|
1 /* |
|
2 * Copyright (c) 2005-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: CEapVpnInterfaceImplementation |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #ifndef __EAPPLUGIN_H__ |
|
20 #define __EAPPLUGIN_H__ |
|
21 |
|
22 // INCLUDES |
|
23 #include <d32dbms.h> |
|
24 |
|
25 #include <wdbifwlansettings.h> |
|
26 #include "eap_vpn_if.h" |
|
27 #include "abs_eap_core.h" |
|
28 #include "eapol_session_key.h" |
|
29 #include "eap_core.h" |
|
30 #include "eap_am_tools_symbian.h" |
|
31 #include "EapType.h" |
|
32 #include "EapolTimer.h" |
|
33 |
|
34 // FORWARD DECLARATIONS |
|
35 class CEapType; |
|
36 class eap_am_tools_symbian_c; |
|
37 class eap_file_config_c; |
|
38 |
|
39 /** |
|
40 * Class: CEapVpnInterfaceImplementation |
|
41 * |
|
42 * Description: Implements the EAP over IKEv2 adaptation |
|
43 * This is concrete class, instance of which |
|
44 * ECOM framework gives to ECOM clients. |
|
45 */ |
|
46 class CEapVpnInterfaceImplementation |
|
47 : public CEapVpnInterface |
|
48 , public abs_eap_core_c |
|
49 , public abs_eap_base_timer_c |
|
50 { |
|
51 public: |
|
52 /** |
|
53 * Function: NewL |
|
54 * |
|
55 * Description: Create instance of concrete implementation. Note that ECOM |
|
56 * interface implementations can only have two signatures for |
|
57 * NewL: |
|
58 * - NewL without parameters (used here) |
|
59 * - NewL with TAny* pointer, which may provide some client |
|
60 * data |
|
61 * |
|
62 * @return Instance of this class. |
|
63 * |
|
64 * Note: The interface, which is abstract base class of this |
|
65 * implementation, also provides NewL method. Normally abstract |
|
66 * classes do not provide NewL, because they cannot create |
|
67 * instances of themselves. |
|
68 */ |
|
69 static CEapVpnInterfaceImplementation* NewL(TAbsEapVpnInterfaceParams* aParams); |
|
70 |
|
71 virtual ~CEapVpnInterfaceImplementation(); |
|
72 // Virtual functions from CEapVpnInterface |
|
73 /** |
|
74 * Function: StartL |
|
75 * |
|
76 * Description: Initializes the eap plugin |
|
77 * |
|
78 * @param aType name of requested eap type implementation. |
|
79 * |
|
80 */ |
|
81 virtual TInt StartL(const TUint8 aEapType); |
|
82 /** |
|
83 * Function: EapConfigure |
|
84 * |
|
85 * Description: Configures the eap plugin |
|
86 * |
|
87 * @param aManualUsername The username, if not zero |
|
88 * @param aManualRealm The realm, if not zero |
|
89 * @param aManualRealmPrefix The realm prefix, if not zero |
|
90 * @param aHideInitialIdentity Scramble username, if true |
|
91 * |
|
92 */ |
|
93 virtual TInt EapConfigure(TDesC8& aManualUsername, TDesC8& aManualRealm, TDesC8& aRealmPrefix, TBool aHideInitialIdentity); |
|
94 |
|
95 /** |
|
96 * Function: QueryIdentity |
|
97 * |
|
98 * Description: Ask the identity |
|
99 */ |
|
100 virtual TInt QueryIdentity(); |
|
101 |
|
102 /** |
|
103 * Function: EapInbound |
|
104 * |
|
105 * Description: Handle incoming Eap message |
|
106 * |
|
107 * @param aMessage incoming eap message. |
|
108 * |
|
109 */ |
|
110 virtual TInt EapInbound(const TDesC8& aMessage); |
|
111 |
|
112 // Virtual callback functions, called by the eap_core |
|
113 |
|
114 /** |
|
115 * The derived class could send packets to partner class with this function. |
|
116 * @see abs_eap_base_type_c::packet_send(). |
|
117 */ |
|
118 virtual eap_status_e packet_send( |
|
119 const eap_am_network_id_c * const network_id, |
|
120 eap_buf_chain_wr_c * const sent_packet, |
|
121 const u32_t header_offset, |
|
122 const u32_t data_length, |
|
123 const u32_t buffer_length); |
|
124 |
|
125 /** |
|
126 * The get_header_offset() function obtains the header offset of EAP-packet. |
|
127 * @see abs_eap_base_type_c::get_header_offset(). |
|
128 */ |
|
129 virtual u32_t get_header_offset( |
|
130 u32_t * const MTU, |
|
131 u32_t * const trailer_length); |
|
132 |
|
133 /** |
|
134 * The load_module() function function indicates the lower level to |
|
135 * load new module of EAP-type. |
|
136 * @param type is the requested EAP-type. |
|
137 * @param partner is pointer to the caller object. |
|
138 * The partner of the new created EAP-type object is the caller object. |
|
139 * @param eap_type is a pointer to a pointer of EAP-type object. |
|
140 * Adaptation module sets eap_type pointer to created EAP-type object. |
|
141 * @param is_client_when_true parameter indicates whether the network entity should |
|
142 * act as a client (true) or server (false), in terms of EAP-protocol whether |
|
143 * this network entity is EAP-supplicant (true) or EAP-authenticator (false). |
|
144 * @param receive_network_id includes the addresses (network identity) and packet type. |
|
145 */ |
|
146 virtual eap_status_e load_module( |
|
147 const eap_type_value_e type, |
|
148 const eap_type_value_e /* tunneling_type */, |
|
149 abs_eap_base_type_c * const partner, |
|
150 eap_base_type_c ** const eap_type, |
|
151 const bool is_client_when_true, |
|
152 const eap_am_network_id_c * const receive_network_id); |
|
153 |
|
154 /** |
|
155 * The unload_module() function unloads the module of a EAP-type. |
|
156 * @param eap_type is the requested EAP-type. |
|
157 */ |
|
158 virtual eap_status_e unload_module(const eap_type_value_e eap_type); |
|
159 |
|
160 void set_is_valid(); |
|
161 |
|
162 bool get_is_valid(); |
|
163 |
|
164 void increment_authentication_counter(); |
|
165 |
|
166 u32_t get_authentication_counter(); |
|
167 |
|
168 bool get_is_client(); |
|
169 |
|
170 eap_status_e configure(); |
|
171 |
|
172 eap_status_e shutdown(); |
|
173 |
|
174 /** |
|
175 * Note this function is just an example. Parameters will change later. |
|
176 * The packet_data_crypto_keys() function gives the generated keys to lower level. |
|
177 * After EAP-authentication has generated the keys it calls this function |
|
178 * to offer the keys to lower level. |
|
179 * @see abs_eap_base_type_c::packet_data_crypto_keys(). |
|
180 */ |
|
181 virtual eap_status_e packet_data_crypto_keys( |
|
182 const eap_am_network_id_c * const send_network_id, |
|
183 const eap_master_session_key_c * const master_session_key |
|
184 ); |
|
185 |
|
186 /** |
|
187 * The packet_data_session_key() function passes one traffic encryption key to |
|
188 * the lower layers. Ultimately the key can end up to the WLAN hardware. |
|
189 * @param send_network_id carries the addresses (network identity) and type of the packet. |
|
190 * @param key is the encryption key |
|
191 * @param key_length is the length of the key |
|
192 * @param key_type describes the type of the key (WEP or something else...) |
|
193 * @param key_index is the index of the encryption key (there can be four broadcast keys in WEP for example) |
|
194 */ |
|
195 virtual eap_status_e packet_data_session_key( |
|
196 const eap_am_network_id_c * const send_network_id, |
|
197 const eapol_session_key_c * const key |
|
198 ); |
|
199 |
|
200 /** |
|
201 * The read_configure() function reads the configuration data identified |
|
202 * by the field string of field_length bytes length. Adaptation module must direct |
|
203 * the query to some persistent store. |
|
204 * @see abs_eap_base_type_c::read_configure(). |
|
205 */ |
|
206 virtual eap_status_e read_configure( |
|
207 const eap_configuration_field_c * const field, |
|
208 eap_variable_data_c * const data); |
|
209 |
|
210 /** |
|
211 * The write_configure() function writes the configuration data identified |
|
212 * by the field string of field_length bytes length. Adaptation module must direct |
|
213 * the action to some persistent store. |
|
214 * @see abs_eap_base_type_c::write_configure(). |
|
215 */ |
|
216 virtual eap_status_e write_configure( |
|
217 const eap_configuration_field_c * const field, |
|
218 eap_variable_data_c * const data); |
|
219 |
|
220 /** |
|
221 * This is notification of internal state transition. |
|
222 * This is used for notifications, debugging and protocol testing. |
|
223 * The primal notifications are eap_state_variable_e::eap_state_authentication_finished_successfully |
|
224 * and eap_state_variable_e::eap_state_authentication_terminated_unsuccessfully. |
|
225 * These two notifications are sent from EAP-protocol layer (eap_protocol_layer_e::eap_protocol_layer_eap). |
|
226 * These two notifications tells the end state of authentication session. These are the only |
|
227 * reliable indications of the final status of authentication session. |
|
228 * You MUST NOT make decision based on the return value of abs_eap_stack_interface_c::packet_process(). |
|
229 */ |
|
230 virtual void state_notification( |
|
231 const abs_eap_state_notification_c * const state); |
|
232 |
|
233 /** |
|
234 * The set_timer() function initializes timer to be elapsed after time_ms milliseconds. |
|
235 * @param initializer is pointer to object which timer_expired() function will |
|
236 * be called after timer elapses. |
|
237 * @param id is identifier which will be returned in timer_expired() function. |
|
238 * The user selects and interprets the id for this timer. |
|
239 * @param data is pointer to any user selected data which will be returned in timer_expired() function. |
|
240 * @param time_ms is the time of timer in milli seconds. |
|
241 * |
|
242 * Adaptation module internally implements the timer. |
|
243 */ |
|
244 virtual eap_status_e set_timer( |
|
245 abs_eap_base_timer_c * const initializer, |
|
246 const u32_t id, |
|
247 void * const data, |
|
248 const u32_t time_ms); |
|
249 |
|
250 /** |
|
251 * The cancel_timer() function cancels the timer id initiated by initializer. |
|
252 * @param initializer is pointer to object which set the cancelled timer. |
|
253 * @param id is identifier which will be returned in timer_expired() function. |
|
254 * The user selects and interprets the id for this timer. |
|
255 * |
|
256 * Adaptation module internally implements the timer. |
|
257 */ |
|
258 virtual eap_status_e cancel_timer( |
|
259 abs_eap_base_timer_c * const initializer, |
|
260 const u32_t id); |
|
261 |
|
262 /** |
|
263 * The cancel_all_timers() function cancels all timers. |
|
264 * User should use this in termination of the stack before |
|
265 * the adaptation module of tools is deleted. |
|
266 * Preferred mode is to cancel each timer directly |
|
267 * using cancel_timer() function. |
|
268 * |
|
269 * Adaptation module internally implements the timer. |
|
270 */ |
|
271 virtual eap_status_e cancel_all_timers(); |
|
272 |
|
273 /** |
|
274 * This function queries the validity of EAP-type. |
|
275 * Lower layer should return eap_status_ok if this EAP-type is supported. |
|
276 * @param eap_type is the requested EAP-type. |
|
277 */ |
|
278 virtual eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type); |
|
279 |
|
280 /** |
|
281 * This function queries the list of supported EAP-types. |
|
282 * Lower layer should return eap_status_ok if this call succeeds. |
|
283 * @param eap_type_list will include the list of supported EAP-types. Each value in list |
|
284 * is type of u32_t and represent one supported EAP-type. List consists of subsequent u32_t type values. |
|
285 */ |
|
286 virtual eap_status_e get_eap_type_list(eap_array_c<eap_type_value_e> * const eap_type_list); |
|
287 |
|
288 virtual eap_status_e add_rogue_ap(eap_array_c<eap_rogue_ap_entry_c> & rogue_ap_list); |
|
289 |
|
290 /** |
|
291 * The adaptation module calls the restart_authentication() function |
|
292 * when EAP-authentication is needed with another peer. |
|
293 * @see abs_eap_core_c::restart_authentication(). |
|
294 */ |
|
295 eap_status_e restart_authentication( |
|
296 const eap_am_network_id_c * const receive_network_id, |
|
297 const bool is_client_when_true, |
|
298 const bool force_clean_restart, |
|
299 const bool from_timer = false); |
|
300 |
|
301 /** |
|
302 * This function tells lower layer to remove EAP session object asyncronously. |
|
303 * @param send_network_id is pointer to network id that identifies the removed EAP session. |
|
304 */ |
|
305 eap_status_e asynchronous_init_remove_eap_session( |
|
306 const eap_am_network_id_c * const send_network_id); |
|
307 |
|
308 // This is documented in abs_eap_core_c::set_session_timeout(). |
|
309 eap_status_e set_session_timeout( |
|
310 const u32_t session_timeout_ms); |
|
311 |
|
312 // See abs_eap_base_timer_c::timer_expired(). |
|
313 eap_status_e timer_expired( |
|
314 const u32_t id, void *data); |
|
315 |
|
316 // See abs_eap_base_timer_c::timer_delete_data(). |
|
317 eap_status_e timer_delete_data( |
|
318 const u32_t id, void *data); |
|
319 |
|
320 private: |
|
321 |
|
322 TInt CompleteAssociation(const TInt aResult); |
|
323 eap_status_e send_eap_identity_request(); |
|
324 |
|
325 eap_status_e create_upper_stack(); |
|
326 |
|
327 protected: |
|
328 |
|
329 /** |
|
330 * Function: CEapVpnInterfaceImplementation |
|
331 * |
|
332 * Discussion: Perform the first phase of two phase construction |
|
333 */ |
|
334 CEapVpnInterfaceImplementation(); |
|
335 |
|
336 /** |
|
337 * Function: ConstructL |
|
338 * |
|
339 * Discussion: Perform the second phase construction |
|
340 */ |
|
341 void ConstructL(MAbsEapVpnInterface* aCaller, TBool aClient); |
|
342 |
|
343 void RunL(); |
|
344 void DoCancel(); |
|
345 |
|
346 private: // implementation |
|
347 static void CleanupImplArray( TAny* aAny ); |
|
348 |
|
349 private: |
|
350 // From eapol_am_core_symbian.h |
|
351 |
|
352 TBool iQueryIdentity; |
|
353 |
|
354 /// Pointer to the lower layer in the stack |
|
355 MAbsEapVpnInterface* iCaller; |
|
356 |
|
357 /// Pointer to the upper layer in the stack |
|
358 eap_core_c* iEapCore; |
|
359 |
|
360 #ifdef USE_EAP_EXPANDED_TYPES |
|
361 |
|
362 eap_type_value_e iRequestedEapType; |
|
363 |
|
364 #else |
|
365 |
|
366 TUint8 iRequestedEapType; |
|
367 |
|
368 #endif //#ifdef USE_EAP_EXPANDED_TYPES |
|
369 |
|
370 /// Pointer to the tools class |
|
371 eap_am_tools_symbian_c* m_am_tools; |
|
372 |
|
373 eap_am_network_id_c* m_receive_network_id; |
|
374 |
|
375 eap_variable_data_c * m_trace_log_file_name; |
|
376 |
|
377 u32_t m_authentication_counter; |
|
378 |
|
379 u32_t m_successful_authentications; |
|
380 |
|
381 u32_t m_failed_authentications; |
|
382 |
|
383 bool m_is_valid; |
|
384 |
|
385 bool m_is_client; |
|
386 |
|
387 /// Array for storing the loaded EAP types. |
|
388 RPointerArray<CEapType> m_plugin_if_array; |
|
389 |
|
390 #ifdef USE_EAP_EXPANDED_TYPES |
|
391 |
|
392 /// Enabled expanded EAP configuration data from CommsDat |
|
393 // This is for the outer most EAP (not tunneled) |
|
394 RExpandedEapTypeArray m_enabled_expanded_eap_array; |
|
395 |
|
396 /// Disabled expanded EAP configuration data from CommsDat |
|
397 // This is for the outer most EAP (not tunneled) |
|
398 RExpandedEapTypeArray m_disabled_expanded_eap_array; |
|
399 |
|
400 /// Array which corresponds with m_plugin_if_array and indicates the types of the loaded EAP types. |
|
401 eap_array_c<eap_type_value_e> * m_eap_type_array; |
|
402 |
|
403 #else |
|
404 |
|
405 /// EAP configuration data from CommDb |
|
406 TEapArray m_iap_eap_array; |
|
407 |
|
408 /// Array which corresponds with m_plugin_if_array and indicates the types of the loaded EAP types. |
|
409 RArray<TUint8> m_eap_type_array; |
|
410 |
|
411 #endif //#ifdef USE_EAP_EXPANDED_TYPES |
|
412 |
|
413 /// Indicates the bearer type |
|
414 TIndexType m_index_type; |
|
415 |
|
416 /// Indicates the service index in CommDb |
|
417 TInt m_index; |
|
418 |
|
419 eap_file_config_c* m_fileconfig; |
|
420 |
|
421 u32_t m_packet_index; |
|
422 |
|
423 bool m_block_packet_sends_and_notifications; |
|
424 |
|
425 bool m_stack_marked_to_be_deleted; |
|
426 |
|
427 HBufC8* iManualUsername; |
|
428 HBufC8* iManualRealm; |
|
429 HBufC8* iRealmPrefix; |
|
430 TBool iHideInitialIdentity; |
|
431 }; |
|
432 |
|
433 #endif //#ifndef __EAPPLUGIN_H__ |
|
434 |
|
435 // End. |