1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 //

    15 

    16 /**

    17  @file

    18  @internalTechnology

    19 */

    20 #ifndef __btmanserversecuritypolicy_h__

    21 #define __btmanserversecuritypolicy_h__

    22 

    23 const TUint KBtmanServerRangeCount = 17;

    24 

    25 /**

    26 N.B.

    27 1.) Functions labelled 'Always fail' are not supported by BTManServer currently.

    28 2.) Functions labelled 'Always pass' can only be issued once a valid sessionhandle is obtained

    29     (EBTManCreateRegistrySubSession), in which case we know that the client has the 

    30     LocalServices capability so we do not have to check capabilties again.

    31 3.) All other Functions are labelled with the capability that is required to execute them.

    32 **/

    33 

    34 const TInt KBtmanServerRanges[KBtmanServerRangeCount] = 

    35 	{

    36 	EBTManCreateHostResolverSubSession,	//	0	=	Alway fail

    37 	EBTManCreateRegistrySubSession,		//	1	=	Local Services

    38 	EBTManRegistrySearch,				//	2	=	Always pass

    39 	EBTRegistryRetrieveDevice,			//	3	=	Always fail

    40 	EBTRegistryAddDevice,				//	4	=	Always pass

    41 	EBTRegistryModifyBluetoothName,		//	5	=	Write Device Data

    42 	EBTRegistryModifyFriendlyName,		//	6	=	Always pass

    43 	EBTRegistryModifyNamelessDevice,	//	7	=	Write Device Data

    44 	EBTRegistryDeleteDevices,			//	8	=	Always pass

    45 	EBTRegistryDeleteLinkKey,			//	9	=	Write Device Data

    46 	EBTRegistryCloseView,				//	10	=	Always pass

    47 	EBTRegistryUpdateLocalDevice,		//	11	=	Write Device Data

    48 	EBTRegistryGetCommPortSettings,		//	12	=	Always pass

    49 	EBTHostResolverDeviceRequest,		//	13	=	Always fail

    50 	EBTManSetHeapFailure,				//	14	=	Local Services

    51 	EBTRegistryNotifyViewChange,		//	15	=	Always pass

    52 	//	If new function enums are added, the following value needs to

    53 	//	increase to be <last function number> + 1.

    54 	//	This defines a final range that extends from the first invalid

    55 	//	function number to KMaxTInt, and protects against attempts to

    56 	//	attack the server with invalid functions.

    57 	EBTRegistryNotifyViewChange + 1		//  16	=	CPolicyServer::ENotSupported for all other fns.

    58 	};

    59 

    60 

    61 

    62 /** Index numbers into KBtmanServerElements[] */

    63 const TInt policyAlwaysFail 					=	0;

    64 const TInt policyLocalServices 					=	1;

    65 const TInt policyAlwaysPass						=	2;

    66 const TInt policyWriteDeviceData				=	3;

    67 

    68 /**Mapping IPCs to policy element */

    69 const TUint8 KBtmanServerElementsIndex[KBtmanServerRangeCount] = 

    70 	{

    71 	policyAlwaysFail,				/**	EBTManCreateHostResolverSubSession	*/

    72 	policyLocalServices,			/**	EBTManCreateRegistrySubSession	*/

    73 									/**	EBTManCreateCommPortSettingsSubSession	*/

    74 									/**	EBTManCreateLocalDeviceSubSession	*/

    75 	policyAlwaysPass,				/**	EBTManRegistrySearch	*/

    76 									/**	EBTManExtractRegistryDataIntoServer	*/

    77 									/**	EBTManRetrieveRegistryData	*/

    78 									/**	EBTManCloseSubSession	*/

    79 									/**	EBTManCancelRequest	*/

    80 	policyAlwaysFail,				/**	EBTRegistryRetrieveDevice	*/

    81 	policyAlwaysPass,				/**	EBTRegistryAddDevice	*/

    82 									/**	EBTRegistryGetNamelessDevice	*/

    83 	policyWriteDeviceData,			/**	EBTRegistryModifyBluetoothName	*/

    84 	policyAlwaysPass,				/**	EBTRegistryModifyFriendlyName	*/

    85 	policyWriteDeviceData,			/**	EBTRegistryModifyNamelessDevice	*/

    86 	policyAlwaysPass,				/**	EBTRegistryDeleteDevices	*/

    87 	policyWriteDeviceData,			/**	EBTRegistryDeleteLinkKey	*/

    88 									/**	EBTRegistryUnpairView	*/

    89 	policyAlwaysPass,				/**	EBTRegistryCloseView	*/

    90 									/**	EBTRegistryGetLocalDevice	*/

    91 	policyWriteDeviceData,			/**	EBTRegistryUpdateLocalDevice	*/

    92 	policyAlwaysPass,				/**	EBTRegistryGetCommPortSettings	*/

    93 									/**	EBTRegistryUpdateCommPortSettings	*/

    94 									/**	EBTRegistryDeleteCommPortSettings	*/

    95 	policyAlwaysFail,				/**	EBTHostResolverDeviceRequest	*/

    96 									/**	EBTHostResolverGetNextDeviceRequest	*/

    97 									/**	EBTHostResolverDeviceModifyDevice	*/

    98 									/**	EBTHostResolverNotifyRequest	*/

    99 	policyLocalServices,			/**	EBTManSetHeapFailure	*/

   100 									/**	EBTManSubSessionCount	*/

   101 	policyAlwaysPass,               /** EBTRegistryNotifyViewChange */

   102 	CPolicyServer::ENotSupported	/**	EBTManCreateSecManSubSession	*/

   103 									/**	EBTManCreateSecuritySettingsSubSession	*/

   104 									/**	EBTManCreateBasebandSecuritySubSession	*/

   105 									/**	EBTSecManAccessRequest	*/

   106 									/**	EBTSecuritySettingsRegister	*/

   107 									/**	EBTSecuritySettingsUnregister	*/

   108 									/**	EBTBasebandSecurityLinkKeyRequest	*/

   109 									/**	EBTBasebandSecurityNewLinkKey	*/

   110 									/**	EBTBasebandSecurityPinRequest	*/

   111 									/**	EBTBasebandSecurityNewLinkState	*/

   112 									/**	EBTBasebandSecurityHCIRequestHandler	*/

   113 									/**	EBTBasebandSecurityNameRequestResponse	*/

   114 									/**	...and onwards to KMaxTInt	*/

   115 	};

   116 

   117 /** Individual policy elements */

   118 const CPolicyServer::TPolicyElement KBtmanServerElements[] = 

   119 	{

   120 	/** the EFailClient means that the if the check fails the CheckFailed method with return KErrPermissionDenied */

   121 		{	_INIT_SECURITY_POLICY_FAIL },	/**	policyAlwaysFail	*/

   122 		{	_INIT_SECURITY_POLICY_C1(ECapabilityLocalServices), CPolicyServer::EFailClient },	/**	policyLocalService	*/

   123 	  	{	_INIT_SECURITY_POLICY_PASS },	/**	policyAlwaysPass	*/

   124 	  	{	_INIT_SECURITY_POLICY_C1(ECapabilityWriteDeviceData), CPolicyServer::EFailClient }	/**	policyWriteDevData	*/

   125 	};

   126 

   127 /** Main policy */

   128 const CPolicyServer::TPolicy KBtmanServerPolicy = 

   129 {

   130 CPolicyServer::EAlwaysPass, /** Specifies all connect attempts should pass */

   131 KBtmanServerRangeCount,

   132 KBtmanServerRanges,

   133 KBtmanServerElementsIndex,

   134 KBtmanServerElements,

   135 };

   136 

   137 #endif	//__btmanserversecuritypolicy_h__