedName, TBool aByPass, const TDesC8 &aByPassType);
+ IMPORT_C static TPtrC8 AttributeTypeOidToText(const TDesC &aType);
+ static TInt ASNCopy(TUint8 *dataPtr, TUint8 *valuePtr, TInt length);
+ static void BuildIndexPairsLC(HBufC8 *&buffer, const TDesC8 &aDistinguishedName, CArrayFixFlat<TIndexPair> *aTypeIndexArray, CArrayFixFlat<TIndexPair> *aValueIndexArray);
+ static void BuildDerL(HBufC8 *aSource, HBufC8 *&derBuffer, CArrayFixFlat<TIndexPair> *aTypeIndexArray, CArrayFixFlat<TIndexPair> *aValueIndexArray, CArrayFixFlat<TPtr8> *aTypePtrArray, CArrayFixFlat<TPtr8> *aValuePtrArray, TBool aByPass, const TDesC8 &aByPassType);
+ static TBool OidExistsL(TPtr8 &aTypePtrArray, TUint &aIndex, TBuf8<32> &aDottedOidDer);
+ static TInt GetOid(TUint aIndex, const TUint8 *&aValue);
+ static void BuildElementDerLC(CArrayFixFlat<HBufC8 *> *aElementArray, TUint aWholeLength, TUint aSetLength, TUint aSeqLength, TUint aOidLength, TUint aStringLength, TUint aOidIndex, TBuf8<32> &aDottedOidDerPtr, TPtr8 &aValuePtr);
+ static TInt DERSetLength(TUint8 *p, TInt datalen);
+ static TInt DERSetInteger(TUint8 *p, TInt aValue);
+ static inline TInt DERSetTag(TUint8 *p, TUint8 aTag) { *p = aTag; return 1;};
+ static inline TInt DERSetOid(TUint8 *p, const unsigned char *oid, TInt datalen) {Mem::Copy(p, oid, datalen); return datalen;};
+ private:
+ ////////////////////////////////////////////////////////////////////////////////////////
+ // Class variables
+ ////////////////////////////////////////////////////////////////////////////////////////
+ TPtrC8 iDistinguishedName;
+ TPtrC8 iSubjectAltName;
+ TPtrC8 iChallengePW;
+ TPtrC8 iDNSName;
+ TPtrC8 iPublicKey;
+ THashType iSignatureAlgorithmId;
+ TBool iUseExtendedDistinguishedName;
+ HBufC8 *iDNDerBuf;
+ ////////////////////////////////////////////////////////////////////////////////////////
+ // Internal functions
+ ////////////////////////////////////////////////////////////////////////////////////////
+ void MD5_HashL(const TDesC8 &aInData, TDes8& aOutData);
+ void SHA1_HashL(const TDesC8 &aInData, TDes8& aOutData);
+ void DigestL(const TDesC8& aData, TDes8& aDigest, THashType aHashType);
+ HBufC8* ASNEncodeCertificationRequestInfoLC();
+ HBufC8* ASNEncodeCertificationRequestLC(const TDes8 &CRLInfoBuffer, const TDes8 &signature);
+ HBufC8* ASNEncodeCommonAttributesLC();
+ HBufC8* ASNEncodePKIinfoLC();
+ HBufC8* ASNEncodeExtendedAttributesLC();
+};
+
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/rom/utlpkcs10.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project utlpkcs10
+*
+*/
+
+
+
+#ifndef __UTLPKCS10_IBY__
+#define __UTLPKCS10_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature UTLPKCS10 not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\utlpkcs10.dll SHARED_LIB_DIR\utlpkcs10.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __UTLPKCS10_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs10/src/pkcs10.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1375 @@
+/*
+* Copyright (c) 2003 - 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Pkcs10 certificate request.
+*
+*/
+
+
+
+#include <eikenv.h>
+#include <asn1cons.h>
+#include <asn1enc.h>
+#include <x520ava.h>
+
+#include "pkcs10.h"
+#include "base64.h"
+#include "pkidefs.h"
+#include "utlcrypto.h"
+
+//////////////////////////////////////////////////////////////////////////////
+// Destructor
+//////////////////////////////////////////////////////////////////////////////
+EXPORT_C CPkcs10Req::~CPkcs10Req()
+{
+ delete iDNDerBuf;
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// Set distinguished name parameter, Only CommonName given
+//////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetDistinguishedName(const TDesC8 &aDistinguishedName)
+{
+ TInt status = KErrNone;
+
+ // Set distiguished name
+ if(aDistinguishedName.Length() > 0)
+ {
+ iDistinguishedName.Set(aDistinguishedName);
+ iUseExtendedDistinguishedName = EFalse;
+ }
+ else
+ status = KErrArgument;
+
+ return (status);
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// SetDistinguishedNameExtended
+//////////////////////////////////////////////////////////////////////////////
+// Set distinguished name parameter. Complete distinguished name in format
+// CN=xxx,O=abc,OU=def or CN=xxx/O=abc/OU=def
+// OIds and corresponding texts (case insensitive):
+// KX520CountryName "2.5.4.6" "c" {0x55, 0x04, 0x06}
+// KX520OrganizationName "2.5.4.10" "o" {0x55, 0x04, 0x0a}
+// KX520OrganizationalUnitName "2.5.4.11" "ou" {0x55, 0x04, 0x0b}
+// KX520LocalityName "2.5.4.7" "l" {0x55, 0x04, 0x07}
+// KX520StateOrProvinceName "2.5.4.8" "st" {0x55, 0x04, 0x08}
+// KX520Title "2.5.4.12" "title" {0x55, 0x04, 0x0c}
+// KX520CommonName "2.5.4.3" "cn" {0x55, 0x04, 0x03}
+// KX520GivenName "2.5.4.42" "GivenName" {0x55, 0x04, 0x2a}
+// KX520Surname "2.5.4.4" "sn" {0x55, 0x04, 0x04}
+// KX520Initials "2.5.4.43" "initials" {0x55, 0x04, 0x2b}
+// KX520GenerationQualifier "2.5.4.44" "generationQualifier" {0x55, 0x04, 0x2c}
+// KX520DNQualifier "2.5.4.46" "dnQualifier" {0x55, 0x04, 0x2e}
+// KX520SerialNumber "2.5.4.5" "serialNumber" {0x55, 0x04, 0x05}
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetDistinguishedNameExtendedL(const TDesC8 &aDistinguishedName)
+{
+ TInt status = KErrNone;
+
+ // Set distiguished name
+ if(aDistinguishedName.Length() > 0)
+ {
+ delete iDNDerBuf; // delete possible old buffer
+ iDNDerBuf = NULL;
+ TRAPD(status, BuildDistinguishedNameDerFromTextL(iDNDerBuf, aDistinguishedName, EFalse, KCountryName()));
+ if(status == KErrNone)
+ {
+ iUseExtendedDistinguishedName = ETrue;
+ }
+ }
+ else
+ status = KErrArgument;
+
+ return (status);
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// BuildDistinguishedNameDerFromText
+//////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CPkcs10Req::BuildDistinguishedNameDerFromTextL(
+ HBufC8 *&derBuffer,
+ const TDesC8 &aDistinguishedName,
+ TBool aByPass,
+ const TDesC8 &aByPassType
+)
+{
+ HBufC8 *shrinkedBuffer;
+
+ CArrayFixFlat<TIndexPair> *valueIndexArray =
+ new (ELeave) CArrayFixFlat<TIndexPair>(1);
+
+ CleanupStack::PushL(valueIndexArray);
+
+ CArrayFixFlat<TIndexPair> *typeIndexArray =
+ new (ELeave) CArrayFixFlat<TIndexPair>(1);
+
+ CleanupStack::PushL(typeIndexArray);
+
+ CArrayFixFlat<TPtr8> *valuePtrArray =
+ new (ELeave) CArrayFixFlat<TPtr8>(1);
+
+ CleanupStack::PushL(valuePtrArray);
+
+ CArrayFixFlat<TPtr8> *typePtrArray =
+ new (ELeave) CArrayFixFlat<TPtr8>(1);
+
+ CleanupStack::PushL(typePtrArray);
+
+ // Scan input and build index arrays for types and values
+ CPkcs10Req::BuildIndexPairsLC(
+ shrinkedBuffer,
+ aDistinguishedName,
+ typeIndexArray,
+ valueIndexArray
+ );
+
+ CPkcs10Req::BuildDerL(
+ shrinkedBuffer,
+ derBuffer,
+ typeIndexArray,
+ valueIndexArray,
+ typePtrArray,
+ valuePtrArray,
+ aByPass,
+ aByPassType
+ );
+
+ CleanupStack::PopAndDestroy(5);
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// AttributeTypeOidToText
+//////////////////////////////////////////////////////////////////////////////
+EXPORT_C TPtrC8 CPkcs10Req::AttributeTypeOidToText(const TDesC &aType)
+{
+ TPtrC8 temp;
+
+ if(aType.Compare(KX520CountryName) == 0)
+ temp.Set(KCountryName);
+ else if(aType.Compare(KX520OrganizationName) == 0)
+ temp.Set(KOrganizationName);
+ else if(aType.Compare(KX520OrganizationalUnitName) == 0)
+ temp.Set(KOrganizationalUnitName);
+ else if(aType.Compare(KX520LocalityName) == 0)
+ temp.Set(KLocalityName);
+ else if(aType.Compare(KX520StateOrProvinceName) == 0)
+ temp.Set(KStateOrProvinceName);
+ else if(aType.Compare(KX520Title) == 0)
+ temp.Set(KTitle);
+ else if(aType.Compare(KX520CommonName) == 0)
+ temp.Set(KCommonName);
+ else if(aType.Compare(KX520GivenName) == 0)
+ temp.Set(KGivenName);
+ else if(aType.Compare(KX520Surname) == 0)
+ temp.Set(KSurname);
+ else if(aType.Compare(KX520Initials) == 0)
+ temp.Set(KInitials);
+ else if(aType.Compare(KX520GenerationQualifier) == 0)
+ temp.Set(KGenerationQualifier);
+ else if(aType.Compare(KX520DNQualifier) == 0)
+ temp.Set(KDNQualifier);
+ else if(aType.Compare(KX520SerialNumber) == 0)
+ temp.Set(KSerialNumber);
+ else if(aType.Compare(KRFC2247DomainComponent) == 0)
+ temp.Set(KDomainComponent);
+ else
+ {
+ // Return dotted oid, length = 0
+ }
+
+ return temp;
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// BuildIndexPairsLC
+//////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::BuildIndexPairsLC(
+ HBufC8 *&buffer,
+ const TDesC8 &aDistinguishedName,
+ CArrayFixFlat<TIndexPair> *aTypePairArray,
+ CArrayFixFlat<TIndexPair> *aValuePairArray
+)
+{
+ // Some rules:
+ // 1) Separator: ','
+ // 2) Escape character '\'
+ // 3) Value may be quoted. Then separator in value is allowed
+ // (without preceding escape char)
+
+ HBufC8 *sourceBuffer;
+ HBufC8 *targetBuffer;
+ TUint i, j;
+ targetBuffer = HBufC8::NewLC(aDistinguishedName.Length());
+ targetBuffer->Des().SetLength(aDistinguishedName.Length());
+ sourceBuffer = HBufC8::NewLC(aDistinguishedName.Length());
+ sourceBuffer->Des().Copy(aDistinguishedName);
+ TPtr8 sourcePointer = sourceBuffer->Des();
+ TPtr8 targetPointer = targetBuffer->Des();
+ TBool insideQuotes = EFalse;
+ TIndexPair pair;
+ TUint elementStartPosition = 0;
+ TUint elementEndPosition = 0;
+
+ // Delete leading and trailing spaces
+ sourcePointer.Trim();
+
+ // Scan text in order to collect name value pairs
+ for(i = 0, j = 0; (TInt)i < sourcePointer.Length(); i++)
+ {
+ if(sourcePointer[i] == '"')
+ {
+ // Toggle quote state
+ // Don't ignore quotes in order to ease trimming.
+ // (Spaces inside quotes are meaningful)
+ insideQuotes = !insideQuotes;
+ targetPointer[j] = sourcePointer[i];
+ j++;
+ continue;
+ }
+
+ if(insideQuotes)
+ {
+ // Allow any character
+ // Check for escape
+ if(sourcePointer[i] == '\\')
+ {
+ if((TInt)i < sourcePointer.Length() - 1)
+ {
+ targetPointer[j] = sourcePointer[i + 1];
+ j++;
+ i++; // skip char
+ }
+ else
+ User::Leave(KErrArgument);
+ }
+ else
+ {
+ targetPointer[j] = sourcePointer[i];
+ j++;
+ }
+ continue;
+ }
+
+ // Check for escape
+ if(sourcePointer[i] == '\\')
+ {
+ if((TInt)i < sourcePointer.Length() - 1)
+ {
+ targetPointer[j] = sourcePointer[i + 1];
+ j++;
+ i++; // skip char
+ }
+ else
+ User::Leave(KErrArgument);
+
+ continue;
+ }
+
+ // Check for pair separator
+ if(sourcePointer[i] == ',')
+ {
+ // End of type/value pair
+ elementEndPosition = j;
+ pair.startIndex = elementStartPosition;
+ pair.endIndex = elementEndPosition;
+ aValuePairArray->AppendL(pair);
+ elementStartPosition = j;
+ }
+ // Check for type/value separator
+ else if(sourcePointer[i] == '=')
+ {
+ elementEndPosition = j;
+ pair.startIndex = elementStartPosition;
+ pair.endIndex = elementEndPosition;
+ aTypePairArray->AppendL(pair);
+ elementStartPosition = j;
+ }
+ else
+ {
+ // Plain copy
+ targetPointer[j] = sourcePointer[i];
+ j++;
+ }
+ }
+
+ // Append final value
+ elementEndPosition = j;
+ pair.startIndex = elementStartPosition;
+ pair.endIndex = elementEndPosition;
+ aValuePairArray->AppendL(pair);
+
+ // Ensure we have consistent type/value pairs
+ if(aTypePairArray->Count() != aValuePairArray->Count())
+ {
+ User::Leave(KErrArgument);
+ }
+
+ CleanupStack::PopAndDestroy(1); // source
+ // Return allocated shrinked buffer and OK status
+ targetBuffer->Des().SetLength(j);
+ buffer = targetBuffer;
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// BuildDerLC
+//////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::BuildDerL(
+ HBufC8 *aSource,
+ HBufC8 *&derBuffer,
+ CArrayFixFlat<TIndexPair> *aTypeIndexArray,
+ CArrayFixFlat<TIndexPair> *aValueIndexArray,
+ CArrayFixFlat<TPtr8> *aTypePtrArray,
+ CArrayFixFlat<TPtr8> *aValuePtrArray,
+ TBool aByPass,
+ const TDesC8 &aByPassType
+)
+{
+ TUint i;
+ // trim types and values and count required der length
+ TUint elementLength = 0;
+ TUint totalLength = 0;
+ TUint wholeLength = 0;
+ TUint setLength = 0;
+ TUint seqLength = 0;
+ TUint oidLength = COMMON_NAME_OID_LTH;
+ TUint stringLength = 0;
+ TUint contentLength = 0;
+ TUint oidIndex = 0;
+ TBuf8<32> dottedOidDer;
+
+ CArrayFixFlat<HBufC8 *> *elementArray =
+ new (ELeave) CArrayFixFlat<HBufC8 *>(1);
+
+ CleanupStack::PushL(elementArray);
+
+ for(i = 0; (TInt)i < aTypeIndexArray->Count(); i++) // counts are equal
+ {
+ TPtr8 tempPtr(
+ CONST_CAST(TUint8*, aSource->Des().Ptr()) + aTypeIndexArray->At(i).startIndex,
+ aTypeIndexArray->At(i).endIndex - aTypeIndexArray->At(i).startIndex
+ );
+
+ tempPtr.SetLength(
+ aTypeIndexArray->At(i).endIndex - aTypeIndexArray->At(i).startIndex
+ );
+
+ aTypePtrArray->AppendL(tempPtr);
+
+ tempPtr.Set(
+ CONST_CAST(TUint8*, aSource->Des().Ptr()) + aValueIndexArray->At(i).startIndex,
+ aValueIndexArray->At(i).endIndex - aValueIndexArray->At(i).startIndex,
+ aValueIndexArray->At(i).endIndex - aValueIndexArray->At(i).startIndex
+ );
+
+ tempPtr.SetLength(aValueIndexArray->At(i).endIndex - aValueIndexArray->At(i).startIndex);
+
+ tempPtr.Trim();
+
+ if(0 == tempPtr.Length())
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // Remove quotes. Spaces inside quotes are meaningful,
+ // so Trim must be called before this operation
+ if(tempPtr[0] == '"')
+ {
+ if(tempPtr[tempPtr.Length() -1 ] != '"')
+ {
+ User::Leave(KErrArgument);
+ }
+ else
+ {
+ TInt tempLength = tempPtr.Length() - 2;
+ tempPtr.Set(CONST_CAST(TUint8*, tempPtr.Ptr() + 1), tempLength, tempLength);
+ tempPtr.SetLength(tempLength);
+ }
+ }
+
+ if(0 == tempPtr.Length())
+ {
+ User::Leave(KErrArgument);
+ }
+
+ aValuePtrArray->AppendL(tempPtr);
+
+ aTypePtrArray->At(i).Trim();
+ aTypePtrArray->At(i).UpperCase();
+
+ // Check if type is supported, it is ignored if not
+ if(CPkcs10Req::OidExistsL(aTypePtrArray->At(i), oidIndex, dottedOidDer))
+ {
+ if(KNullAttributeIndex == oidIndex)
+ {
+ oidLength = dottedOidDer.Length() - ASN1_SHORT_TAG_HDR_LTH;
+ }
+ else if(KDomainComponentIndex == oidIndex)
+ {
+ oidLength = DC_OID_LTH;
+ }
+ else
+ {
+ oidLength = COMMON_NAME_OID_LTH;
+ }
+
+ if(!(aByPass && aTypePtrArray->At(i).Compare(aByPassType) == 0))
+ {
+ // Printable string
+ elementLength = aValuePtrArray->At(i).Length();
+ stringLength = elementLength;
+ if(elementLength > 127)
+ elementLength++;
+ if(elementLength > 255)
+ elementLength++;
+ elementLength += ASN1_SHORT_TAG_HDR_LTH;
+
+ elementLength += oidLength; // Oid
+ elementLength += ASN1_SHORT_TAG_HDR_LTH;
+ seqLength = elementLength;
+ if(elementLength > 127)
+ elementLength++;
+ if(elementLength > 255)
+ elementLength++;
+ elementLength += ASN1_SHORT_TAG_HDR_LTH; // Sequence
+ setLength = elementLength;
+ if(elementLength > 127)
+ elementLength++;
+ if(elementLength > 255)
+ elementLength++;
+ elementLength += ASN1_SHORT_TAG_HDR_LTH; // Set
+ wholeLength = elementLength;
+
+ // Build one element
+ CPkcs10Req::BuildElementDerLC(
+ elementArray,
+ wholeLength,
+ setLength,
+ seqLength,
+ oidLength,
+ stringLength,
+ oidIndex,
+ dottedOidDer,
+ aValuePtrArray->At(i)
+ );
+
+ totalLength += elementLength;
+ }
+ }
+ }
+
+ if( 0 == totalLength )
+ {
+ User::Leave(KErrArgument);
+ }
+
+ contentLength = totalLength;
+ if(totalLength > 127) // Sequence
+ totalLength++;
+ if(totalLength > 255)
+ totalLength++;
+
+ totalLength += ASN1_SHORT_TAG_HDR_LTH;
+
+ // Allocate buffer
+ derBuffer = HBufC8::NewL(totalLength);
+ derBuffer->Des().SetLength(totalLength);
+ TUint8 *derBufferPtr = (TUint8 *)derBuffer->Ptr();
+ derBufferPtr+= CPkcs10Req::DERSetTag(derBufferPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ derBufferPtr+= CPkcs10Req::DERSetLength(derBufferPtr, contentLength);
+
+ for(i = 0; (TInt)i < elementArray->Count(); i++)
+ {
+ derBufferPtr+= CPkcs10Req::ASNCopy(
+ derBufferPtr,
+ CONST_CAST(unsigned char *, elementArray->At(i)->Des().Ptr()),
+ elementArray->At(i)->Length()
+ );
+ }
+
+ CleanupStack::PopAndDestroy(elementArray->Count());
+ CleanupStack::PopAndDestroy(elementArray);
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// OidExistsLC
+///////////////////////////////////////////////////////////////////////////////
+TBool CPkcs10Req::OidExistsL(
+ TPtr8 &aTypePtrArray,
+ TUint &aIndex,
+ TBuf8<32> &aDottedOidDer
+)
+{
+TBool validOId = EFalse;
+
+ aIndex = KNullAttributeIndex;
+
+ if(aTypePtrArray.Compare(KCountryName) == 0)
+ aIndex = KCountryNameIndex;
+ else if(aTypePtrArray.Compare(KOrganizationName) == 0)
+ aIndex = KOrganizationNameIndex;
+ else if(aTypePtrArray.Compare(KOrganizationalUnitName) == 0)
+ aIndex = KOrganizationalUnitNameIndex;
+ else if(aTypePtrArray.Compare(KLocalityName) == 0)
+ aIndex = KLocalityNameIndex;
+ else if(aTypePtrArray.Compare(KStateOrProvinceName) == 0)
+ aIndex = KStateOrProvinceNameIndex;
+ else if(aTypePtrArray.Compare(KTitle) == 0)
+ aIndex = KTitleIndex;
+ else if(aTypePtrArray.Compare(KCommonName) == 0)
+ aIndex = KCommonNameIndex;
+ else if(aTypePtrArray.Compare(KGivenName) == 0)
+ aIndex = KGivenNameIndex;
+ else if(aTypePtrArray.Compare(KSurname) == 0)
+ aIndex = KSurnameIndex;
+ else if(aTypePtrArray.Compare(KInitials) == 0)
+ aIndex = KInitialsIndex;
+ else if(aTypePtrArray.Compare(KGenerationQualifier) == 0)
+ aIndex = KGenerationQualifierIndex;
+ else if(aTypePtrArray.Compare(KDNQualifier) == 0)
+ aIndex = KDNQualifierIndex;
+ else if(aTypePtrArray.Compare(KSerialNumber) == 0)
+ aIndex = KSerialNumberIndex;
+ else if(aTypePtrArray.Compare(KDomainComponent) == 0)
+ aIndex = KDomainComponentIndex;
+
+ if(KNullAttributeIndex != aIndex)
+ {
+ validOId = ETrue;
+ }
+ else
+ {
+ if(aTypePtrArray.Find(KDot) != KErrNotFound)
+ {
+ // Dotted oid notation
+ TUint offset = 0;
+ TBuf<32> tempOidBuf;
+ tempOidBuf.Copy(aTypePtrArray);
+
+ CASN1EncObjectIdentifier *oidIdentifier =
+ CASN1EncObjectIdentifier::NewLC(tempOidBuf);
+
+ // WriteDERL uses Length() instead of MaxLength() ?
+ aDottedOidDer.SetLength(32);
+ oidIdentifier->WriteDERL(aDottedOidDer, offset);
+ aDottedOidDer.SetLength(oidIdentifier->LengthDER());
+ CleanupStack::PopAndDestroy(); // oidIdentifier
+ validOId = ETrue;
+ }
+ }
+
+ return validOId;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// GetOid
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CPkcs10Req::GetOid(TUint aIndex, const TUint8 *&aValue)
+{
+ switch(aIndex)
+ {
+ case KCountryNameIndex:
+ aValue = KCountryNameOid;
+ break;
+ case KOrganizationNameIndex:
+ aValue = KOrganizationNameOid;
+ break;
+ case KOrganizationalUnitNameIndex:
+ aValue = KOrganizationalUnitNameOid;
+ break;
+ case KLocalityNameIndex:
+ aValue = KLocalityNameOid;
+ break;
+ case KStateOrProvinceNameIndex:
+ aValue = KStateOrProvinceNameOid;
+ break;
+ case KTitleIndex:
+ aValue = KTitleOid;
+ break;
+ case KCommonNameIndex:
+ aValue = KCommonNOid;
+ break;
+ case KGivenNameIndex:
+ aValue = KGivenNameOid;
+ break;
+ case KSurnameIndex:
+ aValue = KSurnameOid;
+ break;
+ case KInitialsIndex:
+ aValue = KInitialsOid;
+ break;
+ case KGenerationQualifierIndex:
+ aValue = KGenerationQualifierOid;
+ break;
+ case KDNQualifierIndex:
+ aValue = KDNQualifierOid;
+ break;
+ case KSerialNumberIndex:
+ aValue = KSerialNumberOid;
+ break;
+ case KDomainComponentIndex:
+ aValue = KDomainComponentOid;
+ break;
+ default:
+ return KErrArgument;
+ }
+
+ return KErrNone;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// FillDer
+////////////////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::BuildElementDerLC(CArrayFixFlat<HBufC8 *> *aElementArray, TUint aWholeLength, TUint aSetLength, TUint aSeqLength, TUint aOidLength, TUint aStringLength, TUint aOidIndex, TBuf8<32> &aDottedOidDer, TPtr8 &aValuePtr)
+{
+ HBufC8 *elementBuffer = HBufC8::NewLC(aWholeLength);
+ elementBuffer->Des().SetLength(aWholeLength);
+ TUint8 *elementBufferPtr = (TUint8 *)elementBuffer->Ptr();
+ const TUint8 *oidPtr;
+
+ elementBufferPtr+= CPkcs10Req::DERSetTag(elementBufferPtr, (EASN1Set | ASN1_CONSTRUCTED));
+ elementBufferPtr+= CPkcs10Req::DERSetLength(elementBufferPtr, aSetLength);
+ elementBufferPtr+= CPkcs10Req::DERSetTag(elementBufferPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ elementBufferPtr+= CPkcs10Req::DERSetLength(elementBufferPtr, aSeqLength);
+ if(aOidIndex != 0)
+ {
+ GetOid(aOidIndex, oidPtr);
+ elementBufferPtr+= CPkcs10Req::DERSetTag(elementBufferPtr, EASN1ObjectIdentifier);
+ elementBufferPtr+= CPkcs10Req::DERSetLength(elementBufferPtr, aOidLength);
+ elementBufferPtr+= CPkcs10Req::DERSetOid(elementBufferPtr, oidPtr, aOidLength);
+ }
+ else
+ {
+ // Dotted oid representation
+ elementBufferPtr+= CPkcs10Req::ASNCopy(elementBufferPtr, CONST_CAST(unsigned char *, aDottedOidDer.Ptr()), aDottedOidDer.Length());
+ }
+ elementBufferPtr+= CPkcs10Req::DERSetTag(elementBufferPtr, EASN1UTF8String);
+ elementBufferPtr+= CPkcs10Req::DERSetLength(elementBufferPtr, aStringLength);
+ elementBufferPtr+= CPkcs10Req::ASNCopy(elementBufferPtr, CONST_CAST(unsigned char *, aValuePtr.Ptr()), aValuePtr.Length());
+
+ aElementArray->AppendL(elementBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Set subject alt name extension, email
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetSubjectAltNameRfc822(const TDesC8 &aSubjectAltNameRfc822)
+{
+ TInt status = KErrNone;
+
+ // Set subject alt name
+ if(aSubjectAltNameRfc822.Length() > 0)
+ iSubjectAltName.Set(aSubjectAltNameRfc822);
+
+ return (status);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Set DNSname extension
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetDNSName(const TDesC8 &aDNSName)
+{
+ TInt status = KErrNone;
+
+ // Set subject alt name
+ if(aDNSName.Length() > 0)
+ iDNSName.Set(aDNSName);
+
+ return (status); // DNS name is optional
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Set challenge password extension
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetChallengePw(const TDesC8 &aChallengePw)
+{
+ // Set challenge password
+ if(aChallengePw.Length() > 0)
+ iChallengePW.Set(aChallengePw);
+
+ return KErrNone; // ChallengePw is optional
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Set public key and key type (only RSA supported!)
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CPkcs10Req::SetPublicKey(const TDesC8 &aPublicKeyBits)
+{
+ TInt status = KErrNone;
+
+ // Build public key DER
+ if(aPublicKeyBits.Length() > 0 )
+ {
+ iPublicKey.Set(aPublicKeyBits);
+ }
+ else
+ {
+ status = KErrArgument;
+ }
+
+ return (status);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Create the request
+//
+// In: THashType aSignatureAlgorithmId, MD5 os SHA1
+// const TDesC& aPrivateKeyFilename, keyid used in kmdserver
+// TBool doPEM, set ETrue if PEM encoding requested, otherwise out format is DER
+// TSignCallback aSignCallBackL, signing callback function address, defined in pkcs10.h
+// Out: HBufC8 * containing the request. Remember to pop it out of the cleanupstack and delete it when not needed anymore.
+//
+// Output format is either der (in example below, ASN1 decoding done)
+//
+// 0:d=0 hl=4 l= 431 cons: SEQUENCE
+// 4:d=1 hl=4 l= 281 cons: SEQUENCE
+// 8:d=2 hl=2 l= 1 prim: INTEGER :00
+// 11:d=2 hl=2 l= 52 cons: SEQUENCE : Distinguished name
+// 13:d=3 hl=2 l= 16 cons: SET
+// 15:d=4 hl=2 l= 14 cons: SEQUENCE
+// 17:d=5 hl=2 l= 3 prim: OBJECT :commonName
+// 22:d=5 hl=2 l= 7 prim: PRINTABLESTRING :subject
+// 31:d=3 hl=2 l= 32 cons: SET //
+// 33:d=4 hl=2 l= 30 cons: SEQUENCE
+// 35:d=5 hl=2 l= 9 prim: OBJECT :emailAddress
+// 46:d=5 hl=2 l= 17 prim: IA5STRING
+// 65:d=2 hl=3 l= 138 cons: SEQUENCE
+// 68:d=3 hl=2 l= 13 cons: SEQUENCE
+// 70:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+// 81:d=4 hl=2 l= 0 prim: NULL
+// 83:d=3 hl=2 l= 121 prim: BIT STRING
+// 206:d=2 hl=2 l= 81 cons: cont [ 0 ]
+// 208:d=3 hl=2 l= 26 cons: SEQUENCE
+// 210:d=4 hl=2 l= 9 prim: OBJECT :challengePassword
+// 221:d=4 hl=2 l= 13 cons: SET
+// 223:d=5 hl=2 l= 11 prim: PRINTABLESTRING :challengepw
+// 236:d=3 hl=2 l= 51 cons: SEQUENCE
+// 238:d=4 hl=2 l= 9 prim: OBJECT :Extension Request
+// 249:d=4 hl=2 l= 38 cons: SET
+// 251:d=5 hl=2 l= 36 cons: SEQUENCE
+// 253:d=6 hl=2 l= 34 cons: SEQUENCE
+// 255:d=7 hl=2 l= 9 prim: OBJECT :emailAddress
+// 266:d=7 hl=2 l= 21 prim: OCTET STRING
+// 289:d=1 hl=2 l= 13 cons: SEQUENCE
+// 291:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+// 302:d=2 hl=2 l= 0 prim: NULL
+// 304:d=1 hl=3 l= 129 prim: BIT STRING
+//
+// or PEM, which looks like this
+// -----BEGIN NEW CERTIFICATE REQUEST-----
+// MIIBqDCCARECAQAwFjEUMBIGA1UEAxMLa3Vra3VsdXVydXUwgZ8wDQYJKoZIhvcN
+// AQEBBQADgY0AMIGJAoGBALCCSQ305j5l/qh4TeIJeaLdLEtKe9IpAPTCvZqZhIv/
+// VpVRw3fdq2qgBMe6zsO0kctBYkvdZ67Yq3Gdmzx1Ofx4S0F4BUDT6TGH2uP3zi04
+// zMb3IoDxF9BAp9drc6BKzMnhN5HBIV0RUoTLhQ8HKbFcwmqIAo0uJkUx2gbr+aOD
+// AgMBAAGgUjAXBgkqhkiG9w0BCQcxChMIcGFzc3dvcmQwNwYJKoZIhvcNAQkOMSow
+// KDAmBgNVHREEHzAdggtrdWtrdWx1dXJ1dYEOanVraUBub2tpYS5jb20wDQYJKoZI
+// hvcNAQEEBQADgYEAbltAG0DNe2NuyMHoJPg4QQExhUb9rep6eSJvrACbyT2qVgJe
+// vrdpOesdw7//MsOhgTP+MU36DlTVRbpoUJ8xO1wM10ljrxkWcwNfdEU4kf3NOiWB
+// 4i+V99jPK2nbK/ofNpJU7m2nMvi4Z66WlM/kDEwVJe5GWwIzOIyOlfkiyc8=
+// -----END NEW CERTIFICATE REQUEST-----
+//
+///////////////////////////////////////////////////////////////////////////////
+EXPORT_C HBufC8* CPkcs10Req::CreateCertificateRequestLC(
+THashType aSignatureAlgorithmId,
+const TPKIKeyIdentifier& aPrivateKeyFilename,
+TBool aDoBase64,
+TBool aDoPEM,
+TSignCallback aSignCallBackL,
+TAny* aSignCallBackContext)
+{
+ // Build certificate request
+ HBufC8 *CRInfoBuffer = NULL;
+ HBufC8 *CRBuffer = NULL;
+ TBuf8<SHA1_HASH_LTH> hash;
+ TBase64Codec base64Codec;
+ HBufC8 *encodedCRBuffer = NULL;
+ HBufC8 *tempBuffer = NULL;
+ TBuf8<MAX_SIGNATURE_LENGTH> signature;
+
+ // Create CertificationRequestInfo consisting
+ //
+ // - subject distinguished name
+ // - public key
+ // - Attributes
+ // -Subject alt name Rfc822
+ // -Challenge PW
+
+ CRInfoBuffer = ASNEncodeCertificationRequestInfoLC();
+ if(CRInfoBuffer)
+ {
+ // Sign CertificationRequestInfo
+ //
+ // - create hash using the defined signature algorithm
+ // - create digital signature of the hash by calling the given callback function
+
+ DigestL(CRInfoBuffer->Des(), hash, aSignatureAlgorithmId);
+
+ // Capsulate hash in digest info
+ TUint digestInfoLength = hash.Length() + 5 * ASN1_SHORT_TAG_HDR_LTH + MD5SIGNATURE_OID_LTH;
+ HBufC8 *digestInfo = HBufC8::NewLC(digestInfoLength);
+
+ digestInfo->Des().SetLength(digestInfoLength);
+ TUint8 *digestInfoPtr = (TUint8*)digestInfo->Ptr();
+ digestInfoPtr+= CPkcs10Req::DERSetTag(digestInfoPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ digestInfoPtr+= CPkcs10Req::DERSetLength(digestInfoPtr, digestInfoLength - ASN1_SHORT_TAG_HDR_LTH);
+ digestInfoPtr+= CPkcs10Req::DERSetTag(digestInfoPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ digestInfoPtr+= CPkcs10Req::DERSetLength(digestInfoPtr, MD5SIGNATURE_OID_LTH + 2 * ASN1_SHORT_TAG_HDR_LTH);
+ digestInfoPtr+= CPkcs10Req::DERSetTag(digestInfoPtr, EASN1ObjectIdentifier);
+ digestInfoPtr+= CPkcs10Req::DERSetLength(digestInfoPtr, MD5SIGNATURE_OID_LTH);
+ digestInfoPtr+= CPkcs10Req::DERSetOid(digestInfoPtr, (TUint8*)KMd5SignatureOid, MD5SIGNATURE_OID_LTH);
+ digestInfoPtr+= CPkcs10Req::DERSetTag(digestInfoPtr, EASN1Null);
+ digestInfoPtr+= CPkcs10Req::DERSetLength(digestInfoPtr, 0);
+ digestInfoPtr+= CPkcs10Req::DERSetTag(digestInfoPtr, EASN1OctetString);
+ digestInfoPtr+= CPkcs10Req::DERSetLength(digestInfoPtr, hash.Length());
+ digestInfoPtr+= CPkcs10Req::ASNCopy(digestInfoPtr, CONST_CAST(TUint8 *, hash.Ptr()), hash.Length());
+
+ // Sign it
+ // Only RSA supported by now
+ iSignatureAlgorithmId = aSignatureAlgorithmId;
+ aSignCallBackL(
+ *digestInfo,
+ signature,
+ aPrivateKeyFilename,
+ aSignCallBackContext);
+ CleanupStack::PopAndDestroy( digestInfo );
+
+ // Collect CertificationRequestInfo, signature algoritm identifier (NO OPTIONS)
+ // and signature into PKCS#10 CertificationRequest
+
+ CRBuffer = ASNEncodeCertificationRequestLC(CRInfoBuffer->Des(), signature);
+ if(CRBuffer)
+ {
+ if(aDoBase64)
+ {
+ // Base64 encode the CertificationRequest
+ tempBuffer = base64Codec.Base64EncodeLC(CRBuffer->Des());
+ if(tempBuffer != NULL)
+ {
+ // Append PEM header and trailer
+ encodedCRBuffer = HBufC8::NewL(tempBuffer->Length() + HEADERLENGTH + TRAILERLENGTH + 1);
+ TPtr8 encodedCRBufferPtr = encodedCRBuffer->Des();
+ if(aDoPEM)
+ {
+ encodedCRBufferPtr.Copy(HEADER);
+ encodedCRBufferPtr.Append(tempBuffer->Des());
+ encodedCRBufferPtr.Append(TRAILER);
+ }
+ else
+ encodedCRBufferPtr.Copy(tempBuffer->Des());
+
+ CleanupStack::PopAndDestroy(3); //tempBuffer, CRInfoBuffer, CRBuffer
+ CleanupStack::PushL(encodedCRBuffer);
+ }
+ else
+ CleanupStack::PopAndDestroy(2); //CRInfoBuffer, CRBuffer
+ }
+ else
+ {
+ CleanupStack::Pop(1);
+ CleanupStack::PopAndDestroy(1); //CRInfoBuffer
+ CleanupStack::PushL(CRBuffer);
+ return (CRBuffer);
+ }
+ }
+ else
+ CleanupStack::PopAndDestroy(1); //CRInfoBuffer
+ }
+
+ return (encodedCRBuffer);
+}
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+// MD5 hash function
+////////////////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::MD5_HashL(const TDesC8 &aInData, TDes8& aOutData)
+{
+ CUtlMessageDigest* md5 = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestMd5);
+ aOutData.Copy(md5->Final(aInData));
+ delete md5;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// SHA1 hash function
+////////////////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::SHA1_HashL(const TDesC8 &aInData, TDes8& aOutData)
+{
+ CUtlMessageDigest* sha1 = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
+ aOutData.Copy(sha1->Final(aInData));
+ delete sha1;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Digest function, calling either MD5 or SHA1 hash
+////////////////////////////////////////////////////////////////////////////////////////
+void CPkcs10Req::DigestL(const TDesC8& aData, TDes8& aDigest, THashType aHashType)
+{
+ if (aHashType == HASH_TYPE_MD5)
+ MD5_HashL(aData, aDigest);
+ else
+ SHA1_HashL(aData, aDigest);
+}
+
+
+////////////////////////////////////////////////////////////////////////////
+//
+// ASN1 related operations
+//
+///////////////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////////////
+// Set ASN1 length
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CPkcs10Req::DERSetLength(TUint8 *p, TInt aLen)
+{
+/*------------------------------------------------------
+ *
+ * Encode length value (max value supported 65535)
+ *
+ *------------------------------------------------------*/
+ TInt CodingLth;
+ aLen &= ASN1_MAX_LENGTH;
+ if ( aLen > 127 )
+ {
+ if ( aLen < 256 )
+ {
+ *p = 0x81;
+ CodingLth = 2;
+ }
+ else
+ {
+ *p = 0x82;
+ p ++;
+ *p = (TUint8)((aLen >> 8) & 0xff);
+ CodingLth = 3;
+ }
+ p ++;
+ }
+ else
+ {
+ CodingLth = 1;
+ }
+ *p = (TUint8)(aLen & 0xff);
+
+ return CodingLth;
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Set ASN1 integer
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CPkcs10Req::DERSetInteger(TUint8 *p, TInt aValue)
+{
+/*------------------------------------------------------
+ *
+ * Encode Integer value (max value supported 65535)
+ *
+ *------------------------------------------------------*/
+ TInt CodingLth;
+ aValue &= ASN1_MAX_INTEGER;
+ if ( aValue > 255 )
+ CodingLth = CPkcs10Req::DERSetLength(p, 2);
+ else CodingLth = CPkcs10Req::DERSetLength(p, 1);
+
+ p += CodingLth; //skip length
+ if ( aValue > 255 ) {
+ *p = (TUint8)((aValue >> 8) & 0xff);
+ p ++;
+ CodingLth ++;
+ }
+ *p = (TUint8)(aValue & 0xff);
+ CodingLth ++;
+
+ return CodingLth;
+}
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Encode Certification Request Info
+////////////////////////////////////////////////////////////////////////////////////////
+HBufC8* CPkcs10Req::ASNEncodeCertificationRequestInfoLC()
+{
+ // Build certificate request info
+ HBufC8 *CRInfoBuffer = NULL;
+ TUint8 *CRInfoPtr;
+ TUint requestInfoLength;
+ TUint coverSeqHeaderLength = 2;
+
+ HBufC8 *commonAttributes;
+ HBufC8 *pkiInfo;
+ HBufC8 *extendedAttributes;
+
+ // Build components
+ // Encode common attributes
+ commonAttributes = ASNEncodeCommonAttributesLC();
+ // Encode private key
+ pkiInfo = ASNEncodePKIinfoLC();
+ // Encode common attributes
+ extendedAttributes = ASNEncodeExtendedAttributesLC();
+
+ requestInfoLength = commonAttributes->Length() + pkiInfo->Length() + extendedAttributes->Length() + ASN1_SHORT_TAG_HDR_LTH + 1; // Fixed one byte version number!
+
+ if(requestInfoLength > 127)
+ coverSeqHeaderLength++;
+ if(requestInfoLength > 255)
+ coverSeqHeaderLength++;
+
+ requestInfoLength = requestInfoLength + coverSeqHeaderLength;
+
+ if(requestInfoLength > 0)
+ {
+ CRInfoBuffer = HBufC8::NewL(requestInfoLength);
+ CRInfoBuffer->Des().SetLength(requestInfoLength);
+ CRInfoPtr = (TUint8*)CRInfoBuffer->Ptr();
+
+ // Build header
+ CRInfoPtr += CPkcs10Req::DERSetTag(CRInfoPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ CRInfoPtr += CPkcs10Req::DERSetLength(CRInfoPtr, requestInfoLength - coverSeqHeaderLength);
+ CRInfoPtr += CPkcs10Req::DERSetTag(CRInfoPtr, EASN1Integer);
+ CRInfoPtr += DERSetInteger(CRInfoPtr, 0); // version
+
+ // Copy component ders
+ if(commonAttributes != NULL && commonAttributes->Length() > 0)
+ CRInfoPtr += CPkcs10Req::ASNCopy(CRInfoPtr, CONST_CAST(TUint8 *, commonAttributes->Ptr()), commonAttributes->Length());
+
+ if(pkiInfo != NULL && pkiInfo->Length() > 0)
+ CRInfoPtr += CPkcs10Req::ASNCopy(CRInfoPtr, CONST_CAST(TUint8 *, pkiInfo->Ptr()), pkiInfo->Length());
+
+ if(extendedAttributes != NULL && extendedAttributes->Length() > 0)
+ CRInfoPtr += CPkcs10Req::ASNCopy(CRInfoPtr, CONST_CAST(TUint8 *, extendedAttributes->Ptr()), extendedAttributes->Length());
+ }
+
+ if(extendedAttributes != NULL)
+ {
+ delete extendedAttributes;
+ CleanupStack::Pop(1);
+ }
+ if(pkiInfo != NULL)
+ {
+ delete pkiInfo;
+ CleanupStack::Pop(1);
+ }
+ if(commonAttributes != NULL)
+ {
+ delete commonAttributes;
+ CleanupStack::Pop(1);
+ }
+ if(CRInfoBuffer != NULL)
+ CleanupStack::PushL(CRInfoBuffer); // to be destroyed by the caller
+
+ return (CRInfoBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Encode Certification Request
+////////////////////////////////////////////////////////////////////////////////////////
+HBufC8* CPkcs10Req::ASNEncodeCertificationRequestLC(const TDes8 &CRInfoBuffer, const TDes8 &signature)
+{
+ HBufC8 *CRBuffer = NULL;
+ TUint8 *CRPtr;
+ TUint requestLength;
+ TUint coverSeqHeaderLength = 2;
+ TUint signatureLength = 0;
+
+ if(CRInfoBuffer.Length() > 0 && signature.Length() > 0)
+ {
+ signatureLength = signature.Length() + 1; // No padding zero added
+ if(signatureLength > 127)
+ signatureLength++;
+ if(signatureLength > 255)
+ signatureLength++;
+
+ if(iSignatureAlgorithmId == HASH_TYPE_MD5)
+ requestLength = CRInfoBuffer.Length() + signatureLength + 4 * ASN1_SHORT_TAG_HDR_LTH + MD5WITHRSA_OID_LTH;
+ else
+ requestLength = CRInfoBuffer.Length() + signatureLength + 4 * ASN1_SHORT_TAG_HDR_LTH + SHA1WITHRSA_OID_LTH;
+
+ if(requestLength > 127)
+ coverSeqHeaderLength++;
+ if(requestLength > 255)
+ coverSeqHeaderLength++;
+
+ requestLength = requestLength + coverSeqHeaderLength;
+
+ CRBuffer = HBufC8::NewL(requestLength);
+ CRBuffer->Des().SetLength(requestLength);
+ CRPtr = (TUint8*)CRBuffer->Ptr();
+
+ CRPtr += CPkcs10Req::DERSetTag(CRPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, requestLength - coverSeqHeaderLength);
+
+ // Copy Certificate request info
+ CRPtr += CPkcs10Req::ASNCopy(CRPtr, CONST_CAST(TUint8 *, CRInfoBuffer.Ptr()), CRInfoBuffer.Length());
+ CRPtr += CPkcs10Req::DERSetTag(CRPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, MD5WITHRSA_OID_LTH + 2 * ASN1_SHORT_TAG_HDR_LTH); // null included!
+ // Set algorithm identifier
+ CRPtr += CPkcs10Req::DERSetTag(CRPtr, EASN1ObjectIdentifier);
+ if(iSignatureAlgorithmId == HASH_TYPE_MD5)
+ {
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, MD5WITHRSA_OID_LTH);
+ CRPtr += CPkcs10Req::DERSetOid(CRPtr, (TUint8*)KMd5WithRSAEncryptionOid, MD5WITHRSA_OID_LTH);
+ }
+ else
+ {
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, SHA1WITHRSA_OID_LTH);
+ CRPtr += CPkcs10Req::DERSetOid(CRPtr, (TUint8*)KSha1WithRSAEncryptionOid, SHA1WITHRSA_OID_LTH);
+ }
+
+ CRPtr += CPkcs10Req::DERSetTag(CRPtr, EASN1Null);
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, 0);
+ // Copy signature
+ CRPtr += CPkcs10Req::DERSetTag(CRPtr, EASN1BitString);
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, signature.Length() + 1);
+ CRPtr += CPkcs10Req::DERSetLength(CRPtr, 0); // add 0, no padding
+ CRPtr += CPkcs10Req::ASNCopy(CRPtr, CONST_CAST(TUint8 *, signature.Ptr()), signature.Length());
+
+ CleanupStack::PushL(CRBuffer); // to be destroyed by the caller
+ }
+ return (CRBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Encode common attributes
+////////////////////////////////////////////////////////////////////////////////////////
+HBufC8* CPkcs10Req::ASNEncodeCommonAttributesLC()
+{
+ HBufC8 *commonAttributesBuffer = NULL;
+ TUint8 *commonAttributesPtr;
+ TUint distinguishedNameAttrLength;
+ TUint totalLength = 0;
+ TUint coverSeqHeaderLength = 2;
+
+ if(iUseExtendedDistinguishedName)
+ {
+ if(iDNDerBuf != NULL && iDNDerBuf->Des().Length() > 0)
+ commonAttributesBuffer = iDNDerBuf->Des().AllocLC();
+ return (commonAttributesBuffer);
+ }
+ if(iDistinguishedName.Length() == 0)
+ distinguishedNameAttrLength = 0;
+ else
+ distinguishedNameAttrLength = 4 * ASN1_SHORT_TAG_HDR_LTH + COMMON_NAME_OID_LTH + iDistinguishedName.Length();
+
+ totalLength = distinguishedNameAttrLength;
+ if(totalLength > 127)
+ coverSeqHeaderLength++;
+ if(totalLength > 255)
+ coverSeqHeaderLength++;
+
+ totalLength = totalLength + coverSeqHeaderLength;
+
+ if(totalLength > 0)
+ {
+ commonAttributesBuffer = HBufC8::NewL(totalLength);
+ commonAttributesBuffer->Des().SetLength(totalLength);
+ commonAttributesPtr = (TUint8*)commonAttributesBuffer->Ptr();
+
+ commonAttributesPtr+= CPkcs10Req::DERSetTag(commonAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ commonAttributesPtr+= CPkcs10Req::DERSetLength(commonAttributesPtr, totalLength - coverSeqHeaderLength);
+
+ if(iDistinguishedName.Length() > 0)
+ {
+ // Encode common name
+ commonAttributesPtr+= CPkcs10Req::DERSetTag(commonAttributesPtr, (EASN1Set | ASN1_CONSTRUCTED));
+ commonAttributesPtr+= CPkcs10Req::DERSetLength(commonAttributesPtr, distinguishedNameAttrLength - ASN1_SHORT_TAG_HDR_LTH);
+ commonAttributesPtr+= CPkcs10Req::DERSetTag(commonAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ commonAttributesPtr+= CPkcs10Req::DERSetLength(commonAttributesPtr, distinguishedNameAttrLength - 2 * ASN1_SHORT_TAG_HDR_LTH);
+ commonAttributesPtr+= CPkcs10Req::DERSetTag(commonAttributesPtr, EASN1ObjectIdentifier);
+ commonAttributesPtr+= CPkcs10Req::DERSetLength(commonAttributesPtr, COMMON_NAME_OID_LTH);
+ commonAttributesPtr+= CPkcs10Req::DERSetOid(commonAttributesPtr, (TUint8*)KCommonNameOid, COMMON_NAME_OID_LTH);
+ commonAttributesPtr+= CPkcs10Req::DERSetTag(commonAttributesPtr, EASN1UTF8String);
+ commonAttributesPtr+= CPkcs10Req::DERSetLength(commonAttributesPtr, iDistinguishedName.Length());
+ commonAttributesPtr+= CPkcs10Req::ASNCopy(commonAttributesPtr, CONST_CAST(TUint8 *, iDistinguishedName.Ptr()), iDistinguishedName.Length());
+ }
+ CleanupStack::PushL(commonAttributesBuffer);
+ }
+ return (commonAttributesBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Encode Private key information
+////////////////////////////////////////////////////////////////////////////////////////
+HBufC8* CPkcs10Req::ASNEncodePKIinfoLC()
+{
+ HBufC8 *pkiInfoBuffer = NULL;
+ TUint8 *pkiInfoPtr;
+ TUint entityLength;
+ TUint bitStringHeaderLength = 2;
+ TUint coverSeqHeaderLength = 2;
+
+ if(iPublicKey.Length() == 0)
+ entityLength = 0;
+ else
+ {
+ entityLength = iPublicKey.Length() + 1; // Add 1 for padding indicator byte
+ if(entityLength > 127)
+ bitStringHeaderLength++;
+ if(entityLength > 255)
+ bitStringHeaderLength++;
+
+ entityLength = entityLength + bitStringHeaderLength + 3 * ASN1_SHORT_TAG_HDR_LTH + KEY_TYPE_RSA_OID_LTH;
+
+ if(entityLength > 127)
+ coverSeqHeaderLength++;
+ if(entityLength > 255)
+ coverSeqHeaderLength++;
+
+ entityLength = entityLength + coverSeqHeaderLength;
+ }
+
+ if(entityLength > 0)
+ {
+ pkiInfoBuffer = HBufC8::NewL(entityLength);
+ pkiInfoBuffer->Des().SetLength(entityLength);
+ pkiInfoPtr = (TUint8*)pkiInfoBuffer->Ptr();
+
+ pkiInfoPtr+= CPkcs10Req::DERSetTag(pkiInfoPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, entityLength - coverSeqHeaderLength);
+ pkiInfoPtr+= CPkcs10Req::DERSetTag(pkiInfoPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, KEY_TYPE_RSA_OID_LTH + ASN1_SHORT_TAG_HDR_LTH + ASN1_NULL_LTH);
+ // Only RSA key supported
+ pkiInfoPtr+= CPkcs10Req::DERSetTag(pkiInfoPtr, EASN1ObjectIdentifier);
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, KEY_TYPE_RSA_OID_LTH);
+ pkiInfoPtr+= CPkcs10Req::DERSetOid(pkiInfoPtr, (TUint8*)KKeyTypeRSAOid, KEY_TYPE_RSA_OID_LTH);
+ pkiInfoPtr+= CPkcs10Req::DERSetTag(pkiInfoPtr, EASN1Null);
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, 0);
+ pkiInfoPtr+= CPkcs10Req::DERSetTag(pkiInfoPtr, EASN1BitString);
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, iPublicKey.Length() + 1);
+ pkiInfoPtr+= CPkcs10Req::DERSetLength(pkiInfoPtr, 0); // add 0, no padding
+ pkiInfoPtr+= CPkcs10Req::ASNCopy(pkiInfoPtr, CONST_CAST(TUint8 *, iPublicKey.Ptr()), iPublicKey.Length());
+
+ CleanupStack::PushL(pkiInfoBuffer);
+ }
+ return (pkiInfoBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Encode Extended attributes
+////////////////////////////////////////////////////////////////////////////////////////
+HBufC8* CPkcs10Req::ASNEncodeExtendedAttributesLC()
+{
+ HBufC8 *extendedAttributesBuffer = NULL;
+ TUint8 *extendedAttributesPtr;
+ TUint challengePWLength;
+ TUint DNSLength;
+ TUint SubAltNLength;
+ TUint emailExtensionLength;
+ TUint totalLength;
+ TUint tempLength;
+ TUint coverTagLength = 2;
+
+ if(iChallengePW.Length() == 0)
+ challengePWLength = 0;
+ else
+ challengePWLength = 4 * ASN1_SHORT_TAG_HDR_LTH + CHALLENGEPW_OID_LTH + iChallengePW.Length();
+
+ if((iSubjectAltName.Length() == 0) && (iDNSName.Length() == 0))
+ emailExtensionLength = 0;
+ else
+ // Header part
+ emailExtensionLength = 8 * ASN1_SHORT_TAG_HDR_LTH + SUBJECTALTNAME_OID_LTH + PKCS10_EXTENSION_OID_LTH;
+
+ if(iSubjectAltName.Length() == 0)
+ SubAltNLength = 0;
+ else
+ SubAltNLength = ASN1_SHORT_TAG_HDR_LTH + iSubjectAltName.Length();
+
+ emailExtensionLength = emailExtensionLength + SubAltNLength;
+
+ if(iDNSName.Length() == 0)
+ DNSLength = 0;
+ else
+ DNSLength = ASN1_SHORT_TAG_HDR_LTH + iDNSName.Length();
+
+ emailExtensionLength = emailExtensionLength + DNSLength;
+ totalLength = challengePWLength + emailExtensionLength;
+
+ if(totalLength > 127)
+ coverTagLength++;
+
+ totalLength = totalLength + coverTagLength;
+
+ if(totalLength > 0)
+ {
+ extendedAttributesBuffer = HBufC8::NewL(totalLength);
+ extendedAttributesBuffer->Des().SetLength(totalLength);
+ extendedAttributesPtr = (TUint8*)extendedAttributesBuffer->Ptr();
+
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1EOC | ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, totalLength - coverTagLength);
+
+ if(challengePWLength > 0)
+ {
+ // Challenge password
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, challengePWLength - ASN1_SHORT_TAG_HDR_LTH );
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, EASN1ObjectIdentifier);
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, CHALLENGEPW_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetOid(extendedAttributesPtr, (TUint8*)KChallengePWOid, CHALLENGEPW_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Set | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, iChallengePW.Length() + ASN1_SHORT_TAG_HDR_LTH );
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1PrintableString));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, iChallengePW.Length());
+ extendedAttributesPtr+= CPkcs10Req::ASNCopy(extendedAttributesPtr, CONST_CAST(TUint8 *, iChallengePW.Ptr()), iChallengePW.Length());
+ }
+
+ if(emailExtensionLength > 0)
+ {
+ // SubjectAltName.Email assumed to be less than 97 bytes
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, emailExtensionLength - ASN1_SHORT_TAG_HDR_LTH );
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, EASN1ObjectIdentifier);
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, PKCS10_EXTENSION_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetOid(extendedAttributesPtr, (TUint8*)KPkcs10ExtensionOid, PKCS10_EXTENSION_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Set | ASN1_CONSTRUCTED));
+ tempLength = SUBJECTALTNAME_OID_LTH + 5 * ASN1_SHORT_TAG_HDR_LTH + DNSLength + SubAltNLength;
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, tempLength);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, tempLength - ASN1_SHORT_TAG_HDR_LTH );
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, tempLength - 2 * ASN1_SHORT_TAG_HDR_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, EASN1ObjectIdentifier);
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, SUBJECTALTNAME_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetOid(extendedAttributesPtr, (TUint8*)KSubjectAltNameOid, SUBJECTALTNAME_OID_LTH);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, EASN1OctetString);
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, ASN1_SHORT_TAG_HDR_LTH + DNSLength + SubAltNLength);
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1Sequence | ASN1_CONSTRUCTED));
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, DNSLength + SubAltNLength);
+
+ if(SubAltNLength > 0)
+ {
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1EOC | ASN1_CONTEXT_SPECIFIC | 0x1)); // context specific 1
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, iSubjectAltName.Length());
+ extendedAttributesPtr+= CPkcs10Req::ASNCopy(extendedAttributesPtr, CONST_CAST(TUint8 *, iSubjectAltName.Ptr()), iSubjectAltName.Length());
+ }
+
+ if(DNSLength > 0)
+ {
+ extendedAttributesPtr+= CPkcs10Req::DERSetTag(extendedAttributesPtr, (EASN1EOC | ASN1_CONTEXT_SPECIFIC | 0x2)); // context specific 2
+ extendedAttributesPtr+= CPkcs10Req::DERSetLength(extendedAttributesPtr, iDNSName.Length());
+ extendedAttributesPtr+= CPkcs10Req::ASNCopy(extendedAttributesPtr, CONST_CAST(TUint8 *, iDNSName.Ptr()), iDNSName.Length());
+ }
+ }
+ CleanupStack::PushL(extendedAttributesBuffer);
+ }
+
+ return (extendedAttributesBuffer);
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+// ASN1 copy
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CPkcs10Req::ASNCopy(TUint8 *dataPtr, TUint8 *valuePtr, TInt length)
+{
+ Mem::Copy(dataPtr, valuePtr, length);
+ return (length);
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/EABI/utlpkcs12U.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,15 @@
+EXPORTS
+ _ZN14CPKCS12Handler12SetDeletableEi @ 1 NONAME
+ _ZN14CPKCS12Handler18StorePKCS12ObjectLERK6TDesC8RK7TDesC16 @ 2 NONAME
+ _ZN14CPKCS12Handler4NewLER14RPKIServiceAPI @ 3 NONAME
+ _ZN14CPKCS12Handler5NewLCER14RPKIServiceAPI @ 4 NONAME
+ _ZN14CPKCS12HandlerD0Ev @ 5 NONAME
+ _ZN14CPKCS12HandlerD1Ev @ 6 NONAME
+ _ZN14CPKCS12HandlerD2Ev @ 7 NONAME
+ _ZTI14CPKCS12Handler @ 8 NONAME ; #<TI>#
+ _ZTV14CPKCS12Handler @ 9 NONAME ; #<VT>#
+ _ZN14CPKCS12Handler16SetApplicabilityERK6RArrayI4TUidE @ 10 NONAME
+ _ZN14CPKCS12Handler26SaveSecurityObjectsToDiskLERK6TDesC8RK7TDesC16S5_ @ 11 NONAME
+ _ZN14CPKCS12Handler4NewLEv @ 12 NONAME
+ _ZN14CPKCS12Handler5NewLCEv @ 13 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/EABI/utlpkcs12_stubbedU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,15 @@
+EXPORTS
+ _ZN14CPKCS12Handler12SetDeletableEi @ 1 NONAME
+ _ZN14CPKCS12Handler16SetApplicabilityERK6RArrayI4TUidE @ 2 NONAME
+ _ZN14CPKCS12Handler18StorePKCS12ObjectLERK6TDesC8RK7TDesC16 @ 3 NONAME
+ _ZN14CPKCS12Handler26SaveSecurityObjectsToDiskLERK6TDesC8RK7TDesC16S5_ @ 4 NONAME
+ _ZN14CPKCS12Handler4NewLER14RPKIServiceAPI @ 5 NONAME
+ _ZN14CPKCS12Handler4NewLEv @ 6 NONAME
+ _ZN14CPKCS12Handler5NewLCER14RPKIServiceAPI @ 7 NONAME
+ _ZN14CPKCS12Handler5NewLCEv @ 8 NONAME
+ _ZN14CPKCS12HandlerD0Ev @ 9 NONAME
+ _ZN14CPKCS12HandlerD1Ev @ 10 NONAME
+ _ZN14CPKCS12HandlerD2Ev @ 11 NONAME
+ _ZTI14CPKCS12Handler @ 12 NONAME ; #<TI>#
+ _ZTV14CPKCS12Handler @ 13 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/bwins/utlpkcs12U.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,11 @@
+EXPORTS
+ ??1CPKCS12Handler@@UAE@XZ @ 1 NONAME ; CPKCS12Handler::~CPKCS12Handler(void)
+ ?NewL@CPKCS12Handler@@SAPAV1@AAVRPKIServiceAPI@@@Z @ 2 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewL(class RPKIServiceAPI &)
+ ?NewL@CPKCS12Handler@@SAPAV1@XZ @ 3 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewL(void)
+ ?NewLC@CPKCS12Handler@@SAPAV1@AAVRPKIServiceAPI@@@Z @ 4 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewLC(class RPKIServiceAPI &)
+ ?NewLC@CPKCS12Handler@@SAPAV1@XZ @ 5 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewLC(void)
+ ?SaveSecurityObjectsToDiskL@CPKCS12Handler@@QAEXABVTDesC8@@ABVTDesC16@@1@Z @ 6 NONAME ; void CPKCS12Handler::SaveSecurityObjectsToDiskL(class TDesC8 const &, class TDesC16 const &, class TDesC16 const &)
+ ?SetApplicability@CPKCS12Handler@@QAEXABV?$RArray@VTUid@@@@@Z @ 7 NONAME ; void CPKCS12Handler::SetApplicability(class RArray<class TUid> const &)
+ ?SetDeletable@CPKCS12Handler@@QAEXH@Z @ 8 NONAME ; void CPKCS12Handler::SetDeletable(int)
+ ?StorePKCS12ObjectL@CPKCS12Handler@@QAEXABVTDesC8@@ABVTDesC16@@@Z @ 9 NONAME ; void CPKCS12Handler::StorePKCS12ObjectL(class TDesC8 const &, class TDesC16 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/bwins/utlpkcs12_stubbedU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,11 @@
+EXPORTS
+ ??1CPKCS12Handler@@UAE@XZ @ 1 NONAME ; CPKCS12Handler::~CPKCS12Handler(void)
+ ?NewL@CPKCS12Handler@@SAPAV1@AAVRPKIServiceAPI@@@Z @ 2 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewL(class RPKIServiceAPI &)
+ ?NewL@CPKCS12Handler@@SAPAV1@XZ @ 3 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewL(void)
+ ?NewLC@CPKCS12Handler@@SAPAV1@AAVRPKIServiceAPI@@@Z @ 4 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewLC(class RPKIServiceAPI &)
+ ?NewLC@CPKCS12Handler@@SAPAV1@XZ @ 5 NONAME ; class CPKCS12Handler * CPKCS12Handler::NewLC(void)
+ ?SaveSecurityObjectsToDiskL@CPKCS12Handler@@QAEXABVTDesC8@@ABVTDesC16@@1@Z @ 6 NONAME ; void CPKCS12Handler::SaveSecurityObjectsToDiskL(class TDesC8 const &, class TDesC16 const &, class TDesC16 const &)
+ ?SetApplicability@CPKCS12Handler@@QAEXABV?$RArray@VTUid@@@@@Z @ 7 NONAME ; void CPKCS12Handler::SetApplicability(class RArray<class TUid> const &)
+ ?SetDeletable@CPKCS12Handler@@QAEXH@Z @ 8 NONAME ; void CPKCS12Handler::SetDeletable(int)
+ ?StorePKCS12ObjectL@CPKCS12Handler@@QAEXABVTDesC8@@ABVTDesC16@@@Z @ 9 NONAME ; void CPKCS12Handler::StorePKCS12ObjectL(class TDesC8 const &, class TDesC16 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build info file for PKCS#12 utility
+*
+*/
+
+
+
+PRJ_PLATFORMS
+ DEFAULT
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ utlpkcs12_test.mmp
+#else
+ utlpkcs12.mmp
+#endif
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/group/utlpkcs12.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,63 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: MMP file for PKCS#12 utility
+*
+*/
+
+/**
+@file
+pkcs12.mmp
+
+pkcs12 package handling functionality
+
+@SYMPurpose utlpkcs12.dll VPN support for PKCS#12 formatted certificate / key data
+*/
+
+#include <platform_paths.hrh>
+
+TARGET utlpkcs12.dll
+TARGETTYPE dll
+
+UID 0x1000008d 0x101F6D39
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+
+SOURCE pkcs12vpn.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../vpncommon/inc
+
+USERINCLUDE ../../../vpnui/vpnecomnotifier/inc
+
+USERINCLUDE ../../../vpnui/vpnpolicyrecognizer/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY vpnapi.lib
+
+LIBRARY euser.lib
+LIBRARY crpkcs12.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY crypto.lib
+LIBRARY efsrv.lib
+LIBRARY sysutil.lib
+
+DEBUGLIBRARY flogger.lib
+
+CAPABILITY ALL -Tcb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/group/utlpkcs12_test.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,64 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: MMP file for PKCS#12 utility
+*
+*/
+
+/**
+@file
+pkcs12.mmp
+
+pkcs12 package handling functionality
+
+@SYMPurpose utlpkcs12.dll VPN support for PKCS#12 formatted certificate / key data
+*/
+
+#include <platform_paths.hrh>
+
+TARGET utlpkcs12.dll
+TARGETTYPE dll
+
+UID 0x1000008d 0x101F6D39
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+
+SOURCE pkcs12vpn.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlcrypto/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../vpncommon/inc
+
+USERINCLUDE ../../../vpnui/vpnecomnotifier/inc
+
+USERINCLUDE ../../../vpnui/vpnpolicyrecognizer/inc
+USERINCLUDE ../../vpnmanager/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY utlpkcs12_proxy.lib
+LIBRARY vpnapi.lib
+
+LIBRARY euser.lib
+LIBRARY crpkcs12.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY crypto.lib
+LIBRARY efsrv.lib
+LIBRARY sysutil.lib
+
+DEBUGLIBRARY flogger.lib
+
+CAPABILITY ALL -Tcb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/inc/pkcs12vpn.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,321 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKCS#12 data handler
+*
+*/
+
+
+
+#ifndef __PKCS12VPN_H__
+#define __PKCS12VPN_H__
+
+#include <f32file.h>
+
+#include "pkiserviceapi.h"
+
+#include "pkidefs.h"
+#include "vpnnotifierdefs.h"
+
+
+// Used locally within PKCS#12 handler
+#define DEFAULT_KEY_LEN 1024
+
+// Filename stems used for security object dumping
+// (%d will range from 1 to n)
+_LIT(KCAFileNameStem, "ca-%d.cer");
+_LIT(KUserCertFileNameStem, "user-%d.cer");
+_LIT(KPrivateKeyFileNameStem, "user-%d.key");
+
+// Forward declarations
+class CPKCS12;
+class MPKCS12;
+class CX509Certificate;
+
+/**
+ * Class CPKCS12Handler provides basic PKCS12 handling functionality.
+ * This includes operations for password prompting, integrity verification
+ * and data decrypting. CPKCS12Handler also manages PKI operations related
+ * to PKCS#12 package contents (storing key data, certificate attachment).
+ *
+ */
+class CPKCS12Handler : public CBase
+ {
+
+/////////////////////////////
+// Construction / Destruction
+/////////////////////////////
+public:
+
+ /**
+ * CPKCS12Handler must always be instantiated with a reference to
+ * a (connected) PKI Service API resource handle.
+ * @param aPkiServiceApi Reference to an instantiated RPKIServiceAPI
+ * object.
+ */
+ IMPORT_C static CPKCS12Handler* NewL(RPKIServiceAPI& aPkiServiceApi);
+ IMPORT_C static CPKCS12Handler* NewLC(RPKIServiceAPI& aPkiServiceApi);
+ IMPORT_C static CPKCS12Handler* NewL();
+ IMPORT_C static CPKCS12Handler* NewLC();
+
+ EXPORT_C ~CPKCS12Handler();
+
+protected:
+
+ void ConstructL();
+
+private:
+
+ CPKCS12Handler(RPKIServiceAPI& aPkiServiceApi);
+
+
+
+/////////////////////////////
+// Public functions
+/////////////////////////////
+public:
+
+ /**
+ * High-level function for storing all certificates/private keys
+ * contained in a single PKCS#12 bundle. Also sets the applicability
+ * and deletable properties, which must be set prior to storing
+ * if non-default values are required.
+ *
+ * Stores the data directly to PKI.
+ *
+ * @param aData PKCS#12 in raw binary data format
+ * @param aPwd The password for decoding the PKCS#12 package.
+ *
+ * @return Leaves with KErrNotSupported if aData is not a valid PKCS#12
+ * buffer; KErrPermissionDenied if the password is wrong.
+ * Symbian standard leaves can occur as well (KErrNoMemory)
+ */
+ IMPORT_C void StorePKCS12ObjectL(const TDesC8& aData,
+ const TDesC16& aPwd);
+
+ /**
+ * Gets a locally applicable reference to applicability data that will
+ * be applied to all applicable certificates deciphered from the
+ * PKCS#12 package by the application.
+ * "Lazy" functionality: applicability parameter is only applied to
+ * a certificate when the actual certificate is stored (attached).
+ * In other words, SetApplicability must be called before StorePKCS12ObjectL().
+ * Has no effect for PKCS#12 file dump (SaveSecurityObjectsToDiskL()).
+ *
+ * @param aUids Array of TUid objects, indicating the applicability
+ * scope of the certificate(s). Ownership doesn't transfer.
+ *
+ */
+ IMPORT_C void SetApplicability(const RArray<TUid>& aUids);
+
+ /**
+ * Sets the deletable attribute that will be applied to all
+ * certificates within the package.
+ * "Lazy" functionality: deletable parameter is only applied to
+ * a certificate when the actual certificate is stored (attached).
+ * In other words, SetDeletable must be called before StorePKCS12ObjectL().
+ * Has no effect for PKCS#12 file dump (SaveSecurityObjectsToDiskL()).
+ *
+ * @param aDeletable ETrue, if the certificate(s) can be deleted
+ * from the certificate store.
+ *
+ */
+ IMPORT_C void SetDeletable(TBool aDeletable);
+
+ /**
+ * Saves the keys/certs to disk. It's important that the files be
+ * deleted afterwards by the caller.
+ *
+ * @param aData PKCS#12 data in raw binary
+ * @param aPwd PKCS#12 password or KNullDesC
+ * @param aDir The target directory for extraction operation
+ *
+ * @leave May leave if write ops fail
+ *
+ */
+ IMPORT_C void SaveSecurityObjectsToDiskL(const TDesC8& aData,
+ const TDesC& aPwd,
+ const TDesC& aDir);
+
+
+
+/////////////////////////////
+// Private functions
+/////////////////////////////
+private:
+
+ /**
+ * Default constructor not available for public
+ */
+ CPKCS12Handler();
+
+ /**
+ * Make sure the given data is in PKCS#12 format.
+ *
+ * @param aData Binary data buffer containing the PKCS#12 data
+ *
+ * @return Returns ETrue if the data represents a valid PKCS#12 object,
+ * EFalse otherwise
+ */
+ TBool VerifyType(const TDesC8& aData) const;
+
+ /**
+ * Stores all the private keys from PKCS#12 object to PKI
+ *
+ */
+ void StoreKeyPairsL();
+
+ /**
+ * Store a single private key to PKI
+ *
+ * @param aKey The private key in binary format.
+ */
+ void StoreSingleKeyL(const TDesC8& aKey);
+
+ /**
+ * Attach all the user certificates contained in the PKCS#12
+ * package
+ *
+ */
+ void AttachCertificatesL();
+
+ /**
+ * Store all the CA certificates contained in the PKCS#12
+ * package
+ *
+ */
+ void StoreCertificatesL();
+
+ /**
+ * Store a single CA certificate
+ *
+ */
+ void StoreCertificateL(CX509Certificate* aCert);
+
+ /**
+ * Attach given certificate to a private key, based on key id
+ *
+ * @param aCert The certificate to be attached
+ * @param aKeyId The ID of the associated private key
+ *
+ */
+ void AttachCertificateL(CX509Certificate* aCert,
+ const TPKIKeyIdentifier& aKeyId);
+
+ /**
+ * Convenience function for getting local references to the certs/keys
+ * contained in the PKCS#12
+ *
+ */
+ void ExtractKeysAndCerts();
+
+
+ /**
+ * Prompt for PKCS#12 package password.
+ * @return The password. Memory control is transferred to the caller.
+ */
+ HBufC* QueryPasswordL();
+
+ /**
+ * Performs PKI applicability set operation for the given
+ * certificate. Locally stored applicability values will be used.
+ * If no applicability values have been given, defaults to none.
+ *
+ * @param aCert The certificate for which the
+ *
+ */
+ void SetApplicabilityL(CX509Certificate* aCert);
+
+ /**
+ * Performs PKI deletable set operation for the given
+ * certificate. Locally stored deletable value will be used.
+ * If the value hasn't been set, defaults to ETrue (deletable).
+ *
+ * @param aCert The certificate for which the
+ *
+ */
+ void SetDeletable(CX509Certificate* aCert);
+
+ /**
+ * Pops the "wrong password" note on screen.
+ */
+ void DisplayWrongPasswordNote();
+
+ /**
+ * Extracts the security objects from PKCS#12 bundle to
+ * memory.
+ *
+ * @param aData the PKCS#12 raw data
+ * @param aPwd the PKCS#12 password or KNullDesC
+ *
+ * @leave May leave due to cancel (KErrCancel),
+ * due to corrupted PKCS#12 data (KErrNotSupported),
+ * due to OOM, ...
+ *
+ */
+ void ExtractSecurityObjectsL(const TDesC8& aData,
+ const TDesC16& aPwd);
+
+ /**
+ * Dumps all CA and user certificates from memory to local file system
+ *
+ * @leave May leave if write ops fail, or for the usual reasons (OOM etc)
+ */
+ void SaveCertificatesToDiskL();
+
+ /**
+ * Dumps all private keys to local file system.
+ *
+ * @leave May leave if write ops fail
+ *
+ */
+ void SaveKeysToDiskL();
+
+ /**
+ * Writes the given binary data to a file
+ *
+ * @leave May leave if write fails
+ *
+ */
+ void WriteToFileL(const TDesC8& aData, const TDesC& aFileName);
+
+/////////////////////////////
+// Private data
+/////////////////////////////
+private:
+
+ RPKIServiceAPI* iPkiService; // ref
+ MPKCS12* iPkcsHandler;
+
+ const CArrayPtr<CX509Certificate>* iCACerts; // ref
+ const CArrayPtr<CX509Certificate>* iUserCerts; // ref
+ const CArrayPtr<HBufC8>* iPrivKeys; // ref
+
+ HBufC* iPassword;
+
+ TBool iDeletable;
+ const RArray<TUid>* iApplications; // ref
+
+ RNotifier iNotifier;
+
+ TPckgBuf<TVpnDialogInfo> iDialogInfoDes;
+ TPckgBuf<TVpnDialogOutput> iDialogResponseDes;
+
+ HBufC* iOutputDir;
+
+ RFs iFs;
+ RFile iFileOut;
+ };
+
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/rom/utlpkcs12.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: ROM build file for PKCS#12 Module.
+*
+*/
+
+
+
+#ifndef __UTLPKCS12_IBY__
+#define __UTLPKCS12_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature UTLPKCS12 not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\utlpkcs12.dll SHARED_LIB_DIR\utlpkcs12.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __UTLPKCS12_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlpkcs12/src/pkcs12vpn.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,642 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKCS#12 data handler
+*
+*/
+
+
+
+#include <x509cert.h>
+#include <mpkcs12.h>
+
+#include <e32std.h>
+
+#include <securityerr.h>
+#include <sysutil.h>
+
+#include "pkcs12vpn.h"
+#include "logvpncommon.h"
+#include "vpnnotifierdefs.h"
+
+///////////////////////////////////
+// Construction and destruction
+
+EXPORT_C CPKCS12Handler* CPKCS12Handler::NewL(RPKIServiceAPI& aPkiServiceApi)
+ {
+ LOG_("-> CPKCS12Handler::NewL()");
+ CPKCS12Handler* self = NewLC(aPkiServiceApi);
+ CleanupStack::Pop(self);
+ LOG_("<- CPKCS12Handler::NewL()");
+ return self;
+ }
+
+EXPORT_C CPKCS12Handler* CPKCS12Handler::NewLC(RPKIServiceAPI& aPkiServiceApi)
+ {
+ LOG_("-> CPKCS12Handler::NewLC()");
+ CPKCS12Handler* self = new (ELeave) CPKCS12Handler(aPkiServiceApi);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ LOG_("<- CPKCS12Handler::NewLC()");
+ return self;
+ }
+
+
+EXPORT_C CPKCS12Handler* CPKCS12Handler::NewL()
+ {
+ LOG_("-> CPKCS12Handler::NewL(empty)");
+ CPKCS12Handler* self = NewLC();
+ CleanupStack::Pop(self);
+ LOG_("<- CPKCS12Handler::NewL(empty)");
+ return self;
+ }
+
+EXPORT_C CPKCS12Handler* CPKCS12Handler::NewLC()
+ {
+ LOG_("-> CPKCS12Handler::NewLC(empty)");
+ CPKCS12Handler* self = new (ELeave) CPKCS12Handler();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ LOG_("<- CPKCS12Handler::NewLC(empty)");
+ return self;
+ }
+
+/**
+ * Release resources.
+ * Note: CPKCS12Handler's parent owns the RPKIServiceAPI instance
+ */
+EXPORT_C CPKCS12Handler::~CPKCS12Handler()
+ {
+ LOG_("-> CPKCS12Handler::~CPKCS12Handler()");
+ iPkcsHandler->Release();
+ iNotifier.Close();
+ delete iPassword;
+ delete iOutputDir;
+
+ iFileOut.Close();
+ iFs.Close();
+
+ LOG_("<- CPKCS12Handler::~CPKCS12Handler()");
+ }
+
+/**
+ * Maintain a reference to an instance of PKI API provided by the caller
+ */
+CPKCS12Handler::CPKCS12Handler(RPKIServiceAPI& aPkiServiceApi) :
+ iPkiService(&aPkiServiceApi), iDeletable(ETrue)
+ {
+ LOG_("-> CPKCS12Handler::CPKCS12Handler(RPKIServiceAPI&)");
+ LOG_("<- CPKCS12Handler::CPKCS12Handler(RPKIServiceAPI&)");
+ }
+
+CPKCS12Handler::CPKCS12Handler()
+ {
+ LOG_("-> CPKCS12Handler::CPKCS12Handler()");
+ LOG_("<- CPKCS12Handler::CPKCS12Handler()");
+ }
+
+/**
+ * Instantiate S60 PKCS#12 handler upon construction.
+ */
+void CPKCS12Handler::ConstructL()
+ {
+ LOG_("-> CPKCS12Handler::ConstructL()");
+
+ iPkcsHandler = PKCS12Factory::CreateL();
+ User::LeaveIfError(iNotifier.Connect());
+ User::LeaveIfError(iFs.Connect());
+
+ LOG_("<- CPKCS12Handler::ConstructL() OK");
+ }
+
+
+///////////////////////////////////
+// Public methods
+
+EXPORT_C void CPKCS12Handler::SaveSecurityObjectsToDiskL(const TDesC8& aData,
+ const TDesC& aPwd,
+ const TDesC& aDir)
+ {
+ LOG_("-> CPKCS12Handler::SaveSecurityObjectsToDiskL()");
+
+ if (iOutputDir)
+ {
+ delete iOutputDir;
+ iOutputDir = NULL;
+ }
+
+ // Output dir needs to end with backslash
+ iOutputDir = aDir.AllocL();
+
+ LOG_1(" Using output dir: '%S'", iOutputDir);
+
+ ExtractSecurityObjectsL(aData, aPwd);
+
+ // Save CA/user certificates to disk
+ SaveCertificatesToDiskL();
+
+ // Save private keys to disk
+ SaveKeysToDiskL();
+
+ LOG_("<- CPKCS12Handler::SaveSecurityObjectsToDiskL()");
+ }
+EXPORT_C void CPKCS12Handler::StorePKCS12ObjectL(const TDesC8& aData,
+ const TDesC16& aPwd)
+ {
+ LOG_("-> CPKCS12Handler::StorePKCS12ObjectL()");
+
+ ExtractSecurityObjectsL(aData, aPwd);
+
+ // Store CA certificates to PKI
+ StoreCertificatesL();
+
+ // Store private keys to PKI
+ StoreKeyPairsL();
+
+ // Attach related user certificates to PKI priv keys
+ AttachCertificatesL();
+
+ LOG_("<- CPKCS12Handler::StorePKCS12ObjectL() OK");
+ }
+
+EXPORT_C void CPKCS12Handler::SetApplicability(const RArray<TUid>& aUids)
+ {
+ LOG_("-> CPKCS12Handler::SetApplicability()");
+ iApplications = &aUids;
+ LOG_("<- CPKCS12Handler::SetApplicability()");
+ }
+
+EXPORT_C void CPKCS12Handler::SetDeletable(TBool aDeletable)
+ {
+ LOG_1("-> CPKCS12Handler::SetDeletable() Deletable: %d", aDeletable);
+ iDeletable = aDeletable;
+ LOG_("<- CPKCS12Handler::SetDeletable()");
+ }
+
+
+
+
+///////////////////////////////////
+// Internal methods
+
+void CPKCS12Handler::ExtractSecurityObjectsL(const TDesC8& aData,
+ const TDesC16& aPwd)
+ {
+ LOG_("-> CPKCS12Handler::ExtractSecurityObjectsL()");
+ if (iPassword)
+ {
+ delete iPassword;
+ iPassword = NULL;
+ }
+
+ // Make sure the data is in PKCS#12 format
+ if (!VerifyType(aData))
+ {
+ LOG_("<- CPKCS12Handler::ExtractSecurityObjectsL() LEAVE (KErrNotSupported)");
+ User::Leave(KErrArgument);
+ }
+
+ // If we have been provided with a valid password, then proceed
+ // to decrypt / parse; otherwise, prompt for pwd.
+ if (aPwd.Length() > 0)
+ {
+ iPassword = aPwd.AllocL();
+ LOG_(" Password provided by OMADM...");
+ }
+ else
+ {
+ LOG_(" No password provided, prompting the user for one");
+
+ iPassword = QueryPasswordL();
+ }
+
+ // Keep asking for the password until user cancels or inputs the
+ // correct password
+ while (ETrue)
+ {
+ if (iPassword)
+ {
+ LOG_1(" Non-NULL password '%S' in use, decrypting", iPassword);
+ TRAPD(err, iPkcsHandler->ParseL(aData, *iPassword));
+ if (err != KErrNone)
+ {
+ LOG_(" Breaking news: Password proved a miserable failure! Program terminated abruptly!");
+ DisplayWrongPasswordNote();
+ delete iPassword;
+ iPassword = NULL;
+ iPassword = QueryPasswordL();
+ }
+ else
+ {
+ // Correct password provided by the user,
+ // break free from the vicious cycle.
+ delete iPassword;
+ iPassword = NULL;
+ break;
+ }
+ }
+ else
+ {
+ // User got tired of guessing and resorted to cancel
+ LOG_("<- CPKCS12Handler::ExtractSecurityObjectsL() LEAVE (KErrCancel)");
+ User::Leave(KErrBadPassphrase);
+ }
+ }
+
+ // Fetch references to keys and certs
+ ExtractKeysAndCerts();
+
+ LOG_("<- CPKCS12Handler::ExtractSecurityObjectsL()");
+ }
+
+void CPKCS12Handler::SaveCertificatesToDiskL()
+ {
+ LOG_("-> CPKCS12Handler::SaveCertificatesToDiskL()");
+
+ TInt certCount(0);
+
+ // first the CAs (if any; not required necessarily)
+ if (iCACerts)
+ {
+ certCount = iCACerts->Count();
+ LOG_1(" Saving %d CA Certificates", certCount);
+
+ for (TInt i = 0; i < certCount; i++)
+ {
+ CX509Certificate* cert = iCACerts->At(i);
+
+ // Generate filename with running identifier
+ // Use TFileName, because the function isn't stack
+ // critical
+ TFileName fn;
+ fn.Format(KCAFileNameStem(), i+1);
+
+ WriteToFileL(cert->Encoding(), fn);
+ }
+ }
+ LOG(else LOG_(" No CA Certs found!"));
+
+ // Then the user certs
+ if (iUserCerts)
+ {
+ certCount = iUserCerts->Count();
+ LOG_1(" Saving %d User Certificates", certCount);
+
+ for (TInt i = 0; i < certCount; i++)
+ {
+ CX509Certificate* cert = iUserCerts->At(i);
+
+ TFileName fn;
+ fn.Format(KUserCertFileNameStem(), i+1);
+
+ WriteToFileL(cert->Encoding(), fn);
+ }
+ }
+
+ LOG(else LOG_(" No User Certs found!"));
+
+ LOG_("<- CPKCS12Handler::SaveCertificatesToDiskL()");
+ }
+
+void CPKCS12Handler::SaveKeysToDiskL()
+ {
+ LOG_("-> CPKCS12Handler::SaveKeysToDiskL()");
+
+ if (iPrivKeys)
+ {
+ TInt keycount = iPrivKeys->Count();
+ LOG_1(" Saving %d Private Keys", keycount);
+
+ for (TInt i = 0; i < keycount; i++)
+ {
+ HBufC8* key = iPrivKeys->At(i);
+ TPtrC8 keyPtr = *key;
+
+ TFileName fn;
+ fn.Format(KPrivateKeyFileNameStem(), i+1);
+
+ WriteToFileL(keyPtr, fn);
+ }
+ }
+ LOG(else LOG_(" No Private Keys found!"));
+
+ LOG_("<- CPKCS12Handler::SaveKeysToDiskL()");
+ }
+
+// Note: directory needs to end with a backslash
+// writes binary data
+void CPKCS12Handler::WriteToFileL(const TDesC8& aData,
+ const TDesC& aFileName)
+ {
+ LOG_("-> CPKCS12Handler::WriteToFileL()");
+
+ ASSERT(iOutputDir);
+ ASSERT(aFileName.Length() > 0);
+
+ // Disk space criticality check before attempting
+ // to install
+ if (SysUtil::FFSSpaceBelowCriticalLevelL(0, 0))
+ {
+ User::Leave(KErrDiskFull);
+ }
+
+ TFileName fn;
+ fn.Append(*iOutputDir);
+ fn.Append(aFileName);
+
+ LOG_1(" Opening file: '%S'", &fn);
+
+ TInt ret = iFileOut.Replace(iFs, fn, EFileWrite|EFileShareExclusive|EFileStream);
+
+ LOG_1(" File open result: %d", ret);
+
+ if (ret != KErrNone)
+ {
+ User::Leave(ret);
+ }
+
+ LOG_(" Writing data");
+
+ ret = iFileOut.Write(aData);
+ LOG_1(" Write result: %d", ret);
+
+ ret = iFileOut.Flush();
+ LOG_1(" Flush result: %d", ret);
+
+ iFileOut.Close();
+
+ LOG_("<- CPKCS12Handler::WriteToFileL()");
+ }
+
+TBool CPKCS12Handler::VerifyType(const TDesC8& aData) const
+ {
+ ASSERT(iPkcsHandler);
+
+ LOG_("-> CPKCS12Handler::VerifyType()");
+
+ TBool isPKCS12(EFalse);
+
+ // Need to check the data length before IsPKCS12Data call,
+ // otherwise an assert (instead of a more suitable)
+ // might occur
+ if (aData.Length() >= KPKCS12DataMinLength)
+ {
+ isPKCS12 = iPkcsHandler->IsPKCS12Data(aData);
+ }
+
+ LOG_1("<- CPKCS12Handler::VerifyType() RET: %d", isPKCS12);
+ return isPKCS12;
+ }
+
+void CPKCS12Handler::StoreKeyPairsL()
+ {
+ LOG_("-> CPKCS12Handler::StoreKeyPairsL()");
+
+ TInt keycount = iPrivKeys->Count();
+
+ for (TInt i = 0; i < keycount; i++)
+ {
+ HBufC8* key = iPrivKeys->At(i);
+ TPtrC8 keyPtr = *key;
+ StoreSingleKeyL(*key);
+ }
+
+ LOG_("<- CPKCS12Handler::StoreKeyPairsL() OK");
+ }
+
+/**
+ * NOTE: It should be decided what to do in following cases:
+ * 1. Key storage operation fails for a key (there can be multiple keys
+ * within a PKCS#12 package)
+ * 2. User cert attachment fails for a key (there can be multiple user
+ * certificates for any given key)
+ *
+ * At the moment, the code leaves if anything unexpected occurs.
+ * There is no rollback mechanism (anything that was added before
+ * the failure will still be in PKI stores).
+ *
+ */
+void CPKCS12Handler::StoreSingleKeyL(const TDesC8& aKey)
+ {
+ LOG_("-> CPKCS12Handler::StoreSingleKeyL()");
+
+ // Setup initial values
+ TRequestStatus requestStatus;
+ TPKIKeyIdentifier keyId;
+
+ // Perform asynchronous PKI operation synchronously
+ iPkiService->StoreKeypair(keyId, aKey, requestStatus);
+
+ User::WaitForRequest(requestStatus);
+
+ // Check for operation status
+ TInt status = requestStatus.Int();
+ if (status != KErrNone)
+ {
+ LOG_1("<- CPKCS12Handler::StoreSingleKeyL() LEAVE (%d)", status);
+ User::Leave(status);
+ }
+
+ LOG_("<- CPKCS12Handler::StoreSingleKeyL() OK");
+ }
+
+
+void CPKCS12Handler::AttachCertificatesL()
+ {
+ LOG_("-> CPKCS12Handler::AttachCertificatesL()");
+ TInt certCount = iUserCerts->Count();
+ for (TInt i = 0; i < certCount; i++)
+ {
+ CX509Certificate* cert = iUserCerts->At(i);
+ TKeyIdentifier certKeyId = cert->KeyIdentifierL();
+
+ // Note: KeyID parameter is effectively redundant
+ // (it can always be fetched from CX509Certificate object)
+ AttachCertificateL(cert, certKeyId);
+
+ }
+ LOG_("<- CPKCS12Handler::AttachCertificatesL() OK");
+ }
+
+void CPKCS12Handler::StoreCertificatesL()
+ {
+ LOG_("-> CPKCS12Handler::StoreCertificatesL()");
+ TInt certCount = iCACerts->Count();
+ for (TInt i = 0; i < certCount; i++)
+ {
+ CX509Certificate* cert = iCACerts->At(i);
+ StoreCertificateL(cert);
+ }
+ LOG_("<- CPKCS12Handler::StoreCertificatesL() OK");
+ }
+
+void CPKCS12Handler::StoreCertificateL(CX509Certificate* aCert)
+ {
+
+ LOG_("-> CPKCS12Handler::StoreCertificateL()");
+
+ LOG_1(" Deletable: %d", iDeletable);
+
+ TInt status = iPkiService->StoreCertificate(EPKICACertificate,
+ iDeletable,
+ 0,
+ EPKIRSA,
+ aCert->Encoding());
+
+ if (status)
+ {
+ LOG_1("<- CPKCS12Handler::StoreCertificateL() LEAVE (%d)", status);
+ User::Leave(status);
+ }
+
+ SetApplicabilityL(aCert);
+
+ LOG_("<- CPKCS12Handler::StoreCertificateL() OK");
+ }
+
+
+void CPKCS12Handler::AttachCertificateL(CX509Certificate* aCert,
+ const TPKIKeyIdentifier& aKeyId)
+ {
+
+ LOG_("-> CPKCS12Handler::AttachCertificateL()");
+
+ TRequestStatus requestStatus;
+ TAny* resArray(NULL);
+
+ // Perform asynchronous PKI operation synchronously
+ iPkiService->AttachCertificateL(aKeyId, DEFAULT_KEY_LEN, EPKIRSA,
+ aCert->Encoding(), &resArray,
+ requestStatus);
+
+ User::WaitForRequest(requestStatus);
+ iPkiService->Finalize(resArray);
+
+ // Check for operation status
+ TInt status = requestStatus.Int();
+ if (status != KErrNone)
+ {
+ LOG_1("<- CPKCS12Handler::AttachCertificateL() LEAVE: %d", status);
+ User::Leave(status);
+ }
+
+ LOG_("<- CPKCS12Handler::AttachCertificateL() OK");
+ }
+
+/**
+ * Not in use currently -- is Applicability a meaningful parameter
+ * for user certificates?
+ */
+void CPKCS12Handler::SetApplicabilityL(CX509Certificate* aCert)
+ {
+ LOG_("-> CPKCS12Handler::SetApplicabilityL()");
+
+ if (aCert)
+ {
+ // Only set applicability if there is atleast one applicability
+ // setting defined
+ if (iApplications && iApplications->Count() > 0)
+ {
+ LOG_(" Resolving subject name");
+
+ // Use subject name for CA certs
+ const TPtrC8* issuerName =
+ aCert->DataElementEncoding(CX509Certificate::EIssuerName);
+
+ LOG_(" Resolving serial number");
+ const TPtrC8* serialNumber =
+ aCert->DataElementEncoding(CX509Certificate::ESerialNumber);
+
+ LOG_(" Issuing PKI call");
+ iPkiService->SetApplicabilityL(*issuerName, *serialNumber, *iApplications);
+ }
+ }
+ else
+ {
+ LOG_("<- CPKCS12Handler::SetApplicabilityL() Leave: NULL argument");
+ User::Leave(KErrArgument);
+ }
+
+ LOG_("<- CPKCS12Handler::SetApplicabilityL() OK");
+ }
+
+void CPKCS12Handler::ExtractKeysAndCerts()
+ {
+ ASSERT(iPkcsHandler);
+ iCACerts = &iPkcsHandler->CACertificates();
+ iUserCerts = &iPkcsHandler->UserCertificates();
+ iPrivKeys = &iPkcsHandler->PrivateKeys();
+ }
+
+HBufC* CPKCS12Handler::QueryPasswordL()
+ {
+ LOG_("-> CPKCS12Handler::QueryPasswordL()");
+ TRequestStatus status(KErrNone);
+ LOG_(" SANITY2");
+
+ HBufC* ret(NULL);
+
+ TVpnDialogInfo dialogInfo(TVpnDialog::EPKCS12Password, 0);
+
+ TPckgBuf<TVpnDialogInfo> dialogInfoDes;
+ TPckgBuf<TVpnDialogOutput> dialogResponseDes;
+
+
+ dialogInfoDes() = dialogInfo;
+
+ iNotifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier,
+ dialogInfoDes, dialogResponseDes);
+
+ // Wait until user has given the input
+ LOG_(" Waiting for request");
+ User::WaitForRequest(status);
+ LOG_1(" Dialog terminated with status: %d", status.Int());
+
+ if (status != KErrCancel && dialogResponseDes().iOutBuf.Length() >= 0)
+ {
+ LOG_(" Allocating");
+ ret = dialogResponseDes().iOutBuf.AllocL();
+ LOG_(" Canceling");
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ LOG_1("<- CPKCS12Handler::QueryPasswordL() return: '%S'", ret);
+ }
+ else
+ {
+ LOG_("<- CPKCS12Handler::QueryPasswordL() return: NULL");
+ }
+
+ return ret;
+ }
+
+void CPKCS12Handler::DisplayWrongPasswordNote()
+ {
+ LOG_("-> CPKCS12Handler::DisplayWrongPasswordNote()");
+ TRequestStatus status(KErrNone);
+
+ LOG_1(" Constructing dialoginfo, DID: %d",
+ TVpnNoteDialog::EVpnWrongPKCS12Password);
+
+ TIPSecDialogInfo info(TNoteDialog::EInfo,
+ TVpnNoteDialog::EVpnWrongPKCS12Password); //create the input information
+ TPckgBuf<TIPSecDialogInfo> infoBuf(info); //package it in appropriate buf
+ TPckgBuf<TIPSecDialogOutput> responseBuf; //create the buf to receive the response
+
+ iNotifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier,
+ infoBuf, responseBuf);
+ User::WaitForRequest(status);
+
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+
+ LOG_("<- CPKCS12Handler::DisplayWrongPasswordNote()");
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/EABI/utlxmlU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,78 @@
+EXPORTS
+ _ZN10CXmlWriter10AddEndTagLERK6TDesC8 @ 1 NONAME
+ _ZN10CXmlWriter10AddPrologLERK6TDesC8 @ 2 NONAME
+ _ZN10CXmlWriter10AddPrologLEv @ 3 NONAME
+ _ZN10CXmlWriter11AddXmlTextLERK6TDesC8 @ 4 NONAME
+ _ZN10CXmlWriter11InsertTextLEiRK6TDesC8 @ 5 NONAME
+ _ZN10CXmlWriter12AddStartTagLERK6TDesC8 @ 6 NONAME
+ _ZN10CXmlWriter13AddAttributeLERK6TDesC8S2_ @ 7 NONAME
+ _ZN10CXmlWriter13AddCdataSectLERK6TDesC8 @ 8 NONAME
+ _ZN10CXmlWriter13OpenStartTagLERK6TDesC8 @ 9 NONAME
+ _ZN10CXmlWriter14CloseStartTagLEi @ 10 NONAME
+ _ZN10CXmlWriter14InsertXmlTextLEiRK6TDesC8 @ 11 NONAME
+ _ZN10CXmlWriter4NewLEv @ 12 NONAME
+ _ZN10CXmlWriter5NewLCEv @ 13 NONAME
+ _ZN10CXmlWriter5ResetEv @ 14 NONAME
+ _ZN10CXmlWriter6LengthEv @ 15 NONAME
+ _ZN10CXmlWriter7DocPartEii @ 16 NONAME
+ _ZN10CXmlWriter8AddTextLERK6TDesC8 @ 17 NONAME
+ _ZN14CXmlPullParser13AttributeNameEiR6TPtrC8 @ 18 NONAME
+ _ZN14CXmlPullParser14AttributeCountERi @ 19 NONAME
+ _ZN14CXmlPullParser14IsEmptyElementERi @ 20 NONAME
+ _ZN14CXmlPullParser15AttributeValueLERK6TDesC8R6TPtrC8 @ 21 NONAME
+ _ZN14CXmlPullParser15AttributeValueLEiR6TPtrC8 @ 22 NONAME
+ _ZN14CXmlPullParser17CurrentElementPosEv @ 23 NONAME
+ _ZN14CXmlPullParser28TextPredefEntitiesNotEscapedER6TPtrC8 @ 24 NONAME
+ _ZN14CXmlPullParser38AttributeValuePredefEntitiesNotEscapedERK6TDesC8R6TPtrC8 @ 25 NONAME
+ _ZN14CXmlPullParser38AttributeValuePredefEntitiesNotEscapedEiR6TPtrC8 @ 26 NONAME
+ _ZN14CXmlPullParser3PosEv @ 27 NONAME
+ _ZN14CXmlPullParser4NameER6TPtrC8 @ 28 NONAME
+ _ZN14CXmlPullParser4NewLER15CDesC8ArrayFlat @ 29 NONAME
+ _ZN14CXmlPullParser5DepthERi @ 30 NONAME
+ _ZN14CXmlPullParser5NewLCER15CDesC8ArrayFlat @ 31 NONAME
+ _ZN14CXmlPullParser5NextLEv @ 32 NONAME
+ _ZN14CXmlPullParser5PathLER6TPtrC8 @ 33 NONAME
+ _ZN14CXmlPullParser5StateEv @ 34 NONAME
+ _ZN14CXmlPullParser5TextLER6TPtrC8 @ 35 NONAME
+ _ZN14CXmlPullParser6LengthEv @ 36 NONAME
+ _ZN14CXmlPullParser7DocPartEii @ 37 NONAME
+ _ZN14CXmlPullParser8SetInputERK6TDesC8 @ 38 NONAME
+ _ZTI10CXmlWriter @ 39 NONAME ; #<TI>#
+ _ZTI14CXmlPullParser @ 40 NONAME ; #<TI>#
+ _ZTV10CXmlWriter @ 41 NONAME ; #<VT>#
+ _ZTV14CXmlPullParser @ 42 NONAME ; #<VT>#
+ _ZThn4_N10CXmlWriter10AddEndTagLERK6TDesC8 @ 43 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter10AddPrologLERK6TDesC8 @ 44 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter10AddPrologLEv @ 45 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter11AddXmlTextLERK6TDesC8 @ 46 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter11InsertTextLEiRK6TDesC8 @ 47 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter12AddStartTagLERK6TDesC8 @ 48 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter13AddAttributeLERK6TDesC8S2_ @ 49 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter13AddCdataSectLERK6TDesC8 @ 50 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter13OpenStartTagLERK6TDesC8 @ 51 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter14CloseStartTagLEi @ 52 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter14InsertXmlTextLEiRK6TDesC8 @ 53 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter5ResetEv @ 54 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter6LengthEv @ 55 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter7DocPartEii @ 56 NONAME ; #<thunk>#
+ _ZThn4_N10CXmlWriter8AddTextLERK6TDesC8 @ 57 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser13AttributeNameEiR6TPtrC8 @ 58 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser14AttributeCountERi @ 59 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser14IsEmptyElementERi @ 60 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser15AttributeValueLERK6TDesC8R6TPtrC8 @ 61 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser15AttributeValueLEiR6TPtrC8 @ 62 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser17CurrentElementPosEv @ 63 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser28TextPredefEntitiesNotEscapedER6TPtrC8 @ 64 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser38AttributeValuePredefEntitiesNotEscapedERK6TDesC8R6TPtrC8 @ 65 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser38AttributeValuePredefEntitiesNotEscapedEiR6TPtrC8 @ 66 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser3PosEv @ 67 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser4NameER6TPtrC8 @ 68 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser5DepthERi @ 69 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser5NextLEv @ 70 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser5PathLER6TPtrC8 @ 71 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser5StateEv @ 72 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser5TextLER6TPtrC8 @ 73 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser6LengthEv @ 74 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser7DocPartEii @ 75 NONAME ; #<thunk>#
+ _ZThn4_N14CXmlPullParser8SetInputERK6TDesC8 @ 76 NONAME ; #<thunk>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/bmarm/UTLXMLU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+EXPORTS
+ TextPredefEntitiesNotEscaped__14CXmlPullParserR6TPtrC8 @ 1 NONAME R3UNUSED ; CXmlPullParser::TextPredefEntitiesNotEscaped(TPtrC8 &)
+ AddCdataSectL__10CXmlWriterRC6TDesC8 @ 2 NONAME R3UNUSED ; CXmlWriter::AddCdataSectL(TDesC8 const &)
+ AddEndTagL__10CXmlWriterRC6TDesC8 @ 3 NONAME R3UNUSED ; CXmlWriter::AddEndTagL(TDesC8 const &)
+ AddPrologL__10CXmlWriter @ 4 NONAME R3UNUSED ; CXmlWriter::AddPrologL(void)
+ AddPrologL__10CXmlWriterRC6TDesC8 @ 5 NONAME R3UNUSED ; CXmlWriter::AddPrologL(TDesC8 const &)
+ AddStartTagL__10CXmlWriterRC6TDesC8 @ 6 NONAME R3UNUSED ; CXmlWriter::AddStartTagL(TDesC8 const &)
+ AddTextL__10CXmlWriterRC6TDesC8 @ 7 NONAME R3UNUSED ; CXmlWriter::AddTextL(TDesC8 const &)
+ AttributeCount__14CXmlPullParserRi @ 8 NONAME R3UNUSED ; CXmlPullParser::AttributeCount(int &)
+ AttributeName__14CXmlPullParseriR6TPtrC8 @ 9 NONAME R3UNUSED ; CXmlPullParser::AttributeName(int, TPtrC8 &)
+ AttributeValueL__14CXmlPullParserRC6TDesC8R6TPtrC8 @ 10 NONAME R3UNUSED ; CXmlPullParser::AttributeValueL(TDesC8 const &, TPtrC8 &)
+ AttributeValueL__14CXmlPullParseriR6TPtrC8 @ 11 NONAME R3UNUSED ; CXmlPullParser::AttributeValueL(int, TPtrC8 &)
+ AttributeValuePredefEntitiesNotEscaped__14CXmlPullParserRC6TDesC8R6TPtrC8 @ 12 NONAME R3UNUSED ; CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(TDesC8 const &, TPtrC8 &)
+ AttributeValuePredefEntitiesNotEscaped__14CXmlPullParseriR6TPtrC8 @ 13 NONAME R3UNUSED ; CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(int, TPtrC8 &)
+ CloseStartTagL__10CXmlWriteri @ 14 NONAME R3UNUSED ; CXmlWriter::CloseStartTagL(int)
+ CurrentElementPos__14CXmlPullParser @ 15 NONAME R3UNUSED ; CXmlPullParser::CurrentElementPos(void)
+ Depth__14CXmlPullParserRi @ 16 NONAME R3UNUSED ; CXmlPullParser::Depth(int &)
+ DocPart__10CXmlWriterii @ 17 NONAME R3UNUSED ; CXmlWriter::DocPart(int, int)
+ DocPart__14CXmlPullParserii @ 18 NONAME R3UNUSED ; CXmlPullParser::DocPart(int, int)
+ InsertTextL__10CXmlWriteriRC6TDesC8 @ 19 NONAME R3UNUSED ; CXmlWriter::InsertTextL(int, TDesC8 const &)
+ IsEmptyElement__14CXmlPullParserRi @ 20 NONAME R3UNUSED ; CXmlPullParser::IsEmptyElement(int &)
+ Length__10CXmlWriter @ 21 NONAME R3UNUSED ; CXmlWriter::Length(void)
+ Length__14CXmlPullParser @ 22 NONAME R3UNUSED ; CXmlPullParser::Length(void)
+ Name__14CXmlPullParserR6TPtrC8 @ 23 NONAME R3UNUSED ; CXmlPullParser::Name(TPtrC8 &)
+ NewLC__10CXmlWriter @ 24 NONAME R3UNUSED ; CXmlWriter::NewLC(void)
+ NewLC__14CXmlPullParserR15CDesC8ArrayFlat @ 25 NONAME R3UNUSED ; CXmlPullParser::NewLC(CDesC8ArrayFlat &)
+ NewL__10CXmlWriter @ 26 NONAME R3UNUSED ; CXmlWriter::NewL(void)
+ NewL__14CXmlPullParserR15CDesC8ArrayFlat @ 27 NONAME R3UNUSED ; CXmlPullParser::NewL(CDesC8ArrayFlat &)
+ NextL__14CXmlPullParser @ 28 NONAME R3UNUSED ; CXmlPullParser::NextL(void)
+ OpenStartTagL__10CXmlWriterRC6TDesC8 @ 29 NONAME R3UNUSED ; CXmlWriter::OpenStartTagL(TDesC8 const &)
+ PathL__14CXmlPullParserR6TPtrC8 @ 30 NONAME R3UNUSED ; CXmlPullParser::PathL(TPtrC8 &)
+ Pos__14CXmlPullParser @ 31 NONAME R3UNUSED ; CXmlPullParser::Pos(void)
+ Reset__10CXmlWriter @ 32 NONAME R3UNUSED ; CXmlWriter::Reset(void)
+ SetInput__14CXmlPullParserRC6TDesC8 @ 33 NONAME R3UNUSED ; CXmlPullParser::SetInput(TDesC8 const &)
+ State__14CXmlPullParser @ 34 NONAME R3UNUSED ; CXmlPullParser::State(void)
+ TextL__14CXmlPullParserR6TPtrC8 @ 35 NONAME R3UNUSED ; CXmlPullParser::TextL(TPtrC8 &)
+ AddAttributeL__10CXmlWriterRC6TDesC8T1 @ 36 NONAME R3UNUSED ; CXmlWriter::AddAttributeL(TDesC8 const &, TDesC8 const &)
+ AddXmlTextL__10CXmlWriterRC6TDesC8 @ 37 NONAME R3UNUSED ; CXmlWriter::AddXmlTextL(TDesC8 const &)
+ InsertXmlTextL__10CXmlWriteriRC6TDesC8 @ 38 NONAME R3UNUSED ; CXmlWriter::InsertXmlTextL(int, TDesC8 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/bwins/utlxmlu.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+EXPORTS
+ ??1CXmlPullParser@@UAE@XZ @ 1 NONAME ; public: virtual __thiscall CXmlPullParser::~CXmlPullParser(void)
+ ??1CXmlWriter@@UAE@XZ @ 2 NONAME ; public: virtual __thiscall CXmlWriter::~CXmlWriter(void)
+ ?AddAttributeL@CXmlWriter@@UAEXABVTDesC8@@0@Z @ 3 NONAME ; public: virtual void __thiscall CXmlWriter::AddAttributeL(class TDesC8 const &,class TDesC8 const &)
+ ?AddCdataSectL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 4 NONAME ; public: virtual void __thiscall CXmlWriter::AddCdataSectL(class TDesC8 const &)
+ ?AddEndTagL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 5 NONAME ; public: virtual void __thiscall CXmlWriter::AddEndTagL(class TDesC8 const &)
+ ?AddPrologL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 6 NONAME ; public: virtual void __thiscall CXmlWriter::AddPrologL(class TDesC8 const &)
+ ?AddPrologL@CXmlWriter@@UAEXXZ @ 7 NONAME ; public: virtual void __thiscall CXmlWriter::AddPrologL(void)
+ ?AddStartTagL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 8 NONAME ; public: virtual void __thiscall CXmlWriter::AddStartTagL(class TDesC8 const &)
+ ?AddTextL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 9 NONAME ; public: virtual void __thiscall CXmlWriter::AddTextL(class TDesC8 const &)
+ ?AttributeCount@CXmlPullParser@@UAEHAAH@Z @ 10 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeCount(int &)
+ ?AttributeName@CXmlPullParser@@UAEHHAAVTPtrC8@@@Z @ 11 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeName(int,class TPtrC8 &)
+ ?AttributeValueL@CXmlPullParser@@UAEHABVTDesC8@@AAVTPtrC8@@@Z @ 12 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeValueL(class TDesC8 const &,class TPtrC8 &)
+ ?AttributeValueL@CXmlPullParser@@UAEHHAAVTPtrC8@@@Z @ 13 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeValueL(int,class TPtrC8 &)
+ ?AttributeValuePredefEntitiesNotEscaped@CXmlPullParser@@UAEHABVTDesC8@@AAVTPtrC8@@@Z @ 14 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(class TDesC8 const &,class TPtrC8 &)
+ ?AttributeValuePredefEntitiesNotEscaped@CXmlPullParser@@UAEHHAAVTPtrC8@@@Z @ 15 NONAME ; public: virtual int __thiscall CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(int,class TPtrC8 &)
+ ?CloseStartTagL@CXmlWriter@@UAEXH@Z @ 16 NONAME ; public: virtual void __thiscall CXmlWriter::CloseStartTagL(int)
+ ?CurrentElementPos@CXmlPullParser@@UAEHXZ @ 17 NONAME ; public: virtual int __thiscall CXmlPullParser::CurrentElementPos(void)
+ ?Depth@CXmlPullParser@@UAEHAAH@Z @ 18 NONAME ; public: virtual int __thiscall CXmlPullParser::Depth(int &)
+ ?DocPart@CXmlPullParser@@UAE?AVTPtrC8@@HH@Z @ 19 NONAME ; public: virtual class TPtrC8 __thiscall CXmlPullParser::DocPart(int,int)
+ ?DocPart@CXmlWriter@@UAE?AVTPtrC8@@HH@Z @ 20 NONAME ; public: virtual class TPtrC8 __thiscall CXmlWriter::DocPart(int,int)
+ ?InsertTextL@CXmlWriter@@UAEXHABVTDesC8@@@Z @ 21 NONAME ; public: virtual void __thiscall CXmlWriter::InsertTextL(int,class TDesC8 const &)
+ ?IsEmptyElement@CXmlPullParser@@UAEHAAH@Z @ 22 NONAME ; public: virtual int __thiscall CXmlPullParser::IsEmptyElement(int &)
+ ?Length@CXmlPullParser@@UAEHXZ @ 23 NONAME ; public: virtual int __thiscall CXmlPullParser::Length(void)
+ ?Length@CXmlWriter@@UAEHXZ @ 24 NONAME ; public: virtual int __thiscall CXmlWriter::Length(void)
+ ?Name@CXmlPullParser@@UAEHAAVTPtrC8@@@Z @ 25 NONAME ; public: virtual int __thiscall CXmlPullParser::Name(class TPtrC8 &)
+ ?NewL@CXmlPullParser@@SAPAV1@AAVCDesC8ArrayFlat@@@Z @ 26 NONAME ; public: static class CXmlPullParser * __cdecl CXmlPullParser::NewL(class CDesC8ArrayFlat &)
+ ?NewL@CXmlWriter@@SAPAV1@XZ @ 27 NONAME ; public: static class CXmlWriter * __cdecl CXmlWriter::NewL(void)
+ ?NewLC@CXmlPullParser@@SAPAV1@AAVCDesC8ArrayFlat@@@Z @ 28 NONAME ; public: static class CXmlPullParser * __cdecl CXmlPullParser::NewLC(class CDesC8ArrayFlat &)
+ ?NewLC@CXmlWriter@@SAPAV1@XZ @ 29 NONAME ; public: static class CXmlWriter * __cdecl CXmlWriter::NewLC(void)
+ ?NextL@CXmlPullParser@@UAEHXZ @ 30 NONAME ; public: virtual int __thiscall CXmlPullParser::NextL(void)
+ ?OpenStartTagL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 31 NONAME ; public: virtual void __thiscall CXmlWriter::OpenStartTagL(class TDesC8 const &)
+ ?PathL@CXmlPullParser@@UAEHAAVTPtrC8@@@Z @ 32 NONAME ; public: virtual int __thiscall CXmlPullParser::PathL(class TPtrC8 &)
+ ?Pos@CXmlPullParser@@UAEHXZ @ 33 NONAME ; public: virtual int __thiscall CXmlPullParser::Pos(void)
+ ?Reset@CXmlWriter@@UAEXXZ @ 34 NONAME ; public: virtual void __thiscall CXmlWriter::Reset(void)
+ ?SetInput@CXmlPullParser@@UAEXABVTDesC8@@@Z @ 35 NONAME ; public: virtual void __thiscall CXmlPullParser::SetInput(class TDesC8 const &)
+ ?State@CXmlPullParser@@UAE?AW4TParserState@MXmlPullParser@@XZ @ 36 NONAME ; public: virtual enum MXmlPullParser::TParserState __thiscall CXmlPullParser::State(void)
+ ?TextL@CXmlPullParser@@UAEHAAVTPtrC8@@@Z @ 37 NONAME ; public: virtual int __thiscall CXmlPullParser::TextL(class TPtrC8 &)
+ ?TextPredefEntitiesNotEscaped@CXmlPullParser@@UAEHAAVTPtrC8@@@Z @ 38 NONAME ; public: virtual int __thiscall CXmlPullParser::TextPredefEntitiesNotEscaped(class TPtrC8 &)
+ ?AddXmlTextL@CXmlWriter@@UAEXABVTDesC8@@@Z @ 39 NONAME ; public: virtual void __thiscall CXmlWriter::AddXmlTextL(class TDesC8 const &)
+ ?InsertXmlTextL@CXmlWriter@@UAEXHABVTDesC8@@@Z @ 40 NONAME ; public: virtual void __thiscall CXmlWriter::InsertXmlTextL(int,class TDesC8 const &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/group/UtlXml.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project utlxml
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET utlxml.dll
+TARGETTYPE dll
+UID 0x1000008d 0x101F6EBB
+
+// Changed to minimize future work
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE XmlWriter.cpp
+SOURCE XmlPullParser.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY bafl.lib // CDesC8ArrayFlat
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/group/XppTest.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project xpptest
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET xpptest.exe
+TARGETTYPE exe
+UID 0x1000008d 0x1000696B
+
+SOURCEPATH ../src
+SOURCE xpptest.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY utlxml.lib
+LIBRARY bafl.lib // CDesC8ArrayFlat
+
+DEFFILE xpptest.def
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,31 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+UtlXml.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/inc/XppApi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,346 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A simple XML pull parsing interface for handling
+* non-unicode XML documents.
+*
+*/
+
+
+#ifndef __XPP_API__
+#define __XPP_API__
+
+#include <e32base.h>
+
+/**
+ * A simple XML pull parsing interface for handling
+ * non-unicode XML documents.
+ *
+ * This interface is _conceptually_ similar to the
+ * Common API for XML Pull Parsing version 1 Java
+ * API specified at www.xmlpull.org.
+ */
+class MXmlPullParser
+ {
+public:
+ /**
+ * Parser states
+ */
+ enum TParserState
+ {
+ EStateStartDocument, /**< The XML input has been set */
+ EStateStartTag, /**< A start tag was read */
+ EStateText, /**< Element content was read */
+ EStateEndTag, /**< An end tag was read */
+ EStateEndDocument, /**< No more elements are available */
+ EStateError /**< The document is erroneous */
+ };
+
+ /**
+ * Parser return codes (in addition to KErrNone and KErrNotFound)
+ */
+ enum TReturnCode
+ {
+ ERcWrongParserState = -101, /**< The method is not applicable
+ in the current parser state */
+ ERcDocumentError = -102, /**< The document is invalid */
+ ERcUnknown = -103 /**< Unknown return code */
+ };
+
+ /**
+ * Sets the input(XML document) for the parser.
+ *
+ * @param aInput The XML document to parse
+ */
+ virtual void SetInput(const TDesC8& aInput) = 0;
+
+ /**
+ * Advances the parser to the next XML element
+ * (tag or text) in the document. The State()
+ * method should be used to find out the resulting
+ * parser state.
+ *
+ * @return KErrNone if the NextL method succeeds,
+ * one of TReturnCode values if an error occurs.
+ * On unexceptional conditions, the method leaves
+ * with one of the system-wide error codes.
+ */
+ virtual TInt NextL() = 0;
+
+ /**
+ * Returns the current state of the parser.
+ *
+ * @return The current state of the parser.
+ * (one of the TParserState values).
+ */
+ virtual TParserState State() = 0;
+
+ /**
+ * Returns the name of the current element.
+ * This method is only applicable if the parser
+ * state is EStateStartTag, EStateEndTag or EStateText.
+ * (jakovist added) or EStateEndDocument.
+ *
+ * @param aName On return, contains the name
+ * of the current element.
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if it fails.
+ */
+ virtual TInt Name(TPtrC8& aName) = 0;
+
+ /**
+ * Returns the XPath of the current element.
+ * This method is only applicable if the parser
+ * state is EStateStartTag, EStateEndTag or EStateText.
+ *
+ * @param aPath On return, contains the name
+ * of the current element.
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if it fails.
+ * On unexceptional conditions, the method leaves
+ * with one of the system-wide error codes.
+ */
+ virtual TInt PathL(TPtrC8& aPath) = 0;
+
+ /**
+ * Returns the depth of the current element in the
+ * XML document.
+ * This method is only applicable if the parser
+ * state is EStateStartTag, EStateEndTag or EStateText.
+ *
+ * @param aDepth On return, contains the depth
+ * of the current element.
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if it fails.
+ */
+ virtual TInt Depth(TInt& aDepth) = 0;
+
+ /**
+ * Returns the number of the attributes in the
+ * current start element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aCount On successful return, the number
+ * of attributes.
+ *
+ * @return KErrNone if the method is successful,
+ * ERcWrongParserState if the method fails.
+ */
+ virtual TInt AttributeCount(TInt& aCount) = 0;
+
+ /**
+ * Returns the name of the specified attribute
+ * of the current element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aIndex The index (between 0 and
+ * AttbuteCount() - 1) of the attribute whose
+ * name is to be returned.
+ * @param aValue On successful return, points
+ * to the name of the specified attribute.
+ *
+ * @return KErrNone if the attribute is found,
+ * KErrNotFound if the specified attribute
+ * cannot be found, ERcWrongParserState if
+ * the method fails.
+ */
+ virtual TInt AttributeName(TInt aIndex,
+ TPtrC8& aName) = 0;
+
+ /**
+ * Returns the value of the specified attribute
+ * of the current element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aIndex The index (between 0 and
+ * AttbuteCount() - 1) of the attribute whose
+ * value is to be returned.
+ * @param aValue On successful return, points
+ * to the value of the specified attribute.
+ *
+ * @return KErrNone if the attribute is found,
+ * KErrNotFound if the specified attribute
+ * cannot be found, ERcWrongParserState if
+ * the method fails.
+ */
+ virtual TInt AttributeValuePredefEntitiesNotEscaped(TInt aIndex,
+ TPtrC8& aValue) = 0;
+
+ /**
+ * Returns the value of the specified attribute
+ * of the current element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aName The name of the attribute whose
+ * value is to be returned
+ * @param aValue On successful return, points
+ * to the value of the specified attribute.
+ *
+ * @return KErrNone if the attribute is found,
+ * KErrNotFound if the specified attribute
+ * cannot be found, ERcWrongParserState if
+ * the method fails.
+ */
+ virtual TInt AttributeValuePredefEntitiesNotEscaped(const TDesC8& aName,
+ TPtrC8& aValue) = 0;
+
+ /**
+ * Returns the value of the specified attribute
+ * of the current element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aIndex The index (between 0 and
+ * AttbuteCount() - 1) of the attribute whose
+ * value is to be returned.
+ * @param aValue On successful return, points
+ * to the value of the specified attribute.
+ * Character references have been escaped, i.e.
+ * [ -> [
+ * ] -> ]
+ * etc.
+ * Also predefined entities have been escaped.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * @return KErrNone if the attribute is found,
+ * KErrNotFound if the specified attribute
+ * cannot be found, ERcWrongParserState if
+ * the method fails.
+ */
+ virtual TInt AttributeValueL(TInt aIndex,
+ TPtrC8& aValue) = 0;
+
+ /**
+ * Returns the value of the specified attribute
+ * of the current element. The method is only
+ * applicable if the parser state is EStateStartTag.
+ *
+ * @param aName The name of the attribute whose
+ * value is to be returned
+ * @param aValue On successful return, points
+ * to the value of the specified attribute.
+ * Character references have been escaped, i.e.
+ * [ -> [
+ * ] -> ]
+ * etc.
+ * Also predefined entities have been escaped.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * @return KErrNone if the attribute is found,
+ * KErrNotFound if the specified attribute
+ * cannot be found, ERcWrongParserState if
+ * the method fails.
+ */
+ virtual TInt AttributeValueL(const TDesC8& aName,
+ TPtrC8& aValue) = 0;
+
+ /**
+ * Returns information as to whether the current
+ * start tag is an empty element tag or not. The
+ * method is only applicable if the parser state
+ * is EStateStartTag.
+ *
+ * @param aIsEmptyElement On successful return,
+ * ETrue if the start tag is an empty element tag,
+ * EFalse otherwise.
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if the method fails.
+ */
+ virtual TInt IsEmptyElement(TBool& aIsEmptyElement) = 0;
+
+ /**
+ * Returns the text of the current element.
+ * This method is only applicable if the parser
+ * state is EStateText.
+ *
+ * @param aText On successful return, points
+ * to the text of the current element.
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if the method fails.
+ */
+ virtual TInt TextPredefEntitiesNotEscaped(TPtrC8& aText) = 0;
+
+ /**
+ * Returns the text of the current element.
+ * This method is only applicable if the parser
+ * state is EStateText.
+ *
+ * @param aText On successful return, points
+ * to the text of the current element.
+ * Character references have been escaped, i.e.
+ * [ -> [
+ * ] -> ]
+ * etc.
+ * Also predefined entities have been escaped.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * @return KErrNone if the method succeeds,
+ * ERcWrongParserState if the method fails.
+ */
+ virtual TInt TextL(TPtrC8& aText) = 0;
+
+ /**
+ * Returns the current position of a virtual "cursor"
+ * that is used to read the XML document.
+ *
+ * @return The cursor position
+ */
+ virtual TInt Pos() = 0;
+
+ /**
+ * Returns the start position of the current element.
+ *
+ * @return The current element start position
+ */
+ virtual TInt CurrentElementPos() = 0;
+
+ /**
+ * Returns the length of the XML document.
+ *
+ * @return The length of the XML document.
+ */
+ virtual TInt Length() = 0;
+
+ /**
+ * Returns the specified part of the XML document
+ * being parsed to the caller
+ *
+ * @param aStartPos The position of the first character
+ * to return
+ *
+ * @param aEndPos The position of the last character
+ * to return.
+ *
+ * @return A part of the XML document being parsed
+ */
+ virtual TPtrC8 DocPart(TInt aStartPos, TInt aEndPos) = 0;
+ };
+
+#endif // __XPP_API__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/inc/XppImpl.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,121 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Element attribute name and value storage class.
+* A simple XML parser that implements
+* the XML pull parsing interface.
+*
+*/
+
+
+#ifndef __XPP_IMPL__
+#define __XPP_IMPL__
+
+#include <e32base.h>
+#include <badesca.h>
+#include "XppApi.h"
+
+/**
+ * Element attribute name and value storage class
+ */
+class TAttrData
+ {
+public:
+ TPtrC8 iName;
+ TPtrC8 iValue;
+ };
+
+/**
+ * A simple XML parser that implements
+ * the XML pull parsing interface.
+ */
+class CXmlPullParser : public CBase, public MXmlPullParser
+ {
+public: // Construction and destruction
+ IMPORT_C static CXmlPullParser* NewL(CDesC8ArrayFlat& aStringValueArray);
+ IMPORT_C static CXmlPullParser* NewLC(CDesC8ArrayFlat& aStringValueArray);
+ IMPORT_C virtual ~CXmlPullParser();
+
+private: // Construction
+ CXmlPullParser();
+ void ConstructL(CDesC8ArrayFlat& aStringValueArray);
+
+public: // MXmlPullParser methods
+ IMPORT_C void SetInput(const TDesC8& aInput);
+ IMPORT_C TInt NextL();
+ IMPORT_C CXmlPullParser::TParserState State();
+ IMPORT_C TInt Name(TPtrC8& aName);
+ IMPORT_C TInt PathL(TPtrC8& aPath);
+ IMPORT_C TInt Depth(TInt& aDepth);
+ IMPORT_C TInt AttributeCount(TInt& aCount);
+ IMPORT_C TInt AttributeName(TInt aIndex, TPtrC8& aName);
+ IMPORT_C TInt AttributeValuePredefEntitiesNotEscaped(TInt aIndex, TPtrC8& aValue);
+ IMPORT_C TInt AttributeValuePredefEntitiesNotEscaped(const TDesC8& aName, TPtrC8& aValue);
+ IMPORT_C TInt AttributeValueL(TInt aIndex, TPtrC8& aValue);
+ IMPORT_C TInt AttributeValueL(const TDesC8& aName, TPtrC8& aValue);
+ IMPORT_C TInt IsEmptyElement(TBool& aIsEmptyElement);
+ IMPORT_C TInt TextPredefEntitiesNotEscaped(TPtrC8& aText);
+ IMPORT_C TInt TextL(TPtrC8& aText);
+ IMPORT_C TInt Pos();
+ IMPORT_C TInt CurrentElementPos();
+ IMPORT_C TInt Length();
+ IMPORT_C TPtrC8 DocPart(TInt aStartPos, TInt aEndPos);
+
+private: // private methods
+ void CheckSpaceL(const TDesC8& aText);
+ TInt SkipLeadingNonRelevantElements();
+ TInt SkipNonRelevantElements();
+ TInt GetElementStartTagL();
+ TInt GetElementText();
+ TBool CheckIfNextEndTag();
+ TBool CheckIfNextStartTag();
+ TInt GetElementEndTag();
+ TBool CheckIfEndOfFile();
+ void CheckStringValueBufferSpaceL(const TDesC8& aValue);
+ TInt EscapeCharRefAndPreDefEntities();
+ TInt PredefinedEntitiesEscaped();
+ TInt CharacterReferencesEscaped();
+
+private:
+ TParserState iState;
+ //const TDesC8* iInput;
+ TPtrC8 iText; // element text
+
+ CArrayFixFlat<TAttrData> *iCAttrDataArray;
+
+ TPtrC8 iDocument; // pointer to whole document to parse
+ TLexMark8 iMarkPosition;
+ TPtrC8 iDocPart;
+ TLex8 iLexer;
+ TInt iCurrentElementPos;
+
+ HBufC8* iPathBuf;
+ TPtr8 iPathBufPtr;
+
+ TPtrC8 iElement; // element name
+ TInt iDepth;
+ TBool iIsEmptyElement;
+
+ TBool iCdataStartFound;
+ TBool iCdataSectionText;
+
+ HBufC8* iStringValue; // used when entities are escaped
+ TPtr8 iStringValuePtr;
+
+ CDesC8ArrayFlat* iStringValueArray;
+
+ };
+
+
+#endif // __XPP_IMPL__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/inc/XwApi.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,214 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A simple XML writer API for generating
+* non-unicode XML documents.
+* The API does not require its implementations
+* to validate the generated XML document in any
+* way. It is up to the application using the API
+* to create well-formed and valid XML documents.
+*
+*/
+
+
+#ifndef __XW_API__
+#define __XW_API__
+
+#include <e32base.h>
+
+class MXmlWriter
+ {
+public:
+ /**
+ * Adds a prolog tag <?xml version='1.0' encoding='ISO-8859-1'?>
+ * to the document.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddPrologL() = 0;
+
+ /**
+ * Adds a prolog tag to the document.
+ *
+ * @param aVersionNum The version number in the prolog.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddPrologL(const TDesC8& aVersionNum) = 0;
+
+ /**
+ * Adds a start tag to the document.
+ *
+ * @param aName The name of the start tag.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddStartTagL(const TDesC8& aName) = 0;
+
+ /**
+ * Adds an open start tag to the document.
+ *
+ * @param aName The name of the element
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void OpenStartTagL(const TDesC8& aName) = 0;
+
+ /**
+ * Adds an attribute to the currently open start tag.
+ *
+ * @param aName The name of the attribute
+ *
+ * @param aValue The value of the attribute
+ * Predefined entities are inserted.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddAttributeL(const TDesC8& aName, const TDesC8& aValue) = 0;
+
+ /**
+ * Ends an already opened start tag in the XML document.
+ *
+ * @param aEndElement If ETrue, specifies that the start tag also
+ * ends the element (i.e. the element is an empty element and will
+ * not have a separate end tag). If EFalse, specifies that the
+ * element will end with a separate end tag that will be added
+ * with the AddEndTagL method.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void CloseStartTagL(TBool aEndElement) = 0;
+
+ /**
+ * Adds text to an element whose start tag has been added to
+ * the XML document.
+ *
+ * @param aText The element text
+ * Predefined entities are inserted.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddTextL(const TDesC8& aText) = 0;
+
+ /**
+ * Adds text to an element whose start tag has been added to
+ * the XML document.
+ *
+ * @param aText The element text, that is NOT modified in any way.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddXmlTextL(const TDesC8& aText) = 0;
+
+ /**
+ * Adds an end tag to the document.
+ *
+ * @param aName The name of the end tag.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddEndTagL(const TDesC8& aName) = 0;
+
+ /**
+ * Adds an CDATA section to document.
+ *
+ * @param aText The text in the CDATA section.
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void AddCdataSectL(const TDesC8& aText) = 0;
+
+ /**
+ * Inserts text to the specified position in the document.
+ * The text may include any kind of text, including XML.
+ *
+ * @param aPos The position in the document where
+ * the text is to be inserted.
+ *
+ * @param aText The text to insert
+ * Predefined entities are inserted.
+ * < -> <
+ * > -> >
+ * & -> &
+ * ' -> '
+ * " -> "
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void InsertTextL(TInt aPos, const TDesC8& aText) = 0;
+
+ /**
+ * Inserts text to the specified position in the document.
+ * The text may include any kind of text, including XML.
+ *
+ * @param aPos The position in the document where
+ * the text is to be inserted.
+ *
+ * @param aText The text to insert
+ *
+ * On unexceptional conditions, the method leaves with
+ * one of the system-wide error codes.
+ */
+ virtual void InsertXmlTextL(TInt aPos, const TDesC8& aText) = 0;
+
+ /**
+ * Returns the current length of the XML document.
+ *
+ * @return The current length of the XML document
+ */
+ virtual TInt Length() = 0;
+
+ /**
+ * Returns the specified part of the current
+ * XML document to the caller
+ *
+ * @param aStartPos The position of the first character
+ * to return
+ *
+ * @param aEndPos The position of the last character
+ * to return
+ *
+ * @return A part of the current XML document
+ */
+ virtual TPtrC8 DocPart(TInt aStartPos, TInt aEndPos) = 0;
+
+ /**
+ * Resets the writer. A new XML-document can be written
+ * using the same instance.
+ */
+ virtual void Reset() = 0;
+ };
+
+#endif // __XW_API__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/inc/XwImpl.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,76 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* A simple XML writer that implements
+* the XML writer interface.
+*
+*/
+
+
+#ifndef __XW_IMPL__
+#define __XW_IMPL__
+
+#include <e32base.h>
+#include "XwApi.h"
+
+/**
+ * A simple XML writer that implements
+ * the XML writer interface.
+ */
+class CXmlWriter : public CBase, public MXmlWriter
+ {
+public: // Construction and destruction
+ IMPORT_C static CXmlWriter* NewL();
+ IMPORT_C static CXmlWriter* NewLC();
+ IMPORT_C virtual ~CXmlWriter();
+
+private: // Construction
+ CXmlWriter();
+ void ConstructL();
+
+public: // MXmlWriter methods
+ IMPORT_C void AddPrologL();
+ IMPORT_C void AddPrologL(const TDesC8& aVersionNum);
+ IMPORT_C void AddStartTagL(const TDesC8& aName);
+ IMPORT_C void OpenStartTagL(const TDesC8& aName);
+ IMPORT_C void AddAttributeL(const TDesC8& aName, const TDesC8& aValue);
+ IMPORT_C void CloseStartTagL(TBool aEndElement);
+ IMPORT_C void AddTextL(const TDesC8& aText);
+ IMPORT_C void AddXmlTextL(const TDesC8& aText);
+ IMPORT_C void AddEndTagL(const TDesC8& aName);
+ IMPORT_C void AddCdataSectL(const TDesC8& aText);
+ IMPORT_C void InsertTextL(TInt aPos, const TDesC8& aText);
+ IMPORT_C void InsertXmlTextL(TInt aPos, const TDesC8& aText);
+ IMPORT_C TInt Length();
+ IMPORT_C TPtrC8 DocPart(TInt aStartPos, TInt aEndPos);
+ IMPORT_C void Reset();
+
+private:
+ void CheckSpaceL(const TInt aSpace);
+ void CheckSpaceL(const TDesC8& aText);
+ void CheckSpaceL(const TDesC8& aText1, const TDesC8& aText2);
+ void CheckTempBufSpaceL(const TInt aSpace);
+ void InsertEntitiesL();
+
+private:
+ TPtrC8 iDoc;
+
+ HBufC8* iBuffer;
+ TPtr8 iBufferPtr;
+
+ HBufC8* iTempBuffer;
+ TPtr8 iTempBufferPtr;
+ };
+
+#endif // __XPP_IMPL__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/rom/utlxml.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project utlxml
+*
+*/
+
+
+
+
+#ifndef __UTLXML_IBY__
+#define __UTLXML_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature UTLXML not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\utlxml.dll SHARED_LIB_DIR\utlxml.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __UTLXML_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/src/XmlPullParser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1487 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CXmlPullParser.
+*
+*/
+
+
+
+#include <eikenv.h>
+#include <e32std.h>
+#include <e32des8.h>
+#include "XppImpl.h"
+
+const TInt KExtraPunctuation = 5;
+const TInt KBufSizeIncrement = 1024;
+const TInt KBufInitSize = 2048;
+
+//
+// Common literal text
+//
+_LIT8(KOpenBracket, "<");
+_LIT8(KCloseBracket, ">");
+//_LIT8(KStartEndTag, "</");
+//_LIT8(KCloseTag, "/>");
+_LIT8(KSpace, " ");
+_LIT8(KEquals, "=");
+_LIT8(KSlash, "/");
+_LIT8(KSingleQuote, "\'");
+_LIT8(KDoubleQuote, "\"");
+//_LIT8(KQuestionMark, "?");
+//_LIT8(KExclamationMark, "!");
+//_LIT8(KOpenCurlyBracket, "{");
+//_LIT8(KCloseCurlyBracket, "}");
+//_LIT8(KHyphen, "-");
+_LIT8(KOpenAngleBracket , "[");
+_LIT8(KCloseAngleBracket, "]");
+
+_LIT8(KAmpersand, "&");
+_LIT8(KAmpersandHash, "&#");
+_LIT8(KSemicolon, ";");
+
+// XML special marks
+//_LIT8(KStartXmlProlog, "<?xml");
+//_LIT8(KStartComment, "<!--");
+_LIT8(KEndComment, "-->");
+//_LIT8(KStartProcessingInstructions, "<?");
+_LIT8(KEndPIAndProlog, "?>");
+_LIT8(KStartCData, "<![CDATA[");
+_LIT8(KEndCData, "]]>");
+//_LIT8(KStartDocType, "<!DOCTYPE");
+//_LIT8(KStartElement, "<!ELEMENT");
+//_LIT8(KStartAttList, "<!ATTLIST");
+//_LIT8(KStartEntity, "<!ENTITY");
+//_LIT8(KStartNotation, "<!NOTATION");
+//_LIT8(KEndCdata, "]]>");
+
+_LIT8(KEntityLowerThan, "<"); // <
+_LIT8(KEntityGreaterThan, ">"); // >
+_LIT8(KEntityAmpersand, "&"); // &
+_LIT8(KEntityApostrophe, "'"); // '
+_LIT8(KEntityQuotation, """); // "
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+CXmlPullParser::CXmlPullParser()
+: iState(EStateStartDocument), iCurrentElementPos(0), iPathBufPtr(NULL, 0), iDepth(0),
+iIsEmptyElement(EFalse), iCdataStartFound(EFalse), iCdataSectionText(EFalse),
+iStringValuePtr(NULL, 0), iStringValueArray(NULL)
+ {
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+// NewLC with two stage construction
+EXPORT_C CXmlPullParser* CXmlPullParser::NewLC(CDesC8ArrayFlat& aStringValueArray)
+ {
+ // get new, leave if can't
+ CXmlPullParser* self = new (ELeave) CXmlPullParser();
+ // push onto cleanup stack in case self->ConstructL leaves
+ CleanupStack::PushL(self);
+ // complete construction with second phase constructor
+ self->ConstructL(aStringValueArray);
+ return self;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C CXmlPullParser* CXmlPullParser::NewL(CDesC8ArrayFlat& aStringValueArray)
+ {
+ CXmlPullParser* self=NewLC(aStringValueArray);
+ CleanupStack::Pop();
+ return self;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlPullParser::ConstructL(CDesC8ArrayFlat& aStringValueArray)
+ {
+ iPathBuf = HBufC8::NewMaxL(KBufInitSize);
+ iPathBufPtr.Set(iPathBuf->Des());
+ iPathBufPtr.SetLength(0); // Otherwise the Length is set to KBufInitSize
+ iCAttrDataArray = new (ELeave) CArrayFixFlat<TAttrData>(1);
+ iStringValue = HBufC8::NewMaxL(KBufInitSize);
+ iStringValuePtr.Set(iStringValue->Des());
+ iStringValuePtr.SetLength(0); // Otherwise the Length is set to KBufInitSize
+ //iStringValueArray = new (ELeave) CDesC8ArrayFlat(1);
+ iStringValueArray = &aStringValueArray;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+CXmlPullParser::~CXmlPullParser()
+ {
+ delete (iPathBuf);
+ delete iCAttrDataArray;
+ delete (iStringValue);
+ //delete iStringValueArray;
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlPullParser::CheckSpaceL(const TDesC8& aText)
+ {
+ TInt spaceLeft = iPathBufPtr.MaxLength() - iPathBufPtr.Length() - KExtraPunctuation;
+ if (aText.Length() > spaceLeft)
+ {
+ TInt newMaxLength = iPathBufPtr.MaxLength() + aText.Length() + KBufSizeIncrement;
+ iPathBuf = iPathBuf->ReAllocL(newMaxLength);
+ iPathBufPtr.Set(iPathBuf->Des());
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlPullParser::SetInput(const TDesC8& aInput)
+ {
+ iState = EStateStartDocument;
+ iText.Set(KNullDesC8);
+ iCAttrDataArray->Delete(0, iCAttrDataArray->Count());
+ iDocument.Set(aInput);
+ iDocPart.Set(KNullDesC8);
+ iLexer.Assign(aInput); // Assigns a string to this object from a descriptor
+ iCurrentElementPos = 0;
+ iPathBufPtr.Zero();
+ iElement.Set(KNullDesC8);
+ iDepth = 0;
+ iIsEmptyElement = EFalse;
+ iCdataStartFound = EFalse;
+ iCdataSectionText = EFalse;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::NextL()
+ {
+ TInt rv;
+
+ switch (iState)
+ {
+ case EStateStartDocument:
+ // skip
+ if ((rv = SkipLeadingNonRelevantElements()) == ERcDocumentError)
+ {
+ return rv;
+ }
+ else
+ {
+ iCurrentElementPos = iLexer.Offset();
+ rv = GetElementStartTagL();
+ return rv;
+ }
+ //break;
+
+ case EStateStartTag:
+ // skip
+ if ((rv = SkipNonRelevantElements()) == ERcDocumentError)
+ {
+ return rv;
+ }
+ else
+ {
+ iCurrentElementPos = iLexer.Offset();
+ if (iIsEmptyElement)
+ {
+ // delete /end tag from the iPathBuf
+ // this is done by subtracting the length of the buffer
+ iPathBufPtr.SetLength(iPathBufPtr.LocateReverse('/'));
+
+ // decrement iDepth
+ iDepth--;
+
+ // if we have an XML-document that is only one empty-element
+ // then we must check if we are already in the end of the document
+ if (CheckIfEndOfFile())
+ {
+ return KErrNone;
+ }
+ }
+ if (CheckIfNextEndTag()) // Check iState!!
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ rv = GetElementEndTag();
+ return rv;
+ }
+ }
+ else if (CheckIfNextStartTag()) // Check iState!!
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ rv = GetElementStartTagL();
+ return rv;
+ }
+ }
+ else // etext
+ {
+ rv = GetElementText();
+ return rv;
+ }
+ }
+ //break;
+
+ case EStateText:
+ // skip
+ if ((rv = SkipNonRelevantElements()) == ERcDocumentError)
+ {
+ return rv;
+ }
+ else
+ {
+ iCurrentElementPos = iLexer.Offset();
+ if (iState == EStateEndDocument)
+ {
+ // in EStateText we can not be in the end of the xml-document
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+
+ if (iCdataStartFound)
+ {
+ rv = GetElementText();
+ return rv;
+ }
+ else
+ {
+ if (CheckIfNextEndTag()) // Check iState!!
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ // get end tag
+ rv = GetElementEndTag();
+ return rv;
+ }
+ }
+ else if (CheckIfNextStartTag()) // Check iState!!
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ // get start tag
+ rv = GetElementStartTagL();
+ return rv;
+ }
+ }
+ else // etext
+ {
+ // get text
+ rv = GetElementText();
+ return rv;
+ }
+ }
+ }
+ //break;
+
+ case EStateEndTag:
+ // after end tag can be end of file, new start tag, new end tag or etext
+ // skip
+ if ((rv = SkipNonRelevantElements()) == ERcDocumentError)
+ {
+ return rv;
+ }
+ else
+ {
+ iCurrentElementPos = iLexer.Offset();
+ if (CheckIfEndOfFile())
+ {
+ return KErrNone;
+ }
+ else
+ {
+ if (CheckIfNextStartTag()) // Check iState
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ rv = GetElementStartTagL();
+ return rv;
+ }
+ }
+ else if (CheckIfNextEndTag()) // Check iState!!
+ {
+ if (iState == EStateError)
+ {
+ return ERcDocumentError;
+ }
+ else
+ {
+ rv = GetElementEndTag();
+ return rv;
+ }
+ }
+ else // etext
+ {
+ // get text
+ rv = GetElementText();
+ return rv;
+ }
+ }
+ }
+
+ //break;
+ case EStateEndDocument:
+ return ERcWrongParserState;
+ //break;
+ case EStateError:
+ return ERcWrongParserState;
+ //break;
+ default:
+ return ERcUnknown; // all the States are handled above
+ //break;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C CXmlPullParser::TParserState CXmlPullParser::State()
+ {
+ return iState;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::Name(TPtrC8& aName)
+ {
+ if ((iState == EStateStartTag) ||
+ (iState == EStateText) ||
+ (iState == EStateEndTag) ||
+ (iState == EStateEndDocument))
+ {
+ aName.Set(iElement);
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::PathL(TPtrC8& aPath)
+ {
+ if ((iState == EStateStartTag) ||
+ (iState == EStateText) ||
+ (iState == EStateEndTag))
+ {
+ aPath.Set(iPathBufPtr);
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::Depth(TInt& aDepth)
+ {
+ if ((iState == EStateStartTag) ||
+ (iState == EStateText) ||
+ (iState == EStateEndTag))
+ {
+ aDepth = iDepth;
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeCount(TInt& aCount)
+ {
+ if (iState == EStateStartTag)
+ {
+ aCount = iCAttrDataArray->Count();
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeName(TInt aIndex, TPtrC8& aName)
+ {
+ if (iState == EStateStartTag)
+ {
+ if ((aIndex < iCAttrDataArray->Count()) && (aIndex >= 0))
+ {
+ aName.Set(iCAttrDataArray->At(aIndex).iName);
+ return KErrNone;
+ }
+ else
+ {
+ return KErrNotFound;
+ }
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(TInt aIndex, TPtrC8& aValue)
+ {
+ if (iState == EStateStartTag)
+ {
+ if ((aIndex < iCAttrDataArray->Count()) && (aIndex >= 0))
+ {
+ aValue.Set(iCAttrDataArray->At(aIndex).iValue);
+ return KErrNone;
+ }
+ else
+ {
+ return KErrNotFound;
+ }
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeValuePredefEntitiesNotEscaped(const TDesC8& aName, TPtrC8& aValue)
+ {
+ TInt count;
+ TInt index = 0;
+ if (iState == EStateStartTag)
+ {
+ count = iCAttrDataArray->Count();
+ while (index < count)
+ {
+ if (iCAttrDataArray->At(index).iName == aName)
+ {
+ aValue.Set(iCAttrDataArray->At(index).iValue);
+ return KErrNone;
+ }
+ else
+ {
+ index ++;
+ }
+ }
+ return KErrNotFound;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeValueL(TInt aIndex, TPtrC8& aValue)
+ {
+ TInt ret;
+ ret = AttributeValuePredefEntitiesNotEscaped(aIndex, aValue);
+
+ if (ret == KErrNone)
+ {
+ CheckStringValueBufferSpaceL(aValue);
+
+ iStringValuePtr = aValue;
+
+ if ( (ret = EscapeCharRefAndPreDefEntities()) != KErrNone )
+ {
+ return ret;
+ }
+ else
+ {
+ iStringValueArray->AppendL(iStringValuePtr);
+ aValue.Set(iStringValueArray->MdcaPoint(iStringValueArray->MdcaCount()-1));
+ return KErrNone;
+ }
+ }
+ else
+ {
+ return ret;
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::AttributeValueL(const TDesC8& aName, TPtrC8& aValue)
+ {
+ TInt ret;
+ ret = AttributeValuePredefEntitiesNotEscaped(aName, aValue);
+
+ if (ret == KErrNone)
+ {
+ CheckStringValueBufferSpaceL(aValue);
+
+ iStringValuePtr = aValue;
+
+ if ( (ret = EscapeCharRefAndPreDefEntities()) != KErrNone )
+ {
+ return ret;
+ }
+ else
+ {
+ iStringValueArray->AppendL(iStringValuePtr);
+ aValue.Set(iStringValueArray->MdcaPoint(iStringValueArray->MdcaCount()-1));
+ return KErrNone;
+ }
+ }
+ else
+ {
+ return ret;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlPullParser::CheckStringValueBufferSpaceL(const TDesC8& aValue)
+ {
+ TInt newLength = aValue.Length();
+ if ( newLength > (iStringValuePtr.MaxLength()) )
+ {
+ iStringValue = iStringValue->ReAllocL(newLength);
+ iStringValuePtr.Set(iStringValue->Des());
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::IsEmptyElement(TBool& aIsEmptyElement)
+ {
+ if (iState == EStateStartTag)
+ {
+ aIsEmptyElement = iIsEmptyElement;
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::TextPredefEntitiesNotEscaped(TPtrC8& aText)
+ {
+ if (iState == EStateText)
+ {
+ aText.Set(iText);
+ return KErrNone;
+ }
+ else
+ {
+ return ERcWrongParserState;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::TextL(TPtrC8& aText)
+ {
+ TInt ret;
+ ret = TextPredefEntitiesNotEscaped(aText);
+
+ if (ret == KErrNone)
+ {
+ CheckStringValueBufferSpaceL(aText);
+
+ iStringValuePtr = aText;
+
+ if ( !(iCdataSectionText) )
+ {
+ if ( (ret = EscapeCharRefAndPreDefEntities()) != KErrNone )
+ {
+ return ret;
+ }
+ else
+ {
+ iStringValueArray->AppendL(iStringValuePtr);
+ aText.Set(iStringValueArray->MdcaPoint(iStringValueArray->MdcaCount()-1));
+ }
+ }
+ return KErrNone;
+ }
+ else
+ {
+ return ret;
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::Pos()
+ {
+ return iLexer.Offset();
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::CurrentElementPos()
+ {
+ return iCurrentElementPos;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlPullParser::Length()
+ {
+ return iDocument.Length();
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TPtrC8 CXmlPullParser::DocPart(TInt aStartPos, TInt aEndPos)
+ {
+ iDocPart.Set(iDocument.Mid(aStartPos, (aEndPos - aStartPos + 1)));
+ return iDocPart;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::SkipLeadingNonRelevantElements()
+ {
+ TPtrC8 token;
+ TInt endStringOffset;
+ TBool prologFound = ETrue;
+ TBool commentFound = ETrue;
+ TBool piFound = ETrue;
+ TBool dtdFound = ETrue;
+
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+
+ if (iLexer.Eos())
+ {
+ iState = EStateEndDocument;
+ return KErrNone;
+ }
+ else
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+
+ while (prologFound || commentFound || piFound || dtdFound)
+ {
+ // check for prolog: if prolog found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '?' &&
+ iLexer.Get() == 'x' && iLexer.Get() == 'm' && iLexer.Get() == 'l')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ if (token.Find(KEndPIAndProlog) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KEndPIAndProlog) + KEndPIAndProlog().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+ prologFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ prologFound = EFalse;
+ }
+
+ // check for comment: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '!' &&
+ iLexer.Get() == '-' && iLexer.Get() == '-')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ if (token.Find(KEndComment) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KEndComment) + KEndComment().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+ commentFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ commentFound = EFalse;
+ }
+
+ // check for processing instructions: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '?')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ if (token.Find(KEndPIAndProlog) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KEndPIAndProlog) + KEndPIAndProlog().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+ piFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ piFound = EFalse;
+ }
+
+ // check for document type declaration: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '!' &&
+ iLexer.Get() == 'D' && iLexer.Get() == 'O' &&
+ iLexer.Get() == 'C' && iLexer.Get() == 'T' &&
+ iLexer.Get() == 'Y' && iLexer.Get() == 'P' &&
+ iLexer.Get() == 'E')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ // if '[' found skip to ']' and then search for '>' (= end of doctype)
+ if (token.Find(KOpenAngleBracket) != KErrNotFound)
+ {
+ iLexer.Inc(token.Find(KOpenAngleBracket)
+ + KOpenAngleBracket().Length());
+ token.Set(iLexer.Remainder());
+ // Search for ']'
+ if (token.Find(KCloseAngleBracket) != KErrNotFound)
+ {
+ iLexer.Inc(token.Find(KCloseAngleBracket) + KCloseAngleBracket().Length());
+ token.Set(iLexer.Remainder());
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ if (token.Find(KCloseBracket) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KCloseBracket) + KCloseBracket().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+ dtdFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ dtdFound = EFalse;
+ }
+ }
+ }
+ return KErrNone;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::SkipNonRelevantElements()
+ {
+ TPtrC8 token;
+ TInt endStringOffset;
+ TBool prologFound = ETrue;
+ TBool commentFound = ETrue;
+ TBool piFound = ETrue;
+ TBool dtdFound = ETrue;
+
+ iLexer.Mark(iMarkPosition); // Remember where we are
+
+ if (iLexer.Eos())
+ {
+ iState = EStateEndDocument;
+ return KErrNone;
+ }
+ else
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+
+ while (prologFound || commentFound || piFound || dtdFound)
+ {
+ // check for prolog: if prolog found -> error
+ // Spec says: "The document type declaration must appear before
+ // the first element in the document."
+ if (iLexer.Get() == '<' && iLexer.Get() == '?' &&
+ iLexer.Get() == 'x' && iLexer.Get() == 'm' && iLexer.Get() == 'l')
+ {
+ prologFound = ETrue;
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ prologFound = EFalse;
+ }
+
+ // check for comment: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '!' &&
+ iLexer.Get() == '-' && iLexer.Get() == '-')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ if (token.Find(KEndComment) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KEndComment) + KEndComment().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.Mark(iMarkPosition); // Remember where we are
+ commentFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ commentFound = EFalse;
+ }
+
+ // check for processing instructions: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '?')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ if (token.Find(KEndPIAndProlog) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KEndPIAndProlog) + KEndPIAndProlog().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.Mark(iMarkPosition); // Remember where we are
+ piFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ piFound = EFalse;
+ }
+
+ // check for document type declaration: if found skip it
+ if (iLexer.Get() == '<' && iLexer.Get() == '!' &&
+ iLexer.Get() == 'D' && iLexer.Get() == 'O' &&
+ iLexer.Get() == 'C' && iLexer.Get() == 'T' &&
+ iLexer.Get() == 'Y' && iLexer.Get() == 'P' &&
+ iLexer.Get() == 'E')
+ {
+ token.Set(iLexer.Remainder()); // pointer to the rest of the xml document
+ // if '[' found skip to ']' and then search for '>' (= end of doctype)
+ if (token.Find(KOpenAngleBracket) != KErrNotFound)
+ {
+ iLexer.Inc(token.Find(KOpenAngleBracket)
+ + KOpenAngleBracket().Length());
+ token.Set(iLexer.Remainder());
+ // Search for ']'
+ if (token.Find(KCloseAngleBracket) != KErrNotFound)
+ {
+ iLexer.Inc(token.Find(KCloseAngleBracket) + KCloseAngleBracket().Length());
+ token.Set(iLexer.Remainder());
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+ }
+ if (token.Find(KCloseBracket) != KErrNotFound)
+ {
+ endStringOffset = token.Find(KCloseBracket) + KCloseBracket().Length();
+ iLexer.Inc(endStringOffset);
+ iLexer.SkipSpaceAndMark(iMarkPosition); // Remember where we are
+ dtdFound = ETrue;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError; // no end string found
+ }
+
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ dtdFound = EFalse;
+ }
+ }
+ }
+ return KErrNone;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::GetElementStartTagL()
+ {
+ TPtrC8 token;
+ TPtrC8 startTag;
+ TInt offset;
+ TInt eqpos;
+ TInt spacepos;
+ TInt attrValueLen;
+ TLex8 tokenLexer;
+ TChar ch;
+
+
+ iLexer.Mark(iMarkPosition); // Remember where we are
+
+ if (iLexer.Eos())
+ {
+ iState = EStateError; // we can not be in the end of the doc when
+ // we should have Start Tag
+ return ERcDocumentError;
+ }
+ else
+ {
+
+ // Delete attributes from iCAttrDataArray
+ iCAttrDataArray->Delete(0, iCAttrDataArray->Count());
+
+
+ if (iLexer.Get() == '<' && iLexer.Peek().IsAlpha())
+ {
+ iLexer.Mark(iMarkPosition); // start of the element
+ token.Set(iLexer.Remainder());
+ offset = token.Find(KCloseBracket);
+
+ // start tag and possible attribute(s)
+ startTag.Set(token.Left(offset));
+ tokenLexer.Assign(startTag);
+
+ // Start tag format: '<' Name (S Attribute)* S?'>'
+ // tag name -> iElement
+ if (startTag.Find(KSpace) == KErrNotFound)
+ {
+ // case: no attributes/space in the start tag
+ iElement.Set(startTag.Left(offset));
+ if (iElement[iElement.Length() - 1] == '/')
+ {
+ iElement.Set(iElement.Left(iElement.Length() - 1));
+ }
+ }
+ else
+ {
+ // case: space after tag name or
+ // case: at least one attribute in the start tag
+ iElement.Set(startTag.Left(startTag.Find(KSpace)));
+ }
+
+ // set state
+ iState = EStateStartTag;
+
+ // Add /tag name to iPathBuf
+ CheckSpaceL(iElement); // Check that there is enough space in iPathBuf
+
+ iPathBufPtr.Append(KSlash); // '/'
+ iPathBufPtr.Append(iElement); // tag name
+
+ // increment iDepth
+ iDepth++;
+
+ while ((eqpos = startTag.Find(KEquals)) != KErrNotFound)
+ {
+ TAttrData startTagAttr;
+ // get attribute(s)
+ spacepos = startTag.Find(KSpace);
+ tokenLexer.Inc(spacepos);
+ startTagAttr.iName.Set(startTag.Mid(spacepos + KSpace().Length(),
+ eqpos - spacepos - KEquals().Length()));
+ // rest of the start tag and attributes
+ startTag.Set(startTag.Right(startTag.Length() - eqpos - KEquals().Length()));
+ tokenLexer.Inc(eqpos - spacepos + KEquals().Length());
+ ch = tokenLexer.Get();
+ if (ch == '\'' || ch == '\"') // this should be ' or "
+ {
+ startTag.Set(startTag.Right(startTag.Length() - 1));
+ // if attribute ending ' or " not found return error
+ if ((attrValueLen = startTag.Locate(ch)) != KErrNotFound)
+ {
+ startTagAttr.iValue.Set(startTag.Left(attrValueLen));
+ iCAttrDataArray->AppendL(startTagAttr);
+ startTag.Set(startTag.Right(startTag.Length() - attrValueLen));
+ tokenLexer.Inc(attrValueLen);
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+
+ // check if tag is empty element
+ iLexer.Inc(offset - KCloseBracket().Length()); // iLexer into the end of the tag - 1 position
+ iLexer.Mark(iMarkPosition);
+
+ if (iLexer.Get() == '/') // next char is '>' for sure
+ {
+ iLexer.Inc(KCloseBracket().Length());
+ iIsEmptyElement = ETrue;
+ iLexer.Mark(iMarkPosition);
+ }
+ else if (iLexer.Get() == '>')
+ {
+ iIsEmptyElement = EFalse;
+ iLexer.Mark(iMarkPosition);
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ return KErrNone;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::GetElementText()
+ {
+ TPtrC8 elementText;
+ TInt offset;
+ TInt cdataStartOffset;
+ TInt cdataEndOffset;
+
+ iLexer.Mark(iMarkPosition); // Remember where we are
+
+ if (iLexer.Eos())
+ {
+ iState = EStateError; // we can not be in the end of the doc when
+ // we should have Start Tag
+ return ERcDocumentError;
+ }
+ else
+ {
+ elementText.Set(iLexer.Remainder());
+
+ if (iCdataStartFound)
+ {
+ if ((cdataEndOffset = elementText.Find(KEndCData)) != KErrNotFound)
+ {
+ iCdataStartFound = EFalse;
+ iCdataSectionText = ETrue; // text inside CDATA section
+ iText.Set(elementText.Left(cdataEndOffset));
+ if (iText.Find(KStartCData) != KErrNotFound)
+ {
+ // Nested CDATA sections are not allowed
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ iLexer.Inc(cdataEndOffset + KEndCData().Length());
+ }
+ else
+ {
+ // CDATA end not found -> error
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ else
+ {
+ // Start of CDATA section '<![CDATA['
+ if ((cdataStartOffset = elementText.Find(KStartCData)) == 0)
+ {
+ if ((cdataEndOffset = elementText.Find(KEndCData)) != KErrNotFound)
+ {
+ iCdataStartFound = EFalse;
+ iCdataSectionText = ETrue; // text inside CDATA section
+ iText.Set(elementText.Mid(KStartCData().Length(), cdataEndOffset - KStartCData().Length()));
+ if (iText.Find(KStartCData) != KErrNotFound)
+ {
+ // Nested CDATA sections are not allowed
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ iLexer.Inc(cdataEndOffset + KEndCData().Length());
+ }
+ else
+ {
+ // CDATA end not found -> error
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ else
+ {
+ offset = elementText.Find(KOpenBracket); // any '<'
+
+ if ((cdataStartOffset != KErrNotFound) && !(offset < cdataStartOffset))
+ {
+ iCdataStartFound = ETrue;
+ iCdataSectionText = EFalse; // text before CDATA section
+ iText.Set(elementText.Left(cdataStartOffset));
+ iLexer.Inc(cdataStartOffset + KStartCData().Length());
+ }
+ else
+ {
+ // No CDATA section found
+ // iCdataStartFound = EFalse; // this is EFalse any way
+ iCdataSectionText = EFalse;
+ if (offset != KErrNotFound)
+ {
+ iText.Set(elementText.Left(offset));
+ iLexer.Inc(offset);
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ }
+ }
+ iState = EStateText;
+ return KErrNone;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TBool CXmlPullParser::CheckIfNextEndTag()
+ {
+ iLexer.Mark(iMarkPosition);
+
+ if (iLexer.Eos())
+ {
+ iState = EStateError; // we can not be in the end of the doc when
+ // we should have Start/End Tag
+ return ETrue; // the caller must check the iState!!
+ }
+ else
+ {
+ if (iLexer.Get() == '<' && iLexer.Get() == '/')
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ return ETrue;
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ return EFalse;
+ }
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TBool CXmlPullParser::CheckIfNextStartTag()
+ {
+ iLexer.Mark(iMarkPosition);
+
+ if (iLexer.Eos())
+ {
+ iState = EStateError; // we can not be in the end of the doc when
+ // we should have Start/End Tag
+ return ETrue; // the caller must check the iState!!
+ }
+ else
+ {
+ if (iLexer.Get() == '<' && iLexer.Get().IsAlpha())
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ return ETrue;
+ }
+ else
+ {
+ iLexer.UnGetToMark(iMarkPosition);
+ return EFalse;
+ }
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::GetElementEndTag()
+ {
+ TPtrC8 elementText;
+ TInt offset;
+
+ iLexer.Mark(iMarkPosition); // Remember where we are
+
+ if (iLexer.Eos())
+ {
+ iState = EStateError; // we can not be in the end of the doc when
+ // we should have End Tag
+ return ERcDocumentError;
+ }
+ else
+ {
+ if (iLexer.Get() == '<' && iLexer.Get() == '/')
+ {
+ elementText.Set(iLexer.Remainder());
+ if ((offset = elementText.Find(KCloseBracket)) != KErrNotFound)
+ {
+ // End tag format: '</' Name S? '>'
+ iElement.Set(elementText.Left(offset));
+ if (iElement[iElement.Length() - 1] == ' ')
+ {
+ iElement.Set(iElement.Left(iElement.Length() - 1));
+ }
+
+ // delete /end tag from the iPathBuf
+ // this is done by subtracting the length of the buffer
+ iPathBufPtr.SetLength(iPathBufPtr.LocateReverse('/'));
+
+ // decrement iDepth
+ iDepth--;
+
+ iLexer.Inc(offset + KCloseBracket().Length());
+ iState = EStateEndTag;
+ return KErrNone;
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ else
+ {
+ iState = EStateError;
+ return ERcDocumentError;
+ }
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TBool CXmlPullParser::CheckIfEndOfFile()
+ {
+ iLexer.Mark(iMarkPosition);
+
+ if ( (iDepth == 0) && (iPathBufPtr.Length() == 0) )
+ {
+ iState = EStateEndDocument;
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::EscapeCharRefAndPreDefEntities()
+ {
+ TInt retVal;
+
+ if (iStringValuePtr.Find(KAmpersandHash) != KErrNotFound)
+ {
+ retVal = CharacterReferencesEscaped(); // handle ª and &#aa;
+ if ( retVal != KErrNone )
+ {
+ return retVal;
+ }
+ }
+
+ if (iStringValuePtr.Find(KAmpersand) != KErrNotFound)
+ {
+ retVal = PredefinedEntitiesEscaped(); // handle < > & ' and "
+ if ( retVal != KErrNone )
+ {
+ return retVal;
+ }
+ }
+
+ return KErrNone;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::CharacterReferencesEscaped()
+ {
+ TInt startPos, length;
+ TInt retVal;
+ TInt i = 0;
+ TRadix radix = EDecimal;
+
+ TLex8 tempLexer;
+ TLexMark8 mark;
+ TUint number;
+
+ TPtrC8 tempPtr;
+
+ while ( (startPos = iStringValuePtr.Find(KAmpersandHash)) != KErrNotFound)
+ {
+ tempPtr.Set(iStringValuePtr.Right(iStringValuePtr.Length() - startPos));
+ length = tempPtr.Find(KSemicolon) - KAmpersandHash().Length();
+ tempPtr.Set(iStringValuePtr.Mid(startPos + KAmpersandHash().Length(), length));
+ tempLexer.Assign(tempPtr);
+ if ( tempLexer.Peek() == 'x' )
+ {
+ tempLexer.Inc(); //increment to next character position
+ tempLexer.Mark(mark);
+ for ( i = 0; i < (length - 1); i++ ) // check that whole input is hexadecimal
+ {
+ if ( !(tempLexer.Get()).IsHexDigit() )
+ {
+ return ERcDocumentError; // after &#x there must be hexadecimal digits (0-9, a-f, A-F).
+ }
+ }
+ tempLexer.UnGetToMark(mark);
+ radix = EHex;
+ }
+ else
+ {
+ tempLexer.Mark(mark);
+ for ( i = 0; i < length; i++ )
+ {
+ if ( !(tempLexer.Get()).IsDigit() )
+ {
+ return ERcDocumentError; // after &# there must be standard decimal digits (0-9).
+ }
+ }
+ tempLexer.UnGetToMark(mark);
+ radix = EDecimal;
+ }
+
+ if ( (retVal = tempLexer.Val(number, radix)) == KErrNone)
+ {
+ TChar ch(number);
+ TBuf8<12> buf;
+ buf.Append(ch);
+ iStringValuePtr.Replace(startPos, length + KAmpersandHash().Length() +
+ KSemicolon().Length(), buf);
+ }
+ else
+ {
+ return retVal;
+ }
+ }
+ return KErrNone;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+TInt CXmlPullParser::PredefinedEntitiesEscaped()
+ {
+ TInt pos;
+
+ while (iStringValuePtr.Find(KAmpersand) != KErrNotFound)
+ {
+ if ((pos = iStringValuePtr.Find(KEntityLowerThan)) != KErrNotFound)
+ {
+ iStringValuePtr.Replace(pos, KEntityLowerThan().Length(), KOpenBracket);
+ }
+ else if ((pos = iStringValuePtr.Find(KEntityGreaterThan)) != KErrNotFound)
+ {
+ iStringValuePtr.Replace(pos, KEntityGreaterThan().Length(), KCloseBracket);
+ }
+ else if ((pos = iStringValuePtr.Find(KEntityAmpersand)) != KErrNotFound)
+ {
+ iStringValuePtr.Replace(pos, KEntityAmpersand().Length(), KAmpersand);
+ }
+ else if ((pos = iStringValuePtr.Find(KEntityApostrophe)) != KErrNotFound)
+ {
+ iStringValuePtr.Replace(pos, KEntityApostrophe().Length(), KSingleQuote);
+ }
+ else if ((pos = iStringValuePtr.Find(KEntityQuotation)) != KErrNotFound)
+ {
+ iStringValuePtr.Replace(pos, KEntityQuotation().Length(), KDoubleQuote);
+ }
+ else
+ {
+ return KErrNone;
+ }
+ }
+ return KErrNone;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/src/XmlWriter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,463 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of CXmlWriter.
+*
+*/
+
+
+
+#include <eikenv.h>
+#include <e32std.h>
+#include <e32des8.h>
+#include "XwImpl.h"
+
+const TInt KExtraPunctuation = 13; // CDATA section has 12 extra characters
+const TInt KBufSizeIncrement = 1024;
+const TInt KBufInitSize = 2048;
+
+//
+// Common literal text
+//
+_LIT8(KPrologStart, "<?xml");
+_LIT8(KPrologEnd, "?>");
+_LIT8(KVersion, "version");
+_LIT8(K10, "1.0");
+_LIT8(KEncoding, "encoding");
+_LIT8(KIso88591, "ISO-8859-1");
+_LIT8(KOpenBracket, "<");
+_LIT8(KCloseBracket, ">");
+_LIT8(KStartEndTag, "</");
+_LIT8(KCloseTag, "/>");
+_LIT8(KSpace, " ");
+_LIT8(KEquals, "=");
+_LIT8(KSingleQuote, "\'");
+//_LIT8(KDoubleQuote, "\"");
+_LIT8(KCDStart, "<![CDATA[");
+_LIT8(KCDEnd, "]]>");
+
+_LIT8(KEntityLowerThan, "<"); // <
+_LIT8(KEntityGreaterThan, ">"); // >
+_LIT8(KEntityAmpersand, "&"); // &
+_LIT8(KEntityApostrophe, "'"); // '
+_LIT8(KEntityQuotation, """); // "
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+
+CXmlWriter::CXmlWriter()
+: iBufferPtr(NULL, 0), iTempBufferPtr(NULL, 0)
+ {
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+// NewLC with two stage construction
+EXPORT_C CXmlWriter* CXmlWriter::NewLC()
+ {
+ // get new, leave if can't
+ CXmlWriter* self = new (ELeave) CXmlWriter();
+ // push onto cleanup stack in case self->ConstructL leaves
+ CleanupStack::PushL(self);
+ // complete construction with second phase constructor
+ self->ConstructL();
+ return self;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C CXmlWriter* CXmlWriter::NewL()
+ {
+ CXmlWriter* self=NewLC();
+ CleanupStack::Pop();
+ return self;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::ConstructL()
+ {
+ iBuffer = HBufC8::NewMaxL(KBufInitSize);
+ iBufferPtr.Set(iBuffer->Des());
+ iBufferPtr.SetLength(0); // Otherwise the Length is set to KBufInitSize
+ iTempBuffer = HBufC8::NewMaxL(KBufInitSize);
+ iTempBufferPtr.Set(iTempBuffer->Des());
+ iTempBufferPtr.SetLength(0); // Otherwise the Length is set to KBufInitSize
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+CXmlWriter::~CXmlWriter()
+ {
+ delete (iBuffer);
+ delete (iTempBuffer);
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::CheckSpaceL(const TInt aSpace)
+ {
+ // Make sure that we have enough space for the new text
+ TInt spaceLeft = iBufferPtr.MaxLength() - iBufferPtr.Length()
+ - KExtraPunctuation;
+
+ if (aSpace > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = iBufferPtr.MaxLength() + aSpace + KBufSizeIncrement;
+
+ iBuffer = iBuffer->ReAllocL(newMaxLength);
+ iBufferPtr.Set(iBuffer->Des());
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::CheckSpaceL(const TDesC8& aText)
+ {
+ // Make sure that we have enough space for the new text
+ TInt spaceLeft = iBufferPtr.MaxLength() - iBufferPtr.Length()
+ - KExtraPunctuation;
+
+ if (aText.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = iBufferPtr.MaxLength() + aText.Length()
+ + KBufSizeIncrement;
+
+ iBuffer = iBuffer->ReAllocL(newMaxLength);
+ iBufferPtr.Set(iBuffer->Des());
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::CheckSpaceL(const TDesC8& aText1, const TDesC8& aText2)
+ {
+ // Make sure that we have enough space for the new text
+ TInt spaceLeft = iBufferPtr.MaxLength() - iBufferPtr.Length()
+ - KExtraPunctuation;
+
+ if ((aText1.Length() + aText2.Length()) > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = iBufferPtr.MaxLength() + aText1.Length()
+ + aText2.Length() + KBufSizeIncrement;
+
+ iBuffer = iBuffer->ReAllocL(newMaxLength);
+ iBufferPtr.Set(iBuffer->Des());
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::CheckTempBufSpaceL(const TInt aSpace)
+ {
+ // Make sure that we have enough space for the new text
+ TInt spaceLeft = iTempBufferPtr.MaxLength() - iTempBufferPtr.Length();
+
+ if (aSpace > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = iTempBufferPtr.MaxLength() + aSpace + KBufSizeIncrement;
+
+ iTempBuffer = iTempBuffer->ReAllocL(newMaxLength);
+ iTempBufferPtr.Set(iTempBuffer->Des());
+ }
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+void CXmlWriter::InsertEntitiesL()
+ {
+ TInt i = 0;
+
+ while ( i < iTempBufferPtr.Length() )
+ {
+ if ( iTempBufferPtr[i] == '<' )
+ {
+ CheckTempBufSpaceL(KEntityLowerThan().Length());
+ iTempBufferPtr.Replace(i, 1, KEntityLowerThan);
+ i += KEntityLowerThan().Length();
+ }
+ else if ( iTempBufferPtr[i] == '>' )
+ {
+ CheckTempBufSpaceL(KEntityGreaterThan().Length());
+ iTempBufferPtr.Replace(i, 1, KEntityGreaterThan);
+ i += KEntityGreaterThan().Length();
+ }
+ else if ( iTempBufferPtr[i] == '&' )
+ {
+ CheckTempBufSpaceL(KEntityAmpersand().Length());
+ iTempBufferPtr.Replace(i, 1, KEntityAmpersand);
+ i += KEntityAmpersand().Length();
+ }
+ else if ( iTempBufferPtr[i] == '\'' )
+ {
+ CheckTempBufSpaceL(KEntityApostrophe().Length());
+ iTempBufferPtr.Replace(i, 1, KEntityApostrophe);
+ i += KEntityApostrophe().Length();
+ }
+ else if ( iTempBufferPtr[i] == '\"' )
+ {
+ CheckTempBufSpaceL(KEntityQuotation().Length());
+ iTempBufferPtr.Replace(i, 1, KEntityQuotation);
+ i += KEntityQuotation().Length();
+ }
+ else
+ {
+ i++;
+ }
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddPrologL()
+ {
+ CheckSpaceL(KPrologStart().Length() + 2*KSpace().Length() + KVersion().Length() +
+ 2*KEquals().Length() + 4*KSingleQuote().Length() + K10().Length() +
+ KEncoding().Length() + KIso88591().Length() + KPrologEnd().Length());
+
+ iBufferPtr.Append(KPrologStart); // <?xml
+ iBufferPtr.Append(KSpace);
+ iBufferPtr.Append(KVersion); // version
+ iBufferPtr.Append(KEquals); // =
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(K10); // 1.0
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KSpace);
+ iBufferPtr.Append(KEncoding); // encoding
+ iBufferPtr.Append(KEquals); // =
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KIso88591); // ISO-8859-1
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KPrologEnd); // ?>
+ }
+
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddPrologL(const TDesC8& aVersionNum)
+ {
+ CheckSpaceL(KPrologStart().Length() + 2*KSpace().Length() + KVersion().Length() +
+ 2*KEquals().Length() + 4*KSingleQuote().Length() + aVersionNum.Length() +
+ KEncoding().Length() + KIso88591().Length() + KPrologEnd().Length());
+
+ iBufferPtr.Append(KPrologStart); // <?xml
+ iBufferPtr.Append(KSpace);
+ iBufferPtr.Append(KVersion); // version
+ iBufferPtr.Append(KEquals); // =
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(aVersionNum);
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KSpace);
+ iBufferPtr.Append(KEncoding); // encoding
+ iBufferPtr.Append(KEquals); // =
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KIso88591); // ISO-8859-1
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(KPrologEnd); // ?>
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddStartTagL(const TDesC8& aName)
+ {
+ CheckSpaceL(aName);
+
+ iBufferPtr.Append(KOpenBracket); // <
+ iBufferPtr.Append(aName);
+ iBufferPtr.Append(KCloseBracket); // >
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::OpenStartTagL(const TDesC8& aName)
+ {
+ CheckSpaceL(aName);
+
+ iBufferPtr.Append(KOpenBracket); // <
+ iBufferPtr.Append(aName);
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddAttributeL(const TDesC8& aName, const TDesC8& aValue)
+ {
+ CheckTempBufSpaceL(aName.Length() + aValue.Length());
+
+ iTempBufferPtr = aValue;
+
+ InsertEntitiesL();
+
+ CheckSpaceL(aName, iTempBufferPtr);
+
+ iBufferPtr.Append(KSpace); //
+ iBufferPtr.Append(aName);
+ iBufferPtr.Append(KEquals); // =
+ iBufferPtr.Append(KSingleQuote); // '
+ iBufferPtr.Append(iTempBufferPtr);
+ iBufferPtr.Append(KSingleQuote); // '
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::CloseStartTagL(TBool aEndElement)
+ {
+ CheckSpaceL(KCloseTag);
+
+ if(aEndElement)
+ {
+ iBufferPtr.Append(KCloseTag); // />
+ }
+ else
+ {
+ iBufferPtr.Append(KCloseBracket);
+ }
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddTextL(const TDesC8& aText)
+ {
+ CheckTempBufSpaceL(aText.Length());
+
+ iTempBufferPtr = aText;
+
+ InsertEntitiesL();
+
+ CheckSpaceL(iTempBufferPtr);
+
+ iBufferPtr.Append(iTempBufferPtr);
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddXmlTextL(const TDesC8& aText)
+ {
+ CheckSpaceL(aText);
+
+ iBufferPtr.Append(aText);
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddEndTagL(const TDesC8& aName)
+ {
+ CheckSpaceL(aName);
+
+ iBufferPtr.Append(KStartEndTag); // </
+ iBufferPtr.Append(aName);
+ iBufferPtr.Append(KCloseBracket); // >
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::AddCdataSectL(const TDesC8& aText)
+ {
+ CheckSpaceL(aText);
+
+ iBufferPtr.Append(KCDStart); // <![CDATA[
+ iBufferPtr.Append(aText);
+ iBufferPtr.Append(KCDEnd); // ]]>
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::InsertTextL(TInt aPos, const TDesC8& aText)
+ {
+ iTempBufferPtr = aText;
+
+ InsertEntitiesL();
+
+ CheckSpaceL(iTempBufferPtr);
+
+ iBufferPtr.Insert(aPos, iTempBufferPtr); // aPos is an offset; a zero value
+ // refers to the leftmost data
+ // position
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::InsertXmlTextL(TInt aPos, const TDesC8& aText)
+ {
+ CheckSpaceL(aText);
+
+ iBufferPtr.Insert(aPos, aText); // aPos is an offset; a zero value
+ // refers to the leftmost data
+ // position
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TInt CXmlWriter::Length()
+ {
+ return iBufferPtr.Length();
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C TPtrC8 CXmlWriter::DocPart(TInt aStartPos, TInt aEndPos)
+ {
+ iDoc.Set(iBufferPtr.Mid(aStartPos, (aEndPos - aStartPos + 1)));
+ return iDoc;
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+//
+////////////////////////////////////////////////////////////////////////////////////////
+EXPORT_C void CXmlWriter::Reset()
+ {
+ iBufferPtr.Zero();
+ iDoc.Set(KNullDesC8);
+ }
+
+////////////////////////////////////////////////////////////////////////////////////////
+// Dll entry point
+////////////////////////////////////////////////////////////////////////////////////////
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/utlxml/src/XppTest.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,624 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: XML pull parser tester.
+*
+*/
+
+
+#include <e32base.h>
+#include <e32cons.h>
+#include <badesca.h>
+#include "XppImpl.h"
+#include "XwImpl.h"
+
+_LIT(KTxtXppTest, "XppTest");
+_LIT(KTxtTitle, "XML pull parser tester");
+_LIT(KTxtFailed, "Failed: leave code = %d");
+_LIT(KTxtOK, "OK");
+_LIT(KTxtPressAnyKey, " [press any key]");
+
+LOCAL_D CConsoleBase* console;
+
+LOCAL_C void callExampleL();
+LOCAL_C void doExampleL();
+LOCAL_C void XmlParsingExampleL();
+LOCAL_C void XmlWritingExampleL();
+
+// The starting point
+GLDEF_C TInt E32Main()
+ {
+ __UHEAP_MARK;
+
+ CTrapCleanup* cleanup = CTrapCleanup::New();
+ TRAPD(error, callExampleL());
+ __ASSERT_ALWAYS(!error, User::Panic(KTxtXppTest, error));
+ delete cleanup;
+
+ __UHEAP_MARKEND;
+
+ return 0;
+ }
+
+// Console initialization and the doExample call
+LOCAL_C void callExampleL()
+ {
+ console = Console::NewL(KTxtTitle, TSize(KConsFullScreen, KConsFullScreen));
+ CleanupStack::PushL(console);
+
+ TRAPD(error, doExampleL());
+
+ if (error)
+ console->Printf(KTxtFailed, error);
+ else
+ console->Printf(KTxtOK);
+
+ console->Printf(KTxtPressAnyKey);
+ console->Getch();
+
+ CleanupStack::PopAndDestroy(); // console
+ }
+
+//-----------------------------------------------------------------------------
+// XML parsing example
+//-----------------------------------------------------------------------------
+
+// The test XML document
+
+_LIT8(KTestXML,
+ "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?> \
+ <!-- This is a comment that should be skipped when parsing --> \
+ <!-- This is the 2nd comment that should be skipped when parsing --> \
+ <!DOCTYPE note [ \
+ <!ELEMENT note (to, from, heading, body)> \
+ <!ELEMENT to (#PCDATA)> \
+ <!ELEMENT from (#PCDATA)> \
+ <!ELEMENT heading (#PCDATA)> \
+ <!ELEMENT body (#PCDATA)> \
+ ]> \
+ <Metadata xmlns='&#ab;attr1] acu' attr2=\"secondrror;attribute\" > \
+ <Name ><![CDATA[<1st cdata section>]]>name ? 1</Name > \
+ <Name>name 2<![CDATA[</2dn cdata section><>]]></Name> \
+ <Name>name 3 start<![CDATA[]</3rd cdata section>]]>name 3 end</Name > \
+ <Type>a<b< c >d{e&f#g'h/i"j</Type> \
+ <Id>12345</Id> \
+ </Metadata> \
+ <!-- This is the 3rd comment -->");
+
+// The second test XML document
+_LIT8(KTestXML2,
+ "<VPNPolicyPkg><File name='nokia_nic_vpn-sales-1_0.pin'>data1</File><File name='nokia_nic_vpn-sales-1_0.pol'>data2</File></VPNPolicyPkg>");
+
+// 2nd Tag/attribute names
+_LIT8(KTagVPNPolicyPkg, "/VPNPolicyPkg");
+_LIT8(KTagFile, "/VPNPolicyPkg/File");
+_LIT8(KAttrName, "name");
+
+// Tag/attribute names
+_LIT8(KTagMetadata, "/Metadata");
+_LIT8(KTagName, "/Metadata/Name");
+_LIT8(KTagType, "/Metadata/Type");
+_LIT8(KTagId, "/Metadata/Id");
+_LIT8(KAttrXmlns, "xmlns");
+_LIT8(KAttrAttr2, "attr2");
+
+
+_LIT8(KTestXML3,
+ "<sessions esgId=\"44\" lang=\"FI\" modified=\"3261983767\" expiryTime=\"3262005367\"/>");
+
+// 3rd Tag/attribute names
+_LIT8(KTagSessions, "/sessions");
+_LIT8(KAttrEsgId, "esgId");
+_LIT8(KAttrLang, "lang");
+_LIT8(KAttrModified, "modified");
+_LIT8(KAttrExpiryTime, "expiryTime");
+
+
+// Outputting formatting
+_LIT(KFormatName, "Name: %S\n");
+_LIT(KPosition, "Position: %u\n");
+_LIT(KStartPosition, "Element Start Position: %u\n");
+_LIT(KLength, "Total length: %u\n");
+_LIT(KFormatType, "Type: %S\n");
+_LIT(KFormatId, "Id: %S\n");
+_LIT(KFormatXmlns, "Id: %S\n");
+_LIT(KFormatAttr2, "attr2: %S\n");
+_LIT(KFormatAttrName, "Attr Name: %S\n");
+_LIT(KFormatEndTag, "End tag: %S\n");
+_LIT(KFormatEndDocumentEndTag, "End doc end tag: %S\n");
+_LIT(KFormatPart, "Document part: %S\n");
+_LIT(KFormatError, "Error\n");
+
+// Output format for 3rd test
+_LIT(KFormatAttrEsgId, "esgId: %S\n");
+_LIT(KFormatAttrLang, "lang: %S\n");
+_LIT(KFormatAttrModified, "modified: %S\n");
+_LIT(KFormatAttrExpiryTime, "expiryTime: %S\n");
+
+
+// The actual example
+LOCAL_C void doExampleL()
+ {
+ // To make code scanner silent
+ TRAP_IGNORE(XmlWritingExampleL());
+ }
+
+LOCAL_C void XmlParsingExampleL()
+ {
+ CDesC8ArrayFlat* stringValueArray = new (ELeave) CDesC8ArrayFlat(1); // jakovist test
+ // Create the parser
+ CXmlPullParser* parser = CXmlPullParser::NewLC(*stringValueArray);
+ //CXmlPullParser* parser = CXmlPullParser::NewLC();
+
+ // Specify the XML document to parse
+ parser->SetInput(KTestXML);
+ //parser->SetInput(KTestXML2);
+
+ // Pull all interesting data from the document...
+ CXmlPullParser::TParserState state;
+
+ do
+ {
+ User::LeaveIfError(parser->NextL());
+
+ state = parser->State();
+
+ TPtrC8 path;
+ parser->PathL(path);
+
+ TPtrC8 value;
+
+ // needed in console print
+ //TBuf<1024> copyBuf;
+ TBuf<512> copyBuf;
+
+//#if 0 //test
+ // Get and show element texts
+ if (state == CXmlPullParser::EStateText)
+ {
+ if (path.Compare(KTagName) == 0)
+ {
+ TInt retVal = parser->TextL(value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatName, ©Buf);
+ //console->Printf(KStartPosition, parser->CurrentElementPos());
+ //console->Printf(KPosition, parser->Pos());
+ }
+ }
+ if (path.Compare(KTagType) == 0)
+ {
+ TInt retVal = parser->TextL(value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatType, ©Buf);
+ //console->Printf(KStartPosition, parser->CurrentElementPos());
+ //console->Printf(KPosition, parser->Pos());
+ }
+ retVal = parser->TextPredefEntitiesNotEscaped(value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatType, ©Buf);
+ }
+ }
+ if (path.Compare(KTagId) == 0)
+ {
+ parser->TextL(value);
+ copyBuf.Copy(value);
+ console->Printf(KFormatId, ©Buf);
+ //console->Printf(KStartPosition, parser->CurrentElementPos());
+ //console->Printf(KPosition, parser->Pos());
+ }
+ }
+//#endif // if 0
+
+ // Get and shown an attribute value
+ if (state == CXmlPullParser::EStateStartTag)
+ {
+ if (path.Compare(KTagMetadata) == 0)
+ {
+ TInt retVal = parser->AttributeValueL(KAttrXmlns, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatXmlns, ©Buf);
+ //console->Printf(KStartPosition, parser->CurrentElementPos());
+ //console->Printf(KPosition, parser->Pos());
+ }
+
+ retVal = parser->AttributeValuePredefEntitiesNotEscaped(KAttrXmlns, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatXmlns, ©Buf);
+ }
+
+
+ retVal = parser->AttributeValueL(KAttrAttr2, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttr2, ©Buf);
+ }
+
+ TInt attrCount;
+ parser->AttributeCount(attrCount);
+ retVal = parser->AttributeValueL((attrCount - 1), value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttr2, ©Buf);
+ }
+
+/*
+ // Unsuccessfull attribute name getting tests
+ retVal = parser->AttributeName(-1, value); // negative index value
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrName, ©Buf);
+ }
+ else
+ {
+ console->Printf(KFormatError);
+ }
+
+ retVal = parser->AttributeName(2, value); // index value too big
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrName, ©Buf);
+ }
+ else
+ {
+ console->Printf(KFormatError);
+ }
+
+ // Unsuccessfull attribute getting tests
+ retVal = parser->AttributeValueL(-1, value); // negative index value
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatXmlns, ©Buf);
+ }
+ else
+ {
+ console->Printf(KFormatError);
+ }
+
+ retVal = parser->AttributeValueL(2, value); // index value too big
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatXmlns, ©Buf);
+ }
+ else
+ {
+ console->Printf(KFormatError);
+ }
+*/
+ }
+
+ //Second test
+ if (path.Compare(KTagFile) == 0)
+ {
+ TInt retVal = parser->AttributeValueL(KAttrName, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatXmlns, ©Buf);
+ //console->Printf(KStartPosition, parser->CurrentElementPos());
+ //console->Printf(KPosition, parser->Pos());
+ }
+ }
+ }
+
+ // Get and show a part of document being parsed
+
+ if (state == CXmlPullParser::EStateEndDocument)
+ {
+ TPtrC8 docPart = parser->DocPart(30, 31); // aStartPos and aEndPos just an example
+ copyBuf.Copy(docPart);
+ console->Printf(KFormatPart, ©Buf);
+ }
+
+ // Get and show end tag value
+/* if (state == CXmlPullParser::EStateEndTag)
+ {
+ if (path.Compare(KTagMetadata) == 0)
+ {
+ TInt retVal = parser->Name(value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatEndTag, ©Buf);
+ console->Printf(KPosition, parser->Pos());
+ }
+ }
+ }
+*/
+
+ // Get and show end tag value
+/*
+ if (state == CXmlPullParser::EStateEndDocument)
+ {
+ TInt retVal = parser->Name(value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatEndDocumentEndTag, ©Buf);
+ console->Printf(KLength, parser->Length());
+ }
+ }
+*/
+
+ }while (state != CXmlPullParser::EStateEndDocument);
+
+#if 0
+ // this is for testing new feature: same parser instance can
+ // be used
+ parser->SetInput(KTestXML2);
+
+ // Pull all interesting data from the document...
+ //CXmlPullParser::TParserState state;
+
+ do
+ {
+ User::LeaveIfError(parser->NextL());
+
+ state = parser->State();
+
+ TPtrC8 path;
+ parser->PathL(path);
+
+ TPtrC8 value;
+
+ // needed in console print
+ TBuf<512> copyBuf;
+
+ // Get and show element texts
+ if (state == CXmlPullParser::EStateText)
+ {
+ if (path.Compare(KTagVPNPolicyPkg) == 0)
+ {
+ parser->TextL(value);
+ copyBuf.Copy(value);
+ console->Printf(KFormatName, ©Buf);
+ }
+ if (path.Compare(KTagFile) == 0)
+ {
+ parser->TextL(value);
+ copyBuf.Copy(value);
+ console->Printf(KFormatType, ©Buf);
+ }
+ }
+
+ // Get and shown an attribute value
+ if (state == CXmlPullParser::EStateStartTag)
+ {
+ if (path.Compare(KTagFile) == 0)
+ {
+ TInt retVal = parser->AttributeValueL(KAttrName, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrName, ©Buf);
+ }
+ }
+ }
+
+ // Get and show a part of document being parsed
+ if (state == CXmlPullParser::EStateEndDocument)
+ {
+ TPtrC8 docPart = parser->DocPart(0, 10); // aStartPos and aEndPos just an example
+ copyBuf.Copy(docPart);
+ console->Printf(KFormatPart, ©Buf);
+ }
+ } while (state != CXmlPullParser::EStateEndDocument);
+
+
+ // Test number 3:
+
+ parser->SetInput(KTestXML3);
+ // Pull all interesting data from the document...
+ //CXmlPullParser::TParserState state;
+
+ do
+ {
+ User::LeaveIfError(parser->NextL());
+
+ state = parser->State();
+
+ TPtrC8 path;
+ parser->PathL(path);
+
+ TPtrC8 value;
+
+ // needed in console print
+ TBuf<512> copyBuf;
+
+ // Get and shown an attribute value
+ if (state == CXmlPullParser::EStateStartTag)
+ {
+ if (path.Compare(KTagSessions) == 0)
+ {
+ TInt retVal = parser->AttributeValueL(KAttrEsgId, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrEsgId, ©Buf);
+ }
+ retVal = parser->AttributeValueL(KAttrLang, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrLang, ©Buf);
+ }
+ retVal = parser->AttributeValueL(KAttrModified, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrModified, ©Buf);
+ }
+ retVal = parser->AttributeValueL(KAttrExpiryTime, value);
+ if (retVal == KErrNone)
+ {
+ copyBuf.Copy(value);
+ console->Printf(KFormatAttrExpiryTime, ©Buf);
+ }
+ }
+ }
+
+ // Get and show a part of document being parsed
+ if (state == CXmlPullParser::EStateEndDocument)
+ {
+ TPtrC8 docPart = parser->DocPart(0, 10); // aStartPos and aEndPos just an example
+ copyBuf.Copy(docPart);
+ console->Printf(KFormatPart, ©Buf);
+ }
+ } while (state != CXmlPullParser::EStateEndDocument);
+#endif // if 0
+
+ delete stringValueArray;
+ CleanupStack::PopAndDestroy(); // parser
+ }
+
+//-----------------------------------------------------------------------------
+// XML writing example
+//-----------------------------------------------------------------------------
+
+// Tag/attribute names and values
+_LIT8(KVerNum, "1.0");
+_LIT8(KTagRoot, "root");
+_LIT8(KTagElement1, "element1");
+_LIT8(KTagElement2, "element2");
+_LIT8(KTagElement3, "element3");
+_LIT8(KAttr1, "attr1");
+_LIT8(KAttr2, "attr2");
+_LIT8(KVal1, "val1<<a>b& \'1\' \"2\"");
+_LIT8(KVal2, "val2");
+_LIT8(KText, "text a<b x&z t>n \'g\' \"99\"&&><");
+_LIT8(KGreeting, "<greeting>");
+
+LOCAL_C void XmlWritingExampleL()
+ {
+ /*
+ * Create a document like this (newlines
+ * and indentation will no appear in the
+ * actual output):
+ *
+ * <?xml version="1.0" encoding="ISO-8859-1"?>
+ * <root>
+ * <element1>
+ * text a<b x&z t>n \'g\' \"99\"&&><
+ * </element1>
+ * <element2 attr1='val1<<b& '1' "2"' attr2='val2'/>
+ * <element3 attr1='val1<<b& '1' "2"'>
+ * text a< x&z t>n 'g' "99"&&><<![CDATA[<geeting>]]>
+ * </element3>
+ * </root>
+ */
+
+ // Create the writer
+ CXmlWriter* writer = CXmlWriter::NewLC();
+
+ // Write the prolog
+ writer->AddPrologL(KVerNum);
+ //writer->AddPrologL();
+
+ // Write the root element start tag
+ writer->AddStartTagL(KTagRoot);
+
+ // Write an element with some text content
+ writer->AddStartTagL(KTagElement1);
+ writer->AddXmlTextL(KText);
+ writer->AddEndTagL(KTagElement1);
+
+ // Write an empty element with some attributes
+ writer->OpenStartTagL(KTagElement2);
+ writer->AddAttributeL(KAttr1, KVal1);
+ writer->AddAttributeL(KAttr2, KVal2);
+ writer->CloseStartTagL(ETrue);
+
+ // Write an element with some attributes
+ // and some text content
+ writer->OpenStartTagL(KTagElement3);
+ writer->AddAttributeL(KAttr1, KVal1);
+ writer->CloseStartTagL(EFalse);
+ writer->AddTextL(KText);
+ writer->AddCdataSectL(KGreeting);
+ writer->AddEndTagL(KTagElement3);
+
+ // Write the root element end tag
+ writer->AddEndTagL(KTagRoot);
+
+ // Get the resulting XML document
+ // and do something with it
+ TPtrC8 doc = writer->DocPart(0, (writer->Length() - 1));
+
+
+ /*
+ * Create a new document using same writer object.
+ * The new document looks like this (newlines
+ * and indentation will no appear in the
+ * actual output):
+ *
+ * <?xml version="1.0" encoding="ISO-8859-1"?>
+ * <start>
+ * <ele1 attribute='value'>
+ * some text
+ * </ele1>
+ * <ele2 attr1='val1'/>
+ * </start>
+ */
+
+_LIT8(KTagStart, "start");
+_LIT8(KTagEle1, "ele1");
+_LIT8(KTagAttribute, "attribute");
+_LIT8(KTagValue, "value");
+_LIT8(KSomeText, "some text");
+_LIT8(KTagEle2, "ele2");
+
+ // Reset writer
+ writer->Reset();
+
+ // Write the prolog
+ writer->AddPrologL();
+
+ // Write the root element start tag
+ writer->AddStartTagL(KTagStart);
+
+ // Write an element with attribute and some text content
+ writer->AddStartTagL(KTagEle1);
+ writer->AddAttributeL(KTagAttribute, KTagValue);
+ writer->AddTextL(KSomeText);
+ writer->AddEndTagL(KTagEle1);
+
+ // Write an empty element with some attributes
+ writer->OpenStartTagL(KTagEle2);
+ writer->AddAttributeL(KAttr1, KVal1);
+ writer->CloseStartTagL(ETrue);
+
+ // Write the root element end tag
+ writer->AddEndTagL(KTagStart);
+
+ // Get the resulting XML document
+ // and do something with it
+ doc.Set(writer->DocPart(0, (writer->Length() - 1)));
+
+ CleanupStack::PopAndDestroy(); // writer
+ }
+
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/aif/VPNcleaneraif.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: RSS for creating the aif file for VPNcleaner.
+*
+*/
+
+
+#include <aiftool.rh>
+
+RESOURCE AIF_DATA
+ {
+ app_uid=0x101FAE02;
+ //num_icons=2;
+ num_icons=0;
+ hidden=KAppIsHidden; //the icon is hidden
+ //hidden=KAppNotHidden; //the icon is visible
+ embeddability=KAppNotEmbeddable;
+ newfile=KAppDoesNotSupportNewFile;
+ }
+
+// End of File
Binary file vpnengine/vpncleaner/aif/context_pane_icon.bmp has changed
Binary file vpnengine/vpncleaner/aif/context_pane_icon_mask.bmp has changed
Binary file vpnengine/vpncleaner/aif/list_icon.bmp has changed
Binary file vpnengine/vpncleaner/aif/list_icon_mask.bmp has changed
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/data/VPNcleaner.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,122 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This file contains all the resources for the VPNcleaner.
+*
+*/
+
+
+// RESOURCE IDENTIFIER
+NAME AWIZ // 4 letter ID
+
+// INCLUDES
+
+#include <eikon.rh>
+//#include <avkon.rsg>
+//#include <avkon.rh>
+//#include <avkon.mbg>
+#include "vpncleaner.hrh"
+#include "vpncleaner.loc"
+
+
+// CONSTANTS
+//#define ?constant ?value
+
+
+// MACROS
+//#define ?macro
+
+
+// RESOURCE DEFINITIONS
+
+RESOURCE RSS_SIGNATURE { }
+
+RESOURCE TBUF { buf="VPNcleaner"; }
+
+RESOURCE EIK_APP_INFO
+ {
+ /*
+ hotkeys=r_vpncleaner_hotkeys;
+ menubar=r_vpncleaner_menubar;
+ cba=R_AVKON_SOFTKEYS_OPTIONS_BACK;
+ */
+ }
+
+//----------------------------------------------------
+//
+// r_vpncleaner_hotkeys
+// ?description
+//
+//----------------------------------------------------
+//
+/*
+RESOURCE HOTKEYS r_vpncleaner_hotkeys
+ {
+ control=
+ {
+ HOTKEY { command=EAknCmdExit; key='e'; }
+ };
+ }
+*/
+//----------------------------------------------------
+//
+// r_vpncleaner_menubar
+// ?description
+//
+//----------------------------------------------------
+//
+
+/*
+RESOURCE MENU_BAR r_vpncleaner_menubar
+ {
+ titles=
+ {
+ MENU_TITLE { menu_pane=r_vpncleaner_menu; txt="File"; }
+ };
+ }
+*/
+//----------------------------------------------------
+//
+// r_vpncleaner_menu
+// ?description
+//
+//----------------------------------------------------
+//
+
+/*
+RESOURCE MENU_PANE r_vpncleaner_menu
+ {
+ items=
+ {
+ MENU_ITEM { command=EAknCmdExit; txt="Exit"; }
+ };
+ }
+*/
+//----------------------------------------------------
+//
+// r_vpncleaner_app_menu
+// ?description
+//
+//----------------------------------------------------
+//
+/*
+RESOURCE MENU_PANE r_vpncleaner_app_menu
+ {
+ items=
+ {
+ MENU_ITEM { command=EAknCmdExit; txt="Exit"; }
+ };
+ }
+*/
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,29 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build info for vpncleaner
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpncleaner.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/group/vpncleaner.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpncleaner
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpncleaner.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101FAE02
+
+CAPABILITY ALL -TCB
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE vpncleanerexe.cpp
+SOURCE vpncleaner.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY centralrepository.lib
+LIBRARY cmmanager.lib
+LIBRARY rfs.lib
+LIBRARY efsrv.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/inc/log_vpncleaner.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_R6_H__)
+#define __LOG_R6_H__
+
+_LIT(KLogFile,"vpncleaner.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_R6_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/inc/vpncleaner.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,48 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Cleans vpn settings
+*
+*/
+
+#ifndef __VPNCLEANER_H__
+#define __VPNCLEANER_H__
+
+
+class RCmManagerExt;
+
+
+class TVpnCleaner{
+ public:
+ TVpnCleaner();
+ ~TVpnCleaner();
+
+ /**
+ * Cleans vpn settings
+ */
+ void Clean();
+
+ private:
+ /**
+ * Removes vpn access points
+ */
+ void CleanAPsL();
+
+ /**
+ * Removes vpn access points
+ */
+ void DelAPsL( RCmManagerExt& aCm );
+};
+
+
+#endif // __VPNCLEANER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/rom/vpncleaner.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpncleaner
+*
+*/
+
+
+
+#ifndef __VPNCLEANER_IBY__
+#define __VPNCLEANER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNCLEANER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpncleaner.exe PROGRAMS_DIR\vpncleaner.exe
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNCLEANER_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/src/vpncleaner.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,114 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Cleans Vpn settings
+*
+*/
+
+
+
+#include <e32base.h>
+#include <swi/swispubsubdefs.h>
+
+#include <cmmanagerext.h>
+#include <cmdestinationext.h>
+#include <cmconnectionmethodext.h>
+#include <cmpluginvpndef.h>
+
+#include "log_vpncleaner.h"
+#include "vpncleaner.h"
+
+
+TVpnCleaner::TVpnCleaner()
+{
+}
+
+
+TVpnCleaner::~TVpnCleaner()
+{
+}
+
+
+void TVpnCleaner::Clean()
+{
+ LOG( Log::Printf( _L( "-> TVpnCleaner::Clean()\n" ) ) );
+
+ TInt value;
+
+ TInt ret =
+ RProperty::Get( KUidSystemCategory, Swi::KUidSoftwareInstallKey, value );
+
+ if( KErrNone != ret ){
+ // No need for error handling
+ return;
+ }
+
+ switch( value & Swi::KSwisOperationMask ){
+ case Swi::ESwisInstall:
+ // SW update ongoing, no clean needed
+ return;
+ case Swi::ESwisUninstall:
+ TRAPD( err, CleanAPsL() );
+ LOG( Log::Printf( _L( "TVpnCleaner::Clean(), err: %d\n" ), err) );
+
+ // Prevent compiler warning Re: unused variable
+ if( KErrNone == err ){
+ }
+ break;
+ default:
+ return;
+ }
+}
+
+
+void TVpnCleaner::CleanAPsL()
+{
+ using namespace CMManager;
+ RCmManagerExt cmManager;
+ cmManager.OpenL();
+ CleanupClosePushL( cmManager );
+
+ DelAPsL( cmManager );
+
+ CleanupStack::PopAndDestroy(); // cmManager
+}
+
+
+void TVpnCleaner::DelAPsL( RCmManagerExt& aCm )
+{
+ using namespace CMManager;
+
+ RArray<TUint32> aps;
+
+ TBool supportedBearersOnly = ETrue;
+ TBool legacyCmsOnly = EFalse;
+
+ aCm.ConnectionMethodL( aps, supportedBearersOnly, legacyCmsOnly );
+ CleanupClosePushL( aps );
+
+ for( TInt i = 0; i < aps.Count(); ++i ){
+ RCmConnectionMethodExt ap = aCm.ConnectionMethodL( aps[i] );
+ CleanupClosePushL( ap );
+
+ if( KPluginVPNBearerTypeUid == ap.GetIntAttributeL( ECmBearerType ) ){
+ ap.DeleteL();
+ }
+
+ CleanupStack::PopAndDestroy(); // ap
+ }
+
+ CleanupStack::PopAndDestroy(); // aps
+}
+
+
+/***/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncleaner/src/vpncleanerexe.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,72 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Cleans VPN data from device
+*
+*/
+
+#include <e32base.h>
+#include <f32file.h>
+#include <centralrepository.h> // link against centralrepository.lib
+#include <settingsinternalcrkeys.h>
+
+#include "vpncleaner.h"
+
+
+LOCAL_C void setKeysL();
+
+
+// The starting point
+GLDEF_C TInt E32Main()
+ {
+ __UHEAP_MARK;
+ CTrapCleanup* cleanup = CTrapCleanup::New();
+
+ TVpnCleaner vpnc;
+ vpnc.Clean();
+
+ TRAP_IGNORE( setKeysL() );
+ delete cleanup;
+ __UHEAP_MARKEND;
+ return KErrNone;
+ }
+
+
+LOCAL_C void setKeysL()
+ {
+ // Connecting and initialization:
+ CRepository* repository = CRepository::NewL(
+ KCRUidCommunicationSettings );
+
+ TUint fileAttr;
+ RFs fs;
+ TInt err = fs.Connect();
+
+ if ( KErrNone == err )
+ {
+ _LIT( KRomPath, "z:\\sys\\bin\\kmdserver.exe" );
+
+ if ( KErrNone != fs.Att( KRomPath, fileAttr ) )
+ {
+ repository->Set( KSettingsVPNSupported, 0 );
+ repository->Delete( KSettingsVPNImplementation );
+ }
+ }
+
+ fs.Close();
+
+ delete repository;
+ }
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/clistatic.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2004-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Launches a server
+*
+*/
+
+
+
+#ifndef __CLISTATIC_H__
+#define __CLISTATIC_H__
+
+#include <e32std.h>
+
+const TUint KDefaultMinHeapSize = 0x1000; // 4K
+const TUint KDefaultMaxHeapSize = 0x10000; // 64K
+
+const TInt KDefaultMessageSlots = 2;
+
+class Launcher
+ {
+public:
+ static TInt LaunchServer(const TDesC& aServerName,
+ const TDesC& aServerFileName,
+ const TUid& aServerUid3,
+ const TUint aWinsMinHeapSize = KDefaultMinHeapSize,
+ const TUint aWinsMaxHeapSize = KDefaultMaxHeapSize,
+ const TUint aWinsStackSize = KDefaultStackSize);
+
+ };
+
+#endif // __CLISTATIC_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/logcommon.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,158 @@
+/*
+* Copyright (c) 2004-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Printing log messages
+*
+*/
+
+
+
+#if !defined(__LOGCOMMON_H__)
+#define __LOGCOMMON_H__
+
+#if !defined(_DEBUG)
+
+#define LOG(a)
+#define LOG_(a)
+#define LOG_1(s, v)
+#define LOG8_(a)
+#define LOG8_1(s, v)
+#define STACK_LEFT
+
+#else // _DEBUG
+
+#define LOG(a) a
+#define LOG_(a) Log::Printf( _L(a) )
+#define LOG_1(s, v) Log::Printf( _L(s), v )
+#define LOG8_(a) Log::Printf( _L8(a) )
+#define LOG8_1(s, v) Log::Printf( _L8(s), v )
+#define STACK_LEFT { RThread __r; TThreadStackInfo __i; __r.StackInfo(__i); TInt maxSize = __i.iBase - __i.iLimit; TInt currentSize = __i.iBase - (TInt)&__r; Log::Printf( _L("Max stack size: %d, current size: %d"), maxSize, currentSize); }
+
+#include <flogger.h>
+_LIT(KLogFolder,"vpn");
+
+class Log
+ {
+public:
+ static inline void Write(const TDesC16& aDes);
+ static inline void Write(const TDesC8& aDes);
+ static inline void Printf(TRefByValue<const TDesC> aFmt, ...);
+ static inline void Printf(TRefByValue<const TDesC8> aFmt, ...);
+ static inline void HexDump(const TText* aHeader, const TText* aMargin, const TUint8* aPtr, TInt aLen);
+ };
+
+inline void Log::Write(const TDesC16& aDes)
+ {
+ RFileLogger logger;
+ if (logger.Connect() != KErrNone)
+ return;
+ logger.CreateLog(KLogFolder(), KLogFile(), EFileLoggingModeAppend);
+ TInt maxLen = (KLogBufferSize < 100) ? KLogBufferSize : 100;
+ TInt start(0);
+ while (start < aDes.Length())
+ {
+ TInt length = (start + maxLen >= aDes.Length()) ?
+ (aDes.Length() - start) : maxLen;
+ TInt addLength = length;
+ const TDesC16 &tmp = aDes.Mid(start, length);
+
+ TInt linefeedPos = tmp.Find(_L("\n"));
+ if (linefeedPos != KErrNotFound)
+ {
+ length -= (length - linefeedPos);
+ addLength = length + 1; // To skip linefeed
+ }
+
+ logger.Write(tmp.Left(length));
+ start += addLength;
+ }
+ logger.Close();
+ }
+
+inline void Log::Write(const TDesC8& aDes)
+ {
+ RFileLogger logger;
+ if (logger.Connect() != KErrNone)
+ return;
+ logger.CreateLog(KLogFolder(), KLogFile(), EFileLoggingModeAppend);
+ TInt maxLen = (KLogBufferSize < 100) ? KLogBufferSize : 100;
+ TInt start(0);
+ while (start < aDes.Length())
+ {
+ TInt length = (start + maxLen >= aDes.Length()) ?
+ (aDes.Length() - start) : maxLen;
+ TInt addLength = length;
+ const TDesC8 &tmp = aDes.Mid(start, length);
+
+ TInt linefeedPos = tmp.Find(_L8("\n"));
+ if (linefeedPos != KErrNotFound)
+ {
+ length -= (length - linefeedPos);
+ addLength = length + 1; // To skip linefeed
+ }
+
+ logger.Write(tmp.Left(length));
+ start += addLength;
+ }
+ logger.Close();
+ }
+
+inline void Log::Printf(TRefByValue<const TDesC> aFmt, ...)
+ {
+ VA_LIST list;
+ VA_START(list,aFmt);
+ const TInt KLogTimeFormatLength = 16;
+ const TInt KLogLineLength = 256;
+ TBuf<KLogLineLength> buf;
+ buf.FormatList( aFmt, list );
+
+ RFileLogger logger;
+ TInt ret = logger.Connect();
+ if (ret==KErrNone)
+ {
+ _LIT( KLogTimeFormat, "%02d:%02d,%02d,%06d;");
+ logger.SetDateAndTime( ETrue, EFalse );
+ logger.CreateLog( KLogFolder(), KLogFile(), EFileLoggingModeAppend );
+ TBuf<KLogTimeFormatLength> timeStamp;
+ TTime now;
+ now.HomeTime();
+ TDateTime dateTime;
+ dateTime = now.DateTime();
+ timeStamp.Format( KLogTimeFormat,
+ dateTime.Hour(), dateTime.Minute(), dateTime.Second(), dateTime.MicroSecond() );
+ buf.Insert( 0, timeStamp );
+
+ logger.Write(buf);
+ }
+
+ logger.Close();
+
+ //RFileLogger::WriteFormat(KLogFolder(), KLogFile(), EFileLoggingModeAppend, aFmt, list);
+ }
+
+inline void Log::Printf(TRefByValue<const TDesC8> aFmt, ...)
+ {
+ VA_LIST list;
+ VA_START(list,aFmt);
+ RFileLogger::WriteFormat(KLogFolder(), KLogFile(), EFileLoggingModeAppend, aFmt, list);
+ }
+
+inline void Log::HexDump(const TText* aHeader, const TText* aMargin, const TUint8* aPtr, TInt aLen)
+ {
+ RFileLogger::HexDump(KLogFolder(), KLogFile(), EFileLoggingModeAppend, aHeader, aMargin, aPtr, aLen);
+ }
+
+
+#endif // !defined(_DEBUG)
+
+#endif //__LOGCOMMON_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/logvpncommon.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2004-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Printing log messages
+*
+*/
+
+
+
+#if !defined(__LOGVPNCOMMON_H__)
+#define __LOGVPNCOMMON_H__
+
+_LIT(KLogFile,"vpncommon_log.txt");
+#include "logcommon.h"
+
+#endif //__LOGVPNCOMMON_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/srvstarter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2004-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Creates and starts a server
+*
+*/
+
+
+
+#ifndef __SRVSTARTER_H__
+#define __SRVSTARTER_H__
+
+#include <e32svr.h>
+
+class Starter
+ {
+public:
+ static CServer2* CreateAndStartServerL();
+ static TPtrC ServerName();
+ };
+
+#endif // __SRVSTARTER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/version.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Client version.
+*
+*/
+
+
+
+#ifndef __VERSION_H__
+#define __VERSION_H__
+
+_LIT(KVersion, "4_2_091125");
+_LIT(KBuildDate, "Wed Nov 25 13:21:02 2009");
+
+#endif // __VERSION_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/vpnclientuids.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,271 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VpnClient UIDs
+*
+*/
+
+
+
+#ifndef VPN_CLIENT_UIDS_H
+#define VPN_CLIENT_UIDS_H
+
+/**
+* UID of the generic symbian exe
+*/
+#define KUidGenericExe 0x100039ce
+
+/**
+* UID of the generic symbian dll
+*/
+#define KUidGenericDll 0x1000008d
+
+/**
+* UID of the generic notifier
+*/
+#define KUidGenericNotifier 0x10009D8D
+
+/**
+* UID of the generic GS plugin
+*/
+#define KUidGenericGsPlugin 0x10207236
+
+/// VPN specific UIDs
+
+/**
+* UID of the AcuAgentApi
+*/
+#define KUidAcuAgentApi 0x101f6eb5
+
+/**
+* UID of the AcuAgentServer
+*/
+#define KUidAcuAgentServer 0x101f6eb6
+
+/**
+* UID of the AcuAgentCrypto
+*/
+#define KUidAcuAgentCrypto 0x101F5147
+
+/**
+* UID of the AcuAgentMessage
+*/
+#define KUidAcuAgentMessage 0x101F6EBC
+
+/**
+* UID of the AcuAgentTransport
+*/
+#define KUidAcuAgentTransport 0x101f798A
+
+/**
+* UID of the AcuAgentTransportApi
+*/
+#define KUidAcuAgentTransportApi 0x101f798B
+
+/**
+* UID of the AcuIns
+*/
+#define KUidAcuIns 0x101FD286
+
+/**
+* UID of the AcuPluginLib
+*/
+#define KUidAcuPluginLib 0x101f6ebd
+
+/**
+* UID of the DmadEngine
+*/
+#define KUidDmadEngine 0x20000247
+
+/**
+* UID of the DmadIpsecVpn
+*/
+#define KUidDmadIpsecVpn 0x1020699C
+
+/**
+* UID of the DmadPki
+*/
+#define KUidDmadPki 0x102069A5
+
+/**
+* UID of the EventMediator
+*/
+#define KUidEventMediator 0x101FD288
+
+/**
+* UID of the EventmediatorApi
+*/
+#define KUidEventmediatorApi 0x101FD289
+
+/**
+* UID of the EventViewer
+*/
+#define KUidEventViewer 0x10200EC5
+
+/**
+* UID of the IkePolParser
+*/
+#define KUidIkePolParser 0x101fae09
+
+/**
+* UID of the IkeSocketPluginImplementation
+*/
+#define KUidIkeSocketPluginImplementation 0x20000407
+
+/**
+* UID of the IkeSocketPluginResolver
+*/
+#define KUidIkeSocketPluginResolver 0x20000408
+
+/**
+* UID of the IpsecAcuPlugin
+*/
+#define KUidIpsecAcuPlugin 0x101F6EB8
+
+/**
+* UID of the IkeCert
+*/
+#define KUidIkeCert 0x10206995
+
+/**
+* UID of the Ikev1Lib
+*/
+#define KUidIkev1Lib 0x10206994
+
+/**
+* UID of the Ikev2Lib
+*/
+#define KUidIkev2Lib 0x10206993
+
+/**
+* UID of the KmdApi
+*/
+#define KUidKmdApi 0x101f5140
+
+/**
+* UID of the KmdServer
+*/
+#define KUidKmdServer 0x1000088A
+
+/**
+* UID of the PkiService
+*/
+#define KUidPkiService 0x101FAE07
+
+/**
+* UID of the PkiServiceApi
+*/
+#define KUidPkiServiceApi 0x101FAE06
+
+/**
+* UID of the EventmedSit
+*/
+#define KUidEventmedSit 0x101FD28D
+
+/**
+* UID of the UtlBase64
+*/
+#define KUidUtlBase64 0x101F6EBA
+
+/**
+* UID of the UtlCrypto
+*/
+#define KUidUtlCrypto 0x101FAE04
+
+/**
+* UID of the UtlPkcs10
+*/
+#define KUidUtlPkcs10 0x101F6EB9
+
+/**
+* UID of the UtlXml
+*/
+#define KUidUtlXml 0x101F6EBB
+
+/**
+* UID of the VpnApi
+*/
+#define KUidVpnApi 0x101FD285
+
+/**
+* UID of the VpnAwApi
+*/
+#define KUidVpnAwApi 0x101fd28c
+
+/**
+* UID of the VpnCleaner
+*/
+#define KUidVpnCleaner 0x101FAE02
+
+/**
+* UID of the VpnCleanerLib
+*/
+#define KUidVpnCleanerLib 0x101FAE03
+
+/**
+* UID of the VpnConnAgt
+*/
+#define KUidVpnConnAgt 0x101fae05
+
+/**
+* UID of the VpnExtApi
+*/
+#define KUidVpnExtApi 0x101FD285
+
+/**
+* UID of the VpnManager
+*/
+#define KUidVpnManager 0x101F7993
+
+/**
+* UID of the VpnIns
+*/
+#define KUidVpnIns 0x101FD28E
+
+/**
+* UID of the VpnIpsecPolParser
+*/
+#define KUidVpnIpsecPolParser 0x10000999
+
+/**
+* UID of the AcuNotifier
+*/
+#define KUidAcuNotifier 0x101F6EB7
+
+/**
+* UID of the KmdNotifier
+*/
+#define KUidKmdNotifier 0x101F513f
+
+/**
+* UID of the PkiNotifier
+* Not used anymore
+*/
+//#define KUidPkiNotifier 0x101FAE08
+
+/**
+* UID of the VpnManagementUi
+*/
+#define KUidVpnManagementUi 0x101F6D31
+
+/**
+* UID of the KUidVpnManagementImplementation
+*/
+#define KUidVpnManagementImplementation 0x101F6D32
+
+/**
+* UID of the VpnPolIns
+*/
+#define KUidVpnPolIns 0x1000597E
+
+#endif // VPN_CLIENT_UIDS_H
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/inc/vpnnotifierdefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,236 @@
+/*
+* Copyright (c) 2003 - 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN notifier definitions
+*
+*/
+
+#ifndef VPNNOTIFIERDEFS_H
+#define VPNNOTIFIERDEFS_H
+
+#include <e32base.h>
+
+class MVpnNotifierCallback;
+class MVpnDialog;
+
+_LIT(KVpnDialogManagerDll, "vpndialogmanager.dll");
+
+/**
+ @file
+ @released
+ @publishedPartner
+
+ VPN Notifier definitions
+*/
+
+class MVpnDialog
+ {
+public:
+ virtual void CancelL() = 0;
+ };
+
+class TNoteDialog
+ {
+public:
+ enum TDialogId
+ {
+ EInfo = -10,
+ EWarning,
+ EError
+ };
+ };
+
+class TVpnDialogInfo
+ {
+public:
+ TVpnDialogInfo()
+ {
+ iDialogId = 0;
+ iNoteDialogId = 0;
+ iNoteExtraInput.SetLength(0);
+ }
+
+ TVpnDialogInfo(TInt aDialogId, TInt aNoteDialogId)
+ {
+ iDialogId = aDialogId;
+ iNoteDialogId = aNoteDialogId;
+ iNoteExtraInput.SetLength(0);
+ }
+
+ TVpnDialogInfo(TInt aDialogId, TInt aNoteDialogId, TDesC8& aInput)
+ {
+ iDialogId = aDialogId;
+ iNoteDialogId = aNoteDialogId;
+ iNoteExtraInput.SetLength(aInput.Length());
+ iNoteExtraInput.Copy(aInput.Left(256));
+ }
+
+ void SetExtraInput(TDesC8& aInput)
+ {
+ iNoteExtraInput.Copy(aInput.Left(256));
+ }
+ TInt DialogId() {return iDialogId;}
+ TInt NoteDialogId() {return iNoteDialogId;}
+ TDesC8& NoteExtraInput()
+ {
+ return iNoteExtraInput;
+ }
+
+private:
+ TInt iDialogId;
+ TInt iNoteDialogId;
+ TBuf8<256> iNoteExtraInput;
+ };
+
+class TVpnDialogOutput
+ {
+public:
+ TVpnDialogOutput()
+ {
+ Clear();
+ }
+ void Clear()
+ {
+ iOutBuf.SetLength(0);
+ iOutBuf2.SetLength(0);
+ iOutInt = 0;
+ iOutInt2 = 0;
+ }
+
+public:
+ TBuf<256> iOutBuf;
+ TBuf<64> iOutBuf2;
+ TInt iOutInt;
+ TInt iOutInt2;
+ };
+
+// typedefs for backward compatibility
+// typedef new_type old_type
+typedef TVpnDialogInfo TIPSecDialogInfo;
+typedef TVpnDialogOutput TIPSecDialogOutput;
+
+
+//
+// KMD notifier definitions
+//
+
+class TKmdDialog
+ {
+public:
+ enum TDialogId
+ {
+ EUserPwd = 2000, // MUST be greater than the last value in enum TNoteDialog::TDialogId
+ ESecurIdPin,
+ ESecurIdNextPin
+ };
+ };
+
+const TUid KUidVpnDialogNotifier = {0x101F6EB7};
+
+_LIT(KVpnNotifierResource,"\\resource\\VPNECOMNOTIFIER.RSC");
+
+const TUint KDialogParamSep = '#';
+
+
+class TVpnDialog
+ {
+public:
+ enum TDialogId
+ {
+ EServerIdentity = 100, // MUST be greater than the last value in enum TNoteDialog::TDialogId
+ ELegacyAuthentication, // 101
+ ELegacyAuthenticationIn, // 102
+ EContentUpdateDetails, // 103
+ EContentUpdateDetailsNote, // 104
+ // VPN releated dialogs
+ EUserIdentity = 1000, // 1000
+ EPolicyUpdateConfirmation, // 1001
+ EPolicyInstallConfirmation, // 1002
+ EPKCS12Password, // 1003
+ EPKCS12WrongPassword, // 1004
+ EDeviceLockConfirmation, // 1005
+ EGenericProgress, // 1006
+ EPolicyInstallInProgress // 1007
+ };
+ };
+
+class TVpnNoteDialog
+ {
+public:
+ enum TTextId
+ {
+ EWrongServerIdentityCode = 1,
+ ENextServerIdentity,
+ EAuthenticationFailed,
+ EInvalidServerCert,
+ EInvalidClientCert,
+ // VPN related notes
+ EPolicyUpdateSucceeded = 1000,
+ EPolicyUpdateFailed,
+ EPolicyDeleteSucceeded,
+ EVpnUserNameMissing,
+ EVpnFqdnMissing,
+ EPolicyInstallationFailed,
+ EVpnWrongPKCS12Password,
+ EVpnCannotForceDeviceLock,
+ EVpnPolicyInstalled,
+ // Kmd related notes
+ EKmdAuthenticationFailed = 2000
+ };
+ };
+
+// typedefs for backward compatibility
+// typedef existing_type old_type
+typedef TKmdDialog TKMDDialog;
+
+class VpnNotifierUtil
+ {
+public:
+ inline static HBufC8* To8BitL(TDesC16& aText);
+ inline static HBufC16* To16BitL(TDesC8& aText);
+ };
+
+HBufC8* VpnNotifierUtil::To8BitL(TDesC16& aText)
+ {
+ HBufC8* text = HBufC8::NewL(aText.Length());
+ text->Des().Copy(aText);
+ return text;
+ }
+
+HBufC16* VpnNotifierUtil::To16BitL(TDesC8& aText)
+ {
+ HBufC16* text = HBufC16::NewL(aText.Length());
+ text->Des().Copy(aText);
+ return text;
+ }
+
+
+class MVpnNotifierCallback
+ {
+public:
+ virtual void DialogCompleteL(TInt aReturnCode, TVpnDialogOutput& aOutput) = 0;
+ virtual void DialogComplete(TInt aReturnCode) = 0;
+ };
+
+class MVpnDialogManager
+ {
+public:
+ virtual MVpnDialog* LaunchDialogL(MVpnNotifierCallback* aNotifier, TInt aDialogId,
+ TInt aNoteDialogId, const TDesC8& aInput) = 0;
+ virtual TInt GetNoteTextId(TInt aNoteDialogId) = 0;
+ virtual MVpnDialog* ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aNoteDialogId) = 0;
+ virtual ~MVpnDialogManager() {};
+ };
+
+
+#endif // VPNNOTIFIERDEFS_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/src/clistatic.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,61 @@
+/*
+* Copyright (c) 2004-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Launches a server
+*
+*/
+
+
+
+#include "clistatic.h"
+
+
+TInt Launcher::LaunchServer(const TDesC& aServerName,
+ const TDesC& aServerFileName,
+ const TUid& aServerUid3,
+ const TUint aWinsMinHeapSize,
+ const TUint aWinsMaxHeapSize,
+ const TUint aWinsStackSize)
+ {
+ const TUidType serverUid(KNullUid,KNullUid,aServerUid3);
+
+ //
+ // EPOC and EKA2 is easy, we just create a new server process. Simultaneous
+ // launching of two such processes should be detected when the second one
+ // attempts to create the server object, failing with KErrAlreadyExists.
+ //
+ RProcess server;
+ TInt r=server.Create(aServerFileName,KNullDesC,serverUid);
+ (void)aServerName;
+ (void)aWinsMinHeapSize;
+ (void)aWinsMaxHeapSize;
+ (void)aWinsStackSize;
+
+
+ if (r!=KErrNone)
+ return r;
+ TRequestStatus stat;
+ server.Rendezvous(stat);
+ if (stat!=KRequestPending)
+ server.Kill(0); // abort startup
+ else
+ server.Resume(); // logon OK - start the server
+ User::WaitForRequest(stat); // wait for start or death
+ // we can't use the 'exit reason' if the server panicked as this
+ // is the panic 'reason' and may be '0' which cannot be distinguished
+ // from KErrNone
+ r=(server.ExitType()==EExitPanic) ? KErrGeneral : stat.Int();
+ server.Close();
+ return r;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpncommon/src/srvstatic.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,69 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Creates and starts a server
+*
+*/
+
+
+
+#include <e32svr.h>
+
+#include "srvstarter.h"
+
+static void RunServerL()
+//
+// Perform all server initialisation, in particular creation of the
+// scheduler and server and then run the scheduler
+//
+ {
+ // create and install the active scheduler we need
+ CActiveScheduler* s=new(ELeave) CActiveScheduler;
+ CleanupStack::PushL(s);
+ CActiveScheduler::Install(s);
+
+ // create the server
+ CServer2* server = Starter::CreateAndStartServerL();
+ CleanupStack::PushL(server);
+
+ // naming the server thread after server startup helps to debug panics
+ User::LeaveIfError(RThread::RenameMe(Starter::ServerName()));
+
+ // Initialisation complete, now signal the client
+ RProcess::Rendezvous(KErrNone);
+
+ // Ready to run
+ CActiveScheduler::Start();
+
+ // Cleanup the server and scheduler
+ CleanupStack::PopAndDestroy(2); // server, s
+ }
+
+TInt E32Main()
+//
+// Server process entry-point
+//
+ {
+ __UHEAP_MARK;
+
+ CTrapCleanup* cleanup=CTrapCleanup::New();
+ TInt r=KErrNoMemory;
+ if (cleanup)
+ {
+ TRAP(r,RunServerL());
+ delete cleanup;
+ }
+
+ __UHEAP_MARKEND;
+ return r;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,39 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+DEFAULT
+
+PRJ_EXPORTS
+
+PRJ_TESTEXPORTS
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ vpnconnagt.mmp
+ vpnconnagt_test.mmp
+#else
+ vpnconnagt.mmp
+#endif
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/group/vpnconnagt.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnconnagt
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpnconnagt.agt
+TARGETTYPE DLL
+UID 0x10003d39 0x101fae05
+
+CAPABILITY CommDD PowerMgmt ReadDeviceData WriteDeviceData TrustedUI ProtServ NetworkControl NetworkServices LocalServices ReadUserData WriteUserData
+VENDORID VID_DEFAULT
+
+NOEXPORTLIBRARY /* Ensures that DEF file can be safely shared
+ for RVCT builds */
+
+
+SOURCEPATH ../src
+SOURCE vpnconnagt.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY nifman.lib
+LIBRARY insock.lib
+LIBRARY eventmedapi.lib
+LIBRARY cmmanager.lib
+
+DEBUGLIBRARY flogger.lib
+
+#if defined(WINS)
+deffile /epoc32/release/wins/agent.def
+#elif defined(GCC32)
+deffile /epoc32/release/marm/agent.def
+#else
+deffile /epoc32/include/def/eabi/agent.def
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/group/vpnconnagt_test.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnconnagt
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpnconnagt_stubbed.agt
+TARGETTYPE DLL
+UID 0x10003d39 0x101fae05
+
+CAPABILITY CommDD PowerMgmt ReadDeviceData WriteDeviceData TrustedUI ProtServ NetworkControl NetworkServices LocalServices ReadUserData WriteUserData
+VENDORID VID_DEFAULT
+
+NOEXPORTLIBRARY /* Ensures that DEF file can be safely shared
+ for RVCT builds */
+
+
+SOURCEPATH ../src
+SOURCE vpnconnagt.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../vpnmanager/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+
+MW_LAYER_SYSTEMINCLUDE
+LIBRARY vpnconnagt_proxy.lib
+LIBRARY euser.lib
+LIBRARY nifman.lib
+LIBRARY insock.lib
+LIBRARY eventmedapi.lib
+LIBRARY cmmanager.lib
+
+DEBUGLIBRARY flogger.lib
+
+#if defined(WINS)
+deffile /epoc32/release/wins/agent.def
+#elif defined(GCC32)
+deffile /epoc32/release/marm/agent.def
+#else
+deffile /epoc32/include/def/EABI/agent.def
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/inc/log_r6.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_R6_H__)
+#define __LOG_R6_H__
+
+_LIT(KLogFile,"vpnconnagt.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_R6_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/inc/vpnconnagt.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,760 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Connection Agent declaration.
+
+*
+*/
+
+
+
+
+
+/**
+
+ * @file vpnconnagt.h
+
+ *
+
+ * VPN Connection Agent declaration.
+
+ *
+
+ */
+
+
+
+
+
+#if !defined __VPN_CONN_AGT_H__
+
+#define __VPN_CONN_AGT_H__
+
+
+
+// INCLUDES
+
+#include <comms-infras/cagentbase.h>
+
+
+
+#include "eventmediatorapi.h"
+
+
+
+#include "vpnconnagtprog.h"
+
+#include "vpnconnagtdefs.h"
+
+#include "eventdefssit.h"
+
+#include "log_r6.h"
+
+
+
+// CONSTANTS
+
+const TInt KMajorVerNumber=1;
+
+const TInt KMinorVerNumber=0;
+
+const TInt KBuildVerNumber=0;
+
+
+
+_LIT(KVPNConnAgtName,"vpnconnagt");
+
+
+
+class CAsyncDisconnecter;
+
+
+
+/**
+
+ * A Factory for creating a VPNConnAgent.
+
+ */
+
+class CVPNConnAgtFactory : public CNifAgentFactory
+
+ {
+
+ /**
+
+ @internalComponent
+
+ */
+
+ protected: // Methods
+
+
+
+ /**
+
+ * "Installs" this factory to the system. From this Agent point of view
+
+ * it doesn't do anything...
+
+ */
+
+ void InstallL();
+
+
+
+ /**
+
+ * Creates a new VPN Agent instance.
+
+ * @param aName Not used.
+
+ * @return Returns the pointer to the agent created if succeed. Otherwise it
+
+ * leaves.
+
+ */
+
+ CNifAgentBase *NewAgentL(const TDesC& aName);
+
+
+
+ /**
+
+ * Returns the information defined in TNifAgentInfo.
+
+ * @param aInfo The reference to the TNifAgentInfo object to be used to pass
+
+ * the needed information.
+
+ * @param aIndex Not used.
+
+ */
+
+ TInt Info(TNifAgentInfo& aInfo, TInt aIndex) const;
+
+ };
+
+
+
+
+
+/**
+
+ * Class declaration for VPN connection agent. Each agent reference
+
+ * has it's own instance of agent and nif. Nif sends it's name via
+
+ * agent reference to agent. This triggers agent to initialize the VPN connection
+
+ * through the VPN Manager Server. After VPN tunnel has been created
+
+ * agent sends the IP address and the DNS addresses to the nif which
+
+ * in turn informs the Nifman and IP stack that the connection has
+
+ * been created.
+
+ */
+
+class CVPNConnAgt : public CAgentBase, public MEventObserver
+
+ {
+
+ /**
+
+ @internalComponent
+
+ */
+
+ friend class CAsyncDisconnecter;
+
+ public: // Methods
+
+
+
+ /**
+
+ * Static constructor.
+
+ * @return The return value is the pointer to the CVPNConnAgt
+
+ * if it succeed. Otherwise the fuction leaves.
+
+ */
+
+ static CVPNConnAgt* NewL();
+
+
+
+ /**
+
+ * Default C++ destructor.
+
+ * Cancels all the Callbacks.
+
+ */
+
+ virtual ~CVPNConnAgt();
+
+
+
+ // from CNifAgentBase
+
+ /**
+
+ * Returns the information defined in TNifAgentInfo.
+
+ * @param aInfo A reference to TNifAgentInfo object which is
+
+ * used to pass the information to caller of this function.
+
+ */
+
+ void Info(TNifAgentInfo& aInfo) const;
+
+
+
+ /**
+
+ * Starts the connection creation process.
+
+ * @param aType Not used.
+
+ */
+
+ void Connect(TAgentConnectType aType);
+
+
+
+ /**
+
+ * Starts the connection by calling Connect(TAgentConnectType aType).
+
+ * @param aType Type of the connection e.g. EAgentReconnect.
+
+ * @param aOverrideSettings Not used.
+
+ */
+
+ void Connect(TAgentConnectType aType, CStoreableOverrideSettings* aOverrideSettings);
+
+
+
+ /**
+
+ * Starts the cancellation of the connect.
+
+ */
+
+ void CancelConnect();
+
+
+
+ /**
+
+ * Disconnects an ongoing connection.
+
+ * @param aReason Not used.
+
+ */
+
+ void Disconnect(TInt aReason);
+
+
+
+ /**
+
+ * Called after Connect() in connection creation phase. Connection configuration
+
+ * parameters are read and request for the VPNManServer to open the connection
+
+ * is done. During the execution of this function VPN Nif is created.
+
+ * @param aError Not used.
+
+ */
+
+ void ServiceStarted(TInt& aError);
+
+
+
+ /**
+
+ * The addresses got from the VPN Manager Server are send to VPN Nif.
+
+ * Nifman is informed with the progress call (with parameter EVPNConnAgtConnected).
+
+ * MNifAgentNotify interface's ConnectComplete() is called (this generates the Start()
+
+ * call to VPN Nif.
+
+ * @param aError Not used.
+
+ */
+
+ void ConnectionComplete(TInt aError);
+
+
+
+ /**
+
+ * Causes the deactivationing/unloading of the VPN Policies.
+
+ */
+
+ void DisconnectionComplete();
+
+
+
+ /**
+
+ * Not Supported.
+
+ * @param aBuffer Not used.
+
+ * @return Always returns KErrNotSupported.
+
+ */
+
+ TInt GetExcessData(TDes8& aBuffer);
+
+
+
+ /**
+
+ * Used to deliver the name of the VPN Nif to the VPN Agent.
+
+ * @param aEvent If the value of this is ENifToVPNAgentEventTypeIfName the name of the
+
+ * VPN Nif is copied from the aInfo parameter.
+
+ * @param aInfo TName type pointer containing the name of the VPN NIf (if aEvent value is
+
+ * ENifToVPNAgentEventTypeIfName).
+
+ * @return Returns KErrNone if the fuction is used to deliver the name of the VPN Nif,
+
+ * otherwise it returns KErrNotSupported.
+
+ */
+
+ TInt Notification(TNifToAgentEventType aEvent, TAny* aInfo);
+
+
+
+ /**
+
+ * Passes the last error code to the caller.
+
+ * @param aError Reference to the TInt type error code.
+
+ */
+
+ void GetLastError(TInt& aError);
+
+
+
+ /**
+
+ *
+
+ */
+
+ TBool IsReconnect() const {return (ETrue);};
+
+
+
+ /**
+
+ * Not supported.
+
+ */
+
+ TInt IncomingConnectionReceived();
+
+
+
+ /**
+
+ * Is called when an event comes from real interface via event mediator.
+
+ * @param aStatus Error code if the call fails. KErrNone if everything succees.
+
+ * @param aType Type pf the event e.g. ESingleInterfaceEvent.
+
+ * @param aData Pointer to the TInterfaceNotificationBuf type packaged buffer. Contains
+
+ * the status of the real interface.
+
+ */
+
+ void EventOccured(TInt aStatus, TEventType aType, TDesC8* aData);
+
+
+
+ protected: // Methods
+
+
+
+ /**
+
+ * Overwrites the default implementation to catch the ip version reading from the
+
+ * database. This value is retrieved from the VPN Manager Server.
+
+ * @param aField Colum name in the CommDb. Ip version colum name is SERVICE_IF_NETWORKS.
+
+ * @param aValue Value to be returned. In SERVICE_IF_NETWORKS case it's ip or ip6.
+
+ * @param aMessage Message to validate capabilities
+
+ * @return Returns KErrNone if the function succeed. Otherwise it returns system wide
+
+ * error code.
+
+ */
+
+ TInt DoReadDes(const TDesC& aField, TDes16& aValue, const RMessagePtr2* aMessage );
+
+
+
+
+
+ /**
+
+ * Returns the pointer to the parameter object defined in vpnconnagtdefs.h.
+
+ * @return The pointer to the connection parameter object.
+
+ */
+
+ TVPNParameters* VPNParameters() { return &iVPNParameters; };
+
+
+
+ /**
+
+ * Returns the pointer to the name of the VPN Nif sent by the nif itself.
+
+ * @return The pointer to the TName type object containing the name of the
+
+ * VPN Nif.
+
+ */
+
+ TName* VPNNifName(void){ return iVPNParameters.GetVPNNifName();};
+
+
+
+ /**
+
+ * Returns the pointer to the interface from the Agent to Nifman. This interface
+
+ * is used to e.g. send progress notifications from Agent to Nifman.
+
+ * @return The pointer to the interface from the Agent to Nifman.
+
+ */
+
+ MNifAgentNotify* Notify() { return iNotify; };
+
+
+
+ /**
+
+ * After deactivationing/unloading of the VPN Policies Nifman is informed with the
+
+ * progress call (with EVPNConnAgtDisconnected).
+
+ * MNifAgentNotify interface's DisconnectComplete() is called (this generates the deletion
+
+ * of the VPN Nif and at the end deletion of the agent.
+
+ *
+
+ */
+
+ void VPNDisconnCompleted(TInt aError);
+
+
+
+ private: // Methods
+
+
+
+ /**
+
+ * Second phase constructor.
+
+ */
+
+ void ConstructL();
+
+
+
+ /**
+
+ * Default constructor.
+
+ */
+
+ CVPNConnAgt();
+
+
+
+ /**
+
+ * CallBack to start the service (means the connection creation).
+
+ * @param aThisPtr Pointer to the CVPNConnAgt type object.
+
+ * @return Always returns KErrNone.
+
+ */
+
+ static TInt ServiceStartedCb(TAny* aThisPtr);
+
+
+
+ /**
+
+ * CallBack to complete the connection.
+
+ * @param aThisPtr Pointer to the CVPNConnAgt type object.
+
+ * @return Always returns KErrNone.
+
+ */
+
+ static TInt ConnectCompleteCb(TAny* aThisPtr);
+
+
+
+ /**
+
+ * CallBack to disconnect.
+
+ * @param aThisPtr Pointer to the CVPNConnAgt type object.
+
+ * @return Always returns KErrNone.
+
+ */
+
+ static TInt DisconnectCompleteCb(TAny* aThisPtr);
+
+
+
+ /**
+
+ * Reads needed configuration settings from the CommDb database.
+
+ */
+
+ void ReadConfigurationL();
+
+
+
+ /**
+
+ * Starts the listening of real interface events.
+
+ */
+
+ void ListenRealIAP();
+
+
+
+ /**
+
+ * Starts the listening of virtual nif address change event.
+
+ */
+
+ void ListenAddressChange();
+
+
+
+ /**
+
+ * Cancels the listening of the real interface events and the
+
+ * listening of virtual nif address change event.
+
+ */
+
+ void CancelListeners();
+
+
+
+
+
+ private:
+
+
+
+ /**
+
+ * Defines the internal states.
+
+ */
+
+ enum TRequestState
+
+ {
+
+ EGettingProtocolVersion,
+
+ EConnecting,
+
+ EConnected,
+
+ EClosingConnection,
+
+ EConnectionClosed,
+
+ EStartingRealIf,
+
+ EListeningEvents,
+
+ EIdle
+
+ };
+
+
+
+
+
+ /** CallBack object to implement ServiceStarted asynchronously. */
+
+ CAsyncCallBack iServiceStartedCallback;
+
+
+
+ /** CallBack object to implement ConnectCompleted asynchronously. */
+
+ CAsyncCallBack iConnectCompleteCallback;
+
+
+
+ /** CallBack object to implement Disconnect asynchronously. */
+
+ CAsyncCallBack iDisconnectCallback;
+
+
+
+ /** Defines wether Agent is connected (Connection completed successfully). */
+
+ TBool iConnected;
+
+
+
+ /** Connection configuration parameter member object. See vpnconnagtdefs.h. */
+
+ TVPNParameters iVPNParameters;
+
+
+
+ /** An integer to keep last error code in memory. */
+
+ TInt iLastErrorCode;
+
+
+
+ /** An API to EventMediator */
+
+ REventMediator iEventMediator;
+
+
+
+ /** Tells if vpnconnagt must close tunnelnif */
+
+ TBool iEventActivatedClose;
+
+
+
+ /** This defines the shutdown type to the kmd. Value 0 is normal and 1 is to
+
+ force it to shutdown without trying to send any packets anymore */
+
+ TDeactivateType iDisconnectType;
+
+
+
+ /* State of the agent object */
+
+ TRequestState iState;
+
+
+
+ /** Boolean to define wether disconnecting operation is ongoing */
+
+ TBool iDisconnecting;
+
+
+
+ /** PckgBufs used when creating connection through eventmediator api */
+
+ TPckgBuf<TGetProtocolVersionEventSpec> iProtocolVersionDes;
+
+ TPckgBuf<TStartVpnConnEventSpec> iStartVpnConnDes;
+
+ TPckgBuf<TCloseVpnConnEventSpec> iCloseVpnConnDes;
+
+ TPckgBuf<TObserveRealIapConnEventSpec> iObserveRealIapConnDes;
+
+
+
+ /** Poiter to an object which confirms disconnect operation to Nifman */
+
+ CAsyncDisconnecter* iAD;
+
+ };
+
+
+
+class CAsyncDisconnecter : public CAsyncOneShot
+
+ {
+
+ /**
+
+ @internalComponent
+
+ */
+
+ public:
+
+ static CAsyncDisconnecter* NewL(CVPNConnAgt* aAgent);
+
+ void ConfirmDisconnect();
+
+
+
+ private:
+
+ CAsyncDisconnecter(CVPNConnAgt* aAgent);
+
+ void RunL(); // From CAsyncOneShot
+
+
+
+ private:
+
+ CVPNConnAgt* iAgent;
+
+ };
+
+
+
+#endif // VPN_CONN_AGT_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/inc/vpnconnagtdefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,229 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Connection Agent definitions..
+*
+*/
+
+
+
+#ifndef _VPNCONNAGTDEFS_H_
+#define _VPNCONNAGTDEFS_H_
+
+// INCLUDES
+#include "vpnmandefs.h"
+#include "vpnapidefs.h"
+#include "eventdefssit.h"
+
+#define NORMAL_DISCONNECT_MODE 0
+#define SILENT_DISCONNECT_MODE 1
+
+/**
+ * Connection configuration parameter class declaration and implementation.
+ */
+class TVPNParameters
+ {
+ public:
+
+ /**
+ * Returns the id of the VPN IAP.
+ * @return Returns the id of the VPN IAP.
+ */
+ inline TUint32 GetVPNIapId()
+ {return iVPNIapId;};
+
+ /**
+ * Sets the id of the VPN IAP.
+ * @param aVPNIapId Saves the id of the VPN IAP.
+ */
+ inline void SetVPNIapId(TUint32 aVPNIapId)
+ {iVPNIapId=aVPNIapId;};
+
+ /**
+ * Returns the id of the VPN Network.
+ * @return Returns the id of the VPN Network.
+ */
+ inline TUint32 GetVPNNetworkId()
+ {return iVPNNetworkId;};
+
+ /**
+ * Sets the id of the VPN Network.
+ * @param aVPNNetworkId Saves the id of the VPN Network.
+ */
+ inline void SetVPNNetworkId(TUint32 aVPNNetworkId)
+ {iVPNNetworkId=aVPNNetworkId;};
+
+ /**
+ * Returns the id of the real IAP.
+ * @return Returns the id of the real IAP.
+ */
+ inline TUint32 GetRealIapId()
+ {return iRealIapId;};
+
+ /**
+ * Sets the id of the real IAP.
+ * @param aRealIapId Saves the id of the real IAP.
+ */
+ inline void SetRealIapId(TUint32 aRealIapId)
+ {iRealIapId=aRealIapId;};
+
+ /**
+ * Returns the id of the real Network.
+ * @return Returns the id of the real Network.
+ */
+ inline TUint32 GetRealNetworkId()
+ {return iRealNetworkId;};
+
+ /**
+ * Sets the id of the real Network.
+ * @param aRealNetworkId Saves the id of the real Network.
+ */
+ inline void SetRealNetworkId(TUint32 aRealNetworkId)
+ {iRealNetworkId=aRealNetworkId;};
+
+ /**
+ * Returns the pointer to the name of the VPN Nif.
+ * @return A name of the VPN Nif.
+ */
+ inline TName* GetVPNNifName()
+ {return &iVPNNifName;};
+
+ /**
+ * Saves the name of the VPN Nif.
+ * @param aVPNNifName Reference to a name of the VPN Nif.
+ */
+ inline void SetVPNNifName(TName& aVPNNifName)
+ {iVPNNifName=aVPNNifName;};
+
+ /**
+ * Saves the TVPNAddress object.
+ * @param aVPNAddresses The address object to be saved.
+ */
+ inline void SetAddresses(TVPNAddress& aVPNAddresses)
+ {iVPNAddresses=aVPNAddresses;};
+
+ /**
+ * Returns the reference to the TVPNAddress object.
+ * @return Returns the reference to the TVPNAddress object.
+ */
+ inline TVPNAddress& GetAddresses()
+ {return iVPNAddresses;};
+
+ /**
+ * Returns the IP address given to the VPN Nif.
+ * @return Returns the reference to the TInetAddr type address object.
+ */
+ inline TInetAddr& GetVPNNifAddress()
+ {return iVPNAddresses.iVPNIfAddr;};
+
+ /**
+ * Saves the IP address to be given to the VPN Nif.
+ * @param aVPNNifAddress A reference to the TInetAddr type address object.
+ */
+ inline void SetVPNNifAddress(TInetAddr& aVPNNifAddress)
+ {iVPNAddresses.iVPNIfAddr=aVPNNifAddress;};
+
+ /**
+ * Returns the first Domain Name Server address.
+ * @return Returns the reference to the TInetAddr type object.
+ */
+ inline TInetAddr& GetVPNNifDNS1()
+ {return iVPNAddresses.iVPNIfDNS1;};
+
+ /**
+ * Saves the address of the first Domain Name Server adress.
+ * @param aVPNNifDNS1 A reference to a TInetAddr type object to
+ * be saved.
+ */
+ inline void SetVPNNifDNS1(TInetAddr& aVPNNifDNS1)
+ {iVPNAddresses.iVPNIfDNS1=aVPNNifDNS1;};
+
+ /**
+ * Returns the second Domain Name Server address.
+ * @return Returns the reference to the TInetAddr type object.
+ */
+ inline TInetAddr& GetVPNNifDNS2()
+ {return iVPNAddresses.iVPNIfDNS2;};
+ /**
+ * Saves the address of the second Domain Name Server adress.
+ * @param aVPNNifDNS2 A reference to a TInetAddr type object to
+ * be saved.
+ */
+ inline void SetVPNNifDNS2(TInetAddr& aVPNNifDNS2)
+ {iVPNAddresses.iVPNIfDNS2=aVPNNifDNS2;};
+
+ /**
+ * Returns the pointer to the name of the VPN policy.
+ * @return Returns the pointer to the TName object containinge VPN policy name.
+ */
+ inline TVpnPolicyId* GetVPNPolicy()
+ {return &iVPNPolicyId;};
+ /**
+ * Saves the name of the VPN policy.
+ * @param aVPNPolicyId A reference to a descriptor containing the name of the policy.
+ */
+ inline void SetVPNPolicy(TVpnPolicyId& aVPNPolicyId)
+ {iVPNPolicyId=aVPNPolicyId;};
+
+ inline void SetProtocolVersion(TProtocolVersion& aProtocolVersion)
+ {iProtocolVersion = aProtocolVersion;};
+ inline TProtocolVersion& GetProtocolVersion()
+ {return iProtocolVersion;};
+
+ inline void SetIkePolicyHandle(TPolicyHandle& aIkePolicyHandle)
+ {iIkePolicyHandle.iHandle = aIkePolicyHandle.iHandle;};
+ inline TPolicyHandle& GetIkePolicyHandle()
+ {return iIkePolicyHandle;};
+
+ inline void SetIpSecPolicyHandle(TPolicyHandle& aIpsecPolicyHandle)
+ {iIpsecPolicyHandle.iHandle = aIpsecPolicyHandle.iHandle;};
+ inline TPolicyHandle& GetIpsecPolicyHandle()
+ {return iIpsecPolicyHandle;};
+
+ private:
+
+ /** CommDb Id of the VPN IAP. */
+ TUint32 iVPNIapId;
+
+ /** CommDb Id of the VPN Network. */
+ TUint32 iVPNNetworkId;
+
+ /** CommDb Id of the real IAP. */
+ TUint32 iRealIapId;
+
+ /** CommDb Id of the real Network */
+ TUint32 iRealNetworkId;
+
+ /** Name of the VPN Nif. */
+ TName iVPNNifName;
+
+ /** IP address of the VPN Nif and DNS addresses. */
+ TVPNAddress iVPNAddresses;
+
+ /** Id of the VPN policy. */
+ TVpnPolicyId iVPNPolicyId;
+
+ /** Version of the used protocol (ip or ip6) */
+ TProtocolVersion iProtocolVersion;
+
+ /** Ike policy handle */
+ TPolicyHandle iIkePolicyHandle;
+
+ /** Ipsec policy Handle */
+ TPolicyHandle iIpsecPolicyHandle;
+ };
+
+
+#endif // VPNCONNAGTDEFS_H
+
+// End of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/inc/vpnconnagtprog.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,47 @@
+/*
+* Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Connection Agent progresses.
+*
+*/
+
+
+
+/**
+ @file
+ @released
+ @publishedPartner
+
+ VPN Connection Agent progress parameter declaration.
+ */
+
+#if !defined __VPNCONNAGTPROG_H__
+#define __VPNCONNAGTPROG_H__
+
+// INCLUDES
+#include <nifvar.h>
+#include <comms-infras/cagentbase.h>
+
+/**
+ * Defines progresses sent to Nifman.
+ */
+enum TVPNConnAgtProgress
+ {
+ EVPNConnAgtIdle = KMinAgtProgress,
+ EVPNConnAgtConnecting,
+ EVPNConnAgtConnected = KConnectionOpen,
+ EVPNConnAgtDisconnecting = KConnectionStartingClose,
+ EVPNConnAgtDisconnected = KConnectionClosed
+ };
+
+#endif // VPNCONNAGTPROG_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/rom/vpnconnagt.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnconnagt
+*
+*/
+
+
+
+#ifndef __VPNCONNAGT_IBY__
+#define __VPNCONNAGT_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNCONNAGT not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpnconnagt.agt SHARED_LIB_DIR\vpnconnagt.agt
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNCONNAGT_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnconnagt/src/vpnconnagt.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,805 @@
+/*
+* Copyright (c) 2000-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Connection Agent
+*
+*/
+
+
+
+#include <cmmanager.h>
+#include <cmconnectionmethod.h>
+#include <cmpluginvpndef.h>
+#include <commdbconnpref.h>
+#include <in_iface.h>
+#include <tunnelnifvar.h>
+#include <d32dbmsconstants.h>
+
+#include "vpnconnagt.h"
+
+
+/***************CVPNConnAgtFactory********************/
+
+extern "C" EXPORT_C CNifAgentFactory* NewAgentFactoryL()
+ {
+ return new(ELeave) CVPNConnAgtFactory;
+ }
+
+void CVPNConnAgtFactory::InstallL()
+ {
+ }
+
+CNifAgentBase* CVPNConnAgtFactory::NewAgentL(
+ const TDesC& /*aName*/)
+ {
+ return CVPNConnAgt::NewL();
+ }
+
+TInt CVPNConnAgtFactory::Info(
+ TNifAgentInfo& aInfo,
+ TInt /*aIndex*/) const
+ {
+ aInfo.iName = KVPNConnAgtName;
+ aInfo.iVersion = TVersion(KMajorVerNumber,KMinorVerNumber,KBuildVerNumber);
+ return KErrNone;
+ }
+
+/***************CVPNConnAgt********************/
+
+// ---------------------------------------------------------------------------
+// CVPNConnAgt
+// ---------------------------------------------------------------------------
+//
+CVPNConnAgt::CVPNConnAgt() :
+ iServiceStartedCallback(CActive::EPriorityStandard),
+ iConnectCompleteCallback(CActive::EPriorityStandard),
+ iDisconnectCallback(CActive::EPriorityStandard)
+ {
+ TCallBack serviceStartedCallback(ServiceStartedCb, this);
+ iServiceStartedCallback.Set(serviceStartedCallback);
+
+ TCallBack connectionCompleteCallback(ConnectCompleteCb, this);
+ iConnectCompleteCallback.Set(connectionCompleteCallback);
+
+ TCallBack disconnectionCompleteCallback(DisconnectCompleteCb, this);
+ iDisconnectCallback.Set(disconnectionCompleteCallback);
+
+ iEventActivatedClose = EFalse;
+ iDisconnectType = (TDeactivateType)NORMAL_DISCONNECT_MODE; // means the normal way to shutdown
+ }
+
+// ---------------------------------------------------------------------------
+// Destructor
+// ---------------------------------------------------------------------------
+//
+CVPNConnAgt::~CVPNConnAgt()
+ {
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ Log::Printf(_L("%s Destructing VPN Connection Agent\n"),name.PtrZ()));
+
+ iEventMediator.Close();
+
+ iServiceStartedCallback.Cancel();
+ iConnectCompleteCallback.Cancel();
+ iDisconnectCallback.Cancel();
+
+ delete iAD;
+ }
+
+// ---------------------------------------------------------------------------
+// NewL()
+// ---------------------------------------------------------------------------
+//
+CVPNConnAgt* CVPNConnAgt::NewL()
+ {
+ CVPNConnAgt* self = new (ELeave) CVPNConnAgt();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// ConstructL()
+// ---------------------------------------------------------------------------
+//
+inline void CVPNConnAgt::ConstructL()
+ {
+ LOG_1("[0x%08x] Constructing VPN Connection Agent\n", this);
+ // construct the database and dialog processor
+ CAgentBase::ConstructL();
+ iConnected = EFalse;
+ iDisconnecting = EFalse;
+ LOG_("CVPNConnAgt::ReadConfigurationL EventMediator");
+ User::LeaveIfError(iEventMediator.Connect());
+
+ iAD = CAsyncDisconnecter::NewL(this);
+ }
+
+// ---------------------------------------------------------------------------
+// Info()
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::Info(
+ TNifAgentInfo& aInfo) const
+ {
+ aInfo.iName = KVPNConnAgtName;
+ aInfo.iName.AppendFormat(_L("-AgentFactory[0x%08x]"), this);
+ aInfo.iVersion = TVersion(
+ TCommDbConnPref::KMajorVersionNumber,
+ TCommDbConnPref::KMinorVersionNumber,
+ TCommDbConnPref::KBuildVersionNumber
+ );
+ }
+
+// ---------------------------------------------------------------------------
+// Connect()
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::Connect(
+ TAgentConnectType /*aType*/)
+ {
+ iServiceStartedCallback.CallBack();
+ }
+
+// ---------------------------------------------------------------------------
+// Connect()
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::Connect(
+ TAgentConnectType aType,
+ CStoreableOverrideSettings* /*aOverrideSettings*/)
+ {
+ Connect(aType);
+ }
+
+// ---------------------------------------------------------------------------
+// CancelConnect()
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::CancelConnect()
+ {
+ LOG_("CVPNConnAgt::CancelConnect");
+ iServiceStartedCallback.Cancel();
+ iConnectCompleteCallback.Cancel();
+ }
+
+// ---------------------------------------------------------------------------
+// Disconnect()
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::Disconnect(
+ TInt aReason)
+ {
+ LOG_1("Disconnect called from Nifman with reason:%d\n", aReason);
+ if ( iDisconnecting )
+ {
+ LOG_("Already disconnecting, return\n");
+ return;
+ }
+
+ if ( aReason == KErrConnectionTerminated )
+ iDisconnectType = (TDeactivateType)SILENT_DISCONNECT_MODE;
+
+ iLastErrorCode = aReason;
+ iDisconnectCallback.CallBack();
+ }
+
+
+/****************************************************************************/
+/* GetExcessData() */
+/****************************************************************************/
+TInt CVPNConnAgt::GetExcessData(
+ TDes8& /*aBuffer*/)
+ {
+ return KErrNotSupported;
+ }
+
+/****************************************************************************/
+/* Notification() */
+/* Nif calls this via agentref to pass the name of the nif. */
+/****************************************************************************/
+TInt CVPNConnAgt::Notification(
+ TNifToAgentEventType aEvent,
+ TAny* aInfo)
+ {
+ if ( (TTunnelNifToAgentEventType)aEvent == ENifToAgentEventTypeSetIfName )
+ {
+ iVPNParameters.SetVPNNifName(*(TName*)aInfo);
+ return KErrNone;
+ }
+
+ if ( aEvent == ENifToAgentEventTypeLinkLayerDown )
+ {// Tunnelnif down
+ return KErrNone;
+ }
+
+ return KErrNotSupported;
+ }
+
+/****************************************************************************/
+/* GetLastError() */
+/****************************************************************************/
+void CVPNConnAgt::GetLastError(TInt& aError)
+ {
+ aError = iLastErrorCode;
+ }
+
+TInt CVPNConnAgt::IncomingConnectionReceived()
+ {
+ return KErrNotSupported;
+ }
+
+/****************************************************************************/
+/* ServiceStartedCb() */
+/****************************************************************************/
+TInt CVPNConnAgt::ServiceStartedCb(TAny* aThisPtr)
+ {
+ CVPNConnAgt* self = (CVPNConnAgt*)aThisPtr;
+
+ TInt err = KErrNone;
+ self->ServiceStarted(err);
+ return err;
+ }
+
+/****************************************************************************/
+/* ConnectCompleteCb() */
+/****************************************************************************/
+TInt CVPNConnAgt::ConnectCompleteCb(
+ TAny* aThisPtr)
+ {
+ CVPNConnAgt* self = (CVPNConnAgt*) aThisPtr;
+ self->ConnectionComplete(KErrNone);
+ return KErrNone;
+ }
+
+/****************************************************************************/
+/* DisconnectCompleteCb() */
+/****************************************************************************/
+TInt CVPNConnAgt::DisconnectCompleteCb(
+ TAny* aThisPtr)
+ {
+ CVPNConnAgt* self = (CVPNConnAgt*) aThisPtr;
+ self->DisconnectionComplete();
+ return KErrNone;
+ }
+
+/****************************************************************************/
+/* ServiceStarted() */
+/****************************************************************************/
+void CVPNConnAgt::ServiceStarted(TInt& aError)
+ {
+ iLastErrorCode = KErrNone;
+
+ iNotify->AgentProgress(EVPNConnAgtConnecting, iLastErrorCode);
+
+ // read IAP configuration
+ TRAP(iLastErrorCode, ReadConfigurationL());
+ if ( iLastErrorCode )
+ {
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ Log::Printf(_L("%s Error %d in reading configuration\n"),name.PtrZ(), iLastErrorCode));
+
+ iNotify->ConnectComplete(iLastErrorCode);
+ aError = iLastErrorCode;
+ return;
+ }
+
+ LOG_1("[0x%08x] Get protocol version\n", this);
+ iProtocolVersionDes().iId = iEventMediator.NewEventSpecId();
+ iProtocolVersionDes().iPolicyId = *(iVPNParameters.GetVPNPolicy());
+ iEventMediator.ListenToEvent(
+ EGetProtocolVersionEvent, iProtocolVersionDes, *this);
+ iState = EGettingProtocolVersion;
+ }
+
+/****************************************************************************/
+/* ConnectionComplete() */
+/****************************************************************************/
+void CVPNConnAgt::ConnectionComplete(
+ TInt aError)
+ {
+ if ( aError )
+ {
+ switch ( iState )
+ {
+ case EGettingProtocolVersion:
+ iEventMediator.CancelListening(EGetProtocolVersionEvent, iProtocolVersionDes);
+ iNotify->AgentProgress(EVPNConnAgtDisconnected, aError);
+ iNotify->ConnectComplete(aError);
+ iState = EConnectionClosed;
+ return;
+ case EConnecting:
+ iEventMediator.CancelListening(EStartVpnConnEvent, iStartVpnConnDes);
+ iNotify->AgentProgress(EVPNConnAgtDisconnected, aError);
+ iNotify->ConnectComplete(aError);
+ iState = EConnectionClosed;
+ return;
+ default:
+ break;
+ }
+ return;
+ }
+
+ TInetIfConfig addr;
+ addr.iAddress = iVPNParameters.GetVPNNifAddress();
+ addr.iNameSer1 = iVPNParameters.GetVPNNifDNS1();
+ addr.iNameSer2 = iVPNParameters.GetVPNNifDNS2();
+
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ TBuf<39> addrBuf;
+ iVPNParameters.GetVPNNifAddress().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s Vpn interface address = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+
+ LOG(iVPNParameters.GetVPNNifDNS1().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s Vpn DNS1 = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+
+ LOG(iVPNParameters.GetVPNNifDNS2().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s Vpn DNS2 = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+
+ // Send VPN interface address to the tunnelnif
+ iNotify->Notification((TAgentToNifEventType)EAgentToNifEventTypeSetAddress, (void*)(&addr));
+
+ // Inform the Nifman
+ iNotify->AgentProgress(EVPNConnAgtConnected, KErrNone);
+ iNotify->ConnectComplete(aError);
+
+ iConnected = ETrue;
+
+ // initialize real if observer
+ iObserveRealIapConnDes().iRealIapConnInfo.iIapId = iVPNParameters.GetRealIapId();
+ iObserveRealIapConnDes().iRealIapConnInfo.iNetId = iVPNParameters.GetRealNetworkId();
+ iObserveRealIapConnDes().iVpnIapId = iVPNParameters.GetVPNIapId();
+
+ ListenRealIAP();
+ ListenAddressChange();
+
+ iState = EListeningEvents;
+ LOG_1("[0x%08x] VPN CONNECTION READY!\n", this);
+ }
+
+/****************************************************************************/
+/* DisconnectionComplete() */
+/****************************************************************************/
+void CVPNConnAgt::DisconnectionComplete()
+ {
+ if ( iDisconnecting )
+ {
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ Log::Printf(_L("%s Already disconnecting, return\n"),name.PtrZ()));
+ return;
+ }
+ else
+ iDisconnecting = ETrue;
+
+ iNotify->AgentProgress(EVPNConnAgtDisconnecting, KErrNone);
+
+ if ( iConnected && (iState == EListeningEvents || iState == EStartingRealIf) )
+ {
+ // Start the deactivate/unload of the VPN policies.
+ CancelListeners();
+
+ if ( iState == EStartingRealIf )
+ iDisconnectType = (TDeactivateType)SILENT_DISCONNECT_MODE;
+
+ iCloseVpnConnDes().iId = iEventMediator.NewEventSpecId();
+ iCloseVpnConnDes().iIkePolicyHandle = iVPNParameters.GetIkePolicyHandle();
+ iCloseVpnConnDes().iIpsecPolicyHandle = iVPNParameters.GetIpsecPolicyHandle();
+ iCloseVpnConnDes().iDeactivateType = iDisconnectType;
+ iCloseVpnConnDes().iVpnIapId = iVPNParameters.GetVPNIapId();
+ iCloseVpnConnDes().iRealIapId = iVPNParameters.GetRealIapId();
+ iEventMediator.ListenToEvent(ECloseVpnConnEvent, iCloseVpnConnDes, *this);
+ iState = EClosingConnection;
+
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ Log::Printf(_L("%s Disconnecting type is %d\n"),name.PtrZ(), (TInt)iDisconnectType));
+
+ return;
+ }
+
+ iAD->ConfirmDisconnect();
+ iDisconnecting = EFalse;
+ }
+
+
+/****************************************************************************/
+/* EventOccured() */
+/****************************************************************************/
+void CVPNConnAgt::EventOccured(TInt aStatus, TEventType aType, TDesC8* aData)
+ {
+ LOG(TName name;
+ name.AppendFormat(_L("[0x%08x]"), this);
+ Log::Printf(_L("%s Event occured with status %d\n"),name.PtrZ(), aStatus));
+
+ if ( aStatus == KErrServerTerminated )
+ {
+ iNotify->Notification(EAgentToNifEventTypeDisableConnection, NULL);
+ iConnected = EFalse; // Disable listening of ECloseVpnConnEvent event
+ return;
+ }
+
+ if ( aStatus != KErrNone || !aData )
+ {
+ if ( !iConnected )
+ ConnectionComplete(aStatus);
+ else
+ DisconnectionComplete();
+
+ return;
+ }
+
+ TGetProtocolVersionEventData* protocolVersion=NULL;
+ TStartVpnConnEventData* connection = NULL;
+ TCloseVpnConnEventData* closeData = NULL;
+ switch (aType)
+ {
+ case EGetProtocolVersionEvent:
+ protocolVersion = (TGetProtocolVersionEventData*)(aData->Ptr());
+ if ( protocolVersion->iTaskStatus )
+ {
+ TProtocolVersion pv(EVersionIp);
+ iVPNParameters.SetProtocolVersion(pv);
+ }
+ else
+ iVPNParameters.SetProtocolVersion(protocolVersion->iProtocolVersion);
+
+
+ LOG(Log::Printf(_L("%s Protocol resolved = %d\n"),name.PtrZ(), protocolVersion->iProtocolVersion));
+
+ // Inform Nifman to go forward
+ iNotify->ServiceStarted();
+
+ // Initialise the connection parameters
+ iStartVpnConnDes().iId = iEventMediator.NewEventSpecId();
+ iStartVpnConnDes().iIfInfo.iVpnIapId = iVPNParameters.GetVPNIapId();
+ iStartVpnConnDes().iIfInfo.iVpnNetId = iVPNParameters.GetVPNNetworkId();
+ iStartVpnConnDes().iIfInfo.iRealIapId = iVPNParameters.GetRealIapId();
+ iStartVpnConnDes().iIfInfo.iRealNetId = iVPNParameters.GetRealNetworkId();
+ iStartVpnConnDes().iIfInfo.iVPNIfName = *(VPNNifName());
+ iStartVpnConnDes().iPolicyId = *(iVPNParameters.GetVPNPolicy());
+
+ LOG(Log::Printf(_L("%s Start connection\n"),name.PtrZ()));
+
+ // Start connection
+ iEventMediator.ListenToEvent(EStartVpnConnEvent, iStartVpnConnDes, *this);
+ iState = EConnecting;
+ break;
+ case EStartVpnConnEvent:
+ // Read the connection data (addresses and policy
+ // handles)
+ connection = (TStartVpnConnEventData*)(aData->Ptr());
+ ASSERT(connection);
+ if ( connection->iTaskStatus )
+ {
+ ConnectionComplete(connection->iTaskStatus);
+ break;
+ }
+
+ LOG(Log::Printf(_L("%s Connection started, Ikehandle: %d, Ipsechandle: %d\n"),
+ name.PtrZ(), connection->iIkePolicyHandle, connection->iIpsecPolicyHandle));
+ iVPNParameters.SetRealNetworkId(connection->iNetId);
+ iVPNParameters.SetRealIapId(connection->iIapId);
+ iVPNParameters.SetIkePolicyHandle(connection->iIkePolicyHandle);
+ iVPNParameters.SetIpSecPolicyHandle(connection->iIpsecPolicyHandle);
+ iVPNParameters.SetAddresses(connection->iVpnAddressInfo);
+ iState = EConnected;
+ ConnectionComplete(KErrNone);
+ break;
+ case ECloseVpnConnEvent:
+ LOG(Log::Printf(_L("%s ECloseVpnConnEvent\n"),name.PtrZ()));
+ closeData = (TCloseVpnConnEventData*)(aData->Ptr());
+ if ( closeData->iTaskStatus )
+ {
+ LOG(Log::Printf(_L("%s ECloseVpnConnEvent: TaskStatus %d\n"),name.PtrZ(), closeData->iTaskStatus));
+ iLastErrorCode = closeData->iTaskStatus;
+ }
+
+ if ( iEventActivatedClose )
+ {
+ iEventActivatedClose = EFalse;
+ iNotify->Notification(EAgentToNifEventTypeDisableConnection, NULL);
+ }
+
+ iAD->ConfirmDisconnect();
+ iDisconnecting = EFalse;
+
+ iConnected = EFalse;
+
+ iState = EIdle;
+ break;
+ case EAllInterfaceEvents:
+ case EObserveRealIapConnEvent:
+ {
+ if ( iDisconnecting ) // Shouldn't be possible
+ break;
+
+ LOG(Log::Printf(_L("%s Real interface down, shutdown silently\n"),name.PtrZ()));
+
+ iEventActivatedClose = ETrue;
+ iDisconnectType = (TDeactivateType)SILENT_DISCONNECT_MODE; // means that KMD doesn't send any packets to the gateway
+ DisconnectionComplete();
+ break;
+ }
+ case EKmdAddressChangeEvent:
+ {
+ LOG_1("[0x%08x] Address changed event\n",this);
+
+ TVPNAddress* ptr = (TVPNAddress*)(aData->Ptr());
+
+ if ( iVPNParameters.GetVPNNifAddress().CmpAddr(ptr->iVPNIfAddr)
+ && iVPNParameters.GetVPNNifDNS1().CmpAddr(ptr->iVPNIfDNS1)
+ && iVPNParameters.GetVPNNifDNS2().CmpAddr(ptr->iVPNIfDNS2) )
+ {
+ LOG_("Address change informed but no change found");
+
+ TConnectionInfo vpnIfaceInfo;
+ vpnIfaceInfo.iIapId = iVPNParameters.GetVPNIapId();
+ TConnectionInfoBuf vpnIfaceInfoBuf(vpnIfaceInfo);
+ iEventMediator.ListenToEvent(
+ EKmdAddressChangeEvent, vpnIfaceInfoBuf, *this);
+ }
+ else
+ {
+ iVPNParameters.SetAddresses(*ptr);
+ TInetIfConfig addr;
+ addr.iAddress = iVPNParameters.GetVPNNifAddress();
+ addr.iNameSer1 = iVPNParameters.GetVPNNifDNS1();
+ addr.iNameSer2 = iVPNParameters.GetVPNNifDNS2();
+
+ iNotify->Notification(
+ (TAgentToNifEventType)EAgentToNifEventTypeUpdateAddress,
+ (void*)(&addr));
+
+ LOG(Log::Printf(_L("%s Address changed, continue listening\n"),name.PtrZ()));
+
+ TConnectionInfo vpnIfaceInfo;
+ vpnIfaceInfo.iIapId = iVPNParameters.GetVPNIapId();
+ TConnectionInfoBuf vpnIfaceInfoBuf(vpnIfaceInfo);
+ iEventMediator.ListenToEvent(EKmdAddressChangeEvent, vpnIfaceInfoBuf, *this);
+
+ LOG(TBuf<39> addrBuf;
+ iVPNParameters.GetVPNNifAddress().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s New Vpn interface address = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+
+ LOG(iVPNParameters.GetVPNNifDNS1().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s Vpn DNS1 = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+
+ LOG(iVPNParameters.GetVPNNifDNS2().OutputWithScope(addrBuf);
+ Log::Printf(_L("%s Vpn DNS2 = %s\n"),name.PtrZ(), addrBuf.PtrZ()));
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ }
+
+
+/****************************************************************************/
+/* ListenRealIAP() */
+/****************************************************************************/
+void CVPNConnAgt::ListenRealIAP()
+ {
+ // Listen the real interface if it shutsdown or...
+ iObserveRealIapConnDes().iId = iEventMediator.NewEventSpecId();
+ iEventMediator.ListenToEvent(
+ EObserveRealIapConnEvent, iObserveRealIapConnDes, *this);
+ }
+
+/****************************************************************************/
+/* ListenAddressChange() */
+/****************************************************************************/
+void CVPNConnAgt::ListenAddressChange()
+ {
+ // Listen to the VPN interface for address changes
+ TConnectionInfo vpnIfaceInfo;
+ vpnIfaceInfo.iIapId = iVPNParameters.GetVPNIapId();
+ TConnectionInfoBuf vpnIfaceInfoBuf(vpnIfaceInfo);
+ iEventMediator.ListenToEvent(
+ EKmdAddressChangeEvent, vpnIfaceInfoBuf, *this);
+ }
+
+/****************************************************************************/
+/* CancelListeners() */
+/****************************************************************************/
+void CVPNConnAgt::CancelListeners()
+ {
+ // Cancel real interface observer
+ iEventMediator.CancelListening(
+ EObserveRealIapConnEvent, iObserveRealIapConnDes);
+
+ // Cancel address change event listening
+ TConnectionInfo vpnIfaceInfo;
+ vpnIfaceInfo.iIapId = iVPNParameters.GetVPNIapId();
+ TConnectionInfoBuf vpnIfaceInfoBuf(vpnIfaceInfo);
+ iEventMediator.CancelListening(EKmdAddressChangeEvent, vpnIfaceInfoBuf);
+ }
+
+// ---------------------------------------------------------------------------
+// Overwrite version of ReadDes to catch the ip version asking
+// ---------------------------------------------------------------------------
+//
+TInt CVPNConnAgt::DoReadDes(
+ const TDesC& aField, TDes16& aValue, const RMessagePtr2* /*aMessage*/ )
+ {
+ TInt err(KErrNone);
+ LOG_1("CVPNConnAgt::DoReadDes aField=%S", &aField);
+
+ // If SERVICE_IF_NETWORKS is asked, get the ip version from the VPN
+ // Manager Server. Otherwise use default ReadDes() function.
+ // TBuf<KCommsDbSvrMaxColumnNameLength> columnName=TPtrC(
+ // SERVICE_IF_NETWORKS);
+ // temporary solution
+ TBuf<KDbStoreMaxColumnLength> columnName=TPtrC(SERVICE_IF_NETWORKS);
+ if ( aField.CompareF(columnName) == 0 )
+ {
+ TProtocolVersion protocol = iVPNParameters.GetProtocolVersion();
+ if ( protocol == EVersionUnknown )
+ return KErrNotFound;
+
+ if ( protocol == EVersionIp )
+ {
+ _LIT(KIP4, "ip");
+ aValue = KIP4;
+ }
+ else
+ {
+ _LIT(KIP6, "ip6");
+ aValue = KIP6;
+ }
+ LOG_1("CVPNConnAgt::DoReadDes aValue=%S", &aValue);
+ return KErrNone;
+ }
+ else
+ {
+ err = iDatabase->ReadDes(aField, columnName);
+ if ( err )
+ return err;
+
+ aValue.Copy(columnName);
+ }
+
+ LOG_1("CVPNConnAgt::DoReadDes aValue=%S", &aValue);
+ return err;
+ }
+
+// ---------------------------------------------------------------------------
+// Read IAP configurations
+// ---------------------------------------------------------------------------
+//
+void CVPNConnAgt::ReadConfigurationL()
+ {
+ // vpn iap id
+ LOG_1("CVPNConnAgt::ReadConfigurationL iIAPId:%d", iSettings.iIAPId);
+ iVPNParameters.SetVPNIapId(iSettings.iIAPId);
+
+ // read vpn connection method
+ using namespace CMManager;
+ RCmManager cmManager;
+ cmManager.OpenL();
+ CleanupClosePushL( cmManager );
+ RCmConnectionMethod vpnConnection =
+ cmManager.ConnectionMethodL( iSettings.iIAPId );
+ CleanupClosePushL(vpnConnection);
+ ASSERT( vpnConnection.GetBoolAttributeL(ECmVirtual) );
+
+ // Read VPN Network Id
+ const TUint32 vpnNetworkId(vpnConnection.GetIntAttributeL(ECmNetworkId));
+ iVPNParameters.SetVPNNetworkId(vpnNetworkId);
+
+ LOG_1("CVPNConnAgt::ReadConfigurationL VpnIapId:%d",
+ iVPNParameters.GetVPNIapId());
+ LOG_1("CVPNConnAgt::ReadConfigurationL VpnNetworkId:%d",
+ iVPNParameters.GetVPNNetworkId());
+
+ // vpn policy id
+ HBufC* policy = vpnConnection.GetStringAttributeL(EVpnServicePolicy);
+ if (policy)
+ {
+ TVpnPolicyId policyId;
+ ASSERT( policy->Length() <= policyId.MaxLength() );
+
+ policyId.Copy(*policy);
+ delete policy;
+ iVPNParameters.SetVPNPolicy(policyId);
+ }
+
+ // real IAP or SNAP. ECmNextLayerIapId == EVpnIapId
+ const TUint32 realIap(vpnConnection.GetIntAttributeL(EVpnIapId));
+ const TUint32 snap( !realIap ?
+ vpnConnection.GetIntAttributeL(ECmNextLayerSNAPId):0);
+
+ CleanupStack::PopAndDestroy(); // vpnConnection
+
+ if ( realIap )
+ {
+ // Now load real connection
+ RCmConnectionMethod realConnection =
+ cmManager.ConnectionMethodL( realIap );
+ CleanupClosePushL(realConnection);
+ ASSERT( !realConnection.GetBoolAttributeL(ECmVirtual) );
+
+ // real iap id
+ const TUint32 realIapId( realConnection.GetIntAttributeL(ECmIapId) );
+ iVPNParameters.SetRealIapId( realIapId );
+
+ // real network id
+ iVPNParameters.SetRealNetworkId(
+ realConnection.GetIntAttributeL(ECmNetworkId) );
+ CleanupStack::PopAndDestroy(); // realConnection
+ }
+ else
+ {
+ LOG_1("CVPNConnAgt::ReadConfigurationL snap:%d", snap);
+ ASSERT( snap ); // must be snap then
+ iStartVpnConnDes().iIfInfo.iSnapId = snap;
+ }
+ CleanupStack::PopAndDestroy(); // cmManager
+
+ LOG_1("CVPNConnAgt::ReadConfigurationL RealIap:%d",
+ realIap);
+ LOG_1("CVPNConnAgt::ReadConfigurationL RealIapId:%d",
+ iVPNParameters.GetRealIapId());
+ LOG_1("CVPNConnAgt::ReadConfigurationL RealNetworkId:%d",
+ iVPNParameters.GetRealNetworkId());
+ }
+
+
+//////////////////////CAsyncDisconnecter////////////////////
+
+// ---------------------------------------------------------------------------
+// CAsyncDisconnecter
+// ---------------------------------------------------------------------------
+//
+CAsyncDisconnecter::CAsyncDisconnecter(
+ CVPNConnAgt* aAgent):
+ CAsyncOneShot(EPriorityNormal)
+ {
+ iAgent = aAgent;
+ }
+
+// ---------------------------------------------------------------------------
+// NewL
+// ---------------------------------------------------------------------------
+//
+CAsyncDisconnecter* CAsyncDisconnecter::NewL(
+ CVPNConnAgt* aAgent)
+ {
+ return new (ELeave) CAsyncDisconnecter(aAgent);
+ }
+
+// ---------------------------------------------------------------------------
+// ConfirmDisconnect
+// ---------------------------------------------------------------------------
+//
+void CAsyncDisconnecter::ConfirmDisconnect()
+ {
+ Call();
+ }
+
+// ---------------------------------------------------------------------------
+// RunL
+// ---------------------------------------------------------------------------
+//
+void CAsyncDisconnecter::RunL()
+ {
+ LOG_1("CAsyncDisconnecter::RunL, iStatus:%d", iStatus.Int() );
+ iAgent->Notify()->AgentProgress(EVPNConnAgtDisconnected, KErrNone);
+ iAgent->Notify()->DisconnectComplete();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/aif/vpninsaif.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,41 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPN Installer.
+*
+*/
+
+
+
+#include <aiftool.rh>
+
+RESOURCE AIF_DATA
+ {
+ app_uid=0x101FD28E;
+ caption_list=
+ {
+ CAPTION { code=ELangEnglish; caption="VPN Installer"; }
+ };
+ //num_icons=0;
+ num_icons=3;
+ /**
+ * For test purposes you can put this application's Hidden capability
+ * to KAppNotHidden: hidden=KAppNotHidden;
+ */
+ hidden=KAppIsHidden;
+ //hidden=KAppNotHidden;
+ embeddability=KAppNotEmbeddable;
+ newfile=KAppDoesNotSupportNewFile;
+ }
+
+// End of File
Binary file vpnengine/vpnins/aif/vpninsicon24i.bmp has changed
Binary file vpnengine/vpnins/aif/vpninsicon24m.bmp has changed
Binary file vpnengine/vpnins/aif/vpninsicon32i.bmp has changed
Binary file vpnengine/vpnins/aif/vpninsicon32m.bmp has changed
Binary file vpnengine/vpnins/aif/vpninsicon48i.bmp has changed
Binary file vpnengine/vpnins/aif/vpninsicon48m.bmp has changed
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/data/vpnins.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,51 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnIns.
+*
+*/
+
+
+NAME VPNI // 4 letter ID
+
+// INCLUDES
+
+#include <eikon.rh>
+
+#include <eikcore.rsg>
+
+#ifdef LANGUAGE_00 // if code is for ...
+//#include "vpnins00.rls"
+#elif defined LANGUAGE_01 // if code is for UK English
+//#include "vpnins01.rls"
+#endif // end condititional compile
+
+//#include "vpnins.hrh"
+//#include "vpnins.loc"
+
+// CONSTANTS
+//#define ?constant ?value
+
+// MACROS
+//#define ?macro
+
+// RESOURCE DEFINITIONS
+
+RESOURCE RSS_SIGNATURE { }
+
+RESOURCE TBUF { buf="VpnIns"; }
+
+RESOURCE EIK_APP_INFO
+{
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/data/vpnins_loc.rls Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,26 @@
+/*
+* Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnIns.
+*
+*/
+
+
+
+// vpnins_LOC.RLS
+//
+//
+
+//rls_string STRING_r_vpnins_icon_path "z:\\resource\\apps\\vpnins01.mbm"
+rls_string STRING_r_vpnins_short_caption "VPNI"
+rls_string STRING_r_vpnins_caption "VPNI"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/data/vpnins_loc.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,40 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnIns.
+*
+*/
+
+
+#include <appinfo.rh>
+#include "vpnins_loc.rls"
+
+RESOURCE LOCALISABLE_APP_INFO
+ {
+ short_caption = STRING_r_vpnins_short_caption;
+ caption_and_icon =
+ {
+ CAPTION_AND_ICON_INFO
+ {
+ caption = STRING_r_vpnins_caption;
+ //number_of_icons = 3;
+ //icon_file = STRING_r_vpnins_icon_path;
+ }
+ };
+//
+ }
+//#ifdef LANGUAGE_01
+ //#include "vpnins01.rls"
+//#else
+ //#include "vpninssc.rls"
+//#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/data/vpnins_reg.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,28 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnIns.
+*
+*/
+
+
+#include <appinfo.rh>
+
+UID2 KUidAppRegistrationResourceFile
+UID3 0x101FD28E
+
+RESOURCE APP_REGISTRATION_INFO
+ {
+ app_file="vpnins";
+ localisable_resource_file = "\\resource\\apps\\vpnins_loc";
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/data/vpninsaif.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,41 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnIns.
+*
+*/
+
+
+
+#include <aiftool.rh>
+
+RESOURCE AIF_DATA
+ {
+ app_uid=0x101FD28E;
+ caption_list=
+ {
+ CAPTION { code=ELangEnglish; caption="VPN Installer"; }
+ };
+ //num_icons=0;
+ num_icons=3;
+ /**
+ * For test purposes you can put this application's Hidden capability
+ * to KAppNotHidden: hidden=KAppNotHidden;
+ */
+ hidden=KAppIsHidden;
+ //hidden=KAppNotHidden;
+ embeddability=KAppNotEmbeddable;
+ newfile=KAppDoesNotSupportNewFile;
+ }
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpnins.mmp
+
+PRJ_TESTEXPORTS
+
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/group/vpnins.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnins
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpnins.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101FD28E
+
+CAPABILITY WriteDeviceData
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE vpninsexe.cpp
+
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY centralrepository.lib
+LIBRARY certstore.lib
+LIBRARY ctframework.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/rom/vpnins.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnins
+*
+*/
+
+
+
+#ifndef __VPNINS_IBY__
+#define __VPNINS_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNINS not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpnins.exe PROGRAMS_DIR\vpnins.exe
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNINS_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnins/src/vpninsexe.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,65 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Installer.
+*
+*/
+
+
+
+#include <e32base.h>
+
+ #include <centralrepository.h> // link against centralrepository.lib
+ #include <settingsinternalcrkeys.h>
+
+ #include <certificateapps.h>
+
+
+_LIT(KVpnManagementUiDllName, "vpnmanagementui.dll");
+
+LOCAL_C void setKeysAndOtherSettingsL();
+
+// The starting point
+GLDEF_C TInt E32Main()
+ {
+ __UHEAP_MARK;
+ CTrapCleanup* cleanup = CTrapCleanup::New();
+ TRAPD(error, setKeysAndOtherSettingsL());
+ if (error != KErrNone)
+ {
+ ;
+ }
+ delete cleanup;
+ __UHEAP_MARKEND;
+ return 0;
+ }
+
+
+LOCAL_C void setKeysAndOtherSettingsL()
+ {
+ // Connecting and initialization:
+ CRepository* repository = CRepository::NewL( KCRUidCommunicationSettings );
+ repository->Set( KSettingsVPNSupported, 1 );
+ repository->Set( KSettingsVPNImplementation, KVpnManagementUiDllName );
+ delete repository;
+
+ CCertificateAppInfoManager* manager = CCertificateAppInfoManager::NewLC();
+
+ const TUid KUidVpn = {0x101F7993};
+ _LIT(KVpnApplicationName, "VPN");
+ TName vpnApplicationName(KVpnApplicationName);
+ TCertificateAppInfo client(KUidVpn, vpnApplicationName);
+
+ manager->AddL(client);
+ CleanupStack::PopAndDestroy(); // manager
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/bwins/vpnipsecpolparserU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,51 @@
+EXPORTS
+ ??0CKeysData@@QAE@PAV0@@Z @ 1 NONAME ; CKeysData::CKeysData(class CKeysData *)
+ ??0CKeysData@@QAE@XZ @ 2 NONAME ; CKeysData::CKeysData(void)
+ ??0CSecurityPolicy@@QAE@XZ @ 3 NONAME ; CSecurityPolicy::CSecurityPolicy(void)
+ ??0TIpSecParser@@QAE@ABVTDesC16@@@Z @ 4 NONAME ; TIpSecParser::TIpSecParser(class TDesC16 const &)
+ ??0TKeyParser@@QAE@ABVTDesC16@@@Z @ 5 NONAME ; TKeyParser::TKeyParser(class TDesC16 const &)
+ ??0TPolicyParser@@QAE@ABVTDesC16@@@Z @ 6 NONAME ; TPolicyParser::TPolicyParser(class TDesC16 const &)
+ ??1CIpSecurityPiece@@UAE@XZ @ 7 NONAME ; CIpSecurityPiece::~CIpSecurityPiece(void)
+ ??1CKeysDataArray@@UAE@XZ @ 8 NONAME ; CKeysDataArray::~CKeysDataArray(void)
+ ??1CPolicySelector@@UAE@XZ @ 9 NONAME ; CPolicySelector::~CPolicySelector(void)
+ ??1CPolicySpec@@UAE@XZ @ 10 NONAME ; CPolicySpec::~CPolicySpec(void)
+ ?BufferAppend@TPolicyParser@@SAHAAPAVHBufC8@@ABVTDesC8@@@Z @ 11 NONAME ; int TPolicyParser::BufferAppend(class HBufC8 * &, class TDesC8 const &)
+ ?Construct@CKeysDataArray@@QAEXH@Z @ 12 NONAME ; void CKeysDataArray::Construct(int)
+ ?Construct@CPolicySelector@@QAEXXZ @ 13 NONAME ; void CPolicySelector::Construct(void)
+ ?Construct@CPolicySpec@@QAEXXZ @ 14 NONAME ; void CPolicySpec::Construct(void)
+ ?Construct@CSAList@@QAEXH@Z @ 15 NONAME ; void CSAList::Construct(int)
+ ?Construct@CSelectorList@@QAEXH@Z @ 16 NONAME ; void CSelectorList::Construct(int)
+ ?ConstructL@CIpSecurityPiece@@QAEXH@Z @ 17 NONAME ; void CIpSecurityPiece::ConstructL(int)
+ ?ConstructL@CKeysDataArray@@QAEXPAV1@@Z @ 18 NONAME ; void CKeysDataArray::ConstructL(class CKeysDataArray *)
+ ?ConstructL@CPolicySelector@@QAEXPAV1@@Z @ 19 NONAME ; void CPolicySelector::ConstructL(class CPolicySelector *)
+ ?ConstructL@CPolicySpec@@QAEXAAVTDesC16@@W4TPolicySpecType@@@Z @ 20 NONAME ; void CPolicySpec::ConstructL(class TDesC16 &, enum TPolicySpecType)
+ ?ConstructL@CPolicySpec@@QAEXPAV1@@Z @ 21 NONAME ; void CPolicySpec::ConstructL(class CPolicySpec *)
+ ?ConstructL@CSAList@@QAEXPAV1@@Z @ 22 NONAME ; void CSAList::ConstructL(class CSAList *)
+ ?ConstructL@CSecurityPolicy@@QAEXPAV1@@Z @ 23 NONAME ; void CSecurityPolicy::ConstructL(class CSecurityPolicy *)
+ ?ConstructL@CSecurityPolicy@@QAEXXZ @ 24 NONAME ; void CSecurityPolicy::ConstructL(void)
+ ?ConstructL@CSelectorList@@QAEXPAV1@PAVCSAPairList@@@Z @ 25 NONAME ; void CSelectorList::ConstructL(class CSelectorList *, class CSAPairList *)
+ ?CopyL@CKeysDataArray@@QAEXPAV1@@Z @ 26 NONAME ; void CKeysDataArray::CopyL(class CKeysDataArray *)
+ ?Empty@CKeysDataArray@@QAEXXZ @ 27 NONAME ; void CKeysDataArray::Empty(void)
+ ?FindSpec@CSecurityPolicy@@QAEPAVCPolicySpec@@ABVTDesC8@@@Z @ 28 NONAME ; class CPolicySpec * CSecurityPolicy::FindSpec(class TDesC8 const &)
+ ?NewL@CKeysDataArray@@SAPAV1@H@Z @ 29 NONAME ; class CKeysDataArray * CKeysDataArray::NewL(int)
+ ?NewL@CKeysDataArray@@SAPAV1@PAV1@@Z @ 30 NONAME ; class CKeysDataArray * CKeysDataArray::NewL(class CKeysDataArray *)
+ ?NewL@CPolicySelector@@SAPAV1@PAV1@@Z @ 31 NONAME ; class CPolicySelector * CPolicySelector::NewL(class CPolicySelector *)
+ ?NewL@CPolicySelector@@SAPAV1@XZ @ 32 NONAME ; class CPolicySelector * CPolicySelector::NewL(void)
+ ?NewL@CPolicySpec@@SAPAV1@AAVTDesC16@@W4TPolicySpecType@@@Z @ 33 NONAME ; class CPolicySpec * CPolicySpec::NewL(class TDesC16 &, enum TPolicySpecType)
+ ?NewL@CPolicySpec@@SAPAV1@PAV1@@Z @ 34 NONAME ; class CPolicySpec * CPolicySpec::NewL(class CPolicySpec *)
+ ?NewL@CPolicySpec@@SAPAV1@XZ @ 35 NONAME ; class CPolicySpec * CPolicySpec::NewL(void)
+ ?NewL@CSAList@@SAPAV1@H@Z @ 36 NONAME ; class CSAList * CSAList::NewL(int)
+ ?NewL@CSAList@@SAPAV1@PAV1@@Z @ 37 NONAME ; class CSAList * CSAList::NewL(class CSAList *)
+ ?NewL@CSelectorList@@SAPAV1@H@Z @ 38 NONAME ; class CSelectorList * CSelectorList::NewL(int)
+ ?NewL@CSelectorList@@SAPAV1@PAV1@PAVCSAPairList@@@Z @ 39 NONAME ; class CSelectorList * CSelectorList::NewL(class CSelectorList *, class CSAPairList *)
+ ?ParseAndIgnoreIKEL@TIpSecParser@@QAEHPAVCIpSecurityPiece@@@Z @ 40 NONAME ; int TIpSecParser::ParseAndIgnoreIKEL(class CIpSecurityPiece *)
+ ?ParseL@TIpSecParser@@QAEHPAVCIpSecurityPiece@@@Z @ 41 NONAME ; int TIpSecParser::ParseL(class CIpSecurityPiece *)
+ ?ParseL@TKeyParser@@QAEHPAVCKeysDataArray@@@Z @ 42 NONAME ; int TKeyParser::ParseL(class CKeysDataArray *)
+ ?ParseL@TPolicyParser@@QAEHPAVCIpSecurityPiece@@@Z @ 43 NONAME ; int TPolicyParser::ParseL(class CIpSecurityPiece *)
+ ?SetInfoL@CIpSecurityPiece@@QAEXABVTDesC16@@@Z @ 44 NONAME ; void CIpSecurityPiece::SetInfoL(class TDesC16 const &)
+ ?UseSA@CPolicySelector@@QAEHPAVCPolicySpec@@PAVTInetAddr@@@Z @ 45 NONAME ; int CPolicySelector::UseSA(class CPolicySpec *, class TInetAddr *)
+ ?Write@TIpSecParser@@SAHPAVCIpSecurityPiece@@AAPAVHBufC8@@@Z @ 46 NONAME ; int TIpSecParser::Write(class CIpSecurityPiece *, class HBufC8 * &)
+ ?Write@TKeyParser@@SAHPAVCKeysDataArray@@AAVRFile@@@Z @ 47 NONAME ; int TKeyParser::Write(class CKeysDataArray *, class RFile &)
+ ?Write@TPolicyParser@@SAHPAVCSecurityPolicy@@AAPAVHBufC8@@H@Z @ 48 NONAME ; int TPolicyParser::Write(class CSecurityPolicy *, class HBufC8 * &, int)
+ ?FQDNAddressListL@CIpSecurityPiece@@QAEPAV?$CArrayPtrFlat@VCSecpolBundleItem@@@@XZ @ 49 NONAME ; class CArrayPtrFlat<class CSecpolBundleItem> * CIpSecurityPiece::FQDNAddressListL(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/eabi/vpnipsecpolparserU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,79 @@
+EXPORTS
+ _ZN10TKeyParser5WriteEP14CKeysDataArrayR5RFile @ 1 NONAME
+ _ZN10TKeyParser6ParseLEP14CKeysDataArray @ 2 NONAME
+ _ZN10TKeyParserC1ERK7TDesC16 @ 3 NONAME
+ _ZN10TKeyParserC2ERK7TDesC16 @ 4 NONAME
+ _ZN11CPolicySpec10ConstructLEPS_ @ 5 NONAME
+ _ZN11CPolicySpec10ConstructLER7TDesC1615TPolicySpecType @ 6 NONAME
+ _ZN11CPolicySpec4NewLEPS_ @ 7 NONAME
+ _ZN11CPolicySpec4NewLER7TDesC1615TPolicySpecType @ 8 NONAME
+ _ZN11CPolicySpec4NewLEv @ 9 NONAME
+ _ZN11CPolicySpec9ConstructEv @ 10 NONAME
+ _ZN11CPolicySpecD0Ev @ 11 NONAME
+ _ZN11CPolicySpecD1Ev @ 12 NONAME
+ _ZN11CPolicySpecD2Ev @ 13 NONAME
+ _ZN12TIpSecParser18ParseAndIgnoreIKELEP16CIpSecurityPiece @ 14 NONAME
+ _ZN12TIpSecParser5WriteEP16CIpSecurityPieceRP6HBufC8 @ 15 NONAME
+ _ZN12TIpSecParser6ParseLEP16CIpSecurityPiece @ 16 NONAME
+ _ZN12TIpSecParserC1ERK7TDesC16 @ 17 NONAME
+ _ZN12TIpSecParserC2ERK7TDesC16 @ 18 NONAME
+ _ZN13CSelectorList10ConstructLEPS_P11CSAPairList @ 19 NONAME
+ _ZN13CSelectorList4NewLEPS_P11CSAPairList @ 20 NONAME
+ _ZN13CSelectorList4NewLEi @ 21 NONAME
+ _ZN13CSelectorList9ConstructEi @ 22 NONAME
+ _ZN13TPolicyParser12BufferAppendERP6HBufC8RK6TDesC8 @ 23 NONAME
+ _ZN13TPolicyParser5WriteEP15CSecurityPolicyRP6HBufC8i @ 24 NONAME
+ _ZN13TPolicyParser6ParseLEP16CIpSecurityPiece @ 25 NONAME
+ _ZN13TPolicyParserC1ERK7TDesC16 @ 26 NONAME
+ _ZN13TPolicyParserC2ERK7TDesC16 @ 27 NONAME
+ _ZN14CKeysDataArray10ConstructLEPS_ @ 28 NONAME
+ _ZN14CKeysDataArray4NewLEPS_ @ 29 NONAME
+ _ZN14CKeysDataArray4NewLEi @ 30 NONAME
+ _ZN14CKeysDataArray5CopyLEPS_ @ 31 NONAME
+ _ZN14CKeysDataArray5EmptyEv @ 32 NONAME
+ _ZN14CKeysDataArray9ConstructEi @ 33 NONAME
+ _ZN14CKeysDataArrayD0Ev @ 34 NONAME
+ _ZN14CKeysDataArrayD1Ev @ 35 NONAME
+ _ZN14CKeysDataArrayD2Ev @ 36 NONAME
+ _ZN15CPolicySelector10ConstructLEPS_ @ 37 NONAME
+ _ZN15CPolicySelector4NewLEPS_ @ 38 NONAME
+ _ZN15CPolicySelector4NewLEv @ 39 NONAME
+ _ZN15CPolicySelector5UseSAEP11CPolicySpecP9TInetAddr @ 40 NONAME
+ _ZN15CPolicySelector9ConstructEv @ 41 NONAME
+ _ZN15CPolicySelectorD0Ev @ 42 NONAME
+ _ZN15CPolicySelectorD1Ev @ 43 NONAME
+ _ZN15CPolicySelectorD2Ev @ 44 NONAME
+ _ZN15CSecurityPolicy10ConstructLEPS_ @ 45 NONAME
+ _ZN15CSecurityPolicy10ConstructLEv @ 46 NONAME
+ _ZN15CSecurityPolicy8FindSpecERK6TDesC8 @ 47 NONAME
+ _ZN15CSecurityPolicyC1Ev @ 48 NONAME
+ _ZN15CSecurityPolicyC2Ev @ 49 NONAME
+ _ZN16CIpSecurityPiece10ConstructLEi @ 50 NONAME
+ _ZN16CIpSecurityPiece8SetInfoLERK7TDesC16 @ 51 NONAME
+ _ZN16CIpSecurityPieceD0Ev @ 52 NONAME
+ _ZN16CIpSecurityPieceD1Ev @ 53 NONAME
+ _ZN16CIpSecurityPieceD2Ev @ 54 NONAME
+ _ZN7CSAList10ConstructLEPS_ @ 55 NONAME
+ _ZN7CSAList4NewLEPS_ @ 56 NONAME
+ _ZN7CSAList4NewLEi @ 57 NONAME
+ _ZN7CSAList9ConstructEi @ 58 NONAME
+ _ZN9CKeysDataC1EPS_ @ 59 NONAME
+ _ZN9CKeysDataC1Ev @ 60 NONAME
+ _ZN9CKeysDataC2EPS_ @ 61 NONAME
+ _ZN9CKeysDataC2Ev @ 62 NONAME
+ _ZTI11CPolicySpec @ 63 NONAME ; #<TI>#
+ _ZTI11CSAPairList @ 64 NONAME ; #<TI>#
+ _ZTI14CKeysDataArray @ 65 NONAME ; #<TI>#
+ _ZTI15CPolicySelector @ 66 NONAME ; #<TI>#
+ _ZTI15CSecurityPolicy @ 67 NONAME ; #<TI>#
+ _ZTI16CIpSecurityPiece @ 68 NONAME ; #<TI>#
+ _ZTI17CSecpolBundleItem @ 69 NONAME ; #<TI>#
+ _ZTV11CPolicySpec @ 70 NONAME ; #<VT>#
+ _ZTV11CSAPairList @ 71 NONAME ; #<VT>#
+ _ZTV14CKeysDataArray @ 72 NONAME ; #<VT>#
+ _ZTV15CPolicySelector @ 73 NONAME ; #<VT>#
+ _ZTV15CSecurityPolicy @ 74 NONAME ; #<VT>#
+ _ZTV16CIpSecurityPiece @ 75 NONAME ; #<VT>#
+ _ZTV17CSecpolBundleItem @ 76 NONAME ; #<VT>#
+ _ZN16CIpSecurityPiece16FQDNAddressListLEv @ 77 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,28 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+ipsecpolparser.mmp
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/group/ipsecpolparser.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec policy parser MMP file.
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+TARGET vpnipsecpolparser.dll
+TARGETTYPE dll
+
+UID 0x1000008d 0x10000999
+
+SOURCEPATH ../src
+
+SOURCE ipsecpolparser.cpp spdb.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY efsrv.lib insock.lib esock.lib
+LIBRARY flogger.lib
+
+
+VENDORID VID_DEFAULT
+CAPABILITY ProtServ NetworkControl NetworkServices
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/inc/ipsecpolparser.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,332 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec policy parser main module.
+* A parser for IPsec policies. Converts textual IPsec policies into
+* in-memory data structures and vice versa.
+*
+*/
+
+
+
+#ifndef __IPSECPOLPARSER_H
+#define __IPSECPOLPARSER_H
+
+//////////////////////////////////////////////////////////////////////////////
+// INCLUDE FILES
+//////////////////////////////////////////////////////////////////////////////
+
+#include <f32file.h>
+#include <in_sock.h>
+
+#include "spdb.h"
+
+//////////////////////////////////////////////////////////////////////////////
+// CONSTANTS
+//////////////////////////////////////////////////////////////////////////////
+
+#define FIRST_SEC_PARSER_VERSION 1
+#define SEC_PARSER_VERSION 3
+
+#define MAX_EALG_VALUE 255
+#define MAX_INFO_SIZE 1024
+#define PIECE_AVG_LENGTH 2048
+
+#define PFKEY_INI_OUTBOUND 8
+#define PFKEY_INI_INBOUND 4
+#define KErrKeyParser 50
+
+const TInt KPolicyBufferSizeIncrement = 6000;
+
+//////////////////////////////////////////////////////////////////////////////
+// ENUMERATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+typedef enum
+{
+ token_string,
+ token_equal,
+ token_comma,
+ token_brace_left,
+ token_brace_right,
+ token_par_left,
+ token_par_right,
+ token_error,
+ token_eof
+}
+token_type;
+
+//////////////////////////////////////////////////////////////////////////////
+// FORWARD DECLARATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+class CIpSecurityPiece;
+
+//////////////////////////////////////////////////////////////////////////////
+// CLASS DECLARATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+//////////////////////////////////////////////////////////////////////////////
+// class TPolicyParser
+// This parser is utilized by IPsec Policy Manager to convert a given policy
+// from string format into binary object format and vice versa.
+//////////////////////////////////////////////////////////////////////////////
+//
+class TPolicyParser : public TLex
+ {
+public:
+ IMPORT_C TPolicyParser(const TDesC& aPolicy);
+
+ IMPORT_C TInt ParseL(CIpSecurityPiece* aPieceData);
+
+ IMPORT_C static TInt Write(CSecurityPolicy* aSp,
+ HBufC8*& aPolBfr,
+ TBool aSortingOrder = EFalse);
+
+ IMPORT_C static TInt BufferAppend(HBufC8*& aPolBfr,
+ const TDesC8& aText);
+
+private:
+ static TInt WriteSAs(CSAList* aSAList,
+ HBufC8*& aPolBfr);
+
+ static void TextSA(CPolicySpec* aSA, TDes8& aBuf);
+
+ static TInt WriteSelectors(CSelectorList* aSelList,
+ HBufC8*& aPolBfr,
+ TBool aSortingOrder = EFalse);
+
+ static TInt WriteSelectorsInSortingOrder(CSelectorList* aSelList,
+ HBufC8*& aPolBfr,
+ TBool aSortingOrder = ETrue);
+
+ static void TextSel(CPolicySelector* aSel,
+ TDes8& aBuf,
+ TBool aSortingOrder = EFalse);
+
+ TInt parse_ip_addr_and_maskL(TInetAddr& addr,
+ TInetAddr& mask,
+ HBufC8*& aSelEpName,
+ HBufC8*& aMaskEpName,
+ CSecurityPolicy* aSecPol = NULL);
+
+ TInt parse_sa_spec_listL(TSecpolBundle& aBundle,
+ CSecurityPolicy* aSp, TInt& aFQDNCount);
+
+ TInt parse_sa_spec_paramsL(CPolicySpec& aSpec);
+
+ TInt parse_conn2saL(CSecurityPolicy* aSp);
+
+ TInt parse_sa_specL(CSecurityPolicy* aSp);
+
+ TInt parse_ep_specL(CSecurityPolicy* aSp);
+
+ TInt parse_ep_spec_paramsL(CPolicySpec& aSpec);
+
+ token_type NextToken();
+
+ void SkipSpaceAndMark();
+
+ void Error(TRefByValue <const TDesC> aFmt, ...);
+
+public:
+
+ int iLine;
+
+ TBuf<200> iMsg;
+
+ TPtrC iToken;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CKeysData
+// This object contains IPsec key information.
+//////////////////////////////////////////////////////////////////////////////
+//
+class CKeysData : public CBase
+ {
+public:
+ IMPORT_C CKeysData();
+ IMPORT_C CKeysData(CKeysData* aKey);
+
+public:
+ TUint8 sa_type;
+ TInt spi;
+ TUint8 encr_alg;
+ TUint8 auth_alg;
+ TInt direction;
+ TInt lifetime_bytes;
+ TInt lifetime_sec;
+ TInetAddr src_addr;
+ TInetAddr dst_addr;
+ TUint8 protocol;
+ TBuf8<256> auth_key;
+ TBuf8<256> encr_key;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CKeysDataArray
+// Container for storing IPsec keys.
+//////////////////////////////////////////////////////////////////////////////
+//
+class CKeysDataArray : public CArrayFixFlat<CKeysData *>
+ {
+public:
+ IMPORT_C static CKeysDataArray* NewL(TInt aGranularity);
+ IMPORT_C static CKeysDataArray* NewL(CKeysDataArray* aData);
+
+ IMPORT_C void Construct(TInt aGranularity);
+
+ IMPORT_C void ConstructL(CKeysDataArray* aData);
+
+ IMPORT_C ~CKeysDataArray();
+
+ IMPORT_C void CopyL(CKeysDataArray* aData);
+
+ IMPORT_C void Empty();
+
+private:
+
+ CKeysDataArray(TInt aGranularity);
+
+ CKeysDataArray(CKeysDataArray* aData);
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class TKeyParser
+// Parses IPsec key information from string format into binary format
+// and vice versa.
+//////////////////////////////////////////////////////////////////////////////
+//
+class TKeyParser : public TLex
+ {
+public:
+ IMPORT_C TKeyParser(const TDesC& aStr);
+
+ IMPORT_C TInt ParseL(CKeysDataArray* aKeys);
+
+ IMPORT_C static TInt Write(CKeysDataArray* aKeys, RFile& aFile);
+
+private:
+ static void TextPFKey(CKeysData* aKey, TDes8& aElem);
+
+ void NextToken();
+
+ TPtrC8 DeHex(const TDesC& aStr);
+
+ int SkipSpaceAndMark();
+
+ static TUint8 HexVal(TUint8 aChar);
+
+ TPtrC iToken;
+
+ // Non-zero, if next token is first in line
+ TInt iFirst;
+
+ TBuf8<256> iHex;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CIpSecurityPiece
+// Contains all IPsec policy information.
+//////////////////////////////////////////////////////////////////////////////
+//
+class CIpSecurityPiece : public CBase
+ {
+public:
+
+ // Factory methods for object creation
+ IMPORT_C void ConstructL(TInt aSize = 64);
+ IMPORT_C ~CIpSecurityPiece();
+
+ //
+ IMPORT_C void SetInfoL(const TDesC& aDes);
+
+ IMPORT_C CSecPolBundleList* FQDNAddressListL();
+
+
+ inline HBufC* Info() { return iInfo;}
+
+ inline CSecurityPolicy* Policies() { return iPolicies;}
+
+ inline void SetPolicies(CSecurityPolicy* aPolicy) {iPolicies = aPolicy;}
+
+ inline CKeysDataArray* Keys() { return iKeys;}
+
+ // Buffer for last error text
+ TBuf<200> iErrorInfo;
+
+private:
+
+ // Buffer for IPsec policy information text
+ HBufC* iInfo;
+
+ // IPsec Policy data
+ CSecurityPolicy* iPolicies;
+
+ // IPsec keys data
+ CKeysDataArray* iKeys;
+
+ // List of tunnel endpoint requiring DNS lookup
+ CSecPolBundleList* iPolicyList;
+
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class TIpSecParser
+// Parser for IPsec policies.
+//////////////////////////////////////////////////////////////////////////////
+//
+class TIpSecParser : public TLex
+ {
+public:
+ IMPORT_C TIpSecParser(const TDesC& aDes);
+
+ IMPORT_C TInt ParseL(CIpSecurityPiece* aPiece_data);
+
+ IMPORT_C static TInt Write(CIpSecurityPiece* aPiece_data,
+ HBufC8*& aPolBfr);
+
+ IMPORT_C TInt ParseAndIgnoreIKEL(CIpSecurityPiece* aPiece_data);
+
+private:
+ TBool CheckVersion();
+
+ void ParseInfoL(CIpSecurityPiece* aPiece_data);
+
+ TInt ParsePoliciesL(CIpSecurityPiece* aPieceData);
+
+ TInt ParseKeysL(CKeysDataArray* aKeys);
+
+ void NextTag();
+
+ TInt DoParseL(CIpSecurityPiece* aPiece_data, TBool aIncludeIKE);
+
+ static TInt WriteVersion(HBufC8*& aPolBfr);
+
+ static TInt WriteInfo(CIpSecurityPiece* aPiece_data,
+ HBufC8*& aPolBfr);
+
+ static TInt WritePolicies(CIpSecurityPiece* aPiece_data,
+ HBufC8*& aPolBfr);
+
+ static TInt WriteKeys(CIpSecurityPiece* aPiece_data,
+ RFile& aFile);
+
+private:
+
+ // IPsec policy version info
+ TInt iVersion;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/inc/sa_spec.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,152 @@
+/*
+* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security parser algorithm manager.
+*
+*/
+
+
+
+#ifndef __SA_SPEC_H
+#define __SA_SPEC_H
+
+#include <networking/pfkeyv2.h>
+
+//
+// This file collects minimal definitions that need to be exported
+// from the Security Associations Database into Security Policy
+// database
+//
+//
+// Mapping of low level types in pfkeyv2.h into more semantic names
+// (This is to avoid a need to look many places in case pfkeyv2 changes)
+//
+typedef uint32_t TLifetimeAllocations;
+typedef uint64_t TLifetimeBytes;
+typedef uint64_t TLifetimeSeconds;
+
+
+//
+// The default life time in seconds for larval SA's created by
+// GETSPI (may also be used as a default for iLarvalLifetime in
+// TSecurityAssocSpec).
+//
+const TInt KLifetime_LARVAL_DEFAULT = 30; // seonds!
+
+class TIdentity : public TPtr8
+ {
+ public:
+ TIdentity(): TPtr8(0,0) {}
+ };
+
+// TLifetime, a help structure
+
+class TLifetime
+ {
+ public:
+ TLifetime(const struct sadb_lifetime &aLifetime);
+ static void Freeze(TTime &aTime, const TTime &aNow);
+ TLifetime();
+ // For current, these will count items used so far. For Hard and
+ // Soft these will contain the limit values for the current
+ // counts.
+ // study: present unspecified limit with 0 or max value?
+ TLifetimeAllocations iAllocations; // Connections limit
+ TLifetimeBytes iBytes; // Transmitted bytes limit
+ //
+ // For Current, these will record the creation and first use times.
+ // For Hard and Soft, these will record the expiration times (e.g.
+ // simple comparison with the current time can be used to test for
+ // expiration, and for returning CURRENT values to application, use
+ // the SecondsFrom method with current.
+ //
+ TTime iAddtime; // Lifetime limit from creation
+ TTime iUsetime; // Lifetime limit from first use
+ };
+
+
+//
+// A template to be used while creating new security
+// associations (subclassed in Security Policy Database)
+//
+
+//
+// TSecurityAssocSpec
+//
+// Specify what is required from the SA that can be used
+// for the outbound packet. If no matching SA is found, an
+// acquire message is generated, and these values specify
+// the requested values for the SA.
+//
+// src, proxy
+// if no tunnel, proxy=INADDR_ANY, src=IP src
+// if tunnel, proxy=IP src, src=current host
+//
+class TSecurityAssocSpec
+ {
+ public:
+ //
+ // SA selection fields
+ //
+ TUint8 iType; // SA type (AH or ESP)
+ TUint8 iAalg; // Authentication algorithm id
+ TUint16 iAalgLen; // Authentication algorithm key length
+ TUint8 iEalg; // Encryption algorithm id
+ TUint16 iEalgLen; // Encryption algorithm Key length
+ TUint8 iReplayWindowLength; // Replay Window length (equal or greater)
+ TUint8 iPfs:1; // SA must have same value of PFS
+ TUint8 iMatchSrc:1; // SA must have a matching src
+ TUint8 iMatchProxy:1; // SA must have a matching proxy
+ TUint8 iMatchProtocol:1; // SA must have a matching protocol
+ TUint8 iMatchLocalPort:1; // SA must have a matching src port
+ TUint8 iMatchRemotePort:1; // SA must have a matching dst port
+ TUint8 iMatchLocal:1; //resulting SA is limited to the specific local adress defined by the packet
+ TUint8 iMatchRemote:1; //resulting SA is limited to the specific remote adress defined by the packet
+
+ //
+ // Identity reference
+ // (This is currently only used for ACQUIRE Message)
+ //
+
+ //!!!!!!!!!!!!!!!!!!!!!!!!!! Fields deleted!!!!
+
+ //struct sadb_ident iIdentity; // Preformatted for the PFKEY
+ //TIdentity iIdentityData; // NUL terminated Identity (NUL included
+ // in the length!)
+ //!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+ //
+ // iLarvalLifetime specifies the maximum time to wait in
+ // larval/egg state, when an ACQUIRE request originating
+ // from this template is sent to the key management.
+ //
+ TUint iLarvalLifetime; // Seconds (0 => use KLifetime_LARVAL_DEFAULT)
+ //
+ // These are only used in specifying the life time requirements
+ // for the acquire message and are thus preformatted to be used
+ // directly as a component of the TPfkeyMessage.
+
+ struct sadb_lifetime iHard; // Hard Lifetime requirement
+ struct sadb_lifetime iSoft; // Soft Lifetime requirement
+ };
+
+// endpoint name specification
+class TEpSpec
+ {
+ public:
+ TInetAddr iEpAddr;
+ TBool iIsOptional;
+ };
+
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/inc/spcrypto.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,117 @@
+/*
+* Copyright (c) 2002-2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Security parser crypto manager.
+*
+*/
+
+
+
+#ifndef __SPCRYPTO_H
+#define __SPCRYPTO_H
+
+#include <e32base.h>
+#include <es_prot.h>
+
+const TUint KProtocolCrypto = 0x104; // A dummy assignment for now (should have
+// central registry)
+const TUint KAfCrypto = 0x0803; // Dummy
+
+//
+// TAlgorithmDesc (and related types)
+//
+// A description of available algorithm
+//
+typedef TBuf8<0x20> TAlgorithmName;
+typedef enum
+ {
+ EAlgorithmClass_Digest, // Message Digest algorithm
+ EAlgorithmClass_Cipher, // Symmetric Cipher algorithm
+ //
+ // New types are possible by adding the symbol here
+ // and defining the corresponding abstract class
+ // (similar to COwnMessageDigest and CSymmetricCipher)
+ //
+ } TAlgorithmClass;
+
+class TAlgorithmDesc
+ {
+ public:
+ TAlgorithmName iName; // Descriptive name
+ TAlgorithmClass iAlgType;
+ TUint iMinBits; // Min Length of the key in bits (all keys total)
+ TUint iMaxBits; // Max Length of the key in bits (all keys total)
+ TUint iBlock; // Length of the block in bytes
+ TUint iVector; // Initialization Vector length (bytes)
+ };
+
+
+//
+// Each of the following includes virtual destructor
+// just in case there is a need for a cleanup code
+// when the object is deleted using a pointer to
+// the base virtual class
+
+//
+// COwnMessageDigest
+// Base Message Digest (abstract) class
+//
+class COwnMessageDigest : public CBase
+ {
+ public:
+ virtual void Init()=0;
+ virtual void Update(const TDesC8& aMessage)=0;
+ virtual void Final(TDes8& aDigest)=0;
+ virtual ~COwnMessageDigest() {}
+ };
+
+
+//
+// CSymmetricCipher
+// Base Symmetric Cipher (abstract) class
+//
+class CSymmetricCipher : public CBase
+ {
+ public:
+ enum TAction { EEncrypt, EDecrypt };
+ virtual void Setkey(const TDesC8& aKey)=0;
+ virtual void InitL(const TDesC8 &anIV, TAction aMode)=0;
+ //
+ // ALL OutBuf's given to Update must exist up to Finish
+ // call (or at least as long as at least blocksize octets
+ // have been given to Update after it).
+ //
+ virtual void Update(TDes8& anOutBuf,const TDesC8& anInBuf)=0;
+ //
+ // Calling Finish is optional, it is needed if the total
+ // bytes is not multiple of the blocksize, or if one wants
+ // to get the final IV.
+ virtual void Finish(TDes8& anIV)=0;
+ virtual ~CSymmetricCipher() {}
+ };
+
+//
+// CProtocolCrypto
+// The algorithm manager (abstract) class
+//
+class CProtocolCrypto : public CProtocolBase
+ {
+ public:
+ virtual TUint AlgorithmList(TAlgorithmDesc *&aList) = 0;
+ virtual CSymmetricCipher* SymmetricCipher(TUint anAlg)=0;
+ virtual COwnMessageDigest* MessageDigest(TUint anAlg)=0;
+ protected:
+ virtual ~CProtocolCrypto() {}
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/inc/spdb.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,394 @@
+/*
+* Copyright (c) 2002-2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file contains the class definitions for IPsec security policy.
+*
+*/
+
+
+
+#ifndef _SPDB_H
+#define _SPDB_H
+
+//////////////////////////////////////////////////////////////////////////////
+// INCLUDE FILES
+//////////////////////////////////////////////////////////////////////////////
+
+#include <in_sock.h>
+#include "sa_spec.h"
+
+//////////////////////////////////////////////////////////////////////////////
+// FORWARD DECLARATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+class CPolicySelector;
+class CSecpolBundleItem;
+
+//////////////////////////////////////////////////////////////////////////////
+// ENUMERATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+enum TPolicySpecType
+ {
+ EPolSpecSA,
+ EPolSpecEP
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// CONSTANTS
+//////////////////////////////////////////////////////////////////////////////
+
+const TUint KPolicySelector_INBOUND = 0x1;
+
+const TUint KPolicySelector_OUTBOUND = 0x2;
+
+const TUint KPolicySelector_SYMMETRIC =
+ (KPolicySelector_INBOUND | KPolicySelector_OUTBOUND);
+
+const TUint KPolicySelector_INTERFACE = 0x4;
+
+typedef class CArrayPtrFlat<CSecpolBundleItem> CSecPolBundleList;
+
+//////////////////////////////////////////////////////////////////////////////
+// CLASS DECLARATIONS
+//////////////////////////////////////////////////////////////////////////////
+
+//////////////////////////////////////////////////////////////////////////////
+// class CPolicySpec
+// Specify requirements for a single Security Association. The same
+// requirements can be shared by multiple policy bundles (policy actions).
+//////////////////////////////////////////////////////////////////////////////
+//
+class CPolicySpec : public CBase
+ {
+ friend class CSecurityPolicy;
+
+ public:
+ HBufC8 *iName;
+
+ // Actual storage of the Identity strings. If present, the
+ // TSecurityAssocSpec will only have constant reference to this !
+ HBufC8 *iRemoteIdentity;
+ HBufC8 *iLocalIdentity;
+
+ IMPORT_C static CPolicySpec* NewL();
+
+ IMPORT_C void Construct();
+
+ IMPORT_C static CPolicySpec* NewL(TDesC &aName,
+ TPolicySpecType iSpectype = EPolSpecSA);
+
+ IMPORT_C void ConstructL(TDesC &aName,
+ TPolicySpecType aSpectype = EPolSpecSA);
+
+ // Used to initialize with an existing CPolicySpec
+ IMPORT_C static CPolicySpec* NewL(CPolicySpec *aPolSpec);
+
+ IMPORT_C void ConstructL(CPolicySpec *aPolSpec);
+
+ IMPORT_C ~CPolicySpec();
+
+ TSecurityAssocSpec iSpec;
+
+ TEpSpec iEpSpec;
+
+ TPolicySpecType iSpectype;
+
+ private:
+ CPolicySpec();
+
+ TSglQueLink iNext;
+ };
+
+
+//////////////////////////////////////////////////////////////////////////////
+// class CSecpolBundleItem
+//////////////////////////////////////////////////////////////////////////////
+//
+class CSecpolBundleItem : public CBase
+ {
+ friend class CSecurityPolicy;
+ friend class CPolicySelector;
+
+ public:
+
+ ~CSecpolBundleItem();
+
+ // Security Association specification
+ CPolicySpec *iSpec;
+
+ // Tunnel IP address
+ TInetAddr iTunnel;
+
+ // Tunnel Endpoint name
+ HBufC8* iTunnelEpName;
+
+ HBufC* iTunnelEpFQDN;
+
+ TSglQueLink iNext;
+
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class TSecpolBundle
+//////////////////////////////////////////////////////////////////////////////
+//
+class TSecpolBundle : public TSglQue<CSecpolBundleItem>
+ {
+ public:
+ TSecpolBundle():
+
+ TSglQue<CSecpolBundleItem>(_FOFF(CSecpolBundleItem, iNext)) {};
+ };
+
+typedef class TSglQueIter<CSecpolBundleItem> TSecpolBundleIter;
+
+//////////////////////////////////////////////////////////////////////////////
+// class CSAList
+//////////////////////////////////////////////////////////////////////////////
+//
+class CSAList : public CArrayFixFlat<CPolicySpec *>
+ {
+ public:
+ IMPORT_C static CSAList* NewL(TInt aGranularity);
+
+ IMPORT_C void Construct(TInt aGranularity);
+
+ IMPORT_C static CSAList* NewL(CSAList *aSAList);
+
+ IMPORT_C void ConstructL(CSAList *aSAList);
+ private:
+
+ CSAList(TInt aGranularity);
+
+ CSAList(CSAList *aSAList);
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// struct TSAPairNode
+//////////////////////////////////////////////////////////////////////////////
+//
+struct TSAPairNode
+ {
+ CPolicySpec *iOldSA;
+ CPolicySpec *iNewSA;
+ TSAPairNode *iNext;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CSAPairList
+// Translation table used when copying a policy
+//////////////////////////////////////////////////////////////////////////////
+//
+class CSAPairList : public CBase
+ {
+ public:
+ ~CSAPairList();
+
+ void AddL(CPolicySpec *aOldSA, CPolicySpec *aNewSA);
+
+ CPolicySpec *Translate(CPolicySpec *aOldSA);
+ private:
+
+ TSAPairNode *iList;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CSelectorList
+//////////////////////////////////////////////////////////////////////////////
+//
+class CSelectorList : public CArrayFixFlat<CPolicySelector *>
+ {
+ public:
+ IMPORT_C static CSelectorList* NewL(TInt aGranularity);
+
+ IMPORT_C void Construct(TInt aGranularity);
+
+ IMPORT_C static CSelectorList* NewL(CSelectorList* CPolicySelector,
+ CSAPairList* aTable);
+
+ IMPORT_C void ConstructL(CSelectorList *CPolicySelector,
+ CSAPairList *aTable);
+
+ private:
+ CSelectorList(TInt aGranularity);
+
+ CSelectorList(CSelectorList *CPolicySelector, CSAPairList *aTable);
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CPolicySelector
+// Map the selectors from an IP packet/connection into a bundle
+//////////////////////////////////////////////////////////////////////////////
+//
+class CPolicySelector : public CBase
+ {
+ friend class CSecurityPolicy;
+ friend class TParser;
+ public:
+ IMPORT_C static CPolicySelector* NewL();
+ IMPORT_C void Construct();
+ IMPORT_C static CPolicySelector* NewL(CPolicySelector *aPS);
+ IMPORT_C void ConstructL(CPolicySelector *aPS);
+
+ IMPORT_C ~CPolicySelector();
+
+ TInt Match(const TInetAddr& aSrc,
+ const TInetAddr& aDst,
+ TInt aProtocol,
+ TInt aIcmpType,
+ TInt aIcmpCode,
+ TInt aType) const;
+
+ // Checks if this policy is using this SA
+ IMPORT_C TBool UseSA(CPolicySpec* aSA,
+ TInetAddr* tunnel = NULL);
+
+ // Return a Copy of the aIndex element of the SA bundle
+ CSecpolBundleItem* FindBundleL(TInt aIndex);
+
+ // Gets the list of FQDN names requiring DNS lookup
+ void GetFQDNAddressListL(CSecPolBundleList& aPolList);
+
+ private:
+ CPolicySelector();
+
+ public:
+
+ //
+ // If the addr is to match any address, the mask must all zeroes
+ // If the addr is to match as is, the mask must be all ones
+ // If the selector is to match a transport connection, the
+ // port numbers are stored as non-zero in iDst and iSrc,
+ // and iProtocol is non-zero.
+ //
+ TUint iDirection;
+ TInetAddr iRemote; // including port selector, if port non-zero
+ TInetAddr iRemoteMask; // only address part used, as a mask
+ TInetAddr iLocal; // including port selector, if port non-zero
+ TInetAddr iLocalMask; // only address part used, as a mask
+ HBufC8* iRemSelEpName; //rem endpoint name
+ HBufC8* iRemMaskEpName; //rem mask ep name
+ HBufC8* iLocSelEpName; //loc endpoint name
+ HBufC8* iLocMaskEpName; //loc mask endpoint name
+ TInt iProtocol; // used, if non-zero
+ TInt iIcmpType; // used, if != -1
+ TInt iIcmpCode; // used, if != -1
+ TInt iType; // used, if != -1
+ TBool iDropAction; // ETrue - drop action
+ TInt iSequenceNumber; // Selector's writing sequence
+ TUint32 iCompWord; // Selector's sorting properties, see
+ TBool iGlobalSelector; //flag specifying if this is a global selector
+ TBool iIsFinal;
+ TBool iIsMerge;
+ TSecpolBundle iBundle;
+ TSglQueLink iNext;
+ TBuf<20> iInterface; ///< Limited to specific interface, if non-NULL
+ TInt iFQDNCount;
+ };
+
+//////////////////////////////////////////////////////////////////////////////
+// class CSecurityPolicy
+// Map the selectors from an IP packet/connection into a bundle
+//////////////////////////////////////////////////////////////////////////////
+//
+class CSecurityPolicy : public CBase
+ {
+ friend class CProtocolSecpol;
+ public:
+ IMPORT_C CSecurityPolicy();
+ IMPORT_C void ConstructL(CSecurityPolicy *aSecPol);
+ IMPORT_C void ConstructL();
+ ~CSecurityPolicy();
+
+ IMPORT_C CPolicySpec *FindSpec(const TDesC8 &aName);
+
+ TSecpolBundle *FindBundle(TUint aDirection,
+ const TInetAddr &aSrc,
+ const TInetAddr &aDst,
+ TInt aProtocol,
+ TInt aIcmpType,
+ TInt aIcmpCode,
+ TInt aType);
+
+ TInt SearchForEPNameL(TDesC& aTokenString);
+
+ //
+ // The following methods are really intended to be used only
+ // by the Policy parser, not for generic consumption!
+ //
+ void GetFQDNAddressListL(CSecPolBundleList& aPolList);
+
+ void Add(CPolicySpec *aSpec)
+ {
+ iSpecs->AppendL(aSpec);
+ }
+
+ void Add(CPolicySelector *aSelector)
+ {
+ iSelectors->AppendL(aSelector);
+ }
+
+ inline CSAList *SAList()
+ {
+ return iSpecs;
+ }
+
+ inline void SetSAList(CSAList *aSAList)
+ {
+ delete iSpecs;
+ iSpecs = aSAList;
+ }
+
+ inline CSelectorList *SelectorList()
+ {
+ return iSelectors;
+ }
+
+ inline void SetSelectorList(CSelectorList *aSelList)
+ {
+ delete iSelectors;
+ iSelectors = aSelList;
+ }
+
+ inline void SetFQDNCount(const TInt& aCount)
+ {
+ iFQDNCount = aCount;
+ }
+
+ inline void IncFQDNCount(const TInt& aCount = 1)
+ {
+ iFQDNCount += aCount;
+ }
+
+ inline const TInt FQDNCount() const
+ {
+ return iFQDNCount;
+ }
+
+ private:
+
+ CSAPairList* CreateTranslationTableL(CSAList* aOldSAList,
+ CSAList* aNewSAList);
+
+ private:
+
+ CSAList* iSpecs;
+
+ CSelectorList* iSelectors;
+
+ TInt iFQDNCount;
+ };
+
+#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/rom/vpnipsecpolparser.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnipsecpolparser
+*
+*/
+
+
+
+#ifndef __VPNIPSECPOLPARSER_IBY__
+#define __VPNIPSECPOLPARSER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNIPSECPOLPARSER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpnipsecpolparser.dll SHARED_LIB_DIR\vpnipsecpolparser.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNIPSECPOLPARSER_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/src/ipsecpolparser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,2068 @@
+/*
+* Copyright (c) 2002-2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: IPSec policy parser main module.
+* A parser for IPsec policies. Converts textual IPsec policies into
+* in-memory data structures and vice versa.
+*
+*/
+
+
+
+#include <e32std.h>
+#include <coeutils.h>
+
+#include "ipsecpolparser.h"
+#include "logvpncommon.h"
+
+// Policies Parsing
+
+// Symbian change - start
+#ifdef __VC32__
+#pragma warning(disable : 4097) // typedef-name used as synonym for class-name
+#endif
+// Symbian change - end
+
+EXPORT_C
+TPolicyParser::TPolicyParser(const TDesC &aPolicy) : TLex(aPolicy)
+ {}
+
+EXPORT_C TInt
+TPolicyParser::ParseL(CIpSecurityPiece* aPieceData)
+ {
+ LOG_("TPolicyParser::ParseL()\n");
+ TInt err(KErrNone);
+ iLine = 1;
+
+ CSecurityPolicy* sp = aPieceData->Policies();
+ while (!err && NextToken() == token_string)
+ {
+ if (iToken.Compare(_L("sa")) == 0)
+ {
+ err = parse_sa_specL(sp);
+ }
+ else if (iToken.Compare(_L("ep")) == 0)
+ {
+ err = parse_ep_specL(sp);
+ }
+ else
+ {
+ err = parse_conn2saL(sp);
+ }
+ }
+
+ if (!err && !Eos())
+ {
+ // Parsing didn't detect error, but not all parsed!
+ err = KErrGeneral;
+ }
+
+ if (err)
+ {
+ if (iMsg.Length() > 0 && iMsg.Length() < 200)
+ {
+ aPieceData->iErrorInfo.Copy(iMsg);
+ }
+ }
+
+ return (err);
+ }
+
+EXPORT_C TInt
+TPolicyParser::BufferAppend(HBufC8*& aPolBfr, const TDesC8& aText)
+ {
+ LOG_("TPolicyParser::BufferAppend()\n");
+ TInt err(KErrNone);
+
+ // Make sure that we have enough space for the new text
+ TInt spaceLeft = aPolBfr->Des().MaxLength() - aPolBfr->Des().Length();
+ if (aText.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+ TInt newMaxLength = aPolBfr->Des().MaxLength()
+ + aText.Length()
+ + KPolicyBufferSizeIncrement;
+ HBufC8* tempBfr = aPolBfr->ReAlloc(newMaxLength);
+ if (tempBfr != NULL)
+ {
+ aPolBfr = tempBfr;
+ }
+ else
+ {
+ return KErrNoMemory;
+ }
+ }
+
+ aPolBfr->Des().Append(aText);
+ return err;
+ }
+
+EXPORT_C TInt
+TPolicyParser::Write(CSecurityPolicy *aSp,
+ HBufC8*& aPolBfr,
+ TBool aSortingOrder)
+ {
+ LOG_("TPolicyParser::Write()\n");
+ TInt err = WriteSAs(aSp->SAList(), aPolBfr);
+ if (err)
+ {
+ return err;
+ }
+
+ if (aSortingOrder)
+ {
+ err = WriteSelectorsInSortingOrder(aSp->SelectorList(),
+ aPolBfr,
+ aSortingOrder);
+ }
+ else
+ {
+ err = WriteSelectors(aSp->SelectorList(), aPolBfr, aSortingOrder);
+ }
+
+ return err;
+ }
+
+TInt
+TPolicyParser::WriteSAs(CSAList* aSAList, HBufC8*& aPolBfr)
+ {
+ LOG_("TPolicyParser::WriteSAs()\n");
+ TBuf8<1024> aux;
+ TInt err(KErrNone);
+ TInt count = aSAList->Count();
+ for (TInt i = 0; i < count ; i++)
+ {
+ TextSA(aSAList->At(i), aux);
+ err = BufferAppend(aPolBfr, aux);
+ if (err != KErrNone)
+ {
+ return err;
+ }
+ }
+ return KErrNone;
+ }
+
+void
+TPolicyParser::TextSA(CPolicySpec* aSA, TDes8& aBuf)
+ {
+ LOG_("TPolicyParser::TextSA()\n");
+ if (aSA->iSpectype == EPolSpecSA)
+ {
+ aBuf.Format(_L8("sa "));
+ // SA name
+ aBuf.Append(aSA->iName->Des());
+ aBuf.Append(_L8(" = {\n"));
+ switch (aSA->iSpec.iType)
+ {
+ case SADB_SATYPE_AH:
+ aBuf.Append(_L8(" ah\n"));
+ break;
+ case SADB_SATYPE_ESP:
+ aBuf.Append(_L8(" esp\n"));
+ break;
+ default: //SADB_SATYPE_UNSPEC
+ aBuf.Append(_L8(" ???")); //Shouldn't happen
+ }
+
+ // Encryption Algorithm
+
+
+
+ if (aSA->iSpec.iEalg != 0)
+ {
+ // Encryption Alg
+ aBuf.AppendFormat(_L8(" encrypt_alg %d\n"), aSA->iSpec.iEalg);
+ }
+
+ if (aSA->iSpec.iEalgLen != 0)
+ {
+ aBuf.AppendFormat(_L8(" max_encrypt_bits %d\n"), aSA->iSpec.iEalgLen);
+ }
+
+ // Authentication Algorithm
+ if (aSA->iSpec.iAalg != 0)
+ {
+ aBuf.AppendFormat(_L8(" auth_alg %d\n"), aSA->iSpec.iAalg);
+ }
+
+ if (aSA->iSpec.iAalgLen != 0)
+ {
+ aBuf.AppendFormat(_L8(" max_auth_bits %d\n"), aSA->iSpec.iAalgLen);
+ }
+
+ if (aSA->iSpec.iPfs != 0)
+ {
+ aBuf.Append(_L8(" pfs\n"));
+ }
+
+ if (aSA->iRemoteIdentity != NULL)
+ {
+ aBuf.Append(_L8(" identity_remote "));
+ aBuf.Append(aSA->iRemoteIdentity->Des());
+ aBuf.Append('\n');
+ }
+
+ if (aSA->iLocalIdentity != NULL)
+ {
+ aBuf.Append(_L8(" identity_local "));
+ aBuf.Append(aSA->iLocalIdentity->Des());
+ aBuf.Append('\n');
+ }
+
+ if (aSA->iSpec.iReplayWindowLength != 0)
+ {
+ aBuf.AppendFormat(_L8(" replay_win_len %d\n"),
+ aSA->iSpec.iReplayWindowLength);
+ }
+
+ if (aSA->iSpec.iMatchProtocol != 0)
+ {
+ aBuf.Append(_L8(" protocol_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchLocalPort != 0)
+ {
+ aBuf.Append(_L8(" local_port_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchRemotePort != 0)
+ {
+ aBuf.Append(_L8(" remote_port_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchProxy != 0)
+ {
+ aBuf.Append(_L8(" proxy_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchSrc != 0)
+ {
+ aBuf.Append(_L8(" src_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchLocal != 0)
+ {
+ aBuf.Append(_L8(" local_specific\n"));
+ }
+
+ if (aSA->iSpec.iMatchRemote != 0)
+ {
+ aBuf.Append(_L8(" remote_specific\n"));
+ }
+
+ if (aSA->iSpec.iHard.sadb_lifetime_allocations != 0)
+ {
+ aBuf.AppendFormat(_L8(" hard_lifetime_allocations %d\n"),
+ aSA->iSpec.iHard.sadb_lifetime_allocations);
+ }
+
+ if (aSA->iSpec.iHard.sadb_lifetime_bytes != 0)
+ {
+ aBuf.AppendFormat(_L8(" hard_lifetime_bytes %d\n"),
+ aSA->iSpec.iHard.sadb_lifetime_bytes);
+ }
+
+ if (aSA->iSpec.iHard.sadb_lifetime_addtime != 0)
+ {
+ aBuf.AppendFormat(_L8(" hard_lifetime_addtime %d\n"),
+ aSA->iSpec.iHard.sadb_lifetime_addtime);
+ }
+
+ if (aSA->iSpec.iHard.sadb_lifetime_usetime != 0)
+ {
+ aBuf.AppendFormat(_L8(" hard_lifetime_usetime %d\n"),
+ aSA->iSpec.iHard.sadb_lifetime_usetime);
+ }
+
+ if (aSA->iSpec.iSoft.sadb_lifetime_allocations != 0)
+ {
+ aBuf.AppendFormat(_L8(" soft_lifetime_allocations %d\n"),
+ aSA->iSpec.iSoft.sadb_lifetime_allocations);
+ }
+
+ if (aSA->iSpec.iSoft.sadb_lifetime_bytes != 0)
+ {
+ aBuf.AppendFormat(_L8(" soft_lifetime_bytes %d\n"),
+ aSA->iSpec.iSoft.sadb_lifetime_bytes);
+ }
+
+ if (aSA->iSpec.iSoft.sadb_lifetime_addtime != 0)
+ {
+ aBuf.AppendFormat(_L8(" soft_lifetime_addtime %d\n"),
+ aSA->iSpec.iSoft.sadb_lifetime_addtime);
+ }
+
+ if (aSA->iSpec.iSoft.sadb_lifetime_usetime != 0)
+ {
+ aBuf.AppendFormat(_L8(" soft_lifetime_usetime %d\n"),
+ aSA->iSpec.iSoft.sadb_lifetime_usetime);
+ }
+ aBuf.AppendFormat(_L8(" }\n\n"));
+ }
+ else
+ {
+ TBuf<39> addr;
+ aBuf.Format(_L8("ep "));
+
+ // EndPoint name
+ aBuf.Append(aSA->iName->Des());
+ aBuf.Append(_L8(" = {"));
+
+ if (aSA->iEpSpec.iIsOptional)
+ {
+ aBuf.Append(_L8(" ? "));
+ }
+ aSA->iEpSpec.iEpAddr.OutputWithScope(addr);
+ aBuf.Append(addr);
+ aBuf.Append(_L8(" }\n\n"));
+ }
+ }
+
+TInt
+TPolicyParser::WriteSelectors(CSelectorList* aSelList,
+ HBufC8*& aPolBfr,
+ TBool /* aSortingOrder */)
+ {
+ LOG_("TPolicyParser::WriteSelectors()\n");
+ TBuf8<1024> aux;
+ TInt err(KErrNone);
+ TInt count(aSelList->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ aux.Zero();
+ CPolicySelector* ps = aSelList->At(i);
+
+ // Bypass the selector, if sequence number is 0xFFFFFFFF.
+ // This sequence number indicates that the selector
+ // is of type 'bypass/drop_everything_else'
+ if (ps->iSequenceNumber == 0xFFFFFFFF)
+ {
+ continue;
+ }
+
+ // Convert selector to text format and print it into buffer
+ TextSel(ps, aux, EFalse);
+ err = BufferAppend(aPolBfr, aux);
+ if (err != KErrNone)
+ {
+ return err;
+ }
+ }
+
+ // All selectors have been written
+ err = BufferAppend(aPolBfr, (_L8("\n")));
+ return (err);
+ }
+
+///////////////////////////////////////////////////////////////////
+// This function writes the selectors to a file according
+// to the sequence numbers available in the CPolicySelector.
+///////////////////////////////////////////////////////////////////
+//
+TInt
+TPolicyParser::WriteSelectorsInSortingOrder(
+ CSelectorList* aSelList,
+ HBufC8*& aPolBfr,
+ TBool /* aSortingOrder */)
+ {
+ LOG_("TPolicyParser::WriteSelectorsInSortingOrder()\n");
+ TInt err(KErrNone);
+ TInt count(aSelList->Count());
+ TInt currentSequenceNumber(1);
+
+ // Loop here until all selectors have been written
+ TBool found = ETrue;
+ while (found)
+ {
+ found = EFalse;
+
+ // Loop through the selector list and search the
+ // the selector corresponding to the current sequence number
+ for (TInt i = 0; i < count; i++)
+ {
+ TBuf8<1024> aux;
+ aux.Zero();
+ CPolicySelector* ps = aSelList->At(i);
+
+ if (ps->iSequenceNumber == currentSequenceNumber)
+ {
+ // Build a selector output string
+ TextSel(ps, aux, ETrue);
+
+ // Write a string to the file
+ err = BufferAppend(aPolBfr, aux);
+ if (err != KErrNone)
+ {
+ return err;
+ }
+ // Prepare for the next selector
+ currentSequenceNumber++;
+ found = ETrue;
+ break;
+ }
+ }
+ }
+
+ // All selectors have been written
+ err = BufferAppend(aPolBfr, (_L8("\n")));
+ return (err);
+ }
+
+///////////////////////////////////////////////////////////////////
+// Prints the supplied selector into a given buffer in text format
+///////////////////////////////////////////////////////////////////
+//
+void
+TPolicyParser::TextSel(CPolicySelector* aSel,
+ TDes8& aBuf,
+ TBool aOrdered)
+ {
+ LOG_("TPolicyParser::TextSel()\n");
+ aBuf.Format(_L8(" "));
+
+ if (aSel->iIsFinal)
+ {
+ aBuf.Append(_L8(" final "));
+ }
+
+ if (aSel->iIsMerge)
+ {
+ aBuf.Append(_L8(" merge "));
+ }
+
+ // NOTE:
+ // This is a kludge to save the global selector definition
+ // when policy is loaded/parsed and then finally cached into
+ // a list in text format. When combined policy is build
+ // before sending it to IPSEC6.PRT component, the selector
+ // list is ordered so this definition is then not included
+ // in the policy text that is sent into the protocol component
+ if (aSel->iGlobalSelector && !aOrdered)
+ {
+ aBuf.Append(_L8(" scope:global "));
+ }
+
+ switch (aSel->iDirection)
+ {
+ default:
+ break;
+
+ case KPolicySelector_SYMMETRIC:
+ break;
+
+ case KPolicySelector_INBOUND:
+ aBuf.Append(_L8(" inbound "));
+ break;
+
+ case KPolicySelector_OUTBOUND:
+ aBuf.Append(_L8(" outbound "));
+ break;
+
+ case KPolicySelector_INTERFACE:
+ TBuf8<20> name;
+ name.Copy(aSel->iInterface);
+ aBuf.Append(_L8(" if "));
+ aBuf.Append(name);
+ aBuf.Append(_L8(" "));
+ break;
+ }
+
+ // Check if remote address exists and no interface name defined
+ if (aSel->iDirection != KPolicySelector_INTERFACE
+ && aSel->iRemote.Family() != KAFUnspec)
+ {
+ TBuf<39> addr;
+ TBuf<39> mask;
+
+ aSel->iRemote.OutputWithScope(addr);
+ aSel->iRemoteMask.OutputWithScope(mask);
+
+ // Add remote address/mask with scope into the buffer
+ aBuf.Append(_L8(" remote "));
+ aBuf.Append(addr);
+ aBuf.Append(_L8(" "));
+ aBuf.Append(mask);
+ }
+ else
+ {
+ if (aSel->iRemSelEpName != NULL)
+ {
+ // Remote Endpoint name exists so add it into the buffer
+ aBuf.Append(_L8(" remote "));
+ aBuf.Append(aSel->iRemSelEpName->Des());
+ }
+ if (aSel->iRemMaskEpName != NULL)
+ {
+ aBuf.Append(_L8(" "));
+ aBuf.Append(aSel->iRemMaskEpName->Des());
+ }
+ }
+
+ // Check if local address exists and no interface name defined
+ if (aSel->iDirection != KPolicySelector_INTERFACE
+ && aSel->iLocal.Family() != KAFUnspec)
+ {
+ TBuf<39> addr;
+ TBuf<39> mask;
+
+ aSel->iLocal.OutputWithScope(addr);
+ aSel->iLocalMask.OutputWithScope(mask);
+
+ // Add local address/mask with scope into the buffer
+ aBuf.Append(_L8(" local "));
+ aBuf.Append(addr);
+ aBuf.Append(_L8(" "));
+ aBuf.Append(mask);
+ }
+ else
+ {
+ if (aSel->iLocSelEpName != NULL)
+ {
+ // Local Endpoint name exists so add it into the buffer
+ aBuf.Append(_L8(" local "));
+ aBuf.Append(aSel->iLocSelEpName->Des());
+ }
+ if (aSel->iLocMaskEpName != NULL)
+ {
+ aBuf.Append(_L8(" "));
+ aBuf.Append(aSel->iLocMaskEpName->Des());
+ }
+ }
+
+ if (aSel->iProtocol != 0)
+ {
+ aBuf.AppendFormat(_L8(" protocol %d "), aSel->iProtocol);
+ }
+
+ if (aSel->iLocal.Port() != 0)
+ {
+ aBuf.AppendFormat(_L8(" local_port %d "), aSel->iLocal.Port());
+ }
+
+ if (aSel->iRemote.Port() != 0)
+ {
+ aBuf.AppendFormat(_L8(" remote_port %d "), aSel->iRemote.Port());
+ }
+
+ if (aSel->iIcmpType != -1)
+ {
+ aBuf.AppendFormat(_L8(" icmp_type %d "), aSel->iIcmpType);
+ }
+
+ if (aSel->iType != -1)
+ {
+ aBuf.AppendFormat(_L8(" type %d "), aSel->iType);
+ }
+
+ if (aSel->iIcmpCode != -1)
+ {
+ aBuf.AppendFormat(_L8(" icmp_code %d "), aSel->iIcmpCode);
+ }
+
+ if (aSel->iDropAction)
+ {
+ aBuf.Append(_L8(" = drop\n "));
+ return ;
+ }
+
+ aBuf.Append(_L8(" = { "));
+
+ TSecpolBundleIter iterl(aSel->iBundle);
+ CSecpolBundleItem* iteml(NULL);
+ while ((iteml = iterl++) != NULL)
+ {
+ if (iteml->iSpec != NULL)
+ aBuf.Append(*iteml->iSpec->iName);
+ else
+ aBuf.Append(_L8(" tunnel"));
+
+ aBuf.Append(_L8("("));
+
+ if (!iteml->iTunnel.IsUnspecified())
+ {
+ TBuf<39> addr;
+ iteml->iTunnel.OutputWithScope(addr);
+ aBuf.Append(addr);
+ }
+ else if (iteml->iTunnelEpName != NULL)
+ {
+ aBuf.Append(iteml->iTunnelEpName->Des());
+ }
+ aBuf.Append(_L8(") "));
+ }
+
+ aBuf.Append(_L8(" }\n"));
+ }
+
+void
+TPolicyParser::Error(TRefByValue<const TDesC> aFmt, ...)
+ {
+ VA_LIST list;
+ VA_START(list, aFmt);
+ iMsg.FormatList(aFmt, list);
+ iMsg += (_L(" at line "));
+ iMsg.AppendNum(iLine);
+ };
+
+//
+// Skip white space and mark, including comments!
+//
+void
+TPolicyParser::SkipSpaceAndMark()
+ {
+ TChar ch;
+ TInt comment = 0;
+
+ while (!Eos())
+ {
+ ch = Get();
+ if (ch == '\n')
+ {
+ iLine++;
+ comment = 0;
+ }
+ else if (comment || ch == '#')
+ comment = 1;
+ else if (!ch.IsSpace())
+ {
+ UnGet();
+ break;
+ }
+ }
+ Mark();
+ }
+
+//
+//
+token_type TPolicyParser::NextToken()
+ {
+ TChar ch;
+ token_type val;
+
+ SkipSpaceAndMark();
+ if (Eos())
+ {
+ val = token_eof;
+ }
+ else
+ {
+ ch = Get();
+ if (ch == '{')
+ val = token_brace_left;
+ else if (ch == '}')
+ val = token_brace_right;
+ else if (ch == '(')
+ val = token_par_left;
+ else if (ch == ')')
+ val = token_par_right;
+ else if (ch == '=')
+ val = token_equal;
+ else if (ch == ',')
+ val = token_comma;
+ else
+ {
+ val = token_string;
+ while (!Eos())
+ {
+ ch = Peek();
+ if (ch == '{' || ch == '}' ||
+ ch == '(' || ch == ')' ||
+ ch == '=' || ch == '#' || ch.IsSpace())
+ break;
+ Inc();
+ }
+ }
+ }
+ iToken.Set(MarkedToken());
+ SkipSpaceAndMark();
+ return (val);
+ }
+
+TInt
+TPolicyParser::parse_sa_spec_paramsL(CPolicySpec& aSpec)
+ {
+ LOG_("TPolicyParser::parse_sa_spec_paramsL()\n");
+ TInt sa_type_defined(0);
+ TInt err(KErrNone);
+ token_type val;
+
+ while ((val = NextToken()) == token_string)
+ {
+ if (iToken.Compare(_L("ah")) == 0)
+ {
+ sa_type_defined++;
+ aSpec.iSpec.iType = SADB_SATYPE_AH;
+ }
+ else if (iToken.Compare(_L("esp")) == 0)
+ {
+ sa_type_defined++;
+ aSpec.iSpec.iType = SADB_SATYPE_ESP;
+ }
+ else if (iToken.Compare(_L("encrypt_alg")) == 0)
+ {
+ err = Val(aSpec.iSpec.iEalg, EDecimal);
+ if ((err != KErrNone) || (aSpec.iSpec.iEalg > MAX_EALG_VALUE))
+ {
+ Error(_L("invalid encrypt alg %d"), (TUint)aSpec.iSpec.iEalg);
+ return (KErrGeneral);
+ }
+ }
+ else if (iToken.Compare(_L("max_encrypt_bits")) == 0)
+ {
+ err = Val(aSpec.iSpec.iEalgLen, EDecimal);
+ if (err != KErrNone)
+ {
+ Error(_L("invalid encrypt alg key length %d"),
+ aSpec.iSpec.iEalgLen);
+ return (KErrGeneral);
+ }
+ }
+ else if (iToken.Compare(_L("auth_alg")) == 0)
+ {
+ err = Val(aSpec.iSpec.iAalg, EDecimal);
+ if (err != KErrNone)
+ {
+ Error(_L("invalid auth alg %d"), aSpec.iSpec.iAalg);
+ return (KErrGeneral);
+ }
+ }
+ else if (iToken.Compare(_L("max_auth_bits")) == 0)
+ {
+ err = Val(aSpec.iSpec.iAalgLen, EDecimal);
+ if (err != KErrNone)
+ {
+ Error(_L("invalid auth alg length %d"), aSpec.iSpec.iAalgLen);
+ return (KErrGeneral);
+ }
+ }
+ else if ((iToken.Compare(_L("identity")) == 0) ||
+ (iToken.Compare(_L("identity_remote")) == 0))
+ {
+ if (aSpec.iRemoteIdentity)
+ {
+ Error(_L("duplicate remote identity"));
+ err = KErrGeneral;
+ }
+ else if ((val = NextToken()) == token_string)
+ {
+ aSpec.iRemoteIdentity = HBufC8::NewL(iToken.Length() + 1);
+ aSpec.iRemoteIdentity->Des().Copy(iToken);
+ }
+ else
+ {
+ Error(_L("invalid remote identity value"));
+ err = KErrGeneral;
+ }
+ }
+ else if (iToken.Compare(_L("identity_local")) == 0)
+ {
+ if (aSpec.iLocalIdentity)
+ {
+ Error(_L("duplicate local identity"));
+ err = KErrGeneral;
+ }
+ else if ((val = NextToken()) == token_string)
+ {
+ aSpec.iLocalIdentity = HBufC8::NewL(iToken.Length() + 1);
+ aSpec.iLocalIdentity->Des().Copy(iToken);
+ }
+ else
+ {
+ Error(_L("invalid local identity value"));
+ err = KErrGeneral;
+ }
+ }
+ else if (iToken.Compare(_L("pfs")) == 0)
+ {
+ aSpec.iSpec.iPfs = 1;
+ }
+ else if (iToken.Compare(_L("connid_specific")) == 0)
+ {
+ // For backward compatibility
+ aSpec.iSpec.iMatchProtocol = 1;
+ aSpec.iSpec.iMatchRemotePort = 1;
+ aSpec.iSpec.iMatchLocalPort = 1;
+ }
+ else if (iToken.Compare(_L("protocol_specific")) == 0)
+ {
+ aSpec.iSpec.iMatchProtocol = 1;
+ }
+ else if ((iToken.Compare(_L("src_port_specific")) == 0)
+ || (iToken.Compare(_L("local_port_specific")) == 0))
+ {
+ aSpec.iSpec.iMatchLocalPort = 1;
+ }
+ else if ((iToken.Compare(_L("dst_port_specific")) == 0)
+ || (iToken.Compare(_L("remote_port_specific")) == 0))
+ {
+ aSpec.iSpec.iMatchRemotePort = 1;
+ }
+ else if (iToken.Compare(_L("proxy_specific")) == 0)
+ {
+ aSpec.iSpec.iMatchProxy = 1;
+ }
+ else if (iToken.Compare(_L("src_specific")) == 0)
+ {
+ aSpec.iSpec.iMatchSrc = 1;
+ }
+ else if (iToken.Compare(_L("local_specific")) == 0)
+ {
+ aSpec.iSpec.iMatchLocal = 1;
+ }
+ else if (iToken.Compare(_L("remote_specific")) == 0)
+ {
+ aSpec.iSpec.iMatchRemote = 1;
+ }
+ else if (iToken.Compare(_L("replay_win_len")) == 0)
+ {
+ err = Val(aSpec.iSpec.iReplayWindowLength, EDecimal);
+ }
+ else if (iToken.Compare(_L("hard_lifetime_allocations")) == 0)
+ {
+ err = Val(aSpec.iSpec.iHard.sadb_lifetime_allocations, EDecimal);
+ }
+ else if (iToken.Compare(_L("hard_lifetime_bytes")) == 0)
+ {
+ err = Val(aSpec.iSpec.iHard.sadb_lifetime_bytes, EDecimal);
+ }
+ else if (iToken.Compare(_L("hard_lifetime_addtime")) == 0)
+ {
+ err = Val(aSpec.iSpec.iHard.sadb_lifetime_addtime, EDecimal);
+ }
+ else if (iToken.Compare(_L("hard_lifetime_usetime")) == 0)
+ {
+ err = Val(aSpec.iSpec.iHard.sadb_lifetime_usetime, EDecimal);
+ }
+ else if (iToken.Compare(_L("soft_lifetime_allocations")) == 0)
+ {
+ err = Val(aSpec.iSpec.iSoft.sadb_lifetime_allocations, EDecimal);
+ }
+ else if (iToken.Compare(_L("soft_lifetime_bytes")) == 0)
+ {
+ err = Val(aSpec.iSpec.iSoft.sadb_lifetime_bytes, EDecimal);
+ }
+ else if (iToken.Compare(_L("soft_lifetime_addtime")) == 0)
+ {
+ err = Val(aSpec.iSpec.iSoft.sadb_lifetime_addtime, EDecimal);
+ }
+ else if (iToken.Compare(_L("soft_lifetime_usetime")) == 0)
+ {
+ err = Val(aSpec.iSpec.iSoft.sadb_lifetime_usetime, EDecimal);
+ }
+ else
+ {
+ Error(_L("invalid keyword"));
+ return (KErrGeneral);
+ }
+ if (err != KErrNone)
+ {
+ Error(_L("invalid numeric value"));
+ return (err);
+ }
+ }
+
+ if (val != token_brace_right)
+ {
+ Error(_L("right brace not found"));
+ return (KErrGeneral);
+ }
+ else if (sa_type_defined < 1)
+ {
+ Error(_L("sa type not defined for sa"));
+ return (KErrGeneral);
+ }
+ else if (sa_type_defined > 1)
+ {
+ Error(_L("sa type defined times for sa"));
+ return (KErrGeneral);
+ }
+ else if ((aSpec.iSpec.iType == SADB_SATYPE_AH) && !aSpec.iSpec.iAalg)
+ {
+ Error(_L("auth alg not defined for sa"));
+ return (KErrGeneral);
+ }
+ else if ((aSpec.iSpec.iType == SADB_SATYPE_ESP) && !aSpec.iSpec.iEalg)
+ {
+ Error(_L("encrypt alg not defined for sa"));
+ return (KErrGeneral);
+ }
+ else if ((aSpec.iSpec.iType == SADB_SATYPE_UNSPEC) &&
+ (aSpec.iSpec.iEalg || aSpec.iSpec.iAalg))
+ {
+ Error(_L("null SA cannot have any algorithms"));
+ return (KErrGeneral);
+ }
+
+ return (KErrNone);
+ }
+
+TInt
+TPolicyParser::parse_sa_specL(CSecurityPolicy* aSp)
+ {
+ LOG_("TPolicyParser::parse_sa_specL()\n");
+ TInt err(KErrNone);
+ CPolicySpec* spec(NULL);
+
+ if (NextToken() != token_string)
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+ else
+ {
+ spec = CPolicySpec::NewL(iToken);
+ aSp->Add(spec);
+
+ if (NextToken() != token_equal || NextToken() != token_brace_left)
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+ else
+ {
+ err = parse_sa_spec_paramsL(*spec);
+ }
+ }
+
+ return (err);
+ }
+
+TInt
+TPolicyParser::parse_sa_spec_listL(TSecpolBundle& aBundle,
+ CSecurityPolicy* aSp, TInt& aFQDNCount)
+ {
+ LOG_("TPolicyParser::parse_sa_spec_listL()\n");
+ CSecpolBundleItem* item(NULL);
+ CPolicySpec* spec(NULL);
+ token_type val;
+ TInt err(KErrNone);
+
+ while ((val = NextToken()) == token_string)
+ {
+ // Find the SA transform specification from the given policy
+ HBufC8 * hbuf = HBufC8::NewL(iToken.Length());
+ hbuf->Des().Copy(iToken);
+ spec = aSp->FindSpec(hbuf->Des());
+ delete hbuf;
+ hbuf = NULL;
+
+ // A temporary(?) special kludge: if the keyword is 'tunnel'
+ // assume this is a plain tunnel specification, without any
+ // IPsec processing
+
+ // NOTE:
+ // This works only when the SA specification name is not 'tunnel
+ // ('tunnel' should be illegal name for SA specification to
+ // avoid confusion)
+ if (!spec && iToken.Compare(_L("tunnel")))
+ {
+ Error(_L("sa or plain tunnel not defined"));
+ err = KErrGeneral;
+ break;
+ }
+
+ // Allocate memory for new bundle item
+ item = new (ELeave) CSecpolBundleItem;
+ CleanupStack::PushL(item);
+
+ // Init bundle item by using the SA transform template found
+ item->iSpec = spec;
+
+ // Read next token
+ val = NextToken();
+
+ // Check that '(' found
+ if (val != token_par_left)
+ {
+ // Remove bundle item from the CleanupStack and set error code
+ CleanupStack::PopAndDestroy();
+ Error(_L("missing left parenthesis"));
+ err = KErrGeneral;
+ break;
+ }
+
+ // Read next token
+ val = NextToken();
+
+ // Check if tunnel specification is set
+ if (val == token_string)
+ {
+ // Tunnel entry found so determine if name or plain address
+ if (aSp->SearchForEPNameL(iToken) == KErrNone)
+ {
+ // Tunnel name is set so copy it
+ item->iTunnelEpName = HBufC8::NewL(iToken.Length());
+ item->iTunnelEpName->Des().Copy(iToken);
+ }
+ else
+ {
+ // Try to instantiate IP address -- if not possible,
+ // consider the entry to represent an FQDN address,
+ // which needs to be looked up via DNS later on.
+ LOG_1("Found tunnel address: '%S'\n", &iToken);
+ err = item->iTunnel.Input(iToken);
+ if (err)
+ {
+ LOG_("Tunnel address invalid IP, assuming FQDN\n");
+ item->iTunnelEpFQDN = iToken.AllocL();
+ err = KErrNone;
+ aFQDNCount++;
+ }
+ }
+
+ LOG_("Parser proceeding to next token...\n");
+ // Read next token
+ val = NextToken();
+ }
+
+ // Check that ')' terminates the definition correctly
+ if (val != token_par_right)
+ {
+ // Remove bundle item from the CleanupStack and set error code
+ LOG_("Error: Closing parenthesis missing in ipsec policy section\n");
+ CleanupStack::PopAndDestroy();
+ Error(_L("missing right parenthesis"));
+ err = KErrGeneral;
+ break;
+ }
+
+ LOG_("Adding bundle to the list\n");
+ // Remove bundle item from the CleanupStack and add it into the list
+ CleanupStack::Pop();
+ aBundle.AddLast(*item);
+ }
+
+ // Check that terminating '}' is found
+ if (!err && val != token_brace_right)
+ {
+ LOG_("Error, missing right brace\n");
+ Error(_L("missing right brace"));
+ err = KErrGeneral;
+ }
+
+ LOG_1("Exiting, with error code %d\n", err);
+
+ return (err);
+ }
+
+TInt
+TPolicyParser::parse_ip_addr_and_maskL(
+ TInetAddr& addr,
+ TInetAddr& mask,
+ HBufC8*& aSelEpName,
+ HBufC8*& aMaskEpName,
+ CSecurityPolicy* aSecPol)
+ {
+ LOG_("TPolicyParser::parse_ip_addr_and_maskL()\n");
+ TInt err(KErrNone);
+ if (NextToken() != token_string)
+ {
+ Error(_L("ip address not found"));
+ return (KErrGeneral);
+ }
+
+ if (aSecPol->SearchForEPNameL(iToken) == KErrNone)
+ {
+ aSelEpName = HBufC8::NewL(iToken.Length());
+ aSelEpName->Des().Copy(iToken);
+ }
+ else
+ {
+ err = addr.Input(iToken);
+ if (err != 0)
+ {
+ Error(_L("invalid ip address "));
+ return (err);
+ }
+ }
+
+ if (NextToken() != token_string)
+ {
+ Error(_L("address mask not found"));
+ return (KErrGeneral);
+ }
+
+ if (aSecPol->SearchForEPNameL(iToken) == KErrNone)
+ {
+ aMaskEpName = HBufC8::NewL(iToken.Length());
+ aMaskEpName->Des().Copy(iToken);
+ }
+ else
+ {
+ err = mask.Input(iToken);
+ if (err != 0)
+ {
+ Error(_L("invalid address mask "));
+ return (err);
+ }
+ }
+
+ return (KErrNone);
+ }
+
+////////////////////////////////////////////////////////////
+// Parse the endpoint name entry
+////////////////////////////////////////////////////////////
+//
+TInt
+TPolicyParser::parse_ep_specL(CSecurityPolicy* aSp)
+ {
+ LOG_("TPolicyParser::parse_ep_specL()\n");
+ TInt err(KErrNone);
+ CPolicySpec* spec(NULL);
+
+ if (NextToken() != token_string)
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+ else
+ {
+ spec = CPolicySpec::NewL(iToken, EPolSpecEP);
+ aSp->Add(spec);
+
+ if (NextToken() != token_equal || NextToken() != token_brace_left)
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+ else
+ {
+ err = parse_ep_spec_paramsL(*spec);
+ }
+ }
+
+ return (err);
+ }
+
+////////////////////////////////////////////////////////////
+// Parse the endpoint name parameters
+////////////////////////////////////////////////////////////
+TInt
+TPolicyParser::parse_ep_spec_paramsL(CPolicySpec &aSpec)
+ {
+ LOG_("TPolicyParser::parse_ep_spec_paramsL()\n");
+ TInt err(KErrNone);
+ token_type val;
+
+ while ((val = NextToken()) == token_string)
+ {
+ if (iToken.Compare(_L("?")) == 0)
+ {
+ aSpec.iEpSpec.iIsOptional = ETrue;
+ }
+ else
+ {
+ err = aSpec.iEpSpec.iEpAddr.Input(iToken);
+ if (err != 0)
+ {
+ Error(_L("invalid ip address "));
+ return (err);
+ }
+ }
+ }
+
+ if (val != token_brace_right)
+ {
+ Error(_L("right brace not found"));
+ err = KErrGeneral;
+ }
+
+ return (err);
+ }
+
+TInt
+TPolicyParser::parse_conn2saL(CSecurityPolicy* aSp)
+ {
+ LOG_("TPolicyParser::parse_conn2saL()\n");
+ CPolicySelector* csa(NULL);
+ TInt err(KErrNone);
+ token_type val;
+ TUint port(0);
+
+ TInt fqdnCount(0);
+ csa = CPolicySelector::NewL();
+ aSp->Add(csa);
+
+ do
+ {
+ if ((iToken.Compare(_L("dst")) == 0)
+ || (iToken.Compare(_L("remote")) == 0))
+ {
+ err = parse_ip_addr_and_maskL(csa->iRemote,
+ csa->iRemoteMask,
+ csa->iRemSelEpName,
+ csa->iRemMaskEpName,
+ aSp);
+ }
+ else if ((iToken.Compare(_L("src")) == 0)
+ || (iToken.Compare(_L("local")) == 0))
+ {
+ err = parse_ip_addr_and_maskL(csa->iLocal,
+ csa->iLocalMask,
+ csa->iLocSelEpName,
+ csa->iLocMaskEpName,
+ aSp);
+ }
+ else if (iToken.Compare(_L("outbound")) == 0)
+ {
+ if (csa->iDirection != KPolicySelector_SYMMETRIC)
+ {
+ Error(_L("Only one inbound or outbound allowed"));
+ return (KErrGeneral);
+ }
+ csa->iDirection = KPolicySelector_OUTBOUND;
+ }
+ else if (iToken.Compare(_L("inbound")) == 0)
+ {
+ if (csa->iDirection != KPolicySelector_SYMMETRIC)
+ {
+ Error(_L("Only one inbound or outbound allowed"));
+ return (KErrGeneral);
+ }
+ csa->iDirection = KPolicySelector_INBOUND;
+ }
+ else if (iToken.Compare(_L("user_id")) == 0)
+ {
+ ; // Needs to be examined, TIdentity? -- msa
+ }
+ else if (iToken.Compare(_L("protocol")) == 0)
+ {
+ err = Val(csa->iProtocol);
+ }
+ else if ((iToken.Compare(_L("src_port")) == 0) ||
+ (iToken.Compare(_L("local_port")) == 0))
+ {
+ err = Val(port);
+ csa->iLocal.SetPort(port);
+ }
+ else if ((iToken.Compare(_L("dst_port")) == 0) ||
+ (iToken.Compare(_L("remote_port")) == 0))
+ {
+ err = Val(port);
+ csa->iRemote.SetPort(port);
+ }
+ else if (iToken.Compare(_L("icmp_type")) == 0)
+ {
+ err = Val(csa->iIcmpType);
+ }
+ else if (iToken.Compare(_L("type")) == 0)
+ {
+ err = Val(csa->iType);
+ }
+ else if (iToken.Compare(_L("icmp_code")) == 0)
+ {
+ err = Val(csa->iIcmpCode);
+ }
+ else if (iToken.Compare(_L("if")) == 0)
+ {
+ if (NextToken() != token_string)
+ {
+ Error(_L("Invalid interface specifier"));
+ err = KErrGeneral;
+ }
+ csa->iInterface.Append(iToken);
+ csa->iDirection = KPolicySelector_INTERFACE;
+ }
+ else if (iToken.Compare(_L("scope:global")) == 0)
+ {
+ csa->iGlobalSelector = ETrue;
+ }
+ else if (iToken.Compare(_L("final")) == 0 )
+ {
+ csa->iIsFinal = ETrue;
+ }
+ else if (iToken.Compare(_L("merge")) == 0 )
+ {
+ csa->iIsMerge = ETrue;
+ }
+ else
+ {
+ Error(_L("invalid keyword "));
+ return (KErrGeneral);
+ }
+
+ if (err != KErrNone)
+ {
+ // iMsg already contains an error text
+ if (iMsg.Length() != 0)
+ {
+ return err;
+ }
+ Error(_L("Error = %d"), err);
+ return err;
+ }
+ }
+ while ((val = NextToken()) == token_string);
+
+ if (val != token_equal )
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+ else if (NextToken() == token_brace_left)
+ {
+ err = parse_sa_spec_listL(csa->iBundle, aSp, fqdnCount);
+ }
+ else if (iToken.Compare(_L("drop")) == 0)
+ {
+ csa->iDropAction = ETrue;
+ }
+ else
+ {
+ Error(_L("Syntax error"));
+ err = KErrGeneral;
+ }
+
+ LOG_1("SA FQDN Count: %d\n", fqdnCount);
+ aSp->IncFQDNCount(fqdnCount);
+ return (err);
+ }
+
+//
+// Keys Parsing
+//
+EXPORT_C CKeysData::CKeysData()
+ {}
+
+EXPORT_C CKeysData::CKeysData(CKeysData* aKey)
+ {
+ sa_type = aKey->sa_type;
+ spi = aKey->spi;
+ encr_alg = aKey->encr_alg;
+ auth_alg = aKey->auth_alg;
+ direction = aKey->direction;
+ lifetime_bytes = aKey->lifetime_bytes;
+ lifetime_sec = aKey->lifetime_sec;
+ src_addr = aKey->src_addr; // Include port
+ dst_addr = aKey->dst_addr; // Include port
+ protocol = aKey->protocol;
+ auth_key = aKey->auth_key;
+ encr_key = aKey->encr_key;
+ }
+
+//
+// CKeysDataArray
+//
+CKeysDataArray::CKeysDataArray(TInt aGranularity) :
+ CArrayFixFlat<class CKeysData *>(aGranularity)
+ {}
+
+EXPORT_C CKeysDataArray* CKeysDataArray::NewL(TInt aGranularity)
+ {
+ CKeysDataArray* self = new (ELeave) CKeysDataArray(aGranularity);
+ self->Construct(aGranularity);
+ return self;
+ }
+
+EXPORT_C void CKeysDataArray::Construct(TInt /* aGranularity */)
+ {}
+
+CKeysDataArray::CKeysDataArray(CKeysDataArray* aData) :
+ CArrayFixFlat<class CKeysData *>(aData->Count())
+ {}
+
+EXPORT_C CKeysDataArray* CKeysDataArray::NewL(CKeysDataArray* aData)
+ {
+ CKeysDataArray* self = new (ELeave) CKeysDataArray(aData);
+ CleanupStack::PushL(self);
+ self->ConstructL(aData);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void CKeysDataArray::ConstructL(CKeysDataArray* aData)
+ {
+ CopyL(aData);
+ }
+
+EXPORT_C CKeysDataArray::~CKeysDataArray()
+ {
+ Empty();
+ }
+
+// Construct this from the data in aData
+EXPORT_C void CKeysDataArray::CopyL(CKeysDataArray* aData)
+ {
+ CKeysData* key_data(NULL);
+ for (TInt i = 0; i < aData->Count(); i++)
+ {
+ key_data = new (ELeave) CKeysData(aData->At(i));
+ CleanupStack::PushL(key_data);
+ AppendL(key_data);
+ CleanupStack::Pop();
+ }
+ }
+
+EXPORT_C void
+CKeysDataArray::Empty()
+ {
+ for (TInt i = 0; i < Count(); i++)
+ {
+ delete At(i);
+ }
+
+ Reset();
+ }
+
+//
+// TKeyParser
+//
+EXPORT_C
+TKeyParser::TKeyParser(const TDesC &aStr) : TLex(aStr)
+ {
+ iFirst = 1;
+ }
+
+EXPORT_C TInt
+TKeyParser::ParseL(CKeysDataArray *aKeys)
+ {
+ LOG_("TKeyParser::ParseL()\n");
+ TInt err(KErrNone);
+
+ while (!err)
+ {
+ // Skip until first token in line
+ while (iFirst == 0)
+ NextToken();
+
+ if (iFirst < 0)
+ break;
+
+ NextToken();
+ if ((iToken.Compare(_L("pfkey_add")) == 0))
+ {
+ TInt val(0);
+ CKeysData* keyData(NULL);
+ for (int i = 0; !err && iFirst == 0; ++i)
+ {
+ switch (i)
+ {
+ // sa type: 1=AH, 2=ESP
+ case 0:
+ keyData = new (ELeave) CKeysData;
+ err = Val(val);
+ if (val == 1)
+ keyData->sa_type = SADB_SATYPE_AH;
+ else if (val == 2)
+ keyData->sa_type = SADB_SATYPE_ESP;
+ else
+ err = KErrGeneral;
+ break;
+
+ // spi: 1..MAX_UINT32
+ case 1:
+ err = Val(keyData->spi);
+ break;
+
+ // Pass encryption alg numbers as is
+ case 2:
+ err = Val(keyData->encr_alg, EDecimal);
+ break;
+
+ // Pass authentication alg numbers as is
+ case 3:
+ err = Val(keyData->auth_alg, EDecimal);
+ break;
+
+ // direction: 4 = inbound, 8 = outbound
+ case 4:
+ err = Val(keyData->direction);
+ // Not used, direction is implicit by the src/dst pair
+ if (keyData->direction & ~(PFKEY_INI_INBOUND
+ | PFKEY_INI_OUTBOUND))
+ err = KErrGeneral;
+ break;
+
+ // lifetime as bytes: 0 = not used,
+ // 1..MAX_UINT32=max sa lifetime
+ case 5:
+ err = Val(keyData->lifetime_bytes);
+ break;
+
+ // lifetime as seconds: 0 = not used,
+ // 1..MAX_UINT32=max sa lifetime
+ case 6:
+ err = Val(keyData->lifetime_sec);
+ break;
+
+ // src ip addr: in a.b.c.d format
+ case 7:
+ NextToken();
+ err = keyData->src_addr.Input(iToken);
+ break;
+
+ // dst ip addr: in a.b.c.d format
+ case 8:
+ NextToken();
+ err = keyData->dst_addr.Input(iToken);
+ break;
+
+ // protocol: 0 = sa NOT protocol specific,
+ // 1 = ICMP, 4 = IPIP, 6 = TCP, 17 = UDP
+ case 9:
+ err = Val(val);
+ keyData->protocol = (TUint8)val;
+ break;
+
+ // local port: 0 = sa NOT src port specific,
+ // 1..MAX_UINT16 = src port for which sa
+ // dedicated
+ case 10:
+ err = Val(val);
+ keyData->src_addr.SetPort(val);
+ break;
+
+ // remote port: 0 = sa NOT dst port specific,
+ // 1..MAX_UINT16 = dst port for which
+ // sa dedicated
+ case 11:
+ err = Val(val);
+ keyData->dst_addr.SetPort(val);
+ break;
+
+ // authentication key: as hex string WITHOUT leading 0x,
+ // two hex digits for every 8 bits of key,
+ // HMAC-MD5: 128 bit = 16 byte key,
+ // HMAC-SHA1: 160 bit = 20 byte key
+ case 12:
+ NextToken();
+ if (iToken != _L("0"))
+ {
+ // 0 is No key assigned
+ keyData->auth_key.Copy(iToken);
+ }
+ break;
+
+ // encryption key: as hex string WITHOUT leading 0x,
+ // two hex digits for every 8 bits of key,
+ // DES-CBC: 64 bit = 8 byte key,
+ // DES-EDE3-CBC: 192 bit = 24 byte key
+ case 13:
+ NextToken();
+ if (iToken != _L("0")) //0 is No key assigned
+ keyData->encr_key.Copy(iToken);
+ break;
+
+ default:
+ NextToken();
+ err = KErrKeyParser;
+ break;
+ } // switch
+ SkipSpaceAndMark();
+ } // for
+
+ if (err == KErrNone && keyData)
+ {
+ CleanupStack::PushL(keyData);
+ aKeys->AppendL(keyData);
+ CleanupStack::Pop();
+ }
+ else
+ {
+ delete keyData;
+ keyData = NULL;
+ }
+ } // if
+ } // while
+
+ return (err);
+ }
+
+EXPORT_C TInt
+TKeyParser::Write(CKeysDataArray *aKeys, RFile &aFile)
+ {
+ LOG_("TKeyParser::Write()\n");
+ TBuf8<500> text;
+ TInt err(KErrNone);
+ TInt count = aKeys->Count();
+ for (TInt i = 0; i < count ; i++)
+ {
+ TextPFKey(aKeys->At(i), text);
+ err = aFile.Write(text);
+ if (err != KErrNone)
+ break;
+ }
+ return (err);
+ }
+
+void
+TKeyParser::TextPFKey(CKeysData *aKey, TDes8 &aElem)
+ {
+ TBuf<39> addr;
+ TBuf8<39> addr8;
+
+ aElem.Format(_L8("pfkey_add "));
+
+ if (aKey->sa_type == SADB_SATYPE_AH)
+ aElem.AppendFormat(_L8("%d "), 1);
+ else
+ aElem.AppendFormat(_L8("%d "), 2);
+
+ aElem.AppendFormat(_L8("%d "), aKey->spi);
+
+ // Algorithms
+ aElem.AppendFormat(_L8("%d "), aKey->encr_alg);
+ aElem.AppendFormat(_L8("%d "), aKey->auth_alg);
+
+
+ aElem.AppendFormat(_L8("%d "), aKey->direction);
+
+ aElem.AppendFormat(_L8("%d "), aKey->lifetime_bytes);
+ aElem.AppendFormat(_L8("%d "), aKey->lifetime_sec);
+
+ // Addresses
+ aKey->src_addr.OutputWithScope(addr);
+
+ addr8.Copy(addr);
+ aElem.AppendFormat(addr8);
+ aElem.AppendFormat(_L8(" "));
+ aKey->dst_addr.OutputWithScope(addr);
+
+ addr8.Copy(addr);
+ aElem.AppendFormat(addr8);
+ aElem.AppendFormat(_L8(" "));
+ aElem.AppendFormat(_L8("%d "), aKey->protocol);
+
+ // Ports
+ aElem.AppendFormat(_L8("%d "), aKey->src_addr.Port());
+ aElem.AppendFormat(_L8("%d "), aKey->dst_addr.Port());
+
+ // Keys
+ if (aKey->auth_key.Length() != 0)
+ aElem.Append(aKey->auth_key);
+ else
+ aElem.Append(_L8("0"));
+
+ aElem.Append(_L8(" "));
+
+ if (aKey->encr_key.Length() != 0)
+ aElem.Append(aKey->encr_key);
+ else
+ aElem.Append(_L8("0"));
+
+ aElem.Append(_L8("\n"));
+ }
+
+//
+// Skip white space and mark, including comments!
+//
+TInt
+TKeyParser::SkipSpaceAndMark()
+ {
+ TChar ch;
+ TInt comment = 0;
+ TInt newline = 0;
+
+ while (!Eos())
+ {
+ ch = Get();
+ if (ch == '\n')
+ {
+ comment = 0;
+ newline = 1;
+ }
+ else if (comment || ch == '#')
+ comment = 1;
+ else if (!ch.IsSpace())
+ {
+ UnGet();
+ break;
+ }
+ }
+ Mark();
+ return newline;
+ }
+
+//
+// Extract Next token and return
+//
+void
+TKeyParser::NextToken()
+ {
+ if (SkipSpaceAndMark())
+ iFirst = 1; // New line!
+
+ if (Eos())
+ {
+ iFirst = -1;
+ return ;
+ }
+
+ while (!Eos())
+ {
+ TChar ch = Peek();
+ if (ch == '#' || ch.IsSpace())
+ break;
+ Inc();
+ }
+ iToken.Set(MarkedToken());
+ iFirst = SkipSpaceAndMark();
+ }
+
+TUint8
+TKeyParser::HexVal(TUint8 c)
+ {
+ if (c >= 'a' && c <= 'f')
+ return (TUint8)(c - 'a' + 10);
+ else if (c >= 'A' && c <= 'F')
+ return (TUint8)(c - 'A');
+ else if (c >= '0' && c <= '9')
+ return (TUint8)(c - '0');
+ else
+ return 0;
+ }
+
+TPtrC8
+TKeyParser::DeHex(const TDesC &aStr)
+ {
+ const TUint8* s = (TUint8 *)aStr.Ptr();
+ TUint8* d = (TUint8 *)iHex.Ptr();
+ TInt i = aStr.Length();
+ TUint8 d1 = 0;
+ TUint8 d2 = 0;
+
+ while (i > 0)
+ {
+ d1 = TKeyParser::HexVal(*s++);
+ d2 = i > 1 ? TKeyParser::HexVal(*s++) : (TUint8)0;
+ i -= 2;
+ *d++ = (TUint8)(d1 * 16 + d2);
+ }
+
+ iHex.SetLength(d - iHex.Ptr());
+ return iHex;
+ }
+
+//
+// Parses an security configuration file
+//
+EXPORT_C
+TIpSecParser::TIpSecParser(const TDesC &aDes) : TLex(aDes)
+ {
+ LOG_("VPN ipsec policy parser instantiated\n");
+ }
+
+EXPORT_C TInt
+TIpSecParser::ParseL(CIpSecurityPiece *aPiece_data)
+ {
+ LOG_("TIpSecParser::ParseL()\n");
+ return DoParseL(aPiece_data, ETrue);
+ }
+
+EXPORT_C TInt
+TIpSecParser::ParseAndIgnoreIKEL(CIpSecurityPiece *aPiece_data)
+ {
+ LOG_("TIpSecParser::ParseAndIgnoreIKEL()\n");
+ return DoParseL(aPiece_data, EFalse);
+ }
+
+TInt
+TIpSecParser::DoParseL(CIpSecurityPiece *aPiece_data,
+ TBool /* aIncludeIKE */)
+ {
+ LOG_("TIpSecParser::DoParseL()\n");
+ TPtrC token(NULL, 0);
+ TInt ret(0);
+
+ if (!CheckVersion())
+ return KErrNotSupported; // Invalid file or version
+
+ while (!Eos())
+ {
+ token.Set(NextToken());
+ if (token.Compare(_L("[INFO]")) == 0)
+ {
+ ParseInfoL(aPiece_data);
+ }
+ else if (token.Compare(_L("[POLICY]")) == 0)
+ {
+ ret = ParsePoliciesL(aPiece_data);
+ if (ret != KErrNone)
+ return ret;
+ }
+ else if (token.Compare(_L("[KEYS]")) == 0)
+ {
+ ret = ParseKeysL(aPiece_data->Keys());
+ if (ret != KErrNone)
+ return ret;
+ }
+ else
+ {
+ // Unknown Tag Ignored
+ NextTag();
+ }
+ }
+
+ return (KErrNone);
+ }
+
+TBool
+TIpSecParser::CheckVersion()
+ {
+ TPtrC token(NULL, 0);
+ TLex version_num;
+
+ token.Set(NextToken());
+ if (token.Compare(_L("SECURITY_FILE_VERSION:")) == 0)
+ {
+ version_num = NextToken();
+ if (version_num.Val(iVersion) != KErrNone)
+ return EFalse;
+ if ((iVersion < FIRST_SEC_PARSER_VERSION) ||
+ (iVersion > SEC_PARSER_VERSION))
+ return EFalse;
+ }
+ else
+ return EFalse;
+
+ return ETrue;
+
+ }
+
+void
+TIpSecParser::ParseInfoL(CIpSecurityPiece *aPiece_data)
+ {
+ HBufC *buf = HBufC::NewL(MAX_INFO_SIZE);
+ TPtr ptr = buf->Des();
+ TChar ch = Get();
+ TInt i(0);
+
+ CleanupStack::PushL(buf);
+
+ ch = Get();
+ while (((ch == ' ') || (ch == '\n')) && (!Eos()))
+ {
+ ch = Get();
+ }
+
+ while ((ch != '[') && (!Eos()) && i < MAX_INFO_SIZE)
+ {
+ ptr.Append(ch);
+ i++;
+ ch = Get();
+ }
+
+ if (i == MAX_INFO_SIZE) //The rest is ignored
+ {
+ ch = Get();
+ while ( (ch != '[') && (!Eos()) )
+ ch = Get();
+ }
+
+ if (ch == '[')
+ {
+ UnGet(); // the '['
+ if (ptr.Length() > 0) //If empty no \n
+ ptr.SetLength(ptr.Length() - 1); //eliminates the \n at the end
+ }
+
+ aPiece_data->SetInfoL(ptr);
+ CleanupStack::PopAndDestroy();
+ }
+
+TInt
+TIpSecParser::ParsePoliciesL(CIpSecurityPiece *aPieceData)
+ {
+ LOG_("TIpSecParser::ParsePoliciesL()\n");
+ TInt err;
+ TInt pos = Remainder().Find(_L("SECURITY_FILE_VERSION:"));
+ if (pos == KErrNotFound)
+ {
+ pos = Remainder().Find(_L("[")); //The segment is until the next tag or Eos()
+ }
+ if (pos != KErrNotFound)
+ {
+ TPtr pol_ptr((TUint16 *)Remainder().Ptr(), pos, pos); //Until the next section
+ TPolicyParser parser(pol_ptr);
+ err = parser.ParseL(aPieceData);
+ Assign(Remainder().Ptr() + pos); //rest of the text to parse
+ }
+ else
+ {
+ TPolicyParser parser(Remainder());
+ err = parser.ParseL(aPieceData);
+ }
+ return (err);
+ }
+
+TInt
+TIpSecParser::ParseKeysL(CKeysDataArray *aKeys)
+ {
+ TInt err;
+ //The segment is until the next tag or Eos()
+ TInt pos = Remainder().Find(_L("["));
+ if (pos != KErrNotFound)
+ {
+ // Until the next section
+ TPtr key_ptr((TUint16 *)Remainder().Ptr(), pos, pos);
+ TKeyParser parser(key_ptr);
+ err = parser.ParseL(aKeys);
+
+ // Rest of the text to parse
+ Assign(Remainder().Ptr() + pos);
+ }
+ else
+ {
+ // No more tags
+ TKeyParser parser(Remainder());
+ err = parser.ParseL(aKeys);
+ }
+
+ return (err);
+ }
+
+void
+TIpSecParser::NextTag()
+ {
+ while (!Eos())
+ if (Get() == '[' )
+ {
+ // Next tag found
+ UnGet();
+ return ;
+ }
+ }
+
+// Puts the security file data into string format to be saved to the
+// caller's buffer.
+EXPORT_C TInt
+TIpSecParser::Write(CIpSecurityPiece* aPiece_data,
+ HBufC8*& aPolBfr)
+ {
+ LOG_("TIpSecParser::Write()\n");
+ TInt err(KErrNone);
+
+ err = WriteVersion(aPolBfr);
+ if (err != KErrNone)
+ return err;
+
+ err = WriteInfo(aPiece_data, aPolBfr);
+ if (err != KErrNone)
+ return err;
+
+ err = WritePolicies(aPiece_data, aPolBfr);
+ if (err != KErrNone)
+ return err;
+
+ return (err);
+ }
+
+TInt
+TIpSecParser::WriteVersion(HBufC8*& aPolBfr)
+ {
+ TBuf8<32> buf;
+ buf.Format(_L8("SECURITY_FILE_VERSION: %d\n"), SEC_PARSER_VERSION);
+ return TPolicyParser::BufferAppend(aPolBfr, buf);
+ }
+
+TInt
+TIpSecParser::WriteInfo(CIpSecurityPiece *aPiece_data, HBufC8*& aPolBfr)
+ {
+ TInt err;
+
+ TBuf8<MAX_INFO_SIZE> buf = _L8("[INFO]\n");
+ err = TPolicyParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+
+ buf.Copy(aPiece_data->Info()->Des());
+ err = TPolicyParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+ return TPolicyParser::BufferAppend(aPolBfr, (_L8("\n")));
+
+ }
+
+TInt
+TIpSecParser::WritePolicies(CIpSecurityPiece *aPiece_data, HBufC8*& aPolBfr)
+ {
+ LOG_("TIpSecParser::WritePolicies()\n");
+ TBuf8<10> buf = _L8("[POLICY]\n");
+ TInt err = TPolicyParser::BufferAppend(aPolBfr, buf);
+ if (err != KErrNone)
+ return err;
+ return TPolicyParser::Write(aPiece_data->Policies(), aPolBfr);
+ }
+
+//
+// CIpSecurityPiece
+//
+EXPORT_C void
+CIpSecurityPiece::ConstructL(TInt aSize)
+ {
+ LOG_("CIpSecurityPiece::ConstructL()\n");
+ iInfo = HBufC::NewL(aSize);
+ iPolicies = new (ELeave) CSecurityPolicy();
+ iPolicies->ConstructL();
+ iKeys = CKeysDataArray::NewL(1);
+ }
+
+EXPORT_C void
+CIpSecurityPiece::SetInfoL(const TDesC &aDes)
+ {
+ LOG_("CIpSecurityPiece::SetInfoL()\n");
+ if (aDes.Length() > iInfo->Des().MaxLength())
+ {
+ // ReAllocs if needed
+ iInfo = iInfo->ReAllocL(aDes.Length());
+ }
+
+ iInfo->Des().Copy(aDes);
+ }
+
+EXPORT_C
+CIpSecurityPiece::~CIpSecurityPiece()
+ {
+ LOG_("CIpSecurityPiece::~CIpSecurityPiece()\n");
+ delete iInfo;
+ delete iPolicies;
+ delete iKeys;
+ delete iPolicyList;
+ }
+
+EXPORT_C CSecPolBundleList* CIpSecurityPiece::FQDNAddressListL()
+ {
+ LOG_("CIpSecurityPiece::GetFQDNAddressListL() entry\n");
+ LOG_("Deleting policy list\n");
+ if (iPolicyList)
+ {
+ delete iPolicyList;
+ iPolicyList = NULL;
+ }
+ LOG_("Querying DNS task count\n");
+ TInt fqdnCount = iPolicies->FQDNCount();
+
+ LOG_1("DNS Task Count: %d\n", fqdnCount);
+
+ if (fqdnCount > 0)
+ {
+
+ LOG_("Instantiating new policy list\n");
+ iPolicyList = new (ELeave) CSecPolBundleList(fqdnCount);
+
+ LOG_("Querying DNS tasks\n");
+
+ if (iPolicies != NULL)
+ {
+ iPolicies->GetFQDNAddressListL(*iPolicyList);
+ }
+ else
+ {
+ LOG_("No ipsec policies!\n");
+ }
+ LOG_("CIpSecurityPiece::GetFQDNAddressListL() exit\n");
+ }
+ return iPolicyList;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnipsecpolparser/src/spdb.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,665 @@
+/*
+* Copyright (c) 2002-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Security policy database module.
+* "Runtime" methods of "CSecurityPolicy" class.
+*
+*/
+
+
+#include <networking/pfkeyv2.h>
+#include "spdb.h"
+#include "logvpncommon.h"
+
+//
+// CPolicySelector
+//
+CPolicySelector::CPolicySelector()
+ {}
+
+EXPORT_C CPolicySelector*
+CPolicySelector::NewL()
+ {
+ CPolicySelector* self = new (ELeave) CPolicySelector();
+ self->Construct();
+ return self;
+ }
+
+EXPORT_C void
+CPolicySelector::Construct()
+ {
+ iIcmpType = -1; // used, if != -1
+ iType = -1; // used, if != -1
+ iIcmpCode = -1; // used, if != -1
+ iGlobalSelector = EFalse; // the global flag defaults to false
+ iIsFinal = EFalse;
+ iIsMerge = EFalse;
+ iDirection = KPolicySelector_SYMMETRIC;
+ iDropAction = EFalse;
+ iProtocol = 0;
+
+ // Init addresses to undefined
+ iLocal.SetFamily(KAFUnspec);
+ iLocalMask.SetFamily(KAFUnspec);
+ iRemote.SetFamily(KAFUnspec);
+ iRemoteMask.SetFamily(KAFUnspec);
+
+ // Clear interface name
+ iInterface.Zero();
+
+ // Init Endpoint names to NULL
+ iLocSelEpName = NULL;
+ iLocMaskEpName = NULL;
+ iRemSelEpName = NULL;
+ iRemMaskEpName = NULL;
+
+ iSequenceNumber = 0;
+ iCompWord = 0;
+ }
+
+EXPORT_C CPolicySelector*
+CPolicySelector::NewL(CPolicySelector* aPS)
+ {
+ CPolicySelector* self = new (ELeave) CPolicySelector();
+ CleanupStack::PushL(self);
+ self->ConstructL(aPS);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void
+CPolicySelector::ConstructL(CPolicySelector* aPS)
+ {
+ iDirection = aPS->iDirection;
+ iRemote = aPS->iRemote; // including port selector, if port non-zero
+ iRemoteMask = aPS->iRemoteMask; // only address part used, as a mask
+ iLocal = aPS->iLocal; // including port selector, if port non-zero
+ iLocalMask = aPS->iLocalMask; // only address part used, as a mask
+ iProtocol = aPS->iProtocol; // used, if non-zero
+ iIcmpType = aPS->iIcmpType; // used, if != -1
+ iType = aPS->iType; // used, if != -1
+ iIcmpCode = aPS->iIcmpCode; // used, if != -1
+ iGlobalSelector = aPS->iGlobalSelector;
+ iIsFinal = aPS->iIsFinal;
+ iIsMerge = aPS->iIsMerge;
+ iDropAction = aPS->iDropAction;
+ iInterface = aPS->iInterface;
+
+ iSequenceNumber = aPS->iSequenceNumber;
+ iCompWord = aPS->iSequenceNumber;
+
+ // Copy EndPoint names
+ if (aPS->iLocSelEpName && aPS->iLocSelEpName->Length())
+ {
+ iLocSelEpName = HBufC8::NewL(aPS->iLocSelEpName->Length());
+ *iLocSelEpName = *aPS->iLocSelEpName;
+ }
+ if (aPS->iLocMaskEpName && aPS->iLocMaskEpName->Length())
+ {
+ iLocMaskEpName = HBufC8::NewL(aPS->iLocMaskEpName->Length());
+ *iLocMaskEpName = *aPS->iLocMaskEpName;
+ }
+ if (aPS->iRemSelEpName && aPS->iRemSelEpName->Length())
+ {
+ iRemSelEpName = HBufC8::NewL(aPS->iRemSelEpName->Length());
+ *iRemSelEpName = *aPS->iRemSelEpName;
+ }
+ if (aPS->iRemMaskEpName && aPS->iRemMaskEpName->Length())
+ {
+ iRemMaskEpName = HBufC8::NewL(aPS->iRemMaskEpName->Length());
+ *iRemMaskEpName = *aPS->iRemMaskEpName;
+ }
+
+ TSecpolBundleIter iterl(aPS->iBundle);
+ CSecpolBundleItem* itemL(NULL);
+ CSecpolBundleItem* newItemL(NULL);
+ while ((itemL = iterl++) != NULL)
+ {
+ newItemL = new (ELeave) CSecpolBundleItem;
+
+ // Points to the same SA
+ newItemL->iSpec = itemL->iSpec;
+
+ // No need to fill iNext. Is filled when adding
+ newItemL->iTunnel = itemL->iTunnel;
+ iBundle.AddLast(*newItemL);
+ }
+
+ iNext = aPS->iNext;
+ }
+
+CSecpolBundleItem*
+CPolicySelector::FindBundleL(TInt aIndex)
+ {
+ TSecpolBundleIter iterL(iBundle);
+ CSecpolBundleItem* itemL(NULL);
+ CSecpolBundleItem* newItemL(NULL);
+ TInt i = 0;
+ while (((itemL = iterL++) != NULL) && (i < aIndex))
+ {
+ i++;
+ }
+
+ // The element exists. We create a copy
+ if ((i == aIndex) && (itemL != NULL))
+ {
+ newItemL = new (ELeave) CSecpolBundleItem;
+
+ // Need a copy to have separed bundle lists
+ newItemL->iSpec = itemL->iSpec;
+
+ // No need to fill iNext. Is filled when adding
+ newItemL->iTunnel = itemL->iTunnel;
+ }
+
+ return newItemL;
+ }
+
+CSecpolBundleItem::~CSecpolBundleItem()
+ {
+ delete iTunnelEpName;
+ delete iTunnelEpFQDN;
+ }
+
+void CPolicySelector::GetFQDNAddressListL(CSecPolBundleList& aPolList)
+ {
+ LOG_("CPolicySelector::GetFQDNAddressListL() entry\n");
+ TSecpolBundleIter iterl(iBundle);
+ CSecpolBundleItem* itemL(NULL);
+ while ((itemL = iterl++) != NULL)
+ {
+ if (itemL->iTunnelEpFQDN)
+ {
+ LOG_1("Found FQDN: '%S', appending to the list\n", &(*itemL->iTunnelEpFQDN));
+ aPolList.AppendL(itemL);
+ LOG_("Append complete\n");
+ }
+ else
+ {
+ TBuf<40> addrstr;
+ itemL->iTunnel.Output(addrstr);
+ LOG_1("Found IP: '%S', no need to add\n", &addrstr);
+ }
+ }
+ LOG_("CPolicySelector::GetFQDNAddressListL() exit\n");
+ }
+
+EXPORT_C
+CPolicySelector::~CPolicySelector()
+ {
+ TSecpolBundleIter iterl(iBundle);
+ CSecpolBundleItem* iteml(NULL);
+ while ((iteml = iterl++) != NULL)
+ {
+ iBundle.Remove(*iteml);
+ delete iteml;
+ }
+
+ delete iRemSelEpName;
+ delete iRemMaskEpName;
+ delete iLocMaskEpName;
+ delete iLocSelEpName;
+ }
+
+// Match a selector against the packet information
+//
+// Returns 0, if selector does not match the information
+// 1, if selector matches the information
+TInt
+CPolicySelector::Match(
+ const TInetAddr &aSrc, // The src address, and port if known
+ const TInetAddr &aDst, // The dst address, and port if known
+ TInt aProtocol, // Transport protocol, if > 0 (known)
+ TInt aIcmpType, // ICMP Type, if ICMP (-1 otherwise)
+ TInt aIcmpCode, // ICMP Code, if ICMP (-1 otherwise)
+ TInt aType) const // Type code, (-1 if not used)
+ {
+ return (aDst.Match(iRemote, iRemoteMask)
+ && aSrc.Match(iLocal, iLocalMask)
+ && (iProtocol == 0 || iProtocol == aProtocol)
+ && (iRemote.Port() == 0 || iRemote.Port() == aDst.Port())
+ && (iLocal.Port() == 0 || iLocal.Port() == aDst.Port())
+ && (iIcmpType == -1 || iIcmpType == aIcmpType)
+ && (iIcmpCode == -1 || iIcmpCode == aIcmpCode)
+ && (iType == -1 || iType == aType));
+ }
+
+// Checks if this policy is using this SA
+EXPORT_C TBool
+CPolicySelector::UseSA(CPolicySpec* aSA, TInetAddr* tunnel)
+ {
+ TSecpolBundleIter iterBundle(iBundle);
+ CSecpolBundleItem* itemBundle(NULL);
+
+ while ((itemBundle = iterBundle++) != NULL)
+ {
+ if (itemBundle->iSpec)
+ {
+ // SA used in a Policy. 2 SA cannot have the same name
+ if (!(itemBundle->iSpec->iName->Compare(*aSA->iName)))
+ {
+ if (tunnel)
+ {
+ *tunnel = itemBundle->iTunnel;
+ }
+ return ETrue;
+ }
+ }
+ }
+
+ return EFalse; // This selector doesn't use the SA
+ }
+
+//
+// CSAPairList: Translation table used when copying a policy
+CSAPairList::~CSAPairList()
+ {
+ TSAPairNode* next(NULL);
+ TSAPairNode* node(iList);
+ while (node)
+ {
+ next = node->iNext;
+ delete node;
+ node = next;
+ }
+ }
+
+//
+// Add at the begining to make it faster
+void
+CSAPairList::AddL(CPolicySpec* aOldSA, CPolicySpec* aNewSA)
+ {
+ TSAPairNode* node = new (ELeave) TSAPairNode;
+ node->iOldSA = aOldSA;
+ node->iNewSA = aNewSA;
+ node->iNext = iList;
+ iList = node;
+ }
+
+CPolicySpec*
+CSAPairList::Translate(CPolicySpec* aOldSA)
+ {
+ TSAPairNode* node = iList;
+ while (node)
+ {
+ if (node->iOldSA == aOldSA)
+ return node->iNewSA;
+ node = node->iNext;
+ }
+
+ // Not found
+ return(NULL);
+ }
+
+void CSecurityPolicy::GetFQDNAddressListL(CSecPolBundleList& aPolList)
+ {
+ LOG_("CSecurityPolicy::GetFQDNAddressListL()\n");
+ if (iSelectors)
+ {
+ TInt count(iSelectors->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ iSelectors->At(i)->GetFQDNAddressListL(aPolList);
+ }
+ }
+ }
+
+EXPORT_C
+CSecurityPolicy::CSecurityPolicy()
+ {}
+
+EXPORT_C void
+CSecurityPolicy::ConstructL()
+ {
+ iSpecs = CSAList::NewL(1);
+ iSelectors = CSelectorList::NewL(1);
+ }
+
+// Creates a Security Policy from an existing one
+EXPORT_C void
+CSecurityPolicy::ConstructL(CSecurityPolicy* aSecPol)
+ {
+ // Creates a new SA List with new SA nodes!!!
+ if (aSecPol->SAList()->Count() > 0)
+ {
+ iSpecs = CSAList::NewL(aSecPol->SAList());
+ }
+ else
+ {
+ iSpecs = CSAList::NewL(1);
+ }
+
+ // The selector bundles use references to the old SA nodes
+ // so if we copy only the content we'll have invalid references.
+ // Therefore, we need a translations tables from old nodes to new
+ // ones to pass it to the selector constructor
+ if (aSecPol->SelectorList()->Count() > 0)
+ {
+ CSAPairList* table = CreateTranslationTableL(aSecPol->SAList(), iSpecs);
+ CleanupStack::PushL(table);
+ iSelectors = CSelectorList::NewL(aSecPol->SelectorList(), table);
+
+ // The table is not needed anymore
+ CleanupStack::PopAndDestroy();
+ }
+ else
+ {
+ iSelectors = CSelectorList::NewL(1);
+ }
+ }
+
+CSAPairList*
+CSecurityPolicy::CreateTranslationTableL(
+ CSAList* aOldSAList,
+ CSAList* aNewSAList)
+ {
+ CSAPairList* table = new (ELeave) CSAPairList;
+ CleanupStack::PushL(table);
+ TInt count(aOldSAList->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ table->AddL(aOldSAList->At(i), aNewSAList->At(i));
+ }
+ CleanupStack::Pop();
+ return (table);
+ }
+
+CSecurityPolicy::~CSecurityPolicy()
+ {
+ if (iSpecs)
+ {
+ // Deletes all the elems in the list
+ TInt count(iSpecs->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ delete iSpecs->At(i);
+ }
+ delete iSpecs;
+ iSpecs = NULL;
+ }
+
+ if (iSelectors)
+ {
+ // Deletes all the elems in the list
+ TInt count(iSelectors->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ delete iSelectors->At(i);
+ }
+ delete iSelectors;
+ iSelectors = NULL;
+ }
+ }
+
+TSecpolBundle*
+CSecurityPolicy::FindBundle(
+ TUint aDirection, // Direction flag
+ const TInetAddr& aSrc, // Source Address (and optionally port)
+ const TInetAddr& aDst, // Destination Address (and optionally port)
+ TInt aProtocol, // Transport protocol (if > 0)
+ TInt aIcmpType, // (if != -1)
+ TInt aIcmpCode, // (if != -1)
+ TInt aType) // (if != -1)
+ {
+ TInt count(iSelectors->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ CPolicySelector* selector = iSelectors->At(i);
+ if ((selector->iDirection & aDirection)
+ && selector->Match(aSrc,
+ aDst,
+ aProtocol,
+ aIcmpType,
+ aIcmpCode,
+ aType))
+ {
+ return (&selector->iBundle);
+ }
+ }
+
+ return (NULL);
+ }
+
+TInt
+CSecurityPolicy::SearchForEPNameL(TDesC& aTokenString)
+ {
+ TInt err(KErrNotFound);
+ HBufC8* name = HBufC8::NewL(aTokenString.Length());
+ name->Des().Copy(aTokenString);
+
+ // Iterate through the policy specification list
+ TInt count(iSpecs->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ CPolicySpec* polSpec = iSpecs->At(i);
+ // Check if spesification type is EndPoint and name for it exists
+ if (polSpec->iSpectype == EPolSpecEP && polSpec->iName)
+ {
+ // Compare EndPoint name against given name
+ if (name->Des().Compare(polSpec->iName->Des()) == 0)
+ {
+ // Match found so set return value to success
+ err = KErrNone;
+ break;
+ }
+ }
+ }
+
+ // Free memory allocated for name and then return
+ delete name;
+ return (err);
+ }
+
+EXPORT_C CPolicySpec*
+CSecurityPolicy::FindSpec(const TDesC8& aName)
+ {
+ CPolicySpec* spec(NULL);
+ TInt count(iSpecs->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ spec = iSpecs->At(i);
+ if ((*spec->iName).Compare(aName) == 0)
+ {
+ return spec;
+ }
+ }
+ return (NULL);
+ }
+
+//
+// CPolicySpec
+//
+CPolicySpec::CPolicySpec()
+ {}
+
+EXPORT_C CPolicySpec*
+CPolicySpec::NewL()
+ {
+ CPolicySpec* self = new (ELeave) CPolicySpec();
+ self->Construct();
+ return self;
+ }
+
+EXPORT_C void
+CPolicySpec::Construct()
+ {
+ iEpSpec.iIsOptional = EFalse;
+ iEpSpec.iEpAddr = NULL;
+ }
+
+EXPORT_C CPolicySpec*
+CPolicySpec::NewL(TDesC& aName, TPolicySpecType iSpectype)
+ {
+ CPolicySpec* self = new (ELeave) CPolicySpec();
+ CleanupStack::PushL(self);
+ self->ConstructL(aName, iSpectype);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void
+CPolicySpec::ConstructL(TDesC& aName, TPolicySpecType aSpectype)
+ {
+ iName = HBufC8::NewL(aName.Length());
+ iName->Des().Copy(aName);
+ iSpectype = aSpectype;
+ }
+
+// Used to initialize with an existing CPolicySpec
+EXPORT_C CPolicySpec*
+CPolicySpec::NewL(CPolicySpec* aPolSpec)
+ {
+ CPolicySpec* self = new (ELeave) CPolicySpec();
+ CleanupStack::PushL(self);
+ self->ConstructL(aPolSpec);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void
+CPolicySpec::ConstructL(CPolicySpec* aPolSpec)
+ {
+ // Always bigger than 0
+ iName = HBufC8::NewL(aPolSpec->iName->Length());
+ *iName = *aPolSpec->iName;
+
+ if (aPolSpec->iRemoteIdentity)
+ {
+ iRemoteIdentity = HBufC8::NewL(aPolSpec->iRemoteIdentity->Length());
+ *iRemoteIdentity = *aPolSpec->iRemoteIdentity;
+ }
+
+ if (aPolSpec->iLocalIdentity)
+ {
+ iLocalIdentity = HBufC8::NewL(aPolSpec->iLocalIdentity->Length());
+ *iLocalIdentity = *aPolSpec->iLocalIdentity;
+ }
+ iSpec = aPolSpec->iSpec;
+ // Even the queue position is cloned
+ iNext = aPolSpec->iNext;
+ }
+
+EXPORT_C
+CPolicySpec::~CPolicySpec()
+ {
+ delete iName;
+ delete iRemoteIdentity;
+ delete iLocalIdentity;
+ }
+
+// CSAList
+CSAList::CSAList(TInt aGranularity) :
+ CArrayFixFlat<CPolicySpec *>(aGranularity)
+ {}
+
+EXPORT_C CSAList*
+CSAList::NewL(TInt aGranularity)
+ {
+ CSAList* self = new (ELeave) CSAList(aGranularity);
+ self->Construct(aGranularity);
+ return self;
+ }
+
+EXPORT_C void
+CSAList::Construct(TInt /* aGranularity */)
+ {}
+
+CSAList::CSAList(CSAList* aSAList) :
+ CArrayFixFlat<CPolicySpec *>(aSAList->Count())
+ {}
+
+EXPORT_C CSAList*
+CSAList::NewL(CSAList* aSAList)
+ {
+ CSAList* self = new (ELeave) CSAList(aSAList);
+ CleanupStack::PushL(self);
+ self->ConstructL(aSAList);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void
+CSAList::ConstructL(CSAList* aSAList)
+ {
+ TInt count(aSAList->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ CPolicySpec* policy = CPolicySpec::NewL(aSAList->At(i));
+ CleanupStack::PushL(policy);
+ AppendL(policy);
+ CleanupStack::Pop();
+ }
+ }
+
+//
+// CSelectorList
+//
+CSelectorList::CSelectorList(TInt aGranularity) :
+ CArrayFixFlat<CPolicySelector *>(aGranularity)
+ {}
+
+EXPORT_C CSelectorList*
+CSelectorList::NewL(TInt aGranularity)
+ {
+ CSelectorList* self = new (ELeave) CSelectorList(aGranularity);
+ self->Construct(aGranularity);
+ return self;
+ }
+
+EXPORT_C void
+CSelectorList::Construct(TInt /*aGranularity*/)
+ {}
+
+CSelectorList::CSelectorList(CSelectorList* aSelList,
+ CSAPairList* /* aTable */) :
+ CArrayFixFlat<CPolicySelector *>(aSelList->Count())
+ {}
+
+EXPORT_C CSelectorList*
+CSelectorList::NewL(CSelectorList* aSelList,
+ CSAPairList* aTable)
+ {
+ CSelectorList* self = new (ELeave) CSelectorList(aSelList, aTable);
+ CleanupStack::PushL(self);
+ self->ConstructL(aSelList, aTable);
+ CleanupStack::Pop();
+ return self;
+ }
+
+EXPORT_C void
+CSelectorList::ConstructL(CSelectorList* aSelList,
+ CSAPairList* aTable)
+ {
+ TInt count(aSelList->Count());
+ for (TInt i = 0; i < count; i++)
+ {
+ CPolicySelector* selector = CPolicySelector::NewL(aSelList->At(i));
+ // Bundle translation
+ TSecpolBundleIter iterL(selector->iBundle);
+ CSecpolBundleItem* itemL(NULL);
+ while (((itemL = iterL++) != NULL))
+ {
+ if (itemL->iSpec)
+ {
+ itemL->iSpec = aTable->Translate(itemL->iSpec);
+ }
+ }
+
+ // Specs in the Bundle translated
+ CleanupStack::PushL(selector);
+ AppendL(selector);
+ CleanupStack::Pop();
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/bwins/VPNMANAGERU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?WinsMain@@YAHXZ @ 1 NONAME ; int __cdecl WinsMain(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/data/backup_registration.xml Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,9 @@
+<?xml version="1.0" standalone="yes"?>
+<backup_registration>
+ <passive_backup>
+ <include_directory name = "\"/>
+ </passive_backup>
+ <system_backup/>
+ <restore requires_reboot = "no"/>
+ <proxy_data_manager sid = "0x10202BE9"/>
+</backup_registration>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+DEFAULT
+
+PRJ_EXPORTS
+
+
+PRJ_MMPFILES
+#ifdef VPNCLIENT_USE_STUBS
+ vpnmanager_test.mmp
+#else
+ vpnmanager.mmp
+#endif
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/group/vpnmanager.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,82 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnmanager
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET vpnmanager.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101F7993
+
+CAPABILITY NetworkControl NetworkServices ProtServ WriteDeviceData
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE fileutil.cpp
+SOURCE pinparser.cpp
+SOURCE pkiutil.cpp
+SOURCE pwdchanger.cpp
+SOURCE policyimporter.cpp
+SOURCE policypatcher.cpp
+SOURCE policystore.cpp
+SOURCE vpnapiservant.cpp
+SOURCE vpnmanagersession.cpp
+SOURCE vpnmanagerstarter.cpp
+SOURCE uuid.cpp
+SOURCE requestdispatcher.cpp
+SOURCE eventlogger.cpp
+SOURCE vpnmanagerserver.cpp
+SOURCE cmmanagerutils.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../utlxml/inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../../vpnui/vpnecomnotifier/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../eventviewer/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib
+LIBRARY efsrv.lib
+LIBRARY esock.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY ikepolparser.lib
+LIBRARY crypto.lib
+LIBRARY utlxml.lib
+LIBRARY bafl.lib
+LIBRARY utlbase64.lib
+LIBRARY utlpkcs10.lib
+LIBRARY eventmedapi.lib
+LIBRARY eventviewer.lib
+LIBRARY random.lib
+LIBRARY charconv.lib
+LIBRARY cmmanager.lib
+LIBRARY cryptography.lib
+
+DEBUGLIBRARY flogger.lib
+
+EPOCSTACKSIZE 0x4000
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/group/vpnmanager_test.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,85 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnmanager
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpnmanager.exe
+TARGETTYPE exe
+UID 0x1000008d 0x101F7993
+
+CAPABILITY NetworkControl NetworkServices ProtServ WriteDeviceData
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE fileutil.cpp
+SOURCE pinparser.cpp
+SOURCE pkiutil.cpp
+SOURCE pwdchanger.cpp
+SOURCE policyimporter.cpp
+SOURCE policypatcher.cpp
+SOURCE policystore.cpp
+SOURCE vpnapiservant.cpp
+SOURCE vpnmanagersession.cpp
+SOURCE vpnmanagerstarter.cpp
+SOURCE uuid.cpp
+SOURCE requestdispatcher.cpp
+SOURCE eventlogger.cpp
+SOURCE vpnmanagerserver.cpp
+SOURCE cmmanagerutils.cpp
+
+SOURCEPATH ../../vpncommon/src
+SOURCE srvstatic.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../pkiserviceapi/inc
+USERINCLUDE ../../ikepolparser/inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../utlxml/inc
+USERINCLUDE ../../utlbase64/inc
+USERINCLUDE ../../utlpkcs10/inc
+USERINCLUDE ../../../vpnui/vpnecomnotifier/inc
+USERINCLUDE ../../eventmediatorapi/inc
+USERINCLUDE ../../eventviewer/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY VpnExtManager_proxy.lib
+LIBRARY euser.lib
+LIBRARY efsrv.lib
+LIBRARY esock.lib
+LIBRARY x509.lib
+LIBRARY x500.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY ikepolparser.lib
+LIBRARY crypto.lib
+LIBRARY utlxml.lib
+LIBRARY bafl.lib
+LIBRARY utlbase64.lib
+LIBRARY utlpkcs10.lib
+LIBRARY eventmedapi.lib
+LIBRARY eventviewer.lib
+LIBRARY random.lib
+LIBRARY charconv.lib
+LIBRARY cmmanager.lib
+LIBRARY cryptography.lib
+
+DEBUGLIBRARY flogger.lib
+
+EPOCSTACKSIZE 0x4000
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/cmmanagerutils.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,65 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility methods for handling connection settings
+*
+*/
+
+#ifndef CmManagerUtils_H
+#define CmManagerUtils_H
+
+#include <e32base.h>
+
+#include "vpnapidefs.h"
+
+class RCmConnectionMethodExt;
+class RCmManagerExt;
+class CEventLogger;
+
+
+/**
+ * Utility methods for handling connection settings
+ *
+ * @lib ?library
+ * @since S60 ?S60_version *** for example, S60 v3.2.3
+ */
+class CmManagerUtils
+ {
+public:
+
+ static void CreateVPNConnectionMethodToIntranetL(const TVpnPolicyInfo& aVpnPolicyInfo,
+ CEventLogger& aEventLogger);
+
+private:
+
+ static void SetVpnConnectionMethodAttributesL(RCmConnectionMethodExt& aConnectionMethod,
+ const TDesC& aConnectionMethodName,
+ const TVpnPolicyId aPolicyId,
+ const TUint32 aInternetDestinationId);
+
+
+ static HBufC* CreateConnectionMethodNameLC(RCmManagerExt& aCmManagerExt,
+ const TDesC& aPolicyName);
+
+ static HBufC* CreateIntranetDestinationNameLC(RCmManagerExt& aCmManagerExt);
+
+ static RCmConnectionMethodExt CreateNewConnectionMethodToIntranetL(RCmManagerExt& aCmManagerExt,
+ const TDesC& aConnectionMethodName,
+ const TVpnPolicyId aPolicyId,
+ const TUint32 aInternetDestinationId);
+
+
+ };
+
+
+#endif // CmManagerUtils_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/eventlogger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,61 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event logging.
+*
+*/
+
+
+
+#ifndef __EVENTLOGGER_H__
+#define __EVENTLOGGER_H__
+
+#include <e32base.h>
+#include <in_sock.h>
+#include <vpnlogmessages.rsg>
+
+#include "eventmediatorapi.h"
+
+class CPolicyStore;
+
+class CEventLogger : CBase
+ {
+public:
+ static CEventLogger* NewL(CPolicyStore& aPolicyStore);
+ void LogEvent(TUint aMsgId, const TDesC* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2);
+ void LogEvent(TUint aMsgId, const TDesC8* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2);
+ ~CEventLogger();
+
+private:
+ CEventLogger(CPolicyStore& aPolicyStore);
+ void ConstructL();
+
+ void LogEventL(TUint aMsgId, const TDesC* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2);
+ HBufC8* CertSubjectNameL(const TDesC8& aCertData);
+
+
+private:
+ REventMediator iEventMediator;
+ CPolicyStore& iPolicyStore;
+ };
+
+#define DEFINE_EVENT_LOGGER CEventLogger* iEventLogger;
+#define INIT_EVENT_LOGGER(a) TRAP_IGNORE(iEventLogger = CEventLogger::NewL(a););
+#define RELEASE_EVENT_LOGGER delete iEventLogger; iEventLogger = NULL;
+
+#define LOG_EVENT(a, b, c, d, e) if (iEventLogger) iEventLogger->LogEvent(a, b, c, d, e);
+#define LOG_EVENT_2(a, b, c, d, e) if (iVpnApiServant->iEventLogger) iVpnApiServant->iEventLogger->LogEvent(a, b, c, d, e);
+#define LOG_EVENT_2B(a, b, c, d, e) if (iVpnApiServant.iEventLogger) iVpnApiServant.iEventLogger->LogEvent(a, b, c, d, e);
+#define LOG_EVENT_3(a, b, c, d, e) if (VpnApiServant()->iEventLogger) VpnApiServant()->iEventLogger->LogEvent(a, b, c, d, e);
+
+#endif // __EVENTLOGGER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/fileutil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,93 @@
+/*
+* Copyright (c) 2000 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Provides file handling functions.
+*
+*/
+
+
+
+#ifndef __FILEUTIL_H__
+#define __FILEUTIL_H__
+
+#include "vpnapidefs.h"
+
+/**
+ * File name extensions
+ */
+_LIT(KPolFileExt, ".pol");
+_LIT(KPinFileExt, ".pin");
+_LIT(KCertFileExt, ".cer");
+_LIT(KPrivKeyFileExt, ".key");
+
+/**
+ * File name patterns
+ */
+_LIT(KPinFilePat, "*.pin");
+_LIT(KPolFilePat, "*.pol");
+_LIT(KUserPrivKeyFilePat, "-user*.key");
+_LIT(KCaCertFilePat, "-ca*.cer");
+_LIT(KPeerCertFilePat, "-peer*.cer");
+_LIT(KAllFilesPat, "*.*");
+
+/**
+ * File names
+ */
+_LIT(KPolListFile, "vpnpolicies");
+
+/**
+ * Paths
+ */
+
+class RFs;
+
+/**
+ * A collection of methods for handling files and file names.
+ */
+class TFileUtil
+ {
+public:
+ TFileUtil(RFs& aFs);
+ TFileName ReplaceExtension(const TFileName& aFileName,
+ const TDesC& aExtension);
+ TBool FileExists(const TFileName& aFileName);
+ HBufC8* LoadFileDataL(const TFileName& aFileName);
+ HBufC* LoadFileDataUL(const TFileName& aFileName);
+ void SaveFileDataL(const TFileName& aFileName,
+ const TDesC8& aFileData);
+ void SaveFileDataL(const TFileName& aFileName,
+ const TDesC& aFileData);
+ // Ownership of the return object transferred to caller
+ // in Make* and Get* functions
+ HBufC* MakeFileNameLC(const TDesC& aDir, const TDesC& aName,
+ const TDesC& aExtension);
+ TFileName MakeFileName(const TDesC& aDir, const TDesC& aNameAndExtension);
+ HBufC* GetPolFileNameLC(const TVpnPolicyId& aPolicyId);
+ HBufC* GetPinFileNameLC(const TVpnPolicyId& aPolicyId);
+ HBufC* GetPolFileNameL(const TVpnPolicyId& aPolicyId);
+ HBufC* GetPinFileNameL(const TVpnPolicyId& aPolicyId);
+ TFileName PolListFileNameL();
+ void DeleteFileL(const TFileName& aFileName);
+ void DeleteFilesL(const TFileName& aFileFilter);
+ void MoveFileL(const TFileName& aSrcFileName, const TFileName& aDstFileName);
+ void CopyFileL(const TFileName& aSrcFileName, const TFileName& aDstFileName);
+ void CreateDirIfNeededL(const TFileName& aDirName);
+ HBufC8* To8BitL(const TDesC16& aDes);
+ HBufC16* To16BitL(const TDesC8& aDes);
+ void DeleteDirL(const TFileName& aDirName);
+
+private:
+ RFs& iFs;
+ };
+
+#endif // __FILEUTIL_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/log_r6.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_R6_H__)
+#define __LOG_R6_H__
+
+_LIT(KLogFile,"vpnmanager.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_R6_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/pinparser.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,62 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Pin parser main module.
+*
+*/
+
+
+
+#ifndef __PINPARSER_H__
+#define __PINPARSER_H__
+
+#include <e32std.h>
+#include "vpnapidefs.h"
+
+_LIT(KNameSection, "[POLICYNAME]");
+_LIT(KVersionSection, "[POLICYVERSION]");
+_LIT(KDescriptionSection, "[POLICYDESCRIPTION]");
+_LIT(KIssuerNameSection, "[ISSUERNAME]");
+_LIT(KContactSection, "[CONTACTINFO]");
+
+const TChar KSectionBeginChar = '[';
+
+const TInt KInitialDetailsTextLength = 1024;
+
+_LIT(KNewLine, "\n");
+
+class TFileUtil;
+
+/**
+ * Parses policy information file contents.
+ */
+class TPinParser
+ {
+public:
+ TPinParser(TFileUtil& aFileUtil);
+ void ParsePolicyInfoL(const TFileName& aPinFile, TVpnPolicyInfo& aPolicyInfo);
+ void ParsePolicyDetailsL(const TDesC& aPinFile, TVpnPolicyDetails& aPolicyDetails);
+ HBufC* PolicyDetailsAsTextL(const TVpnPolicyDetails& aPolicyDetails);
+
+private:
+ void ParseSectionInfo(const TDesC& aSectionTag, TVpnPolicyInfo& aPolicyInfo);
+ void ParseSectionDetails(const TDesC& aSectionTag, TVpnPolicyDetails& aPolicyDetails);
+ TPtrC GetSectionContent();
+ void SmartAppendL(HBufC*& aBuf, const TDesC& aText);
+
+private:
+ TFileUtil& iFileUtil;
+ TLex iLexer;
+ };
+
+#endif // __PINPARSER_H_
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/pkiutil.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,130 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Provides static PKI-related helper functions
+* (such as building Distinguished Names)
+*
+*/
+
+
+
+#ifndef __PKIUTIL_H__
+#define __PKIUTIL_H__
+
+#include <e32std.h>
+#include "pkidefs.h"
+#include "ikepolparser.h"
+#include "fileutil.h"
+
+const TInt KCertDnSizeIncrement = 64;
+
+_LIT(KComma, ",");
+_LIT(KEquals, "=");
+
+_LIT(KC, "C");
+_LIT(KO, "O");
+_LIT(KOU, "OU");
+_LIT(KL, "L");
+_LIT(KST, "ST");
+_LIT(KCN, "CN");
+
+_LIT8(KCN8, "CN");
+
+const TInt KExpectedMaxCertSize = 4092;
+
+class CX500DistinguishedName;
+class CX520AttributeTypeAndValue;
+class CX509Certificate;
+class RPKIServiceAPI;
+class CDesC16ArrayFlat;
+class TCertInfo;
+
+
+enum TCertStatus
+ {
+ ECertValid = 1,
+ ECertNotValidYet,
+ ECertExpired,
+ ECertNotFound,
+ ECertNotNeeded,
+ ECertStatusUnknown
+ };
+
+/**
+ * PKI-related static utility methods
+ */
+class PkiUtil
+ {
+public:
+ static HBufC* CertSubjectNameL(const TDesC8& aCertData);
+ static HBufC* CertIssuerNameL(const TDesC8& aCertData);
+ static TCertStatus CertStatusL(RPKIServiceAPI& aPkiService, const TDesC8& aTrustedCaDn,
+ const TDesC8& aSubjectDnSuffix, const TDesC8& aRfc822Name,
+ TUint aPrivKeyLength, TInt aCertRenewalThreshold = -1);
+
+ static TCertStatus GetValidCaCertSubjectNameListL(RPKIServiceAPI& aPkiService,
+ const CArrayFixFlat<TCertInfo*>& aIkeCAList,
+ CDesC8ArrayFlat& aCaCertNameList);
+
+ static TCertStatus CheckUserCertValidityL(RPKIServiceAPI& aPkiService,
+ CDesC8ArrayFlat& aValidCaCertNameList,
+ TOwnCertInfo& aOwnCert);
+
+
+ static CX500DistinguishedName* DnFromStringL(const TDesC8& aString);
+ static CX500DistinguishedName* DnWithoutCnFromStringL(const TDesC8& aString);
+ static TBool DnMatchL(const TDesC8& aDnString1, const TDesC8& aDnString2);
+
+ static TBool MatchL(const CX500DistinguishedName& aDn1,
+ const CX500DistinguishedName& aDn2);
+ static HBufC* CertDnL(const CX500DistinguishedName& aName);
+
+ static TInt CertKeySizeL(const TDesC8& aCertData);
+
+private:
+
+ static TCertStatus CertStatusL(const TDesC8& aCertData, TInt aCertRenewalThreshold = -1);
+ static TCertStatus CertStatusL(const CX509Certificate& aCert, TInt aCertRenewalThreshold = -1);
+
+
+ static void AppendAttributeL(HBufC*& aBuf, const CX520AttributeTypeAndValue& aAttribute);
+ static HBufC* AttributeTypeToNameL(const TDesC &aType);
+ static void SmartAppendL(HBufC*& aBuf, const TDesC& aText);
+ static TBool HasElementL(const CX500DistinguishedName& aDn,
+ const CX520AttributeTypeAndValue& aElement);
+
+ /**
+ * Returns the list of validated CA certificate Subject names.
+ * If some of the certificates in aIkeCAList doesn't match to any CA certificates
+ * stored in the phone LEAVES with KErrNotFound. If some of the elements in the aIkeCAList
+ * has iFormat value PEM_CERT or BIN_CERT this function panics. If aIkeCAList->Count < 1 this
+ * method panics.
+ */
+ static RPointerArray<CX509Certificate> GetCaCertListL(RPKIServiceAPI& aPkiService,
+ const CArrayFixFlat<TCertInfo*>& aIkeCAList);
+
+
+ static CX509Certificate* ReadCertificateLC(RPKIServiceAPI& aPkiService,
+ const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKICertificateOwnerType aOwnerType);
+
+ static CX509Certificate* ReadCertificateLC(RPKIServiceAPI& aPkiService,
+ const TPKIKeyIdentifier& aKeyId);
+ static HBufC8* PkiUtil::To8BitL(const TDesC16& aDes);
+
+ };
+
+#endif // __PKIUTIL_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/policyimporter.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,206 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy importer
+*
+*/
+
+
+
+#ifndef __POLICYIMPORTER_H__
+#define __POLICYIMPORTER_H__
+
+#include <e32std.h>
+#include <e32base.h>
+#include "vpnapidefs.h"
+#include "fileutil.h"
+
+class CX509Certificate;
+#include "pkiserviceapi.h"
+
+class CVpnApiServant;
+class CPolicyStore;
+class RFs;
+class CPolicyPatchInfoList;
+class CIkeDataArray;
+class CIkeData;
+
+const TInt KMaxExtPolicyIdLength = 256;
+const TInt KDoNotGetKeySize = -1;
+
+typedef TBuf<KMaxExtPolicyIdLength> TExtVpnPolicyId;
+
+/**
+ * Handles the importing of VPN policies to the system.
+ *
+ * @lib internal (vpnmanager.exe)
+ * @since S60 v3.0
+ */
+class CPolicyImporter : public CActive
+ {
+public:
+ static CPolicyImporter* NewL(const RMessage2& aMessage,
+ CVpnApiServant& aVpnApiServant,
+ CPolicyStore& iPolicyStore, RFs& aFs);
+ static CPolicyImporter* NewL(TRequestStatus& aStatus,
+ CVpnApiServant& aVpnApiServant,
+ CPolicyStore& iPolicyStore, RFs& aFs);
+ ~CPolicyImporter();
+
+ void ImportPolicyL(const TDesC& aDir);
+ void ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId);
+
+private:
+ CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& iPolicyStore, RFs& aFs);
+ CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& iPolicyStore, RFs& aFs);
+ void ConstructL();
+
+protected: // From CActive
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+private:
+
+ void DoImportPolicyL(const TDesC& aDir);
+
+ void GotoState(TInt aState);
+ void SetCurrState(TInt aState);
+ void SetNextState(TInt aState);
+ TInt CurrState();
+ TInt NextState();
+ void ChangeStateL();
+ void CancelOngoingOperation();
+ void ImportComplete(TInt aReturnValue);
+ void StateBeginPolicyImportL();
+ void StateImportCaCertL();
+ void StateAfterImportCaCertL();
+ void StateImportPeerCertL();
+ void StateAfterImportPeerCertL();
+ void StateImportUserPrivKeyL();
+ void StateAfterImportUserPrivKeyL();
+ void StateAttachCertificateL();
+ void StateAfterAttachCertificateL();
+ void StateImportPinAndPolL();
+ void StateCreateVpnDestinationL();
+ void StateEndPolicyImportL();
+ void BuildPolicyIdListL();
+ TPkiServiceStoreType GetStoreTypeL(CIkeData* aData);
+
+
+ /**
+ * Checks that BIN format CA certs defined in the policy can be
+ * found in the same directory, where the .pol and .pin files are and
+ * collects found certificate file names to the iCurrCaCertList list.
+ *
+ * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.
+ */
+ void BuildCaCertListL();
+
+ /**
+ * Checks that BIN format peer certs defined in the policy can be
+ * found in the same directory, where the .pol and .pin files are and
+ * collects found certificate file names to the iCurrPeerCertList list.
+ *
+ * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.
+ */
+ void BuildPeerCertListL();
+
+ /**
+ * Checks that BIN format user certs have and assosiated bin format
+ * private key. Checks that both files exists in the same directory, where
+ * the .pol and .pin files are. Collects the user cert file names to iCurrUserCertList
+ * and private key file names to iCurrUserPrivKeyList.
+ *
+ * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.
+ * of with KVpnErrInvalidPolicyFile if the user certificate doesn't has
+ * a assosiated private key.
+ */
+ void BuildUserPrivKeyAndUserCertListL();
+ /**
+ * Checks if there is other CA certificates which are not defined in policy file
+ * (like intermediate CAs) and installs them to device.
+ */
+ void BuildOtherCaCertListL();
+
+ void ParseIkeDataL();
+ void PatchPolicyCaCertInfoL(const TFileName& aPolicyFile);
+ CPolicyPatchInfoList* BuildPolicyPatchInfoListL();
+ HBufC8* CertSubjectNameL(const TFileName& aCertFile);
+ void CleanImportDirectory();
+ void AppendIfNotFoundL(CArrayFixFlat<TFileName>* aList,
+ TFileName* aFileName);
+
+ /**
+ * Returns subject name of the certificate and sets aKeySize.
+ * Parameter aKeySize is not set if aKeySize equals KDoNotGetKeySize.
+ */
+ HBufC8* CertInfoL(const TFileName& aCertFile, TInt& aKeySize);
+ /**
+ * Returns Issuer name of certificate
+ */
+ HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile);
+ TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat<TFileName>* aCertFileArray);
+
+private:
+ RMessage2 iMessage;
+ TRequestStatus* iExtStatus;
+ CVpnApiServant& iVpnApiServant;
+ CPolicyStore& iPolicyStore;
+ RFs& iFs;
+ TFileUtil iFileUtil;
+ RPKIServiceAPI iPkiService;
+
+ TFileName iImportDir;
+
+ TInt iCurrState;
+ TInt iNextState;
+
+ CArrayFixFlat<TExtVpnPolicyId>* iPolicyIdList;
+ TInt iCurrPolicyIdIndex;
+ TExtVpnPolicyId iCurrPolicyId;
+
+ CIkeDataArray* iCurrIkeDataArray;
+ TInt iCurrIkeDataIndex;
+
+ CArrayFixFlat<TFileName>* iCurrCaCertList;
+ TInt iCurrCaCertIndex;
+
+ CArrayFixFlat<TFileName>* iCurrPeerCertList;
+ TInt iCurrPeerCertIndex;
+
+ CArrayFixFlat<TFileName>* iCurrUserPrivKeyList;
+ TInt iCurrUserPrivKeyIndex;
+
+ CArrayFixFlat<TFileName>* iCurrUserCertList;
+ TInt iCurrUserCertIndex;
+ //for intermediate CAs
+ CArrayFixFlat<TFileName>* iCurrOtherCaCertList;
+ TInt iCurrOtherCaCertIndex;
+
+ TPKIKeyIdentifier iCurrKeyId;
+
+ HBufC8* iCertFileData;
+ HBufC8* iKeyFileData;
+
+ TAny* iPkiOpContext;
+
+ TBool iImportSinglePolicy;
+ TVpnPolicyId* iNewPolicyId;
+
+ TVpnPolicyId iPolicyId;
+ };
+
+#endif // __POLICYIMPORTER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/policypatcher.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,137 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy importer
+*
+*/
+
+
+
+#ifndef __POLICYPATCHER_H__
+#define __POLICYPATCHER_H__
+
+#include <e32base.h>
+
+_LIT8(KDataField, " DATA:"); // Two preceding spaces just for indentation
+_LIT8(KSpace, " ");
+_LIT8(KNewLine, "\n");
+_LIT8(KName, "NAME");
+_LIT8(KKeyLenField, "PRIVATE_KEY_LENGTH: ");
+_LIT8(KDNField, " SUBJECT_DN_SUFFIX: ");
+
+
+const TChar KBinChar = 'B';
+const TChar KFormatChar = 'F';
+
+const TInt KUndefinedOffset = -1;
+
+class TPatchKeyArrayPtr : public TKeyArrayFix
+{
+public:
+ inline TPatchKeyArrayPtr(TInt aOffset, TKeyCmpText aType)
+ :TKeyArrayFix(aOffset, aType) {}
+ inline TPatchKeyArrayPtr(TInt aOffset, TKeyCmpText aType, TInt aLength)
+ :TKeyArrayFix(aOffset, aType, aLength) {}
+ inline TPatchKeyArrayPtr(TInt aOffset, TKeyCmpNumeric aType)
+ :TKeyArrayFix(aOffset, aType) {}
+ virtual TAny* At(TInt aIndex) const;
+};
+
+
+class CPolicyPatchInfo : public CBase
+ {
+public:
+ CPolicyPatchInfo();
+ ~CPolicyPatchInfo();
+
+ const TDesC8& CertSubjectName() const;
+ void SetCertSubjectNameL(const TDesC8& aCertSubjectName);
+
+ /**
+ * Sets key length (in bits) of user cert.
+ */
+ void SetUserCertKeyLen( TInt aKeyLen );
+
+ /**
+ * Gets key length (in bits) of user cert.
+ */
+ TInt UserCertKeyLen() const;
+
+ /**
+ * Verifies, that subjectname does not include not closed commas inside attributes
+ */
+ HBufC8* CheckSubjectNameSyntaxL(const TDesC8& aSubj);
+
+public:
+ TBuf8<KMaxFileName> iCertFileName;
+ TInt iPatchOffset;
+ TInt iReminderOffset;
+
+private:
+ HBufC8* iCertSubjectName;
+
+ /**
+ * Key length (in bits) of user cert.
+ */
+ TInt iUserCertKeyLen;
+ };
+
+class CPolicyPatchInfoList : public CArrayPtrFlat<CPolicyPatchInfo>
+ {
+public:
+ CPolicyPatchInfoList(TInt aGranularity);
+ ~CPolicyPatchInfoList();
+ };
+
+class CPatchData : public CBase
+ {
+public:
+ ~CPatchData();
+
+public:
+ TInt iPatchOffset;
+ TInt iReminderOffset;
+ HBufC8* iData;
+ };
+
+class CPatchDataList : public CArrayPtrFlat<CPatchData>
+ {
+public:
+ CPatchDataList(TInt aGranularity);
+ ~CPatchDataList();
+ };
+
+class CPolicyPatcher : public CBase
+ {
+public:
+ static CPolicyPatcher* NewL();
+
+ HBufC8* PatchPolicyL(const TDesC8& aPolicyData,
+ CPolicyPatchInfoList* aPatchInfoList);
+
+private:
+ CPolicyPatcher();
+ void ConstructL();
+ ~CPolicyPatcher();
+
+ void FindOffsetsL();
+ HBufC8* CreateOutputL();
+ HBufC8* CreatePatchDataL(const CPolicyPatchInfo* aPatchInfo);
+
+private:
+ TPtrC8 iInput;
+ CPolicyPatchInfoList* iPatchInfoList;
+ TBool iUserCertPatched;
+ };
+
+#endif // __POLICYPATCHER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/policystore.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,137 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy store
+*
+*/
+
+
+
+#ifndef __POLICYSTORE_H__
+#define __POLICYSTORE_H__
+
+#include <e32std.h>
+#include <e32base.h>
+#include <es_sock.h>
+#include <es_enum.h>
+#include <cmmanager.h>
+
+#include "fileutil.h"
+#include "vpnapidefs.h"
+#include "pkiutil.h"
+
+const TInt KUnfoundIndex( KErrNotFound );
+
+class RConnection;
+class CVpnApiServant;
+class CIkeData;
+class RPKIServiceAPI;
+
+ /**
+ * Maintains the VPN policy store.
+ *
+ * @lib internal (vpnmanager.exe)
+ * @since S60 3.0
+ */
+class CPolicyStore : public CBase
+ {
+public:
+ static CPolicyStore* NewL(RFs& aFs);
+ ~CPolicyStore();
+
+ void ImportPolicyL(const TFileName& aPinFile, const TFileName& aPolFile,
+ TVpnPolicyId* aNewPolicyId = NULL);
+ TInt DeletePolicyL(const TVpnPolicyId& aPolicyId);
+ void ReplacePolicyL(const TVpnPolicyId& aPolicyToReplace,
+ const TVpnPolicyId& aReplacingPolicy);
+ TInt PolicyCount();
+ TInt GetPolicyInfo(const TVpnPolicyId& aPolicyId,
+ TVpnPolicyInfo& aPolicyInfo);
+ TInt GetPolicyDetailsL(const TVpnPolicyId& aPolicyId,
+ TVpnPolicyDetails& aPolicyDetails);
+
+
+ TInt LoadPolicyDataL(const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData);
+
+ TUint8* RawPolicyData();
+
+ void AddNewPolicyL(TVpnPolicyDetails& aPolicyDetails, const TDesC8& aPolicyData);
+ void UpdatePolicyDetailsL(TVpnPolicyDetails& aPolicyDetails);
+ void UpdatePolicyDataL(const TVpnPolicyId& aPolicyId, const TDesC8& aPolicyData);
+
+private: // C'tor
+ CPolicyStore(RFs& aFs);
+ void ConstructL();
+
+ void ConstructPolicyListL();
+
+private: // implementation
+ void AddPolicyL(const TVpnPolicyId& aPolicyId);
+ TVpnPolicyId NewPolicyIdL();
+ TVpnPolicyInfo* PolicyInfo(const TVpnPolicyId& aPolicyId);
+ TInt PolicyIndex(const TVpnPolicyId& aPolicyId);
+ TInt PolicyIndexVisible(const TVpnPolicyId& aPolicyId);
+ TPolicyUsageStatus PolicyUsageStatusL(const TVpnPolicyId& aPolicyId );
+ TBool PolicyAssignedToIapL(RCmManager& aCmManager,
+ const TVpnPolicyId& aPolicyId,
+ TBool& aPolicyActive);
+ void ConnectionMethodsLC(RArray<TUint32>& aVpnConnections,
+ RCmManager& aCmManager,
+ const TVpnPolicyId& aPolicyId,
+ TBool& aPolicyActive);
+ TPolicyPkiStatus PolicyPkiStatusL(const TVpnPolicyId& aPolicyId);
+
+ TCertStatus PolicyCertificateStatusL(CIkeData* aIkeData) const;
+
+ void EnsureUniquePolicyNameL(const TFileName& aPinFile);
+ TBool DoEnsureUniquePolicyNameL(TVpnPolicyDetails& aPolicyDetails);
+ TBool PolicyNameExists(const TDesC& aPolicyName);
+ HBufC* MakeNewPolicyNameL(const TDes& aOriginalPolicyName, TInt aSequenceNumber);
+ TBool IsHiddenPolicyL(const TVpnPolicyId& aPolicyId);
+ void UpdateVisiblePolicyInfoL(const TVpnPolicyDetails& aPolicyDetails);
+
+private: // data
+ RFs& iFs;
+ TFileUtil iFileUtil;
+ /// Own: Policy list
+ CArrayFixFlat<TVpnPolicyInfo>* iPolicyListAll;
+ /// Own: List of visible policies
+ CArrayFixFlat<TVpnPolicyInfo>* iPolicyListVisible;
+ };
+
+ /**
+ * Internal helper class
+ *
+ * @lib internal (vpnmanager.exe)
+ * @since S60 3.0
+ */
+class CFileInfoContainer : public CBase
+ {
+public:
+ ~CFileInfoContainer()
+ {
+ delete iPinFileToReplace;
+ delete iPolFileToReplace;
+ delete iReplacingPinFile;
+ delete iReplacingPolFile;
+ };
+
+ HBufC* iPinFileToReplace;
+ HBufC* iPolFileToReplace;
+ HBufC* iReplacingPinFile;
+ HBufC* iReplacingPolFile;
+ TVpnPolicyDetails iOldPolicyDetails;
+ TVpnPolicyDetails iNewPolicyDetails;
+ };
+
+#endif // __POLICYSTORE_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/pwdchanger.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Handles the calling of PKI Service Server module’s password change function.
+*
+*/
+
+
+
+#ifndef __PWDCHANGER_H__
+#define __PWDCHANGER_H__
+
+#include <e32std.h>
+#include <e32base.h>
+
+class CX509Certificate;
+#include "pkiserviceapi.h"
+
+class CVpnApiServant;
+
+/**
+ * Handles the calling of the PKI Services
+ * Server module's change password call.
+ */
+class CPwdChanger : public CActive
+ {
+public:
+ static CPwdChanger* NewL(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant);
+ ~CPwdChanger();
+
+ void ChangePassword();
+
+private:
+ CPwdChanger(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant);
+ void ConstructL();
+
+protected: // From CActive
+ void DoCancel();
+ void RunL();
+
+private:
+ RMessage2 iMessage;
+ CVpnApiServant& iVpnApiServant;
+ RPKIServiceAPI iPkiService;
+ };
+
+#endif // __PWDCHANGER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/requestdispatcher.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Dispatches requests from clients to CVpnApiServant.
+*
+*/
+
+#ifndef __REQUESTDISPATCHER_H__
+#define __REQUESTDISPATCHER_H__
+
+#include <e32base.h>
+
+class RFs;
+class CVpnApiServant;
+
+
+/**
+ * Server-level request dispatcher.
+ * Dispatches the requests received from VPN Manager
+ * client to the actual request servants that operate
+ * at the server level (of which there is only one
+ * instance).
+ */
+class CRequestDispatcher : public CBase
+ {
+public:
+ static CRequestDispatcher* NewL(RFs& aFs);
+ ~CRequestDispatcher();
+
+ TBool ServiceL(const RMessage2& aMessage, CSession2* aSession);
+
+private:
+ CRequestDispatcher(RFs& aFs);
+ void ConstructL();
+
+public:
+ CVpnApiServant* iVpnApiServant;
+ RFs& iFs;
+ };
+
+
+#endif // __REQUESTDISPATCHER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/uuid.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,82 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Create a new UID for the policy.
+*
+*/
+
+
+
+/**
+ * @file
+ *
+ * Simple UUID generation and formatting support
+ */
+
+#ifndef __UUID_H__
+#define __UUID_H__
+
+const TInt KNodeMacOctets = 6;
+const TInt KUuidStringLen = 36;
+
+typedef TBuf<KUuidStringLen> TUuidString;
+typedef TBuf8<KUuidStringLen> TUuidString8;
+
+// Example UUID string: f81d4fae-7dec-11d0-a765-00a0c91e6bf6
+_LIT(KUuidFormatString, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x");
+_LIT8(KUuidFormatString8, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x");
+
+/**
+ * Generally known UUID versions.
+ * NOTE. This implementation supports
+ * only version 4 (ERandomBased)
+ */
+enum TUuidVersion
+ {
+ ETimeBased = (1 << 0), ///< v1, time-based version
+ EDceSecurity = (1 << 1), ///< v2, DCE Security version
+ ENameBasedMd5 = (1 << 2), ///< v3, name-based version with MD5 hashing
+ ERandomBased = (1 << 3), ///< v4, randomly or pseudo-randomly generated version
+ ENameBasedSha1 = (1 << 4) ///< v5, name-based version with SHA-1 hashing
+ };
+
+class TUuid
+/**
+ * A value type class that represents a UUID
+ */
+ {
+public:
+ TUint32 iTimeLow; /* bits 0-31 of time field */
+ TUint16 iTimeMid; /* bits 32-47 of time field */
+ TUint16 iTimeHiAndVersion; /* bits 48-59 of time field plus 4 bit version */
+ TUint8 iClockSeqHiAndReserved; /* bits 8-13 of clock sequence field plus 2 bit variant */
+ TUint8 iClockSeqLow; /* bits 0-7 of clock sequence field */
+ TUint8 iNode[KNodeMacOctets]; /* bits 0-47 of node MAC address */
+ };
+
+class Uuid
+/**
+ * A class for creating UUIDs and formatting them as strings
+ */
+ {
+public:
+ static void MakeUuidL(TUuid& aUuid, TUuidVersion aVersion = ERandomBased);
+ static void UuidToString(const TUuid& aUuid, TUuidString& aUuidString);
+ static void UuidToString(const TUuid& aUuid, TUuidString8& aUuidString);
+
+private:
+ static void RandomizeL(TUuid& aUuid);
+ static void Brand(TUuid& aUuid, TUuidVersion aVersion);
+ };
+
+#endif // __UUID_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnapiservant.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,79 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles API requests for VPN Manager.
+*
+*/
+
+
+
+#ifndef __VPNAPISERVANT_H__
+#define __VPNAPISERVANT_H__
+
+#include <e32base.h>
+#include "vpnapi.h"
+#include "eventlogger.h"
+
+class RFs;
+class CPolicyStore;
+class CPwdChanger;
+class CPolicyImporter;
+
+/**
+ * Services the requests received from clients that use the VPN API.
+ */
+class CVpnApiServant : public CBase
+ {
+public:
+ static CVpnApiServant* NewL(RFs& aFs);
+ ~CVpnApiServant();
+
+ TBool ServiceL(const RMessage2& aMessage);
+
+ void PasswordChangeComplete();
+ void PolicyImportComplete();
+
+ CPolicyStore* PolicyStore();
+ void ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId,
+ TRequestStatus& aStatus);
+ void CancelImportSinglePolicy();
+
+ DEFINE_EVENT_LOGGER
+
+private:
+ CVpnApiServant(RFs& aFs);
+ void ConstructL();
+
+ void ImportPolicyL(const RMessage2& aMessage);
+ void CancelImportPolicy(const RMessage2& aMessage);
+ void EnumeratePoliciesL(const RMessage2& aMessage);
+ void GetPolicyInfoL(const RMessage2& aMessage);
+ void GetPolicyDetailsL(const RMessage2& aMessage);
+ void DeletePolicyL(const RMessage2& aMessage);
+ void ChangePasswordL(const RMessage2& aMessage);
+ void CancelChangePassword(const RMessage2& aMessage);
+ void GetPolicySizeL(const RMessage2& aMessage);
+ void GetPolicyDataL(const RMessage2& aMessage);
+ TInt PolicySizeL(const TVpnPolicyId& aPolicyId);
+ void AddPolicyL(const RMessage2& aMessage);
+ void UpdatePolicyDetailsL(const RMessage2& aMessage);
+ void UpdatePolicyDataL(const RMessage2& aMessage);
+
+private:
+ CPolicyStore* iPolicyStore;
+ CPwdChanger* iPwdChanger;
+ CPolicyImporter* iPolicyImporter;
+ RFs& iFs;
+ };
+
+#endif // __VPNAPISERVANT_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnmanagerserver.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,125 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Server component for VPN (Ext) Manager, used by VPN (Ext) API.
+* VPN Ext API uses the definition, but provides its own implementation.
+*
+*/
+
+
+
+#ifndef __VPNMANAGERSERVER_H__
+#define __VPNMANAGERSERVER_H__
+
+#include <e32base.h>
+#include <f32file.h>
+#include "vpnmanagerserverdefs.h"
+
+class CRequestDispatcher;
+
+/**
+ * The main server class
+ */
+class CVpnManagerServer : public CPolicyServer
+ {
+public:
+
+ /**
+ * Create a CVpnManagerServer object using two phase construction,
+ * and return a pointer to the created object
+ *
+ * @result pointer to created CVpnManagerServer object
+ */
+ static CVpnManagerServer* NewL();
+
+ /**
+ * Create a CVpnManagerServer object using two phase construction,
+ * and return a pointer to the created object, leaving a pointer
+ * to the object on the cleanup stack.
+ *
+ * Pointer to created CVpnManagerServer object
+ */
+ static CVpnManagerServer* NewLC();
+
+ /**
+ * Destroy the object and release all memory objects
+ */
+ ~CVpnManagerServer();
+
+ /**
+ * Increments the count of the active sessions for this server
+ */
+ void IncrementSessions();
+
+ /**
+ * Decrements the count of the active sessions for this server.
+ * If no more sessions are in use the server terminates.
+ */
+ void DecrementSessions();
+
+protected: // From CActive
+ /**
+ * Process any errors
+ *
+ * @param aError the leave code reported
+ */
+ TInt RunError(TInt aError);
+
+private:
+
+ /**
+ * Perform the first phase of two phase construction
+ *
+ * @param Priority for this thread
+ */
+ CVpnManagerServer(TInt aPriority);
+
+ /**
+ * Perform the second phase construction of a CVpnManagerServer object
+ */
+ void ConstructL() ;
+
+private: // From CServer
+
+ /**
+ * Create a time server session, and return a pointer to the
+ * created object
+ *
+ * @param Version
+ *
+ * @result Pointer to the new session
+ */
+ CSession2* NewSessionL(const TVersion& aVersion,const RMessage2& aMessage) const;
+
+private:
+ /** The number of client-server sessions */
+ TInt iSessionCount;
+
+ /** The handler of client requests */
+ CRequestDispatcher* iRequestDispatcher;
+
+ /** The common file server session used throughout the VPN Manager */
+ RFs iFs;
+
+ static const TUint iVpnManRangeCount;
+ static const TInt iVpnManRanges[];
+ static const TUint8 iVpnManElementIndex[];
+
+ static const CPolicyServer::TPolicyElement iVpnManElements[];
+ static const CPolicyServer::TPolicy iVpnManPolicy;
+ };
+
+
+#endif // __VPNMANAGERSERVER_H__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnmanagerserverdefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,69 @@
+/*
+* Copyright (c) 2000-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Server component for VPN (Ext) Manager, used by VPN (Ext) API.
+* VPN Ext API uses the definition, but provides its own implementation.
+*
+*/
+
+
+
+#ifndef __VPNMANAGERDEFS_H__
+#define __VPNMANAGERDEFS_H__
+
+#include <e32base.h>
+
+static const TUid KVpnManagerUid3 = {0x101F7993};
+
+_LIT(KVpnManagerFile, "vpnmanager");
+
+_LIT(KVpnManagerServer, "!VpnManagerServer");
+
+// The server version. A version must be specified when
+// creating a session with the server
+const TUint KVpnManagerMajorVersionNumber = 0;
+const TUint KVpnManagerMinorVersionNumber = 1;
+const TUint KVpnManagerBuildVersionNumber = 1;
+
+// Opcodes used in message passing between client and server
+enum TVpnApiRequest
+ {
+ EVpnImportPolicy = 1000, // To *not* conflict with VPN Connection API opcodes
+ EVpnCancelImport,
+ EVpnEnumeratePolicies,
+ EVpnGetPolicyInfo,
+ EVpnGetPolicyDetails,
+ EVpnDeletePolicy,
+ EVpnChangePassword,
+ EVpnCancelChange,
+ EVpnGetPolicySize,
+ EVpnGetPolicyData,
+ // New ones (to facilitate
+ // OMA DM based policy management)
+ EVpnAddPolicy,
+ EVpnUpdatePolicyDetails,
+ EVpnUpdatePolicyData
+ };
+
+// Panic codes
+enum TVpnManagerPanic
+ {
+ ECreateTrapCleanup = 1,
+ ECreateServer,
+ EBadDescriptor,
+ EBadRequest,
+ EInvalidImportState
+ };
+
+#endif // __VPNMANAGERDEFS_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnmanagersession.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,94 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles client requests.
+*
+*/
+
+
+
+#ifndef __VPNMANAGERSESSION_H__
+#define __VPNMANAGERSESSION_H__
+
+#include <e32base.h>
+
+class CVpnManagerServer;
+class CRequestDispatcher;
+
+/**
+ * A handler for the service requests received from clients.
+ * An instance of class CVpnManagerSession is created for each client.
+ */
+class CVpnManagerSession : public CSession2
+ {
+public:
+ /**
+ * Creates a CVpnManagerSession object using two phase construction,
+ * and returns a pointer to the created object
+ *
+ * @param Client's thread
+ * @param The server
+ *
+ * @result Pointer to the new session
+ */
+ static CVpnManagerSession* NewL(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher);
+ /**
+ * Creates a CVpnManagerSession object using two phase construction,
+ * and returns a pointer to the created object
+ * (leaving a pointer to the object on the cleanup stack)
+ *
+ * @param Client's thread
+ * @param The server
+ *
+ * @result Pointer to the new session
+ */
+ static CVpnManagerSession* NewLC(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher);
+
+ /**
+ * Destroy the object and release all memory objects
+ */
+ ~CVpnManagerSession();
+
+public: // from CSession
+ /**
+ * Service request from client
+ *
+ * @param Message from client (containing requested operation and any data)
+ */
+ void ServiceL(const RMessage2& aMessage);
+
+private: // New methods
+
+ /**
+ * The first phase of two phase construction
+ *
+ * @param Client's thread
+ * @param The server
+ */
+ CVpnManagerSession(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher);
+
+ /**
+ * The second phase of two phase construction
+ */
+ void ConstructL() ;
+
+private:
+ RMessage2 iMessage;
+ CVpnManagerServer& iServer;
+ CRequestDispatcher& iRequestDispatcher;
+ };
+
+#endif // __VPNMANAGERSESSION_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnmandefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,69 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This module defines the classes used for transferring data.
+*
+*/
+
+
+
+#ifndef __VPNCONNMANDEFS_H__
+#define __VPNCONNMANDEFS_H__
+
+#include <e32base.h>
+#include <e32std.h>
+#include <in_sock.h>
+#include <ipsecpolapi.h>
+
+/**
+* Real interface interface IAPId/NetworkId package definition
+* for C/S message parameters. VPN Nif name is added because this
+* information is passed to kmdserver too.
+*/
+class TRealConfig
+{
+ public:
+ inline TRealConfig()
+ :iVpnIapId(0), iVpnNetId(0), iRealIapId(0), iRealNetId(0), iSnapId(0)
+ {iVPNIfName.Zero(); }
+
+ public:
+ TUint32 iVpnIapId;
+ TUint32 iVpnNetId;
+ TUint32 iRealIapId;
+ TUint32 iRealNetId;
+ TUint32 iSnapId;
+ TBuf<64> iVPNIfName;
+};
+typedef TPckg<TRealConfig> TRealConfigPckg;
+
+/**
+* Address information package definition for passing addresses
+* in Client/Server message.
+*/
+class TVPNAddress
+{
+ public:
+ inline TVPNAddress()
+ :iVPNIfAddr(), iVPNIfDNS1(), iVPNIfDNS2()
+ {iVPNIfAddr.Zero(); iVPNIfDNS1.Zero(); iVPNIfDNS2.Zero(); }
+
+ public:
+ TInetAddr iVPNIfAddr;
+ TInetAddr iVPNIfDNS1;
+ TInetAddr iVPNIfDNS2;
+};
+typedef TPckg<TVPNAddress> TVPNAddressPckg;
+
+
+#endif // __VPNCONNMANDEFS_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/inc/vpnmaninternal.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Manager internal definitions.
+*
+*/
+
+
+
+#ifndef __VPNMANINTERNAL_H__
+#define __VPNMANINTERNAL_H__
+
+#define FIRST_ARGUMENT 0
+#define SECOND_ARGUMENT 1
+#define THIRD_ARGUMENT 2
+#define FOURTH_ARGUMENT 3
+
+enum TNextAction
+ {
+ ENoAction,
+ EActivateAndLoad,
+ EDeactivateAndUnload
+ };
+
+
+
+#endif // __VPNMANINTERNAL_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/rom/vpnmanager.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnmanager
+*
+*/
+
+
+
+#ifndef __VPNMANAGER_IBY__
+#define __VPNMANAGER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNMANAGER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpnmanager.exe PROGRAMS_DIR\vpnmanager.exe
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNMANAGER_IBY__
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/cmmanagerutils.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,305 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility methods for handling connection settings
+*
+*/
+
+#include "cmmanagerutils.h"
+
+#include <cmconnectionmethoddef.h> // default ccm definitions
+#include <cmpluginvpndef.h> // vpn specific ccm definitions
+#include <cmdestinationext.h>
+#include <cmmanagerext.h>
+
+#include "eventlogger.h"
+#include "log_r6.h"
+
+
+static const TUint KMaxDestinationNameLength = 32;
+
+
+void CmManagerUtils::CreateVPNConnectionMethodToIntranetL(const TVpnPolicyInfo& aVpnPolicyInfo,
+ CEventLogger& aEventLogger)
+ {
+ LOG_("CmManagerUtils::CreateVPNConnectionMethodToIntranetL \n");
+
+ using namespace CMManager;
+
+ RCmManagerExt cmManagerExt;
+ cmManagerExt.OpenL();
+ CleanupClosePushL( cmManagerExt );
+
+ //Makes sure that Internet Destination Exists
+ RArray<TUint32> destinationArray;
+ cmManagerExt.AllDestinationsL( destinationArray );
+ CleanupClosePushL(destinationArray);
+
+ TUint32 internetDestinationId = 0;
+ for (TInt i = 0; i < destinationArray.Count(); ++i)
+ {
+ RCmDestinationExt destination = cmManagerExt.DestinationL( destinationArray[i] );
+ CleanupClosePushL(destination);
+
+ TUint32 purposeMetaData = destination.MetadataL( ESnapMetadataPurpose );
+ if ( ESnapPurposeInternet == purposeMetaData )
+ {
+ internetDestinationId = destinationArray[i];
+ CleanupStack::PopAndDestroy(); //destination
+ break;
+ }
+ CleanupStack::PopAndDestroy(); //destination
+ }
+
+
+ if ( internetDestinationId != 0)
+ {
+ //Generate name for the connection method
+ HBufC* name = CreateConnectionMethodNameLC(cmManagerExt,
+ aVpnPolicyInfo.iName);
+
+ //Create VPN connection method
+ RCmConnectionMethodExt vpnConnectionMethod =
+ CreateNewConnectionMethodToIntranetL(cmManagerExt,
+ *name,
+ aVpnPolicyInfo.iId,
+ internetDestinationId);
+
+ CleanupClosePushL( vpnConnectionMethod );
+ TUint32 connectionMethodId = vpnConnectionMethod.GetIntAttributeL( ECmId );
+ aEventLogger.LogEvent(R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP,
+ &(aVpnPolicyInfo.iId), NULL,
+ connectionMethodId, internetDestinationId);
+ CleanupStack::PopAndDestroy(&vpnConnectionMethod);
+ CleanupStack::PopAndDestroy(name);
+ }
+ else
+ {
+ LOG_("No Internet destination: VPN connection method not created. \n");
+ }
+
+ CleanupStack::PopAndDestroy(); //destinationArray
+ CleanupStack::PopAndDestroy(); //cmManagerExt
+
+ LOG_("CmManagerUtils::CreateVPNConnectionMethodToIntranetL - end \n");
+ }
+
+void CmManagerUtils::SetVpnConnectionMethodAttributesL(RCmConnectionMethodExt& aConnectionMethod,
+ const TDesC& aConnectionMethodName,
+ const TVpnPolicyId aPolicyId,
+ const TUint32 aInternetDestinationId)
+ {
+ using namespace CMManager;
+
+ LOG_("CmManagerUtils::SetVpnConnectionMethodAttributesL \n");
+
+ aConnectionMethod.SetIntAttributeL( ECmNamingMethod, ENamingNothing );
+ aConnectionMethod.SetStringAttributeL( ECmName, aConnectionMethodName );
+ aConnectionMethod.SetStringAttributeL( EVpnServicePolicy, aPolicyId );
+ aConnectionMethod.SetIntAttributeL( ECmNextLayerSNAPId, aInternetDestinationId );
+
+ LOG_("CmManagerUtils::SetVpnConnectionMethodAttributesL - end \n");
+ }
+
+HBufC* CmManagerUtils::CreateConnectionMethodNameLC(RCmManagerExt& aCmManagerExt,
+ const TDesC& aPolicyName)
+ {
+ using namespace CMManager;
+
+ LOG_("CmManagerUtils::CreateConnectionMethodNameLC \n");
+
+ HBufC* name = HBufC::NewLC(KMaxDestinationNameLength);
+ TPtr namePtr = name->Des();
+
+ RArray<TUint32> connections;
+ CleanupClosePushL( connections );
+ aCmManagerExt.ConnectionMethodL( connections, EFalse, EFalse, EFalse );
+
+ TInt connectionMethodCount = connections.Count();
+ TBool matchFound = EFalse;
+ TInt counter = 1;
+ do
+ {
+ matchFound = EFalse;
+
+ namePtr.Copy(aPolicyName.Left(KMaxDestinationNameLength));
+ if (counter > 1)
+ {
+ TBuf<10> numberValue;
+ numberValue.Format(_L("(%d)"), counter);
+ if (namePtr.MaxLength() < numberValue.Length() + namePtr.Length())
+ {
+ namePtr.SetLength(namePtr.MaxLength() - numberValue.Length());
+
+ }
+ namePtr.Append(numberValue);
+ }
+
+ for (TInt i = 0; i < connectionMethodCount; i++)
+ {
+ RCmConnectionMethodExt connectionMethod = aCmManagerExt.ConnectionMethodL( connections[i] );
+ CleanupClosePushL(connectionMethod);
+ HBufC* existingName = connectionMethod.GetStringAttributeL( ECmName );
+ CleanupStack::PopAndDestroy(); //connectionMethod
+
+ if (name->Compare(*existingName) == 0)
+ {
+ delete existingName;
+ matchFound = ETrue;
+ break;
+ }
+ delete existingName;
+ }
+ counter++;
+ }while(matchFound);
+
+ CleanupStack::PopAndDestroy(); // connections
+ LOG_("CmManagerUtils::CreateConnectionMethodNameLC - end \n");
+ return name;
+ }
+
+
+HBufC* CmManagerUtils::CreateIntranetDestinationNameLC(RCmManagerExt& aCmManagerExt)
+ {
+ _LIT(KDestinationNameBase, "Intranet");
+ _LIT(KDestinationNumberFormat, "(%d)");
+
+ HBufC* destinationName = HBufC::NewLC(KMaxDestinationNameLength);
+ TPtr destinationNamePtr = destinationName->Des();
+
+ RArray<TUint32> destArray;
+ aCmManagerExt.AllDestinationsL(destArray);
+ CleanupClosePushL(destArray);
+
+ TUint counter = 1;
+ do
+ {
+ destinationNamePtr = KDestinationNameBase;
+ if (counter > 1)
+ {
+ TBuf<10> numberValue;
+ numberValue.Format(KDestinationNumberFormat, counter);
+ destinationNamePtr.Append(numberValue);
+ }
+
+ for (TInt i = 0; i < destArray.Count(); ++i)
+ {
+ RCmDestinationExt destination = aCmManagerExt.DestinationL(destArray[i]);
+ CleanupClosePushL(destination);
+ HBufC* name = destination.NameLC();
+
+ if (name->Compare(*destinationName) == 0)
+ {
+ destinationNamePtr.Zero();
+ CleanupStack::PopAndDestroy(name);
+ CleanupStack::PopAndDestroy(); //destination
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(name);
+ CleanupStack::PopAndDestroy(); //destination
+ }
+ counter++;
+ }while(destinationName->Length() == 0);
+
+ CleanupStack::PopAndDestroy(); //destArray
+ return destinationName;
+ }
+
+
+RCmConnectionMethodExt CmManagerUtils::CreateNewConnectionMethodToIntranetL(RCmManagerExt& aCmManagerExt,
+ const TDesC& aConnectionMethodName,
+ const TVpnPolicyId aPolicyId,
+ const TUint32 aInternetDestinationId)
+ {
+ LOG_("CmManagerUtils::CreateNewConnectionMethodToIntranetL \n");
+ using namespace CMManager;
+
+ RCmDestinationExt intranetDestination;
+ RCmConnectionMethodExt vpnConnectionMethod;
+ TBool intranetSnapFound = EFalse;
+
+ RArray<TUint32> destinationArray;
+ aCmManagerExt.AllDestinationsL( destinationArray );
+ CleanupClosePushL(destinationArray);
+
+ //Try to find Intranet Destination using metadata.
+ for (TInt i = 0; i < destinationArray.Count(); ++i)
+ {
+ intranetDestination = aCmManagerExt.DestinationL( destinationArray[i] );
+ CleanupClosePushL(intranetDestination);
+
+ TUint32 purposeMetaData = intranetDestination.MetadataL( ESnapMetadataPurpose );
+ if ( purposeMetaData == ESnapPurposeIntranet)
+ {
+ //Jumps out and leaves the destination
+ //in the clenaup stack.
+ intranetSnapFound = ETrue;
+ // create new vpn record with default values to intranet
+ vpnConnectionMethod =
+ intranetDestination.CreateConnectionMethodL( KPluginVPNBearerTypeUid );
+ SetVpnConnectionMethodAttributesL( vpnConnectionMethod,
+ aConnectionMethodName,
+ aPolicyId,
+ aInternetDestinationId );
+ intranetDestination.UpdateL();
+ break;
+ }
+ CleanupStack::PopAndDestroy(); //intranetDestination
+ }
+
+ if (!intranetSnapFound)
+ {
+ //If not found Create the Intranet Destination.
+ //If the Intranet destination is not supported this leaves.
+ HBufC* intranetSnapName = CreateIntranetDestinationNameLC(aCmManagerExt);
+ intranetDestination =
+ aCmManagerExt.CreateDestinationL( *intranetSnapName );
+ CleanupStack::PopAndDestroy(intranetSnapName);
+
+ CleanupClosePushL(intranetDestination);
+ TRAPD(err, intranetDestination.SetMetadataL( ESnapMetadataPurpose,
+ ESnapPurposeIntranet ));
+
+ //Intranet metadata is not supported in all platforms.
+ if (err == KErrNone)
+ {
+ // create new vpn record with default values to intranet
+ vpnConnectionMethod =
+ intranetDestination.CreateConnectionMethodL( KPluginVPNBearerTypeUid );
+ SetVpnConnectionMethodAttributesL( vpnConnectionMethod,
+ aConnectionMethodName,
+ aPolicyId,
+ aInternetDestinationId );
+ intranetDestination.UpdateL();
+ }
+ else
+ {
+
+ // create new vpn record with default values
+ vpnConnectionMethod =
+ aCmManagerExt.CreateConnectionMethodL( KPluginVPNBearerTypeUid );
+ SetVpnConnectionMethodAttributesL( vpnConnectionMethod,
+ aConnectionMethodName,
+ aPolicyId,
+ aInternetDestinationId );
+ vpnConnectionMethod.UpdateL();
+ }
+ }
+
+ CleanupStack::PopAndDestroy(&intranetDestination);
+ CleanupStack::PopAndDestroy(&destinationArray);
+
+ LOG_("CmManagerUtils::CreateNewConnectionMethodToIntranetL - end \n");
+ return vpnConnectionMethod;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/eventlogger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,233 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Event logging.
+*
+*/
+
+#include <utf.h>
+
+#include "vpnmanagerserverdefs.h"
+#include "eventlogger.h"
+#include "log_r6.h"
+#include "vpnapiservant.h"
+#include "policystore.h"
+#include "pkiutil.h"
+#include "eventviewer.h"
+
+_LIT(KUnknownPolicy, "unknown");
+_LIT8(KUnknownVpnAp, "unknown");
+_LIT8(KUnknownIap, "unknown");
+
+
+CEventLogger* CEventLogger::NewL(CPolicyStore& aPolicyStore)
+ {
+ CEventLogger* self = new (ELeave) CEventLogger(aPolicyStore);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CEventLogger::CEventLogger(CPolicyStore& aPolicyStore)
+ : iPolicyStore(aPolicyStore)
+ {
+ }
+
+void CEventLogger::ConstructL()
+ {
+ User::LeaveIfError(iEventMediator.Connect());
+ }
+
+CEventLogger::~CEventLogger()
+ {
+ iEventMediator.Close();
+ }
+
+void CEventLogger::LogEvent(TUint aMsgId, const TDesC* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2)
+ {
+ //Logging is an error diagnostic tool.
+ //If the logging fails. There is much we can do. So we just ignore the error.
+ TRAP_IGNORE(LogEventL(aMsgId, aDes1, aDes2, aInt1, aInt2));
+ }
+
+
+void CEventLogger::LogEventL(TUint aMsgId, const TDesC* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2)
+ {
+ TVpnPolicyInfo* policyInfo = new (ELeave) TVpnPolicyInfo;
+ CleanupDeletePushL(policyInfo);
+
+
+ // Special handling for event messages that have policy name in them
+ __ASSERT_DEBUG((aMsgId == R_VPN_MSG_INSTALLED_POLICY_SERVER ||
+ aMsgId == R_VPN_MSG_INSTALLED_POLICY_FILE ||
+ aMsgId == R_VPN_MSG_POLICY_INSTALL_FAIL ||
+ aMsgId == R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP ||
+ aMsgId == R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP), User::Invariant());
+
+ // Descriptor parameter 1 is a policy ID
+ if (aDes1 && aDes1->Length() > 0)
+ {
+ if (iPolicyStore.GetPolicyInfo(*aDes1, *policyInfo) != KErrNone)
+ {
+ // ...use the policy ID as the name
+ policyInfo->iName = *aDes1;
+ }
+ }
+ else
+ {
+ // Completely unknown policy reference
+ policyInfo->iName = KUnknownPolicy;
+ }
+
+ // Make a 8 bit copy of the policy name
+ HBufC8* nameCopy = CnvUtfConverter::ConvertFromUnicodeToUtf8L(policyInfo->iName);
+
+ LogEvent(aMsgId, nameCopy, aDes2, aInt1, aInt2);
+
+ delete nameCopy;
+ nameCopy = NULL;
+
+ CleanupStack::PopAndDestroy(); //policyInfo
+ }
+
+void CEventLogger::LogEvent(TUint aMsgId, const TDesC8* aDes1, const TDesC8* aDes2, TInt aInt1, TInt aInt2)
+ {
+ TPckgBuf<TInt> int1Des(aInt1);
+
+ TUid sourceUid = (TUid)(KVpnManagerUid3);
+
+ TIapName vpnApName(KUnknownVpnAp);
+ TIapName realConnectionName(KUnknownIap);
+
+ switch (aMsgId)
+ {
+ case R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP:
+ EventViewer::GetIapNames(aInt1, vpnApName, aInt2, realConnectionName);
+
+ //The return value is ignored
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_AP,
+ 3, &vpnApName, aDes1, &realConnectionName);
+ break;
+ case R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP:
+ EventViewer::GetIapName(aInt1, vpnApName);
+ EventViewer::GetSnapName(aInt2, realConnectionName);
+
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_CREATED_VPN_ACCESS_POINT_WITH_SNAP,
+ 3, &vpnApName, aDes1, &realConnectionName);
+
+ break;
+ case R_VPN_MSG_INSTALLED_ENROLLMENT_SERVICE:
+ if (aInt1) // if update...
+ {
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_UPDATED_ENROLLMENT_SERVICE,
+ 2, aDes1, aDes2);
+ }
+ else // install
+ {
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_INSTALLED_ENROLLMENT_SERVICE,
+ 2, aDes1, aDes2);
+ }
+ break;
+
+ case R_VPN_MSG_DELETED_ENROLLMENT_SERVICE:
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_DELETED_ENROLLMENT_SERVICE,
+ 1, aDes1);
+ break;
+
+ case R_VPN_MSG_INSTALLED_POLICY_SERVER:
+ LOG(Log::Printf(_L("Logging event R_VPN_MSG_INSTALLED_POLICY_SERVER, aInt2 = %d\n"), aInt2));
+ if (aInt2) // if update...
+ {
+ if (aInt1 == KErrNone)
+ {
+ LOG(Log::Printf(_L("Logging event R_VPN_MSG_UPDATED_POLICY\n")));
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_UPDATED_POLICY,
+ 2, aDes1, aDes2);
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Logging event R_VPN_MSG_POLICY_UPDATE_FAIL\n")));
+ iEventMediator.ReportLogEvent(sourceUid, EError,
+ R_VPN_MSG_POLICY_UPDATE_FAIL,
+ 2, aDes1, &int1Des);
+ }
+ }
+ else // install
+ {
+ if (aInt1 == KErrNone)
+ {
+ LOG(Log::Printf(_L("Logging event R_VPN_MSG_INSTALLED_POLICY_SERVER\n")));
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_INSTALLED_POLICY_SERVER,
+ 2, aDes1, aDes2);
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Logging event R_VPN_MSG_POLICY_INSTALL_FAIL\n")));
+ iEventMediator.ReportLogEvent(sourceUid, EError,
+ R_VPN_MSG_POLICY_INSTALL_FAIL,
+ 2, aDes1, &int1Des);
+ }
+ }
+ break;
+
+ case R_VPN_MSG_INSTALLED_POLICY_FILE:
+ if (!aInt2) // if installation from file (to avoid event logging when installed from server)
+ {
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_INSTALLED_POLICY_FILE,
+ 1, aDes1);
+ }
+ break;
+
+ case R_VPN_MSG_POLICY_INSTALL_FAIL:
+ if (!aInt2) // if installation from file (failure in installation from server was covered above)
+ {
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_POLICY_INSTALL_FAIL,
+ 2, aDes1, &int1Des);
+ }
+ break;
+
+ case R_VPN_MSG_DELETED_POLICY:
+ iEventMediator.ReportLogEvent(sourceUid, EInfo,
+ R_VPN_MSG_DELETED_POLICY,
+ 1, aDes1);
+ break;
+
+ default:
+ return;
+ }
+
+ LOG(Log::Printf(_L("Logged event %d\n"), aMsgId));
+ }
+
+HBufC8* CEventLogger::CertSubjectNameL(const TDesC8& aCertData)
+ {
+ HBufC* certSubjectName = PkiUtil::CertSubjectNameL(aCertData);
+ CleanupStack::PushL(certSubjectName);
+
+ HBufC8* certSubjectName8 = HBufC8::NewL(certSubjectName->Length());
+ certSubjectName8->Des().Copy(*certSubjectName);
+
+ CleanupStack::PopAndDestroy(); // certSubjectName
+
+ return certSubjectName8;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/fileutil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,281 @@
+/*
+* Copyright (c) 2000 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Provides file handling functions.
+*
+*/
+
+
+
+#include <f32file.h>
+#include "fileutil.h"
+
+TFileUtil::TFileUtil(RFs& aFs) : iFs(aFs)
+ {
+ }
+
+TFileName TFileUtil::ReplaceExtension(const TFileName& aFileName,
+ const TDesC& aExtension)
+ {
+ TFileName newFileName;
+
+ TInt extensionOffset = aFileName.LocateReverse('.');
+
+ if (extensionOffset == KErrNotFound)
+ {
+ newFileName = aFileName;
+ newFileName.Append('.');
+ newFileName.Append(aExtension);
+ }
+ else
+ {
+ newFileName = aFileName.Left(extensionOffset + 1);
+ newFileName.Append(aExtension);
+ }
+
+ return newFileName;
+ }
+
+TBool TFileUtil::FileExists(const TFileName& aFileName)
+ {
+ TUint fileAttr;
+
+ if (iFs.Att(aFileName, fileAttr) == KErrNone)
+ {
+ return ETrue;
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+
+HBufC8* TFileUtil::LoadFileDataL(const TFileName& aFileName)
+ {
+ RFile file;
+ CleanupClosePushL(file);
+
+ User::LeaveIfError(file.Open(iFs, aFileName, EFileRead));
+
+ TInt fileSize;
+ User::LeaveIfError(file.Size(fileSize));
+
+ HBufC8* fileData = HBufC8::NewLC(fileSize);
+ TPtr8 ptrFileData = fileData->Des();
+
+ User::LeaveIfError(file.Read(ptrFileData));
+
+ CleanupStack::Pop(); // fileData
+ CleanupStack::PopAndDestroy(); // file
+
+ return fileData;
+ }
+
+HBufC* TFileUtil::LoadFileDataUL(const TFileName& aFileName)
+ {
+ HBufC8* fileData8 = LoadFileDataL(aFileName);
+ CleanupStack::PushL(fileData8);
+
+ HBufC* fileData = To16BitL(*fileData8);
+
+ CleanupStack::PopAndDestroy(); // fileData8
+
+ return fileData;
+ }
+
+void TFileUtil::SaveFileDataL(const TFileName& aFileName,
+ const TDesC& aFileData)
+ {
+ HBufC8* fileData8 = To8BitL(aFileData);
+ CleanupStack::PushL(fileData8);
+
+ SaveFileDataL(aFileName, *fileData8);
+
+ CleanupStack::PopAndDestroy(); // fileData8
+ }
+
+void TFileUtil::SaveFileDataL(const TFileName& aFileName,
+ const TDesC8& aFileData)
+ {
+ RFile file;
+ CleanupClosePushL(file);
+
+ User::LeaveIfError(file.Replace(iFs, aFileName, EFileWrite));
+
+ User::LeaveIfError(file.Write(aFileData));
+
+ CleanupStack::PopAndDestroy(); // file
+ }
+
+HBufC* TFileUtil::MakeFileNameLC(const TDesC& aDir, const TDesC& aName,
+ const TDesC& aExtension)
+ {
+ HBufC* fileName = HBufC::NewL(aDir.Length() + aName.Length() + aExtension.Length());
+ CleanupStack::PushL(fileName);
+ TPtr fileNamePtr = fileName->Des();
+ fileNamePtr.Append(aDir);
+ fileNamePtr.Append(aName);
+ fileNamePtr.Append(aExtension);
+
+ return fileName;
+ }
+
+TFileName TFileUtil::MakeFileName(const TDesC& aDir, const TDesC& aNameAndExtension)
+ {
+ TFileName fileName;
+
+ fileName.Copy(aDir);
+ fileName.Append(aNameAndExtension);
+
+ return fileName;
+ }
+
+HBufC* TFileUtil::GetPolFileNameLC(const TVpnPolicyId& aPolicyId)
+ {
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+
+ return MakeFileNameLC(privateDir, aPolicyId, KPolFileExt);
+ }
+
+HBufC* TFileUtil::GetPolFileNameL(const TVpnPolicyId& aPolicyId)
+ {
+ HBufC* ret(NULL);
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+ ret = MakeFileNameLC(privateDir, aPolicyId, KPolFileExt);
+ CleanupStack::Pop();
+ return ret;
+ }
+
+HBufC* TFileUtil::GetPinFileNameLC(const TVpnPolicyId& aPolicyId)
+ {
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+ return MakeFileNameLC(privateDir, aPolicyId, KPinFileExt);
+ }
+
+HBufC* TFileUtil::GetPinFileNameL(const TVpnPolicyId& aPolicyId)
+ {
+ HBufC* ret(NULL);
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+ ret = MakeFileNameLC(privateDir, aPolicyId, KPinFileExt);
+ CleanupStack::Pop();
+ return ret;
+ }
+
+TFileName TFileUtil::PolListFileNameL()
+ {
+ TPath privateDir;
+ TInt err = iFs.PrivatePath(privateDir);
+ return MakeFileName(privateDir, KPolListFile);
+ }
+
+void TFileUtil::DeleteFileL(const TFileName& aFileName)
+ {
+ User::LeaveIfError(iFs.Delete(aFileName));
+ }
+
+void TFileUtil::DeleteFilesL(const TFileName& aFileFilter)
+ {
+ CFileMan* fileMan = CFileMan::NewL(iFs);
+ CleanupStack::PushL(fileMan);
+
+ User::LeaveIfError(fileMan->Delete(aFileFilter));
+
+ CleanupStack::PopAndDestroy(); // fileMan
+ }
+
+void TFileUtil::MoveFileL(const TFileName& aSrcFileName, const TFileName& aDstFileName)
+ {
+ User::LeaveIfError(iFs.Rename(aSrcFileName, aDstFileName));
+ }
+
+void TFileUtil::CopyFileL(const TFileName& aSrcFileName, const TFileName& aDstFileName)
+ {
+ CFileMan* fileMan = CFileMan::NewL(iFs);
+ CleanupStack::PushL(fileMan);
+
+ User::LeaveIfError(fileMan->Copy(aSrcFileName, aDstFileName));
+
+ CleanupStack::PopAndDestroy(); // fileMan
+ }
+
+void TFileUtil::CreateDirIfNeededL(const TFileName& aDirName)
+ {
+ TFileName dirName;
+
+ dirName.Copy(aDirName);
+
+ if (dirName[dirName.Length() - 1] != '\\')
+ {
+ dirName.Append('\\');
+ }
+
+ if (!FileExists(dirName))
+ {
+ User::LeaveIfError(iFs.MkDirAll(dirName));
+ }
+ }
+
+HBufC8* TFileUtil::To8BitL(const TDesC16& aDes)
+ {
+ HBufC8* desCopy;
+
+ TInt desLength = aDes.Length();
+
+ if (desLength > 0)
+ {
+ desCopy = HBufC8::NewL(desLength);
+ desCopy->Des().Copy(aDes);
+ }
+ else
+ {
+ desCopy = HBufC8::NewL(1);
+ }
+
+ return desCopy;
+ }
+
+HBufC16* TFileUtil::To16BitL(const TDesC8& aDes)
+ {
+ HBufC16* desCopy;
+
+ TInt desLength = aDes.Length();
+
+ if (desLength > 0)
+ {
+ desCopy = HBufC16::NewL(desLength);
+ desCopy->Des().Copy(aDes);
+ }
+ else
+ {
+ desCopy = HBufC16::NewL(1);
+ }
+
+ return desCopy;
+ }
+
+void TFileUtil::DeleteDirL(const TFileName& aDirName)
+ {
+ if (FileExists(aDirName))
+ {
+ CFileMan* fileMan = CFileMan::NewL(iFs);
+ CleanupStack::PushL(fileMan);
+
+ User::LeaveIfError(fileMan->RmDir(aDirName));
+
+ CleanupStack::PopAndDestroy(); // fileMan
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/pinparser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,176 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Pin parser main module.
+*
+*/
+
+
+
+#include <e32base.h>
+
+#include "pinparser.h"
+#include "fileutil.h"
+
+TPinParser::TPinParser(TFileUtil& aFileUtil) : iFileUtil(aFileUtil)
+ {
+ }
+
+void TPinParser::ParsePolicyInfoL(const TFileName& aPinFile, TVpnPolicyInfo& aPolicyInfo)
+ {
+ HBufC* fileData = iFileUtil.LoadFileDataUL(aPinFile);
+
+ iLexer.Assign(*fileData);
+
+ TPtrC token(NULL, 0);
+
+ while (!iLexer.Eos())
+ {
+ token.Set(iLexer.NextToken());
+
+ ParseSectionInfo(token, aPolicyInfo);
+ }
+
+ delete fileData;
+ }
+
+void TPinParser::ParsePolicyDetailsL(const TDesC& aPinFile, TVpnPolicyDetails& aPolicyDetails)
+ {
+ HBufC* fileData = iFileUtil.LoadFileDataUL(aPinFile);
+
+ iLexer.Assign(*fileData);
+
+ TPtrC token(NULL, 0);
+
+ while (!iLexer.Eos())
+ {
+ token.Set(iLexer.NextToken());
+
+ ParseSectionDetails(token, aPolicyDetails);
+ }
+
+ delete fileData;
+ }
+
+void TPinParser::ParseSectionInfo(const TDesC& aSectionTag, TVpnPolicyInfo& aPolicyInfo)
+ {
+ TPtrC content = GetSectionContent();
+
+ if (aSectionTag.CompareF(KNameSection) == 0)
+ {
+ aPolicyInfo.iName.Copy(content.Left(aPolicyInfo.iName.MaxLength()));
+ aPolicyInfo.iName.Trim();
+ }
+ }
+
+void TPinParser::ParseSectionDetails(const TDesC& aSectionTag, TVpnPolicyDetails& aPolicyDetails)
+ {
+ TPtrC content = GetSectionContent();
+
+ if (aSectionTag.CompareF(KNameSection) == 0)
+ {
+ aPolicyDetails.iName.Copy(content.Left(aPolicyDetails.iName.MaxLength()));
+ aPolicyDetails.iName.Trim();
+ }
+ if (aSectionTag.CompareF(KDescriptionSection) == 0)
+ {
+ aPolicyDetails.iDescription.Copy(content.Left(aPolicyDetails.iDescription.MaxLength()));
+ aPolicyDetails.iDescription.Trim();
+ }
+ if (aSectionTag.CompareF(KVersionSection) == 0)
+ {
+ aPolicyDetails.iVersion.Copy(content.Left(aPolicyDetails.iVersion.MaxLength()));
+ aPolicyDetails.iVersion.Trim();
+ }
+ if (aSectionTag.CompareF(KIssuerNameSection) == 0)
+ {
+ aPolicyDetails.iIssuerName.Copy(content.Left(aPolicyDetails.iIssuerName.MaxLength()));
+ aPolicyDetails.iIssuerName.Trim();
+ }
+ if (aSectionTag.CompareF(KContactSection) == 0)
+ {
+ aPolicyDetails.iContactInfo.Copy(content.Left(aPolicyDetails.iContactInfo.MaxLength()));
+ aPolicyDetails.iContactInfo.Trim();
+ }
+ }
+
+TPtrC TPinParser::GetSectionContent()
+ {
+ iLexer.Mark();
+
+ while (!iLexer.Eos())
+ {
+ iLexer.Inc();
+
+ if (iLexer.Eos() || (iLexer.Peek() == KSectionBeginChar))
+ {
+ break;
+ }
+ }
+
+ return iLexer.MarkedToken();
+ }
+
+HBufC* TPinParser::PolicyDetailsAsTextL(const TVpnPolicyDetails& aPolicyDetails)
+ {
+ HBufC* text = HBufC::NewL(KInitialDetailsTextLength);
+ CleanupStack::PushL(text);
+
+ SmartAppendL(text, KNameSection());
+ SmartAppendL(text, KNewLine());
+ SmartAppendL(text, aPolicyDetails.iName);
+ SmartAppendL(text, KNewLine());
+
+ SmartAppendL(text, KDescriptionSection());
+ SmartAppendL(text, KNewLine());
+ SmartAppendL(text, aPolicyDetails.iDescription);
+ SmartAppendL(text, KNewLine());
+
+ SmartAppendL(text, KVersionSection());
+ SmartAppendL(text, KNewLine());
+ SmartAppendL(text, aPolicyDetails.iVersion);
+ SmartAppendL(text, KNewLine());
+
+ SmartAppendL(text, KIssuerNameSection());
+ SmartAppendL(text, KNewLine());
+ SmartAppendL(text, aPolicyDetails.iIssuerName);
+ SmartAppendL(text, KNewLine());
+
+ SmartAppendL(text, KContactSection());
+ SmartAppendL(text, KNewLine());
+ SmartAppendL(text, aPolicyDetails.iContactInfo);
+ SmartAppendL(text, KNewLine());
+
+ CleanupStack::Pop(); // text
+
+ return text;
+ }
+
+void TPinParser::SmartAppendL(HBufC*& aBuf, const TDesC& aText)
+ {
+ // Make sure that we have enough space for the new text
+
+ TInt spaceLeft = aBuf->Des().MaxLength() - aBuf->Des().Length();
+
+ if (aText.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = aBuf->Des().MaxLength() + aText.Length() + KInitialDetailsTextLength;
+
+ aBuf = aBuf->ReAllocL(newMaxLength);
+ }
+
+ aBuf->Des().Append(aText);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/pkiutil.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,961 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Provides static PKI-related helper functions
+* (such as building Distinguished Names)
+*
+*/
+
+#include <x500dn.h>
+#include <x509cert.h>
+#include <x520ava.h>
+#include <utf.h>
+#include <x509keys.h>
+
+#include "pkiutil.h"
+#include "pkiserviceapi.h"
+#include "pkcs10.h"
+#include "ikepolparser.h"
+
+
+HBufC* PkiUtil::CertSubjectNameL(const TDesC8& aCertData)
+ {
+ CX509Certificate* certificate = CX509Certificate::NewL(aCertData);
+ CleanupStack::PushL(certificate);
+
+ CX500DistinguishedName* subjectDn;
+ subjectDn = CX500DistinguishedName::NewL(certificate->SubjectName());
+ CleanupStack::PushL(subjectDn);
+
+ HBufC* certDn = CertDnL(*subjectDn);
+
+ CleanupStack::PopAndDestroy(2); // subjectDn, certificate
+
+ return certDn;
+ }
+
+HBufC* PkiUtil::CertIssuerNameL(const TDesC8& aCertData)
+ {
+ CX509Certificate* certificate = CX509Certificate::NewL(aCertData);
+ CleanupStack::PushL(certificate);
+
+ CX500DistinguishedName* issuerDn;
+ issuerDn = CX500DistinguishedName::NewL(certificate->IssuerName());
+ CleanupStack::PushL(issuerDn);
+
+ HBufC* certDn = CertDnL(*issuerDn);
+
+ CleanupStack::PopAndDestroy(2); // issuerDn, certificate
+
+ return certDn;
+ }
+
+HBufC* PkiUtil::CertDnL(const CX500DistinguishedName& aName)
+ {
+ TInt count = aName.Count();
+ HBufC* certDn = HBufC::NewL(KCertDnSizeIncrement);
+ CleanupStack::PushL(certDn);
+
+ for (TInt i = 0; i < count; i++)
+ {
+ const CX520AttributeTypeAndValue& attribute = aName.Element(i);
+
+ // Unsupported attribute is not appended (KErrNotSupported error)
+ TRAPD( err, AppendAttributeL(certDn, attribute) );
+ if ( err != KErrNotSupported )
+ {
+ User::LeaveIfError( err );
+ }
+ }
+
+ CleanupStack::Pop(); // certDn
+
+ return certDn;
+ }
+
+TInt PkiUtil::CertKeySizeL(const TDesC8& aCertData)
+ {
+ TInt keySize = 0;
+
+ CX509Certificate* certificate = CX509Certificate::NewLC(aCertData);
+ const CSubjectPublicKeyInfo& publicKeyInfo = certificate->PublicKey();
+ const TPtrC8 keyData = publicKeyInfo.KeyData();
+
+ TX509KeyFactory keyFactory;
+
+ switch(publicKeyInfo.AlgorithmId())
+ {
+ case ERSA:
+ {
+ const CRSAPublicKey* keyRSA = keyFactory.RSAPublicKeyL(keyData);
+ const TInteger& n = keyRSA->N();
+ keySize = n.BitCount();
+ delete keyRSA;
+ }
+ break;
+ case EDSA:
+ {
+ TPtrC8 params = publicKeyInfo.EncodedParams();
+
+ const CDSAPublicKey* keyDSA =
+ keyFactory.DSAPublicKeyL(params, keyData);
+
+ const TInteger& y = keyDSA->Y();
+ keySize = y.BitCount();
+ delete keyDSA;
+ }
+ break;
+ default:
+ User::Leave(KErrNotSupported);
+ break;
+ }
+
+ CleanupStack::PopAndDestroy(certificate);
+
+ return keySize;
+ }
+
+
+void PkiUtil::AppendAttributeL(HBufC*& aBuf, const CX520AttributeTypeAndValue& aAttribute)
+ {
+ HBufC* attrName = AttributeTypeToNameL(aAttribute.Type());
+ CleanupStack::PushL(attrName);
+
+ HBufC* attrValue = aAttribute.ValueL();
+ CleanupStack::PushL(attrValue);
+
+ if ( aBuf->Length() )
+ {
+ // Append comma if not first attribute
+ SmartAppendL(aBuf, KComma);
+ }
+
+ SmartAppendL(aBuf, attrName->Des());
+ SmartAppendL(aBuf, KEquals);
+ SmartAppendL(aBuf, attrValue->Des());
+
+ CleanupStack::PopAndDestroy(2); // attrValue, attrName
+ }
+
+/*
+ RFC 2253 (Lightweight Directory Access Protocol (v3):
+ UTF-8 String Representation of Distinguished Names):
+
+ "If the AttributeType is in a published table of attribute types
+ associated with LDAP [4], then the type name string from that table
+ is used, otherwise it is encoded as the dotted-decimal encoding of
+ the AttributeType's OBJECT IDENTIFIER."
+
+ RFC 2256 (A Summary of the X.500(96) User Schema for use with
+ LDAPv3):
+
+ "This document provides an overview of the attribute types and object
+ classes defined by the ISO and ITU-T committees in the X.500
+ documents, in particular those intended for use by directory
+ clients."
+
+ In essence, RFC 2256 lists the most common attribute types and their
+ names.
+
+ We choose to provide "user-friendly" name mapping for the following
+ attribúte types:
+ - countryName
+ - organizationName
+ - organizationalUnitName
+ - localityName
+ - stateOrProvinceName
+ - commonName
+
+ For other attribute types, we use a string representation of the OID
+ as the attribute name.
+*/
+
+HBufC* PkiUtil::AttributeTypeToNameL(const TDesC &aType)
+ {
+ HBufC* name;
+
+ if (aType.Compare(KX520CountryName) == 0)
+ {
+ name = KC().AllocL();
+ }
+ else if (aType.Compare(KX520OrganizationName) == 0)
+ {
+ name = KO().AllocL();
+ }
+ else if (aType.Compare(KX520OrganizationalUnitName) == 0)
+ {
+ name = KOU().AllocL();
+ }
+ else if (aType.Compare(KX520LocalityName) == 0)
+ {
+ name = KL().AllocL();
+ }
+ else if (aType.Compare(KX520StateOrProvinceName) == 0)
+ {
+ name = KST().AllocL();
+ }
+ else if (aType.Compare(KX520CommonName) == 0)
+ {
+ name = KCN().AllocL();
+ }
+ else
+ {
+ // Use the dotted-decimal encoding
+ // of the OID as the attribute name
+ name = aType.AllocL();
+ }
+
+ return name;
+ }
+
+void PkiUtil::SmartAppendL(HBufC*& aBuf, const TDesC& aText)
+ {
+ // Make sure that we have enough space for the new text
+
+ TInt spaceLeft = aBuf->Des().MaxLength() - aBuf->Des().Length();
+
+ if (aText.Length() > spaceLeft)
+ {
+ // Allocate enough space for the new text + some additional
+ // free space so that allocations are not too frequent
+
+ TInt newMaxLength = aBuf->Des().MaxLength() + aText.Length() + KCertDnSizeIncrement;
+
+ aBuf = aBuf->ReAllocL(newMaxLength);
+ }
+
+ aBuf->Des().Append(aText);
+ }
+
+TCertStatus PkiUtil::CertStatusL(RPKIServiceAPI& aPkiService, const TDesC8& aTrustedCaDn,
+ const TDesC8& aSubjectDnSuffix, const TDesC8& aRfc822NameFqdn,
+ TUint aPrivKeyLength, TInt aCertRenewalThreshold)
+ {
+ // Try to find a user certificate with the
+ // desired properties from the PKI store
+
+ TAny* opContext;
+ TRequestStatus status;
+ TCertStatus certStatus;
+
+ HBufC8* certData = HBufC8::NewL(KExpectedMaxCertSize);
+ HBufC8* subjectNameString;
+ _LIT8(KEmptyString, "");
+ CleanupStack::PushL(certData);
+
+ TPtr8 certDataPtr = certData->Des();
+
+ aPkiService.ReadCertificateL(aTrustedCaDn, aSubjectDnSuffix, aRfc822NameFqdn, EPKIUserCertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+
+ if (status.Int() == KPKIErrBufferTooShort)
+ {
+ TInt realCertSize;
+ aPkiService.GetRequiredBufferSize(realCertSize);
+
+ CleanupStack::PopAndDestroy(); // certData
+ certData = HBufC8::NewL(realCertSize);
+ CleanupStack::PushL(certData);
+
+ certDataPtr = certData->Des();
+ aPkiService.ReadCertificateL(aTrustedCaDn, aSubjectDnSuffix, aRfc822NameFqdn, EPKIUserCertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+ }
+
+
+ // Make sure that the cert, if found, is valid
+ if (status.Int() == KErrNone)
+ {
+ certStatus = PkiUtil::CertStatusL(*certData, aCertRenewalThreshold);
+ }
+ else //if not found, check wether certificate chain exists
+ {
+ certStatus = ECertNotFound;
+ //checking if certificate chain is found
+ CleanupStack::PopAndDestroy(); // certData
+
+ certData=NULL;
+ certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+
+ certDataPtr = certData->Des();
+
+ //user certificate
+ aPkiService.ReadCertificateL(KEmptyString, aSubjectDnSuffix, aRfc822NameFqdn, EPKIUserCertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+ if (status.Int() == KErrNone)
+ {
+ certStatus = PkiUtil::CertStatusL(*certData, aCertRenewalThreshold);
+ }
+ else
+ {
+ certStatus = ECertNotFound;
+ CleanupStack::PopAndDestroy(certData);
+ return certStatus;
+ }
+
+ //intermediate certificate level 2
+ HBufC* issuerName=CertIssuerNameL(*certData);
+ CleanupStack::PushL(issuerName);
+
+ subjectNameString=To8BitL(*issuerName);
+
+ CleanupStack::PopAndDestroy(issuerName);
+ CleanupStack::PopAndDestroy(certData);
+
+ certData=NULL;
+ certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+
+ certDataPtr = certData->Des();
+
+ CleanupStack::PushL(subjectNameString);
+ aPkiService.ReadCertificateL(KEmptyString, *subjectNameString, aRfc822NameFqdn, EPKICACertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+ if (status.Int() == KErrNone)
+ {
+ certStatus = PkiUtil::CertStatusL(*certData, aCertRenewalThreshold);
+ }
+ else
+ {
+ certStatus = ECertNotFound;
+ CleanupStack::PopAndDestroy(subjectNameString);
+ CleanupStack::PopAndDestroy(certData);
+ return certStatus;
+ }
+ if ( subjectNameString->Compare(aTrustedCaDn) !=0 ) //checking if issuer is reached
+ {
+ //intermediate certificate level 1
+ certStatus = ECertNotFound;
+ CleanupStack::PopAndDestroy(subjectNameString);
+
+ HBufC* issuerName=CertIssuerNameL(*certData);
+ CleanupStack::PushL(issuerName);
+
+ subjectNameString=To8BitL(*issuerName);
+
+ CleanupStack::PopAndDestroy(issuerName);
+ CleanupStack::PopAndDestroy(certData);
+
+ certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+ certDataPtr = certData->Des();
+
+ CleanupStack::PushL(subjectNameString);
+
+ aPkiService.ReadCertificateL(KEmptyString, *subjectNameString, aRfc822NameFqdn, EPKICACertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+ if (status.Int() == KErrNone)
+ {
+ certStatus = PkiUtil::CertStatusL(*certData, aCertRenewalThreshold);
+ }
+ else
+ {
+ certStatus = ECertNotFound;
+ CleanupStack::PopAndDestroy(subjectNameString);
+ CleanupStack::PopAndDestroy(certData);
+ return certStatus;
+ }
+ }
+ if ( subjectNameString->Compare(aTrustedCaDn) !=0 ) //checking if issuer is reached
+ {
+ //CA certificate
+ certStatus = ECertNotFound;
+ CleanupStack::PopAndDestroy(subjectNameString);
+
+ HBufC* issuerName=CertIssuerNameL(*certData);
+ CleanupStack::PushL(issuerName);
+
+ subjectNameString=To8BitL(*issuerName);
+
+ CleanupStack::PopAndDestroy(issuerName);
+ CleanupStack::PopAndDestroy(certData);
+
+ certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+ certDataPtr = certData->Des();
+
+ CleanupStack::PushL(subjectNameString);
+
+ aPkiService.ReadCertificateL(KEmptyString, *subjectNameString, aRfc822NameFqdn, EPKICACertificate,
+ aPrivKeyLength, EPKIRSA, certDataPtr,
+ &opContext, status);
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+ if (status.Int() == KErrNone)
+ {
+ certStatus = PkiUtil::CertStatusL(*certData, aCertRenewalThreshold);
+ }
+ CleanupStack::PopAndDestroy(subjectNameString);
+ }
+ else
+ CleanupStack::PopAndDestroy(subjectNameString);
+ }
+ CleanupStack::PopAndDestroy(certData);
+
+ return certStatus;
+ }
+
+TCertStatus PkiUtil::CertStatusL(const TDesC8& aCertData, TInt aCertRenewalThreshold)
+ {
+ CX509Certificate* certificate = CX509Certificate::NewL(aCertData);
+ CleanupStack::PushL(certificate);
+
+ TCertStatus status = CertStatusL(*certificate, aCertRenewalThreshold);
+
+ CleanupStack::PopAndDestroy(certificate);
+
+ return status;
+ }
+
+
+TCertStatus PkiUtil::CertStatusL(const CX509Certificate& aCert, TInt aCertRenewalThreshold)
+ {
+
+ TTime validationTime;
+ validationTime.UniversalTime();
+
+ TCertStatus certStatus = ECertValid;
+
+ if (aCert.ValidityPeriod().Finish() <= validationTime)
+ {
+ certStatus = ECertExpired;
+ }
+
+ if (aCert.ValidityPeriod().Start() >= validationTime)
+ {
+ certStatus = ECertNotValidYet;
+ }
+
+ // Additional validity check - if a certificate renewal threshold
+ // has been specified, it can cause an otherwise valid certificate
+ // to be marked as expired. This is determined as follows:
+ // - Calculate the entire lifetime of the certificate (entireLifetime)
+ // - Calculate the passed lifetime of the certificate (passedLifetime)
+ // - Calculate thresholdLifetime as aCertRenewalTreshold % * entireLifetime
+ // (i.e. (aCertRenewalTreshold / 100) * entireLifetime
+ // - If passedLifetime > thresholdLifetime --> certificate expired
+
+ if (certStatus == ECertValid && aCertRenewalThreshold >= 0)
+ {
+ TInt64 entireLifetime = aCert.ValidityPeriod().Finish().Int64() -
+ aCert.ValidityPeriod().Start().Int64();
+
+ TInt64 passedLifetime = validationTime.Int64() -
+ aCert.ValidityPeriod().Start().Int64();
+
+ TInt64 thresholdInPercents(aCertRenewalThreshold);
+ TInt64 hundred(100);
+ TInt64 tresholdLifetime = (thresholdInPercents * entireLifetime) / hundred;
+
+ if (passedLifetime > tresholdLifetime)
+ {
+ certStatus = ECertExpired;
+ }
+ }
+
+ return certStatus;
+ }
+
+
+CX509Certificate* PkiUtil::ReadCertificateLC(RPKIServiceAPI& aPkiService,
+ const TPKIKeyIdentifier& aKeyId)
+ {
+
+ TAny* opContext;
+ TRequestStatus status;
+
+ HBufC8* certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+
+ TPtr8 certDataPtr = certData->Des();
+
+ aPkiService.ReadCertificateL(aKeyId, certDataPtr,
+ &opContext,
+ status);
+
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+
+ if (status.Int() == KPKIErrBufferTooShort)
+ {
+ TInt realCertSize;
+ aPkiService.GetRequiredBufferSize(realCertSize);
+
+ CleanupStack::PopAndDestroy(); // certData
+ certData = HBufC8::NewL(realCertSize);
+ CleanupStack::PushL(certData);
+
+ certDataPtr = certData->Des();
+ aPkiService.ReadCertificateL(aKeyId, certDataPtr,
+ &opContext,
+ status);
+
+ User::WaitForRequest(status);
+ aPkiService.Finalize(opContext);
+
+ User::LeaveIfError(status.Int());
+ }
+ else
+ {
+ User::LeaveIfError(status.Int());
+ }
+
+ CX509Certificate* certificate = CX509Certificate::NewL(*certData);
+ CleanupStack::PopAndDestroy(certData);
+ CleanupStack::PushL(certificate);
+
+ return certificate;
+ }
+
+
+CX509Certificate* PkiUtil::ReadCertificateLC(RPKIServiceAPI& aPkiService,
+ const TDesC8& aTrustedAuthority,
+ const TDesC8& aIdentitySubjectName,
+ const TDesC8& aIdentityRfc822Name,
+ const TPKICertificateOwnerType aOwnerType)
+ {
+ // Try to find a user certificate with the
+ // desired properties from the PKI store
+ static const TInt KUndefinedKeySize = 0;
+
+ TAny* opContext;
+ TRequestStatus status;
+
+ HBufC8* certData = HBufC8::NewL(KExpectedMaxCertSize);
+ CleanupStack::PushL(certData);
+
+ TPtr8 certDataPtr = certData->Des();
+
+ aPkiService.ReadCertificateL(aTrustedAuthority,
+ aIdentitySubjectName,
+ aIdentityRfc822Name,
+ aOwnerType, KUndefinedKeySize,
+ EPKIRSA, certDataPtr,
+ &opContext,
+ status);
+
+ User::WaitForRequest(status);
+
+ aPkiService.Finalize(opContext);
+
+ if (status.Int() == KPKIErrBufferTooShort)
+ {
+ TInt realCertSize;
+ aPkiService.GetRequiredBufferSize(realCertSize);
+
+ CleanupStack::PopAndDestroy(); // certData
+ certData = HBufC8::NewL(realCertSize);
+ CleanupStack::PushL(certData);
+
+ certDataPtr = certData->Des();
+ aPkiService.ReadCertificateL(aTrustedAuthority,
+ aIdentitySubjectName,
+ aIdentityRfc822Name,
+ aOwnerType, KUndefinedKeySize,
+ EPKIRSA, certDataPtr,
+ &opContext,
+ status);
+
+ User::WaitForRequest(status);
+ aPkiService.Finalize(opContext);
+
+ User::LeaveIfError(status.Int());
+ }
+ else
+ {
+ User::LeaveIfError(status.Int());
+ }
+
+ CX509Certificate* certificate = CX509Certificate::NewL(*certData);
+ CleanupStack::PopAndDestroy(certData);
+ CleanupStack::PushL(certificate);
+
+ return certificate;
+ }
+
+
+void ResetAndDestroyCleanup(TAny* aArray)
+ {
+ RPointerArray<CX509Certificate>* certificateArray = (RPointerArray<CX509Certificate>*) aArray;
+ certificateArray->ResetAndDestroy();
+ certificateArray->Close();
+ }
+
+void ResetAndDestroyPushL(RPointerArray<CX509Certificate>& aCertificateArray)
+ {
+ CleanupStack::PushL(TCleanupItem(ResetAndDestroyCleanup, &aCertificateArray));
+ }
+
+
+RPointerArray<CX509Certificate> PkiUtil::GetCaCertListL(RPKIServiceAPI& aPkiService,
+ const CArrayFixFlat<TCertInfo*>& aIkeCAList)
+ {
+
+ __ASSERT_ALWAYS(aIkeCAList.Count() > 0, User::Invariant());
+ _LIT8(KEmptyString, "");
+
+ RPointerArray<CX509Certificate> certificateArray;
+ ResetAndDestroyPushL(certificateArray);
+
+ RArray<TUid> applUidArray;
+ CleanupClosePushL(applUidArray);
+
+ for (TInt i = 0; i < aIkeCAList.Count(); ++i)
+ {
+ const TCertInfo* certInfo = aIkeCAList[i];
+ switch(certInfo->iFormat)
+ {
+ case CA_NAME:
+ {
+ // Reserve enough space for UTF-8
+ TInt len = 3*( certInfo->iData.Length() );
+ HBufC8* caName = HBufC8::NewLC(len);
+ TPtr8 caNamePtr(caName->Des());
+
+ if (CnvUtfConverter::ConvertFromUnicodeToUtf8(caNamePtr, certInfo->iData) != 0)
+ {
+ User::Leave(KErrCorrupt);
+ }
+
+ CX509Certificate* cert = ReadCertificateLC(aPkiService,
+ KEmptyString,
+ *caName,
+ KEmptyString,
+ EPKICACertificate);
+
+ User::LeaveIfError(certificateArray.Append(cert));
+ CleanupStack::Pop(cert);
+ CleanupStack::PopAndDestroy(caName);
+ }
+ break;
+ case KEY_ID:
+ {
+ TPKIKeyIdentifier keyId(NULL);
+
+ for (TInt j = 0; j < certInfo->iData.Length(); j += 2)
+ {
+ TPtrC hexByte(certInfo->iData.Mid(j, 2));
+ TLex lex(hexByte);
+ TUint8 value;
+ User::LeaveIfError(lex.Val(value, EHex));
+ keyId.Append(&value, 1);
+ }
+
+ CX509Certificate* cert = ReadCertificateLC(aPkiService,
+ keyId);
+ User::LeaveIfError(certificateArray.Append(cert));
+ CleanupStack::Pop(cert);
+ }
+ break;
+ case APPL_UID:
+ {
+ TLex lex(certInfo->iData);
+ TUint32 value;
+ User::LeaveIfError(lex.Val(value, EHex));
+ TUid id = { value };
+ User::LeaveIfError(applUidArray.Append(id));
+ }
+ break;
+ default:
+ User::Leave(KErrArgument);
+ break;
+ }
+ }
+
+ if (applUidArray.Count() > 0)
+ {
+ CArrayFix<TCertificateListEntry>* certListArray = NULL;;
+ aPkiService.ListApplicableCertificatesL(applUidArray, certListArray);
+
+ CleanupStack::PushL(certListArray);
+ if (certListArray->Count() == 0)
+ {
+ User::Leave(KErrNotFound);
+ }
+
+ for (TInt i = 0; i < certListArray->Count(); ++i)
+ {
+ TCertificateListEntry entry = (*certListArray)[i];
+ if (entry.iOwnerType == EPKICACertificate)
+ {
+ CX509Certificate* cert = ReadCertificateLC(aPkiService,
+ KEmptyString,
+ entry.iIdentitySubjectName,
+ KEmptyString,
+ EPKICACertificate);
+ User::LeaveIfError(certificateArray.Append(cert));
+ CleanupStack::Pop(cert);
+ }
+ }
+ CleanupStack::PopAndDestroy(certListArray);
+ }
+
+ CleanupStack::PopAndDestroy(); //applUidArray
+
+ CleanupStack::Pop();
+ return certificateArray;
+ }
+
+
+TCertStatus PkiUtil::GetValidCaCertSubjectNameListL(RPKIServiceAPI& aPkiService,
+ const CArrayFixFlat<TCertInfo*>& aIkeCAList,
+ CDesC8ArrayFlat& aCaCertNameList)
+ {
+
+ TCertStatus status = ECertValid;
+ RPointerArray<CX509Certificate> certificateList;
+ TRAPD(err, certificateList = PkiUtil::GetCaCertListL(aPkiService, aIkeCAList));
+
+ switch(err)
+ {
+ case KErrNone:
+ for (TInt i = 0; i < certificateList.Count(); ++i)
+ {
+ const CX509Certificate* cert = certificateList[i];
+ status = CertStatusL(*cert, -1);
+
+ if (status == ECertValid)
+ {
+ const CX500DistinguishedName& subjectName = cert->SubjectName();
+ HBufC* subjectNameString = PkiUtil::CertDnL(subjectName);
+ CleanupStack::PushL(subjectNameString);
+
+ // Reserve enough space for UTF-8
+ TInt len = 3*( subjectNameString->Length() );
+ HBufC8* subjectNameString8Bit = HBufC8::NewLC(len);
+ TPtr8 subjectNameString8BitPtr = subjectNameString8Bit->Des();
+ if (CnvUtfConverter::ConvertFromUnicodeToUtf8(subjectNameString8BitPtr,
+ *subjectNameString) != 0)
+ {
+ User::Leave(KErrCorrupt);
+ }
+ TRAPD(err, aCaCertNameList.InsertIsqL(*subjectNameString8Bit));
+
+ CleanupStack::PopAndDestroy(subjectNameString8Bit);
+ CleanupStack::PopAndDestroy(subjectNameString);
+
+ err = (err == KErrAlreadyExists) ? KErrNone : err;
+ User::LeaveIfError(err);
+ }
+ else
+ {
+ aCaCertNameList.Reset();
+ break;
+ }
+ }
+ break;
+ case KErrNotFound: // Flow through
+ case KErrArgument: // CA cert is not found if policys CA DATA is invalid
+ status = ECertNotFound;
+ break;
+ default:
+ certificateList.ResetAndDestroy();
+ certificateList.Close();
+ User::Leave(err);
+ }
+
+ certificateList.ResetAndDestroy();
+ certificateList.Close();
+
+ return status;
+ }
+
+
+TCertStatus PkiUtil::CheckUserCertValidityL(RPKIServiceAPI& aPkiService,
+ CDesC8ArrayFlat& aValidCaCertNameList,
+ TOwnCertInfo& aOwnCert)
+ {
+
+ static const TInt KUndefinedKeySize = 0;
+
+ TCertStatus status = ECertValid;
+
+ HBufC8* subjectName = NULL;
+ HBufC8* rfc822Name = NULL;
+
+ if (aOwnCert.iOwnCertExists)
+ {
+ // Reserve enough space for UTF-8
+ TInt len = 3*( aOwnCert.iSubjectDnSuffix.Length() );
+ subjectName = HBufC8::NewLC(len);
+ TPtr8 subjectNamePtr = subjectName->Des();
+ if (CnvUtfConverter::ConvertFromUnicodeToUtf8(subjectNamePtr, aOwnCert.iSubjectDnSuffix) != 0)
+ {
+ User::Leave(KErrCorrupt);
+ }
+
+ if ( aOwnCert.iIdentityAsRfc822Name == EIdentityAsRfc822NameYes)
+ {
+ rfc822Name = HBufC8::NewLC(aOwnCert.iRfc822NameFqdn.Length());
+ TPtr8 rfc822NamePtr = rfc822Name->Des();
+ if (CnvUtfConverter::ConvertFromUnicodeToUtf8(rfc822NamePtr, aOwnCert.iRfc822NameFqdn) != 0)
+ {
+ User::Leave(KErrCorrupt);
+ }
+
+ }
+ else
+ {
+ rfc822Name = HBufC8::NewLC(1); //empty string
+ }
+
+ status = ECertNotFound;
+ for (TInt i = 0; i < aValidCaCertNameList.Count(); ++i)
+ {
+
+ status = CertStatusL(aPkiService, aValidCaCertNameList[i],
+ *subjectName, *rfc822Name,
+ KUndefinedKeySize);
+ if (status != ECertNotFound)
+ {
+ break;
+ }
+ }
+
+ CleanupStack::PopAndDestroy(rfc822Name);
+ CleanupStack::PopAndDestroy(subjectName);
+ }
+
+ return status;
+ }
+
+
+CX500DistinguishedName* PkiUtil::DnFromStringL(const TDesC8& aString)
+ {
+ HBufC8* dnDer;
+ CPkcs10Req::BuildDistinguishedNameDerFromTextL(dnDer, aString,
+ EFalse, KNullDesC8);
+ CleanupStack::PushL(dnDer);
+
+ CX500DistinguishedName* dn = CX500DistinguishedName::NewL(*dnDer);
+
+ CleanupStack::PopAndDestroy(); // dnDer
+
+ return dn;
+ }
+
+CX500DistinguishedName* PkiUtil::DnWithoutCnFromStringL(const TDesC8& aString)
+ {
+ HBufC8* dnDer;
+ CPkcs10Req::BuildDistinguishedNameDerFromTextL(dnDer, aString,
+ ETrue, KCN8);
+ CleanupStack::PushL(dnDer);
+
+ CX500DistinguishedName* dn = CX500DistinguishedName::NewL(*dnDer);
+
+ CleanupStack::PopAndDestroy(); // dnDer
+
+ return dn;
+ }
+
+TBool PkiUtil::DnMatchL(const TDesC8& aDnString1, const TDesC8& aDnString2)
+ {
+ TBool exactMatch = EFalse;
+
+ if (aDnString1.Length() == 0 && aDnString2.Length() == 0)
+ {
+ exactMatch = ETrue;
+ }
+ else if (aDnString1.Length() > 0 && aDnString2.Length() > 0)
+ {
+ CX500DistinguishedName* dn1 = DnFromStringL(aDnString1);
+ CleanupStack::PushL(dn1);
+
+ CX500DistinguishedName* dn2 = DnFromStringL(aDnString2);
+ CleanupStack::PushL(dn2);
+
+ if (MatchL(*dn1, *dn2))
+ {
+ exactMatch = ETrue;
+ }
+
+ CleanupStack::PopAndDestroy(2); // dn2, dn1
+ }
+
+ return exactMatch;
+ }
+
+TBool PkiUtil::MatchL(const CX500DistinguishedName& aDn1, const CX500DistinguishedName& aDn2)
+ {
+ if (aDn1.Count() != aDn2.Count())
+ {
+ return EFalse;
+ }
+
+ // For each field in aDn1, aDn2 must contain a field with the same value
+ for (TInt i = 0; i < aDn1.Count(); i++)
+ {
+ if (!HasElementL(aDn2, aDn1.Element(i)))
+ {
+ return EFalse;
+ }
+ }
+ return ETrue;
+ }
+
+TBool PkiUtil::HasElementL(const CX500DistinguishedName& aDn, const CX520AttributeTypeAndValue& aElement)
+ {
+ for (TInt i = 0; i < aDn.Count(); i++)
+ {
+ if (aElement.ExactMatchL(aDn.Element(i)))
+ {
+ return ETrue;
+ }
+ }
+ return EFalse;
+ }
+
+HBufC8* PkiUtil::To8BitL(const TDesC16& aDes)
+ {
+ HBufC8* desCopy;
+
+ TInt desLength = aDes.Length();
+
+ if (desLength > 0)
+ {
+ desCopy = HBufC8::NewL(desLength);
+ desCopy->Des().Copy(aDes);
+ }
+ else
+ {
+ desCopy = HBufC8::NewL(1);
+ }
+
+ return desCopy;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/policyimporter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1154 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy importer
+*
+*/
+
+
+
+#include "policyimporter.h"
+#include "vpnapiservant.h"
+#include "fileutil.h"
+#include "policypatcher.h"
+#include "policystore.h"
+#include "vpnclientuids.h"
+#include "vpnmanagerserverdefs.h"
+#include "ikepolparser.h"
+#include "pkiutil.h"
+#include "cmmanagerutils.h"
+#include "log_r6.h"
+
+#include <f32file.h>
+#include <x509cert.h>
+
+const TInt KDefaultKeySize(1024);
+
+enum TImportState
+ {
+ EStateBeginPolicyImport = 1,
+ EStateImportCaCert,
+ EStateAfterImportCaCert,
+ EStateImportPeerCert,
+ EStateAfterImportPeerCert,
+ EStateImportUserPrivKey,
+ EStateAfterImportUserPrivKey,
+ EStateAttachCertificate,
+ EStateAfterAttachCertificate,
+ EStateImportPinAndPol,
+ EStateCreateVpnDestination,
+ EStateEndPolicyImport
+ };
+
+CPolicyImporter* CPolicyImporter::NewL(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& aPolicyStore, RFs& aFs)
+ {
+ LOG_("-> CPolicyImporter::NewL()");
+ CPolicyImporter* self = new (ELeave) CPolicyImporter(aMessage, aVpnApiServant, aPolicyStore, aFs);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ LOG_("<- CPolicyImporter::NewL()");
+ return self;
+ }
+
+CPolicyImporter* CPolicyImporter::NewL(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& aPolicyStore, RFs& aFs)
+ {
+ LOG_("-> CPolicyImporter::NewL()");
+ CPolicyImporter* self = new (ELeave) CPolicyImporter(aStatus, aVpnApiServant, aPolicyStore, aFs);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ LOG_("<- CPolicyImporter::NewL()");
+ return self;
+ }
+
+CPolicyImporter::CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& aPolicyStore, RFs& aFs) :
+ CActive(0), iMessage(aMessage), iVpnApiServant(aVpnApiServant),
+ iPolicyStore(aPolicyStore), iFs(aFs), iFileUtil(aFs)
+ {
+ }
+
+CPolicyImporter::CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant,
+ CPolicyStore& aPolicyStore, RFs& aFs) :
+ CActive(0), iExtStatus(&aStatus), iVpnApiServant(aVpnApiServant),
+ iPolicyStore(aPolicyStore), iFs(aFs), iFileUtil(aFs)
+ {
+ }
+
+void CPolicyImporter::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iPkiService.Connect());
+ }
+
+CPolicyImporter::~CPolicyImporter()
+ {
+ LOG_("-> CPolicyImporter::~CPolicyImporter()");
+ Cancel();
+ iPkiService.Close();
+
+ delete iPolicyIdList;
+
+ delete iCurrIkeDataArray;
+
+ delete iCurrCaCertList;
+ delete iCurrPeerCertList;
+ delete iCurrUserPrivKeyList;
+ delete iCurrUserCertList;
+ delete iCurrOtherCaCertList;
+
+ delete iCertFileData;
+ delete iKeyFileData;
+ LOG_("<- CPolicyImporter::~CPolicyImporter()");
+ }
+
+TInt CPolicyImporter::RunError(TInt aError)
+ {
+ LOG_EVENT_2B(R_VPN_MSG_POLICY_INSTALL_FAIL, iNewPolicyId, NULL,
+ aError, iImportSinglePolicy);
+
+ ImportComplete(aError);
+ return KErrNone;
+ }
+
+void CPolicyImporter::RunL()
+ {
+ ChangeStateL();
+ }
+
+void CPolicyImporter::DoCancel()
+ {
+ CancelOngoingOperation();
+ if (iImportSinglePolicy)
+ {
+ User::RequestComplete(iExtStatus, KErrCancel);
+ }
+ else
+ {
+ iMessage.Complete(KErrCancel);
+ }
+ CleanImportDirectory();
+ }
+
+void CPolicyImporter::GotoState(TInt aState)
+ {
+ LOG_1("-> CPolicyImporter::GotoState() STATE %d", aState);
+ SetNextState(aState);
+ SetActive();
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ LOG_("<- CPolicyImporter::GotoState()");
+ }
+
+void CPolicyImporter::SetCurrState(TInt aState)
+ {
+ iCurrState = aState;
+ }
+
+void CPolicyImporter::SetNextState(TInt aState)
+ {
+ iNextState = aState;
+ }
+
+TInt CPolicyImporter::CurrState()
+ {
+ return iCurrState;
+ }
+
+TInt CPolicyImporter::NextState()
+ {
+ return iNextState;
+ }
+
+void CPolicyImporter::ChangeStateL()
+ {
+ switch (NextState())
+ {
+ case EStateBeginPolicyImport:
+ StateBeginPolicyImportL();
+ break;
+
+ case EStateImportCaCert:
+ StateImportCaCertL();
+ break;
+
+ case EStateAfterImportCaCert:
+ StateAfterImportCaCertL();
+ break;
+
+ case EStateImportPeerCert:
+ StateImportPeerCertL();
+ break;
+
+ case EStateAfterImportPeerCert:
+ StateAfterImportPeerCertL();
+ break;
+
+ case EStateImportUserPrivKey:
+ StateImportUserPrivKeyL();
+ break;
+
+ case EStateAfterImportUserPrivKey:
+ StateAfterImportUserPrivKeyL();
+ break;
+
+ case EStateAttachCertificate:
+ StateAttachCertificateL();
+ break;
+
+ case EStateAfterAttachCertificate:
+ StateAfterAttachCertificateL();
+ break;
+
+ case EStateImportPinAndPol:
+ StateImportPinAndPolL();
+ break;
+
+ case EStateCreateVpnDestination:
+ StateCreateVpnDestinationL();
+ break;
+
+ case EStateEndPolicyImport:
+ StateEndPolicyImportL();
+ break;
+
+ default:
+ User::Panic(KVpnManagerServer, EInvalidImportState);
+ break;
+ }
+ }
+
+void CPolicyImporter::CancelOngoingOperation()
+ {
+ switch (CurrState())
+ {
+ case EStateImportCaCert:
+ case EStateImportPeerCert:
+ case EStateImportUserPrivKey:
+ case EStateAttachCertificate:
+ iPkiService.CancelPendingOperation();
+ iPkiService.Finalize(iPkiOpContext);
+ break;
+
+ default:
+ break;
+ }
+ }
+
+void CPolicyImporter::ImportComplete(TInt aReturnValue)
+ {
+ LOG_("-> CPolicyImporter::ImportComplete()");
+ if (iImportSinglePolicy)
+ {
+ User::RequestComplete(iExtStatus, aReturnValue);
+ }
+ else
+ {
+ iMessage.Complete(aReturnValue);
+ }
+ CleanImportDirectory();
+ iVpnApiServant.PolicyImportComplete();
+ LOG_("<- CPolicyImporter::ImportComplete()");
+ }
+
+void CPolicyImporter::ImportPolicyL(const TDesC& aDir)
+ {
+ LOG_("-> CPolicyImporter::ImportPolicyL()");
+ iImportSinglePolicy = EFalse;
+ iNewPolicyId = &iPolicyId;
+ DoImportPolicyL(aDir);
+ LOG_("<- CPolicyImporter::ImportPolicyL()");
+ }
+
+void CPolicyImporter::ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId)
+ {
+ LOG_("-> CPolicyImporter::ImportSinglePolicyL()");
+ iImportSinglePolicy = ETrue;
+ iNewPolicyId = &aNewPolicyId;
+ DoImportPolicyL(aDir);
+ LOG_("<- CPolicyImporter::ImportSinglePolicyL()");
+ }
+
+void CPolicyImporter::DoImportPolicyL(const TDesC& aDir)
+ {
+ LOG_("-> CPolicyImporter::DoImportPolicyL()");
+ iImportDir.Copy(aDir);
+ iCurrPolicyIdIndex = -1;
+
+ BuildPolicyIdListL();
+
+ if (iPolicyIdList->Count() == 0)
+ {
+ ImportComplete(KErrNone);
+ return;
+ }
+
+ if (iImportSinglePolicy && iPolicyIdList->Count() != 1)
+ {
+ // We're supposed to import a single policy
+ // only but the import directory contains
+ // multiple policies...
+ ImportComplete(KErrArgument);
+ return;
+ }
+
+ // All is well, so begin import
+ GotoState(EStateBeginPolicyImport);
+ LOG_("<- CPolicyImporter::DoImportPolicyL()");
+ }
+
+void CPolicyImporter::StateBeginPolicyImportL()
+ {
+ SetCurrState(EStateBeginPolicyImport);
+
+ iCurrPolicyIdIndex++;
+
+ if (iCurrPolicyIdIndex == iPolicyIdList->Count())
+ {
+ ImportComplete(KErrNone);
+ return;
+ }
+
+ iCurrPolicyId.Copy(iPolicyIdList->At(iCurrPolicyIdIndex));
+
+ ParseIkeDataL();
+
+ BuildCaCertListL();
+ iCurrCaCertIndex = -1;
+
+ BuildPeerCertListL();
+ iCurrPeerCertIndex = -1;
+
+ BuildUserPrivKeyAndUserCertListL();
+ iCurrUserPrivKeyIndex = -1;
+ iCurrUserCertIndex = -1;
+
+ BuildOtherCaCertListL();
+ iCurrOtherCaCertIndex=-1;
+ GotoState(EStateImportCaCert);
+ }
+
+void CPolicyImporter::StateImportCaCertL()
+ {
+ LOG_("CPolicyImporter::StateImportCaCertL() entry");
+ SetCurrState(EStateImportCaCert);
+
+ iCurrCaCertIndex++;
+
+ if (iCurrCaCertIndex == iCurrCaCertList->Count())
+ {
+ GotoState(EStateImportPeerCert);
+ LOG_("CPolicyImporter::StateImportCaCertL() exit (all CA certs imported)");
+ return;
+ }
+
+ delete iCertFileData;
+ iCertFileData = NULL;
+ iCertFileData = iFileUtil.LoadFileDataL(iCurrCaCertList->At(iCurrCaCertIndex));
+
+ iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData,
+ &iPkiOpContext, iStatus);
+
+ SetNextState(EStateAfterImportCaCert);
+ SetActive();
+ LOG_("CPolicyImporter::StateImportCaCertL() exit");
+ }
+
+void CPolicyImporter::StateAfterImportCaCertL()
+ {
+ SetCurrState(EStateAfterImportCaCert);
+
+ iPkiService.Finalize(iPkiOpContext);
+
+
+ if (iStatus == KErrArgument)
+ {
+ User::Leave(KVpnErrInvalidCaCertFile);
+ }
+ else if (iStatus != KErrNone)
+ {
+ User::Leave(iStatus.Int());
+ }
+
+ // Set VPN trusted
+ CX509Certificate* tempCert = CX509Certificate::NewLC(*iCertFileData);
+ RArray<TUid> appArray;
+ CleanupClosePushL(appArray);
+ appArray.AppendL(TUid::Uid(KUidVpnManager));
+
+ const TPtrC8* serialNumber = tempCert->DataElementEncoding(
+ CX509Certificate::ESerialNumber);
+ const TPtrC8* issuername = tempCert->DataElementEncoding(
+ CX509Certificate::EIssuerName);
+
+ iPkiService.SetApplicabilityL(
+ *issuername,
+ *serialNumber,
+ appArray);
+
+ CleanupStack::PopAndDestroy(2); // appArray, tempCert
+
+ // Handle the next certificate, if present
+ GotoState(EStateImportCaCert);
+ }
+
+void CPolicyImporter::StateImportPeerCertL()
+ {
+ LOG_("CPolicyImporter::StateImportOtherCaCertL() entry");
+ SetCurrState(EStateImportPeerCert);
+
+ iCurrOtherCaCertIndex++;
+
+ if (iCurrOtherCaCertIndex == iCurrOtherCaCertList->Count())
+ {
+ GotoState(EStateImportUserPrivKey);
+ LOG_("CPolicyImporter::StateImportOtherCaCertL() exit (all intermediate CAs imported)");
+ return;
+ }
+
+ delete iCertFileData;
+ iCertFileData = NULL;
+ iCertFileData = iFileUtil.LoadFileDataL(iCurrOtherCaCertList->At(iCurrOtherCaCertIndex));
+ CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex);
+ TPkiServiceStoreType storeType = GetStoreTypeL(data);
+ iPkiService.SetStoreType(storeType);
+
+ iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData,
+ &iPkiOpContext, iStatus);
+
+ SetNextState(EStateAfterImportPeerCert);
+ SetActive();
+ LOG_("CPolicyImporter::StateImportOtherCACertL() exit");
+ }
+
+void CPolicyImporter::StateAfterImportPeerCertL()
+ {
+ SetCurrState(EStateAfterImportPeerCert);
+
+ iPkiService.Finalize(iPkiOpContext);
+
+ if (iStatus != KErrNone)
+ {
+ User::Leave(iStatus.Int());
+ }
+
+ // Handle the next certificate, if present
+ GotoState(EStateImportPeerCert);
+ }
+
+TPkiServiceStoreType CPolicyImporter::GetStoreTypeL(CIkeData* aData)
+ {
+ TPkiServiceStoreType ret(EPkiStoreTypeAny);
+ if (aData->iClientCertType)
+ {
+ HBufC8* storename = aData->iClientCertType->GetAsciiDataL();
+ CleanupStack::PushL(storename);
+ LOG(Log::Printf(_L8("CPolicyImporter::BuildPeerCertListL() Store type defined in policy: %S\n"), &(*storename)));
+
+ if (storename->Compare(_L8("DEVICE")) == 0)
+ {
+ LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses DEVICE store\n");
+ ret = EPkiStoreTypeDevice;
+ }
+ else
+ {
+ LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses USER store\n");
+ ret = EPkiStoreTypeUser;
+ }
+
+ CleanupStack::PopAndDestroy(storename);
+ }
+ else
+ {
+ LOG_("CPolicyImporter::GetStoreType() No store type specified in policy");
+ }
+ return ret;
+ }
+void CPolicyImporter::StateImportUserPrivKeyL()
+ {
+ LOG_("CPolicyImporter::StateImportUserPrivKeyL() entry");
+ SetCurrState(EStateImportUserPrivKey);
+
+ iCurrUserPrivKeyIndex++;
+
+ if (iCurrUserPrivKeyIndex == iCurrUserPrivKeyList->Count())
+ {
+ GotoState(EStateImportPinAndPol);
+ LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit (all keys imported)");
+ return;
+ }
+
+ delete iKeyFileData;
+ iKeyFileData = NULL;
+ iKeyFileData = iFileUtil.LoadFileDataL(iCurrUserPrivKeyList->At(iCurrUserPrivKeyIndex));
+ CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex);
+ TPkiServiceStoreType storeType = GetStoreTypeL(data);
+ iPkiService.SetStoreType(storeType);
+
+ iPkiService.StoreKeypair(iCurrKeyId, *iKeyFileData, iStatus);
+
+ SetNextState(EStateAfterImportUserPrivKey);
+ SetActive();
+ LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit");
+ }
+
+void CPolicyImporter::StateAfterImportUserPrivKeyL()
+ {
+ SetCurrState(EStateAfterImportUserPrivKey);
+
+ if (iStatus == KErrArgument || iStatus == KErrNotSupported)
+ {
+ User::Leave(KVpnErrInvalidUserPrivKeyFile);
+ }
+ else if (iStatus != KErrNone)
+ {
+ User::Leave(iStatus.Int());
+ }
+
+ // Attach user certificates to the imported private key
+ iCurrIkeDataIndex = -1;
+ GotoState(EStateAttachCertificate);
+ }
+
+void CPolicyImporter::StateAttachCertificateL()
+ {
+ LOG_("CPolicyImporter::StateAttachCertificateL() entry");
+ SetCurrState(EStateAttachCertificate);
+
+ iCurrIkeDataIndex++;
+
+ if (iCurrIkeDataIndex == iCurrIkeDataArray->Count())
+ {
+ // Import the next private key, if present
+ GotoState(EStateImportUserPrivKey);
+ return;
+ }
+
+ CIkeData* ikeData = iCurrIkeDataArray->At(iCurrIkeDataIndex);
+ HBufC* fileName(NULL);
+ TPkiServiceStoreType storeType = GetStoreTypeL(ikeData);
+ iPkiService.SetStoreType(storeType);
+
+ fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPrivKey.iData).AllocLC();
+
+ if (fileName->CompareF(iCurrUserPrivKeyList->At(iCurrUserPrivKeyIndex)) == 0)
+ {
+ CleanupStack::PopAndDestroy(fileName);
+ fileName = NULL;
+
+ fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iOwnCert.iData).AllocLC();
+
+ delete iCertFileData;
+ iCertFileData = NULL;
+ iCertFileData = iFileUtil.LoadFileDataL(*fileName);
+
+ iPkiService.AttachCertificateL(iCurrKeyId, KDefaultKeySize, EPKIRSA, *iCertFileData,
+ &iPkiOpContext, iStatus);
+
+ SetNextState(EStateAfterAttachCertificate);
+ SetActive();
+ }
+ else
+ {
+ // Attach the next certificate, if present
+ GotoState(EStateAttachCertificate);
+ }
+ CleanupStack::PopAndDestroy(fileName); // fileName
+ LOG_("CPolicyImporter::StateAttachCertificateL() exit");
+ }
+
+void CPolicyImporter::StateAfterAttachCertificateL()
+ {
+ SetCurrState(EStateAfterAttachCertificate);
+
+ iPkiService.Finalize(iPkiOpContext);
+
+ if (iStatus == KErrArgument)
+ {
+ User::Leave(KVpnErrInvalidUserCertFile);
+ }
+ else if (iStatus != KErrNone)
+ {
+ User::Leave(iStatus.Int());
+ }
+
+ // Attach the next certificate, if present
+ GotoState(EStateAttachCertificate);
+ }
+
+void CPolicyImporter::StateImportPinAndPolL()
+ {
+ LOG_("-> CPolicyImporter::StateImportPinAndPolL()");
+ SetCurrState(EStateImportPinAndPol);
+
+ HBufC* pinFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPinFileExt);
+ HBufC* polFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPolFileExt);
+
+ if (!iFileUtil.FileExists(*pinFile))
+ {
+ LOG_("<- CPolicyImporter::StateImportPinAndPolL() LEAVE: KVpnErrNoPolicyInfoFile");
+ User::Leave(KVpnErrNoPolicyInfoFile);
+ }
+ else if (!iFileUtil.FileExists(*polFile))
+ {
+ LOG_("<- CPolicyImporter::StateImportPinAndPolL() LEAVE: KVpnErrNoPolicyFile");
+ User::Leave(KVpnErrNoPolicyFile);
+ }
+ else
+ {
+ PatchPolicyCaCertInfoL(*polFile);
+
+ iPolicyStore.ImportPolicyL(*pinFile, *polFile, iNewPolicyId);
+
+ //iImportSinglePolicy is used when policy is installed via
+ //OMA DM or ACU. If the policy is installed from .vpn file
+ //the iImportSinglePolicy is not used.
+ //The VPN destination is only created in .vpn case.
+ if (iImportSinglePolicy)
+ {
+ GotoState(EStateEndPolicyImport);
+ }
+ else
+ {
+ GotoState(EStateCreateVpnDestination);
+ }
+ }
+ CleanupStack::PopAndDestroy(2); // polfile, pinfile
+ LOG_("<- CPolicyImporter::StateImportPinAndPolL()");
+ }
+
+void CPolicyImporter::StateCreateVpnDestinationL()
+ {
+ LOG_("-> CPolicyImporter::StateCreateVpnDestinationL()");
+ SetCurrState(EStateCreateVpnDestination);
+
+ //Gets the IAP name from policy name
+ TVpnPolicyInfo* policyInfo = new (ELeave) TVpnPolicyInfo;
+ CleanupDeletePushL(policyInfo);
+
+ User::LeaveIfError(iPolicyStore.GetPolicyInfo(*iNewPolicyId, *policyInfo));
+
+ CmManagerUtils::CreateVPNConnectionMethodToIntranetL(*policyInfo,
+ *(iVpnApiServant.iEventLogger));
+
+ CleanupStack::PopAndDestroy(); //policyInfo
+ GotoState(EStateEndPolicyImport);
+
+ LOG_("<- CPolicyImporter::StateCreateVpnDestinationL()");
+ }
+
+void CPolicyImporter::StateEndPolicyImportL()
+ {
+ LOG_("-> CPolicyImporter::StateEndPolicyImportL()");
+
+ STACK_LEFT;
+
+ SetCurrState(EStateEndPolicyImport);
+
+ // Delete the files that were just imported from the import/install directory
+
+ HBufC* fileFilter = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KAllFilesPat);
+ iFileUtil.DeleteFilesL(*fileFilter);
+
+ CleanupStack::PopAndDestroy(); // fileFilter
+
+ LOG_EVENT_2B(R_VPN_MSG_INSTALLED_POLICY_FILE, iNewPolicyId, NULL, 0, iImportSinglePolicy);
+
+ GotoState(EStateBeginPolicyImport);
+ LOG_("<- CPolicyImporter::StateEndPolicyImportL()");
+ }
+
+void CPolicyImporter::BuildPolicyIdListL()
+ {
+ delete iPolicyIdList;
+ iPolicyIdList = NULL;
+ iPolicyIdList = new (ELeave) CArrayFixFlat<TExtVpnPolicyId>(2);
+
+ TFindFile* fileFinder = new (ELeave) TFindFile(iFs);
+ CleanupStack::PushL(fileFinder);
+
+ CDir* fileList;
+
+ TInt ret = fileFinder->FindWildByDir(KPinFilePat, iImportDir, fileList);
+
+ if (ret == KErrNone)
+ {
+ CleanupStack::PushL(fileList);
+
+ for (TInt i = 0; i < fileList->Count(); i++)
+ {
+ TParse* fileNameParser = new (ELeave) TParse();
+ CleanupStack::PushL(fileNameParser);
+
+ fileNameParser->Set((*fileList)[i].iName, NULL, NULL);
+
+ TExtVpnPolicyId policyId;
+ policyId.Copy(fileNameParser->Name());
+
+ iPolicyIdList->AppendL(policyId);
+
+ CleanupStack::PopAndDestroy(); // fileNameParser
+ }
+ CleanupStack::PopAndDestroy(); // fileList
+ }
+ CleanupStack::PopAndDestroy(); // fileFinder
+ }
+
+void CPolicyImporter::BuildCaCertListL()
+ {
+ LOG_("-> CPolicyImporter::BuildCaCertListL()");
+ delete iCurrCaCertList;
+ iCurrCaCertList = NULL;
+ iCurrCaCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
+
+ TFileName *fileName = new (ELeave) TFileName;
+ CleanupStack::PushL(fileName);
+
+ LOG_("Pre-for");
+ for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++)
+ {
+ LOG_("For start");
+ CIkeData* ikeData = iCurrIkeDataArray->At(i);
+ fileName->Zero();
+
+ if (ikeData->iCAList)
+ {
+ LOG_("CAlist found");
+ for (TInt j = 0; j < ikeData->iCAList->Count(); j++)
+ {
+ LOG_("CA iter start");
+ if (ikeData->iCAList->At(j)->iFormat == BIN_CERT)
+ {
+ LOG_("Bin cert found");
+ *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iCAList->At(j)->iData);
+ if (!iFileUtil.FileExists(*fileName))
+ {
+ LOG_("<- CPolicyImporter::BuildCaCertListL() LEAVE (KVpnErrCaCertFileMissing)");
+ User::Leave(KVpnErrInvalidCaCertFile);
+ }
+ //Makes sure every file name is appended only once.
+ AppendIfNotFoundL( iCurrCaCertList, fileName );
+ }
+ }
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //fileName
+ LOG_("<- CPolicyImporter::BuildCaCertListL()");
+ }
+
+
+void CPolicyImporter::BuildPeerCertListL()
+ {
+ LOG(Log::Printf(_L8("-> CPolicyImporter::BuildPeerCertListL()\n")));
+ delete iCurrPeerCertList;
+ iCurrPeerCertList = NULL;
+ iCurrPeerCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
+
+ TFileName *fileName = new (ELeave) TFileName;
+ CleanupStack::PushL(fileName);
+
+ for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++)
+ {
+ CIkeData* ikeData = iCurrIkeDataArray->At(i);
+ fileName->Zero();
+
+ if (ikeData->iPeerCert.iData.Length() > 0 &&
+ ikeData->iPeerCert.iFormat == BIN_CERT)
+ {
+ *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPeerCert.iData);
+ if (!iFileUtil.FileExists(*fileName))
+ {
+ User::Leave(KVpnErrPeerCertFileMissing);
+ }
+ AppendIfNotFoundL( iCurrPeerCertList, fileName );
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //fileName
+ LOG_("<- CPolicyImporter::BuildPeerCertListL()");
+ }
+
+
+void CPolicyImporter::BuildUserPrivKeyAndUserCertListL()
+ {
+ LOG_("-> CPolicyImporter::BuildUserPrivKeyAndUserCertListL()");
+ delete iCurrUserPrivKeyList;
+ iCurrUserPrivKeyList = NULL;
+ iCurrUserPrivKeyList = new (ELeave) CArrayFixFlat<TFileName>(2);
+
+ delete iCurrUserCertList;
+ iCurrUserCertList = NULL;
+ iCurrUserCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
+
+ TFileName *fileName = new (ELeave) TFileName;
+ CleanupStack::PushL(fileName);
+
+
+ for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++)
+ {
+ CIkeData* ikeData = iCurrIkeDataArray->At(i);
+ fileName->Zero();
+
+ if (ikeData->iOwnCert.iData.Length() > 0 &&
+ ikeData->iOwnCert.iFormat == BIN_CERT)
+ {
+ //First check that defined user cert is found and if so
+ //add the file name to the list
+
+ *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iOwnCert.iData);
+ if (!iFileUtil.FileExists(*fileName))
+ {
+ User::Leave(KVpnErrInvalidUserCertFile);
+ }
+ AppendIfNotFoundL( iCurrUserCertList, fileName );
+
+ //After the user cert is found check that the assosiated private key
+ //is found.
+ if (ikeData->iPrivKey.iData.Length() > 0 &&
+ ikeData->iPrivKey.iFormat == BIN_CERT)
+ {
+ fileName->Zero();
+ *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPrivKey.iData);
+ if (!iFileUtil.FileExists(*fileName))
+ {
+ User::Leave(KVpnErrInvalidUserPrivKeyFile);
+ }
+ AppendIfNotFoundL( iCurrUserPrivKeyList, fileName );
+ }
+ else
+ {
+ User::Leave(KVpnErrInvalidPolicyFile);
+ }
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); //fileName
+ LOG_("<- CPolicyImporter::BuildUserPrivKeyAndUserCertListL()");
+ }
+
+void CPolicyImporter::BuildOtherCaCertListL()
+ {
+ LOG(Log::Printf(_L8("-> CPolicyImporter::BuildOtherCACertListL()\n")));
+ delete iCurrOtherCaCertList;
+ iCurrOtherCaCertList = NULL;
+ iCurrOtherCaCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
+ TFileName *fileName = new (ELeave) TFileName;
+ CleanupStack::PushL(fileName);
+ TFileName *totalPath= new (ELeave) TFileName;
+ CleanupStack::PushL(totalPath);
+ CDir* dirList=NULL;
+ _LIT(KFileSpec, "*ca-?.*er");
+ *totalPath=iImportDir;
+ totalPath->Append(KFileSpec);
+
+
+ User::LeaveIfError(
+ iFs.GetDir(*totalPath,
+ KEntryAttMaskSupported,
+ ESortByName, dirList));
+ CleanupStack::PushL(dirList);
+ if ( dirList->Count()>1 )
+ {
+ for (TInt i=0;i<dirList->Count();i++)
+ {
+ *fileName = (*dirList)[i].iName;
+ *totalPath = iImportDir;
+ totalPath->Append(*fileName);
+ AppendIfNotFoundL(iCurrOtherCaCertList, totalPath);
+ }
+ }
+ CleanupStack::PopAndDestroy(dirList);
+ CleanupStack::PopAndDestroy(totalPath);
+
+ CleanupStack::PopAndDestroy(); //fileName
+ LOG_("<- CPolicyImporter::BuildOtherCaCertListL()");
+ }
+
+void CPolicyImporter::ParseIkeDataL()
+ {
+ LOG_("-> CPolicyImporter::ParseIkeDataL()");
+
+ HBufC* polFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPolFileExt);
+
+ if (!iFileUtil.FileExists(*polFile))
+ {
+ LOG_("<- CPolicyImporter::ParseIkeDataL() LEAVE (KVpnErrNoPolicyFile)");
+ User::Leave(KVpnErrNoPolicyFile);
+ }
+
+ HBufC8* fileData = iFileUtil.LoadFileDataL(*polFile);
+ CleanupStack::PushL(fileData);
+
+ HBufC* fileData16 = HBufC::NewLC(fileData->Length());
+
+ fileData16->Des().Copy(*fileData);
+
+ delete iCurrIkeDataArray;
+ iCurrIkeDataArray = NULL;
+ iCurrIkeDataArray = CIkeDataArray::NewL(1);
+
+ TIkeParser* ikeParser = new (ELeave) TIkeParser(*fileData16);
+ CleanupStack::PushL(ikeParser);
+ ikeParser->ParseIKESectionsL(iCurrIkeDataArray);
+
+ CleanupStack::PopAndDestroy(4); // ikeParser, fileData16, fileData, polFile
+ LOG_("<- CPolicyImporter::ParseIkeDataL()");
+ }
+
+
+void CPolicyImporter::PatchPolicyCaCertInfoL(const TFileName& aPolicyFile)
+ {
+ LOG_("-> CPolicyImporter::PatchPolicyCaCertInfoL()");
+ HBufC8* policyData = iFileUtil.LoadFileDataL(aPolicyFile);
+ CleanupStack::PushL(policyData);
+
+ CPolicyPatchInfoList* patchInfoList = BuildPolicyPatchInfoListL();
+ CleanupStack::PushL(patchInfoList);
+
+ CPolicyPatcher* patcher = CPolicyPatcher::NewL();
+ CleanupStack::PushL(patcher);
+
+ HBufC8* patchedPolicyData = patcher->PatchPolicyL(*policyData, patchInfoList);
+ CleanupStack::PushL(patchedPolicyData);
+
+ iFileUtil.SaveFileDataL(aPolicyFile, *patchedPolicyData);
+
+ CleanupStack::PopAndDestroy(4); // patchedPolicyData, patcher, patchInfoList, policyData
+ LOG_("<- CPolicyImporter::PatchPolicyCaCertInfoL()");
+ }
+
+CPolicyPatchInfoList* CPolicyImporter::BuildPolicyPatchInfoListL()
+ {
+ LOG_("-> CPolicyImporter::BuildPolicyPatchInfoListL()");
+ CPolicyPatchInfoList* patchInfoList = new (ELeave) CPolicyPatchInfoList(2);
+ CleanupStack::PushL(patchInfoList);
+ HBufC8* subjectName;
+ // First, append the CA certs to patch list...
+ for (TInt i = 0; i < iCurrCaCertList->Count(); i++)
+ {
+
+ CPolicyPatchInfo* patchInfo = new (ELeave) CPolicyPatchInfo();
+ CleanupStack::PushL(patchInfo);
+
+ TParse fileNameParser;
+ fileNameParser.Set(iCurrCaCertList->At(i), NULL, NULL);
+
+ patchInfo->iCertFileName.Copy(fileNameParser.NameAndExt());
+ subjectName = CertSubjectNameL(iCurrCaCertList->At(i));
+ CleanupStack::PushL(subjectName);
+ if ( iCurrOtherCaCertList->Count()>1 && iCurrCaCertList->Count()==1 ) //if other than basic CA certificate exists
+ {
+ // Set original intermediate CA untrusted. .
+ HBufC8* certData = iFileUtil.LoadFileDataL(iCurrCaCertList->At(0));
+ CleanupStack::PushL(certData);
+ CX509Certificate* tempCert = CX509Certificate::NewLC(*certData);
+ RArray<TUid> appArray;
+ CleanupClosePushL(appArray);
+ const TPtrC8* serialNumber = tempCert->DataElementEncoding(
+ CX509Certificate::ESerialNumber);
+ const TPtrC8* issuername = tempCert->DataElementEncoding(
+ CX509Certificate::EIssuerName);
+
+ iPkiService.SetApplicabilityL(
+ *issuername,
+ *serialNumber,
+ appArray);
+
+ CleanupStack::PopAndDestroy(3); // appArray, tempcert
+
+ //get CA from chain
+ TFileName rootCAFile=GetCAFromFileListL(*subjectName, iCurrOtherCaCertList);
+ CleanupStack::PopAndDestroy(subjectName);
+ subjectName=NULL;
+ subjectName = CertSubjectNameL(rootCAFile);
+ CleanupStack::PushL(subjectName);
+
+ //Set highest CA as trusted
+ certData = iFileUtil.LoadFileDataL(rootCAFile);
+ CleanupStack::PushL(certData);
+ tempCert = CX509Certificate::NewLC(*certData);
+ CleanupClosePushL(appArray);
+ appArray.AppendL(TUid::Uid(KUidVpnManager));
+ serialNumber = tempCert->DataElementEncoding(
+ CX509Certificate::ESerialNumber);
+ issuername = tempCert->DataElementEncoding(
+ CX509Certificate::EIssuerName);
+
+ iPkiService.SetApplicabilityL(
+ *issuername,
+ *serialNumber,
+ appArray);
+
+ CleanupStack::PopAndDestroy(3); // appArray, tempcert, certData
+ }
+ patchInfo->SetCertSubjectNameL(*subjectName);
+
+ patchInfoList->AppendL(patchInfo);
+ CleanupStack::PopAndDestroy(subjectName);
+ subjectName=NULL;
+ CleanupStack::Pop(patchInfo); // patcInfo (now owned by the list)
+ }
+
+ // ... then, append also the user certificates.
+ for (TInt i = 0; i < iCurrUserCertList->Count(); i++)
+ {
+ TInt keySize = 0;
+ HBufC8* subjectName = CertInfoL(iCurrUserCertList->At(i), keySize);
+ CleanupStack::PushL(subjectName);
+
+ CPolicyPatchInfo* patchInfo = new (ELeave) CPolicyPatchInfo();
+ CleanupStack::PushL(patchInfo);
+
+ TParse fileNameParser;
+ fileNameParser.Set(iCurrUserCertList->At(i), NULL, NULL);
+
+ patchInfo->iCertFileName.Copy(fileNameParser.NameAndExt());
+ patchInfo->SetCertSubjectNameL(*subjectName);
+ patchInfo->SetUserCertKeyLen(keySize);
+
+ patchInfoList->AppendL(patchInfo);
+
+ CleanupStack::Pop(); // patchInfo (now owned by the list)
+ CleanupStack::PopAndDestroy(); // subjectName
+ }
+
+ CleanupStack::Pop(); // patchInfoList, ownership transferred
+
+ LOG_("<- CPolicyImporter::BuildPolicyPatchInfoListL()");
+ return patchInfoList;
+ }
+
+HBufC8* CPolicyImporter::CertSubjectNameL(const TFileName& aCertFile)
+ {
+ TInt keySize = KDoNotGetKeySize;
+ return CertInfoL(aCertFile,keySize);
+ }
+
+void CPolicyImporter::CleanImportDirectory()
+ {
+ LOG_("-> CPolicyImporter::CleanImportDirectory()");
+
+ TRAP_IGNORE(
+ {
+ HBufC* fileFilter = iFileUtil.MakeFileNameLC(iImportDir, KNullDesC, KAllFilesPat);
+ iFileUtil.DeleteFilesL(*fileFilter);
+ CleanupStack::PopAndDestroy();
+ });
+
+ LOG_("<- CPolicyImporter::CleanImportDirectory()");
+ }
+
+void CPolicyImporter::AppendIfNotFoundL(CArrayFixFlat<TFileName>* aList,
+ TFileName* aFileName)
+ {
+ ASSERT(aList && aFileName);
+
+ TKeyArrayFix arrayKey(0, ECmpFolded);
+ TInt position;
+ if ( aList->FindIsq( *aFileName, arrayKey, position ) )
+ {
+ aList->AppendL( *aFileName );
+ }
+ }
+
+HBufC8* CPolicyImporter::CertInfoL(const TFileName& aCertFile, TInt& aKeySize)
+ {
+ HBufC8* certData = iFileUtil.LoadFileDataL(aCertFile);
+ CleanupStack::PushL(certData);
+
+ HBufC* subjectName = PkiUtil::CertSubjectNameL(*certData);
+ CleanupStack::PushL(subjectName);
+
+ HBufC8* subjectName8 = HBufC8::NewL(subjectName->Length());
+ subjectName8->Des().Copy(*subjectName);
+
+ if(KDoNotGetKeySize != aKeySize)
+ {
+ aKeySize = PkiUtil::CertKeySizeL(*certData);
+ }
+
+ CleanupStack::PopAndDestroy(2); // subjectName, certData
+
+ return subjectName8;
+ }
+
+HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile)
+ {
+ HBufC8* certData = iFileUtil.LoadFileDataL(aCertFile);
+ CleanupStack::PushL(certData);
+
+ HBufC* issuerName = PkiUtil::CertIssuerNameL(*certData);
+ CleanupStack::PushL(issuerName);
+
+ HBufC8* issuerName8 = HBufC8::NewL(issuerName->Length());
+ issuerName8->Des().Copy(*issuerName);
+
+ CleanupStack::PopAndDestroy(2); // subjectName, certData
+
+ return issuerName8;
+ }
+
+TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat<TFileName>* aCertFileArray)
+ {
+ TFileName rootCa;
+ TInt currCaIndex=0;
+ TInt currIndex=1;
+ TInt keySize = 0;
+ for ( TInt i=0; i<aCertFileArray->Count(); i++)
+ {
+ HBufC8* certSubjectName = CertInfoL(aCertFileArray->At(i), keySize);
+ CleanupStack::PushL(certSubjectName);
+ if ( certSubjectName->Compare(aCertSubjectName) == 0)
+ currCaIndex=i;
+ CleanupStack::PopAndDestroy(certSubjectName);
+ certSubjectName=NULL;
+ }
+
+
+ while ( currIndex< aCertFileArray->Count())
+ {
+ HBufC8* issuerName = CertIssuerL(aCertFileArray->At(currCaIndex));
+ CleanupStack::PushL(issuerName);
+ HBufC8* subjectName = CertInfoL(aCertFileArray->At(currCaIndex), keySize);
+ CleanupStack::PushL(subjectName);
+
+ for (TInt i=0; i<aCertFileArray->Count();i++)
+ {
+ HBufC8* certSubjectName = CertInfoL(aCertFileArray->At(i), keySize);
+ CleanupStack::PushL(certSubjectName);
+ if ( certSubjectName->Compare(*issuerName)==0 )
+ {
+ currCaIndex=i;
+ CleanupStack::PopAndDestroy(certSubjectName);
+ certSubjectName=NULL;
+ break;
+ }
+ CleanupStack::PopAndDestroy(certSubjectName);
+ certSubjectName=NULL;
+ }
+
+ CleanupStack::PopAndDestroy(subjectName);
+ subjectName=NULL;
+ CleanupStack::PopAndDestroy(issuerName);
+ issuerName=NULL;
+ currIndex++;
+ }
+
+ return aCertFileArray->At(currCaIndex);
+
+ }
+/***/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/policypatcher.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,484 @@
+/*
+* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy importer
+*
+*/
+
+
+
+#include "policypatcher.h"
+#include "vpnapidefs.h"
+
+
+TAny* TPatchKeyArrayPtr::At(TInt aIndex) const
+ {
+ if (aIndex==KIndexPtr)
+ {
+ TAny* base = *(TUint8**)iPtr;
+ CPolicyPatchInfo* info = (CPolicyPatchInfo*)base;
+ return (TAny*)&(info->iPatchOffset);
+ }
+ else
+ {
+ TAny* base = *(TUint8**)iBase->Ptr(aIndex*sizeof(TUint8**)).Ptr();
+ CPolicyPatchInfo* info = (CPolicyPatchInfo*)base;
+ return (TAny*)&(info->iPatchOffset);
+ }
+ }
+
+
+CPolicyPatcher* CPolicyPatcher::NewL()
+ {
+ CPolicyPatcher* self = new (ELeave) CPolicyPatcher();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+CPolicyPatcher::CPolicyPatcher()
+ {
+ }
+
+CPolicyPatcher::~CPolicyPatcher()
+ {
+ }
+
+void CPolicyPatcher::ConstructL()
+ {
+ }
+
+/*
+ * The policy file is patched as follows:
+ * - CA certificate references are changed from filenames
+ * into CA subject names (correspondingly, the reference
+ * type is changed from BIN to NAME)
+ * - User private key and certificate references are not
+ * removed although they are no longer in use
+ */
+HBufC8* CPolicyPatcher::PatchPolicyL(const TDesC8& aPolicyData,
+ CPolicyPatchInfoList* aPatchInfoList)
+ {
+ iInput.Set(aPolicyData);
+ iPatchInfoList = aPatchInfoList;
+
+ FindOffsetsL();
+
+ // Sort the resulting array to ascending order, using key
+ // patchInfo->iPatchOffset
+ TPatchKeyArrayPtr sortedCerts(_FOFF(CPatchData, iPatchOffset), ECmpTInt32);
+ iPatchInfoList->Sort(sortedCerts);
+
+ return CreateOutputL();
+ }
+
+void CPolicyPatcher::FindOffsetsL()
+ {
+ TInt formatValueOffset = KErrGeneral;
+
+ for (TInt i = 0; i < iPatchInfoList->Count(); i++)
+ {
+ CPolicyPatchInfo* patchInfo = iPatchInfoList->At(i);
+
+ TInt fileNameOffset = iInput.FindF(patchInfo->iCertFileName);
+
+ if (fileNameOffset != KErrNotFound)
+ {
+ TPtrC8 precedingInput = iInput.Left(fileNameOffset);
+
+ if (0 == patchInfo->UserCertKeyLen())
+ {
+ // CA cert
+ formatValueOffset = precedingInput.LocateReverseF(KBinChar);
+ }
+ else
+ {
+ // User cert
+ formatValueOffset = precedingInput.LocateReverseF(KFormatChar);
+ }
+
+ if (formatValueOffset != KErrNone)
+ {
+ patchInfo->iPatchOffset = formatValueOffset;
+ }
+ else
+ {
+ User::Leave(KVpnErrInvalidPolicyFile);
+ }
+
+ patchInfo->iReminderOffset = fileNameOffset + patchInfo->iCertFileName.Length();
+ }
+ }
+ }
+
+HBufC8* CPolicyPatcher::CreateOutputL()
+ {
+ TInt patchInfoCount = iPatchInfoList->Count();
+
+ CPatchDataList* patchDataList = new (ELeave) CPatchDataList(2);
+ CleanupStack::PushL(patchDataList);
+
+ for (TInt i = 0; i < patchInfoCount; i++)
+ {
+ CPolicyPatchInfo* patchInfo = iPatchInfoList->At(i);
+
+ if (patchInfo->iPatchOffset != KUndefinedOffset)
+ {
+ CPatchData* patchData = new (ELeave) CPatchData;
+ CleanupStack::PushL(patchData);
+
+ patchData->iPatchOffset = patchInfo->iPatchOffset;
+ patchData->iReminderOffset = patchInfo->iReminderOffset;
+ patchData->iData = CreatePatchDataL(patchInfo);
+
+ patchDataList->AppendL(patchData);
+
+ CleanupStack::Pop(); // patchData (now owned by the list)
+ }
+ }
+
+ TInt outputLength = iInput.Length();
+ TInt patchDataCount = patchDataList->Count();
+
+ for (TInt j = 0; j < patchDataCount; j++)
+ {
+ outputLength += patchDataList->At(j)->iData->Length();
+ }
+
+ HBufC8* output = HBufC8::NewL(outputLength);
+ TPtr8 ptrOutput = output->Des();
+
+ if (patchDataCount == 0)
+ {
+ ptrOutput.Append(iInput);
+ }
+ else
+ {
+ // Append all patches and the input data before,
+ // between and after them to the outout
+ for (TInt k = 0; k < patchDataCount; k++)
+ {
+ TInt startOffset;
+
+ // If this is the first patch...
+ if (k == 0)
+ {
+ // ...there is no previous patch whose
+ // reminder offset we could use
+ startOffset = 0;
+ }
+ else
+ {
+ // There is a previous patch whose reminder offset we can use
+ startOffset = patchDataList->At(k - 1)->iReminderOffset;
+ }
+
+ CPatchData* currPatchData = patchDataList->At(k);
+
+ TInt endOffset = currPatchData->iPatchOffset;
+
+ // Append to the output the input data between the previous
+ // patch (or the beginning of input if this is the first patch)
+ // and the current patch
+ ptrOutput.Append(iInput.Mid(startOffset, endOffset - startOffset));
+
+ // Append the current patch data to the output
+ ptrOutput.Append(*(currPatchData->iData));
+
+ // If this is the last patch...
+ if (k == (patchDataCount -1))
+ {
+ if(EFalse != iUserCertPatched)
+ {
+ // The data after user cert patch is not needed.
+ // Append new line instead.
+ // In practise this removes the PRIVATE_KEY_FORMAT
+ // and PRIVATE_KEY_DATA lines.
+ ptrOutput.Append(KNewLine);
+ }
+ else
+ {
+ // ...append to the output the input data between the
+ // last patch and the end of the input
+ ptrOutput.Append(iInput.Mid(currPatchData->iReminderOffset));
+ }
+ }
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); // patchDataList
+
+ return output;
+ }
+
+HBufC8* CPolicyPatcher::CreatePatchDataL(const CPolicyPatchInfo* aPatchInfo)
+ {
+ TInt patchDataLength = 0;
+
+ TBuf8<20> keyBuf;
+
+ const TDesC8& certSubjectName = aPatchInfo->CertSubjectName();
+
+ if (0 == aPatchInfo->UserCertKeyLen())
+ {
+ // CA cert patch
+ patchDataLength = KName().Length() + KNewLine().Length() +
+ KDataField().Length() + KSpace().Length() +
+ certSubjectName.Length();
+ }
+ else
+ {
+ // user cert patch
+ keyBuf.Num(aPatchInfo->UserCertKeyLen());
+ patchDataLength = KDNField().Length() + certSubjectName.Length() +
+ KNewLine().Length() + KKeyLenField().Length() +
+ keyBuf.Length();
+ }
+
+ HBufC8* patchData = HBufC8::NewL(patchDataLength);
+ CleanupStack::PushL(patchData);
+
+ TPtr8 ptrPatchData(patchData->Des());
+
+ if (0 == aPatchInfo->UserCertKeyLen())
+ {
+ // CA cert patch
+ ptrPatchData.Append(KName);
+ ptrPatchData.Append(KNewLine);
+ ptrPatchData.Append(KDataField);
+ ptrPatchData.Append(KSpace);
+ ptrPatchData.Append(certSubjectName);
+ }
+ else
+ {
+ // User cert patch
+ ptrPatchData.Append(KKeyLenField);
+ ptrPatchData.Append(keyBuf);
+ ptrPatchData.Append(KNewLine);
+ ptrPatchData.Append(KDNField);
+ ptrPatchData.Append(certSubjectName);
+ iUserCertPatched = ETrue;
+ }
+
+ CleanupStack::Pop(); // patchData
+
+ return patchData;
+ }
+
+
+// CPolicyPatchInfo
+
+CPolicyPatchInfo::CPolicyPatchInfo()
+ {
+ iCertFileName.SetLength(0);
+ iPatchOffset = KUndefinedOffset;
+ iReminderOffset = KUndefinedOffset;
+ iUserCertKeyLen = 0;
+ }
+
+CPolicyPatchInfo::~CPolicyPatchInfo()
+ {
+ delete iCertSubjectName;
+ }
+
+const TDesC8& CPolicyPatchInfo::CertSubjectName() const
+ {
+ return *iCertSubjectName;
+ }
+
+void CPolicyPatchInfo::SetCertSubjectNameL(const TDesC8& aCertSubjectName)
+ {
+ delete iCertSubjectName;
+ iCertSubjectName = NULL;
+ HBufC8* certSubjectBuf = CheckSubjectNameSyntaxL(aCertSubjectName);
+ iCertSubjectName = certSubjectBuf;
+ }
+
+void CPolicyPatchInfo::SetUserCertKeyLen(TInt aKeyLen)
+ {
+ iUserCertKeyLen = aKeyLen;
+ }
+
+TInt CPolicyPatchInfo::UserCertKeyLen() const
+ {
+ return iUserCertKeyLen;
+ }
+
+HBufC8* CPolicyPatchInfo::CheckSubjectNameSyntaxL(const TDesC8& aSubj)
+ {
+ const TInt KMaxSubjectItems = 20;
+
+ _LIT8(KEqualSign, "=");
+ _LIT8(KCommaSign, ",");
+ _LIT8(KReplacementChar, "\"");
+
+ //counts positions for equal sign characters
+ CArrayFixFlat<TInt>* equalSignArr=new (ELeave) CArrayFixFlat<TInt> (KMaxSubjectItems);
+
+ //counts positions for comma characters
+ CArrayFixFlat<TInt>* commaSignArr=new (ELeave) CArrayFixFlat<TInt> (KMaxSubjectItems);
+
+ //counts positions for double quatiation characters
+ CArrayFixFlat<TInt>* updateArr=new (ELeave) CArrayFixFlat<TInt> (KMaxSubjectItems);
+
+ TInt subjLth=aSubj.Length();
+ TInt equalArrItemCount=0;
+ TInt commaArrItemCount=0;
+ TInt updateArrCount=0;
+
+ CleanupStack::PushL(equalSignArr);
+ CleanupStack::PushL(commaSignArr);
+
+ //register '=' and ',' character positions
+ for (TInt i=0; i<subjLth; i++)
+ {
+ if ( aSubj.Mid(i, 1)== KEqualSign )
+ {
+ equalSignArr->AppendL(i);
+ equalArrItemCount++;
+ }
+
+ if ( aSubj.Mid(i, 1)== KCommaSign )
+ {
+ commaSignArr->AppendL(i);
+ commaArrItemCount++;
+ }
+ }
+
+ CleanupStack::PushL(updateArr);
+
+ TInt i=0;
+ TInt j=0;
+
+ // At least one comma required. Otherwise there is no chance for extra commas
+ if ( commaArrItemCount )
+ {
+ while ( i< equalArrItemCount )
+ {
+
+ //advance starting position for every iteration
+ TInt eqSignStartIndex=i;
+
+ TInt cmCount=0;
+
+ //check wether there is more than one comma between two adjacent fields.
+ while ( commaSignArr->At(j)< equalSignArr->At(eqSignStartIndex) )
+ {
+ cmCount++;
+
+ j++;
+
+ if ( j==commaArrItemCount )
+ break;
+ }
+
+ //at least one extra comma character found. Mark positions for mofifications.
+ if (cmCount>1)
+ {
+ TInt equalPos=equalSignArr->At(eqSignStartIndex-1) + 1;
+ updateArr->AppendL(equalPos);
+
+ TInt commaPos=commaSignArr->At(j-1);
+ updateArr->AppendL(commaPos);
+
+ updateArrCount++;
+ updateArrCount++;
+ }
+ i++;
+ }
+ }
+
+ //Checking also last attribute of Subject Name string
+ if ( j<commaArrItemCount )
+ {
+ updateArr->AppendL(equalSignArr->At(equalArrItemCount-1));
+ updateArr->AppendL(subjLth-1);
+ }
+
+ TBuf8<256> resultBuf;
+ resultBuf.Copy(aSubj);
+
+ i=0;
+
+ //update subjectname acoording to updateArr array.
+ if ( updateArr->Count()>0 )
+ {
+ while (i<updateArrCount)
+ {
+ TBuf8<3> updateStr(KReplacementChar);
+
+ updateStr.Append(aSubj.Mid(updateArr->At(i),1));
+
+ if ( resultBuf.Length()<256 )
+ resultBuf.Insert(updateArr->At(i) + i, KReplacementChar);
+ else
+ User::Leave(KErrNotSupported);
+ i++;
+ }
+ }
+
+ CleanupStack::Pop(updateArr);
+ CleanupStack::Pop(commaSignArr);
+ CleanupStack::Pop(equalSignArr);
+
+ delete equalSignArr;
+ equalSignArr=NULL;
+
+ delete commaSignArr;
+ commaSignArr=NULL;
+
+ delete updateArr;
+ updateArr=NULL;
+
+ HBufC8* resultHeap = resultBuf.AllocL();
+
+ return resultHeap;
+ }
+
+
+// CPolicyPatchInfoList
+
+CPolicyPatchInfoList::CPolicyPatchInfoList(TInt aGranularity)
+ : CArrayPtrFlat<CPolicyPatchInfo>(aGranularity)
+ {
+ }
+
+CPolicyPatchInfoList::~CPolicyPatchInfoList()
+ {
+ ResetAndDestroy();
+ }
+
+
+// CPatchData
+
+CPatchData::~CPatchData()
+ {
+ delete iData;
+ }
+
+
+// CPatchDataList
+
+CPatchDataList::CPatchDataList(TInt aGranularity)
+ : CArrayPtrFlat<CPatchData>(aGranularity)
+ {
+ }
+
+CPatchDataList::~CPatchDataList()
+ {
+ ResetAndDestroy();
+ }
+
+
+/***/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/policystore.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1006 @@
+/*
+* Copyright (c) 2000-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy store
+*
+*/
+
+
+
+#include <e32math.h>
+#include <cmconnectionmethod.h>
+#include <cmpluginvpndef.h> // vpn plugin
+#include "policystore.h"
+#include "pinparser.h"
+#include "ikepolparser.h"
+#include "pkiserviceapi.h"
+#include "policyimporter.h"
+#include "uuid.h"
+#include "log_r6.h"
+
+CPolicyStore* CPolicyStore::NewL(RFs& aFs)
+ {
+ CPolicyStore* self = new (ELeave) CPolicyStore(aFs);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CPolicyStore::CPolicyStore(RFs& aFs) : iFs(aFs), iFileUtil(aFs)
+ {
+ }
+
+inline void CPolicyStore::ConstructL()
+ {
+ LOG_("CPolicyStore::ConstructL");
+ ConstructPolicyListL();
+ LOG_("CPolicyStore::ConstructL:end");
+ }
+
+CPolicyStore::~CPolicyStore()
+ {
+ delete iPolicyListAll;
+ delete iPolicyListVisible;
+ }
+
+void CPolicyStore::ConstructPolicyListL()
+ {
+ // Using two policy lists (one for all and one for the visible
+ // ones) makes it easy to support the concept of hidden and
+ // visible policies. There's a slight memory penalty but this
+ // is not serious as the number of policies is typically small).
+ // Hidden policies differ from visible ones in only one aspect -
+ // they are not included in the policy listing returned to
+ // the caller.
+
+ // A list of all policies (both visible and hidden)
+ iPolicyListAll = new (ELeave) CArrayFixFlat<TVpnPolicyInfo>(2);
+ // A list of visible policies only
+ iPolicyListVisible = new (ELeave) CArrayFixFlat<TVpnPolicyInfo>(2);
+
+ TFindFile fileFinder(iFs);
+ CDir* fileList;
+
+ TPath privateDir;
+ User::LeaveIfError(iFs.PrivatePath(privateDir));
+ TInt ret = fileFinder.FindWildByDir(KPolFilePat, privateDir, fileList);
+ if (ret == KErrNone)
+ {
+ CleanupStack::PushL(fileList);
+
+ for (TInt i = 0; i < fileList->Count(); i++)
+ {
+ TParse fileNameParser;
+ fileNameParser.Set((*fileList)[i].iName, &fileFinder.File(), NULL);
+
+ TVpnPolicyId policyId;
+
+ // Only add the policy to the list its ID length is
+ // acceptable (this is the case with all policies
+ // that have been properly imported to the store)
+ if (fileNameParser.Name().Length() <= policyId.MaxLength())
+ {
+ policyId.Copy(fileNameParser.Name());
+
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(policyId);
+
+ if (iFileUtil.FileExists(*pinFile))
+ {
+ AddPolicyL(policyId);
+ }
+ CleanupStack::PopAndDestroy(pinFile);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); // fileList
+ }
+ }
+
+TUint8* CPolicyStore::RawPolicyData()
+ {
+ // The list of policies returned to the caller contains ONLY
+ // visible policies.
+ return reinterpret_cast<TUint8*>(&(iPolicyListVisible->At(0)));
+ }
+
+void CPolicyStore::ImportPolicyL(
+ const TFileName& aPinFile, const TFileName& aPolFile,
+ TVpnPolicyId* aNewPolicyId)
+ {
+ LOG_("-> CPolicyStore::ImportPolicyL()");
+ TVpnPolicyId policyId = NewPolicyIdL();
+
+ // Write the new policy ID to the caller
+ if (aNewPolicyId)
+ {
+ aNewPolicyId->Copy(policyId);
+ }
+
+ // Create new PIN and POL file names
+ // (Dynamic allocation to conserve stack space)
+ HBufC* pinFileP = iFileUtil.GetPinFileNameLC(policyId);
+ HBufC* polFileP = iFileUtil.GetPolFileNameLC(policyId);
+
+ // Move the files from the install directory
+ // to the target directory (the policy store)
+ iFileUtil.CopyFileL(aPinFile, *pinFileP);
+ iFileUtil.CopyFileL(aPolFile, *polFileP);
+
+ CleanupStack::PopAndDestroy(polFileP);
+
+ // Make sure that the name of the new policy
+ // does not collide with an existing name
+ EnsureUniquePolicyNameL(*pinFileP);
+
+ CleanupStack::PopAndDestroy(pinFileP);
+
+ // Add the imported policy to the policy list
+ AddPolicyL(policyId);
+ LOG(Log::Printf(_L("<- CPolicyStore::ImportPolicyL()")));
+ }
+
+TInt CPolicyStore::DeletePolicyL(const TVpnPolicyId& aPolicyId)
+ {
+ LOG(Log::Printf(_L("-> CPolicyStore::DeletePolicyL()")));
+ // Delete the policy from the list of all policies
+
+ TInt itemToDelete = PolicyIndex(aPolicyId);
+
+ if (itemToDelete != KUnfoundIndex)
+ {
+ iPolicyListAll->Delete(itemToDelete);
+ iPolicyListAll->Compress();
+ }
+
+ // Delete the policy also from the list of
+ // visible policies if it happens to be there
+
+ TInt itemToDeleteVisible = PolicyIndexVisible(aPolicyId);
+
+ if (itemToDeleteVisible != KUnfoundIndex)
+ {
+ iPolicyListVisible->Delete(itemToDeleteVisible);
+ iPolicyListVisible->Compress();
+ }
+
+ // Delete the PIN and POL files
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(aPolicyId);
+ HBufC* polFile = iFileUtil.GetPolFileNameLC(aPolicyId);
+
+ if (iFileUtil.FileExists(*pinFile))
+ {
+ iFileUtil.DeleteFileL(*pinFile);
+ }
+
+ if (iFileUtil.FileExists(*polFile))
+ {
+ iFileUtil.DeleteFileL(*polFile);
+ }
+ CleanupStack::PopAndDestroy(2); // polFile, pinFile
+ LOG(Log::Printf(_L("<- CPolicyStore::DeletePolicyL()")));
+ return KErrNone;
+ }
+
+TInt CPolicyStore::PolicyCount()
+ {
+ // The list of policies returned to the caller contains ONLY
+ // visible policies. Thus we return just the count of those.
+ return iPolicyListVisible->Count();
+ }
+
+TInt CPolicyStore::GetPolicyInfo(const TVpnPolicyId& aPolicyId, TVpnPolicyInfo& aPolicyInfo)
+ {
+ TInt policyIndex = PolicyIndex(aPolicyId);
+
+ if (policyIndex == KUnfoundIndex)
+ {
+ return KVpnErrPolicyNotFound;
+ }
+ else
+ {
+ aPolicyInfo = iPolicyListAll->At(policyIndex);
+ return KErrNone;
+ }
+ }
+
+TInt CPolicyStore::GetPolicyDetailsL(
+ const TVpnPolicyId& aPolicyId,
+ TVpnPolicyDetails& aPolicyDetails)
+ {
+ LOG(Log::Printf(_L("-> CPolicyStore::GetPolicyDetailsL()")));
+ TInt policyIndex = PolicyIndex(aPolicyId);
+
+ if (policyIndex == KUnfoundIndex)
+ {
+ LOG(Log::Printf(_L("<- CPolicyStore::GetPolicyDetailsL() (KVpnErrPolicyNotFound)")));
+ return KVpnErrPolicyNotFound;
+ }
+ else
+ {
+ STACK_LEFT;
+
+ // Get static policy information from the PIN file
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(aPolicyId);
+ pinParser->ParsePolicyDetailsL(*pinFile, aPolicyDetails);
+
+ CleanupStack::PopAndDestroy(2); // pinFile, pinParser
+
+ // Find out dynamic policy information from the system
+ aPolicyDetails.iPkiStatus = PolicyPkiStatusL(aPolicyId);
+ aPolicyDetails.iUsageStatus =
+ PolicyUsageStatusL(aPolicyId);
+ // Set the policy ID as well
+ aPolicyDetails.iId.Copy(aPolicyId);
+
+ LOG(Log::Printf(_L("<- CPolicyStore::GetPolicyDetailsL()")));
+ return KErrNone;
+ }
+ }
+
+TInt CPolicyStore::LoadPolicyDataL(const TVpnPolicyId& aPolicyId,
+ HBufC8*& aPolicyData)
+ {
+ TInt policyIndex = PolicyIndex(aPolicyId);
+
+ if (policyIndex == KUnfoundIndex)
+ {
+ return KVpnErrPolicyNotFound;
+ }
+ HBufC* polFile = iFileUtil.GetPolFileNameLC(aPolicyId);
+
+ aPolicyData = iFileUtil.LoadFileDataL(*polFile);
+
+ CleanupStack::PopAndDestroy();
+ return KErrNone;
+ }
+
+void CPolicyStore::AddPolicyL(const TVpnPolicyId& aPolicyId)
+ {
+ LOG(Log::Printf(_L("-> CPolicyStore::AddPolicyL")));
+
+ TVpnPolicyInfo* policyInfo = new (ELeave) TVpnPolicyInfo();
+ CleanupStack::PushL(policyInfo);
+
+ policyInfo->iId = aPolicyId;
+ // Policy name is read from the PIN file
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(aPolicyId);
+
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ pinParser->ParsePolicyInfoL(*pinFile, *policyInfo);
+
+ CleanupStack::PopAndDestroy(pinParser);
+ CleanupStack::PopAndDestroy(pinFile);
+
+ LOG(Log::Printf(_L("pinParser.ParsePolicyInfoL completed")));
+ iPolicyListAll->AppendL(*policyInfo);
+
+ // A visible policy is added also
+ // to the list of visible policies
+ if (!IsHiddenPolicyL(policyInfo->iId))
+ {
+ iPolicyListVisible->AppendL(*policyInfo);
+ }
+
+ CleanupStack::PopAndDestroy(policyInfo);
+ LOG(Log::Printf(_L("<- CPolicyStore::AddPolicyL")));
+ }
+
+TVpnPolicyId CPolicyStore::NewPolicyIdL()
+ {
+ TUuid uuid;
+ TUuidString uuidString;
+
+ Uuid::MakeUuidL(uuid);
+
+ // It has become apparent that certain
+ // Symbian OS devices generate duplicate random
+ // number sequences after gold boot due to improper
+ // seeding of the random number generator. Should
+ // this happen to be the case, we insert at least
+ // one component to the UUID that depends on the
+ // current system time. This is not perfect, but
+ // should give us policy IDs that are unique enough.
+ TTime now;
+ now.UniversalTime();
+ TInt64 randSeed = now.Int64();
+ TInt randomNum = Math::Rand(randSeed);
+ uuid.iTimeLow = static_cast<TUint32>(randomNum);
+
+ Uuid::UuidToString(uuid, uuidString);
+
+ TVpnPolicyId newPolicyId;
+ newPolicyId.Copy(uuidString);
+
+ return newPolicyId;
+ }
+
+TInt CPolicyStore::PolicyIndex(const TVpnPolicyId& aPolicyId)
+ {
+ for (TInt i = 0; i < iPolicyListAll->Count(); i++)
+ {
+ if (iPolicyListAll->At(i).iId.Compare(aPolicyId) == 0)
+ {
+ return i;
+ }
+ }
+ LOG_1("CPolicyStore::PolicyIndex not found:%S", &aPolicyId);
+ return KUnfoundIndex;
+ }
+
+TInt CPolicyStore::PolicyIndexVisible(const TVpnPolicyId& aPolicyId)
+ {
+ for (TInt i = 0; i < iPolicyListVisible->Count(); i++)
+ {
+ if (iPolicyListVisible->At(i).iId.Compare(aPolicyId) == 0)
+ {
+ return i;
+ }
+ }
+ return KUnfoundIndex;
+ }
+
+TPolicyUsageStatus CPolicyStore::PolicyUsageStatusL(
+ const TVpnPolicyId& aPolicyId )
+ {
+
+ LOG(Log::Printf(_L("-> CPolicyStore::PolicyUsageStatusL")));
+
+ STACK_LEFT;
+
+ TPolicyUsageStatus usageStatus = EUsageStatusUnused;
+
+using namespace CMManager;
+ RCmManager cmManager;
+ cmManager.OpenL(); // Do not use LC it's not working yet
+ CleanupClosePushL( cmManager );
+
+ TBool policyActive(EFalse);
+ if (PolicyAssignedToIapL(cmManager, aPolicyId, policyActive))
+ {
+ usageStatus = policyActive ? EUsageStatusActive :
+ EUsageStatusAssignedToIap;
+ }
+ CleanupStack::PopAndDestroy(); // cmManager
+
+ LOG(Log::Printf(_L("<- CPolicyStore::PolicyUsageStatusL")));
+ return usageStatus;
+ }
+
+TBool CPolicyStore::PolicyAssignedToIapL(
+ RCmManager& aCmManager,
+ const TVpnPolicyId& aPolicyId,
+ TBool& aPolicyActive)
+ {
+ STACK_LEFT;
+
+ RArray<TUint32> vpnConnections;
+ ConnectionMethodsLC(
+ vpnConnections, aCmManager, aPolicyId, aPolicyActive );
+
+ TBool policyAssignedToIap( vpnConnections.Count() ? ETrue : EFalse );
+ CleanupStack::PopAndDestroy(); // vpnConnections
+ LOG_1("CPolicyStore::PolicyAssignedToIapL %d", policyAssignedToIap);
+ return policyAssignedToIap;
+ }
+
+void CPolicyStore::ConnectionMethodsLC(
+ RArray<TUint32>& aVpnConnections,
+ RCmManager& aCmManager,
+ const TVpnPolicyId& aPolicyId,
+ TBool& aPolicyActive)
+ {
+using namespace CMManager;
+ LOG_1("CPolicyStore::ConnectionMethodsLC : %S", &aPolicyId);
+ CleanupClosePushL( aVpnConnections );
+
+ aCmManager.ConnectionMethodL(
+ aVpnConnections,
+ ETrue,
+ EFalse,
+ EFalse );
+ LOG_1("CPolicyStore::ConnectionMethodsLC cnt: %d",
+ aVpnConnections.Count());
+
+ TInt index(aVpnConnections.Count());
+
+ while( index )
+ {
+ --index;
+ LOG_1("CPolicyStore::ConnectionMethodsLC at: %d", index);
+ TUint32 id(aVpnConnections[index]);
+ RCmConnectionMethod connectioMethod =
+ aCmManager.ConnectionMethodL( id );
+ CleanupClosePushL( connectioMethod );
+ if( connectioMethod.GetIntAttributeL(ECmBearerType) !=
+ KPluginVPNBearerTypeUid )
+ {
+ aVpnConnections.Remove( index );
+ }
+ else
+ {
+ HBufC* policyId = connectioMethod.GetStringAttributeL(
+ EVpnServicePolicy);
+ if( aPolicyId.Compare( *policyId ) )
+ {
+ aVpnConnections.Remove( index );
+ }
+ else
+ {
+ if( connectioMethod.GetBoolAttributeL(ECmConnected) )
+ {
+ LOG_1("PolicyActiveL:%d", index);
+ aPolicyActive = ETrue;
+ }
+ }
+ delete policyId;
+ }
+ CleanupStack::PopAndDestroy(); // connectioMethod
+ }
+ }
+
+TPolicyPkiStatus CPolicyStore::PolicyPkiStatusL(const TVpnPolicyId& aPolicyId)
+ {
+ HBufC8* policyData;
+
+ if (LoadPolicyDataL(aPolicyId, policyData) != KErrNone)
+ {
+ return EPkiStatusUnknown;
+ }
+
+ CleanupStack::PushL(policyData);
+
+ HBufC* policyData16 = HBufC::NewL(policyData->Length());
+ CleanupStack::PushL(policyData16);
+
+ policyData16->Des().Copy(*policyData);
+
+ CIkeDataArray* ikeDataArray = CIkeDataArray::NewL(1);
+ CleanupStack::PushL(ikeDataArray);
+
+ TIkeParser ikeParser(*policyData16);
+ ikeParser.ParseIKESectionsL(ikeDataArray);
+
+ // Go through each IKE section (VPN gateway definition)
+ // to find out the collective policy PKI status:
+ // - EPkiStatusReady if a valid user certificate is present for
+ // each VPN gateway defined in the policy
+ // - EPkiStatusNoCert if no user certificate is present for
+ // one or more VPN gateway defined in the policy
+ // - EPkiStatusCertExpired if a user certificate related
+ // to one or more VPN gateway has expired
+ // - EPkiStatusCertNotValidYet if a user certificate related
+ // to one or more VPN gateway is not yet valid
+
+ TPolicyPkiStatus policyPkiStatus = EPkiStatusReady;
+
+ for (TInt i = 0; i < ikeDataArray->Count(); i++)
+ {
+ CIkeData* ikeData = ikeDataArray->At(i);
+
+ TCertStatus gwPkiStatus = PolicyCertificateStatusL(ikeData);
+
+ // Determine the overall policy PKI status
+
+ if (gwPkiStatus == ECertValid ||
+ gwPkiStatus == ECertNotNeeded)
+ {
+ continue;
+ }
+ else if (gwPkiStatus == ECertNotFound)
+ {
+ policyPkiStatus = EPkiStatusNoCert;
+ break;
+ }
+ else if (gwPkiStatus == ECertExpired)
+ {
+ policyPkiStatus = EPkiStatusCertExpired;
+ break;
+ }
+ else if (gwPkiStatus == ECertNotValidYet)
+ {
+ policyPkiStatus = EPkiStatusCertNotValidYet;
+ }
+ }
+
+ CleanupStack::PopAndDestroy(3); // ikeDataArray, policyData16, policyData
+
+ return policyPkiStatus;
+ }
+
+
+
+TCertStatus CPolicyStore::PolicyCertificateStatusL(CIkeData* aIkeData) const
+ {
+ LOG(Log::Printf(_L("-> CPolicyStore::PolicyCertificateStatusL()")));
+ TCertStatus status = ECertValid;
+
+ CArrayFixFlat<TCertInfo*> *cAList = aIkeData->iCAList;
+ if ((cAList == NULL || cAList->Count() == 0) &&
+ !aIkeData->iOwnCert.iOwnCertExists)
+ {
+ status = ECertNotNeeded;
+ }
+ else
+ {
+ RPKIServiceAPI pkiService;
+ User::LeaveIfError(pkiService.Connect());
+ CleanupClosePushL(pkiService);
+
+ pkiService.SetInformational(ETrue);
+
+ CDesC8ArrayFlat* caSubjectNameArray = new (ELeave) CDesC8ArrayFlat(2);
+ CleanupStack::PushL(caSubjectNameArray);
+
+ if (cAList != NULL && cAList->Count() > 0)
+ {
+ status = PkiUtil::GetValidCaCertSubjectNameListL(pkiService, *cAList,
+ *caSubjectNameArray);
+ }
+
+ if (status == ECertValid)
+ {
+ // Set store type to device store,
+ // if Own_cert_type is defined as "DEVICE"
+ if ( aIkeData->iClientCertType != NULL )
+ {
+ TPtrC16 certStoreType = aIkeData->iClientCertType->GetData();
+ if ( certStoreType.CompareF(_L("DEVICE")) == 0 )
+ {
+ LOG(Log::Printf(_L("Set store type to STORETYPE_DEVICE")));
+ pkiService.SetStoreType(EPkiStoreTypeDevice);
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Set store type to STORETYPE_USER")));
+ pkiService.SetStoreType(EPkiStoreTypeUser);
+ }
+ }
+ else
+ {
+ LOG(Log::Printf(_L("Set store type to STORETYPE_USER")));
+ pkiService.SetStoreType(EPkiStoreTypeUser);
+ }
+ status = PkiUtil::CheckUserCertValidityL(pkiService, *caSubjectNameArray,
+ aIkeData->iOwnCert);
+ }
+ CleanupStack::PopAndDestroy(caSubjectNameArray);
+ CleanupStack::PopAndDestroy(); //pkiService
+ }
+ LOG(Log::Printf(_L("<- CPolicyStore::PolicyCertificateStatusL()")));
+ return status;
+ }
+
+
+
+void CPolicyStore::EnsureUniquePolicyNameL(const TFileName& aPinFile)
+ {
+ LOG_("-> CPolicyStore::EnsureUniquePolicyNameL");
+
+ // Dynamic allocations to conserve stack space
+
+ TVpnPolicyDetails* policyDetails = new (ELeave) TVpnPolicyDetails();
+ CleanupStack::PushL(policyDetails);
+
+ TPinParser* pinParserP = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParserP);
+
+ pinParserP->ParsePolicyDetailsL(aPinFile, *policyDetails);
+
+ TBool policyNameChanged = DoEnsureUniquePolicyNameL(*policyDetails);
+
+ if (policyNameChanged)
+ {
+ HBufC* pinFileContent = pinParserP->PolicyDetailsAsTextL(*policyDetails);
+ CleanupStack::PushL(pinFileContent);
+
+ iFileUtil.SaveFileDataL(aPinFile, *pinFileContent);
+
+ CleanupStack::PopAndDestroy(pinFileContent); // pinFileContent
+ }
+ CleanupStack::PopAndDestroy(); // pinParserP
+ CleanupStack::PopAndDestroy(); // policyDetails
+
+ LOG_("<- CPolicyStore::EnsureUniquePolicyNameL");
+ }
+
+TBool CPolicyStore::DoEnsureUniquePolicyNameL(TVpnPolicyDetails& aPolicyDetails)
+ {
+
+ LOG(Log::Printf(_L("-> CPolicyStore::DoEnsureUniquePolicyNameL")));
+ TBool nameChanged = EFalse;
+ TBool isUnique = EFalse;
+
+ HBufC* newName = aPolicyDetails.iName.AllocLC();
+ TInt sequenceNumber = 2;
+
+ while (!isUnique && sequenceNumber < KMaxTInt)
+ {
+ if (PolicyNameExists(*newName))
+ {
+ if (newName != NULL)
+ {
+ CleanupStack::PopAndDestroy(newName);
+ LOG_(" Pop (newName)");
+ newName = NULL;
+ }
+ newName = MakeNewPolicyNameL(aPolicyDetails.iName, sequenceNumber);
+ CleanupStack::PushL(newName);
+
+ sequenceNumber++;
+
+ nameChanged = ETrue;
+ }
+ else
+ {
+ isUnique = ETrue;
+ }
+ }
+
+ if (nameChanged)
+ {
+ // We now have a new unique policy name so we can save it
+ // Make sure there's no risk of overflow
+ aPolicyDetails.iName.Copy(newName->Left(aPolicyDetails.iName.MaxLength()));
+ }
+
+ if (newName != NULL)
+ {
+ CleanupStack::PopAndDestroy(); // newName
+ }
+
+ LOG(Log::Printf(_L("<- CPolicyStore::DoEnsureUniquePolicyName")));
+ return nameChanged;
+ }
+
+TBool CPolicyStore::PolicyNameExists(const TDesC& aPolicyName)
+ {
+ LOG_("-> CPolicyStore::PolicyNameExists");
+ TBool policyNameExists = EFalse;
+
+ // Check the name against the existing names
+ for (TInt i = 0; i < iPolicyListAll->Count(); i++)
+ {
+ // Ignore case in the name comparison
+ if (iPolicyListAll->At(i).iName.CompareF(aPolicyName) == 0)
+ {
+ policyNameExists = ETrue;
+ break;
+ }
+ }
+
+ LOG_("<- CPolicyStore::PolicyNameExists");
+ return policyNameExists;
+ }
+
+HBufC* CPolicyStore::MakeNewPolicyNameL(const TDes& aOriginalPolicyName,
+ TInt aSequenceNumber)
+ {
+ LOG_("-> CPolicyStore::MakeNewPolicyName");
+
+ const TInt KMaxSequenceNumberStringLength = 32;
+ _LIT(KSequenceNumberFormat, "(%d)");
+ HBufC* sequenceNumberString = HBufC::NewLC(KMaxSequenceNumberStringLength);
+ sequenceNumberString->Des().Format(KSequenceNumberFormat, aSequenceNumber);
+
+ // New name string to be returned
+ HBufC* retBuf(NULL);
+ // Usage of Trim method in PinParser decreases the length by 2 items
+ TInt spaceLeft = aOriginalPolicyName.MaxLength() - 2 - aOriginalPolicyName.Length();
+ TInt sequenceNumberStringLength = sequenceNumberString->Length();
+
+ if (sequenceNumberStringLength <= spaceLeft)
+ {
+ // There's enough free space for the sequence
+ // number, so we can just add append it
+ LOG_1(" Sequence number string: '%S'", &(*sequenceNumberString));
+
+ // Determine final string length for dynamic allocation
+ TInt len = aOriginalPolicyName.Length() + sequenceNumberString->Length();
+ retBuf = HBufC::NewLC(len);
+
+ // Construct the final name string
+ TPtr16 ptr = retBuf->Des();
+ ptr.Append(aOriginalPolicyName.Left(aOriginalPolicyName.Length()));
+ ptr.Append(sequenceNumberString->Left(sequenceNumberString->Length()));
+ }
+ else
+ {
+ // There's not enough space for the sequence
+ // number so we override the end of the policy
+ // name with the sequence number
+ TInt lengap = sequenceNumberStringLength - spaceLeft;
+
+ // Determine final string length for dynamic allocation
+ TInt len = aOriginalPolicyName.MaxLength();
+ retBuf = HBufC::NewLC(len);
+
+ // Construct the final name string
+ TPtr16 ptr = retBuf->Des();
+ ptr.Append(aOriginalPolicyName.Left(aOriginalPolicyName.Length() - lengap));
+ ptr.Append(sequenceNumberString->Left(sequenceNumberString->Length()));
+ }
+
+ // Just pop, and delete the non-returned value explicitly
+ CleanupStack::Pop(2); // retBuf, sequenceNumberString
+ delete sequenceNumberString;
+
+ LOG_("<- CPolicyStore::MakeNewPolicyName");
+ return retBuf;
+ }
+
+void CPolicyStore::ReplacePolicyL(const TVpnPolicyId& aPolicyToReplace, const TVpnPolicyId& aReplacingPolicy)
+ {
+ CFileInfoContainer* fileInfo = new (ELeave) CFileInfoContainer();
+ CleanupStack::PushL(fileInfo);
+
+ // Construct PIN and POL file names for
+ // both the old and the new policy
+
+ // Ownership is transferred
+ fileInfo->iPinFileToReplace = iFileUtil.GetPinFileNameL(aPolicyToReplace);
+ fileInfo->iPolFileToReplace = iFileUtil.GetPolFileNameL(aPolicyToReplace);
+
+ fileInfo->iReplacingPinFile = iFileUtil.GetPinFileNameL(aReplacingPolicy);
+ fileInfo->iReplacingPolFile = iFileUtil.GetPolFileNameL(aReplacingPolicy);
+
+
+ // Store the name of the old policy (the original name)
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ pinParser->ParsePolicyDetailsL(*fileInfo->iPinFileToReplace, fileInfo->iOldPolicyDetails);
+
+ // Delete the old PIN and POL files (note that this
+ // policy is NOT deleted from the policy list)
+
+ iFileUtil.DeleteFileL(*fileInfo->iPinFileToReplace);
+ iFileUtil.DeleteFileL(*fileInfo->iPolFileToReplace);
+
+ // Rename the new PIN and POL files such
+ // that appear just as updated old files
+
+ iFileUtil.MoveFileL(*fileInfo->iReplacingPinFile, *fileInfo->iPinFileToReplace);
+ iFileUtil.MoveFileL(*fileInfo->iReplacingPolFile, *fileInfo->iPolFileToReplace);
+
+ // Delete the new policy from the policy list
+ // (it has been imported normally and thus appears in the list)
+
+ DeletePolicyL(aReplacingPolicy);
+
+ // Because of import, the updated policy has a sequence number in
+ // its name, get rid of this by reverting to the original policy name
+
+ pinParser->ParsePolicyDetailsL(*fileInfo->iPinFileToReplace, fileInfo->iNewPolicyDetails);
+
+ fileInfo->iNewPolicyDetails.iName.Copy(fileInfo->iOldPolicyDetails.iName);
+
+ HBufC* pinFileContent = pinParser->PolicyDetailsAsTextL(fileInfo->iNewPolicyDetails);
+ CleanupStack::PushL(pinFileContent);
+
+ iFileUtil.SaveFileDataL(*fileInfo->iPinFileToReplace, *pinFileContent);
+
+ CleanupStack::PopAndDestroy(3); // pinFileContent, pinParser, fileInfo
+ }
+
+// New methods to facilitate OMA DM based VPN policy management
+
+void CPolicyStore::AddNewPolicyL(TVpnPolicyDetails& aPolicyDetails, const TDesC8& aPolicyData)
+ {
+
+ LOG(Log::Printf(_L("-> CPolicyStore::AddNewPolicyL()")));
+
+ // A non-empty policy name must be given
+ if (aPolicyDetails.iName.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // Policy data must be present
+ if (aPolicyData.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // If a (globally unique) policy ID
+ // has not been specified, create it
+ if (aPolicyDetails.iId.Length() == 0)
+ {
+ aPolicyDetails.iId.Copy(NewPolicyIdL());
+ }
+
+ // If a policy with the same globally unique ID is already
+ // present, then we cannot be adding a new policy
+ if (PolicyIndex(aPolicyDetails.iId) != KUnfoundIndex)
+ {
+ User::Leave(KErrAlreadyExists);
+ }
+
+ DoEnsureUniquePolicyNameL(aPolicyDetails);
+
+ LOG(Log::Printf(_L("Policy name ensured")));
+
+ // Save policy details to the PIN file
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ HBufC* pinFileContent = pinParser->PolicyDetailsAsTextL(aPolicyDetails);
+ CleanupStack::PushL(pinFileContent);
+
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(aPolicyDetails.iId);
+
+ iFileUtil.SaveFileDataL(*pinFile, *pinFileContent);
+
+ CleanupStack::PopAndDestroy(3); // pinFile, pinFileContent, pinParser
+
+ LOG(Log::Printf(_L(" File data saved")));
+
+ // Save policy data to the POL file
+
+ HBufC* polFile = iFileUtil.GetPolFileNameLC(aPolicyDetails.iId);
+
+ iFileUtil.SaveFileDataL(*polFile, aPolicyData);
+ CleanupStack::PopAndDestroy(polFile);
+
+ // Add the policy to the policy list
+ AddPolicyL(aPolicyDetails.iId);
+ LOG(Log::Printf(_L("<- CPolicyStore::AddNewPolicyL()")));
+ }
+
+void CPolicyStore::UpdatePolicyDetailsL(TVpnPolicyDetails& aPolicyDetails)
+ {
+ TVpnPolicyId policyId;
+ policyId.Copy(aPolicyDetails.iId);
+
+ // The caller must specify the ID of the policy to be updated
+ if (policyId.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // A non-empty policy name must be specified, too
+ if (aPolicyDetails.iName.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // Make sure that the specified policy is present
+ TInt policyIndex = PolicyIndex(policyId);
+ if (policyIndex == KUnfoundIndex)
+ {
+ User::Leave(KVpnErrPolicyNotFound);
+ }
+
+ // See if the new name is different from the existing one
+ if (iPolicyListAll->At(policyIndex).iName.CompareF(aPolicyDetails.iName) != 0)
+ {
+ // Make sure that the new name remains to be unique
+ DoEnsureUniquePolicyNameL(aPolicyDetails);
+ }
+
+ // Save policy details to the PIN file
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ HBufC* pinFileContent = pinParser->PolicyDetailsAsTextL(aPolicyDetails);
+ CleanupStack::PushL(pinFileContent);
+
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(policyId);
+ iFileUtil.SaveFileDataL(*pinFile, *pinFileContent);
+
+ CleanupStack::PopAndDestroy(3); // pinFile, pinFileContent, pinParser
+
+ // Update the policy name in the policy list as the name may have changed
+ iPolicyListAll->At(policyIndex).iName.Copy(aPolicyDetails.iName);
+
+ UpdateVisiblePolicyInfoL(aPolicyDetails);
+ }
+
+void CPolicyStore::UpdateVisiblePolicyInfoL(const TVpnPolicyDetails& aPolicyDetails)
+ {
+ TVpnPolicyId policyId = aPolicyDetails.iId;
+
+ // Find out whether the policy is hidden or visible
+ TBool isHiddenPolicy = IsHiddenPolicyL(policyId);
+
+ // See if the policy is in the list of visible ones
+ TInt policyIndexVisible = PolicyIndexVisible(policyId);
+
+ // If the policy is NOT in the visible list
+ if (policyIndexVisible == KUnfoundIndex)
+ {
+ // If the policy is _no_longer_ hidden, add
+ // it to the list of visible policies
+ if (!isHiddenPolicy)
+ {
+ iPolicyListVisible->AppendL(static_cast<TVpnPolicyInfo>(aPolicyDetails));
+ }
+ }
+ else // The policy IS in the visible list
+ {
+ // If the policy is _now_ hidden, remove
+ // it from the list of visible ones
+ if (isHiddenPolicy)
+ {
+ iPolicyListVisible->Delete(policyIndexVisible);
+ iPolicyListVisible->Compress();
+ }
+ else
+ {
+ // Otherwise update the policy name of the policy in the
+ // list of visible policies as the name may have changed
+ iPolicyListVisible->At(policyIndexVisible).iName.Copy(aPolicyDetails.iName);
+ }
+ }
+ }
+
+void CPolicyStore::UpdatePolicyDataL(
+ const TVpnPolicyId& aPolicyId, const TDesC8& aPolicyData)
+ {
+ // The caller must specify the ID of the policy to be updated
+ if (aPolicyId.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // Policy data must be present
+ if (aPolicyData.Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ // Make sure that the policy is present
+ if (PolicyIndex(aPolicyId) == KUnfoundIndex)
+ {
+ User::Leave(KVpnErrPolicyNotFound);
+ }
+
+ // Save policy data to the POL file
+
+ HBufC* polFile = iFileUtil.GetPolFileNameLC(aPolicyId);
+ iFileUtil.SaveFileDataL(*polFile, aPolicyData);
+ CleanupStack::PopAndDestroy(polFile);
+ }
+
+TBool CPolicyStore::IsHiddenPolicyL(const TVpnPolicyId& aPolicyId)
+ {
+ TVpnPolicyDetails* policyDetails = new (ELeave) TVpnPolicyDetails();
+ CleanupStack::PushL(policyDetails);
+
+ TPinParser* pinParser = new (ELeave) TPinParser(iFileUtil);
+ CleanupStack::PushL(pinParser);
+
+ HBufC* pinFile = iFileUtil.GetPinFileNameLC(aPolicyId);
+
+ pinParser->ParsePolicyDetailsL(*pinFile, *policyDetails);
+ CleanupStack::PopAndDestroy(2); // pinFile, pinParser
+
+ // A policy is marked as hidden if it's description
+ // field contains the "hidden indicator" string
+ if (policyDetails->iDescription.FindF(KHiddenPolicyIndicator) !=
+ KErrNotFound)
+ {
+ CleanupStack::PopAndDestroy(); // policyDetails
+ return ETrue;
+ }
+ else
+ {
+ CleanupStack::PopAndDestroy(); // policyDetails
+ return EFalse;
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/pwdchanger.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Handles the calling of PKI Service Server module’s password change function.
+*
+*/
+
+
+
+#include "pwdchanger.h"
+#include "vpnapiservant.h"
+
+CPwdChanger* CPwdChanger::NewL(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant)
+ {
+ CPwdChanger* self = new (ELeave) CPwdChanger(aMessage, aVpnApiServant);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CPwdChanger::CPwdChanger(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant) :
+ CActive(0), iMessage(aMessage), iVpnApiServant(aVpnApiServant)
+ {
+ }
+
+void CPwdChanger::ConstructL()
+ {
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iPkiService.Connect());
+ }
+
+CPwdChanger::~CPwdChanger()
+ {
+ Cancel();
+ iPkiService.Close();
+ }
+
+void CPwdChanger::ChangePassword()
+ {
+ iPkiService.ChangePassword(iStatus);
+ SetActive();
+ }
+
+void CPwdChanger::DoCancel()
+ {
+ iPkiService.CancelPendingOperation();
+ iMessage.Complete(KErrCancel);
+ }
+
+void CPwdChanger::RunL()
+ {
+ iMessage.Complete(iStatus.Int());
+ iVpnApiServant.PasswordChangeComplete();
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/requestdispatcher.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,58 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Dispatches requests from clients (API) to CVpnApiServant.
+*
+*/
+
+#include "requestdispatcher.h"
+#include "vpnapiservant.h"
+
+
+CRequestDispatcher* CRequestDispatcher::NewL(RFs& aFs)
+ {
+ CRequestDispatcher* self = new (ELeave) CRequestDispatcher(aFs);
+ CleanupStack::PushL(self) ;
+ self->ConstructL() ;
+ CleanupStack::Pop(self);
+ return self ;
+ }
+
+void CRequestDispatcher::ConstructL()
+ {
+ iVpnApiServant = CVpnApiServant::NewL(iFs);
+ }
+
+CRequestDispatcher::CRequestDispatcher(RFs& aFs)
+ : iFs(aFs)
+ {
+ }
+
+CRequestDispatcher::~CRequestDispatcher()
+ {
+ delete iVpnApiServant;
+ }
+
+TBool CRequestDispatcher::ServiceL(const RMessage2& aMessage, CSession2* /*aSession*/)
+ {
+ TBool requestHandled = EFalse;
+
+ requestHandled = iVpnApiServant->ServiceL(aMessage);
+
+ if (!requestHandled)
+ {
+ User::Leave(KErrNotSupported);
+ }
+
+ return requestHandled;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/uuid.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,125 @@
+/*
+* Copyright (c) 2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Create a new UID for the policy.
+*
+*/
+
+
+
+#include <random.h>
+
+#include "uuid.h"
+
+void Uuid::MakeUuidL(TUuid& aUuid, TUuidVersion aVersion)
+/**
+ * Generate a UUID of the specified version.
+ * NOTE. As of this writing, only version 4
+ * (ERandomBased) is supported
+ **/
+ {
+ // We currently support only version 4
+ if (aVersion != ERandomBased)
+ {
+ User::Leave(KErrNotSupported);
+ }
+
+ /* Fill UUID with random data */
+ RandomizeL(aUuid);
+
+ /* Brand UUID with version and variant */
+ Brand(aUuid, aVersion);
+ }
+
+void Uuid::RandomizeL(TUuid& aUuid)
+/**
+ * Fill the UUID with pseudo-random data
+ */
+ {
+ // Delegate the task to the Symbian Random Number Generator
+ // (we trust that it is the best alternative available)
+
+ TPckg<TUuid> pckgUuid(aUuid);
+ TRandom::RandomL(pckgUuid);
+ }
+
+void Uuid::Brand(TUuid& aUuid, TUuidVersion aVersion)
+/**
+ * Set variant and version information to the UUID
+ */
+ {
+ // We currently support only UUID version 4
+ if (aVersion != ERandomBased)
+ {
+ return;
+ }
+
+ // First set the variant information to value:
+ // Msb0 Msb1 Msb2
+ // 1 0 x
+ // as specified in draft-mealling-uuid-urn-05.txt
+ // (a variable number of the most significant bits
+ // of the eight octet of the UUID, i.e. the
+ // clock_seq_hi_and_reserved octet)
+ aUuid.iClockSeqHiAndReserved &= 0x3F; // Set Msb0 and Msb1 to 0, take the rest "as-is"
+ aUuid.iClockSeqHiAndReserved |= (1 << 7); // Set Msb0 to 1
+
+ // Then set the version number to indicate version 4
+ // Msb0 Msb1 Msb2 Msb3
+ // 0 1 0 0
+ // as specified in draft-mealling-uuid-urn-05.txt
+ // (in the most significant four bits of the time
+ // stamp)
+ aUuid.iTimeHiAndVersion &= 0x0FFF; // Set Msb0-Msb3 to 0, take the rest "as-is"
+ aUuid.iTimeHiAndVersion |= (1 << 14); // Set Msb1 to 1
+ }
+
+void Uuid::UuidToString(const TUuid& aUuid, TUuidString& aUuidString)
+/**
+ * Create and return a string representation of the given UUID.
+ * E.g. f81d4fae-7dec-11d0-a765-00a0c91e6bf6
+ */
+ {
+ aUuidString.Format(KUuidFormatString,
+ static_cast<TUint>(aUuid.iTimeLow),
+ static_cast<TUint>(aUuid.iTimeMid),
+ static_cast<TUint>(aUuid.iTimeHiAndVersion),
+ static_cast<TUint>(aUuid.iClockSeqHiAndReserved),
+ static_cast<TUint>(aUuid.iClockSeqLow),
+ static_cast<TUint>(aUuid.iNode[0]),
+ static_cast<TUint>(aUuid.iNode[1]),
+ static_cast<TUint>(aUuid.iNode[2]),
+ static_cast<TUint>(aUuid.iNode[3]),
+ static_cast<TUint>(aUuid.iNode[4]),
+ static_cast<TUint>(aUuid.iNode[5]));
+ }
+
+void Uuid::UuidToString(const TUuid& aUuid, TUuidString8& aUuidString)
+/**
+ * Create and return a string representation of the given UUID.
+ * E.g. f81d4fae-7dec-11d0-a765-00a0c91e6bf6
+ */
+ {
+ aUuidString.Format(KUuidFormatString8,
+ static_cast<TUint>(aUuid.iTimeLow),
+ static_cast<TUint>(aUuid.iTimeMid),
+ static_cast<TUint>(aUuid.iTimeHiAndVersion),
+ static_cast<TUint>(aUuid.iClockSeqHiAndReserved),
+ static_cast<TUint>(aUuid.iClockSeqLow),
+ static_cast<TUint>(aUuid.iNode[0]),
+ static_cast<TUint>(aUuid.iNode[1]),
+ static_cast<TUint>(aUuid.iNode[2]),
+ static_cast<TUint>(aUuid.iNode[3]),
+ static_cast<TUint>(aUuid.iNode[4]),
+ static_cast<TUint>(aUuid.iNode[5]));
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/vpnapiservant.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,480 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles API requests for VPN Manager.
+*
+*/
+
+
+
+#include "vpnapiservant.h"
+#include "policystore.h"
+#include "policyimporter.h"
+#include "pwdchanger.h"
+#include "vpnapidefs.h"
+#include "vpnmanagerserverdefs.h"
+#include "vpnmaninternal.h"
+#include "log_r6.h"
+
+
+CVpnApiServant* CVpnApiServant::NewL(RFs& aFs)
+ {
+ CVpnApiServant* self = new (ELeave) CVpnApiServant(aFs);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(); // self
+ return self;
+ }
+
+CVpnApiServant::CVpnApiServant(RFs& aFs) : iFs(aFs)
+ {
+ }
+
+void CVpnApiServant::ConstructL()
+ {
+ iPolicyStore = CPolicyStore::NewL(iFs);
+ INIT_EVENT_LOGGER(*iPolicyStore);
+ }
+
+CVpnApiServant::~CVpnApiServant()
+ {
+ delete iPolicyStore;
+ RELEASE_EVENT_LOGGER;
+ }
+
+TBool CVpnApiServant::ServiceL(const RMessage2& aMessage)
+ {
+ TBool requestHandled = ETrue;
+
+ switch (aMessage.Function())
+ {
+ case EVpnImportPolicy:
+ ImportPolicyL(aMessage);
+ break;
+
+ case EVpnCancelImport:
+ CancelImportPolicy(aMessage);
+ break;
+
+ case EVpnEnumeratePolicies:
+ EnumeratePoliciesL(aMessage);
+ break;
+
+ case EVpnGetPolicyInfo:
+ GetPolicyInfoL(aMessage);
+ break;
+
+ case EVpnGetPolicyDetails:
+ GetPolicyDetailsL(aMessage);
+ break;
+
+ case EVpnDeletePolicy:
+ DeletePolicyL(aMessage);
+ break;
+
+ case EVpnChangePassword:
+ ChangePasswordL(aMessage);
+ break;
+
+ case EVpnCancelChange:
+ CancelChangePassword(aMessage);
+ break;
+
+ case EVpnGetPolicySize:
+ GetPolicySizeL(aMessage);
+ break;
+
+ case EVpnGetPolicyData:
+ GetPolicyDataL(aMessage);
+ break;
+
+ // New methods (to facilitate
+ // OMA DM based policy management)
+
+ case EVpnAddPolicy:
+ AddPolicyL(aMessage);
+ break;
+
+ case EVpnUpdatePolicyDetails:
+ UpdatePolicyDetailsL(aMessage);
+ break;
+
+ case EVpnUpdatePolicyData:
+ UpdatePolicyDataL(aMessage);
+ break;
+
+ default:
+ requestHandled = EFalse;
+ break;
+ }
+
+ return requestHandled;
+ }
+
+void CVpnApiServant::ImportPolicyL(const RMessage2& aMessage)
+ {
+ if (iPolicyImporter)
+ {
+ aMessage.Complete(KVpnErrImportOngoing);
+ }
+ else
+ {
+ TInt len = aMessage.GetDesLength(0);
+ HBufC* input = HBufC::NewL(len);
+ CleanupStack::PushL(input);
+
+ TPtr ptrInput = input->Des();
+ aMessage.ReadL(FIRST_ARGUMENT, ptrInput);
+
+ if (input->Length() > 0)
+ {
+ iPolicyImporter = CPolicyImporter::NewL(aMessage, *this, *iPolicyStore, iFs);
+ iPolicyImporter->ImportPolicyL(*input);
+ }
+ else
+ {
+ aMessage.Complete(KVpnErrPolicyNotFound);
+ }
+
+ CleanupStack::PopAndDestroy(); // input
+ }
+ }
+
+void CVpnApiServant::ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId,
+ TRequestStatus& aStatus)
+ {
+ if (iPolicyImporter)
+ {
+ User::Leave(KVpnErrImportOngoing);
+ }
+ else
+ {
+ iPolicyImporter = CPolicyImporter::NewL(aStatus, *this, *iPolicyStore, iFs);
+ aStatus = KRequestPending;
+ iPolicyImporter->ImportSinglePolicyL(aDir, aNewPolicyId);
+ }
+ }
+
+void CVpnApiServant::CancelImportPolicy(const RMessage2& aMessage)
+ {
+ if (iPolicyImporter)
+ {
+ iPolicyImporter->Cancel();
+ delete iPolicyImporter;
+ iPolicyImporter = NULL;
+ }
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::CancelImportSinglePolicy()
+ {
+ if (iPolicyImporter)
+ {
+ iPolicyImporter->Cancel();
+ delete iPolicyImporter;
+ iPolicyImporter = NULL;
+ }
+ }
+
+void CVpnApiServant::PolicyImportComplete()
+ {
+ delete iPolicyImporter;
+ iPolicyImporter = NULL;
+ }
+
+void CVpnApiServant::EnumeratePoliciesL(const RMessage2& aMessage)
+ {
+ TInt policyCount = iPolicyStore->PolicyCount();
+
+ TPckg<TInt> pckgPolicyCount(policyCount);
+ aMessage.WriteL(FIRST_ARGUMENT, pckgPolicyCount);
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::GetPolicyInfoL(const RMessage2& aMessage)
+ {
+ TInt expectedPolicyCount = aMessage.Int0();
+
+ if (expectedPolicyCount != iPolicyStore->PolicyCount())
+ {
+ aMessage.Complete(KVpnErrPolicyCountChanged);
+ return;
+ }
+
+ TUint8* rawPolicyData = iPolicyStore->RawPolicyData();
+
+ // Write the state array back to the client's address space
+ TPtrC8 policyData(rawPolicyData, expectedPolicyCount * sizeof(TVpnPolicyInfo));
+
+ aMessage.WriteL(SECOND_ARGUMENT, policyData);
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::GetPolicyDetailsL(const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CVpnApiServant::GetPolicyDetailsL")));
+
+ TVpnPolicyId policyId;
+ TPckg<TVpnPolicyId> pckgPolicyId(policyId);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyId);
+
+ TVpnPolicyDetails policyDetails;
+ TInt ret = iPolicyStore->GetPolicyDetailsL(policyId, policyDetails);
+
+ if (ret == KErrNone)
+ {
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(policyDetails);
+ aMessage.WriteL(SECOND_ARGUMENT, pckgPolicyDetails);
+ }
+
+
+ aMessage.Complete(ret);
+
+ LOG(Log::Printf(_L("CVpnApiServant::GetPolicyDetailsL: aMesage completed withd %d"), ret));
+ }
+
+void CVpnApiServant::DeletePolicyL(const RMessage2& aMessage)
+ {
+ TVpnPolicyId policyId;
+ TPckg<TVpnPolicyId> pckgPolicyId(policyId);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyId);
+
+ TVpnPolicyDetails *policyDetails = new (ELeave) TVpnPolicyDetails;
+ CleanupStack::PushL(policyDetails);
+
+ iPolicyStore->GetPolicyDetailsL(policyId, *policyDetails);
+ iPolicyStore->DeletePolicyL(policyId);
+
+
+ HBufC8* tempBuf = HBufC8::NewLC(policyDetails->iName.Length());
+ tempBuf->Des().Copy(policyDetails->iName);
+
+ LOG_EVENT(R_VPN_MSG_DELETED_POLICY, tempBuf, NULL, 0, 0);
+
+ CleanupStack::PopAndDestroy(2); //tempBuf, policyDetails
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::ChangePasswordL(const RMessage2& aMessage)
+ {
+ if (iPwdChanger)
+ {
+ aMessage.Complete(KVpnErrPwdChangeOngoing);
+ }
+ else
+ {
+ iPwdChanger = CPwdChanger::NewL(aMessage, *this);
+ iPwdChanger->ChangePassword();
+ }
+ }
+
+void CVpnApiServant::CancelChangePassword(const RMessage2& aMessage)
+ {
+ if (iPwdChanger)
+ {
+ iPwdChanger->Cancel();
+ delete iPwdChanger;
+ iPwdChanger = NULL;
+ }
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::PasswordChangeComplete()
+ {
+ delete iPwdChanger;
+ iPwdChanger = NULL;
+ }
+
+void CVpnApiServant::GetPolicySizeL(const RMessage2& aMessage)
+ {
+ TVpnPolicyId policyId;
+ TPckg<TVpnPolicyId> pckgPolicyId(policyId);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyId);
+
+ TInt policySize = PolicySizeL(policyId);
+
+ TPckg<TInt> pckgPolicySize(policySize);
+ aMessage.WriteL(SECOND_ARGUMENT, pckgPolicySize);
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::GetPolicyDataL(const RMessage2& aMessage)
+ {
+ TVpnPolicyId policyId;
+ TPckg<TVpnPolicyId> pckgPolicyId(policyId);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyId);
+
+ TInt expectedPolicySize;
+ TPckg<TInt> pckgExpectedPolicySize(expectedPolicySize);
+
+ aMessage.ReadL(SECOND_ARGUMENT, pckgExpectedPolicySize);
+
+ TInt currentPolicySize = PolicySizeL(policyId);
+
+ if (expectedPolicySize != currentPolicySize)
+ {
+ aMessage.Complete(KVpnErrPolicySizeChanged);
+ return;
+ }
+
+ HBufC8* policyData = NULL;
+ User::LeaveIfError(iPolicyStore->LoadPolicyDataL(policyId, policyData));
+ CleanupStack::PushL(policyData);
+
+ aMessage.WriteL(THIRD_ARGUMENT, *policyData);
+
+ CleanupStack::PopAndDestroy(); // policyData
+
+ aMessage.Complete(KErrNone);
+ }
+
+CPolicyStore* CVpnApiServant::PolicyStore()
+ {
+ return iPolicyStore;
+ }
+
+TInt CVpnApiServant::PolicySizeL(const TVpnPolicyId& aPolicyId)
+ {
+ HBufC8* policyData = NULL;
+
+ User::LeaveIfError(iPolicyStore->LoadPolicyDataL(aPolicyId, policyData));
+ TInt policySize = policyData->Size();
+ delete policyData;
+
+ return policySize;
+ }
+
+// New methods to facilitate OMA DM based VPN policy management
+
+void CVpnApiServant::AddPolicyL(const RMessage2& aMessage)
+ {
+
+ LOG(Log::Printf(_L("CVpnApiServant::AddPolicyL")));
+
+ // Read policy details
+ TVpnPolicyDetails *policyDetails = new (ELeave) TVpnPolicyDetails;
+ CleanupStack::PushL(policyDetails);
+
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(*policyDetails);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyDetails);
+
+ // Read policy data
+ TInt len = aMessage.GetDesLength(SECOND_ARGUMENT);
+ HBufC8* policyData = HBufC8::NewL(len);
+ CleanupStack::PushL(policyData);
+
+ TPtr8 ptrPolicyData = policyData->Des();
+ aMessage.ReadL(SECOND_ARGUMENT, ptrPolicyData);
+
+
+ LOG(Log::Printf(_L("Calling: iPolicyStore->AddNewPolicyL")));
+ // Add the policy to the policy store
+ TRAPD(err, iPolicyStore->AddNewPolicyL(*policyDetails, *policyData));
+ if (err == KErrNone)
+ {
+ TBuf<20> serverName(_L("VPN DM Server"));
+ TPtrC8 tempCastPtr8(reinterpret_cast<const TUint8*>(serverName.Ptr()), serverName.Length() * 2);
+ LOG_EVENT(R_VPN_MSG_INSTALLED_POLICY_SERVER, &(policyDetails->iId),
+ &tempCastPtr8, err, EFalse);
+ }
+ else
+ {
+ LOG_EVENT(R_VPN_MSG_INSTALLED_POLICY_SERVER, &(policyDetails->iId), NULL,
+ err, EFalse);
+ User::Leave(err);
+ }
+
+ LOG(Log::Printf(_L("Writing back policy details")));
+ // Write back the possibly changed policy details
+ aMessage.WriteL(FIRST_ARGUMENT, pckgPolicyDetails);
+
+ CleanupStack::PopAndDestroy(policyData);
+ CleanupStack::PopAndDestroy(); //policyDetails
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::UpdatePolicyDetailsL(const RMessage2& aMessage)
+ {
+ LOG(Log::Printf(_L("CVpnApiServant::UpdatePolicyDetailsL")));
+
+ // Read policy details
+ TVpnPolicyDetails* policyDetails = new (ELeave) TVpnPolicyDetails;
+ CleanupStack::PushL(policyDetails);
+
+ TPckg<TVpnPolicyDetails> pckgPolicyDetails(*policyDetails);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyDetails);
+
+ // Update the policy details
+ TRAPD(err, iPolicyStore->UpdatePolicyDetailsL(*policyDetails));
+ if (err != KErrNone)
+ {
+ LOG_EVENT(R_VPN_MSG_INSTALLED_POLICY_SERVER, &(policyDetails->iId), NULL,
+ err, ETrue);
+ User::Leave(err);
+ }
+
+ // Write back the possibly changed policy details
+ aMessage.WriteL(FIRST_ARGUMENT, pckgPolicyDetails);
+
+ CleanupStack::PopAndDestroy(); //policyDetails
+
+ aMessage.Complete(KErrNone);
+ }
+
+void CVpnApiServant::UpdatePolicyDataL(const RMessage2& aMessage)
+ {
+ // Read policy ID
+ TVpnPolicyId policyId;
+ TPckg<TVpnPolicyId> pckgPolicyId(policyId);
+
+ aMessage.ReadL(FIRST_ARGUMENT, pckgPolicyId);
+
+ // Read policy data
+ TInt len = aMessage.GetDesLength(SECOND_ARGUMENT);
+ HBufC8* policyData = HBufC8::NewL(len);
+ CleanupStack::PushL(policyData);
+
+ TPtr8 ptrPolicyData = policyData->Des();
+ aMessage.ReadL(SECOND_ARGUMENT, ptrPolicyData);
+
+ // Update the policy data
+ TRAPD(err, iPolicyStore->UpdatePolicyDataL(policyId, *policyData));
+ if (err == KErrNone)
+ {
+ TBufC8<20> serverName(_L8("VPN DM Server"));
+ LOG_EVENT(R_VPN_MSG_INSTALLED_POLICY_SERVER, &policyId,
+ &serverName, err, ETrue);
+ }
+ else
+ {
+ LOG_EVENT(R_VPN_MSG_INSTALLED_POLICY_SERVER, &policyId, NULL,
+ err, ETrue);
+ User::Leave(err);
+ }
+ CleanupStack::PopAndDestroy(); // policyData
+
+ aMessage.Complete(KErrNone);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/vpnmanagerserver.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,135 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Server component for VPN Manager, used by VPN API.
+*
+*/
+
+#include <e32svr.h>
+#include <e32math.h>
+
+#include "vpnmanagerserver.h"
+#include "vpnmanagersession.h"
+#include "requestdispatcher.h"
+
+
+const TUint CVpnManagerServer::iVpnManRangeCount = 3;
+
+const TInt CVpnManagerServer::iVpnManRanges[iVpnManRangeCount] =
+ {
+ 0,
+ EVpnImportPolicy,
+ EVpnUpdatePolicyData+1
+ };
+
+const TUint8 CVpnManagerServer::iVpnManElementIndex[iVpnManRangeCount] =
+ {
+ CPolicyServer::ENotSupported,
+ 0,
+ CPolicyServer::ENotSupported
+ };
+
+const CPolicyServer::TPolicyElement CVpnManagerServer::iVpnManElements[] =
+ {
+ {_INIT_SECURITY_POLICY_C1(ECapabilityNetworkControl), CPolicyServer::EFailClient},
+ };
+
+const CPolicyServer::TPolicy CVpnManagerServer::iVpnManPolicy =
+ {
+ 0, // All connect attempts are checked
+ iVpnManRangeCount, // Count of ranges
+ iVpnManRanges, // 0-999, 1000-1008, 1009...
+ iVpnManElementIndex, // Only range 1000-1008 are checked
+ iVpnManElements // The list of policy elements
+ };
+
+CVpnManagerServer::CVpnManagerServer(TInt aPriority) : CPolicyServer(aPriority,iVpnManPolicy)
+ {
+ }
+
+CVpnManagerServer::~CVpnManagerServer()
+ {
+ delete iRequestDispatcher;
+ iFs.Close();
+ }
+
+CVpnManagerServer* CVpnManagerServer::NewL()
+ {
+ CVpnManagerServer* server = CVpnManagerServer::NewLC();
+ CleanupStack::Pop(); // server
+ return server;
+ }
+
+CVpnManagerServer* CVpnManagerServer::NewLC()
+ {
+ CVpnManagerServer* server = new (ELeave) CVpnManagerServer(EPriorityNormal);
+ CleanupStack::PushL(server);
+ server->ConstructL();
+ return server;
+ }
+
+void CVpnManagerServer::ConstructL()
+ {
+ User::LeaveIfError(iFs.Connect());
+ User::LeaveIfError(iFs.CreatePrivatePath(EDriveC));
+ iRequestDispatcher = CRequestDispatcher::NewL(iFs);
+ StartL(KVpnManagerServer);
+ }
+
+CSession2* CVpnManagerServer::NewSessionL(
+ const TVersion &aVersion,
+ const RMessage2& /*aMessage*/) const
+ {
+ // Check that the client is requesting a session with the right version
+ if (!User::QueryVersionSupported(TVersion(KVpnManagerMajorVersionNumber,
+ KVpnManagerMinorVersionNumber,
+ KVpnManagerBuildVersionNumber),
+ aVersion))
+ {
+ User::Leave(KErrNotSupported);
+ }
+
+ // Make new session
+ return CVpnManagerSession::NewL(*const_cast<CVpnManagerServer*>(this),
+ *iRequestDispatcher);
+ }
+
+void CVpnManagerServer::IncrementSessions()
+ {
+ iSessionCount++;
+ }
+
+void CVpnManagerServer::DecrementSessions()
+ {
+ iSessionCount--;
+
+ // Terminate the server when there are no clients left
+ if (iSessionCount <= 0)
+ {
+ CActiveScheduler::Stop();
+ }
+ }
+
+TInt CVpnManagerServer::RunError(TInt aError)
+ {
+ Message().Complete(aError);
+
+ // The leave will result in an early return from CServer::RunL(),
+ // skipping the call to request another message. So we issue the
+ // request here in order to keep the server running.
+ ReStart();
+
+ // Handled the error fully
+ return KErrNone;
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/vpnmanagersession.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,62 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles client requests.
+*
+*/
+
+
+
+#include "vpnmanagerserver.h"
+#include "vpnmanagerserverdefs.h"
+#include "vpnmanagersession.h"
+#include "requestdispatcher.h"
+#include <e32svr.h>
+
+CVpnManagerSession* CVpnManagerSession::NewL(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher)
+ {
+ CVpnManagerSession* self = CVpnManagerSession::NewLC(aServer, aRequestDispatcher);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CVpnManagerSession* CVpnManagerSession::NewLC(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher)
+ {
+ CVpnManagerSession* self = new (ELeave) CVpnManagerSession(aServer, aRequestDispatcher);
+ CleanupStack::PushL(self) ;
+ self->ConstructL() ;
+ return self ;
+ }
+
+CVpnManagerSession::CVpnManagerSession(CVpnManagerServer& aServer,
+ CRequestDispatcher& aRequestDispatcher)
+ : iServer(aServer), iRequestDispatcher(aRequestDispatcher)
+ {
+ }
+
+void CVpnManagerSession::ConstructL()
+ {
+ iServer.IncrementSessions();
+ }
+
+CVpnManagerSession::~CVpnManagerSession()
+ {
+ iServer.DecrementSessions();
+ }
+
+void CVpnManagerSession::ServiceL(const RMessage2& aMessage)
+ {
+ iRequestDispatcher.ServiceL(aMessage, this);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpnmanager/src/vpnmanagerstarter.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Creates and starts VPN Manager server.
+*
+*/
+
+
+
+#include "srvstarter.h"
+#include "vpnmanagerserverdefs.h"
+#include "vpnmanagerserver.h"
+
+CServer2* Starter::CreateAndStartServerL()
+ {
+ return CVpnManagerServer::NewL();
+ }
+
+TPtrC Starter::ServerName()
+ {
+ return KVpnManagerServer().Mid(0);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/EABI/vpntcwrapperU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,5 @@
+EXPORTS
+ _Z10NewTcStubLv @ 1 NONAME
+ _ZTI13CVpnTcWrapper @ 2 NONAME ; #<TI>#
+ _ZTV13CVpnTcWrapper @ 3 NONAME ; #<VT>#
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/bwins/vpntcwrapperU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?NewTcStubL@@YAPAVCVpnTcStub@@XZ @ 1 NONAME ; class CVpnTcStub * NewTcStubL(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build info file for vpntcwrapper
+*
+*/
+
+
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpntcwrapper.mmp
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/group/vpntcwrapper.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Wrapper class for dynamic, terminal-dependent device lock access
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+TARGET vpntcwrapper.dll
+TARGETTYPE dll
+
+
+UID 0x1000008d 0x101F6D3F
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+
+SOURCE vpntcwrapper.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpncommon/inc
+USERINCLUDE ../../../vpnui/vpnpolins/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY euser.lib utlbase64.lib
+LIBRARY utlcrypto.lib asn1.lib
+LIBRARY crpkcs12.lib
+LIBRARY pkiserviceapi.lib
+LIBRARY crypto.lib
+LIBRARY efsrv.lib
+LIBRARY sysutil.lib
+LIBRARY terminalcontrol.lib
+
+DEBUGLIBRARY flogger.lib
+
+CAPABILITY ALL -Tcb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/inc/vpntcwrapper.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,50 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKCS#12 data handler
+*
+*/
+
+
+
+#ifndef __VPNTCWRAPPER_H__
+#define __VPNTCWRAPPER_H__
+
+#include <f32file.h>
+#include <TerminalControl3rdPartyAPI.h>
+#include <TerminalControl.h>
+
+#include "vpntcstub.h"
+
+class CVpnTcWrapper : public CVpnTcStub
+ {
+/////////////////////////////
+// Public functions
+/////////////////////////////
+public:
+ virtual void SetTCAttributeL(const TInt aAttribId,
+ const TDesC8& aVal);
+ virtual HBufC8* GetTCAttributeL(TInt aAttribId);
+ virtual void ConnectToDevLockL();
+
+ virtual ~CVpnTcWrapper();
+
+private:
+ RTerminalControl iTc;
+ RTerminalControl3rdPartySession iTs;
+ TBool iConnected;
+
+ };
+
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/rom/vpntcwrapper.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,39 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: ROM build file for VPN TC wrapper module.
+*
+*/
+
+
+
+#ifndef __VPNTCWRAPPER_IBY__
+#define __VPNTCWRAPPER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNTCWRAPPER not included in this rom
+
+#else
+
+#ifdef __SAP_TERMINAL_CONTROL_FW
+#ifdef __SAP_POLICY_MANAGEMENT
+
+file=ABI_DIR\BUILD_DIR\vpntcwrapper.dll SHARED_LIB_DIR\vpntcwrapper.dll
+
+#endif //__SAP_POLICY_MANAGEMENT
+#endif //__SAP_TERMINAL_CONTROL_FW
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNTCWRAPPER_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/vpntcwrapper/src/vpntcwrapper.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,114 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: PKCS#12 data handler
+*
+*/
+
+
+
+#include <x509cert.h>
+#include <mpkcs12.h>
+
+#include <e32std.h>
+#include <apacmdln.h>
+#include <bautils.h>
+
+#include <securityerr.h>
+#include <sysutil.h>
+
+#include "vpntcwrapper.h"
+#include "logvpncommon.h"
+
+EXPORT_C CVpnTcStub* NewTcStubL()
+ {
+ return new (ELeave) CVpnTcWrapper;
+ }
+
+void CVpnTcWrapper::SetTCAttributeL(const TInt aAttribId, const TDesC8& aVal)
+ {
+ LOG_("-> CVpnTcWrapper::SetTCAttribute()");
+
+ if (!iConnected)
+ {
+ LOG_(" Not connected yet...");
+ ConnectToDevLockL();
+ }
+
+ TInt err = iTs.SetDeviceLockParameter(aAttribId, aVal);
+
+ LOG_1(" Errorcode: %d", err);
+
+ User::LeaveIfError(err);
+
+ LOG_("<- CVpnTcWrapper::SetTCAttribute()");
+ }
+
+HBufC8* CVpnTcWrapper::GetTCAttributeL(TInt aAttribId)
+ {
+ LOG_("-> CVpnTcWrapper::GetTCAttribute()");
+
+ if (!iConnected)
+ {
+ LOG_(" Not connected yet...");
+ ConnectToDevLockL();
+ }
+
+ LOG_(" Getting size");
+
+ TInt size = iTs.GetDeviceLockParameterSize(aAttribId);
+ if(size < 0)
+ {
+ LOG_1("<- CVpnTcWrapper::GetTCAttribute() Leave: %d", size);
+ User::Leave(size);
+ }
+
+ LOG_1(" Attribute found, size: %d", size);
+
+ HBufC8* buffer = HBufC8::NewLC(size);
+ TPtr8 ptr8(buffer->Des());
+
+ // Read the actual attribute value
+ User::LeaveIfError(iTs.GetDeviceLockParameter(aAttribId, ptr8));
+
+ CleanupStack::Pop(buffer);
+
+ LOG_("<- CVpnTcWrapper::GetTCAttribute()");
+ return buffer;
+ }
+
+void CVpnTcWrapper::ConnectToDevLockL()
+ {
+ LOG_("-> CVpnTcWrapper::ConnectToDevLockL()");
+
+ User::LeaveIfError(iTc.Connect());
+ User::LeaveIfError(iTs.Open(iTc));
+
+ iConnected = ETrue;
+
+ LOG_("<- CVpnTcWrapper::ConnectToDevLockL()");
+ }
+
+CVpnTcWrapper::~CVpnTcWrapper()
+ {
+ LOG_("-> CVpnTcWrapper::~CVpnTcWrapper()");
+
+ iTs.Close();
+ iTc.Close();
+ iConnected = EFalse;
+
+ LOG_("<- CVpnTcWrapper::~CVpnTcWrapper()");
+ }
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/BWINS/vpndialogmanageru.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?NewDialogManagerL@@YAPAVMVpnDialogManager@@XZ @ 1 NONAME ; class MVpnDialogManager * NewDialogManagerL(void)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/EABI/vpndialogmanageru.def Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,19 @@
+EXPORTS
+ _Z17NewDialogManagerLv @ 1 NONAME
+ _ZTI10CVpnDialog @ 2 NONAME
+ _ZTI14CVpnInfoDialog @ 3 NONAME
+ _ZTI14CVpnWaitDialog @ 4 NONAME
+ _ZTI17CVpnDialogManager @ 5 NONAME
+ _ZTI18CPKCS12PasswordDlg @ 6 NONAME
+ _ZTI19CVpnMultiLineDialog @ 7 NONAME
+ _ZTI19CVpnUserIdentityDlg @ 8 NONAME
+ _ZTI7CKmdDlg @ 9 NONAME
+ _ZTV10CVpnDialog @ 10 NONAME
+ _ZTV14CVpnInfoDialog @ 11 NONAME
+ _ZTV14CVpnWaitDialog @ 12 NONAME
+ _ZTV17CVpnDialogManager @ 13 NONAME
+ _ZTV18CPKCS12PasswordDlg @ 14 NONAME
+ _ZTV19CVpnMultiLineDialog @ 15 NONAME
+ _ZTV19CVpnUserIdentityDlg @ 16 NONAME
+ _ZTV7CKmdDlg @ 17 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,30 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpndialogmanager.mmp
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/group/vpndialogmanager.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,55 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpndialogmanager
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET vpndialogmanager.dll
+TARGETTYPE DLL
+
+UID 0x1000008d 0x101F6D42
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE vpndialogshower.cpp
+SOURCE vpndialogmanager.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../data
+USERINCLUDE ../../vpnecomnotifier/inc
+USERINCLUDE ../../vpnecomnotifier/data
+USERINCLUDE ../../../vpnengine/pkiserviceapi/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../../vpnengine/vpncommon/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY eiksrv.lib
+LIBRARY euser.lib
+LIBRARY cone.lib
+LIBRARY avkon.lib
+LIBRARY eikdlg.lib //ws32.lib
+LIBRARY bafl.lib
+LIBRARY eikcoctl.lib
+LIBRARY eikcore.lib // For Infowin
+LIBRARY eiksrvui.lib // Eikon server ui (for suppressing app -key)
+LIBRARY efsrv.lib
+LIBRARY commonengine.lib
+LIBRARY cdlengine.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/inc/vpndialogmanager.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnDialogManager class.
+*
+*/
+
+
+
+#ifndef VPNDIALOGMANAGER_H
+#define VPNDIALOGMANAGER_H
+
+#include "vpnnotifierdefs.h"
+
+class MVpnDialog;
+class CVpnDialogShower;
+class MVpnNotifierCallback;
+
+class CVpnDialogManager : public CBase, public MVpnDialogManager
+ {
+public: // From CVpnDialogManagerBase
+ virtual MVpnDialog* LaunchDialogL(MVpnNotifierCallback* aNotifier, TInt aDialogId,
+ TInt aNoteDialogId, const TDesC8& aInput);
+ virtual TInt GetNoteTextId(TInt aNoteDialogId);
+ virtual CVpnDialogShower* GetDialogShowerL();
+ virtual MVpnDialog* ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aNoteDialogId);
+ virtual ~CVpnDialogManager();
+
+private:
+ CVpnDialogShower* iDialogShower;
+ };
+
+#endif // VPNDIALOGMANAGER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/inc/vpndialogshower.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,206 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of VPN dialog classes.
+*
+*/
+
+
+
+#ifndef VPNDIALOGSHOWER_H
+#define VPNDIALOGSHOWER_H
+
+#include <AknQueryDialog.h>
+#include <aknnotewrappers.h>
+#include <avkon.rsg>
+#include <avkon.mbg>
+#include <AknWaitDialog.h>
+
+#include "vpnnotifierdefs.h"
+
+
+const TInt KMaxAcuInputLength = 50;
+const TInt KMaxAuthenticationInputLength = 32;
+
+class CVpnDialog;
+class CEikColumnListBox;
+class MVpnNotifierCallback;
+class CVpnMultiLineDialog;
+class CVpnWaitDialog;
+class CVpnInfoDialog;
+
+class CVpnDialogShower : public CBase, public MProgressDialogCallback
+ {
+public:
+ CVpnDialog* GetServerAddressDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnDialog* GetServerIdentityDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnMultiLineDialog* GetLegacyAuthenticationDlgL(MVpnNotifierCallback* aNotifier);
+ CVpnMultiLineDialog* GetLegacyAuthenticationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnDialog* GetUserIdentityDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnDialog* GetPolicyUpdateConfirmationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+
+ CVpnDialog* GetPolicyImportConfirmationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnWaitDialog* GetPolicyImportProgressDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnWaitDialog* GetGenericProgressDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnDialog* GetPKCS12PasswordDlgL(MVpnNotifierCallback* aNotifier);
+ CVpnDialog* GetDevLockConfirmationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnInfoDialog* ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aTextId);
+ CVpnMultiLineDialog* GetUserPwdDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnMultiLineDialog* GetSecurIdDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ CVpnMultiLineDialog* GetSecurIdNextDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+
+private:
+ void DialogDismissedL(TInt /* aButtonId */)
+ {
+ };
+ TBuf<KMaxAcuInputLength> iValue1;
+ TBuf<KMaxAcuInputLength> iValue2;
+ };
+
+class CVpnDialog : public CAknQueryDialog, public MVpnDialog
+ {
+public:
+ CVpnDialog(MVpnNotifierCallback* aNotifier);
+
+public: // From MVpnDialog
+ void CancelL();
+
+protected:
+ virtual TBool AllowCancel();
+ virtual void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+
+private:
+ TBool OkToExitL(TInt aButtonId);
+
+protected:
+ MVpnNotifierCallback* iNotifier;
+ };
+
+class CVpnWaitDialog : public CAknWaitDialog, public MVpnDialog
+ {
+public:
+ CVpnWaitDialog(MVpnNotifierCallback* aNotifier);
+ CVpnWaitDialog();
+
+public: // From MVpnDialog
+ void CancelL();
+
+protected:
+ virtual TBool AllowCancel();
+ virtual void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+
+private:
+ TBool OkToExitL(TInt aButtonId);
+
+protected:
+ MVpnNotifierCallback* iNotifier;
+ };
+
+// CVpnMultiLineDialog
+
+class CVpnMultiLineDialog : public CAknMultiLineDataQueryDialog, public MVpnDialog
+ {
+public:
+ // Two-phased constructor.
+ static CVpnMultiLineDialog* NewL(MVpnNotifierCallback* aNotifier, TDes& aText1, TDes& aText2, TTone aTone = ENoTone);
+
+protected:
+ //Construction and destruction
+ //use NewL
+ CVpnMultiLineDialog(MVpnNotifierCallback* aNotifier, const TTone& aTone);
+
+public: // From MVpnDialog
+ void CancelL();
+
+protected:
+ virtual TBool AllowCancel();
+ virtual void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+
+private:
+ TBool OkToExitL(TInt aButtonId);
+
+protected:
+ MVpnNotifierCallback* iNotifier;
+ };
+
+// CVpnInfoDialog
+
+class CVpnInfoDialog : public CAknInformationNote, public MVpnDialog
+ {
+public:
+ CVpnInfoDialog(MVpnNotifierCallback* aNotifier);
+
+ ~CVpnInfoDialog();
+public: // From MVpnDialog
+ void CancelL();
+
+protected:
+ virtual TBool AllowCancel();
+ virtual void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+
+private:
+ TBool OkToExitL(TInt aButtonId);
+
+protected:
+ MVpnNotifierCallback* iNotifier;
+ };
+
+
+class CPKCS12PasswordDlg: public CVpnDialog
+ {
+public:
+ CPKCS12PasswordDlg(MVpnNotifierCallback* aNotifier);
+private:
+ void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+ };
+
+
+/**
+ * A dialog for asking the user identity for a certificate (request).
+ * Currently used only by the extended VPN Manager in T3. Located here
+ * at least for now.
+ */
+class CVpnUserIdentityDlg : public CVpnDialog
+ {
+public:
+ CVpnUserIdentityDlg(MVpnNotifierCallback* aNotifier, const TDesC8& aInput);
+ void PreLayoutDynInitL();
+private:
+ void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+private:
+ TPtrC8 iInput;
+ };
+
+class CKmdDlg : public CVpnMultiLineDialog
+ {
+public:
+ // NewL
+ static CKmdDlg* NewL(MVpnNotifierCallback* aNotifier, TDes& aText1, TDes& aText2, TTone aTone = ENoTone);
+ static CKmdDlg* NewL(MVpnNotifierCallback* aNotifier, TDes& aText1, TDes& aText2, const TDesC8& aInput, TTone aTone = ENoTone);
+protected:
+ //Construction and destruction
+ CKmdDlg(MVpnNotifierCallback* aNotifier, const TTone& aTone);
+ CKmdDlg(MVpnNotifierCallback* aNotifier, const TDesC8& aInput, const TTone& aTone);
+private:
+
+ void PreLayoutDynInitL();
+ void SetInitialCurrentLine();
+ // From CVpnMultiLineDialog
+ void GetOutputL(TVpnDialogOutput& aOutput, TInt aButtonId);
+
+private: // Data
+ TPtrC8 iInput;
+ };
+
+
+#endif // VPNDIALOGSHOWER_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/rom/vpndialogmanager.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpndialogmanager
+*
+*/
+
+
+
+#ifndef VPNDIALOGMANAGER_IBY
+#define VPNDIALOGMANAGER_IBY
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPN DIALOG MANAGER not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpndialogmanager.dll SHARED_LIB_DIR\vpndialogmanager.dll
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // VPNDIALOGMANAGER_IBY
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/src/vpndialogmanager.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,163 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN dialog manager
+*
+*/
+
+#include <vpnecomnotifier.rsg>
+#include "vpnnotifierdefs.h"
+#include "vpndialogshower.h"
+#include "vpndialogmanager.h"
+
+#include "logvpncommon.h"
+
+
+// At ordinal 1, a factory method used to produce cvpndialogmanager instances
+EXPORT_C MVpnDialogManager* NewDialogManagerL()
+ {
+ LOG_("-> NewDialogManagerL()");
+ LOG_("<- NewDialogManagerL()");
+ return new (ELeave) CVpnDialogManager;
+ }
+
+MVpnDialog* CVpnDialogManager::LaunchDialogL(MVpnNotifierCallback* aNotifier, TInt aDialogId,
+ TInt aNoteDialogId, const TDesC8& aInput)
+ {
+ CVpnDialogShower* shower = GetDialogShowerL();
+ LOG_1("-> CVpnDialogManager::LaunchDialogL() dialog ID is: %d", aDialogId);
+ LOG_1(" Note dialog ID: %d", aNoteDialogId);
+
+ // If note dialog id hasn't been specified, then we're going
+ // to display a more complex query dialog
+ if (aNoteDialogId == 0)
+ {
+ switch (aDialogId)
+ {
+
+ // VPN related dialogs
+ case TVpnDialog::EUserIdentity:
+ return shower->GetUserIdentityDlgL(aNotifier, aInput);
+ case TVpnDialog::EPolicyUpdateConfirmation:
+ return shower->GetPolicyUpdateConfirmationDlgL(aNotifier, aInput);
+
+ // Policy installer's dialogs
+ case TVpnDialog::EPolicyInstallConfirmation:
+ LOG_1(" Showing pol import conf %d", aDialogId);
+ return shower->GetPolicyImportConfirmationDlgL(aNotifier, aInput);
+ case TVpnDialog::EPolicyInstallInProgress:
+ return shower->GetPolicyImportProgressDlgL(aNotifier, aInput);
+ case TVpnDialog::EGenericProgress:
+ return shower->GetGenericProgressDlgL(aNotifier, aInput);
+ case TVpnDialog::EPKCS12Password:
+ return shower->GetPKCS12PasswordDlgL(aNotifier);
+ case TVpnDialog::EDeviceLockConfirmation:
+ LOG_1(" Showing dev lock pol import conf %d", aDialogId);
+ return shower->GetDevLockConfirmationDlgL(aNotifier, aInput);
+
+ // KMD Dialogs
+ case TKmdDialog::EUserPwd:
+ return shower->GetUserPwdDlgL(aNotifier, aInput);
+ case TKmdDialog::ESecurIdPin:
+ return shower->GetSecurIdDlgL(aNotifier, aInput);
+ case TKmdDialog::ESecurIdNextPin:
+ return shower->GetSecurIdNextDlgL(aNotifier, aInput);
+
+ default:
+ LOG_(" Default case, return NULL");
+ return NULL;
+ }
+ }
+ else
+ {
+ // Display the desired note
+ LOG_(" Showing note dialog");
+ return ShowNoteDialogL(aNotifier, aNoteDialogId);
+ }
+ }
+
+TInt CVpnDialogManager::GetNoteTextId(TInt aNoteDialogId)
+ {
+ LOG_("CVpnDialogManager::GetNoteTextId()");
+ switch (aNoteDialogId)
+ {
+ // ACU note dialogs
+ case TVpnNoteDialog::EWrongServerIdentityCode:
+ return R_ACU_WRONG_SERVER_IDENTITY_CODE;
+ case TVpnNoteDialog::ENextServerIdentity:
+ return R_ACU_NEXT_SERVER_IDENTITY;
+ case TVpnNoteDialog::EAuthenticationFailed:
+ return R_ACU_AUTH_FAILED;
+ case TVpnNoteDialog::EInvalidServerCert:
+ return R_ACU_INVALID_SERVER_CERT;
+ case TVpnNoteDialog::EInvalidClientCert:
+ return R_ACU_INVALID_CLIENT_CERT;
+ // VPN related note dialogs
+ case TVpnNoteDialog::EPolicyUpdateSucceeded:
+ return R_VPN_POLICY_UPDATE_SUCCEEDED;
+ case TVpnNoteDialog::EPolicyUpdateFailed:
+ return R_VPN_POLICY_UPDATE_FAILED;
+ case TVpnNoteDialog::EPolicyDeleteSucceeded:
+ return R_VPN_POLICY_DELETE_SUCCEEDED;
+ case TVpnNoteDialog::EVpnUserNameMissing:
+ return R_VPN_USER_NAME_MISSING;
+ case TVpnNoteDialog::EVpnFqdnMissing:
+ return R_VPN_FQDN_MISSING;
+ case TVpnNoteDialog::EVpnCannotForceDeviceLock:
+ return R_VPN_STR_CANNOT_FORCE_DEVICE_LOCK;
+ case TVpnNoteDialog::EPolicyInstallationFailed:
+ return R_VPN_POLICY_INSTALLATION_FAILED;
+ // Policy installer notes
+ case TVpnNoteDialog::EVpnPolicyInstalled:
+ return R_VPN_CONF_POLICY_IMPORT_COMPLETE;
+ case TVpnNoteDialog::EVpnWrongPKCS12Password:
+ return R_VPN_STR_WRONG_PKCS12_PASSWORD_STR;
+ // Kmd note dialogs
+ case TVpnNoteDialog::EKmdAuthenticationFailed:
+ return R_KMD_CRACK_AUTH_FAILED;
+ default:
+ LOG_(" Calling CVpnDialogManagerBase::GetNoteTextId()");
+ return CVpnDialogManager::GetNoteTextId(aNoteDialogId);
+ }
+ }
+
+CVpnDialogShower* CVpnDialogManager::GetDialogShowerL()
+ {
+ LOG_("-> CVpnDialogManager::GetDialogShowerL()");
+ if (iDialogShower)
+ {
+ LOG_("<- CVpnDialogManager::GetDialogShowerL() (old shower reused)");
+ return iDialogShower;
+ }
+ else
+ {
+ iDialogShower = new (ELeave) CVpnDialogShower();
+ LOG_("<- CVpnDialogManager::GetDialogShowerL() (new shower instantiated)");
+ return iDialogShower;
+ }
+ }
+
+MVpnDialog* CVpnDialogManager::ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aNoteDialogId)
+ {
+ LOG_("-> CVpnDialogManager::ShowNoteDialogL()");
+ LOG_("<- CVpnDialogManager::ShowNoteDialogL()");
+ return GetDialogShowerL()->ShowNoteDialogL(aNotifier, GetNoteTextId(aNoteDialogId));
+ }
+
+CVpnDialogManager::~CVpnDialogManager()
+ {
+ LOG_("-> CVpnDialogManager::~CVpnDialogManager()");
+ delete iDialogShower;
+ LOG_("<- CVpnDialogManager::~CVpnDialogManager()");
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpndialogmanager/src/vpndialogshower.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,574 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implementation of VPN dialog classes
+*
+*/
+
+#include <e32std.h>
+#include <e32base.h>
+#include <eikenv.h>
+#include <bautils.h>
+#include <eikseced.h>
+#include <aknlists.h>
+#include <aknselectionlist.h>
+#include <eikclb.h>
+#include <eiktxlbm.h> //CEikTextListBoxModel
+#include <eikbtgpc.h> //CEikButtonGroupContainer
+#include <eikrutil.h> //EikResourceUtils
+#include <eikclbd.h> //CColumnListBoxData
+#include <eiklabel.h> //CEikLabel
+#include <eikcapc.h> // for CEikCaptionedControl
+#include <avkon.rsg>
+#include <StringLoader.h>
+#include <AknProgressDialog.h>
+
+#include <vpnecomnotifier.rsg>
+
+#include "vpndialogshower.h"
+#include "vpnnotifierdefs.h"
+
+#include "logvpncommon.h"
+
+#include <layoutmetadata.cdl.h>
+
+
+CVpnInfoDialog* CVpnDialogShower::ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aTextId)
+ {
+ CVpnInfoDialog* dlg = new(ELeave)CVpnInfoDialog(aNotifier);
+ HBufC* text = CEikonEnv::Static()->AllocReadResourceLC(aTextId);
+ (static_cast<CAknInformationNote*>(dlg))->SetTimeout(CAknNoteDialog::ELongTimeout);
+ dlg->ExecuteLD(*text);
+ CleanupStack::PopAndDestroy(); // text
+ return dlg;
+ }
+
+
+// CVpnDialogShower
+
+CVpnDialog* CVpnDialogShower::GetUserIdentityDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput)
+ {
+ LOG_("-> CVpnDialogShower::GetUserIdentityDlgL()");
+ CVpnUserIdentityDlg* dialog = new (ELeave) CVpnUserIdentityDlg(aNotifier, aInput);
+ dialog->ExecuteLD(R_VPN_USER_IDENTITY_QUERY);
+ LOG_("<- CVpnDialogShower::GetUserIdentityDlgL()");
+ return dialog;
+ }
+
+CVpnDialog* CVpnDialogShower::GetPolicyUpdateConfirmationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& /*aInput*/)
+ {
+ CVpnDialog* dialog = new (ELeave) CVpnDialog(aNotifier);
+ dialog->ExecuteLD(R_VPN_POLICY_UPDATE_CONFIRMATION_QUERY);
+ return dialog;
+ }
+
+CVpnDialog* CVpnDialogShower::GetPKCS12PasswordDlgL(MVpnNotifierCallback* aNotifier)
+ {
+ LOG_("-> CVpnDialogShower::GetPKCS12PasswordDlgL()");
+ LOG_(" Instantiating dialog");
+ CPKCS12PasswordDlg * dialog = new (ELeave) CPKCS12PasswordDlg(aNotifier);
+ LOG_(" Executing dialog");
+ dialog->ExecuteLD(R_VPN_PKCS12_PASSWORD_QUERY);
+ LOG_("<- CVpnDialogShower::GetPKCS12PasswordDlgL()");
+ return dialog;
+ }
+
+// CKmdDialogShower
+
+CVpnMultiLineDialog* CVpnDialogShower::GetUserPwdDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput)
+ {
+ iValue1 = KNullDesC;
+ iValue2 = KNullDesC;
+ CKmdDlg* dialog = CKmdDlg::NewL(aNotifier, iValue1, iValue2, aInput, CAknQueryDialog::ENoTone);
+ dialog->ExecuteLD(R_KMD_CRACK_UNPW_QUERY);
+ return dialog;
+ }
+
+CVpnMultiLineDialog* CVpnDialogShower::GetSecurIdDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput)
+ {
+ iValue1 = KNullDesC;
+ iValue2 = KNullDesC;
+ CKmdDlg* dialog = CKmdDlg::NewL(aNotifier, iValue1, iValue2, aInput, CAknQueryDialog::ENoTone);
+ dialog->ExecuteLD(R_KMD_CRACK_SID_QUERY);
+ return dialog;
+ }
+
+CVpnMultiLineDialog* CVpnDialogShower::GetSecurIdNextDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput)
+ {
+ iValue1 = KNullDesC;
+ iValue2 = KNullDesC;
+ CKmdDlg* dialog = CKmdDlg::NewL(aNotifier, iValue1, iValue2, aInput, CAknQueryDialog::ENoTone);
+ dialog->ExecuteLD(R_KMD_CRACK_SID_NEXT_QUERY);
+ return dialog;
+ }
+
+/**
+ Creates the "Import policy 'XXX'?" dialog. The install filename in aInput has been
+ passed on by VPNPolIns.
+ */
+CVpnDialog* CVpnDialogShower::GetPolicyImportConfirmationDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& aInput)
+ {
+ LOG_("-> CVpnDialogShower::GetPolicyImportConfirmationDlgL");
+
+ HBufC* tempBuf = HBufC::NewLC(aInput.Length());
+ tempBuf->Des().Copy(aInput);
+
+ HBufC* str = StringLoader::LoadLC(R_VPN_STR_QUEST_IMPORT_POLICY_STR, *tempBuf);
+
+ CVpnDialog* dialog = new (ELeave) CVpnDialog(aNotifier);
+ dialog->PrepareLC(R_VPN_QUEST_IMPORT_POLICY);
+ dialog->SetPromptL(*str);
+ dialog->RunLD();
+
+ CleanupStack::PopAndDestroy(2); // str, tempBuf
+
+ LOG_("<- CVpnDialogShower::GetPolicyImportConfirmationDlgL");
+ return dialog;
+ }
+
+CVpnDialog* CVpnDialogShower::GetDevLockConfirmationDlgL(MVpnNotifierCallback* aNotifier,
+ const TDesC8& aInput)
+ {
+ LOG_("-> CVpnDialogShower::GetDevLockConfirmationDlgL");
+
+ HBufC* tempBuf = HBufC::NewLC(aInput.Length());
+ tempBuf->Des().Copy(aInput);
+
+ LOG_1(" Dialog string resource ID: 0x%x", R_VPN_STR_QUEST_APPLY_DEVLOCK_STR);
+ LOG_1(" Dialog resource ID: 0x%x", R_VPN_QUEST_APPLY_DEVLOCK);
+ HBufC* str = StringLoader::LoadLC(R_VPN_STR_QUEST_APPLY_DEVLOCK_STR, *tempBuf);
+
+ CVpnDialog* dialog = new (ELeave) CVpnDialog(aNotifier);
+ dialog->PrepareLC(R_VPN_QUEST_APPLY_DEVLOCK);
+ dialog->SetPromptL(*str);
+ dialog->RunLD();
+
+ CleanupStack::PopAndDestroy(2); // str, tempBuf
+
+ LOG_("<- CVpnDialogShower::GetDevLockConfirmationDlgL");
+ return dialog;
+ }
+
+/**
+ * Implementation of the wait dialog for policy installation process
+ *
+ */
+CVpnWaitDialog* CVpnDialogShower::GetPolicyImportProgressDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& /*aInput*/)
+ {
+ LOG_("-> CVpnDialogShower::GetPolicyImportProgressDlgL()");
+
+ CVpnWaitDialog* dialog = new ( ELeave ) CVpnWaitDialog(aNotifier);
+ dialog->SetTone( CAknNoteDialog::ENoTone );
+ dialog->SetCallback( this );
+ dialog->ExecuteLD(R_VPN_WAIT_IMPORT_POLICY);
+
+ LOG_("<- CVpnDialogShower::GetPolicyImportProgressDlgL()");
+ return dialog;
+ }
+
+CVpnWaitDialog* CVpnDialogShower::GetGenericProgressDlgL(MVpnNotifierCallback* aNotifier, const TDesC8& /*aInput*/)
+ {
+ LOG_("-> CVpnDialogShower::GetGenericProgressDlgL()");
+
+ CVpnWaitDialog* dialog = new ( ELeave ) CVpnWaitDialog(aNotifier);
+ dialog->SetTone( CAknNoteDialog::ENoTone );
+ dialog->SetCallback( this );
+ dialog->ExecuteLD(R_VPN_WAIT_PROCESSING);
+
+ LOG_1(" Dialog 0x%08x", dialog);
+
+ LOG_("<- CVpnDialogShower::GetGenericProgressDlgL()");
+ return dialog;
+ }
+
+
+// CVpnUserIdentityDlg
+
+CVpnUserIdentityDlg::CVpnUserIdentityDlg(MVpnNotifierCallback* aNotifier, const TDesC8& aInput) : CVpnDialog(aNotifier)
+ {
+ iInput.Set(aInput);
+ }
+
+void CVpnUserIdentityDlg::PreLayoutDynInitL()
+ {
+ if (iInput.Length() > 0)
+ {
+ HBufC* dialogInput = VpnNotifierUtil::To16BitL(iInput);
+ CleanupStack::PushL(dialogInput);
+
+ TInt paramSepOffset = dialogInput->Locate(KDialogParamSep);
+ TInt domainNameLength = paramSepOffset;
+ TInt proposedUserIdentityLength = dialogInput->Length() - paramSepOffset - 1; // 1 for separator
+
+ if (paramSepOffset <= 0 || domainNameLength <= 0 || proposedUserIdentityLength <= 0)
+ {
+ User::Leave(KErrArgument);
+ }
+
+ TPtrC domainName(dialogInput->Left(paramSepOffset));
+ TPtrC proposedUserIdentity(dialogInput->Mid(paramSepOffset + 1));
+
+ HBufC* prompt = StringLoader::LoadLC(R_VPN_USER_IDENTITY, domainName);
+
+ CAknQueryControl* control = static_cast<CAknQueryControl*>(Control(EEikCidPassword));
+ control->SetPromptL(*prompt);
+ control->SetTextL(proposedUserIdentity);
+
+ CleanupStack::PopAndDestroy(2); // prompt, dialogInput
+ }
+ }
+
+void CVpnUserIdentityDlg::GetOutputL(TVpnDialogOutput& aOutput, TInt /*aButtonId*/)
+ {
+ CAknQueryControl* control = static_cast<CAknQueryControl*>(Control(EEikCidPassword));
+
+ TBuf<64> userIdentity;
+ control->GetText(userIdentity);
+
+ HBufC8* userIdentity8 = VpnNotifierUtil::To8BitL(userIdentity);
+ CleanupStack::PushL(userIdentity8);
+ aOutput.iOutBuf.Copy(*userIdentity8);
+ CleanupStack::PopAndDestroy(userIdentity8);
+ }
+
+
+
+CPKCS12PasswordDlg::CPKCS12PasswordDlg(MVpnNotifierCallback* aNotifier) : CVpnDialog(aNotifier)
+ {
+ LOG_("-> CVpnDialogShower::CPKCS12PasswordDlg()");
+ LOG_("<- CVpnDialogShower::CPKCS12PasswordDlg()");
+ }
+
+void CPKCS12PasswordDlg::GetOutputL(TVpnDialogOutput& aOutput, TInt /*aButtonId*/)
+ {
+ LOG_("-> CVpnDialogShower::GetOutputL()");
+
+ CAknQueryControl* control = static_cast<CAknQueryControl*>(Control(EEikCidPassword));
+
+ TBuf<64> password;
+ control->GetText(password);
+
+ LOG_1(" Password: '%S'", &password);
+
+ HBufC8* password8 = VpnNotifierUtil::To8BitL(password);
+ CleanupStack::PushL(password8);
+ aOutput.iOutBuf.Copy(*password8);
+ CleanupStack::PopAndDestroy(password8);
+
+ LOG_("<- CVpnDialogShower::GetOutputL()");
+ }
+
+// CVpnDialog
+CVpnDialog::CVpnDialog(MVpnNotifierCallback* aNotifier) : iNotifier(aNotifier)
+ {
+ }
+
+void CVpnDialog::CancelL()
+ {
+ TryExitL(EEikBidCancel);
+ }
+
+TBool CVpnDialog::OkToExitL(TInt aButtonId)
+ {
+
+ if (aButtonId == EAknSoftkeyOptions)
+ {
+ DisplayMenuL(); //CAknDialog method
+ return EFalse;
+ }
+
+ if (aButtonId == EEikBidCancel ||
+ aButtonId == EAknSoftkeyBack ||
+ aButtonId == EAknSoftkeyNo)
+ {
+ if (AllowCancel())
+ {
+ iNotifier->DialogComplete(KErrCancel);
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+ else
+ {
+ TVpnDialogOutput dlgOutput;
+ GetOutputL(dlgOutput, aButtonId);
+ iNotifier->DialogCompleteL(KErrNone, dlgOutput);
+ }
+ return ETrue;
+ }
+
+TBool CVpnDialog::AllowCancel()
+ {
+ return ETrue;
+ }
+
+void CVpnDialog::GetOutputL(TVpnDialogOutput& /*aOutput*/, TInt /*aButtonId*/)
+ {
+ }
+
+
+CVpnWaitDialog::CVpnWaitDialog(MVpnNotifierCallback* aNotifier) : CAknWaitDialog(NULL, ETrue),
+ iNotifier(aNotifier)
+ {
+ }
+
+void CVpnWaitDialog::CancelL()
+ {
+ TryExitL(EEikBidCancel);
+ }
+
+TBool CVpnWaitDialog::OkToExitL(TInt aButtonId)
+ {
+
+ if (aButtonId == EAknSoftkeyOptions)
+ {
+ return EFalse;
+ }
+
+ if (aButtonId == EEikBidCancel ||
+ aButtonId == EAknSoftkeyBack ||
+ aButtonId == EAknSoftkeyNo)
+ {
+ if (AllowCancel())
+ {
+ iNotifier->DialogComplete(KErrCancel);
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+ else
+ {
+ TVpnDialogOutput dlgOutput;
+ GetOutputL(dlgOutput, aButtonId);
+ iNotifier->DialogCompleteL(KErrNone, dlgOutput);
+ }
+ return ETrue;
+ }
+
+TBool CVpnWaitDialog::AllowCancel()
+ {
+ return ETrue;
+ }
+
+void CVpnWaitDialog::GetOutputL(TVpnDialogOutput& /*aOutput*/, TInt /*aButtonId*/)
+ {
+ }
+
+// CVpnMultiLineDialog
+CVpnMultiLineDialog::CVpnMultiLineDialog(MVpnNotifierCallback* aNotifier, const TTone& aTone)
+: CAknMultiLineDataQueryDialog(aTone), iNotifier(aNotifier)
+ {
+ }
+
+
+CVpnMultiLineDialog* CVpnMultiLineDialog::NewL(MVpnNotifierCallback* aNotifier, TDes& aData1, TDes& aData2, TTone aTone)
+ {
+ CVpnMultiLineDialog* self = new (ELeave) CVpnMultiLineDialog(aNotifier, aTone);
+ CleanupStack::PushL(self);
+
+ // Set the query data for first and second line
+ // Must call CAknMultiLineDataQueryDialog::SetDataL method
+ // during second phase construction (NewL method).
+ self->SetDataL(aData1,aData2);
+
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+void CVpnMultiLineDialog::CancelL()
+ {
+ TryExitL(EEikBidCancel);
+ }
+
+TBool CVpnMultiLineDialog::OkToExitL(TInt aButtonId)
+ {
+ if (!CAknMultiLineDataQueryDialog::OkToExitL(aButtonId))
+ {
+ return EFalse;
+ }
+ if (aButtonId == EEikBidCancel)
+ {
+ if (AllowCancel())
+ {
+ iNotifier->DialogComplete(KErrCancel);
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+ else
+ {
+ TVpnDialogOutput dlgOutput;
+ GetOutputL(dlgOutput, aButtonId);
+ iNotifier->DialogCompleteL(KErrNone, dlgOutput);
+ }
+ return ETrue;
+ }
+
+TBool CVpnMultiLineDialog::AllowCancel()
+ {
+ return ETrue;
+ }
+
+void CVpnMultiLineDialog::GetOutputL(TVpnDialogOutput& /*aOutput*/, TInt /*aButtonId*/)
+ {
+ }
+
+// CVpnInfoDialog class
+CVpnInfoDialog::CVpnInfoDialog(MVpnNotifierCallback* aNotifier)
+: iNotifier(aNotifier)
+ {
+ }
+
+CVpnInfoDialog::~CVpnInfoDialog()
+ {
+ TIPSecDialogOutput dlgOutput;
+ TRAPD(err, GetOutputL(dlgOutput, EEikBidCancel));
+ if ( iNotifier )
+ TRAP(err, iNotifier->DialogCompleteL(KErrNone, dlgOutput));
+ }
+
+void CVpnInfoDialog::CancelL()
+ {
+ TryExitL(EEikBidCancel);
+ }
+
+TBool CVpnInfoDialog::OkToExitL(TInt aButtonId)
+ {
+ if (aButtonId == EEikBidCancel)
+ {
+ if (AllowCancel())
+ {
+ iNotifier->DialogComplete(KErrCancel);
+ }
+ else
+ {
+ return EFalse;
+ }
+ }
+ if (aButtonId == EAknSoftkeyEmpty)
+ {
+ return ETrue;
+ }
+ else
+ {
+ TVpnDialogOutput dlgOutput;
+ GetOutputL(dlgOutput, aButtonId);
+ iNotifier->DialogCompleteL(KErrNone, dlgOutput);
+ }
+ return ETrue;
+ }
+
+TBool CVpnInfoDialog::AllowCancel()
+ {
+ return ETrue;
+ }
+
+// Useless? Shouldn't leave in any case.
+void CVpnInfoDialog::GetOutputL(TVpnDialogOutput& /*aOutput*/, TInt /*aButtonId*/)
+ {
+
+ }
+
+// CKmdDlg
+
+CKmdDlg::CKmdDlg(MVpnNotifierCallback* aNotifier, const TTone& aTone) : CVpnMultiLineDialog(aNotifier, aTone)
+ {
+ }
+
+CKmdDlg::CKmdDlg(MVpnNotifierCallback* aNotifier, const TDesC8& aInput, const TTone& aTone)
+: CVpnMultiLineDialog(aNotifier, aTone)
+ {
+ iInput.Set(aInput);
+ }
+
+CKmdDlg* CKmdDlg::NewL(MVpnNotifierCallback* aNotifier, TDes& aData1, TDes& aData2, TTone aTone)
+ {
+ CKmdDlg* self = new (ELeave) CKmdDlg(aNotifier, aTone);
+ CleanupStack::PushL(self);
+ // Set the query data for first and second line
+ // Must call CAknMultiLineDataQueryDialog::SetDataL method
+ // during second phase construction (NewL method).
+ self->SetDataL(aData1, aData2);
+ CleanupStack::Pop();
+ return self;
+ }
+
+CKmdDlg* CKmdDlg::NewL(MVpnNotifierCallback* aNotifier, TDes& aData1, TDes& aData2, const TDesC8& aInput, TTone aTone)
+ {
+ CKmdDlg* self = new (ELeave) CKmdDlg(aNotifier, aInput, aTone);
+ CleanupStack::PushL(self);
+ // Set the query data for first and second line
+ // Must call CAknMultiLineDataQueryDialog::SetDataL method
+ // during second phase construction (NewL method).
+ self->SetDataL(aData1, aData2);
+ CleanupStack::Pop();
+ return self;
+ }
+
+void CKmdDlg::PreLayoutDynInitL()
+ {
+ SetMaxLengthOfFirstEditor(KMaxAuthenticationInputLength);
+ SetMaxLengthOfSecondEditor(KMaxAuthenticationInputLength);
+
+ CAknMultiLineDataQueryDialog::PreLayoutDynInitL();
+
+ CAknQueryControl* usernameControl = static_cast<CAknQueryControl*>(Control(EEikCidPassword));
+
+ if (iInput.Length() > 0)
+ {
+ HBufC16* usernameTextH16 = VpnNotifierUtil::To16BitL(iInput);
+ CleanupStack::PushL(usernameTextH16);
+ usernameControl->SetTextL(*usernameTextH16);
+ CleanupStack::PopAndDestroy(); // usernameTextH16
+ if (Layout_Meta_Data::IsLandscapeOrientation())
+ {
+ MakeLeftSoftkeyVisible(ETrue);
+ }
+ }
+ }
+
+void CKmdDlg::SetInitialCurrentLine()
+ {
+ CAknMultiLineDataQueryDialog::SetInitialCurrentLine();
+ if (!Layout_Meta_Data::IsLandscapeOrientation())
+ {
+ CEikCaptionedControl* passwordLine(NULL);
+ if (iInput.Length() > 0)
+ {
+ passwordLine = Line(EEikCidPasswordConfirm);
+ }
+ else
+ {
+ passwordLine = Line(EEikCidPassword);
+ }
+ ASSERT(passwordLine);
+ TRAP_IGNORE( TryChangeFocusToL(passwordLine->iId) );
+ }
+
+ HandleResourceChange(KEikDynamicLayoutVariantSwitch);
+ }
+
+void CKmdDlg::GetOutputL(TVpnDialogOutput& aOutput, TInt /*aButtonId*/)
+ {
+ CAknQueryControl* firstControl = static_cast<CAknQueryControl*>(Control(EEikCidPassword));
+ firstControl->GetText(aOutput.iOutBuf);
+
+ CAknQueryControl* secondControl = static_cast<CAknQueryControl*>(Control(EEikCidPasswordConfirm));
+ secondControl->GetText(aOutput.iOutBuf2);
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/data/101f6eb7.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPNNOTIFIER Plugin.
+*
+*/
+
+
+
+#include <ecom/registryinfo.rh>
+#include "uikon.hrh"
+
+RESOURCE REGISTRY_INFO theInfo
+ {
+ dll_uid = 0x101F6EB7;
+ interfaces =
+ {
+ INTERFACE_INFO
+ {
+ interface_uid = KUikonUidPluginInterfaceNotifiers;
+ implementations =
+ {
+ IMPLEMENTATION_INFO
+ {
+ implementation_uid = 0x10200EC8;
+ version_no = 1;
+ display_name = "VPNNOTIFIER Plugin";
+ default_data = "VPNNOTIFIER";
+ opaque_data = "0";
+ }
+ };
+ }
+ };
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/data/vpnecomnotifier.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,526 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for project vpnecomnotifier
+*
+*/
+
+NAME ANOT
+
+#include <eikon.rh>
+#include <avkon.rsg>
+#include <avkon.hrh>
+#include <avkon.rh>
+#include <avkon.mbg>
+#include <avkon.loc>
+
+#include "vpnecomnotifier.hrh"
+#include <vpnnotifier.loc>
+
+RESOURCE RSS_SIGNATURE { }
+
+RESOURCE TBUF { buf=""; }
+
+RESOURCE EIK_APP_INFO
+ {
+ }
+
+//=================================================================
+
+RESOURCE DIALOG r_acu_server_identity_query
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_OK_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EEikCidPassword;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EDataLayout;
+ label = qtn_p_policy_server_identity;
+ control = EDWIN
+ {
+ flags = 0;
+ maxlength=4;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+
+ // Editor cases
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+
+ // Input modes
+ allowed_input_modes = EAknEditorTextInputMode |
+ EAknEditorNumericInputMode;
+ default_input_mode = EAknEditorNumericInputMode;
+
+ // Means no functionality when pressing * or # in numeric keymap
+ numeric_keymap = EAknEditorPlainNumberModeKeymap;
+
+ // Contains .@;?'-_&/~*+= characters
+ //special_character_table = R_AVKON_EMAIL_ADDR_SPECIAL_CHARACTER_TABLE_DIALOG;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_acu_legacy_authentication
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_OK_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtMultilineQuery;
+ id = EEikCidPassword;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EMultiDataFirstEdwin;
+// label = qtn_p_policy_server_logon;
+ label = qtn_vpn_prmpt_policy_server_username;
+ control = EDWIN
+ {
+ flags = 0;
+ width = 5;
+ lines = 1;
+ maxlength = 50;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+ };
+ };
+ },
+ DLG_LINE
+ {
+ type = EAknCtMultilineQuery;
+ id = EEikCidPasswordConfirm;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EMultiDataSecondSecEd;
+ //label = qtn_p2_policy_server_logon;
+ label = qtn_vpn_prmpt_policy_server_password;
+ control = SECRETED
+ {
+ num_letters=50;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_vpn_user_identity_query
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_OK_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EEikCidPassword;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EDataLayout;
+ label = qtn_vpn_prmpt_user_identity;
+ control = EDWIN
+ {
+ flags=0;
+ lines=1;
+ maxlength=50;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_vpn_policy_update_confirmation_query
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_YES_NO;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EGeneralQuery;
+ control = AVKON_CONFIRMATION_QUERY
+ {
+ layout = EConfirmationQueryLayout;
+ label = qtn_vpn_quest_dl_policy_update;
+ // Use default icon
+ // bmpfile = AKNEXQUERY_BMPFILE_NAME;
+ // bmpid = EMbmAknexqueryLshellicon;
+ // bmpmask = AKNEXQUERY_BITMAP_MASK_FLAG;
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_vpn_quest_import_policy
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_YES_NO;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EGeneralQuery;
+ control = AVKON_CONFIRMATION_QUERY
+ {
+ layout = EConfirmationQueryLayout;
+ label = qtn_vpn_quest_import_policy;
+ // Use default icon
+ // bmpfile = AKNEXQUERY_BMPFILE_NAME;
+ // bmpid = EMbmAknexqueryLshellicon;
+ // bmpmask = AKNEXQUERY_BITMAP_MASK_FLAG;
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_vpn_quest_apply_devlock
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_YES_NO;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EGeneralQuery;
+ control = AVKON_CONFIRMATION_QUERY
+ {
+ layout = EConfirmationQueryLayout;
+ label = qtn_vpn_quest_import_policy_forcing_dev_lock;
+ // Use default icon
+ // bmpfile = AKNEXQUERY_BMPFILE_NAME;
+ // bmpid = EMbmAknexqueryLshellicon;
+ // bmpmask = AKNEXQUERY_BITMAP_MASK_FLAG;
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_vpn_wait_import_policy
+{
+ flags = EAknWaitNoteFlags | EEikDialogFlagNotifyEsc;
+ buttons=R_AVKON_SOFTKEYS_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtNote;
+ id = EGeneralNote;
+ control = AVKON_NOTE
+ {
+ layout = EWaitLayout;
+ singular_label = qtn_vpn_wait_importing_policy;
+ animation = R_QGN_GRAF_WAIT_BAR_ANIM;
+ };
+ }
+ };
+}
+
+RESOURCE DIALOG r_vpn_wait_processing
+{
+ flags = EAknWaitNoteFlags | EEikDialogFlagNotifyEsc;
+// buttons=R_AVKON_SOFTKEYS_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtNote;
+ id = EGeneralNote;
+ control = AVKON_NOTE
+ {
+ layout = EWaitLayout;
+ singular_label = qtn_gen_note_processing;
+ animation = R_QGN_GRAF_WAIT_BAR_ANIM;
+ };
+ }
+ };
+}
+
+RESOURCE DIALOG r_vpn_pkcs12_password_query
+ {
+ flags = EEikDialogFlagNotifyEsc;
+ buttons = R_AVKON_SOFTKEYS_OK_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtQuery;
+ id = EEikCidPassword;
+ control = AVKON_DATA_QUERY
+ {
+ layout = ECodeLayout;
+ label = qtn_vpn_prmpt_pkcs12_password;
+ control = SECRETED
+ {
+ num_letters = 32;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_kmd_crack_unpw_query
+ {
+ flags=EEikDialogFlagNotifyEsc;
+ buttons=R_AVKON_SOFTKEYS_OK_CANCEL;
+ items=
+ {
+ DLG_LINE
+ {
+ type = EAknCtMultilineQuery;
+ id = EEikCidPassword;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EMultiDataFirstEdwin;
+ label = qtn_vpn_prmpt_gw_username_legacy;
+ control = EDWIN
+ {
+ flags = 0;
+ width = 5;
+ lines = 1;
+ maxlength = 32;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+ };
+ };
+ },
+ DLG_LINE
+ {
+ type = EAknCtMultilineQuery;
+ id = EEikCidPasswordConfirm;
+ control = AVKON_DATA_QUERY
+ {
+ layout = EMultiDataSecondSecEd;
+ label = qtn_vpn_prmpt_gw_password_legacy;
+ control = SECRETED
+ {
+ num_letters = 32;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_kmd_crack_sid_query
+ {
+ flags=EEikDialogFlagNotifyEsc;
+ buttons=R_AVKON_SOFTKEYS_OK_CANCEL;
+ items=
+ {
+ DLG_LINE
+ {
+ type=EAknCtMultilineQuery;
+ id=EEikCidPassword;
+ control=AVKON_DATA_QUERY
+ {
+ layout = EMultiDataFirstEdwin;
+ label = qtn_vpn_prmpt_gw_username_legacy;
+ control=EDWIN
+ {
+ flags=0;
+ width=5;
+ lines=1;
+ maxlength=32;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+ };
+ };
+ },
+ DLG_LINE
+ {
+ type=EAknCtMultilineQuery;
+ id=EEikCidPasswordConfirm;
+ control= AVKON_DATA_QUERY
+ {
+ layout = EMultiDataSecondPinEd;
+ label = qtn_vpn_prmpt_gw_securid_passcode;
+ control = SECRETED
+ {
+ num_letters=32;
+ };
+ };
+ }
+ };
+ }
+
+RESOURCE DIALOG r_kmd_crack_sid_next_query
+ {
+ flags=EEikDialogFlagNotifyEsc;
+ buttons=R_AVKON_SOFTKEYS_OK_CANCEL;
+ items=
+ {
+ DLG_LINE
+ {
+ type=EAknCtMultilineQuery;
+ id=EEikCidPassword;
+ control=AVKON_DATA_QUERY
+ {
+ layout = EMultiDataFirstEdwin;
+ label = qtn_vpn_prmpt_gw_username_legacy;
+ control=EDWIN
+ {
+ flags=0;
+ width=5;
+ lines=1;
+ maxlength=32;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorAllCaseModes;
+ avkon_flags = EAknEditorFlagNoT9 |
+ EAknEditorFlagLatinInputModesOnly;
+ };
+ };
+ },
+ DLG_LINE
+ {
+ type=EAknCtMultilineQuery;
+ id=EEikCidPasswordConfirm;
+ control= AVKON_DATA_QUERY
+ {
+ layout = EMultiDataSecondPinEd;
+ label = qtn_vpn_prmpt_next_passcode;
+ control = SECRETED
+ {
+ num_letters=32;
+ };
+ };
+ }
+ };
+ }
+
+
+//=================================================================
+RESOURCE TBUF r_kmd_crack_auth_failed
+ {
+ buf = qtn_vpn_err_auth_failed;
+ }
+
+RESOURCE TBUF r_acu_next_server_identity
+ {
+ buf = qtn_vpn_info_verify_hash;
+ //buf = qtn_n_next_server_identity;
+ }
+
+RESOURCE TBUF r_acu_wrong_server_identity_code
+ {
+ buf = qtn_vpn_err_server_hash_error;
+ //buf = qtn_n_wrong_identity_code;
+ }
+
+RESOURCE TBUF r_acu_server_identity
+ {
+ buf = qtn_p2_policy_server_identity;
+ }
+
+RESOURCE TBUF r_acu_auth_failed
+ {
+ buf = qtn_vpn_err_auth_failed;
+ }
+
+RESOURCE TBUF r_acu_invalid_server_cert
+ {
+ buf = qtn_vpn_info_server_cert_expired;
+ }
+
+RESOURCE TBUF r_acu_invalid_client_cert
+ {
+ buf = qtn_vpn_info_client_cert_expired;
+ }
+
+// VPN related strings
+
+RESOURCE TBUF r_vpn_user_identity
+ {
+ buf = qtn_vpn_prmpt_user_identity;
+ }
+
+RESOURCE TBUF r_vpn_policy_update_succeeded
+ {
+ buf = qtn_vpn_conf_policy_update_complete;
+ }
+
+RESOURCE TBUF r_vpn_policy_update_failed
+ {
+ buf = qtn_vpn_info_policy_dl_error;
+ }
+
+RESOURCE TBUF r_vpn_policy_delete_succeeded
+ {
+ buf = qtn_vpn_info_policy_deleted;
+ }
+
+RESOURCE TBUF r_vpn_user_name_missing
+ {
+ buf = qtn_vpn_info_user_name_missing;
+ }
+
+RESOURCE TBUF r_vpn_fqdn_missing
+ {
+ buf = qtn_vpn_info_fqdn_missing;
+ }
+
+RESOURCE TBUF r_vpn_policy_installation_failed
+ {
+ buf = qtn_vpn_info_sis_definition_install_failed;
+ }
+
+RESOURCE TBUF r_vpn_conf_policy_import_complete
+ {
+ buf = qtn_vpn_conf_policy_import_complete;
+ }
+
+RESOURCE TBUF r_vpn_str_quest_import_policy_str
+ {
+ buf = qtn_vpn_quest_import_policy;
+ }
+
+RESOURCE TBUF r_vpn_str_quest_apply_devlock_str
+ {
+ buf = qtn_vpn_quest_import_policy_forcing_dev_lock;
+ }
+
+RESOURCE TBUF r_vpn_str_quest_pkcs12_password_str
+ {
+ buf = qtn_vpn_prmpt_pkcs12_password;
+ }
+
+RESOURCE TBUF r_vpn_str_wrong_pkcs12_password_str
+ {
+ buf = qtn_vpn_info_incorrect_pkcs12_password;
+ }
+
+RESOURCE TBUF r_vpn_str_cannot_force_device_lock
+ {
+ buf = qtn_vpn_info_import_cannot_force_dev_lock;
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/data/vpnecomnotifier_reg.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for project vpnecomnotifier.
+*
+*/
+
+
+
+NAME VPNN
+
+#include <uikon.rh>
+
+RESOURCE NOTIFIER_LIST
+ {
+ dll_uid = 0x101F6EB7;
+ notifier_list=
+ {
+ NOTIFIER_DATA
+ {
+ notifier_uid=0x101F6EB7; // KUidVpnDialogNotifier
+ }
+ };
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,29 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpnecomnotifier.mmp
+
+PRJ_TESTMMPFILES
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/group/vpnecomnotifier.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,72 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnecomnotifier
+*
+*/
+
+#include <platform_paths.hrh>
+#include <data_caging_paths.hrh>
+
+TARGET vpnecomnotifier.dll
+TARGETTYPE PLUGIN
+
+//UID 0x1000008d 0x101F6D3F
+// This module is an ECOM plugin
+// Using old acunotifier's UID
+UID 0x10009D8D 0x101F6EB7 // First uid=notifier uid, second UID pkinotifier DLL UID
+
+CAPABILITY ALL -Tcb
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE vpndialogmanagerecomstub.cpp
+SOURCE vpnecomnotifier.cpp
+
+//
+// ECOM plugin resource file
+//
+start resource ../data/101f6eb7.rss
+target vpnecomnotifier.rsc
+end
+
+//
+// UI resource file
+//
+START RESOURCE ../data/vpnecomnotifier.rss
+TARGETPATH resource
+HEADER
+LANGUAGE_IDS
+END
+
+USERINCLUDE ../inc
+USERINCLUDE ../data
+USERINCLUDE ../../../vpnengine/vpncommon/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+LIBRARY eiksrv.lib
+LIBRARY euser.lib
+LIBRARY cone.lib
+LIBRARY avkon.lib
+LIBRARY eikdlg.lib //ws32.lib
+LIBRARY bafl.lib
+LIBRARY eikcoctl.lib
+LIBRARY eikcore.lib // For Infowin
+LIBRARY eiksrvui.lib // Eikon server ui (for suppressing app -key)
+LIBRARY efsrv.lib
+LIBRARY commonengine.lib
+LIBRARY cdlengine.lib
+
+DEBUGLIBRARY flogger.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/inc/vpndialogmanagerecomstub.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,45 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Ecom Notifier's dialog manager stub definition file
+*
+*/
+
+
+
+
+#ifndef __VPNDIALOGMANAGERECOMSTUB_H__
+#define __VPNDIALOGMANAGERECOMSTUB_H__
+
+#include <e32base.h>
+
+class CVpnNotifier;
+class MVpnDialog;
+class MVpnDialogManager;
+class MVpnNotifierCallback;
+
+class CVpnDialogManagerEcomStub : public CBase
+ {
+public: // From CVpnDialogManagerBase
+ MVpnDialog* LaunchDialogL(MVpnNotifierCallback* aNotifier, TInt aDialogId,
+ TInt aNoteDialogId, const TDesC8& aInput);
+ TInt GetNoteTextId(TInt aNoteDialogId);
+ MVpnDialog* ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aNoteDialogId);
+ ~CVpnDialogManagerEcomStub();
+ void SetDialogManager(MVpnDialogManager* aDialogManager);
+
+private:
+ MVpnDialogManager* iDialogManager; // ref, not owned by this component
+ };
+
+#endif // __ACUDIALOGMANAGER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/inc/vpnecomnotifier.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,114 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Ecom Notifier's definition file
+*
+*/
+
+
+
+#ifndef __VPNECOMNOTIFIER_H__
+#define __VPNECOMNOTIFIER_H__
+
+#include <e32std.h>
+#include <e32base.h>
+#include <eiknotapi.h>
+#include <eikenv.h>
+
+#include "vpndialogmanagerecomstub.h"
+#include "vpnnotifierdefs.h"
+
+#include <ecom/implementationproxy.h>
+
+// Notifier should go to a dialog channel, not a led or sound channel
+const TUid KCrystalScreenOutputChannel = {0x10009D48};
+
+// Method at ordinal 1 to get a list of notifiers from this dll
+IMPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount);
+CArrayPtr<MEikSrvNotifierBase2>* NotifierArray();
+
+//////////////////////////////////////////////////////////////////////////////////
+//
+// The CVpnNotifier class is registered with the dialog server and
+// is responsible for receiving and sending messages and creating dialogs
+// for user requests.
+//
+//////////////////////////////////////////////////////////////////////////////////
+
+class MVpnDialog;
+
+class CVpnNotifier : public CBase, public MEikSrvNotifierBase2, public MVpnNotifierCallback
+ {
+public:
+ CVpnNotifier(const TUid& aNotifierUid, const TDesC& aResourceFilename,
+ CVpnDialogManagerEcomStub* aDialogManager);
+ ~CVpnNotifier();
+ void DialogComplete(TInt aReturnCode);
+ void DialogCompleteL(TInt aReturnCode, TVpnDialogOutput& aOutput);
+
+private: // From MEikSrvNotifierBase(2)
+ void Release();
+ TNotifierInfo RegisterL();
+ TNotifierInfo Info() const;
+ void StartL( const TDesC8& aBuffer, TInt aReturnValue, const RMessagePtr2& aMessage);
+ TPtrC8 StartL( const TDesC8& aBuffer);
+ void Cancel();
+ TPtrC8 UpdateL( const TDesC8& aBuffer);
+
+private:
+ TFileName GetResourceFileNameL();
+ // Added to overcome uninstallation problems
+ void LoadResourceFileL();
+ void UnloadResourceFile();
+ TBool LaunchDialogL(TInt aDialogId, TInt aNoteDialogId, const TDesC8& aInput);
+
+ /**
+ * Function for loading the actual VPN dialog manager implementation DLL
+ * (due to ecom architecture specialities, it will be unloaded and loaded
+ * again whenever LaunchDialogL is called).
+ *
+ * @leave Leaves if (e.g.) the DLL is not found
+ */
+ void LoadManagerDllL();
+
+ /**
+ * Unloads the manager DLL.
+ *
+ */
+ void CloseManagerDll();
+
+
+private:
+ CEikonEnv* iEikEnv; // Does not need to be destroyed
+ TInt iResourceFileOffset; // Resource file id
+ TNotifierInfo iInfo; //notifier info
+ MVpnDialog* iDialog;
+ RMessagePtr2 iMessage;
+ TInt iReturnValue;
+
+ CVpnDialogManagerEcomStub* iDialogManager;
+
+ TPtrC iResourceFilename;
+ TUid iNotifierUid;
+ HBufC8* iInput;
+ // Added to overcome uninstallation problems
+ TBool iResourceFileLoaded;
+
+ // Instance variables for handling the "real" (non-ecom) dialog manager DLL.
+ MVpnDialogManager* iRealDialogManager;
+ RLibrary iDialogManagerLib;
+
+
+ };
+
+#endif // __VPNNOTIFIER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/inc/vpnecomnotifier.hrh Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Ecom Notifier's resource headers
+*
+*/
+
+
+
+#ifndef VPNECOMNOTIFIER_HRH
+#define VPNECOMNOTIFIER_HRH
+
+// IDs
+#define EAcuServersListBox 1
+#define EAcuIapListBox 2
+#define EAcuExactChangesListBox 3
+#define EAcuNoteText1 4
+#define EAcuNoteText2 5
+#define EAcuFingerprint 6
+#define EAcuServerUrl 7
+#define EVpnDomain 8
+
+// Buttons
+#define EAcuBidCancel -1 //Must be same as EEikBidCancel
+#define EAcuBidNull -6 //Must be same as EEikBidBlank
+#define EAcuBidNew 1
+#define EAcuBidDelete 2
+#define EAcuBidDone 3
+#define EAcuBidDetails 4
+#define EAcuBidOK -2 // Must be same as EEikBidOk
+#define EAcuBidChange 6
+
+#endif // VPNECOMNOTIFIER_HRH
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/loc/vpnnotifier.loc Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,223 @@
+/*
+* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This is a localisation file for pkinotifier/kmdnotifier/acunotifier.
+*
+*/
+
+// LOCALISATION STRINGS
+
+// **DATA QUERY PROMPTS
+
+//d:User name in VPN policy server user authentication
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_policy_server_username "Policy server user name:"
+
+//d:Password in VPN policy server user authentication
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_policy_server_password "Policy server password:"
+
+//d:Key store password creation
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_new_pki_password "New key store password:"
+
+//d:Key store password creation
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_verify_pki_password "Verify password:"
+
+//d:Key store password query
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_pki_password "Key store password:"
+
+//d:Key import password query
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_key_import_password "Key import password:"
+
+//d:User name in VPN gateway user authentication query
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_gw_username_legacy "VPN user name:"
+
+//d:Passcode in VPN gateway user authentication query
+//d:SecurID based authentication
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_gw_securid_passcode "VPN passcode:"
+
+//d:Next passcode in VPN gateway user authentication query
+//d:SecurID based authentication
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_next_passcode "Next passcode:"
+
+//d:Password in VPN gateway user authentication query
+//d:Other type of legacy authentication
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_gw_password_legacy "VPN password:"
+
+//d:User identity query presented to the user during VPN certificate enrollment (fetching)
+//d:%U is replaced during run-time with a domain name such as "company.com" or "OU=Unit, O=Company"
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_user_identity "User identity for domain '%U':"
+
+//d:Prompting for PKCS12 policy/cert installation file password during manual policy installation
+//l:popup_query_data_window/opt5
+//
+#define qtn_vpn_prmpt_pkcs12_password "Password for PKCS#12 protected content:"
+
+
+// **CONFIRMATION QUERIES
+
+//d:Automatic policy update available
+//l:popup_note_window
+//
+#define qtn_vpn_quest_dl_policy_update "Update for the VPN policy in use is available. Update?"
+
+//d:Confirmation note text in case when user selects a VPN policy file to install
+//l:popup_note_window
+//
+#define qtn_vpn_quest_import_policy "Import VPN policy '%U'?"
+
+//d:Confirmation note text in case when user selects a VPN policy file to install, and the policy forces device lock parameter
+//l:popup_note_window
+//
+#define qtn_vpn_quest_import_policy_forcing_dev_lock "Import VPN policy ’%U’? Note: policy installation will force device lock."
+
+
+// **ERROR NOTES
+
+//d:Incorrect user name and/or password was entered
+//d:or given passcode was incorrect
+//l:popup_note_window
+//
+#define qtn_vpn_err_auth_failed "Authentication failed"
+
+//d:Incorrect characters were entered
+//l:popup_note_window
+//
+#define qtn_vpn_err_server_hash_error "Server identity code is incorrect"
+
+//d:User name was missing from VPN user identity dialog
+//l:popup_note_window
+//
+#define qtn_vpn_info_user_name_missing "User name missing"
+
+//d:The domain part was missing from a user identity in the VPN user identity dialog
+//d:User identity is of the format <username>@<domain>
+//l:popup_note_window
+//
+#define qtn_vpn_info_fqdn_missing "Domain part missing from the user identity"
+
+//d:Notification about incorrect pkcs#12 password during manual policy installation
+//l:popup_note_window
+//
+#define qtn_vpn_info_incorrect_pkcs12_password "Incorrect password"
+
+//d:Device lock error message during policy import via policy tool
+//l:popup_note_window
+//
+#define qtn_vpn_info_import_cannot_force_dev_lock "Unable to import policy. Device lock cannot be forced."
+
+
+
+// **INFORMATION NOTES
+
+//d:Information note text before server hash verification date query
+//l:popup_note_window
+//
+#define qtn_vpn_info_verify_hash "Please verify the server identity code by entering the missing characters"
+
+//d:Server certificate has expired in the policy server side
+//l:popup_note_window
+//
+#define qtn_vpn_info_server_cert_expired "Policy server logon failed. Delete and re-create the server definition."
+
+//d:Client certificate has expired
+//l:popup_note_window
+//
+#define qtn_vpn_info_client_cert_expired "Automatic policy server logon failed. Enter policy server user name and password to continue."
+
+//d:Policy update failed
+//l:popup_note_window
+//
+#define qtn_vpn_info_policy_dl_error "Policy update failed. See VPN log for details."
+
+//d:Given passwords do not match
+//l:popup_note_window
+//
+#define qtn_vpn_info_password_no_match "Passwords do not match"
+
+//d:Given passwords is less than six characters long
+//l:popup_note_window
+//
+#define qtn_vpn_info_password_too_short "Password has to be at least six characters long"
+
+//d:Given passwords is incorrect
+//l:popup_note_window
+//
+#define qtn_vpn_info_incorrect_password "Incorrect password"
+
+//d:Policy installation fails
+//l:popup_note_window
+//
+#define qtn_vpn_info_sis_definition_install_failed "Installation failed. See VPN log for details."
+
+//d:The policy in use has been deleted from server side and
+//d:the policy is deleted from the phone
+//l:popup_note_window
+//
+#define qtn_vpn_info_policy_deleted "VPN policy in use has been deleted. Try reconfiguring the VPN access point."
+
+//d:The client/server certificate has expired or has been revoked
+//l:popup_note_window
+//
+#define qtn_vpn_info_client_or_serv_cert_expired "Policy server logon failed. See VPN log for details."
+
+//d:The PKI key store is empty and hence the key store password cannot be created or changed.
+//d:This note is shown to the user when the user chooses the "Change password" command in the UI
+//d:but the password cannot be set. Getting rid of the command in this case is not an option.
+//l:popup_note_window
+//
+#define qtn_vpn_info_cannot_set_key_store_password "Key store empty. The password cannot be set."
+
+
+// **WAIT NOTES (PROGRESS BAR NOTES)
+
+//d:Policy tool wait note, shown while policy installation is not completed
+//l:popup_note_window
+//
+#define qtn_vpn_wait_importing_policy "Importing policy"
+
+
+// **CONFIRMATION NOTES
+
+//d:Confirmation note text in case when policy install/update process completed
+//l:popup_note_window
+//
+#define qtn_vpn_conf_policy_update_complete "Policy update complete"
+
+//d:Policy installation with policy tool is complete
+//l:popup_note_window
+//
+#define qtn_vpn_conf_policy_import_complete "Policy import complete"
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/rom/vpnecomnotifier.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,52 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnecomnotifier
+
+*
+*/
+
+
+
+
+
+#ifndef VPNECOMNOTIFIER_IBY
+
+#define VPNECOMNOTIFIER_IBY
+
+
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+
+
+REM Feature ACUNOTIFIER not included in this rom
+
+
+
+#else
+
+
+
+// ECOM_PLUGIN is defined in header.iby
+
+ECOM_PLUGIN(vpnecomnotifier.dll,vpnecomnotifier.rsc)
+
+
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+
+
+#endif // VPNECOMNOTIFIER_IBY
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/rom/vpnecomnotifierResources.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnecomnotifier's resources
+*
+*/
+
+
+
+#ifndef VPNECOMNOTIFIERRESOURCES_IBY
+#define VPNECOMNOTIFIERRESOURCES_IBY
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNECOMNOTIFIER not included in this rom
+
+#else
+
+data=DATAZ_\RESOURCE_FILES_DIR\vpnecomnotifier.rsc RESOURCE_FILES_DIR\vpnecomnotifier.rsc
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // VPNECOMNOTIFIERRESOURCES_IBY
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/src/vpndialogmanagerecomstub.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,78 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Ecom Notifier's dialog manager stub implementation file
+*
+*/
+
+
+
+
+#include "vpndialogmanagerecomstub.h"
+#include "vpnnotifierdefs.h"
+
+#include <vpnecomnotifier.rsg>
+
+#include "logvpncommon.h"
+
+MVpnDialog* CVpnDialogManagerEcomStub::LaunchDialogL(MVpnNotifierCallback* aNotifier, TInt aDialogId,
+ TInt aNoteDialogId, const TDesC8& aInput)
+ {
+ LOG_1("-> CVpnDialogManagerEcomStub::LaunchDialogL() dialog ID is: %d", aDialogId);
+
+ ASSERT(iDialogManager);
+ LOG_(" Launching the real McDialogManager");
+ MVpnDialog* dialog = iDialogManager->LaunchDialogL(aNotifier, aDialogId, aNoteDialogId, aInput);
+
+ LOG_("<- CVpnDialogManagerEcomStub::LaunchDialogL()");
+ return dialog;
+ }
+
+void CVpnDialogManagerEcomStub::SetDialogManager(MVpnDialogManager* aDialogManager)
+ {
+ LOG_("-> CVpnDialogManagerEcomStub::SetDialogManager()");
+ iDialogManager = aDialogManager;
+ LOG_("<- CVpnDialogManagerEcomStub::SetDialogManager()");
+ }
+
+TInt CVpnDialogManagerEcomStub::GetNoteTextId(TInt aNoteDialogId)
+ {
+ LOG_1("-> CVpnDialogManagerEcomStub::GetNoteTextId(), note dialog id: %d", aNoteDialogId);
+
+ ASSERT(iDialogManager);
+ TInt ret = iDialogManager->GetNoteTextId(aNoteDialogId);
+
+ LOG_1("<- CVpnDialogManagerEcomStub::GetNoteTextId() return: %d", ret);
+ return ret;
+ }
+
+MVpnDialog* CVpnDialogManagerEcomStub::ShowNoteDialogL(MVpnNotifierCallback* aNotifier, TInt aNoteDialogId)
+ {
+ LOG_("-> CAcuEcomDialogManager::ShowNoteDialogL()");
+
+ ASSERT(iDialogManager);
+ LOG_(" Launching the real McDialogManager");
+
+ MVpnDialog* ret = iDialogManager->ShowNoteDialogL(aNotifier, aNoteDialogId);
+
+ LOG_("<- CAcuEcomDialogManager::ShowNoteDialogL()");
+
+ return ret;
+ }
+
+CVpnDialogManagerEcomStub::~CVpnDialogManagerEcomStub()
+ {
+ LOG_("-> CAcuEcomDialogManager::~CVpnDialogManagerEcomStub()");
+ LOG_("<- CAcuEcomDialogManager::~CVpnDialogManagerEcomStub()");
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnecomnotifier/src/vpnecomnotifier.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,435 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Ecom Notifier's implementation file
+*
+*/
+
+
+
+
+#include <eikenv.h>
+#include <bautils.h>
+
+#include "logvpncommon.h"
+
+#include <uikon/eiksrvui.h> // Eikon server ui (for suppressing app -key)
+
+#include "vpnecomnotifier.h"
+
+#include "vpndialogmanagerecomstub.h"
+
+
+
+
+
+CArrayPtrFlat<MEikSrvNotifierBase2>* createNotifierArrayL()
+ {
+ CArrayPtrFlat<MEikSrvNotifierBase2>* notifierList = new (ELeave) CArrayPtrFlat<MEikSrvNotifierBase2>(2);
+ CleanupStack::PushL(notifierList);
+
+ CVpnDialogManagerEcomStub* dlgManager = new (ELeave) CVpnDialogManagerEcomStub();
+ CleanupStack::PushL(dlgManager);
+
+ CVpnNotifier* notifier = new (ELeave) CVpnNotifier(KUidVpnDialogNotifier,
+ KVpnNotifierResource,
+ dlgManager);
+ CleanupStack::PushL(notifier);
+
+ notifierList->AppendL(notifier);
+
+ CleanupStack::Pop(3); // notifierList, dlgManager, notifier
+
+ return notifierList;
+ }
+
+CArrayPtr<MEikSrvNotifierBase2>* NotifierArray()
+ {
+ CArrayPtrFlat<MEikSrvNotifierBase2>* notifierList = NULL;
+
+ TRAPD(err, notifierList = createNotifierArrayL());
+ if(err)
+ {
+ notifierList->ResetAndDestroy();
+ delete notifierList;
+ notifierList = NULL;
+ }
+
+ return notifierList;
+ }
+
+const TImplementationProxy ImplementationTable[]=
+ {
+ IMPLEMENTATION_PROXY_ENTRY(0x10200EC8, NotifierArray)
+ };
+
+EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
+ {
+ aTableCount = sizeof(ImplementationTable)/sizeof(TImplementationProxy);
+ return ImplementationTable;
+ }
+
+
+
+
+CVpnNotifier::CVpnNotifier(const TUid& aNotifierUid, const TDesC& aResourceFilename,
+ CVpnDialogManagerEcomStub* aDialogManager)
+ {
+ LOG_("-> CVpnNotifier::CVpnNotifier()");
+ iEikEnv = CEikonEnv::Static();
+ iNotifierUid = aNotifierUid;
+ iResourceFilename.Set(aResourceFilename);
+ iDialogManager = aDialogManager;
+ // Added to overcome uninstallation problems
+ iResourceFileLoaded = EFalse;
+ LOG_("<- CVpnNotifier::CVpnNotifier()");
+ }
+
+CVpnNotifier::~CVpnNotifier()
+ {
+ LOG_("-> CVpnNotifier::~CVpnNotifier()");
+ delete iDialogManager;
+ LOG_("<- CVpnNotifier::~CVpnNotifier()");
+ }
+
+CVpnNotifier::TNotifierInfo CVpnNotifier::RegisterL()
+ {
+ LOG_("-> CVpnNotifier::RegisterL()");
+
+ iInfo.iUid = iNotifierUid;
+ iInfo.iChannel = KCrystalScreenOutputChannel;
+ iInfo.iPriority = ENotifierPriorityLow;
+
+ LOG_("<- CVpnNotifier::RegisterL()");
+
+ return iInfo;
+ }
+
+// Added to overcome uninstallation problems
+void CVpnNotifier::LoadResourceFileL()
+ {
+ LOG_("-> CVpnNotifier::LoadResourceFileL()");
+ if (!iResourceFileLoaded)
+ {
+ TFileName fileName = GetResourceFileNameL();
+ iResourceFileOffset = iEikEnv->AddResourceFileL(fileName);
+ iResourceFileLoaded = ETrue;
+ }
+
+ LOG_("<- CVpnNotifier::LoadResourceFileL()");
+ }
+
+
+void CVpnNotifier::CloseManagerDll()
+ {
+ if (iRealDialogManager)
+ {
+ LOG_(" Closing old dialog manager instance");
+
+
+ LOG_(" Deleting");
+ delete iRealDialogManager;
+ iRealDialogManager = NULL;
+
+ iDialogManager->SetDialogManager(NULL);
+
+ LOG_(" Closing library");
+
+ iDialogManagerLib.Close();
+
+ LOG_(" Close completed");
+ }
+ }
+
+// Added to overcome uninstallation problems
+void CVpnNotifier::UnloadResourceFile()
+ {
+ LOG_("-> CVpnNotifier::UnloadResourceFile()");
+
+
+ if (iResourceFileLoaded)
+ {
+ iEikEnv->DeleteResourceFile(iResourceFileOffset);
+ iResourceFileLoaded = EFalse;
+ }
+
+
+
+ LOG_("<- CVpnNotifier::UnloadResourceFile()");
+ }
+
+CVpnNotifier::TNotifierInfo CVpnNotifier::Info() const
+ {
+ return iInfo;
+ }
+
+void CVpnNotifier::StartL(const TDesC8& aBuffer, TInt aReturnValue, const RMessagePtr2& aMessage)
+ {
+ LOG_("-> CVpnNotifier::StartL()");
+ __ASSERT_DEBUG(aBuffer.Length() >= 4, _L("Input buffer is empty"));
+
+ // Only one dialog can be shown at a time
+ if (iDialog)
+ {
+ User::Leave(KErrInUse);
+ }
+
+ // Store output data references
+ iMessage = aMessage;
+ iReturnValue = aReturnValue;
+
+ // Get input data to the local memory space
+ HBufC8* input = HBufC8::NewL(aBuffer.Length());
+ CleanupStack::PushL(input);
+ input->Des().Copy(aBuffer);
+
+ // The input consist of two parts in a single descriptor:
+ // TVpnDialogInfo and the actual input that goes to the dialogs
+
+ // First analyze the TVpnDialogInput info
+ TVpnDialogInfo dialogInfo;
+ TPckg<TVpnDialogInfo> pkgDialogInfo(dialogInfo);
+ pkgDialogInfo.Copy(input->Left(sizeof(TVpnDialogInfo))); // 8 bit buffer -> size = length
+
+ TInt dialogId = dialogInfo.DialogId();
+ TInt noteDialogId = dialogInfo.NoteDialogId();
+
+
+ // Then store the actual dialog input for later use
+ TInt strLen = dialogInfo.NoteExtraInput().Length();
+ if (strLen > 0)
+ {
+ // Additional extra input (i.e. string replacement) was specified
+ // in the dialog info structure, take it into use and pass it on.
+ iInput = dialogInfo.NoteExtraInput().AllocL();
+ }
+ else
+ {
+ iInput = HBufC8::NewL(input->Size() - sizeof(TVpnDialogInfo));
+ iInput->Des().Copy(input->Mid(sizeof(TVpnDialogInfo)));
+ }
+
+ CleanupStack::PopAndDestroy(); // input
+
+ if (!LaunchDialogL(dialogId, noteDialogId, *iInput))
+ {
+ User::Leave(KErrNotSupported);
+ }
+ LOG_("<- CVpnNotifier::StartL()");
+ }
+
+TPtrC8 CVpnNotifier::StartL( const TDesC8& /*aBuffer*/ )
+ {
+ LOG_("-> CVpnNotifier::StartL()");
+
+ __ASSERT_DEBUG(EFalse, User::Panic(_L("Synchronous StartL not used"), 0)); // should here be ret KNullDesC8() also?
+
+ LOG_("<- CVpnNotifier::StartL()");
+
+ return NULL;
+ }
+
+TPtrC8 CVpnNotifier::UpdateL( const TDesC8& /*aBuffer*/ )
+ {
+ LOG_("-> CVpnNotifier::UpdateL()");
+
+ LOG_("<- CVpnNotifier::UpdateL()");
+
+ return KNullDesC8();
+ }
+
+void CVpnNotifier::Cancel()
+ {
+ LOG_("-> CVpnNotifier::Cancel()");
+ if (iDialog)
+ {
+ TRAP_IGNORE(iDialog->CancelL());
+ iDialog = NULL;
+ }
+ LOG_("<- CVpnNotifier::Cancel()");
+ }
+
+void CVpnNotifier::Release()
+ {
+ LOG_("-> CVpnNotifier::Release()");
+
+ UnloadResourceFile();
+ CloseManagerDll();
+ delete this;
+
+ LOG_("<- CVpnNotifier::Release()");
+ }
+
+TBool CVpnNotifier::LaunchDialogL(TInt aDialogId, TInt aNoteDialogId, const TDesC8& aInput)
+ {
+ LOG_("-> CVpnNotifier::LaunchDialogL()");
+ ((CEikServAppUi*)(CEikonEnv::Static())->EikAppUi())->SuppressAppSwitching(ETrue);
+
+ // To ensure that we indeed do get the most recent (possibly updated) version
+ // of both the resource file, and the DLL that uses resource IDs.
+ UnloadResourceFile();
+ LoadResourceFileL();
+
+ CloseManagerDll();
+ LoadManagerDllL();
+
+ iDialog = iDialogManager->LaunchDialogL(this, aDialogId, aNoteDialogId, aInput);
+ if (iDialog)
+ {
+ LOG_("<- CVpnNotifier::LaunchDialogL() (ETrue)");
+ return ETrue;
+ }
+ else
+ {
+ UnloadResourceFile();
+ CloseManagerDll();
+ LOG_("<- CVpnNotifier::LaunchDialogL() (couldn't instantiate dialog)");
+ return EFalse;
+ }
+ }
+
+TFileName CVpnNotifier::GetResourceFileNameL()
+ {
+ LOG_("-> CVpnNotifier::GetResourceFileNameL()");
+ RFs& fsSession = iEikEnv->FsSession();
+
+ TDriveList driveList;
+ User::LeaveIfError(fsSession.DriveList(driveList));
+
+ TInt driveNumber;
+ TDriveName drive = _L("a:");
+
+ TFileName resName;
+ TInt foundIt = EFalse;
+
+ LOG_(" Starting drive letter iteration");
+ for (driveNumber = EDriveA, drive[0] = 'a';
+ driveNumber <= EDriveZ;
+ driveNumber++, drive[0]++)
+ {
+ if (!driveList[driveNumber])
+ {
+ LOG_(" Continue");
+ continue;
+ }
+
+ TParse parse;
+ parse.Set(drive, &iResourceFilename, NULL);
+
+ resName.Copy(parse.FullName());
+
+ LOG_1(" Resource filename: '%S'", &resName);
+
+ BaflUtils::NearestLanguageFile(iEikEnv->FsSession(), resName);
+
+ TEntry entry;
+ if (fsSession.Entry(resName, entry) == KErrNone)
+ {
+ LOG_(" Found it!");
+ foundIt = ETrue;
+ break;
+ }
+ }
+
+ if (!foundIt)
+ {
+ LOG_(" Didn't find it!");
+ User::Leave(KErrNotFound);
+ }
+
+ LOG_("<- CVpnNotifier::GetResourceFileNameL()");
+
+ // If the file name was found, it will stay in the cleanup stack
+ return resName;
+ }
+
+void CVpnNotifier::DialogCompleteL(TInt aReturnCode, TVpnDialogOutput& aOutput)
+ {
+ LOG_("-> CVpnNotifier::DialogCompleteL()");
+
+ // NOTE! this doesn't work with own notifier server
+ // Activate apps -key again
+ //
+ ((CEikServAppUi*)(CEikonEnv::Static())->EikAppUi())->SuppressAppSwitching(EFalse);
+
+ TPckgBuf<TVpnDialogOutput> outBuf(aOutput);
+ iMessage.WriteL(iReturnValue, outBuf);
+ iMessage.Complete(aReturnCode);
+ iDialog = NULL;
+ delete iInput; iInput = NULL;
+ // Added to overcome uninstallation problems
+ UnloadResourceFile();
+ iManager->CancelNotifier(iNotifierUid);
+
+ LOG_("<- CVpnNotifier::DialogCompleteL()");
+
+ }
+
+void CVpnNotifier::DialogComplete(TInt aReturnCode)
+ {
+ LOG_("-> CVpnNotifier::DialogComplete()");
+
+ // NOTE! this doesn't work with own notifier server
+ // Activate apps -key again
+ //
+ ((CEikServAppUi*)(CEikonEnv::Static())->EikAppUi())->SuppressAppSwitching(EFalse);
+
+ iMessage.Complete(aReturnCode);
+ iDialog = NULL;
+ delete iInput; iInput = NULL;
+ // Added to overcome uninstallation problems
+ UnloadResourceFile();
+ iManager->CancelNotifier(iNotifierUid);
+
+ LOG_("<- CVpnNotifier::DialogComplete()");
+
+ }
+
+void CVpnNotifier::LoadManagerDllL()
+ {
+ LOG_("-> CVpnNotifier::LoadManagerDll()");
+
+ LOG_(" Loading manager again");
+
+ TInt status = iDialogManagerLib.Load(KVpnDialogManagerDll, KNullUid);
+
+ LOG_1(" DLL load status: %d", status);
+
+ if (status == KErrNone)
+ {
+ LOG_(" Suitable DLL found, instantiating VPN dialog manager");
+
+ TLibraryFunction entry = iDialogManagerLib.Lookup(1);
+
+ LOG_(" Entry point found");
+
+ // Constructor at the given ordinal may leave, even if it's not evident
+ // from the syntax
+ iRealDialogManager = (MVpnDialogManager*)entry();
+ iDialogManager->SetDialogManager(iRealDialogManager);
+
+ LOG_(" Dialog manager instantiated");
+ }
+ else
+ {
+ LOG_(" (LEAVE) Dialog manager DLL not found!");
+ User::Leave(status);
+ }
+
+ LOG_("<- CVpnNotifier::LoadManagerDll() (OK)");
+ }
+
+
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/BMARM/VPNMANAGEMENTUIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,5 @@
+EXPORTS
+ NewUiRunnerL__Fv @ 1 NONAME R3UNUSED ; NewUiRunnerL(void)
+ NewLC__12CVpnUiLoaderRC5TRectG4TUid @ 2 NONAME R3UNUSED ; CVpnUiLoader::NewLC(TRect const &, TUid)
+ NewL__12CVpnUiLoaderRC5TRectG4TUid @ 3 NONAME R3UNUSED ; CVpnUiLoader::NewL(TRect const &, TUid)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/BWINS/VPNMANAGEMENTUIU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,3 @@
+EXPORTS
+ ?ImplementationGroupProxy@@YAPBUTImplementationProxy@@AAH@Z @ 1 NONAME ; struct TImplementationProxy const * ImplementationGroupProxy(int &)
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/EABI/vpnmanagementuiU.DEF Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+EXPORTS
+ _ZTI12CVpnUiLoader @ 1 NONAME ; #<TI>#
+ _ZTI12CVpnUiRunner @ 2 NONAME ; #<TI>#
+ _ZTI14CAcuApiWrapper @ 3 NONAME ; #<TI>#
+ _ZTI14CVpnApiWrapper @ 4 NONAME ; #<TI>#
+ _ZTI16CVpnManagementUi @ 5 NONAME ; #<TI>#
+ _ZTI19CServerSettingsView @ 6 NONAME ; #<TI>#
+ _ZTI20CVpnManagementUiView @ 7 NONAME ; #<TI>#
+ _ZTI23CVpnManagementUiLogView @ 8 NONAME ; #<TI>#
+ _ZTI24CServerSettingsContainer @ 9 NONAME ; #<TI>#
+ _ZTI25CVpnManagementUiContainer @ 10 NONAME ; #<TI>#
+ _ZTI26CVpnManagementUiPolicyView @ 11 NONAME ; #<TI>#
+ _ZTI26CVpnManagementUiServerView @ 12 NONAME ; #<TI>#
+ _ZTI28CVpnManagementUiLogContainer @ 13 NONAME ; #<TI>#
+ _ZTI31CVpnManagementUiPolicyContainer @ 14 NONAME ; #<TI>#
+ _ZTI31CVpnManagementUiServerContainer @ 15 NONAME ; #<TI>#
+ _ZTV12CVpnUiLoader @ 16 NONAME ; #<VT>#
+ _ZTV12CVpnUiRunner @ 17 NONAME ; #<VT>#
+ _ZTV14CAcuApiWrapper @ 18 NONAME ; #<VT>#
+ _ZTV14CVpnApiWrapper @ 19 NONAME ; #<VT>#
+ _ZTV16CVpnManagementUi @ 20 NONAME ; #<VT>#
+ _ZTV19CServerSettingsView @ 21 NONAME ; #<VT>#
+ _ZTV20CVpnManagementUiView @ 22 NONAME ; #<VT>#
+ _ZTV23CVpnManagementUiLogView @ 23 NONAME ; #<VT>#
+ _ZTV24CServerSettingsContainer @ 24 NONAME ; #<VT>#
+ _ZTV25CVpnManagementUiContainer @ 25 NONAME ; #<VT>#
+ _ZTV26CVpnManagementUiPolicyView @ 26 NONAME ; #<VT>#
+ _ZTV26CVpnManagementUiServerView @ 27 NONAME ; #<VT>#
+ _ZTV28CVpnManagementUiLogContainer @ 28 NONAME ; #<VT>#
+ _ZTV31CVpnManagementUiPolicyContainer @ 29 NONAME ; #<VT>#
+ _ZTV31CVpnManagementUiServerContainer @ 30 NONAME ; #<VT>#
+ _Z24ImplementationGroupProxyRi @ 31 NONAME
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/data/101F6D31.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,45 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* ECOM plugin resource file for VPN Management Ui plugin.
+*
+*/
+
+
+#include <ecom/registryinfo.rh>
+
+
+RESOURCE REGISTRY_INFO theInfo
+ {
+ dll_uid = 0x101F6D31; // Plugin dll UID
+ interfaces =
+ {
+ INTERFACE_INFO
+ {
+ interface_uid = 0x10207236; // UID for CGSPluginInterface
+ implementations =
+ {
+ IMPLEMENTATION_INFO
+ {
+ implementation_uid = 0x101F6D32; // Plugin UID
+ version_no = 1;
+ display_name = "VPN Management Ui Plugin"; // Plugin debug name
+ default_data = "0x200255B9"; // Parent UID (Connection View)
+ opaque_data = "60"; // Order number
+ }
+ };
+ }
+ };
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/data/vpnmanagementuirsc.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,1252 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for project vpnmanagementui
+*
+*/
+
+
+
+// RESOURCE IDENTIFIER
+NAME VPNM // 4 letter ID
+
+// INCLUDES
+#include <eikon.rh>
+#include <avkon.rsg>
+#include <avkon.rh>
+#include <avkon.mbg>
+#include <avkon.hrh>
+
+#include <avkon.loc>
+#include <vpnmanagementui.loc>
+#include <vpnnotifier.loc>
+
+#include <vpnmanagementui.mbg>
+
+#include "vpnmanagementui.hrh"
+
+// RESOURCE DEFINITIONS
+RESOURCE RSS_SIGNATURE { }
+
+RESOURCE TBUF { buf="vpnui"; }
+
+
+// **MANAGEMENT VIEW
+//----------------------------------------------------
+//
+// r_vpn_management_title
+// Management view's title.
+//
+//----------------------------------------------------
+//
+RESOURCE TITLE_PANE r_vpn_management_title
+ {
+ txt = qtn_vpn_management_title;
+ }
+
+RESOURCE TBUF r_vpn_management_title_buf
+ {
+ buf= qtn_set_folder_conn_vpn;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_management_view
+// ?description
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_VIEW r_vpnui_management_view
+ {
+ menubar=r_vpnui_menubar_management_view;
+ cba=R_AVKON_SOFTKEYS_SELECTION_LIST;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_open
+// MiddleSoftKey in vpn management view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_open
+ {
+ buf= qtn_msk_open;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_menubar_management_view
+// ?description
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_BAR r_vpnui_menubar_management_view
+ {
+ titles=
+ {
+ //MENU_TITLE { menu_pane=r_vpnui_app_menu; txt="App"; },
+ MENU_TITLE { menu_pane=r_vpnui_management_view_menu; txt="View"; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_management_view_menu
+// ?description
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_PANE r_vpnui_management_view_menu
+ {
+ items=
+ {
+ MENU_ITEM { command=EVpnUiCmdOpen; txt = qtn_set_options_open; flags = EEikMenuItemAction; },
+ #ifdef __SERIES60_HELP
+ MENU_ITEM { command = EAknCmdHelp; txt = qtn_options_help; },
+ #endif //__SERIES60_HELP
+
+ MENU_ITEM { command=EAknCmdExit; txt = qtn_options_exit; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_policies
+// First item in VPN management view's list
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_policies
+ {
+ buf= "\t"qtn_vpn_policies;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_policy_servers
+// Second item in VPN management view's list
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_policy_servers
+ {
+ buf= "\t"qtn_vpn_policy_servers;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_log
+// Third item in VPN management view's list
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_log
+ {
+ buf= "\t"qtn_vpn_log;
+ }
+
+// **VPN Policies view
+//----------------------------------------------------
+//
+// r_vpn_policies_title
+// VPN policies view's title
+//
+//----------------------------------------------------
+//
+RESOURCE TITLE_PANE r_vpn_policies_title
+ {
+ txt= qtn_vpn_policies_title;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_policies_view
+// VPN UI Policies View Menubar & Soft keys
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_VIEW r_vpnui_policies_view
+ {
+ menubar=r_vpnui_policies_view_menubar;
+ cba=R_AVKON_SOFTKEYS_OPTIONS_BACK;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_install_vpn_policies
+// MiddleSoftKey for empty policies view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_install_vpn_policies
+ {
+ buf= qtn_msk_install_vpn_policies;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_vpn_details
+// MiddleSoftKey for policies view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_vpn_details
+ {
+ buf= qtn_msk_vpn_details;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_policies_view_menubar
+// Menubar for VPN policies view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_BAR r_vpnui_policies_view_menubar
+ {
+ titles=
+ {
+ MENU_TITLE { menu_pane=r_vpnui_policies_view_menu; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_policies_view_menu
+// Menu pane for VPN policies view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_PANE r_vpnui_policies_view_menu
+ {
+ items=
+ {
+ MENU_ITEM {
+ command=EVpnUiCmdInstallPolicies;
+ txt = qtn_vpn_options_install_policies; },
+ MENU_ITEM {
+ command=EVpnUiCmdPolicyDetails;
+ txt = qtn_vpn_options_policy_details;
+ flags=EEikMenuItemSpecific;
+ },
+ MENU_ITEM {
+ command=EVpnUiCmdUpdatePolicy;
+ txt = qtn_vpn_options_update_policy; },
+ MENU_ITEM {
+ command=EVpnUiCmdDeletePolicy;
+ txt = qtn_vpn_options_delete_policy;
+ flags=EEikMenuItemSpecific;
+ },
+
+#ifdef __SERIES60_HELP
+ MENU_ITEM { command = EAknCmdHelp; txt = qtn_options_help; },
+#endif //__SERIES60_HELP
+
+ MENU_ITEM { command=EAknCmdExit; txt = qtn_options_exit; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_policies_empty
+// Empty Policy list text
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_policies_empty
+ {
+ buf = qtn_vpn_policies_empty;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_dl_policies_now
+// Install policies from server query
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_dl_policies_now
+ {
+ buf = qtn_vpn_quest_dl_policies_now;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_delete_policy
+// Delete a VPN policy query not associated
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_delete_policy
+ {
+ buf = qtn_vpn_quest_delete_policy;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_delete_policy_associated
+// Delete a VPN policy query associated
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_delete_policy_associated
+ {
+ buf = qtn_vpn_quest_delete_policy_associated;
+ }
+
+
+// **VPN policy servers view
+//----------------------------------------------------
+//
+// r_vpn_policy_servers_title
+// VPN policy servers view's title
+//
+//----------------------------------------------------
+//
+RESOURCE TITLE_PANE r_vpn_policy_servers_title
+ {
+ txt= qtn_vpn_policy_servers_title;
+ }
+
+
+//----------------------------------------------------
+//
+// r_vpnui_policy_servers_view
+// VPN UI Policy Server View Menubar & Soft keys
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_VIEW r_vpnui_policy_servers_view
+ {
+ menubar=r_vpnui_policy_servers_view_menubar;
+ cba=R_AVKON_SOFTKEYS_OPTIONS_BACK;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_add_vpn_server
+// MiddleSoftKey for servers view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_add_vpn_server
+ {
+ buf= qtn_msk_add_vpn_server;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_edit
+// MiddleSoftKey for servers view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_edit
+ {
+ buf= qtn_msk_edit;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_policy_servers_view_menubar
+// Menubar for VPN policy servers view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_BAR r_vpnui_policy_servers_view_menubar
+ {
+ titles=
+ {
+ MENU_TITLE { menu_pane=r_vpnui_policy_servers_view_menu; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_policy_servers_view_menu
+// Menu pane for VPN policy servers view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_PANE r_vpnui_policy_servers_view_menu
+ {
+ items=
+ {
+ MENU_ITEM {
+ command=EVpnUiCmdEditServer;
+ txt = qtn_vpn_options_edit_server; },
+ MENU_ITEM {
+ command=EVpnUiCmdAddServer;
+ txt = qtn_vpn_options_add_new_server; },
+ MENU_ITEM {
+ command=EVpnUiCmdSynchronise;
+ txt = qtn_vpn_options_synchronise_server; },
+ MENU_ITEM {
+ command=EVpnUiCmdDeleteServer;
+ txt = qtn_vpn_options_delete_server; },
+
+#ifdef __SERIES60_HELP
+ MENU_ITEM { command = EAknCmdHelp; txt = qtn_options_help; },
+#endif //__SERIES60_HELP
+
+ MENU_ITEM { command=EAknCmdExit; txt = qtn_options_exit; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_policy_servers_empty
+// Empty Policy servers list text
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_policy_servers_empty
+ {
+ buf = qtn_vpn_policy_servers_empty;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_define_new_server
+// Define a policy server query
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_define_new_server
+ {
+ buf = qtn_vpn_quest_define_new_server;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_synchronise_server
+// Synchronise server query
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_synchronise_server
+ {
+ buf = qtn_vpn_quest_synchronise_server;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_delete_server
+// Delete a VPN policy server
+// No policies related to the server
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_delete_server
+ {
+ buf = qtn_vpn_quest_delete_server;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_delete_server_associated
+// Delete a VPN policy server
+// Policies related to the server
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_delete_server_associated
+ {
+ buf = qtn_vpn_quest_delete_server_associated;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_info_policy_server_in_use
+// Policy server currently in use information note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_info_policy_server_in_use
+ {
+ buf = qtn_vpn_info_policy_server_in_use;
+ }
+
+//----------------------------------------------------
+//
+// r_list_query
+// Policy server selection pop-up
+//
+//----------------------------------------------------
+//
+RESOURCE DIALOG r_list_query
+ {
+ flags=EGeneralQueryFlags;
+ buttons=R_AVKON_SOFTKEYS_SELECT_CANCEL;
+ items=
+ {
+ DLG_LINE
+ {
+ type = EAknCtListQueryControl;
+ id = EListQueryControl; //Avkon.hrh
+ control = AVKON_LIST_QUERY_CONTROL
+ {
+ listtype = EAknCtSinglePopupMenuListBox;
+ listbox = LISTBOX
+ {
+ flags = EAknListBoxMenuList;
+ };
+ heading = qtn_vpn_prmpt_policy_server_selection;
+ };
+ }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_msk_change
+// MiddleSoftKey in vpn server parameters view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_change
+ {
+ buf= qtn_msk_change;
+ }
+
+
+// **VPN log view
+//----------------------------------------------------
+//
+// r_vpn_log_title
+// VPN log view's title
+//
+//----------------------------------------------------
+//
+RESOURCE TITLE_PANE r_vpn_log_title
+ {
+ txt= qtn_vpn_log_title;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_log_view
+// VPN UI Log View Menubar & Soft keys
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_VIEW r_vpnui_log_view
+ {
+ menubar=r_vpnui_log_view_menubar;
+ cba=R_AVKON_SOFTKEYS_OPTIONS_BACK;
+ }
+
+//----------------------------------------------------
+//
+// r_msk_refresh_vpn_log
+// MiddleSoftKey for log view
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_msk_refresh_vpn_log
+ {
+ buf= qtn_msk_refresh_vpn_log;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnui_log_view_menubar
+// Menubar for VPN log view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_BAR r_vpnui_log_view_menubar
+ {
+ titles=
+ {
+ MENU_TITLE { menu_pane=r_vpnui_log_view_menu; txt="View log"; }
+ };
+ }
+
+
+//----------------------------------------------------
+//
+// r_vpnui_log_view_menu
+// Menu pane for VPN log view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_PANE r_vpnui_log_view_menu
+ {
+ items=
+ {
+ MENU_ITEM {
+ command=EVpnUiCmdLogDetails;
+ txt = qtn_logs_cmd_details;
+ flags=EEikMenuItemSpecific;
+ },
+ MENU_ITEM {
+ command=EVpnUiCmdRefreshLog;
+ txt = qtn_vpn_options_refresh_log; },
+ MENU_ITEM {
+ command=EVpnUiCmdClearLog;
+ txt = qtn_logs_cmd_clear_list; },
+
+#ifdef __SERIES60_HELP
+ MENU_ITEM { command = EAknCmdHelp; txt = qtn_options_help; },
+#endif //__SERIES60_HELP
+
+ MENU_ITEM { command=EAknCmdExit; txt = qtn_options_exit; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_log_empty
+// Empty VPN log list text
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_log_empty
+ {
+ buf = qtn_vpn_log_empty;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_clear_log
+// Clear a VPN log confirmation query
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_clear_log
+ {
+ buf = qtn_vpn_quest_clear_log;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_navi_client_version
+// Version text in VPN log navi pane
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_navi_client_version
+ {
+ buf = qtn_vpn_navi_client_version;
+ }
+
+
+//----------------------------------------------------
+//
+// r_vpn_log_icon_array
+// Icons in the vpn log view.
+//
+//----------------------------------------------------
+//
+RESOURCE AKN_ICON_ARRAY r_vpn_log_icon_array
+ {
+ bmpfile = "\\resource\\apps\\vpnmanagementui.mbm";
+
+ icons =
+ {
+ AKN_ICON
+ {
+ iconId = EMbmVpnmanagementuiQgn_prop_vpn_log_info;
+ maskId = EMbmVpnmanagementuiQgn_prop_vpn_log_info_mask;
+ },
+ AKN_ICON
+ {
+ iconId = EMbmVpnmanagementuiQgn_prop_vpn_log_warn;
+ maskId = EMbmVpnmanagementuiQgn_prop_vpn_log_warn_mask;
+ },
+ AKN_ICON
+ {
+ iconId = EMbmVpnmanagementuiQgn_prop_vpn_log_error;
+ maskId = EMbmVpnmanagementuiQgn_prop_vpn_log_error_mask;
+ }
+ };
+ }
+
+
+// **VPN Policy and VPN log details
+//----------------------------------------------------
+//
+// r_message_query_details_view
+// VPN policy and VPN log details message query
+//
+//----------------------------------------------------
+//
+RESOURCE DIALOG r_message_query_details_view
+ {
+ flags = EGeneralQueryFlags | EEikDialogFlagNoBorder | EEikDialogFlagNoShadow;
+ buttons = R_AVKON_SOFTKEYS_OK_EMPTY;
+ items=
+ {
+ DLG_LINE
+ {
+ type = EAknCtPopupHeadingPane;
+ id = EAknMessageQueryHeaderId;
+ control = AVKON_HEADING
+ {
+ };
+ },
+ DLG_LINE
+ {
+ type = EAknCtMessageQuery;
+ id = EAknMessageQueryContentId;
+ control = AVKON_MESSAGE_QUERY
+ {
+ };
+ }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_confirmation_query
+// Confirmation query
+//
+//----------------------------------------------------
+//
+RESOURCE DIALOG r_confirmation_query
+ {
+ flags=EGeneralQueryFlags;
+ buttons=R_AVKON_SOFTKEYS_YES_NO;
+ items=
+ {
+ DLG_LINE
+ {
+ type=EAknCtQuery;
+ id=EGeneralQuery;
+ control= AVKON_CONFIRMATION_QUERY
+ {
+ layout = EConfirmationLayout;
+ };
+ }
+ };
+ }
+
+//***************************
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_description
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_description
+ {
+ buf = qtn_vpn_detail_policy_description;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_status
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_status
+ {
+ buf = qtn_vpn_detail_policy_status;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_cert_status
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_cert_status
+ {
+ buf = qtn_vpn_detail_cert_status;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_name
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_name
+ {
+ buf = qtn_vpn_detail_policy_name;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_source_server_name
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_source_server_name
+ {
+ buf = qtn_vpn_detail_source_server_name;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_update_time
+// Text for detail's topic
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_update_time
+ {
+ buf = qtn_vpn_detail_policy_update_time;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_not_associated
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_not_associated
+ {
+ buf = qtn_vpn_detail_policy_not_associated;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_associated
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_associated
+ {
+ buf = qtn_vpn_detail_policy_associated;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_policy_active
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_policy_active
+ {
+ buf = qtn_vpn_detail_policy_active;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_cert_status_ok
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_cert_status_ok
+ {
+ buf = qtn_vpn_detail_cert_status_ok;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_cert_status_expired
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_cert_status_expired
+ {
+ buf = qtn_vpn_detail_cert_status_expired;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_cert_status_missing
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_cert_status_missing
+ {
+ buf = qtn_vpn_detail_cert_status_missing;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_cert_status_not_yet_valid
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_cert_status_not_yet_valid
+ {
+ buf = qtn_vpn_detail_cert_status_not_yet_valid;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_log_entry_info
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_log_entry_info
+ {
+ buf = "Information:";
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_log_entry_warning
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_log_entry_warning
+ {
+ buf = "Warning:";
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_detail_log_entry_error
+// Text for detailed info
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_detail_log_entry_error
+ {
+ buf = "Error:";
+ }
+
+// **VPN Policy server parameters view
+
+//----------------------------------------------------
+//
+// r_vpnmanagementui_server_parameters_view
+// Server parameters view Menubar & Soft keys
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_VIEW r_vpnmanagementui_server_parameters_view
+ {
+ menubar=r_vpnmanagementui_server_parameters_view_menubar;
+ cba=R_AVKON_SOFTKEYS_OPTIONS_BACK;
+ }
+
+//----------------------------------------------------
+//
+// r_vpnmanagementui_server_parameters_view_menubar
+// Menubar for VPN policy server parameters view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_BAR r_vpnmanagementui_server_parameters_view_menubar
+ {
+ titles=
+ {
+ MENU_TITLE { menu_pane=r_vpnmanagementui_server_parameters_view_menu; txt="View parameters"; }
+ };
+ }
+
+//----------------------------------------------------
+//
+// r_vpnmanagementui_server_parameters_view_menu
+// Menu pane for VPN policy server parameters view
+//
+//----------------------------------------------------
+//
+RESOURCE MENU_PANE r_vpnmanagementui_server_parameters_view_menu
+ {
+ items=
+ {
+ MENU_ITEM { command=EVpnUiCmdChange;txt = qtn_set_options_change; },
+
+#ifdef __SERIES60_HELP
+ MENU_ITEM { command = EAknCmdHelp; txt = qtn_options_help; },
+#endif //__SERIES60_HELP
+
+ MENU_ITEM { command=EAknCmdExit; txt = qtn_options_exit; }
+ };
+ }
+
+//----------------------------------------------------
+// r_text_resource_server_parameters_view_empty_list
+//----------------------------------------------------
+//
+RESOURCE TBUF r_text_resource_server_parameters_view_empty_list
+ {
+ buf = qtn_log_empty_list;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_quest_incomplete_server_def_delete
+// Incomplete VPN policy server definition query
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_quest_incomplete_server_def_delete
+ {
+ buf = qtn_vpn_quest_incomplete_server_def_delete;
+ }
+
+//----------------------------------------------------
+//
+// r_fldr_name_already_used
+// Name already in use note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_fldr_name_already_used
+ {
+ buf = qtn_fldr_name_already_used;
+ }
+
+
+// **VPN policy server name text setting page
+//----------------------------------------------------
+//
+// r_server_name_setting_page
+//----------------------------------------------------
+//
+RESOURCE AVKON_SETTING_PAGE r_server_name_setting_page
+ {
+ label= qtn_vpn_sett_policy_server_name;
+ softkey_resource = R_AVKON_SOFTKEYS_OK_CANCEL;
+ type = EEikCtEdwin;
+ editor_resource_id = r_server_name_edwin;
+ }
+
+//----------------------------------------------------
+//
+// r_server_name_edwin
+// Server name editor.
+//
+//----------------------------------------------------
+//
+RESOURCE EDWIN r_server_name_edwin
+ {
+ width = 9;
+ lines = 5;
+ maxlength = 30;
+ allowed_input_modes = EAknEditorTextInputMode |EAknEditorNumericInputMode;
+ avkon_flags = EAknEditorFlagNoT9;
+ flags= EEikEdwinNoLineOrParaBreaks;
+ }
+
+// **VPN policy server address text setting page
+//----------------------------------------------------
+//
+// r_server_address_setting_page
+//
+//
+//----------------------------------------------------
+//
+RESOURCE AVKON_SETTING_PAGE r_server_address_setting_page
+ {
+ label= qtn_vpn_sett_policy_server_address;
+ softkey_resource = R_AVKON_SOFTKEYS_OK_CANCEL;
+ type = EEikCtEdwin;
+ editor_resource_id = r_server_address_edwin;
+ }
+
+//----------------------------------------------------
+//
+// r_server_address_edwin
+// Server address editor.
+//
+//----------------------------------------------------
+//
+RESOURCE EDWIN r_server_address_edwin
+ {
+ width = 9;
+ lines = 5;
+ maxlength = 512;
+ numeric_keymap=EAknEditorCalculatorNumberModeKeymap;
+ allowed_input_modes = EAknEditorTextInputMode |EAknEditorNumericInputMode;
+ default_input_mode = EAknEditorTextInputMode;
+ special_character_table = R_AVKON_URL_SPECIAL_CHARACTER_TABLE_DIALOG;
+ default_case = EAknEditorLowerCase;
+ allowed_case_modes = EAknEditorLowerCase | EAknEditorUpperCase;
+ avkon_flags = EAknEditorFlagNoT9 | EAknEditorFlagLatinInputModesOnly;
+ flags= EEikEdwinAutoSelection | EAknEditorLowerCase | EEikEdwinNoLineOrParaBreaks;
+ }
+
+// *****************************************************
+// **CONFIRMATION QUERIES
+
+// **CONFIRMATION NOTES
+//----------------------------------------------------
+//
+// r_vpn_conf_policy_server_sync_ok
+// VPN synchronisation OK confirmation note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_conf_policy_server_sync_ok
+ {
+ buf = qtn_vpn_conf_policy_server_sync_ok;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_conf_policy_update_complete
+// VPN policy update OK confirmation note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_conf_policy_update_complete
+ {
+ buf = qtn_vpn_conf_policy_update_complete;
+ }
+
+// **INFORMATION NOTES
+
+//----------------------------------------------------
+//
+// r_vpn_info_cannot_modify_server_def
+// Cannot be modified information note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_info_cannot_modify_server_def
+ {
+ buf = qtn_vpn_info_cannot_modify_server_def;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_info_policy_dl_error
+// Policy update failed information note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_info_policy_dl_error
+ {
+ buf = qtn_vpn_info_policy_dl_error;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_info_server_cert_expired
+// Server certificate expired information note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_info_server_cert_expired
+ {
+ buf = qtn_vpn_info_server_cert_expired;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_info_policy_server_sync_error
+// Synchronisation failed information note
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_info_policy_server_sync_error
+ {
+ buf = qtn_vpn_info_policy_server_sync_error;
+ }
+
+
+// **WAIT NOTES
+
+//----------------------------------------------------
+//
+// r_vpn_connecting_via_ap
+// wait note text for synchronise and update notes
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_connecting_via_ap
+ {
+ buf = qtn_vpn_connecting_via_ap;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_wait_policy_dl_processing
+// wait note text for synchronise and update notes
+//
+//----------------------------------------------------
+//
+RESOURCE TBUF r_vpn_wait_policy_dl_processing
+ {
+ buf = qtn_vpn_wait_policy_dl_processing;
+ }
+
+//----------------------------------------------------
+//
+// r_vpn_wait_note
+// wait note for synchronise and update process
+//
+//----------------------------------------------------
+//
+RESOURCE DIALOG r_vpn_wait_note
+ {
+ flags = EAknProgressNoteFlags;
+ buttons = R_AVKON_SOFTKEYS_CANCEL;
+ items =
+ {
+ DLG_LINE
+ {
+ type = EAknCtNote;
+ id = EVpnUiWaitNote;
+ control= AVKON_NOTE
+ {
+ layout = EWaitLayout;
+ singular_label = "";
+ plural_label = "";
+ animation = R_QGN_GRAF_WAIT_BAR_ANIM;
+ };
+ }
+ };
+ }
+
+//------------------------------------------------------------------------------
+// r_vpn_server_setting_list
+//------------------------------------------------------------------------------
+//
+RESOURCE AVKON_SETTING_ITEM_LIST r_vpn_server_setting_list
+ {
+ items =
+ {
+ AVKON_SETTING_ITEM
+ {
+ identifier = EVpnUiSettingServerName;
+ setting_page_resource = r_server_name_setting_page;
+ name = qtn_vpn_sett_policy_server_name;
+ empty_item_text = qtn_selec_sett_val_field_none;
+ },
+ AVKON_SETTING_ITEM
+ {
+ identifier = EVpnUiSettingServerAddress;
+ setting_page_resource = r_server_address_setting_page;
+ name = qtn_vpn_sett_policy_server_address;
+ empty_item_text = qtn_set_compulsory;
+ compulsory_ind_string = "*";
+ },
+ AVKON_SETTING_ITEM
+ {
+ identifier = EVpnUiSettingIap;
+ name = qtn_vpn_sett_vpn_iap_real_netw_reference;
+ empty_item_text = qtn_set_compulsory;
+ compulsory_ind_string = "*";
+ }
+
+ };
+ }
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,41 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Build information file for vpnmanagementui
+*
+*/
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+// export localised loc file
+../loc/vpnmanagementui.loc MW_LAYER_LOC_EXPORT_PATH(vpnmanagementui.loc)
+
+PRJ_MMPFILES
+
+vpnmanagementui.mmp
+
+PRJ_EXTENSIONS
+
+START EXTENSION s60/mifconv
+OPTION TARGETFILE vpnmanagementui.mif
+OPTION HEADERFILE vpnmanagementui.mbg
+OPTION SOURCES -c8,8 qgn_prop_vpn_log_info \
+ -c8,8 qgn_prop_vpn_log_warn \
+ -c8,8 qgn_prop_vpn_log_error \
+ -c16,8 qgn_prop_set_conn_vpn
+END
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/group/vpnmanagementui.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,132 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnmanagementui
+*
+*/
+
+#include <data_caging_paths.hrh>
+#include <platform_paths.hrh>
+#include <iconlocations.hrh>
+
+TARGET vpnmanagementui.dll
+TARGETTYPE PLUGIN
+UID 0x10009D8D 0x101F6D31
+
+CAPABILITY CAP_ECOM_PLUGIN
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../data
+
+//ECOM resource definition
+START RESOURCE 101F6D31.rss
+TARGET vpnmanagementui.rsc
+END
+
+START RESOURCE vpnmanagementuirsc.rss
+HEADER
+TARGETPATH RESOURCE_FILES_DIR
+LANGUAGE_IDS
+END
+
+SOURCEPATH ../src
+SOURCE vpnmanagementuiview.cpp
+SOURCE vpnmanagementuicontainer.cpp
+SOURCE vpnmanagementuipolicyview.cpp
+SOURCE vpnmanagementuiserverview.cpp
+SOURCE vpnmanagementuilogview.cpp
+SOURCE vpnmanagementuipolicycontainer.cpp
+SOURCE vpnmanagementuiservercontainer.cpp
+SOURCE vpnmanagementuilogcontainer.cpp
+SOURCE vpnmanagementuiserversettingscontainer.cpp
+SOURCE vpnmanagementuiserversettingsview.cpp
+SOURCE vpnuiloader.cpp
+SOURCE vpnapiwrapper.cpp
+SOURCE vpnmanagementuiimplementationtable.cpp
+SOURCE serversettingconnectionsettingitem.cpp
+
+USERINCLUDE . ../inc
+USERINCLUDE ../data
+USERINCLUDE ../../../vpnengine/pkiserviceapi/inc
+USERINCLUDE ../../../vpnengine/eventmediatorapi/inc
+USERINCLUDE ../../../vpnengine/vpnmanager/inc
+USERINCLUDE ../../../vpnengine/kmdserver/inc
+USERINCLUDE ../../../vpnengine/eventviewer/inc
+USERINCLUDE ../../../vpnapiimpl/inc
+USERINCLUDE ../../../vpnengine/vpncommon/inc //for logcommon.h
+USERINCLUDE ../../vpnecomnotifier/data
+
+MW_LAYER_SYSTEMINCLUDE
+APP_LAYER_SYSTEMINCLUDE
+
+LIBRARY commonengine.lib // StringLoader.h
+LIBRARY eikctl.lib // markable icons
+LIBRARY euser.lib
+LIBRARY GSFramework.lib
+LIBRARY GSEcomPlugin.lib
+LIBRARY cone.lib
+LIBRARY eikcore.lib
+LIBRARY eikcoctl.lib
+LIBRARY avkon.lib
+LIBRARY bafl.lib
+LIBRARY commdb.lib
+LIBRARY efsrv.lib
+LIBRARY sysutil.lib
+LIBRARY commonui.lib
+LIBRARY vpnapi.lib
+LIBRARY eventmedapi.lib
+LIBRARY eventviewer.lib
+LIBRARY centralrepository.lib
+LIBRARY cmmanager.lib
+#ifdef __SCALABLE_ICONS
+LIBRARY AknSkins.lib
+#endif //__SCALABLE_ICONS
+DEBUGLIBRARY flogger.lib
+
+#ifdef __SERIES60_HELP
+LIBRARY hlplch.lib // for "Help" options menu
+#endif //__SERIES60_HELP
+
+#ifndef __SCALABLE_ICONS
+// Bitmaps for VPN log view
+START BITMAP vpnmanagementui.mbm
+HEADER
+
+SOURCEPATH S60_SRC_BITMAP_DIR
+
+TARGETPATH RESOURCE_FILES_DIR
+
+// VPN log icons
+SOURCE c8 qgn_prop_vpn_log_info.bmp // Information
+SOURCE c8 qgn_prop_vpn_log_warn.bmp // Warning
+SOURCE c8 qgn_prop_vpn_log_error.bmp // Error
+
+// VPN GS listbox icon
+SOURCE c16 qgn_prop_set_conn_vpn.bmp
+
+// Masks for VPN log icons
+SOURCE c8 qgn_prop_vpn_log_info_mask.bmp // Information
+SOURCE c8 qgn_prop_vpn_log_warn_mask.bmp // Warning
+SOURCE c8 qgn_prop_vpn_log_error_mask.bmp // Error
+
+// Mask for VPN GS listbox icon
+SOURCE c8 qgn_prop_set_conn_vpn_mask.bmp
+
+END
+
+// - used only by Codewarrior for convenience.
+DOCUMENT 101F6D31.rss
+
+#endif
+
+// end of file
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/group/vpnmanagementuiicons.mk Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+#
+# Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description: VpnManagementUi icons.
+#
+
+ifeq (WINS,$(findstring WINS, $(PLATFORM)))
+ZDIR=\epoc32\release\$(PLATFORM)\$(CFG)\Z
+else
+ZDIR=\epoc32\data\z
+endif
+
+TARGETDIR=$(ZDIR)\SYSTEM\Data
+HEADERDIR=\epoc32\include
+ICONTARGETFILENAME=$(TARGETDIR)\VpnManagementUi.MIF
+HEADERFILENAME=$(HEADERDIR)\VpnManagementUi.MBG
+
+do_nothing :
+ @rem do_nothing
+
+MAKMAKE : do_nothing
+
+BLD : do_nothing
+
+CLEAN : do_nothing
+
+LIB : do_nothing
+
+CLEANLIB : do_nothing
+
+# ----------------------------------------------------------------------------
+# NOTE 1: DO NOT DEFINE MASK FILE NAMES! They are included automatically by
+# MifConv if the mask detph is defined.
+#
+# NOTE 2: Usually, source paths should not be included in the bitmap
+# definitions. MifConv searches for the icons in all icon directories in a
+# predefined order, which is currently \s60\icons, \s60\bitmaps2.
+# The directory \s60\icons is included in the search only if the feature flag
+# __SCALABLE_ICONS is defined.
+# ----------------------------------------------------------------------------
+
+RESOURCE :
+ mifconv $(ICONTARGETFILENAME) /h$(HEADERFILENAME) \
+ /c8,8 qgn_prop_vpn_log_info.bmp \
+ /c8,8 qgn_prop_vpn_log_warn.bmp \
+ /c8,8 qgn_prop_vpn_log_error.bmp \
+ /c16,8 qgn_prop_set_conn_vpn.bmp
+
+FREEZE : do_nothing
+
+SAVESPACE : do_nothing
+
+RELEASABLES :
+ @echo $(HEADERFILENAME)&& \
+ @echo $(ICONTARGETFILENAME)
+
+FINAL : do_nothing
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/group/vpnmanagementuiicons_dc.mk Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,67 @@
+#
+# Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies).
+# All rights reserved.
+# This component and the accompanying materials are made available
+# under the terms of "Eclipse Public License v1.0"
+# which accompanies this distribution, and is available
+# at the URL "http://www.eclipse.org/legal/epl-v10.html".
+#
+# Initial Contributors:
+# Nokia Corporation - initial contribution.
+#
+# Contributors:
+#
+# Description: VpnManagementUi icons.
+#
+
+ifeq (WINS,$(findstring WINS, $(PLATFORM)))
+ZDIR=\epoc32\release\$(PLATFORM)\$(CFG)\Z
+else
+ZDIR=\epoc32\data\z
+endif
+
+TARGETDIR=$(ZDIR)\resource\apps
+HEADERDIR=\epoc32\include
+ICONTARGETFILENAME=$(TARGETDIR)\VpnManagementUi.MIF
+HEADERFILENAME=$(HEADERDIR)\VpnManagementUi.MBG
+
+do_nothing :
+ @rem do_nothing
+
+MAKMAKE : do_nothing
+
+BLD : do_nothing
+
+CLEAN : do_nothing
+
+LIB : do_nothing
+
+CLEANLIB : do_nothing
+
+# ----------------------------------------------------------------------------
+# NOTE 1: DO NOT DEFINE MASK FILE NAMES! They are included automatically by
+# MifConv if the mask detph is defined.
+#
+# NOTE 2: Usually, source paths should not be included in the bitmap
+# definitions. MifConv searches for the icons in all icon directories in a
+# predefined order, which is currently \s60\icons, \s60\bitmaps2.
+# The directory \s60\icons is included in the search only if the feature flag
+# __SCALABLE_ICONS is defined.
+# ----------------------------------------------------------------------------
+
+RESOURCE :
+ mifconv $(ICONTARGETFILENAME) /h$(HEADERFILENAME) \
+ /c8,8 qgn_prop_vpn_log_info.bmp \
+ /c8,8 qgn_prop_vpn_log_warn.bmp \
+ /c8,8 qgn_prop_vpn_log_error.bmp \
+ /c16,8 qgn_prop_set_conn_vpn.bmp
+
+FREEZE : do_nothing
+
+SAVESPACE : do_nothing
+
+RELEASABLES :
+ @echo $(HEADERFILENAME)&& \
+ @echo $(ICONTARGETFILENAME)
+
+FINAL : do_nothing
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/log_vpnmanagementui.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,27 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Logging utility.
+*
+*/
+
+
+
+#if !defined(__LOG_VPNMANAGEMENTUI_H__)
+#define __LOG_VPNMANAGEMENTUI_H__
+
+_LIT(KLogFile,"vpnmanagementui.txt");
+
+#include "logcommon.h"
+
+#endif // __LOG_VPNMANAGEMENTUI_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/serversettingconnectionsettingitem.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,54 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Custom setting item for selectin used connection
+*
+*/
+
+
+
+#ifndef SERVER_SETTING_CONNECTION_SETTING_ITEM_H
+#define SERVER_SETTING_CONNECTION_SETTING_ITEM_H
+
+#include <e32base.h>
+#include <aknsettingitemlist.h>
+#include <cmapplicationsettingsui.h>
+
+/**
+ * A custom setting for selecting the used destination or connection method.
+ */
+class CServerSettingConnectionSettingItem : public CAknSettingItem
+ {
+public:
+
+ CServerSettingConnectionSettingItem(TInt aIdentifier, TCmSettingSelection& aSelection);
+ virtual ~CServerSettingConnectionSettingItem();
+
+
+ void StoreL();
+ void LoadL();
+ void EditItemL( TBool aCalledFromMenu );
+
+ const TDesC& SettingTextL();
+
+private:
+
+ void UpdateSettingTextL();
+
+ TCmSettingSelection& iExternalValue;
+ TCmSettingSelection iInternalValue;
+
+ HBufC* iSettingText;
+ };
+
+#endif // SERVER_SETTING_CONNECTION_SETTING_ITEM_H
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/uirunner.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,78 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* The UI runner interface that applications can use to launch UI
+* implementations.
+*
+*/
+
+#ifndef __UI_RUNNER_H__
+#define __UI_RUNNER_H__
+
+#include <e32base.h>
+
+// The second UID for DLLs that implement
+// the UI runner interface.
+const TInt KUiRunnerUidValue = 0x10200EC4;
+const TUid KUiRunnerUid = { KUiRunnerUidValue };
+
+/**
+ * Flags that indicate how the UI launched through
+ * the UI runner interface completes. These flags
+ * are returned to the calling application in the
+ * aUirEvent parameter of the UiComplete call. The
+ * flags can be combined if needed.
+ */
+const TInt KUirEventNone = 0x00000000; // UI left with the Back button
+const TInt KUirEventExitRequested = 0x00000020; // UI left with Options->Exit
+
+/**
+ * UI observation interface. An application that
+ * uses the UI runner interface to launch a certain
+ * UI must have an object that implements this
+ * interface and pass a pointer to this object
+ * in the RunUiL method (see below). The UI
+ * implementation will call the UiComplete method
+ * of this interface when the user leaves the UI.
+ */
+class MUiRunnerObserver
+ {
+public:
+ virtual void UiComplete(TInt aUirEvent) = 0;
+ };
+
+/**
+ * The UI runner interface that applications
+ * can use to launch UI implementations.
+ */
+class CUiRunner : public CBase
+ {
+public:
+ /**
+ * Second-phase constructor
+ */
+ virtual void ConstructL() = 0;
+
+ /**
+ * Runs the UI, ASYNCHRONOUS.
+ *
+ * @param A pointer to an object that implements the
+ * MUiRunnerObserver interface. The UI implementation
+ * will call the UiComplete method of this interface
+ * when the user leaves the UI.
+ */
+ virtual void RunUiL(MUiRunnerObserver* aObserver) = 0;
+ };
+
+#endif // __UI_RUNNER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnapiwrapper.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,123 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnApiWrapper class.
+*
+*/
+
+#ifndef __VPNAPIWRAPPER_H__
+#define __VPNAPIWRAPPER_H__
+
+#include <e32base.h>
+#include "vpnapi.h"
+
+
+class MVpnApiWrapperCaller
+ {
+public:
+ virtual void NotifyPolicyImportComplete(TInt aResult) = 0;
+ };
+
+/**
+ * The class definitions for CVpnApiWrapper -
+ * Wrapper class for VPN API calls
+ */
+class CVpnApiWrapper : public CActive
+ {
+public:
+ /**
+ * NewL method starts the standard two phase construction.
+ */
+ static CVpnApiWrapper* NewL();
+
+ /**
+ * Destructor
+ */
+ ~CVpnApiWrapper();
+
+ CArrayFixFlat<TVpnPolicyInfo>* PolicyListL();
+
+ /**
+ * Deletes the specified policy.
+ *
+ * @param aPolicyIndex Index of the listbox in the policy view
+ */
+ void DeletePolicyL(TInt aPolicyIndex);
+
+ /**
+ * Gets detailed information about the specified policy.
+ *
+ * @param aPolicyIndex Index of the listbox in the policy view
+ *
+ * @param aPolicyDetails [out] Policy information structure
+ */
+ void GetPolicyDetailsL(
+ TInt aPolicyIndex, TVpnPolicyDetails& aPolicyDetails);
+
+ /**
+ * Imports a new VPN policy to the policy store.
+ *
+ * @param aImportDir An absolute path to the VPN policy files directory
+ *
+ * @param aCaller
+ */
+ void ImportPolicyL(
+ const TDesC& aImportDir, MVpnApiWrapperCaller* aCaller);
+
+ /**
+ * Gets the last update time of the specified policy.
+ * @param aPolicyIndex Index of the listbox in the policy view.
+ * @param aTime Last update time to be returned.
+ * @return Returns KErrNone if succeed.
+ * Otherwise it returns KErrNotFound.
+ */
+ TInt GetLastUpdateTime(TInt aPolicyIndex, TTime& aTime);
+
+protected: // From CActive
+ void DoCancel();
+ void RunL();
+
+private:
+ /**
+ * Constructor
+ */
+ CVpnApiWrapper();
+
+ /**
+ * Second phase constructor
+ */
+ void ConstructL();
+
+ /**
+ * Builds the list of the installed policies.
+ */
+ void BuildPolicyListL();
+
+private:
+
+ enum TTask
+ {
+ ETaskNone = 1,
+ ETaskImportPolicies
+ };
+
+ RVpnApi iVpnApi;
+
+ CArrayFixFlat<TVpnPolicyInfo>* iPolicyList;
+ TFileName iImportDir;
+
+ TTask iOngoingTask;
+ MVpnApiWrapperCaller* iCaller;
+ };
+
+#endif // __VPNAPIWRAPPER_H__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementui.hrh Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,54 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource headers for project vpnmanagementui
+*
+*/
+
+
+
+#ifndef VPNMANAGEMENTUI_HRH
+#define VPNMANAGEMENTUI_HRH
+
+enum TVpnUiCommandIds
+ {
+ EVpnUiCmdInstallPolicies = 1,
+ EVpnUiCmdPolicyDetails,
+ EVpnUiCmdDeletePolicy,
+ EVpnUiCmdUpdatePolicy,
+ EVpnUiCmdEditServer,
+ EVpnUiCmdAddServer,
+ EVpnUiCmdSynchronise,
+ EVpnUiCmdDeleteServer,
+ EVpnUiCmdLogDetails,
+ EVpnUiCmdClearLog,
+ EVpnUiCmdRefreshLog,
+ EVpnUiCmdChangePassword,
+ EVpnUiCmdChange,
+ EVpnUiCmdOpen
+ };
+
+enum TVpnUiSettingItems
+ {
+ EVpnUiSettingServerName,
+ EVpnUiSettingServerAddress,
+ EVpnUiSettingIap
+ };
+
+
+enum TVpnUiCtrlIds
+ {
+ EVpnUiWaitNote = 1
+ };
+
+#endif // VPNUI_HRH
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuicontainer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,146 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiContainer class.
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUICONTAINER_H__
+#define __VPNMANAGEMENTUICONTAINER_H__
+
+// INCLUDES
+#include <coecntrl.h>
+#include "vpnmanagementuiview.h"
+
+// FORWARD DECLARATIONS
+class CEikTextListBox;
+
+// CLASS DECLARATION
+
+/**
+* CVpnManagementUiContainer container control class.
+*
+*/
+class CVpnManagementUiContainer : public CCoeControl, public MCoeControlObserver
+ {
+ /**
+ * Container needs to get access to CVpnManagementUiView's DoActivateL
+ */
+ friend void CVpnManagementUiView::DoActivateL(const TVwsViewId&, TUid, const TDesC8&);
+
+ public: // Constructors and destructor
+
+ /**
+ * Overrided Default constructor
+ */
+ CVpnManagementUiContainer(CVpnManagementUiView& aParent, CVpnUiLoader& aLoader);
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiContainer();
+
+ /**
+ * Draws listbox
+ */
+ void DrawListBoxL(TInt aCurrentPosition, TInt aTopItem);
+
+ /**
+ * From CCoeControl
+ */
+ void HandleResourceChange( TInt aType );
+
+
+ public: // New functions
+
+ public: // Functions from base classes
+
+ private: // Functions from base classes
+
+ /**
+ * Symbian OS default constructor.
+ * @param aRect Frame rectangle for container.
+ */
+ void ConstructL(const TRect& aRect);
+
+ /**
+ * From CoeControl,SizeChanged.
+ */
+ void SizeChanged();
+
+ /**
+ * From CoeControl,CountComponentControls.
+ */
+ TInt CountComponentControls() const;
+
+ /**
+ * From CCoeControl,ComponentControl.
+ */
+ CCoeControl* ComponentControl(TInt aIndex) const;
+
+ /**
+ * Handles control events
+ *
+ * event handling section
+ * e.g Listbox events
+ */
+ void HandleControlEventL(CCoeControl* aControl,TCoeEvent aEventType);
+
+ /**
+ * Handles the key events OK button, arrow keys, delete key.
+ */
+ TKeyResponse OfferKeyEventL(const TKeyEvent& aKeyEvent, TEventCode aType);
+
+ void TitlePaneTextsL();
+
+ /**
+ * Creates listbox, sets empty listbox text
+ */
+ void CreateListBoxL();
+
+ void ShowItemsL();
+
+ #ifdef __SERIES60_HELP
+ /**
+ * This function is called when Help application is launched.
+ * (other items were commented in a header).
+ */
+ void GetHelpContext(TCoeHelpContext& aContext) const;
+ #endif //__SERIES60_HELP
+
+ public: //data
+
+ CEikTextListBox* iListBox;
+
+ /**
+ * To get hold of View
+ */
+ CVpnManagementUiView& iParent;
+
+ /**
+ * To get hold of CVpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To store the list item count
+ */
+ TInt iListItemCount;
+
+ };
+
+#endif // __VPNUIMANAGEMENTCONTAINER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuidefs.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,88 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Common definitions of the vpnmanagementui.dll
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUIDEFS_H__
+#define __VPNMANAGEMENTUIDEFS_H__
+
+// INCLUDES
+#include <bldvariant.hrh>
+
+#include <eikmenub.h> // for menu and cba support
+#include <aknnavide.h>
+#include <akntabgrp.h>
+#include <akntitle.h>
+#include <aknlists.h>
+#include <aknViewAppUi.h>
+#include <barsread.h> // for TResourceReader
+#include <StringLoader.h>
+
+// _LITS
+_LIT(KVpnManagementUiEnter, "\n");
+_LIT(KVpnManagementUiEnterTwice, "\n\n");
+_LIT(KVpnManagementUiSpaceHyphenSpace, " - ");
+_LIT(KVpnManagementUiSpace, " ");
+
+_LIT(KIpsecAcuPlugInDllName, "ipsecacuplugin.dll");
+
+// Pathname of the MBM file containing icons for VPN Log view
+_LIT( KVpnLogIcons, "\\resource\\apps\\VpnManagementUi.mbm" );
+
+// FORWARD DECLARATIONS
+// CONSTS
+const TUid KUidVpnManagementUi = { 0x10200EC4 }; //UID of dll for help
+const TUid KUidIpsecAcuPlugIn = { 0x101F6EB8 };
+
+const TInt KChangeViewBack = -2;
+const TInt KChangeViewPrevious = -1;
+const TInt KChangeViewPolicy = 0;
+const TInt KChangeViewServer = 1;
+const TInt KChangeViewLog = 2;
+const TInt KChangeViewSettings = 3;
+
+// For setting the correct title
+const TInt KViewTitleManagementView = 4;
+const TInt KViewTitlePolicyView = 5;
+const TInt KViewTitleServerView = 6;
+const TInt KViewTitleLogView = 7;
+const TInt KViewTitleParametersView = 8;
+
+// Granularity of the created iconarrays
+LOCAL_D const TInt KGranularity = 4;
+
+// "dd/mm/yyyy0"
+const TInt KMaxLengthTextDateString = 11;
+// Maximum length of dynamic strings is 4092,
+// plus 13 resource strings with average lenght of 50 makes 650
+// total 4742 rounded up to 5000
+const TInt KMaxLengthTextDetailsBody = 5000;
+
+// Max length for ave_list_setting_pane_1 is 52 and
+// for ave_list_setting_pane_2 51 (formatting 7) , total 103 + end mark
+const TInt KMaxLengthTextSettListOneTwo = 104;
+// Max length for ave_list_setting_pane_1 is 52
+const TInt KMaxLengthTextSettListOne = 52;
+
+const TInt KMaxServerUrlLength = 512;
+const TInt KMaxServerNameLength = 30;
+const TInt KMaxUiSelectionNameLength = 50;
+
+const TInt KMaxLogListLength = 50;
+#endif // __VPNMANAGEMENTUIDEFS_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuilogcontainer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,239 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiLogContainer class.
+*
+*/
+
+
+
+
+#ifndef __VPNMANAGEMENTUILOGCONTAINER_H__
+#define __VPNMANAGEMENTUILOGCONTAINER_H__
+// INCLUDES
+#include "vpnmanagementuilogview.h"
+#include "eventviewer2.h"
+
+
+// FORWARD DECLARATIONS
+class CAknIconArray;
+
+// CLASS DECLARATION
+
+/**
+* CVpnManagementUiLogContainer container control class.
+*
+* @lib vpnmanagementui.lib
+*/
+class CVpnManagementUiLogContainer : public CCoeControl, MCoeControlObserver, MEikListBoxObserver
+ {
+
+ /**
+ * Policy Container needs to get access to CVpnManagementUiLogView's DoActivateL
+ */
+ friend void CVpnManagementUiLogView::DoActivateL(const TVwsViewId&, TUid, const TDesC8&);
+
+ public: // functions
+
+ /**
+ * Overrided Default constructor
+ */
+ CVpnManagementUiLogContainer(CVpnManagementUiLogView& aParent, CVpnUiLoader& aLoader);
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiLogContainer();
+
+ /**
+ * Change focus
+ */
+ void FocusChanged(TDrawNow aDrawNow);
+
+ /**
+ * From CCoeControl
+ */
+ void HandleResourceChange( TInt aType );
+
+ /**
+ * Draws listbox, fetches graphic icons for markable list
+ */
+ void DrawListBoxL(TInt aCurrentPosition, TInt aTopItem);
+
+ /**
+ * Gets previous log event and updates listbox.
+ * @return KErrNone or KErrNotFound.
+ */
+ TInt UpdateListBoxL(TInt& aCurrentPosition);
+
+ /**
+ * Handles listbox events
+ */
+ void HandleListBoxEventL(CEikListBox* aListBox, TListBoxEvent aEventType);
+
+ /**
+ * Gets list of Log events and displays them in listbox.
+ */
+ void ShowLogsL();
+
+ /**
+ * Creates the log details message query
+ * Appends strings from resource and eventviewer to one
+ * message body text and displays it.
+ */
+ void LogDetailsL(TInt aIndex);
+
+ /**
+ * Asks confirmation from user.
+ * Clears VPN log view.
+ * Calls eventviewer to clear log.
+ */
+ void ClearLogL();
+
+ public: // data
+
+ /**
+ * To handle listbox
+ * Cannot be private because CVpnManagementUiLogView uses it
+ */
+ CAknDoubleGraphicStyleListBox* iListBox;
+
+ /**
+ * To get hold of PolicyView
+ */
+ CVpnManagementUiLogView& iParent;
+
+ /**
+ * To get hold of CVpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To store the list item count
+ */
+ TInt iListItemCount;
+
+ private: // functions
+
+ /**
+ * Default constructor
+ */
+ CVpnManagementUiLogContainer();
+
+ /**
+ * Symbian OS default constructor.
+ * @param aRect Frame rectangle for container.
+ */
+ void ConstructL(const TRect& aRect, TInt& aCurrentPosition);
+
+ /**
+ * Creates listbox, sets empty listbox text
+ */
+ void CreateListBoxL();
+
+ /**
+ * Reads text from resource to empty log view
+ * and put text to the listbox.
+ */
+ void EmptyViewTextL();
+
+ /**
+ * Reads text from resource
+ */
+ void ReadResourceL(HBufC& aText, TInt aResource);
+
+ /**
+ * Removes all from listbox.
+ */
+ void RemoveAllFromListBoxL();
+
+ /**
+ * From CoeControl,SizeChanged.
+ */
+ void SizeChanged();
+
+ /**
+ * From CoeControl,CountComponentControls.
+ */
+ TInt CountComponentControls() const;
+
+ /**
+ * From CCoeControl,ComponentControl.
+ */
+ CCoeControl* ComponentControl(TInt aIndex) const;
+
+ /**
+ * Handles control events
+ *
+ * event handling section
+ * e.g Listbox events
+ */
+ void HandleControlEventL(CCoeControl* aControl,TCoeEvent aEventType);
+
+ /**
+ * Handles the key events OK button, arrow keys, delete key.
+ */
+ TKeyResponse OfferKeyEventL(const TKeyEvent& aKeyEvent, TEventCode aType);
+
+ /**
+ * Creates the iconarray. 0th icon is info icon,
+ * 1st icon is warning icon and 2nd icon is error icon.
+ * @return The created iconarray. Owner is the caller.
+ */
+ CAknIconArray* CreateIconArrayL() const;
+
+ /**
+ * Get resource id for the iconarray.
+ * @return The resource id for the icon array.
+ */
+ TInt IconArrayResourceId() const;
+
+ /**
+ * Get corresponding icon of category
+ * @param aCategory category of logtext
+ * @return The index of icon array.
+ */
+ TInt GetIconArrayIndex(TLogCategory2& aCategory);
+
+ /**
+ * Formats date and time string for Log entry.
+ */
+ void TimeLogEntryL(TDes& aDes, TTime aTime);
+
+ /**
+ * Searches all drive letters and tries
+ * to find vpnmanagementui.mif file.
+ * @return The full name and path of the MIF file
+ * containing icons for VPN Log view
+ */
+ TFileName CVpnManagementUiLogContainer::GetIconFilenameL();
+
+
+
+#ifdef __SERIES60_HELP
+ /**
+ * This function is called when Help application is launched.
+ * (other items were commented in a header).
+ */
+ void GetHelpContext(TCoeHelpContext& aContext) const;
+#endif //__SERIES60_HELP
+
+ private: //data
+
+ CEventViewer* iEventViewer;
+ CArrayFixFlat<TEventProperties>* iLogList;
+ };
+
+#endif // __VPNMANAGEMENTUILOGCONTAINER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuilogview.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,140 @@
+/*
+* Copyright (c) 2003 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiLogView class.
+*
+*/
+
+
+#ifndef __VPNMANAGEMENTUILOGVIEW_H__
+#define __VPNMANAGEMENTUILOGVIEW_H__
+
+// INCLUDES
+#include <aknview.h>
+#include "vpnmanagementuiviewid.h"
+
+class CVpnManagementUiLogContainer;
+class CVpnUiLoader;
+/**
+* CVpnManagementUiLogView view class.
+*
+* @lib vpnmanagementui.dll
+*/
+class CVpnManagementUiLogView : public CAknView
+ {
+ public:
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiLogView();
+
+ /**
+ * NewL
+ */
+ static class CVpnManagementUiLogView* NewL(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * NewLC
+ */
+ static class CVpnManagementUiLogView* NewLC(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * Returns Log view id
+ */
+ TUid Id() const;
+
+ /**
+ * Handles ClientRectChange
+ */
+ void HandleClientRectChange();
+
+ /**
+ * Returns iLogContainer
+ */
+ CCoeControl* Container();
+
+ /**
+ * Handles Softkey and Options list commands
+ */
+ void HandleCommandL(TInt aCommand);
+
+ /**
+ * Sets appropriate MSK for view
+ */
+ void SetMiddleSoftKeyL(TBool aDrawNow);
+
+
+ public: // data
+
+ /**
+ * To get hold of VpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To get access to log list in log view
+ */
+ CVpnManagementUiLogContainer* iLogContainer;
+
+ /**
+ * To store the position of the focus in the Log view
+ */
+ TInt iCurrentPosition;
+
+ private: // functions
+
+ /**
+ * Constructor.
+ */
+ CVpnManagementUiLogView(CVpnUiLoader& aLoader);
+
+ /**
+ * Symbian OS default constructor.
+ */
+ void ConstructL();
+
+ /**
+ * From AknView,
+ * Updates the view when opening it
+ */
+ void DoActivateL(const TVwsViewId& aPrevViewId,TUid aCustomMessageId,
+ const TDesC8& aCustomMessage);
+
+ /**
+ * From AknView,
+ * Saves focus position when closing view
+ */
+ void DoDeactivate();
+
+ /**
+ * Updates Options list with correct items depending on
+ * whether the listbox is empty or if it has any marked items
+ */
+ void DynInitMenuPaneL(TInt aResourceId,CEikMenuPane* aMenuPane);
+
+ /**
+ * Sets MSK
+ */
+ void SetMiddleSoftKeyLabelL(TInt aResourceId, TInt aCommandId);
+
+ private: // Data
+
+ /**
+ * Stores top item in the listbox
+ */
+ TInt iTopItem;
+ };
+
+
+#endif // __VPNMANAGEMENTUILOGVIEW_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuipolicycontainer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,210 @@
+/*
+* Copyright (c) 2003 - 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiPolicyContainer class.
+*
+*/
+
+#ifndef __VPNMANAGEMENTUIPOLICYCONTAINER_H__
+#define __VPNMANAGEMENTUIPOLICYCONTAINER_H__
+
+// INCLUDES
+#include "vpnmanagementuipolicyview.h"
+
+
+// FORWARD DECLARATIONS
+
+// CLASS DECLARATION
+
+/**
+* CVpnManagementUiPolicyContainer container control class.
+*
+* @lib vpnmanagementui.lib
+*/
+class CVpnManagementUiPolicyContainer :
+ public CCoeControl,
+ public MCoeControlObserver,
+ public MEikListBoxObserver
+ {
+
+ /**
+ * Policy Container needs to get access to CVpnManagementUiPolicyView's DoActivateL
+ */
+ friend void CVpnManagementUiPolicyView::DoActivateL(
+ const TVwsViewId&, TUid, const TDesC8&);
+
+ public: // functions
+
+ /**
+ * Overrided Default constructor
+ */
+ CVpnManagementUiPolicyContainer(
+ CVpnManagementUiPolicyView& aParent, CVpnUiLoader& aLoader);
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiPolicyContainer();
+
+ /**
+ * Overrided ActivateL function from base class CCoeControl
+ */
+ virtual void ActivateL();
+
+ /**
+ * Change focus
+ */
+ void FocusChanged(TDrawNow aDrawNow);
+
+ /**
+ * From CCoeControl
+ */
+ void HandleResourceChange( TInt aType );
+
+ /**
+ * Draws listbox, fetches graphic icons for markable list
+ */
+ void DrawListBoxL(TInt aCurrentPosition, TInt aTopItem);
+
+ /**
+ * Updates listbox after deletion, sets No VPN policies text
+ * if deleted policy was a last one.
+ */
+ void UpdateListBoxL(TInt& aCurrentPosition);
+
+ /**
+ * Handles listbox events
+ */
+ void HandleListBoxEventL(
+ CEikListBox* aListBox, TListBoxEvent aEventType);
+
+ void InstallPoliciesL();
+
+ void SynchroniseServerL();
+
+ void UpdatePolicyL(TVpnPolicyId aPolicyId);
+
+ // from MAcuApiWrapperCaller
+ void NotifyUpdatePolicyCompleteL(TInt aResult);
+ void NotifySynchroniseServerCompleteL(TInt aResult);
+ void NotifyStepChangedL(TInt aResult);
+
+
+ public: // data
+
+ /**
+ * To handle listbox
+ * Cannot be private because CVpnManagementUiPolicyView uses it
+ */
+ CEikColumnListBox* iListBox;
+
+ /**
+ * To get hold of PolicyView
+ */
+ CVpnManagementUiPolicyView& iParent;
+
+ /**
+ * To get hold of CVpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To store the list item count
+ */
+ TInt iListItemCount;
+
+ /**
+ * If ETrue, Show Waitnote.
+ */
+ TBool iShowWaitNote;
+
+ private: // functions
+
+ /**
+ * Default constructor
+ */
+ CVpnManagementUiPolicyContainer();
+
+ /**
+ * Symbian OS default constructor.
+ * @param aRect Frame rectangle for container.
+ */
+ void ConstructL(
+ const TRect& aRect, TInt& aCurrentPosition, TInt& aTopItem);
+
+ /**
+ * Creates listbox, sets empty listbox text
+ */
+ void CreateListBoxL();
+
+ /**
+ * From CoeControl,SizeChanged.
+ */
+ void SizeChanged();
+
+ /**
+ * From CoeControl,CountComponentControls.
+ */
+ TInt CountComponentControls() const;
+
+ /**
+ * From CCoeControl,ComponentControl.
+ */
+ CCoeControl* ComponentControl(TInt aIndex) const;
+
+ /**
+ * Handles control events
+ *
+ * event handling section
+ * e.g Listbox events
+ */
+ void HandleControlEventL(CCoeControl* aControl,TCoeEvent aEventType);
+
+ /**
+ * Handles the key events OK button, arrow keys, delete key.
+ */
+ TKeyResponse OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType);
+
+ /**
+ * Gets list of policies from VpnAPI and displays them in listbox.
+ *
+ */
+ void ShowPoliciesL();
+
+ void PoliciesListEmptyL();
+
+
+
+#ifdef __SERIES60_HELP
+ /**
+ * This function is called when Help application is launched.
+ * (other items were commented in a header).
+ */
+ void GetHelpContext(TCoeHelpContext& aContext) const;
+#endif //__SERIES60_HELP
+
+ protected: //data
+
+ /**
+ * If ETrue, ConstructL calls PoliciesListEmptyL() method.
+ */
+ TBool iCallPoliciesListEmpty;
+
+ private: //data
+
+ };
+
+#endif // __VPNMANAGEMENTUIPOLICYCONTAINER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuipolicyview.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,151 @@
+/*
+* Copyright (c) 2003 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiPolicyView class.
+*
+*/
+
+
+#ifndef __VPNMANAGEMENTUIPOLICYVIEW_H__
+#define __VPNMANAGEMENTUIPOLICYVIEW_H__
+
+// INCLUDES
+#include <aknview.h>
+#include "vpnapiwrapper.h"
+#include "vpnmanagementuiviewid.h"
+
+class CVpnManagementUiPolicyContainer;
+/**
+* CVpnManagementUiPolicyView view class.
+*
+* @lib vpnmanagementui.dll
+*/
+class CVpnManagementUiPolicyView : public CAknView
+ {
+ public:
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiPolicyView();
+
+ /**
+ * NewL
+ */
+ static class CVpnManagementUiPolicyView* NewL(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * NewLC
+ */
+ static class CVpnManagementUiPolicyView* NewLC(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * Returns Policy view id
+ */
+ TUid Id() const;
+
+ /**
+ * Handles ClientRectChange
+ */
+ void HandleClientRectChange();
+
+ /**
+ * Returns iPolicyContainer
+ */
+ CCoeControl* Container();
+
+ /**
+ * Handles Softkey and Options list commands
+ */
+ void HandleCommandL(TInt aCommand);
+
+ /**
+ * Creates the whole of policy details view
+ * Appends strings from both resources and VpnAPI to one
+ * message body text and displays it.
+ */
+ void PolicyDetailsL(TInt aIndex);
+
+ void ReadResourceL(HBufC& aText, TInt aResource);
+
+ /**
+ * Sets appropriate MSK for view
+ */
+ void SetMiddleSoftKeyL(TBool aDrawNow);
+
+
+ public: // data
+
+ /**
+ * To get hold of VpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To get access to policy list in policy view
+ */
+ CVpnManagementUiPolicyContainer* iPolicyContainer;
+
+ /**
+ * To store the position of the focus in the Policy view
+ */
+ TInt iCurrentPosition;
+
+ private: // functions
+
+ /**
+ * Constructor.
+ */
+ CVpnManagementUiPolicyView(CVpnUiLoader& aLoader);
+
+ /**
+ * Symbian OS default constructor.
+ */
+ void ConstructL();
+
+ /**
+ * From AknView,
+ * Updates the view when opening it
+ */
+ void DoActivateL(const TVwsViewId& aPrevViewId,TUid aCustomMessageId,
+ const TDesC8& aCustomMessage);
+
+ /**
+ * From AknView,
+ * Saves focus position when closing view
+ */
+ void DoDeactivate();
+
+ /**
+ * Updates Options list with correct items depending on
+ * whether the listbox is empty or if it has any marked items
+ */
+ void DynInitMenuPaneL(TInt aResourceId,CEikMenuPane* aMenuPane);
+
+ TBool NotAssociatedToIapL(TInt aIndex, TVpnPolicyName& aPolicyName);
+
+ /**
+ * Sets MSK
+ */
+ void SetMiddleSoftKeyLabelL(TInt aResourceId, TInt aCommandId);
+
+ private: // Data
+
+ /**
+ * Stores top item in the listbox
+ */
+ TInt iTopItem;
+ };
+
+
+#endif // __VPNMANAGEMENTUIPOLICYVIEW_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiservercontainer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,190 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiServerContainer class.
+*
+*/
+
+#ifndef __VPNMANAGEMENTUISERVERCONTAINER_H__
+#define __VPNMANAGEMENTUISERVERCONTAINER_H__
+
+// INCLUDES
+#include "vpnmanagementuiserverview.h"
+
+
+// FORWARD DECLARATIONS
+
+// CLASS DECLARATION
+
+/**
+* CVpnManagementUiServerContainer container control class.
+*
+* @lib vpnmanagementui.lib
+*/
+class CVpnManagementUiServerContainer : public CCoeControl,
+ public MCoeControlObserver,
+ public MEikListBoxObserver
+ {
+ /**
+ * Policy Container needs to get access to CVpnManagementUiServerView's DoActivateL
+ */
+ friend void CVpnManagementUiServerView::DoActivateL(const TVwsViewId&, TUid, const TDesC8&);
+
+ public: // functions
+
+ /**
+ * Overrided Default constructor
+ */
+ CVpnManagementUiServerContainer(CVpnManagementUiServerView& aParent, CVpnUiLoader& aLoader);
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiServerContainer();
+
+ /**
+ * Overrided ActivateL function from base class CCoeControl
+ */
+ virtual void ActivateL();
+
+ /**
+ * Change focus
+ */
+ void FocusChanged(TDrawNow aDrawNow);
+
+ /**
+ * From CCoeControl
+ */
+ void HandleResourceChange( TInt aType );
+
+ /**
+ * Draws listbox
+ */
+ void DrawListBoxL(TInt aCurrentPosition, TInt aTopItem);
+
+ /**
+ * Refresh listbox after VPN policy server deletion.
+ */
+ void UpdateListBoxL(TInt& aCurrentPosition);
+
+ /**
+ * Ask confirmation to delete server.
+ * Calls AcuAgent API's DeleteServer and updates listbox and iServerList
+ * Show an information note if server is currently in use and
+ * can't be deleted.
+ */
+ void DeleteServerL(TInt aIndex);
+
+ /**
+ * Calls AcuAgent API's SynchroniseServerL
+ */
+ void SynchroniseServerL(TInt aIndex);
+
+ // from MAcuApiWrapperCaller
+ void NotifyUpdatePolicyCompleteL(TInt aResult);
+ void NotifySynchroniseServerCompleteL(TInt aResult);
+ void NotifyStepChangedL(TInt aResult);
+
+ void HandleListBoxEventL (CEikListBox *aListBox, TListBoxEvent aEventType);
+
+ public: // data
+
+ /**
+ * To handle listbox
+ */
+ CEikColumnListBox* iListBox;
+
+ /**
+ * To get hold of ServerView
+ */
+ CVpnManagementUiServerView& iParent;
+
+ /**
+ * To get hold of CVpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To store the list item count
+ */
+ TInt iListItemCount;
+
+ /**
+ * If ETrue, Show Waitnote.
+ */
+ TBool iShowWaitNote;
+
+ private: // functions
+
+ /**
+ * Default constructor
+ */
+ CVpnManagementUiServerContainer();
+
+ /**
+ * Symbian OS default constructor.
+ * @param aRect Frame rectangle for container.
+ */
+ void ConstructL(const TRect& aRect, TInt& aCurrentPosition, TInt& aTopItem);
+
+ /**
+ * Creates listbox, sets empty listbox text
+ */
+ void CreateListBoxL();
+
+ /**
+ * From CoeControl,SizeChanged.
+ */
+ void SizeChanged();
+
+ /**
+ * From CoeControl,CountComponentControls.
+ */
+ TInt CountComponentControls() const;
+
+ /**
+ * From CCoeControl,ComponentControl.
+ */
+ CCoeControl* ComponentControl(TInt aIndex) const;
+
+ /**
+ * Handles control events
+ *
+ * event handling section
+ * e.g Listbox events
+ */
+ void HandleControlEventL(CCoeControl* aControl,TCoeEvent aEventType);
+
+ /**
+ * Handles the key events OK button, arrow keys.
+ */
+ TKeyResponse OfferKeyEventL(const TKeyEvent& aKeyEvent, TEventCode aType);
+
+ void ShowServersL();
+
+
+#ifdef __SERIES60_HELP
+ /**
+ * This function is called when Help application is launched.
+ * (other items were commented in a header).
+ */
+ void GetHelpContext(TCoeHelpContext& aContext) const;
+#endif //__SERIES60_HELP
+
+ private: //data
+
+ };
+
+#endif // __VPNMANAGEMENTUISERVERCONTAINER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiserversettingscontainer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,129 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CServerSettingsContainer class.
+*
+*/
+
+#ifndef __VPNMANAGEMENTUISERVERSETTINGSCONTAINER_H__
+#define __VPNMANAGEMENTUISERVERSETTINGSCONTAINER_H__
+
+#include <aknsettingitemlist.h>
+
+
+/**
+ * CServerSettingsContainer container control class.
+ *
+ * @lib vpnmanagementui.lib
+ * @since S60 v3.0
+*/
+class CServerSettingsContainer : public CAknSettingItemList
+ {
+public: // functions
+
+ /**
+ * NewL
+ *
+ * @since S60 3.2
+ * @param aLoader VPN UI loader for common view handling.
+ * @param aServerIndex index of selected server or KErrNotFound.
+ * @return self
+ */
+ static CServerSettingsContainer* NewL(
+ CVpnUiLoader& aLoader, TInt aServerIndex);
+ /**
+ * Destructor.
+ */
+ ~CServerSettingsContainer();
+
+ /**
+ * From CAknSettingItemList
+ */
+ CAknSettingItem* CreateSettingItemL( TInt aSettingId );
+
+ /**
+ * ServerNameExistsL
+ * @return ETrue name already in use
+ */
+ TBool ServerNameExistsL( const TDesC& aText ) const;
+ /**
+ * ChangeSettingValueL
+ * Opens Setting page for currently selected setting item
+ */
+ void ChangeSettingValueL();
+
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ const TAcuApiServerDetails& ServerDetailsL(); ***/
+
+ static HBufC* GetDestinationNameL( TUint aId );
+ static HBufC* GetConnectionMethodNameL( TUint aId );
+
+ void HandleListBoxEventL(CEikListBox* aListBox, TListBoxEvent aEventType);
+
+ TInt ServerIndex() const;
+
+private: // functions
+
+ /**
+ * Default constructor
+ */
+ CServerSettingsContainer();
+
+ /**
+ * Overrided Default constructor
+ */
+ CServerSettingsContainer(
+ CVpnUiLoader& aLoader, TInt aServerIndex );
+
+ /**
+ * Symbian OS default constructor.
+ * @param aRect Frame rectangle for container.
+ */
+ void ConstructL();
+
+private: // implementation
+
+ void UpdateTitleL( TDes& aText );
+
+#ifdef __SERIES60_HELP
+ /**
+ * This function is called when Help application is launched.
+ * (other items were commented in a header).
+ */
+ void GetHelpContext(TCoeHelpContext& aContext) const;
+#endif //__SERIES60_HELP
+
+private: // data
+
+ /**
+ * To get hold of VpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /// Server details
+ // TAcuApiServerDetails iServerDetails;
+ TBuf<KMaxServerUrlLength> iServerAddressBuffer;
+
+ /**
+ * To get the index of server list
+ * -1 when user has select Add new server
+ * Must be public so that view can access
+ */
+ TInt iServerIndex;
+ };
+
+#endif // __VPNMANAGEMENTUISERVERSETTINGSCONTAINER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiserversettingsview.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,117 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CServerSettingsView class.
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUISERVERSETTINGSVIEW_H__
+#define __VPNMANAGEMENTUISERVERSETTINGSVIEW_H__
+
+// INCLUDES
+#include <aknview.h>
+#include "vpnmanagementuiviewid.h"
+
+// FORWARD DECLERATIONS
+class CServerSettingsContainer;
+
+// CLASS DECLARATION
+
+/**
+* CServerSettingsView view class.
+*
+* @lib vpnmanagementui.dll
+*/
+class CServerSettingsView : public CAknView
+ {
+ public: // functions
+
+ /**
+ * Destructor
+ */
+ ~CServerSettingsView();
+
+ /**
+ * NewL
+ */
+ static CServerSettingsView* NewL(
+ const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * NewLC
+ */
+ static CServerSettingsView* NewLC(
+ const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * Returns Trust view id
+ */
+ TUid Id() const;
+
+ /**
+ * Handles ClientRectChange
+ */
+ void HandleClientRectChange();
+
+
+ /**
+ * Handles Softkey and Options list commands
+ */
+ void HandleCommandL(TInt aCommand);
+
+ public: // data
+
+ /**
+ * To get hold of CVpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+ /**
+ * To get access to ServerSettingsContainer
+ */
+ CServerSettingsContainer* iContainer;
+
+ private: // functions
+
+ /**
+ * Constructor.
+ */
+ CServerSettingsView(CVpnUiLoader& aLoader);
+
+ /**
+ * Symbian OS default constructor.
+ */
+ void ConstructL();
+
+ /**
+ * Updates the view when opening it
+ */
+ void DoActivateL(const TVwsViewId& aPrevViewId,TUid aCustomMessageId,
+ const TDesC8& aCustomMessage);
+
+ /**
+ * Closes the view
+ */
+ void DoDeactivate();
+
+
+ TInt CompleteSettingsL();
+
+ private: // Data
+ };
+
+#endif // __VPNMANAGEMENTUISERVERSETTINGSVIEW_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiserverview.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,150 @@
+/*
+* Copyright (c) 2003 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiServerView class.
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUISERVERVIEW_H__
+#define __VPNMANAGEMENTUISERVERVIEW_H__
+
+// INCLUDES
+#include <aknview.h>
+#include "vpnmanagementuiviewid.h"
+
+// CONSTANTS
+
+// FORWARD DECLARATIONS
+class CVpnManagementUiServerContainer;
+
+// CLASS DECLARATION
+
+/**
+* CVpnManagementUiServerView view class.
+*
+* @lib vpnmanagementui.lib
+*/
+class CVpnManagementUiServerView : public CAknView
+ {
+ public: // Constructors and destructor
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiServerView();
+
+ /**
+ * NewL
+ */
+ static class CVpnManagementUiServerView* NewL(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * NewLC
+ */
+ static class CVpnManagementUiServerView* NewLC(const TRect& aRect, CVpnUiLoader& aLoader);
+
+ /**
+ * Returns server view id
+ */
+ TUid Id() const;
+
+ /**
+ * Handles ClientRectChange
+ */
+ void HandleClientRectChange();
+
+ /**
+ * Returns iServerContainer
+ */
+ CCoeControl* Container();
+
+ /**
+ * Handles Softkey and Options list commands
+ */
+ void HandleCommandL(TInt aCommand);
+
+ /**
+ * Sets appropriate MSK for view
+ */
+ void SetMiddleSoftKeyL(TBool aDrawNow);
+
+
+ public: // data
+
+ /**
+ * To get hold of VpnUiLoader
+ */
+ CVpnUiLoader& iLoader;
+
+
+
+ private: // functions
+
+ /**
+ * Constructor.
+ */
+ CVpnManagementUiServerView(CVpnUiLoader& aLoader);
+
+ /**
+ * Symbian OS default constructor.
+ */
+ void ConstructL();
+
+ /**
+ * From AknView,
+ * Updates the view when opening it
+ */
+ void DoActivateL(const TVwsViewId& aPrevViewId,TUid aCustomMessageId,
+ const TDesC8& aCustomMessage);
+
+ /**
+ * From AknView,
+ * Saves focus position when closing view
+ */
+ void DoDeactivate();
+
+ /**
+ * Updates Options list with correct items depending on
+ * whether the listbox is empty or if it has any marked items
+ */
+ void DynInitMenuPaneL(TInt aResourceId,CEikMenuPane* aMenuPane);
+
+ /**
+ * Sets MSK
+ */
+ void SetMiddleSoftKeyLabelL(TInt aResourceId, TInt aCommandId);
+
+
+ private: // Data
+
+ /**
+ * To get access to policy server list in Policy server view
+ */
+ CVpnManagementUiServerContainer* iServerContainer;
+
+ /**
+ * To store the position of the focus in the Policy server view
+ */
+ TInt iCurrentPosition;
+
+ /**
+ * Stores top item in the listbox
+ */
+ TInt iTopItem;
+
+ };
+
+
+#endif // __VPNMANAGEMENTUISERVERVIEW_H__
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiview.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,237 @@
+/*
+* Copyright (c) 2003 - 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Declaration of the CVpnManagementUiView class.
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUIVIEW_H__
+#define __VPNMANAGEMENTUIVIEW_H__
+
+// INCLUDES
+#include <aknview.h>
+#include <eikclb.h>
+#include <ConeResLoader.h>
+#include <gsplugininterface.h>
+#include "vpnmanagementuiviewid.h"
+#include "vpnapiwrapper.h"
+#include "vpnuiloader.h"
+
+#ifdef __SERIES60_HELP
+#include <hlplch.h> // For HlpLauncher
+#endif //__SERIES60_HELP
+
+
+// FORWARD DECLARATIONS
+class CVpnManagementUiContainer;
+
+// CLASS DECLARATION
+
+/**
+ * CVpnManagementUiView view class.
+ *
+ * @lib (internal) vpnmanagementui.lib
+ * @since S60 v3.0
+ */
+class CVpnManagementUiView : public CGSPluginInterface, public MEikListBoxObserver, public MVpnApiWrapperCaller
+ {
+ public: // Constructors and destructor
+
+ /**
+ * Destructor.
+ */
+ ~CVpnManagementUiView();
+
+ /**
+ * NewL
+ */
+ static class CVpnManagementUiView* NewL();
+
+ /**
+ * NewLC
+ */
+ static class CVpnManagementUiView* NewLC();
+
+
+
+ public: // Functions from base classes
+
+ /**
+ * Method for getting caption of this plugin. This should be the
+ * localized name of the settings view to be shown in parent view.
+ *
+ * @param aCaption pointer to Caption variable
+ */
+ virtual void GetCaptionL( TDes& aCaption ) const;
+
+ /**
+ * Returns Management view id
+ */
+ TUid Id() const;
+
+ /**
+ * Handles ClientRectChange
+ */
+ void HandleClientRectChange();
+
+ /**
+ * Returns iContainer
+ */
+ CCoeControl* Container();
+
+ /**
+ * Handles Softkey and Options list commands
+ */
+ void HandleCommandL(TInt aCommand);
+
+ // from MAcuApiWrapperCaller
+ void NotifyPolicyImportComplete(TInt aResult);
+
+ public:
+
+ /**
+ * from CGSPluginInterface
+ */
+
+ /**
+ * Method for checking plugin's Uid. Uid identifies this GS plugin. Use
+ * same Uid as the ECOM plugin implementation Uid.
+ *
+ * @return PluginUid
+ */
+ TUid PluginUid() const;
+
+ /**
+ * Method for checking, if item has bitmap icon to be shown in list
+ *
+ * @return ETrue if plugin has icon bitmap
+ * @return EFalse if plugin does not have a bitmap
+ */
+ TBool HasBitmap() const;
+
+ /**
+ * Method for reading bitmap icon.
+ *
+ * @param aBitmap plugin bitmap
+ * @param aMask plugin icon bitmap mask
+ */
+ void GetBitmapL( CFbsBitmap* aBitmap, CFbsBitmap* aMask ) const;
+
+ /**
+ * Method for reading the ID of the plugin provider category. See
+ *
+ * @return Plugin provider category ID defined by
+ *
+ */
+ TInt PluginProviderCategory() const;
+
+ /**
+ * Method for checking, if plugin should be visible and used in GS FW.
+ * (for example shown in listbox of the parent view).
+ *
+ * On default plugin is visible. Overwrite this function to enable or
+ * disable your plugin dynamically.
+ *
+ * @return ETrue if plugin should be visible in GS.
+ * @return EFalse if plugin should not be visible in GS.
+ */
+ virtual TBool Visible() const;
+
+ /**
+ * Creates a new icon of desired type. Override this to provide custom
+ * icons. Othervise default icon is used. Ownership of the created icon
+ * is transferred to the caller.
+ *
+ * Icon type UIDs (use these defined constants):
+ * KGSIconTypeLbxItem - ListBox item icon.
+ * KGSIconTypeTab - Tab icon.
+ *
+ * @param aIconType UID Icon type UID of the icon to be created.
+ * @return Pointer of the icon. NOTE: Ownership of this icon is
+ * transferred to the caller.
+ */
+ CGulIcon* CreateIconL( const TUid aIconType );
+
+ /**
+ * From MUiRunnerObserver
+ */
+ void UiComplete( TInt aUirEvent );
+
+ /**
+ * Handles the actual selected list box item
+ */
+ void HandleListBoxSelectionL();
+
+ /**
+ * Shows a information note.
+ * @param aResourceId Resource id of the showed text .
+ */
+ void ShowInfoNoteL( TInt aResourceId );
+
+ public: // data
+
+ /**
+ * To get hold of VpnUiLoader
+ */
+ CVpnUiLoader* iLoader;
+
+ /**
+ * To get access to list in management view
+ */
+ CVpnManagementUiContainer* iContainer;
+
+ /**
+ * To store the position of the focus in the management view
+ */
+ TInt iCurrentPosition;
+
+ private: // functions
+
+ /**
+ * Constructor.
+ */
+ CVpnManagementUiView();
+
+ /**
+ * Symbian OS default constructor.
+ */
+ void ConstructL();
+
+ /**
+ * From AknView,
+ * Updates the view when opening it
+ */
+ void DoActivateL(const TVwsViewId& aPrevViewId,
+ TUid aCustomMessageId,
+ const TDesC8& aCustomMessage);
+
+ /**
+ * From AknView,
+ * Saves focus position when closing view
+ */
+ void DoDeactivate();
+
+ void HandleListBoxEventL(CEikListBox* aListBox,
+ TListBoxEvent aEventType);
+
+ private: // Data
+
+ TInt iCurrentItem; // currently selected listbox item
+ TInt iTopItemIndex; // first item in the listbox
+ };
+
+#endif // __VPNMANAGEMENTUIVIEW_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnmanagementuiviewid.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Contains the view ID's for VPN management UI's views.
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUIVIEWID_H__
+#define __VPNMANAGEMENTUIVIEWID_H__
+
+// CONSTANTS
+//
+// View ID's
+const TUid KVpnManagementPluginUid = { 0x101F6D31 };
+const TUid KVpnManagementUiPolicyViewId = {28};
+const TUid KVpnManagementUiServerViewId = {29};
+const TUid KVpnManagementUiLogViewId = {30};
+const TUid KVpnManagementUiParametersViewId = {31};
+
+#endif // __VPNMANAGEMENTUIVIEWID_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/inc/vpnuiloader.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,277 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN management main view
+*
+*/
+
+#ifndef __VPNUILOADER_H__
+#define __VPNUILOADER_H__
+
+// INCLUDES
+#include <AknProgressDialog.h>
+#include <ConeResLoader.h>
+#include "vpnapiwrapper.h"
+#include "vpnmanagementuidefs.h"
+#include "uirunner.h"
+
+// CONSTANTS
+/**
+ * Specifies the type of the waitnote text.
+ */
+enum
+ {
+ EConnectingVia = 0x0,
+ EProcessingStepN = 0x1
+ };
+
+const TInt KSecondsToShowConnectingVia = 3;
+
+// FORWARD DECLARATIONS
+
+// CLASS DECLARATION
+class CAknWaitDialog;
+class CVpnManagementUiView;
+class CVpnManagementUi;
+/**
+* CVpnUiLoader view control class.
+*
+* @lib vpnmanagementui.lib
+*/
+class CVpnUiLoader : public CCoeControl, public MCoeControlObserver,
+ public MProgressDialogCallback
+ {
+ public: // functions
+
+ /**
+ * Destructor.
+ */
+ ~CVpnUiLoader();
+
+ /**
+ * NewL
+ *
+ * @since S60 3.0
+ * @param aRect ?description
+ * @param aViewId ?description
+ * @return self
+ */
+ static class CVpnUiLoader* NewL(
+ const TRect& aRect, TUid aViewId, CVpnManagementUiView* aUiView );
+
+ /**
+ * NewLC
+ */
+ static class CVpnUiLoader* NewLC(
+ const TRect& aRect, TUid aViewId, CVpnManagementUiView* aUiView );
+
+ /**
+ * ChangeViewL
+ * @param aNewTab change to given tab
+ */
+ void ChangeViewL(TInt aNewTab, TInt aSelectionIndex = -1);
+
+ /**
+ * Activates the VPN policies, VPN policy servers and
+ * VPN log views title
+ */
+ void ActivateTitleL(TInt aCurrentTitle);
+
+ void ActivateTitleL(TInt aCurrentTitle, TDes& aText);
+
+ /**
+ * Activates the VPN log view Navipane text
+ */
+ void ActivateNaviTextL();
+
+ /**
+ * Added here because FocusChanged need to be included
+ * in every control derived from CCoeControl that can have listbox
+ */
+ void FocusChanged(TDrawNow aDrawNow);
+
+ /**
+ * Push the NaviPane to stack.
+ */
+ void PushNaviPaneL();
+
+ /**
+ * Pop the NaviPane from stack.
+ */
+ void PopNaviPane();
+
+ /**
+ * Push the DefaultNaviPane (empty) to stack.
+ */
+ void PushDefaultNaviPaneL();
+
+ /**
+ * Shows the error note
+ */
+ void ShowErrorNoteL();
+
+ /**
+ * Get selection name to the connecting via wait note
+ */
+ void GetSelectionNameL(TDes& aText);
+
+ /**
+ * Shows the Connecting via or Processing step wait note
+ */
+ void ShowWaitNoteL();
+
+ /**
+ * Deletes the wait note
+ */
+ void DeleteWaitNoteL();
+
+ /**
+ * Set text to wait note
+ */
+ void SetTextL();
+
+ //from MProgressDialogCallback
+ void DialogDismissedL( TInt aButtonId );
+
+ /**
+ * Check if Disk space goes below critical level.
+ * @param aShowErrorNote If ETrue, a warning note is shown.
+ * @param aBytesToWrite Amount of disk space to be allocated.
+ * @return ETrue if allocation would go below critical level.
+ */
+ TBool FFSSpaceBelowCriticalLevelL( TBool aShowErrorNote,
+ TInt aBytesToWrite /*=0*/ );
+
+ /**
+ * Returns pointer to main management view
+ */
+ CAknView* GetVpnManagementUiView() const;
+
+ /**
+ * CVpnApiWrapper
+ */
+ CVpnApiWrapper& VpnApiWrapperL();
+
+ /**
+ * Returns the id to the GS view that launched us
+ */
+ TVwsViewId GSViewId() const;
+
+ /**
+ * Sets the id to the GS view that launched us
+ * @param aGsViewId The id to the GS view
+ */
+ void SetGSViewId( TVwsViewId aGsViewId );
+
+ public: //data
+
+ /**
+ * Added here because FocusChanged need to be included
+ * in every control derived from CCoeControl that can have listbox
+ */
+ CEikColumnListBox* iListBox;
+
+ /**
+ * If ETrue, We are coming back from server parameters view.
+ */
+ TBool iBackFromServerDefinition;
+
+ /**
+ * If ETrue, new Server definition has created.
+ */
+ TBool iNewServerDefinition;
+ /**
+ * If ETrue, show Define policy server query when empty list.
+ */
+ TBool iShowDefineQuery;
+
+ MUiRunnerObserver* iObserver;
+
+ CAknWaitDialog* iWaitDialog;
+
+ TInt iCurrentPolicyIndex;
+ TInt iCurrentServerIndex;
+ TBool iPolicyUpdate;
+ TBuf<KMaxUiSelectionNameLength> iSelectionName;
+
+ private: // data
+
+ /**
+ * Used to wrap asynchronous calls
+ */
+ CVpnApiWrapper* iVpnApiWrapper;
+
+ private: // implementation
+
+ void ConstructL(const TRect& aRect, TUid aViewId);
+ CVpnUiLoader(CVpnManagementUiView* aUiView);
+ void HandleControlEventL( CCoeControl* aControl,
+ TCoeEvent aEventType );
+ TKeyResponse OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType);
+ public:
+ void AddResourceFileL(TBool aKeepOpen = EFalse);
+ void ReleaseResource(TBool aForceClose = EFalse);
+
+ private: //data
+
+ /**
+ * For Navipane
+ */
+ CAknNavigationDecorator* iVersionInfoInNaviPane;
+
+ /**
+ * For Navipane
+ */
+ CAknNavigationControlContainer* iNaviPane;
+
+
+ /**
+ * To store the previous view id
+ */
+ TUid iPreviousViewId;
+
+ /**
+ * To store the previous view id
+ */
+ TUid iPreviousAppViewId;
+
+ TInt iTextToShow;
+ TInt iStateCodeToShow;
+ TTime iWaitNoteStartTime;
+
+ /**
+ * Views to be registered and unregistered
+ */
+ CAknView* iVpnManagementUiView;
+ CAknView* iVpnManagementUiLogView;
+ CAknView* iVpnManagementUiPolicyView;
+ CAknView* iVpnManagementUiParametersView;
+ CAknView* iVpnManagementUiServerView;
+
+ CVpnManagementUi* iCVpnManagementUi;
+
+ /**
+ * To get hold of iResourceLoader
+ */
+ RConeResourceLoader iResourceLoader;
+
+ TVwsViewId iGsViewId; // the view id of the view which launched us
+ TBool iKeepOpen;
+ TBool iPolicyViewVisited;
+ TBool iLogViewVisited;
+ };
+
+#endif // __VPNUILOADER_H__
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/loc/vpnmanagementui.loc Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,420 @@
+/*
+* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: This is a localisation file for VPN management UI dll.
+*
+*/
+
+
+
+// LOCALISATION STRINGS
+
+// ** VPN Setting item in GS connection view
+
+//d:Text of a list item in Connection view's list
+//d:Item opens VPN view
+//l:list_single_large_graphic_pane_t1
+//r:3.2
+//
+#define qtn_set_folder_conn_vpn "Virtual Private Networking (VPN)"
+
+
+// **VPN MANAGEMENT VIEW
+
+//d:Name of the view for title pane
+//l:title_pane_t2/opt9
+//
+#define qtn_vpn_management_title "VPN management"
+
+//d:Text of a list item in VPN management view
+//d:Item opens VPN policies view
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_policies "VPN policies"
+
+//d:Text of a list item in VPN management view
+//d:Item opens Policy servers view
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_policy_servers "VPN policy servers"
+
+//d:Text of a list item in VPN management view
+//d:Item opens VPN log view
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_log "VPN log"
+
+
+
+
+// **VPN POLICIES VIEW
+
+//d:Name of view for title pane
+//l:title_pane_t2/opt9
+//
+#define qtn_vpn_policies_title "VPN policies"
+
+//d:Policy view empty list placeholder text
+//l:main_list_empty_pane
+//
+#define qtn_vpn_policies_empty "(no VPN policies)"
+
+//d:Middle soft key in VPN policies view when we have no policies installed.
+//d:Starts policy installation procedure
+//l:control_pane_t3/opt7
+//
+#define qtn_msk_install_vpn_policies "Install policy"
+
+//d:Middle soft key in VPN policies view when we have installed policies.
+//d:Opens VPN policy details view.
+//l:control_pane_t3/opt7
+//
+#define qtn_msk_vpn_details "Details"
+
+
+// **OPTIONS MENU VPN POLICIES VIEW
+
+//d:Command in options menu in VPN policies view.
+//d:Starts policy installation procedure
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_install_policies "Install policy"
+
+//d:Command in options menu in VPN policies view.
+//d:Opens VPN policy details view.
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_policy_details "Details"
+
+//d:Command in options menu in VPN policies view.
+//d:Starts policy update procedure
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_update_policy "Update policy"
+
+//d:Command in options menu in VPN policies view.
+//d:Delete a VPN policy.
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_delete_policy "Delete policy"
+
+
+// **VPN POLICY DETAILS VIEW
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_description "Description:"
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_status "Policy status:"
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_cert_status "Certificate status:"
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_name "Policy name:"
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_source_server_name "Source server name:"
+
+//d:Detail's topic in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_update_time "Updated:"
+
+//d:Detailed info about Policy status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_not_associated "Not associated with a VPN access point"
+
+//d:Detailed info about Policy status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_associated "Associated with a VPN access point"
+
+//d:Detailed info about Policy status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_policy_active "Active"
+
+//d:Detailed info about Certificate status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_cert_status_ok "OK"
+
+//d:Detailed info about Certificate status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_cert_status_expired "Expired"
+
+//d:Detailed info about Certificate status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_cert_status_missing "Missing"
+
+//d:Detailed info about Certificate status in message query.
+//l:popup_info_list_pane_t2/opt1
+//
+#define qtn_vpn_detail_cert_status_not_yet_valid "Not yet valid"
+
+
+// **VPN POLICY SERVERS VIEW
+
+//d:Name of view for title pane
+//l:title_pane_t2/opt9
+//
+#define qtn_vpn_policy_servers_title "VPN policy servers"
+
+//d:Policy server view empty list placeholder text
+//l:main_list_empty_pane
+//
+#define qtn_vpn_policy_servers_empty "(no VPN policy servers)"
+
+//d:Prompt text in VPN policy server selection popup.
+//l:heading_pane_t1
+//
+#define qtn_vpn_prmpt_policy_server_selection "Policy server:"
+
+//d:Middle soft key in empty VPN policy servers view.
+//d:Opens VPN policy server parameters view for editing
+//l:control_pane_t3/opt7
+//
+#define qtn_msk_add_vpn_server "New server"
+
+
+
+// **OPTIONS MENU VPN POLICY SERVERS VIEW
+
+//d:Command in options menu in VPN policy servers view.
+//d:Opens VPN policy server parameters view
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_add_new_server "New server"
+
+//d:Command in options menu in VPN policy servers view.
+//d:Opens VPN policy server parameters view for editing
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_edit_server "Edit server"
+
+//d:Command in options menu in VPN policy servers view.
+//d:Starts policy installation/update procedure
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_synchronise_server "Synchronise server"
+
+//d:Command in options menu in VPN policy servers view.
+//d:Deletes a VPN policy server definition
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_delete_server "Delete server"
+
+
+// **VPN POLICY SERVER PARAMETERS VIEW
+
+//d:Text of a first list item in VPN policy server parameters view's setting list
+//d:Item opens VPN policy server name text setting item
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_sett_policy_server_name "Policy server name"
+
+//d:Text of a second list item in VPN policy server parameters view's setting list
+//d:Item opens VPN policy server address text setting item
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_sett_policy_server_address "Policy server address"
+
+//d:Text of a third list item in VPN policy server parameters view's setting list
+//d:Similar content as in §qtn_netw_conset_sett_destination§ in cmmanager.loc.
+//d:Item opens a pop-up setting item
+//l:list_setting_pane_t1
+//
+#define qtn_vpn_sett_vpn_iap_real_netw_reference "Network connection"
+
+
+// **VPN LOG VIEW
+
+//d:Name of view for title pane
+//l:title_pane_t2/opt9
+//
+#define qtn_vpn_log_title "VPN log"
+
+//d:Display version information about the VPN client installed.
+//l:navi_text_pane_t1
+//
+#define qtn_vpn_navi_client_version "mVPN v%U"
+
+//d:Log view empty list placeholder text
+//l:main_list_empty_pane
+//
+#define qtn_vpn_log_empty "(no VPN log entries)"
+
+//d:Middle soft key in VPN log view.
+//d:Refresh the VPN log
+//l:control_pane_t3/opt7
+//
+#define qtn_msk_refresh_vpn_log "Refresh log"
+
+
+// **OPTIONS MENU VPN LOG VIEW
+
+//d:Command in options menu in VPN log view.
+//d:Opens VPN log details view
+//l:list_single_pane_t1_cp2
+//
+#define qtn_logs_cmd_details "View details"
+
+//d:Command in options menu in VPN log view.
+//d:Refresh the VPN log
+//l:list_single_pane_t1_cp2
+//
+#define qtn_vpn_options_refresh_log "Refresh log"
+
+//d:Command in options menu in VPN log view.
+//d:Clears the VPN log
+//l:list_single_pane_t1_cp2
+//
+#define qtn_logs_cmd_clear_list "Clear log"
+
+// **CONFIRMATION QUERIES
+
+//d:Confirmation query text in empty VPN policies view.
+//l:popup_note_window
+//
+#define qtn_vpn_quest_dl_policies_now "No VPN policies installed. Install now?"
+
+//d:Confirmation query text when user selects to delete
+//d:a VPN policy. Case: not associated with a VPN access point.
+//l:popup_note_window
+//
+#define qtn_vpn_quest_delete_policy "Delete VPN policy '%U'?"
+
+//d:Confirmation query text when user selects to delete
+//d:a VPN policy. Case: associated with a VPN access point.
+//l:popup_note_window
+//
+#define qtn_vpn_quest_delete_policy_associated "Policy is associated with a VPN access point. Delete anyway?"
+
+//d:Confirmation query text in empty VPN policy servers view
+//l:popup_note_window
+//
+#define qtn_vpn_quest_define_new_server "No VPN policy servers defined. Define now?"
+
+//d:Confirmation query text after user has defined
+//d:a new policy server
+//l:popup_note_window
+//
+#define qtn_vpn_quest_synchronise_server "New VPN policy server defined. Synchronise now?"
+
+//d:Confirmation query text if the compulsory
+//d:field is left empty
+//l:popup_note_window
+//
+#define qtn_vpn_quest_incomplete_server_def_delete "Incomplete VPN policy server details. Exit without saving?"
+
+//d:Confirmation query text when user selects to delete a VPN
+//d:policy server definition. Case: no policies related to the server.
+//l:popup_note_window
+//
+#define qtn_vpn_quest_delete_server "Delete VPN policy server '%U'?"
+
+//d:Confirmation query text when user selects to delete a VPN
+//d:policy server definition. Case: policies related to the server.
+//l:popup_note_window
+//
+#define qtn_vpn_quest_delete_server_associated "Deleting this policy server will also delete related policies. Continue?"
+
+//d:Confirmation query text in VPN log view
+//l:popup_note_window
+//
+#define qtn_vpn_quest_clear_log "Clear VPN log?"
+
+
+// **CONFIRMATION NOTES
+
+//d:Confirmation note text in case when policy server
+//d:synchronisation completed
+//l:popup_note_window
+//
+#define qtn_vpn_conf_policy_server_sync_ok "Policy server synchronisation complete. See VPN log for details."
+
+
+// **INFORMATION NOTES
+
+//d:Information note text in case when user tries to delete a policy server
+//d:that is currently in use
+//l:popup_note_window
+//
+#define qtn_vpn_info_policy_server_in_use "Policy server is currently in use. Unable to delete."
+
+//d:Information note text in case when user tries to edit a policy server
+//d:address that cannot be modified
+//l:popup_note_window
+//
+#define qtn_vpn_info_cannot_modify_server_def "Cannot be modified. Please create a new server definition."
+
+//d:Policy server synchronisation failed
+//l:popup_note_window
+//
+#define qtn_vpn_info_policy_server_sync_error "Synchronisation failed. See VPN log for details."
+
+// **WAIT NOTE
+//d:Wait note is shown when connecting the access point.
+//d:%U indicates the name of access point which we are connecting to
+//l:popup_note_wait_window
+//
+#define qtn_vpn_connecting_via_ap "Connecting via '%U'"
+
+//d:Wait note text in synchronization and update
+//d:note dialogs
+//l:popup_note_wait_window
+//
+#define qtn_vpn_wait_policy_dl_processing "Processing step %N"
+
+
+// **SETTINGS VALUE TEXT
+
+//d:Setting value text in VPN policy server parameters view.
+//l:list_set_graphic_pane_t1
+#define qtn_set_compulsory "Must be defined"
+
+
+// **OPTIONS MENU
+
+//d:Command in options menu.
+//d:Opens the currently selected setting item.
+//l:list_single_pane_t1_cp2
+#define qtn_set_options_open "Open"
+
+//d:Command in Options menu settings view.
+//d:Opens value changing dialog of highlighted item
+//l:list_single_pane_t1_cp2
+#define qtn_set_options_change "Change"
+
+
+
+
+
+
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/rom/vpnmanagementui.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,39 @@
+/*
+* Copyright (c) 2005-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnmanagementui
+*
+*/
+
+
+
+/**
+ * @file vpnmanagementui.iby
+ *
+ */
+
+#ifndef __VPNMANAGEMENTUI_IBY__
+#define __VPNMANAGEMENTUI_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNMANAGEMENTUI not included in this rom
+
+#else
+
+data=ZRESOURCE\apps\vpnmanagementui.mif APP_RESOURCE_DIR\vpnmanagementui.mif
+ECOM_PLUGIN(vpnmanagementui.dll,101F6D31.rsc)
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNMANAGEMENTUI_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/rom/vpnmanagementuiResources.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2005-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Image description file for project vpnmanagementui's resources
+*
+*/
+
+
+
+#ifndef __VPNMANAGEMENTUIRESOURCES_IBY__
+#define __VPNMANAGEMENTUIRESOURCES_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNMANAGEMENTUI not included in this rom
+
+#else
+
+data=DATAZ_\RESOURCE_FILES_DIR\vpnmanagementuirsc.rsc RESOURCE_FILES_DIR\vpnmanagementuirsc.rsc
+data=DATAZ_\HELP_FILE_DIR\vpn.hlp HELP_FILE_DIR\vpn.hlp
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNMANAGEMENTUIRESOURCES_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/serversettingconnectionsettingitem.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,149 @@
+/*
+* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+* Nokia Corporation
+*
+* Description: Setting item for the connection settings.
+*
+*/
+
+#include "serversettingconnectionsettingitem.h"
+
+#include <cmmanagerext.h>
+#include <cmpluginvpndef.h>
+#include <cmsettingsui.h>
+#include <cmapplicationsettingsui.h>
+#include <cmdestinationext.h>
+
+using namespace CMManager;
+
+CServerSettingConnectionSettingItem::CServerSettingConnectionSettingItem(TInt aIdentifier,
+ TCmSettingSelection& aSelection)
+:CAknSettingItem(aIdentifier), iExternalValue(aSelection)
+ {
+ }
+
+
+CServerSettingConnectionSettingItem::~CServerSettingConnectionSettingItem()
+ {
+ delete iSettingText;
+ }
+
+
+void CServerSettingConnectionSettingItem::StoreL()
+ {
+ iExternalValue = iInternalValue;
+ }
+
+
+void CServerSettingConnectionSettingItem::LoadL()
+ {
+ iInternalValue = iExternalValue;
+ UpdateSettingTextL();
+ }
+
+
+void CServerSettingConnectionSettingItem::EditItemL( TBool /*aCalledFromMenu*/ )
+ {
+ RCmManagerExt cmManager;
+ cmManager.OpenLC();
+ // Get supported bearer filter types
+ const TInt KArrayGranularity = 10;
+ RArray<TUint32> bearers = RArray<TUint32>( KArrayGranularity );
+ CleanupClosePushL( bearers );
+ cmManager.SupportedBearersL( bearers );
+ // Do not include VPN bearer
+ TInt index = bearers.Find( KPluginVPNBearerTypeUid );
+ if ( index != KErrNotFound )
+ {
+ bearers.Remove( index );
+ }
+ // Show settings page
+
+ CCmApplicationSettingsUi* settings = CCmApplicationSettingsUi::NewL();
+ CleanupStack::PushL( settings );
+ TBool selected = settings->RunApplicationSettingsL( iInternalValue,
+ EShowDestinations |
+ EShowConnectionMethods,
+ bearers );
+ CleanupStack::PopAndDestroy( 2 ); // settings, bearers
+
+ if ( selected )
+ {
+ UpdateSettingTextL();
+ UpdateListBoxTextL();
+ }
+
+ CleanupStack::PopAndDestroy(); // cmManager
+
+ }
+
+
+const TDesC& CServerSettingConnectionSettingItem::SettingTextL()
+ {
+ if (iSettingText == NULL)
+ {
+ return CAknSettingItem::SettingTextL();
+ }
+ else
+ {
+ return *iSettingText;
+ }
+ }
+
+
+void CServerSettingConnectionSettingItem::UpdateSettingTextL()
+ {
+ delete iSettingText;
+ iSettingText = NULL;
+
+ if ((iInternalValue.iResult == EDestination ||
+ iInternalValue.iResult == EConnectionMethod) &&
+ iInternalValue.iId != 0)
+ {
+
+ RCmManagerExt cmManager;
+ cmManager.OpenLC();
+
+ if ( iInternalValue.iResult == EDestination )
+ {
+ // Destination selected
+ RCmDestinationExt dest;
+ TRAPD( err, dest = cmManager.DestinationL( iInternalValue.iId ) );
+
+ if( KErrNone == err )
+ {
+ CleanupClosePushL( dest );
+ iSettingText = dest.NameLC();
+ CleanupStack::Pop(iSettingText);
+ CleanupStack::PopAndDestroy(); // dest
+ }
+ }
+ else if ( iInternalValue.iResult == EConnectionMethod )
+ {
+ // Connection method selected
+ RCmConnectionMethodExt conn;
+ TRAPD( err, conn = cmManager.ConnectionMethodL( iInternalValue.iId ) );
+
+ if( KErrNone == err )
+ {
+ CleanupClosePushL( conn );
+ iSettingText = conn.GetStringAttributeL( ECmName );
+ CleanupStack::PopAndDestroy(); // conn
+ }
+ }
+
+ CleanupStack::PopAndDestroy(); // cmManager
+ }
+ }
+
+/***/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnapiwrapper.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,143 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Wrapper for vpnapi
+*
+*/
+
+#include "vpnapiwrapper.h"
+#include "vpnapi.h"
+#include "log_vpnmanagementui.h"
+
+
+CVpnApiWrapper* CVpnApiWrapper::NewL()
+ {
+ CVpnApiWrapper* self = new (ELeave) CVpnApiWrapper();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+CVpnApiWrapper::CVpnApiWrapper() :
+ CActive(EPriorityNormal), iOngoingTask(ETaskNone)
+ {
+ }
+
+CVpnApiWrapper::~CVpnApiWrapper()
+ {
+ delete iPolicyList;
+ Cancel();
+ iVpnApi.Close();
+ }
+
+void CVpnApiWrapper::DoCancel()
+ {
+ LOG_("CVpnApiWrapper::DoCancel() called\n");
+
+ if (iOngoingTask == ETaskImportPolicies)
+ {
+ iVpnApi.CancelImport();
+ }
+
+ iOngoingTask = ETaskNone;
+ }
+
+void CVpnApiWrapper::RunL()
+ {
+ LOG_1("CVpnApiWrapper::RunL():%d", iStatus.Int());
+
+ if (iOngoingTask == ETaskImportPolicies)
+ {
+ iCaller->NotifyPolicyImportComplete(iStatus.Int());
+ }
+
+ iOngoingTask = ETaskNone;
+ }
+
+void CVpnApiWrapper::ConstructL()
+ {
+ LOG_("CVpnApiWrapper::ConstructL() - begin");
+
+ CActiveScheduler::Add(this);
+ LOG_("CVpnApiWrapper::ConstructL() - begin 2");
+ User::LeaveIfError(iVpnApi.Connect());
+
+ LOG_("CVpnApiWrapper::ConstructL() - end");
+ }
+
+CArrayFixFlat<TVpnPolicyInfo>* CVpnApiWrapper::PolicyListL()
+ {
+ BuildPolicyListL();
+ return iPolicyList;
+ }
+
+void CVpnApiWrapper::BuildPolicyListL()
+ {
+ LOG_("CVpnApiWrapper::BuildPolicyListL() - begin");
+
+ delete iPolicyList;
+ iPolicyList = NULL;
+
+ iPolicyList = new (ELeave) CArrayFixFlat<TVpnPolicyInfo>(2);
+
+ User::LeaveIfError(iVpnApi.GetPolicyInfoList(iPolicyList));
+
+ TKeyArrayFix Key( _FOFF(TVpnPolicyInfo,iName), ECmpCollated );
+ Key.SetPtr( iPolicyList );
+ iPolicyList->Sort( Key );
+
+ LOG_("CVpnApiWrapper::BuildPolicyListL() - end");
+ }
+
+void CVpnApiWrapper::DeletePolicyL(TInt aPolicyIndex)
+ {
+ LOG_("CVpnApiWrapper::DeletePolicyL() - begin");
+
+ TVpnPolicyId& policyToDelete = iPolicyList->At(aPolicyIndex).iId;
+ User::LeaveIfError(iVpnApi.DeletePolicy(policyToDelete));
+
+ LOG_("CVpnApiWrapper::DeletePolicyL() - end");
+ }
+
+void CVpnApiWrapper::GetPolicyDetailsL(TInt aPolicyIndex, TVpnPolicyDetails& aPolicyDetails)
+ {
+ LOG_("CVpnApiWrapper::GetPolicyDetailsL() - begin");
+
+ TVpnPolicyId& policyOfInterest = iPolicyList->At(aPolicyIndex).iId;
+ User::LeaveIfError(iVpnApi.GetPolicyDetails(policyOfInterest, aPolicyDetails));
+
+ LOG_("CVpnApiWrapper::GetPolicyDetailsL() - end");
+ }
+
+void CVpnApiWrapper::ImportPolicyL(const TDesC& aImportDir, MVpnApiWrapperCaller* aCaller)
+ {
+ LOG_("CVpnApiWrapper::ImportPolicyL() - begin");
+
+ if (iOngoingTask != ETaskNone)
+ {
+ User::Leave(KErrInUse);
+ }
+
+ iCaller = aCaller;
+ iImportDir.Copy(aImportDir);
+
+ iVpnApi.ImportPolicy(iImportDir, iStatus);
+
+ iOngoingTask = ETaskImportPolicies;
+ SetActive();
+ LOG_("CVpnApiWrapper::ImportPolicyL() - end");
+ }
+
+
+/***/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuicontainer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,279 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Management UI Container
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <akntitle.h> //for CAknTitlePane
+#include <barsread.h> //for TResourceReader
+#include <StringLoader.h>
+#include <eiktxlbx.h> //for listbox control
+#include <aknlists.h>
+#include <eikclbd.h>
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuicontainer.h"
+
+#ifdef __SERIES60_HELP
+#include <csxhelp/vpn.hlp.hrh> // for help context of VPN Management UI
+#endif //__SERIES60_HELP
+
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::CVpnManagementUiContainer(
+// CVpnManagementUiView& aParent, CVpnUiLoader& aLoader)
+// Constructor with parent
+// ---------------------------------------------------------
+//
+CVpnManagementUiContainer::CVpnManagementUiContainer(
+ CVpnManagementUiView& aParent, CVpnUiLoader& aLoader ) :
+ iParent ( aParent ), iLoader ( aLoader )
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::~CVpnManagementUiContainer()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiContainer::~CVpnManagementUiContainer()
+ {
+ delete iListBox;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::ConstructL(const TRect& aRect)
+// EPOC two phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::ConstructL(const TRect& aRect)
+ {
+ CreateWindowL();
+
+ TitlePaneTextsL();
+
+ CreateListBoxL();
+ ShowItemsL();
+
+ SetRect(aRect);
+ ActivateL();
+ }
+
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::SizeChanged()
+// Called by framework when the view size is changed
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::SizeChanged()
+ {
+ if (iListBox)
+ {
+ iListBox->SetRect(Rect());
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::CountComponentControls
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiContainer::CountComponentControls() const
+ {
+ return 1; // return nbr of controls inside this container
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::ComponentControl
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiContainer::ComponentControl(TInt aIndex) const
+ {
+ switch ( aIndex )
+ {
+ case 0:
+ return iListBox;
+ default:
+ return NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::HandleResourceChange
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::HandleResourceChange( TInt aType )
+ {
+ CCoeControl::HandleResourceChange(aType);
+
+ //Handle change in layout orientation
+ if (aType == KEikDynamicLayoutVariantSwitch ||
+ aType == KAknsMessageSkinChange )
+ {
+ TRect mainPaneRect;
+ AknLayoutUtils::LayoutMetricsRect(
+ AknLayoutUtils::EMainPane, mainPaneRect);
+ SetRect(mainPaneRect);
+ DrawNow();
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::DrawListBoxL()
+// Draws listbox
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::DrawListBoxL(
+ TInt aCurrentPosition, TInt aTopItem)
+ {
+ if (aCurrentPosition >= 0)
+ {
+ iListBox->SetTopItemIndex( aTopItem );
+ iListBox->SetCurrentItemIndex( aCurrentPosition );
+ }
+ ActivateL();
+ DrawNow();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::HandleControlEventL(
+// CCoeControl* aControl,TCoeEvent aEventType)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::HandleControlEventL(
+ CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+ {
+ }
+
+TKeyResponse CVpnManagementUiContainer::OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType)
+ {
+ if (aType!=EEventKey)
+ {
+ return EKeyWasNotConsumed;
+ }
+ switch (aKeyEvent.iCode)
+ {
+ case EKeyUpArrow:
+ if (iListBox)
+ {
+ return iListBox->OfferKeyEventL(aKeyEvent, aType);
+ }
+ break;
+ case EKeyDownArrow:
+ if (iListBox)
+ {
+ return iListBox->OfferKeyEventL(aKeyEvent, aType);
+ }
+ break;
+ case EKeyEnter:
+ case EKeyDevice3:
+ // Select button or enter key pressed, do default action
+ if (iListBox)
+ {
+ return iListBox->OfferKeyEventL(aKeyEvent, aType);
+ }
+ break;
+
+ default:
+ break;
+ }
+ return EKeyWasNotConsumed;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::TitlePaneTextsL
+// Initialized Title pane text
+// ---------------------------------------------------------
+//
+void CVpnManagementUiContainer::TitlePaneTextsL()
+ {
+ // first get StatusPane. Not owned
+ CEikStatusPane* statusPane = iEikonEnv->AppUiFactory()->StatusPane();
+ if (statusPane)
+ {
+ // then get TitlePane. Not owned
+ CAknTitlePane* titlePane = ( CAknTitlePane* ) statusPane->ControlL(
+ TUid::Uid( EEikStatusPaneUidTitle ) );
+
+ // set new titlepane text
+ TResourceReader reader;
+ iEikonEnv->CreateResourceReaderLC(reader, R_VPN_MANAGEMENT_TITLE);
+ titlePane->SetFromResourceL( reader );
+ CleanupStack::PopAndDestroy(); // reader
+ }
+ }
+
+void CVpnManagementUiContainer::CreateListBoxL()
+ {
+ iListBox = new(ELeave) CAknSettingStyleListBox;
+ iListBox->SetContainerWindowL( *this);
+
+ iListBox->ConstructL( this, EAknListBoxSelectionList);
+ iListBox->CreateScrollBarFrameL(ETrue);
+ iListBox->ScrollBarFrame()->SetScrollBarVisibilityL(
+ CEikScrollBarFrame::EOff,CEikScrollBarFrame::EAuto);
+ }
+
+
+void CVpnManagementUiContainer::ShowItemsL()
+ {
+ CDesCArrayFlat* itemTextArray =
+ static_cast<CDesCArrayFlat*>(iListBox->Model()->ItemTextArray());
+
+ itemTextArray->Reset();
+ iListBox->Reset();
+
+ HBufC* resourceText = NULL;
+
+ //Create VPN policies setting listbox item
+ resourceText = StringLoader::LoadLC( R_VPN_POLICIES );
+ itemTextArray->AppendL(*resourceText);
+ CleanupStack::PopAndDestroy(); // resourceText
+
+ //Create Policy servers setting listbox item
+ // Hide policy server from UI
+ // NSSM support is discontinued
+ // Policy server UI may be used for another purpose in future
+ // resourceText = StringLoader::LoadLC( R_VPN_POLICY_SERVERS );
+ // itemTextArray->AppendL(*resourceText);
+ // CleanupStack::PopAndDestroy(); // resourceText
+
+ //Create Log setting listbox item
+ resourceText = StringLoader::LoadLC( R_VPN_LOG );
+ itemTextArray->AppendL(*resourceText);
+ CleanupStack::PopAndDestroy(); // resourceText
+
+ iListBox->HandleItemAdditionL();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiContainer::GetHelpContext
+// This function is called when Help application is launched.
+// ---------------------------------------------------------
+//
+#ifdef __SERIES60_HELP
+void CVpnManagementUiContainer::GetHelpContext(
+ TCoeHelpContext& aContext ) const
+ {
+ aContext.iMajor = KUidVpnManagementUi;
+ aContext.iContext = KSET_HLP_VPN_CONFIG_MAIN;
+ }
+#endif //__SERIES60_HELP
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiimplementationtable.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,47 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* ECOM proxy table for this plugin
+*
+*/
+
+
+
+// System includes
+#include <e32std.h>
+#include <ecom/implementationproxy.h>
+
+// User includes
+#include "vpnmanagementuiview.h"
+
+// Constants
+const TImplementationProxy KVpnManagementUiImplementationTable[] =
+ {
+ IMPLEMENTATION_PROXY_ENTRY( 0x101F6D32, CVpnManagementUiView::NewL )
+ };
+
+
+// ---------------------------------------------------------------------------
+// ImplementationGroupProxy
+// Gate/factory function
+//
+// ---------------------------------------------------------------------------
+//
+EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
+ {
+ aTableCount = sizeof( KVpnManagementUiImplementationTable )
+ / sizeof( TImplementationProxy );
+ return KVpnManagementUiImplementationTable;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuilogcontainer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,690 @@
+/*
+* Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: The container is responsible of showing log viewer.
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <eikclbd.h>
+#include <AknIconArray.h>
+#include <aknlists.h>
+#include <aknmessagequerydialog.h> //for LOG details message query
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuilogcontainer.h"
+#include "vpnmanagementuidefs.h"
+#include "vpnmanagementui.hrh"
+#ifdef __SCALABLE_ICONS
+#include <AknsUtils.h>
+#include <vpnmanagementui.mbg>
+#endif //__SCALABLE_ICONS
+
+
+#ifdef __SERIES60_HELP
+#include <csxhelp/vpn.hlp.hrh> // for help context of VPN Management UI
+#endif //__SERIES60_HELP
+
+//CONSTANTS
+const TInt KVpnLogNumberOfIcons = 3;
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::CVpnManagementUiLogContainer(
+// CVpnManagementUiLogView& aParent, CVpnUiLoader& aLoader)
+// Constructor with parent
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogContainer::CVpnManagementUiLogContainer(
+ CVpnManagementUiLogView& aParent, CVpnUiLoader& aLoader ) :
+ iParent ( aParent ), iLoader ( aLoader )
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::~CVpnManagementUiLogContainer()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogContainer::~CVpnManagementUiLogContainer()
+ {
+ if(iEventViewer)
+ {
+ delete iEventViewer;
+ iEventViewer = NULL;
+ }
+ if(iLogList)
+ {
+ delete iLogList;
+ iLogList = NULL;
+ }
+ delete iListBox;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::ConstructL(
+// const TRect& aRect, TInt& aCurrentPosition, TInt& aTopItem)
+// EPOC two phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::ConstructL(
+ const TRect& aRect, TInt& /*aCurrentPosition*/ )
+ {
+ CreateWindowL();
+ CreateListBoxL();
+
+ ShowLogsL();
+ SetRect( aRect );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::SizeChanged()
+// Called by framework when the view size is changed
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::SizeChanged()
+ {
+ iListBox->SetRect(Rect());
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::FocusChanged(TDrawNow aDrawNow)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::FocusChanged(TDrawNow aDrawNow)
+ {
+ if ( iListBox )
+ {
+ iListBox->SetFocus( IsFocused(), aDrawNow );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::HandleResourceChange
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::HandleResourceChange( TInt aType )
+ {
+ CCoeControl::HandleResourceChange(aType);
+
+ //Handle change in layout orientation
+ if (aType == KEikDynamicLayoutVariantSwitch || aType == KAknsMessageSkinChange )
+ {
+ iListBox->HandleResourceChange(aType);
+ TRect mainPaneRect;
+ AknLayoutUtils::LayoutMetricsRect(AknLayoutUtils::EMainPane, mainPaneRect);
+ SetRect(mainPaneRect);
+ DrawNow();
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::HandleListBoxEventL(
+// CEikListBox* /*aListBox*/, TListBoxEvent aEventType)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::HandleListBoxEventL(
+ CEikListBox* /*aListBox*/, TListBoxEvent aEventType )
+ {
+ switch(aEventType)
+ {
+ case EEventEnterKeyPressed:
+ case EEventItemSingleClicked:
+ iParent.HandleCommandL(EVpnUiCmdLogDetails);
+ break;
+ default:
+ //Do nothing
+ break;
+ }
+ }
+enum { EListBoxControl, ENumberOfControls };
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::CountComponentControls() const
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiLogContainer::CountComponentControls() const
+ {
+ // return number of controls inside this container
+ return ENumberOfControls; // return nbr of controls inside this container
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::ComponentControl(TInt aIndex) const
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiLogContainer::ComponentControl(TInt aIndex) const
+ {
+ switch ( aIndex )
+ {
+ case 0:
+ return iListBox;
+ default:
+ return NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::HandleControlEventL(
+// CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+// Cannot be changed to non-leaving function.
+// L-function is required by the class definition, even if empty.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::HandleControlEventL(
+ CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::OfferKeyEventL(
+// const TKeyEvent& aKeyEvent, TEventCode aType)
+// Handles the key events OK button, arrow keys, delete key.
+// OK button show VPN log details,
+// if list is empty then arrow keys and OK inactive.
+// Delete active only if list not empty.
+// ---------------------------------------------------------
+//
+TKeyResponse CVpnManagementUiLogContainer::OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType)
+ {
+ TKeyResponse retval = EKeyWasNotConsumed;
+ if ( aType==EEventKey )
+ {
+ if ( (aKeyEvent.iCode == EKeyOK || aKeyEvent.iCode == EKeyEnter) && // select or enter
+ iListBox->CurrentItemIndex() > -1) //This is for empty list
+ {
+ // Selection key pressed.
+ LogDetailsL(iListBox->CurrentItemIndex());
+
+ retval = EKeyWasConsumed;
+ }
+
+ else if ( aKeyEvent.iCode == EKeyUpArrow )
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+ else if ( aKeyEvent.iCode == EKeyDownArrow )
+ {
+ TEventProperties eventProperties;
+ HBufC* eventText = NULL;
+ TInt currentPosition = iListBox->CurrentItemIndex();
+ if((iEventViewer != NULL) && (iLogList->Count() > 0))
+ {
+ iEventViewer->GetEventUsingEventNumber(eventText, iLogList->At(iLogList->Count() - 1).iEventNumber, eventProperties);
+ delete eventText;
+ }
+ UpdateListBoxL(currentPosition);
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+ }
+ else
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+
+
+ return retval;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::CreateListBoxL()
+// Creates listbox, sets empty listbox text.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::CreateListBoxL()
+ {
+ iListBox = new( ELeave ) CAknDoubleGraphicStyleListBox;
+ iListBox->SetContainerWindowL( *this );
+ iListBox->ConstructL( this, EAknListBoxSelectionList );
+ iListBox->CreateScrollBarFrameL( ETrue );
+ iListBox->ScrollBarFrame()->
+ SetScrollBarVisibilityL( CEikScrollBarFrame::EOff,CEikScrollBarFrame::EAuto );
+ iListBox->SetListBoxObserver(this);
+
+#ifdef __SCALABLE_ICONS
+
+ CArrayPtr< CGulIcon >* icons = new( ELeave ) CAknIconArray( KVpnLogNumberOfIcons );
+ CleanupStack::PushL( icons );
+
+ MAknsSkinInstance* skinInstance = AknsUtils::SkinInstance();
+
+ TFileName fileName = GetIconFilenameL();
+
+ icons->AppendL( AknsUtils::CreateGulIconL( skinInstance,
+ KAknsIIDQgnPropVpnLogInfo,
+ fileName,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_info,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_info_mask ) );
+
+ icons->AppendL( AknsUtils::CreateGulIconL( skinInstance,
+ KAknsIIDQgnPropVpnLogWarn,
+ fileName,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_warn,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_warn_mask ) );
+
+ icons->AppendL( AknsUtils::CreateGulIconL( skinInstance,
+ KAknsIIDQgnPropVpnLogError,
+ fileName,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_error,
+ EMbmVpnmanagementuiQgn_prop_vpn_log_error_mask ) );
+
+ iListBox->ItemDrawer()->ColumnData()->SetIconArray( icons );
+
+ CleanupStack::Pop(); // icons
+#else
+ CAknIconArray* icons = new(ELeave) CAknIconArray(KVpnLogNumberOfIcons);
+ icons->ConstructFromResourceL(R_VPN_LOG_ICON_ARRAY);
+
+ iListBox->ItemDrawer()->ColumnData()->SetIconArray(icons);
+
+#endif //__SCALABLE_ICONS
+
+ EmptyViewTextL();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::EmptyViewTextL()
+// Reads text from resource to empty log view
+// and put text to the listbox.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::EmptyViewTextL()
+ {
+ HBufC* stringHolder = StringLoader::LoadLC( R_VPN_LOG_EMPTY );
+ iListBox->View()->SetListEmptyTextL( *stringHolder );
+ CleanupStack::PopAndDestroy(); // stringHolder
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::RemoveAllFromListBoxL()
+// Removes all from listbox.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::RemoveAllFromListBoxL()
+ {
+ MDesCArray* itemList = iListBox->Model()->ItemTextArray();
+ CDesCArray* itemArray = (CDesCArray*) itemList;
+ itemArray->Reset();
+ iListBox->HandleItemRemovalL();
+ iListItemCount = 0;
+ DrawNow();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::DrawListBoxL(TInt aCurrentPosition, TInt aTopItem)
+// Draws listbox, fetches graphic icons for markable list
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::DrawListBoxL(
+ TInt aCurrentPosition, TInt aTopItem )
+ {
+
+ if (aCurrentPosition >= 0)
+ {
+ iListBox->SetTopItemIndex( aTopItem );
+ iListBox->SetCurrentItemIndex( aCurrentPosition );
+ }
+ ActivateL();
+ DrawNow();
+
+ }
+
+void CVpnManagementUiLogContainer::ShowLogsL()
+ {
+ iListItemCount = 0;
+
+ //Create CEventViewer object
+ delete iEventViewer;
+ iEventViewer = NULL;
+ TRAPD(error, iEventViewer = CEventViewer::NewL());
+ if (error != KErrNone)
+ return;
+
+ delete iLogList;
+ iLogList = NULL;
+ iLogList = new (ELeave) CArrayFixFlat<TEventProperties>(3);
+
+ CDesCArrayFlat* itemTextArray = static_cast<CDesCArrayFlat*>(iListBox->Model()->ItemTextArray());
+
+ itemTextArray->Reset();
+ iListBox->Reset();
+
+ TEventProperties eventProperties;
+ HBufC* eventText = NULL;
+
+ //First item
+ TBuf<100> itemName;
+ TInt ret = iEventViewer->GetMostRecentEvent(eventText, eventProperties);
+ if(ret==KErrNone)
+ {
+ CleanupStack::PushL(eventText);
+
+ iLogList->AppendL(eventProperties);
+
+ //append index of icon array
+ itemName.AppendNum(GetIconArrayIndex(eventProperties.iCategory));
+
+ itemName.Append(_L("\t"));
+
+ TPtr eventTextDesc(eventText->Des());
+ TInt length = eventTextDesc.Length();
+ if(length > KMaxLogListLength)
+ {
+ eventTextDesc.Delete(KMaxLogListLength, length-KMaxLogListLength);
+ }
+ itemName.Append(eventTextDesc);
+ CleanupStack::PopAndDestroy(); //eventText
+ itemName.Append(_L("\t"));
+
+ //Format time stamp for LOG view
+ TBuf<2 * KMaxLengthTextDateString + 3> logEntry;
+ TimeLogEntryL(logEntry, eventProperties.iTimeStamp);
+
+ itemName.Append(logEntry);
+
+ itemTextArray->AppendL(itemName);
+ iListBox->HandleItemAdditionL();
+ iListItemCount++;
+ //Get rest of events
+ while (ret==KErrNone)
+ {
+ TInt currentPosition = iListBox->CurrentItemIndex();
+ ret = UpdateListBoxL(currentPosition);
+ }
+
+ }
+
+ }
+
+TInt CVpnManagementUiLogContainer::GetIconArrayIndex(TLogCategory2& aCategory)
+ {
+ //index of icon array
+ if (aCategory == ELogInfo)
+ return 0; //index of icon array
+ else if (aCategory == ELogWarning)
+ return 1; //index of icon array
+ else if (aCategory == ELogError)
+ return 2; //index of icon array
+ else
+ return 2;
+ }
+
+
+void CVpnManagementUiLogContainer::TimeLogEntryL(TDes& aDes, TTime aTime)
+ {
+ // Date
+ HBufC* dateFormat = StringLoader::LoadLC(R_QTN_DATE_USUAL_WITH_ZERO);
+ TBuf<KMaxLengthTextDateString> dateString;
+ aTime.FormatL(dateString, *dateFormat);
+ AknTextUtils::DisplayTextLanguageSpecificNumberConversion(dateString);
+ CleanupStack::PopAndDestroy(); //dateFormat
+
+ // Time
+ dateFormat = StringLoader::LoadLC(R_QTN_TIME_USUAL_WITH_ZERO);
+ TBuf<KMaxLengthTextDateString> timeString;
+ aTime.FormatL(timeString, *dateFormat);
+ AknTextUtils::DisplayTextLanguageSpecificNumberConversion(timeString);
+ CleanupStack::PopAndDestroy(); //dateFormat
+
+// TBuf<KMaxShortDateFormatSpec*2> dateBuffer; // KMaxShortDateFormatSpec is defined in e32std.h
+// TBuf<KMaxTimeFormatSpec*2> timeBuffer; // KMaxTimeFormatSpec is defined in e32std.h
+
+ TBuf<2 * KMaxLengthTextDateString + 3> logEntry;
+
+ TTime now;
+ now.HomeTime();
+ if ( (now.YearsFrom( aTime ).Int() > 0) ||
+ (aTime.DayNoInYear() < now.DayNoInYear()) )
+ {
+ logEntry.Append(dateString);
+ logEntry.Append(KVpnManagementUiSpaceHyphenSpace);
+ }
+
+ logEntry.Append(timeString);
+ aDes = logEntry;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::UpdateListBoxL(TInt& aCurrentPosition)
+//
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiLogContainer::UpdateListBoxL(TInt& /*aCurrentPosition*/)
+ {
+ MDesCArray* itemList = iListBox->Model()->ItemTextArray();
+ CDesCArray* itemArray = ( CDesCArray* )itemList;
+
+ TEventProperties eventProperties;
+ HBufC* eventText = NULL;
+ TBuf<100> itemName;
+
+ //next item
+ if(iEventViewer != NULL)
+ {
+ TInt ret = iEventViewer->GetPreviousEvent(eventText, eventProperties);
+ if(ret==KErrNone)
+ {
+ CleanupStack::PushL(eventText);
+ iLogList->AppendL(eventProperties);
+
+ //append index of icon array
+ itemName.AppendNum(GetIconArrayIndex(eventProperties.iCategory));
+
+ itemName.Append(_L("\t"));
+
+ TPtr eventTextDesc(eventText->Des());
+ TInt length = eventTextDesc.Length();
+ if(length > KMaxLogListLength)
+ eventTextDesc.Delete(KMaxLogListLength, length-KMaxLogListLength);
+ itemName.Append(eventTextDesc);
+ CleanupStack::PopAndDestroy(); //eventText
+ itemName.Append(_L("\t"));
+
+ //Format time stamp for LOG view
+ TBuf<2 * KMaxLengthTextDateString + 3> logEntry;
+ TimeLogEntryL(logEntry, eventProperties.iTimeStamp);
+
+ itemName.Append(logEntry);
+
+ itemArray->AppendL(itemName);
+ iListBox->HandleItemAdditionL();
+ iListItemCount++;
+ }
+
+ iParent.SetMiddleSoftKeyL(ETrue);
+ return ret;
+
+ }
+
+ iParent.SetMiddleSoftKeyL(ETrue);
+ return KErrNotFound;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::LogDetailsL()
+// Creates the log details message query
+// Appends strings from resource and eventviewer to one
+// message body text and displays it.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::LogDetailsL(TInt aIndex)
+ {
+ TEventProperties eventProperties;
+ eventProperties = iLogList->At(aIndex);
+
+ HBufC* message = NULL;
+ HBufC* eventText = NULL;
+ iEventViewer->GetEventUsingEventNumber(eventText, eventProperties.iEventNumber, eventProperties);
+ CleanupStack::PushL( eventText );
+
+ if(eventProperties.iCategory == ELogInfo)
+ {
+ // Info:
+ message = StringLoader::LoadLC( R_VPN_DETAIL_LOG_ENTRY_INFO );
+ }
+
+ if(eventProperties.iCategory == ELogWarning)
+ {
+ // Warning:
+ message = StringLoader::LoadLC( R_VPN_DETAIL_LOG_ENTRY_WARNING );
+ }
+
+ if(eventProperties.iCategory == ELogError)
+ {
+ // Error:
+ message = StringLoader::LoadLC( R_VPN_DETAIL_LOG_ENTRY_ERROR );
+ }
+
+ HBufC* messageText = HBufC::NewLC(message->Length() + eventText->Length() + 2);
+
+ messageText->Des().Append(*message); //Append category
+ messageText->Des().Append(KVpnManagementUiSpace);
+ messageText->Des().Append(*eventText); //Append log entry message
+
+ // Heading is the date and the time of the log entry
+ //Format time stamp for LOG view
+ TBuf<2 * KMaxLengthTextDateString + 3> logEntry;
+ TimeLogEntryL(logEntry, eventProperties.iTimeStamp);
+
+ CAknMessageQueryDialog* dlg = CAknMessageQueryDialog::NewL(*messageText);
+
+ CleanupStack::PopAndDestroy(3); // message Text, message, eventText
+
+ dlg->PrepareLC(R_MESSAGE_QUERY_DETAILS_VIEW);
+ dlg->QueryHeading()->SetTextL(logEntry);
+ dlg->RunLD();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::ReadResourceL(HBufC& aText, TInt aResource);
+// Reads text from resource
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::ReadResourceL(HBufC& aText, TInt aResource)
+ {
+ HBufC* text = StringLoader::LoadLC( aResource );
+ aText.Des().Append(text->Des());
+ CleanupStack::PopAndDestroy(); // text
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::ClearLogL()
+// Asks confirmation from user.
+// Clears VPN log view.
+// Calls eventviewer to clear log.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogContainer::ClearLogL()
+ {
+ // Read query text from resource
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_CLEAR_LOG );
+
+ // Asks confirmation from user
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ // Clear VPN log listbox
+ RemoveAllFromListBoxL();
+
+ // Calls eventviewer to clear log.
+ iEventViewer->DeleteLogFile();
+ }
+
+ iParent.SetMiddleSoftKeyL(ETrue);
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::IconArrayResourceId
+// Loads Mark/Unmark icons from resource
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiLogContainer::IconArrayResourceId() const
+ {
+ return 0; //TVA
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::CreateIconArrayL
+// Creates Icon Array
+// ---------------------------------------------------------
+//
+CAknIconArray* CVpnManagementUiLogContainer::CreateIconArrayL() const
+ {
+ CAknIconArray* icons = new (ELeave) CAknIconArray( KGranularity );
+ CleanupStack::PushL( icons );
+ icons->ConstructFromResourceL( IconArrayResourceId() );
+ CleanupStack::Pop(); // icons
+ return icons;
+ }
+
+TFileName CVpnManagementUiLogContainer::GetIconFilenameL()
+ {
+ RFs& fsSession = CCoeEnv::Static()->FsSession();
+
+ TDriveList driveList;
+ User::LeaveIfError(fsSession.DriveList(driveList));
+
+ TInt driveNumber;
+ TDriveName drive = _L("a:");
+
+ TFileName iconName;
+
+ for (driveNumber = EDriveA, drive[0] = 'a';
+ driveNumber <= EDriveZ;
+ driveNumber++, drive[0]++)
+ {
+ if (!driveList[driveNumber])
+ {
+ continue;
+ }
+
+ TParse parse;
+ parse.Set(drive, &KVpnLogIcons, NULL);
+ iconName.Copy(parse.DriveAndPath());
+ iconName.Append(parse.Name());
+ iconName.Append(_L(".mif"));
+
+ TEntry entry;
+ if (fsSession.Entry(iconName, entry) == KErrNone)
+ {
+ //icon founded
+ break;
+ }
+ }
+
+ return iconName;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogContainer::GetHelpContext
+// This function is called when Help application is launched.
+// (other items were commented in a header).
+// ---------------------------------------------------------
+//
+#ifdef __SERIES60_HELP
+void CVpnManagementUiLogContainer::GetHelpContext(
+ TCoeHelpContext& aContext ) const
+ {
+ aContext.iMajor = KUidVpnManagementUi;
+ aContext.iContext = KSET_HLP_VPN_LOG_VIEW;
+ }
+#endif //__SERIES60_HELP
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuilogview.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,300 @@
+/*
+* Copyright (c) 2003 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles commands given through the UI for maintaining policies.
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <aknmessagequerydialog.h>
+#include <aknnotewrappers.h> // for warning & information notes
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuilogview.h"
+#include "vpnmanagementuilogcontainer.h"
+#include "vpnmanagementui.hrh"
+#ifdef __SERIES60_HELP
+#include <hlplch.h> // For HlpLauncher
+#endif //__SERIES60_HELP
+
+/** MSK control Id. */
+const TInt KVpnMSKControlId = 3;
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::CVpnManagementUiLogView(CVpnUiLoader& aLoader)
+// : iLoader(aLoader)
+// Constructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogView::CVpnManagementUiLogView( CVpnUiLoader& aLoader )
+: iLoader(aLoader)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::~CVpnManagementUiLogView()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogView::~CVpnManagementUiLogView()
+ {
+ if ( iLogContainer )
+ {
+ AppUi()->RemoveFromViewStack(*this, iLogContainer);
+ delete iLogContainer;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView* CVpnManagementUiLogView::NewL(
+// const TRect& /*aRect*/, CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogView* CVpnManagementUiLogView::NewL(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiLogView* self =
+ new ( ELeave ) CVpnManagementUiLogView( aLoader );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView* CVpnManagementUiLogView::NewLC(
+// const TRect& /*aRect*/, CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CVpnManagementUiLogView* CVpnManagementUiLogView::NewLC(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiLogView* self =
+ new ( ELeave ) CVpnManagementUiLogView( aLoader );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::ConstructL()
+// CVpnUiView::ConstructL(const TRect& aRect)
+// EPOC two-phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::ConstructL()
+ {
+ BaseConstructL( R_VPNUI_LOG_VIEW );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::DynInitMenuPaneL(
+// TInt aResourceId,CEikMenuPane* aMenuPane)
+// Updates Options list with correct items depending on
+// whether the listbox is empty or if it has any marked items
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::DynInitMenuPaneL(TInt aResourceId, CEikMenuPane* aMenuPane)
+ {
+
+ if ( aResourceId == R_VPNUI_LOG_VIEW_MENU )
+ {
+ TInt currentItem = iLogContainer->iListBox->CurrentItemIndex();
+
+ // the VPN log list is empty all except Refresh, Help and Exit is dimmed
+ if ( currentItem == -1 )
+ {
+ aMenuPane->SetItemDimmed( EVpnUiCmdLogDetails, ETrue );
+ aMenuPane->SetItemDimmed( EVpnUiCmdClearLog, ETrue );
+// aMenuPane->SetItemDimmed( EVpnUiCmdRefreshLog, ETrue );
+ }
+
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::Id() const
+// Returns Authority view id
+// ---------------------------------------------------------
+//
+TUid CVpnManagementUiLogView::Id() const
+ {
+ return KVpnManagementUiLogViewId;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::HandleCommandL(TInt aCommand)
+// Handles Softkey and Options list commands
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::HandleCommandL( TInt aCommand )
+ {
+ switch ( aCommand )
+ {
+ case EAknSoftkeyBack:
+ {
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ break;
+ }
+ case EAknCmdExit:
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->HandleCommandL( EAknCmdExit );
+ break;
+ }
+
+ case EVpnUiCmdRefreshLog:
+ {
+ iLogContainer->ShowLogsL();
+ iLogContainer->DrawListBoxL( iCurrentPosition, iTopItem );
+ break;
+ }
+
+ case EVpnUiCmdLogDetails:
+ {
+ iLogContainer->LogDetailsL(iLogContainer->iListBox->CurrentItemIndex());
+ break;
+ }
+
+ case EVpnUiCmdClearLog:
+ {
+ iLogContainer->ClearLogL();
+ break;
+ }
+#ifdef __SERIES60_HELP
+ case EAknCmdHelp:
+ {
+ HlpLauncher::LaunchHelpApplicationL(
+ iEikonEnv->WsSession(), AppUi()->AppHelpContextL() );
+ break;
+ }
+#endif //__SERIES60_HELP
+
+ default:
+ {
+ AppUi()->HandleCommandL( aCommand );
+ break;
+ }
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::HandleClientRectChange()
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::HandleClientRectChange()
+ {
+ if ( iLogContainer )
+ {
+ iLogContainer->SetRect( ClientRect() );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::DoActivateL(const TVwsViewId& /*aPrevViewId*/,
+// TUid /*aCustomMessageId*/, const TDesC8& /*aCustomMessage*/)
+// Updates the view when opening it
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::DoActivateL(
+ const TVwsViewId& /*aPrevViewId*/,
+ TUid /*aCustomMessageId*/, const TDesC8& /*aCustomMessage*/)
+ {
+ if ( iLogContainer )
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveFromViewStack(
+ *this, iLogContainer );
+ }
+ iLogContainer = new (ELeave) CVpnManagementUiLogContainer(
+ *this, iLoader );
+
+ iLogContainer->SetMopParent( this );
+ iLogContainer->ConstructL( ClientRect(), iCurrentPosition );
+ iLoader.ActivateTitleL( KViewTitleLogView );
+
+ iLoader.ActivateNaviTextL();
+ iLoader.PushNaviPaneL();
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddToStackL( *this, iLogContainer );
+ iLogContainer->DrawListBoxL( iCurrentPosition, iTopItem );
+
+ // Add MiddleSoftKey
+ SetMiddleSoftKeyL(EFalse);
+ }
+
+
+void CVpnManagementUiLogView::SetMiddleSoftKeyL(TBool aDrawNow)
+ {
+ if (iLogContainer->iListItemCount > 0)
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_VPN_DETAILS, EVpnUiCmdLogDetails);
+ }
+ else
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_REFRESH_VPN_LOG, EVpnUiCmdRefreshLog);
+ }
+
+ if (aDrawNow)
+ {
+ if (Cba())
+ Cba()->DrawNow();
+ }
+ }
+
+
+void CVpnManagementUiLogView::SetMiddleSoftKeyLabelL(TInt aResourceId, TInt aCommandId)
+ {
+ CEikButtonGroupContainer* cbaGroup = Cba();
+ if (cbaGroup)
+ {
+ cbaGroup->RemoveCommandFromStack(KVpnMSKControlId, EVpnUiCmdLogDetails);
+ cbaGroup->RemoveCommandFromStack(KVpnMSKControlId, EVpnUiCmdRefreshLog);
+ HBufC* text = StringLoader::LoadLC(aResourceId);
+ cbaGroup->AddCommandToStackL(KVpnMSKControlId, aCommandId, text->Des());
+ CleanupStack::PopAndDestroy(text);
+ }
+
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::DoDeactivate()
+// Saves focus position when closing view
+// ---------------------------------------------------------
+//
+void CVpnManagementUiLogView::DoDeactivate()
+ {
+ if ( iLogContainer )
+ {
+ iLoader.PopNaviPane();
+ AppUi()->RemoveFromViewStack( *this, iLogContainer );
+
+ delete iLogContainer;
+ iLogContainer = NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiLogView::Container()
+// Returns iLogContainer
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiLogView::Container()
+ {
+ return iLogContainer;
+ }
+
+// End of File
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuipolicycontainer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,643 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Policy view container
+*
+*/
+
+#include <eikclbd.h>
+#include <AknIconArray.h>
+#include <AknQueryDialog.h>
+#include <aknnotewrappers.h>
+#include <sysutil.h>
+#include <ErrorUI.h>
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuipolicycontainer.h"
+#include "vpnmanagementui.hrh"
+
+
+#ifdef __SERIES60_HELP
+#include <csxhelp/vpn.hlp.hrh> // for help context of VPN Management UI
+#endif //__SERIES60_HELP
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::CVpnManagementUiPolicyContainer(
+// CVpnManagementUiPolicyView& aParent, CVpnUiLoader& aLoader)
+// Constructor with parent
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyContainer::CVpnManagementUiPolicyContainer(
+ CVpnManagementUiPolicyView& aParent, CVpnUiLoader& aLoader ) :
+ iParent ( aParent ), iLoader ( aLoader )
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::~CVpnManagementUiPolicyContainer()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyContainer::~CVpnManagementUiPolicyContainer()
+ {
+ delete iListBox;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::ConstructL(
+// const TRect& aRect, TInt& aCurrentPosition, TInt& aTopItem)
+// EPOC two phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::ConstructL(
+ const TRect& aRect, TInt& /*aCurrentPosition*/, TInt& /*aTopItem*/ )
+ {
+ CreateWindowL();
+ CreateListBoxL();
+
+ //Initialization
+ iShowWaitNote = EFalse;
+
+ ShowPoliciesL();
+ SetRect( aRect );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::ActivateL()
+// called after the dialog is shown
+// used to handle empty list - query
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::ActivateL()
+ {
+ CCoeControl::ActivateL();
+ // put empty list checking & required actions here.
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ if (!iLoader.iBackFromServerDefinition)
+ {
+ PoliciesListEmptyL();
+ }
+ if (iLoader.iNewServerDefinition)
+ {//Synchronise server query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_SYNCHRONISE_SERVER );
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ //Show wait dialog
+ //ShowWaitNoteL(); called now from NotifyStepChangedL
+ iShowWaitNote = ETrue;
+ // Get selection neme for connecting via note
+ // and save it to the member variable of iLoader
+ iLoader.GetSelectionNameL( iLoader.iSelectionName );
+
+ //Save server index for Connecting via note
+ iLoader.iCurrentServerIndex = 0;
+ //Synchronise server
+ iLoader.AcuApiWrapperL().SynchroniseServerL(0,this);
+
+ //Set iNewServerDefinition to false, because
+ //we are now synchronised server
+ iLoader.iNewServerDefinition = EFalse;
+ }
+ } ***/
+ }
+
+void CVpnManagementUiPolicyContainer::PoliciesListEmptyL()
+ {
+ if (iListItemCount == 0)
+ {
+ //Set iNewServerDefinition to false, because
+ //we don't want to show note
+ //"new server defined synchronise now"
+ iLoader.iNewServerDefinition = EFalse;
+ // no policies installed, confirmation query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DL_POLICIES_NOW );
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ { // start policy install procedure
+ InstallPoliciesL();
+ }
+ }
+ }
+
+void CVpnManagementUiPolicyContainer::InstallPoliciesL()
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ CArrayFix<TAcuApiServerListElem>* serverList = iLoader.AcuApiWrapperL().ServerListL();
+ TInt serverCount = serverList->Count();
+
+ //if policy servers defined show policy server list query
+ if (serverCount > 0 )
+ {
+ TInt index = 0;
+ CDesCArrayFlat *array = new(ELeave) CDesCArrayFlat(1);
+ CleanupStack::PushL(array);
+
+ for (TInt i = 0; i < serverCount; ++i)
+ {
+ TBuf<KAcuMaxServerNameLocalLth+2> serverName;
+ serverName.Append(serverList->At(i).iServerNameLocal);
+ array->AppendL(serverName);
+ }
+ CAknListQueryDialog* dlg = new (ELeave) CAknListQueryDialog(&index);
+ dlg->PrepareLC( R_LIST_QUERY );
+ dlg->SetItemTextArray(array);
+ dlg->SetOwnershipType(ELbmDoesNotOwnItemArray);
+
+ TInt queryOk = dlg->RunLD();
+ if(queryOk == EAknSoftkeyOk || queryOk == EAknSoftkeySelect)
+ {
+ TBool selectionExists = iLoader.SelectionExistsL( index );
+
+ if( selectionExists )
+ {
+ //Save server index for Connecting via note
+ iLoader.iCurrentServerIndex = index;
+ //Show wait dialog
+ iShowWaitNote = ETrue;
+ // Get selection neme for connecting via note
+ // and save it to the member variable of iLoader
+ iLoader.GetSelectionNameL( iLoader.iSelectionName );
+
+ iLoader.AcuApiWrapperL().SynchroniseServerL( index, this );
+ }
+ }
+ CleanupStack::PopAndDestroy(); // array
+
+ }
+ else
+ { ***/
+ //No policy servers defined show define new policy
+ //server conrirmation query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DEFINE_NEW_SERVER );
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ if (!SysUtil::FFSSpaceBelowCriticalLevelL(0, 0))
+ {
+ iLoader.iBackFromServerDefinition = ETrue;
+ iLoader.ChangeViewL(KChangeViewSettings);
+ }
+ else
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ }
+ // }
+ }
+
+void CVpnManagementUiPolicyContainer::SynchroniseServerL()
+ {
+/*NOT USED ANYMORE
+ //Conrirmation query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_SYNCHRONISE_SERVER );
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ TInt currentPosition = iListBox->CurrentItemIndex();
+ iLoader.iAcuApiWrapper->SynchroniseServer(currentPosition, this);
+ }
+*/
+ }
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::SizeChanged()
+// Called by framework when the view size is changed
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::SizeChanged()
+ {
+ iListBox->SetRect(Rect());
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::FocusChanged(TDrawNow aDrawNow)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::FocusChanged(TDrawNow aDrawNow)
+ {
+ if ( iListBox )
+ {
+ iListBox->SetFocus( IsFocused(), aDrawNow );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::HandleResourceChangeL
+// ---------------------------------------------------------
+//
+
+void CVpnManagementUiPolicyContainer::HandleResourceChange( TInt aType )
+ {
+ CCoeControl::HandleResourceChange(aType);
+
+ //Handle change in layout orientation
+ if (aType == KEikDynamicLayoutVariantSwitch || aType == KAknsMessageSkinChange )
+ {
+ iListBox->HandleResourceChange(aType);
+ TRect mainPaneRect;
+ AknLayoutUtils::LayoutMetricsRect(AknLayoutUtils::EMainPane, mainPaneRect);
+ SetRect(mainPaneRect);
+ DrawNow();
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::HandleListBoxEventL(
+// CEikListBox* /*aListBox*/, TListBoxEvent aEventType)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::HandleListBoxEventL(
+ CEikListBox* /*aListBox*/, TListBoxEvent aEventType )
+ {
+ switch(aEventType)
+ {
+ case EEventEnterKeyPressed:
+ case EEventItemSingleClicked:
+ iParent.HandleCommandL(EVpnUiCmdPolicyDetails);
+ break;
+ default:
+ //Do nothing
+ break;
+ }
+ }
+enum { EListBoxControl, ENumberOfControls };
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::CountComponentControls() const
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiPolicyContainer::CountComponentControls() const
+ {
+ // return number of controls inside this container
+ return ENumberOfControls; // return nbr of controls inside this container
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::ComponentControl(TInt aIndex) const
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiPolicyContainer::ComponentControl(TInt aIndex) const
+ {
+ switch ( aIndex )
+ {
+ case 0:
+ return iListBox;
+ default:
+ return NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::HandleControlEventL(
+// CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+// Cannot be changed to non-leaving function.
+// L-function is required by the class definition, even if empty.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::HandleControlEventL(
+ CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::OfferKeyEventL(
+// const TKeyEvent& aKeyEvent, TEventCode aType)
+// Handles the key events OK button, arrow keys, delete key.
+// OK button functionality is different depending on the number of marked items
+// in the list; zero marked -> show details view, one or more marked -> show
+// OKOptions list, list empty -> OK inactive.
+// Delete active only if list not empty.
+// ---------------------------------------------------------
+//
+TKeyResponse CVpnManagementUiPolicyContainer::OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType)
+ {
+
+ // If operation is currenly onway, do not continue.
+ TKeyResponse retval = EKeyWasNotConsumed;
+ if ( aType==EEventKey )
+ {
+ if ( (aKeyEvent.iCode == EKeyOK || aKeyEvent.iCode == EKeyEnter) && // select or enter
+ iListBox->CurrentItemIndex() > -1) //This is for empty list
+ {
+ // Selection key pressed.
+ iParent.PolicyDetailsL(iListBox->CurrentItemIndex());
+
+ retval = EKeyWasConsumed;
+ }
+
+ else if ( aKeyEvent.iCode == EKeyDelete
+ || aKeyEvent.iCode == EKeyBackspace )
+ {
+ if ( iListBox->CurrentItemIndex() > -1 )
+ {
+ iParent.HandleCommandL( EVpnUiCmdDeletePolicy );
+ retval = EKeyWasConsumed;
+ }
+ }
+ else
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+ }
+ else
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+
+
+ return retval;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::CreateListBoxL()
+// Creates listbox, sets empty listbox text.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::CreateListBoxL()
+ {
+
+ iListBox = new( ELeave ) CAknSingleStyleListBox;
+ iListBox->SetContainerWindowL( *this );
+ iListBox->ConstructL( this, EAknListBoxMarkableList );
+ iListBox->CreateScrollBarFrameL( ETrue );
+ iListBox->ScrollBarFrame()->
+ SetScrollBarVisibilityL( CEikScrollBarFrame::EOff,CEikScrollBarFrame::EAuto );
+ iListBox->SetListBoxObserver(this);
+
+ HBufC* stringHolder = StringLoader::LoadLC( R_VPN_POLICIES_EMPTY );
+ iListBox->View()->SetListEmptyTextL( *stringHolder );
+ CleanupStack::PopAndDestroy(); // stringHolder
+
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::DrawListBoxL(TInt aCurrentPosition, TInt aTopItem)
+// Draws listbox, fetches graphic icons for markable list
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::DrawListBoxL(
+ TInt aCurrentPosition, TInt aTopItem )
+ {
+
+ if (aCurrentPosition >= 0)
+ {
+ iListBox->SetTopItemIndex( aTopItem );
+ iListBox->SetCurrentItemIndex( aCurrentPosition );
+ }
+ ActivateL();
+ DrawNow();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::UpdateListBoxL(TInt& aCurrentPosition)
+// Updates listbox after deletion, sets No VPN policies text
+// if deleted policy was a last one.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::UpdateListBoxL( TInt& aCurrentPosition )
+ {
+ MDesCArray* itemList = iListBox->Model()->ItemTextArray();
+ CDesCArray* itemArray = ( CDesCArray* )itemList;
+
+ itemArray->Delete(aCurrentPosition);
+ itemArray->Compress();
+
+ iListBox->HandleItemRemovalL();
+ if(aCurrentPosition > 0)
+ {
+ iListBox->SetCurrentItemIndexAndDraw(aCurrentPosition-1);
+ }
+ if(aCurrentPosition == 0 )
+ {
+ if (iListItemCount > 1 )
+ {
+ iListBox->SetCurrentItemIndexAndDraw(aCurrentPosition);
+ }
+ else
+ {
+ HBufC* stringHolder = StringLoader::LoadLC( R_VPN_POLICIES_EMPTY );
+ iListBox->View()->SetListEmptyTextL( *stringHolder );
+ CleanupStack::PopAndDestroy(); // stringHolder
+ }
+ }
+ iListItemCount = iListItemCount -1;
+ iParent.SetMiddleSoftKeyL(ETrue);
+ DrawNow();
+ }
+
+void CVpnManagementUiPolicyContainer::ShowPoliciesL()
+ {
+ CArrayFixFlat<TVpnPolicyInfo>* policyList =
+ iLoader.VpnApiWrapperL().PolicyListL();
+
+ CDesCArrayFlat* itemTextArray =
+ static_cast<CDesCArrayFlat*>(iListBox->Model()->ItemTextArray());
+
+ itemTextArray->Reset();
+ iListBox->Reset();
+
+ iListItemCount = policyList->Count();
+
+ for (TInt i = 0; i < iListItemCount; ++i)
+ {
+ TBuf<KMaxNameLength+2> policyName;
+ policyName.Append(_L("\t"));
+ policyName.Append(policyList->At(i).iName);
+ itemTextArray->AppendL(policyName);
+ }
+
+ iListBox->HandleItemAdditionL();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer:::UpdatePolicy
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyContainer::UpdatePolicyL(TVpnPolicyId /* aPolicyId */)
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ TBool selectionExists = iLoader.SelectionExistsL( 0 );
+
+ if( selectionExists )
+ {
+ // Get selection name for connecting via note
+ // and save it to the member variable of iLoader
+ iLoader.GetSelectionNameL( iLoader.iSelectionName );
+
+ iLoader.ShowWaitNoteL();
+ TAcuContentId contentId;
+ contentId.iContentId = aPolicyId;
+ iLoader.AcuApiWrapperL().UpdatePolicyL( contentId, this );
+ } ***/
+ }
+
+
+void CVpnManagementUiPolicyContainer::NotifyUpdatePolicyCompleteL(
+ TInt aResult)
+ {
+ if ( iLoader.iWaitDialog )
+ {
+ iLoader.DeleteWaitNoteL();//iWaitDialog->ProcessFinishedL(); // deletes the wait dialog
+ }
+
+ if (aResult == KErrNone)
+ {
+ //Confirmation note
+ HBufC* string = StringLoader::LoadLC( R_VPN_CONF_POLICY_UPDATE_COMPLETE );
+ CAknConfirmationNote* note = new ( ELeave ) CAknConfirmationNote( ETrue );
+ note->ExecuteLD( *string );
+ CleanupStack::PopAndDestroy( string );
+ }
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ else if (aResult == KAcuErrServerCertExpiredByPkiService)
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_SERVER_CERT_EXPIRED );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ } ***/
+ else if (aResult == KErrDiskFull)
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ else if (aResult == KErrCancel)
+ {
+ // No operation, i.e. don't show anything
+ }
+ else
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_POLICY_DL_ERROR );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+ }
+
+void CVpnManagementUiPolicyContainer::NotifySynchroniseServerCompleteL(TInt aResult)
+ {
+ //CloseWaitDialog();
+
+ if ( iLoader.iWaitDialog )
+ {
+ iLoader.DeleteWaitNoteL();//iWaitDialog->ProcessFinishedL(); // deletes the wait dialog
+ }
+
+ if (aResult == KErrNone)
+ {
+ //Confirmation note
+ HBufC* string = StringLoader::LoadLC( R_VPN_CONF_POLICY_SERVER_SYNC_OK );
+ CAknConfirmationNote* note = new ( ELeave ) CAknConfirmationNote( ETrue );
+ note->ExecuteLD( *string );
+ CleanupStack::PopAndDestroy( string );
+ }
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ else if (aResult == KAcuErrServerCertExpiredByPkiService)
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_SERVER_CERT_EXPIRED );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ } ***/
+ else if (aResult == KErrDiskFull)
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ else if (aResult == KErrCancel)
+ {
+ // No operation, i.e. don't show anything
+ }
+ else
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_POLICY_SERVER_SYNC_ERROR );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+
+ ShowPoliciesL();
+ iParent.SetMiddleSoftKeyL(ETrue);
+ }
+
+
+void CVpnManagementUiPolicyContainer::NotifyStepChangedL(TInt /*aResult*/)
+ {
+ if (iShowWaitNote)
+ {
+ iLoader.ShowWaitNoteL();
+ iShowWaitNote = EFalse;
+ }
+ if ( iLoader.iWaitDialog )
+ {
+ iLoader.SetTextL();
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyContainer::GetHelpContext
+// This function is called when Help application is launched.
+// (other items were commented in a header).
+// ---------------------------------------------------------
+//
+#ifdef __SERIES60_HELP
+void CVpnManagementUiPolicyContainer::GetHelpContext(
+ TCoeHelpContext& aContext ) const
+ {
+ aContext.iMajor = KUidVpnManagementUi;
+ aContext.iContext = KSET_HLP_VPN_POLICY_VIEW;
+ }
+#endif //__SERIES60_HELP
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuipolicyview.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,438 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN Policy view
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <aknmessagequerydialog.h>
+#include <aknnotewrappers.h> // for warning & information notes
+#include <vpnmanagementuirsc.rsg>
+#include <cdblen.h>
+
+#include "vpnuiloader.h"
+#include "vpnmanagementuipolicyview.h"
+#include "vpnmanagementuipolicycontainer.h"
+#include "vpnmanagementui.hrh"
+#ifdef __SERIES60_HELP
+#include <hlplch.h> // For HlpLauncher
+#endif //__SERIES60_HELP
+
+/** MSK control Id. */
+const TInt KVpnMSKControlId = 3;
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::CVpnManagementUiPolicyView
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyView::CVpnManagementUiPolicyView(
+ CVpnUiLoader& aLoader ) : iLoader(aLoader)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::~CVpnManagementUiPolicyView()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyView::~CVpnManagementUiPolicyView()
+ {
+ if ( iPolicyContainer )
+ {
+ AppUi()->RemoveFromViewStack(*this, iPolicyContainer);
+ delete iPolicyContainer;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::NewL
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyView* CVpnManagementUiPolicyView::NewL(
+ const TRect& aRect, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiPolicyView* self = NewLC( aRect, aLoader );
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::NewLC
+// ---------------------------------------------------------
+//
+CVpnManagementUiPolicyView* CVpnManagementUiPolicyView::NewLC(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiPolicyView* self =
+ new ( ELeave ) CVpnManagementUiPolicyView( aLoader );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::ConstructL()
+// EPOC two-phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::ConstructL()
+ {
+ BaseConstructL( R_VPNUI_POLICIES_VIEW );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::DynInitMenuPaneL(
+// TInt aResourceId,CEikMenuPane* aMenuPane)
+// Updates Options list with correct items depending on
+// whether the listbox is empty or if it has any marked items
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::DynInitMenuPaneL(TInt aResourceId, CEikMenuPane* aMenuPane)
+ {
+ if ( aResourceId == R_VPNUI_POLICIES_VIEW_MENU )
+ {
+ TInt currentItem = iPolicyContainer->iListBox->CurrentItemIndex();
+
+ // the policy list is empty all except Install and Exit is dimmed
+ if ( currentItem == -1 )
+ {
+ aMenuPane->SetItemDimmed( EVpnUiCmdPolicyDetails, ETrue );
+ aMenuPane->SetItemDimmed( EVpnUiCmdDeletePolicy, ETrue );
+ aMenuPane->SetItemDimmed( EVpnUiCmdUpdatePolicy, ETrue );
+ // NSSM support is discontinued
+ aMenuPane->SetItemDimmed( EVpnUiCmdInstallPolicies, ETrue );
+ }
+ // at least one policy is installed,
+ else
+ {
+ aMenuPane->SetItemDimmed( EVpnUiCmdInstallPolicies, ETrue );
+ // NSSM support is discontinued
+ aMenuPane->SetItemDimmed( EVpnUiCmdUpdatePolicy, ETrue );
+ }
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::Id() const
+// Returns Authority view id
+// ---------------------------------------------------------
+//
+TUid CVpnManagementUiPolicyView::Id() const
+ {
+ return KVpnManagementUiPolicyViewId;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::HandleCommandL(TInt aCommand)
+// Handles Softkey and Options list commands
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::HandleCommandL( TInt aCommand )
+ {
+ TBool ffsLow;
+ switch ( aCommand )
+ {
+ case EAknSoftkeyBack:
+ {
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ break;
+ }
+ case EAknCmdExit:
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->HandleCommandL( EAknCmdExit );
+ break;
+ }
+
+ case EVpnUiCmdPolicyDetails:
+ {
+ // Show details
+ PolicyDetailsL(iPolicyContainer->iListBox->CurrentItemIndex());
+ break;
+ }
+
+ case EVpnUiCmdInstallPolicies:
+ {
+ ffsLow = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if(!ffsLow)
+ {
+ iPolicyContainer->InstallPoliciesL();
+ }
+ break;
+ }
+ case EVpnUiCmdUpdatePolicy:
+ {
+ ffsLow = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if(!ffsLow)
+ {
+ iCurrentPosition = iPolicyContainer->iListBox->CurrentItemIndex();
+ //Save policy index for Connecting via note
+ iLoader.iCurrentPolicyIndex = iCurrentPosition;
+ //Save update operation for Connecting via note
+ iLoader.iPolicyUpdate = ETrue;
+
+ TVpnPolicyInfo policyInfo;
+ policyInfo.iId = iLoader.VpnApiWrapperL().PolicyListL()->At(
+ iCurrentPosition).iId;
+ iPolicyContainer->UpdatePolicyL(policyInfo.iId);
+ }
+ break;
+ }
+
+ case EVpnUiCmdDeletePolicy:
+ {
+ //confirmation query
+ HBufC* temp;
+
+ TVpnPolicyName policyName;
+ iCurrentPosition = iPolicyContainer->iListBox->CurrentItemIndex();
+ iTopItem = iPolicyContainer->iListBox->TopItemIndex();
+
+ if (NotAssociatedToIapL(iCurrentPosition, policyName))
+ {
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DELETE_POLICY, policyName );
+ }
+ else
+ {
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DELETE_POLICY_ASSOCIATED );
+ }
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ //Delete policy
+ iLoader.VpnApiWrapperL().DeletePolicyL(iPolicyContainer->iListBox->CurrentItemIndex());
+ //Update listbox
+ iPolicyContainer->UpdateListBoxL(iCurrentPosition);
+ //Update iPolicyList
+ iLoader.VpnApiWrapperL().PolicyListL();
+ iCurrentPosition = iPolicyContainer->iListBox->CurrentItemIndex();
+ }
+ break;
+ }
+#ifdef __SERIES60_HELP
+ case EAknCmdHelp:
+ {
+ HlpLauncher::LaunchHelpApplicationL(
+ iEikonEnv->WsSession(), AppUi()->AppHelpContextL() );
+ break;
+ }
+#endif //__SERIES60_HELP
+
+ default:
+ {
+ AppUi()->HandleCommandL( aCommand );
+ break;
+ }
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::HandleClientRectChange()
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::HandleClientRectChange()
+ {
+ if ( iPolicyContainer )
+ {
+ iPolicyContainer->SetRect( ClientRect() );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::DoActivateL
+// Updates the view when opening it
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::DoActivateL(
+ const TVwsViewId& /*aPrevViewId*/,
+ TUid /*aCustomMessageId*/, const TDesC8& /*aCustomMessage*/)
+ {
+ if ( iPolicyContainer )
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveFromViewStack(
+ *this, iPolicyContainer );
+ }
+ iPolicyContainer = new (ELeave) CVpnManagementUiPolicyContainer(
+ *this, iLoader );
+
+ iPolicyContainer->SetMopParent( this );
+ iPolicyContainer->ConstructL(
+ ClientRect(), iCurrentPosition, iTopItem );
+ iLoader.ActivateTitleL( KViewTitlePolicyView );
+ iLoader.PushDefaultNaviPaneL();
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddToStackL( *this, iPolicyContainer );
+ iPolicyContainer->DrawListBoxL( iCurrentPosition, iTopItem );
+
+ SetMiddleSoftKeyL(EFalse);
+ }
+
+void CVpnManagementUiPolicyView::SetMiddleSoftKeyL(TBool aDrawNow)
+ {
+ if (iPolicyContainer->iListItemCount > 0)
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_VPN_DETAILS, EVpnUiCmdPolicyDetails);
+ }
+ else
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_INSTALL_VPN_POLICIES, EVpnUiCmdInstallPolicies);
+ }
+
+ if (aDrawNow)
+ {
+ if (Cba())
+ Cba()->DrawNow();
+ }
+ }
+
+
+void CVpnManagementUiPolicyView::SetMiddleSoftKeyLabelL(
+ TInt aResourceId, TInt aCommandId)
+ {
+ CEikButtonGroupContainer* cbaGroup = Cba();
+ if (cbaGroup)
+ {
+ HBufC* text = HBufC::NewLC(KMaxLengthTextDetailsBody);
+ ReadResourceL(*text, aResourceId);
+ cbaGroup->RemoveCommandFromStack(
+ KVpnMSKControlId, EVpnUiCmdPolicyDetails);
+ cbaGroup->RemoveCommandFromStack(
+ KVpnMSKControlId, EVpnUiCmdInstallPolicies);
+ cbaGroup->AddCommandToStackL(
+ KVpnMSKControlId, aCommandId, text->Des());
+ CleanupStack::PopAndDestroy(text);
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::DoDeactivate()
+// Saves focus position when closing view
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::DoDeactivate()
+ {
+ if ( iPolicyContainer )
+ {
+ AppUi()->RemoveFromViewStack( *this, iPolicyContainer );
+
+ delete iPolicyContainer;
+ iPolicyContainer = NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::Container()
+// Returns iPolicyContainer
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiPolicyView::Container()
+ {
+ return iPolicyContainer;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::PolicyDetailsL()
+// Creates the whole of policy details view
+// Appends strings from both resources and VPN API to one
+// message body text and displays it.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::PolicyDetailsL(TInt aIndex)
+ {
+ TVpnPolicyDetails policyDetails;
+
+ iLoader.VpnApiWrapperL().GetPolicyDetailsL(aIndex,policyDetails);
+ HBufC* message = HBufC::NewLC(KMaxLengthTextDetailsBody);
+
+ // Description:
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_DESCRIPTION );
+ message->Des().Append(KVpnManagementUiEnter);
+ message->Des().Append(policyDetails.iDescription);
+ message->Des().Append(KVpnManagementUiEnterTwice);
+
+ // Policy status:
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_STATUS );
+ message->Des().Append(KVpnManagementUiEnter);
+
+ if (policyDetails.iUsageStatus == EUsageStatusUnused)
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_NOT_ASSOCIATED );
+ else if (policyDetails.iUsageStatus == EUsageStatusAssignedToIap)
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_ASSOCIATED );
+ else if (policyDetails.iUsageStatus == EUsageStatusActive)
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_ACTIVE );
+
+ message->Des().Append(KVpnManagementUiEnterTwice);
+
+ // Certificate status:
+ ReadResourceL(*message, R_VPN_DETAIL_CERT_STATUS );
+ message->Des().Append(KVpnManagementUiEnter);
+
+ if (policyDetails.iPkiStatus == EPkiStatusReady)
+ ReadResourceL(*message, R_VPN_DETAIL_CERT_STATUS_OK );
+ else if (policyDetails.iPkiStatus == EPkiStatusCertExpired)
+ ReadResourceL(*message, R_VPN_DETAIL_CERT_STATUS_EXPIRED );
+ else if (policyDetails.iPkiStatus == EPkiStatusNoCert)
+ ReadResourceL(*message, R_VPN_DETAIL_CERT_STATUS_MISSING );
+ else if (policyDetails.iPkiStatus == EPkiStatusCertNotValidYet)
+ ReadResourceL(*message, R_VPN_DETAIL_CERT_STATUS_NOT_YET_VALID );
+
+ message->Des().Append(KVpnManagementUiEnterTwice);
+
+ // Policy name:
+ ReadResourceL(*message, R_VPN_DETAIL_POLICY_NAME );
+ message->Des().Append(KVpnManagementUiEnter);
+ message->Des().Append(policyDetails.iName);
+ message->Des().Append(KVpnManagementUiEnterTwice);
+
+ // Header for the message query dialog
+
+ CAknMessageQueryDialog* dlg = CAknMessageQueryDialog::NewL(*message);
+ dlg->PrepareLC(R_MESSAGE_QUERY_DETAILS_VIEW);
+ dlg->QueryHeading()->SetTextL(policyDetails.iName);
+ dlg->RunLD();
+
+ CleanupStack::PopAndDestroy(); // message
+ }
+
+TBool CVpnManagementUiPolicyView::NotAssociatedToIapL(TInt aIndex, TVpnPolicyName& aPolicyName)
+ {
+ TVpnPolicyDetails policyDetails;
+ iLoader.VpnApiWrapperL().GetPolicyDetailsL(aIndex,policyDetails);
+ aPolicyName = policyDetails.iName;
+ if (policyDetails.iUsageStatus == EUsageStatusUnused)
+ return ETrue;
+ else
+ return EFalse;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiPolicyView::ReadResourceL
+// Reads text from resource
+// ---------------------------------------------------------
+//
+void CVpnManagementUiPolicyView::ReadResourceL(HBufC& aText, TInt aResource)
+ {
+ HBufC* text = StringLoader::LoadLC( aResource );
+ aText.Des().Append(text->Des());
+ CleanupStack::PopAndDestroy(); // text
+ }
+
+
+// End of File
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiservercontainer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,580 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Management UI Container
+*
+*/
+
+// INCLUDE FILES
+#include <eikclbd.h>
+#include <AknQueryDialog.h>
+#include <aknnotewrappers.h>
+#include <ErrorUI.h>
+#include <sysutil.h>
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuiservercontainer.h"
+#include "vpnmanagementuidefs.h"
+#include "vpnmanagementui.hrh"
+#include "log_vpnmanagementui.h"
+
+#ifdef __SERIES60_HELP
+#include <csxhelp/vpn.hlp.hrh> // for help context of VPN Management UI
+#endif //__SERIES60_HELP
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::CVpnManagementUiServerContainer(
+// CVpnManagementUiServerView& aParent, CVpnUiLoader& aLoader)
+// Constructor with parent
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerContainer::CVpnManagementUiServerContainer(
+ CVpnManagementUiServerView& aParent, CVpnUiLoader& aLoader ) :
+ iParent ( aParent ), iLoader ( aLoader )
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::~CVpnManagementUiServerContainer()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerContainer::~CVpnManagementUiServerContainer()
+ {
+ delete iListBox;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::ConstructL(
+// const TRect& aRect, TInt& aCurrentPosition, TInt& aTopItem)
+// EPOC two phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::ConstructL(
+ const TRect& aRect, TInt& /*aCurrentPosition*/, TInt& /*aTopItem*/ )
+ {
+ CreateWindowL();
+ CreateListBoxL();
+ ShowServersL();
+ if ((iListItemCount == 0) && (!iLoader.iBackFromServerDefinition))
+ {
+ iLoader.iShowDefineQuery = ETrue;
+ }
+ iLoader.iBackFromServerDefinition = EFalse;
+ iShowWaitNote = EFalse;
+ SetRect( aRect );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::ActivateL()
+// called after the dialog is shown
+// used to handle empty list - query
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::ActivateL()
+ {
+ CCoeControl::ActivateL();
+ // put empty list checking & required actions here.
+ if ((iListItemCount == 0) && (iLoader.iShowDefineQuery))
+ {
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DEFINE_NEW_SERVER );
+ CAknQueryDialog* query = CAknQueryDialog::NewL(
+ CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ iLoader.iShowDefineQuery = EFalse;
+ if ( retval )
+ {
+ if (!SysUtil::FFSSpaceBelowCriticalLevelL(0, 0))
+ {
+ iLoader.ChangeViewL(KChangeViewSettings);
+ }
+ else
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ iLoader.iShowDefineQuery = EFalse;
+ iLoader.iNewServerDefinition = EFalse;
+ }
+ }
+ }
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ if (iLoader.iNewServerDefinition)
+ {//Synchronise server query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_SYNCHRONISE_SERVER );
+ CAknQueryDialog* query = CAknQueryDialog::NewL(
+ CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ //Show wait dialog
+ //Save server index for Connecting via note
+ iLoader.iCurrentServerIndex = iLoader.AcuApiWrapperL().GetLastCreatedServerIndexL();
+ //ShowWaitNoteL();
+ iShowWaitNote = ETrue;
+ // Get selection name for connecting via note
+ // and save it to the member variable of iLoader
+ iLoader.GetSelectionNameL( iLoader.iSelectionName );
+
+ //Synchronise server
+ iLoader.AcuApiWrapperL().SynchroniseLastCreatedServerL(this);
+
+ //Set iNewServerDefinition to false, because
+ //we are now synchronised server
+ iLoader.iNewServerDefinition = EFalse;
+ }
+ } ***/
+ }
+
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::SizeChanged()
+// Called by framework when the view size is changed
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::SizeChanged()
+ {
+ iListBox->SetRect(Rect());
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::FocusChanged(TDrawNow aDrawNow)
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::FocusChanged(TDrawNow aDrawNow)
+ {
+ if ( iListBox )
+ {
+ iListBox->SetFocus( IsFocused(), aDrawNow );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::HandleResourceChange
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::HandleResourceChange( TInt aType )
+ {
+ CCoeControl::HandleResourceChange(aType);
+
+ //Handle change in layout orientation
+ if (aType == KEikDynamicLayoutVariantSwitch || aType == KAknsMessageSkinChange )
+ {
+ iListBox->HandleResourceChange(aType);
+ TRect mainPaneRect;
+ AknLayoutUtils::LayoutMetricsRect(AknLayoutUtils::EMainPane, mainPaneRect);
+ SetRect(mainPaneRect);
+ DrawNow();
+ }
+ }
+
+enum { EListBoxControl, ENumberOfControls };
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::CountComponentControls() const
+// ---------------------------------------------------------
+//
+TInt CVpnManagementUiServerContainer::CountComponentControls() const
+ {
+ // return number of controls inside this container
+ return ENumberOfControls; // return nbr of controls inside this container
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::ComponentControl(TInt aIndex) const
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiServerContainer::ComponentControl(TInt aIndex) const
+ {
+ switch ( aIndex )
+ {
+ case 0:
+ return iListBox;
+ default:
+ return NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::HandleControlEventL(
+// CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+// Cannot be changed to non-leaving function.
+// L-function is required by the class definition, even if empty.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::HandleControlEventL(
+ CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::OfferKeyEventL(
+// const TKeyEvent& aKeyEvent, TEventCode aType)
+// Handles the key events OK button, arrow keys, delete key.
+// OK button functionality is different depending on the number of marked items
+// in the list; zero marked -> show details view, one or more marked -> show
+// OKOptions list, list empty -> OK inactive.
+// Delete active only if list not empty.
+// ---------------------------------------------------------
+//
+TKeyResponse CVpnManagementUiServerContainer::OfferKeyEventL(
+ const TKeyEvent& aKeyEvent, TEventCode aType)
+ {
+ TKeyResponse retval = EKeyWasNotConsumed;
+ if ( aType==EEventKey )
+ {
+ if ( (aKeyEvent.iCode == EKeyOK || aKeyEvent.iCode == EKeyEnter) && //select or enter
+ iListBox->CurrentItemIndex() > -1 ) //This is for empty list
+ {
+ // Selection key pressed
+ iParent.HandleCommandL( EVpnUiCmdEditServer );
+ retval = EKeyWasConsumed;
+ }
+
+ else if ( aKeyEvent.iCode == EKeyDelete
+ || aKeyEvent.iCode == EKeyBackspace )
+ {
+ if ( iListBox->CurrentItemIndex() > -1 )
+ {
+ iParent.HandleCommandL( EVpnUiCmdDeleteServer );
+ retval = EKeyWasConsumed;
+ }
+ }
+ else
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+ }
+ else
+ {
+ retval = iListBox->OfferKeyEventL( aKeyEvent, aType );
+ }
+ return retval;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::CreateListBoxL()
+// Creates listbox, sets empty listbox text.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::CreateListBoxL()
+ {
+ iListBox = new( ELeave ) CAknSingleStyleListBox;
+ iListBox->SetContainerWindowL( *this );
+ iListBox->ConstructL( this, EAknListBoxMarkableList );
+ iListBox->CreateScrollBarFrameL( ETrue );
+ iListBox->ScrollBarFrame()->
+ SetScrollBarVisibilityL( CEikScrollBarFrame::EOff,CEikScrollBarFrame::EAuto );
+
+ HBufC* stringHolder = StringLoader::LoadLC( R_VPN_POLICY_SERVERS_EMPTY );
+ iListBox->View()->SetListEmptyTextL( *stringHolder );
+ CleanupStack::PopAndDestroy(); // stringHolder
+
+ iListBox->SetListBoxObserver (this);
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::DrawListBoxL(TInt aCurrentPosition, TInt aTopItem)
+// Draws listbox, fetches graphic icons for markable list
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::DrawListBoxL( TInt aCurrentPosition, TInt aTopItem )
+ {
+ if (aCurrentPosition >= 0)
+ {
+ iListBox->SetTopItemIndex( aTopItem );
+ iListBox->SetCurrentItemIndex( aCurrentPosition );
+ }
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ if(iLoader.iNewServerDefinition)
+ {
+ iListBox->SetCurrentItemIndex(iLoader.AcuApiWrapperL().GetLastCreatedServerIndexL());
+ } ***/
+
+ ActivateL();
+ DrawNow();
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::UpdateListBoxL(TInt& aCurrentPosition)
+// Refresh listbox after VPN policy server deletion.
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerContainer::UpdateListBoxL(TInt& aCurrentPosition)
+ {
+ MDesCArray* itemList = iListBox->Model()->ItemTextArray();
+ CDesCArray* itemArray = ( CDesCArray* )itemList;
+
+ itemArray->Delete(aCurrentPosition);
+ itemArray->Compress();
+
+ iListBox->HandleItemRemovalL();
+ if(aCurrentPosition > 0)
+ {
+ iListBox->SetCurrentItemIndexAndDraw(aCurrentPosition-1);
+ }
+ if(aCurrentPosition == 0 )
+ {
+ if (iListItemCount > 1 )
+ {
+ iListBox->SetCurrentItemIndexAndDraw(aCurrentPosition);
+ }
+ else
+ {
+ HBufC* stringHolder = StringLoader::LoadLC( R_VPN_POLICY_SERVERS_EMPTY );
+ iListBox->View()->SetListEmptyTextL( *stringHolder );
+ CleanupStack::PopAndDestroy(); // stringHolder
+ }
+ }
+ iListItemCount = iListItemCount -1;
+ iParent.SetMiddleSoftKeyL(ETrue);
+ DrawNow();
+ }
+
+
+void CVpnManagementUiServerContainer::ShowServersL()
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ CArrayFix<TAcuApiServerListElem>* serverList = iLoader.AcuApiWrapperL().ServerListL();
+
+ CDesCArrayFlat* itemTextArray = static_cast<CDesCArrayFlat*>(iListBox->Model()->ItemTextArray());
+
+ itemTextArray->Reset();
+ iListBox->Reset();
+
+ iListItemCount = serverList->Count();
+
+ for (TInt i = 0; i < iListItemCount; ++i)
+ {
+ TBuf<KAcuMaxServerNameLocalLth+2> serverName;
+ serverName.Append(_L("\t"));
+ serverName.Append(serverList->At(i).iServerNameLocal);
+ itemTextArray->AppendL(serverName);
+ }
+
+
+ iListBox->HandleItemAdditionL();
+ ***/
+ }
+
+
+void CVpnManagementUiServerContainer::DeleteServerL(TInt /* aIndex */)
+ {
+ LOG(Log::Printf(_L("CVpnManagementUiServerContainer::DeleteServerL\n")));
+
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+
+ TBuf<KAcuMaxServerNameLocalLth> serverName;
+ serverName.Append(
+ iLoader.AcuApiWrapperL().ServerListL()->At(aIndex).iServerNameLocal);
+ LOG(Log::Printf(_L("CVpnManagementUiServerContainer::DeleteServerL - server name %S\n"), &serverName));
+ HBufC* temp;
+
+ TAcuServerId serverId;
+ serverId = iLoader.AcuApiWrapperL().ServerListL()->At(aIndex).iServerId;
+
+ //Get server policy count from vpnapiext
+ TInt policyCount = 0;
+ TInt ret = iLoader.VpnApiWrapperL().GetServerPolicyCount(
+ serverId, policyCount);
+
+ LOG(Log::Printf(_L("CVpnManagementUiServerContainer::DeleteServerL - server policy count %d\n"), policyCount));
+
+ if ((ret== KErrNone) && (policyCount > 0)) //at least one policy related to given ACU server is found
+ {
+ // policies related to the server, confirmation query
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DELETE_SERVER_ASSOCIATED );
+ }
+ else
+ {
+ // no policies related to the server, confirmation query
+ temp = StringLoader::LoadLC( R_VPN_QUEST_DELETE_SERVER, serverName );
+ }
+
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ if ( retval )
+ {
+ TInt ret = iLoader.AcuApiWrapperL().DeleteServer(aIndex);
+ if(ret == KErrNone)
+ {
+ //Update listbox
+ UpdateListBoxL( aIndex );
+ //Update iServerList
+ iLoader.AcuApiWrapperL().ServerListL();
+
+ //Set iNewServerDefinition to false
+ iLoader.iNewServerDefinition = EFalse;
+ }
+ else if (ret == KErrServerBusy)
+ {
+ //Show an information note that server is currently in use
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_POLICY_SERVER_IN_USE );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+ }
+ ***/
+ }
+
+void CVpnManagementUiServerContainer::SynchroniseServerL(TInt /* aIndex */)
+ {
+ LOG_("CVpnManagementUiServerContainer::SynchroniseServerL");
+
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+
+ TBool selectionExists = iLoader.SelectionExistsL( aIndex );
+ if( selectionExists )
+ {
+ //Save server index for Connecting via note
+ iLoader.iCurrentServerIndex = aIndex;
+ // Get selection name for connecting via note
+ // and save it to the member variable of iLoader
+ iLoader.GetSelectionNameL( iLoader.iSelectionName );
+ //Show wait dialog
+ iLoader.ShowWaitNoteL();
+
+ iLoader.AcuApiWrapperL().SynchroniseServerL( aIndex,this );
+ //Set iNewServerDefinition to false, because when
+ //we go to the policy view we don't want to show note
+ //"new server defined synchronise now"
+ iLoader.iNewServerDefinition = EFalse;
+ } ***/
+ }
+
+
+void CVpnManagementUiServerContainer::NotifyUpdatePolicyCompleteL(TInt /*aResult*/)
+ {
+ }
+
+void CVpnManagementUiServerContainer::NotifySynchroniseServerCompleteL(TInt aResult)
+ {
+ LOG(Log::Printf(_L("CVpnManagementUiServerContainer::NotifySynchroniseServerCompleteL - Result %d\n"), aResult));
+
+ if ( iLoader.iWaitDialog )
+ {
+ iLoader.DeleteWaitNoteL();//->iWaitDialog->ProcessFinishedL(); // deletes the wait dialog
+ }
+
+
+ if (aResult == KErrNone)
+ {
+ //Confirmation note
+ HBufC* string = StringLoader::LoadLC( R_VPN_CONF_POLICY_SERVER_SYNC_OK );
+ CAknConfirmationNote* note = new ( ELeave ) CAknConfirmationNote( ETrue );
+ note->ExecuteLD( *string );
+ CleanupStack::PopAndDestroy( string );
+ }
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ else if (aResult == KAcuErrServerCertExpiredByPkiService)
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_SERVER_CERT_EXPIRED );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ } ***/
+ else if (aResult == KErrDiskFull)
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ else if (aResult == KErrCancel)
+ {
+ // No operation, i.e. don't show anything
+ }
+ else
+ {
+ //Show an information note
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_VPN_INFO_POLICY_SERVER_SYNC_ERROR );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+
+ iParent.SetMiddleSoftKeyL(ETrue);
+ }
+
+void CVpnManagementUiServerContainer::NotifyStepChangedL(TInt /*aResult*/)
+ {
+ if (iShowWaitNote)
+ {
+ iLoader.ShowWaitNoteL();
+ iShowWaitNote = EFalse;
+ }
+ if ( iLoader.iWaitDialog )
+ {
+ iLoader.SetTextL();
+ }
+ }
+
+
+void CVpnManagementUiServerContainer::HandleListBoxEventL (CEikListBox* /*aListBox*/,
+ TListBoxEvent aEventType)
+ {
+ switch(aEventType)
+ {
+ case EEventEnterKeyPressed:
+ case EEventItemSingleClicked:
+ iParent.HandleCommandL(EVpnUiCmdEditServer);
+ break;
+ default:
+ //Do nothing
+ break;
+ }
+ }
+
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerContainer::GetHelpContext
+// This function is called when Help application is launched.
+// (other items were commented in a header).
+// ---------------------------------------------------------
+//
+#ifdef __SERIES60_HELP
+void CVpnManagementUiServerContainer::GetHelpContext(
+ TCoeHelpContext& aContext ) const
+ {
+ aContext.iMajor = KUidVpnManagementUi;
+ aContext.iContext = KSET_HLP_VPN_POLICY_SERVERS;
+ }
+#endif //__SERIES60_HELP
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiserversettingscontainer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,369 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: The container is responsible of showing policy server details.
+*
+*/
+
+// INCLUDE FILES
+#include <akntextsettingpage.h>
+#include <aknnotewrappers.h>
+#include <cmmanagerext.h>
+#include <cmsettingsui.h>
+#include <cmapplicationsettingsui.h>
+#include <cmdestinationext.h>
+#include <cmpluginvpndef.h>
+#include <commdb.h>
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuiserversettingscontainer.h"
+#include "vpnmanagementuidefs.h"
+#include "serversettingconnectionsettingitem.h"
+#include "vpnmanagementui.hrh"
+#include "log_vpnmanagementui.h"
+
+
+#ifdef __SERIES60_HELP
+#include <csxhelp/vpn.hlp.hrh> // for help context of VPN Management UI
+#endif //__SERIES60_HELP
+
+using namespace CMManager;
+
+// ================= MEMBER FUNCTIONS =======================
+
+CServerSettingsContainer* CServerSettingsContainer::NewL(
+ CVpnUiLoader& aLoader, TInt aServerIndex )
+ {
+ CServerSettingsContainer* self = new(ELeave) CServerSettingsContainer(
+ aLoader, aServerIndex );
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsContainer::CServerSettingsContainer()
+// ---------------------------------------------------------
+//
+CServerSettingsContainer::CServerSettingsContainer(
+ CVpnUiLoader& aLoader, TInt aServerIndex )
+ :iLoader(aLoader), iServerIndex(aServerIndex)
+ {
+ ASSERT(aServerIndex >= KErrNotFound);
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsContainer::~CServerSettingsContainer()
+// Destructor
+// ---------------------------------------------------------
+//
+CServerSettingsContainer::~CServerSettingsContainer()
+ {
+ }
+
+
+// ---------------------------------------------------------------------------
+// CreateSettingItemL
+// ---------------------------------------------------------------------------
+//
+CAknSettingItem* CServerSettingsContainer::CreateSettingItemL(
+ TInt /* aSettingId */)
+ {
+ CAknSettingItem* settingItem(NULL);
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ switch (aSettingId)
+ {
+ case EVpnUiSettingServerName:
+ settingItem = new (ELeave) CAknTextSettingItem(
+ aSettingId, iServerDetails.iServerNameLocal );
+ break;
+ case EVpnUiSettingServerAddress:
+ if (iServerDetails.iServerUrl.Length() > 0)
+ {
+ iServerAddressBuffer.Copy(iServerDetails.iServerUrl);
+ }
+ settingItem = new (ELeave) CAknTextSettingItem(
+ aSettingId, iServerAddressBuffer );
+ break;
+ case EVpnUiSettingIap:
+ settingItem = new (ELeave) CServerSettingConnectionSettingItem(
+ aSettingId, iServerDetails.iSelection);
+ break;
+ default:
+ // Do nothing
+ break;
+ }
+ ***/
+ return settingItem;
+ }
+
+
+// ---------------------------------------------------------------------------
+// CServerSettingsContainer::ConstructL()
+// ---------------------------------------------------------------------------
+//
+void CServerSettingsContainer::ConstructL()
+ {
+ // Server settings view sets iServerIndex to -1 when creating a new
+ // server
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ if ( iServerIndex >= 0 )
+ {
+ iLoader.AcuApiWrapperL().GetServerDetailsL(
+ iServerIndex, iServerDetails );
+ UpdateTitleL( iServerDetails.iServerNameLocal );
+ }
+ ***/
+ ConstructFromResourceL(R_VPN_SERVER_SETTING_LIST);
+ }
+
+
+// ---------------------------------------------------------------------------
+// UpdateTitleL
+// ---------------------------------------------------------------------------
+//
+void CServerSettingsContainer::UpdateTitleL( TDes& aText )
+ {
+ iLoader.ActivateTitleL(KViewTitleParametersView,aText);
+ }
+
+
+// ---------------------------------------------------------------------------
+// ServerNameExistsL
+// ---------------------------------------------------------------------------
+//
+TBool CServerSettingsContainer::ServerNameExistsL( const TDesC& /* aText */) const
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ const CArrayFix<TAcuApiServerListElem>* serverList = iLoader.AcuApiWrapperL().ServerListL();
+ TInt count = serverList->Count();
+
+ for (TInt i = 0; i < count; ++i)
+ {
+ //If we are editing name, we don't want to compare itself
+ if(i != iServerIndex)
+ {
+ if (serverList->At(i).iServerNameLocal.Compare(aText)==0)
+ {
+ //Name is already in use
+ return ETrue;
+ }
+ }
+ } ***/
+ return EFalse;
+ }
+
+
+void CServerSettingsContainer::HandleListBoxEventL(CEikListBox* aListBox, TListBoxEvent aEventType)
+ {
+ switch(aEventType)
+ {
+ case EEventEnterKeyPressed:
+ case EEventItemSingleClicked:
+ ChangeSettingValueL();
+ break;
+ default:
+ CAknSettingItemList::HandleListBoxEventL(aListBox, aEventType);
+ }
+ }
+
+
+// ---------------------------------------------------------------------------
+// ChangeSettingValueL
+// ---------------------------------------------------------------------------
+//
+void CServerSettingsContainer::ChangeSettingValueL()
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ TInt currentItem( ListBox()->CurrentItemIndex() );
+
+ switch(currentItem)
+ {
+ case EVpnUiSettingServerName:
+ {
+ TBool alreadyInUse = ETrue;
+ while(alreadyInUse)
+ {
+ EditItemL(EVpnUiSettingServerName, ETrue);
+ SettingItemArray()->At(EVpnUiSettingServerName)->StoreL();
+ alreadyInUse = ServerNameExistsL( iServerDetails.iServerNameLocal );
+ if(alreadyInUse)
+ {
+ //Show an information note that server is currently in use
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC( R_FLDR_NAME_ALREADY_USED, iServerDetails.iServerNameLocal );
+ CAknInformationNote* note = new(ELeave)CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+
+ }
+ if (iServerDetails.iServerNameLocal.Length() > 0)
+ {
+ UpdateTitleL( iServerDetails.iServerNameLocal );
+ }
+ }
+ break;
+ case EVpnUiSettingServerAddress:
+ {
+ if( iServerDetails.iServerUrlReadOnly )
+ {
+ //Show an information note that server cannot be
+ //modified
+ HBufC* noteText;
+ noteText = StringLoader::LoadLC(
+ R_VPN_INFO_CANNOT_MODIFY_SERVER_DEF );
+ CAknInformationNote* note =
+ new(ELeave) CAknInformationNote(ETrue);
+ note->SetTimeout(CAknNoteDialog::ELongTimeout); //3sec
+ note->ExecuteLD(noteText->Des());
+ CleanupStack::PopAndDestroy(); // noteText
+ }
+ else
+ {
+ EditItemL(EVpnUiSettingServerAddress, ETrue);
+ }
+ }
+ break;
+ case EVpnUiSettingIap:
+ {
+ EditItemL(EVpnUiSettingIap, ETrue);
+ }
+ break;
+ default:
+ User::Invariant();
+ break;
+ } ***/
+ }
+
+
+// ---------------------------------------------------------------------------
+// ServerDetails
+// ---------------------------------------------------------------------------
+//
+/*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+const TAcuApiServerDetails& CServerSettingsContainer::ServerDetailsL()
+ {
+ StoreSettingsL();
+ if (iServerAddressBuffer.Length() > 0)
+ {
+ iServerDetails.iServerUrl.Copy(iServerAddressBuffer);
+ }
+
+ //If server name is left empty, but we have an address,
+ //set address as a server name.
+ if (iServerDetails.iServerNameLocal.Length() == 0 &&
+ iServerDetails.iServerUrl.Length() > 0)
+ {
+
+ //If the address is already in use as server name, generate
+ //a new unique name.
+ TUint16 i = 1;
+ do
+ {
+ static const TInt KSuffixLength = 10;
+ _LIT(KSuffixFormat, "(%d)");
+
+ TBuf<KSuffixLength> suffix;
+ suffix.Zero();
+ if (i > 1)
+ {
+ suffix.Format(KSuffixFormat, i);
+ }
+ i++;
+
+ //First assumes that the address is too long to fit
+ TInt numberOfCharactersCopiedFromAddress =
+ iServerDetails.iServerNameLocal.MaxLength() - suffix.Length();
+
+ //If this is not the case adjust the length
+ if (numberOfCharactersCopiedFromAddress > iServerDetails.iServerUrl.Length())
+ {
+ numberOfCharactersCopiedFromAddress = iServerDetails.iServerUrl.Length();
+ }
+
+ TPtrC8 serverNameAddress = iServerDetails.iServerUrl.Left(numberOfCharactersCopiedFromAddress);
+ iServerDetails.iServerNameLocal.Copy(serverNameAddress);
+ iServerDetails.iServerNameLocal.Append(suffix);
+
+ }while(ServerNameExistsL( iServerDetails.iServerNameLocal) );
+
+ CAknSettingItem* item = SettingItemArray()->At(EVpnUiSettingServerName);
+ item->LoadL();
+ item->UpdateListBoxTextL();
+ }
+ return iServerDetails;
+ }
+***/
+
+// ---------------------------------------------------------------------------
+// GetIapNameL
+// ---------------------------------------------------------------------------
+//
+HBufC* CServerSettingsContainer::GetDestinationNameL( TUint aId )
+ {
+ RCmManagerExt cmManager;
+ cmManager.OpenLC();
+ RCmDestinationExt dest = cmManager.DestinationL( aId );
+ CleanupClosePushL( dest );
+ HBufC* name = dest.NameLC();
+ CleanupStack::Pop(name);
+ CleanupStack::PopAndDestroy( 2 ); // dest, cmManager
+ return name;
+ }
+
+
+HBufC* CServerSettingsContainer::GetConnectionMethodNameL( TUint aId )
+ {
+ RCmManagerExt cmManager;
+ cmManager.OpenLC();
+ RCmConnectionMethodExt conn = cmManager.ConnectionMethodL( aId );
+ CleanupClosePushL( conn );
+ HBufC* name = conn.GetStringAttributeL( ECmName );
+ CleanupStack::PopAndDestroy( 2 ); // conn, cmManager
+ return name;
+ }
+
+
+TInt CServerSettingsContainer::ServerIndex() const
+ {
+ return iServerIndex;
+ }
+
+
+// ---------------------------------------------------------
+// CServerSettingsContainer::GetHelpContext
+// ---------------------------------------------------------
+
+#ifdef __SERIES60_HELP
+void CServerSettingsContainer::GetHelpContext( TCoeHelpContext& aContext ) const
+ {
+ aContext.iMajor = KUidVpnManagementUi;
+ aContext.iContext = KSET_HLP_VPN_POLICY_SERVER_SET;
+ }
+#endif //__SERIES60_HELP
+
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiserversettingsview.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,290 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Handles commands given through the UI for maintaining information
+* of single policy server.
+*
+*/
+
+// INCLUDE FILES
+#include <AknQueryDialog.h>
+#include <aknnotewrappers.h>
+#include <vpnmanagementuirsc.rsg>
+#include <ErrorUI.h>
+#include <sysutil.h>
+#include "vpnuiloader.h"
+#include "vpnmanagementuiserversettingsview.h"
+#include "vpnmanagementuiserversettingscontainer.h"
+#include "vpnmanagementui.hrh"
+
+#ifdef __SERIES60_HELP
+#include <hlplch.h> // For HlpLauncher
+#endif //__SERIES60_HELP
+
+/** MSK control Id. */
+const TInt KVpnMSKControlId = 3;
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CServerSettingsView::CServerSettingsView(CVpnUiLoader& aLoader)
+// Constructor
+// ---------------------------------------------------------
+//
+CServerSettingsView::CServerSettingsView( CVpnUiLoader& aLoader )
+ : iLoader( aLoader )
+ {
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::~CServerSettingsView()
+// Destructor
+// ---------------------------------------------------------
+//
+CServerSettingsView::~CServerSettingsView()
+ {
+ if ( iContainer )
+ {
+ AppUi()->RemoveFromViewStack( *this, iContainer );
+ delete iContainer;
+ }
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView* CServerSettingsView::NewL(const TRect& /*aRect*/,
+// CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CServerSettingsView* CServerSettingsView::NewL(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader)
+ {
+ CServerSettingsView* self = new (ELeave) CServerSettingsView(aLoader);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView* CServerSettingsView::NewLC(const TRect& /*aRect*/,
+// CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CServerSettingsView* CServerSettingsView::NewLC(const TRect& /*aRect*/,
+ CVpnUiLoader& aLoader)
+ {
+ CServerSettingsView* self = new (ELeave) CServerSettingsView(aLoader);
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::ConstructL()
+// EPOC two-phased constructor
+// ---------------------------------------------------------
+//
+void CServerSettingsView::ConstructL()
+ {
+ BaseConstructL( R_VPNMANAGEMENTUI_SERVER_PARAMETERS_VIEW );
+ }
+
+
+// ---------------------------------------------------------
+// CServerSettingsView::Id() const
+// Returns Trust view id
+// ---------------------------------------------------------
+//
+TUid CServerSettingsView::Id() const
+ {
+ return KVpnManagementUiParametersViewId;
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::HandleCommandL(TInt aCommand)
+// Handles Softkey and Options list commands
+// ---------------------------------------------------------
+//
+void CServerSettingsView::HandleCommandL( TInt /* aCommand */)
+ {
+ /*** NSSM support is discontinued.
+ Code is kept in comments temporarily because similar UI functionality
+ might be needed for another purpose.
+ TBool ffs(EFalse);
+ switch ( aCommand )
+ {
+ case EAknSoftkeyBack:
+ {
+ //GET CURRENT ADDRESS
+ ASSERT( iContainer );
+
+ const TAcuApiServerDetails& serverDetails = iContainer->ServerDetailsL();
+
+ ffs = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if (ffs)
+ {
+ iLoader.iBackFromServerDefinition = ETrue;
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ }
+ else if(serverDetails.iServerUrl.Length()==0 || serverDetails.iSelection.iId==0)
+ {
+ TInt ret = CompleteSettingsL();
+ if (ret)
+ {
+ iLoader.iShowDefineQuery = EFalse;
+ iLoader.iBackFromServerDefinition = ETrue;
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ }
+ }
+ else
+ {
+ TBool createServer = ETrue;
+ if(createServer)
+ {
+ //Creating a new VPN policy server
+ if( iContainer->ServerIndex() == -1)
+ {
+ int aResult = iLoader.AcuApiWrapperL().CreateServer(serverDetails);
+ if (aResult == KErrNone)
+ {
+ //Update iServerList of CAcuApiWrapper
+ //After that we can call Synchronise server from
+ //CVpnManagementUiPolicyContainer::ActivateL()
+
+ iLoader.AcuApiWrapperL().ServerListL();
+
+ iLoader.iNewServerDefinition = ETrue;
+ }
+ else
+ {
+ iLoader.iShowDefineQuery = EFalse;
+ iLoader.iBackFromServerDefinition = ETrue;
+ iLoader.iNewServerDefinition = EFalse;
+ createServer = EFalse;
+
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( aResult );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ }
+ //Editing an existing policy server
+ else
+ {
+ iLoader.AcuApiWrapperL().SaveServerDetails(serverDetails);
+ }
+ }
+
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ }
+ break;
+ }
+ case EAknCmdExit:
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->HandleCommandL( EAknCmdExit );
+ break;
+ }
+ case EVpnUiCmdChange:
+ {
+ ASSERT(iContainer);
+ iContainer->ChangeSettingValueL();
+ break;
+ }
+ #ifdef __SERIES60_HELP
+ case EAknCmdHelp:
+ {
+ HlpLauncher::LaunchHelpApplicationL( iEikonEnv->WsSession(),
+ AppUi()->AppHelpContextL() );
+ break;
+ }
+ #endif //__SERIES60_HELP
+
+ default:
+ {
+ AppUi()->HandleCommandL( aCommand );
+ break;
+ }
+ } ***/
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::HandleClientRectChange()
+// ---------------------------------------------------------
+//
+void CServerSettingsView::HandleClientRectChange()
+ {
+ if ( iContainer )
+ {
+ iContainer->SetRect( ClientRect() );
+ }
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::DoActivateL()
+// Updates the view when opening it
+// ---------------------------------------------------------
+//
+void CServerSettingsView::DoActivateL(const TVwsViewId& /*aPrevViewId*/,
+ TUid aCustomMessageId, const TDesC8& /*aCustomMessage*/)
+ {
+ __ASSERT_DEBUG(iContainer == NULL, User::Invariant());
+
+ // aCustomMessageId contains index of the policy servers listbox
+ iContainer = CServerSettingsContainer::NewL( iLoader,
+ static_cast<TInt> ( aCustomMessageId.iUid ) );
+ iContainer->SetMopParent( this );
+
+ iLoader.PushDefaultNaviPaneL();
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddToStackL( *this, iContainer );
+
+ // Add MiddleSoftKey
+ CEikButtonGroupContainer* cbaGroup = Cba();
+ if (cbaGroup)
+ {
+ HBufC* text = StringLoader::LoadLC(R_MSK_CHANGE);
+ cbaGroup->AddCommandToStackL(KVpnMSKControlId, EVpnUiCmdChange, text->Des());
+ CleanupStack::PopAndDestroy(text);
+ }
+ iContainer->ActivateL();
+ }
+
+// ---------------------------------------------------------
+// CServerSettingsView::DoDeactivate()
+// ---------------------------------------------------------
+//
+void CServerSettingsView::DoDeactivate()
+ {
+ if ( iContainer )
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveFromViewStack( *this, iContainer );
+
+ delete iContainer;
+ iContainer = NULL;
+ }
+ }
+
+
+TInt CServerSettingsView::CompleteSettingsL()
+ {
+ // compulsory field is empty, confirmation query
+ HBufC* temp;
+ temp = StringLoader::LoadLC( R_VPN_QUEST_INCOMPLETE_SERVER_DEF_DELETE );
+ CAknQueryDialog* query = CAknQueryDialog::NewL( CAknQueryDialog::EConfirmationTone );
+ TInt retval = query->ExecuteLD( R_CONFIRMATION_QUERY, *temp );
+ CleanupStack::PopAndDestroy(); // temp
+ return retval;
+ }
+
+// End of File
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiserverview.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,320 @@
+/*
+* Copyright (c) 2003 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Handles commands given through the UI for maintaining policy servers.
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <aknmessagequerydialog.h>
+#include <aknnotewrappers.h> // for warning & information notes
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuiserverview.h"
+#include "vpnmanagementuiservercontainer.h"
+#include "vpnmanagementui.hrh"
+#ifdef __SERIES60_HELP
+#include <hlplch.h> // For HlpLauncher
+#endif //__SERIES60_HELP
+
+/** MSK control Id. */
+const TInt KVpnMSKControlId = 3;
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::CVpnManagementUiServerView(CVpnUiLoader& aLoader)
+// : iLoader(aLoader)
+// Constructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerView::CVpnManagementUiServerView( CVpnUiLoader& aLoader )
+: iLoader(aLoader)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::~CVpnManagementUiServerView()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerView::~CVpnManagementUiServerView()
+ {
+ if ( iServerContainer )
+ {
+ AppUi()->RemoveFromViewStack(*this, iServerContainer);
+ delete iServerContainer;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView* CVpnManagementUiServerView::NewL(
+// const TRect& /*aRect*/, CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerView* CVpnManagementUiServerView::NewL(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiServerView* self =
+ new ( ELeave ) CVpnManagementUiServerView( aLoader );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView* CVpnManagementUiServerView::NewLC(
+// const TRect& /*aRect*/, CVpnUiLoader& aLoader)
+// ---------------------------------------------------------
+//
+CVpnManagementUiServerView* CVpnManagementUiServerView::NewLC(
+ const TRect& /*aRect*/, CVpnUiLoader& aLoader )
+ {
+ CVpnManagementUiServerView* self =
+ new ( ELeave ) CVpnManagementUiServerView( aLoader );
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::ConstructL()
+// CVpnUiView::ConstructL(const TRect& aRect)
+// EPOC two-phased constructor
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::ConstructL()
+ {
+ BaseConstructL( R_VPNUI_POLICY_SERVERS_VIEW );
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::DynInitMenuPaneL(
+// TInt aResourceId,CEikMenuPane* aMenuPane)
+// Updates Options list with correct items depending on
+// whether the listbox is empty or if it has any marked items
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::DynInitMenuPaneL(TInt aResourceId, CEikMenuPane* aMenuPane)
+ {
+
+ if ( aResourceId == R_VPNUI_POLICY_SERVERS_VIEW_MENU )
+ {
+ TInt currentItem = iServerContainer->iListBox->CurrentItemIndex();
+
+ // the policy server list is empty all except Add new server, Help and Exit is dimmed
+ if ( currentItem == -1 )
+ {
+ aMenuPane->SetItemDimmed( EVpnUiCmdEditServer, ETrue );
+ aMenuPane->SetItemDimmed( EVpnUiCmdSynchronise, ETrue );
+ aMenuPane->SetItemDimmed( EVpnUiCmdDeleteServer, ETrue );
+ }
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::Id() const
+// Returns Authority view id
+// ---------------------------------------------------------
+//
+TUid CVpnManagementUiServerView::Id() const
+ {
+ return KVpnManagementUiServerViewId;
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::HandleCommandL(TInt aCommand)
+// Handles Softkey and Options list commands
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::HandleCommandL( TInt aCommand )
+ {
+ TBool ffsLow;
+
+ switch ( aCommand )
+ {
+ case EAknSoftkeyBack:
+ {
+ iLoader.ChangeViewL( KChangeViewPrevious );
+ break;
+ }
+ case EAknCmdExit:
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->HandleCommandL( EAknCmdExit );
+ break;
+ }
+
+ case EVpnUiCmdEditServer:
+ {
+ ffsLow = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if (!ffsLow)
+ {
+ iCurrentPosition = iServerContainer->iListBox->CurrentItemIndex();
+ iLoader.ChangeViewL(KChangeViewSettings, iCurrentPosition);
+ }
+ break;
+ }
+
+ case EVpnUiCmdAddServer:
+ {
+ ffsLow = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if(!ffsLow)
+ {
+ iLoader.ChangeViewL(KChangeViewSettings);
+ }
+ break;
+ }
+ case EVpnUiCmdSynchronise:
+ {
+ ffsLow = iLoader.FFSSpaceBelowCriticalLevelL( ETrue, 0 );
+ if(!ffsLow)
+ {
+ iCurrentPosition = iServerContainer->iListBox->CurrentItemIndex();
+ iServerContainer->SynchroniseServerL(iCurrentPosition);
+ }
+ break;
+ }
+
+ case EVpnUiCmdDeleteServer:
+ {
+ iCurrentPosition = iServerContainer->iListBox->CurrentItemIndex();
+ iServerContainer->DeleteServerL(iCurrentPosition);
+ iCurrentPosition = iServerContainer->iListBox->CurrentItemIndex();
+ break;
+ }
+
+#ifdef __SERIES60_HELP
+ case EAknCmdHelp:
+ {
+ HlpLauncher::LaunchHelpApplicationL(
+ iEikonEnv->WsSession(), AppUi()->AppHelpContextL() );
+ break;
+ }
+#endif //__SERIES60_HELP
+
+ default:
+ {
+ AppUi()->HandleCommandL( aCommand );
+ break;
+ }
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::HandleClientRectChange()
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::HandleClientRectChange()
+ {
+ if ( iServerContainer )
+ {
+ iServerContainer->SetRect( ClientRect() );
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::DoActivateL(const TVwsViewId& /*aPrevViewId*/,
+// TUid /*aCustomMessageId*/, const TDesC8& /*aCustomMessage*/)
+// Updates the view when opening it
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::DoActivateL(
+ const TVwsViewId& /*aPrevViewId*/,
+ TUid /*aCustomMessageId*/, const TDesC8& /*aCustomMessage*/)
+ {
+ if ( iServerContainer )
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveFromViewStack(
+ *this, iServerContainer );
+ }
+ iServerContainer = new (ELeave) CVpnManagementUiServerContainer(
+ *this, iLoader );
+
+ iServerContainer->SetMopParent( this );
+ iServerContainer->ConstructL(
+ ClientRect(), iCurrentPosition, iTopItem );
+ iLoader.ActivateTitleL( KViewTitleServerView );
+ iLoader.PushDefaultNaviPaneL();
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddToStackL( *this, iServerContainer );
+ iServerContainer->DrawListBoxL( iCurrentPosition, iTopItem );
+
+ // Add MiddleSoftKey
+ SetMiddleSoftKeyL(EFalse);
+ }
+
+void CVpnManagementUiServerView::SetMiddleSoftKeyL(TBool aDrawNow)
+ {
+ if (iServerContainer->iListItemCount > 0)
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_EDIT, EVpnUiCmdEditServer);
+ }
+ else
+ {
+ SetMiddleSoftKeyLabelL(R_MSK_ADD_VPN_SERVER, EVpnUiCmdAddServer);
+ }
+
+ if (aDrawNow)
+ {
+ if (Cba())
+ Cba()->DrawNow();
+ }
+ }
+
+
+void CVpnManagementUiServerView::SetMiddleSoftKeyLabelL(TInt aResourceId, TInt aCommandId)
+ {
+ CEikButtonGroupContainer* cbaGroup = Cba();
+ if (cbaGroup)
+ {
+ cbaGroup->RemoveCommandFromStack(KVpnMSKControlId, EVpnUiCmdEditServer);
+ cbaGroup->RemoveCommandFromStack(KVpnMSKControlId, EVpnUiCmdAddServer);
+ HBufC* text = StringLoader::LoadLC(aResourceId);
+ cbaGroup->AddCommandToStackL(KVpnMSKControlId, aCommandId, text->Des());
+ CleanupStack::PopAndDestroy(text);
+ }
+ }
+
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::DoDeactivate()
+// Saves focus position when closing view
+// ---------------------------------------------------------
+//
+void CVpnManagementUiServerView::DoDeactivate()
+ {
+ if ( iServerContainer )
+ {
+ AppUi()->RemoveFromViewStack( *this, iServerContainer );
+
+ delete iServerContainer;
+ iServerContainer = NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnManagementUiServerView::Container()
+// Returns iServerContainer
+// ---------------------------------------------------------
+//
+CCoeControl* CVpnManagementUiServerView::Container()
+ {
+ return iServerContainer;
+ }
+
+// End of File
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnmanagementuiview.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,419 @@
+/*
+* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN management main view
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <aknViewAppUi.h>
+#include <avkon.hrh>
+#include <vpnmanagementuirsc.rsg>
+#include <settingsinternalcrkeys.h>
+#include <centralrepository.h>
+#include <bautils.h>
+#include <vpnmanagementui.mbg>
+#include "vpnmanagementui.hrh"
+#include "vpnuiloader.h"
+#include "vpnmanagementuiview.h"
+#include "vpnmanagementuicontainer.h"
+#include "vpnmanagementuiviewid.h"
+#include "log_vpnmanagementui.h"
+
+/** MSK control Id. */
+const TInt KVpnMSKControlId = 3;
+
+
+// ROM folder
+
+// Name of the MBM file containing icons
+_LIT( KFileIcons, "vpnmanagementui.mbm");
+
+// Constants
+enum TVpnUiCommands
+ {
+ KVpnUiPolicyViewListItemId,
+ KVpnUiLogViewListItemId
+ };
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::CVpnManagementUiView()
+// ---------------------------------------------------------------------------
+//
+CVpnManagementUiView::CVpnManagementUiView()
+ {
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::~CVpnManagementUiView()
+// Destructor
+// ---------------------------------------------------------------------------
+//
+CVpnManagementUiView::~CVpnManagementUiView()
+ {
+ LOG_("CVpnManagementUiView::~CVpnManagementUiView entered");
+ if ( iContainer )
+ {
+ AppUi()->RemoveFromViewStack(*this, iContainer);
+ delete iContainer;
+ }
+ delete iLoader;
+ LOG_("CVpnManagementUiView::~CVpnManagementUiView() exited");
+ }
+
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::NewL()
+// ---------------------------------------------------------------------------
+//
+CVpnManagementUiView* CVpnManagementUiView::NewL()
+ {
+ LOG_("CVpnManagementUiView::NewL() entered");
+ CVpnManagementUiView* self = NewLC();
+ CleanupStack::Pop();
+ LOG_("CVpnManagementUiView::NewL() exited");
+ return self;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::NewLC()
+// ---------------------------------------------------------------------------
+//
+CVpnManagementUiView* CVpnManagementUiView::NewLC()
+ {
+ LOG_("CVpnManagementUiView::NewLC() entered");
+ CVpnManagementUiView* self = new ( ELeave ) CVpnManagementUiView();
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ return self;
+ }
+
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::ConstructL()
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::ConstructL()
+ {
+ LOG_("CVpnManagementUiView::ConstructL() entered");
+ iLoader = CVpnUiLoader::NewL(iAvkonViewAppUi->ClientRect(),
+ KVpnManagementPluginUid, this );
+ BaseConstructL( R_VPNUI_MANAGEMENT_VIEW );
+ iLoader->ReleaseResource();
+ LOG_("CVpnManagementUiView::ConstructL() exited");
+ }
+
+// ---------------------------------------------------------------------------
+// void CVpnManagementUiView::GetCaptionL( TDes& aCaption ) const
+// ---------------------------------------------------------------------------
+void CVpnManagementUiView::GetCaptionL( TDes& aCaption ) const
+ {
+ LOG_("CVpnManagementUiView::GetCaptionL() entered");
+ iLoader->AddResourceFileL();
+ StringLoader::Load( aCaption, R_VPN_MANAGEMENT_TITLE_BUF );
+ iLoader->ReleaseResource();
+ LOG_("CVpnManagementUiView::GetCaptionL() exited");
+ }
+
+// ---------------------------------------------------------------------------
+// TUid CVpnManagementUiView::Id()
+// ---------------------------------------------------------------------------
+//
+TUid CVpnManagementUiView::Id() const
+ {
+ LOG_("CVpnManagementUiView::Id called");
+ return KVpnManagementPluginUid;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HandleCommandL()
+// Handles commands directed to this class.
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::HandleCommandL(TInt aCommand)
+ {
+ LOG_1("CVpnManagementUiView::HandleCommandL():%d", aCommand);
+ switch ( aCommand )
+ {
+ case EAknSoftkeyBack:
+ {
+ iLoader->ChangeViewL( KChangeViewBack );
+ break;
+ }
+ case EAknCmdExit:
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->HandleCommandL( EAknCmdExit );
+ break;
+ }
+ case EVpnUiCmdOpen:
+ {
+ HandleListBoxSelectionL();
+ break;
+ }
+
+ #ifdef __SERIES60_HELP
+ case EAknCmdHelp:
+ {
+ HlpLauncher::LaunchHelpApplicationL(
+ iEikonEnv->WsSession(), AppUi()->AppHelpContextL() );
+ break;
+ }
+ #endif //__SERIES60_HELP
+
+ default:
+ {
+ AppUi()->HandleCommandL( aCommand );
+ break;
+ }
+ }
+ }
+
+
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HandleClientRectChange()
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::HandleClientRectChange()
+ {
+ if ( iContainer )
+ {
+ iContainer->SetRect( ClientRect() );
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::DoActivateL()
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::DoActivateL(
+ const TVwsViewId& aPrevViewId,TUid /*aCustomMessageId*/,
+ const TDesC8& /*aCustomMessage*/)
+ {
+ LOG_("CVpnManagementUiView::DoActivateL() entered");
+ iLoader->AddResourceFileL(ETrue);
+ if ( iLoader->GSViewId().iViewUid.iUid == 0 )
+ {
+ //must be prepared to application switch, so it stores
+ //only the parent view (General Settings Main View)
+ iLoader->SetGSViewId( aPrevViewId );
+
+ }
+ if ( iContainer )
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveFromViewStack(
+ *this, iContainer );
+ }
+ iContainer = new (ELeave) CVpnManagementUiContainer(
+ *this, *iLoader );
+
+ iContainer->SetMopParent( this );
+ iContainer->ConstructL( ClientRect() );
+ iLoader->ActivateTitleL( KViewTitleManagementView );
+ iLoader->PushDefaultNaviPaneL();
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddToStackL( *this, iContainer );
+ iContainer->DrawListBoxL( iCurrentItem, iTopItemIndex );
+
+ //Listbox observer is set here, instead create listbox
+ iContainer->iListBox->SetListBoxObserver(this);
+
+ // Add MiddleSoftKey
+ CEikButtonGroupContainer* cbaGroup = Cba();
+ if (cbaGroup)
+ {
+ HBufC* text = StringLoader::LoadLC(R_MSK_OPEN);
+ cbaGroup->AddCommandToStackL(
+ KVpnMSKControlId, EVpnUiCmdOpen, text->Des());
+ CleanupStack::PopAndDestroy(text);
+ }
+ LOG_("CVpnManagementUiView::DoActivateL() exited");
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HandleCommandL()
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::DoDeactivate()
+ {
+ LOG_("CVpnManagementUiView::DoDeactivate() entered");
+ if ( iContainer )
+ {
+ AppUi()->RemoveFromViewStack( *this, iContainer );
+
+ delete iContainer;
+ iContainer = NULL;
+ }
+ LOG_("CVpnManagementUiView::DoDeactivate() exited");
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HandleListBoxEventL
+// ---------------------------------------------------------------------------
+
+void CVpnManagementUiView::HandleListBoxEventL(CEikListBox* /*aListBox*/,
+ TListBoxEvent aEventType)
+ {
+ switch (aEventType)
+ {
+ case EEventEnterKeyPressed:
+ case EEventItemSingleClicked:
+ HandleListBoxSelectionL();
+ break;
+ default:
+ break;
+ }
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HandleListBoxSelectionL()
+// ---------------------------------------------------------------------------
+//
+void CVpnManagementUiView::HandleListBoxSelectionL()
+ {
+ ASSERT(iContainer && iContainer->iListBox && iLoader);
+ iCurrentItem = iContainer->iListBox->CurrentItemIndex();
+ iTopItemIndex = iContainer->iListBox->TopItemIndex();
+ switch (iCurrentItem)
+ {
+ case KVpnUiPolicyViewListItemId:
+ iLoader->ChangeViewL(KChangeViewPolicy);
+ break;
+
+ /*** NSSM support is discontinued. The code is left here in comments
+ because the server view might be used for another purpose in
+ future.
+ case KVpnUiServerViewListItemId:
+ iLoader->ChangeViewL(KChangeViewServer);
+ break;
+ ***/
+
+ case KVpnUiLogViewListItemId:
+ iLoader->ChangeViewL(KChangeViewLog);
+ break;
+
+ default:
+ LOG_("CVpnManagementUiView::HandleListBoxSelectionL default");
+ break;
+ }
+ }
+
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::NotifyPolicyImportComplete()
+// ---------------------------------------------------------------------------
+void CVpnManagementUiView::NotifyPolicyImportComplete(TInt aResult)
+ {
+ if ( aResult != KErrNone)
+ LOG_1("CVpnManagementUiView::NotifyPolicyImportComplete:%d", aResult);
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::HasBitmap
+// ---------------------------------------------------------------------------
+TBool CVpnManagementUiView::HasBitmap() const
+ {
+ LOG_("CVpnManagementUiView::HasBitmap() called");
+ return EFalse;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::GetBitmapL
+// ---------------------------------------------------------------------------
+void CVpnManagementUiView::GetBitmapL( CFbsBitmap* /*aBitmap*/,
+ CFbsBitmap* /*aMask*/ ) const
+ {
+ LOG_("CVpnManagementUiView::GetBitmapL() entered");
+ //no bitmap
+ User::Leave( KErrNotFound );
+ LOG_("CVpnManagementUiView::GetBitmapL() exited");
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::PluginProviderCategory
+// ---------------------------------------------------------------------------
+TInt CVpnManagementUiView::PluginProviderCategory() const
+ {
+ LOG_("CVpnManagementUiView::PluginProviderCategory() called");
+ return EGSPluginProviderOEM;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::CreateIconL
+// ---------------------------------------------------------------------------
+CGulIcon* CVpnManagementUiView::CreateIconL( const TUid aIconType )
+ {
+ LOG_("CVpnManagementUiView::CreateIconL() entered");
+
+ TFileName iconsFileName;
+ TFileName dllName;
+ Dll::FileName(dllName);
+ TBuf<2> drive = dllName.Left(2);
+ iconsFileName.Insert(0, drive);
+
+
+ iconsFileName.Append( KDC_APP_BITMAP_DIR );
+ iconsFileName.Append( KFileIcons );
+
+ CGulIcon* icon;
+
+ if( aIconType == KGSIconTypeLbxItem )
+ {
+ icon = AknsUtils::CreateGulIconL(
+ AknsUtils::SkinInstance(),
+ KAknsIIDQgnPropSetConnVpn,
+ iconsFileName,
+ EMbmVpnmanagementuiQgn_prop_set_conn_vpn,
+ EMbmVpnmanagementuiQgn_prop_set_conn_vpn_mask );
+ }
+ else
+ {
+ icon = CGSPluginInterface::CreateIconL( aIconType );
+ }
+ LOG_("CVpnManagementUiView::CreateIconL() exited");
+ return icon;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::Visible
+// ---------------------------------------------------------------------------
+TBool CVpnManagementUiView::Visible() const
+ {
+ LOG_("CVpnManagementUiView::Visible() entered");
+ TInt vpnSupported( 0 );
+ TInt readError(0);
+ TRAPD(loadError,
+ {
+ CRepository* repository = CRepository::NewL(KCRUidCommunicationSettings);
+ readError = repository->Get(KSettingsVPNSupported, vpnSupported);
+ delete repository;
+ });
+ LOG_1("CVpnManagementUiView::Visible():%d exited", vpnSupported);
+ return (vpnSupported && !readError && !loadError) ? ETrue : EFalse;
+ }
+
+// ---------------------------------------------------------------------------
+// CVpnManagementUiView::PluginUid
+// ---------------------------------------------------------------------------
+TUid CVpnManagementUiView::PluginUid() const
+ {
+ LOG_("CVpnManagementUiView::PluginUid() called");
+ return KVpnManagementPluginUid;
+ }
+
+// End of File
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnmanagementui/src/vpnuiloader.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,621 @@
+/*
+* Copyright (c) 2003 - 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: VPN management main view
+*
+*/
+
+
+
+// INCLUDE FILES
+#include <aknnotewrappers.h> // for warning & information notes
+#include <AknWaitDialog.h>
+#include <cmmanagerext.h>
+#include <cmdestinationext.h>
+#include <cmpluginvpndef.h>
+#include <cmapplicationsettingsui.h>
+#include <commdb.h>
+#include <sysutil.h>
+#include <ErrorUI.h>
+#include <bautils.h>
+#include <vpnmanagementuirsc.rsg>
+#include "vpnuiloader.h"
+#include "vpnmanagementuiview.h"
+#include "vpnmanagementuipolicyview.h"
+#include "vpnmanagementuiserverview.h"
+#include "vpnmanagementuilogview.h"
+#include "vpnmanagementuiserversettingsview.h"
+#include "version.h"
+#include "vpnmanagementuiserversettingscontainer.h"
+
+#include "log_vpnmanagementui.h"
+
+// CONSTANTS
+
+
+using namespace CMManager;
+
+
+// ================= MEMBER FUNCTIONS =======================
+
+// ---------------------------------------------------------
+// CVpnUiLoader::CVpnUiLoader()
+// Constructor with parent
+// ---------------------------------------------------------
+//
+CVpnUiLoader::CVpnUiLoader( CVpnManagementUiView* aUiView ):
+ iVpnManagementUiView(aUiView),
+ iResourceLoader(*iCoeEnv)
+ {
+ LOG_("CVpnUiLoader::CVpnUiLoader()");
+ ASSERT( aUiView );
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::~CVpnUiLoader()
+// Destructor
+// ---------------------------------------------------------
+//
+CVpnUiLoader::~CVpnUiLoader()
+ {
+ LOG_("CVpnUiLoader::~CVpnUiLoader()");
+ iVpnManagementUiView = NULL;
+
+ if ( iLogViewVisited == EFalse )
+ delete iVpnManagementUiLogView;
+
+ if ( iPolicyViewVisited == EFalse )
+ delete iVpnManagementUiPolicyView;
+
+ delete iVpnManagementUiParametersView;
+ delete iVpnManagementUiServerView;
+
+ if(iVersionInfoInNaviPane)
+ {
+ delete iVersionInfoInNaviPane;
+ }
+ delete iVpnApiWrapper;
+ delete iWaitDialog;
+ iResourceLoader.Close();
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader* CVpnUiLoader::NewL()
+// ---------------------------------------------------------
+//
+CVpnUiLoader* CVpnUiLoader::NewL(
+ const TRect& aRect, TUid aViewId,
+ CVpnManagementUiView* aUiView )
+ {
+ CVpnUiLoader* self = NewLC( aRect, aViewId, aUiView );
+ CleanupStack::Pop();
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader* CVpnUiLoader::NewLC()
+// ---------------------------------------------------------
+//
+CVpnUiLoader* CVpnUiLoader::NewLC(
+ const TRect& aRect, TUid aViewId,
+ CVpnManagementUiView* aUiView )
+ {
+ CVpnUiLoader* self = new ( ELeave ) CVpnUiLoader( aUiView );
+ CleanupStack::PushL( self );
+ self->ConstructL( aRect, aViewId );
+ return self;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::ConstructL()
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::ConstructL( const TRect& aRect, TUid aViewId )
+ {
+ LOG_("CVpnUiLoader::ConstructL() - begin");
+
+ AddResourceFileL();
+ //Initialization
+ iBackFromServerDefinition = EFalse;
+ iNewServerDefinition = EFalse;
+ iPolicyUpdate = EFalse;
+
+ CEikStatusPane* statusPane = STATIC_CAST(
+ CAknAppUi*, iEikonEnv->EikAppUi())->StatusPane();
+
+ // Fetch pointer to the default navi pane control
+ iNaviPane = static_cast<CAknNavigationControlContainer*> (
+ statusPane->ControlL( TUid::Uid(EEikStatusPaneUidNavi) ) );
+
+ iPreviousAppViewId = aViewId;
+ CreateWindowL();
+
+ iVpnManagementUiPolicyView = CVpnManagementUiPolicyView::NewL(
+ aRect, *this);
+ iVpnManagementUiServerView = CVpnManagementUiServerView::NewL(
+ aRect, *this);
+ iVpnManagementUiLogView = CVpnManagementUiLogView::NewL( aRect, *this);
+ iVpnManagementUiParametersView = CServerSettingsView::NewL( aRect, *this);
+
+ SetRect(aRect);
+
+ LOG(Log::Printf(_L("CVpnUiLoader::ConstructL() - end\n")));
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::FocusChanged(TDrawNow aDrawNow)
+// Added here because FocusChanged need to be included
+// in every control derived from CCoeControl that can have listbox
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::FocusChanged(TDrawNow aDrawNow)
+ {
+ if (iListBox)
+ {
+ iListBox->SetFocus(IsFocused(), aDrawNow);
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::ChangeViewL(TInt aNewTab, TInt aSelectionIndex)
+// Called when the view tab is changed
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::ChangeViewL(TInt aNewTab, TInt aSelectionIndex)
+ {
+ LOG_1("CVpnUiLoader::ChangeViewL():%d", aNewTab);
+ switch (aNewTab)
+ {
+
+ case KChangeViewPrevious:
+ {
+ TVwsViewId currentViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(currentViewId);
+
+ if(iPreviousViewId == currentViewId.iViewUid)
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RegisterViewL(*iVpnManagementUiView);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL( KVpnManagementPluginUid );
+ }
+ else
+ {
+ ((CAknViewAppUi*)iAvkonAppUi)->RegisterViewL(*iVpnManagementUiView);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(
+ iPreviousViewId );
+ }
+ break;
+ }
+ case KChangeViewBack:
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveView(KVpnManagementUiPolicyViewId);
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveView(KVpnManagementUiLogViewId);
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveView(KVpnManagementUiParametersViewId);
+ ((CAknViewAppUi*)iAvkonAppUi)->RemoveView(KVpnManagementUiServerViewId);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL( iGsViewId.iViewUid );
+ ReleaseResource(ETrue);
+ if(iObserver)
+ {
+ iObserver->UiComplete(KUirEventNone);
+ }
+ break;
+
+ case KChangeViewPolicy: //Policy view
+ {
+ // the current view is saved so we
+ // know where to come back
+ TVwsViewId localCurrentViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(
+ localCurrentViewId );
+
+ iPreviousViewId = localCurrentViewId.iViewUid;
+ if ( iPolicyViewVisited == EFalse)
+ ((CAknViewAppUi*)iAvkonAppUi)->AddViewL(iVpnManagementUiPolicyView);
+ iPolicyViewVisited=ETrue;
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(
+ KVpnManagementUiPolicyViewId );
+ break;
+ }
+ case KChangeViewServer: //Policy server view
+ {
+ // the current view is saved so we
+ // know where to come back
+ TVwsViewId localCurrentViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(
+ localCurrentViewId );
+
+ iPreviousViewId = localCurrentViewId.iViewUid;
+
+ ((CAknViewAppUi*)iAvkonAppUi)->AddViewL(iVpnManagementUiServerView);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(
+ KVpnManagementUiServerViewId );
+ break;
+ }
+ case KChangeViewLog: //Log view
+ {
+ // the current view is saved so we
+ // know where to come back
+ TVwsViewId localCurrentViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(
+ localCurrentViewId );
+
+ iPreviousViewId = localCurrentViewId.iViewUid;
+ if ( iLogViewVisited == EFalse)
+ ((CAknViewAppUi*)iAvkonAppUi)->AddViewL(iVpnManagementUiLogView);
+ iLogViewVisited=ETrue;
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(
+ KVpnManagementUiLogViewId );
+ break;
+ }
+
+ case KChangeViewSettings: //VPN policy server parameters view
+ {
+ // the current view is saved so that close settings
+ // knows where to come back
+ TVwsViewId localCurrentViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(
+ localCurrentViewId );
+
+ iPreviousViewId = localCurrentViewId.iViewUid;
+ //Put selected server to CustomMessageId
+ ((CAknViewAppUi*)iAvkonAppUi)->AddViewL(iVpnManagementUiParametersView);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(
+ KVpnManagementUiParametersViewId,
+ TUid::Uid( aSelectionIndex), KNullDesC8 );
+ break;
+ }
+
+ default:
+ break;
+ }
+ }
+
+// ----------------------------------------------------
+// CVpnUiLoader::ActivateTitleL(TInt aCurrentTitle)
+// Activates the VPN policies, VPN policy servers and
+// VPN log views title
+// ----------------------------------------------------
+//
+void CVpnUiLoader::ActivateTitleL(TInt aCurrentTitle)
+ {
+ CEikStatusPane* sp = STATIC_CAST(
+ CAknAppUi*, iEikonEnv->EikAppUi())->StatusPane();
+ // Fetch pointer to the default title pane control
+ CAknTitlePane* title = STATIC_CAST(
+ CAknTitlePane*, sp->ControlL(TUid::Uid(EEikStatusPaneUidTitle)) );
+ TResourceReader reader;
+
+ if ( aCurrentTitle == KViewTitleManagementView )
+ {
+ iCoeEnv->CreateResourceReaderLC( reader, R_VPN_MANAGEMENT_TITLE );
+ }
+ if ( aCurrentTitle == KViewTitlePolicyView )
+ {
+ iCoeEnv->CreateResourceReaderLC( reader, R_VPN_POLICIES_TITLE );
+ }
+ if ( aCurrentTitle == KViewTitleServerView )
+ {
+ iCoeEnv->CreateResourceReaderLC( reader, R_VPN_POLICY_SERVERS_TITLE );
+ }
+ if ( aCurrentTitle == KViewTitleLogView )
+ {
+ iCoeEnv->CreateResourceReaderLC( reader, R_VPN_LOG_TITLE );
+ }
+
+ title->SetFromResourceL( reader );
+ CleanupStack::PopAndDestroy(); // reader
+ }
+
+void CVpnUiLoader::ActivateTitleL(TInt aCurrentTitle, TDes& aText)
+ {
+ CEikStatusPane* sp = STATIC_CAST(
+ CAknAppUi*, iEikonEnv->EikAppUi())->StatusPane();
+ // Fetch pointer to the default title pane control
+ CAknTitlePane* title = STATIC_CAST(
+ CAknTitlePane*, sp->ControlL(TUid::Uid(EEikStatusPaneUidTitle)) );
+
+ if ( aCurrentTitle == KViewTitleParametersView )
+ {
+ title->SetTextL(aText);
+ }
+ }
+// ----------------------------------------------------
+// CVpnUiLoader::ActivateNaviTextL()
+// Activates the VPN log view Navipane text (Version information)
+// ----------------------------------------------------
+//
+void CVpnUiLoader::ActivateNaviTextL()
+ {
+ // version information in navi pane text shown in VPN Log view
+ //TBuf<KVersionLine> version(KVersion);
+ HBufC* naviText = StringLoader::LoadLC(
+ R_VPN_NAVI_CLIENT_VERSION, KVersion/*version*/ );
+ TPtr naviDes=naviText->Des();
+ AknTextUtils::DisplayTextLanguageSpecificNumberConversion(naviDes);
+ iVersionInfoInNaviPane = iNaviPane->CreateMessageLabelL(*naviText);
+ CleanupStack::PopAndDestroy(); //naviText
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::PushNaviPaneL
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::PushNaviPaneL()
+ {
+ iNaviPane->PushL( *iVersionInfoInNaviPane );
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::PopNaviPane
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::PopNaviPane()
+ {
+ if(iVersionInfoInNaviPane)
+ {
+ delete iVersionInfoInNaviPane; //A control is popped from stack
+ iVersionInfoInNaviPane = NULL;
+ }
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::PushDefaultNaviPaneL
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::PushDefaultNaviPaneL()
+ {
+ iNaviPane->PushDefaultL();
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::HandleControlEventL(
+// CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+// Cannot be changed to non-leaving function.
+// L-function is required by the class definition, even if empty.
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::HandleControlEventL(
+ CCoeControl* /*aControl*/,TCoeEvent /*aEventType*/)
+ {
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::OfferKeyEventL()
+// ---------------------------------------------------------
+//
+TKeyResponse CVpnUiLoader::OfferKeyEventL(
+ const TKeyEvent& /*aKeyEvent*/, TEventCode /*aType*/)
+ {
+ // Listbox takes all event even if it doesn't use them
+ return EKeyWasNotConsumed;
+ }
+
+// ----------------------------------------------------------
+// AddResourceFileL()
+// ----------------------------------------------------------
+//
+void CVpnUiLoader::AddResourceFileL(TBool aKeepOpen)
+ {
+ if (!iKeepOpen)
+ {
+ iKeepOpen = aKeepOpen;
+ _LIT(KResourceFile, "\\resource\\vpnmanagementuirsc.rsc");
+ TFileName resourceFileName(KResourceFile);
+ TFileName dllName;
+ Dll::FileName(dllName);
+ TBuf<2> drive = dllName.Left(2);
+ resourceFileName.Insert(0, drive);
+
+ // To enable loading of e.g. vpnmanagementuirsc.r**
+ BaflUtils::NearestLanguageFile(iCoeEnv->FsSession(), resourceFileName);
+ iResourceLoader.OpenL(resourceFileName);
+ LOG_("CVpnUiLoader::AddResourceFileL(");
+ }
+ }
+// ----------------------------------------------------------
+// ReleaseResource()
+// ----------------------------------------------------------
+//
+void CVpnUiLoader::ReleaseResource(TBool aForceClose)
+ {
+ if(!iKeepOpen || aForceClose)
+ {
+ LOG_("CVpnUiLoader::ReleaseResource()");
+ iKeepOpen = EFalse;
+ iResourceLoader.Close();
+ }
+ }
+// ---------------------------------------------------------
+// CVpnUiLoader::DialogDismissedL
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::DialogDismissedL( TInt /*aButtonId*/ )
+ {
+ // The UI is left in an inactive state if the progress dialog is cancelled
+ // very quickly. Thus, we ensure that the UI ends up in an active
+ // state by activating the view that should be active.
+ TVwsViewId activeViewId;
+ ((CAknViewAppUi*)iAvkonAppUi)->GetActiveViewId(activeViewId);
+ ((CAknViewAppUi*)iAvkonAppUi)->ActivateLocalViewL(activeViewId.iViewUid);
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::ShowWaitNoteL
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::ShowWaitNoteL()
+ {
+ // Initialization (before the progress dialog is shown)
+ iTextToShow = EConnectingVia; // "Connecting via '%U'"
+ iWaitNoteStartTime.UniversalTime();
+
+ if ( iWaitDialog )
+ {
+ delete iWaitDialog;
+ iWaitDialog = NULL;
+ }
+ iWaitDialog = new ( ELeave ) CAknWaitDialog
+ ( REINTERPRET_CAST(CEikDialog**,&iWaitDialog),ETrue );
+ iWaitDialog->PrepareLC( R_VPN_WAIT_NOTE );
+ iWaitDialog->SetTone( CAknNoteDialog::ENoTone );
+ iWaitDialog->SetCallback( this );
+
+ SetTextL();
+
+ iWaitDialog->RunLD();
+ iWaitDialog->DrawNow();
+ }
+
+void CVpnUiLoader::DeleteWaitNoteL()
+ {
+ TInt error;
+ // Dismiss wait dialog
+ TRAP(error, iWaitDialog->ProcessFinishedL()); // deletes the wait dialog
+ if (error != KErrNone)
+ {
+ // on error destroy wait note by force.
+ delete iWaitDialog;
+ }
+ iWaitDialog = NULL;
+ }
+
+void CVpnUiLoader::SetTextL()
+ {
+ LOG(Log::Printf(_L("CVpnUiLoader::SetTextL()\n")));
+
+ TTime now;
+ now.UniversalTime();
+
+ TTimeIntervalSeconds secondsPassed;
+ now.SecondsFrom(iWaitNoteStartTime, secondsPassed);
+
+ if (secondsPassed.Int() < KSecondsToShowConnectingVia)
+ {
+ iTextToShow = EConnectingVia; //0
+ }
+ else
+ {
+ iTextToShow = EProcessingStepN; //1
+ iStateCodeToShow = 0;
+ }
+
+ if (iTextToShow == EConnectingVia)
+ {
+ HBufC* string = StringLoader::LoadLC( R_VPN_CONNECTING_VIA_AP, iSelectionName );
+ iWaitDialog->SetTextL( *string );
+ CleanupStack::PopAndDestroy( string );
+ }
+ else
+ {
+ HBufC* string = StringLoader::LoadLC( R_VPN_WAIT_POLICY_DL_PROCESSING, iStateCodeToShow );
+ iWaitDialog->SetTextL( *string );
+ CleanupStack::PopAndDestroy( string );
+ }
+ }
+
+
+void CVpnUiLoader::GetSelectionNameL( TDes& aText )
+ {
+ TCmSettingSelection selection = TCmSettingSelection();
+
+ //Reset update operation for Connecting via note
+ iPolicyUpdate = EFalse;
+
+ HBufC* name = NULL;
+ TInt err = KErrNone;
+ if ( selection.iResult == EDestination )
+ {
+ TRAP( err, (name = CServerSettingsContainer::GetDestinationNameL( selection.iId )));
+ }
+ else if ( selection.iResult == EConnectionMethod )
+ {
+ TRAP( err, (name = CServerSettingsContainer::GetConnectionMethodNameL( selection.iId )));
+ }
+
+ if ( name )
+ {
+ aText.Copy(*name);
+ }
+ delete name;
+ name = NULL;
+ }
+
+
+// ---------------------------------------------------------
+// CVpnUiLoader::FFSSpaceBelowCriticalLevelL
+// ---------------------------------------------------------
+//
+TBool CVpnUiLoader::FFSSpaceBelowCriticalLevelL
+ ( TBool aShowErrorNote, TInt aBytesToWrite /*=0*/ )
+ {
+ LOG_("CVpnUiLoader::FFSSpaceBelowCriticalLevelL() - begin");
+
+ TBool ret( EFalse );
+ if ( SysUtil::FFSSpaceBelowCriticalLevelL
+ ( &(CCoeEnv::Static()->FsSession()), aBytesToWrite ) )
+ {
+ ret = ETrue;
+ if ( aShowErrorNote )
+ {
+ CErrorUI* errorUi = CErrorUI::NewLC( *(CCoeEnv::Static()) );
+ errorUi->ShowGlobalErrorNoteL( KErrDiskFull );
+ CleanupStack::PopAndDestroy(); // errorUi
+ }
+ }
+
+ LOG( Log::Printf(_L("CVpnUiLoader::FFSSpaceBelowCriticalLevelL() - end\n")));
+
+ return ret;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::GetVpnManagementUiView()
+//
+// ---------------------------------------------------------
+//
+CAknView* CVpnUiLoader::GetVpnManagementUiView() const
+ {
+ return iVpnManagementUiView;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::VpnApiWrapperL()
+// ---------------------------------------------------------
+//
+CVpnApiWrapper& CVpnUiLoader::VpnApiWrapperL()
+ {
+ LOG_("CVpnUiLoader::VpnApiWrapperL()");
+ if (!iVpnApiWrapper)
+ iVpnApiWrapper = CVpnApiWrapper::NewL();
+ return *iVpnApiWrapper;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::GsViewId()
+// Called when the view tab is changed
+// ---------------------------------------------------------
+//
+TVwsViewId CVpnUiLoader::GSViewId() const
+ {
+ return iGsViewId;
+ }
+
+// ---------------------------------------------------------
+// CVpnUiLoader::SetGsViewId( TVwsViewId )
+// Called when the view tab is changed
+// ---------------------------------------------------------
+//
+void CVpnUiLoader::SetGSViewId( TVwsViewId aGsViewUid )
+ {
+ iGsViewId = aGsViewUid;
+ }
+
+// End of File
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/data/vpnpolicyrecognizer.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,43 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VpnPolicyRecognizer.
+*
+*/
+
+
+
+#include "ecom/registryinfo.rh"
+
+RESOURCE REGISTRY_INFO theInfo
+{
+dll_uid = 0x101F6D37;
+interfaces =
+ {
+ INTERFACE_INFO
+ {
+ interface_uid = 0x101F7D87;
+ implementations =
+ {
+ IMPLEMENTATION_INFO
+ {
+ implementation_uid = 0x101F6D38;
+ version_no = 1;
+ display_name = "VpnPolicyRecognizer";
+ default_data = "";
+ opaque_data = "";
+ }
+ };
+ }
+ };
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,33 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+#include <platform_paths.hrh>
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+vpnpolicyrecognizer.mmp
+
+PRJ_TESTEXPORTS
+
+
+PRJ_TESTMMPFILES
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/group/vpnpolicyrecognizer.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,44 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Recognize vpn policy files
+*
+*/
+
+#include <data_caging_paths.hrh>
+#include <platform_paths.hrh>
+
+TARGET vpnpolicyrecognizer.dll
+TARGETTYPE plugin
+UID 0x10009d8d 0x101F6D37
+
+CAPABILITY Protserv
+VENDORID VID_DEFAULT
+
+// Sources and headers
+SOURCEPATH ../src
+SOURCE vpnpolicyrecognizer.cpp
+
+USERINCLUDE ../inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+SOURCEPATH ../data
+START RESOURCE vpnpolicyrecognizer.rss
+TARGET vpnpolicyrecognizer.rsc
+END
+
+// Libraries
+LIBRARY euser.lib
+LIBRARY apmime.lib
+LIBRARY ECom.lib
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/inc/vpnpolicyrecognizer.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,42 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Recognize vpn policy files
+*
+*/
+
+
+
+#ifndef CVPNPOLICYRECOGNIZER_H
+#define C_VPNPOLICYRECOGNIZER_H
+
+#include <e32base.h>
+#include <apmrec.h>
+
+
+class CVpnPolicyRecognizer : public CApaDataRecognizerType
+ {
+public:
+ static CVpnPolicyRecognizer* NewL();
+ ~CVpnPolicyRecognizer();
+
+ TDataType SupportedDataTypeL(TInt aIndex) const;
+ void DoRecognizeL(const TDesC &aName, const TDesC8 &aBuffer);
+
+private:
+ CVpnPolicyRecognizer();
+
+ };
+
+#endif // C_VPNPOLICYRECOGNIZER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/inc/vpnpolicyrecognizerconstants.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Recognize vpn policy files
+*
+*/
+
+
+
+#ifndef VPNPOLICYRECOGNIZERCONSTANTS_H
+#define VPNPOLICYRECOGNIZERCONSTANTS_H
+
+#include <e32base.h>
+
+
+const TUint KVpnPolicyRecognizerId = 0x101F6D38;
+const TUid KVpnPolicyRecognizerUid = { KVpnPolicyRecognizerId };
+
+const TInt KSupporstedMimeTypeCount = 2;
+_LIT8(KZippedPolicyFile, "application/x-vpn-policy");
+_LIT8(KPolicyInfoFile, "application/x-ipsec-policy-info");
+
+const TInt KFileExtensionLength = 4;
+_LIT(KVpnZipPolicyFileExtension, ".vpn");
+_LIT(KVpnPinPolicyFileExtension, ".pin");
+
+#endif //VPNPOLICYRECOGNIZERCONSTANTS_H
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/rom/vpnpolicyrecognizer.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,35 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: ROM build file for VPNPolicyRecognizer.
+*
+*/
+
+
+
+#ifndef __VPNPOLICYRECOGNIZER_IBY__
+#define __VPNPOLICYRECOGNIZER_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNPOLINS not included in this rom
+
+#else
+
+
+ECOM_PLUGIN(vpnpolicyrecognizer.dll,vpnpolicyrecognizer.rsc)
+data=ZRESOURCE\plugins\vpnpolicyrecognizer.rsc RESOURCE_FILES_DIR\plugins\vpnpolicyrecognizer.rsc
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNPOLICYRECOGNIZER_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolicyrecognizer/src/vpnpolicyrecognizer.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,92 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Recognize vpn policy files
+*
+*/
+
+#include <f32file.h>
+#include <ecom/implementationproxy.h>
+
+#include "vpnpolicyrecognizer.h"
+#include "vpnpolicyrecognizerconstants.h"
+
+
+const TImplementationProxy ImplementationTable[] =
+ {
+ IMPLEMENTATION_PROXY_ENTRY(KVpnPolicyRecognizerId, CVpnPolicyRecognizer::NewL)
+ };
+
+
+EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
+ {
+ aTableCount = sizeof(ImplementationTable) / sizeof(TImplementationProxy);
+ return ImplementationTable;
+ }
+
+
+CVpnPolicyRecognizer* CVpnPolicyRecognizer::NewL()
+ {
+ CVpnPolicyRecognizer* self = new (ELeave) CVpnPolicyRecognizer;
+
+ return self;
+ }
+
+
+CVpnPolicyRecognizer::CVpnPolicyRecognizer()
+: CApaDataRecognizerType(KVpnPolicyRecognizerUid, EHigh)
+ {
+ iCountDataTypes = KSupporstedMimeTypeCount;
+ }
+
+
+CVpnPolicyRecognizer::~CVpnPolicyRecognizer()
+ {
+ }
+
+
+TDataType CVpnPolicyRecognizer::SupportedDataTypeL(TInt aIndex) const
+ {
+
+ if (aIndex == 0)
+ {
+ return TDataType(KZippedPolicyFile);
+ }
+ else
+ {
+ return TDataType(KPolicyInfoFile);
+ }
+ }
+
+
+void CVpnPolicyRecognizer::DoRecognizeL(const TDesC &aName, const TDesC8& /*aBuffer*/)
+ {
+
+ iConfidence=ENotRecognized;
+
+ if (aName.Length() >= KFileExtensionLength)
+ {
+ TPtrC extension(aName.Right(KFileExtensionLength));
+
+ if (extension.CompareF(KVpnZipPolicyFileExtension) == 0)
+ {
+ iConfidence=ECertain;
+ iDataType=TDataType(KZippedPolicyFile);
+ }
+ else if (extension.CompareF(KVpnPinPolicyFileExtension) == 0)
+ {
+ iConfidence=ECertain;
+ iDataType=TDataType(KPolicyInfoFile);
+ }
+ }
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/data/vpnpolins_reg.rss Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,38 @@
+/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Resource definitions for VPNPolins.
+*
+*/
+
+
+#include <appinfo.rh>
+
+UID2 KUidAppRegistrationResourceFile
+UID3 0x1000597E
+
+RESOURCE APP_REGISTRATION_INFO
+ {
+ app_file = "VpnPolIns";
+ hidden = KAppIsHidden; // For test purposes, you can use the value KAppNotHidden
+ // localisable_resource_file = "\\resource\\apps\\vpnpolins_loc";
+ // embeddability=KAppNotEmbeddable;
+ // newfile=KAppDoesNotSupportNewFile;
+
+ // MIME types
+ datatype_list=
+ {
+ DATATYPE { priority=EDataTypePriorityHigh; type="application/x-ipsec-policy-info"; },
+ DATATYPE { priority=EDataTypePriorityHigh; type="application/x-vpn-policy"; }
+ };
+ }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/group/ats_vpnpolins.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,65 @@
+/*
+* Copyright (c) 2006 - 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnpolins
+*
+*/
+
+
+TARGET vpnpolins.exe
+TARGETTYPE exe
+UID 0 0x1000597E
+
+CAPABILITY NetworkControl ReadDeviceData DiskAdmin
+VENDORID VID_DEFAULT
+
+MACRO ATS_BUILD
+
+SOURCEPATH ..\src
+SOURCE policyinstaller.cpp
+SOURCE zipfiledecompressor.cpp
+SOURCE cmdfileparser.cpp
+SOURCE vpnbundlehandler.cpp
+SOURCE vpndevlockhandler.cpp
+
+USERINCLUDE ..\inc
+USERINCLUDE ..\..\vpnpolicyrecognizer\inc
+USERINCLUDE ..\..\..\vpnengine\vpnextapi\inc
+USERINCLUDE ..\..\..\vpnengine\vpnmanager\inc
+USERINCLUDE ..\..\..\vpnengine\acuagent\inc
+USERINCLUDE ..\..\..\vpnengine\acupluginlib\inc
+USERINCLUDE ..\..\vpnecomnotifier\inc
+USERINCLUDE ..\..\..\vpnengine\pkiserviceapi\inc
+USERINCLUDE ..\..\..\vpnengine\vpncommon\inc
+USERINCLUDE ..\..\..\vpnengine\utlpkcs12\inc
+USERINCLUDE ..\..\..\vpnengine\utlxml\inc
+SYSTEMINCLUDE \epoc32\include
+
+START RESOURCE ..\data\vpnpolins_reg.rss
+TARGETPATH \private\10003a3f\apps
+END
+
+LIBRARY vpnapi.lib
+LIBRARY euser.lib
+LIBRARY apparc.lib
+LIBRARY efsrv.lib
+LIBRARY bafl.lib
+LIBRARY ezip.lib
+LIBRARY sysutil.lib
+
+LIBRARY utlpkcs12.lib
+LIBRARY utlxml.lib
+
+// File logger only needed for debug builds
+DEBUGLIBRARY flogger.lib
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/group/bld.inf Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+#include <platform_paths.hrh>/*
+* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This file provides the information required for building the module.
+*
+*/
+
+
+
+PRJ_PLATFORMS
+
+PRJ_EXPORTS
+
+PRJ_MMPFILES
+#ifdef ATS_BUILD
+ ats_vpnpolins.mmp
+#else
+ vpnpolins.mmp
+#endif
+
+PRJ_TESTEXPORTS
+
+
+PRJ_TESTMMPFILES
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/group/vpnpolins.mmp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,61 @@
+/*
+* Copyright (c) 2006 - 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Project definition file for project vpnpolins
+*
+*/
+
+#include <platform_paths.hrh>
+
+TARGET vpnpolins.exe
+TARGETTYPE exe
+UID 0 0x1000597E
+
+VENDORID VID_DEFAULT
+
+SOURCEPATH ../src
+SOURCE policyinstaller.cpp
+SOURCE zipfiledecompressor.cpp
+SOURCE cmdfileparser.cpp
+SOURCE vpnbundlehandler.cpp
+SOURCE vpndevlockhandler.cpp
+
+USERINCLUDE ../inc
+USERINCLUDE ../../vpnpolicyrecognizer/inc
+USERINCLUDE ../../../vpnengine/vpnmanager/inc
+USERINCLUDE ../../vpnecomnotifier/inc
+USERINCLUDE ../../../vpnengine/pkiserviceapi/inc
+USERINCLUDE ../../../vpnengine/vpncommon/inc
+USERINCLUDE ../../../vpnengine/utlpkcs12/inc
+USERINCLUDE ../../../vpnengine/utlxml/inc
+
+MW_LAYER_SYSTEMINCLUDE
+
+START RESOURCE ../data/vpnpolins_reg.rss
+TARGETPATH /private/10003a3f/apps
+END
+
+LIBRARY vpnapi.lib
+LIBRARY euser.lib
+LIBRARY apparc.lib
+LIBRARY efsrv.lib
+LIBRARY bafl.lib
+LIBRARY ezip.lib
+LIBRARY sysutil.lib
+
+LIBRARY utlpkcs12.lib
+LIBRARY utlxml.lib
+
+// File logger only needed for debug builds
+DEBUGLIBRARY flogger.lib
+CAPABILITY NetworkControl ReadDeviceData DiskAdmin
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/cmdfileparser.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,197 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Handles VPN command file parsing.
+*
+*/
+
+
+
+
+#ifndef C_VPNCOMMANDFILEPARSER_H
+#define C_VPNCOMMANDFILEPARSER_H
+
+#include <e32base.h>
+
+/**
+ * Parser utility class for VPN command file (.vpn).
+ * Public interface offers functions for parsing
+ * and querying the parsed values.
+ * Internal implementation parses XML tree and extracts
+ * found parameters to local container.
+ *
+ */
+class CCmdFileParser : public CBase
+ {
+// C'tors
+public:
+ /**
+ * No need for two-phased construction
+ */
+ CCmdFileParser();
+ ~CCmdFileParser();
+
+// Public functions
+public:
+ /**
+ * Parse an XML file and store parsed variables to local
+ * structures.
+ *
+ * @param aInputData XML file in 8bit desc buffer.
+ *
+ * @leave Leaves with KErrCorrupt, if the data is not in
+ * expected format.
+ */
+ void ParseL(const TDesC8& aInputData);
+
+ /**
+ * Returns the a parsed string value. Control of the instantiated
+ * object is transferred to the caller. If no value is found,
+ * returns a NULL object.
+ *
+ * @param aUri The "full uri" of the requested value
+ *
+ * @ret HBufC* A pointer to a newly allocated 16bit descriptor containing
+ * the parsed value, or NULL if none found.
+ *
+ * @leave Leaves in case
+ */
+ HBufC* GetParsedValueStrL(const TDesC8& aUri);
+
+ /**
+ * Translates a parsed value to TInt and returns it.
+ * Leaves if the operation cannot be accomplished.
+ *
+ * @param aUri The "full uri" of the requested value
+ * @param aVal Used for TInt return value (if any)
+ *
+ * @leave Leaves if the operation fails.
+ */
+ void GetParsedValueIntL(const TDesC8& aUri, TInt& aVal);
+
+ /**
+ * Translates a parsed value to TBool and returns it.
+ * Leaves if the operation cannot be accomplished.
+ *
+ * @param aUri The "full uri" of the requested value
+ * @param aVal Used for TBool return value (if any)
+ *
+ * @leave Leaves if the operation fails.
+ */
+ void GetParsedValueBoolL(const TDesC8& aUri, TBool& aVal);
+
+private:
+ void ReleaseResources();
+
+ /**
+ * Parse the input XML
+ *
+ */
+ void ParseXmlL(const TDesC8& aInputData);
+
+ /**
+ * Checks whether the encountered "closing" XML node is indeed
+ * the most recently opened.
+ *
+ * @param aName The name to check
+ *
+ * @return ETrue, iff the given name was found on the top
+ * of the iParserStack
+ *
+ */
+ TBool IsTopmostNode(const TDesC8& aName) const;
+
+ /**
+ * Pushes an "opening" XML node on the parser stack.
+ * Instantiates a new stack object based on the given name.
+ *
+ * @param aName The name of the object to push
+ *
+ * @leave Leaves if OOM.
+ */
+ void PushNodeL(const TDesC8& aName);
+
+ /**
+ * Pops the topmost node from the parser stack.
+ * No questions asked.
+ *
+ */
+ void PopNode();
+
+ /**
+ * Constructs a new string, containing the full "URI"
+ * for the given text. It is assumed that the text is
+ * located inside the node that is currently open (i.e.
+ * on the top of the parser stack).
+ * URI is of form "root/branch1/branch6/aText".
+ *
+ * @aText The text in the leafnode -- the last segment
+ * of the uri
+ *
+ * @return Returns a new string containing the full uri
+ * of the leaf (text) node.
+ *
+ * @leave Leaves if OOM
+ *
+ */
+ HBufC8* ParseTreeUriL(const TDesC8& aText) const;
+
+ /**
+ * Checks whether the text segment in XML is valid.
+ * If it begins with CR/LF, it's not.
+ *
+ * @param aText The text to verify.
+ *
+ * @return ETrue only if the text is valid in that
+ * it's not a string beginning with CR/LF
+ *
+ */
+ TBool IsValidText(const TDesC8& aText) const;
+
+ /**
+ * Iterates through parsed values array and checks whether
+ * the given URI is found. If it is, returns the leaf
+ * value of the uri.
+ * URI here must end with slash ("/"), so it must not contain
+ * the related leaf node itself (representing the parameter's
+ * textual value).
+ * Example: FindUri("root/node1/node2/") will return "666"
+ * if there exists a URI "root/node1/node2/666" in the parsed
+ * values array.
+ *
+ * @return A pointer to the found value or KNullDesC8 if none
+ * was found.
+ *
+ */
+ TPtrC8 FindUri(const TDesC8& aUri) const;
+
+
+// Private variables
+private:
+ HBufC* iFileName;
+ HBufC* iFileContents;
+ HBufC* iPKCS12Pwd;
+ TInt iDevLockPolicy;
+ TBool iDevLockRequired;
+ TBool iParseReady;
+
+ // Parser stack consisting of parse tree nodes
+ CArrayFixFlat<HBufC8*>* iParserStack;
+
+ // Parsed stack, consisting of leaf values and their full
+ // tree paths (root/branch1/branch6/leaf_value)
+ CArrayFixFlat<HBufC8*>* iParsedValuesArray;
+ };
+
+#endif // C_VPNPOLICYINSTALLER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/cmdfilexmltags.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,62 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Literal constants for VPN command file XML tags
+*
+*/
+
+
+
+
+#ifndef C_VPNCMDFILEXMLTAGS_H
+#define C_VPNCMDFILEXMLTAGS_H
+
+_LIT(KCmdFileStart, "vpncommands");
+
+// Versioninfo and its subtree
+_LIT(KCmdVersionInfo, "versionInfo");
+_LIT(KCmdVersion, "version");
+_LIT(KCmdDescription, "description");
+_LIT(KCmdCreated, "created");
+
+// Device and its subtree
+_LIT(KCmdDevice, "device");
+_LIT(KCmdDeviceLock, "devicelock");
+_LIT(KCmdLockPolicy, "lockPolicy");
+_LIT(KCmdRequired, "required");
+
+// PKCS#12 and its subtree
+_LIT(KCmdPKCS12, "pkcs12");
+_LIT(KCmdP12Pwd, "p12pwd");
+
+_LIT(KCmdUriSeparator, "/");
+
+_LIT8(KCmdCr, "\r");
+_LIT8(KCmdLf, "\n");
+
+_LIT(KTrue, "true");
+_LIT(KFalse, "false");
+
+// URIs for parameter value extracting
+
+// PKCS#12 password parameter
+_LIT8(KCmdPKCS12PasswordUri, "vpncommands/pkcs12/p12pwd/");
+
+// Devlock policy level setting
+_LIT8(KCmdDevlockPolicyUri, "vpncommands/device/devicelock/lockPolicy/");
+
+// Devlock policy level optionality
+_LIT8(KCmdDevlockRequiredUri, "vpncommands/device/devicelock/required/");
+
+#endif // C_VPNCMDFILEXMLTAGS_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/policyinstaller.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,258 @@
+/*
+* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Controls the vpn policy import procedure.
+*
+*/
+
+
+
+
+#ifndef C_VPNPOLICYINSTALLER_H
+#define C_VPNPOLICYINSTALLER_H
+
+#include <e32base.h>
+#include "vpnnotifierdefs.h"
+
+#include "vpnapi.h"
+#include "vpnnotifierdefs.h"
+
+class CZipFileDecompressor;
+class CApaCommandLine;
+class CVpnPolicyInstaller;
+
+/**
+ * Activeobject for wait note during policy import procedure
+ *
+ */
+class CImportWaitNoteHandler : public CActive
+ {
+public:
+ static CImportWaitNoteHandler* NewL(CVpnPolicyInstaller* aCallBack);
+ CImportWaitNoteHandler(CVpnPolicyInstaller* aCallBack);
+ ~CImportWaitNoteHandler();
+
+protected:
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+ void ConstructL();
+
+public:
+ /**
+ * Starts the wait note. The exact nature of note depends on aNoteId
+ * parameter.
+ *
+ * @param aNoteId The note type to display. Possible values are
+ * TVpnDialog::EPolicyInstallInProgress ("Importing"; default)
+ * and TVpnDialog::EGenericProgress ("Processing" with no cancel)
+ */
+ void StartWaitNote(TInt aNoteId = TVpnDialog::EPolicyInstallInProgress);
+
+protected:
+ TPckgBuf<TVpnDialogInfo> iDialogInfoDes;
+ TPckgBuf<TVpnDialogOutput> iDialogResponseDes;
+ RNotifier iNotifier;
+ TInt iStatem;
+
+ // Callback used when cancel occurs
+ CVpnPolicyInstaller* iCallBack;
+ };
+
+class CVpnPolicyInstaller : public CActive
+ {
+public:
+ static CVpnPolicyInstaller* NewL();
+ ~CVpnPolicyInstaller();
+
+ void InstallPolicy();
+ void DialogDismissedL(TInt /*aButtonId*/)
+ {
+ };
+ void UserCancelledWait();
+ void CancelWaitNote();
+
+protected: // From CActive
+ void DoCancel();
+ void RunL();
+ TInt RunError(TInt aError);
+
+private:
+ CVpnPolicyInstaller();
+ void ConstructL();
+
+ /**
+ * Starts the policy installation process
+ */
+ void InstallPolicyL();
+
+ /**
+ * Unzips the .VPN zipped file
+ */
+ void DeflateZippedPolicyL();
+
+ /**
+ * "Emtpies" the temp dir that was used for zip extraction
+ */
+ void EmtpyTempDirL();
+
+ /**
+ * Locate the command file from the extracted VPN file contents,
+ * and parse it. Parsed variables are stored locally to CVpnPolicyInstaller
+ * instance (at the moment, the variables are PKCS#12 password,
+ * device lock policy level and device lock optionality information)
+ */
+ void ExtractAndParseCmdFileL();
+
+ /**
+ * Install a policy that is unpacked. Used after a VPN file has been
+ * decompressed, as well.
+ */
+ void InstallPinPolicyL(const TDesC& aFileDirectory);
+
+ /**
+ * Shows a generic "Installation failed" note
+ */
+ void ShowImportErrorNote(const TInt aReason = KErrGeneral);
+
+ /**
+ * Shows the device lock related confirmation note
+ * "Import VPN policy X? Note: devlock will be forced"
+ *
+ * @return ETrue iff the user gave positive confirmation
+ */
+ TBool ShowDevLockConfirmNote();
+
+ /**
+ * Shows the standard confirmation note
+ * "Import VPN policy X?"
+ * Used when a) no devlock used or b) devlock use is optional and
+ * no device lock found / device lock not accessible by VPN.
+ *
+ * @return ETrue iff the user gave positive confirmation
+ */
+ TBool ShowConfirmNote();
+
+ /**
+ * Shows a wait note. Default wait note is "Importing policy" (can
+ * be cancelled). For special purposes, a generic "Processing" wait
+ * note (non-cancellable) can be used.
+ *
+ * @param aNoteId The type of the note to display. Valid values are
+ * TVpnDialog::EPolicyInstallInProgress and
+ * TVpnDialog::EGenericProgress
+ */
+ void ShowWaitNoteL(TInt aNoteId = TVpnDialog::EPolicyInstallInProgress);
+
+ /**
+ * Continues policy install operation
+ *
+ */
+ void ContinueInstallPolicyL();
+
+ /**
+ * After VPN zip has been decompressed, go through its contents,
+ * locate the commanad / p12 files, check the device lock status,
+ * parse command file, and extract p12 objects.
+ *
+ */
+ void ProcessBundleContentsL();
+
+ /**
+ * Parse cmd file XML and extract the relevant parameters to local
+ * instance variables
+ *
+ * @param aCmdData XML-formatted cmd file data, in 8bit descriptor
+ *
+ * @leave Leaves if oom, or if data is corrupted
+ */
+ void ExtractCommandParametersL(const TDesC8& aCmdData);
+
+ /**
+ * Dump PKCS#12 objects into separate files
+ *
+ * @param aData Raw PKCS#12 data in binary format
+ * @param aPwd The password used for descrambling PKCS#12 data.
+ * If password is wrong, it will be prompted again (and again,
+ * and again...)
+ *
+ * @leave Leaves if PKCS#12 is corrupt or OOM
+ *
+ */
+ void ExtractPKCS12ObjectsL(const TDesC8& aData, const TDesC& aPwd);
+
+ /**
+ * Checks whether device lock is available, and usable by VPN.
+ * Returns false if it's not. Leaves in case of OOM.
+ *
+ * @return ETrue iff device lock is available and VPN-enabled
+ */
+ TBool IsDeviceLockAvailable();
+
+ /**
+ * Checks whether Device Lock is available / requested, and then
+ * prompts the user about it with confirm note
+ *
+ * @return ETrue if user confirmed devicelock policy install
+ */
+ TBool ConfirmDeviceLockUseL();
+
+ /**
+ * Applies the device lock settings. This should be done only after
+ * the policy has been successfully imported.
+ *
+ * @leave Leaves if OOM or if there are problems with device
+ * lock access.
+ *
+ */
+ void ApplyDevLockSettingsL();
+
+ enum TTask
+ {
+ ETaskNone = 1,
+ ETaskImportPinPolicies,
+ ETaskImportZippedPolicies,
+ ETaskShowImportErrorNote
+ };
+
+
+ RNotifier iNotifier;
+ RVpnApi iVpnServ;
+ RFs iFileServer;
+
+
+ CApaCommandLine* iCommandLine;
+ HBufC* iDriveAndPath;
+ HBufC* iFormat;
+ HBufC8* iFileName;
+
+ HBufC* iP12Password;
+ TInt iDevLockPolicy;
+ TBool iDevLockRequired;
+ TBool iDevSupportsDevLock;
+
+ TTask iOngoingTask;
+
+ RLibrary iTCLib;
+
+ CZipFileDecompressor* iDecompressor;
+
+ TPckgBuf<TVpnDialogInfo> iDialogInfoDes;
+ TPckgBuf<TVpnDialogOutput> iDialogResponseDes;
+
+ CImportWaitNoteHandler* iWaitNoteHandler;
+ };
+
+#endif // C_VPNPOLICYINSTALLER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/policyinstaller_constants.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,32 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Controls the vpn policy import procedure.
+*
+*/
+
+
+
+
+#ifndef C_VPNPOLICYINSTALLER_CONSTANTS_H
+#define C_VPNPOLICYINSTALLER_CONSTANTS_H
+
+_LIT(KTempDirectory, "c:\\system\\data\\vpn\\temp\\");
+_LIT(KDefaultPolicyImportDir, "C:\\System\\Data\\Security\\Install\\");
+_LIT(KPKCS12Pattern, "*.p12");
+_LIT(KCommandFilePattern, "*.vpc");
+_LIT(KDevLockLibName, "terminalcontrol.dll");
+_LIT(KVpnDevLockWrapperDll, "vpntcwrapper.dll");
+
+#endif // C_VPNPOLICYINSTALLER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/vpnbundlehandler.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,148 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Extracted VPN bundle file handler.
+*
+*/
+
+
+
+
+#ifndef C_VPNBUNDLEHANDLER_H
+#define C_VPNBUNDLEHANDLER_H
+
+#include <e32base.h>
+#include <f32file.h>
+
+/**
+ * Basic handler for VPN bundle (i.e. the extracted .VPN file contents)
+ *
+ * Can be used to verify .vpn / .p12 file existence, and to
+ * extract raw .vpn / .p12 file data into buffers.
+ */
+class CVpnBundleHandler : public CBase
+ {
+public:
+ /**
+ * Standard twophased constructor.
+ *
+ * @param aBundleDir Reference to the directory where the
+ * extracted bundle is located.
+ *
+ */
+ static CVpnBundleHandler* NewL(const TDesC& aBundleDir);
+ /**
+ * Standard twophased constructor that leaves CleanupStack
+ * residuals.
+ *
+ * @param aBundleDir Reference to the directory where the
+ * extracted bundle is located.
+ *
+ */
+ static CVpnBundleHandler* NewLC(const TDesC& aBundleDir);
+ ~CVpnBundleHandler();
+
+private:
+ CVpnBundleHandler(const TDesC& aBundleDir);
+
+protected:
+ void ConstructL();
+
+public:
+
+ /**
+ * Gather information about the bundle contents:
+ * Extract filenames for PKCS12 package and
+ * VPN command file (if those exist) to local variables.
+ *
+ *
+ * @leave Leaves if there are more than 1 cmd files / p12 packages
+ */
+ void AnalyzeBundleContentsL();
+
+ /**
+ * Returns ETrue iff a command file was found in bundle analysis
+ *
+ * @return ETrue iff a command file was found in bundle analysis
+ *
+ */
+ TBool CommandFileExists() const;
+
+ /**
+ * Returns ETrue iff a PKCS#12 file was found in bundle analysis
+ *
+ * @return ETrue iff a PKSC#12 file was found in bundle analysis
+ */
+ TBool PKCS12FileExists() const;
+
+ /**
+ * Extracts PKCS12 data from the PKCS#12 file into a 8bit buffer.
+ *
+ * @return HBufC8* buffer containing the raw PKCS#12 data.
+ * Control of the object transferred to caller.
+ *
+ * @leave Leaves if OOM, or if file operations fail.
+ */
+ HBufC8* ExtractPKCS12DataL();
+
+ /**
+ * Extracts VPN command file XML data from the command file
+ * into a 8bit buffer.
+ *
+ * @return HBufC8* buffer containing the raw command file
+ * XML data. Control of the object transferred to caller.
+ *
+ * @leave Leaves if OOM, or if file operations fail.
+ */
+ HBufC8* ExtractCommandFileDataL();
+
+private:
+
+ /**
+ * Extracts the command file name to iCommandFileName.
+ * Command file name is decided by searching the temp directory
+ * into which the VPN file was extracted. If more than one command
+ * file is found, or OOM, the function may leave.
+ * Command file search is based on file extension pattern (".vpc")
+ *
+ * @leave Leaves if OOM or more than one command files found
+ */
+ void LocateCommandFileL();
+
+ /**
+ * Extracts the PKCS#12 file name to iPKCS12FileName.
+ * PKCS#12 file name is decided by searching the temp directory
+ * into which the VPN file was extracted. If more than one PKCS#12
+ * file is found, or OOM, the function may leave.
+ * Command file search is based on file extension pattern
+ * (".p12")
+ *
+ * @leave Leaves if OOM or more than one command files found
+ */
+ void LocatePKCS12FileL();
+
+private:
+ // Full filename (path included) to PKCS#12 file in .VPN bundle
+ HBufC* iPKCS12FileName;
+
+ // Full filename (path included) to command file in .VPN bundle
+ HBufC* iCommandFileName;
+
+ // Reference to the location of extracted .VPN bundle
+
+ TPtrC iBundleFileDir; // ref
+ RFs iFileServer;
+ };
+
+#endif // C_VPNPOLICYINSTALLER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/vpndevlockhandler.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,388 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Device lock handling related classes
+*
+*/
+
+
+
+
+#ifndef C_VPNDEVLOCKHANDLER_H
+#define C_VPNDEVLOCKHANDLER_H
+
+#include <e32base.h>
+#include <TerminalControl3rdPartyAPI.h>
+#include <TerminalControl.h>
+
+class CVpnTcStub;
+
+/**
+ * Process:
+ * 1. Instantiate devlock policy handler
+ * 2. Make sure devlock is available and VPN can use it
+ * If TerminalControlUsableL() leaves, device lock can't be used.
+ * 3. (do other required stuff, e.g. pkcs12 deciphering and
+ * policy installation)
+ * 4. Set the desired terminal control device lock policy by
+ * calling SetTerminalControlPolicyL(). TInt parameter
+ * dictates what kind of a policy will be set.
+ * If there are mutual attributes which exist in both
+ * current TC dev lock settings and in the intended
+ * VPN-imported settings, always use the stricter
+ * value for the attribute (i.e. if VPN wants to set devlock
+ * timeout to 50 and current policy has a timeout 20, stick
+ * with the current policy).
+ */
+
+/**
+ * CVpnDevLockAttribute class defines a single devicelock related
+ * attribute and its value. E.g. "ETimeout" with value "30" (minutes).
+ *
+ * ID range comes from TerminalControl3rdPartyAPI.h.
+ *
+ */
+class CVpnDevLockAttribute : public CBase
+ {
+public:
+ /**
+ * Instantiate a single attribute, with given ID and value
+ *
+ * @param aId The ID of the attribute, from TerminalControl3rdPartyAPI
+ * defined range
+ * @param aVal The string value of the attribute. New memory will be allocated
+ * locally for the value.
+ *
+ * @return CVpnDevLockAttribute* the instantiated object.
+ *
+ * @leave Leaves if OOM
+ */
+ static CVpnDevLockAttribute* NewL(const TInt aId, const TDesC8& aVal);
+
+ /**
+ * Instantiate a single attribute, with given ID and value
+ *
+ * @param aId The ID of the attribute, from TerminalControl3rdPartyAPI
+ * defined range
+ * @param aVal The TInt value of the attribute. It will be converted to a HBufC8
+ * internally, and new memory will be allocated locally for the new string.
+ *
+ * @return CVpnDevLockAttribute* the instantiated object.
+ *
+ * @leave Leaves if OOM
+ */
+ static CVpnDevLockAttribute* NewL(const TInt aId, const TInt aVal);
+
+ /**
+ * Instantiate a single attribute, with given ID and value.
+ * The instantiated object will remain in CleanupStack.
+ *
+ * @return CVpnDevLockAttribute* the instantiated object.
+ *
+ * @leave Leaves if OOM
+ */
+ static CVpnDevLockAttribute* NewLC(const TInt aId, const TDesC8& aVal);
+
+ /**
+ * Destructor deletes the attribute's locally controlled resources.
+ *
+ */
+ ~CVpnDevLockAttribute();
+
+private:
+ CVpnDevLockAttribute();
+
+protected:
+ /**
+ * Instantiate a single attribute, with given ID and value
+ *
+ * @param aId The ID of the attribute, from TerminalControl3rdPartyAPI
+ * defined range
+ * @param aVal The string value of the attribute. New memory will be
+ * allocated locally for the new string.
+ *
+ * @leave Leaves if OOM
+ */
+ void ConstructL(const TInt aId, const TDesC8& aVal);
+
+ /**
+ * Instantiate a single attribute, with given ID and value
+ *
+ * @param aId The ID of the attribute, from TerminalControl3rdPartyAPI
+ * defined range
+ * @param aVal The TInt value of the attribute. It will be converted to a HBufC8
+ * internally, and new memory will be allocated locally for the new string.
+ *
+ * @leave Leaves if OOM
+ */
+ void ConstructL(const TInt aId, const TInt aVal);
+
+public:
+
+ /**
+ * Returns the TPtrC8 to the attribute value
+ *
+ * @return KNullDesC8 if no attrib value set, the value otherwise
+ */
+ TPtrC8 AttributeValue() const;
+
+ /**
+ * Returns the ID of the attribute. IDs are defined in
+ *
+ * @return TInt ID of the attribute
+ *
+ */
+ TInt AttributeId() const;
+
+ /**
+ * Returns the attribute value converted to TInt
+ *
+ * @param aVal The TInt version of the parameter
+ *
+ * @leave Leaves if the value is not convertible to TInt
+ */
+ void AttributeValueAsIntL(TInt& aVal) const;
+
+private:
+ TInt iAttributeId;
+ HBufC8* iAttributeVal;
+ };
+
+/**
+ * CVpnDevLockPolicy is a container class for device lock related
+ * attributes. Attributes are stored as CVpnDevLockAttribute
+ * objects in the private member variable iPolicyArray.
+ *
+ * Attributes can be accessed using public accessors.
+ *
+ */
+class CVpnDevLockPolicy : public CBase
+ {
+public:
+ /**
+ * Instantiates a new policy with a set of related attributes.
+ * Policy levels are defined in SUB SUB 415-467. Currently,
+ * policy levels 0..3 are supported.
+ *
+ * @return CVpnDevLockPolicy* the instantiated object.
+ *
+ * @leave Leaves if OOM, or if the requested policy level
+ * is not supported.
+ */
+ static CVpnDevLockPolicy* NewL(const TInt aPolLevel);
+
+ /**
+ * Instantiates a new policy with a set of related attributes.
+ * Policy levels are defined in SUB SUB 415-467. Currently,
+ * policy levels 0..3 are supported. The instantiated object
+ * will remain in CleanupStack.
+ *
+ * @return CVpnDevLockPolicy* the instantiated object.
+ *
+ * @leave Leaves if OOM, or if the requested policy level
+ * is not supported.
+ */
+ static CVpnDevLockPolicy* NewLC(const TInt aPolLevel);
+
+ /**
+ * Instantiates a new "empty" policy. The instantiated object
+ * will remain in CleanupStack.
+ *
+ * @return CVpnDevLockPolicy* the instantiated object.
+ *
+ * @leave Leaves if OOM.
+ */
+ static CVpnDevLockPolicy* NewLC();
+
+ /**
+ * Destructor cleans up the locally allocated/controlled resources
+ */
+ ~CVpnDevLockPolicy();
+
+private:
+ CVpnDevLockPolicy();
+
+protected:
+ void ConstructL(const TInt aPolLevel);
+ void ConstructL();
+
+public:
+
+ /**
+ * Returns the attribute count for the policy.
+ *
+ * @return TInt Total count of all defined
+ * attributes in the container
+ */
+ TInt AttributeCount();
+
+ /**
+ * Returns the Policy attribute at the given attribute array
+ * index, if one exists.
+ *
+ * @param aIdx The index of the attribute requested. Must be
+ * between 0 and AttributeCount() - 1, inclusively
+ *
+ * @return The requested attribute or NULL if one didn't exist
+ *
+ */
+ CVpnDevLockAttribute* GetPolicyAttributeAt(const TInt aIdx);
+
+ /**
+ * Add an individual attribute for policy.
+ *
+ * @param aAttrib Attribute ID from device lock attribute range
+ * @param aVal The value to assign. Internally converted to a string.
+ *
+ * @leave Leaves if there is not enough memory; may leave,
+ * if the attribute id is out of range.
+ *
+ */
+ void SetPolicyAttributeL(const TInt aAttrib, const TInt aVal);
+
+ /**
+ * Add an individual attribute for policy
+ *
+ * @param aAttrib Attribute ID from device lock attribute range
+ * @param aVal The value to assign.
+ *
+ * @leave Leaves if there is not enough memory; may leave,
+ * if the attribute id is out of range.
+ *
+ */
+ void SetPolicyAttributeL(const TInt aAttrib, const TDesC8& aVal);
+
+private:
+
+ /**
+ * Sets pre-defined attribute values to the policy according to
+ * policy level.
+ *
+ * @param aPolLevel The requested policy level. Valid values
+ * range is 0..3.
+ *
+ * @leave Leaves if there is not enough memory to allocate
+ * the attribute strings, or if the requested
+ * policy level is not supported (KErrNotSupported)
+ */
+ void SetPolicyLevelL(const TInt aPolLevel);
+
+private:
+ CArrayFixFlat<CVpnDevLockAttribute*>* iPolicyArray;
+ };
+
+/**
+ * The main class for device lock operations.
+ */
+class CVpnDevLockHandler : public CBase
+ {
+public:
+
+ static CVpnDevLockHandler* NewL();
+ static CVpnDevLockHandler* NewLC();
+
+ /**
+ * Standard destructor
+ *
+ */
+ ~CVpnDevLockHandler();
+
+protected:
+ void ConstructL();
+
+private:
+ CVpnDevLockHandler();
+
+public:
+
+ /**
+ * Checks whether VPN has access to terminal control device lock
+ *
+ * @leave Leaves when OOM. Leaves if VPN can't access device
+ * lock settings properly
+ */
+ void TerminalControlSupportsVpnL();
+
+ /**
+ * Sets the terminal control's device lock policy to desired level.
+ * If there are some existing device lock attributes that are
+ * "stricter" than the new ones proposed by the policy level,
+ * those will be left intact. Otherwise, the new requested
+ * values will be applied.
+ *
+ */
+ void SetTerminalControlPolicyL(const TInt aPolLevel);
+
+private:
+
+ /**
+ * Checks whether there is a need to override the old existing
+ * device lock parameter value. Returns ETrue iff the new
+ * suggested value must be applied.
+ *
+ * @param aNew The suggested new attribute
+ *
+ * @ret TBool ETrue, if the old setting was more lenient than the
+ * new one, and therefore needs to be overridden.
+ *
+ * @leave Leaves when OOM
+ */
+ TBool OverrideExistingL(const CVpnDevLockAttribute& aNew);
+
+ /**
+ * Obtains from the device the current setting for the given
+ * attribute.
+ *
+ * @param aAttribId The ID of the attribute for which the value is
+ * to be fetched.
+ *
+ * @return A HBufC8* string containing the requested attribute
+ * value. Memory control of the object passes to the
+ * caller.
+ *
+ * @leave Leaves if OOM or if the device doesn't support
+ * the given attribute.
+ */
+ HBufC8* GetDevAttribValueL(const TInt aAttribId);
+
+ /**
+ * Sets the device's attribute (indicated by parameter's attribute id)
+ * to the value contained by the parameter.
+ *
+ * @param aNew A CVpnDevLockAttribute object containing the desired
+ * new settings
+ *
+ * @leave Leaves if OOM or if the device doesn't support
+ * the given attribute.
+ */
+ void SetDevAttributeL(const CVpnDevLockAttribute& aNew);
+
+ /**
+ * Dynamically load the device lock library (if it's available)
+ *
+ * @return KErrNone if the library was found and is usable
+ * @return KErrNotFound if lib wasn't found or is not usable.
+ */
+ void LoadTCLibraryL();
+
+private:
+
+ RLibrary iTcLib;
+
+ TBool iDevLockAvailable;
+
+ CVpnTcStub* iTcStub;
+ };
+
+#endif // C_VPNPOLICYINSTALLER_H
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/vpntcstub.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,36 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Stub header definition for a dynamically handled terminal control interface
+*
+*/
+
+
+
+#ifndef __VPNTCSTUB_H__
+#define __VPNTCSTUB_H__
+
+class CVpnTcStub : public CBase
+ {
+public:
+ virtual void SetTCAttributeL(const TInt aAttribId,
+ const TDesC8& aVal) = 0;
+ virtual HBufC8* GetTCAttributeL(const TInt aAttribId) = 0;
+ virtual void ConnectToDevLockL() = 0;
+
+
+private:
+ };
+
+#endif
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/inc/zipfiledecompressor.h Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,79 @@
+/*
+* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Uncompress the zipped vpn policies.
+*
+*/
+
+
+
+#ifndef C_ZIPFILEDECOMPRESSOR_H
+#define C_ZIPFILEDECOMPRESSOR_H
+
+#include <e32base.h>
+#include <f32file.h>
+
+
+class CZipFile;
+class CZipFileMemberIterator;
+class CZipFileMember;
+
+class CZipFileDecompressor : public CActive
+ {
+public:
+ static CZipFileDecompressor* NewL();
+ ~CZipFileDecompressor();
+
+ void DecompressZipFile(const TDesC& aSourceFile,
+ const TDesC& aTargetDir,
+ TRequestStatus& aClientStatus);
+
+
+ void DecompressZipFile(RFile& aSourceFile,
+ const TDesC& aTargetDir,
+ TRequestStatus& aClientStatus);
+
+
+ void Cancel();
+protected:
+
+ void RunL();
+ void DoCancel();
+ TInt RunError(TInt aError);
+
+private:
+ CZipFileDecompressor();
+ void ConstructL();
+
+
+
+ void DecompressZipFileL(RFile& aSourceFile,
+ const TDesC& aTargetDir);
+
+
+ void DecompressNextMemberL(CZipFileMember& aMember);
+
+
+ RFs iFileServer;
+ RFile iZippedFile;
+ TBool iCloseZippedFile;
+ TRequestStatus* iClientStatus;
+
+ CZipFile* iZipFile;
+ CZipFileMemberIterator *iZipFileMemberIterator;
+
+ HBufC8* iUncompressedData;
+ RFile iUncompressedFile;
+ };
+
+#endif //C_ZIPFILEDECOMPRESSOR_H
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/rom/vpnpolins.iby Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,34 @@
+/*
+* Copyright (c) 2005 - 2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: ROM build file for VPN Policy Installer.
+*
+*/
+
+
+
+#ifndef __VPNPOLINS_IBY__
+#define __VPNPOLINS_IBY__
+
+#ifdef SYMBIAN_EXCLUDE_IPSEC
+
+REM Feature VPNPOLINS not included in this rom
+
+#else
+
+file=ABI_DIR\BUILD_DIR\vpnpolins.exe PROGRAMS_DIR\vpnpolins.exe
+data=ZPRIVATE\10003A3F\APPS\vpnpolins_REG.RSC Private\10003a3f\import\apps\vpnpolins_reg.rsc
+
+#endif // SYMBIAN_EXCLUDE_IPSEC
+
+#endif // __VPNPOLINS_IBY__
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/src/cmdfileparser.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,464 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Parses the XML command file (VPN command file)
+*
+*/
+
+
+
+#include <e32std.h>
+
+// XML parser includes
+#include "XwImpl.h"
+#include "XppImpl.h"
+
+#include "cmdfilexmltags.h"
+#include "cmdfileparser.h"
+#include "policyinstaller_constants.h"
+#include "log_r6.h"
+
+
+CCmdFileParser::CCmdFileParser()
+ {
+ }
+
+CCmdFileParser::~CCmdFileParser()
+ {
+ LOG_("-> CCmdFileParser::~CCmdFileParser()");
+ ReleaseResources();
+ LOG_("<- CCmdFileParser::~CCmdFileParser()");
+ }
+
+void CCmdFileParser::ParseL(const TDesC8& aInputData)
+ {
+ LOG_("-> CCmdFileParser::ParseL()");
+ // Release any allocated resources, for a clean parse
+ ReleaseResources();
+
+ iParserStack = new (ELeave) CArrayFixFlat<HBufC8*>(3);
+ iParsedValuesArray = new (ELeave) CArrayFixFlat<HBufC8*>(3);
+
+ // Parse XML and extract the parameters
+ ParseXmlL(aInputData);
+
+ iParseReady = ETrue;
+
+ LOG_("<- CCmdFileParser::ParseL()");
+ }
+
+void CCmdFileParser::ReleaseResources()
+ {
+ LOG_("-> CCmdFileParser::ReleaseResources()");
+
+ iParseReady = EFalse;
+
+ delete iFileContents;
+ iFileContents = NULL;
+
+ delete iPKCS12Pwd;
+ iPKCS12Pwd = NULL;
+
+ delete iFileName;
+ iFileName = NULL;
+
+ // Delete parser stack entries before deleting
+ // the stack pointer
+ if (iParserStack)
+ {
+ LOG_(" Deleting items from parser stack");
+
+ for (TInt i = iParserStack->Count() - 1; i >= 0; i--)
+ {
+ LOG_1(" Deleting at %d", i);
+ delete iParserStack->At(i);
+ iParserStack->At(i) = NULL;
+ }
+
+ LOG_(" Reset parser");
+ iParserStack->Reset();
+ }
+
+ delete iParserStack;
+ iParserStack = NULL;
+
+ // Delete parsed values entries before deleting
+ // the array pointer
+ if (iParsedValuesArray)
+ {
+ LOG_(" Deleting items from parsed values");
+ for (TInt i = iParsedValuesArray->Count() - 1; i >= 0; i--)
+ {
+ LOG_1(" Deleting at %d", i);
+ delete iParsedValuesArray->At(i);
+ iParsedValuesArray->At(i) = NULL;
+ }
+
+ LOG_(" Reset parsed values");
+ iParsedValuesArray->Reset();
+ }
+
+ delete iParsedValuesArray;
+ iParsedValuesArray = NULL;
+
+ LOG_("<- CCmdFileParser::ReleaseResources()");
+ }
+
+void CCmdFileParser::PushNodeL(const TDesC8& aName)
+ {
+ LOG_("-> CCmdFileParser::PushNodeL()");
+
+ HBufC8* node = aName.AllocLC();
+
+ LOG8_1(" PUSH Node: '%S'", node);
+
+ iParserStack->AppendL(node);
+ CleanupStack::Pop(node);
+
+ LOG_("<- CCmdFileParser::PushNodeL()");
+ }
+
+void CCmdFileParser::PopNode()
+ {
+ LOG_("-> CCmdFileParser::PopNode()");
+
+ // Just pop, unless we ought to stop
+ TInt lastIdx = iParserStack->Count()-1;
+ if (lastIdx >= 0)
+ {
+ LOG8_1(" POP Node: '%S'", iParserStack->At(lastIdx));
+ LOG_1(" Removing from parserstack index %d", lastIdx);
+
+ delete iParserStack->At(lastIdx);
+ iParserStack->Delete(lastIdx);
+ }
+
+ LOG_("<- CCmdFileParser::PopNode()");
+ }
+
+TBool CCmdFileParser::IsTopmostNode(const TDesC8& aName) const
+ {
+ LOG_("-> CCmdFileParser::IsTopmostNode()");
+ LOG8_1(" CHECKING: '%S'", &aName);
+
+ TBool ret(EFalse);
+ if (iParserStack)
+ {
+ TInt lastIdx = iParserStack->Count()-1;
+ TPtrC8 top = *(iParserStack->At(lastIdx));
+
+ LOG8_1(" FOUND: '%S'", &top);
+
+ if (aName.Compare(top) == 0)
+ {
+ ret = ETrue;
+ }
+ }
+
+ LOG_1("<- CCmdFileParser::IsTopmostNode() val: %d", ret);
+
+ return ret;
+ }
+
+HBufC8* CCmdFileParser::ParseTreeUriL(const TDesC8& aText) const
+ {
+ LOG_("-> CCmdFileParser::ParseTreeUriL()");
+ LOG8_1(" Input: '%S'", &aText);
+
+ HBufC8* ret(NULL);
+ TInt uriLen(aText.Length());
+ TInt itemCount(0);
+ if (iParserStack)
+ {
+ // First, with precise scientifical approach establish
+ // the amount of wide bytes required for storing the URI
+ itemCount = iParserStack->Count();
+
+ LOG_1(" Items in stack: %d", itemCount);
+
+ for (TInt i = 0; i < itemCount; i++)
+ {
+ uriLen += iParserStack->At(i)->Length();
+ }
+
+ // The number of "slash" ("/") characters required,
+ // with utmost precision
+ uriLen += itemCount;
+ ret = HBufC8::NewL(uriLen);
+
+ // And then store the URI to a new string.
+ for (TInt i = 0; i < itemCount; i++)
+ {
+ ret->Des().Append(*(iParserStack->At(i)));
+ ret->Des().Append(KCmdUriSeparator);
+ }
+ ret->Des().Append(aText);
+ }
+
+ LOG_("<- CCmdFileParser::ParseTreeUriL()");
+ return ret;
+ }
+
+TBool CCmdFileParser::IsValidText(const TDesC8& aText) const
+ {
+ LOG_("-> CCmdFileParser::IsValidText()");
+ TBool ret(ETrue);
+
+ // We don't support "CR/LF" characters in the
+ // beginning of valid value names
+ TInt idx = aText.Find(KCmdCr);
+ if (idx >= 0 && idx < 2)
+ {
+ ret = EFalse;
+ }
+ else
+ {
+ idx = aText.Find(KCmdLf);
+ if (idx >= 0 && idx < 2)
+ {
+ ret = EFalse;
+ }
+ }
+
+ LOG_1("<- CCmdFileParser::IsValidText() ret: %d", ret);
+ return ret;
+ }
+
+void CCmdFileParser::ParseXmlL(const TDesC8& aInputData)
+ {
+ LOG_("-> CCmdFileParser::ParseXmlL()");
+
+ LOG_(" Instantiate parser array");
+
+ CDesC8ArrayFlat* parserValueArray = new (ELeave) CDesC8ArrayFlat(10);
+ CleanupStack::PushL(parserValueArray);
+
+ LOG_(" Instantiate XML parser");
+ CXmlPullParser* parser = CXmlPullParser::NewLC(*parserValueArray);
+
+ TPtrC8 name;
+ TPtrC8 attribute;
+
+ LOG_(" Set input");
+ parser->SetInput(aInputData);
+
+ LOG_(" Get length");
+ TInt len = parser->Length();
+ LOG_1(" XML length: %d bytes", len);
+
+ // Check the first element
+ LOG_(" Get the next (first) element");
+ parser->NextL();
+
+ if (parser->State() != CXmlPullParser::EStateStartTag)
+ {
+ LOG_(" LEAVE: XML data is not in VPN's required format!");
+ User::Leave(KErrCorrupt);
+ }
+
+ LOG_(" Starting the main parser loop");
+ TPtrC8 text;
+
+ // Main loop:
+ // - While XML nodes still exist do:
+ // - If "opening" node (<start>), push to the stack
+ // - If "closing" node (</start>), pop from the stack
+ // - If a text node, make sure it's valid and then store
+ // the URI so the value can be fetched later on.
+ while (parser->State() != CXmlPullParser::EStateEndDocument)
+ {
+ parser->Name(name);
+
+ if (parser->State() == CXmlPullParser::EStateStartTag)
+ {
+ LOG8_1(" START: '%S'", &name);
+ PushNodeL(name);
+ }
+ else if (parser->State() == CXmlPullParser::EStateEndTag)
+ {
+ LOG8_1(" END: '%S'", &name);
+ if (IsTopmostNode(name))
+ {
+ PopNode();
+ }
+ else
+ {
+ // Item on top of the stack wasn't what was
+ // expected. Indicates corrupted XML.
+ LOG_(" ERROR: Node end tag mismatch with expected");
+ User::Leave(KErrCorrupt);
+ }
+ }
+ else if (parser->State() == CXmlPullParser::EStateText)
+ {
+ parser->TextL(text);
+ if (IsValidText(text))
+ {
+ LOG8_1(" Text: '%S'", &text);
+
+ HBufC8* uri = ParseTreeUriL(text);
+
+ LOG8_1(" URI: '%S'", uri);
+
+ CleanupStack::PushL(uri);
+
+ iParsedValuesArray->AppendL(uri);
+
+ CleanupStack::Pop(uri);
+ }
+ }
+
+ parser->NextL();
+ }
+
+ LOG_(" Popping");
+
+ CleanupStack::PopAndDestroy(2, parserValueArray);
+
+ LOG_("<- CCmdFileParser::ParseXmlL()");
+ }
+
+
+HBufC* CCmdFileParser::GetParsedValueStrL(const TDesC8& aUri)
+ {
+ LOG_("-> CCmdFileParser::GetParsedValueStrL()");
+
+ HBufC* ret(NULL);
+
+ // Get the "leaf" value (i.e. attribute's value)
+ // and alloc a new string for it
+ TPtrC8 ptr = FindUri(aUri);
+ if (ptr.Length() > 0)
+ {
+ LOG_(" Ptr length > 0");
+ LOG8_1(" Ptr: '%S'", &ptr);
+ ret = HBufC::NewL(ptr.Length());
+ ret->Des().Copy(ptr);
+ }
+ else
+ {
+ LOG_(" Ptr length < 1");
+ }
+
+ LOG_("<- CCmdFileParser::GetParsedValueStrL()");
+
+ return ret;
+ }
+
+void CCmdFileParser::GetParsedValueIntL(const TDesC8& aUri, TInt& aVal)
+ {
+ LOG_("-> CCmdFileParser::GetParsedValueIntL()");
+
+ // Get the attribute's value as string...
+ HBufC* str = GetParsedValueStrL(aUri);
+
+ if (str)
+ {
+ LOG_(" Valid string");
+ CleanupStack::PushL(str);
+
+ // ... and convert it to an integer
+ LOG_(" Converting string to int");
+ TLex lexer(*str);
+ TInt status = lexer.Val(aVal);
+
+ if (status != KErrNone)
+ {
+ LOG_1("<- CCmdFileParser::GetParsedValueIntL() LEAVE: %d", status);
+ User::Leave(status);
+ }
+
+ CleanupStack::PopAndDestroy(str);
+ }
+ else
+ {
+ aVal = KErrNotFound;
+ }
+ LOG_("<- CCmdFileParser::GetParsedValueIntL()");
+ }
+
+void CCmdFileParser::GetParsedValueBoolL(const TDesC8& aUri, TBool& aVal)
+ {
+ LOG_("-> CCmdFileParser::GetParsedValueBoolL()");
+
+ // Get the attribute's value as string...
+ HBufC* str = GetParsedValueStrL(aUri);
+
+ if (str)
+ {
+ CleanupStack::PushL(str);
+
+ // ... and see whether it matches "true"
+ // Note that this comparison is extremely case-sensitive
+ if (str->Compare(KTrue) == 0)
+ {
+ aVal = ETrue;
+ }
+ else
+ {
+ aVal = EFalse;
+ }
+
+ CleanupStack::PopAndDestroy(str);
+ }
+ else
+ {
+ aVal = EFalse;
+ }
+
+ LOG_("<- CCmdFileParser::GetParsedValueBoolL()");
+ }
+
+/**
+ * Extracts the "leaf value" ie. attribute's value instance
+ * from an uri.
+ * E.g. returns "BEEFFACED" if the full URI was
+ * root/node1/node2/attribute1/BEEFFACED
+ * (Or in XML representation,
+ * <node1>
+ * <node2>
+ * <attribute1>BEEFFACED</attribute1>
+ * </node2>
+ * </node1>)
+ *
+ */
+TPtrC8 CCmdFileParser::FindUri(const TDesC8& aUri) const
+ {
+ LOG_("-> CCmdFileParser::FindUri()");
+ LOG8_1(" Searching URI '%S'", &aUri);
+
+ TPtrC8 ret(KNullDesC8);
+
+ if (iParsedValuesArray)
+ {
+ TInt count = iParsedValuesArray->Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ TPtrC8 fulluri = *(iParsedValuesArray->At(i));
+
+ // Check if we find the requested URI from the
+ // very beginning of the parsed value's URI
+ if (fulluri.Find(aUri) == 0)
+ {
+ // Extract the "remaining" string -- the value (assuming correct syntax)
+ ret.Set(fulluri.Right(fulluri.Length() - aUri.Length()));
+ }
+ }
+ }
+
+ LOG_("<- CCmdFileParser::FindUri()");
+
+ return ret;
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/src/policyinstaller.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,949 @@
+ /*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Controls the vpn policy import procedure.
+*
+*/
+
+#include <e32std.h>
+#include <apacmdln.h>
+#include <bautils.h>
+#include <sysutil.h>
+#include <securityerr.h>
+
+#include "policyinstaller.h"
+#include "vpnnotifierdefs.h"
+#include "vpnpolicyrecognizerconstants.h"
+#include "zipfiledecompressor.h"
+#include "policyinstaller_constants.h"
+
+// Device lock / PKCS#12 installation
+#include "vpnbundlehandler.h"
+#include "cmdfileparser.h"
+#include "pkcs12vpn.h"
+#include "cmdfilexmltags.h"
+#include "vpndevlockhandler.h"
+
+
+#include "log_r6.h"
+
+
+void RunServerL();
+
+GLDEF_C TInt E32Main()
+ {
+ __UHEAP_MARK;
+
+ CTrapCleanup* cleanupStack = CTrapCleanup::New();
+ if (!cleanupStack)
+ {
+ return KErrNoMemory;
+ }
+
+ TRAP_IGNORE(RunServerL());
+
+ delete cleanupStack;
+
+ __UHEAP_MARKEND;
+ return KErrNone;
+ }
+
+void RunServerL()
+ {
+ LOG_("-> VPNPolins RunServerL()");
+
+
+ // Create and install the active scheduler
+ LOG_(" Instantiate active scheduler()");
+ CActiveScheduler* scheduler = new (ELeave) CActiveScheduler;
+ CleanupStack::PushL(scheduler);
+ LOG_(" Installing active scheduler()");
+ CActiveScheduler::Install(scheduler);
+
+ // Create the installer active object and issue the install request
+ LOG_(" Instantiating CVpnPolicyInstaller");
+ CVpnPolicyInstaller* installer = CVpnPolicyInstaller::NewL();
+ CleanupStack::PushL(installer);
+
+ LOG_(" Installing policy");
+ installer->InstallPolicy();
+
+ // Now we can start the active scheduler
+ LOG_(" Starting active scheduler");
+ CActiveScheduler::Start();
+
+
+ LOG_(" Returning to RunServerL()");
+
+ // We're done, so remove objects from
+ // cleanup stack and destroy them
+
+ LOG_(" Pop installer");
+ CleanupStack::PopAndDestroy(installer);
+
+ LOG_(" Pop scheduler");
+ CleanupStack::PopAndDestroy(scheduler);
+
+ LOG_("<- VPNPolins RunServerL()");
+ }
+
+
+/////////////////////////////////////
+// CVpnPolicyInstaller class implementation
+
+CVpnPolicyInstaller* CVpnPolicyInstaller::NewL()
+ {
+ CVpnPolicyInstaller* self = new (ELeave) CVpnPolicyInstaller();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+CVpnPolicyInstaller::CVpnPolicyInstaller() : CActive(EPriorityStandard)
+ {
+ }
+
+void CVpnPolicyInstaller::ConstructL()
+ {
+ LOG_("-> CVpnPolicyInstaller::ConstructL()");
+ CActiveScheduler::Add(this);
+ User::LeaveIfError(iNotifier.Connect());
+ User::LeaveIfError(iFileServer.Connect());
+
+
+ TInt err =
+ CApaCommandLine::GetCommandLineFromProcessEnvironment(iCommandLine);
+ User::LeaveIfError(err);
+
+
+ if (iCommandLine->DocumentName().Length() == 0)
+ {
+ User::Leave(KErrArgument);
+ }
+ #ifdef ATS_BUILD
+ _LIT(KPassword, "password");
+ iP12Password = HBufC::NewL(KPassword().Length());
+ iP12Password->Des().Copy(KPassword);
+ #endif
+ LOG_("<- CVpnPolicyInstaller::ConstructL()");
+ }
+
+CVpnPolicyInstaller::~CVpnPolicyInstaller()
+ {
+ LOG_("-> CVpnPolicyInstaller::~CVpnPolicyInstaller()");
+ Cancel();
+
+ delete iDecompressor;
+ delete iDriveAndPath;
+ delete iCommandLine;
+ delete iFormat;
+ delete iFileName;
+ delete iP12Password;
+ delete iWaitNoteHandler;
+
+ iFileServer.Close();
+ iNotifier.Close();
+ iVpnServ.Close();
+
+ LOG_("<- CVpnPolicyInstaller::~CVpnPolicyInstaller()");
+ }
+
+void CVpnPolicyInstaller::InstallPolicy()
+ {
+ LOG_("-> CVpnPolicyInstaller::InstallPolicy()");
+ TRAPD(err, InstallPolicyL());
+ if (err != KErrNone)
+ {
+ LOG_1(" Policy installation terminated with error code %d", err);
+
+ // Show the error note before completing.
+ ShowImportErrorNote(err);
+ }
+ LOG_("<- CVpnPolicyInstaller::InstallPolicy()");
+ }
+
+void CVpnPolicyInstaller::InstallPolicyL()
+ {
+ LOG_("-> CVpnPolicyInstaller::InstallPolicyL()");
+
+ __ASSERT_ALWAYS(iCommandLine, User::Invariant());
+
+ // Disk space criticality check before attempting
+ // to install
+ if (SysUtil::FFSSpaceBelowCriticalLevelL(0, 0))
+ {
+ User::Leave(KErrDiskFull);
+ }
+
+ // Parse the filename that is to be operated on,
+ // and deduce its type (ZIP, PIN etc)
+
+ HBufC* document = iCommandLine->DocumentName().AllocLC();
+ TPtr documentPtr(document->Des());
+ TParsePtr parse(documentPtr);
+ TPtrC extension = parse.Ext();
+ iFormat = extension.AllocL();
+
+ iFileName = HBufC8::NewL(parse.NameAndExt().Length());
+ TPtr8 des = iFileName->Des();
+ des.Copy(parse.NameAndExt());
+
+
+ if (extension.CompareF(KVpnZipPolicyFileExtension) == 0)
+ {
+ LOG_(" Policy is in a VPN zip file");
+ ContinueInstallPolicyL();
+ }
+ else if (extension.CompareF(KVpnPinPolicyFileExtension) == 0)
+ {
+ LOG_(" Policy is unpacked pol/pin file");
+ iDriveAndPath = parse.DriveAndPath().AllocL();
+ ContinueInstallPolicyL();
+ }
+ else
+ {
+ LOG_(" Policy is in an unknown format, leaving");
+ LOG_("<- CVpnPolicyInstaller::InstallPolicyL() (leave)");
+ User::Leave(KErrArgument);
+ }
+
+ CleanupStack::PopAndDestroy(document);
+ LOG_("<- CVpnPolicyInstaller::InstallPolicyL()");
+ }
+
+void CVpnPolicyInstaller::ContinueInstallPolicyL()
+ {
+ LOG_("-> CVpnPolicyInstaller::ContinueInstallPolicyL()");
+
+ if (iFormat->CompareF(KVpnZipPolicyFileExtension) == 0)
+ {
+ DeflateZippedPolicyL();
+ }
+ else if (iFormat->CompareF(KVpnPinPolicyFileExtension) == 0)
+ {
+ InstallPinPolicyL(*iDriveAndPath);
+ }
+ else
+ {
+ LOG_("<- CVpnPolicyInstaller::ContinueInstallPolicyL() (leave)");
+ User::Leave(KErrArgument);
+ }
+ LOG_("<- CVpnPolicyInstaller::ContinueInstallPolicyL()");
+ }
+
+void CVpnPolicyInstaller::InstallPinPolicyL(const TDesC& aFileDirectory)
+ {
+ LOG_("-> CVpnPolicyInstaller::InstallPinPolicy()");
+
+ User::LeaveIfError(iVpnServ.Connect());
+
+ iVpnServ.ImportPolicy(aFileDirectory, iStatus);
+ iOngoingTask = ETaskImportPinPolicies;
+ SetActive();
+ LOG_("<- CVpnPolicyInstaller::InstallPinPolicy()");
+ }
+
+
+void CVpnPolicyInstaller::DeflateZippedPolicyL()
+ {
+ LOG_("-> CVpnPolicyInstaller::DeflateZippedPolicyL()");
+
+ LOG_(" Showing wait note");
+ ShowWaitNoteL(TVpnDialog::EGenericProgress);
+
+ __ASSERT_ALWAYS(!iDecompressor, User::Invariant());
+
+ iOngoingTask = ETaskImportZippedPolicies;
+
+ iDriveAndPath = KTempDirectory().AllocL();
+ iOngoingTask = ETaskImportZippedPolicies;
+
+ //Makes sure the temp dir is empty
+ if (BaflUtils::FolderExists(iFileServer, KTempDirectory))
+ {
+ EmtpyTempDirL();
+ }
+
+ iDecompressor = CZipFileDecompressor::NewL();
+
+ RFile file;
+ iCommandLine->GetFileByHandleL(file);
+
+ if (file.SubSessionHandle())
+ {
+ iDecompressor->DecompressZipFile(file, KTempDirectory, iStatus);
+ }
+ else
+ {
+ iDecompressor->DecompressZipFile(iCommandLine->DocumentName(), KTempDirectory, iStatus);
+ }
+ SetActive();
+
+ LOG_("<- CVpnPolicyInstaller::DeflateZippedPolicyL()");
+ }
+
+void CVpnPolicyInstaller::EmtpyTempDirL()
+ {
+ LOG_("-> CVpnPolicyInstaller::EmtpyTempDirL()");
+ CDir* dir = NULL;
+ User::LeaveIfError(iFileServer.GetDir(KTempDirectory, KEntryAttNormal, ESortByName, dir));
+ CleanupStack::PushL(dir);
+
+
+ TFileName* fileName = new (ELeave) TFileName;
+ CleanupStack::PushL(fileName);
+
+ for (TInt i = 0; i < dir->Count(); ++i)
+ {
+ const TEntry& entry = (*dir)[i];
+ *fileName = KTempDirectory;
+ fileName->Append(entry.iName);
+ User::LeaveIfError(iFileServer.Delete(*fileName));
+ }
+
+ CleanupStack::PopAndDestroy(fileName);
+ CleanupStack::PopAndDestroy(dir);
+ LOG_("<- CVpnPolicyInstaller::EmtpyTempDirL()");
+ }
+
+
+void CVpnPolicyInstaller::DoCancel()
+ {
+ LOG_("-> CVpnPolicyInstaller::DoCancel()");
+
+ CancelWaitNote();
+
+ switch(iOngoingTask)
+ {
+ case ETaskImportZippedPolicies:
+ LOG_(" case ETaskImportZippedPolicies");
+ if (iDecompressor)
+ {
+ iDecompressor->Cancel();
+ delete iDecompressor;
+ iDecompressor = NULL;
+ }
+ break;
+
+ case ETaskImportPinPolicies:
+ LOG_(" case ETaskImportPinPolicies");
+
+ iVpnServ.CancelImport();
+
+ delete iDriveAndPath;
+ iDriveAndPath = NULL;
+ break;
+
+ case ETaskShowImportErrorNote:
+ LOG_(" case ETaskShowImportErrorNote");
+ LOG_1(" (IMPERR) Terminating dialog, iStatus: %d", iStatus.Int());
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ break;
+
+ default:
+ LOG_(" case default");
+ User::Invariant();
+ break;
+ }
+
+ TRAP_IGNORE(EmtpyTempDirL());
+ LOG_("<- CVpnPolicyInstaller::DoCancel()");
+ }
+
+TInt CVpnPolicyInstaller::RunError(TInt aError)
+ {
+ LOG_1("-> CVpnPolicyInstaller::RunError() code: %d", aError);
+
+ CancelWaitNote();
+
+ switch(iOngoingTask)
+ {
+ case ETaskImportZippedPolicies:
+ LOG_(" case ETaskImportZippedPolicies");
+ if (iDecompressor)
+ {
+ LOG_(" Found decompressor, terminating");
+ iDecompressor->Cancel();
+ delete iDecompressor;
+ iDecompressor = NULL;
+ }
+
+
+ LOG_(" case handled");
+ break;
+
+ case ETaskImportPinPolicies:
+ LOG_(" case ETaskImportPinPolicies");
+
+ iVpnServ.CancelImport();
+
+ delete iDriveAndPath;
+ iDriveAndPath = NULL;
+ break;
+
+ case ETaskShowImportErrorNote:
+ LOG_(" case ETaskShowImportErrorNote");
+ LOG_1(" (IMPERR) Terminating dialog, iStatus: %d", iStatus.Int());
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ break;
+
+ default:
+ LOG_(" case default");
+ User::Invariant();
+ break;
+ }
+
+ TRAP_IGNORE(EmtpyTempDirL());
+
+ // Show error note unless the operation was cancelled
+ // (in which case we will just exit silently)
+ if (aError != KErrCancel && aError != KErrBadPassphrase)
+ {
+ ShowImportErrorNote(aError);
+ }
+
+ CActiveScheduler::Stop();
+
+ LOG_("<- CVpnPolicyInstaller::RunError()");
+ return KErrNone;
+ }
+
+void CVpnPolicyInstaller::RunL()
+ {
+
+ LOG_("-> CVpnPolicyInstaller::RunL()");
+ TInt status = iStatus.Int();
+ TBool finished(EFalse);
+
+ switch(iOngoingTask)
+ {
+ case ETaskImportZippedPolicies:
+ LOG_(" Case ETaskImportZippedPolicies");
+ delete iDecompressor;
+ iDecompressor = NULL;
+
+ if (status == KErrNone)
+ {
+ LOG_(" Status: KErrNone, continuing installation");
+
+ ProcessBundleContentsL();
+
+ // Wait note has been cancelled in ProcessBundleContentsL
+ ShowWaitNoteL();
+
+ InstallPinPolicyL(*iDriveAndPath);
+ }
+ else
+ {
+ LOG_1(" Status: %d, aborting installation", status);
+ // Installation FAILED
+ // Policy import failed, so show an error note
+ // (asynchronous call, RunL called again on completion)
+ iOngoingTask = ETaskShowImportErrorNote;
+ ShowImportErrorNote();
+ finished = ETrue;
+ }
+ break;
+
+ case ETaskImportPinPolicies:
+ LOG_(" Case ETaskImportPinPolicies");
+
+ // We're finished, so clean up and terminate
+ TRAP_IGNORE(EmtpyTempDirL());
+
+ if (status == KErrNone)
+ {
+ // Finally, only apply devlock settings
+ // if we've come this far without errors
+ TRAP(status, ApplyDevLockSettingsL());
+ }
+
+ CancelWaitNote();
+
+ delete iDriveAndPath;
+ iDriveAndPath = NULL;
+
+ LOG_1(" Status: %d", status);
+ if (status == KErrNone)
+ {
+ // Everything went OK. Show completion note and finish.
+
+ LOG_(" Completing");
+ iOngoingTask = ETaskNone;
+
+ TVpnDialogInfo dialogInfo(TNoteDialog::EInfo,
+ TVpnNoteDialog::EVpnPolicyInstalled);
+ iDialogInfoDes() = dialogInfo;
+
+ LOG_(" Starting 'finished' dialog");
+
+ iNotifier.StartNotifierAndGetResponse(iStatus,
+ KUidVpnDialogNotifier,
+ iDialogInfoDes,
+ iDialogResponseDes);
+ User::WaitForRequest(iStatus);
+
+
+ LOG_(" Request complete, terminating");
+
+ // We're done, so cancel the completion note, and terminate
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ finished = ETrue;
+ }
+ else if (status != KErrCancel)
+ {
+ // Policy import failed, so show an error note
+ // and terminate
+ LOG_(" Installation failed, showing import error note");
+ iOngoingTask = ETaskShowImportErrorNote;
+ ShowImportErrorNote();
+ finished = ETrue;
+ }
+ else
+ {
+ LOG_(" Installation was cancelled, silent exit");
+ finished = ETrue;
+ }
+ break;
+
+ case ETaskShowImportErrorNote:
+ LOG_(" Case ETaskShowImportErrorNote");
+
+ // Cancel
+ LOG_1(" (imperr) Terminating dialog, status: %d", status);
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ iOngoingTask = ETaskNone;
+
+ // We're done, so terminate
+ finished = ETrue;
+ break;
+
+ default:
+ LOG_(" Case default");
+ User::Invariant();
+ }
+
+ if (finished)
+ {
+ LOG_(" Shutting down active scheduler, all tasks finished");
+ CActiveScheduler::Stop();
+ }
+
+ LOG_("<- CVpnPolicyInstaller::RunL()");
+ }
+
+void CVpnPolicyInstaller::ShowImportErrorNote(const TInt aReason)
+ {
+ LOG_("-> CVpnPolicyInstaller::ShowImportErrorNote()");
+
+
+ TInt reasonCode(TVpnNoteDialog::EPolicyInstallationFailed);
+
+ // Check if we can display a more specific error note
+ if (aReason == KErrAccessDenied)
+ {
+ reasonCode = TVpnNoteDialog::EVpnCannotForceDeviceLock;
+ }
+
+ TVpnDialogInfo dialogInfo(TNoteDialog::EInfo, reasonCode);
+ iDialogInfoDes() = dialogInfo;
+
+ TRequestStatus status;
+
+ iNotifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier,
+ iDialogInfoDes, iDialogResponseDes);
+
+ // Wait until error note completes
+ User::WaitForRequest(status);
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+
+ LOG_("<- CVpnPolicyInstaller::ShowImportErrorNote()");
+ }
+
+TBool CVpnPolicyInstaller::ShowDevLockConfirmNote()
+ {
+ LOG_("-> CVpnPolicyInstaller::ShowDevLockConfirmNote()");
+ TBool ret(EFalse);
+ TRequestStatus status;
+
+ TVpnDialogInfo dialogInfo(TVpnDialog::EDeviceLockConfirmation, 0, *iFileName);
+
+ dialogInfo.SetExtraInput(*iFileName);
+
+ iDialogInfoDes() = dialogInfo;
+
+ iNotifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier,
+ iDialogInfoDes, iDialogResponseDes);
+
+ // Wait until error note completes
+ User::WaitForRequest(status);
+
+ if (status != KErrCancel)
+ {
+ ret = ETrue;
+ }
+
+ LOG_1("<- CVpnPolicyInstaller::ShowDevLockConfirmNote() ret: %d", ret);
+ return ret;
+ }
+
+TBool CVpnPolicyInstaller::ShowConfirmNote()
+ {
+ LOG_("-> CVpnPolicyInstaller::ShowConfirmNoteL()");
+
+ TBool ret(EFalse);
+ TRequestStatus status;
+
+ TVpnDialogInfo dialogInfo(TVpnDialog::EPolicyInstallConfirmation, 0, *iFileName);
+
+ dialogInfo.SetExtraInput(*iFileName);
+
+ iDialogInfoDes() = dialogInfo;
+
+ iNotifier.StartNotifierAndGetResponse(status, KUidVpnDialogNotifier,
+ iDialogInfoDes, iDialogResponseDes);
+
+ // Wait until error note completes
+ User::WaitForRequest(status);
+
+ if (status != KErrCancel)
+ {
+ ret = ETrue;
+ }
+
+ LOG_1("<- CVpnPolicyInstaller::ShowConfirmNoteL(), ret: %d", ret);
+ return ret;
+ }
+
+void CVpnPolicyInstaller::ShowWaitNoteL(TInt aNoteId)
+ {
+
+ LOG_("-> CVpnPolicyInstaller::ShowWaitNoteL()");
+
+ iWaitNoteHandler = CImportWaitNoteHandler::NewL(this);
+
+ iWaitNoteHandler->StartWaitNote(aNoteId);
+
+ LOG_("<- CVpnPolicyInstaller::ShowWaitNoteL()");
+ }
+
+void CVpnPolicyInstaller::CancelWaitNote()
+ {
+ LOG_("-> CVpnPolicyInstaller::CancelWaitNote()");
+ if (iWaitNoteHandler)
+ {
+ iWaitNoteHandler->Cancel();
+ delete iWaitNoteHandler;
+ iWaitNoteHandler = NULL;
+ }
+ LOG_("<- CVpnPolicyInstaller::CancelWaitNote()");
+ }
+
+void CVpnPolicyInstaller::UserCancelledWait()
+ {
+ LOG_("-> CVpnPolicyInstaller::UserCancelledWait()");
+
+ DoCancel();
+
+ LOG_("<- CVpnPolicyInstaller::UserCancelledWait()");
+ }
+
+
+
+
+/////////////////////////////////////////////////////////////
+// Device lock / pkcs#12 installation specific part
+// of implementation
+
+void CVpnPolicyInstaller::ApplyDevLockSettingsL()
+ {
+ // See whether change to devlock settings was requested
+ if (iDevLockPolicy > 0)
+ {
+ // If device supports VPN devlock operations, set the settings
+ // Otherwise it's an error -- unless device lock was
+ // defined "optional" in the VPN command file
+ if (iDevSupportsDevLock)
+ {
+ CVpnDevLockHandler* dlh = CVpnDevLockHandler::NewLC();
+
+ dlh->SetTerminalControlPolicyL(iDevLockPolicy);
+ CleanupStack::PopAndDestroy(dlh);
+ }
+ else if (iDevLockRequired)
+ {
+ User::Leave(KErrAccessDenied);
+ }
+ }
+ }
+void CVpnPolicyInstaller::ProcessBundleContentsL()
+ {
+ LOG_("-> CVpnPolicyInstaller::ProcessBundleContentsL()");
+
+
+ CVpnBundleHandler* bundler = CVpnBundleHandler::NewLC(KTempDirectory);
+
+ bundler->AnalyzeBundleContentsL();
+
+ if (bundler->CommandFileExists())
+ {
+ LOG_(" Bundle command file exists");
+ HBufC8* cmdXml = bundler->ExtractCommandFileDataL();
+ CleanupStack::PushL(cmdXml);
+
+ ExtractCommandParametersL(*cmdXml);
+
+ CleanupStack::PopAndDestroy(cmdXml);
+ }
+
+
+ TBool okToContinue = ConfirmDeviceLockUseL();
+
+ if (okToContinue)
+ {
+ // Extract PKCS#12-contained security objects and save them to disk
+ if (bundler->PKCS12FileExists())
+ {
+ LOG_(" Bundle P12 file exists");
+ HBufC8* pkcs12 = bundler->ExtractPKCS12DataL();
+ CleanupStack::PushL(pkcs12);
+
+ if (iP12Password)
+ {
+ ExtractPKCS12ObjectsL(*pkcs12, *iP12Password);
+ }
+ else
+ {
+ ExtractPKCS12ObjectsL(*pkcs12, KNullDesC);
+ }
+
+ CleanupStack::PopAndDestroy(pkcs12);
+ }
+ }
+ else
+ {
+ LOG_(" User cancelled device lock install, halting import");
+ User::Leave(KErrCancel);
+ }
+
+ CleanupStack::PopAndDestroy(bundler);
+
+ LOG_("<- CVpnPolicyInstaller::ProcessBundleContentsL()");
+ }
+
+void CVpnPolicyInstaller::ExtractPKCS12ObjectsL(const TDesC8& aData, const TDesC& aPwd)
+ {
+ LOG_("-> CVpnPolicyInstaller::ExtractPKCS12ObjectsL()");
+ CPKCS12Handler* p12handler = CPKCS12Handler::NewLC();
+ p12handler->SaveSecurityObjectsToDiskL(aData, aPwd, KTempDirectory);
+ CleanupStack::PopAndDestroy(p12handler);
+ LOG_("<- CVpnPolicyInstaller::ExtractPKCS12ObjectsL()");
+ }
+
+void CVpnPolicyInstaller::ExtractCommandParametersL(const TDesC8& aData)
+ {
+ LOG_("-> CVpnPolicyInstaller::ExtractCommandParametersL()");
+
+ CCmdFileParser* parser = new (ELeave) CCmdFileParser();
+ CleanupStack::PushL(parser);
+
+ parser->ParseL(aData);
+
+ #ifdef ATS_BUILD
+ delete iP12Password; iP12Password = NULL;
+ #endif
+
+ iP12Password = parser->GetParsedValueStrL(KCmdPKCS12PasswordUri);
+ parser->GetParsedValueIntL(KCmdDevlockPolicyUri, iDevLockPolicy);
+ parser->GetParsedValueBoolL(KCmdDevlockRequiredUri, iDevLockRequired);
+
+ if (iP12Password)
+ {
+ LOG_1(" PASSWORD: '%S'", iP12Password);
+ }
+
+ LOG_1(" Requested devlock policy: %d", iDevLockPolicy);
+ LOG_1(" Devlock mandatory: %d", iDevLockRequired);
+ LOG_(" Popping from stack");
+
+ CleanupStack::PopAndDestroy(parser);
+
+ LOG_("<- CVpnPolicyInstaller::ExtractCommandParametersL()");
+ }
+
+TInt CVpnPolicyInstaller::IsDeviceLockAvailable()
+ {
+ LOG_("-> CVpnPolicyInstaller::IsDeviceLockAvailableL()");
+ TInt status(KErrNone);
+
+ CVpnDevLockHandler* dlh = CVpnDevLockHandler::NewLC();
+
+ TRAP(status, dlh->TerminalControlSupportsVpnL());
+ if (status == KErrNone)
+ {
+ iDevSupportsDevLock = ETrue;
+ }
+ else
+ {
+ iDevSupportsDevLock = EFalse;
+ }
+
+ CleanupStack::PopAndDestroy(dlh);
+
+ LOG_1("<- CVpnPolicyInstaller::IsDeviceLockAvailableL() ret: %d", status);
+ return status;
+ }
+
+TBool CVpnPolicyInstaller::ConfirmDeviceLockUseL()
+ {
+ TBool ret(EFalse);
+
+ // If device lock was requested, check whether we can use it
+ if (iDevLockPolicy > 0)
+ {
+ TInt dlError = IsDeviceLockAvailable();
+ LOG_1(" Device lock status: %d", dlError);
+
+ if (dlError != KErrNone)
+ {
+ // We might still be able to continue,
+ // depending on whether device lock configuration
+ // is mandatory (or just optional).
+ // Mandatory status is defined in the vpn cmd file.
+ if (dlError != KErrAccessDenied)
+ {
+ User::Leave(dlError);
+ }
+
+ if (iDevLockRequired)
+ {
+ LOG_1("<- CVpnPolicyInstaller::ProcessBundleContentsL() LEAVE: %d",
+ dlError);
+ User::Leave(dlError);
+ }
+ else
+ {
+ CancelWaitNote();
+ LOG_(" Couldn't set device lock, but it's not mandatory. Proceeding");
+ ret = ShowConfirmNote();
+ }
+ }
+ else
+ {
+ CancelWaitNote();
+ LOG_(" Showing device lock confirmation note");
+ ret = ShowDevLockConfirmNote();
+ }
+ }
+ else
+ {
+ CancelWaitNote();
+ LOG_(" No changes required to device lock");
+ #ifdef ATS_BUILD
+ ret = ETrue;
+ #else
+ ret = ShowConfirmNote();
+ #endif
+ }
+ return ret;
+ }
+
+
+
+////////////////////////////////////////////////////////////////
+// WaitNoteHandler class implementation
+
+CImportWaitNoteHandler::CImportWaitNoteHandler(CVpnPolicyInstaller* aCallBack) :
+ CActive(EPriorityStandard), iCallBack(aCallBack)
+ {
+ LOG_("-> CImportWaitNoteHandler::CImportWaitNoteHandler()");
+ CActiveScheduler::Add(this);
+ LOG_("-> CImportWaitNoteHandler::CImportWaitNoteHandler()");
+ }
+
+CImportWaitNoteHandler::~CImportWaitNoteHandler()
+ {
+ LOG_("-> CImportWaitNoteHandler::~CImportWaitNoteHandler()");
+ Cancel();
+ LOG_("<- CImportWaitNoteHandler::~CImportWaitNoteHandler()");
+ }
+
+void CImportWaitNoteHandler::DoCancel()
+ {
+ LOG_("-> CImportWaitNoteHandler::DoCancel()");
+
+ iNotifier.CancelNotifier(KUidVpnDialogNotifier);
+ iNotifier.Close();
+
+ LOG_("<- CImportWaitNoteHandler::DoCancel()");
+ }
+
+void CImportWaitNoteHandler::ConstructL()
+ {
+ User::LeaveIfError(iNotifier.Connect());
+ }
+
+// Codescanner complains about non-leaving L function.
+// Sadly, there's little we can do...
+void CImportWaitNoteHandler::RunL()
+ {
+ LOG_("-> CImportWaitNoteHandler::RunL()");
+ TInt status = iStatus.Int();
+ LOG_1(" Status: %d", status);
+ if (status == KErrCancel)
+ {
+ LOG_(" CANCEL");
+ iCallBack->UserCancelledWait();
+ }
+
+ LOG_("<- CImportWaitNoteHandler::RunL()");
+ }
+
+TInt CImportWaitNoteHandler::RunError(TInt aError)
+ {
+ LOG_1("-> CImportWaitNoteHandler::RunError() %d", aError);
+ Cancel();
+ LOG_("<- CImportWaitNoteHandler::RunError()");
+
+ // Remove compiler warning in urel case
+ aError = aError;
+
+ return KErrNone;
+ }
+
+void CImportWaitNoteHandler::StartWaitNote(TInt aNoteId)
+ {
+ LOG_("-> CImportWaitNoteHandler::StartWaitNote()");
+
+ TVpnDialogInfo dialogInfo(aNoteId, 0);
+ iDialogInfoDes() = dialogInfo;
+
+ iNotifier.StartNotifierAndGetResponse(iStatus, KUidVpnDialogNotifier,
+ iDialogInfoDes, iDialogResponseDes);
+
+ SetActive();
+ LOG_("<- CImportWaitNoteHandler::StartWaitNote()");
+ }
+
+CImportWaitNoteHandler* CImportWaitNoteHandler::NewL(CVpnPolicyInstaller* aCallBack)
+ {
+ CImportWaitNoteHandler* self = new (ELeave) CImportWaitNoteHandler(aCallBack);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/src/vpnbundlehandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,332 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility class for .VPN bundle content analysis
+*
+*/
+
+
+
+#include <e32std.h>
+
+#include "vpnbundlehandler.h"
+#include "policyinstaller_constants.h"
+#include "logvpncommon.h"
+
+
+CVpnBundleHandler* CVpnBundleHandler::NewL(const TDesC& aBundleDir)
+ {
+ LOG_("-> CVpnBundleHandler::NewL()");
+
+ CVpnBundleHandler* self = new (ELeave) CVpnBundleHandler(aBundleDir);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ LOG_("<- CVpnBundleHandler::NewL()");
+
+ return self;
+ }
+
+CVpnBundleHandler* CVpnBundleHandler::NewLC(const TDesC& aBundleDir)
+ {
+ LOG_("-> CVpnBundleHandler::NewLC()");
+
+ CVpnBundleHandler* self = new (ELeave) CVpnBundleHandler(aBundleDir);
+ CleanupStack::PushL(self);
+ self->ConstructL();
+
+ LOG_("<- CVpnBundleHandler::NewLC()");
+
+ return self;
+ }
+
+CVpnBundleHandler::CVpnBundleHandler(const TDesC& aBundleDir) : iBundleFileDir(aBundleDir)
+ {
+ }
+
+CVpnBundleHandler::~CVpnBundleHandler()
+ {
+ LOG_("-> CVpnBundleHandler::~CVpnBundleHandler()");
+
+ delete iPKCS12FileName;
+ delete iCommandFileName;
+ iFileServer.Close();
+
+ LOG_("<- CVpnBundleHandler::~CVpnBundleHandler()");
+ }
+
+void CVpnBundleHandler::ConstructL()
+ {
+ LOG_("-> CVpnBundleHandler::ConstructL()");
+
+ User::LeaveIfError(iFileServer.Connect());
+
+ LOG_("<- CVpnBundleHandler::ConstructL()");
+ }
+
+void CVpnBundleHandler::AnalyzeBundleContentsL()
+ {
+ LOG_("-> CVpnBundleHandler::AnalyzeBundleContentsL()");
+
+ // Check whether a command file exists. Leave if more than one exist.
+ LocateCommandFileL();
+
+ // Check whether a PKCS#12 file exists. Leave if more than one exist.
+ LocatePKCS12FileL();
+
+ LOG_("<- CVpnBundleHandler::AnalyzeBundleContentsL()");
+ }
+
+TBool CVpnBundleHandler::CommandFileExists() const
+ {
+ LOG_("-> CVpnBundleHandler::CommandFileExists()");
+
+ TBool ret(EFalse);
+ if (iCommandFileName)
+ {
+ ret = ETrue;
+ }
+
+ LOG_1("<- CVpnBundleHandler::CommandFileExists() ret: %d", ret);
+
+ return ret;
+ }
+
+TBool CVpnBundleHandler::PKCS12FileExists() const
+ {
+ LOG_("-> CVpnBundleHandler::PKCS12FileExists() ");
+
+ TBool ret(EFalse);
+ if (iPKCS12FileName)
+ {
+ ret = ETrue;
+ }
+
+ LOG_1("<- CVpnBundleHandler::PKCS12FileExists() ret: %d", ret);
+
+ return ret;
+ }
+
+HBufC8* CVpnBundleHandler::ExtractPKCS12DataL()
+ {
+ LOG_("-> CVpnBundleHandler::ExtractPKCS12DataL()");
+
+ TInt dataLen(0);
+ HBufC8* ret(NULL);
+
+ ASSERT(iPKCS12FileName);
+
+ // Read binary PKCS#12 data from file and into an 8bit descr
+ RFile file;
+ CleanupClosePushL(file);
+
+ LOG_(" Opening command file for reading");
+ User::LeaveIfError(file.Open(iFileServer,
+ *iPKCS12FileName,
+ EFileStream|EFileRead));
+ User::LeaveIfError(file.Size(dataLen));
+
+ LOG_1(" File data length: %d bytes", dataLen);
+
+ ret = HBufC8::NewLC(dataLen);
+ TPtr8 dataptr = ret->Des();
+
+ LOG_1(" Data length before read: %d B", dataptr.Length());
+
+ LOG_(" Reading...");
+ User::LeaveIfError(file.Read(dataptr));
+
+ LOG_1(" Data length after read: %d B", dataptr.Length());
+
+ CleanupStack::Pop(ret); // control transferred
+
+ LOG_(" Closing file");
+ CleanupStack::PopAndDestroy(); // file
+
+ LOG_1("<- CVpnBundleHandler::ExtractPKCS12DataL() len: %d", dataLen);
+
+ return ret;
+ }
+
+HBufC8* CVpnBundleHandler::ExtractCommandFileDataL()
+ {
+ LOG_("-> CVpnBundleHandler::ExtractCommandFileDataL()");
+
+ TInt dataLen(0);
+ HBufC8* ret(NULL);
+
+
+ ASSERT(iCommandFileName);
+
+ // Read ASCII cmd file data from file and into an 8bit descr
+ RFile file;
+ CleanupClosePushL(file);
+
+ LOG_(" Opening command file for reading");
+ User::LeaveIfError(file.Open(iFileServer,
+ *iCommandFileName,
+ EFileStreamText|EFileRead));
+ User::LeaveIfError(file.Size(dataLen));
+
+ LOG_1(" File data length: %d bytes", dataLen);
+
+ ret = HBufC8::NewLC(dataLen);
+ TPtr8 dataptr = ret->Des();
+
+ LOG_1(" Data length before read: %d B", dataptr.Length());
+
+ LOG_(" Reading...");
+ User::LeaveIfError(file.Read(dataptr));
+
+ LOG_1(" Data length after read: %d B", dataptr.Length());
+
+ CleanupStack::Pop(ret); // control transferred
+ LOG_(" Closing file");
+ CleanupStack::PopAndDestroy(); // file
+
+ LOG_1("<- CVpnBundleHandler::ExtractCommandFileDataL() len: %d", dataLen);
+
+ return ret;
+ }
+
+/**
+ * Find PKCS#12 file from the temp dir the .vpn file was extracted to.
+ */
+void CVpnBundleHandler::LocateCommandFileL()
+ {
+ LOG_("-> CVpnBundleHandler::LocateCommandFileL()");
+
+ TFindFile fileFinder(iFileServer);
+ CDir* fileList(NULL);
+
+
+
+ LOG_1(" Search argument: '%S'", &(KCommandFilePattern()));
+ LOG_1(" Search path: '%S'", &iBundleFileDir);
+
+ // Find the command file using the pattern .p12
+ TInt ret = fileFinder.FindWildByDir(KCommandFilePattern,
+ iBundleFileDir, fileList);
+
+ if (ret == KErrNone)
+ {
+ CleanupStack::PushL(fileList);
+
+ // Only allow one or less command files in the VPN bundle
+ if (fileList->Count() > 1)
+ {
+ LOG_("<- CVpnBundleHandler::LocateCommandFileL() LEAVE: multiple command files");
+ User::Leave(KErrArgument);
+ }
+
+ // At the moment, there may be exactly 0 or 1 command files,
+ // so the loop isn't strictly necessary. However,
+ // in the future it may be deemed necessary to support
+ // multiple command files.
+ for (TInt i = 0; i < fileList->Count(); i++)
+ {
+ LOG_1(" Processing cmdfile number %d", (i+1));
+ TParse fileNameParser;
+ fileNameParser.Set((*fileList)[i].iName, NULL, NULL);
+
+ LOG_1(" Found cmdfile: '%S'", &(fileNameParser.FullName()));
+ if (iCommandFileName)
+ {
+ delete iCommandFileName;
+ iCommandFileName = NULL;
+ }
+
+ // Allocate heap for the filename
+ iCommandFileName = HBufC::NewL(fileNameParser.FullName().Length() +
+ iBundleFileDir.Length());
+ //Concatenate the path + filename
+ iCommandFileName->Des().Append(iBundleFileDir);
+ iCommandFileName->Des().Append(fileNameParser.FullName());
+ }
+
+ CleanupStack::PopAndDestroy(fileList);
+ }
+ else if (ret != KErrNotFound)
+ {
+ User::Leave(ret);
+ }
+
+ LOG_("<- CVpnBundleHandler::LocateCommandFileL()");
+ }
+
+/**
+ * Find PKCS#12 file from the temp dir the .vpn file was extracted to.
+ */
+void CVpnBundleHandler::LocatePKCS12FileL()
+ {
+ LOG_("-> CVpnBundleHandler::LocatePKCS12FileL()");
+
+ TFindFile fileFinder(iFileServer);
+ CDir* fileList(NULL);
+
+ LOG_1(" Search argument: '%S'", &(KPKCS12Pattern()));
+ LOG_1(" Search path: '%S'", &iBundleFileDir);
+
+ // Find the PCKS#12 file using the pattern .p12
+ TInt ret = fileFinder.FindWildByDir(KPKCS12Pattern,
+ iBundleFileDir,
+ fileList);
+
+ if (ret == KErrNone)
+ {
+ CleanupStack::PushL(fileList);
+
+ // Only allow one or less command files in the VPN bundle
+ if (fileList->Count() > 1)
+ {
+ LOG_("<- CVpnBundleHandler::LocatePKCS12FileL() LEAVE: multiple p12 files");
+ User::Leave(KErrArgument);
+ }
+
+ // At the moment, there may be exactly 0 or 1 p12 files,
+ // so the loop isn't strictly necessary. However,
+ // in the future it may be deemed necessary to support
+ // multiple p12 files.
+ for (TInt i = 0; i < fileList->Count(); i++)
+ {
+ LOG_1(" Processing p12 number %d", (i+1));
+ TParse fileNameParser;
+ fileNameParser.Set((*fileList)[i].iName, NULL, NULL);
+
+ LOG_1(" Found p12: '%S'", &(fileNameParser.FullName()));
+ if (iPKCS12FileName)
+ {
+ delete iPKCS12FileName;
+ iPKCS12FileName = NULL;
+ }
+
+ // Allocate heap for the filename
+ iPKCS12FileName = HBufC::NewL(fileNameParser.FullName().Length() +
+ iBundleFileDir.Length());
+ //Concatenate the path + filename
+ iPKCS12FileName->Des().Append(iBundleFileDir);
+ iPKCS12FileName->Des().Append(fileNameParser.FullName());
+ }
+
+ CleanupStack::PopAndDestroy(fileList);
+ }
+ else if (ret != KErrNotFound)
+ {
+ User::Leave(ret);
+ }
+
+ LOG_("<- CVpnBundleHandler::LocatePKCS12FileL()");
+ }
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/src/vpndevlockhandler.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,679 @@
+/*
+* Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Utility classes for device lock handling
+*
+*/
+
+
+
+#include <e32std.h>
+
+#include "vpndevlockhandler.h"
+#include "policyinstaller_constants.h"
+#include "logvpncommon.h"
+#include "vpntcstub.h"
+
+
+// 64bit integer's string representation can be at
+// most 20 bytes (+ sign) long...
+#define MAX_INT_STR_LEN 21
+
+
+//////////////
+// CVpnDevLockPolicy implementation
+
+CVpnDevLockPolicy* CVpnDevLockPolicy::NewL(const TInt aPolicy)
+ {
+ LOG_("-> CVpnDevLockPolicy::NewL()");
+
+ CVpnDevLockPolicy* self = new (ELeave) CVpnDevLockPolicy();
+ CleanupStack::PushL(self);
+ self->ConstructL(aPolicy);
+ CleanupStack::Pop(self);
+
+ LOG_("<- CVpnDevLockPolicy::NewL()");
+
+ return self;
+ }
+
+CVpnDevLockPolicy* CVpnDevLockPolicy::NewLC(const TInt aPolicy)
+ {
+ LOG_("-> CVpnDevLockPolicy::NewLC()");
+
+ CVpnDevLockPolicy* self = new (ELeave) CVpnDevLockPolicy();
+ CleanupStack::PushL(self);
+ self->ConstructL(aPolicy);
+
+ LOG_("<- CVpnDevLockPolicy::NewLC()");
+
+ return self;
+ }
+
+CVpnDevLockPolicy* CVpnDevLockPolicy::NewLC()
+ {
+ LOG_("-> CVpnDevLockPolicy::NewLC()");
+
+ CVpnDevLockPolicy* self = new (ELeave) CVpnDevLockPolicy();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+
+ LOG_("<- CVpnDevLockPolicy::NewLC()");
+
+ return self;
+ }
+
+CVpnDevLockPolicy::CVpnDevLockPolicy()
+ {
+ }
+
+CVpnDevLockPolicy::~CVpnDevLockPolicy()
+ {
+ LOG_("-> CVpnDevLockPolicy::CVpnDevLockPolicy()");
+
+ // Delete each entry from the policy attributes array,
+ // and then reset the array itself
+ if (iPolicyArray)
+ {
+ for (TInt i = iPolicyArray->Count() - 1; i >= 0; i--)
+ {
+ delete iPolicyArray->At(i);
+ }
+ iPolicyArray->Reset();
+ }
+
+ delete iPolicyArray;
+
+ LOG_("<- CVpnDevLockPolicy::CVpnDevLockPolicy()");
+ }
+
+void CVpnDevLockPolicy::ConstructL(const TInt aPolicy)
+ {
+ LOG_("-> CVpnDevLockPolicy::ConstructL()");
+ ConstructL();
+ SetPolicyLevelL(aPolicy);
+ LOG_("<- CVpnDevLockPolicy::ConstructL()");
+ }
+
+void CVpnDevLockPolicy::ConstructL()
+ {
+ LOG_("-> CVpnDevLockPolicy::ConstructL()");
+ iPolicyArray = new (ELeave) CArrayFixFlat<CVpnDevLockAttribute*>(3);
+ LOG_("<- CVpnDevLockPolicy::ConstructL()");
+ }
+
+void CVpnDevLockPolicy::SetPolicyAttributeL(const TInt aAttrib, const TInt aVal)
+ {
+ LOG_("-> CVpnDevLockPolicy::SetPolicyAttributeL() int variant");
+
+ CVpnDevLockAttribute* attrib = CVpnDevLockAttribute::NewL(aAttrib, aVal);
+ CleanupStack::PushL(attrib);
+ iPolicyArray->AppendL(attrib);
+
+ // ownership's been transferred to array
+ CleanupStack::Pop(attrib);
+
+
+ // Remove this (or rather flag for debug builds only)
+ TInt val(0);
+ attrib->AttributeValueAsIntL(val);
+
+ LOG_1(" Items in array: %d", iPolicyArray->Count());
+ LOG8_1(" Attrib ID: %d", attrib->AttributeId());
+ LOG8_1(" Attrib val: %d", val);
+
+ LOG_("<- CVpnDevLockPolicy::SetPolicyAttributeL() int variant");
+ }
+
+
+void CVpnDevLockPolicy::SetPolicyAttributeL(const TInt aAttrib, const TDesC8& aVal)
+ {
+ LOG_("-> CVpnDevLockPolicy::SetPolicyAttributeL() str variant");
+
+ // Create a new attribute and add it to the existing array of attributes
+ CVpnDevLockAttribute* attrib = CVpnDevLockAttribute::NewL(aAttrib, aVal);
+ CleanupStack::PushL(attrib);
+ iPolicyArray->AppendL(attrib);
+
+ // ownership's been transferred to array
+ CleanupStack::Pop(attrib);
+
+ LOG8_1(" Attrib ID: %d", attrib->AttributeId());
+
+ LOG_("<- CVpnDevLockPolicy::SetPolicyAttributeL() str variant");
+ }
+
+/**
+ * Description of device lock levels (from SUB 415-467)
+ *
+ * 0. Do not enforce device lock
+ * - installing this policy has no impact on the device lock settings
+ * 1. Enforce device lock with policy 1
+ * - no special requirements on lock code
+ * - autolock timeout 30 minutes
+ * - wipe after 20 unsuccessful unlocking attempts
+ * 2. Enforce device lock with policy 2
+ * - lock code minimum length 5 characters
+ * - autolock timeout 10 minutes
+ * - wipe after 10 unsuccessful unlocking attempts
+ * 3. Enforce device lock with policy 3
+ * - lock code mimimum length 5 characters
+ * - both characters and numbers required
+ * - both upper and lower case letters required
+ * - passcode expires every 30 days and must be changed
+ * - new passcode must not match any of the 5 previous passcodes
+ * - autolock timeout 5 minutes
+ * - wipe after 10 unsuccessful unlocking attempts
+ *
+ */
+void CVpnDevLockPolicy::SetPolicyLevelL(const TInt aPolLevel)
+ {
+ LOG_("-> CVpnDevLockPolicy::SetPolicyLevelL()");
+
+ LOG_1(" Setting policy level: %d", aPolLevel);
+
+ // Setting the policy level
+ // See VPN device lock SUB for exact device lock policy level descriptions
+ switch (aPolLevel)
+ {
+ case 0:
+ // No changes to existing devlock policy,
+ // when policy level is 0
+ break;
+ case 1:
+ // Only enforce timeout and max number of passcode attempts
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::ETimeout, 30);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeMaxAttempts, 20);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EMaxTimeout, 30);
+ break;
+ case 2:
+ // Enforce stricter timeout as well, and a minimum length for passcode
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::ETimeout, 10);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeMinLength, 5);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeMaxAttempts, 10);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EMaxTimeout, 10);
+ break;
+ case 3:
+ // Enforce even more password-related rules
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::ETimeout, 5);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeMinLength, 5);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeMaxAttempts, 10);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeRequireCharsAndNumbers,
+ 1);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeRequireUpperAndLower,
+ 1);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeExpiration, 30);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EPasscodeHistoryBuffer, 5);
+ SetPolicyAttributeL(RTerminalControl3rdPartySession::EMaxTimeout, 5);
+ break;
+ default:
+ // Policy levels 4+ not supported, leave (tried to instantiate an illegal policy)
+ LOG_("<- CVpnDevLockPolicy::SetPolicyLevelL() LEAVE: illegal policy level");
+ User::Leave(KErrNotSupported);
+ break;
+ }
+
+ LOG_("<- CVpnDevLockPolicy::SetPolicyLevelL()");
+ }
+
+TInt CVpnDevLockPolicy::AttributeCount()
+ {
+ LOG_("-> CVpnDevLockPolicy::AttributeCount()");
+
+ TInt ret(0);
+ if (iPolicyArray)
+ {
+ ret = iPolicyArray->Count();
+ }
+
+ LOG_1("<- CVpnDevLockPolicy::AttributeCount() ret: %d", ret);
+ return ret;
+ }
+
+CVpnDevLockAttribute* CVpnDevLockPolicy::GetPolicyAttributeAt(const TInt aIdx)
+ {
+ LOG_("-> CVpnDevLockPolicy::GetPolicyAttributeAt()");
+ CVpnDevLockAttribute* ret(NULL);
+
+ if (iPolicyArray && (aIdx < iPolicyArray->Count()))
+ {
+ LOG_1(" Found valid attribute at index %d", aIdx);
+ ret = iPolicyArray->At(aIdx);
+ }
+
+ LOG_("<- CVpnDevLockPolicy::GetPolicyAttributeAt()");
+ return ret;
+ }
+
+
+//////////////
+// CVpnDevLockHandler implementation
+
+/**
+ * Constructor, and
+ *
+ */
+CVpnDevLockHandler::CVpnDevLockHandler()
+ {
+ LOG_("-> CVpnDevLockHandler::CVpnDevLockHandler()");
+
+ LOG_("<- CVpnDevLockHandler::CVpnDevLockHandler()");
+ }
+
+void CVpnDevLockHandler::ConstructL()
+ {
+ // Connect to terminal control (if available)
+ LoadTCLibraryL();
+ }
+
+void CVpnDevLockHandler::LoadTCLibraryL()
+ {
+ LOG_("-> CVpnDevLockHandler::LoadTCLibraryL()");
+
+ TInt status = iTcLib.Load(KVpnDevLockWrapperDll, KNullUid);
+
+ LOG_1(" DLL load status: %d", status);
+
+ if (status == KErrNone)
+ {
+ LOG_(" Suitable library found, instantiating dev lock object");
+
+ TLibraryFunction entry = iTcLib.Lookup(1);
+
+ // Entry point function (NewTcStubL) might leave,
+ // although it isn't readily obvious from the syntax
+ iTcStub = (CVpnTcStub*)entry();
+
+ LOG_(" Dev lock object instantiated");
+ iDevLockAvailable = ETrue;
+ }
+ else
+ {
+ LOG_(" No suitable library found!");
+ iDevLockAvailable = EFalse;
+ }
+
+ LOG_("<- CVpnDevLockHandler::LoadTCLibraryL()");
+ }
+
+CVpnDevLockHandler::~CVpnDevLockHandler()
+ {
+ LOG_("-> CVpnDevLockHandler::CVpnDevLockHandler()");
+
+ LOG_(" Deleting TC stub");
+ delete iTcStub;
+
+ LOG_(" Closing TC library");
+ iTcLib.Close();
+
+ LOG_("<- CVpnDevLockHandler::CVpnDevLockHandler()");
+ }
+
+void CVpnDevLockHandler::TerminalControlSupportsVpnL()
+ {
+ LOG_("-> CVpnDevLockHandler::TerminalControlSupportsVpnL()");
+
+ HBufC8* attrib(NULL);
+
+ // If the lib stub is available, try to read a device lock attribute
+ // (read may fail))
+ if (iTcStub)
+ {
+ LOG_(" TC stub is valid");
+ attrib = iTcStub->GetTCAttributeL(RTerminalControl3rdPartySession::ETimeout);
+
+ if (attrib)
+ {
+ LOG8_1(" Attribute: '%S'", attrib);
+ delete attrib;
+ }
+ else
+ {
+ LOG_(" Attribute couldn't be read");
+ User::Leave(KErrAccessDenied);
+ }
+ }
+ else
+ {
+ LOG_(" No stub available, terminating");
+ User::Leave(KErrAccessDenied);
+ }
+
+ LOG_("<- CVpnDevLockHandler::TerminalControlSupportsVpnL()");
+ }
+
+void CVpnDevLockHandler::SetTerminalControlPolicyL(const TInt aPolLevel)
+ {
+ LOG_("-> CVpnDevLockHandler::SetTerminalControlPolicyL()");
+ LOG_1(" Setting policy level %d", aPolLevel);
+
+ CVpnDevLockPolicy* devpolicy = CVpnDevLockPolicy::NewL(aPolLevel);
+ CleanupStack::PushL(devpolicy);
+
+ // Iterate through all the attributes that VPN policy requires.
+ // For each one found, check if it's stricter than the old device lock setting,
+ // and only if that is the case, update the actual value on device.
+
+ TInt attribs = devpolicy->AttributeCount();
+ LOG_1(" Iterating through %d attributes", attribs);
+
+ TBool forceLock(EFalse);
+
+ for (TInt i = 0; i < attribs; i++)
+ {
+ CVpnDevLockAttribute* attrib = devpolicy->GetPolicyAttributeAt(i);
+ if (!attrib)
+ {
+ LOG_("<- CVpnDevLockHandler::SetTerminalControlPolicyL() LEAVE: Not found");
+ User::Leave(KErrNotFound);
+ }
+
+ LOG_1(" Attribute ID: %d", attrib->AttributeId());
+
+ // Only set the attribute if the existing one was not as strict
+ // (definition of "strict" depends on attribute's semantics)
+ TBool override(EFalse);
+ TRAPD(err, override = OverrideExistingL(*attrib));
+
+ if ((err == KErrNone && override) || err == KErrNotFound)
+ {
+ SetDevAttributeL(*attrib);
+ forceLock = ETrue;
+ }
+
+ }
+
+ // If at least one lock parameter was (succesfully) changed, force device lock after
+ // import
+ if (forceLock)
+ {
+ LOG_(" Forcing device lock activation");
+
+ // Force lock
+ CVpnDevLockAttribute* attrib = CVpnDevLockAttribute::NewL(RTerminalControl3rdPartySession::ELock,
+ 1);
+ CleanupStack::PushL(attrib);
+
+ // Expire password (force password change)
+ CVpnDevLockAttribute* attrib2 =
+ CVpnDevLockAttribute::NewL(RTerminalControl3rdPartySession::EPasscodeExpiration, -1);
+ CleanupStack::PushL(attrib2);
+
+ LOG_(" Expiring old passcode");
+ SetDevAttributeL(*attrib2);
+ CleanupStack::PopAndDestroy(attrib2);
+
+ LOG_(" Forcing device lock");
+ SetDevAttributeL(*attrib);
+ CleanupStack::PopAndDestroy(attrib);
+ }
+
+
+ CleanupStack::PopAndDestroy(devpolicy);
+
+ LOG_("<- CVpnDevLockHandler::SetTerminalControlPolicyL()");
+ }
+
+TBool CVpnDevLockHandler::OverrideExistingL(const CVpnDevLockAttribute& aNew)
+ {
+ LOG_("-> CVpnDevLockHandler::OverrideExisting()");
+ TBool ret(EFalse);
+
+ HBufC8* existingAttrib = GetDevAttribValueL(aNew.AttributeId());
+ CleanupStack::PushL(existingAttrib);
+
+ // At the moment, we can rely on the fact that all relevant
+ // attributes are numerical... This may change in future
+ TInt newVal(-1);
+ TInt oldVal(-1);
+ TLex8 lexer(*existingAttrib);
+ User::LeaveIfError(lexer.Val(oldVal));
+ aNew.AttributeValueAsIntL(newVal);
+
+ switch (aNew.AttributeId())
+ {
+ case RTerminalControl3rdPartySession::ETimeout:
+ // If device lock timeout is set to lower value than the old one,
+ // then we need to update the policy
+ LOG_(" Case ETimeout");
+ if (newVal < oldVal || oldVal == 0)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeMinLength:
+ // If passcode minimum length requirement is longer than the
+ // old one, then we need to update the policy
+ LOG_(" Case EPasscodeMinLength");
+ if (newVal > oldVal)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeMaxAttempts:
+ // If max attempts lower, override
+ LOG_(" Case EPasscodeMaxAttempts");
+ if (newVal < oldVal || oldVal == 0)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeRequireCharsAndNumbers:
+ // If alphanum requirement didn't exist before, override
+ LOG_(" Case EPasscodeRequireCharsAndNumbers");
+ if (newVal > oldVal)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeRequireUpperAndLower:
+ // If UC/LC requirement didn't exist before, override
+ LOG_(" Case EPasscodeRequireUpperAndLower");
+ if (newVal > oldVal)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeExpiration:
+ // If less days before passcode expiration, override
+ LOG_(" Case EPasscodeExpiration");
+ if (newVal < oldVal || oldVal == 0)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EPasscodeHistoryBuffer:
+ // If the proposed passcode history is longer, override
+ LOG_(" Case EPasscodeHistoryBuffer");
+ if (newVal > oldVal)
+ {
+ ret = ETrue;
+ }
+ break;
+ case RTerminalControl3rdPartySession::EMaxTimeout:
+ // If the proposed max timeout is shorter, override
+ LOG_(" Case EMaxTimeout");
+ if ((oldVal == 0) || (newVal < oldVal))
+ {
+ ret = ETrue;
+ }
+ break;
+ default:
+ LOG_(" ERROR: Case default, unknown attribute!");
+ User::Leave(KErrNotFound);
+ break;
+ }
+ CleanupStack::PopAndDestroy(existingAttrib);
+
+ LOG_1(" Old value: %d", oldVal);
+ LOG_1(" New value: %d", newVal);
+ LOG( if (ret)
+ {
+ LOG_(" => Old value needs to be updated");
+ }
+ );
+
+ LOG_1("<- CVpnDevLockHandler::OverrideExisting() ret: %d", ret);
+ return ret;
+ }
+
+HBufC8* CVpnDevLockHandler::GetDevAttribValueL(const TInt aAttribId)
+ {
+ LOG_("-> CVpnDevLockHandler::GetDevAttribValueL()");
+
+ HBufC8* buffer(NULL);
+
+ if (iTcStub)
+ {
+ buffer = iTcStub->GetTCAttributeL(aAttribId);
+ if (buffer)
+ {
+ LOG8_1(" Buffer: '%S'", buffer);
+ }
+ }
+
+ LOG_("<- CVpnDevLockHandler::GetDevAttribValueL()");
+
+ return buffer;
+ }
+
+void CVpnDevLockHandler::SetDevAttributeL(const CVpnDevLockAttribute& aNew)
+ {
+ LOG_("-> CVpnDevLockHandler::SetDevAttribValueL()");
+
+ if (iTcStub)
+ {
+ iTcStub->SetTCAttributeL(aNew.AttributeId(), aNew.AttributeValue());
+ }
+
+ LOG_("<- CVpnDevLockHandler::SetDevAttribValueL()");
+ }
+
+
+//////////////
+// CVpnDevLockAttribute implementation
+
+CVpnDevLockAttribute* CVpnDevLockAttribute::NewL(const TInt aId, const TDesC8& aVal)
+ {
+ LOG_("-> CVpnDevLockAttribute::NewL()");
+
+ CVpnDevLockAttribute* self = new (ELeave) CVpnDevLockAttribute();
+ CleanupStack::PushL(self);
+ self->ConstructL(aId, aVal);
+ CleanupStack::Pop(self);
+
+ LOG_("<- CVpnDevLockAttribute::NewL()");
+ return self;
+ }
+
+CVpnDevLockAttribute* CVpnDevLockAttribute::NewL(const TInt aId, const TInt aVal)
+ {
+ LOG_("-> CVpnDevLockAttribute::NewL()");
+
+ CVpnDevLockAttribute* self = new (ELeave) CVpnDevLockAttribute();
+ CleanupStack::PushL(self);
+ self->ConstructL(aId, aVal);
+ CleanupStack::Pop(self);
+
+ LOG_("<- CVpnDevLockAttribute::NewL()");
+ return self;
+ }
+
+CVpnDevLockAttribute* CVpnDevLockAttribute::NewLC(const TInt aId, const TDesC8& aVal)
+ {
+ LOG_("-> CVpnDevLockAttribute::NewLC()");
+
+ CVpnDevLockAttribute* self = new (ELeave) CVpnDevLockAttribute();
+ CleanupStack::PushL(self);
+ self->ConstructL(aId, aVal);
+
+ LOG_("<- CVpnDevLockAttribute::NewLC()");
+
+ return self;
+ }
+
+CVpnDevLockAttribute::~CVpnDevLockAttribute()
+ {
+ LOG_("-> CVpnDevLockAttribute::~CVpnDevLockAttribute()");
+ delete iAttributeVal;
+ LOG_("<- CVpnDevLockAttribute::~CVpnDevLockAttribute()");
+ }
+
+CVpnDevLockAttribute::CVpnDevLockAttribute()
+ {
+ LOG_("-> CVpnDevLockAttribute::CVpnDevLockAttribute()");
+ LOG_("<- CVpnDevLockAttribute::CVpnDevLockAttribute()");
+ }
+
+void CVpnDevLockAttribute::ConstructL(const TInt aId, const TDesC8& aVal)
+ {
+ iAttributeId = aId;
+ iAttributeVal = aVal.AllocL();
+ }
+
+void CVpnDevLockAttribute::ConstructL(const TInt aId, const TInt aVal)
+ {
+ // Convert int to a string
+ iAttributeId = aId;
+ TBuf8<MAX_INT_STR_LEN> buf;
+ buf.Num(aVal);
+ iAttributeVal = buf.AllocL();
+ }
+
+TPtrC8 CVpnDevLockAttribute::AttributeValue() const
+ {
+ return *iAttributeVal;
+ }
+
+void CVpnDevLockAttribute::AttributeValueAsIntL(TInt& aVal) const
+ {
+ if (iAttributeVal)
+ {
+ TLex8 lexer(*iAttributeVal);
+ User::LeaveIfError(lexer.Val(aVal));
+ }
+ }
+
+TInt CVpnDevLockAttribute::AttributeId() const
+ {
+ return iAttributeId;
+ }
+
+
+
+CVpnDevLockHandler* CVpnDevLockHandler::NewL()
+ {
+ LOG_("-> CVpnDevLockHandler::NewL()");
+
+ CVpnDevLockHandler* self = new (ELeave) CVpnDevLockHandler();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+
+ LOG_("<- CVpnDevLockAttribute::NewL()");
+ return self;
+ }
+
+CVpnDevLockHandler* CVpnDevLockHandler::NewLC()
+ {
+ LOG_("-> CVpnDevLockAttribute::NewLC()");
+
+ CVpnDevLockHandler* self = new (ELeave) CVpnDevLockHandler();
+ CleanupStack::PushL(self);
+ self->ConstructL();
+
+ LOG_("<- CVpnDevLockAttribute::NewLC()");
+
+ return self;
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnui/vpnpolins/src/zipfiledecompressor.cpp Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,308 @@
+/*
+* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Uncompress the zipped vpn policies.
+*
+*/
+
+
+
+#include "zipfiledecompressor.h"
+
+#include <zipfile.h>
+#include <bautils.h>
+
+CZipFileDecompressor* CZipFileDecompressor::NewL()
+ {
+ CZipFileDecompressor* self = new (ELeave) CZipFileDecompressor;
+ CleanupStack::PushL(self);
+ self->ConstructL();
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+
+CZipFileDecompressor::CZipFileDecompressor()
+: CActive(EPriorityStandard)
+ {
+ CActiveScheduler::Add(this);
+ }
+
+
+void CZipFileDecompressor::ConstructL()
+ {
+ User::LeaveIfError(iFileServer.Connect());
+ }
+
+
+CZipFileDecompressor::~CZipFileDecompressor()
+ {
+ Cancel();
+
+ iUncompressedFile.Close();
+ delete iUncompressedData;
+
+ delete iZipFileMemberIterator;
+ delete iZipFile;
+
+ if (iCloseZippedFile)
+ {
+ iZippedFile.Close();
+ iCloseZippedFile = EFalse;
+ }
+
+ iFileServer.Close();
+ }
+
+
+void CZipFileDecompressor::DecompressZipFile(const TDesC& aSourceFile,
+ const TDesC& aTargetDir,
+ TRequestStatus& aClientStatus)
+ {
+ __ASSERT_ALWAYS(!IsActive(), User::Invariant());
+
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ RFile zippedFile;
+ TInt err = zippedFile.Open(iFileServer, aSourceFile, EFileRead);
+ if (err == KErrNone)
+ {
+ iCloseZippedFile = ETrue;
+ DecompressZipFile(zippedFile,
+ aTargetDir,
+ aClientStatus);
+ }
+ else
+ {
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, err);
+ }
+ }
+
+
+
+void CZipFileDecompressor::DecompressZipFile(RFile& aSourceFile,
+ const TDesC& aTargetDir,
+ TRequestStatus& aClientStatus)
+ {
+ __ASSERT_ALWAYS(!IsActive(), User::Invariant());
+ iClientStatus = &aClientStatus;
+ *iClientStatus = KRequestPending;
+
+ TRAPD(err, DecompressZipFileL(aSourceFile, aTargetDir));
+ if (err != KErrNone)
+ {
+ iStatus = KRequestPending;
+ SetActive();
+
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, err);
+ }
+ }
+
+
+void CZipFileDecompressor::DecompressZipFileL(RFile& aSourceFile,
+ const TDesC& aTargetDir)
+ {
+
+ iZippedFile = aSourceFile;
+
+ BaflUtils::EnsurePathExistsL(iFileServer, aTargetDir);
+ User::LeaveIfError(iFileServer.SetSessionPath(aTargetDir));
+
+ iZipFile = CZipFile::NewL(iFileServer, iZippedFile);
+
+ iZipFileMemberIterator = iZipFile->GetMembersL();
+
+ CZipFileMember* member = iZipFileMemberIterator->NextL();
+ if (!member)
+ {
+ User::Leave(KErrArgument);
+ }
+ CleanupStack::PushL(member);
+ DecompressNextMemberL(*member);
+ CleanupStack::PopAndDestroy(member);
+ }
+
+
+void CZipFileDecompressor::DecompressNextMemberL(CZipFileMember& aMember)
+ {
+ __ASSERT_ALWAYS(!iUncompressedFile.SubSessionHandle(),
+ User::Invariant());
+ __ASSERT_ALWAYS(!iUncompressedData, User::Invariant());
+
+
+ //Ignore entries that has zero uncompressed size.
+ //(This includes e.g. directories)
+ if (aMember.UncompressedSize() > 0)
+ {
+ const TChar KDirectorySeparator('\\');
+
+ TUint32 uncompressedSize = aMember.UncompressedSize();
+ HBufC8* uncompressedData = HBufC8::NewLC(uncompressedSize);
+
+ RZipFileMemberReaderStream* readerStream;
+ User::LeaveIfError(iZipFile->GetInputStreamL(&aMember, readerStream));
+ CleanupStack::PushL(readerStream);
+
+ TPtr8 uncompressedDataPtr = uncompressedData->Des();
+ User::LeaveIfError(readerStream->Read(uncompressedDataPtr,
+ uncompressedDataPtr.MaxLength()));
+
+ CleanupStack::PopAndDestroy(readerStream);
+
+ HBufC* fileName = aMember.Name()->AllocLC();
+ TPtr fileNamePtr= fileName->Des();
+ TInt lastDirectorySeparator = fileName->LocateReverse(KDirectorySeparator);
+ if (lastDirectorySeparator >= 0)
+ {
+ fileNamePtr = fileName->Mid(lastDirectorySeparator+1);
+ }
+
+ TParsePtr fileNameParser(fileNamePtr);
+
+ User::LeaveIfError(iUncompressedFile.Replace(iFileServer,
+ fileNameParser.NameAndExt(),
+ EFileWrite));
+ CleanupStack::PopAndDestroy(fileName);
+
+ CleanupStack::Pop(uncompressedData);
+ iUncompressedData = uncompressedData;
+
+ iUncompressedFile.Write(*iUncompressedData, iStatus);
+ SetActive();
+ }
+ else
+ {
+ iStatus = KRequestPending;
+ SetActive();
+ TRequestStatus* ownStatus = &iStatus;
+ User::RequestComplete(ownStatus, KErrNone);
+ }
+ }
+
+
+
+void CZipFileDecompressor::RunL()
+ {
+ delete iUncompressedData;
+ iUncompressedData = NULL;
+
+ iUncompressedFile.Close();
+
+ if (iStatus.Int() == KErrNone)
+ {
+ CZipFileMember* member = iZipFileMemberIterator->NextL();
+ if (member)
+ {
+ CleanupStack::PushL(member);
+ DecompressNextMemberL(*member);
+ CleanupStack::PopAndDestroy(member);
+ }
+ else
+ {
+ delete iZipFileMemberIterator;
+ iZipFileMemberIterator = NULL;
+
+ delete iZipFile;
+ iZipFile = NULL;
+
+ if (iCloseZippedFile)
+ {
+ iZippedFile.Close();
+ iCloseZippedFile = EFalse;
+ }
+
+
+ User::RequestComplete(iClientStatus, KErrNone);
+ }
+ }
+ else
+ {
+ delete iZipFileMemberIterator;
+ iZipFileMemberIterator = NULL;
+
+ delete iZipFile;
+ iZipFile = NULL;
+
+ if (iCloseZippedFile)
+ {
+ iZippedFile.Close();
+ iCloseZippedFile = EFalse;
+ }
+
+
+ User::RequestComplete(iClientStatus, iStatus.Int());
+ }
+ }
+
+
+void CZipFileDecompressor::DoCancel()
+ {
+ //No Cancel for write...
+ }
+
+
+void CZipFileDecompressor::Cancel()
+ {
+ CActive::Cancel();
+
+ delete iUncompressedData;
+ iUncompressedData = NULL;
+
+ iUncompressedFile.Close();
+
+ delete iZipFileMemberIterator;
+ iZipFileMemberIterator = NULL;
+
+ delete iZipFile;
+ iZipFile = NULL;
+
+ if (iCloseZippedFile)
+ {
+ iZippedFile.Close();
+ iCloseZippedFile = EFalse;
+ }
+
+
+ }
+
+TInt CZipFileDecompressor::RunError(TInt aError)
+ {
+ delete iUncompressedData;
+ iUncompressedData = NULL;
+
+ iUncompressedFile.Close();
+
+ delete iZipFileMemberIterator;
+ iZipFileMemberIterator = NULL;
+
+ delete iZipFile;
+ iZipFile = NULL;
+
+ if (iCloseZippedFile)
+ {
+ iZippedFile.Close();
+ iCloseZippedFile = EFalse;
+ }
+
+
+ User::RequestComplete(iClientStatus, aError);
+
+ return KErrNone;
+ }
+
