MCL/sf/mw/remotemgmt: comparison terminalsecurity/SCP/SCPServer/src/SCPServer.cpp

equal deleted inserted replaced

-:4af31167ea77
+:13d7c31c74e0
 iConfiguration.Initialize();
 // Assign default config flag
 iConfiguration.iConfigFlag = KSCPConfigUnknown;
-iConfiguration.iConfigChecked = EFalse;
 // Assign the default codes
 iConfiguration.iSecCode.Zero();
 iConfiguration.iSecCode.Append( KSCPDefaultSecCode );
 CleanupStack::PopAndDestroy( codeHBuf );
 }
 //#endif
 // Assign the default max timeout
-iConfiguration.iMaxTimeout = KSCPDefaultMaxTO;
+iConfiguration.iMaxTimeout = 0;
 	iConfiguration.iBlockedInOOS = 0;
 // Read the configuration, overwriting the default values
 TInt ret = KErrNone;
 TRAPD( err, ret = iConfiguration.ReadSetupL() );
 {
 Dprint( (_L("CSCPServer::ConstructL(): Configration read OK") ));
 }
-//If Configuration is not validated already, validate it
-if (!iConfiguration.iConfigChecked)
-{
-TInt valerr = KErrNone;
-TRAP( valerr, ValidateConfigurationL( KSCPComplete ));
-if (valerr != KErrNone)
-{
-Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation failed: %d"), valerr ));
-}
-else
-{
-Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation Passed")));
-}
-}
 Dprint( (_L("CSCPServer::ConstructL(): Connecting to CenRep") ));
 iALPeriodRep = CRepository::NewL( KCRUidSecuritySettings );
 // Check for factory settings
 CheckIfRfsPerformedL();
 // Status : Approved
 // ---------------------------------------------------------
 //
 void CSCPServer::ValidateConfigurationL( TInt aMode )
 {
-Dprint( (_L("--> CSCPServer::ValidateConfigurationL()") ));
+if (aMode == KSCPInitial) {
-RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()"));
+// Return here, must be checked by complete mode
-TInt startupReason(ENormalStartup);
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@@aMode == KSCPInitial "));
-RProperty::Get(KPSUidStartup, KPSStartupReason, startupReason);
+User::Leave(KErrAccessDenied);
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): startupReason = %d"), startupReason));
+}
-if((startupReason == ENormalRFSReset)||(startupReason ==  EDeepRFSReset)||(startupReason == EFirmwareUpdate)||(iConfiguration.iConfigFlag == KSCPConfigUnknown))
-{
+RMobilePhone::TMobilePassword storedCode;
-	RMobilePhone::TMobilePassword storedCode;
 storedCode.Zero();
 User::LeaveIfError(GetCode(storedCode));
+TBool isDefaultLockcode = ETrue;
+TInt err = KErrNone;
-	Dprint( (_L("CSCPServer::ValidateConfigurationL(): Checking code: %s"), storedCode.PtrZ() ));
-	// Check that the ISA code is stored correctly
+RMobilePhone::TMobilePassword defaultLockcode;
-	TRAPD( err, CheckISACodeL( storedCode ) );
+defaultLockcode.Zero();
-	 //Bool for the correction of Defaultlockcode cenrep
+defaultLockcode.Copy(KSCPDefaultSecCode);
-TBool lCorrectDefaultlockcode = EFalse;
+if (storedCode.Compare(KSCPDefaultSecCode) == 0) {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@config has KSCPDefaultSecCode "));
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): iConfigFlag = %d, iConfigChecked = %d"), iConfiguration.iConfigFlag, iConfiguration.iConfigChecked));
+TRAP( err, CheckISACodeL( defaultLockcode ) );
+if (err == KErrNone) {
-if ((iConfiguration.iConfigFlag == KSCPConfigOK)
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA also has KSCPDefaultSecCode "));
-&& (iConfiguration.iConfigChecked) && (err == KErrNone))
+iConfiguration.iConfigFlag = KSCPConfigOK;
-{
+isDefaultLockcode = ETrue;
-// The configuration has already been checked, exit
+}
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): Configuration is non-default.") ));
+else {
-User::Leave( KErrNone );
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA doesn't has KSCPDefaultSecCode "));
-}
+iConfiguration.iConfigFlag = KSCPConfigInvalid;
-else if ( aMode == KSCPInitial )
+iConfiguration.iFailedAttempts++;
-{
+isDefaultLockcode = EFalse;
-// Return here, must be checked by complete mode
+}
-User::Leave( KErrAccessDenied );
+}
-}
+else {
+RDebug::Print(_L("CSCPServer::CheckISACodeL(): config lock code %s"), storedCode.PtrZ());
+TRAP( err, CheckISACodeL( storedCode ) );
-TInt hashedISAcode;
+if (err == KErrNone) {
-TSCPSecCode hashedCode;
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA and config are in SYNC !! "));
-//#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS
+iConfiguration.iConfigFlag = KSCPConfigOK;
-if(FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements))
+isDefaultLockcode = EFalse;
-{
+}
-	/*TInt*/ hashedISAcode = HashISACode( iConfiguration.iEnhSecCode );
+else {
-// TSCPSecCode hashedCode;
+iConfiguration.iSecCode.Zero();
-hashedCode.Zero();
+iConfiguration.iSecCode.Append(KSCPDefaultSecCode);
-hashedCode.AppendNum( hashedISAcode );
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@May be ISA has KSCPDefaultSecCode "));
+TRAP(err,ChangeISACodeL(storedCode));
+if (err == KErrNone) {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()chnaged ISA code with config value "));
+iConfiguration.iConfigFlag = KSCPConfigOK;
+isDefaultLockcode = EFalse;
+}
+else
+{
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()it shouldn't reach this :( "));
+}
+}
+}
+CRepository* repository = CRepository::NewL(KCRUidSCPLockCode);
+CleanupStack::PushL(repository);
+if (isDefaultLockcode ) {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()setting def. lockcode to 12345 "));
+repository->Set(KSCPLockCodeDefaultLockCode, 12345);
+}
+else {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()setting def. lockcode to 0 "));
+repository->Set(KSCPLockCodeDefaultLockCode, 0);
+}
+CleanupStack::PopAndDestroy(repository);
+TRAP( err, iConfiguration.WriteSetupL() );
+if (err != KErrNone) {
+Dprint( (_L("CSCPServer::ValidateConfigurationL(): WARNING: failed to write configuration\
+: %d"), err ));
+}
+if (iConfiguration.iConfigFlag == KSCPConfigOK) {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@iConfigFlag == KSCPConfigOK "));
+err = KErrNone;
+}
+else {
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@iConfigFlag == KErrAccessDenied "));
+err = KErrAccessDenied;
+}
+User::LeaveIfError(err);
 }
-//#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS
-if (err != KErrNone)
-{
-lCorrectDefaultlockcode = ETrue;
-}
-if ( err == KErrNone )
-{
-iConfiguration.iConfigFlag = KSCPConfigOK;
-}
-else if ( err == KErrAccessDenied )
-{
-iConfiguration.iConfigFlag = KSCPConfigInvalid;
-}
-else if ( err == KErrLocked )
-{
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): ISA code locked.") ));
-}
-else
-{
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): ERROR in validation.") ));
-}
-//#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS
-if(FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements))
-{
-if ( err == KErrNone )
-{
-// Check that the codes are in-sync with each other. Especially the default ISA code must
-// be changed according to the default enhanced code.
-if ( storedCode.Compare( hashedCode ) != 0 )
-{
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): Correct ISA code stored.\
-Changing ISA code to match enhanced code => %d"), hashedISAcode ));
-storedCode.Copy( hashedCode );
-// Change the ISA code to match the hashed code
-ChangeISACodeL( storedCode );
-}
-}
-else if ( ( err == KErrAccessDenied ) && ( storedCode.Compare( hashedCode ) != 0 ) )
-{
-// Try again with the hashed code
-TRAP( err, CheckISACodeL( hashedCode ) );
-if ( err == KErrNone )
-{
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): Hashed code is correct.\
-Storing hashed code(%d)"), hashedISAcode ));
-if ( StoreCode( hashedCode ) == KErrNone )
-{
-iConfiguration.iConfigFlag = KSCPConfigOK;
-lCorrectDefaultlockcode = ETrue;
-}
-}
-}
-//If Correction of Defaultlockcode cenrep is required for the mismatch between Config and ISA
-if (lCorrectDefaultlockcode)
-{
-TInt lDefCode = -1;
-CRepository* lRepository = CRepository::NewL(KCRUidSCPLockCode);
-CleanupStack::PushL(lRepository);
-TInt lRet = lRepository->Get(KSCPLockCodeDefaultLockCode,
-lDefCode);
-if (lRet == KErrNone && lDefCode != -1)
-{
-if (lDefCode == 12345)
-{
-//Although lock code is already set, due to some unexpected condition
-//like C drive wipe, cenrep status is wrongly shown. Correcting it here.
-lRepository->Set(KSCPLockCodeDefaultLockCode, 0);
-Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 0") ));
-}
-else if (lDefCode == 0)
-{
-//If only ISA side is formatted, then the lock code on ISA side is default;
-//Cenrep status remains wrongly as the lock code is already set. Correcting it here.
-lRepository->Set(KSCPLockCodeDefaultLockCode, 12345);
-Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 12345") ));
-}
-}
-CleanupStack::PopAndDestroy(lRepository);
-}
-}
-//#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS
-//Set the flag to True, after config is validated
-iConfiguration.iConfigChecked = ETrue;
-TRAPD( err2, iConfiguration.WriteSetupL() );
-if ( err2 != KErrNone )
-{
-Dprint( (_L("CSCPServer::ValidateConfigurationL(): WARNING: failed to write configuration\
-: %d"), err2 ));
-}
-User::LeaveIfError( err );
-}
-Dprint( (_L("<-- CSCPServer::ValidateConfigurationL()") ));
-}
 // ---------------------------------------------------------
 #ifdef __WINS__
 (void)aCode;
 #endif // __WINS__
+Dprint( (_L("CSCPServer::CheckISACodeL(): current lock code %s"), aCode.PtrZ() ));
+RDebug::Print(_L("CSCPServer::CheckISACodeL(): current lock code %s"), aCode.PtrZ());
 RMobilePhone::TMobilePhoneSecurityCode secCodeType;
 secCodeType = RMobilePhone::ESecurityCodePhonePassword;
 RMobilePhone::TMobilePassword required_fourth;
 Dprint( (_L("CSCPServer::CheckISACodeL(): ISA code NOT OK") ));
 if (iConfiguration.iBlockedInOOS == 1)
 	         {
 	            	iConfiguration.iBlockedInOOS = 0;
 	            	Dprint( (_L("CSCPServer::CheckISACodeL():iBlockedInOOS = 0, KErrAccessDenied") ));
+	            	RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@iBlockedInOOS = 0, KErrAccessDenie"));
 	         }
 ret = KErrAccessDenied;
 }
 else if ( ( ret == KErrGsmSSPasswordAttemptsViolation ) || ( ret == KErrLocked ) )
 {
 Dprint( (_L("CSCPServer::CheckISACodeL(): ISA code BLOCKED") ));
 if (ret==KErrGsmSSPasswordAttemptsViolation)
 {
 	Dprint( (_L("CSCPServer::CheckISACodeL(): KErrGsmSSPasswordAttemptsViolation") ));
+	RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@KErrGsmSSPasswordAttemptsViolation"));
 }
 else
 {
 	Dprint( (_L("CSCPServer::CheckISACodeL(): KErrLocked") ));
+	RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@KErrLocked"));
 }
 ret = KErrLocked;
 if (iConfiguration.iBlockedInOOS == 0)
 	 {
 	iConfiguration.iBlockedInOOS = 1;
 	Dprint( (_L("CSCPServer::CheckISACodeL():iBlockedInOOS = 1, KSCPErrCodeBlockStarted") ));
+	RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@@@@"));
 	ret = KSCPErrCodeBlockStarted;
 	 }
 }
 else
 {
 Dprint( (_L("CSCPServer::CheckISACodeL(): ERROR reply checking ISA code: %d"),
 status.Int() ));
+RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()"));
 }
 }
 TRAPD( err, iConfiguration.WriteSetupL() );
 if ( err != KErrNone )
 {
 		 * already set
 		 * */
 		TRAP(err, repository = CRepository :: NewL(KCRUidSCPLockCode));
 		if(err == KErrNone) {
+			RDebug::Print(_L("<-- CSCPServer::StoreEnhCode()  setting KSCPLockCodeDefaultLockCode to 0"));
 err = repository->Set(KSCPLockCodeDefaultLockCode, 0);
 delete repository;
 		}
 	}
 }
 #endif // __SCP_DEBUG
 TInt lRetStatus(KErrNone);
 Dprint(_L("[CSCPServer]-> Initiating branching on parameter..."));
-switch ( aID )
+switch(aID) {
-{
+case ESCPAutolockPeriod:
-case ( ESCPAutolockPeriod ):
+case ESCPMaxAutolockPeriod: {
-// Flow through
-case ( ESCPMaxAutolockPeriod ):
-{
 // Convert the value, and set it
 TInt value;
 TLex lex(aValue);
 lRetStatus = lex.Val(value);
 if((lRetStatus != KErrNone ) || ( value < 0) || ( value > KSCPAutolockPeriodMaximum )) {
 lRetStatus = KErrArgument;
 break;
 }
 //Check if the device memory is encrypted or not.
 TBool encryptionEnabled = IsDeviceMemoryEncrypted();
+CSCPParamDBController* lParamDB = CSCPParamDBController :: NewLC();
 // Value OK
-if(aID == ESCPMaxAutolockPeriod)
+if(aID == ESCPMaxAutolockPeriod) {
-						{
+if( encryptionEnabled ) {
-						   if (  encryptionEnabled )
+Dprint(_L("[CSCPServer]-> Memory is encrypted"));
-{
-Dprint(_L("Memory is encrypted"));
+if(( 0 == value) || value > KMaxAutolockPeriod) {
-if (( 0 == value) || value > KMaxAutolockPeriod)
+Dprint((_L("[CSCPServer]-> Denying setting of max auto lock as value is %d"), value));
-{
+User :: Leave( KErrPermissionDenied );
-Dprint((_L("Denying setting of max auto lock as value is %d"), value));
+}
-User::Leave( KErrPermissionDenied );
+}
-}
+else {
-}
-else
-{
 Dprint(_L("Memory is decrypted, hence no restrictions to max autolock"));
 }
 Dprint(_L("[CSCPServer]-> Branched to ESCPMaxAutolockPeriod..."));
-CSCPParamDBController* lParamDB = CSCPParamDBController :: NewLC();
 lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: EMaxTimeout, aValue, aCallerIdentity, lParamDB);
-if(lRetStatus == KErrNone)
+if(lRetStatus == KErrNone) {
-								{
 // Do we have to change the Autolock period as well?
 TInt currentALperiod;
 lRetStatus = GetAutolockPeriodL(currentALperiod);
-if(lRetStatus == KErrNone)
+if(lRetStatus == KErrNone) {
-										{
+if( (iConfiguration.iMaxTimeout > 0) &&
-if((iConfiguration.iMaxTimeout > 0) && ((iConfiguration.iMaxTimeout < currentALperiod) || (currentALperiod == 0)))
+((iConfiguration.iMaxTimeout < currentALperiod) ||
-												{
+(currentALperiod == 0))) {
 Dprint((_L("[CSCPServer]-> Changing AL period to Max. AL period (Current ALP: %d, Max. ALP: %d)"), currentALperiod, value));
-lRetStatus = SetAutolockPeriodL(value);
+//lRetStatus = SetAutolockPeriodL(value);
+/*
+* Call to SetBestPolicyL will not check for Stronger/Weaker. The value of ETimeout just gets stored in
+* both the internal DB and the CenRep
+*/
+lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: ETimeout, aValue, aCallerIdentity, lParamDB);
 }
 }
-else
+else {
-										{
 Dprint((_L("[CSCPServer]-> ERROR: Couldn't get the Autolock period: %d"), lRetStatus));
 }
 }
+}
-CleanupStack :: PopAndDestroy(); //lParamDB
+// Autolock Period
-}
+else {
+//Code is commented as it is already taken care by the below condition #1343 irrespective of the drive encryption state.
-else
+/*  if ( 0 == value ) {
-{ // Autolock Period
+if(encryptionEnabled) {
-			//Code is commented as it is already taken care by the below condition #1343 irrespective of the drive encryption state.
-	     /*  if ( 0 == value )
-{
-if ( encryptionEnabled )
-{
 Dprint(_L("Permission denied!"));
-User::Leave( KErrPermissionDenied );
+User :: Leave(KErrPermissionDenied);
 }
 }*/
 Dprint(_L("[CSCPServer]-> Branched to ESCPAutolockPeriod..."));
 //  Check if this value is not allowed by the Max. Autolock period
 if ((iConfiguration.iMaxTimeout > 0) && ((iConfiguration.iMaxTimeout < value) || (value == 0))) {
 Dprint((_L("[CSCPServer]-> ERROR: The value %d for AL period not allowed (Max. AL period: %d)"), value, iConfiguration.iMaxTimeout));
 lRetStatus = KErrArgument;
 }
 else {
-lRetStatus = SetAutolockPeriodL(value);
+//lRetStatus = SetAutolockPeriodL(value);
+/*
+* Call to SetBestPolicyL will not check for Stronger/Weaker. The value of ETimeout just gets stored in
+* both the internal DB and the CenRep
+*/
+lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: ETimeout, aValue, aCallerIdentity, lParamDB);
 if(lRetStatus != KErrNone) {
 Dprint((_L("[CSCPServer]-> ERROR: Couldn't set the Autolock period: %d"), lRetStatus));
 }
 }
 }
+CleanupStack :: PopAndDestroy(); //lParamDB
 }
 break;
 case ESCPCodeChangePolicy:
 Dprint(_L("[CSCPServer]-> Branched to ESCPCodeChangePolicy..."));
 lRetStatus = ChangeCodePolicy( aValue );
 // Status : Approved
 // ---------------------------------------------------------
 //
 TInt CSCPServer::IsCorrectEnhCode( TDes& aCode, TInt aFlags )
 {
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): ") ));
 if(!FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements))
 {
 	return KErrNotSupported;
 }
 TInt ret = KErrAccessDenied;
 // Hash the code
 TBuf<KSCPMaxHashLength> hashBuf;
 hashBuf.Zero();
 iPluginEventHandler->HashInput( aCode, hashBuf );
 pswCandidate.AppendNum( ISACode );
 TBool enhancedCodeMatches = EFalse;
 if ( hashBuf.Compare( iConfiguration.iEnhSecCode ) == 0 )
 {
+	Dprint( (_L("CSCPServer::IsCorrectEnhCode(): enh code matches.") ));
 enhancedCodeMatches = ETrue;
 }
 // Check if the code is blocked (don't check if we're out-of-sync)
 if ( ( iConfiguration.iConfigFlag == KSCPConfigOK ) && ( IsCodeBlocked() ) )
 {
+	Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 1") ));
 if ( aFlags & KSCPEtelRequest )
 {
+	Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 2") ));
 // Check if the code is correct
 if ( enhancedCodeMatches )
 {
 // Mess-up the code
 RMobilePhone::TMobilePassword codeToSend;
 SendInvalidDOSCode( codeToSend );
 }
 else
 {
 // OK, the code is already invalid
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 3") ));
 SendInvalidDOSCode( pswCandidate );
 }
 }
 return KErrLocked;
 }
 if ( iConfiguration.iConfigFlag == KSCPConfigOK )
 {
 // Normal situation: we have the correct code stored.
 // Compare the hashes (hashing error will result in EFalse )
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 4") ));
 if ( enhancedCodeMatches )
 {
 ret = KErrNone;
 if ( aFlags & KSCPEtelRequest )
 {
 // Send the correct code to DOS side
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 5") ));
 TRAP( ret, CheckISACodeL( pswCandidate ) );
 }
 if ( ret == KErrNone )
 {
 if ( iConfiguration.iFailedAttempts > 0 )
 {
 iConfiguration.iFailedAttempts = 0;
-Dprint( (_L("CSCPServer::IsCorrectEnhCode():KErrAccessDenied: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts ));
+Dprint( (_L("CSCPServer::IsCorrectEnhCode():: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts ));
 writeSetup = ETrue;
 }
 }
 else
 {
 else
 {
 ret = KErrAccessDenied;
 iConfiguration.iFailedAttempts++;
-Dprint( (_L("CSCPServer::IsCorrectEnhCode():KErrAccessDenied: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts ));
+Dprint( (_L("CSCPServer::IsCorrectEnhCode():@@@: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts ));
 writeSetup = ETrue;
 if ( iConfiguration.iFailedAttempts == KSCPCodeBlockLimit )
 {
+	Dprint( (_L("CSCPServer::IsCorrectEnhCode(): KSCPCodeBlockLimit  ") ));
 // Block the code
 TTime curTime;
 curTime.UniversalTime();
 iConfiguration.iBlockedAtTime.Zero();
 }
 }
 else
 {
 // iConfiguration.iConfigFlag == KSCPConfigInvalid or KSCPConfigUnknown
 // We might be out-of-sync, no idea about the real code.
 // Check if the DOS code hashed from the given code is correct.
 Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Attempting to correct OoS situation.") ));
+if (IsCodeBlocked()) {
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): OOS ->KErrLocked  ") ));
+return KErrLocked;
+}
 TRAP( ret, CheckISACodeL( pswCandidate ) );
-if ( ret == KErrNone )
+if (ret == KErrNone) {
-{
 // OK, we must assume that this is the correct code, since
 // the hashed DOS code is correct. Save the codes, and return OK.
 Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Given code has the correct hash (%d)\
 , saving codes."), ISACode ));
 iConfiguration.iEnhSecCode.Zero();
-iConfiguration.iEnhSecCode.Copy( hashBuf );
+iConfiguration.iEnhSecCode.Copy(hashBuf);
 iConfiguration.iSecCode.Zero();
-iConfiguration.iSecCode.AppendNum( ISACode );
+iConfiguration.iSecCode.AppendNum(ISACode);
 // Unset the invalid configuration flag
 iConfiguration.iConfigFlag = KSCPConfigOK;
 writeSetup = ETrue;
 }
-else
+else {
-{
+ret = KErrAccessDenied;
-Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Given code does not have the \
+iConfiguration.iFailedAttempts++;
-correct hash: ret; %d user enter password: %d"), ret ));
+Dprint( (_L("CSCPServer::IsCorrectEnhCode():@@@: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts ));
-			TRAP( ret, CheckISACodeL( aCode ) );
-			if (ret == KErrNone)
-			{
-				//store this code in our interal storage as it is used as oldpassword while changing at ISA side in next command
-				//ChangeISACodeL.
-				iConfiguration.iSecCode.Zero();
-				iConfiguration.iSecCode.Append( aCode );
-				TRAP(ret,ChangeISACodeL(pswCandidate));
-			}
-			if (ret == KErrNone)
-			{
-			iConfiguration.iEnhSecCode.Zero();
-iConfiguration.iEnhSecCode.Copy( hashBuf );
-iConfiguration.iSecCode.Zero();
-iConfiguration.iSecCode.AppendNum( ISACode );
-// Unset the invalid configuration flag
-iConfiguration.iConfigFlag = KSCPConfigOK;
 writeSetup = ETrue;
-			}
-}
+if (iConfiguration.iFailedAttempts == KSCPCodeBlockLimit) {
-}
+Dprint( (_L("CSCPServer::IsCorrectEnhCode(): KSCPCodeBlockLimit  ") ));
+// Block the code
+TTime curTime;
+curTime.UniversalTime();
+iConfiguration.iBlockedAtTime.Zero();
+iConfiguration.iBlockedAtTime.AppendNum(curTime.Int64());
+// The code will be blocked for now on
+ret = KSCPErrCodeBlockStarted;
+}
+}
+}
 // Write setup if needed
 if ( writeSetup )
 {
+	Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 7  ") ));
 TRAPD( err, iConfiguration.WriteSetupL() );
 if ( err != KErrNone )
 {
 Dprint( (_L("CSCPServer::IsCorrectEnhCode(): WARNING:\
 failed to write configuration: %d"), err ));
 Dprint( (_L("[CSCPServer]-> ParamValue=%d "), aValue));
 TBool lFirstTime(EFalse);
 TInt32 lNumValue (-1);
 TInt32 lNumValDB (-1);
-TInt32 lRetStatus = KErrNone;
+TInt lRetStatus = KErrNone;
 switch(aID) {
+case RTerminalControl3rdPartySession :: ETimeout:
 case RTerminalControl3rdPartySession :: EMaxTimeout:
 case RTerminalControl3rdPartySession :: EPasscodeMinLength:
 case RTerminalControl3rdPartySession :: EPasscodeMaxLength:
 case RTerminalControl3rdPartySession :: EPasscodeRequireUpperAndLower:
 case RTerminalControl3rdPartySession :: EPasscodeRequireCharsAndNumbers:
 lRetStatus = aParamDB->DropValuesL(aID);
 }
 else {
 // Fetch the previous value of the parameter from the private database
 switch(aID) {
+case RTerminalControl3rdPartySession :: ETimeout:
+// No need to fetch previous value for ETimeout since Stronger/Weaker check is not required for it.
+break;
 case RTerminalControl3rdPartySession :: EMaxTimeout:
 case RTerminalControl3rdPartySession :: EPasscodeMinLength:
 case RTerminalControl3rdPartySession :: EPasscodeMaxLength:
 case RTerminalControl3rdPartySession :: EPasscodeRequireUpperAndLower:
 case RTerminalControl3rdPartySession :: EPasscodeRequireCharsAndNumbers:
 lRetStatus = KErrNone;
 // Decision code that verifies if policy is strongest
 switch(aID) {
+case RTerminalControl3rdPartySession :: ETimeout:
+/*
+* No need to check stronger/weaker for ETimeout. The value just has to be maintained in both
+* DB and the CenRep
+*/
+break;
 case RTerminalControl3rdPartySession :: EMaxTimeout:
 case RTerminalControl3rdPartySession :: EPasscodeMaxRepeatedCharacters:
 case RTerminalControl3rdPartySession :: EPasscodeExpiration:
 case RTerminalControl3rdPartySession :: EPasscodeMinChangeTolerance:
 case RTerminalControl3rdPartySession :: EPasscodeMinChangeInterval:
 * from iPluginEventHandler->GetParameters() fails.
 * (WriteToFileL() is called in some destructor when the SCPServer terminates)
 */
 if (lRetStatus == KErrNone) {
 switch (aID) {
+case RTerminalControl3rdPartySession :: ETimeout:
+lRetStatus = SetAutolockPeriodL(TInt(lNumValue));
+Dprint(_L("[CSCPServer]-> After setting ETimeout lRetStatus = %d "), lRetStatus);
+break;
 case RTerminalControl3rdPartySession :: EMaxTimeout:
 iConfiguration.iMaxTimeout = lNumValue;
 lRetStatus = iConfiguration.WriteSetupL();
 Dprint(_L("[CSCPServer]-> After setting EMaxTimeout lRetStatus = %d "), lRetStatus);
 break;
 default:
 TUint16* ptr = const_cast<TUint16*>(aValue.Ptr());
 TPtr valBuf(ptr, aValue.Length(), aValue.Length());
 lRetStatus = iPluginEventHandler->GetParameters().Set(aID, valBuf);
 Dprint(_L("[CSCPServer]-> After setting (%d ) lRetStatus = %d "), aID, lRetStatus);
 lParamIds[lMinTolIndex] = RTerminalControl3rdPartySession :: EPasscodeHistoryBuffer;
 Dprint(_L("[CSCPServer]-> Switching the cleanup order of EPasscodeHistoryBuffer and EPasscodeMinChangeTolerance"));
 Dprint(_L("[CSCPServer]-> Old Index of EPasscodeHistoryBuffer=%d"), lHistBuffIndex);
 Dprint(_L("[CSCPServer]-> Old Index of EPasscodeMinChangeTolerance=%d"), lMinTolIndex);
 }
+/*
+* If both ETimeout and EMaxTimeout are marked for cleanup then interchange the cleanup order of
+* ETimeout and EMaxTimeout since AutoLock (ETimeout) cannot be disabled
+* if MaxAutolock (EMaxTimeout) is still enabled
+*/
+if( lParamIds[0] == RTerminalControl3rdPartySession :: ETimeout &&
+lParamIds[1] == RTerminalControl3rdPartySession :: EMaxTimeout) {
+lParamIds[0] = RTerminalControl3rdPartySession :: EMaxTimeout;
+lParamIds[1] = RTerminalControl3rdPartySession :: ETimeout;
+}
 	}
 for(TInt j=0; j < lCount; j++) {
 TInt lCurrParamID = lParamIds[j];
 lDefValueBuf->Des().Zero();
 lDefValueBuf->Des().Format(_L("%d "), 0);
 // Initialize the default values here...
 switch(lCurrParamID) {
+case RTerminalControl3rdPartySession :: ETimeout:
+// lDefValueBuf already has the default value, 0 initialized...
+lCurrParamID = ESCPAutolockPeriod;
+break;
 case RTerminalControl3rdPartySession :: EMaxTimeout:
 // lDefValueBuf already has the default value, 0 initialized...
 lCurrParamID = ESCPMaxAutolockPeriod;
 break;
 case RTerminalControl3rdPartySession :: EPasscodeMinLength:
 iOverrideForCleanup = ETrue;
 TInt lDesCount = lDesArr.Count();
 for(TInt k=0; k < lDesCount; k++) {
 TRAP(lStatus, lStatus = SetParameterValueL(lCurrParamID, lDesArr[k]->Des(), lAppID));
 if(KErrNone != lStatus) {
 Dprint(_L("[CSCPServer]-> ERROR: Unable to cleanup parameter %d error %d"), lParamIds[j], lStatus);
 lSubOpsFailed = ETrue;
 }
 }
 lDesArr.ResetAndDestroy();
 CleanupStack :: PopAndDestroy(1); // lDesArray
 }
 break;
+case ESCPAutolockPeriod: {
+TInt32 lParamValueDB(0);
+TInt lParamValueCenRep(0);
+TInt32 lCurrParamOwner(0);
+lStatus = lParamDB->GetValueL(RTerminalControl3rdPartySession :: ETimeout, lParamValueDB, lCurrParamOwner);
+if(lStatus != KErrNone) {
+Dprint(_L("[CSCPServer]-> ERROR: Unable to get current value of ETimeout from DB..."));
+lSubOpsFailed = ETrue;
+break;
+}
+lStatus = GetAutolockPeriodL(lParamValueCenRep);
+if(lStatus != KErrNone) {
+Dprint(_L("[CSCPServer]-> ERROR: Unable to get current value of ETimeout from CenRep..."));
+lSubOpsFailed = ETrue;
+break;
+}
+/*
+*  It is possible that AutoLock set from UI is different. In that case internal DB and CenRep
+*  are not in sync. Compare the two values and if they are same assume that the values are in sync.
+*  Limitation is that if the user sets the AutoLock with the same value as set by the current app then
+*  AutoLock will get disabled.
+*
+*/
+if(lParamValueCenRep != lParamValueDB) {
+break;
+}
+}
 default: {
 iOverrideForCleanup = ETrue;
 TRAP(lStatus, lStatus = SetParameterValueL(lCurrParamID, lDefValueBuf->Des(), lAppID));
 iOverrideForCleanup = EFalse;
 // No need to destroy lTmpBuffer, it will be cleaned up by the caller (on cleanup of aParamValArray)
 aParamValArray.AppendL(lTmpBuffer);
 }
 }
-}
+break;
+};
 if(KErrNone != lStatus) {
 Dprint(_L("[CSCPServer]-> ERROR: Unable to cleanup parameter %d error %d"), lParamIds[j], lStatus);
 lSubOpsFailed = ETrue;
 }

branch	RCL_3
changeset 24	13d7c31c74e0
parent 18	2de6635c154b
child 25	b183ec05bd8c