diff -r bb2423252ea3 -r c1029e558ef5 networksecurity/ipsec/ipsec6/src/spdb.cpp --- a/networksecurity/ipsec/ipsec6/src/spdb.cpp Wed Sep 15 13:53:10 2010 +0300 +++ b/networksecurity/ipsec/ipsec6/src/spdb.cpp Wed Oct 13 16:17:27 2010 +0300 @@ -20,16 +20,14 @@ /** @file spdb.cpp */ -#include -#include -#include -#include -#include - -#include "sa_spec.h" #include "epdb.h" #include "spdb.h" - +#include +#include "sa_spec.h" +#include +#ifdef SYMBIAN_IPSEC_VOIP_SUPPORT +#include +#endif // SYMBIAN_IPSEC_VOIP_SUPPORT #ifndef OLD_SELECTOR_ORDERING /** @deprecated * The old syntax allowed total mixing of "filter" and "selector" @@ -168,10 +166,7 @@ void SetAddressOrEndPointL(RIpAddress &aAddr, TInt aMask, TInt aError); void ParseAddressL(RIpAddress &aAddr, TInt aMask, TInt aError); void ParseAddressAndMaskL(RIpAddress &aAddr, RIpAddress& aMask); - void ParseSecurityBundleL(RPolicyActions &aBundle, CTransportSelector *aTS, CPolicySelector* aPs);//UMA support void ParseSecurityBundleL(RPolicyActions &aBundle, CTransportSelector *aTS); - void CheckFeatureSupportL(TUid aFeature); - #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT void ParseAssociationParametersL(CPolicySpec *aSpec); #else @@ -188,12 +183,9 @@ token_type CheckProposalCloseAndMoreProposals(TInt &aPropBraces); CSecurityProposalSpec* CreateProposalL(CPropList& aPropList); #endif //SYMBIAN_IPSEC_VOIP_SUPPORT - -private: TPtrC iToken; //< The current token. CSecurityPolicy *iSp; //< The result of the parsing operation, The new policy REndPoints &iEp; //< The End Point collection to use for the named endpoints. - TBool iIPSecGANSupported; //To check whether FF_IPSEC_UMA_SUPPORT_ENABLE is defined and UMA supported }; #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT @@ -864,140 +856,18 @@ #endif // SYMBIAN_IPSEC_VOIP_SUPPORT } -/** -* Parse security actions -* @code [ sa-name '(' [ address ] ')' ]* '}' -* @endcode -* -* Parse a (possibly empty) list of references to security specifications. This will -* be the bundle of security actions for a selector. -* -* @retval aActions The colleted actions -* @param aTS The traffic selector. -* @param aPS the policy selector -* * This is called only when UMA/ GAN is supported. -*/ -void TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS, CPolicySelector *aPs) - { - - LOG(Log::Printf(_L("TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS, CPolicySelector *aPs)"))); - - if(iIPSecGANSupported) - { - LOG(Log::Printf(_L("TParser::ParseSecurityBundleL: UMA supported FF_IPSEC_UMA_SUPPORT_ENABLE defined"))); - } - else - { - LOG(Log::Printf(_L("TParser::ParseSecurityBundleL:functionality not suppoted.FF_IPSEC_UMA_SUPPORT_ENABLE not defined"))); - User::Leave(KErrNotSupported); - } - - _LIT(K_tunnel, "tunnel"); - - token_type val; - - TUint opt = 0; - _LIT(K_Exception, "UMAException");//UMA exception defined - for (;;) - { - val = NextToken(); - // - // Experimental addition, allow optional bundle items - // by prefixing them with '?'... - // - if (opt == 0 && val == token_question) - { - opt = 1; - continue; - } - else if (val != token_string) - break; - // A temporary(?) special kluge: if the keyword is 'tunnel' - // assume this is a plain tunnel specification, without any - // relation to the IPSEC. if nobody defined a "tunnel" sa - // specification. (should probably disallow 'tunnel' as SA - // spec name, to avoid confusion.. ) - // - CPolicySpec *spec = iSp->FindSpec(iToken); - - if(spec== NULL && !iToken.Compare(K_Exception)) - { - LOG(Log::Printf(_L("Found Exception Policy identifier"))); - //FInd Next token... Things looks hacky here. IPsec really need re-designing. - TInt tokenVal = (TInt)NextToken(); - LOG(Log::Printf(_L("NextToken value is = [%d]"),tokenVal)); - - TBuf8<32> buf; - buf.Copy(iToken); - TLex8 lex(buf); - TInt scope; - lex.Val(scope); - - //assiging scope to the policy. This will be policy selector with Exception scope being setalong with - //exception flags - aPs->iScope_Exception = scope; - LOG(Log::Printf(_L("TParser::ParseSecurityBundleL, Exception tunnel Scope is = [%d]"),scope)); - while((val = NextToken())!= token_brace_right) - { - //do nothing - } //while - break; - } - - // A temporary(?) special kluge: if the keyword is 'tunnel' - // assume this is a plain tunnel specification, without any - // relation to the IPSEC. if nobody defined a "tunnel" sa - // specification. (should probably disallow 'tunnel' as SA - // spec name, to avoid confusion.. ) - // - if (spec == NULL && iToken.Compare(K_tunnel) != 0) - User::Leave(EIpsec_PolicySpecNotFound); - - if (NextToken() != token_par_left) - User::Leave(EIpsec_PolicyLeftParen); - - CPolicyAction *action = new (ELeave) CPolicyAction; - if (aActions.Append(action) != KErrNone) - { - action->Close(); - User::Leave(KErrNoMemory); - } - if ((action->iSpec = spec) != NULL) - spec->Open(); - // Record the current selector into each action (this is to make it - // easier to generate the TS list into Acquire message). - if ((action->iTS = aTS) != NULL) - aTS->Open(); - action->iOptional = opt; - - if ((val = NextToken()) == token_string) - { - SetAddressOrEndPointL(action->iTunnel, 0, EIpsec_PolicyInvalidIpAddress); - action->iIsTunnel = 1; // Flag a tunnel. - val = NextToken(); - } - if (val != token_par_right) - User::Leave(EIpsec_PolicyRightParen); - opt = 0; // Optional only affects single item at time. - } - if (val != token_brace_right) - User::Leave(EIpsec_PolicyCloseBraceExpected); - } - -/** -* Parse security actions -* @code [ sa-name '(' [ address ] ')' ]* '}' -* @endcode -* -* Parse a (possibly empty) list of references to security specifications. This will -* be the bundle of security actions for a selector. -* -* @retval aActions The colleted actions -* @param aTS The traffic selector. -* This is called in case of No UMA/ GAN support. -*/ void TParser::ParseSecurityBundleL(RPolicyActions &aActions, CTransportSelector *aTS) -//#endif + /** + * Parse security actions + * @code [ sa-name '(' [ address ] ')' ]* '}' + * @endcode + * + * Parse a (possibly empty) list of references to security specifications. This will + * be the bundle of security actions for a selector. + * + * @retval aActions The colleted actions + * @param aTS The traffic selector. + */ { _LIT(K_tunnel, "tunnel"); @@ -1026,13 +896,6 @@ // spec name, to avoid confusion.. ) // CPolicySpec *spec = iSp->FindSpec(iToken); - - // A temporary(?) special kluge: if the keyword is 'tunnel' - // assume this is a plain tunnel specification, without any - // relation to the IPSEC. if nobody defined a "tunnel" sa - // specification. (should probably disallow 'tunnel' as SA - // spec name, to avoid confusion.. ) - // if (spec == NULL && iToken.Compare(K_tunnel) != 0) User::Leave(EIpsec_PolicySpecNotFound); @@ -1279,7 +1142,6 @@ KEYWORD("merge"), KEYWORD("outbound"), KEYWORD("inbound"), - KEYWORD("UMAExceptionTrafficSelector"), //UMA support KEYWORD("if"), }; @@ -1289,7 +1151,6 @@ KEYENUM(merge), KEYENUM(outbound), KEYENUM(inbound), - KEYENUM(UMAExceptionTrafficSelector),//exception bits KEYENUM(if), KEYENUM(max_parameters) @@ -1298,9 +1159,6 @@ _LIT(K_drop, "drop"); token_type val; - - CheckFeatureSupportL(NFeature::KFeatureIdFfIpsecUmaSupportEnable); - // aPs = new (ELeave) CPolicySelector(); @@ -1344,22 +1202,6 @@ User::Leave(EIpsec_PolicySyntaxError); // <-- need own error code? aPs->iInterface = iSp->LookupInterfaceL(iToken); break; - case E_UMAExceptionTrafficSelector: - if(iIPSecGANSupported) - { - //UMA support - LOG(Log::Printf(_L("TParser::ParseSelectorL Setting Exception selector flag"))); - //The flags signifies special case for UMA/exception selectors. These selectors - //will be present in case when there is no inbound and bypass filter data or selectors - //are set. This selector will only allow traffic whose scope match the exception scope - aPs->iFilterData|=KPolicyFilter_Exception; - aPs->iFilterMask |= KPolicyFilter_Exception; - } - else - { - LOG(Log::Printf(_L("TParser::ParseSelectorL error GAN/ UMA feature is not enabled "))); - } - break; default: val = TransportSelectorL(aPs->iTS); #if OLD_SELECTOR_ORDERING @@ -1376,18 +1218,7 @@ if (val != token_equal) User::Leave(EIpsec_PolicySyntaxError); if (NextToken() == token_brace_left) - { - //UMA support RE417-40027 - if(iIPSecGANSupported) - { - ParseSecurityBundleL(aPs->iActions, aPs->iTS, aPs); - } - else - { - ParseSecurityBundleL(aPs->iActions, aPs->iTS); - - } - } + ParseSecurityBundleL(aPs->iActions, aPs->iTS); else if (iToken.Compare(K_drop) == 0) aPs->iFilterData |= KPolicyFilter_DROP; else @@ -1401,24 +1232,6 @@ TParser::TParser(CSecurityPolicy *aSp, const TDesC &aPolicy, REndPoints &aEp) : TLex(aPolicy), iSp(aSp), iEp(aEp) { - - } -/** - * To check the feature support - */ -void TParser::CheckFeatureSupportL(TUid aFeature) - { - // Check Gan support from feature manager - iIPSecGANSupported = CFeatureDiscovery::IsFeatureSupportedL(aFeature); - - if(iIPSecGANSupported != (TInt)ETrue) - { - LOG(Log::Printf(_L("TParser::CheckFeatureSupport Error Checking Feature Support"))); - } - else - { - LOG(Log::Printf(_L("TParser::CheckFeatureSupport %d Feature Supported %d"),aFeature,iIPSecGANSupported)); - } } void TParser::ParseL(TUint aStartOffset)