FCL/sf/os/networkingsrv: comparison networksecurity/ipsec/ipsec6/src/spdb.cpp

equal deleted inserted replaced

-:bb2423252ea3
+:c1029e558ef5
 /**
 @file spdb.cpp
 */
-#include <featdiscovery.h>
-#include <featureuids.h>
-#include <networking/pfkeyv2.h>
-#include <networking/ipsecerr.h>
-#include <e32std.h>
-#include "sa_spec.h"
 #include "epdb.h"
 #include "spdb.h"
+#include <networking/pfkeyv2.h>
+#include "sa_spec.h"
+#include <networking/ipsecerr.h>
+#ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
+#include <e32std.h>
+#endif // SYMBIAN_IPSEC_VOIP_SUPPORT
 #ifndef OLD_SELECTOR_ORDERING
 /** @deprecated
 * The old syntax allowed total mixing of "filter" and "selector"
 * keywords. The new syntax requires the filter keywords (outbound,
 * inbound, merge, final, etc.) to precede any real selectors.
 private:
 	void ParseEndPointL();
 	void SetAddressOrEndPointL(RIpAddress &aAddr, TInt aMask, TInt aError);
 	void ParseAddressL(RIpAddress &aAddr, TInt aMask, TInt aError);
 	void ParseAddressAndMaskL(RIpAddress &aAddr, RIpAddress& aMask);
-	void ParseSecurityBundleL(RPolicyActions &aBundle, CTransportSelector *aTS, CPolicySelector* aPs);//UMA support
 	void ParseSecurityBundleL(RPolicyActions &aBundle, CTransportSelector *aTS);
-	void CheckFeatureSupportL(TUid aFeature);
 #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
 	void ParseAssociationParametersL(CPolicySpec *aSpec);
 #else
 	void ParseAssociationParametersL(TSecurityAssocSpec &aSpec);
 #endif //SYMBIAN_IPSEC_VOIP_SUPPORT
 	void SkipSpaceAndMark();
 #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
 	token_type CheckProposalCloseAndMoreProposals(TInt &aPropBraces);
 	CSecurityProposalSpec* CreateProposalL(CPropList& aPropList);
 #endif //SYMBIAN_IPSEC_VOIP_SUPPORT
-private:
 	TPtrC iToken;			//< The current token.
 	CSecurityPolicy *iSp;	//< The result of the parsing operation, The new policy
 	REndPoints &iEp;		//< The End Point collection to use for the named endpoints.
-	TBool iIPSecGANSupported; //To check whether FF_IPSEC_UMA_SUPPORT_ENABLE is defined and UMA supported
 	};
 #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
 CSecurityProposalSpec* TParser::CreateProposalL(CPropList& aPropList)
 	{
 #else
 	ParseAssociationParametersL(ps->iSpec);
 #endif // SYMBIAN_IPSEC_VOIP_SUPPORT
 	}
-/**
-* Parse security actions
-* @code [ sa-name '(' [ address ] ')' ]* '}'
-* @endcode
-*
-* Parse a (possibly empty) list of references to security specifications. This will
-* be the bundle of security actions for a selector.
-*
-* @retval aActions The colleted actions
-* @param aTS The traffic selector.
-* @param aPS the policy selector
-* * This is called only when UMA/ GAN is supported.
-*/
-void TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS, CPolicySelector *aPs)
-{
-LOG(Log::Printf(_L("TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS, CPolicySelector *aPs)")));
-if(iIPSecGANSupported)
-{
-LOG(Log::Printf(_L("TParser::ParseSecurityBundleL: UMA supported FF_IPSEC_UMA_SUPPORT_ENABLE defined")));
-}
-else
-{
-LOG(Log::Printf(_L("TParser::ParseSecurityBundleL:functionality not suppoted.FF_IPSEC_UMA_SUPPORT_ENABLE not defined")));
-User::Leave(KErrNotSupported);
-}
-_LIT(K_tunnel,  "tunnel");
-token_type val;
-TUint opt = 0;
-_LIT(K_Exception,  "UMAException");//UMA exception defined
-for (;;)
-{
-val = NextToken();
-//
-// Experimental addition, allow optional bundle items
-// by prefixing them with '?'...
-//
-if (opt == 0 && val == token_question)
-{
-opt = 1;
-continue;
-}
-else if (val != token_string)
-break;
-// A temporary(?) special kluge: if the keyword is 'tunnel'
-// assume this is a plain tunnel specification, without any
-// relation to the IPSEC. if nobody defined a "tunnel" sa
-// specification. (should probably disallow 'tunnel' as SA
-// spec name, to avoid confusion.. )
-//
-CPolicySpec *spec = iSp->FindSpec(iToken);
-if(spec== NULL && !iToken.Compare(K_Exception))
-{
-LOG(Log::Printf(_L("Found Exception Policy identifier")));
-//FInd Next token... Things looks hacky here. IPsec really need re-designing.
-TInt tokenVal = (TInt)NextToken();
-LOG(Log::Printf(_L("NextToken value is = [%d]"),tokenVal));
-TBuf8<32> buf;
-buf.Copy(iToken);
-TLex8 lex(buf);
-TInt scope;
-lex.Val(scope);
-//assiging scope to the policy. This will be policy selector with Exception scope being setalong with
-//exception flags
-aPs->iScope_Exception = scope;
-LOG(Log::Printf(_L("TParser::ParseSecurityBundleL, Exception tunnel Scope is = [%d]"),scope));
-while((val = NextToken())!= token_brace_right)
-{
-//do nothing
-}  //while
-break;
-}
-// A temporary(?) special kluge: if the keyword is 'tunnel'
-// assume this is a plain tunnel specification, without any
-// relation to the IPSEC. if nobody defined a "tunnel" sa
-// specification. (should probably disallow 'tunnel' as SA
-// spec name, to avoid confusion.. )
-//
-if (spec == NULL && iToken.Compare(K_tunnel) != 0)
-User::Leave(EIpsec_PolicySpecNotFound);
-if (NextToken() != token_par_left)
-User::Leave(EIpsec_PolicyLeftParen);
-CPolicyAction *action = new (ELeave) CPolicyAction;
-if (aActions.Append(action) != KErrNone)
-{
-action->Close();
-User::Leave(KErrNoMemory);
-}
-if ((action->iSpec = spec) != NULL)
-spec->Open();
-// Record the current selector into each action (this is to make it
-// easier to generate the TS list into Acquire message).
-if ((action->iTS = aTS) != NULL)
-aTS->Open();
-action->iOptional = opt;
-if ((val = NextToken()) == token_string)
-{
-SetAddressOrEndPointL(action->iTunnel, 0, EIpsec_PolicyInvalidIpAddress);
-action->iIsTunnel = 1;  // Flag a tunnel.
-val = NextToken();
-}
-if (val != token_par_right)
-User::Leave(EIpsec_PolicyRightParen);
-opt = 0;        // Optional only affects single item at time.
-}
-if (val != token_brace_right)
-User::Leave(EIpsec_PolicyCloseBraceExpected);
-}
-/**
-* Parse security actions
-* @code [ sa-name '(' [ address ] ')' ]* '}'
-* @endcode
-*
-* Parse a (possibly empty) list of references to security specifications. This will
-* be the bundle of security actions for a selector.
-*
-* @retval aActions The colleted actions
-* @param aTS The traffic selector.
-* This is called in case of No UMA/ GAN support.
-*/
 void TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS)
-//#endif
+	/**
+	* Parse security actions
+	* @code [ sa-name '(' [ address ] ')' ]* '}'
+	* @endcode
+	*
+	* Parse a (possibly empty) list of references to security specifications. This will
+	* be the bundle of security actions for a selector.
+	*
+	* @retval aActions The colleted actions
+	* @param aTS The traffic selector.
+	*/
 	{
 	_LIT(K_tunnel,	"tunnel");
 	token_type val;
 		// relation to the IPSEC. if nobody defined a "tunnel" sa
 		// specification. (should probably disallow 'tunnel' as SA
 		// spec name, to avoid confusion.. )
 		//
 		CPolicySpec *spec = iSp->FindSpec(iToken);
-// A temporary(?) special kluge: if the keyword is 'tunnel'
-// assume this is a plain tunnel specification, without any
-// relation to the IPSEC. if nobody defined a "tunnel" sa
-// specification. (should probably disallow 'tunnel' as SA
-// spec name, to avoid confusion.. )
-//
 		if (spec == NULL && iToken.Compare(K_tunnel) != 0)
 			User::Leave(EIpsec_PolicySpecNotFound);
 		if (NextToken() != token_par_left)
 			User::Leave(EIpsec_PolicyLeftParen);
 		{
 		KEYWORD("final"),
 		KEYWORD("merge"),
 		KEYWORD("outbound"),
 		KEYWORD("inbound"),
-		KEYWORD("UMAExceptionTrafficSelector"), //UMA support
 		KEYWORD("if"),
 		};
 	enum	// Order must be exactly the same as above
 		{
 		KEYENUM(final),
 		KEYENUM(merge),
 		KEYENUM(outbound),
 		KEYENUM(inbound),
-		KEYENUM(UMAExceptionTrafficSelector),//exception bits
 		KEYENUM(if),
 		KEYENUM(max_parameters)
 		};
 	_LIT(K_drop, "drop");
 	token_type val;
-CheckFeatureSupportL(NFeature::KFeatureIdFfIpsecUmaSupportEnable);
 	//
 	aPs = new (ELeave) CPolicySelector();
 	//
 	// ...by default the "merge" must be off to match.
 			case E_if:
 				if (aPs->iInterface || NextToken() != token_string)
 					User::Leave(EIpsec_PolicySyntaxError);	// <-- need own error code?
 				aPs->iInterface = iSp->LookupInterfaceL(iToken);
 				break;
-			case E_UMAExceptionTrafficSelector:
-if(iIPSecGANSupported)
-{
-//UMA support
-LOG(Log::Printf(_L("TParser::ParseSelectorL Setting Exception selector flag")));
-//The flags signifies special case for UMA/exception selectors. These selectors
-//will be present in case when there is no inbound and bypass filter data or selectors
-//are set. This selector will only allow traffic whose scope match the exception scope
-aPs->iFilterData|=KPolicyFilter_Exception;
-aPs->iFilterMask |= KPolicyFilter_Exception;
-}
-else
-{
-LOG(Log::Printf(_L("TParser::ParseSelectorL error GAN/ UMA feature is not enabled ")));
-}
-	               break;
 			default:
 				val = TransportSelectorL(aPs->iTS);
 #if OLD_SELECTOR_ORDERING
 				if (Lookup(list, E_max_parameters, iToken) < E_max_parameters)
 					goto check_again;
 wrapup:
 	if (val != token_equal)
 		User::Leave(EIpsec_PolicySyntaxError);
 	if (NextToken() == token_brace_left)
-	    {
+		ParseSecurityBundleL(aPs->iActions, aPs->iTS);
-	  //UMA support RE417-40027
-if(iIPSecGANSupported)
-{
-ParseSecurityBundleL(aPs->iActions, aPs->iTS, aPs);
-}
-else
-{
-ParseSecurityBundleL(aPs->iActions, aPs->iTS);
-}
-	    }
 	else if (iToken.Compare(K_drop) == 0)
 		aPs->iFilterData |= KPolicyFilter_DROP;
 	else
 		User::Leave(EIpsec_PolicySyntaxError);
 	}
 #endif
 TParser::TParser(CSecurityPolicy *aSp, const TDesC &aPolicy, REndPoints &aEp) :
 	TLex(aPolicy), iSp(aSp), iEp(aEp)
 	{
-	}
-/**
-* To check the feature support
-*/
-void TParser::CheckFeatureSupportL(TUid aFeature)
-{
-// Check Gan support from feature manager
-iIPSecGANSupported = CFeatureDiscovery::IsFeatureSupportedL(aFeature);
-if(iIPSecGANSupported != (TInt)ETrue)
-		{
-		LOG(Log::Printf(_L("TParser::CheckFeatureSupport Error Checking Feature Support")));
-		}
-		else
-		{
-		LOG(Log::Printf(_L("TParser::CheckFeatureSupport %d Feature Supported %d"),aFeature,iIPSecGANSupported));
-		}
 	}
 void TParser::ParseL(TUint aStartOffset)
 	/**
 	* Parse complete security policy

branch	RCL_3
changeset 75	c1029e558ef5
parent 58	8d540f55e491