MCL/sf/mw/appinstall: comparison installationservices/swi/source/swis/server/installmachine.cpp

equal deleted inserted replaced

-:7333d7932ef7
+:8b7f4e561641
-	/*
+/*
 * Copyright (c) 2004-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
 * which accompanies this distribution, and is available
 #include "sisptrprovider.h"
 #include <e32capability.h>
 #include <ocsp.h>
 #include "secutils.h"
 #include "sislauncherclient.h"
-#include "swicenrep.h"
-// Security settings.
-#include <x509certext.h>
-#include <pkixvalidationresult.h>
-#include <secsettings/secsettingsclient.h>
 #ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 #include "swi/sisversion.h"
 #include "swi/nativecomponentinfo.h"
 #include <usif/usifcommon.h>
-#include <usif/scr/appregentries.h>
 #include "scrdbconstants.h"
 #endif
 using namespace Swi;
 using namespace Swi::Sis;
-_LIT(KExpressSignedOID, "1.2.826.0.1.1796587.1.1.2.1");
-_LIT(KCertifiedSignedOID, "1.2.826.0.1.1796587.1.1.2.2");
-_LIT(KCertifiedSignedWithVerisignOID, "1.2.826.0.1.1796587.1.1.2.3");
-#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
-void DeRegisterForceRegisteredAppsL()
-	{
-	// Deregister the force registered applications from AppArc
-	DEBUG_PRINTF(_L8("Deregistering the force registered applications with AppArc"));
-	RSisLauncherSession launcher;
-	CleanupClosePushL(launcher);
-	User::LeaveIfError(launcher.Connect());
-	RArray<TAppUpdateInfo> emptyAppRegDataArray;
-	launcher.NotifyNewAppsL(emptyAppRegDataArray);
-	CleanupStack::PopAndDestroy(&launcher);
-	}
-#endif
 //
 // TInstallState
 //
 		User::Leave(KErrCancel);
 		}
 	iInstallMachine.CompleteSelf();
 	iInstallMachine.SetActive();
-	// user hasn't cancelled so mark the installation as confirmed. This
-	// will allow the registry cache to be regenerated further on during the
-	// installation process.
-	iInstallMachine.iOperationConfirmed = ETrue;
 	}
 CInstallMachine::TState* CInstallMachine::TConfirmationState::CompleteL()
 	{
 	DEBUG_PRINTF(_L8("Install Machine - Confirmation State complete"));
 			break;
 			}
 		case ESignatureSelfSigned:
-		    {
 			iInstallMachine.SetTrust(ESisPackageCertificateChainNoTrustAnchor);
 		    iInstallMachine.SetValidationStatus(EValidated);
 		    #ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 		    // Alert only when machine not runs in info collection mode
 			if(iInstallMachine.IsInInfoMode())
 				break;
 			#endif
+			if (!SecurityAlertL(ETrue))
-TBool allowSelfSigned(ETrue);
+		    	User::Leave(KErrCancel);
+		    break;
-	        // Session to access Install Central Repository Server.
-	        SecuritySettingsServer::RSecSettingsSession secSettingsSession;
-	        // Connect to the Central Repository server.
-	        User::LeaveIfError(secSettingsSession.Connect());
-CleanupClosePushL(secSettingsSession);
-// Read-in the values of the settings - KAllowSelfSignedInstallKey.
-// These will retain the default values if any error occurs.
-	        TRAPD(err, (allowSelfSigned = secSettingsSession.SettingValueL(KUidInstallationRepository , KAllowSelfSignedInstallKey)));
-if (err == KErrNone || err == KErrSettingNotFound || err == KErrNotFound || err == KErrCorrupt)
-{
-if (err == KErrCorrupt)
-{
-DEBUG_PRINTF(_L8("Install Machine - CenRep file 2002cff6.txt is corrupt. Using Default Value to Install."));
-}
-if (!allowSelfSigned || !SecurityAlertL(ETrue))
-{
-User::Leave(KErrCancel);
-}
-}
-else
-{
-User::Leave(err);
-}
-CleanupStack::PopAndDestroy(&secSettingsSession);
-			break;
-		    }
 case ECertificateValidationError:
 		case ENoCertificate:
 		case ENoCodeSigningExtension:
 		case ENoSupportedPolicyExtension:
 			{
 		//Only warn once
 		iInstallMachine.iSecurityManager->SetDevCertWarningState(EDevCertsWarned);
 		}
 	#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
-	// Forcibly skip the OCSP & prerequisites checking and directly go to the plan installation state when the
+	// Forcibly skip the OCSP check and directly go to the prerequisites checking state when the
-	// machine runs in component information collection mode. OCSP would introduce latency which is not expected
+	// machine runs in component information collection mode. OCSP would introduce latency which is not expected when retrieving component info
-	// when retrieving component info.
 	if(iInstallMachine.IsInInfoMode())
 		{
-		return static_cast<TState*>(&iInstallMachine.iPlanInstallationState);
+		return static_cast<TState*>(&iInstallMachine.iCheckPrerequisitesState);
 		}
 	#endif
 	return static_cast<TState*>(&iInstallMachine.iOcspState);
 	}
 	// Determine is the check is necessary.
 	iNeedOcsp = iInstallMachine.iInstallPrefs->PerformRevocationCheck() && iInstallMachine.iSecurityManager->SecurityPolicy().OcspEnabled();
 	if ((iInstallMachine.iCertificates.Count()) && iNeedOcsp)
 		{
-		TInt checkOCSPForExpressSignedPkg = 1;
+		// We haven't done the planning phase so we need to use the default
-		TInt checkOCSPForSelfSignedPkg = 1;
+		TAppInfo appInfo(iInstallMachine.iCurrentContentProvider->DefaultLanguageAppInfoL());
-		TInt checkOCSPForCertifiedSignedPkg = 1;
-		TInt checkOCSPForCertifiedWithVeriSignPkg = 1;
+		// Signal OCSP check starting
+		CHandleCancellableInstallEvent* cmd = CHandleCancellableInstallEvent::NewLC(appInfo, EEventOcspCheckStart, 0, KNullDesC);
-		// Session to access Security Central Repository Server.
+		iInstallMachine.UiHandler().ExecuteL(*cmd);
-		SecuritySettingsServer::RSecSettingsSession secSettingsSession;
+		CleanupStack::PopAndDestroy(cmd);
-		// Connect to the Security Central Repository server.
+		// Start OCSP check.
-		User::LeaveIfError(secSettingsSession.Connect());
+		TBuf8<256> ocspUri(iInstallMachine.iInstallPrefs->RevocationServerUri());
+		iInstallMachine.iSecurityManager->PerformOcspL(ocspUri, iInstallMachine.iIap,
-		CleanupClosePushL(secSettingsSession);
+			&iInstallMachine.iOcspMsg,iInstallMachine.iOcspOutcomes,
+			iInstallMachine.iCertificates,iInstallMachine.iStatus);
-		// Read-in the values of the settings from the Install Central Repository.
-		// These will retain the default values if any error occurs.
+TTime time;
-		TRAPD(err, checkOCSPForExpressSignedPkg = secSettingsSession.SettingValueL(KUidInstallationRepository, KCheckOCSPForExpressedSignedPkgKey));
+time.UniversalTime();
-		TRAP(err, checkOCSPForSelfSignedPkg = secSettingsSession.SettingValueL(KUidInstallationRepository, KCheckOCSPForSelfSignedPkgKey));
+TSisTrustStatus& trustStatus =  iInstallMachine.iController->TrustStatus();
-		TRAP(err, checkOCSPForCertifiedSignedPkg = secSettingsSession.SettingValueL(KUidInstallationRepository, KCheckOCSPForCertifiedSignedPkgKey));
+trustStatus.SetLastCheckDate(time);
-		TRAP(err, checkOCSPForCertifiedWithVeriSignPkg = secSettingsSession.SettingValueL(KUidInstallationRepository, KCheckOCSPForCertifiedWithVeriSignPkgKey));
-		CleanupStack::PopAndDestroy(&secSettingsSession);
-		TBool makeOcspCheck = (checkOCSPForExpressSignedPkg == 1) && (checkOCSPForSelfSignedPkg == 1) && (checkOCSPForCertifiedSignedPkg == 1) && (checkOCSPForCertifiedWithVeriSignPkg == 1);
-		//Find the OID of the certificate and make ocsp check based on settings retreived from cenrep
-		for (TInt i=0; i<iInstallMachine.iCertificates.Count(); ++i)
-		    {
-		    if(makeOcspCheck)//Could be true if set in the previous iCertificates.
-		        {
-		        break;
-		        }
-		    CX509Certificate* cert = iInstallMachine.iCertificates[i];
-		    const CX509CertExtension* certExt =  cert->Extension(KCertPolicies);
-			if (certExt == NULL)
-				{
-				makeOcspCheck = ETrue;
-				continue;
-				}
-		    CX509CertPoliciesExt* policyExt = CX509CertPoliciesExt::NewLC(certExt->Data());
-		    const CArrayPtrFlat<CX509CertPolicyInfo>& policies = policyExt->Policies();
-		    if(policies.Count() == 0)
-				{
-		        makeOcspCheck = ETrue;
-				}
-			for(TInt j=0; j<policies.Count(); ++j)
-				{
-				HBufC* oid = (policies[j])->Id().AllocLC();
-				if (oid->Compare(KExpressSignedOID) == 0)
-					{
-					makeOcspCheck = (checkOCSPForExpressSignedPkg==1);
-					}
-				else if(oid->Compare(KCertifiedSignedOID) == 0)
-					{
-					makeOcspCheck = (checkOCSPForCertifiedSignedPkg==1);
-					}
-				else if(oid->Compare(KCertifiedSignedWithVerisignOID) == 0)
-					{
-					makeOcspCheck = (checkOCSPForCertifiedWithVeriSignPkg==1);
-					}
-				else if(iInstallMachine.iSigValidationResult == ESignatureSelfSigned)
-					{
-					makeOcspCheck = (checkOCSPForSelfSignedPkg==1);
-					}
-				CleanupStack::PopAndDestroy(oid);
-				if(makeOcspCheck)
-					{
-					break;
-					}
-				}
-		    CleanupStack::PopAndDestroy(policyExt);
-			}
-		if (makeOcspCheck)
-		    {
-// We haven't done the planning phase so we need to use the default
-TAppInfo appInfo(iInstallMachine.iCurrentContentProvider->DefaultLanguageAppInfoL());
-// Signal OCSP check starting
-CHandleCancellableInstallEvent* cmd = CHandleCancellableInstallEvent::NewLC(appInfo, EEventOcspCheckStart, 0, KNullDesC);
-iInstallMachine.UiHandler().ExecuteL(*cmd);
-CleanupStack::PopAndDestroy(cmd);
-// Start OCSP check.
-TBuf8<256> ocspUri(iInstallMachine.iInstallPrefs->RevocationServerUri());
-iInstallMachine.iSecurityManager->PerformOcspL(ocspUri, iInstallMachine.iIap,
-&iInstallMachine.iOcspMsg,iInstallMachine.iOcspOutcomes,
-iInstallMachine.iCertificates,iInstallMachine.iStatus);
-TTime time;
-time.UniversalTime();
-TSisTrustStatus& trustStatus =  iInstallMachine.iController->TrustStatus();
-trustStatus.SetLastCheckDate(time);
-		    }
-else
-{
-iNeedOcsp = EFalse;
-iInstallMachine.CompleteSelf();
-}
 		}
 	else
 		{
 		iNeedOcsp = EFalse;
 		iInstallMachine.CompleteSelf();
 	// Get the Capabilities required by the executables in the given component and set it in current controller.
 	//Setting the HasExecutable flag in the current contoller if it
 	//contains any executable(.exe or .dll).
 	if (iInstallMachine.IsInInfoMode())
 		{
+		TCapabilitySet userGrantableCaps;
+		userGrantableCaps.SetEmpty();
+		iInstallMachine.GetRequestedCapabilities(userGrantableCaps, filesToCapabilityCheck);
+		iInstallMachine.SetUserGrantableCapabilities(userGrantableCaps);
 		Sis::CController& controller = const_cast <Sis::CController&>(iInstallMachine.iPlanner->CurrentController());
 		controller.SetHasExecutable(EFalse);
 		TInt noOfFiles = filesToCapabilityCheck.Count();
 		for(TInt i = 0 ; i < noOfFiles ; i++)
 		   {
 CInstallMachine::TState* CInstallMachine::TCheckPostrequisitesState::CompleteL()
 	{
 	DEBUG_PRINTF(_L8("Install Machine - Completed Postrequisites Check State"));
 	// Inform UI of final progress bar value.
 	iInstallMachine.SetProgressBarFinalValueL();
+	// user hasn't cancelled so mark the installation as confirmed. This
+	// will allow the registry cache to be regenerated further on during the
+	// installation process.
+	iInstallMachine.iOperationConfirmed = ETrue;
 	return static_cast<TState*>(&iInstallMachine.iIntegritySupportState);
 	}
 CInstallMachine::TState* CInstallMachine::TCheckPostrequisitesState::ErrorL(
 	TInt aCode)
 	}
 void CInstallMachine::TIntegritySupportState::Cancel()
 	{
 	DEBUG_PRINTF(_L8("Install Machine - Cancelling Integrity Support State"));
-#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
-	DeRegisterForceRegisteredAppsL();
-#endif
 	if (iInstallMachine.iProcessor)
 		{
 		iInstallMachine.iProcessor->Cancel();
 		}
 	}
 	}
 void CInstallMachine::PostJournalFinalizationL(TInt aError)
 	{
 	DEBUG_PRINTF(_L8("Install Machine - PostJournalFinalization"));
 #ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 	// Do nothing in info mode
 	if(IsInInfoMode())
 		{
 		return;
 		}
 #endif
 	if (!iPlan)
 		{
 		return;
 		}
 	const RPointerArray<CSisRegistryFileDescription>& filesToRun = iPlan->FilesToRunAfterInstall();
-RSisLauncherSession launcher;
-if (launcher.Connect() != KErrNone)
+	TInt numFiles = filesToRun.Count();
-{
-DEBUG_PRINTF(_L8("Install Machine - Failed to connect to SisLauncher"));
-return;
-}
-CleanupClosePushL(launcher);
-#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
-	//Notify apparc for the the change in the Applications
-RArray<TAppUpdateInfo> affectedApps;
-iPlan->GetAffectedApps(affectedApps);
-if (affectedApps.Count() > 0)
-{
-launcher.NotifyNewAppsL(affectedApps);
-}
-affectedApps.Close();
-#endif
-	TInt numFiles = filesToRun.Count();
 	if (aError != KErrNone || numFiles <= 0)
 		{
-		CleanupStack::PopAndDestroy(&launcher);
 		return;
 		}
 	// Check the top level application, if it's not trusted and the policy says no
 	// then don't run anything.
 		{
 		DEBUG_PRINTF(_L8("Install Machine - Toplevel controller is untrusted, not running files after install"));
 		return;
 		}
 	DEBUG_PRINTF(_L8("Install Machine - Processing files to run after install"));
+	RSisLauncherSession launcher;
-#ifndef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
+	if (launcher.Connect() != KErrNone)
+		{
+		DEBUG_PRINTF(_L8("Install Machine - Failed to connect to SisLauncher, continuing..."));
+		return;
+		}
+	CleanupClosePushL(launcher);
 	launcher.NotifyNewAppsL(iPlan->AppArcRegFiles());
-#endif
 	if (iPlan->ContainsPlugins())
 		{
 		// set the "I'm done" propererty AFTER running ECOM reliant files.
 		launcher.RunAfterEcomNotificationL(filesToRun);
 			DEBUG_PRINTF(_L8("Attempting to access (possibly) DRM'd SIS file via CAF"));
 			iInstallMachine.iSisHelper.ExecuteDrmIntentL(static_cast<ContentAccess::TIntent>(iInstallMachine.iSecurityManager->SecurityPolicy().DrmIntent()));
 			}
 		}
-iInstallMachine.CompleteSelf();
+	iInstallMachine.CompleteSelf();
 	iInstallMachine.SetActive();
 	}
 CInstallMachine::TState* CInstallMachine::TFinalState::CompleteL()
 	{
 	return NULL;
 	}
 void CInstallMachine::TFinalState::Cancel()
 	{
-#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
-	DeRegisterForceRegisteredAppsL();
-#endif
 	}
 //
 // TControllerInfo
 //
 	// Any capabilities left in requestedCaps after this are not signed for and not in the certs constraints.
 	// Check if any of them are system capabilities. If so, bail out.
 	TCapabilitySet requiredExtraSysCaps(requestedCaps);
 	SecurityCheckUtil::RemoveUserCaps(requiredExtraSysCaps, *iSecurityManager);
+	TAppInfo appInfo(iCurrentContentProvider->DefaultLanguageAppInfoL());
 	#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 	// Report the error to the user only when machine not runs in info collection mode
 	if(IsInInfoMode())
 		{
-		TCapabilitySet requiredUserCaps(requestedCaps);
+		SetUserGrantableCapabilities(requestedCaps);
-		requiredUserCaps.Remove(requiredExtraSysCaps);
-		SetUserGrantableCapabilities(requiredUserCaps);
 		return;
 		}
 	#endif
-	TAppInfo appInfo(iCurrentContentProvider->DefaultLanguageAppInfoL());
 	if (SecurityCheckUtil::NotEmpty(requiredExtraSysCaps)||(SecurityCheckUtil::NotEmpty(requestedCaps) && EFalse==iSecurityManager->SecurityPolicy().AllowGrantUserCaps()))
 		{
 		// Report error to the user. Include the list of capabilities that are left in requestedCaps.
 		// Among these will be at least one cap that is not allowed. This is because
 		// - it is a system cap which hasn't been granted or
 	}
 void CInstallMachine::SetProgressBarFinalValueL()
 	{
 	HandleInstallationEventL(iPlan, EEventSetProgressBarFinalValue, iPlan->FinalProgressBarValue());
-	#ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 	SetFinalProgressBarValue(iPlan->FinalProgressBarValue());
-	#endif
 	}
 #ifdef SYMBIAN_UNIVERSAL_INSTALL_FRAMEWORK
 // Populate the native component information.
 void CInstallMachine::TFinalState::PopulateNativeComponentInfoL(const CController& aController, CNativeComponentInfo* aNativeComponentInfo)
 		aNativeComponentInfo->iMaxInstalledSize += fileDescriptions[i]->UncompressedLength();
 		}
 	//Setting the HasExecutable flag
 	aNativeComponentInfo->iHasExe = controller.HasExecutable();
-	//Setting the drive selection requird flag
-	aNativeComponentInfo->iIsDriveSelectionRequired = controller.DriveSelectionRequired();
-	//Populate ApplicationInfo, copy the app info from controller's iApplicationInfo  to install machines's iApplicationInfo
-	RCPointerArray<CNativeComponentInfo::CNativeApplicationInfo> applications;
-	applications = const_cast<CController&>(aController).GetApplicationInfo();
-	for(TInt i = 0 ; i < applications.Count() ; i++)
-	    {
-	    CNativeComponentInfo::CNativeApplicationInfo*  appInfo = NULL;
-	    appInfo = CNativeComponentInfo::CNativeApplicationInfo::NewLC(applications[i]->AppUid(), applications[i]->Name(), applications[i]->GroupName(), applications[i]->IconFileName());
-	    aNativeComponentInfo->iApplications.AppendL(appInfo);
-	    CleanupStack::Pop(appInfo);
-	    }
 	const RPointerArray<CController>& embeddedControllers = aController.InstallBlock().EmbeddedControllers();
 	TInt totalEmbeddedControllers = embeddedControllers.Count();
 	for (TInt controller = 0; controller < totalEmbeddedControllers; controller++)
 		{

branch	RCL_3
changeset 26	8b7f4e561641
parent 25	7333d7932ef7