|
1 /* |
|
2 * Copyright (c) 2003-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: The VPN API allows Symbian OS applications and servers |
|
15 * to perform VPN-specific operations. |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 #include "vpnapi.h" |
|
21 #include "vpnmanagerserverdefs.h" |
|
22 #include "clistatic.h" |
|
23 |
|
24 EXPORT_C RVpnServ::RVpnServ() : RSessionBase() |
|
25 /** |
|
26 * Constructor |
|
27 */ |
|
28 { |
|
29 } |
|
30 |
|
31 EXPORT_C TInt RVpnServ::Connect() |
|
32 /** |
|
33 * Opens a connection (session) to the VPN Manager server. |
|
34 * |
|
35 * @return KErrNone if the connection succeeds, a system-wide error code |
|
36 * if not. |
|
37 */ |
|
38 { |
|
39 const TInt KVpnManagerServerStackSize = 0x4000; |
|
40 const TInt KVpnManagerServerInitHeapSize = 0x1000; |
|
41 const TInt KVpnManagerServerMaxHeapSize = 0x1000000; |
|
42 |
|
43 TInt retry = 2; |
|
44 |
|
45 for (;;) |
|
46 { |
|
47 TInt r=CreateSession(KVpnManagerServer, |
|
48 Version(), |
|
49 KDefaultMessageSlots); |
|
50 |
|
51 if (r!=KErrNotFound && r!=KErrServerTerminated) |
|
52 return r; |
|
53 if (--retry==0) |
|
54 return r; |
|
55 r = Launcher::LaunchServer(KVpnManagerServer, KVpnManagerFile, |
|
56 KVpnManagerUid3, KVpnManagerServerInitHeapSize, |
|
57 KVpnManagerServerMaxHeapSize, KVpnManagerServerStackSize); |
|
58 |
|
59 if (r!=KErrNone && r!=KErrAlreadyExists) |
|
60 return r; |
|
61 } |
|
62 } |
|
63 |
|
64 EXPORT_C void RVpnServ::Close() |
|
65 /** |
|
66 * Closes the connection (session) to the VPN Manager server. |
|
67 */ |
|
68 { |
|
69 RSessionBase::Close(); |
|
70 } |
|
71 |
|
72 EXPORT_C TVersion RVpnServ::Version() const |
|
73 /** |
|
74 * Returns the version of the server with which this client is compatible. |
|
75 * |
|
76 * @return The version |
|
77 */ |
|
78 { |
|
79 return TVersion(KVpnManagerMajorVersionNumber, |
|
80 KVpnManagerMinorVersionNumber, |
|
81 KVpnManagerBuildVersionNumber); |
|
82 } |
|
83 |
|
84 EXPORT_C void RVpnServ::ImportPolicy(const TDesC& aDir, TRequestStatus& aStatus) |
|
85 /** |
|
86 * Imports one or more VPN policies to the policy store |
|
87 * maintained by the VPN Manager. |
|
88 * |
|
89 * The files that constitute the VPN policies are assumed |
|
90 * to reside in the specified directory. For each policy, |
|
91 * the files are: |
|
92 * <ol> |
|
93 * <li>Policy file (REQUIRED)</li> |
|
94 * <li>Policy information file (REQUIRED)</li> |
|
95 * <li>CA certificate files (REQUIRED)</li> |
|
96 * <li>Client/user private key and certificate files (OPTIONAL)</li> |
|
97 * <li>Gateway (peer) certificate files</li> |
|
98 * </ol> |
|
99 * |
|
100 * The files must follow a certain naming convention and |
|
101 * utilize certain file formats. The naming convention and the file |
|
102 * formats are specified in a separate document. |
|
103 * |
|
104 * The policies in this case can refer to the CA certificates |
|
105 * via a BIN type reference (i.e. a certificate file name). |
|
106 * If they do, certificates with the specified names must be |
|
107 * imported at the same time with the policy. |
|
108 * |
|
109 * The policy being imported can be marked as hidden by |
|
110 * including the value of the KHiddenPolicyIndicator constant |
|
111 * (defined in vpnapidefs.h) in the description section of policy |
|
112 * informationation file. |
|
113 * |
|
114 * The return value is returned in the aStatus argument |
|
115 * when the request completes. This can be one of: |
|
116 * |
|
117 * <ol> |
|
118 * <li>KErrNone The import was successful</li> |
|
119 * <li>\<VpnError\> A VPN error code if the import fails for some |
|
120 * identified reason</li> |
|
121 * <li>\<SystemError\> A system-wide error code if an out-of-resource |
|
122 * error occurred while processing the request</li> |
|
123 * </ol> |
|
124 * |
|
125 * @param aDir An absolute path to a directory that contains the |
|
126 * files that constitute the VPN policy. NOTE. As this method is |
|
127 * asynchronous, this reference must point to a variable that |
|
128 * remains valid until this method is complete (i.e. it cannot be |
|
129 * e.g. a local variable of the calling method) |
|
130 * @param aStatus [out] A reference to the standard request status |
|
131 * object. On request completion, contains the return code of the request. |
|
132 * |
|
133 */ |
|
134 { |
|
135 SendReceive(EVpnImportPolicy, TIpcArgs(&aDir), aStatus); |
|
136 } |
|
137 |
|
138 EXPORT_C void RVpnServ::CancelImport() |
|
139 /** |
|
140 * Cancels an ongoing policy import operation. |
|
141 */ |
|
142 { |
|
143 SendReceive(EVpnCancelImport, TIpcArgs(NULL)); |
|
144 } |
|
145 |
|
146 EXPORT_C TInt RVpnServ::EnumeratePolicies(TInt& aCount) |
|
147 /** |
|
148 * Returns the number of installed, visible VPN policies. |
|
149 * Policies marked as hidden (by including the |
|
150 * KHiddenPolicyIndicator in the iDescription policy details |
|
151 * field) are not included in the count. |
|
152 * |
|
153 * @param aCount [out] The policy count |
|
154 * |
|
155 * @return KErrNone, if the request was processed successfully; |
|
156 * \<SystemError\> A system-wide error code if the request |
|
157 * failed for some unexpected reason. |
|
158 */ |
|
159 { |
|
160 TPckg<TInt> pckgPolicyCount(aCount); |
|
161 |
|
162 return SendReceive(EVpnEnumeratePolicies, TIpcArgs(&pckgPolicyCount)); |
|
163 } |
|
164 |
|
165 EXPORT_C TInt RVpnServ::GetPolicyInfoList(CArrayFixFlat<TVpnPolicyInfo>* aPolicyInfoList) |
|
166 /** |
|
167 * Fills the given list with information about the installed, visible |
|
168 * policies. The method resizes the list according to the number of |
|
169 * installed policies. Policies marked as hidden (by including the |
|
170 * KHiddenPolicyIndicator in the iDescription policy details field) |
|
171 * are not included in the listing. |
|
172 * |
|
173 * @param aPolicyInfoList A reference to a pointer to a list |
|
174 * of policy information structures. |
|
175 * |
|
176 * @return \<SystemError\> A system-wide error code if the request |
|
177 * failed for some unexpected reason. |
|
178 */ |
|
179 { |
|
180 TInt ret = KErrNone; |
|
181 |
|
182 // Get the current policy count |
|
183 TInt policyCount; |
|
184 ret = EnumeratePolicies(policyCount); |
|
185 if (ret != KErrNone) |
|
186 { |
|
187 return ret; |
|
188 } |
|
189 |
|
190 // If there are no policies, we can stop here |
|
191 if (policyCount == 0) |
|
192 { |
|
193 return KErrNone; |
|
194 } |
|
195 |
|
196 // Make sure that the (client-side) policy |
|
197 // info array has the correct size |
|
198 TRAP(ret, aPolicyInfoList->ResizeL(policyCount)); |
|
199 if (ret != KErrNone) |
|
200 { |
|
201 return ret; |
|
202 } |
|
203 |
|
204 // Create a writable descriptor in this thread's address space |
|
205 // where the server will write the policy information list |
|
206 TPtr8 policyList((TUint8*)&aPolicyInfoList->At(0), policyCount * aPolicyInfoList->Length()); |
|
207 |
|
208 return SendReceive(EVpnGetPolicyInfo, TIpcArgs(policyCount, &policyList)); |
|
209 } |
|
210 |
|
211 EXPORT_C TInt RVpnServ::GetPolicyDetails(const TVpnPolicyId& aPolicyId, TVpnPolicyDetails& aPolicyDetails) |
|
212 /** |
|
213 * Returns detailed information about the specified policy. |
|
214 * |
|
215 * @param aPolicyId The ID of the policy to return information |
|
216 * about |
|
217 * @param aPolicyDetails [out] Detailed policy information |
|
218 * |
|
219 * @return KErrNone, if the request was processed successfully; |
|
220 * KVpnErrPolicyNotFound, if the specified policy was not found; |
|
221 * \<SystemError\> A system-wide error code if the request |
|
222 * failed for some unexpected reason. |
|
223 */ |
|
224 { |
|
225 TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId); |
|
226 TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails); |
|
227 |
|
228 return SendReceive(EVpnGetPolicyDetails, TIpcArgs(&pckgPolicyId, &pckgPolicyDetails)); |
|
229 } |
|
230 |
|
231 EXPORT_C TInt RVpnServ::DeletePolicy(const TVpnPolicyId& aPolicyId) |
|
232 /** |
|
233 * Deletes the specified policy from the VPN policy store |
|
234 * maintained by the VPN Manager. |
|
235 * |
|
236 * NOTE. The policy is deleted even if its active. |
|
237 * |
|
238 * @param aPolicyId The ID of the policy to delete |
|
239 * |
|
240 * @return KErrNone, if the request was processed successfully; |
|
241 * KVpnErrPolicyNotFound, if the policy was not found; |
|
242 * \<SystemError\> A system-wide error code if the request |
|
243 * failed for some unexpected reason. |
|
244 */ |
|
245 { |
|
246 TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId); |
|
247 |
|
248 return SendReceive(EVpnDeletePolicy, TIpcArgs(&pckgPolicyId)); |
|
249 } |
|
250 |
|
251 EXPORT_C void RVpnServ::ChangePassword(const TPckg<TVpnPolicyId>& aPolicyId, TRequestStatus& aStatus) |
|
252 /** |
|
253 * Initiates a user dialogue for changing the password that is used |
|
254 * to protect the private keys associated with the installed VPN |
|
255 * policies. |
|
256 * |
|
257 * The return value is returned in the aStatus argument |
|
258 * when the request completes. This can be one of: |
|
259 * <ol> |
|
260 * <li>KErrNone, if the request was processed successfully</li> |
|
261 * <li>\<SystemError\> A system-wide error code if the request |
|
262 * failed for some unexpected reason</li> |
|
263 * </ol> |
|
264 * |
|
265 * |
|
266 * @param aPolicyId The ID of the policy whose associated key |
|
267 * protection password is to be changed (NOTE 1. this parameter has |
|
268 * no effect at the moment as all private keys are protected with |
|
269 * the same password. NOTE 2: As this method is asynchronous, this |
|
270 * reference must point to a variable that remains valid until this |
|
271 * method is complete (i.e. it cannot be e.g. a local variable of |
|
272 * the calling method)) |
|
273 * |
|
274 * @param aStatus [out] A reference to the standard request status |
|
275 * object. On request completion, contains the return code of the request. |
|
276 * |
|
277 */ |
|
278 { |
|
279 SendReceive(EVpnChangePassword, TIpcArgs(&aPolicyId), aStatus); |
|
280 } |
|
281 |
|
282 EXPORT_C void RVpnServ::CancelChange() |
|
283 /** |
|
284 * Cancels an ongoing password changing operation. |
|
285 */ |
|
286 { |
|
287 SendReceive(EVpnCancelChange, TIpcArgs(NULL)); |
|
288 } |
|
289 |
|
290 EXPORT_C TInt RVpnServ::GetPolicyData(const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData) |
|
291 /** |
|
292 * Returns policy data. |
|
293 */ |
|
294 { |
|
295 TInt ret = KErrNone; |
|
296 TRAP(ret, DoGetPolicyDataL(aPolicyId, aPolicyData)); |
|
297 return ret; |
|
298 } |
|
299 |
|
300 void RVpnServ::DoGetPolicyDataL(const TVpnPolicyId& aPolicyId, HBufC8*& aPolicyData) |
|
301 { |
|
302 TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId); |
|
303 |
|
304 // First get the policy size |
|
305 TInt policySize; |
|
306 TPckg<TInt> policySizePckg(policySize); |
|
307 |
|
308 User::LeaveIfError(SendReceive(EVpnGetPolicySize, TIpcArgs(&pckgPolicyId, &policySizePckg))); |
|
309 |
|
310 // Allocate a buffer to hold the policy data |
|
311 HBufC8* policyData = HBufC8::NewL(policySize); |
|
312 CleanupStack::PushL(policyData); |
|
313 |
|
314 TPtr8 policyDataPtr = policyData->Des(); |
|
315 |
|
316 // Fetch the policy data |
|
317 User::LeaveIfError(SendReceive(EVpnGetPolicyData, TIpcArgs(&pckgPolicyId, &policySizePckg, &policyDataPtr))); |
|
318 |
|
319 aPolicyData = policyData; |
|
320 |
|
321 CleanupStack::Pop(); // policyData |
|
322 } |
|
323 |
|
324 // Additions to make it easier to implement OMA DM based VPN policy management |
|
325 |
|
326 EXPORT_C TInt RVpnServ::AddPolicy(TVpnPolicyDetails& aPolicyDetails, const TDesC8& aPolicyData) |
|
327 /** |
|
328 * Adds a new VPN policy to the policy store maintained by the |
|
329 * VPN Manager. |
|
330 * |
|
331 * The policy details in this case CAN include a (globally |
|
332 * unique) policy ID for the policy. This policy ID is defined |
|
333 * by the policy author according to the author's own rules. |
|
334 * This is the ID that becomes also the local ID of the policy. |
|
335 * In other words, a single global ID is used to identify a |
|
336 * policy both inside and outside the device. |
|
337 * If a policy with the specified ID already exists in the |
|
338 * policy store, the method returns KErrAlreadyExists. |
|
339 * If the policy ID is missing from policy details argument on |
|
340 * input, a globally unique ID is automatically created for the |
|
341 * policy. This ID is placed in the policy details argument on |
|
342 * output. |
|
343 * |
|
344 * The policy details must also include a non-empty policy name. |
|
345 * If a name is missing, the method returns KErrArgument. |
|
346 * If the proposed policy name is already in use, a sequence number |
|
347 * is added to the policy name. The new policy name is placed in |
|
348 * the policy details argument on output. |
|
349 * |
|
350 * The policy data argument contains the policy content in the |
|
351 * text format described in separate VPN policy format documentation. |
|
352 * If the policy data argument is empty, the method returns the |
|
353 * KErrArgument error code. The policy data does not include any |
|
354 * PKI objects, as the assumption is that the PKI data associated |
|
355 * with the policy is placed in the device's PKI store via some |
|
356 * other mechanism and APIs. The policy in this case must refer to |
|
357 * the CA certificates via some other reference type than BIN |
|
358 * (file reference). BIN type references are supported only when |
|
359 * policies are imported to the policy store with the ImportPolicy |
|
360 * method. All supported reference types are described in the IKE |
|
361 * policy format documentation. |
|
362 * |
|
363 * The policy being added can be marked as hidden by |
|
364 * including the descriptor KHiddenPolicyIndicator in the |
|
365 * iDescription field of the policy details argument. |
|
366 * The policy is assumed to be visible if the iDescription |
|
367 * field does not contain the KHiddenPolicyIndicator |
|
368 * descriptor. |
|
369 * |
|
370 * @param aPolicyDetails Details (metadata) about the policy |
|
371 * @param aPolicyData The policy data (content) |
|
372 * |
|
373 * @return KErrNone if the addition was successful; |
|
374 * KErrArgument, if the policy ID is missing from policy details; |
|
375 * \<VpnError\> A VPN error code if the addition fails for some |
|
376 * identified reason; |
|
377 * \<SystemError\> A system-wide error code if an out-of-resource |
|
378 * error occurred while processing the request. |
|
379 */ |
|
380 { |
|
381 TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails); |
|
382 |
|
383 return SendReceive(EVpnAddPolicy, TIpcArgs(&pckgPolicyDetails, &aPolicyData)); |
|
384 } |
|
385 |
|
386 EXPORT_C TInt RVpnServ::UpdatePolicyDetails(TVpnPolicyDetails& aPolicyDetails) |
|
387 /** |
|
388 * Updates the details of the specified VPN policy. |
|
389 * The ID of the policy whose details are to be |
|
390 * updated is specified in the policy details |
|
391 * argument. If the ID is missing, the method returns |
|
392 * KErrArgument. If a policy with the specified ID |
|
393 * cannot be found, the method returns KVpnErrPolicyNotFound. |
|
394 * |
|
395 * The policy details must include a non-empty policy name. |
|
396 * If a name is missing, the method returns KErrArgument. |
|
397 * If the policy details contain a new name for the policy, |
|
398 * the new name is checked agains existing other policy names. |
|
399 * If the name is already in use, a sequence number is added |
|
400 * to the policy name. The new policy name is placed in the |
|
401 * policy details argument on output. |
|
402 * |
|
403 * The policy being updated can be marked as hidden by |
|
404 * including the descriptor KHiddenPolicyIndicator in the |
|
405 * iDescription field of the policy details argument. |
|
406 * The policy is assumed to be visible if the iDescription |
|
407 * field does not contain the KHiddenPolicyIndicator |
|
408 * descriptor. |
|
409 * |
|
410 * @param aPolicyDetails Detailed policy information |
|
411 * |
|
412 * @return KErrNone, if the update was successful; |
|
413 * \<VpnError\> A VPN error code if the addition fails for some |
|
414 * identified reason; |
|
415 * \<SystemError\> A system-wide error code if an out-of-resource |
|
416 * error occurred while processing the request. |
|
417 * |
|
418 */ |
|
419 { |
|
420 TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails); |
|
421 |
|
422 return SendReceive(EVpnUpdatePolicyDetails, TIpcArgs(&pckgPolicyDetails)); |
|
423 } |
|
424 |
|
425 EXPORT_C TInt RVpnServ::UpdatePolicyDetails(const TVpnPolicyDetails& aPolicyDetails) |
|
426 /** |
|
427 * Updates the details of the specified VPN policy. |
|
428 * The ID of the policy whose details are to be |
|
429 * updated is specified in the policy details |
|
430 * argument. If the ID is missing, the method returns |
|
431 * KErrArgument. If a policy with the specified ID |
|
432 * cannot be found, the method returns KVpnErrPolicyNotFound. |
|
433 * |
|
434 * The policy details must include a non-empty policy name. |
|
435 * If a name is missing, the method returns KErrArgument. |
|
436 * If the policy details contain a new name for the policy, |
|
437 * the new name is checked agains existing other policy names. |
|
438 * If the name is already in use, a sequence number is added |
|
439 * to the policy name. The new policy name is placed in the |
|
440 * policy details argument on output. |
|
441 * |
|
442 * The policy being updated can be marked as hidden by |
|
443 * including the descriptor KHiddenPolicyIndicator in the |
|
444 * iDescription field of the policy details argument. |
|
445 * The policy is assumed to be visible if the iDescription |
|
446 * field does not contain the KHiddenPolicyIndicator |
|
447 * descriptor. |
|
448 * |
|
449 * @param aPolicyDetails Detailed policy information |
|
450 * |
|
451 * @return KErrNone, if the update was successful; |
|
452 * \<VpnError\> A VPN error code if the addition fails for some |
|
453 * identified reason; |
|
454 * \<SystemError\> A system-wide error code if an out-of-resource |
|
455 * error occurred while processing the request. |
|
456 */ |
|
457 { |
|
458 TPckg<TVpnPolicyDetails> pckgPolicyDetails(aPolicyDetails); |
|
459 |
|
460 return SendReceive(EVpnUpdatePolicyDetails, TIpcArgs(&pckgPolicyDetails)); |
|
461 } |
|
462 |
|
463 |
|
464 EXPORT_C TInt RVpnServ::UpdatePolicyData(const TVpnPolicyId& aPolicyId, const TDesC8& aPolicyData) |
|
465 /** |
|
466 * Updates the data of the specified VPN policy. If a policy with the |
|
467 * specified ID cannot be found, the method returns the |
|
468 * KVpnErrPolicyNotFound error code. If the policy ID or data argument |
|
469 * is empty, the method returns the KErrArgument error code. |
|
470 * |
|
471 * @param aPolicyId The ID of the policy to update |
|
472 * @param aPolicyData The policy data |
|
473 * |
|
474 * @return KErrNone, if the update was successful; |
|
475 * \<VpnError\> A VPN error code if the update fails for some |
|
476 * identified reason; |
|
477 * \<SystemError\> A system-wide error code if an out-of-resource |
|
478 * error occurred while processing the request. |
|
479 */ |
|
480 { |
|
481 TPckg<TVpnPolicyId> pckgPolicyId(aPolicyId); |
|
482 |
|
483 return SendReceive(EVpnUpdatePolicyData, TIpcArgs(&pckgPolicyId, &aPolicyData)); |
|
484 } |