diff -r 4af31167ea77 -r 13d7c31c74e0 terminalsecurity/SCP/SCPServer/src/SCPServer.cpp --- a/terminalsecurity/SCP/SCPServer/src/SCPServer.cpp Thu Jul 15 19:36:11 2010 +0300 +++ b/terminalsecurity/SCP/SCPServer/src/SCPServer.cpp Thu Aug 19 10:44:50 2010 +0300 @@ -129,7 +129,7 @@ // Assign default config flag iConfiguration.iConfigFlag = KSCPConfigUnknown; - iConfiguration.iConfigChecked = EFalse; + // Assign the default codes iConfiguration.iSecCode.Zero(); @@ -169,7 +169,7 @@ //#endif // Assign the default max timeout - iConfiguration.iMaxTimeout = KSCPDefaultMaxTO; + iConfiguration.iMaxTimeout = 0; iConfiguration.iBlockedInOOS = 0; // Read the configuration, overwriting the default values @@ -186,24 +186,8 @@ } - //If Configuration is not validated already, validate it - - if (!iConfiguration.iConfigChecked) - { - TInt valerr = KErrNone; - TRAP( valerr, ValidateConfigurationL( KSCPComplete )); - if (valerr != KErrNone) - { - Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation failed: %d"), valerr )); - } - else - { - Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation Passed"))); - } - } - - - + + Dprint( (_L("CSCPServer::ConstructL(): Connecting to CenRep") )); iALPeriodRep = CRepository::NewL( KCRUidSecuritySettings ); @@ -668,155 +652,91 @@ // void CSCPServer::ValidateConfigurationL( TInt aMode ) { - Dprint( (_L("--> CSCPServer::ValidateConfigurationL()") )); - RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()")); - TInt startupReason(ENormalStartup); - RProperty::Get(KPSUidStartup, KPSStartupReason, startupReason); - Dprint( (_L("CSCPServer::ValidateConfigurationL(): startupReason = %d"), startupReason)); - if((startupReason == ENormalRFSReset)||(startupReason == EDeepRFSReset)||(startupReason == EFirmwareUpdate)||(iConfiguration.iConfigFlag == KSCPConfigUnknown)) - { + if (aMode == KSCPInitial) { + // Return here, must be checked by complete mode + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@@aMode == KSCPInitial ")); + User::Leave(KErrAccessDenied); + } - RMobilePhone::TMobilePassword storedCode; + RMobilePhone::TMobilePassword storedCode; storedCode.Zero(); User::LeaveIfError(GetCode(storedCode)); - - - Dprint( (_L("CSCPServer::ValidateConfigurationL(): Checking code: %s"), storedCode.PtrZ() )); - // Check that the ISA code is stored correctly - TRAPD( err, CheckISACodeL( storedCode ) ); - //Bool for the correction of Defaultlockcode cenrep - TBool lCorrectDefaultlockcode = EFalse; - - Dprint( (_L("CSCPServer::ValidateConfigurationL(): iConfigFlag = %d, iConfigChecked = %d"), iConfiguration.iConfigFlag, iConfiguration.iConfigChecked)); - - if ((iConfiguration.iConfigFlag == KSCPConfigOK) - && (iConfiguration.iConfigChecked) && (err == KErrNone)) - { - // The configuration has already been checked, exit - Dprint( (_L("CSCPServer::ValidateConfigurationL(): Configuration is non-default.") )); - User::Leave( KErrNone ); - } - else if ( aMode == KSCPInitial ) - { - // Return here, must be checked by complete mode - User::Leave( KErrAccessDenied ); - } - - - TInt hashedISAcode; - TSCPSecCode hashedCode; -//#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS -if(FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements)) -{ - /*TInt*/ hashedISAcode = HashISACode( iConfiguration.iEnhSecCode ); - // TSCPSecCode hashedCode; - hashedCode.Zero(); - hashedCode.AppendNum( hashedISAcode ); -} -//#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS - - + TBool isDefaultLockcode = ETrue; + TInt err = KErrNone; - - if (err != KErrNone) - { - lCorrectDefaultlockcode = ETrue; + RMobilePhone::TMobilePassword defaultLockcode; + defaultLockcode.Zero(); + defaultLockcode.Copy(KSCPDefaultSecCode); + if (storedCode.Compare(KSCPDefaultSecCode) == 0) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@config has KSCPDefaultSecCode ")); + TRAP( err, CheckISACodeL( defaultLockcode ) ); + if (err == KErrNone) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA also has KSCPDefaultSecCode ")); + iConfiguration.iConfigFlag = KSCPConfigOK; + isDefaultLockcode = ETrue; } - if ( err == KErrNone ) - { - iConfiguration.iConfigFlag = KSCPConfigOK; - } - else if ( err == KErrAccessDenied ) - { - iConfiguration.iConfigFlag = KSCPConfigInvalid; - } - else if ( err == KErrLocked ) - { - Dprint( (_L("CSCPServer::ValidateConfigurationL(): ISA code locked.") )); + else { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA doesn't has KSCPDefaultSecCode ")); + iConfiguration.iConfigFlag = KSCPConfigInvalid; + iConfiguration.iFailedAttempts++; + isDefaultLockcode = EFalse; } - else - { - Dprint( (_L("CSCPServer::ValidateConfigurationL(): ERROR in validation.") )); + } + else { + RDebug::Print(_L("CSCPServer::CheckISACodeL(): config lock code %s"), storedCode.PtrZ()); + TRAP( err, CheckISACodeL( storedCode ) ); + if (err == KErrNone) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@ISA and config are in SYNC !! ")); + iConfiguration.iConfigFlag = KSCPConfigOK; + isDefaultLockcode = EFalse; } - -//#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS -if(FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements)) -{ - if ( err == KErrNone ) - { - // Check that the codes are in-sync with each other. Especially the default ISA code must - // be changed according to the default enhanced code. - if ( storedCode.Compare( hashedCode ) != 0 ) + else { + iConfiguration.iSecCode.Zero(); + iConfiguration.iSecCode.Append(KSCPDefaultSecCode); + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@May be ISA has KSCPDefaultSecCode ")); + TRAP(err,ChangeISACodeL(storedCode)); + if (err == KErrNone) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()chnaged ISA code with config value ")); + iConfiguration.iConfigFlag = KSCPConfigOK; + isDefaultLockcode = EFalse; + } + else { - Dprint( (_L("CSCPServer::ValidateConfigurationL(): Correct ISA code stored.\ - Changing ISA code to match enhanced code => %d"), hashedISAcode )); - - storedCode.Copy( hashedCode ); - // Change the ISA code to match the hashed code - ChangeISACodeL( storedCode ); + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()it shouldn't reach this :( ")); } } - else if ( ( err == KErrAccessDenied ) && ( storedCode.Compare( hashedCode ) != 0 ) ) - { - // Try again with the hashed code - TRAP( err, CheckISACodeL( hashedCode ) ); - - if ( err == KErrNone ) - { - Dprint( (_L("CSCPServer::ValidateConfigurationL(): Hashed code is correct.\ - Storing hashed code(%d)"), hashedISAcode )); - - if ( StoreCode( hashedCode ) == KErrNone ) - { - iConfiguration.iConfigFlag = KSCPConfigOK; - lCorrectDefaultlockcode = ETrue; - } - } - } + } + + CRepository* repository = CRepository::NewL(KCRUidSCPLockCode); + CleanupStack::PushL(repository); + if (isDefaultLockcode ) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()setting def. lockcode to 12345 ")); + repository->Set(KSCPLockCodeDefaultLockCode, 12345); + } + else { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()setting def. lockcode to 0 ")); + repository->Set(KSCPLockCodeDefaultLockCode, 0); + } + CleanupStack::PopAndDestroy(repository); - //If Correction of Defaultlockcode cenrep is required for the mismatch between Config and ISA - if (lCorrectDefaultlockcode) - { - TInt lDefCode = -1; - CRepository* lRepository = CRepository::NewL(KCRUidSCPLockCode); - CleanupStack::PushL(lRepository); - TInt lRet = lRepository->Get(KSCPLockCodeDefaultLockCode, - lDefCode); - if (lRet == KErrNone && lDefCode != -1) - { - if (lDefCode == 12345) - { - //Although lock code is already set, due to some unexpected condition - //like C drive wipe, cenrep status is wrongly shown. Correcting it here. - lRepository->Set(KSCPLockCodeDefaultLockCode, 0); - Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 0") )); - } - else if (lDefCode == 0) - { - //If only ISA side is formatted, then the lock code on ISA side is default; - //Cenrep status remains wrongly as the lock code is already set. Correcting it here. - lRepository->Set(KSCPLockCodeDefaultLockCode, 12345); - Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 12345") )); - } - } - CleanupStack::PopAndDestroy(lRepository); - } - } -//#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS - //Set the flag to True, after config is validated - iConfiguration.iConfigChecked = ETrue; - - TRAPD( err2, iConfiguration.WriteSetupL() ); - if ( err2 != KErrNone ) - { + TRAP( err, iConfiguration.WriteSetupL() ); + if (err != KErrNone) { Dprint( (_L("CSCPServer::ValidateConfigurationL(): WARNING: failed to write configuration\ - : %d"), err2 )); - } - - User::LeaveIfError( err ); - } - Dprint( (_L("<-- CSCPServer::ValidateConfigurationL()") )); + : %d"), err )); + } + + if (iConfiguration.iConfigFlag == KSCPConfigOK) { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@iConfigFlag == KSCPConfigOK ")); + err = KErrNone; } + else { + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()@iConfigFlag == KErrAccessDenied ")); + err = KErrAccessDenied; + } + + User::LeaveIfError(err); +} + @@ -837,7 +757,10 @@ (void)aCode; #endif // __WINS__ - + + +Dprint( (_L("CSCPServer::CheckISACodeL(): current lock code %s"), aCode.PtrZ() )); +RDebug::Print(_L("CSCPServer::CheckISACodeL(): current lock code %s"), aCode.PtrZ()); RMobilePhone::TMobilePhoneSecurityCode secCodeType; secCodeType = RMobilePhone::ESecurityCodePhonePassword; @@ -873,6 +796,7 @@ { iConfiguration.iBlockedInOOS = 0; Dprint( (_L("CSCPServer::CheckISACodeL():iBlockedInOOS = 0, KErrAccessDenied") )); + RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@iBlockedInOOS = 0, KErrAccessDenie")); } ret = KErrAccessDenied; } @@ -881,17 +805,20 @@ Dprint( (_L("CSCPServer::CheckISACodeL(): ISA code BLOCKED") )); if (ret==KErrGsmSSPasswordAttemptsViolation) { - Dprint( (_L("CSCPServer::CheckISACodeL(): KErrGsmSSPasswordAttemptsViolation") )); + Dprint( (_L("CSCPServer::CheckISACodeL(): KErrGsmSSPasswordAttemptsViolation") )); + RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@KErrGsmSSPasswordAttemptsViolation")); } else { Dprint( (_L("CSCPServer::CheckISACodeL(): KErrLocked") )); + RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@KErrLocked")); } ret = KErrLocked; if (iConfiguration.iBlockedInOOS == 0) { iConfiguration.iBlockedInOOS = 1; Dprint( (_L("CSCPServer::CheckISACodeL():iBlockedInOOS = 1, KSCPErrCodeBlockStarted") )); + RDebug::Print(_L("--> CSCPServer::CheckISACodeL()@@@@@")); ret = KSCPErrCodeBlockStarted; } } @@ -899,6 +826,7 @@ { Dprint( (_L("CSCPServer::CheckISACodeL(): ERROR reply checking ISA code: %d"), status.Int() )); + RDebug::Print(_L("--> CSCPServer::ValidateConfigurationL()")); } } TRAPD( err, iConfiguration.WriteSetupL() ); @@ -1016,6 +944,7 @@ TRAP(err, repository = CRepository :: NewL(KCRUidSCPLockCode)); if(err == KErrNone) { + RDebug::Print(_L("<-- CSCPServer::StoreEnhCode() setting KSCPLockCodeDefaultLockCode to 0")); err = repository->Set(KSCPLockCodeDefaultLockCode, 0); delete repository; } @@ -1351,84 +1280,74 @@ TInt lRetStatus(KErrNone); Dprint(_L("[CSCPServer]-> Initiating branching on parameter...")); - switch ( aID ) - { - case ( ESCPAutolockPeriod ): - // Flow through - case ( ESCPMaxAutolockPeriod ): - { + switch(aID) { + case ESCPAutolockPeriod: + case ESCPMaxAutolockPeriod: { // Convert the value, and set it TInt value; TLex lex(aValue); lRetStatus = lex.Val(value); - if((lRetStatus != KErrNone ) || ( value < 0) || ( value > KSCPAutolockPeriodMaximum )) { lRetStatus = KErrArgument; break; - } + } //Check if the device memory is encrypted or not. TBool encryptionEnabled = IsDeviceMemoryEncrypted(); + CSCPParamDBController* lParamDB = CSCPParamDBController :: NewLC(); // Value OK - if(aID == ESCPMaxAutolockPeriod) - { - if ( encryptionEnabled ) - { - Dprint(_L("Memory is encrypted")); - if (( 0 == value) || value > KMaxAutolockPeriod) - { - Dprint((_L("Denying setting of max auto lock as value is %d"), value)); - User::Leave( KErrPermissionDenied ); - } - - } - else - { + if(aID == ESCPMaxAutolockPeriod) { + if( encryptionEnabled ) { + Dprint(_L("[CSCPServer]-> Memory is encrypted")); + + if(( 0 == value) || value > KMaxAutolockPeriod) { + Dprint((_L("[CSCPServer]-> Denying setting of max auto lock as value is %d"), value)); + User :: Leave( KErrPermissionDenied ); + } + } + else { Dprint(_L("Memory is decrypted, hence no restrictions to max autolock")); - } + } - Dprint(_L("[CSCPServer]-> Branched to ESCPMaxAutolockPeriod...")); - CSCPParamDBController* lParamDB = CSCPParamDBController :: NewLC(); + Dprint(_L("[CSCPServer]-> Branched to ESCPMaxAutolockPeriod...")); lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: EMaxTimeout, aValue, aCallerIdentity, lParamDB); - if(lRetStatus == KErrNone) - { + if(lRetStatus == KErrNone) { // Do we have to change the Autolock period as well? TInt currentALperiod; lRetStatus = GetAutolockPeriodL(currentALperiod); - if(lRetStatus == KErrNone) - { - if((iConfiguration.iMaxTimeout > 0) && ((iConfiguration.iMaxTimeout < currentALperiod) || (currentALperiod == 0))) - { + if(lRetStatus == KErrNone) { + if( (iConfiguration.iMaxTimeout > 0) && + ((iConfiguration.iMaxTimeout < currentALperiod) || + (currentALperiod == 0))) { + Dprint((_L("[CSCPServer]-> Changing AL period to Max. AL period (Current ALP: %d, Max. ALP: %d)"), currentALperiod, value)); - lRetStatus = SetAutolockPeriodL(value); + //lRetStatus = SetAutolockPeriodL(value); + /* + * Call to SetBestPolicyL will not check for Stronger/Weaker. The value of ETimeout just gets stored in + * both the internal DB and the CenRep + */ + lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: ETimeout, aValue, aCallerIdentity, lParamDB); } } - else - { + else { Dprint((_L("[CSCPServer]-> ERROR: Couldn't get the Autolock period: %d"), lRetStatus)); } } + } + // Autolock Period + else { + //Code is commented as it is already taken care by the below condition #1343 irrespective of the drive encryption state. + /* if ( 0 == value ) { + if(encryptionEnabled) { + Dprint(_L("Permission denied!")); + User :: Leave(KErrPermissionDenied); + } + }*/ - CleanupStack :: PopAndDestroy(); //lParamDB - } - - else - { // Autolock Period - - //Code is commented as it is already taken care by the below condition #1343 irrespective of the drive encryption state. - /* if ( 0 == value ) - { - if ( encryptionEnabled ) - { - Dprint(_L("Permission denied!")); - User::Leave( KErrPermissionDenied ); - } - }*/ - Dprint(_L("[CSCPServer]-> Branched to ESCPAutolockPeriod...")); // Check if this value is not allowed by the Max. Autolock period if ((iConfiguration.iMaxTimeout > 0) && ((iConfiguration.iMaxTimeout < value) || (value == 0))) { @@ -1437,13 +1356,20 @@ lRetStatus = KErrArgument; } else { - lRetStatus = SetAutolockPeriodL(value); + //lRetStatus = SetAutolockPeriodL(value); + /* + * Call to SetBestPolicyL will not check for Stronger/Weaker. The value of ETimeout just gets stored in + * both the internal DB and the CenRep + */ + lRetStatus = SetBestPolicyL(RTerminalControl3rdPartySession :: ETimeout, aValue, aCallerIdentity, lParamDB); if(lRetStatus != KErrNone) { Dprint((_L("[CSCPServer]-> ERROR: Couldn't set the Autolock period: %d"), lRetStatus)); } } } + + CleanupStack :: PopAndDestroy(); //lParamDB } break; case ESCPCodeChangePolicy: @@ -2083,13 +2009,13 @@ // TInt CSCPServer::IsCorrectEnhCode( TDes& aCode, TInt aFlags ) { - + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): ") )); if(!FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements)) { return KErrNotSupported; } TInt ret = KErrAccessDenied; - + // Hash the code TBuf hashBuf; hashBuf.Zero(); @@ -2104,14 +2030,17 @@ TBool enhancedCodeMatches = EFalse; if ( hashBuf.Compare( iConfiguration.iEnhSecCode ) == 0 ) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): enh code matches.") )); enhancedCodeMatches = ETrue; } // Check if the code is blocked (don't check if we're out-of-sync) if ( ( iConfiguration.iConfigFlag == KSCPConfigOK ) && ( IsCodeBlocked() ) ) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 1") )); if ( aFlags & KSCPEtelRequest ) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 2") )); // Check if the code is correct if ( enhancedCodeMatches ) { @@ -2125,6 +2054,7 @@ else { // OK, the code is already invalid + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 3") )); SendInvalidDOSCode( pswCandidate ); } } @@ -2137,6 +2067,7 @@ { // Normal situation: we have the correct code stored. // Compare the hashes (hashing error will result in EFalse ) + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 4") )); if ( enhancedCodeMatches ) { ret = KErrNone; @@ -2144,6 +2075,7 @@ if ( aFlags & KSCPEtelRequest ) { // Send the correct code to DOS side + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 5") )); TRAP( ret, CheckISACodeL( pswCandidate ) ); } @@ -2152,7 +2084,7 @@ if ( iConfiguration.iFailedAttempts > 0 ) { iConfiguration.iFailedAttempts = 0; - Dprint( (_L("CSCPServer::IsCorrectEnhCode():KErrAccessDenied: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts )); + Dprint( (_L("CSCPServer::IsCorrectEnhCode():: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts )); writeSetup = ETrue; } } @@ -2167,11 +2099,12 @@ ret = KErrAccessDenied; iConfiguration.iFailedAttempts++; - Dprint( (_L("CSCPServer::IsCorrectEnhCode():KErrAccessDenied: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts )); + Dprint( (_L("CSCPServer::IsCorrectEnhCode():@@@: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts )); writeSetup = ETrue; if ( iConfiguration.iFailedAttempts == KSCPCodeBlockLimit ) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): KSCPCodeBlockLimit ") )); // Block the code TTime curTime; curTime.UniversalTime(); @@ -2192,63 +2125,60 @@ else { // iConfiguration.iConfigFlag == KSCPConfigInvalid or KSCPConfigUnknown - + // We might be out-of-sync, no idea about the real code. // Check if the DOS code hashed from the given code is correct. Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Attempting to correct OoS situation.") )); - + if (IsCodeBlocked()) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): OOS ->KErrLocked ") )); + return KErrLocked; + } TRAP( ret, CheckISACodeL( pswCandidate ) ); - if ( ret == KErrNone ) - { + if (ret == KErrNone) { // OK, we must assume that this is the correct code, since // the hashed DOS code is correct. Save the codes, and return OK. Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Given code has the correct hash (%d)\ , saving codes."), ISACode )); - + iConfiguration.iEnhSecCode.Zero(); - iConfiguration.iEnhSecCode.Copy( hashBuf ); + iConfiguration.iEnhSecCode.Copy(hashBuf); iConfiguration.iSecCode.Zero(); - iConfiguration.iSecCode.AppendNum( ISACode ); - + iConfiguration.iSecCode.AppendNum(ISACode); + // Unset the invalid configuration flag iConfiguration.iConfigFlag = KSCPConfigOK; writeSetup = ETrue; - } - else - { - - Dprint( (_L("CSCPServer::IsCorrectEnhCode(): Given code does not have the \ - correct hash: ret; %d user enter password: %d"), ret )); - TRAP( ret, CheckISACodeL( aCode ) ); - if (ret == KErrNone) - { - //store this code in our interal storage as it is used as oldpassword while changing at ISA side in next command - //ChangeISACodeL. - iConfiguration.iSecCode.Zero(); - iConfiguration.iSecCode.Append( aCode ); - TRAP(ret,ChangeISACodeL(pswCandidate)); - } - if (ret == KErrNone) - { - iConfiguration.iEnhSecCode.Zero(); - iConfiguration.iEnhSecCode.Copy( hashBuf ); + } + else { + ret = KErrAccessDenied; + + iConfiguration.iFailedAttempts++; + Dprint( (_L("CSCPServer::IsCorrectEnhCode():@@@: iFailedAttempts (%d)."), iConfiguration.iFailedAttempts )); + writeSetup = ETrue; - iConfiguration.iSecCode.Zero(); - iConfiguration.iSecCode.AppendNum( ISACode ); - - // Unset the invalid configuration flag - iConfiguration.iConfigFlag = KSCPConfigOK; - writeSetup = ETrue; - } + if (iConfiguration.iFailedAttempts == KSCPCodeBlockLimit) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): KSCPCodeBlockLimit ") )); + // Block the code + TTime curTime; + curTime.UniversalTime(); + + iConfiguration.iBlockedAtTime.Zero(); + iConfiguration.iBlockedAtTime.AppendNum(curTime.Int64()); + + // The code will be blocked for now on + ret = KSCPErrCodeBlockStarted; } } + + } // Write setup if needed if ( writeSetup ) { + Dprint( (_L("CSCPServer::IsCorrectEnhCode(): 7 ") )); TRAPD( err, iConfiguration.WriteSetupL() ); if ( err != KErrNone ) { @@ -2667,9 +2597,10 @@ TBool lFirstTime(EFalse); TInt32 lNumValue (-1); TInt32 lNumValDB (-1); - TInt32 lRetStatus = KErrNone; + TInt lRetStatus = KErrNone; switch(aID) { + case RTerminalControl3rdPartySession :: ETimeout: case RTerminalControl3rdPartySession :: EMaxTimeout: case RTerminalControl3rdPartySession :: EPasscodeMinLength: case RTerminalControl3rdPartySession :: EPasscodeMaxLength: @@ -2711,6 +2642,9 @@ else { // Fetch the previous value of the parameter from the private database switch(aID) { + case RTerminalControl3rdPartySession :: ETimeout: + // No need to fetch previous value for ETimeout since Stronger/Weaker check is not required for it. + break; case RTerminalControl3rdPartySession :: EMaxTimeout: case RTerminalControl3rdPartySession :: EPasscodeMinLength: case RTerminalControl3rdPartySession :: EPasscodeMaxLength: @@ -2779,6 +2713,12 @@ // Decision code that verifies if policy is strongest switch(aID) { + case RTerminalControl3rdPartySession :: ETimeout: + /* + * No need to check stronger/weaker for ETimeout. The value just has to be maintained in both + * DB and the CenRep + */ + break; case RTerminalControl3rdPartySession :: EMaxTimeout: case RTerminalControl3rdPartySession :: EPasscodeMaxRepeatedCharacters: case RTerminalControl3rdPartySession :: EPasscodeExpiration: @@ -2832,11 +2772,17 @@ */ if (lRetStatus == KErrNone) { switch (aID) { + case RTerminalControl3rdPartySession :: ETimeout: + lRetStatus = SetAutolockPeriodL(TInt(lNumValue)); + Dprint(_L("[CSCPServer]-> After setting ETimeout lRetStatus = %d "), lRetStatus); + break; + case RTerminalControl3rdPartySession :: EMaxTimeout: iConfiguration.iMaxTimeout = lNumValue; lRetStatus = iConfiguration.WriteSetupL(); Dprint(_L("[CSCPServer]-> After setting EMaxTimeout lRetStatus = %d "), lRetStatus); break; + default: TUint16* ptr = const_cast(aValue.Ptr()); TPtr valBuf(ptr, aValue.Length(), aValue.Length()); @@ -2931,14 +2877,31 @@ Dprint(_L("[CSCPServer]-> Old Index of EPasscodeHistoryBuffer=%d"), lHistBuffIndex); Dprint(_L("[CSCPServer]-> Old Index of EPasscodeMinChangeTolerance=%d"), lMinTolIndex); } + + /* + * If both ETimeout and EMaxTimeout are marked for cleanup then interchange the cleanup order of + * ETimeout and EMaxTimeout since AutoLock (ETimeout) cannot be disabled + * if MaxAutolock (EMaxTimeout) is still enabled + */ + if( lParamIds[0] == RTerminalControl3rdPartySession :: ETimeout && + lParamIds[1] == RTerminalControl3rdPartySession :: EMaxTimeout) { + + lParamIds[0] = RTerminalControl3rdPartySession :: EMaxTimeout; + lParamIds[1] = RTerminalControl3rdPartySession :: ETimeout; + } } for(TInt j=0; j < lCount; j++) { TInt lCurrParamID = lParamIds[j]; lDefValueBuf->Des().Zero(); lDefValueBuf->Des().Format(_L("%d "), 0); + // Initialize the default values here... switch(lCurrParamID) { + case RTerminalControl3rdPartySession :: ETimeout: + // lDefValueBuf already has the default value, 0 initialized... + lCurrParamID = ESCPAutolockPeriod; + break; case RTerminalControl3rdPartySession :: EMaxTimeout: // lDefValueBuf already has the default value, 0 initialized... lCurrParamID = ESCPMaxAutolockPeriod; @@ -2967,6 +2930,7 @@ for(TInt k=0; k < lDesCount; k++) { TRAP(lStatus, lStatus = SetParameterValueL(lCurrParamID, lDesArr[k]->Des(), lAppID)); + if(KErrNone != lStatus) { Dprint(_L("[CSCPServer]-> ERROR: Unable to cleanup parameter %d error %d"), lParamIds[j], lStatus); lSubOpsFailed = ETrue; @@ -2980,6 +2944,40 @@ CleanupStack :: PopAndDestroy(1); // lDesArray } break; + + case ESCPAutolockPeriod: { + TInt32 lParamValueDB(0); + TInt lParamValueCenRep(0); + TInt32 lCurrParamOwner(0); + + lStatus = lParamDB->GetValueL(RTerminalControl3rdPartySession :: ETimeout, lParamValueDB, lCurrParamOwner); + + if(lStatus != KErrNone) { + Dprint(_L("[CSCPServer]-> ERROR: Unable to get current value of ETimeout from DB...")); + lSubOpsFailed = ETrue; + break; + } + + lStatus = GetAutolockPeriodL(lParamValueCenRep); + + if(lStatus != KErrNone) { + Dprint(_L("[CSCPServer]-> ERROR: Unable to get current value of ETimeout from CenRep...")); + lSubOpsFailed = ETrue; + break; + } + + /* + * It is possible that AutoLock set from UI is different. In that case internal DB and CenRep + * are not in sync. Compare the two values and if they are same assume that the values are in sync. + * Limitation is that if the user sets the AutoLock with the same value as set by the current app then + * AutoLock will get disabled. + * + */ + if(lParamValueCenRep != lParamValueDB) { + break; + } + } + default: { iOverrideForCleanup = ETrue; TRAP(lStatus, lStatus = SetParameterValueL(lCurrParamID, lDefValueBuf->Des(), lAppID)); @@ -2996,7 +2994,8 @@ aParamValArray.AppendL(lTmpBuffer); } } - } + break; + }; if(KErrNone != lStatus) { Dprint(_L("[CSCPServer]-> ERROR: Unable to cleanup parameter %d error %d"), lParamIds[j], lStatus);